Port details |
- opendnssec2 Tool suite for maintaining DNSSEC
- 2.1.14 dns =4 2.1.13_1Version of this port present on the latest quarterly branch.
- Maintainer: jaap@NLnetLabs.nl
- Port Added: 2016-07-13 13:29:25
- Last Update: 2024-08-26 20:21:13
- Commit Hash: 2beee87
- People watching this port, also watch:: nsd, rancid3, redmine51, check_ssl_cert, burp
- License: BSD3CLAUSE
- WWW:
- https://www.opendnssec.org
- Description:
- OpenDNSSEC was created as an open-source turn-key solution for
DNSSEC. It secures zone data just before it is published in an
authoritative name server.
- ¦ ¦ ¦ ¦
- Manual pages:
- FreshPorts has no man page information for this port.
- pkg-plist: as obtained via:
make generate-plist - Dependency lines:
-
- opendnssec2>0:dns/opendnssec2
- Conflicts:
- CONFLICTS:
- To install the port:
- cd /usr/ports/dns/opendnssec2/ && make install clean
- To add the package, run one of these commands:
- pkg install dns/opendnssec2
- pkg install opendnssec2
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.- PKGNAME: opendnssec2
- Flavors: there is no flavor information for this port.
- distinfo:
- TIMESTAMP = 1724583343
SHA256 (opendnssec-2.1.14.tar.gz) = 5a68d62ea0ea3a6c61e9f4946f462c7b907fbe6bccc9e8a721b7fe0f906f95d0
SIZE (opendnssec-2.1.14.tar.gz) = 1162472
Packages (timestamps in pop-ups are UTC):
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
-
- ldns>=1.6.16 : dns/ldns
- sqlite3>=3.3.9 : databases/sqlite3
- autoconf>=2.72 : devel/autoconf
- automake>=1.17 : devel/automake
- libtoolize : devel/libtool
- Library dependencies:
-
- libldns.so : dns/ldns
- libxml2.so : textproc/libxml2
- libsqlite3.so : databases/sqlite3
- There are no ports dependent upon this port
Configuration Options:
- ===> The following configuration options are available for opendnssec2-2.1.14:
DOCS=on: Build and/or install documentation
SOFTHSM=off: SoftHSM cryptographic store for PKCS #11 interface
====> Options available for the single DB: you have to select exactly one of them
MYSQL=off: Use MYSQL backend
SQLITE=on: Use SQLite backend
===> Use 'make config' to modify these settings
- Options name:
- dns_opendnssec2
- USES:
- autoreconf cpe libtool ssl sqlite
- pkg-message:
- For install:
- A manual migration step is needed to migration from 1.4 to 2.0.
First migrate to at least the 1.4.10 release if you have not already done
so.
Review the documentation on the OpenDNSSEC site. This can be
updated in between releases to provide more help. Especially if
you have tooling around OpenDNSSEC you should be aware that some
command line utilities have changed. A fair amount of backward
compatibility has been respected, but changes are present.
The enforcer does require a full migration, as the internal database has
been completely revised. See the documentation in
/usr/local/share/doc/opendnssec/1.4-2.0_db_convert/README.md for a description.
Migration scripts are installed in /usr/local/share/doc/opendnssec.
The signer does not require any migration. Backward compatibility is
respected from earlier 1.4 release. The signer should not require a
full resign of your zone when upgrading, however if you decide to downgrade
a full resign is required.
An HowTo is provided at
<https://wiki.opendnssec.org/display/DOCS20/Quick+start+guide>
- Master Sites:
|
Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
Commit | Credits | Log message |
2.1.14 26 Aug 2024 20:21:13 |
Vladimir Druzenko (vvd) Author: Jaap Akkerhuis |
dns/opendnssec2: Update 2.1.13 → 2.1.14
News:
https://www.opendnssec.org/2024/08/opendnssec-2-1-14/
Also:
- Repalace http with https in MASTER_SITES
- Remove GNU_CONFIGURE_MANPREFIX
- Formatting
PR: 281078 |
2.1.13_2 10 Jul 2024 13:39:42 |
Alexander Leidinger (netchild) |
dns/opendnssec2: make the rc script service jails aware
PR: 279634
Approved by: maintainer timeout (1 month) |
2.1.13_1 23 Feb 2024 15:31:50 |
Muhammad Moinur Rahman (bofh) |
dns/opendnssec2: Moved man to share/man
Approved by: portmgr (blanket) |
2.1.13 29 Dec 2023 18:24:39 |
Muhammad Moinur Rahman (bofh) |
*/*: Refactor with IGNORE_WITH_MYSQL
- There are multiple ports which has MYSQL options and are non-DEFAULT.
