From: Willem Toorop Date: Fri, 14 Nov 2014 12:04:04 +0000 (+0100) Subject: bugfix #605: default TA location at compile time X-Git-Tag: release-1.7.0-rc1~127 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4b87209739aee01f56db03247e204f820ef64330;p=thirdparty%2Fldns.git bugfix #605: default TA location at compile time Thanks Peter Koch --- diff --git a/Changelog b/Changelog index d1df1c04..0b2b160d 100644 --- a/Changelog +++ b/Changelog @@ -32,6 +32,8 @@ TBD * Let ldns-dane use SPKI as the default selector i.s.o. Cert * bugfix: Fit left over NSEC3s once more before adding empty non terminals. Thanks Stuart Browne + * bugfix #605: Determine default trust anchor location at compile time + Thanks Peter Koch 1.6.17 2014-01-10 * Fix ldns_dnssec_zone_new_frm_fp_l to allow the last parsed line of a diff --git a/Makefile.in b/Makefile.in index a0f9dfa6..0da5761e 100644 --- a/Makefile.in +++ b/Makefile.in @@ -12,6 +12,7 @@ datarootdir = @datarootdir@ datadir = @datadir@ libdir = @libdir@ includedir = @includedir@ +sysconfdir = @sysconfdir@ doxygen = @doxygen@ pywrapdir = $(srcdir)/contrib/python pyldnsxwrapdir = $(srcdir)/contrib/ldnsx @@ -27,13 +28,21 @@ pyldnsx_uninst = @PYLDNSXUNINST@ libtool = @libtool@ CONFIG_FILES = @CONFIG_FILES@ +LDNS_TRUST_ANCHOR_FILE = @LDNS_TRUST_ANCHOR_FILE@ +DEFAULT_CAFILE = @DEFAULT_CAFILE@ +DEFAULT_CAPATH = @DEFAULT_CAPATH@ + +edit = sed \ + -e 's|@LDNS_TRUST_ANCHOR_FILE[@]|$(LDNS_TRUST_ANCHOR_FILE)|g' \ + -e 's|@DEFAULT_CAFILE[@]|$(DEFAULT_CAFILE)|g' \ + -e 's|@DEFAULT_CAPATH[@]|$(DEFAULT_CAPATH)|g' + # override $U variable which is used by autotools for deansification (for # K&R C compilers), but causes problems if $U is defined in the env). U= - CC = @CC@ CFLAGS = @CFLAGS@ -CPPFLAGS = -I. -I$(srcdir) @CPPFLAGS@ @DEFS@ +CPPFLAGS = -I. -I$(srcdir) @CPPFLAGS@ @DEFS@ -DLDNS_TRUST_ANCHOR_FILE="\"$(LDNS_TRUST_ANCHOR_FILE)\"" LDFLAGS = @LDFLAGS@ LIBS = @LIBS@ LIBOBJDIR = compat/ @@ -129,7 +138,7 @@ putdown-builddir: if test -d drill -a ! -f drill/README ; then rmdir drill || : ; fi if test -d compat -a ! -f compat/malloc.c; then rmdir compat || : ; fi -drill: no-drill-config-h drill/drill +drill: no-drill-config-h drill/drill drill/drill.1 no-drill-config-h: @if test -e $(srcdir)/drill/config.h -o -e drill/config.h ; \ then echo "A config.h was detected in the drill subdirectory." ; \ @@ -138,10 +147,14 @@ no-drill-config-h: echo "or build drill there." ; \ exit -1 ; \ fi + drill/drill: $(DRILL_LOBJS) $(LIB) $(LINK_EXE) $(DRILL_LOBJS) $(LIBS) $(LIBSSL_LIBS) -lldns -o drill/drill -install-drill: drill/drill +drill/drill.1: $(srcdir)/drill/drill.1.in + $(edit) $(srcdir)/drill/drill.1.in > drill/drill.1 + +install-drill: drill/drill drill/drill.1 $(INSTALL) -m 755 -d $(DESTDIR)$(bindir) $(INSTALL) -m 755 -d $(DESTDIR)$(mandir) $(INSTALL) -m 755 -d $(DESTDIR)$(mandir)/man1 @@ -154,9 +167,9 @@ uninstall-drill: test ! -d $(DESTDIR)$(bindir) || rmdir -p $(DESTDIR)$(bindir) || : ; clean-drill: - $(LIBTOOL) --mode clean rm -f $(DRILL_LOBJS) drill/drill + $(LIBTOOL) --mode clean rm -f $(DRILL_LOBJS) drill/drill drill/drill.1 -examples: no-examples-config-h $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS) +examples: no-examples-config-h $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS) examples/ldns-dane.1 examples/ldns-verify-zone.1 no-examples-config-h: @if test -e $(srcdir)/examples/config.h -o -e examples/config.h ; \ then echo "A config.h was detected in the examples subdirectory." ; \ @@ -183,7 +196,13 @@ $(LDNS_DANE): $(EX_SSL_PROGS): $(LINK_EXE) $@.lo $(LIBS) $(LIBSSL_LIBS) -lldns -o $@ -install-examples: $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS) +examples/ldns-dane.1: $(srcdir)/examples/ldns-dane.1.in + $(edit) $(srcdir)/examples/ldns-dane.1.in > examples/ldns-dane.1 + +examples/ldns-verify-zone.1: $(srcdir)/examples/ldns-verify-zone.1.in + $(edit) $(srcdir)/examples/ldns-verify-zone.1.in > examples/ldns-verify-zone.1 + +install-examples: $(EXAMPLE_PROGS) $(TESTNS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS) examples/ldns-dane.1 examples/ldns-verify-zone.1 $(INSTALL) -m 755 -d $(DESTDIR)$(bindir) $(INSTALL) -m 755 -d $(DESTDIR)$(mandir) $(INSTALL) -m 755 -d $(DESTDIR)$(mandir)/man1 @@ -206,6 +225,7 @@ clean-examples: $(LIBTOOL) --mode clean rm -f $(EXAMPLE_PROGS) $(LIBTOOL) --mode clean rm -f $(TESTNS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS) $(LIBTOOL) --mode clean rm -f $(EXAMPLE_LOBJS) + $(LIBTOOL) --mode clean rm -f examples/ldns-dane.1 examples/ldns-verify-zone.1 linktest: $(srcdir)/linktest.c libldns.la $(COMP_LIB) $(LIBSSL_CPPFLAGS) -c $(srcdir)/linktest.c -o linktest.lo diff --git a/configure.ac b/configure.ac index c582621d..5cdee61c 100644 --- a/configure.ac +++ b/configure.ac @@ -121,14 +121,12 @@ This does not work with the --with-drill option. Please remove the config.h from the drill subdirectory or do not use the --with-drill option.]) fi - DRILL_CONFIG=" drill/drill.1" else AC_SUBST(DRILL,[""]) AC_SUBST(INSTALL_DRILL,[""]) AC_SUBST(UNINSTALL_DRILL,[""]) AC_SUBST(CLEAN_DRILL,[""]) AC_SUBST(LINT_DRILL,[""]) - DRILL_CONFIG="" fi @@ -148,14 +146,12 @@ This does not work with the --with-examples option. Please remove the config.h from the examples subdirectory or do not use the --with-examples option.]) fi - EXAMPLES_CONFIG=" examples/ldns-dane.1 examples/ldns-verify-zone.1" else AC_SUBST(EXAMPLES,[""]) AC_SUBST(INSTALL_EXAMPLES,[""]) AC_SUBST(UNINSTALL_EXAMPLES,[""]) AC_SUBST(CLEAN_EXAMPLES,[""]) AC_SUBST(LINT_EXAMPLES,[""]) - EXAMPLES_CONFIG="" fi # add option to disable installation of ldns-config script @@ -627,23 +623,11 @@ fi AC_DEFINE([SYSCONFDIR], [sysconfdir], [System configuration dir]) AC_ARG_WITH(trust-anchor, AC_HELP_STRING([--with-trust-anchor=KEYFILE], [Default location of the trust anchor file for drill and ldns-dane. [default=SYSCONFDIR/unbound/root.key]]), [ - LDNS_TRUST_ANCHOR_FILE="$withval" + AC_SUBST([LDNS_TRUST_ANCHOR_FILE], ["$withval"]) + AC_MSG_NOTICE([Default trust anchor: $withval]) ],[ - if test "x$LDNS_TRUST_ANCHOR_FILE" = "x"; then - if test "x$sysconfdir" = 'x${prefix}/etc' ; then - if test "x$prefix" = 'xNONE' ; then - LDNS_TRUST_ANCHOR_FILE="/etc/unbound/root.key" - else - LDNS_TRUST_ANCHOR_FILE="${prefix}/etc/unbound/root.key" - fi - else - LDNS_TRUST_ANCHOR_FILE="${sysconfdir}/unbound/root.key" - fi - fi + AC_SUBST([LDNS_TRUST_ANCHOR_FILE], ["\$(sysconfdir)/unbound/root.key"]) ]) -AC_DEFINE_UNQUOTED([LDNS_TRUST_ANCHOR_FILE], ["$LDNS_TRUST_ANCHOR_FILE"], [Default trust anchor file]) -AC_SUBST(LDNS_TRUST_ANCHOR_FILE) -AC_MSG_NOTICE([Default trust anchor: $LDNS_TRUST_ANCHOR_FILE]) AC_ARG_WITH(ca-file, AC_HELP_STRING([--with-ca-file=CAFILE], [File containing CA certificates for ldns-dane]), [ AC_DEFINE([HAVE_DANE_CA_FILE], [1], [Is a CAFILE given at configure time]) @@ -823,7 +807,7 @@ else AC_SUBST(ldns_build_config_have_attr_unused, 0) fi -CONFIG_FILES="Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config $DRILL_CONFIG $EXAMPLES_CONFIG" +CONFIG_FILES="Makefile ldns/common.h ldns/net.h ldns/util.h packaging/libldns.pc packaging/ldns-config" AC_SUBST(CONFIG_FILES) AC_CONFIG_FILES([$CONFIG_FILES])