| non port: dns/bind910/Makefile |
Number of commits found: 101 (showing only 100 on this page) |
|
Thursday, 14 Jun 2018
|
15:42 mat 
Include a patch to fix CVE-2018-5738 in all the BIND9 ports.
MFH: 2018Q2 (blanket)
Security: CVE-2018-5738
Sponsored by: Absolight
  |
|
Friday, 25 May 2018
|
12:43 mat
Add BIND9 9.13.0.
The ISC changed their release model, they are now doing
odd-unstable/even-stable release numbering. This is a development
version, consider it alpha/beta quality. The next stable release will
be 9.14.0.
Changes: https://kb.isc.org/article/AA-01612
Sponsored by: Absolight
|
|
Tuesday, 17 Apr 2018
|
08:26 mat
Fix build when LOCALBASE!=/usr/local.
PR: 227554
Submitted by: John Hein
Sponsored by: Absolight
|
|
Thursday, 22 Mar 2018
|
14:13 mat
Enable the FILTER_AAAA option by default, the feature was made non
optional in recent versions, so might as well do it in older ones.
PR: 226383
Sponsored by: Absolight
|
|
Monday, 19 Mar 2018
|
11:21 mat
Update BIND9 ports to 9.9.12, 9.10.7, 9.11.3 and 9.12.1.
Sponsored by: Absolight
|
|
Wednesday, 7 Feb 2018
|
14:29 mat
Teach named where its pid file should be by default, to be consistent
with the default configuration, rc script, man pages...
PR: 225687
Reported by: John W. O'Brien
Sponsored by: Absolight
|
|
Wednesday, 24 Jan 2018
|
10:43 mat
Catch up with the conflicts lines in the BIND9 ports.
Sponsored by: Absolight
|
|
Friday, 19 Jan 2018
|
12:32 mat
Update named.root.
Sponsored by: People afraid of a nuclear holocaust.
|
|
Wednesday, 17 Jan 2018
|
07:59 mat
Update BIND9* to 9.9.11-P1, 9.10.6-P1, 9.11.2-P1 and 9.12.0rc3
MFH: 2018Q1
Security: CVE-2017-3145
Sponsored by: Absolight
|
|
Friday, 12 Jan 2018
|
12:58 mat
Add a TUNING_LARGE option.
https://kb.isc.org/article/AA-01314/0
Tunes certain compiled-in constants and default settings to
values better suited to large servers with 12/16GB+ of memory.
This can improve performance on such servers, but will consume
more memory and may degrade performance on smaller systems.
PR: 224859
Sponsored by: Absolight
|
|
Monday, 8 Jan 2018
|
13:38 mat
Fix altlog_proglist warning when it contains more than the named service.
PR: 224951
Submitted by: Trix Farrar
Sponsored by: Absolight
|
|
Wednesday, 3 Jan 2018
|
13:36 sunpoet
Update devel/json-c to 0.13
- Add TEST_TARGET
- While I'm here, fix shebang for net/opensips
- Bump PORTREVISION of dependent ports for shlib change
Changes: https://github.com/json-c/json-c/blob/master/ChangeLog
PR: 224675
Exp-run by: antoine
|
|
Thursday, 23 Nov 2017
|
13:55 mat
Add an extra check to make sure syslogd is correctly configured when
using chroot.
Sponsored by: Absolight
|
|
Tuesday, 7 Nov 2017
|
15:48 mat
Make a note that dns/bind99 and dns/bind910 will be unsupported in a few
months.
Sponsored by: Absolight
|
15:48 mat
Add a symlink to named's session-keyfile.
Using nsupdate -l, and chroot was broken because nsupdate could not find
the keyfile by itself.
PR: 223403
Submitted by: Harald Schmalzbauer
Sponsored by: Absolight
|
|
Friday, 3 Nov 2017
|
13:20 mat
Enable the PYTHON option by default, it brings a few interesting DNSSEC
tools.
Sponsored by: Absolight
|
|
Wednesday, 25 Oct 2017
|
13:24 mat
Install the mtree file as .sample to allow users to change them.
Sponsored by: Absolight
|
|
Friday, 28 Jul 2017
|
22:57 mat
Update BIND9 ports to 9.{9.11,10.6,11.2}.
