- properly set the profilename for apparmor

- package the docs directory so we can reference it in the example
  config

- Fix url to the sample configuration

- switch build system to meson 
- fix code 15 build by forcing a newer gcc

- update to 2.0.0
  https://www.dnsdist.org/changelog.html#change-2.0.0
- new buildrequires:
  - gnutls
  - libebpf
- build script needs python3-PyYAML to generate sources
- preparation for enabling new features in the future:
  - yaml-config:
    - adds vendor.tar.xz to vendor the rust modules.
      built linking fails currently
  - xdp support
    - not sure yet if that can be later toggled in the config
  - quiche support which brings DoH3

OBS-URL: https://build.opensuse.org/package/show/server:dns/dnsdist?expand=0&rev=75

_service

@@ -0,0 +1,7 @@
+<services>
+  <service name="cargo_vendor" mode="manual">
+    <param name="srcdir">dnsdist*/dnsdist-rust-lib/rust/</param>
+    <param name="update">false</param>
+    <param name="compression">xz</param>
+  </service>
+</services>

dnsdist-1.9.4.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:297d3a3751af4650665c9d3890a1d5a7a0467175f2c8607d0d5980e3fd67ef14
-size 1591994

dnsdist-2.0.0.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:da30742f51aac8be7e116677cb07bc49fbea979fc5443e7e1fa8fa7bd0a63fe5
+size 2275260

dnsdist.changes

@@ -1,3 +1,67 @@
+-------------------------------------------------------------------
+Sun Aug 10 01:50:43 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
+
+- properly set the profilename for apparmor
+
+-------------------------------------------------------------------
+Sat Aug  9 03:26:26 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
+
+- package the docs directory so we can reference it in the example
+  config
+
+-------------------------------------------------------------------
+Fri Aug  8 22:02:53 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
+
+- Fix url to the sample configuration
+
+-------------------------------------------------------------------
+Fri Aug  8 21:50:56 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
+
+- switch build system to meson 
+- fix code 15 build by forcing a newer gcc
+
+-------------------------------------------------------------------
+Fri Aug  8 20:58:12 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
+
+- update to 2.0.0
+  https://www.dnsdist.org/changelog.html#change-2.0.0
+- new buildrequires:
+  - gnutls
+  - libebpf
+- build script needs python3-PyYAML to generate sources
+- preparation for enabling new features in the future:
+  - yaml-config:
+    - adds vendor.tar.xz to vendor the rust modules.
+      built linking fails currently
+  - xdp support
+    - not sure yet if that can be later toggled in the config
+  - quiche support which brings DoH3
+
+-------------------------------------------------------------------
+Mon May 26 11:13:10 UTC 2025 - Adam Majer <adam.majer@suse.de>
+
+- update to 1.9.10: (bsc#1243378, bsc#1242028, CVE-2025-30194, CVE-2025-30193)
+  https://www.dnsdist.org/changelog.html#change-1.9.10
+- disable luajit on ppc64le for SLFO (bsc#1243566)
+
+-------------------------------------------------------------------
+Tue Nov  5 01:50:12 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- update to 1.9.7:
+  https://dnsdist.org/changelog.html#change-1.9.7
+- drop powerdns-5_1_1-2_fix-build-with-boost-1_86_0.patch included
+  in update
+
+-------------------------------------------------------------------
+Sun Sep 29 19:53:59 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- update to 1.9.6:
+  https://dnsdist.org/changelog.html#change-1.9.6
+  https://dnsdist.org/changelog.html#change-1.9.5
+- add powerdns-5_1_1-2_fix-build-with-boost-1_86_0.patch from Arch
+  linux to fix build with Boost 1.86
+- track series file for easier patching
+
 -------------------------------------------------------------------
 Mon May 13 15:36:16 UTC 2024 - Adam Majer <adam.majer@suse.de>
 

dnsdist.lua

@@ -1,5 +1,7 @@
 -- this is a base example configuration
--- for more see https://github.com/PowerDNS/pdns/blob/master/pdns/dnsdistconf.lua
+-- for more see
+--   https://github.com/PowerDNS/pdns/blob/master/pdns/dnsdistdist/dnsdistconf.lua
+--   /usr/share/doc/packages/dnsdist/docs/reference/config.rst 
 -- controlSocket("127.0.0.1")
 -- setKey(please generate a fresh private key with makeKey())
 

dnsdist.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package dnsdist
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,56 +17,74 @@
 
