commit: 53cb20a884e0aa3645ad3ab817f5887fe7027d28 Author: Nicolas PARLANT <nicolas.parlant <AT> parhuet <DOT> fr> AuthorDate: Fri Jan 16 10:05:05 2026 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Mon Jan 19 06:36:24 2026 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=53cb20a8
net-dns/knot: Bump to 3.5.3 the patch for pkcs11 is merged Signed-off-by: Nicolas PARLANT <nicolas.parlant <AT> parhuet.fr> Part-of: https://github.com/gentoo/gentoo/pull/45406 Signed-off-by: Sam James <sam <AT> gentoo.org> net-dns/knot/Manifest | 3 + net-dns/knot/knot-3.5.3.ebuild | 239 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 242 insertions(+) diff --git a/net-dns/knot/Manifest b/net-dns/knot/Manifest index 120b1a0b2a86..b374666d5db8 100644 --- a/net-dns/knot/Manifest +++ b/net-dns/knot/Manifest @@ -10,3 +10,6 @@ DIST knot-3.5.1.tar.xz.asc 833 BLAKE2B 02f6fe62cdff94c8f274a203ff3873b0d10abc52c DIST knot-3.5.2-manpages.tar.xz 40252 BLAKE2B 5da3035fbded6d05fe7d25d80329e83e9375dad9d4da7e1d1c50873e2f704bea76839808a10e6e7b8d45f267dd5366410b1cb1f1616f95a404897ea59652bb73 SHA512 62e621b8cc06ad6edc8858c74d7ea4bfb6fb45c01c7f17765176bd9f7240a4724c1833a6a18fe10767ca87688bdcf0ba67c66e092bd0623278ccd53a4b1c6c89 DIST knot-3.5.2.tar.xz 1710680 BLAKE2B 215b09a91f2ba21f23f996df2a1e6ea187f362bfb6dc80d5cd1b45cd84ebf4ccb77f90ff567e91dab36f02aae1a776efcc0aea2a54b830eb85039d0b39ff803f SHA512 4dd8e42088f792459859da807427024ded926c2a8fb5b9fd4596b631a184269e3d84f0cd4be9192f2546977c598c418f8d44cabccbc393f9f7cf2f0dd5adc595 DIST knot-3.5.2.tar.xz.asc 833 BLAKE2B e5ba45566c403b2a7b477fdf940ce7d13d5ab8901f0e25b3232eaa3bd5a85114679750a1164bd304f872336b152210923c65e7577a7b4dd485250c89f97310ba SHA512 5f6ee7fedc0d5b904572d2f6d47858065cdc4efa7217b4e9dcbb38ae63a1533646ba2b042bb0c1fe533a3caf6ba41c81010616393d2a0adcea77712608931b38 +DIST knot-3.5.3-manpages.tar.xz 40396 BLAKE2B cff85410db872ffb3c3ecc31a6b3320a11d4511b4c2eccb5bc19cd76cdc9fe001353f8db2e01cd11ec0b2e32972c0209599a1d260b1c8cf961c21db5efcaabda SHA512 ab4ecb8b482a1d8cb60bc113499fe17a20404e9c0385d6e9ebc1600ed2ec3858761c5ca4d09b7636e7eaf0a7ff5ab298fc4cb9706a357b9ce47e7acbd51e72c3 +DIST knot-3.5.3.tar.xz 1757736 BLAKE2B eff117f72248b6647eb54a2f0c230b971065205ab6adf2503785efdf045ae548568a95915bfbd594e99501ff7c8ca691e98f372ba4b1f88521ab685e015b4b3b SHA512 7064a18ce10fa9488176592baddfda32b55f6ca2470dce4083c82aca8fae95f568cb9ddd2bb9f55466eeffbb04ea616e67014f44b94f2fb2b8f98f8a419271a3 +DIST knot-3.5.3.tar.xz.asc 833 BLAKE2B 661b74b7a460d9993226862d1f7dc2d74ca9e7f9a0057b5f9eae5c4748a2fdc16415212e209a8264e0d49ea4107e6a713ccaba3d3bb91deec3b3e86cc48e1237 SHA512 4ad40aaba569b4e6ccf3b6f264d3e45866855d5c388f6bd8140704ad9db09ef71d271c59704ca8e92bd39c0e7d62894d535b1f4e0642d1db33d113855ac6d6bd diff --git a/net-dns/knot/knot-3.5.3.ebuild b/net-dns/knot/knot-3.5.3.ebuild new file mode 100644 index 000000000000..9ffaddf0f8c5 --- /dev/null +++ b/net-dns/knot/knot-3.5.3.ebuild @@ -0,0 +1,239 @@ +# Copyright 1999-2026 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{11..14} ) +inherit autotools eapi9-ver python-r1 systemd tmpfiles verify-sig + +# subslot: libknot major.libdnssec major.libzscanner major +KNOT_SUBSLOT="16.10.5" + +DESCRIPTION="High-performance authoritative-only DNS server" +HOMEPAGE="https://www.knot-dns.cz/ https://gitlab.nic.cz/knot/knot-dns"; +SRC_URI=" + https://knot-dns.nic.cz/release/${P}.tar.xz + !doc? ( https://raw.githubusercontent.com/PPN-SD/gentoo-manpages/refs/tags/${P}/${P}-manpages.tar.xz ) + verify-sig? ( https://knot-dns.nic.cz/release/${P}.tar.xz.asc ) +" +LICENSE="GPL-2+" +SLOT="0/${KNOT_SUBSLOT}" +KEYWORDS="~amd64 ~arm64 ~riscv ~x86" + +# Modules without dep. Built unconditionally. +KNOT_MODULES=( + "authsignal" + "cookies" + "dnsproxy" + "noudp" + "onlinesign" + "queryacl" + "rrl" + "stats" + "synthrecord" + "whoami" +) + +KNOT_MODULES_OPT=( + "dnstap" + "geoip" +) + +IUSE="caps +daemon dbus doc doh +fastparser +idn pkcs11 prometheus python quic redis selinux systemd test +utils xdp ${KNOT_MODULES_OPT[@]}" +RESTRICT="!test? ( test )" +REQUIRED_USE=" + prometheus? ( python ) + python? ( ${PYTHON_REQUIRED_USE} ) +" + +COMMON_DEPEND=" + dev-libs/libedit + dnstap? ( + dev-libs/fstrm + dev-libs/protobuf-c:= + ) +" +RDEPEND=" + dev-db/lmdb:= + net-libs/gnutls:=[pkcs11?] + daemon? ( + ${COMMON_DEPEND} + acct-group/knot + acct-user/knot + dev-libs/userspace-rcu:= + caps? ( sys-libs/libcap-ng ) + dbus? ( sys-apps/dbus ) + geoip? ( dev-libs/libmaxminddb:= ) + redis? ( >=dev-libs/hiredis-1.1.0:= ) + systemd? ( sys-apps/systemd:= ) + ) + prometheus? ( + dev-python/prometheus-client[${PYTHON_USEDEP}] + dev-python/psutil[${PYTHON_USEDEP}] + ) + python? ( ${PYTHON_DEPS} ) + quic? ( net-libs/ngtcp2[gnutls] ) + selinux? ( sec-policy/selinux-knot ) + utils? ( + ${COMMON_DEPEND} + doh? ( net-libs/nghttp2:= ) + idn? ( net-dns/libidn2:= ) + ) + xdp? ( + >=dev-libs/libbpf-1.0:= + net-libs/xdp-tools + utils? ( net-libs/libmnl:= ) + ) +" +DEPEND="${RDEPEND}" +BDEPEND=" + virtual/pkgconfig + dnstap? ( dev-libs/protobuf[protoc(+)] ) + doc? ( + $(python_gen_any_dep ' + dev-python/sphinx[${PYTHON_USEDEP}] + dev-python/sphinx-panels[${PYTHON_USEDEP}] + ') + ) + python? ( ${PYTHON_DEPS} ) + test? ( + pkcs11? ( dev-libs/softhsm ) + ) + verify-sig? ( sec-keys/openpgp-keys-knot ) +" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/${PN}.asc + +# Used to check cpuset_t in sched.h with NetBSD. +# False positive because linux have sched.h too but with cpu_set_t +QA_CONFIG_IMPL_DECL_SKIP=( cpuset_create cpuset_destroy ) + +python_check_deps() { + use doc || return 0 + python_has_version "dev-python/sphinx[${PYTHON_USEDEP}]" \ + "dev-python/sphinx-panels[${PYTHON_USEDEP}]" +} + +pkg_setup() { + if use doc || use python; then + python_setup + fi +} + +src_unpack() { + if