Sponsored by: Absolight
|
|
Monday, 10 Jul 2017
|
18:48 mat
Update to 9.{9.10,10.5,11.1}-P3.
Sponsored by: Absolight
|
|
Thursday, 29 Jun 2017
|
20:51 mat
Update to 9.{9.10,10.5,11.1}-P2.
Security: CVE-2017-3142
Security: CVE-2017-3143
Sponsored by: Absolight
|
|
Wednesday, 14 Jun 2017
|
22:54 mat
Update to 9.9.10-P1, 9.10.5-P1, 9.11.1-P1.
MFH: 2017Q2
Security: CVE-2017-3140
Security: CVE-2017-3141
Sponsored by: Absolight
|
|
Thursday, 20 Apr 2017
|
13:12 mat
Update to 9.9.10, 9.10.5, 9.11.1 and 9.12 to latest snapshot.
While there:
Make it more maintainable by sorting stuff in the Makefile and removing
vestigial pre 10.3 things.
Refresh the root zone hints.
"Fix" the configuration section telling you to get some top level
zones from f.root-servers.net, which does not allow axfr any more. [1]
PR: 218656 [1]
Reported by: Thomas Steen Rasmussen / Tykling [1]
MFH: 2017Q2
Sponsored by: Absolight
|
|
Thursday, 13 Apr 2017
|
10:15 mat
Unbreak rndc calls when using non default rndc.key location.
PR: 218335
Sponsored by: Absolight
|
04:09 delphij
Security update to 9.10.4-P6.
Security: c6861494-1ffb-11e7-934d-d05099c0ae8c
Approved by: so
MFH: 2017Q2
|
|
Tuesday, 11 Apr 2017
|
13:59 mat
Remove private URLs that should never have been committed.
Pointy hat: mat
Sponsored by: Absolight
|
|
Wednesday, 8 Feb 2017
|
22:39 mat
Update to 9.9.9-P6, 9.10.4-P6 and 9.11.0-P3.
While there, remove the RPZ_PATCH for BIND9 9.9, it has not been updated
for years, and, it does not build any more.
MFH: 2017Q1
Security: CVE-2017-3135
Sponsored by: Absolight
|
|
Thursday, 12 Jan 2017
|
08:15 mat
Commit the cleanups that should have gone in with the pervious update.
Sponsored by: Absolight
|
07:29 delphij
Security update to 9.10.4-P5.
Approved by: so
Security: d4c7e9a9-d893-11e6-9b4d-d050996490d0
MFH: 2017Q1
|
|
Friday, 9 Dec 2016
|
15:40 mat
Remove bind-tools support from bind910.
Sponsored by: Absolight
|
15:40 mat
Cleanup CONFLICTS.
Sponsored by: Absolight
|
15:02 mat
Fixup libedit for all BIND9 ports, and fix spurious json dependency by
adding an option.
PR: 215170
Reported by: sunpoet
Sponsored by: Absolight
|
14:37 mat
Fix using libedit from ports.
PR: 215170
Reported by: sunpoet
Sponsored by: Absolight
|
|
Wednesday, 2 Nov 2016
|
06:38 delphij
Security update:
dns/bind99: 9.9.9-P3 -> 9.9.9-P4
dns/bind910: 9.10.4-P3 -> 9.10.4-P4
dns/bind911: 9.11.0 -> 9.11.0-P1
Security: CVE-2016-8864
Submitted by: mat
MFH: 2016Q4
|
|
Tuesday, 4 Oct 2016
|
14:37 mat
Remarke MAKE_JOBS_UNSAFE everywhere.
Sponsored by: Absolight
|
|
Friday, 30 Sep 2016
|
12:44 mat
So, on 9, it is failing to build it with jobs.
It builds .a before all the .o that are supposed to go in the .a are
built. Imagine what happens after that...
Reported by: Craig Leres
Sponsored by: Absolight
|
|
Wednesday, 28 Sep 2016
|
12:55 mat
Remove MAKE_JOBS_UNSAFE for BIND9.
It was added in 2009 in r232247 without the reason it was failing, I've
tried with -J 2-10, and can't have one of the BIND9 port fail.
Feel free to add it back, but please, add the reason why it fails.
