pkgsrc-WIP-changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Add a work-in-progress package for BIND 9.16.3.
Module Name: pkgsrc-wip
Committed By: Havard Eidnes <he%NetBSD.org@localhost>
Pushed By: he
Date: Wed May 20 14:07:43 2020 +0200
Changeset: 704f4de3cb824f5f3948c3061db9fda0310d8dab
Added Files:
bind916/DESCR
bind916/MESSAGE.rcd
bind916/Makefile
bind916/PLIST
bind916/buildlink3.mk
bind916/builtin.mk
bind916/distinfo
bind916/files/named9.sh
bind916/files/smf/manifest.xml
bind916/files/smf/named.sh
bind916/options.mk
bind916/patches/patch-bin_named_Makefile.in
bind916/patches/patch-bin_named_main.c
bind916/patches/patch-bin_named_pfilter.c
bind916/patches/patch-bin_named_pfilter.h
bind916/patches/patch-bin_named_server.c
bind916/patches/patch-bin_nsupdate_nsupdate.c
bind916/patches/patch-bin_pkcs11_pkcs11-keygen.c
bind916/patches/patch-bin_tests_system_kasp_tests.sh
bind916/patches/patch-bin_tests_system_metadata_tests.sh
bind916/patches/patch-bin_tests_system_rpz_tests.sh
bind916/patches/patch-bin_tools_arpaname.c
bind916/patches/patch-bin_tools_nsec3hash.c
bind916/patches/patch-config.h.in
bind916/patches/patch-config.threads.in
bind916/patches/patch-configure
bind916/patches/patch-contrib_dlz_config.dlz.in
bind916/patches/patch-lib_dns_byaddr.c
bind916/patches/patch-lib_dns_dnsrps.c
bind916/patches/patch-lib_dns_gssapi__link.c
bind916/patches/patch-lib_dns_lookup.c
bind916/patches/patch-lib_dns_message.c
bind916/patches/patch-lib_dns_rbt.c
bind916/patches/patch-lib_dns_rbtdb.c
bind916/patches/patch-lib_dns_request.c
bind916/patches/patch-lib_dns_sdb.c
bind916/patches/patch-lib_dns_spnego.c
bind916/patches/patch-lib_dns_validator.c
bind916/patches/patch-lib_dns_view.c
bind916/patches/patch-lib_isc_backtrace.c
bind916/patches/patch-lib_isc_unix_net.c
bind916/patches/patch-lib_isc_unix_socket.c
bind916/patches/patch-lib_isc_unix_time.c
Log Message:
Add a work-in-progress package for BIND 9.16.3.
BIND 9.16 features
BIND 9.16 is the current stable branch of BIND 9. It includes all changes
from the 9.15 development branch, updating the previous stable branch,
9.14. New features include:
* New dnssec-policy statement to configure a key and signing policy for
zones, enabling automatic key regeneration and rollover.
* New network manager based on libuv.
* Added support for the new GeoIP2 geolocation API, libmaxminddb.
* Improved DNSSEC trust anchor configuration using the trust-anchors
statement, permitting configuration of trust anchors in DS as well as
DNSKEY format.
* YAML output for dig, mdig, and delv.
Rough edges in this package:
* BIND *really* now wants a 64-bit atomic, which poses problems
for in-tree gcc and our i386 port (which I used to port this
package). It wants -latomic, something our pkgsrc gcc packages
provide but our in-tree gcc doesn't. I've just set GCC_REQD=7
and USE_PKGSRC_GCC=yes since that was what i had lying around
already.
* The blacklist option has been disabled on NetBSD in options.mk;
the bin/named/pfilter.c patch needs to be rewritten after BIND
started using libuv for socket i/o, and I could not untangle all
the abstraction layers.
* sbin/named ends up with an embedded config options string which
include PKG_CONFIG and PKG_CONFIG_PATH which point into work/.
This is probably benign, added a CHECK_WRKREF_SKIP.
The rest of the pkgsrc patches have been adapted from the bind914
package.
To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=704f4de3cb824f5f3948c3061db9fda0310d8dab
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
diffstat:
bind916/DESCR | 15 +
bind916/MESSAGE.rcd | 19 ++
bind916/Makefile | 91 +++++
bind916/PLIST | 379 +++++++++++++++++++++
bind916/buildlink3.mk | 12 +
bind916/builtin.mk | 92 +++++
bind916/distinfo | 38 +++
bind916/files/named9.sh | 74 ++++
bind916/files/smf/manifest.xml | 138 ++++++++
bind916/files/smf/named.sh | 262 ++++++++++++++
bind916/options.mk | 142 ++++++++
bind916/patches/patch-bin_named_Makefile.in | 38 +++
bind916/patches/patch-bin_named_main.c | 27 ++
bind916/patches/patch-bin_named_pfilter.c | 58 ++++
bind916/patches/patch-bin_named_pfilter.h | 9 +
bind916/patches/patch-bin_named_server.c | 38 +++
bind916/patches/patch-bin_nsupdate_nsupdate.c | 24 ++
bind916/patches/patch-bin_pkcs11_pkcs11-keygen.c | 30 ++
.../patches/patch-bin_tests_system_kasp_tests.sh | 157 +++++++++
.../patch-bin_tests_system_metadata_tests.sh | 15 +
.../patches/patch-bin_tests_system_rpz_tests.sh | 15 +
bind916/patches/patch-bin_tools_arpaname.c | 15 +
bind916/patches/patch-bin_tools_nsec3hash.c | 15 +
bind916/patches/patch-config.h.in | 16 +
bind916/patches/patch-config.threads.in | 15 +
bind916/patches/patch-configure | 225 ++++++++++++
bind916/patches/patch-contrib_dlz_config.dlz.in | 15 +
bind916/patches/patch-lib_dns_byaddr.c | 15 +
bind916/patches/patch-lib_dns_dnsrps.c | 14 +
bind916/patches/patch-lib_dns_gssapi__link.c | 20 ++
bind916/patches/patch-lib_dns_lookup.c | 15 +
bind916/patches/patch-lib_dns_message.c | 15 +
bind916/patches/patch-lib_dns_rbt.c | 68 ++++
bind916/patches/patch-lib_dns_rbtdb.c | 15 +
bind916/patches/patch-lib_dns_request.c | 24 ++
bind916/patches/patch-lib_dns_sdb.c | 15 +
bind916/patches/patch-lib_dns_spnego.c | 15 +
bind916/patches/patch-lib_dns_validator.c | 15 +
bind916/patches/patch-lib_dns_view.c | 15 +
bind916/patches/patch-lib_isc_backtrace.c | 15 +
bind916/patches/patch-lib_isc_unix_net.c | 23 ++
bind916/patches/patch-lib_isc_unix_socket.c | 23 ++
bind916/patches/patch-lib_isc_unix_time.c | 35 ++
43 files changed, 2316 insertions(+)
diffs:
diff --git a/bind916/DESCR b/bind916/DESCR
new file mode 100644
index 0000000000..ede606ff91
--- /dev/null
+++ b/bind916/DESCR
@@ -0,0 +1,15 @@
+BIND, the Berkeley Internet Name Daemon. This package contains the BIND
+9.16 release.
+
+BIND 9.16 is the current stable branch of BIND 9. It includes all changes
+from the 9.15 development branch, updating the previous stable branch,
+9.14. New features include:
+
+ * New dnssec-policy statement to configure a key and signing policy for
+ zones, enabling automatic key regeneration and rollover.
+ * New network manager based on libuv.
+ * Added support for the new GeoIP2 geolocation API, libmaxminddb.
+ * Improved DNSSEC trust anchor configuration using the trust-anchors
+ statement, permitting configuration of trust anchors in DS as well as
+ DNSKEY format.
+ * YAML output for dig, mdig, and delv.
diff --git a/bind916/MESSAGE.rcd b/bind916/MESSAGE.rcd
new file mode 100644
index 0000000000..b8bb0603cb
--- /dev/null
+++ b/bind916/MESSAGE.rcd
@@ -0,0 +1,19 @@
+===========================================================================
+$NetBSD: MESSAGE.rcd,v 1.1 2019/06/20 12:26:33 jperkin Exp $
+
+Please consider running BIND under the pseudo user account "${BIND_USER}"
+in a chroot environment for security reasons.
+
+To achieve this, set the variable "named_chrootdir" in /etc/rc.conf to
+the directory with the chroot environment e.g. "${BIND_DIR}".
+
+Note: named(8) requires writable directories under "/etc/namedb" which
+specified by "directory" in "options" statement:
+
+ cache
+ keys
+ nta
+
+Make sure to these directories exists with writable by "${BIND_USER}" user.
+
+===========================================================================
diff --git a/bind916/Makefile b/bind916/Makefile
new file mode 100644
index 0000000000..ed1f8907dd
--- /dev/null
+++ b/bind916/Makefile
@@ -0,0 +1,91 @@
+# $NetBSD: Makefile,v 1.20 2020/03/26 13:54:35 nia Exp $
+
+DISTNAME= bind-${BIND_VERSION}
+PKGNAME= ${DISTNAME:S/-P/pl/}
+CATEGORIES= net
+MASTER_SITES= ftp://ftp.isc.org/isc/bind9/${BIND_VERSION}/
+EXTRACT_SUFX= .tar.xz
+
+MAINTAINER= pkgsrc-users%NetBSD.org@localhost
+HOMEPAGE= https://www.isc.org/software/bind/
+COMMENT= Berkeley Internet Name Daemon implementation of DNS, version 9.14
+LICENSE= mpl-2.0
+
+CONFLICTS+= host-[0-9]*
+
+MAKE_JOBS_SAFE= no
+
+BIND_VERSION= 9.16.3
+
+# For libatomic and 64-bit operations
+USE_PKGSRC_GCC= yes
+GCC_REQD= 7
+
+.include "../../mk/bsd.prefs.mk"
+
+BUILD_DEFS+= BIND_DIR VARBASE
+
+CHECK_WRKREF_SKIP= sbin/named
+
+.include "options.mk"
+
+USE_TOOLS+= pax perl pkg-config
+USE_LIBTOOL= yes
+GNU_CONFIGURE= yes
+
+.if ${OPSYS} == "Linux" && !exists(/usr/include/sys/capability.h)
+CONFIGURE_ARGS+= --disable-linux-caps
+.endif
+
+CONFIGURE_ARGS+= --with-libtool
+CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR}
+CONFIGURE_ARGS+= --localstatedir=${VARBASE}
+CONFIGURE_ARGS+= --with-openssl=${SSLBASE:Q}
+CONFIGURE_ARGS+= --with-python=no
+.if !empty(MACHINE_PLATFORM:MNetBSD-*-m68k) || \
+ !empty(MACHINE_PLATFORM:MNetBSD-*-mipsel) || \
+ !empty(MACHINE_PLATFORM:MNetBSD-*-vax)
+CONFIGURE_ARGS+= --disable-atomic
+.endif
+CONFIGURE_ARGS.DragonFly+= --disable-kqueue
+CONFIGURE_ARGS.SunOS+= --disable-epoll
+
+BUILDLINK_TRANSFORM.SunOS+= rm:-zrelax=transtls
+
+PKG_GROUPS_VARS+= BIND_GROUP
+PKG_USERS_VARS= BIND_USER
+
+PKG_GROUPS= ${BIND_GROUP}
+PKG_USERS= ${BIND_USER}:${BIND_GROUP}
+
+PKG_GECOS.${BIND_USER}= Named pseudo-user
+PKG_HOME.${BIND_USER}= ${BIND_DIR}
+
+DOCS= CHANGES HISTORY OPTIONS README
+
+FILES_SUBST+= BIND_GROUP=${BIND_GROUP} \
+ BIND_USER=${BIND_USER} PAX=${PAX:Q} \
+ SSLBASE=${SSLBASE}
+MESSAGE_SUBST+= BIND_DIR=${BIND_DIR} BIND_USER=${BIND_USER}
+
+DOCDIR= share/doc/bind9
+
+RCD_SCRIPTS= named9
+SMF_METHODS= named
+
+INSTALL_MAKE_FLAGS+= sysconfdir=${PREFIX}/share/examples/bind9
+CONF_FILES+= share/examples/bind9/bind.keys \
+ ${PKG_SYSCONFDIR}/bind.keys
+
+INSTALLATION_DIRS+= ${DOCDIR} ${DOCDIR}/arm
+
+post-install:
+.for f in ${DOCS}
+ ${INSTALL_DATA} ${WRKSRC}/${f} ${DESTDIR}${PREFIX}/${DOCDIR}
+.endfor
+ ${INSTALL_DATA} ${WRKSRC}/doc/arm/*.html ${DESTDIR}${PREFIX}/${DOCDIR}/arm
+
+.include "../../security/openssl/buildlink3.mk"
+.include "../../devel/zlib/buildlink3.mk"
+.include "../../devel/libuv/buildlink3.mk"
+.include "../../mk/bsd.pkg.mk"
diff --git a/bind916/PLIST b/bind916/PLIST
new file mode 100644
index 0000000000..141bce7e8d
--- /dev/null
+++ b/bind916/PLIST
@@ -0,0 +1,379 @@
+@comment $NetBSD$
+bin/arpaname
+bin/delv
+bin/dig
+bin/dnstap-read
+bin/host
+bin/mdig
+bin/named-rrchecker
+bin/nslookup
+bin/nsupdate
+include/bind9/check.h
+include/bind9/getaddresses.h
+include/bind9/version.h
+include/dns/acl.h
+include/dns/adb.h
+include/dns/badcache.h
+include/dns/bit.h
+include/dns/byaddr.h
+include/dns/cache.h
+include/dns/callbacks.h
+include/dns/catz.h
