devel/boost: bump consumers after Boost-1.87 update

Sponsored by:	Future Crew, LLC

dns/powerdns-recursor: enable on armv7

builds just fine.

Approved by:	portmgr (build fix blanket)
MFH:		2025Q1

dns/powerdns-recursor: update to 5.2.0

Changelog: https://blog.powerdns.com/2025/01/14/powerdns-recursor-5-2-0-released

PR:		284097
Reported by:	Jordan Ostreff <jordan@ostreff.info>

lang/rust: Bump revisions after 1.84.0

PR:		283962

lang/rust: Bump revisions after 1.83.0

PR:		283000

dns/powerdns-recursor: unbreak build with boost-1.86

Sponsored by:	Future Crew, LLC

devel/boost: bump consu,ers after update Boost to 1.86 release

Sponsored by:	Future Crew, LLC

lang/rust: Bump revisions after 1.82.0

PR:		282516

dns/powerdns-recursor: update to 5.1.3

PR:		282610
Approved by:	submitter is maintainer

dns/powerdns-recursor: Update 5.1.1 → 5.1.2 (fix CVE-2024-25590)

PowerDNS Recursor Security Advisory 2024-04:
An attacker can publish a zone containing specific Resource Record Sets.
Repeatedly processing and caching results for these sets can lead to a
denial of service.
CVSS Score: 7.5
https://blog.powerdns.com/2024/10/03/powerdns-recursor-4-9-9-5-0-9-5-1-2-released

PR:	281914
MFH:	2024Q4

*/*: bump consumers after devel/boost* update

With hat:	office
Sponsored by:	Future Crew, LLC

lang/rust: Bump revisions after 1.81.0

PR:		281300

lang/rust: Bump revisions after 1.80.1

PR:		280490

dns/powerdns-recursor: update to 5.1.1

ChangeLog:
https://blog.powerdns.com/2024/07/23/powerdns-recursor-4-9-8-5-0-8-5-1-1-released

PR:		280492
Reported by:	tremere@cainites.net (maintainer)

dns/powerdns-recursor: update to 5.0.7

ChangeLog:
https://blog.powerdns.com/2024/07/03/powerdns-recursor-4-9-7-5-0-7-released

 * Remove potential double SOA records if the target of a dns64 name is NODATA.
 * Fix TCP case for policy tags to not produce cached tags in protobuf messages.
 * Count substituted remote in case of proxy protocol.¶

PR:		280121
Reported by:	tremere@cainites.net (maintainer)

lang/rust: Bump revisions after 1.79.0

PR:		279707

dns/powerdns-recursor: update to 5.0.6

ChangeLog: https://blog.powerdns.com/2024/06/05/powerdns-recursor-5-0-6-released

 * YaHTTP: Enforce max # of request fields and max request line size.
 * Report error and adjust max-mthreads when linux map limit (vm.max_map_count)
   is too low to accomodate resource usage under load.

PR:		279619
Reported by:	tremere@cainites.net (maintainer)

dns/powerdns-recursor: make the rc script service jails aware

PR:		279636
Approved by:	maintainer

dns/powerdns-recursor: update to 5.0.5

Changes:
https://blog.powerdns.com/2024/05/14/powerdns-recursor-4-8-9-4-9-6-5-0-5-released-0

PR:		278996
Approved by:	submitter is maintainer

lang/rust: Bump revisions after 1.78.0

PR:		278834

dns/powerdns-recursor: update to 5.0.4 (CVE-2024-25583)

ChangeLog:
https://blog.powerdns.com/2024/04/24/powerdns-recursor-4-8-8-4-9-5-5-0-4-released

 * Base Score:	7.5 HIGH
 * Vector:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

