bind910 BIND DNS suite with updated DNSSEC and DNS64
9.10.7_2 dns =19

9.10.7Version of this port present on the latest quarterly branch.

DEPRECATED: Going out of support, please migrate to dns/bind911
This port expired on: 2018-06-30
Maintainer: mat@FreeBSD.org
Port Added: 2014-04-10 16:01:46
Last Update: 2018-07-04 13:57:28
SVN Revision: 473882
Also Listed In: net ipv6
License: ISCL

BIND version 9 is a major rewrite of nearly all aspects of the underlying BIND
architecture.  Some of the important features of BIND 9 are:

DNS Security: DNSSEC (signed zones), TSIG (signed DNS requests)
IP version 6: Answers DNS queries on IPv6 sockets, IPv6 resource records (AAAA)
     Experimental IPv6 Resolver Library
DNS Protocol Enhancements: IXFR, DDNS, Notify, EDNS0
     Improved standards conformance
Views: One server process can provide multiple "views" of the DNS namespace,
     e.g. an "inside" view to certain clients, and an "outside" view to others.
Multiprocessor Support

See the CHANGES file for more information on new features.

WWW: https://www.isc.org/software/bind

SVNWeb : Homepage

Pseudo-pkg-plist information, but much better, from make generate-plist
Expand this list (430 items)

