Created attachment 255837 [details] Patch to upgrade Fixes alo bug #281266 One notable feature is that configuration can be reloaded and evaluated on SIGHUP, when enabled with the new "reload-config" option. Also, DNS cookie secrets will be reevaluated from config too. One notable bugfix is to process and apply non transfer tasks before transfer tasks during reloads. Before, non transfer tasks (such as adding or deleting zones) would be lost when batched together with a transfer task that would fail to apply. nsd 4.11.0 ========== FEATURES: - Support reloading configuration on SIGHUP. - Fix #383: log timestamps in ISO8601 format with timezone. This adds the option `log-time-iso: yes` that logs in ISO8601 format. - Updated cookie secrets management. The default cookie secret file location can be set at compile time with the --with-cookiesecretsfile=path option to configure. The default location is changed to {dbdir}/cookiesecrets.txt. The previous default location will be checked at startup when there is no cookie secrets file at the new default location. A staging cookie can now also be configured in the configuration file and secrets configured in the configuration file now take precedence over those read from file. All DNS related setting in the configuration file will be reevaluated and effectuated after nsd-control reconfig. - Merge #398: RFC 9660 The DNS Zone Version (ZONEVERSION) Option - Merge #406: ohttp and tls-supported-groups SvcParam suppor - Merge #408: NINFO, RKEY, RESINFO, WALLET, CLA and TA RR types - Merge #409: Writing of NSAP-PTR, GPOS and HIP RR types - Merge #407: Better balanced verbosity levels for logging. BUG FIXES: - Fix title underline and declaration after statement warnings. - Add cross platform freebsd, openbsd and netbsd to github ci. - Update simdzone to include fix for netbsd double bswap declarations, and also semantic checks for DS and ZONEMD. And CFLAGS has -march prepended to fix detection. - Merge #376: Point the user towards tcpdump for logging individual queries. - Track $INCLUDEs in zone files. - Fix ci to update macos-12 to the macos-15 runner image. - Merge #390: Apply non-xfr tasks before xfr tasks. This fixes an issue where non-xfr tasks are lost when they are batch processed together with non-xfr tasks. This merge also changes that notifies are passed on from the serve processes to the xfrd directly instead of via main. This was necessary to allow applying the non-xfr tasks without forking a backup-main for the sole purpose of forwarding notifies. - Merge #391: Update copyright lines (in version output). - Fix #392: Inconsistent documentation about control-interface. - Merge #395: Explain the zonefile example better. - Merge #394: Fix the path to use doc/manual/. - Fix analyzer issue in do_print_cookie_secrets to check for failure. - Merge #404: Introducing Sphinx substitution in code blocks. As well as other fixes with Sphinx build. - Update Copyright lines in help output - Merge #395: Explain zonefile example better - Merge #394: Fix doc path (fixes "Edit on GitHub" button in the docs) - Fix Makefile for parallel build failure around bison rule. - Fix #405: Fix typo in documentation. - Treat a mismatch in RRset TTLs as a warning. simdzone 0.2.0 ============== FEATURES: - Add semantic checks for DS and ZONEMD digests (NLnetLabs/nsd#205). - Support registering a callback for $INCLUDE entries (NLnetLabs/nsd#229). - Add tls-supported-groups SvcParam support. - Check iana registries for unimplemented (new) RR types and SvcParamKeys. - Add support for NINFO, RKEY, RESINFO, WALLET, CLA and TA RR types. BUG FIXES: - Prepend -march to CFLAGS to fix architecture detection (NLnetLabs/nsd#372). - Fix propagation of implicit TTLs (NLnetLabs/nsd#375). - Fix detection of Westmere architecture by checking for CLMUL too. - Fix compilation on NetBSD (#233). - Fix reading specialized symbolic links (NLnetLabs/nsd#380).
Given that this update fixes a bug, shall I merge it into the quarterly branch? Also please don't close bug reports until the bug is actually fixed. That is, until the update that fixes the bug lands in the ports tree. Until that point the issue is still open for our users, so closing it is not correct.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=33b3bd3a54f58052db01a7703e88ccf85958c4aa commit 33b3bd3a54f58052db01a7703e88ccf85958c4aa Author: Jaap Akkerhuis <jaap@NLnetLabs.nl> AuthorDate: 2024-12-13 12:42:53 +0000 Commit: Robert Clausecker <fuz@FreeBSD.org> CommitDate: 2024-12-17 00:57:20 +0000 dns/nsd: Update to 4.11.0 Changelog: https://www.nlnetlabs.nl/news/2024/Dec/12/nsd-4.11.0-released/ PR: 283308, 281266 dns/nsd/Makefile | 2 +- dns/nsd/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
Thank you for your contribution.