pool/nsd
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
98 Commits 1 Branch 0 Tags
Commit Graph

98 Commits

This Branch
This Branch
All Branches
Author SHA256 Message Date
Dominique Leuenberger
b98356f502 Accepting request 938257 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/938257
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=26
 2021-12-10 20:52:26 +00:00
Michael Ströder
9351d7e6dc Accepting request 938256 from home:stroeder:network 
New upstream release 4.3.9

OBS-URL: https://build.opensuse.org/request/show/938256
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=93
 2021-12-09 18:31:36 +00:00
Dominique Leuenberger
23d530fe24 Accepting request 931295 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/931295
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=25
 2021-11-14 23:06:46 +00:00
Michael Ströder
b5236723e3 Accepting request 931273 from home:stroeder:network 
- adjusted SystemCallFilter= in nsd.service

OBS-URL: https://build.opensuse.org/request/show/931273
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=92
 2021-11-13 22:46:24 +00:00
Dominique Leuenberger
396ef2e5c8 Accepting request 925093 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/925093
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=24
 2021-10-13 16:06:13 +00:00
Michael Ströder
c0230520f1 Accepting request 925092 from home:stroeder:network 
- set RestrictAddressFamilies= in nsd.service

OBS-URL: https://build.opensuse.org/request/show/925092
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=91
 2021-10-13 12:52:27 +00:00
Michael Ströder
1c78b76f36 Accepting request 924959 from home:stroeder:network 
- reworked nsd.service:
  * directly start as User=_nsd
  * even more hardening
  * removed commented and unused directives

FWIW: This was successfully tested on Tumbleweed x86_64.

OBS-URL: https://build.opensuse.org/request/show/924959
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=90
 2021-10-12 20:46:21 +00:00
Michael Ströder
3625623c92 Accepting request 924957 from home:stroeder:network 
Added hardening to systemd service(s) (bsc#1181400)

(Re-ordered nsd.changes)

OBS-URL: https://build.opensuse.org/request/show/924957
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=89
 2021-10-12 20:03:47 +00:00
Michael Ströder
a970b4b2e3 Accepting request 924899 from home:jsegitz:branches:systemdhardening:server:dns 
Automatic systemd hardening effort by the security team. This has not been tested. For details please see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort

OBS-URL: https://build.opensuse.org/request/show/924899
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=88
 2021-10-12 19:53:30 +00:00
Dominique Leuenberger
f61772b7c3 Accepting request 924929 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/924929
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=23
 2021-10-12 19:50:03 +00:00
Michael Ströder
39cc06a6e7 Accepting request 924928 from home:stroeder:network 
New upstream release 4.3.8

OBS-URL: https://build.opensuse.org/request/show/924928
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=87
 2021-10-12 18:31:24 +00:00
Dominique Leuenberger
d3c45a19b9 Accepting request 907806 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/907806
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=22
 2021-07-22 20:43:36 +00:00
Michael Ströder
c4d89ea595 Accepting request 907805 from home:stroeder:network 
New upstream release 4.3.7

OBS-URL: https://build.opensuse.org/request/show/907805
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=86
 2021-07-22 18:31:41 +00:00
Richard Brown
e712f27ed5 Accepting request 883393 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/883393
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=21
 2021-04-08 19:31:45 +00:00
Michael Ströder
7fc4c082ed Accepting request 883391 from home:stroeder:network 
New upstream release 4.3.6

OBS-URL: https://build.opensuse.org/request/show/883391
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=84
 2021-04-06 18:43:14 +00:00
Dominique Leuenberger
1e2825520c Accepting request 867450 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/867450
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=20
 2021-01-28 20:29:03 +00:00
Michael Ströder
80dd9114b1 Accepting request 866990 from home:stroeder:branches:server:dns 
New upstream release 4.3.5

