Bug 236575
| Summary: | [MAINTAINER] dns/unbound update to 1.9.1 | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Jaap Akkerhuis <jaap> | ||||
| Component: | Individual Port(s) | Assignee: | Steve Wills <swills> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Many People | ||||||
| Priority: | --- | ||||||
| Version: | Latest | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
A commit references this bug: Author: swills Date: Mon Mar 18 11:35:50 UTC 2019 New revision: 496136 URL: https://svnweb.freebsd.org/changeset/ports/496136 Log: dns/unbound: update to 1.9.1 PR: 236575 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) Changes: head/dns/unbound/Makefile head/dns/unbound/distinfo head/dns/unbound/files/patch-daemon_remote.c head/dns/unbound/files/patch-iterator_iter__fwd.c head/dns/unbound/files/patch-iterator_iter__hints.c head/dns/unbound/pkg-plist Committed, thanks! |
Created attachment 202913 [details] patch to update [Patch files for 1.9.0_1 are removed] Features - Add local-zone type inform_redirect, which logs like type inform, and redirects like type redirect. - Perform canonical sort for 0x20 capsforid compare of replies, this sorts rrsets in the authority and additional section before comparison, so that out of order rrsets do not cause failure. - Print query name with ip_ratelimit exceeded log lines. Spaces instead of tabs in that log message. - Print query name and IP address when domain rate limit exceeded. Bug Fixes - Fix #4224: auth_xfr_notify.rpl test broken due to typo - Fix locking for libunbound context setup with broken port config. - Fix case in which query timeout can result in marking delegation as edns_lame_known. - Set ub_ctx_set_tls call signature in ltrace config file for libunbound in contrib/libunbound.so.conf. - improve documentation for tls-service-key and forward-first. - #10: fixed pkg-config operations, PKG_PROG_PKG_CONFIG moved out of conditional section, fixes systemd builds, from Enrico Scholz. - #9: For openssl 1.0.2 use the CRYPTO_THREADID locking callbacks, still supports the set_id_callback previous API. And for 1.1.0 no locking callbacks are needed. - #8: Fix OpenSSL without ENGINE support compilation. - Wipe TLS session key data from memory on exit. - Fix that log-replies prints the correct name for local-alias names, for names that have a CNAME in local-data configuration. It logs the original query name, not the target of the CNAME. - Fix #4206: OpenSSL 1.0.2 hostname verification for FreeBSD 11.2. - Fix that qname minimisation does not skip a label when missing nameserver targets need to be fetched. - Fix #4225: clients seem to erroneously receive no answer with DNS-over-TLS and qname-minimisation. - Note default for module-config in man page. - Fix #13: Remove left-over requirements on OpenSSL >= 1.1.0 for cert name matching, from man page. - Fix capsforid canonical sort qsort callback. - Fix pythonmod include and sockaddr_un ifdefs for compile on Windows, and for libunbound. - Fix the error for unknown module in module-config is understandable, and explains it was not compiled in and where to see the list. - In example.conf explain where to put cachedb module in module-config. - In man page and example config explain that most modules have to be listed at the start of module-config. - Fix #4227: pair event del and add for libevent for tcp_req_info. - Fix #4229: Unbound man pages lack information, about access-control order and local zone tags, and elements in views. - Fix #14: contrib/unbound.init: Fix wrong comparison judgment before copying. - Fix for python module on Windows, fix fopen. - Remove memory leak on pythonmod python2 script file init. - Remove swig gcc8 python function cast warnings, they are ignored. - Print correct module that failed when module-config is wrong.