dns/unbound: restores DNS over QUIC and HTTPS

There was a line missing in the Makefile for the port.
This commit correct it and restores DNS over QUIC and HTTPS

PR:		282183
Reported by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)

dns/unbound: update to 1.22.0

Changelog: https://nlnetlabs.nl/news/2024/Oct/17/unbound-1.22.0-released/
Full changelog: https://nlnetlabs.nl/projects/unbound/download/#unbound-1-22-0

PR:		282172
Reported by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)

dns/unbound: Update to version 1.21.1

 - patch for users who use base OpenSSL

PR:		281894, 281804
Security:	2368755b-83f6-11ef-8d2e-a04a5edf46d9
Security:	CVE-2024-8508

dns/unbound: Update 1.20.0 → 1.21.0

Release announcement:
https://nlnetlabs.nl/news/2024/Aug/15/unbound-1.21.0-released/

PR:	280853
MFH:	2024Q3

security/libsodium: update to 1.0.19, bump dependent ports

PR:	278259
Reported by:	Andrey Korobkov <alster-vinterdalen.se>

dns/unbound: Uodate to 1.20.0

ChangeLog: https://nlnetlabs.nl/news/2024/May/08/unbound-1.20.0-released/

Summary of the DNSBomb vulnerability CVE-2024-33655.
The DNSBomb attack, via specially timed DNS queries and answers, can cause a
Denial of Service on resolvers and spoofed targets.

Unbound itself is not vulnerable for DoS, rather it can be used to take part in
a pulsing DoS amplification attack.

PR:		278870
Reported by:	jaap@NLnetLabs.nl (maintainer)
Security:	CVE-2024-33655

dns/unbound: Update to unbound 1.19.3

This release has a number of bug fixes. The CNAME synthesized for a
DNAME record uses the original TTL, of the DNAME record, and that means
it can be cached for the TTL, instead of 0.

There is a fix that when a message was stored in cache, but one of the
RRsets was not updated due to cache policy, it now restricts the message
TTL if the cache version of the RRset has a shorter TTL. It avoids a
bug where the message is not expired, but its contents is expired.

For dnstap, it logs type DoH and DoT correctly, if that is used for
the message.

The b.root-servers.net address is updated in the default root hints.

dns/unbound: Update to 1.19.1

Release notes at
	https://www.nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/

Security:	CVE-2023-50387, CVE-2023-50868
Approved by:	Jaap Akkerhuis <jaap@NLnetLabs.nl>
MFH:		2024Q1

dns/unbound: Moved man to share/man

Approved by:    portmgr (blanket)

dns/unbound: Update to 1.19.0

ChangeLog: https://nlnetlabs.nl/news/2023/Nov/08/unbound-1.19.0-released/

Features
* Fix #850: [FR] Ability to use specific database in Redis, with new
  redis-logical-db configuration option.
* Merge #944: Disable EDNS DO.  Disable the EDNS DO flag in upstream requests.
  This can be helpful for devices that cannot handle DNSSEC information. But it
  should not be enabled otherwise, because that would stop DNSSEC validation.
  The DNSSEC validation would not work for Unbound itself, and also not for
  downstream users. Default is no. The option is disable-edns-do: no
* Expose the script filename in the Python module environment 'mod_env' instead
  of the config_file structure which includes the linked list of scripts in a
  multi Python module setup; fixes #79.

dns/unbound: Fix loop when ENOBUFS is returned

- Fix send of udp retries when ENOBUFS is returned. It stops looping
  and also waits for the condition to go away. Reported to upstream
  by Florian Obser.

PR:             274352, 274446
Approved by:	jaap@NLnetLabs.nl (maintainer)
MFH:		2023Q4

dns/unbound: update to 1.18.0

ChangeLog: https://www.nlnetlabs.nl/projects/unbound/download/#unbound-1-18-0

PR:		273456
Reported by:	rcm@rcm.sh
Approved by:	jaap@NLnetLabs.nl (maintainer)

dns/unbound: fix build with AAAA option ON

PR:		269337
Reported by:	void@f-m.fm
MFH:		2023Q1 (build fix)

dns/unbound: Clarify DYNLIB_DESC

The DYNLIB option doesn't change whether unbound itself is dynamically
or statically linked, it enables support for third-party shlibs.

