| blob | 6155ca94d664f2fc1746fa43db34f7b492d6a919 |
2 --- 9.2.4rc7 released ---
4 1694. [bug] Report if the builtin views of "_default" / "_bind"
5 are defined in named.conf. [RT #12023]
7 1692. [bug] Don't set -I, -L and -R flags when libcrypto is in
8 /usr/lib. [RT #11971]
10 1691. [bug] sdb's attachversion was not complete. [RT #11990]
12 1690. [bug] Delay detaching view from the client until UPDATE
13 processing completes when shutting down. [RT #11714]
15 1689. [bug] DNS_NAME_TOREGION() macros contained a gratuitous
16 semicolons. [RT #11707]
18 1688. [bug] LDFLAGS was not supported.
20 1687. [bug] Race condition in dispatch. [RT #10272]
22 1686. [bug] Named sent a extraneous NOTIFY when it received a
23 redundant UPDATE request. [RT #11943]
25 --- 9.2.4rc6 released ---
27 1685. [bug] Change #1679 loop tests weren't quite right.
29 1682. [port] Update configure test for (long long) printf format.
30 [RT #5066]
32 1681. [bug] Only set SO_REUSEADDR when a port is specified in
33 isc_socket_bind(). [RT #11742]
35 1679. [bug] When there was a single nameserver with multiple
36 addresses for a zone not all addresses were tried.
37 [RT #11706]
39 1672. [cleanup] Tests which only function in a threaded build
40 now return R:THREADONLY (rather than R:UNTESTED)
41 in a non-threaded build.
43 1671. [contrib] queryperf: add NAPTR to the list of known types.
45 1669. [bug] Restore "update forwarding denied" log messages
46 accidentally suppressed by change #1633. [RT# 11657]
48 1660. [bug] win32: connection_reset_fix() was being called
49 unconditionally. [RT #11595]
51 --- 9.2.4rc5 released ---
53 1655. [bug] Logging multiple versions w/o a size was broken.
54 [RT #11446]
56 1654. [bug] isc_result_totext() contained array bounds read
57 error.
59 1650. [bug] dig, nslookup: flush standard out after each command.
61 1649. [bug] Silence "unexpected non-minimal diff" message.
62 [RT #11206]
64 1646. [bug] win32: logging file versions didn't work with
65 non-UNC filenames. [RT#11486]
67 1644. [bug] Update the journal modification time after a
68 sucessfull refresh query. [RT #11436]
70 1643. [bug] dns_db_closeversion() could leak memory / node
71 references. [RT #11163]
73 --- 9.2.4rc4 released ---
75 1640. [bug] win32: isc_socket_cancel(ISC_SOCKCANCEL_ACCEPT) was
76 incorrectly closing the socket. [RT #11291]
78 1634. [bug] named didn't supply a useful error message when it
79 detected duplicate views. [RT #11208]
81 1633. [bug] named should return NOTIMP to update requests to a
82 slaves without a allow-update-forwarding acl specified.
83 [RT #11331]
85 1632. [bug] nsupdate failed to send prerequisite only UPDATE
86 messages. [RT #11288]
88 1627. [bug] win32: sockets were not being closed when the
89 last external reference was removed. [RT# 11179]
91 --- 9.2.4rc3 released ---
93 1623. [bug] A serial number of zero was being displayed in the
94 "sending notifies" log message when also-notify was
95 used. [RT #11177]
97 1621. [bug] match-destinations did not work for IPv6 TCP queries.
98 [RT# 11156]
100 1619. [bug] Missing ISC_LIST_UNLINK in end_reserved_dispatches().
101 [RT# 11118]
103 1617. [port] win32: VC++ 6.0 support.
105 1616. [compat] Ensure that named's version is visible in the core
106 dump. [RT #11127]
108 1615. [port] Define ISC_SOCKADDR_LEN_T based on _BSD_SOCKLEN_T_ if
109 it is defined.
111 1614. [port] win32: silence resource limit messages. [RT# 11101]
113 1610. [bug] On dual stack machines "dig -b" failed to set the
114 address type to be looked up with "@server".
115 [RT #11069]
117 1600. [bug] Duplicate zone pre-load checks were not case
118 insensitive.
120 1599. [bug] Fix memory leak on error path when checking named.conf.
122 --- 9.2.4rc2 released ---
124 1607. [bug] dig, host and nslookup were still using random()
125 to generate query ids. [RT# 11013]
127 1604. [bug] A xfrout_ctx_create() failure would result in
128 xfrout_ctx_destroy() being called with a
129 partially initialized structure.
131 1603. [bug] nsupdate: set interactive based on isatty().
132 [RT# 10929]
134 1602. [bug] Logging to a file failed unless a size was specified.
135 [RT# 10925]
137 1601. [bug] Silence spurious warning 'both "recursion no;" and
138 "allow-recursion" active' warning from view "_bind".
139 [RT# 10920]
141 1455. [bug] <netaddr> missing from server grammar in
142 doc/misc/options. [RT #5616]
144 1593. [bug] rndc should return "unknown command" to unknown
145 commands. [RT# 10642]
147 --- 9.2.4rc1 released ---
149 1592. [bug] configure_view() could leak a dispatch. [RT# 10675]
151 1591. [bug] libbind: updated to BIND 8.4.5.
153 1590. [port] netbsd: update thread support.
155 1588. [bug] win32: TCP sockets could become blocked. [RT #10115]
157 1587. [bug] dns_message_settsigkey() failed to clear existing key.
158 [RT #10590]
160 1585. [bug] allow-v6-synthesis was not performing lookups under
161 IP6.INT. allow-v6-synthesis now performs a nibble
162 lookups under IP6.ARPA rather than a bitstring lookups.
163 [RT #10497]
165 NOTE: allow-v6-synthesis has been deprecated.
167 1584. [bug] "make test" failed with a read only source tree.
168 [RT #10461]
170 1583. [bug] Records add via UPDATE failed to get the correct trust
171 level. [RT #10452]
173 1582. [bug] rrset-order failed to work on RRsets with more
174 than 32 elements. [RT #10381]
176 1580. [bug] Zone destruction on final detach takes a long time.
177 [RT #3746]
179 1579. [bug] Multiple task managers could not be created.
181 1578. [bug] Don't use CLASS E IPv4 addresses when resolving.
182 [RT #10346]
184 1577. [bug] Use isc_uint32_t in ultrasparc optimizer bug
185 workaround code. [RT #10331]
187 1576. [bug] Race condition in dns_dispatch_addresponse().
188 [RT# 10272]
190 1574. [bug] Don't attempt to open the controls socket(s) when
191 running tests. [RT #9091]
193 1573. [port] linux: update to libtool 1.5.2 so that
194 "make install DESTDIR=/xx" works with
195 "configure --with-libtool". [RT #9941]
197 1572. [bug] nsupdate: sign the soa query to find the enclosing
198 zone if the server is specified. [RT #10148]
200 1571. [bug] rbt:hash_node() could fail leaving the hash table
201 in an inconsistent state. [RT #10208]
203 1570. [bug] nsupdate failed to handle classes other than IN.
204 New keyword 'class' which sets the default class.
205 [RT #10202]
207 1568. [bug] nsupdate now reports that the update failed in
208 interactive mode. [RT# 10236]
210 1567. [bug] B.ROOT-SERVERS.NET is now 192.228.79.201.
212 1566. [port] Support for the cmsg framework on Solaris and HP/UX.
213 This also solved the problem that match-destinations
214 for IPv6 addresses did not work on these systems.
215 [RT #10221]
217 1563. [bug] Gracefully fail when unable to obtain neither an IPv4
218 nor an IPv6 dispatch. [RT #10230]
220 1562. [bug] isc_socket_create() and isc_socket_accept() could
221 leak memory under error conditions. [RT #10230]
223 1561. [bug] It was possible to release the same name twice if
224 named ran out of memory. [RT #10197]
226 1559. [port] named should ignore SIGFSZ.
228 1556. [bug] nsupdate now treats all names as fully qualified.
229 [RT #6427]
231 1553. [bug] The windows socket code could stop accepting
232 connections.
234 1552. [bug] Accept NOTIFY requests from mapped masters if
235 matched-mapped is set. [RT #10049]
237 1551. [port] Open "/dev/null" before calling chroot().
239 1550. [port] Call tzset(), if available, before calling chroot().
241 1547. [bug] Named wasted memory recording duplicate lame zone
242 entries. [RT #9341]
244 1546. [bug] We were rejecting valid secure CNAME to negative
245 answers.
247 1545. [bug] It was possible to leak memory if named was unable to
248 bind to the specified transfer source and TSIG was
249 being used. [RT #10120]
251 1544. [bug] Named would logged a single entry to a file despite it
252 being over the specified size limit.
254 1543. [bug] Logging using "versions unlimited" did not work.
256 1542. [bug] Reversed timestamp sanity test on SIG. [RT #10095]
258 1540. [bug] "rndc reload <dynamiczone>" was silently accepted.
259 [RT #8934]
261 1539. [bug] Open UDP sockets for notify-source and transfer-source
262 that use reserved ports at startup. [RT #9475]
264 1536. [bug] Windows socket code failed to log a error description
265 when returning ISC_R_UNEXPECTED. [RT #9998]
267 1535. [bug] dig -x of a partial IPv4 address broken. [RT# 9949]
269 1534. [bug] Race condition when priming cache. [RT# 9940]
271 1533. [func] Warn if both "recursion no;" and "allow-recursion"
272 are active. [RT# 4389]
274 1532. [port] netbsd: the configure test for <sys/sysctl.h>
275 requires <sys/param.h>.
277 1531. [port] AIX more libtool fixes.
279 1530. [bug] It was possible to trigger a INSIST() failure if a
280 slave master file was removed at just the correct
281 moment. [RT #9462]
283 1529. [bug] "notify explicit;" failed to log that NOTIFY messages
284 were being sent for the zone. [RT #9442]
286 1025. [bug] Don't use multicast addresses to resolve iterative
287 queries. [RT #101]
289 --- 9.2.3 released ---
291 1525. [bug] dns_cache_create() could trigger a REQUIRE
292 failure in isc_mem_put() during error cleanup.
294 1524. [port] AIX needs to be able to resolve all symbols when
295 creating shared libraries (--with-libtool).
297 1523. [bug] Fix race condition in rbtdb. [RT# 9189]
299 1522. [bug] dns_db_findnode() relax the requirements on 'name'.
300 [RT# 9286]
302 1518. [bug] dns_nxt_buildrdata(), and hence dns_nxt_build(),
303 contained a off-by-one error when working out the
304 number of octets in the bitmap.
306 1514. [bug] named: isc_hash_destroy() was being called too early.
307 [RT #9160]
309 1513. [doc] Add "US" to root-delegation-only exclude list.
311 --- 9.2.3rc4 released ---
313 1512. [bug] Extend the delegation-only logging to return query
314 type, class and responding nameserver.
316 1511. [bug] delegation-only was generating false positives
317 on negative answers from subzones.
319 --- 9.2.3rc3 released ---
321 1510. [func] New view option "root-delegation-only". Apply
322 delegation-only check to all TLDs and root.
323 Note there are some TLDs that are NOT delegation
324 only (e.g. DE, LV, US and MUSEUM) these can be excluded
325 from the checks by using exclude.
327 root-delegation-only exclude {
328 "DE"; "LV"; "US"; "MUSEUM";
329 };
331 1509. [bug] Hint zones should accept delegation-only. Forward
332 zone should not accept delegation-only.
334 1508. [bug] Don't apply delegation-only checks to answers from
335 forwarders.
337 1507. [bug] Handle BIND 8 style returns to NS queries to parents
338 when making delegation-only checks.
340 1506. [bug] Wrong return type for dns_view_isdelegationonly().
342 --- 9.2.3rc2 released ---
344 1505. [bug] Uninitialized rdataset in sdb. [RT #8750]
346 1504. [func] New zone type "delegation-only".
348 1503. [port] win32: install libeay32.dll outside of system32.
350 --- 9.2.3rc1 released ---
352 1499. [bug] isc_random need to be seeded better if arc4random()
353 is not used.
355 1498. [port] bsdos: 5.x support.
357 1497. [protocol] dig, nslookup and host now perform nibble lookups
358 under IP6.ARPA, use -i for IP6.INT (dig and host).
359 lwres now uses IP6.ARPA.
361 1496. [port] test for pthread_attr_setstacksize().
363 1495. [cleanup] Replace hash functions with universal hash.
365 1494. [security] Turn on RSA BLINDING as a precaution.
367 1493. [doc] A6 and "bitstring" labels are now experimental.
369 1492. [cleanup] Preserve rwlock quota context when upgrading /
370 downgrading. [RT #5599]
372 1491. [bug] dns_master_dump*() would produce extraneous $ORIGIN
373 lines. [RT #6206]
375 1490. [bug] Accept reading state as well as working state in
376 ns_client_next(). [RT #6813]
378 1489. [compat] Treat 'allow-update' on slave zones as a warning.
379 [RT #3469]
381 1488. [bug] Don't override trust levels for glue addresses.
382 [RT #5764]
384 1487. [bug] A REQUIRE() failure could be triggered if a zone was
385 queued for transfer and the zone was then removed.
386 [RT #6189]
388 1486. [bug] isc_print_snprintf() '%%' consumed one too many format
389 characters. [RT# 8230]
391 1485. [bug] gen failed to handle high type values. [RT #6225]
393 1484. [bug] The number of records reported after a AXFR was wrong.
394 [RT #6229]
396 1483. [bug] dig axfr failed if the message id in the answer failed
397 to match that in the request. Only the id in the first
398 message is required to match. [RT #8138]
400 1482. [bug] named could fail to start if the kernel supports
401 IPv6 but no interfaces are configured. Similarly
402 for IPv4. [RT #6229]
404 1481. [bug] Refresh and stub queries failed to use masters keys
405 if specified. [RT #7391]
407 1480. [bug] Provide replay protection for rndc commands. Full
408 replay protection requires both rndc and named to
409 be updated. Partial replay protection (limited
410 exposure after restart) is provided if just named
411 is updated.
413 1479. [bug] cfg_create_tuple() failed to handle out of
414 memory cleanup. parse_list() would leak memory
415 on syntax errors.
417 1478. [port] ifconfig.sh didn't account for other virtual
418 interfaces. It now takes a optional argument
419 to specify the first interface number. [RT #3907]
421 1477. [bug] memory leak using stub zones and TSIG.
423 1476. [port] win32: port unreachables were blocking further i/o
424 on sockets (Windows 2000 SP2 and later).
426 1473. [bug] create_map() and create_string() failed to handle out
427 of memory cleanup. [RT #6813]
429 1472. [contrib] idnkit-1.0 from JPNIC, replaces mdnkit.
431 1471. [bug] libbind: updated to BIND 8.4.0.
433 1470. [bug] Incorrect length passed to snprintf. [RT #5966]
435 1466. [bug] lwresd configuration errors resulted in memory
436 and lock leaks. [RT #5228]
438 1465. [bug] isc_base64_decodestring() and isc_base64_tobuffer()
439 failed to check that trailing bits were zero allowing
440 some invalid base64 strings to be accepted. [RT #5397]
442 1464. [bug] Preserve "out of zone" data for outgoing zone
443 transfers. [RT #5192]
445 1463. [bug] dns_rdata_from{wire,struct}() failed to catch bad
446 NXT bit maps. [RT #5577]
448 1462. [bug] parse_sizeval() failed to check the token type.
449 [RT #5586]
451 1461. [bug] Remove deadlock from rbtdb code. [RT #5599]
453 1460. [bug] inet_pton() failed to reject certain malformed
454 IPv6 literals.
456 1459. [bug] win32: we were leaking a bits in the exception
457 fd_set resulting in "Socket operation on non-socket"
458 errors from select(). [RT #2966]
460 1456. [contrib] gen-data-queryperf.py from Stephane Bortzmeyer.
462 1453. [doc] ARM: $GENERATE example wasn't accurate. [RT #5298]
464 1452. [bug] Bad #ifdef, ISC_RFC2335 -> ISC_RFC2535.
