Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 21 Dec 2018 08:29:43 +0000 (UTC)
From:      Mathieu Arnold <mat@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org
Subject:   svn commit: r487960 - in branches/2018Q4/dns: bind911 bind911/files bind912 bind912/files bind913 bind913/files
Message-ID:  <201812210829.wBL8ThXD021762@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: mat
Date: Fri Dec 21 08:29:43 2018
New Revision: 487960
URL: https://svnweb.freebsd.org/changeset/ports/487960

Log:
  MFH: r480174 r480176 r482890 r482891 r483797 r483797 r483798 r483798 r484911 r484916 r484916 r485589 r487359 r487359 r487359
  
  Update to 9.11.5-P1, 9.12.3-P1, 9.13.5.
  
  While there:
  - Don't disable symbol table generation when building WITH_DEBUG.
  - Try and make sure nullfs can really be used in a more robustt and
    centralized way.
  - Make sure all changes are sync'ed among all BIND9 ports.
  
  (Also, all the changes in between the previous merge.)
  
  Approved by:	ports-secteam (blanket, runtime fixes in these latest versions.)

Modified:
  branches/2018Q4/dns/bind911/Makefile
  branches/2018Q4/dns/bind911/distinfo
  branches/2018Q4/dns/bind911/files/extrapatch-bind-min-override-ttl
  branches/2018Q4/dns/bind911/files/named.in
  branches/2018Q4/dns/bind911/files/patch-bin_named_include_named_globals.h
  branches/2018Q4/dns/bind911/files/patch-configure
  branches/2018Q4/dns/bind912/Makefile
  branches/2018Q4/dns/bind912/distinfo
  branches/2018Q4/dns/bind912/files/extrapatch-bind-min-override-ttl
  branches/2018Q4/dns/bind912/files/named.in
  branches/2018Q4/dns/bind912/files/patch-bin_named_include_named_globals.h
  branches/2018Q4/dns/bind912/files/patch-configure
  branches/2018Q4/dns/bind913/Makefile
  branches/2018Q4/dns/bind913/distinfo
  branches/2018Q4/dns/bind913/files/extrapatch-bind-min-override-ttl
  branches/2018Q4/dns/bind913/files/named.in
  branches/2018Q4/dns/bind913/files/patch-configure
  branches/2018Q4/dns/bind913/pkg-plist
Directory Properties:
  branches/2018Q4/   (props changed)

Modified: branches/2018Q4/dns/bind911/Makefile
==============================================================================
--- branches/2018Q4/dns/bind911/Makefile	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind911/Makefile	Fri Dec 21 08:29:43 2018	(r487960)
@@ -20,7 +20,7 @@ LIB_DEPENDS=	libxml2.so:textproc/libxml2
 USES=	cpe libedit
 
 # ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION=	9.11.4-P2
+ISCVERSION=	9.11.5-P1
 
 CPE_VENDOR=	isc
 CPE_VERSION=	${ISCVERSION:C/-.*//}
@@ -30,11 +30,11 @@ CPE_UPDATE=	${ISCVERSION:C/.*-//:tl}
 
 GNU_CONFIGURE=	yes
 CONFIGURE_ARGS=	--localstatedir=/var --disable-linux-caps \
-		--disable-symtable \
 		--with-randomdev=/dev/random \
 		--with-libxml2=${LOCALBASE} \
 		--with-readline="-L${LOCALBASE}/lib -ledit" \
 		--with-dlopen=yes \
+		--with-gost=no \
 		--sysconfdir=${ETCDIR}
 ETCDIR=		${PREFIX}/etc/namedb
 
@@ -56,9 +56,8 @@ OPTIONS_DEFINE=		IDN LARGE_FILE PYTHON JSON \
 			MINCACHE PORTREVISION QUERYTRACE LMDB DNSTAP \
 			START_LATE TUNING_LARGE TCP_FASTOPEN
 
-OPTIONS_RADIO=	CRYPTO GOSTDEF
+OPTIONS_RADIO=	CRYPTO
 OPTIONS_RADIO_CRYPTO=	SSL NATIVE_PKCS11
-OPTIONS_RADIO_GOSTDEF=	GOST GOST_ASN1
 
 OPTIONS_GROUP=		DLZ
 OPTIONS_GROUP_DLZ=	DLZ_POSTGRESQL DLZ_MYSQL DLZ_BDB \
@@ -80,9 +79,6 @@ DNSTAP_DESC=		Provides fast passive logging of DNS mes
 FILTER_AAAA_DESC=	Enable filtering of AAAA records
 FIXED_RRSET_DESC=	Enable fixed rrset ordering
 GEOIP_DESC=		Allow geographically based ACL.
-GOSTDEF_DESC=		Enable GOST ciphers, needs SSL
-GOST_ASN1_DESC=		GOST using ASN.1
-GOST_DESC=		GOST raw keys (new default)
 GSSAPI_BASE_DESC=	Using Heimdal in base
 GSSAPI_HEIMDAL_DESC=	Using security/heimdal
 GSSAPI_MIT_DESC=	Using security/krb5
@@ -131,10 +127,6 @@ FIXED_RRSET_CONFIGURE_ENABLE=	fixed-rrset
 GEOIP_CONFIGURE_WITH=	geoip
 GEOIP_LIB_DEPENDS=	libGeoIP.so:net/GeoIP
 
-GOST_ASN1_CONFIGURE_ON=	--with-gost=asn1
-
-GOST_CONFIGURE_ON=	--with-gost
-
 GSSAPI_BASE_CONFIGURE_ON=\
 	--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
 GSSAPI_BASE_USES=	gssapi
@@ -199,14 +191,16 @@ TUNING_LARGE_CONFIGURE_OFF=	--with-tuning=default
 
 .include <bsd.port.pre.mk>
 
-.if !${PORT_OPTIONS:MGOST} && !${PORT_OPTIONS:MGOST_ASN1}
-CONFIGURE_ARGS+=	--without-gost
+.if defined(WITH_DEBUG)
+CONFIGURE_ARGS+=	--enable-symtable
+.else
+CONFIGURE_ARGS+=	--disable-symtable
 .endif
 
