pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/powerdns-recursor Update net/powerdns-recursor to ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/c178daa73569
branches: trunk
changeset: 359404:c178daa73569
user: fhajny <fhajny%pkgsrc.org@localhost>
date: Thu Mar 09 13:43:49 2017 +0000
description:
Update net/powerdns-recursor to 4.0.4.
PowerDNS Recursor 4.0.4
=======================
Change highlights include:
- Check TSIG signature on IXFR (Security Advisory 2016-04)
- Don't parse spurious RRs in queries when we don't need them
(Security Advisory 2016-02)
- Add 'max-recursion-depth' to limit the number of internal recursion
- Wait until after daemonizing to start the RPZ and protobuf threads
- On RPZ customPolicy, follow the resulting CNAME
- Make the negcache forwarded zones aware
- Cache records for zones that were delegated to from a forwarded zone
- DNSSEC: don't go bogus on zero configured DSs
- DNSSEC: NSEC3 optout and Bogus insecure forward fixes
- DNSSEC: Handle CNAMEs at the apex of secure zones to other secure
zones
PowerDNS Recursor 4.0.3
=======================
Bug fixes
- Call gettag() for TCP queries
- Fix the use of an uninitialized filtering policy
- Parse query-local-address before lua-config-file
- Fix accessing an empty policyCustom, policyName from Lua
- ComboAddress: don't allow invalid ports
- Fix RPZ default policy not being applied over IXFR
- DNSSEC: Actually follow RFC 7646 ?2.1
- Add boost context ldflags so freebsd builds can find the libs
- Ignore NS records in a RPZ zone received over IXFR
- Fix build with OpenSSL 1.1.0 final
- Don't validate when a Lua hook took the query
- Fix a protobuf regression (requestor/responder mix-up)
Additions and Enhancements
- Support Boost 1.61+ fcontext
- Add Lua binding for DNSRecord::d_place
PowerDNS Recursor 4.0.2
=======================
Bug fixes
- Set dq.rcode before calling postresolve
- Honor PIE flags.
- Fix build with LibreSSL, for which OPENSSL_VERSION_NUMBER is
irrelevant
- Don't shuffle CNAME records. (thanks to Gert van Dijk for the
extensive bug report!)
- Fix delegation-only
Additions and enhancements
- Respect the timeout when connecting to a protobuf server
- allow newDN to take a DNSName in; document missing methods
- expose SMN toString to lua
- Anonymize the protobuf ECS value as well (thanks to Kai Storbeck of
XS4All for finding this)
- Allow Lua access to the result of the Policy Engine decision, skip
RPZ, finish RPZ implementation
- Remove unused DNSPacket::d_qlen
- RPZ: Use query-local-address(6) by default (thanks to Oli Schacher
of switch.ch for the feature request)
- Move the root DNSSEC data to a header file
PowerDNS Recursor 4.0.1
=======================
Bug fixes
- Improve DNSSEC record skipping for non dnssec queries (Kees
Monshouwer)
- Don't validate zones from the local auth store, go one level down
while validating when there is a CNAME
- Don't go bogus on islands of security
- Check all possible chains for Insecures
- Don't go Bogus on a CNAME at the apex
- RPZ: default policy should also override local data RRs
- Fix a crash when the next name in a chained query is empty and
rec_control current-queries is invoked
Improvements
- OpenSSL 1.1.0 support (Christian Hofstaedtler)
- Fix warnings with gcc on musl-libc (James Taylor)
- Also validate on +DO
- Fail to start when the lua-dns-script does not exist
- Add more Netmask methods for Lua (Aki Tuomi)
- Validate DNSSEC for security polling
- Turn on root-nx-trust by default and log-common-errors=off
- Allow for multiple trust anchors per zone
- Fix compilation warning when building without Protobuf
PowerDNS Recursor 4.0.0
=======================
- Moved to C++ 2011, a cleaner more powerful version of C++ that has
allowed us to improve the quality of implementation in many places.
- Implemented dedicated infrastructure for dealing with DNS names that
is fully "DNS Native" and needs less escaping and unescaping.
- Switched to binary storage of DNS records in all places.
