From owner-svn-ports-branches@freebsd.org  Wed May 27 12:48:57 2020
Return-Path: <owner-svn-ports-branches@freebsd.org>
Delivered-To: svn-ports-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id C5655331D7D;
 Wed, 27 May 2020 12:48:57 +0000 (UTC)
 (envelope-from tagattie@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 49X9cn4tk2z4K7L;
 Wed, 27 May 2020 12:48:57 +0000 (UTC)
 (envelope-from tagattie@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 88B1914CF1;
 Wed, 27 May 2020 12:48:57 +0000 (UTC)
 (envelope-from tagattie@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 04RCmvc9049324;
 Wed, 27 May 2020 12:48:57 GMT (envelope-from tagattie@FreeBSD.org)
Received: (from tagattie@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id 04RCmtmU049315;
 Wed, 27 May 2020 12:48:55 GMT (envelope-from tagattie@FreeBSD.org)
Message-Id: <202005271248.04RCmtmU049315@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: tagattie set sender to
 tagattie@FreeBSD.org using -f
From: Hiroki Tagato <tagattie@FreeBSD.org>
Date: Wed, 27 May 2020 12:48:55 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-branches@freebsd.org
Subject: svn commit: r536692 - in branches/2020Q2/dns/powerdns-recursor: .
 files
X-SVN-Group: ports-branches
X-SVN-Commit-Author: tagattie
X-SVN-Commit-Paths: in branches/2020Q2/dns/powerdns-recursor: . files
X-SVN-Commit-Revision: 536692
X-SVN-Commit-Repository: ports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-branches@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: SVN commit messages for all the branches of the ports tree
 <svn-ports-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-branches>, 
 <mailto:svn-ports-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-branches/>
List-Post: <mailto:svn-ports-branches@freebsd.org>
List-Help: <mailto:svn-ports-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-branches>, 
 <mailto:svn-ports-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 27 May 2020 12:48:57 -0000

Author: tagattie
Date: Wed May 27 12:48:55 2020
New Revision: 536692
URL: https://svnweb.freebsd.org/changeset/ports/536692

Log:
  MFH: r536690
  
  - Update to 4.3.1
  - Mark broken on i386
  - Updated hostnamemax patch
  
  PR:		246655
  Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)
  Approved by:	ehaupt (mentor)
  Security:	f9c5a410-9b4e-11ea-ac3f-6805ca2fa271
  Changelog:	https://doc.powerdns.com/recursor/changelog/4.3.html#change-4.3.1
  
  Approved by:	ports-secteam (joneum)

Added:
  branches/2020Q2/dns/powerdns-recursor/files/patch-hostnamemax   (contents, props changed)
  branches/2020Q2/dns/powerdns-recursor/files/patch-pdns_recursor.cc   (contents, props changed)
Deleted:
  branches/2020Q2/dns/powerdns-recursor/files/extrapatch-setuid
  branches/2020Q2/dns/powerdns-recursor/files/patch-pdns_dns__random.cc
Modified:
  branches/2020Q2/dns/powerdns-recursor/Makefile
  branches/2020Q2/dns/powerdns-recursor/distinfo
  branches/2020Q2/dns/powerdns-recursor/files/patch-configure
  branches/2020Q2/dns/powerdns-recursor/files/patch-dnsname.hh
  branches/2020Q2/dns/powerdns-recursor/files/pdns-recursor.in
  branches/2020Q2/dns/powerdns-recursor/files/pkg-message.in
  branches/2020Q2/dns/powerdns-recursor/pkg-descr
  branches/2020Q2/dns/powerdns-recursor/pkg-plist

Modified: branches/2020Q2/dns/powerdns-recursor/Makefile
==============================================================================
--- branches/2020Q2/dns/powerdns-recursor/Makefile	Wed May 27 12:25:16 2020	(r536691)
+++ branches/2020Q2/dns/powerdns-recursor/Makefile	Wed May 27 12:48:55 2020	(r536692)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	recursor
-DISTVERSION=	4.2.1
+DISTVERSION=	4.3.1
 CATEGORIES=	dns
 MASTER_SITES=	http://downloads.powerdns.com/releases/
 PKGNAMEPREFIX=	powerdns-
@@ -12,9 +12,11 @@ MAINTAINER=	tremere@cainites.net
 COMMENT=	Advanced DNS recursor
 
 LICENSE=	GPLv2
+LICENSE_FILE=	${WRKSRC}/COPYING
 
 BROKEN_armv6=	fails to compile: use of overloaded operator << is ambiguous
 BROKEN_armv7=	fails to compile: use of overloaded operator << is ambiguous
+BROKEN_i386=	crashes on startup (SIGSEGV)
 BROKEN_sparc64=	fails to compile: json11.cpp: undefined reference to std::__throw_out_of_range_fmt
 