Sponsored by: Absolight
|
|
Tuesday, 27 Sep 2016
|
16:10 mat
Update BIND9 to latest versions, 9.9.9-P3, 9.10.4-P3, 9.11.0rc3
MFH: 2016Q3
Security: CVE-2016-2776
Sponsored by: Absolight
|
|
Wednesday, 31 Aug 2016
|
12:06 mat
The START_LATE option is not needed by bind-tools.
Sponsored by: Absolight
|
11:59 mat
The NEWSTATS and RRL options were removed in BIND9 9.10, so remove them
from here, also, make the upstream default options default for real.
While there, put back the BIND_TOOLS knobs in bind9-devel.
Sponsored by: Absolight
|
|
Monday, 8 Aug 2016
|
12:29 mat
Convert to USES=ssl.
Sponsored by: Absolight
|
|
Tuesday, 19 Jul 2016
|
11:30 mat
BIND9 update, 9.9.9-P2, 9.10.4-P2, 9.11.0b2 and latest 9.12 snapshot.
MFH: 2016Q3
Security: CVE-2016-2775
Changes: https://lists.isc.org/pipermail/bind-announce/2016-July/000996.html
Changes: https://lists.isc.org/pipermail/bind-announce/2016-July/000997.html
Changes: https://lists.isc.org/pipermail/bind-announce/2016-July/000998.html
Changes: https://lists.isc.org/pipermail/bind-announce/2016-July/000999.html
Sponsored by: Absolight
|
|
Monday, 4 Jul 2016
|
09:47 mat
Introduce BIND9 9.11.0b1. (beta1)
BIND 9.11 brings many changes to BIND, including a new license
(the Mozilla Public License 2.0 -- you can read about it here:
https://www.isc.org/blogs/bind9-adopts-the-mpl-2-0-license-with-bind-9-11-0/)
and many new features, including:
- Catalog zones, a new way to provision zones on slave servers
- dyndb api, a fast new api enabling BIND to serve zones stored
in a database (Developed by Petr Spacek of RedHat)
- RNDC showzone, view-only mode and other improvements
- dnstap query and response logging (Robert Edmonds is the author
of dnstap, see www.dnstap.info)
- EDNS Client-subnet (authoritative server functions)
- DNSSEC key manager, a new utility (Thanks to Sebastian Castro
for helping with development.)
- Automatic CDS/CDSKEY generation
- Negative Trust Anchors for DNSSEC validators
- IPv6 bias to encourage use of IPv6 DNS servers
- Minimal response to "any" queries (Thanks to Tony Finch for
the contribution)
- DNS Cookies are now enabled by default, using the standardized code point
Changes: https://lists.isc.org/pipermail/bind-announce/2016-June/000994.html
Sponsored by: Absolight
|
|
Thursday, 16 Jun 2016
|
13:23 mat
Fix usage of WITH_OPENSSL_BASE, WITH_OPENSSL_PORT and OPENSSL_PORT.
WITH_OPENSSL_* can't be set after bsd.port.pre.mk.
Fold all other usage into using SSL_DEFAULT == foo
PR: 210149
Submitted by: mat
Exp-run by: antoine
Sponsored by: The FreeBSD Foundation, Absolight
Differential Revision: https://reviews.freebsd.org/D6577
|
|
Thursday, 26 May 2016
|
08:54 mat
Update to 9.9.9-P1 and 9.10.4-P1.
Sponsored by: Absolight
|
|
Wednesday, 25 May 2016
|
13:28 mat
Add --with-dlopen=yes to the default options to allow using third
parties dlz drivers.
While there:
- enable the DLZ_FILESYSTEM option by default
- convert to USES=mysql and USES=bdb
Requested by: borius i ua
Sponsored by: Absolight
|
|
Monday, 23 May 2016
|
20:35 amdmi3
Remove NLS, DOCS, EXAMPLES and IPV6 from OPTIONS_DEFAULT, they are enabled by
default anyway and don't need to be listed
Approved by: portmgr blanket
|
|
Friday, 29 Apr 2016
|
10:05 mat
Update to 9.10.4.
While there, update the root hints file.
Sponsored by: Absolight
|
|
Wednesday, 6 Apr 2016
|
13:53 mat
Stop bringing in OpenSSL from ports, it builds fine with the base one on
9, and WITH_OPENSSL_PORT does not belong in a port's Makefile anyway.
Not bumping PORTREVISION because:
- if you are building with poudriere, it will detect that a dependency
has changed and rebuild it.
