# Contributor: Jakub Jirutka # Contributor: tcely # Maintainer: Jakub Jirutka pkgname=knot-resolver pkgver=5.0.1 pkgrel=0 pkgdesc="Minimalistic caching DNS resolver implementation" url="https://www.knot-resolver.cz/" arch="all !s390x" # limited by luajit license="GPL-3.0" pkgusers="kresd" pkggroups="kresd" depends="dns-root-hints dnssec-root lua5.1-cqueues lua5.1-http" _depends_dnstap="$pkgname=$pkgver-r$pkgrel" _depends_http="$pkgname=$pkgver-r$pkgrel lua5.1-mmdb" _depends_dnstap_dev="fstrm-dev protobuf-dev protobuf-c-dev" depends_dev=" knot-dev>=2.8.0 libedit-dev libuv-dev>=1.7 luajit-dev>=2.0 $_depends_dnstap_dev " depends_static="$pkgname-dev=$pkgver-r$pkgrel" makedepends=" $depends_dev bash cmake gnutls-dev libcap-ng-dev lmdb-dev luacheck meson>=0.46 ninja pkgconf py3-flake8 " checkdepends="cmocka-dev" install="$pkgname.pre-install" subpackages=" $pkgname-mod-http:http:noarch $pkgname-mod-dnstap:dnstap $pkgname-libs-static $pkgname-dev $pkgname-dbg $pkgname-doc $pkgname-openrc " source="https://secure.nic.cz/files/$pkgname/$pkgname-$pkgver.tar.xz $pkgname.logrotate $pkgname.confd $pkgname.initd kres-cache-gc.initd kres-cache-gc.confd " builddir="$srcdir/$pkgname-$pkgver" # secfixes: # 4.3.0-r0: # - CVE-2019-19331 # 4.1.0-r0: # - CVE-2019-10190 # - CVE-2019-10191 # 2.3.0-r0: # - CVE-2018-1110 build() { # strict-aliasing breaks stats module - variable "sa" in stats.c:495 is 0x0. # (https://gitlab.labs.nic.cz/knot/knot-resolver/blob/v4.2.2/modules/stats/stats.c#L495) export CFLAGS="$CFLAGS -fno-strict-aliasing" meson build \ --prefix=/usr \ --buildtype=plain \ --default-library=both \ -Dclient=enabled \ -Dgroup="$pkggroups" \ -Dinstall_kresd_conf=enabled \ -Dunit_tests=enabled \ -Duser="$pkgusers" \ -Droot_hints=/usr/share/dns-root-hints/named.root \ -Dmanaged_ta=disabled \ -Dkeyfile_default=/usr/share/dnssec-root/trusted-key.key ninja -C build } check() { meson test -C build } package() { DESTDIR="$pkgdir" ninja -C build install cd "$pkgdir" # These are useless on non-systemd distro. rm ./usr/lib/knot-resolver/distro-preconfig.lua rm ./usr/lib/knot-resolver/upgrade-4-to-5.lua install -m 755 -D "$srcdir"/$pkgname.initd ./etc/init.d/$pkgname install -m 644 -D "$srcdir"/$pkgname.confd ./etc/conf.d/$pkgname install -m 755 -D "$srcdir"/kres-cache-gc.initd ./etc/init.d/kres-cache-gc install -m 644 -D "$srcdir"/kres-cache-gc.confd ./etc/conf.d/kres-cache-gc install -m 644 -D "$srcdir"/$pkgname.logrotate ./etc/logrotate.d/$pkgname install -d -m 750 -o kresd -g kresd ./var/cache/knot-resolver } http() { pkgdesc="Knot Resolver - HTTP/2 services" depends="$_depends_http" local moddir="usr/lib/$pkgname/kres_modules" mkdir -p "$subpkgdir"/$moddir mv "$pkgdir"/$moddir/http* "$subpkgdir"/$moddir/ } dnstap() { pkgdesc="Knot Resolver - dnstap logging" depends="$_depends_dnstap" local moddir="usr/lib/$pkgname/kres_modules" mkdir -p "$subpkgdir"/$moddir mv "$pkgdir"/$moddir/dnstap.so "$subpkgdir"/$moddir/ } gpg_signature_extensions="asc" gpgfingerprints=" good:BE26 EBB9 CBE0 59B3 910C A35B CE8D D6A1 A50A 21E4 good:4A8B A48C 2AED 933B D495 C509 A1FB A5F7 EF8C 4869 B600 6460 B60A 80E7 8206 2449 E747 DF1F 9575 A3AA " sha512sums="9d5d77d3aff082d5f0132b39627fff5cd7af6e237ded219b7b8f2156de7acacb3bf94d5e278af4bb2c9e36ea80d9259d39ba33a18bb37a626a57c70fb9dc0931 knot-resolver-5.0.1.tar.xz 688aeacb0c1f21c7e532533b402e67068897217713fb668636df7533000b493981ddfa0497f8dba7da7c804ee4ab8d587a4f52155b4e2bf1f4025d2588d314bb knot-resolver.logrotate 653bf15f07047ec72913f571bc283c76adc6bc5444c1d01524ec79fc891ec7e4022bee267ef8e83f03fd8dbccb6d5e73530acfd3987cb5571cab4c402741d189 knot-resolver.confd 79e1a7c003e13fecad5b68935c23554c735fee65fde93a4460c0562486af0656bac01c624cabdcd12e6f41c7b6414c2724a59f7447ddb7aa583d46df5814081e knot-resolver.initd 569cbe40de039b86ffc55a1633029517cda8bd26fc4e3b267796160c40b0647c2abc0eab8090e95659ce3c143f73e2c997f5c10d5b0f47c73079d622b211d3d7 kres-cache-gc.initd be54a2b1e6031262f8aeed050a6e31fe8fea8c937fa5bc0c3b3ff67c7577fa8ba2bfd5a711f6499eb0668522b0b268c707a9fa0035292d0f9c040b96587ffcaf kres-cache-gc.confd"