 BUILD_DEPENDS=	${LOCALBASE}/include/boost/shared_ptr.hpp:devel/boost-libs
@@ -34,20 +36,17 @@ CONFIGURE_ARGS=	--sysconfdir=${PREFIX}/etc/pdns \
 
 SUB_FILES=	pkg-message
 
-OPTIONS_DEFINE=		LUAJIT SETUID
-OPTIONS_DEFAULT=	SETUID
+USERS=		pdns_recursor
+GROUPS=		pdns
 
+OPTIONS_DEFINE=	LUAJIT
+
 LUAJIT_DESC=	Use LuaJIT instead of Lua
-SETUID_DESC=	Run as pdns_recursor user
 
 LUAJIT_LIB_DEPENDS=	libluajit-5.1.so.2:lang/luajit-openresty
 LUAJIT_USES_OFF=	lua
 LUAJIT_CONFIGURE_ON=	--with-lua=luajit
 
-SETUID_EXTRA_PATCHES=	${PATCHDIR}/extrapatch-setuid
-SETUID_VARS=		GROUPS=pdns \
-			USERS=pdns_recursor
-
 .include <bsd.port.pre.mk>
 
 .if ${OPSYS} == FreeBSD && ${OSVERSION} < 1200085 && ${SSL_DEFAULT} != openssl
@@ -56,5 +55,8 @@ CONFIGURE_ARGS+=	--enable-libdecaf \
 LIB_DEPENDS+=		libdecaf.so:security/libdecaf \
 			libsodium.so:security/libsodium
 .endif
+
+post-install:
+	@${MKDIR} ${STAGEDIR}/var/run/pdns-recursor
 
 .include <bsd.port.post.mk>

Modified: branches/2020Q2/dns/powerdns-recursor/distinfo
==============================================================================
--- branches/2020Q2/dns/powerdns-recursor/distinfo	Wed May 27 12:25:16 2020	(r536691)
+++ branches/2020Q2/dns/powerdns-recursor/distinfo	Wed May 27 12:48:55 2020	(r536692)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1575887223
-SHA256 (pdns-recursor-4.2.1.tar.bz2) = 8d8c3235cc5281f0fc51946129f22758778f4c50bfda095d5856feb4c756891f
-SIZE (pdns-recursor-4.2.1.tar.bz2) = 1318022
+TIMESTAMP = 1589879472
+SHA256 (pdns-recursor-4.3.1.tar.bz2) = 54230852fcad3c6291651069c383f7ea88c5d29ce3c561decb2f40a063f52fd9
+SIZE (pdns-recursor-4.3.1.tar.bz2) = 1334817

Modified: branches/2020Q2/dns/powerdns-recursor/files/patch-configure
==============================================================================
--- branches/2020Q2/dns/powerdns-recursor/files/patch-configure	Wed May 27 12:25:16 2020	(r536691)
+++ branches/2020Q2/dns/powerdns-recursor/files/patch-configure	Wed May 27 12:48:55 2020	(r536692)
@@ -1,6 +1,6 @@
---- configure.orig	2019-05-17 10:25:29 UTC
+--- configure.orig	2020-05-08 09:56:25 UTC
 +++ configure
-@@ -19350,8 +19350,10 @@ fi
+@@ -21467,8 +21467,10 @@ fi
              { $as_echo "$as_me:${as_lineno-$LINENO}: checking for openssl/crypto.h in $ssldir" >&5
  $as_echo_n "checking for openssl/crypto.h in $ssldir... " >&6; }
              if test -f "$ssldir/include/openssl/crypto.h"; then

Modified: branches/2020Q2/dns/powerdns-recursor/files/patch-dnsname.hh
==============================================================================
--- branches/2020Q2/dns/powerdns-recursor/files/patch-dnsname.hh	Wed May 27 12:25:16 2020	(r536691)
+++ branches/2020Q2/dns/powerdns-recursor/files/patch-dnsname.hh	Wed May 27 12:48:55 2020	(r536692)
@@ -1,6 +1,6 @@
---- dnsname.hh.orig	2019-01-31 19:43:44 UTC
+--- dnsname.hh.orig	2020-05-08 09:31:59 UTC
 +++ dnsname.hh
-@@ -30,7 +30,7 @@
+@@ -33,7 +33,7 @@
  #include <boost/version.hpp>
  
  // it crashes on OSX and doesn't compile on OpenBSD
@@ -9,7 +9,7 @@
  #include <boost/container/string.hpp>
  #endif
  
