- Update to 4.3.0

- Add LICENSE_FILE
- Create directory for sockets and pidfile
- Update pkg-descr with a more descriptive text from website

PR:		244657
Submitted by:	yds <yds@Necessitu.de>
Approved by:	tremere@cainites.net (maintainer), ehaupt (mentor)
Changelog:	https://blog.powerdns.com/2020/03/03/powerdns-recursor-4-3-0-released/

11 files changed, 69 insertions, 44 deletions

diff --git a/dns/powerdns-recursor/Makefile b/dns/powerdns-recursor/Makefile
index 69d7bd9cf6cc..0235d7727e5a 100644
--- a/dns/powerdns-recursor/Makefile
+++ b/dns/powerdns-recursor/Makefile
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	recursor
-DISTVERSION=	4.2.1
+DISTVERSION=	4.3.0
 CATEGORIES=	dns
 MASTER_SITES=	http://downloads.powerdns.com/releases/
 PKGNAMEPREFIX=	powerdns-
@@ -12,6 +12,7 @@ MAINTAINER=	tremere@cainites.net
 COMMENT=	Advanced DNS recursor
 
 LICENSE=	GPLv2
+LICENSE_FILE=	${WRKSRC}/COPYING
 
 BROKEN_armv6=	fails to compile: use of overloaded operator << is ambiguous
 BROKEN_armv7=	fails to compile: use of overloaded operator << is ambiguous
@@ -34,20 +35,17 @@ CONFIGURE_ARGS=	--sysconfdir=${PREFIX}/etc/pdns \
 
 SUB_FILES=	pkg-message
 
-OPTIONS_DEFINE=		LUAJIT SETUID
-OPTIONS_DEFAULT=	SETUID
+USERS=		pdns_recursor
+GROUPS=		pdns
+
+OPTIONS_DEFINE=	LUAJIT
 
 LUAJIT_DESC=	Use LuaJIT instead of Lua
-SETUID_DESC=	Run as pdns_recursor user
 
 LUAJIT_LIB_DEPENDS=	libluajit-5.1.so.2:lang/luajit-openresty
 LUAJIT_USES_OFF=	lua
 LUAJIT_CONFIGURE_ON=	--with-lua=luajit
 
-SETUID_EXTRA_PATCHES=	${PATCHDIR}/extrapatch-setuid
-SETUID_VARS=		GROUPS=pdns \
-			USERS=pdns_recursor
-
 .include <bsd.port.pre.mk>
 
 .if ${OPSYS} == FreeBSD && ${OSVERSION} < 1200085 && ${SSL_DEFAULT} != openssl
@@ -57,4 +55,7 @@ LIB_DEPENDS+=		libdecaf.so:security/libdecaf \
 			libsodium.so:security/libsodium
 .endif
 
