dns/kadnode: update 2.3.0 -> 2.4.1, un-deprecate

Upstream is alive and active, has 1-st class FreeBSD support. They had switched to mbedtls3 since version 2.4.0. Using their ready-to-use port with minor changes: * Fix files/kadnode.in mode (0755 -> 0644) * Improve pkg-descr * Some linting PR: 283954 Reviewed by: diizzy Approved by: moritzwarning@web.de (maintainer)
2025-01-09 14:15:35 +04:00 · 2025-01-09 14:15:35 +04:00 · c19a49d41d
commit c19a49d41d
parent 3a3b1819c6
9 changed files with 48 additions and 61 deletions
--- a/dns/kadnode/Makefile
+++ b/dns/kadnode/Makefile
@ -1,18 +1,16 @@
 PORTNAME=	kadnode
 DISTVERSIONPREFIX=	v
-DISTVERSION=	2.3.0
+DISTVERSION=	2.4.1
 PORTREVISION=	5
 CATEGORIES=	dns
 MAINTAINER=	moritzwarning@web.de
 COMMENT=	P2P name resolution daemon
-WWW=		https://github.com/mwarning/KadNode
+WWW=		https://github.com/mwarning/KadNode/
 LICENSE=	MIT
 LICENSE_FILE=	${WRKSRC}/LICENSE
 USES=		cpe gmake
 CPE_VENDOR=	${PORTNAME}_project
 USE_GITHUB=	yes
 GH_ACCOUNT=	mwarning
 GH_PROJECT=	KadNode
@ -34,7 +32,8 @@ NATPMP_DESC=	NAT-PMP support (remote port forwarding on the router)
 NSS_DESC=	Name Service Switch support to intercept host queries
 UPNP_DESC=	UPnP support (remote port forwarding on the router)
-AUTH_LIB_DEPENDS=	libmbedtls.so:security/mbedtls2
+AUTH_LIB_DEPENDS=	libmbedtls.so:security/mbedtls3
 AUTH_USES=		localbase:ldflags
 AUTH_VARS=		FEATURES+="bob tls"
 CMD_VARS=		FEATURES+="cmd"
@ -51,6 +50,7 @@ NATPMP_VARS=		FEATURES+="natpmp"
 NSS_VARS=		FEATURES+="nss"
 UPNP_LIB_DEPENDS=	libminiupnpc.so:net/miniupnpc
 UPNP_USES=		localbase:ldflags
 UPNP_VARS=		FEATURES+="upnp"
 do-install:
@ -62,19 +62,10 @@ do-install:
 	${INSTALL_DATA} ${WRKDIR}/kadnode.conf \
 		${STAGEDIR}${ETCDIR}/kadnode.conf.sample
 	${INSTALL_MAN} ${WRKSRC}/misc/manpage \
-		${STAGEDIR}${PREFIX}/share/man/man1/kadnode.1
+		${STAGEDIR}${MANDIRS}/man1/kadnode.1
 do-install-NSS-on:
-	${INSTALL_LIB} ${WRKSRC}/build/libnss_kadnode-2.0.so \
+	${INSTALL_LIB} ${WRKSRC}/build/libnss_kadnode.so \
 		${STAGEDIR}${PREFIX}/lib/nss_kadnode.so.1
 	${RLN} ${STAGEDIR}${PREFIX}/lib/nss_kadnode.so.1 \
 		${STAGEDIR}${PREFIX}/lib/nss_kadnode.so
 .include <bsd.port.options.mk>
 .if ${PORT_OPTIONS:MAUTH}
 DEPRECATED=	Depends on expired security/mbedtls2
 EXPIRATION_DATE=2025-03-31
 .endif
 .include <bsd.port.mk>
--- a/dns/kadnode/distinfo
+++ b/dns/kadnode/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1581337724
+TIMESTAMP = 1736416439
-SHA256 (mwarning-KadNode-v2.3.0_GH0.tar.gz) = abb2ca66fb525fab53157d5486bbb43e3a522a4bdc9280a3dcb8cb403ee08583
+SHA256 (mwarning-KadNode-v2.4.1_GH0.tar.gz) = 748c8917134ad9c127f05a32369aa5726482c9de98d71ef5e722b2a9d588a5e9
-SIZE (mwarning-KadNode-v2.3.0_GH0.tar.gz) = 450082
+SIZE (mwarning-KadNode-v2.4.1_GH0.tar.gz) = 464380
--- a/dns/kadnode/files/kadnode.conf.in
+++ b/dns/kadnode/files/kadnode.conf.in
@ -6,15 +6,15 @@
 # --tls-server-cert mydomain.crt,mydomain.key
 # The domain in the Common Name field of the certificate will be announced.
 #
-# For domain lookup, we need to provide appropiate CA certificates.
+# For domain lookup, we need to provide appropriate CA certificates.
 # Try various locations:
--tls-client-cert %%LOCALBASE%%/share/certs
+--tls-client-cert /usr/share/certs/trusted
 # As an alternative, create a secret/public key via 'kadnode --bob-create-key'
 # and load the secret keys as PEM file:
 # --bob-load-key <secret-key-pem-file>
 #
-# Other nodes can use <public-key-hex>.p2p in the browser to resolve the node.
+# Other nodes can use <public-key>.p2p in the browser to resolve the node.
