Package-Name: bind
Gentoo-Package: net-dns/bind
Source: ftp://ftp.isc.org/isc/bind8/src/(\d+.\d+(.\d+(p\d+)?)?) $1 $1/bind-src.tar.gz
More-Source-1: $1/bind-doc.tar.gz
Compile-Requires: bison flex
Zap-Before-Install: 1
Repack:
	mkdir bind-"$(VERSION)"
	tar Cxvzfp bind-"$(VERSION)" "$(SOURCE)"
	tar Cxvzfp bind-"$(VERSION)" "$(SOURCE1)"
Compile:
	cp -p src/{CHANGES,DNSSEC,LICENSE*,README,SUPPORT,TODO} "$(PREFIX)/"
	chmod a-x "$(PREFIX)"/LICENSE*
	rm -rf obj
	$(MAKE) -Csrc links DST="`pwd`/obj" SRC="`pwd`/src"
	rm -f obj/.settings
	$(MAKE) -Cobj depend \
		CC="gcc -D_GNU_SOURCE" \
		CDEBUG="-O2" \
		YACC="bison -y -d" \
		DESTLIB="$(PREFIX)/lib" \
		DESTINC="$(PREFIX)/include" \
		DESTBIN="$(PREFIX)/bin" \
		DESTSBIN="$(PREFIX)/sbin" \
		DESTEXEC="$(PREFIX)/libexec" \
		DESTHELP="$(PREFIX)/lib" \
		DESTMAN="$(PREFIX)/man" \
		DESTETC="$(PREFIX)/etc" \
		DESTRUN="$(PREFIX)/run"
	$(MAKE) -Cobj all install \
		CC="gcc -D_GNU_SOURCE" \
		CDEBUG="-O2" \
		YACC="bison -y -d" \
		DESTLIB="$(PREFIX)/lib" \
		DESTINC="$(PREFIX)/include" \
		DESTBIN="$(PREFIX)/bin" \
		DESTSBIN="$(PREFIX)/sbin" \
		DESTEXEC="$(PREFIX)/libexec" \
		DESTHELP="$(PREFIX)/lib" \
		DESTMAN="$(PREFIX)/man" \
		DESTETC="$(PREFIX)/etc" \
		DESTRUN="$(PREFIX)/run"
	umask 022 ; mkdir -p "$(PREFIX)"/man/man{1,3,5,7,8}
	rm -f doc/man/*.lst*
	$(MAKE) -Cdoc/man install \
		DESTMAN="$(PREFIX)/man" MANDIR=man MANROFF=cat \
		LIB_NETWORK_EXT=3r \
		LIB_NETWORK_EXT_DIR=3
	rm -f "$(PREFIX)"/bin/{addr,mkservdb} "$(PREFIX)"/sbin/named-bootconf
	rm -f "$(PREFIX)"/man/man8/named-bootconf.8
	umask 022 ; mkdir -p "$(PREFIX)"/etc
# "rm -f" in case it's a dangling symlink (touch will fail in that case)
	test -f "$(PREFIX)"/etc/named.conf || (rm -f "$(PREFIX)"/etc/named.conf ; touch "$(PREFIX)"/etc/named.conf)
	rm -rf "$(PREFIX)"/run
	ln -s /var/run "$(PREFIX)"/
Install:
	$(MAKE) instbin BIN="dig dnsquery host nslookup nsupdate"
	$(MAKE) instsbin SBIN="irpd named ndc"
	$(MAKE) instetc ETC=named.conf
	umask 077 ; mkdir -p /etc/named
	$(MAKE) instman SECTION=1 MAN="dig dnskeygen dnsquery host"
	$(MAKE) instman SECTION=3 SUFFIX=r MAN="*"
	$(MAKE) instman SECTION=5 MAN="irs.conf named.conf"
	$(MAKE) instman SECTION=7 MAN="hostname mailaddr"
	$(MAKE) instman SECTION=8 MAN="named named-xfer ndc nslookup nsupdate"
Patch: <<EOT
######### begin verisign stupidity patch
diff -urN ../bind-8.4.4-orig/src/bin/named/ns_resp.c src/bin/named/ns_resp.c
--- ../bind-8.4.4-orig/src/bin/named/ns_resp.c	2004-01-16 11:01:24 +0900
+++ src/bin/named/ns_resp.c	2004-02-15 01:35:31 +0900
@@ -969,6 +969,16 @@
 