use verify-sig; then + verify-sig_verify_detached "${DISTDIR}"/${P}.tar.xz{,.asc} + fi + default +} + +src_prepare() { + default + # avoid the old ltmain.sh modified by upstream which causes a linking issue + # reproduced with test and musl + eautoreconf +} + +src_configure() { + local u + local my_conf=( + --with-storage="${EPREFIX}/var/lib/${PN}" + --with-rundir="${EPREFIX}/var/run/${PN}" + $(use_enable caps cap_ng) + $(use_enable daemon) + # enable-dnstap defines support for kdig only + $(use_enable dnstap dnstap $(usex utils)) + $(use_enable doc documentation) + $(use_with doh libnghttp2) + $(use_enable fastparser) + $(use_enable geoip maxminddb) + $(use_with idn libidn) + $(use_enable pkcs11) + $(use_enable quic) + $(use_enable redis redis $(usex daemon client)) + $(use_enable systemd) + $(use_enable utils utilities) + $(use_enable xdp) + ) + # modules are only used by daemon + # module-dnstap defines support for knotd only + if use daemon; then + for u in "${KNOT_MODULES[@]}"; do + my_conf+=( --with-module-${u} ) + done + for u in "${KNOT_MODULES_OPT[@]#+}"; do + my_conf+=( $(use_with ${u} module-${u}) ) + done + else + my_conf+=( --disable-modules ) + fi + + if use !daemon; then + my_conf+=( --enable-dbus=no ) + elif use dbus; then + my_conf+=( --enable-dbus=libdbus ) + elif use systemd; then + my_conf+=( --enable-dbus=systemd ) + else + my_conf+=( --enable-dbus=no ) + fi + + econf "${my_conf[@]}" +} + +src_compile() { + default + + use doc && emake -C doc html +} + +src_install() { + if use doc; then + local HTML_DOCS=( doc/_build/html/{*.html,*.js,_sources,_static} ) + else + doman "${WORKDIR}"/man/* + fi + + if use python; then + python_foreach_impl python_domodule python/libknot/libknot + newdoc python/libknot/README.md README.python.md + fi + + if use prometheus; then + python_foreach_impl python_domodule python/knot_exporter/knot_exporter + python_scriptinto /usr/sbin + python_foreach_impl python_newscript python/knot_exporter/knot_exporter/knot_exporter.py knot-exporter + newdoc python/knot_exporter/README.md README.knot_exporter.md + fi + + default + + if use daemon; then + rm -r "${ED}"/var/run/ || die + + newinitd "${FILESDIR}"/knot-3.init knot + newconfd "${FILESDIR}"/knot.confd knot + + newtmpfiles "${FILESDIR}"/${PN}.tmpfile ${PN}.conf + + use systemd && systemd_newunit distro/common/knot.service knot.service + fi + + find "${D}" -name '*.la' -delete || die + + keepdir /var/lib/knot +} + +pkg_postinst() { + use daemon && tmpfiles_process ${PN}.conf + + if has_version net-dns/redis-knot || use redis; then + ewarn "To use redis, ${EPREFIX}/usr/$(get_libdir)/knot/redis/knot.so from net-dns/redis-knot" + ewarn "must be loaded by an instance of Redis." + fi + + if ver_replacing -lt 3.5; then + elog "See documentation for migration:" + elog "https://www.knot-dns.cz/docs/3.5/html/migration.html#upgrade-3-4-x-to-3-5-x"; + fi +}
