pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/net/powerdns-recursor
Module Name: pkgsrc
Committed By: fhajny
Date: Thu Mar 9 13:43:49 UTC 2017
Modified Files:
pkgsrc/net/powerdns-recursor: Makefile PLIST distinfo
pkgsrc/net/powerdns-recursor/patches: patch-iputils.hh
patch-kqueuemplexer.cc
Added Files:
pkgsrc/net/powerdns-recursor/patches: patch-qtype.hh
Removed Files:
pkgsrc/net/powerdns-recursor/patches: patch-Makefile.in
patch-dnsparser.cc patch-dnsparser.hh patch-namespaces.hh
patch-pdns__recursor.1 patch-pdns__recursor.cc
patch-rec__channel.cc patch-rec__channel__rec.cc
patch-rec__control.1 patch-recursor__cache.cc patch-reczones.cc
patch-sysdeps_SunOS.inc
Log Message:
Update net/powerdns-recursor to 4.0.4.
PowerDNS Recursor 4.0.4
=======================
Change highlights include:
- Check TSIG signature on IXFR (Security Advisory 2016-04)
- Don't parse spurious RRs in queries when we don't need them
(Security Advisory 2016-02)
- Add 'max-recursion-depth' to limit the number of internal recursion
- Wait until after daemonizing to start the RPZ and protobuf threads
- On RPZ customPolicy, follow the resulting CNAME
- Make the negcache forwarded zones aware
- Cache records for zones that were delegated to from a forwarded zone
- DNSSEC: don't go bogus on zero configured DSs
- DNSSEC: NSEC3 optout and Bogus insecure forward fixes
- DNSSEC: Handle CNAMEs at the apex of secure zones to other secure
zones
PowerDNS Recursor 4.0.3
=======================
Bug fixes
- Call gettag() for TCP queries
- Fix the use of an uninitialized filtering policy
- Parse query-local-address before lua-config-file
- Fix accessing an empty policyCustom, policyName from Lua
- ComboAddress: don't allow invalid ports
- Fix RPZ default policy not being applied over IXFR
- DNSSEC: Actually follow RFC 7646 §2.1
- Add boost context ldflags so freebsd builds can find the libs
- Ignore NS records in a RPZ zone received over IXFR
- Fix build with OpenSSL 1.1.0 final
- Don't validate when a Lua hook took the query
- Fix a protobuf regression (requestor/responder mix-up)
Additions and Enhancements
- Support Boost 1.61+ fcontext
- Add Lua binding for DNSRecord::d_place
PowerDNS Recursor 4.0.2
=======================
Bug fixes
- Set dq.rcode before calling postresolve
- Honor PIE flags.
- Fix build with LibreSSL, for which OPENSSL_VERSION_NUMBER is
irrelevant
- Don't shuffle CNAME records. (thanks to Gert van Dijk for the
extensive bug report!)
- Fix delegation-only
Additions and enhancements
- Respect the timeout when connecting to a protobuf server
- allow newDN to take a DNSName in; document missing methods
- expose SMN toString to lua
- Anonymize the protobuf ECS value as well (thanks to Kai Storbeck of
XS4All for finding this)
- Allow Lua access to the result of the Policy Engine decision, skip
RPZ, finish RPZ implementation
- Remove unused DNSPacket::d_qlen
- RPZ: Use query-local-address(6) by default (thanks to Oli Schacher
of switch.ch for the feature request)
- Move the root DNSSEC data to a header file
PowerDNS Recursor 4.0.1
=======================
Bug fixes
- Improve DNSSEC record skipping for non dnssec queries (Kees
Monshouwer)
- Don't validate zones from the local auth store, go one level down
while validating when there is a CNAME
- Don't go bogus on islands of security
- Check all possible chains for Insecures
- Don't go Bogus on a CNAME at the apex
- RPZ: default policy should also override local data RRs
- Fix a crash when the next name in a chained query is empty and
rec_control current-queries is invoked
Improvements
- OpenSSL 1.1.0 support (Christian Hofstaedtler)
- Fix warnings with gcc on musl-libc (James Taylor)
- Also validate on +DO
- Fail to start when the lua-dns-script does not exist
- Add more Netmask methods for Lua (Aki Tuomi)
- Validate DNSSEC for security polling
- Turn on root-nx-trust by default and log-common-errors=off
- Allow for multiple trust anchors per zone
- Fix compilation warning when building without Protobuf
PowerDNS Recursor 4.0.0
=======================
- Moved to C++ 2011, a cleaner more powerful version of C++ that has
allowed us to improve the quality of implementation in many places.