+include/dns/cert.h
+include/dns/client.h
+include/dns/clientinfo.h
+include/dns/compress.h
+include/dns/db.h
+include/dns/dbiterator.h
+include/dns/dbtable.h
+include/dns/diff.h
+include/dns/dispatch.h
+include/dns/dlz.h
+include/dns/dlz_dlopen.h
+include/dns/dns64.h
+include/dns/dnsrps.h
+include/dns/dnssec.h
+include/dns/dnstap.h
+include/dns/ds.h
+include/dns/dsdigest.h
+include/dns/dyndb.h
+include/dns/ecdb.h
+include/dns/ecs.h
+include/dns/edns.h
+include/dns/enumclass.h
+include/dns/enumtype.h
+include/dns/events.h
+include/dns/fixedname.h
+include/dns/forward.h
+include/dns/geoip.h
+include/dns/ipkeylist.h
+include/dns/iptable.h
+include/dns/journal.h
+include/dns/kasp.h
+include/dns/keydata.h
+include/dns/keyflags.h
+include/dns/keymgr.h
+include/dns/keytable.h
+include/dns/keyvalues.h
+include/dns/lib.h
+include/dns/librpz.h
+include/dns/log.h
+include/dns/lookup.h
+include/dns/master.h
+include/dns/masterdump.h
+include/dns/message.h
+include/dns/name.h
+include/dns/ncache.h
+include/dns/nsec.h
+include/dns/nsec3.h
+include/dns/nta.h
+include/dns/opcode.h
+include/dns/order.h
+include/dns/peer.h
+include/dns/portlist.h
+include/dns/private.h
+include/dns/rbt.h
+include/dns/rcode.h
+include/dns/rdata.h
+include/dns/rdataclass.h
+include/dns/rdatalist.h
+include/dns/rdataset.h
+include/dns/rdatasetiter.h
+include/dns/rdataslab.h
+include/dns/rdatastruct.h
+include/dns/rdatatype.h
+include/dns/request.h
+include/dns/resolver.h
+include/dns/result.h
+include/dns/rootns.h
+include/dns/rpz.h
+include/dns/rriterator.h
+include/dns/rrl.h
+include/dns/sdb.h
+include/dns/sdlz.h
+include/dns/secalg.h
+include/dns/secproto.h
+include/dns/soa.h
+include/dns/ssu.h
+include/dns/stats.h
+include/dns/tcpmsg.h
+include/dns/time.h
+include/dns/timer.h
+include/dns/tkey.h
+include/dns/tsec.h
+include/dns/tsig.h
+include/dns/ttl.h
+include/dns/types.h
+include/dns/update.h
+include/dns/validator.h
+include/dns/version.h
+include/dns/view.h
+include/dns/xfrin.h
+include/dns/zone.h
+include/dns/zonekey.h
+include/dns/zoneverify.h
+include/dns/zt.h
+include/dst/dst.h
+include/dst/gssapi.h
+include/dst/result.h
+include/irs/context.h
+include/irs/dnsconf.h
+include/irs/netdb.h
+include/irs/platform.h
+include/irs/resconf.h
+include/irs/types.h
+include/irs/version.h
+include/isc/aes.h
+include/isc/align.h
+include/isc/app.h
+include/isc/assertions.h
+include/isc/astack.h
+include/isc/atomic.h
+include/isc/backtrace.h
+include/isc/base32.h
+include/isc/base64.h
+include/isc/bind9.h
+include/isc/buffer.h
+include/isc/bufferlist.h
+include/isc/commandline.h
+include/isc/condition.h
+include/isc/counter.h
+include/isc/crc64.h
+include/isc/deprecated.h
+include/isc/dir.h
+include/isc/endian.h
+include/isc/errno.h
+include/isc/error.h
+include/isc/event.h
+include/isc/eventclass.h
+include/isc/file.h
+include/isc/formatcheck.h
+include/isc/fsaccess.h
+include/isc/fuzz.h
+include/isc/hash.h
+include/isc/heap.h
+include/isc/hex.h
+include/isc/hmac.h
+include/isc/hp.h
+include/isc/ht.h
+include/isc/httpd.h
+include/isc/interfaceiter.h
+include/isc/iterated_hash.h
+include/isc/lang.h
+include/isc/lex.h
+include/isc/lfsr.h
+include/isc/lib.h
+include/isc/likely.h
+include/isc/list.h
+include/isc/log.h
+include/isc/magic.h
+include/isc/md.h
+include/isc/mem.h
+include/isc/meminfo.h
+include/isc/mutex.h
+include/isc/mutexatomic.h
+include/isc/mutexblock.h
+include/isc/net.h
+include/isc/netaddr.h
+include/isc/netdb.h
+include/isc/netmgr.h
+include/isc/netscope.h
+include/isc/nonce.h
+include/isc/offset.h
+include/isc/once.h
+include/isc/os.h
+include/isc/parseint.h
+include/isc/platform.h
+include/isc/pool.h
+include/isc/portset.h
+include/isc/print.h
+include/isc/queue.h
+include/isc/quota.h
+include/isc/radix.h
+include/isc/random.h
+include/isc/ratelimiter.h
+include/isc/refcount.h
+include/isc/regex.h
+include/isc/region.h
+include/isc/resource.h
+include/isc/result.h
+include/isc/resultclass.h
+include/isc/rwlock.h
+include/isc/safe.h
+include/isc/serial.h
+include/isc/siphash.h
+include/isc/sockaddr.h
+include/isc/socket.h
+include/isc/stat.h
+include/isc/stats.h
+include/isc/stdatomic.h
+include/isc/stdio.h
+include/isc/stdtime.h
+include/isc/strerr.h
+include/isc/string.h
+include/isc/symtab.h
+include/isc/syslog.h
+include/isc/task.h
+include/isc/taskpool.h
+include/isc/thread.h
+include/isc/time.h
+include/isc/timer.h
+include/isc/tm.h
+include/isc/types.h
+include/isc/util.h
+include/isc/version.h
+include/isccc/alist.h
+include/isccc/base64.h
+include/isccc/cc.h
+include/isccc/ccmsg.h
+include/isccc/events.h
+include/isccc/result.h
+include/isccc/sexpr.h
+include/isccc/symtab.h
+include/isccc/symtype.h
+include/isccc/types.h
+include/isccc/util.h
+include/isccc/version.h
+include/isccfg/aclconf.h
+include/isccfg/cfg.h
+include/isccfg/dnsconf.h
+include/isccfg/grammar.h
+include/isccfg/kaspconf.h
+include/isccfg/log.h
+include/isccfg/namedconf.h
+include/isccfg/version.h
+include/ns/client.h
+include/ns/hooks.h
+include/ns/interfacemgr.h
+include/ns/lib.h
+include/ns/listenlist.h
+include/ns/log.h
+include/ns/notify.h
+include/ns/query.h
+include/ns/server.h
+include/ns/sortlist.h
+include/ns/stats.h
+include/ns/types.h
+include/ns/update.h
+include/ns/version.h
+include/ns/xfrout.h
+include/pk11/constants.h
+include/pk11/internal.h
+include/pk11/pk11.h
+include/pk11/result.h
+include/pk11/site.h
+include/pkcs11/pkcs11.h
+lib/libbind9.la
+lib/libdns.la
+lib/libirs.la
+lib/libisc.la
+lib/libisccc.la
+lib/libisccfg.la
+lib/libns.la
+lib/named/filter-aaaa.so
+man/man1/arpaname.1
+man/man1/delv.1
+man/man1/dig.1
+man/man1/dnstap-read.1
+man/man1/host.1
+man/man1/mdig.1
+man/man1/named-rrchecker.1
+man/man1/nslookup.1
+man/man1/nsupdate.1
+man/man5/named.conf.5
+man/man5/rndc.conf.5
+man/man8/ddns-confgen.8
+man/man8/dnssec-cds.8
+man/man8/dnssec-dsfromkey.8
+man/man8/dnssec-importkey.8
+man/man8/dnssec-keyfromlabel.8
+man/man8/dnssec-keygen.8
+man/man8/dnssec-revoke.8
+man/man8/dnssec-settime.8
+man/man8/dnssec-signzone.8
+man/man8/dnssec-verify.8
+man/man8/filter-aaaa.8
+man/man8/named-checkconf.8
+man/man8/named-checkzone.8
+man/man8/named-compilezone.8
+man/man8/named-journalprint.8
+man/man8/named.8
+man/man8/nsec3hash.8
+man/man8/rndc-confgen.8
+man/man8/rndc.8
+man/man8/tsig-keygen.8
+sbin/ddns-confgen
+sbin/dnssec-cds
+sbin/dnssec-dsfromkey
+sbin/dnssec-importkey
+sbin/dnssec-keyfromlabel
+sbin/dnssec-keygen
+sbin/dnssec-revoke
+sbin/dnssec-settime
+sbin/dnssec-signzone
+sbin/dnssec-verify
+sbin/named
+sbin/named-checkconf
+sbin/named-checkzone
+sbin/named-compilezone
+sbin/named-journalprint
+sbin/nsec3hash
+sbin/rndc
+sbin/rndc-confgen
+sbin/tsig-keygen
+share/doc/bind9/CHANGES
+share/doc/bind9/HISTORY
+share/doc/bind9/OPTIONS
+share/doc/bind9/README
+share/doc/bind9/arm/Bv9ARM.ch01.html
+share/doc/bind9/arm/Bv9ARM.ch02.html
+share/doc/bind9/arm/Bv9ARM.ch03.html
+share/doc/bind9/arm/Bv9ARM.ch04.html
+share/doc/bind9/arm/Bv9ARM.ch05.html
+share/doc/bind9/arm/Bv9ARM.ch06.html
+share/doc/bind9/arm/Bv9ARM.ch07.html
+share/doc/bind9/arm/Bv9ARM.ch08.html
+share/doc/bind9/arm/Bv9ARM.ch09.html
+share/doc/bind9/arm/Bv9ARM.ch10.html
+share/doc/bind9/arm/Bv9ARM.ch11.html
+share/doc/bind9/arm/Bv9ARM.ch12.html
+share/doc/bind9/arm/Bv9ARM.html
+share/doc/bind9/arm/man.arpaname.html
+share/doc/bind9/arm/man.ddns-confgen.html
+share/doc/bind9/arm/man.delv.html
+share/doc/bind9/arm/man.dig.html
+share/doc/bind9/arm/man.dnssec-cds.html
+share/doc/bind9/arm/man.dnssec-checkds.html
+share/doc/bind9/arm/man.dnssec-coverage.html
+share/doc/bind9/arm/man.dnssec-dsfromkey.html
+share/doc/bind9/arm/man.dnssec-importkey.html
+share/doc/bind9/arm/man.dnssec-keyfromlabel.html
+share/doc/bind9/arm/man.dnssec-keygen.html
+share/doc/bind9/arm/man.dnssec-keymgr.html
+share/doc/bind9/arm/man.dnssec-revoke.html
+share/doc/bind9/arm/man.dnssec-settime.html
+share/doc/bind9/arm/man.dnssec-signzone.html
+share/doc/bind9/arm/man.dnssec-verify.html
+share/doc/bind9/arm/man.dnstap-read.html
+share/doc/bind9/arm/man.filter-aaaa.html
+share/doc/bind9/arm/man.host.html
+share/doc/bind9/arm/man.mdig.html
+share/doc/bind9/arm/man.named-checkconf.html
+share/doc/bind9/arm/man.named-checkzone.html
+share/doc/bind9/arm/man.named-journalprint.html
+share/doc/bind9/arm/man.named-nzd2nzf.html
+share/doc/bind9/arm/man.named-rrchecker.html
+share/doc/bind9/arm/man.named.conf.html
+share/doc/bind9/arm/man.named.html
+share/doc/bind9/arm/man.nsec3hash.html
+share/doc/bind9/arm/man.nslookup.html
+share/doc/bind9/arm/man.nsupdate.html
+share/doc/bind9/arm/man.pkcs11-destroy.html
+share/doc/bind9/arm/man.pkcs11-keygen.html
+share/doc/bind9/arm/man.pkcs11-list.html
+share/doc/bind9/arm/man.pkcs11-tokens.html
+share/doc/bind9/arm/man.rndc-confgen.html
+share/doc/bind9/arm/man.rndc.conf.html
+share/doc/bind9/arm/man.rndc.html
+share/doc/bind9/arm/notes.html
+share/examples/bind9/bind.keys
diff --git a/bind916/buildlink3.mk b/bind916/buildlink3.mk
new file mode 100644
index 0000000000..8d8e223087
--- /dev/null
+++ b/bind916/buildlink3.mk
@@ -0,0 +1,12 @@
+# $NetBSD: buildlink3.mk,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+BUILDLINK_TREE+= bind
+
+.if !defined(BIND_BUILDLINK3_MK)
+BIND_BUILDLINK3_MK:=
+
+BUILDLINK_API_DEPENDS.bind+= bind>=9.14.0
+BUILDLINK_PKGSRCDIR.bind?= ../../net/bind914
+.endif # BIND_BUILDLINK3_MK
+
+BUILDLINK_TREE+= -bind
diff --git a/bind916/builtin.mk b/bind916/builtin.mk
new file mode 100644
index 0000000000..6b6855f741
--- /dev/null
+++ b/bind916/builtin.mk
@@ -0,0 +1,92 @@
+# $NetBSD: builtin.mk,v 1.2 2019/11/03 11:45:30 rillig Exp $
+
+BUILTIN_PKG:= bind
+
+BUILTIN_FIND_FILES_VAR:= EXE_NAMED
+BUILTIN_FIND_FILES.EXE_NAMED= /usr/sbin/named
+BUILTIN_FIND_LIBS:= bind
+
+.include "../../mk/buildlink3/bsd.builtin.mk"
+
+###
+### Figure out the version of BIND if an ISC BIND named exists on the
+### system.
+###
+.if !defined(BUILTIN_VERSION.bind) && \
+ empty(EXE_NAMED:M__nonexistent__) && \
+ empty(EXE_NAMED:M${LOCALBASE}/*)
+BUILTIN_VERSION.bind!= \
+ ${EXE_NAMED} -v 2>/dev/null | ${HEAD} -1 | \
+ ${AWK} 'BEGIN { v = "4.9.11"; } \
+ /^BIND / { v = $$2; sub("-.*", "", v); } \
+ /^named / { v = $$2; sub("-.*", "", v); } \
+ END { print v; }'
+.endif
+MAKEVARS+= BUILTIN_VERSION.bind
+
+###
+### Determine if there is a built-in implementation of the package and
+### set IS_BUILTIN.<pkg> appropriately ("yes" or "no").
