dnsdist: remove, updated in pkgsrc

To: pkgsrc-wip-changes%NetBSD.org@localhost
Subject: dnsdist: remove, updated in pkgsrc
From: Thomas Klausner (via pkgsrc-wip) <commit-notify%pkgsrc.org@localhost>
Date: Tue, 31 Mar 2026 13:31:20 +0000
Module Name:	pkgsrc-wip
Committed By:	Thomas Klausner <wiz%NetBSD.org@localhost>
Pushed By:	wiz
Date:		Tue Mar 31 15:31:12 2026 +0200
Changeset:	b565d8e5cbc18efd5672316aa49c3e49f3768539

Removed Files:
	dnsdist/COMMIT_MSG
	dnsdist/DESCR
	dnsdist/Makefile
	dnsdist/PLIST
	dnsdist/distinfo
	dnsdist/files/dnsdist.sh
	dnsdist/files/smf/manifest.xml
	dnsdist/patches/patch-configure

Log Message:
dnsdist: remove, updated in pkgsrc

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=b565d8e5cbc18efd5672316aa49c3e49f3768539

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 dnsdist/COMMIT_MSG              | 42 -----------------------
 dnsdist/DESCR                   |  4 ---
 dnsdist/Makefile                | 75 -----------------------------------------
 dnsdist/PLIST                   |  4 ---
 dnsdist/distinfo                |  6 ----
 dnsdist/files/dnsdist.sh        | 24 -------------
 dnsdist/files/smf/manifest.xml  | 28 ---------------
 dnsdist/patches/patch-configure | 15 ---------
 8 files changed, 198 deletions(-)

