Compiling dnsmasq with dnssec support?
Johannes Kastl
mail at ojkastl.de
Sun Oct 30 09:42:37 PDT 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear all,
On 30.10.16 17:28 Clemens Lang wrote:
> I'd suggest to just enable it without a variant. If it's
> configurable at runtime, I don't see the need to make users jump
> through hoops.
I tried both, and both seemed to work in my tests.
This is just a rough draft, as I do not know if it is better to put
the trust-anchors in a separate file (which seems to be the case
upstream) or not.
Find my two Portfiles attached.
Johannes
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with SeaMonkey - http://www.enigmail.net/
iEYEARECAAYFAlgWIvcACgkQzi3gQ/xETbLLXwCfWizZtGKqkpdrclOJB8nyARFR
uUQAni1tbeSAgxOffs/fqtMNkMsPvqN9
=Ul/2
-----END PGP SIGNATURE-----
-------------- next part --------------
# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4
# $Id: Portfile 148957 2016-05-23 19:28:42Z snc at macports.org $
PortSystem 1.0
name dnsmasq
version 2.76
categories net
license GPL
maintainers snc openmaintainer
description lightweight DNS forwarder and DHCP server
long_description Dnsmasq is lightweight, easy to configure DNS \
forwarder and DHCP server. It is designed to provide \
DNS and, optionally, DHCP, to a small network. It can \
serve the names of local machines which are not in the \
global DNS. The DHCP server integrates with the DNS \
server and allows machines with DHCP-allocated \
addresses to appear in the DNS with names configured \
either in each host or in a central configuration \
file. Dnsmasq supports static and dynamic DHCP leases \
and BOOTP for network booting of diskless machines.
homepage http://www.thekelleys.org.uk/dnsmasq/doc.html
platforms darwin
notes "A startup item has been generated that will aid in\
starting ${name} with launchd. You must specify the\
path to resolv.conf. For your protection, this script\
is disabled by default. Execute the following command\
to start it, and to cause it to launch at startup:\
\n\nsudo port load ${name}"
master_sites http://www.thekelleys.org.uk/dnsmasq/
use_xz yes
checksums rmd160 9932b6624dd705fa8826b055ebe23138d3b0302b \
sha256 4b92698dee19ca0cb2a8f2e48f1d2dffd01a21eb15d1fbed4cf085630c8c9f96
patchfiles patch-src-config.h.diff \
patch-src-network.c.diff
post-patch {
reinplace "s|@PREFIX@|${prefix}|g" ${worksrcpath}/src/config.h
reinplace s|#resolv-file=|resolv-file=/etc/resolv.conf| \
${worksrcpath}/dnsmasq.conf.example
}
use_configure no
variant universal {}
build.env-append CC="${configure.cc} [get_canonical_archflags]"
destroot.env-append CC="${configure.cc} [get_canonical_archflags]"
destroot.args PREFIX=${prefix}
destroot.keepdirs ${destroot}${prefix}/var/run/${name}
livecheck.type regex
livecheck.url ${master_sites}
livecheck.regex LATEST_IS_(\\d\\.\\d+)
# TODO: remove no_* variants after 2015-01-09
if { ! [variant_isset no_dhcp] } {
default_variants-append +dhcp
}
if { ! [variant_isset no_tftp] } {
default_variants-append +tftp
}
if { ! [variant_isset no_ipv6] } {
default_variants-append +ipv6
}
variant no_dhcp conflicts dhcp description { obsolete } {}
variant dhcp conflicts no_dhcp description { Provide built-in DHCP server } {
build.args-delete -DNO_DHCP
}
variant no_tftp conflicts tftp description { obsolete } {}
variant tftp conflicts no_tftp description { Provide built-in TFTP server } {
build.args-delete -DNO_TFTP
}
variant no_ipv6 conflicts ipv6 description { obsolete } {}
variant ipv6 conflicts no_ipv6 description { Provide IPV6 support } {
build.args-delete -DNO_IPV6
}
variant dnssec description {Enable DNSSEC} {
patchfiles-append patch-src-config.h_DNSSEC.diff
}
set COPTS {}
if {![variant_isset dhcp]} {
lappend COPTS -DNO_DHCP
}
if {![variant_isset tftp]} {
lappend COPTS -DNO_TFTP
}
if {![variant_isset ipv6]} {
lappend COPTS -DNO_IPV6
}
if {[llength $COPTS] > 0} {
set mycopts [join $COPTS " "]
build.args-append COPTS="$mycopts"
}
post-destroot {
copy ${worksrcpath}/dnsmasq.conf.example ${destroot}${prefix}/etc/dnsmasq.conf.example
