In this release there is a fix for long downtime after connectivity
loss, which was a longstanding unsolved issue. Features for tcp, TCP
Fast Open and timeout pressure to close connections when the tcp
connections are getting full. Option to use ipv6 /64 for extra entropy.
Features
- Create a pkg-config file for libunbound in contrib.
- TCP Fast open patch from Sara Dickinson.
- Finegrained localzone control with define-tag, access-control-tag,
access-control-tag-action, access-control-tag-data, local-zone-tag, and
local-zone-override. And added types always_transparent, always_refuse,
always_nxdomain with that.
- If more than half of tcp connections are in use, a shorter timeout
is used (200 msec, vs 2 minutes) to pressure tcp for new connects.
- [bugzilla: 787 ] Fix#787: outgoing-interface netblock/64 ipv6
option to use linux freebind to use 64bits of entropy for every query
with random local part.
- For #787: prefer-ip6 option for unbound.conf prefers to send
upstream queries to ipv6 servers.
- Add default root hints for IPv6 E.ROOT-SERVERS.NET, 2001:500:a8::e.
- keep debug symbols in windows build.
PR: 213043
Submitted by: maintainer
SUMMARY:
Some features, such as multi master check option that does not upgrade
from the first master that answers, but picks the best one.
Additional section handling for type SRV. And bug fixes.
FEATURES:
- multi-master-check: yes can be used to check all masters for the
last version, using the higher version from the configured masters,
from Manabu Sonoda.
- Support RR type OPENPGPKEY from RFC 7929.
- Can config key algorithms with the digest name, eg. 'sha256'.
- configure --disable-radix-tree for about 15% lower memory usage.
- for type SRV add A/AAAA to the additional section (if possible),
just like we already do for type MX.
- more extensible edns option handling.
BUG FIXES:
- Fix compile warnings about unused result from write and strtol.
and signcompare in minmax retrytime.
- Fix#812: fix that make depend fails after distribution.
- Fix#817: xfrd update failed loop.
- Add robustness against unallocated data in nsec3 trees.
- Fix README spelling error of BSD license (reported by Joerg Jung).
- Fix multimaster for not tried full zone transfer for a expired zone.
- Fix#827: fix compile with openssl 1.1.0 with api=1.1.0.
PR: 213021
Submitted by: maintainer
USES=localbase:ldflags can be used to set LDFLAGS. Normally LDFLAGS
appears too early on the command line causing some ports to link with
their own libraries in LOCALBASE (if installed) instead of WRKSRC.
Also make use of _USES_POST so -L${LOCALBASE}/lib is added as late as
possible after anything a port Makefile might set. Use _USES_POST
instead of .include in libedit.mk and libarchive.mk so things like
'USES=libedit localbase:ldflags' work correctly.
Fix some issues with LIBS in some ports.
Switch ports that don't support LIBS to localbase:ldflags.
PR: 212987
Exp-run by: antoine
Approved by: portmgr (antoine)
It builds .a before all the .o that are supposed to go in the .a are
built. Imagine what happens after that...
Reported by: Craig Leres
Sponsored by: Absolight
It was added in 2009 in r232247 without the reason it was failing, I've
tried with -J 2-10, and can't have one of the BIND9 port fail.
Feel free to add it back, but please, add the reason why it fails.
Sponsored by: Absolight
- Clean up the Makefile.
- Follow some upstream recommendations (--with-data-packaging=archive,
--disable-renaming, -DICU_NO_USER_DATA_OVERRIDE).
- Patch makefiles to install static libraries with INSTALL_DATA so they
aren't stripped.
- Patch config/mh-bsd-gcc to sync with config/mh-linux-gcc.
- Fix endianness detection in ICU. The code wanted to use BYTE_ORDER
defined in machine/endian.h, but this isn't visible because ICU is
compiled with _XOPEN_SOURCE. Patch the code to use _BYTE_ORDER instead.
- Compile ICU with C++11 compiler to enable move constructors.
- Patch ICU to fix a problem with atomics in the case of a C++11 compiler
without C++11 header <atomic> (like Clang on FreeBSD 9).
- Bump all ports that depend on it due to library version change.
- Add USES=compiler:c++0x to some ports that pick up -std=c++0x from ICU
pkgconfig files.
- Add USES=compiler:c++11-lib to graphics/libcdr01 because it also needs
a C++11 runtime library now. Add this to all ports that depend on it
so their executables load the right libstdc++.so on FreeBSD 9.
PR: 205120
Exp-run by: antoine
Approved by: portmgr (antoine)
- several minor bug fixes, mostly for compatibility with older python versions
- ability to specify a network prefix to be used in the EDNS Client
Subnet option for queries issued
- introduces a check for CNAME and non-CNAME data at the same name
- If a port has another upstream, remove GOOGLE_CODE
- If a port only has GOOGLE_CODE mark it BROKEN
Some ports have a local mirror configured but for security reasons, it
is not considered upstream.
