pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/net/ldns Update to version 1.7.0 so we build with a mo...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/43546bb085f8
branches:  trunk
changeset: 397962:43546bb085f8
user:      roy <roy%pkgsrc.org@localhost>
date:      Mon Jul 08 08:25:59 2019 +0000

description:
Update to version 1.7.0 so we build with a more recent OpenSSL

Upstream changes:
1.7.0   2016-12-20
        * Fix lookup of relative names in ldns_resolver_search.
        * bugfix #548: Double free for answers > 4096 in ldns_resolver_send_pkt
        * Follow CNAME's when tracing with drill (TODO dnssec trace)
        * Fix #551 change Regent to Copyright holder in BSD license in
          some of the headings of the file, to match the opensource.org
          BSD license.
        * -e option makes ldns-compare-zones exit with status code 2 on difference
        * Filter out specified RR types with ldns-read-zone -e and -E options
        * bugfix #563: Correct DNSKEY from DSA private key. Thanks Peter Koch.
        * bugfix #562: ldns-keygen match DSA key maximum size with library.
          And check keysizes with all algorithms. Thanks Peter Koch.
        * ldns-verify-zone accepts only one single zonefile as argument.
        * bugfix #573: ldns-keygen write private keys with mode 0600.
          Thanks Leon Weber
        * Fix configure to make ldns compile with LibreSSL 2.0
        * drill now also accepts dig style -y option
          (-y <[algo:]name:key> i.s.o. -y <name:key[:algo]>)
        * OPENPGPKEY draft rr types. Enable with: --enable-rrtype-openpgpkey
        * bugfix #608: Correct comment about escaped characters
        * CDS and CDNSKEY rr type from RFC 7344.
          --enable-rrtype-cds configure option removed
        * fix: Memory leak in ldns_pkt_rr_list_by_name()
          Thanks Johannes Naab
        * fix: Memory leak in ldns_dname2buffer_wire_compress()
          Thanks Max Liebkies
        * bugfix #613: Allow tab as whitespace too in last rdata field of types
          of variable length.  Thanks Xiali Yan
        * bugfix: strip trailing whitespace from $ORIGIN lines in zone files
        * Let ldns-keygen output .ds files only for KSK keys
        * Parse RFC7218 TLSA mnemonics, but do not output them
        * Let ldns-dane use SPKI as the default selector i.s.o. Cert
        * bugfix: Fit left over NSEC3s once more before adding empty non
          terminals.  Thanks Stuart Browne
        * bugfix #605: Determine default trust anchor location at compile time
          Thanks Peter Koch
        * bugfix #697: Double free with ldns-dane create
          Thanks Carsten Strotmann
        * bugfix #623: Do not redefine bool type and boolean values
          Thanks Jakob Petsovits
        * bugfix #570: Add TLSA, CDS, CDNSKEY and OPENPGPKEY RR types to ldnsx
          Thanks Shussain
        * bugfix #575: ldns_pkt_clone() does not copy timestamp field
          Thanks Calle Dybedahl
        * bugfix #584: ldns-update fixes.  Send update to port 53, bring manpage
          in sync with the usage text, and don't alter the ldns_resolver passed
          to ldns_update_soa_zone_mname().  Created a ldns_resolver_clone()
          function in the process.  Thanks Nicholas Riley.
        * bugfix #633: ldns_pkt_clone() parameter isn't const.
          Thanks Jakop Petsovits
        * bugfix: ldns-dane manpage correction