466 1451. [bug] rndc-confgen didn't exit with a error code for all
467 failures. [RT #5209]
469 1450. [bug] Fetching expired glue failed under certain
470 circumstances. [RT #5124]
472 1449. [bug] query_addbestns() didn't handle running out of memory
473 gracefully.
475 1448. [bug] Handle empty wildcards labels.
477 1447. [bug] We were casting (unsigned int) to and from (void *).
478 rdataset->private4 is now rdataset->privateuint4
479 to reflect a type change.
481 1445. [bug] DNS_ADBFIND_STARTATROOT broke stub zones. This has
482 been replaced with DNS_ADBFIND_STARTATZONE which
483 causes the search to start using the closest zone.
485 1439. [bug] Named could return NOERROR with certain NOTIFY
486 failures. Return NOTAUTH if the NOTIFY zone is
487 not being served.
489 1435. [bug] zmgr_resume_xfrs() was being called read locked
490 rather than write locked. zmgr_resume_xfrs()
491 was not being called if the zone was being
492 shutdown.
494 1437. [bug] Leave space for stdio to work in. [RT #5033]
496 1434. [bug] "rndc reconfig" failed to initiate the initial
497 zone transfer of new slave zones.
499 1431. [bug] isc_print_snprintf() "%s" with precision could walk off
500 end of argument. [RT #5191]
502 1429. [bug] Prevent the cache getting locked to old servers.
504 1424. [bug] EDNS version not being correctly printed.
506 1423. [contrib] queryperf: added A6 and SRV.
508 1420. [port] solaris: work around gcc optimizer bug.
510 1419. [port] openbsd: use /dev/arandom. [RT #4950]
512 1418. [bug] 'rndc reconfig' did not cause new slaves to load.
514 1416. [bug] Empty node should return NOERROR NODATA, not NXDOMAIN.
515 [RT #4715]
517 1411. [bug] empty nodes should stop wildcard matches. [RT #4802]
519 1408. [bug] "make distclean" was not complete. [RT #4700]
521 1407. [bug] lfsr incorrectly implements the shift register.
522 [RT #4617]
524 1406. [bug] dispatch initializes one of the LFSR's with a incorrect
525 polynomial. [RT #4617]
527 1405. [func] Use arc4random() if available.
529 1401. [bug] adb wasn't clearing state when the timer expired.
531 1399. [bug] Use serial number arithmetic when testing SIG
532 timestamps. [RT #4268]
534 1397. [bug] J.ROOT-SERVERS.NET is now 192.58.128.30.
536 1389. [bug] named could fail to rotate long log files. [RT #3666]
538 1388. [port] irix: check for sys/sysctl.h and NET_RT_IFLIST before
539 defining HAVE_IFLIST_SYSCTL. [RT #3770]
541 1387. [bug] named could crash due to an access to invalid memory
542 space (which caused an assertion failure) in
543 incremental cleaning. [RT #3588]
545 1385. [bug] Setting serial-query-rate to 10 would trigger a
546 REQUIRE failure.
548 1384. [bug] host was incompatible with BIND 8 in its exit code and
549 in the output with the -l option. [RT #3536]
551 1373. [bug] Recovery from expired glue failed under certain
552 circumstances.
554 1372. [bug] named crashes with an assertion failure on exit when
555 sharing the same port for listening and querying, and
556 changing listening addresses several times. [RT# 3509]
558 1370. [bug] dig '+[no]recurse' was incorrectly documented.
560 1369. [bug] Adding an NS record as the lexicographically last
561 record in a secure zone didn't work.
563 1366. [contrib] queryperf usage was incomplete. Add '-h' for help.
565 1348. [port] win32: Rewrote code to use I/O Completion Ports
566 in socket.c and eliminating a host of socket
567 errors. Performance is enhanced.
569 1333. [contrib] queryperf now reports a summary of returned
570 rcodes (-c), rcodes are printed in mnemonic form (-v).
572 1299. [bug] Set AI_ADDRCONFIG when looking up addresses
573 via getaddrinfo() (affects dig, host, nslookup, rndc
574 and nsupdate).
576 1199. [doc] ARM reference to RFC 2157 should have been RFC 1918.
577 [RT #2436]
579 1122. [tuning] Resolution timeout reduced from 90 to 30 seconds.
580 [RT #2046]
582 992. [doc] dig: ~/.digrc is now documented.
584 --- 9.2.2 released ---
586 1428. [port] hpux: temporary work around of hpux 11.11 interface
587 scanning.
589 1427. [bug] Race condition in adb with threaded build.
591 1426. [cleanup] Disable RFC2535 style DNSSEC. This is incompatible
592 with the forthcoming DS style DNSSEC.
594 1425. [port] linux/libbind: define __USE_MISC when testing *_r()
595 function prototypes in netdb.h. [RT #4921]
597 1395. [port] OpenSSL 0.9.7 defines CRYPTO_LOCK_ENGINE but doesn't
598 have a working implementation. [RT #4079]
600 1382. [bug] make install failed with --enable-libbind. [RT #3656]
602 1381. [bug] named failed to correctly process answers that
603 contained DNAME records where the resulting CNAME
604 resulted in a negative answer.
606 --- 9.2.2rc1 released ---
608 1360. [bug] --enable-libbind would fail when not built in the
609 source tree for certain OS's.
611 1359. [security] Support patches OpenSSL libraries.
612 http://www.cert.org/advisories/CA-2002-23.html
614 1358. [bug] It was possible to trigger a INSIST when debugging
615 large dynamic updates. [RT #3390]
617 1357. [bug] nsupdate was extremely wasteful of memory.
619 1356. [tuning] Reduce the number of events / quantum for zone tasks.
621 1354. [doc] lwres man pages had illegal nroff.
623 1353. [contrib] sdb/ldap to version 0.9.
625 1352. [bug] dig, host, nslookup when falling back to TCP use the
626 current search entry (if any). [RT #3374]
628 1351. [bug] lwres_getipnodebyname() returned the wrong name
629 when given a IPv4 literal, af=AF_INET6 and AI_MAPPED
630 was set.
632 1350. [bug] dns_name_fromtext() failed to handle too many labels
633 gracefully.
635 1349. [security] Minimum OpenSSL version now 0.9.6e (was 0.9.5a).
636 http://www.cert.org/advisories/CA-2002-23.html
638 1346. [bug] Win32: select timeout in socket.c was too small
639 as value given was meant to be milliseconds and
640 timeval structure requires microseconds. This
641 caused high CPU loads with a compute bound loop.
642 [RT #3358]
644 1345. [port] Use a explicit -Wformat with gcc. Not all versions
645 include it in -Wall.
647 1340. [bug] Delay and spread out the startup refresh load.
649 1335. [bug] When performing a nonexistence proof, the validator
650 should discard parent NXTs from higher in the DNS.
652 1334. [bug] When signing/verifying rdatasets, duplicate rdatas
653 need to be suppressed.
655 1330. [bug] When processing events (non-threaded) only allow
656 the task one chance to use to use its quantum.
658 1327. [bug] The validator would incorrectly mark data as insecure
659 when seeing a bogus signature before a correct
660 signature.
662 1326. [bug] DNAME/CNAME signatures were not being cached when
663 validation was not being performed. [RT #3284]
665 1325. [bug] If the tcpquota was exhausted it was possible to
666 to trigger a INSIST() failure.
668 1324. [port] darwin: ifconfig.sh now supports darwin.
670 1323. [port] linux: Slackware 4.0 needs <asm/unistd.h>. [RT #3205]
672 1320. [doc] query-source-v6 was missing from options section.
673 [RT #3218]
675 1319. [func] libbind: log attempts to exploit #1318.
677 1318. [bug] libbind: Remote buffer overrun.
679 1317. [port] libbind: TrueUNIX 5.1 does not like __align as a
680 element name.
682 1316. [bug] libbind: gethostans() could get out of sync parsing
683 the response if there was a very long CNAME chain.
685 1315. [bug] Options should apply to the internal _bind view.
687 1314. [port] Handle ECONNRESET from sendmsg() [unix].
689 1311. [bug] lwres_getrrsetbyname leaked memory. [RT #3159]
691 1310. [bug] 'rndc stop' failed to cause zones to be flushed
692 sometimes. [RT #3157]
694 1307. [bug] nsupdate: allow white space base64 key data.
696 1306. [bug] Badly encoded LOC record when the size, horizontal
697 precision or vertical precision was 0.1m.
699 1305. [bug] Document that internal zones are included in the
700 rndc status results.
702 1298. [bug] The CINCLUDES macro in lib/dns/sec/dst/Makefile
703 could be left with a trailing "\" after configure
704 has been run.
706 1297. [port] linux: make handling EINVAL from socket() no longer
707 conditional on #ifdef LINUX.
709 1296. [bug] isc_log_closefilelogs() needed to lock the log
710 context.
712 1295. [bug] isc_log_setdebuglevel() needed to lock the log
713 context.
715 1294. [func] libbind: no longer attempts bit string labels for
716 IPv6 reverse resolution. Try IP6.ARPA then IP6.INT
717 for nibble style resolution.
719 1289. [port] See if -ldl is required for OpenSSL? [RT #2672]
721 1288. [bug] Adjusted REQUIRE's in lib/dns/name.c to better
722 reflect written requirements.
724 1287. [bug] REQUIRE that DNS_DBADD_MERGE only be set when adding
725 a rdataset to a zone db in the rbtdb implementation of
726 addrdataset.
728 1286. [bug] dns_name_downcase() enforce requirement that
729 target != NULL or name->buffer != NULL.
731 1284. [bug] The RTT estimate on unused servers was not aged.
732 [RT #2569]
734 1282. [port] libbind: hpux 11.11 interface scanning.
736 1280. [bug] libbind: escape '(' and ')' when converting to
737 presentation form.
739 1279. [port] Darwin uses (unsigned long) for size_t. [RT #2590]
741 1276. [bug] libbind: const pointer conflicts in res_debug.c.
743 1275. [port] libbind: hpux: treat all hpux systems as BIG_ENDIAN.
745 1274. [bug] Memory leak in lwres_gnbarequest_parse().
747 1273. [port] libbind: solaris: 64 bit binary compatibility.
749 1272. [contrib] Berkeley DB 4.0 sdb implementation from
750 Nuno Miguel Rodrigues <nmr@co.sapo.pt>.
752 1270. [bug] Check that system inet_pton() and inet_ntop() support
753 AF_INET6.
755 1269. [port] Openserver: ifconfig.sh support.
757 1268. [port] Openserver: the value FD_SETSIZE depends on whether
758 <sys/param.h> is included or not. Be consistent.
760 1266. [bug] ISC_LINK_INIT, ISC_LINK_UNLINK, ISC_LIST_DEQUEUE,
761 __ISC_LINK_UNLINKUNSAFE and __ISC_LIST_DEQUEUEUNSAFE
762 are not C++ compatible, use *_TYPE versions instead.
764 1265. [bug] libbind: LINK_INIT and UNLINK were not compatible with
765 C++, use LINK_INIT_TYPE and UNLINK_TYPE instead.
767 1263. [bug] Reference after free error if dns_dispatchmgr_create()
768 failed.
770 1262. [bug] ns_server_destroy() failed to set *serverp to NULL.
772 1261. [func] libbind: ns_sign2() and ns_sign_tcp() now provide
773 support for compressed TSIG owner names.
775 1260. [func] libbind: res_update can now update IPv6 servers,
776 new function res_findzonecut2().
778 1259. [bug] libbind: get_salen() IPv6 support was broken for OSs
779 w/o sa_len.
781 1258. [bug] libbind: res_nametotype() and res_nametoclass() were
782 broken.
784 1257. [bug] Failure to write pid-file should not be fatal on
785 reload. [RT #2861]
787 1256. [contrib] 'queryperf' now has EDNS (-e) + DNSSEC DO (-D) support.
789 1255. [bug] When verifying that an NXT proves nonexistence, check
790 the rcode of the message and only do the matching NXT
791 check. That is, for NXDOMAIN responses, check that
792 the name is in the range between the NXT owner and
793 next name, and for NOERROR NODATA responses, check
794 that the type is not present in the NXT bitmap.
796 1253. [bug] The dnssec system test failed to remove the correct
797 files.
799 1252. [bug] Dig, host and nslookup were not checking the address
800 the answer was coming from against the address it was
801 sent to. [RT# 2692]
803 1248. [bug] DESTDIR was not being propagated between makes.
805 1245. [bug] Treat ENOBUFS, ENOMEM and ENFILE as soft errors for
806 accept().
808 1242. [bug] named-checkzone failed if a journal existed. [RT #2657]
810 1241. [bug] Drop received UDP messages with a zero source port
811 as these are invariably forged. [RT #2621]
813 1209. [bug] Dig, host, nslookup were not checking the message ids
814 on the responses. [RT #2454]
816 1097. [func] libbind: RES_PRF_TRUNC for dig.
818 1096. [func] libbind: "DNSSEC OK" (DO) support.
820 1095. [func] libbind: resolver option: no-tld-query. disables
821 trying unqualified as a tld. no_tld_query is also
822 supported for FreeBSD compatibility.
824 1094. [func] libbind: add support gcc's format string checking.
826 1089. [func] libbind: inet_{cidr,net}_{pton,ntop}() now have IPv6
827 support.
829 --- 9.2.1 released ---
831 1251. [port] win32: a make file contained absolute version specific
832 references.
834 1249. [bug] Missing masters clause was not handled gracefully.
835 [RT #2703]
837 1244. [bug] Receiving a TCP message from a blackhole address would
838 prevent further messages being received over that
839 interface.
841 1178. [bug] Follow and cache (if appropriate) A6 and other
842 data chains to completion in the additional section.
844 --- 9.2.1rc2 released ---
846 1240. [bug] It was possible to leak zone references by
847 specifying an incorrect zone to rndc.
849 1239. [bug] Under certain circumstances named could continue to
850 use a name after it had been freed triggering
851 INSIST() failures. [RT #2614]
853 1238. [bug] It is possible to lockup the server when shutting down
854 if notifies were being processed. [RT #2591]
856 1237. [bug] nslookup: "set q=type" failed.
858 1236. [bug] dns_rdata{class,type}_fromtext() didn't handle non
859 NULL terminated text regions. [RT #2588]
861 1232. [bug] unix/errno2result() didn't handle EADDRNOTAVAIL.
863 1231. [port] HPUX 11.11 recvmsg() can return spurious EADDRNOTAVAIL.
865 1230. [bug] isccc_cc_isreply() and isccc_cc_isack() were broken.
867 1229. [bug] named would crash if it received a TSIG signed
868 query as part of an AXFR response. [RT #2570]
870 1228. [bug] 'make install' did not depend on 'make all'. [RT #2559]
872 1227. [bug] dns_lex_getmastertoken() now returns ISC_R_BADNUMBER
873 if a number was expected and some other token was
874 found. [RT#2532]
876 1222. [bug] Specifying 'port *' did not always result in a system
877 selected (non-reserved) port being used. [RT #2537]
879 1221. [bug] Zone types 'master', 'slave' and 'stub' were not being
880 compared case insensitively. [RT #2542]
882 1218. [bug] Named incorrectly returned SERVFAIL rather than
883 NOTAUTH when there was a TSIG BADTIME error. [RT #2519]
885 1216. [bug] Multiple server clauses for the same server were not
886 reported. [RT #2514]
888 1215. [port] solaris: add support to ifconfig.sh for x86 2.5.1
890 1214. [bug] Win32: isc_file_renameunique() could leave zero length
891 files behind.
893 1212. [port] libbind: 64k answer buffers were causing stack space
894 to be exceeded for certain OS. Use heap space instead.
