From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] bind: Rework package and update to 9.9.9-P6
Date: Sat, 25 Feb 2017 15:21:49 +0000
Message-ID: <1488036109.24657.216.camel@ipfire.org>
In-Reply-To: <20170223115111.23057-1-stefan.schantl@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============5982980224510260066=="
List-Id: <development.lists.ipfire.org>

--===============5982980224510260066==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hi,

you cannot drop the DNS root key because tools like dig and other software li=
ke
unbound depend on it.

Could you re-add that please?

-Michael

On Thu, 2017-02-23 at 12:51 +0100, Stefan Schantl wrote:
> This commit rapidely slims down the bind package. It now only
> provides the libraries and development files, which are needed
> to build the isc-dhcp server and in a subpackage some very handy
> utils like dig, host and some more.
>=20
> Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
> ---
> =C2=A0bind/bind.nm=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0| 142 ++++-----
> =C2=A0bind/named.tmpfiles=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0|=C2=A0=
=C2=A0=C2=A01 -
> =C2=A0bind/patches/bind-9.5-PIE.patch=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0|=C2=A0=C2=A027 --
> =C2=A0bind/patches/bind-9.5-parallel-build.patch=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0|=C2=A0=C2=A014 -
> =C2=A0bind/patches/bind-9.9-libidn.patch=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0| 326 --=
------------------
> -
> =C2=A0...-9.7-exportlib.patch =3D> bind97-exportlib.patch} |=C2=A0=C2=A0=C2=
=A00
> =C2=A0bind/patches/bind99-dont-build-bin.patch=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0|=C2=A0=C2=A013 +
> =C2=A0bind/trusted-key.key=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0|=C2=A0=C2=A0=
=C2=A01 -
> =C2=A08 files changed, 69 insertions(+), 455 deletions(-)
> =C2=A0delete mode 100644 bind/named.tmpfiles
> =C2=A0delete mode 100644 bind/patches/bind-9.5-PIE.patch
> =C2=A0delete mode 100644 bind/patches/bind-9.5-parallel-build.patch
> =C2=A0delete mode 100644 bind/patches/bind-9.9-libidn.patch
> =C2=A0rename bind/patches/{bind-9.7-exportlib.patch =3D> bind97-exportlib.p=
atch}
> (100%)
> =C2=A0create mode 100644 bind/patches/bind99-dont-build-bin.patch
> =C2=A0delete mode 100644 bind/trusted-key.key
>=20
> diff --git a/bind/bind.nm b/bind/bind.nm
> index 7b6344f..4775c14 100644
> --- a/bind/bind.nm
> +++ b/bind/bind.nm
> @@ -4,8 +4,8 @@
> =C2=A0#####################################################################=
########
> ##
> =C2=A0
> =C2=A0name=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=3D bind
> -version=C2=A0=C2=A0=C2=A0=C2=A0=3D 9.9.6-P1
> -release=C2=A0=C2=A0=C2=A0=C2=A0=3D 2
> +version=C2=A0=C2=A0=C2=A0=C2=A0=3D 9.9.9-P6
> +release=C2=A0=C2=A0=C2=A0=C2=A0=3D 1
> =C2=A0
> =C2=A0groups=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=3D Networking/Tools
> =C2=A0url=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=3D http://www.isc=
.org/products/BIND/
> @@ -19,14 +19,10 @@ end
> =C2=A0
> =C2=A0source_dl=C2=A0=C2=A0=3D ftp://ftp.isc.org/isc/bind/%{version}/
> =C2=A0
> -sources +=3D \
> -	%{name}-config-12.tar.bz2
> -
> =C2=A0build
> =C2=A0	requires
> =C2=A0		autoconf
> =C2=A0		automake
> -		chrpath
> =C2=A0		libcap-devel
> =C2=A0		libidn-devel
> =C2=A0		libtool
> @@ -43,116 +39,88 @@ build
> =C2=A0		--disable-static \
> =C2=A0		--disable-openssl-version-check \
> =C2=A0		--enable-exportlib \
> -		--with-export-libdir=3D/%{lib}/ \
> -		--with-export-includedir=3D/usr/include/ \
> -		--includedir=3D/usr/include/bind9/ \
> -		--with-pkcs11=3D%{libdir}/pkcs11/PKCS11_API.so \
> +		--with-export-libdir=3D%{libdir}/ \
> +		--with-export-includedir=3D%{includedir} \
> +		--includedir=3D%{includedir}/bind9/ \
> =C2=A0		--with-gssapi \
> =C2=A0		--enable-rrl \
> =C2=A0		--disable-isc-spnego
> =C2=A0
> -	prepare
> -		cd %{DIR_SRC} && %{MACRO_EXTRACT} %{DIR_DL}/%{thisapp}.tar.gz
> -
> +	prepare_cmds
> =C2=A0		# Create m4 directory.
