diff options
| author | pettai <pettai@pkgsrc.org> | 2011-07-27 04:11:25 +0000 |
|---|---|---|
| committer | pettai <pettai@pkgsrc.org> | 2011-07-27 04:11:25 +0000 |
| commit | bbda3e246c678b4bd6efdbd13d54603672419075 (patch) | |
| tree | 5c689bcedf95e4cd389bcbf5f78d5cfb56dec62b | |
| parent | 4aa31883f001ecc7a733e3d790058c62797252c5 (diff) | |
| download | pkgsrc-bbda3e246c678b4bd6efdbd13d54603672419075.tar.gz | |
1.4.12:
Bug Fixes:
* removed ldns-src tarball inside the unbound tarball.
* [bugzilla: 395 ]
fix that id bits of other query may leak out under conditions
* fix replyaddr count wrong after jostled queries, which leads to eventual starvation where the daemon has no replyaddrs left to use.
* fix that the listening socket is not closed when too many remote control connections are made at the same time.
* version number in example config file.
* fix that --enable-static-exe does not complain about it unknown.
* iana portlist updated
1.4.11:
Features:
* log-queries: yesno option, default is no, prints querylog.
* ignore-cd-flag: yesno to provide dnssec to legacy servers.
* Use -flto compiler flag for link time optimization, if supported.
* unbound-control has version number in the header, and uses port number registered with IANA, 8953.
Bug Fixes:
* Fix Makefile for U in environment, since wrong U is more common than deansification necessity.
* defense in depth against the assertion failure bug fixed in 1.4.10, an error is printed to log instead of an assertion failure.
* [bugzilla: 386 ]
--enable-allsymbols option links all binaries to libunbound and reduces install size significantly.
* Fix TTL of SOA so negative TTL is separately cached from normal TTL.
* configure created with newer autoconf 2.66.
* [bugzilla: 378 ]
Fix that configure checks for ldns_get_random presence.
* queries with CD flag set cause DNSSEC validation, but the answer is not withheld if it is bogus. Thus, unbound will retry if it is bad and curb the TTL if it is bad, thus protecting the cache for use by downstream validators.
* val-override-date: -1 ignores dates entirely, for NTP usage.
* harden-below-nxdomain: changed so that it activates when the cached nxdomain is dnssec secure. This avoids backwards incompatibility because those old servers do not have dnssec.
* statistics-interval prints the number of jostled queries to log.
* IPv6 service address for d.root-servers.net (2001:500:2D::D).
* updated ldns tarball to 1.6.10rc2 snapshot
* iana portlist updated.
| -rw-r--r-- | net/unbound/Makefile | 48 | ||||
| -rw-r--r-- | net/unbound/distinfo | 9 | ||||
| -rw-r--r-- | net/unbound/patches/patch-ac | 51 |
3 files changed, 49 insertions, 59 deletions