896 1211. [bug] dns_name_fromtext() incorrectly handled certain
897 valid octal bitlabels. [RT #2483]
899 1210. [bug] libbind: getnameinfo() failed to lookup IPv4 mapped /
900 compatible addresses. [RT #2461]
902 1208. [bug] dns_master_load*() failed to log a error message if
903 an error was detected when parsing the ownername of
904 a record. [RT #2448]
906 --- 9.2.1rc1 released ---
908 1207. [bug] libbind: getaddrinfo() could call freeaddrinfo() with
909 an invalid pointer.
911 1206. [bug] SERVFAIL and NOTIMP responses to an EDNS query should
912 trigger a non-EDNS retry.
914 1205. [bug] OPT, TSIG and TKEY cannot be used to set the "class"
915 of the message. [RT #2449]
917 1204. [bug] libbind: res_nupdate() failed to update the name
918 server addresses before sending the update.
920 1201. [bug] Require that if 'callbacks' is passed to
921 dns_rdata_fromtext(), callbacks->error and
922 callbacks->warn are initialized.
924 1200. [bug] Log 'errno' that we are unable to convert to
925 isc_result_t. [RT #2404]
927 1198. [bug] OPT printing style was not consistent with the way the
928 header fields are printed. The DO bit was not reported
929 if set. Report if any of the MBZ bits are set.
931 1197. [bug] Attempts to define the same acl multiple times were not
932 detected.
934 1196. [contrib] update mdnkit to 2.2.3.
936 1195. [bug] Attempts to redefine builtin acls should be caught.
937 [RT #2403]
939 1194. [bug] Not all duplicate zone definitions were being detected
940 at the named.conf checking stage. [RT #2431]
942 1193. [bug] Best effort parsing didn't handle packet truncation.
944 1191. [bug] A dynamic update removing the last non-apex name in
945 a secure zone would fail. [RT #2399]
947 1189. [bug] On some systems, malloc(0) returns NULL, which
948 could cause the caller to report an out of memory
949 error. [RT #2398]
951 1188. [bug] Dynamic updates of a signed zone would fail if
952 some of the zone private keys were unavailable.
954 1186. [bug] isc_hex_tobuffer(,,length = 0) failed to unget the
955 EOL token when reading to end of line.
957 1185. [bug] libbind: don't assume statp->_u._ext.ext is valid
958 unless RES_INIT is set when calling res_*init().
960 1184. [bug] libbind: call res_ndestroy() if RES_INIT is set
961 when res_*init() is called.
963 1183. [bug] Handle ENOSR error when writing to the internal
964 control pipe. [RT #2395]
966 1182. [bug] The server could throw an assertion failure when
967 constructing a negative response packet.
969 1176. [doc] Document that allow-v6-synthesis is only performed
970 for clients that are supplied recursive service.
971 [RT #2260]
973 1175. [bug] named-checkzone failed to call dns_result_register()
974 at startup which could result in runtime
975 exceptions when printing "out of memory" errors.
976 [RT #2335]
978 1174. [bug] Win32: add WSAECONNRESET to the expected errors
979 from connect(). [RT #2308]
981 1173. [bug] Potential memory leaks in isc_log_create() and
982 isc_log_settag(). [RT #2336]
984 1172. [doc] Add CERT, GPOS, KX, NAPTR, NSAP, PX and TXT to
985 table of RR types in ARM.
987 1170. [bug] Don't attempt to print the token when a I/O error
988 occurs when parsing named.conf. [RT #2275]
990 1168. [bug] Empty also-notify clauses were not handled. [RT #2309]
992 1167. [contrib] nslint-2.1a3 (from author).
994 1166. [bug] "Not Implemented" should be reported as NOTIMP,
995 not NOTIMPL. [RT #2281]
997 1165. [bug] We were rejecting notify-source{-v6} in zone clauses.
999 1164. [bug] Empty masters clauses in slave / stub zones were not
1000 handled gracefully. [RT #2262]
1002 1162. [bug] The allow-notify option was not accepted in slave
1003 zone statements.
1005 1161. [bug] named-checkzone looped on unbalanced brackets.
1006 [RT #2248]
1008 1160. [bug] Generating Diffie-Hellman keys longer than 1024
1009 bits could fail. [RT #2241]
1011 1156. [port] The configure test for strsep() incorrectly
1012 succeeded on certain patched versions of
1013 AIX 4.3.3. [RT #2190]
1015 1154. [bug] Don't attempt to obtain the netmask of a interface
1016 if there is no address configured. [RT #2176]
1018 1152. [bug] libbind: read buffer overflows.
1020 1144. [bug] rndc-confgen would crash if both the -a and -t
1021 options were specified. [RT #2159]
1023 1142. [bug] dnssec-signzone would fail to delete temporary files
1024 in some failure cases. [RT #2144]
1026 1141. [bug] When named rejected a control message, it would
1027 leak a file descriptor and memory. It would also
1028 fail to respond, causing rndc to hang.
1029 [RT #2139, #2164]
1031 1140. [bug] rndc-confgen did not accept IPv6 addresses as arguments
1032 to the -s option. [RT #2138]
1034 1136. [bug] CNAME records synthesized from DNAMEs did not
1035 have a TTL of zero as required by RFC2672.
1036 [RT #2129]
1038 1125. [bug] rndc: -k option was missing from usage message.
1039 [RT #2057]
1041 1124. [doc] dig: +[no]dnssec, +[no]besteffort and +[no]fail
1042 are now documented. [RT #2052]
1044 1123. [bug] dig +[no]fail did not match description. [RT #2052]
1046 1109. [bug] nsupdate accepted illegal ttl values.
1048 1108. [bug] On Win32, rndc was hanging when named was not running
1049 due to failure to select for exceptional conditions
1050 in select(). [RT #1870]
1052 1081. [bug] Multicast queries were incorrectly identified
1053 based on the source address, not the destination
1054 address.
1056 1072. [bug] The TCP client quota could be exceeded when
1057 recursion occurred. [RT #1937]
1059 1071. [bug] Sockets listening for TCP DNS connections
1060 specified an excessive listen backlog. [RT #1937]
1062 1070. [bug] Copy DNSSEC OK (DO) to response as specified by
1063 draft-ietf-dnsext-dnssec-okbit-03.txt.
1065 1014. [bug] Some queries would cause statistics counters to
1066 increment more than once or not at all. [RT #1321]
1068 1012. [bug] The -p option to named did not behave as documented.
1070 988. [bug] 'additional-from-auth no;' did not work reliably
1071 in the case of queries answered from the cache.
1072 [RT #1436]
1074 995. [bug] dig, host, nslookup: using a raw IPv6 address as a
1075 target address should be fatal on a IPv4 only system.
1077 --- 9.2.0 released ---
1079 1134. [bug] Multi-threaded servers could deadlock in ferror()
1080 when reloading zone files. [RT #1951, #1998]
1082 1133. [bug] IN6_IS_ADDR_LOOPBACK was not portably defined on
1083 platforms without IN6_IS_ADDR_LOOPBACK. [RT #2106]
1085 --- 9.2.0rc10 released ---
1087 1131. [bug] The match-destinations view option did not work with
1088 IPv6 destinations. [RT #2073, #2074]
1090 1130. [bug] Log messages reporting an out-of-range serial number
1091 did not include the out-of-range number but the
1092 following token. [RT #2076]
1094 1129. [bug] Multi-threaded servers could crash under heavy
1095 resolution load due to a race condition. [RT #2018]
1097 1126. [bug] The server could access a freed event if shut
1098 down while a client start event was pending
1099 delivery. [RT #2061]
1101 1121. [bug] The server could attempt to access a NULL zone
1102 table if shut down while resolving.
1103 [RT #1587, #2054]
1105 1120. [bug] Errors in options were not fatal. [RT #2002]
1107 1118. [bug] On multi-threaded servers, a race condition
1108 could cause an assertion failure in resolver.c
1109 during resolver shutdown. [RT #2029]
1111 1117. [port] The configure check for in6addr_loopback incorrectly
1112 succeeded on AIX 4.3 when compiling with -O2
1113 because the test code was optimized away.
1114 [RT #2016]
1116 1116. [bug] Setting transfers in a server clause, transfers-in,
1117 or transfers-per-ns to a value greater than
1118 2147483647 disabled transfers. [RT #2002]
1120 1114. [port] Ignore more accept() errors. [RT #2021]
1122 1113. [bug] The allow-update-forwarding option was ignored
1123 when specified in a view. [RT #2014]
1125 1111. [bug] Multi-threaded servers could deadlock processing
1126 recursive queries due to a locking hierarchy
1127 violation in adb.c. [RT #2017]
1129 --- 9.2.0rc9 released ---
1131 1107. [bug] nsupdate could catch an assertion failure if an
1132 invalid domain name was given as the argument to
1133 the "zone" command.
1135 1106. [bug] After seeing an out of range TTL, nsupdate would
1136 treat all TTLs as out of range. [RT #2001]
1138 1104. [bug] Invalid arguments to the transfer-format option
1139 could cause an assertion failure. [RT #1995]
1141 1103. [port] OpenUNIX 8 support (ifconfig.sh). [RT #1970]
1143 1102. [doc] Note that query logging is enabled by directing the
1144 queries category to a channel.
1146 1101. [bug] Array bounds read error in lwres_gai_strerror.
1148 1100. [bug] libbind: DNSSEC key ids were computed incorrectly.
1150 1099. [cleanup] libbind: defining REPORT_ERRORS in lib/bind/dst caused
1151 compile time errors.
1153 1098. [bug] libbind: HMAC-MD5 key files are now mode 0600.
1155 1093. [doc] libbind: miscellaneous nroff fixes.
1157 1092. [bug] libbind: get*by*() failed to check if res_init() had
1158 been called.
1160 1091. [bug] libbind: misplaced va_end().
1162 1090. [bug] libbind: dns_ho.c:add_hostent() was not returning
1163 the amount of memory consumed resulting in garbage
1164 address being returned. Alignment calculations were
1165 wasting space. We weren't suppressing duplicate
1166 addresses.
1168 1088. [port] libbind: MPE/iX C.70 (incomplete)
1170 1087. [bug] libbind: struct __res_state too large on 64 bit arch.
1172 1086. [port] libbind: sunos: old sprintf.
1174 1085. [port] libbind: solaris: sys_nerr and sys_errlist do not
1175 exist when compiling in 64 bit mode.
1177 1084. [cleanup] libbind: gai_strerror() rewritten.
1179 1083. [bug] The default control channel listened on the
1180 wildcard address, not the loopback as documented.
1181 [RT #1975]
1183 1082. [bug] The -g option to named incorrectly caused logging
1184 to be sent to syslog in addition to stderr.
1185 [RT #1974]
1187 1078. [bug] We failed to correct bad tv_usec values in one case.
1188 [RT #1966]
1190 1076. [bug] A badly defined global key could trigger an assertion
1191 on load/reload if views were used. [RT #1947]
1193 1075. [bug] Out-of-range network prefix lengths were not
1194 reported. [RT #1954]
1196 1074. [bug] Running out of memory in dump_rdataset() could
1197 cause an assertion failure. [RT #1946]
1199 --- 9.2.0rc8 released ---
1201 1068. [bug] errno could be overwritten by catgets(). [RT #1921]
1203 1066. [bug] Provide a thread safe wrapper for strerror().
1204 [RT #1689]
1206 1064. [bug] Do not shut down active network interfaces if we
1207 are unable to scan the interface list. [RT #1921]
1209 1063. [bug] libbind: "make install" was failing on IRIX.
1210 [RT #1919]
1212 1062. [bug] If the control channel listener socket was shut
1213 down before server exit, the listener object could
1214 be freed twice. [RT #1916]
1216 1061. [bug] If periodic cache cleaning happened to start
1217 while cleaning due to reaching the configured
1218 maximum cache size was in progress, the server
1219 could catch an assertion failure. [RT #1912]
1221 1057. [bug] Reloading the server after adding a "file" clause
1222 to a zone statement could cause the server to
1223 crash due to a typo in change 1016.
1225 1056. [bug] Rndc could catch an assertion failure on SIGINT due
1226 to an uninitialized variable. [RT #1908]
1228 --- 9.2.0rc7 released ---
1230 1054. [bug] On Win32, cfg_categories and cfg_modules need to be
1231 exported from the libisccfg DLL.
1233 1053. [bug] Dig did not increase its timeout when receiving
1234 AXFRs unless the +time option was used. [RT #1904]
1236 1052. [bug] Journals were not being created in binary mode
1237 resulting in "journal format not recognized" error
1238 under Win32. [RT #1889]
1240 1051. [bug] Do not ignore a network interface completely just
1241 because it has a noncontiguous netmask. Instead,
1242 omit it from the localnets ACL and issue a warning.
1243 [RT #1891]
1245 1050. [bug] Log messages reporting malformed IP addresses in
1246 address lists such as that of the forwarders option
1247 failed to include the correct error code, file
1248 name, and line number. [RT #1890]
1250 1048. [bug] Servers built with -DISC_MEM_USE_INTERNAL_MALLOC=1
1251 didn't work.
1253 1047. [bug] named was incorrectly refusing all requests signed
1254 with a TSIG key derived from an unsigned TKEY
1255 negotiation with a NOERROR response. [RT #1886]
1257 1046. [bug] The help message for the --with-openssl configure
1258 option was inaccurate. [RT #1880]
1260 1045. [bug] It was possible to skip saving glue for a nameserver
1261 for a stub zone.
1263 1044. [bug] Specifying allow-transfer, notify-source, or
1264 notify-source-v6 in a stub zone was not treated
1265 as an error.
1267 1043. [bug] Specifying a transfer-source or transfer-source-v6
1268 option in the zone statement for a master zone was
1269 not treated as an error. [RT #1876]
1271 1042. [bug] The "config" logging category did not work properly.
1272 [RT #1873]
1274 1041. [bug] Dig/host/nslookup could catch an assertion failure
1275 on SIGINT due to an uninitialized variable. [RT #1867]
1277 1040. [bug] Multiple listen-on-v6 options with different ports
1278 were not accepted. [RT #1875]
1280 1039. [bug] Negative responses with CNAMEs in the answer section
1281 were cached incorrectly. [RT #1862]
1283 1038. [bug] In servers configured with a tkey-domain option,
1284 TKEY queries with an owner name other than the root
1285 could cause an assertion failure. [RT #1866, #1869]
1287 1033. [bug] Always respond to requests with an unsupported opcode
1288 with NOTIMP, even if we don't have a matching view
1289 or cannot determine the class.
1291 --- 9.2.0rc6 released ---
1293 1031. [bug] libbind.a: isc__gettimeofday() infinite recursion.
1294 [RT #1858]
1296 1030. [bug] On systems with no resolv.conf file, nsupdate
1297 exited with an error rather than defaulting
1298 to using the loopback address. [RT #1836]
1300 1029. [bug] Some named.conf errors did not cause the loading
1301 of the configuration file to return a failure
1302 status even though they were logged. [RT #1847]
1304 1028. [bug] On Win32, dig/host/nslookup looked for resolv.conf
1305 in the wrong directory. [RT #1833]
1307 1027. [bug] RRs having the reserved type 0 should be rejected.
1308 [RT #1471]
1310 1026. [port] Recognize OpenUNIX 8 in config.guess. [RT #1830]
1312 1022. [bug] Don't report empty root hints as "extra data".
1313 [RT #1802]
1315 --- 9.2.0rc5 released ---
1317 1021. [bug] On Win32, log message timestamps were one month
1318 later than they should have been, and the server
1319 would exhibit unspecified behavior in December.
1321 1020. [bug] IXFR log messages did not distinguish between
1322 true IXFRs, AXFR-style IXFRs, and mere version
1323 polls. [RT #1811]
1325 1019. [bug] The value of the lame-ttl option was limited to 18000
1326 seconds, not 1800 seconds as documented. [RT #1803]
1328 1018. [bug] The default log channel was not always initialized
1329 correctly. [RT #1813]
1331 1017. [bug] When specifying TSIG keys to dig and nsupdate using
1332 the -k option, they must be HMAC-MD5 keys. [RT #1810]
1334 1016. [bug] Slave zones with no backup file were re-transferred
1335 on every server reload.
