From 1a3db4cee3e0ac45438eae3a274bf4eda6542dc5 Mon Sep 17 00:00:00 2001 From: he Date: Wed, 20 Aug 2008 09:55:38 +0000 Subject: Import p5-Net-DNS-SEC-Maint-Key version 0.013. This is the RIPE NCC DNSSEC Key Management tools, described at https://www.ripe.net/projects/disi/dnssec_maint_tool/ This class implements an interface to a database of private keys used during DNSSEC administration. This package includes some diffs to the self-tests, so that they pass. --- security/p5-Net-DNS-SEC-Maint-Key/DESCR | 2 + security/p5-Net-DNS-SEC-Maint-Key/Makefile | 35 ++++ security/p5-Net-DNS-SEC-Maint-Key/PLIST | 4 + security/p5-Net-DNS-SEC-Maint-Key/distinfo | 8 + security/p5-Net-DNS-SEC-Maint-Key/patches/patch-aa | 194 +++++++++++++++++++++ security/p5-Net-DNS-SEC-Maint-Key/patches/patch-ab | 37 ++++ security/p5-Net-DNS-SEC-Maint-Key/patches/patch-ac | 10 ++ 7 files changed, 290 insertions(+) create mode 100644 security/p5-Net-DNS-SEC-Maint-Key/DESCR create mode 100644 security/p5-Net-DNS-SEC-Maint-Key/Makefile create mode 100644 security/p5-Net-DNS-SEC-Maint-Key/PLIST create mode 100644 security/p5-Net-DNS-SEC-Maint-Key/distinfo create mode 100644 security/p5-Net-DNS-SEC-Maint-Key/patches/patch-aa create mode 100644 security/p5-Net-DNS-SEC-Maint-Key/patches/patch-ab create mode 100644 security/p5-Net-DNS-SEC-Maint-Key/patches/patch-ac diff --git a/security/p5-Net-DNS-SEC-Maint-Key/DESCR b/security/p5-Net-DNS-SEC-Maint-Key/DESCR new file mode 100644 index 00000000000..ba0988a4839 --- /dev/null +++ b/security/p5-Net-DNS-SEC-Maint-Key/DESCR @@ -0,0 +1,2 @@ +This class implements an interface to a database of private keys used +during DNSSEC administration. The class implements the Key object. diff --git a/security/p5-Net-DNS-SEC-Maint-Key/Makefile b/security/p5-Net-DNS-SEC-Maint-Key/Makefile new file mode 100644 index 00000000000..d0cde92dc72 --- /dev/null +++ b/security/p5-Net-DNS-SEC-Maint-Key/Makefile @@ -0,0 +1,35 @@ +# $NetBSD: Makefile,v 1.1.1.1 2008/08/20 09:55:38 he Exp $ +# + +DISTNAME= Net-DNS-SEC-Maint-Key-0.013 +PKGNAME= p5-${DISTNAME} +SVR4_PKGNAME= p5dsk +CATEGORIES= security net perl5 +MASTER_SITES= http://www.ripe.net/disi/dnssec_maint_tool/ + +MAINTAINER= pkgsrc-users@NetBSD.org +HOMEPAGE= http://www.ripe.net/disi/dnssec_maint_tool/ +COMMENT= DNSSEC key and key-set maintenance classes and tool + +PKG_DESTDIR_SUPPORT= user-destdir + +DEPENDS+= p5-Net-DNS>=0.44:../../net/p5-Net-DNS +DEPENDS+= p5-Net-DNS-SEC>=0.12:../../security/p5-Net-DNS-SEC +DEPENDS+= p5-IO-LockedFile-[0-9]*:../../devel/p5-IO-LockedFile +DEPENDS+= p5-Log-Log4perl-[0-9]*:../../devel/p5-Log-Log4perl +DEPENDS+= p5-Term-ReadLine>=1.12:../../devel/p5-Term-ReadLine + +PERL5_PACKLIST= auto/Net/DNS/SEC/Maint/Key/.packlist + +REPLACE_PERL= apps/dnssecmaint-config +REPLACE_PERL+= apps/dnssecmaint-copyprivate +REPLACE_PERL+= apps/maintkeydb + +post-install: + for s in dnssecmaint-config dnssecmaint-copyprivate maintkeydb; do \ + ${INSTALL_SCRIPT} ${WRKSRC}/blib/script/$$s \ + ${DESTDIR}/${PREFIX}/bin; \ + done + +.include "../../lang/perl5/module.mk" +.include "../../mk/bsd.pkg.mk" diff --git a/security/p5-Net-DNS-SEC-Maint-Key/PLIST b/security/p5-Net-DNS-SEC-Maint-Key/PLIST new file mode 100644 index 00000000000..bdeb066b33f --- /dev/null +++ b/security/p5-Net-DNS-SEC-Maint-Key/PLIST @@ -0,0 +1,4 @@ +@comment $NetBSD: PLIST,v 1.1.1.1 2008/08/20 09:55:38 he Exp $ +bin/dnssecmaint-config +bin/dnssecmaint-copyprivate +bin/maintkeydb diff --git a/security/p5-Net-DNS-SEC-Maint-Key/distinfo b/security/p5-Net-DNS-SEC-Maint-Key/distinfo new file mode 