From owner-svn-ports-all@freebsd.org Wed Jul 29 14:36:22 2015 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9FE9A9AE196; Wed, 29 Jul 2015 14:36:22 +0000 (UTC) (envelope-from mat@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8462F83C; Wed, 29 Jul 2015 14:36:22 +0000 (UTC) (envelope-from mat@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6TEaM1w076124; Wed, 29 Jul 2015 14:36:22 GMT (envelope-from mat@FreeBSD.org) Received: (from mat@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6TEaLWq076117; Wed, 29 Jul 2015 14:36:21 GMT (envelope-from mat@FreeBSD.org) Message-Id: <201507291436.t6TEaLWq076117@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: mat set sender to mat@FreeBSD.org using -f From: Mathieu Arnold Date: Wed, 29 Jul 2015 14:36:21 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r393161 - in head/dns: bind910 bind910/files bind99 bind99/files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2015 14:36:22 -0000 Author: mat Date: Wed Jul 29 14:36:20 2015 New Revision: 393161 URL: https://svnweb.freebsd.org/changeset/ports/393161 Log: Add an option to enable the bind min override ttl patch. Requested by: Laurent Frigault Sponsored by: Absolight Added: head/dns/bind910/files/extrapatch-bind-min-override-ttl (contents, props changed) head/dns/bind99/files/extrapatch-bind-min-override-ttl (contents, props changed) Modified: head/dns/bind910/Makefile head/dns/bind99/Makefile Modified: head/dns/bind910/Makefile ============================================================================== --- head/dns/bind910/Makefile Wed Jul 29 14:34:10 2015 (r393160) +++ head/dns/bind910/Makefile Wed Jul 29 14:36:20 2015 (r393161) @@ -8,7 +8,7 @@ PORTVERSION= ${ISCVERSION:S/-P/P/} PORTREVISION= 0 .else # dns/bind910 here -PORTREVISION= 0 +PORTREVISION= 1 .endif CATEGORIES= dns net ipv6 MASTER_SITES= ISC/bind9/${ISCVERSION} @@ -58,7 +58,8 @@ OPTIONS_RADIO_GOSTDEF= GOST GOST_ASN1 .if !defined(BIND_TOOLS_SLAVE) OPTIONS_DEFAULT+= RRL -OPTIONS_DEFINE+= LINKS RPZ_NSIP RPZ_NSDNAME RRL DOCS NEWSTATS GEOIP +OPTIONS_DEFINE+= LINKS RPZ_NSIP RPZ_NSDNAME RRL DOCS NEWSTATS GEOIP \ + MINCACHE OPTIONS_GROUP= DLZ OPTIONS_GROUP_DLZ= DLZ_POSTGRESQL DLZ_MYSQL DLZ_BDB \ DLZ_LDAP DLZ_FILESYSTEM DLZ_STUB @@ -81,6 +82,7 @@ GOST_DESC= GOST raw keys (new default) GOST_ASN1_DESC= GOST using ASN.1 PYTHON_DESC= Build with Python utilities START_LATE_DESC= Start BIND late in the boot process +MINCACHE_DESC= Use the mincachettl patch LINKS_DESC= Create conf file symlinks in ${PREFIX} NEWSTATS_DESC= Enable alternate xml statistics channel format @@ -98,6 +100,7 @@ GSSAPI_BASE_DESC= Using Heimdal in base GSSAPI_HEIMDAL_DESC= Using security/heimdal GSSAPI_MIT_DESC= Using security/krb5 GSSAPI_NONE_DESC= Disable +MINCACHE_EXTRA_PATCHES= ${FILESDIR}/extrapatch-bind-min-override-ttl .if !defined(BIND_TOOLS_SLAVE) CONFLICTS+= bind-tools-9.