added dnssec timestamps patch
named service after the corresponding binary
simplified scripts
---
testing/knot/APKBUILD | 36 ++--
testing/knot/dnssec-timestamps.patch | 307 +++++++++++++++++++++++++++++++++++
testing/knot/knot.confd | 7 -
testing/knot/knot.initd | 35 ----
testing/knot/knot.post-install | 2 +-
testing/knot/knot.pre-install | 6 +-
testing/knot/knotd.confd | 1 +
testing/knot/knotd.initd | 36 ++++
8 files changed, 370 insertions(+), 60 deletions(-)
create mode 100644 testing/knot/dnssec-timestamps.patch
delete mode 100644 testing/knot/knot.confd
delete mode 100644 testing/knot/knot.initd
create mode 100644 testing/knot/knotd.confd
create mode 100644 testing/knot/knotd.initd
diff --git a/testing/knot/APKBUILD b/testing/knot/APKBUILD
index 2acbb5e..47b1746 100644
--- a/testing/knot/APKBUILD
+++ b/testing/knot/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Francesco Colista <fcolista@alpinelinux.org>
pkgname=knot
pkgver=2.0.0
-pkgrel=0
+pkgrel=1
pkgdesc="An high-performance authoritative-only DNS server"
url="https://www.knot-dns.cz"
arch="all"
@@ -17,8 +17,9 @@ pkgusers="knot"
pkggroups="knot"
subpackages="$pkgname-dev $pkgname-doc"
source="https://secure.nic.cz/files/knot-dns/${pkgname}-${pkgver}.tar.xz
- knot.confd
- knot.initd"
+ knotd.confd
+ knotd.initd
+ dnssec-timestamps.patch"
_builddir="$srcdir"/$pkgname-$pkgver
prepare() {
@@ -33,6 +34,7 @@ prepare() {
build() {
cd "$_builddir"
+ autoreconf -if
./configure \
--build=$CBUILD \
--host=$CHOST \
@@ -41,16 +43,17 @@ build() {
--libexecdir=/usr/lib/knot \
--with-rundir=/var/run/knot \
--with-storage=/var/lib/knot \
- --disable-silent-rules
- make
- make check
+ --disable-silent-rules \
+ || return 1
+ make || return 1
+ make check || return 1
}
package() {
cd "$_builddir"
- make DESTDIR="${pkgdir}" install
- install -Dm 644 "${srcdir}/knot.confd" "${pkgdir}/etc/conf.d/knot"
- install -Dm 755 "${srcdir}/knot.initd" "${pkgdir}/etc/init.d/knot"
+ make DESTDIR="${pkgdir}" install || return 1
+ install -Dm 644 "${srcdir}/knotd.confd" "${pkgdir}/etc/conf.d/knotd"
+ install -Dm 755 "${srcdir}/knotd.initd" "${pkgdir}/etc/init.d/knotd"
chown $pkgusers:$pkggroups "${pkgdir}"/var/lib/$pkgname
chmod 750 "${pkgdir}"/var/lib/$pkgname
chown $pkgusers:$pkggroups "${pkgdir}"/var/run/$pkgname
@@ -59,11 +62,14 @@ package() {
}
md5sums="5d74b864640c32af3e125995a560fb38 knot-2.0.0.tar.xz
-5fb8fd53d39fc6ddc1e0982c75dc2d7e knot.confd
-add687db820d7a1389e557db811e36b9 knot.initd"
+66f3111080662280d95bc928d6ca92d5 knotd.confd
+5bdbc22866a28caae068e65d53916915 knotd.initd
+9f43e63b3aa28e89ae6dc76a9c271bba dnssec-timestamps.patch"
sha256sums="28b2277647f618ea7edba741fd6685a8b1fc17d3a178b48f4ca7f2a43359998f knot-2.0.0.tar.xz
-3f539ffd67cbcda1ef9e7acb68a2a3f1c3443ad9b5af14d2f96ccd74b0cd585a knot.confd
-0d8014cf9f93ddfc882259a69b8fa5d016b736634e9bc19a8649c93894e56304 knot.initd"
+ff384d428c9e67139ed21b0c78eabf6a26d96f31775f6143ce0c4f9c4f6beaf3 knotd.confd
+c7690f1c4f748f436faa9e305ecbbb3d05e5cc50493eb10ca92bc73365578428 knotd.initd
+dc5f77bfba14a5d3c49a962fa3ae0b8db8422c97e09c53c253acba2ead6dfcdb dnssec-timestamps.patch"
