Index: head/dns/bind916/Makefile
===================================================================
--- head/dns/bind916/Makefile	(revision 545578)
+++ head/dns/bind916/Makefile	(revision 545579)
@@ -1,276 +1,275 @@
 # $FreeBSD$
 # pkg-help formatted with fmt 59 63
 
 PORTNAME=	bind
 PORTVERSION=	${ISCVERSION:S/-P/P/:S/b/.b/:S/a/.a/:S/rc/.rc/}
 .if defined(BIND_TOOLS_SLAVE)
 # dns/bind-tools here
 PORTREVISION=	0
 .else
 # dns/bind916 here
-PORTREVISION=	1
+PORTREVISION=	0
 .endif
 CATEGORIES=	dns net
 MASTER_SITES=	ISC/bind9/${ISCVERSION}
 .if defined(BIND_TOOLS_SLAVE)
 PKGNAMESUFFIX=	-tools
 .else
 PKGNAMESUFFIX=	916
 .endif
 DISTNAME=	${PORTNAME}-${ISCVERSION}
 
 MAINTAINER=	mat@FreeBSD.org
 .if defined(BIND_TOOLS_SLAVE)
 COMMENT=	Command line tools from BIND: delv, dig, host, nslookup...
 .else
 COMMENT=	BIND DNS suite with updated DNSSEC and DNS64
 .endif
 
 # Uncomment when bind920 comes of age.
 # DEPRECATED=	End of life, please migrate to a newer version of BIND9
 # EXPIRATION_DATE=	2023-12-31
 
 LICENSE=	MPL20
 LICENSE_FILE=	${WRKSRC}/COPYRIGHT
 
 LIB_DEPENDS=	libuv.so:devel/libuv \
 		libxml2.so:textproc/libxml2
 .if !defined(BIND_TOOLS_SLAVE)
 RUN_DEPENDS=	bind-tools>0:dns/bind-tools
 .endif
 
 USES=		compiler:c11 cpe libedit pkgconfig ssl tar:xz
 # ISC releases things like 9.8.0-P1, which our versioning doesn't like
-ISCVERSION=	9.16.5
+ISCVERSION=	9.16.6
 
 CPE_VENDOR=	isc
 CPE_VERSION=	${ISCVERSION:C/-.*//}
 .if ${ISCVERSION:M*-*}
 CPE_UPDATE=	${ISCVERSION:C/.*-//:tl}
 .endif
 
 GNU_CONFIGURE=	yes
 CONFIGURE_ARGS=	--disable-linux-caps \
 		--localstatedir=/var \
 		--sysconfdir=${ETCDIR} \
 		--with-dlopen=yes \
 		--with-libxml2 \
 		--with-openssl=${OPENSSLBASE} \
 		--with-readline="-L${LOCALBASE}/lib -ledit"
 ETCDIR=		${PREFIX}/etc/namedb
 
 .if defined(BIND_TOOLS_SLAVE)
 CONFIGURE_ARGS+=	--disable-shared
 EXTRA_PATCHES=		${PATCHDIR}/extrapatch-bind-tools
 .else
 USE_RC_SUBR=		named
 SUB_FILES=		named.conf pkg-message
 EXTRA_PATCHES=		${PATCHDIR}/extrapatch-no-bind-tools
 
 PORTDOCS=	*
 
 CONFLICTS=	bind911 bind912 bind913 bind914 bind9-devel
 .endif	# BIND_TOOLS_SLAVE
 
 MAKE_JOBS_UNSAFE=	yes
 
 OPTIONS_DEFAULT=	DLZ_FILESYSTEM GSSAPI_NONE IDN JSON LMDB PYTHON \
 			SIGCHASE TCP_FASTOPEN MANPAGES
 OPTIONS_DEFINE=		DNSTAP DOCS FIXED_RRSET GEOIP IDN JSON LARGE_FILE LMDB \
 			OVERRIDECACHE PORTREVISION PYTHON QUERYTRACE SIGCHASE \
 			START_LATE TCP_FASTOPEN TUNING_LARGE MANPAGES
 