OBS-URL: https://build.opensuse.org/request/show/866990
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=82
 2021-01-28 11:31:31 +00:00
Dominique Leuenberger
62eeab8d45 Accepting request 852435 from server:dns 
- New upstream release 4.3.4
FEATURES:
- Merge PR #141: ZONEMD RR type.
BUG FIXES:
- Fix that symlink does not interfere with chown of pidfile
  (bsc#1179191, CVE-2020-28935)
- Fix #129: ambiguous use of errno, in log message if sendmmsg fails.
- Fix #128: Fix that the invalid port number is logged for sendmmsg
  failed: Invalid argument.
- Fix #127: two minor `-Wcast-qual` cleanups
- Fix #126: minor header hygiene
- Fix #125: include config.h in compat/setproctitle.c and fix
  prototype of `setproctitle`
- Fix #133: fix 0-init of local ( stack ) buffer.
- Fix missing parenthesis on size of fix to init buffer.
- Fix #134: IPV4_MINIMAL_RESPONSE_SIZE vs EDNS_MAX_MESSAGE_LEN.
- Fix to add missing closest encloser NSEC3 for wildcard nodata type
  DS answer.
- Remove unused init_cfg_parse routine from configlexer.
- Fix #138: NSD returns non-EDNS answer when QUESTION is empty.
- Fix #142: NODATA answers missin SOA in authority section after
  CNAME chain.

OBS-URL: https://build.opensuse.org/request/show/852435
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=19
 2020-12-02 12:59:00 +00:00
Adam Majer
2c8506e8e2 - Fix that symlink does not interfere with chown of pidfile 
(bsc#1179191, CVE-2020-28935)

OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=80
 2020-12-01 20:54:35 +00:00
Adam Majer
5a464ece91 Accepting request 852423 from home:stroeder:branches:server:dns 
New upstream release 4.3.4 with fix for CVE-2020-28935

OBS-URL: https://build.opensuse.org/request/show/852423
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=79
 2020-12-01 20:53:14 +00:00
Dominique Leuenberger
4b23a536bb Accepting request 842496 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/842496
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=18
 2020-10-20 14:07:57 +00:00
Adam Majer
5b7b6c24bf Accepting request 840327 from home:stroeder:branches:server:dns 
New upstream release 4.3.3

OBS-URL: https://build.opensuse.org/request/show/840327
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=77
 2020-10-19 08:27:21 +00:00
Dominique Leuenberger
a2bca6a80b Accepting request 821856 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/821856
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=17
 2020-07-20 19:04:16 +00:00
Adam Majer
930b6ba833 Accepting request 820965 from home:stroeder:branches:server:dns 
New upstream release 4.3.2

OBS-URL: https://build.opensuse.org/request/show/820965
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=75
 2020-07-20 09:54:56 +00:00
Dominique Leuenberger
1bd6e4f944 Accepting request 794852 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/794852
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=16
 2020-04-17 22:32:05 +00:00
Adam Majer
1028b4c4a6 Accepting request 794652 from home:stroeder:branches:server:dns 
New upstream release 4.3.1

OBS-URL: https://build.opensuse.org/request/show/794652
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=73
 2020-04-17 09:43:08 +00:00
Dominique Leuenberger
a8a5ddcc8b Accepting request 786102 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/786102
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=15
 2020-03-18 11:47:16 +00:00
Marguerite Su
89a74f451a Accepting request 786026 from home:stroeder:branches:server:dns 
New upstream release 4.3.0

OBS-URL: https://build.opensuse.org/request/show/786026
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=71
 2020-03-18 08:56:20 +00:00
Dominique Leuenberger
03ec372c0d Accepting request 756107 from server:dns 
- Update keyring as per https://nlnetlabs.nl/people/

- New upstream release 4.2.4
FEATURES:
- Fix #48: Add make distclean that removes config.h made by configure.
  And add maintainer-clean that removes bison and flex output.
BUG FIXES:
- Detect fixed time memcmp for openssl 0.9.8 compatibility.
- Detect EC_KEY_new_by_curve_name for openssl 0.9.8.
- include limits.h for UINT_MAX.
- If no recvmmsg, dont use msg_flags member, but errno for error,
  where our fallback function left it, msg_flags also does not exist
  on some systems.
- Remove unused variable warning for portability.
- Fix #52: do not log transient network full errors unless higher
  verbosity is set.
- Fix regressions in configparser.y where global variables were not
  set for minimal-responses, round-robin and log-time-ascii.