> =C2=A0		cd %{DIR_APP} && mkdir -pv m4
> =C2=A0
> -		# Apply all patches.
> -		%{MACRO_PATCHES}
> -
> =C2=A0		# Branding.
> =C2=A0		sed -i -e 's/RELEASEVER=3D\(.*\)/RELEASEVER=3D\1-%{DISTRO_NAME}-
> %{version}-%{release}/' version
> =C2=A0
> =C2=A0		# Regenerate build environment
> -		libtoolize -c -f
> -		aclocal -I m4 --force
> -		autoconf -f
> +		autoreconf -vfi
> =C2=A0
> -		# Create user and group for /run directory.
> -		%{create_user}
> =C2=A0	end
> =C2=A0
> -	install
> -		# Create directory layout.
> -		mkdir -pv %{BUILDROOT}%{libdir}/bind
> -		mkdir -pv %{BUILDROOT}/var/named/{slaves,data,dynamic}
> -		mkdir -pv %{BUILDROOT}/usr/share/man/{man1,man5,man8}
> -		mkdir -pv %{BUILDROOT}/run/named
> -		mkdir -pv %{BUILDROOT}/var/log
> -
> -		# Create named chroot environment.
> -		mkdir -pv %{BUILDROOT}/var/named/chroot/{dev,etc,var}
> -		mkdir -pv
> %{BUILDROOT}/var/named/chroot/var/{log,named,run/named,tmp}
> -		mkdir -pv %{BUILDROOT}/var/named/chroot/etc/{pki/dnssec-
> keys,named}
> -		mkdir -pv %{BUILDROOT}/var/named/chroot/usr/lib/bind
> -		mkdir -pv %{BUILDROOT}/var/named/chroot/dev/null
> -		mkdir -pv %{BUILDROOT}/var/named/chroot/dev/random
> -		mkdir -pv %{BUILDROOT}/var/named/chroot/dev/zero
> -		mkdir -pv %{BUILDROOT}/var/named/chroot/etc/localtime
> +	build_cmds
> +		# Build some typical system tools (dig, host, nslookup)
> +		make -C bin/dig -j %{PARALLELISMFLAGS}
> =C2=A0
> -		touch %{BUILDROOT}/var/named/chroot/etc/named.conf
> -
> -		# Run make install
> -		make DESTDIR=3D%{BUILDROOT} install
> +		# Build nsupdate
> +		make -C bin/nsupdate -j %{PARALLELISMFLAGS}
> +	end
> =C2=A0
> -		# Remove RPATH from libraries.
> -		chrpath --delete %{BUILDROOT}/lib*/*export*.so.*
> +	install_cmds
> +		# Install typical system tools
> +		make -C bin/dig install DESTDIR=3D%{BUILDROOT}
> =C2=A0
> -		# Remove unwanted files
> -		rm -rvf %{BUILDROOT}/etc/bind.keys
> +		# Install nsupdate
> +		make -C bin/nsupdate install DESTDIR=3D%{BUILDROOT}
> =C2=A0
> -		# Create ghost config files
> -		touch %{BUILDROOT}/var/log/named.log
> +		# Install isc/errno2result.h header
> +		install -m 644 lib/isc/unix/errno2result.h
> %{BUILDROOT}%{includedir}/isc
> =C2=A0
> -		# Configuration files
> -		tar -C %{BUILDROOT} -xaf %{DIR_DL}/bind-config-12.tar.bz2
> -		touch %{BUILDROOT}/etc/rndc.key
> -		touch %{BUILDROOT}/etc/rndc.conf
> +		# Remove development libraries and headers except *-export
> ones
> +		rm -rvf %{BUILDROOT}%{libdir}/libbind9.so
> +		rm -rvf %{BUILDROOT}%{libdir}/libdns.so
> +		rm -rvf %{BUILDROOT}%{libdir}/libisccc.so
> +		rm -rvf %{BUILDROOT}%{libdir}/libisccfg.so
> +		rm -rvf %{BUILDROOT}%{libdir}/libisc.so
> +		rm -rvf %{BUILDROOT}%{libdir}/liblwres.so
> +		rm -rvf %{BUILDROOT}%{includedir}/bind9
> =C2=A0
> -		mkdir %{BUILDROOT}/etc/named
> -		install -m 644 bind.keys %{BUILDROOT}/etc/named.iscdlv.key
> -		install -m 644 %{DIR_SOURCE}/trusted-key.key
> %{BUILDROOT}/etc/trusted-key.key
> +		# Remove unwanted files
> +		rm -rvf %{BUILDROOT}/etc
> +		rm -rvf %{BUILDROOT}/var
> =C2=A0
> -		# Recreate symlinks for export libraries
> -		rm -rf %{BUILDROOT}/%{lib}/lib*-export.so
> +		# Remove unneeded tools
> +		rm -rvf %{BUILDROOT}%{bindir}/isc-config.sh
> +		rm -rvf %{BUILDROOT}%{bindir}/bind9-config
> =C2=A0
> -		ln -svf ../../%{lib}/libdns-export.so.104
> %{BUILDROOT}%{libdir}/libdns-export.so
> -		ln -svf ../../%{lib}/libirs-export.so.91
> %{BUILDROOT}%{libdir}/libirs-export.so
> -		ln -svf ../../%{lib}/libisccfg-export.so.90
> %{BUILDROOT}%{libdir}/libisccfg-export.so
> -		ln -svf ../../%{lib}/libisc-export.so.95
> %{BUILDROOT}%{libdir}/libisc-export.so
> +		# Remove manpages for the unneeded tools
> +		rm -rvf %{BUILDROOT}%{mandir}/man1/isc-config.sh.1
> +		rm -rvf %{BUILDROOT}%{mandir}/man1/bind9-config.1
> =C2=A0
> -		# Create /run/named.
