| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
* mistly bugs fix release
* ECC-GOST is not supported by the port yet because of it requires
OpenSSL 1.0.0 from ports. (There is in TODO).
Notes:
svn path=/head/; revision=253056
|
| |
|
|
|
|
|
|
|
| |
PR: ports/144487
Submitted by: ale
Approved by: portmgr (-exp run by erwin)
Notes:
svn path=/head/; revision=252906
|
| |
|
|
|
|
|
|
|
| |
PR: ports/144383
Submitted by: Pavel Chudakov <sonic@4rm.ru>
Approved by: maintainer
Notes:
svn path=/head/; revision=252477
|
| |
|
|
| |
Notes:
svn path=/head/; revision=252459
|
| |
|
|
| |
Notes:
svn path=/head/; revision=252304
|
| |
|
|
|
|
|
|
|
|
| |
The user space command line tools from the latest version of BIND:
dig, host, and nslookup
WWW: https://www.isc.org/software/bind
Notes:
svn path=/head/; revision=251989
|
| |
|
|
|
|
|
| |
Approved by: miwi (mentor), beat (co-mentor)
Notes:
svn path=/head/; revision=251968
|
| |
|
|
|
|
|
|
| |
Reviewed by: exp8 run on pointyhat
Supported by: miwi
Notes:
svn path=/head/; revision=251605
|
| |
|
|
| |
Notes:
svn path=/head/; revision=251603
|
| |
|
|
|
|
|
| |
s#. %%RC_SUBR%%#. /etc/rc.subr#
Notes:
svn path=/head/; revision=251553
|
| |
|
|
|
|
|
| |
IPv6 nameserver addresses.
Notes:
svn path=/head/; revision=251488
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- actually pass the options-enabled arguments to the configure script!
- add the "hide symbols" configurable knob, though I've no idea why
anybody would want to turn that off... except maybe for debugging
- install the "acountry", "adig", and "ahost" programs, since they do
come in useful every now and then
- refresh the patches and add descriptions at the top
Notes:
svn path=/head/; revision=251376
|
| |
|
|
|
|
|
| |
Hat: portmgr
Notes:
svn path=/head/; revision=251368
|
| |
|
|
|
|
|
|
| |
PR: 144737
Submitted by: ghostonthewire <ghostonthewire@gmail.com> (maintainer)
Notes:
svn path=/head/; revision=251306
|
| |
|
|
|
|
|
|
| |
PR: 144864
Submitted by: Olafur Osvaldsson <osvaldsson@icelandic.net> (previous maintainer)
Notes:
svn path=/head/; revision=251282
|
| |
|
|
|
|
|
|
| |
PR: 144865
Submitted by: Olafur Osvaldsson <osvaldsson@icelandic.net> (previous maintainer)
Notes:
svn path=/head/; revision=251281
|
| |
|
|
|
|
|
| |
Reported by: pointyhat
Notes:
svn path=/head/; revision=251278
|
| |
|
|
|
|
|
|
|
|
|
| |
related to the handling of broken DNSSEC trust chains.
This fix is only necessary for those who have DNSSEC validation
enabled and configure trust anchors from third parties, either
manually, or through a system like DLV.
Notes:
svn path=/head/; revision=251154
|
| |
|
|
|
|
|
| |
Changes: http://search.cpan.org/dist/Net-DNS-SEC/Changes
Notes:
svn path=/head/; revision=250987
|
| |
|
|
|
|
|
|
|
|
|
| |
- Respect O3 cflags as requested by the author.
PR: 144535
Submitted by: Sten Spans <sten@blinkenlights.nl> (maintainer)
Approved by: tabthorpe (mentor)
Notes:
svn path=/head/; revision=250967
|
| |
|
|
| |
Notes:
svn path=/head/; revision=250961
|
| |
|
|
| |
Notes:
svn path=/head/; revision=250840
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
security patches to the 9.6.1 version, as well as many other bug fixes.
Due to the fact that the DNSSEC algorithm that will be used to sign the
root zone is only included in this version and in 9.7.x those who wish
to do validation MUST upgrade to one of these prior to July 2010.
Feature safe: yes
Notes:
svn path=/head/; revision=250486
|
| |
|
|
|
|
|
| |
Feature safe: yes
Notes:
svn path=/head/; revision=250257
|
| |
|
|
|
|
|
| |
Feature safe: yes
Notes:
svn path=/head/; revision=250234
|
| |
|
|
|
|
|
|
|
| |
suffix as a result.
