From owner-freebsd-ports-bugs@freebsd.org Wed Sep 28 12:24:35 2016 Return-Path: Delivered-To: freebsd-ports-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D55FDBEC46D for ; Wed, 28 Sep 2016 12:24:35 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C468E1163 for ; Wed, 28 Sep 2016 12:24:35 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id u8SCOYYN051959 for ; Wed, 28 Sep 2016 12:24:35 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 213043] [MAINTAINER] dns/unbound update to 1.5.10 Date: Wed, 28 Sep 2016 12:24:34 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: jaap@NLnetLabs.nl X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-ports-bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Sep 2016 12:24:35 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D213043 Bug ID: 213043 Summary: [MAINTAINER] dns/unbound update to 1.5.10 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: jaap@NLnetLabs.nl Created attachment 175225 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D175225&action= =3Dedit patch to update In this release there is a fix for long downtime after connectivity loss, which was a longstanding unsolved issue. Features for tcp, TCP Fast Open and timeout pressure to close connections when the tcp connections are getting full. Option to use ipv6 /64 for extra entropy. Features - Create a pkg-config file for libunbound in contrib. - TCP Fast open patch from Sara Dickinson. - Finegrained localzone control with define-tag, access-control-tag, access-control-tag-action, access-control-tag-data, local-zone-tag, and local-zone-override. And added types always_transparent, always_refuse, always_nxdomain with that. - If more than half of tcp connections are in use, a shorter timeout is used (200 msec, vs 2 minutes) to pressure tcp for new connects. - [bugzilla: 787 ] Fix #787: outgoing-interface netblock/64 ipv6 option to use linux freebind to use 64bits of entropy for every query with random local part. - For #787: prefer-ip6 option for unbound.conf prefers to send upstream queries to ipv6 servers. - Add default root hints for IPv6 E.ROOT-SERVERS.NET, 2001:500:a8::e. - keep debug symbols in windows build. Bug Fixes - [bugzilla: 778 ] Fix unbound 1.5.9: -h segfault (null deref). - Fix unbound-anchor.exe file location defaults to Program Files with (x86) appended. - Fix to not ignore return value of chown() in daemon startup. - Better help text from -h (from Ray Griffith). - [bugzilla: 773 ] Fix Non-standard Python location build failure with pyunbound. - Improve threadsafety for openssl 0.9.8 ecdsa dnssec signatures. - Revert fix for NetworkService account on windows due to breakage it cause= s. - Fix that windows install will not overwrite existing service.conf file (and ignore gui config choices if it exists). - And delete service.conf.shipped on uninstall. - In unbound.conf directory: dir immediately changes to that directory, so that include: file below that is relative to that directory. With chroot, make the directory an absolute path inside chroot - do not delete service.conf on windows uninstall. - document directory immediate fix and allow EXECUTABLE syntax in it on windows. - Fix directory: fix for unbound-checkconf, it restores cwd. - Use QTYPE=3DA for QNAME minimisation. - Keep track of number of time-outs when performing QNAME minimisation. Stop minimising when number of time-outs for a QNAME/QTYPE pair is more than three. - [bugzilla: 775 ] Fix unbound-host and unbound-anchor crash on windows, ignore null delete for wsaevent. - Fix spelling in freebind option man page text. - Fix windows link of ssl with crypt32. - [bugzilla: 779 ] Fix Union casting is non-portable. - [bugzilla: 780 ] Fix MAP_ANON not defined in HP-UX 11.31. - [bugzilla: 781 ] Fix prealloc() is an HP-UX system library call. - Decrease dp attempts at each QNAME minimisation iteration - [bugzilla: 784 ] Fix Build configure assumess that having getpwnam means there is endpwent function available. - Updated repository with newer flex and bison output. - Fix static compile on windows missing gdi32. - Fix dynamic link of anchor-update.exe on windows. - Fix detect of mingw for MXE package build. - Fixes for 64bit windows compile. - [bugzilla: 788 ] Fix for nettle 3.0: Failed to build with Nettle > 3.0 and --with-libunbound-only --with-nettle. - Fixed unbound.doxygen for 1.8.11. - [bugzilla: 798 ] Fix Client-side TCP fast open fails (Linux). - [bugzilla: 801 ] Fix missing error condition handling in daemon_create_workers(). - [bugzilla: 802 ] Fix workaround for function parameters that are "unused" without log_assert. - [bugzilla: 803 ] Fix confusing (and incorrect) code comment in daemon_cleanup(). - [bugzilla: 806 ] Fix wrong comment removed. - use sendmsg instead of sendto for TFO. - [bugzilla: 807 ] Fix workaround for possible some "unused" function parameters in test code, from Jinmei Tatuya. - Note that OPENPGPKEY type is RFC 7929. - [bugzilla: 804 ] Fix #804: unbound stops responding after outage. Fixes queries that attempt to wait for an empty list of subqueries. - Fix for #804: lower num_target_queries for iterator also for failed looku= ps. - [bugzilla: 820 ] Fix set sldns_str2wire_rr_buf() dual meaning len parameter in each iteration in find_tag_datas(). - [bugzilla: 777 ] Fix OpenSSL 1.1.0 compatibility, patch from Sebastian A. Siewior. - RFC 7958 is now out, updated docs for unbound-anchor. - Fix for compile without warnings with openssl 1.1.0. - [bugzilla: 826 ] Fix refuse_non_local could result in a broken response. - iana portlist update. - Fix compile with openssl 1.1.0 with api=3D1.1.0. - [bugzilla: 829 ] Fix doc of sldns_wire2str_rdata_buf() return value has an off-by-one typo, from Jinmei Tatuya (Infoblox). - Fix incomplete prototypes reported by Dag-Erling Sm=C3=B8rgrav. - [bugzilla: 828 ] Fix missing type in access-control-tag-action redirect results in NXDOMAIN. - Take configured minimum TTL into consideration when reducing TTL to original TTL from RRSIG. - [bugzilla: 831 ] Fix workaround for spurious fread_chk warning against petal.c - Silenced flex-generated sign-unsigned warning print with gcc diagnostic pragma. - Fix for new splint on FreeBSD. Fix cast for sockaddr_un.sun_len. - fix potential memory leak in daemon/remote.c and nullpointer dereference in validator/autotrust. - [bugzilla: 883 ] Fix error for duplicate local zone entry. - [bugzilla: 835 ] Fix --disable-dsa with nettle verify. --=20 You are receiving this mail because: You are the assignee for the bug.=