[gentoo-commits] repo/gentoo:master commit in: net-dns/knot-resolver/

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: net-dns/knot-resolver/
Date: Sat, 19 Jul 2025 16:58:22 +0000 (UTC)	[thread overview]
Message-ID: <1752944206.df24b628253c342df306b88ce2c15d518f96e762.sam@gentoo> (raw)

commit:     df24b628253c342df306b88ce2c15d518f96e762
Author:     Nicolas PARLANT <nicolas.parlant <AT> parhuet <DOT> fr>
AuthorDate: Sat Jul 19 16:32:42 2025 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Jul 19 16:56:46 2025 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=df24b628

net-dns/knot-resolver: Bump to 5.7.6

Security fixes : DoS - rare crashes

Bug: https://bugs.gentoo.org/960462
Signed-off-by: Nicolas PARLANT <nicolas.parlant <AT> parhuet.fr>
Part-of: https://github.com/gentoo/gentoo/pull/43069
Signed-off-by: Sam James <sam <AT> gentoo.org>

 net-dns/knot-resolver/Manifest                   |  2 +
 net-dns/knot-resolver/knot-resolver-5.7.6.ebuild | 99 ++++++++++++++++++++++++
 2 files changed, 101 insertions(+)

diff --git a/net-dns/knot-resolver/Manifest b/net-dns/knot-resolver/Manifest
index 77cd84dd12c3..9186e0c477e2 100644
--- a/net-dns/knot-resolver/Manifest
+++ b/net-dns/knot-resolver/Manifest
@@ -1,4 +1,6 @@
 DIST knot-resolver-5.7.5.tar.xz 1924960 BLAKE2B cad47756832b34399ea0437ef041ddbfeef10645004ad48ea1ca7cf8fca380b443eb20e345418ebe5dc1566f8f19ee400a1819077bda4d9d2b7949b36a6fb4df SHA512 b9ade76accf60c7eee173cfff18e1881e79bcd63d85ef583973244bf37f40c4c57fed00d840c61643b65b82b1f93f85480c4f10334416cab87fae3da46918fc3
 DIST knot-resolver-5.7.5.tar.xz.asc 833 BLAKE2B 675b91253c5ae72db9e1ef6513a681538967f72b6b7a91f2159b42e7581b398a0a90df7e75da0e6818f1a20549a23677ab34722bbcf762cad019d4c211221f1e SHA512 df06eb244fa051a5f71385424b2da2479203019c6824344ec2226bc4851a3eb12eb3bb0f6f5a3e5ccce8c5875b6867924fa46b6939545cb35b24ef799f9ef6b0
+DIST knot-resolver-5.7.6.tar.xz 1924840 BLAKE2B aca1a3f70921c63005b23f3a9ebb6b602bf0e9d75e7d981b68b4c7b60fb3c0221250ca5b2feafad717136a3376270f7314777fdb0e92e4d5932ecdc5ed5c11a8 SHA512 4dcaff56b0368bc147e04ffbf6ce4a3595fa3a59e99e73b516edc7813142abcb20823b987824b11a31e3eca3cc62fa176caf4408361daeac67b6f0587f9a0268
+DIST knot-resolver-5.7.6.tar.xz.asc 833 BLAKE2B 93579242e6deee33477610c91d72c1152bdbd05355a57893a9519955ce022034315669a91c311081a6e2b4683bf641305fe79ae360b2b61e51a02e0b5c4d8361 SHA512 478449d96dddaff9aff134a2a3bc991d8e50423f38a00e7256b54be9ab89d85d66eaa8e83815f4b31700b16fd94f8017493db6347e57d0583feec38bb35655f6
 DIST knot-resolver-6.0.14.tar.xz 2147184 BLAKE2B 335922a910f21061978dd75d8ff55601cf1968b5452d60275f817d5d1fb4455b0b5f13c062e7af4e37a20c5c706e877b0ef250f1344ccc0f4ebd254f12e18e5f SHA512 49ad64a37c476b5564d8eec8ecc6fb051925a4f649cc7e8a03d3d9265a29686ab41997a1e6db505c9a198cadde545769d8ee161f4fb06cc737d7c7f7f62afbee
 DIST knot-resolver-6.0.14.tar.xz.asc 833 BLAKE2B fb9469f1e8e197c65ee2cffdb6c0632cf2d679468468497aaf735989bcc164b1145eeecf2868e9717f1c8507e317e6a0b0e6066c7a38d947b6d7818f782823ff SHA512 6b0ffb0748bdae435417fdaefabea825905bdb8122e4aba3999dcc7407d413d5d2dd63c98373a7527b715da8da82bd6e5853d48122ff4ef70f8592098f8d516d

