Created attachment 168086 [details]
patch to bump revisions ofr dependent ports

Comment 2 Olli Hauer 2016-03-13 20:14:47 UTC

Hi Jaap,

before I commit the change, is it correct you want to change the maintainer to sem@FreeBSD ?

Comment 3 Olli Hauer 2016-03-13 20:46:11 UTC

Created attachment 168113 [details]
proposed patch unbound 1.5.8 v1

Hi Jaap,

not sure about the maintainer change to sem@ (was the old maintainer).
Additional the AAAA filter was added as default OPTION, which breaks DNSSEC (regarding the contrib/aaaa-filter-iterator.patch description)

Do you really want to make this changes?

Since I was working also on an update and modernization of the Makefile I've added a new patch with your and mine changed 

- update to 4.1.8
- add ability to build agains openssl or libressl from ports
- add MUNIN_PLUGIN_IMPLIES= BIND8_STATS
- use @sample macro in pkg-plist for nsd.conf
- respect ports/CHANGES 20150926: s/exec/postexec/ in pkg-plist

Please review (special your OPTION_DEFAULT and maintainer change)

(In reply to Olli Hauer from comment #3)

Hi Olli,

> not sure about the maintainer change to sem@ (was the old maintainer).

Oops, thanks for spotting this error.

> Additional the AAAA filter was added as default OPTION, which breaks DNSSEC
> (regarding the contrib/aaaa-filter-iterator.patch description)

No was, was a debugging thing left in.

Note that the files/patch-contrib-aaaa-filter-iterator.patch is obsolete.

>
> Do you really want to make this changes?

So, no.

>
> Since I was working also on an update and modernization of the Makefile I've
> added a new patch with your and mine changed
>
> - update to 4.1.8
> - add ability to build agains openssl or libressl from ports

This is supposed to be there already

> - add MUNIN_PLUGIN_IMPLIES= BIND8_STATS
The is not an unbound option (but nsd)

> - use @sample macro in pkg-plist for nsd.conf
Ah, thanks

> - respect ports/CHANGES 20150926: s/exec/postexec/ in pkg-plist
Not in unbound (but nsd?)

>
> Please review (special your OPTION_DEFAULT and maintainer change)

As explained above, the maintainer change and the AAAA filter was a mistake.

I'm happy to send in a new path for unbound tomorrow with your modernization changes

Meed to check against poudriere first

    jaap

Comment 5 Olli Hauer 2016-03-14 07:22:59 UTC

Ups, my fault, I copied the explanation for the nsd instead the one for unbound.

Here is the correct one:
- update to 1,5,8
- rename OPTION s/MUNIN/MUNIN_PLUGIN/ so it is consistent with nsd
- use OPTIONS_SUB
- use ${opt}_target
- use @sample macro for unbound.conf
- sort pkg-plist

Created attachment 168188 [details]
Improved up date patch

This is the improved patch I promised.

NOTE: The files/patch-contrib-aaaa-filter-iterator.patch should be completely removed!

        jaap

Comment 7 commit-hook 2016-03-15 06:20:35 UTC

A commit references this bug:

Author: ohauer
Date: Tue Mar 15 06:19:53 UTC 2016
New revision: 411142
URL: https://svnweb.freebsd.org/changeset/ports/411142

Log:
  - Update unbound to version 1.5.8

  - add OPTION for DNSTAP logging support
  - rename OPTION s/MUNIN/MUNIN_PLUGIN/ so it is consistent with nsd
  - use OPTIONS_SUB
  - use ${opt}_target
  - use @sample macro for unbound.conf
  - sort pkg-plist

  Features
  - ip-transparent option for FreeBSD with IP_BINDANY socket option.
  - insecure-lan-zones: yesno config option, patch from Dag-Erling Sm?rgrav.
  - RR Type CSYNC support RFC 7477, in debug printout and config input.
  - RR Type OPENPGPKEY support (draft-ietf-dane-openpgpkey-07).
  - [bugzilla: 731 ] tcp-mss, outgoing-tcp-mss options for unbound.conf, patch
    from Daisuke Higashi.
  - Support RFC7686: handle ".onion" Special-Use Domain. It is blocked by
    default, andcan be unblocked with "nodefault" localzone config.
  - ub_ctx_set_stub() function for libunbound to config stub zones.

  The release fixes line endings in the unbound-control-setup script, and
  a potential gost-hash validation failure and handles the ".onion" domain
  to avoid privacy leakage.

  PR:		207948
  Submitted by:	jaap@NLnetLabs.nl (maintainer)

Changes:
  head/dns/unbound/Makefile
  head/dns/unbound/distinfo
  head/dns/unbound/files/patch-contrib-aaaa-filter-iterator.patch
  head/dns/unbound/pkg-plist

Comment 8 commit-hook 2016-03-15 06:21:37 UTC

A commit references this bug:

Author: ohauer
Date: Tue Mar 15 06:21:32 UTC 2016
New revision: 411143
URL: https://svnweb.freebsd.org/changeset/ports/411143

Log:
  - bump PORTREVISION on ports depending on unbound

  PR:		207948
  Submitted by:	jaap@NLnetLabs.nl (maintainer)

Changes:
  head/dns/autotrust/Makefile
  head/dns/getdns/Makefile
  head/mail/opendkim/Makefile
  head/security/gnutls/Makefile
  head/security/strongswan/Makefile

Comment 9 Olli Hauer 2016-03-15 10:56:25 UTC

Patch committed, but I've taken the liberty to use the new pkg-plist sorting.

For reference why this was done, after a manual build you can fire the command 

# make makeplist | grep -v PORTDOCS > PLIST.new

and then compare pkg-plist with PLIST.new.
The new algorithm sorts the file before PLIST_SUB vars replacement and needs less manual rework.

* PORTDOCS are listed even they are specified before in the Makefile

(In reply to Olli Hauer from comment #9)
Thanks for the comment about plist ordering

Comment 11 Olli Hauer 2016-03-15 19:23:15 UTC

(In reply to jaap from comment #10)
My pleasure!
If the MAINTAINER knows some tricks, then the commiters have less to rework ;)

PS:
I've just read about nsd-4.1.9 release on the nsd-user list, should I prepare a patch?

(In reply to Olli Hauer from comment #11)
I'm always trying to make the life of a committer easier.

About the nsd-4.1.9 release, release I just finished trying it out on my poudriere jails. Just updating the number in the Makefile and the distinfo (make makesum) is enough. I can send you a diff now or you can do it ourself.

Comment 13 Olli Hauer 2016-03-15 20:04:33 UTC

Update for nsd-4.1.9 committed with PR 208043