+post-install:
+	@${MKDIR} ${STAGEDIR}/var/run/pdns-recursor
+
 .include <bsd.port.post.mk>
diff --git a/dns/powerdns-recursor/distinfo b/dns/powerdns-recursor/distinfo
index bdb6129914ba..9a88375d02e5 100644
--- a/dns/powerdns-recursor/distinfo
+++ b/dns/powerdns-recursor/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1575887223
-SHA256 (pdns-recursor-4.2.1.tar.bz2) = 8d8c3235cc5281f0fc51946129f22758778f4c50bfda095d5856feb4c756891f
-SIZE (pdns-recursor-4.2.1.tar.bz2) = 1318022
+TIMESTAMP = 1583454090
+SHA256 (pdns-recursor-4.3.0.tar.bz2) = 2bc130f287dfdb32e03d0b38a4ac24baf1117f96eca9b407611c847fa08a628f
+SIZE (pdns-recursor-4.3.0.tar.bz2) = 1349359
diff --git a/dns/powerdns-recursor/files/extrapatch-setuid b/dns/powerdns-recursor/files/extrapatch-setuid
deleted file mode 100644
index 73e728ea049a..000000000000
--- a/dns/powerdns-recursor/files/extrapatch-setuid
+++ /dev/null
@@ -1,13 +0,0 @@
---- pdns_recursor.cc.orig	2017-12-11 13:13:52.274237000 +0100
-+++ pdns_recursor.cc	2017-12-11 13:18:42.339569000 +0100
-@@ -3325,8 +3325,8 @@
-     ::arg().set("log-timestamp","Print timestamps in log lines, useful to disable when running with a tool that timestamps stdout already")="yes";
-     ::arg().set("log-common-errors","If we should log rather common errors")="no";
-     ::arg().set("chroot","switch to chroot jail")="";
--    ::arg().set("setgid","If set, change group id to this gid for more security")="";
--    ::arg().set("setuid","If set, change user id to this uid for more security")="";
-+    ::arg().set("setgid","If set, change group id to this gid for more security")="pdns";
-+    ::arg().set("setuid","If set, change user id to this uid for more security")="pdns_recursor";
-     ::arg().set("network-timeout", "Wait this number of milliseconds for network i/o")="1500";
-     ::arg().set("threads", "Launch this number of threads")="2";
-     ::arg().set("processes", "Launch this number of processes (EXPERIMENTAL, DO NOT CHANGE)")="1"; // if we un-experimental this, need to fix openssl rand seeding for multiple PIDs!
diff --git a/dns/powerdns-recursor/files/patch-configure b/dns/powerdns-recursor/files/patch-configure
index 09a29eb5c0c7..cab7763dd981 100644
--- a/dns/powerdns-recursor/files/patch-configure
+++ b/dns/powerdns-recursor/files/patch-configure
@@ -1,6 +1,6 @@
---- configure.orig	2019-05-17 10:25:29 UTC
-+++ configure
-@@ -19350,8 +19350,10 @@ fi
+--- configure.orig	2020-03-02 07:50:20.000000000 -0500
++++ configure	2020-03-02 07:50:20.000000000 -0500
+@@ -21139,8 +21139,10 @@
              { $as_echo "$as_me:${as_lineno-$LINENO}: checking for openssl/crypto.h in $ssldir" >&5
  $as_echo_n "checking for openssl/crypto.h in $ssldir... " >&6; }
              if test -f "$ssldir/include/openssl/crypto.h"; then
diff --git a/dns/powerdns-recursor/files/patch-pdns_dns__random.cc b/dns/powerdns-recursor/files/patch-dns_random.cc
index 036f430f6906..036f430f6906 100644
--- a/dns/powerdns-recursor/files/patch-pdns_dns__random.cc
+++ b/dns/powerdns-recursor/files/patch-dns_random.cc
diff --git a/dns/powerdns-recursor/files/patch-dnsname.hh b/dns/powerdns-recursor/files/patch-dnsname.hh
index 00e1420f724c..c5f31e7147cc 100644
--- a/dns/powerdns-recursor/files/patch-dnsname.hh
+++ b/dns/powerdns-recursor/files/patch-dnsname.hh
@@ -1,6 +1,6 @@
---- dnsname.hh.orig	2019-01-31 19:43:44 UTC
-+++ dnsname.hh
-@@ -30,7 +30,7 @@
+--- dnsname.hh.orig	2020-03-02 07:49:54.000000000 -0500
++++ dnsname.hh	2020-03-02 07:49:54.000000000 -0500
+@@ -33,7 +33,7 @@
  #include <boost/version.hpp>
  
  // it crashes on OSX and doesn't compile on OpenBSD
@@ -9,7 +9,7 @@
  #include <boost/container/string.hpp>
  #endif
  
-@@ -135,7 +135,7 @@ class DNSName (public)
+@@ -138,7 +138,7 @@
    inline bool canonCompare(const DNSName& rhs) const;
    bool slowCanonCompare(const DNSName& rhs) const;  
  
diff --git a/dns/powerdns-recursor/files/patch-pdns_recursor.cc b/dns/powerdns-recursor/files/patch-pdns_recursor.cc
new file mode 100644
index 000000000000..89d90a308788
--- /dev/null
+++ b/dns/powerdns-recursor/files/patch-pdns_recursor.cc
@@ -0,0 +1,17 @@
+--- pdns_recursor.cc.orig	2020-03-02 07:49:54.000000000 -0500
++++ pdns_recursor.cc	2020-03-02 07:49:54.000000000 -0500
+@@ -4639,12 +4639,12 @@
+ #define SYSTEMD_SETID_MSG ". When running inside systemd, use the User and Group settings in the unit-file!"
+         SYSTEMD_SETID_MSG
+ #endif
+-        )="";
++        )="pdns";
+     ::arg().set("setuid","If set, change user id to this uid for more security"
+ #ifdef HAVE_SYSTEMD
+         SYSTEMD_SETID_MSG
+ #endif
+-        )="";
++        )="pdns_recursor";
+     ::arg().set("network-timeout", "Wait this number of milliseconds for network i/o")="1500";
+     ::arg().set("threads", "Launch this number of threads")="2";
+     ::arg().set("distributor-threads", "Launch this number of distributor threads, distributing queries to other threads")="0";
diff --git a/dns/powerdns-recursor/files/pdns-recursor.in b/dns/powerdns-recursor/files/pdns-recursor.in
index cfa9cb5c772f..de05f8121c6c 100644
--- a/dns/powerdns-recursor/files/pdns-recursor.in
+++ b/dns/powerdns-recursor/files/pdns-recursor.in
@@ -1,11 +1,11 @@
 #!/bin/sh
 #
-# $$
+# $FreeBSD$
 #
 