Feature safe: yes
Notes:
svn path=/head/; revision=249992
|
| |
|
|
|
|
|
|
| |
PR: ports/143957
Submitted by: Janos Mohacsi <janos.mohacsi AT bsd.hu> (maintainer)
Notes:
svn path=/head/; revision=249892
|
| |
|
|
|
|
|
|
|
| |
PR: ports/143550
Submitted by: Marko Njezic <mrmax063@maxempire.com>
Approved by: Olafur Osvaldsson <osvaldsson@icelandic.net> (maintainer)
Notes:
svn path=/head/; revision=249604
|
| |
|
|
|
|
|
|
| |
PR: ports/143712
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Notes:
svn path=/head/; revision=249562
|
| |
|
|
| |
Notes:
svn path=/head/; revision=249557
|
| |
|
|
|
|
|
|
|
|
| |
- Submitter is now MAINTAINER
PR: ports/143450
Submitted by: Alexey V.Degtyarev <alexey@renatasystems.org>
Notes:
svn path=/head/; revision=249502
|
| |
|
|
|
|
|
|
|
| |
PR: 143605
Submitted by: Cristiano Rolim Pereira <cristianorolim@hotmail.com>
Approved by: maintainer
Notes:
svn path=/head/; revision=249455
|
| |
|
|
|
|
|
|
| |
PR: 143534
Submitted by: Bernhard Froehlich <decke@bluelife.at> (maintainer)
Notes:
svn path=/head/; revision=249438
|
| |
|
|
|
|
|
|
| |
PR: ports/140937
Submitted by: wen
Notes:
svn path=/head/; revision=249359
|
| |
|
|
| |
Notes:
svn path=/head/; revision=249285
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
asynchronously. It is an asynchronous wrapper around getaddrinfo(3),
getnameinfo(3), res_query(3) and res_search(3) from libc and libresolv.
In contrast to GNU's asynchronous name resolving API getaddrinfo_a(),
libasyncns does not make use of UNIX signals for reporting completion of name
queries. Instead, the API exports a standard UNIX file descriptor which may be
integerated cleanly into custom main loops.
In contrast to asynchronous DNS resolving libraries like libdenise, skadns,
adns, libasyncns is just an asynchronous wrapper around the libc's synchronous
getaddrinfo() API, which has the advantage of allowing name resolution using
techniques like Multicast DNS, LDAP or NIS using standard libc NSS (Name
Service Switch) modules. libasyncns is compatible with IPv6 if the underlying
libc is.
libasyncns is very tiny, consisting of just one header and one source file. It
has no dependencies besides libc.
WWW: http://0pointer.de/lennart/projects/libasyncns/
Notes:
svn path=/head/; revision=249223
|
| |
|
|
| |
Notes:
svn path=/head/; revision=249201
|
| |
|
|
|
|
|
| |
Reported by: Michael Meelis <m.meelis at easybow.com>
Notes:
svn path=/head/; revision=249092
|
| |
|
|
|
|
|
|
|
| |
from ISC. It has numerous bug fixes compared to 9.4.3*, however
in the case of this version "extended" only applies till 2010/12/31
so serious BIND users are still encouraged to upgrade to 9.6.x.
Notes:
svn path=/head/; revision=249074
|
| |
|
|
|
|
|
| |
for DNSSEC.
Notes:
svn path=/head/; revision=249052
|
| |
|
|
|
|
|
|
|
| |
(part 13).
Approved by: portmgr (itetcu)
Notes:
svn path=/head/; revision=248744
|
| |
|
|
|
|
|
|
|
| |
(part 12).
Approved by: portmgr (itetcu)
Notes:
svn path=/head/; revision=248740
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
child processes must not shutdown() their sockets
* Fixes and reports a problem occuring with jumping system time,
as reported when running inside some virtual machine. Time jumps
are reported to the log with loglevel NOTICE.
* Delegation now has precedence over wildcard matching
Thanks to Fab for the fix
Fixes bugs #0000038, #0000042
PR: 143223
Submitted by: Hung-Yi Chen <gaod@hychen.org> (maintainer)
Notes:
svn path=/head/; revision=248677
|
| |
|
|
|
|
|
|
|
|
| |
- Removed useless patches
PR: ports/143274
Submitted by: Sofian Brabez <sbrabez gmail.com>
Notes:
svn path=/head/; revision=248663
|
| |
|
|
| |
Notes:
svn path=/head/; revision=248625
|
| |
|
|
|
|
|
|
|
|
| |
- Allow user to set a pid file location with unbound_pidfile="..."
