Bug 281087
| Summary: | dns/knot3 + dns/py-libknot: upgrade to 3.4.0 | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Leo Vandewoestijne <freebsd> | ||||||||||||||||
| Component: | Individual Port(s) | Assignee: | Vladimir Druzenko <vvd> | ||||||||||||||||
| Status: | Closed FIXED | ||||||||||||||||||
| Severity: | Affects Some People | CC: | vvd | ||||||||||||||||
| Priority: | --- | ||||||||||||||||||
| Version: | Latest | ||||||||||||||||||
| Hardware: | Any | ||||||||||||||||||
| OS: | Any | ||||||||||||||||||
| URL: | https://www.knot-dns.cz/2024-09-02-version-340.html | ||||||||||||||||||
| Attachments: |
|
||||||||||||||||||
(In reply to Leo Vandewoestijne from comment #0) > best applied after PR 281038 FYI: my testing was done with libngtcp2 1.7.0 in place. dns/knot3 build without net/libngtcp2 if version is < 0.17.0: checking for libngtcp2 >= 0.17.0 libngtcp2_crypto_gnutls... no (In reply to Vladimir Druzenko from comment #2) But net/libngtcp2 is 1.6.0 > 0.17.0… Created attachment 253145 [details] knot / py-libknot 3.3.9 (In reply to Vladimir Druzenko from comment #3) > checking for libngtcp2 >= 0.17.0 libngtcp2_crypto_gnutls... no > But net/libngtcp2 is 1.6.0 > 0.17.0… I'm puzzled why I don't have any version definitions. I guess I lost those when recreating the port, when 3.0.0 was released. Anyway, in the Knot 3.3 manual I found: - Knot DNS requires liburcu >= 0.5.4 - ED25519 requires gnutls 3.6.0+. - ED448 requires gnutls 3.6.12+ and nettle 3.6+. - DoQ requires gnutls >= 3.7.3 So I've added few adjustments. Including libngctp2 >= 1.7.0 (though the manual indeed specifies 0.17.0 as minimum). And so requires the patch from PR 281038: https://bugs.freebsd.org/bugzilla/attachment.cgi?id=253064 Again tested in poudriere. All fine. But (@Vladimir): could you please disclose how I maybe could replicate that error you've encountered? (In reply to Leo Vandewoestijne from comment #4) It's message from configure stage in poudriere. (In reply to Leo Vandewoestijne from comment #4) With ngtcp2 1.7.0 and new patch: … checking for libngtcp2 >= 0.17.0 libngtcp2_crypto_gnutls... no … DoQ support: no Check configure: configure --help --enable-quic=auto|yes|no|embedded Support DoQ (needs libngtcp2 >= 0.17.0, gnutls >= 3.7.3) [default=auto] If add: DOQ_CONFIGURE_ENABLE= quic=yes or DOQ_CONFIGURE_ON= --enable-quic=yes then: checking for libngtcp2 >= 0.17.0 libngtcp2_crypto_gnutls... no DoQ support: embedded Result is plist error: ====> Running Q/A tests (stage-qa) Warning: you might not need LIB_DEPENDS on libnettle.so Warning: you might not need LIB_DEPENDS on libngtcp2.so Warning: you might not need LIB_DEPENDS on libedit.so.0 ====> Checking for pkg-plist issues (check-plist) ===> Parsing plist ===> Checking for items in STAGEDIR missing from pkg-plist Error: Orphaned: include/lib%%USERS%%/quic/quic.h Error: Orphaned: include/lib%%USERS%%/quic/quic_conn.h ===> Checking for items in pkg-plist which are not in STAGEDIR ===> Error: Plist issues found. *** Error code 1 Also: 1. OPTIONS_DEFAULT= DAEMON UTILS FASTPARSER DOH DOQ IDN MODACL MODAUTH MODCOOKIES OPTIONS_DEFAULT+= MODPROXY MODNOUDP MODPROBE MODRRL MODSIGN MODSTATS MODSYNTH MODWHOAMI => OPTIONS_DEFAULT= DAEMON UTILS FASTPARSER DOH DOQ IDN MODACL \ MODAUTH MODCOOKIES MODPROXY MODNOUDP MODPROBE \ MODRRL MODSIGN MODSTATS MODSYNTH MODWHOAMI 2. OPTIONS_GROUP_DAEMONGR= DNSTAP FASTPARSER MODACL MODAUTH MODCOOKIES MODPROXY MODGEO OPTIONS_GROUP_DAEMONGR+= MODNOUDP MODPROBE MODRRL MODSIGN MODSTATS MODSYNTH MODWHOAMI => OPTIONS_GROUP_DAEMONGR= DNSTAP FASTPARSER MODACL MODAUTH MODCOOKIES \ MODPROXY MODGEO MODNOUDP MODPROBE MODRRL \ MODSIGN MODSTATS MODSYNTH MODWHOAMI 3. Typo: DEAMON_BUILD_DEPENDS= liburcu>=0.5.4:sysutils/liburcu => DAEMON_BUILD_DEPENDS= liburcu>=0.5.4:sysutils/liburcu 4. DAEMON_CONFIGURE_ENABLE= daemon DAEMON_CONFIGURE_ENABLE+= modules => DAEMON_CONFIGURE_ENABLE= daemon modules 5. DAEMON_CONFIGURE_WITH= rundir=${RUNDIR} DAEMON_CONFIGURE_WITH+= storage=${DATADIR} => DAEMON_CONFIGURE_WITH= rundir=${RUNDIR} storage=${DATADIR} Created attachment 253330 [details]
knot 3.4.0
Meanwhile 3.4.0 was released.
