diff options
| author | Florent Thoumie <flz@FreeBSD.org> | 2005-07-13 19:24:35 +0000 |
|---|---|---|
| committer | Florent Thoumie <flz@FreeBSD.org> | 2005-07-13 19:24:35 +0000 |
| commit | 7ac689d17a3e31a7c12858c5c7c0aefd388f814e (patch) | |
| tree | 1024ab1730042af2a8f1b9ed51895511bf657096 /dns | |
| parent | 2c070fe049102c28ce82f4b0cf26aa198c6bbf4d (diff) | |
| download | ports-7ac689d17a3e31a7c12858c5c7c0aefd388f814e.tar.gz ports-7ac689d17a3e31a7c12858c5c7c0aefd388f814e.zip | |
Notes
Diffstat (limited to 'dns')
| -rw-r--r-- | dns/Makefile | 1 | ||||
| -rw-r--r-- | dns/bind9-sdb-ldap/Makefile | 126 | ||||
| -rw-r--r-- | dns/bind9-sdb-ldap/distinfo | 4 | ||||
| -rw-r--r-- | dns/bind9-sdb-ldap/files/patch-sdb_ldap | 727 | ||||
| -rw-r--r-- | dns/bind9-sdb-ldap/pkg-descr | 7 | ||||
| -rw-r--r-- | dns/bind9-sdb-ldap/pkg-message | 22 | ||||
| -rw-r--r-- | dns/bind9-sdb-ldap/pkg-plist | 226 |
7 files changed, 1113 insertions, 0 deletions
diff --git a/dns/Makefile b/dns/Makefile index 62bc707a3f2f..2ce0b1109069 100644 --- a/dns/Makefile +++ b/dns/Makefile @@ -9,6 +9,7 @@ SUBDIR += bind84 SUBDIR += bind9 SUBDIR += bind9-dlz + SUBDIR += bind9-sdb-ldap SUBDIR += checkdns SUBDIR += crossip SUBDIR += ddclient diff --git a/dns/bind9-sdb-ldap/Makefile b/dns/bind9-sdb-ldap/Makefile new file mode 100644 index 000000000000..0442705fa32c --- /dev/null +++ b/dns/bind9-sdb-ldap/Makefile @@ -0,0 +1,126 @@ +# New ports collection makefile for: bind9-sdb-ldap +# Date created: 23 June 2005 +# Whom: Hugo Meiland <hugo@meiland.nl> +# +# $FreeBSD$ +# + +PORTNAME= bind9 +PORTVERSION= 9.3.1 +CATEGORIES= dns net ipv6 +MASTER_SITES= ${MASTER_SITE_ISC} +MASTER_SITE_SUBDIR= bind9/${ISCVERSION} +PKGNAMESUFFIX= -sdb-ldap +DISTNAME= bind-${ISCVERSION} +DISTFILES= ${DISTNAME}${EXTRACT_SUFX} ${DISTNAME}${EXTRACT_SUFX}.asc +EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} + +MAINTAINER= Hugo@Meiland.nl +COMMENT= The well known Bind9, patched for use of an LDAP based backend + +LIB_DEPENDS= ldap-2.2:${PORTSDIR}/net/openldap22-client + +CONFLICTS= bind-8.* bind84-8.* bind9-9.* bind9-dlz-* host-* skalibs-* + +# ISC releases things like 9.3.0rc1, which our versioning doesn't like +ISCVERSION= 9.3.1 + +GNU_CONFIGURE= yes +CONFIGURE_ARGS= --localstatedir=/var --disable-linux-caps --with-openssl \ + --with-randomdev=/dev/random + +USE_OPENSSL= yes + +.if !defined(WITHOUT_BIND9_THREADS) || defined(PACKAGE_BUILDING) +CONFIGURE_ARGS+= --enable-threads +.else +CONFIGURE_ARGS+= --disable-threads +.endif + +.if defined(WITH_PORT_REPLACES_BASE_BIND9) +PKGNAMESUFFIX= -sdb-ldap-base +PREFIX= /usr +BIND_DESTETC= /etc/namedb +CONFIGURE_ARGS+= --prefix=${PREFIX} \ + --sysconfdir=${BIND_DESTETC} \ + --mandir=${MANPREFIX}/man +.else +BIND_DESTETC= ${PREFIX}/etc +.endif + +PLIST_SUB= BIND_DESTETC="${BIND_DESTETC}" + +MAN1= dig.1 host.1 nslookup.1 +MAN3= lwres.3 lwres_addr_parse.3 lwres_buffer.3 lwres_buffer_add.3 \ + lwres_buffer_back.3 lwres_buffer_clear.3 lwres_buffer_first.3 \ + lwres_buffer_forward.3 lwres_buffer_getmem.3 lwres_buffer_getuint16.3 \ + lwres_buffer_getuint32.3 lwres_buffer_getuint8.3 lwres_buffer_init.3 \ + lwres_buffer_invalidate.3 lwres_buffer_putmem.3 \ + lwres_buffer_putuint16.3 lwres_buffer_putuint32.3 \ + lwres_buffer_putuint8.3 lwres_buffer_subtract.3 lwres_conf_clear.3 \ + lwres_conf_get.3 lwres_conf_init.3 lwres_conf_parse.3 \ + lwres_conf_print.3 lwres_config.3 lwres_context.3 \ + lwres_context_allocmem.3 lwres_context_create.3 \ + lwres_context_destroy.3 lwres_context_freemem.3 \ + lwres_context_initserial.3 lwres_context_nextserial.3 \ + lwres_context_sendrecv.3 lwres_endhostent.3 lwres_endhostent_r.3 \ + lwres_freeaddrinfo.3 lwres_freehostent.3 lwres_gabn.3 \ + lwres_gabnrequest_free.3 lwres_gabnrequest_parse.3 \ + lwres_gabnrequest_render.3 lwres_gabnresponse_free.3 \ + lwres_gabnresponse_parse.3 lwres_gabnresponse_render.3 \ + lwres_gai_strerror.3 lwres_getaddrinfo.3 lwres_getaddrsbyname.3 \ + lwres_gethostbyaddr.3 lwres_gethostbyaddr_r.3 lwres_gethostbyname.3 \ + lwres_gethostbyname2.3 lwres_gethostbyname_r.3 