diff options
author | fhajny <fhajny@pkgsrc.org> | 2015-06-10 16:24:44 +0000 |
---|---|---|
committer | fhajny <fhajny@pkgsrc.org> | 2015-06-10 16:24:44 +0000 |
commit | 49f394726a757c7367aa1a2c6c57d49edb78cca6 (patch) | |
tree | 6cd4b32a25a271ce76e2861ed9e742bf82cf25bd | |
parent | 5f57eda81101bfc985505b32ddf42d42833b6c34 (diff) | |
download | pkgsrc-49f394726a757c7367aa1a2c6c57d49edb78cca6.tar.gz |
Update net/powerdns to 3.4.5.
PowerDNS Authoritative Server 3.4.5
Bug fixes:
- Be careful reading empty lines in our config parser and prevent
integer overflow.
- prevent crash after --list-modules (Ruben Kerkhof)
- Limit the maximum length of a qname
Improvements:
- Support /etc/default for our debian/ubuntu packages (Aki Tuomi)
- Detect GCC 5.1 for boost (Ruben Kerkhof)
- Various PKCS#11 fixes and improvements (Aki Tuomi)
- Fix Coverity issues (Aki Tuomi)
- Fix building on OpenBSD (Florian Obser and Ruben Kerkhof)
- Look for mbedtls before polarssl (Ruben Kerkhof)
- Let pkg-config determine botan dependency libs (Ruben Kerkhof)
- Kill some further mallocs and add note to remind us not to add them back
- Move remotebackend-unix test socket to testsdir (Aki Tuomi)
- Defer launch of coprocess until first question (Aki Tuomi)
- pdnssec: check for glue and delegations in parent zones (Kees Monshouwer)
PowerDNS Authoritative Server 3.4.4
Bug fixes:
- Fix rectify-(all)-zones for mixed case domain names
- Fix CVE-2015-1868
- Blocking IO in busy-wait for remote backend (Wieger Opmeer)
- Fix double dot for root MX/SRV in bind slave zone files (Kees Monshouwer)
- Properly lock lmdb database, fixes ticket #1954 (Aki Tuomi)
- Fix segfault in zone2lmdb (Ruben Kerkhof)
New Features:
- pdnssec: warn for insecure wildcards in opt-out zones
- TKEY record type (Aki Tuomi)
- Many PKCS#11 improvements (Aki Tuomi)
- Introduce xfrBlobNoSpaces and use them for TSIG (Aki Tuomi)
Improvements:
- Allow "pdnssec set-nsec3 ZONE" for insecure zones; this saves on
one rectify when securing a NSEC3 zone
- Improvements to the config-file parsing (Aki Tuomi)
- Postgresql check should not touch LDFLAGS (Ruben Kerkhof)
- Log error when remote cannot do AXFR (Aki Tuomi)
- Speed improvements when AXFR is disabled (Christian Hofstaedtler)
- NSEC3 and related RRSIGS are not part of the dnstree (Kees Monshouwer)
- Change ifdef to check for __GLIBC__ instead of __linux__ to prevent
errors with other libc's (James Taylor)
- Try to raise open files before dropping privileges (Aki Tuomi)
- Add newline to carbon error message on auth (Aki Tuomi)
- Make sure we send servfail on error (Aki Tuomi)
- Ship lmdb-example.pl in tarball (Ruben Kerkhof)
- Allocate TCP buffer dynamically, decreasing stack usage
- Throw if getSOA gets non-SOA record
-rw-r--r-- | net/powerdns/Makefile | 3 | ||||
-rw-r--r-- | net/powerdns/Makefile.common | 4 | ||||
-rw-r--r-- | net/powerdns/distinfo | 14 | ||||
-rw-r--r-- | net/powerdns/patches/patch-aa | 13 | ||||