+###
+.if !defined(IS_BUILTIN.bind)
+IS_BUILTIN.bind= no
+. if defined(BUILTIN_VERSION.bind)
+IS_BUILTIN.bind= yes
+. endif
+.endif
+MAKEVARS+= IS_BUILTIN.bind
+
+###
+### If there is a built-in implementation, then set BUILTIN_PKG.<pkg> to
+### a package name to represent the built-in package.
+###
+.if !defined(BUILTIN_PKG.bind) && \
+ !empty(IS_BUILTIN.bind:M[yY][eE][sS]) && \
+ defined(BUILTIN_VERSION.bind)
+BUILTIN_PKG.bind= bind-${BUILTIN_VERSION.bind}
+.endif
+MAKEVARS+= BUILTIN_PKG.bind
+
+###
+### Determine whether we should use the built-in implementation if it
+### exists, and set USE_BUILTIN.<pkg> appropriate ("yes" or "no").
+###
+.if !defined(USE_BUILTIN.bind)
+. if ${PREFER.bind} == "pkgsrc"
+USE_BUILTIN.bind= no
+. else
+USE_BUILTIN.bind= ${IS_BUILTIN.bind}
+. if defined(BUILTIN_PKG.bind) && \
+ !empty(IS_BUILTIN.bind:M[yY][eE][sS])
+USE_BUILTIN.bind= yes
+. for dep in ${BUILDLINK_API_DEPENDS.bind}
+. if !empty(USE_BUILTIN.bind:M[yY][eE][sS])
+USE_BUILTIN.bind!= \
+ if ${PKG_ADMIN} pmatch ${dep:Q} ${BUILTIN_PKG.bind:Q}; then \
+ ${ECHO} yes; \
+ else \
+ ${ECHO} no; \
+ fi
+. endif
+. endfor
+. endif
+. endif # PREFER.bind
+.endif
+MAKEVARS+= USE_BUILTIN.bind
+
+###
+### The section below only applies if we are not including this file
+### solely to determine whether a built-in implementation exists.
+###
+CHECK_BUILTIN.bind?= no
+.if !empty(CHECK_BUILTIN.bind:M[nN][oO])
+
+. if !empty(USE_BUILTIN.bind:M[yY][eE][sS])
+. if !empty(BUILTIN_LIB_FOUND.bind:M[yY][eE][sS])
+BUILDLINK_LDADD.bind?= -lbind
+. endif
+. elif !empty(USE_BUILTIN.bind:M[nN][oO])
+BUILDLINK_LDADD.bind?= -lbind
+. endif
+
+.endif # CHECK_BUILTIN.bind
diff --git a/bind916/distinfo b/bind916/distinfo
new file mode 100644
index 0000000000..b29f77d3dc
--- /dev/null
+++ b/bind916/distinfo
@@ -0,0 +1,38 @@
+$NetBSD: distinfo,v 1.14 2020/02/20 16:37:06 taca Exp $
+
+SHA1 (bind-9.16.3.tar.xz) = 0329886be14da8654458057061d5bbfcd87bdf20
+RMD160 (bind-9.16.3.tar.xz) = 93ddd1184d87d51b1ae195be495c57762b0a71dc
+SHA512 (bind-9.16.3.tar.xz) = aded208ab8b10cac275512eb4cb19f4eabd654ef3c14ab0c635f7d09194df4f6dfa84d0b5d69ce93854ceb26a93e21d7122b01ce4f3996da807249ca41d877df
+Size (bind-9.16.3.tar.xz) = 4573044 bytes
+SHA1 (patch-bin_named_Makefile.in) = f4ca372f7398e3b6866be8c8b0df4f5888a13d0f
+SHA1 (patch-bin_named_main.c) = c62eb07ae859d022a77d2b3cbaa48df73e4fa8d4
+SHA1 (patch-bin_named_pfilter.c) = b54f872c883c8fbc2d9c04df65c185dc057cc36b
+SHA1 (patch-bin_named_pfilter.h) = c14617cb266a4b5d33ba6e5db98562e806792833
+SHA1 (patch-bin_named_server.c) = 57f43d4556588447f44980c5acd36cb00cc528cc
+SHA1 (patch-bin_nsupdate_nsupdate.c) = f71213385ec7c78243c1f93a6940caa111cb5072
+SHA1 (patch-bin_pkcs11_pkcs11-keygen.c) = d953bf48aadcdf7e95975d335167cc50f54ef91e
+SHA1 (patch-bin_tests_system_kasp_tests.sh) = da6dcc4049ab7899a9b8793edde93cf549f9506a
+SHA1 (patch-bin_tests_system_metadata_tests.sh) = d01a492d0b7738760bdbff714248e279a78fef28
+SHA1 (patch-bin_tests_system_rpz_tests.sh) = 1bc5e0d5c0cc50608e6314c2d2664bd1dc3f6e34
+SHA1 (patch-bin_tools_arpaname.c) = b17050df38ca9734f40351a37a6faf581481e2da
+SHA1 (patch-bin_tools_nsec3hash.c) = 87c3891db62c45cd8ed2b484b17f7bf2e319bef3
+SHA1 (patch-config.h.in) = 0720dd6303293b32c1e5f0357fa3cd02f00068e4
+SHA1 (patch-config.threads.in) = fc5cc7097d87523a34c0e630cb8dd1d081d859e5
+SHA1 (patch-configure) = c52569993b2a9374dc6f4b2c07cd459e9b172684
+SHA1 (patch-contrib_dlz_config.dlz.in) = 6c53d61aaaf1a952a867e4c4da0194db94f511d7
+SHA1 (patch-lib_dns_byaddr.c) = 07838ae4c383a51376e455a78724d46ab06e47c4
+SHA1 (patch-lib_dns_dnsrps.c) = bddd1e3ec6efada581ee8865ee429d283fb7a957
+SHA1 (patch-lib_dns_gssapi__link.c) = d3ab9b8421f64f6bfbd3b94620e816f3e23f0d49
+SHA1 (patch-lib_dns_lookup.c) = 8e8e78e20a8e78692772d488e842df230e121203
+SHA1 (patch-lib_dns_message.c) = 0be413cf8b56ce21bcceb451191cacf9d044fa06
+SHA1 (patch-lib_dns_rbt.c) = c18e79500cae16039020a4fcd8f11a0ced646edc
+SHA1 (patch-lib_dns_rbtdb.c) = 389a83f425050733cb90652ffcb515d7a53d76f2
+SHA1 (patch-lib_dns_request.c) = 890ca130eb515635fe099c92e653a942a91c5253
+SHA1 (patch-lib_dns_sdb.c) = 8a94a65785bb938d330d1446e0100e50fa5fa9bd
+SHA1 (patch-lib_dns_spnego.c) = 817e8d9eceb10a3e7d396ee76b218b4f0009be3f
+SHA1 (patch-lib_dns_validator.c) = 0487bc39326dd6bc9b327aff661045b7416a952d
+SHA1 (patch-lib_dns_view.c) = 54f498d5e2519652498b100789c9c6139a10db12
+SHA1 (patch-lib_isc_backtrace.c) = 5463d3174d1ed809e12e415109fd9b5ecdf8fe2b
+SHA1 (patch-lib_isc_unix_net.c) = 839a975c132993c9de905b99275d2426352fbe16
+SHA1 (patch-lib_isc_unix_socket.c) = 1df33084742b25aafb8c4ec0de7907636fc8e3cb
+SHA1 (patch-lib_isc_unix_time.c) = ca7c72924a6887e391890a71cde922e526b3dd29
diff --git a/bind916/files/named9.sh b/bind916/files/named9.sh
new file mode 100644
index 0000000000..a3fb2521d5
--- /dev/null
+++ b/bind916/files/named9.sh
@@ -0,0 +1,74 @@
+#!@RCD_SCRIPTS_SHELL@
+#
+# $NetBSD: named9.sh,v 1.1 2019/04/30 03:34:34 taca Exp $
+#
+
+# PROVIDE: named
+# REQUIRE: NETWORKING mountcritremote syslogd
+# BEFORE: DAEMON
+# KEYWORD: chrootdir
+
+. /etc/rc.subr
+
+name="named"
+rcvar="${name}9"
+command="@PREFIX@/sbin/${name}"
+pidfile="@VARBASE@/run/named/${name}.pid"
+start_precmd="named_precmd"
+extra_commands="reload"
+required_dirs="$named_chrootdir" # if it is set, it must exist
+
+named_precmd()
+{
+ # Die if $named is also set (i.e. the system's named is not disabled
+ if checkyesno named ; then
+ warn \
+ "disable 'named' when setting 'named9'!"
+ return 1
+ fi
+
+ if [ ! -d @VARBASE@/run/named ]; then
+ @MKDIR@ @VARBASE@/run/named
+ fi
+
+ if [ -z "$named_chrootdir" ]; then
+ return 0;
+ fi
+
+ for i in crypto null random urandom
+ do
+ if [ ! -c "${named_chrootdir}/dev/$i" ]; then
+ @RM@ -f "${named_chrootdir}/dev/$i"
+ (cd /dev &&
+ @PAX@ -rw -pe "$i" "${named_chrootdir}/dev")
+ fi
+ done
+
+ if [ -f /etc/localtime ]; then
+ @CMP@ -s /etc/localtime "${named_chrootdir}/etc/localtime" || \
+ @CP@ -p /etc/localtime "${named_chrootdir}/etc/localtime"
+ fi
+
+ if [ -f @SSLBASE@/lib/engines/libgost.so ]; then
+ if [ ! -d ${named_chrootdir}@SSLBASE@/lib/engines ]; then
+ @MKDIR@ ${named_chrootdir}@SSLBASE@/lib/engines
+ fi
+ @CMP@ -s @SSLBASE@/lib/engines/libgost.so "${named_chrootdir}@SSLBASE@/lib/engines/libgost.so" || \
+ @CP@ -p @SSLBASE@/lib/engines/libgost.so "${named_chrootdir}@SSLBASE@/lib/engines/libgost.so"
+ fi
+
+ if [ ! -d ${named_chrootdir}@VARBASE@/run/named ]; then
+ @MKDIR@ ${named_chrootdir}@VARBASE@/run/named
+ @CHOWN@ @BIND_USER@ ${named_chrootdir}@VARBASE@/run/named
+ fi
+
+ @RM@ -f ${pidfile}
+ @LN@ -s "${named_chrootdir}${pidfile}" ${pidfile}
+
+ # Change run_rc_commands()'s internal copy of $named_flags
+ #
+ rc_flags="-u @BIND_USER@ -t ${named_chrootdir} $rc_flags"
+}
+
+load_rc_config "$rcvar"
+run_rc_command "$1"
diff --git a/bind916/files/smf/manifest.xml b/bind916/files/smf/manifest.xml
new file mode 100644
index 0000000000..3b9c596553
--- /dev/null
+++ b/bind916/files/smf/manifest.xml
@@ -0,0 +1,138 @@
+<?xml version="1.0"?>
+<!--
+CDDL HEADER START
+
+The contents of this file are subject to the terms of the
+Common Development and Distribution License (the "License").
+You may not use this file except in compliance with the License.
+
+You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+or http://www.opensolaris.org/os/licensing.
+See the License for the specific language governing permissions
+and limitations under the License.
+
+When distributing Covered Code, include this CDDL HEADER in each
+file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+If applicable, add the following below this CDDL HEADER, with the
+fields enclosed by brackets "[]" replaced with your own identifying
+information: Portions Copyright [yyyy] [name of copyright owner]
+
+CDDL HEADER END
+-->
+<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
+<!--
+ Copyright 2007 Sun Microsystems, Inc. All rights reserved.
+ Use is subject to license terms.
+
+ ident "@(#)server.xml 1.8 07/06/19 SMI"
+-->
+<!-- Portions Copyright 2007 Vedran Bender -->
+<service_bundle type='manifest' name='export'>
+ <service name='@SMF_PREFIX@/@SMF_NAME@' type='service' version='1'>
+ <dependency name='filesystem_minimal' grouping='require_all' restart_on='none' type='service'>
+ <service_fmri value='svc:/system/filesystem/local' />
+ </dependency>
+ <dependency name='loopback' grouping='require_any' restart_on='error' type='service'>
+ <service_fmri value='svc:/network/loopback' />
+ </dependency>
+ <dependency name='network' grouping='optional_all' restart_on='error' type='service'>
+ <service_fmri value='svc:/milestone/network' />
+ </dependency>
+ <dependency name='config-files' grouping='require_any' restart_on='refresh' type='path'>
+ <service_fmri value='file://localhost@PKG_SYSCONFDIR@/named.conf' />
+ </dependency>
+ <!--
+ In order to run multiple named(1M) processes with their own
+ configuration file or properties each must have a unique
+ instance.
+ -->
+ <instance name='default' enabled='false'>
+ <exec_method type='method' name='start' exec='@PREFIX@/@SMF_METHOD_FILE.named@ %m %i' timeout_seconds='60'>
+ <method_context>
+ <method_credential user='root' group='root' />
+ </method_context>
+ </exec_method>
+ <exec_method type='method' name='stop' exec='@PREFIX@/@SMF_METHOD_FILE.named@ %m %i %{restarter/contract}' timeout_seconds='60'>
+ <method_context>
+ <method_credential user='root' group='root' />
+ </method_context>
+
+ </exec_method>
+ <!--
+ SIGHUP causes named to reread its configuration file, but not any
+ of the properties below.
+ -->
+ <exec_method type='method' name='refresh' exec=':kill -HUP' timeout_seconds='60'>
+ <method_context />
+ </exec_method>
+ <property_group name='general' type='framework'>
+ <!-- manage DNS server state -->
+ <propval name='action_authorization' type='astring' value='solaris.smf.manage.bind' />
+ <propval name='value_authorization' type='astring' value='solaris.smf.manage.bind' />
+ </property_group>
+ <!-- Default property settings for named(1M) instance. -->
+ <property_group name='options' type='application'>
+ <!--
+ server: specifies an alternative server command. If
+ not specified the default /usr/sbin/named is used.
