Bug 263952

Summary: dns/nsd: Update to 4.5.0
Product: Ports & Packages Reporter: Jaap Akkerhuis <jaap>
Component: Individual Port(s)Assignee: Dmitri Goutnik <dmgk>
Status: Closed FIXED    
Severity: Affects Some People CC: dmgk
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   
URL: https://www.nlnetlabs.nl/news/2022/May/13/nsd-4.5.0-released/
Attachments:
Description Flags
patch to update jaap: maintainer-approval+

Description Jaap Akkerhuis 2022-05-13 09:36:13 UTC 
Created attachment 233888 [details]
patch to update

This release fixes a couple of minor bugs and adds IXFR out
functionality. With this functionality NSD can respond to IXFR queries
and serve IXFR transfers downstream.

It is default disabled, that means it does not store IXFR contents for
zones by default. The response on the wire is different, also with IXFR
disabled, because it is now supported, and thus also for those zones a
reply is served, that no differential data is available.

FEATURES:
- Merge PR #209: IXFR out
This adds IXFR out functionality to NSD. NSD can copy IXFRs from
upstream to downstream clients, or create IXFRs from zonefiles.
The options store-ixfr: yes and create-ixfr: yes can be used to
turn this on. Default is turned off. The options ixfr-number and
ixfr-size can be used to tune the number of IXFR transfers and
total data size stored. This is configured per zone, the IXFRs
are served to the hosts that are allowed to perform zone transfers.
And if TSIG is configured, signed with the same key. The content
is stored to file if a zonefile is configured for the zone, in
the zonefile.ixfr and zonefile.ixfr.2, .. files. They contain
readable text format. The number of IXFRs is num.rixfr in
statistics output, also per zone if per zone statistics are enabled.
If offline, nsd-checkzone -i can create ixfr files.
NSD already supports requesting IXFRs, this addition allows NSD
to serve IXFR transfers to clients.
NSD stops responding with NOTIMPL to IXFR requests, also for zones
that do not have IXFR enabled. The clients gets a full zone reply
or a status reply if the serial is up to date.

BUG FIXES:
- Fix code analyzer zero divide warning.
- Fix code analyzer large value with assertion.
- Fix another code analyzer zero divide warning.
- Fix code analyzer warning about uninitialized temp storage in loop.
- Fix spelling error in comment in svcbparam_lookup_key.
- Update cirrus script FreeBSD version.
Comment 1 commit-hook freebsd_committer freebsd_triage 2022-05-13 22:30:25 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=624dbc61a18734921b5d724805b1164cbc47b6d3

commit 624dbc61a18734921b5d724805b1164cbc47b6d3
Author:     Jaap Akkerhuis <jaap@NLnetLabs.nl>
AuthorDate: 2022-05-13 22:27:09 +0000
Commit:     Dmitri Goutnik <dmgk@FreeBSD.org>
CommitDate: 2022-05-13 22:29:07 +0000

    dns/nsd: Update to 4.5.0

    Changes:        https://www.nlnetlabs.nl/news/2022/May/13/nsd-4.5.0-released/

    This release fixes a couple of minor bugs and adds IXFR out
    functionality. With this functionality NSD can respond to IXFR queries
    and serve IXFR transfers downstream.

    It is default disabled, that means it does not store IXFR contents for
    zones by default. The response on the wire is different, also with IXFR
    disabled, because it is now supported, and thus also for those zones a
    reply is served, that no differential data is available.

    FEATURES:
    - Merge PR #209: IXFR out
    This adds IXFR out functionality to NSD. NSD can copy IXFRs from
    upstream to downstream clients, or create IXFRs from zonefiles.
    The options store-ixfr: yes and create-ixfr: yes can be used to
    turn this on. Default is turned off. The options ixfr-number and
    ixfr-size can be used to tune the number of IXFR transfers and
    total data size stored. This is configured per zone, the IXFRs
    are served to the hosts that are allowed to perform zone transfers.
    And if TSIG is configured, signed with the same key. The content
    is stored to file if a zonefile is configured for the zone, in
    the zonefile.ixfr and zonefile.ixfr.2, .. files. They contain
    readable text format. The number of IXFRs is num.rixfr in
    statistics output, also per zone if per zone statistics are enabled.
    If offline, nsd-checkzone -i can create ixfr files.
    NSD already supports requesting IXFRs, this addition allows NSD
    to serve IXFR transfers to clients.
    NSD stops responding with NOTIMPL to IXFR requests, also for zones
    that do not have IXFR enabled. The clients gets a full zone reply
    or a status reply if the serial is up to date.

    BUG FIXES:
    - Fix code analyzer zero divide warning.
    - Fix code analyzer large value with assertion.
    - Fix another code analyzer zero divide warning.
    - Fix code analyzer warning about uninitialized temp storage in loop.
    - Fix spelling error in comment in svcbparam_lookup_key.
    - Update cirrus script FreeBSD version.

    PR:             263952

 dns/nsd/Makefile | 2 +-
 dns/nsd/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)
Comment 2 Dmitri Goutnik freebsd_committer freebsd_triage 2022-05-13 22:30:47 UTC 
Committed, thanks!