> -		mkdir -pv %{BUILDROOT}/run/named
> -		chown -Rv named.named %{BUILDROOT}/run/named/
> +		# Remove documentation for liblwres and tools
> +		rm -rvf %{BUILDROOT}%{mandir}/man3
> =C2=A0	end
> =C2=A0end
> =C2=A0
> -create_user
> -	getent group named >/dev/null || /usr/sbin/groupadd -r named
> -	getent passwd named >/dev/null || /usr/sbin/useradd -r -g named \
> -		-d /var/named -c "User for bind DNS server" -s /sbin/nologin
> named
> -end
> -
> =C2=A0packages
> =C2=A0	package %{name}
> +		# The bind package is just an umbrella package for the utils
> +		# and libs package.
> =C2=A0		requires
> -			bind-utils
> -			bind-chroot
> -		end
> -
> -		prerequires +=3D shadow-utils
> -
> -		script prein
> -			%{create_user}
> +			%{name}-libs =3D %{thisver}=09
> +			%{name}-utils =3D %{thisver}
> +			%{name}-utils-libs =3D %{thisver}
> =C2=A0		end
> -
> -		# XXX Add systemd scriptlet if a service file becomes
> available
> =C2=A0	end
> =C2=A0
> =C2=A0	package %{name}-utils
> =C2=A0		summary =3D Utilities for querying bind DNS name server.
> =C2=A0		description =3D %{summary}
> =C2=A0
> +		requires
> +			%{name}-utils-libs =3D %{thisver}
> +		end
> +
> =C2=A0		files
> =C2=A0			/usr/bin/dig
> =C2=A0			/usr/bin/host
> @@ -165,17 +133,19 @@ packages
> =C2=A0		end
> =C2=A0	end
> =C2=A0
> -	package %{name}-chroot
> -		summary =3D Chroot environment for bind DNS servers.
> -		description =3D %{summary}
> +	package %{name}-utils-libs
> +		template LIBS
> =C2=A0
> -		files
> -			/var/named/chroot
> -		end
> +		summary =3D Required libraries for the tools in the bind-utils
> package.
> +		description =3D %{summary}
> =C2=A0	end
> =C2=A0
> =C2=A0	package %{name}-libs
> =C2=A0		template LIBS
> +
> +		files
> +			%{libdir}/*export.so.*
> +		end
> =C2=A0	end
> =C2=A0
> =C2=A0	package %{name}-devel
> diff --git a/bind/named.tmpfiles b/bind/named.tmpfiles
> deleted file mode 100644
> index 640a656..0000000
> --- a/bind/named.tmpfiles
> +++ /dev/null
> @@ -1 +0,0 @@
> -d /run/named 0755 named named -
> diff --git a/bind/patches/bind-9.5-PIE.patch b/bind/patches/bind-9.5-PIE.pa=
tch
> deleted file mode 100644
> index a525b9b..0000000
> --- a/bind/patches/bind-9.5-PIE.patch
> +++ /dev/null
> @@ -1,27 +0,0 @@
> ---- bind-9.5.0b2/bin/named/Makefile.in.pie	2008-02-11
> 17:21:47.000000000 +0100
> -+++ bind-9.5.0b2/bin/named/Makefile.in	2008-02-11 17:22:10.000000000
> +0100
> -@@ -100,8 +100,12 @@ HTMLPAGES =3D	named.html lwresd.html named
> -=C2=A0
> - MANOBJS =3D	${MANPAGES} ${HTMLPAGES}
> -=C2=A0
> -+EXT_CFLAGS =3D -fpie
> -+
> - @BIND9_MAKE_RULES@
> -=C2=A0
> -+LDFLAGS +=3D -pie -Wl,-z,relro,-z,now,-z,nodlopen,-z,noexecstack
> -+
> - main.(a)O@: main.c
> -=C2=A0	${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \
> -=C2=A0		-DVERSION=3D\"${VERSION}\" \
> -diff -up bind-9.5.0b2/bin/named/unix/Makefile.in.pie bind-
> 9.5.0b2/bin/named/unix/Makefile.in
> ---- bind-9.5.0b2/bin/named/unix/Makefile.in.pie	2008-02-11
> 17:22:21.000000000 +0100
> -+++ bind-9.5.0b2/bin/named/unix/Makefile.in	2008-02-11
> 17:23:00.000000000 +0100
> -@@ -19,6 +19,8 @@ srcdir =3D	@srcdir@
