net-dns / knot-resolver

A scaleable caching DNS resolver

Official package sites : https://gitlab.nic.cz/knot/knot-resolver · https://www.knot-resolver.cz ·

Versions

v6.0.14 :: 0 :: gentoo

Modified
License
Apache-2.0 BSD CC0-1.0 GPL-3+ LGPL-2.1+ MIT
Keywords
~amd64 ~arm64
USE flags
caps debug dnstap jemalloc manager nghttp2 selinux systemd test verify-sig xdp

v5.7.5 :: 0 :: gentoo

Modified
License
Apache-2.0 BSD CC0-1.0 GPL-3+ LGPL-2.1+ MIT
Keywords
amd64
USE flags
caps dnstap jemalloc kresc nghttp2 selinux systemd test verify-sig xdp

USE flags

General

caps
Use Linux capabilities library to control privilege
debug
Enable extra debug codepaths, like asserts and extra output. If you want to get meaningful backtraces see https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces
dnstap
Build dnstap binary logging module
jemalloc
Use dev-libs/jemalloc for memory management
kresc
Build (experimental) command-line client
manager
Manager is a user-friendly interface and a component handling rolling restarts, config update logic and more.
nghttp2
DNS-over-HTTPS support
selinux
!!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur
systemd
Enable use of systemd-specific libraries and features like socket activation or session tracking
test
Enable dependencies and/or preparations necessary to run tests (usually controlled by FEATURES=test but can be toggled independently)
verify-sig
Verify upstream signatures on distfiles
xdp
Enable eXpress Data Path

lua_single_target

luajit
Build for LuaJIT only

python_single_target

python3_11
Build for Python 3.11 only
python3_12
Build for Python 3.12 only
python3_13
Build for Python 3.13 only

Dependencies

acct-group / knot-resolver : System group: knot-resolver

acct-user / knot-resolver : System user: knot-resolver

app-admin / supervisor : A system for controlling process state under UNIX

dev-db / lmdb : An ultra-fast, ultra-compact key-value embedded data store

dev-lang / luajit : Just-In-Time Compiler for the Lua programming language

dev-lang / python : An interpreted, interactive, object-oriented programming language

dev-libs / fstrm : Frame Streams implementation in C

dev-libs / jemalloc : Jemalloc is a general-purpose scalable concurrent allocator

dev-libs / libedit : BSD replacement for libreadline

dev-libs / libuv : Cross-platform asychronous I/O

dev-libs / protobuf-c : Protocol Buffers implementation in C

dev-python / aiohttp : HTTP client/server for asyncio

dev-python / jinja2 : A full-featured template engine for Python

dev-python / pyparsing : Easy-to-use Python module for text parsing

dev-python / pytest-asyncio : Library for testing asyncio code with pytest

dev-python / pyyaml : YAML parser and emitter for Python

dev-python / typing-extensions : Backported and Experimental Type Hints for Python 3.7+

dev-util / cmocka : Unit testing framework for C

net-dns / knot : High-performance authoritative-only DNS server

net-libs / gnutls : A secure communications library implementing the SSL, TLS and DTLS protocols

net-libs / nghttp2 : HTTP/2 C Library

sec-policy / selinux-knot : SELinux policy for knot

sys-apps / systemd : System and service manager for Linux

sys-libs / libcap-ng : POSIX 1003.1e capabilities

Runtime Dependencies

acct-group / knot-resolver : System group: knot-resolver

acct-user / knot-resolver : System user: knot-resolver

app-admin / supervisor : A system for controlling process state under UNIX

dev-db / lmdb : An ultra-fast, ultra-compact key-value embedded data store

dev-lang / luajit : Just-In-Time Compiler for the Lua programming language

dev-lang / python : An interpreted, interactive, object-oriented programming language

dev-libs / fstrm : Frame Streams implementation in C

dev-libs / jemalloc : Jemalloc is a general-purpose scalable concurrent allocator