-.if ( ${PORT_OPTIONS:MGOST} || ${PORT_OPTIONS:MGOST_ASN1} ) && ${SSL_DEFAULT} == base
-BROKEN=	OpenSSL from the base system does not support GOST, add \
-	DEFAULT_VERSIONS+=ssl=openssl to your /etc/make.conf and rebuild everything \
-	that needs SSL.
+.if ${SSL_DEFAULT} == base
+SUB_LIST+=	ENGINES=/usr/lib/engines
+.else
+SUB_LIST+=	ENGINES=${LOCALBASE}/lib/engines
 .endif
 
 post-patch:

Modified: branches/2018Q4/dns/bind911/distinfo
==============================================================================
--- branches/2018Q4/dns/bind911/distinfo	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind911/distinfo	Fri Dec 21 08:29:43 2018	(r487960)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1537447447
-SHA256 (bind-9.11.4-P2.tar.gz) = a85af7b629109d41285c7adeae1515daac638bbe4d5dc30d1f4b343dff09d811
-SIZE (bind-9.11.4-P2.tar.gz) = 9617963
+TIMESTAMP = 1544687911
+SHA256 (bind-9.11.5-P1.tar.gz) = 6cd6dbf016569f12d4a0ed629e44e895d9ed41c6908274ed2e617666c5491928
+SIZE (bind-9.11.5-P1.tar.gz) = 8814650

Modified: branches/2018Q4/dns/bind911/files/extrapatch-bind-min-override-ttl
==============================================================================
--- branches/2018Q4/dns/bind911/files/extrapatch-bind-min-override-ttl	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind911/files/extrapatch-bind-min-override-ttl	Fri Dec 21 08:29:43 2018	(r487960)
@@ -1,6 +1,6 @@
---- bin/named/config.c.orig	2018-06-10 06:06:33 UTC
+--- bin/named/config.c.orig	2018-10-06 01:36:17 UTC
 +++ bin/named/config.c
-@@ -176,6 +176,8 @@ options {\n\
+@@ -177,6 +177,8 @@ options {\n\
  "	max-acache-size 16M;\n\
  	max-cache-size 90%;\n\
  	max-cache-ttl 604800; /* 1 week */\n\
@@ -9,9 +9,9 @@
  	max-clients-per-query 100;\n\
  	max-ncache-ttl 10800; /* 3 hours */\n\
  	max-recursion-depth 7;\n\
---- bin/named/server.c.orig	2018-06-10 06:06:33 UTC
+--- bin/named/server.c.orig	2018-10-06 01:36:17 UTC
 +++ bin/named/server.c
-@@ -3692,6 +3692,16 @@ configure_view(dns_view_t *view, dns_vie
+@@ -3695,6 +3695,16 @@ configure_view(dns_view_t *view, dns_vie
  	}
  
  	obj = NULL;
@@ -28,20 +28,20 @@
  	result = ns_config_get(maps, "max-cache-ttl", &obj);
  	INSIST(result == ISC_R_SUCCESS);
  	view->maxcachettl = cfg_obj_asuint32(obj);
---- lib/dns/include/dns/view.h.orig	2018-06-10 06:06:33 UTC
+--- lib/dns/include/dns/view.h.orig	2018-10-06 01:36:17 UTC
 +++ lib/dns/include/dns/view.h
-@@ -150,6 +150,8 @@ struct dns_view {
- 	isc_boolean_t			requestnsid;
- 	isc_boolean_t			sendcookie;
+@@ -152,6 +152,8 @@ struct dns_view {
+ 	bool			requestnsid;
+ 	bool			sendcookie;
  	dns_ttl_t			maxcachettl;
 +	dns_ttl_t			mincachettl;
 +	dns_ttl_t			overridecachettl;
  	dns_ttl_t			maxncachettl;
- 	isc_uint32_t			nta_lifetime;
- 	isc_uint32_t			nta_recheck;
---- lib/dns/resolver.c.orig	2018-06-10 06:06:33 UTC
+ 	uint32_t			nta_lifetime;
+ 	uint32_t			nta_recheck;
+--- lib/dns/resolver.c.orig	2018-10-06 01:36:17 UTC
 +++ lib/dns/resolver.c
-@@ -5473,6 +5473,18 @@ cache_name(fetchctx_t *fctx, dns_name_t 
+@@ -5474,6 +5474,18 @@ cache_name(fetchctx_t *fctx, dns_name_t 
  		}
  
  		/*
@@ -60,9 +60,9 @@
  		 * Enforce the configure maximum cache TTL.
  		 */
  		if (rdataset->ttl > res->view->maxcachettl) {
---- lib/isccfg/namedconf.c.orig	2018-06-10 06:06:33 UTC
+--- lib/isccfg/namedconf.c.orig	2018-10-06 01:36:17 UTC
 +++ lib/isccfg/namedconf.c
-@@ -1770,6 +1770,8 @@ view_clauses[] = {
+@@ -1773,6 +1773,8 @@ view_clauses[] = {
  #endif
  	{ "max-acache-size", &cfg_type_sizenodefault, 0 },
  	{ "max-cache-size", &cfg_type_sizeorpercent, 0 },

Modified: branches/2018Q4/dns/bind911/files/named.in
==============================================================================
--- branches/2018Q4/dns/bind911/files/named.in	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind911/files/named.in	Fri Dec 21 08:29:43 2018	(r487960)
@@ -62,7 +62,7 @@ required_dirs="${named_chrootdir}"
 _named_confdirroot="${named_conf%/*}"
 _named_confdir="${named_chrootdir}${_named_confdirroot}"
 _named_program_root="${named_program%/sbin/named}"
-_openssl_engines="%%LOCALBASE%%/lib/engines"
+_openssl_engines="%%ENGINES%%"
 
 # Needed if named.conf and rndc.conf are moved or if rndc.conf is used
 rndc_conf=${rndc_conf:-"$_named_confdir/rndc.conf"}
@@ -143,19 +143,16 @@ chroot_autoupdate()
 		fi
 	fi
 
