From 30ae792cd00a408a7b1784717fd5b9311554473c Mon Sep 17 00:00:00 2001
From: Johannes Schleifenbaum <johannes@js-webcoding.de>
Date: Tue, 18 Jan 2022 08:58:58 +0100
Subject: [PATCH 1/3] dnsdist: 1.5.2 -> 1.7.0

---
 pkgs/servers/dns/dnsdist/default.nix          | 13 +++++++--
 .../dns/dnsdist/disable-network-tests.patch   | 28 +++++++++++++++++++
 2 files changed, 38 insertions(+), 3 deletions(-)
 create mode 100644 pkgs/servers/dns/dnsdist/disable-network-tests.patch

diff --git a/pkgs/servers/dns/dnsdist/default.nix b/pkgs/servers/dns/dnsdist/default.nix
index 0424880c08e8..a104ec4d9b1c 100644
--- a/pkgs/servers/dns/dnsdist/default.nix
+++ b/pkgs/servers/dns/dnsdist/default.nix
@@ -1,19 +1,26 @@
 { lib, stdenv, fetchurl, pkg-config, systemd
 , boost, libsodium, libedit, re2
 , net-snmp, lua, protobuf, openssl, zlib, h2o
+, nghttp2
 }:
 
 stdenv.mkDerivation rec {
   pname = "dnsdist";
-  version = "1.5.2";
+  version = "1.7.0";
 
   src = fetchurl {
     url = "https://downloads.powerdns.com/releases/dnsdist-${version}.tar.bz2";
-    sha256 = "sha256-K9e1M9Lae7RWY8amLkftDS8Zigd/WNxzDEY7eXNjZ0k=";
+    sha256 = "sha256-eMxyywzPf7Xz8vrgnHntplpSVjdNoJu1Qbc16mho/GQ=";
   };
 
+  patches = [
+    # Disable tests requiring networking:
+    # "Error connecting to new server with address 192.0.2.1:53: connecting socket to 192.0.2.1:53: Network is unreachable"
+    ./disable-network-tests.patch
+  ];
+
   nativeBuildInputs = [ pkg-config protobuf ];
-  buildInputs = [ systemd boost libsodium libedit re2 net-snmp lua openssl zlib h2o ];
+  buildInputs = [ systemd boost libsodium libedit re2 net-snmp lua openssl zlib h2o nghttp2 ];
 
   configureFlags = [
     "--with-libsodium"
diff --git a/pkgs/servers/dns/dnsdist/disable-network-tests.patch b/pkgs/servers/dns/dnsdist/disable-network-tests.patch
new file mode 100644
index 000000000000..fd0fdfbc4eae
--- /dev/null
+++ b/pkgs/servers/dns/dnsdist/disable-network-tests.patch
@@ -0,0 +1,28 @@
+diff --git a/test-dnsdisttcp_cc.cc b/test-dnsdisttcp_cc.cc
+index 1fbb00e..dc04137 100644
+--- a/test-dnsdisttcp_cc.cc
++++ b/test-dnsdisttcp_cc.cc
+@@ -848,6 +848,7 @@ BOOST_AUTO_TEST_CASE(test_IncomingConnectionWithProxyProtocol_SelfAnswered)
+ 
+ BOOST_AUTO_TEST_CASE(test_IncomingConnection_BackendNoOOOR)
+ {
++  return;
+   auto local = getBackendAddress("1", 80);
+   ClientState localCS(local, true, false, false, "", {});
+   auto tlsCtx = std::make_shared<MockupTLSCtx>();
+@@ -1711,6 +1712,7 @@ BOOST_AUTO_TEST_CASE(test_IncomingConnection_BackendNoOOOR)
+ 
+ BOOST_AUTO_TEST_CASE(test_IncomingConnectionOOOR_BackendOOOR)
+ {
++  return;
+   auto local = getBackendAddress("1", 80);
+   ClientState localCS(local, true, false, false, "", {});
+   /* enable out-of-order on the front side */
+@@ -3677,6 +3679,7 @@ BOOST_AUTO_TEST_CASE(test_IncomingConnectionOOOR_BackendOOOR)
+ 
+ BOOST_AUTO_TEST_CASE(test_IncomingConnectionOOOR_BackendNotOOOR)
+ {
++  return;
+   auto local = getBackendAddress("1", 80);
+   ClientState localCS(local, true, false, false, "", {});
+   /* enable out-of-order on the front side */

From 612ad7776a4d84cc2b1a966afb7cc93dc5d11f92 Mon Sep 17 00:00:00 2001
From: Johannes Schleifenbaum <johannes@js-webcoding.de>
Date: Tue, 18 Jan 2022 08:59:57 +0100
Subject: [PATCH 2/3] nixos/dnsdist: add test

