community/knot-resolver: move from testing/knot-resolver4

5 files changed, 57 insertions, 104 deletions

diff --git a/community/knot-resolver/APKBUILD b/community/knot-resolver/APKBUILD
index 03345ae780..141aba56b2 100644
--- a/community/knot-resolver/APKBUILD
+++ b/community/knot-resolver/APKBUILD
@@ -1,8 +1,10 @@
 # Contributor: Jakub Jirutka <jakub@jirutka.cz>
+# Contributor: tcely <knot-resolver+aports@tcely.33mail.com>
 # Maintainer: tcely <knot-resolver+aports@tcely.33mail.com>
-pkgname=knot-resolver
-pkgver=3.2.1
-pkgrel=3
+pkgname="knot-resolver"
+_pkgname="${pkgname}"
+pkgver="4.1.0"
+pkgrel=0
 pkgdesc="Minimalistic caching DNS resolver implementation"
 url="https://www.knot-resolver.cz/"
 # luajit is not available for disabled arches
@@ -10,64 +12,55 @@ arch="all !s390x"
 license="GPL-3.0"
 pkgusers="kresd"
 pkggroups="kresd"
-depends="dns-root-hints lua5.1-sec lua5.1-socket"
-depends_dnstap=""
-depends_dnstap_dev="fstrm-dev protobuf-c-dev"
-depends_http="$pkgname lua5.1-http"
-depends_dev="knot-dev>=2.8.0 libedit-dev libuv-dev lmdb-dev luajit-dev $depends_dnstap_dev"
-makedepends="$depends_dev bash dnssec-root vim"
+depends="dns-root-hints dnssec-root lua5.1-sec lua5.1-socket"
+_depends_dnstap_dev="fstrm-dev protobuf-dev protobuf-c-dev"
+_depends_http="$pkgname lua5.1-http"
+depends_dev="knot-dev>=2.8.0 libedit-dev libuv-dev>=1.7 lmdb-dev luajit-dev>=2.0 $_depends_dnstap_dev"
+makedepends="$depends_dev bash cmake gnutls-dev luacheck meson>=0.46 ninja pkgconf py3-flake8"
 checkdepends="cmocka-dev"
 install="$pkgname.pre-install"
 subpackages="$pkgname-mod-http:http:noarch $pkgname-mod-dnstap:dnstap $pkgname-dev $pkgname-doc $pkgname-openrc"
-source="https://secure.nic.cz/files/$pkgname/$pkgname-$pkgver.tar.xz
-	$pkgname.initd
-	$pkgname.confd
-	$pkgname.logrotate
-	knot-2.8.0-compat.patch
-	config"
+source="
+	https://secure.nic.cz/files/${_pkgname}/${_pkgname}-$pkgver.tar.xz
+	${pkgname}.logrotate
+	${pkgname}.confd
+	${pkgname}.initd
+	"
+builddir="${srcdir}/${_pkgname}-${pkgver}"
 
 # secfixes:
+#   4.1.0-r0:
+#     - CVE-2019-10190
+#     - CVE-2019-10191
 #   2.3.0-r0:
 #     - CVE-2018-1110
 
-_flags="PREFIX=/usr
-	ETCDIR=/etc/$pkgname"
-
-prepare() {
-	default_prepare
-
-	# Make sure embedded LMDB library is not used.
-	rm -rf contrib/lmdb
-}
-
 build() {
-	make $_flags
+	meson build \
+		--prefix=/usr \
+		--buildtype=release \
+		--default-library=both \
+		-Dclient=enabled \
+		-Dgroup="$pkggroups" \
+		-Dinstall_kresd_conf=enabled \
+		-Dunit_tests=enabled \
+		-Duser="$pkgusers" \
+		-Droot_hints=/usr/share/dns-root-hints/named.root \
+		-Dmanaged_ta=disabled \
+		-Dkeyfile_default=/usr/share/dnssec-root/trusted-key.key
+
+	ninja -C build
 }
 
 check() {
-	make $_flags -j1 check
+	meson test -C build
 }
 
 package() {
-	make $_flags DESTDIR="$pkgdir" install
+	DESTDIR="$pkgdir" ninja install -C build
 
 	cd "$pkgdir"
 
