proj/gentoo: Initial commit

This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.

This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.

Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed

5 files changed, 179 insertions, 0 deletions

diff --git a/net-dns/pdns-recursor/files/pdns-recursor-3.1.7.2-error-message.patch b/net-dns/pdns-recursor/files/pdns-recursor-3.1.7.2-error-message.patch
new file mode 100644
index 000000000000..7fdf208037cd
--- /dev/null
+++ b/net-dns/pdns-recursor/files/pdns-recursor-3.1.7.2-error-message.patch
@@ -0,0 +1,11 @@
+--- pdns-recursor-3.1.7.2/rec_channel.cc
++++ pdns-recursor-3.1.7.2/rec_channel.cc
+@@ -100,7 +100,7 @@
+   strcpy(remote.sun_path,(path+"/"+fname).c_str());
+   if(::connect(d_fd, (sockaddr*)&remote, sizeof(remote)) < 0) {
+     unlink(d_local.sun_path);
+-    throw AhuException("Unable to connect to remote '"+path+fname+"': "+string(strerror(errno)));
++    throw AhuException("Unable to connect to remote '"+path+"/"+fname+"': "+string(strerror(errno)));
+   }
+ }
+ 
diff --git a/net-dns/pdns-recursor/files/pdns-recursor-3.5.3-fdlimit.patch b/net-dns/pdns-recursor/files/pdns-recursor-3.5.3-fdlimit.patch
new file mode 100644
index 000000000000..3b6e8e25d972
--- /dev/null
+++ b/net-dns/pdns-recursor/files/pdns-recursor-3.5.3-fdlimit.patch
@@ -0,0 +1,67 @@
+--- pdns-recursor-3.5.3/misc.cc
++++ pdns-recursor-3.5.3/misc.cc
+@@ -22,6 +22,7 @@
+ #include <netdb.h>
+ #include <sys/time.h>
+ #include <time.h>
++#include <sys/resource.h>
+ #include <netinet/in.h>
+ #include <unistd.h>
+ #endif // WIN32
+@@ -697,3 +698,22 @@
+   } while(!strchr(buffer, '\n'));
+   return true;
+ }
++
++unsigned int getFilenumLimit(bool hardOrSoft)
++{
++  struct rlimit rlim;
++  if(getrlimit(RLIMIT_NOFILE, &rlim) < 0)
++    unixDie("Requesting number of available file descriptors");
++  return hardOrSoft ? rlim.rlim_max : rlim.rlim_cur;
++}
++
++void setFilenumLimit(unsigned int lim)
++{
++  struct rlimit rlim;
++
++  if(getrlimit(RLIMIT_NOFILE, &rlim) < 0)
++    unixDie("Requesting number of available file descriptors");
++  rlim.rlim_cur=lim;
++  if(setrlimit(RLIMIT_NOFILE, &rlim) < 0)
++    unixDie("Setting number of available file descriptors");
++}
+--- pdns-recursor-3.5.3/misc.hh
++++ pdns-recursor-3.5.3/misc.hh
+@@ -445,4 +445,6 @@
+   regex_t d_preg;
+ };
+ 
++unsigned int getFilenumLimit(bool hardOrSoft=0);
++void setFilenumLimit(unsigned int lim);
+ #endif
+--- pdns-recursor-3.5.3/pdns_recursor.cc
++++ pdns-recursor-3.5.3/pdns_recursor.cc
+@@ -1740,7 +1740,21 @@
+   
+   g_tcpTimeout=::arg().asNum("client-tcp-timeout");
+   g_maxTCPPerClient=::arg().asNum("max-tcp-per-client");
+-  g_maxMThreads=::arg().asNum("max-mthreads");
++  g_maxMThreads=::arg().asNum("max-mthreads");	
++  unsigned int availFDs=getFilenumLimit();
++  if(g_maxMThreads * g_numThreads > availFDs) {
++    if(getFilenumLimit(true) >= g_maxMThreads * g_numThreads) {
++      setFilenumLimit(g_maxMThreads * g_numThreads);
++      L<<Logger::Warning<<"Raised soft limit on number of filedescriptors to "<<g_maxMThreads * g_numThreads<<" to match max-mthreads and threads settings"<<endl;
++    }
++    else {
++      int newval = getFilenumLimit(true) / g_numThreads;
++      L<<Logger::Warning<<"Insufficient number of filedescriptors available for max-mthreads*threads setting! ("<<availFDs<<" < "<<g_maxMThreads*g_numThreads<<"), reducing max-mthreads to "<<newval<<endl;
++      g_maxMThreads = newval;
++    }
++
++    
++  }
+ 
+   if(g_numThreads == 1) {
+     L<<Logger::Warning<<"Operating unthreaded"<<endl;
