bind9-devel BIND DNS suite with updated DNSSEC and DNS64

9.17.0.a0.2020.06.01 dns =2 9.17.0.a0.2020.03.30Version of this port present on the latest quarterly branch.

Maintainer: mat@FreeBSD.org

Port Added: 2015-11-05 15:01:37

Last Update: 2020-06-02 14:12:03

SVN Revision: 537546

People watching this port, also watch: postfix-policyd-sf, bundy, bind911, perl5-devel

Also Listed In: net

License: MPL20

Description:

BIND version 9 is a major rewrite of nearly all aspects of the underlying BIND architecture. Some of the important features of BIND 9 are: DNS Security: DNSSEC (signed zones), TSIG (signed DNS requests) IP version 6: Answers DNS queries on IPv6 sockets, IPv6 resource records (AAAA) Experimental IPv6 Resolver Library DNS Protocol Enhancements: IXFR, DDNS, Notify, EDNS0 Improved standards conformance Views: One server process can provide multiple "views" of the DNS namespace, e.g. an "inside" view to certain clients, and an "outside" view to others. Multiprocessor Support See the CHANGES file for more information on new features. WWW: https://www.isc.org/downloads/bind/

SVNWeb : Homepage

pkg-plist: as obtained via: make generate-plist

Expand this list (318 items)

