dnsdist: update to 1.4.0

Update dnsdist to next major release 1.4.0. This release introduces dependencies on libh2o-evloop and libwslay for support of DNS over HTTPS. Release Blog Post: https://blog.powerdns.com/2019/11/20/dnsdist-1-4-0/ Changelog: https://dnsdist.org/changelog.html#change-1.4.0 Also removes compatibility patches required for previous release that have been incorporated upstream. Signed-off-by: James Taylor <james@jtaylor.id.au>
5 years ago · 32fe1a6741
--- a/net/dnsdist/Makefile
+++ b/net/dnsdist/Makefile
@ -1,12 +1,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=dnsdist
 PKG_VERSION:=1.3.3
 PKG_RELEASE:=3
 PKG_VERSION:=1.4.0
 PKG_RELEASE:=1

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=https://downloads.powerdns.com/releases/
 PKG_HASH:=9fb24f9032025955169f3c6e9b0a05b6aa9d6441ec47da08d22de1c1aa23e8cf
 PKG_HASH:=a336fa2c3eb381c2464d9d9790014fd6d4505029ed2c1b73ee1dc9115a2f1dc0

 PKG_MAINTAINER:=James Taylor <james@jtaylor.id.au>
 PKG_LICENSE:=GPL-2.0-only
@ -22,22 +22,43 @@ PKG_CONFIG_DEPENDS:= \
 include $(INCLUDE_DIR)/package.mk

 define Package/dnsdist/config
 comment "SSL support"

 choice
        prompt "Selected SSL library"
        default DNSDIST_OPENSSSL

        config DNSDIST_OPENSSL
                bool "OpenSSL"

        config DNSDIST_GNUTLS
                bool "GnuTLS"

        config DNSDIST_NOSSL
                bool "No SSL support"

 endchoice
 menu "Configuration"
 	depends on PACKAGE_dnsdist

 	comment "SSL Support"
 	choice
 		prompt "Selected SSL library"
 		default DNSDIST_OPENSSSL

 		config DNSDIST_OPENSSL
 			bool "OpenSSL"

 		config DNSDIST_GNUTLS
 			bool "GnuTLS"

 		config DNSDIST_NOSSL
 			bool "No SSL support"

 	endchoice

 	comment "DNS over HTTPS/TLS Support
 	depends on !DNSDIST_NOSSL

 	config DNSDIST_DNS_OVER_HTTPS
 	depends on DNSDIST_OPENSSL
 	depends on !DNSDIST_NOSSL
 		bool "DNS over HTTPS Support"
 		help
 			"Enables DNS over HTTPS Support for dnsdist"
 		default y

 	config DNSDIST_DNS_OVER_TLS
 	depends on !DNSDIST_NOSSL
 		bool "DNS over TLS Support"
 		help
 			"Enabled DNS over TLS Support for dnsdist"
 		default y
 endmenu
 endef

 define Package/dnsdist
@ -45,7 +66,7 @@ define Package/dnsdist
  CATEGORY:=Network
  SUBMENU:=IP Addresses and Names
  TITLE:=dnsdist DNS-, DOS- and abuse-aware loadbalancer
  DEPENDS:=+DNSDIST_OPENSSL:libopenssl +DNSDIST_GNUTLS:libgnutls +protobuf +re2 +libedit +libfstrm +libsodium +lua +boost +libnetsnmp +libatomic
  DEPENDS:=+DNSDIST_OPENSSL:libopenssl +DNSDIST_GNUTLS:libgnutls +protobuf +re2 +libedit +libfstrm +lua +boost +libnetsnmp +libatomic +libsodium +DNSDIST_DNS_OVER_HTTPS:libh2o-evloop
  URL:=https://dnsdist.org/
 endef

@ -63,15 +84,16 @@ endef

 CONFIGURE_ARGS+= \
 	--enable-dnscrypt \
 	$(if $(CONFIG_DNSDIST_NOSSL),,--enable-dns-over-tls) \
 	--enable-fstrm \
 	--enable-libsodium \
 	--enable-protobuf \
 	--enable-re2 \
 	--enable-dnstap \
 	--with-libsodium \
 	--with-protobuf \
 	--with-re2 \
 	--with-lua=lua \
 	--with-net-snmp \
        $(if $(CONFIG_DNSDIST_GNUTLS),--enable,--disable)-gnutls \
        $(if $(CONFIG_DNSDIST_OPENSSL),--enable,--disable)-libssl
 	$(if $(CONFIG_DNSDIST_GNUTLS),--with,--without)-gnutls \
 	$(if $(CONFIG_DNSDIST_OPENSSL),--with,--without)-libssl \
 	$(if $(CONFIG_DNSDIST_DNS_OVER_TLS),--enable-dns-over-tls,) \
 	$(if $(CONFIG_DNSDIST_DNS_OVER_HTTPS),--enable-dns-over-https,)

 define Package/dnsdist/install
 	$(INSTALL_DIR) $(1)/etc
--- a/net/dnsdist/patches/100-net-snmp-config-Use-netsnmp_agent_libs-instead-of-agent_libs.patch
+++ b/net/dnsdist/patches/100-net-snmp-config-Use-netsnmp_agent_libs-instead-of-agent_libs.patch
@ -1,23 +0,0 @@
 From d73bc006c62e4340ab56dd4baba5bc8eb8e1db49 Mon Sep 17 00:00:00 2001
 From: Remi Gacogne <remi.gacogne@powerdns.com>
 Date: Mon, 13 May 2019 16:01:06 +0200
 Subject: [PATCH] SNMP: Use net-snmp-config --netsnmp-agent-libs instead of
 --agent-libs

