aboutsummaryrefslogtreecommitdiff
path: root/dns/bind9-devel
diff options
context:
space:
mode:
authorMathieu Arnold <mat@FreeBSD.org>2021-09-20 17:21:51 +0000
committerMathieu Arnold <mat@FreeBSD.org>2021-09-20 17:23:23 +0000
commit4a91cc902be09c5524ef4522e0c6151f7075207a (patch)
treecde8132a65bc3ae2cd2e6312591a817a6f5b11c9 /dns/bind9-devel
parent41dc4521fa0599b026babca36de71beebe586af6 (diff)
downloadports-4a91cc902be09c5524ef4522e0c6151f7075207a.tar.gz
ports-4a91cc902be09c5524ef4522e0c6151f7075207a.zip
dns/bind9-devel: update to latest commit
Diffstat (limited to 'dns/bind9-devel')
-rw-r--r--dns/bind9-devel/Makefile10
-rw-r--r--dns/bind9-devel/distinfo6
-rw-r--r--dns/bind9-devel/files/extrapatch-bind-min-override-ttl18
-rw-r--r--dns/bind9-devel/files/extrapatch-bind-tools15
-rw-r--r--dns/bind9-devel/files/extrapatch-no-bind-tools11
-rw-r--r--dns/bind9-devel/files/named.in12
-rw-r--r--dns/bind9-devel/files/patch-bin_named_include_named_globals.h4
-rw-r--r--dns/bind9-devel/files/patch-configure.ac4
-rw-r--r--dns/bind9-devel/pkg-help16
-rw-r--r--dns/bind9-devel/pkg-plist29
10 files changed, 36 insertions, 89 deletions
diff --git a/dns/bind9-devel/Makefile b/dns/bind9-devel/Makefile
index 45a2b3c5779b..8a6aff840f2c 100644
--- a/dns/bind9-devel/Makefile
+++ b/dns/bind9-devel/Makefile
@@ -49,13 +49,13 @@ RUN_DEPENDS= bind-tools>0:dns/bind-tools
# XXX: remove tar:bz2
USES= autoreconf compiler:c11 cpe libedit libtool pkgconfig ssl tar:bz2
# ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION= 9.17.15a0.2021.07.06
+ISCVERSION= 9.17.18a0.2021.09.20
# XXX: Remove gitlab
USE_GITLAB= yes
GL_SITE= https://gitlab.isc.org
GL_ACCOUNT= isc-projects
GL_PROJECT= bind9
-GL_COMMIT= f663701b1deab34415f86cfef4172ac71e164edc
+GL_COMMIT= be99fc92b63ef2463cadb2f90162982ed3ed289d
CPE_VENDOR= isc
CPE_VERSION= ${ISCVERSION:C/-.*//}
@@ -98,9 +98,6 @@ OPTIONS_DEFINE= DNSTAP DOCS FIXED_RRSET GEOIP IDN JSON LARGE_FILE LMDB \
MANPAGES OVERRIDECACHE PORTREVISION QUERYTRACE \
START_LATE TCP_FASTOPEN
-OPTIONS_RADIO= CRYPTO
-OPTIONS_RADIO_CRYPTO= NATIVE_PKCS11
-
OPTIONS_GROUP= DLZ
OPTIONS_GROUP_DLZ= DLZ_BDB DLZ_FILESYSTEM DLZ_LDAP DLZ_MYSQL \
DLZ_POSTGRESQL DLZ_STUB
@@ -133,7 +130,6 @@ GSSAPI_NONE_DESC= Disable
LARGE_FILE_DESC= 64-bit file support
LMDB_DESC= Use LMDB for zone management
OVERRIDECACHE_DESC= Use the override-cache patch
-NATIVE_PKCS11_DESC= Use PKCS\#11 native API (**READ HELP**)
PORTREVISION_DESC= Show PORTREVISION in the version string
QUERYTRACE_DESC= Enable the very verbose query tracelogging
START_LATE_DESC= Start BIND late in the boot process (see help)
@@ -198,8 +194,6 @@ MANPAGES_BUILD_DEPENDS= sphinx-build:textproc/py-sphinx
OVERRIDECACHE_EXTRA_PATCHES= ${FILESDIR}/extrapatch-bind-min-override-ttl