1. /usr/local/share/licenses/bind9-devel-9.17.0.a0.2020.06.01/catalog.mk
2. /usr/local/share/licenses/bind9-devel-9.17.0.a0.2020.06.01/LICENSE
3. /usr/local/share/licenses/bind9-devel-9.17.0.a0.2020.06.01/MPL20
4. @comment bin/dnstap-read
5. @comment bin/pkcs11-destroy
6. @comment bin/pkcs11-keygen
7. @comment bin/pkcs11-list
8. @comment bin/pkcs11-tokens
9. @sample etc/mtree/BIND.chroot.dist.sample
10. @sample etc/mtree/BIND.chroot.local.dist.sample
11. etc/namedb/bind.keys
12. etc/namedb/master/empty.db
13. etc/namedb/master/localhost-forward.db
14. etc/namedb/master/localhost-reverse.db
15. @sample etc/namedb/named.conf.sample
16. etc/namedb/named.root
17. etc/namedb/rndc.conf.sample
18. include/bind9/check.h
19. include/bind9/getaddresses.h
20. include/dns/acl.h
21. include/dns/adb.h
22. include/dns/badcache.h
23. include/dns/bit.h
24. include/dns/byaddr.h
25. include/dns/cache.h
26. include/dns/callbacks.h
27. include/dns/catz.h
28. include/dns/cert.h
29. include/dns/client.h
30. include/dns/clientinfo.h
31. include/dns/compress.h
32. include/dns/db.h
33. include/dns/dbiterator.h
34. include/dns/dbtable.h
35. include/dns/diff.h
36. include/dns/dispatch.h
37. include/dns/dlz.h
38. include/dns/dlz_dlopen.h
39. include/dns/dns64.h
40. include/dns/dnsrps.h
41. include/dns/dnssec.h
42. include/dns/dnstap.h
43. include/dns/ds.h
44. include/dns/dsdigest.h
45. include/dns/dyndb.h
46. include/dns/ecs.h
47. include/dns/edns.h
48. include/dns/enumclass.h
49. include/dns/enumtype.h
50. include/dns/events.h
51. include/dns/fixedname.h
52. include/dns/forward.h
53. include/dns/geoip.h
54. include/dns/ipkeylist.h
55. include/dns/iptable.h
56. include/dns/journal.h
57. include/dns/kasp.h
58. include/dns/keydata.h
59. include/dns/keyflags.h
60. include/dns/keymgr.h
61. include/dns/keytable.h
62. include/dns/keyvalues.h
63. include/dns/lib.h
64. include/dns/librpz.h
65. include/dns/log.h
66. include/dns/lookup.h
67. include/dns/master.h
68. include/dns/masterdump.h
69. include/dns/message.h
70. include/dns/name.h
71. include/dns/ncache.h
72. include/dns/nsec.h
73. include/dns/nsec3.h
74. include/dns/nta.h
75. include/dns/opcode.h
76. include/dns/order.h
77. include/dns/peer.h
78. include/dns/portlist.h
79. include/dns/private.h
80. include/dns/rbt.h
81. include/dns/rcode.h
82. include/dns/rdata.h
83. include/dns/rdataclass.h
84. include/dns/rdatalist.h
85. include/dns/rdataset.h
86. include/dns/rdatasetiter.h
87. include/dns/rdataslab.h
88. include/dns/rdatastruct.h
89. include/dns/rdatatype.h
90. include/dns/request.h
91. include/dns/resolver.h
92. include/dns/result.h
93. include/dns/rootns.h
94. include/dns/rpz.h
95. include/dns/rriterator.h
96. include/dns/rrl.h
97. include/dns/sdb.h
98. include/dns/sdlz.h
99. include/dns/secalg.h
100. include/dns/secproto.h
101. include/dns/soa.h
102. include/dns/ssu.h
103. include/dns/stats.h
104. include/dns/tcpmsg.h
105. include/dns/time.h
106. include/dns/timer.h
107. include/dns/tkey.h
108. include/dns/tsec.h
109. include/dns/tsig.h
110. include/dns/ttl.h
111. include/dns/types.h
112. include/dns/update.h
113. include/dns/validator.h
114. include/dns/view.h
115. include/dns/xfrin.h
116. include/dns/zone.h
117. include/dns/zonekey.h
118. include/dns/zoneverify.h
119. include/dns/zt.h
120. include/dst/dst.h
121. include/dst/gssapi.h
122. include/dst/result.h
123. include/irs/resconf.h
124. include/isc/aes.h
125. include/isc/align.h
126. include/isc/app.h
127. include/isc/assertions.h
128. include/isc/astack.h
129. include/isc/atomic.h
130. include/isc/attributes.h
131. include/isc/backtrace.h
132. include/isc/base32.h
133. include/isc/base64.h
134. include/isc/bind9.h
135. include/isc/buffer.h
136. include/isc/bufferlist.h
137. include/isc/commandline.h
138. include/isc/condition.h
139. include/isc/counter.h
140. include/isc/crc64.h
141. include/isc/deprecated.h
142. include/isc/dir.h
143. include/isc/endian.h
144. include/isc/errno.h
145. include/isc/error.h
146. include/isc/event.h
147. include/isc/eventclass.h
148. include/isc/file.h
149. include/isc/formatcheck.h
150. include/isc/fsaccess.h
151. include/isc/fuzz.h
152. include/isc/glob.h
153. include/isc/hash.h
154. include/isc/heap.h
155. include/isc/hex.h
156. include/isc/hmac.h
157. include/isc/hp.h
158. include/isc/ht.h
159. include/isc/httpd.h
160. include/isc/interfaceiter.h
161. include/isc/iterated_hash.h
162. include/isc/lang.h
163. include/isc/lex.h
164. include/isc/lib.h