 		if (i < ancount) {
 			/* Answer section. */
+			/* HACK to kill Verisign stupidity
+			 *   --achurch@achurch.org */
+			char IP_TO_KILL[] = {64,94,110,11};
+			if (type == ns_t_a
+			 && memcmp(dp->d_data, IP_TO_KILL, 4) == 0
+			) {
+				validanswer = 0;
+				db_detach(&dp);
+				continue;
+			}
 			/*
 			 * Check for attempts to overflow the buffer in
 			 * getnameanswer.
######### end verisign stupidity patch
diff -urN ../bind-8.4.4-orig/src/bin/named/ns_config.c src/bin/named/ns_config.c
--- ../bind-8.4.4-orig/src/bin/named/ns_config.c	2004-01-16 11:01:22 +0900
+++ src/bin/named/ns_config.c	2004-02-15 01:37:44 +0900
@@ -1524,7 +1524,9 @@
 		  S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH);
 	if (fd < 0)
 		return (NULL);
+#if 0 /* ARGH!!!!  Making the pid file writable by user_id is a major security hole!!!! */
 	(void) fchown(fd, user_id, group_id);
+#endif
 	stream = fdopen(fd, "w");
 	if (stream == NULL) {
 		(void)unlink(filename);
diff -urN ../bind-8.4.4-orig/src/bin/named/ns_main.c src/bin/named/ns_main.c
--- ../bind-8.4.4-orig/src/bin/named/ns_main.c	2004-01-16 11:01:23 +0900
+++ src/bin/named/ns_main.c	2004-02-15 01:37:44 +0900
@@ -749,7 +749,9 @@
 			return;
 		case EBADF:
 		case ENOTSOCK:
+#if 1	/* Note I didn't have this one listed for some reason....  -GAW */
 		case EFAULT:
+#endif
 			/*
 			 * If one these happens, we're broken.
 			 */
diff -urN ../bind-8.4.4-orig/src/bin/named/ns_maint.c src/bin/named/ns_maint.c
--- ../bind-8.4.4-orig/src/bin/named/ns_maint.c	2004-01-16 11:01:23 +0900
+++ src/bin/named/ns_maint.c	2004-02-15 01:37:44 +0900
@@ -707,7 +707,9 @@
 				   name);
 			return(-1);
 		}
+#if 0 /* ARGH!!!  this one's totally unnecessary given the file is guaranteed brand new!!! */
 		(void) fchown(tsig_fd, user_id, group_id);
+#endif
 	}
 
 	memset(secret_buf, 0, sizeof(secret_buf));
diff -urN ../bind-8.4.4-orig/src/bin/named/ns_stats.c src/bin/named/ns_stats.c
--- ../bind-8.4.4-orig/src/bin/named/ns_stats.c	2004-01-16 11:01:24 +0900
+++ src/bin/named/ns_stats.c	2004-02-15 01:37:44 +0900
@@ -123,7 +123,9 @@
 			  server_options->stats_filename);
 		return;
 	}
+#if 0 /* ARGH!!!! */
 	(void) fchown(fileno(f), user_id, group_id);
+#endif
 
 	fprintf(f, "+++ Statistics Dump +++ (%ld) %s",
 		(long)timenow, checked_ctime(&timenow));
@@ -154,7 +156,9 @@
 			  server_options->memstats_filename);
 		return;
 	}
+#if 0 /* ARGH!!!! */
 	(void) fchown(fileno(f), user_id, group_id);
+#endif
 
 	fprintf(f, "+++ Memory Statistics Dump +++ (%ld) %s",
 		(long)timenow, checked_ctime(&timenow));
diff -urN ../bind-8.4.4-orig/src/bin/named/ns_update.c src/bin/named/ns_update.c
--- ../bind-8.4.4-orig/src/bin/named/ns_update.c	2004-01-16 11:01:24 +0900
+++ src/bin/named/ns_update.c	2004-02-15 01:37:44 +0900
@@ -146,7 +146,9 @@
 			 strerror(errno));
 		return (NULL);
 	}
+#if 0 /* ARGH!!!! */
 	(void) fchown(fileno(fp), user_id, group_id);
+#endif
 	if (fseek(fp, 0L, SEEK_END) != 0) {
 		ns_error(ns_log_update, "can't fseek(%s, 0, SEEK_END)",
 			 zp->z_updatelog);
@@ -171,7 +173,9 @@
 			 strerror(errno));
 		return (NULL);
 	}
+#if 0 /* ARGH!!!! */
 	(void) fchown(fileno(fp), user_id, group_id);
+#endif
 	if (fseek(fp, 0L, SEEK_END) != 0) {
 		ns_error(ns_log_update, "can't fseek(%s, 0, SEEK_END)",
 			 zp->z_ixfr_base);
diff -urN ../bind-8.4.4-orig/src/lib/isc/logging.c src/lib/isc/logging.c
--- ../bind-8.4.4-orig/src/lib/isc/logging.c	2004-01-16 11:01:35 +0900
+++ src/lib/isc/logging.c	2004-02-15 01:37:44 +0900
@@ -157,7 +157,9 @@
 		chan->flags |= LOG_CHANNEL_BROKEN;
 		return (NULL);
 	}
+#if 0 /* ARGH!!!  Don't leave the audit trail writable by the attacker!!! */
 	(void) fchown(fd, chan->out.file.owner, chan->out.file.group);
+#endif
 