* Added: head/dns/bind910/files/extrapatch-bind-min-override-ttl ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/dns/bind910/files/extrapatch-bind-min-override-ttl Wed Jul 29 14:36:20 2015 (r393161) @@ -0,0 +1,78 @@ +diff -Nabdur bind-9.6.0-P1.orig/bin/named/config.c bind-9.6.0-P1/bin/named/config.c +--- bin/named/config.c 2009-05-22 12:24:49.000000000 +0400 ++++ bin/named/config.c 2009-05-22 12:31:35.000000000 +0400 +@@ -129,6 +129,8 @@ + min-roots 2;\n\ + lame-ttl 600;\n\ + max-ncache-ttl 10800; /* 3 hours */\n\ ++ override-cache-ttl 0; /* do not override */\n\ ++ min-cache-ttl 0; /* no minimal, zero is allowed */\n\ + max-cache-ttl 604800; /* 1 week */\n\ + transfer-format many-answers;\n\ + max-cache-size 0;\n\ +diff -Nabdur bind-9.6.0-P1.orig/bin/named/server.c bind-9.6.0-P1/bin/named/server.c +--- bin/named/server.c 2009-05-22 12:24:49.000000000 +0400 ++++ bin/named/server.c 2009-05-22 12:32:18.000000000 +0400 +@@ -1727,6 +1727,16 @@ + CHECK(mustbesecure(obj, view->resolver)); + + obj = NULL; ++ result = ns_config_get(maps, "override-cache-ttl", &obj); ++ INSIST(result == ISC_R_SUCCESS); ++ view->overridecachettl = cfg_obj_asuint32(obj); ++ ++ obj = NULL; ++ result = ns_config_get(maps, "min-cache-ttl", &obj); ++ INSIST(result == ISC_R_SUCCESS); ++ view->mincachettl = cfg_obj_asuint32(obj); ++ ++ obj = NULL; + result = ns_config_get(maps, "max-cache-ttl", &obj); + INSIST(result == ISC_R_SUCCESS); + view->maxcachettl = cfg_obj_asuint32(obj); +diff -Nabdur bind-9.6.0-P1.orig/lib/dns/include/dns/view.h bind-9.6.0-P1/lib/dns/include/dns/view.h +--- lib/dns/include/dns/view.h 2009-05-22 12:24:49.000000000 +0400 ++++ lib/dns/include/dns/view.h 2009-05-22 12:29:03.000000000 +0400 +@@ -131,6 +131,8 @@ + isc_boolean_t provideixfr; + isc_boolean_t requestnsid; + dns_ttl_t maxcachettl; ++ dns_ttl_t mincachettl; ++ dns_ttl_t overridecachettl; + dns_ttl_t maxncachettl; + in_port_t dstport; + dns_aclenv_t aclenv; +diff -Nabdur bind-9.6.0-P1.orig/lib/dns/resolver.c bind-9.6.0-P1/lib/dns/resolver.c +--- lib/dns/resolver.c 2009-05-22 12:24:49.000000000 +0400 ++++ lib/dns/resolver.c 2009-05-22 12:30:41.000000000 +0400 +@@ -4054,6 +4054,18 @@ + } + + /* ++ * Enforce the configure cache TTL override. ++ */ ++ if (res->view->overridecachettl) ++ rdataset->ttl = res->view->overridecachettl; ++ ++ /* ++ * Enforce the configure minimum cache TTL. ++ */ ++ if (rdataset->ttl < res->view->mincachettl) ++ rdataset->ttl = res->view->mincachettl; ++ ++ /* + * Enforce the configure maximum cache TTL. + */ + if (rdataset->ttl > res->view->maxcachettl) +diff -Nabdur bind-9.6.0-P1.orig/lib/isccfg/namedconf.c bind-9.6.0-P1/lib/isccfg/namedconf.c +--- lib/isccfg/namedconf.c 2009-05-22 12:24:49.000000000 +0400 ++++ lib/isccfg/namedconf.c 2009-05-22 12:31:21.000000000 +0400 +@@ -821,6 +821,8 @@ + { "lame-ttl", &cfg_type_uint32, 0 }, + { "max-acache-size", &cfg_type_sizenodefault, 0 }, + { "max-cache-size", &cfg_type_sizenodefault, 0 }, ++ { "override-cache-ttl", &cfg_type_uint32, 0 }, ++ { "min-cache-ttl", &cfg_type_uint32, 0 }, + { "max-cache-ttl", &cfg_type_uint32, 0 }, + { "max-clients-per-query", &cfg_type_uint32, 0 }, + { "max-ncache-ttl", &cfg_type_uint32, 0 }, Modified: head/dns/bind99/Makefile ============================================================================== --- head/dns/bind99/Makefile Wed Jul 29 14:34:10 2015 (r393160) +++ head/dns/bind99/Makefile Wed Jul 29 14:36:20 2015 (r393161) @@ -3,7 +3,7 @@ PORTNAME= bind PORTVERSION= ${ISCVERSION:S/-P/P/} -PORTREVISION= 0 +PORTREVISION= 1 CATEGORIES= dns net ipv6 MASTER_SITES= ISC/bind9/${ISCVERSION} PKGNAMESUFFIX= 99 @@ -43,7 +43,7 @@ SUB_FILES= pkg-message OPTIONS_DEFAULT= IPV6 SSL THREADS SIGCHASE IDN GSSAPI_NONE RRL OPTIONS_DEFINE= SSL IDN REPLACE_BASE LARGE_FILE FIXED_RRSET SIGCHASE \ - IPV6 THREADS FILTER_AAAA GOST PYTHON START_LATE \ + IPV6 THREADS FILTER_AAAA GOST PYTHON START_LATE MINCACHE \ LINKS RPZ_NSIP RPZ_NSDNAME RRL DOCS RPZ_PATCH NEWSTATS OPTIONS_GROUP= DLZ OPTIONS_GROUP_DLZ= DLZ_POSTGRESQL DLZ_MYSQL DLZ_BDB \ @@ -62,6 +62,7 @@ FILTER_AAAA_DESC= Enable filtering of AA GOST_DESC= Enable GOST ciphers, needs SSL (see help on 8 and 9) PYTHON_DESC= Build with Python utilities START_LATE_DESC= Start BIND late in the boot process +MINCACHE_DESC= Use the mincachettl patch LINKS_DESC= Create conf file symlinks in ${PREFIX} NEWSTATS_DESC= Enable alternate xml statistics channel format @@ -80,6 +81,7 @@ GSSAPI_BASE_DESC= ${GSSAPI_DESC} (Heimda GSSAPI_HEIMDAL_DESC= ${GSSAPI_DESC} (security/heimdal) GSSAPI_MIT_DESC= ${GSSAPI_DESC} (security/krb5) GSSAPI_NONE_DESC= No ${GSSAPI_DESC} +MINCACHE_EXTRA_PATCHES= ${FILESDIR}/extrapatch-bind-min-override-ttl SSL_CONFIGURE_ON= --with-openssl=${OPENSSLBASE} SSL_USE= openssl=yes Added: head/dns/bind99/files/extrapatch-bind-min-override-ttl ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/dns/bind99/files/extrapatch-bind-min-override-ttl Wed Jul 29 14:36:20 2015 (r393161) @@ -0,0 +1,78 @@ +diff -Nabdur bind-9.6.0-P1.orig/bin/named/config.c bind-9.6.0-P1/bin/named/config.c +--- bin/named/config.c 2009-05-22 12:24:49.000000000 +0400 ++++ bin/named/config.c 2009-05-22 12:31:35.000000000 +0400 +@@ -129,6 +129,8 @@ + min-roots 2;\n\ + lame-ttl 600;\n\ + max-ncache-ttl 