Overview

File curvedns.spec of Package curvedns

#
# spec file for package curvedns
#
# Copyright (c) 2012 Peter Conrad <obs@quisquis.de>
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/

%if 0%{?suse_version} >= 1200 || 0%{?fedora} >= 16
%define systemdunitdir  %(pkg-config --variable=systemdsystemunitdir systemd)
%endif
%if 0%{?suse_version} < 1000
%define defined()       %{expand:%%{?%{1}:1}%%{!?%{1}:0}}
%define undefined()     %{expand:%%{?%{1}:0}%%{!?%{1}:1}}
%endif
%if 0%{?fedora}
%define ext_man .gz
%endif
%if ! %{defined _fillupdir}
%define _fillupdir /var/adm/fillup-templates
%endif

Summary: A DNSCurve Forwarding Name Server
Name: curvedns
Version: 0.87
Release: 3.1
License: BSD-2-Clause
Group: Productivity/Networking/DNS/Servers
Source: https://github.com/curvedns/%{name}/archive/%{name}-%{version}.tar.gz
# Own creation, GPL
Source1: rc.curvedns
# Own creation, GPL
Source2: config.curvedns
# Own creation, GPL
Source3: curvedns.socket
# Own creation, GPL
Source4: curvedns.service
# GPL
Source5: COPYING
# Own creation, GPL
Source6: apparmor.curvedns
# Own creation, GPL
Source7: curvedns.private.key
# Own creation, GPL
Source8: curvedns.8
# Own creation, GPL
Source9: curvedns-keygen.8
# Own creation, GPL
Source10: service-run
# Own creation, GPL
Source11: log-run
# Own creation, GPL
Source12: curvedns.suse-fw
# PATCH-FEATURE-UPSTREAM conrad@quisquis.de
Patch: curvedns-PRIVATE_KEY_F.patch
# PATCH-FEATURE-UPSTREAM conrad@quisquis.de
Patch1: curvedns-systemd.patch
# PATCH-FIX-UPSTREAM conrad@quisquis.de
Patch2: curvedns-axfr.patch
# PATCH-FIX-UPSTREAM conrad@quisquis.de
Patch3: header.patch
URL: http://curvedns.on2it.net/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: libev-devel
%if 0%{?sle_version} >= 150400 || %{?suse_version} > 1500
BuildRequires: libsodium-devel
%else
BuildRequires: libnacl-devel-static
%endif
%if 0%{?suse_version} < 1120
BuildRequires: elfutils
%endif
%if %{defined systemdunitdir}
BuildRequires: systemd-devel, pkg-config
%if 0%{?fedora} == 0
BuildRequires: apparmor-profiles
%endif
%if 0%{?suse_version} == 1315
# for systemd.pc, actually only required in leap-42.2 it seems
BuildRequires:  systemd
%endif
%else
Requires(pre): %insserv_prereq
Requires: daemontools
%endif
Requires(pre): pwdutils
%if %{defined fillup_prereq}
Requires(pre): %fillup_prereq
%endif
%if 0%{?suse_version} >= 1100 && 0%{?suse_version} < 1150
Requires: licenses
BuildRequires: licenses
%endif
%if 0%{?suse_version} > 0 && 0%{?suse_version} <= 1500
BuildRequires: SuSEfirewall2
%endif

%description
CurveDNS is the first publicly released forwarding implementation that
implements the DNSCurve protocol.  DNSCurve uses high-speed high-security
elliptic-curve cryptography to drastically improve every dimension of DNS
security.  See http://dnscurve.org/ for protocol details.

What is so special about this implementation is the fact that any
authoritative DNS name server can act as a DNSCurve capable one, without
changing anything on your current DNS environment. The only thing a DNS data
manager (that is probably you) has to do is to install CurveDNS on a machine,
generate a keypair, and update NS type records that were pointing towards
your authoritative name server and let them point to this machine running
CurveDNS. Indeed, it is that easy to become fully protected against almost
any of the currently known DNS flaws, such as active and passive cache
poisoning.

CurveDNS supports:
* Forwarding of regular (non-protected) DNS packets;
* Unboxing of DNSCurve queries and forwarding the regular DNS packets
* Boxing of regular DNS responses to DNSCurve responses;
* Both DNSCurve's streamlined- and TXT-format;
* Caching of shared secrets;
* Both UDP and TCP;
* Both IPv4 and IPv6.

