diff options
| author | he <he@pkgsrc.org> | 2022-06-12 08:54:05 +0000 |
|---|---|---|
| committer | he <he@pkgsrc.org> | 2022-06-12 08:54:05 +0000 |
| commit | 49b1cd832619f7e800a71a51331207f26cfe19b0 (patch) | |
| tree | f9aa6da2c75446a54ef9290d16f6c5f648681cdb /security | |
| parent | 68c9175b02f028f1ff374cd4e43e175685d5b5d5 (diff) | |
| download | pkgsrc-49b1cd832619f7e800a71a51331207f26cfe19b0.tar.gz | |
Update OpenDNSSEC2 to version 2.1.10.
Upstream changes:
OpenDNSSEC 2.1.10 - 2021-09-10
* OPENDNSSEC-957: Fix exit code signer daemon to not always report failure.
* OPENDNSSEC-958: Fix immediate resalting after migration from 1.4.
* OPENDNSSEC-959: Emit warning on ods-kaspcheck for NSEC iteration count
that is deemed too high.
* SUPPORT-265: Resolve conflict when deleting keys from HSM whilst
also performing step in key roll process. Typically a message
"key_data_update failed" is present in logs.
* Provided RedHat/CentOS spec file in contrib directory.
Diffstat (limited to 'security')
3 files changed, 7 insertions, 34 deletions
diff --git a/security/opendnssec2/Makefile b/security/opendnssec2/Makefile index e1cfc1c4874..be384bceb98 100644 --- a/security/opendnssec2/Makefile +++ b/security/opendnssec2/Makefile @@ -1,9 +1,8 @@ -# $NetBSD: Makefile,v 1.18 2022/04/18 19:12:00 adam Exp $ +# $NetBSD: Makefile,v 1.19 2022/06/12 08:54:05 he Exp $ # -DISTNAME= opendnssec-2.1.9 +DISTNAME= opendnssec-2.1.10 PKGNAME= ${DISTNAME:S/opendnssec/opendnssec2/} -PKGREVISION= 5 CATEGORIES= security net MASTER_SITES= https://www.opendnssec.org/files/source/ diff --git a/security/opendnssec2/patches/patch-conf_Makefile.in b/security/opendnssec2/patches/patch-conf_Makefile.in index 5e51cd7bec8..774a7ad79f8 100644 --- a/security/opendnssec2/patches/patch-conf_Makefile.in +++ b/security/opendnssec2/patches/patch-conf_Makefile.in @@ -1,18 +1,18 @@ -$NetBSD: patch-conf_Makefile.in,v 1.2 2021/05/04 07:37:19 he Exp $ +$NetBSD: patch-conf_Makefile.in,v 1.3 2022/06/12 08:54:06 he Exp $ Install configs in example config directory. --- conf/Makefile.in.orig 2017-08-10 12:03:23.000000000 +0000 +++ conf/Makefile.in -@@ -399,6 +399,7 @@ sbindir = @sbindir@ +@@ -395,6 +395,7 @@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@/opendnssec +EGDIR=@EGDIR@ - target = @target@ target_alias = @target_alias@ - target_cpu = @target_cpu@ -@@ -679,18 +680,19 @@ regress: $(RNG) + top_build_prefix = @top_build_prefix@ + top_builddir = @top_builddir@ +@@ -671,18 +672,19 @@ regress: $(RNG) (echo "kasp.xml built") install-data-hook: diff --git a/security/opendnssec2/patches/patch-enforcer_utils_1.4-2.0__db__convert_sqlite__convert.sql b/security/opendnssec2/patches/patch-enforcer_utils_1.4-2.0__db__convert_sqlite__convert.sql deleted file mode 100644 index 39224877c19..00000000000 --- a/security/opendnssec2/patches/patch-enforcer_utils_1.4-2.0__db__convert_sqlite__convert.sql +++ /dev/null @@ -1,26 +0,0 @@ -$NetBSD: patch-enforcer_utils_1.4-2.0__db__convert_sqlite__convert.sql,v 1.1 2021/03/05 21:17:25 he Exp $ - -Fix bug in conversion script so that salt gets carried -over and not set to "0" in the target kasp.db, something -OpenDNSSEC will not recover from. - ---- enforcer/utils/1.4-2.0_db_convert/sqlite_convert.sql.orig 2021-02-20 21:04:47.000000000 +0000 -+++ enforcer/utils/1.4-2.0_db_convert/sqlite_convert.sql -@@ -222,7 +222,7 @@ SET denialSalt = ( - WHERE ( - SELECT salt - FROM REMOTE.policies -- WHERE REMOTE.policies.id = policy.id) != null; -+ WHERE REMOTE.policies.id = policy.id) IS NOT NULL; - - UPDATE policy - SET denialSaltLastChange = ( -@@ -232,7 +232,7 @@ SET denialSaltLastChange = ( - WHERE ( - SELECT salt_stamp - FROM REMOTE.policies -- WHERE REMOTE.policies.id = policy.id) != null; -+ WHERE REMOTE.policies.id = policy.id) IS NOT NULL; - - UPDATE policy - SET keysTtl = ( |