Pullup ticket #6248 - requested by otis

net/powerdns-recursor: security fix Revisions pulled up: - net/powerdns-recursor/Makefile 1.36 - net/powerdns-recursor/distinfo 1.32 - net/powerdns-recursor/patches/patch-iputils.hh deleted - net/powerdns-recursor/patches/patch-misc.cc 1.1 - net/powerdns-recursor/patches/patch-misc.hh 1.1 - net/powerdns-recursor/patches/patch-pdns__recursor.cc 1.6 - net/powerdns-recursor/patches/patch-rec-carbon.cc 1.1 - net/powerdns-recursor/patches/patch-rec__control.cc 1.1 - net/powerdns-recursor/patches/patch-webserver.cc 1.1 - net/powerdns-recursor/patches/patch-ws-recursor.cc 1.1 --- Module Name: pkgsrc Committed By: otis Date: Wed Jun 17 22:55:11 UTC 2020 Modified Files: pkgsrc/net/powerdns-recursor: Makefile distinfo Added Files: pkgsrc/net/powerdns-recursor/patches: patch-misc.cc patch-misc.hh patch-pdns__recursor.cc patch-rec-carbon.cc patch-rec__control.cc patch-webserver.cc patch-ws-recursor.cc Removed Files: pkgsrc/net/powerdns-recursor/patches: patch-iputils.hh Log Message: net/powerdns-recursor: Update to 4.3.1 Changelog since 4.3.0: * Released: - 19th of May 2020 * Improvements: - Add ubuntu focal target. * Bug Fixes: - Backport of security fixes for: - CVE-2020-10995 - CVE-2020-12244 - CVE-2020-10030 - avoid a crash when loading an invalid RPZ. - RPZ dumpFile/seedFile: store/get SOA refresh on dump/load. * misc: - Update boost.m4.
author: bsiegert <bsiegert@pkgsrc.org> 2020-06-25 18:21:29 +0000
committer: bsiegert <bsiegert@pkgsrc.org> 2020-06-25 18:21:29 +0000
commit: 69e6725b36bfdae5b2e5691e645116a525e37642 (patch)
tree: 3f36e59978754f05225ba41577a0aebb52ea3b14
parent: 08299243dcd1a9bbb75ef45f9c3c768ccdd325c7 (diff)
download: pkgsrc-69e6725b36bfdae5b2e5691e645116a525e37642.tar.gz
10 files changed, 216 insertions, 25 deletions
diff --git a/net/powerdns-recursor/Makefile b/net/powerdns-recursor/Makefile
index f7aeaf99c53..150736b5391 100644
--- a/net/powerdns-recursor/Makefile
+++ b/net/powerdns-recursor/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.35 2020/03/17 19:07:29 adam Exp $
+# $NetBSD: Makefile,v 1.35.2.1 2020/06/25 18:21:29 bsiegert Exp $
 
-DISTNAME=	pdns-recursor-4.3.0
+DISTNAME=	pdns-recursor-4.3.1
 PKGNAME=	${DISTNAME:S/pdns/powerdns/}
 CATEGORIES=	net
 MASTER_SITES=	http://downloads.powerdns.com/releases/
diff --git a/net/powerdns-recursor/distinfo b/net/powerdns-recursor/distinfo
index 1387cec4a07..0c208036d89 100644
--- a/net/powerdns-recursor/distinfo
+++ b/net/powerdns-recursor/distinfo
@@ -1,12 +1,18 @@
-$NetBSD: distinfo,v 1.30 2020/03/17 19:07:29 adam Exp $
+$NetBSD: distinfo,v 1.30.2.1 2020/06/25 18:21:29 bsiegert Exp $
 
-SHA1 (pdns-recursor-4.3.0.tar.bz2) = 8801c9ea575aa3bd88d793c252891d43ac529d31
-RMD160 (pdns-recursor-4.3.0.tar.bz2) = 9da059ca48866b31c577ea6b5a5ffd0cf9a08842
-SHA512 (pdns-recursor-4.3.0.tar.bz2) = 6ba4721f502e1e483d04e8d8cafa35d1cc088c6b3c73120a0cc90ff9c8e8f495a1591e01f0daf30d00f020e3aa06b1cf092ed6b8a0786070c307a6564812c085
-Size (pdns-recursor-4.3.0.tar.bz2) = 1349359 bytes
+SHA1 (pdns-recursor-4.3.1.tar.bz2) = 34d615b0bf4f321f16d54bbcb04fc850a4c789e8