- Moved ACLs to a dedicated Netmask Tree.
- Implemented a version of RCU for configuration changes
- Instrumented our use of the memory allocator, reduced number of
malloc calls substantially.
- The Lua hook infrastructure was redone using LuaWrapper; old scripts
will no longer work, but new scripts are easier to write under the
new interface.
- DNSSEC processing: if you ask for DNSSEC records, you will get them.
- DNSSEC validation: if so configured, PowerDNS perform DNSSEC
validation of your answers.
- Completely revamped Lua scripting API that is "DNSName" native and
therefore far less error prone, and likely faster for most commonly
used scenarios.
- New asynchronous per-domain, per-ip address, query engine.
- RPZ (from file, over AXFR or IXFR) support.
- All caches can now be wiped on suffixes, because of canonical
ordering.
- Many, many more relevant performance metrics, including upstream
authoritative performance measurements.
- EDNS Client Subnet support, including cache awareness of
subnet-varying answers.
diffstat:
net/powerdns-recursor/Makefile | 20 +-
net/powerdns-recursor/PLIST | 6 +-
net/powerdns-recursor/distinfo | 27 +--
net/powerdns-recursor/patches/patch-Makefile.in | 98 -----------
net/powerdns-recursor/patches/patch-dnsparser.cc | 24 --
net/powerdns-recursor/patches/patch-dnsparser.hh | 27 ---
net/powerdns-recursor/patches/patch-iputils.hh | 8 +-
net/powerdns-recursor/patches/patch-kqueuemplexer.cc | 8 +-
net/powerdns-recursor/patches/patch-namespaces.hh | 16 -
net/powerdns-recursor/patches/patch-pdns__recursor.1 | 29 ---
net/powerdns-recursor/patches/patch-pdns__recursor.cc | 126 ---------------
net/powerdns-recursor/patches/patch-qtype.hh | 17 ++
net/powerdns-recursor/patches/patch-rec__channel.cc | 32 ---
net/powerdns-recursor/patches/patch-rec__channel__rec.cc | 33 ---
net/powerdns-recursor/patches/patch-rec__control.1 | 29 ---
net/powerdns-recursor/patches/patch-recursor__cache.cc | 24 --
net/powerdns-recursor/patches/patch-reczones.cc | 15 -
net/powerdns-recursor/patches/patch-sysdeps_SunOS.inc | 14 -
18 files changed, 43 insertions(+), 510 deletions(-)
diffs (truncated from 676 to 300 lines):
diff -r 53794189f097 -r c178daa73569 net/powerdns-recursor/Makefile
--- a/net/powerdns-recursor/Makefile Thu Mar 09 13:32:54 2017 +0000
+++ b/net/powerdns-recursor/Makefile Thu Mar 09 13:43:49 2017 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.18 2015/06/10 14:40:07 fhajny Exp $
+# $NetBSD: Makefile,v 1.19 2017/03/09 13:43:49 fhajny Exp $
#
-DISTNAME= pdns-recursor-3.7.3
+DISTNAME= pdns-recursor-4.0.4
CATEGORIES= net
MASTER_SITES= http://downloads.powerdns.com/releases/
EXTRACT_SUFX= .tar.bz2
@@ -11,7 +11,7 @@
COMMENT= PowerDNS resolver/recursing nameserver
LICENSE= gnu-gpl-v2
-HAS_CONFIGURE= yes
+GNU_CONFIGURE= yes
USE_LANGUAGES= c c++
USE_TOOLS+= gmake
