Update net/powerdns to 4.0.3.

pkgsrc changes:

- Remove options for cryptopp and geoip (the latter to go into a
  separate package).
- Clean up a lot of patches that do not seem to be needed anymore.

PowerDNS Authoritative Server 4.0.3
===================================

- Revert "In 'Bind2Backend::lookup()', use the 'zoneId' when we have it"

PowerDNS Authoritative Server 4.0.2

Security issues fixed:

- 2016-02: Crafted queries can cause abnormal CPU usage
- 2016-03: Denial of service via the web server
- 2016-04: Insufficient validation of TSIG signatures
- 2016-05: Crafted zone record can cause a denial of service

Other highlights:

- Don't parse spurious RRs in queries when we don't need them (Security
  Advisory 2016-02)
- Don't exit if the webserver can't accept a connection (Security
  Advisory 2016-03)
- Check TSIG signature on IXFR (Security Advisory 2016-04)
- Correctly check unknown record content size (Security Advisory
  2016-05)
- ODBC backend: actually prepare statements
- Improve root-zone performance
- Plug memory leak in postgresql backend (Christian Hofstaedtler)
- calidns: Don't crash if we don't have enough 'unknown' queries
  remaining
- Improve PacketCache cleaning (Kees Monshouwer)
- Bind backend: update status message on reload, keep the existing zone
  on failure
- Fix TSIG for single thread distributor (Kees Monshouwer)
- Change default for any-to-tcp to yes (Kees Monshouwer)
- Don't look up the packet cache for TSIG-enabled queries
- Fix build with OpenSSL 1.1.0 final (Christian Hofstaedtler)
- pdnsutil: create-slave-zone accept multiple masters (Hannu Ylitalo)

PowerDNS Authoritative Server 4.0.1
===================================

Bug fixes
- Wait for the connection to the carbon server to be established
- Don't try to deallocate empty PG statements
- Send the correct response when queried for an NSEC directly (Kees
  Monshouwer)
- Don't include bind files if length <= 2 or > sizeof(filename)
- Catch runtime_error when parsing a broken MNAME

Improvements
- Make DNSPacket return a ComboAddredd for local and remote (Aki Tuomi)
- OpenSSL 1.1.0 support (Christian Hofstaedtler)
- Fix typos in a logmessage and exception (Christian Hofsteadtler)
- pdnsutil: Remove checking of ctime and always diff the changes (Hannu
  Ylitalo)
- dnsreplay: Only add Client Subnet stamp when asked
- Use toLogString() for ringAccount (Kees Monshouwer)

Additions
- Add limits to the size of received {A,I}XFR
- Add used filedescriptor statistic (Kees Monshouwer)

PowerDNS Authoritative Server 4.0.0
===================================

- Moved to C++ 2011, a cleaner more powerful version of C++ that has
  allowed us to improve the quality of implementation in many places.
- Implemented dedicated infrastructure for dealing with DNS names that
  is fully "DNS Native" and needs less escaping and unescaping.
- Due to this, the PowerDNS Authoritative Server can now serve
  DNSSEC-enabled root-zones.
- All backends derived from the Generic SQL backend use prepared
  statements.
- Both the server and pdns_control do the right thing when chroot'ed.
- Caches are now fully canonically ordered, which means entries can be
  wiped on suffix in all places
- A revived and supported ODBC backend (godbc).
- A revived and supported LDAP backend (ldap).
- Support for CDS/CDNSKEY and RFC 7344 key-rollovers.
- Support for the ALIAS record.
- The webserver and API are no longer experimental.
- The API-path has moved to /api/v1
- DNSUpdate is no longer experimental.
- ECDSA (algorithm 13 and 14) supported without in-tree cryptographic
  libraries (provided by OpenSSL).
- Experimental support for ed25519 DNSSEC signatures (when compiled with
  libsodium support).
- Many new pdnsutil commands.
- GeoIP backend has gained many features, and can now e.g. run based on
  explicit netmasks not present in the GeoIP databases
- Removed support for LMDB.
- Removed the Geo backened (use the improved GeoIP instead).
- pdnssec has been renamed to pdnsutil.
- Support for the PolarSSL/MbedTLS, Crypto++ and Botan cryptographic
  libraries have been dropped in favor of the (faster) OpenSSL libcrypto
  (except for GOST, which is still provided by Botan).
- ECDSA P256 SHA256 (algorithm 13) is now the default algorithm when
  securing zones.
- The PowerDNS Authoritative Server now listens by default on all IPv6
  addresses.
- Several superfluous queries have been dropped from the Generic SQL
  backends.
- The INCEPTION, INCEPTION-WEEK and EPOCH SOA-EDIT metadata values are
  marked as deprecated and will be removed in 4.1.0