sha512sums="52482132759294a41ad91c2f4f13ee985b79776f7f90a02e79ed96f2a1925872c5c6dc38f04a96144b4b21994d336850b718f2c834f09d03f3049a75dc5b1a5d knot-2.0.0.tar.xz
-298bc9ae612de56f2a0b629f9241b42f7086f45964dbd7ee3ecb503ec5cc9ae83ff21fccc522bb022ffdbe16997a1b2b1273cf56cac4dfecfdb2fe26a42b9f78 knot.confd
-1648084a3872ae46f921aaa9b61620336b973adda1ef263aef89bcc1367aa8251e991f8a5e13c468cec63b82b73d9a9a452c68cc4e305e4a5768c3b80484f090 knot.initd"
+471d3c639a8235ba09491c99d36c0a4f1074d6055ccfd3807be02a30d3ed5bbe69a84f0414ea7810db6bbc1e38f5837108e5744fc59f949ed78a262a7de4597e knotd.confd
+b6cd5b52ba65f9726164b21003fe0a0fc54f4f51aa7bbbcfd5b83aa4466e5224567a26c9c8ede13ac6a8090706e975e3220456112b20eb45304c9d92be7fb3d3 knotd.initd
+c00fdd36930261f86db7ef71c32e1ba310bff2fdc6f797c8bcc8b91dbfe1576e0802915d18ee76e1ce707e48a0bae473b79d478914aa4102d916689459491003 dnssec-timestamps.patch"
diff --git a/testing/knot/dnssec-timestamps.patch b/testing/knot/dnssec-timestamps.patch
new file mode 100644
index 0000000..d774eff
--- /dev/null
+++ b/testing/knot/dnssec-timestamps.patch
@@ -0,0 +1,307 @@
+diff --git a/src/dnssec/Makefile.am b/src/dnssec/Makefile.am
+index 46b4377..f6398a6 100644
+--- a/src/dnssec/Makefile.am
++++ b/src/dnssec/Makefile.am
+@@ -38,6 +38,8 @@ libshared_la_SOURCES = \
+ shared/pem.h \
+ shared/shared.h \
+ shared/strtonum.h \
++ shared/timestamp.c \
++ shared/timestamp.h \
+ shared/wire.h
+
+ libdnssec_la_CPPFLAGS = \
+diff --git a/src/dnssec/lib/kasp/dir/json.c b/src/dnssec/lib/kasp/dir/json.c
+index 333374a..a7f3aa9 100644
+--- a/src/dnssec/lib/kasp/dir/json.c
++++ b/src/dnssec/lib/kasp/dir/json.c
+@@ -23,9 +23,7 @@
+ #include "key.h"
+ #include "shared.h"
+ #include "strtonum.h"
+-
+-// ISO 8610
+-#define TIME_FORMAT "%Y-%m-%dT%H:%M:%S%z"
++#include "timestamp.h"
+
+ int decode_ignore(_unused_ const json_t *value, _unused_ void *result)
+ {
+@@ -279,14 +277,10 @@ int decode_time(const json_t *value, void *result)
+ }
+
+ const char *time_str = json_string_value(value);
+- struct tm tm = { 0 };
+- char *end = strptime(time_str, TIME_FORMAT, &tm);
+- if (end == NULL || *end != '\0') {
++ if (!timestamp_read(time_str, time_ptr)) {
+ return DNSSEC_CONFIG_MALFORMED;
+ }
+
+- *time_ptr = timegm(&tm);
+-
+ return DNSSEC_EOK;
+ }
+
+@@ -302,14 +296,8 @@ int encode_time(const void *value, json_t **result)
+ return DNSSEC_EOK;
+ }
+
+- struct tm tm = { 0 };
+- if (!gmtime_r(time_ptr, &tm)) {
+- return DNSSEC_CONFIG_MALFORMED;
+- }
+-
+ char buffer[128] = { 0 };
+- int written = strftime(buffer, sizeof(buffer), TIME_FORMAT, &tm);
+- if (written == 0) {
++ if (!timestamp_write(buffer, sizeof(buffer), *time_ptr)) {
+ return DNSSEC_CONFIG_MALFORMED;
+ }
+
+diff --git a/src/dnssec/shared/timestamp.c b/src/dnssec/shared/timestamp.c
+new file mode 100644
+index 0000000..37279a8
+--- /dev/null
++++ b/src/dnssec/shared/timestamp.c
+@@ -0,0 +1,96 @@
++/* Copyright (C) 2015 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
++
++ This program is free software: you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation, either version 3 of the License, or
++ (at your option) any later version.
