aboutsummaryrefslogtreecommitdiff
path: root/dns/unbound
Commit message (Collapse)AuthorAgeFilesLines
* Unbreak the build with FILTER_AAAA option.Alexey Dokuchaev2020-07-101-1/+3
| | | | | | | PR: 246648 Notes: svn path=/head/; revision=541850
* Move devel/swig30 to devel/swig and update to 4.0.1Sunpoet Po-Chuan Hsieh2020-06-171-2/+2
| | | | | | | | | | | | | | | - Do not silence installation message - Update dependent ports: - Fix build with swig 4.0.1 - Update *_DEPENDS - Remove BINARY_ALIAS Changes: http://www.swig.org/news.php PR: 246613 Exp-run by: antoine Notes: svn path=/head/; revision=539491
* dns/unbound: update to 1.10.1.Xin LI2020-05-193-5/+5
| | | | | | | | | | PR: 246569 Submitted by: Jaap Akkerhuis (maintainer) MFH: 2020Q2 Security: CVE-2020-12662, CVE-2020-12663 Notes: svn path=/head/; revision=535884
* dns/unbound: update 1.9.6 -> 1.10.0Kurt Jaeger2020-02-223-5/+5
| | | | | | | | | PR: 244244 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) Relnotes: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=244244#c0 Notes: svn path=/head/; revision=526776
* Update to 1.9.6Jochen Neumeister2019-12-163-5/+5
| | | | | | | | PR: 242603 Sponsored by: Netzkommune GmbH Notes: svn path=/head/; revision=520238
* Update to 1.9.5Jochen Neumeister2019-11-233-5/+5
| | | | | | | | | | | | Changelog: https://nlnetlabs.nl/projects/unbound/security-advisories/#vulnerability-in-ipsec-module PR: 242075 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) MFH: 2019Q4 Sponsored by: Netzkommune GmbH Notes: svn path=/head/; revision=518229
* Update to 1.9.4Sunpoet Po-Chuan Hsieh2019-10-033-5/+5
| | | | | | | | | | | | Changes: https://github.com/NLnetLabs/unbound/blob/master/doc/Changelog PR: 241033 Reported by: C <cm@appliedprivacy.net> Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) Security: 108a4be3-e612-11e9-9963-5f1753e0aca0 MFH: 2019Q4 Notes: svn path=/head/; revision=513730
* dns/unbound: update to 1.9.3Steve Wills2019-09-024-23/+124
| | | | | | | | | | Whil here, improve rc script PR: 240163 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) Notes: svn path=/head/; revision=510824
* Convert to UCL & cleanup pkg-message (categories d)Mathieu Arnold2019-08-131-0/+6
| | | | Notes: svn path=/head/; revision=508835
* devel/libevent2: update to 2.1.11Jan Beich2019-08-021-0/+1
| | | | | | | | | | | | | Changes: https://github.com/libevent/libevent/releases/tag/release-2.1.11-stable ABI: https://abi-laboratory.pro/tracker/timeline/libevent/ PR: 239599 Reported by: GitHub (watch releases) Approved by: zeising (maintainer) MFH: 2019Q3 (maybe security, partially restores 2.1.8 ABI) Differential Revision: https://reviews.freebsd.org/D21133 Notes: svn path=/head/; revision=507877
* Update to 1.9.2Jochen Neumeister2019-06-193-5/+5
| | | | | | | | | PR: 238651 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) Sponsored by: Netzkommune GmbH Notes: svn path=/head/; revision=504511
* dns/unbound: update to 1.9.1Steve Wills2019-03-186-39/+5
| | | | | | | | PR: 236575 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) Notes: svn path=/head/; revision=496136
* dns/unbound: Import patch to fix hostname verification with OpenSSL 1.0.2Renato Botelho2019-02-114-0/+34
| | | | | | | | | | | PR: 235571 Approved by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) Obtained from: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=4206#c5 https://github.com/pfsense/FreeBSD-ports/commit/af2c493a0dfa99e2afc6e3f9236aad10021d6b39 Sponsored by: Rubicon Communications, LLC (Netgate) Notes: svn path=/head/; revision=492694
