diff options
Diffstat (limited to 'net-dns')
| -rw-r--r-- | net-dns/Manifest.gz | bin | 7873 -> 7872 bytes | |||
| -rw-r--r-- | net-dns/dnsdist/Manifest | 3 | ||||
| -rw-r--r-- | net-dns/dnsdist/dnsdist-1.9.8-r2.ebuild (renamed from net-dns/dnsdist/dnsdist-1.9.8-r1.ebuild) | 5 | ||||
| -rw-r--r-- | net-dns/dnsdist/files/1.9.8-fix-compat-with-boost-lockfree-1.87.0.patch | 90 | ||||
| -rw-r--r-- | net-dns/unbound/Manifest | 1 | ||||
| -rw-r--r-- | net-dns/unbound/unbound-1.22.0-r1.ebuild | 218 |
6 files changed, 315 insertions, 2 deletions
diff --git a/net-dns/Manifest.gz b/net-dns/Manifest.gz Binary files differindex c71859d82c82..fbd6a4dc3c60 100644 --- a/net-dns/Manifest.gz +++ b/net-dns/Manifest.gz diff --git a/net-dns/dnsdist/Manifest b/net-dns/dnsdist/Manifest index 64aef0c0824a..f821684c964c 100644 --- a/net-dns/dnsdist/Manifest +++ b/net-dns/dnsdist/Manifest @@ -1,3 +1,4 @@ +AUX 1.9.8-fix-compat-with-boost-lockfree-1.87.0.patch 4001 BLAKE2B 71faa8197304662847af92d634bedc14bea66fd7f031e9c9dc05e547fcf57004c90b125a50db51c56619159c5ff1673303fabcaf3593efe2946e5b98a3006260 SHA512 7ec3c9ee392a498b0903ed221969dd13850d8db782e81c67673590fb21b44e7b23d2649d0726af7fbdc0153456de0c8c62cf3201849900d61ba171aaed747bcf AUX 1.9.8-quiche-0.23.patch 2511 BLAKE2B 716c858f51be62eccba712feb9ec6c22080ce78667d8ff65c0ebae46e00746da6af1961b718be3c5545f6ded877b23c065f4c12023531ce7a31e6480339b3ee7 SHA512 8ebc9eba5b33dd11e0ed7cfaee7c98efa1209af60bd930871f207db8575a6e76fc1786b10219439f5ce2110b9ab3e6cd6bf3a0dcecd53c715c7f966612a52e56 AUX dnsdist.conf.example 524 BLAKE2B e9d140129dfbd276d1fb927d73bee4e4c29920ae70d587765ea5d432f02694b1a8583340c2e14e191bbdf5ddd5b921274cb2336c3520839d7cfe6f399a4d6c26 SHA512 385bee5725d927feb50fc0f40cd48cd365a495e39c0d947aa53dc454d84b7fe3806cd1d206056c96d111e7251db2cda27570ff8154c70bed145d37bc7d1db01d AUX dnsdist.confd 266 BLAKE2B c201b0aa3599ea7606e998348d777796ff391f3d4b0e46744160298456c86a9d9bbf65d1a339c0c13db4c796efb7c3adba01110882542fe501c735c9dd190f92 SHA512 935afc768ae56d017f6dee8bed7a3e92615055a0d4d2ae9980afef1b8f353da0e8bd6e20b914602e50b116ad33ef17ba05535b225af8b8da9ad005694edc071f @@ -5,5 +6,5 @@ AUX dnsdist.initd 1337 BLAKE2B e2619182674439be6942a0a936208326c12cfc2839bba4fd6 DIST dnsdist-1.9.6.tar.bz2 1598874 BLAKE2B adb56707bb768ceae974cd9b725d2bf1f4beaa6e3edc6ede22a7d93920214614f10c82d71dbb773741f56dff04e0f0aa26dc0a0e2d5d405bee89d8ada1130303 SHA512 8d0c88336864b788df320298678e2a8556d7c4ff468ec1b4165b87c2fe5c6c167a2c75cdd2df433346fac12694d8e39d30910b8d1d4be7f35d9e0d85edd5ef5a DIST dnsdist-1.9.8.tar.bz2 1593902 BLAKE2B 854344eb6b82f98001171830715fe5cf564628405b4c79c07b43fccdbca0a4c9da7e527a748bc2972261a32ed9c51582eac2e6fdbef5c25bd71b161318a62155 SHA512 b89bc1ba62a2cf009a305a71eaa2553810d6d5f25f71098cb34acd86bfe5632e5f9f4b5ce057ea93665f1f5dd65e6a3d67fa364e8cecf0b648559c73061baddd EBUILD dnsdist-1.9.6.ebuild 2710 BLAKE2B 