> - VPATH =3D		@srcdir@
> - top_srcdir =3D	@top_srcdir@
> -=C2=A0
> -+EXT_CFLAGS =3D -fpie
> -+
> - @BIND9_MAKE_INCLUDES@
> -=C2=A0
> - CINCLUDES =3D	-I${srcdir}/include -I${srcdir}/../include \
> diff --git a/bind/patches/bind-9.5-parallel-build.patch b/bind/patches/bind-
> 9.5-parallel-build.patch
> deleted file mode 100644
> index 53e34ca..0000000
> --- a/bind/patches/bind-9.5-parallel-build.patch
> +++ /dev/null
> @@ -1,14 +0,0 @@
> -diff -up bind-9.5.0b1/lib/dns/Makefile.in.parallel bind-
> 9.5.0b1/lib/dns/Makefile.in
> ---- bind-9.5.0b1/lib/dns/Makefile.in.parallel	2008-01-17
> 18:27:38.000000000 +0100
> -+++ bind-9.5.0b1/lib/dns/Makefile.in	2008-01-17 18:27:45.000000000
> +0100
> -@@ -19,10 +19,6 @@ srcdir =3D	@srcdir@
> - VPATH =3D		@srcdir@
> - top_srcdir =3D	@top_srcdir@
> -=C2=A0
> --# Attempt to disable parallel processing.
> --.NOTPARALLEL:
> --.NO_PARALLEL:
> --
> - @BIND9_VERSION@
> -=C2=A0
> - @LIBDNS_API@
> diff --git a/bind/patches/bind-9.9-libidn.patch b/bind/patches/bind-9.9-
> libidn.patch
> deleted file mode 100644
> index fca8665..0000000
> --- a/bind/patches/bind-9.9-libidn.patch
> +++ /dev/null
> @@ -1,326 +0,0 @@
> -From 19809fe6154ea0471a2c4fa3bd66787facf7704a Mon Sep 17 00:00:00 2001
> -From: Tomas Hozza <thozza(a)redhat.com>
> -Date: Mon, 26 May 2014 15:25:34 +0200
> -Subject: [PATCH] Use libidn instead of bundled idnkit
> -
> -Signed-off-by: Tomas Hozza <thozza(a)redhat.com>
> ----
> - bin/dig/Makefile.in |=C2=A0=C2=A0=C2=A06 +-
> - bin/dig/dig.docbook |=C2=A0=C2=A0=C2=A04 +-
> - bin/dig/dighost.c=C2=A0=C2=A0=C2=A0| 168 ++++++++++++++++++++++++++++++++=
++++++++++++++++
> ----
> - 3 files changed, 162 insertions(+), 16 deletions(-)
> -
> -diff --git a/bin/dig/Makefile.in b/bin/dig/Makefile.in
> -index 5bc4db0..3864e06 100644
> ---- a/bin/dig/Makefile.in
> -+++ b/bin/dig/Makefile.in
> -@@ -48,10 +48,10 @@ DEPLIBS =3D	${DNSDEPLIBS} ${BIND9DEPLIBS}
> ${ISCDEPLIBS} ${ISCCFGDEPLIBS} \
> -=C2=A0		${LWRESDEPLIBS}
> -=C2=A0
> - LIBS =3D		${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} ${ISCCFGLIBS} \
> --		${ISCLIBS} @IDNLIBS@ @LIBS@
> -+		${ISCLIBS} @IDNLIBS@ @LIBS@ -lidn
> -=C2=A0
> - NOSYMLIBS =3D	${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} ${ISCCFGLIBS} \
> --		${ISCNOSYMLIBS} @IDNLIBS@ @LIBS@
> -+		${ISCNOSYMLIBS} @IDNLIBS@ @LIBS@ -lidn
> -=C2=A0
> - SUBDIRS =3D
> -=C2=A0
> -@@ -69,6 +69,8 @@ HTMLPAGES =3D	dig.html host.html nslookup.html
> -=C2=A0
> - MANOBJS =3D	${MANPAGES} ${HTMLPAGES}
> -=C2=A0
> -+EXT_CFLAGS =3D -DWITH_LIBIDN
> -+
> - @BIND9_MAKE_RULES@
> -=C2=A0
> - dig(a)EXEEXT@: dig.(a)O@ dighost.(a)O@ ${UOBJS} ${DEPLIBS}
> -diff --git a/bin/dig/dig.docbook b/bin/dig/dig.docbook
> -index 7a01ec0..c3a7976 100644
> ---- a/bin/dig/dig.docbook
> -+++ b/bin/dig/dig.docbook
> -@@ -970,8 +970,8 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0<command>dig</command> appropria=
tely converts character encoding of
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0domain name before sending a req=
uest to DNS server or displaying a
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0reply from the server.