* Update to 1.9.0Sunpoet Po-Chuan Hsieh2019-02-054-64/+6
| | | | | | | | | Changes: https://www.nlnetlabs.nl/svn/unbound/tags/release-1.9.0/doc/Changelog PR: 235522 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) Notes: svn path=/head/; revision=492239
* dns/unbound: Update to 1.8.3Steve Wills2018-12-263-6/+5
| | | | | | | | PR: 233933 Submitted by: jaap@NLnetLabs.nl Notes: svn path=/head/; revision=488471
* dns/unbound: fix DNSTAP build failureSteve Wills2018-12-102-0/+58
| | | | | | | | | PR: 233891 Submitted by: jaap@NLnetLabs.nl (maintainer) Reported by: O. Hartmann <ohartmann@walstatt.org> Notes: svn path=/head/; revision=487181
* dns/unbound: Update to 1.8.2Steve Wills2018-12-093-5/+5
| | | | | | | | PR: 233796 Submitted by: jaap@NLnetLabs.nl (maintainer) Notes: svn path=/head/; revision=487005
* dns/unbound upgrade to 1.8.1Steve Wills2018-10-083-5/+6
| | | | | | | | PR: 232070 Submitted by: jaap@NLnetLabs.nl (maintainer) Notes: svn path=/head/; revision=481552
* dns/unbound: remove unnecessary LIBEVENT_USESSteve Wills2018-10-011-1/+0
| | | | | | | | PR: 231488 Submitted by: jaap@NLnetLabs.nl (maintainer) Notes: svn path=/head/; revision=481078
* dns/unbound: Fix configure in some casesSteve Wills2018-09-201-1/+1
| | | | | | | | | | | | Fix configure by adding missing pkgconfig to uses PR: 231488 Submitted by: leres (solution, via email), mfechner (patch) Reported by: leres, mfechner Approved by: jaap@NLnetLabs.nl (maintainer) Notes: svn path=/head/; revision=480177
* dns/unbound: Fix OPTIONS_DEFINE referenceSteve Wills2018-09-181-1/+1
| | | | | | | | | | | Missed in previous commit PR: 231283 Submitted by: jaap@NLnetLabs.nl (maintainer) Pointyhat to: swills Notes: svn path=/head/; revision=480058
* dns/unbound: update to 1.8.0Steve Wills2018-09-183-7/+7
| | | | | | | | | | Bump PORTREVISION on consumers due to library major version change PR: 231283 Submitted by: jaap@NLnetLabs.nl (maintainer) Notes: svn path=/head/; revision=480056
* Update to 1.7.3Sunpoet Po-Chuan Hsieh2018-06-213-5/+5
| | | | | | | | | Changes: https://www.nlnetlabs.nl/svn/unbound/tags/release-1.7.3/doc/Changelog PR: 229202 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) Notes: svn path=/head/; revision=473002
* dns/unbound: upgrade to 1.7.2Steve Wills2018-06-143-7/+6
| | | | | | | | PR: 228889 Submitted by: jaap@NLnetLabs.nl (maintainer) Notes: svn path=/head/; revision=472412
* dns/unbound: Bump portrevisionBernard Spil2018-05-221-0/+1
| | | | | | | | | | | - Follow-up of r470572 PR: 228390 Reported by: adamw MFH: 2018Q2 Notes: svn path=/head/; revision=470626
* dns/unbound: Fix errors when unbound_conf is setBernard Spil2018-05-211-1/+2
| | | | | | | | | | PR: 228390 Approved by: maintainer <jaap NLnetLabs nl> MFH: 2018Q2 Notes: svn path=/head/; revision=470572
* - Update to 2.5.9Martin Wilke2018-05-104-8/+12
| | | | | | | | | | | - Update WWW PR: 227949 Submitted by: maintainer Sponsored by: iXsystems Inc. Notes: svn path=/head/; revision=469556
* dns/unbound: upgrade 1.6.8 -> 1.7.0Kurt Jaeger2018-03-214-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Features - auth-zone provides a way to configure RFC7706 from unbound.conf, eg. with auth-zone: name: "." for-downstream: no for-upstream: yes fallback-enabled: yes and masters or a zonefile with data. - Aggressive use of NSEC implementation. Use cached NSEC records to generate NXDOMAIN, NODATA and positive wildcard answers. - Accept tls-upstream in unbound.conf, the ssl-upstream keyword is also recognized and means the same. Also for