Hello community, here is the log from the commit of package ldns for openSUSE:Factory checked in at 2017-11-26 10:34:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ldns (Old) and /work/SRC/openSUSE:Factory/.ldns.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ldns" Sun Nov 26 10:34:50 2017 rev:13 rq:542906 version:1.7.0 Changes: -------- --- /work/SRC/openSUSE:Factory/ldns/ldns.changes 2016-05-23 16:36:15.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.ldns.new/ldns.changes 2017-11-26 10:34:54.614966951 +0100 @@ -1,0 +2,91 @@ +Thu Nov 16 14:17:03 UTC 2017 - [email protected] + +- disable DANE verification when building with openssl < 1.1 to fix + build on distributions that have openssl 1.0.x + +------------------------------------------------------------------- +Sun Aug 27 20:46:30 UTC 2017 - [email protected] + +- Update descriptions. + +------------------------------------------------------------------- +Fri Aug 18 10:57:32 UTC 2017 - [email protected] + +- Update to version 1.7.0 + * Ldns built with openssl-1.1.0 [bsc#1042653] + * Fix #551 change Regent to Copyright holder in BSD license in some of + the headings of the file, to match the opensource.org BSD license. + * -e option makes ldns-compare-zones exit with status code 2 on difference + * Filter out specified RR types with ldns-read-zone -e and -E options + * bugfix #563: Correct DNSKEY from DSA private key. + * bugfix #562: ldns-keygen match DSA key maximum size with library. + And check keysizes with all algorithms. + * ldns-verify-zone accepts only one single zonefile as argument. + * bugfix #573: ldns-keygen write private keys with mode 0600. + * Fix configure to make ldns compile with LibreSSL 2.0 + * drill now also accepts dig style -y option + (-y <[algo:]name:key> i.s.o. -y <name:key[:algo]>) + * OPENPGPKEY draft rr types. Enable with: --enable-rrtype-openpgpkey + * bugfix #608: Correct comment about escaped characters + * CDS and CDNSKEY rr type from RFC 7344. --enable-rrtype-cds configure + option removed + * fix: Memory leak in ldns_pkt_rr_list_by_name() + * fix: Memory leak in ldns_dname2buffer_wire_compress() + * bugfix #613: Allow tab as whitespace too in last rdata field of types + of variable length. + * bugfix: strip trailing whitespace from $ORIGIN lines in zone files + * Let ldns-keygen output .ds files only for KSK keys + * Parse RFC7218 TLSA mnemonics, but do not output them + * Let ldns-dane use SPKI as the default selector i.s.o. Cert + * bugfix: Fit left over NSEC3s once more before adding empty non terminals + * bugfix #605: Determine default trust anchor location at compile time + * bugfix #697: Double free with ldns-dane create + * bugfix #623: Do not redefine bool type and boolean values + * bugfix #570: Add TLSA, CDS, CDNSKEY and OPENPGPKEY RR types to ldnsx + * bugfix #575: ldns_pkt_clone() does not copy timestamp field + * bugfix #584: ldns-update fixes. Send update to port 53, bring manpage + in sync with the usage text, and don't alter the ldns_resolver passed + to ldns_update_soa_zone_mname(). Created a ldns_resolver_clone() + function in the process. + * bugfix #633: ldns_pkt_clone() parameter isn't const. + * bugfix: ldns-dane manpage correction + * RFC7553 RR Type URI is supported by default. + * Fix ECDSA signature generation, do not omit leading zeroes. + * bugfix: Get rid of superfluous newline in ldns-keyfetcher + * bugfix: -U option to ldns-signzone to sign with every algorithm + * const function parameters whenever possible. + * bugfix #725: allow RR-types on the type bitmap window border + * Add type CSYNC support, RFC 7477. + * Prepare for ED25519, ED448 support: todo convert* routines in dnssec.h, + once openssl has support for signing with these algorithms. The dns + algorithm number is not yet allocated. These features are not fully + implemented yet, openssl (1.1) does not support the algorithms enough + to generate keys and sign and verify with them. + * Fix drill axfr ipv4/ipv6 queries. + * Fix for openssl 1.1.0 API changes. + * bugfix #825: Module import breaks with newer SWIG versions. + * bugfix #769: Add support for :: in an IPv6 address + * bugfix #708: warnings and errors with xcode 6.1/7.0 + * bugfix #754: Memory leak in ldns_str2rdf_ipseckey + * bugfix #661: Fail