> --=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0If you'd like to turn off the IDN sup=
port for some reason, defines
> --=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0the <envar>IDN_DISABLE</envar> enviro=
nment variable.
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0If you'd like to turn off the IDN sup=
port for some reason, define
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0the <envar>CHARSET=3DASCII</envar> en=
vironment variable.
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0The IDN support is disabled if t=
he variable is set when=C2=A0
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0<command>dig</command> runs.
> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0</para>
> -diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c
> -index 56d763c..5a40051 100644
> ---- a/bin/dig/dighost.c
> -+++ b/bin/dig/dighost.c
> -@@ -44,6 +44,11 @@
> - #include <idn/api.h>
> - #endif
> -=C2=A0
> -+#ifdef WITH_LIBIDN
> -+#include <stringprep.h>
> -+#include <idna.h>
> -+#endif
> -+
> - #include <dns/byaddr.h>
> - #ifdef DIG_SIGCHASE
> - #include <dns/callbacks.h>
> -@@ -158,6 +163,14 @@ static void		idn_check_result(idn_result_t
> r, const char *msg);
> - int=C2=A0=C2=A0idnoptions	=3D 0;
> - #endif
> -=C2=A0
> -+#ifdef WITH_LIBIDN
> -+static isc_result_t	libidn_locale_to_utf8 (const char* from, char
> *to);
> -+static isc_result_t	libidn_utf8_to_ascii (const char* from, char
> *to);
> -+static isc_result_t	output_filter (isc_buffer_t *buffer,
> -+				=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0unsigned int used_org,
> -+				=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0isc_boolean_t absolute);
> -+#endif
> -+
> - isc_socket_t *keep =3D NULL;
> - isc_sockaddr_t keepaddr;
> -=C2=A0
> -@@ -1210,6 +1223,9 @@ setup_system(void) {
> -=C2=A0	dig_searchlist_t *domain =3D NULL;
> -=C2=A0	lwres_result_t lwresult;
> -=C2=A0	unsigned int lwresflags;
> -+#ifdef WITH_LIBIDN
> -+	isc_result_t result;
> -+#endif
> -=C2=A0
> -=C2=A0	debug("setup_system()");
> -=C2=A0
> -@@ -1268,8 +1284,15 @@ setup_system(void) {
> -=C2=A0
> - #ifdef WITH_IDN
> -=C2=A0	initialize_idn();
> -+=09
> -+#endif
> -+#ifdef WITH_LIBIDN
> -+	result =3D dns_name_settotextfilter(output_filter);
> -+	check_result(result, "dns_name_settotextfilter");
> -+#ifdef HAVE_SETLOCALE
> -+	setlocale (LC_ALL, "");
> -+#endif
> - #endif
> --
> -=C2=A0	if (keyfile[0] !=3D 0)
> -=C2=A0		setup_file_key();
> -=C2=A0	else if (keysecret[0] !=3D 0)
> -@@ -2028,12 +2051,14 @@ setup_lookup(dig_lookup_t *lookup) {
> -=C2=A0	idn_result_t mr;
> -=C2=A0	char utf8_textname[MXNAME], utf8_origin[MXNAME],
> idn_textname[MXNAME];
> - #endif
> -+#ifdef WITH_LIBIDN
> -+	char utf8_str[MXNAME], utf8_name[MXNAME], ascii_name[MXNAME];
> -+#endif
> -=C2=A0
> --#ifdef WITH_IDN
> -+#if defined (WITH_IDN) || defined (WITH_LIBIDN)
> -=C2=A0	result =3D dns_name_settotextfilter(output_filter);
> -=C2=A0	check_result(result, "dns_name_settotextfilter");
> - #endif
> --
> -=C2=A0	REQUIRE(lookup !=3D NULL);
> -=C2=A0	INSIST(!free_now);
> -=C2=A0
> -@@ -2070,6 +2095,14 @@ setup_lookup(dig_lookup_t *lookup) {
> -=C2=A0	mr =3D idn_encodename(IDN_LOCALCONV | IDN_DELIMMAP, lookup->textnam=
e,
> -=C2=A0			=C2=A0=C2=A0=C2=A0=C2=A0utf8_textname, sizeof(utf8_textname));