-@@ -135,7 +135,7 @@ class DNSName (public)
+@@ -138,7 +138,7 @@ class DNSName (public)
    inline bool canonCompare(const DNSName& rhs) const;
    bool slowCanonCompare(const DNSName& rhs) const;  
  

Added: branches/2020Q2/dns/powerdns-recursor/files/patch-hostnamemax
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2020Q2/dns/powerdns-recursor/files/patch-hostnamemax	Wed May 27 12:48:55 2020	(r536692)
@@ -0,0 +1,90 @@
+diff --git misc.cc misc.cc
+index f9248af42a..5cb4dbe812 100644
+--- misc.cc
++++ misc.cc
+@@ -57,6 +57,7 @@
+ #include <sys/types.h>
+ #include <pwd.h>
+ #include <grp.h>
++#include <limits.h>
+ #ifdef __FreeBSD__
+ #  include <pthread_np.h>
+ #endif
+@@ -1563,3 +1564,39 @@ bool setPipeBufferSize(int fd, size_t size)
+   return false;
+ #endif /* F_SETPIPE_SZ */
+ }
++
++static size_t getMaxHostNameSize()
++{
++#if defined(HOST_NAME_MAX)
++  return HOST_NAME_MAX;
++#endif
++
++#if defined(_SC_HOST_NAME_MAX)
++  auto tmp = sysconf(_SC_HOST_NAME_MAX);
++  if (tmp != -1) {
++    return tmp;
++  }
++#endif
++
++  /* _POSIX_HOST_NAME_MAX */
++  return 255;
++}
++
++std::string getCarbonHostName()
++{
++  std::string hostname;
++  hostname.resize(getMaxHostNameSize() + 1, 0);
++
++  if (gethostname(const_cast<char*>(hostname.c_str()), hostname.size()) != 0) {
++    throw std::runtime_error(stringerror());
++  }
++
++  auto pos = hostname.find(".");
++  if (pos != std::string::npos) {
++    hostname.resize(pos);
++  }
++
++  boost::replace_all(hostname, ".", "_");
++
++  return hostname;
++}
+diff --git misc.hh misc.hh
+index 4bd9439a87..795e8ec855 100644
+--- misc.hh
++++ misc.hh
+@@ -607,3 +607,5 @@ bool isSettingThreadCPUAffinitySupported();
+ int mapThreadToCPUList(pthread_t tid, const std::set<int>& cpus);
+ 
+ std::vector<ComboAddress> getResolvers(const std::string& resolvConfPath);
++
++std::string getCarbonHostName();
+diff --git rec-carbon.cc rec-carbon.cc
+index 4e0cedb00f..458a25d5ca 100644
+--- rec-carbon.cc
++++ rec-carbon.cc
+@@ -32,17 +32,13 @@ try
+   if(namespace_name.empty()) {
+     namespace_name="pdns";
+   }
+-  if(hostname.empty()) {
+-    char tmp[HOST_NAME_MAX+1];
+-    memset(tmp, 0, sizeof(tmp));
+-    if (gethostname(tmp, sizeof(tmp)) != 0) {
+-      throw std::runtime_error("The 'carbon-ourname' setting has not been set and we are unable to determine the system's hostname: " + stringerror());
++  if (hostname.empty()) {
++    try {
++      hostname = getCarbonHostName();
++    }
++    catch(const std::exception& e) {
++      throw std::runtime_error(std::string("The 'carbon-ourname' setting has not been set and we are unable to determine the system's hostname: ") + e.what());
+     }
+-    char *p = strchr(tmp, '.');
+-    if(p) *p=0;
+-
+-    hostname=tmp;
+-    boost::replace_all(hostname, ".", "_");    
+   }
+   if(instance_name.empty()) {
+     instance_name="recursor";

Added: branches/2020Q2/dns/powerdns-recursor/files/patch-pdns_recursor.cc
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2020Q2/dns/powerdns-recursor/files/patch-pdns_recursor.cc	Wed May 27 12:48:55 2020	(r536692)
@@ -0,0 +1,17 @@
+--- pdns_recursor.cc.orig	2020-05-08 09:31:59 UTC
++++ pdns_recursor.cc
+@@ -4640,12 +4640,12 @@ int main(int argc, char **argv)
+ #define SYSTEMD_SETID_MSG ". When running inside systemd, use the User and Group settings in the unit-file!"
+         SYSTEMD_SETID_MSG
+ #endif
+-        )="";
++        )="pdns";
+     ::arg().set("setuid","If set, change user id to this uid for more security"
+ #ifdef HAVE_SYSTEMD
+         SYSTEMD_SETID_MSG
+ #endif
+-        )="";
++        )="pdns_recursor";
+     ::arg().set("network-timeout", "Wait this number of milliseconds for network i/o")="1500";
+     ::arg().set("threads", "Launch this number of threads")="2";
+     ::arg().set("distributor-threads", "Launch this number of distributor threads, distributing queries to other threads")="0";

