X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=blobdiff_plain;f=lfs%2Funbound;fp=lfs%2Fdnsmasq;h=9c8589367d2f8b8979ca4ed01c2bf1f04095d9c3;hp=7a11061dae2609de8ba07b6e00834f30dcff32d7;hb=5fba8a0b1ebcb29340e225707193c0147c4cb64a;hpb=3364c93e37c65ed8544066ed55afe1941b2b6f8d diff --git a/lfs/dnsmasq b/lfs/unbound similarity index 51% rename from lfs/dnsmasq rename to lfs/unbound index 7a11061dae..9c8589367d 100644 --- a/lfs/dnsmasq +++ b/lfs/unbound @@ -24,17 +24,14 @@ include Config -VER = 2.76 +VER = 1.5.9 -THISAPP = dnsmasq-$(VER) -DL_FILE = $(THISAPP).tar.xz +THISAPP = unbound-$(VER) +DL_FILE = $(THISAPP).tar.gz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) -# We cannot use INOTIFY because our ISC reader code does not support that -COPTS = -DHAVE_ISC_READER -DNO_INOTIFY - ############################################################################### # Top-level Rules ############################################################################### @@ -43,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 00f5ee66b4e4b7f14538bf62ae3c9461 +$(DL_FILE)_MD5 = 0cefa62c1690b4db18583db84bff00e3 install : $(TARGET) @@ -73,32 +70,40 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/001-Calculate_length_of_TFTP_error_reply_correctly.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/002-Zero_newly_malloc_ed_memory.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/003-Check_return_of_expand_always.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/004-Fix_editing_error_on_man_page.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/005-Manpage_typo.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/006-Fix_bad_behaviour_with_some_DHCP_option_arrangements.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/007-Fix_logic_error_in_Linux_netlink_code.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/008-Fix_problem_with_--dnssec-timestamp.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/009-malloc_memset_calloc_for_efficiency.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/010-Zero_packet_buffers_before_building_output_to_reduce_risk_of_information_leakage.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/011-Dont_reset_packet_length_on_transmission_in_case_of_retransmission.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/012-Compile-time_check_on_buffer_sizes_for_leasefile_parsing_code.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/013-auth-zone_allow_to_exclude_ip_addresses_from_answer.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/014-Bump_auth_zone_serial_when_reloading_etc_hosts_and_friends.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/015-Handle_v4-mapped_IPv6_addresses_sanely_for_--synth-domain.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq/016-Refactor_openBSD_pftables_code_to_remove_blatant_copyright_violation.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/dnsmasq-Add-support-to-read-ISC-DHCP-lease-file.patch - - cd $(DIR_APP) && sed -i src/config.h \ - -e 's|/\* #define HAVE_IDN \*/|#define HAVE_IDN|g' \ - -e 's|/\* #define HAVE_DNSSEC \*/|#define HAVE_DNSSEC|g' \ - -e 's|#define HAVE_DHCP|//#define HAVE_DHCP|g' \ - -e 's|#define HAVE_DHCP6|//#define HAVE_DHCP6|g' \ - -e 's|#define HAVE_TFTP|//#define HAVE_TFTP|g' - - cd $(DIR_APP) && make CFLAGS="$(CFLAGS)" COPTS="$(COPTS)" \ - PREFIX=/usr all install + cd $(DIR_APP) && \ + ./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --with-pidfile=/var/run/unbound.pid \ + --with-rootkey-file=/var/lib/unbound/root.key \ + --disable-static \ + --with-libevent + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + + # Install configuration + install -v -m 644 $(DIR_SRC)/config/unbound/unbound.conf \ + /etc/unbound/unbound.conf + touch /etc/unbound/{dhcp-leases,forward}.conf + -mkdir -pv /etc/unbound/local.d + + # Install root hints + install -v -m 644 $(DIR_SRC)/config/unbound/root.hints \ + /etc/unbound/root.hints + + # Install DHCP leases bridge + install -v -m 755 $(DIR_SRC)/config/unbound/unbound-dhcp-leases-bridge \ + /usr/sbin/unbound-dhcp-leases-bridge + + # Install key + -mkdir -pv /var/lib/unbound + install -v -m 644 $(DIR_SRC)/config/unbound/root.key \ + /var/lib/unbound/root.key + chown -Rv nobody.nobody /var/lib/unbound + + # Ship ICANN's certificates to validate DNS trust anchors + install -v -m 644 $(DIR_SRC)/config/unbound/icannbundle.pem \ + /etc/unbound/icannbundle.pem + @rm -rf $(DIR_APP) @$(POSTBUILD)