On Mon, Sep 03, 2007 at 05:00:32PM +0200, Martin Kraemer wrote: > On one of our platforms, the latest resolver library is libbind > (from BIND-9.4.1-P1 with --enable-libbind), while the system's > libresolv is much older. WOuld it not be preferable to use a > recent lib (libbind) instead of an older (less capable and less > secure) one?
What leads to the assumption that a OS-provided libresolv is less capable/secure than a (non-OS-provied?) libbind? In general I would say it's not preferable; using system libraries in preference to third-party libraries makes for better-reproducible and -reusable builds. Building with LIBS=-lbind should avoid use of libresolve with the existing code, in any case. joe > The patch is something like... > diff -burp httpd-2.2.6-rHEAD.orig/srclib/apr/configure.in > work/httpd-2.2.6-rHE! > --- httpd-2.2.6-rHEAD.orig/srclib/apr/configure.in 2006-09-22 > 22:26:50.00! > +++ httpd-2.2.6-rHEAD/srclib/apr/configure.in 2007-08-31 13:41:03.001335000 > ! > @@ -2021,6 +2021,6 @@ AC_SUBST(have_ipv6) > # hstrerror is only needed if IPv6 is not enabled, > # so getaddrinfo/gai_strerror are not used. > if test $have_ipv6 = 0; then > - AC_SEARCH_LIBS(hstrerror, resolv, > + AC_SEARCH_LIBS(hstrerror, bind resolv, > [AC_DEFINE(HAVE_HSTRERROR, 1, [Define if hstrerror is present])]) > fi > > Martin > -- > <[EMAIL PROTECTED]> | Fujitsu Siemens > http://www.fujitsu-siemens.com/imprint.html | 81730 Munich, Germany
