Index: head/dns/bind911/Makefile =================================================================== --- head/dns/bind911/Makefile (revision 545577) +++ head/dns/bind911/Makefile (revision 545578) @@ -1,258 +1,257 @@ # $FreeBSD$ # pkg-help formatted with fmt 59 63 PORTNAME= bind PORTVERSION= ${ISCVERSION:S/-P/P/:S/b/.b/:S/a/.a/:S/rc/.rc/} -PORTREVISION= 1 +PORTREVISION= 0 CATEGORIES= dns net MASTER_SITES= ISC/bind9/${ISCVERSION} PKGNAMESUFFIX= 911 DISTNAME= ${PORTNAME}-${ISCVERSION} MAINTAINER= mat@FreeBSD.org COMMENT= BIND DNS suite with updated DNSSEC and DNS64 LICENSE= MPL20 LICENSE_FILE= ${WRKSRC}/COPYRIGHT DEPRECATED= End of life, please migrate to a newer version of BIND9 EXPIRATION_DATE= 2021-12-31 LIB_DEPENDS= libxml2.so:textproc/libxml2 RUN_DEPENDS= bind-tools>0:dns/bind-tools USES= cpe libedit pkgconfig # ISC releases things like 9.8.0-P1, which our versioning doesn't like -ISCVERSION= 9.11.21 +ISCVERSION= 9.11.22 CPE_VENDOR= isc CPE_VERSION= ${ISCVERSION:C/-.*//} .if ${ISCVERSION:M*-*} CPE_UPDATE= ${ISCVERSION:C/.*-//:tl} .endif GNU_CONFIGURE= yes CONFIGURE_ARGS= --localstatedir=/var --disable-linux-caps \ --with-randomdev=/dev/random \ --with-libxml2=${LOCALBASE} \ --with-readline="-L${LOCALBASE}/lib -ledit" \ --with-dlopen=yes \ --with-gost=no \ --without-python \ --sysconfdir=${ETCDIR} ETCDIR= ${PREFIX}/etc/namedb CONFLICTS= bind912 bind913 bind914 bind916 bind9-devel SUB_FILES= pkg-message named.conf USE_RC_SUBR= named MAKE_JOBS_UNSAFE= yes PORTDOCS= * OPTIONS_DEFAULT= SSL THREADS SIGCHASE IDN GSSAPI_NONE JSON \ DLZ_FILESYSTEM LMDB RPZ_NSDNAME RPZ_NSIP TCP_FASTOPEN \ FILTER_AAAA OPTIONS_DEFINE= IDN LARGE_FILE JSON GEOIP \ FIXED_RRSET SIGCHASE IPV6 THREADS FILTER_AAAA \ RPZ_NSIP RPZ_NSDNAME DOCS \ MINCACHE PORTREVISION QUERYTRACE LMDB DNSTAP \ START_LATE TUNING_LARGE TCP_FASTOPEN OPTIONS_RADIO= CRYPTO OPTIONS_RADIO_CRYPTO= SSL NATIVE_PKCS11 OPTIONS_GROUP= DLZ OPTIONS_GROUP_DLZ= DLZ_POSTGRESQL DLZ_MYSQL DLZ_BDB \ DLZ_LDAP DLZ_FILESYSTEM DLZ_STUB OPTIONS_SINGLE= GSSAPI OPTIONS_SINGLE_GSSAPI= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_NONE OPTIONS_SUB= yes CRYPTO_DESC= Choose which crypto engine to use DLZ_BDB_DESC= DLZ BDB driver DLZ_DESC= Dynamically Loadable Zones DLZ_FILESYSTEM_DESC= DLZ filesystem driver DLZ_LDAP_DESC= DLZ LDAP driver DLZ_MYSQL_DESC= DLZ MySQL driver (no threading) DLZ_POSTGRESQL_DESC= DLZ Postgres driver DLZ_STUB_DESC= DLZ stub driver DNSTAP_DESC= Provides fast passive logging of DNS messages FILTER_AAAA_DESC= Enable filtering of AAAA records FIXED_RRSET_DESC= Enable fixed rrset ordering GSSAPI_BASE_DESC= Using Heimdal in base GSSAPI_HEIMDAL_DESC= Using security/heimdal GSSAPI_MIT_DESC= Using security/krb5 GSSAPI_NONE_DESC= Disable LARGE_FILE_DESC= 64-bit file support LMDB_DESC= Use LMDB for zone management MINCACHE_DESC= Use the mincachettl patch NATIVE_PKCS11_DESC= Use PKCS\#11 native API (**READ HELP**) PORTREVISION_DESC= Show PORTREVISION in the version string QUERYTRACE_DESC= Enable the very verbose query tracelogging RPZ_NSDNAME_DESC= Enable RPZ NSDNAME policy records RPZ_NSIP_DESC= Enable RPZ NSIP trigger rules SIGCHASE_DESC= dig/host/nslookup will do DNSSEC validation SSL_DESC= Build with OpenSSL (Required for DNSSEC) START_LATE_DESC= Start BIND late in the boot process (see help) TCP_FASTOPEN_DESC= RFC 7413 support TUNING_LARGE_DESC= Tune named for large systems (**READ HELP**) DLZ_BDB_CONFIGURE_ON= --with-dlz-bdb=yes DLZ_BDB_USES= bdb DLZ_FILESYSTEM_CONFIGURE_ON= --with-dlz-filesystem=yes DLZ_LDAP_CONFIGURE_ON= --with-dlz-ldap=yes DLZ_LDAP_USE= openldap=yes DLZ_MYSQL_CONFIGURE_ON= --with-dlz-mysql=yes DLZ_MYSQL_PREVENTS= THREADS DLZ_MYSQL_USES= mysql DLZ_POSTGRESQL_CONFIGURE_ON= --with-dlz-postgres=yes DLZ_POSTGRESQL_USES= pgsql DLZ_STUB_CONFIGURE_ON= --with-dlz-stub=yes DNSTAP_CONFIGURE_ENABLE= dnstap DNSTAP_IMPLIES= THREADS DNSTAP_LIB_DEPENDS= libfstrm.so:devel/fstrm \ libprotobuf-c.so:devel/protobuf-c FILTER_AAAA_CONFIGURE_ENABLE= filter-aaaa FIXED_RRSET_CONFIGURE_ENABLE= fixed-rrset GEOIP_CONFIGURE_WITH= geoip2 GEOIP_LIB_DEPENDS= libmaxminddb.so:net/libmaxminddb GEOIP_IMPLIES= THREADS GSSAPI_BASE_CONFIGURE_ON=\ --with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}" GSSAPI_BASE_USES= gssapi GSSAPI_HEIMDAL_CONFIGURE_ON=\ --with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}" GSSAPI_HEIMDAL_USES= gssapi:heimdal GSSAPI_MIT_CONFIGURE_ON=\ --with-gssapi=${GSSAPIBASEDIR} KRB5CONFIG="${KRB5CONFIG}" GSSAPI_MIT_USES= gssapi:mit GSSAPI_NONE_CONFIGURE_ON= --without-gssapi IDN_CONFIGURE_OFF= --without-libidn2 IDN_CONFIGURE_ON= --with-libidn2=${LOCALBASE} ${ICONV_CONFIGURE_BASE} IDN_LIB_DEPENDS= libidn2.so:dns/libidn2 IDN_USES= iconv IPV6_CONFIGURE_ENABLE= ipv6 JSON_CONFIGURE_WITH= libjson=${LOCALBASE} JSON_LIB_DEPENDS= libjson-c.so:devel/json-c LARGE_FILE_CONFIGURE_ENABLE= largefile LMDB_CONFIGURE_WITH= lmdb=${LOCALBASE} LMDB_LIB_DEPENDS= liblmdb.so:databases/lmdb -LMDB_EXTRA_PATCHES= ${FILESDIR}/extrapatch-bind-lmdb-lock MINCACHE_EXTRA_PATCHES= ${FILESDIR}/extrapatch-bind-min-override-ttl NATIVE_PKCS11_CONFIGURE_ENABLE= native-pkcs11 NATIVE_PKCS11_IMPLIES= THREADS QUERYTRACE_CONFIGURE_ENABLE= querytrace RPZ_NSDNAME_CONFIGURE_ENABLE= rpz-nsdname RPZ_NSIP_CONFIGURE_ENABLE= rpz-nsip SIGCHASE_CONFIGURE_ON= STD_CDEFINES="-DDIG_SIGCHASE=1" SSL_CONFIGURE_OFF= --disable-openssl-version-check --without-openssl SSL_CONFIGURE_ON= --with-openssl=${OPENSSLBASE} SSL_USES= ssl START_LATE_SUB_LIST= NAMED_REQUIRE="SERVERS cleanvar" \ NAMED_BEFORE="LOGIN" START_LATE_SUB_LIST_OFF=NAMED_REQUIRE="NETWORKING ldconfig syslogd" \ NAMED_BEFORE="SERVERS" THREADS_CONFIGURE_ENABLE= threads TUNING_LARGE_IMPLIES= THREADS TUNING_LARGE_CONFIGURE_ON= --with-tuning=large TUNING_LARGE_CONFIGURE_OFF= --with-tuning=default .include .if defined(WITH_DEBUG) CONFIGURE_ARGS+= --enable-symtable \ --enable-developer USES+= perl5 USE_PERL5= build BUILD_DEPENDS+= cmocka>0:sysutils/cmocka # Developer mode needs ssl, always .if !