 OPTIONS_RADIO=		CRYPTO
 OPTIONS_RADIO_CRYPTO=	NATIVE_PKCS11
 
 OPTIONS_GROUP=		DLZ
 OPTIONS_GROUP_DLZ=	DLZ_BDB DLZ_FILESYSTEM DLZ_LDAP DLZ_MYSQL \
 			DLZ_POSTGRESQL DLZ_STUB
 
 OPTIONS_SINGLE=		GSSAPI
 OPTIONS_SINGLE_GSSAPI=	GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_NONE
 
 .if defined(BIND_TOOLS_SLAVE)
 OPTIONS_EXCLUDE=	${OPTIONS_GROUP_DLZ} DNSTAP DOCS GEOIP LMDB \
 			OVERRIDECACHE PORTREVISION QUERYTRACE START_LATE \
 			TCP_FASTOPEN TUNING_LARGE
 .else
 OPTIONS_EXCLUDE=	PYTHON
 .endif	# BIND_TOOLS_SLAVE
 
 OPTIONS_SUB=	yes
 
 CRYPTO_DESC=		Choose which crypto engine to use
 DLZ_BDB_DESC=		DLZ BDB driver
 DLZ_DESC=		Dynamically Loadable Zones
 DLZ_FILESYSTEM_DESC=	DLZ filesystem driver
 DLZ_LDAP_DESC=		DLZ LDAP driver
 DLZ_MYSQL_DESC=		DLZ MySQL driver (no threading)
 DLZ_POSTGRESQL_DESC=	DLZ Postgres driver
 DLZ_STUB_DESC=		DLZ stub driver
 DNSTAP_DESC=		Provides fast passive logging of DNS messages
 FIXED_RRSET_DESC=	Enable fixed rrset ordering
 GSSAPI_BASE_DESC=	Using Heimdal in base
 GSSAPI_HEIMDAL_DESC=	Using security/heimdal
 GSSAPI_MIT_DESC=	Using security/krb5
 GSSAPI_NONE_DESC=	Disable
 LARGE_FILE_DESC=	64-bit file support
 LMDB_DESC=		Use LMDB for zone management
 OVERRIDECACHE_DESC=	Use the override-cache patch
 NATIVE_PKCS11_DESC=	Use PKCS\#11 native API (**READ HELP**)
 PORTREVISION_DESC=	Show PORTREVISION in the version string
 PYTHON_DESC=		Build with Python utilities
 QUERYTRACE_DESC=	Enable the very verbose query tracelogging
 SIGCHASE_DESC=		dig/host/nslookup will do DNSSEC validation
 START_LATE_DESC=	Start BIND late in the boot process (see help)
 TCP_FASTOPEN_DESC=	RFC 7413 support
 TUNING_LARGE_DESC=	Tune named for large systems (**READ HELP**)
 
 DLZ_BDB_CONFIGURE_ON=	--with-dlz-bdb=yes
 DLZ_BDB_USES=		bdb
 
 DLZ_FILESYSTEM_CONFIGURE_ON=	--with-dlz-filesystem=yes
 
 DLZ_LDAP_CONFIGURE_ON=	--with-dlz-ldap=yes
 DLZ_LDAP_USE=		OPENLDAP=yes
 
 DLZ_MYSQL_CONFIGURE_ON=	--with-dlz-mysql=yes
 DLZ_MYSQL_USES=		mysql
 
 DLZ_POSTGRESQL_CONFIGURE_ON=	--with-dlz-postgres=yes
 DLZ_POSTGRESQL_USES=		pgsql
 
 DLZ_STUB_CONFIGURE_ON=	--with-dlz-stub=yes
 
 DNSTAP_CONFIGURE_ENABLE=	dnstap
 DNSTAP_LIB_DEPENDS=		libfstrm.so:devel/fstrm \
 				libprotobuf-c.so:devel/protobuf-c
 
 FIXED_RRSET_CONFIGURE_ENABLE=	fixed-rrset
 
 GEOIP_CONFIGURE_ENABLE=	geoip
 GEOIP_CONFIGURE_WITH=	maxminddb
 GEOIP_LIB_DEPENDS=	libmaxminddb.so:net/libmaxminddb
 
 GSSAPI_BASE_CONFIGURE_ON=	--with-gssapi=${GSSAPIBASEDIR} \
 				KRB5CONFIG="${KRB5CONFIG}"
 GSSAPI_BASE_USES=		gssapi
 
 GSSAPI_HEIMDAL_CONFIGURE_ON=	--with-gssapi=${GSSAPIBASEDIR} \
 				KRB5CONFIG="${KRB5CONFIG}"
 GSSAPI_HEIMDAL_USES=		gssapi:heimdal
 