- Implemented dedicated infrastructure for dealing with DNS names that
is fully "DNS Native" and needs less escaping and unescaping.
- Switched to binary storage of DNS records in all places.
- Moved ACLs to a dedicated Netmask Tree.
- Implemented a version of RCU for configuration changes
- Instrumented our use of the memory allocator, reduced number of
malloc calls substantially.
- The Lua hook infrastructure was redone using LuaWrapper; old scripts
will no longer work, but new scripts are easier to write under the
new interface.
- DNSSEC processing: if you ask for DNSSEC records, you will get them.
- DNSSEC validation: if so configured, PowerDNS perform DNSSEC
validation of your answers.
- Completely revamped Lua scripting API that is "DNSName" native and
therefore far less error prone, and likely faster for most commonly
used scenarios.
- New asynchronous per-domain, per-ip address, query engine.
- RPZ (from file, over AXFR or IXFR) support.
- All caches can now be wiped on suffixes, because of canonical
ordering.
- Many, many more relevant performance metrics, including upstream
authoritative performance measurements.
- EDNS Client Subnet support, including cache awareness of
subnet-varying answers.
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 pkgsrc/net/powerdns-recursor/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/powerdns-recursor/PLIST
cvs rdiff -u -r1.15 -r1.16 pkgsrc/net/powerdns-recursor/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/net/powerdns-recursor/patches/patch-Makefile.in \
pkgsrc/net/powerdns-recursor/patches/patch-sysdeps_SunOS.inc
cvs rdiff -u -r1.2 -r0 \
pkgsrc/net/powerdns-recursor/patches/patch-dnsparser.cc \
pkgsrc/net/powerdns-recursor/patches/patch-dnsparser.hh \
pkgsrc/net/powerdns-recursor/patches/patch-namespaces.hh \
pkgsrc/net/powerdns-recursor/patches/patch-pdns__recursor.1 \
pkgsrc/net/powerdns-recursor/patches/patch-rec__channel__rec.cc \
pkgsrc/net/powerdns-recursor/patches/patch-rec__control.1 \
pkgsrc/net/powerdns-recursor/patches/patch-recursor__cache.cc \
pkgsrc/net/powerdns-recursor/patches/patch-reczones.cc
cvs rdiff -u -r1.1 -r1.2 \
pkgsrc/net/powerdns-recursor/patches/patch-iputils.hh
cvs rdiff -u -r1.2 -r1.3 \
pkgsrc/net/powerdns-recursor/patches/patch-kqueuemplexer.cc
cvs rdiff -u -r1.4 -r0 \
pkgsrc/net/powerdns-recursor/patches/patch-pdns__recursor.cc
cvs rdiff -u -r0 -r1.1 pkgsrc/net/powerdns-recursor/patches/patch-qtype.hh
cvs rdiff -u -r1.3 -r0 \
pkgsrc/net/powerdns-recursor/patches/patch-rec__channel.cc
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/net/powerdns-recursor/Makefile
