9.2.x in several important ways, including new DNSSEC support
and reportedly better performance.
It is anticipated that when this code base settles down that the
bind9 port could be removed.
NSD 2.1.2 release notes:
FEATURES:
- NSD now fully supports unknown record types using the notation
specified in RFC3597.
- Support for the following RR types has been added: WKS, X25, ISDN,
RT, NSAP, PX, NAPTR, KX, CERT, DNAME, and APL. DNAME special
processing is not supported.
BUG FIXES:
- Bug #84: NSD now uses SIGUSR1 instead of SIGILL to report stats.
- Bug #85: Support for WKS records.
- Bug #86: The characters "#%&^[]?" can now be used without backslash
in zone file domain names.
- Plugin callback return type fixed.
- The maximum message length for IPv6 UDP packets is now limited to
the IPv6 minimum MTU (1280) unless the IPV6_USE_MIN_MTU socket
option is supported.
PR: ports/69914
Submitted by: Olafur Osvaldsson <oli@isnic.is> (maintainer)
the libtoolX ports instead of the one included with each port. Ports that
set USE_LIBTOOL_VER=X will now use the ports version of libtool instead of
the included version. To restore previous behavior, use the new macro,
USE_INC_LIBTOOL_VER. Both macros accept the same argument: a libtool version.
For example, to use the ports version of libtool-1.5, add the following to
your Makefile:
USE_LIBTOOL_VER= 15
To use the included version of libtool with extra hacks provided by
libtool-1.5, add the following to your Makefile:
USE_INC_LIBTOOL_VER= 15
With this change, ports that had to add additional libtool hacks to prevent
.la files from being installed or to fix certain threading issues can now
delete those hacks (after appropriate testing, of course).
PR: 63944
Based on work by:eik and marcus
Approved by: ade (autotools maintainer)
Tested by: kris on pointyhat
Bound to be hidden problems: You bet
- Better handling of timeout (instead of a static value,
start with five seconds and double it each retry)
- Warnings are printed if you receive a different RR type
than the one you asked for (for example when you ask for
an A record and receive a CNAME)
- Fixed problems when records received in the authority
field are shorter than the domain the nameserver is
authoritative for.
- When compiled without IPv6 support on an IPv6 capable
machine the machine tried to query the IPv6 translated
IPv5 address anyway.
- -C caches hosts which haven't answered too.
One-Record-Per-File bases. Because of this, sheerdns is the simplest of any DNS
to configure, the easiest to update, and the most efficient for networks that
experience a lot of updates (for example master servers for dynamic IP address
ranges).
PR: ports/67241
Submitted by: <bkhl@elektrubadur.se>
port, but it's not clear what the purpose was.
The reason for removing it is compatibility with Harti's work on updating make.
This patch causes a "recursive assignment" error. Removing it causes no
difference in the building of the port, so away it goes.
PR: standards/57295
- Provide additional startup script for zoneserver(8) program
needed to run an authorative primary nameserver.
- Both these scripts pipe programs' output into logger(1) so
that maradns logs into syslog.
- Installs an example zonefile in maradns (csv1) format.
PR: 65624
Submitted by: Alex Kapranoff <kappa@vvs01.agava.net>
The only difference to the previous version (except for the version ID
sent in request packets), is the method used to declare errno.
For unknown reasons, this version is not available from all mirror sites
and binary packages seem to only be provided for 3.0.11b7. The problem
with that version was that it was used incorrectly in some Linksys WLAN
router which tended to spam DynDNS.org with bogus requests. DynDNS.org
ignores certain requests, when received with a version ID of 3.0.11b7,
though there's nothing wrong with that code when used correctly.
I had considered to just patch the version string in "configure", but
after some more thought I've now choosen to actually use the new dist
file and to remove the URL of the master site that doesn't offer the
newer version.
PR: 60940
Submitted by: Lynk <lynk@lynksys.net>
variable for replacing includes as well. Users who replaced the base
BIND and then attempted to compile other software with -D_REENTRANT
were having problems because netdb.h has a different definition for
h_errno.
The idea of replacing includes originated with users who wanted to
compile apps against the libbind installed by the port, however those
"power users" can either add the switch to replace includes, or modify
their own includes slightly to use the "safe" location for the port
include files (PREFIX/include/bind).
The PR mentions the problem, along with a cast of thousands. :)
Other tuneups for the port are just portlint appeasements.
PR: ports/64449
Submitted by: eik
Begin autotools sanitization sequence by requiring ports to explicitly
specify which version of {libtool,autoconf,automake} they need, erasing
the concept of a "system default".
