summaryrefslogtreecommitdiff
path: root/dns
diff options
context:
space:
mode:
authorRene Ladan <rene@FreeBSD.org>2023-06-03 13:12:41 +0200
committerRene Ladan <rene@FreeBSD.org>2023-06-03 13:12:41 +0200
commit646bd0260150052db85de4166aea6f8fe116f4c3 (patch)
tree208e6bd38b7d4993ec66497d85768e59e3cffa66 /dns
parenta96b72ed5f03f080e862b739d25c65fb9dc84106 (diff)
downloadfreebsd-ports-646bd0260150052db85de4166aea6f8fe116f4c3.zip
dns/validns: Remove expired port
2023-06-03 dns/validns: Last upstream release was 10 years ago and last upstream activity in 2017
Diffstat (limited to 'dns')
-rw-r--r--dns/Makefile1
-rw-r--r--dns/validns/Makefile40
-rw-r--r--dns/validns/distinfo2
-rw-r--r--dns/validns/files/patch-Makefile13
-rw-r--r--dns/validns/files/patch-dnskey.c22
-rw-r--r--dns/validns/files/patch-nsec3checks.c52
-rw-r--r--dns/validns/files/patch-rrsig.c85
-rw-r--r--dns/validns/pkg-descr4
8 files changed, 0 insertions, 219 deletions
diff --git a/dns/Makefile b/dns/Makefile
index 91beeb203b11..7cf4c5ae1a62 100644
--- a/dns/Makefile
+++ b/dns/Makefile
@@ -238,7 +238,6 @@
SUBDIR += unbound
SUBDIR += updatedd
SUBDIR += utdns
- SUBDIR += validns
SUBDIR += vhostcname
SUBDIR += vizone
SUBDIR += void-zones-tools
diff --git a/dns/validns/Makefile b/dns/validns/Makefile
deleted file mode 100644
index 511c3d027787..000000000000
--- a/dns/validns/Makefile
+++ /dev/null
@@ -1,40 +0,0 @@
-PORTNAME= validns
-PORTVERSION= 0.8
-PORTREVISION= 2
-CATEGORIES= dns security
-MASTER_SITES= http://www.validns.net/download/
-
-MAINTAINER= umq@ueo.co.jp
-COMMENT= High performance DNS/DNSSEC zone validator
-WWW= http://www.validns.net/
-
-LICENSE= BSD2CLAUSE
-
-DEPRECATED= Last upstream release was 10 years ago and last upstream activity in 2017
-EXPIRATION_DATE= 2023-06-03
-BROKEN_SSL= openssl30 openssl31
-BROKEN_SSL_REASON= Requires OpenSSL 3.0.0 deprecated RSA_* routines
-
-LIB_DEPENDS= libJudy.so:devel/judy
-TEST_DEPENDS= p5-Test-Command-Simple>=0:devel/p5-Test-Command-Simple
-
-USES= ssl
-
-ALL_TARGET= ${PORTNAME}
-TEST_TARGET= test
-
-PLIST_FILES= bin/${PORTNAME} \
- man/man1/${PORTNAME}.1.gz
-
-PORTDOCS= Changes README installation.mdwn notes.mdwn \
- technical-notes.mdwn todo.mdwn usage.mdwn
-
-OPTIONS_DEFINE= DOCS
-
-do-install:
- ${INSTALL_PROGRAM} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin
- ${INSTALL_DATA} ${WRKSRC}/*.1 ${STAGEDIR}${MAN1PREFIX}/man/man1/
- @${MKDIR} ${STAGEDIR}${DOCSDIR}
- @${INSTALL_DATA} ${PORTDOCS:S,^,${WRKSRC}/,} ${STAGEDIR}${DOCSDIR}/
-
-.include <bsd.port.mk>
diff --git a/dns/validns/distinfo b/dns/validns/distinfo
deleted file mode 100644
index 093e188ad180..000000000000
--- a/dns/validns/distinfo
+++ /dev/null
@@ -1,2 +0,0 @@
-SHA256 (validns-0.8.tar.gz) = df2db0eaa998a0411ff4c1c4e417eb82d32aec4835f92f45f26c66c8d1d5bd22
-SIZE (validns-0.8.tar.gz) = 190325
diff --git a/dns/validns/files/patch-Makefile b/dns/validns/files/patch-Makefile
deleted file mode 100644
index 2faac8485459..000000000000
--- a/dns/validns/files/patch-Makefile
+++ /dev/null
@@ -1,13 +0,0 @@
---- Makefile.orig 2014-02-11 20:08:39 UTC
-+++ Makefile
-@@ -1,7 +1,7 @@
- # The following options seem to work fine on Linux, FreeBSD, and Darwin
--OPTIMIZE=-O2 -g
--CFLAGS=-Wall -Werror -pthread -fno-strict-aliasing
--INCPATH=-I/usr/local/include -I/opt/local/include -I/usr/local/ssl/include
-+#OPTIMIZE=-O2 -g
-+CFLAGS+=-Wall -Wno-unused-function -Werror -pthread
-+INCPATH=-I$(LOCALBASE)/include -I$(OPENSSLINC)
- CC?=cc
-
- # These additional options work on Solaris/gcc to which I have an access
diff --git a/dns/validns/files/patch-dnskey.c b/dns/validns/files/patch-dnskey.c
deleted file mode 100644
index e52879cbf9c5..000000000000
--- a/dns/validns/files/patch-dnskey.c
+++ /dev/null
@@ -1,22 +0,0 @@
---- dnskey.c.orig 2014-02-11 20:45:11 UTC
-+++ dnskey.c
-@@ -165,11 +165,17 @@ int dnskey_build_pkey(struct rr_dnskey *rr)
- if (l < e_bytes) /* public key is too short */
- goto done;
-
-- rsa->e = BN_bin2bn(pk, e_bytes, NULL);
-+ BIGNUM *e = BN_bin2bn(pk, e_bytes, NULL);
- pk += e_bytes;
- l -= e_bytes;
-+ BIGNUM *n = BN_bin2bn(pk, l, NULL);
-
-- rsa->n = BN_bin2bn(pk, l, NULL);
-+#if OPENSSL_VERSION_NUMBER < 0x10100005L
-+ rsa->e = e;
-+ rsa->n = n;
-+#else
-+ RSA_set0_key(rsa, n, e, NULL);
-+#endif
-
- pkey = EVP_PKEY_new();
- if (!pkey)
diff --git a/dns/validns/files/patch-nsec3checks.c b/dns/validns/files/patch-nsec3checks.c
deleted file mode 100644
index e2a204a9fd60..000000000000
--- a/dns/validns/files/patch-nsec3checks.c
+++ /dev/null
@@ -1,52 +0,0 @@
---- nsec3checks.c.orig 2014-02-11 20:46:07 UTC
-+++ nsec3checks.c
-@@ -28,7 +28,7 @@
- static struct binary_data name2hash(char *name, struct rr *param)
- {
- struct rr_nsec3param *p = (struct rr_nsec3param *)param;
-- EVP_MD_CTX ctx;
-+ EVP_MD_CTX *ctx;
- unsigned char md0[EVP_MAX_MD_SIZE];
- unsigned char md1[EVP_MAX_MD_SIZE];
- unsigned char *md[2];
-@@ -45,26 +45,28 @@ static struct binary_data name2hash(char *name, struct
-
- /* XXX Maybe use Init_ex and Final_ex for speed? */
-
-- EVP_MD_CTX_init(&ctx);
-- if (EVP_DigestInit(&ctx, EVP_sha1()) != 1)
-- return r;
-- digest_size = EVP_MD_CTX_size(&ctx);
-- EVP_DigestUpdate(&ctx, wire_name.data, wire_name.length);
-- EVP_DigestUpdate(&ctx, p->salt.data, p->salt.length);
-- EVP_DigestFinal(&ctx, md[mdi], NULL);
-+ ctx = EVP_MD_CTX_create();
-+ if (EVP_DigestInit(ctx, EVP_sha1()) != 1)
-+ goto out;
-+ digest_size = EVP_MD_CTX_size(ctx);
-+ EVP_DigestUpdate(ctx, wire_name.data, wire_name.length);
-+ EVP_DigestUpdate(ctx, p->salt.data, p->salt.length);
-+ EVP_DigestFinal(ctx, md[mdi], NULL);
-
- for (i = 0; i < p->iterations; i++) {
-- if (EVP_DigestInit(&ctx, EVP_sha1()) != 1)
-- return r;
-- EVP_DigestUpdate(&ctx, md[mdi], digest_size);
-+ if (EVP_DigestInit(ctx, EVP_sha1()) != 1)
-+ goto out;
-+ EVP_DigestUpdate(ctx, md[mdi], digest_size);
- mdi = (mdi + 1) % 2;
-- EVP_DigestUpdate(&ctx, p->salt.data, p->salt.length);
-- EVP_DigestFinal(&ctx, md[mdi], NULL);
-+ EVP_DigestUpdate(ctx, p->salt.data, p->salt.length);
-+ EVP_DigestFinal(ctx, md[mdi], NULL);
- }
-
- r.length = digest_size;
- r.data = getmem(digest_size);
- memcpy(r.data, md[mdi], digest_size);
-+ out:
-+ EVP_MD_CTX_destroy(ctx);
- return r;
- }
-
diff --git a/dns/validns/files/patch-rrsig.c b/dns/validns/files/patch-rrsig.c
deleted file mode 100644
index e62a3314705f..000000000000
--- a/dns/validns/files/patch-rrsig.c
+++ /dev/null
@@ -1,85 +0,0 @@
---- rrsig.c.orig 2014-02-11 20:45:39 UTC
-+++ rrsig.c
-@@ -26,7 +26,7 @@
- struct verification_data
- {
- struct verification_data *next;
-- EVP_MD_CTX ctx;
-+ EVP_MD_CTX *ctx;
- struct rr_dnskey *key;
- struct rr_rrsig *rr;