PR:		278564
Reported by:	tremere@cainites.net (maintainer)
MFH:		2024Q2 (security fix)
Security:	CVE-2024-25583

dns/powerdns-recursor: update to 5.0.3

PR:		277577
Approved by:	submitter is maintainer

lang/rust: Bump revisions after 1.77.0

PR:		277786

dns/powerdns-recursor: Moved man to share/man

Approved by:    portmgr (blanket)

lang/rust: Bump revisions after 1.76.0

PR:		276920

dns/powerdns-recursor: update to 5.0.2 (fixes CVE-2023-50387 and CVE-2023-50868)

ChangeLog:
https://blog.powerdns.com/2024/02/13/powerdns-recursor-4-8-6-4-9-3-5-0-2-released

PR:		277048
Reported by:	tremere@cainites.net (maintainer)
MFH:		2024Q1 (security fixes)
Security:	CVE-2023-50387 CVE-2023-50868

devel/boost: bump consumers after library update

dns/powerdns-recursor: Fix build

Add forgotten Makefile.crates

PR:		276520
Reported by:	otis@
Fixes: 		95d69f42ba0d6e8afd7da5c84a3ccc20338847e8

dns/powerdns-recursor: update to 5.0.1

ChangeLog: https://blog.powerdns.com/2024/01/10/powerdns-recursor-5-0-1-released

PR:		276520
Reported by:	tremere@cainites.net (maintainer)

*/*: Sunset 12.4-RELEASE/12-STABLE from ports tree

- Remove all references to defunct ARCH arm
- Remove all references to defunct ARCH sparc64
- Remove x11-drivers/xf86-video-sunffb which requires defunct sparc64
  ARCH
- Remove sysutils/afbinit requires defunct sparc64 ARCH
- Remove all references to bktr driver
- Remove all references to defunct FreeBSD_12
- Remove all references to OSVERSION/OSREL corresponding to 12
- Remove conditionals in Mk/Uses/cabal.mk
- Remove sparc reference from Mk/Uses/qt-dist.mk
- Remove BROKEN_sparc64/NOT_FOR_ARCH=sparc64
- Remove BROKEN_FreeBSD_12* from:
- Remove OpenSSL patches from:
- Remove conditional flags for OSVERSION >= 1300000 to fixed flags.
  Also move conditional flags for non sparc64/arm ARCH to fixed flags.

Reviewed by:	brooks, jbeich, rene, salvadore
Differential Revision: https://reviews.freebsd.org/D42068

dns/powerdns-recursor: update to 4.9.2

Changelog: https://doc.powerdns.com/recursor/changelog/4.9.html#change-4.9.2

PR:		274965

devel/boost*: bump all consumers after 1.83.0

dns/powerdns-recursor: update to 4.9.1

ChangeLog:
https://blog.powerdns.com/2023/08/25/powerdns-recursor-4-7-6-4-8-5-4-9-1-released

PR:		273395
Reported by:	tremere@cainites.net (maintainer)

dns/powerdns-recursor: update to 4.9.0

ChangeLog: https://blog.powerdns.com/2023/06/30/powerdns-recursor-4-9-0-released

 * The performance impact of metrics collection has been reduced by using
   lock-free non-atomic thread-local counters.
 * The packet cache is sharded and shared by all threads.
 * The TTL of negative answers in the packet cache can now be controlled
   separately from positive and failure answers.
 * The rec_control trace_regex command writes the generated trace information to
   a specified file instead of the general log. The trace information contains
   more precise timestamps and DNSSEC validation information.
 * If extended-resolution-errors is enabled EDNS errors are now generated in
   more cases, specifically when authoritative servers for a zone are
   unreachable or when synthesising answers by e.g. using the aggressive NSEC
   cache.
 * The aggressive NSEC cache has been changed not to store NSEC3 entries which
   cover only a small fraction of possible names. This also allows switching off
   the aggressive cache for NSEC3 only.
 * It is now possible to switch off root-refreshing completely.
 * Proper handling of security policies that restrict the use of specific DNSSEC
   algorithms on RHEL9 derived systems.

