239525 – [MAINTAINER] dns/ldns: Update to 1.7.1

Bug 239525 - [MAINTAINER] dns/ldns: Update to 1.7.1

Summary: [MAINTAINER] dns/ldns: Update to 1.7.1

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	Steve Wills

URL:
Keywords:

Depends on:
Blocks:	239526 239808
	Show dependency tree / graph

Reported:	2019-07-30 12:51 UTC by Jaap Akkerhuis
Modified:	2019-09-03 09:33 UTC (History)
CC List:	1 user (show)

See Also:	239526 239808

Attachments
Patch to update (6.43 KB, patch) 2019-07-30 12:51 UTC, Jaap Akkerhuis	jaap: maintainer-approval+	Details \| Diff
patch to upgrade (7.46 KB, patch) 2019-08-15 09:52 UTC, Jaap Akkerhuis	jaap: maintainer-approval+	Details \| Diff
patch to update (7.77 KB, patch) 2019-08-15 15:12 UTC, Jaap Akkerhuis	jaap: maintainer-approval+	Details \| Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jaap Akkerhuis 2019-07-30 12:51:32 UTC

Created attachment 206154 [details]
Patch to update

Features

* Support for DNSSEC algorithms ED25519 and ED448
  when compiled with OpenSSL 1.1.1

* An -I option to ldns-notify to specify a source IP address
  to send to notify from.

* Complete OpenSSL engine support with ldns-signzone
  contributed by Vadim Penzin


Changelog
=========
* bugfix: Manage verification paths for OpenSSL >= 1.1.0
  Thanks Marco Davids
* bugfix #4106: find the SDK on MacOS X <= 10.6
  Thanks Bill Cole
* bugfix #4155: ldns-config contains never used variables
  Thanks Petr Menšík
* bugfix #4221: drill -x crashes with malformed IPv4 address
  Thanks Oleksandr Tymoshenko
* bugfix #3437: CDS & CDNSKEY RRsets should be signed with the KSK
  Thanks Tony Finch
* bugfix #1566, #1568, #1569, #1570: Potential NULL Dereferences
  Thanks Bill Parker
* bugfix #1260: Anticipate strchr returning NULL on unfound char
  Thanks Stephan Zeisberg
* bugfix #1257: Free after reallocing to 0 size
  Thanks Stephan Zeisberg
* bugfix #1256: Check parse limit before t increment
  Thanks Stephan Zeisberg
* bugfix #1245: Only one signature per RRset needs to be valid with
  ldns-verify-zone.  Thanks Emil Natan.
* ldns-notify can use all supported hash algorithms with -y.
* bugfix #1209: make install ldns.pc file
  Thanks Oleksandr Natalenko
* bugfix #1218: Only chase DS if signer is parent of owner.
  Thanks Emil Natan
* bugfix #617: Retry WKS service and protocol names lower case.
  Thanks Siali Yan
* Spelling errors in binaries and man pages
  Thanks Andreas Schulze
* removed duplicate condition in ldns_udp_send_query.
* ldns_wire2pkt: fix null pointer dereference if pkt allocation fails
  and fix memory leak with more EDNS sections
  Thanks Jan Vcelak
* bugfix #1399: ldns_pkt2wire() Python binding is broken.
  Thanks James Raftery
* ED25519 and ED448 support. Default is to autodetect support in
  OpenSSL.  Disable with --disable-ed25519 and --disable-ed448.
* ldns-notify: can have IPv6 address as argument.
* Fix time sensitive TSIG compare vulnerability.
* Fix that ldns-testns ignores sigpipe.
* Fix that ldns-notify sets the query RR as question RR, this
  removes the wrong TTL and 0 rdata from the packet printout.
* Allow -T flag to be used together with drill -x
* Python bindings compile with swig 4.0
  Thanks Jitka Plesníková
* bugfix #4248: drill -DT fails for CNAME domain
  Thanks Thom Wiggers
* bugfix #4214: Various fixes and leaks found by coverity.
  Thanks Petr Menšík
* Feature #3394: An -I option to ldns-notify to specify a source
  IP address to send to notify from.  Thanks Geert Hendrickx
* Bugfix #279: New API functions ldns_udp_connect2,
  ldns_tcp_connect2, ldns_udp_bgsend2 and ldns_tcp_bgsend2,
  that return -1 on failure and allow socket number 0
  to be returned too.  Thanks Joerg Sonnenberger
* Bugfix #1447: More verbose reporting of chasing problems with
  ldns-verify-zone.  Thanks Stephane Guedon
* OpenSSL engine support with ldns-signzone.
  See also https://penzin.net/ldns-signzone/
  Many thanks Vadim Penzin.
* Various improvements found with shellcheck.
  Thanks Jeffrey Walton
* PR #36 Update manpage of ldns-notify to mention algorithm
  support with TSIG.  Thanks Anand Buddhdev
* Compile warnings with signed char input to to_lower()
  and is_digit() with NetBSD.  Thanks Håvard Eidnes
* Missing Makefile.PL in DNS-LDNS perl module contribution.
  Thanks Jaap Akkerhuis

Comment 1 Jaap Akkerhuis 2019-08-13 19:11:00 UTC

I made a mistake hand have to review this update. There for don't commit this yet  until I created a new patch. TIA.

Comment 2 Jaap Akkerhuis 2019-08-15 09:52:38 UTC

Created attachment 206571 [details]
patch to upgrade

This patch should work properly and also fixes the problem signaled in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=239808

Comment 3 Jaap Akkerhuis 2019-08-15 15:12:35 UTC

Created attachment 206584 [details]
patch to update

Oops, found some typos in previous version. Fixed in this one
Apologies for the noise

Comment 4 commit-hook freebsd_committer

2019-09-02 14:32:39 UTC

A commit references this bug:

Author: swills
Date: Mon Sep  2 14:31:51 UTC 2019
New revision: 510798
URL: https://svnweb.freebsd.org/changeset/ports/510798

Log:
  dns/ldns: update to 1.7.1

  While here, improve formatting, pet portlint.

  PR:		239525
  PR:		239526
  Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)

Changes:
  head/dns/ldns/Makefile
  head/dns/ldns/distinfo
  head/dns/ldns/files/
  head/dns/ldns/pkg-plist
  head/dns/py-ldns/pkg-plist

Comment 5 Steve Wills freebsd_committer

2019-09-02 14:32:56 UTC

Committed, thanks!