-	# Move sample configs to -doc.
-	mkdir -p ./usr/share/doc/$pkgname
-	mv ./etc/$pkgname/config* ./usr/share/doc/$pkgname/
-	chmod 644 ./usr/share/doc/$pkgname/*
-
-	rm -f ./etc/$pkgname/root.hints
-	ln -s ../../usr/share/dns-root-hints/named.root ./etc/$pkgname/root.hints
-
-	install -m 640 -o root -g kresd "$srcdir"/config \
-		./etc/$pkgname/config
-
-	install -m 755 -o kresd -g kresd -d ./var/lib/$pkgname
-	install -m 644 -o kresd -D /usr/share/dnssec-root/trusted-key.key \
-		./var/lib/$pkgname/root.keys
-
 	install -m 755 -D "$srcdir"/$pkgname.initd ./etc/init.d/$pkgname
 	install -m 644 -D "$srcdir"/$pkgname.confd ./etc/conf.d/$pkgname
 
@@ -76,8 +69,8 @@ package() {
 
 http() {
 	pkgdesc="Knot Resolver - HTTP/2 services"
-	depends="$depends_http"
-	local moddir="usr/lib/kdns_modules"
+	depends="$_depends_http"
+	local moddir="usr/lib/${_pkgname}/kres_modules"
 
 	mkdir -p "$subpkgdir"/$moddir
 	mv "$pkgdir"/$moddir/http* "$subpkgdir"/$moddir/
@@ -85,16 +78,25 @@ http() {
 
 dnstap() {
 	pkgdesc="Knot Resolver - dnstap logging"
-	depends="$depends_dnstap"
-	local moddir="usr/lib/kdns_modules"
+	depends="$_depends_dnstap"
+	local moddir="usr/lib/${_pkgname}/kres_modules"
 
 	mkdir -p "$subpkgdir"/$moddir
 	mv "$pkgdir"/$moddir/dnstap.so "$subpkgdir"/$moddir/
 }
 