# Create the directory that dnsmasq likes to store its pid in.
xinstall -d -m 777 ${destroot}${prefix}/var/run/${name}
#
# Set up a launchd item. The daemondo wrapper is not needed.
#
# Create the plist file.
set itemname ${startupitem.name}
set uniquename ${startupitem.uniquename}
set plistname ${startupitem.plist}
set daemondest ${startupitem.location}
set itemdir ${prefix}/etc/${daemondest}/${uniquename}
file mkdir ${destroot}${itemdir}
file attributes ${destroot}${itemdir} -owner root -group wheel
set plist [open "${destroot}${itemdir}/${plistname}" w 0644]
puts ${plist} "<?xml version='1.0' encoding='UTF-8'?>"
puts ${plist} "<!DOCTYPE plist PUBLIC \"-//Apple Computer//DTD PLIST 1.0//EN\""
puts ${plist} "\"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">"
puts ${plist} "<plist version='1.0'>"
puts ${plist} " <dict>"
puts ${plist} " <key>Disabled</key>"
puts ${plist} " <true/>"
puts ${plist} " <key>Label</key>"
puts ${plist} " <string>${uniquename}</string>"
puts ${plist} " <key>ProgramArguments</key>"
puts ${plist} " <array>"
puts ${plist} " <string>${prefix}/sbin/dnsmasq</string>"
puts ${plist} " <string>-k</string>"
puts ${plist} " </array>"
puts ${plist} " <key>RunAtLoad</key>"
puts ${plist} " <true/>"
puts ${plist} " <key>KeepAlive</key>"
puts ${plist} " <true/>"
puts ${plist} " </dict>"
puts ${plist} "</plist>"
close ${plist}
# Make a symlink to the plist file.
file mkdir "${destroot}/Library/${daemondest}"
ln -sf "${itemdir}/${plistname}" "${destroot}/Library/${daemondest}"
}
post-activate {
# copy configuration file if not previously created
if {![file exists ${prefix}/etc/dnsmasq.conf]} {
copy ${prefix}/etc/dnsmasq.conf.example \
${prefix}/etc/dnsmasq.conf
}
}
-------------- next part --------------
# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4
# $Id: Portfile 148957 2016-05-23 19:28:42Z snc at macports.org $
PortSystem 1.0
name dnsmasq
version 2.76
categories net
license GPL
maintainers snc openmaintainer
description lightweight DNS forwarder and DHCP server
long_description Dnsmasq is lightweight, easy to configure DNS \
forwarder and DHCP server. It is designed to provide \
DNS and, optionally, DHCP, to a small network. It can \
serve the names of local machines which are not in the \
global DNS. The DHCP server integrates with the DNS \
server and allows machines with DHCP-allocated \
addresses to appear in the DNS with names configured \
either in each host or in a central configuration \
file. Dnsmasq supports static and dynamic DHCP leases \
and BOOTP for network booting of diskless machines.