 GSSAPI_MIT_CONFIGURE_ON=	--with-gssapi=${GSSAPIBASEDIR} \
 				KRB5CONFIG="${KRB5CONFIG}"
 GSSAPI_MIT_USES=		gssapi:mit
 
 GSSAPI_NONE_CONFIGURE_ON=	--without-gssapi
 
 IDN_CONFIGURE_OFF=	--without-libidn2
 IDN_CONFIGURE_ON=	${ICONV_CONFIGURE_BASE} \
 			--with-libidn2=${LOCALBASE}
 IDN_LIB_DEPENDS=	libidn2.so:dns/libidn2
 IDN_USES=		iconv
 
 JSON_CONFIGURE_WITH=	json-c
 JSON_LIB_DEPENDS=	libjson-c.so:devel/json-c
 JSON_LDFLAGS=		-L${LOCALBASE}/lib -ljson-c
 
 LARGE_FILE_CONFIGURE_ENABLE=	largefile
 
 LMDB_CONFIGURE_WITH=	lmdb=${LOCALBASE}
 LMDB_LIB_DEPENDS=	liblmdb.so:databases/lmdb
-LMDB_EXTRA_PATCHES=	${FILESDIR}/extrapatch-bind-lmdb-lock
 
 MANPAGES_BUILD_DEPENDS=	sphinx-build:textproc/py-sphinx
 
 OVERRIDECACHE_EXTRA_PATCHES=	${FILESDIR}/extrapatch-bind-min-override-ttl
 
 NATIVE_PKCS11_CONFIGURE_ENABLE=	native-pkcs11
 
 PYTHON_BUILD_DEPENDS=	${PYTHON_PKGNAMEPREFIX}ply>=0:devel/py-ply@${PY_FLAVOR}
 PYTHON_CONFIGURE_WITH=	python=${PYTHON_CMD}
 PYTHON_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}ply>=0:devel/py-ply@${PY_FLAVOR}
 PYTHON_USES=		python
 
 QUERYTRACE_CONFIGURE_ENABLE=	querytrace
 
 SIGCHASE_CONFIGURE_ON=	STD_CDEFINES="-DDIG_SIGCHASE=1"
 
 START_LATE_SUB_LIST=		NAMED_BEFORE="LOGIN" \
 				NAMED_REQUIRE="SERVERS cleanvar"
 START_LATE_SUB_LIST_OFF=	NAMED_BEFORE="SERVERS" \
 				NAMED_REQUIRE="NETWORKING ldconfig syslogd"
 
 TCP_FASTOPEN_CONFIGURE_ENABLE=	tcp-fastopen
 
 TUNING_LARGE_CONFIGURE_ON=	--with-tuning=large
 TUNING_LARGE_CONFIGURE_OFF=	--with-tuning=default
 
 .include <bsd.port.options.mk>
 
 .if defined(WITH_DEBUG)
 CONFIGURE_ARGS+=	--enable-developer \
 			--enable-symtable
 USES+=			perl5
 USE_PERL5=		build
 BUILD_DEPENDS+=		cmocka>0:sysutils/cmocka
 .else
 CONFIGURE_ARGS+=	--disable-symtable
 .endif
 
 .include <bsd.port.pre.mk>
 
 .if ${SSL_DEFAULT} == base
 SUB_LIST+=	ENGINES=/usr/lib/engines
 .else
 SUB_LIST+=	ENGINES=${LOCALBASE}/lib/engines
 .endif
 
 post-patch:
 .for FILE in named-checkconf.8 named.8 nsupdate.1 \
 	rndc.8
 	@${REINPLACE_CMD} -e 's#/etc/named.conf#${ETCDIR}/named.conf#g' \
 		-e 's#/etc/rndc.conf#${ETCDIR}/rndc.conf#g' \
 		-e "s#/var\/run\/named\/named.pid#/var/run/named/pid#" \
 		${WRKSRC}/doc/man/${FILE}in
 .endfor
 