> -=C2=A0	idn_check_result(mr, "convert textname to UTF-8");
> -+#elif defined (WITH_LIBIDN)
> -+	result =3D libidn_locale_to_utf8 (lookup->textname, utf8_str);
> -+	check_result (result, "convert textname to UTF-8");
> -+	len =3D strlen (utf8_str);
> -+	if (len < MXNAME)
> -+		(void) strcpy (utf8_name, utf8_str);
> -+	else
> -+		fatal ("Too long name");
> - #endif
> -=C2=A0
> -=C2=A0	/*
> -@@ -2082,15 +2115,11 @@ setup_lookup(dig_lookup_t *lookup) {
> -=C2=A0	if (lookup->new_search) {
> - #ifdef WITH_IDN
> -=C2=A0		if ((count_dots(utf8_textname) >=3D ndots) || !usesearch) {
> --			lookup->origin =3D NULL; /* Force abs lookup */
> --			lookup->done_as_is =3D ISC_TRUE;
> --			lookup->need_search =3D usesearch;
> --		} else if (lookup->origin =3D=3D NULL && usesearch) {
> --			lookup->origin =3D ISC_LIST_HEAD(search_list);
> --			lookup->need_search =3D ISC_FALSE;
> --		}
> -+#elif defined (WITH_LIBIDN)
> -+		if ((count_dots(utf8_name) >=3D ndots) || !usesearch) {
> - #else
> -=C2=A0		if ((count_dots(lookup->textname) >=3D ndots) || !usesearch) {
> -+#endif
> -=C2=A0			lookup->origin =3D NULL; /* Force abs lookup */
> -=C2=A0			lookup->done_as_is =3D ISC_TRUE;
> -=C2=A0			lookup->need_search =3D usesearch;
> -@@ -2098,7 +2127,6 @@ setup_lookup(dig_lookup_t *lookup) {
> -=C2=A0			lookup->origin =3D ISC_LIST_HEAD(search_list);
> -=C2=A0			lookup->need_search =3D ISC_FALSE;
> -=C2=A0		}
> --#endif
> -=C2=A0	}
> -=C2=A0
> - #ifdef WITH_IDN
> -@@ -2115,6 +2143,20 @@ setup_lookup(dig_lookup_t *lookup) {
> -=C2=A0			=C2=A0=C2=A0=C2=A0=C2=A0IDN_IDNCONV | IDN_LENCHECK, utf8_textname,
> -=C2=A0			=C2=A0=C2=A0=C2=A0=C2=A0idn_textname, sizeof(idn_textname));
> -=C2=A0	idn_check_result(mr, "convert UTF-8 textname to IDN encoding");
> -+#elif defined (WITH_LIBIDN)
> -+	if (lookup->origin !=3D NULL) {
> -+		result =3D libidn_locale_to_utf8 (lookup->origin->origin,
> utf8_str);
> -+		check_result (result, "convert origin to UTF-8");
> -+		if (len > 0 && utf8_name[len - 1] !=3D '.') {
> -+			utf8_name[len++] =3D '.';
> -+			if (len + strlen (utf8_str) < MXNAME)
> -+				(void) strcpy (utf8_name + len, utf8_str);
> -+			else
> -+				fatal ("Too long name + origin");
> -+		}
> -+	}
> -+
> -+	result =3D libidn_utf8_to_ascii (utf8_name, ascii_name);
> - #else
> -=C2=A0	if (lookup->origin !=3D NULL) {
> -=C2=A0		debug("trying origin %s", lookup->origin->origin);
> -@@ -2170,6 +2212,13 @@ setup_lookup(dig_lookup_t *lookup) {
> -=C2=A0			result =3D dns_name_fromtext(lookup->name, &b,
> -=C2=A0						=C2=A0=C2=A0=C2=A0dns_rootname, 0,
> -=C2=A0						=C2=A0=C2=A0=C2=A0&lookup->namebuf);
> -+#elif defined (WITH_LIBIDN)
> -+			len =3D strlen (ascii_name);
> -+			isc_buffer_init(&b, ascii_name, len);
> -+			isc_buffer_add(&b, len);
> -+			result =3D dns_name_fromtext(lookup->name, &b,
> -+						=C2=A0=C2=A0=C2=A0dns_rootname, 0,
> -+						=C2=A0=C2=A0=C2=A0&lookup->namebuf);
> - #else
> -=C2=A0			len =3D strlen(lookup->textname);
> -=C2=A0			isc_buffer_init(&b, lookup->textname, len);
> -@@ -3788,7 +3837,7 @@ destroy_libs(void) {
> -=C2=A0	void * ptr;
> -=C2=A0	dig_message_t *chase_msg;
> - #endif
> --#ifdef WITH_IDN
> -+#if defined (WITH_IDN) || defined (WITH_LIBIDN)
> -=C2=A0	isc_result_t result;
> - #endif
> -=C2=A0
> -@@ -3829,6 +3878,10 @@ destroy_libs(void) {
