diff options
| author | ryoon <ryoon@pkgsrc.org> | 2020-10-01 03:37:02 +0000 |
|---|---|---|
| committer | ryoon <ryoon@pkgsrc.org> | 2020-10-01 03:37:02 +0000 |
| commit | 148b7486e8802085e70b6626aa81731561143531 (patch) | |
| tree | 89eb33006e222b29b5f3d698ced27127b0787088 /net/knot | |
| parent | f7fc3e7a3810a13f1669ae15f2a1f3fdb6434159 (diff) | |
| download | pkgsrc-148b7486e8802085e70b6626aa81731561143531.tar.gz | |
knot: Update to 3.0.0
Changelog:
Version 3.0.0
Wednesday, September 9, 2020
Features:
+ High-performance networking mode using XDP sockets (requires Linux
4.18+)
+ Support for Catalog zones including kcatalogprint utility
+ New DNSSEC validation mode
+ New kzonesign utility --- an interface for manual DNSSEC signing
+ New kxdpgun utility --- high-performance DNS over UDP traffic generator
for Linux
+ DoH support in kdig using GnuTLS and libnghttp2
+ New KSK revoked state (RFC 5011) in manual DNSSEC key management mode
+ Deterministic signing with ECDSA algorithms (requires GnuTLS 3.6.10+)
+ Module synthrecord supports reverse pointer shortening
+ Safe persistent zone data backup and restore
Improvements:
+ Processing depth of CNAME and DNAME chains is limited to 20
+ Non-FQDN is allowed as 'update-owner-name' configuration option value
+ Kdig prints detailed algorithm idendifier for PRIVATEDNS and PRIVATEOID
in multiline mode #334
+ Queries with QTYPE ANY or RRSIG are always responded with at most one
random RRSet
+ The statistics module has negligible performance overhead on modern
CPUs
+ If multithreaded zone signing is enabled, some additional zone
maintenance steps are newly parallelized
+ ACL can be configured by reference to a remote
+ Better CPU cache locality for higher query processing performance
+ Logging to non-syslog streams contains timestamps with the timezone
+ Keeping initial DNSKEY TTL and zone maximum TTL in KASP database to
ensure proper rollover timing in case of TTL changes during the
rollover
+ Responding FORMERR to queries with more OPT records
Bugfixes:
+ Module onlinesign responds NXDOMAIN insted of NOERROR (NODATA) if
DNSSEC not requested
+ Outgoing multi-message transfer can contain invalid compression
pointers under specific conditions
Version 2.9.6
Monday, August 31, 2020
Features:
+ New kdig option '+[no]opttext' to print unknown EDNS options as text if
possible (Thanks to Robert Edmonds)
Improvements:
+ Better error message if no key is ready for submission
+ Improved logging when master is not usable
+ Improved control logging of zone-flush errors if output directory is
specified
+ More precise system error messages when a zone transfer fails
+ Some documentation improvements (especially Offline KSK)
Bugfixes:
+ In the case of many zones, control operations over all zones take lots
of memory
+ Misleading error message on keymgr import-bind #683
+ DS push is triggered upon every zone change even though CDS wasn't
changed
+ Kzonecheck performance penalty with passive keys #688
CSK->KSK+ZSK scheme rollover can end too early
Diffstat (limited to 'net/knot')
| -rw-r--r-- | net/knot/Makefile | 5 | ||||
| -rw-r--r-- | net/knot/PLIST | 6 | ||||
| -rw-r--r-- | net/knot/distinfo | 11 | ||||
| -rw-r--r-- | net/knot/patches/patch-configure | 22 |
4 files changed, 36 insertions, 8 deletions
