pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/net/knot Knot DNS 2.4.5 (2017-06-23)



details:   https://anonhg.NetBSD.org/pkgsrc/rev/bb48b5480bd6
branches:  trunk
changeset: 376742:bb48b5480bd6
user:      pettai <pettai%pkgsrc.org@localhost>
date:      Wed Mar 07 16:42:10 2018 +0000

description:
Knot DNS 2.4.5 (2017-06-23)
===========================

Security:
---------
 - Improper TSIG validity period check can allow TSIG forgery (Thanks to Synacktiv!)

Bugfixes:
---------
 - Corner case journal fixes (huge changesets, OpenWRT operation)

Knot DNS 2.4.4 (2017-06-05)
===========================

Improvements:
-------------
 - Improved error handling in kjournalprint

Bugfixes:
---------
 - Zone flush not replanned upon unsuccessful flush
 - Journal inconsistency after deleting deleted zone
 - Zone events not rescheduled upon server reload (Thanks to Mark Warren)
 - Unreliable LMDB mapsize detection in kjournalprint
 - Some minor issues found by AddressSanitizer

Knot DNS 2.4.3 (2017-04-11)
===========================

Improvements:
-------------
 - New 'journal-db-mode' optimization configuration option
 - The default TSIG algorithm for utilities input is HMAC-SHA256
 - Implemented sensible default EDNS(0) padding policy (Thanks to D. K. Gillmor)
 - Added some more semantic checks on the knotc configuration operations

Bugfixes:
---------
 - Missing 'zone' keyword in the YAML output
 - Missing trailing dot in the keymgr DS owner output
 - Journal logs 'invalid parameter' in several cases
 - Some minor journal-related problems

Knot DNS 2.4.2 (2017-03-23)
===========================

Features:
---------
 - Zscanner can store record comments placed on the same line
 - Knotc status extension with version, configure, and workers parameters

Improvements:
-------------
 - Significant incoming XFR speed-up in the case of many zones

Bugfixes:
---------
 - Double OPT RR insertion when a global module returns KNOT_STATE_FAIL
 - User-driven zscanner parsing logic inconsistency
 - Lower serial at master doesn't trigger any errors
 - Queries with too long DNAME substitution do not return YXDOMAIN response
 - Incorrect elapsed time in the DDNS log
 - Failed to process forwarded DDNS request with TSIG

Knot DNS 2.4.1 (2017-02-10)
===========================

Improvements:
-------------
 - Speed-up of rdata addition into a huge rrset
 - Introduce check of minumum timeout for next refresh
 - Dnsproxy module can forward all queries without local resolving

Bugfixes:
--------
 - Transfer of a huge rrset goes into an infinite loop
 - Huge response over TCP contains useless TC bit instead of SERVFAIL
 - Failed to build utilities with disabled daemon
 - Memory leaks during keys removal
 - Rough TSIG packet reservation causes early truncation
 - Minor out-of-bounds string termination write in rrset dump
 - Server crash during stop if failed to open timers DB
 - Failed to compile on OS X older than Sierra
 - Poor minimum UDP-max-size configuration check
 - Failed to receive one-record-per-message IXFR-style AXFR
 - Kdig timeouts when receiving RCODE != NOERROR on subsequent transfer message

Knot DNS 2.4.0 (2017-01-18)
===========================
 - Kdig timeouts when receiving RCODE != NOERROR on subsequent transfer message

Knot DNS 2.4.0 (2017-01-18)
===========================

Bugfixes:
--------
 - False positive semantic-check warning about invalid bitmap in NSEC
 - Unnecessary SOA queries upon notify with up to date serial
 - Timers for expired zones are reset on reload
 - Zone doesn't expire when the server is down
 - Failed to handle keys with duplicate keytags
 - Per zone module and global module insconsistency
 - Obsolete online signing module configuration
 - Malformed output from kjournalprint
 - Redundant SO_REUSEPORT activation on the TCP socket
 - Failed to use higher number of background workers

Improvements:
-------------
 - Lower memory consumption with qp-trie
 - Zone events and zone timers improvements
 - Print all zone names in the FQDN format
 - Simplified query module interface
 - Shared TCP connection between SOA query and transfer
 - Response Rate Limiting as a module with statistics support
 - Key filters in keymgr

