Git shortlog:
Johnny S. Lee (1):
Make get-version work when repo is a git submodule.
Simon Kelley (2):
Logs in DHCPv6 not suppressed by dhcp6-quiet.
Fix argument-order botch which broke DNSSEC for TCP queries.
- Remove an extra blankline from dns/powerdns/distinfo
PR: 199720
Submitted by: Ralf van der Enden
Approved by: bdrewery (mentor)
MFH: 2105Q1
Security: 64e6006e-f009-11e4-98c6-000c292ee6b8
Git shortlog since release candidate #4:
Moshe Levi (1):
Check IP address command line arg in dhcp_release.c
Simon Kelley (7):
Fix crash in auth code with odd configuration.
Auth: correct replies to NS and SOA in .arpa zones.
Note CVE-2015-3294
Log domain when reporting DNSSEC validation failure.
Revert 61b838dd574c51d96fef100285a0d225824534f9 and just quieten log inste
Handle domain names with '.' or /000 within labels.
Tweaks to previous, DNS label charset commit.
Stefan Tomanek (1):
Fix (srk induced) crash in new tftp_no_fail code.
- Add --localstatedir=/var to _LATE_CONFIGURE_ARGS (like --mandir) but not
when CONFIGURE_ARGS already sets it. (GNU configure scripts set it to
PREFIX/var when PREFIX != /usr.)
- Add --localstatedir="${PREFIX}/var" to CONFIGURE_ARGS in some ports so
they aren't affected by this change (for now at least). This commit is
meant to ensure that new ports don't make the same mistake.
- games/acm: the configure script in this port is very old; instead of
patching it more, just replace GNU_CONFIGURE with HAS_CONFIGURE.
- irc/charybdis: it already used /var but adding --localstatedir=/var
changed the behaviour of the configure script; adjust the port to this.
PR: 199506
Exp-run by: antoine
Approved by: portmgr (antoine)
AnyEvent::CacheDNS provides a very simple DNS resolver that caches its results
and can improve the connection times to remote hosts.
WWW: http://search.cpan.org/dist/AnyEvent-CacheDNS/
- Move bison(1) from BUILD_DEPENDS to USES
- Register CONFLICTS with knot-devel-1.*
- Enable compiler messages in batch (package building) mode
- Add new options (DNSTAP, GOST, LMDB)
- Rename IDNA option to our standard (shared) IDN
- Allow to build against `security/libressl' as OPENSSL_PORT
- Switch to using @sample keyword for knot.sample.conf
- Sort pkg-plist and reformat pkg-descr while I'm at it
- Update files/pkg-message.in to include instructions for both new
and legacy rc systems (e.g. FreeBSD 8.4 has service(8), but no
sysrc(8) utility)
PR: 199298
Submitted by: maintainer
Resolves checksum trouble.
Git shortlog between rc#3 and rc#4:
Simon Kelley (4):
Return INSECURE, rather than BOGUS when DS proved not to exist.
Fix compiler warning when not including DNSSEC.
Fix crash caused by looking up servers.bind when many servers defined.
Fix crash on receipt of certain malformed DNS requests.
Stefan Tomanek (2):
add --tftp-no-fail to ignore missing tftp root
Convert to use MASTER_SIGHTS_FARSIGHT.
Differential Revision: https://reviews.freebsd.org/D2235
Approved by: mat (mentor)
Sponsored by: Farsight Security, Inc.
Python bindings for the dnstable library
Differential Revision: https://reviews.freebsd.org/D2231
Approved by: mat (mentor)
Sponsored by: Farsight Security, Inc.
dnstable implements an encoding format for passive DNS data. It
consists of a C library, libdnstable, and several command line
utilities for creating, querying, and merging dnstable data files.
It stores key-value records in Sorted String Table (SSTable) files
and provides high-level interfaces for querying or iterating over
the stored records. dnstable encodes individual records using a
format tailored for efficiently storing passive DNS data and can
quickly perform both "forward" and "inverse" searches.
Differential Revision: https://reviews.freebsd.org/D2214
Approved by: mat (mentor)
Sponsored by: Farsight Security, Inc.
For example (${OSVERSION} >= 900000 && ${OSVERSION} < 900021) is always true,
as is (${OSVERSION} > 900002 || ${OSVERSION} < 900000 && ${OSVERSION} > 800107).
Regarding patches, when an EXTRA_PATCHES is no longer needed, I remove it, when
it is always needed, I renamed it, in one case, I merged two patches.
Differential Revision: https://reviews.freebsd.org/D2209
This is pywdns, a Python extension module implemented in Cython
for the wdns C library.
Differential Revision: https://reviews.freebsd.org/D2200
Approved by: mat (mentor)
Sponsored by: Farsight Security, Inc.
Changes since rc1 (git shortlog):
+ Don't fail DNSSEC when a signed CNAME dangles into an unsigned zone.
+ Return SERVFAIL when validation abandoned.
+ Protect against broken DNSSEC upstreams.
+ DNSSEC fix for non-ascii characters in labels.
+ Allow control characters in names in the cache, handle when logging.