-	# If OpenSSL from ports, then the engines should be present in the
-	# chroot, named loads them after chrooting.
+	# The OpenSSL engines should be present in the chroot, named loads them
+	# after chrooting.
 	if [ -d ${_openssl_engines} ]; then
-		# FIXME when 8.4 is gone see if
-		# security.jail.param.allow.mount.nullfs can be used.
-		if [ `${SYSCTL_N} security.jail.jailed` -eq 0 -o `${SYSCTL_N} security.jail.mount_allowed` -eq 1 ]; then
-			mkdir -p ${named_chrootdir}${_openssl_engines}
+		mkdir -p ${named_chrootdir}${_openssl_engines}
+		if can_mount nullfs ; then
 			mount -t nullfs ${_openssl_engines} ${named_chrootdir}${_openssl_engines}
 		else
 			warn "named chroot: cannot nullfs mount OpenSSL" \
 				"engines into the chroot, will copy the shared" \
 				"libraries instead."
-			mkdir -p ${named_chrootdir}${_openssl_engines}
 			cp -f ${_openssl_engines}/*.so ${named_chrootdir}${_openssl_engines}
 		fi
 	fi
@@ -241,20 +238,39 @@ named_stop()
 
 named_poststop()
 {
-	if [ -n "${named_chrootdir}" -a -c ${named_chrootdir}/dev/null ]; then
+	if [ -n "${named_chrootdir}" ]; then
 		# if using OpenSSL from ports, unmount OpenSSL engines, if they
 		# were not mounted but only copied, do nothing.
-		if [ -d ${_openssl_engines} -a \( `${SYSCTL_N} security.jail.jailed` -eq 0 -o `${SYSCTL_N} security.jail.mount_allowed` -eq 1 \) ]; then
-		  umount ${named_chrootdir}${_openssl_engines}
+		if [ -d ${_openssl_engines} ]; then
+			if can_mount nullfs; then
+				umount ${named_chrootdir}${_openssl_engines}
+			fi
 		fi
-		# unmount /dev
-		if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
-			umount ${named_chrootdir}/dev 2>/dev/null || true
-		else
-			warn "named chroot:" \
-			    "cannot unmount devfs from inside jail!"
+		if [ -c ${named_chrootdir}/dev/null ]; then
+			# unmount /dev
+			if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
+				umount ${named_chrootdir}/dev 2>/dev/null || true
+			else
+				warn "named chroot:" \
+					"cannot unmount devfs from inside jail!"
+			fi
 		fi
 	fi
+}
+
+can_mount()
+{
+	local kld
+	kld=$1
+	if ! load_kld $kld; then
+		return 1
+	fi
+	if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ] ||
+		[ `${SYSCTL_N} security.jail.mount_allowed` -eq 1 ] ||
+		[ `${SYSCTL_N} security.jail.mount_${kld}_allowed` -eq 1 ] ; then
+		return 0
+	fi
+	return 1
 }
 
 create_file()

Modified: branches/2018Q4/dns/bind911/files/patch-bin_named_include_named_globals.h
==============================================================================
--- branches/2018Q4/dns/bind911/files/patch-bin_named_include_named_globals.h	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind911/files/patch-bin_named_include_named_globals.h	Fri Dec 21 08:29:43 2018	(r487960)
@@ -1,8 +1,8 @@
 We reference the pid file as being run/named/pid everywere else.
 
---- bin/named/include/named/globals.h.orig	2018-06-10 06:06:33 UTC
+--- bin/named/include/named/globals.h.orig	2018-10-06 01:36:17 UTC
 +++ bin/named/include/named/globals.h
-@@ -138,7 +138,7 @@ EXTERN isc_boolean_t		ns_g_forcelock		IN
+@@ -139,7 +139,7 @@ EXTERN bool		ns_g_forcelock		INIT(false)
  #if NS_RUN_PID_DIR
  EXTERN const char *		ns_g_defaultpidfile 	INIT(NS_LOCALSTATEDIR
  							     "/run/named/"

Modified: branches/2018Q4/dns/bind911/files/patch-configure
==============================================================================
--- branches/2018Q4/dns/bind911/files/patch-configure	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind911/files/patch-configure	Fri Dec 21 08:29:43 2018	(r487960)
@@ -1,6 +1,6 @@
---- configure.orig	2018-06-10 06:06:33 UTC
+--- configure.orig	2018-10-06 01:36:17 UTC
 +++ configure
-@@ -14961,27 +14961,9 @@ done
+@@ -15106,27 +15106,9 @@ done
  		# problems start to show up.
  		saved_libs="$LIBS"
  		for TRY_LIBS in \
@@ -30,7 +30,7 @@
  		    { $as_echo "$as_me:${as_lineno-$LINENO}: checking linking as $TRY_LIBS" >&5
  $as_echo_n "checking linking as $TRY_LIBS... " >&6; }
  		    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-@@ -15024,47 +15006,7 @@ $as_echo "no" >&6; } ;;
+@@ -15169,47 +15151,7 @@ $as_echo "no" >&6; } ;;
  		no) as_fn_error $? "could not determine proper GSSAPI linkage" "$LINENO" 5 ;;
  		esac
  
@@ -79,7 +79,7 @@
  		DNS_GSSAPI_LIBS="$LIBS"
  
  		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using GSSAPI from $use_gssapi/lib and $use_gssapi/include" >&5
-@@ -23847,7 +23789,7 @@ $as_echo "" >&6; }
+@@ -23938,7 +23880,7 @@ $as_echo "" >&6; }
  			# Check other locations for includes.
  			# Order is important (sigh).
  