@@ -19,10 +19,9 @@
EGDIR= ${PREFIX}/share/examples/pdns-recursor
-BUILD_MAKE_FLAGS+= SYSCONFDIR=${PKG_SYSCONFDIR} OPTFLAGS=
+PTHREAD_AUTO_VARS= yes
-INSTALL_MAKE_FLAGS+= BINDIR=${PREFIX}/bin SBINDIR=${PREFIX}/sbin
-INSTALL_MAKE_FLAGS+= SYSCONFDIR=${EGDIR} MANDIR=${PREFIX}/${PKGMANDIR}
+INSTALL_MAKE_FLAGS+= sysconfdir=${EGDIR}
CONF_FILES+= ${EGDIR}/recursor.conf-dist \
${PKG_SYSCONFDIR}/recursor.conf
@@ -34,12 +33,7 @@
.include "options.mk"
-post-extract:
- ${LN} -s FreeBSD.inc ${WRKSRC}/sysdeps/NetBSD.inc
-
-post-build:
- ${CP} ${WRKSRC}/pdns_recursor.1 ${WRKSRC}/pdns_recursor.8
- ${CP} ${WRKSRC}/rec_control.1 ${WRKSRC}/rec_control.8
-
.include "../../devel/boost-headers/buildlink3.mk"
+.include "../../security/openssl/buildlink3.mk"
+.include "../../mk/pthread.buildlink3.mk"
.include "../../mk/bsd.pkg.mk"
diff -r 53794189f097 -r c178daa73569 net/powerdns-recursor/PLIST
--- a/net/powerdns-recursor/PLIST Thu Mar 09 13:32:54 2017 +0000
+++ b/net/powerdns-recursor/PLIST Thu Mar 09 13:43:49 2017 +0000
@@ -1,6 +1,6 @@
-@comment $NetBSD: PLIST,v 1.3 2014/03/11 14:05:10 jperkin Exp $
+@comment $NetBSD: PLIST,v 1.4 2017/03/09 13:43:49 fhajny Exp $
bin/rec_control
-man/man8/pdns_recursor.8
-man/man8/rec_control.8
+man/man1/pdns_recursor.1
+man/man1/rec_control.1
sbin/pdns_recursor
share/examples/pdns-recursor/recursor.conf-dist
diff -r 53794189f097 -r c178daa73569 net/powerdns-recursor/distinfo
--- a/net/powerdns-recursor/distinfo Thu Mar 09 13:32:54 2017 +0000
+++ b/net/powerdns-recursor/distinfo Thu Mar 09 13:43:49 2017 +0000
@@ -1,21 +1,10 @@
-$NetBSD: distinfo,v 1.15 2015/11/04 00:35:28 agc Exp $
+$NetBSD: distinfo,v 1.16 2017/03/09 13:43:49 fhajny Exp $
-SHA1 (pdns-recursor-3.7.3.tar.bz2) = a09d960852ba67c1618dfa9258158a1145f657c1
-RMD160 (pdns-recursor-3.7.3.tar.bz2) = c73738ea571b8ce4ef4c01ee02c971c990d03f42
-SHA512 (pdns-recursor-3.7.3.tar.bz2) = 35b95130e46d04c91adc3c4676a6e5546ac25d21ec576734162764732993d876d34f0e8124b7b6934c8354c0d042ffa5ec30f138b83a9aeaafcefa3808adcf23
-Size (pdns-recursor-3.7.3.tar.bz2) = 245192 bytes
-SHA1 (patch-Makefile.in) = 4aa3fc487afab1795532cc6a09975fa6580625fe
+SHA1 (pdns-recursor-4.0.4.tar.bz2) = e3d2f18e0ea929e425bc9da4256f76331797f691
+RMD160 (pdns-recursor-4.0.4.tar.bz2) = 12b1b7239156d9b898199c02a1edd6875301a7b1
+SHA512 (pdns-recursor-4.0.4.tar.bz2) = 9473dfe9abc509b2bb953139dd7892de2027ee1508902fa0c2cd30dd9a88878fcf44370b8372d573cbab12de32bb8c604005d3b39ea34db2ef86786e689d36ab
+Size (pdns-recursor-4.0.4.tar.bz2) = 1050596 bytes
SHA1 (patch-dns.hh) = 7e9c1b10a066a605b74ebdbee2d894aed50f6c68
-SHA1 (patch-dnsparser.cc) = acd60fbeaa5ad3aa09db306eeaddb1071bbedfb7
-SHA1 (patch-dnsparser.hh) = 289e271629969a50b41e805ae9f092ce75a1483f
-SHA1 (patch-iputils.hh) = 01134b045189653046036d7cb081a2f4d1ed27e4
-SHA1 (patch-kqueuemplexer.cc) = 1e3923aec5f81400eaedffa07c50762da7bdd5c8
