openwrt/package/network/services/dnsmasq/Makefile

162 lines
4.5 KiB
Makefile
Raw Normal View History

2011-02-19 08:50:15 +00:00
#
# Copyright (C) 2006-2016 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
2005-03-21 08:12:49 +00:00
include $(TOPDIR)/rules.mk
PKG_NAME:=dnsmasq
PKG_VERSION:=2.76
dnsmasq: dnssec time handling uses ntpd hotplug Change dnsmasq's dnssec time check handling to use time validity indicated by ntpd rather than maintaining a cross boot/upgrade /etc/dnsmasq.time timestamp file. This saves flash device wear. If ntpd client is configured in uci and you're using dnssec, then dnsmasq will not check dnssec timestamp validity until ntpd hotplug indicates sync via a stratum change. The ntpd hotplug leaves a status flag file to indicate to dnsmasq.init that time is valid and that it should now start in 'check dnssec timestamp valid' mode. If ntpd client is not configured and you're using dnssec, then it is presumed you're using an alternate time sync mechanism and that time is correct, thus dnsmasq checks dnssec timestamps are valid from 1st start. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk> V2 - stratum & step ntp changes indicate time is valid V3 - on initial flag file step signal dnsmasq with SIGHUP if running V4 - only accept step ntp changes. Accepting both stratum & step could result in unpleasant script race conditions V5 - Actually only accepting stratum is the correct thing to do after further testing V6 - improve handling of non busybox ntpd if sysntpd not executable dnsmasq checks dnssec timestamps else sysntp script disabled - look for timestamp file - allows external mechanism to use hotplug flag file sysntp script enabled & uci ntp enabled - look for timestamp file sysntp script enabled & uci ntp disabled - dnsmasq checks dnssec timestamps fi
2016-06-14 10:00:21 +00:00
PKG_RELEASE:=2
2005-03-21 08:12:49 +00:00
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://thekelleys.org.uk/dnsmasq
PKG_MD5SUM:=00f5ee66b4e4b7f14538bf62ae3c9461
PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYING
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
PKG_CONFIG_DEPENDS:=CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dhcpv6 \
CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dnssec \
CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_auth \
CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_ipset \
CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_conntrack
include $(INCLUDE_DIR)/package.mk
define Package/dnsmasq/Default
SECTION:=net
CATEGORY:=Base system
TITLE:=DNS and DHCP server
URL:=http://www.thekelleys.org.uk/dnsmasq/
USERID:=dnsmasq=453:dnsmasq=453
endef
define Package/dnsmasq
$(call Package/dnsmasq/Default)
VARIANT:=nodhcpv6
endef
define Package/dnsmasq-dhcpv6
$(call Package/dnsmasq/Default)
TITLE += (with DHCPv6 support)
DEPENDS:=@IPV6
VARIANT:=dhcpv6
endef
define Package/dnsmasq-full
$(call Package/dnsmasq/Default)
TITLE += (with DNSSEC, DHCPv6, Auth DNS, IPset, Conntrack enabled by default)
DEPENDS:=+PACKAGE_dnsmasq_full_dnssec:libnettle \
+PACKAGE_dnsmasq_full_ipset:kmod-ipt-ipset \
+PACKAGE_dnsmasq_full_conntrack:libnetfilter-conntrack
VARIANT:=full
endef
define Package/dnsmasq/description
It is intended to provide coupled DNS and DHCP service to a LAN.
endef
define Package/dnsmasq-dhcpv6/description
$(call Package/dnsmasq/description)
This is a variant with DHCPv6 support
endef
define Package/dnsmasq-full/description
$(call Package/dnsmasq/description)
This is a fully configurable variant with DHCPv6, DNSSEC, Authoritative DNS and
IPset, Conntrack support enabled by default.
endef
define Package/dnsmasq/conffiles
/etc/config/dhcp
/etc/dnsmasq.conf
endef
define Package/dnsmasq-full/config
if PACKAGE_dnsmasq-full
config PACKAGE_dnsmasq_full_dhcpv6
bool "Build with DHCPv6 support."
depends on IPV6
default y
config PACKAGE_dnsmasq_full_dnssec
bool "Build with DNSSEC support."
default y
config PACKAGE_dnsmasq_full_auth
bool "Build with the facility to act as an authoritative DNS server."
default y
config PACKAGE_dnsmasq_full_ipset
bool "Build with IPset support."