- int ok;
-@@ -180,7 +180,8 @@ void *verification_thread(void *dummy)
- if (d) {
- int r;
- d->next = NULL;
-- r = EVP_VerifyFinal(&d->ctx, (unsigned char *)d->rr->signature.data, d->rr->signature.length, d->key->pkey);
-+ r = EVP_VerifyFinal(d->ctx, (unsigned char *)d->rr->signature.data, d->rr->signature.length, d->key->pkey);
-+ EVP_MD_CTX_destroy(d->ctx);
- if (r == 1) {
- d->ok = 1;
- } else {
-@@ -232,7 +233,8 @@ static void schedule_verification(struct verification_
- } else {
- int r;
- G.stats.signatures_verified++;
-- r = EVP_VerifyFinal(&d->ctx, (unsigned char *)d->rr->signature.data, d->rr->signature.length, d->key->pkey);
-+ r = EVP_VerifyFinal(d->ctx, (unsigned char *)d->rr->signature.data, d->rr->signature.length, d->key->pkey);
-+ EVP_MD_CTX_destroy(d->ctx);
- if (r == 1) {
- d->ok = 1;
- } else {
-@@ -250,21 +252,21 @@ static int verify_signature(struct verification_data *
- struct rr *signed_rr;
- int i;
-
-- EVP_MD_CTX_init(&d->ctx);
-+ d->ctx = EVP_MD_CTX_create();
- switch (d->rr->algorithm) {
- case ALG_DSA:
- case ALG_RSASHA1:
- case ALG_DSA_NSEC3_SHA1:
- case ALG_RSASHA1_NSEC3_SHA1:
-- if (EVP_VerifyInit(&d->ctx, EVP_sha1()) != 1)
-+ if (EVP_VerifyInit(d->ctx, EVP_sha1()) != 1)
- return 0;
- break;
- case ALG_RSASHA256:
-- if (EVP_VerifyInit(&d->ctx, EVP_sha256()) != 1)
-+ if (EVP_VerifyInit(d->ctx, EVP_sha256()) != 1)
- return 0;
- break;
- case ALG_RSASHA512:
-- if (EVP_VerifyInit(&d->ctx, EVP_sha512()) != 1)
-+ if (EVP_VerifyInit(d->ctx, EVP_sha512()) != 1)
- return 0;
- break;
- default:
-@@ -274,7 +276,7 @@ static int verify_signature(struct verification_data *
- chunk = rrsig_wirerdata_ex(&d->rr->rr, 0);
- if (chunk.length < 0)
- return 0;
-- EVP_VerifyUpdate(&d->ctx, chunk.data, chunk.length);
-+ EVP_VerifyUpdate(d->ctx, chunk.data, chunk.length);
-
- set = getmem_temp(sizeof(*set) * signed_set->count);
-
-@@ -294,12 +296,12 @@ static int verify_signature(struct verification_data *
- chunk = name2wire_name(signed_set->named_rr->name);
- if (chunk.length < 0)
- return 0;
-- EVP_VerifyUpdate(&d->ctx, chunk.data, chunk.length);
-- b2 = htons(set[i].rr->rdtype); EVP_VerifyUpdate(&d->ctx, &b2, 2);
-- b2 = htons(1); /* class IN */ EVP_VerifyUpdate(&d->ctx, &b2, 2);
-- b4 = htonl(set[i].rr->ttl); EVP_VerifyUpdate(&d->ctx, &b4, 4);
-- b2 = htons(set[i].wired.length); EVP_VerifyUpdate(&d->ctx, &b2, 2);
-- EVP_VerifyUpdate(&d->ctx, set[i].wired.data, set[i].wired.length);
-+ EVP_VerifyUpdate(d->ctx, chunk.data, chunk.length);
-+ b2 = htons(set[i].rr->rdtype); EVP_VerifyUpdate(d->ctx, &b2, 2);
-+ b2 = htons(1); /* class IN */ EVP_VerifyUpdate(d->ctx, &b2, 2);
-+ b4 = htonl(set[i].rr->ttl); EVP_VerifyUpdate(d->ctx, &b4, 4);
-+ b2 = htons(set[i].wired.length); EVP_VerifyUpdate(d->ctx, &b2, 2);
-+ EVP_VerifyUpdate(d->ctx, set[i].wired.data, set[i].wired.length);
- }
-
- schedule_verification(d);
diff --git a/dns/validns/pkg-descr b/dns/validns/pkg-descr
deleted file mode 100644
index fed736f615a5..000000000000
--- a/dns/validns/pkg-descr
+++ /dev/null
@@ -1,4 +0,0 @@
-Validns is a standalone command line RFC 1034/1035 zone file
-validation tool that, in addition to basic syntactic and semantic zone
-checks, includes DNSSEC signature verification and NSEC/NSEC3 chain
-validation, as well a number of optional policy checks on the zone.