diff options
author | ryoon <ryoon@pkgsrc.org> | 2021-12-17 15:15:58 +0000 |
---|---|---|
committer | ryoon <ryoon@pkgsrc.org> | 2021-12-17 15:15:58 +0000 |
commit | b17292f07a7edb94671daf3f1e88d116080bf5cb (patch) | |
tree | 201ebcd260ede3f03b4183bf602b57c7b8622d9c /net | |
parent | a33fa415c0fe639baf92d14dccdf0ae1a5d431b3 (diff) | |
download | pkgsrc-b17292f07a7edb94671daf3f1e88d116080bf5cb.tar.gz |
knot: Update to 3.1.4
Changelog:
Version 3.1.4
Features:
+ mod-dnstap: added 'responses-with-queries' configuration option (Thanks
to Robert Edmonds)
Improvements:
+ knotd: DNSSEC keys are logged in sorted order by timestamp
+ mod-cookies: added statistics counter for dropped queries due to the
slip limit
+ mod-dnstap: restored the original query QNAME case #773 (Thanks to
Robert Edmonds)
+ configure: improved compatibility of some scripts on macOS and BSDs
+ doc: updates on DNSSEC signing
Bugfixes:
+ knotd: server can crash when receiving queries with NSID EDNS flag #774
(Thanks to Romain Labolle)
+ knotd: server crashes on reload when no interfaces configured #770
+ knotd: ZONEMD without DNSSEC not handled correctly
+ knotd: generated catalog zone not updated on config reload #772
+ knotd: zone catalog not verified before its interpretation
+ knotd: ds-push fails to update the parent zone if a CNAME exists for a
non-terminal node
Version 3.1.3
Monday, October 18, 2021
Improvements:
+ knotd: added simple error logging to orphaned zone purge
+ knotd: allow manual public-only keys for unused algorithm
+ kdig: send ALPN when using DoT or XoT #769
+ doc: various fixes and improvements #767
Bugfixes:
+ knotd: catalog backup doesn't preserve version of the catalog
implementation
+ knotd: NOTIFY is scheduled even when DNSSEC signing is up-to-date
+ knotd: server can crash when zone difference is inconsistent upon cold
start
+ knotd: zone not bootstrapped when zone file load failed due to an error
+ knotd: broken AXFR with knot as slave and dnsmasq as master (Thanks to
Daniel Gr?ber)
+ knotd: journal not able to free up space when zone-in-journal present
and zonefile written
+ mod-stats: missing protocol counters for TCP over XDP
+ kzonesign: input zone name not lower-cased
Version 3.1.2
Features:
+ knotd: new policy configuration for postponing complete deletion of
previous keys
+ keymgr: new optional pretty mode (-b) of listing keys
+ kdig: added support for TCP keepopen #503
Improvements:
+ knotd: configuration item values can contain UTF-8 characters
+ knotd: added configuration check for database storage writability
+ knotd: better error reporting if zone is empty
+ knotd: smaller journal database chunks in order to mitigate LMDB
fragmentation
+ knotd/kxdpgun: CAP_SYS_RESOURCE capability no longer needed for XDP on
Linux >= 5.11
Bugfixes:
+ knotd: incomplete NSEC3 proof in response to opt-outed empty
non-terminal
+ knotd: wrong SOA serial handling when enabling signing on already
existing secondary zone
+ knotd: defective ZONEMD verification error reporting when loading zone
#759
+ knotd: server can crash when reloading catalog zone #761
+ knotd: DNSSEC validation doesn't work when only NSEC3 chain changes
+
knotd: DNSSEC validation doesn't check if empty non-terminal over
non-opt-outed
delegation isn't opt-outed too
+ knotd: ZONEMD generation doesn't cause flushing zone to disk #758
+ knotd: incorrect evaluation of ACL deny rule in combination with TSIG
+ knotd: failed DS-check is replaned even if no key is ready
+ kdig: abort when query times out #763
+ libzscanner: missing output overflow check in the SVCB parsing
Compatibility:
+ keymgr: parameter -d is marked deprecated in favor of new parameter -D
+ kjournalprint: parameter -n is marked deprecated in favor of new
parameter -x
Version 3.1.1
Improvements:
+ keymgr: import-bind sets publish and active timers to now if missing
timers #747
+ mod-rrl: added QNAME, which triggered an action, to log messages #757
+ systemd: added environment variable for setting maximum configuration
DB size
Bugfixes:
+ knotd: adding RRSIGs to a signed zone can lead to redundant RRSIGs for
some NSEC(3)s
+ knotd: code not compiled correctly for ARM on Fedora >= 33
+ knotd: server can crash when opening catalog DB on startup
+ knotd: incorrect catalog update counts in logs
+ knotd: journal discontinuity and zone-in-journal result in incorrectly
calculated journal occupation
+ kdig: +noall does not filter out AUTHORITY comment #749
+ tests: journal unit test not passing if memory page size is different
from 4096
Reverts:
+ libzscanner: reverted "omitted TTL value is correctly set to the last
explicitly stated value (RFC 1035)" #751
Diffstat (limited to 'net')
-rw-r--r-- | net/knot/Makefile | 5 | ||||
-rw-r--r-- | net/knot/distinfo | 8 |
2 files changed, 6 insertions, 7 deletions
diff --git a/net/knot/Makefile b/net/knot/Makefile index 36e398e0e85..169106b863c 100644 --- a/net/knot/Makefile +++ b/net/knot/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.66 2021/12/08 16:06:00 adam Exp $ +# $NetBSD: Makefile,v 1.67 2021/12/17 15:15:58 ryoon Exp $ -DISTNAME= knot-3.1.0 -PKGREVISION= 2 +DISTNAME= knot-3.1.4 CATEGORIES= net MASTER_SITES= https://secure.nic.cz/files/knot-dns/ EXTRACT_SUFX= .tar.xz diff --git a/net/knot/distinfo b/net/knot/distinfo index f6a6c3aae05..539649b6afa 100644 --- a/net/knot/distinfo +++ b/net/knot/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.39 2021/10/26 11:05:51 nia Exp $ +$NetBSD: distinfo,v 1.40 2021/12/17 15:15:58 ryoon Exp $ -BLAKE2s (knot-3.1.0.tar.xz) = 4d8d102c723690d2dfde0dd75a4d0b17ca3c665e322b11891e9e51ee10b31c1e -SHA512 (knot-3.1.0.tar.xz) = 7a76ca1547f6aded1045b8a124ec4e35c61199b822b7692b656ef9bfadb68bdfde097a1ece973725ea14690743da2e2c08717055516b150696e3ac341fa5c728 -Size (knot-3.1.0.tar.xz) = 1401992 bytes +BLAKE2s (knot-3.1.4.tar.xz) = bd81e6be3ee2a6f43f739d5529a5f35d18cf91b8ba2cfc602a8db77def442686 +SHA512 (knot-3.1.4.tar.xz) = 307667a12b989fee443832d4642fc927231f38f0331439c8c7196c489d196245eca368d96a36fe49639b773f652f7cb80bf0c16bc1ad107e11b47b70e1f04060 +Size (knot-3.1.4.tar.xz) = 1408656 bytes SHA1 (patch-samples_Makefile.in) = 499b8742dbd948e489b01d512bc7a8d8e4fe2e7b |