%prep
%setup -q -n %{name}-%{name}-%{version}
%__cp "%{S:8}" .
%patch -p1
%if %{defined systemdunitdir}
%patch1 -p1
%endif
%patch2 -p1
%patch3 -p1

%build
%__mkdir_p nacl/build/bin nacl/build/work
%__ln_s %{_libdir}/nacl/ok* nacl/build/bin/
export CFLAGS="%{optflags}"
%if %{defined systemdunitdir}
export CFLAGS="-D USE_SYSTEMD $CFLAGS"
%if 0%{?suse_version} >= 1500
LDFLAGS="-lsystemd"
%else
LDFLAGS="-lsystemd-daemon"
%endif
%endif
%if 0%{?sle_version} >= 150400 || %{?suse_version} > 1500
export EVCFLAGS="EVCFLAGS=-I/usr/include/sodium"
%else
export EVCFLAGS="EVCFLAGS=-I/usr/include/nacl"
%endif
%if 0%{?fedora}
export EVCFLAGS="EVCFLAGS=-I/usr/include/libev -I/usr/include/nacl"
%endif
%if 0%{?sle_version} >= 150400 || %{?suse_version} > 1500
sed "s=@CC@=gcc=;s|@CFLAGS@|$CFLAGS|;s=lnacl=lsodium=g" <Makefile.in >Makefile
%else
./configure.curvedns
echo " $CFLAGS" >nacl/build/work/curvedns/cflags
./configure.curvedns
%endif
%__make EVLDFLAGS="%{optflags}" "$EVCFLAGS" EXTRALIB="-lev $LDFLAGS"
sed '/^CONFIGFILE/s=$="%{_sysconfdir}/sysconfig/%{name}"=;/^PIDFILE/s=$="%{_localstatedir}/run/%{name}.pid"=;/^SERVICEDIR/s=$="%{_libexecdir}/%{name}"=' <%{S:1} >contrib/rc.curvedns
lic="`md5sum "%{S:5}" | cut -d' ' -f 1`"
if [ -r "/usr/share/doc/licenses/md5/$lic" ]; then
    %__ln_s -f /usr/share/doc/licenses/md5/"$lic" COPYING
else
    %__cp "%{S:5}" COPYING
fi
head -5 INSTALL >>README

%install
%__mkdir_p "%{buildroot}%{_sbindir}"
%__install -m 0755 curvedns curvedns-keygen "%{buildroot}%{_sbindir}"
%__mkdir_p -m 0700 "%{buildroot}%{_sysconfdir}/curvedns"
%__install -m 0600 "%{S:7}" "%{buildroot}%{_sysconfdir}/curvedns/private.key"
%__install -D -m 0600 "%{S:2}" "%{buildroot}%{_fillupdir}/sysconfig.%{name}"
%__mkdir_p "%{buildroot}%{_mandir}/man8"
%__install -m 0644 "%{S:9}" curvedns.8 "%{buildroot}%{_mandir}/man8/"

%if 0%{?suse_version} > 0 && 0%{?suse_version} <= 1500
%__mkdir_p -m 0700 "%{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/"
%__install -m 0644 "%{S:12}" "%{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/curvedns"
%endif

%if %{undefined systemdunitdir}

# /SysVInit

mkdir -p "%{buildroot}%{_libexecdir}/%{name}/log"


%__sed 's={name}=%{name}=g;s={_sysconfdir}=%{_sysconfdir}=g;s={_localstatedir}=%{_localstatedir}=g' <"%{S:10}" >"%{buildroot}%{_libexecdir}/%{name}/run"
%__sed 's={name}=%{name}=g;s={_sysconfdir}=%{_sysconfdir}=g;s={_localstatedir}=%{_localstatedir}=g' <"%{S:11}" >"%{buildroot}%{_libexecdir}/%{name}/log/run"
chmod 755 "%{buildroot}%{_libexecdir}/%{name}/run" "%{buildroot}%{_libexecdir}/%{name}/log/run"
mkdir -p "%{buildroot}%{_localstatedir}/log/%{name}"
mkdir -p "%{buildroot}%{_initrddir}"
install -m 0755 contrib/rc.curvedns "%{buildroot}%{_initrddir}/%{name}"
ln -sf "%{_initrddir}/curvedns" "%{buildroot}%{_sbindir}/rccurvedns"

