FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

Port details
opendnssec Tool suite for maintaining DNSSEC
1.4.10 dns on this many watch lists=5 search for ports that depend on this port Find issues related to this port Report an issue related to this port
Maintainer: jaap@NLnetLabs.nl search for ports maintained by this maintainer
Port Added: 07 Jan 2010 06:25:28
License: BSD3CLAUSE
OpenDNSSEC was created as an open-source turn-key solution for
DNSSEC. It secures zone data just before it is published in an
authoritative name server.

WWW: http://www.opendnssec.org
SVNWeb : Homepage : PortsMon

To install the port: cd /usr/ports/dns/opendnssec/ && make install clean
To add the package: pkg install opendnssec

PKGNAME: opendnssec

distinfo:

SHA256 (opendnssec-1.4.10.tar.gz) = 55b44c1da3a665eef0af1d1b3f4d1c57d20f50f77858b1dd3d03ca6ebc1df7cb
SIZE (opendnssec-1.4.10.tar.gz) = 1036069


NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. ldns>=1.6.16 : dns/ldns
  2. perl5>=5.20<5.21 : lang/perl5.20
Runtime dependencies:
  1. perl5>=5.20<5.21 : lang/perl5.20
Library dependencies:
  1. libldns.so : dns/ldns
  2. libmysqlclient.so.18 : databases/mysql56-client
  3. libxml2.so : textproc/libxml2
There are no ports dependent upon this port

Configuration Options
===> The following configuration options are available for opendnssec-1.4.10:
     DOCS=on: Build and/or install documentation
     SOFTHSM=off: SoftHSM cryptographic store for PKCS #11 interface
====> Options available for the single DB: you have to select exactly one of them
     MYSQL=on: Use MYSQL backend
     SQLITE=off: Use SQLite backend
===> Use 'make config' to modify these settings

USES:
perl5 ssl mysql gnome

Master Sites:
  1. http://dist.opendnssec.org/source/
Notes from UPDATING
These upgrade notes are taken from /usr/ports/UPDATING
  • 2013-06-03
    Affects: users of dns/opendnssec
    Author: wg@FreeBSD.org
    Reason: 
      Some database changes have been made between version 1.3 and 1.4,
      upgrading needs to be done manually by running the following scripts:
    
      For MySQL users:
      PREFIX/share/opendnssec/migrate_adapters_1.mysql
    
      For SQLite users:
      PREFIX/share/opendnssec/migrate_adapters_1.sqlite3
    
      For the full migration explanation see:
      PREFIX/share/doc/opendnssec/MIGRATION
    
      opendnssec 1.3 version was preserved as dns/opendnssec13 port.
    
    

Number of commits found: 51

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
12 Sep 2016 02:37:18
Original commit files touched by this commit  1.4.10
Revision:421899
marino search for other commits by this committer
dns/opendnssec: Add SSL flags and honor them

Approved by:	SSL blanket
13 Jul 2016 13:25:25
Original commit files touched by this commit  1.4.10
Revision:418474
erwin search for other commits by this committer
Add conflicts with upcoming opendnssec2

PR:		211019
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Sponsored by:	DK Hostmaster A/S
05 May 2016 17:09:42
Original commit files touched by this commit  1.4.10
Revision:414652
pi search for other commits by this committer
dns/opendnssec: 1.4.9 -> 1.4.10

This release fix targets stability issues which have had a history and
have been hard to reproduce.  Issues that have been reported over the
past half year have been fixed that may have even come up earlier as
rare occasions.
Stability should be improved, running OpenDNSSEC as a long term service.

Changes in TTL in the input zone that seem not to be propagated,
notifies to slaves under heavy zone activity load that where not handled
properly and could lead to assertions.
NSEC3PARAM that would appear duplicate in the resulting zone, and
crashes in the signer daemon in seldom race conditions or re-opening due
to a HSM reset.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
25 Apr 2016 16:17:32
Original commit files touched by this commit  1.4.9
Revision:414019
mat search for other commits by this committer
Move MySQL support from bsd.databases.mk to Uses/mysql.mk.

Also, USE_MYSQL can't happen after bsd.port.pre.mk because it is a USES.