1. /usr/local/share/licenses/bind910-9.10.7_2/catalog.mk
2. /usr/local/share/licenses/bind910-9.10.7_2/LICENSE
3. /usr/local/share/licenses/bind910-9.10.7_2/ISCL
4. bin/arpaname
5. bin/bind9-config
6. bin/delv
7. bin/dig
8. bin/host
9. bin/isc-config.sh
10. bin/named-rrchecker
11. bin/nslookup
12. bin/nsupdate
13. @sample etc/mtree/BIND.chroot.dist.sample
14. @sample etc/mtree/BIND.chroot.local.dist.sample
15. etc/namedb/bind.keys
16. etc/namedb/master/empty.db
17. etc/namedb/master/localhost-forward.db
18. etc/namedb/master/localhost-reverse.db
19. @sample etc/namedb/named.conf.sample
20. etc/namedb/named.root
21. etc/namedb/rndc.conf.sample
22. include/bind9/check.h
23. include/bind9/getaddresses.h
24. include/bind9/version.h
25. include/dns/acache.h
26. include/dns/acl.h
27. include/dns/adb.h
28. include/dns/bit.h
29. include/dns/byaddr.h
30. include/dns/cache.h
31. include/dns/callbacks.h
32. include/dns/cert.h
33. include/dns/client.h
34. include/dns/clientinfo.h
35. include/dns/compress.h
36. include/dns/db.h
37. include/dns/dbiterator.h
38. include/dns/dbtable.h
39. include/dns/diff.h
40. include/dns/dispatch.h
41. include/dns/dlz.h
42. include/dns/dlz_dlopen.h
43. include/dns/dns64.h
44. include/dns/dnssec.h
45. include/dns/ds.h
46. include/dns/dsdigest.h
47. include/dns/ecdb.h
48. include/dns/enumclass.h
49. include/dns/enumtype.h
50. include/dns/events.h
51. include/dns/fixedname.h
52. include/dns/forward.h
53. include/dns/geoip.h
54. include/dns/iptable.h
55. include/dns/journal.h
56. include/dns/keydata.h
57. include/dns/keyflags.h
58. include/dns/keytable.h
59. include/dns/keyvalues.h
60. include/dns/lib.h
61. include/dns/log.h
62. include/dns/lookup.h
63. include/dns/master.h
64. include/dns/masterdump.h
65. include/dns/message.h
66. include/dns/name.h
67. include/dns/ncache.h
68. include/dns/nsec.h
69. include/dns/nsec3.h
70. include/dns/opcode.h
71. include/dns/order.h
72. include/dns/peer.h
73. include/dns/portlist.h
74. include/dns/private.h
75. include/dns/rbt.h
76. include/dns/rcode.h
77. include/dns/rdata.h
78. include/dns/rdataclass.h
79. include/dns/rdatalist.h
80. include/dns/rdataset.h
81. include/dns/rdatasetiter.h
82. include/dns/rdataslab.h
83. include/dns/rdatastruct.h
84. include/dns/rdatatype.h
85. include/dns/request.h
86. include/dns/resolver.h
87. include/dns/result.h
88. include/dns/rootns.h
89. include/dns/rpz.h
90. include/dns/rriterator.h
91. include/dns/rrl.h
92. include/dns/sdb.h
93. include/dns/sdlz.h
94. include/dns/secalg.h
95. include/dns/secproto.h
96. include/dns/soa.h
97. include/dns/ssu.h
98. include/dns/stats.h
99. include/dns/tcpmsg.h
100. include/dns/time.h
101. include/dns/timer.h
102. include/dns/tkey.h
103. include/dns/tsec.h
104. include/dns/tsig.h
105. include/dns/ttl.h
106. include/dns/types.h
107. include/dns/update.h
108. include/dns/validator.h
109. include/dns/version.h
110. include/dns/view.h
111. include/dns/xfrin.h
112. include/dns/zone.h
113. include/dns/zonekey.h
114. include/dns/zt.h
115. include/dst/dst.h
116. include/dst/gssapi.h
117. include/dst/lib.h
118. include/dst/result.h
119. include/irs/context.h
120. include/irs/dnsconf.h
121. include/irs/netdb.h
122. include/irs/platform.h
123. include/irs/resconf.h
124. include/irs/types.h
125. include/irs/version.h
126. include/isc/aes.h
127. include/isc/app.h
128. include/isc/assertions.h
129. include/isc/atomic.h
130. include/isc/backtrace.h
131. include/isc/base32.h
132. include/isc/base64.h
133. include/isc/bind9.h
134. include/isc/boolean.h
135. include/isc/buffer.h
136. include/isc/bufferlist.h
137. include/isc/commandline.h
138. include/isc/condition.h
139. include/isc/counter.h
140. include/isc/crc64.h
141. include/isc/dir.h
142. include/isc/entropy.h
143. include/isc/errno.h
144. include/isc/error.h
145. include/isc/event.h
146. include/isc/eventclass.h
147. include/isc/file.h
148. include/isc/formatcheck.h
149. include/isc/fsaccess.h
150. include/isc/hash.h
151. include/isc/heap.h
152. include/isc/hex.h
153. include/isc/hmacmd5.h
154. include/isc/hmacsha.h
155. include/isc/httpd.h
156. include/isc/int.h
157. include/isc/interfaceiter.h
158. include/isc/iterated_hash.h
159. include/isc/json.h
160. include/isc/keyboard.h
161. include/isc/lang.h
162. include/isc/lex.h
163. include/isc/lfsr.h
164. include/isc/lib.h
165. include/isc/likely.h
166. include/isc/list.h
167. include/isc/log.h
168. include/isc/magic.h
169. include/isc/md5.h
170. include/isc/mem.h
171. include/isc/msgcat.h
172. include/isc/msgs.h
173. include/isc/mutex.h
174. include/isc/mutexblock.h
175. include/isc/net.h
176. include/isc/netaddr.h
177. include/isc/netdb.h
178. include/isc/netscope.h
179. include/isc/offset.h
180. include/isc/once.h
181. include/isc/ondestroy.h
182. include/isc/os.h
183. include/isc/parseint.h
184. include/isc/platform.h
185. include/isc/pool.h
186. include/isc/portset.h
187. include/isc/print.h
188. include/isc/queue.h
189. include/isc/quota.h
190. include/isc/radix.h
191. include/isc/random.h
192. include/isc/ratelimiter.h
193. include/isc/refcount.h
194. include/isc/regex.h
195. include/isc/region.h
196. include/isc/resource.h
197. include/isc/result.h
198. include/isc/resultclass.h
199. include/isc/rwlock.h
200. include/isc/safe.h
201. include/isc/serial.h
202. include/isc/sha1.h
203. include/isc/sha2.h
204. include/isc/sockaddr.h
205. include/isc/socket.h
206. include/isc/stat.h
207. include/isc/stats.h
208. include/isc/stdio.h
209. include/isc/stdlib.h
210. include/isc/stdtime.h
211. include/isc/strerror.h
212. include/isc/string.h
213. include/isc/symtab.h
214. include/isc/syslog.h
215. include/isc/task.h
216. include/isc/taskpool.h
217. include/isc/thread.h
218. include/isc/time.h
219. include/isc/timer.h
220. include/isc/tm.h
221. include/isc/types.h
222. include/isc/util.h
223. include/isc/version.h
224. include/isc/xml.h
225. include/isccc/alist.h
226. include/isccc/base64.h
227. include/isccc/cc.h
228. include/isccc/ccmsg.h
229. include/isccc/events.h
230. include/isccc/lib.h
231. include/isccc/result.h
232. include/isccc/sexpr.h
233. include/isccc/symtab.h
234. include/isccc/symtype.h
235. include/isccc/types.h
236. include/isccc/util.h
237. include/isccc/version.h
238. include/isccfg/aclconf.h
239. include/isccfg/cfg.h
240. include/isccfg/dnsconf.h
241. include/isccfg/grammar.h
242. include/isccfg/log.h
243. include/isccfg/namedconf.h
244. include/isccfg/version.h
245. include/lwres/context.h
246. include/lwres/int.h
247. include/lwres/ipv6.h
248. include/lwres/lang.h
249. include/lwres/list.h
250. include/lwres/lwbuffer.h
251. include/lwres/lwpacket.h
252. include/lwres/lwres.h
253. include/lwres/net.h
254. include/lwres/netdb.h
255. include/lwres/platform.h
256. include/lwres/result.h
257. include/lwres/stdlib.h
258. include/lwres/string.h
259. include/lwres/version.h
260. include/pk11/constants.h
261. include/pk11/internal.h
262. include/pk11/pk11.h
263. include/pk11/result.h
264. include/pk11/site.h
265. include/pkcs11/cryptoki.h
266. include/pkcs11/eddsa.h
267. include/pkcs11/pkcs11.h
268. include/pkcs11/pkcs11f.h
269. include/pkcs11/pkcs11t.h
270. lib/libbind9.a
271. lib/libdns.a
272. lib/libirs.a
273. lib/libisc.a
274. lib/libisccc.a
275. lib/libisccfg.a
276. lib/liblwres.a
277. man/man1/arpaname.1.gz
278. man/man1/bind9-config.1.gz
279. man/man1/delv.1.gz
280. man/man1/dig.1.gz
281. man/man1/host.1.gz
282. man/man1/isc-config.sh.1.gz
283. man/man1/named-rrchecker.1.gz
284. man/man1/nslookup.1.gz
285. man/man1/nsupdate.1.gz
286. man/man3/lwres.3.gz
287. man/man3/lwres_addr_parse.3.gz
288. man/man3/lwres_buffer.3.gz
289. man/man3/lwres_buffer_add.3.gz
290. man/man3/lwres_buffer_back.3.gz
291. man/man3/lwres_buffer_clear.3.gz
292. man/man3/lwres_buffer_first.3.gz
293. man/man3/lwres_buffer_forward.3.gz
294. man/man3/lwres_buffer_getmem.3.gz
295. man/man3/lwres_buffer_getuint16.3.gz
296. man/man3/lwres_buffer_getuint32.3.gz
297. man/man3/lwres_buffer_getuint8.3.gz
298. man/man3/lwres_buffer_init.3.gz
299. man/man3/lwres_buffer_invalidate.3.gz
300. man/man3/lwres_buffer_putmem.3.gz
301. man/man3/lwres_buffer_putuint16.3.gz
302. man/man3/lwres_buffer_putuint32.3.gz
303. man/man3/lwres_buffer_putuint8.3.gz
304. man/man3/lwres_buffer_subtract.3.gz
305. man/man3/lwres_conf_clear.3.gz
306. man/man3/lwres_conf_get.3.gz
307. man/man3/lwres_conf_init.3.gz
308. man/man3/lwres_conf_parse.3.gz
309. man/man3/lwres_conf_print.3.gz
310. man/man3/lwres_config.3.gz
311. man/man3/lwres_context.3.gz
312. man/man3/lwres_context_allocmem.3.gz
313. man/man3/lwres_context_create.3.gz
314. man/man3/lwres_context_destroy.3.gz
315. man/man3/lwres_context_freemem.3.gz
316. man/man3/lwres_context_initserial.3.gz
317. man/man3/lwres_context_nextserial.3.gz
318. man/man3/lwres_context_sendrecv.3.gz
319. man/man3/lwres_endhostent.3.gz
320. man/man3/lwres_endhostent_r.3.gz
321. man/man3/lwres_freeaddrinfo.3.gz
322. man/man3/lwres_freehostent.3.gz
323. man/man3/lwres_gabn.3.gz
324. man/man3/lwres_gabnrequest_free.3.gz
325. man/man3/lwres_gabnrequest_parse.3.gz
326. man/man3/lwres_gabnrequest_render.3.gz
327. man/man3/lwres_gabnresponse_free.3.gz
328. man/man3/lwres_gabnresponse_parse.3.gz
329. man/man3/lwres_gabnresponse_render.3.gz
330. man/man3/lwres_gai_strerror.3.gz
331. man/man3/lwres_getaddrinfo.3.gz
332. man/man3/lwres_getaddrsbyname.3.gz
333. man/man3/lwres_gethostbyaddr.3.gz
334. man/man3/lwres_gethostbyaddr_r.3.gz
335. man/man3/lwres_gethostbyname.3.gz
336. man/man3/lwres_gethostbyname2.3.gz
337. man/man3/lwres_gethostbyname_r.3.gz
338. man/man3/lwres_gethostent.3.gz
339. man/man3/lwres_gethostent_r.3.gz
340. man/man3/lwres_getipnode.3.gz
341. man/man3/lwres_getipnodebyaddr.3.gz
342. man/man3/lwres_getipnodebyname.3.gz
343. man/man3/lwres_getnamebyaddr.3.gz
344. man/man3/lwres_getnameinfo.3.gz
345. man/man3/lwres_getrrsetbyname.3.gz
346. man/man3/lwres_gnba.3.gz
347. man/man3/lwres_gnbarequest_free.3.gz
348. man/man3/lwres_gnbarequest_parse.3.gz
349. man/man3/lwres_gnbarequest_render.3.gz
350. man/man3/lwres_gnbaresponse_free.3.gz
351. man/man3/lwres_gnbaresponse_parse.3.gz
352. man/man3/lwres_gnbaresponse_render.3.gz
353. man/man3/lwres_herror.3.gz
354. man/man3/lwres_hstrerror.3.gz
355. man/man3/lwres_inetntop.3.gz
356. man/man3/lwres_lwpacket_parseheader.3.gz
357. man/man3/lwres_lwpacket_renderheader.3.gz
358. man/man3/lwres_net_ntop.3.gz
359. man/man3/lwres_noop.3.gz
360. man/man3/lwres_nooprequest_free.3.gz
361. man/man3/lwres_nooprequest_parse.3.gz
362. man/man3/lwres_nooprequest_render.3.gz
363. man/man3/lwres_noopresponse_free.3.gz
364. man/man3/lwres_noopresponse_parse.3.gz
365. man/man3/lwres_noopresponse_render.3.gz
366. man/man3/lwres_packet.3.gz
367. man/man3/lwres_resutil.3.gz
368. man/man3/lwres_sethostent.3.gz
369. man/man3/lwres_sethostent_r.3.gz
370. man/man3/lwres_string_parse.3.gz
371. man/man5/named.conf.5.gz
372. man/man5/rndc.conf.5.gz
373. man/man8/ddns-confgen.8.gz
374. man/man8/dnssec-checkds.8.gz
375. man/man8/dnssec-coverage.8.gz
376. man/man8/dnssec-dsfromkey.8.gz
377. man/man8/dnssec-importkey.8.gz
378. man/man8/dnssec-keyfromlabel.8.gz
379. man/man8/dnssec-keygen.8.gz
380. man/man8/dnssec-revoke.8.gz
381. man/man8/dnssec-settime.8.gz
382. man/man8/dnssec-signzone.8.gz
383. man/man8/dnssec-verify.8.gz
384. man/man8/genrandom.8.gz
385. man/man8/isc-hmac-fixup.8.gz
386. man/man8/lwresd.8.gz
387. man/man8/named-checkconf.8.gz
388. man/man8/named-checkzone.8.gz
389. man/man8/named-compilezone.8.gz
390. man/man8/named-journalprint.8.gz
391. man/man8/named.8.gz
392. man/man8/nsec3hash.8.gz
393. @comment man/man8/pkcs11-destroy.8.gz
394. @comment man/man8/pkcs11-keygen.8.gz
395. @comment man/man8/pkcs11-list.8.gz
396. @comment man/man8/pkcs11-tokens.8.gz
397. man/man8/rndc-confgen.8.gz
398. man/man8/rndc.8.gz
399. man/man8/tsig-keygen.8.gz
400. sbin/ddns-confgen
401. sbin/dnssec-checkds
402. sbin/dnssec-coverage
403. sbin/dnssec-dsfromkey
404. sbin/dnssec-importkey
405. sbin/dnssec-keyfromlabel
406. sbin/dnssec-keygen
407. sbin/dnssec-revoke
408. sbin/dnssec-settime
409. sbin/dnssec-signzone
410. sbin/dnssec-verify
411. sbin/genrandom
412. sbin/isc-hmac-fixup
413. sbin/lwresd
414. sbin/named
415. sbin/named-checkconf
416. sbin/named-checkzone
417. sbin/named-compilezone
418. sbin/named-journalprint
419. sbin/nsec3hash
420. @comment sbin/pkcs11-destroy
421. @comment sbin/pkcs11-keygen
422. @comment sbin/pkcs11-list
423. @comment sbin/pkcs11-tokens
424. sbin/rndc
425. sbin/rndc-confgen
426. sbin/tsig-keygen
427. @dir(bind,bind,) etc/namedb/dynamic
428. @dir etc/namedb/master
429. @dir(bind,bind,) etc/namedb/slave
430. @dir(bind,bind,) etc/namedb/working
Collapse this list.

Dependency lines:

• bind910>0:dns/bind910

---

No installation instructions: this port has been deleted.

The package name of this deleted port was:

PKGNAME: bind910

There is no flavor information for this port.

distinfo:

TIMESTAMP = 1521455507
SHA256 (bind-9.10.7.tar.gz) = e15e70982d966cd4b194ff483f5cc636c0017b054ae2e332ca3f28fe53f11660
SIZE (bind-9.10.7.tar.gz) = 9171441

---

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:

1. python2.7 : lang/python27

Runtime dependencies:

1. python2.7 : lang/python27

Library dependencies:

1. libxml2.so : textproc/libxml2
2. libidnkit.so : dns/idnkit
3. libjson-c.so : devel/json-c
4. libedit.so.0 : devel/libedit
5. libiconv.so : converters/libiconv

There are no ports dependent upon this port

---

Configuration Options

===> The following configuration options are available for bind910-9.10.7_2:
     DOCS=on: Build and/or install documentation
     FETCHLIMIT=off: Enable the query quotas for resolvers
     FILTER_AAAA=on: Enable filtering of AAAA records
     FIXED_RRSET=off: Enable fixed rrset ordering
     GEOIP=off: Allow geographically based ACL.
     IDN=on: International Domain Names support
     IPV6=on: IPv6 protocol support
     JSON=on: JSON file/format/parser support
     LARGE_FILE=off: 64-bit file support
     MINCACHE=off: Use the mincachettl patch
     PORTREVISION=off: Show PORTREVISION in the version string
     PYTHON=on: Build with Python utilities
     QUERYTRACE=off: Enable the very verbose query tracelogging
     RPZ_NSDNAME=on: Enable RPZ NSDNAME policy records
     RPZ_NSIP=on: Enable RPZ NSIP trigger rules
     SIGCHASE=on: dig/host/nslookup will do DNSSEC validation
     START_LATE=off: Start BIND late in the boot process (see help)
     THREADS=on: Threading support
     TUNING_LARGE=off: Tune named for large systems (**READ HELP**)
====> Dynamically Loadable Zones
     DLZ_POSTGRESQL=off: DLZ Postgres driver
     DLZ_MYSQL=off: DLZ MySQL driver (no threading)
     DLZ_BDB=off: DLZ BDB driver
     DLZ_LDAP=off: DLZ LDAP driver
     DLZ_FILESYSTEM=on: DLZ filesystem driver
     DLZ_STUB=off: DLZ stub driver
====> GSSAPI Security API support: you have to select exactly one of them
     GSSAPI_BASE=off: Using Heimdal in base
     GSSAPI_HEIMDAL=off: Using security/heimdal
     GSSAPI_MIT=off: Using security/krb5
     GSSAPI_NONE=on: Disable
====> Choose which crypto engine to use: you can only select none or one of them
     SSL=on: Build with OpenSSL (Required for DNSSEC)
     NATIVE_PKCS11=off: Use PKCS#11 native API (**READ HELP**)
====> Enable GOST ciphers, needs SSL: you can only select none or one of them
     GOST=off: GOST raw keys (new default)
     GOST_ASN1=off: GOST using ASN.1
===> Use 'make config' to modify these settings

