bind-9.11.0-P2 on Debian 9.0 (stretch)

Hi Folks,Just wonder if someone had success compiling bind-9.11.0-P2 on Debian 9.0 (stretch)?1) OpenSSL dependency danceI removed OpenSSL 1.1 and compiled OpenSSL 1.0.2e from sourceopenssl versionOpenSSL 1.0.2e 3 Dec 20152) configure./configure --prefix=/usr --mandir=/usr/share/man

Re: bind-9.11.0-P2 on Debian 9.0 (stretch)

Hi Tony, I agree and also didn’t like it but I had been told that OpenSSL 1.1 is currently not supported because they made backwards-incompatible API changes and this is the default on Debian stretch. That’s the reason why I compiled from source to get to 1.0 < 1.1 Wolfgang > On 26 Jan 2017,

Re: bind-9.11.0-P2 on Debian 9.0 (stretch)

Am 26.01.2017 um 16:30 schrieb Wolfgang Riedel: I agree and also didn’t like it but I had been told that OpenSSL 1.1 is currently not supported because they made backwards-incompatible API changes and this is the default on Debian stretch. That’s the reason why I compiled from source to get

Re: bind-9.11.0-P2 on Debian 9.0 (stretch)

Wolfgang Riedel wrote: > > Just wonder if someone had success compiling bind-9.11.0-P2 on Debian 9.0 > (stretch)? I haven't tried it myself. > 1) OpenSSL dependency dance > > I removed OpenSSL 1.1 and compiled OpenSSL 1.0.2e from source You'll probably have better luck

Re: bind-9.11.0-P2 on Debian 9.0 (stretch)

1) OpenSSL dependency dance I removed OpenSSL 1.1 and compiled OpenSSL 1.0.2e from source You'll probably have better luck installing Debian's libssl1.0-dev and related packages, rather than installing it yourself. Plain libssl-dev in Stretch is OpenSSL 1.1. If you install stuff yourself

Re: bind-9.11.0-P2 on Debian 9.0 (stretch)

OpenSSL 1.1 is currently not supported because they made > backwards-incompatible API changes ... Is this issue documented somewhere ? Dennis Clarke ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this

Re: bind-9.11.0-P2 on Debian 9.0 (stretch)

Am 26.01.2017 um 18:59 schrieb Dennis Clarke: OpenSSL 1.1 is currently not supported because they made backwards-incompatible API changes ... Is this issue documented somewhere? it was discussed multiple times here https://www.google.com/search?q=bind+openssl+1.1 when you follow several

Re: bind-9.11.0-P2 on Debian 9.0 (stretch)

Am 26.01.2017 um 19:55 schrieb Dennis Clarke: On 01/26/2017 06:48 PM, Reindl Harald wrote: libraries got overwritten by the package manager Impossible. If the user built or the vendor supplied software follows the rules of separation along with the RPATH and RUNPATH data inside the ELF

Re: bind-9.11.0-P2 on Debian 9.0 (stretch)

On 1/26/17 1:31 PM, Dennis Clarke wrote: > The POSIX and XPG4 approach [is a great idea] (My text in brackets) Said no one, ever. AlanC signature.asc Description: OpenPGP digital signature ___ Please visit

Re: bind-9.11.0-P2 on Debian 9.0 (stretch)

On 01/26/2017 06:39 PM, Alan Clegg wrote: On 1/26/17 1:31 PM, Dennis Clarke wrote: The POSIX and XPG4 approach [is a great idea] (My text in brackets) Said no one, ever. Clearly I just said it ... and have before ... as have others for about twenty years or at least since 1999.

Re: bind-9.11.0-P2 on Debian 9.0 (stretch)

On 1/26/17 1:50 PM, Dennis Clarke wrote: > On 01/26/2017 06:39 PM, Alan Clegg wrote: >> On 1/26/17 1:31 PM, Dennis Clarke wrote: >>> The POSIX and XPG4 approach [is a great idea] >> >> (My text in brackets) >> >> Said no one, ever. > >Clearly I just said it ... and have before ... as have

Re: bind-9.11.0-P2 on Debian 9.0 (stretch)

Am 26.01.2017 um 19:31 schrieb Dennis Clarke: 1) OpenSSL dependency dance I removed OpenSSL 1.1 and compiled OpenSSL 1.0.2e from source You'll probably have better luck installing Debian's libssl1.0-dev and related packages, rather than installing it yourself. Plain libssl-dev in Stretch is

allow-notify in catalog zones?

BIND 9.11 introduces catalog zones to simplify the management of slave servers. The documentation just mentions support for the "masters" (also with key), "allow-query" and "allow-transfer" options within the contents of a catalog zone. Can the "allow-notify" option be used, too, as an APL RR or

Re: bind-9.11.0-P2 on Debian 9.0 (stretch)

On 01/26/2017 06:48 PM, Reindl Harald wrote: librarie sgot overwritten by the package manager Impossible. If the user built or the vendor supplied software follows the rules of separation along with the RPATH and RUNPATH data inside the ELF dynamic sections then what you say is

Re: bind-9.11.0-P2 on Debian 9.0 (stretch)

Am 26.01.2017 um 19:50 schrieb Dennis Clarke: On 01/26/2017 06:39 PM, Alan Clegg wrote: On 1/26/17 1:31 PM, Dennis Clarke wrote: The POSIX and XPG4 approach [is a great idea] (My text in brackets) Said no one, ever. That wasn't the point however. The point is that the sources do exist

Re: Question on Bind validating resolver

Volker Janzen wrote: > > when my Bind resolver tries to get the A record for info.nominet.uk the > syslog gets lots of messages like this: > > Jan 25 21:15:52 box named[25097]: DNS format error from 173.245.58.93#53 > resolving info.nominet.uk/DS:

Re: bind 9.8.2 "no valid signature found"

Jim Garrison via bind-users wrote: > > Looking at the traffic with Wireshark, I see the RRSIG uses > ECDSA Curve P-256 with SHA-256. Should bind 9.8.2 be able to > recognize that algorithm or is a newer version of bind needed? The CHANGES file on the 9.8 branch says