--- /dev/null
+Compiling PowerDNS
+==================
+
+PowerDNS can be compiled with modules built in, or with modules designed to be loaded at runtime.
+All that is configured before compiling using the well known autoconf/automake system::
+
+ tar xf pdns-VERSION.tar.bz2
+ cd pdns-VERSION
+ ./configure --with-modules=$MODULES --with-dynmodules=$DYNMODULES
+ make
+ make install
+
+To compile in modules, specify them as ``--with-modules='mod1 mod2 mod3'``, substituting the desired module names.
+See each :doc:`backend specific documentation <../backends/index>` for the module names.
+Each backend has a module name that you look up in this table.
+
+To compile a module for inclusion at runtime, which is great if you are a unix vendor, use ``--with-dynmodules='mod1 mod2 mod3'``.
+These modules then end up as .so files in the compiled ``libdir``.
+
+By default, the :doc:`bind <../../backends/bind>`, :doc:`mysql <../../backends/generic-mysql>` and :doc:`random <../../backends/random>` are compiled into the binary. The :doc:`pipe <../../backends/pipe>` is, by default, compiled as a runtime loadable module.
+
+Getting the sources
+-------------------
+
+There are 3 ways of getting the source.
+
+If you want the bleeding edge, you can clone the `repository at GitHub <https://github.com/PowerDNS/pdns>`__ and run ``./bootstrap`` in the clone.
+
+You can also download snapshot tarballs `here <https://downloads.powerdns.com/autobuilt_browser/#/auth>`__.
+
+You can also download releases on the `website <https://downloads.powerdns.com/releases/>`__.
+These releases are PGP-signed with one of these key-ids:
+
+* `FBAE 0323 821C 7706 A5CA 151B DCF5 13FA 7EED 19F3 <https://pgp.mit.edu/pks/lookup?op=get&search=0xDCF513FA7EED19F3>`_
+* `1628 90D0 689D D12D D33E 4696 1C5E E990 D2E7 1575 <https://pgp.mit.edu/pks/lookup?op=get&search=0x1C5EE990D2E71575>`_
+* `B76C D467 1C09 68BA A87D E61C 5E50 715B F2FF E1A7 <https://pgp.mit.edu/pks/lookup?op=get&search=0x5E50715BF2FFE1A7>`_
+* `16E1 2866 B773 8C73 976A 5743 6FFC 3343 9B0D 04DF <https://pgp.mit.edu/pks/lookup?op=get&search=0x6FFC33439B0D04DF>`_
+
+Dependencies
+------------
+
+To build the PowerDNS Authoritative Server, a C++ compiler with support for C++ 2011 is required.
+This means gcc 4.9 and newer and clang 3.5 and newer.
+Furthermore, the Makefiles require GNU make, not BSD make.
+
+By default, the PowerDNS Authoritative Server requires the following libraries and headers:
+
+* `Boost <http://boost.org/>`_ 1.35 or newer
+* `OpenSSL <https://openssl.org>`_
+
+To build from git, the following dependencies are also required:
+
+* `ragel <http://www.colm.net/open-source/ragel/>`_
+* `bison <https://www.gnu.org/software/bison/>`_
+* `flex <https://github.com/westes/flex>`_
+* `virtualenv <https://pypi.python.org/pypi/virtualenv>`_
+
+Optional dependencies
+---------------------
+
+Several options that can be passed to ``./configure`` can enable and disable different features.
+These will require additional dependencies
+
+ed25519 support with libsodium
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The PowerDNS Recursor can link with `libsodium <https://download.libsodium.org/doc/>`_ to support ed25519 (DNSSEC algorithm 15).
+To detect libsodium, use the ``--enable-libsodium`` configure option.
+
+ed25519 and ed448 support with libdecaf
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+`libdecaf <https://sourceforge.net/projects/ed448goldilocks/>`_ is a library that allows the PowerDNS Recursor to support ed25519 and Ed448 (DNSSEC algorithms 15 and 16).
+To detect libsodium, use the ``--enable-libsodium`` configure option.
+
+systemd notify support
+^^^^^^^^^^^^^^^^^^^^^^
+
+During configure, ``configure`` will attempt to detect the availability of `systemd or systemd-daemon <https://freedesktop.org/wiki/Software/systemd/>`_ headers.
+To force the use of systemd (and failing configure if the headers do not exist), use ``--enable-systemd``.
+To set the directory where the unit files should be installed, use ``--with-systemd=/path/to/unit/dir``.
+
--- /dev/null
+Cryptographic software and export control
+=========================================
+In certain legal climates, PowerDNS might potentially require an export control status, particularly since PowerDNS software contains cryptographic primitives.
+
+PowerDNS does not itself implement any cryptographic algorithms but relies on third party implementations of AES, RSA, ECDSA, GOST, MD5 and various SHA-based hashing algorithms.
+
+Starting with 4.0.0, PowerDNS will link in hash and cryptographic primitives from the open source `OpenSSL <https://openssl.org/>`_ library.
+
+Optionally, PowerDNS can link in a copy of the open source `Botan <http://botan.randombits.org/>`_ cryptographic library.
+
+Optionally, PowerDNS can link in a copy of the open source `Sodium <https://libsodium.org/>`_ library.
+
+Specific United States Export Control Notes
+-------------------------------------------
+PowerDNS is not "US Origin" software.
+For re-export, like most open source, publicly available "mass market" projects, PowerDNS is considered to be governed by section 740.13(e) of the US EAR, "Unrestricted encryption source code", under which PowerDNS source code would be considered re-exportable from the US without an export license under License Exception TSU (Technology and Software - Unrestricted).
+
+Like most open source projects containing some encryption, the ECCN that best fits PowerDNS software is 5D002.
+
+The official link to the publicly available source code is `http://downloads.powerdns.com/releases`.
+
+If absolute certainty is required, we recommend consulting an expert in US Export Control, or asking the BIS for confirmation.
projects / pdns / commitdiff