Modified: branches/2018Q4/dns/bind912/Makefile
==============================================================================
--- branches/2018Q4/dns/bind912/Makefile	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind912/Makefile	Fri Dec 21 08:29:43 2018	(r487960)
@@ -29,13 +29,11 @@ COMMENT=	BIND DNS suite with updated DNSSEC and DNS64
 LICENSE=	MPL20
 LICENSE_FILE=	${WRKSRC}/COPYRIGHT
 
-BROKEN_powerpc64=	fails to link: /usr/bin/ld: cannot find -latomic
-
 LIB_DEPENDS=	libxml2.so:textproc/libxml2
 
-USES=	cpe libedit
+USES=	compiler:c11 cpe libedit
 # ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION=	9.12.2-P2
+ISCVERSION=	9.12.3-P1
 
 CPE_VENDOR=	isc
 CPE_VERSION=	${ISCVERSION:C/-.*//}
@@ -45,11 +43,11 @@ CPE_UPDATE=	${ISCVERSION:C/.*-//:tl}
 
 GNU_CONFIGURE=	yes
 CONFIGURE_ARGS=	--localstatedir=/var --disable-linux-caps \
-		--disable-symtable \
 		--with-randomdev=/dev/random \
 		--with-libxml2=${LOCALBASE} \
 		--with-readline="-L${LOCALBASE}/lib -ledit" \
 		--with-dlopen=yes \
+		--with-gost=no \
 		--sysconfdir=${ETCDIR}
 ETCDIR=		${PREFIX}/etc/namedb
 
@@ -72,9 +70,8 @@ OPTIONS_DEFAULT=	SSL THREADS SIGCHASE IDN GSSAPI_NONE 
 OPTIONS_DEFINE=		IDN LARGE_FILE PYTHON JSON \
 			FIXED_RRSET SIGCHASE IPV6 THREADS
 
-OPTIONS_RADIO=	CRYPTO GOSTDEF
+OPTIONS_RADIO=	CRYPTO
 OPTIONS_RADIO_CRYPTO=	SSL NATIVE_PKCS11
-OPTIONS_RADIO_GOSTDEF=	GOST GOST_ASN1
 
 .if !defined(BIND_TOOLS_SLAVE)
 OPTIONS_DEFAULT+=	DLZ_FILESYSTEM LMDB RPZ_NSDNAME RPZ_NSIP TCP_FASTOPEN
@@ -101,9 +98,6 @@ DLZ_STUB_DESC=		DLZ stub driver
 DNSTAP_DESC=		Provides fast passive logging of DNS messages
 FIXED_RRSET_DESC=	Enable fixed rrset ordering
 GEOIP_DESC=		Allow geographically based ACL.
-GOSTDEF_DESC=		Enable GOST ciphers, needs SSL
-GOST_ASN1_DESC=		GOST using ASN.1
-GOST_DESC=		GOST raw keys (new default)
 GSSAPI_BASE_DESC=	Using Heimdal in base
 GSSAPI_HEIMDAL_DESC=	Using security/heimdal
 GSSAPI_MIT_DESC=	Using security/krb5
@@ -150,10 +144,6 @@ FIXED_RRSET_CONFIGURE_ENABLE=	fixed-rrset
 GEOIP_CONFIGURE_WITH=	geoip
 GEOIP_LIB_DEPENDS=	libGeoIP.so:net/GeoIP
 
-GOST_ASN1_CONFIGURE_ON=	--with-gost=asn1
-
-GOST_CONFIGURE_ON=	--with-gost
-
 GSSAPI_BASE_CONFIGURE_ON=\
 	--with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}"
 GSSAPI_BASE_USES=	gssapi
@@ -220,14 +210,16 @@ TUNING_LARGE_CONFIGURE_OFF=	--with-tuning=default
 
 .include <bsd.port.pre.mk>
 
-.if !${PORT_OPTIONS:MGOST} && !${PORT_OPTIONS:MGOST_ASN1}
-CONFIGURE_ARGS+=	--without-gost
+.if defined(WITH_DEBUG)
+CONFIGURE_ARGS+=	--enable-symtable
+.else
+CONFIGURE_ARGS+=	--disable-symtable
 .endif
 
-.if ( ${PORT_OPTIONS:MGOST} || ${PORT_OPTIONS:MGOST_ASN1} ) && ${SSL_DEFAULT} == base
-BROKEN=	OpenSSL from the base system does not support GOST, add \
-	DEFAULT_VERSIONS+=ssl=openssl to your /etc/make.conf and rebuild everything \
-	that needs SSL.
+.if ${SSL_DEFAULT} == base
+SUB_LIST+=	ENGINES=/usr/lib/engines
+.else
+SUB_LIST+=	ENGINES=${LOCALBASE}/lib/engines
 .endif
 
 post-patch:

Modified: branches/2018Q4/dns/bind912/distinfo
==============================================================================
--- branches/2018Q4/dns/bind912/distinfo	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind912/distinfo	Fri Dec 21 08:29:43 2018	(r487960)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1537447540
-SHA256 (bind-9.12.2-P2.tar.gz) = 87027826e98bab90ead31f45ce7653cb3116ebe64ab8202a08b6b64531df693e
-SIZE (bind-9.12.2-P2.tar.gz) = 9422128
+TIMESTAMP = 1544687855
+SHA256 (bind-9.12.3-P1.tar.gz) = 6cb79389d787368af27f01c65a9fa09be1fd062eda37c94819a1a0178d5ded73
+SIZE (bind-9.12.3-P1.tar.gz) = 8625693

Modified: branches/2018Q4/dns/bind912/files/extrapatch-bind-min-override-ttl
==============================================================================
--- branches/2018Q4/dns/bind912/files/extrapatch-bind-min-override-ttl	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind912/files/extrapatch-bind-min-override-ttl	Fri Dec 21 08:29:43 2018	(r487960)
@@ -1,6 +1,6 @@
---- bin/named/config.c.orig	2018-07-03 07:08:14 UTC
+--- bin/named/config.c.orig	2018-10-06 05:51:22 UTC
 +++ bin/named/config.c
-@@ -182,12 +182,14 @@ options {\n\
+@@ -183,12 +183,14 @@ options {\n\
  	max-recursion-queries 75;\n\
  	max-stale-ttl 604800; /* 1 week */\n\
  	message-compression yes;\n\
@@ -15,9 +15,9 @@
  	provide-ixfr true;\n\
  	query-source address *;\n\
  	query-source-v6 address *;\n\
---- bin/named/server.c.orig	2018-07-03 07:08:14 UTC
+--- bin/named/server.c.orig	2018-10-06 05:51:22 UTC
 +++ bin/named/server.c
-@@ -4072,6 +4072,16 @@ configure_view(dns_view_t *view, dns_vie
+@@ -4075,6 +4075,16 @@ configure_view(dns_view_t *view, dns_vie
  	}
  