tls-port, tls-service-key, tls-service-pem, stub-tls-upstream and forward-tls-upstream. - [dnscrypt] introduce dnscrypt-provider-cert-rotated option, from Manu Bretelle. This option allows handling multiple cert/key pairs while only distributing some of them. In order to reliably match a client magic with a given key without strong assumption as to how those were generated, we need both key and cert. Likewise, in order to know which ES version should be used. On the other hand, when rotating a cert, it can be desirable to only serve the new cert but still be able to handle clients that are still using the old certs's public key. The `dnscrypt-provider-cert-rotated` allow to instruct unbound to not publish the cert as part of the DNS's provider_name's TXT answer. - Update B root ipv4 address. - make ip-transparent option work on OpenBSD. - Fix #2801: Install libunbound.pc. - ltrace.conf file for libunbound in contrib. - Fix #3598: Fix swig build issue on rhel6 based system. configure --disable-swig-version-check stops the swig version check. Bug Fixes - Fix #1749: With harden-referral-path: performance drops, due to circular dependency in NS and DS lookups. - [dnscrypt] prevent dnscrypt-secret-key, dnscrypt-provider-cert duplicates - Better documentation for cache-max-negative-ttl. - Fixed libunbound manual typo. - Fix #1949: [dnscrypt] make provider name mismatch more obvious. - Fix #2031: Double included headers - Document that errno is left informative on libunbound config read fail. - iana port update. - Fix #1913: ub_ctx_config is under circumstances thread-safe. - Fix #2362: TLS1.3/openssl-1.1.1 not working. - Fix #2034 - Autoconf and -flto. - Fix #2141 - for libsodium detect lack of entropy in chroot, print a message and exit. - Fix #2492: Documentation libunbound. - Fix #2882: Unbound behaviour changes (wrong) when domain-insecure is set for stub zone. It no longer searches for DNSSEC information. - Fix #3299 - forward CNAME daisy chain is not working - Fix link failure on OmniOS. - Check whether --with-libunbound-only is set when using --with-nettle or --with-nss. - Fix qname-minimisation documentation (A QTYPE, not NS) - Fix that DS queries with referral replies are answered straight away, without a repeat query picking the DS from cache. The correct reply should have been an answer, the reply is fixed by the scrubber to have the answer in the answer section. - Fix that expiration date checks don't fail with clang -O2. - Fix queries being leaked above stub when refetching glue. - Copy query and correctly set flags on REFUSED answers when cache snooping is not allowed. - make depend: code dependencies updated in Makefile. - Fix #3397: Fix that cachedb could return a partial CNAME chain. - Fix #3397: Fix that when the cache contains an unsigned DNAME in the middle of a cname chain, a result without the DNAME could be returned. - Fix that unbound-checkconf -f flag works with auto-trust-anchor-file for startup scripts to get the full pathname(s) of anchor file(s). - Print fatal errors about remote control setup before log init, so that it is printed to console. - Use NSEC with longest ce to prove wildcard absence. - Only use *.ce to prove wildcard absence, no longer names. - Fix unfreed locks in log and arc4random at exit of unbound. - Fix lock race condition in dns cache dname synthesis. - Fix #3451: dnstap not building when you have a separate build dir. And removed protoc warning, set dnstap.proto syntax to proto2. - Added tests with wildcard expanded NSEC records (CVE-2017-15105 test) - Unit test for auth zone https