./net/powerdns-ldap, LDAP backend module for PowerDNS

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 4.1.0, Package name: powerdns-ldap-4.1.0, Maintainer: pkgsrc-users

The PowerDNS nameserver is a modern, advanced and high performance
authoritative-only nameserver. It is written from scratch and conforms
to all the relevant DNS standards documents. PowerDNS is open source.

The PowerDNS nameserver utilizes a flexible backend architecture that
can access DNS information from any data source. This includes file
formats, BIND zone files, relational databases or LDAP directories.

This packages provides the LDAP backend module.

Required to run:

Required to build:
[devel/boost-libs] [devel/boost-headers] [devel/ragel] [pkgtools/cwrappers]

Master sites:

SHA1: f786d27d60032bf268a63a88c77396e31f6622b1
RMD160: ef033ccb035d24e0d287cd013a9637103a8b3692
Filesize: 1090.728 KB

Version history: (Expand)

CVS history: (Expand)

   2018-01-02 13:18:16 by Filip Hajny | Files touched by this commit (13) | Package updated
Log message:
Update net/powerdns* to 4.1.0.

PowerDNS Authoritative Server 4.1.0

- Improved performance: 400% speedup in some scenarios
- Crypto API: DNSSEC fully configurable via RESTful API
- Improved documentation
- Database related improvements
- Enhanced tooling
- Support for TCP Fast Open
- Support for non-local bind
- Support for Botan 2.x (and removal of support for Botan 1.10)
- Our packages now ship with PKCS #11 support.
- Recursor passthrough removal

Full changelog:

  https://doc.powerdns.com/authoritative/ … g/4.1.html

PowerDNS Authoritative Server 4.0.5

- Fix for missing check on API operations (CVE-2017-15091)
- Bindbackend: do not corrupt data supplied by other backends in
- API: prevent sending nameservers list and zone-level NS in rrsets
- gpgsql: make statement names actually unique
- Fix remotebackend params
- Fix godbc query logging
- For create-slave-zone, actually add all slaves, and not only first n
- Fix a regression in axfr-rectify + test
- When making a netmask from a comboaddress, we neglected to zero the
- Fix libatomic detection on ppc64
- Catch DNSName exception in the Zoneparser
- Publish inactive KSK/CSK as CDNSKEY/CDS
- Handle AFSDB record separately due to record structure.
- Treat requestor's payload size lower than 512 as equal to 512
- Correctly purge entries from the caches after a transfer
- Handle a signing pipe worker dying with work still pending
- Ignore SOA-EDIT for PRESIGNED zones.
- Check return value for all getTSIGKey calls.

- Fix ldap-strict autoptr feature, including a test
- mydnsbackend: Add getAllDomains
- Stubresolver: Use only recursor setting if given
- LuaWrapper: Allow embedded NULs in strings received from Lua
- sdig: Clarify that the ednssubnet option takes "subnet/mask"
- Tests: Ensure all required tools are available
- PowerDNS sdig does not truncate trailing bits of EDNS Client Subnet
- LuaJIT 2.1: Lua fallback functionality no longer uses Lua namespace
- Add support for Botan 2.x
- Ship ldapbackend schema files in tarball
- Collection of schema changes
- Fix typo in two log messages
- Add help text on autodetecting systemd support
- Use a unique pointer for bind backend's d_of
- Fix some of the issues found by @jpmens
   2016-06-03 13:45:34 by Filip Hajny | Files touched by this commit (6) | Package updated
Log message:
Update net/powerdns (and modules) to 3.4.9.

PowerDNS Authoritative Server 3.4.9

This is a minor bugfix and performance release. Two contributions
by Kees Monshouwer make 3.4.9 fully compatible with the new single
key ECDSA default that is coming in version 4.0.0.