 
 %define home           %{_var}/lib/%{name}
+
+%if 0%{?suse_version} == 1500
+%global force_gcc_version 14
+%endif
 %if 0%{?suse_version}
 %bcond_without  apparmor
 %else
 %bcond_with     apparmor
 %endif
-#
-# this should only be needed if we have to patch the ragel files
-# in which case it might be faster to just run it locally and put the regenerated file into the tarball
-%bcond_with     dnsdist_ragel
-
-%if 0%{?%is_backports} || 0%{?suse_version} >= 1599
+%if 0%{?%{is_backports}} || 0%{?suse_version} >= 1599
 %bcond_without  dnsdist_re2
 %else
 %bcond_with     dnsdist_re2
 %endif
+%ifarch ppc64le
+%bcond_with     dnsdist_luajit
+%else
 %if 0%{?sle_version} >= 150400 || 0%{?suse_version} >= 1599
 %bcond_without  dnsdist_luajit
 %else
 %bcond_with     dnsdist_luajit
 %endif
+%endif
+#
+# this should only be needed if we have to patch the ragel files
+# in which case it might be faster to just run it locally and put the regenerated file into the tarball
+%bcond_with     dnsdist_ragel
+%bcond_with     dnsdist_yaml_config
+%bcond_with     dnsdist_quiche
+%bcond_with     dnsdist_xdp
 Name:           dnsdist
-Version:        1.9.4
+Version:        2.0.0
 Release:        0
 Summary:        A highly DNS-, DoS- and abuse-aware loadbalancer
 License:        GPL-2.0-only
 Group:          Productivity/Networking/DNS/Servers
 URL:            https://www.powerdns.com/
-Source0:        https://downloads.powerdns.com/releases/dnsdist-%{version}.tar.bz2
-Source1:        https://downloads.powerdns.com/releases/dnsdist-%{version}.tar.bz2.sig
+Source0:        https://downloads.powerdns.com/releases/dnsdist-%{version}.tar.xz
+Source1:        https://downloads.powerdns.com/releases/dnsdist-%{version}.tar.xz.sig
 Source2:        https://dnsdist.org/_static/dnsdist-keyblock.asc#/dnsdist.keyring
+Source3:        vendor.tar.xz
 Source10:       dnsdist.user
 Source11:       dnsdist.lua
 Source12:       usr.sbin.dnsdist
 Source13:       local.usr.sbin.dnsdist
-BuildRequires:  gcc-c++
+Source99:       series
+BuildRequires:  gcc%{?force_gcc_version}
+BuildRequires:  gcc%{?force_gcc_version}-c++
 BuildRequires:  libboost_headers-devel
-BuildRequires:  libedit-devel
-BuildRequires:  libfstrm-devel
-BuildRequires:  libsodium-devel
-BuildRequires:  lmdb-devel
-BuildRequires:  net-snmp-devel
+BuildRequires:  meson
 BuildRequires:  pkgconfig
-BuildRequires:  sysuser-shadow
-BuildRequires:  sysuser-tools
+BuildRequires:  pkgconfig(gnutls)
+BuildRequires:  pkgconfig(libbpf)
 BuildRequires:  pkgconfig(libcap)
+BuildRequires:  pkgconfig(libedit)
+BuildRequires:  pkgconfig(libfstrm)
 BuildRequires:  pkgconfig(libnghttp2)
+BuildRequires:  pkgconfig(libsodium)
 BuildRequires:  pkgconfig(libsystemd)
+BuildRequires:  pkgconfig(lmdb)
+BuildRequires:  pkgconfig(netsnmp)
 BuildRequires:  pkgconfig(systemd)
-%systemd_ordering
-%sysusers_requires
+%if %{with dnsdist_yaml_config}
+BuildRequires:  cargo
+%endif
+%if %{with dnsdist_xdp}
+BuildRequires:  pkgconfig(libxdp)
+%endif
 %if %{with apparmor}
 BuildRequires:  apparmor-profiles
 %endif
@@ -74,13 +92,18 @@ BuildRequires:  apparmor-profiles
 BuildRequires:  ragel
 %endif
 %if %{with dnsdist_re2}
-BuildRequires:  re2-devel
+BuildRequires:  pkgconfig(re2)
 %endif
 %if %{with dnsdist_luajit}
 BuildRequires:  pkgconfig(luajit)
 %else
 BuildRequires:  pkgconfig(lua)
 %endif
+BuildRequires:  python3-PyYAML
+BuildRequires:  sysuser-shadow
+BuildRequires:  sysuser-tools
+%systemd_ordering
+%sysusers_requires
 
 %description
 dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life
@@ -91,41 +114,68 @@ dnsdist is dynamic, in the sense that its configuration can be changed at
 runtime, and that its statistics can be queried from a console-like interface.
 