OBS-URL: https://build.opensuse.org/request/show/756107
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=14
 2019-12-12 22:20:13 +00:00
Adam Majer
ebb8c821e6 - Update keyring as per https://nlnetlabs.nl/people/ 
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=69
 2019-12-12 15:51:01 +00:00
Adam Majer
9a1c8c624c Accepting request 755665 from home:stroeder:branches:server:dns 
New upstream release 4.2.4

OBS-URL: https://build.opensuse.org/request/show/755665
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=68
 2019-12-12 11:32:11 +00:00
Dominique Leuenberger
f775f6318e Accepting request 749910 from server:dns 
- New upstream release 4.2.3:
  * confine-to-zone configures NSD to not return out-of-zone
    additional information.
  * pidfile "" allows to run NSD without a pidfile
  * adds support for readiness notification with READY_FD
  * fix excessive logging of ixfr failures, it stops the log when
    fallback to axfr is possible. log is enabled at high verbosity.
  * Fixup warnings during --disable-ipv6 compile.
  * The nsd.conf includes are sorted ascending, for include statements
    with a '*' from glob.
  * Fix log address and failure reason with tls handshake errors,
    squelches (the same as unbound) some unless high verbosity is used.
  * Number of different UDP handlers has been reduced to one.
    recvmmsg and sendmmsg implementations are now used on all platforms.
  * Socket options are now set in designated functions for easy reuse.
  * Socket setup has been simplified for easy reuse.
  * Configuration parser is now aware of the context in which
    an option was specified.
  * document that remote-control is a top-level nsd.conf attribute.
- Remove legacy upgrade of nsd users in %post (boo#1157331)

OBS-URL: https://build.opensuse.org/request/show/749910
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=13
 2019-11-21 11:58:58 +00:00
Adam Majer
a66803351a Fix .changes 
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=66
 2019-11-20 13:41:38 +00:00
Adam Majer
4326999e05 - New upstream release 4.2.3: 
* confine-to-zone configures NSD to not return out-of-zone
    additional information.
  * pidfile "" allows to run NSD without a pidfile
  * adds support for readiness notification with READY_FD
  * fix excessive logging of ixfr failures, it stops the log when
    fallback to axfr is possible. log is enabled at high verbosity.
  * Fixup warnings during --disable-ipv6 compile.
  * The nsd.conf includes are sorted ascending, for include statements
    with a '*' from glob.
  * Fix log address and failure reason with tls handshake errors,
    squelches (the same as unbound) some unless high verbosity is used.
  * Number of different UDP handlers has been reduced to one.
    recvmmsg and sendmmsg implementations are now used on all platforms.
  * Socket options are now set in designated functions for easy reuse.
  * Socket setup has been simplified for easy reuse.
  * Configuration parser is now aware of the context in which
    an option was specified.
  * document that remote-control is a top-level nsd.conf attribute.
- Remove legacy upgrade of nsd users in %post (boo#1157331)boo#1157331)

OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=65
 2019-11-20 13:40:55 +00:00
Dominique Leuenberger
9b153c3c34 Accepting request 729937 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/729937
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=12
 2019-09-11 08:40:45 +00:00
Adam Majer
45e4820b87 Accepting request 729935 from home:stroeder:branches:server:dns 
update to 4.2.2