Approved by:	maintainer

dns/unbound: add dynlib port option

PR:		268942
Reported by:	me@rcm.sh
Approved by:	jaap@NLnetLabs.nl (maintainer)

dns/unbound: Update to 1.17.1

The release notes can be found at:
https://www.nlnetlabs.nl/projects/unbound/download/#unbound-1-17-1

PR:		268913
Approved by:	jaap@NLnetLabs.nl (maintainer)
Sponsored by:	Rubicon Communications, LLC ("Netgate")

dns/unbound: Update to 1.17.0

ChangeLog: https://www.nlnetlabs.nl/news/2022/Oct/13/unbound-1.17.0-released/

Remove additional MASTER_SITES (certificate error)

PR:		267018
Reported by:	jaap@NLnetLabs.nl (maintainer)
Reviewed by:	diizzy@

dns/unbound: Update to 1.16.3

ChangeLog: https://nlnetlabs.nl/news/2022/Sep/21/unbound-1.16.3-released/

Fixes Non-Responsive Delegation Attack.

PR:		266654
Reported by:	herbert@gojira.at
Approved by:	jaap@NLnetLabs.nl (maintainer)
Security:	CVE-2022-3204

Remove WWW entries moved into port Makefiles

Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.

This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.

Approved by:		portmgr (tcberner)

Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.

dns/unbound: Security update to 1.6.2

PR:		265645
Reported by:	Jaap Akkerhuis <jaap NLnetLabs nl> (maintainer)
Security:	bc43a578-14ec-11ed-856e-d4c9ef517024
MFH:		2022Q3

dns: remove 'Created by' lines

A big Thank You to the original contributors of these ports:

  *  Aaron Dalton <aaron@FreeBSD.org>
  *  Akinori MUSHA aka knu <knu@idaemons.org>
  *  Alex Samorukov <samm@freebsd.org>
  *  Alexey Dokuchaev <danfe@FreeBSD.org>
  *  Allan Jude <allanjude@freebsd.org>
  *  Amar Takhar <verm@drunkmonk.net>
  *  Anders Nordby <anders@fix.no>
  *  Andrew Greenwood <greenwood.andy@gmail.com>
  *  Anton Berezin <tobez@FreeBSD.org>
  *  Ashish SHUKLA <ashish@FreeBSD.org>
  *  Attila Nagy <bra@fsn.hu>

dns/unbound: Update to 1.16.1

ChangeLog: https://www.nlnetlabs.nl/projects/unbound/download/#unbound-1-16-1

PR:	265151
Reported by:	jaap@NLnetLabs.nl (maintainer)
MFH:	2022Q3 (bugfixes)

dns/unbound: Update to 1.16.0

This release has EDE support, for extended EDNS error reporting,
it fixes unsupported ZONEMD algorithms to load, and has more bug fixes.

The EDE errors can be turned on by `ede: yes`, it is default disabled.
Validation errors and other errors are then reported. If you also want
stale answers for expired responses to have an error code, the option
`ede-serve-expired: yes` can be used.

On request, the port now also has dnscrypt support default enabled.

PR:		264538

dns/unbound: Fix DoH compilation

PR:		262145
Reported by:	freebsd@rail.eu.org
Tested by:	freebsd@rail.eu.org

dns/unbound: Update to 1.15.0

[The Makefile of the port got cleaned up to make portfmt happy]

This release has bug fixes for crashes that happened on heavy network
usage. The default for the aggressive-nsec option has changed, it is now
enabled.

The ratelimit logic had to be reworked for the crash fixes. As a result,
there are new options to control the behaviour of ratelimiting.
The ratelimit-backoff and ip-ratelimit-backoff options can be used to
control how severe the backoff is when the ratelimit is exceeded.