homepage http://www.thekelleys.org.uk/dnsmasq/doc.html
platforms darwin
notes "A startup item has been generated that will aid in\
starting ${name} with launchd. You must specify the\
path to resolv.conf. For your protection, this script\
is disabled by default. Execute the following command\
to start it, and to cause it to launch at startup:\
\n\nsudo port load ${name}"
master_sites http://www.thekelleys.org.uk/dnsmasq/
use_xz yes
checksums rmd160 9932b6624dd705fa8826b055ebe23138d3b0302b \
sha256 4b92698dee19ca0cb2a8f2e48f1d2dffd01a21eb15d1fbed4cf085630c8c9f96
patchfiles patch-src-config.h.diff \
patch-src-network.c.diff \
patch-src-config.h_DNSSEC.diff
post-patch {
reinplace "s|@PREFIX@|${prefix}|g" ${worksrcpath}/src/config.h
reinplace s|#resolv-file=|resolv-file=/etc/resolv.conf| \
${worksrcpath}/dnsmasq.conf.example
}
use_configure no
variant universal {}
build.env-append CC="${configure.cc} [get_canonical_archflags]"
destroot.env-append CC="${configure.cc} [get_canonical_archflags]"
destroot.args PREFIX=${prefix}
destroot.keepdirs ${destroot}${prefix}/var/run/${name}
livecheck.type regex
livecheck.url ${master_sites}
livecheck.regex LATEST_IS_(\\d\\.\\d+)
# TODO: remove no_* variants after 2015-01-09
if { ! [variant_isset no_dhcp] } {
default_variants-append +dhcp
}
if { ! [variant_isset no_tftp] } {
default_variants-append +tftp
}
if { ! [variant_isset no_ipv6] } {
default_variants-append +ipv6
}
variant no_dhcp conflicts dhcp description { obsolete } {}
variant dhcp conflicts no_dhcp description { Provide built-in DHCP server } {
build.args-delete -DNO_DHCP
}
variant no_tftp conflicts tftp description { obsolete } {}
variant tftp conflicts no_tftp description { Provide built-in TFTP server } {
build.args-delete -DNO_TFTP
}
variant no_ipv6 conflicts ipv6 description { obsolete } {}
variant ipv6 conflicts no_ipv6 description { Provide IPV6 support } {
build.args-delete -DNO_IPV6
}
set COPTS {}
if {![variant_isset dhcp]} {
lappend COPTS -DNO_DHCP
}
if {![variant_isset tftp]} {
lappend COPTS -DNO_TFTP
}
if {![variant_isset ipv6]} {
lappend COPTS -DNO_IPV6
}
if {[llength $COPTS] > 0} {
set mycopts [join $COPTS " "]
build.args-append COPTS="$mycopts"
}
post-destroot {
copy ${worksrcpath}/dnsmasq.conf.example ${destroot}${prefix}/etc/dnsmasq.conf.example
# Create the directory that dnsmasq likes to store its pid in.
xinstall -d -m 777 ${destroot}${prefix}/var/run/${name}
#
# Set up a launchd item. The daemondo wrapper is not needed.
#
# Create the plist file.
set itemname ${startupitem.name}
set uniquename ${startupitem.uniquename}
set plistname ${startupitem.plist}
set daemondest ${startupitem.location}
set itemdir ${prefix}/etc/${daemondest}/${uniquename}
file mkdir ${destroot}${itemdir}
file attributes ${destroot}${itemdir} -owner root -group wheel
set plist [open "${destroot}${itemdir}/${plistname}" w 0644]
puts ${plist} "<?xml version='1.0' encoding='UTF-8'?>"
puts ${plist} "<!DOCTYPE plist PUBLIC \"-//Apple Computer//DTD PLIST 1.0//EN\""
puts ${plist} "\"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">"
puts ${plist} "<plist version='1.0'>"
puts ${plist} " <dict>"
puts ${plist} " <key>Disabled</key>"
puts ${plist} " <true/>"
puts ${plist} " <key>Label</key>"
puts ${plist} " <string>${uniquename}</string>"
puts ${plist} " <key>ProgramArguments</key>"
puts ${plist} " <array>"
puts ${plist} " <string>${prefix}/sbin/dnsmasq</string>"
puts ${plist} " <string>-k</string>"
puts ${plist} " </array>"
puts ${plist} " <key>RunAtLoad</key>"
puts ${plist} " <true/>"
puts ${plist} " <key>KeepAlive</key>"
puts ${plist} " <true/>"
puts ${plist} " </dict>"
puts ${plist} "</plist>"
close ${plist}
# Make a symlink to the plist file.
file mkdir "${destroot}/Library/${daemondest}"
ln -sf "${itemdir}/${plistname}" "${destroot}/Library/${daemondest}"
}
post-activate {
# copy configuration file if not previously created
if {![file exists ${prefix}/etc/dnsmasq.conf]} {
copy ${prefix}/etc/dnsmasq.conf.example \
${prefix}/etc/dnsmasq.conf
}
}
-------------- next part --------------
--- src/config.h.orig 2016-10-30 07:35:53.000000000 +0100
+++ src/config.h 2016-10-30 07:36:08.000000000 +0100
@@ -174,7 +174,7 @@
/* #define HAVE_DBUS */
/* #define HAVE_IDN */
/* #define HAVE_CONNTRACK */
-/* #define HAVE_DNSSEC */
+#define HAVE_DNSSEC
/* Default locations for important system files. */
More information about the macports-dev
mailing list