- if you are building from ports, you will have OpenSSL from ports
installed, and it will choose to use it.
Sponsored by: Absolight
|
|
Friday, 1 Apr 2016
|
14:00 mat
Remove ${PORTSDIR}/ from dependencies, categories d, e, f, and g.
With hat: portmgr
Sponsored by: Absolight
|
|
Wednesday, 9 Mar 2016
|
21:16 mat
Update to 9.9.8-P4, 9.10.3-P4 and latest snapshot.
MFH: 2016Q1 (obviously)
Security: CVE-2016-1285
Security: CVE-2016-1286
Security: CVE-2016-2088
Sponsored by: Absolight
|
|
Tuesday, 19 Jan 2016
|
21:13 mat
Update bind99 to 9.9.8-P3, bind910 to 9.10.3-P3 and bind9-devel to
latest snapshot.
MFH: 2016Q1
Security: CVE-2015-8704
Security: CVE-2015-8705
Sponsored by: Absolight
|
|
Wednesday, 16 Dec 2015
|
00:45 mat
Update BIND9 to the latest patch releases, 9.9.8-P2, 9.10.3-P2, and snapshot.
MFH: 2015Q4
Changes: https://kb.isc.org/article/AA-01326/81/BIND-9.9.8-P2-Release-Notes.html
Changes: https://kb.isc.org/article/AA-01328/81/BIND-9.10.3-P2-Release-Notes.html
Security: CVE-2015-3193
Security: CVE-2015-8000
Security: CVE-2015-8461
Sponsored by: Absolight
|
|
Friday, 25 Sep 2015
|
10:05 mat
Fix build on -CURRENT. [1]
- Force building with libedit
- Bump PORTREVISION to account for accidental succesful builds
PR: 203273 [1]
Sponsored by: Absolight
|
|
Friday, 18 Sep 2015
|
22:11 mat
Fixup gssapi from base.
Submitted by: hrs
Sponsored by: Absolight
|
|
Wednesday, 16 Sep 2015
|
08:12 mat
Update to bind99 to 9.9.8 & bind910 to 9.10.3.
- Add new QUERYTRACE & FETCHLIMIT.
Note that QUERYTRACE is for debug purposes, and will eat your
performances.
- Don't do the PORTREVISION patch if PORTREVISION is 0.
- Regen some patches
Changes: https://lists.isc.org/pipermail/bind-announce/2015-September/000961.html
Changes: https://lists.isc.org/pipermail/bind-announce/2015-September/000962.html
Sponsored by: Absolight
|
|
Wednesday, 2 Sep 2015
|
20:46 mat
Update BIND to 9.9.7-P3 and 9.10.2-P4.
MFH: 2015Q3 (Also needs 393161 395660 395703)
Security: CVE-2015-5722, CVE-2015-5986
Sponsored by: Absolight
|
|
Monday, 31 Aug 2015
|
16:43 mat
Add an option for embedding PORTREVISION in the server's version string.
Sponsored by: Absolight
|
10:06 mat
When not using OpenSSL from ports, do not try to unmount the chrooted
engines directory.
PR: 201423 (based on)
Submitted by: girgen
Sponsored by: Absolight
|
|
Wednesday, 29 Jul 2015
|
14:36 mat
Add an option to enable the bind min override ttl patch.
Requested by: Laurent Frigault
Sponsored by: Absolight
|
|
Tuesday, 28 Jul 2015
|
22:21 mat
Update BIND9.
- 9.9 -> 9.9.7-P2
- 9.10 -> 9.10.2-P3
Security: CVE-2015-5477
Sponsored by: Absolight
|
|
Tuesday, 7 Jul 2015
|
22:15 mat
Update BIND 9.9 to 9.9.7-P1 and 9.10 to 9.10.2-P2.
MFH: 2015Q3
Security: CVE-2015-4620
Sponsored by: Absolight
|
|
Monday, 1 Jun 2015
|
10:13 mat
Make BIND start a bit later (and really *after* ldconfig.) [1]
Add an option to have it start way later.
PR: 200375 [1]
Sponsored by: Absolight
|
|
Monday, 18 May 2015
|
15:33 mat
Typo
Poked by: Peter Blok
Sponsored by: Absolight
|
11:41 mat
Allow BIND 9.10 users to select the old key format when using GOST.[1]
While there, reword the options a bit, and the pkg-help files.