-rw-r--r-- | net/powerdns/patches/patch-pdns_dnspacket.cc | 10 | ||||
-rw-r--r-- | net/powerdns/patches/patch-pdns_tcpreceiver.cc | 28 |
6 files changed, 28 insertions, 44 deletions
diff --git a/net/powerdns/Makefile b/net/powerdns/Makefile index 9afa401b433..183f83b4f2b 100644 --- a/net/powerdns/Makefile +++ b/net/powerdns/Makefile @@ -1,6 +1,5 @@ -# $NetBSD: Makefile,v 1.12 2015/04/17 15:53:14 adam Exp $ +# $NetBSD: Makefile,v 1.13 2015/06/10 16:24:44 fhajny Exp $ -PKGREVISION= 2 .include "Makefile.common" PKGNAME= ${DISTNAME:S/pdns/powerdns/} diff --git a/net/powerdns/Makefile.common b/net/powerdns/Makefile.common index 47573f8e8f0..978b54831f0 100644 --- a/net/powerdns/Makefile.common +++ b/net/powerdns/Makefile.common @@ -1,6 +1,6 @@ -# $NetBSD: Makefile.common,v 1.11 2015/03/27 23:37:52 rodent Exp $ +# $NetBSD: Makefile.common,v 1.12 2015/06/10 16:24:44 fhajny Exp $ -PDNS_VERSION= 3.4.3 +PDNS_VERSION= 3.4.5 DISTNAME= pdns-${PDNS_VERSION} CATEGORIES= net MASTER_SITES= http://downloads.powerdns.com/releases/ diff --git a/net/powerdns/distinfo b/net/powerdns/distinfo index 5eba50bca6b..6ffc027dda7 100644 --- a/net/powerdns/distinfo +++ b/net/powerdns/distinfo @@ -1,16 +1,16 @@ -$NetBSD: distinfo,v 1.18 2015/03/27 23:37:52 rodent Exp $ +$NetBSD: distinfo,v 1.19 2015/06/10 16:24:44 fhajny Exp $ -SHA1 (pdns-3.4.3.tar.bz2) = 578968d94fda8578473bdb357df77ce8e4cb7448 -RMD160 (pdns-3.4.3.tar.bz2) = e8ab5774ceb12178853d6207c4777b60e6c82933 -Size (pdns-3.4.3.tar.bz2) = 1332686 bytes -SHA1 (patch-aa) = 5d7a2f6d7b74139fbdcd7673181ccaeb91f1e565 +SHA1 (pdns-3.4.5.tar.bz2) = 8d848d832d477c85280fa26fb78e4f53b59798f2 +RMD160 (pdns-3.4.5.tar.bz2) = 904b7f30f474aa68e28f0e96779a6ec1e4f31b83 +Size (pdns-3.4.5.tar.bz2) = 1337222 bytes +SHA1 (patch-aa) = a7e66245ab7acbff4f568650ee285ee18a88ea56 SHA1 (patch-ab) = a816def3825c0260642dab85f518bebaf4ba904b SHA1 (patch-modules_luabackend_luabackend.hh) = 23ae1a2c047f367a51b7bfa10a546aeb91cccea4 SHA1 (patch-modules_pipebackend_pipebackend.cc) = 975cf47dc92bf4402167b5a25f85eaf527398c06 SHA1 (patch-modules_pipebackend_pipebackend.hh) = 3ff9f666a1b348810be38ffe67fd740521390630 SHA1 (patch-pdns_botan18signers.cc) = 58df2d630ac46ea2fd1ce2699ce7a3bd927de177 SHA1 (patch-pdns_dns.hh) = 6f47292c573d1a01cdd2ba3312edf17e216c2dbc -SHA1 (patch-pdns_dnspacket.cc) = 822d8f1758069cbdc90f09b29e538257af5f5141 +SHA1 (patch-pdns_dnspacket.cc) = 0b612b1458a1f6e9504959ac7d48f3b29275cdd4 SHA1 (patch-pdns_dnsparser.cc) = 3b7f1929013261d09112394e525dede41e03afff SHA1 (patch-pdns_dnsparser.hh) = 1ad7090312992915a0ad9bf8b006d229262936c3 SHA1 (patch-pdns_dnsscope.cc) = a42bbda2d5d9e2bc2a0004ffc77efcd5d5beeb28 @@ -22,4 +22,4 @@ SHA1 (patch-pdns_pdns_recursor.cc) = 97f3688baef5a7520514764a4590d0b92fa51fda SHA1 (patch-pdns_receiver.cc) = 11e096024b007d53528d61083a65fd5e941fe6eb SHA1 (patch-pdns_recursor__cache.cc) = 36dc4c4691f6d88fb7b6cc452cda19dc07a1b53b SHA1 (patch-pdns_resolver.cc) = 0f3de1aef64d1e24a5b0f87bfdd866c75ff3c1ff -SHA1 (patch-pdns_tcpreceiver.cc) = 0624ac68b2b1f609febb46be97e14c3d358f37b9 +SHA1 (patch-pdns_tcpreceiver.cc) = 994203d32464044ca303973cc27ac4080a654678 diff --git a/net/powerdns/patches/patch-aa b/net/powerdns/patches/patch-aa index 0193bc795e5..0b13f22db9b 100644 --- a/net/powerdns/patches/patch-aa +++ b/net/powerdns/patches/patch-aa @@ -1,19 +1,10 @@ -$NetBSD: patch-aa,v 1.5 2015/03/27 23:37:52 rodent Exp $ +$NetBSD: patch-aa,v 1.6 2015/06/10 16:24:44 fhajny Exp $ -Handle CONF_FILES. `hostname -f` is not portable. +Handle CONF_FILES. Installation destination for example config file. --- pdns/Makefile.in.orig 2015-03-02 13:17:27.000000000 +0000 +++ pdns/Makefile.in -@@ -1176,7 +1176,7 @@ misc.cc unix_utility.cc qtype.cc - pdns_control_LDFLAGS = $(THREADFLAGS) - @UNIT_TESTS_TRUE@TESTS_ENVIRONMENT = env BOOST_TEST_LOG_LEVEL=message - build_date = $(shell LC_TIME=C date '+%Y%m%d%H%M%S') --build_host = $(shell id -u -n)@$(shell hostname -f) -+build_host = $(shell id -u -n)@$(shell hostname) - # Do the test in shell, so we don't confuse automake with ifeq/ifneq. - @RELEASE_BUILD_FALSE@pdns_version = $(shell test -z "$(git_version)" && echo UNKNOWN || echo "git-$(git_version)") - @RELEASE_BUILD_TRUE@pdns_version = $(PACKAGE_VERSION) @@ -1632,18 +1632,18 @@ clean-libtool: -rm -rf .libs _libs install-sysconfDATA: $(sysconf_DATA) diff --git a/net/powerdns/patches/patch-pdns_dnspacket.cc b/net/powerdns/patches/patch-pdns_dnspacket.cc index 3252615535b..877f6e87517 100644 --- a/net/powerdns/patches/patch-pdns_dnspacket.cc +++ b/net/powerdns/patches/patch-pdns_dnspacket.cc @@ -1,20 +1,20 @@ -$NetBSD: patch-pdns_dnspacket.cc,v 1.4 2015/03/27 23:37:52 rodent Exp $ +$NetBSD: patch-pdns_dnspacket.cc,v 1.5 2015/06/10 16:24:44 fhajny Exp $ Resolve boost symbol ambiguity. Avoid ambiguous abs() call. ---- pdns/dnspacket.cc.orig 2015-03-02 13:17:09.000000000 +0000 +--- pdns/dnspacket.cc.orig 2015-04-23 08:09:54.000000000 +0000 +++ pdns/dnspacket.cc @@ -312,7 +312,7 @@ void DNSPacket::wrapup() pos->content="."; pw.startRecord(pos->qname, pos->qtype.getCode(), pos->ttl, pos->qclass, (DNSPacketWriter::Place)pos->d_place); -- shared_ptr<DNSRecordContent> drc(DNSRecordContent::mastermake(pos->qtype.getCode(), 1, pos->content)); -+ boost::shared_ptr<DNSRecordContent> drc(DNSRecordContent::mastermake(pos->qtype.getCode(), 1, pos->content)); +- shared_ptr<DNSRecordContent> drc(DNSRecordContent::mastermake(pos->qtype.getCode(), pos->qclass, pos->content)); ++ boost::shared_ptr<DNSRecordContent> drc(DNSRecordContent::mastermake(pos->qtype.getCode(), pos->qclass, pos->content)); drc->toPacket(pw); if(pw.size() + 20U > (d_tcp ? 