> -=C2=A0	result =3D dns_name_settotextfilter(NULL);
> -=C2=A0	check_result(result, "dns_name_settotextfilter");
> - #endif
> -+#ifdef WITH_LIBIDN
> -+	result =3D dns_name_settotextfilter (NULL);
> -+	check_result(result, "clearing dns_name_settotextfilter");
> -+#endif
> -=C2=A0	dns_name_destroy();
> -=C2=A0
> -=C2=A0	if (commctx !=3D NULL) {
> -@@ -4008,6 +4061,97 @@ idn_check_result(idn_result_t r, const char *msg) {
> -=C2=A0	}
> - }
> - #endif /* WITH_IDN */
> -+#ifdef WITH_LIBIDN
> -+static isc_result_t
> -+libidn_locale_to_utf8 (const char *from, char *to) {
> -+	char *utf8_str;
> -+
> -+	debug ("libidn_locale_to_utf8");
> -+	utf8_str =3D stringprep_locale_to_utf8 (from);
> -+	if (utf8_str !=3D NULL) {
> -+		(void) strcpy (to, utf8_str);
> -+		free (utf8_str);
> -+		return ISC_R_SUCCESS;
> -+	}
> -+
> -+	debug ("libidn_locale_to_utf8: failure");
> -+	return ISC_R_FAILURE;
> -+}
> -+static isc_result_t
> -+libidn_utf8_to_ascii (const char *from, char *to) {
> -+	char *ascii;
> -+	int iresult;
> -+
> -+	debug ("libidn_utf8_to_ascii");
> -+	iresult =3D idna_to_ascii_8z (from, &ascii, 0);
> -+	if (iresult !=3D IDNA_SUCCESS) {
> -+		debug ("idna_to_ascii_8z: %s", idna_strerror (iresult));
> -+		return ISC_R_FAILURE;
> -+	}
> -+
> -+	(void) strcpy (to, ascii);
> -+	free (ascii);
> -+	return ISC_R_SUCCESS;
> -+}
> -+
> -+static isc_result_t
> -+output_filter (isc_buffer_t *buffer, unsigned int used_org,
> -+	=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0isc_boolean_t absolute) {
> -+
> -+	char tmp1[MXNAME], *tmp2;
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0size_t fromlen, tolen;
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0isc_boolean_t end_with_do=
t;
> -+	int iresult;
> -+
> -+	debug ("output_filter");
> -+
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0fromlen =3D isc_buffer_us=
edlength (buffer) - used_org;
> -+	if (fromlen >=3D MXNAME)
> -+		return ISC_R_SUCCESS;
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0memcpy (tmp1, (char *) is=
c_buffer_base (buffer) + used_org,
> fromlen);
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0end_with_dot =3D (tmp1[fr=
omlen - 1] =3D=3D '.') ? ISC_TRUE : ISC_FALSE;
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if (absolute && !end_with=
_dot) {
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0fromlen++;
> -+		if (fromlen >=3D MXNAME)
> -+			return ISC_R_SUCCESS;
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0tmp1[fromlen - 1] =3D '.';
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0}
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0tmp1[fromlen] =3D '\0';
> -+
> -+	iresult =3D idna_to_unicode_8z8z (tmp1, &tmp2, 0);
> -+	if (iresult !=3D IDNA_SUCCESS) {
> -+		debug ("output_filter: %s", idna_strerror (iresult));
> -+		return ISC_R_SUCCESS;
> -+	}
> -+
> -+	(void) strcpy (tmp1, tmp2);
> -+	free (tmp2);
> -+
> -+	tmp2 =3D stringprep_utf8_to_locale (tmp1);
> -+	if (tmp2 =3D=3D NULL) {
> -+		debug ("output_filter: stringprep_utf8_to_locale failed");
> -+		return ISC_R_SUCCESS;
> -+	}
> -+
> -+	(void) strcpy (tmp1, tmp2);
> -+	free (tmp2);
> -+
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0tolen =3D strlen (tmp1);
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if (absolute && !end_with=
_dot && tmp1[tolen - 1] =3D=3D '.')
