From e87e23e5335f25ef92fc8eb6ee2b21c7c68462cc Mon Sep 17 00:00:00 2001 From: jakob Date: Sat, 25 Jan 2003 14:14:37 +0000 Subject: [PATCH] split into -libs and -server packages sync patches with OpenBSD-current use autoconf to regenerate configure script do not installed examples (soon part of base) remove the bind9-{enable,disable} scripts --- net/bind9/Makefile | 45 ++--- net/bind9/distinfo | 6 +- net/bind9/files/bind9-disable | 89 --------- net/bind9/files/bind9-enable | 143 -------------- net/bind9/files/named.conf | 47 ----- net/bind9/files/named.localhost | 14 -- net/bind9/files/named.loopback | 14 -- net/bind9/files/named.root | 81 -------- net/bind9/patches/gcc-lib_isc_Makefile_in | 13 -- net/bind9/patches/patch-acconfig_h | 23 +++ net/bind9/patches/patch-bin_dig_dig_c | 31 +++ net/bind9/patches/patch-bin_dig_dighost_c | 37 ++++ .../patch-bin_named_include_named_globals_h | 31 +++ net/bind9/patches/patch-bin_named_main_c | 88 +++++++++ net/bind9/patches/patch-bin_named_server_c | 60 ++++++ .../patch-bin_named_unix_include_named_os_h | 32 ++++ net/bind9/patches/patch-bin_named_unix_os_c | 181 ++++++++++++++++++ net/bind9/patches/patch-bin_rndc_rndc_c | 30 +++ net/bind9/patches/patch-bin_tests_Makefile_in | 30 +++ net/bind9/patches/patch-bin_tests_genrandom_c | 19 ++ net/bind9/patches/patch-bin_tests_lcg_test_c | 50 +++++ net/bind9/patches/patch-config_h_in | 23 +++ net/bind9/patches/patch-configure_in | 27 +++ net/bind9/patches/patch-lib_dns_Makefile_in | 15 ++ net/bind9/patches/patch-lib_dns_dispatch_c | 83 ++++++++ net/bind9/patches/patch-lib_dns_rdataset_c | 16 ++ net/bind9/patches/patch-lib_isc_Makefile_in | 21 ++ .../patch-lib_isc_include_isc_Makefile_in | 12 ++ .../patches/patch-lib_isc_include_isc_lcg_h | 102 ++++++++++ net/bind9/patches/patch-lib_isc_lcg_c | 177 +++++++++++++++++ net/bind9/patches/patch-lib_isc_lfsr_c | 12 ++ net/bind9/patches/patch-lib_isc_random_c | 47 +++++ net/bind9/patches/patch-lib_isc_sha1_c | 107 +++++++++++ net/bind9/patches/patch-openssl | 42 ---- net/bind9/pkg/DEINSTALL | 9 - net/bind9/pkg/DESCR | 7 +- net/bind9/pkg/DESCR-server | 11 ++ net/bind9/pkg/PFRAG.shared | 6 +- net/bind9/pkg/PLIST | 64 +------ net/bind9/pkg/PLIST-server | 50 +++++ 40 files changed, 1346 insertions(+), 549 deletions(-) delete mode 100644 net/bind9/files/bind9-disable delete mode 100644 net/bind9/files/bind9-enable delete mode 100644 net/bind9/files/named.conf delete mode 100644 net/bind9/files/named.localhost delete mode 100644 net/bind9/files/named.loopback delete mode 100644 net/bind9/files/named.root delete mode 100644 net/bind9/patches/gcc-lib_isc_Makefile_in create mode 100644 net/bind9/patches/patch-acconfig_h create mode 100644 net/bind9/patches/patch-bin_dig_dig_c create mode 100644 net/bind9/patches/patch-bin_dig_dighost_c create mode 100644 net/bind9/patches/patch-bin_named_include_named_globals_h create mode 100644 net/bind9/patches/patch-bin_named_main_c create mode 100644 net/bind9/patches/patch-bin_named_server_c create mode 100644 net/bind9/patches/patch-bin_named_unix_include_named_os_h create mode 100644 net/bind9/patches/patch-bin_named_unix_os_c create mode 100644 net/bind9/patches/patch-bin_rndc_rndc_c create mode 100644 net/bind9/patches/patch-bin_tests_Makefile_in create mode 100644 net/bind9/patches/patch-bin_tests_genrandom_c create mode 100644 net/bind9/patches/patch-bin_tests_lcg_test_c create mode 100644 net/bind9/patches/patch-config_h_in create mode 100644 net/bind9/patches/patch-configure_in create mode 100644 net/bind9/patches/patch-lib_dns_Makefile_in create mode 100644 net/bind9/patches/patch-lib_dns_dispatch_c create mode 100644 net/bind9/patches/patch-lib_dns_rdataset_c create mode 100644 net/bind9/patches/patch-lib_isc_Makefile_in create mode 100644 net/bind9/patches/patch-lib_isc_include_isc_Makefile_in create mode 100644 net/bind9/patches/patch-lib_isc_include_isc_lcg_h create mode 100644 net/bind9/patches/patch-lib_isc_lcg_c create mode 100644 net/bind9/patches/patch-lib_isc_lfsr_c create mode 100644 net/bind9/patches/patch-lib_isc_random_c create mode 100644 net/bind9/patches/patch-lib_isc_sha1_c delete mode 100644 net/bind9/patches/patch-openssl delete mode 100644 net/bind9/pkg/DEINSTALL create mode 100644 net/bind9/pkg/DESCR-server create mode 100644 net/bind9/pkg/PLIST-server diff --git a/net/bind9/Makefile b/net/bind9/Makefile index 5b5e19bf793..8c974bc294b 100644 --- a/net/bind9/Makefile +++ b/net/bind9/Makefile @@ -1,10 +1,14 @@ -# $OpenBSD: Makefile,v 1.38 2003/01/21 17:29:09 jakob Exp $ +# $OpenBSD: Makefile,v 1.39 2003/01/25 14:14:37 jakob Exp $ -COMMENT= Berkeley Internet Name Daemon +COMMENT= ISC BIND 9 libraries +COMMENT-server= ISC BIND 9 server -VERSION= 9.2.1 +VERSION= 9.2.2rc1 DISTNAME= bind-${VERSION} -PKGNAME= bind-${VERSION}p1 + +FULLPKGNAME= bind-lib-${VERSION} +PKGNAME-server= bind-server-${VERSION} + CATEGORIES= net MASTER_SITES+= ftp://ftp.isc.org/isc/bind9/${VERSION}/ \ @@ -23,26 +27,29 @@ PERMIT_PACKAGE_FTP= Yes PERMIT_DISTFILES_CDROM= Yes PERMIT_DISTFILES_FTP= Yes -# XXX workaround gcc bugs on sparc64 -.if ${MACHINE_ARCH:Msparc64} -PATCH_LIST= gcc-* patch-* -.endif - SEPARATE_BUILD= concurrent -CONFIGURE_STYLE= gnu +CONFIGURE_STYLE= autoconf CONFIGURE_ARGS+= --with-libtool ${CONFIGURE_SHARED} \ --localstatedir=/var \ --disable-libbind \ - --with-openssl="/usr" \ + --with-openssl=/usr \ --with-randomdev=/dev/arandom +AUTOCONF_NEW= Yes MODGNU_CONFIG_GUESS_DIRS= ${WRKSRC} REGRESS_TARGET= test +MULTI_PACKAGES= -server +SUBPACKAGE?= + FLAVORS= static threads FLAVOR?= +.if ${SUBPACKAGE} == "-server" && ${FLAVOR} != "static" +RUN_DEPENDS= :bind-libs-*:net/bind9 +.endif + .if ${FLAVOR:L:Mstatic} CFLAGS+= "-static" NO_SHARED_LIBS= Yes @@ -54,28 +61,18 @@ CONFIGURE_ARGS+= --enable-threads CONFIGURE_ARGS+= --disable-threads .endif -EXAMPLEFILES= named.conf named.root \ - named.localhost named.loopback - MISCDOCFILES= dnssec ipv6 migration migration-4to9 \ options rfc-compliance roadmap sdb +post-extract: + rm -fr ${WRKSRC}/lib/bind + post-install: ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/bind9/arm ${INSTALL_DATA_DIR} ${PREFIX}/share/doc/bind9/misc - ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/bind9 ${INSTALL_DATA} ${WRKSRC}/doc/arm/*.html ${PREFIX}/share/doc/bind9/arm -.for file in ${EXAMPLEFILES} - ${INSTALL_DATA} ${FILESDIR}/${file} ${PREFIX}/share/examples/bind9 -.endfor .for file in ${MISCDOCFILES} ${INSTALL_DATA} ${WRKSRC}/doc/misc/${file} ${PREFIX}/share/doc/bind9/misc .endfor -.for file in bind9-enable bind9-disable - @sed s,y0y0y0,${TRUEPREFIX}, < ${FILESDIR}/${file} > \ - ${PREFIX}/sbin/${file} - @chmod 555 ${PREFIX}/sbin/${file} - @chown root:wheel ${PREFIX}/sbin/${file} -.endfor .include diff --git a/net/bind9/distinfo b/net/bind9/distinfo index 72139c2c52e..7cdcec8d738 100644 --- a/net/bind9/distinfo +++ b/net/bind9/distinfo @@ -1,3 +1,3 @@ -MD5 (bind-9.2.1.tar.gz) = 692cff6f44e006ce6984b2c286949dd1 -RMD160 (bind-9.2.1.tar.gz) = b364f2a09b0ab7346f8a1abcee776450642f6536 -SHA1 (bind-9.2.1.tar.gz) = 6ea711ce3b786b3c5fab89273b4132061745c846 +MD5 (bind-9.2.2rc1.tar.gz) = e591be8890c53845133577ac7e042fb6 +RMD160 (bind-9.2.2rc1.tar.gz) = ae607a8ee7080460896d36ab288688c02e1ff316 +SHA1 (bind-9.2.2rc1.tar.gz) = 2d1d980a2d55adb744288bb25eb0d94b14535da1 diff --git a/net/bind9/files/bind9-disable b/net/bind9/files/bind9-disable deleted file mode 100644 index f5213ea29bd..00000000000 --- a/net/bind9/files/bind9-disable +++ /dev/null @@ -1,89 +0,0 @@ -#!