On Mon, Apr 02 2018, "Peter van Dijk" <peter.van.d...@powerdns.com> wrote: > On 2 Apr 2018, at 15:00, Peter van Dijk wrote: > >> dnsdist 1.3.0 has been released, with interesting new features such as >> DNS-over-TLS. Changelog at >> https://dnsdist.org/changelog.html#change-1.3.0 >> >> Patch pasted below; in case it got mangled, you can also find it at >> https://github.com/openbsd/ports/compare/master...PowerDNS:dnsdist-1.3.0.diff >> >> In addition to upgrading the port to 1.3.0, this patch enables >> DNS-over-TLS support (new in 1.3.0) and DNSCrypt support (which was >> present in earlier versions but not supported by the port). It also >> enables rc_bg because daemonisation support was dropped from dnsdist.
Fine, but I'd keep "--supervised" (and "-u _dnsdist") in daemon instead, else the script could hang the boot process if the user overrides daemon_flags but forgets --supervised. I think "-u _dnsdist" is desirable by default too, users can override it in daemon_flags if needed. >> The dnsdist-lua.cc patch has been upstreamed as >> https://github.com/PowerDNS/pdns/pull/6429 for inclusion in the next >> dnsdist release. If this is what I think it is, this should be fixed in OpenBSD; it has bitten me with other ports, eg net/samba. >> There is one open problem (that was present in the 1.2.0 port as >> well): installation delivers an empty dir /etc/dnsdist/dnsdist, >> instead of copying share/examples/dnsdist/dnsdistconf.lua to >> /etc/dnsdist/dnsdist.conf. I have tried various edits to pkg/PLIST to >> resolve this, but without success. The patch below leaves pkg/PLIST >> untouched until I (or someone else) figures out what to do here. Here's an updated patch that should address the bogus /etc/dnsdist/dnsdist directory and properly install the config file using @sample (pkg_delete -c will DTRT). One funny crash that happens in interactive mode, while resizing the terminal (probably not a blocking problem): > terminating with uncaught exception of type std::runtime_error: Error reading from TCP acceptor pipe (21) in blocking mode: failed in readn2: Interrupted system call Abort trap I only looked at the items I mentioned, I'm not a dnsdist user. Index: Makefile =================================================================== RCS file: /cvs/ports/net/dnsdist/Makefile,v retrieving revision 1.10 diff -u -p -r1.10 Makefile --- Makefile 11 Jan 2018 19:27:05 -0000 1.10 +++ Makefile 2 Apr 2018 16:01:57 -0000 @@ -2,9 +2,8 @@ COMMENT= highly DNS-, DoS- and abuse-aware loadbalancer -DISTNAME= dnsdist-1.2.0 +DISTNAME= dnsdist-1.3.0 EXTRACT_SUFX= .tar.bz2 -REVISION= 0 CATEGORIES= net @@ -15,7 +14,8 @@ MAINTAINER= Peter van Dijk <peter.van.d # GPLv2 only PERMIT_PACKAGE_CDROM= Yes -WANTLIB += ${MODLUA_WANTLIB} c curses edit m protobuf pthread z ${COMPILER_LIBCXX} +WANTLIB += ${MODLUA_WANTLIB} c curses edit m protobuf pthread \ + z crypto ssl sodium ${COMPILER_LIBCXX} MASTER_SITES= https://downloads.powerdns.com/releases/ @@ -25,7 +25,9 @@ USE_GMAKE= Yes CONFIGURE_ARGS+= --disable-hardening \ --with-lua \ - --without-net-snmp + --without-net-snmp \ + --enable-dns-over-tls \ + --enable-dnscrypt CONFIGURE_ENV+= CPPFLAGS="-I${LOCALBASE}/include" \ LDFLAGS="-L${LOCALBASE}/lib" \ LIBEDIT_LIBS='-ledit -lcurses' \ @@ -39,6 +41,7 @@ MODLUA_VERSION= 5.3 BUILD_DEPENDS= devel/boost LIB_DEPENDS+= ${MODLUA_LIB_DEPENDS} \ + security/libsodium \ devel/protobuf .if ${MACHINE_ARCH:Mi386} Index: distinfo =================================================================== RCS file: /cvs/ports/net/dnsdist/distinfo,v retrieving revision 1.2 diff -u -p -r1.2 distinfo --- distinfo 6 Sep 2017 08:59:44 -0000 1.2 +++ distinfo 2 Apr 2018 16:01:57 -0000 @@ -1,2 +1,2 @@ -SHA256 (dnsdist-1.2.0.tar.bz2) = mIXJ7orHB2rt5YbqWNRkLrh357LXbJAiVElOKlpfqng= -SIZE (dnsdist-1.2.0.tar.bz2) = 876104 +SHA256 (dnsdist-1.3.0.tar.bz2) = qmfNTbhAShPtTtEJfdhQID2rijJzcvcrsUDfEe9+ugg= +SIZE (dnsdist-1.3.0.tar.bz2) = 924183 Index: patches/patch-dnsdist-lua_cc =================================================================== RCS file: patches/patch-dnsdist-lua_cc diff -N patches/patch-dnsdist-lua_cc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ patches/patch-dnsdist-lua_cc 2 Apr 2018 16:01:57 -0000 @@ -0,0 +1,13 @@ +$OpenBSD$ +--- dnsdist-lua.cc ++++ dnsdist-lua.cc +@@ -22,9 +22,9 @@ + + #include <dirent.h> + #include <fstream> ++#include <sys/socket.h> + #include <net/if.h> + #include <sys/types.h> +-#include <sys/socket.h> + #include <sys/stat.h> + #include <thread> Index: pkg/PLIST =================================================================== RCS file: /cvs/ports/net/dnsdist/pkg/PLIST,v retrieving revision 1.2 diff -u -p -r1.2 PLIST --- pkg/PLIST 23 Mar 2017 11:58:44 -0000 1.2 +++ pkg/PLIST 2 Apr 2018 16:38:34 -0000 @@ -1,5 +1,4 @@ @comment $OpenBSD: PLIST,v 1.2 2017/03/23 11:58:44 danj Exp $ -@extra ${SYSCONFDIR}/dnsdist/dnsdist.conf @newgroup _dnsdist:788 @newuser _dnsdist:788:_dnsdist:daemon:dnsdist DNS load balancer:/nonexistent:/sbin/nologin @bin bin/dnsdist @@ -7,6 +6,7 @@ share/doc/dnsdist/ share/doc/dnsdist/README.md share/examples/dnsdist/ -@sample ${SYSCONFDIR}/dnsdist/ +@sample ${SYSCONFDIR}/ share/examples/dnsdist/dnsdistconf.lua +@sample ${SYSCONFDIR}/dnsdist.conf @rcscript ${RCDIR}/dnsdist Index: pkg/dnsdist.rc =================================================================== RCS file: /cvs/ports/net/dnsdist/pkg/dnsdist.rc,v retrieving revision 1.2 diff -u -p -r1.2 dnsdist.rc --- pkg/dnsdist.rc 11 Jan 2018 19:27:05 -0000 1.2 +++ pkg/dnsdist.rc 2 Apr 2018 16:58:05 -0000 @@ -2,10 +2,11 @@ # # $OpenBSD: dnsdist.rc,v 1.2 2018/01/11 19:27:05 rpe Exp $ -daemon="${TRUEPREFIX}/bin/dnsdist -d -u _dnsdist" +daemon="${TRUEPREFIX}/bin/dnsdist --supervised -u _dnsdist" . /etc/rc.d/rc.subr +rc_bg=YES rc_reload=NO rc_cmd $1 -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
