summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/bind/bind_9.11.5.bb
diff options
context:
space:
mode:
authorArmin Kuster <akuster@mvista.com>2019-09-04 22:44:12 -0700
committerArmin Kuster <akuster@mvista.com>2019-09-04 22:46:57 -0700
commit25b2f2c6fc67eabb0e7f0b7c5ffe08c554613c10 (patch)
tree829cd001e6b19871bf06813fc9ef3a7262694eb9 /meta/recipes-connectivity/bind/bind_9.11.5.bb
parent16f4520f5cb581eb93bd3f0e3aa1feecc5c567ba (diff)
downloadopenembedded-core-contrib-25b2f2c6fc67eabb0e7f0b7c5ffe08c554613c10.tar.gz
openembedded-core-contrib-25b2f2c6fc67eabb0e7f0b7c5ffe08c554613c10.tar.bz2
openembedded-core-contrib-25b2f2c6fc67eabb0e7f0b7c5ffe08c554613c10.zip
bind: update to latest LTS 9.11.5
Source: bind.org MR: 99750 Type: Security Fix Disposition: Backport from bind.org ChangeID: bca5c436229f1b8c7e8eb3e45fc6188ffdb5e224 Description: includes: CVE-2018-5738 drop patch for CVE-2018-5740 now included in update see: https://ftp.isc.org/isc/bind9/9.11.5/RELEASE-NOTES-bind-9.11.5.html Add RECIPE_NO_UPDATE_REASON for lts Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Also includes CVE-2018-5740] Signed-off-by: Armin Kuster <akuster@mvista.com>
Diffstat (limited to 'meta/recipes-connectivity/bind/bind_9.11.5.bb')
-rw-r--r--meta/recipes-connectivity/bind/bind_9.11.5.bb137
1 files changed, 137 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/bind/bind_9.11.5.bb b/meta/recipes-connectivity/bind/bind_9.11.5.bb
new file mode 100644
index 0000000000..21e979fd9c
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind_9.11.5.bb
@@ -0,0 +1,137 @@
+SUMMARY = "ISC Internet Domain Name Server"
+HOMEPAGE = "http://www.isc.org/sw/bind/"
+SECTION = "console/network"
+
+LICENSE = "ISC & BSD"
+LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=6ba7c9fe0c888a943c79c93e6de744fb"
+
+DEPENDS = "openssl libcap zlib"
+
+SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
+ file://conf.patch \
+ file://named.service \
+ file://bind9 \
+ file://generate-rndc-key.sh \
+ file://make-etc-initd-bind-stop-work.patch \
+ file://init.d-add-support-for-read-only-rootfs.patch \
+ file://bind-ensure-searching-for-json-headers-searches-sysr.patch \
+ file://0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch \
+ file://0001-lib-dns-gen.c-fix-too-long-error.patch \
+ file://0001-configure.in-remove-useless-L-use_openssl-lib.patch \
+ file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \
+ file://0001-avoid-start-failure-with-bind-user.patch \
+"
+
+SRC_URI[md5sum] = "17a0d02102117c9a221e857cf2cc8157"
+SRC_URI[sha256sum] = "a4cae11dad954bdd4eb592178f875bfec09fcc7e29fe0f6b7a4e5b5c6bc61322"
+
+UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/"
+UPSTREAM_CHECK_REGEX = "(?P<pver>9(\.\d+)+(-P\d+)*)/"
+RECIPE_NO_UPDATE_REASON = "9.11 is LTS 2021"
+
+inherit autotools update-rc.d systemd useradd pkgconfig multilib_script
+
+MULTILIB_SCRIPTS = "${PN}:${bindir}/bind9-config ${PN}:${bindir}/isc-config.sh"
+
+# PACKAGECONFIGs readline and libedit should NOT be set at same time
+PACKAGECONFIG ?= "readline"
+PACKAGECONFIG[httpstats] = "--with-libxml2=${STAGING_DIR_HOST}${prefix},--without-libxml2,libxml2"
+PACKAGECONFIG[readline] = "--with-readline=-lreadline,,readline"
+PACKAGECONFIG[libedit] = "--with-readline=-ledit,,libedit"
+PACKAGECONFIG[urandom] = "--with-randomdev=/dev/urandom,--with-randomdev=/dev/random,,"