${PORT_OPTIONS:MSSL} CONFIGURE_ARGS+= --with-openssl=${OPENSSLBASE} USES+= ssl .endif .else CONFIGURE_ARGS+= --disable-symtable .endif .include .if ${SSL_DEFAULT} == base SUB_LIST+= ENGINES=/usr/lib/engines .else SUB_LIST+= ENGINES=${LOCALBASE}/lib/engines .endif post-patch: .for FILE in check/named-checkconf.8 named/named.8 nsupdate/nsupdate.1 \ rndc/rndc.8 @${REINPLACE_CMD} -e 's#/etc/named.conf#${ETCDIR}/named.conf#g' \ -e 's#/etc/rndc.conf#${ETCDIR}/rndc.conf#g' \ -e "s#/var\/run\/named\/named.pid#/var/run/named/pid#" \ ${WRKSRC}/bin/${FILE} .endfor .if ${PORTREVISION:N0} post-patch-PORTREVISION-on: @${REINPLACE_CMD} -e '/EXTENSIONS/s#=$$#=_${PORTREVISION}#' \ ${WRKSRC}/version .endif post-patch-TCP_FASTOPEN-off: @${REINPLACE_CMD} -e 's/#define ISC_PLATFORM_HAVETFO 1/#undef ISC_PLATFORM_HAVETFO/' ${WRKSRC}/configure post-install: ${MKDIR} ${STAGEDIR}${PREFIX}/etc/mtree ${MKDIR} ${STAGEDIR}${ETCDIR} .for i in dynamic master slave working @${MKDIR} ${STAGEDIR}${ETCDIR}/$i .endfor ${INSTALL_DATA} ${WRKDIR}/named.conf ${STAGEDIR}${ETCDIR}/named.conf.sample ${INSTALL_DATA} ${FILESDIR}/named.root ${STAGEDIR}${ETCDIR} ${INSTALL_DATA} ${FILESDIR}/empty.db ${STAGEDIR}${ETCDIR}/master ${INSTALL_DATA} ${FILESDIR}/localhost-forward.db ${STAGEDIR}${ETCDIR}/master ${INSTALL_DATA} ${FILESDIR}/localhost-reverse.db ${STAGEDIR}${ETCDIR}/master ${INSTALL_DATA} ${FILESDIR}/BIND.chroot.dist ${STAGEDIR}${PREFIX}/etc/mtree/BIND.chroot.dist.sample ${INSTALL_DATA} ${FILESDIR}/BIND.chroot.local.dist ${STAGEDIR}${PREFIX}/etc/mtree/BIND.chroot.local.dist.sample ${INSTALL_DATA} ${WRKSRC}/bin/rndc/rndc.conf \ ${STAGEDIR}${ETCDIR}/rndc.conf.sample post-install-DOCS-on: ${MKDIR} ${STAGEDIR}${DOCSDIR}/arm ${INSTALL_DATA} ${WRKSRC}/doc/arm/*.html ${STAGEDIR}${DOCSDIR}/arm ${INSTALL_DATA} ${WRKSRC}/doc/arm/Bv9ARM.pdf ${STAGEDIR}${DOCSDIR} ${INSTALL_DATA} ${WRKSRC}/CHANGES \ ${WRKSRC}/HISTORY* ${WRKSRC}/README* ${STAGEDIR}${DOCSDIR} .include Index: head/dns/bind911/distinfo =================================================================== --- head/dns/bind911/distinfo (revision 545577) +++ head/dns/bind911/distinfo (revision 545578) @@ -1,3 +1,3 @@ -TIMESTAMP = 1594913197 -SHA256 (bind-9.11.21.tar.gz) = 668158b005b3de4328fa0dbbbb3f524b66f28f024c67538aa9412a9e69c9dfbc -SIZE (bind-9.11.21.tar.gz) = 8248982 +TIMESTAMP = 1597735112 +SHA256 (bind-9.11.22.tar.gz) = afc6d8015006f1cabf699ff19f517bb8fd9c1811e5231f26baf51c3550262ac9 +SIZE (bind-9.11.22.tar.gz) = 8248081 Index: head/dns/bind911/files/extrapatch-bind-lmdb-lock =================================================================== --- head/dns/bind911/files/extrapatch-bind-lmdb-lock (revision 545577) +++ head/dns/bind911/files/extrapatch-bind-lmdb-lock (nonexistent) @@ -1,235 +0,0 @@ ---- bin/named/server.c.orig 2020-06-10 18:00:37 UTC -+++ bin/named/server.c -@@ -6797,6 +6797,8 @@ count_newzones(dns_view_t *view, ns_cfgctx_t *nzcfg, i - "for view '%s'", - view->new_zone_db, view->name); - -+ LOCK(&view->new_zone_lock); -+ - CHECK(nzd_count(view, &n)); - - *num_zonesp = n; -@@ -6811,6 +6813,8 @@ count_newzones(dns_view_t *view, ns_cfgctx_t *nzcfg, i - if (result != ISC_R_SUCCESS) - *num_zonesp = 0; - -+ UNLOCK(&view->new_zone_lock); -+ - return (ISC_R_SUCCESS); - } - -@@ -7116,6 +7120,8 @@ typedef isc_result_t (*newzone_cfg_cb_t)(const cfg_obj - * Immediately