Date: Wed, 13 Jul 2016 13:29:18 +0000 (UTC) From: Erwin Lansing <erwin@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r418476 - in head/dns: . opendnssec2 opendnssec2/files Message-ID: <201607131329.u6DDTI99079693@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: erwin Date: Wed Jul 13 13:29:18 2016 New Revision: 418476 URL: https://svnweb.freebsd.org/changeset/ports/418476 Log: The current opendnssec porthas seen a massive rewrite by the upstream so it was rechristened opendnssec Version 2. To quote the announcement at <https://www.opendnssec.org>: "OpenDNSSEC got a entire re-write of the enforcer. This part of OpenDNSSEC controls changing signing keys in the right way to perform a roll-over. Before, the enforcer would perform a roll-over according to a strict paradigm. One scenario in which deviations would not be possible. The new enforcer is more aware of the zone changes being propagated in the Internet. It can therefore decide when it is safe to make changes, rather than to rely upon a given scenario. PR: 211018 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> Sponsored by: DK Hostmaster A/S Added: head/dns/opendnssec2/ head/dns/opendnssec2/Makefile (contents, props changed) head/dns/opendnssec2/distinfo (contents, props changed) head/dns/opendnssec2/files/ head/dns/opendnssec2/files/opendnssec.in (contents, props changed) head/dns/opendnssec2/files/pkg-message.in (contents, props changed) head/dns/opendnssec2/pkg-descr (contents, props changed) head/dns/opendnssec2/pkg-plist (contents, props changed) Modified: head/dns/Makefile Modified: head/dns/Makefile ============================================================================== --- head/dns/Makefile Wed Jul 13 13:26:29 2016 (r418475) +++ head/dns/Makefile Wed Jul 13 13:29:18 2016 (r418476) @@ -105,6 +105,7 @@ SUBDIR += opendd SUBDIR += opendnssec SUBDIR += opendnssec13 + SUBDIR += opendnssec2 SUBDIR += openresolv SUBDIR += p5-AnyEvent-CacheDNS SUBDIR += p5-AnyEvent-DNS-EtcHosts Added: head/dns/opendnssec2/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/dns/opendnssec2/Makefile Wed Jul 13 13:29:18 2016 (r418476) @@ -0,0 +1,84 @@ +# Created by: Jaap Akkerhuis <jaap@NLnetLabs.nl> +# $FreeBSD$ + +PORTNAME= opendnssec +PORTVERSION= 2.0.0 +CATEGORIES= dns +MASTER_SITES= http://dist.opendnssec.org/source/ +PKGNAMESUFFIX= 2 + +MAINTAINER= jaap@NLnetLabs.nl +COMMENT= Tool suite for maintaining DNSSEC + +LICENSE= BSD3CLAUSE + +BUILD_DEPENDS= ldns>=1.6.16:dns/ldns +LIB_DEPENDS= libldns.so:dns/ldns + +GNU_CONFIGURE= yes +CONFIGURE_ARGS= --localstatedir="${PREFIX}/var" +USE_RC_SUBR= opendnssec +USE_GNOME= libxml2 +USES= perl5 +USES= ssl +USE_LDCONFIG= yes + +SUB_FILES+= pkg-message + +CONFLICTS= opendnssec-1.