1337 1015. [bug] Log channels that had a "versions" option but no
1338 "size" option failed to create numbered log
1339 files. [RT #1783]
1341 --- 9.2.0rc4 released ---
1344 1013. [bug] It was possible to cancel a query twice when marking
1345 a server as bogus or by having a blackhole acl.
1346 [RT #1776]
1348 1010. [bug] The server could attempt to execute a command channel
1349 command after initiating server shutdown, causing
1350 an assertion failure. [RT #1766]
1352 1006. [bug] If a KEY RR was found missing during DNSSEC validation,
1353 an assertion failure could subsequently be triggered
1354 in the resolver. [RT #1763]
1356 1005. [bug] Don't copy nonzero RCODEs from request to response.
1357 [RT #1765]
1359 1004. [port] Deal with recvfrom() returning EHOSTDOWN. [RT #1770]
1361 1002. [bug] When reporting an unknown class name in named.conf,
1362 including the file name and line number. [RT #1759]
1364 1001. [bug] win32 socket code doio_recv was not catching a
1365 WSACONNRESET error when a client was timing out
1366 the request and closing its socket. [RT #1745]
1368 1000. [bug] BIND 8 compatibility: accept "HESIOD" as an alias
1369 for class "HS". [RT #1759]
1371 --- 9.2.0rc3 released ---
1373 990. [bug] The rndc-confgen man page was not installed.
1375 989. [bug] Report filename if $INCLUDE fails for file related
1376 errors. [RT #1736]
1378 987. [bug] "dig -help" didn't show "+[no]stats".
1380 986. [bug] "dig +noall" failed to clear stats and command
1381 printing.
1383 984. [bug] Multi-threading should be enabled by default on
1384 Solaris 2.7 and newer, but it wasn't.
1386 --- 9.2.0rc2 released ---
1388 980. [bug] Incoming zone transfers restarting after an error
1389 could trigger an assertion failure. [RT #1692]
1391 978. [bug] dns_db_attachversion() had an invalid REQUIRE()
1392 condition.
1394 977. [bug] Improve "not at top of zone" error message.
1396 975. [bug] "max-cache-size default;" as a view option
1397 caused an assertion failure.
1399 974. [bug] "max-cache-size unlimited;" as a global option
1400 was not accepted.
1402 973. [bug] Failed to log the question name when logging:
1403 "bad zone transfer request: non-authoritative zone
1404 (NOTAUTH)".
1406 972. [bug] The file modification time code in zone.c was using the
1407 wrong epoch. [RT #1667]
1409 968. [bug] On win32, the isc_time_now() function was unnecessarily
1410 calling strtime(). [RT #1671]
1412 967. [bug] On win32, the link for bindevt was not including the
1413 required resource file to enable the event viewer
1414 to interpret the error messages in the event log,
1415 [RT #1668]
1417 966. [placeholder]
1419 965. [bug] Including data other than root server NS and A
1420 records in the root hint file could cause a rbtdb
1421 node reference leak. [RT #1581, #1618]
1423 964. [func] Warn if data other than root server NS and A records
1424 are found in the root hint file. [RT #1581, #1618]
1426 963. [bug] Bad ISC_LANG_ENDDECLS. [RT #1645]
1428 962. [bug] libbind: bad "#undef", don't attempt to install
1429 non-existant nlist.h. [RT #1640]
1431 961. [bug] Tried to use a IPV6 feature when ISC_PLATFORM_HAVEIPV6
1432 was not defined. [RT #1482]
1434 960. [port] liblwres failed to build on systems with support for
1435 getrrsetbyname() in the OS. [RT #1592]
1437 959. [port] On FreeBSD, determine the number of CPUs by calling
1438 sysctlbyname(). [RT #1584]
1440 958. [port] ssize_t is not available on all platforms. [RT #1607]
1442 957. [bug] sys/select.h inclusion was broken on older platforms.
1443 [RT #1607]
1445 956. [bug] ns_g_autorndcfile changed to ns_g_keyfile
1446 in named/win32/os.c due to code changes in
1447 change #953. win32 .make file for rndc-confgen
1448 updated to add include path for os.h header.
1450 --- 9.2.0rc1 released ---
1452 955. [bug] When using views, the zone's class was not being
1453 inherited from the view's class. [RT #1583]
1455 954. [bug] When requesting AXFRs or IXFRs using dig, host, or
1456 nslookup, the RD bit should not be set as zone
1457 transfers are inherently nonrecursive. [RT #1575]
1459 953. [func] The /var/run/named.key file from change #843
1460 has been replaced by /etc/rndc.key. Both
1461 named and rndc will look for this file and use
1462 it to configure a default control channel key
1463 if not already configured using a different
1464 method (rndc.conf / controls). Unlike
1465 named.key, rndc.key is not created automatically;
1466 it must be created by manually running
1467 "rndc-confgen -a".
1469 952. [bug] The server required manual intervention to serve the
1470 affected zones if it died between creating a journal
1471 and committing the first change to it.
1473 951. [bug] CFLAGS was not passed to the linker when
1474 linking some of the test programs under
1475 bin/tests. [RT #1555].
1477 950. [bug] Explicit TTLs did not properly override $TTL
1478 due to a bug in change 834. [RT #1558]
1480 949. [bug] host was unable to print records larger than 512
1481 bytes. [RT #1557]
1483 --- 9.2.0b2 released ---
1485 948. [port] Integrated support for building on Windows NT /
1486 Windows 2000.
1488 947. [bug] dns_rdata_soa_t had a badly named element "mname" which
1489 was really the RNAME field from RFC1035. To avoid
1490 confusion and silent errors that would occur it the
1491 "origin" and "mname" elements were given their correct
1492 names "mname" and "rname" respectively, the "mname"
1493 element is renamed to "contact".
1495 946. [cleanup] doc/misc/options is now machine-generated from the
1496 configuration parser syntax tables, and therefore
1497 more likely to be correct.
1499 945. [func] Add the new view-specific options
1500 "match-destinations" and "match-recursive-only".
1502 944. [func] Check for expired signatures on load.
1504 943. [bug] The server could crash when receiving a command
1505 via rndc if the configuration file listed only
1506 nonexistent keys in the controls statement. [RT #1530]
1508 942. [port] libbind: GETNETBYADDR_ADDR_T was not correctly
1509 defined on some platforms.
1511 941. [bug] The configuration checker crashed if a slave
1512 zone didn't contain a masters statement. [RT #1514]
1514 940. [bug] Double zone locking failure on error path. [RT #1510]
1516 --- 9.2.0b1 released ---
1518 939. [port] Add the --disable-linux-caps option to configure for
1519 systems that manage capabilities outside of named.
1520 [RT #1503]
1522 938. [placeholder]
1524 937. [bug] A race when shutting down a zone could trigger a
1525 INSIST() failure. [RT #1034]
1527 936. [func] Warn about IPv4 addresses that are not complete
1528 dotted quads. [RT #1084]
1530 935. [bug] inet_pton failed to reject leading zeros.
1532 934. [port] Deal with systems where accept() spuriously returns
1533 ECONNRESET.
1535 933. [bug] configure failed doing libbind on platforms not
1536 supported by BIND 8. [RT #1496]
1538 --- 9.2.0a3 released ---
1540 932. [bug] Use INSTALL_SCRIPT, not INSTALL_PROGRAM,
1541 when installing isc-config.sh.
1542 [RT #198, #1466]
1544 931. [bug] The controls statement only attempted to verify
1545 messages using the first key in the key list.
1546 (9.2.0a1/a2 only).
1548 930. [func] Query performance testing tool added as
1549 contrib/queryperf.
1551 929. [placeholder]
1553 928. [bug] nsupdate would send empty update packets if the
1554 send (or empty line) command was run after
1555 another send but before any new updates or
1556 prerequisites were specified. It should simply
1557 ignore this command.
1559 927. [bug] Don't hold the zone lock for the entire dump to disk.
1560 [RT #1423]
1562 926. [bug] The resolver could deadlock with the ADB when
1563 shutting down (multi-threaded builds only).
1564 [RT #1324]
1566 925. [cleanup] Remove openssl from the distribution; require that
1567 --with-openssl be specified if DNSSEC is needed.
1569 924. [port] Extend support for pre-RFC2133 IPv6 implementation.
1570 [RT #987]
1572 923. [bug] Multiline TSIG secrets (and other multiline strings)
1573 were not accepted in named.conf. [RT #1469]
1575 922. [func] Added two new lwres_getrrsetbyname() result codes,
1576 ERR_NONAME and ERR_NODATA.
1578 921. [bug] lwres returned an incorrect error code if it received
1579 a truncated message.
1581 920. [func] Increase the lwres receive buffer size to 16K.
1582 [RT #1451]
1584 919. [placeholder]
1586 918. [func] In nsupdate, TSIG errors are no longer treated as
1587 fatal errors.
1589 917. [func] New nsupdate command 'key', allowing TSIG keys to
1590 be specified in the nsupdate command stream rather
1591 than the command line.
1593 916. [bug] Specifying type ixfr to dig without specifying
1594 a serial number failed in unexpected ways.
1596 915. [func] The named-checkconf and named-checkzone programs
1597 now have a '-v' option for printing their version.
1598 [RT #1151]
1600 914. [bug] Global 'server' statements were rejected when
1601 using views, even though they were accepted
1602 in 9.1. [RT #1368]
1604 913. [bug] Cache cleaning was not sufficiently aggressive.
1605 [RT #1441, #1444]
1607 912. [bug] Attempts to set the 'additional-from-cache' or
1608 'additional-from-auth' option to 'no' in a
1609 server with recursion enabled will now
1610 be ignored and cause a warning message.
1611 [RT #1145]
1613 911. [placeholder]
1615 910. [port] Some pre-RFC2133 IPv6 implementations do not define
1616 IN6ADDR_ANY_INIT. [RT #1416]
1618 908. [func] New program, rndc-confgen, to simplify setting up rndc.
1620 907. [func] The ability to get entropy from either the
1621 random device, a user-provided file or from
1622 the keyboard was migrated from the DNSSEC tools
1623 to libisc as isc_entropy_usebestsource().
1625 906. [port] Separated the system independent portion of
1626 lib/isc/unix/entropy.c into lib/isc/entropy.c
1627 and added lib/isc/win32/entropy.c.
1629 905. [bug] Configuring a forward "zone" for the root domain
1630 did not work. [RT #1418]
1632 904. [bug] The server would leak memory if attempting to use
1633 an expired TSIG key. [RT #1406]
1635 903. [bug] dig should not crash when receiving a TCP packet
1636 of length 0.
1638 902. [bug] The -d option was ignored if both -t and -g were also
1639 specified.
1641 901. [placeholder]
1643 900. [bug] A config.guess update changed the system identification
1644 string of FreeBSD systems; configure and
1645 bin/tests/system/ifconfig.sh now recognize the new
1646 string.
1648 --- 9.2.0a2 released ---
1650 899. [bug] lib/dns/soa.c failed to compile on many platforms
1651 due to inappropriate use of a void value.
1652 [RT #1372, #1373, #1386, #1387, #1395]
1654 898. [bug] "dig" failed to set a nonzero exit status
1655 on UDP query timeout. [RT #1323]
1657 897. [bug] A config.guess update changed the system identification
1658 string of UnixWare systems; configure now recognizes
1659 the new string.
1661 896. [bug] If a configuration file is set on named's command line
1662 and it has a relative pathname, the current directory
1663 (after any possible jailing resulting from named -t)
1664 will be prepended to it so that reloading works
1665 properly even when a directory option is present.
1667 895. [func] New function, isc_dir_current(), akin to POSIX's
1668 getcwd().
1670 894. [bug] When using the DNSSEC tools, a message intended to warn
1671 when the keyboard was being used because of the lack
1672 of a suitable random device was not being printed.
1674 893. [func] Removed isc_file_test() and added isc_file_exists()
1675 for the basic functionality that was being added
1676 with isc_file_test().
1678 892. [placeholder]
1680 891. [bug] Return an error when a SIG(0) signed response to
1681 an unsigned query is seen. This should actually
1682 do the verification, but it's not currently
1683 possible. [RT #1391]
1685 890. [cleanup] The man pages no longer require the mandoc macros
1686 and should now format cleanly using most versions of
1687 nroff, and HTML versions of the man pages have been
1688 added. Both are generated from DocBook source.
1690 889. [port] Eliminated blank lines before .TH in nroff man
1691 pages since they cause problems with some versions
1692 of nroff. [RT #1390]
1694 888. [bug] Don't die when using TKEY to delete a nonexistent
1695 TSIG key. [RT #1392]
1697 887. [port] Detect broken compilers that can't call static
1698 functions from inline functions. [RT #1212]
1700 866. [func] Close debug only file channels when debug is set to
1701 zero. [RT #1246]
1703 865. [bug] The new configuration parser did not allow
1704 the optional debug level in a "severity debug"
1705 clause of a logging channel to be omitted.
1706 This is now allowed and treated as "severity
1707 debug 1;" like it does in BIND 8.2.4, not as
1708 "severity debug 0;" like it did in BIND 9.1.
1709 [RT #1367]
1711 864. [cleanup] Multi-threading is now enabled by default on
1712 OSF1, Solaris 2.7 and newer, AIX, IRIX, and HP-UX.
1714 863. [bug] If an error occurred while an outgoing zone transfer
1715 was starting up, the server could access a domain
1716 name that had already been freed when logging a
1717 message saying that the transfer was starting.
1718 [RT #1383]
1720 862. [bug] Use after realloc(), non portable pointer arithmetic in
1721 grmerge().
1723 861. [port] Add support for Mac OS X, by making it equivalent
1724 to Darwin. This was derived from the config.guess
1725 file shipped with Mac OS X. [RT #1355]
1727 860. [func] Drop cross class glue in zone transfers.
1729 859. [bug] Cache cleaning now won't swamp the CPU if there
1730 is a persistent overlimit condition.
1732 858. [func] isc_mem_setwater() no longer requires that when the
1733 callback function is non-NULL then its hi_water
1734 argument must be greater than its lo_water argument
1735 (they can now be equal) or that they be non-zero.
1737 857. [cleanup] Use ISC_MAGIC() to define all magic numbers for
1738 structs, for our friends in EBCDIC-land.
1740 856. [func] Allow partial rdatasets to be returned in answer and
1741 authority sections to help non-TCP capable clients
1742 recover from truncation. [RT #1301]
1744 855. [bug] Stop spurious "using RFC 1035 TTL semantics" warnings.
1746 854. [bug] The config parser didn't properly handle config
1747 options that were specified in units of time other
1748 than seconds. [RT #1372]
1750 853. [bug] configure_view_acl() failed to detach existing acls.
1751 [RT #1374]
1753 852. [bug] Handle responses from servers which do not know
1754 about IXFR.
1756 851. [cleanup] The obsolete support-ixfr option was not properly
1757 ignored.
1759 --- 9.2.0a1 released ---
1761 850. [bug] dns_rbt_findnode() would not find nodes that were
1762 split on a bitstring label somewhere other than in
1763 the last label of the node. [RT #1351]
1765 849. [func] <isc/net.h> will ensure INADDR_LOOPBACK is defined.
1767 848. [func] A minimum max-cache-size of two megabytes is enforced
1768 by the cache cleaner.
1770 847. [func] Added isc_file_test(), which currently only has
1771 some very basic functionality to test for the
1772 existence of a file, whether a pathname is absolute,
1773 or whether a pathname is the fundamental representation
1774 of the current directory. It is intended that this
1775 function can be expanded to test other things a
1776 programmer might want to know about a file.
1778 846. [func] A non-zero 'param' to dst_key_generate() when making an
1779 hmac-md5 key means that good entropy is not required.
1781 845. [bug] The access rights on the public file of a symmetric
1782 key are now restricted as soon as the file is opened,
1783 rather than after it has been written and closed.
1785 844. [func] <isc/net.h> will ensure INADDR_LOOPBACK is defined,
1786 just as <lwres/net.h> does.
