Created attachment 241581 [details] patch to upgrade Release notes Version 2.1.12 of OpenDNSSEC News This is a maintenance release of OpenDNSSEC addressing additional issues relating to the previous bug-fix release. Both installations that use shared keys or want to use salt lengths of zero must use this release. Other installations will benefit too from better reporting in case of issues. RPM for RHEL/CentOS, deb, and tgz packages will be provided for at the same download location. Issues o Ensure debug symbols on RPM-style builds; o Bug fix that prevented restoring state from when salt length was zero; o Bug fix for enforcer daemon crash after deleting key on some systems. Release notes Version 2.1.11 of OpenDNSSEC News This is a maintenance release of OpenDNSSEC addressing a number of different issues. Installation that uses shared keys should migrate to this version especially. Also, installations that want to migrate to an NSEC3 salt of length 0 will benefit (this applies to migration-to only). RPM for RHEL/CentOS, deb, and tgz packages will be provided for at the same download location. Issues o Fixed improper re-use of already used keys when using as a consequence of previous bug in 2.1.6; o Improved reporting upon aborts of daemon process; o Fix for migration to salt of length 0; o Fix for empty IXFR cases; o Degraded log message key_update_failed because this action is retried.
Do you agree to have this update merged into the quarterly branch (MFH to 2023Q2)? Please check if you can turn REINPLACE_CMD uses that replace a static string with another into patch files as per policy.
(In reply to Robert Clausecker from comment #1) Regarding the question about merging: Yes, it is fine to merge this into the quarterly branch Regarding: > Please check if you can turn REINPLACE_CMD uses that replace > a static string with another into patch files as per policy. I really don't understand what you mean here. The REINPLACE_CMDs haven't changed, apart from the first one which is to satisfy the portfmt command. I did notice that there is a small error in the patch, so I'll attach an new one.
Created attachment 241583 [details] Improved patch to upgrade Improved patch to update
(In reply to Jaap Akkerhuis from comment #2) Hi Jaap, portfmt is not mandatory, you do not need to change your port to match it. It's just a convenience tool. REINPLACE_CMD must only be used for dynamic patching, i.e. where the replacement is not known ahead of time (see ยง 4.4.3 Porter's Handbook). Due to the complexity of detecting whether a REINPLACE_CMD is compliant with this rule, portlint has not been told about it. However, looking again, it seems like you only do this change when the MYSQL option is enabled, so it's a dynamic replacement after all.
The patch you sent in attachment #241583 [details] is defective: $ C_ALL=C git apply --index attachment.cgi\?id\=241583 error: corrupt patch at line 15 Please upload a correct patch. Most convenient are patches in git-format-patch(1) format as they already contain your correct authorship information.
Created attachment 241675 [details] Yet another patch to update
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=dae0316326d93d331f90a11ea8564b5441b8db29 commit dae0316326d93d331f90a11ea8564b5441b8db29 Author: Jaap Akkerhuis <jaap@NLnetLabs.nl> AuthorDate: 2023-04-23 12:39:57 +0000 Commit: Robert Clausecker <fuz@FreeBSD.org> CommitDate: 2023-04-23 17:17:06 +0000 dns/opendnssec2: update to 2.1.12 Changelog: https://www.opendnssec.org/2022/11/opendnssec-2-1-12 PR: 270931 dns/opendnssec2/Makefile | 18 +++++------ dns/opendnssec2/distinfo | 6 ++-- .../files/patch-libhsm_src_bin_hsmutil.c (new) | 27 ++++++++++++++++ .../files/patch-libhsm_src_lib_libhsm.c (new) | 37 ++++++++++++++++++++++ 4 files changed, 75 insertions(+), 13 deletions(-)
Thank you for your contribution.