Mail archive
alpine-aports

[alpine-aports] [PATCH] testing/knot: added dnssec timestamps patch + cleanup

From: Dennis Przytarski <dennis_at_przytarski.com>
Date: Mon, 17 Aug 2015 09:26:25 +0000

added dnssec timestamps patch
named service after the corresponding binary
simplified scripts
---
 testing/knot/APKBUILD                |  36 ++--
 testing/knot/dnssec-timestamps.patch | 307 +++++++++++++++++++++++++++++++++++
 testing/knot/knot.confd              |   7 -
 testing/knot/knot.initd              |  35 ----
 testing/knot/knot.post-install       |   2 +-
 testing/knot/knot.pre-install        |   6 +-
 testing/knot/knotd.confd             |   1 +
 testing/knot/knotd.initd             |  36 ++++
 8 files changed, 370 insertions(+), 60 deletions(-)
 create mode 100644 testing/knot/dnssec-timestamps.patch
 delete mode 100644 testing/knot/knot.confd
 delete mode 100644 testing/knot/knot.initd
 create mode 100644 testing/knot/knotd.confd
 create mode 100644 testing/knot/knotd.initd
diff --git a/testing/knot/APKBUILD b/testing/knot/APKBUILD
index 2acbb5e..47b1746 100644
--- a/testing/knot/APKBUILD
+++ b/testing/knot/APKBUILD
_at_@ -3,7 +3,7 @@
 # Maintainer: Francesco Colista <fcolista_at_alpinelinux.org>
 pkgname=knot
 pkgver=2.0.0
-pkgrel=0
+pkgrel=1
 pkgdesc="An high-performance authoritative-only DNS server"
 url="https://www.knot-dns.cz"
 arch="all"
_at_@ -17,8 +17,9 @@ pkgusers="knot"
 pkggroups="knot"
 subpackages="$pkgname-dev $pkgname-doc"
 source="https://secure.nic.cz/files/knot-dns/${pkgname}-${pkgver}.tar.xz
-	knot.confd
-	knot.initd"
+	knotd.confd
+	knotd.initd
+	dnssec-timestamps.patch"
 _builddir="$srcdir"/$pkgname-$pkgver
 
 prepare() {
_at_@ -33,6 +34,7 @@ prepare() {
 
 build() {
 	cd "$_builddir"
+	autoreconf -if
 	./configure \
 		--build=$CBUILD \
 		--host=$CHOST \
_at_@ -41,16 +43,17 @@ build() {
 		--libexecdir=/usr/lib/knot \
 		--with-rundir=/var/run/knot \
 		--with-storage=/var/lib/knot \
-		--disable-silent-rules
-	make	
-	make check
+		--disable-silent-rules \
+		|| return 1
+	make || return 1
+	make check || return 1
 }
 
 package() {
 	cd "$_builddir"
-	make DESTDIR="${pkgdir}" install
-	install -Dm 644 "${srcdir}/knot.confd" "${pkgdir}/etc/conf.d/knot"
-	install -Dm 755 "${srcdir}/knot.initd" "${pkgdir}/etc/init.d/knot"
+	make DESTDIR="${pkgdir}" install || return 1
+	install -Dm 644 "${srcdir}/knotd.confd" "${pkgdir}/etc/conf.d/knotd"
+	install -Dm 755 "${srcdir}/knotd.initd" "${pkgdir}/etc/init.d/knotd"