The rpz-signal-nxdomain-ra option can be used to unset the RA flag, for
NXDOMAIN answers from RPZ. That is used by some clients to detect that

dns/unbound: Fix the aaaa-filter-iterator.patch

PR:		260553
Reported by:	tech-lists@zyxst.net

dns/unbound: Update to 1.14.0

Changelog:

This release contains bug fixes and a full set of RPZ triggers and
actions that are supported. This works with RPZ zones, configured with
`rpz:`.

It is possible to selectively enable use of TCP for stub zones and
forward zones, without having enable it server wide, by enabling it
with the `stub-tcp-upstream: yes` and `forward-tcp-upstream: yes` options.

The added contrib/Dockerfile.tests from ziollek can be used to setup
a Docker environment to run tests in. The documentation is in the
doc/README.tests file.

dns/unbound: Update to 1.13.2

Added a new option DEP-RSA1024 to enable --with-deprecate-rsa-1024

Changelog:

- Merge PR #317: ZONEMD Zone Verification, with RFC 8976 support.
  ZONEMD records are checked for zones loaded as auth-zone,
  with DNSSEC if available.  There is an added option
  zonemd-permissive-mode that makes it log but not fail wrong zones.
  With zonemd-reject-absence for an auth-zone the presence of a
  zonemd can be mandated for specific zones.
- Fix: Resolve interface names on control-interface too.
- Merge #470 from edevil: Allow configuration of persistent TCP
  connections.

all: Remove all other $FreeBSD keywords.

Remove # $FreeBSD$ from Makefiles.

dns/unbound: Update to 1.13.1

Changes: https://nlnetlabs.nl/news/2021/Feb/09/unbound-1.13.1-released/

PR:		253376
Submitted by:	Jaap Akkerhuis <jaap AT NLnetLabs DOT nl> (maintainer)

dns/unbound: SIGSEGV fix

PR:		251821
Submitted by:	delphij
Approved by:	Jaap Akkerhuis (maintainer)
Obtained from:	https://github.com/NLnetLabs/unbound/issues/376
MFH:		2020Q4

dns/unbound: Security update to 1.13.0

 * Sort options and port_docs while here

PR:		251563
Submitted by:	Jaap Akkerhuis <jaap nlnetlabs nl> (maintainer)
Approved by:	maintainer (implicit)
MFH:		2020Q4
Security:	388ebb5b-3c95-11eb-929d-d4c9ef517024

dns/unbound: Update to 1.12.0

PR:		250199
Submitted by:	maintainer
Sponsored by:	Rubicon Communications, LLC (Netgate)

dns/unbound: Update to 1.11.0

PR:		248808
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)

Unbreak the build with FILTER_AAAA option.

PR:	246648

Move devel/swig30 to devel/swig and update to 4.0.1

- Do not silence installation message
- Update dependent ports:
  - Fix build with swig 4.0.1
  - Update *_DEPENDS
  - Remove BINARY_ALIAS

Changes:	http://www.swig.org/news.php
PR:		246613
Exp-run by:	antoine

dns/unbound: update to 1.10.1.

PR:		246569
Submitted by:	Jaap Akkerhuis (maintainer)
MFH:		2020Q2
Security:	CVE-2020-12662, CVE-2020-12663

dns/unbound: update 1.9.6 -> 1.10.0

PR:		244244
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Relnotes:	https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=244244#c0

Update to 1.9.6

PR:		242603
Sponsored by:	Netzkommune GmbH

Update to 1.9.5

Changelog:
https://nlnetlabs.nl/projects/unbound/security-advisories/#vulnerability-in-ipsec-module

PR:		242075
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
MFH:		2019Q4
Sponsored by:	Netzkommune GmbH

Update to 1.9.4

Changes:	https://github.com/NLnetLabs/unbound/blob/master/doc/Changelog
PR:		241033
Reported by:	C <cm@appliedprivacy.net>
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Security:	108a4be3-e612-11e9-9963-5f1753e0aca0
MFH:		2019Q4

dns/unbound: update to 1.9.3

Whil here, improve rc script

PR:		240163
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)