NSEC3 signing when NSEC domainname length would + overflow. + * bugfix #771: hmac-sha224, hmac-sha384 and hmac-sha512 keys. + * bugfix #680: ldns fails to reject invalidly formatted RFC 7553 URI RRs. + * bugfix #678: Use poll i.s.o. select to support > 1024 fds + * Use OpenSSL DANE functions for verification (unless explicitly disabled + with --disable-dane-ta-usage). + * Bumb .so version + * Include OPENPGPKEY RR type by default + * rdata processing for SMIMEA RR type + * Fix crash in displaying TLSA RR's. + * Update ldns-key2ds man page to mention GOST and SHA384 hash functions. + * Add sha384 and sha512 tsig algorithm. + * Clarify data ownership with consts for tsig parameters. + * bugfix: Fix detection of DSA support with OpenSSL >= 1.1.0 + * bugfix #1160: Provide sha256 for release tarballs + * --enable-gost-anyway compiles GOST support with OpenSSL >= 1.1.0 even + when the GOST engine is not available. + +- Dropped patch ldns-perl-5.22.patch + +------------------------------------------------------------------- Old: ---- ldns-1.6.17.tar.gz ldns-perl-5.22.patch New: ---- ldns-1.7.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ldns.spec ++++++ --- /var/tmp/diff_new_pack.7jy9h8/_old 2017-11-26 10:34:56.322904671 +0100 +++ /var/tmp/diff_new_pack.7jy9h8/_new 2017-11-26 10:34:56.326904525 +0100 @@ -1,7 +1,7 @@ # # spec file for package ldns # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,115 +15,81 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # -# gost needs openssl >= 1.0 -# we need at least 5.14.2 -%if 0%{?suse_version} > 1110 -%bcond_without gost -%bcond_without perl -%bcond_without python -%else -%bcond_with gost -%bcond_with perl -%bcond_with python -%endif +%define libname libldns2 Name: ldns -Version: 1.6.17 +Version: 1.7.0 Release: 0 -# -# -BuildRoot: %{_tmppath}/%{name}-%{version}-build +Summary: A library for developing the Domain Name System +License: BSD-3-Clause +Group: Development/Libraries/C and C++ +Url: http://www.nlnetlabs.nl/projects/ldns/ +Source: http://www.nlnetlabs.nl/downloads/ldns/ldns-%{version}.tar.gz BuildRequires: doxygen BuildRequires: fdupes +BuildRequires: libopenssl-devel BuildRequires: libpcap-devel -BuildRequires: openssl-devel -%if %{with python} +BuildRequires: perl-Devel-CheckLib BuildRequires: python-devel -%endif BuildRequires: swig -# -Url: http://www.nlnetlabs.nl/projects/ldns/ -Source: http://www.nlnetlabs.nl/downloads/ldns/ldns-%{version}.tar.gz -Patch0: ldns-perl-5.22.patch -# -Summary: A dns library -License: BSD-3-Clause -Group: Development/Libraries/C and C++ %description -The goal of ldns is to simplify DNS programming, it supports recent RFCs like -the DNSSEC documents, and allows developers to easily create software -conforming to current RFCs, and experimental software for current Internet -Drafts. A secondary benefit of using ldns is speed; ldns is written in C it -should be a lot faster than Perl. +ldns is a C library that can be used for domain name system (DNS) +development. It supports RFCs like the DNSSEC documents, and allows +developers to create software conforming to RFCs, as well as +experimental software for current Internet Drafts. This package holds the tools/examples from ldns. -%package -n libldns1 -# -Summary: Tools from ldns -Group: Productivity/Networking/DNS/Servers - -%description -n libldns1 -The goal of ldns is to simplify DNS programming, it supports recent RFCs like -the DNSSEC documents, and allows developers to easily create software -conforming to current RFCs, and experimental software for current Internet -Drafts. A secondary benefit of using ldns is speed; ldns is written in C it -should be a lot faster than Perl. - +%package -n %{libname} +Summary: A library for developing the Domain Name System +Group: System/Libraries + +%description -n %{libname} +ldns is a C library that can be used for domain name system (DNS) +development. It supports RFCs like the DNSSEC documents, and allows +developers to create software conforming to RFCs, as well as +experimental software for current Internet Drafts. %package devel -Requires: libldns1 = %{version} -# Openssl-devel is needed as dnssec.h has a #include ssl.h statement. -Requires: openssl-devel -# Summary: Development files for ldns Group: Development/Libraries/C