Wed Oct 5 20:28:01 2016 UTC ()
Features
- Create a pkg-config file for libunbound in contrib.
- TCP Fast open.
- Finegrained localzone control with define-tag, access-control-tag,
access-control-tag-action, access-control-tag-data, local-zone-tag, and
local-zone-override. And added types always_transparent, always_refuse,
always_nxdomain with that.
- If more than half of tcp connections are in use, a shorter timeout
is used (200 msec, vs 2 minutes) to pressure tcp for new connects.
- [bugzilla: 787 ] Fix #787: outgoing-interface netblock/64 ipv6
option to use linux freebind to use 64bits of entropy for every query
with random local part.
- For #787: prefer-ip6 option for unbound.conf prefers to send
upstream queries to ipv6 servers.
- Add default root hints for IPv6 E.ROOT-SERVERS.NET, 2001:500:a8::e.
- keep debug symbols in windows build.
Bug Fixes:
----------
- [bugzilla: 778 ] Fix unbound 1.5.9: -h segfault (null deref).
- Fix unbound-anchor.exe file location defaults to Program Files with
(x86) appended.
- Fix to not ignore return value of chown() in daemon startup.
- Better help text from -h.
- [bugzilla: 773 ] Fix Non-standard Python location build failure with
pyunbound.
- Improve threadsafety for openssl 0.9.8 ecdsa dnssec signatures.
- Revert fix for NetworkService account on windows due to breakage it
causes.
- Fix that windows install will not overwrite existing service.conf
file (and ignore gui config choices if it exists).
- And delete service.conf.shipped on uninstall.
- In unbound.conf directory: dir immediately changes to that
directory, so that include: file below that is relative to that
directory. With chroot, make the directory an absolute path inside chroot.
- do not delete service.conf on windows uninstall.
- document directory immediate fix and allow EXECUTABLE syntax in it
on windows.
- Fix directory: fix for unbound-checkconf, it restores cwd.
- Use QTYPE=A for QNAME minimisation.
- Keep track of number of time-outs when performing QNAME
minimisation. Stop minimising when number of time-outs for a QNAME/QTYPE
pair is more than three.
- [bugzilla: 775 ] Fix unbound-host and unbound-anchor crash on
windows, ignore null delete for wsaevent.
- Fix spelling in freebind option man page text.
- Fix windows link of ssl with crypt32.
- [bugzilla: 779 ] Fix Union casting is non-portable.
- [bugzilla: 780 ] Fix MAP_ANON not defined in HP-UX 11.31.
- [bugzilla: 781 ] Fix prealloc() is an HP-UX system library call.
- Decrease dp attempts at each QNAME minimisation iteration
- [bugzilla: 784 ] Fix Build configure assumess that having getpwnam
means there is endpwent function available.
- Updated repository with newer flex and bison output.
- Fix static compile on windows missing gdi32.
- Fix dynamic link of anchor-update.exe on windows.
- Fix detect of mingw for MXE package build.
- Fixes for 64bit windows compile.
- [bugzilla: 788 ] Fix for nettle 3.0: Failed to build with Nettle >=
3.0 and --with-libunbound-only --with-nettle.
- Fixed unbound.doxygen for 1.8.11.
- [bugzilla: 798 ] Fix Client-side TCP fast open fails (Linux).
- [bugzilla: 801 ] Fix missing error condition handling in
daemon_create_workers().
- [bugzilla: 802 ] Fix workaround for function parameters that are
"unused" without log_assert.
- [bugzilla: 803 ] Fix confusing (and incorrect) code comment in
daemon_cleanup().
- [bugzilla: 806 ] Fix wrong comment removed.
- use sendmsg instead of sendto for TFO.
- [bugzilla: 807 ] Fix workaround for possible some "unused" function
parameters in test code.
- Note that OPENPGPKEY type is RFC 7929.
- [bugzilla: 804 ] Fix #804: unbound stops responding after outage.
Fixes queries that attempt to wait for an empty list of subqueries.
- Fix for #804: lower num_target_queries for iterator also for failed
lookups.
- [bugzilla: 820 ] Fix set sldns_str2wire_rr_buf() dual meaning len
parameter in each iteration in find_tag_datas().
- [bugzilla: 777 ] Fix OpenSSL 1.1.0 compatibility.
- RFC 7958 is now out, updated docs for unbound-anchor.
- Fix for compile without warnings with openssl 1.1.0.
- [bugzilla: 826 ] Fix refuse_non_local could result in a broken response.
- iana portlist update.
- Fix compile with openssl 1.1.0 with api=1.1.0.
- [bugzilla: 829 ] Fix doc of sldns_wire2str_rdata_buf() return value
has an off-by-one typo.
- Fix incomplete prototypes reported by Dag-Erling Smę·”rgrav.