165. include/isc/likely.h
166. include/isc/list.h
167. include/isc/log.h
168. include/isc/magic.h
169. include/isc/md.h
170. include/isc/mem.h
171. include/isc/meminfo.h
172. include/isc/mutex.h
173. include/isc/mutexatomic.h
174. include/isc/mutexblock.h
175. include/isc/net.h
176. include/isc/netaddr.h
177. include/isc/netdb.h
178. include/isc/netmgr.h
179. include/isc/netscope.h
180. include/isc/nonce.h
181. include/isc/offset.h
182. include/isc/once.h
183. include/isc/os.h
184. include/isc/parseint.h
185. include/isc/platform.h
186. include/isc/pool.h
187. include/isc/portset.h
188. include/isc/print.h
189. include/isc/queue.h
190. include/isc/quota.h
191. include/isc/radix.h
192. include/isc/random.h
193. include/isc/ratelimiter.h
194. include/isc/refcount.h
195. include/isc/regex.h
196. include/isc/region.h
197. include/isc/resource.h
198. include/isc/result.h
199. include/isc/resultclass.h
200. include/isc/rwlock.h
201. include/isc/safe.h
202. include/isc/serial.h
203. include/isc/siphash.h
204. include/isc/sockaddr.h
205. include/isc/socket.h
206. include/isc/stat.h
207. include/isc/stats.h
208. include/isc/stdatomic.h
209. include/isc/stdio.h
210. include/isc/stdtime.h
211. include/isc/strerr.h
212. include/isc/string.h
213. include/isc/symtab.h
214. include/isc/syslog.h
215. include/isc/task.h
216. include/isc/taskpool.h
217. include/isc/thread.h
218. include/isc/time.h
219. include/isc/timer.h
220. include/isc/tm.h
221. include/isc/types.h
222. include/isc/utf8.h
223. include/isc/util.h
224. include/isccc/alist.h
225. include/isccc/base64.h
226. include/isccc/cc.h
227. include/isccc/ccmsg.h
228. include/isccc/events.h
229. include/isccc/result.h
230. include/isccc/sexpr.h
231. include/isccc/symtab.h
232. include/isccc/symtype.h
233. include/isccc/types.h
234. include/isccc/util.h
235. include/isccfg/aclconf.h
236. include/isccfg/cfg.h
237. include/isccfg/dnsconf.h
238. include/isccfg/grammar.h
239. include/isccfg/kaspconf.h
240. include/isccfg/log.h
241. include/isccfg/namedconf.h
242. include/ns/client.h
243. include/ns/hooks.h
244. include/ns/interfacemgr.h
245. include/ns/lib.h
246. include/ns/listenlist.h
247. include/ns/log.h
248. include/ns/notify.h
249. include/ns/query.h
250. include/ns/server.h
251. include/ns/sortlist.h
252. include/ns/stats.h
253. include/ns/types.h
254. include/ns/update.h
255. include/ns/xfrout.h
256. include/pk11/constants.h
257. include/pk11/internal.h
258. include/pk11/pk11.h
259. include/pk11/result.h
260. include/pk11/site.h
261. include/pkcs11/pkcs11.h
262. lib/libbind9.a
263. lib/libdns.a
264. lib/libirs.a
265. lib/libisc.a
266. lib/libisccc.a
267. lib/libisccfg.a
268. lib/libns.a
269. @comment lib/named/filter-aaaa.so
270. @comment @comment man/man1/dnstap-read.1.gz
271. @comment man/man1/arpaname.1.gz
272. @comment man/man1/delv.1.gz
273. @comment man/man1/dig.1.gz
274. @comment man/man1/dnstap-read.1.gz
275. @comment man/man1/host.1.gz
276. @comment man/man1/mdig.1.gz
277. @comment man/man1/named-rrchecker.1.gz
278. @comment man/man1/nslookup.1.gz
279. @comment man/man1/nsupdate.1.gz
280. man/man5/named.conf.5.gz
281. man/man5/rndc.conf.5.gz
282. man/man8/ddns-confgen.8.gz
283. @comment man/man8/dnssec-cds.8.gz
284. @comment man/man8/dnssec-dsfromkey.8.gz
285. @comment man/man8/dnssec-importkey.8.gz
286. @comment man/man8/dnssec-keyfromlabel.8.gz
287. @comment man/man8/dnssec-keygen.8.gz
288. @comment man/man8/dnssec-revoke.8.gz
289. @comment man/man8/dnssec-settime.8.gz
290. @comment man/man8/dnssec-signzone.8.gz
291. @comment man/man8/dnssec-verify.8.gz
292. man/man8/filter-aaaa.8.gz
293. man/man8/named-checkconf.8.gz
294. man/man8/named-checkzone.8.gz
295. @comment man/man8/named-compilezone.8.gz
296. @comment man/man8/named-journalprint.8.gz
297. man/man8/named-nzd2nzf.8.gz
298. man/man8/named.8.gz
299. @comment man/man8/nsec3hash.8.gz
300. @comment man/man8/pkcs11-destroy.8.gz
301. @comment man/man8/pkcs11-keygen.8.gz
302. @comment man/man8/pkcs11-list.8.gz
303. @comment man/man8/pkcs11-tokens.8.gz
304. man/man8/rndc-confgen.8.gz
305. man/man8/rndc.8.gz
306. @comment man/man8/tsig-keygen.8.gz
307. sbin/ddns-confgen
308. sbin/named
309. sbin/named-checkconf
310. sbin/named-checkzone
311. sbin/named-compilezone
312. sbin/named-nzd2nzf
313. sbin/rndc
314. sbin/rndc-confgen
315. sbin/tsig-confgen
316. @dir(bind,bind,) etc/namedb/dynamic
317. @dir(bind,bind,) etc/namedb/slave
318. @dir(bind,bind,) etc/namedb/working