 	chown $pkgusers:$pkggroups "${pkgdir}"/var/lib/$pkgname
 	chmod 750 "${pkgdir}"/var/lib/$pkgname
 	chown $pkgusers:$pkggroups "${pkgdir}"/var/run/$pkgname
_at_@ -59,11 +62,14 @@ package() {
 }
 
 md5sums="5d74b864640c32af3e125995a560fb38  knot-2.0.0.tar.xz
-5fb8fd53d39fc6ddc1e0982c75dc2d7e  knot.confd
-add687db820d7a1389e557db811e36b9  knot.initd"
+66f3111080662280d95bc928d6ca92d5  knotd.confd
+5bdbc22866a28caae068e65d53916915  knotd.initd
+9f43e63b3aa28e89ae6dc76a9c271bba  dnssec-timestamps.patch"
 sha256sums="28b2277647f618ea7edba741fd6685a8b1fc17d3a178b48f4ca7f2a43359998f  knot-2.0.0.tar.xz
-3f539ffd67cbcda1ef9e7acb68a2a3f1c3443ad9b5af14d2f96ccd74b0cd585a  knot.confd
-0d8014cf9f93ddfc882259a69b8fa5d016b736634e9bc19a8649c93894e56304  knot.initd"
+ff384d428c9e67139ed21b0c78eabf6a26d96f31775f6143ce0c4f9c4f6beaf3  knotd.confd
+c7690f1c4f748f436faa9e305ecbbb3d05e5cc50493eb10ca92bc73365578428  knotd.initd
+dc5f77bfba14a5d3c49a962fa3ae0b8db8422c97e09c53c253acba2ead6dfcdb  dnssec-timestamps.patch"
 sha512sums="52482132759294a41ad91c2f4f13ee985b79776f7f90a02e79ed96f2a1925872c5c6dc38f04a96144b4b21994d336850b718f2c834f09d03f3049a75dc5b1a5d  knot-2.0.0.tar.xz
-298bc9ae612de56f2a0b629f9241b42f7086f45964dbd7ee3ecb503ec5cc9ae83ff21fccc522bb022ffdbe16997a1b2b1273cf56cac4dfecfdb2fe26a42b9f78  knot.confd
-1648084a3872ae46f921aaa9b61620336b973adda1ef263aef89bcc1367aa8251e991f8a5e13c468cec63b82b73d9a9a452c68cc4e305e4a5768c3b80484f090  knot.initd"
+471d3c639a8235ba09491c99d36c0a4f1074d6055ccfd3807be02a30d3ed5bbe69a84f0414ea7810db6bbc1e38f5837108e5744fc59f949ed78a262a7de4597e  knotd.confd
+b6cd5b52ba65f9726164b21003fe0a0fc54f4f51aa7bbbcfd5b83aa4466e5224567a26c9c8ede13ac6a8090706e975e3220456112b20eb45304c9d92be7fb3d3  knotd.initd
+c00fdd36930261f86db7ef71c32e1ba310bff2fdc6f797c8bcc8b91dbfe1576e0802915d18ee76e1ce707e48a0bae473b79d478914aa4102d916689459491003  dnssec-timestamps.patch"
diff --git a/testing/knot/dnssec-timestamps.patch b/testing/knot/dnssec-timestamps.patch
new file mode 100644
index 0000000..d774eff
--- /dev/null
+++ b/testing/knot/dnssec-timestamps.patch
_at_@ -0,0 +1,307 @@
+diff --git a/src/dnssec/Makefile.am b/src/dnssec/Makefile.am
+index 46b4377..f6398a6 100644
+--- a/src/dnssec/Makefile.am
++++ b/src/dnssec/Makefile.am
+_at_@ -38,6 +38,8 @@ libshared_la_SOURCES = \
+ 	shared/pem.h \
+ 	shared/shared.h \
+ 	shared/strtonum.h \
++	shared/timestamp.c \
++	shared/timestamp.h \
+ 	shared/wire.h
+ 
+ libdnssec_la_CPPFLAGS = \
+diff --git a/src/dnssec/lib/kasp/dir/json.c b/src/dnssec/lib/kasp/dir/json.c