- [bugzilla: 828 ] Fix missing type in access-control-tag-action
redirect results in NXDOMAIN.
- Take configured minimum TTL into consideration when reducing TTL to
original TTL from RRSIG.
- [bugzilla: 831 ] Fix workaround for spurious fread_chk warning
against petal.c
- Silenced flex-generated sign-unsigned warning print with gcc
diagnostic pragma.
- Fix for new splint on FreeBSD. Fix cast for sockaddr_un.sun_len.
- fix potential memory leak in daemon/remote.c and nullpointer
dereference in validator/autotrust.
- [bugzilla: 883 ] Fix error for duplicate local zone entry.
- [bugzilla: 835 ] Fix --disable-dsa with nettle verify.
(pettai)
diff -r1.46 -r1.47 pkgsrc/net/unbound/Makefile
diff -r1.32 -r1.33 pkgsrc/net/unbound/distinfo
--- pkgsrc/net/unbound/Makefile 2016/06/16 13:50:39 1.46
+++ pkgsrc/net/unbound/Makefile 2016/10/05 20:28:01 1.47
| @@ -1,16 +1,16 @@ | | | @@ -1,16 +1,16 @@ |
1 | # $NetBSD: Makefile,v 1.46 2016/06/16 13:50:39 pettai Exp $ | | 1 | # $NetBSD: Makefile,v 1.47 2016/10/05 20:28:01 pettai Exp $ |
2 | | | 2 | |
3 | DISTNAME= unbound-1.5.9 | | 3 | DISTNAME= unbound-1.5.10 |
4 | CATEGORIES= net | | 4 | CATEGORIES= net |
5 | MASTER_SITES= http://www.unbound.net/downloads/ | | 5 | MASTER_SITES= http://www.unbound.net/downloads/ |
6 | | | 6 | |
7 | MAINTAINER= pettai@NetBSD.org | | 7 | MAINTAINER= pettai@NetBSD.org |
8 | HOMEPAGE= http://www.unbound.net/ | | 8 | HOMEPAGE= http://www.unbound.net/ |
9 | COMMENT= DNS resolver and recursive server | | 9 | COMMENT= DNS resolver and recursive server |
10 | LICENSE= modified-bsd | | 10 | LICENSE= modified-bsd |
11 | | | 11 | |
12 | BUILD_DEFS+= VARBASE UNBOUND_USER UNBOUND_GROUP | | 12 | BUILD_DEFS+= VARBASE UNBOUND_USER UNBOUND_GROUP |
13 | FILES_SUBST+= UNBOUND_USER=${UNBOUND_USER} UNBOUND_GROUP=${UNBOUND_GROUP} | | 13 | FILES_SUBST+= UNBOUND_USER=${UNBOUND_USER} UNBOUND_GROUP=${UNBOUND_GROUP} |
14 | | | 14 | |
15 | GNU_CONFIGURE= yes | | 15 | GNU_CONFIGURE= yes |
16 | USE_LIBTOOL= yes | | 16 | USE_LIBTOOL= yes |
--- pkgsrc/net/unbound/distinfo 2016/06/16 13:50:39 1.32
+++ pkgsrc/net/unbound/distinfo 2016/10/05 20:28:01 1.33
| @@ -1,6 +1,6 @@ | | | @@ -1,6 +1,6 @@ |
1 | $NetBSD: distinfo,v 1.32 2016/06/16 13:50:39 pettai Exp $ | | 1 | $NetBSD: distinfo,v 1.33 2016/10/05 20:28:01 pettai Exp $ |
2 | | | 2 | |
3 | SHA1 (unbound-1.5.9.tar.gz) = 4882c52aac0abcd72a86ac5d06e9cd39576620ce | | 3 | SHA1 (unbound-1.5.10.tar.gz) = 6102849c400db3a4195b1f16df8f312568a6ec57 |
4 | RMD160 (unbound-1.5.9.tar.gz) = 4fb82f0e132e422a5d2481517348f1e1802bf23d | | 4 | RMD160 (unbound-1.5.10.tar.gz) = 0907f1501acc5ce943a038f671ef0e7d358b0695 |
5 | SHA512 (unbound-1.5.9.tar.gz) = a0f43a22d2c357b78482e5049fd77b100966964d861536169bd79379c02b96651e52c47f3f5001ac8e1ca474d41f784395adb44b61157487723f9f15287c97f4 | | 5 | SHA512 (unbound-1.5.10.tar.gz) = 1c413886a12d4b626e03e076da6b9ccbcc8fd4769649fef8895eca74199bc22aec33c026e777524e8fe0327045a194f79b52282fe40674a9fb15cac58c4493f6 |
6 | Size (unbound-1.5.9.tar.gz) = 4924965 bytes | | 6 | Size (unbound-1.5.10.tar.gz) = 4941299 bytes |