From wollman@khavrinen.lcs.mit.edu  Sat Aug 26 22:43:47 2000
Return-Path: <wollman@khavrinen.lcs.mit.edu>
Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193])
	by hub.freebsd.org (Postfix) with ESMTP id 8790C37B422
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 26 Aug 2000 22:43:46 -0700 (PDT)
Received: (from wollman@localhost)
	by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id BAA14560;
	Sun, 27 Aug 2000 01:43:46 -0400 (EDT)
	(envelope-from wollman)
Message-Id: <200008270543.BAA14560@khavrinen.lcs.mit.edu>
Date: Sun, 27 Aug 2000 01:43:46 -0400 (EDT)
From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
Reply-To: wollman@khavrinen.lcs.mit.edu
To: FreeBSD-gnats-submit@freebsd.org
Subject: There's no reason not to build DNSsec-DSA
X-Send-Pr-Version: 3.2

>Number:         20881
>Category:       bin
>Synopsis:       There's no reason not to build DNSsec-DSA
>Confidential:   no
>Severity:       non-critical
>Priority:       high
>Responsible:    linimon
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Aug 26 22:50:01 PDT 2000
>Closed-Date:    Sat Jan 26 00:51:15 UTC 2008
>Last-Modified:  Sat Jan 26 00:51:15 UTC 2008
>Originator:     Garrett Wollman
>Release:        FreeBSD 5.0-CURRENT i386
>Organization:
MIT Laboratory for Computer Science
>Environment:

	Irrelevant.

>Description:

	Since FreeBSD now ships with OpenSSL's libcrypto, all the
necessary bits for DNSsec using the DSS and SHA-1 algorithms are
present.  We should enable these, so that people can actually make use
of DNSsec.

>How-To-Repeat:

	dnskeygen -D 1024 -z lcs.mit.edu.
	[oops]

>Fix:

N.B.: this is not `make world' tested, but it does compile standalone.

Index: contrib/bind/lib/dst/eay_dss_link.c
===================================================================
RCS file: /home/ncvs/src/contrib/bind/lib/dst/eay_dss_link.c,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 eay_dss_link.c
--- contrib/bind/lib/dst/eay_dss_link.c	1999/11/30 02:42:33	1.1.1.1
+++ contrib/bind/lib/dst/eay_dss_link.c	2000/08/27 05:08:29
@@ -37,10 +37,10 @@
 
 #include "dst_internal.h"
 
-#include "crypto.h"
-#include "bn.h"
-#include "dsa.h"
-#include "sha.h"
+#include <openssl/crypto.h>
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+#include <openssl/sha.h>
 
 #include "port_after.h"
 
Index: lib/libbind/Makefile
===================================================================
RCS file: /home/ncvs/src/lib/libbind/Makefile,v
retrieving revision 1.5
diff -u -r1.5 Makefile
--- lib/libbind/Makefile	1999/11/30 04:40:54	1.5
+++ lib/libbind/Makefile	2000/08/27 05:07:31
@@ -69,7 +69,7 @@
 .endif
 
 .PATH:	${BIND_DIR}/lib/dst
-CFLAGS+=-DHMAC_MD5 -DUSE_MD5
+CFLAGS+=-DHMAC_MD5 -DUSE_MD5 -DEAY_DSS
 SRCS+=	dst_api.c prandom.c rsaref_link.c support.c bsafe_link.c \
 	cylink_link.c hmac_link.c md5_dgst.c eay_dss_link.c
 
Index: usr.sbin/named/Makefile.inc
===================================================================
RCS file: /home/ncvs/src/usr.sbin/named/Makefile.inc,v
retrieving revision 1.12
diff -u -r1.12 Makefile.inc
--- usr.sbin/named/Makefile.inc	1999/11/30 06:15:34	1.12
+++ usr.sbin/named/Makefile.inc	2000/08/27 05:20:55
@@ -31,8 +31,8 @@
 .endif
 LIBBIND:=	${LIBBINDDIR}/libbind.a
 
-DPADD+=		${LIBBIND}
-LDADD+=		${LIBBIND}
+DPADD+=		${LIBBIND} ${LIBCRYPTO}
+LDADD+=		${LIBBIND} -lcrypto
 
 CLEANFILES+=	tmp_version.c pathnames.h
 CFLAGS+=	-I.



>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->kris 
Responsible-Changed-By: billf 
Responsible-Changed-When: Sun Aug 27 00:54:27 PDT 2000 
Responsible-Changed-Why:  
over to the openssl maintainer 

http://www.freebsd.org/cgi/query-pr.cgi?pr=20881 
Responsible-Changed-From-To: kris->freebsd-bugs 
Responsible-Changed-By: kris 
Responsible-Changed-When: Sat May 10 21:56:01 PDT 2003 
Responsible-Changed-Why:  
I'm not likely to look at this any time soon, release it to let 
someone else take a shot. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=20881 
State-Changed-From-To: open->feedback 
State-Changed-By: linimon 
State-Changed-When: Sat Jan 26 00:09:52 UTC 2008 
State-Changed-Why:  
Garrett, this PR is ancient; is it still relevant? 


Responsible-Changed-From-To: freebsd-bugs->linimon 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Sat Jan 26 00:09:52 UTC 2008 
Responsible-Changed-Why:  
track. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=20881 
State-Changed-From-To: feedback->closed 
State-Changed-By: linimon 
State-Changed-When: Sat Jan 26 00:51:02 UTC 2008 
State-Changed-Why:  
Submitter notes that this is OBE. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=20881 
>Unformatted:
