2021-10-24 08:40:28 by Takahiro Kambe | Files touched by this commit (24) | |
Log message:
net/bind916: update pkgsrc changes from NetBSD
Catch up changes from NetBSD; update them for BIND 9.16.
Bump PKGREVISION.
|
2021-10-21 22:33:08 by Kimmo Suominen | Files touched by this commit (53) |
Log message:
*: Revbump for protobuf-3.18.0
Fix for: Shared object "libprotobuf.so.28" not found
|
2021-10-07 16:43:07 by Nia Alarie | Files touched by this commit (962) |
Log message:
net: Remove SHA1 hashes for distfiles
|
2021-09-19 18:26:51 by Takahiro Kambe | Files touched by this commit (2) | |
Log message:
net/bind916: update to 9.16.21
--- 9.16.21 released ---
5711. [bug] "map" files exceeding 2GB in size failed to load due to
a size comparison that incorrectly treated the file size
as a signed integer. [GL #2878]
5710. [port] win32: incorrect parentheses resulted in the wrong
sizeof() tests being used to pick the appropriate
Windows atomic operations for the object's size.
[GL #2891]
5709. [cleanup] Enum values throughout the code have been updated
to use the terms "primary" and "secondary" instead of
"master" and "slave", respectively. [GL #1944]
5708. [bug] The thread-local isc_tid_v variable was not properly
initialized when running BIND 9 as a Windows Service,
leading to a crash on startup. [GL #2837]
5705. [bug] Change #5686 altered the internal memory structure of
zone databases, but neglected to update the MAPAPI value
for zone files in "map" format. This caused named to
attempt to load incompatible map files, triggering an
assertion failure on startup. The MAPAPI value has now
been updated, so named rejects outdated files when
encountering them. [GL #2872]
5704. [bug] Change #5317 caused the EDNS TCP Keepalive option to be
ignored inadvertently in client requests. It has now
been fixed and this option is handled properly again.
[GL #1927]
5701. [bug] named-checkconf failed to detect syntactically invalid
values of the "key" and "tls" parameters used to define
members of remote server lists. [GL #2461]
5700. [bug] When a member zone was removed from a catalog zone,
journal files for the former were not deleted.
[GL #2842]
5699. [func] Data structures holding DNSSEC signing statistics are
now grown and shrunk as necessary upon key rollover
events. [GL #1721]
5698. [bug] When a DNSSEC-signed zone which only has a single
signing key available is migrated to use KASP, that key
is now treated as a Combined Signing Key (CSK).
[GL #2857]
5696. [protocol] Support for HTTPS and SVCB record types has been added.
(This does not include ADDITIONAL section processing for
these record types, only basic support for RR type
parsing and printing.) [GL #1132]
5694. [bug] Stale data in the cache could cause named to send
non-minimized queries despite QNAME minimization being
enabled. [GL #2665]
5691. [bug] When a dynamic zone was made available in another view
using the "in-view" statement, running "rndc freeze"
always reported an "already frozen" error even though
the zone was successfully frozen. [GL #2844]
5690. [func] dnssec-signzone now honors Predecessor and Successor
metadata found in private key files: if a signature for
an RRset generated by the inactive predecessor exists
and does not need to be replaced, no additional
signature is now created for that RRset using the
successor key. This enables dnssec-signzone to gradually
replace RRSIGs during a ZSK rollover. [GL #1551]
|
2021-08-02 20:45:35 by John Klos | Files touched by this commit (1) |
Log message:
Fixed COMMENT because package is at 9.16.
|
2021-07-22 15:30:24 by Havard Eidnes | Files touched by this commit (2) | |
Log message:
Upgrade net/bind916 to version 9.16.19.
Upstream changes:
--- 9.16.19 released ---
5671. [bug] A race condition could occur where two threads were
competing for the same set of key file locks, leading to
a deadlock. This has been fixed. [GL #2786]
5670. [bug] create_keydata() created an invalid placeholder keydata
record upon a refresh failure, which prevented the
database of managed keys from subsequently being read
back. This has been fixed. [GL #2686]
5669. [func] KASP support was extended with the "check DS" \
feature.
Zones with "dnssec-policy" and \
"parental-agents"
configured now check for DS presence and can perform
automatic KSK rollovers. [GL #1126]
5668. [bug] Rescheduling a setnsec3param() task when a zone failed
to load on startup caused a hang on shutdown. This has
been fixed. [GL #2791]
5667. [bug] The configuration-checking code failed to account for
the inheritance rules of the "dnssec-policy" \
option.
This has been fixed. [GL #2780]
5666. [doc] The safe "edns-udp-size" value was tweaked to \
match the
probing value from BIND 9.16 for better compatibility.
[GL #2183]
5665. [bug] If nsupdate sends an SOA request and receives a REFUSED
response, it now fails over to the next available
server. [GL #2758]
5664. [func] For UDP messages larger than the path MTU, named now
sends an empty response with the TC (TrunCated) bit set.
In addition, setting the DF (Don't Fragment) flag on
outgoing UDP sockets was re-enabled. [GL #2790]
5662. [bug] Views with recursion disabled are now configured with a
default cache size of 2 MB unless \
"max-cache-size" is
explicitly set. This prevents cache RBT hash tables from
being needlessly preallocated for such views. [GL #2777]
5661. [bug] Change 5644 inadvertently introduced a deadlock: when
locking the key file mutex for each zone structure in a
different view, the "in-view" logic was not \
considered.
This has been fixed. [GL #2783]
5658. [bug] Increasing "max-cache-size" for a running \
named instance
(using "rndc reconfig") did not cause the hash \
tables
used by cache databases to be grown accordingly. This
has been fixed. [GL #2770]
5655. [bug] Signed, insecure delegation responses prepared by named
either lacked the necessary NSEC records or contained
duplicate NSEC records when both wildcard expansion and
CNAME chaining were required to prepare the response.
This has been fixed. [GL #2759]
5653. [bug] A bug that caused the NSEC3 salt to be changed on every
restart for zones using KASP has been fixed. [GL #2725]
|
2021-07-20 09:23:04 by Rin Okuyama | Files touched by this commit (2) |
Log message:
net/bind916: Oops, fix reversed ``#if''
|
2021-07-20 08:41:46 by Rin Okuyama | Files touched by this commit (1) |
Log message:
net/bind916 --disable-atomic is no longer supported
|
2021-07-20 08:39:45 by Rin Okuyama | Files touched by this commit (8) |
Log message:
net/bind916 Use atomic 32-bit integers where appropriate, revision++
Mostly taken from NetBSD base:
- For counters, make sure to use 32-bit integers for !_LP64 platforms.
In the previous revisions, this is partially done, i.e., incomplete.
- For flags fit within 32-bit width, use 32-bit integers for everyone.
In the previous, this is incomplete, and restricted for __NetBSD__.
Fix and generalize to everyone.
- Make comments in patches more helpful.
Fix build for ILP32 platforms as reported in PR pkg/56315.
Thanks jklos@ for testing.
|
2021-06-23 22:33:18 by Nia Alarie | Files touched by this commit (103) |
Log message:
Revbump for MySQL default change
|