 .if !defined(BIND_TOOLS_SLAVE)
 .  if ${PORTREVISION:N0}
 post-patch-PORTREVISION-on:
 	@${REINPLACE_CMD} -e '/EXTENSIONS/s#=$$#=_${PORTREVISION}#' \
 		${WRKSRC}/version
 .  endif
 
 post-install:
 	${MKDIR} ${STAGEDIR}${PREFIX}/etc/mtree
 	${MKDIR} ${STAGEDIR}${ETCDIR}
 .  for i in dynamic master slave working
 	@${MKDIR} ${STAGEDIR}${ETCDIR}/$i
 .  endfor
 	${INSTALL_DATA} ${WRKDIR}/named.conf ${STAGEDIR}${ETCDIR}/named.conf.sample
 	${INSTALL_DATA} ${FILESDIR}/named.root ${STAGEDIR}${ETCDIR}
 	${INSTALL_DATA} ${FILESDIR}/empty.db ${STAGEDIR}${ETCDIR}/master
 	${INSTALL_DATA} ${FILESDIR}/localhost-forward.db ${STAGEDIR}${ETCDIR}/master
 	${INSTALL_DATA} ${FILESDIR}/localhost-reverse.db ${STAGEDIR}${ETCDIR}/master
 	${INSTALL_DATA} ${FILESDIR}/BIND.chroot.dist ${STAGEDIR}${PREFIX}/etc/mtree/BIND.chroot.dist.sample
 	${INSTALL_DATA} ${FILESDIR}/BIND.chroot.local.dist ${STAGEDIR}${PREFIX}/etc/mtree/BIND.chroot.local.dist.sample
 	${INSTALL_DATA} ${WRKSRC}/bin/rndc/rndc.conf \
 		${STAGEDIR}${ETCDIR}/rndc.conf.sample
 
 post-install-DOCS-on:
 	${MKDIR} ${STAGEDIR}${DOCSDIR}
 	${INSTALL_DATA} ${WRKSRC}/CHANGES* ${WRKSRC}/HISTORY.md \
 		${WRKSRC}/README.md ${STAGEDIR}${DOCSDIR}
 .else
 
 post-install-MANPAGES-on:
 	@(cd ${WRKSRC}/doc/man && ${SETENV} ${MAKE_ENV} ${FAKEROOT} ${MAKE_CMD} ${MAKE_FLAGS} ${MAKEFILE} ${MAKE_ARGS} ${INSTALL_TARGET})
 
 # Can't use USE_PYTHON=autoplist
 post-install-PYTHON-on:
 	@${FIND} ${STAGEDIR}${PYTHON_SITELIBDIR} -type f | ${SED} -e 's|${STAGEDIR}||' >> ${TMPPLIST}
 .endif	# BIND_TOOLS_SLAVE
 