-NATIVE_PKCS11_CONFIGURE_ENABLE= native-pkcs11
-
QUERYTRACE_CONFIGURE_ENABLE= querytrace
START_LATE_SUB_LIST= NAMED_BEFORE="LOGIN" \
diff --git a/dns/bind9-devel/distinfo b/dns/bind9-devel/distinfo
index 0d95430036d5..ca046ef53dd2 100644
--- a/dns/bind9-devel/distinfo
+++ b/dns/bind9-devel/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1625573711
-SHA256 (isc-projects-bind9-f663701b1deab34415f86cfef4172ac71e164edc_GL0.tar.gz) = 6e07498a88a5c1525570e777501d96cbad3e9bf7d997fdb4a4da25183bec5663
-SIZE (isc-projects-bind9-f663701b1deab34415f86cfef4172ac71e164edc_GL0.tar.gz) = 6222198
+TIMESTAMP = 1632153636
+SHA256 (isc-projects-bind9-be99fc92b63ef2463cadb2f90162982ed3ed289d_GL0.tar.gz) = 5bdcd0999fb97f70c8622b90270665cccba9467d943984ce06845545ef5c605f
+SIZE (isc-projects-bind9-be99fc92b63ef2463cadb2f90162982ed3ed289d_GL0.tar.gz) = 6192681
diff --git a/dns/bind9-devel/files/extrapatch-bind-min-override-ttl b/dns/bind9-devel/files/extrapatch-bind-min-override-ttl
index 0814e1d03ccd..0277ad45fc8d 100644
--- a/dns/bind9-devel/files/extrapatch-bind-min-override-ttl
+++ b/dns/bind9-devel/files/extrapatch-bind-min-override-ttl
@@ -1,8 +1,8 @@
Add the override-cache-ttl feature.
---- bin/named/config.c.orig 2021-07-06 05:53:30 UTC
+--- bin/named/config.c.orig 2021-09-17 07:10:48 UTC
+++ bin/named/config.c
-@@ -179,6 +179,7 @@ options {\n\
+@@ -182,6 +182,7 @@ options {\n\
notify-source *;\n\
notify-source-v6 *;\n\
nsec3-test-zone no;\n\
@@ -10,9 +10,9 @@ Add the override-cache-ttl feature.
parental-source *;\n\
parental-source-v6 *;\n\
provide-ixfr true;\n\
---- bin/named/server.c.orig 2021-07-06 05:53:30 UTC
+--- bin/named/server.c.orig 2021-09-17 07:10:48 UTC
+++ bin/named/server.c
-@@ -4497,6 +4497,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewl
+@@ -4498,6 +4498,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewl
}
obj = NULL;
@@ -24,7 +24,7 @@ Add the override-cache-ttl feature.
result = named_config_get(maps, "max-cache-ttl", &obj);
INSIST(result == ISC_R_SUCCESS);
view->maxcachettl = cfg_obj_asduration(obj);
---- lib/dns/include/dns/view.h.orig 2021-07-06 05:53:30 UTC
+--- lib/dns/include/dns/view.h.orig 2021-09-17 07:10:48 UTC
+++ lib/dns/include/dns/view.h
@@ -154,6 +154,7 @@ struct dns_view {
bool requestnsid;
@@ -34,9 +34,9 @@ Add the override-cache-ttl feature.
dns_ttl_t maxncachettl;
dns_ttl_t mincachettl;
dns_ttl_t minncachettl;
---- lib/dns/resolver.c.orig 2021-07-06 05:53:30 UTC
+--- lib/dns/resolver.c.orig 2021-09-17 07:10:48 UTC
+++ lib/dns/resolver.c
-@@ -6386,6 +6386,12 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_mes
+@@ -6382,6 +6382,12 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_mes
}
/*
@@ -49,9 +49,9 @@ Add the override-cache-ttl feature.
* Enforce the configure maximum cache TTL.