  	obj = NULL;
@@ -34,20 +34,20 @@
  	result = named_config_get(maps, "max-cache-ttl", &obj);
  	INSIST(result == ISC_R_SUCCESS);
  	view->maxcachettl = cfg_obj_asuint32(obj);
---- lib/dns/include/dns/view.h.orig	2018-07-03 07:08:14 UTC
+--- lib/dns/include/dns/view.h.orig	2018-10-06 05:51:22 UTC
 +++ lib/dns/include/dns/view.h
-@@ -149,6 +149,8 @@ struct dns_view {
- 	isc_boolean_t			requestnsid;
- 	isc_boolean_t			sendcookie;
+@@ -151,6 +151,8 @@ struct dns_view {
+ 	bool			requestnsid;
+ 	bool			sendcookie;
  	dns_ttl_t			maxcachettl;
 +	dns_ttl_t			mincachettl;
 +	dns_ttl_t			overridecachettl;
  	dns_ttl_t			maxncachettl;
- 	isc_uint32_t			nta_lifetime;
- 	isc_uint32_t			nta_recheck;
---- lib/dns/resolver.c.orig	2018-07-03 07:08:14 UTC
+ 	uint32_t			nta_lifetime;
+ 	uint32_t			nta_recheck;
+--- lib/dns/resolver.c.orig	2018-10-06 05:51:22 UTC
 +++ lib/dns/resolver.c
-@@ -5756,6 +5756,18 @@ cache_name(fetchctx_t *fctx, dns_name_t 
+@@ -5757,6 +5757,18 @@ cache_name(fetchctx_t *fctx, dns_name_t 
  		}
  
  		/*
@@ -66,9 +66,9 @@
  		 * Enforce the configure maximum cache TTL.
  		 */
  		if (rdataset->ttl > res->view->maxcachettl) {
---- lib/isccfg/namedconf.c.orig	2018-07-03 07:08:14 UTC
+--- lib/isccfg/namedconf.c.orig	2018-10-06 05:51:22 UTC
 +++ lib/isccfg/namedconf.c
-@@ -1914,6 +1914,8 @@ view_clauses[] = {
+@@ -1917,6 +1917,8 @@ view_clauses[] = {
  	{ "max-acache-size", &cfg_type_sizenodefault,
  	  CFG_CLAUSEFLAG_OBSOLETE },
  	{ "max-cache-size", &cfg_type_sizeorpercent, 0 },

Modified: branches/2018Q4/dns/bind912/files/named.in
==============================================================================
--- branches/2018Q4/dns/bind912/files/named.in	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind912/files/named.in	Fri Dec 21 08:29:43 2018	(r487960)
@@ -62,7 +62,7 @@ required_dirs="${named_chrootdir}"
 _named_confdirroot="${named_conf%/*}"
 _named_confdir="${named_chrootdir}${_named_confdirroot}"
 _named_program_root="${named_program%/sbin/named}"
-_openssl_engines="%%LOCALBASE%%/lib/engines"
+_openssl_engines="%%ENGINES%%"
 
 # Needed if named.conf and rndc.conf are moved or if rndc.conf is used
 rndc_conf=${rndc_conf:-"$_named_confdir/rndc.conf"}
@@ -143,19 +143,16 @@ chroot_autoupdate()
 		fi
 	fi
 
-	# If OpenSSL from ports, then the engines should be present in the
-	# chroot, named loads them after chrooting.
+	# The OpenSSL engines should be present in the chroot, named loads them
+	# after chrooting.
 	if [ -d ${_openssl_engines} ]; then
-		# FIXME when 8.4 is gone see if
-		# security.jail.param.allow.mount.nullfs can be used.
-		if [ `${SYSCTL_N} security.jail.jailed` -eq 0 -o `${SYSCTL_N} security.jail.mount_allowed` -eq 1 ]; then
-			mkdir -p ${named_chrootdir}${_openssl_engines}
+		mkdir -p ${named_chrootdir}${_openssl_engines}
+		if can_mount nullfs ; then
 			mount -t nullfs ${_openssl_engines} ${named_chrootdir}${_openssl_engines}
 		else
 			warn "named chroot: cannot nullfs mount OpenSSL" \
 				"engines into the chroot, will copy the shared" \
 				"libraries instead."
-			mkdir -p ${named_chrootdir}${_openssl_engines}
 			cp -f ${_openssl_engines}/*.so ${named_chrootdir}${_openssl_engines}
 		fi
 	fi
@@ -241,20 +238,39 @@ named_stop()
 
 named_poststop()
 {
-	if [ -n "${named_chrootdir}" -a -c ${named_chrootdir}/dev/null ]; then
+	if [ -n "${named_chrootdir}" ]; then
 		# if using OpenSSL from ports, unmount OpenSSL engines, if they
 		# were not mounted but only copied, do nothing.
-		if [ -d ${_openssl_engines} -a \( `${SYSCTL_N} security.jail.jailed` -eq 0 -o `${SYSCTL_N} security.jail.mount_allowed` -eq 1 \) ]; then
-		  umount ${named_chrootdir}${_openssl_engines}
+		if [ -d ${_openssl_engines} ]; then
+			if can_mount nullfs; then
+				umount ${named_chrootdir}${_openssl_engines}
+			fi
 		fi
-		# unmount /dev
-		if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
-			umount ${named_chrootdir}/dev 2>/dev/null || true
-		else
-			warn "named chroot:" \
-			    "cannot unmount devfs from inside jail!"
+		if [ -c ${named_chrootdir}/dev/null ]; then
+			# unmount /dev
+			if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
+				umount ${named_chrootdir}/dev 2>/dev/null || true
+			else
+				warn "named chroot:" \
+					"cannot unmount devfs from inside jail!"
+			fi
 		fi
 	fi
+}
+
+can_mount()
+{
+	local kld
+	kld=$1
+	if ! load_kld $kld; then
+		return 1
+	fi
+	if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ] ||
+		[ `${SYSCTL_N} security.jail.mount_allowed` -eq 1 ] ||
+		[ `${SYSCTL_N} security.jail.mount_${kld}_allowed` -eq 1 ] ; then
+		return 0
+	fi
+	return 1
 }
 
 create_file()

Modified: branches/2018Q4/dns/bind912/files/patch-bin_named_include_named_globals.h
==============================================================================
--- branches/2018Q4/dns/bind912/files/patch-bin_named_include_named_globals.h	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind912/files/patch-bin_named_include_named_globals.h	Fri Dec 21 08:29:43 2018	(r487960)
@@ -1,8 +1,8 @@
 We reference the pid file as being run/named/pid everywere else.
 