+index 333374a..a7f3aa9 100644
+--- a/src/dnssec/lib/kasp/dir/json.c
++++ b/src/dnssec/lib/kasp/dir/json.c
+_at_@ -23,9 +23,7 @@
+ #include "key.h"
+ #include "shared.h"
+ #include "strtonum.h"
+-
+-// ISO 8610
+-#define TIME_FORMAT "%Y-%m-%dT%H:%M:%S%z"
++#include "timestamp.h"
+ 
+ int decode_ignore(_unused_ const json_t *value, _unused_ void *result)
+ {
+_at_@ -279,14 +277,10 @@ int decode_time(const json_t *value, void *result)
+ 	}
+ 
+ 	const char *time_str = json_string_value(value);
+-	struct tm tm = { 0 };
+-	char *end = strptime(time_str, TIME_FORMAT, &tm);
+-	if (end == NULL || *end != '\0') {
++	if (!timestamp_read(time_str, time_ptr)) {
+ 		return DNSSEC_CONFIG_MALFORMED;
+ 	}
+ 
+-	*time_ptr = timegm(&tm);
+-
+ 	return DNSSEC_EOK;
+ }
+ 
+_at_@ -302,14 +296,8 @@ int encode_time(const void *value, json_t **result)
+ 		return DNSSEC_EOK;
+ 	}
+ 
+-	struct tm tm = { 0 };
+-	if (!gmtime_r(time_ptr, &tm)) {
+-		return DNSSEC_CONFIG_MALFORMED;
+-	}
+-
+ 	char buffer[128] = { 0 };
+-	int written = strftime(buffer, sizeof(buffer), TIME_FORMAT, &tm);
+-	if (written == 0) {
++	if (!timestamp_write(buffer, sizeof(buffer), *time_ptr)) {
+ 		return DNSSEC_CONFIG_MALFORMED;
+ 	}
+ 
+diff --git a/src/dnssec/shared/timestamp.c b/src/dnssec/shared/timestamp.c
+new file mode 100644
+index 0000000..37279a8
+--- /dev/null
++++ b/src/dnssec/shared/timestamp.c
+_at_@ -0,0 +1,96 @@
++/*  Copyright (C) 2015 CZ.NIC, z.s.p.o. <knot-dns_at_labs.nic.cz>
++
++    This program is free software: you can redistribute it and/or modify
++    it under the terms of the GNU General Public License as published by
++    the Free Software Foundation, either version 3 of the License, or
++    (at your option) any later version.
++
++    This program is distributed in the hope that it will be useful,
++    but WITHOUT ANY WARRANTY; without even the implied warranty of
++    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++    GNU General Public License for more details.
++
++    You should have received a copy of the GNU General Public License
++    along with this program.  If not, see <http://www.gnu.org/licenses/>.
++*/
++
++#include <assert.h>
++#include <stdbool.h>
++#include <time.h>
++
++#include "shared.h"
++
++/*
++ * POSIX strftime supports '%z', strptime doesn't.
++ */
++#define TIME_FORMAT "%Y-%m-%dT%H:%M:%S"
++
++/*!
++ * Read time zone offset in +hhmm or -hhmm format.
++ *
++ * Format written by '%z' specifier in \ref strftime.