++
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU General Public License for more details.
++
++ You should have received a copy of the GNU General Public License
++ along with this program. If not, see <http://www.gnu.org/licenses/>.
++*/
++
++#include <assert.h>
++#include <stdbool.h>
++#include <time.h>
++
++#include "shared.h"
++
++/*
++ * POSIX strftime supports '%z', strptime doesn't.
++ */
++#define TIME_FORMAT "%Y-%m-%dT%H:%M:%S"
++
++/*!
++ * Read time zone offset in +hhmm or -hhmm format.
++ *
++ * Format written by '%z' specifier in \ref strftime.
++ */
++static bool read_timezone(const char *buffer, int *offset)
++{
++ assert(buffer);
++
++ if (strlen(buffer) != 5) {
++ return false;
++ }
++
++ char sign;
++ unsigned hours, mins;
++ if (sscanf(buffer, "%c%2u%2u", &sign, &hours, &mins) != 3) {
++ return false;
++ }
++
++ if (sign != '+' && sign != '-') {
++ return false;
++ }
++
++ if (hours > 23 || mins > 59) {
++ return false;
++ }
++
++ *offset = (sign == '+' ? 1 : -1) * (hours * 3600 + mins * 60);
++
++ return true;
++}
++
++_public_
++bool timestamp_write(char *buffer, size_t size, time_t timestamp)
++{
++ if (!buffer) {
++ return false;
++ }
++
++ struct tm tm = { 0 };
++ if (!gmtime_r(×tamp, &tm)) {
++ return false;
++ }
++
++ return strftime(buffer, size, TIME_FORMAT "+0000", &tm) != 0;
++}
++
++_public_
++bool timestamp_read(const char *buffer, time_t *timestamp_ptr)
++{
++ if (!buffer || !timestamp_ptr) {
++ return false;
++ }
++
++ struct tm tm = { 0 };
++ const char *timezone = strptime(buffer, TIME_FORMAT, &tm);
++ if (timezone == NULL) {
++ return false;
++ }
++
++ int gmtoff = 0;
++ if (!read_timezone(timezone, &gmtoff)) {
++ return false;
++ }
++
++ *timestamp_ptr = timegm(&tm) - gmtoff;
++
++ return true;
++}
+diff --git a/src/dnssec/shared/timestamp.h b/src/dnssec/shared/timestamp.h
+new file mode 100644
+index 0000000..2cec029
+--- /dev/null
++++ b/src/dnssec/shared/timestamp.h
+@@ -0,0 +1,46 @@
++/* Copyright (C) 2015 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
++
++ This program is free software: you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation, either version 3 of the License, or
++ (at your option) any later version.
++
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU General Public License for more details.
++
++ You should have received a copy of the GNU General Public License
++ along with this program. If not, see <http://www.gnu.org/licenses/>.
++*/
++
++#pragma once
++
++#include <stdbool.h>
++#include <time.h>
++
++/*
++ * The ISO 8610 'YYYY-MM-DDThh:mm:ss+zzzz' format is used.
++ */
++
++/*!
++ * Write time stamp into a string buffer.
++ *
++ * \param buffer Buffer to write time stamp into.
++ * \param size Size of the output buffer.
++ * \param timestamp Time stamp value to be written.
++ *
++ * \return Time stamp was written successfully.
++ *
++ */
++bool timestamp_write(char *buffer, size_t size, time_t timestamp);
++
++/*!
++ * Read a time stamp from a string buffer.
++ *
++ * \param[in] buffer Buffer to read time stamp from.
++ * \param[out] timestamp Read time stamp value.
++ *
++ * \return Time stamp was read successfully.