10800; /* 3 hours */\n\ ++ override-cache-ttl 0; /* do not override */\n\ ++ min-cache-ttl 0; /* no minimal, zero is allowed */\n\ + max-cache-ttl 604800; /* 1 week */\n\ + transfer-format many-answers;\n\ + max-cache-size 0;\n\ +diff -Nabdur bind-9.6.0-P1.orig/bin/named/server.c bind-9.6.0-P1/bin/named/server.c +--- bin/named/server.c 2009-05-22 12:24:49.000000000 +0400 ++++ bin/named/server.c 2009-05-22 12:32:18.000000000 +0400 +@@ -1727,6 +1727,16 @@ + CHECK(mustbesecure(obj, view->resolver)); + + obj = NULL; ++ result = ns_config_get(maps, "override-cache-ttl", &obj); ++ INSIST(result == ISC_R_SUCCESS); ++ view->overridecachettl = cfg_obj_asuint32(obj); ++ ++ obj = NULL; ++ result = ns_config_get(maps, "min-cache-ttl", &obj); ++ INSIST(result == ISC_R_SUCCESS); ++ view->mincachettl = cfg_obj_asuint32(obj); ++ ++ obj = NULL; + result = ns_config_get(maps, "max-cache-ttl", &obj); + INSIST(result == ISC_R_SUCCESS); + view->maxcachettl = cfg_obj_asuint32(obj); +diff -Nabdur bind-9.6.0-P1.orig/lib/dns/include/dns/view.h bind-9.6.0-P1/lib/dns/include/dns/view.h +--- lib/dns/include/dns/view.h 2009-05-22 12:24:49.000000000 +0400 ++++ lib/dns/include/dns/view.h 2009-05-22 12:29:03.000000000 +0400 +@@ -131,6 +131,8 @@ + isc_boolean_t provideixfr; + isc_boolean_t requestnsid; + dns_ttl_t maxcachettl; ++ dns_ttl_t mincachettl; ++ dns_ttl_t overridecachettl; + dns_ttl_t maxncachettl; + in_port_t dstport; + dns_aclenv_t aclenv; +diff -Nabdur bind-9.6.0-P1.orig/lib/dns/resolver.c bind-9.6.0-P1/lib/dns/resolver.c +--- lib/dns/resolver.c 2009-05-22 12:24:49.000000000 +0400 ++++ lib/dns/resolver.c 2009-05-22 12:30:41.000000000 +0400 +@@ -4054,6 +4054,18 @@ + } + + /* ++ * Enforce the configure cache TTL override. ++ */ ++ if (res->view->overridecachettl) ++ rdataset->ttl = res->view->overridecachettl; ++ ++ /* ++ * Enforce the configure minimum cache TTL. ++ */ ++ if (rdataset->ttl < res->view->mincachettl) ++ rdataset->ttl = res->view->mincachettl; ++ ++ /* + * Enforce the configure maximum cache TTL. + */ + if (rdataset->ttl > res->view->maxcachettl) +diff -Nabdur bind-9.6.0-P1.orig/lib/isccfg/namedconf.c bind-9.6.0-P1/lib/isccfg/namedconf.c +--- lib/isccfg/namedconf.c 2009-05-22 12:24:49.000000000 +0400 ++++ lib/isccfg/namedconf.c 2009-05-22 12:31:21.000000000 +0400 +@@ -821,6 +821,8 @@ + { "lame-ttl", &cfg_type_uint32, 0 }, + { "max-acache-size", &cfg_type_sizenodefault, 0 }, + { "max-cache-size", &cfg_type_sizenodefault, 0 }, ++ { "override-cache-ttl", &cfg_type_uint32, 0 }, ++ { "min-cache-ttl", &cfg_type_uint32, 0 }, + { "max-cache-ttl", &cfg_type_uint32, 0 }, + { "max-clients-per-query", &cfg_type_uint32, 0 }, + { "max-ncache-ttl", &cfg_type_uint32, 0 },