6 files changed, 210 insertions, 0 deletions
diff --git a/pcr/opendnssec/LICENSE b/pcr/opendnssec/LICENSE
new file mode 100644
index 000000000..5700d408a
--- /dev/null
+++ b/pcr/opendnssec/LICENSE
@@ -0,0 +1,56 @@
+/*
+ * Copyright (c) 2009 Nominet UK. All rights reserved.
+ * Copyright (c) 2010 .SE (The Internet Infrastructure Foundation).
+ * Copyright (c) 2009 NLNet Labs.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
+ * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
+ * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+ * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ *  Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ *  Permission to use, copy, modify, and distribute this software for any
+ *  purpose with or without fee is hereby granted, provided that the above
+ *  copyright notice and this permission notice appear in all copies.
+ *
+ *  THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ *  WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ *  MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ *  ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ *  WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ *  ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ *  OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* pkcs11.h
+   Copyright 2006, 2007 g10 Code GmbH
+   Copyright 2006 Andreas Jellinghaus
+
+   This file is free software; as a special exception the author gives
+   unlimited permission to copy and/or distribute it, with or without
+   modifications, as long as this notice is preserved.
+
+   This file is distributed in the hope that it will be useful, but
+   WITHOUT ANY WARRANTY, to the extent permitted by law; without even
+   the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+   PURPOSE.  */
+\ No newline at end of file
diff --git a/pcr/opendnssec/PKGBUILD b/pcr/opendnssec/PKGBUILD
new file mode 100644
index 000000000..065a1ec68
--- /dev/null
+++ b/pcr/opendnssec/PKGBUILD
@@ -0,0 +1,77 @@
+# Maintainer: Javier Torres <javitonino [at] gmail [dot] com>
+
+pkgname=opendnssec
+pkgver=1.4.0
+pkgrel=3
+pkgdesc="Turn-key solution for DNSSEC (sqlite3)"
+arch=('i686' 'x86_64' 'mips64el')
+url="http://www.opendnssec.org/"
+license=('BSD')
+depends=('libxml2' 'ldns' 'sqlite3' 'softhsm')
+backup=("etc/opendnssec/conf.xml"
+        "etc/opendnssec/kasp.xml"
+        "etc/opendnssec/zonelist.xml")
+install="opendnssec.install"
+source=("http://www.opendnssec.org/files/source/${pkgname}-${pkgver}.tar.gz"{,.sig}
+        "pid-path.patch"
+        "ods-signer.service"
+        "ods-enforcer.service")
+sha256sums=('36d4926dcdf351a527ad7600b151ab6cc56d0a472a7eb8871eecd70afef9e101'
+            'SKIP'
+            '487a4c05a07feb97c865ddc4c13d00eea6ce8b2b1e5031983c15484f4991ebed'
+            '1a8cdec0e97a33048956268b766da570f8f7a90d05af59e547219f1381832071'
+            '75cecbfb0ece13957a68a5bc39c20a1d69b95373e7473545d70621e1732733d8')
+
+prepare() {
+  cd "${srcdir}/${pkgname}-${pkgver}"
+  # /var/lib/run -> /var/run
+  patch -p0 -i "${srcdir}/pid-path.patch"
+
+  aclocal
+  autoconf
+  automake --add-missing
+}
+
+build() {
+  cd "${srcdir}/${pkgname}-${pkgver}"
+
+  ./configure --prefix=/usr \
+              --datarootdir=/usr/share \
+              --localstatedir=/var/lib \
+              --sysconfdir=/etc \
+              --with-pkcs11-softhsm=/usr/lib/libsofthsm.so \
+              --sbindir=/usr/bin
+
+  # Create the correct (/var/run/opendnssec) directory
+  sed -i \
+  -e "s/\$(INSTALL) -d \$(DESTDIR)\$(localstatedir)\/run\/opendnssec/#Removed/" \
+  -e "s/\$(INSTALL) -d \$(DESTDIR)\$(localstatedir)\/run/\$(INSTALL) -d \$(DESTDIR)\$(OPENDNSSEC_PID_DIR)/" \
+  Makefile
+
+  make
+}
+
+package() {
+  cd "${srcdir}/${pkgname}-${pkgver}"
+
+  install -d "${pkgdir}/var/run/opendnssec"
+
+  make DESTDIR="${pkgdir}" install
+
+  install -d "${pkgdir}/etc/rc.d"
+  install -Dm0644 "${srcdir}/ods-signer.service" \