+ -->
+ <propval name='server' type='astring' value='' />
+ <!--
+ configuration_file: specifies an alternative
+ configuration file to be used. The property is similar
+ to named(1M) command line option '-c'
+ -->
+ <propval name='configuration_file' type='astring' value='' />
+ <!--
+ ip_interfaces: specifies which IP transport BIND will
+ transmit on. Possible values are 'IPv4' or 'IPv6'. Any
+ other setting assumes 'all', the default.
+ Equivalent command line option '-4' or '-6'.
+ -->
+ <propval name='ip_interfaces' type='astring' value='all' />
+ <!--
+ listen_on_port: Specifies the default UDP and TCP port
+ which will be used to listen for DNS requests.
+ Equivalent command line option '-p <integer>'.
+ -->
+ <propval name='listen_on_port' type='integer' value='0' />
+ <!--
+ debug_level: Specifies the default debug level. The
+ default is 0; no debugging. The Higher the number the
+ more verbose debug information becomes.
+ Equivalent command line option '-d <integer>'.
+ -->
+ <propval name='debug_level' type='integer' value='0' />
+ <!--
+ threads: Specifies the number of cpu worker threads to
+ create. The default of 0 causes named to try and
+ determine the number of CPUs present and create one
+ thread per CPU.
+ Equivalent command line option '-n <integer>'.
+ -->
+ <propval name='threads' type='integer' value='0' />
+ <!--
+ chroot_dir: Change the root directory using chroot(2)
+ to directory after processing the command line
+ arguments, but before reading the configuration file.
+ Equivalent command line option '-t <pathname>'.
+ -->
+ <propval name='chroot_dir' type='astring' value='' />
+ <!--
+ user: Change the user id after processing command line
+ arguments, but before reading the configuration file.
+ Equivalent command line option '-u <user>'.
+ -->
+ <propval name='user' type='astring' value='named' />
+ </property_group>
+ </instance>
+ <template>
+ <common_name>
+ <loctext xml:lang='C'>BIND DNS server</loctext>
+ </common_name>
+ <documentation>
+ <manpage title='named' section='1M' manpath='@PREFIX@/@PKGMANDIR@' />
+ </documentation>
+ </template>
+ </service>
+</service_bundle>
diff --git a/bind916/files/smf/named.sh b/bind916/files/smf/named.sh
new file mode 100644
index 0000000000..a383c344eb
--- /dev/null
+++ b/bind916/files/smf/named.sh
@@ -0,0 +1,262 @@
+#!@SMF_METHOD_SHELL@
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Copyright 2007 Sun Microsystems, Inc. All rights reserved.
+# Use is subject to license terms.
+#
+#pragma ident "@(#)dns-server.sh 1.1 07/03/26 SMI"
+
+# smf_method(5) start/stop script required for server DNS
+
+. /lib/svc/share/smf_include.sh
+
+mount_chroot ()
+{
+ c=$1
+ shift
+ for f in $*; do
+ if [ -z "${f}" -o ! -f "${f}" -o \
+ -z "${c}" -o ! -d "${c}" ]; then
+ exit ${SMF_EXIT_ERR_CONFIG}
+ fi
+
+ umount ${c}/${f} >/dev/null 2>&1
+ mkdir -p `dirname ${c}/${f}`
+ touch ${c}/${f}
+ mount -Flofs ${f} ${c}/${f}
+ done
+}
+
+umount_chroot ()
+{
+ c=$1
+ shift
+ for f in $*; do
+ umount ${c}/${f} >/dev/null 2>&1
+ done
+}
+
+get_config ()
+{
+ configuration_file=@PKG_SYSCONFDIR@/named.conf
+ rndc_config_file=@PKG_SYSCONFDIR@/rndc.conf
+ rndc_key_file=@PKG_SYSCONFDIR@/rndc.key
+ rndc_cmd_opts="-a"
+ libraries="/usr/pkg/lib/engines/libgost.so"
+ cmdopts=""
+ checkopts=""
+ properties="debug_level ip_interfaces listen_on_port
+ threads chroot_dir configuration_file server user"
+
+ for prop in $properties
+ do
+ value=`/usr/bin/svcprop -p options/${prop} ${SMF_FMRI}`
+ if [ -z "${value}" -o "${value}" = '""' ]; then
+ continue;
+ fi
+
+ case $prop in
+ 'debug_level')
+ if [ ${value} -gt 0 ]; then
+ cmdopts="${cmdopts} -d ${value}"
+ fi
+ ;;
+ 'ip_interfaces')
+ case ${value} in
+ 'IPv4')
+ cmdopts="${cmdopts} -4";;
+ 'IPv6')
+ cmdopts="${cmdopts} -6";;
+ 'all')
+ : # Default is all, therefore ignore.
+ ;;
+ *)
+ echo "$I: Unrecognised value in service instance property" >&2
+ echo "$I: options/${prop} : ${value}" >&2
+ ;;
+ esac
+ ;;
+ 'listen_on_port')
+ if [ ${value} -gt 0 ]; then
+ cmdopts="${cmdopts} -p ${value}"
+ fi
+ ;;
+ 'threads')
+ if [ ${value} -gt 0 ]; then
+ cmdopts="${cmdopts} -n ${value}"
+ fi
+ ;;
+ 'chroot_dir')
+ cmdopts="${cmdopts} -t ${value}"
+ checkopts="${checkopts} -t ${value}"
+ chroot_dir=${value};
+ ;;
+ 'configuration_file')
+ cmdopts="${cmdopts} -c ${value}"
+ checkopts="${checkopts} ${value}"
+ configuration_file=${value};
+ ;;
+ 'server')
+ set -- `echo ${value} | /usr/bin/sed -e 's/\\\\//g'`
+ server=$@
+ ;;
+ 'user')
+ cmdopts="${cmdopts} -u ${value}"
+ cmduser=${value};
+ ;;
+ esac
+ done
+
+ configuration_dir=$(sed -n -e 's,^[[:space:]]*directory.*"\(.*\)";,\1,p' \
+ ${configuration_file})
+ [ "${configuration_dir}" == "" ] && configuration_dir=@PKG_SYSCONFDIR@/namedb
+
+ configuration_files=$(sed -n -e \
+ "s,^[[:space:]]*file.*\"\(.*\)\";,${configuration_dir}/\1,p" \
+ ${configuration_file} | sort -u)
+ configuration_files="${configuration_files} ${configuration_file}"
+}
+
+result=${SMF_EXIT_OK}
+
+# Read command line arguments
+method="$1" # %m
+instance="$2" # %i
+contract="$3" # %{restarter/contract}
+
+# Set defaults; SMF_FMRI should have been set, but just in case.
+if [ -z "$SMF_FMRI" ]; then
+ SMF_FMRI="svc:/@SMF_PREFIX@/@SMF_NAME@:${instance}"
+fi
+server="@PREFIX@/sbin/named"
+checkconf="@PREFIX@/sbin/named-checkconf"
+I=`/usr/bin/basename $0`
+
+case "$method" in
+'start')
+ get_config
+
+ # If chroot option is set, note zones(5) are preferred, then
+ # configuration file lives under chroot directory.
+ if [ "${chroot_dir}" != "" ]; then
+ if [ "${chroot_dir}" = "/" ]; then
+ msg="$I: chroot_dir must not be /"
+ echo ${msg} >&2
+ /usr/bin/logger -p daemon.error ${msg}
+ # dns-server should be placed in maintenance state.
+ exit ${SMF_EXIT_ERR_CONFIG}
+ fi
+
+ server="env LD_NOLAZYLOAD=1 ${server}"
+ checkconf="env LD_NOLAZYLOAD=1 ${checkconf}"
+
+ mkdir -p ${chroot_dir}
+
+ if [ "${SMF_ZONENAME}" = "global" ]; then
+ for dev in crypto log null poll random urandom; do
+ rm -f ${chroot_dir}/dev/${dev}
+ pax -rw -H -pe /dev/${dev} ${chroot_dir}
+ done
+ fi
+
+ missing=""
+ for dev in crypto null poll random urandom; do
+ if [ ! -e "${chroot_dir}/dev/${dev}" ]; then
+ missing="${missing} ${dev}"
+ fi
+ done
+
+ if [ ! -z "${missing}" ]; then
+ msg="$I: missing device nodes in ${chroot_dir}: ${missing}"
+ echo ${msg} >&2
+ /usr/bin/logger -p daemon.err ${msg}
+ # dns-server should be placed in maintenance state.
+ exit ${SMF_EXIT_ERR_CONFIG}
+ fi
+
+ mount_chroot ${chroot_dir} ${configuration_files} ${libraries}
+
+ mkdir -p ${chroot_dir}/var/run/named
+ chown ${cmduser}:${cmduser} ${chroot_dir}/var/run/named
+
+ configuration_file=${chroot_dir}${configuration_file}
+ rndc_config_file=${chroot_dir}${rndc_config_file}
+ rndc_key_file=${chroot_dir}${rndc_key_file}
+ rndc_cmd_opts="${rndc_cmd_opts} -t ${chroot_dir}"
+ else
+ mkdir -p 0770 @VARBASE@/run/named
+ chown ${cmduser}:${cmduser} @VARBASE@/run/named
+ fi
+
+ # Check if the rndc config file exists.
+ if [ ! -f ${rndc_config_file} ]; then
+ # If not, check if the default rndc key file exists.
+ if [ ! -f ${rndc_key_file} ]; then
+ echo "$I: Creating default rndc key file: ${rndc_key_file}." >&2
+ @PREFIX@/sbin/rndc-confgen ${rndc_cmd_opts}
+ if [ $? -ne 0 ]; then
+ echo "$I : Warning: rndc configuration failed! Use of 'rndc' to" \
+ "control 'named' may fail and 'named' may report further error" \
+ "messages to the system log. This is not fatal. For more" \
+ "information see rndc(1M) and rndc-confgen(1M)." >&2
+ fi
+ fi
+ fi
+
+ if [ ${result} = ${SMF_EXIT_OK} ]; then
+ ${checkconf} -z ${checkopts}
+ result=$?
+ if [ $result -ne 0 ]; then
+ msg="$I: named-checkconf failed to verify configuration"
+ echo ${msg} >&2
+ /usr/bin/logger -p daemon.error ${msg}
+ if [ "${chroot_dir}" != "" -a "${chroot_dir}" != "/" ]; then
+ umount_chroot ${chroot_dir} ${configuration_files} ${libraries}
+ fi
+ # dns-server should be placed in maintenance state.
+ exit ${SMF_EXIT_ERR_CONFIG}
+ fi
+ fi
+
+ if [ ${result} = ${SMF_EXIT_OK} ]; then
+ echo "$I: Executing: ${server} ${cmdopts}"
+ # Execute named(1M) with relevant command line options.
+ ${server} ${cmdopts}
+ result=$?
+ fi
+ ;;
+'stop')
+ get_config
+
+ smf_kill_contract ${contract} TERM 1
+ [ $? -ne 0 ] && exit 1
+
+ if [ "${chroot_dir}" != "" -a "${chroot_dir}" != "/" ]; then
+ umount_chroot ${chroot_dir} ${configuration_files} ${libraries}
+ fi
+
+ ;;
+*)
+ echo "Usage: $I [stop|start] <instance>" >&2
+ exit 1
+ ;;
+esac
+exit ${result}
diff --git a/bind916/options.mk b/bind916/options.mk
new file mode 100644
index 0000000000..e989593311
--- /dev/null
+++ b/bind916/options.mk
@@ -0,0 +1,142 @@
+# $NetBSD: options.mk,v 1.3 2019/11/03 11:45:30 rillig Exp $
+
+PKG_OPTIONS_VAR= PKG_OPTIONS.bind914
+PKG_SUPPORTED_OPTIONS= bind-dig-sigchase bind-xml-statistics-server
+PKG_SUPPORTED_OPTIONS+= bind-json-statistics-server blacklist
+PKG_SUPPORTED_OPTIONS+= threads readline mysql pgsql ldap dlz-filesystem
+PKG_SUPPORTED_OPTIONS+= geoip tuning dnstap # pkcs11
+PKG_SUGGESTED_OPTIONS+= readline
+
+PLIST_VARS+= dnstap pkcs11
+
+PTHREAD_OPTS+= native
+.include "../../mk/pthread.buildlink3.mk"
+
+.if defined(PTHREAD_TYPE) && (${PTHREAD_TYPE} == "none") || \
+ !empty(MACHINE_PLATFORM:MNetBSD-*-vax) || \
+ !empty(MACHINE_PLATFORM:MNetBSD-*-sparc) || \
+ !empty(MACHINE_PLATFORM:MNetBSD-*-sparc64) || \
+ !empty(MACHINE_PLATFORM:MNetBSD-*-m68k)
+# don't touch PKG_SUGGESTED_OPTIONS
+.else
+PKG_SUGGESTED_OPTIONS+= threads
+.endif
+
+.if ${OPSYS} == "NetBSD"
+. if !empty(OS_VERSION:M[8-9].*)
+# Needs to be re-written for BIND 9.16.x
+# PKG_SUGGESTED_OPTIONS+= blacklist
+. endif
+.endif
+
+.include "../../mk/bsd.options.mk"
+
+###
+### The mysql pgsql ldap dlz-filesystem options are all for BIND
+### DLZ (Dynamically Loadable Zones) functionality
+###
+### NOTE: bdb is excluded on purpose as pkgsrc does not contain
+### a bdb v4.1 or 4.2 package which is what BIND needs.