*/
if (rdataset->ttl > res->view->maxcachettl) {
---- lib/isccfg/namedconf.c.orig 2021-07-06 05:53:30 UTC
+--- lib/isccfg/namedconf.c.orig 2021-09-17 07:10:48 UTC
+++ lib/isccfg/namedconf.c
-@@ -2029,6 +2029,7 @@ static cfg_clausedef_t view_clauses[] = {
+@@ -2050,6 +2050,7 @@ static cfg_clausedef_t view_clauses[] = {
#endif /* ifdef HAVE_LMDB */
{ "max-acache-size", NULL, CFG_CLAUSEFLAG_ANCIENT },
{ "max-cache-size", &cfg_type_sizeorpercent, 0 },
diff --git a/dns/bind9-devel/files/extrapatch-bind-tools b/dns/bind9-devel/files/extrapatch-bind-tools
index e13e588e5aa4..ed20ba2432ba 100644
--- a/dns/bind9-devel/files/extrapatch-bind-tools
+++ b/dns/bind9-devel/files/extrapatch-bind-tools
@@ -1,6 +1,6 @@
Only select the "tools" part of bind for building.
---- Makefile.am.orig 2020-07-20 08:13:37 UTC
+--- Makefile.am.orig 2021-09-17 07:10:48 UTC
+++ Makefile.am
@@ -8,8 +8,6 @@ CLEANFILES = bind.keys.h
bind.keys.h: bind.keys Makefile
@@ -11,17 +11,16 @@ Only select the "tools" part of bind for building.
.PHONY: doc
EXTRA_DIST = \
---- bin/Makefile.am.orig 2020-07-20 08:13:37 UTC
+--- bin/Makefile.am.orig 2021-09-17 07:10:48 UTC
+++ bin/Makefile.am
-@@ -1,4 +1,4 @@
+@@ -1 +1 @@
-SUBDIRS = named rndc dig delv dnssec tools nsupdate check confgen tests plugins
+SUBDIRS = dig delv dnssec tools nsupdate
-
- if HAVE_PKCS11
- SUBDIRS += pkcs11
---- bin/tools/Makefile.am.orig 2020-07-20 08:13:37 UTC
+-SUBDIRS = named rndc dig delv dnssec tools nsupdate check confgen tests plugins
++SUBDIRS = dig delv dnssec tools nsupdate
+--- bin/tools/Makefile.am.orig 2021-09-17 07:10:48 UTC
+++ bin/tools/Makefile.am
-@@ -11,7 +11,6 @@ LDADD = \
+@@ -11,7 +11,6 @@ LDADD += \
bin_PROGRAMS = \
arpaname \
mdig \
diff --git a/dns/bind9-devel/files/extrapatch-no-bind-tools b/dns/bind9-devel/files/extrapatch-no-bind-tools
index 0183e6a803ab..d53088bec0f4 100644
--- a/dns/bind9-devel/files/extrapatch-no-bind-tools
+++ b/dns/bind9-devel/files/extrapatch-no-bind-tools
@@ -1,16 +1,13 @@
Exclude the "tools" from building and installing.
---- bin/Makefile.am.orig 2021-01-04 06:21:13 UTC
+--- bin/Makefile.am.orig 2021-09-17 07:10:48 UTC
+++ bin/Makefile.am
-@@ -1,4 +1,4 @@
+@@ -1 +1 @@
-SUBDIRS = named rndc dig delv dnssec tools nsupdate check confgen tests plugins
+SUBDIRS = named rndc tools check confgen tests plugins
-
- if HAVE_PKCS11
- SUBDIRS += pkcs11
---- bin/tools/Makefile.am.orig 2021-01-04 06:21:13 UTC
+--- bin/tools/Makefile.am.orig 2021-09-17 07:10:48 UTC
+++ bin/tools/Makefile.am
-@@ -9,11 +9,7 @@ LDADD = \
+@@ -9,11 +9,7 @@ LDADD += \
$(LIBISC_LIBS)
bin_PROGRAMS = \
diff --git a/dns/bind9-devel/files/named.in b/dns/bind9-devel/files/named.in
index f1f0fb3e2d03..0d19435000cc 100644
--- a/dns/bind9-devel/files/named.in
+++ b/dns/bind9-devel/files/named.in
@@ -21,7 +21,6 @@
# named_wait_host (str): Hostname to check if named_wait is enabled
# named_auto_forward (str): Set up forwarders from /etc/resolv.conf
# named_auto_forward_only (str): Do "forward only" instead of "forward first"
-%%NATIVE_PKCS11%%# named_pkcs11_engine (str): Path to the PKCS#11 library to use.