diff --git a/net/unbound/Makefile b/net/unbound/Makefile index b39b0d6a33c..3151a0dc1a2 100644 --- a/net/unbound/Makefile +++ b/net/unbound/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.15 2011/06/19 16:15:57 pettai Exp $ +# $NetBSD: Makefile,v 1.16 2011/07/27 04:11:25 pettai Exp $ -DISTNAME= unbound-1.4.10 +DISTNAME= unbound-1.4.12 CATEGORIES= net MASTER_SITES= http://www.unbound.net/downloads/ @@ -21,6 +21,49 @@ CONFIGURE_ARGS+= --with-ldns=${BUILDLINK_PREFIX.ldns} CONFIGURE_ARGS+= --with-libexpat=${BUILDLINK_PREFIX.expat} CONFIGURE_ARGS+= --with-pidfile=${VARBASE}/run/unbound.pid CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFBASE} +CONFIGURE_ARGS+= --enable-allsymbols + +# Add the same logic as for ldns, so sha2/gost is configured automatically +.include "../../security/openssl/buildlink3.mk" + +PLIST_VARS+= sha2 gost +.if defined(USE_BUILTIN.openssl) && !empty(USE_BUILTIN.openssl:M[yY][eE][sS]) +PLIST_VARS.gost!= \ + if ${PKG_ADMIN} pmatch 'openssl>=1.0.0' ${BUILTIN_PKG.openssl:Q}; then \ + ${ECHO} "yes"; \ + else \ + ${ECHO} "no"; \ + fi +PLIST_VARS.sha2!= \ + if ${PKG_ADMIN} pmatch 'openssl>=0.9.8' ${BUILTIN_PKG.openssl:Q}; then \ + ${ECHO} "yes"; \ + else \ + ${ECHO} "no"; \ + fi +.else +PLIST_VARS.gost!= \ + if ${PKG_INFO} -qe 'openssl>=1.0.0'; then \ + ${ECHO} yes; \ + else \ + ${ECHO} no; \ + fi +PLIST_VARS.sha2!= \ + if ${PKG_INFO} -qe 'openssl>=0.9.8'; then \ + ${ECHO} yes; \ + else \ + ${ECHO} no; \ + fi +.endif +.if ${PLIST_VARS.gost} == "yes" +CONFIGURE_ARGS+= --enable-gost +.else +CONFIGURE_ARGS+= --disable-gost +.endif +.if ${PLIST_VARS.sha2} == "yes" +CONFIGURE_ARGS+= --enable-sha2 +.else +CONFIGURE_ARGS+= --disable-sha2 +.endif SUBST_CLASSES+= paths SUBST_STAGE.paths= post-configure @@ -48,5 +91,4 @@ PKG_USERS= ${UNBOUND_USER}:${UNBOUND_GROUP} .include "../../textproc/expat/buildlink3.mk" .include "../../net/ldns/buildlink3.mk" -.include "../../security/openssl/buildlink3.mk" .include "../../mk/bsd.pkg.mk" diff --git a/net/unbound/distinfo b/net/unbound/distinfo index af6b487a2dd..77b6f3f13f3 100644 --- a/net/unbound/distinfo +++ b/net/unbound/distinfo @@ -1,6 +1,5 @@ -$NetBSD: distinfo,v 1.13 2011/06/19 16:15:57 pettai Exp $ +$NetBSD: distinfo,v 1.14 2011/07/27 04:11:25 pettai Exp $ -SHA1 (unbound-1.4.10.tar.gz) = ac9ab61a51e147ade69ca8b043fee2ed76336a62 -RMD160 (unbound-1.4.10.tar.gz) = 7102613a43e566d542ca6b571094a8fef3b901e0 -Size (unbound-1.4.10.tar.gz) = 4476504 bytes -SHA1 (patch-ac) = 2ad1a444a425e8583c1212faa4479f0d65061bff +SHA1 (unbound-1.4.12.tar.gz) = c46c05d1fa2402a59c10f51864fd4c62d10a472f +RMD160 (unbound-1.4.12.tar.gz) = 2e3a35f1e72046c9701cd3f51a8a2f58881a03d3 +Size (unbound-1.4.12.tar.gz) = 