---

USES:

cpe libedit iconv python ssl

---

Master Sites:

1. ftp://ftp.ciril.fr/pub/isc/bind9/9.10.7/
2. ftp://ftp.freenet.de/pub/ftp.isc.org/isc/bind9/9.10.7/
3. ftp://ftp.funet.fi/pub/mirrors/ftp.isc.org/isc/bind9/9.10.7/
4. ftp://ftp.iij.ad.jp/pub/network/isc/bind9/9.10.7/
5. ftp://ftp.isc.org/isc/bind9/9.10.7/
6. ftp://ftp.mirrorservice.org/sites/ftp.isc.org/isc/bind9/9.10.7/
7. ftp://ftp.nominum.com/pub/isc/bind9/9.10.7/
8. ftp://ftp.ntua.gr/pub/net/isc/isc/bind9/9.10.7/
9. ftp://ftp.ripe.net/mirrors/sites/ftp.isc.org/isc/bind9/9.10.7/
10. ftp://ftp.task.gda.pl/mirror/ftp.isc.org/isc/bind9/9.10.7/
11. ftp://ftp.u-aizu.ac.jp/pub/net/isc/bind9/9.10.7/
12. https://ftp.isc.org/isc/bind9/9.10.7/

• port moved to dns/bind911 on 2018-07-04
  REASON: Has expired: Going out of support, please migrate to dns/bind911
  

Remove expired ports:
2018-06-30 dns/bind99: Going out of support, please migrate to dns/bind911
2018-06-30 dns/bind910: Going out of support, please migrate to dns/bind911

Include a patch to fix CVE-2018-5738 in all the BIND9 ports.

MFH:		2018Q2 (blanket)
Security:	CVE-2018-5738
Sponsored by:	Absolight

Add BIND9 9.13.0.

The ISC changed their release model, they are now doing
odd-unstable/even-stable release numbering.  This is a development
version, consider it alpha/beta quality.  The next stable release will
be 9.14.0.

Changes:	https://kb.isc.org/article/AA-01612
Sponsored by:	Absolight

Fix build when LOCALBASE!=/usr/local.

PR:		227554
Submitted by:	John Hein
Sponsored by:	Absolight

Enable the FILTER_AAAA option by default, the feature was made non
optional in recent versions, so might as well do it in older ones.

PR:		226383
Sponsored by:	Absolight

Update BIND9 ports to 9.9.12, 9.10.7, 9.11.3 and 9.12.1.

Sponsored by:	Absolight

Teach named where its pid file should be by default, to be consistent
with the default configuration, rc script, man pages...

PR:		225687
Reported by:	John W. O'Brien
Sponsored by:	Absolight

Catch up with the conflicts lines in the BIND9 ports.

Sponsored by:	Absolight

Update named.root.

Sponsored by:	People afraid of a nuclear holocaust.

Update BIND9* to 9.9.11-P1, 9.10.6-P1, 9.11.2-P1 and 9.12.0rc3

MFH:		2018Q1
Security:	CVE-2017-3145
Sponsored by:	Absolight

Add a TUNING_LARGE option.

https://kb.isc.org/article/AA-01314/0

Tunes certain compiled-in constants and default settings to
values better suited to large servers with 12/16GB+ of memory.
This can improve performance on such servers, but will consume
more memory and may degrade performance on smaller systems.

PR:		224859
Sponsored by:	Absolight

Fix altlog_proglist warning when it contains more than the named service.

PR:		224951
Submitted by:	Trix Farrar
Sponsored by:	Absolight

Update devel/json-c to 0.13

- Add TEST_TARGET
- While I'm here, fix shebang for net/opensips
- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://github.com/json-c/json-c/blob/master/ChangeLog
PR:		224675
Exp-run by:	antoine

Add an extra check to make sure syslogd is correctly configured when
using chroot.

Sponsored by:	Absolight

Make a note that dns/bind99 and dns/bind910 will be unsupported in a few
months.

Sponsored by:	Absolight

Add a symlink to named's session-keyfile.

Using nsupdate -l, and chroot was broken because nsupdate could not find
the keyfile by itself.

PR:		223403
Submitted by:	Harald Schmalzbauer
Sponsored by:	Absolight

Enable the PYTHON option by default, it brings a few interesting DNSSEC
tools.

Sponsored by:	Absolight

Install the mtree file as .sample to allow users to change them.