PR:		272343
Reported by:	tremere@cainites.net (maintainer)

dns/powerdns-recursor: fix build on 14.0-CURRENT (+ OpenSSL 3.0.9)

This fixes the way OpenSSL is detected (it now uses a non-deprecated function),
which is not available anymore on 14.0-CURRENT. Doesn't change anything for
previous versions of FreeBSD.

PR:		272232
Reported by:	tremere@cainites.net (maintainer)

*/*: bump all direct Boost cunsumers

dns/powerdns-recursor: Update to PowerDNS Recursor 4.8.4

This release fixes CVE-2023-26437 (see URL) and only that.

PR:		270537
MFH:		2023Q1
Security:	dc33795f-ced7-11ed-b1fe-6805ca2fa271
Changes:	https://docs.powerdns.com/recursor/changelog/4.8.html#change-4.8.4

dns/powerdns-recursor: update to 4.8.3

ChangeLog:
https://blog.powerdns.com/2023/03/07/powerdns-recursor-4-8-3-released/

PR:		270236
Reported by:	tremere@cainites.net (maintainer)

dns/powerdns-recursor: Update to PowerDNS Recursor 4.8.2

PR:		269282
Changelog:	https://doc.powerdns.com/recursor/changelog/4.8.html#change-4.8.2

dns/powerdns-recursor: update to 4.8.1 (fixes CVE-2023-22617)

ChangeLog: https://docs.powerdns.com/recursor/changelog/4.8.html#change-4.8.1

Avoid unbounded recursion when retrieving DS records from some misconfigured
domains.

PR:		269116
Reported by:	tremere@cainites.net (maintainer)
MFH:		2023Q1 (security fix)
Security:	CVE-2023-22617

*/*:	bump libboost*.so libraries consumert after Boost upgrade

dns/powerdns-recursor: update to 4.8.0

ChangeLog:
https://blog.powerdns.com/2022/12/12/powerdns-recursor-4-8-0-released/

PR:		268392
Reported by:	tremere@cainites.net (maintainer)

dns/powerdns-recursor: update to 4.7.4

ChangeLog:
https://blog.powerdns.com/2022/11/25/powerdns-recursor-4-5-12-4-6-5-and-4-7-4-released/

PR:		268034
Reported by:	tremere@cainites.net (maintainer)

dns/powerdns-recursor: Use USES=luajit (defaults to luajit-devel)

dns/powerdns-recursor: update to 4.7.3

ChangeLog:
https://blog.powerdns.com/2022/09/20/powerdns-recursor-4-5-11-4-6-4-and-4-7-3-released/

Improvements
 * For zones having many NS records, we are not interested in all so take a
   sample.
 * Also check qperq limit if throttling happened, as it increases counters.

Bug Fixes
 * Failure to retrieve DNSKEYs of an Insecure zone should not be fatal.
 * Fix recursor not responsive after Lua config reload.
 * Clear the caches after loading authzones.
 * Resize answer length to actual received length in udpQueryResponse.¶

PR:		266645
Reported by:	tremere@cainites.net (maintainer)

Remove WWW entries moved into port Makefiles

Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.

This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.

Approved by:		portmgr (tcberner)

Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.

dns/powerdns-recursor: update to 4.7.2

Changes:
https://blog.powerdns.com/2022/08/23/security-advisory-2022-02-for-powerdns-recursor-up-to-and-including-4-5-9-4-6-2-4-7-1/

PR:		266153
MFH:		2022Q3 (security blanket)
Security:	CVE-2022-37428

dns/powerdns-recursor: Update to 4.7.1

ChangeLog:	https://blog.powerdns.com/2022/07/08/powerdns-recursor-4-7-1-released/
PR:		265810

*/*: bump all consumers after recent boost upgrade

dns: remove 'Created by' lines

A big Thank You to the original contributors of these ports:

  *  Aaron Dalton <aaron@FreeBSD.org>
  *  Akinori MUSHA aka knu <knu@idaemons.org>
  *  Alex Samorukov <samm@freebsd.org>
  *  Alexey Dokuchaev <danfe@FreeBSD.org>
  *  Allan Jude <allanjude@freebsd.org>
  *  Amar Takhar <verm@drunkmonk.net>
  *  Anders Nordby <anders@fix.no>
  *  Andrew Greenwood <greenwood.andy@gmail.com>
  *  Anton Berezin <tobez@FreeBSD.org>
  *  Ashish SHUKLA <ashish@FreeBSD.org>
  *  Attila Nagy <bra@fsn.hu>

dns/powerdns-recursor: Update to 4.7.0

ChangeLog:
https://blog.powerdns.com/2022/05/30/powerdns-recursor-4-7-0-released/

PR:		264427

devel/boost-all: bump all library consumers after boost upgrade

PR:	246106

dns/powerdns-recursor: Update to 4.6.2

Changelog:	https://blog.powerdns.com/2022/04/04/powerdns-recursor-4-6-2-and-4-5-9-released/

PR:		263160

dns/powerdns-recursor: update to 4.6.1

Fixes CVE-2022-27227

PR:	262879
Reported by:	Ralf van der Enden <tremere@cainites.net> (maintainer)
MFH:	2022Q2 (security fix)
Security:	CVE-2022-27227

dns/powerdns-recursor: Update to 4.6.0

PR:		260587

dns/powerdns-recursor: Update to 4.5.7

Changelog:	https://blog.powerdns.com/2021/11/05/powerdns-recursor-4-4-7-and-4-5-7-released/

PR:		259661

dns/powerdns-recursor: update to 4.5.6

ChangeLog:
https://blog.powerdns.com/2021/10/11/powerdns-recursor-4-5-6-released/

PR:		259128

cleanup: drop support for EOL FreeBSD 11.X

Search criteria used:
- 11.4
- OSREL*
- OSVER*
- *_FreeBSD_11

Input from:
- adridg: devel/qca-legacy
- jbeich: _WITH_DPRINTF, _WITH_GETLINE, GNU bfd workarounds
- sunpoet: security/p5-*OpenSSL*

Reviewed by:	doceng, kde, multimedia, perl, python, ruby, rust
Differential Revision: https://reviews.freebsd.org/D32008
Test Plan: make index

dns/powerdns-recursor: Update to 4.5.5

Changelog:	https://blog.powerdns.com/2021/07/30/powerdns-recursor-4-4-5-and-4-5-5-released/

PR:		257581

dns/powerdns-recursor: update to 4.5.4

Announcement
https://blog.powerdns.com/2021/07/02/powerdns-recursor-4-5-4-released/

PR:		257199

dns/powerdns-recursor: update to 4.5.2

rc.d script changes + cleanup deps

mark NOT_FOR_ARCHS=i386 since upstream no longer supports archs with
32bit time_t.

Changes: https://doc.powerdns.com/recursor/changelog/4.5.html#change-4.5.2

PR:		256530
Approved by:	maintainer

dns/powerdns-recursor: update to 4.5.1

PR:		255785
Approved by:	maintainer

dns/powerdns-recursor: update to 4.4.3

Changelog https://doc.powerdns.com/recursor/changelog/4.4.html#change-4.4.3

PR:		254865
Approved by:	Ralf van der Enden <tremere@cainites.net> (maintainer)

all: Remove all other $FreeBSD keywords.

Remove # $FreeBSD$ from Makefiles.

dns/powerdns-recursor: unbreak build with lua54

Switch to autoreconf to avoid heavy multilina patching of configure script

PR:		253078
Submitted by:	fluffy
Approved by:	maintainer
MFH:		2021Q1

Bump PORTREVISION for devel/protobuf shlib change

dns/powerdns-recursor: Update to 4.4.2

- Improvements:
  - Use the non-cryptographic variant of the boost::uuid.
  - Keep a cached, valid entry over a fresher Bogus one.
  - Ensure socket-dir matches runtime directory on old systemd
  - Move to several distinct Bogus states, for easier debugging.
  - Do not chase CNAME during qname minimization step 4.

