[v9_11] Make bullseye the base image (!5671) · Merge requests · ISC Open Source Projects / BIND

Michal Nowak requested to merge mnowak/make-debian-11-bullseye-base-image-v9_11 into v9_11 Dec 23, 2021

"buster" jobs are now only going to be run in scheduled pipelines.

"--without-gssapi" ./configure option of "bullseye" before it became the base image is dropped from "bullseye"-the-base-image because it reduces gcov coverage by 0.38 % (651 lines) and is used in Debian 9 "stretch".

"--enable-openssl-hash" is on purpose not being tested because it fails linking when either of --with-ecdsa, --with-gost, --with-eddsa, or --with-aes is used as well because it can't find f.e. HMAC_CTX_new() as "-lcrypto" is missing:

/usr/bin/ld: ../../lib/isc/libisc.a(hmacmd5.o): in function `isc_hmacmd5_init':
/root/bind9/lib/isc/hmacmd5.c:49: undefined reference to `HMAC_CTX_new'
/usr/bin/ld: /root/bind9/lib/isc/hmacmd5.c:51: undefined reference to `EVP_md5'
/usr/bin/ld: /root/bind9/lib/isc/hmacmd5.c:51: undefined reference to `HMAC_Init_ex'

BIND 9.11 is in security-fixes-only-mode and configure.ac code should not be fixed to include "-lcrypto" in this corner case; better eliminate a pairwise hint.

[v9_11] Make bullseye the base image

Merge request reports