From nobody Thu Jun 30 12:22:29 2022 X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 0CE568AADA7 for ; Thu, 30 Jun 2022 12:22:30 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4LYcsd3x3xz4fv7 for ; Thu, 30 Jun 2022 12:22:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 68A9526167 for ; Thu, 30 Jun 2022 12:22:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 25UCMTvN026359 for ; Thu, 30 Jun 2022 12:22:29 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 25UCMTYb026358 for ports-bugs@FreeBSD.org; Thu, 30 Jun 2022 12:22:29 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 264961] dns/nsd: update to 4.6.0 Date: Thu, 30 Jun 2022 12:22:29 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: jaap@NLnetLabs.nl X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform bug_file_loc op_sys bug_status bug_severity priority component assigned_to reporter flagtypes.name attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Ports bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ports-bugs@freebsd.org X-BeenThere: freebsd-ports-bugs@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1656591749; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=n7j9k6oTN5fVqjezjTQMTrPDwHCmJap7zcXhYyPL1hU=; b=s6zJ7NvecRm8ZJa3B3LCbRDFmxDIWG/ZQNnprpuIuoxc7sCcKtg9zKE4qHxb3Bapk2NGmi qgjORwJQ0Zqujz8DM3uLweBdJjsHQyTAzNw5C+dVT04tVEKATXq64PvdeU9fA4ApfT46nn Z7ZziSgPxpiHVr1F2X+WZWgCpf5KbC2YzxNgC3hcXZORYT1E4aChC1WzhQU20ILDmiX3Gf ch2RUAezGiE9Z/uFXPWl6EF3ElOlM4UltGqBsuJJF+5sqDHpBMdQCjghYCkWCIGC2v3tqi zI+7i5aluQxpWdXiaZCItkFr8oBo7aUVO98HtC2XdXYyF438OI76Yw9BR/xqyg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1656591749; a=rsa-sha256; cv=none; b=X/ausTRwJqUoat8cdJo57TC81w+c4nQ8PmEG3Fis+4cDuo1YvzIPmURFRBHOAcNY8fKtqt +2Hr8O9qKcL7CmrX/LTWkplVdqH+b6v450ItLfhXgBHQWEz66VVDL54hxQz2PxJ88m5ttL M8fLgzpAmuhQ7Y0vkVZt0gEE6dWAqWXRVfII/yCp6oIW9AJjG4yq03iyIS2XGYTzn7hOa5 0wVyCplqPsE4R+IOjDJLvRGZQNUhKXg7XuYhu6bEV4o9WIjMSK/ROAOPZHdJ6yZ2gs1Xgq v0l49piOBkoh4SMBJ2yJX5ZIfQ9mohcKvXnLTPDagM+t7c1SE7kjRP124EabjQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D264961 Bug ID: 264961 Summary: dns/nsd: update to 4.6.0 Product: Ports & Packages Version: Latest Hardware: Any URL: https://www.nlnetlabs.nl/news/2022/Jun/30/nsd-4.6.0-re leased/ OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: ports-bugs@FreeBSD.org Reporter: jaap@NLnetLabs.nl Attachment #235002 maintainer-approval+ Flags: Created attachment 235002 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D235002&action= =3Dedit patch to update This release adds the zone verification support from the CreDNS code. There are also some bug fixes in the ixfr out code. Zone verification can start a verifier program that reads the new zone data. It can reject the update. Or process the new zone data. The intent is for a DNSSEC verifier to inspect the zone before it is passed on with zone transfer or served to clients. The zone verification can be enabled with enable: yes in the verify section in nsd.conf. You can then list the interfaces the NSD listens on while the verifier is active, so it can send queries for the new zone contents. With verify-zones: yes zones are verified by default. The command that is executed can be set with the `verifier:=20 ldns-verify-zone` option. With verifier-count the max number of=20 concurrent verifiers can be set. With the verifier-feed-zone: yes option=20 the zone can be input on stdin to the verifier program. A timeout to=20 stop the verifier can be set with the verifier-timeout option. Per zone options can also be set for a pattern or for a zone, for zone verification. With verify-zone the zone verification can be enabled per zone. The verifier can be set per zone. And the verifier-feed-zone and verifier-timeout options can be controlled per zone. FEATURES: - Port zone-verification from CreDNS to NSD4. BUG FIXES: - Fix static analyzer reports on ixfrcreate temp file. - Fixup wrong ixfrcreate fread return check. --=20 You are receiving this mail because: You are the assignee for the bug.=