 .include <bsd.port.post.mk>
Index: head/dns/bind916/distinfo
===================================================================
--- head/dns/bind916/distinfo	(revision 545578)
+++ head/dns/bind916/distinfo	(revision 545579)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1594913262
-SHA256 (bind-9.16.5.tar.xz) = 6378b3e51fef11a8be4794dc48e8111ba92d211c0dfd129a0c296ed06a3dc075
-SIZE (bind-9.16.5.tar.xz) = 3474044
+TIMESTAMP = 1597735379
+SHA256 (bind-9.16.6.tar.xz) = b567b0f3b47dd03b345a4848af7f2acdd3f5cea2bd804edd85d9ef50743571cb
+SIZE (bind-9.16.6.tar.xz) = 3228368
Index: head/dns/bind916/files/extrapatch-bind-lmdb-lock
===================================================================
--- head/dns/bind916/files/extrapatch-bind-lmdb-lock	(revision 545578)
+++ head/dns/bind916/files/extrapatch-bind-lmdb-lock	(nonexistent)
@@ -1,236 +0,0 @@
---- bin/named/server.c.orig	2020-06-10 21:01:43 UTC
-+++ bin/named/server.c
-@@ -7578,6 +7578,8 @@ count_newzones(dns_view_t *view, ns_cfgctx_t *nzcfg, i
- 		      "for view '%s'",
- 		      view->new_zone_db, view->name);
- 
-+	LOCK(&view->new_zone_lock);
-+
- 	CHECK(nzd_count(view, &n));
- 
- 	*num_zonesp = n;
-@@ -7592,6 +7594,8 @@ cleanup:
- 		*num_zonesp = 0;
- 	}
- 
-+	UNLOCK(&view->new_zone_lock);
-+
- 	return (ISC_R_SUCCESS);
- }
- 
-@@ -7920,6 +7924,8 @@ typedef isc_result_t (*newzone_cfg_cb_t)(const cfg_obj
-  * Immediately interrupt processing if an error is encountered while
-  * transforming NZD data into a zone configuration object or if "callback"
-  * returns an error.
-+ *
-+ * Caller must hold 'view->new_zone_lock'.
-  */
- static isc_result_t
- for_all_newzone_cfgs(newzone_cfg_cb_t callback, cfg_obj_t *config,
-@@ -8028,8 +8034,11 @@ configure_newzones(dns_view_t *view, cfg_obj_t *config
- 		return (ISC_R_SUCCESS);
- 	}
- 
-+	LOCK(&view->new_zone_lock);
-+
- 	result = nzd_open(view, MDB_RDONLY, &txn, &dbi);
- 	if (result != ISC_R_SUCCESS) {
-+		UNLOCK(&view->new_zone_lock);
- 		return (ISC_R_SUCCESS);
- 	}
- 
-@@ -8055,6 +8064,9 @@ configure_newzones(dns_view_t *view, cfg_obj_t *config
- 	}
- 
- 	(void)nzd_close(&txn, false);
-+
-+	UNLOCK(&view->new_zone_lock);
-+
- 	return (result);
- }
- 
-@@ -8075,6 +8087,8 @@ get_newzone_config(dns_view_t *view, const char *zonen
- 
- 	INSIST(zoneconfig != NULL && *zoneconfig == NULL);
- 
-+	LOCK(&view->new_zone_lock);
-+
- 	CHECK(nzd_open(view, MDB_RDONLY, &txn, &dbi));
- 
- 	isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL,
-@@ -8108,6 +8122,8 @@ get_newzone_config(dns_view_t *view, const char *zonen
- cleanup:
- 	(void)nzd_close(&txn, false);
- 
-+	UNLOCK(&view->new_zone_lock);
-+
- 	if (zoneconf != NULL) {
- 		cfg_obj_destroy(named_g_addparser, &zoneconf);
- 	}
-@@ -12566,8 +12582,6 @@ nzd_save(MDB_txn **txnp, MDB_dbi dbi, dns_zone_t *zone
- 
- 	nzd_setkey(&key, dns_zone_getorigin(zone), namebuf, sizeof(namebuf));
- 
--	LOCK(&view->new_zone_lock);
--
- 	if (zconfig == NULL) {
- 		/* We're deleting the zone from the database */
- 		status = mdb_del(*txnp, dbi, &key, NULL);
-@@ -12647,8 +12661,6 @@ cleanup:
- 	}
- 	*txnp = NULL;
- 
--	UNLOCK(&view->new_zone_lock);
--
- 	if (text != NULL) {
- 		isc_buffer_free(&text);
- 	}
-@@ -12656,6 +12668,11 @@ cleanup:
- 	return (result);
- }
- 
-+/*
-+ * Check whether the new zone database for 'view' can be opened for writing.
-+ *
-+ * Caller must hold 'view->new_zone_lock'.
-+ */
- static isc_result_t
- nzd_writable(dns_view_t *view) {
- 	isc_result_t result = ISC_R_SUCCESS;
-@@ -12685,6 +12702,11 @@ nzd_writable(dns_view_t *view) {
- 	return (result);
- }
- 
-+/*
-+ * Open the new zone database for 'view' and start a transaction for it.
-+ *
-+ * Caller must hold 'view->new_zone_lock'.
-+ */