Most of the time committers actually forget to check with the OPTION
enabled and in some cases they are BROKEN with newr versions of mysql.
So test with different versions of mysql and mark IGNOPRE_WITH_MYSQL
appropriately. Due to the EOL of 5.7 this has not been checked.
- Unbreak sysutils/cfengine* with MySQL 8.0 and later
- The primary purpose of running this check is having statistics of the
MySQL usability over MariaDB to explore the future possibility of
shifting to MariaDB as the default as major ports upstream have moved
their codebase to support MariaDB over MySQL.
- The following actions will also be taken after the sunset of MySQL 5.7
If a port is broken on all instances of MySQL/MariaDB:
- If a port has the option of multiple DB backends and MySQL is the
default then the DEFAULT will be changed to PGSQL/SQLITE before
2024Q1. And the OPTION will be removed before 2024Q2. If a
MAINTAINER is aware about such cases and want to prefer PGSQL over
SQLITE or vice versa please do so at your own accord. Otherwise
PGSQL will be preferred over SQLITE.
- If a port has the option of multiple DB backends and MySQL is not
the default then the the OPTION will be removed before 2024Q1.
Approved by: portmgr (blanket) |
2.1.13 29 Jun 2023 06:35:07 |
Fernando Apesteguía (fernape) Author: Jaap Akkerhuis |
dns/opendnssec2: Update t0 2.1.7
ChangeLog: https://www.opendnssec.org/2023/06/opendnssec-2-1-13/
This release fixes a bug that affects both signer and enforcer command
line handling. Under heavy usage of the command line there was a small
change for a crash.
Furthermore there is a small behavioural change for users of the "keep"
policy. The back-off for retrying a sign task change is now equal to
the resign period in case the input file isn't available or updated.
This because users nearly always will emit an external sign command for
this period. This will reduce logging errors.
PR: 272254
Reported by: jaap@NLnetLabs.nl (maintainer) |
2.1.12 23 Apr 2023 17:17:06 |
Robert Clausecker (fuz) Author: Jaap Akkerhuis |
dns/opendnssec2: update to 2.1.12
Changelog: https://www.opendnssec.org/2022/11/opendnssec-2-1-12
PR: 270931 |
07 Sep 2022 21:58:51 |
Stefan Eßer (se) |
Remove WWW entries moved into port Makefiles
Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.
This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.
Approved by: portmgr (tcberner) |
2.1.10_2 07 Sep 2022 21:10:59 |
Stefan Eßer (se) |
Add WWW entries to port Makefiles
It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.
Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.
There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
(Only the first 15 lines of the commit message are shown above ) |
2.1.10_2 20 Jul 2022 14:21:47 |
Tobias C. Berner (tcberner) |
dns: remove 'Created by' lines
A big Thank You to the original contributors of these ports:
* Aaron Dalton <aaron@FreeBSD.org>
* Akinori MUSHA aka knu <knu@idaemons.org>
* Alex Samorukov <samm@freebsd.org>
* Alexey Dokuchaev <danfe@FreeBSD.org>
* Allan Jude <allanjude@freebsd.org>
* Amar Takhar <verm@drunkmonk.net>
* Anders Nordby <anders@fix.no>
* Andrew Greenwood <greenwood.andy@gmail.com>
* Anton Berezin <tobez@FreeBSD.org>
* Ashish SHUKLA <ashish@FreeBSD.org>
* Attila Nagy <bra@fsn.hu> (Only the first 15 lines of the commit message are shown above ) |
2.1.10_2 10 Apr 2022 19:11:41 |
Charlie Li (vishwin) |
textproc/libxml2: bump all LIB_DEPENDS consumers
This is a separate commit to facilitate easier cherry-picking for
quarterly.