---- bin/named/include/named/globals.h.orig	2018-06-10 06:06:19 UTC
+--- bin/named/include/named/globals.h.orig	2018-10-06 05:51:22 UTC
 +++ bin/named/include/named/globals.h
-@@ -128,7 +128,7 @@ EXTERN isc_boolean_t		named_g_forcelock	
+@@ -129,7 +129,7 @@ EXTERN bool		named_g_forcelock	INIT(fals
  #if NAMED_RUN_PID_DIR
  EXTERN const char *		named_g_defaultpidfile 	INIT(NAMED_LOCALSTATEDIR
  							     "/run/named/"

Modified: branches/2018Q4/dns/bind912/files/patch-configure
==============================================================================
--- branches/2018Q4/dns/bind912/files/patch-configure	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind912/files/patch-configure	Fri Dec 21 08:29:43 2018	(r487960)
@@ -1,6 +1,6 @@
---- configure.orig	2018-06-10 06:06:19 UTC
+--- configure.orig	2018-10-06 05:51:22 UTC
 +++ configure
-@@ -14939,27 +14939,9 @@ done
+@@ -15085,27 +15085,9 @@ done
  		# problems start to show up.
  		saved_libs="$LIBS"
  		for TRY_LIBS in \
@@ -30,7 +30,7 @@
  		    { $as_echo "$as_me:${as_lineno-$LINENO}: checking linking as $TRY_LIBS" >&5
  $as_echo_n "checking linking as $TRY_LIBS... " >&6; }
  		    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-@@ -15002,47 +14984,7 @@ $as_echo "no" >&6; } ;;
+@@ -15148,47 +15130,7 @@ $as_echo "no" >&6; } ;;
  		no) as_fn_error $? "could not determine proper GSSAPI linkage" "$LINENO" 5 ;;
  		esac
  
@@ -79,7 +79,7 @@
  		DNS_GSSAPI_LIBS="$LIBS"
  
  		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using GSSAPI from $use_gssapi/lib and $use_gssapi/include" >&5
-@@ -23790,7 +23732,7 @@ $as_echo "" >&6; }
+@@ -23886,7 +23828,7 @@ $as_echo "" >&6; }
  			# Check other locations for includes.
  			# Order is important (sigh).
  

Modified: branches/2018Q4/dns/bind913/Makefile
==============================================================================
--- branches/2018Q4/dns/bind913/Makefile	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind913/Makefile	Fri Dec 21 08:29:43 2018	(r487960)
@@ -31,9 +31,9 @@ LICENSE_FILE=	${WRKSRC}/COPYRIGHT
 
 LIB_DEPENDS=	libxml2.so:textproc/libxml2
 
-USES=	cpe libedit ssl
+USES=	compiler:c11 cpe libedit ssl
 # ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION=	9.13.3
+ISCVERSION=	9.13.5
 
 CPE_VENDOR=	isc
 CPE_VERSION=	${ISCVERSION:C/-.*//}
@@ -43,7 +43,6 @@ CPE_UPDATE=	${ISCVERSION:C/.*-//:tl}
 
 GNU_CONFIGURE=	yes
 CONFIGURE_ARGS=	--localstatedir=/var --disable-linux-caps \
-		--disable-symtable \
 		--with-libxml2=${LOCALBASE} \
 		--with-readline="-L${LOCALBASE}/lib -ledit" \
 		--with-dlopen=yes \
@@ -198,6 +197,18 @@ TUNING_LARGE_CONFIGURE_ON=	--with-tuning=large
 TUNING_LARGE_CONFIGURE_OFF=	--with-tuning=default
 
 .include <bsd.port.pre.mk>
+
+.if defined(WITH_DEBUG)
+CONFIGURE_ARGS+=	--enable-symtable
+.else
+CONFIGURE_ARGS+=	--disable-symtable
+.endif
+
+.if ${SSL_DEFAULT} == base
+SUB_LIST+=	ENGINES=/usr/lib/engines
+.else
+SUB_LIST+=	ENGINES=${LOCALBASE}/lib/engines
+.endif
 
 post-patch:
 .if defined(BIND_TOOLS_SLAVE)

Modified: branches/2018Q4/dns/bind913/distinfo
==============================================================================
--- branches/2018Q4/dns/bind913/distinfo	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind913/distinfo	Fri Dec 21 08:29:43 2018	(r487960)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1537447591
-SHA256 (bind-9.13.3.tar.gz) = 76674cf2a3e61766aed5c7fd1ee6ed3da133a9e331b35b24f40efdf1bbac5b44
-SIZE (bind-9.13.3.tar.gz) = 7805551
+TIMESTAMP = 1544687807
+SHA256 (bind-9.13.5.tar.gz) = bbde0b81c66a7c7f5b074c8f0e714ed8aa235e4b930e28953cab0ae3cae94e4b
+SIZE (bind-9.13.5.tar.gz) = 6309308