+### The majority of these are compile tested only
+###
+
+.if !empty(PKG_OPTIONS:Mmysql)
+.include "../../mk/mysql.buildlink3.mk"
+CONFIGURE_ARGS+= --with-dlz-mysql=${BUILDLINK_PREFIX.mysql-client}
+.endif
+
+.if !empty(PKG_OPTIONS:Mpgsql)
+.include "../../mk/pgsql.buildlink3.mk"
+CONFIGURE_ARGS+= --with-dlz-postgres=${BUILDLINK_PREFIX.${PGSQL_TYPE}}
+CONFIGURE_ENV+= ac_cv_path_PG_CONFIG=${PREFIX}/bin/pg_config
+.endif
+
+.if !empty(PKG_OPTIONS:Mldap)
+.include "../../databases/openldap-client/buildlink3.mk"
+CONFIGURE_ARGS+= --with-dlz-ldap=${BUILDLINK_PREFIX.openldap-client}
+.endif
+
+.if !empty(PKG_OPTIONS:Mdlz-filesystem)
+CONFIGURE_ARGS+= --with-dlz-filesystem
+.endif
+
+.if !empty(PKG_OPTIONS:Mblacklist)
+CONFIGURE_ARGS+= --with-blacklist=yes
+.else
+CONFIGURE_ARGS+= --with-blacklist=no
+.endif
+
+.if !empty(PKG_OPTIONS:Mgeoip)
+CONFIGURE_ARGS+= --with-geoip=${PREFIX}
+LDFLAGS+= -lGeoIP
+.include "../../net/GeoIP/buildlink3.mk"
+.endif
+
+.if !empty(PKG_OPTIONS:Mpkcs11)
+CONFIGURE_ARGS+= --enable-native-pkcs11
+PLIST.pkcs11= yes
+.else
+CONFIGURE_ARGS+= --disable-native-pkcs11
+.endif
+
+.if !empty(PKG_OPTIONS:Mtuning)
+CONFIGURE_ARGS+= --with-tuning=large
+.endif
+
+.if !empty(PKG_OPTIONS:Mdnstap)
+CONFIGURE_ARGS+= --enable-dnstap
+PLIST.dnstap= yes
+.include "../../net/fstrm/buildlink3.mk"
+.include "../../devel/protobuf/buildlink3.mk"
+.include "../../devel/protobuf-c/buildlink3.mk"
+.endif
+
+###
+### The statistics server in bind99 and later needs libxml2
+###
+.if !empty(PKG_OPTIONS:Mbind-xml-statistics-server)
+.include "../../textproc/libxml2/buildlink3.mk"
+CONFIGURE_ARGS+= --with-libxml2
+LDFLAGS+= -lxml2
+.else
+CONFIGURE_ARGS+= --without-libxml2
+.endif
+
+###
+### The statistics server in bind911 and later supports json
+###
+.if !empty(PKG_OPTIONS:Mbind-json-statistics-server)
+.include "../../textproc/json-c/buildlink3.mk"
+CONFIGURE_ARGS+= --with-libjson
+.else
+CONFIGURE_ARGS+= --without-libjson
+.endif
+
+###
+### pthreads support (also see magic above)
+###
+.if !empty(PKG_OPTIONS:Mthreads)
+PTHREAD_AUTO_VARS= yes
+CONFIGURE_ARGS+= --enable-threads
+.else
+CONFIGURE_ARGS+= --disable-threads
+.endif
+
+###
+### readline support in dig(1) and nsupdate(1).
+###
+.if !empty(PKG_OPTIONS:Mreadline)
+.include "../../mk/readline.buildlink3.mk"
+CONFIGURE_ARGS+= --with-readline
+.else
+CONFIGURE_ARGS+= --without-readline
+.endif
+
+###
+### dig(1) option +sigchase for DNSSEC signature chasing
+###
+.if !empty(PKG_OPTIONS:Mbind-dig-sigchase)
+# If anything else needs to add entries to STD_CDEFINES, this will need
+# to be changed so that the two can cooperate.
+CONFIGURE_ENV+= STD_CDEFINES=-DDIG_SIGCHASE=1
+.endif
diff --git a/bind916/patches/patch-bin_named_Makefile.in b/bind916/patches/patch-bin_named_Makefile.in
new file mode 100644
index 0000000000..bf3f3c3de9
--- /dev/null
+++ b/bind916/patches/patch-bin_named_Makefile.in
@@ -0,0 +1,38 @@
+$NetBSD: patch-bin_named_Makefile.in,v 1.2 2019/07/18 03:02:02 taca Exp $
+
+* Add support for blacklistd.
+
+--- bin/named/Makefile.in.orig 2019-07-09 18:15:48.000000000 +0000
++++ bin/named/Makefile.in
+@@ -89,6 +89,7 @@ SUBDIRS = unix
+
+ TARGETS = named@EXEEXT@
+
++BLACKLISTLINKOBJS= pfilter.@O@
+ GEOIP2LINKOBJS = geoip.@O@
+
+ OBJS = builtin.@O@ config.@O@ control.@O@ \
+@@ -97,12 +98,13 @@ OBJS = builtin.@O@ config.@O@ control.@
+ log.@O@ logconf.@O@ main.@O@ \
+ server.@O@ statschannel.@O@ \
+ tkeyconf.@O@ tsigconf.@O@ zoneconf.@O@ \
+- ${DLZDRIVER_OBJS} ${DBDRIVER_OBJS}
++ ${BLACKLISTLINKOBJS} ${DLZDRIVER_OBJS} ${DBDRIVER_OBJS}
+
+ UOBJS = unix/os.@O@ unix/dlz_dlopen_driver.@O@
+
+ SYMOBJS = symtbl.@O@
+
++BLACKLISTLINKSRCS= pfilter.c
+ GEOIP2LINKSRCS = geoip.c
+
+ SRCS = builtin.c config.c control.c \
+@@ -111,7 +113,7 @@ SRCS = builtin.c config.c control.c \
+ log.c logconf.c main.c \
+ server.c statschannel.c \
+ tkeyconf.c tsigconf.c zoneconf.c \
+- ${DLZDRIVER_SRCS} ${DBDRIVER_SRCS}
++ ${BLACKLISTLINKSRCS} ${DLZDRIVER_SRCS} ${DBDRIVER_SRCS}
+
+ MANPAGES = named.8 named.conf.5
+
diff --git a/bind916/patches/patch-bin_named_main.c b/bind916/patches/patch-bin_named_main.c
new file mode 100644
index 0000000000..124dcca8aa
--- /dev/null
+++ b/bind916/patches/patch-bin_named_main.c
@@ -0,0 +1,27 @@
+$NetBSD: patch-bin_named_main.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* Add support for blacklistd.
+
+--- bin/named/main.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ bin/named/main.c
+@@ -94,6 +94,9 @@
+ #ifdef HAVE_ZLIB
+ #include <zlib.h>
+ #endif /* ifdef HAVE_ZLIB */
++#ifdef HAVE_BLACKLIST
++#include "pfilter.h"
++#endif
+ /*
+ * Include header files for database drivers here.
+ */
+@@ -1528,6 +1531,10 @@ main(int argc, char *argv[]) {
+
+ parse_command_line(argc, argv);
+
++#ifdef HAVE_BLACKLIST
++ pfilter_open();
++#endif
++
+ #ifdef ENABLE_AFL
+ if (named_g_fuzz_type != isc_fuzz_none) {
+ named_fuzz_setup();
diff --git a/bind916/patches/patch-bin_named_pfilter.c b/bind916/patches/patch-bin_named_pfilter.c
new file mode 100644
index 0000000000..f9433428b5
--- /dev/null
+++ b/bind916/patches/patch-bin_named_pfilter.c
@@ -0,0 +1,58 @@
+$NetBSD: patch-bin_named_pfilter.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* Add support for blacklistd.
+
+--- bin/named/pfilter.c.orig 2019-04-29 08:47:44.504984633 +0000
++++ bin/named/pfilter.c
+@@ -0,0 +1,51 @@
++#include <config.h>
++
++#include <isc/platform.h>
++#include <isc/util.h>
++#include <named/types.h>
++#include <ns/client.h>
++
++#ifdef HAVE_BLACKLIST
++
++#include <blacklist.h>
++
++#include "pfilter.h"
++
++static struct blacklist *blstate;
++
++void
++pfilter_open(void)
++{
++ if (blstate == NULL)
++ blstate = blacklist_open();
++}
++
++#define TCP_CLIENT(c) (((c)->attributes & NS_CLIENTATTR_TCP) != 0)
++
++void
++pfilter_notify(isc_result_t res, ns_client_t *client, const char *msg)
++{
++ isc_socket_t *socket;
++
++ pfilter_open();
++
++ if (TCP_CLIENT(client))
++ socket = client->tcpsocket;
++ else {
++ socket = client->udpsocket;
++ if (!client->peeraddr_valid)
++ return;
++ }
++
++ if (socket == NULL)
++ return;
++
++ if (blstate == NULL)
++ return;
++
++ blacklist_sa_r(blstate,
++ res != ISC_R_SUCCESS, isc_socket_getfd(socket),
++ &client->peeraddr.type.sa, client->peeraddr.length, msg);
++}
++
++#endif /* HAVE_BLACKLIST */
diff --git a/bind916/patches/patch-bin_named_pfilter.h b/bind916/patches/patch-bin_named_pfilter.h
new file mode 100644
index 0000000000..6fcb004b9a
--- /dev/null
+++ b/bind916/patches/patch-bin_named_pfilter.h
@@ -0,0 +1,9 @@
+$NetBSD: patch-bin_named_pfilter.h,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* Add support for blacklistd.
+
+--- bin/named/pfilter.h.orig 2019-04-29 06:38:25.989360716 +0000
++++ bin/named/pfilter.h
+@@ -0,0 +1,2 @@
++void pfilter_open(void);
++void pfilter_notify(isc_result_t, ns_client_t *, const char *);
diff --git a/bind916/patches/patch-bin_named_server.c b/bind916/patches/patch-bin_named_server.c
new file mode 100644
index 0000000000..d7c7bd2d67
--- /dev/null
+++ b/bind916/patches/patch-bin_named_server.c
@@ -0,0 +1,38 @@
+$NetBSD: patch-bin_named_server.c,v 1.2 2019/05/02 13:29:53 taca Exp $
+
+* Disable checking working directory is writable as BIND_USER in NetBSD
+ base system.
+
+--- bin/named/server.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ bin/named/server.c
+@@ -6667,12 +6667,14 @@ directory_callback(const char *clausenam
+ directory);
+ }
+
++#if 0
+ if (!isc_file_isdirwritable(directory)) {
+ isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL,
+ NAMED_LOGMODULE_SERVER, ISC_LOG_ERROR,
+ "directory '%s' is not writable", directory);
+ return (ISC_R_NOPERM);
+ }
++#endif
+
+ result = isc_dir_chdir(directory);
+ if (result != ISC_R_SUCCESS) {
+@@ -9110,6 +9112,7 @@ load_configuration(const char *filename,
+ named_os_changeuser();
+ }
+
++#if 0
+ /*
+ * Check that the working directory is writable.
+ */
+@@ -9120,6 +9123,7 @@ load_configuration(const char *filename,
+ result = ISC_R_NOPERM;
+ goto cleanup;
+ }
++#endif
+
+ #ifdef HAVE_LMDB
+ /*
diff --git a/bind916/patches/patch-bin_nsupdate_nsupdate.c b/bind916/patches/patch-bin_nsupdate_nsupdate.c
new file mode 100644
index 0000000000..2451403697
--- /dev/null
+++ b/bind916/patches/patch-bin_nsupdate_nsupdate.c
@@ -0,0 +1,24 @@
+$NetBSD: patch-bin_nsupdate_nsupdate.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* C syntax.
+
+--- bin/nsupdate/nsupdate.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ bin/nsupdate/nsupdate.c
+@@ -214,7 +214,7 @@ typedef struct nsu_gssinfo {
+ } nsu_gssinfo_t;
+
+ static void
+-failed_gssrequest();
++failed_gssrequest(void);
+ static void
+ start_gssrequest(dns_name_t *master);
+ static void
+@@ -2797,7 +2797,7 @@ get_ticket_realm(isc_mem_t *mctx) {
+ }
+
+ static void
+-failed_gssrequest() {
++failed_gssrequest(void) {
+ seenerror = true;
+
+ dns_name_free(&tmpzonename, gmctx);
diff --git a/bind916/patches/patch-bin_pkcs11_pkcs11-keygen.c b/bind916/patches/patch-bin_pkcs11_pkcs11-keygen.c
new file mode 100644
index 0000000000..e486a6926a
--- /dev/null
+++ b/bind916/patches/patch-bin_pkcs11_pkcs11-keygen.c
@@ -0,0 +1,30 @@
+$NetBSD: patch-bin_pkcs11_pkcs11-keygen.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* Honor HAVE_PKCS11_ECDSA.
+
+--- bin/pkcs11/pkcs11-keygen.c.orig 2019-02-27 23:42:04.000000000 +0000
++++ bin/pkcs11/pkcs11-keygen.c
+@@ -421,13 +421,23 @@ main(int argc, char *argv[]) {
+ id_offset = ECC_ID;
+
+ if (bits == 256) {
++#if HAVE_PKCS11_ECDSA
+ public_template[4].pValue = pk11_ecc_prime256v1;
+ public_template[4].ulValueLen =
+ sizeof(pk11_ecc_prime256v1);
++#else
++ fprintf(stderr, "PRIME256v1 is not supported\n");
++ usage();
++#endif
+ } else {
++#if HAVE_PKCS11_ECDSA
+ public_template[4].pValue = pk11_ecc_secp384r1;
+ public_template[4].ulValueLen =
+ sizeof(pk11_ecc_secp384r1);
++#else
++ fprintf(stderr, "SEP384r1 is not supported\n");
++ usage();
++#endif
+ }
+
+ break;
diff --git a/bind916/patches/patch-bin_tests_system_kasp_tests.sh b/bind916/patches/patch-bin_tests_system_kasp_tests.sh
new file mode 100644
index 0000000000..f5eab84f4c
--- /dev/null
+++ b/bind916/patches/patch-bin_tests_system_kasp_tests.sh
@@ -0,0 +1,157 @@
+$NetBSD$
+
+Portability in shell script, don't use == with test.