diffs:
diff --git a/dnsdist/COMMIT_MSG b/dnsdist/COMMIT_MSG
deleted file mode 100644
index ad77715739..0000000000
--- a/dnsdist/COMMIT_MSG
+++ /dev/null
@@ -1,42 +0,0 @@
-net/dnsdist: Update to version 2.0.3
-
-Released: 31st of March 2026
-Improvements
-Add a metric for the latency of the latest health-check
-References: pull request 16863
-Export DNS flags via ProtoBuf
-References: pull request 16865
-Add a histogram of health-check latencies for backends
-References: pull request 16883
-
-Bug Fixes
-CVE-2026-0396: An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via either "DynBlockRulesGroup:setSuffixMatchRule" or "DynBlockRulesGroup:setSuffixMatchRuleFFI"
-References: pull request 17065
-CVE-2026-0397: When the internal webserver is enabled (default is disabled), an attacker might be able to trick an administrator logged into the dashboard into visiting a malicious website and extract information about the running configuration from the dashboard
-References: pull request 17066
-CVE-2026-24028: An attacker might be able to trigger an out-of-bounds read by sending a crafted DNS response packet, when custom Lua code uses "newDNSPacketOverlay" to parse DNS packets
-References: pull request 17067
-CVE-2026-24029: When the "early_acl_drop" ("earlyACLDrop" in Lua) option is disabled (default is enabled) on a DNS over HTTPs frontend using the "nghttp2" provider, the ACL check is skipped, allowing all clients to send DoH queries regardless of the configured ACL
-References: pull request 17068
-CVE-2026-24030: An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 payloads, resulting in denial of service
-References: pull request 17069
-CVE-2026-27853: An attacker might be able to trigger an out-of-bounds write by sending crafted DNS responses to a DNSdist using the "DNSQuestion:changeName" or "DNSResponse:changeName" methods in custom Lua code. In some cases the rewritten packet might become larger than the initial response and even exceed 65535 bytes, potentially leading to a crash resulting in denial of service
-References: pull request 17071
-CVE-2026-27854: Denial of service when using "DNSQuestion:getEDNSOptions" method in custom Lua code
-References: pull request 17070
-Fix wrong address being inserted in the rings for responses
-References: pull request 16851
-Work around Quiche not dealing well with removed congestion algorithms
-References: pull request 16867
-Fix build error when only protobuf is enabled
-References: pull request 16584
-Add missing #if statements to dnsdist-lua.cc
-References: pull request 16592
-Do not keep stale cache entries around for empty pools
-References: pull request 16850
-Fix handling of IP-only TLS certificates
-References: pull request 16860
-Handle escaped values in YAML SpoofRaw parameters
-References: pull request 16866
-Don't start the NetworkListener thread in config check mode
-References: pull request 16900
diff --git a/dnsdist/DESCR b/dnsdist/DESCR
deleted file mode 100644
index 8b6e998da8..0000000000
--- a/dnsdist/DESCR
+++ /dev/null
@@ -1,4 +0,0 @@
-dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its
-goal in life is to route traffic to the best server, delivering top
-performance to legitimate users while shunting or blocking abusive
-traffic.
diff --git a/dnsdist/Makefile b/dnsdist/Makefile
deleted file mode 100644
index fb81760bd9..0000000000
--- a/dnsdist/Makefile
+++ /dev/null
@@ -1,75 +0,0 @@
-# $NetBSD: Makefile,v 1.46 2026/02/06 10:05:30 wiz Exp $
-
-DISTNAME=	dnsdist-2.0.3
-CATEGORIES=	net
-MASTER_SITES=	https://downloads.powerdns.com/releases/
-EXTRACT_SUFX=	.tar.xz
-
-MAINTAINER=	drixter%e-utp.net@localhost
-HOMEPAGE=	https://dnsdist.org/
-COMMENT=	Highly DNS-, DoS- and abuse-aware loadbalancer
-LICENSE=	gnu-gpl-v2
-
-TOOL_DEPENDS+=		${PYPKGPREFIX}-yaml-[0-9]*:../../textproc/py-yaml
-
-USE_LANGUAGES=		c c++
-USE_CXX_FEATURES=	c++11
-USE_TOOLS+=		gmake pkg-config
-GNU_CONFIGURE=		yes
-
-.include "../../mk/bsd.prefs.mk"
-
-BUILD_DEFS+=			DNSDIST_USER DNSDIST_GROUP
-DNSDIST_USER?=			dnsdist
-DNSDIST_GROUP?=			dnsdist
-PKG_GROUPS+=			${DNSDIST_GROUP}
-PKG_USERS+=			${DNSDIST_USER}:${DNSDIST_GROUP}
-PKG_GECOS.${DNSDIST_USER}=	dnsdist daemon user
-
-CHECK_WRKREF_SKIP+=		bin/dnsdist
-
-FILES_SUBST+=	DNSDIST_USER=${DNSDIST_USER}
-FILES_SUBST+=	DNSDIST_GROUP=${DNSDIST_GROUP}
-
-CONFIGURE_ARGS+=	--enable-dns-over-tls
-CONFIGURE_ARGS+=	--enable-dnscrypt
-CONFIGURE_ARGS+=	--enable-dnstap
-CONFIGURE_ARGS+=	--with-libsodium
-CONFIGURE_ARGS+=	--with-libssl
-CONFIGURE_ARGS+=	--with-lua
-CONFIGURE_ARGS+=	--with-nghttp2
-CONFIGURE_ARGS+=	--with-re2
-CONFIGURE_ARGS+=	--without-net-snmp
-CONFIGURE_ARGS+=	--enable-dns-over-https
-CONFIGURE_ARGS+=	--sysconfdir=${PKG_SYSCONFDIR}
-CONFIGURE_ARGS+=	--with-boost=${BUILDLINK_PREFIX.boost-headers}
-
-.include "../../mk/readline.buildlink3.mk"
-
-.if ${READLINE_TYPE} == "editline"
-CONFIGURE_ARGS+=	--with-libedit
-CONFIGURE_ENV+=		LIBEDIT_CFLAGS="-I${BUILDLINK_PREFIX.editlinereadline}/include"