 # Enable DNS proxy behavior. Reads /etc/resolv.conf by default.
 # --dns-proxy-enable
@ -23,7 +23,7 @@
 # --dns-proxy-server <IP-address>
 # Disable UPnP/NAT-PMP support
-# --disable-forwarding
+# --fwd-disable
 # Disable multicast peer discovery
 # --lpd-disable
--- a/dns/kadnode/files/kadnode.in
+++ b/dns/kadnode/files/kadnode.in
@ -12,8 +12,10 @@ rcvar=kadnode_enable
 pidfile="/var/run/kadnode.pid"
 required_files="%%PREFIX%%/etc/kadnode/kadnode.conf"
 configfile="%%PREFIX%%/etc/kadnode/kadnode.conf"
 command="%%PREFIX%%/bin/kadnode"
-command_args="--config %%PREFIX%%/etc/kadnode/kadnode.conf --pidfile $pidfile --daemon"
+
 command_args="--config $configfile --pidfile $pidfile --daemon"
 load_rc_config $name
 : ${kadnode_enable:=yes}
--- a/dns/kadnode/files/patch-src_peerfile.c
+++ b/dns/kadnode/files/patch-src_peerfile.c
@ -1,10 +0,0 @@
 --- src/peerfile.c.orig	2020-02-09 21:48:57 UTC
 +++ src/peerfile.c
@@ -4,6 +4,7 @@
 #include <string.h>
 #include <errno.h>
 #include <netdb.h>
 +#include <sys/socket.h>
 #include "main.h"
 #include "conf.h"
--- a/dns/kadnode/files/patch-src_upnp.c
+++ b/dns/kadnode/files/patch-src_upnp.c
@ -1,16 +0,0 @@
 --- src/upnp.c.orig	2020-02-09 21:48:57 UTC
 +++ src/upnp.c
@@ -134,8 +134,13 @@ int upnp_handler(struct upnp_handle_t *handle, uint16_
 			handle->retry = now + (10 * 60);
 			handle->state = UPNP_STATE_DISCOVER_GATEWAY;
 			return PF_RETRY;
 +#if (MINIUPNPC_API_VERSION >= 18)
 		} else if (UPNP_GetValidIGD(devlist, &handle->urls, &handle->data,
 +				handle->addr, sizeof(handle->addr), NULL, 0) == 1) {
 +#else
 +		} else if (UPNP_GetValidIGD(devlist, &handle->urls, &handle->data,
 				handle->addr, sizeof(handle->addr)) == 1) {
 +#endif                  
 			freeUPNPDevlist(devlist);
 			log_info("UPnP: Found gateway device \"%s\".", handle->urls.controlURL);
 			handle->state = UPNP_STATE_GET_PORTMAPPING;
--- a/dns/kadnode/pkg-descr
+++ b/dns/kadnode/pkg-descr
@ -1,3 +1,30 @@
-KadNode is a small decentralized DNS resolver that can use existing
+KadNode finds the IP address of other instances on the Internet or local
-public key infrastructures. It utilizes the BitTorrent P2P network
+network. It is used like DNS, but is based on the decentralized BitTorrent
-and mbedtls for TLS/crypto support.
+network.
 KadNode intercepts .p2p domain queries on the systems level and resolves them
 using a decentralized Kademlia DHT network. Additionally, TLS authentication can
 be used to make sure the correct IP address was found. If successful, the IP
 address is passed to the application making the request.
 Features:
 * Support for two kinds of domains:
 **  public key domains as <public-key>.p2p
 ***   No need to exchange any further keys/certificates
 ***   Uses secp256r1 ECC key pairs
 **  named domains like yourdomain.com.p2p
 ***   Needs pre-shared certificates (self-signed root certificates or e.g.
      Let's Encrypt)
 ***   Uses TLS session handshake for authentication
 * IPv4/IPv6 support
 * UPnP/NAT-PMP support
 * Local peer discovery
 * Small size / ~100KB depending on features / ~50KB compressed
 * Command line control program
 * NSS support through /etc/nsswitch.conf
 * DNS server interface and DNS proxy
 **  Handles A (IPv4 address),AAAA (IPv6), and SRV requests
 * Packages for ArchLinux, Debian, FreeBSD, MacOSX, OpenWrt, Windows
 * Peer file import/export on startup/shutdown and every 24h
 * Uses sha256 hash method
--- a/dns/kadnode/pkg-message
+++ b/dns/kadnode/pkg-message
@ -1,12 +1,6 @@
 [
 { type: install
  message: <<EOM
 In order to resolve domains using kadnode all over the system, add this
 line to your /etc/nsswitch.conf:
-hosts: kadnode dns
+hosts: files kadnode dns
 If the hosts line already exists, just add kadnode before the dns entry.
 EOM
 }
 ]
--- a/dns/kadnode/pkg-plist
+++ b/dns/kadnode/pkg-plist
@ -2,6 +2,5 @@ bin/kadnode
 bin/kadnode-ctl
@sample %%ETCDIR%%/kadnode.conf.sample
@sample %%ETCDIR%%/peers.txt.sample
 %%NSS%%lib/nss_kadnode.so
 %%NSS%%lib/nss_kadnode.so.1
 share/man/man1/kadnode.1.gz