3506466 bytes diff --git a/net/unbound/patches/patch-ac b/net/unbound/patches/patch-ac deleted file mode 100644 index b62ac30a0f0..00000000000 --- a/net/unbound/patches/patch-ac +++ /dev/null @@ -1,51 +0,0 @@ -$NetBSD: patch-ac,v 1.7 2011/03/21 15:04:32 pettai Exp $ - -$NetBSD: patch-ac,v 1.7 2011/03/21 15:04:32 pettai Exp $ - ---- Makefile.in.orig 2011-01-12 09:17:59.000000000 +0000 -+++ Makefile.in -@@ -102,12 +102,11 @@ UNITTEST_SRC=$(patsubst $(srcdir)/%,%, \ - testcode/readhex.c testcode/ldns-testpkts.c smallapp/worker_cb.c \ - $(COMMON_SRC) - UNITTEST_OBJ=$(addprefix $(BUILD),$(UNITTEST_SRC:.c=.lo)) $(COMPAT_OBJ) --DAEMON_SRC=$(patsubst $(srcdir)/%,%, $(wildcard $(srcdir)/daemon/*.c)) \ -- $(COMMON_SRC) -+DAEMON_SRC=$(patsubst $(srcdir)/%,%, $(wildcard $(srcdir)/daemon/*.c)) - DAEMON_OBJ=$(addprefix $(BUILD),$(DAEMON_SRC:.c=.lo)) $(COMPAT_OBJ) --CHECKCONF_SRC=smallapp/unbound-checkconf.c smallapp/worker_cb.c $(COMMON_SRC) -+CHECKCONF_SRC=smallapp/unbound-checkconf.c smallapp/worker_cb.c - CHECKCONF_OBJ=$(addprefix $(BUILD),$(CHECKCONF_SRC:.c=.lo)) $(COMPAT_OBJ) --CONTROL_SRC=smallapp/unbound-control.c smallapp/worker_cb.c $(COMMON_SRC) -+CONTROL_SRC=smallapp/unbound-control.c smallapp/worker_cb.c - CONTROL_OBJ=$(addprefix $(BUILD),$(CONTROL_SRC:.c=.lo)) $(COMPAT_OBJ) - HOST_SRC=smallapp/unbound-host.c - HOST_OBJ=$(addprefix $(BUILD),$(HOST_SRC:.c=.lo)) $(filter-out $(BUILD)compat/ctime_r.lo, $(COMPAT_OBJ)) -@@ -243,21 +242,21 @@ else - $Q$(LINK_LIB) -export-symbols $(BUILD)clubsyms.def -o $@ $(sort $(LIBUNBOUND_OBJ)) -rpath $(libdir) $(LIBS) - endif - --unbound$(EXEEXT): $(DAEMON_OBJ) $(ldnslib) -+unbound$(EXEEXT): $(DAEMON_OBJ) $(ldnslib) libunbound.la - $(INFO) Link $@ -- $Q$(LINK) -o $@ $(sort $(DAEMON_OBJ)) -lssl $(LIBS) -+ $Q$(LINK) -o $@ $(sort $(DAEMON_OBJ)) libunbound.la -lssl $(LIBS) - --unbound-checkconf$(EXEEXT): $(CHECKCONF_OBJ) $(ldnslib) -+unbound-checkconf$(EXEEXT): $(CHECKCONF_OBJ) $(ldnslib) libunbound.la - $(INFO) Link $@ -- $Q$(LINK) -o $@ $(sort $(CHECKCONF_OBJ)) $(LIBS) -+ $Q$(LINK) -o $@ $(sort $(CHECKCONF_OBJ)) libunbound.la $(LIBS) - --unbound-control$(EXEEXT): $(CONTROL_OBJ) $(ldnslib) -+unbound-control$(EXEEXT): $(CONTROL_OBJ) $(ldnslib) libunbound.la - $(INFO) Link $@ -- $Q$(LINK) -o $@ $(sort $(CONTROL_OBJ)) -lssl $(LIBS) -+ $Q$(LINK) -o $@ $(sort $(CONTROL_OBJ)) libunbound.la -lssl $(LIBS) - - unbound-host$(EXEEXT): $(HOST_OBJ) libunbound.la $(ldnslib) - $(INFO) Link $@ -- $Q$(LINK) -o $@ $(sort $(HOST_OBJ)) -L. -L.libs -lunbound $(LIBS) -+ $Q$(LINK) -o $@ $(sort $(HOST_OBJ)) libunbound.la $(LIBS) - - unbound-anchor$(EXEEXT): $(UBANCHOR_OBJ) libunbound.la $(ldnslib) - $(INFO) Link $@ |