diff -u pkgsrc/net/powerdns-recursor/Makefile:1.18 pkgsrc/net/powerdns-recursor/Makefile:1.19
--- pkgsrc/net/powerdns-recursor/Makefile:1.18 Wed Jun 10 14:40:07 2015
+++ pkgsrc/net/powerdns-recursor/Makefile Thu Mar 9 13:43:49 2017
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.18 2015/06/10 14:40:07 fhajny Exp $
+# $NetBSD: Makefile,v 1.19 2017/03/09 13:43:49 fhajny Exp $
#
-DISTNAME= pdns-recursor-3.7.3
+DISTNAME= pdns-recursor-4.0.4
CATEGORIES= net
MASTER_SITES= http://downloads.powerdns.com/releases/
EXTRACT_SUFX= .tar.bz2
@@ -11,7 +11,7 @@ HOMEPAGE= http://www.powerdns.com/
COMMENT= PowerDNS resolver/recursing nameserver
LICENSE= gnu-gpl-v2
-HAS_CONFIGURE= yes
+GNU_CONFIGURE= yes
USE_LANGUAGES= c c++
USE_TOOLS+= gmake
@@ -19,10 +19,9 @@ RCD_SCRIPTS+= pdns_recursor
EGDIR= ${PREFIX}/share/examples/pdns-recursor
-BUILD_MAKE_FLAGS+= SYSCONFDIR=${PKG_SYSCONFDIR} OPTFLAGS=
+PTHREAD_AUTO_VARS= yes
-INSTALL_MAKE_FLAGS+= BINDIR=${PREFIX}/bin SBINDIR=${PREFIX}/sbin
-INSTALL_MAKE_FLAGS+= SYSCONFDIR=${EGDIR} MANDIR=${PREFIX}/${PKGMANDIR}
+INSTALL_MAKE_FLAGS+= sysconfdir=${EGDIR}
CONF_FILES+= ${EGDIR}/recursor.conf-dist \
${PKG_SYSCONFDIR}/recursor.conf
@@ -34,12 +33,7 @@ CXXFLAGS+= -std=c++11 -Wno-c++11-narrowi
.include "options.mk"
-post-extract:
- ${LN} -s FreeBSD.inc ${WRKSRC}/sysdeps/NetBSD.inc
-
-post-build:
- ${CP} ${WRKSRC}/pdns_recursor.1 ${WRKSRC}/pdns_recursor.8
- ${CP} ${WRKSRC}/rec_control.1 ${WRKSRC}/rec_control.8
-
.include "../../devel/boost-headers/buildlink3.mk"
+.include "../../security/openssl/buildlink3.mk"
+.include "../../mk/pthread.buildlink3.mk"
.include "../../mk/bsd.pkg.mk"
Index: pkgsrc/net/powerdns-recursor/PLIST
diff -u pkgsrc/net/powerdns-recursor/PLIST:1.3 pkgsrc/net/powerdns-recursor/PLIST:1.4
--- pkgsrc/net/powerdns-recursor/PLIST:1.3 Tue Mar 11 14:05:10 2014
+++ pkgsrc/net/powerdns-recursor/PLIST Thu Mar 9 13:43:49 2017
@@ -1,6 +1,6 @@
-@comment $NetBSD: PLIST,v 1.3 2014/03/11 14:05:10 jperkin Exp $
+@comment $NetBSD: PLIST,v 1.4 2017/03/09 13:43:49 fhajny Exp $
bin/rec_control
-man/man8/pdns_recursor.8
-man/man8/rec_control.8
+man/man1/pdns_recursor.1
+man/man1/rec_control.1
sbin/pdns_recursor
share/examples/pdns-recursor/recursor.conf-dist
Index: pkgsrc/net/powerdns-recursor/distinfo
diff -u pkgsrc/net/powerdns-recursor/distinfo:1.15 pkgsrc/net/powerdns-recursor/distinfo:1.16
--- pkgsrc/net/powerdns-recursor/distinfo:1.15 Wed Nov 4 00:35:28 2015
+++ pkgsrc/net/powerdns-recursor/distinfo Thu Mar 9 13:43:49 2017
@@ -1,21 +1,10 @@
-$NetBSD: distinfo,v 1.15 2015/11/04 00:35:28 agc Exp $
+$NetBSD: distinfo,v 1.16 2017/03/09 13:43:49 fhajny Exp $