Collapse this list.

Dependency lines:

• bind9-devel>0:dns/bind9-devel

Conflicts:

CONFLICTS:

• bind911
• bind912
• bind913
• bind914
• bind916

Conflicts Matches:

There are no Conflicts Matches for this port. This is usually an error.

To install the port: cd /usr/ports/dns/bind9-devel/ && make install clean

To add the package: pkg install bind9-devel

PKGNAME: bind9-devel

Flavors: there is no flavor information for this port.

distinfo:

TIMESTAMP = 1591098249 SHA256 (isc-projects-bind9-31fa72ec2e724ecf1489983849eb05b7aeb3481a_GL0.tar.gz) = 269e65c65ff1ee57d7deb927649f86ff79458f8dad9d9686b6c2b00821d6eac1 SIZE (isc-projects-bind9-31fa72ec2e724ecf1489983849eb05b7aeb3481a_GL0.tar.gz) = 4472173

Dependencies

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:

1. sphinx-build : textproc/py-sphinx
2. pkgconf>=1.3.0_1 : devel/pkgconf
3. autoconf>=2.69 : devel/autoconf
4. automake>=1.16.1 : devel/automake
5. libtoolize : devel/libtool

Runtime dependencies:

1. bind-tools>0 : dns/bind-tools

Library dependencies:

1. libuv.so : devel/libuv
2. libxml2.so : textproc/libxml2
3. libidn2.so : dns/libidn2
4. libjson-c.so : devel/json-c
5. liblmdb.so : databases/lmdb
6. libedit.so.0 : devel/libedit
7. libiconv.so : converters/libiconv

There are no ports dependent upon this port

Configuration Options

===> The following configuration options are available for bind9-devel-9.17.0.a0.2020.06.01: DNSTAP=off: Provides fast passive logging of DNS messages DOCS=on: Build and/or install documentation FIXED_RRSET=off: Enable fixed rrset ordering GEOIP=off: GeoIP IP location support IDN=on: International Domain Names support JSON=on: JSON file/format/parser support LARGE_FILE=off: 64-bit file support LMDB=on: Use LMDB for zone management MANPAGES=on: Build and/or install manual pages OVERRIDECACHE=off: Use the override-cache patch PORTREVISION=off: Show PORTREVISION in the version string QUERYTRACE=off: Enable the very verbose query tracelogging SIGCHASE=on: dig/host/nslookup will do DNSSEC validation START_LATE=off: Start BIND late in the boot process (see help) TCP_FASTOPEN=on: RFC 7413 support TUNING_LARGE=off: Tune named for large systems (**READ HELP**) ====> Dynamically Loadable Zones DLZ_BDB=off: DLZ BDB driver DLZ_FILESYSTEM=on: DLZ filesystem driver DLZ_LDAP=off: DLZ LDAP driver DLZ_MYSQL=off: DLZ MySQL driver (no threading) DLZ_POSTGRESQL=off: DLZ Postgres driver DLZ_STUB=off: DLZ stub driver ====> GSSAPI Security API support: you have to select exactly one of them GSSAPI_BASE=off: Using Heimdal in base GSSAPI_HEIMDAL=off: Using security/heimdal GSSAPI_MIT=off: Using security/krb5 GSSAPI_NONE=on: Disable ====> Choose which crypto engine to use: you can only select none or one of them NATIVE_PKCS11=off: Use PKCS#11 native API (**READ HELP**) ===> Use 'make config' to modify these settings

USES:

autoreconf compiler:c11 cpe libedit libtool pkgconfig ssl tar:bz2 iconv

Master Sites:

1. http://distcache.FreeBSD.org/local-distfiles/mat/bind/
2. http://distcache.eu.FreeBSD.org/local-distfiles/mat/bind/
3. http://distcache.us-east.FreeBSD.org/local-distfiles/mat/bind/
4. http://distcache.us-west.FreeBSD.org/local-distfiles/mat/bind/
5. https://gitlab.isc.org/isc-projects/bind9/repository/31fa72ec2e724ecf1489983849eb05b7aeb3481a/archive.tar.gz?dummy=/

• 2015-03-24

  Affects: users of dns/bind9*

  Author: mat@FreeBSD.org

  Reason: 
    This is only for FreeBSD 10.0+.
  
    BIND auto chroot has been added back to the named rc script.  As enabling it
    by default would most certainly break people's setup, it is not.  To enable
    it, and chroot it in /var/named, add the following line to your rc.conf file:
  
    named_chrootdir="/var/named"
  
    On first launch, the rc script will move the /usr/local/etc/namedb directory
    into the chroot, and create a symlink to it.
  
    Note that, if you're running from within a jail, you need to have a
    /var/named/dev devfs created beforehand, with the null and random devices.
  
  

• 2013-11-12

  Affects: users of dns/bind9*

  Author: erwin@FreeBSD.org

  Reason: 
    All bind9 ports have been updated to support FreeBSD 10.x after
    BIND was removed from the base system.  It is now self-contained
    in ${PREFIX}/etc/namedb, and chroot and symlinking options are
    no longer supported out of the box.
  
    For users of FreeBSD 9.x and earlier, the LINKS option is no longer
    enabled by default, but still supported.  No other changes should
    affect those users, and updating without changing already set options
    will keep the system in the same state.
  
  

• port moved here from dns/bind913 on 2019-05-16
  REASON: Remove outdated development version
  

Update to latest commit.

Update to latest commit.

