From 8df9544dcbab3a740368cef0521dbe2cda062f0c Mon Sep 17 00:00:00 2001 From: Jaap Akkerhuis Date: Mon, 16 Aug 2021 20:18:01 -0300 Subject: [PATCH] dns/unbound: Update to 1.13.2 Added a new option DEP-RSA1024 to enable --with-deprecate-rsa-1024 Changelog: - Merge PR #317: ZONEMD Zone Verification, with RFC 8976 support. ZONEMD records are checked for zones loaded as auth-zone, with DNSSEC if available. There is an added option zonemd-permissive-mode that makes it log but not fail wrong zones. With zonemd-reject-absence for an auth-zone the presence of a zonemd can be mandated for specific zones. - Fix: Resolve interface names on control-interface too. - Merge #470 from edevil: Allow configuration of persistent TCP connections. - Fix #474: always_null and others inside view. - Add that log-servfail prints an IP address and more information about one of the last failures for that query. - Merge #478: Allow configuration of TCP timeout while waiting for response. - Add ./configure --with-deprecate-rsa-1024 that turns off RSA 1024. - Move the NSEC3 max iterations count in line with the 150 value used by BIND, Knot and PowerDNS. This sets the default value for it in the configuration to 150 for all key sizes. - zonemd-check: yesno option, default no, enables the processing of ZONEMD records for that zone. - Merge #486 by fobster: Make VAL_MAX_RESTART_COUNT configurable. - Merge PR #491: Add SVCB and HTTPS types and handling according to draft-ietf-dnsop-svcb-https. - Introduce 'http-user-agent:' and 'hide-http-user-agent:' options. PR: 257809 Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 42ac7e7f9340538fe67de858198323991d326087) --- dns/unbound/Makefile | 8 +++++--- dns/unbound/distinfo | 6 +++--- dns/unbound/pkg-plist | 2 +- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/dns/unbound/Makefile b/dns/unbound/Makefile index 79c1f89b998e..206205818029 100644 --- a/dns/unbound/Makefile +++ b/dns/unbound/Makefile @@ -1,7 +1,7 @@ # Created by: Sergey Matveychuk PORTNAME= unbound -PORTVERSION= 1.13.1 +DISTVERSION= 1.13.2 CATEGORIES= dns MASTER_SITES= https://www.nlnetlabs.nl/downloads/unbound/ \ https://distfiles.crux.guru/ @@ -36,7 +36,7 @@ PORTDOCS= CREDITS Changelog FEATURES LICENSE README \ OPTIONS_SUB= yes OPTIONS_DEFINE= THREADS PYTHON GOST ECDSA MUNIN_PLUGIN DOCS LIBEVENT \ FILTER_AAAA DNSTAP DNSCRYPT SUBNET EVAPI TFOCL TFOSE \ - HIREDIS DOH + HIREDIS DOH DEP-RSA1024 OPTIONS_DEFAULT=THREADS ECDSA LIBEVENT GOST DOH LIBEVENT_DESC= Build against libevent @@ -52,6 +52,7 @@ TFOCL_DESC= Enable TCP Fast Open for client mode TFOSE_DESC= Enable TCP Fast Open for server mode HIREDIS_DESC= Enable hiredis support for the cachedb module DOH_DESC= Enable DNS-over-HTTPS support +DEP-RSA1024_DESC= Deprecate the use of RSA 1024 keys STRIP_FILES= .libs/libunbound.so unbound-checkconf unbound \ unbound-control .libs/unbound-host .libs/unbound-anchor @@ -85,6 +86,7 @@ HIREDIS_CONFIGURE_ON= --enable-cachedb --with-libhiredis HIREDIS_LIB_DEPENDS= libhiredis.so:databases/hiredis DOH_CONFIGURE_ON= --with-libnghttp2 DOH_LIB_DEPENDS= libnghttp2.so:www/libnghttp2 +DEP-RSA1024_CONFIGURE_ON= --with-deprecate-rsa-1024 post-patch: @${RM} ${WRKSRC}/util/configlexer.c @@ -103,7 +105,7 @@ post-install-PYTHON-on: post-install-MUNIN_PLUGIN-on: @${MKDIR} ${STAGEDIR}${PREFIX}/share/munin/plugins - ${INSTALL_SCRIPT} ${WRKDIR}/unbound-${PORTVERSION}/contrib/unbound_munin_ \ + ${INSTALL_SCRIPT} ${WRKDIR}/unbound-${DISTVERSION}/contrib/unbound_munin_ \ ${STAGEDIR}${PREFIX}/share/munin/plugins/ @${ECHO_MSG} @${ECHO_MSG} "=============================================================" diff --git a/dns/unbound/distinfo b/dns/unbound/distinfo index 32a2fddfcc2d..fbde50e3cce1 100644 --- a/dns/unbound/distinfo +++ b/dns/unbound/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1612858504 -SHA256 (unbound-1.13.1.tar.gz) = 8504d97b8fc5bd897345c95d116e0ee0ddf8c8ff99590ab2b4bd13278c9f50b8 -SIZE (unbound-1.13.1.tar.gz) = 5976957 +TIMESTAMP = 1628757750 +SHA256 (unbound-1.13.2.tar.gz) = 0a13b547f3b92a026b5ebd0423f54c991e5718037fd9f72445817f6a040e1a83 +SIZE (unbound-1.13.2.tar.gz) = 6127915 diff --git a/dns/unbound/pkg-plist b/dns/unbound/pkg-plist index 096f02fe14f8..d228542653d3 100644 --- a/dns/unbound/pkg-plist +++ b/dns/unbound/pkg-plist @@ -5,7 +5,7 @@ libdata/pkgconfig/libunbound.pc lib/libunbound.a lib/libunbound.so lib/libunbound.so.8 -lib/libunbound.so.8.1.12 +lib/libunbound.so.8.1.13 %%PYTHON%%%%PYTHON_SITELIBDIR%%/_unbound.so %%PYTHON%%%%PYTHON_SITELIBDIR%%/unbound.py %%PYTHON%%%%PYTHON_SITELIBDIR%%/unboundmodule.py