diff --git a/bind-9.11-tests-pkcs11.patch b/bind-9.11-tests-pkcs11.patch new file mode 100644 index 0000000..79c55b2 --- /dev/null +++ b/bind-9.11-tests-pkcs11.patch @@ -0,0 +1,39 @@ +From 66298a12b09784eab2c052ab22f87bb2b2f1267b Mon Sep 17 00:00:00 2001 +From: Petr Mensik +Date: Fri, 1 Mar 2019 15:55:46 +0100 +Subject: [PATCH] Detect correctly pkcs11 support + +It fails now always, because oot builds are not supported by +cleanpkcs11.sh. +--- + bin/tests/system/cleanpkcs11.sh | 2 +- + bin/tests/system/conf.sh.in | 1 + + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/bin/tests/system/cleanpkcs11.sh b/bin/tests/system/cleanpkcs11.sh +index b974708..3bbef4c 100644 +--- a/bin/tests/system/cleanpkcs11.sh ++++ b/bin/tests/system/cleanpkcs11.sh +@@ -12,6 +12,6 @@ + SYSTEMTESTTOP=. + . $SYSTEMTESTTOP/conf.sh + +-if [ ! -x ../../pkcs11/pkcs11-destroy ]; then exit 1; fi ++if [ ! -x "$PK11DESTROY" ]; then exit 1; fi + + $PK11DEL -w0 > /dev/null 2>&1 +diff --git a/bin/tests/system/conf.sh.in b/bin/tests/system/conf.sh.in +index a446c18..ede1203 100644 +--- a/bin/tests/system/conf.sh.in ++++ b/bin/tests/system/conf.sh.in +@@ -46,6 +46,7 @@ CHECKZONE=$TOP/bin/check/named-checkzone + CHECKCONF=$TOP/bin/check/named-checkconf + PK11GEN="$TOP/bin/pkcs11/pkcs11-keygen -q -s ${SLOT:-0} -p ${HSMPIN:-1234}" + PK11LIST="$TOP/bin/pkcs11/pkcs11-list -s ${SLOT:-0} -p ${HSMPIN:-1234}" ++PK11DESTROY=$TOP/bin/pkcs11/pkcs11-destroy + PK11DEL="$TOP/bin/pkcs11/pkcs11-destroy -s ${SLOT:-0} -p ${HSMPIN:-1234} -w 0" + JOURNALPRINT=$TOP/bin/tools/named-journalprint + VERIFY=$TOP/bin/dnssec/dnssec-verify +-- +2.20.1 + diff --git a/bind-9.11-tests-variants.patch b/bind-9.11-tests-variants.patch new file mode 100644 index 0000000..b8ab1c0 --- /dev/null +++ b/bind-9.11-tests-variants.patch @@ -0,0 +1,65 @@ +From 118c70ab26f54f8ecd38da36f3e7d7ed66e2e764 Mon Sep 17 00:00:00 2001 +From: Petr Mensik +Date: Fri, 1 Mar 2019 15:48:20 +0100 +Subject: [PATCH] Make alternative named builds testable in system tests + +Red Hat has alternative variant builds of named, which are not ever +tested by system tests. New variables make it relatively easy to test +alternative variants. + +For sdb variant use: +export NAMED_VARIANT=-sdb DNSSEC_VARIANT= + +For pkcs variant use: +export NAMED_VARIANT=-pkcs11 DNSSEC_VARIANT=-pkcs11 +--- + bin/tests/system/conf.sh.in | 19 ++++++++++--------- + 1 file changed, 10 insertions(+), 9 deletions(-) + +diff --git a/bin/tests/system/conf.sh.in b/bin/tests/system/conf.sh.in +index 0b9706a..a446c18 100644 +--- a/bin/tests/system/conf.sh.in ++++ b/bin/tests/system/conf.sh.in +@@ -20,7 +20,7 @@ TOP=${SYSTEMTESTTOP:=.