+RMD160 (pdns-recursor-4.3.1.tar.bz2) = 363d74b92d7c609393269566c28d4ca25d7c0a69
+SHA512 (pdns-recursor-4.3.1.tar.bz2) = 49ae4957ef202f94ec87e6449dfa9c147689b5576ca1002e0155319099d698300c113e221571f6d41cb1cdc1649619621c2ccf8105620c25452ac30bd83e46b8
+Size (pdns-recursor-4.3.1.tar.bz2) = 1334817 bytes
 SHA1 (patch-dns.hh) = 7e9c1b10a066a605b74ebdbee2d894aed50f6c68
 SHA1 (patch-ext_json11_json11.cpp) = 2de8ea8b51556bd3e3c1a88f681697eff239ab1a
-SHA1 (patch-iputils.hh) = 9de7c58db7468da9fd2a175464becdbe339fac9d
+SHA1 (patch-misc.cc) = d404dbb0c08b1f055abd52fcee7eae6cc96b1d9c
+SHA1 (patch-misc.hh) = d6f33a0dd530526dac0669739785ea53ddd8fb2c
+SHA1 (patch-pdns__recursor.cc) = 69bb4aa20e691e557f9a8cac3a3ebf30c52febef
 SHA1 (patch-portsmplexer.cc) = b4d447d88d9f2a4e9c0dffb40a41a0e5fde7255a
 SHA1 (patch-qtype.hh) = f14eb9ad7efc7dd4a0ce220c1f93044ef69e99c2
+SHA1 (patch-rec-carbon.cc) = 443be1a7e7aad3e55fd9de2ae3a3359bb025f9a2
+SHA1 (patch-rec__control.cc) = 876a4527c871c4df05e0f14a2ea858e411ffefbd
 SHA1 (patch-version.cc) = 26226a02198edd9d8890a5199ee5a8051334fe41
+SHA1 (patch-webserver.cc) = 2b34430b990c8398daf565d4811fd12848234c6a
+SHA1 (patch-ws-recursor.cc) = 24d8582cff7207d84458dc123cc9976806c310b9
diff --git a/net/powerdns-recursor/patches/patch-iputils.hh b/net/powerdns-recursor/patches/patch-iputils.hh
deleted file mode 100644
index 22881982f7f..00000000000
--- a/net/powerdns-recursor/patches/patch-iputils.hh
+++ /dev/null
@@ -1,17 +0,0 @@
-$NetBSD: patch-iputils.hh,v 1.4 2017/06/15 07:15:57 fhajny Exp $
-
-- IP_PKTINFO structure different on NetBSD than expected.
-
---- iputils.hh.orig	2017-06-13 09:58:51.000000000 +0000
-+++ iputils.hh
-@@ -38,6 +38,10 @@
- #include <boost/tuple/tuple.hpp>
- #include <boost/tuple/tuple_comparison.hpp>
- 
-+#if defined(IP_PKTINFO) && defined(__NetBSD__)
-+#undef IP_PKTINFO
-+#endif
-+
- #include "namespaces.hh"
- 
- #ifdef __APPLE__
diff --git a/net/powerdns-recursor/patches/patch-misc.cc b/net/powerdns-recursor/patches/patch-misc.cc
new file mode 100644
index 00000000000..c32cbb24531
--- /dev/null
+++ b/net/powerdns-recursor/patches/patch-misc.cc
@@ -0,0 +1,55 @@
+$NetBSD: patch-misc.cc,v 1.1.2.2 2020/06/25 18:21:29 bsiegert Exp $
+
+backport changes based on PR #9127 from
+https://github.com/PowerDNS/pdns/pull/9127
+
+--- misc.cc.orig	2020-05-08 09:31:59.000000000 +0000
++++ misc.cc
+@@ -57,6 +57,7 @@
+ #include <sys/types.h>
+ #include <pwd.h>
+ #include <grp.h>
++#include <limits.h>
+ #ifdef __FreeBSD__
+ #  include <pthread_np.h>
+ #endif
+@@ -1563,3 +1564,39 @@ bool setPipeBufferSize(int fd, size_t si
+   return false;
+ #endif /* F_SETPIPE_SZ */
+ }
++
++static size_t getMaxHostNameSize()
++{
++#if defined(HOST_NAME_MAX)
++  return HOST_NAME_MAX;
++#endif
++
++#if defined(_SC_HOST_NAME_MAX)
++  auto tmp = sysconf(_SC_HOST_NAME_MAX);
++  if (tmp != -1) {
++    return tmp;
++  }
++#endif
++
++  /* _POSIX_HOST_NAME_MAX */
++  return 255;
++}
++
++std::string getCarbonHostName()
++{
++  std::string hostname;
++  hostname.resize(getMaxHostNameSize() + 1, 0);