Sponsored by: Absolight
- While here, fix license and remove unneeded PKGMESSAGE line (PKGMESSAGE is set by SUB_FILES)
PR: 212637
Submitted by: dalescott@shaw.ca
Approved by: sthalik@tehran.lain.pl (maintainer)
The makefile for the ldns was very hard to follow due to preprocessor-
like hunks changing the logic flow even across targets. As part of the
SSL fix, I felt compelled to convert much of the options logic to the
modern options framework to make it simpler to follow the makefile
logic (as a side benefit the port is a bit more tidy).
I also reworked the FreeBSD 9 + GOST option logic to set the new
IGNORE_FreeBSD_9 variable if GOST was requested on FreeBSD 9 with the
base SSL library. I believe the previous logic using the WITH_OPENSSL_PORT
knob and CONFLICTS setting was incorrect.
Approvd by: SSL blanket
hide actual commands executed and only show short summary line (like
"CC foo.c"). CMake and ninja enable this by default, some autotools
using ports do as well. This is unacceptable because we need complete
build logs at any time, so we now switch to verbose build logs
unconditionally. Note that this change deliberately affects ALL
builds and not only package builds on cluster, because we need to
be sure that user experiencing failure can always provide informative
build log regardless of settings and without rerunning the build.
Change summary:
- Always do verbose builds for cmake, ninja and GNU configure (the
latter includes check if --disable-silent-rules is actually supported
by the configure script; there are isolated cases when it's not true)
- Remove CMAKE_VERBOSE, NINJA_VERBOSE and
CONFIGURE_ARGS=--disable-silent-rules from all ports which set them
for this is no longer needed
- Revert hacks for --disable-silent-rules support priorly committed
to biology/ncbi-blast+ and net-p2p/mldonkey - no longer needed as well
Submitted by: amdmi3
Reviewed by: mat
Exp-run by: antoine
Approved by: portmgr (mat, antoine)
Differential Revision: D7534
- support for offline and pre-delegation testing, so changes
can be tested before they are deployed
- More checks were added, and various other stability fixes
- now supports python 3
Mk/Uses/linux.mk.
- Replace USE_LINUX=yes with USES+=linux and USE_LINUX=(.*) with
USES+=linux:\1 in all ports.
- Replace USE_LINUX_APPS with USE_LINUX in all ports.
- Use INSTALL_SCRIPT instead of INSTALL_PROGRAM to install scripts in some
ports.
- When USE_LINUX_RPM is defined, simplify the way DISTFILES and EXTRACT_ONLY
are defined.
- Remove BRANDELF_DIRS and BRANDELF_FILES handling. In the very rare cases
that it is still necessary ports can run ${BRANDELF} from post-patch.
- Remove AUTOMATIC_PLIST handling. Only one port used it.
- Fix Linux MASTER_SITES.
- Replace OVERRIDE_LINUX_BASE_PORT and OVERRIDE_LINUX_NONBASE_PORTS with
default versions framework.
- bsd.port.mk:
- Move Linux related bits to Uses/linux.mk, except USE_LINUX_PREFIX.
- Put USE_LINUX_PREFIX handling after USES processing.
- Define DOCSDIR, DATADIR, etc. after handling USE_LINUX_PREFIX so it can
give these variables a different default value.
- When a package needs to run Linux ldconfig check before installation if
Linux support is enabled.
- emulators/linux_base-*:
- Use USES=linux and remove duplication.
- Remove files/lp. FreeBSD or CUPS lp(1) should work.
- Remove files/yp.conf. No longer seems to be used.
- Remove pkg-deinstall and move pkg-install into pkg-plist.
- Update pkg-descr and pkg-message.
- Fix handling of ldconfig cache in pkg-plist.
- devel/fb-adb: Use a Linux shell to run a Linux script but patch the script
to use FreeBSD mkdir so mkdir -p $path creates $path and not
/compat/linux/$path.
PR: 211645
Exp-run by: antoine
Approved by: portmgr (antoine)
The Knot DNS Resolver is a caching full resolver implementation,
including both a resolver library and a daemon.
WWW: https://www.knot-resolver.cz/
PR: 212215
Submitted by: Leo Vandewoestijne <freebsd@dns-lab.com>
from here, also, make the upstream default options default for real.
While there, put back the BIND_TOOLS knobs in bind9-devel.
Sponsored by: Absolight
It appears the previous STORAGE ERROR was a compiler bug that got fixed
between the GCC 6.1 and 6.2 versions of gcc6-aux. Switch it and the
helper port devel/libspark2012 over to it, which are the last two ports
that depend on lang/gcc6-aux.
Submitted by: Andrew Fengler <andrew.fengler@scaleengine.com>
Reviewed by: matthew
Approved by: zi (maintainer)
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D7488