          Thanks Erwin Lansing
        * Spelling fixes.  Thanks Andreas Schulze
        * Hyphen used as minus in manpages.  Thanks Andreas Schulze.
        * RFC7553 RR Type URI is supported by default.
        * Fix ECDSA signature generation, do not omit leading zeroes.
        * bugfix: Get rid of superfluous newline in ldns-keyfetcher
          Thanks Jan-Piet Mens
        * bugfix: -U option to ldns-signzone to sign with every algorithm
          Thanks Guido Kroon
        * const function parameters whenever possible.
          Thanks Ray Bellis
        * bugfix #725: allow RR-types on the type bitmap window border
          Thanks Pieter Lexis
        * bugfix #726: 2 typos in drill manpage.
          Thanks Hugo Lombard
        * Add type CSYNC support, RFC 7477.
        * Prepare for ED25519, ED448 support: todo convert* routines in
          dnssec.h, once openssl has support for signing with these algorithms.
          The dns algorithm number is not yet allocated. These features are
          not fully implemented yet, openssl (1.1) does not support the
          algorithms enough to generate keys and sign and verify with them.
        * Fix _answerfrom comment in ldns_struct_pkt.
        * Fix drill axfr ipv4/ipv6 queries.
        * Fix comment referring to mk_query in packet.h to pkt_query_new.
        * Fix description of QR flag in packet.h.
        * Fix for openssl 1.1.0 API changes.
        * Remove commented out macro.  Thanks Thiago Farina
        * bugfix #641: Include install-sh in .gitignore
        * bugfix #825: Module import breaks with newer SWIG versions.
          Thanks Christoph Egger
        * bugfix #796 - #792: Fix miscellaneous compiler warning issues.
          Thanks Ngie Cooper
        * bugfix #769: Add support for :: in an IPv6 address
          Thanks Hajimu UMEMOTO
        * bugfix #760: Detect superfluous text in presentation format
          Thanks Xiali Yan
        * bugfix #708: warnings and errors with xcode 6.1/7.0
        * bugfix #754: Memory leak in ldns_str2rdf_ipseckey
          Thanks Xiali Yan
        * bugfix #661: Fail NSEC3 signing when NSEC domainname length
          would overflow.  Thanks Jan-Piet Mens.
        * bugfix #771: hmac-sha224, hmac-sha384 and hmac-sha512 keys.
          Thanks Harald Jenny
        * bugfix #680: ldns fails to reject invalidly formatted
          RFC 7553 URI RRs.  Thanks Robert Edmonds
        * bugfix #678: Use poll i.s.o. select to support > 1024 fds
          Thanks William King
        * Use OpenSSL DANE functions for verification (unless explicitly
          disabled with --disable-dane-ta-usage).
        * Bumb .so version
        * Include OPENPGPKEY RR type by default
        * rdata processing for SMIMEA RR type
        * Fix crash in displaying TLSA RR's.
          Thanks Andreas Schulze
        * Update ldns-key2ds man page to mention GOST and SHA384 hash
          functions.  Thanks Harald Jenny
        * Add sha384 and sha512 tsig algorithm. Thanks Michael Weiser
        * Clarify data ownership with consts for tsig parameters.
          Thanks Michael Weiser
        * bugfix: Fix detection of DSA support with OpenSSL >= 1.1.0
        * bugfix #1160: Provide sha256 for release tarballs
        * --enable-gost-anyway compiles GOST support with OpenSSL >= 1.1.0
          even when the GOST engine is not available.