default y
config PACKAGE_dnsmasq_full_conntrack
bool "Build with Conntrack support."
default y
endif
endef
Package/dnsmasq-dhcpv6/conffiles = $(Package/dnsmasq/conffiles)
Package/dnsmasq-full/conffiles = $(Package/dnsmasq/conffiles)
TARGET_CFLAGS += -ffunction-sections -fdata-sections
TARGET_LDFLAGS += -Wl,--gc-sections
COPTS = $(if $(CONFIG_IPV6),,-DNO_IPV6)
ifeq ($(BUILD_VARIANT),nodhcpv6)
COPTS += -DNO_DHCP6
endif
ifeq ($(BUILD_VARIANT),full)
COPTS += $(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dhcpv6),,-DNO_DHCP6) \
$(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_dnssec),-DHAVE_DNSSEC) \
$(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_auth),,-DNO_AUTH) \
$(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_ipset),,-DNO_IPSET) \
$(if $(CONFIG_PACKAGE_dnsmasq_$(BUILD_VARIANT)_conntrack),-DHAVE_CONNTRACK,)
COPTS += $(if $(CONFIG_LIBNETTLE_MINI),-DNO_GMP,)
else
COPTS += -DNO_AUTH -DNO_IPSET
endif
MAKE_FLAGS := \
$(TARGET_CONFIGURE_OPTS) \
CFLAGS="$(TARGET_CFLAGS)" \
LDFLAGS="$(TARGET_LDFLAGS)" \
COPTS="$(COPTS)" \
PREFIX="/usr"
define Package/dnsmasq/install
$(INSTALL_DIR) $(1)/usr/sbin
$(CP) $(PKG_INSTALL_DIR)/usr/sbin/dnsmasq $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_DATA) ./files/dhcp.conf $(1)/etc/config/dhcp
$(INSTALL_DATA) ./files/dnsmasq.conf $(1)/etc/dnsmasq.conf
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/dnsmasq.init $(1)/etc/init.d/dnsmasq
$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
$(INSTALL_DATA) ./files/dnsmasq.hotplug $(1)/etc/hotplug.d/iface/25-dnsmasq
dnsmasq: dnssec time handling uses ntpd hotplug Change dnsmasq's dnssec time check handling to use time validity indicated by ntpd rather than maintaining a cross boot/upgrade /etc/dnsmasq.time timestamp file. This saves flash device wear. If ntpd client is configured in uci and you're using dnssec, then dnsmasq will not check dnssec timestamp validity until ntpd hotplug indicates sync via a stratum change. The ntpd hotplug leaves a status flag file to indicate to dnsmasq.init that time is valid and that it should now start in 'check dnssec timestamp valid' mode. If ntpd client is not configured and you're using dnssec, then it is presumed you're using an alternate time sync mechanism and that time is correct, thus dnsmasq checks dnssec timestamps are valid from 1st start. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk> V2 - stratum & step ntp changes indicate time is valid V3 - on initial flag file step signal dnsmasq with SIGHUP if running V4 - only accept step ntp changes. Accepting both stratum & step could result in unpleasant script race conditions V5 - Actually only accepting stratum is the correct thing to do after further testing V6 - improve handling of non busybox ntpd if sysntpd not executable dnsmasq checks dnssec timestamps else sysntp script disabled - look for timestamp file - allows external mechanism to use hotplug flag file sysntp script enabled & uci ntp enabled - look for timestamp file sysntp script enabled & uci ntp disabled - dnsmasq checks dnssec timestamps fi
2016-06-14 10:00:21 +00:00
$(INSTALL_DIR) $(1)/etc/hotplug.d/ntp
$(INSTALL_DATA) ./files/dnsmasqsec.hotplug $(1)/etc/hotplug.d/ntp/25-dnsmasqsec
endef
Package/dnsmasq-dhcpv6/install = $(Package/dnsmasq/install)
define Package/dnsmasq-full/install
$(call Package/dnsmasq/install,$(1))
ifneq ($(CONFIG_PACKAGE_dnsmasq_full_dnssec),)
$(INSTALL_DIR) $(1)/usr/share/dnsmasq
$(INSTALL_DATA) $(PKG_BUILD_DIR)/trust-anchors.conf $(1)/usr/share/dnsmasq
endif
endef
$(eval $(call BuildPackage,dnsmasq))
$(eval $(call BuildPackage,dnsmasq-dhcpv6))
$(eval $(call BuildPackage,dnsmasq-full))