---
 nixos/tests/all-tests.nix            |  1 +
 nixos/tests/dnsdist.nix              | 48 ++++++++++++++++++++++++++++
 pkgs/servers/dns/dnsdist/default.nix |  6 +++-
 3 files changed, 54 insertions(+), 1 deletion(-)
 create mode 100644 nixos/tests/dnsdist.nix

diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix
index 2bc34d6fd786..5fc390bcc2a7 100644
--- a/nixos/tests/all-tests.nix
+++ b/nixos/tests/all-tests.nix
@@ -104,6 +104,7 @@ in
   discourse = handleTest ./discourse.nix {};
   dnscrypt-proxy2 = handleTestOn ["x86_64-linux"] ./dnscrypt-proxy2.nix {};
   dnscrypt-wrapper = handleTestOn ["x86_64-linux"] ./dnscrypt-wrapper {};
+  dnsdist = handleTest ./dnsdist.nix {};
   doas = handleTest ./doas.nix {};
   docker = handleTestOn ["x86_64-linux"] ./docker.nix {};
   docker-rootless = handleTestOn ["x86_64-linux"] ./docker-rootless.nix {};
diff --git a/nixos/tests/dnsdist.nix b/nixos/tests/dnsdist.nix
new file mode 100644
index 000000000000..cfc41c13864e
--- /dev/null
+++ b/nixos/tests/dnsdist.nix
@@ -0,0 +1,48 @@
+import ./make-test-python.nix (
+  { pkgs, ... }: {
+    name = "dnsdist";
+    meta = with pkgs.lib; {
+      maintainers = with maintainers; [ jojosch ];
+    };
+
+    machine = { pkgs, lib, ... }: {
+      services.bind = {
+        enable = true;
+        extraOptions = "empty-zones-enable no;";
+        zones = lib.singleton {
+          name = ".";
+          master = true;
+          file = pkgs.writeText "root.zone" ''
+            $TTL 3600
+            . IN SOA ns.example.org. admin.example.org. ( 1 3h 1h 1w 1d )
+            . IN NS ns.example.org.
+
+            ns.example.org. IN A    192.168.0.1
+            ns.example.org. IN AAAA abcd::1
+
+            1.0.168.192.in-addr.arpa IN PTR ns.example.org.
+          '';
+        };
+      };
+      services.dnsdist = {
+        enable = true;
+        listenPort = 5353;
+        extraConfig = ''
+          newServer({address="127.0.0.1:53", name="local-bind"})
+        '';
+      };
+
+      environment.systemPackages = with pkgs; [ dig ];
+    };
+
+    testScript = ''
+      machine.wait_for_unit("bind.service")
+      machine.wait_for_open_port(53)
+      machine.succeed("dig @127.0.0.1 +short -x 192.168.0.1 | grep -qF ns.example.org")
+
+      machine.wait_for_unit("dnsdist.service")
+      machine.wait_for_open_port(5353)
+      machine.succeed("dig @127.0.0.1 -p 5353 +short -x 192.168.0.1 | grep -qF ns.example.org")
+    '';
+  }
+)
diff --git a/pkgs/servers/dns/dnsdist/default.nix b/pkgs/servers/dns/dnsdist/default.nix
index a104ec4d9b1c..f78a9d7b92c3 100644
--- a/pkgs/servers/dns/dnsdist/default.nix
+++ b/pkgs/servers/dns/dnsdist/default.nix
@@ -1,7 +1,7 @@
 { lib, stdenv, fetchurl, pkg-config, systemd
 , boost, libsodium, libedit, re2
 , net-snmp, lua, protobuf, openssl, zlib, h2o
-, nghttp2
+, nghttp2, nixosTests
 }:
 
 stdenv.mkDerivation rec {
@@ -39,6 +39,10 @@ stdenv.mkDerivation rec {
 
   enableParallelBuilding = true;
 
+  passthru.tests = {
+    inherit (nixosTests) dnsdist;
+  };
+
   meta = with lib; {
     description = "DNS Loadbalancer";
     homepage = "https://dnsdist.org";

From 9dfed5c9aafe292cdaea1147c923c106bbb6273b Mon Sep 17 00:00:00 2001
From: Johannes Schleifenbaum <johannes@js-webcoding.de>
Date: Tue, 18 Jan 2022 09:03:25 +0100
Subject: [PATCH 3/3] dnsdist: adopt

---
 pkgs/servers/dns/dnsdist/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkgs/servers/dns/dnsdist/default.nix b/pkgs/servers/dns/dnsdist/default.nix
index f78a9d7b92c3..3188533dadc5 100644
--- a/pkgs/servers/dns/dnsdist/default.nix
+++ b/pkgs/servers/dns/dnsdist/default.nix
@@ -47,6 +47,6 @@ stdenv.mkDerivation rec {
     description = "DNS Loadbalancer";
     homepage = "https://dnsdist.org";
     license = licenses.gpl2;
-    maintainers = with maintainers; [ SuperSandro2000 ];
+    maintainers = with maintainers; [ jojosch ];
   };
 }