 ---
 m4/pdns_with_net_snmp.m4 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

 diff --git a/m4/pdns_with_net_snmp.m4 b/m4/pdns_with_net_snmp.m4
 index 8040672e6c..2da80c75fc 100644
 --- a/m4/pdns_with_net_snmp.m4
 +++ b/m4/pdns_with_net_snmp.m4
@@ -10,7 +10,7 @@ AC_DEFUN([PDNS_WITH_NET_SNMP], [
   AS_IF([test "x$with_net_snmp" != "xno"], [
     AS_IF([test "x$with_net_snmp" = "xyes" -o "x$with_net_snmp" = "xauto"], [
       AC_CHECK_PROG([NET_SNMP_CFLAGS], [net-snmp-config], [`net-snmp-config --cflags`])
 -      AC_CHECK_PROG([NET_SNMP_LIBS], [net-snmp-config], [`net-snmp-config --agent-libs`])
 +      AC_CHECK_PROG([NET_SNMP_LIBS], [net-snmp-config], [`net-snmp-config --netsnmp-agent-libs`])
       AC_CHECK_DECLS([snmp_select_info2], [ : ], [ : ],
         [AC_INCLUDES_DEFAULT
           #include <net-snmp/net-snmp-config.h>
--- a/net/dnsdist/patches/200-libatomic-detect.patch
+++ b/net/dnsdist/patches/200-libatomic-detect.patch
@ -1,34 +0,0 @@
 --- a/m4/pdns_check_os.m4
 +++ b/m4/pdns_check_os.m4
@@ -35,16 +35,21 @@
   AM_CONDITIONAL([HAVE_LINUX], [test "x$have_linux" = "xyes"])
   AM_CONDITIONAL([HAVE_SOLARIS], [test "x$have_solaris" = "xyes"])

 -  case "$host" in
 -  mips* | powerpc-* )
 -    AC_MSG_CHECKING([whether the linker accepts -latomic])
 -    LDFLAGS="-latomic $LDFLAGS"
 -    AC_LINK_IFELSE([m4_default([],[AC_LANG_PROGRAM()])],
 -      [AC_MSG_RESULT([yes])],
 -      [AC_MSG_ERROR([Unable to link against libatomic, cannot continue])]
 -    )
 -    ;;
 -  esac
 +  AC_MSG_CHECKING([whether -latomic is needed for __atomic builtins])
 +  AC_LINK_IFELSE(
 +    [AC_LANG_PROGRAM([[#include <stdint.h>]],
 +       [[uint64_t val = 0; __atomic_add_fetch(&val, 1, __ATOMIC_RELAXED);]]
 +    )],
 +    [AC_MSG_RESULT([no])],
 +    [LIBS="$LIBS -latomic"
 +     AC_LINK_IFELSE(
 +       [AC_LANG_PROGRAM([[#include <stdint.h>]],
 +               [[uint64_t val = 0; __atomic_add_fetch(&val, 1, __ATOMIC_RELAXED);]]
 +       )],
 +       [AC_MSG_RESULT([yes])],
 +       [AC_MSG_FAILURE([libatomic needed, but linking with -latomic failed, cannot continue])]
 +    )]
 +  )

   AC_SUBST(THREADFLAGS)
   AC_SUBST([DYNLINKFLAGS], [-export-dynamic])
--- a/net/dnsdist/patches/300-openssl-deprecated.patch
+++ b/net/dnsdist/patches/300-openssl-deprecated.patch
@ -1,29 +0,0 @@
 --- a/tcpiohandler.cc
 +++ b/tcpiohandler.cc
@@ -369,8 +369,10 @@ public:
     }
 
     if (s_users.fetch_add(1) == 0) {
 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
       ERR_load_crypto_strings();
       OpenSSL_add_ssl_algorithms();
 +#endif
       openssl_thread_setup();
 
       s_ticketsKeyIndex = SSL_CTX_get_ex_new_index(0, nullptr, nullptr, nullptr, nullptr);
@@ -439,6 +441,7 @@ public:
     d_tlsCtx.reset();
 
     if (s_users.fetch_sub(1) == 1) {
 +#if OPENSSL_VERSION_NUMBER < 0x10100000L
       ERR_free_strings();
 
       EVP_cleanup();
@@ -448,6 +451,7 @@ public:
       CONF_modules_unload(1);
 
       CRYPTO_cleanup_all_ex_data();
 +#endif
       openssl_thread_cleanup();
     }
   }