summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorpettai <pettai>2010-06-16 00:19:08 +0000
committerpettai <pettai>2010-06-16 00:19:08 +0000
commitee5bdc95b32fe80f814e542afe78ff0cdac08589 (patch)
treeacd20ec42f4f52a77a2779eac3d8700d82cc92ee /security
parent3bf93893fd7a6dc86af593367e138cc3dd574af6 (diff)
downloadpkgsrc-ee5bdc95b32fe80f814e542afe78ff0cdac08589.tar.gz
OpenDNSSEC 1.1.0:
* Partial Auditor added * Dnsruby-1.46 required * Improved error messages when the system runs out of keys * Optimise communication of signconfs for multiple zones sharing keys. Group zones in zonelist.xml by policy to get this benefit. * Bugreport #101: Signer Engine now maintains its own pidfile. * Jitter redefined: now in the range of [-jitter, ..., +jitter] * Optimized sorter: quicksorter (sorter becomes obsolete). * Optimized zone_reader, includes nseccing/nsec3ing (nseccer and nsec3er become obsolete). * Enable database selection using --with-database-backend={sqlite3|mysql} * Enable the EPP-client using --enable-eppclient For sending DS RR to the parent zone (experimental) * Turn NSEC3 OptOut off by default * Install kasp2html XML stylesheet * Add simple kasp2html conversion script * DNSKEY records communicated to an external script if configured * The command 'ods-signer restart' is removed. * Signer Engine now also reuses signatures after a change in NSEC(3) configuration or rolling keys. * Quicksorter defaults to class IN. And a lot of bugfixes...
Diffstat (limited to 'security')
-rw-r--r--security/opendnssec/Makefile21
-rw-r--r--security/opendnssec/PLIST9
-rw-r--r--security/opendnssec/distinfo10
-rw-r--r--security/opendnssec/patches/patch-aa16
4 files changed, 34 insertions, 22 deletions
diff --git a/security/opendnssec/Makefile b/security/opendnssec/Makefile
index 3a236d4997b..b37059828d9 100644
--- a/security/opendnssec/Makefile
+++ b/security/opendnssec/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.2 2010/05/06 14:56:16 pettai Exp $
+# $NetBSD: Makefile,v 1.3 2010/06/16 00:19:08 pettai Exp $
#
-DISTNAME= opendnssec-1.0.0
+DISTNAME= opendnssec-1.1.0
CATEGORIES= security net
MASTER_SITES= http://www.opendnssec.org/files/source/
@@ -10,16 +10,18 @@ HOMEPAGE= http://www.opendnssec.org/
COMMENT= OSS for a fast and easy DNSSEC deployment
LICENSE= 2-clause-bsd
+DEPENDS+= ${PYPKGPREFIX}-expat-[0-9]*:../../textproc/py-expat
DEPENDS+= ${PYPKGPREFIX}-4Suite-[0-9]*:../../textproc/py-4Suite
DEPENDS+= ldns>=1.6.4:../../net/ldns
-DEPENDS+= ${RUBY_PKGPREFIX}-dnsruby>=1.43:../../net/ruby-dnsruby
+DEPENDS+= rubygems:../../misc/rubygems
+DEPENDS+= ${RUBY_PKGPREFIX}-dnsruby>=1.46:../../net/ruby-dnsruby
BUILD_DEPENDS+= CUnit-[0-9]*:../../devel/cunit
PKG_DESTDIR_SUPPORT= user-destdir
BUILD_DEFS+= VARBASE
-USE_TOOLS+= bash gmake perl
+USE_TOOLS+= bash gmake
CONFIG_SHELL= ${BASH}
USE_LANGUAGES= c c++
USE_LIBTOOL= yes
@@ -29,6 +31,17 @@ CONFIGURE_ARGS+= --prefix=${PREFIX:Q}
CONFIGURE_ARGS+= --localstatedir=${VARBASE}
CONFIGURE_ENV+= RUBY=${RUBY}
+ODS_USER?= opendnssec
+ODS_GROUP?= opendnssec
+
+PKG_GROUPS= ${ODS_GROUP}
+PKG_USERS= ${ODS_USER}:${ODS_GROUP}
+PKG_GECOS.${ODS_USER}= OpenDNSSEC user
+PKG_HOME.${ODS_USER}= ${VARBASE}/opendnssec
+PKG_SHELL.${ODS_USER}= ${SH}
+PKG_USERS_VARS+= ODS_USER
+PKG_GROUPS_VARS+= ODS_GROUP
+
EGDIR= ${PREFIX}/share/examples/opendnssec
ODS_SYSCONFDIR= ${PKG_SYSCONFDIR}/opendnssec
diff --git a/security/opendnssec/PLIST b/security/opendnssec/PLIST
index 707ee44627d..a89a7aa60c8 100644
--- a/security/opendnssec/PLIST
+++ b/security/opendnssec/PLIST
@@ -1,7 +1,8 @@
-@comment $NetBSD: PLIST,v 1.1.1.1 2010/05/06 12:50:17 pettai Exp $
+@comment $NetBSD: PLIST,v 1.2 2010/06/16 00:19:08 pettai Exp $
bin/ods-auditor
bin/ods-hsmspeed
bin/ods-hsmutil
+bin/ods-kasp2html
bin/ods-kaspcheck
bin/ods-ksmutil
include/hsmtest.h
@@ -13,6 +14,7 @@ lib/opendnssec/kasp_auditor/auditor.rb