}/../../.. + # Make it absolute so that it continues to work after we cd. + TOP=`cd $TOP && pwd` + +-NAMED=$TOP/bin/named/named ++NAMED=$TOP/bin/named${NAMED_VARIANT}/named${NAMED_VARIANT} + # We must use "named -l" instead of "lwresd" because argv[0] is lost + # if the program is libtoolized. + LWRESD="$TOP/bin/named/named -l" +@@ -31,13 +31,14 @@ NSUPDATE=$TOP/bin/nsupdate/nsupdate + DDNSCONFGEN=$TOP/bin/confgen/ddns-confgen + TSIGKEYGEN=$TOP/bin/confgen/tsig-keygen + RNDCCONFGEN=$TOP/bin/confgen/rndc-confgen +-KEYGEN=$TOP/bin/dnssec/dnssec-keygen +-KEYFRLAB=$TOP/bin/dnssec/dnssec-keyfromlabel +-SIGNER=$TOP/bin/dnssec/dnssec-signzone +-REVOKE=$TOP/bin/dnssec/dnssec-revoke +-SETTIME=$TOP/bin/dnssec/dnssec-settime +-DSFROMKEY=$TOP/bin/dnssec/dnssec-dsfromkey +-IMPORTKEY=$TOP/bin/dnssec/dnssec-importkey ++KEYGEN=$TOP/bin/dnssec${DNSSEC_VARIANT}/dnssec-keygen${DNSSEC_VARIANT} ++KEYFRLAB=$TOP/bin/dnssec${DNSSEC_VARIANT}/dnssec-keyfromlabel${DNSSEC_VARIANT} ++SIGNER=$TOP/bin/dnssec${DNSSEC_VARIANT}/dnssec-signzone${DNSSEC_VARIANT} ++REVOKE=$TOP/bin/dnssec${DNSSEC_VARIANT}/dnssec-revoke${DNSSEC_VARIANT} ++SETTIME=$TOP/bin/dnssec${DNSSEC_VARIANT}/dnssec-settime${DNSSEC_VARIANT} ++DSFROMKEY=$TOP/bin/dnssec${DNSSEC_VARIANT}/dnssec-dsfromkey${DNSSEC_VARIANT} ++IMPORTKEY=$TOP/bin/dnssec${DNSSEC_VARIANT}/dnssec-importkey${DNSSEC_VARIANT} ++CHECKDS=$TOP/bin/python/dnssec-checkds + CHECKDS=$TOP/bin/python/dnssec-checkds + COVERAGE=$TOP/bin/python/dnssec-coverage + KEYMGR=$TOP/bin/python/dnssec-keymgr +@@ -57,7 +58,7 @@ DNSTAPREAD=$TOP/bin/tools/dnstap-read + MDIG=$TOP/bin/tools/mdig + NZD2NZF=$TOP/bin/tools/named-nzd2nzf + FSTRM_CAPTURE=@FSTRM_CAPTURE@ +-FEATURETEST=$TOP/bin/named/feature-test ++FEATURETEST=$TOP/bin/named${NAMED_VARIANT}/feature-test${NAMED_VARIANT} + + RANDFILE=$TOP/bin/tests/system/random.data + +-- +2.20.1 + diff --git a/bind.spec b/bind.spec index d2a0951..ecbc8f7 100644 --- a/bind.spec +++ b/bind.spec @@ -54,7 +54,7 @@ Summary: The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) serv Name: bind License: MPLv2.0 Version: 9.11.5 -Release: 14%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist} +Release: 15%{?PATCHVER:.%{PATCHVER}}%{?PREVER:.%{PREVER}}%{?dist} Epoch: 32 Url: https://www.isc.org/downloads/bind/ # @@ -144,6 +144,8 @@ Patch167:bind-9.11-ed448-disable.patch Patch168:bind-9.11-unit-disable-random.patch Patch169:bind-9.11-feature-test-dlz.patch Patch170:bind-9.11-feature-test-named.patch +Patch171:bind-9.11-tests-variants.patch +Patch172:bind-9.11-tests-pkcs11.patch # SDB patches Patch11: bind-9.3.2b2-sdbsrc.patch @@ -527,6 +529,8 @@ are used for building ISC DHCP. %patch168 -p1 -b .random_test-disable %patch169 -p1 -b .featuretest-dlz %patch170 -p1 -b .featuretest-named +%patch171 -p1 -b .test-variant +%patch172 -p1 -b .test-pkcs11 mkdir lib/dns/tests/testdata/dstrandom cp -a %{SOURCE50} lib/dns/tests/testdata/dstrandom/random.data @@ -1534,6 +1538,9 @@ fi; %changelog +* Fri Mar 01 2019 Petr Menšík - 32:9.11.5-15.P4 +- Support testing of named variants + * Thu Feb 28 2019 Petr Menšík - 32:9.11.5-14.P4 - Modify feature-test detection of dlz-filesystem