+
+--- bin/tests/system/kasp/tests.sh.orig 2020-05-06 09:59:35.000000000 +0000
++++ bin/tests/system/kasp/tests.sh
+@@ -281,7 +281,7 @@ check_key() {
+ # Check file existence.
+ [ -s "$KEY_FILE" ] || ret=1
+ [ -s "$PRIVATE_FILE" ] || ret=1
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ [ -s "$STATE_FILE" ] || ret=1
+ fi
+ [ "$ret" -eq 0 ] || log_error "${BASE_FILE} files missing"
+@@ -296,9 +296,9 @@ check_key() {
+ grep "Private-key-format: v1.3" "$PRIVATE_FILE" > /dev/null || log_error "mismatch private key format in $PRIVATE_FILE"
+ grep "Algorithm: ${_alg_num} (${_alg_string})" "$PRIVATE_FILE" > /dev/null || log_error "mismatch algorithm in $PRIVATE_FILE"
+ # Now check the key state file.
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "This is the state of key ${_key_id}, for ${_zone}." "$STATE_FILE" > /dev/null || log_error "mismatch top comment in $STATE_FILE"
+- if [ "$_lifetime" == "none" ]; then
++ if [ "$_lifetime" = "none" ]; then
+ grep "Lifetime: " "$STATE_FILE" > /dev/null && log_error "unexpected lifetime in $STATE_FILE"
+ else
+ grep "Lifetime: ${_lifetime}" "$STATE_FILE" > /dev/null || log_error "mismatch lifetime in $STATE_FILE"
+@@ -352,13 +352,13 @@ check_key() {
+ if [ "$_published" = "none" ]; then
+ grep "; Publish:" "$KEY_FILE" > /dev/null && log_error "unexpected publish comment in $KEY_FILE"
+ grep "Publish:" "$PRIVATE_FILE" > /dev/null && log_error "unexpected publish in $PRIVATE_FILE"
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "Published: " "$STATE_FILE" > /dev/null && log_error "unexpected publish in $STATE_FILE"
+ fi
+ else
+ grep "; Publish:" "$KEY_FILE" > /dev/null || log_error "mismatch publish comment in $KEY_FILE"
+ grep "Publish:" "$PRIVATE_FILE" > /dev/null || log_error "mismatch publish in $PRIVATE_FILE"
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "Published:" "$STATE_FILE" > /dev/null || log_error "mismatch publish in $STATE_FILE"
+ fi
+ fi
+@@ -366,13 +366,13 @@ check_key() {
+ if [ "$_active" = "none" ]; then
+ grep "; Activate:" "$KEY_FILE" > /dev/null && log_error "unexpected active comment in $KEY_FILE"
+ grep "Activate:" "$PRIVATE_FILE" > /dev/null && log_error "unexpected active in $PRIVATE_FILE"
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "Active: " "$STATE_FILE" > /dev/null && log_error "unexpected active in $STATE_FILE"
+ fi
+ else
+ grep "; Activate:" "$KEY_FILE" > /dev/null || log_error "mismatch active comment in $KEY_FILE"
+ grep "Activate:" "$PRIVATE_FILE" > /dev/null || log_error "mismatch active in $PRIVATE_FILE"
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "Active: " "$STATE_FILE" > /dev/null || log_error "mismatch active in $STATE_FILE"
+ fi
+ fi
+@@ -380,13 +380,13 @@ check_key() {
+ if [ "$_retired" = "none" ]; then
+ grep "; Inactive:" "$KEY_FILE" > /dev/null && log_error "unexpected retired comment in $KEY_FILE"
+ grep "Inactive:" "$PRIVATE_FILE" > /dev/null && log_error "unexpected retired in $PRIVATE_FILE"
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "Retired: " "$STATE_FILE" > /dev/null && log_error "unexpected retired in $STATE_FILE"
+ fi
+ else
+ grep "; Inactive:" "$KEY_FILE" > /dev/null || log_error "mismatch retired comment in $KEY_FILE"
+ grep "Inactive:" "$PRIVATE_FILE" > /dev/null || log_error "mismatch retired in $PRIVATE_FILE"
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "Retired: " "$STATE_FILE" > /dev/null || log_error "mismatch retired in $STATE_FILE"
+ fi
+ fi
+@@ -394,13 +394,13 @@ check_key() {
+ if [ "$_revoked" = "none" ]; then
+ grep "; Revoke:" "$KEY_FILE" > /dev/null && log_error "unexpected revoked comment in $KEY_FILE"
+ grep "Revoke:" "$PRIVATE_FILE" > /dev/null && log_error "unexpected revoked in $PRIVATE_FILE"
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "Revoked: " "$STATE_FILE" > /dev/null && log_error "unexpected revoked in $STATE_FILE"
+ fi
+ else
+ grep "; Revoke:" "$KEY_FILE" > /dev/null || log_error "mismatch revoked comment in $KEY_FILE"
+ grep "Revoke:" "$PRIVATE_FILE" > /dev/null || log_error "mismatch revoked in $PRIVATE_FILE"
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "Revoked: " "$STATE_FILE" > /dev/null || log_error "mismatch revoked in $STATE_FILE"
+ fi
+ fi
+@@ -408,20 +408,20 @@ check_key() {
+ if [ "$_removed" = "none" ]; then
+ grep "; Delete:" "$KEY_FILE" > /dev/null && log_error "unexpected removed comment in $KEY_FILE"
+ grep "Delete:" "$PRIVATE_FILE" > /dev/null && log_error "unexpected removed in $PRIVATE_FILE"
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "Removed: " "$STATE_FILE" > /dev/null && log_error "unexpected removed in $STATE_FILE"
+ fi
+ else
+ grep "; Delete:" "$KEY_FILE" > /dev/null || log_error "mismatch removed comment in $KEY_FILE"
+ grep "Delete:" "$PRIVATE_FILE" > /dev/null || log_error "mismatch removed in $PRIVATE_FILE"
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "Removed: " "$STATE_FILE" > /dev/null || log_error "mismatch removed in $STATE_FILE"
+ fi
+ fi
+
+ grep "; Created:" "$KEY_FILE" > /dev/null || log_error "mismatch created comment in $KEY_FILE"
+ grep "Created:" "$PRIVATE_FILE" > /dev/null || log_error "mismatch created in $PRIVATE_FILE"
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "Generated: " "$STATE_FILE" > /dev/null || log_error "mismatch generated in $STATE_FILE"
+ fi
+ }
+@@ -470,7 +470,7 @@ key_unused() {
+ grep "Revoke:" "$PRIVATE_FILE" > /dev/null && log_error "unexpected revoked in $PRIVATE_FILE"
+ grep "Delete:" "$PRIVATE_FILE" > /dev/null && log_error "unexpected removed in $PRIVATE_FILE"
+
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "Published: " "$STATE_FILE" > /dev/null && log_error "unexpected publish in $STATE_FILE"
+ grep "Active: " "$STATE_FILE" > /dev/null && log_error "unexpected active in $STATE_FILE"
+ grep "Retired: " "$STATE_FILE" > /dev/null && log_error "unexpected retired in $STATE_FILE"
+@@ -3134,8 +3134,8 @@ dnssec_verify
+ n=$((n+1))
+ echo_i "check that of zone ${ZONE} migration to dnssec-policy uses the same keys ($n)"
+ ret=0
+-[ $_migrate_ksk == $(key_get KEY1 ID) ] || log_error "mismatch ksk tag"
+-[ $_migrate_zsk == $(key_get KEY2 ID) ] || log_error "mismatch zsk tag"
++[ $_migrate_ksk = $(key_get KEY1 ID) ] || log_error "mismatch ksk tag"
++[ $_migrate_zsk = $(key_get KEY2 ID) ] || log_error "mismatch zsk tag"
+ status=$((status+ret))
+
+ # Test migration to dnssec-policy, existing keys do not match key algorithm.
+@@ -3191,8 +3191,8 @@ dnssec_verify
+ n=$((n+1))
+ echo_i "check that of zone ${ZONE} migration to dnssec-policy keeps existing keys ($n)"
+ ret=0
+-[ $_migratenomatch_algnum_ksk == $(key_get KEY1 ID) ] || log_error "mismatch ksk tag"
+-[ $_migratenomatch_algnum_zsk == $(key_get KEY2 ID) ] || log_error "mismatch zsk tag"
++[ $_migratenomatch_algnum_ksk = $(key_get KEY1 ID) ] || log_error "mismatch ksk tag"
++[ $_migratenomatch_algnum_zsk = $(key_get KEY2 ID) ] || log_error "mismatch zsk tag"
+ status=$((status+ret))
+
+ # Test migration to dnssec-policy, existing keys do not match key length.
+@@ -3249,8 +3249,8 @@ dnssec_verify
+ n=$((n+1))
+ echo_i "check that of zone ${ZONE} migration to dnssec-policy keeps existing keys ($n)"
+ ret=0
+-[ $_migratenomatch_alglen_ksk == $(key_get KEY1 ID) ] || log_error "mismatch ksk tag"
+-[ $_migratenomatch_alglen_zsk == $(key_get KEY2 ID) ] || log_error "mismatch zsk tag"
++[ $_migratenomatch_alglen_ksk = $(key_get KEY1 ID) ] || log_error "mismatch ksk tag"
++[ $_migratenomatch_alglen_zsk = $(key_get KEY2 ID) ] || log_error "mismatch zsk tag"
+ status=$((status+ret))
+
+ #
diff --git a/bind916/patches/patch-bin_tests_system_metadata_tests.sh b/bind916/patches/patch-bin_tests_system_metadata_tests.sh
new file mode 100644
index 0000000000..f43017a2fd
--- /dev/null
+++ b/bind916/patches/patch-bin_tests_system_metadata_tests.sh
@@ -0,0 +1,15 @@
+$NetBSD: patch-bin_tests_system_metadata_tests.sh,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* Avoid using "==" for argument of test(1).
+
+--- bin/tests/system/metadata/tests.sh.orig 2018-07-03 06:56:55.000000000 +0000
++++ bin/tests/system/metadata/tests.sh
+@@ -139,7 +139,7 @@ status=`expr $status + $ret`
+
+ echo_i "checking warning about permissions change on key with dnssec-settime ($n)"
+ uname=`uname -o 2> /dev/null`
+-if [ Cygwin == "$uname" ]; then
++if [ Cygwin = "$uname" ]; then
+ echo_i "Cygwin detected, skipping"
+ else
+ ret=0
diff --git a/bind916/patches/patch-bin_tests_system_rpz_tests.sh b/bind916/patches/patch-bin_tests_system_rpz_tests.sh
new file mode 100644
index 0000000000..7a9a911cce
--- /dev/null
+++ b/bind916/patches/patch-bin_tests_system_rpz_tests.sh
@@ -0,0 +1,15 @@
+$NetBSD: patch-bin_tests_system_rpz_tests.sh,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* Avoid using "==" for argument of test(1).
+
+--- bin/tests/system/rpz/tests.sh.orig 2019-04-06 20:09:59.000000000 +0000
++++ bin/tests/system/rpz/tests.sh
+@@ -209,7 +209,7 @@ restart () {
+ fi
+ fi
+ rm -f ns$1/*.jnl
+- if [ "$2" == "rebuild-bl-rpz" ]; then
++ if [ "$2" = "rebuild-bl-rpz" ]; then
+ if test -f ns$1/base.db; then
+ for NM in ns$1/bl*.db; do
+ cp -f ns$1/base.db $NM
diff --git a/bind916/patches/patch-bin_tools_arpaname.c b/bind916/patches/patch-bin_tools_arpaname.c
new file mode 100644
index 0000000000..1816c14d0b
--- /dev/null
+++ b/bind916/patches/patch-bin_tools_arpaname.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-bin_tools_arpaname.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* C syntax.
+
+--- bin/tools/arpaname.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ bin/tools/arpaname.c
+@@ -14,7 +14,7 @@
+ #include <isc/net.h>
+ #include <isc/print.h>
+
+-#define UNUSED(x) (void)(x)
++#define UNUSED(x) (void)&(x)
+
+ int
+ main(int argc, char *argv[]) {
diff --git a/bind916/patches/patch-bin_tools_nsec3hash.c b/bind916/patches/patch-bin_tools_nsec3hash.c
new file mode 100644
index 0000000000..e3106e7439
--- /dev/null
+++ b/bind916/patches/patch-bin_tools_nsec3hash.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-bin_tools_nsec3hash.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* C syntax.
+
+--- bin/tools/nsec3hash.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ bin/tools/nsec3hash.c
+@@ -56,7 +56,7 @@ check_result(isc_result_t result, const
+ }
+
+ static void
+-usage() {
++usage(void) {
+ fprintf(stderr, "Usage: %s salt algorithm iterations domain\n",
+ program);
+ fprintf(stderr, " %s -r algorithm flags iterations salt domain\n",
diff --git a/bind916/patches/patch-config.h.in b/bind916/patches/patch-config.h.in
new file mode 100644
index 0000000000..72d0329afd
--- /dev/null
+++ b/bind916/patches/patch-config.h.in
@@ -0,0 +1,16 @@
+$NetBSD: patch-config.h.in,v 1.2 2019/06/20 02:16:53 taca Exp $
+
+* Add support for blacklistd.
+
+--- config.h.in.orig 2019-06-04 15:20:04.000000000 +0000
++++ config.h.in
+@@ -48,6 +48,9 @@
+ /* define if the ARM yield instruction is available */
+ #undef HAVE_ARM_YIELD
+
++/* Define to 1 if blacklist is supported. */
++#undef HAVE_BLACKLIST
++
+ /* Define to 1 if the compiler supports __builtin_clz. */
+ #undef HAVE_BUILTIN_CLZ
+
diff --git a/bind916/patches/patch-config.threads.in b/bind916/patches/patch-config.threads.in
new file mode 100644
index 0000000000..352b309bf9
--- /dev/null
+++ b/bind916/patches/patch-config.threads.in
@@ -0,0 +1,15 @@
+$NetBSD: patch-config.threads.in,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* Add DragonFly support.