diffstat:

 net/ldns/Makefile                             |   5 +-
 net/ldns/PLIST                                |  36 +++++++++++-
 net/ldns/distinfo                             |  12 +--
 net/ldns/patches/patch-doc_doxyparse.pl       |  15 -----
 net/ldns/patches/patch-examples_ldns-keygen.c |  76 ---------------------------
 5 files changed, 38 insertions(+), 106 deletions(-)

diffs (270 lines):

diff -r 705d791927c1 -r 43546bb085f8 net/ldns/Makefile
--- a/net/ldns/Makefile Mon Jul 08 07:49:34 2019 +0000
+++ b/net/ldns/Makefile Mon Jul 08 08:25:59 2019 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.39 2018/08/22 09:45:53 wiz Exp $
+# $NetBSD: Makefile,v 1.40 2019/07/08 08:25:59 roy Exp $
 
-DISTNAME=      ldns-1.6.17
-PKGREVISION=   7
+DISTNAME=      ldns-1.7.0
 CATEGORIES=    net
 MASTER_SITES=  http://www.nlnetlabs.nl/downloads/ldns/
 
diff -r 705d791927c1 -r 43546bb085f8 net/ldns/PLIST
--- a/net/ldns/PLIST    Mon Jul 08 07:49:34 2019 +0000
+++ b/net/ldns/PLIST    Mon Jul 08 08:25:59 2019 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.8 2016/02/15 12:45:28 he Exp $
+@comment $NetBSD: PLIST,v 1.9 2019/07/08 08:25:59 roy Exp $
 bin/ldns-chaos
 bin/ldns-compare-zones
 bin/ldns-config
@@ -84,20 +84,34 @@
 man/man1/ldns-zcat.1
 man/man1/ldns-zsplit.1
 man/man1/ldnsd.1
+man/man3/ldns_algorithm.3
+man/man3/ldns_axfr_abort.3
+man/man3/ldns_axfr_complete.3
+man/man3/ldns_axfr_last_pkt.3
+man/man3/ldns_axfr_next.3
+man/man3/ldns_axfr_start.3
+man/man3/ldns_b32_ntop_calculate_size.3
+man/man3/ldns_b32_pton_calculate_size.3
+man/man3/ldns_b64_ntop_calculate_size.3
+man/man3/ldns_b64_pton_calculate_size.3
 man/man3/ldns_bget_token.3
 man/man3/ldns_bgetc.3
 man/man3/ldns_bskipcs.3
+man/man3/ldns_bubblebabble.3
 man/man3/ldns_buffer.3
 man/man3/ldns_buffer2pkt_wire.3
+man/man3/ldns_buffer2str.3
 man/man3/ldns_buffer_at.3
 man/man3/ldns_buffer_available.3
 man/man3/ldns_buffer_available_at.3
 man/man3/ldns_buffer_begin.3
 man/man3/ldns_buffer_capacity.3
 man/man3/ldns_buffer_clear.3
+man/man3/ldns_buffer_copy.3
 man/man3/ldns_buffer_current.3
 man/man3/ldns_buffer_end.3
 man/man3/ldns_buffer_export.3
+man/man3/ldns_buffer_export2str.3
 man/man3/ldns_buffer_flip.3
 man/man3/ldns_buffer_free.3
 man/man3/ldns_buffer_limit.3
@@ -129,9 +143,12 @@
 man/man3/ldns_buffer_write_string_at.3
 man/man3/ldns_buffer_write_u16.3
 man/man3/ldns_buffer_write_u16_at.3
+man/man3/ldns_buffer_write_u32.3
+man/man3/ldns_buffer_write_u32_at.3
 man/man3/ldns_buffer_write_u8.3
 man/man3/ldns_buffer_write_u8_at.3
 man/man3/ldns_calc_keytag.3
+man/man3/ldns_calc_keytag_raw.3
 man/man3/ldns_create_nsec.3
 man/man3/ldns_dane_cert2rdf.3
 man/man3/ldns_dane_create_tlsa_owner.3
@@ -139,7 +156,6 @@