PR:		208971
Submitted by:	mat
Exp-run by:	antoine
With hat:	portmgr
Sponsored by:	Absolight
Differential Revision:	https://reviews.freebsd.org/D5951
01 Apr 2016 14:00:57
Original commit files touched by this commit  1.4.9
Revision:412346
mat search for other commits by this committer
Remove ${PORTSDIR}/ from dependencies, categories d, e, f, and g.

With hat:	portmgr
Sponsored by:	Absolight
16 Mar 2016 13:33:52
Original commit files touched by this commit  1.4.9
Revision:411235
erwin search for other commits by this committer
Update to 1.4.9

The main motivations for this release are bug fixes related to use
cases with large number of zones (more than 50 zones) in combination
with an XFR based setup. Too much concurrent zone transfers causes new
transfers to be held back. These excess transfers however were not
properly scheduled for later.

No migration steps needed when upgrading from OpenDNSSEC 1.4.8.

Bugfixes:

* Add TCP waiting queue. Fix signer getting 'stuck' when adding many
  zones at once. Thanks to Haavard Eidnes to bringing this to our attention.
* OPENDNSSEC-723: received SOA serial reported as on disk.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
06 Oct 2015 13:54:32
Original commit files touched by this commit  1.4.8.2
Revision:398698
erwin search for other commits by this committer
Upgrade from version 1.4.7 to 1.4.8.2

NEWS:

    * Support for RFC5011 style KSK rollovers. KSK section in the KASP now
      accepts <RFC5011/> element.
    * Enforcer: New repository option <AllowExtraction/> allows to generate
      keys with CKA_EXTRACTABLE attribute set to TRUE so keys can be wrapped
      and extracted from HSM.

Bugfixes:

    * SUPPORT-145: EOF handling an ARM architecture caused signer to hang.
    * Fixed signer hitting assertion on short reply XFR handler.
    * Include revoke bit in keytag calculation.
    * Increased stacksize on some systems (thanks Patrik Lundin!).
    * Stop ods-signerd on SIGINT.

Fixes port problem (reported by *geoffroy desvernay*)

    * Now also installs previous missing migration script convert_database.pl

PR:		203574
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Sponsored by:	DK Hostmaster A/S
20 Apr 2015 19:06:30
Original commit files touched by this commit  1.4.7
Revision:384380
tijl search for other commits by this committer
- Display a stage-qa warning when ports use PREFIX/var instead of /var
- Add --localstatedir=/var to _LATE_CONFIGURE_ARGS (like --mandir) but not
  when CONFIGURE_ARGS already sets it.  (GNU configure scripts set it to
  PREFIX/var when PREFIX != /usr.)
- Add --localstatedir="${PREFIX}/var" to CONFIGURE_ARGS in some ports so
  they aren't affected by this change (for now at least).  This commit is
  meant to ensure that new ports don't make the same mistake.

- games/acm: the configure script in this port is very old; instead of
  patching it more, just replace GNU_CONFIGURE with HAS_CONFIGURE.
- irc/charybdis: it already used /var but adding --localstatedir=/var
  changed the behaviour of the configure script; adjust the port to this.

PR:		199506
Exp-run by:	antoine
Approved by:	portmgr (antoine)
10 Dec 2014 15:14:14
Original commit files touched by this commit  1.4.7
Revision:374467
erwin search for other commits by this committer
Update to 1.4.7 which fixes a bug when using DNS adapters

PR:		195686
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
09 Dec 2014 11:09:43
Original commit files touched by this commit  1.4.6_1
Revision:374365
bapt search for other commits by this committer
Cleanup plist
28 Jul 2014 08:40:27
Original commit files touched by this commit  1.4.6_1
Revision:363121
erwin search for other commits by this committer
- Fix ownership of var/run/opendnssec
- Fix minor whitespace warning

Approved by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
23 Jul 2014 08:30:09
Original commit files touched by this commit  1.4.6
Revision:362636
erwin search for other commits by this committer
- Fix location of libsofthsm.so [1]
- Fix depency on sqlite with non-default LOCALBASE [2]
- Update to 1.4.6

Updates:
Signer Engine: Print secondary server address when logging notify reply errors.
Build: Fixed various OpenBSD compatibility issues found by Patrik Lundin
<patrik.lundin.swe () gmail.com>.
OPENDNSSEC-621: conf.xml: New options: <PidFile> for both enforcer and signer,
and <SocketFile> for the signer.
New tool: ods-getconf: to retrieve a configuration value from conf.xml given an
expression.

