diff --git a/dns/unbound/Makefile b/dns/unbound/Makefile index b3ba87493a1e..50a5e6a2f774 100644 --- a/dns/unbound/Makefile +++ b/dns/unbound/Makefile @@ -1,122 +1,125 @@ PORTNAME= unbound -DISTVERSION= 1.18.0 -PORTREVISION= 1 +DISTVERSION= 1.19.0 CATEGORIES= dns MASTER_SITES= https://www.nlnetlabs.nl/downloads/unbound/ MAINTAINER= jaap@NLnetLabs.nl COMMENT= Validating, recursive, and caching DNS resolver WWW= https://www.nlnetlabs.nl/projects/unbound LICENSE= BSD3CLAUSE LICENSE_FILE= ${WRKSRC}/LICENSE LIB_DEPENDS= libexpat.so:textproc/expat2 USES= autoreconf cpe libtool pkgconfig ssl CPE_VENDOR= nlnetlabs USE_LDCONFIG= yes USE_RC_SUBR= unbound GNU_CONFIGURE= yes CONFIGURE_ARGS= --with-libexpat=${LOCALBASE} \ --with-ssl=${OPENSSLBASE} TEST_TARGET= test USERS= ${PORTNAME} GROUPS= ${PORTNAME} PORTDOCS= CNAME-basedRedirectionDesignNotes.pdf CREDITS Changelog \ FEATURES IP-BasedActions.pdf LICENSE README README.DNS64 \ README.ipset.md README.svn README.tests TODO \ control_proto_spec.txt example.conf ietf67-design-02.odp \ ietf67-design-02.pdf requirements.txt -OPTIONS_DEFINE= DEP-RSA1024 DNSCRYPT DNSTAP DOCS DOH ECDSA EVAPI \ - DYNLIB FILTER_AAAA GOST HIREDIS LIBEVENT MUNIN_PLUGIN \ - PYTHON SUBNET TFOCL TFOSE THREADS +OPTIONS_DEFINE= DEP-RSA1024 DNSCRYPT DNSTAP DOCS DOH DYNLIB ECDSA EVAPI \ + FILTER_AAAA GOST HIREDIS LIBEVENT MUNIN_PLUGIN PYTHON \ + SUBNET TFOCL TFOSE THREADS OPTIONS_DEFAULT= DNSCRYPT DOH DYNLIB ECDSA GOST LIBEVENT THREADS OPTIONS_SUB= yes DEP-RSA1024_DESC= Deprecate the use of RSA 1024 keys DNSCRYPT_DESC= Enable dnscrypt support DNSTAP_DESC= Enable dnstap logging support DOH_DESC= Enable DNS-over-HTTPS support DYNLIB_DESC= Enable support for dynamic (shared) 3rd-party libraries ECDSA_DESC= Enable ECDSA (elliptic curve) support (OpenSSL >= 1.0) EVAPI_DESC= (Experimental) pluggable event based libunbound API support FILTER_AAAA_DESC= Build with AAAA filter functionality (contrib) GOST_DESC= Enable GOST support (requires OpenSSL >= 1.0) HIREDIS_DESC= Enable hiredis support for the cachedb module LIBEVENT_DESC= Build against libevent MUNIN_PLUGIN_DESC= Install Munin plugin SUBNET_DESC= Enable client subnet support TFOCL_DESC= Enable TCP Fast Open for client mode TFOSE_DESC= Enable TCP Fast Open for server mode STRIP_FILES= .libs/libunbound.so unbound-checkconf unbound unbound-control \ .libs/unbound-host .libs/unbound-anchor DEP-RSA1024_CONFIGURE_ON= --with-deprecate-rsa-1024 DNSCRYPT_LIB_DEPENDS= libsodium.so:security/libsodium DNSCRYPT_CONFIGURE_ENABLE= dnscrypt DNSTAP_LIB_DEPENDS= libfstrm.so:devel/fstrm \ libprotobuf-c.so:devel/protobuf-c DNSTAP_CONFIGURE_ENABLE= dnstap DOH_LIB_DEPENDS= libnghttp2.so:www/libnghttp2 DOH_CONFIGURE_ON= --with-libnghttp2 DYNLIB_CONFIGURE_ON= --with-dynlibmodule ECDSA_CONFIGURE_ENABLE= ecdsa ECDSA_VARS= DEPENDS_ARGS+=WITH_ECDSA=yes EVAPI_CONFIGURE_ENABLE= event-api GOST_CONFIGURE_ENABLE= gost GOST_VARS= DEPENDS_ARGS+=WITH_GOST=yes HIREDIS_LIB_DEPENDS= libhiredis.so:databases/hiredis