1788 843. [func] If no controls statement is present in named.conf,
1789 or if any inet phrase of a controls statement is
1790 lacking a keys clause, then a key will be automatically
1791 generated by named and an rndc.conf-style file
1792 named named.key will be written that uses it. rndc
1793 will use this file only if its normal configuration
1794 file, or one provided on the command line, does not
1795 exist.
1797 842. [func] 'rndc flush' now takes an optional view.
1799 841. [bug] When sdb modules were not declared threadsafe, their
1800 create and destroy functions were not serialized.
1802 840. [bug] The config file parser could print the wrong file
1803 name if an error was detected after an included file
1804 was parsed. [RT #1353]
1806 839. [func] Dump packets for which there was no view or that the
1807 class could not be determined to category "unmatched".
1809 838. [port] UnixWare 7.x.x is now suported by
1810 bin/tests/system/ifconfig.sh.
1812 837. [cleanup] Multi-threading is now enabled by default only on
1813 OSF1, Solaris 2.7 and newer, and AIX.
1815 836. [func] Upgraded libtool to 1.4.
1817 835. [bug] The dispatcher could enter a busy loop if
1818 it got an I/O error receiving on a UDP socket.
1819 [RT #1293]
1821 834. [func] Accept (but warn about) master files beginning with
1822 an SOA record without an explicit TTL field and
1823 lacking a $TTL directive, by using the SOA MINTTL
1824 as a default TTL. This is for backwards compatibility
1825 with old versions of BIND 8, which accepted such
1826 files without warning although they are illegal
1827 according to RFC1035.
1829 833. [cleanup] Moved dns_soa_*() from <dns/journal.h> to
1830 <dns/soa.h>, and extended them to support
1831 all the integer-valued fields of the SOA RR.
1833 832. [bug] The default location for named.conf in named-checkconf
1834 should depend on --sysconfdir like it does in named.
1835 [RT #1258]
1837 831. [placeholder]
1839 830. [func] Implement 'rndc status'.
1841 829. [bug] The DNS_R_ZONECUT result code should only be returned
1842 when an ANY query is made with DNS_DBFIND_GLUEOK set.
1843 In all other ANY query cases, returning the delegation
1844 is better.
1846 828. [bug] The errno value from recvfrom() could be overwritten
1847 by logging code. [RT #1293]
1849 827. [bug] When an IXFR protocol error occurs, the slave
1850 should retry with AXFR.
1852 826. [bug] Some IXFR protocol errors were not detected.
1854 825. [bug] zone.c:ns_query() detached from the wrong zone
1855 reference. [RT #1264]
1857 824. [bug] Correct line numbers reported by dns_master_load().
1858 [RT #1263]
1860 823. [func] The output of "dig -h" now goes to stdout so that it
1861 can easily be piped through "more". [RT #1254]
1863 822. [bug] Sending nxrrset prerequisites would crash nsupdate.
1864 [RT #1248]
1866 821. [bug] The program name used when logging to syslog should
1867 be stripped of leading path components.
1868 [RT #1178, #1232]
1870 820. [bug] Name server address lookups failed to follow
1871 A6 chains into the glue of local authoritative
1872 zones.
1874 819. [bug] In certain cases, the resolver's attempts to
1875 restart an address lookup at the root could cause
1876 the fetch to deadlock (with itself) instead of
1877 restarting. [RT #1225]
1879 818. [bug] Certain pathological responses to ANY queries could
1880 cause an assertion failure. [RT #1218]
1882 817. [func] Adjust timeouts for dialup zone queries.
1884 816. [bug] Report potential problems with log file accessibility
1885 at configuration time, since such problems can't
1886 reliably be reported at the time they actually occur.
1888 815. [bug] If a log file was specified with a path separator
1889 character (i.e. "/") in its name and the directory
1890 did not exist, the log file's name was treated as
1891 though it were the directory name. [RT #1189]
1893 814. [bug] Socket objects left over from accept() failures
1894 were incorrectly destroyed, causing corruption
1895 of socket manager data structures.
1897 813. [bug] File descriptors exceeding FD_SETSIZE were handled
1898 badly. [RT #1192]
1900 812. [bug] dig sometimes printed incomplete IXFR responses
1901 due to an uninitialized variable. [RT #1188]
1903 811. [bug] Parentheses were not quoted in zone dumps. [RT #1194]
1905 810. [bug] The signer name in SIG records was not properly
1906 downcased when signing/verifying records. [RT #1186]
1908 809. [bug] Configuring a non-local address as a transfer-source
1909 could cause an assertion failure during load.
1911 808. [func] Add 'rndc flush' to flush the server's cache.
1913 807. [bug] When setting up TCP connections for incoming zone
1914 transfers, the transfer-source port was not
1915 ignored like it should be.
1917 806. [bug] DNS_R_SEENINCLUDE was failing to propagate back up
1918 the calling stack to the zone maintence level, causing
1919 zones to not reload when an included file was touched
1920 but the top-level zone file was not.
1922 805. [bug] When using "forward only", missing root hints should
1923 not cause queries to fail. [RT #1143]
1925 804. [bug] Attempting to obtain entropy could fail in some
1926 situations. This would be most common on systems
1927 with user-space threads. [RT #1131]
1929 803. [bug] Treat all SIG queries as if they have the CD bit set,
1930 otherwise no data will be returned [RT #749]
1932 802. [bug] DNSSEC key tags were computed incorrectly in almost
1933 all cases. [RT #1146]
1935 801. [bug] nsupdate should treat lines beginning with ';' as
1936 comments. [RT #1139]
1938 800. [bug] dnssec-signzone produced incorrect statistics for
1939 large zones. [RT #1133]
1941 799. [bug] The ADB didn't find AAAA glue in a zone unless A6
1942 glue was also present.
1944 798. [bug] nsupdate should be able to reject bad input lines
1945 and continue. [RT #1130]
1947 797. [func] Issue a warning if the 'directory' option contains
1948 a relative path. [RT #269]
1950 796. [func] When a size limit is associated with a log file,
1951 only roll it when the size is reached, not every
1952 time the log file is opened. [RT #1096]
1954 795. [func] Add the +multiline option to dig. [RT #1095]
1956 794. [func] Implement the "port" and "default-port" statements
1957 in rndc.conf.
1959 793. [cleanup] The DNSSEC tools could create filenames that were
1960 illegal or contained shell metacharacters. They
1961 now use a different text encoding of names that
1962 doesn't have these problems. [RT #1101]
1964 792. [cleanup] Replace the OMAPI command channel protocol with a
1965 simpler one.
1967 791. [bug] The command channel now works over IPv6.
1969 790. [bug] Wildcards created using dynamic update or IXFR
1970 could fail to match. [RT #1111]
1972 789. [bug] The "localhost" and "localnets" ACLs did not match
1973 when used as the second element of a two-element
1974 sortlist item.
1976 788. [func] Add the "match-mapped-addresses" option, which
1977 causes IPv6 v4mapped addresses to be treated as
1978 IPv4 addresses for the purpose of acl matching.
1980 787. [bug] The DNSSEC tools failed to downcase domain
1981 names when mapping them into file names.
1983 786. [bug] When DNSSEC signing/verifying data, owner names were
1984 not properly downcased.
1986 785. [bug] A race condition in the resolver could cause
1987 an assertion failure. [RT #673, #872, #1048]
1989 784. [bug] nsupdate and other programs would not quit properly
1990 if some signals were blocked by the caller. [RT #1081]
1992 783. [bug] Following CNAMEs could cause an assertion failure
1993 when either using an sdb database or under very
1994 rare conditions.
1996 782. [func] Implement the "serial-query-rate" option.
1998 781. [func] Avoid error packet loops by dropping duplicate FORMERR
1999 responses. [RT #1006]
2001 780. [bug] Error handling code dealing with out of memory or
2002 other rare errors could lead to assertion failures
2003 by calling functions on unitialized names. [RT #1065]
2005 779. [func] Added the "minimal-responses" option.
2007 778. [bug] When starting cache cleaning, cleaning_timer_action()
2008 returned without first pausing the iterator, which
2009 could cause deadlock. [RT #998]
2011 777. [bug] An empty forwarders list in a zone failed to override
2012 global forwarders. [RT #995]
2014 776. [func] Improved error reporting in denied messages. [RT #252]
2016 775. [placeholder]
2018 774. [func] max-cache-size is implemented.
2020 773. [func] Added isc_rwlock_trylock() to attempt to lock without
2021 blocking.
2023 772. [bug] Owner names could be incorrectly omitted from cache
2024 dumps in the presence of negative caching entries.
2025 [RT #991]
2027 771. [cleanup] TSIG errors related to unsynchronized clocks
2028 are logged better. [RT #919]
2030 770. [func] Add the "edns yes_or_no" statement to the server
2031 clause. [RT #524]
2033 769. [func] Improved error reporting when parsing rdata. [RT #740]
2035 768. [bug] The server did not emit an SOA when a CNAME
2036 or DNAME chain ended in NXDOMAIN in an
2037 authoritative zone.
2039 767. [placeholder]
2041 766. [bug] A few cases in query_find() could leak fname.
2042 This would trigger the mpctx->allocated == 0
2043 assertion when the server exited.
2044 [RT #739, #776, #798, #812, #818, #821, #845,
2045 #892, #935, #966]
2047 765. [func] ACL names are once again case insensitive, like
2048 in BIND 8. [RT #252]
2050 764. [func] Configuration files now allow "include" directives
2051 in more places, such as inside the "view" statement.
2052 [RT #377, #728, #860]
2054 763. [func] Configuration files no longer have reserved words.
2055 [RT #731, #753]
2057 762. [cleanup] The named.conf and rndc.conf file parsers have
2058 been completely rewritten.
2060 761. [bug] _REENTRANT was still defined when building with
2061 --disable-threads.
2063 760. [contrib] Significant enhancements to the pgsql sdb driver.
2065 759. [bug] The resolver didn't turn off "avoid fetches" mode
2066 when restarting, possibly causing resolution
2067 to fail when it should not. This bug only affected
2068 platforms which support both IPv4 and IPv6. [RT #927]
2070 758. [bug] The "avoid fetches" code did not treat negative
2071 cache entries correctly, causing fetches that would
2072 be useful to be avoided. This bug only affected
2073 platforms which support both IPv4 and IPv6. [RT #927]
2075 757. [func] Log zone transfers.
2077 756. [bug] dns_zone_load() could "return" success when no master
2078 file was configured.
2080 755. [bug] Fix incorrectly formatted log messages in zone.c.
2082 754. [bug] Certain failure conditions sending UDP packets
2083 could cause the server to retry the transmission
2084 indefinitely. [RT #902]
2086 753. [bug] dig, host, and nslookup would fail to contact a
2087 remote server if getaddrinfo() returned an IPv6
2088 address on a system that doesn't support IPv6.
2089 [RT #917]
2091 752. [func] Correct bad tv_usec elements returned by
2092 gettimeofday().
2094 751. [func] Log successful zone loads / transfers. [RT #898]
2096 750. [bug] A query should not match a DNAME whose trust level
2097 is pending. [RT #916]
2099 749. [bug] When a query matched a DNAME in a secure zone, the
2100 server did not return the signature of the DNAME.
2101 [RT #915]
2103 748. [doc] List supported RFCs in doc/misc/rfc-compliance.
2104 [RT #781]
2106 747. [bug] The code to determine whether an IXFR was possible
2107 did not properly check for a database that could
2108 not have a journal. [RT #865, #908]
2110 746. [bug] The sdb didn't clone rdatasets properly, causing
2111 a crash when the server followed delegations. [RT #905]
2113 745. [func] Report the owner name of records that fail
2114 semantic checks while loading.
2116 744. [bug] When returning DNS_R_CNAME or DNS_R_DNAME as the
2117 result of an ANY or SIG query, the resolver failed
2118 to setup the return event's rdatasets, causing an
2119 assertion failure in the query code. [RT #881]
2121 743. [bug] Receiving a large number of certain malformed
2122 answers could cause named to stop responding.
2123 [RT #861]
2125 742. [placeholder]
2127 741. [port] Support openssl-engine. [RT #709]
2129 740. [port] Handle openssl library mismatches slightly better.
2131 739. [port] Look for /dev/random in configure, rather than
2132 assuming it will be there for only a predefined
2133 set of OSes.
2135 738. [bug] If a non-threadsafe sdb driver supported AXFR and
2136 received an AXFR request, it would deadlock or die
2137 with an assertion failure. [RT #852]
2139 737. [port] stdtime.c failed to compile on certain platforms.
2141 736. [func] New functions isc_task_{begin,end}exclusive().
2143 735. [doc] Add BIND 4 migration notes.
2145 734. [bug] An attempt to re-lock the zone lock could occur if
2146 the server was shutdown during a zone tranfer.
2147 [RT #830]
2149 733. [bug] Reference counts of dns_acl_t objects need to be
2150 locked but were not. [RT #801, #821]
2152 732. [bug] Glue with 0 TTL could also cause SERVFAIL. [RT #828]
2154 731. [bug] Certain zone errors could cause named-checkzone to
2155 fail ungracefully. [RT #819]
2157 730. [bug] lwres_getaddrinfo() returns the correct result when
2158 it fails to contact a server. [RT #768]
2160 729. [port] pthread_setconcurrency() needs to be called on Solaris.
2162 728. [bug] Fix comment processing on master file directives.
2163 [RT# 757]
2165 727. [port] Work around OS bug where accept() succeeds but
2166 fails to fill in the peer address of the accepted
2167 connection, by treating it as an error rather than
2168 an assertion failure. [RT #809]
2170 726. [func] Implement the "trace" and "notrace" commands in rndc.
2172 725. [bug] Installing man pages could fail.
2174 724. [func] New libisc functions isc_netaddr_any(),
2175 isc_netaddr_any6().
2177 723. [bug] Referrals whose NS RRs had a 0 TTL caused the resolver
2178 to return DNS_R_SERVFAIL. [RT #783]
2180 722. [func] Allow incremental loads to be canceled.
2182 721. [cleanup] Load manager and dns_master_loadfilequota() are no
2183 more.
2185 720. [bug] Server could enter infinite loop in
2186 dispatch.c:do_cancel(). [RT #733]
2188 719. [bug] Rapid reloads could trigger an assertion failure.
2189 [RT #743, #763]
2191 718. [cleanup] "internal" is no longer a reserved word in named.conf.
2192 [RT #753, #731]
2194 717. [bug] Certain TKEY processing failure modes could
2195 reference an uninitialized variable, causing the
2196 server to crash. [RT #750]
2198 716. [bug] The first line of a $INCLUDE master file was lost if
2199 an origin was specified. [RT #744]
2201 715. [bug] Resolving some A6 chains could cause an assertion
2202 failure in adb.c. [RT #738]
2204 714. [bug] Preserve interval timers across reloads unless changed.
2205 [RT# 729]
2207 713. [func] named-checkconf takes '-t directory' similar to named.
2208 [RT #726]
2210 712. [bug] Sending a large signed update message caused an
2211 assertion failure. [RT #718]
2213 711. [bug] The libisc and liblwres implementations of
2214 inet_ntop contained an off by one error.
2216 710. [func] The forwarders statement now takes an optional
2217 port. [RT #418]
2219 709. [bug] ANY or SIG queries for data with a TTL of 0
2220 would return SERVFAIL. [RT #620]
2222 708. [bug] When building with --with-openssl, the openssl headers
2223 included with BIND 9 should not be used. [RT #702]
2225 707. [func] The "filename" argument to named-checkzone is no
2226 longer optional, to reduce confusion. [RT #612]
2228 706. [bug] Zones with an explicit "allow-update { none; };"
2229 were considered dynamic and therefore not reloaded
2230 on SIGHUP or "rndc reload".
2232 705. [port] Work out resource limit type for use where rlim_t is
2233 not available. [RT #695]
2235 704. [port] RLIMIT_NOFILE is not available on all platforms.