++ */
++bool timestamp_read(const char *buffer, time_t *timestamp);
+diff --git a/src/dnssec/tests/Makefile.am b/src/dnssec/tests/Makefile.am
+index 0d81130..3677eb5 100644
+--- a/src/dnssec/tests/Makefile.am
++++ b/src/dnssec/tests/Makefile.am
+@@ -43,6 +43,7 @@ check_PROGRAMS = \
+ shared_bignum \
+ shared_dname \
+ shared_strtonum \
++ shared_timestamp \
+ shared_wire \
+ tsig
+
+diff --git a/src/dnssec/tests/shared_timestamp.c b/src/dnssec/tests/shared_timestamp.c
+new file mode 100644
+index 0000000..6024c80
+--- /dev/null
++++ b/src/dnssec/tests/shared_timestamp.c
+@@ -0,0 +1,75 @@
++/* Copyright (C) 2015 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz>
++
++ This program is free software: you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation, either version 3 of the License, or
++ (at your option) any later version.
++
++ This program is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU General Public License for more details.
++
++ You should have received a copy of the GNU General Public License
++ along with this program. If not, see <http://www.gnu.org/licenses/>.
++*/
++
++#include <string.h>
++#include <tap/basic.h>
++
++#include "timestamp.h"
++
++int main(int argc, char *argv[])
++{
++ plan_lazy();
++
++ char buffer[128] = { 0 };
++
++ ok(timestamp_write(NULL, 0, 0) == false,
++ "timestamp_write: no buffer");
++ ok(timestamp_write(buffer, 10, 0) == false,
++ "timestamp_write: small buffer");
++ ok(timestamp_write(buffer, sizeof(buffer), 0) &&
++ strcmp(buffer, "1970-01-01T00:00:00+0000") == 0,
++ "timestamp_write: epoch begin");
++ ok(timestamp_write(buffer, sizeof(buffer), 1439554225) &&
++ strcmp(buffer, "2015-08-14T12:10:25+0000") == 0,
++ "timestamp_write: date in past");
++ ok(timestamp_write(buffer, sizeof(buffer), 2147483646) &&
++ strcmp(buffer, "2038-01-19T03:14:06+0000") == 0,
++ "timestamp_write: date in future (likely)");
++
++ time_t ts = 0;
++
++ ok(timestamp_read(NULL, &ts) == false,
++ "timestamp_read: no buffer");
++ ok(timestamp_read("", NULL) == false,
++ "timestamp_read: no output");
++ ok(timestamp_read("", &ts) == false,
++ "timestamp_read: empty input");
++ ok(timestamp_read("1970-01-01T00:00:00", &ts) == false,
++ "timestamp_read: missing time zone");
++ ok(timestamp_read("1970-01-01T00:00:00+000", &ts) == false,
++ "timestamp_read: malformed time zone");
++ ok(timestamp_read("1970-01-01T00:00:00+2400", &ts) == false,
++ "timestamp_read: malformed time zone hours");
++ ok(timestamp_read("1970-01-01T00:00:00+0090", &ts) == false,
++ "timestamp_read: malformed time zone minuts");
++ ok(timestamp_read("1970-01-01T00:00:01+0000", &ts) && ts == 1,
++ "timestamp_read: first second since epoch");
++ ok(timestamp_read("2009-02-13T23:31:31+0000", &ts) && ts == 1234567891,
++ "timestamp_read: date in past");
++ ok(timestamp_read("2034-05-05T01:24:20+0000", &ts) && ts == 2030405060,
++ "timestamp_read: date in future (likely)");
++
++ ok(timestamp_read("2015-08-14T14:25:46+0200", &ts) &&
++ timestamp_write(buffer, sizeof(buffer), ts) &&
++ strcmp(buffer, "2015-08-14T12:25:46+0000") == 0,
++ "timestamp convert time zone (east)");
++ ok(timestamp_read("2015-08-14T10:19:17-0230", &ts) &&
++ timestamp_write(buffer, sizeof(buffer), ts) &&
++ strcmp(buffer, "2015-08-14T12:49:17+0000") == 0,
++ "timestamp convert time zone (west)");
++
++ return 0;
++}
diff --git a/testing/knot/knot.confd b/testing/knot/knot.confd
deleted file mode 100644
index 4e6182e..0000000
--- a/testing/knot/knot.confd
@@ -1,7 +0,0 @@
-command=/usr/sbin/knotd
-command_args="-d"
-pidfile=/var/run/knot/knot.pid
-required_files=/etc/knot/knot.conf
-extra_started_commands="reload"
-description_reload="Reload configuration and changed zones."