-SHA1 (pdns-recursor-3.7.3.tar.bz2) = a09d960852ba67c1618dfa9258158a1145f657c1
-RMD160 (pdns-recursor-3.7.3.tar.bz2) = c73738ea571b8ce4ef4c01ee02c971c990d03f42
-SHA512 (pdns-recursor-3.7.3.tar.bz2) = 35b95130e46d04c91adc3c4676a6e5546ac25d21ec576734162764732993d876d34f0e8124b7b6934c8354c0d042ffa5ec30f138b83a9aeaafcefa3808adcf23
-Size (pdns-recursor-3.7.3.tar.bz2) = 245192 bytes
-SHA1 (patch-Makefile.in) = 4aa3fc487afab1795532cc6a09975fa6580625fe
+SHA1 (pdns-recursor-4.0.4.tar.bz2) = e3d2f18e0ea929e425bc9da4256f76331797f691
+RMD160 (pdns-recursor-4.0.4.tar.bz2) = 12b1b7239156d9b898199c02a1edd6875301a7b1
+SHA512 (pdns-recursor-4.0.4.tar.bz2) = 9473dfe9abc509b2bb953139dd7892de2027ee1508902fa0c2cd30dd9a88878fcf44370b8372d573cbab12de32bb8c604005d3b39ea34db2ef86786e689d36ab
+Size (pdns-recursor-4.0.4.tar.bz2) = 1050596 bytes
SHA1 (patch-dns.hh) = 7e9c1b10a066a605b74ebdbee2d894aed50f6c68
-SHA1 (patch-dnsparser.cc) = acd60fbeaa5ad3aa09db306eeaddb1071bbedfb7
-SHA1 (patch-dnsparser.hh) = 289e271629969a50b41e805ae9f092ce75a1483f
-SHA1 (patch-iputils.hh) = 01134b045189653046036d7cb081a2f4d1ed27e4
-SHA1 (patch-kqueuemplexer.cc) = 1e3923aec5f81400eaedffa07c50762da7bdd5c8
-SHA1 (patch-namespaces.hh) = b7abe73b649569819fb070e10d3c926c95589bfb
-SHA1 (patch-pdns__recursor.1) = de3c561e770558850a9f1bdf13f60570d90a5643
-SHA1 (patch-pdns__recursor.cc) = b1d6ba1d1abfbd2759431caffc113bca22513abd
-SHA1 (patch-rec__channel.cc) = dee9fba4bbe240ca2070cdf8a8f303bb2e3bce61
-SHA1 (patch-rec__channel__rec.cc) = b0b277167fff8a080528f6a5cc75a81658f7c66f
-SHA1 (patch-rec__control.1) = 6a38b768cf5ab6f91fcf6eb7e4d5f0c62824f723
-SHA1 (patch-recursor__cache.cc) = c2f86bd695ed01ae6b415a61a099696c87f78d63
-SHA1 (patch-reczones.cc) = f187de66d755a8e134804282ceb7723aa9bd392e
-SHA1 (patch-sysdeps_SunOS.inc) = e2087d1469437c88266bc30566cf9d7415e7af69
+SHA1 (patch-iputils.hh) = aaf3b913fbe26f5daa9c2b16ff24cc9a7a1d7de0
+SHA1 (patch-kqueuemplexer.cc) = 87b3b6670393ee60fc96cf91c5acf575adfd06c0
+SHA1 (patch-qtype.hh) = f14eb9ad7efc7dd4a0ce220c1f93044ef69e99c2
Index: pkgsrc/net/powerdns-recursor/patches/patch-iputils.hh
diff -u pkgsrc/net/powerdns-recursor/patches/patch-iputils.hh:1.1 pkgsrc/net/powerdns-recursor/patches/patch-iputils.hh:1.2
--- pkgsrc/net/powerdns-recursor/patches/patch-iputils.hh:1.1 Wed Jun 10 14:22:29 2015
+++ pkgsrc/net/powerdns-recursor/patches/patch-iputils.hh Thu Mar 9 13:43:49 2017
@@ -1,12 +1,12 @@
-$NetBSD: patch-iputils.hh,v 1.1 2015/06/10 14:22:29 fhajny Exp $
+$NetBSD: patch-iputils.hh,v 1.2 2017/03/09 13:43:49 fhajny Exp $
IP_PKTINFO structure different on NetBSD than expected.
