From 3b67b2e690d8917d9ae354352158e7b485352cbd Mon Sep 17 00:00:00 2001 From: ryoon Date: Wed, 21 Aug 2019 14:16:40 +0000 Subject: [PATCH] Update to 4.2.2 * Readd _OPENBSD_SOURCE explicitly to fix build on NetBSD 9 Changelog: 13 August 2019: Wouter - Fix error message for out of zone data to have more information. 12 August 2019: Wouter - Fix #33: Fix segfault in service of remaining streams on exit. 6 August 2019: Wouter - Tag for 4.2.2rc1. 5 August 2019: Wouter - PR #31: nsd-control: Add missing stdio header. - PR #32: tsig: Fix compilation without HAVE_SSL. - Cleanup tls context on xfrd exit. 31 July 2019: Wouter - Fix #29: SSHFP check NULL pointer dereference. - Fix #30: SSHFP check failure due to missing domain name. - Fix to timeval_add in minievent for remaining second in microseconds. 22 July 2019: Wouter - Set timeout for refetch immediately, only spread load when there are retries. 19 July 2019: Wouter - Set no renegotiation on the SSL context to stop client session renegotiation. 18 July 2019: Wouter - Fix #25: NSD doesn't refresh zones after extended downtime, it refreshes the old zones, with a random delay of a couple of seconds to spread the load. - Fix so that expired zones stay expired when server is down a long time. 17 July 2019: Wouter - Fix that NSD warns for wrong length of the hash in SSHFP records. 15 July 2019: Wouter - PR #23: Fix typo in nsd.conf man-page. 4 July 2019: Wouter - Set version to 4.2.2 in development. - clean memory on exit of nsd-checkzone for memory debug. - Fix #20: CVE-2019-13207 Stack-based Buffer Overflow in the dname_concatenate() function. Reported by Frederic Cambus. It causes the zone parser to crash on a malformed zone file, with assertions enabled, an assertion catches it. - Fix #19: Out-of-bounds read caused by improper validation of array index. Reported by Frederic Cambus. The zone parser fails on type SIG because of mismatched definition with RRSIG. 2 July 2019: Wouter - Tag for 4.2.1rc1 27 June 2019: Wouter - Fix unit test for added options and no dot after zone updated log message. - Fix compile without accept4. 21 June 2019: Wouter - Omit remaining tcp processing if the list is empty. - Fix output of nsd-checkconf -h. 20 June 2019: Wouter - Initialize event structures before event_set, to stop uninitialized values from setting event library lists and assertions, that would sometimes also show after event_del. - Added num.tls and num.tls6 stat counters. - PR #12: send-buffer-size, receive-buffer-size, tcp-reject-overflow options for nsd.conf, from Jeroen Koekkoek. - Do not use symbol from libc, instead use own replacement, if not available, for accept4. - Fix #14, tcp connections have 1/10 to be active and have to work every second, and then they get time to complete during a reload, this is a process that lingers with the old version during a version update. 19 June 2019: Wouter - Fix tls handshake event callback function mistake, reported by Mykhailo Danylenko. 18 June 2019: Wouter - Fix #15: crash in SSL library, initialize variables for TCP access when TLS is configured. 14 June 2019: Wouter - Fix to init event not pointer, in reassignment. 12 June 2019: Wouter - Fix to init event structure for reassignment. --- net/nsd/Makefile | 9 +++++++-- net/nsd/distinfo | 10 +++++----- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/net/nsd/Makefile b/net/nsd/Makefile index da5cfce49b96..ca922644e7fd 100644 --- a/net/nsd/Makefile +++ b/net/nsd/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.104 2019/07/16 11:38:27 ryoon Exp $ +# $NetBSD: Makefile,v 1.105 2019/08/21 14:16:40 ryoon Exp $ -DISTNAME= nsd-4.2.0 +DISTNAME= nsd-4.2.2 CATEGORIES= net MASTER_SITES= http://www.nlnetlabs.nl/downloads/nsd/ @@ -23,6 +23,11 @@ PKG_SUGGESTED_OPTIONS= inet6 USE_LANGUAGES= c c++ USE_LIBTOOL= yes +.if ${OPSYS} == "NetBSD" +# For reallocarray(3) on NetBSD 9 +CPPFLAGS+= -D_OPENBSD_SOURCE +.endif + GNU_CONFIGURE= yes PKG_SYSCONFSUBDIR= nsd diff --git a/net/nsd/distinfo b/net/nsd/distinfo index f62f91fc0437..a9d8a439349a 100644 --- a/net/nsd/distinfo +++ b/net/nsd/distinfo @@ -1,7 +1,7 @@ -$NetBSD: distinfo,v 1.66 2019/06/13 13:21:40 ryoon Exp $ +$NetBSD: distinfo,v 1.67 2019/08/21 14:16:40 ryoon Exp $ -SHA1 (nsd-4.2.0.tar.gz) = b62d47588def467ca5af1b4155146dc08663243a -RMD160 (nsd-4.2.0.tar.gz) = 4fd282844ec078baacfe621fdb5eab41678833f3 -SHA512 (nsd-4.2.0.tar.gz) = caa14fcd599ddc631cb74c3a56e571044dae1deb2fa9bd6b062f143954f9207b64b42ab5eab917360161f96bae8711df932f3e18b58be98b3f7b640071e7e807 -Size (nsd-4.2.0.tar.gz) = 1141796 bytes +SHA1 (nsd-4.2.2.tar.gz) = b0a8a9765cbce402a7534f5aaa38cd0b1f21644f +RMD160 (nsd-4.2.2.tar.gz) = fb83c39dfd5e5350871af67c7fc2629347bde740 +SHA512 (nsd-4.2.2.tar.gz) = 43e2ee980a11ed0ad521cc9d8be1e2d29fa8ab552bdda043ffa7e5bc71cf07ad49319629f71e93dcf1dabd315f93bcfb9fd8b5847f27b125cf151fb4f63779b2 +Size (nsd-4.2.2.tar.gz) = 1149182 bytes SHA1 (patch-aa) = d9a423d5faa8da9a213b21fd2712225ac9645091