From owner-svn-ports-head@freebsd.org  Wed Jul 13 13:29:20 2016
Return-Path: <owner-svn-ports-head@freebsd.org>
Delivered-To: svn-ports-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 337D6B97411;
 Wed, 13 Jul 2016 13:29:20 +0000 (UTC)
 (envelope-from erwin@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 0ED28187D;
 Wed, 13 Jul 2016 13:29:19 +0000 (UTC)
 (envelope-from erwin@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u6DDTJql079701;
 Wed, 13 Jul 2016 13:29:19 GMT (envelope-from erwin@FreeBSD.org)
Received: (from erwin@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id u6DDTI99079693;
 Wed, 13 Jul 2016 13:29:18 GMT (envelope-from erwin@FreeBSD.org)
Message-Id: <201607131329.u6DDTI99079693@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: erwin set sender to
 erwin@FreeBSD.org using -f
From: Erwin Lansing <erwin@FreeBSD.org>
Date: Wed, 13 Jul 2016 13:29:18 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r418476 - in head/dns: . opendnssec2 opendnssec2/files
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-head>, 
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Jul 2016 13:29:20 -0000

Author: erwin
Date: Wed Jul 13 13:29:18 2016
New Revision: 418476
URL: https://svnweb.freebsd.org/changeset/ports/418476

Log:
  The current opendnssec porthas seen a massive rewrite by the upstream
  so it was rechristened opendnssec Version 2.
  To quote the announcement at <https://www.opendnssec.org>:
  
  "OpenDNSSEC got a entire re-write of the enforcer. This part of
  OpenDNSSEC controls changing signing keys in the right way to perform
  a roll-over. Before, the enforcer would perform a roll-over according
  to a strict paradigm. One scenario in which deviations would not be
  possible.
  
  The new enforcer is more aware of the zone changes being propagated in
  the Internet. It can therefore decide when it is safe to make changes,
  rather than to rely upon a given scenario.
  
  PR:		211018
  Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl>
  Sponsored by:	DK Hostmaster A/S

Added:
  head/dns/opendnssec2/
  head/dns/opendnssec2/Makefile   (contents, props changed)
  head/dns/opendnssec2/distinfo   (contents, props changed)
  head/dns/opendnssec2/files/
  head/dns/opendnssec2/files/opendnssec.in   (contents, props changed)
  head/dns/opendnssec2/files/pkg-message.in   (contents, props changed)
  head/dns/opendnssec2/pkg-descr   (contents, props changed)
  head/dns/opendnssec2/pkg-plist   (contents, props changed)
Modified:
  head/dns/Makefile

Modified: head/dns/Makefile
==============================================================================
--- head/dns/Makefile	Wed Jul 13 13:26:29 2016	(r418475)
+++ head/dns/Makefile	Wed Jul 13 13:29:18 2016	(r418476)
@@ -105,6 +105,7 @@
     SUBDIR += opendd
     SUBDIR += opendnssec
     SUBDIR += opendnssec13
+    SUBDIR += opendnssec2
     SUBDIR += openresolv
     SUBDIR += p5-AnyEvent-CacheDNS
     SUBDIR += p5-AnyEvent-DNS-EtcHosts