lib/opendnssec/kasp_auditor/config.rb
lib/opendnssec/kasp_auditor/key_tracker.rb
lib/opendnssec/kasp_auditor/parse.rb
+lib/opendnssec/kasp_auditor/partial_auditor.rb
lib/opendnssec/kasp_auditor/preparser.rb
lib/opendnssec/kasp_checker.rb
lib/opendnssec/signer/Engine.py
@@ -41,11 +43,8 @@ libexec/opendnssec/create_dnskey
libexec/opendnssec/finalizer
libexec/opendnssec/get_class
libexec/opendnssec/get_serial
-libexec/opendnssec/nsec3er
-libexec/opendnssec/nseccer
+libexec/opendnssec/quicksorter
libexec/opendnssec/signer
-libexec/opendnssec/signer_threads
-libexec/opendnssec/sorter
libexec/opendnssec/zone_fetcher
libexec/opendnssec/zone_reader
man/man1/ods-auditor.1
diff --git a/security/opendnssec/distinfo b/security/opendnssec/distinfo
index 4eae89ac290..9b2cfc8a2ff 100644
--- a/security/opendnssec/distinfo
+++ b/security/opendnssec/distinfo
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.1.1.1 2010/05/06 12:50:17 pettai Exp $
+$NetBSD: distinfo,v 1.2 2010/06/16 00:19:08 pettai Exp $
-SHA1 (opendnssec-1.0.0.tar.gz) = fc2deb8277753f74807d0a0a335120bce4e656b7
-RMD160 (opendnssec-1.0.0.tar.gz) = e41016fe350f1a0706ea5910841417d6850c69de
-Size (opendnssec-1.0.0.tar.gz) = 2055424 bytes
-SHA1 (patch-aa) = 189bada3d170c621e486f9d0e065fc028902862e
+SHA1 (opendnssec-1.1.0.tar.gz) = 8ee63ab38164d691dfa05fb09c3ffaa1f663c614
+RMD160 (opendnssec-1.1.0.tar.gz) = ed671c275682298a3d4e4b5764877a1c9544260f
+Size (opendnssec-1.1.0.tar.gz) = 2205923 bytes
+SHA1 (patch-aa) = 0007803ca6b323775b7d5e03d5f00c07030e14cc
diff --git a/security/opendnssec/patches/patch-aa b/security/opendnssec/patches/patch-aa
index d9f3cf56cbe..b7d997821d5 100644
--- a/security/opendnssec/patches/patch-aa
+++ b/security/opendnssec/patches/patch-aa
@@ -1,4 +1,4 @@
-$NetBSD: patch-aa,v 1.1.1.1 2010/05/06 12:50:17 pettai Exp $
+$NetBSD: patch-aa,v 1.2 2010/06/16 00:19:08 pettai Exp $
--- conf/Makefile.in.orig 2009-12-19 21:39:52.000000000 +0100
+++ conf/Makefile.in 2009-12-19 21:43:40.000000000 +0100
@@ -10,21 +10,21 @@ $NetBSD: patch-aa,v 1.1.1.1 2010/05/06 12:50:17 pettai Exp $
target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
-@@ -553,19 +554,19 @@
+@@ -540,19 +541,19 @@
(echo "kasp.xml built")
install-data-hook:
-- test -d ${sysconfdir} || mkdir -p ${DESTDIR}${sysconfdir}
-- test -f ${sysconfdir}/conf.xml || \
+- test -d ${DESTDIR}${sysconfdir} || mkdir -p ${DESTDIR}${sysconfdir}
+- test -f ${DESTDIR}${sysconfdir}/conf.xml || \
- ${INSTALL_DATA} -m 0640 ${top_builddir}/conf.xml ${DESTDIR}${sysconfdir}
- ${INSTALL_DATA} -m 640 ${top_builddir}/conf.xml ${DESTDIR}${sysconfdir}/conf.xml.sample
-- test -f ${sysconfdir}/zonelist.xml || \
+- test -f ${DESTDIR}${sysconfdir}/zonelist.xml || \
- ${INSTALL_DATA} ${top_builddir}/zonelist.xml ${DESTDIR}${sysconfdir}
- ${INSTALL_DATA} ${top_builddir}/zonelist.xml ${DESTDIR}${sysconfdir}/zonelist.xml.sample
-- test -f ${sysconfdir}/zonefetch.xml || \
+- test -f ${DESTDIR}${sysconfdir}/zonefetch.xml || \
- ${INSTALL_DATA} -m 0640 ${top_builddir}/zonefetch.xml ${DESTDIR}${sysconfdir}
- ${INSTALL_DATA} -m 640 ${top_builddir}/zonefetch.xml ${DESTDIR}${sysconfdir}/zonefetch.xml.sample
-- test -f ${sysconfdir}/kasp.xml || \
+- test -f ${DESTDIR}${sysconfdir}/kasp.xml || \
- ${INSTALL_DATA} ${top_builddir}/kasp.xml ${DESTDIR}${sysconfdir}
- ${INSTALL_DATA} ${top_builddir}/kasp.xml ${DESTDIR}${sysconfdir}/kasp.xml.sample
+ test -d ${DESTDIR}${EGDIR} || mkdir -p ${DESTDIR}${EGDIR}
@@ -40,6 +40,6 @@ $NetBSD: patch-aa,v 1.1.1.1 2010/05/06 12:50:17 pettai Exp $
+ test -f ${DESTDIR}${EGDIR}/kasp.xml || \
+ ${INSTALL_DATA} ${top_builddir}/kasp.xml ${DESTDIR}${EGDIR}
+ ${INSTALL_DATA} ${top_builddir}/kasp.xml ${DESTDIR}${EGDIR}/kasp.xml.sample
-
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
+ .NOEXPORT:
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-12 17:54:51 +0000