5148ee3d8471495e0b4aec5a69078afc2f4a931c1c223270b31b59ec98a26ba1dc27dcdc5b264e0bb6978d0f3bd8488c58cbbb18db43d691b0edd307833bb7cd SHA512 3ff14d72f3faf0f828c763b7cd980f51f5390fc34fb3d182cdaec49e2b611e8e0e4104a80dc6b3ee05c92b87cd47da42dad8ccd1733b66f9b0367280def31900 -EBUILD dnsdist-1.9.8-r1.ebuild 2816 BLAKE2B b9905719b8a60b10a421ab15319315bce05f32bdf8f6f263b9be7bb086b24750d90aa846a16fdf982a88a5d476b740b5aead909027a6e3c61158c95361a981b1 SHA512 995b8d9a777bfec1e75fb426eec6855be9ba684ed897f17976f871c70f95ead7766b8931a19038b287c011387826eb4a72f2e7193ac156e71fa9c84f8718c120 +EBUILD dnsdist-1.9.8-r2.ebuild 2882 BLAKE2B 43e9a0fa5b6f8c3fcd389a4845c45cc1b125382bbce3b56180f7f3263297671520efdfb143bc81488137bddf82885f9fe95af6a82a27747f63f9944f4bf463ec SHA512 407d7aa4a764a61dba34eb3d86cd1dd36040371b1740d97913f741c213d0a625588e203aa14c5e68d829d3dc083218c98468269ad5bfb50272f46fbcd353f812 MISC metadata.xml 1861 BLAKE2B c160b636f744acabe9ee303a60f8170bb5474d70e58b858e5585eb60e41b5b9d80f4e6cb8f49304b6ec7f11d0378332f8b9ebdd79d06d6d62cc9299b40e5e4ed SHA512 c034972452c33b6ded417772883af3d91f9b7f8f364fc9536337c91dbb23971592be082e8acac59d03b4b28779c081386e881085c5941b19d95ba3b3c544c65a diff --git a/net-dns/dnsdist/dnsdist-1.9.8-r1.ebuild b/net-dns/dnsdist/dnsdist-1.9.8-r2.ebuild index b51d68a3dba2..bebf3ec0d2ed 100644 --- a/net-dns/dnsdist/dnsdist-1.9.8-r1.ebuild +++ b/net-dns/dnsdist/dnsdist-1.9.8-r2.ebuild @@ -49,7 +49,10 @@ RDEPEND="acct-group/dnsdist DEPEND="${RDEPEND}" BDEPEND="virtual/pkgconfig" -PATCHES=( "${FILESDIR}/1.9.8-quiche-0.23.patch" ) +PATCHES=( + "${FILESDIR}/1.9.8-quiche-0.23.patch" + "${FILESDIR}/1.9.8-fix-compat-with-boost-lockfree-1.87.0.patch" +) src_prepare() { default diff --git a/net-dns/dnsdist/files/1.9.8-fix-compat-with-boost-lockfree-1.87.0.patch b/net-dns/dnsdist/files/1.9.8-fix-compat-with-boost-lockfree-1.87.0.patch new file mode 100644 index 000000000000..69b03b1047df --- /dev/null +++ b/net-dns/dnsdist/files/1.9.8-fix-compat-with-boost-lockfree-1.87.0.patch @@ -0,0 +1,90 @@ +Patch from: https://github.com/PowerDNS/pdns/pull/15181 +Fixed file paths for dnsdist tarball. + +Signed-off-by: Holger Hoffstätte <holger@applied-asynchrony.com> + +From: Remi Gacogne <remi.gacogne@powerdns.com> +Date: Mon, 10 Feb 2025 11:24:28 +0100 +Subject: [PATCH] dnsdist-1.9.x: Fix compatibility with boost::lockfree >= 1.87.0 + +In https://github.com/boostorg/lockfree/pull/90 `boost::lockfree::spsc_queue` +introduced moved semantics, which is great, but added restrictions +to the callback functor that did not exist before, breaking the API. +This PR fixes that by updating our callbacks to expect an object +instead of a reference. + +(cherry picked from commit 05543aed8ccff2270a65d3f9b75e6e9d894b8b45) +--- + dnsdist-xsk.cc | 6 +++--- + xsk.cc | 4 ++-- + xsk.hh | 4 ++-- + 3 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/dnsdist-xsk.cc b/dnsdist-xsk.cc +index 7e83c510093e..dcbd79459796 100644 +--- a/dnsdist-xsk.cc ++++ b/dnsdist-xsk.cc +@@ -48,7 +48,7 @@ void XskResponderThread(std::shared_ptr<DownstreamState> dss, std::shared_ptr<Xs + if ((pollfds[0].revents & POLLIN) != 0) { + needNotify = true; + xskInfo->cleanSocketNotification(); +- xskInfo->processIncomingFrames([&](XskPacket& packet) { ++ xskInfo->processIncomingFrames([&](XskPacket packet) { + if (packet.getDataLen() < sizeof(dnsheader)) { + xskInfo->markAsFree(packet); + return; +@@ -167,7 +167,7 @@ void XskRouter(std::shared_ptr<XskSocket> xsk) + if ((fds.at(fdIndex).revents & POLLIN) != 0) { + ready--; + const auto& info = xsk->getWorkerByDescriptor(fds.at(fdIndex).fd); +- info->processOutgoingFrames([&](XskPacket& packet) { ++ info->processOutgoingFrames([&](XskPacket packet) { + if ((packet.getFlags() & XskPacket::UPDATE) == 0) { + xsk->markAsFree(packet); + return; +@@ -202,7 +202,7 @@ void XskClientThread(ClientState* clientState) + while (!xskInfo->hasIncomingFrames()) { + xskInfo->waitForXskSocket(); + } +- xskInfo->processIncomingFrames([&](XskPacket& packet) { ++ xskInfo->processIncomingFrames([&](XskPacket packet) { + if (XskProcessQuery(*clientState, holders, packet)) { + packet.updatePacket(); + xskInfo->pushToSendQueue(packet); +diff --git a/xsk.cc b/xsk.cc +index 5851f1b9b79e..d246a1d72e83 100644 +--- a/xsk.cc ++++ b/xsk.cc +@@ -1185,7 +1185,7 @@ bool XskWorker::hasIncomingFrames() + return d_incomingPacketsQueue.read_available() != 0U; + } + +-void XskWorker::processIncomingFrames(const std::function<void(XskPacket& packet)>& callback) ++void XskWorker::processIncomingFrames(const std::function<void(XskPacket packet)>& callback) + { + if (d_type == Type::OutgoingOnly) { + throw std::runtime_error("Looking for incoming packets in an outgoing-only XSK Worker"); +@@ -1194,7 +1194,7 @@ void XskWorker::processIncomingFrames(const std::function<void(XskPacket& packet + d_incomingPacketsQueue.consume_all(callback); + } + +-void XskWorker::processOutgoingFrames(const std::function<void(XskPacket& packet)>& callback) ++void XskWorker::processOutgoingFrames(const std::function<void(XskPacket packet)>& callback) + { + d_outgoingPacketsQueue.consume_all(callback); + } +diff --git a/xsk.hh b/xsk.hh +index 2f3e7c372e35..ff36be5ecd96 100644 +--- a/xsk.hh ++++ b/xsk.hh +@@ -312,8 +312,8 @@ public: + void pushToProcessingQueue(XskPacket& packet); + void pushToSendQueue(XskPacket& packet); + bool hasIncomingFrames(); +- void processIncomingFrames(const std::function<void(XskPacket& packet)>& callback); +- void processOutgoingFrames(const std::function<void(XskPacket& packet)>& callback); ++ void processIncomingFrames(const std::function<void(XskPacket packet)>& callback); ++ void processOutgoingFrames(const std::function<void(XskPacket packet)>& callback); + void markAsFree(const XskPacket& packet); + // notify worker that at least one packet is available for processing + void notifyWorker() const; diff --git a/net-dns/unbound/Manifest b/net-dns/unbound/Manifest index