Sponsored by:	Absolight

Update BIND9 ports to 9.{9.11,10.6,11.2}.

Sponsored by:	Absolight

Update to 9.{9.10,10.5,11.1}-P3.

Sponsored by:	Absolight

Update to 9.{9.10,10.5,11.1}-P2.

Security:	CVE-2017-3142
Security:	CVE-2017-3143
Sponsored by:	Absolight

Update to 9.9.10-P1, 9.10.5-P1, 9.11.1-P1.

MFH:		2017Q2
Security:	CVE-2017-3140
Security:	CVE-2017-3141
Sponsored by:	Absolight

Remove special handling for testing and documentation domains, per RFC
6761 recommendations.

While there:
- Fix invalid syntax in sample slave config.
- Add a message about having syslogd working with BIND9 chroot.

PR:		217915
Reported by:	eserte12 yahoo de
Sponsored by:	Absolight

Update to 9.9.10, 9.10.5, 9.11.1 and 9.12 to latest snapshot.

While there:

Make it more maintainable by sorting stuff in the Makefile and removing
vestigial pre 10.3 things.

Refresh the root zone hints.

"Fix" the configuration section telling you to get some top level
zones from f.root-servers.net, which does not allow axfr any more. [1]

PR:		218656 [1]
Reported by:	Thomas Steen Rasmussen / Tykling [1]
MFH:		2017Q2
Sponsored by:	Absolight

Unbreak rndc calls when using non default rndc.key location.

PR:		218335
Sponsored by:	Absolight

Security update to 9.10.4-P6.

Security:	c6861494-1ffb-11e7-934d-d05099c0ae8c
Approved by:	so
MFH:		2017Q2

Remove private URLs that should never have been committed.

Pointy hat:	mat
Sponsored by:	Absolight

Update to 9.9.9-P6, 9.10.4-P6 and 9.11.0-P3.

While there, remove the RPZ_PATCH for BIND9 9.9, it has not been updated
for years, and, it does not build any more.

MFH:		2017Q1
Security:	CVE-2017-3135
Sponsored by:	Absolight

Commit the cleanups that should have gone in with the pervious update.

Sponsored by:	Absolight

Security update to 9.10.4-P5.

Approved by:	so
Security:	d4c7e9a9-d893-11e6-9b4d-d050996490d0
MFH:		2017Q1

Remove bind-tools support from bind910.

Sponsored by:	Absolight

Cleanup CONFLICTS.

Sponsored by:	Absolight

Fixup libedit for all BIND9 ports, and fix spurious json dependency by
adding an option.

PR:		215170
Reported by:	sunpoet
Sponsored by:	Absolight

Fix using libedit from ports.

PR:		215170
Reported by:	sunpoet
Sponsored by:	Absolight

Security update:

dns/bind99:  9.9.9-P3  -> 9.9.9-P4
dns/bind910: 9.10.4-P3 -> 9.10.4-P4
dns/bind911: 9.11.0    -> 9.11.0-P1

Security:	CVE-2016-8864
Submitted by:	mat
MFH:		2016Q4

Remarke MAKE_JOBS_UNSAFE everywhere.

Sponsored by:	Absolight

So, on 9, it is failing to build it with jobs.

It builds .a before all the .o that are supposed to go in the .a are
built.  Imagine what happens after that...

Reported by:	Craig Leres
Sponsored by:	Absolight

Remove MAKE_JOBS_UNSAFE for BIND9.

It was added in 2009 in r232247 without the reason it was failing, I've
tried with -J 2-10, and can't have one of the BIND9 port fail.
Feel free to add it back, but please, add the reason why it fails.

Sponsored by:	Absolight

Update BIND9 to latest versions, 9.9.9-P3, 9.10.4-P3, 9.11.0rc3

MFH:		2016Q3
Security:	CVE-2016-2776
Sponsored by:	Absolight

The START_LATE option is not needed by bind-tools.

Sponsored by:	Absolight

The NEWSTATS and RRL options were removed in BIND9 9.10, so remove them
from here, also, make the upstream default options default for real.

While there, put back the BIND_TOOLS knobs in bind9-devel.

Sponsored by:	Absolight

Convert to USES=ssl.

Sponsored by:	Absolight

BIND9 update, 9.9.9-P2, 9.10.4-P2, 9.11.0b2 and latest 9.12 snapshot.

MFH:		2016Q3
Security:	CVE-2016-2775
Changes:	https://lists.isc.org/pipermail/bind-announce/2016-July/000996.html
Changes:	https://lists.isc.org/pipermail/bind-announce/2016-July/000997.html
Changes:	https://lists.isc.org/pipermail/bind-announce/2016-July/000998.html
Changes:	https://lists.isc.org/pipermail/bind-announce/2016-July/000999.html
Sponsored by:	Absolight

Introduce BIND9 9.11.0b1. (beta1)

BIND 9.11 brings many changes to BIND, including a new license
(the Mozilla Public License 2.0 -- you can read about it here:
https://www.isc.org/blogs/bind9-adopts-the-mpl-2-0-license-with-bind-9-11-0/)
and many new features, including:

-  Catalog zones, a new way to provision zones on slave servers
-  dyndb api, a fast new api enabling BIND to serve zones stored
   in a database (Developed by Petr Spacek of RedHat)
-  RNDC showzone, view-only mode and other improvements
-  dnstap query and response logging (Robert Edmonds is the author
   of dnstap, see www.dnstap.info)
-  EDNS Client-subnet (authoritative server functions)
-  DNSSEC key manager, a new utility (Thanks to Sebastian Castro
   for helping with development.)
-  Automatic CDS/CDSKEY generation
-  Negative Trust Anchors for DNSSEC validators
-  IPv6 bias to encourage use of IPv6 DNS servers
-  Minimal response to "any" queries (Thanks to Tony Finch for
   the contribution)
-  DNS Cookies are now enabled by default, using the standardized code point

Changes:	https://lists.isc.org/pipermail/bind-announce/2016-June/000994.html
Sponsored by:	Absolight

Fix usage of WITH_OPENSSL_BASE, WITH_OPENSSL_PORT and OPENSSL_PORT.

WITH_OPENSSL_* can't be set after bsd.port.pre.mk.
Fold all other usage into using SSL_DEFAULT == foo

PR:		210149
Submitted by:	mat
Exp-run by:	antoine
Sponsored by:	The FreeBSD Foundation, Absolight
Differential Revision:	https://reviews.freebsd.org/D6577

Update to 9.9.9-P1 and 9.10.4-P1.

Sponsored by:	Absolight

Add --with-dlopen=yes to the default options to allow using third
parties dlz drivers.

While there:
- enable the DLZ_FILESYSTEM option by default
- convert to USES=mysql and USES=bdb

Requested by:	borius i ua
Sponsored by:	Absolight

Remove NLS, DOCS, EXAMPLES and IPV6 from OPTIONS_DEFAULT, they are enabled by
default anyway and don't need to be listed

Approved by:	portmgr blanket

Update to 9.10.4.

While there, update the root hints file.

Sponsored by:	Absolight

Stop bringing in OpenSSL from ports, it builds fine with the base one on
9, and WITH_OPENSSL_PORT does not belong in a port's Makefile anyway.

Not bumping PORTREVISION because:
- if you are building with poudriere, it will detect that a dependency
  has changed and rebuild it.
- if you are building from ports, you will have OpenSSL from ports
  installed, and it will choose to use it.

Sponsored by:	Absolight

Remove ${PORTSDIR}/ from dependencies, categories d, e, f, and g.

With hat:	portmgr
Sponsored by:	Absolight

Update to 9.9.8-P4, 9.10.3-P4 and latest snapshot.

MFH:		2016Q1 (obviously)
Security:	CVE-2016-1285
Security:	CVE-2016-1286
Security:	CVE-2016-2088
Sponsored by:	Absolight

Update bind99 to 9.9.8-P3, bind910 to 9.10.3-P3 and bind9-devel to
latest snapshot.

MFH:		2016Q1
Security:	CVE-2015-8704
Security:	CVE-2015-8705
Sponsored by:	Absolight

Update BIND9 to the latest patch releases, 9.9.8-P2, 9.10.3-P2, and snapshot.

MFH:		2015Q4
Changes:	https://kb.isc.org/article/AA-01326/81/BIND-9.9.8-P2-Release-Notes.html
Changes:	https://kb.isc.org/article/AA-01328/81/BIND-9.10.3-P2-Release-Notes.html
Security:	CVE-2015-3193
Security:	CVE-2015-8000
Security:	CVE-2015-8461
Sponsored by:	Absolight

Fix build WITH=DLZ_BDB.

PR:		201715
Sponsored by:	Absolight

Fix build on -CURRENT. [1]

- Force building with libedit
- Bump PORTREVISION to account for accidental succesful builds

PR:		203273 [1]
Sponsored by:	Absolight

Fixup gssapi from base.

Submitted by:	hrs
Sponsored by:	Absolight

Update to bind99 to 9.9.8 & bind910 to 9.10.3.

- Add new QUERYTRACE & FETCHLIMIT.
  Note that QUERYTRACE is for debug purposes, and will eat your
  performances.
- Don't do the PORTREVISION patch if PORTREVISION is 0.
- Regen some patches

Changes:	https://lists.isc.org/pipermail/bind-announce/2015-September/000961.html
Changes:	https://lists.isc.org/pipermail/bind-announce/2015-September/000962.html
Sponsored by:	Absolight

Update BIND to 9.9.7-P3 and 9.10.2-P4.

MFH:		2015Q3 (Also needs 393161 395660 395703)
Security:	CVE-2015-5722, CVE-2015-5986
Sponsored by:	Absolight

Add an option for embedding PORTREVISION in the server's version string.

Sponsored by:	Absolight

When not using OpenSSL from ports, do not try to unmount the chrooted
engines directory.

PR:		201423 (based on)
Submitted by:	girgen
Sponsored by:	Absolight

Add an option to enable the bind min override ttl patch.

Requested by:	Laurent Frigault
Sponsored by:	Absolight

Update BIND9.

- 9.9 -> 9.9.7-P2
- 9.10 -> 9.10.2-P3

Security:	CVE-2015-5477
Sponsored by:	Absolight

Update BIND 9.9 to 9.9.7-P1 and 9.10 to 9.10.2-P2.