Convert to UCL & cleanup pkg-message (categories d)

devel/libevent2: update to 2.1.11

Changes:	https://github.com/libevent/libevent/releases/tag/release-2.1.11-stable
ABI:		https://abi-laboratory.pro/tracker/timeline/libevent/
PR:		239599
Reported by:	GitHub (watch releases)
Approved by:	zeising (maintainer)
MFH:		2019Q3 (maybe security, partially restores 2.1.8 ABI)
Differential Revision:	https://reviews.freebsd.org/D21133

Update to 1.9.2

PR:		238651
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Sponsored by:	Netzkommune GmbH

dns/unbound: update to 1.9.1

PR:		236575
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)

dns/unbound: Import patch to fix hostname verification with OpenSSL 1.0.2

PR:		235571
Approved by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)
Obtained from:	https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=4206#c5
		https://github.com/pfsense/FreeBSD-ports/commit/af2c493a0dfa99e2afc6e3f9236aad10021d6b39
Sponsored by:	Rubicon Communications, LLC (Netgate)

Update to 1.9.0

Changes:	https://www.nlnetlabs.nl/svn/unbound/tags/release-1.9.0/doc/Changelog
PR:		235522
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)

dns/unbound: Update to 1.8.3

PR:		233933
Submitted by:	jaap@NLnetLabs.nl

dns/unbound: fix DNSTAP build failure

PR:		233891
Submitted by:	jaap@NLnetLabs.nl (maintainer)
Reported by:	O. Hartmann <ohartmann@walstatt.org>

dns/unbound: Update to 1.8.2

PR:		233796
Submitted by:	jaap@NLnetLabs.nl (maintainer)

dns/unbound upgrade to 1.8.1

PR:		232070
Submitted by:	jaap@NLnetLabs.nl (maintainer)

dns/unbound: remove unnecessary LIBEVENT_USES

PR:		231488
Submitted by:	jaap@NLnetLabs.nl (maintainer)

dns/unbound: Fix configure in some cases

Fix configure by adding missing pkgconfig to uses

PR:		231488
Submitted by:	leres (solution, via email), mfechner (patch)
Reported by:	leres, mfechner
Approved by:	jaap@NLnetLabs.nl (maintainer)

dns/unbound: Fix OPTIONS_DEFINE reference

Missed in previous commit

PR:		231283
Submitted by:	jaap@NLnetLabs.nl (maintainer)
Pointyhat to:	swills

dns/unbound: update to 1.8.0

Bump PORTREVISION on consumers due to library major version change

PR:		231283
Submitted by:	jaap@NLnetLabs.nl (maintainer)

Update to 1.7.3

Changes:	https://www.nlnetlabs.nl/svn/unbound/tags/release-1.7.3/doc/Changelog
PR:		229202
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)

dns/unbound: upgrade to 1.7.2

PR:		228889
Submitted by:	jaap@NLnetLabs.nl (maintainer)

dns/unbound: Bump portrevision

 - Follow-up of r470572

PR:		228390
Reported by:	adamw
MFH:		2018Q2

dns/unbound: Fix errors when unbound_conf is set

PR:		228390
Approved by:	maintainer <jaap NLnetLabs nl>

MFH:		2018Q2

- Update to 2.5.9
- Update WWW

PR:	227949
Submitted by:	maintainer
Sponsored by:     iXsystems Inc.

dns/unbound: upgrade 1.6.8 -> 1.7.0

Features
- auth-zone provides a way to configure RFC7706 from unbound.conf,
  eg. with auth-zone: name: "." for-downstream: no for-upstream: yes
  fallback-enabled: yes and masters or a zonefile with data.
- Aggressive use of NSEC implementation. Use cached NSEC records to
  generate NXDOMAIN, NODATA and positive wildcard answers.
- Accept tls-upstream in unbound.conf, the ssl-upstream keyword is
  also recognized and means the same.  Also for tls-port,
  tls-service-key, tls-service-pem, stub-tls-upstream and
  forward-tls-upstream.
- [dnscrypt] introduce dnscrypt-provider-cert-rotated option,
  from Manu Bretelle.
  This option allows handling multiple cert/key pairs while only

Switch some MASTER_SITES from http/ftp to https.

Also some cleanup of dead entries.