Changes since 3.4.8:
- use OpenSSL for ECDSA signing where available (Kees Monshouwer)
- allow common signing key (Kees Monshouwer)
- Add a disable-syslog setting
- fix SOA caching with multiple backends (Kees Monshouwer)
- whitespace-related zone parsing fixes ticket #3568
- bindbackend: fix, set domain in list() (Kees Monshouwer)

PowerDNS Authoritative Server 3.4.8

This is a small bugfix release. Additionally, the deb/RPM packages
on downloads.powerdns.com (those with -static in the name) for
3.4.8 have been built against Botan 1.10.11 instead of Botan
1.10.3 like previous packages. Please see the Botan Security page
for more information on the fixes in Botan 1.10.11. As a PowerDNS
user, these issues only affect you if you ran our -static packages
and allowed your users to upload private keys to your

Changes since 3.4.7:
- Use AC_SEARCH_LIBS (Ruben Kerkhof)
- Check for inet_aton in libresolv (Ruben Kerkhof)
- Remove hardcoded -lresolv, -lnsl and -lsocket (Ruben Kerkhof)
- pdnssec: don't check disabled records (Pieter Lexis)
- pdnssec: check all records (including disabled ones) only in
  verbose mode (Kees Monshouwer)
- traling dot in DNAME content (Kees Monshouwer)
- Fix luabackend compilation on FreeBSD i386 (RvdE)
- silence g++ 6.0 warnings and error (Kees Monshouwer)
- add gcc 5.3 and 6.0 support to boost.m4 (Kees Monshouwer)

PowerDNS Authoritative Server 3.4.7

This is a security release fixing Security Advisory 2015-03

Bug fixes:
- Ignore invalid/empty TKEY and TSIG records (Christian
- Don't reply to truncated queries (Christian Hofstaedtler)
- don't log out-of-zone ents during AXFR in (Kees Monshouwer)
- Prevent XSS by escaping user input. Thanks to Pierre Jaury and
  Damien Cauquil at Sysdream for pointing this out.
- Handle NULL and boolean properly in gPGSql (Aki Tuomi)
- Improve negative caching (Kees Monshouwer)
- Do not divide timeout twice (Aki Tuomi)
- Correctly sort records with a priority.

- Direct query answers and correct zone-rectification in the GeoIP
  backend (Aki Tuomi)
- Use token names to identify PKCS#11 keys (Aki Tuomi)
- Fix typo in an error message (Arjen Zonneveld)
- limit NSEC3 iterations in bindbackend (Kees Monshouwer)
- Initialize minbody (Aki Tuomi)

New features:
- OPENPGPKEY record-type (James Cloos and Kees Monshouwer)
- add global soa-edit settings (Kees Monshouwer)
   2016-03-05 12:29:49 by Jonathan Perkin | Files touched by this commit (1813) | Package updated
Log message:
Bump PKGREVISION for security/openssl ABI bump.
   2015-10-22 21:01:25 by Filip Hajny | Files touched by this commit (6) | Package updated
Log message:
Update powerdns to 3.4.6.

This is a security release fixing CVE-2015-5230.

Bug fixes:
- Avoid superfluous backend recycling
- Removal of dnsdist from the authoritative server distribution
- Add EDNS unknown version handling and tests EDNS unknown version handling

- Update YaHTTP to v0.1.7
- Make trailing/leading spaces stand out in pdnssec check_zone
- GCC 5.2 support and sync boost.m4 macro with upstream
- Log answer packets only if log-dns-details is enabled
   2015-06-12 12:50:58 by Filip Hajny | Files touched by this commit (7) | Package updated
Log message:
Change powerdns dependency from polarssl to mbedtls. Streamline bl3 setup
while at it. Bump PKGREVISION (and of the module packages).
   2014-12-10 15:50:09 by Filip Hajny | Files touched by this commit (46) | Package updated
Log message:
Update PowerDNS to 3.4.1.

pkgsrc changes:
- SQLite 2.x support no longer exists
- SQLite 3.x support cannot be compiled outside the main package because
  of how symbols are distributed, so making it a compile time option
  for net/powerdns now.

Too many changes since (over 2 years ago), see the full changelog:


Upgrade notes:

- PowerDNS 3.4 comes with a mandatory database schema upgrade coming from
  any previous 3.x release.
- PowerDNS 3.1 introduces native SQLite3 support for storing key material for
  DNSSEC in the bindbackend. With this change, support for bind+gsql-setups
  ('hybrid mode') has been dropped.
- PowerDNS 3.0 introduces full DNSSEC support which requires changes
  to database schemas. By default, old non-DNSSEC schema is assumed.

Please see the docs on upgrading for particular steps that need to be taken:

   2014-02-13 00:18:57 by Matthias Scheler | Files touched by this commit (1568)
Log message:
Recursive PKGREVISION bump for OpenSSL API version bump.
   2013-02-07 00:24:19 by Jonathan Perkin | Files touched by this commit (1351) | Package updated
Log message:
PKGREVISION bumps for the security/openssl 1.0.1d update.