MFH: r466166

dns/dnsdist: fix rc.d script, add support for LuaJIT and enable some new features - Really fix the rc.d script to start using daemon(8) and add the --supervised commandline argument (which suppresses opening up the console) - Enable DNS-over-TLS (upstream suggests enabling both GnuTLS and OpenSSL backends so you can switch in case of a serious security issue in .ie OpenSSL) - Add OpenSSL support (enabled by default) - Add GnuTLS support (enabled by default) - Add dnstap support (disabled by default) - Add SNMP support (disabled by default) - Add support for LuaJIT or whatever you set as your default version in make.conf (disabled by default) - Bump PORTREVISION PR: 227175 Submitted by: Ralf van der Enden <tremere@cainites.net> Approved by: ports-secteam (riggs)
svn path=/branches/2018Q2/; revision=466191
2018-04-01 23:55:25 +00:00 · 2018-04-01 23:55:25 +00:00 · 69b49f0a74 · 2021-03-31 03:12:20 +00:00
commit 69b49f0a74
parent 452472a3df
3 changed files with 60 additions and 4 deletions
--- a/dns/dnsdist/Makefile
+++ b/dns/dnsdist/Makefile
@ -3,7 +3,7 @@

 PORTNAME=	dnsdist
 DISTVERSION=	1.3.0
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	dns net
 MASTER_SITES=	https://downloads.powerdns.com/releases/ \
 		LOCAL/cpm
@ -22,9 +22,10 @@ LIB_DEPENDS=	libboost_serialization.so:devel/boost-libs \
 		libsodium.so:security/libsodium

 GNU_CONFIGURE=	yes
-USES=		bison compiler cpe gmake libedit libtool localbase lua:52 \
+USES=		bison compiler cpe gmake libedit libtool localbase \
 		pkgconfig tar:bz2
 CONFIGURE_ARGS=	--bindir=${PREFIX}/sbin \
+		--enable-dns-over-tls \
 		--enable-dnscrypt \
 		--enable-libsodium \
 		--enable-re2
@ -36,6 +37,30 @@ GROUPS=		_dnsdist

 USE_RC_SUBR=	dnsdist

+OPTIONS_DEFINE=		FSTRM LUAJIT SNMP
+OPTIONS_DEFAULT=	GNUTLS OPENSSL
+OPTIONS_MULTI=		TLS
+OPTIONS_MULTI_TLS=	GNUTLS OPENSSL
+
+FSTRM_DESC=	dnstap support (see dnstap.info)
+LUAJIT_DESC=	Use LuaJIT instead of Lua
+
+FSTRM_LIB_DEPENDS=	libfstrm.so:devel/fstrm
+FSTRM_CONFIGURE_ENABLE=	fstrm
+
+GNUTLS_LIB_DEPENDS=	libgnutls.so:security/gnutls
+GNUTLS_CONFIGURE_ENABLE=gnutls
+
+LUAJIT_LIB_DEPENDS=	libluajit-5.1.so.2:lang/luajit
+LUAJIT_USES_OFF=	lua
+LUAJIT_CONFIGURE_WITH=	luajit
+
+OPENSSL_USES=		ssl
+OPENSSL_CONFIGURE_ENABLE=libssl
+
+SNMP_LIB_DEPENDS=	libnetsnmp.so:net-mgmt/net-snmp
+SNMP_CONFIGURE_WITH=	net-snmp
+
 .include <bsd.port.pre.mk>

 # Fix dnsdist binaries when building on FreeBSD 10.3
--- a/dns/dnsdist/files/dnsdist.in
+++ b/dns/dnsdist/files/dnsdist.in
@ -22,7 +22,10 @@ load_rc_config ${name}
 : ${dnsdist_priv_group:=_dnsdist}
 : ${dnsdist_enable:=NO}

-command=/usr/local/sbin/${name}
-command_args="-u ${dnsdist_priv_user} -g ${dnsdist_priv_group}"
+pidfile=/var/run/${name}.pid
+
+command=/usr/sbin/daemon
+actual_command=/usr/local/sbin/${name}
+command_args="-c -f -r -P ${pidfile} ${actual_command} -u ${dnsdist_priv_user} -g ${dnsdist_priv_group} --supervised"

 run_rc_command "$1"
--- a/dns/dnsdist/files/patch-ext_luawrapper_include_LuaContext.hpp
+++ b/dns/dnsdist/files/patch-ext_luawrapper_include_LuaContext.hpp
@ -0,0 +1,28 @@
+--- ext/luawrapper/include/LuaContext.hpp.orig	2018-03-29 15:25:58 UTC
+++ ext/luawrapper/include/LuaContext.hpp
+@@ -2635,11 +2635,21 @@ struct LuaContext::Reader<std::string>
+     static auto read(lua_State* state, int index)
+         -> boost::optional<std::string>
+     {
+        std::string result;
+
+        // lua_tolstring might convert the variable that would confuse lua_next, so we
+        //   make a copy of the variable.
+        lua_pushvalue(state, index);
+
+         size_t len;
+-        const auto val = lua_tolstring(state, index, &len);
+-        if (val == 0)
+-            return boost::none;
+-        return std::string(val, len);
+        const auto val = lua_tolstring(state, -1, &len);
+
+        if (val != 0)
+          result.assign(val, len);
+
+        lua_pop(state, 1);
+
+        return val != 0 ? boost::optional<std::string>{ std::move(result) } : boost::none;
+     }
+ };
+