1 files changed, 26 insertions, 11 deletions

diff --git a/net/powerdns/PLIST b/net/powerdns/PLIST
index dea1a8f9b3c..8e3a17de35e 100644
--- a/net/powerdns/PLIST
+++ b/net/powerdns/PLIST
@@ -1,32 +1,47 @@
-@comment $NetBSD: PLIST,v 1.8 2016/06/03 11:45:34 fhajny Exp $
+@comment $NetBSD: PLIST,v 1.9 2017/03/09 13:32:54 fhajny Exp $
 ${PLIST.tools}bin/dnsbulktest
+${PLIST.tools}bin/dnsgram
 ${PLIST.tools}bin/dnsreplay
 ${PLIST.tools}bin/dnsscan
 ${PLIST.tools}bin/dnsscope
 ${PLIST.tools}bin/dnstcpbench
 ${PLIST.tools}bin/dnswasher
+${PLIST.tools}bin/dumresp
+${PLIST.tools}bin/ixplore
 ${PLIST.tools}bin/nproxy
 ${PLIST.tools}bin/nsec3dig
 bin/pdns_control
-bin/pdnssec
+${PLIST.tools}bin/pdns_notify
+bin/pdnsutil
 ${PLIST.tools}bin/saxfr
+${PLIST.tools}bin/sdig
+${PLIST.tools}bin/stubquery
 bin/zone2json
-bin/zone2ldap
 bin/zone2sql
-lib/pdns/pdns/libgeobackend.la
 ${PLIST.bind}lib/pdns/pdns/libbindbackend.la
+${PLIST.sqlite}lib/pdns/pdns/libgsqlite3backend.la
 ${PLIST.pipe}lib/pdns/pdns/libpipebackend.la
 ${PLIST.random}lib/pdns/pdns/librandombackend.la
 ${PLIST.remote}lib/pdns/pdns/libremotebackend.la
-${PLIST.sqlite}lib/pdns/pdns/libgsqlite3backend.la
-${PLIST.tools}man/man1/dnstcpbench.1
-${PLIST.tools}man/man1/dnsreplay.1
-${PLIST.tools}man/man1/dnsscope.1
-${PLIST.tools}man/man1/dnstcpbench.1
-${PLIST.tools}man/man1/dnswasher.1
+man/man1/calidns.1
+man/man1/dnsbulktest.1
+man/man1/dnsgram.1
+man/man1/dnsreplay.1
+man/man1/dnsscan.1
+man/man1/dnsscope.1
+man/man1/dnstcpbench.1
+man/man1/dnswasher.1
+man/man1/dumresp.1
+man/man1/ixplore.1
+man/man1/nproxy.1
+man/man1/nsec3dig.1
 man/man1/pdns_control.1
+man/man1/pdns_notify.1
 man/man1/pdns_server.1
-man/man1/pdnssec.1
+man/man1/pdnsutil.1
+man/man1/saxfr.1
+man/man1/sdig.1
+man/man1/zone2json.1
 man/man1/zone2ldap.1
 man/man1/zone2sql.1
 sbin/pdns_server