url download. - tls-cert-bundle option in unbound.conf enables TLS authentication. - Fixes for clang static analyzer, the missing ; in edns-subnet/addrtree.c after the assert made clang analyzer produce a failure to analyze it. - Fix #3505: Documentation for default local zones references wrong RFC. - Fix #3494: local-zone noview can be used to break out of the view to the global local zone contents, for queries for that zone. - Fix for more maintainable code in localzone. - more robust cachedump rrset routine. - Save wildcard RRset from answer with original owner for use in aggressive NSEC. - Fixup contrib/fastrpz.patch so that it applies. - Fix compile without threads, and remove unused variable. - Fix compile with staticexe and python module. - Fix nettle compile. - Fix to check define of DSA for when openssl is without deprecated. - iana port update. - Fix #3582: Squelch address already in use log when reuseaddr option causes same port to be used twice for tcp connections. - Reverted fix for #3512, this may not be the best way forward; although it could be changed at a later time, to stay similar to other implementations. - Fix for windows compile. - Fixed contrib/fastrpz.patch, even though this already applied cleanly for me, now also for others. - patch to log creates keytag queries, from A. Schulze. - patch suggested by Debian lintian: allow to -> allow one to, from A. Schulze. - Attempt to remove warning about trailing whitespace. - Added documentation for aggressive-nsec: yes. PR: 226822 Submitted by: jaap@NLnetLabs.nl (maintainer) Notes: svn path=/head/; revision=465195
* Switch some MASTER_SITES from http/ftp to https.Mathieu Arnold2018-02-271-1/+2
| | | | | | | | | | | Also some cleanup of dead entries. PR: 226203 Submitted by: Sam H Sponsored by: Absolight Notes: svn path=/head/; revision=463123
* Reduce dependency on the python2 metaportAntoine Brodin2018-02-191-2/+2
| | | | | | | | PR: 225752 Submitted by: Yasuhiro KIMURA Notes: svn path=/head/; revision=462307
* Bump PORTREVISION after r459983Adam Weinberger2018-01-311-0/+1
| | | | Notes: svn path=/head/; revision=460451
* dns/unbound: Fix rc-script with config in flagsBernard Spil2018-01-261-2/+4
| | | | | | | | | | | - Adds new option unbound_config PR: 225360 Submitted by: jaap@NLnetLabs.nl Approved by: jaap@NLnetLabs.nl (maintainer) Notes: svn path=/head/; revision=459983
* dns/unbound: Update to 1.6.8, Fixes security vulnerabilityDanilo G. Baio2018-01-193-6/+5
| | | | | | | | | | PR: 225313 Submitted by: jaap@NLnetLabs.nl (maintainer) MFH: 2018Q1 Security: 8d3bae09-fd28-11e7-95f2-005056925db4 Notes: svn path=/head/; revision=459435
* After r452629 also bump ports that optionally depend on libsodium.Tijl Coosemans2017-10-261-0/+1
| | | | | | | PR: 223192 Notes: svn path=/head/; revision=452938
* dns/unbound: Update to 1.6.7Danilo G. Baio2017-10-123-5/+5
| | | | | | | | | | Changes: http://www.unbound.net/pipermail/unbound-users/2017-October/004972.html PR: 222941 Submitted by: jaap@NLnetLabs.nl (maintainer) Notes: svn path=/head/; revision=451881
* dns/unbound: Update to 1.6.6Danilo G. Baio2017-09-223-5/+5
| | | | | | | | | | Changes: http://www.unbound.net/pipermail/unbound-users/2017-September/004936.html PR: 222503 Submitted by: jaap@NLnetLabs.nl (maintainer) Notes: svn path=/head/; revision=450314
* dns/unbound: Upgrade to 1.6.5Steve Wills2017-08-213-6/+5
| | | | | | | | PR: 221692 Submitted by: jaap@NLnetLabs.nl (maintainer) Notes: svn path=/head/; revision=448504
* Fix typoSunpoet Po-Chuan Hsieh2017-07-231-1/+1