- Bug Fixes:
  - Untangle the validation/resolving qnames and qtypes.
  - APL records: fix endianness problem.

PR:		251923
Submitted by:	Ralf van der Enden (maintainer)
Reviewed by:	osa (mentor)
Approved by:	osa (mentor)
Differential Revision:	https://reviews.freebsd.org/D27679

dns/powerdns-recursor: update to 4.4.0 and add DNSTAP knob

Changelog:
https://doc.powerdns.com/recursor/changelog/4.4.html#change-4.4.0

PR:		250464
Submitted by:	Juraj Lutter; Ralf van der Enden (maintainer)
Approved by:	Ralf van der Enden (maintainer)

dns/powerdns-recursor: update to 4.3.5

PR:		250318
Submitted by:	Ralf van der Enden <tremere@cainites.net>
Reported by:	michael.glaus@hostpoint.ch
Security:	https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-07.html
Security:	CVE-2020-25829
Sponsored by:	SkunkWerks, GmbH

dns/powerdns-recursor: update 4.3.3 -> 4.3.4

Improvements
- Ensure runtime dirs for virtual services differ.
  References: #9073, pull request 9397

Bug Fixes
- Allow some more depth headroom for the no-qname-minimization fallback case.
  References: #9375, pull request 9416
- Resize hostname to final size in getCarbonHostname().
  References: pull request 9367

PR:		249188
Submitted by:	Pascal Christen <pascal.christen@hostpoint.ch>
Reviewed by:	fernape
Approved by:	Ralf van der Enden <tremere@cainites.net> (maintainer)
Relnotes:	https://doc.powerdns.com/recursor/changelog/4.3.html#change-4.3.4

Bump PORTREVISION for devel/protobuf shlib change

dns/powerdns-recursor: update to 4.3.3

PR:		248207
Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)

Update to 4.3.2

This update contains a security fix for CVE-2020-14196.

The issue is:

CVE-2020-14196: An issue has been found in PowerDNS Recursor where the ACL
applied to the internal web server via webserver-allow-from is not properly
enforced, allowing a remote attacker to send HTTP queries to the internal web
server, bypassing the restriction.

In the default configuration the API webserver is not enabled. Only
installations using a non-default value for webserver and webserver-address are
affected.

As usual, there were also other smaller enhancements and bugfixes. In
particular, the 4.3.2 release contains fixes that allow long CNAME chains to
resolve properly, where previously they could fail if qname minimization is
enabled.

PR:		247707
Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)
MFH:		2020Q3
Security:	641cd669-bc37-11ea-babf-6805ca2fa271
Sponsored by:	Netzkommune GmbH

Bump PORTREVISION for devel/protobuf shlib change

Mark as broken on powerpc64-12 (builds fine everywhere else).

Approved by:	portmgr (tier-2 blanket)

- Update to 4.3.1
- Mark broken on i386
- Updated hostnamemax patch

PR:		246655
Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)
Approved by:	ehaupt (mentor)
MFH:		2020Q2 (blanket, security fixes)
Security:	f9c5a410-9b4e-11ea-ac3f-6805ca2fa271
Changelog:	https://doc.powerdns.com/recursor/changelog/4.3.html#change-4.3.1

Do not set directory mode/ownership. Values are already default.
No PORTREVISION bump required since this is a no-op.