PR:		226203
Submitted by:	Sam H
Sponsored by:	Absolight

Reduce dependency on the python2 metaport

PR:		225752
Submitted by:	Yasuhiro KIMURA

Bump PORTREVISION after r459983

dns/unbound: Fix rc-script with config in flags

 - Adds new option unbound_config

PR:		225360
Submitted by:	jaap@NLnetLabs.nl
Approved by:	jaap@NLnetLabs.nl (maintainer)

dns/unbound: Update to 1.6.8, Fixes security vulnerability

PR:		225313
Submitted by:	jaap@NLnetLabs.nl (maintainer)
MFH:		2018Q1
Security:	8d3bae09-fd28-11e7-95f2-005056925db4

After r452629 also bump ports that optionally depend on libsodium.

PR:		223192

dns/unbound: Update to 1.6.7

Changes:	http://www.unbound.net/pipermail/unbound-users/2017-October/004972.html

PR:		222941
Submitted by:	jaap@NLnetLabs.nl (maintainer)

dns/unbound: Update to 1.6.6

Changes:	http://www.unbound.net/pipermail/unbound-users/2017-September/004936.html

PR:		222503
Submitted by:	jaap@NLnetLabs.nl (maintainer)

dns/unbound: Upgrade to 1.6.5

PR:		221692
Submitted by:	jaap@NLnetLabs.nl (maintainer)

Fix typo

Approved by:	portmgr (blanket)

Base system contains unbound without libevent support enabled.
Enable libevent by default for the port dns/unbound for performance reasons.

PR:		220733
Submitted by:	Dmitry Luhtionov
Approved by:	jaap (maintainer), az (mentor)

dns/unbound: Update to 1.6.4

Changes:	http://www.unbound.net/pipermail/unbound-users/2017-June/004818.html

PR:		220673
Submitted by:	jaap@NLnetLabs.nl (maintainer)
Approved by:	garga (mentor, implicit)

Update unbound to 1.6.3.

This release fixes a spurious assertion failure when unbound receives a
malformed packet with 0x20 enabled.

Bug Fixes
- Fix #1280: Unbound fails assert when response from authoritative
  contains malformed qname. When 0x20 caps-for-id is enabled, when
  assertions are not enabled the malformed qname is handled correctly.

PR:		219958
Submitted by:	maintainer (jaap NLnetLabs nl)

Correct typo in DNSCRYPT option description

PR:	219052
Submitted by: greenreaper@hotmail.com
Reportee by:
Approved by:	adamw (mentor, implicit)

dns/unbound: update 1.6.1 -> 1.6.2

PR:		218872
Changes:	http://www.unbound.net/pipermail/unbound-users/2017-April/004762.html
Submitted by:	jaap@NLnetLabs.nl (maintainer)

- Update to 1.6.1

PR:		217614
Submitted by:	jaap@NLnetLabs.nl(maintainer)

- Chase ldns shlip bump

PR:		217495

devel/libevent2: drop historical suffix after r362796

PR:		216777
Approved by:	mm (maintainer)

devel/libevent2: update to 2.1.8 and cleanup

- DEFAULT_VERSIONS += ssl=openssl-devel is now supported
- devel/py-event and devel/p5-Event-Lib are marked BROKEN

Changes:	https://github.com/libevent/libevent/raw/release-2.1.8-stable/whatsnew-2.1.txt
Changes:	https://github.com/libevent/libevent/raw/release-2.1.8-stable/ChangeLog
PR:		216527
Exp-run by:	antoine
Approved by:	mm (maintainer)

- Remove always-true/false conditions after FreeBSD 9, 10.1, 10.2 EOL

Approved by:	portmgr blanket

- Update to 1.6.0
- Do not silence installation message
- While I'm here:
  - Move LIB_DEPENDS upwards
  - Use = instead of += for CONFIGURE_ARGS and USES
  - Convert to options helper
  - Use TEST_TARGET

Changes:	https://unbound.nlnetlabs.nl/pipermail/unbound-users/2016-December/004587.html
PR:		215322
Submitted by:	Jaap Akkerhuis <jaap@NLnetLabs.nl> (maintainer)

Mark as broken on aarch64: fails to link with sbrk.