++ */
++static bool read_timezone(const char *buffer, int *offset)
++{
++	assert(buffer);
++
++	if (strlen(buffer) != 5) {
++		return false;
++	}
++
++	char sign;
++	unsigned hours, mins;
++	if (sscanf(buffer, "%c%2u%2u", &sign, &hours, &mins) != 3) {
++		return false;
++	}
++
++	if (sign != '+' && sign != '-') {
++		return false;
++	}
++
++	if (hours > 23 || mins > 59) {
++		return false;
++	}
++
++	*offset = (sign == '+' ? 1 : -1) * (hours * 3600 + mins * 60);
++
++	return true;
++}
++
++_public_
++bool timestamp_write(char *buffer, size_t size, time_t timestamp)
++{
++	if (!buffer) {
++		return false;
++	}
++
++	struct tm tm = { 0 };
++	if (!gmtime_r(&timestamp, &tm)) {
++		return false;
++	}
++
++	return strftime(buffer, size, TIME_FORMAT "+0000", &tm) != 0;
++}
++
++_public_
++bool timestamp_read(const char *buffer, time_t *timestamp_ptr)
++{
++	if (!buffer || !timestamp_ptr) {
++		return false;
++	}
++
++	struct tm tm = { 0 };
++	const char *timezone = strptime(buffer, TIME_FORMAT, &tm);
++	if (timezone == NULL) {
++		return false;
++	}
++
++	int gmtoff = 0;
++	if (!read_timezone(timezone, &gmtoff)) {
++		return false;
++	}
++
++	*timestamp_ptr = timegm(&tm) - gmtoff;
++
++	return true;
++}
+diff --git a/src/dnssec/shared/timestamp.h b/src/dnssec/shared/timestamp.h
+new file mode 100644
+index 0000000..2cec029
+--- /dev/null
++++ b/src/dnssec/shared/timestamp.h
+_at_@ -0,0 +1,46 @@
++/*  Copyright (C) 2015 CZ.NIC, z.s.p.o. <knot-dns_at_labs.nic.cz>
++
++    This program is free software: you can redistribute it and/or modify
++    it under the terms of the GNU General Public License as published by
++    the Free Software Foundation, either version 3 of the License, or
++    (at your option) any later version.
++
++    This program is distributed in the hope that it will be useful,
++    but WITHOUT ANY WARRANTY; without even the implied warranty of
++    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++    GNU General Public License for more details.
++
++    You should have received a copy of the GNU General Public License
++    along with this program.  If not, see <http://www.gnu.org/licenses/>.
++*/
++
++#pragma once
++
++#include <stdbool.h>
++#include <time.h>
++
++/*
++ * The ISO 8610 'YYYY-MM-DDThh:mm:ss+zzzz' format is used.
++ */
++
++/*!
++ * Write time stamp into a string buffer.
++ *
++ * \param buffer     Buffer to write time stamp into.
++ * \param size       Size of the output buffer.
++ * \param timestamp  Time stamp value to be written.
++ *
++ * \return Time stamp was written successfully.
++ *
++ */
++bool timestamp_write(char *buffer, size_t size, time_t timestamp);
++
++/*!
++ * Read a time stamp from a string buffer.
++ *
++ * \param[in]  buffer     Buffer to read time stamp from.
++ * \param[out] timestamp  Read time stamp value.
++ *
++ * \return Time stamp was read successfully.
++ */
++bool timestamp_read(const char *buffer, time_t *timestamp);
+diff --git a/src/dnssec/tests/Makefile.am b/src/dnssec/tests/Makefile.am
+index 0d81130..3677eb5 100644
+--- a/src/dnssec/tests/Makefile.am
++++ b/src/dnssec/tests/Makefile.am
+_at_@ -43,6 +43,7 @@ check_PROGRAMS = \
+ 	shared_bignum	\
+ 	shared_dname	\
+ 	shared_strtonum	\
++	shared_timestamp \
+ 	shared_wire	\
+ 	tsig
+ 
+diff --git a/src/dnssec/tests/shared_timestamp.c b/src/dnssec/tests/shared_timestamp.c
+new file mode 100644
+index 0000000..6024c80
+--- /dev/null
++++ b/src/dnssec/tests/shared_timestamp.c
+_at_@ -0,0 +1,75 @@
++/*  Copyright (C) 2015 CZ.NIC, z.s.p.o. <knot-dns_at_labs.nic.cz>
++
++    This program is free software: you can redistribute it and/or modify
++    it under the terms of the GNU General Public License as published by
++    the Free Software Foundation, either version 3 of the License, or
++    (at your option) any later version.
++
++    This program is distributed in the hope that it will be useful,
++    but WITHOUT ANY WARRANTY; without even the implied warranty of
++    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++    GNU General Public License for more details.