-sha512sums="2ed79176183a685bf6365081706e68e4add05965a5f53a6f38ae4a5c204d29952eaf511ffbf18c646a0a843a032b425eb0592de27dafbf977d976946a3437351  knot-resolver-3.2.1.tar.xz
-0e9b947ed0fe39a600ba8fe3cdeacf07521cdd6c371007dd15524f67c75ea024994a8c11820d70c57ef180c90f492eae69ef167152ad84c24a47c885710a7974  knot-resolver.initd
-9d0d629405df243dc0f782abd6fcaaaf13fbce78d881f7ce213cfd2a55cfbfd87af2ba976061bf7b5d3d055edec98b42632395390f2a469648c27f96124997a6  knot-resolver.confd
+gpg_signature_extensions="asc"
+gpgfingerprints="
+	good:BE26 EBB9 CBE0 59B3 910C  A35B CE8D D6A1 A50A 21E4
+	4A8B A48C 2AED 933B D495  C509 A1FB A5F7 EF8C 4869
+	B600 6460 B60A 80E7 8206  2449 E747 DF1F 9575 A3AA
+	"
+
+sha256sums="2fe470f9bb1007667cdd448f758087244b7195a0234c2b100a9beeed0a2d3e68  knot-resolver-4.1.0.tar.xz
+1907cad39d355c03f84997272271933476d335b0e84c4f71490c98b7a2631f20  knot-resolver.logrotate
+357a277602d998bebabb806178c96dd71dc14a73945000480788a9b5cef10a57  knot-resolver.confd
+2c3978a7366a04aba7bac0308d778af4c93ca9497fe10bb96658050a3080cf62  knot-resolver.initd"
+sha512sums="d9e86cea160f15e92908193613887bb7b727d0125b9de03e16c7bc66c0c29288621dd09b7208599f1f80ccb659f47179722df481565530c4c2532d9bd81fdd91  knot-resolver-4.1.0.tar.xz
 688aeacb0c1f21c7e532533b402e67068897217713fb668636df7533000b493981ddfa0497f8dba7da7c804ee4ab8d587a4f52155b4e2bf1f4025d2588d314bb  knot-resolver.logrotate
-ea10749307aa23341daf7bb77652300b8c78537fc2fa7c084d3e1e618b0ee11873c056b328bd760673d8fdf45c2f3106861fcf0ac4e8090643516419062fcf0f  knot-2.8.0-compat.patch
-913a557dde84e9dac7c7300ab093285865fa57f3875fc357e680f04a0e85af6610a0e33da6262431cbb06a2c5a115952e742e48c8568d4eb82182906170b4a73  config"
+0bfab48f3a182eb396c039c932698f9a4bb7d11f5ecd87336fe803cf6e0ef2923c2e516dc6a5cec19595945d24b3b24795d0119fb8560c42b0d268b2c3be6c20  knot-resolver.confd
+902e7773c404ab4862453233e16ec8ccc415759d73aea795062e945034d28537b13397b14dec3b6ef8ec3ea58604e77258e1381e9b62d93ddb9ec3e3e0031244  knot-resolver.initd"
diff --git a/community/knot-resolver/config b/community/knot-resolver/config
deleted file mode 100644
index 1731f0c591..0000000000
--- a/community/knot-resolver/config
+++ /dev/null
@@ -1,23 +0,0 @@
--- vim:syntax=lua:
---
--- Config file example useable for personal resolver.
--- The goal is to have a validating resolver with tiny memory footprint,
--- while actively tracking and refreshing frequent records to lower user latency.
--- Refer to manual: https://knot-resolver.readthedocs.io/en/latest/daemon.html#configuration
-
--- Listen on localhost (default)
-net = { '127.0.0.1', '::1' }
-
--- Drop root privileges
-user('kresd', 'kresd')
-
--- Load Useful modules
-modules = {
-	'policy',   -- Block queries to local zones/bad sites
-	'hints',    -- Load /etc/hosts and allow custom root hints
-	'stats',    -- Track internal statistics
-	'predict',  -- Prefetch expiring/frequent records
-}
-
--- Smaller cache size
-cache.size = 10 * MB
diff --git a/community/knot-resolver/knot-2.8.0-compat.patch b/community/knot-resolver/knot-2.8.0-compat.patch
deleted file mode 100644
index 05363468f2..0000000000
--- a/community/knot-resolver/knot-2.8.0-compat.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-diff --git a/Makefile b/Makefile
-index 82221e99156d6042e22d2ecbae6558c41c1253c7..145555a4d8bfac4d052bef1074b092ab39ef168a 100644
---- a/Makefile
-+++ b/Makefile
-@@ -18,7 +18,7 @@ lint-lua: $(patsubst %.lua.in,%.lua,$(wildcard */*/*.lua.in))
- .PHONY: all install check clean doc info lint
- 
- # Dependencies
--KNOT_MINVER := 2.7.2
-+KNOT_MINVER := 2.8.0
- $(eval $(call find_lib,libknot,$(KNOT_MINVER),yes))
- $(eval $(call find_lib,libdnssec,$(KNOT_MINVER),yes))
- $(eval $(call find_lib,libzscanner,$(KNOT_MINVER),yes))
-diff --git a/daemon/lua/kres-gen.lua b/daemon/lua/kres-gen.lua
-index 5e40a610283f60456763859cac45139cfd29f74f..3d5345f7b68870d34297f7729d8a26a9264277d1 100644
---- a/daemon/lua/kres-gen.lua
-+++ b/daemon/lua/kres-gen.lua
-@@ -395,6 +395,7 @@ struct zs_scanner {
- 		_Bool automatic;
- 		void (*record)(zs_scanner_t *);
- 		void (*error)(zs_scanner_t *);
-+		void (*comment)(zs_scanner_t *);
- 		void *data;
- 	} process;
- 	struct {
diff --git a/community/knot-resolver/knot-resolver.confd b/community/knot-resolver/knot-resolver.confd
index ccc2e995fd..0cca4cda70 100644
--- a/community/knot-resolver/knot-resolver.confd
+++ b/community/knot-resolver/knot-resolver.confd
@@ -1,7 +1,7 @@
 # Config file for /etc/init.d/knot-resolver
 
 # Config file path.
-#config="/etc/knot-resolver/config"
+#config="/etc/knot-resolver/kresd.conf"
 
 # Cache (working) directory.
 #cachedir="/var/cache/knot-resolver"
diff --git a/community/knot-resolver/knot-resolver.initd b/community/knot-resolver/knot-resolver.initd
index 7a4ef61eaf..849279f6f3 100644
--- a/community/knot-resolver/knot-resolver.initd
+++ b/community/knot-resolver/knot-resolver.initd
@@ -1,13 +1,12 @@
 #!/sbin/openrc-run
 
-: ${config:="/etc/knot-resolver/config"}
+: ${config:="/etc/knot-resolver/kresd.conf"}
 : ${cachedir:="/var/cache/knot-resolver"}
-: ${keyfile:="/var/lib/knot-resolver/root.keys"}
 : ${logfile:="/var/log/knot-resolver.log"}
 
 command="/usr/sbin/kresd"
 # Note: Do not change forks=1, it's buggy.
-command_args="--config=$config --keyfile=$keyfile --forks=1 $cachedir"
+command_args="--config=$config --forks=1 $cachedir"
 command_background="yes"
 pidfile="/run/$RC_SVCNAME.pid"
 start_stop_daemon_args="