Notified by:	mat
Approved by:	ehaupt (mentor)

- Update to 4.3.0
- Add LICENSE_FILE
- Create directory for sockets and pidfile
- Update pkg-descr with a more descriptive text from website

PR:		244657
Submitted by:	yds <yds@Necessitu.de>
Approved by:	tremere@cainites.net (maintainer), ehaupt (mentor)
Changelog:	https://blog.powerdns.com/2020/03/03/powerdns-recursor-4-3-0-released/

Update to 4.2.1

Changelog: https://doc.powerdns.com/recursor/changelog/4.2.html#change-4.2.1

PR:		24257
Submitted by:	maintainer

Bump PORTREVISION for devel/protobuf shlib change

Chase rename of security/openssl111

 - Categories a-m

MFH:		2020Q1

devel/boost-*: update to 1.72.0

Changes:	http://www.boost.org/users/history/version_1_72_0.html
PR:		241449
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D22136

Drop the ipv6 virtual category for d* category as it is not relevant anymore

Drop C++11 workaround for GCC < 6 after r449590

lang/gcc5 will expire in ~1 month. If someone still uses lang/gcc48
they should backport C++11 fix instead. QA on GCC architecuters is
currently limited to powerpc64 which uses GCC_DEFAULT.

PR:		193528

dns/powerdns-recursor: upgrade 4.1.14 -> 4.2.0

PR:		239376
Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)
Relnotes:	https://doc.powerdns.com/recursor/changelog/4.2.html
		https://blog.powerdns.com/2019/07/15/powerdns-recursor-4-2-0-released/

devel/boost-*: update to 1.71.0

Changes:	http://www.boost.org/users/history/version_1_71_0.html
PR:		238827
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D20774

Convert to UCL & cleanup pkg-message (categories d)

Bump PORTREVISION for devel/protobuf shlib change

Bump PORTREVISION for ports depending on the canonical version of GCC
as defined in Mk/bsd.default-versions.mk which has moved from GCC 8.3
to GCC 9.1 under most circumstances now after revision 507371.

This includes ports
 - with USE_GCC=yes or USE_GCC=any,
 - with USES=fortran,
 - using Mk/bsd.octave.mk which in turn features USES=fortran, and
 - with USES=compiler specifying openmp, nestedfct, c11, c++0x, c++11-lang,
   c++11-lib, c++14-lang, c++17-lang, or gcc-c++11-lib
plus, everything INDEX-11 shows with a dependency on lang/gcc9 now.

PR:		238330

Update devel/protobuf to 3.8.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/protocolbuffers/protobuf/releases
PR:		238808
Exp-run by:	antoine

dns/powerdns-recursor: Update to 4.1.14

PR:		238602
Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)

dns/powerdns-recursor: fix build and update

Don't add -L/usr/lib unconditionally, it makes gcc8 (used on gcc architectures)
link to base libstdc++.
Update to 4.1.13.

PR:		237947
Approved by:	tcberner (mentor), tremere@cainites.net (maintainer)
Differential Revision:	https://reviews.freebsd.org/D20423

devel/boost-*: update to 1.70.0

Changes:	http://www.boost.org/users/history/version_1_70_0.html
PR:		235956
Exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D19303

dns/powerdns-recursor: update to 4.1.12

PR:		236982
Submitted by:	Ralf van der Enden <tremere@cainites.net> (maintainer)

security/botan2: update to 2.10.0

PR:		236450 237019
Submitted by:	Ralf van der Enden (maintainer)

Update devel/protobuf to 3.7.1

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/protocolbuffers/protobuf/releases
PR:		236157
Exp-run by:	antoine

Commit forgotten patch.

Submitted by:	maintainer

Update to 4.1.11 and add buffer fix for rec_control

The changelog:

#7434: Add an option to export only responses over protobuf #7430:
Reduce systemcall usage in protobuf logging

Also add a fix (pulled in from OpenBSD) for rec_control's buffer
being too small to handle output of some commands. This could be
remedied by setting net.local.dgram.maxdgram=131072 in
/etc/sysctl.conf, but this patch omits that requirement.

PR:		235392
Submitted by:	maintainer