Bugfixes:
OPENDNSSEC-469: ods-ksmutil: 'zone add' command when zonelist.xml.backup can't
be written zone is still added to database, solved it by checking the
zonelist.xml.backup is writable before adding zones, and add error message when
add zone failed.
OPENDNSSEC-617: Signer Engine: Fix DNS Input Adapter to not reject zone the
first time due to RFC 1982 serial arethmetic.
OPENDNSSEC-619: memory leak when signer failed, solved it by add
ldns_rr_free(signature) in libhsm.c
OPENDNSSEC-627: Signer Engine: Unable to update serial after restart when the
backup files has been removed.
OPENDNSSEC-628: Signer Engine: Ingored notifies log level is changed from debug
to info.
OPENDNSSEC-630: Signer Engine: Fix inbound zone transfer for root zone.
libhsm: Fixed a few other memory leaks.
simple-dnskey-mailer.sh: Fix syntax error. (by Patrik Lundin
https://github.com/eest)

PR:		191272 [1], 192021 [2], 192023 [3]
Submitted by:	Andrew Fyfe <andrew@neptune-one.net> [1],
		jhujhiti@adjectivism.org [2],
		Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) [3]
15 Jul 2014 15:09:59
Original commit files touched by this commit  1.4.5_2
Revision:361941
adamw search for other commits by this committer
Add DOCS to OPTIONS_DEFINE to ports that check for PORT_OPTIONS:MDOCS.
27 Jun 2014 17:21:07
Original commit files touched by this commit  1.4.5_2
Revision:359586
miwi search for other commits by this committer
- Chase database/sqlite3 slib bump

Approved by:	portmgr (myself)
16 May 2014 18:12:40
Original commit files touched by this commit  1.4.5_1
Revision:354250
erwin search for other commits by this committer
Remove explicit showing of pkg-message, it's automatic these days.

Submitted by:	bdrewery
15 May 2014 15:58:32
Original commit files touched by this commit  1.4.5_1
Revision:354148
erwin search for other commits by this committer
Fix some outstanding issues with staging and make it work with both
pkg_install and pkgng.

PR:		189823
Submitted by:	erwin
Prodded by:	swills
Approved by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
30 Apr 2014 08:45:35
Original commit files touched by this commit  1.4.5
Revision:352675
erwin search for other commits by this committer
- Update to 1.4.5

Added Staging support;
Modern options handling where possible.

Bugfixes:

OPENDNSSEC-607: libhsm not using all mandatory attributes for GOST key
generation.
OPENDNSSEC-609: ods-ksmutil: 'key list' command fails with error in 1.4.4 on
MySQL. Reported by Mark Elkins <mje@posix.co.za>

Includes the update to 1.4.4:

Updates:

SUPPORT-114: libhsm: Optimize storage in HSM by deleting the public key directly
if SkipPublicKey is used [OPENDNSSEC-574].
(Only the first 15 lines of the commit message are shown above View all of this commit message)
16 Apr 2014 18:28:50
Original commit files touched by this commit  1.4.3_1
Revision:351411
zeising search for other commits by this committer
The FreeBSD x11@ and graphics team proudly presents
a zeising, kwm production, with help from dumbbell, bdrewery:

NEW XORG ON FREEBSD 9-STABLE AND 10-STABLE

This update switches over to use the new xorg stack by default on FreeBSD 9
and 10 stable, on osversions where vt(9) is available.
It is still possible to use the old stack by specifying WITHOUT_NEW_XORG in
/etc/make.conf .
FreeBSD 8-STABLE and released versions of FreeBSD still use
the old version.
A package repository with binary packages for new xorg will
be available soon.

This patch also contains updates of libxcb and related ports, pixman, as well
(Only the first 15 lines of the commit message are shown above View all of this commit message)
05 Dec 2013 20:25:54
Original commit files touched by this commit  1.4.3
Revision:335687
sunpoet search for other commits by this committer
- Update to 1.4.3
- While I'm here, add LICENSE and convert to new LIB_DEPENDS format