d327f11c7350..72a636028d75 100644 --- a/net-dns/unbound/Manifest +++ b/net-dns/unbound/Manifest @@ -15,5 +15,6 @@ DIST unbound-1.22.0.tar.gz 6682466 BLAKE2B 28cf5c6c5e29d4026beb33e8a17b012d1185a DIST unbound-1.22.0.tar.gz.asc 833 BLAKE2B 02e582f5c77d8aee1a19ebb67ab081972461c298983f407d3e1d4daf6d771f087b95a19c93b7368cb3d76c350e40c3b886088d5772d5c259d0f2672a8f009153 SHA512 afbf5a125f104a25576b1c416b32f68d715b41a025fc3a61e6ee3bc28f9988b4277c7f0dd188c51cbe5641f51ade20f740ea131d1a7b5db38e2d1462a9edbb69 EBUILD unbound-1.19.3.ebuild 6499 BLAKE2B cd4b63183a3c40ae340466593ad65f59b528951b18111e053d49e71826bcff4b7b2cf0d5e92e9597557cc76c08c64bcaadd004224101f2169f6bddda37ed5de6 SHA512 9d2dbf869631feb4b663743e3e243f922ead89501420bc5baeb533ff60f3a6a418836aca62558e69bcb76c27fd16372c3246e80468a6000aaf10085752d86d14 EBUILD unbound-1.20.0.ebuild 6499 BLAKE2B cd4b63183a3c40ae340466593ad65f59b528951b18111e053d49e71826bcff4b7b2cf0d5e92e9597557cc76c08c64bcaadd004224101f2169f6bddda37ed5de6 SHA512 9d2dbf869631feb4b663743e3e243f922ead89501420bc5baeb533ff60f3a6a418836aca62558e69bcb76c27fd16372c3246e80468a6000aaf10085752d86d14 +EBUILD unbound-1.22.0-r1.ebuild 6505 BLAKE2B 162cecf432fb64dcb3e2604cdc42170f2174c53cf9de3e8b3fbe4dfe6aaedf0786f0bf12cb0496e782382cb49b546eb7d8fc2a1caadf9cd52cd76502e31d4af2 SHA512 f659730f6c672da7d18b049756dad49a41c217b0a3f86978580eed39586508cc4aa3ba61841ac50b97d9b26d7958d682341dddd0ecc97680ae6341e9f290a633 EBUILD unbound-1.22.0.ebuild 6499 BLAKE2B f63c49b112dde18a3f3d85139ee15462ca4525b02a4e10f663b69ae576b1c11b3677cbc29f7836ee6c66333dd59bc652c6d100f9a4b51f14d2b7ce26c930e45b SHA512 3cb41567fbea4474a260d6b8a550a553a6cb132517224d1dd102d7a10ef2bcdc1a89fdd2338a61d56e4f58d2485fce0490972d1552b218e0dbe1aaf17449e379 MISC metadata.xml 1475 BLAKE2B d0e34f4ba056c090af979f2686d5dece53a554c7ea7612fee1991ce6838ce161359bd8405d6358c5e184b6721affeee5d6e1bd93095b92765cd38dba928daa5b SHA512 8fba72eba420d4c06fb3a9119c3f324c5679fe268b65fac23878ef15f3c3d784d372874c7d6428d1c7c2eb3a75380ad2e4d5fc1691e7c2d1b426b8cfa381222b diff --git a/net-dns/unbound/unbound-1.22.0-r1.ebuild b/net-dns/unbound/unbound-1.22.0-r1.ebuild new file mode 100644 index 000000000000..dd04e5af8bfb --- /dev/null +++ b/net-dns/unbound/unbound-1.22.0-r1.ebuild @@ -0,0 +1,218 @@ +# Copyright 1999-2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..13} ) +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/unbound.net.asc +inherit autotools flag-o-matic multilib-minimal python-single-r1 systemd verify-sig + +MY_P=${PN}-${PV/_/} +DESCRIPTION="A validating, recursive and caching DNS resolver" +HOMEPAGE="https://unbound.net/ https://nlnetlabs.nl/projects/unbound/about/" +SRC_URI=" + https://nlnetlabs.nl/downloads/unbound/${MY_P}.tar.gz + verify-sig? ( https://nlnetlabs.nl/downloads/unbound/${MY_P}.tar.gz.asc ) +" +S="${WORKDIR}"/${MY_P} + +LICENSE="BSD GPL-2" +SLOT="0/8" # ABI version of libunbound.so +if [[ ${PV} != *_rc* ]] ; then + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86" +fi +IUSE="debug dnscrypt dnstap +ecdsa ecs gost +http2 python redis selinux static-libs systemd test +tfo threads" +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" +RESTRICT="!test? ( test )" + +# Note: expat is needed by executable only but the Makefile is custom +# and doesn't make it possible to easily install the library without +# the executables. MULTILIB_USEDEP may be dropped once build system +# is fixed. +DEPEND=" + acct-group/unbound + acct-user/unbound + >=dev-libs/expat-2.1.0-r3[${MULTILIB_USEDEP}] + >=dev-libs/libevent-2.0.21:0=[${MULTILIB_USEDEP}] + >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] + dnscrypt? ( dev-libs/libsodium:=[${MULTILIB_USEDEP}] ) + dnstap? ( + dev-libs/fstrm[${MULTILIB_USEDEP}] + >=dev-libs/protobuf-c-1.0.2-r1:=[${MULTILIB_USEDEP}] + ) + ecdsa? ( + dev-libs/openssl:0[-bindist(-)] + ) + http2? ( net-libs/nghttp2:=[${MULTILIB_USEDEP}] ) + python? ( ${PYTHON_DEPS} ) + redis? ( dev-libs/hiredis:= ) + systemd? ( sys-apps/systemd ) +" +BDEPEND=" + virtual/pkgconfig + python? ( dev-lang/swig ) + test? ( + net-libs/ldns[examples(-)] + dev-util/splint + app-text/wdiff + ) + verify-sig? ( sec-keys/openpgp-keys-unbound ) +" +RDEPEND=" + ${DEPEND} + net-dns/dnssec-root + selinux? ( sec-policy/selinux-bind ) +" + +QA_CONFIG_IMPL_DECL_SKIP=( + ioctlsocket # not on Linux (bug #900060) +) + +PATCHES=( + "${FILESDIR}"/${PN}-1.5.7-trust-anchor-file.patch + "${FILESDIR}"/${PN}-1.6.3-pkg-config.patch + "${FILESDIR}"/${PN}-1.10.1-find-ar.patch +) + +pkg_setup() { + use python && python-single-r1_pkg_setup +} + +src_prepare() { + default + + eautoreconf + + # Required for the python part + multilib_copy_sources +} + +src_configure() { + [[ ${CHOST} == *-darwin* ]] || append-ldflags -Wl,-z,noexecstack + multilib-minimal_src_configure +} + +multilib_src_configure() { + local myeconfargs=( + $(multilib_native_use_enable debug) + $(multilib_native_use_enable gost) + $(multilib_native_use_enable dnscrypt) + $(multilib_native_use_enable dnstap) + $(multilib_native_use_enable ecdsa) + $(multilib_native_use_enable ecs subnet) + $(multilib_native_use_enable redis cachedb) + $(multilib_native_use_enable static-libs static) + $(multilib_native_use_enable systemd) + $(multilib_native_use_with python pythonmodule) + $(multilib_native_use_with python pyunbound) + $(multilib_native_use_with threads pthreads) + $(multilib_native_use_with http2 libnghttp2) + $(multilib_native_use_enable tfo tfo-client) + $(multilib_native_use_enable tfo tfo-server) + + --disable-flto + --disable-rpath + --enable-event-api + --enable-ipsecmod + + --with-libevent="${ESYSROOT}"/usr + $(multilib_native_usex redis --with-libhiredis="${ESYSROOT}/usr" --without-libhiredis) + + --with-pidfile="${EPREFIX}"/run/unbound.pid + --with-rootkey-file="${EPREFIX}"/etc/dnssec/root-anchors.txt + --with-ssl="${ESYSROOT}"/usr + --with-libexpat="${ESYSROOT}"/usr + + # http://unbound.nlnetlabs.nl/pipermail/unbound-users/2011-April/001801.html + # $(use_enable debug lock-checks) + # $(use_enable debug alloc-checks) + # $(use_enable debug alloc-lite) + # $(use_enable debug alloc-nonregional) + ) + + econf "${myeconfargs[@]}" +} + +multilib_src_install() { + emake DESTDIR="${D}" install + systemd_dounit contrib/unbound.service + systemd_dounit contrib/unbound.socket +} + +multilib_src_install_all() { + use python && python_optimize + + newinitd "${FILESDIR}"/unbound-r1.initd unbound + newconfd "${FILESDIR}"/unbound-r1.confd unbound + + systemd_newunit "${FILESDIR}"/unbound_at.service "unbound@.service" + systemd_dounit "${FILESDIR}"/unbound-anchor.service + + dodoc doc/{README,CREDITS,TODO,Changelog,FEATURES} + + # bug #315519 + dodoc contrib/unbound_munin_ + + docinto selinux + dodoc contrib/selinux/* + + exeinto /usr/share/${PN} + doexe contrib/update-anchor.sh + + # Create space for auto-trust-anchor-file... + keepdir /etc/unbound/var + fowners root:unbound /etc/unbound/var + fperms 0770 /etc/unbound/var + # ... and point example config to it + sed -i \ + -e '/# auto-trust-anchor-file:/s,/etc/dnssec/root-anchors.txt,/etc/unbound/var/root-anchors.txt,' \ + "${ED}/etc/unbound/unbound.conf" \ + || die + + # Used to store cache data + keepdir /var/lib/${PN} + fowners root:unbound /var/lib/${PN} + fperms 0770 /var/lib/${PN} + + find "${ED}" -name '*.la' -delete || die + if ! use static-libs ; then + find "${ED}" -name "*.a" -delete || die + fi +} + +pkg_postinst() { + if [[ ! -f "${EROOT}/etc/unbound/unbound_control.key" ]]; then + einfo "Trying to create unbound control key ..." + if ! unbound-control-setup &>/dev/null ; then + ewarn "Failed to create unbound control key!" + fi + fi + + if [[ ! -f "${EROOT}/etc/unbound/var/root-anchors.txt" ]]; then + einfo "" + einfo "If you want unbound to automatically update the root-anchor file for DNSSEC validation" + einfo "set 'auto-trust-anchor-file: ${EROOT}/etc/unbound/var/root-anchors.txt' in ${EROOT}/etc/unbound/unbound.conf" + einfo "and run" + einfo "" + einfo " su -s /bin/sh -c '${EROOT}/usr/sbin/unbound-anchor -a ${EROOT}/etc/unbound/var/root-anchors.txt' unbound" + einfo "" + einfo "as root to create it initially before starting unbound for the first time after enabling this." + einfo "" + fi + + # Our user is not available on prefix + use prefix && return + + local _perm_check_testfile=$(mktemp --dry-run "${EPREFIX}"/etc/unbound/var/.pkg_postinst-perm-check.XXXXXXXXX) + su -s /bin/sh -c "touch ${_perm_check_testfile}" unbound &>/dev/null + if [[ $? -ne 0 ]]; then + ewarn "WARNING: unbound user cannot write to \"${EPREFIX}/etc/unbound/var\"!" + ewarn "Run the following commands to restore default permission:" + ewarn "" + ewarn " chown root:unbound ${EPREFIX}/etc/unbound/var" + ewarn " chmod 0770 ${EPREFIX}/etc/unbound/var" + else + # Cleanup -- no reason to die here! + rm -f "${_perm_check_testfile}" + fi +} |