Created attachment 209273 [details]
patch to update
This release has log fixes, features of confine-to-zone and startup
management, an implementation changes in the configuration parser and
socket handling code simplifications. The implementation changes make
the parser context aware, which is useful for the syntax of (future)
config options. The socket handling code was rewritten to split it
apart in separately handleable routines.
The confine-to-zone: yesno option from Greg Bock, if enabled stops NSD
from responding with data outside of the zone the query was aimed at.
Answers contain data that comes from one zone only.
The startup management patch for s6 and other service supervisors from
Cameron Nemo can be used to signal readiness notification to them, it is
in contrib. With that there is the new option that an empty pidfile
statement (pidfile: "") in nsd.conf can be used to run NSD without
having NSD create an nsd.pid file at startup.
There is fix for the sort order of included configuration files with the
include: statement. Due to a programming oversight it was sorted, but
in reverse. Files are now included in the sorted order. Mostly, if
files contain configuration snippets of different zones, or config about
different features, the include order should not matter for them.
- For #39: confine-to-zone configures NSD to not return out-of-zone
additional information. Contributed by Greg Bock.
- For #21: pidfile "" allows to run NSD without a pidfile, for
startup management tools like daemontools.
- For #21 add
that adds support for readiness notification with READY_FD from
- Fix #35: excessive logging of ixfr failures, it stops the log when
fallback to axfr is possible. log is enabled at high verbosity.
- Fixup warnings during --disable-ipv6 compile.
- The nsd.conf includes are sorted ascending, for include statements
with a '*' from glob.
- Fix #38: log address and failure reason with tls handshake errors,
squelches (the same as unbound) some unless high verbosity is used.
- Fixup clang analysis warning in xfrd_parse_received_xfr_packet
- Number of different UDP handlers has been reduced to one. recvmmsg
and sendmmsg implementations are now used on all platforms.
Compatible implementations are in place for systems that lack the
- Socket options are now set in designated functions for easy reuse.
- Socket setup has been simplified for easy reuse.
- Configuration parser is now aware of the context in which an option
- Fix #44: document that remote-control is a top-level nsd.conf
Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/97234860
A commit references this bug:
Date: Sat Nov 23 13:03:29 UTC 2019
New revision: 518232
Update to 4.2.3
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Sponsored by: Netzkommune GmbH