 man/man3/ldns_dane_select_certificate.3
 man/man3/ldns_dane_verify.3
 man/man3/ldns_dane_verify_rr.3
-man/man3/ldns_dname.3
 man/man3/ldns_dname2canonical.3
 man/man3/ldns_dname_cat.3
 man/man3/ldns_dname_cat_clone.3
@@ -213,6 +229,13 @@
 man/man3/ldns_dnssec_zone_print.3
 man/man3/ldns_dnssec_zone_sign.3
 man/man3/ldns_dnssec_zone_sign_nsec3.3
+man/man3/ldns_duration2string.3
+man/man3/ldns_duration2time.3
+man/man3/ldns_duration_cleanup.3
+man/man3/ldns_duration_compare.3
+man/man3/ldns_duration_create.3
+man/man3/ldns_duration_create_from_string.3
+man/man3/ldns_duration_type.3
 man/man3/ldns_fget_token.3
 man/man3/ldns_fskipcs.3
 man/man3/ldns_get_errorstr_by_id.3
@@ -230,6 +253,7 @@
 man/man3/ldns_key2buffer_str.3
 man/man3/ldns_key2rr.3
 man/man3/ldns_key2str.3
+man/man3/ldns_key_algo_supported.3
 man/man3/ldns_key_algorithm.3
 man/man3/ldns_key_buf2dsa.3
 man/man3/ldns_key_buf2rsa.3
@@ -396,7 +420,6 @@
 man/man3/ldns_rdf_set_type.3
 man/man3/ldns_rdf_size.3
 man/man3/ldns_rdf_type.3
-man/man3/ldns_resolver_print.3
 man/man3/ldns_rr.3
 man/man3/ldns_rr2buffer_str.3
 man/man3/ldns_rr2buffer_wire.3
@@ -431,7 +454,6 @@
 man/man3/ldns_rr_list_free.3
 man/man3/ldns_rr_list_new.3
 man/man3/ldns_rr_list_pop_rr.3
-man/man3/ldns_rr_list_print.3
 man/man3/ldns_rr_list_push_rr.3
 man/man3/ldns_rr_list_rr_count.3
 man/man3/ldns_rr_list_set_rr_count.3
@@ -487,7 +509,6 @@
 man/man3/ldns_sign_public_rsasha1.3
 man/man3/ldns_status.3
 man/man3/ldns_str2period.3
-man/man3/ldns_str_remove_comment.3
 man/man3/ldns_tcp_connect.3
 man/man3/ldns_tcp_read_wire.3
 man/man3/ldns_tcp_send_query.3
@@ -509,22 +530,27 @@
 man/man3/ldns_verify_rrsig_keylist_notime.3
 man/man3/ldns_verify_rrsig_rsamd5.3
 man/man3/ldns_verify_rrsig_rsasha1.3
+man/man3/ldns_version.3
 man/man3/ldns_wire2dname.3
 man/man3/ldns_wire2pkt.3
 man/man3/ldns_wire2rdf.3
 man/man3/ldns_wire2rr.3
 man/man3/ldns_zone.3
 man/man3/ldns_zone_deep_free.3
+man/man3/ldns_zone_free.3
 man/man3/ldns_zone_glue_rr_list.3
 man/man3/ldns_zone_new.3
 man/man3/ldns_zone_new_frm_fp.3
 man/man3/ldns_zone_new_frm_fp_l.3
 man/man3/ldns_zone_print.3
+man/man3/ldns_zone_print_fmt.3
 man/man3/ldns_zone_push_rr.3
 man/man3/ldns_zone_push_rr_list.3
 man/man3/ldns_zone_rr_count.3
 man/man3/ldns_zone_rrs.3
 man/man3/ldns_zone_set_rrs.3
 man/man3/ldns_zone_set_soa.3
+man/man3/ldns_zone_sign.3
+man/man3/ldns_zone_sign_nsec3.3
 man/man3/ldns_zone_soa.3
 man/man3/ldns_zone_sort.3
diff -r 705d791927c1 -r 43546bb085f8 net/ldns/distinfo
--- a/net/ldns/distinfo Mon Jul 08 07:49:34 2019 +0000
+++ b/net/ldns/distinfo Mon Jul 08 08:25:59 2019 +0000
@@ -1,10 +1,8 @@
-$NetBSD: distinfo,v 1.22 2018/02/13 15:08:11 he Exp $
+$NetBSD: distinfo,v 1.23 2019/07/08 08:25:59 roy Exp $
 
