Merge pull request #106 from zonemaster/develop

Merge develop branch into master branch as part of release of v2019.2

.gitmodules

@@ -1,3 +1,3 @@
 [submodule "ldns"]
 	path = ldns
-	url = https://git.nlnetlabs.nl/ldns
+	url = https://github.com/NLnetLabs/ldns.git

.travis.yml

@@ -1,14 +1,24 @@
+dist: bionic
+
 env:
 - TEST_WITH_NETWORK=1
 
 language: perl
 perl:
+    - "5.30"
     - "5.28"
     - "5.26"
     - "5.24"
     - "5.22"
-    - "5.20"
     - "5.16"
 
-# Install configure-time dependencies
-before_install: cpanm --quiet --notest Devel::CheckLib Module::Install Module::Install::XSUtil
+before_install:
+    - eval $(curl https://travis-perl.github.io/init)
+    - sudo apt-get install -y libidn11-dev
+    - cpan-install --deps Devel::CheckLib Module::Install Module::Install::XSUtil
+
+install:
+    - cpanm --verbose --notest --configure-args="--no-ed25519" .
+
+script:
+    - prove -bl $(test-files)

Changes

@@ -1,13 +1,28 @@
 Release history for Zonemaster component Zonemaster-LDNS
 
+
+2.1.0 2020-04-30
+
+ [Features]
+ - Updated to use libldns 1.7.0 or 1.7.1 (#85)
+ - Support for Ed25519 (algorithm 15) added (#85, #51, #84)
+ - Allow specifying which OpenSSL library to use (#97)
+
+ [Fixed]
+ - Exclude more ldns files from MANIFEST (#92)
+ - Fixing links and table of contents in main README.md (#94)
+ - Exclude LDNS.bs from distribution file (#101, #95)
+ - Eliminated locale dependency from unit test (#102, #103)
+
+
 2.0.1 2019-05-21
 
 - Removed
-  - Ubuntu 14.04 is no longer supported
+  - Ubuntu 14.04 is no longer supported (#74)
 
 - Changed
-  - inc::Module::install is no longer bundled
-  - Dependency declarations have been cleaned up
+  - inc::Module::install is no longer bundled (#72)
+  - Dependency declarations have been cleaned up (#73)
 
 
 2.0.0 2019-01-25 (pre-release version)

MANIFEST.SKIP

@@ -2,6 +2,7 @@
 \.lo$
 ^MANIFEST\.SKIP$
 ^\.travis\.yml$
+^LDNS.bs$
 
 # Avoid the dist tarball
 ^Zonemaster-LDNS-.*\.tar\.gz$
@@ -39,6 +40,7 @@
 ^ldns/doc/
 ^ldns/drill/
 ^ldns/examples/
+^ldns/.gitlab-ci.yml
 ^ldns/ldns/\.c-mode-rc.el$
 ^ldns/ldns/common\.h$
 ^ldns/ldns/config\.h$
@@ -56,13 +58,15 @@
 ^ldns/m4/ltversion\.m4$
 ^ldns/m4/lt~obsolete\.m4$
 ^ldns/makedist\.sh$
+^ldns/makewin.sh
 ^ldns/masterdont/
 ^ldns/packaging/fedora/ldns\.spec$
 ^ldns/packaging/ldns-config$
 ^ldns/packaging/ldns-config\.1$
 ^ldns/packaging/libldns\.pc$
 ^ldns/pcat/
 ^ldns/test/
+^ldns/.travis.yml
 
 # Avoid C files generated from XS
 ^src/LDNS\.c$

Makefile.PL

@@ -14,13 +14,17 @@ all_from 'lib/Zonemaster/LDNS.pm';
 repository 'https://github.com/zonemaster/zonemaster-ldns';
 bugtracker 'https://github.com/zonemaster/zonemaster-ldns/issues';
 
-my $opt_randomize     = 0;
-my $opt_idn           = 1;
-my $opt_internal_ldns = 1;
+my $opt_ed25519        = 1;
+my $opt_idn            = 1;
+my $opt_internal_ldns  = 1;
+my $opt_randomize      = 0;
+my $opt_prefix_openssl = "";
 GetOptions(
-    'randomize!'     => \$opt_randomize,
-    'idn!'           => \$opt_idn,
-    'internal-ldns!' => \$opt_internal_ldns,
+    'ed25519!'         => \$opt_ed25519,
+    'idn!'             => \$opt_idn,
+    'internal-ldns!'   => \$opt_internal_ldns,
+    'randomize!'       => \$opt_randomize,
+    'prefix-openssl=s' => \$opt_prefix_openssl,
 );
 
 configure_requires 'Devel::CheckLib';
@@ -31,29 +35,69 @@ test_requires 'Test::Fatal';
 test_requires 'Test::More' => 1.302015;
 
 use_ppport 3.19;
-cc_libs 'crypto';
 cc_include_paths 'include';
 cc_src_paths 'src';
 