[0-4]* + +USERS= opendnssec +GROUPS= opendnssec + +PORTDOCS= MIGRATION NEWS README.md +MIGRATE= README.md find_problematic_zones.sql \ + convert_mysql mysql_convert.sql \ + convert_sqlite sqlite_convert.sql + +OPTIONS_DEFINE= SOFTHSM DOCS +OPTIONS_SUB= yes + +OPTIONS_SINGLE= DB +OPTIONS_SINGLE_DB= SQLITE MYSQL + +OPTIONS_DEFAULT= DOCS SQLITE + +SOFTHSM_DESC= SoftHSM cryptographic store for PKCS \#11 interface + +MYSQL_DESC= Use MYSQL backend +SQLITE_DESC= Use SQLite backend + +.include <bsd.port.options.mk> + +.if ${PORT_OPTIONS:MMYSQL} +CONFIGURE_ARGS+= --with-enforcer-database=mysql +USES+= mysql +.endif + +.if ${PORT_OPTIONS:MSQLITE} +USES= sqlite +CONFIGURE_ARGS+= --with-enforcer-database=sqlite3 +BUILD_DEPENDS+= sqlite3>=3.3.9:databases/sqlite3 +.endif + +.if ${PORT_OPTIONS:MSOFTHSM} +CONFIGURE_ARGS+= --with-pkcs11-softhsm=${LOCALBASE}/lib/softhsm/libsofthsm.so +RUN_DEPENDS+= softhsm>=1.2.0:security/softhsm +.endif + +pre-install: +.if ${PORT_OPTIONS:MMYSQL} + ${REINPLACE_CMD} -e '/REQUIRE:/ s|$$| mysql|' ${WRKDIR}/opendnssec +.endif + +post-install: +.if ${PORT_OPTIONS:MDOCS} + @${MKDIR} ${STAGEDIR}${DOCSDIR} + ${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/|} ${STAGEDIR}${DOCSDIR} + ${MKDIR} ${STAGEDIR}${DOCSDIR}/1.4-2.0_db_convert + ${INSTALL_DATA} \ + ${MIGRATE:S|^|${WRKSRC}/enforcer/utils/1.4-2.0_db_convert/|} \ + ${STAGEDIR}${DOCSDIR}/1.4-2.0_db_convert +.endif + +.include <bsd.port.mk> Added: head/dns/opendnssec2/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/dns/opendnssec2/distinfo Wed Jul 13 13:29:18 2016 (r418476) @@ -0,0 +1,3 @@ +TIMESTAMP = 1467876838 +SHA256 (opendnssec-2.0.0.tar.gz) = 3f3087ee1f2dee8b55d823d4b6825dc0212ea5162965382df11b2de36b888b7f +SIZE (opendnssec-2.0.0.tar.gz) = 1072734 Added: head/dns/opendnssec2/files/opendnssec.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/dns/opendnssec2/files/opendnssec.in Wed Jul 13 13:29:18 2016 (r418476) @@ -0,0 +1,33 @@ +#!/bin/sh + +# $FreeBSD$ +# +# PROVIDE: opendnssec +# REQUIRE: LOGIN DAEMON +# KEYWORD: shutdown +# +# Add the following line to /etc/rc.conf to enable opendnssec: +# +# opendnssec_enable="YES" + +. /etc/rc.subr + +name=opendnssec +rcvar=opendnssec_enable + +load_rc_config $name + +opendnssec_enable=${opendnssec_enable:-"NO"} + +start_cmd="${name}_run start" +stop_cmd="${name}_run stop" +extra_commands="reload ksm hsm signer enforcer" + +procname=${opendnssec_procname} + +opendnssec_run() +{ + %%PREFIX%%/sbin/ods-control $1 +} + +run_rc_command "$1" Added: head/dns/opendnssec2/files/pkg-message.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/dns/opendnssec2/files/pkg-message.in Wed Jul 13 13:29:18 2016 (r418476) @@ -0,0 +1,27 @@ +###### +# A manual migration step is needed to migration from 1.4 to 2.0. +# +# First migrate to at least the 1.4.10 release if you have not already done +# so. +# +# Review the documentation on the OpenDNSSEC site. This can be +# updated in between releases to provide more help. Especially if +# you have tooling around OpenDNSSEC you should be aware that some +# command line utilities have changed. A fair amount of backward +# compatibility has been respected, but changes are present. +# +# The enforcer does require a full migration, as the internal database has +# been completely revised. See the documentation in +# %%DOCSDIR%%/1.4-2.0_db_convert/README.md for a description. +# +# Migration scripts are installed in %%DOCSDIR%%. +# +# The signer does not require any migration. Backward compatibility is +# respected from earlier 1.4 release. The signer should not require a +# full