PR: 262853, 262940, 262877, 263126
Approved by: fluffy (mentor) |
2.1.10_1 26 Mar 2022 08:27:27 |
Matthias Fechner (mfechner) |
textproc/libxml2: bump all dependencies
This should make sure that all dependent ports will pick
up the new version commited with a13ec21cd733f67a9fc0dc00ab45268bdc236246 |
2.1.10 18 Oct 2021 07:13:48 |
Yasuhiro Kimura (yasu) Author: Jaap Akkerhuis |
dns/opendnssec2: Update to 2.1.10
* Pet portclippy
* Reformat Makefile with portfmt
ReleaseNotes: https://www.opendnssec.org/2021/09/opendnssec-2-1-10/
PR: 258631
Approved by: ygy (mentor)
Differential Revision: https://reviews.freebsd.org/D32536 |
2.1.9 31 Aug 2021 11:24:17 |
Bernhard Froehlich (decke) |
dns/opendnssec2: Add CPE information
Approved by: portmgr (blanket) |
2.1.9 05 May 2021 16:35:54 |
Neel Chauhan (nc) Author: Jaap Akkerhuis |
dns/opendnssec2: Update to 2.1.9
Changes: https://www.opendnssec.org/2021/05/opendnssec-2-1-9/
PR: 255615 |
2.1.8 06 Apr 2021 14:31:13 |
Mathieu Arnold (mat) |
all: Remove all other $FreeBSD keywords. |
2.1.8 06 Apr 2021 14:31:07 |
Mathieu Arnold (mat) |
Remove # $FreeBSD$ from Makefiles. |
2.1.8 10 Mar 2021 13:35:37 |
lwhsu |
dns/opendnssec2: Add missing patch to fix the build
PR: 254075
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) |
2.1.8 05 Mar 2021 19:53:12 |
nc |
dns/opendnssec2: Update to 2.1.8
Changes: https://www.opendnssec.org/2021/02/opendnssec-2-1-8/
PR: 253795
Submitted by: Jaap Akkerhuis <jaap AT NLnetLabs DOT nl> (maintainer) |
2.1.7 02 Nov 2020 14:11:36 |
dbaio |
dns/opendnssec2: Update to 2.1.7
Patches removed were incorporated upstream.
Changelog: https://www.opendnssec.org/2020/10/opendnssec-2-1-7/
PR: 250293
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
MFH: 2020Q4 (blanket: bugfix release) |
2.1.6_1 26 Sep 2020 12:41:19 |
se |
Fix build with -fno-common
While here use INSTALL_TARGET=install-strip to install stripped binaries. |
2.1.6 11 Feb 2020 20:11:58 |
pi |
dns/opendnssec2: upgrade 2.1.4 -> 2.1.6
This release of 2.1.6 fixes some issues regarding the key list
wrongfully displayed (a regression bug in 2.1.5) as well as a small
leak in the enforcer (which can add up when you bang the enforcer
with a lot of commands. And as well as a serious signing error when
using Combined Signing Keys (CSKs), this is only relevant if you
combine KSK and ZSK in one. Especially users of CSKs need this fix
now. Another nice fix is a reconnect to a MySQL/MariaDB database
you you don't have to tweak database parameters.
PR: 244047
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Relnotes: https://www.opendnssec.org/2019/11/opendnssec-2-1-5/
https://www.opendnssec.org/2020/02/opendnssec-2-1-6/ |
2.1.4_1 04 Oct 2019 18:33:00 |
rene |
dns/opendnsssec*: switch to openhsm2 to the HSM option. |
2.1.4_1 02 Sep 2019 21:23:28 |
swills |
Bump PORTREVISION on ldns consumers
Shared lib version changed in update
Reported by: sunpoet |
2.1.4 13 Aug 2019 16:01:59 |
mat |
Convert to UCL & cleanup pkg-message (categories d) |
2.1.4 05 Jun 2019 08:49:53 |
joneum |
Update to 2.1.4
PR: 237988
Sponsored by: Netzkommune GmbH |
2.1.3 14 Aug 2017 14:46:31 |
matthew |
Update to 2.1.3:
As of today version 2.1.3 of OpenDNSSEC has been released. No special
migration steps are required when upgrading from a previous 2.x.x
release. It includes fixes to the build system, some regressions w.r.t.