+
+# OpenSSL
+
+my %assert_lib_args_openssl;
+if ( $opt_prefix_openssl ) {
+    print "Custom prefix for OpenSSL: $opt_prefix_openssl\n";
+    cc_include_paths "$opt_prefix_openssl/include";
+    cc_libs "-L$opt_prefix_openssl/lib", "crypto";
+    $assert_lib_args_openssl{incpath} = "$opt_prefix_openssl/include";
+    $assert_lib_args_openssl{libpath} = "$opt_prefix_openssl/lib";
+}
+else {
+    cc_libs 'crypto';
+}
+
+cc_assert_lib(
+    lib      => 'crypto',
+    header   => 'openssl/crypto.h',
+    function => 'if(SSLeay()) return 0; else return 1;',
+    %assert_lib_args_openssl,
+);
+if ( $opt_ed25519 ) {
+    print "Feature Ed25519 enabled\n";
+    cc_assert_lib(
+        lib      => 'crypto',
+        header   => 'openssl/evp.h',
+        function => 'EVP_PKEY_ED25519; return 0;',
+        %assert_lib_args_openssl,
+    );
+}
+else {
+    print "Feature Ed25519 disabled\n";
+}
+
+
+# LDNS
+
 if ( $opt_internal_ldns ) {
+    print "Feature internal ldns enabled\n";
     cc_libs '-Lldns/lib';
     cc_include_paths 'ldns';
-    print "Feature internal ldns enabled\n";
 }
 else {
-    cc_libs 'ldns';
     print "Feature internal ldns disabled\n";
+    cc_libs 'ldns';
+    if ( $opt_ed25519 ) {
+        cc_assert_lib(
+            lib      => 'ldns',
+            header   => 'ldns/ldns.h',
+            ccflags  => '-DUSE_ED25519',
+            function => 'if(LDNS_ED25519) return 0; else return 1;'
+        );
+    }
 }
 
-my %assert_args = (
-    lib      => 'crypto',
-    header   => 'openssl/crypto.h',
-    function => 'if(SSLeay()) return 0; else return 1;'
-);
 
-cc_assert_lib %assert_args;
+# IDN
 
 if ( $opt_idn ) {
+    print "Feature idn enabled\n";
     check_lib_or_exit(
         lib    => 'idn',
         header => 'idna.h',
@@ -62,22 +106,61 @@ if ( $opt_idn ) {
     );
     cc_libs 'idn';
     cc_define '-DWE_CAN_HAZ_IDN';
-    print "Feature idn enabled\n";
 }
 else {
     print "Feature idn disabled\n";
 }
 
+
+# Internals
+
 if ( $opt_randomize ) {
-    cc_define '-DRANDOMIZE';
     print "Feature randomized capitalization enabled\n";
+    cc_define '-DRANDOMIZE';
 }
 else {
     print "Feature randomized capitalization disabled\n";
 }
 
+
 sub MY::postamble {
 
+    my $contributors_make = <<'END_CONTRIBUTORS';
+
+CONTRIBUTORS.txt:
+	@( \
+	echo "This module is based on the ldns library from NLnet Labs <https://www.nlnetlabs.nl/projects/ldns/>" ; \
+    echo ; \
+	echo "Contributors to this module:" ; \
+	git shortlog -sne | cut -b8- \
+	) >| CONTRIBUTORS.txt
+
+END_CONTRIBUTORS
+
+    my $configure_flags_make = <<'END_CONFIGURE_FLAGS';
+
+CONFIGURE_FLAGS += --disable-ldns-config --disable-dane
+
+END_CONFIGURE_FLAGS
+
+    my $openssl_make = <<END_ED25519;
+
+CONFIGURE_FLAGS += --with-ssl=$opt_prefix_openssl
+
+END_ED25519
+
+    my $ed25519_make = <<'END_ED25519';
+
+CONFIGURE_FLAGS += --enable-ed25519
+
+END_ED25519
+
+    my $no_ed25519_make = <<'END_NO_ED25519';
+
+CONFIGURE_FLAGS += --disable-ed25519
+
+END_NO_ED25519
+
     my $internal_ldns_make = <<'END_INTERNAL_LDNS';
 