-SHA1 (patch-namespaces.hh) = b7abe73b649569819fb070e10d3c926c95589bfb
-SHA1 (patch-pdns__recursor.1) = de3c561e770558850a9f1bdf13f60570d90a5643
-SHA1 (patch-pdns__recursor.cc) = b1d6ba1d1abfbd2759431caffc113bca22513abd
-SHA1 (patch-rec__channel.cc) = dee9fba4bbe240ca2070cdf8a8f303bb2e3bce61
-SHA1 (patch-rec__channel__rec.cc) = b0b277167fff8a080528f6a5cc75a81658f7c66f
-SHA1 (patch-rec__control.1) = 6a38b768cf5ab6f91fcf6eb7e4d5f0c62824f723
-SHA1 (patch-recursor__cache.cc) = c2f86bd695ed01ae6b415a61a099696c87f78d63
-SHA1 (patch-reczones.cc) = f187de66d755a8e134804282ceb7723aa9bd392e
-SHA1 (patch-sysdeps_SunOS.inc) = e2087d1469437c88266bc30566cf9d7415e7af69
+SHA1 (patch-iputils.hh) = aaf3b913fbe26f5daa9c2b16ff24cc9a7a1d7de0
+SHA1 (patch-kqueuemplexer.cc) = 87b3b6670393ee60fc96cf91c5acf575adfd06c0
+SHA1 (patch-qtype.hh) = f14eb9ad7efc7dd4a0ce220c1f93044ef69e99c2
diff -r 53794189f097 -r c178daa73569 net/powerdns-recursor/patches/patch-Makefile.in
--- a/net/powerdns-recursor/patches/patch-Makefile.in Thu Mar 09 13:32:54 2017 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,98 +0,0 @@
-$NetBSD: patch-Makefile.in,v 1.1 2015/06/10 14:22:29 fhajny Exp $
-
-Use proper locations and install scripts.
-
---- Makefile.in.orig 2015-04-21 13:02:57.000000000 +0000
-+++ Makefile.in
-@@ -1,6 +1,8 @@
- # user editable stuff:
--SBINDIR=/usr/sbin/
--BINDIR=/usr/bin/
-+PREFIX?=/usr
-+SBINDIR=$(PREFIX)/sbin/
-+BINDIR=$(PREFIX)/bin/
-+MANDIR=$(PREFIX)/share/man
- SYSCONFDIR=/etc/powerdns/
- LOCALSTATEDIR=/var/run/
- OPTFLAGS?=-O3
-@@ -12,6 +14,13 @@ STRIP_BINARIES?=1
- LINKCC=$(CXX)
- CC?=gcc
-
-+INSTALL?=install
-+SHAREMODE?=644
-+MANMODE?=444
-+INSTALL_DIR?=$(INSTALL) -d
-+INSTALL_DATA?=$(INSTALL) -m $(SHAREMODE)
-+INSTALL_MAN?=$(INSTALL) -m $(MANMODE)
-+
- # Lua 5.1 settings
-
- # static dependencies
-@@ -30,7 +39,7 @@ REC_CONTROL_OBJECTS=rec_channel.o rec_co
- unix_utility.o logger.o qtype.o
-
- # what we need
--all: message version_generated.h build
-+all: message version_generated.h build recursor.conf-dist
-
- # OS specific instructions
- -include sysdeps/$(shell uname).inc
-@@ -71,7 +80,7 @@ CFLAGS += -DSYSCONFDIR='"$(SYSCONFDIR)"'
-
- # Version
- build_date := $(shell LC_TIME=C date '+%Y%m%d%H%M%S')
--build_host := $(shell id -u -n)@$(shell hostname -f)
-+build_host := $(shell id -u -n)@$(shell hostname)
-
- .PHONY: version_generated.h
- version_generated.h:
-@@ -89,6 +98,10 @@ endef
-
- export create_version_generated_h
-
-+recursor.conf-dist: pdns_recursor
-+ @# Not cross-compile friendly :/
-+ ./pdns_recursor --config > $@
-+
- message:
- @echo
- @echo PLEASE READ: If you get an error mentioning \#include '<boost/something.hpp>', please read README
-@@ -107,20 +120,14 @@ basic_checks:
- fi
-
- install: build-stamp
-- -mkdir -p $(DESTDIR)/$(SBINDIR)
-- cp pdns_recursor $(DESTDIR)/$(SBINDIR)
