Bug 228883 - [MAINTAINER] dns/nsd upgrade to version 4.1.22
Summary: [MAINTAINER] dns/nsd upgrade to version 4.1.22
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Steve Wills
Depends on:
Reported: 2018-06-11 10:21 UTC by Jaap Akkerhuis
Modified: 2018-06-14 23:00 UTC (History)
0 users

See Also:

Patch to upgrade (809 bytes, patch)
2018-06-11 10:21 UTC, Jaap Akkerhuis
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Jaap Akkerhuis 2018-06-11 10:21:27 UTC
Created attachment 194154 [details]
Patch to upgrade

This release fixes a bug where zone transfers would not succeed, because
of an error in the selective NSEC3 allocation (introduced in 4.1.18).

The refuse ANY query feature now sends truncated answers over UDP and
allows TCP queries.  This is the same size response on UDP as the
refusal but allows the query to succeed over TCP for genuine queriers
that fallback to that transport mechanism.

The release contains a speed up for TCP processing that should NSD
better at handling large numbers of incoming TCP connections.

- refuse-any sends truncation (+TC) in reply to ANY queries over UDP,
  and allows TCP queries like normal.
- Use accept4 to speed up answer of TCP queries, on Linux, FreeBSD
  and OpenBSD.

- Fix nsec3 hash of parent and child co-hosted nsec3 enabled zones.
- Fix to use same condition for nsec3 hash allocation and free.
Comment 1 commit-hook freebsd_committer 2018-06-14 22:59:21 UTC
A commit references this bug:

Author: swills
Date: Thu Jun 14 22:59:06 UTC 2018
New revision: 472409
URL: https://svnweb.freebsd.org/changeset/ports/472409

  dns/nsd: upgrade to version 4.1.22

  PR:		228883
  Submitted by:	jaap@NLnetLabs.nl (maintainer)

Comment 2 Steve Wills freebsd_committer 2018-06-14 23:00:04 UTC
Committed, thanks!