++
++    You should have received a copy of the GNU General Public License
++    along with this program.  If not, see <http://www.gnu.org/licenses/>.
++*/
++
++#include <string.h>
++#include <tap/basic.h>
++
++#include "timestamp.h"
++
++int main(int argc, char *argv[])
++{
++	plan_lazy();
++
++	char buffer[128] = { 0 };
++
++	ok(timestamp_write(NULL, 0, 0) == false,
++	   "timestamp_write: no buffer");
++	ok(timestamp_write(buffer, 10, 0) == false,
++	   "timestamp_write: small buffer");
++	ok(timestamp_write(buffer, sizeof(buffer), 0) &&
++	   strcmp(buffer, "1970-01-01T00:00:00+0000") == 0,
++	   "timestamp_write: epoch begin");
++	ok(timestamp_write(buffer, sizeof(buffer), 1439554225) &&
++	   strcmp(buffer, "2015-08-14T12:10:25+0000") == 0,
++	   "timestamp_write: date in past");
++	ok(timestamp_write(buffer, sizeof(buffer), 2147483646) &&
++	   strcmp(buffer, "2038-01-19T03:14:06+0000") == 0,
++	   "timestamp_write: date in future (likely)");
++
++	time_t ts = 0;
++
++	ok(timestamp_read(NULL, &ts) == false,
++	   "timestamp_read: no buffer");
++	ok(timestamp_read("", NULL) == false,
++	   "timestamp_read: no output");
++	ok(timestamp_read("", &ts) == false,
++	   "timestamp_read: empty input");
++	ok(timestamp_read("1970-01-01T00:00:00", &ts) == false,
++	   "timestamp_read: missing time zone");
++	ok(timestamp_read("1970-01-01T00:00:00+000", &ts) == false,
++	   "timestamp_read: malformed time zone");
++	ok(timestamp_read("1970-01-01T00:00:00+2400", &ts) == false,
++	   "timestamp_read: malformed time zone hours");
++	ok(timestamp_read("1970-01-01T00:00:00+0090", &ts) == false,
++	   "timestamp_read: malformed time zone minuts");
++	ok(timestamp_read("1970-01-01T00:00:01+0000", &ts) && ts == 1,
++	   "timestamp_read: first second since epoch");
++	ok(timestamp_read("2009-02-13T23:31:31+0000", &ts) && ts == 1234567891,
++	   "timestamp_read: date in past");
++	ok(timestamp_read("2034-05-05T01:24:20+0000", &ts) && ts == 2030405060,
++	   "timestamp_read: date in future (likely)");
++
++	ok(timestamp_read("2015-08-14T14:25:46+0200", &ts) &&
++	   timestamp_write(buffer, sizeof(buffer), ts) &&
++	   strcmp(buffer, "2015-08-14T12:25:46+0000") == 0,
++	   "timestamp convert time zone (east)");
++	ok(timestamp_read("2015-08-14T10:19:17-0230", &ts) &&
++	   timestamp_write(buffer, sizeof(buffer), ts) &&
++	   strcmp(buffer, "2015-08-14T12:49:17+0000") == 0,
++	   "timestamp convert time zone (west)");
++
++	return 0;
++}
diff --git a/testing/knot/knot.confd b/testing/knot/knot.confd
deleted file mode 100644
index 4e6182e..0000000
--- a/testing/knot/knot.confd
+++ /dev/null
_at_@ -1,7 +0,0 @@
-command=/usr/sbin/knotd
-command_args="-d"
-pidfile=/var/run/knot/knot.pid
-required_files=/etc/knot/knot.conf
-extra_started_commands="reload"
-description_reload="Reload configuration and changed zones."