+
+--- config.threads.in.orig 2019-04-06 20:09:59.000000000 +0000
++++ config.threads.in
+@@ -48,6 +48,8 @@ case $host in
+ use_threads=false ;;
+ *-freebsd*)
+ use_threads=true ;;
++*-dragonfly*)
++ use_threads=false ;;
+ *-linux*)
+ use_threads=true ;;
+ *-darwin[[123456789]].*)
diff --git a/bind916/patches/patch-configure b/bind916/patches/patch-configure
new file mode 100644
index 0000000000..b14beae505
--- /dev/null
+++ b/bind916/patches/patch-configure
@@ -0,0 +1,225 @@
+$NetBSD: patch-configure,v 1.2 2019/06/20 02:16:53 taca Exp $
+
+* Add DragonFly support.
+* Use proper link options for NetBSD.
+* Link proper postgresql library.
+* Add support for blacklistd.
+
+--- configure.orig 2019-06-04 15:20:04.000000000 +0000
++++ configure
+@@ -725,6 +725,9 @@ purify_path
+ MKDEPPROG
+ MKDEPCFLAGS
+ MKDEPCC
++BLACKLIST
++BLACKLISTLINKOBJS
++BLACKLISTLINKSRCS
+ ZLIB_LIBS
+ ZLIB_CFLAGS
+ JSON_C_LIBS
+@@ -1712,6 +1715,7 @@ Optional Packages:
+ --with-dlz-stub=ARG Build with stub DLZ driver [yes|no]. (Required to
+ use stub driver with DLZ)
+ --with-make-clean run "make clean" at end of configure [yes|no]
++ --with-blacklist Build with blacklist
+
+ Some influential environment variables:
+ CC C compiler command
+@@ -3908,7 +3912,7 @@ fi
+
+ # On IRIX 5.3, sys/types and inttypes.h are conflicting.
+ for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \
+- inttypes.h stdint.h unistd.h
++ inttypes.h stdint.h unistd.h blacklist.h
+ do :
+ as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+ ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
+@@ -18141,6 +18145,139 @@ fi ;; #(
+ esac
+
+
++#
++# was --with-blacklist specified?
++#
++BLACKLISTLINKOBJS=
++BLACKLISTLINKSRCS=
++
++{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for blacklist library" >&5
++$as_echo_n "checking for blacklist library... " >&6; }
++
++# Check whether --with-blacklist was given.
++if test "${with_blacklist+set}" = set; then :
++ withval=$with_blacklist; with_blacklist="$withval"
++else
++ with_blacklist="auto"
++fi
++
++
++have_blacklist=""
++case "$with_blacklist" in
++ no)
++ blacklist_libs=""
++ ;;
++ auto|yes)
++ for d in /usr /usr/local /opt/local
++ do
++ if test -f "${d}/include/blacklist.h"
++ then
++ if test ${d} != /usr
++ then
++ blacklist_cflags="-I ${d}/include"
++ LIBS="$LIBS -L${d}/lib"
++ fi
++ have_blacklist="yes"
++ fi
++ done
++ ;;
++ *)
++ if test -f "${with_blacklist}/include/blacklist.h"
++ then
++ blacklist_cflags="-I${with_blacklist}/include"
++ LIBS="$LIBS -L${with_blacklist}/lib"
++ have_blacklist="yes"
++ else
++ as_fn_error $? "$with_blacklist/include/blacklist.h not found." "$LINENO" 5
++ fi
++ ;;
++esac
++
++if test "X${have_blacklist}" != "X"
++then
++ { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
++$as_echo "yes" >&6; }
++ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing blacklist" >&5
++$as_echo_n "checking for library containing blacklist... " >&6; }
++if ${ac_cv_search_blacklist+:} false; then :
++ $as_echo_n "(cached) " >&6
++else
++ ac_func_search_save_LIBS=$LIBS
++cat confdefs.h - <<_ACEOF >conftest.$ac_ext
++/* end confdefs.h. */
++
++/* Override any GCC internal prototype to avoid an error.
++ Use char because int might match the return type of a GCC
++ builtin and then its argument prototype would still apply. */
++#ifdef __cplusplus
++extern "C"
++#endif
++char blacklist_open(void);
++int
++main ()
++{
++return blacklist_open();
++ ;
++ return 0;
++}
++_ACEOF
++for ac_lib in '' blacklist; do
++ if test -z "$ac_lib"; then
++ ac_res="none required"
++ else
++ ac_res=-l$ac_lib
++ LIBS="-l$ac_lib $ac_func_search_save_LIBS"
++ fi
++ if ac_fn_c_try_link "$LINENO"; then :
++ ac_cv_search_blacklist=$ac_res
++fi
++rm -f core conftest.err conftest.$ac_objext \
++ conftest$ac_exeext
++ if ${ac_cv_search_blacklist+:} false; then :
++ break
++fi
++done
++if ${ac_cv_search_blacklist+:} false; then :
++
++else
++ ac_cv_search_blacklist=no
++fi
++rm conftest.$ac_ext
++LIBS=$ac_func_search_save_LIBS
++fi
++{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_blacklist" >&5
++$as_echo "$ac_cv_search_blacklist" >&6; }
++ac_res=$ac_cv_search_blacklist
++if test "$ac_res" != no; then :
++ test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
++
++else
++ as_fn_error $? "found blacklist include but not library." "$LINENO" 5
++ have_blacklist=""
++fi
++
++elif test "X$with_blacklist" = Xyes
++then
++ as_fn_error $? "include/blacklist.h not found." "$LINENO" 5
++else
++ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
++$as_echo "no" >&6; }
++fi
++
++BLACKLIST=
++if test "X${have_blacklist}" != "X"
++then
++ CFLAGS="$CFLAGS $blacklist_cflags"
++
++$as_echo "#define HAVE_BLACKLIST 1" >>confdefs.h
++
++ BLACKLIST=1
++fi
++if test "X${blacklist_libs}" != "X"
++then
++ BLACKLISTLINKSRCS='${BLACKLISTLINKSRCS}'
++ BLACKLISTLINKOBJS='${BLACKLISTLINKOBJS}'
++fi
+
+
+
+@@ -22407,7 +22544,7 @@ else
+
+ fi
+ ;; #(
+- *-freebsd*|*-openbsd*|*-netbsd*) :
++ *-dragonfly*|*-freebsd*|*-openbsd*|*-netbsd*) :
+
+ LDFLAGS="${LDFLAGS} -Wl,-E"
+ SO_CFLAGS="-fpic"
+@@ -22439,9 +22576,9 @@ fi
+ ;; #(
+ *-solaris*) :
+
+- SO_CFLAGS="-KPIC"
+- SO_LDFLAGS="-G -z text"
+- SO_LD="ld"
++ SO_CFLAGS="-fPIC"
++ SO_LDFLAGS="-Xcompiler -shared -Wl,-z -Wl,text"
++ SO_LD="${CC}"
+ ;; #(
+ ia64-hp-hpux*) :
+
+@@ -22870,8 +23007,8 @@ $as_echo "no" >&6; }
+ fi
+ if test -n "-L$use_dlz_postgres_lib -lpq"
+ then
+- DLZ_DRIVER_LIBS="$DLZ_DRIVER_LIBS -L$use_dlz_postgres_lib -lpq"
+- DLZ_DRIVER_POSTGRES_LIBS="-L$use_dlz_postgres_lib -lpq"
++ DLZ_DRIVER_LIBS="$DLZ_DRIVER_LIBS -L${PREFIX}/lib -lpq"
++ DLZ_DRIVER_POSTGRES_LIBS="-L${PREFIX}/lib -lpq"
+ fi
+
+
+@@ -26070,6 +26207,7 @@ report() {
+ test "X$PYTHON" = "X" || echo " Python tools (--with-python)"
+ test "X$LIBXML2_LIBS" = "X" || echo " XML statistics (--with-libxml2)"
+ test "X$JSON_C_LIBS" = "X" || echo " JSON statistics (--with-json-c): $JSON_C_CFLAGS $JSON_C_LIBS"
++ test "X$BLACKLIST" = "X" || echo " blacklist support (--with-blacklist)"
+ test "X$ZLIB_LIBS" = "X" || echo " HTTP zlib compression (--with-zlib)"
+ test "X$NZD_TOOLS" = "X" || echo " LMDB database to store configuration for 'addzone' zones (--with-lmdb)"
+ test "no" = "$with_libidn2" || echo " IDN support (--with-libidn2)"
+@@ -26148,6 +26286,7 @@ report() {
+ test "X$PYTHON" = "X" && echo " Python tools (--with-python)"
+ test "X$LIBXML2_LIBS" = "X" && echo " XML statistics (--with-libxml2)"
+ test "X$JSON_C_LIBS" = "X" && echo " JSON statistics (--with-json-c)"
++ test "X$BLACKLIST" = "X" && echo " blacklist support (--with-blacklist)"
+ test "X$ZLIB_LIBS" = "X" && echo " HTTP zlib compression (--with-zlib)"
+ test "X$NZD_TOOLS" = "X" && echo " LMDB database to store configuration for 'addzone' zones (--with-lmdb)"
+ test "no" = "$with_libidn2" && echo " IDN support (--with-libidn2)"
diff --git a/bind916/patches/patch-contrib_dlz_config.dlz.in b/bind916/patches/patch-contrib_dlz_config.dlz.in
new file mode 100644
index 0000000000..5017f2395e
--- /dev/null
+++ b/bind916/patches/patch-contrib_dlz_config.dlz.in
@@ -0,0 +1,15 @@
+$NetBSD: patch-contrib_dlz_config.dlz.in,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* Link proper postgresql library.
+
+--- contrib/dlz/config.dlz.in.orig 2018-07-03 06:56:55.000000000 +0000
++++ contrib/dlz/config.dlz.in
+@@ -113,7 +113,7 @@ case "$use_dlz_postgres" in
+ *)
+ DLZ_ADD_DRIVER(POSTGRES, dlz_postgres_driver,
+ [-I$use_dlz_postgres],
+- [-L$use_dlz_postgres_lib -lpq])
++ [-L${PREFIX}/lib -lpq])
+
+ AC_MSG_RESULT(
+ [using PostgreSQL from $use_dlz_postgres_lib and $use_dlz_postgres])
diff --git a/bind916/patches/patch-lib_dns_byaddr.c b/bind916/patches/patch-lib_dns_byaddr.c
new file mode 100644
index 0000000000..323f598194
--- /dev/null
+++ b/bind916/patches/patch-lib_dns_byaddr.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-lib_dns_byaddr.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* C syntax.
+
+--- lib/dns/byaddr.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ lib/dns/byaddr.c
+@@ -160,7 +160,7 @@ lookup_done(isc_task_t *task, isc_event_
+ byaddr->event->result = levent->result;
+ }
+ isc_event_free(&event);
+- isc_task_sendanddetach(&byaddr->task, (isc_event_t **)&byaddr->event);
++ isc_task_sendanddetach(&byaddr->task, (isc_event_t **)(void *)&byaddr->event);
+ }
+
+ static void
diff --git a/bind916/patches/patch-lib_dns_dnsrps.c b/bind916/patches/patch-lib_dns_dnsrps.c
new file mode 100644
index 0000000000..47ddee00b1
--- /dev/null
+++ b/bind916/patches/patch-lib_dns_dnsrps.c
@@ -0,0 +1,14 @@
+$NetBSD: patch-lib_dns_dnsrps.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* Use stdlib.h.
+
+--- lib/dns/dnsrps.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ lib/dns/dnsrps.c
+@@ -15,6 +15,7 @@
+
+ #include <inttypes.h>
+ #include <stdbool.h>
++#include <stdlib.h>
+
+ #ifdef USE_DNSRPS
+
diff --git a/bind916/patches/patch-lib_dns_gssapi__link.c b/bind916/patches/patch-lib_dns_gssapi__link.c
new file mode 100644
index 0000000000..22efda3ef8
--- /dev/null
+++ b/bind916/patches/patch-lib_dns_gssapi__link.c
@@ -0,0 +1,20 @@
+$NetBSD: patch-lib_dns_gssapi__link.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* C syntax.
+
+--- lib/dns/gssapi_link.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ lib/dns/gssapi_link.c
+@@ -190,9 +190,12 @@ gssapi_verify(dst_context_t *dctx, const
+ gss_buffer_desc gmessage, gsig;
+ OM_uint32 minor, gret;
+ gss_ctx_id_t gssctx = dctx->key->keydata.gssctx;
+- unsigned char buf[sig->length];
++ unsigned char buf[4096];
+ char err[1024];
+
++ if (sizeof(buf) < sig->length)
++ abort();
++
+ /*
+ * Convert the data we wish to sign into a structure gssapi can
+ * understand.
diff --git a/bind916/patches/patch-lib_dns_lookup.c b/bind916/patches/patch-lib_dns_lookup.c
new file mode 100644
index 0000000000..210d4a7835
--- /dev/null
+++ b/bind916/patches/patch-lib_dns_lookup.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-lib_dns_lookup.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* C syntax.
+
+--- lib/dns/lookup.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ lib/dns/lookup.c
+@@ -339,7 +339,7 @@ lookup_find(dns_lookup_t *lookup, dns_fe
+ lookup->event->result = result;
+ lookup->event->ev_sender = lookup;
+ isc_task_sendanddetach(&lookup->task,
+- (isc_event_t **)&lookup->event);
++ (isc_event_t **)(void *)&lookup->event);
+ dns_view_detach(&lookup->view);
+ }
+
diff --git a/bind916/patches/patch-lib_dns_message.c b/bind916/patches/patch-lib_dns_message.c
new file mode 100644
index 0000000000..4c4e902cf9
--- /dev/null
+++ b/bind916/patches/patch-lib_dns_message.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-lib_dns_message.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* Avoid uninitialized variable warning.