++
++  if (gethostname(const_cast<char*>(hostname.c_str()), hostname.size()) != 0) {
++    throw std::runtime_error(stringerror());
++  }
++
++  auto pos = hostname.find(".");
++  if (pos != std::string::npos) {
++    hostname.resize(pos);
++  }
++
++  boost::replace_all(hostname, ".", "_");
++
++  return hostname;
++}
diff --git a/net/powerdns-recursor/patches/patch-misc.hh b/net/powerdns-recursor/patches/patch-misc.hh
new file mode 100644
index 00000000000..b5b0bf8831f
--- /dev/null
+++ b/net/powerdns-recursor/patches/patch-misc.hh
@@ -0,0 +1,13 @@
+$NetBSD: patch-misc.hh,v 1.1.2.2 2020/06/25 18:21:29 bsiegert Exp $
+
+backport changes based on PR #9127 from
+https://github.com/PowerDNS/pdns/pull/9127
+
+--- misc.hh.orig	2020-05-08 09:31:59.000000000 +0000
++++ misc.hh
+@@ -607,3 +607,5 @@ bool isSettingThreadCPUAffinitySupported
+ int mapThreadToCPUList(pthread_t tid, const std::set<int>& cpus);
+ 
+ std::vector<ComboAddress> getResolvers(const std::string& resolvConfPath);
++
++std::string getCarbonHostName();
diff --git a/net/powerdns-recursor/patches/patch-pdns__recursor.cc b/net/powerdns-recursor/patches/patch-pdns__recursor.cc
new file mode 100644
index 00000000000..dfb097c10cf
--- /dev/null
+++ b/net/powerdns-recursor/patches/patch-pdns__recursor.cc
@@ -0,0 +1,22 @@
+$NetBSD: patch-pdns__recursor.cc,v 1.6.2.2 2020/06/25 18:21:29 bsiegert Exp $
+
+--- pdns_recursor.cc.orig	2020-05-08 09:31:59.000000000 +0000
++++ pdns_recursor.cc
+@@ -4673,7 +4673,7 @@ int main(int argc, char **argv)
+     ::arg().set("socket-group","Group of socket")="";
+     ::arg().set("socket-mode", "Permissions for socket")="";
+ 
+-    ::arg().set("socket-dir",string("Where the controlsocket will live, ")+LOCALSTATEDIR+"/pdns-recursor when unset and not chrooted" )="";
++    ::arg().set("socket-dir",string("Where the controlsocket will live, ")+LOCALSTATEDIR+" when unset and not chrooted" )="";
+     ::arg().set("delegation-only","Which domains we only accept delegations from")="";
+     ::arg().set("query-local-address","Source IP address for sending queries")="0.0.0.0";
+     ::arg().set("query-local-address6","Source IPv6 address for sending queries. IF UNSET, IPv6 WILL NOT BE USED FOR OUTGOING QUERIES")="";
+@@ -4848,7 +4848,7 @@ int main(int argc, char **argv)
+ 
+     if (::arg()["socket-dir"].empty()) {
+       if (::arg()["chroot"].empty())
+-        ::arg().set("socket-dir") = std::string(LOCALSTATEDIR) + "/pdns-recursor";
++        ::arg().set("socket-dir") = std::string(LOCALSTATEDIR);
+       else
+         ::arg().set("socket-dir") = "/";
+     }
diff --git a/net/powerdns-recursor/patches/patch-rec-carbon.cc b/net/powerdns-recursor/patches/patch-rec-carbon.cc
new file mode 100644
index 00000000000..42628a0d984
--- /dev/null
+++ b/net/powerdns-recursor/patches/patch-rec-carbon.cc
@@ -0,0 +1,31 @@
+$NetBSD: patch-rec-carbon.cc,v 1.1.2.2 2020/06/25 18:21:29 bsiegert Exp $
+
+backport changes based on PR #9127 from
+https://github.com/PowerDNS/pdns/pull/9127
+
+--- rec-carbon.cc.orig	2020-06-17 21:27:18.582569489 +0000