- static isc_result_t
- nzd_open(dns_view_t *view, unsigned int flags, MDB_txn **txnp, MDB_dbi *dbi) {
- 	int status;
-@@ -12812,6 +12834,13 @@ cleanup:
- 	return (result);
- }
- 
-+/*
-+ * If 'commit' is true, commit the new zone database transaction pointed to by
-+ * 'txnp'; otherwise, abort that transaction.
-+ *
-+ * Caller must hold 'view->new_zone_lock' for the view that the transaction
-+ * pointed to by 'txnp' was started for.
-+ */
- static isc_result_t
- nzd_close(MDB_txn **txnp, bool commit) {
- 	isc_result_t result = ISC_R_SUCCESS;
-@@ -12834,6 +12863,12 @@ nzd_close(MDB_txn **txnp, bool commit) {
- 	return (result);
- }
- 
-+/*
-+ * Count the zones configured in the new zone database for 'view' and store the
-+ * result in 'countp'.
-+ *
-+ * Caller must hold 'view->new_zone_lock'.
-+ */
- static isc_result_t
- nzd_count(dns_view_t *view, int *countp) {
- 	isc_result_t result;
-@@ -12881,6 +12916,8 @@ migrate_nzf(dns_view_t *view) {
- 	MDB_val key, data;
- 	ns_dzarg_t dzarg;
- 
-+	LOCK(&view->new_zone_lock);
-+
- 	/*
- 	 * If NZF file doesn't exist, or NZD DB exists and already
- 	 * has data, return without attempting migration.
-@@ -13016,6 +13053,8 @@ cleanup:
- 		result = nzd_close(&txn, commit);
- 	}
- 
-+	UNLOCK(&view->new_zone_lock);
-+
- 	if (text != NULL) {
- 		isc_buffer_free(&text);
- 	}
-@@ -13225,6 +13264,7 @@ do_addzone(named_server_t *server, ns_cfgctx_t *cfg, d
- 	MDB_dbi dbi;
- 
- 	UNUSED(zoneconf);
-+	LOCK(&view->new_zone_lock);
- #endif /* HAVE_LMDB */
- 
- 	/* Zone shouldn't already exist */
-@@ -13378,6 +13418,7 @@ cleanup:
- 	if (txn != NULL) {
- 		(void)nzd_close(&txn, false);
- 	}
-+	UNLOCK(&view->new_zone_lock);
- #endif /* HAVE_LMDB */
- 
- 	if (zone != NULL) {
-@@ -13401,6 +13442,7 @@ do_modzone(named_server_t *server, ns_cfgctx_t *cfg, d
- #else  /* HAVE_LMDB */
- 	MDB_txn *txn = NULL;
- 	MDB_dbi dbi;
-+	LOCK(&view->new_zone_lock);
- #endif /* HAVE_LMDB */
- 
- 	/* Zone must already exist */
-@@ -13598,6 +13640,7 @@ cleanup:
- 	if (txn != NULL) {
- 		(void)nzd_close(&txn, false);
- 	}
-+	UNLOCK(&view->new_zone_lock);
- #endif /* HAVE_LMDB */
- 
- 	if (zone != NULL) {
-@@ -13761,6 +13804,7 @@ rmzone(isc_task_t *task, isc_event_t *event) {
- 	if (added && cfg != NULL) {
- #ifdef HAVE_LMDB
- 		/* Make sure we can open the NZD database */
-+		LOCK(&view->new_zone_lock);
- 		result = nzd_open(view, 0, &txn, &dbi);
- 		if (result != ISC_R_SUCCESS) {
- 			isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL,
-@@ -13778,6 +13822,11 @@ rmzone(isc_task_t *task, isc_event_t *event) {
- 				      "delete zone configuration: %s",
- 				      isc_result_totext(result));
- 		}
-+
-+		if (txn != NULL) {
-+			(void)nzd_close(&txn, false);
-+		}
-+		UNLOCK(&view->new_zone_lock);
- #else  /* ifdef HAVE_LMDB */
- 		result = delete_zoneconf(view, cfg->add_parser, cfg->nzf_config,
- 					 dns_zone_getorigin(zone),
-@@ -13867,11 +13916,6 @@ rmzone(isc_task_t *task, isc_event_t *event) {
- 		}
- 	}
- 
--#ifdef HAVE_LMDB
--	if (txn != NULL) {
--		(void)nzd_close(&txn, false);
--	}
--#endif /* ifdef HAVE_LMDB */
- 	if (raw != NULL) {
- 		dns_zone_detach(&raw);
- 	}
---- lib/dns/include/dns/lmdb.h.orig	2020-06-10 21:01:43 UTC
-+++ lib/dns/include/dns/lmdb.h
-@@ -10,12 +10,7 @@
-  */
- 
- #include <lmdb.h>
--/*
-- * MDB_NOTLS is used to prevent problems after configuration is reloaded, due
-- * to the way LMDB's use of thread-local storage (TLS) interacts with the BIND9
-- * thread model.
-- */
--#define DNS_LMDB_COMMON_FLAGS (MDB_CREATE | MDB_NOSUBDIR | MDB_NOTLS)
-+#define DNS_LMDB_COMMON_FLAGS (MDB_CREATE | MDB_NOSUBDIR | MDB_NOLOCK)
- #ifndef __OpenBSD__
- #define DNS_LMDB_FLAGS (DNS_LMDB_COMMON_FLAGS)
- #else /* __OpenBSD__ */

