Tue Aug 22 17:00:35 2017 UTC ()
Update net/dnsdist to 1.2.0.

- fix for CVE-2016-7069 and CVE-2017-7557.
- applying rules on cache hits
- addition of runtime changeable rules that matches IP address for a
  certain time: TimedIPSetRule
- SNMP support, exporting statistics and sending traps
- preventing the packet cache from ageing responses when deployed in
  front of authoritative servers
- TTL alteration capabilities
- consistent hash results over multiple deployments
- exporting CNAME records over protobuf
- tuning the size of the ringbuffers used to keep track of recent
  queries and responses
- various DNSCrypt-related fixes and improvements, including automatic
  key rotation

Full changelog:

  https://dnsdist.org/changelog.html


(fhajny)
diff -r1.1 -r1.2 pkgsrc/net/dnsdist/Makefile
diff -r1.2 -r1.3 pkgsrc/net/dnsdist/distinfo
diff -r1.1 -r1.2 pkgsrc/net/dnsdist/patches/patch-dnsdist-console.cc
diff -r1.1 -r1.2 pkgsrc/net/dnsdist/patches/patch-iputils.hh
cvs diff -r1.1 -r1.2 pkgsrc/net/dnsdist/Makefile (expand / switch to unified diff)

--- pkgsrc/net/dnsdist/Makefile 2017/03/31 20:49:51 1.1
+++ pkgsrc/net/dnsdist/Makefile 2017/08/22 17:00:35 1.2
@@ -1,16 +1,16 @@ @@ -1,16 +1,16 @@
1# $NetBSD: Makefile,v 1.1 2017/03/31 20:49:51 fhajny Exp $ 1# $NetBSD: Makefile,v 1.2 2017/08/22 17:00:35 fhajny Exp $
2 2
3DISTNAME= dnsdist-1.1.0 3DISTNAME= dnsdist-1.2.0
4CATEGORIES= net 4CATEGORIES= net
5MASTER_SITES= https://downloads.powerdns.com/releases/ 5MASTER_SITES= https://downloads.powerdns.com/releases/
6EXTRACT_SUFX= .tar.bz2 6EXTRACT_SUFX= .tar.bz2
7 7
8MAINTAINER= filip@joyent.com 8MAINTAINER= filip@joyent.com
9HOMEPAGE= http://dnsdist.org/ 9HOMEPAGE= http://dnsdist.org/
10COMMENT= Highly DNS-, DoS- and abuse-aware loadbalancer 10COMMENT= Highly DNS-, DoS- and abuse-aware loadbalancer
11LICENSE= gnu-gpl-v2 11LICENSE= gnu-gpl-v2
12 12
13GNU_CONFIGURE= yes 13GNU_CONFIGURE= yes
14USE_LANGUAGES= c c++ 14USE_LANGUAGES= c c++
15USE_TOOLS+= gmake pkg-config 15USE_TOOLS+= gmake pkg-config
16 16
cvs diff -r1.2 -r1.3 pkgsrc/net/dnsdist/distinfo (expand / switch to unified diff)

--- pkgsrc/net/dnsdist/distinfo 2017/05/22 23:41:22 1.2
+++ pkgsrc/net/dnsdist/distinfo 2017/08/22 17:00:35 1.3
@@ -1,12 +1,12 @@ @@ -1,12 +1,12 @@
1$NetBSD: distinfo,v 1.2 2017/05/22 23:41:22 joerg Exp $ 1$NetBSD: distinfo,v 1.3 2017/08/22 17:00:35 fhajny Exp $
2 2
3SHA1 (dnsdist-1.1.0.tar.bz2) = 9b6372fc5f606ee83dac465e1dc9c824242f5905 3SHA1 (dnsdist-1.2.0.tar.bz2) = c1af8fbf8a4c5a5bbb1c5154974cf640ffa26acb
4RMD160 (dnsdist-1.1.0.tar.bz2) = 7724641b2be1c3611dd0b2c685cf6e8b7a365e67 4RMD160 (dnsdist-1.2.0.tar.bz2) = b3c23decdf58cc2931a85f5631dc9184f3ff3a6c
5SHA512 (dnsdist-1.1.0.tar.bz2) = 91da716997c2440e153944f510a39dd86c9cf8ba8093a7f51a9a5d58ab0a1c230bd99ec57fe8ff0721279c8c4429ad576fe797c1fbe4cde2b9fb8f0405025320 5SHA512 (dnsdist-1.2.0.tar.bz2) = 93f8c5f18462d3291c973a690f6ac2b3c5791d9947bee83d9250b503b7526de365bdcb530f3b082e51ae168a9129e77d5558af7cc3b9d2e98a585af53783c237
6Size (dnsdist-1.1.0.tar.bz2) = 874837 bytes 6Size (dnsdist-1.2.0.tar.bz2) = 876104 bytes
7SHA1 (patch-dns.hh) = 13834e3d9f48b3095ce4912540c7d0d275c3a3a3 7SHA1 (patch-dns.hh) = 13834e3d9f48b3095ce4912540c7d0d275c3a3a3
8SHA1 (patch-dnsdist-console.cc) = 51fee0e89b648e0f9c2e6c0d9a6859ef2991a1b7 8SHA1 (patch-dnsdist-console.cc) = ee5f40a2257128eb7fcc2b581ec9aa997c1b7358
9SHA1 (patch-dnsdist.cc) = 2b2bf569c134019dd8a5d4f3df104fdd16a47a31 9SHA1 (patch-dnsdist.cc) = 2b2bf569c134019dd8a5d4f3df104fdd16a47a31
10SHA1 (patch-ext_json11_json11.cpp) = 9fb12578d80103b8b92e984a483cbda98fd83db8 10SHA1 (patch-ext_json11_json11.cpp) = 9fb12578d80103b8b92e984a483cbda98fd83db8
11SHA1 (patch-iputils.hh) = 666fe81cc651b2c7e85164b8246283e301bcce1a 11SHA1 (patch-iputils.hh) = 78ffc93b3062d18a02a9ea67e4c6d58d8df7bdbb
12SHA1 (patch-qtype.hh) = 4551be1e303a31d34030c363849398923f5ff987 12SHA1 (patch-qtype.hh) = 4551be1e303a31d34030c363849398923f5ff987
cvs diff -r1.1 -r1.2 pkgsrc/net/dnsdist/patches/patch-dnsdist-console.cc (expand / switch to unified diff)

