[gentoo-commits] repo/gentoo:master commit in: net-dns/knot/, net-dns/knot/files/

Sat, 06 Dec 2025 05:45:40 -0800 

commit:     916fc7b33862929720dba4df2bc6e2f96cacc82e
Author:     Nicolas PARLANT <nicolas.parlant <AT> parhuet <DOT> fr>
AuthorDate: Fri Dec  5 10:32:25 2025 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Dec  6 13:44:48 2025 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=916fc7b3

net-dns/knot: fix automagic for pkcs11

Bug: https://bugs.gentoo.org/967060
Signed-off-by: Nicolas PARLANT <nicolas.parlant <AT> parhuet.fr>
Part-of: https://github.com/gentoo/gentoo/pull/44918
Signed-off-by: Sam James <sam <AT> gentoo.org>

 .../files/knot-3.5.2-fix_automagic_pkcs11.patch    | 40 ++++++++++++++++++++++
 .../{knot-3.4.9.ebuild => knot-3.4.9-r1.ebuild}    |  6 ++++
 .../{knot-3.5.2.ebuild => knot-3.5.2-r1.ebuild}    |  6 ++++
 3 files changed, 52 insertions(+)

diff --git a/net-dns/knot/files/knot-3.5.2-fix_automagic_pkcs11.patch 
b/net-dns/knot/files/knot-3.5.2-fix_automagic_pkcs11.patch
new file mode 100644
index 000000000000..4cc4bf2aa609
--- /dev/null
+++ b/net-dns/knot/files/knot-3.5.2-fix_automagic_pkcs11.patch
@@ -0,0 +1,40 @@
+PR merged https://gitlab.nic.cz/knot/knot-dns/-/merge_requests/1830.patch
+remove automagic for PKCS #11 support
+add a option pkcs11 to handle this
+--- a/configure.ac
++++ b/configure.ac
+@@ -151,9 +151,9 @@ PKG_CHECK_MODULES([gnutls], [gnutls >= 3.6.10], [
+     CFLAGS="$CFLAGS $gnutls_CFLAGS"
+     LIBS="$LIBS $gnutls_LIBS"
+ 
+-    AC_CHECK_FUNC([gnutls_pkcs11_copy_pubkey], [enable_pkcs11=yes], 
[enable_pkcs11=no])
+-    AS_IF([test "$enable_pkcs11" = yes],
+-        [AC_DEFINE([ENABLE_PKCS11], [1], [PKCS #11 support available])])
++    AC_CHECK_FUNC([gnutls_pkcs11_copy_pubkey],
++        [AC_DEFINE([HAVE_GNUTLS_PKCS11], [1], [gnutls_pkcs11_copy_pubkey 
available])
++         gnutls_pkcs11=yes], [gnutls_pkcs11=no])
+ 
+     AC_CHECK_DECL([GNUTLS_SIGN_EDDSA_ED448],
+         [AC_DEFINE([HAVE_ED448], [1], [GnuTLS ED448 support available])
+@@ -170,7 +170,21 @@ PKG_CHECK_MODULES([gnutls], [gnutls >= 3.6.10], [
+ ], [
+     AS_IF([test "$enable_redis" != "module"], [AC_MSG_ERROR([GnuTLS library 
not found])])
+ ])
++# PKCS11 support
++AC_ARG_ENABLE([pkcs11],
++   AS_HELP_STRING([--enable-pkcs11=auto|yes|no], [Support PKCS #11 
[default=auto]]),
++   [], [enable_pkcs11=auto])
++
++AS_CASE([$enable_pkcs11],
++   [auto], [AS_IF([test "$gnutls_pkcs11" = "yes"], [enable_pkcs11=yes], 
[enable_pkcs11=no])],
++   [yes],  [AS_IF([test "$gnutls_pkcs11" = "yes"], [enable_pkcs11=yes], [
++     AC_MSG_ERROR([PKCS11 not available])])],
++   [no], [],
++   [*], [AC_MSG_ERROR([Invalid value of --enable-pkcs11.])]
++)
+ AM_CONDITIONAL([ENABLE_PKCS11], [test "$enable_pkcs11" = "yes"])
++AS_IF([test "$enable_pkcs11" != "no"], [
++  AC_DEFINE([ENABLE_PKCS11], [1], [Define to 1 to enable PKCS #11 support 
using GnuTLS])])
+ 
+ AC_ARG_ENABLE([recvmmsg],
+    AS_HELP_STRING([--enable-recvmmsg=auto|yes|no], [enable recvmmsg() network 
API [default=auto]]),

diff --git a/net-dns/knot/knot-3.4.9.ebuild b/net-dns/knot/knot-3.4.9-r1.ebuild
similarity index 97%
rename from net-dns/knot/knot-3.4.9.ebuild
rename to net-dns/knot/knot-3.4.9-r1.ebuild
index 5d652d70eec3..38bdcb1191ca 100644
--- a/net-dns/knot/knot-3.4.9.ebuild
+++ b/net-dns/knot/knot-3.4.9-r1.ebuild
@@ -100,6 +100,11 @@ BDEPEND="
        verify-sig? ( sec-keys/openpgp-keys-knot )
 "
 
+PATCHES=(
+       # PR 1830 merged
+       "${FILESDIR}"/${PN}-3.5.2-fix_automagic_pkcs11.patch
+)
+
 VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/${PN}.asc
 
 # Used to check cpuset_t in sched.h with NetBSD.
@@ -146,6 +151,7 @@ src_configure() {
                $(use_enable fastparser)
                $(use_enable geoip maxminddb)
                $(use_with idn libidn)
+               $(use_enable pkcs11)
                $(use_enable quic)
                $(use_enable systemd)
                $(use_enable utils utilities)

diff --git a/net-dns/knot/knot-3.5.2.ebuild b/net-dns/knot/knot-3.5.2-r1.ebuild
similarity index 98%
rename from net-dns/knot/knot-3.5.2.ebuild
rename to net-dns/knot/knot-3.5.2-r1.ebuild
index 4da2752199b5..40d6a8dbd423 100644
--- a/net-dns/knot/knot-3.5.2.ebuild
+++ b/net-dns/knot/knot-3.5.2-r1.ebuild
@@ -108,6 +108,11 @@ 
VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/${PN}.asc
 # False positive because linux have sched.h too but with cpu_set_t
 QA_CONFIG_IMPL_DECL_SKIP=( cpuset_create cpuset_destroy )
 
+PATCHES=(
+       # PR 1830 merged
+       "${FILESDIR}"/${PN}-3.5.2-fix_automagic_pkcs11.patch
+)
+
 python_check_deps() {
        use doc || return 0
        python_has_version "dev-python/sphinx[${PYTHON_USEDEP}]" \
@@ -148,6 +153,7 @@ src_configure() {
                $(use_enable fastparser)
                $(use_enable geoip maxminddb)
                $(use_with idn libidn)
+               $(use_enable pkcs11)
                $(use_enable quic)
                $(use_enable redis redis $(usex daemon client))
                $(use_enable systemd)

Reply via email to