+
+--- lib/dns/message.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ lib/dns/message.c
+@@ -996,7 +996,7 @@ getquestions(isc_buffer_t *source, dns_m
+ dns_name_t *name;
+ dns_name_t *name2;
+ dns_offsets_t *offsets;
+- dns_rdataset_t *rdataset;
++ dns_rdataset_t *rdataset = NULL;
+ dns_rdatalist_t *rdatalist;
+ isc_result_t result;
+ dns_rdatatype_t rdtype;
diff --git a/bind916/patches/patch-lib_dns_rbt.c b/bind916/patches/patch-lib_dns_rbt.c
new file mode 100644
index 0000000000..2c6ff04cbe
--- /dev/null
+++ b/bind916/patches/patch-lib_dns_rbt.c
@@ -0,0 +1,68 @@
+$NetBSD: patch-lib_dns_rbt.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* Disable inline on powerpc.
+
+--- lib/dns/rbt.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ lib/dns/rbt.c
+@@ -301,12 +301,13 @@ Name(dns_rbtnode_t *node) {
+ }
+
+ static void
+-hexdump(const char *desc, unsigned char *data, size_t size) {
++hexdump(const char *desc, void *blob, size_t size) {
+ char hexdump[BUFSIZ * 2 + 1];
+ isc_buffer_t b;
+ isc_region_t r;
+ isc_result_t result;
+ size_t bytes;
++ uint8_t *data = blob;
+
+ fprintf(stderr, "%s: ", desc);
+ do {
+@@ -324,6 +325,10 @@ hexdump(const char *desc, unsigned char
+ }
+ #endif /* DEBUG */
+
++#if !defined(inline) && defined(__powerpc__)
++#define inline /**/
++#endif
++
+ /*
+ * Upper node is the parent of the root of the passed node's
+ * subtree. The passed node must not be NULL.
+@@ -600,7 +605,7 @@ serialize_node(FILE *file, dns_rbtnode_t
+ fprintf(stderr, "serialize ");
+ dns_name_print(name, stderr);
+ fprintf(stderr, "\n");
+- hexdump("node header", (unsigned char *)&temp_node,
++ hexdump("node header", &temp_node,
+ sizeof(dns_rbtnode_t));
+ hexdump("node data", node_data, datasize);
+ #endif /* ifdef DEBUG */
+@@ -721,7 +726,7 @@ dns_rbt_serialize_tree(FILE *file, dns_r
+
+ isc_crc64_final(&crc);
+ #ifdef DEBUG
+- hexdump("serializing CRC", (unsigned char *)&crc, sizeof(crc));
++ hexdump("serializing CRC", &crc, sizeof(crc));
+ #endif /* ifdef DEBUG */
+
+ /* Serialize header */
+@@ -852,7 +857,7 @@ treefix(dns_rbt_t *rbt, void *base, size
+ fprintf(stderr, "deserialize ");
+ dns_name_print(&nodename, stderr);
+ fprintf(stderr, "\n");
+- hexdump("node header", (unsigned char *)&header, sizeof(dns_rbtnode_t));
++ hexdump("node header", &header, sizeof(dns_rbtnode_t));
+ hexdump("node data", node_data, datasize);
+ #endif /* ifdef DEBUG */
+ isc_crc64_update(crc, (const uint8_t *)&header, sizeof(dns_rbtnode_t));
+@@ -928,7 +933,7 @@ dns_rbt_deserialize_tree(void *base_addr
+
+ isc_crc64_final(&crc);
+ #ifdef DEBUG
+- hexdump("deserializing CRC", (unsigned char *)&crc, sizeof(crc));
++ hexdump("deserializing CRC", &crc, sizeof(crc));
+ #endif /* ifdef DEBUG */
+
+ /* Check file hash */
diff --git a/bind916/patches/patch-lib_dns_rbtdb.c b/bind916/patches/patch-lib_dns_rbtdb.c
new file mode 100644
index 0000000000..797f24cebc
--- /dev/null
+++ b/bind916/patches/patch-lib_dns_rbtdb.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-lib_dns_rbtdb.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* C syntax.
+
+--- lib/dns/rbtdb.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ lib/dns/rbtdb.c
+@@ -2148,7 +2148,7 @@ prune_tree(isc_task_t *task, isc_event_t
+ NODE_UNLOCK(&rbtdb->node_locks[locknum].lock, isc_rwlocktype_write);
+ RWUNLOCK(&rbtdb->tree_lock, isc_rwlocktype_write);
+
+- detach((dns_db_t **)&rbtdb);
++ detach((dns_db_t **)(void *)&rbtdb);
+ }
+
+ static inline void
diff --git a/bind916/patches/patch-lib_dns_request.c b/bind916/patches/patch-lib_dns_request.c
new file mode 100644
index 0000000000..49a4a840da
--- /dev/null
+++ b/bind916/patches/patch-lib_dns_request.c
@@ -0,0 +1,24 @@
+$NetBSD: patch-lib_dns_request.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* C syntax.
+
+--- lib/dns/request.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ lib/dns/request.c
+@@ -1443,7 +1443,7 @@ req_sendevent(dns_request_t *request, is
+ task = request->event->ev_sender;
+ request->event->ev_sender = request;
+ request->event->result = result;
+- isc_task_sendanddetach(&task, (isc_event_t **)&request->event);
++ isc_task_sendanddetach(&task, (isc_event_t **)(void *)&request->event);
+ }
+
+ static void
+@@ -1460,7 +1460,7 @@ req_destroy(dns_request_t *request) {
+ isc_buffer_free(&request->answer);
+ }
+ if (request->event != NULL) {
+- isc_event_free((isc_event_t **)&request->event);
++ isc_event_free((isc_event_t **)(void *)&request->event);
+ }
+ if (request->dispentry != NULL) {
+ dns_dispatch_removeresponse(&request->dispentry, NULL);
diff --git a/bind916/patches/patch-lib_dns_sdb.c b/bind916/patches/patch-lib_dns_sdb.c
new file mode 100644
index 0000000000..52779e41ec
--- /dev/null
+++ b/bind916/patches/patch-lib_dns_sdb.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-lib_dns_sdb.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* C syntax.
+
+--- lib/dns/sdb.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ lib/dns/sdb.c
+@@ -621,7 +621,7 @@ createnode(dns_sdb_t *sdb, dns_sdbnode_t
+ node = isc_mem_get(sdb->common.mctx, sizeof(dns_sdbnode_t));
+
+ node->sdb = NULL;
+- attach((dns_db_t *)sdb, (dns_db_t **)&node->sdb);
++ attach((dns_db_t *)sdb, (dns_db_t **)(void *)&node->sdb);
+ ISC_LIST_INIT(node->lists);
+ ISC_LIST_INIT(node->buffers);
+ ISC_LINK_INIT(node, link);
diff --git a/bind916/patches/patch-lib_dns_spnego.c b/bind916/patches/patch-lib_dns_spnego.c
new file mode 100644
index 0000000000..b024874382
--- /dev/null
+++ b/bind916/patches/patch-lib_dns_spnego.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-lib_dns_spnego.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* Avoid gcc warning.
+
+--- lib/dns/spnego.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ lib/dns/spnego.c
+@@ -1503,7 +1503,7 @@ spnego_initial(OM_uint32 *minor_status,
+ gss_buffer_desc krb5_output_token = GSS_C_EMPTY_BUFFER;
+ unsigned char *buf = NULL;
+ size_t buf_size;
+- size_t len;
++ size_t len = 0; /* XXX: gcc */
+ int ret;
+
+ (void)mech_type;
diff --git a/bind916/patches/patch-lib_dns_validator.c b/bind916/patches/patch-lib_dns_validator.c
new file mode 100644
index 0000000000..e0e7988327
--- /dev/null
+++ b/bind916/patches/patch-lib_dns_validator.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-lib_dns_validator.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* C syntax.
+
+--- lib/dns/validator.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ lib/dns/validator.c
+@@ -221,7 +221,7 @@ validator_done(dns_validator_t *val, isc
+ val->event->ev_type = DNS_EVENT_VALIDATORDONE;
+ val->event->ev_action = val->action;
+ val->event->ev_arg = val->arg;
+- isc_task_sendanddetach(&task, (isc_event_t **)&val->event);
++ isc_task_sendanddetach(&task, (isc_event_t **)(void *)&val->event);
+ }
+
+ /*
diff --git a/bind916/patches/patch-lib_dns_view.c b/bind916/patches/patch-lib_dns_view.c
new file mode 100644
index 0000000000..c87932a113
--- /dev/null
+++ b/bind916/patches/patch-lib_dns_view.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-lib_dns_view.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* Use nta sub-directory as NetBSD base system.
+
+--- lib/dns/view.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ lib/dns/view.c
+@@ -105,7 +105,7 @@ dns_view_create(isc_mem_t *mctx, dns_rda
+ isc_mem_attach(mctx, &view->mctx);
+ view->name = isc_mem_strdup(mctx, name);
+
+- result = isc_file_sanitize(NULL, view->name, "nta", buffer,
++ result = isc_file_sanitize("nta", view->name, "nta", buffer,
+ sizeof(buffer));
+ if (result != ISC_R_SUCCESS) {
+ goto cleanup_name;
diff --git a/bind916/patches/patch-lib_isc_backtrace.c b/bind916/patches/patch-lib_isc_backtrace.c
new file mode 100644
index 0000000000..ecd07551f6
--- /dev/null
+++ b/bind916/patches/patch-lib_isc_backtrace.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-lib_isc_backtrace.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* C syntax.
+
+--- lib/isc/backtrace.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ lib/isc/backtrace.c
+@@ -196,7 +196,7 @@ isc_backtrace_gettrace(void **addrs, int
+ * first argument. Note that the body of this function cannot be
+ * inlined since it depends on the address of the function argument.
+ */
+- sp = (void **)&addrs - 2;
++ sp = (void **)(void *)&addrs - 2;
+ #endif /* ifdef __x86_64__ */
+
+ while (sp != NULL && i < maxaddrs) {
diff --git a/bind916/patches/patch-lib_isc_unix_net.c b/bind916/patches/patch-lib_isc_unix_net.c
new file mode 100644
index 0000000000..cfaae8fdd9
--- /dev/null
+++ b/bind916/patches/patch-lib_isc_unix_net.c
@@ -0,0 +1,23 @@
+$NetBSD: patch-lib_isc_unix_net.c,v 1.1 2019/10/24 12:50:36 otis Exp $
+
+* Fix build on SmartOS. In this special case, _XOPEN_SOURCE has to be only
+ defined on SmartOS.
+
+--- lib/isc/unix/net.c.orig 2019-10-02 06:24:10.000000000 +0000
++++ lib/isc/unix/net.c
+@@ -9,6 +9,15 @@
+ * information regarding copyright ownership.
+ */
+
++/* needed for CMSG_DATA */
++#if defined(__sun)
++#if (__STDC_VERSION__ - 0 < 199901L)
++#define _XOPEN_SOURCE 500
++#else
++#define _XOPEN_SOURCE 600
++#endif
++#endif
++
+ #include <stdbool.h>
+ #include <sys/types.h>
+
diff --git a/bind916/patches/patch-lib_isc_unix_socket.c b/bind916/patches/patch-lib_isc_unix_socket.c
new file mode 100644
index 0000000000..d75c8da710
--- /dev/null
+++ b/bind916/patches/patch-lib_isc_unix_socket.c
@@ -0,0 +1,23 @@
+$NetBSD: patch-lib_isc_unix_socket.c,v 1.3 2019/10/24 12:50:36 otis Exp $
+
+* Fix build on SmartOS. In this special case, _XOPEN_SOURCE has to be only
+ defined on SmartOS.
+
+--- lib/isc/unix/socket.c.orig 2019-10-02 06:24:10.000000000 +0000
++++ lib/isc/unix/socket.c
+@@ -11,6 +11,15 @@
+
+ /*! \file */
+
++/* needed for CMSG_DATA */
++#if defined(__sun)
++#if (__STDC_VERSION__ - 0 < 199901L)
++#define _XOPEN_SOURCE 500
++#else
++#define _XOPEN_SOURCE 600
++#endif
++#endif
++
+ #include <inttypes.h>
+ #include <stdbool.h>
+ #include <sys/param.h>
diff --git a/bind916/patches/patch-lib_isc_unix_time.c b/bind916/patches/patch-lib_isc_unix_time.c
new file mode 100644
index 0000000000..34c64d7a52
--- /dev/null
+++ b/bind916/patches/patch-lib_isc_unix_time.c
@@ -0,0 +1,35 @@
+$NetBSD: patch-lib_isc_unix_time.c,v 1.1 2019/04/30 03:34:34 taca Exp $
+
+* More check time_t range.
+
+--- lib/isc/unix/time.c.orig 2019-04-06 20:09:59.000000000 +0000
++++ lib/isc/unix/time.c
+@@ -285,7 +285,7 @@ isc_time_seconds(const isc_time_t *t) {
+
+ isc_result_t
+ isc_time_secondsastimet(const isc_time_t *t, time_t *secondsp) {
+- time_t seconds;
++ time_t seconds, i;
+
+ REQUIRE(t != NULL);
+ INSIST(t->nanoseconds < NS_PER_S);
+@@ -312,7 +312,18 @@ isc_time_secondsastimet(const isc_time_t
+ INSIST(sizeof(unsigned int) == sizeof(uint32_t));
+ INSIST(sizeof(time_t) >= sizeof(uint32_t));
+
+- if (t->seconds > (~0U >> 1) && seconds <= (time_t)(~0U >> 1)) {
++ if (sizeof(time_t) == sizeof(uint32_t) && /* Same size. */
++ (time_t)0.5 != 0.5 && /* Not a floating point type. */
++ (i = (time_t)-1) != 4294967295u && /* Is signed. */
++ (seconds &
++ (1ULL << (sizeof(time_t) * CHAR_BIT - 1))) != 0ULL) { /* Negative. */
++ /*
++ * This UNUSED() is here to shut up the IRIX compiler:
++ * variable "i" was set but never used
++ * when the value of i *was* used in the third test.
++ * (Let's hope the compiler got the actual test right.)
++ */
++ UNUSED(i);
+ return (ISC_R_RANGE);
+ }
+
Home |
Main Index |
Thread Index |
Old Index