100644 index 00000000000..f2b1c96ab7a --- /dev/null +++ b/security/p5-Net-DNS-SEC-Maint-Key/distinfo @@ -0,0 +1,8 @@ +$NetBSD: distinfo,v 1.1.1.1 2008/08/20 09:55:38 he Exp $ + +SHA1 (Net-DNS-SEC-Maint-Key-0.013.tar.gz) = 3e5de235dd85040e643c85219385f402492d9964 +RMD160 (Net-DNS-SEC-Maint-Key-0.013.tar.gz) = 2a2838720047a25576ea71b19d8ca278c33393b9 +Size (Net-DNS-SEC-Maint-Key-0.013.tar.gz) = 587778 bytes +SHA1 (patch-aa) = d96868564dce7bc535c6446a9f98d00e9e663cab +SHA1 (patch-ab) = a86ffc9b793d100c07ca5e4a812a73fedbcf883c +SHA1 (patch-ac) = 38cf6a05669378910666fb181a5cb7c50701bced diff --git a/security/p5-Net-DNS-SEC-Maint-Key/patches/patch-aa b/security/p5-Net-DNS-SEC-Maint-Key/patches/patch-aa new file mode 100644 index 00000000000..8719aeba93a --- /dev/null +++ b/security/p5-Net-DNS-SEC-Maint-Key/patches/patch-aa @@ -0,0 +1,194 @@ +$NetBSD: patch-aa,v 1.1.1.1 2008/08/20 09:55:38 he Exp $ + +--- t/01-key.t.orig 2005-06-24 16:44:01.000000000 +0200 ++++ t/01-key.t +@@ -75,8 +75,11 @@ if (!defined $gid){ + + diag ("The tests depend on dnssec-keygen and the openssl command to be in your path"); + ++our $nokeygen; + +-my $nokeygen=0; ++BEGIN { ++ ++our $nokeygen=0; + my $noopenssl=0; + + my $dnssec_keygen_path; +@@ -136,19 +139,16 @@ if ($nokeygen){ + plan skip_all => "critical programs not found"; + exit; + }else{ +- plan tests=>70; +- +- ok(1,"Ready to test"); # test 1 (otherwise the numbering is messed up). +- ++ plan tests=>71; + } + +- ++}; + + + + BEGIN {use_ok('Net::DNS::SEC::Maint::Key'); + }; +- ++ # test 1 + + + +@@ -337,35 +337,35 @@ is ( $activekeys[0]->get_keypath,"t/keyd + + + # More state tests +-$key->fetch("dacht.net","RSASHA1","21827"),0,"key fetched succesful"; ++is ($key->fetch("dacht.net","RSASHA1","21827"),0,"key fetched succesful"); # test 39 + + is ($key->get_keypath,"t/keydb/dacht.net/Kdacht.net.+005+21827.private","get_keypath returns the proper path"); +- #test 39 ++ #test 40 + + + ok ($key->is_ksk,"Key is key signing key"); +- #test 40 +-ok ($key->is_inactive,"Key is inactive"); + #test 41 ++ok ($key->is_inactive,"Key is inactive"); ++ #test 42 + + is ($key->set_active,1,"Toggling worked"); +- #test 42 ++ #test 43 + + ok ( $key->is_active,"Key is active"); +- #test 43 ++ #test 44 + + ok (! $key->is_inactive,"Key is active, thus not inactive"); +- #test 44 ++ #test 45 + + ok (! $key->is_published,"Key is active, thus not published"); + +- #test 45 ++ #test 46 + + is ($key->set_inactive,1,"Set inactive"); +- #test 46 ++ #test 47 + + ok (! $key->is_active,"Key is active"); +- #test 47 ++ #test 48 + + + +@@ -373,22 +373,22 @@ ok (! $key->is_active,"Key is active"); + + is ($key->set_published,1,"Toggling worked"); + +- #test 48 ++ #test 49 + + ok ( $key->is_published,"Key is published"); +- #test 49 ++ #test 50 + + ok (! $key->is_active,"Key is published, thus not active"); +- #test 50 ++ #test 51 + + ok (! $key->is_inactive,"Key is published, thus not published"); +- #test 51 ++ #test 52 + + is ($key->set_inactive,1,"Set inactive"); +- #test 52 ++ #test 53 + + ok ($key->is_inactive,"Key is not active"); +- #test 53 ++ #test 54 + + my $keyset1="dacht.net. 3600 IN KEY 256 3 3 ( + ANkBgSfpnbjsgbjKibnBAB3OYb2r7EblxCKF +@@ -422,9 +422,9 @@ dacht.net. 3600 IN KEY 256 3 5 ( + + + is( $key->get_keyset("dacht.net"), $keyset1, "getkeyset returns expected keys as well"); +- #test 54 +-is ($key->set_published,1,"Non trivial toggling worked again"); + #test 55 ++is ($key->set_published,1,"Non trivial toggling worked again"); ++ #test 56 + + my $keyset2="dacht.net. 3600 IN KEY 256 3 3 ( + ANkBgSfpnbjsgbjKibnBAB3OYb2r7EblxCKF +@@ -462,28 +462,28 @@ dacht.net. 3600 IN KEY 256 3 5 ( + ) ; Key ID = 21827 + "; + is( $key->get_keyset("dacht.net"), $keyset2, "getkeyset returns published keys as well"); +- #test 56 ++ #test 57 + + + + + is ($key->set_inactive,1,"Non trivial toggling worked again"); +- #test 57 ++ #test 58 + + ok ( $key->is_inactive,"Key is inactive"); +- #test 58 ++ #test 59 + + ok (! $key->is_active,"Key is inactive, thus not active"); +- #test 59 ++ #test 60 + + ok (! $key->is_published,"Key is inactive, thus not published"); +- #test 60 ++ #test 61 + +-ok ( $key->is_algorithm("RSASHA1"),"Key is proper algorithm"); # test 61 +-ok ( $key->is_algorithm(5),"Key is proper algorithm"); # test 62 +-ok ( ! $key->is_algorithm("RSA"),"is_algorithm (\"RSA\")"); # test 63 +-ok ( ! $key->is_algorithm("DSA"),"is_algorithm (\"DSA\")"); # test 64 +-ok ( ! $key->is_algorithm("CRYPTSAM"),"is_algorithm (\"CRYPTSAM\")"); # test 65 ++ok ( $key->is_algorithm("RSASHA1"),"Key is proper algorithm"); # test 62 ++ok ( $key->is_algorithm(5),"Key is proper algorithm"); # test 63 ++ok ( ! $key->is_algorithm("RSA"),"is_algorithm (\"RSA\")"); # test 64 ++ok ( ! $key->is_algorithm("DSA"),"is_algorithm (\"DSA\")"); # test 65 ++ok ( ! $key->is_algorithm("CRYPTSAM"),"is_algorithm (\"CRYPTSAM\")"); # test 66 + + + +@@ -496,22 +496,22 @@ SKIP: { + $key3->create("bla.foo","RSASHA1",768,"zonesigning"); + my @keyarray2; + is (@keyarray2=$key3->get_all("bla.foo"),2,"two keys for bla.foo returned"); +- #test 66 ++ #test 67 + my @activekeys; + is ( @activekeys=$key3->get_active("bla.foo"),1,"One activekey for bla.foo"); +- #test 67 ++ #test 68 + + $activekeys[0]->set_rollover; + ok ( $activekeys[0]->is_rollover,"Key has rollover attribute set"); + +- #test 68 ++ #test 69 + + $activekeys[0]->set_inactive; + ok ( $activekeys[0]->is_inactive,"Key is inactive"); +- #test 69 ++ #test 70 + $activekeys[0]->set_active; + ok ( $activekeys[0]->is_active,"Key is active"); +- #test 70 ++ #test 71 + } + + diff --git a/security/p5-Net-DNS-SEC-Maint-Key/patches/patch-ab b/security/p5-Net-DNS-SEC-Maint-Key/patches/patch-ab new file mode 100644 index 00000000000..20ec59f6b3e --- /dev/null +++ b/security/p5-Net-DNS-SEC-Maint-Key/patches/patch-ab @@ -0,0 +1,37 @@ +$NetBSD: patch-ab,v 1.1.1.1 2008/08/20 09:55:38 he Exp $ + +--- t/02-rollover.t.orig 2005-06-24 10:39:30.000000000 +0200 ++++ t/02-rollover.t +@@ -44,12 +44,18 @@ rmdir "t/keydb/bla.foo"; + + diag ("The tests depend on dnssec-keygen and the openssl command to be in your path"); + ++our $nokeygen; ++our $openssl_path; ++our $dnssec_keygen_path; + +-my $nokeygen=0; ++BEGIN { ++ ++ ++our $nokeygen=0; + my $noopenssl=0; + +-my $dnssec_keygen_path; +-my $openssl_path; ++our $dnssec_keygen_path; ++our $openssl_path; + use Shell qw (which); + $dnssec_keygen_path = which("dnssec-keygen"); + $dnssec_keygen_path =~ s/\s+$//; +@@ -105,8 +111,9 @@ if ($nokeygen){ + plan skip_all => "critical programs not found"; + exit; + }else{ +- plan tests=>20; ++ plan tests=>22; + } ++}; + + + diff --git a/security/p5-Net-DNS-SEC-Maint-Key/patches/patch-ac b/security/p5-Net-DNS-SEC-Maint-Key/patches/patch-ac new file mode 100644 index 00000000000..94e703de54a --- /dev/null +++ b/security/p5-Net-DNS-SEC-Maint-Key/patches/patch-ac @@ -0,0 +1,10 @@ +$NetBSD: patch-ac,v 1.1.1.1 2008/08/20 09:55:38 he Exp $ + +--- apps/maintkeydb.orig 2005-05-24 16:35:47.000000000 +0200 ++++ apps/maintkeydb +@@ -1,4 +1,3 @@ +-#!/usr/local/bin/perl -Iblib/lib +-#!/usr/local/bin/perl -wT -Iblib/lib ++#!/usr/local/bin/perl + + -- cgit v1.2.3