- up to 2.2.3 with openssl 1.1.1 support

diff --git a/build.patch b/build.patch
new file mode 100644 (file)
index 0000000..d3243b9
--- /dev/null
+++ b/build.patch
@@ -0,0 +1,10 @@
+--- dnssec-tools/validator/apps/dnssec-check/DnssecCheckVersion.h~     2018-08-30 00:25:30.000000000 +0200
++++ dnssec-tools/validator/apps/dnssec-check/DnssecCheckVersion.h      2018-09-18 10:45:17.870124105 +0200
+@@ -1,6 +1,6 @@
+ #ifndef DNSSECCHECKVERSION_H
+ #define DNSSECCHECKVERSION_H
+ 
+-#define .2"
++#define DNSSEC_CHECK_VERSION "2.2"
+ 
+ #endif // DNSSECCHECKVERSION_H

diff --git a/dnssec-tools.spec b/dnssec-tools.spec
index 2f404d2e290b63507bbbf95ba3b84a8e055d41d2..d0fe1c2e42a6c8c0ee712cf5e544508c0cb69dd6 100644 (file)
--- a/dnssec-tools.spec
+++ b/dnssec-tools.spec
@@ -8,15 +8,15 @@
 Summary:       DNSSEC tools
 Summary(pl.UTF-8):     Narzędzia DNSSEC
 Name:          dnssec-tools
-Version:       2.2
-Release:       10
+Version:       2.2.3
+Release:       1
 License:       BSD
 Group:         Applications/Networking
-Source0:       http://www.dnssec-tools.org/download/%{name}-%{version}.tar.gz
-# Source0-md5: ceb39b4d2376bfc4aa22f73846c11789
+Source0:       https://github.com/DNSSEC-Tools/DNSSEC-Tools/archive/dnssec-tools-2.2.3.tar.gz
+# Source0-md5: 235bfa9bf059b2f5502db2877444646b
 Patch0:                %{name}-link.patch
 Patch1:                %{name}-qt.patch
-Patch2:                glibc-2.25.patch
+Patch2:                build.patch
 URL:           http://www.dnssec-tools.org/
 BuildRequires: openssl-devel
 BuildRequires: perl-ExtUtils-MakeMaker
@@ -117,12 +117,14 @@ Perl modules supporting DNSSEC.
 Moduły Perla wspierające DNSSEC.
 
 %prep
-%setup -q
+%setup -q -n DNSSEC-Tools-dnssec-tools-%{version}
+cd dnssec-tools
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
 
 %build
+cd dnssec-tools
 %configure \
        ac_cv_lib_nsl_inet_ntop=no \
        --disable-bind-checks \
@@ -148,6 +150,7 @@ done
 
 %install
 rm -rf $RPM_BUILD_ROOT
+cd dnssec-tools
 %{__make} -j1 install \
        DESTDIR=$RPM_BUILD_ROOT
 
@@ -180,7 +183,7 @@ rm -rf $RPM_BUILD_ROOT
 
 %files
 %defattr(644,root,root,755)
-%doc COPYING ChangeLog NEWS README
+%doc dnssec-tools/{COPYING,ChangeLog,NEWS,README.md}
 %attr(755,root,root) %{_bindir}/blinkenlights
 %attr(755,root,root) %{_bindir}/bubbles
 %attr(755,root,root) %{_bindir}/buildrealms

