Due to the FreeNAS build system being very....simplistic
the deps weren't needed in the port there, however to
work properly in FreeBSD they of course are needed.
Noticed by: swills
Pointyhat to: jpaetzel
a zeising, kwm production, with help from dumbbell, bdrewery:
NEW XORG ON FREEBSD 9-STABLE AND 10-STABLE
This update switches over to use the new xorg stack by default on FreeBSD 9
and 10 stable, on osversions where vt(9) is available.
It is still possible to use the old stack by specifying WITHOUT_NEW_XORG in
/etc/make.conf .
FreeBSD 8-STABLE and released versions of FreeBSD still use
the old version.
A package repository with binary packages for new xorg will
be available soon.
This patch also contains updates of libxcb and related ports, pixman, as well
as some drivers and utilities.
Bump portrevisions for xf86-* ports, as well as virtualbox-ose-additions due
to xserver version change.
Apart from these updates, the way shared libraries are handled has been
changed for all xorg ports, as well as libxml2 and freetype, which means
ltverhack is gone and as a consequence shared libraries have been bumped.
The plan is that this change will make library bumps less likely in the
future.
All affected ports have had their portrevisions bumped as a consequence of
this.
Fix some issues where WITH_NEW_XORG weren't detected properly on CURRENT.
Update instructions, hardware support, and more notes can be found on
https://wiki.freebsd.org/Graphics
Thanks to: all testers, bdrewery and the FreeBSD x11@ team
exp-run by: bdrewery [1]
PR: ports/187602 [1]
Approved by: portmgr (bdrewery), core (jhb)
BIND 9.10 includes a number of changes from earlier releases, including:
- DNS Response-rate limiting (DNS RRL)
- A new "prefetch" option can improve recursive resolver performance
- ACLs can now be specified based on geographic location using the
MaxMind GeoIP databases.
- A new compile-time option, NATIVE_PKCS11 allows the BIND 9
cryptography functions to use the PKCS#11 API natively.
*NOTE*
This is a release candidate, it may contain bugs.
*NOTE*
Changes: https://lists.isc.org/pipermail/bind-announce/2014-April/000906.html
Sponsored by: Absolight
STAGEDIR. The auto_home.c/auto_qmail.c (depending on which conf- file is
used) must be deleted to or else this might not be executed depending on
how quickly build and pre-install run:
./auto-str auto_home `sed 1q conf-home` > auto_home.c
- Move STAGEDIR fixing to post-build with a message explaining the rebuild.
- Bump PORTREVISION as pkg_install packages may have been built without some
files.
Git shortlog between 2.69 rc1 and rc2:
Simon Kelley (7):
Add dnssec-check-unsigned to example config file.
Reorder sanity checks on UDP packet reception, to cope with failed recvfro
SERVFAIL is an expected error return, don't try all servers.
Terminate DS-search when reaching the root via cache entries.
Cache stats availble in CHAOS .bind domain.
Ensure ->sentto is valid for DNSSEC forwards. Otherwise retries SEGV.
Add --dnssec-no-timecheck
Tomas Hozza (2):
Memory leak in error path.
Handle failure of hash_questions()
Wang Jian (1):
Log IPSET actions.
Git shortlog since test release #9:
Speeling.
Strip DNSSEC RRs when query doesn't have DO bit set.
Return INSECURE when validation fails with proved non-existent DS.
Negative caching for DS records.
Check that unsigned replies come from unsigned zones if --dnssec-check-uns
Tidy.
Fix off-by-one overwrite.
Don't free blockdata for negative DS cache entries.
Handle replies with no answers and no NS in validate_reply.
Tweak tuning params.
Don't cache secure replies which we've messsed with.
Mass edit of INSECURE->BOGUS returns for server failure/bad input.
Can have local DS records (trust anchors).