#
. /etc/rc.subr
@@ -52,7 +51,6 @@ named_wait=${named_wait:-"NO"}
named_wait_host=${named_wait_host:-"localhost"}
named_auto_forward=${named_auto_forward:-"NO"}
named_auto_forward_only=${named_auto_forward_only:-"NO"}
-%%NATIVE_PKCS11%%named_pkcs11_engine=${named_pkcs11_engine:-""}
# Not configuration variables but having them here keeps rclint happy
required_dirs="${named_chrootdir}"
@@ -334,16 +332,6 @@ named_prestart()
command_args="-u ${named_uid:=root} -c ${named_conf} ${command_args}"
-%%NATIVE_PKCS11%% if [ -z "${named_pkcs11_engine}"]; then
-%%NATIVE_PKCS11%% err 3 "named_pkcs11_engine has to be set to the PKCS#11 engine's library you want to use"
-%%NATIVE_PKCS11%% elif [ ! -f ${named_pkcs11_engine} ]; then
-%%NATIVE_PKCS11%% err 3 "named_pkcs11_engine the PKCS#11 engine's library you want to use doesn't exist"
-%%NATIVE_PKCS11%% else
-%%NATIVE_PKCS11%% mkdir -p ${named_chrootdir}${named_pkcs11_engine%/*}
-%%NATIVE_PKCS11%% cp -p ${named_pkcs11_engine} ${named_chrootdir}${named_pkcs11_engine}
-%%NATIVE_PKCS11%% command_args="-E ${named_pkcs11_engine} ${command_args}"
-%%NATIVE_PKCS11%% fi
-
local line nsip firstns
# Is the user using a sandbox?
diff --git a/dns/bind9-devel/files/patch-bin_named_include_named_globals.h b/dns/bind9-devel/files/patch-bin_named_include_named_globals.h
index 173ad8b5d006..6b9d61afe30c 100644
--- a/dns/bind9-devel/files/patch-bin_named_include_named_globals.h
+++ b/dns/bind9-devel/files/patch-bin_named_include_named_globals.h
@@ -1,8 +1,8 @@
We reference the pid file as being run/named/pid everywere else.
---- bin/named/include/named/globals.h.orig 2021-02-08 02:55:31 UTC
+--- bin/named/include/named/globals.h.orig 2021-09-17 07:10:48 UTC
+++ bin/named/include/named/globals.h
-@@ -130,7 +130,7 @@ EXTERN bool named_g_forcelock INIT(false);
+@@ -133,7 +133,7 @@ EXTERN bool named_g_forcelock INIT(false);
#if NAMED_RUN_PID_DIR
EXTERN const char *named_g_defaultpidfile INIT(NAMED_LOCALSTATEDIR "/run/named/"
diff --git a/dns/bind9-devel/files/patch-configure.ac b/dns/bind9-devel/files/patch-configure.ac
index 417f725db3f2..ed71cb259b09 100644
--- a/dns/bind9-devel/files/patch-configure.ac
+++ b/dns/bind9-devel/files/patch-configure.ac
@@ -1,8 +1,8 @@
automake has warnings, it is ok here.
---- configure.ac.orig 2021-04-26 07:17:12 UTC
+--- configure.ac.orig 2021-09-17 07:10:48 UTC
+++ configure.ac
-@@ -63,7 +63,7 @@ AC_CANONICAL_HOST
+@@ -46,7 +46,7 @@ AC_CANONICAL_HOST
AC_CANONICAL_TARGET
AC_CONFIG_SRCDIR([bin/named/main.c])
diff --git a/dns/bind9-devel/pkg-help b/dns/bind9-devel/pkg-help
index aa85330b21d7..55cdb63c117c 100644
--- a/dns/bind9-devel/pkg-help
+++ b/dns/bind9-devel/pkg-help
@@ -1,19 +1,3 @@
- NATIVE_PKCS11
-When using the NATIVE_PKCS11 option, BIND will use the PKCS#11
-engine specified by the named_pkcss11_engine variable in
-/etc/rc.conf for *all* crypto operations.