dev-libs / libedit : BSD replacement for libreadline

dev-libs / libuv : Cross-platform asychronous I/O

dev-libs / protobuf-c : Protocol Buffers implementation in C

dev-python / aiohttp : HTTP client/server for asyncio

dev-python / jinja2 : A full-featured template engine for Python

dev-python / pyyaml : YAML parser and emitter for Python

dev-python / typing-extensions : Backported and Experimental Type Hints for Python 3.7+

net-dns / knot : High-performance authoritative-only DNS server

net-libs / gnutls : A secure communications library implementing the SSL, TLS and DTLS protocols

net-libs / nghttp2 : HTTP/2 C Library

sec-policy / selinux-knot : SELinux policy for knot

sys-apps / systemd : System and service manager for Linux

sys-libs / libcap-ng : POSIX 1003.1e capabilities

virtual / tmpfiles : Virtual to select between different tmpfiles.d handlers

Bugs

897928
<net-dns/knot-resolver-5.6.0: DoS via many TCP connections
918587
<net-dns/knot-resolver-5.7.0: DoS via TCP reconnections (again)
924459
<net-dns/knot-resolver-5.7.1: "KeyTrap" DNS DoS vulnerability

Change logs

Repository mirror & CI · gentoo
Merge updates from master
Nicolas PARLANT · gentoo
net-dns/knot-resolver: drop 6.0.13
Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Part-of: https://github.com/gentoo/gentoo/pull/42422 Closes: https://github.com/gentoo/gentoo/pull/42422 Signed-off-by: Sam James <sam@gentoo.org>
Nicolas PARLANT · gentoo
net-dns/knot-resolver: Bump to 6.0.14
This release only includes a fix for a 6.0.13 regression. A patch has already been backported in 6.0.13 to partially fix it but it's cleaner to bump now. Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Part-of: https://github.com/gentoo/gentoo/pull/42422 Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Nicolas PARLANT · gentoo
net-dns/knot-resolver: drop 6.0.12
Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Part-of: https://github.com/gentoo/gentoo/pull/42367 Closes: https://github.com/gentoo/gentoo/pull/42367 Signed-off-by: Sam James <sam@gentoo.org>
Nicolas PARLANT · gentoo
net-dns/knot-resolver: add 6.0.13
DoS - fix more rare crashes with `requirement` failing : https://gitlab.nic.cz/knot/knot-resolver/-/issues/930 include a patch from upstream to fix a regression Bug: https://bugs.gentoo.org/954555 Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Part-of: https://github.com/gentoo/gentoo/pull/42367 Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
net-dns/knot-resolver: Keyword 6.0.12 arm64, #956735
Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Kenton Groombridge · gentoo
net-dns/knot-resolver: add USE=selinux
Signed-off-by: Kenton Groombridge <concord@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Nicolas PARLANT · gentoo
net-dns/knot-resolver: drop 5.7.4-r1
Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Part-of: https://github.com/gentoo/gentoo/pull/42208 Closes: https://github.com/gentoo/gentoo/pull/42208 Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Arthur Zamarin · gentoo
net-dns/knot-resolver: Stabilize 5.7.5 amd64, #956368
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Nicolas PARLANT · gentoo
net-dns/knot-resolver: use tomllib instead of toml
update the patch for pytest replacing toml (not packaged), by tomllib. upstream still allows python3.8, so no issue for now. Closes: https://bugs.gentoo.org/955202 Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Part-of: https://github.com/gentoo/gentoo/pull/41892 Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Nicolas PARLANT · gentoo
net-dns/knot-resolver: drop 6.0.10, 6.0.11
Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Part-of: https://github.com/gentoo/gentoo/pull/41728 Closes: https://github.com/gentoo/gentoo/pull/41728 Signed-off-by: Sam James <sam@gentoo.org>
Nicolas PARLANT · gentoo
net-dns/knot-resolver: add 6.0.12
security/bugfixes release minor changes from 6.0.11 : * update description for an optfeature * drop python3_10 Bug: https://bugs.gentoo.org/954555 Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Part-of: https://github.com/gentoo/gentoo/pull/41728 Signed-off-by: Sam James <sam@gentoo.org>