resign of your zone when upgrading, however if you decide to downgrade +# a full resign is required. +###### + +An HowTo is provided at +<https://wiki.opendnssec.org/display/DOCS20/Quick+start+guide>; + Added: head/dns/opendnssec2/pkg-descr ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/dns/opendnssec2/pkg-descr Wed Jul 13 13:29:18 2016 (r418476) @@ -0,0 +1,5 @@ +OpenDNSSEC was created as an open-source turn-key solution for +DNSSEC. It secures zone data just before it is published in an +authoritative name server. + +WWW: http://www.opendnssec.org Added: head/dns/opendnssec2/pkg-plist ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/dns/opendnssec2/pkg-plist Wed Jul 13 13:29:18 2016 (r418476) @@ -0,0 +1,65 @@ +bin/ods-hsmspeed +bin/ods-hsmutil +bin/ods-kasp2html +bin/ods-kaspcheck +bin/ods-ksmutil +@sample %%ETCDIR%%/addns.xml.sample +@sample %%ETCDIR%%/conf.xml.sample +@sample %%ETCDIR%%/kasp.xml.sample +@sample %%ETCDIR%%/zonelist.xml.sample +man/man1/ods-hsmspeed.1.gz +man/man1/ods-hsmutil.1.gz +man/man1/ods-kaspcheck.1.gz +man/man1/ods-ksmutil.1.gz +man/man5/ods-kasp.5.gz +man/man5/ods-timing.5.gz +man/man7/opendnssec.7.gz +man/man8/ods-control.8.gz +man/man8/ods-enforcer-db-setup.8.gz +man/man8/ods-enforcer.8.gz +man/man8/ods-enforcerd.8.gz +man/man8/ods-signer.8.gz +man/man8/ods-signerd.8.gz +sbin/ods-control +sbin/ods-enforcer +sbin/ods-enforcer-db-setup +sbin/ods-enforcerd +sbin/ods-migrate +sbin/ods-signer +sbin/ods-signerd +%%PORTDOCS%%%%DOCSDIR%%/1.4-2.0_db_convert/README.md +%%PORTDOCS%%%%DOCSDIR%%/1.4-2.0_db_convert/convert_mysql +%%PORTDOCS%%%%DOCSDIR%%/1.4-2.0_db_convert/convert_sqlite +%%PORTDOCS%%%%DOCSDIR%%/1.4-2.0_db_convert/find_problematic_zones.sql +%%PORTDOCS%%%%DOCSDIR%%/1.4-2.0_db_convert/mysql_convert.sql +%%PORTDOCS%%%%DOCSDIR%%/1.4-2.0_db_convert/sqlite_convert.sql +%%DATADIR%%/addns.rnc +%%DATADIR%%/addns.rng +%%DATADIR%%/conf.rnc +%%DATADIR%%/conf.rng +%%DATADIR%%/enforcerstate.rnc +%%DATADIR%%/enforcerstate.rng +%%DATADIR%%/kasp.rnc +%%DATADIR%%/kasp.rng +%%DATADIR%%/kasp2html.xsl +@comment %%SQLITE%%%%DATADIR%%/migrate_1_4_8.sqlite3 +@comment %%SQLITE%%%%DATADIR%%/migrate_adapters_1.sqlite3 +@comment %%SQLITE%%%%DATADIR%%/migrate_keyshare_sqlite3.pl +@comment %%SQLITE%%%%DATADIR%%/migrate_to_ng_sqlite.pl +@comment %%MYSQL%%%%DATADIR%%/migrate_1_4_8.mysql +@comment %%MYSQL%%%%DATADIR%%/migrate_adapters_1.mysql +@comment %%MYSQL%%%%DATADIR%%/migrate_keyshare_mysql.pl +@comment %%MYSQL%%%%DATADIR%%/migrate_zone_delete.mysql +@comment %%MYSQL%%%%DATADIR%%/migrate_id_mysql.pl +@comment %%MYSQL%%%%DATADIR%%/migrate_to_ng_mysql.pl +%%DATADIR%%/signconf.rnc +%%DATADIR%%/signconf.rng +%%DATADIR%%/zonelist.rnc +%%DATADIR%%/zonelist.rng +@dir(opendnssec,opendnssec,) var/opendnssec +@dir(opendnssec,opendnssec,) var/opendnssec/enforcer +@dir(opendnssec,opendnssec,) var/opendnssec/signconf +@dir(opendnssec,opendnssec,) var/opendnssec/signed +@dir(opendnssec,opendnssec,) var/opendnssec/signer +@dir(opendnssec,opendnssec,) var/opendnssec/unsigned +@dir(opendnssec,opendnssec,) var/run/opendnssec
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201607131329.u6DDTI99079693>