lwres_gethostent.3 \ + lwres_gethostent_r.3 lwres_getipnode.3 lwres_getipnodebyaddr.3 \ + lwres_getipnodebyname.3 lwres_getnamebyaddr.3 lwres_getnameinfo.3 \ + lwres_getrrsetbyname.3 lwres_gnba.3 lwres_gnbarequest_free.3 \ + lwres_gnbarequest_parse.3 lwres_gnbarequest_render.3 \ + lwres_gnbaresponse_free.3 lwres_gnbaresponse_parse.3 \ + lwres_gnbaresponse_render.3 lwres_herror.3 lwres_hstrerror.3 \ + lwres_inetntop.3 lwres_lwpacket_parseheader.3 \ + lwres_lwpacket_renderheader.3 lwres_net_ntop.3 lwres_noop.3 \ + lwres_nooprequest_free.3 lwres_nooprequest_parse.3 \ + lwres_nooprequest_render.3 lwres_noopresponse_free.3 \ + lwres_noopresponse_parse.3 lwres_noopresponse_render.3 \ + lwres_packet.3 lwres_resutil.3 lwres_sethostent.3 \ + lwres_sethostent_r.3 lwres_string_parse.3 +MAN5= named.conf.5 rndc.conf.5 +MAN8= dnssec-keygen.8 dnssec-signzone.8 lwresd.8 named-checkconf.8 \ + named-checkzone.8 named.8 nsupdate.8 rndc-confgen.8 rndc.8 + +pre-fetch: +.if defined(PORT_REPLACES_BASE_BIND9) + @${ECHO} "" + @${ECHO} "***************************************************" + @${ECHO} "Support for the old PORT_REPLACES_BASE_BIND9 option" + @${ECHO} "will be removed in future versions of the port." + @${ECHO} "Use WITH_PORT_REPLACES_BASE_BIND9 instead." + @${ECHO} "***************************************************" + @${ECHO} "" + @/bin/sleep 5 +WITH_PORT_REPLACES_BASE_BIND9= true +.endif + +post-patch: +.for FILE in check/named-checkconf.8 named/named.8 nsupdate/nsupdate.8 \ + rndc/rndc.8 + @${MV} ${WRKSRC}/bin/${FILE} ${WRKSRC}/bin/${FILE}.Dist + @${SED} -e 's#/etc/named.conf#${BIND_DESTETC}/named.conf#g' \ + -e 's#/etc/rndc.conf#${BIND_DESTETC}/rndc.conf#g' \ + ${WRKSRC}/bin/${FILE}.Dist > ${WRKSRC}/bin/${FILE} +.endfor + +post-install: + ${INSTALL_DATA} ${WRKSRC}/bin/rndc/rndc.conf \ + ${BIND_DESTETC}/rndc.conf.sample +.if !defined(NOPORTDOCS) + ${MKDIR} ${DOCSDIR}/arm ${DOCSDIR}/misc + ${INSTALL_DATA} ${WRKSRC}/doc/arm/Bv9ARM*html ${DOCSDIR}/arm + ${INSTALL_DATA} ${WRKSRC}/doc/misc/[a-z]* ${DOCSDIR}/misc + ${CP} ${WRKSRC}/CHANGES ${WRKSRC}/COPYRIGHT ${WRKSRC}/FAQ \ + ${WRKSRC}/README ${DOCSDIR}/ +.endif + + @${CAT} ${PKGMESSAGE} + +.include <bsd.port.mk> diff --git a/dns/bind9-sdb-ldap/distinfo b/dns/bind9-sdb-ldap/distinfo new file mode 100644 index 000000000000..9ef13fa4101a --- /dev/null +++ b/dns/bind9-sdb-ldap/distinfo @@ -0,0 +1,4 @@ +MD5 (bind-9.3.1.tar.gz) = 9ff3204eea27184ea0722f37e43fc95d +SIZE (bind-9.3.1.tar.gz) = 4673603 +MD5 (bind-9.3.1.tar.gz.asc) = b2077443ade50ed778aa78a8014affaa +SIZE (bind-9.3.1.tar.gz.asc) = 186 diff --git a/dns/bind9-sdb-ldap/files/patch-sdb_ldap b/dns/bind9-sdb-ldap/files/patch-sdb_ldap new file mode 100644 index 000000000000..29f7e38f3853 --- /dev/null +++ b/dns/bind9-sdb-ldap/files/patch-sdb_ldap @@ -0,0 +1,727 @@ +diff -ruN ../bind-9.3.1.org/bin/named/Makefile.in ./bin/named/Makefile.in +--- ../bind-9.3.1.org/bin/named/Makefile.in Wed Jun 22 22:34:55 2005 ++++ ./bin/named/Makefile.in Wed Jun 22 22:52:14 2005 +@@ -26,10 +26,10 @@ + # + # Add database drivers here. + # +-DBDRIVER_OBJS = +-DBDRIVER_SRCS = +-DBDRIVER_INCLUDES = +-DBDRIVER_LIBS = ++DBDRIVER_OBJS = ldapdb.@O@ ++DBDRIVER_SRCS = ldapdb.c ++DBDRIVER_INCLUDES = -I/usr/local/include ++DBDRIVER_LIBS = -L/usr/local/lib -lldap -llber + + CINCLUDES = -I${srcdir}/include -I${srcdir}/unix/include \ + ${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \ +diff -ruN ../bind-9.3.1.org/bin/named/include/ldapdb.h ./bin/named/include/ldapdb.h +--- ../bind-9.3.1.org/bin/named/include/ldapdb.h Thu Jan 1 01:00:00 1970 ++++ ./bin/named/include/ldapdb.h Wed Jun 22 22:40:56 2005 +@@ -0,0 +1,6 @@ ++#include <isc/types.h> ++ ++isc_result_t ldapdb_init(void); ++ ++void ldapdb_clear(void); ++ +diff -ruN ../bind-9.3.1.org/bin/named/ldapdb.c ./bin/named/ldapdb.c +--- ../bind-9.3.1.org/bin/named/ldapdb.c Thu Jan 1 01:00:00 1970 ++++ ./bin/named/ldapdb.c Wed Jun 22 22:40:44 2005 +@@ -0,0 +1,667 @@ ++/* ++ * ldapdb.c version 1.0-beta ++ * ++ * Copyright (C) 2002, 2004 Stig Venaas ++ * ++ * Permission to use, copy, modify, and distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * Contributors: Jeremy C. McDermond ++ */ ++ ++/* ++ * If you want to use TLS, uncomment the define below ++ */ ++/* #define LDAPDB_TLS */ ++ ++/* ++ * If you are using an old LDAP API uncomment the define below. Only do this ++ * if you know what you're doing or get compilation errors on ldap_memfree(). ++ * This also forces LDAPv2. ++ */ ++/* #define LDAPDB_RFC1823API */ ++ ++/* Using LDAPv3 by default, change this if you want v2 */ ++#ifndef LDAPDB_LDAP_VERSION ++#define LDAPDB_LDAP_VERSION 3 ++#endif ++ ++#include <config.h> ++ ++#include <string.h> ++#include <stdio.h> ++#include <stdlib.h> ++#include <ctype.h> ++ ++#include <isc/mem.h> ++#include <isc/print.h> ++#include <isc/result.h> ++#include <isc/util.h> ++#include <isc/thread.h> ++ ++#include <dns/sdb.h> ++ ++#include <named/globals.h> ++#include <named/log.h> ++ ++#include <ldap.h> ++#include "ldapdb.h" ++ ++/* ++ * A simple database driver for LDAP ++ */ ++ ++/* enough for name with 8 labels of max length */ ++#define MAXNAMELEN 519 ++ ++static dns_sdbimplementation_t *ldapdb = NULL; ++ ++struct ldapdb_data { ++ char *hostport; ++ char *hostname; ++ int portno; ++ char *base; ++ int defaultttl; ++ char *filterall; ++ int filteralllen; ++ char *filterone; ++ int filteronelen; ++ char *filtername; ++ char *bindname; ++ char *bindpw; ++#ifdef LDAPDB_TLS ++ int tls; ++#endif ++}; ++ ++/* used by ldapdb_getconn */ ++ ++struct ldapdb_entry { ++ void *index; ++ size_t size; ++ void *data; ++ struct ldapdb_entry *next; ++}; ++ ++static struct ldapdb_entry *ldapdb_find(struct ldapdb_entry *stack, ++ const void *index, size_t size) { ++ while (stack != NULL) { ++ if (stack->size == size && !memcmp(stack->index, index, size)) ++ return stack; ++ stack = stack->next; ++ } ++ return NULL; ++} ++ ++static void ldapdb_insert(struct ldapdb_entry **stack, ++ struct ldapdb_entry *item) { ++ item->next = *stack; ++ *stack = item; ++} ++ ++static void ldapdb_lock(int what) { ++ static isc_mutex_t lock; ++ ++ switch (what) { ++ case 0: ++ isc_mutex_init(&lock); ++ break; ++ case 1: ++ LOCK(&lock); ++ break; ++ case -1: ++ UNLOCK(&lock); ++ break; ++ } ++} ++ ++/* data == NULL means cleanup */ ++static LDAP ** ++ldapdb_getconn(struct ldapdb_data *data) ++{ ++ static struct ldapdb_entry *allthreadsdata = NULL; ++ struct ldapdb_entry *threaddata, *conndata; ++ unsigned long threadid; ++ ++ if (data == NULL) { ++ /* cleanup */ ++ /* lock out other threads */ ++ ldapdb_lock(1); ++ while (allthreadsdata != NULL) { ++ threaddata = allthreadsdata; ++ free(threaddata->index); ++ while (threaddata->data != NULL) { ++ conndata = threaddata->data; ++ free(conndata->index); ++ if (conndata->data != NULL) ++ ldap_unbind((LDAP *)conndata->data); ++ threaddata->data = conndata->next; ++ free(conndata); ++ } ++ allthreadsdata = threaddata->next; ++ free(threaddata); ++ } ++ ldapdb_lock(-1); ++ return (NULL); ++ } ++ ++ /* look for connection data for current thread */ ++ threadid = isc_thread_self(); ++ threaddata = ldapdb_find(allthreadsdata, &threadid, sizeof(threadid)); ++ if (threaddata == NULL) { ++ /* no data for this thread, create empty connection list */ ++ threaddata = malloc(sizeof(*threaddata)); ++ if (threaddata == NULL) ++ return (NULL); ++ threaddata->index = malloc(sizeof(threadid)); ++ if (threaddata->index == NULL) { ++ free(threaddata); ++ return (NULL); ++ } ++ *(unsigned long *)threaddata->index = threadid; ++ threaddata->size = sizeof(threadid); ++ threaddata->data = NULL; ++ ++ /* need to lock out other threads here */ ++ ldapdb_lock(1); ++ ldapdb_insert(&allthreadsdata, threaddata); ++ ldapdb_lock(-1); ++ } ++ ++ /* threaddata points at the connection list for current thread */ ++ /* look for existing connection to our server */ ++ conndata = ldapdb_find((struct ldapdb_entry *)threaddata->data, ++ data->hostport, strlen(data->hostport)); ++ if (conndata == NULL) { ++ /* no connection data structure for this server, create one */ ++ conndata = malloc(sizeof(*conndata)); ++ if (conndata == NULL) ++ return (NULL); ++ conndata->index = data->hostport; ++ conndata->size = strlen(data->hostport); ++ conndata->data = NULL; ++ ldapdb_insert((struct ldapdb_entry **)&threaddata->data, ++ conndata); ++ } ++ ++ return (LDAP **)&conndata->data; ++} ++ ++static void ++ldapdb_bind(struct ldapdb_data *data, LDAP **ldp) ++{ ++#ifndef LDAPDB_RFC1823API ++ const int ver = LDAPDB_LDAP_VERSION; ++#endif ++ ++ if (*ldp != NULL) ++ ldap_unbind(*ldp); ++ *ldp = ldap_open(data->hostname, data->portno); ++ if (*ldp == NULL) ++ return; ++ ++#ifndef LDAPDB_RFC1823API ++ ldap_set_option(*ldp, LDAP_OPT_PROTOCOL_VERSION, &ver); ++#endif ++ ++#ifdef LDAPDB_TLS ++ if (data->tls) { ++ ldap_start_tls_s(*ldp, NULL, NULL); ++ } ++#endif ++ ++ if (ldap_simple_bind_s(*ldp, data->bindname, data->bindpw) != LDAP_SUCCESS) { ++ ldap_unbind(*ldp); ++ *ldp = NULL; ++ } ++} ++ ++static isc_result_t ++ldapdb_search(const char *zone, const char *name, void *dbdata, void *retdata) ++{ ++ struct ldapdb_data *data = dbdata; ++ isc_result_t result = ISC_R_NOTFOUND; ++ LDAP **ldp; ++ LDAPMessage *res, *e; ++ char *fltr, *a, **vals = NULL, **names = NULL; ++ char type[64]; ++#ifdef LDAPDB_RFC1823API ++ void *ptr; ++#else ++ BerElement *ptr; ++#endif ++ int i, j, errno, msgid; ++ ++ ldp = ldapdb_getconn(data); ++ if (ldp == NULL) ++ return (ISC_R_FAILURE); ++ if (*ldp == NULL) { ++ ldapdb_bind(data, ldp); ++ if (*ldp == NULL) { ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, ++ "LDAP sdb zone '%s': bind failed", zone); ++ return (ISC_R_FAILURE); ++ } ++ } ++ ++ if (name == NULL) { ++ fltr = data->filterall; ++ } else { ++ if (strlen(name) > MAXNAMELEN) { ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, ++ "LDAP sdb zone '%s': name %s too long", zone, name); ++ return (ISC_R_FAILURE); ++ } ++ sprintf(data->filtername, "%s))", name); ++ fltr = data->filterone; ++ } ++ ++ msgid = ldap_search(*ldp, data->base, LDAP_SCOPE_SUBTREE, fltr, NULL, 0); ++ if (msgid == -1) { ++ ldapdb_bind(data, ldp); ++ if (*ldp != NULL) ++ msgid = ldap_search(*ldp, data->base, LDAP_SCOPE_SUBTREE, fltr, NULL, 0); ++ } ++ ++ if (*ldp == NULL || msgid == -1) { ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, ++ "LDAP sdb zone '%s': search failed, filter %s", zone, fltr); ++ return (ISC_R_FAILURE); ++ } ++ ++ /* Get the records one by one as they arrive and return them to bind */ ++ while ((errno = ldap_result(*ldp, msgid, 0, NULL, &res)) != LDAP_RES_SEARCH_RESULT ) { ++ LDAP *ld = *ldp; ++ int ttl = data->defaultttl; ++ ++ /* not supporting continuation references at present */ ++ if (errno != LDAP_RES_SEARCH_ENTRY) { ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, ++ "LDAP sdb zone '%s': ldap_result returned %d", zone, errno); ++ ldap_msgfree(res); ++ return (ISC_R_FAILURE); ++ } ++ ++ /* only one entry per result message */ ++ e = ldap_first_entry(ld, res); ++ if (e == NULL) { ++ ldap_msgfree(res); ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, ++ "LDAP sdb zone '%s': ldap_first_entry failed", zone); ++ return (ISC_R_FAILURE); ++ } ++ ++ if (name == NULL) { ++ names = ldap_get_values(ld, e, "relativeDomainName"); ++ if (names == NULL) ++ continue; ++ } ++ ++ vals = ldap_get_values(ld, e, "dNSTTL"); ++ if (vals != NULL) { ++ ttl = atoi(vals[0]); ++ ldap_value_free(vals); ++ } ++ ++ for (a = ldap_first_attribute(ld, e, &ptr); a != NULL; a = ldap_next_attribute(ld, e, ptr)) { ++ char *s; ++ ++ for (s = a; *s; s++) ++ *s = toupper(*s); ++ s = strstr(a, "RECORD"); ++ if ((s == NULL) || (s == a) || (s - a >= (signed int)sizeof(type))) { ++#ifndef LDAPDB_RFC1823API ++ ldap_memfree(a); ++#endif ++ continue; ++ } ++ ++ strncpy(type, a, s - a); ++ type[s - a] = '\0'; ++ vals = ldap_get_values(ld, e, a); ++ if (vals != NULL) { ++ for (i = 0; vals[i] != NULL; i++) { ++ if (name != NULL) { ++ result = dns_sdb_putrr(retdata, type, ttl, vals[i]); ++ } else { ++ for (j = 0; names[j] != NULL; j++) { ++ result = dns_sdb_putnamedrr(retdata, names[j], type, ttl, vals[i]); ++ if (result != ISC_R_SUCCESS) ++ break; ++ } ++ } ++; if (result != ISC_R_SUCCESS) { ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, ++ "LDAP sdb zone '%s': dns_sdb_put... failed for %s", zone, vals[i]); ++ ldap_value_free(vals); ++#ifndef LDAPDB_RFC1823API ++ ldap_memfree(a); ++ if (ptr != NULL) ++ ber_free(ptr, 0); ++#endif ++ if (name == NULL) ++ ldap_value_free(names); ++ ldap_msgfree(res); ++ return (ISC_R_FAILURE); ++ } ++ } ++ ldap_value_free(vals); ++ } ++#ifndef LDAPDB_RFC1823API ++ ldap_memfree(a); ++#endif ++ } ++#ifndef LDAPDB_RFC1823API ++ if (ptr != NULL) ++ ber_free(ptr, 0); ++#endif ++ if (name == NULL) ++ ldap_value_free(names); ++ ++ /* free this result */ ++ ldap_msgfree(res); ++ } ++ ++ /* free final result */ ++ ldap_msgfree(res); ++ return (result); ++} ++ ++ ++/* callback routines */ ++static isc_result_t ++ldapdb_lookup(const char *zone, const char *name, void *dbdata, ++ dns_sdblookup_t *lookup) ++{ ++ return ldapdb_search(zone, name, dbdata, lookup); ++} ++ ++static isc_result_t ++ldapdb_allnodes(const char *zone, void *dbdata, ++ dns_sdballnodes_t *allnodes) ++{ ++ return ldapdb_search(zone, NULL, dbdata, allnodes); ++} ++ ++static char * ++unhex(char *in) ++{ ++ static const char hexdigits[] = "0123456789abcdef"; ++ char *p, *s = in; ++ int d1, d2; ++ ++ while ((s = strchr(s, '%'))) { ++ if (!(s[1] && s[2])) ++ return NULL; ++ if ((p = strchr(hexdigits, tolower(s[1]))) == NULL) ++ return NULL; ++ d1 = p - hexdigits; ++ if ((p = strchr(hexdigits, tolower(s[2]))) == NULL) ++ return NULL; ++ d2 = p - hexdigits; ++ *s++ = d1 << 4 | d2; ++ memmove(s, s + 2, strlen(s) - 1); ++ } ++ return in; ++} ++ ++/* returns 0 for ok, -1 for bad syntax, -2 for unknown critical extension */ ++static int ++parseextensions(char *extensions, struct ldapdb_data *data) ++{ ++ char *s, *next, *name, *value; ++ int critical; ++ ++ while (extensions != NULL) { ++ s = strchr(extensions, ','); ++ if (s != NULL) { ++ *s++ = '\0'; ++ next = s; ++ } else { ++ next = NULL; ++ } ++ ++ if (*extensions != '\0') { ++ s = strchr(extensions, '='); ++ if (s != NULL) { ++ *s++ = '\0'; ++ value = *s != '\0' ? s : NULL; ++ } else { ++ value = NULL; ++ } ++ name = extensions; ++ ++ critical = *name == '!'; ++ if (critical) { ++ name++; ++ } ++ if (*name == '\0') { ++ return -1; ++ } ++ ++ if (!strcasecmp(name, "bindname")) { ++ data->bindname = value; ++ } else if (!strcasecmp(name, "x-bindpw")) { ++ data->bindpw = value; ++#ifdef LDAPDB_TLS ++ } else if (!strcasecmp(name, "x-tls")) { ++ data->tls = value == NULL || !strcasecmp(value, "true"); ++#endif ++ } else if (critical) { ++ return -2; ++ } ++ } ++ extensions = next; ++ } ++ return 0; ++} ++ ++static void ++free_data(struct ldapdb_data *data) ++{ ++ if (data->hostport != NULL) ++ isc_mem_free(ns_g_mctx, data->hostport); ++ if (data->hostname != NULL) ++ isc_mem_free(ns_g_mctx, data->hostname); ++ if (data->filterall != NULL) ++ isc_mem_put(ns_g_mctx, data->filterall, data->filteralllen); ++ if (data->filterone != NULL) ++ isc_mem_put(ns_g_mctx, data->filterone, data->filteronelen); ++ isc_mem_put(ns_g_mctx, data, sizeof(struct ldapdb_data)); ++} ++ ++ ++static isc_result_t ++ldapdb_create(const char *zone, int argc, char **argv, ++ void *driverdata, void **dbdata) ++{ ++ struct ldapdb_data *data; ++ char *s, *filter = NULL, *extensions = NULL; ++ int defaultttl; ++ ++ UNUSED(driverdata); ++ ++ /* we assume that only one thread will call create at a time */ ++ /* want to do this only once for all instances */ ++ ++ if ((argc < 2) ++ || (argv[0] != strstr( argv[0], "ldap://")) ++ || ((defaultttl = atoi(argv[1])) < 1)) ++ return (ISC_R_FAILURE); ++ data = isc_mem_get(ns_g_mctx, sizeof(struct ldapdb_data)); ++ if (data == NULL) ++ return (ISC_R_NOMEMORY); ++ ++ memset(data, 0, sizeof(struct ldapdb_data)); ++ data->hostport = isc_mem_strdup(ns_g_mctx, argv[0] + strlen("ldap://")); ++ if (data->hostport == NULL) { ++ free_data(data); ++ return (ISC_R_NOMEMORY); ++ } ++ ++ data->defaultttl = defaultttl; ++ ++ s = strchr(data->hostport, '/'); ++ if (s != NULL) { ++ *s++ = '\0'; ++ data->base = s; ++ /* attrs, scope, filter etc? */ ++ s = strchr(s, '?'); ++ if (s != NULL) { ++ *s++ = '\0'; ++ /* ignore attributes */ ++ s = strchr(s, '?'); ++ if (s != NULL) { ++ *s++ = '\0'; ++ /* ignore scope */ ++ s = strchr(s, '?'); ++ if (s != NULL) { ++ *s++ = '\0'; ++ /* filter */ ++ filter = s; ++ s = strchr(s, '?'); ++ if (s != NULL) { ++ *s++ = '\0'; ++ /* extensions */ ++ extensions = s; ++ s = strchr(s, '?'); ++ if (s != NULL) { ++ *s++ = '\0'; ++ } ++ if (*extensions == '\0') { ++ extensions = NULL; ++ } ++ } ++ if (*filter == '\0') { ++ filter = NULL; ++ } ++ } ++ } ++ } ++ if (*data->base == '\0') { ++ data->base = NULL; ++ } ++ } ++ ++ /* parse extensions */ ++ if (extensions != NULL) { ++ int err; ++ ++ err = parseextensions(extensions, data); ++ if (err < 0) { ++ /* err should be -1 or -2 */ ++ free_data(data); ++ if (err == -1) { ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, ++ "LDAP sdb zone '%s': URL: extension syntax error", zone); ++ } else if (err == -2) { ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, ++ "LDAP sdb zone '%s': URL: unknown critical extension", zone); ++ } ++ return (ISC_R_FAILURE); ++ } ++ } ++ ++ if ((data->base != NULL && unhex(data->base) == NULL) || ++ (filter != NULL && unhex(filter) == NULL) || ++ (data->bindname != NULL && unhex(data->bindname) == NULL) || ++ (data->bindpw != NULL && unhex(data->bindpw) == NULL)) { ++ free_data(data); ++ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, ++ "LDAP sdb zone '%s': URL: bad hex values", zone); ++ return (ISC_R_FAILURE); ++ } ++ ++ /* compute filterall and filterone once and for all */ ++ if (filter == NULL) { ++ data->filteralllen = strlen(zone) + strlen("(zoneName=)") + 1; ++ data->filteronelen = strlen(zone) + strlen("(&(zoneName=)(relativeDomainName=))") + MAXNAMELEN + 1; ++ } else { ++ data->filteralllen = strlen(filter) + strlen(zone) + strlen("(&(zoneName=))") + 1; ++ data->filteronelen = strlen(filter) + strlen(zone) + strlen("(&(zoneName=)(relativeDomainName=))") + MAXNAMELEN + 1; ++ } ++ ++ data->filterall = isc_mem_get(ns_g_mctx, data->filteralllen); ++ if (data->filterall == NULL) { ++ free_data(data); ++ return (ISC_R_NOMEMORY); ++ } ++ data->filterone = isc_mem_get(ns_g_mctx, data->filteronelen); ++ if (data->filterone == NULL) { ++ free_data(data); ++ return (ISC_R_NOMEMORY); ++ } ++ ++ if (filter == NULL) { ++ sprintf(data->filterall, "(zoneName=%s)", zone); ++ sprintf(data->filterone, "(&(zoneName=%s)(relativeDomainName=", zone); ++ } else { ++ sprintf(data->filterall, "(&%s(zoneName=%s))", filter, zone); ++ sprintf(data->filterone, "(&%s(zoneName=%s)(relativeDomainName=", filter, zone); ++ } ++ data->filtername = data->filterone + strlen(data->filterone); ++ ++ /* support URLs with literal IPv6 addresses */ ++ data->hostname = isc_mem_strdup(ns_g_mctx, data->hostport + (*data->hostport == '[' ? 1 : 0)); ++ if (data->hostname == NULL) { ++ free_data(data); ++ return (ISC_R_NOMEMORY); ++ } ++ ++ if (*data->hostport == '[' && ++ (s = strchr(data->hostname, ']')) != NULL ) ++ *s++ = '\0'; ++ else ++ s = data->hostname; ++ s = strchr(s, ':'); ++ if (s != NULL) { ++ *s++ = '\0'; ++ data->portno = atoi(s); ++ } else ++ data->portno = LDAP_PORT; ++ ++ *dbdata = data; ++ return (ISC_R_SUCCESS); ++} ++ ++static void ++ldapdb_destroy(const char *zone, void *driverdata, void **dbdata) { ++ struct ldapdb_data *data = *dbdata; ++ ++ UNUSED(zone); ++ UNUSED(driverdata); ++ ++ free_data(data); ++} ++ ++static dns_sdbmethods_t ldapdb_methods = { ++ ldapdb_lookup, ++ NULL, /* authority */ ++ ldapdb_allnodes, ++ ldapdb_create, ++ ldapdb_destroy ++}; ++ ++/* Wrapper around dns_sdb_register() */ ++isc_result_t ++ldapdb_init(void) { ++ unsigned int flags = ++ DNS_SDBFLAG_RELATIVEOWNER | ++ DNS_SDBFLAG_RELATIVERDATA | ++ DNS_SDBFLAG_THREADSAFE; ++ ++ ldapdb_lock(0); ++ return (dns_sdb_register("ldap", &ldapdb_methods, NULL, flags, ++ ns_g_mctx, &ldapdb)); ++} ++ ++/* Wrapper around dns_sdb_unregister() */ ++void ++ldapdb_clear(void) { ++ if (ldapdb != NULL) { ++ /* clean up thread data */ ++ ldapdb_getconn(NULL); ++ dns_sdb_unregister(&ldapdb); ++ } ++} +diff -ruN ../bind-9.3.1.org/bin/named/main.c ./bin/named/main.c +--- ../bind-9.3.1.org/bin/named/main.c Wed Jun 22 22:34:55 2005 ++++ ./bin/named/main.c Wed Jun 22 22:47:38 2005 +@@ -71,6 +71,7 @@ + * Include header files for database drivers here. + */ + /* #include "xxdb.h" */ ++#include <ldapdb.h> + + static isc_boolean_t want_stats = ISC_FALSE; + static char program_name[ISC_DIR_NAMEMAX] = "named"; +@@ -656,6 +657,7 @@ + * Add calls to register sdb drivers here. + */ + /* xxdb_init(); */ ++ ldapdb_init(); + + ns_server_create(ns_g_mctx, &ns_g_server); + } +@@ -672,7 +674,7 @@ + * Add calls to unregister sdb drivers here. + */ + /* xxdb_clear(); */ +- ++ ldapdb_clear(); + isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, + ISC_LOG_NOTICE, "exiting"); + ns_log_shutdown(); diff --git a/dns/bind9-sdb-ldap/pkg-descr b/dns/bind9-sdb-ldap/pkg-descr new file mode 100644 index 000000000000..ea90dfb13658 --- /dev/null +++ b/dns/bind9-sdb-ldap/pkg-descr @@ -0,0 +1,7 @@ +This port includes all the excellent features of the BIND9 DNS server, +including support for an LDAP back-end. These patches were written by Venaas. + +WWW: http://www.venaas.no/ldap/bind-sdb/ + +- Hugo +hugo@meiland.nl diff --git a/dns/bind9-sdb-ldap/pkg-message b/dns/bind9-sdb-ldap/pkg-message new file mode 100644 index 000000000000..8dd5f7e54f92 --- /dev/null +++ b/dns/bind9-sdb-ldap/pkg-message @@ -0,0 +1,22 @@ +************************************************************************* +* _ _____ _____ _____ _ _ _____ ___ ___ _ _ * +* / \|_ _|_ _| ____| \ | |_ _|_ _/ _ \| \ | | * +* / _ \ | | | | | _| | \| | | | | | | | | \| | * +* / ___ \| | | | | |___| |\ | | | | | |_| | |\ | * +* /_/ \_\_| |_| |_____|_| \_| |_| |___\___/|_| \_| * +* * +* BIND 9 requires a good source of randomness to operate. * +* It also requires configuration of rndc, including a * +* "secret" key. If you are using FreeBSD 4.x, visit * +* http://people.freebsd.org/~dougb/randomness.html for * +* information on how to set up entropy gathering. Users * +* of FreeBSD 5.x or later do not need to do this step. If * +* you are running BIND 9 in a chroot environment, make * +* sure that there is a /dev/random device in the chroot. * +* * +* The easiest, and most secure way to configure rndc is * +* to run 'rndc-confgen -a' which will generate the proper * +* conf file, with a new random key, and appropriate file * +* permissions. * +* * +************************************************************************* diff --git a/dns/bind9-sdb-ldap/pkg-plist b/dns/bind9-sdb-ldap/pkg-plist new file mode 100644 index 000000000000..4a8755f67d6c --- /dev/null +++ b/dns/bind9-sdb-ldap/pkg-plist @@ -0,0 +1,226 @@ +bin/dig +bin/host +bin/isc-config.sh +bin/nslookup +bin/nsupdate +include/bind9/check.h +include/bind9/getaddresses.h +include/bind9/version.h +include/dns/acl.h +include/dns/adb.h +include/dns/byaddr.h +include/dns/cache.h +include/dns/callbacks.h +include/dns/cert.h +include/dns/compress.h +include/dns/db.h +include/dns/dbiterator.h +include/dns/dbtable.h +include/dns/diff.h +include/dns/dispatch.h +include/dns/dnssec.h +include/dns/ds.h +include/dns/enumclass.h +include/dns/enumtype.h +include/dns/events.h +include/dns/fixedname.h +include/dns/journal.h +include/dns/keyflags.h +include/dns/keytable.h +include/dns/keyvalues.h +include/dns/lib.h +include/dns/log.h +include/dns/master.h +include/dns/masterdump.h +include/dns/message.h +include/dns/name.h +include/dns/ncache.h +include/dns/nsec.h +include/dns/peer.h +include/dns/portlist.h +include/dns/rbt.h +include/dns/rcode.h +include/dns/rdata.h +include/dns/rdataclass.h +include/dns/rdatalist.h +include/dns/rdataset.h +include/dns/rdatasetiter.h +include/dns/rdataslab.h +include/dns/rdatastruct.h +include/dns/rdatatype.h +include/dns/request.h +include/dns/resolver.h +include/dns/result.h +include/dns/rootns.h +include/dns/sdb.h +include/dns/secalg.h +include/dns/secproto.h +include/dns/soa.h +include/dns/ssu.h +include/dns/tcpmsg.h +include/dns/time.h +include/dns/tkey.h +include/dns/tsig.h +include/dns/ttl.h +include/dns/types.h +include/dns/validator.h +include/dns/version.h +include/dns/view.h +include/dns/xfrin.h +include/dns/zone.h +include/dns/zonekey.h +include/dns/zt.h +include/dst/dst.h +include/dst/lib.h +include/dst/result.h +include/isc/app.h +include/isc/assertions.h +include/isc/base64.h +include/isc/bitstring.h +include/isc/boolean.h +include/isc/buffer.h +include/isc/bufferlist.h +include/isc/commandline.h +include/isc/condition.h +include/isc/dir.h +include/isc/entropy.h +include/isc/error.h +include/isc/event.h +include/isc/eventclass.h +include/isc/file.h +include/isc/formatcheck.h +include/isc/fsaccess.h +include/isc/heap.h +include/isc/hex.h +include/isc/hmacmd5.h +include/isc/int.h +include/isc/interfaceiter.h +include/isc/lang.h +include/isc/lex.h +include/isc/lfsr.h +include/isc/lib.h +include/isc/list.h +include/isc/log.h +include/isc/magic.h +include/isc/md5.h +include/isc/mem.h +include/isc/msgcat.h +include/isc/msgs.h +include/isc/mutex.h +include/isc/mutexblock.h +include/isc/net.h +include/isc/netaddr.h +include/isc/netdb.h +include/isc/offset.h +include/isc/once.h +include/isc/ondestroy.h +include/isc/os.h +include/isc/parseint.h +include/isc/platform.h +include/isc/print.h +include/isc/quota.h +include/isc/random.h +include/isc/ratelimiter.h +include/isc/refcount.h +include/isc/region.h +include/isc/resource.h +include/isc/result.h +include/isc/resultclass.h +include/isc/rwlock.h +include/isc/serial.h +include/isc/sha1.h +include/isc/sockaddr.h +include/isc/socket.h +include/isc/stdio.h +include/isc/stdlib.h +include/isc/stdtime.h +include/isc/string.h +include/isc/symtab.h +include/isc/syslog.h +include/isc/task.h +include/isc/taskpool.h +include/isc/thread.h +include/isc/time.h +include/isc/timer.h +include/isc/types.h +include/isc/util.h +include/isc/version.h +include/isccc/alist.h +include/isccc/base64.h +include/isccc/cc.h +include/isccc/ccmsg.h +include/isccc/events.h +include/isccc/lib.h +include/isccc/result.h +include/isccc/sexpr.h +include/isccc/symtab.h +include/isccc/symtype.h +include/isccc/types.h +include/isccc/util.h +include/isccc/version.h +include/isccfg/cfg.h +include/isccfg/grammar.h +include/isccfg/log.h +include/isccfg/namedconf.h +include/isccfg/version.h +include/lwres/context.h +include/lwres/int.h +include/lwres/ipv6.h +include/lwres/lang.h +include/lwres/list.h +include/lwres/lwbuffer.h +include/lwres/lwpacket.h +include/lwres/lwres.h +include/lwres/net.h +include/lwres/netdb.h +include/lwres/platform.h +include/lwres/result.h +include/lwres/version.h +lib/libbind9.a +lib/libdns.a +lib/libisc.a +lib/libisccc.a +lib/libisccfg.a +lib/liblwres.a +sbin/dnssec-keygen +sbin/dnssec-signzone +sbin/lwresd +sbin/named +sbin/named-checkconf +sbin/named-checkzone +sbin/rndc +sbin/rndc-confgen +%%PORTDOCS%%%%DOCSDIR%%/CHANGES +%%PORTDOCS%%%%DOCSDIR%%/COPYRIGHT +%%PORTDOCS%%%%DOCSDIR%%/FAQ +%%PORTDOCS%%%%DOCSDIR%%/README +%%PORTDOCS%%%%DOCSDIR%%/arm/Bv9ARM.ch01.html +%%PORTDOCS%%%%DOCSDIR%%/arm/Bv9ARM.ch02.html +%%PORTDOCS%%%%DOCSDIR%%/arm/Bv9ARM.ch03.html +%%PORTDOCS%%%%DOCSDIR%%/arm/Bv9ARM.ch04.html +%%PORTDOCS%%%%DOCSDIR%%/arm/Bv9ARM.ch05.html +%%PORTDOCS%%%%DOCSDIR%%/arm/Bv9ARM.ch06.html +%%PORTDOCS%%%%DOCSDIR%%/arm/Bv9ARM.ch07.html +%%PORTDOCS%%%%DOCSDIR%%/arm/Bv9ARM.ch08.html +%%PORTDOCS%%%%DOCSDIR%%/arm/Bv9ARM.ch09.html +%%PORTDOCS%%%%DOCSDIR%%/arm/Bv9ARM.html +%%PORTDOCS%%%%DOCSDIR%%/misc/dnssec +%%PORTDOCS%%%%DOCSDIR%%/misc/format-options.pl +%%PORTDOCS%%%%DOCSDIR%%/misc/ipv6 +%%PORTDOCS%%%%DOCSDIR%%/misc/migration +%%PORTDOCS%%%%DOCSDIR%%/misc/migration-4to9 +%%PORTDOCS%%%%DOCSDIR%%/misc/options +%%PORTDOCS%%%%DOCSDIR%%/misc/rfc-compliance +%%PORTDOCS%%%%DOCSDIR%%/misc/roadmap +%%PORTDOCS%%%%DOCSDIR%%/misc/sdb +%%PORTDOCS%%@dirrm %%DOCSDIR%%/arm +%%PORTDOCS%%@dirrm %%DOCSDIR%%/misc +%%PORTDOCS%%@dirrm %%DOCSDIR%% +@unexec rm -f %%BIND_DESTETC%%/rndc.conf.sample +@dirrm include/bind9 +@dirrm include/dns +@dirrm include/dst +@unexec rmdir %D/include/isc 2>/dev/null || true +@dirrm include/isccc +@dirrm include/isccfg +@dirrm include/lwres |