PR: 200031 [1]
Submitted by: Leo Vandewoestijne [1]
Sponsored by: Absolight
|
|
Thursday, 30 Apr 2015
|
14:43 mat
When named.conf was placed somewhere else than %%ETCDIR%%, rndc would stop
working.
PR: 199384
Submitted by: Curtis Villamizar
Sponsored by: Absolight
|
|
Wednesday, 1 Apr 2015
|
22:36 marino
dns/bind99, dns/bind910: support no-base option on DragonFly
Approved by: mat (maintainer)
|
|
Tuesday, 31 Mar 2015
|
15:03 mat
Enhance the error message when running from a jail without devfs.
Sponsored by: Absolight
|
|
Tuesday, 24 Mar 2015
|
15:22 mat
Add chroot back to BIND's startup script.
Differential Revision: https://reviews.freebsd.org/D1952
Sponsored by: Absolight
|
|
Thursday, 26 Feb 2015
|
02:03 mat
Update dns/bind99 to 9.9.7 and dns/bind910 to 9.10.2.
On 8 and 9, use the same configuration path than on 10+, ${PREFIX}/etc/namedb/.
Sponsored by: Absolight
|
|
Wednesday, 18 Feb 2015
|
22:37 mat
Update BIND 9.9 and 9.10 to the latest security patch.
Sponsored by: Absolight
|
21:56 mat
Add a patch for CVE-2015-1349 while I work on updating both ports to the new
version.
Security: CVE-2015-1349
Sponsored by: Absolight
|
|
Thursday, 8 Jan 2015
|
15:22 mat
Fix a few problems bind-tools by not overwritting what's defined in it in
bind910's Makefile.
Sponsored by: Absolight
|
|
Tuesday, 6 Jan 2015
|
15:01 mat
Add a note about running the right BIND daemon on 8 and 9.
Sponsored by: Absolight
|
|
Monday, 5 Jan 2015
|
17:44 mat
Retire REPLACE_BASE option.
While there, reduce changes from bind99 and bind910 ports.
Sponsored by: Absolight
|
|
Monday, 8 Dec 2014
|
17:29 mat
Security update of BIND9 to 9.9.6-P1 and 9.10.1-P1.
Security: CVE-2014-8500 CVE-2014-8680
Sponsored by: Absolight
|
|
Monday, 24 Nov 2014
|
17:41 mat
Fix three ports forgotten by the USE_PGSQL removal. (Fix a typo in devel/upp.)
Sponsored by: Absolight
|
|
Tuesday, 18 Nov 2014
|
23:17 mat
Fix bind-tools PORTREVISION.
Noticed by: Andrei Brezan
Sponsored by: Absolight
|
|
Monday, 17 Nov 2014
|
17:51 mat
Install the bind.keys file with the root and dlv.isc.org keys.
Sponsored by: Absolight
|
|
Wednesday, 22 Oct 2014
|
15:08 mat
Don't install named rc script with bind-tools.
Sponsored by: Absolight
|
|
Tuesday, 23 Sep 2014
|
11:32 mat
And gmake is no longer needed.
Sponsored by: Absolight
|
11:22 mat
Update to 9.10.1.
Sponsored by: Absolight
|
|
Sunday, 7 Sep 2014
|
10:24 mat
configure no longer has problems detecting our arch like it had in bind95's
time, so remove ARCH modification, which leads to other problems, like [1]
PR: 193359 [1]
Submitted by: dinoex [1]
Sponsored by: Absolight
|
|
Monday, 11 Aug 2014
|
17:05 adamw
Bump PORTREVISION on all ports that depend on net/GeoIP for
r364627.