PR: ports/142793 (based on)
Submitted by: Keith Gaughan <k at stereochro.me>
Notes:
svn path=/head/; revision=248554
|
| |
|
|
|
|
|
|
| |
PR: 143060
Submitted by: Konstantin Saurbier <konstantin@saurbier.net> (maintainer)
Notes:
svn path=/head/; revision=248514
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the following vulnerabilities:
BIND 9 Cache Update from Additional Section
https://www.isc.org/advisories/CVE-2009-4022v6
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
A nameserver with DNSSEC validation enabled may incorrectly add
unauthenticated records to its cache that are received during the
resolution of a recursive client query
BIND 9 DNSSEC validation code could cause bogus NXDOMAIN responses
https://www.isc.org/advisories/CVE-2010-0097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097
There was an error in the DNSSEC NSEC/NSEC3 validation code that could
cause bogus NXDOMAIN responses (that is, NXDOMAIN responses for records
proven by NSEC or NSEC3 to exist) to be cached as if they had validated
correctly
These issues only affect systems with DNSSEC validation enabled.
Notes:
svn path=/head/; revision=248498
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update to new upstream release 2.52. Changelog excerpt below the approval.
Approved by: miwi (mentor)
Upstream changelog excerpt (omitting Linux, Solaris and MacOS X specifics):
[...] Re-read the set of network interfaces when re-loading /etc/resolv.conf
if --bind-interfaces is not set. This handles the case that loopback
interfaces do not exist when dnsmasq is first started.
Tweak the PXE code to support port 4011. This should reduce broadcasts and
make things more reliable when other servers are around. It also improves
inter-operability with certain clients.
Make a pxe-service configuration with no filename or boot service type legal:
this does a local boot. eg. pxe-service=x86PC, "Local boot"
Be more conservative in detecting "A for A" queries. Dnsmasq checks if the
name in a type=A query looks like a dotted-quad IP address and answers the
query itself if so, rather than forwarding it. Previously dnsmasq relied in
the library function inet_addr() to convert addresses, and that will accept
some things which are confusing in this context, like 1.2.3 or even just
1234. Now we only do A for A processing for four decimal numbers delimited by
dots.
[...]
Increased the default limit on number of leases to 1000 (from 150). This is
mainly a defence against DoS attacks, and for the average "one for two class
C networks" installation, IP address exhaustion does that just as well.
Making the limit greater than the number of IP addresses available in such an
installation removes a surprise which otherwise can catch people out.
Removed extraneous trailing space in the value of the DNSMASQ_TIME_REMAINING
DNSMASQ_LEASE_LENGTH and DNSMASQ_LEASE_EXPIRES environment variables. Thanks
to Gildas Le Nadan for spotting this.
Provide the network-id tags for a DHCP transaction to the lease-change script
in the environment variable DNSMASQ_TAGS. A good suggestion from Gildas Le
Nadan.
Add support for RFC3925 "Vendor-Identifying Vendor Options". The syntax looks
like this:
--dhcp-option=vi-encap:<enterprise number>, .........
Add support to --dhcp-match to allow matching against RFC3925
"Vendor-Identifying Vendor Classes". The syntax looks like this:
--dhcp-match=tag,vi-encap<enterprise number>, <value>
Add some application specific code to assist in implementing the Broadband
forum TR069 CPE-WAN specification. The details are in contrib/CPE-WAN/README
Increase the default DNS packet size limit to 4096, as recommended by RFC5625
section 4.4.3. This can be reconfigured using --edns-packet-max if needed.
Thanks to Francis Dupont for pointing this out.
Rewrite query-ids even for DNSSEC signed packets, since this is allowed by
RFC5625 section 4.5.
[...]
Fix link error when including Dbus but excluding DHCP.
Thanks to Oschtan for the bug report.
Updated French translation. Thanks to Gildas Le Nadan.
Updated Polish translation. Thanks to Jan Psota.
Updated Spanish translation. Thanks to Chris Chatham.
Notes:
svn path=/head/; revision=248403
|
| |
|
|
|
|
|
|
|
|
| |
Bump PORTREVISION.
Reported by: pointyhat via erwin@
Approved by: maintainer aka jaap at NLnetLabs dot nl
Notes:
svn path=/head/; revision=248114
|