OBS-URL: https://build.opensuse.org/request/show/729935
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=63
 2019-09-10 17:40:14 +00:00
Dominique Leuenberger
43f3cf2e26 Accepting request 715234 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/715234
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=11
 2019-07-16 06:41:01 +00:00
Marguerite Su
b6d4704d73 Accepting request 714282 from home:stroeder:branches:server:dns 
New upstream release 4.2.1

OBS-URL: https://build.opensuse.org/request/show/714282
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=61
 2019-07-14 03:08:38 +00:00
Dominique Leuenberger
96090f3b86 Accepting request 709251 from server:dns 
- New upstream release 4.2.0:
  * Implement TCP fast open
  * Added DNS over TLS
  * TLS OCSP stapling support with the tls-service-ocsp option
  * New option hide-identity can be used in nsd.conf to stop NSD
    from responding with the hostname for probe queries that
    elicit the chaos class response, this is conform RFC4892
  * Disable TLS1.0, TLS1.1 and weak ciphers, enable CIPHER_SERVER_PREFERENCE

OBS-URL: https://build.opensuse.org/request/show/709251
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=10
 2019-06-12 11:19:06 +00:00
Marcus Rueckert
9211fbd585 Accepting request 709249 from home:adamm:branches:server:dns 
- New upstream release 4.2.0:
  * Implement TCP fast open
  * Added DNS over TLS
  * TLS OCSP stapling support with the tls-service-ocsp option
  * New option hide-identity can be used in nsd.conf to stop NSD
    from responding with the hostname for probe queries that
    elicit the chaos class response, this is conform RFC4892
  * Disable TLS1.0, TLS1.1 and weak ciphers, enable CIPHER_SERVER_PREFERENCE

OBS-URL: https://build.opensuse.org/request/show/709249
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=59
 2019-06-11 18:52:40 +00:00
Dominique Leuenberger
9d57d51605 Accepting request 688579 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/688579
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=9
 2019-03-26 14:45:27 +00:00
Marguerite Su
458e94affe Accepting request 688411 from home:stroeder:branches:server:dns 
Update to upstream release 4.1.27

OBS-URL: https://build.opensuse.org/request/show/688411
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=57
 2019-03-26 06:51:23 +00:00
Dominique Leuenberger
b6ea1acd45 Accepting request 655291 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/655291
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=8
 2018-12-06 11:17:29 +00:00
Adam Majer
978f40fd41 Accepting request 654103 from home:stroeder:branches:server:dns 
Update to upstream release 4.1.26

OBS-URL: https://build.opensuse.org/request/show/654103
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=55
 2018-12-05 10:03:47 +00:00
Dominique Leuenberger
ce9afc3ab9 Accepting request 638271 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/638271
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=7
 2018-09-26 12:24:23 +00:00
Marguerite Su
ce705def19 Accepting request 638258 from home:stroeder:branches:server:dns 
- Update to upstream release 4.1.25

OBS-URL: https://build.opensuse.org/request/show/638258
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=53
 2018-09-26 00:40:49 +00:00
Dominique Leuenberger
b1283de751 Accepting request 629193 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/629193
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=6
 2018-08-15 08:38:18 +00:00
Adam Majer
f1e3ce31b3 Accepting request 629072 from home:stroeder:branches:server:dns 
Update to upstream release 4.1.24

OBS-URL: https://build.opensuse.org/request/show/629072
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=51
 2018-08-14 08:20:44 +00:00
Dominique Leuenberger
8583ffc512 Accepting request 627482 from server:dns 
OBS-URL: https://build.opensuse.org/request/show/627482
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nsd?expand=0&rev=5
 2018-08-06 09:53:59 +00:00
Marguerite Su
070d679d50 Accepting request 626524 from home:stroeder:branches:server:dns 
- Update to upstream release 4.1.23:
  - Fix NSD time sensitive TSIG compare vulnerability.

OBS-URL: https://build.opensuse.org/request/show/626524
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=49
 2018-08-05 05:46:44 +00:00