diff --git a/net-dns/pdns-recursor/files/pdns-recursor-3.6.1-CVE-2014-8601.patch b/net-dns/pdns-recursor/files/pdns-recursor-3.6.1-CVE-2014-8601.patch
new file mode 100644
index 000000000000..44ccc2803848
--- /dev/null
+++ b/net-dns/pdns-recursor/files/pdns-recursor-3.6.1-CVE-2014-8601.patch
@@ -0,0 +1,52 @@
+https://downloads.powerdns.com/patches/2014-02/3.6.1.patch
+
+diff --git a/pdns_recursor.cc b/pdns_recursor.cc
+index f1ef93c..8e43d6e 100644
+--- a/pdns_recursor.cc
++++ b/pdns_recursor.cc
+@@ -550,7 +550,14 @@ void startDoResolve(void *p)
+ 
+     // if there is a RecursorLua active, and it 'took' the query in preResolve, we don't launch beginResolve
+     if(!t_pdl->get() || !(*t_pdl)->preresolve(dc->d_remote, g_listenSocketsAddresses[dc->d_socket], dc->d_mdp.d_qname, QType(dc->d_mdp.d_qtype), ret, res, &variableAnswer)) {
+-      res = sr.beginResolve(dc->d_mdp.d_qname, QType(dc->d_mdp.d_qtype), dc->d_mdp.d_qclass, ret);
++       try {
++         res = sr.beginResolve(dc->d_mdp.d_qname, QType(dc->d_mdp.d_qtype), dc->d_mdp.d_qclass, ret);
++       }
++       catch(ImmediateServFailException &e) {
++         L<<Logger::Error<<"Sending SERVFAIL during resolve of '"<<dc->d_mdp.d_qname<<"' because: "<<e.reason<<endl;
++
++         res = RCode::ServFail;
++       }
+ 
+       if(t_pdl->get()) {
+         if(res == RCode::NoError) {
+diff --git a/syncres.cc b/syncres.cc
+index 4dc78b4..d09e44b 100644
+--- a/syncres.cc
++++ b/syncres.cc
+@@ -923,6 +923,7 @@ int SyncRes::doResolveAt(set<string, CIStringCompare> nameservers, string auth,
+           }
+           else {
+             s_outqueries++; d_outqueries++;
++            if(d_outqueries > 50) throw ImmediateServFailException("more than 50 queries sent while resolving "+qname);
+           TryTCP:
+             if(doTCP) {
+               LOG(prefix<<qname<<": using TCP with "<< remoteIP->toStringWithPort() <<endl);
+diff --git a/syncres.hh b/syncres.hh
+index 5182527..b22de89 100644
+--- a/syncres.hh
++++ b/syncres.hh
+@@ -593,6 +593,13 @@ private:
+   static AtomicCounter s_currentConnections; //!< total number of current TCP connections
+ };
+ 
++class ImmediateServFailException
++{
++public:
++  ImmediateServFailException(string r){reason=r;};
++
++  string reason; //! Print this to tell the user what went wrong
++};
+ 
+ struct RemoteKeeper
+ {
diff --git a/net-dns/pdns-recursor/files/precursor b/net-dns/pdns-recursor/files/precursor
new file mode 100644
index 000000000000..aea84531e5ee
--- /dev/null
+++ b/net-dns/pdns-recursor/files/precursor
@@ -0,0 +1,28 @@
+#!/sbin/runscript
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+extra_started_commands="ping"
+
+depend() {
+	need net
+}
+
+start() {
+	ebegin "Starting PowerDNS Recursor"
+	/usr/sbin/pdns_recursor --daemon=yes &>/dev/null
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping PowerDNS Recursor"
+	/usr/sbin/rec_control quit &>/dev/null
+	eend $?
+}
+
+ping() {
+	ebegin "Pinging PowerDNS Recursor"
+	/usr/sbin/rec_control ping &>/dev/null
+	eend $?
+}
diff --git a/net-dns/pdns-recursor/files/recursor.conf b/net-dns/pdns-recursor/files/recursor.conf
new file mode 100644
index 000000000000..e231b9fc6f10
--- /dev/null
+++ b/net-dns/pdns-recursor/files/recursor.conf
@@ -0,0 +1,21 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+# Drop uid
+setuid=nobody
+
+# Drop gid
+setgid=nobody
+
+# Don't log queries
+quiet=on
+
+# Local IP address to bind to
+local-address=127.0.0.1
+
+# Local port to bind to
+local-port=53
+
+# Change root for safety
+chroot=/var/lib/powerdns