OpenDNSSEC 1.4 and a signing bug. Please note that version 2.1.2 was
skipped for release.
Build fixes:
* OPENDNSSEC-904: autoconfigure fails to properly identify functions in
ssl library on some distributions. This caused the "tsig unknown
algorithm hmac-sha256" error.
* OPENDNSSEC-894: repair configuration script to allow excluding the
build of the enforcer. (Only the first 15 lines of the commit message are shown above ) |
2.1.1_1 08 Aug 2017 18:02:54 |
ultima |
* Bump Revision
* Fix typo in the Port's Makefile, causes a failure in a conversion script
* Added license file
* Cleanup Makefile
PR: 221144
Submitted by: <jaap@NLnetLabs.nl> (maintainer)
Reviewed by: matthew (mentor)
Approved by: matthew (mentor)
MFH: 2017Q3
Differential Revision: https://reviews.freebsd.org/D11898 |
2.1.1 28 May 2017 23:17:00 |
sunpoet |
Fix OPTIONS_DEFAULT: remove DOCS which is added by framework
Approved by: portmgr (blanket) |
2.1.1 02 May 2017 19:33:34 |
pi |
dns/opendnssec2: update 2.1.0 -> 2.1.1
- OPENDNSSEC-889: MySQL migration script didnt work for all database
and MySQL versions.
- OPENDNSSEC-887: Segfault on extraneous tag.
- OPENDNSSEC-880: Command line parsing for import key command failed.
- OPENDNSSEC-890: Bogus signatures upon wrong zone input when TTLs
for same rrset are mismatching.
PR: 218995
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer) |
2.1.0 08 Mar 2017 11:04:53 |
robak |
dns/opendnssec2: update 2.0.3 -> 2.1.0
- Fix DB scripts from docs
PR: 217563
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
MFH: 2017Q1 |
2.0.3_1 03 Mar 2017 04:12:21 |
miwi |
- Chase ldns shlip bump
PR: 217495 |
2.0.3 25 Oct 2016 08:23:25 |
robak |
dns/opendnssec2: update 2.0.1 -> 2.0.3
PR: 213610
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
MFH: 2016Q4 |
2.0.1 12 Sep 2016 02:41:09 |
marino |
dns/opendnssecs: Add SSL flags and honor them, configure SSL base too
Approved by: SSL blanket |
2.0.1 29 Jul 2016 07:45:18 |
erwin |
- Update to 2.0.1
- Switch to options helpers
This release is primarily focused on ironing out the issues on the migration
path from 1.4 to 2.0. Besides that there are no functional changes.
* Fixed crash and linking issue in ods-migrate.
* Fixed case where 2.0.0 could not read backup files from 1.4.10.
* Fixed bug in migration script where key state in the database wasn't
transformed properly.
PR: 211403
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Sponsored by: DK Hostmaster A/S |
2.0.0 13 Jul 2016 13:29:18 |
erwin |
The current opendnssec porthas seen a massive rewrite by the upstream
so it was rechristened opendnssec Version 2.
To quote the announcement at <https://www.opendnssec.org>:
"OpenDNSSEC got a entire re-write of the enforcer. This part of
OpenDNSSEC controls changing signing keys in the right way to perform
a roll-over. Before, the enforcer would perform a roll-over according
to a strict paradigm. One scenario in which deviations would not be
possible.
The new enforcer is more aware of the zone changes being propagated in
the Internet. It can therefore decide when it is safe to make changes,
rather than to rely upon a given scenario.
PR: 211018
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl>
Sponsored by: DK Hostmaster A/S |