While here, fix the bind-min-override-ttl patch. [1]

Submitted by:	Andre Albsmeier [1]

Bump PORTREVISION for devel/json-c json-c

Add a hook to be able to build dns/bind-tools with dns/bind9-devel.

While there, fixup patches.

Update to latest commits.

Man pages are back.

Update to latest commit.

BIND9 switched to using autoconf, this broke a few things, for example,
man pages are not there any more, plugins are somehow missing too.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Remvoe the scary pkg-message from BIND9 9.16.

And make a note that it needs to be removed when a new release comes
along, so that I don't forget next year.

Reported by:	Matthias Fechner

Add forgotten CONFLICTS lines.

Add a couple of things here to ease future new releases.

Update to latest commit.

Update to latest commit.

While there, run portfmt.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Fixes a startup issue.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Security:	CVE-2019-6475, CVE-2019-6476

Update to latest commit.

Drop the ipv6 virtual category for d* category as it is not relevant anymore

Update to latest commit.

Update to latest commit.

Update ti latest commit.

Add GEOIP back here too.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Convert BIND9's pkg-message files to UCL.

Update to latest commit.

Fix build when not using WITH_DEBUG.

Reported by:	pkg-fallout@

Fix named when using plugins and chroot.

BIND9 introduced plugins and migrated the filter-aaaa feature to a
plugin.
As it loads its plugins late in the startup process (read after chroot),
the plugins need to be available in the chroot.

Also, refactor the code now that a second directory need to be handled.

PR:		238011
Reported by:	ryan@timewasted.me
MFH:		2019Q2

Update to latest commit.

For some reason, this does not always get picked up correctly.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Prevent bind-tools from inheriting CONFLICTS.

I don't see how this can be a problem as bind-tools is never built after
bind9*.

Reported by:	Matthew D. Fuller

Switch to using OPTIONS_EXCLUDE to avoid picking up strays.

If you had things installed, say, lmdb, it would be picked up and linked
with.

Reported by:	sunpoet

Remove conflicts from bind-tools and the server ports.

All servers now depend on the same bind-tools, from the latest BIND9
release.

Chase dependencies to make sure they now depend on the correct port.

Differential Revision:	https://reviews.freebsd.org/D19922

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Make WITH_DEBUG actually build and be as helpful as possible.

Update to latest commit.

Update WWW.

PR:		236196
Submitted by:	Leonid Nevecherya

Update to latest commit.

Update to latest commit.

Add BIND 9.14.0 first release candidate.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update dns/libidn2 to 2.1.1

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://gitlab.com/libidn/libidn2/blob/master/NEWS

Update to latest commit.

Use official patch instead of my half baked one.

No functionnal changes.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Remove GeoIP-related options. Where possible, replace GeoIP 1 defaults
with GeoIP 2.

Also, as suggested by zi, add an UPDATING note about this.

Update to latest commit.

Update dns/libidn2 to 2.1.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://gitlab.com/libidn/libidn2/blob/master/NEWS

Update to latest commit.

Update to latest commit.

While there, rename MINCACHE option, most of its features have been
integrated in BIND9, the only remaining bit of the patch is the override
cache feature to force all cached TTL to a specific one.

Update to 9.11.5-P1, 9.12.3-P1, 9.13.5.

While there:
- Don't disable symbol table generation when building WITH_DEBUG.
- Try and make sure nullfs can really be used in a more robustt and
  centralized way.
- Make sure all changes are sync'ed among all BIND9 ports.

Bump PORTREVISION for ports depending on the canonical version of GCC
defined via Mk/bsd.default-versions.mk which has moved from GCC 7.4 t
GCC 8.2 under most circumstances.

This includes ports
 - with USE_GCC=yes or USE_GCC=any,
 - with USES=fortran,
 - using Mk/bsd.octave.mk which in turn features USES=fortran, and
 - with USES=compiler specifying openmp, nestedfct, c11, c++0x, c++11-lang,
   c++11-lib, c++14-lang, c++17-lang, or gcc-c++11-lib
plus, as a double check, everything INDEX-11 showed depending on lang/gcc7.

PR:		231590

Update to latest commit.

The filter-aaaa feature is now a pluggable module.
While there, ipv6 is not optional any more.

These ports now build on powerpc64.

While here, pet portlint.

Approved by:	portmgr (tier-2 blanket)

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Fix build on powerpc64.

PR:		231786
Submitted by:	Piotr Kubaj

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Update to latest commit.

Fix build on i386.

Update to latest commit.

Update to latest commit.

15 vulnerabilities affecting 78 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last updated:
2020-06-03 17:48:31