Modified: branches/2018Q4/dns/bind913/files/extrapatch-bind-min-override-ttl
==============================================================================
--- branches/2018Q4/dns/bind913/files/extrapatch-bind-min-override-ttl	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind913/files/extrapatch-bind-min-override-ttl	Fri Dec 21 08:29:43 2018	(r487960)
@@ -1,13 +1,6 @@
---- bin/named/config.c.orig	2018-09-06 00:15:26 UTC
+--- bin/named/config.c.orig	2018-12-07 18:44:21 UTC
 +++ bin/named/config.c
-@@ -174,12 +174,14 @@ options {\n\
- 	max-recursion-queries 75;\n\
- 	max-stale-ttl 604800; /* 1 week */\n\
- 	message-compression yes;\n\
-+	min-cache-ttl 0; /* no minimal, zero is allowed */\n\
- #	min-roots <obsolete>;\n\
- 	minimal-any false;\n\
- 	minimal-responses no-auth-recursive;\n\
+@@ -179,6 +179,7 @@ options {\n\
  	notify-source *;\n\
  	notify-source-v6 *;\n\
  	nsec3-test-zone no;\n\
@@ -15,9 +8,9 @@
  	provide-ixfr true;\n\
  	qname-minimization relaxed;\n\
  	query-source address *;\n\
---- bin/named/server.c.orig	2018-09-06 00:15:26 UTC
+--- bin/named/server.c.orig	2018-12-07 18:44:21 UTC
 +++ bin/named/server.c
-@@ -4074,6 +4074,16 @@ configure_view(dns_view_t *view, dns_vie
+@@ -4154,6 +4154,11 @@ configure_view(dns_view_t *view, dns_vie
  	}
  
  	obj = NULL;
@@ -26,28 +19,22 @@
 +	view->overridecachettl = cfg_obj_asuint32(obj);
 +
 +	obj = NULL;
-+	result = named_config_get(maps, "min-cache-ttl", &obj);
-+	INSIST(result == ISC_R_SUCCESS);
-+	view->mincachettl = cfg_obj_asuint32(obj);
-+
-+	obj = NULL;
  	result = named_config_get(maps, "max-cache-ttl", &obj);
  	INSIST(result == ISC_R_SUCCESS);
  	view->maxcachettl = cfg_obj_asuint32(obj);
---- lib/dns/include/dns/view.h.orig	2018-09-06 00:15:26 UTC
+--- lib/dns/include/dns/view.h.orig	2018-12-07 18:44:21 UTC
 +++ lib/dns/include/dns/view.h
-@@ -153,6 +153,8 @@ struct dns_view {
+@@ -153,6 +153,7 @@ struct dns_view {
  	bool			requestnsid;
  	bool			sendcookie;
  	dns_ttl_t			maxcachettl;
-+	dns_ttl_t			mincachettl;
 +	dns_ttl_t			overridecachettl;
  	dns_ttl_t			maxncachettl;
- 	uint32_t			nta_lifetime;
- 	uint32_t			nta_recheck;
---- lib/dns/resolver.c.orig	2018-09-06 00:15:26 UTC
+ 	dns_ttl_t			mincachettl;
+ 	dns_ttl_t			minncachettl;
+--- lib/dns/resolver.c.orig	2018-12-07 18:44:21 UTC
 +++ lib/dns/resolver.c
-@@ -5758,6 +5758,18 @@ cache_name(fetchctx_t *fctx, dns_name_t 
+@@ -5967,6 +5967,12 @@ cache_name(fetchctx_t *fctx, dns_name_t 
  		}
  
  		/*
@@ -57,23 +44,16 @@
 +                        rdataset->ttl = res->view->overridecachettl;
 +
 +		/*
-+		 * Enforce the configure minimum cache TTL.
-+		 */
-+                if (rdataset->ttl < res->view->mincachettl)
-+                        rdataset->ttl = res->view->mincachettl;
-+
-+		/*
  		 * Enforce the configure maximum cache TTL.
  		 */
  		if (rdataset->ttl > res->view->maxcachettl) {
---- lib/isccfg/namedconf.c.orig	2018-09-06 00:15:26 UTC
+--- lib/isccfg/namedconf.c.orig	2018-12-07 18:44:21 UTC
 +++ lib/isccfg/namedconf.c
-@@ -1919,6 +1919,8 @@ view_clauses[] = {
+@@ -1900,6 +1900,7 @@ view_clauses[] = {
  	{ "max-acache-size", &cfg_type_sizenodefault,
  	  CFG_CLAUSEFLAG_OBSOLETE },
  	{ "max-cache-size", &cfg_type_sizeorpercent, 0 },
 +	{ "override-cache-ttl", &cfg_type_ttlval, 0 },
-+	{ "min-cache-ttl", &cfg_type_ttlval, 0 },
  	{ "max-cache-ttl", &cfg_type_ttlval, 0 },
  	{ "max-clients-per-query", &cfg_type_uint32, 0 },
  	{ "max-ncache-ttl", &cfg_type_ttlval, 0 },

Modified: branches/2018Q4/dns/bind913/files/named.in
==============================================================================
--- branches/2018Q4/dns/bind913/files/named.in	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind913/files/named.in	Fri Dec 21 08:29:43 2018	(r487960)
@@ -62,7 +62,7 @@ required_dirs="${named_chrootdir}"
 _named_confdirroot="${named_conf%/*}"
 _named_confdir="${named_chrootdir}${_named_confdirroot}"
 _named_program_root="${named_program%/sbin/named}"
-_openssl_engines="%%LOCALBASE%%/lib/engines"
+_openssl_engines="%%ENGINES%%"
 
 # Needed if named.conf and rndc.conf are moved or if rndc.conf is used
 rndc_conf=${rndc_conf:-"$_named_confdir/rndc.conf"}
@@ -143,19 +143,16 @@ chroot_autoupdate()
 		fi
 	fi
 
-	# If OpenSSL from ports, then the engines should be present in the
-	# chroot, named loads them after chrooting.
+	# The OpenSSL engines should be present in the chroot, named loads them
+	# after chrooting.
 	if [ -d ${_openssl_engines} ]; then
-		# FIXME when 8.4 is gone see if
-		# security.jail.param.allow.mount.nullfs can be used.
-		if [ `${SYSCTL_N} security.jail.jailed` -eq 0 -o `${SYSCTL_N} security.jail.mount_allowed` -eq 1 ]; then
-			mkdir -p ${named_chrootdir}${_openssl_engines}
+		mkdir -p ${named_chrootdir}${_openssl_engines}
+		if can_mount nullfs ; then
 			mount -t nullfs ${_openssl_engines} ${named_chrootdir}${_openssl_engines}
 		else
 			warn "named chroot: cannot nullfs mount OpenSSL" \
 				"engines into the chroot, will copy the shared" \
 				"libraries instead."
-			mkdir -p ${named_chrootdir}${_openssl_engines}
 			cp -f ${_openssl_engines}/*.so ${named_chrootdir}${_openssl_engines}
 		fi
 	fi
@@ -241,20 +238,39 @@ named_stop()
 