--- pkgsrc/net/dnsdist/patches/patch-dnsdist-console.cc 2017/03/31 20:49:51 1.1
+++ pkgsrc/net/dnsdist/patches/patch-dnsdist-console.cc 2017/08/22 17:00:35 1.2
@@ -1,15 +1,15 @@ @@ -1,15 +1,15 @@
1$NetBSD: patch-dnsdist-console.cc,v 1.1 2017/03/31 20:49:51 fhajny Exp $ 1$NetBSD: patch-dnsdist-console.cc,v 1.2 2017/08/22 17:00:35 fhajny Exp $
2 2
3Add NetBSD support. 3Add NetBSD support.
4 4
5--- dnsdist-console.cc.orig 2016-12-29 12:45:46.000000000 +0000 5--- dnsdist-console.cc.orig 2017-08-21 12:52:09.000000000 +0000
6+++ dnsdist-console.cc 6+++ dnsdist-console.cc
7@@ -22,7 +22,7 @@ 7@@ -23,7 +23,7 @@
8 #include "dnsdist.hh" 
9 #include "sodcrypto.hh" 8 #include "sodcrypto.hh"
 9 #include "pwd.h"
10  10
11-#if defined (__OpenBSD__) 11-#if defined (__OpenBSD__)
12+#if defined (__OpenBSD__) || defined (__NetBSD__) 12+#if defined (__OpenBSD__) || defined (__NetBSD__)
13 #include <readline/readline.h> 13 #include <readline/readline.h>
14 #include <readline/history.h> 14 #include <readline/history.h>
15 #else 15 #else
cvs diff -r1.1 -r1.2 pkgsrc/net/dnsdist/patches/patch-iputils.hh (expand / switch to unified diff)

--- pkgsrc/net/dnsdist/patches/patch-iputils.hh 2017/03/31 20:49:51 1.1
+++ pkgsrc/net/dnsdist/patches/patch-iputils.hh 2017/08/22 17:00:35 1.2
@@ -1,50 +1,19 @@ @@ -1,50 +1,19 @@
1$NetBSD: patch-iputils.hh,v 1.1 2017/03/31 20:49:51 fhajny Exp $ 1$NetBSD: patch-iputils.hh,v 1.2 2017/08/22 17:00:35 fhajny Exp $
2 2
3- Do not use IP_PKTINFO on NetBSD, the structure is not as expected. 3- Do not use IP_PKTINFO on NetBSD, the structure is not as expected.
4- Backport fix for SunOS segfault problem, see: 4- Backport fix for SunOS segfault problem, see:
5 https://github.com/PowerDNS/pdns/pull/4877 5 https://github.com/PowerDNS/pdns/pull/4877
6 6
7--- iputils.hh.orig 2017-01-17 08:43:49.000000000 +0000 7--- iputils.hh.orig 2017-01-17 08:43:49.000000000 +0000
8+++ iputils.hh 8+++ iputils.hh
9@@ -40,6 +40,10 @@ 9@@ -40,6 +40,10 @@
10  10
11 #include "namespaces.hh" 11 #include "namespaces.hh"
12  12
13+#if defined(__NetBSD__) && defined(IP_PKTINFO) 13+#if defined(__NetBSD__) && defined(IP_PKTINFO)
14+#undef IP_PKTINFO 14+#undef IP_PKTINFO
15+#endif 15+#endif
16+ 16+
17 #ifdef __APPLE__ 17 #ifdef __APPLE__
18 #include <libkern/OSByteOrder.h> 18 #include <libkern/OSByteOrder.h>
19  19
20@@ -59,23 +63,22 @@ 
21 #define le64toh(x) OSSwapLittleToHostInt64(x) 
22 #endif 
23  
24-// for illumos 
25-#ifdef BE_64 
26+#ifdef __sun 
27  
28 #define htobe16(x) BE_16(x) 
29 #define htole16(x) LE_16(x) 
30-#define be16toh(x) BE_IN16(x) 
31-#define le16toh(x) LE_IN16(x) 
32+#define be16toh(x) BE_IN16(&(x)) 
33+#define le16toh(x) LE_IN16(&(x)) 
34  
35 #define htobe32(x) BE_32(x) 
36 #define htole32(x) LE_32(x) 
37-#define be32toh(x) BE_IN32(x) 
38-#define le32toh(x) LE_IN32(x) 
39+#define be32toh(x) BE_IN32(&(x)) 
40+#define le32toh(x) LE_IN32(&(x)) 
41  
42 #define htobe64(x) BE_64(x) 
43 #define htole64(x) LE_64(x) 
44-#define be64toh(x) BE_IN64(x) 
45-#define le64toh(x) LE_IN64(x) 
46+#define be64toh(x) BE_IN64(&(x)) 
47+#define le64toh(x) LE_IN64(&(x)) 
48  
49 #endif 
50