---- iputils.hh.orig 2015-04-21 13:02:57.000000000 +0000
+--- iputils.hh.orig 2017-01-13 08:55:55.000000000 +0000
+++ iputils.hh
@@ -38,6 +38,10 @@
+ #include <boost/tuple/tuple.hpp>
#include <boost/tuple/tuple_comparison.hpp>
- #include <boost/lexical_cast.hpp>
+#if defined(IP_PKTINFO) && defined(__NetBSD__)
+#undef IP_PKTINFO
@@ -14,4 +14,4 @@ IP_PKTINFO structure different on NetBSD
+
#include "namespaces.hh"
- union ComboAddress {
+ #ifdef __APPLE__
Index: pkgsrc/net/powerdns-recursor/patches/patch-kqueuemplexer.cc
diff -u pkgsrc/net/powerdns-recursor/patches/patch-kqueuemplexer.cc:1.2 pkgsrc/net/powerdns-recursor/patches/patch-kqueuemplexer.cc:1.3
--- pkgsrc/net/powerdns-recursor/patches/patch-kqueuemplexer.cc:1.2 Wed Jun 10 14:22:29 2015
+++ pkgsrc/net/powerdns-recursor/patches/patch-kqueuemplexer.cc Thu Mar 9 13:43:49 2017
@@ -1,11 +1,11 @@
-$NetBSD: patch-kqueuemplexer.cc,v 1.2 2015/06/10 14:22:29 fhajny Exp $
+$NetBSD: patch-kqueuemplexer.cc,v 1.3 2017/03/09 13:43:49 fhajny Exp $
kqueue systems normally have sys/event.h
---- kqueuemplexer.cc.orig 2015-04-21 13:02:57.000000000 +0000
+--- kqueuemplexer.cc.orig 2017-01-13 08:55:55.000000000 +0000
+++ kqueuemplexer.cc
-@@ -6,9 +6,7 @@
- #include <boost/lexical_cast.hpp>
+@@ -29,9 +29,7 @@
+ #include "misc.hh"
#include "syncres.hh"
#include <sys/types.h>
-#if defined(__FreeBSD__) || defined(__FreeBSD_kernel__)
Added files:
Index: pkgsrc/net/powerdns-recursor/patches/patch-qtype.hh
diff -u /dev/null pkgsrc/net/powerdns-recursor/patches/patch-qtype.hh:1.1
--- /dev/null Thu Mar 9 13:43:49 2017
+++ pkgsrc/net/powerdns-recursor/patches/patch-qtype.hh Thu Mar 9 13:43:49 2017
@@ -0,0 +1,17 @@
+$NetBSD: patch-qtype.hh,v 1.1 2017/03/09 13:43:49 fhajny Exp $
+
+Avoid symbol pollution on SunOS.
+
+--- qtype.hh.orig 2017-01-13 08:55:55.000000000 +0000
++++ qtype.hh
+@@ -26,6 +26,10 @@
+ #include <vector>
+ #include "namespaces.hh"
+
++#if defined(__sun) && defined(DS)
++#undef DS
++#endif
++
+ /** The QType class is meant to deal easily with the different kind of resource types, like 'A', 'NS',
+ * 'CNAME' etcetera. These types have both a name and a number. This class can seamlessly move between
+ * them. Use it like this:
Home |
Main Index |
Thread Index |
Old Index