diff --git a/glibc-2.25.patch b/glibc-2.25.patch
deleted file mode 100644 (file)
index 5b836c2..0000000
--- a/glibc-2.25.patch
+++ /dev/null
@@ -1,128 +0,0 @@
-diff --git a/validator/include/validator/validator-compat.h b/validator/include/validator/validator-compat.h
-index c6ebf23..515df6d 100644
---- a/validator/include/validator/validator-compat.h
-+++ b/validator/include/validator/validator-compat.h
-@@ -678,6 +678,11 @@ typedef enum __ns_rcode {
- #define ns_t_zxfr    256 /* BIND-specific, nonstandard. */
- #endif /* HAVE_NS_T_KX */
-
-+/* glibc 2.25 is missing ns_t_zxfr */
-+#if !defined(ns_t_zxfr)
-+#define ns_t_zxfr    256 /* BIND-specific, nonstandard. */
-+#endif /* glibc 2.25 */
-+
- #if !HAVE_DECL_NS_T_DS
- #define ns_t_ds       43
- #endif
-@@ -818,53 +823,6 @@ typedef enum __ns_flag {
-         ns_f_max
- } ns_flag;
-
--/* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */
--#define NS_ALG_MD5RSA           1       /* MD5 with RSA */
--#define NS_ALG_DH               2       /* Diffie Hellman KEY */
--#define NS_ALG_DSA              3       /* DSA KEY */
--#define NS_ALG_DSS              NS_ALG_DSA
--#define NS_ALG_EXPIRE_ONLY      253     /* No alg, no security */
--#define NS_ALG_PRIVATE_OID      254     /* Key begins with OID giving alg */
--
--/* Protocol values  */
--/* value 0 is reserved */
--#define NS_KEY_PROT_TLS         1
--#define NS_KEY_PROT_EMAIL       2
--#define NS_KEY_PROT_DNSSEC      3
--#define NS_KEY_PROT_IPSEC       4
--#define NS_KEY_PROT_ANY         255
--
--/* Signatures */
--#define NS_MD5RSA_MIN_BITS       512    /* Size of a mod or exp in bits */
--#define NS_MD5RSA_MAX_BITS      2552
--        /* Total of binary mod and exp */
--#define NS_MD5RSA_MAX_BYTES     ((NS_MD5RSA_MAX_BITS+7/8)*2+3)
--        /* Max length of text sig block */
--#define NS_MD5RSA_MAX_BASE64    (((NS_MD5RSA_MAX_BYTES+2)/3)*4)
--#define NS_MD5RSA_MIN_SIZE      ((NS_MD5RSA_MIN_BITS+7)/8)
--#define NS_MD5RSA_MAX_SIZE      ((NS_MD5RSA_MAX_BITS+7)/8)
--
--#define NS_DSA_SIG_SIZE         41
--#define NS_DSA_MIN_SIZE         213
--#define NS_DSA_MAX_BYTES        405
--
--/* Offsets into SIG record rdata to find various values */
--#define NS_SIG_TYPE     0       /* Type flags */
--#define NS_SIG_ALG      2       /* Algorithm */
--#define NS_SIG_LABELS   3       /* How many labels in name */
--#define NS_SIG_OTTL     4       /* Original TTL */
--#define NS_SIG_EXPIR    8       /* Expiration time */
--#define NS_SIG_SIGNED   12      /* Signature time */
--#define NS_SIG_FOOT     16      /* Key footprint */
--#define NS_SIG_SIGNER   18      /* Domain name of who signed it */
--
--/* How RR types are represented as bit-flags in NXT records */
--#define NS_NXT_BITS 8
--#define NS_NXT_BIT_SET(  n,p) (p[(n)/NS_NXT_BITS] |=  (0x80>>((n)%NS_NXT_BITS)))
--#define NS_NXT_BIT_CLEAR(n,p) (p[(n)/NS_NXT_BITS] &= ~(0x80>>((n)%NS_NXT_BITS)))
--#define NS_NXT_BIT_ISSET(n,p) (p[(n)/NS_NXT_BITS] &   (0x80>>((n)%NS_NXT_BITS)))
--#define NS_NXT_MAX 127
--
- /*
-  * Inline versions of get/put short/long.  Pointer is advanced.
-  */
-@@ -931,6 +889,57 @@ int       ns_parse_ttl(const char *, u_long *);
-
- #endif /* HAVE_ARPA_NAMESER_H */
-
-+/* glibc 2.25 passes HAVE_ARPA_NAMESER_H, but doesn't have NS_ALG_MD5RSA and more defines. */
-+#if !defined(HAVE_ARPA_NAMESER_H) || defined(eabi) || defined(ANDROID) ||defined(__OpenBSD__) || !defined(NS_ALG_MD5RSA)
-+/* The Algorithm field of the KEY and SIG RR's is an integer, {1..254} */
-+#define NS_ALG_MD5RSA           1       /* MD5 with RSA */
-+#define NS_ALG_DH               2       /* Diffie Hellman KEY */
-+#define NS_ALG_DSA              3       /* DSA KEY */
-+#define NS_ALG_DSS              NS_ALG_DSA
-+#define NS_ALG_EXPIRE_ONLY      253     /* No alg, no security */
-+#define NS_ALG_PRIVATE_OID      254     /* Key begins with OID giving alg */
-+
-+/* Protocol values  */
-+/* value 0 is reserved */
-+#define NS_KEY_PROT_TLS         1
-+#define NS_KEY_PROT_EMAIL       2
-+#define NS_KEY_PROT_DNSSEC      3
-+#define NS_KEY_PROT_IPSEC       4
-+#define NS_KEY_PROT_ANY         255
-+
-+/* Signatures */
-+#define NS_MD5RSA_MIN_BITS       512    /* Size of a mod or exp in bits */
-+#define NS_MD5RSA_MAX_BITS      2552
-+        /* Total of binary mod and exp */
-+#define NS_MD5RSA_MAX_BYTES     ((NS_MD5RSA_MAX_BITS+7/8)*2+3)
-+        /* Max length of text sig block */
-+#define NS_MD5RSA_MAX_BASE64    (((NS_MD5RSA_MAX_BYTES+2)/3)*4)
-+#define NS_MD5RSA_MIN_SIZE      ((NS_MD5RSA_MIN_BITS+7)/8)
-+#define NS_MD5RSA_MAX_SIZE      ((NS_MD5RSA_MAX_BITS+7)/8)
-+
-+#define NS_DSA_SIG_SIZE         41
-+#define NS_DSA_MIN_SIZE         213
-+#define NS_DSA_MAX_BYTES        405
-+
-+/* Offsets into SIG record rdata to find various values */
-+#define NS_SIG_TYPE     0       /* Type flags */
-+#define NS_SIG_ALG      2       /* Algorithm */
-+#define NS_SIG_LABELS   3       /* How many labels in name */
-+#define NS_SIG_OTTL     4       /* Original TTL */
-+#define NS_SIG_EXPIR    8       /* Expiration time */
-+#define NS_SIG_SIGNED   12      /* Signature time */
-+#define NS_SIG_FOOT     16      /* Key footprint */
-+#define NS_SIG_SIGNER   18      /* Domain name of who signed it */
-+
-+/* How RR types are represented as bit-flags in NXT records */
-+#define NS_NXT_BITS 8
-+#define NS_NXT_BIT_SET(  n,p) (p[(n)/NS_NXT_BITS] |=  (0x80>>((n)%NS_NXT_BITS)))
-+#define NS_NXT_BIT_CLEAR(n,p) (p[(n)/NS_NXT_BITS] &= ~(0x80>>((n)%NS_NXT_BITS)))
-+#define NS_NXT_BIT_ISSET(n,p) (p[(n)/NS_NXT_BITS] &   (0x80>>((n)%NS_NXT_BITS)))
-+#define NS_NXT_MAX 127
-+#endif
-+/* glibc 2.25 */
-+
- int libsres_msg_getflag(ns_msg han, int flag);
- /*
-  * at one open ns_msg_getflag was a macro on Linux, but now it is a