Approved by: portmgr (not really, but touches unstaged ports)
|
|
Thursday, 24 Jul 2014
|
18:34 tijl
net/openldap24-*:
- Convert to USES=libtool and bump dependent ports
- Avoid USE_AUTOTOOLS
- Don't use PTHREAD_LIBS
- Use MAKE_CMD
databases/glom:
- Drop :keepla
- Add INSTALL_TARGET=install-strip
databases/libgda4* databases/libgda5*:
- Convert to USES=libtool and bump dependent ports
- USES=tar:xz
- Use INSTALL_TARGET=install-strip
- Use @sample
databases/libgdamm:
- Drop :keepla
- USES=tar:bzip2
- Use INSTALL_TARGET=install-strip
databases/libgdamm5:
- Add INSTALL_TARGET=install-strip
- Drop --enable-static (inherited from old repocopy)
devel/anjuta x11-toolkits/py-gnome-extras:
- Drop :keepla
dns/powerdns dns/powerdns-devel:
- Convert to USES=libtool
- Add INSTALL_TARGET=install-strip
- Disable static modules
- Stop creating library symlinks with .0 suffix, not needed for dynamically
opened modules
mail/dovecot2:
- Add USES=libtool
mail/dovecot2-pigeonhole:
- Drop CONFIGURE_TARGET (incorrect for Dragonfly)
- Add USES=libtool and INSTALL_TARGET=install-strip
math/gnumeric:
- USES=libtool tar:xz
Approved by: portmgr (implicit, bump unstaged ports)
|
|
Friday, 11 Jul 2014
|
15:38 mat
And it's supposed to be lower case.
Sponsored by: Absolight
|
15:28 mat
Add CPE to BIND9.
Sponsored by: Absolight
|
|
Tuesday, 24 Jun 2014
|
15:15 mat
Add a PYTHON option to bind99 and bind910, it installs a couple of dnssec
related utilities.
Use bind's own Makefiles for installation in bind-tools.
Sponsored by: Absolight
|
|
Wednesday, 18 Jun 2014
|
12:23 mat
Fix dns/bind-tools after the gssapi update.
Also, move it from BIND 9.9 to 9.10, and add delv and nsupdate.
Sponsored by: Absolight
|
|
Tuesday, 17 Jun 2014
|
17:16 mat
Remove test bits.
Pointy hat to: mat
Sponsored by: Absolight
|
15:01 mat
Convert dns/bind9* to USES=gssapi.
Sponsored by: Absolight
|
|
Thursday, 12 Jun 2014
|
14:20 mat
Update to 9.10.0-P2
Changes: https://lists.isc.org/pipermail/bind-announce/2014-June/000914.html
Security: CVE-2014-3859
Sponsored by: Absolight
|
|
Friday, 6 Jun 2014
|
10:59 mat
Don't install rndc.conf
It is generated by the rc script during the first startup. And if
the file is present, it messes up the rndc.key generation.
Poked by: Alain Audebert
Sponsored by: Absolight
|
|
Saturday, 17 May 2014
|
21:30 mat
Fix build with GOST (on 10, base OpenSSL doesn't have it)
Make sure OpenSSL from ports is used < 10.
Sponsored by: Absolight
|
|
Wednesday, 14 May 2014
|
23:59 mat
Make GOST in BIND 9.* optional
Test Plan: Currently testing in poudriere
Differential Revision: https://phabric.freebsd.org/D12
|
|
Thursday, 8 May 2014
|
21:48 mat
Update to 9.10.0-P1.
Changes: https://lists.isc.org/pipermail/bind-announce/2014-May/000909.html
Security: CVE-2014-3214
Sponsored by: Absolight
|
|
Friday, 2 May 2014
|
11:51 mat
Update to 9.10.0
Changes: https://lists.isc.org/pipermail/bind-announce/2014-May/000908.html
Relnotes: yes (if applicable to ports)
Sponsored by: Absolight
|
|
Monday, 28 Apr 2014
|
15:42 mat
Update to 9.10.0.rc2
- Remove REPLACE_BASE option, I should have done so when adding 9.10.0.rc1
- Clean the Makefile a bit
Changes: https://lists.isc.org/pipermail/bind-announce/2014-April/000907.html
Sponsored by: Absolight
|
|
Thursday, 17 Apr 2014
|
16:43 mat
Fix the rc script reload command.
Noticed by: David Samms
Sponsored by: Absolight
|
|
Wednesday, 16 Apr 2014
|
19:03 zeising
Bump portrevision for shlib change in libxml2
Approved by: portmgr (bdrewery, implicit)
|
|
Thursday, 10 Apr 2014
|
20:43 mat
Two changes to the RC script
- Add a dependency on ldconfig
- Allow people to change the pidfile
PR: 188439
Submitted by: Oliver Lehmann
Sponsored by: Absolight
|
Number of commits found: 101 (showing only 100 on this page) |
As an Amazon Associate I earn from qualifying purchases.