| | | | | | | Approved by: portmgr (blanket) Notes: svn path=/head/; revision=446478
* Base system contains unbound without libevent support enabled.Eugene Grosbein2017-07-231-1/+2
| | | | | | | | | | | Enable libevent by default for the port dns/unbound for performance reasons. PR: 220733 Submitted by: Dmitry Luhtionov Approved by: jaap (maintainer), az (mentor) Notes: svn path=/head/; revision=446477
* dns/unbound: Update to 1.6.4Danilo G. Baio2017-07-123-5/+5
| | | | | | | | | | | Changes: http://www.unbound.net/pipermail/unbound-users/2017-June/004818.html PR: 220673 Submitted by: jaap@NLnetLabs.nl (maintainer) Approved by: garga (mentor, implicit) Notes: svn path=/head/; revision=445613
* Update unbound to 1.6.3.Adam Weinberger2017-06-133-5/+5
| | | | | | | | | | | | | | | | This release fixes a spurious assertion failure when unbound receives a malformed packet with 0x20 enabled. Bug Fixes - Fix #1280: Unbound fails assert when response from authoritative contains malformed qname. When 0x20 caps-for-id is enabled, when assertions are not enabled the malformed qname is handled correctly. PR: 219958 Submitted by: maintainer (jaap NLnetLabs nl) Notes: svn path=/head/; revision=443538
* Correct typo in DNSCRYPT option descriptionLarry Rosenman2017-05-041-1/+1
| | | | | | | | | | PR: 219052 Submitted by: greenreaper@hotmail.com Reportee by: Approved by: adamw (mentor, implicit) Notes: svn path=/head/; revision=440077
* dns/unbound: update 1.6.1 -> 1.6.2Kurt Jaeger2017-04-293-8/+23
| | | | | | | | | PR: 218872 Changes: http://www.unbound.net/pipermail/unbound-users/2017-April/004762.html Submitted by: jaap@NLnetLabs.nl (maintainer) Notes: svn path=/head/; revision=439775
* - Update to 1.6.1Wen Heping2017-03-084-16/+13
| | | | | | | | PR: 217614 Submitted by: jaap@NLnetLabs.nl(maintainer) Notes: svn path=/head/; revision=435651
* - Chase ldns shlip bumpMartin Wilke2017-03-031-1/+1
| | | | | | | PR: 217495 Notes: svn path=/head/; revision=435306
* devel/libevent2: drop historical suffix after r362796Jan Beich2017-02-201-2/+2
| | | | | | | | PR: 216777 Approved by: mm (maintainer) Notes: svn path=/head/; revision=434427
* devel/libevent2: update to 2.1.8 and cleanupJan Beich2017-02-041-0/+1
| | | | | | | | | | | | | | - DEFAULT_VERSIONS += ssl=openssl-devel is now supported - devel/py-event and devel/p5-Event-Lib are marked BROKEN Changes: https://github.com/libevent/libevent/raw/release-2.1.8-stable/whatsnew-2.1.txt Changes: https://github.com/libevent/libevent/raw/release-2.1.8-stable/ChangeLog PR: 216527 Exp-run by: antoine Approved by: mm (maintainer) Notes: svn path=/head/; revision=433286
* - Remove always-true/false conditions after FreeBSD 9, 10.1, 10.2 EOLDmitry Marakasov2017-01-111-8/+0
| | | | | | | Approved by: portmgr blanket Notes: svn path=/head/; revision=431169
* - Update to 1.6.0Sunpoet Po-Chuan Hsieh2016-12-173-55/+32
| | | | | | | | | | | | | | | | - Do not silence installation message - While I'm here: - Move LIB_DEPENDS upwards - Use = instead of += for CONFIGURE_ARGS and USES - Convert to options helper - Use TEST_TARGET Changes: https://unbound.nlnetlabs.nl/pipermail/unbound-users/2016-December/004587.html PR: 215322 Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) Notes: svn path=/head/; revision=428760
* Mark as broken on aarch64: fails to link with sbrk.Mark Linimon2016-11-101-0/+2
| | | | | | | | | While here, pet portlint and remove stale ia64 lines. Approved by: portmgr (tier-2 blanket) Notes: svn path=/head/; revision=425823
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-22 03:48:12 +0000