MFH: r477052

dns/knot-resolver: update 2.3.0 -> 2.4.1

- CVE-2018-10920: Improper input validation bug in DNS resolver component

PR:		229485
Reported by:	freebsd-vheg@riseup.net,
Approved by:	freebsd@dns.company (maintainer timeout)
Relnotes:	https://www.knot-resolver.cz/2018-07-03-knot-resolver-2.4.0.html
		https://www.knot-resolver.cz/2018-08-02-knot-resolver-2.4.1.html
Security:	CVE-2018-10920
Approved by:	ports-secteam (miwi)

dns/knot-resolver/Makefile

@@ -2,8 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	knot-resolver
-DISTVERSION=	2.3.0
-PORTREVISION=	2
+DISTVERSION=	2.4.1
 CATEGORIES=	dns ipv6
 MASTER_SITES=	https://secure.nic.cz/files/knot-resolver/ \
 		https://dns.company/downloads/knot-resolver/
@@ -13,11 +12,14 @@ COMMENT=	Caching full resolver implementation
 
 LICENSE=	GPLv3
 
+BUILD_DEPENDS=	bash:shells/bash \
+		git:devel/git
 LIB_DEPENDS=	libgnutls.so:security/gnutls \
 		libknot.so:dns/knot2 \
 		liblmdb.so:databases/lmdb \
 		libluajit-5.1.so:lang/luajit \
 		libuv.so:devel/libuv
+TEST_DEPENDS=	cmocka>=1.1.1:sysutils/cmocka
 
 CONFLICTS=	knot-1.* knot1-[0-6].*
 
@@ -27,10 +29,11 @@ MAKE_ARGS+=	MANDIR=${PREFIX}/man
 MAKE_ARGS+=	PKGCONFIGDIR=${PREFIX}/libdata/pkgconfig
 MAKE_ARGS+=	lmdb_CFLAGS=-I${PREFIX}/include lmdb_LIBS=-llmdb
 
-USES=		gmake libedit libtool ncurses pkgconfig tar:xz
+USES=		gmake libedit libtool ncurses pkgconfig shebangfix tar:xz
+SHEBANG_FILES=	scripts/coverage_env.sh
 USE_LDCONFIG=	yes
 
-OPTIONS_DEFINE=	COOKIES DNSTAP DOXYGEN GO MEMCACHED REDIS TRUSTANCHOR
+OPTIONS_DEFINE=	COOKIES DNSTAP DOXYGEN GO TRUSTANCHOR
 
 COOKIES_DESC=			cookies
 COOKIES_LIB_DEPENDS=		libnettle.so:security/nettle
@@ -61,18 +64,6 @@ GO_BUILD_DEPENDS=		go>=1.5:lang/go
 GO_MAKE_ARGS_ON=		HAS_go=yes
 GO_MAKE_ARGS_OFF=		HAS_go=no
 
-MEMCACHED_DESC=			memcached in-memory data-backend
-MEMCACHED_LIB_DEPENDS=		libmemcached.so:databases/libmemcached
-MEMCACHED_MAKE_ARGS_ON=		HAS_libmemcached=yes
-MEMCACHED_MAKE_ARGS_OFF=	HAS_libmemcached=no
-MEMCACHED_PLIST_FILES=		lib/kdns_modules/memcached.so
-
-REDIS_DESC=			redis in-memory data-backend
-REDIS_LIB_DEPENDS=		libhiredis.so:databases/hiredis
-REDIS_MAKE_ARGS_ON=		HAS_hiredis=yes
-REDIS_MAKE_ARGS_OFF=		HAS_hiredis=no
-REDIS_PLIST_FILES=		lib/kdns_modules/redis.so
-
 TRUSTANCHOR_DESC=		Trust anchor bootstrapping and stats
 TRUSTANCHOR_USES=		lua
 TRUSTANCHOR_MAKE_ARGS_ON=	HAS_ltn12=yes HAS_ssl.https=yes
@@ -89,10 +80,10 @@ STRIP_TARGETS=	sbin/kresd			\
 		sbin/kresc			\
 		lib/libkres.so.7		\
 		lib/kdns_modules/ahocorasick.so	\
+		lib/kdns_modules/bogus_log.so	\
 		lib/kdns_modules/cookies.so	\
 		lib/kdns_modules/dnstap.so	\
 		lib/kdns_modules/hints.so	\
-		lib/kdns_modules/kmemcached.so	\
 		lib/kdns_modules/stats.so
 
 post-install:

dns/knot-resolver/distinfo

@@ -1,3 +1,3 @@
-TIMESTAMP = 1529357112
-SHA256 (knot-resolver-2.3.0.tar.xz) = 2d19c5daf8440bd3d2acd1886b9ede65f04f7753c6fd4618a92a1a4ba3b27a9b
-SIZE (knot-resolver-2.3.0.tar.xz) = 1522788
+TIMESTAMP = 1534107905
+SHA256 (knot-resolver-2.4.1.tar.xz) = e8044316cd897ad29b3c5284de06652e1568c4d5861e3147ec2191fbacd8d9ff
+SIZE (knot-resolver-2.4.1.tar.xz) = 1564784

dns/knot-resolver/files/patch-Makefile

@@ -0,0 +1,8 @@
+--- Makefile.orig	2018-07-02 17:45:52.000000000 +0200
++++ Makefile	2018-07-04 10:35:57.228161000 +0200
+@@ -1,4 +1,4 @@
+-SHELL=/bin/bash -o pipefail -o errexit
++SHELL=/usr/local/bin/bash -o pipefail -o errexit
+ 
+ include config.mk
+ include platform.mk

dns/knot-resolver/pkg-plist

@@ -28,6 +28,7 @@ include/libkres/trie.h
 include/libkres/utils.h
 include/libkres/zonecut.h
 lib/kdns_modules/ahocorasick.so
+lib/kdns_modules/bogus_log.so
 lib/kdns_modules/daf.lua
 lib/kdns_modules/daf/daf.js
 lib/kdns_modules/detect_time_jump.lua
@@ -64,6 +65,7 @@ lib/kdns_modules/predict.lua
 lib/kdns_modules/prefill.lua
 lib/kdns_modules/priming.lua
 lib/kdns_modules/prometheus.lua
+lib/kdns_modules/rebinding.lua
 lib/kdns_modules/renumber.lua
 lib/kdns_modules/serve_stale.lua
 lib/kdns_modules/stats.so