and C++ +Requires: %{libname} = %{version} +Requires: openssl-devel %description devel -The goal of ldns is to simplify DNS programming, it supports recent RFCs like -the DNSSEC documents, and allows developers to easily create software -conforming to current RFCs, and experimental software for current Internet -Drafts. A secondary benefit of using ldns is speed; ldns is written in C it -should be a lot faster than Perl. - +ldns is a C library that can be used for domain name system (DNS) +development. It supports RFCs like the DNSSEC documents, and allows +developers to create software conforming to RFCs, as well as +experimental software for current Internet Drafts. This package holds the development files. -%if %{with python} %package -n python-ldns Summary: Python bindings for ldns -Group: Productivity/Networking/DNS/Servers -# doesn't use symbol versioning -Requires: libldns1 >= %version +Group: Development/Languages/Python +Requires: %{libname} >= %{version} %description -n python-ldns -Python bindings for ldns library +Python bindings for the ldns library -%endif - -%if %{with perl} %package -n perl-DNS-LDNS Summary: Perl bindings for ldns -Group: Productivity/Networking/DNS/Servers -# doesn't use symbol versioning -Requires: libldns1 >= %version +Group: Development/Languages/Perl +Requires: %{libname} >= %{version} %description -n perl-DNS-LDNS -Perl bindings for ldns library - -%endif +Perl bindings for the ldns library. %prep %setup -q -%patch0 -p1 %build export CFLAGS="%{optflags} -fno-strict-aliasing" +if pkg-config --max-version=1.1.0 openssl; then + DISABLE_DANE="--disable-dane-verify" +fi %configure \ -%if ! %{with gost} - --disable-gost \ -%endif --disable-rpath \ --disable-static \ --enable-rrtype-ninfo \ @@ -131,52 +97,43 @@ --enable-rrtype-cds \ --enable-rrtype-uri \ --enable-rrtype-ta \ -%if %{with python} --with-pyldns \ --with-pyldnsx \ -%endif -%if %{with perl} - --with-p5-dns-ldns \ -%endif --with-drill \ --with-examples \ - --with-ca-path=/etc/ssl/certs/ -%{__make} %{?_smp_mflags} + --with-ca-path=%{_sysconfdir}/ssl/certs/ \ + $DISABLE_DANE +make %{?_smp_mflags} + +# We cannot use the built-in --with-p5-dns-ldns +pushd contrib/DNS-LDNS +LD_LIBRARY_PATH="../../lib:$LD_LIBRARY_PATH" perl \ + Makefile.PL INSTALLDIRS=vendor INC="-I. -I../.." LIBS="-L../../lib" +make %{?_smp_mflags} +popd %install -make DESTDIR="%{buildroot}" \ +make DESTDIR=%{buildroot} \ install \ install-drill \ install-examples -%if %{with python} -make DESTDIR="%{buildroot}" \ +make DESTDIR=%{buildroot} \ install-pyldns \ install-pyldnsx -%{__rm} -v %{buildroot}%{python_sitearch}/*.la -%endif - -%if %{with perl} -pushd contrib/DNS-LDNS -%perl_make_install -%perl_process_packlist -popd -%{__rm} -rfv %{buildroot}%{perl_sitearch}/ -%endif - -%{__rm} -v %{buildroot}%{_libdir}/libldns.*a -# -%fdupes %buildroot%_mandir +rm -v %{buildroot}%{python_sitearch}/*.la -%clean -%{__rm} -rf %{buildroot} +make -C contrib/DNS-LDNS DESTDIR=%{buildroot} pure_install +chmod 755 %{buildroot}%{perl_vendorarch}/auto/DNS/LDNS/LDNS.so +rm -f %{buildroot}%{perl_vendorarch}/auto/DNS/LDNS/{.packlist,LDNS.bs} -%post -n libldns1 -p /sbin/ldconfig +rm -v %{buildroot}%{_libdir}/libldns.*a +%fdupes %{buildroot}%{_mandir} -%postun -n libldns1 -p /sbin/ldconfig +%post -n %{libname} -p /sbin/ldconfig +%postun -n %{libname} -p /sbin/ldconfig %files -%defattr(-,root,root,-) %{_bindir}/drill %{_bindir}/ldns-chaos %{_bindir}/ldns-compare-zones @@ -206,33 +163,25 @@ %{_mandir}/man1/drill.1* %{_mandir}/man1/ldns*.1* -%files -n libldns1 -%defattr(-,root,root,-) -%{_libdir}/libldns.so.1* +%files -n %{libname} +%{_libdir}/libldns.so.* %files devel -%defattr(-,root,root,-) %{_bindir}/ldns-config %{_includedir}/ldns/ %{_libdir}/libldns.so %{_mandir}/man3/ldns*.3* %doc libdns.vim LICENSE README* -%if %{with perl} %files -n perl-DNS-LDNS -%defattr(-,root,root) %{perl_vendorarch}/DNS/LDNS.pm %dir %{perl_vendorarch}/DNS/ %{perl_vendorarch}/DNS/LDNS/ %dir %{perl_vendorarch}/auto/DNS/ %{perl_vendorarch}/auto/DNS/LDNS/ %{_mandir}/man3/DNS::LDNS*3pm* -%endif -%if %{with python} %files -n python-ldns -%defattr(-,root,root) %{python_sitearch}/*ldns* -%endif %changelog ++++++ ldns-1.6.17.tar.gz -> ldns-1.7.0.tar.gz ++++++ ++++ 52228 lines of diff (skipped)