/bin/sh -# -# $OpenBSD: bind9-disable,v 1.4 2001/12/16 23:19:16 jakob Exp $ -# -# this script disables BIND v9 by removing links created by -# bind9-enable. - -PREFIX=y0y0y0 -BINDIR=/usr/sbin - -if [ `id -u` -ne 0 ]; then - echo "You must be root to run this script." - exit -fi - -echo "This script will remove BIND v9 links from $BINDIR" -echo "" -echo -n "Are you sure you want to do this (y/[n])? " - -read answer -echo "" - -if [ X$answer != Xy ]; then - echo "exit" - exit -fi - -if [ ! -e /usr/sbin/lwresd ]; then - echo "BIND v9 not enabled, script terminated." - exit -fi - -###################################################################### -echo "Removing BIND v9 links:" - -for link in \ - dig host nslookup nsupdate \ - named rndc lwresd \ - dnssec-keygen dnssec-makekeyset dnssec-signkey dnssec-signzone \ - named-checkconf named-checkzone \ - rndc-confgen -do - if [ -L $BINDIR/$link ]; then - echo " $link" - rm -f $BINDIR/$link - fi -done - -echo "" -echo done. - -###################################################################### -if [ ! -e /usr/sbin/named.dist ]; then - echo "Couldn't find saved BIND v4 files, saved files not restored." - exit -else - echo "Trying to restore BIND v4 files:" - - for file in \ - /usr/sbin/addr \ - /usr/sbin/dig \ - /usr/sbin/dnsquery \ - /usr/sbin/host \ - /usr/sbin/named \ - /usr/sbin/named.reload \ - /usr/sbin/named.restart \ - /usr/sbin/ndc \ - /usr/sbin/nslookup \ - /usr/share/man/cat1/dig.0 \ - /usr/share/man/cat1/dnsquery.0 \ - /usr/share/man/cat1/host.0 \ - /usr/share/man/cat8/named-xfer.0 \ - /usr/share/man/cat8/named.0 \ - /usr/share/man/cat8/named.reload.0 \ - /usr/share/man/cat8/named.restart.0 \ - /usr/share/man/cat8/ndc.0 \ - /usr/share/man/cat8/nslookup.0 \ - /usr/share/misc/nslookup.help \ - /var/named/named-xfer - do - if [ -e $file.dist ]; then - echo " $file" - mv $file.dist $file - fi - done - - echo "" - echo done. -fi diff --git a/net/bind9/files/bind9-enable b/net/bind9/files/bind9-enable deleted file mode 100644 index e6276cb516e..00000000000 --- a/net/bind9/files/bind9-enable +++ /dev/null @@ -1,143 +0,0 @@ -#!/bin/sh -# -# $OpenBSD: bind9-enable,v 1.10 2001/12/16 23:19:16 jakob Exp $ -# -# this script replaces OpenBSD named files with the corresponding -# files from BIND v9. - -PREFIX=y0y0y0 -BINDIR=/usr/sbin -CHROOT=/var/named -config=${CHROOT}/etc/named.conf - -if [ `id -u` -ne 0 ]; then - echo "You must be root to run this script." - exit -fi - -echo "This script will replace OpenBSD BIND v4 with BIND v9" -echo "" -echo -n "Are you sure you want to do this (y/[n])? " - -read answer -echo "" - -if [ X$answer != Xy ]; then - echo "exit" - exit -fi - -###################################################################### -if [ -e /usr/sbin/named.dist ]; then - echo "BIND v4 already preserved, not saving old files." - echo "" -elif [ ! -e /var/named/named-xfer ]; then - echo "Couldn't find BIND v4 files, not saving old files." - echo "" -else - echo "Trying to save BIND v4 files:" - - for file in \ - /usr/sbin/addr \ - /usr/sbin/dig \ - /usr/sbin/dnsquery \ - /usr/sbin/host \ - /usr/sbin/named \ - /usr/sbin/named.reload \ - /usr/sbin/named.restart \ - /usr/sbin/ndc \ - /usr/sbin/nslookup \ - /usr/share/man/cat1/dig.0 \ - /usr/share/man/cat1/dnsquery.0 \ - /usr/share/man/cat1/host.0 \ - /usr/share/man/cat8/named-xfer.0 \ - /usr/share/man/cat8/named.0 \ - /usr/share/man/cat8/named.reload.0 \ - /usr/share/man/cat8/named.restart.0 \ - /usr/share/man/cat8/ndc.0 \ - /usr/share/man/cat8/nslookup.0 \ - /usr/share/misc/nslookup.help \ - /var/named/named-xfer - do - if [ -f $file ]; then - echo " $file" - mv -f $file $file.dist - fi - done - - echo "" -fi - -###################################################################### -echo "Creating soft links for binaries:" - -for file in \ - dig host nslookup nsupdate -do - echo " $BINDIR/$file -> $PREFIX/bin/$file" - rm -f $BINDIR/$file - ln -s $PREFIX/bin/$file $BINDIR/$file -done - -for file in \ - named rndc lwresd \ - dnssec-keygen dnssec-makekeyset dnssec-signkey dnssec-signzone \ - named-checkconf named-checkzone \ - rndc-confgen -do - echo " $BINDIR/$file -> $PREFIX/sbin/$file" - rm -f $BINDIR/$file - ln -s $PREFIX/sbin/$file $BINDIR/$file -done - -echo "" - -###################################################################### -echo "Setup directory structure:" - -if [ ! -d ${CHROOT} ]; then - echo " ${CHROOT}" - install -d -o root -g wheel -m 755 ${CHROOT}/var -fi - -echo " ${CHROOT}/dev" -if [ ! -d ${CHROOT}/dev ]; then - install -d -o root -g wheel -m 755 ${CHROOT}/dev -fi -pax -r -w -pe \ - /dev/null \ - /dev/random \ - /dev/srandom \ - /dev/urandom \ - /dev/prandom \ - /dev/arandom \ - ${CHROOT} - -if [ ! -d ${CHROOT}/var ]; then - echo " ${CHROOT}/var" - install -d -o root -g wheel -m 755 ${CHROOT}/var -fi - -if [ ! -d ${CHROOT}/var/run ]; then - echo " ${CHROOT}/var/run" - install -d -o named -g wheel -m 755 ${CHROOT}/var/run -fi - -if [ ! -d ${CHROOT}/var/tmp ]; then - echo " ${CHROOT}/var/tmp" - install -d -o named -g wheel -m 755 ${CHROOT}/var/tmp -fi - -echo "" - -###################################################################### -echo "Symlink $config:" - -if [ ! -L $config -a ! -e $config ]; then - echo " $config->../named.conf" - ln -s ../named.conf $config -else - echo " not needed" -fi - -echo "" diff --git a/net/bind9/files/named.conf b/net/bind9/files/named.conf deleted file mode 100644 index 5699ba4f54d..00000000000 --- a/net/bind9/files/named.conf +++ /dev/null @@ -1,47 +0,0 @@ -// $OpenBSD: named.conf,v 1.3 2001/11/26 23:25:18 jakob Exp $ - -// NOTE: If you are not chroot'ing named, change directory to -// /var/named as OpenBSD chroot's named by default -options { - directory "/"; - //directory "/var/named"; - - // Don't reveal BIND version - version ""; -}; - -// Root cache -// -zone "." { - type hint; - file "named.root"; -}; - -// Standard zones -// -zone "localhost" { - type master; - file "named.localhost"; - allow-transfer { localhost; }; -}; - -zone "0.0.127.in-addr.arpa" { - type master; - file "named.loopback"; - allow-transfer { localhost; }; -}; - -// Master zones -// -//zone "myzone.net" { -// type master; -// file "master/myzone.net"; -//}; - -// Slave zones -// -//zone "otherzone.net" { -// type slave; -// file "slave/otherzone.net"; -// masters { 192.168.1.10; [...;] }; -//}; diff --git a/net/bind9/files/named.localhost b/net/bind9/files/named.localhost deleted file mode 100644 index e785a928a2d..00000000000 --- a/net/bind9/files/named.localhost +++ /dev/null @@ -1,14 +0,0 @@ -; $OpenBSD: named.localhost,v 1.3 2001/11/26 23:25:18 jakob Exp $ -; -$ORIGIN localhost. -$TTL 6h -; -@ IN SOA localhost. postmaster.localhost. ( - 1999061400 ; serial - 1h ; refresh - 30m ; retry - 7d ; expiration - 1h ) ; minimum -; - NS localhost. - A 127.0.0.1 diff --git a/net/bind9/files/named.loopback b/net/bind9/files/named.loopback deleted file mode 100644 index 21c6be4febb..00000000000 --- a/net/bind9/files/named.loopback +++ /dev/null @@ -1,14 +0,0 @@ -; $OpenBSD: named.loopback,v 1.3 2001/11/26 23:25:18 jakob Exp $ -; -$ORIGIN 0.0.127.in-addr.arpa. -$TTL 6h -; -@ IN SOA localhost. postmaster.localhost. ( - 1999061400 ; serial - 1h ; refresh - 30m ; retry - 7d ; expiration - 1h ) ; minimum -; - NS localhost. -1 PTR localhost. diff --git a/net/bind9/files/named.root b/net/bind9/files/named.root deleted file mode 100644 index dc171ff7efc..00000000000 --- a/net/bind9/files/named.root +++ /dev/null @@ -1,81 +0,0 @@ -; $OpenBSD: named.root,v 1.3 2002/11/14 08:12:09 jakob Exp $ -; -; This file holds the information on root name servers needed to -; initialize cache of Internet domain name servers -; (e.g. reference this file in the "cache . " -; configuration file of BIND domain name servers). -; -; This file is made available by InterNIC -; under anonymous FTP as -; file /domain/named.root -; on server FTP.INTERNIC.NET -; -; last update: Nov 5, 2002 -; related version of root zone: 2002110501 -; -; -; formerly NS.INTERNIC.NET -; -. 3600000 IN NS A.ROOT-SERVERS.NET. -A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 -; -; formerly NS1.ISI.EDU -; -. 3600000 NS B.ROOT-SERVERS.NET. -B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107 -; -; formerly C.PSI.NET -; -. 