++++ rec-carbon.cc
+@@ -32,17 +32,13 @@ try
+   if(namespace_name.empty()) {
+     namespace_name="pdns";
+   }
+-  if(hostname.empty()) {
+-    char tmp[HOST_NAME_MAX+1];
+-    memset(tmp, 0, sizeof(tmp));
+-    if (gethostname(tmp, sizeof(tmp)) != 0) {
+-      throw std::runtime_error("The 'carbon-ourname' setting has not been set and we are unable to determine the system's hostname: " + stringerror());
++  if (hostname.empty()) {
++    try {
++      hostname = getCarbonHostName();
++    }
++    catch(const std::exception& e) {
++      throw std::runtime_error(std::string("The 'carbon-ourname' setting has not been set and we are unable to determine the system's hostname: ") + e.what());
+     }
+-    char *p = strchr(tmp, '.');
+-    if(p) *p=0;
+-
+-    hostname=tmp;
+-    boost::replace_all(hostname, ".", "_");    
+   }
+   if(instance_name.empty()) {
+     instance_name="recursor";
diff --git a/net/powerdns-recursor/patches/patch-rec__control.cc b/net/powerdns-recursor/patches/patch-rec__control.cc
new file mode 100644
index 00000000000..e8178f541e7
--- /dev/null
+++ b/net/powerdns-recursor/patches/patch-rec__control.cc
@@ -0,0 +1,22 @@
+$NetBSD: patch-rec__control.cc,v 1.1.2.2 2020/06/25 18:21:29 bsiegert Exp $
+
+--- rec_control.cc.orig	2020-05-08 09:30:45.000000000 +0000
++++ rec_control.cc
+@@ -39,7 +39,7 @@ static void initArguments(int argc, char
+ {
+   arg().set("config-dir","Location of configuration directory (recursor.conf)")=SYSCONFDIR;
+ 
+-  arg().set("socket-dir",string("Where the controlsocket will live, ")+LOCALSTATEDIR+"/pdns-recursor when unset and not chrooted" )="";
++  arg().set("socket-dir",string("Where the controlsocket will live, ")+LOCALSTATEDIR+" when unset and not chrooted" )="";
+   arg().set("chroot","switch to chroot jail")="";
+   arg().set("process","When controlling multiple recursors, the target process number")="";
+   arg().set("timeout", "Number of seconds to wait for the recursor to respond")="5";
+@@ -72,7 +72,7 @@ static void initArguments(int argc, char
+ 
+   if (::arg()["socket-dir"].empty()) {
+     if (::arg()["chroot"].empty())
+-      ::arg().set("socket-dir") = std::string(LOCALSTATEDIR) + "/pdns-recursor";
++      ::arg().set("socket-dir") = std::string(LOCALSTATEDIR);
+     else
+       ::arg().set("socket-dir") = ::arg()["chroot"] + "/";
+   } else if (!::arg()["chroot"].empty()) {
diff --git a/net/powerdns-recursor/patches/patch-webserver.cc b/net/powerdns-recursor/patches/patch-webserver.cc
new file mode 100644
index 00000000000..8d578b524c9
--- /dev/null
+++ b/net/powerdns-recursor/patches/patch-webserver.cc
@@ -0,0 +1,35 @@
+$NetBSD: patch-webserver.cc,v 1.1.2.2 2020/06/25 18:21:29 bsiegert Exp $
+
+boost 1.73 moved placeholders into std::placeholders namespace
+backport changes based on PR #9070 from
+https://github.com/PowerDNS/pdns/pull/9070/
+
+--- webserver.cc.orig	2020-05-08 09:30:45.000000000 +0000
++++ webserver.cc
+@@ -107,7 +107,7 @@ static void bareHandlerWrapper(WebServer
+ 