-
diff --git a/testing/knot/knot.initd b/testing/knot/knot.initd
deleted file mode 100644
index a6fea35..0000000
--- a/testing/knot/knot.initd
+++ /dev/null
_at_@ -1,35 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2013 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-dns/knot/files/knot.init,v 1.2 2013/08/21 09:23:59 scarabeus Exp $
-
-depend() {
-	need net
-}
-
-start() {
-	checkpath -d -m 0750 -o knot:knot /var/run/knot/ /var/lib/knot/
-
-	ebegin "Starting knot"
-	start-stop-daemon --start \
-		--pidfile $pidfile --exec $command -- $command_args
-	eend $?
-}
-
-stop() {
-	ebegin "Stopping knot"
-	/usr/sbin/knotc stop >/dev/null 2>&1
-	# In case remote control is not working
-	if [ "$?" != 0 ]; then
-		if [ -f $pidfile ]; then
-			start-stop-daemon --stop --pidfile $pidfile
-		fi
-	fi
-	ewend $?
-}
-
-reload() {
-	ebegin "Reloading knot"
-	/usr/sbin/knotc reload >/dev/null
-	eend $?
-}
diff --git a/testing/knot/knot.post-install b/testing/knot/knot.post-install
index fea7dac..179e5fc 100644
--- a/testing/knot/knot.post-install
+++ b/testing/knot/knot.post-install
_at_@ -2,7 +2,7 @@
 
 echo "*" >&2
 echo "*  Before running knot, you must create a knot.conf file." >&2
-echo "*  There is an example into /etc/knot directory. " >&2
+echo "*  There is an example in the /etc/knot directory." >&2
 echo "*  You can rename the example file and make the necessary adjustment." >&2
 echo "*" >&2
 
diff --git a/testing/knot/knot.pre-install b/testing/knot/knot.pre-install
index 9f270a3..6341b31 100644
--- a/testing/knot/knot.pre-install
+++ b/testing/knot/knot.pre-install
_at_@ -1,4 +1,6 @@
 #!/bin/sh
-addgroup knot 2>/dev/null
-adduser -H -s /sbin/nologin -S -D knot -G knot 2>/dev/null
+
+addgroup -G knot 2>/dev/null
+adduser -s /sbin/nologin -G knot -S -D -H knot 2>/dev/null
+
 exit 0
diff --git a/testing/knot/knotd.confd b/testing/knot/knotd.confd
new file mode 100644
index 0000000..f7a0c2a
--- /dev/null
+++ b/testing/knot/knotd.confd
_at_@ -0,0 +1 @@
+KNOTD_OPTS=""
diff --git a/testing/knot/knotd.initd b/testing/knot/knotd.initd
new file mode 100644
index 0000000..4930986
--- /dev/null
+++ b/testing/knot/knotd.initd
_at_@ -0,0 +1,36 @@
+#!/sbin/openrc-run
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-dns/knot/files/knot.init,v 1.2 2013/08/21 09:23:59 scarabeus Exp $
+
+name="knotd"
+command="/usr/sbin/knotd"
+command_args="-d ${KNOTD_OPTS}"
+start_stop_daemon_args="--wait 5"
+required_files=/etc/knot/knot.conf
+extra_started_commands="reload"
+description_reload="Reload configuration and changed zones"
+
+depend() {
+	need net
+}
+
+start_pre() {
+	checkpath -d -m 0750 -o knot:knot /var/run/knot/ /var/lib/knot/
+}
+
+stop() {
+	ebegin "Stopping ${name}"
+	/usr/sbin/knotc stop >/dev/null 2>&1
+	# Mark service as stopped if remote control was successful
+	if [ 0 -eq $? ]; then
+		start-stop-daemon --stop --quiet --pidfile /var/run/knot/knot.pid
+	fi
+	eend $?
+}
+
+reload() {
+	ebegin "Reloading knot"
+	/usr/sbin/knotc reload >/dev/null
+	eend $?
+}
-- 
2.4.1
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Mon Aug 17 2015 - 09:26:25 GMT