2236 [RT #695]
2238 703. [port] sys/select.h is needed on older platforms. [RT #695]
2240 702. [func] If the address 0.0.0.0 is seen in resolv.conf,
2241 use 127.0.0.1 instead. [RT #693]
2243 701. [func] Root hints are now fully optional. Class IN
2244 views use compiled-in hints by default, as
2245 before. Non-IN views with no root hints now
2246 provide authoritative service but not recursion.
2247 A warning is logged if a view has neither root
2248 hints nor authoritative data for the root. [RT #696]
2250 700. [bug] $GENERATE range check was wrong. [RT #688]
2252 699. [bug] The lexer mishandled empty quoted strings. [RT #694]
2254 698. [bug] Aborting nsupdate with ^C would lead to several
2255 race conditions.
2257 697. [bug] nsupdate was not compatible with the undocumented
2258 BIND 8 behavior of ignoring TTLs in "update delete"
2259 commands. [RT #693]
2261 696. [bug] lwresd would die with an assertion failure when passed
2262 a zero-length name. [RT #692]
2264 695. [bug] If the resolver attempted to query a blackholed or
2265 bogus server, the resolution would fail immediately.
2267 694. [bug] $GENERATE did not produce the last entry.
2268 [RT #682, #683]
2270 693. [bug] An empty lwres statement in named.conf caused
2271 the server to crash while loading.
2273 692. [bug] Deal with systems that have getaddrinfo() but not
2274 gai_strerror(). [RT #679]
2276 691. [bug] Configuring per-view forwarders caused an assertion
2277 failure. [RT #675, #734]
2279 690. [func] $GENERATE now supports DNAME. [RT #654]
2281 689. [doc] man pages are now installed. [RT #210]
2283 688. [func] "make tags" now works on systems with the
2284 "Exuberant Ctags" etags.
2286 687. [bug] Only say we have IPv6, with sufficent functionality,
2287 if it has actually been tested. [RT #586]
2289 686. [bug] dig and nslookup can now be properly aborted during
2290 blocking operations. [RT #568]
2292 685. [bug] nslookup should use the search list/domain options
2293 from resolv.conf by default. [RT #405, #630]
2295 684. [bug] Memory leak with view forwarders. [RT #656]
2297 683. [bug] File descriptor leak in isc_lex_openfile().
2299 682. [bug] nslookup displayed SOA records incorrectly. [RT #665]
2301 681. [bug] $GENERATE specifying output format was broken. [RT #653]
2303 680. [bug] dns_rdata_fromstruct() mishandled options bigger
2304 than 255 octets.
2306 679. [bug] $INCLUDE could leak memory and file descriptors on
2307 reload. [RT #639]
2309 678. [bug] "transfer-format one-answer;" could trigger an assertion
2310 failure. [RT #646]
2312 677. [bug] dnssec-signzone would occasionally use the wrong ttl
2313 for database operations and fail. [RT #643]
2315 676. [bug] Log messages about lame servers to category
2316 'lame-servers' rather than 'resolver', so as not
2317 to be gratuitously incompatible with BIND 8.
2319 675. [bug] TKEY queries could cause the server to leak
2320 memory.
2322 674. [func] Allow messages to be TSIG signed / verified using
2323 a offset from the current time.
2325 673. [func] The server can now convert RFC1886-style recursive
2326 lookup requests into RFC2874-style lookups, when
2327 enabled using the new option "allow-v6-synthesis".
2329 672. [bug] The wrong time was in the "time signed" field when
2330 replying with BADTIME error.
2332 671. [bug] The message code was failing to parse a message with
2333 no question section and a TSIG record. [RT #628]
2335 670. [bug] The lwres replacements for getaddrinfo and
2336 getipnodebyname didn't properly check for the
2337 existence of the sockaddr sa_len field.
2339 669. [bug] dnssec-keygen now makes the public key file
2340 non-world-readable for symmetric keys. [RT #403]
2342 668. [func] named-checkzone now reports multiple errors in master
2343 files.
2345 667. [bug] On Linux, running named with the -u option and a
2346 non-world-readable configuration file didn't work.
2347 [RT #626]
2349 666. [bug] If a request sent by dig is longer than 512 bytes,
2350 use TCP.
2352 665. [bug] Signed responses were not sent when the size of the
2353 TSIG + question exceeded the maximum message size.
2354 [RT #628]
2356 664. [bug] The t_tasks and t_timers module tests are now skipped
2357 when building without threads, since they require
2358 threads.
2360 663. [func] Accept a size_spec, not just an integer, in the
2361 (unimplemented and ignored) max-ixfr-log-size option
2362 for compatibility with recent versions of BIND 8.
2363 [RT #613]
2365 662. [bug] dns_rdata_fromtext() failed to log certain errors.
2367 661. [bug] Certain UDP IXFR requests caused an assertion failure
2368 (mpctx->allocated == 0). [RT #355, #394, #623]
2370 660. [port] Detect multiple CPUs on HP-UX and IRIX.
2372 659. [performance] Rewrite the name compression code to be much faster.
2374 658. [cleanup] Remove all vestiges of 16 bit global compression.
2376 657. [bug] When a listen-on statement in an lwres block does not
2377 specify a port, use 921, not 53. Also update the
2378 listen-on documentation. [RT #616]
2380 656. [func] Treat an unescaped newline in a quoted string as
2381 an error. This means that TXT records with missing
2382 close quotes should have meaningful errors printed.
2384 655. [bug] Improve error reporting on unexpected eof when loading
2385 zones. [RT #611]
2387 654. [bug] Origin was being forgotten in TCP retries in dig.
2388 [RT #574]
2390 653. [bug] +defname option in dig was reversed in sense.
2391 [RT #549]
2393 652. [bug] zone_saveunique() did not report the new name.
2395 651. [func] The AD bit in responses now has the meaning
2396 specified in <draft-ietf-dnsext-ad-is-secure>.
2398 650. [bug] SIG(0) records were being generated and verified
2399 incorrectly. [RT #606]
2401 649. [bug] It was possible to join to an already running fctx
2402 after it had "cloned" its events, but before it sent
2403 them. In this case, the event of the newly joined
2404 fetch would not contain the answer, and would
2405 trigger the INSIST() in fctx_sendevents(). In
2406 BIND 9.0, this bug did not trigger an INSIST(), but
2407 caused the fetch to fail with a SERVFAIL result.
2408 [RT #588, #597, #605, #607]
2410 648. [port] Add support for pre-RFC2133 IPv6 implementations.
2412 647. [bug] Resolver queries sent after following multiple
2413 referrals had excessively long retransmission
2414 timeouts due to incorrectly counting the referrals
2415 as "restarts".
2417 646. [bug] The UnixWare ISC_PLATFORM_FIXIN6INADDR fix in isc/net.h
2418 didn't _cleanly_ fix the problem it was trying to fix.
2420 645. [port] BSD/OS 3.0 needs pthread_init(). [RT #603]
2422 644. [bug] #622 needed more work. [RT #562]
2424 643. [bug] xfrin error messages made more verbose, added class
2425 of the zone. [RT# 599]
2427 642. [bug] Break the exit_check() race in the zone module.
2428 [RT #598]
2430 --- 9.1.0b2 released ---
2432 641. [bug] $GENERATE caused a uninitialized link to be used.
2433 [RT #595]
2435 640. [bug] Memory leak in error path could cause
2436 "mpctx->allocated == 0" failure. [RT #584]
2438 639. [bug] Reading entropy from the keyboard would sometimes fail.
2439 [RT #591]
2441 638. [port] lib/isc/random.c needed to explicitly include time.h
2442 to get a prototype for time() when pthreads was not
2443 being used. [RT #592]
2445 637. [port] Use isc_u?int64_t instead of (unsigned) long long in
2446 lib/isc/print.c. Also allow lib/isc/print.c to
2447 be compiled even if the platform does not need it.
2448 [RT #592]
2450 636. [port] Shut up MSVC++ about a possible loss of precision
2451 in the ISC__BUFFER_PUTUINT*() macros. [RT #592]
2453 635. [bug] Reloading a server with a configured blackhole list
2454 would cause an assertion. [RT #590]
2456 634. [bug] A log file will completely stop being written when
2457 it reaches the maximum size in all cases, not just
2458 when versioning is also enabled. [RT #570]
2460 633. [port] Cope with rlim_t missing on BSD/OS systems. [RT #575]
2462 632. [bug] The index array of the journal file was
2463 corrupted as it was written to disk.
2465 631. [port] Build without thread support on systems without
2466 pthreads.
2468 630. [bug] Locking failure in zone code. [RT #582]
2470 629. [bug] 9.1.0b1 dereferenced a null pointer and crashed
2471 when responding to a UDP IXFR request.
2473 628. [bug] If the root hints contained only AAAA addresses,
2474 named would be unable to perform resolution.
2476 627. [bug] The EDNS0 blackhole detection code of change 324
2477 waited for three retransmissions to each server,
2478 which takes much too long when a domain has many
2479 name servers and all of them drop EDNS0 queries.
2480 Now we retry without EDNS0 after three consecutive
2481 timeouts, even if they are all from different
2482 servers. [RT #143]
2484 626. [bug] The lightweight resolver daemon no longer crashes
2485 when asked for a SIG rrset. [RT #558]
2487 625. [func] Zones now inherit their class from the enclosing view.
2489 624. [bug] The zone object could get timer events after it had
2490 been destroyed, causing a server crash. [RT #571]
2492 623. [func] Added "named-checkconf" and "named-checkzone" program
2493 for syntax checking named.conf files and zone files,
2494 respectively.
2496 622. [bug] A canceled request could be destroyed before
2497 dns_request_destroy() was called. [RT #562]
2499 621. [port] Disable IPv6 at runtime if IPv6 sockets are unusable.
2500 This mostly affects Red Hat Linux 7.0, which has
2501 conflicts between libc and the kernel.
2503 620. [bug] dns_master_load*inc() now require 'task' and 'load'
2504 to be non-null. Also 'done' will not be called if
2505 dns_master_load*inc() fails immediately. [RT #565]
2507 618. [bug] Queries to a signed zone could sometimes cause
2508 an assertion failure.
2510 617. [bug] When using dynamic update to add a new RR to an
2511 existing RRset with a different TTL, the journal
2512 entries generated from the update did not include
2513 explicit deletions and re-additions of the existing
2514 RRs to update their TTL to the new value.
2516 616. [func] dnssec-signzone -t output now includes performance
2517 statistics.
2519 615. [bug] dnssec-signzone did not like child keysets signed
2520 by multiple keys.
2522 614. [bug] Checks for uninitialized link fields were prone
2523 to false positives, causing assertion failures.
2524 The checks are now disabled by default and may
2525 be re-enabled by defining ISC_LIST_CHECKINIT.
2527 613. [bug] "rndc reload zone" now reloads primary zones.
2528 It previously only updated slave and stub zones,
2529 if an SOA query indicated an out of date serial.
2531 612. [cleanup] Shutup a ridiculously noisy HP-UX compiler that
2532 complains relentlessly about how its treatment
2533 of 'const' has changed as well as how casting
2534 sometimes tightens alignment constraints.
2536 611. [func] allow-notify can be used to permit processing of
2537 notify messages from hosts other than a slave's
2538 masters.
2540 610. [func] rndc dumpdb is now supported.
2542 609. [bug] getrrsetbyname() would crash lwresd if the server
2543 found more SIGs than answers. [RT #554]
2545 608. [func] dnssec-signzone now adds a comment to the zone
2546 with the time the file was signed.
2548 607. [bug] nsupdate would fail if it encountered a CNAME or
2549 DNAME in a response to an SOA query. [RT #515]
2551 606. [bug] Compiling with --disable-threads failed due
2552 to isc_thread_self() being incorrectly defined
2553 as an integer rather than a function.
2555 605. [func] New function isc_lex_getlasttokentext().
2557 604. [bug] The named.conf parser could print incorrect line
2558 numbers when long comments were present.
2560 603. [bug] Make dig handle multiple types or classes on the same
2561 query more correctly.
2563 602. [func] Cope automatically with UnixWare's broken
2564 IN6_IS_ADDR_* macros. [RT #539]
2566 601. [func] Return a non-zero exit code if an update fails
2567 in nsupdate.
2569 600. [bug] Reverse lookups sometimes failed in dig, etc...
2571 599. [func] Added four new functions to the libisc log API to
2572 support i18n messages. isc_log_iwrite(),
2573 isc_log_ivwrite(), isc_log_iwrite1() and
2574 isc_log_ivwrite1() were added.
2576 598. [bug] An update-policy statement would cause the server
2577 to assert while loading. [RT #536]
2579 597. [func] dnssec-signzone is now multi-threaded.
2581 596. [bug] DNS_RDATASLAB_FORCE and DNS_RDATASLAB_EXACT are
2582 not mutually exclusive.
2584 595. [port] On Linux 2.2, socket() returns EINVAL when it
2585 should return EAFNOSUPPORT. Work around this.
2586 [RT #531]
2588 594. [func] sdb drivers are now assumed to not be thread-safe
2589 unless the DNS_SDBFLAG_THREADSAFE flag is supplied.
2591 593. [bug] If a secure zone was missing all its NXTs and
2592 a dynamic update was attempted, the server entered
2593 an infinite loop.
2595 592. [bug] The sig-validity-interval option now specifies a
2596 number of days, not seconds. This matches the
2597 documentation. [RT #529]
2599 --- 9.1.0b1 released ---
2601 591. [bug] Work around non-reentrancy in openssl by disabling
2602 precomputation in keys.
2604 590. [doc] There are now man pages for the lwres library in
2605 doc/man/lwres.
2607 589. [bug] The server could deadlock if a zone was updated
2608 while being transferred out.
2610 588. [bug] ctx->in_use was not being correctly initialized when
2611 when pushing a file for $INCLUDE. [RT #523]
2613 587. [func] A warning is now printed if the "allow-update"
2614 option allows updates based on the source IP
2615 address, to alert users to the fact that this
2616 is insecure and becoming increasingly so as
2617 servers capable of update forwarding are being
2618 deployed.
2620 586. [bug] multiple views with the same name were fatal. [RT #516]
2622 585. [func] dns_db_addrdataset() and and dns_rdataslab_merge()
2623 now support 'exact' additions in a similar manner to
2624 dns_db_subtractrdataset() and dns_rdataslab_subtract().
2626 584. [func] You can now say 'notify explicit'; to suppress
2627 notification of the servers listed in NS records
2628 and notify only those servers listed in the
2629 'also-notify' option.
2631 583. [func] "rndc querylog" will now toggle logging of
2632 queries, like "ndc querylog" in BIND 8.
2634 582. [bug] dns_zone_idetach() failed to lock the zone.
2635 [RT #199, #463]
2637 581. [bug] log severity was not being correctly processed.
2638 [RT #485]
2640 580. [func] Ignore trailing garbage on incoming DNS packets,
2641 for interoperability with broken server
2642 implementations. [RT #491]
2644 579. [bug] nsupdate did not take a filename to read update from.
2645 [RT #492]
2647 578. [func] New config option "notify-source", to specify the
2648 source address for notify messages.
2650 577. [func] Log illegal RDATA combinations. e.g. multiple
2651 singlton types, cname and other data.
2653 576. [doc] isc_log_create() description did not match reality.
2655 575. [bug] isc_log_create() was not setting internal state
2656 correctly to reflect the default channels created.
2658 574. [bug] TSIG signed queries sent by the resolver would fail to
2659 have their responses validated and would leak memory.
2661 573. [bug] The journal files of IXFRed slave zones were
2662 inadvertantly discarded on server reload, causing
2663 "journal out of sync with zone" errors on subsequent
2664 reloads. [RT #482]
2666 572. [bug] Quoted strings were not accepted as key names in
2667 address match lists.
2669 571. [bug] It was possible to create an rdataset of singleton
2670 type which had more than one rdata. [RT #154]
2671 [RT #279]
2673 570. [bug] rbtdb.c allowed zones containing nodes which had
2674 both a CNAME and "other data". [RT #154]
2676 569. [func] The DNSSEC AD bit will not be set on queries which
2677 have not requested a DNSSEC response.