+ void WebServer::registerBareHandler(const string& url, HandlerFunction handler)
+ {
+-  YaHTTP::THandlerFunction f = boost::bind(&bareHandlerWrapper, handler, _1, _2);
++  YaHTTP::THandlerFunction f = std::bind(&bareHandlerWrapper, handler, std::placeholders::_1, std::placeholders::_2);
+   YaHTTP::Router::Any(url, f);
+ }
+ 
+@@ -179,7 +179,7 @@ void WebServer::apiWrapper(WebServer::Ha
+ }
+ 
+ void WebServer::registerApiHandler(const string& url, HandlerFunction handler, bool allowPassword) {
+-  HandlerFunction f = boost::bind(&WebServer::apiWrapper, this, handler, _1, _2, allowPassword);
++  HandlerFunction f = std::bind(&WebServer::apiWrapper, this, handler, std::placeholders::_1, std::placeholders::_2, allowPassword);
+   registerBareHandler(url, f);
+ }
+ 
+@@ -196,7 +196,7 @@ void WebServer::webWrapper(WebServer::Ha
+ }
+ 
+ void WebServer::registerWebHandler(const string& url, HandlerFunction handler) {
+-  HandlerFunction f = boost::bind(&WebServer::webWrapper, this, handler, _1, _2);
++  HandlerFunction f = std::bind(&WebServer::webWrapper, this, handler, std::placeholders::_1, std::placeholders::_2);
+   registerBareHandler(url, f);
+ }
+ 
diff --git a/net/powerdns-recursor/patches/patch-ws-recursor.cc b/net/powerdns-recursor/patches/patch-ws-recursor.cc
new file mode 100644
index 00000000000..513eea5b7ca
--- /dev/null
+++ b/net/powerdns-recursor/patches/patch-ws-recursor.cc
@@ -0,0 +1,24 @@
+$NetBSD: patch-ws-recursor.cc,v 1.1.2.2 2020/06/25 18:21:29 bsiegert Exp $
+
+boost 1.73 moved placeholders into std::placeholders namespace
+backport changes based on PR #9070 from
+https://github.com/PowerDNS/pdns/pull/9070/
+
+--- ws-recursor.cc.orig	2020-05-08 09:31:59.000000000 +0000
++++ ws-recursor.cc
+@@ -512,7 +512,7 @@ RecursorWebServer::RecursorWebServer(FDM
+   d_ws->bind();
+ 
+   // legacy dispatch
+-  d_ws->registerApiHandler("/jsonstat", boost::bind(&RecursorWebServer::jsonstat, this, _1, _2), true);
++  d_ws->registerApiHandler("/jsonstat", std::bind(&RecursorWebServer::jsonstat, this, std::placeholders::_1, std::placeholders::_2), true);
+   d_ws->registerApiHandler("/api/v1/servers/localhost/cache/flush", &apiServerCacheFlush);
+   d_ws->registerApiHandler("/api/v1/servers/localhost/config/allow-from", &apiServerConfigAllowFrom);
+   d_ws->registerApiHandler("/api/v1/servers/localhost/config", &apiServerConfig);
+@@ -743,5 +743,5 @@ void AsyncWebServer::go() {
+   auto server = std::dynamic_pointer_cast<AsyncServer>(d_server);
+   if (!server)
+     return;
+-  server->asyncWaitForConnections(d_fdm, boost::bind(&AsyncWebServer::serveConnection, this, _1));
++  server->asyncWaitForConnections(d_fdm, std::bind(&AsyncWebServer::serveConnection, this, std::placeholders::_1));
+ }
author	bsiegert <bsiegert@pkgsrc.org>	2020-06-25 18:21:29 +0000
committer	bsiegert <bsiegert@pkgsrc.org>	2020-06-25 18:21:29 +0000
commit	69e6725b36bfdae5b2e5691e645116a525e37642 (patch)
tree	3f36e59978754f05225ba41577a0aebb52ea3b14
parent	08299243dcd1a9bbb75ef45f9c3c768ccdd325c7 (diff)
download	pkgsrc-69e6725b36bfdae5b2e5691e645116a525e37642.tar.gz