Changes:	http://www.opendnssec.org/2013/12/04/opendnssec-1-4-3/
PR:		ports/184516
Submitted by:	Jaap Akkerhuis <jaap@nlnetlabs.nl> (maintainer)
20 Sep 2013 16:31:58
Original commit files touched by this commit  1.4.2
Revision:327719
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
dns)
17 Sep 2013 06:28:07
Original commit files touched by this commit  1.4.2
Revision:327451
bapt search for other commits by this committer
Convert to new perl framework
Convert from USE_GMAKE to USES=gmake
16 Sep 2013 12:17:07
Original commit files touched by this commit  1.4.2
Revision:327383
mat search for other commits by this committer
Update to 1.4.2

PR:		182012
Submitted by:	mat
Approved by:	maintainer
02 Jul 2013 13:12:23
Original commit files touched by this commit  1.4.1
Revision:322168
wg search for other commits by this committer
dns/opendnssec: update to 1.4.1

- Update to 1.4.1

Changes: http://www.opendnssec.org/2013/06/27/opendnssec-1-4-1/

PR:		ports/180194
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
21 Jun 2013 21:00:45
Original commit files touched by this commit  1.4.0
Revision:321504
wg search for other commits by this committer
dns/opendnssec: fix build with sqlite

- Fix build with non-default LOCALBASE and sqlite

PR:		ports/179606
Submitted by:	Erick Turnquist <jhujhiti@adjectivism.org>
Approved by:	maintainer
03 Jun 2013 22:13:11
Original commit files touched by this commit  1.4.0
Revision:319813
wg search for other commits by this committer
- Update to 1.4.0 [1]
- Add PORTDOCS
- Install extra migration files
- Preserve 1.3.x as dns/opendnssec13

Changes: https://wiki.opendnssec.org/display/DOCS/New+in+OpenDNSSEC+1.4

PR:		ports/178861 [1]
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> [1]
Approved by:	culot (mentor), maintainer
22 May 2013 14:30:51
Original commit files touched by this commit  1.3.13
Revision:318768
miwi search for other commits by this committer
- Remove mysql 4X reference
21 Feb 2013 00:44:40
Original commit files touched by this commit  1.3.13
Revision:312685
miwi search for other commits by this committer
- Update to 1.3.13

PR:		176303
Submitted by:	maintainer
04 Dec 2012 08:37:14
Original commit files touched by this commit  1.3.12
Revision:308207
rm search for other commits by this committer
- update to 1.3.12

while here:
- trim Makefile header
- remove trailin dots from options descriptions

PR:		174094
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Feature safe:	yes
31 Oct 2012 07:58:36
Original commit files touched by this commit  1.3.10_1
Revision:306736
ak search for other commits by this committer
- Update ldns to 1.6.15 [1]
- Add an entry to UPDATING about binary incompatibility in previous version of
ldns
- Fix OptionsNG
- Bump PORTREVISION for all ports dependent on dns/ldns
- Remove ABI version numbers from LIB_DEPENDS while I'm here

PR:	ports/173080 [1]
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) [1]
Approved by:	portmgr (erwin)
Feature safe:	yes
23 Oct 2012 12:34:03
Original commit files touched by this commit  1.3.10
Revision:306308
erwin search for other commits by this committer
Convert to OPTIONSNG

PR:		172903
Submitted by:	me
Approved by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Feature safe:	yes
12 Aug 2012 07:52:50
Original commit files touched by this commit  1.3.10
scheidell search for other commits by this committer
- Update to 1.3.10

PR:		ports/170544
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
08 Jul 2012 12:39:15
Original commit files touched by this commit  1.3.9
scheidell search for other commits by this committer
- Update to 1.3.9
- Add GIDs/UIDs 215

PR:             ports/169646
Submitted by:   Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
18 Mar 2012 04:44:00
Original commit files touched by this commit  1.3.7
miwi search for other commits by this committer
- Update to 1.3.7

PR:             166125
Submitted by:   Jaap Akkerhuis <jaap@NLnetLabs.nl>(maintainer)
Feature safe:   yes
17 Feb 2012 17:52:45
Original commit files touched by this commit  1.3.6
jgh search for other commits by this committer
- Update to 1.3.6

PR:     ports/165216
Submitted by:   maintainer, jaap at NLnetLabs.nl
30 Jan 2012 12:27:28
Original commit files touched by this commit  1.3.5
culot search for other commits by this committer
- Update to 1.3.5

Changes:        http://www.opendnssec.org/2012/01/23/opendnssec-1-3-5/
PR:             ports/164628
Submitted by:   Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
14 Jan 2012 08:57:23
Original commit files touched by this commit  1.3.4
dougb search for other commits by this committer
In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().