65535 : getMaxReplyLen())) { // 20 = room for EDNS0 pw.rollback(); -@@ -601,7 +601,7 @@ bool checkForCorrectTSIG(const DNSPacket +@@ -622,7 +622,7 @@ bool checkForCorrectTSIG(const DNSPacket string message; q->getTSIGDetails(trc, keyname, &message); diff --git a/net/powerdns/patches/patch-pdns_tcpreceiver.cc b/net/powerdns/patches/patch-pdns_tcpreceiver.cc index cdcc1feb0fe..223d61d8707 100644 --- a/net/powerdns/patches/patch-pdns_tcpreceiver.cc +++ b/net/powerdns/patches/patch-pdns_tcpreceiver.cc @@ -1,7 +1,7 @@ -$NetBSD: patch-pdns_tcpreceiver.cc,v 1.3 2015/03/27 23:37:52 rodent Exp $ +$NetBSD: patch-pdns_tcpreceiver.cc,v 1.4 2015/06/10 16:24:44 fhajny Exp $ Resolve boost symbol ambiguity. ---- pdns/tcpreceiver.cc.orig 2015-03-02 13:17:13.000000000 +0000 +--- pdns/tcpreceiver.cc.orig 2015-04-23 08:10:09.000000000 +0000 +++ pdns/tcpreceiver.cc @@ -173,7 +173,7 @@ void connectWithTimeout(int fd, struct s ; @@ -30,8 +30,8 @@ Resolve boost symbol ambiguity. // Fix gcc-4.0 error (on AMD64) int fd=(int)(long)data; // gotta love C (generates a harmless warning on opteron) pthread_detach(pthread_self()); -@@ -286,7 +286,7 @@ void *TCPNameserver::doConnection(void * - getQuestion(fd, mesg, pktlen, remote); +@@ -287,7 +287,7 @@ void *TCPNameserver::doConnection(void * + getQuestion(fd, mesg.get(), pktlen, remote); S.inc("tcp-queries"); - packet=shared_ptr<DNSPacket>(new DNSPacket); @@ -39,7 +39,7 @@ Resolve boost symbol ambiguity. packet->setRemote(&remote); packet->d_tcp=true; packet->setSocket(fd); -@@ -305,8 +305,8 @@ void *TCPNameserver::doConnection(void * +@@ -306,8 +306,8 @@ void *TCPNameserver::doConnection(void * continue; } @@ -50,7 +50,7 @@ Resolve boost symbol ambiguity. if(logDNSQueries) { string remote; if(packet->hasEDNSSubnet()) -@@ -340,7 +340,7 @@ void *TCPNameserver::doConnection(void * +@@ -341,7 +341,7 @@ void *TCPNameserver::doConnection(void * } bool shouldRecurse; @@ -59,7 +59,7 @@ Resolve boost symbol ambiguity. if(shouldRecurse) { proxyQuestion(packet); -@@ -387,7 +387,7 @@ void *TCPNameserver::doConnection(void * +@@ -388,7 +388,7 @@ void *TCPNameserver::doConnection(void * // call this method with s_plock held! @@ -68,7 +68,7 @@ Resolve boost symbol ambiguity. { if(::arg().mustDo("disable-axfr")) return false; -@@ -498,9 +498,9 @@ namespace { +@@ -499,9 +499,9 @@ namespace { return soa; } @@ -80,25 +80,19 @@ Resolve boost symbol ambiguity. ret->setCompress(false); ret->d_dnssecOk=false; // RFC 5936, 2.2.5 ret->d_tcp = true; -@@ -510,7 +510,7 @@ namespace { +@@ -511,9 +511,9 @@ namespace { /** do the actual zone transfer. Return 0 in case of error, 1 in case of success */ -int TCPNameserver::doAXFR(const string &target, shared_ptr<DNSPacket> q, int outsock) +int TCPNameserver::doAXFR(const string &target, boost::shared_ptr<DNSPacket> q, int outsock) { - bool noAXFRBecauseOfNSEC3Narrow=false; - NSEC3PARAMRecordContent ns3pr; -@@ -530,7 +530,7 @@ int TCPNameserver::doAXFR(const string & - } - } - - shared_ptr<DNSPacket> outpacket= getFreshAXFRPacket(q); + boost::shared_ptr<DNSPacket> outpacket= getFreshAXFRPacket(q); if(q->d_dnssecOk) outpacket->d_dnssecOk=true; // RFC 5936, 2.2.5 'SHOULD' - -@@ -926,9 +926,9 @@ int TCPNameserver::doAXFR(const string & + +@@ -935,9 +935,9 @@ int TCPNameserver::doAXFR(const string & return 1; } |