2679 568. [func] Add sample simple database drivers in contrib/sdb.
2681 567. [bug] Setting the zone transfer timeout to zero caused an
2682 assertion failure. [RT #302]
2684 566. [func] New public function dns_timer_setidle().
2686 565. [func] Log queries more like BIND 8: query logging is now
2687 done to category "queries", level "info". [RT #169]
2689 564. [func] Add sortlist support to lwresd.
2691 563. [func] New public functions dns_rdatatype_format() and
2692 dns_rdataclass_format(), for convenient formatting
2693 of rdata type/class mnemonics in log messages.
2695 562. [cleanup] Moved lib/dns/*conf.c to bin/named where they belong.
2697 561. [func] The 'datasize', 'stacksize', 'coresize' and 'files'
2698 clauses of the options{} statement are now implemented.
2700 560. [bug] dns_name_split did not properly the resulting prefix
2701 when a maximal length bitstring label was split which
2702 was preceded by another bitstring label. [RT #429]
2704 559. [bug] dns_name_split did not properly create the suffix
2705 when splitting within a maximal length bitstring label.
2707 558. [func] New functions, isc_resource_getlimit and
2708 isc_resource_setlimit.
2710 557. [func] Symbolic constants for libisc integral types.
2712 556. [func] The DNSSEC OK bit in the EDNS extended flags
2713 is now implemented. Responses to queries without
2714 this bit set will not contain any DNSSEC records.
2716 555. [bug] A slave server attempting a zone transfer could
2717 crash with an assertion failure on certain
2718 malformed responses from the master. [RT #457]
2720 554. [bug] In some cases, not all of the dnssec tools were
2721 properly installed.
2723 553. [bug] Incoming zone transfers deferred due to quota
2724 were not started when quota was increased but
2725 only when a transfer in progress finished. [RT #456]
2727 552. [bug] We were not correctly detecting the end of all c-style
2728 comments. [RT #455]
2730 551. [func] Implemented the 'sortlist' option.
2732 550. [func] Support unknown rdata types and classes.
2734 549. [bug] "make" did not immediately abort the build when a
2735 subdirectory make failed [RT #450].
2737 548. [func] The lexer now ungets tokens more correctly.
2739 546. [func] Option 'lame-ttl' is now implemented.
2741 545. [func] Name limit and counting options removed from dig;
2742 they didn't work properly, and cannot be correctly
2743 implemented without significant changes.
2745 544. [func] Add statistics option, enable statistics-file option,
2746 add RNDC option "dump-statistics" to write out a
2747 query statistics file.
2749 543. [doc] The 'port' option is now documented.
2751 542. [func] Add support for update forwarding as required for
2752 full compliance with RFC2136. It is turned off
2753 by default and can be enabled using the
2754 'allow-update-forwarding' option.
2756 541. [func] Add bogus server support.
2758 540. [func] Add dialup support.
2760 539. [func] Support the blackhole option.
2762 538. [bug] fix buffer overruns by 1 in lwres_getnameinfo().
2764 536. [func] Use transfer-source{-v6} when sending refresh queries.
2765 Transfer-source{-v6} now take a optional port
2766 parameter for setting the UDP source port. The port
2767 parameter is ignored for TCP.
2769 535. [func] Use transfer-source{-v6} when forwarding update
2770 requests.
2772 534. [func] Ancestors have been removed from RBT chains. Ancestor
2773 information can be discerned via node parent pointers.
2775 533. [func] Incorporated name hashing into the RBT database to
2776 improve search speed.
2778 532. [func] Implement DNS UPDATE pseudo records using
2779 DNS_RDATA_UPDATE flag.
2781 531. [func] Rdata really should be initialized before being assigned
2782 to (dns_rdata_fromwire(), dns_rdata_fromtext(),
2783 dns_rdata_clone(), dns_rdata_fromregion()),
2784 check that it is.
2786 530. [func] New function dns_rdata_invalidate().
2788 529. [bug] 521 contained a bug which caused zones to always
2789 reload. [RT #410]
2791 528. [func] The ISC_LIST_XXXX macros now perform sanity checks
2792 on their arguments. ISC_LIST_XXXXUNSAFE can be use
2793 to skip the checks however use with caution.
2795 527. [func] New function dns_rdata_clone().
2797 526. [bug] nsupdate incorrectly refused to add RRs with a TTL
2798 of 0.
2800 525. [func] New arguments 'options' for dns_db_subtractrdataset(),
2801 and 'flags' for dns_rdataslab_subtract() allowing you
2802 to request that the RR's must exist prior to deletion.
2803 DNS_R_NOTEXACT is returned if the condition is not met.
2805 524. [func] The 'forward' and 'forwarders' statement in
2806 non-forward zones should work now.
2808 523. [doc] The source to the Administrator Reference Manual is
2809 now an XML file using the DocBook DTD, and is included
2810 in the distribution. The plain text version of the
2811 ARM is temporarily unavailable while we figure out
2812 how to generate readable plain text from the XML.
2814 522. [func] The lightweight resolver daemon can now use
2815 a real configuration file, and its functionality
2816 can be provided by a name server. Also, the -p and -P
2817 options to lwresd have been reversed.
2819 521. [bug] Detect master files which contain $INCLUDE and always
2820 reload. [RT #196]
2822 520. [bug] Upgraded libtool to 1.3.5, which makes shared
2823 library builds almost work on AIX (and possibly
2824 others).
2826 519. [bug] dns_name_split() would improperly split some bitstring
2827 labels, zeroing a few of the least signficant bits in
2828 the prefix part. When such an improperly created
2829 prefix was returned to the RBT database, the bogus
2830 label was dutifully stored, corrupting the tree.
2831 [RT #369]
2833 518. [bug] The resolver did not realize that a DNAME which was
2834 "the answer" to the client's query was "the answer",
2835 and such queries would fail. [RT #399]
2837 517. [bug] The resolver's DNAME code would trigger an assertion
2838 if there was more than one DNAME in the chain.
2839 [RT #399]
2841 516. [bug] Cache lookups which had a NULL node pointer, e.g.
2842 those by dns_view_find(), and which would match a
2843 DNAME, would trigger an INSIST(!search.need_cleanup)
2844 assertion. [RT #399]
2846 515. [bug] The ssu table was not being attached / detached
2847 by dns_zone_[sg]etssutable. [RT#397]
2849 514. [func] Retry refresh and notify queries if they timeout.
2850 [RT #388]
2852 513. [func] New functionality added to rdnc and server to allow
2853 individual zones to be refreshed or reloaded.
2855 512. [bug] The zone transfer code could throw an execption with
2856 an invalid IXFR stream.
2858 511. [bug] The message code could throw an assertion on an
2859 out of memory failure. [RT #392]
2861 510. [bug] Remove spurious view notify warning. [RT #376]
2863 509. [func] Add support for write of zone files on shutdown.
2865 508. [func] dns_message_parse() can now do a best-effort
2866 attempt, which should allow dig to print more invalid
2867 messages.
2869 507. [func] New functions dns_zone_flush(), dns_zt_flushanddetach()
2870 and dns_view_flushanddetach().
2872 506. [func] Do not fail to start on errors in zone files.
2874 505. [bug] nsupdate was printing "unknown result code". [RT #373]
2876 504. [bug] The zone was not being marked as dirty when updated via
2877 IXFR.
2879 503. [bug] dumptime was not being set along with
2880 DNS_ZONEFLG_NEEDDUMP.
2882 502. [func] On a SERVFAIL reply, DiG will now try the next server
2883 in the list, unless the +fail option is specified.
2885 501. [bug] Incorrect port numbers were being displayed by
2886 nslookup. [RT #352]
2888 500. [func] Nearly useless +details option removed from DiG.
2890 499. [func] In DiG, specifying a class with -c or type with -t
2891 changes command-line parsing so that classes and
2892 types are only recognized if following -c or -t.
2893 This allows hosts with the same name as a class or
2894 type to be looked up.
2896 498. [doc] There is now a man page for "dig"
2897 in doc/man/bin/dig.1.
2899 497. [bug] The error messages printed when an IP match list
2900 contained a network address with a nonzero host
2901 part where not sufficiently detailed. [RT #365]
2903 496. [bug] named didn't sanity check numeric parameters. [RT #361]
2905 495. [bug] nsupdate was unable to handle large records. [RT #368]
2907 494. [func] Do not cache NXDOMAIN responses for SOA queries.
2909 493. [func] Return non-cachable (ttl = 0) NXDOMAIN responses
2910 for SOA queries. This makes it easier to locate
2911 the containing zone without polluting intermediate
2912 caches.
2914 492. [bug] attempting to reload a zone caused the server fail
2915 to shutdown cleanly. [RT #360]
2917 491. [bug] nsupdate would segfault when sending certain
2918 prerequisites with empty RDATA. [RT #356]
2920 490. [func] When a slave/stub zone has not yet successfully
2921 obtained an SOA containing the zone's configured
2922 retry time, perform the SOA query retries using
2923 exponential backoff. [RT #337]
2925 489. [func] The zone manager now has a "i/o" queue.
2927 488. [bug] Locks weren't properly destroyed in some cases.
2929 487. [port] flockfile() is not defined on all systems.
2931 486. [bug] nslookup: "set all" and "server" commands showed
2932 the incorrect port number if a port other than 53
2933 was specified. [RT #352]
2935 485. [func] When dig had more than one server to query, it would
2936 send all of the messages at the same time. Add
2937 rate limiting of the transmitted messages.
2939 484. [bug] When the server was reloaded after removing addresses
2940 from the named.conf "listen-on" statement, sockets
2941 were still listening on the removed addresses due
2942 to reference count loops. [RT #325]
2944 483. [bug] nslookup: "set all" showed a "search" option but it
2945 was not settable.
2947 482. [bug] nslookup: a plain "server" or "lserver" should be
2948 treated as a lookup.
2950 481. [bug] nslookup:get_next_command() stack size could exceed
2951 per thread limit.
2953 480. [bug] strtok() is not thread safe. [RT #349]
2955 479. [func] The test suite can now be run by typing "make check"
2956 or "make test" at the top level.
2958 478. [bug] "make install" failed if the directory specified with
2959 --prefix did not already exist.
2961 477. [bug] The the isc-config.sh script could be installed before
2962 its directory was created. [RT #324]
2964 476. [bug] A zone could expire while a zone transfer was in
2965 progress triggering a INSIST failure. [RT #329]
2967 475. [bug] query_getzonedb() sometimes returned a non-null version
2968 on failure. This caused assertion failures when
2969 generating query responses where names subject to
2970 additional section processing pointed to a zone
2971 to which access had been denied by means of the
2972 allow-query option. [RT #336]
2974 474. [bug] The mnemonic of the CHAOS class is CH according to
2975 RFC1035, but it was printed and read only as CHAOS.
2976 We now accept both forms as input, and print it
2977 as CH. [RT #305]
2979 473. [bug] nsupdate overran the end of the list of name servers
2980 when no servers could be reached, typically causing
2981 it to print the error message "dns_request_create:
2982 not implemented".
2984 472. [bug] Off-by-one error caused isc_time_add() to sometimes
2985 produce invalid time values.
2987 471. [bug] nsupdate didn't compile on HP/UX 10.20
2989 470. [func] $GENERATE is now supported. See also
2990 doc/misc/migration.
2992 469. [bug] "query-source address * port 53;" now works.
2994 468. [bug] dns_master_load*() failed to report file and line
2995 number in certain error conditions.
2997 467. [bug] dns_master_load*() failed to log an error if
2998 pushfile() failed.
3000 466. [bug] dns_master_load*() could return success when it failed.
3002 465. [cleanup] Allow 0 to be set as an omapi_value_t value by
3003 omapi_value_storeint().
3005 464. [cleanup] Build with openssl's RSA code instead of dnssafe.
3007 463. [bug] nsupdate sent malformed SOA queries to the second
3008 and subsequent name servers in resolv.conf if the
3009 query sent to the first one failed.
3011 462. [bug] --disable-ipv6 should work now.
3013 461. [bug] Specifying an unknown key in the "keys" clause of the
3014 "controls" statement caused a NULL pointer dereference.
3015 [RT #316]
3017 460. [bug] Much of the DNSSEC code only worked with class IN.
3019 459. [bug] Nslookup processed the "set" command incorrectly.
3021 458. [bug] Nslookup didn't properly check class and type values.
3022 [RT #305]
3024 457. [bug] Dig/host/hslookup didn't properly handle connect
3025 timeouts in certain situations, causing an
3026 unnecessary warning message to be printed.
3028 456. [bug] Stub zones were not resetting the refresh and expire
3029 counters, loadtime or clearing the DNS_ZONE_REFRESH
3030 (refresh in progress) flag upon successful update.
3031 This disabled further refreshing of the stub zone,
3032 causing it to eventually expire. [RT #300]
3034 455. [doc] Document IPv4 prefix notation does not require a
3035 dotted decimal quad but may be just dotted decimal.
3037 454. [bug] Enforce dotted decimal and dotted decimal quad where
3038 documented as such in named.conf. [RT #304, RT #311]
3040 453. [bug] Warn if the obsolete option "maintain-ixfr-base"
3041 is specified in named.conf. [RT #306]
3043 452. [bug] Warn if the unimplemented option "statistics-file"
3044 is specified in named.conf. [RT #301]
3046 451. [func] Update forwarding implememted.
3048 450. [func] New function ns_client_sendraw().
3050 449. [bug] isc_bitstring_copy() only works correctly if the
3051 two bitstrings have the same lsb0 value, but this
3052 requirement was not documented, nor was there a
3053 REQUIRE for it.
3055 448. [bug] Host output formatting change, to match v8. [RT #255]
3057 447. [bug] Dig didn't properly retry in TCP mode after
3058 a truncated reply. [RT #277]
3060 446. [bug] Confusing notify log message. [RT #298]
3062 445. [bug] Doing a 0 bit isc_bitstring_copy() of an lsb0
3063 bitstring triggered a REQUIRE statement. The REQUIRE
3064 statement was incorrect. [RT #297]
3066 444. [func] "recursion denied" messages are always logged at
3067 debug level 1, now, rather than sometimes at ERROR.
3068 This silences these warnings in the usual case, where
3069 some clients set the RD bit in all queries.
3071 443. [bug] When loading a master file failed because of an
3072 unrecognized RR type name, the error message
3073 did not include the file name and line number.
3074 [RT #285]
3076 442. [bug] TSIG signed messages that did not match any view
3077 crashed the server. [RT #290]
3079 441. [bug] Nodes obscured by a DNAME were inaccessible even
3080 when DNS_DBFIND_GLUEOK was set.
3082 440. [func] New function dns_zone_forwardupdate().
3084 439. [func] New function dns_request_createraw().
3086 438. [func] New function dns_message_getrawmessage().
3088 437. [func] Log NOTIFY activity to the notify channel.
3090 436. [bug] If recvmsg() returned EHOSTUNREACH or ENETUNREACH,
3091 which sometimes happens on Linux, named would enter
3092 a busy loop. Also, unexpected socket errors were
3093 not logged at a high enough logging level to be
3094 useful in diagnosing this situation. [RT #275]
3096 435. [bug] dns_zone_dump() overwrote existing zone files
3097 rather than writing to a temporary file and
3098 renaming. This could lead to empty or partial
3099 zone files being left around in certain error
3100 conditions involving the initial transfer of a
3101 slave zone, interfering with subsequent server
3102 startup. [RT #282]
3104 434. [func] New function isc_file_isabsolute().
3106 433. [func] isc_base64_decodestring() now accepts newlines
3107 within the base64 data. This makes it possible
3108 to break up the key data in a "trusted-keys"
3109 statement into multiple lines. [RT #284]
3111 432. [func] Added refresh/retry jitter. The actual refresh/
3112 retry time is now a random value between 75% and
3113 100% of the configured value.
3115 431. [func] Log at ISC_LOG_INFO when a zone is successfully
3116 loaded.