3600000 NS C.ROOT-SERVERS.NET. -C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 -; -; formerly TERP.UMD.EDU -; -. 3600000 NS D.ROOT-SERVERS.NET. -D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90 -; -; formerly NS.NASA.GOV -; -. 3600000 NS E.ROOT-SERVERS.NET. -E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 -; -; formerly NS.ISC.ORG -; -. 3600000 NS F.ROOT-SERVERS.NET. -F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 -; -; formerly NS.NIC.DDN.MIL -; -. 3600000 NS G.ROOT-SERVERS.NET. -G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 -; -; formerly AOS.ARL.ARMY.MIL -; -. 3600000 NS H.ROOT-SERVERS.NET. -H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 -; -; formerly NIC.NORDU.NET -; -. 3600000 NS I.ROOT-SERVERS.NET. -I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 -; -; operated by VeriSign, Inc. -; -. 3600000 NS J.ROOT-SERVERS.NET. -J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 -; -; housed in LINX, operated by RIPE NCC -; -. 3600000 NS K.ROOT-SERVERS.NET. -K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 -; -; operated by IANA -; -. 3600000 NS L.ROOT-SERVERS.NET. -L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12 -; -; housed in Japan, operated by WIDE -; -. 3600000 NS M.ROOT-SERVERS.NET. -M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 -; End of File diff --git a/net/bind9/patches/gcc-lib_isc_Makefile_in b/net/bind9/patches/gcc-lib_isc_Makefile_in deleted file mode 100644 index 3c3ed04ca89..00000000000 --- a/net/bind9/patches/gcc-lib_isc_Makefile_in +++ /dev/null @@ -1,13 +0,0 @@ -$OpenBSD: gcc-lib_isc_Makefile_in,v 1.1 2002/03/23 22:05:48 lebel Exp $ ---- lib/isc/Makefile.in.orig Sat Mar 23 15:48:01 2002 -+++ lib/isc/Makefile.in Sat Mar 23 15:49:46 2002 -@@ -78,6 +78,9 @@ LIBS = @LIBS@ - SUBDIRS = include unix nls @ISC_THREAD_DIR@ - TARGETS = timestamp - -+sha1.lo: sha1.c -+ ${LIBTOOL} ${CC} ${ALL_CFLAGS} -O0 -c $< -+ - @BIND9_MAKE_RULES@ - - version.@O@: version.c diff --git a/net/bind9/patches/patch-acconfig_h b/net/bind9/patches/patch-acconfig_h new file mode 100644 index 00000000000..f9a1b619fd4 --- /dev/null +++ b/net/bind9/patches/patch-acconfig_h @@ -0,0 +1,23 @@ +$OpenBSD: patch-acconfig_h,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- acconfig.h.orig Tue Oct 23 01:28:07 2001 ++++ acconfig.h Tue Jan 21 08:55:10 2003 +@@ -67,6 +67,9 @@ + /* define if chroot() is available */ + #undef HAVE_CHROOT + ++/* define if tzset() is available */ ++#undef HAVE_TZSET ++ + /* define if struct addrinfo exists */ + #undef HAVE_ADDRINFO + +@@ -75,6 +78,9 @@ + + /* define if gai_strerror() exists */ + #undef HAVE_GAISTRERROR ++ ++/* define if arc4random() exists */ ++#undef HAVE_ARC4RANDOM + + /* define if pthread_setconcurrency() should be called to tell the + * OS how many threads we might want to run. diff --git a/net/bind9/patches/patch-bin_dig_dig_c b/net/bind9/patches/patch-bin_dig_dig_c new file mode 100644 index 00000000000..bb006a8d3ee --- /dev/null +++ b/net/bind9/patches/patch-bin_dig_dig_c @@ -0,0 +1,31 @@ +$OpenBSD: patch-bin_dig_dig_c,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- bin/dig/dig.c.orig Tue Mar 12 04:55:57 2002 ++++ bin/dig/dig.c Tue Jan 21 08:55:12 2003 +@@ -162,6 +162,8 @@ help(void) { + " -c class (specify query class)\n" + " -k keyfile (specify tsig key file)\n" + " -y name:key (specify named base64 tsig key)\n" ++" -4 (force IPv4 query transport)\n" ++" -6 (force IPv6 query transport)\n" + " d-opt is of the form +keyword[=value], where keyword is:\n" + " +[no]vc (TCP mode)\n" + " +[no]tcp (TCP mode, alternate syntax)\n" +@@ -911,6 +913,18 @@ dash_option(char *option, char *next, di + return (ISC_FALSE); + case 'n': + nibble = ISC_TRUE; ++ return (ISC_FALSE); ++ case '4': ++ if (have_ipv4) ++ have_ipv6 = ISC_FALSE; ++ else ++ fatal("can't find v4 networking"); ++ return (ISC_FALSE); ++ case '6': ++ if (have_ipv6) ++ have_ipv4 = ISC_FALSE; ++ else ++ fatal("can't find v6 networking"); + return (ISC_FALSE); + } + if (value == NULL) diff --git a/net/bind9/patches/patch-bin_dig_dighost_c b/net/bind9/patches/patch-bin_dig_dighost_c new file mode 100644 index 00000000000..bcd64b4dfb6 --- /dev/null +++ b/net/bind9/patches/patch-bin_dig_dighost_c @@ -0,0 +1,37 @@ +$OpenBSD: patch-bin_dig_dighost_c,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- bin/dig/dighost.c.orig Tue Aug 6 04:40:11 2002 ++++ bin/dig/dighost.c Tue Jan 21 08:55:12 2003 +@@ -54,6 +54,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -689,7 +690,6 @@ setup_libs(void) { + * just use random() now for getting id values, but doing so + * does NOT ensure that id's can't be guessed. + */ +- srandom(getpid()); + + result = isc_net_probeipv4(); + if (result == ISC_R_SUCCESS) +@@ -1162,6 +1162,7 @@ insert_soa(dig_lookup_t *lookup) { + void + setup_lookup(dig_lookup_t *lookup) { + isc_result_t result; ++ isc_uint32_t id; + int len; + dig_server_t *serv; + dig_query_t *query; +@@ -1275,7 +1276,8 @@ setup_lookup(dig_lookup_t *lookup) { + trying(store, lookup); + INSIST(dns_name_isabsolute(lookup->name)); + +- lookup->sendmsg->id = (unsigned short)(random() & 0xFFFF); ++ isc_random_get(&id); ++ lookup->sendmsg->id = (unsigned short)id & 0xFFFF; + lookup->sendmsg->opcode = dns_opcode_query; + lookup->msgcounter = 0; + /* diff --git a/net/bind9/patches/patch-bin_named_include_named_globals_h b/net/bind9/patches/patch-bin_named_include_named_globals_h new file mode 100644 index 00000000000..aa6f697bbd1 --- /dev/null +++ b/net/bind9/patches/patch-bin_named_include_named_globals_h @@ -0,0 +1,31 @@ +$OpenBSD: patch-bin_named_include_named_globals_h,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- bin/named/include/named/globals.h.orig Wed Aug 8 22:37:31 2001 ++++ bin/named/include/named/globals.h Tue Jan 21 08:55:12 2003 +@@ -45,6 +45,7 @@ EXTERN unsigned int ns_g_cpus INIT(0); + EXTERN isc_taskmgr_t * ns_g_taskmgr INIT(NULL); + EXTERN dns_dispatchmgr_t * ns_g_dispatchmgr INIT(NULL); + EXTERN isc_entropy_t * ns_g_entropy INIT(NULL); ++EXTERN isc_entropy_t * ns_g_fallbackentropy INIT(NULL); + /* + * XXXRTH We're going to want multiple timer managers eventually. One + * for really short timers, another for client timers, and one +@@ -97,7 +98,7 @@ EXTERN isc_resourcevalue_t ns_g_initopen + * Misc. + */ + EXTERN isc_boolean_t ns_g_coreok INIT(ISC_TRUE); +-EXTERN const char * ns_g_chrootdir INIT(NULL); ++EXTERN const char * ns_g_chrootdir INIT("/var/named"); + EXTERN isc_boolean_t ns_g_foreground INIT(ISC_FALSE); + EXTERN isc_boolean_t ns_g_logstderr INIT(ISC_FALSE); + +@@ -105,7 +106,9 @@ EXTERN const char * ns_g_defaultpidfile + "/run/named.pid"); + EXTERN const char * lwresd_g_defaultpidfile INIT(NS_LOCALSTATEDIR + "/run/lwresd.pid"); +-EXTERN const char * ns_g_username INIT(NULL); ++EXTERN const char * ns_g_pidfile INIT(NS_LOCALSTATEDIR ++ "/run/named.pid"); ++EXTERN const char * ns_g_username INIT("named"); + + #undef EXTERN + #undef INIT diff --git a/net/bind9/patches/patch-bin_named_main_c b/net/bind9/patches/patch-bin_named_main_c new file mode 100644 index 00000000000..707ec5c10d2 --- /dev/null +++ b/net/bind9/patches/patch-bin_named_main_c @@ -0,0 +1,88 @@ +$OpenBSD: patch-bin_named_main_c,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- bin/named/main.c.orig Mon Aug 5 08:57:01 2002 ++++ bin/named/main.c Tue Jan 21 08:55:12 2003 +@@ -228,7 +228,7 @@ usage(void) { + fprintf(stderr, + "usage: named [-c conffile] [-d debuglevel] " + "[-f|-g] [-n number_of_cpus]\n" +- " [-p port] [-s] [-t chrootdir] [-u username]\n"); ++ " [-p port] [-s] [-t chrootdir] [-u username] [-i pidfile]\n"); + } + + static void +@@ -325,9 +325,8 @@ parse_command_line(int argc, char *argv[ + ns_g_foreground = ISC_TRUE; + ns_g_logstderr = ISC_TRUE; + break; +- /* XXXBEW -i should be removed */ + case 'i': +- lwresd_g_defaultpidfile = isc_commandline_argument; ++ ns_g_pidfile = isc_commandline_argument; + break; + case 'l': + ns_g_lwresdonly = ISC_TRUE; +@@ -441,6 +440,9 @@ destroy_managers(void) { + ns_lwresd_shutdown(); + + isc_entropy_detach(&ns_g_entropy); ++ if (ns_g_fallbackentropy != NULL) { ++ isc_entropy_detach(&ns_g_fallbackentropy); ++ } + /* + * isc_taskmgr_destroy() will block until all tasks have exited, + */ +@@ -453,6 +455,12 @@ static void + setup(void) { + isc_result_t result; + ++ /* ++ * Write pidfile before chroot if specified on the command line ++ */ ++ if (ns_g_pidfile != NULL) ++ ns_os_preopenpidfile(ns_g_pidfile); ++ + /* + * Get the user and group information before changing the root + * directory, so the administrator does not need to keep a copy +@@ -460,6 +468,32 @@ setup(void) { + */ + ns_os_inituserinfo(ns_g_username); + ++ /* ++ * Initialize time conversion information and /dev/null ++ */ ++ ns_os_tzset(); ++ ns_os_opendevnull(); ++ ++ /* ++ * Initialize system's random device as fallback entropy source ++ * if running chroot'ed. ++ */ ++ result = isc_entropy_create(ns_g_mctx, &ns_g_fallbackentropy); ++ if (result != ISC_R_SUCCESS) ++ ns_main_earlyfatal("isc_entropy_create() failed: %s", ++ isc_result_totext(result)); ++#ifdef PATH_RANDOMDEV ++ if (ns_g_chrootdir != NULL) { ++ result = isc_entropy_createfilesource(ns_g_fallbackentropy, ++ PATH_RANDOMDEV); ++ if (result != ISC_R_SUCCESS) ++ ns_main_earlywarning("could not open pre-chroot " ++ "entropy source %s: %s", ++ PATH_RANDOMDEV, ++ isc_result_totext(result)); ++ } ++#endif ++ + ns_os_chroot(ns_g_chrootdir); + + /* +@@ -611,6 +645,8 @@ main(int argc, char *argv[]) { + isc_mem_destroy(&ns_g_mctx); + + isc_app_finish(); ++ ++ ns_os_closedevnull(); + + ns_os_shutdown(); + diff --git a/net/bind9/patches/patch-bin_named_server_c b/net/bind9/patches/patch-bin_named_server_c new file mode 100644 index 00000000000..ce6c725fca0 --- /dev/null +++ b/net/bind9/patches/patch-bin_named_server_c @@ -0,0 +1,60 @@ +$OpenBSD: patch-bin_named_server_c,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- bin/named/server.c.orig Wed Jul 10 06:27:23 2002 ++++ bin/named/server.c Tue Jan 21 08:55:12 2003 +@@ -1956,7 +1956,7 @@ load_configuration(const char *filename, + const char *randomdev = cfg_obj_asstring(obj); + result = isc_entropy_createfilesource(ns_g_entropy, + randomdev); +- if (result != ISC_R_SUCCESS) ++ if (result != ISC_R_SUCCESS && ns_g_chrootdir == NULL) { + isc_log_write(ns_g_lctx, + NS_LOGCATEGORY_GENERAL, + NS_LOGMODULE_SERVER, +@@ -1965,6 +1965,22 @@ load_configuration(const char *filename, + "%s: %s", + randomdev, + isc_result_totext(result)); ++ } ++#ifdef PATH_RANDOMDEV ++ if (result != ISC_R_SUCCESS && ns_g_chrootdir != NULL) { ++ isc_log_write(ns_g_lctx, ++ NS_LOGCATEGORY_GENERAL, ++ NS_LOGMODULE_SERVER, ++ ISC_LOG_INFO, ++ "using pre-chroot entropy source " ++ "%s", ++ PATH_RANDOMDEV); ++ isc_entropy_detach(&ns_g_entropy); ++ isc_entropy_attach(ns_g_fallbackentropy, ++ &ns_g_entropy); ++ ++ } ++#endif + } + } + +@@ -2049,13 +2065,17 @@ load_configuration(const char *filename, + } + } + +- obj = NULL; +- if (ns_config_get(maps, "pid-file", &obj) == ISC_R_SUCCESS) +- ns_os_writepidfile(cfg_obj_asstring(obj), first_time); +- else if (ns_g_lwresdonly) +- ns_os_writepidfile(lwresd_g_defaultpidfile, first_time); +- else +- ns_os_writepidfile(ns_g_defaultpidfile, first_time); ++ if (ns_g_pidfile != NULL) { ++ ns_os_writepidfile(ns_g_pidfile, first_time); ++ } else { ++ obj = NULL; ++ if (ns_config_get(maps, "pid-file", &obj) == ISC_R_SUCCESS) ++ ns_os_writepidfile(cfg_obj_asstring(obj), first_time); ++ else if (ns_g_lwresdonly) ++ ns_os_writepidfile(lwresd_g_defaultpidfile, first_time); ++ else ++ ns_os_writepidfile(ns_g_defaultpidfile, first_time); ++ } + + obj = NULL; + result = ns_config_get(maps, "statistics-file", &obj); diff --git a/net/bind9/patches/patch-bin_named_unix_include_named_os_h b/net/bind9/patches/patch-bin_named_unix_include_named_os_h new file mode 100644 index 00000000000..f7bf494c26b --- /dev/null +++ b/net/bind9/patches/patch-bin_named_unix_include_named_os_h @@ -0,0 +1,32 @@ +$OpenBSD: patch-bin_named_unix_include_named_os_h,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- bin/named/unix/include/named/os.h.orig Mon Aug 5 08:57:03 2002 ++++ bin/named/unix/include/named/os.h Tue Jan 21 08:55:13 2003 +@@ -29,6 +29,12 @@ void + ns_os_daemonize(void); + + void ++ns_os_opendevnull(void); ++ ++void ++ns_os_closedevnull(void); ++ ++void + ns_os_chroot(const char *root); + + void +@@ -41,9 +47,15 @@ void + ns_os_minprivs(void); + + void ++ns_os_preopenpidfile(const char *filename); ++ ++void + ns_os_writepidfile(const char *filename, isc_boolean_t first_time); + + void + ns_os_shutdown(void); ++ ++void ++ns_os_tzset(void); + + #endif /* NS_OS_H */ diff --git a/net/bind9/patches/patch-bin_named_unix_os_c b/net/bind9/patches/patch-bin_named_unix_os_c new file mode 100644 index 00000000000..0831a801c87 --- /dev/null +++ b/net/bind9/patches/patch-bin_named_unix_os_c @@ -0,0 +1,181 @@ +$OpenBSD: patch-bin_named_unix_os_c,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- bin/named/unix/os.c.orig Mon Aug 5 08:57:03 2002 ++++ bin/named/unix/os.c Tue Jan 21 08:55:13 2003 +@@ -43,6 +43,9 @@ + #include + + static char *pidfile = NULL; ++static int pidfilefd = -1; ++static isc_boolean_t preopenpidfile = ISC_FALSE; ++static int devnullfd = -1; + + /* + * If there's no , we don't care about +@@ -288,7 +291,6 @@ ns_os_init(const char *progname) { + void + ns_os_daemonize(void) { + pid_t pid; +- int fd; + char strbuf[ISC_STRERRORSIZE]; + + pid = fork(); +@@ -322,21 +324,35 @@ ns_os_daemonize(void) { + * and will end up closing the wrong FD. This will be fixed eventually, + * and these calls will be removed. + */ +- fd = open("/dev/null", O_RDWR, 0); +- if (fd != -1) { +- close(STDIN_FILENO); +- (void)dup2(fd, STDIN_FILENO); +- close(STDOUT_FILENO); +- (void)dup2(fd, STDOUT_FILENO); +- close(STDERR_FILENO); +- (void)dup2(fd, STDERR_FILENO); +- if (fd != STDIN_FILENO && +- fd != STDOUT_FILENO && +- fd != STDERR_FILENO) +- (void)close(fd); ++ if (devnullfd != -1) { ++ if (devnullfd != STDIN_FILENO) { ++ (void)close(STDIN_FILENO); ++ (void)dup2(devnullfd, STDIN_FILENO); ++ } ++ if (devnullfd != STDOUT_FILENO) { ++ (void)close(STDOUT_FILENO); ++ (void)dup2(devnullfd, STDOUT_FILENO); ++ } ++ if (devnullfd != STDERR_FILENO) { ++ (void)close(STDERR_FILENO); ++ (void)dup2(devnullfd, STDERR_FILENO); ++ } + } + } + ++void ++ns_os_opendevnull(void) { ++ devnullfd = open("/dev/null", O_RDWR, 0); ++} ++ ++void ++ns_os_closedevnull(void) { ++ if (devnullfd != STDIN_FILENO && ++ devnullfd != STDOUT_FILENO && ++ devnullfd != STDERR_FILENO) ++ close(devnullfd); ++} ++ + static isc_boolean_t + all_digits(const char *s) { + if (*s == '\0') +@@ -468,19 +484,13 @@ cleanup_pidfile(void) { + pidfile = NULL; + } + +-void +-ns_os_writepidfile(const char *filename, isc_boolean_t first_time) { ++static int ++open_pidfile(const char *filename, isc_boolean_t first_time) { + int fd; +- FILE *lockfile; + size_t len; +- pid_t pid; + char strbuf[ISC_STRERRORSIZE]; + void (*report)(const char *, ...); + +- /* +- * The caller must ensure any required synchronization. +- */ +- + report = first_time ? ns_main_earlyfatal : ns_main_earlywarning; + + cleanup_pidfile(); +@@ -490,7 +500,7 @@ ns_os_writepidfile(const char *filename, + if (pidfile == NULL) { + isc__strerror(errno, strbuf, sizeof(strbuf)); + (*report)("couldn't malloc '%s': %s", filename, strbuf); +- return; ++ return -1; + } + /* This is safe. */ + strcpy(pidfile, filename); +@@ -501,15 +511,46 @@ ns_os_writepidfile(const char *filename, + (*report)("couldn't open pid file '%s': %s", filename, strbuf); + free(pidfile); + pidfile = NULL; +- return; ++ return -1; + } ++ ++ return fd; ++} ++ ++void ++ns_os_preopenpidfile(const char *filename) { ++ pidfilefd = open_pidfile(filename, ISC_TRUE); ++ preopenpidfile = ISC_TRUE; ++} ++ ++void ++ns_os_writepidfile(const char *filename, isc_boolean_t first_time) { ++ int fd; ++ FILE *lockfile; ++ pid_t pid; ++ char strbuf[ISC_STRERRORSIZE]; ++ void (*report)(const char *, ...); ++ ++ /* ++ * The caller must ensure any required synchronization. ++ */ ++ ++ report = first_time ? ns_main_earlyfatal : ns_main_earlywarning; ++ ++ if (preopenpidfile == ISC_TRUE) ++ fd = pidfilefd; ++ else ++ fd = open_pidfile(filename, first_time); ++ ++ if (fd < 0) return; ++ + lockfile = fdopen(fd, "w"); + if (lockfile == NULL) { + isc__strerror(errno, strbuf, sizeof(strbuf)); + (*report)("could not fdopen() pid file '%s': %s", + filename, strbuf); + (void)close(fd); +- cleanup_pidfile(); ++ if (preopenpidfile == ISC_FALSE) cleanup_pidfile(); + return; + } + #ifdef HAVE_LINUXTHREADS +@@ -520,20 +561,28 @@ ns_os_writepidfile(const char *filename, + if (fprintf(lockfile, "%ld\n", (long)pid) < 0) { + (*report)("fprintf() to pid file '%s' failed", filename); + (void)fclose(lockfile); +- cleanup_pidfile(); ++ if (preopenpidfile == ISC_FALSE) cleanup_pidfile(); + return; + } + if (fflush(lockfile) == EOF) { + (*report)("fflush() to pid file '%s' failed", filename); + (void)fclose(lockfile); +- cleanup_pidfile(); ++ if (preopenpidfile == ISC_FALSE) cleanup_pidfile(); + return; + } + (void)fclose(lockfile); ++ if (preopenpidfile == ISC_TRUE) pidfilefd = -1; + } + + void + ns_os_shutdown(void) { + closelog(); +- cleanup_pidfile(); ++ if (preopenpidfile == ISC_FALSE) cleanup_pidfile(); ++} ++ ++void ++ns_os_tzset(void) { ++#ifdef HAVE_TZSET ++ tzset(); ++#endif + } diff --git a/net/bind9/patches/patch-bin_rndc_rndc_c b/net/bind9/patches/patch-bin_rndc_rndc_c new file mode 100644 index 00000000000..f26713c8ab3 --- /dev/null +++ b/net/bind9/patches/patch-bin_rndc_rndc_c @@ -0,0 +1,30 @@ +$OpenBSD: patch-bin_rndc_rndc_c,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- bin/rndc/rndc.c.orig Thu Nov 29 00:37:50 2001 ++++ bin/rndc/rndc.c Tue Jan 21 08:55:13 2003 +@@ -32,6 +32,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -251,6 +252,7 @@ rndc_connected(isc_task_t *task, isc_eve + isccc_region_t message; + isc_region_t r; + isc_uint32_t len; ++ isc_uint32_t serial; + isc_buffer_t b; + isc_result_t result; + +@@ -260,8 +262,8 @@ rndc_connected(isc_task_t *task, isc_eve + fatal("connect failed: %s", isc_result_totext(sevent->result)); + + isc_stdtime_get(&now); +- srandom(now + isc_thread_self()); +- DO("create message", isccc_cc_createmessage(1, NULL, NULL, random(), ++ isc_random_get(&serial); ++ DO("create message", isccc_cc_createmessage(1, NULL, NULL, serial, + now, now + 60, &request)); + data = isccc_alist_lookup(request, "_data"); + if (data == NULL) diff --git a/net/bind9/patches/patch-bin_tests_Makefile_in b/net/bind9/patches/patch-bin_tests_Makefile_in new file mode 100644 index 00000000000..c080c23e375 --- /dev/null +++ b/net/bind9/patches/patch-bin_tests_Makefile_in @@ -0,0 +1,30 @@ +$OpenBSD: patch-bin_tests_Makefile_in,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- bin/tests/Makefile.in.orig Tue Feb 12 13:02:05 2002 ++++ bin/tests/Makefile.in Tue Jan 21 08:55:13 2003 +@@ -66,6 +66,7 @@ XTARGETS = adb_test \ + inter_test \ + journalprint \ + keyboard_test \ ++ lcg_test \ + lex_test \ + lfsr_test \ + log_test \ +@@ -104,6 +105,7 @@ SRCS = adb_test.c \ + inter_test.c \ + journalprint.c \ + keyboard_test.c \ ++ lcg_test.c \ + lex_test.c \ + lfsr_test.c \ + log_test.c \ +@@ -150,6 +152,10 @@ byaddr_test: byaddr_test.@O@ ${ISCDEPLIB + byname_test: byname_test.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS} + ${LIBTOOL} ${PURIFY} ${CC} ${CFLAGS} -o $@ byname_test.@O@ \ + ${DNSLIBS} ${ISCLIBS} ${LIBS} ++ ++lcg_test: lcg_test.@O@ ${ISCDEPLIBS} ++ ${LIBTOOL} ${PURIFY} ${CC} ${CFLAGS} -o $@ lcg_test.@O@ \ ++ ${ISCLIBS} ${LIBS} + + lex_test: lex_test.@O@ ${ISCDEPLIBS} + ${LIBTOOL} ${PURIFY} ${CC} ${CFLAGS} -o $@ lex_test.@O@ \ diff --git a/net/bind9/patches/patch-bin_tests_genrandom_c b/net/bind9/patches/patch-bin_tests_genrandom_c new file mode 100644 index 00000000000..7810a339490 --- /dev/null +++ b/net/bind9/patches/patch-bin_tests_genrandom_c @@ -0,0 +1,19 @@ +$OpenBSD: patch-bin_tests_genrandom_c,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- bin/tests/genrandom.c.orig Tue Jan 9 22:41:04 2001 ++++ bin/tests/genrandom.c Tue Jan 21 08:55:13 2003 +@@ -47,9 +47,15 @@ main(int argc, char **argv) { + exit(1); + } + ++#ifndef HAVE_ARC4RANDOM + srand(0x12345678); ++#endif + while (bytes > 0) { ++#ifndef HAVE_ARC4RANDOM + unsigned short int x = (rand() & 0xFFFF); ++#else ++ unsigned short int x = (arc4random() & 0xFFFF); ++#endif + unsigned char c = x & 0xFF; + if (putc(c, fp) == EOF) { + printf("error writing to file\n"); diff --git a/net/bind9/patches/patch-bin_tests_lcg_test_c b/net/bind9/patches/patch-bin_tests_lcg_test_c new file mode 100644 index 00000000000..0184b55c9fa --- /dev/null +++ b/net/bind9/patches/patch-bin_tests_lcg_test_c @@ -0,0 +1,50 @@ +$OpenBSD: patch-bin_tests_lcg_test_c,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- bin/tests/lcg_test.c.orig Tue Jan 21 08:55:13 2003 ++++ bin/tests/lcg_test.c Tue Jan 21 08:55:13 2003 +@@ -0,0 +1,46 @@ ++/* ++ * Copyright (C) 2002 Jakob Schlyter ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM ++ * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ++ * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, ++ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING ++ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, ++ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION ++ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++/* $OpenBSD: patch-bin_tests_lcg_test_c,v 1.1 2003/01/25 14:14:37 jakob Exp $ */ ++ ++#include ++ ++#include ++#include ++ ++#include ++ ++int ++main(int argc, char **argv) { ++ int i, n; ++ isc_uint16_t val; ++ isc_lcg_t lcg; ++ ++ if (argc > 1) ++ n = atoi(argv[1]); ++ else ++ n = 10; ++ ++ isc_lcg_init(&lcg); ++ ++ for (i=0; i + + #include +-#include ++#include + #include + #include + #include +@@ -45,8 +45,7 @@ typedef struct dns_qid { + unsigned int qid_nbuckets; /* hash table size */ + unsigned int qid_increment; /* id increment on collision */ + isc_mutex_t lock; +- isc_lfsr_t qid_lfsr1; /* state generator info */ +- isc_lfsr_t qid_lfsr2; /* state generator info */ ++ isc_lcg_t qid_lcg; /* state generator info */ + dns_displist_t *qid_table; /* the table itself */ + } dns_qid_t; + +@@ -256,36 +255,14 @@ request_log(dns_dispatch_t *disp, dns_di + } + } + +-static void +-reseed_lfsr(isc_lfsr_t *lfsr, void *arg) +-{ +- dns_dispatchmgr_t *mgr = arg; +- isc_result_t result; +- isc_uint32_t val; +- +- REQUIRE(VALID_DISPATCHMGR(mgr)); +- +- if (mgr->entropy != NULL) { +- result = isc_entropy_getdata(mgr->entropy, &val, sizeof val, +- NULL, 0); +- INSIST(result == ISC_R_SUCCESS); +- lfsr->count = (val & 0x1f) + 32; +- lfsr->state = val; +- return; +- } +- +- lfsr->count = (random() & 0x1f) + 32; /* From 32 to 63 states */ +- lfsr->state = random(); +-} +- + /* + * Return an unpredictable message ID. + */ + static dns_messageid_t + dns_randomid(dns_qid_t *qid) { +- isc_uint32_t id; ++ isc_uint16_t id; + +- id = isc_lfsr_generate32(&qid->qid_lfsr1, &qid->qid_lfsr2); ++ id = isc_lcg_generate16(&qid->qid_lcg); + + return (dns_messageid_t)(id & 0xFFFF); + } +@@ -1304,20 +1281,7 @@ qid_allocate(dns_dispatchmgr_t *mgr, uns + qid->qid_increment = increment; + qid->magic = QID_MAGIC; + +- /* +- * Initialize to a 32-bit LFSR. Both of these are from Applied +- * Cryptography. +- * +- * lfsr1: +- * x^32 + x^7 + x^5 + x^3 + x^2 + x + 1 +- * +- * lfsr2: +- * x^32 + x^7 + x^6 + x^2 + 1 +- */ +- isc_lfsr_init(&qid->qid_lfsr1, 0, 32, 0x80000057U, +- 0, reseed_lfsr, mgr); +- isc_lfsr_init(&qid->qid_lfsr2, 0, 32, 0x800000c2U, +- 0, reseed_lfsr, mgr); ++ isc_lcg_init(&qid->qid_lcg); + *qidp = qid; + return (ISC_R_SUCCESS); + } diff --git a/net/bind9/patches/patch-lib_dns_rdataset_c b/net/bind9/patches/patch-lib_dns_rdataset_c new file mode 100644 index 00000000000..5e5b1b236a6 --- /dev/null +++ b/net/bind9/patches/patch-lib_dns_rdataset_c @@ -0,0 +1,16 @@ +$OpenBSD: patch-lib_dns_rdataset_c,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- lib/dns/rdataset.c.orig Tue Jun 5 11:23:14 2001 ++++ lib/dns/rdataset.c Tue Jan 21 08:55:13 2003 +@@ -363,7 +363,11 @@ towiresorted(dns_rdataset_t *rdataset, d + /* + * "Cyclic" order. + */ +- unsigned int j = (((unsigned int)rand()) >> 3) % count; ++ isc_uint32_t val; ++ unsigned int j; ++ ++ isc_random_get(&val); ++ j = val % count; + for (i = 0; i < count; i++) { + sorted[j].key = 0; /* Unused */ + sorted[j].rdata = &shuffled[i]; diff --git a/net/bind9/patches/patch-lib_isc_Makefile_in b/net/bind9/patches/patch-lib_isc_Makefile_in new file mode 100644 index 00000000000..0e579cb2f52 --- /dev/null +++ b/net/bind9/patches/patch-lib_isc_Makefile_in @@ -0,0 +1,21 @@ +$OpenBSD: patch-lib_isc_Makefile_in,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- lib/isc/Makefile.in.orig Tue Oct 23 01:28:13 2001 ++++ lib/isc/Makefile.in Tue Jan 21 08:55:13 2003 +@@ -53,7 +53,7 @@ OBJS = @ISC_EXTRA_OBJS@ \ + assertions.@O@ base64.@O@ bitstring.@O@ buffer.@O@ \ + bufferlist.@O@ commandline.@O@ error.@O@ event.@O@ \ + heap.@O@ hex.@O@ hmacmd5.@O@ \ +- lex.@O@ lfsr.@O@ lib.@O@ log.@O@ \ ++ lcg.@O@ lex.@O@ lfsr.@O@ lib.@O@ log.@O@ \ + md5.@O@ mem.@O@ mutexblock.@O@ netaddr.@O@ ondestroy.@O@ \ + quota.@O@ random.@O@ \ + ratelimiter.@O@ result.@O@ rwlock.@O@ \ +@@ -66,7 +66,7 @@ SRCS = @ISC_EXTRA_SRCS@ \ + assertions.c base64.c bitstring.c buffer.c \ + bufferlist.c commandline.c error.c event.c \ + heap.c hex.c hmacmd5.c \ +- lex.c lfsr.c lib.c log.c \ ++ lcg.c lex.c lfsr.c lib.c log.c \ + md5.c mem.c mutexblock.c netaddr.c ondestroy.c \ + quota.c random.c \ + ratelimiter.c result.c rwlock.c \ diff --git a/net/bind9/patches/patch-lib_isc_include_isc_Makefile_in b/net/bind9/patches/patch-lib_isc_include_isc_Makefile_in new file mode 100644 index 00000000000..51cabaab5f1 --- /dev/null +++ b/net/bind9/patches/patch-lib_isc_include_isc_Makefile_in @@ -0,0 +1,12 @@ +$OpenBSD: patch-lib_isc_include_isc_Makefile_in,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- lib/isc/include/isc/Makefile.in.orig Sat Jul 7 00:11:40 2001 ++++ lib/isc/include/isc/Makefile.in Tue Jan 21 08:55:13 2003 +@@ -30,7 +30,7 @@ HEADERS = app.h assertions.h base64.h bi + bufferlist.h commandline.h entropy.h error.h event.h \ + eventclass.h \ + file.h formatcheck.h fsaccess.h heap.h hex.h hmacmd5.h \ +- interfaceiter.h @ISC_IPV6_H@ lang.h lex.h \ ++ interfaceiter.h @ISC_IPV6_H@ lang.h lcg.h lex.h \ + lfsr.h lib.h list.h log.h magic.h md5.h mem.h msgcat.h msgs.h \ + mutexblock.h netaddr.h ondestroy.h os.h \ + print.h quota.h random.h ratelimiter.h \ diff --git a/net/bind9/patches/patch-lib_isc_include_isc_lcg_h b/net/bind9/patches/patch-lib_isc_include_isc_lcg_h new file mode 100644 index 00000000000..545eaee8da0 --- /dev/null +++ b/net/bind9/patches/patch-lib_isc_include_isc_lcg_h @@ -0,0 +1,102 @@ +$OpenBSD: patch-lib_isc_include_isc_lcg_h,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- lib/isc/include/isc/lcg.h.orig Tue Jan 21 08:55:13 2003 ++++ lib/isc/include/isc/lcg.h Tue Jan 21 08:55:13 2003 +@@ -0,0 +1,98 @@ ++/* ++ * Portions Copyright (C) 2002 Internet Software Consortium. ++ * Portions Copyright (C) 1997 Niels Provos. ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM ++ * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ++ * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, ++ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING ++ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, ++ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION ++ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++/* $OpenBSD: patch-lib_isc_include_isc_lcg_h,v 1.1 2003/01/25 14:14:37 jakob Exp $ */ ++ ++/* ++ * Theo de Raadt came up with the idea of using ++ * such a mathematical system to generate more random (yet non-repeating) ++ * ids to solve the resolver/named problem. But Niels designed the ++ * actual system based on the constraints. ++ */ ++ ++/* ++ * seed = random 15bit ++ * n = prime, g0 = generator to n, ++ * j = random so that gcd(j,n-1) == 1 ++ * g = g0^j mod n will be a generator again. ++ * ++ * X[0] = random seed. ++ * X[n] = a*X[n-1]+b mod m is a Linear Congruential Generator ++ * with a = 7^(even random) mod m, ++ * b = random with gcd(b,m) == 1 ++ * m = 31104 and a maximal period of m-1. ++ * ++ * The transaction id is determined by: ++ * id[n] = seed xor (g^X[n] mod n) ++ * ++ * Effectivly the id is restricted to the lower 15 bits, thus ++ * yielding two different cycles by toggling the msb on and off. ++ * This avoids reuse issues caused by reseeding. ++ * ++ * The 16 bit space is very small and brute force attempts are ++ * entirly feasible, we skip a random number of transaction ids ++ * so that an attacker will not get sequential ids. ++ */ ++ ++ ++#ifndef ISC_LCG_H ++#define ISC_LCG_H 1 ++ ++#include ++#include ++ ++typedef struct isc_lcg isc_lcg_t; ++ ++struct isc_lcg { ++ isc_uint16_t ru_x; ++ isc_uint16_t ru_seed, ru_seed2; ++ isc_uint16_t ru_a, ru_b; ++ isc_uint16_t ru_g; ++ isc_uint16_t ru_counter; ++ isc_uint16_t ru_msb; ++ isc_uint32_t ru_reseed; ++ isc_uint32_t random; ++}; ++ ++ISC_LANG_BEGINDECLS ++ ++void ++isc_lcg_init(isc_lcg_t *lcg); ++/* ++ * Initialize a Linear Congruential Generator ++ * ++ * Requires: ++ * ++ * lcg != NULL ++ */ ++ ++isc_uint16_t ++isc_lcg_generate16(isc_lcg_t *lcg); ++/* ++ * Get a random number from a Linear Congruential Generator ++ * ++ * Requires: ++ * ++ * lcg be valid. ++ * ++ * data != NULL. ++ */ ++ ++ISC_LANG_ENDDECLS ++ ++#endif /* ISC_LCG_H */ diff --git a/net/bind9/patches/patch-lib_isc_lcg_c b/net/bind9/patches/patch-lib_isc_lcg_c new file mode 100644 index 00000000000..a5682925814 --- /dev/null +++ b/net/bind9/patches/patch-lib_isc_lcg_c @@ -0,0 +1,177 @@ +$OpenBSD: patch-lib_isc_lcg_c,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- lib/isc/lcg.c.orig Tue Jan 21 08:55:13 2003 ++++ lib/isc/lcg.c Tue Jan 21 08:55:13 2003 +@@ -0,0 +1,173 @@ ++/* ++ * Portions Copyright (C) 2002 Internet Software Consortium. ++ * Portions Copyright (C) 1997 Niels Provos. ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM ++ * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ++ * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, ++ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING ++ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, ++ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION ++ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++/* $OpenBSD: patch-lib_isc_lcg_c,v 1.1 2003/01/25 14:14:37 jakob Exp $ */ ++ ++#include ++ ++#include ++ ++#include ++#include ++#include ++#include ++ ++#define VALID_LCG(x) (x != NULL) ++ ++#define RU_OUT 180 /* Time after wich will be reseeded */ ++#define RU_MAX 30000 /* Uniq cycle, avoid blackjack prediction */ ++#define RU_GEN 2 /* Starting generator */ ++#define RU_N 32749 /* RU_N-1 = 2*2*3*2729 */ ++#define RU_AGEN 7 /* determine ru_a as RU_AGEN^(2*rand) */ ++#define RU_M 31104 /* RU_M = 2^7*3^5 - don't change */ ++ ++#define PFAC_N 3 ++static const isc_uint16_t pfacts[PFAC_N] = { ++ 2, ++ 3, ++ 2729 ++}; ++ ++/* ++ * Do a fast modular exponation, returned value will be in the range ++ * of 0 - (mod-1) ++ */ ++static isc_uint16_t ++pmod(isc_uint16_t gen, isc_uint16_t exp, isc_uint16_t mod) ++{ ++ isc_uint16_t s, t, u; ++ ++ s = 1; ++ t = gen; ++ u = exp; ++ ++ while (u) { ++ if (u & 1) ++ s = (s*t) % mod; ++ u >>= 1; ++ t = (t*t) % mod; ++ } ++ return (s); ++} ++ ++/* ++ * Initializes the seed and chooses a suitable generator. Also toggles ++ * the msb flag. The msb flag is used to