 named_poststop()
 {
-	if [ -n "${named_chrootdir}" -a -c ${named_chrootdir}/dev/null ]; then
+	if [ -n "${named_chrootdir}" ]; then
 		# if using OpenSSL from ports, unmount OpenSSL engines, if they
 		# were not mounted but only copied, do nothing.
-		if [ -d ${_openssl_engines} -a \( `${SYSCTL_N} security.jail.jailed` -eq 0 -o `${SYSCTL_N} security.jail.mount_allowed` -eq 1 \) ]; then
-		  umount ${named_chrootdir}${_openssl_engines}
+		if [ -d ${_openssl_engines} ]; then
+			if can_mount nullfs; then
+				umount ${named_chrootdir}${_openssl_engines}
+			fi
 		fi
-		# unmount /dev
-		if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
-			umount ${named_chrootdir}/dev 2>/dev/null || true
-		else
-			warn "named chroot:" \
-			    "cannot unmount devfs from inside jail!"
+		if [ -c ${named_chrootdir}/dev/null ]; then
+			# unmount /dev
+			if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ]; then
+				umount ${named_chrootdir}/dev 2>/dev/null || true
+			else
+				warn "named chroot:" \
+					"cannot unmount devfs from inside jail!"
+			fi
 		fi
 	fi
+}
+
+can_mount()
+{
+	local kld
+	kld=$1
+	if ! load_kld $kld; then
+		return 1
+	fi
+	if [ `${SYSCTL_N} security.jail.jailed` -eq 0 ] ||
+		[ `${SYSCTL_N} security.jail.mount_allowed` -eq 1 ] ||
+		[ `${SYSCTL_N} security.jail.mount_${kld}_allowed` -eq 1 ] ; then
+		return 0
+	fi
+	return 1
 }
 
 create_file()

Modified: branches/2018Q4/dns/bind913/files/patch-configure
==============================================================================
--- branches/2018Q4/dns/bind913/files/patch-configure	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind913/files/patch-configure	Fri Dec 21 08:29:43 2018	(r487960)
@@ -1,6 +1,6 @@
---- configure.orig	2018-09-06 00:15:26 UTC
+--- configure.orig	2018-12-07 18:44:21 UTC
 +++ configure
-@@ -16468,27 +16468,9 @@ done
+@@ -16296,27 +16296,9 @@ done
  		# problems start to show up.
  		saved_libs="$LIBS"
  		for TRY_LIBS in \
@@ -30,7 +30,7 @@
  		    { $as_echo "$as_me:${as_lineno-$LINENO}: checking linking as $TRY_LIBS" >&5
  $as_echo_n "checking linking as $TRY_LIBS... " >&6; }
  		    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-@@ -16531,47 +16513,7 @@ $as_echo "no" >&6; } ;;
+@@ -16359,47 +16341,7 @@ $as_echo "no" >&6; } ;;
  		no) as_fn_error $? "could not determine proper GSSAPI linkage" "$LINENO" 5 ;;
  		esac
  
@@ -79,7 +79,7 @@
  		DNS_GSSAPI_LIBS="$LIBS"
  
  		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using GSSAPI from $use_gssapi/lib and $use_gssapi/include" >&5
-@@ -21337,7 +21279,7 @@ $as_echo "" >&6; }
+@@ -20933,7 +20875,7 @@ $as_echo "" >&6; }
  			# Check other locations for includes.
  			# Order is important (sigh).
  

Modified: branches/2018Q4/dns/bind913/pkg-plist
==============================================================================
--- branches/2018Q4/dns/bind913/pkg-plist	Fri Dec 21 08:26:12 2018	(r487959)
+++ branches/2018Q4/dns/bind913/pkg-plist	Fri Dec 21 08:29:43 2018	(r487960)
@@ -160,8 +160,7 @@ include/isc/fuzz.h
 include/isc/hash.h
 include/isc/heap.h
 include/isc/hex.h
-include/isc/hmacmd5.h
-include/isc/hmacsha.h
+include/isc/hmac.h
 include/isc/ht.h
 include/isc/httpd.h
 include/isc/interfaceiter.h
@@ -175,7 +174,7 @@ include/isc/likely.h
 include/isc/list.h
 include/isc/log.h
 include/isc/magic.h
-include/isc/md5.h
+include/isc/md.h
 include/isc/mem.h
 include/isc/meminfo.h
 include/isc/msgcat.h
@@ -209,12 +208,11 @@ include/isc/resultclass.h
 include/isc/rwlock.h
 include/isc/safe.h
 include/isc/serial.h
-include/isc/sha1.h
-include/isc/sha2.h
 include/isc/sockaddr.h
 include/isc/socket.h
 include/isc/stat.h
 include/isc/stats.h
+include/isc/stdatomic.h
 include/isc/stdio.h
 include/isc/stdtime.h
 include/isc/strerr.h
@@ -252,6 +250,7 @@ include/isccfg/log.h
 include/isccfg/namedconf.h
 include/isccfg/version.h
 include/ns/client.h
+include/ns/hooks.h
 include/ns/interfacemgr.h
 include/ns/lib.h
 include/ns/listenlist.h
@@ -275,6 +274,7 @@ include/pkcs11/eddsa.h
 include/pkcs11/pkcs11.h
 include/pkcs11/pkcs11f.h
 include/pkcs11/pkcs11t.h
+lib/filter-aaaa.so
 lib/libbind9.a
 lib/libdns.a
 lib/libirs.a
@@ -308,6 +308,7 @@ man/man8/dnssec-revoke.8.gz
 man/man8/dnssec-settime.8.gz
 man/man8/dnssec-signzone.8.gz
 man/man8/dnssec-verify.8.gz
+man/man8/filter-aaaa.8.gz
 man/man8/named-checkconf.8.gz
 man/man8/named-checkzone.8.gz
 man/man8/named-compilezone.8.gz



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201812210829.wBL8ThXD021762>