interrupt processing if an error is encountered while - * transforming NZD data into a zone configuration object or if "callback" - * returns an error. -+ * -+ * Caller must hold 'view->new_zone_lock'. - */ - static isc_result_t - for_all_newzone_cfgs(newzone_cfg_cb_t callback, cfg_obj_t *config, -@@ -7228,8 +7234,11 @@ configure_newzones(dns_view_t *view, cfg_obj_t *config - return (ISC_R_SUCCESS); - } - -+ LOCK(&view->new_zone_lock); -+ - result = nzd_open(view, MDB_RDONLY, &txn, &dbi); - if (result != ISC_R_SUCCESS) { -+ UNLOCK(&view->new_zone_lock); - return (ISC_R_SUCCESS); - } - -@@ -7256,6 +7265,9 @@ configure_newzones(dns_view_t *view, cfg_obj_t *config - } - - (void) nzd_close(&txn, false); -+ -+ UNLOCK(&view->new_zone_lock); -+ - return (result); - } - -@@ -7277,6 +7289,8 @@ get_newzone_config(dns_view_t *view, const char *zonen - - INSIST(zoneconfig != NULL && *zoneconfig == NULL); - -+ LOCK(&view->new_zone_lock); -+ - CHECK(nzd_open(view, MDB_RDONLY, &txn, &dbi)); - - isc_log_write(ns_g_lctx, -@@ -7310,6 +7324,8 @@ get_newzone_config(dns_view_t *view, const char *zonen - cleanup: - (void) nzd_close(&txn, false); - -+ UNLOCK(&view->new_zone_lock); -+ - if (zoneconf != NULL) { - cfg_obj_destroy(ns_g_addparser, &zoneconf); - } -@@ -11638,8 +11654,6 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone - - nzd_setkey(&key, dns_zone_getorigin(zone), namebuf, sizeof(namebuf)); - -- LOCK(&view->new_zone_lock); -- - if (zconfig == NULL) { - /* We're deleting the zone from the database */ - status = mdb_del(*txnp, dbi, &key, NULL); -@@ -11739,8 +11753,6 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone - } - *txnp = NULL; - -- UNLOCK(&view->new_zone_lock); -- - if (text != NULL) { - isc_buffer_free(&text); - } -@@ -11748,6 +11760,11 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone - return (result); - } - -+/* -+ * Check whether the new zone database for 'view' can be opened for writing. -+ * -+ * Caller must hold 'view->new_zone_lock'. -+ */ - static isc_result_t - nzd_writable(dns_view_t *view) { - isc_result_t result = ISC_R_SUCCESS; -@@ -11779,6 +11796,11 @@ nzd_writable(dns_view_t *view) { - return (result); - } - -+/* -+ * Open the new zone database for 'view' and start a transaction for it. -+ * -+ * Caller must hold 'view->new_zone_lock'. -+ */ - static isc_result_t - nzd_open(dns_view_t *view, unsigned int flags, MDB_txn **txnp, MDB_dbi *dbi) { - int status; -@@ -11909,6 +11931,13 @@ nzd_env_reopen(dns_view_t *view) { - return (result); - } - -+/* -+ * If 'commit' is true, commit the new zone database transaction pointed to by -+ * 'txnp'; otherwise, abort that transaction. -+ * -+ * Caller must hold 'view->new_zone_lock' for the view that the transaction -+ * pointed to by 'txnp' was started for. -+ */ - static isc_result_t - nzd_close(MDB_txn **txnp, bool commit) { - isc_result_t result = ISC_R_SUCCESS; -@@ -11931,6 +11960,12 @@ nzd_close(MDB_txn **txnp, bool commit) { - return (result); - } - -+/* -+ * Count the zones configured in the new zone database for 'view' and store the -+ * result in 'countp'. -+ * -+ * Caller must hold 'view->new_zone_lock'. -+ */ - static isc_result_t - nzd_count(dns_view_t *view, int *countp) { - isc_result_t result; -@@ -11979,6 +12014,8 @@ migrate_nzf(dns_view_t *view) { - MDB_val key, data; - ns_dzarg_t dzarg; - -+ LOCK(&view->new_zone_lock); -+ - /* - * If NZF file doesn't exist, or NZD DB exists and already - * has data, return without attempting migration. -@@ -12122,6 +12159,8 @@ migrate_nzf(dns_view_t *view) { - result = nzd_close(&txn, commit); - } - -+ UNLOCK(&view->new_zone_lock); -+ - if (text != NULL) { - isc_buffer_free(&text); - } -@@ -12325,6 +12364,7 @@ do_addzone(ns_server_t *server, ns_cfgctx_t *cfg, dns_ - MDB_dbi dbi; - - UNUSED(zoneconf); -+ LOCK(&view->new_zone_lock); - #endif /* HAVE_LMDB */ - - /* Zone shouldn't already exist */ -@@ -12465,6 +12505,7 @@ do_addzone(ns_server_t *server, ns_cfgctx_t *cfg, dns_ - #else /* HAVE_LMDB */ - if (txn != NULL) - (void) nzd_close(&txn, false); -+ UNLOCK(&view->new_zone_lock); - #endif /* HAVE_LMDB */ - - if (zone != NULL) -@@ -12488,6 +12529,7 @@ do_modzone(ns_server_t *server, ns_cfgctx_t *cfg, dns_ - #else /* HAVE_LMDB */ - MDB_txn *txn = NULL; - MDB_dbi dbi; -+ LOCK(&view->new_zone_lock); - #endif /* HAVE_LMDB */ - - /* Zone must already exist */ -@@ -12667,6 +12709,7 @@ do_modzone(ns_server_t *server, ns_cfgctx_t *cfg, dns_ - #else /* HAVE_LMDB */ - if (txn != NULL) - (void) nzd_close(&txn, false); -+ UNLOCK(&view->new_zone_lock); - #endif /* HAVE_LMDB */ - - if (zone != NULL) -@@ -12816,6 +12859,7 @@ rmzone(isc_task_t *task, isc_event_t *event) { - if (added && cfg != NULL) { - #ifdef HAVE_LMDB - /* Make sure we can open the NZD database */ -+ LOCK(&view->new_zone_lock); - result = nzd_open(view, 0, &txn, &dbi); - if (result != ISC_R_SUCCESS) { - isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, -@@ -12834,6 +12878,11 @@ rmzone(isc_task_t *task, isc_event_t *event) { - "delete zone configuration: %s", - isc_result_totext(result)); - } -+ -+ if (txn != NULL) { -+ (void)nzd_close(&txn, false); -+ } -+ UNLOCK(&view->new_zone_lock); - #else - result = delete_zoneconf(view, cfg->add_parser, - cfg->nzf_config, -@@ -12926,10 +12975,6 @@ rmzone(isc_task_t *task, isc_event_t *event) { - } - } - --#ifdef HAVE_LMDB -- if (txn != NULL) -- (void) nzd_close(&txn, false); --#endif - if (raw != NULL) - dns_zone_detach(&raw); - dns_zone_detach(&zone); ---- lib/dns/include/dns/view.h.orig 2020-06-10 18:00:37 UTC -+++ lib/dns/include/dns/view.h -@@ -240,12 +240,7 @@ struct dns_view { - - #ifdef HAVE_LMDB - #include --/* -- * MDB_NOTLS is used to prevent problems after configuration is reloaded, due -- * to the way LMDB's use of thread-local storage (TLS) interacts with the BIND9 -- * thread model. -- */ --#define DNS_LMDB_COMMON_FLAGS (MDB_CREATE | MDB_NOSUBDIR | MDB_NOTLS) -+#define DNS_LMDB_COMMON_FLAGS (MDB_CREATE | MDB_NOSUBDIR | MDB_NOLOCK) - #ifndef __OpenBSD__ - #define DNS_LMDB_FLAGS (DNS_LMDB_COMMON_FLAGS) - #else /* __OpenBSD__ */ Property changes on: head/dns/bind911/files/extrapatch-bind-lmdb-lock ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property