Property changes on: head/dns/bind916/files/extrapatch-bind-lmdb-lock
___________________________________________________________________
Deleted: fbsd:nokeywords
## -1 +0,0 ##
-yes
\ No newline at end of property
Deleted: svn:eol-style
## -1 +0,0 ##
-native
\ No newline at end of property
Deleted: svn:mime-type
## -1 +0,0 ##
-text/plain
\ No newline at end of property
Index: head/dns/bind916/files/extrapatch-bind-min-override-ttl
===================================================================
--- head/dns/bind916/files/extrapatch-bind-min-override-ttl	(revision 545578)
+++ head/dns/bind916/files/extrapatch-bind-min-override-ttl	(revision 545579)
@@ -1,61 +1,61 @@
 Add the override-cache-ttl feature.
 
---- bin/named/config.c.orig	2020-07-03 10:44:14 UTC
+--- bin/named/config.c.orig	2020-08-10 09:31:13 UTC
 +++ bin/named/config.c
 @@ -179,6 +179,7 @@ options {\n\
  	notify-source *;\n\
  	notify-source-v6 *;\n\
  	nsec3-test-zone no;\n\
 +	override-cache-ttl 0; /* do not override */\n\
  	provide-ixfr true;\n\
  	qname-minimization relaxed;\n\
  	query-source address *;\n\
---- bin/named/server.c.orig	2020-07-03 10:44:14 UTC
+--- bin/named/server.c.orig	2020-08-10 09:31:13 UTC
 +++ bin/named/server.c
 @@ -4330,6 +4330,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewl
  	}
  
  	obj = NULL;
 +	result = named_config_get(maps, "override-cache-ttl", &obj);
 +	INSIST(result == ISC_R_SUCCESS);
 +	view->overridecachettl = cfg_obj_asduration(obj);
 +
 +	obj = NULL;
  	result = named_config_get(maps, "max-cache-ttl", &obj);
  	INSIST(result == ISC_R_SUCCESS);
  	view->maxcachettl = cfg_obj_asduration(obj);
---- lib/dns/include/dns/view.h.orig	2020-07-03 10:44:14 UTC
+--- lib/dns/include/dns/view.h.orig	2020-08-10 09:31:13 UTC
 +++ lib/dns/include/dns/view.h
 @@ -152,6 +152,7 @@ struct dns_view {
  	bool		      requestnsid;
  	bool		      sendcookie;
  	dns_ttl_t	      maxcachettl;
 +	dns_ttl_t	      overridecachettl;
  	dns_ttl_t	      maxncachettl;
  	dns_ttl_t	      mincachettl;
  	dns_ttl_t	      minncachettl;
---- lib/dns/resolver.c.orig	2020-07-03 10:44:14 UTC
+--- lib/dns/resolver.c.orig	2020-08-10 09:31:13 UTC
 +++ lib/dns/resolver.c
-@@ -6256,6 +6256,12 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_adb
+@@ -6268,6 +6268,12 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_adb
  		}
  
  		/*
 +		 * Enforce the configure cache TTL override.
 +		 */
 +                if (res->view->overridecachettl)
 +                        rdataset->ttl = res->view->overridecachettl;
 +
 +		/*
  		 * Enforce the configure maximum cache TTL.
  		 */
  		if (rdataset->ttl > res->view->maxcachettl) {
---- lib/isccfg/namedconf.c.orig	2020-07-03 10:44:14 UTC
+--- lib/isccfg/namedconf.c.orig	2020-08-10 09:31:13 UTC
 +++ lib/isccfg/namedconf.c
 @@ -1990,6 +1990,7 @@ static cfg_clausedef_t view_clauses[] = {
  #endif /* ifdef HAVE_LMDB */
  	{ "max-acache-size", &cfg_type_sizenodefault, CFG_CLAUSEFLAG_OBSOLETE },
  	{ "max-cache-size", &cfg_type_sizeorpercent, 0 },
 +	{ "override-cache-ttl", &cfg_type_duration, 0 },
  	{ "max-cache-ttl", &cfg_type_duration, 0 },
  	{ "max-clients-per-query", &cfg_type_uint32, 0 },
  	{ "max-ncache-ttl", &cfg_type_duration, 0 },
Index: head/dns/bind916/files/patch-configure
===================================================================
--- head/dns/bind916/files/patch-configure	(revision 545578)
+++ head/dns/bind916/files/patch-configure	(revision 545579)
@@ -1,92 +1,92 @@
 Fixup gssapi and db detection.
 