As the libngtcp2 PR is taking longer than I'd expected, I lowered the need to the current portversion (1.6.0).
Also something is preventing the manual to be installed (the default).
And I was unable to to find the cause (yet).
To support DoQ with external libngtcp2 (not embedded) port net/libngtcp2 must build with: 1) CMAKE_ON+=ENABLE_GNUTLS. 2) LIB_DEPENDS+=libgnutls.so:security/gnutls 3) and add to pkg-plist: include/ngtcp2/ngtcp2_crypto.h include/ngtcp2/ngtcp2_crypto_gnutls.h lib/libngtcp2_crypto_gnutls.a lib/libngtcp2_crypto_gnutls.so lib/libngtcp2_crypto_gnutls.so.8 lib/libngtcp2_crypto_gnutls.so.8.1.1 libdata/pkgconfig/libngtcp2_crypto_gnutls.pc This can be default option GNUTLS or mandatory on. Or you can use embedded copy of libngtcp2 and remove dependency from port net/libngtcp2. What is your decision? BTW, why do you need libnettle.so:security/nettle? It isn't used: Warning: you might not need LIB_DEPENDS on libnettle.so Also you don't need this:
BUILD_DEPENDS= gnutls>=3.7.3:security/gnutls \
lmdb>=0.9.15:databases/lmdb
Current versions in port are newer: 3.8.7.1 and 0.9.33.
Created attachment 253794 [details] knot 3.4.0 update v2 > BTW, why do you need libnettle.so:security/nettle? > Various options return even more alike warnings. ====> Running Q/A tests (stage-qa) Warning: you might not need LIB_DEPENDS on libnettle.so Warning: you might not need LIB_DEPENDS on libngtcp2.so Warning: you might not need LIB_DEPENDS on libedit.so.0 - nettle is according the manual needed for Ed448 support, but whatever combination of options you set, the warning always remains. https://www.knot-dns.cz/docs/3.4/singlehtml/#required-libraries - libngtcp2 see below. - libedit is unclear when required or when not, so rather safe than sorry. > Or you can use embedded copy of libngtcp2 and remove dependency from port net/libngtcp2. > What is your decision? > NIC.CZ prefers the systems copy over their embedded one. However, whatever I do, I never get anything other than DoQ support: embedded Your gnutls instructions don't seem to work for me, so I guess I misunderstand something. So now the net/libngtcp2 seems never used - which likely must be my shortcoming somewhere, because at some point I saw the same plist entries. For now it works. Or better said: doesn't fail. But needs to be addressed in the future. Other than that, attached patch should address all uglyness, and looks fine to me now. Use recvmmsg: no
Use SO_REUSEPORT(_LB): yes
XDP support: no
DoQ support: yes
Socket polling: kqueue
Atomic support: C11
Memory allocator: auto
Build net/libngtcp2 with my patch:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=281038#c4
Aha, I found out I was testing too hard. If I start from the begin and do exactly what you wrote, then it's all fine. Created attachment 253913 [details] Makefile v1 net/libngtcp2_gnutls fixed! > nettle is according the manual needed for Ed448 support nettle used by gnutls, but knot doesn't use it directly. I have: Ed448 support: yes even without nettle in Makefile. Also we don't need BUILD_DEPENDS=port if we have LIB_DEPENDS=port. So I suggest to commit my Makefile. Created attachment 253922 [details]
Makefile v2
Merged your changes from last patch.
Created attachment 253980 [details] knot 3.4.0 update v3 > Merged your changes from last patch. Yes, looks like we're exactly on the same page. However I think I'm maybe missing USES= compiler:c11 DOCS_BUILD_DEPENDS= sphinx-build:textproc/py-sphinx It's what NIC.CZ indicates to be needed, but maybe a non-issue. Plus, wish to ensure that DISTINFO_FILE= ${.CURDIR}/../knot3/distinfo.py-libknot is truly added to dns/py-libknot/Makefile (and the refered file contains the desired checksums). Other than that, yes, also yours LFTM. A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=6e304f0fa332ddd7ea35bd83b85f38a7d288f2d6 commit 6e304f0fa332ddd7ea35bd83b85f38a7d288f2d6 Author: Leo Vandewoestijne <freebsd@dns.company> AuthorDate: 2024-10-03 23:50:26 +0000 Commit: Vladimir Druzenko <vvd@FreeBSD.org> CommitDate: 2024-10-04 00:05:09 +0000 dns/{knot3,py-libknot}: Update 3.3.8 → 3.4.0, improve ports Changelog: https://www.knot-dns.cz/2024-09-02-version-340.html PR: 281087 dns/knot3/Makefile | 66 +++++++++++++++++++------------------ dns/knot3/distinfo | 6 ++-- dns/knot3/distinfo.py-libknot (new) | 3 ++ dns/knot3/knotdns.mk | 2 +- dns/knot3/pkg-plist | 9 +++-- dns/py-libknot/Makefile | 4 ++- dns/py-libknot/distinfo (gone) | 3 -- 7 files changed, 51 insertions(+), 42 deletions(-) Committed! |
Created attachment 253115 [details] knot changes This patch - updates dns/knot3 from 3.3.8 to 3.3.9 - updates dns/py-libknot from 3.3.8 to 3.3.9 - moves distfile of dns/py-libknot to dns/knot3/distinfo.py-libknot, to simplify future versions changes simple / avoid glitches. - removes absolete dns/py-libknot/distinfo Changes both dns/knot3 as well as dns/py-libknot are all tested succesfully in Poudriere (13.2, 14.0 and 14.1 - AMD64). As libngtcp2 1.7.0 is released, this PR is best applied after PR 281038 (to avoid another PORTREVISION).