 # PROVIDE: pdns_recursor
-# REQUIRE: SERVERS cleanvar
-# BEFORE:  DAEMON
+# REQUIRE: NETWORKING
+# BEFORE: SERVERS
 # KEYWORD: shutdown
 
 #
@@ -22,16 +22,15 @@
 name=pdns_recursor
 rcvar=pdns_recursor_enable
 
-command=%%PREFIX%%/sbin/pdns_recursor
-command_args="--daemon=yes"
-
-# set defaults
+load_rc_config ${name}
 
 pdns_recursor_enable=${pdns_recursor_enable:-"NO"}
 pdns_recursor_conf=${pdns_recursor_conf:-"%%PREFIX%%/etc/pdns/recursor.conf"}
+required_files=${pdns_recursor_conf}
 
-load_rc_config ${name}
+pidfile=/var/run/pdns-recursor/${name}.pid
 
-required_files=${pdns_recursor_conf}
+command=%%PREFIX%%/sbin/${name}
+command_args="--daemon"
 
 run_rc_command "$1"
diff --git a/dns/powerdns-recursor/files/pkg-message.in b/dns/powerdns-recursor/files/pkg-message.in
index 36e346d90979..de732b5bc2cf 100644
--- a/dns/powerdns-recursor/files/pkg-message.in
+++ b/dns/powerdns-recursor/files/pkg-message.in
@@ -1,8 +1,9 @@
 [
 { type: install
   message: <<EOM
- If you want to use the powerdns recursor,
+ If you want to use the PowerDNS Recursor,
  you need the following line in /etc/rc.conf(.local)
+ or in /etc/rc.conf.d/pdns_recursor
 
     pdns_recursor_enable="YES"
 
diff --git a/dns/powerdns-recursor/pkg-descr b/dns/powerdns-recursor/pkg-descr
index 2322694d98dd..5276cd7f0cd9 100644
--- a/dns/powerdns-recursor/pkg-descr
+++ b/dns/powerdns-recursor/pkg-descr
@@ -1,4 +1,23 @@
-PowerDNS recursor is a high performance, simple and secure recursing
-nameserver. It currently powers over two million internet connections.
+The PowerDNS Recursor is a high-end, high-performance resolving
+name server which powers the DNS resolution of at least a hundred
+million subscribers. Utilizing multiple processors and supporting
+the same powerful scripting ability of the Authoritative Server,
+the Recursor delivers top performance while retaining the flexibility
+modern DNS deployments require:
 
-WWW: https://www.powerdns.com
+ * IPv4, UDP/TCP
+ * IPv6, UDP/TCP, 100% compliant
+ * Remotely pollable statistics for real time graphing
+ * Full support for all relevant standards
+ * Advanced anti-spoofing measures
+ * Reconfiguration without downtime
+ * Plain BIND zone files for "resolved hosting"
+ * Internal Lua-based scripted answer generation
+ * Question interception, answer reconditioning, NXDOMAIN redirection
+   - Including 'block lists' and security measures
+ * API for direct control (rec_control)
+   - Local and remote access
+ * DNS Response Policy Zones (RPZ)
+ * DNS64
+
+WWW: https://www.PowerDNS.com/recursor.html
diff --git a/dns/powerdns-recursor/pkg-plist b/dns/powerdns-recursor/pkg-plist
index 14fc77b3d5d2..b26bc738f081 100644
--- a/dns/powerdns-recursor/pkg-plist
+++ b/dns/powerdns-recursor/pkg-plist
@@ -3,3 +3,4 @@ bin/rec_control
 sbin/pdns_recursor
 man/man1/pdns_recursor.1.gz
 man/man1/rec_control.1.gz
+@dir(root,wheel,0755) /var/run/pdns-recursor