For ports-in-waiting:
USE_LIBTOOL=YES -> USE_LIBTOOL_VER=13
USE_AUTOCONF=YES -> USE_AUTOCONF_VER=213
USE_AUTOMAKE=YES -> USE_AUTOMAKE_VER=14
Ports attempting to use the old style system after June 1st 2004 will be
sorely disappointed.
From: Roman Shterenzon <romanbsd@yahoo.com>
To: ports@freebsd.org
Subject: e-mail change
The email address roman@xpert.com is no longer valid.
Please update ports' maintainer to ports@oven.org.
Submitted by: Roman Shterenzon <romanbsd@yahoo.com>
Add distribution site grouping for all the patches [1].
PR: 56951 [1], 64062 [2].
Submitted by: Roman Neuhauser <neuhauser@bellavista.cz> [1],
Thomas Vogt <thomas@bsdunix.ch> [2]
ThatIP protocol version 1.1 to send DNS update requests. It manages DNS
records, update history, and allows for per record configuration. It also
includes a wizard for generation of configuration files.
PR: ports/62760
Submitted by: Dan Smith <dan@algenta.com>
- allow-recursion-override was on by default, it was meant to be off
- Logging was still off in daemon mode, fixed
- Recursor accidentally linked in MySQL, fixed
- The PowerDNS recursor had stability problems
- The recursor now outputs the nameserver average response times in trace mode
- LDAP compiles again
Improvements:
- Several improvements to zone2sql
- Remove libpqpp dependencies
- Added a patch from CVS to make zone2parser.cc compile on STABLE
PR: 61554, 61589
Submitted by: tremere@cainites.net
configure.
- added the *proper* MASTER_SITES back in,
- removed patch file on old Makefile (delete it),
- use DOCSDIR
PR: 61569
Submitted by: maintainer
The dnsproxy daemon is a proxy for DNS queries. It forwards these
queries to two previously configured nameservers: one for
authoritative queries and another for recursive queries. The
received answers are sent back to the client unchanged. No local
caching is done.
Approved by: erwin (mentor) (implicitly)
includes:
- Opteron support!
- pdns_recursor jumbles answers now
- Big LDAP cleanup
- Zone2sql is now somewhat clearer when reporting malformed line errors
- pdns_recursor now survives the expiration of all its root records
- Serious issue fixed: added a patch to fix High CPU Load with the pdns_server and mysqld processes
PR: 61213
Submitted by: tremere@cainites.net
ldapdns is a lightweight, high performance DNS server
which utilizes LDAP as its backend.
It is originally based on djbdns and strives to maintain
the same goals of performance, security and simplicity.
WWW: http://www.nimh.org/code/ldapdns/
PR: 60965
Submitted by: Paul Dlug <paul@aps.org>
lines. The error was masked by the conditionality, but mostly harmless
due to the fact that the directory is incredibly likely to be populated
anyway.
Submitted by: tobez
There are a few bugs in dnrd that should probably be fixed
by the author but could be made to work on bsd:
1. Initialization in common.h of recv_addr is broken,
causing at least the '-a' switch not to work. Instead of
assuming positions of fields in the struct across platforms
I thought it safer to do a standard initialization in main().
2. The buffer overflow code in udp.c:dnsrecv() is off by
one, rejecting messages where the size exactly fills the
available buffer. I also changed to the calls to dnsrecv
to pass 512 as the max size instead of the buffers that
seem to be padded by 4 bytes for a reason I don't understand.
This causes a calling named to resend packets. Eventually
one seems to get through but response times can be painfully
slow.
PR: ports/41128
Submitted by: Michael C. Adler <mad1@tapil.com>
actual substantive changes, 0.44 has some non-user-visible changes
to make CPAN.pm happy.
Power users of this module are encouraged to read the CHANGES file.
Most users shouldn't have problems with this upgrade.
Significant changes to the software:
1. Ongoing refinement of proper class inheritance/categorization.
2. Fix zone transfers with 'many-answer' format.
3. Finally "fixed" the .xs code, and accompanying Makefile.pl options
to work out of the box on both RELENG_4 and 5-current.
4. Added a Makefile.pl option to avoid the online tests.
5. Support for unknown RR types.
Changes to the port:
1. Take advantage of 3 and 4 above.
2. portlint doesn't like the word 'file' to appear in the Makefile, so
change it to 'doc' for the PORTDOCS install loop.
