FreeBSD Bugzilla – Attachment 237515 Details for
Bug 267260
dns/powerdns: update to 4.7.0
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Update to PowerDNS Authoritative Server 4.7.0
powerdns-4.7.0.diff (text/plain), 7.81 KB, created by
Ralf van der Enden
on 2022-10-21 20:33:05 UTC
(
hide
)
Description:
Update to PowerDNS Authoritative Server 4.7.0
Filename:
MIME Type:
Creator:
Ralf van der Enden
Created:
2022-10-21 20:33:05 UTC
Size:
7.81 KB
patch
obsolete
>diff --git a/dns/powerdns/Makefile b/dns/powerdns/Makefile >index a78160a310..e95f69753f 100644 >--- a/dns/powerdns/Makefile >+++ b/dns/powerdns/Makefile >@@ -1,6 +1,5 @@ > PORTNAME= powerdns >-DISTVERSION= 4.6.3 >-PORTREVISION= 2 >+DISTVERSION= 4.7.0 > CATEGORIES= dns > MASTER_SITES= https://downloads.powerdns.com/releases/ > DISTNAME= pdns-${DISTVERSION} >diff --git a/dns/powerdns/distinfo b/dns/powerdns/distinfo >index c8c6146f23..69b0bd073d 100644 >--- a/dns/powerdns/distinfo >+++ b/dns/powerdns/distinfo >@@ -1,3 +1,3 @@ >-TIMESTAMP = 1657734807 >-SHA256 (pdns-4.6.3.tar.bz2) = acd06b89ca01d1adf61b906604614f0e1d77a1e94eeecade8ff5d53a16db7389 >-SIZE (pdns-4.6.3.tar.bz2) = 1302651 >+TIMESTAMP = 1666276032 >+SHA256 (pdns-4.7.0.tar.bz2) = b57b75b780ace64e232c6757f17a8fa617016d0128256c66f22da5f4b5e839e7 >+SIZE (pdns-4.7.0.tar.bz2) = 1361265 >diff --git a/dns/powerdns/files/patch-credentials.cc b/dns/powerdns/files/patch-credentials.cc >deleted file mode 100644 >index 791344b68a..0000000000 >--- a/dns/powerdns/files/patch-credentials.cc >+++ /dev/null >@@ -1,101 +0,0 @@ >---- pdns/credentials.cc.orig 2021-11-23 18:39:17 UTC >-+++ pdns/credentials.cc >-@@ -28,7 +28,7 @@ >- #include <sodium.h> >- #endif >- >--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT >-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT) >- #include <openssl/evp.h> >- #include <openssl/kdf.h> >- #include <openssl/rand.h> >-@@ -42,7 +42,7 @@ >- #include "credentials.hh" >- #include "misc.hh" >- >--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT >-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT) >- static size_t const pwhash_max_size = 128U; /* maximum size of the output */ >- static size_t const pwhash_output_size = 32U; /* size of the hashed output (before base64 encoding) */ >- static unsigned int const pwhash_salt_size = 16U; /* size of the salt (before base64 encoding */ >-@@ -95,7 +95,7 @@ void SensitiveData::clear() >- >- static std::string hashPasswordInternal(const std::string& password, const std::string& salt, uint64_t workFactor, uint64_t parallelFactor, uint64_t blockSize) >- { >--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT >-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT) >- auto pctx = std::unique_ptr<EVP_PKEY_CTX, void (*)(EVP_PKEY_CTX*)>(EVP_PKEY_CTX_new_id(EVP_PKEY_SCRYPT, nullptr), EVP_PKEY_CTX_free); >- if (!pctx) { >- throw std::runtime_error("Error getting a scrypt context to hash the supplied password"); >-@@ -142,7 +142,7 @@ static std::string hashPasswordInternal(const std::str >- >- static std::string generateRandomSalt() >- { >--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT >-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT) >- /* generate a random salt */ >- std::string salt; >- salt.resize(pwhash_salt_size); >-@@ -159,7 +159,7 @@ static std::string generateRandomSalt() >- >- std::string hashPassword(const std::string& password, uint64_t workFactor, uint64_t parallelFactor, uint64_t blockSize) >- { >--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT >-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT) >- std::string result; >- result.reserve(pwhash_max_size); >- >-@@ -187,7 +187,7 @@ std::string hashPassword(const std::string& password, >- >- std::string hashPassword(const std::string& password) >- { >--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT >-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT) >- return hashPassword(password, CredentialsHolder::s_defaultWorkFactor, CredentialsHolder::s_defaultParallelFactor, CredentialsHolder::s_defaultBlockSize); >- #else >- throw std::runtime_error("Hashing a password requires scrypt support in OpenSSL, and it is not available"); >-@@ -196,7 +196,7 @@ std::string hashPassword(const std::string& password) >- >- bool verifyPassword(const std::string& binaryHash, const std::string& salt, uint64_t workFactor, uint64_t parallelFactor, uint64_t blockSize, const std::string& binaryPassword) >- { >--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT >-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT) >- auto expected = hashPasswordInternal(binaryPassword, salt, workFactor, parallelFactor, blockSize); >- return constantTimeStringEquals(expected, binaryHash); >- #else >-@@ -207,7 +207,7 @@ bool verifyPassword(const std::string& binaryHash, con >- /* parse a hashed password in PHC string format */ >- static void parseHashed(const std::string& hash, std::string& salt, std::string& hashedPassword, uint64_t& workFactor, uint64_t& parallelFactor, uint64_t& blockSize) >- { >--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT >-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT) >- auto parametersEnd = hash.find('$', pwhash_prefix.size()); >- if (parametersEnd == std::string::npos || parametersEnd == hash.size()) { >- throw std::runtime_error("Invalid hashed password format, no parameters"); >-@@ -276,7 +276,7 @@ bool verifyPassword(const std::string& hash, const std >- return false; >- } >- >--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT >-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT) >- std::string salt; >- std::string hashedPassword; >- uint64_t workFactor = 0; >-@@ -294,7 +294,7 @@ bool verifyPassword(const std::string& hash, const std >- >- bool isPasswordHashed(const std::string& password) >- { >--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT >-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT) >- if (password.size() < pwhash_prefix_size || password.size() > pwhash_max_size) { >- return false; >- } >-@@ -389,7 +389,7 @@ bool CredentialsHolder::matches(const std::string& pas >- >- bool CredentialsHolder::isHashingAvailable() >- { >--#ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT >-+#if defined(HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT) && defined(EVP_PKEY_SCRYPT) >- return true; >- #else >- return false; >diff --git a/dns/powerdns/files/patch-pdns_auth-main.cc b/dns/powerdns/files/patch-pdns_auth-main.cc >new file mode 100644 >index 0000000000..19c84bfad6 >--- /dev/null >+++ b/dns/powerdns/files/patch-pdns_auth-main.cc >@@ -0,0 +1,13 @@ >+--- pdns/auth-main.cc.orig 2022-10-19 09:22:23 UTC >++++ pdns/auth-main.cc >+@@ -277,8 +277,8 @@ static void declareArguments() >+ >+ ::arg().setSwitch("no-shuffle", "Set this to prevent random shuffling of answers - for regression testing") = "off"; >+ >+- ::arg().set("setuid", "If set, change user id to this uid for more security") = ""; >+- ::arg().set("setgid", "If set, change group id to this gid for more security") = ""; >++ ::arg().set("setuid", "If set, change user id to this uid for more security") = "pdns"; >++ ::arg().set("setgid", "If set, change group id to this gid for more security") = "pdns"; >+ >+ ::arg().set("max-cache-entries", "Maximum number of entries in the query cache") = "1000000"; >+ ::arg().set("max-packet-cache-entries", "Maximum number of entries in the packet cache") = "1000000"; >diff --git a/dns/powerdns/files/patch-pdns_common__startup.cc b/dns/powerdns/files/patch-pdns_common__startup.cc >deleted file mode 100644 >index 85b3e1d6cd..0000000000 >--- a/dns/powerdns/files/patch-pdns_common__startup.cc >+++ /dev/null >@@ -1,13 +0,0 @@ >---- pdns/common_startup.cc.orig 2020-02-24 14:34:14 UTC >-+++ pdns/common_startup.cc >-@@ -191,8 +191,8 @@ void declareArguments() >- >- ::arg().setSwitch("no-shuffle","Set this to prevent random shuffling of answers - for regression testing")="off"; >- >-- ::arg().set("setuid","If set, change user id to this uid for more security")=""; >-- ::arg().set("setgid","If set, change group id to this gid for more security")=""; >-+ ::arg().set("setuid","If set, change user id to this uid for more security")="pdns"; >-+ ::arg().set("setgid","If set, change group id to this gid for more security")="pdns"; >- >- ::arg().set("max-cache-entries", "Maximum number of entries in the query cache")="1000000"; >- ::arg().set("max-packet-cache-entries", "Maximum number of entries in the packet cache")="1000000";
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=237515">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
tremere
:
maintainer-approval+
Actions:
View
|
Diff
Attachments on
bug 267260
: 237515