Nicolas PARLANT · gentoo
net-dns/knot-resolver: add 5.7.5
security/bugfixes release add optfeatures add initd for kres-cache-gc Bug: https://bugs.gentoo.org/954555 Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Part-of: https://github.com/gentoo/gentoo/pull/41728 Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Nicolas PARLANT · gentoo
net-dns/knot-resolver: drop 6.0.9
also removed prometheus useflag, optfeature now Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Closes: https://github.com/gentoo/gentoo/pull/40773 Signed-off-by: Sam James <sam@gentoo.org>
Nicolas PARLANT · gentoo
net-dns/knot-resolver: add to 6.0.11
included patch to revert to absolute path for unix-socket, even if this issue does not affect the package with the config.yaml provided by default. https://gitlab.nic.cz/knot/knot-resolver/-/merge_requests/1664 Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Nicolas PARLANT · gentoo
net-dns/knot-resolver: enable py3.13
Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Signed-off-by: Sam James <sam@gentoo.org>
Nicolas PARLANT · gentoo
net-dns/knot-resolver: drop 5.7.2
Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Signed-off-by: Sam James <sam@gentoo.org>
Nicolas PARLANT · gentoo
net-dns/knot-resolver: add 6.0.10 optfeature
add optional features. remove rdep prometheus-client as it's an optfeature too. Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
net-dns/knot-resolver: Stabilize 5.7.4-r1 amd64, #945542
Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
net-dns/knot-resolver: small fixups
* Call lua-single_pkg_setup too * Drop unnecessary die in python_test (epytest dies for us) Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Nicolas PARLANT · gentoo
net-dns/knot-resolver: add 6.0.9
Knot DNS API/ABI : >=net-dns/knot-3.3 New optional python component, manager, to start/manage Knot Resolver : * useflag manager (enabled by default) * python3_10..12 (no 3.13 due to app-admin/supervisor) * start with /etc/init.d/knot-resolver or knot-resolver.service * config file : /etc/conf.d/knot-resolver /etc/knot-resolver/config.yaml * option garbage collector : /etc/init.d/kres-cache-gc Old/legacy way to start Knot Resolver is still supported and installed by default, even with the manager enabled by useflag : * start with /etc/init.d/kresd or kresd'@'.service (installed by default with the meson_feature systemd_legacy_units) * config file : /etc/conf.d/kresd /etc/kresd.conf (installed by default with -Dinstall_kresd_conf=enabled) Useflags : * kresc (removed) : has never gone beyond experiment/alpha * prometheus (new) : prometheus metrics endpoint for the manager (dev-python/prometheus-client) Patches : * 5.X patches to set docdir and optional deps (nghttp, openssl) * 6.0.9-libsystemd.patch : rebase from 5.7.4. tmpfiles is independent of the systemd option/useflag * 6.0.9-config-example.patch : for the manager. A default config file is installed in /etc/knot-resolver/config.yaml and examples in /usr/share/doc/ * 6.0.9-sd_notify_alt.patch : upstream, fix systemd dep with sd_notify alternative for manager * 6.0.9-pytest_tomli.patch : for one pytest, import toml is replaced with tomli Tests : * unit_tests for kresd : enabled * unit_tests for manager : enabled * config_tests : disabled. It requires external lua modules (basexx, cqueues) * extra_tests : disabled. Too extra ... Bug: https://bugs.gentoo.org/939471 Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Closes: https://github.com/gentoo/gentoo/pull/39482 Signed-off-by: Sam James <sam@gentoo.org>
Nicolas PARLANT · gentoo
net-dns/knot-resolver: fix RUNDIR
default value for RUNDIR (/var/run/kresd) does not match the one provided by upstream tmpfile (/var/run/knot-resolver). Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Closes: https://github.com/gentoo/gentoo/pull/39414 Signed-off-by: Florian Schmaus <flow@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Repository mirror & CI · gentoo
Merge updates from master
Andreas Sturmlechner · gentoo
net-dns/knot-resolver: drop 5.7.1
Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>
Nicolas PARLANT · gentoo
net-dns/knot-resolver: update SRC_URI
fix redirects in SRC_URI Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Closes: https://github.com/gentoo/gentoo/pull/39069 Signed-off-by: Florian Schmaus <flow@gentoo.org>
PPN-SD · gentoo
net-dns/knot-resolver: add 5.7.4
useflag systemd reworked useflag xdp added Signed-off-by: PPN-SD <nicolas.parlant@parhuet.fr> Signed-off-by: Florian Schmaus <flow@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Jakov Smolić · gentoo
net-dns/knot-resolver: Stabilize 5.7.2 amd64, #938969
Signed-off-by: Jakov Smolić <jsmolic@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Matthew Smith · gentoo
net-dns/knot-resolver: add 5.7.2
Signed-off-by: Matthew Smith <matthew@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Matthew Smith · gentoo
net-dns/knot-resolver: drop vulnerable 5.7.0-r2
Bug: https://bugs.gentoo.org/924459 Signed-off-by: Matthew Smith <matthew@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
net-dns/knot-resolver: Stabilize 5.7.1 amd64, #924497
Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Matthew Smith · gentoo
net-dns/knot-resolver: add 5.7.1
Add jemalloc USE flag to fix automagic dependency. Bug: https://bugs.gentoo.org/924459 Signed-off-by: Matthew Smith <matthew@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Matthew Smith · gentoo
net-dns/knot-resolver: fix USE=-systemd tmpfiles
Closes: https://bugs.gentoo.org/922635 Signed-off-by: Matthew Smith <matthew@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Matthew Smith · gentoo
net-dns/knot-resolver: always install tmpfiles config
Closes: https://bugs.gentoo.org/921567 Signed-off-by: Matthew Smith <matthew@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Matthew Smith · gentoo
net-dns/knot-resolver: drop vulnerable 5.6.0, 5.6.0-r1, 5.6.0-r2
Bug: https://bugs.gentoo.org/918587 Signed-off-by: Matthew Smith <matthew@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
net-dns/knot-resolver: Stabilize 5.7.0 amd64, #918588
Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Mike Gilbert · gentoo
Remove BROOT from VERIFY_SIG_OPENPGP_KEY_PATH
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Matthew Smith · gentoo
net-dns/knot-resolver: add 5.7.0
Signed-off-by: Matthew Smith <matthew@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Nicolas PARLANT · gentoo
net-dns/knot-resolver: drop privileges in kresd.initd
Closes: https://github.com/gentoo/gentoo/pull/32871 Signed-off-by: Nicolas PARLANT <nicolas.parlant@parhuet.fr> Signed-off-by: Matthew Smith <matthew@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Spencer Pavkovic · gentoo
net-dns/knot-resolver: added OpenRC init script
Signed-off-by: Spencer Pavkovic <smp@nandre.com> Closes: https://github.com/gentoo/gentoo/pull/32028 Signed-off-by: Matthew Smith <matthew@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Matthew Smith · gentoo
net-dns/knot-resolver: drop 5.5.3
Bug: https://bugs.gentoo.org/897928 Signed-off-by: Matthew Smith <matthew@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Sam James · gentoo
net-dns/knot-resolver: Stabilize 5.6.0 amd64, #898036
Signed-off-by: Sam James <sam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Matthew Smith · gentoo
net-dns/knot-resolver: add 5.6.0
Signed-off-by: Matthew Smith <matthew@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Arthur Zamarin · gentoo
net-dns/knot-resolver: Stabilize 5.5.3 amd64, #884109
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Matthew Smith · gentoo
net-dns/knot-resolver: add missing verify-sig depend
Closes: https://bugs.gentoo.org/878437 Signed-off-by: Matthew Smith <matthew@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Matthew Smith · gentoo
net-dns/knot-resolver: only call tmpfiles_process if USE=systemd
Closes: https://bugs.gentoo.org/877337 Signed-off-by: Matthew Smith <matthew@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Matthew Smith · gentoo
net-dns/knot-resolver: new package, add 5.5.3
Signed-off-by: Matthew Smith <matthew@gentoo.org>