In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
18 Dec 2011 08:54:22
Original commit files touched by this commit  1.3.4
miwi search for other commits by this committer
- Update to 1.3.4

PR:             163080
Submitted by:   Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
25 Sep 2011 07:17:15
Original commit files touched by this commit  1.3.2_2
dougb search for other commits by this committer
Incremental improvements to the rc.d script per
http://lists.freebsd.org/pipermail/cvs-all/2011-July/341217.html

Approved by:    maintainer timeout (2 months)
20 Sep 2011 17:40:35
Original commit files touched by this commit  1.3.2
dhn search for other commits by this committer
- Update to 1.3.2

PR:             ports/160828
Submitted by:   Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
06 Aug 2011 14:40:47
Original commit files touched by this commit  1.3.0
swills search for other commits by this committer
- Mark broken with Ruby 1.9

With hat:       ruby@
15 Jul 2011 20:55:00
Original commit files touched by this commit  1.3.0
jlaffaye search for other commits by this committer
Update to 1.3.0

PR:             ports/158865
Submitted by:   Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Approved by:    bapt (mentor)
24 Mar 2011 16:33:57
Original commit files touched by this commit  1.2.1
dhn search for other commits by this committer
- Update to 1.2.1

PR:             ports/155889
Submitted by:   Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
19 Jan 2011 10:49:08
Original commit files touched by this commit  1.2.0
pav search for other commits by this committer
- Update to 1.2.0

PR:             ports/154026
Submitted by:   Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Feature safe:   yes
11 Dec 2010 22:48:20
Original commit files touched by this commit  1.1.3_1
nivit search for other commits by this committer
- Add databases/sqlite3 to BUILD_DEPENDS (minimal version required 3.4.2)
- Bump PORTREVISION
- Remove MD5 checksum from distinfo

PR:             ports/152542
Submitted by:   Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
12 Sep 2010 18:03:06
Original commit files touched by this commit  1.1.3
araujo search for other commits by this committer
- Update to 1.1.3.

PR:             ports/150487
Submitted by:   Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
06 Sep 2010 12:11:24
Original commit files touched by this commit  1.1.2
sylvio search for other commits by this committer
- Update to 1.1.2

PR:             ports/150248
Submitted by:   Jaap Akkerhuis <japp@nlnetlabs.nl> (maintainer)
14 Aug 2010 19:19:11
Original commit files touched by this commit  1.1.1_1
arved search for other commits by this committer
Increase minimum required version of dnsruby

PR:             148887
Submitted by:   Ruben van Staveren <ruben@verweg.com>
Approved by:    maitainer
11 Jul 2010 13:34:39
Original commit files touched by this commit  1.1.1
araujo search for other commits by this committer
- Update to 1.1.1.

PR:             ports/148476
Submitted by:   Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
29 May 2010 11:47:44
Original commit files touched by this commit  1.1.0
sylvio search for other commits by this committer
- Update to 1.1.0

PR:             ports/147134
Submitted by:   Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
11 Feb 2010 10:33:58
Original commit files touched by this commit  1.0.0_1
pav search for other commits by this committer
- Update to 1.0.0 release

PR:             ports/143712
Submitted by:   Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
07 Jan 2010 06:25:07
Original commit files touched by this commit  1.0.0
wen search for other commits by this committer
OpenDNSSEC was created as an open-source turn-key solution for
DNSSEC. It secures zone data just before it is published in an
authoritative name server.

WWW: http://www.opendnssec.org

PR:             ports/142103
Submitted by:   Jaap Akkerhuis <jaap@NLnetLabs.nl>

Number of commits found: 51

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
opensslSep 26
openssl-develSep 26
openssl*Sep 23
openssl-devel*Sep 23
irssi*Sep 22
irssi*Sep 22
firefoxSep 20
firefox*Sep 20
firefox-esrSep 20
firefox-esr*Sep 20
libxulSep 20
libxul*Sep 20
linux-firefoxSep 20
linux-firefox*Sep 20
linux-seamonkeySep 20

13 vulnerabilities affecting 37 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 26272
Broken 375
Deprecated 218
Ignore 639
Forbidden 0
Restricted 199
No CDROM 83
Vulnerable 61
Expired 14
Set to expire 204
Interactive 0
new 24 hours 3
new 48 hours8
new 7 days30
new fortnight58
new month112

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.