# /SysVInit

%endif

%if %{defined systemdunitdir}

# systemd

%__mkdir_p "%{buildroot}%{systemdunitdir}"
%__install -m 0644 "%{S:3}" "%{S:4}" "%{buildroot}%{systemdunitdir}/"
%if 0%{?fedora} == 0
%__mkdir_p "%{buildroot}%{_sysconfdir}/apparmor.d"
%__install -m 0644 "%{S:6}" "%{buildroot}%{_sysconfdir}/apparmor.d/usr.sbin.curvedns"
%endif
%__sed -i 's/^\(LISTEN\|USER\|LOGUSER\).*/#& -- ignored when running under systemd/' "%{buildroot}%{_fillupdir}/sysconfig.%{name}"
ln -sf "%{_sbindir}/service" "%{buildroot}%{_sbindir}/rccurvedns"
# /systemd

%endif

%pre
getent group named >/dev/null || groupadd -r named
getent passwd named >/dev/null || useradd -r -g named -d "%{_sysconfdir}/%{name}" -s /sbin/nologin -c "user for curvedns" named

%if %{defined service_add_pre}
%service_add_pre curvedns.service
%service_add_pre curvedns.socket
%endif

exit 0

%post
%if %{undefined systemdunitdir}
%fillup_and_insserv curvedns
%restart_on_update curvedns
%endif
%if %{defined systemdunitdir}
%fillup_only curvedns
test -n "$FIRST_ARG" || FIRST_ARG=$1
if test "$FIRST_ARG" -ge 1 ; then
    if /bin/false && test -x /sbin/apparmor_parser ; then
	/sbin/apparmor_parser -r "%{_sysconfdir}/apparmor.d/usr.sbin.%{name}"
    fi
fi
%if %{defined service_add_post}
%service_add_post curvedns.service
%service_add_post curvedns.socket
%endif

%endif

%preun
%if %{undefined systemdunitdir}
%stop_on_removal curvedns
%endif
%if %{defined systemdunitdir}
%if %{defined service_del_preun}
%service_del_preun curvedns.socket
%service_del_preun curvedns.service
%else
test -n "$FIRST_ARG" || FIRST_ARG=$1
if test "$FIRST_ARG" -lt 1 ; then
    /bin/systemctl --no-reload disable %{name}.socket >/dev/null 2>&1 || :
    /bin/systemctl stop %{name}.socket >/dev/null 2>&1 || :
    /bin/systemctl --no-reload disable %{name}.service >/dev/null 2>&1 || :
    /bin/systemctl stop %{name}.service >/dev/null 2>&1 || :
    if /bin/false && test -x /sbin/apparmor_parser ; then
	/sbin/apparmor_parser -R "%{_sysconfdir}/apparmor.d/usr.sbin.%{name}"
    fi
fi
%endif
%endif

%postun
%if %{undefined systemdunitdir}
%insserv_cleanup
%endif
%if %{defined systemdunitdir}
%if %{defined service_del_postun}
%service_del_postun curvedns.socket
%service_del_postun curvedns.service
%else
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
test -n "$FIRST_ARG" || FIRST_ARG=$1
if test "$FIRST_ARG" -ge 1 ; then
    /bin/systemctl try-restart %{name}.service >/dev/null 2>&1 || :
fi
%endif
%endif

%clean
[ "%{buildroot}" = "/" ] || rm -rf "%{buildroot}"

%files
%defattr(-,root,root,-)
%doc ChangeLog LICENSE README VERSION COPYING
%config %attr(-,named,named) %{_sysconfdir}/curvedns/
%{_fillupdir}/sysconfig.%{name}
%{_mandir}/man8/curvedns.8%{ext_man}
%{_mandir}/man8/curvedns-keygen.8%{ext_man}
%{_sbindir}/curvedns
%{_sbindir}/curvedns-keygen
%if 0%{?suse_version} > 0 && 0%{?suse_version} <= 1500
%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/curvedns
%endif
%if %{undefined systemdunitdir}
%attr(755,named,named) %{_localstatedir}/log/%{name}/
%{_initrddir}/%{name}
%{_libexecdir}/%{name}/
%endif
%{_sbindir}/rccurvedns
%if %{defined systemdunitdir}
%if 0%{?fedora} == 0
%config %{_sysconfdir}/apparmor.d/usr.sbin.curvedns
%endif
%{systemdunitdir}/%{name}.socket
%{systemdunitdir}/%{name}.service
%endif

%changelog
openSUSE Build Service is sponsored by
Places