-
diff --git a/testing/knot/knot.initd b/testing/knot/knot.initd
deleted file mode 100644
index a6fea35..0000000
--- a/testing/knot/knot.initd
@@ -1,35 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2013 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-dns/knot/files/knot.init,v 1.2 2013/08/21 09:23:59 scarabeus Exp $
-
-depend() {
- need net
-}
-
-start() {
- checkpath -d -m 0750 -o knot:knot /var/run/knot/ /var/lib/knot/
-
- ebegin "Starting knot"
- start-stop-daemon --start \
- --pidfile $pidfile --exec $command -- $command_args
- eend $?
-}
-
-stop() {
- ebegin "Stopping knot"
- /usr/sbin/knotc stop >/dev/null 2>&1
- # In case remote control is not working
- if [ "$?" != 0 ]; then
- if [ -f $pidfile ]; then
- start-stop-daemon --stop --pidfile $pidfile
- fi
- fi
- ewend $?
-}
-
-reload() {
- ebegin "Reloading knot"
- /usr/sbin/knotc reload >/dev/null
- eend $?
-}
diff --git a/testing/knot/knot.post-install b/testing/knot/knot.post-install
index fea7dac..179e5fc 100644
--- a/testing/knot/knot.post-install
+++ b/testing/knot/knot.post-install
@@ -2,7 +2,7 @@
echo "*" >&2
echo "* Before running knot, you must create a knot.conf file." >&2
-echo "* There is an example into /etc/knot directory. " >&2
+echo "* There is an example in the /etc/knot directory." >&2
echo "* You can rename the example file and make the necessary adjustment." >&2
echo "*" >&2
diff --git a/testing/knot/knot.pre-install b/testing/knot/knot.pre-install
index 9f270a3..6341b31 100644
--- a/testing/knot/knot.pre-install
+++ b/testing/knot/knot.pre-install
@@ -1,4 +1,6 @@
#!/bin/sh
-addgroup knot 2>/dev/null
-adduser -H -s /sbin/nologin -S -D knot -G knot 2>/dev/null
+
+addgroup -G knot 2>/dev/null
+adduser -s /sbin/nologin -G knot -S -D -H knot 2>/dev/null
+
exit 0
diff --git a/testing/knot/knotd.confd b/testing/knot/knotd.confd
new file mode 100644
index 0000000..f7a0c2a
--- /dev/null
+++ b/testing/knot/knotd.confd
@@ -0,0 +1 @@
+KNOTD_OPTS=""
diff --git a/testing/knot/knotd.initd b/testing/knot/knotd.initd
new file mode 100644
index 0000000..4930986
--- /dev/null
+++ b/testing/knot/knotd.initd
@@ -0,0 +1,36 @@
+#!/sbin/openrc-run
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-dns/knot/files/knot.init,v 1.2 2013/08/21 09:23:59 scarabeus Exp $
+
+name="knotd"
+command="/usr/sbin/knotd"
+command_args="-d ${KNOTD_OPTS}"
+start_stop_daemon_args="--wait 5"
+required_files=/etc/knot/knot.conf
+extra_started_commands="reload"
+description_reload="Reload configuration and changed zones"
+
+depend() {
+ need net
+}
+
+start_pre() {
+ checkpath -d -m 0750 -o knot:knot /var/run/knot/ /var/lib/knot/
+}
+
+stop() {
+ ebegin "Stopping ${name}"
+ /usr/sbin/knotc stop >/dev/null 2>&1
+ # Mark service as stopped if remote control was successful
+ if [ 0 -eq $? ]; then
+ start-stop-daemon --stop --quiet --pidfile /var/run/knot/knot.pid
+ fi
+ eend $?
+}
+
+reload() {
+ ebegin "Reloading knot"
+ /usr/sbin/knotc reload >/dev/null
+ eend $?
+}
--
2.4.1
---
Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org
Help: alpine-aports+help@lists.alpinelinux.org
---