Description Joshua Kinard 2023-06-17 20:50:26 UTC

Created attachment 864095 [details]
Ebuild for bind-tools-9.18.15

Bind-9.18 has been out for a while and I haven't seen an ebuild pop for the tools-only package under bind-tools, so I went on ahead and put one together.  Overall, the build logic is a significant change from the 9.16-series.  It looks like Bind9's build system got an overhaul and it relies on libtool now for final linking, so one can't simply run the 'compile' phase and then copy some of the executables out to ${D}.  They're linked against several shared libraries now, too, so I found that running the 'install-exec' target gets us most of the way there, along with some light sedding of Makefile.am in a few subdirectories achieves a desirable outcome.

That said, I made some extensive notes about the changes I made for this ebuild to work:
- DNS-over-HTTPS is enabled by default by the build system, so a new local USE 'doh' was added, defaulting on, to control that.  If on, it brings in a dependency on net-libs/nghttp2.

- DNSSEC auto-validation is enabled by default by the build system.  If one's upstream DNS resolvers already perform DNSSEC validation, then this feature may not be desired, so a new local USE 'dnssec-autoval' was added, defaulting on.

- The build system *highly* recommends the use of dev-libs/jemalloc over what a Linux system provides -- it'll emit a big warning if disabled; so a new local USE 'jemalloc' was added, defaulting on.  It adds a dependency to dev-libs/jemalloc, but enforces jemalloc's USE 'lazy-lock' being turned off, otherwise one will get an error like "<jemalloc>: Error in dlsym(RTLD_NEXT, "pthread_create")" when trying to run any of the tool binaries.  I suspect this is a problem in either Bind9 itself or in jemalloc, so an upstream bug probably needs to be filed with one of those, but I am not sure which.

- A new local USE 'fixed-rrset' was added to turn on fixed rrset ordering if desired.  It's an option in FreeBSD's dns/bind-tools port, so it makes sense to offer it as well.

- A new local USE 'moretools' was added to optionally build and install some of the lesser-known tools that Bind9 provides.  This will resolve bug #548124.

- The -DDIG_SIGCHASE append-flags was removed (bug #344029).  I can't find that macro used anywhere in the source code, so I don't think it is needed anymore.

- It isn't possible to exclude Python (or Perl) detection anymore.  There are no switches I can see in ./configure to control those, so the use_enable for Python was removed, but I did not add an explicit dependency on Python, since it's an @system package and should already be present.

- The --with-readline configure switch takes a different set of arguments vs 9.16, so that was adjusted accordingly.

- The fix for bug #151839 is no longer needed, as Bind9 removed SO_BSDCOMPAT socket option usage at some point.

- Passing of AR to the configure and make system was removed.  I ran the compile phase with and without them and couldn't see any noticeable issues.  It looks like 9.18's revamped build system corrected the original issues, but a second set of eyes to review things would be welcome.  Original bug #721030.

- Removed the call to 'tc-export BUILD_CC' as well, for the same reason as removing the AR definitions.  Doesn't seem to be an issue anymore in 9.18.

- Removed the append-cflags of "-D_XOPEN_SOURCE=600" for Solaris CHOSTS.  I checked a Solaris 10 10/13 system and OmniOS system (no Sol11, unfortunately), and neither of them have a "sockets.h" file anywhere.  Either I am missing a package that provides that file or it no longer exists.  On top of that, it looks like 9.18's build system includes this flag entirely on its own.  Could not locate a corresponding Gentoo bug for this fix.

- Moved the "-zrelax=transtls" tweak to be under a Solaris CHOST check.  It appears to be Solaris-specific, but I cannot locate a Gentoo bug to better understand the change.  It was added to the ebuild in bind-tools-9.16.13 (commit f5a526553b12).

- The fix for bug #220361 does not appear to be needed anymore.  There is no "libtool.m4/" subdirectory in the 9.18 source, and building with the shipped aclocal.m4 didn't appear to cause any issues.

- HTML documentation is not possible in 9.18, as there are no make targets defined to generate them.  As such, all USE 'doc' references were removed.  Only manpages are installed now.  There are RST doc files present in the source, but I am uncertain if it is standard to install these directly.

- Running the test phase only has two noteable failures:
  * netmgr_test will fail on tcp_noresponse due to taking too long (300s).  Uncertain as to why.  Could be tied to the note in the ebuild that some tests require network configuration first.  May be related to these two upstream issues:
    https://gitlab.isc.org/isc-projects/bind9/-/issues/4096
    https://gitlab.isc.org/isc-projects/bind9/-/issues/4072
  
  * dispatch_test dispatch_timeout_tcp_response will fail on an assertion; cause unknown, but upstream issue #3089 has a similar assertion failure on DragonFlyBSD:
    https://gitlab.isc.org/isc-projects/bind9/-/issues/3089
> netmgr/netmgr.c:1726: REQUIRE((((handle) != ((void *)0) && ((const isc__magic_t *)(handle))->magic == ((('N') << 24 | ('M') << 16 | ('H') << 8 | ('D')))) && __extension__ ({ __auto_type __atomic_load_ptr = (&(handle)->references); __typeof__ ((void)0, *__atomic_load_ptr) __atomic_load_tmp; __atomic_load (__atomic>
> 

If anyone spots any issues with these changes or notices something I missed, please let me know.