-
-This is primarily intended to be used in an authoritative
-case.
-
-If BIND is also operating as a validating resolver,
-NATIVE_PKCS11 should not be used, because the HSM will be
-used for all crypto, including DNSSEC validations, and the
-HSM is likely to be slower than the CPU for this purpose.
-Additionally, the HSM might not support all of the PKCS#11
-API functions needed for signature verification.
-
-
GOST
If using a chrooted instance of BIND on FreeBSD 8.x and 9.x,
the OpenSSL engines MUST be accessible from within the chroot.
diff --git a/dns/bind9-devel/pkg-plist b/dns/bind9-devel/pkg-plist
index 691e7e9f1cac..f5e38c9ba9b6 100644
--- a/dns/bind9-devel/pkg-plist
+++ b/dns/bind9-devel/pkg-plist
@@ -4,10 +4,6 @@ bin/named-checkzone
bin/named-compilezone
bin/named-journalprint
%%LMDB%%bin/named-nzd2nzf
-%%NATIVE_PKCS11%%bin/pkcs11-destroy
-%%NATIVE_PKCS11%%bin/pkcs11-keygen
-%%NATIVE_PKCS11%%bin/pkcs11-list
-%%NATIVE_PKCS11%%bin/pkcs11-tokens
@sample etc/mtree/BIND.chroot.dist.sample
@sample etc/mtree/BIND.chroot.local.dist.sample
%%ETCDIR%%/bind.keys
@@ -163,7 +159,6 @@ include/isc/interfaceiter.h
include/isc/iterated_hash.h
include/isc/lang.h
include/isc/lex.h
-include/isc/lib.h
include/isc/likely.h
include/isc/list.h
include/isc/log.h
@@ -256,28 +251,22 @@ include/ns/stats.h
include/ns/types.h
include/ns/update.h
include/ns/xfrout.h
-include/pk11/constants.h
-include/pk11/internal.h
-include/pk11/pk11.h
-include/pk11/result.h
-include/pk11/site.h
-include/pkcs11/pkcs11.h
lib/bind/filter-a.so
lib/bind/filter-aaaa.so
lib/libbind9.so
-lib/libbind9-9.17.15.so
+lib/libbind9-9.17.18.so
lib/libdns.so
-lib/libdns-9.17.15.so
+lib/libdns-9.17.18.so
lib/libirs.so
-lib/libirs-9.17.15.so
+lib/libirs-9.17.18.so
lib/libisc.so
-lib/libisc-9.17.15.so
+lib/libisc-9.17.18.so
lib/libisccc.so
-lib/libisccc-9.17.15.so
+lib/libisccc-9.17.18.so
lib/libisccfg.so
-lib/libisccfg-9.17.15.so
+lib/libisccfg-9.17.18.so
lib/libns.so
-lib/libns-9.17.15.so
+lib/libns-9.17.18.so
@comment man/man1/arpaname.1.gz
@comment man/man1/delv.1.gz
@comment man/man1/dig.1.gz
@@ -302,10 +291,6 @@ lib/libns-9.17.15.so
@comment man/man1/nsec3hash.1.gz
@comment man/man1/nslookup.1.gz
@comment man/man1/nsupdate.1.gz
-%%MANPAGES%%%%NATIVE_PKCS11%%man/man1/pkcs11-destroy.1.gz
-%%MANPAGES%%%%NATIVE_PKCS11%%man/man1/pkcs11-keygen.1.gz
-%%MANPAGES%%%%NATIVE_PKCS11%%man/man1/pkcs11-list.1.gz
-%%MANPAGES%%%%NATIVE_PKCS11%%man/man1/pkcs11-tokens.1.gz
%%MANPAGES%%man/man5/named.conf.5.gz
%%MANPAGES%%man/man5/rndc.conf.5.gz
%%MANPAGES%%man/man8/ddns-confgen.8.gz