 LDFROM += ldns/.libs/libldns.a
@@ -86,32 +169,28 @@ config :: ldns/.libs/libldns.a
 
 ldns/.libs/libldns.a: ldns/configure
 	cd ldns ;\
-	./configure CFLAGS=-fPIC --disable-ldns-config --disable-dane ;\
+	./configure CFLAGS=-fPIC $(CONFIGURE_FLAGS) ;\
 	make lib
 
 ldns/configure:
-	git submodule update --init
+	git submodule init
+	git submodule sync
+	git submodule update
 	cd ldns ; libtoolize -ci
 	cd ldns ; autoreconf -fi
 
 END_INTERNAL_LDNS
 
-    my $contributors_make = <<'END_CONTRIBUTORS';
-
-CONTRIBUTORS.txt:
-	@( \
-	echo "This module is based on the ldns library from NLnet Labs <https://www.nlnetlabs.nl/projects/ldns/>" ; \
-    echo ; \
-	echo "Contributors to this module:" ; \
-	git shortlog -sne | cut -b8- \
-	) >| CONTRIBUTORS.txt
-
-END_CONTRIBUTORS
-
     my $postamble = '';
 
     $postamble .= $contributors_make;
-    $postamble .= $internal_ldns_make if $opt_internal_ldns;
+    if ( $opt_internal_ldns ) {
+        $postamble .= $configure_flags_make;
+        $postamble .= $openssl_make if $opt_prefix_openssl;
+        $postamble .= $ed25519_make if $opt_ed25519;
+        $postamble .= $no_ed25519_make if !$opt_ed25519;
+        $postamble .= $internal_ldns_make;
+    }
 
     return $postamble;
 }

README.md

@@ -11,8 +11,9 @@ Zonemaster LDNS
   * [Post-installation sanity check](#post-installation-sanity-check)
   * [Testing](#testing)
 * [Optional features](#optional-features)
-  * [IDN](#idn)
-  * [Internal ldns](#internal-ldns)
+  * [Ed25519]
+  * [IDN]
+  * [Internal ldns]
   * [Randomized capitalization](#randomized-capitalization)
 
 
@@ -29,9 +30,9 @@ Initially this module was named Net::LDNS.
 ## Dependencies and compatibility
 
 Run-time dependencies:
- * `openssl`
+ * `openssl` (openssl >= 1.1.1 unless [Ed25519] is disabled)
  * `libidn` (if [IDN] is enabled)
- * `libldns` (if [Internal ldns] is disabled)
+ * `libldns` (if [Internal ldns] is disabled; libldns >= 1.7.0, or libldns >= 1.7.1 if [Ed25519] is enabled)
 
 Compile-time dependencies (only when installing from source):
  * `make`
@@ -96,6 +97,18 @@ When installing from source, you can choose to enable or disable a number
 of optional features using command line options to the `perl Makefile.PL`
 commands.
 
+### Ed25519
+
+Enabled by default.
+Disabled with `--no-ed25519`
+
+Requires support for Ed25519 in both openssl and ldns.
+
+>
+> *Note:* Zonemaster Engine relies on this feature for its analysis when Ed25519
+> (algorithm 15) is being used in DNS records.
+>
+
 ### IDN
 
 Enabled by default.
@@ -132,5 +145,23 @@ Enable with `--randomize`.
 Randomizes the capitalization of returned domain names.
 
 
+### Custom OpenSSL
+
+Disabled by default.
+Enabled with `--prefix-openssl=/path/to/openssl`.
+
+Enabling this makes the build tools look for OpenSSL in a non-standard place.
+
+Technically this does two things:
+ * Libcrypto is sought in the `lib` directory under the given directory.
+ * The `include` directory under the given directory is added to the include
+   path.
+
+> **Note:** The `lib` directory under the given path must be known to the
+> dynamic linker or feature checks will fail.
+
+
 [IDN]: #idn
 [Internal ldns]: #internal-ldns
+[Ed25519]: #ed25519
+

lib/Zonemaster/LDNS.pm

@@ -2,7 +2,7 @@ package Zonemaster::LDNS;
 
 use 5.014;
 
-our $VERSION = '2.0.1';
+our $VERSION = '2.1.0';
 
 use parent 'Exporter';
 our @EXPORT_OK = qw[to_idn has_idn ldns_version load_zonefile];

t/idn.t

@@ -25,6 +25,6 @@ is_deeply(
     'Many encoded right'
 );
 
-like( exception { to_idn( "ö" x 63 ) }, qr/Punycode/, 'Boom today' );
+like( exception { to_idn( "ö" x 63 ) }, qr/Punycode/i, 'Boom today' );
 
 done_testing;