--ifeq ($(STRIP_BINARIES), 1)
-- strip $(DESTDIR)/$(SBINDIR)/pdns_recursor
--endif
-- mkdir -p $(DESTDIR)/$(BINDIR)
-- cp rec_control $(DESTDIR)/$(BINDIR)
--ifeq ($(STRIP_BINARIES), 1)
-- strip $(DESTDIR)/$(BINDIR)/rec_control
--endif
-- -mkdir -p $(DESTDIR)/$(SYSCONFDIR)
-- $(DESTDIR)/$(SBINDIR)/pdns_recursor --config > $(DESTDIR)/$(SYSCONFDIR)/recursor.conf-dist
-- -mkdir -p $(DESTDIR)/usr/share/man/man1
-- cp pdns_recursor.1 rec_control.1 $(DESTDIR)/usr/share/man/man1
-+ $(INSTALL_DIR) $(DESTDIR)/$(SBINDIR)
-+ $(INSTALL) pdns_recursor $(DESTDIR)/$(SBINDIR)
-+ $(INSTALL_DIR) $(DESTDIR)/$(BINDIR)
-+ $(INSTALL) rec_control $(DESTDIR)/$(BINDIR)
-+ $(INSTALL_DIR) $(DESTDIR)/$(SYSCONFDIR)
-+ $(INSTALL_DATA) recursor.conf-dist $(DESTDIR)/$(SYSCONFDIR)
-+ $(INSTALL_DIR) $(DESTDIR)/$(MANDIR)/man8
-+ $(INSTALL_MAN) pdns_recursor.8 rec_control.8 $(DESTDIR)/$(MANDIR)/man8
- $(OS_SPECIFIC_INSTALL)
-
- clean: binclean
-@@ -135,7 +142,7 @@ dep:
- -include dep
-
- optional:
-- mkdir optional
-+ $(INSTALL_DIR) optional
-
- pdns_recursor: optional $(OPTIONALS) $(PDNS_RECURSOR_OBJECTS)
- $(LINKCC) $(PDNS_RECURSOR_OBJECTS) $(wildcard optional/*.o) $(LDFLAGS) -o $@
diff -r 53794189f097 -r c178daa73569 net/powerdns-recursor/patches/patch-dnsparser.cc
--- a/net/powerdns-recursor/patches/patch-dnsparser.cc Thu Mar 09 13:32:54 2017 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,24 +0,0 @@
-$NetBSD: patch-dnsparser.cc,v 1.2 2015/06/10 14:22:29 fhajny Exp $
-
-Straighten Boost namespace.
-
---- dnsparser.cc.orig 2015-04-21 13:02:57.000000000 +0000
-+++ dnsparser.cc
-@@ -109,7 +109,7 @@ static const string EncodeDNSLabel(const
- }
-
-
--shared_ptr<DNSRecordContent> DNSRecordContent::unserialize(const string& qname, uint16_t qtype, const string& serialized)
-+boost::shared_ptr<DNSRecordContent> DNSRecordContent::unserialize(const string& qname, uint16_t qtype, const string& serialized)
- {
- dnsheader dnsheader;
- memset(&dnsheader, 0, sizeof(dnsheader));
-@@ -143,7 +143,7 @@ shared_ptr<DNSRecordContent> DNSRecordCo
- memcpy(&packet[pos], serialized.c_str(), serialized.size()); pos+=(uint16_t)serialized.size();
-
- MOADNSParser mdp((char*)&*packet.begin(), (unsigned int)packet.size());
-- shared_ptr<DNSRecordContent> ret= mdp.d_answers.begin()->first.d_content;
-+ boost::shared_ptr<DNSRecordContent> ret= mdp.d_answers.begin()->first.d_content;
- ret->header.d_type=ret->d_qtype;
- ret->label=mdp.d_answers.begin()->first.d_label;
- ret->header.d_ttl=mdp.d_answers.begin()->first.d_ttl;
diff -r 53794189f097 -r c178daa73569 net/powerdns-recursor/patches/patch-dnsparser.hh
--- a/net/powerdns-recursor/patches/patch-dnsparser.hh Thu Mar 09 13:32:54 2017 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,27 +0,0 @@
-$NetBSD: patch-dnsparser.hh,v 1.2 2015/06/10 14:22:29 fhajny Exp $
-
-Straighten Boost namespace.
