[pkgsrc/trunk]: pkgsrc/net/drill Add a patch each to code and documentation s...

[he <he%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/85db01c453cd
branches:  trunk
changeset: 609686:85db01c453cd
user:      he <he%pkgsrc.org@localhost>
date:      Mon Oct 08 13:58:48 2012 +0000

description:
Add a patch each to code and documentation so that drill probes
for /etc/trusted-key.key, and uses that as a trust anchor if neither
-D nor -k options were specified. This feature is borrowed from
BIND's dig when it is compiled with SIGCHASE support.  Bump
PKGREVISION.

diffstat:

 net/drill/Makefile         |   3 ++-
 net/drill/distinfo         |   4 +++-
 net/drill/patches/patch-aa |  43 +++++++++++++++++++++++++++++++++++++++++++
 net/drill/patches/patch-ab |  20 ++++++++++++++++++++
 4 files changed, 68 insertions(+), 2 deletions(-)

diffs (97 lines):

diff -r f18d3bdc402a -r 85db01c453cd net/drill/Makefile
--- a/net/drill/Makefile        Mon Oct 08 13:45:34 2012 +0000
+++ b/net/drill/Makefile        Mon Oct 08 13:58:48 2012 +0000
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.5 2012/10/08 13:30:43 he Exp $
+# $NetBSD: Makefile,v 1.6 2012/10/08 13:58:48 he Exp $
 
 VERSION=       1.6.13
 DISTNAME=      ldns-${VERSION}
 PKGNAME=       drill-${VERSION}
+PKGREVISION=   1
 CATEGORIES=    net
 MASTER_SITES=  http://www.nlnetlabs.nl/downloads/ldns/
 
diff -r f18d3bdc402a -r 85db01c453cd net/drill/distinfo
--- a/net/drill/distinfo        Mon Oct 08 13:45:34 2012 +0000
+++ b/net/drill/distinfo        Mon Oct 08 13:58:48 2012 +0000
@@ -1,5 +1,7 @@
-$NetBSD: distinfo,v 1.5 2012/10/08 13:30:43 he Exp $
+$NetBSD: distinfo,v 1.6 2012/10/08 13:58:48 he Exp $
 
 SHA1 (ldns-1.6.13.tar.gz) = 859f633d10b763f06b602e2113828cbbd964c7eb
 RMD160 (ldns-1.6.13.tar.gz) = c01c30699be2df5712a397516cd1a17bd8b155be
 Size (ldns-1.6.13.tar.gz) = 1066139 bytes
+SHA1 (patch-aa) = 3bbfcea6f44b49526451286590eac5de62841e72
+SHA1 (patch-ab) = 706e5edcf6982337b7360051f9964d77ad8716c2
diff -r f18d3bdc402a -r 85db01c453cd net/drill/patches/patch-aa
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/drill/patches/patch-aa        Mon Oct 08 13:58:48 2012 +0000
@@ -0,0 +1,43 @@
+$NetBSD: patch-aa,v 1.1 2012/10/08 13:58:48 he Exp $
+
+For compatibility with dig, if neither -k <key> nor -D is specified,
+read /etc/trusted-key.key if it exists, and if successful, turn on
+DNSSEC handling.
+
+--- drill.c.orig       2012-01-20 10:18:41.000000000 +0000
++++ drill.c
+@@ -10,6 +10,8 @@
+ #include "drill.h"
+ #include <ldns/ldns.h>
+ 
++#include <sys/stat.h>
++
+ #ifdef HAVE_SSL
+ #include <openssl/err.h>
+ #endif
+@@ -397,6 +399,25 @@ main(int argc, char *argv[])
+       argc -= optind;
+       argv += optind;
+ 
++      /* 
++       * If DNSSEC isn't enabled already, and /etc/trusted-key.key
++       * exists, try to read it and turn on DNSSEC handling if successful.
++       */
++      {
++              struct stat sb;
++
++              if (stat("/etc/trusted-key.key", &sb) == 0) {
++                      if (qdnssec != true) {
++                              status = read_key_file("/etc/trusted-key.key", key_list);
++                              if (status != LDNS_STATUS_OK) {
++                                      error("Could not parse the key file /etc/trusted-key.key: %s", ldns_get_errorstr_by_id(status));
++                              } else {
++                                      qdnssec = true; /* enable that too */
++                              }
++                      }
++              }
++      }
++
+       /* do a secure trace when requested */
+       if (PURPOSE == DRILL_TRACE && qdnssec) {
+ #ifdef HAVE_SSL
diff -r f18d3bdc402a -r 85db01c453cd net/drill/patches/patch-ab
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/drill/patches/patch-ab        Mon Oct 08 13:58:48 2012 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-ab,v 1.1 2012/10/08 13:58:48 he Exp $
+
+Document the automatic probing for /etc/trusted-key.key.
+
+--- drill.1.orig       2010-08-06 07:09:45.000000000 +0000
++++ drill.1
+@@ -161,6 +161,13 @@ given \fBdrill\fR tries to validate the 
+ key. No chasing is done. When \fBdrill\fR is doing a secure trace, this
+ key will be used as trust anchor. Can contain a DNSKEY or a DS record.
+ 
++Alternatively, if
++\fB-k\fR
++is not specified, and
++\fI/etc/trusted-key.key\fR
++exists and contains a valid DNSKEY or DS record, it will be used
++as the trust anchor.
++
+ .TP
+ \fB\-o \fImnemonic\fR
+ Use this option to set or unset specific header bits. A bit is