non port: dns/unbound/files/patch-contrib-aaaa-filter-iterator.patch |
Number of commits found: 3 |
Tuesday, 15 Mar 2016
|
06:19 ohauer
- Update unbound to version 1.5.8
- add OPTION for DNSTAP logging support
- rename OPTION s/MUNIN/MUNIN_PLUGIN/ so it is consistent with nsd
- use OPTIONS_SUB
- use ${opt}_target
- use @sample macro for unbound.conf
- sort pkg-plist
Features
- ip-transparent option for FreeBSD with IP_BINDANY socket option.
- insecure-lan-zones: yesno config option, patch from Dag-Erling Smorgrav.
- RR Type CSYNC support RFC 7477, in debug printout and config input.
- RR Type OPENPGPKEY support (draft-ietf-dane-openpgpkey-07).
- [bugzilla: 731 ] tcp-mss, outgoing-tcp-mss options for unbound.conf, patch
from Daisuke Higashi.
- Support RFC7686: handle ".onion" Special-Use Domain. It is blocked by
default, andcan be unblocked with "nodefault" localzone config.
- ub_ctx_set_stub() function for libunbound to config stub zones.
The release fixes line endings in the unbound-control-setup script, and
a potential gost-hash validation failure and handles the ".onion" domain
to avoid privacy leakage.
PR: 207948
Submitted by: jaap@NLnetLabs.nl (maintainer)
|
Thursday, 4 Feb 2016
|
15:58 erwin
- Update unbound to 1.5.7
- Bump PORTREVISIOn on dependent ports
Some Upgrade Notes:
This release fixes a validation failure for nodata with wildcards and
emptynonterminals. Fixes OpenSSL Library compability. Fixes correct
response for malformed EDNS queries. For crypto in libunbound there is
libnettle support.
Qname minimisation is implemented. Use qname-minimisation: yes to
enable it. This version sends the full query name when an error is
found for intermediate names. It should therefore not fail for names
on nonconformant servers. It combines well with
harden-below-nxdomain: yes because those nxdomains are probed by the
qname minimisation, and that will both stop privacy sensitive traffic
and reduce nonsense traffic to authority servers. So consider
enabling both. In this implementation IPv6 reverse lookups add
several labels per increment, because otherwise those lookups would be
very slow. [ Reference
https://tools.ietf.org/html/draft-ietf-dnsop-qname-minimisation-08 ]
More details at <http://unbound.net>
PR: 206347
Submitted by: Jaap Akkerhuis <jaap@NLnetLabs.nl>
Approved by: maintainer timeout
Sponsored by: DK Hostmaster A/S
|
Wednesday, 19 Aug 2015
|
15:49 sem
- Fix LibreSSL issue (from upstream)
- Add autoreconf to USES
- Satisfy portlint -AC
- Add regress-test target
- Back FILTER_AAAA option
PR: 202407
Submitted by: brnrd
|
Number of commits found: 3 |