While here, pet portlint and remove stale ia64 lines.

Approved by:	portmgr (tier-2 blanket)

Update to version 1.5.10

In this release there is a fix for long downtime after connectivity
loss, which was a longstanding unsolved issue.  Features for tcp, TCP
Fast Open and timeout pressure to close connections when the tcp
connections are getting full.  Option to use ipv6 /64 for extra entropy.

Features
- Create a pkg-config file for libunbound in contrib.
- TCP Fast open patch from Sara Dickinson.
- Finegrained localzone control with define-tag, access-control-tag,
  access-control-tag-action, access-control-tag-data, local-zone-tag, and
  local-zone-override. And added types always_transparent, always_refuse,
  always_nxdomain with that.
- If more than half of tcp connections are in use, a shorter timeout

Do not auto-enable unbound munin plugins when installing unbound.

PR:		211999
Submitted by:	maintainer
Reported by:	wollman
Sponsored by:	Absolight

dns/unbound: update to 1.5.9

PR:		210257
Submitted by:	jaap@NLnetLabs.nl (maintainer)

Remove ${PORTSDIR}/ from dependencies, categories d, e, f, and g.

With hat:	portmgr
Sponsored by:	Absolight

- Update unbound to version 1.5.8

- add OPTION for DNSTAP logging support
- rename OPTION s/MUNIN/MUNIN_PLUGIN/ so it is consistent with nsd
- use OPTIONS_SUB
- use ${opt}_target
- use @sample macro for unbound.conf
- sort pkg-plist

Features
- ip-transparent option for FreeBSD with IP_BINDANY socket option.
- insecure-lan-zones: yesno config option, patch from Dag-Erling Smorgrav.
- RR Type CSYNC support RFC 7477, in debug printout and config input.
- RR Type OPENPGPKEY support (draft-ietf-dane-openpgpkey-07).
- [bugzilla: 731 ] tcp-mss, outgoing-tcp-mss options for unbound.conf, patch

assign port to the new maintainer (jaap@NLnetLabs.nl)

Submitted by:	sem@FreeBSD.org (maintainer) via private email

- Update unbound to 1.5.7
- Bump PORTREVISIOn on dependent ports

Some Upgrade Notes:

This release fixes a validation failure for nodata with wildcards and
emptynonterminals. Fixes OpenSSL Library compability. Fixes correct
response for malformed EDNS queries. For crypto in libunbound there is
libnettle support.

Qname minimisation is implemented. Use qname-minimisation: yes to
enable it. This version sends the full query name when an error is
found for intermediate names. It should therefore not fail for names
on nonconformant servers. It combines well with
harden-below-nxdomain: yes because those nxdomains are probed by the

- Update to 1.5.5

- Fix LibreSSL issue (from upstream)
- Add autoreconf to USES
- Satisfy portlint -AC
- Add regress-test target
- Back FILTER_AAAA option

PR:		202407
Submitted by:	brnrd

- Update to 1.5.4
- Disable FILTER_AAAA option. The patch is obsolated.

PR:		202385
Submitted by:	edwin

By default libtool replaces -export-symbols <file> with -retain-symbols-file
<file> on ELF systems, but this doesn't really do what -export-symbols is
meant to do.  On GNU ELF systems it converts <file> to a simple version
script first and then uses -version-script instead of -retain-symbols-file.
Let USES=libtool patch libtool scripts to do this on all systems with GNU
ld(1).

Bump PORTREVISION on all ports where the build log contains -export-symbols.

audio/calf: This port builds a module that now exports only one function,
but it also builds a number of executables that link to this module and
expect to see other functions.  Because it's already a bit dodgy to link to
a module (libtool warns about this) let the module continue to export only
one function and instead build an ordinary library from the same source that
the executables can link to.  Fix a number of other issues in the same

- Add CPE info
- Fix LICENSE
- Fix WWW:

Approved by:	portmgr blanket

Use @dir mechanisms to ensure etc/unbound belongs to the unbound user

- Forgotten option description

Submitted by:	darksoul@darkbsd.org