diff --git a/net/knot/Makefile b/net/knot/Makefile index b917290bfaf..fb245359c78 100644 --- a/net/knot/Makefile +++ b/net/knot/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.56 2020/05/27 14:32:02 ryoon Exp $ +# $NetBSD: Makefile,v 1.57 2020/10/01 03:37:02 ryoon Exp $ -DISTNAME= knot-2.9.5 +DISTNAME= knot-3.0.0 CATEGORIES= net MASTER_SITES= https://secure.nic.cz/files/knot-dns/ EXTRACT_SUFX= .tar.xz @@ -58,6 +58,7 @@ CONF_FILES+= ${EGDIR}/example.com.zone \ INSTALLATION_DIRS= ${EGDIR} OWN_DIRS+= ${VARBASE}/knot +.include "../../databases/lmdb/buildlink3.mk" .include "../../devel/userspace-rcu/buildlink3.mk" .include "../../security/gnutls/buildlink3.mk" .include "../../textproc/jansson/buildlink3.mk" diff --git a/net/knot/PLIST b/net/knot/PLIST index 7441107d869..e7a601b31b0 100644 --- a/net/knot/PLIST +++ b/net/knot/PLIST @@ -1,9 +1,10 @@ -@comment $NetBSD: PLIST,v 1.16 2019/04/15 16:23:03 ryoon Exp $ +@comment $NetBSD: PLIST,v 1.17 2020/10/01 03:37:02 ryoon Exp $ bin/kdig bin/khost bin/knsec3hash bin/knsupdate bin/kzonecheck +bin/kzonesign include/knot/module.h include/libdnssec/binary.h include/libdnssec/crypto.h @@ -77,11 +78,14 @@ man/man1/khost.1 man/man1/knsec3hash.1 man/man1/knsupdate.1 man/man1/kzonecheck.1 +man/man1/kzonesign.1 man/man5/knot.conf.5 +man/man8/kcatalogprint.8 man/man8/keymgr.8 man/man8/kjournalprint.8 man/man8/knotc.8 man/man8/knotd.8 +sbin/kcatalogprint sbin/keymgr sbin/kjournalprint sbin/knotc diff --git a/net/knot/distinfo b/net/knot/distinfo index 850925defcb..029eb88e953 100644 --- a/net/knot/distinfo +++ b/net/knot/distinfo @@ -1,7 +1,8 @@ -$NetBSD: distinfo,v 1.32 2020/05/27 14:32:02 ryoon Exp $ +$NetBSD: distinfo,v 1.33 2020/10/01 03:37:02 ryoon Exp $ -SHA1 (knot-2.9.5.tar.xz) = 33e87dba2610e20d212dd7b56eea875be6881abc -RMD160 (knot-2.9.5.tar.xz) = 74a139694f4124e9437ed0dff30e594501efcb45 -SHA512 (knot-2.9.5.tar.xz) = 6bfd6a720eb512983f934c3bf853ac310391805a102546ed18b3e805d10339837569e970e0e51f64e9d938bc362c8f9d01acb15ca4dca0a66dea9deb6b59cc73 -Size (knot-2.9.5.tar.xz) = 1190872 bytes +SHA1 (knot-3.0.0.tar.xz) = 3bac600cd82dbcc4a238c15d859822c90951abc5 +RMD160 (knot-3.0.0.tar.xz) = e34e17f546cb50364b5536edb9d1f8cd70fd0a7b +SHA512 (knot-3.0.0.tar.xz) = 286861e4127f8c70eeba1e76f2de82e8f89d4c15d2dc3733902f8d19103f6a44b9da97a91bc99168fd4f6024d60b8bc53a78580ed04a6e9cbf8c6ad921780c81 +Size (knot-3.0.0.tar.xz) = 1329064 bytes +SHA1 (patch-configure) = c8d556d66c37093031ecabfe889e3fd6a80bc772 SHA1 (patch-samples_Makefile.in) = 499b8742dbd948e489b01d512bc7a8d8e4fe2e7b diff --git a/net/knot/patches/patch-configure b/net/knot/patches/patch-configure new file mode 100644 index 00000000000..9b0569eae4a --- /dev/null +++ b/net/knot/patches/patch-configure @@ -0,0 +1,22 @@ +$NetBSD: patch-configure,v 1.1 2020/10/01 03:37:02 ryoon Exp $ + +--- configure.orig 2020-09-09 05:51:07.000000000 +0000 ++++ configure +@@ -5472,7 +5472,7 @@ $as_echo "#define AC_APPLE_UNIVERSAL_BUI + presetting ac_cv_c_bigendian=no (or yes) will help" "$LINENO" 5 ;; + esac + +-if test "$endianity" == "little-endian"; then : ++if test "$endianity" = "little-endian"; then : + + + $as_echo "#define ENDIANITY_LITTLE 1" >>confdefs.h +@@ -14016,7 +14016,7 @@ fi + + + +-XDP_VISIBLE_HEADERS=$(test "$enable_xdp" == "no"; echo "$?") ++XDP_VISIBLE_HEADERS=$(test "$enable_xdp" = "no"; echo "$?") + + + if test "$enable_xdp" != "no"; then : |