MFH:		2015Q3
Security:	CVE-2015-4620
Sponsored by:	Absolight

Make BIND start a bit later (and really *after* ldconfig.) [1]
Add an option to have it start way later.

PR:		200375 [1]
Sponsored by:	Absolight

Typo

Poked by:	Peter Blok
Sponsored by:	Absolight

Allow BIND 9.10 users to select the old key format when using GOST.[1]

While there, reword the options a bit, and the pkg-help files.

PR:		200031 [1]
Submitted by:	 Leo Vandewoestijne [1]
Sponsored by:	Absolight

When named.conf was placed somewhere else than %%ETCDIR%%, rndc would stop
working.

PR:		199384
Submitted by:	Curtis Villamizar
Sponsored by:	Absolight

dns/bind99, dns/bind910: support no-base option on DragonFly

Approved by:	mat (maintainer)

Enhance the error message when running from a jail without devfs.

Sponsored by:	Absolight

Add chroot back to BIND's startup script.

Differential Revision:	https://reviews.freebsd.org/D1952
Sponsored by:	Absolight

Update dns/bind99 to 9.9.7 and dns/bind910 to 9.10.2.

On 8 and 9, use the same configuration path than on 10+, ${PREFIX}/etc/namedb/.

Sponsored by:	Absolight

Update BIND 9.9 and 9.10 to the latest security patch.

Sponsored by:	Absolight

Add a patch for CVE-2015-1349 while I work on updating both ports to the new
version.

Security:	CVE-2015-1349
Sponsored by:	Absolight

Fix a few problems bind-tools by not overwritting what's defined in it in
bind910's Makefile.

Sponsored by:	Absolight

Add a note about running the right BIND daemon on 8 and 9.

Sponsored by:	Absolight

Retire REPLACE_BASE option.

While there, reduce changes from bind99 and bind910 ports.

Sponsored by:	Absolight

Security update of BIND9 to 9.9.6-P1 and 9.10.1-P1.

Security:	CVE-2014-8500 CVE-2014-8680
Sponsored by:	Absolight

Fix three ports forgotten by the USE_PGSQL removal.  (Fix a typo in devel/upp.)

Sponsored by:	Absolight

Fix bind-tools PORTREVISION.

Noticed by:	Andrei Brezan
Sponsored by:	Absolight

Install the bind.keys file with the root and dlv.isc.org keys.

Sponsored by:	Absolight

Don't install named rc script with bind-tools.

Sponsored by:	Absolight

And gmake is no longer needed.

Sponsored by:	Absolight

Update to 9.10.1.

Sponsored by:	Absolight

Update pkg-descr, this 9.10, not 9.9.

Sponsored by:	Absolight

configure no longer has problems detecting our arch like it had in bind95's
time, so remove ARCH modification, which leads to other problems, like [1]

PR:		193359 [1]
Submitted by:	dinoex [1]
Sponsored by:	Absolight

Bump PORTREVISION on all ports that depend on net/GeoIP for
r364627.

Approved by:	portmgr (not really, but touches unstaged ports)

net/openldap24-*:
- Convert to USES=libtool and bump dependent ports
- Avoid USE_AUTOTOOLS
- Don't use PTHREAD_LIBS
- Use MAKE_CMD

databases/glom:
- Drop :keepla
- Add INSTALL_TARGET=install-strip

databases/libgda4* databases/libgda5*:
- Convert to USES=libtool and bump dependent ports
- USES=tar:xz
- Use INSTALL_TARGET=install-strip
- Use @sample

And it's supposed to be lower case.

Sponsored by:	Absolight

Add CPE to BIND9.

Sponsored by:	Absolight

Add a PYTHON option to bind99 and bind910, it installs a couple of dnssec
related utilities.
Use bind's own Makefiles for installation in bind-tools.

Sponsored by:	Absolight

Fix dns/bind-tools after the gssapi update.

Also, move it from BIND 9.9 to 9.10, and add delv and nsupdate.

Sponsored by:	Absolight

Remove test bits.

Pointy hat to:	mat
Sponsored by:	Absolight

Convert dns/bind9* to USES=gssapi.

Sponsored by:	Absolight

Update to 9.10.0-P2

Changes:	https://lists.isc.org/pipermail/bind-announce/2014-June/000914.html
Security:	CVE-2014-3859
Sponsored by:	Absolight

Don't install rndc.conf

It is generated by the rc script during the first startup.  And if
the file is present, it messes up the rndc.key generation.

Poked by:	Alain Audebert
Sponsored by:	Absolight

Fix build with GOST (on 10, base OpenSSL doesn't have it)
Make sure OpenSSL from ports is used < 10.

Sponsored by:	Absolight

Make GOST in BIND 9.* optional

Test Plan: Currently testing in poudriere

Differential Revision: https://phabric.freebsd.org/D12

Update to 9.10.0-P1.

Changes:	https://lists.isc.org/pipermail/bind-announce/2014-May/000909.html
Security:	CVE-2014-3214
Sponsored by:	Absolight

Update to 9.10.0

Changes:	https://lists.isc.org/pipermail/bind-announce/2014-May/000908.html
Relnotes:	yes (if applicable to ports)
Sponsored by:	Absolight

12 vulnerabilities affecting 106 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last updated:
2019-06-19 06:36:10