+        "${pkgdir}/usr/lib/systemd/system/ods-signer.service"
+  install -Dm0644 "${srcdir}/ods-enforcer.service" \
+        "${pkgdir}/usr/lib/systemd/system/ods-enforcer.service"
+  install -Dm0644 "LICENSE" \
+        "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+  install -Dm0644 "enforcer/utils/migrate_adapters_1.sqlite3" \
+        "${pkgdir}/usr/share/opendnssec"
+
+  chown -R 227:227 "${pkgdir}/etc/opendnssec" \
+                   "${pkgdir}/var/lib/opendnssec" \
+                   "${pkgdir}/var/run/opendnssec" 
+  chmod 750 "${pkgdir}/etc/opendnssec" \
+            "${pkgdir}/var/lib/opendnssec" \
+            "${pkgdir}/var/run/opendnssec" 
+}
diff --git a/pcr/opendnssec/ods-enforcer.service b/pcr/opendnssec/ods-enforcer.service
new file mode 100644
index 000000000..f0d0050d0
--- /dev/null
+++ b/pcr/opendnssec/ods-enforcer.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=OpenDNSSEC Enforcer
+After=syslog.target network.target
+
+[Service]
+Type=forking
+PIDFile=/run/opendnssec/enforcerd.pid
+ExecStart=/usr/bin/ods-control enforcer start
+ExecStop=/usr/bin/ods-control enforcer stop
+
+[Install]
+WantedBy=multi-user.target
+
diff --git a/pcr/opendnssec/ods-signer.service b/pcr/opendnssec/ods-signer.service
new file mode 100644
index 000000000..26cc03481
--- /dev/null
+++ b/pcr/opendnssec/ods-signer.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=OpenDNSSEC Signer
+After=syslog.target nerwork.target
+
+[Service]
+Type=forking
+PIDFile=/run/opendnssec/signerd.pid
+ExecStart=/usr/bin/ods-control signer start
+ExecStop=/usr/bin/ods-control signer stop
+
+[Install]
+WantedBy=multi-user.target
+
diff --git a/pcr/opendnssec/opendnssec.install b/pcr/opendnssec/opendnssec.install
new file mode 100644
index 000000000..0c74659ee
--- /dev/null
+++ b/pcr/opendnssec/opendnssec.install
@@ -0,0 +1,27 @@
+post_install() {
+    if [ -z "`grep '^opendnssec:' /etc/group`" ]; then
+        groupadd -g 227 opendnssec
+    fi
+    if [ -z "`grep '^opendnssec:' /etc/passwd`" ]; then
+        useradd -u 227 -d /var/lib/opendnssec -g opendnssec -s /bin/false opendnssec
+    fi
+
+    echo ">> You need an HSM implementation (try softhsm)"
+}
+
+
+post_upgrade() {
+    post_install $1
+    OLD=$(echo $2 | sed "s/\(.*\)\.\(.*\)\.\(.*\)/\1\.\2/g")
+    NEW=$(echo $1 | sed "s/\(.*\)\.\(.*\)\.\(.*\)/\1\.\2/g")
+    if [ $OLD != "1.4" -a $NEW == "1.4" ]; then
+        echo ">> NOTICE: UPGRADE TO 1.4"
+        echo "This update requires upgrading the database"
+        echo "Run /usr/share/opendnssec/migrate_adapters_1.sqlite3 on your kasp database"
+	echo "e.g: sqlite3 kasp.db < /usr/share/opendnssec/migrate_adapters_1.sqlite3"
+    fi
+}
+
+post_remove() {
+    userdel opendnssec
+}
diff --git a/pcr/opendnssec/pid-path.patch b/pcr/opendnssec/pid-path.patch
new file mode 100644
index 000000000..88c750cf2
--- /dev/null
+++ b/pcr/opendnssec/pid-path.patch
@@ -0,0 +1,24 @@
+--- Makefile.am	2012-07-17 08:53:51.000000000 +0200
++++ Makefile.am	2012-11-20 21:56:11.000000000 +0100
+@@ -30,8 +30,8 @@
+ 	$(INSTALL) -d $(DESTDIR)$(localstatedir)/opendnssec/signconf
+ 	$(INSTALL) -d $(DESTDIR)$(localstatedir)/opendnssec/unsigned
+ 	$(INSTALL) -d $(DESTDIR)$(localstatedir)/opendnssec/signed
+-	$(INSTALL) -d $(DESTDIR)$(localstatedir)/run
+-	$(INSTALL) -d $(DESTDIR)$(localstatedir)/run/opendnssec
++	$(INSTALL) -d $(DESTDIR)/var/run
++	$(INSTALL) -d $(DESTDIR)/var/run/opendnssec
+ 
+ docs:
+ 	(cd libhsm; $(MAKE) doxygen)
+--- m4/opendnssec_common.m4	2012-11-01 11:56:59.000000000 +0100
++++ m4/opendnssec_common.m4	2012-11-20 21:52:56.000000000 +0100
+@@ -19,7 +19,7 @@
+ OPENDNSSEC_DATA_DIR=$full_datadir/opendnssec
+ OPENDNSSEC_SYSCONF_DIR=$full_sysconfdir/opendnssec
+ OPENDNSSEC_LOCALSTATE_DIR="$full_localstatedir/opendnssec"
+-OPENDNSSEC_PID_DIR="$full_localstatedir/run/opendnssec"
++OPENDNSSEC_PID_DIR="/var/run/opendnssec"
+ 
+ AC_SUBST([OPENDNSSEC_BIN_DIR])
+ AC_SUBST([OPENDNSSEC_SBIN_DIR])