./net/nsd, Authoritative-only DNS server

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 4.1.26nb1, Package name: nsd-4.1.26nb1, Maintainer: pettai

This is NSD Name Server Daemon (NSD).

NSD is a complete implementation of an authoritative DNS nameserver.
For further information about what NSD is and what NSD is not please
consult the REQUIREMENTS document which is a part of this distribution
(thanks to Olaf).

Required to build:

Package options: inet6

Master sites:

SHA1: 9e81f0dc5118153fbfb29fd056aeb19bbd7da9da
RMD160: 902c19e2b2b12a55724bbf8b4ea813e453ecd301
Filesize: 1101.46 KB

Version history: (Expand)

CVS history: (Expand)

   2019-01-29 15:54:03 by Ryo ONODERA | Files touched by this commit (3) | Package updated
Log message:
Do not conflict with nsd in NetBSD base. Rename rc.d script to nlsnd

   2019-01-17 14:59:37 by Patrick Welche | Files touched by this commit (2) | Package updated
Log message:
Update nsd to 4.1.26

XXX Remove MESSAGE as nsd 4.0.0 came out in October 2013?
XXX Did not add dnstap support to pkg.

29 November 2018: Wouter
       - Tag for 4.1.26rc1.

27 November 2018: Wouter
       - Fix parsezone failure in 4194 fix.

26 November 2018: Wouter
       - Fix to not set GLOB_NOSORT so the nsd.conf include: files are
         sorted and in a predictable order.
       - Added nsd-control changezone.  nsd-control changezone name pattern
         allows the change of a zone pattern option without downtime for
         the zone, in one operation.
       - Fix #3433: document that reconfig does not change per-zone stats.

20 November 2018: Wouter
       - Fix #4205: enable-recvmmsg in mixed IPv4/IPv6 environment fails.
         This sets the msg_hdr.msg_namelen correctly after receipt.

19 November 2018: Wouter
       - Support SO_REUSEPORT_LB in FreeBSD 12 with the reuseport: yes
         option in nsd.conf.
       - Fix #4202: nsd-control delzone incorrect exit code on error.
       - Tab style fix to use tab for 8 spaces, from Xiaobo Liu.

25 October 2018: Wouter
       - Adjust dnstap socket path for chroot.

22 October 2018: Wouter
       - Fix #4194: Zone file parser derailed by non-FQDN names in RHS of
         DNSSEC RRs.
       - Fix some more, neater code and checks for domain length limit.
       - check that the dnstap socket file can be opened and exists, print
         error if not.

4 October 2018: Wouter
       - dnstap work, the dnstap.proto is a copy of the file from Unbound,
         also dnstap.m4 configure include file.
       - dnstap collector: free eventbase and memclean nicer.
       - dnstap collector: send data and read it in collector.
       - dnstap/dnstap.c and .h from Unbound's contribution from
         Farsight Security, added to then adapt it for dnstap logging in NSD.
       - dnstap.c with auth query and auth response, and called from
         the collector.
       - dnstap work, config nsd.conf parse.
       - dnstap example config.

25 September 2018: Wouter
       - NSD 4.1.25 released, trunk has 4.1.26 in development.

18 September 2018: Wouter
       - tag for NSD 4.1.25rc1.

17 September 2018: Wouter
       - Fix #4156: Fix systemd service manager state change notification

14 September 2018: Wouter
       - Remove unused if clause during server service startup.

13 September 2018: Wouter
       - Fix typo in clang analysis test.
       - Annotate exit functions with noreturn.
       - nsd-control prints neater errors for file failures.

12 September 2018: Wouter
       - clang analysis test.

11 September 2018: Wouter
       - Fix to combine the same error function into one, from Xiaobo Liu.
       - Fix initialisation in remote.c.
       - please clang analyzer and fix parse of IPSECKEY with bad gateway.
       - Fix unit test code for clang analyzer.
       - Fix nsd-checkconf fail on bad zone name.

10 September 2018: Wouter
       - Fix coding style in nsd.c

7 September 2018: Wouter
       - append_trailing_slash has one implementation and is not repeated

4 September 2018: Wouter
       - Fix codingstyle in nsd-checkconf.c in patch from Sharp Liu.

15 August 2018: Wouter
       - Fix use_systemd typo/leftover in remote.c.

13 August 2018: Wouter
       - tag for 4.1.24 release.
       - trunk is 4.1.25 in development.
       - Fix that nsec3 precompile deletion happens before the RRs of
         the zone are deleted.
       - Fix printout of accepted remote control connection for unix sockets.

