Created attachment 235921 [details] patch to upgrade NOTE: This patch also upgrades the dependent port dns/py-ldns Version 1.8.2 of ldns had a crash bug when creating packets with an EDNS OPT resource record without options. For example when just setting the DO bit (DNSSEC OK) or when specifying a larger UDP payload size. This quick fix release has this resolved. Also the unit tests have been reviewed and updated to catch this in the future before release. Compared to the 1.8.1 release, this release has some bugfixes and a few new features, most notably: * Since draft-ietf-dnsop-svcb-https will become RFC now anytime soon, SVCB and HTTPS RR types are now compiled by default. * Functionality for parsing and printing of EDNS0 Options. The list of options in a packet can be accessed via a new function: ldns_pkt_edns_get_option_list(ldns_pkt *packet). The list can be further manipulated with functions as described in edns.h. Finally the options can be converted to presentation format with ldns_edns_option_list2buffer_str() from host2str.h. drill will now also print EDNS0 options in a parsed format. ChangeLog ========= 1.8.3 2022-08-15 * bugfix #183: Assertion failure with OPT record without rdata. This caused packet creation with only a DO bit (for DNSSEC OK) to crash. Thanks Anand Buddhdev and others for reporting this so quickly. * Fix for syntax error in pyldns 1.8.2 2022-08-12 * bugfix #147: Allow for tabs in whitespace before quoted rdata fields. Thanks Felipe Gasper * bugfix #149: Add some missing [out] annotations to doxygen parameters. Thanks aldot. * Fix build error on Solaris 10 with inet_ntop redeclaration error. * Fix -U flag with ldns-signzone. Thanks Ulrich and Jonathan * Enable compile of SVCB and HTTPS support by default. * bugfix #179: Free line memory even if zone file parsing fails Thanks Claudius Zingerli * bugfix #166: Grow buffer when writing chars and fixed size strings when converting to presentation format, preventing potential assersion errors. * bugfix #46: Print network errors when secure tracing. Thanks reedjc * EDNS0 Option handling and conversion into presentation format. * bugfix #145: ldns-verify-zone should not call occluded records glue. Thanks Habbie
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=616885da342a3dc4396407df3e2a6c5b3e175a6c commit 616885da342a3dc4396407df3e2a6c5b3e175a6c Author: Jaap Akkerhuis <jaap@NLnetLabs.nl> AuthorDate: 2022-08-15 18:05:53 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2022-08-16 15:56:04 +0000 dns/{py-}ldns: update to 1.8.3 ChangeLog: https://www.nlnetlabs.nl/news/2022/Aug/15/ldns-1.8.3-released/ 1.8.3 2022-08-15 * bugfix #183: Assertion failure with OPT record without rdata. * Fix for syntax error in pyldns 1.8.2 2022-08-12 * bugfix #147: Allow for tabs in whitespace before quoted rdata fields. * bugfix #149: Add some missing [out] annotations to doxygen parameters. * Fix build error on Solaris 10 with inet_ntop redeclaration error. * Fix -U flag with ldns-signzone. * Enable compile of SVCB and HTTPS support by default. * bugfix #179: Free line memory even if zone file parsing fails * bugfix #166: Grow buffer when writing chars and fixed size strings when converting to presentation format, preventing potential assersion errors. * bugfix #46: Print network errors when secure tracing. * EDNS0 Option handling and conversion into presentation format. * bugfix #145: ldns-verify-zone should not call occluded records glue. PR: 265859 Reported by: jaap@NLnetLabs.nl (maintainer) dns/ldns/Makefile | 12 +++-- dns/ldns/distinfo | 6 +-- dns/ldns/files/patch-LibreSSL-3.5 (gone) | 92 -------------------------------- dns/ldns/pkg-plist | 3 +- dns/py-ldns/pkg-plist | 2 +- 5 files changed, 14 insertions(+), 101 deletions(-)
Committed, Thanks!