HIREDIS_CONFIGURE_ON= --enable-cachedb \ --with-libhiredis LIBEVENT_LIB_DEPENDS= libevent.so:devel/libevent LIBEVENT_CONFIGURE_WITH= libevent LIBEVENT_CPPFLAGS+= $$(pkg-config libevent --cflags-only-I) LIBEVENT_LDFLAGS+= $$(pkg-config libevent --libs-only-L) MUNIN_PLUGIN_SUB_FILES= pkg-message PYTHON_BUILD_DEPENDS= swig:devel/swig PYTHON_USES= python PYTHON_CONFIGURE_ON= --with-pythonmodule=yes \ --with-pyunbound=yes \ ac_cv_path_SWIG=${LOCALBASE}/bin/swig \ LDFLAGS="-L${LOCALBASE}/lib" PYTHON_VARS= STRIP_FILES+=.libs/_unbound.so SUBNET_CONFIGURE_ENABLE= subnet TFOCL_CONFIGURE_ENABLE= tfo-client TFOSE_CONFIGURE_ENABLE= tfo-server THREADS_CONFIGURE_WITH= pthreads post-patch: @${RM} ${WRKSRC}/util/configlexer.c @${REINPLACE_CMD} -e 's|if test ! -e "$$(DESTDIR)$$(configfile)"; then || ; \ s|$$(configfile)"; fi|$$(configfile).sample"|' \ ${WRKSRC}/Makefile.in post-patch-FILTER_AAAA-on: - ${CAT} ${WRKSRC}/contrib/aaaa-filter-iterator.patch | ${PATCH} -d ${WRKSRC} -p1 -s + @${CAT} ${WRKSRC}/contrib/aaaa-filter-iterator.patch | \ + ${PATCH} -d ${WRKSRC} -p1 -s post-build: - @for s in ${STRIP_FILES}; do ${STRIP_CMD} ${WRKSRC}/$$s; done + @for s in ${STRIP_FILES}; \ + do ${STRIP_CMD} ${WRKSRC}/$$s; \ + done post-install-DOCS-on: ${MKDIR} ${STAGEDIR}${DOCSDIR} - ${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/doc/|} ${STAGEDIR}${DOCSDIR} + ${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/doc/|} \ + ${STAGEDIR}${DOCSDIR} post-install-MUNIN_PLUGIN-on: @${MKDIR} ${STAGEDIR}${PREFIX}/share/munin/plugins ${INSTALL_SCRIPT} ${WRKDIR}/unbound-${DISTVERSION}/contrib/unbound_munin_ \ ${STAGEDIR}${PREFIX}/share/munin/plugins/ @${ECHO_MSG} @${ECHO_MSG} "=============================================================" @${CAT} ${WRKDIR}/pkg-message @${ECHO_MSG} "=============================================================" post-install-PYTHON-on: @${STRIP_CMD} ${STAGEDIR}${PYTHON_SITELIBDIR}/_unbound.so .include diff --git a/dns/unbound/distinfo b/dns/unbound/distinfo index de731ec0bc80..b9cc6d4b286d 100644 --- a/dns/unbound/distinfo +++ b/dns/unbound/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1693414086 -SHA256 (unbound-1.18.0.tar.gz) = 3da95490a85cff6420f26fae0b84a49f5112df1bf1b7fc34f8724f02082cb712 -SIZE (unbound-1.18.0.tar.gz) = 6315297 +TIMESTAMP = 1699440575 +SHA256 (unbound-1.19.0.tar.gz) = a97532468854c61c2de48ca4170de854fd3bc95c8043bb0cfb0fe26605966624 +SIZE (unbound-1.19.0.tar.gz) = 6336113 diff --git a/dns/unbound/files/patch-netevent.c b/dns/unbound/files/patch-netevent.c deleted file mode 100644 index e94ab49defa1..000000000000 --- a/dns/unbound/files/patch-netevent.c +++ /dev/null @@ -1,159 +0,0 @@ ---- util/netevent.c.orig 2023-08-30 01:01:13.000000000 -0700 -+++ util/netevent.c 2023-10-12 19:00:53.157995000 -0700 -@@ -116,6 +116,8 @@ - - /** timeout in millisec to wait for write to unblock, packets dropped after.*/ - #define SEND_BLOCKED_WAIT_TIMEOUT 200 -+/** max number of times to wait for write to unblock, packets dropped after.