[opendnssec/el6] * Fri Sep 21 2012 Paul Wouters <pwouters at redhat.com> - 1.4.0-0.b1.1 - Updated to 1.4.0b1 - Patch to
Paul Wouters
pwouters at fedoraproject.org
Fri Sep 21 21:31:38 UTC 2012
commit 4d395df3c9779cfa6abc7a68c1fb2f0567e351cc
Author: Paul Wouters <pwouters at redhat.com>
Date: Fri Sep 21 17:30:45 2012 -0400
* Fri Sep 21 2012 Paul Wouters <pwouters at redhat.com> - 1.4.0-0.b1.1
- Updated to 1.4.0b1
- Patch to more aggressively try to take lock for resigning
- Patch to give NSEC3PARAM record a TTL=0
.gitignore | 1 +
opendnssec-aggressive-retry.patch | 15 +++++++++++++++
opendnssec.spec | 34 +++++++++++++++++++++-------------
sources | 1 +
4 files changed, 38 insertions(+), 13 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index e69de29..99539eb 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+/opendnssec-1.4.0b1.tar.gz
diff --git a/opendnssec-aggressive-retry.patch b/opendnssec-aggressive-retry.patch
new file mode 100644
index 0000000..b45a2fc
--- /dev/null
+++ b/opendnssec-aggressive-retry.patch
@@ -0,0 +1,15 @@
+diff -Naur opendnssec-1.4.0a3-orig/signer/src/daemon/worker.c opendnssec-1.4.0a3/signer/src/daemon/worker.c
+--- opendnssec-1.4.0a3-orig/signer/src/daemon/worker.c 2012-08-02 16:57:01.000000000 -0400
++++ opendnssec-1.4.0a3/signer/src/daemon/worker.c 2012-08-20 15:41:34.665175565 -0400
+@@ -173,7 +173,11 @@
+ * lets take a small break to not hog CPU.
+ */
+ if (status == ODS_STATUS_UNCHANGED) {
++#if 0
+ worker_wait_timeout_locked(&q->q_lock, &q->q_nonfull, 60);
++#else
++ worker_wait_timeout_locked(&q->q_lock, &q->q_nonfull, 5);
++#endif
+ }
+ lock_basic_unlock(&q->q_lock);
+ }
diff --git a/opendnssec.spec b/opendnssec.spec
index 0c76b56..2ae8606 100644
--- a/opendnssec.spec
+++ b/opendnssec.spec
@@ -1,21 +1,22 @@
-Summary: DNSSEC key and zone management software
+Summary: DNSSEC key and zone management software for CIRA
Name: opendnssec
+Epoch: 10
Version: 1.4.0
-Release: 0.a3%{?dist}.2
+Release: 0.b1%{?dist}.1
License: BSD
Url: http://www.opendnssec.org/
-#Source: http://www.opendnssec.org/files/source/% {name}-% {version}a1.tar.gz
-Source: http://www.opendnssec.org/files/source/testing/%{name}-%{version}a3.tar.gz
+#Source: http://www.opendnssec.org/files/source/% {name}-% {version}.tar.gz
+Source: http://www.opendnssec.org/files/source/testing/%{name}-%{version}b1.tar.gz
Source1: ods-enforcerd.init
Source2: ods-signerd.init
Source3: ods.sysconfig
Source4: conf.xml
-Source5: ods-enforcerd.cron
-Source6: opendnssec-LICENSE
-Patch1: opendnssec-1.4.0a3-cpu.patch
+Source5: opendnssec.cron
+Patch1: opendnssec-aggressive-retry.patch
+Patch2: opendnssec-1.4.0a3-nsec3param.patch
Group: Applications/System
Requires: opencryptoki, softhsm
-BuildRequires: ldns-devel >= 1.6.12, sqlite-devel , openssl-devel
+BuildRequires: ldns-devel >= 1.6.13, sqlite-devel , openssl-devel
BuildRequires: libxml2-devel CUnit-devel, doxygen
Requires(pre): shadow-utils
@@ -25,12 +26,13 @@ It secures zone data just before it is published in an authoritative
name server. It requires a PKCS#11 crypto module library, such as softhsm
%prep
-%setup -q -n %{name}-%{version}a1
+%setup -q -n %{name}-%{version}b1
+%patch1 -p1
+%patch2 -p1
%build
%configure --with-ldns=%{_libdir}
make %{?_smp_mflags}
-cp %{SOURCE6} LICENSE
%check
# Requires sample db not shipped with upstream
@@ -40,10 +42,11 @@ cp %{SOURCE6} LICENSE
rm -rf %{buildroot}
make DESTDIR=%{buildroot} install
mkdir -p %{buildroot}/var/opendnssec/{tmp,signed,signconf}
+mkdir -p %{buildroot}/%{_initrddir}
install -m 0755 %{SOURCE1} %{buildroot}/%{_initrddir}/ods-enforcerd
install -m 0755 %{SOURCE2} %{buildroot}/%{_initrddir}/ods-signerd
install -d -m 0755 %{buildroot}%{_initrddir} %{buildroot}%{_sysconfdir}/cron.d/
-install -m 0644 %{SOURCE5} %{buildroot}/%{_sysconfdir}/cron.d/ods-enforcerd
+install -m 0644 %{SOURCE5} %{buildroot}/%{_sysconfdir}/cron.d/opendnssec
# cleanup sample files
rm -f %{buildroot}/%{_sysconfdir}/opendnssec/*.sample
@@ -63,7 +66,7 @@ mkdir -p %{buildroot}%{_localstatedir}/run/opendnssec
%attr(0660,root,ods) %config(noreplace) %{_sysconfdir}/opendnssec/*.xml
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/ods
%attr(0770,root,ods) %dir %{_localstatedir}/run/opendnssec
-%attr(0644,root,root) %{_sysconfdir}/cron.d/ods-enforcerd
+%attr(0644,root,root) %{_sysconfdir}/cron.d/opendnssec
%doc NEWS README LICENSE
%{_mandir}/*/*
@@ -104,9 +107,14 @@ if [ "$1" -ge "1" ]; then
fi
%changelog
+* Fri Sep 21 2012 Paul Wouters <pwouters at redhat.com> - 1.4.0-0.b1.1
+- Updated to 1.4.0b1
+- Patch to more aggressively try to take lock for resigning
+- Patch to give NSEC3PARAM record a TTL=0
+
* Tue Aug 07 2012 Paul Wouters <pwouters at redhat.com> - 1.4.0-0.a3.2
- Updated to 1.4.0a3
-- Added ods-enforcerd.cron to sync key rollovers over multiple servers
+- Added opendnssec.cron to sync key rollovers over multiple servers
- Removed merged in patch.
- Added patch for cpu lock from trunk
- Don't re-init softhsm on remove+install of opendnssec (as opposed to upgrade)
diff --git a/sources b/sources
index e57d259..78313c5 100644
--- a/sources
+++ b/sources
@@ -1 +1,2 @@
c7e00424dbbf87ccf4667f3b397b0aa1 opendnssec-1.4.0a1.tar.gz
+c5951e833a9414e3cbe575e7c66ee3ee opendnssec-1.4.0b1.tar.gz
More information about the scm-commits
mailing list