Merge branch 'unbound' into next
[ipfire-2.x.git] / lfs / unbound
similarity index 51%
rename from lfs/dnsmasq
rename to lfs/unbound
index 7a11061..9c85893 100644 (file)
 
 include Config
 
-VER        = 2.76
+VER        = 1.5.9
 
-THISAPP    = dnsmasq-$(VER)
-DL_FILE    = $(THISAPP).tar.xz
+THISAPP    = unbound-$(VER)
+DL_FILE    = $(THISAPP).tar.gz
 DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 
-# We cannot use INOTIFY because our ISC reader code does not support that
-COPTS      = -DHAVE_ISC_READER -DNO_INOTIFY
-
 ###############################################################################
 # Top-level Rules
 ###############################################################################
@@ -43,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 00f5ee66b4e4b7f14538bf62ae3c9461
+$(DL_FILE)_MD5 = 0cefa62c1690b4db18583db84bff00e3
 
 install : $(TARGET)
 
@@ -73,32 +70,40 @@ $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @$(PREBUILD)
        @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/001-Calculate_length_of_TFTP_error_reply_correctly.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/002-Zero_newly_malloc_ed_memory.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/003-Check_return_of_expand_always.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/004-Fix_editing_error_on_man_page.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/005-Manpage_typo.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/006-Fix_bad_behaviour_with_some_DHCP_option_arrangements.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/007-Fix_logic_error_in_Linux_netlink_code.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/008-Fix_problem_with_--dnssec-timestamp.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/009-malloc_memset_calloc_for_efficiency.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/010-Zero_packet_buffers_before_building_output_to_reduce_risk_of_information_leakage.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/011-Dont_reset_packet_length_on_transmission_in_case_of_retransmission.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/012-Compile-time_check_on_buffer_sizes_for_leasefile_parsing_code.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/013-auth-zone_allow_to_exclude_ip_addresses_from_answer.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/014-Bump_auth_zone_serial_when_reloading_etc_hosts_and_friends.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/015-Handle_v4-mapped_IPv6_addresses_sanely_for_--synth-domain.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/016-Refactor_openBSD_pftables_code_to_remove_blatant_copyright_violation.patch
-       cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq-Add-support-to-read-ISC-DHCP-lease-file.patch
-
-       cd $(DIR_APP) && sed -i src/config.h \
-               -e 's|/\* #define HAVE_IDN \*/|#define HAVE_IDN|g' \
-               -e 's|/\* #define HAVE_DNSSEC \*/|#define HAVE_DNSSEC|g' \
-               -e 's|#define HAVE_DHCP|//#define HAVE_DHCP|g' \
-               -e 's|#define HAVE_DHCP6|//#define HAVE_DHCP6|g' \
-               -e 's|#define HAVE_TFTP|//#define HAVE_TFTP|g'
-
-       cd $(DIR_APP) && make CFLAGS="$(CFLAGS)" COPTS="$(COPTS)" \
-               PREFIX=/usr all install
+       cd $(DIR_APP) && \
+               ./configure \
+                       --prefix=/usr \
+                       --sysconfdir=/etc \
+                       --with-pidfile=/var/run/unbound.pid \
+                       --with-rootkey-file=/var/lib/unbound/root.key \
+                       --disable-static \
+                       --with-libevent
+       cd $(DIR_APP) && make $(MAKETUNING)
+       cd $(DIR_APP) && make install
+
+       # Install configuration
+       install -v -m 644 $(DIR_SRC)/config/unbound/unbound.conf \
+               /etc/unbound/unbound.conf
+       touch /etc/unbound/{dhcp-leases,forward}.conf
+       -mkdir -pv /etc/unbound/local.d
+
+       # Install root hints
+       install -v -m 644 $(DIR_SRC)/config/unbound/root.hints \
+               /etc/unbound/root.hints
+
+       # Install DHCP leases bridge
+       install -v -m 755 $(DIR_SRC)/config/unbound/unbound-dhcp-leases-bridge \
+               /usr/sbin/unbound-dhcp-leases-bridge
+
+       # Install key
+       -mkdir -pv /var/lib/unbound
+       install -v -m 644 $(DIR_SRC)/config/unbound/root.key \
+               /var/lib/unbound/root.key
+       chown -Rv nobody.nobody /var/lib/unbound
+
+       # Ship ICANN's certificates to validate DNS trust anchors
+       install -v -m 644 $(DIR_SRC)/config/unbound/icannbundle.pem \
+               /etc/unbound/icannbundle.pem
+
        @rm -rf $(DIR_APP)
        @$(POSTBUILD)