-SHA1 (ldns-1.6.17.tar.gz) = 4218897b3c002aadfc7280b3f40cda829e05c9a4
-RMD160 (ldns-1.6.17.tar.gz) = 5382cfaafa7ec1fadcf390f804fbf14e04d7c03a
-SHA512 (ldns-1.6.17.tar.gz) = 5de42b4b8622591db51efb0956735deee9cd5e0bee12249a03b65c5b45d7c51bf9c2edb310ef9d7431af49aef77d968bfa2455a7dedfa80cde3d433436c83785
-Size (ldns-1.6.17.tar.gz) = 1315403 bytes
-SHA1 (patch-doc_doxyparse.pl) = 8d21d6f1c2e5e8d9ecc16a23dc7a462f0c54b5f7
-SHA1 (patch-examples_ldns-keygen.c) = 12ab1cb2c74f09d763969298a21c9470b748d292
+SHA1 (ldns-1.7.0.tar.gz) = ceeeccf8a27e61a854762737f6ee02f44662c1b8
+RMD160 (ldns-1.7.0.tar.gz) = b0dfb70085258e69dda0fc343f0eece6df52e0a1
+SHA512 (ldns-1.7.0.tar.gz) = 8a4e48bcc2a244b92447a9830b60efbb656fb7955f3559ef2eb6f8e724c4c0208776350c44ccf7dcf1ffe0b7b9d9ccc4cbddc5bc16e8888db494ab4d0bce3bd8
+Size (ldns-1.7.0.tar.gz) = 1304424 bytes
 SHA1 (patch-parse.c) = 3dbf4443b4a068f02e2799e820e8fcbf50abaa15
 SHA1 (patch-str2host.c) = 002e2f04059a9bc2479a8d66335595d4d7dd598f
diff -r 705d791927c1 -r 43546bb085f8 net/ldns/patches/patch-doc_doxyparse.pl
--- a/net/ldns/patches/patch-doc_doxyparse.pl   Mon Jul 08 07:49:34 2019 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,15 +0,0 @@
-$NetBSD: patch-doc_doxyparse.pl,v 1.1 2015/06/18 13:04:29 jperkin Exp $
-
-perl-5.22 compatibility.
-
---- doc/doxyparse.pl.orig      2014-01-10 21:04:41.000000000 +0000
-+++ doc/doxyparse.pl
-@@ -273,7 +273,7 @@ foreach (keys %manpages) {
- 
-       print MAN $MAN_MIDDLE;
- 
--      if (defined(@$also)) {
-+      if (@$also) {
-               print MAN "\n.SH SEE ALSO\n\\fI";
-               print MAN join "\\fR, \\fI", @$also;
-               print MAN "\\fR.\nAnd ";
diff -r 705d791927c1 -r 43546bb085f8 net/ldns/patches/patch-examples_ldns-keygen.c
--- a/net/ldns/patches/patch-examples_ldns-keygen.c     Mon Jul 08 07:49:34 2019 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,76 +0,0 @@
-$NetBSD: patch-examples_ldns-keygen.c,v 1.2 2015/06/18 13:04:29 jperkin Exp $
-
-Get bugfix #573: ldns-keygen write private keys with mode 0600.
-From http://git.nlnetlabs.nl/ldns/commit/?h=develop&id=169f38c1e25750f935838b670871056428977e6b
-Fixes CVE-2014-3209.
-
---- examples/ldns-keygen.c.orig        2014-01-10 21:04:41.000000000 +0000
-+++ examples/ldns-keygen.c
-@@ -10,6 +10,9 @@
- 
- #include <ldns/ldns.h>
- 
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <fcntl.h>
- #include <errno.h>
- 
- #ifdef HAVE_SSL
-@@ -48,6 +51,7 @@ int
- main(int argc, char *argv[])
- {
-       int c;
-+      int fd;
-       char *prog;
- 
-       /* default key size */
-@@ -250,21 +254,21 @@ main(int argc, char *argv[])
-       /* print the priv key to stderr */
-       filename = LDNS_XMALLOC(char, strlen(owner) + 21);
-       snprintf(filename, strlen(owner) + 20, "K%s+%03u+%05u.private", owner, algorithm, (unsigned int) ldns_key_keytag(key));
--      file = fopen(filename, "w");
-+      /* use open() here to prevent creating world-readable private keys (CVE-2014-3209)*/
-+      fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR);
-+      if (fd < 0) {
-+              goto fail;
-+      }
-+
-+      file = fdopen(fd, "w");
-       if (!file) {
--              fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno));
--              ldns_key_deep_free(key);
--              free(owner);
--              ldns_rr_free(pubkey);
--              ldns_rr_free(ds);
--              LDNS_FREE(filename);
--              exit(EXIT_FAILURE);
--      } else {
--              ldns_key_print(file, key);
--              fclose(file);
--              LDNS_FREE(filename);
-+              goto fail;
-       }
- 
-+      ldns_key_print(file, key);
-+      fclose(file);
-+      LDNS_FREE(filename);
-+
-       /* print the DS to .ds */
-       if (algorithm != LDNS_SIGN_HMACMD5 &&
-               algorithm != LDNS_SIGN_HMACSHA1 &&
-@@ -296,6 +300,15 @@ main(int argc, char *argv[])
-       ldns_rr_free(pubkey);
-       ldns_rr_free(ds);
-       exit(EXIT_SUCCESS);
-+
-+fail:
-+      fprintf(stderr, "Unable to open %s: %s\n", filename, strerror(errno));
-+      ldns_key_deep_free(key);
-+      free(owner);
-+      ldns_rr_free(pubkey);
-+      ldns_rr_free(ds);
-+      LDNS_FREE(filename);
-+      exit(EXIT_FAILURE);
- }
- #else
- int



Home | Main Index | Thread Index | Old Index