2014-03-10 deskutils/libopensync-plugin-synce: No more public distfiles
2014-03-10 irc/irchat-pj-xemacs21-mule: No more public distfiles
2014-03-10 irc/pure-xemacs21-mule: No more public distfiles
2014-03-10 lang/dice: No more public distfiles
2014-03-10 irc/dcc: No more public distfiles
2014-03-10 sysutils/backupme: No more public distfiles
2014-03-10 net/freeswitch-curl-devel: No more public distfiles
2014-03-10 misc/freeswitch-pizzademo-devel: No more public distfiles
2014-03-10 emulators/cygne-sdl: No more public distfiles
2014-03-10 mail/newmail: No more public distfiles
2014-03-10 x11-toolkits/xscoop: No more public distfiles
2014-03-10 security/didentd: No more public distfiles
2014-03-10 sysutils/wait_on: No more public distfiles
2014-03-10 net/freeswitch-sbc-devel: No more public distfiles
2014-03-10 multimedia/gxanim: No more public distfiles
2014-03-10 www/nd: No more public distfiles
2014-03-10 lang/fbbi: No more public distfiles
2014-03-10 textproc/csv2xml: No more public distfiles
2014-03-10 www/trac-calendar: No more public distfiles
2014-03-10 misc/stan: No more public distfiles
2014-03-10 japanese/gtkicq: No more public distfiles
2014-03-10 net/nc6: No more public distfiles
2014-03-10 net/jpcap: No more public distfiles
2014-03-10 games/quake-extras: No more public distfiles
2014-03-10 net/asfrecorder: No more public distfiles
2014-03-10 sysutils/pyrenamer: No more public distfiles
2014-03-10 palm/synce-sync-engine: No more public distfiles
2014-03-10 www/linux-mplayer-plugin: No more public distfiles
2014-03-10 net-mgmt/airport: No more public distfiles
2014-03-10 textproc/manued.el: No more public distfiles
2014-03-10 sysutils/jailer: No more public distfiles
2014-03-10 sysutils/blimitd: No more public distfiles
2014-03-10 print/abntex: No more public distfiles
2014-03-10 sysutils/monkeytail: No more public distfiles
2014-03-10 dns/dns_mre: No more public distfiles
2014-03-10 japanese/libjcode: No more public distfiles
2014-03-10 sysutils/jailutils: No more public distfiles
2014-03-10 net/freeswitch-vanilla-devel: No more public distfiles
2014-03-10 sysutils/hdup: No more public distfiles
2014-03-10 print/cups-smb-backend: No more public distfiles
2014-03-10 x11/settitle: No more public distfiles
2014-03-10 sysutils/anteater: No more public distfiles
2014-03-10 www/trac-pendingticket: No more public distfiles
2014-03-10 www/admuser: No more public distfiles
2014-03-10 x11-themes/gnome-icons-snowish: No more public distfiles
2014-03-10 www/metacafe_dl: No more public distfiles
2014-03-10 irc/irchat-pj-emacs21: No more public distfiles
2014-03-10 www/horde3-wicked: No more public distfiles
2014-03-10 java/drexelsnmp: No more public distfiles
2014-03-10 mail/sigit: No more public distfiles
2014-03-10 misc/freeswitch-scripts-devel: No more public distfiles
2014-03-10 www/vtiger-customerportal: No more public distfiles
2014-03-10 irc/pure-emacs21: No more public distfiles
2014-03-10 www/extsm: No more public distfiles
2014-03-10 misc/cwish: No more public distfiles
2014-03-10 www/phpscheduleit: No more public distfiles
2014-03-10 palm/synce-serial: No more public distfiles
2014-03-10 palm/synce-vdccm: No more public distfiles
2014-03-10 net/freeswitch-insideout-devel: No more public distfiles
2014-03-10 sysutils/fusefs-fur: No more public distfiles
2014-03-10 mail/clamfilter: No more public distfiles
2014-03-10 textproc/cost: No more public distfiles
2014-03-10 palm/synce-gvfs: No more public distfiles
2014-03-10 net/nxserver: No more public distfiles
2014-03-10 sysutils/throttle: No more public distfiles
2014-03-10 japanese/aterm: No more public distfiles
2014-03-10 mail/teapop: No more public distfiles
2014-03-10 www/eldav.el: No more public distfiles
2014-03-10 graphics/gsnapshot: No more public distfiles
2014-03-10 japanese/zangband: No more public distfiles
2014-03-10 audio/xmms-wma: No more public distfiles
2014-03-10 misc/projectionlib: No more public distfiles
2014-03-07 deskutils/phprojekt: No more public distfiles
2014-03-07 deskutils/libopensync-plugin-synce-legacy: No more public distfiles
2014-03-07 dns/skadns: No more public distfiles
2014-03-07 sysutils/gkrellmwho2: No more public distfiles
2014-03-07 audio/xmms-musepack: No more public distfiles
2014-03-07 archivers/bzip: No more public distfiles
2014-03-07 devel/cvsstat: No more public distfiles
2014-03-07 graphics/enfle: No more public distfiles
2014-03-07 audio/oggsplit: No more public distfiles
2014-03-07 devel/picasm: No more public distfiles
2014-03-07 databases/mysql-udf-preg: No more public distfiles
2014-03-07 devel/py-gitpython: No more public distfiles
2014-03-07 net/mars_nwe: No more public distfiles
2014-03-07 audio/fmio: No more public distfiles
Actual maintainer bounces:
<freebsd@isc.org>: host mx-out.isc.org[149.20.64.53] said: 554 5.4.0 Error: too
many hops (in reply to end of DATA command)
Sponsored by: Absolight
- update to 2.3
while here:
- use modern LIB_DEPENDS notation
- limit python version to 2.x branch, because shared extension fails to build with py33
- some tab twiddling
- tab->space change in pkg-descr:WWW
PR: 187248
Submitted by: Rafal Lesniak <fbsd@grid.einherjar.de> (maintainer)
- Fix build with custom LOCALBASE/PREFIX
- Add ability to specify flags to unbound-anchor via unbound_anchorflags in rc.conf (useful for when /etc/resolv.conf only contains 127.0.0.1)
- Bump PORTREVISION
PR: ports/187239
Submitted by: zi@
Approved by: sem@ (maintainer)
getdns is a modern asynchronous DNS API.
It implements DNS entry points from a design developed and vetted by application
developers, in an API specification edited by Paul Hoffman. With the development
of this API, we intend to offer application developers a modernized and flexible
way to access DNS security (DNSSEC) and other powerful new DNS features;
a particular hope is to inspire application developers towards innovative
security solutions in their applications.
WWW: http://getdnsapi.net/
list of domains (similar to Net::Patricia but for FQDNs).
WWW: http://search.cpan.org/dist/Net-DNS-Match/
PR: ports/187098
Submitted by: Paul Schmehl <pauls@utdallas.edu>
Fix all the -conf binary trying to look in the stage directory, by
enforcing make prog as a build target so they are built during the 'build'
phase and not the install phase and thus get right prefix and not the staged one
Relevant excerpt from git shortlog between test8 and test9:
Add RFC-6605 ECDSA DNSSEC verification.
Don't mess with the TTL of DNSSEC RRs.
No CD in forwarded queries unless dnssec-debug for TCP too.
Log BOGUS validation result when upstream sends SERVFAIL.
--rev-server option. Syntactic sugar for PTR queries.
Omit ECC from DNSSEC if nettle library is old.
Add --servers-file option.
NSEC3 validation. First pass.
Check signer name in RRSIGs.
An NSEC record cannot attest to its own non-existance!
The www.nihn.org master site seems to be gone forever.
The solution to unbreak this port to upgrade to version 3.x, available at:
http://ldapdns.sourceforge.net
Port was reset to facilitate somebody else performing the update.
Sylvio has been MIA for more than a year now.
- remove PKG-INSTALL from post-install (not used with staging)
- move pkg-install and pkg-deinstall into pkg-plist
Approved by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer, per PM)
This directory contains a Python module that implements a DNS (Domain
Name Server) client, plus additional modules that define some symbolic
constants used by DNS (dnstype, dnsclass, dnsopcode).
WWW: http://pydns.sourceforge.net/
WWW: https://launchpad.net/py3dns
- Convert LIB_DEPENDS to new format [1]
- Remove leading article from COMMENT
- Switch to options helpers
- Conditional installation of docs is not needed with stage
- Don't show pkg-message twice
PR: ports/186693 [1]
Submitted by: Denis Generalov <gd.workbox@gmail.com>
Approved by: maintainer
After contacting the author, he updated the snapshot to the latest,
remove 7M worth of dead files and adding a man page. I made some
corrections to that man page and converted it to mdoc tags.
- Define EXAMPLES
- Don't install license file but define LICENSE
- also don't install THANKS file as documentation
- Add an additional mirror
- Indent
- Now that this port looks shiny clean take maintainership
GNATMake was used to clean up the WRKSRC after extraction, but the
problem is that it's not present at that point on a clean build; it
comes in later as a build dependency. Rather than a messy definition
of extract-depends, just remove the files manually without gnatmake.
IRONSIDES is an authoritative DNS server that is provably invulnerable to
many of the problems that plague other servers. It achieves this property
through the use of formal methods in its design, in particular the language
Ada and the SPARK formal methods tool set. Code validated in this way is
provably exception-free, contains no data flow errors, and terminates only
in the ways that its programmers explicitly say that it can. These are very
desirable properties from a computer security perspective.
IRONSIDES is not a complete implementation of DNS. In particular, it does
not support zone transfers or recursive queries. It does, however, support
a sufficient number of DNS records to be useful as an authoritative DNS
server for an enterprise.