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0tolen--;
> -+
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if (isc_buffer_length (bu=
ffer) < used_org + tolen)
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0return ISC_R_NOSPACE;
> -+
> -+	debug ("%s", tmp1);
> -+
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0isc_buffer_subtract (buff=
er, isc_buffer_usedlength (buffer) -
> used_org);
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0memcpy (isc_buffer_used (=
buffer), tmp1, tolen);
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0isc_buffer_add (buffer, t=
olen);
> -+
> -+=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0return ISC_R_SUCCESS;
> -+}
> -+#endif /* WITH_LIBIDN*/
> -=C2=A0
> - #ifdef DIG_SIGCHASE
> - void
> ---=C2=A0
> -1.9.0
> -
> diff --git a/bind/patches/bind-9.7-exportlib.patch b/bind/patches/bind97-
> exportlib.patch
> similarity index 100%
> rename from bind/patches/bind-9.7-exportlib.patch
> rename to bind/patches/bind97-exportlib.patch
> diff --git a/bind/patches/bind99-dont-build-bin.patch b/bind/patches/bind99-
> dont-build-bin.patch
> new file mode 100644
> index 0000000..ae50372
> --- /dev/null
> +++ b/bind/patches/bind99-dont-build-bin.patch
> @@ -0,0 +1,13 @@
> +diff --git a/Makefile.in b/Makefile.in
> +index 4f7f5a6..d59b9b1 100644
> +--- a/Makefile.in
> ++++ b/Makefile.in
> +@@ -21,7 +21,7 @@ top_srcdir =3D	@top_srcdir@
> +=C2=A0
> + VERSION=3D@BIND9_VERSION@
> +=C2=A0
> +-SUBDIRS =3D	make unit lib bin doc @LIBEXPORT@
> ++SUBDIRS =3D	make lib doc @LIBEXPORT@
> + TARGETS =3D
> +=C2=A0
> + MANPAGES =3D	isc-config.sh.1
> diff --git a/bind/trusted-key.key b/bind/trusted-key.key
> deleted file mode 100644
> index ea07836..0000000
> --- a/bind/trusted-key.key
> +++ /dev/null
> @@ -1 +0,0 @@
> -. 3600 IN DNSKEY 257 3 8
> AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjFFVQUTf6v58fLjwBd0YI=
0Ez
> rAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoXbfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZ=
xkj
> f5/Efucp2gaDX6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpzW5hOA2h=
zCT
> MjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relSQageu+ipAdTTJ25AsRTAoub8ONGcL=
mqr
> AmRLKBP1dfwhYB4N7knNnulqQxA+Uk1ihz0=3D

--===============5982980224510260066==
Content-Type: application/pgp-signature
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="signature.asc"
MIME-Version: 1.0

LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KVmVyc2lvbjogR251UEcgdjIKCmlRSWNCQUFC
Q2dBR0JRSllzYUVPQUFvSkVJQjU4UDl2a0FrSEJsQVAvajZEd2JlRXFFZm1VeGVFaEt1R00xL2UK
N052ekRHN1ZCemtaVWxzbnpaWnlVYkFEenk2Qmo5NnVqSy9ZV2ZYcWVrMjJpZjlHM0ROWS9uVjR4
ZHFHMjY4MgpmOXhzcW1xVnJwWVNXbmllRXloS24vRFlKeGJGNHNxbjM3U1kwK3ZzYmZZTEZCMWFC
YjhPbWZZdDliOFZjc0lVCkh1VndMbWVaaGZSNnlDRkNuTzVER2txYjE3YkZEWS8xU1JCQnhLaEwv
c3FpSHBGNHdzRUNBSEFJTDgybEhoc00KTnVvL0xjZzhGV3grVHcydGlGRmloMzNoSFdNeUM0bm9N
YldPYjB2RENaaHJSRThJUVBvYjlXcktpRFd3d250UgpQL0lXbk9IY0tqVHhkNndGVDkvbHppdDUr
cTRZK0g0eDVWM3hzYmVGVGdPU3J6ZkNUQWRJalRDYk04WnNwYXlxClNlNExCbmZyUCtuVjlWT0li
dm5JVlhoamM2QTNqOEVoMTRZejFqK3l4VFJGeU1oeUZybFYyVVk0QjhhRFJleG8KdXdMd280cDVs
YW0vcGVQQWNabHRDY3FvRXFydVVvQmF5NHdoWW5vK2Y1MnIxc0RGVTdZQ05pVXN6bGt1TDR2dgpM
SitMc0RTZkVINnRxU3NDS1RLeER3V1dlQnE1TG5kdmJVM2hlUHZjd3VmN0t6WkdJN3NqNitTSTU2
R1BVRXEwCnk1bDgydmR0ZWZlZFdpcEp6YllaVGJ2YkNmWFo4QlBaTG9KTkFBNkdnZ1JOMXhWM3JT
VTM0WlNOYVJOZE1yYkIKd0dHOUk0Nyt0bFBpUkxjMHNtazQ3Z0lEYUluTytqazB2OXljR21aUmdY
MFNLOU82WUNRdi9MY2NzUE0rRDVNVgpFMWxEcVhmMlFjSnVqWFR3UXJvTgo9ajFuTAotLS0tLUVO
RCBQR1AgU0lHTkFUVVJFLS0tLS0K

--===============5982980224510260066==--