 	chan->out.file.stream = stream;
 	return (stream);
diff -urN ../bind-8.4.4-orig/doc/man/Makefile doc/man/Makefile
--- ../bind-8.4.4-orig/doc/man/Makefile	2004-01-16 09:56:30 +0900
+++ doc/man/Makefile	2004-02-15 01:37:44 +0900
@@ -343,47 +343,47 @@
 	@set -x; N=${CMD_EXT}; for f in ${CMD_BASE}; do \
 		${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \
 		$${f}.${CMD_OUT_EXT} \
-		${DESTDIR}${DESTMAN}/${MANDIR}${CMD_EXT_DIR}/$${f}.${CATEXT}; \
+		${DESTDIR}${DESTMAN}/${MANDIR}${CMD_EXT_DIR}/$${f}.${CMD_EXT}; \
 	done
 	@set -x; N=${SYS_OPS_EXT}; for f in ${NAMED_BASE}; do \
 		${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \
 		$${f}.${SYS_OPS_OUT_EXT} \
-		${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR}/${INDOT}$${f}.${CATEXT}; \
+		${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR}/${INDOT}$${f}.${SYS_OPS_EXT}; \
 	done
 	@set -x; N=${SYS_OPS_EXT}; for f in ${NAMED_XFER_BASE}; do \
 		${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \
 		$${f}.${SYS_OPS_OUT_EXT} \
-		${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR}/${XFER_INDOT}$${f}.${CATEXT}; \
+		${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR}/${XFER_INDOT}$${f}.${SYS_OPS_EXT}; \
 	done
 	@set -x; N=${SYS_OPS_EXT}; for f in ${NAMED_BOOTCONF_BASE}; do \
 		${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \
 		$${f}.${SYS_OPS_OUT_EXT} \
-		${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR}/${XFER_INDOT}$${f}.${CATEXT}; \
+		${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR}/${XFER_INDOT}$${f}.${SYS_OPS_EXT}; \
 	done
 	@set -x; N=${SYS_OPS_EXT}; for f in ${NSLOOKUP_BASE}; do \
 		${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \
 		$${f}.${SYS_OPS_OUT_EXT} \
-		${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR}/$${f}.${CATEXT}; \
+		${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR}/$${f}.${SYS_OPS_EXT}; \
 	done
 	@set -x; N=${SYS_OPS_EXT}; for f in ${NSUPDATE_BASE}; do \
 		${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \
 		$${f}.${SYS_OPS_OUT_EXT} \
-		${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR}/$${f}.${CATEXT}; \
+		${DESTDIR}${DESTMAN}/${MANDIR}${SYS_OPS_EXT_DIR}/$${f}.${SYS_OPS_EXT}; \
 	done
 	@set -x; N=${LIB_NETWORK_EXT}; for f in ${LIB_NETWORK_BASE}; do \
 		${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \
 		$${f}.${LIB_NETWORK_OUT_EXT} \
-		${DESTDIR}${DESTMAN}/${MANDIR}${LIB_NETWORK_EXT_DIR}/$${f}.${CATEXT}; \
+		${DESTDIR}${DESTMAN}/${MANDIR}${LIB_NETWORK_EXT_DIR}/$${f}.${LIB_NETWORK_EXT}; \
 	done
 	@set -x; N=${FORMAT_EXT}; for f in ${FORMAT_BASE}; do \
 		${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \
 		$${f}.${FORMAT_OUT_EXT} \
-		${DESTDIR}${DESTMAN}/${MANDIR}${FORMAT_EXT_DIR}/$${f}.${CATEXT}; \
+		${DESTDIR}${DESTMAN}/${MANDIR}${FORMAT_EXT_DIR}/$${f}.${FORMAT_EXT}; \
 	done
 	@set -x; N=${DESC_EXT}; for f in ${DESC_BASE}; do \
 		${INSTALL} -c -m 444 ${MAN_OWNER} ${MAN_GROUP} \
 		$${f}.${DESC_OUT_EXT} \
-		${DESTDIR}${DESTMAN}/${MANDIR}${DESC_EXT_DIR}/$${f}.${CATEXT}; \
+		${DESTDIR}${DESTMAN}/${MANDIR}${DESC_EXT_DIR}/$${f}.${DESC_EXT}; \
 	done
 
 ${DESTDIR}${DESTMAN}/${MANDIR}${CMD_EXT_DIR} \
EOT

-/etc/named/
-/etc/named.conf
/etc/named/
/etc/named.conf
/pkg/bind/
/usr/bin/dig
/usr/bin/dnsquery
/usr/bin/host
/usr/bin/nslookup
/usr/bin/nsupdate
/usr/sbin/irpd
/usr/sbin/named
/usr/sbin/ndc
/usr/man/man1/dig.1.gz
/usr/man/man1/dnskeygen.1.gz
/usr/man/man1/dnsquery.1.gz
/usr/man/man1/host.1.gz
/usr/man/man3/*.3r.gz
/usr/man/man5/irs.conf.5.gz
/usr/man/man5/named.conf.5.gz
/usr/man/man5/resolver.5.gz
/usr/man/man7/hostname.7.gz
/usr/man/man7/mailaddr.7.gz
/usr/man/man8/named.8.gz
/usr/man/man8/named-xfer.8.gz
/usr/man/man8/ndc.8.gz
/usr/man/man8/nslookup.8.gz
/usr/man/man8/nsupdate.8.gz