-CONFIGURE_ENV+=		LIBEDIT_LIBS="-L${BUILDLINK_PREFIX.editlinereadline}/lib ${BUILDLINK_LDADD.editlinereadline}"
-.else
-CONFIGURE_ARGS+=	--without-libedit
-.endif
-
-EGDIR=			${PREFIX}/share/examples/dnsdist
-CONF_FILES=		${EGDIR}/dnsdist.conf-dist ${PKG_SYSCONFDIR}/dnsdist.conf
-INSTALLATION_DIRS+=	${EGDIR}
-INSTALL_MAKE_FLAGS=	${MAKE_FLAGS} sysconfdir=${EGDIR}
-
-RCD_SCRIPTS+=		dnsdist
-
-.include "../../databases/lmdb/buildlink3.mk"
-.include "../../security/gnutls/buildlink3.mk"
-.include "../../devel/boost-headers/buildlink3.mk"
-.include "../../devel/re2/buildlink3.mk"
-.include "../../lang/lua/buildlink3.mk"
-.include "../../net/fstrm/buildlink3.mk"
-.include "../../security/libsodium/buildlink3.mk"
-.include "../../security/openssl/buildlink3.mk"
-.include "../../www/nghttp2/buildlink3.mk"
-.include "../../lang/python/pyversion.mk"
-.include "../../mk/atomic64.mk"
-.include "../../mk/bsd.pkg.mk"
diff --git a/dnsdist/PLIST b/dnsdist/PLIST
deleted file mode 100644
index f84e457785..0000000000
--- a/dnsdist/PLIST
+++ /dev/null
@@ -1,4 +0,0 @@
-@comment $NetBSD: PLIST,v 1.3 2025/08/12 07:22:24 wiz Exp $
-bin/dnsdist
-man/man1/dnsdist.1
-share/examples/dnsdist/dnsdist.conf-dist
diff --git a/dnsdist/distinfo b/dnsdist/distinfo
deleted file mode 100644
index f06171eb31..0000000000
--- a/dnsdist/distinfo
+++ /dev/null
@@ -1,6 +0,0 @@
-$NetBSD: distinfo,v 1.23 2025/12/04 23:18:59 wiz Exp $
-
-BLAKE2s (dnsdist-2.0.3.tar.xz) = 8c052b5f0636aa6d1515c9431c033e53b4adc345e0999e1d32c079fb20a6548f
-SHA512 (dnsdist-2.0.3.tar.xz) = 10922b91c39433414fee61e09894fbe1bc4b860558f3f6b4e729db0c561d33a22a17beff4162432bbc0a479b9edbaece735ae1f566a58b7d2da60b7e97b376b9
-Size (dnsdist-2.0.3.tar.xz) = 2285640 bytes
-SHA1 (patch-configure) = d9ec9f3416862f471a3029168681b9512ced68b9
diff --git a/dnsdist/files/dnsdist.sh b/dnsdist/files/dnsdist.sh
deleted file mode 100644
index c4b5d56543..0000000000
--- a/dnsdist/files/dnsdist.sh
+++ /dev/null
@@ -1,24 +0,0 @@
-#!@RCD_SCRIPTS_SHELL@
-#
-# $NetBSD: dnsdist.sh,v 1.2 2022/10/24 11:08:15 jperkin Exp $
-#
-# PROVIDE: dnsdist 
-# REQUIRE: DAEMON network
-# KEYWORD: shutdown
-
-if [ -f /etc/rc.subr ]; then
-	. /etc/rc.subr
-fi
-
-name="dnsdist"
-rcvar=$name
-command="@PREFIX@/bin/dnsdist"
-dnsdist_flags="${dnsdist_flags:- -u @DNSDIST_USER@ -g @DNSDIST_GROUP@ -C @PKG_SYSCONFDIR@/dnsdist.conf}"
-
-if [ -f /etc/rc.subr ]; then
-        load_rc_config $name
-	run_rc_command "$1"
-else
-	echo -n "${name}"
-	${command} ${dnsdist_flags}
-fi
diff --git a/dnsdist/files/smf/manifest.xml b/dnsdist/files/smf/manifest.xml
deleted file mode 100644
index 739af89727..0000000000
--- a/dnsdist/files/smf/manifest.xml
+++ /dev/null
@@ -1,28 +0,0 @@
-<?xml version="1.0"?>
-<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
-<service_bundle type="manifest" name="export">
-  <service name="@SMF_PREFIX@/@SMF_NAME@" type="service" version="1">
-    <create_default_instance enabled="false" />
-    <single_instance />
-    <dependency name="network" grouping="require_all" restart_on="error" type="service">
-      <service_fmri value="svc:/milestone/network:default" />
-    </dependency>
-    <dependency name="filesystem" grouping="require_all" restart_on="error" type="service">
-      <service_fmri value="svc:/system/filesystem/local" />
-    </dependency>
-    <exec_method type="method" name="start" exec="@PREFIX@/bin/dnsdist --supervised -u @DNSDIST_USER@ -g @DNSDIST_GROUP@ -C %{config_file} &amp;" timeout_seconds="60" />
-    <exec_method type="method" name="stop" exec=":kill" timeout_seconds="60" />
-    <property_group name="startd" type="framework">
-      <propval name="duration" type="astring" value="contract" />
-      <propval name="ignore_error" type="astring" value="core,signal" />
-    </property_group>
-    <property_group name="application" type="application">
-      <propval name="config_file" type="astring" value="@PKG_SYSCONFDIR@/dnsdist.conf" />
-    </property_group>
-    <template>
-      <common_name>
-        <loctext xml:lang="C">dnsdist daemon</loctext>
-      </common_name>
-    </template>
-  </service>
-</service_bundle>
diff --git a/dnsdist/patches/patch-configure b/dnsdist/patches/patch-configure
deleted file mode 100644
index 7d38911532..0000000000
--- a/dnsdist/patches/patch-configure
+++ /dev/null
@@ -1,15 +0,0 @@
-$NetBSD: patch-configure,v 1.5 2025/10/31 15:54:55 jperkin Exp $
-
-Fix --without-libedit, required when using readline.
-
---- configure.orig	2025-10-31 15:48:25.770875216 +0000
-+++ configure
-@@ -18916,7 +18916,7 @@ printf %s "checking whether to link in l
- # Check whether --with-libedit was given.
- if test ${with_libedit+y}
- then :
--  withval=$with_libedit; with_libedit=$enableval
-+  withval=$with_libedit; with_libedit=$withval
- else case e in #(
-   e) with_libedit=yes
-    ;;
Prev by Date: net/dnsdist: Update to version 2.0.3
Previous by Thread: net/dnsdist: Update to version 2.0.3
Indexes:
Home | Main Index | Thread Index | Old Index