 %prep
-%autosetup -p1 -n %{name}-%{version}
+%autosetup -p1 -a 3 -n %{name}-%{version}
 
 %build
-export CFLAGS="%{optflags} -Wno-error=deprecated-declarations"
-%ifarch %{arm} %{ix86}
-export CFLAGS="$CFLAGS -D__USE_TIME_BITS64"
+%if 0%{?force_gcc_version}
+export CC="gcc-%{?force_gcc_version}"
+export CXX="g++-%{?force_gcc_version}"
 %endif
-export CXXFLAGS="$CFLAGS"
-
-%configure \
-  --enable-dnstap \
-  --enable-dns-over-tls \
-  --enable-systemd \
-  --enable-lto \
-  --enable-dnscrypt \
-  --enable-dns-over-https \
-%if %{with dnsdist_re2}
-  --with-re2 \
-%endif
-  --with-ebpf \
-  --with-net-snmp \
-  --with-libcap \
-%if %{with dnsdist_luajit}
-  --with-lua=luajit \
-%endif
-  --with-lmdb \
-  --disable-silent-rules \
+%meson \
   --bindir=%{_sbindir} \
-  --sysconfdir=%{_sysconfdir}/%{name}/
+  --sysconfdir=%{_sysconfdir}/%{name} \
+  -Ddnscrypt=enabled \
+  -Dlibcap=enabled \
+  -Dlibedit=enabled \
+  -Dlibsodium=enabled \
+  -Dtls-gnutls=enabled \
+  -Dtls-libssl-engines=true \
+  -Dtls-libssl-providers=true \
+%if %{with dnsdist_luajit}
+  -Dlua=luajit \
+%else
+  -Dlua=lua \
+%endif
+  -Dipcipher=enabled \
+  -Dreproducible=true \
+  -Dsnmp=enabled \
+  -Ddnstap=enabled \
+  -Dnghttp2=enabled \
+  -Dcdb=disabled \
+  -Dlmdb=enabled \
+%if %{with dnsdist_quiche}
+  -Dquiche=enabled \
+  -Ddns-over-http3=enabled \
+  -Ddns-over-quic=enabled \
+%else
+  -Dquiche=disabled \
+  -Ddns-over-http3=disabled \
+  -Ddns-over-quic=disabled \
+%endif
+%if %{with dnsdist_re2}
+  -Dre2=enabled \
+%else
+  -Dre2=disabled \
+%endif
+%if %{with dnsdist_xdp}
+  -Dxsk=enabled \
+%else
+  -Dxsk=disabled \
+%endif
+  -Debpf=enabled \
+%if %{with dnsdist_yaml_config}
+  -Dyaml=enabled \
+%else
+  -Dyaml=disabled \
+%endif
+  -Dman-pages=true \
+%nil
 
-%make_build
+%meson_build
 %sysusers_generate_pre %{SOURCE10} %{name}
 
 %install
-%make_install
+%meson_install
 #
 %if 0%{?suse_version}
   ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
@@ -140,6 +190,18 @@ install -m 0640 %{SOURCE11} %{buildroot}%{_sysconfdir}/%{name}/dnsdist.conf
 
 install -D -m 0644 %{SOURCE10} %{buildroot}%{_sysusersdir}/dnsdist.conf
 
+rm -rv \
+  docs/*.py \
+  docs/manpages \
+  docs/requirements.* \
+  docs/_static \
+  docs/_templates
+find docs -type f -executable -print0 | xargs -r0 chmod -v a-x
+perl -p -i -e 's|\r\n|\n|g ; s|\r|\n|g' docs/reference/logging.rst
+
+%check
+%meson_test
+
 %pre -f %{name}.pre
 %service_add_pre %{name}.service %{name}@.service
 
@@ -154,6 +216,8 @@ install -D -m 0644 %{SOURCE10} %{buildroot}%{_sysusersdir}/dnsdist.conf
 
 %files
 %doc README.md
+%license COPYING
+%doc docs/
 %{_sbindir}/dnsdist
 %{_mandir}/man1/dnsdist.1%{?ext_man}
 %{_unitdir}/%{name}*.service

usr.sbin.dnsdist

@@ -1,6 +1,6 @@
 #include <tunables/global>
 
-/usr/sbin/dnsdist {
+profile dnsdist /usr/sbin/dnsdist {
   #include <abstractions/base>
   #include <abstractions/nameservice>
 

vendor.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7488e879f3e429ce18f1ba1a491b5fb389ef28f0d811d919c40fc6d1896f42f6
+size 6655488