-
---- dnsparser.hh.orig 2015-04-21 13:02:57.000000000 +0000
-+++ dnsparser.hh
-@@ -183,7 +183,7 @@ public:
- return record;
- }
-
-- static shared_ptr<DNSRecordContent> unserialize(const string& qname, uint16_t qtype, const string& serialized);
-+ static boost::shared_ptr<DNSRecordContent> unserialize(const string& qname, uint16_t qtype, const string& serialized);
-
- void doRecordCheck(const struct DNSRecord&){}
-
-@@ -327,9 +327,9 @@ public:
- //! All answers contained in this packet
- answers_t d_answers;
-
-- shared_ptr<PacketReader> getPacketReader(uint16_t offset)
-+ boost::shared_ptr<PacketReader> getPacketReader(uint16_t offset)
- {
-- shared_ptr<PacketReader> pr(new PacketReader(d_content));
-+ boost::shared_ptr<PacketReader> pr(new PacketReader(d_content));
- pr->d_pos=offset;
- return pr;
- }
diff -r 53794189f097 -r c178daa73569 net/powerdns-recursor/patches/patch-iputils.hh
--- a/net/powerdns-recursor/patches/patch-iputils.hh Thu Mar 09 13:32:54 2017 +0000
+++ b/net/powerdns-recursor/patches/patch-iputils.hh Thu Mar 09 13:43:49 2017 +0000
@@ -1,12 +1,12 @@
-$NetBSD: patch-iputils.hh,v 1.1 2015/06/10 14:22:29 fhajny Exp $
+$NetBSD: patch-iputils.hh,v 1.2 2017/03/09 13:43:49 fhajny Exp $
IP_PKTINFO structure different on NetBSD than expected.
---- iputils.hh.orig 2015-04-21 13:02:57.000000000 +0000
+--- iputils.hh.orig 2017-01-13 08:55:55.000000000 +0000
+++ iputils.hh
@@ -38,6 +38,10 @@
+ #include <boost/tuple/tuple.hpp>
#include <boost/tuple/tuple_comparison.hpp>
- #include <boost/lexical_cast.hpp>
+#if defined(IP_PKTINFO) && defined(__NetBSD__)
+#undef IP_PKTINFO
@@ -14,4 +14,4 @@
+
#include "namespaces.hh"
- union ComboAddress {
+ #ifdef __APPLE__
diff -r 53794189f097 -r c178daa73569 net/powerdns-recursor/patches/patch-kqueuemplexer.cc
--- a/net/powerdns-recursor/patches/patch-kqueuemplexer.cc Thu Mar 09 13:32:54 2017 +0000
+++ b/net/powerdns-recursor/patches/patch-kqueuemplexer.cc Thu Mar 09 13:43:49 2017 +0000
@@ -1,11 +1,11 @@
-$NetBSD: patch-kqueuemplexer.cc,v 1.2 2015/06/10 14:22:29 fhajny Exp $
+$NetBSD: patch-kqueuemplexer.cc,v 1.3 2017/03/09 13:43:49 fhajny Exp $
kqueue systems normally have sys/event.h
---- kqueuemplexer.cc.orig 2015-04-21 13:02:57.000000000 +0000
+--- kqueuemplexer.cc.orig 2017-01-13 08:55:55.000000000 +0000
+++ kqueuemplexer.cc
-@@ -6,9 +6,7 @@
- #include <boost/lexical_cast.hpp>
+@@ -29,9 +29,7 @@
+ #include "misc.hh"
#include "syncres.hh"
#include <sys/types.h>
Home |
Main Index |
Thread Index |
Old Index