diff --git a/net-dns/knot-resolver/knot-resolver-5.7.6.ebuild b/net-dns/knot-resolver/knot-resolver-5.7.6.ebuild
new file mode 100644
index 000000000000..874994b45b28
--- /dev/null
+++ b/net-dns/knot-resolver/knot-resolver-5.7.6.ebuild
@@ -0,0 +1,99 @@
+# Copyright 2024-2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+LUA_COMPAT=( luajit )
+
+inherit lua-single meson optfeature tmpfiles verify-sig
+
+DESCRIPTION="A scaleable caching DNS resolver"
+HOMEPAGE="https://www.knot-resolver.cz https://gitlab.nic.cz/knot/knot-resolver"
+SRC_URI="
+	https://knot-resolver.nic.cz/release/${P}.tar.xz
+	verify-sig? ( https://knot-resolver.nic.cz/release/${P}.tar.xz.asc )
+"
+
+LICENSE="Apache-2.0 BSD CC0-1.0 GPL-3+ LGPL-2.1+ MIT"
+SLOT="0"
+KEYWORDS="~amd64"
+
+IUSE="caps dnstap jemalloc kresc nghttp2 selinux systemd test xdp"
+RESTRICT="!test? ( test )"
+REQUIRED_USE="${LUA_REQUIRED_USE}"
+
+RDEPEND="
+	${LUA_DEPS}
+	acct-group/knot-resolver
+	acct-user/knot-resolver
+	dev-db/lmdb:=
+	dev-libs/libuv:=
+	net-dns/knot:=[xdp?]
+	net-libs/gnutls:=
+	caps? ( sys-libs/libcap-ng )
+	dnstap? (
+		dev-libs/fstrm
+		dev-libs/protobuf-c:=
+	)
+	jemalloc? ( dev-libs/jemalloc:= )
+	kresc? ( dev-libs/libedit )
+	nghttp2? ( net-libs/nghttp2:= )
+	selinux? ( sec-policy/selinux-knot )
+	systemd? ( sys-apps/systemd:= )
+"
+DEPEND="
+	${RDEPEND}
+	test? ( dev-util/cmocka )
+"
+BDEPEND="
+	virtual/pkgconfig
+	verify-sig? ( >=sec-keys/openpgp-keys-knot-resolver-20240304 )
+"
+
+VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/${PN}.gpg
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-5.5.3-docdir.patch
+	"${FILESDIR}"/${PN}-5.5.3-nghttp-openssl.patch
+	"${FILESDIR}"/${PN}-5.7.4-libsystemd.patch
+)
+
+src_configure() {
+	local emesonargs=(
+		--localstatedir "${EPREFIX}"/var # double lib
+		# https://bugs.gentoo.org/870019
+		-Dauto_features=disabled
+		-Ddoc=disabled
+		-Ddocdir="${EPREFIX}"/usr/share/doc/${PF}
+		-Dopenssl=disabled
+		-Dmalloc=$(usex jemalloc jemalloc disabled)
+		-Dsystemd_files=enabled
+		$(meson_feature caps capng)
+		$(meson_feature dnstap)
+		$(meson_feature kresc client)
+		$(meson_feature nghttp2)
+		$(meson_feature systemd)
+		$(meson_feature test unit_tests)
+	)
+
+	meson_src_configure
+}
+
+src_install() {
+	meson_src_install
+	fowners -R ${PN}: /etc/${PN}
+
+	newinitd "${FILESDIR}"/kresd.initd-r2 kresd
+	newconfd "${FILESDIR}"/kresd.confd-r1 kresd
+	newinitd "${FILESDIR}"/kres-cache-gc.initd kres-cache-gc
+}
+
+pkg_postinst() {
+	tmpfiles_process knot-resolver.conf
+	optfeature_header "This package is recommended with Knot Resolver:"
+	optfeature "asynchronous execution, especially with policy module" dev-lua/cqueues
+	elog ""
+	optfeature_header "Other packages may also be useful:"
+	optfeature "legacy doh and webmgmt (metrics, tracking)" dev-lua/lua-http
+	optfeature "server map with geoIP database (webmgmt)" dev-lua/lua-mmdb
+}

next             reply	other threads:[~2025-07-19 16:58 UTC|newest]

Thread overview: 35+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-07-19 16:58 Sam James [this message]
  -- strict thread matches above, loose matches on Subject: below --
2025-07-30 13:04 [gentoo-commits] repo/gentoo:master commit in: net-dns/knot-resolver/ Joonas Niilola
2025-07-19 16:58 Sam James
2025-07-19 16:58 Sam James
2025-06-03 13:50 Sam James
2025-06-02 21:41 Sam James
2025-05-28 10:34 Sam James
2025-05-27 19:45 Kenton Groombridge
2025-05-22 22:21 Sam James
2025-05-21 10:56 Arthur Zamarin
2025-04-26  2:14 Sam James
2025-04-26  2:14 Sam James
2025-04-26  2:14 Sam James
2025-03-10  2:54 Sam James
2025-02-16 16:36 Sam James
2025-02-16 16:36 Sam James
2025-02-16 16:36 Sam James
2024-12-05 12:29 Sam James
2024-12-01 15:19 Sam James
2024-11-22  7:38 Florian Schmaus
2024-11-20 21:11 Andreas Sturmlechner
2024-09-03 18:32 Jakov Smolić
2024-07-31 17:51 Matthew Smith
2024-04-07 10:40 Matthew Smith
2024-02-16  8:03 Matthew Smith
2024-02-15 20:03 Sam James
2024-02-14  8:32 Matthew Smith
2023-11-26 23:18 Sam James
2023-09-29 10:14 Matthew Smith
2023-02-27 18:22 Matthew Smith
2023-02-27 15:40 Sam James
2023-02-05  9:32 Matthew Smith
2022-12-03 14:43 Arthur Zamarin
2022-11-01 17:59 Matthew Smith
2022-10-19 14:53 Matthew Smith

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:77cd84dd12c dfblob:9186e0c477e dfblob:874994b45b2 )
 OR (
bs:"[gentoo-commits] repo/gentoo:master commit in: net-dns/knot-resolver/" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1752944206.df24b628253c342df306b88ce2c15d518f96e762.sam@gentoo \
    --to=sam@gentoo.org \
    --cc=gentoo-commits@lists.gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox