Features
* Support for ILNP RR types: NID, L32, L64, LP (RFC6742).
* RRL, --enable-ratelimit at configure time and config options.
* TSIG initialization only fails when there is no digest found at all.
Bugfixes
* Bugfix #478: Declaration after statement (for gcc 2.95).
* Bugfix #483: Better error message in case of TSIG error.
* Bugfix #485: TTL should not be greater than 2^31 - 1.
* Fix RCODE when CNAME loop final answer does not exist,
should return NXDOMAIN as stated by RFC 6604.
* Fix --disable-full-prehash bug, where after multiple incoming IXFRs,
NSEC3 can be removed unjustified.
PR: 175837
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
- Trim header
Changes:
* Bugfixes
* New Feature: Use of writev, to improve TCP response time
PR: ports/173261
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Feature safe: yes
BUG FIXES:
- Fix for VU#624931 CVE-2012-2978: NSD denial of service
vulnerability from non-standard DNS packet from any host
on the internet.
PR: ports/170001
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Security: CVE-2012-2978
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().
In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
Bugfixes:
Do setusercontext before chroot, otherwise login.conf etc. are required inside chroot.
Bugfix #216: Fix leak of compressiontable when the domain table increases in size.
Bugfix #348: Don't include header/library path if OpenSSL is in /usr.
Bugfix #350: Refused notifies should log client ip.
Bugfix #352: Fix hard coded paths in man pages.
Bugfix #354: The realclean target deletes a bit too much.
Bugfix #357, make xfrd quit with many zones.
Bugfix #362: outgoing-interface and v4 vs. v6 leads to spurious warning messages.
Bugfix #363: nsd-checkconf -v does not print outgoing-interface ok.
Bugfix: nsd-checkconf -o outgoing-interface omits NOKEY.
Undo Bugfix #235: Don't skip dname compression, messes up packets that do need compression.
PR: ports/155785
Submitted by: Jaap Akkerhuis <jaap _at_ nlnetlabs.nl> (maintainer)
- support reload command
- use nsdc cli has command and let it perform the actual start,stop,... of the daemon
- at start check if the database exists if not built it (this prevent the daemon to fail at starting)
- remove the now userless sleep in stop command
bump portrevision
PR: ports/152331
Submitted by: Philippe Pepiot <phil _at_ philpep.org>
Approved by: Jaap Akkerhuis <jaap _at_ NLnetLabs.nl> (maintainer)
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.
To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.
To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.
Changes to Mk/*:
- Add runtime detection magic in bsd.port.mk
- Remove CONFIGURE_TARGET hack in various bsd.*.mk
- USE_GNOME=gnometarget is now an no-op
Changes to individual ports, other than removing the CONFIGURE_TARGET hack:
= pkg-plist changed (due to the ugly CONFIGURE_TARGET prefix in * executables)
- comms/gnuradio
- science/abinit
- science/elmer-fem
- science/elmer-matc
- science/elmer-meshgen2d
- science/elmerfront
- science/elmerpost
= use x86_64 as ARCH
- devel/g-wrap
= other changes
- print/magicfilter
GNU_CONFIGURE -> HAS_CONFIGURE since it's not generated by autoconf
Total # of ports modified: 1,027
Total # of ports affected: ~7,000 (set GNU_CONFIGURE to yes)
PR: 126524 (obsoletes 52917)
Submitted by: rafan
Tested on: two pointyhat 7-amd64 exp runs (by pav)
Approved by: portmgr (pav)
- Update to 2.2.0
With this release nsd no longer requires named-xfer to be
present on the system.
I also changed the options to a configure script.
Added file(s):
- scripts/configure.nsd
PR: ports/76412
Submitted by: Olafur Osvaldsson <oli@isnic.is>
BUG FIXES:
- Bug #90: handle \000 in TXT records correctly
- Fixed undefined behavior in the use of vsnprintf when
logging messages.
PR: ports/74517
Submitted by: maintainer