Modified: branches/2020Q2/dns/powerdns-recursor/files/pdns-recursor.in
==============================================================================
--- branches/2020Q2/dns/powerdns-recursor/files/pdns-recursor.in	Wed May 27 12:25:16 2020	(r536691)
+++ branches/2020Q2/dns/powerdns-recursor/files/pdns-recursor.in	Wed May 27 12:48:55 2020	(r536692)
@@ -1,11 +1,11 @@
 #!/bin/sh
 #
-# $$
+# $FreeBSD$
 #
 
 # PROVIDE: pdns_recursor
-# REQUIRE: SERVERS cleanvar
-# BEFORE:  DAEMON
+# REQUIRE: NETWORKING
+# BEFORE: SERVERS
 # KEYWORD: shutdown
 
 #
@@ -22,16 +22,15 @@
 name=pdns_recursor
 rcvar=pdns_recursor_enable
 
-command=%%PREFIX%%/sbin/pdns_recursor
-command_args="--daemon=yes"
+load_rc_config ${name}
 
-# set defaults
-
 pdns_recursor_enable=${pdns_recursor_enable:-"NO"}
 pdns_recursor_conf=${pdns_recursor_conf:-"%%PREFIX%%/etc/pdns/recursor.conf"}
+required_files=${pdns_recursor_conf}
 
-load_rc_config ${name}
+pidfile=/var/run/pdns-recursor/${name}.pid
 
-required_files=${pdns_recursor_conf}
+command=%%PREFIX%%/sbin/${name}
+command_args="--daemon"
 
 run_rc_command "$1"

Modified: branches/2020Q2/dns/powerdns-recursor/files/pkg-message.in
==============================================================================
--- branches/2020Q2/dns/powerdns-recursor/files/pkg-message.in	Wed May 27 12:25:16 2020	(r536691)
+++ branches/2020Q2/dns/powerdns-recursor/files/pkg-message.in	Wed May 27 12:48:55 2020	(r536692)
@@ -1,8 +1,9 @@
 [
 { type: install
   message: <<EOM
- If you want to use the powerdns recursor,
+ If you want to use the PowerDNS Recursor,
  you need the following line in /etc/rc.conf(.local)
+ or in /etc/rc.conf.d/pdns_recursor
 
     pdns_recursor_enable="YES"
 

Modified: branches/2020Q2/dns/powerdns-recursor/pkg-descr
==============================================================================
--- branches/2020Q2/dns/powerdns-recursor/pkg-descr	Wed May 27 12:25:16 2020	(r536691)
+++ branches/2020Q2/dns/powerdns-recursor/pkg-descr	Wed May 27 12:48:55 2020	(r536692)
@@ -1,4 +1,23 @@
-PowerDNS recursor is a high performance, simple and secure recursing
-nameserver. It currently powers over two million internet connections.
+The PowerDNS Recursor is a high-end, high-performance resolving
+name server which powers the DNS resolution of at least a hundred
+million subscribers. Utilizing multiple processors and supporting
+the same powerful scripting ability of the Authoritative Server,
+the Recursor delivers top performance while retaining the flexibility
+modern DNS deployments require:
 
-WWW: https://www.powerdns.com
+ * IPv4, UDP/TCP
+ * IPv6, UDP/TCP, 100% compliant
+ * Remotely pollable statistics for real time graphing
+ * Full support for all relevant standards
+ * Advanced anti-spoofing measures
+ * Reconfiguration without downtime
+ * Plain BIND zone files for "resolved hosting"
+ * Internal Lua-based scripted answer generation
+ * Question interception, answer reconditioning, NXDOMAIN redirection
+   - Including 'block lists' and security measures
+ * API for direct control (rec_control)
+   - Local and remote access
+ * DNS Response Policy Zones (RPZ)
+ * DNS64
+
+WWW: https://www.PowerDNS.com/recursor.html

Modified: branches/2020Q2/dns/powerdns-recursor/pkg-plist
==============================================================================
--- branches/2020Q2/dns/powerdns-recursor/pkg-plist	Wed May 27 12:25:16 2020	(r536691)
+++ branches/2020Q2/dns/powerdns-recursor/pkg-plist	Wed May 27 12:48:55 2020	(r536692)
@@ -3,3 +3,4 @@ bin/rec_control
 sbin/pdns_recursor
 man/man1/pdns_recursor.1.gz
 man/man1/rec_control.1.gz
+@dir /var/run/pdns-recursor