+PACKAGECONFIG[python3] = "--with-python=${PYTHON} --with-python-install-dir=${D}/${PYTHON_SITEPACKAGES_DIR} , --without-python, python3-ply-native,"
+
+ENABLE_IPV6 = "--enable-ipv6=${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'yes', 'no', d)}"
+EXTRA_OECONF = " ${ENABLE_IPV6} --with-libtool --enable-threads \
+ --disable-devpoll --enable-epoll --with-gost=no \
+ --with-gssapi=no --with-ecdsa=yes --with-eddsa=no \
+ --with-lmdb=no \
+ --sysconfdir=${sysconfdir}/bind \
+ --with-openssl=${STAGING_DIR_HOST}${prefix} \
+ "
+
+inherit ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3native distutils3-base', '', d)}
+
+# dhcp needs .la so keep them
+REMOVE_LIBTOOL_LA = "0"
+
+USERADD_PACKAGES = "${PN}"
+USERADD_PARAM_${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \
+ --user-group bind"
+
+INITSCRIPT_NAME = "bind"
+INITSCRIPT_PARAMS = "defaults"
+
+SYSTEMD_SERVICE_${PN} = "named.service"
+
+do_install_prepend() {
+ # clean host path in isc-config.sh before the hardlink created
+ # by "make install":
+ # bind9-config -> isc-config.sh
+ sed -i -e "s,${STAGING_LIBDIR},${libdir}," ${B}/isc-config.sh
+}
+
+do_install_append() {
+
+ rm "${D}${bindir}/nslookup"
+ rm "${D}${mandir}/man1/nslookup.1"
+ rmdir "${D}${localstatedir}/run"
+ rmdir --ignore-fail-on-non-empty "${D}${localstatedir}"
+ install -d -o bind "${D}${localstatedir}/cache/bind"
+ install -d "${D}${sysconfdir}/bind"
+ install -d "${D}${sysconfdir}/init.d"
+ install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/"
+ install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind"
+ if ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'true', 'false', d)}; then
+ sed -i -e '1s,#!.*python3,#! /usr/bin/python3,' \
+ ${D}${sbindir}/dnssec-coverage \
+ ${D}${sbindir}/dnssec-checkds \
+ ${D}${sbindir}/dnssec-keymgr
+ fi
+
+ # Install systemd related files
+ install -d ${D}${sbindir}
+ install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir}
+ install -d ${D}${systemd_unitdir}/system
+ install -m 0644 ${WORKDIR}/named.service ${D}${systemd_unitdir}/system
+ sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \
+ -e 's,@SBINDIR@,${sbindir},g' \
+ ${D}${systemd_unitdir}/system/named.service
+
+ install -d ${D}${sysconfdir}/default
+ install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default
+
+ if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
+ install -d ${D}${sysconfdir}/tmpfiles.d
+ echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf
+ fi
+}
+
+CONFFILES_${PN} = " \
+ ${sysconfdir}/bind/named.conf \
+ ${sysconfdir}/bind/named.conf.local \
+ ${sysconfdir}/bind/named.conf.options \
+ ${sysconfdir}/bind/db.0 \
+ ${sysconfdir}/bind/db.127 \
+ ${sysconfdir}/bind/db.empty \
+ ${sysconfdir}/bind/db.local \
+ ${sysconfdir}/bind/db.root \
+ "
+
+PACKAGE_BEFORE_PN += "${PN}-utils"
+FILES_${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig"
+FILES_${PN}-dev += "${bindir}/isc-config.h"
+FILES_${PN} += "${sbindir}/generate-rndc-key.sh"
+
+PACKAGE_BEFORE_PN += "${PN}-libs"
+FILES_${PN}-libs = "${libdir}/*.so*"
+FILES_${PN}-staticdev += "${libdir}/*.la"
+
+PACKAGE_BEFORE_PN += "${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3-bind', '', d)}"
+FILES_python3-bind = "${sbindir}/dnssec-coverage ${sbindir}/dnssec-checkds \
+ ${sbindir}/dnssec-keymgr ${PYTHON_SITEPACKAGES_DIR}"
+
+RDEPENDS_${PN} = "bash"
+RDEPENDS_${PN}-utils = "bash"
+RDEPENDS_${PN}-dev = ""
+RDEPENDS_python3-bind = "python3-core python3-ply"