---- configure.orig	2020-07-03 10:44:14 UTC
+--- configure.orig	2020-08-10 09:31:13 UTC
 +++ configure
-@@ -17604,27 +17604,9 @@ done
+@@ -17574,27 +17574,9 @@ done
  		# problems start to show up.
  		saved_libs="$LIBS"
  		for TRY_LIBS in \
 -		    "-lgssapi_krb5" \
 -		    "-lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err" \
 -		    "-lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lresolv" \
 -		    "-lgssapi" \
 -		    "-lgssapi -lkrb5 -ldes -lcrypt -lasn1 -lroken -lcom_err" \
 -		    "-lgssapi -lkrb5 -lcrypt -lasn1 -lroken -lcom_err" \
 -		    "-lgssapi -lkrb5 -lgssapi_krb5 -lcrypt -lasn1 -lroken -lcom_err" \
 -		    "-lgssapi -lkrb5 -lhx509 -lcrypt -lasn1 -lroken -lcom_err" \
 -		    "-lgss -lkrb5"
 +		    "$($KRB5CONFIG gssapi --libs)"; \
  		do
 -		    # Note that this does not include $saved_libs, because
 -		    # on FreeBSD machines this configure script has added
 -		    # -L/usr/local/lib to LIBS, which can make the
 -		    # -lgssapi_krb5 test succeed with shared libraries even
 -		    # when you are trying to build with KTH in /usr/lib.
 -		    if test "/usr" = "$use_gssapi"
 -		    then
 -			    LIBS="$TRY_LIBS $ISC_OPENSSL_LIBS"
 -		    else
 -			    LIBS="-L$use_gssapi/lib $TRY_LIBS $ISC_OPENSSL_LIBS"
 -		    fi
 +		    LIBS="$TRY_LIBS"
  		    { $as_echo "$as_me:${as_lineno-$LINENO}: checking linking as $TRY_LIBS" >&5
  $as_echo_n "checking linking as $TRY_LIBS... " >&6; }
  		    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-@@ -17667,47 +17649,7 @@ $as_echo "no" >&6; } ;;
+@@ -17637,47 +17619,7 @@ $as_echo "no" >&6; } ;;
  		no) as_fn_error $? "could not determine proper GSSAPI linkage" "$LINENO" 5 ;;
  		esac
  
 -		#
 -		# XXXDCL Major kludge.  Tries to cope with KTH in /usr/lib
 -		# but MIT in /usr/local/lib and trying to build with KTH.
 -		# /usr/local/lib can end up earlier on the link lines.
 -		# Like most kludges, this one is not only inelegant it
 -		# is also likely to be the wrong thing to do at least as
 -		# many times as it is the right thing.  Something better
 -		# needs to be done.
 -		#
 -		if test "/usr" = "$use_gssapi" -a \
 -			-f /usr/local/lib/libkrb5.a; then
 -		    FIX_KTH_VS_MIT=yes
 -		fi
 -
 -		case "$FIX_KTH_VS_MIT" in
 -		yes)
 -		    case "$enable_static_linking" in
 -		    yes) gssapi_lib_suffix=".a"  ;;
 -		    *)   gssapi_lib_suffix=".so" ;;
 -		    esac
 -
 -		    for lib in $LIBS; do
 -			case $lib in
 -			-L*)
 -			    ;;
 -			-l*)
 -			    new_lib=`echo $lib |
 -				     sed -e s%^-l%$use_gssapi/lib/lib% \
 -					 -e s%$%$gssapi_lib_suffix%`
 -			    NEW_LIBS="$NEW_LIBS $new_lib"
 -			    ;;
 -			*)
 -			   as_fn_error $? "KTH vs MIT Kerberos confusion!" "$LINENO" 5
 -			    ;;
 -			esac
 -		    done
 -		    LIBS="$NEW_LIBS"
 -		    ;;
 -		esac
 -
 -		DST_GSSAPI_INC="-I$use_gssapi/include"
 +		DST_GSSAPI_INC="$($KRB5CONFIG gssapi --cflags)"
  		DNS_GSSAPI_LIBS="$LIBS"
  
  		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: using GSSAPI from $use_gssapi/lib and $use_gssapi/include" >&5
-@@ -23213,7 +23155,7 @@ $as_echo "" >&6; }
+@@ -23183,7 +23125,7 @@ $as_echo "" >&6; }
  			# Check other locations for includes.
  			# Order is important (sigh).
  
 -			bdb_incdirs="/db53 /db51 /db48 /db47 /db46 /db45 /db44 /db43 /db42 /db41 /db4 /db"
 +			bdb_incdirs="/db6 /db5 /db48"
  			# include a blank element first
  			for d in "" $bdb_incdirs
  			do