From owner-freebsd-ports-bugs@freebsd.org Wed Mar 18 12:01:08 2020 Return-Path: Delivered-To: freebsd-ports-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 53AE325DDAF for ; Wed, 18 Mar 2020 12:01:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 48j7sw19WLz4GGV for ; Wed, 18 Mar 2020 12:01:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 2550B25DDAD; Wed, 18 Mar 2020 12:01:08 +0000 (UTC) Delivered-To: ports-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 24C0B25DDAC for ; Wed, 18 Mar 2020 12:01:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48j7sv70qdz4GGS for ; Wed, 18 Mar 2020 12:01:07 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E9F1F219E6 for ; Wed, 18 Mar 2020 12:01:07 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 02IC17IH052852 for ; Wed, 18 Mar 2020 12:01:07 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 02IC17rE052851 for ports-bugs@FreeBSD.org; Wed, 18 Mar 2020 12:01:07 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 244886] [MAINTAINER] dns/nsd Upgrade to version 4.3.0 Date: Wed, 18 Mar 2020 12:01:07 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: jaap@NLnetLabs.nl X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter flagtypes.name attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Mar 2020 12:01:08 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D244886 Bug ID: 244886 Summary: [MAINTAINER] dns/nsd Upgrade to version 4.3.0 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: ports-bugs@FreeBSD.org Reporter: jaap@NLnetLabs.nl Attachment #212494 maintainer-approval+ Flags: Created attachment 212494 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D212494&action= =3Dedit Patch to upgrade This port incorporates also the proposed bug fix at bug #242367 Major changes: This release adds cpu affinity. By pinning a server process to a specific cpu, having a separate network card also for that cpu, and an interface address also for that server process, the throughput is increased. This increases performance of the nameserver. Sparse TSIG signing support is removed, to comply with the latest tsig standard update draft. There is a feature to drop update queries, with opcode UPDATE, with nsd.conf option drop-updates. 4.3.0 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D FEATURES: - Fix to use getrandom() for randomness, if available. - Fix #56: Drop sparse TSIG signing support in NSD. Sign every axfr packet with TSIG, according to the latest draft-ietf-dnsop-rfc2845bis-06, Section 5.3.1. - Merge pull request #59 from buddyns: add FreeBSD support for conf key ip-transparent. - Add feature to pin server processes to specific cpus. - Add feature to pin IP addresses to selected server processes. - Set process title to identify individual processes. - Merge PR#22: minimise-any: prefer polular and not large RRset, from Daisuke Higashi. - Add support for SO_BINDTODEVICE on Linux. - Add support for SO_SETFIB on FreeBSD. - Add feature to drop queries with opcode UPDATE. BUG FIXES: - Fix fname null check of fname in namedb_read_zonefile. - Fix implicit cast of size in udb_radnode_array_grow. - Fix ignore of return value of ssl_printf in remote.c. - Fix unused check of fd in parent_handle_reload_command. - Attempt to fix signedness of nscount lookup in ixfr query_process. - Fix identical branches for ssl_print of errors in remote.c. - Fix type cast bounds, signedness of opt_rdlen in edns_parse_record. - Fix to separate header and data lines in parse_zone_list_file. - Fix to define max number of EDNS records we are willing to spend time on. - Fix size of string len and capacity type cast in udbradtree. - Fix to protect rrcount in tsig_find_rr from overflow. - Annotate radix_find_prefix_node not reachable trail code. - Fix to protect rrcount in packet_find_notify_serial from overflow. - Fix to close socket on error in create_tcp_accept_sock. - Fix to log on failure to chmod for socket for remote control. - Fix to remove unneeded if in open of socket for remote control. - Fix to restore input parameter on call failure in create_dirs. - Please checker by terminating and initialising string read by remote control. - Fix to define upper bounds on rr counts read from untrusted packet data. - Separate acl_addr_match_range functions for ip4 and ip6, to please checkers. - Avoid unused variable warning in new match_range_v4 function. - Fix whitespace in nsd.conf.sample.in, patch from Paul Wouters. - use-systemd is ignored in nsd.conf, when NSD is compiled with libsystemd it always signals readiness, if possible. - Note that use-systemd is not necessary and ignored in man page. - Fix unreachable code in ssl set options code. - Fix bad shift in assertion code analyzer complaint. - Fix responses for IXFR so that the authority section is not echoed in the response. - Merge PR#60: Minor portability fixes from michaelforney, with avoid pointer arithmetic on void* and avoid unnecessary VLA. - Fix that the retry wait does not exceed one day for zone transfers. CHANGES: - Set FD_CLOEXEC on opened sockets. --=20 You are receiving this mail because: You are the assignee for the bug.=