*/ -+#define SEND_BLOCKED_MAX_RETRY 5 - - /** Let's make timestamping code cleaner and redefine SO_TIMESTAMP* */ - #ifndef SO_TIMESTAMP -@@ -402,9 +404,10 @@ - WSAGetLastError() == WSAENOBUFS || - WSAGetLastError() == WSAEWOULDBLOCK) { - #endif -+ int retries = 0; - /* if we set the fd blocking, other threads suddenly - * have a blocking fd that they operate on */ -- while(sent == -1 && ( -+ while(sent == -1 && retries < SEND_BLOCKED_MAX_RETRY && ( - #ifndef USE_WINSOCK - errno == EAGAIN || errno == EINTR || - # ifdef EWOULDBLOCK -@@ -419,6 +422,13 @@ - #endif - )) { - #if defined(HAVE_POLL) || defined(USE_WINSOCK) -+ int send_nobufs = ( -+#ifndef USE_WINSOCK -+ errno == ENOBUFS -+#else -+ WSAGetLastError() == WSAENOBUFS -+#endif -+ ); - struct pollfd p; - int pret; - memset(&p, 0, sizeof(p)); -@@ -457,8 +467,48 @@ - log_err("poll udp out failed: %s", - sock_strerror(errno)); - return 0; -+ } else if((pret < 0 && -+#ifndef USE_WINSOCK -+ errno == ENOBUFS -+#else -+ WSAGetLastError() == WSAENOBUFS -+#endif -+ ) || (send_nobufs && retries > 0)) { -+ /* ENOBUFS, and poll returned without -+ * a timeout. Or the retried send call -+ * returned ENOBUFS. It is good to -+ * wait a bit for the error to clear. */ -+ /* The timeout is 20*(2^(retries+1)), -+ * it increases exponentially, starting -+ * at 40 msec. After 5 tries, 1240 msec -+ * have passed in total, when poll -+ * returned the error, and 1200 msec -+ * when send returned the errors. */ -+#ifndef USE_WINSOCK -+ pret = poll(NULL, 0, (SEND_BLOCKED_WAIT_TIMEOUT/10)<<(retries+1)); -+#else -+ pret = WSAPoll(NULL, 0, (SEND_BLOCKED_WAIT_TIMEOUT/10)<<(retries+1)); -+#endif -+ if(pret < 0 && -+#ifndef USE_WINSOCK -+ errno != EAGAIN && errno != EINTR && -+# ifdef EWOULDBLOCK -+ errno != EWOULDBLOCK && -+# endif -+ errno != ENOBUFS -+#else -+ WSAGetLastError() != WSAEINPROGRESS && -+ WSAGetLastError() != WSAEINTR && -+ WSAGetLastError() != WSAENOBUFS && -+ WSAGetLastError() != WSAEWOULDBLOCK -+#endif -+ ) { -+ log_err("poll udp out timer failed: %s", -+ sock_strerror(errno)); -+ } - } - #endif /* defined(HAVE_POLL) || defined(USE_WINSOCK) */ -+ retries++; - if (!is_connected) { - sent = sendto(c->fd, (void*)sldns_buffer_begin(packet), - sldns_buffer_remaining(packet), 0, -@@ -665,7 +715,8 @@ - WSAGetLastError() == WSAENOBUFS || - WSAGetLastError() == WSAEWOULDBLOCK) { - #endif -- while(sent == -1 && ( -+ int retries = 0; -+ while(sent == -1 && retries < SEND_BLOCKED_MAX_RETRY && ( - #ifndef USE_WINSOCK - errno == EAGAIN || errno == EINTR || - # ifdef EWOULDBLOCK -@@ -680,6 +731,13 @@ - #endif - )) { - #if defined(HAVE_POLL) || defined(USE_WINSOCK) -+ int send_nobufs = ( -+#ifndef USE_WINSOCK -+ errno == ENOBUFS -+#else -+ WSAGetLastError() == WSAENOBUFS -+#endif -+ ); - struct pollfd p; - int pret; - memset(&p, 0, sizeof(p)); -@@ -718,8 +776,48 @@ - log_err("poll udp out failed: %s", - sock_strerror(errno)); - return 0; -+ } else if((pret < 0 && -+#ifndef USE_WINSOCK -+ errno == ENOBUFS -+#else -+ WSAGetLastError() == WSAENOBUFS -+#endif -+ ) || (send_nobufs && retries > 0)) { -+ /* ENOBUFS, and poll returned without -+ * a timeout. Or the retried send call -+ * returned ENOBUFS. It is good to -+ * wait a bit for the error to clear. */ -+ /* The timeout is 20*(2^(retries+1)), -+ * it increases exponentially, starting -+ * at 40 msec. After 5 tries, 1240 msec -+ * have passed in total, when poll -+ * returned the error, and 1200 msec -+ * when send returned the errors. */ -+#ifndef USE_WINSOCK -+ pret = poll(NULL, 0, (SEND_BLOCKED_WAIT_TIMEOUT/10)<<(retries+1)); -+#else -+ pret = WSAPoll(NULL, 0, (SEND_BLOCKED_WAIT_TIMEOUT/10)<<(retries+1)); -+#endif -+ if(pret < 0 && -+#ifndef USE_WINSOCK -+ errno != EAGAIN && errno != EINTR && -+# ifdef EWOULDBLOCK -+ errno != EWOULDBLOCK && -+# endif -+ errno != ENOBUFS -+#else -+ WSAGetLastError() != WSAEINPROGRESS && -+ WSAGetLastError() != WSAEINTR && -+ WSAGetLastError() != WSAENOBUFS && -+ WSAGetLastError() != WSAEWOULDBLOCK -+#endif -+ ) { -+ log_err("poll udp out timer failed: %s", -+ sock_strerror(errno)); -+ } - } - #endif /* defined(HAVE_POLL) || defined(USE_WINSOCK) */ -+ retries++; - sent = sendmsg(c->fd, &msg, 0); - } - } diff --git a/dns/unbound/pkg-plist b/dns/unbound/pkg-plist index 3a57ef128379..3b29bc02c1ca 100644 --- a/dns/unbound/pkg-plist +++ b/dns/unbound/pkg-plist @@ -1,57 +1,57 @@ @sample %%ETCDIR%%/unbound.conf.sample include/unbound.h %%EVAPI%%include/unbound-event.h libdata/pkgconfig/libunbound.pc lib/libunbound.a lib/libunbound.so lib/libunbound.so.8 -lib/libunbound.so.8.1.22 +lib/libunbound.so.8.1.23 %%PYTHON%%%%PYTHON_SITELIBDIR%%/_unbound.so %%PYTHON%%%%PYTHON_SITELIBDIR%%/unbound.py %%PYTHON%%%%PYTHON_SITELIBDIR%%/unboundmodule.py man/man1/unbound-host.1.gz man/man3/libunbound.3.gz man/man3/ub_cancel.3.gz man/man3/ub_ctx.3.gz man/man3/ub_ctx_add_ta.3.gz man/man3/ub_ctx_add_ta_file.3.gz man/man3/ub_ctx_async.3.gz man/man3/ub_ctx_config.3.gz man/man3/ub_ctx_create.3.gz man/man3/ub_ctx_data_add.3.gz man/man3/ub_ctx_data_remove.3.gz man/man3/ub_ctx_debuglevel.3.gz man/man3/ub_ctx_debugout.3.gz man/man3/ub_ctx_delete.3.gz man/man3/ub_ctx_get_option.3.gz man/man3/ub_ctx_hosts.3.gz man/man3/ub_ctx_print_local_zones.3.gz man/man3/ub_ctx_resolvconf.3.gz man/man3/ub_ctx_set_fwd.3.gz man/man3/ub_ctx_set_option.3.gz man/man3/ub_ctx_trustedkeys.3.gz man/man3/ub_ctx_zone_add.3.gz man/man3/ub_ctx_zone_remove.3.gz man/man3/ub_fd.3.gz man/man3/ub_poll.3.gz man/man3/ub_process.3.gz man/man3/ub_resolve.3.gz man/man3/ub_resolve_async.3.gz man/man3/ub_resolve_free.3.gz man/man3/ub_result.3.gz man/man3/ub_strerror.3.gz man/man3/ub_wait.3.gz man/man5/unbound.conf.5.gz man/man8/unbound-anchor.8.gz man/man8/unbound-checkconf.8.gz man/man8/unbound-control-setup.8.gz man/man8/unbound-control.8.gz man/man8/unbound.8.gz sbin/unbound sbin/unbound-anchor sbin/unbound-checkconf sbin/unbound-control sbin/unbound-control-setup sbin/unbound-host %%MUNIN_PLUGIN%%share/munin/plugins/unbound_munin_ @dir(unbound,,) %%ETCDIR%%