Git shortlog since release candidate #4:
Moshe Levi (1):
Check IP address command line arg in dhcp_release.c
Simon Kelley (7):
Fix crash in auth code with odd configuration.
Auth: correct replies to NS and SOA in .arpa zones.
Note CVE-2015-3294
Log domain when reporting DNSSEC validation failure.
Revert 61b838dd574c51d96fef100285a0d225824534f9 and just quieten log inste
Handle domain names with '.' or /000 within labels.
Tweaks to previous, DNS label charset commit.
Stefan Tomanek (1):
Fix (srk induced) crash in new tftp_no_fail code.
- Add --localstatedir=/var to _LATE_CONFIGURE_ARGS (like --mandir) but not
when CONFIGURE_ARGS already sets it. (GNU configure scripts set it to
PREFIX/var when PREFIX != /usr.)
- Add --localstatedir="${PREFIX}/var" to CONFIGURE_ARGS in some ports so
they aren't affected by this change (for now at least). This commit is
meant to ensure that new ports don't make the same mistake.
- games/acm: the configure script in this port is very old; instead of
patching it more, just replace GNU_CONFIGURE with HAS_CONFIGURE.
- irc/charybdis: it already used /var but adding --localstatedir=/var
changed the behaviour of the configure script; adjust the port to this.
PR: 199506
Exp-run by: antoine
Approved by: portmgr (antoine)
AnyEvent::CacheDNS provides a very simple DNS resolver that caches its results
and can improve the connection times to remote hosts.
WWW: http://search.cpan.org/dist/AnyEvent-CacheDNS/
- Move bison(1) from BUILD_DEPENDS to USES
- Register CONFLICTS with knot-devel-1.*
- Enable compiler messages in batch (package building) mode
- Add new options (DNSTAP, GOST, LMDB)
- Rename IDNA option to our standard (shared) IDN
- Allow to build against `security/libressl' as OPENSSL_PORT
- Switch to using @sample keyword for knot.sample.conf
- Sort pkg-plist and reformat pkg-descr while I'm at it
- Update files/pkg-message.in to include instructions for both new
and legacy rc systems (e.g. FreeBSD 8.4 has service(8), but no
sysrc(8) utility)
PR: 199298
Submitted by: maintainer
Resolves checksum trouble.
Git shortlog between rc#3 and rc#4:
Simon Kelley (4):
Return INSECURE, rather than BOGUS when DS proved not to exist.
Fix compiler warning when not including DNSSEC.
Fix crash caused by looking up servers.bind when many servers defined.
Fix crash on receipt of certain malformed DNS requests.
Stefan Tomanek (2):
add --tftp-no-fail to ignore missing tftp root
Convert to use MASTER_SIGHTS_FARSIGHT.
Differential Revision: https://reviews.freebsd.org/D2235
Approved by: mat (mentor)
Sponsored by: Farsight Security, Inc.
Python bindings for the dnstable library
Differential Revision: https://reviews.freebsd.org/D2231
Approved by: mat (mentor)
Sponsored by: Farsight Security, Inc.
dnstable implements an encoding format for passive DNS data. It
consists of a C library, libdnstable, and several command line
utilities for creating, querying, and merging dnstable data files.
It stores key-value records in Sorted String Table (SSTable) files
and provides high-level interfaces for querying or iterating over
the stored records. dnstable encodes individual records using a
format tailored for efficiently storing passive DNS data and can
quickly perform both "forward" and "inverse" searches.
Differential Revision: https://reviews.freebsd.org/D2214
Approved by: mat (mentor)
Sponsored by: Farsight Security, Inc.
For example (${OSVERSION} >= 900000 && ${OSVERSION} < 900021) is always true,
as is (${OSVERSION} > 900002 || ${OSVERSION} < 900000 && ${OSVERSION} > 800107).
Regarding patches, when an EXTRA_PATCHES is no longer needed, I remove it, when
it is always needed, I renamed it, in one case, I merged two patches.
Differential Revision: https://reviews.freebsd.org/D2209
This is pywdns, a Python extension module implemented in Cython
for the wdns C library.
Differential Revision: https://reviews.freebsd.org/D2200
Approved by: mat (mentor)
Sponsored by: Farsight Security, Inc.
Changes since rc1 (git shortlog):
+ Don't fail DNSSEC when a signed CNAME dangles into an unsigned zone.
+ Return SERVFAIL when validation abandoned.
+ Protect against broken DNSSEC upstreams.
+ DNSSEC fix for non-ascii characters in labels.
+ Allow control characters in names in the cache, handle when logging.
Changes from previous 2.73test6 (taken from CHANGELOG's Git repo):
Don't reply to DHCPv6 SOLICIT messages if we're not
configured to do stateful DHCPv6. Thanks to Win King Wan
for the patch.
Fix broken DNSSEC validation of ECDSA signatures.
Add --dnssec-timestamp option, which provides an automatic
way to detect when the system time becomes valid after boot
on systems without an RTC, whilst allowing DNS queries before the
clock is valid so that NTP can run. Thanks to
Kevin Darbyshire-Bryant for developing this idea.
Categories: archivers, dns, french, japanese, news, port-mgmt, x11-wm
The sysutils port was setting configure argument, so the text wasn't
removed but the value of PTHREAD_LIBS was changed.
approved by: PTHREAD blanket
include GH_PROJECT/GH_ACCOUNT/GH_TAGNAME. This prevents the distfile
having the same name despite changing one of these values and causing
a bad checksum.
Differential Revision: https://reviews.freebsd.org/D2103
Reviewed by: mat
With hat: bdrewery
conflict with the old scheme and cause a "reroll" or "invalid checksums". This
also avoids clobbering the FreeBSD distcache.
Use a revision in the DISTNAME for USE_GITHUB in case we need to bump this
again for anything. It's more a hint of how to handle it in the future.
Reported by: mat
Discused with: mat, antoine, swills
With hat: portmgr
Using this new scheme allows only setting the _tag_ or _commit hash_ in
GH_TAGNAME and not having to know the hash for a tag. This scheme will
download a tarball that has a different checksum than before due to a changed
directory name for extraction.
The following MASTER_SITES are provided to retain the old checksum and
directory structure (that require GH_COMMIT):
GH -> GHL
GITHUB -> GITHUB_LEGACY
Differential Revision: https://reviews.freebsd.org/D748
Submitted by: amdmi3
Reviewed by: mat, swills, antoine, bdrewery
With hat: portmgr