Added: head/dns/opendnssec2/Makefile
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/dns/opendnssec2/Makefile	Wed Jul 13 13:29:18 2016	(r418476)
@@ -0,0 +1,84 @@
+# Created by: Jaap Akkerhuis <jaap@NLnetLabs.nl>
+# $FreeBSD$
+
+PORTNAME=	opendnssec
+PORTVERSION=	2.0.0
+CATEGORIES=	dns
+MASTER_SITES=	http://dist.opendnssec.org/source/
+PKGNAMESUFFIX=	2
+
+MAINTAINER=	jaap@NLnetLabs.nl
+COMMENT=	Tool suite for maintaining DNSSEC
+
+LICENSE=	BSD3CLAUSE
+
+BUILD_DEPENDS=	ldns>=1.6.16:dns/ldns
+LIB_DEPENDS=	libldns.so:dns/ldns
+
+GNU_CONFIGURE=	yes
+CONFIGURE_ARGS=	--localstatedir="${PREFIX}/var"
+USE_RC_SUBR=	opendnssec
+USE_GNOME=	libxml2
+USES=		perl5
+USES=		ssl
+USE_LDCONFIG=	yes
+
+SUB_FILES+=	pkg-message
+
+CONFLICTS=	opendnssec-1.[0-4]*
+
+USERS=		opendnssec
+GROUPS=		opendnssec
+
+PORTDOCS=	MIGRATION NEWS README.md
+MIGRATE=	README.md find_problematic_zones.sql \
+		convert_mysql mysql_convert.sql \
+		convert_sqlite sqlite_convert.sql
+
+OPTIONS_DEFINE=		SOFTHSM DOCS
+OPTIONS_SUB=		yes
+
+OPTIONS_SINGLE=		DB
+OPTIONS_SINGLE_DB=	SQLITE MYSQL
+
+OPTIONS_DEFAULT=	DOCS SQLITE
+
+SOFTHSM_DESC=		SoftHSM cryptographic store for PKCS \#11 interface
+
+MYSQL_DESC=		Use MYSQL backend
+SQLITE_DESC=		Use SQLite backend
+
+.include <bsd.port.options.mk>
+
+.if ${PORT_OPTIONS:MMYSQL}
+CONFIGURE_ARGS+=	--with-enforcer-database=mysql
+USES+=		mysql
+.endif
+
+.if ${PORT_OPTIONS:MSQLITE}
+USES=		sqlite
+CONFIGURE_ARGS+=	--with-enforcer-database=sqlite3
+BUILD_DEPENDS+=	sqlite3>=3.3.9:databases/sqlite3
+.endif
+
+.if ${PORT_OPTIONS:MSOFTHSM}
+CONFIGURE_ARGS+=	--with-pkcs11-softhsm=${LOCALBASE}/lib/softhsm/libsofthsm.so
+RUN_DEPENDS+=	softhsm>=1.2.0:security/softhsm
+.endif
+
+pre-install:
+.if ${PORT_OPTIONS:MMYSQL}
+	${REINPLACE_CMD} -e '/REQUIRE:/ s|$$| mysql|' ${WRKDIR}/opendnssec
+.endif
+
+post-install:
+.if ${PORT_OPTIONS:MDOCS}
+	@${MKDIR} ${STAGEDIR}${DOCSDIR}
+	${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/|} ${STAGEDIR}${DOCSDIR}
+	${MKDIR} ${STAGEDIR}${DOCSDIR}/1.4-2.0_db_convert
+	${INSTALL_DATA} \
+		${MIGRATE:S|^|${WRKSRC}/enforcer/utils/1.4-2.0_db_convert/|} \
+		${STAGEDIR}${DOCSDIR}/1.4-2.0_db_convert
+.endif
+
+.include <bsd.port.mk>

Added: head/dns/opendnssec2/distinfo
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/dns/opendnssec2/distinfo	Wed Jul 13 13:29:18 2016	(r418476)
@@ -0,0 +1,3 @@
+TIMESTAMP = 1467876838
+SHA256 (opendnssec-2.0.0.tar.gz) = 3f3087ee1f2dee8b55d823d4b6825dc0212ea5162965382df11b2de36b888b7f
+SIZE (opendnssec-2.0.0.tar.gz) = 1072734

Added: head/dns/opendnssec2/files/opendnssec.in
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/dns/opendnssec2/files/opendnssec.in	Wed Jul 13 13:29:18 2016	(r418476)
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+# $FreeBSD$
+#
+# PROVIDE: opendnssec
+# REQUIRE: LOGIN DAEMON
+# KEYWORD: shutdown
+#
+# Add the following line to /etc/rc.conf to enable opendnssec:
+#
+# opendnssec_enable="YES"
+
+. /etc/rc.subr
+
+name=opendnssec
+rcvar=opendnssec_enable
+
+load_rc_config $name
+
+opendnssec_enable=${opendnssec_enable:-"NO"}
+
+start_cmd="${name}_run start"
+stop_cmd="${name}_run stop"
+extra_commands="reload ksm hsm signer enforcer"
+
+procname=${opendnssec_procname}
+
+opendnssec_run()
+{
+    %%PREFIX%%/sbin/ods-control $1
+}
+
+run_rc_command "$1"

Added: head/dns/opendnssec2/files/pkg-message.in
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/dns/opendnssec2/files/pkg-message.in	Wed Jul 13 13:29:18 2016	(r418476)
@@ -0,0 +1,27 @@
+######
+# A manual migration step is needed to migration from 1.4 to 2.0.
+#
+# First migrate to at least the 1.4.10 release if you have not already done
+# so.
+#
+# Review the documentation on the OpenDNSSEC site.  This can be
+# updated in between releases to provide more help.  Especially if
+# you have tooling around OpenDNSSEC you should be aware that some
+# command line utilities have changed.  A fair amount of backward
+# compatibility has been respected, but changes are present.
+# 
+# The enforcer does require a full migration, as the internal database has
+# been completely revised.  See the documentation in 
+# %%DOCSDIR%%/1.4-2.0_db_convert/README.md for a description.
+# 
+# Migration scripts are installed in %%DOCSDIR%%.
+#
+# The signer does not require any migration.  Backward compatibility is
+# respected from earlier 1.4 release.  The signer should not require a
+# full resign of your zone when upgrading, however if you decide to downgrade
+# a full resign is required.
+######
+
+An HowTo is provided at
+<https://wiki.opendnssec.org/display/DOCS20/Quick+start+guide>
+