6 August 2018: Wouter
       - tag for 4.1.24rc1 release.
   2018-09-04 13:24:34 by Patrick Welche | Files touched by this commit (2) | Package updated
Log message:
Update nsd to 4.1.24

        - #4102: control interface via local socket.
          configure it with control-interface: "/path/nsd.ctl"  The path
          has to start with a / to separate it from an IP address.
          The local socket does not use SSL, but unencrypted traffic, use
          file and containing directory permissions to restrict access.
        - configure --enable-systemd (needs pkg-config and libsystemd) can
          be used to then use-systemd: yes in nsd.conf and have readiness
          signalling with systemd.
        - RFC8162 support, for record type SMIMEA.
        - Patch to fix openwrt for mac os build darwin detection in configure.
        - Fix that first control-interface determines if TLS is used.  Warn
          when IP address interfaces are used without TLS.
        - #4106: Fix that stats printed from nsd-control are recast from
          unsigned long to unsigned (remote.c).
        - Fix that type CAA (and URI) in the zone file can contain
          dots when not in quotes.
        - #4133: Fix that when IXFR contains a zone with broken NSEC3PARAM
          chain, NSD leniently attempts to find a working NSEC3PARAM.

        - Fix NSD time sensitive TSIG compare vulnerability.

        - refuse-any sends truncation (+TC) in reply to ANY queries over UDP,
          and allows TCP queries like normal.
        - Use accept4 to speed up answer of TCP queries, on Linux, FreeBSD
          and OpenBSD.
        - Fix nsec3 hash of parent and child co-hosted nsec3 enabled zones.
        - Fix to use same condition for nsec3 hash allocation and free.
   2018-06-10 06:27:03 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 4.1.21

    --enable-memclean cleans up memory for use with memory checkers,
      eg. valgrind.
    refuse-any nsd.conf option that refuses queries of type ANY.
    lower memory usage for tcp connections, so tcp-count can be higher.

Bug Fixes
    Fix unused variable warnings and uninit variable in statistics printout
      from clang analyzer.
    Fix spelling error in xfr-inspect.
    Fix #3562: explain build error when flex missing.
    Fix buffer size warnings from compiler on filename lengths.
    Fix #4093: Release notes not using 2018.
   2018-02-25 05:47:53 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 4.1.20

        - Fix memory leak in zone file read of unknown rr formatted RRs.
        - Fix memory leak when rehashing nsec3 after axfr or zonefile read,
          in the selectively allocated precompiled nsec3 hashes.
   2018-01-01 08:31:54 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 4.1.19

NSD 4.1.19
Dec 11, 2017


  * ignore fallthrough compiler warning in flex EOF rule.
  * Fix warnings emitted by clang for --enable-packed. Alignment is
    not a problem for x86_64, don't enable packed when the platform
    requires aligned access.
  * Fix spelling error in xfr-inspect.
  * Fix 3392: Fix regression in 4.1.18 for notify lists with ip4 and ip6
  * Add test for support of -Wno-address-of-packed-member for --enable-packed.

NSD 4.1.18
Nov 30, 2017

  * xfr-inspect, it is not installed, it prints xfr files from /tmp made
    with 'make xfr-inspect' in the source dir.
  * retry timeout between sending notifies dropped from 15 to 3 sec.
  * NSD sends 16 notifies simultaneously.
  * configure --enable-packed reduces memory usage, at expense of unaligned
    reads. Saves about 17%.
  * Save memory by selectively allocate precompiled nsec3 hashes, saves
    about 16% memory.
  * make ip-transparent option work on OpenBSD.
  * Save about 2% memory by changing usage count size in name tree.
  * Fix #2871: Increase number of sockets for xfrd transfers.


  * Fix gcc 7.1.1 warnings.
  * Fix writev compile warning on FreeBSD.
  * Fix #1446: A corrupted zone file "propagates" to good ones.
  * nsd-control zonestatus prints wait time between attempts, for zones
    that are in that waiting time.
  * Fix collision printout of nsec3 to print name, hash and reverse.
  * Fix #1567: Change crit to err log level for gettimeofday failure.
    Add defines for compile without syslog.
  * Fix crash for DS query when parent and child zones both configured
    in nsd.conf and parent zone has not loaded properly.
   2017-08-22 02:32:18 by Ryo ONODERA | Files touched by this commit (1) | Package updated
Log message:
Define _OPENBSD_SOURCE to build sane binary on NetBSD suggested from joerg@.
Thank you.

   2017-08-22 01:25:23 by Ryo ONODERA | Files touched by this commit (1) | Package updated
Log message:
On NetBSD/amd64 8.0_BETA and 8.99.1 at least, reallocarray(3) in base
causes runtime error and it does not boot at all

* Pass reallocarray as no for NetBSD