generate two distinct ++ * cycles of random numbers and thus avoiding reuse of ids. ++ * ++ * This function is called from isc_lcg_generate() when needed, an ++ * application does not have to worry about it. ++ */ ++static void ++reseed(isc_lcg_t *lcg) ++{ ++ isc_time_t isctime; ++ isc_boolean_t noprime = ISC_TRUE; ++ isc_uint16_t j, i; ++ ++ isc_random_get(&lcg->random); ++ lcg->ru_x = (lcg->random & 0xFFFF) % RU_M; ++ ++ /* 15 bits of random seed */ ++ lcg->ru_seed = (lcg->random >> 16) & 0x7FFF; ++ isc_random_get(&lcg->random); ++ lcg->ru_seed2 = lcg->random & 0x7FFF; ++ ++ isc_random_get(&lcg->random); ++ ++ /* Determine the LCG we use */ ++ lcg->ru_b = (lcg->random & 0xfffe) | 1; ++ lcg->ru_a = pmod(RU_AGEN, (lcg->random >> 16) & 0xfffe, RU_M); ++ while (lcg->ru_b % 3 == 0) ++ lcg->ru_b += 2; ++ ++ isc_random_get(&lcg->random); ++ j = lcg->random % RU_N; ++ lcg->random = lcg->random >> 16; ++ ++ /* ++ * Do a fast gcd(j,RU_N-1), so we can find a j with ++ * gcd(j, RU_N-1) == 1, giving a new generator for ++ * RU_GEN^j mod RU_N ++ */ ++ while (noprime == ISC_TRUE) { ++ for (i=0; i= PFAC_N) ++ noprime = ISC_FALSE; ++ else ++ j = (j+1) % RU_N; ++ } ++ ++ lcg->ru_g = pmod(RU_GEN, j, RU_N); ++ lcg->ru_counter = 0; ++ ++ isc_time_now(&isctime); ++ lcg->ru_reseed = isc_time_seconds(&isctime) + RU_OUT; ++ lcg->ru_msb = lcg->ru_msb == 0x8000 ? 0 : 0x8000; ++} ++ ++void ++isc_lcg_init(isc_lcg_t *lcg) ++{ ++ REQUIRE(VALID_LCG(lcg)); ++ ++ lcg->ru_x = 0; ++ lcg->ru_seed = 0; ++ lcg->ru_seed2 = 0; ++ lcg->ru_a = 0; ++ lcg->ru_b = 0; ++ lcg->ru_g = 0; ++ lcg->ru_counter = 0; ++ lcg->ru_msb = 0; ++ lcg->ru_reseed = 0; ++ lcg->random = 0; ++} ++ ++isc_uint16_t ++isc_lcg_generate16(isc_lcg_t *lcg) ++{ ++ isc_time_t isctime; ++ int i, n; ++ ++ REQUIRE(VALID_LCG(lcg)); ++ ++ isc_time_now(&isctime); ++ if (lcg->ru_counter >= RU_MAX || ++ isc_time_seconds(&isctime) > lcg->ru_reseed) ++ reseed(lcg); ++ ++ if (! lcg->random) ++ isc_random_get(&lcg->random); ++ ++ /* Skip a random number of ids */ ++ n = lcg->random & 0x7; lcg->random = lcg->random >> 3; ++ if (lcg->ru_counter + n >= RU_MAX) ++ reseed(lcg); ++ ++ for (i=0; i<=n; i++) ++ /* Linear Congruential Generator */ ++ lcg->ru_x = (lcg->ru_a*lcg->ru_x + lcg->ru_b) % RU_M; ++ ++ lcg->ru_counter += i; ++ ++ return (lcg->ru_seed ^ ++ pmod(lcg->ru_g, lcg->ru_seed2 ^ lcg->ru_x, RU_N)) | lcg->ru_msb; ++} diff --git a/net/bind9/patches/patch-lib_isc_lfsr_c b/net/bind9/patches/patch-lib_isc_lfsr_c new file mode 100644 index 00000000000..040a6f20833 --- /dev/null +++ b/net/bind9/patches/patch-lib_isc_lfsr_c @@ -0,0 +1,12 @@ +$OpenBSD: patch-lib_isc_lfsr_c,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- lib/isc/lfsr.c.orig Tue Jan 9 22:56:11 2001 ++++ lib/isc/lfsr.c Tue Jan 21 08:55:13 2003 +@@ -74,7 +74,7 @@ lfsr_generate(isc_lfsr_t *lfsr) + } + + if (lfsr->state & 0x01) { +- lfsr->state = ((lfsr->state ^ lfsr->tap) >> 1) | highbit; ++ lfsr->state = (lfsr->state >> 1) ^ lfsr->tap; + return (1); + } else { + lfsr->state >>= 1; diff --git a/net/bind9/patches/patch-lib_isc_random_c b/net/bind9/patches/patch-lib_isc_random_c new file mode 100644 index 00000000000..8920265bb1b --- /dev/null +++ b/net/bind9/patches/patch-lib_isc_random_c @@ -0,0 +1,47 @@ +$OpenBSD: patch-lib_isc_random_c,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- lib/isc/random.c.orig Tue Jan 9 22:56:22 2001 ++++ lib/isc/random.c Tue Jan 21 08:55:13 2003 +@@ -33,7 +33,9 @@ static isc_once_t once = ISC_ONCE_INIT; + static void + initialize_rand(void) + { ++#ifndef HAVE_ARC4RANDOM + srand(time(NULL)); ++#endif + } + + static void +@@ -47,7 +49,11 @@ isc_random_seed(isc_uint32_t seed) + { + initialize(); + ++#ifndef HAVE_ARC4RANDOM + srand(seed); ++#else ++ arc4random_addrandom((u_char *) &seed, sizeof(isc_uint32_t)); ++#endif + } + + void +@@ -57,7 +63,11 @@ isc_random_get(isc_uint32_t *val) + + initialize(); + ++#ifndef HAVE_ARC4RANDOM + *val = rand(); ++#else ++ *val = arc4random(); ++#endif + } + + isc_uint32_t +@@ -66,5 +76,9 @@ isc_random_jitter(isc_uint32_t max, isc_ + if (jitter == 0) + return (max); + else ++#ifndef HAVE_ARC4RANDOM + return (max - rand() % jitter); ++#else ++ return (max - arc4random() % jitter); ++#endif + } diff --git a/net/bind9/patches/patch-lib_isc_sha1_c b/net/bind9/patches/patch-lib_isc_sha1_c new file mode 100644 index 00000000000..e41c1c757a5 --- /dev/null +++ b/net/bind9/patches/patch-lib_isc_sha1_c @@ -0,0 +1,107 @@ +$OpenBSD: patch-lib_isc_sha1_c,v 1.1 2003/01/25 14:14:37 jakob Exp $ +--- lib/isc/sha1.c.orig Tue Jan 9 22:56:28 2001 ++++ lib/isc/sha1.c Tue Jan 21 08:55:13 2003 +@@ -85,6 +85,67 @@ typedef union { + unsigned int l[16]; + } CHAR64LONG16; + ++#ifdef __sparc_v9__ ++static void do_R01(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *); ++static void do_R2(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *); ++static void do_R3(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *); ++static void do_R4(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *); ++ ++#define nR0(v,w,x,y,z,i) R0(*v,*w,*x,*y,*z,i) ++#define nR1(v,w,x,y,z,i) R1(*v,*w,*x,*y,*z,i) ++#define nR2(v,w,x,y,z,i) R2(*v,*w,*x,*y,*z,i) ++#define nR3(v,w,x,y,z,i) R3(*v,*w,*x,*y,*z,i) ++#define nR4(v,w,x,y,z,i) R4(*v,*w,*x,*y,*z,i) ++ ++static void ++do_R01(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *block) ++{ ++ nR0(a,b,c,d,e, 0); nR0(e,a,b,c,d, 1); nR0(d,e,a,b,c, 2); ++ nR0(c,d,e,a,b, 3); nR0(b,c,d,e,a, 4); nR0(a,b,c,d,e, 5); ++ nR0(e,a,b,c,d, 6); nR0(d,e,a,b,c, 7); nR0(c,d,e,a,b, 8); ++ nR0(b,c,d,e,a, 9); nR0(a,b,c,d,e,10); nR0(e,a,b,c,d,11); ++ nR0(d,e,a,b,c,12); nR0(c,d,e,a,b,13); nR0(b,c,d,e,a,14); ++ nR0(a,b,c,d,e,15); nR1(e,a,b,c,d,16); nR1(d,e,a,b,c,17); ++ nR1(c,d,e,a,b,18); nR1(b,c,d,e,a,19); ++} ++ ++static void ++do_R2(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *block) ++{ ++ nR2(a,b,c,d,e,20); nR2(e,a,b,c,d,21); nR2(d,e,a,b,c,22); ++ nR2(c,d,e,a,b,23); nR2(b,c,d,e,a,24); nR2(a,b,c,d,e,25); ++ nR2(e,a,b,c,d,26); nR2(d,e,a,b,c,27); nR2(c,d,e,a,b,28); ++ nR2(b,c,d,e,a,29); nR2(a,b,c,d,e,30); nR2(e,a,b,c,d,31); ++ nR2(d,e,a,b,c,32); nR2(c,d,e,a,b,33); nR2(b,c,d,e,a,34); ++ nR2(a,b,c,d,e,35); nR2(e,a,b,c,d,36); nR2(d,e,a,b,c,37); ++ nR2(c,d,e,a,b,38); nR2(b,c,d,e,a,39); ++} ++ ++static void ++do_R3(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *block) ++{ ++ nR3(a,b,c,d,e,40); nR3(e,a,b,c,d,41); nR3(d,e,a,b,c,42); ++ nR3(c,d,e,a,b,43); nR3(b,c,d,e,a,44); nR3(a,b,c,d,e,45); ++ nR3(e,a,b,c,d,46); nR3(d,e,a,b,c,47); nR3(c,d,e,a,b,48); ++ nR3(b,c,d,e,a,49); nR3(a,b,c,d,e,50); nR3(e,a,b,c,d,51); ++ nR3(d,e,a,b,c,52); nR3(c,d,e,a,b,53); nR3(b,c,d,e,a,54); ++ nR3(a,b,c,d,e,55); nR3(e,a,b,c,d,56); nR3(d,e,a,b,c,57); ++ nR3(c,d,e,a,b,58); nR3(b,c,d,e,a,59); ++} ++ ++static void ++do_R4(u_int32_t *a, u_int32_t *b, u_int32_t *c, u_int32_t *d, u_int32_t *e, CHAR64LONG16 *block) ++{ ++ nR4(a,b,c,d,e,60); nR4(e,a,b,c,d,61); nR4(d,e,a,b,c,62); ++ nR4(c,d,e,a,b,63); nR4(b,c,d,e,a,64); nR4(a,b,c,d,e,65); ++ nR4(e,a,b,c,d,66); nR4(d,e,a,b,c,67); nR4(c,d,e,a,b,68); ++ nR4(b,c,d,e,a,69); nR4(a,b,c,d,e,70); nR4(e,a,b,c,d,71); ++ nR4(d,e,a,b,c,72); nR4(c,d,e,a,b,73); nR4(b,c,d,e,a,74); ++ nR4(a,b,c,d,e,75); nR4(e,a,b,c,d,76); nR4(d,e,a,b,c,77); ++ nR4(c,d,e,a,b,78); nR4(b,c,d,e,a,79); ++} ++#endif ++ + /* + * Hash a single 512-bit block. This is the core of the algorithm. + */ +@@ -92,12 +153,12 @@ static void + transform(isc_uint32_t state[5], const unsigned char buffer[64]) { + isc_uint32_t a, b, c, d, e; + CHAR64LONG16 *block; +- unsigned char workspace[64]; ++ CHAR64LONG16 workspace; + + INSIST(buffer != NULL); + INSIST(state != NULL); + +- block = (CHAR64LONG16 *)(void *)workspace; ++ block = &workspace; + (void)memcpy(block, buffer, 64); + + /* Copy context->state[] to working vars */ +@@ -107,6 +168,12 @@ transform(isc_uint32_t state[5], const u + d = state[3]; + e = state[4]; + ++#ifdef __sparc_v9__ ++ do_R01(&a, &b, &c, &d, &e, block); ++ do_R2(&a, &b, &c, &d, &e, block); ++ do_R3(&a, &b, &c, &d, &e, block); ++ do_R4(&a, &b, &c, &d, &e, block); ++#else + /* 4 rounds of 20 operations each. Loop unrolled. */ + R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3); + R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7); +@@ -128,6 +195,7 @@ transform(isc_uint32_t state[5], const u + R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71); + R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75); + R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79); ++#endif + + /* Add the working vars back into context.state[] */ + state[0] += a; diff --git a/net/bind9/patches/patch-openssl b/net/bind9/patches/patch-openssl deleted file mode 100644 index 5a3b07c54d4..00000000000 --- a/net/bind9/patches/patch-openssl +++ /dev/null @@ -1,42 +0,0 @@ ---- lib/dns/sec/dst/openssl_link.c.orig Tue Mar 19 05:30:53 2002 -+++ lib/dns/sec/dst/openssl_link.c Fri Oct 25 21:35:29 2002 -@@ -40,7 +40,11 @@ - #include - #include - --#ifdef CRYPTO_LOCK_ENGINE -+#if defined(CRYPTO_LOCK_ENGINE) && (OPENSSL_VERSION_NUMBER < 0x00907000L) -+#define USE_ENGINE 1 -+#endif -+ -+#ifdef USE_ENGINE - #include - #endif - -@@ -48,7 +52,7 @@ - static isc_mutex_t *locks = NULL; - static int nlocks; - --#ifdef CRYPTO_LOCK_ENGINE -+#ifdef USE_ENGINE - static ENGINE *e; - #endif - -@@ -150,7 +154,7 @@ - rm->add = entropy_add; - rm->pseudorand = entropy_getpseudo; - rm->status = NULL; --#ifdef CRYPTO_LOCK_ENGINE -+#ifdef USE_ENGINE - e = ENGINE_new(); - if (e == NULL) { - result = ISC_R_NOMEMORY; -@@ -163,7 +167,7 @@ - #endif - return (ISC_R_SUCCESS); - --#ifdef CRYPTO_LOCK_ENGINE -+#ifdef USE_ENGINE - cleanup_rm: - mem_free(rm); - #endif diff --git a/net/bind9/pkg/DEINSTALL b/net/bind9/pkg/DEINSTALL deleted file mode 100644 index 81ebc833933..00000000000 --- a/net/bind9/pkg/DEINSTALL +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh -# -# $OpenBSD: DEINSTALL,v 1.2 2002/02/11 14:19:27 camield Exp $ - -PREFIX=${PKG_PREFIX:-/usr/local} - -[ -e /usr/sbin/lwresd ] || exit 0 - -$PREFIX/sbin/bind9-disable diff --git a/net/bind9/pkg/DESCR b/net/bind9/pkg/DESCR index 4dd20e66f64..1d8febc5a58 100644 --- a/net/bind9/pkg/DESCR +++ b/net/bind9/pkg/DESCR @@ -1,11 +1,8 @@ -BIND version 9 is a major rewrite of nearly all aspects of the underlying -BIND architecture. This re-architecting of BIND was necessitated by the -expected demands of domain name system growth, the need for secure queries -and zone transfers as well as IP version 6. +BIND version 9 libraries, include files and API manual pages Flavours: - static Do not use shared libraries + static Do not include shared libraries threads Build a multi-threaded named WWW: ${HOMEPAGE} diff --git a/net/bind9/pkg/DESCR-server b/net/bind9/pkg/DESCR-server new file mode 100644 index 00000000000..ac125ef25d9 --- /dev/null +++ b/net/bind9/pkg/DESCR-server @@ -0,0 +1,11 @@ +ISC BIND version 9 is a major rewrite of nearly all aspects of the +underlying BIND architecture. This re-architecting of BIND was +necessitated by the expected demands of domain name system growth, the +need for secure queries and zone transfers as well as IP version 6. + +Flavours: + + static Do not use shared libraries + threads Build a multi-threaded named + +WWW: ${HOMEPAGE} diff --git a/net/bind9/pkg/PFRAG.shared b/net/bind9/pkg/PFRAG.shared index 4109ce7be16..6ddc9bd39bf 100644 --- a/net/bind9/pkg/PFRAG.shared +++ b/net/bind9/pkg/PFRAG.shared @@ -1,7 +1,7 @@ -@comment $OpenBSD: PFRAG.shared,v 1.9 2002/07/07 11:21:59 jakob Exp $ +@comment $OpenBSD: PFRAG.shared,v 1.10 2003/01/25 14:14:37 jakob Exp $ lib/libdns.so.8.0 -lib/libisc.so.5.0 +lib/libisc.so.6.0 lib/libisccc.so.0.1 lib/libisccfg.so.0.3 -lib/liblwres.so.2.0 +lib/liblwres.so.2.1 DYNLIBDIR(%D/lib) diff --git a/net/bind9/pkg/PLIST b/net/bind9/pkg/PLIST index 57eb8e0b9bd..d9356d23ae2 100644 --- a/net/bind9/pkg/PLIST +++ b/net/bind9/pkg/PLIST @@ -1,9 +1,5 @@ -@comment $OpenBSD: PLIST,v 1.14 2003/01/21 17:29:09 jakob Exp $ -bin/dig -bin/host +@comment $OpenBSD: PLIST,v 1.15 2003/01/25 14:14:37 jakob Exp $ bin/isc-config.sh -bin/nslookup -bin/nsupdate include/dns/a6.h include/dns/acl.h include/dns/adb.h @@ -92,6 +88,7 @@ include/isc/hmacmd5.h include/isc/int.h include/isc/interfaceiter.h include/isc/lang.h +include/isc/lcg.h include/isc/lex.h include/isc/lfsr.h include/isc/lib.h @@ -175,8 +172,6 @@ lib/libisccfg.a lib/libisccfg.la lib/liblwres.a lib/liblwres.la -man/man1/dig.1 -man/man1/host.1 man/man3/lwres.3 man/man3/lwres_addr_parse.3 man/man3/lwres_buffer.3 @@ -262,65 +257,10 @@ man/man3/lwres_resutil.3 man/man3/lwres_sethostent.3 man/man3/lwres_sethostent_r.3 man/man3/lwres_string_parse.3 -man/man5/rndc.conf.5 -man/man8/dnssec-keygen.8 -man/man8/dnssec-makekeyset.8 -man/man8/dnssec-signkey.8 -man/man8/dnssec-signzone.8 -man/man8/lwresd.8 -man/man8/named-checkconf.8 -man/man8/named-checkzone.8 -man/man8/named.8 -man/man8/nsupdate.8 -man/man8/rndc-confgen.8 -man/man8/rndc.8 -sbin/bind9-disable -sbin/bind9-enable -sbin/dnssec-keygen -sbin/dnssec-makekeyset -sbin/dnssec-signkey -sbin/dnssec-signzone -sbin/lwresd -sbin/named -sbin/named-checkconf -sbin/named-checkzone -sbin/rndc -sbin/rndc-confgen -share/doc/bind9/arm/Bv9ARM.ch01.html -share/doc/bind9/arm/Bv9ARM.ch02.html -share/doc/bind9/arm/Bv9ARM.ch03.html -share/doc/bind9/arm/Bv9ARM.ch04.html -share/doc/bind9/arm/Bv9ARM.ch05.html -share/doc/bind9/arm/Bv9ARM.ch06.html -share/doc/bind9/arm/Bv9ARM.ch07.html -share/doc/bind9/arm/Bv9ARM.ch08.html -share/doc/bind9/arm/Bv9ARM.ch09.html -share/doc/bind9/arm/Bv9ARM.html -share/doc/bind9/misc/dnssec -share/doc/bind9/misc/ipv6 -share/doc/bind9/misc/migration -share/doc/bind9/misc/migration-4to9 -share/doc/bind9/misc/options -share/doc/bind9/misc/rfc-compliance -share/doc/bind9/misc/roadmap -share/doc/bind9/misc/sdb -share/examples/bind9/named.conf -share/examples/bind9/named.localhost -share/examples/bind9/named.loopback -share/examples/bind9/named.root %%SHARED%% -@dirrm share/examples/bind9 -@dirrm share/doc/bind9/misc -@dirrm share/doc/bind9/arm -@dirrm share/doc/bind9 @dirrm include/lwres @dirrm include/isccfg @dirrm include/isccc @dirrm include/isc @dirrm include/dst @dirrm include/dns -@dirrm bind/include/sys -@dirrm bind/include/isc -@dirrm bind/include/arpa -@dirrm bind/include -@dirrm bind diff --git a/net/bind9/pkg/PLIST-server b/net/bind9/pkg/PLIST-server new file mode 100644 index 00000000000..56abb1e6fa6 --- /dev/null +++ b/net/bind9/pkg/PLIST-server @@ -0,0 +1,50 @@ +@comment $OpenBSD: PLIST-server,v 1.1 2003/01/25 14:14:37 jakob Exp $ +bin/dig +bin/host +bin/nslookup +bin/nsupdate +man/man1/dig.1 +man/man1/host.1 +man/man5/rndc.conf.5 +man/man8/dnssec-keygen.8 +man/man8/dnssec-makekeyset.8 +man/man8/dnssec-signkey.8 +man/man8/dnssec-signzone.8 +man/man8/lwresd.8 +man/man8/named-checkconf.8 +man/man8/named-checkzone.8 +man/man8/named.8 +man/man8/nsupdate.8 +man/man8/rndc-confgen.8 +man/man8/rndc.8 +sbin/dnssec-keygen +sbin/dnssec-makekeyset +sbin/dnssec-signkey +sbin/dnssec-signzone +sbin/lwresd +sbin/named +sbin/named-checkconf +sbin/named-checkzone +sbin/rndc +sbin/rndc-confgen +share/doc/bind9/arm/Bv9ARM.ch01.html +share/doc/bind9/arm/Bv9ARM.ch02.html +share/doc/bind9/arm/Bv9ARM.ch03.html +share/doc/bind9/arm/Bv9ARM.ch04.html +share/doc/bind9/arm/Bv9ARM.ch05.html +share/doc/bind9/arm/Bv9ARM.ch06.html +share/doc/bind9/arm/Bv9ARM.ch07.html +share/doc/bind9/arm/Bv9ARM.ch08.html +share/doc/bind9/arm/Bv9ARM.ch09.html +share/doc/bind9/arm/Bv9ARM.html +share/doc/bind9/misc/dnssec +share/doc/bind9/misc/ipv6 +share/doc/bind9/misc/migration +share/doc/bind9/misc/migration-4to9 +share/doc/bind9/misc/options +share/doc/bind9/misc/rfc-compliance +share/doc/bind9/misc/roadmap +share/doc/bind9/misc/sdb +@dirrm share/doc/bind9/misc +@dirrm share/doc/bind9/arm +@dirrm share/doc/bind9