Added: head/dns/opendnssec2/pkg-descr
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/dns/opendnssec2/pkg-descr	Wed Jul 13 13:29:18 2016	(r418476)
@@ -0,0 +1,5 @@
+OpenDNSSEC was created as an open-source turn-key solution for
+DNSSEC. It secures zone data just before it is published in an
+authoritative name server.
+
+WWW: http://www.opendnssec.org

Added: head/dns/opendnssec2/pkg-plist
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/dns/opendnssec2/pkg-plist	Wed Jul 13 13:29:18 2016	(r418476)
@@ -0,0 +1,65 @@
+bin/ods-hsmspeed
+bin/ods-hsmutil
+bin/ods-kasp2html
+bin/ods-kaspcheck
+bin/ods-ksmutil
+@sample %%ETCDIR%%/addns.xml.sample
+@sample %%ETCDIR%%/conf.xml.sample
+@sample %%ETCDIR%%/kasp.xml.sample
+@sample %%ETCDIR%%/zonelist.xml.sample
+man/man1/ods-hsmspeed.1.gz
+man/man1/ods-hsmutil.1.gz
+man/man1/ods-kaspcheck.1.gz
+man/man1/ods-ksmutil.1.gz
+man/man5/ods-kasp.5.gz
+man/man5/ods-timing.5.gz
+man/man7/opendnssec.7.gz
+man/man8/ods-control.8.gz
+man/man8/ods-enforcer-db-setup.8.gz
+man/man8/ods-enforcer.8.gz
+man/man8/ods-enforcerd.8.gz
+man/man8/ods-signer.8.gz
+man/man8/ods-signerd.8.gz
+sbin/ods-control
+sbin/ods-enforcer
+sbin/ods-enforcer-db-setup
+sbin/ods-enforcerd
+sbin/ods-migrate
+sbin/ods-signer
+sbin/ods-signerd
+%%PORTDOCS%%%%DOCSDIR%%/1.4-2.0_db_convert/README.md
+%%PORTDOCS%%%%DOCSDIR%%/1.4-2.0_db_convert/convert_mysql
+%%PORTDOCS%%%%DOCSDIR%%/1.4-2.0_db_convert/convert_sqlite
+%%PORTDOCS%%%%DOCSDIR%%/1.4-2.0_db_convert/find_problematic_zones.sql
+%%PORTDOCS%%%%DOCSDIR%%/1.4-2.0_db_convert/mysql_convert.sql
+%%PORTDOCS%%%%DOCSDIR%%/1.4-2.0_db_convert/sqlite_convert.sql
+%%DATADIR%%/addns.rnc
+%%DATADIR%%/addns.rng
+%%DATADIR%%/conf.rnc
+%%DATADIR%%/conf.rng
+%%DATADIR%%/enforcerstate.rnc
+%%DATADIR%%/enforcerstate.rng
+%%DATADIR%%/kasp.rnc
+%%DATADIR%%/kasp.rng
+%%DATADIR%%/kasp2html.xsl
+@comment %%SQLITE%%%%DATADIR%%/migrate_1_4_8.sqlite3
+@comment %%SQLITE%%%%DATADIR%%/migrate_adapters_1.sqlite3
+@comment %%SQLITE%%%%DATADIR%%/migrate_keyshare_sqlite3.pl
+@comment %%SQLITE%%%%DATADIR%%/migrate_to_ng_sqlite.pl
+@comment %%MYSQL%%%%DATADIR%%/migrate_1_4_8.mysql
+@comment %%MYSQL%%%%DATADIR%%/migrate_adapters_1.mysql
+@comment %%MYSQL%%%%DATADIR%%/migrate_keyshare_mysql.pl
+@comment %%MYSQL%%%%DATADIR%%/migrate_zone_delete.mysql
+@comment %%MYSQL%%%%DATADIR%%/migrate_id_mysql.pl
+@comment %%MYSQL%%%%DATADIR%%/migrate_to_ng_mysql.pl
+%%DATADIR%%/signconf.rnc
+%%DATADIR%%/signconf.rng
+%%DATADIR%%/zonelist.rnc
+%%DATADIR%%/zonelist.rng
+@dir(opendnssec,opendnssec,) var/opendnssec
+@dir(opendnssec,opendnssec,) var/opendnssec/enforcer
+@dir(opendnssec,opendnssec,) var/opendnssec/signconf
+@dir(opendnssec,opendnssec,) var/opendnssec/signed
+@dir(opendnssec,opendnssec,) var/opendnssec/signer
+@dir(opendnssec,opendnssec,) var/opendnssec/unsigned
+@dir(opendnssec,opendnssec,) var/run/opendnssec