Build the port as if it didn't support stage,
Just before installing, rebuild the install and instcheck binaries with a different prefix including the destdir prefix
To avoid everything to be rebuilt again becore conf-home has changed save the original files before building
install and instcheck with the new prefix and restore the file again before the do-install target is run
This is the trick used in debian
Obtained from: debian
ee41586 Use DS records as trust anchors, not DNSKEYs.
83349b8 Further tidying of AD and DO bit handling.
7fa836e Handle validation when more one key is needed.
1633e30 Fix Byte-order botch: broke DNSSEC on big-endian platforms.
c8ca33f Fix DNSSEC caching problems: incomplete RRSIG RRsets.
e243c07 AD bit in queries handled as RFC6840 p5.7
Added STAGING support
Added LICENSE (NSD3CLAUSE) statement
Other small changes to make portlint more happy
PR: 186631
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
OPTIONS_DEFINE. This policy has been implemented only recently that's why we
have many ports violating this policy.
This patch adds the default options specified in the Porter's Handbook to
OPTIONS_DEFINE where they are being used. Ports maintained by
gnome@FreeBSD.org, kde@FreeBSD.org and x11@FreeBSD.org have been excluded.
Approved by: portmgr (bapt)
- Add notice that support for nsd3 will stop in the future
FEATURES:
- Support for CAA RR type (RFC6844).
- EUI48 and EUI64 RR types (RFC7043) enabled by default.
BUG FIXES:
- Bugfix #509: USE_ZONE_STATS used initialised memory for statistics data.
- Bugfix #510: USE_ZONE_STATS use a different zone stats file per process.
- Bugfix #542: Match RRSIG TTL with SOA TTL in negative response.
PR: ports/186307
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
- Cleanup rc script
FEATURES:
- recognizes ip-address and interface as synonyms for convenience.
- Support for EUI48 and EUI64 RR types enabled by default (RFC 7043).
- Support for CAA RRtype (RFC 6844).
- NSID can be set with "ascii_somestring" in ascii.
BUG FIXES:
- Fix xfrd when zone transfer TCP contains zero length packets.
- Fix for NSEC3 zones where parent zone is co-hosted, also NSEC3,
because AXFRs overwrote nsec3 administration in the child zone.
- Fix that bad IXFR updates do not result in double SOA records,
and that an AXFR is started (attempted) when the zone state seems
to be inconsistent with the master's zone state.
- Log ip address for sendto and sendmmsg failures.
- Fix segfaults after read of zones with rr type WKS from zonefile.
- Seed PRNG for openssl at start of daemon, fixes SSL connection issue.
- Bugfix #534: IXFR query loop over UDP for zones that are unchanged.
- (same as in 3.2.16): fix wildcard cname to nxdomain repeated rrset.
- (same as in 3.2.16): Bugfix #542: Match RRSIG TTL with SOA TTL in
negative response.
- Check if configure in srcdir collides with outofdir build.
- Fix#546: output format errors in nsd_munin_ (Thanks Tom Hendrikx).
- Fix printout of high-chars in TXT on NetBSD.
PR: ports/186308
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Note the +AD flag may now be missing on the first response for a given domain,
re-querying within the cache TTL would deliver it. Bug has been reported.
while here
- Add stage support
- Remove the indefinite article from COMMENT
- Convert LICENSE from BSD to BSD3CLAUSE
- Convert USE_GMAKE to USES
PR: ports/185787
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
20140130 multimedia/kino: Not developed since 2009, declared dead 05.08.2013 on there website.
2014-01-31 x11-drivers/xf86-video-imstt: Broken, unsupported and unmaintained upstream.
2014-01-31 x11-drivers/xf86-video-via: Broken, not supported upstream.
2014-01-31 multimedia/vdr-plugin-softdevice: Broken after ffmpeg update (not sure it ever worked)
2014-01-31 sysutils/mbmon: Use sysutils/xmbmon instead. This port will be removed soon
2014-01-31 dns/bind96: EOL in January 2014, consider moving to Bind 9.8 or 9.9
2014-01-31 x11-drivers/xf86-video-nouveau: Not supported, missing kernel support. use the nvidia driver.
- Add some experimental backends
while here
- Convert USE_LUA to USES
PR: ports/185824
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
- Add some experimental backends
while here
- Convert USE_LUA to USES
PR: ports/185824
Submitted by: Ralf van der Enden <tremere@cainites.net> (maintainer)