Features:
---------
 - New unified LMDB-based zone journal
 - Server statistics support
 - New statistics module for traffic measuring
 - Automatic deletion of retired DNSSEC keys
 - New control logging category

diffstat:

 net/knot/Makefile |  11 ++++++++---
 net/knot/PLIST    |   4 +++-
 net/knot/distinfo |  10 +++++-----
 3 files changed, 16 insertions(+), 9 deletions(-)

diffs (62 lines):

diff -r 11cdc2412dd2 -r bb48b5480bd6 net/knot/Makefile
--- a/net/knot/Makefile Wed Mar 07 14:31:40 2018 +0000
+++ b/net/knot/Makefile Wed Mar 07 16:42:10 2018 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.36 2017/08/16 20:21:13 wiz Exp $
+# $NetBSD: Makefile,v 1.37 2018/03/07 16:42:10 pettai Exp $
 
-DISTNAME=      knot-2.3.3
-PKGREVISION=   1
+DISTNAME=      knot-2.4.5
 CATEGORIES=    net
 MASTER_SITES=  https://secure.nic.cz/files/knot-dns/
 EXTRACT_SUFX=  .tar.xz
@@ -24,6 +23,12 @@
 
 CONFIGURE_ARGS.NetBSD+=        --enable-recvmmsg=no
 
+.include "../../mk/bsd.prefs.mk"
+
+.if ${MACHINE_ARCH} == "i386" 
+CFLAGS += -march=i586 
+.endif 
+
 USE_LIBTOOL=   yes
 USE_TOOLS+=    bison flex gmake pkg-config
 
diff -r 11cdc2412dd2 -r bb48b5480bd6 net/knot/PLIST
--- a/net/knot/PLIST    Wed Mar 07 14:31:40 2018 +0000
+++ b/net/knot/PLIST    Wed Mar 07 16:42:10 2018 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.12 2016/12/09 22:28:17 pettai Exp $
+@comment $NetBSD: PLIST,v 1.13 2018/03/07 16:42:10 pettai Exp $
 bin/kdig
 bin/khost
 bin/kjournalprint
@@ -13,8 +13,10 @@
 include/dnssec/kasp.h
 include/dnssec/key.h
 include/dnssec/keyid.h
+include/dnssec/keystate.h
 include/dnssec/keystore.h
 include/dnssec/keytag.h
+include/dnssec/keyusage.h
 include/dnssec/list.h
 include/dnssec/nsec.h
 include/dnssec/random.h
diff -r 11cdc2412dd2 -r bb48b5480bd6 net/knot/distinfo
--- a/net/knot/distinfo Wed Mar 07 14:31:40 2018 +0000
+++ b/net/knot/distinfo Wed Mar 07 16:42:10 2018 +0000
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.22 2016/12/09 22:28:17 pettai Exp $
+$NetBSD: distinfo,v 1.23 2018/03/07 16:42:10 pettai Exp $
 
-SHA1 (knot-2.3.3.tar.xz) = a94bebb595eab6b3014aae9e2376300958864113
-RMD160 (knot-2.3.3.tar.xz) = d72fc69dd2a0fee769eb1c7261ea5df6d31c145e
-SHA512 (knot-2.3.3.tar.xz) = ed7b93c2d0ae15819d09a8bf77c2d12505a035dcd7777e9ac453b58c36d302c3cbaa2766e1f6d2163a71234d005494a7d9b5be436c0e16b443de4da97f7a5d9f
-Size (knot-2.3.3.tar.xz) = 1071160 bytes
+SHA1 (knot-2.4.5.tar.xz) = 14cda3dd24da8a80ee0aa601aed4eb521fdc9caa
+RMD160 (knot-2.4.5.tar.xz) = 1cb9d76056fe2ecfd85e2482e054bfa5d3ae2a7d
+SHA512 (knot-2.4.5.tar.xz) = db4919dbe2dc688f401e6611d784d47e1d40a0f8ec8c8cd6240d89ab9dd2ce7dd1976ac7cb24c712ed8aa074e0026ff0a10e9d6d5e685929d271ae554d9a1cff
+Size (knot-2.4.5.tar.xz) = 1111536 bytes
 SHA1 (patch-samples_Makefile.in) = 9354505e5525b28266e5ab250026571d980ade54



Home | Main Index | Thread Index | Old Index