3118 430. [bug] Rewrote the lightweight resolver client management
3119 code to handle shutdown correctly and general
3120 cleanup.
3122 429. [bug] The space reserved for a TSIG record in a response
3123 was 2 bytes too short, leading to message
3124 generation failures.
3126 428. [bug] rbtdb.c:find_closest_nxt() erroneously returned
3127 DNS_R_BADDB for nodes which had neither NXT nor SIG NXT
3128 (e.g. glue). This could cause SERVFAILs when
3129 generating negative responses in a secure zone.
3131 427. [bug] Avoid going into an infinite loop when the validator
3132 gets a negative response to a key query where the
3133 records are signed by the missing key.
3135 426. [bug] Attempting to generate an oversized RSA key could
3136 cause dnssec-keygen to dump core.
3138 425. [bug] Warn about the auth-nxdomain default value change
3139 if there is no auth-nxdomain statement in the
3140 config file. [RT #287]
3142 424. [bug] notify_createmessage() could trigger an assertion
3143 failure when creating the notify message failed,
3144 e.g. due to corrupt zones with multiple SOA records.
3145 [RT #279]
3147 423. [bug] When responding to a recusive query, errors that occur
3148 after following a CNAME should cause the query to fail.
3149 [RT #274]
3151 422. [func] get rid of isc_random_t, and make isc_random_get()
3152 and isc_random_jitter() use rand() internally
3153 instead of local state. Note that isc_random_*()
3154 functions are only for weak, non-critical "randomness"
3155 such as timing jitter and such.
3157 421. [bug] nslookup would exit when given a blank line as input.
3159 420. [bug] nslookup failed to implement the "exit" command.
3161 419. [bug] The certificate type PKIX was misspelled as SKIX.
3163 418. [bug] At debug levels >= 10, getting an unexpected
3164 socket receive error would crash the server
3165 while trying to log the error message.
3167 417. [func] Add isc_app_block() and isc_app_unblock(), which
3168 allow an application to handle signals while
3169 blocking.
3171 416. [bug] Slave zones with no master file tried to use a
3172 NULL pointer for a journal file name when they
3173 received an IXFR. [RT #273]
3175 415. [bug] The logging code leaked file descriptors.
3177 414. [bug] Server did not shut down until all incoming zone
3178 transfers were finished.
3180 413. [bug] Notify could attempt to use the zone database after
3181 it had been unloaded. [RT#267]
3183 412. [bug] named -v didn't print the version.
3185 411. [bug] A typo in the HS A code caused an assertion failure.
3187 410. [bug] lwres_gethostbyname() and company set lwres_h_errno
3188 to a random value on success.
3190 409. [bug] If named was shut down early in the startup
3191 process, ns_omapi_shutdown() would attempt to lock
3192 an unintialized mutex. [RT #262]
3194 408. [bug] stub zones could leak memory and reference counts if
3195 all the masters were unreachable.
3197 407. [bug] isc_rwlock_lock() would needlessly block
3198 readers when it reached the read quota even
3199 if no writers were waiting.
3201 406. [bug] Log messages were occasionally lost or corrupted
3202 due to a race condition in isc_log_doit().
3204 405. [func] Add support for selective forwarding (forward zones)
3206 404. [bug] The request library didn't completely work with IPv6.
3208 403. [bug] "host" did not use the search list.
3210 402. [bug] Treat undefined acls as errors, rather than
3211 warning and then later throwing an assertion.
3212 [RT #252]
3214 401. [func] Added simple database API.
3216 400. [bug] SIG(0) signing and verifying was done incorrectly.
3217 [RT #249]
3219 399. [bug] When reloading the server with a config file
3220 containing a syntax error, it could catch an
3221 assertion failure trying to perform zone
3222 maintenance on, or sending notifies from,
3223 tentatively created zones whose views were
3224 never fully configured and lacked an address
3225 database and request manager.
3227 398. [bug] "dig" sometimes caught an assertion failure when
3228 using TSIG, depending on the key length.
3230 397. [func] Added utility functions dns_view_gettsig() and
3231 dns_view_getpeertsig().
3233 396. [doc] There is now a man page for "nsupdate"
3234 in doc/man/bin/nsupdate.8.
3236 395. [bug] nslookup printed incorrect RR type mnemonics
3237 for RRs of type >= 21 [RT #237].
3239 394. [bug] Current name was not propagated via $INCLUDE.
3241 393. [func] Initial answer while loading (awl) support.
3242 Entry points: dns_master_loadfileinc(),
3243 dns_master_loadstreaminc(), dns_master_loadbufferinc().
3244 Note: calls to dns_master_load*inc() should be rate
3245 be rate limited so as to not use up all file
3246 descriptors.
3248 392. [func] Add ISC_R_FAMILYNOSUPPORT. Returned when OS does
3249 not support the given address family requested.
3251 391. [clarity] ISC_R_FAMILY -> ISC_R_FAMILYMISMATCH.
3253 390. [func] The function dns_zone_setdbtype() now takes
3254 an argc/argv style vector of words and sets
3255 both the zone database type and its arguments,
3256 making the functions dns_zone_adddbarg()
3257 and dns_zone_cleardbargs() unnecessary.
3259 389. [bug] Attempting to send a reqeust over IPv6 using
3260 dns_request_create() on a system without IPv6
3261 support caused an assertion failure [RT #235].
3263 388. [func] dig and host can now do reverse ipv6 lookups.
3265 387. [func] Add dns_byaddr_createptrname(), which converts
3266 an address into the name used by a PTR query.
3268 386. [bug] Missing strdup() of ACL name caused random
3269 ACL matching failures [RT #228].
3271 385. [cleanup] Removed functions dns_zone_equal(), dns_zone_print(),
3272 and dns_zt_print().
3274 384. [bug] nsupdate was incorrectly limiting TTLs to 65535 instead
3275 of 2147483647.
3277 383. [func] When writing a master file, print the SOA and NS
3278 records (and their SIGs) before other records.
3280 382. [bug] named -u failed on many Linux systems where the
3281 libc provided kernel headers do not match
3282 the current kernel.
3284 381. [bug] Check for IPV6_RECVPKTINFO and use it instead of
3285 IPV6_PKTINFO if found. [RT #229]
3287 380. [bug] nsupdate didn't work with IPv6.
3289 379. [func] New library function isc_sockaddr_anyofpf().
3291 378. [func] named and lwresd will log the command line arguments
3292 they were started with in the "starting ..." message.
3294 377. [bug] When additional data lookups were refused due to
3295 "allow-query", the databases were still being
3296 attached causing reference leaks.
3298 376. [bug] The server should always use good entropy when
3299 performing cryptographic functions needing entropy.
3301 375. [bug] Per-zone "allow-query" did not properly override the
3302 view/global one for CNAME targets and additional
3303 data [RT #220].
3305 374. [bug] SOA in authoritative negative responses had wrong TTL.
3307 373. [func] nslookup is now installed by "make install".
3309 372. [bug] Deal with Microsoft DNS servers appending two bytes of
3310 garbage to zone transfer requests.
3312 371. [bug] At high debug levels, doing an outgoing zone transfer
3313 of a very large RRset could cause an assertion failure
3314 during logging.
3316 370. [bug] The error messages for rollforward failures were
3317 overly terse.
3319 369. [func] Support new named.conf options, view and zone
3320 statements:
3322 max-retry-time, min-retry-time,
3323 max-refresh-time, min-refresh-time.
3325 368. [func] Restructure the internal ".bind" view so that more
3326 zones can be added to it.
3328 367. [bug] Allow proper selection of server on nslookup command
3329 line.
3331 366. [func] Allow use of '-' batch file in dig for stdin.
3333 365. [bug] nsupdate -k leaked memory.
3335 364. [func] Added additional-from-{cache,auth}
3337 362. [bug] rndc no longer aborts if the configuration file is
3338 missing an options statement. [RT #209]
3340 361. [func] When the RBT find or chain functions set the name and
3341 origin for a node that stores the root label
3342 the name is now set to an empty name, instead of ".",
3343 to simplify later use of the name and origin by
3344 dns_name_concatenate(), dns_name_totext() or
3345 dns_name_format().
3347 360. [func] dns_name_totext() and dns_name_format() now allow
3348 an empty name to be passed, which is formatted as "@".
3350 359. [bug] dnssec-signzone occasionally signed glue records.
3352 358. [cleanup] Rename the intermediate files used by the dnssec
3353 programs.
3355 357. [bug] The zone file parser crashed if the argument
3356 to $INCLUDE was a quoted string.
3358 356. [cleanup] isc_task_send no longer requires event->sender to
3359 be non-null.
3361 355. [func] Added isc_dir_createunique(), similar to mkdtemp().
3363 354. [doc] Man pages for the dnssec tools are now included in
3364 the distribution, in doc/man/dnssec.
3366 353. [bug] double increment in lwres/gethost.c:copytobuf().
3367 [RT# 187]
3369 352. [bug] Race condition in dns_client_t startup could cause
3370 an assertion failure.
3372 351. [bug] Constructing a response with rcode SERVFAIL to a TSIG
3373 signed query could crash the server.
3375 350. [bug] Also-notify lists specified in the global options
3376 block were not correctly reference counted, causing
3377 a memory leak.
3379 349. [bug] Processing a query with the CD bit set now works
3380 as expected.
3382 348. [func] New boolean named.conf options 'additional-from-auth'
3383 and 'additional-from-cache' now supported in view and
3384 global options statement.
3386 347. [bug] Don't crash if an argument is left off options in dig.
3388 346. [func] Add support for .digrc config file, in the
3389 user's current directory.
3391 345. [bug] Large-scale changes/cleanups to dig:
3392 * Significantly improve structure handling
3393 * Don't pre-load entire batch files
3394 * Add name/rr counting/limiting
3395 * Fix SIGINT handling
3396 * Shorten timeouts to match v8's behavior
3398 344. [bug] When shutting down, lwresd sometimes tried
3399 to shut down its client tasks twice,
3400 triggering an assertion.
3402 343. [bug] Although zone maintenance SOA queries and
3403 notify requests were signed with TSIG keys
3404 when configured for the server in case,
3405 the TSIG was not verified on the response.
3407 342. [bug] The wrong name was being passed to
3408 dns_name_dup() when generating a TSIG
3409 key using TKEY.
3411 341. [func] Support 'key' clause in named.conf zone masters
3412 statement to allow authentication via TSIG keys:
3414 masters {
3415 10.0.0.1 port 5353 key "foo";
3416 10.0.0.2 ;
3417 };
3419 340. [bug] The top-level COPYRIGHT file was missing from
3420 the distribution.
3422 339. [bug] DNSSEC validation of the response to an ANY
3423 query at a name with a CNAME RR in a secure
3424 zone triggered an assertion failure.
3426 338. [bug] lwresd logged to syslog as named, not lwresd.
3428 337. [bug] "dig" did not recognize "nsap-ptr" as an RR type
3429 on the command line.
3431 336. [bug] "dig -f" used 64 k of memory for each line in
3432 the file. It now uses much less, though still
3433 proportionally to the file size.
3435 335. [bug] named would occasionally attempt recursion when
3436 it was disallowed or undesired.
3438 334. [func] Added hmac-md5 to libisc.
3440 333. [bug] The resolver incorrectly accepted referrals to
3441 domains that were not parents of the query name,
3442 causing assertion failures.
3444 332. [func] New function dns_name_reset().
3446 331. [bug] Only log "recursion denied" if RD is set. [RT #178]
3448 330. [bug] Many debugging messages were partially formatted
3449 even when debugging was turned off, causing a
3450 significant decrease in query performance.
3452 329. [func] omapi_auth_register() now takes a size_t argument for
3453 the length of a key's secret data. Previously
3454 OMAPI only stored secrets up to the first NUL byte.
3456 328. [func] Added isc_base64_decodestring().
3458 327. [bug] rndc.conf parser wasn't correctly recognising an IP
3459 address where a host specification was required.
3461 326. [func] 'keys' in an 'inet' control statement is now
3462 required and must have at least one item in it.
3463 A "not supported" warning is now issued if a 'unix'
3464 control channel is defined.
3466 325. [bug] isc_lex_gettoken was processing octal strings when
3467 ISC_LEXOPT_CNUMBER was not set.
3469 324. [func] In the resolver, turn EDNS0 off if there is no
3470 response after a number of retransmissions.
3471 This is to allow queries some chance of succeeding
3472 even if all the authoritative servers of a zone
3473 silently discard EDNS0 requests instead of
3474 sending an error response like they ought to.
3476 323. [bug] dns_rbt_findname() did not ignore empty rbt nodes.
3477 Because of this, servers authoritative for a parent
3478 and grandchild zone but not authoritative for the
3479 intervening child zone did not correctly issue
3480 referrals to the servers of the child zone.
3482 322. [bug] Queries for KEY RRs are now sent to the parent
3483 server before the authoritative one, making
3484 DNSSEC insecurity proofs work in many cases
3485 where they previously didn't.
3487 321. [bug] When synthesizing a CNAME RR for a DNAME
3488 response, query_addcname() failed to intitialize
3489 the type and class of the CNAME dns_rdata_t,
3490 causing random failures.
3492 320. [func] Multiple rndc changes: parses an rndc.conf file,
3493 uses authentication to talk to named, command
3494 line syntax changed. This will all be described
3495 in the ARM.
3497 319. [func] The named.conf "controls" statement is now used
3498 to configure the OMAPI command channel.
3500 318. [func] dns_c_ndcctx_destroy() could never return anything
3501 except ISC_R_SUCCESS; made it have void return instead.
3503 317. [func] Use callbacks from libomapi to determine if a
3504 new connection is valid, and if a key requested
3505 to be used with that connection is valid.
3507 316. [bug] Generate a warning if we detect an unexpected <eof>
3508 but treat as <eol><eof>.
3510 315. [bug] Handle non-empty blanks lines. [RT #163]
3512 314. [func] The named.conf controls statement can now have
3513 more than one key specified for the inet clause.
3515 313. [bug] When parsing resolv.conf, don't terminate on an
3516 error. Instead, parse as much as possible, but
3517 still return an error if one was found.
3519 312. [bug] Increase the number of allowed elements in the
3520 resolv.conf search path from 6 to 8. If there
3521 are more than this, ignore the remainder rather
3522 than returning a failure in lwres_conf_parse.
3524 311. [bug] lwres_conf_parse failed when the first line of
3525 resolv.conf was empty or a comment.
3527 310. [func] Changes to named.conf "controls" statement (inet
3528 subtype only)
3530 - support "keys" clause
3532 controls {
3533 inet * port 1024
3534 allow { any; } keys { "foo"; }
3535 }
3537 - allow "port xxx" to be left out of statement,
3538 in which case it defaults to omapi's default port
3539 of 953.
3541 309. [bug] When sending a referral, the server did not look
3542 for name server addresses as glue in the zone
3543 holding the NS RRset in the case where this zone
3544 was not the same as the one where it looked for
3545 name server addresses as authoritative data.
3547 308. [bug] Treat a SOA record not at top of zone as an error
3548 when loading a zone. [RT #154]
3550 307. [bug] When canceling a query, the resolver didn't check for
3551 isc_socket_sendto() calls that did not yet have their
3552 completion events posted, so it could (rarely) end up
3553 destroying the query context and then want to use
3554 it again when the send event posted, triggering an
3555 assertion as it tried to cancel an already-canceled
3556 query. [RT #77]
3558 306. [bug] Reading HMAC-MD5 private key files didn't work.
3560 305. [bug] When reloading the server with a config file
3561 containing a syntax error, it could catch an
3562 assertion failure trying to perform zone
3563 maintenance on tentatively created zones whose
3564 views were never fully configured and lacked
3565 an address database.
3567 304. [bug] If more than LWRES_CONFMAXNAMESERVERS servers
3568 are listed in resolv.conf, silently ignore them
3569 instead of returning failure.
3571 303. [bug] Add additional sanity checks to differentiate a AXFR
3572 response vs a IXFR response. [RT #157]
3574 302. [bug] In dig, host, and nslookup, MXNAME should be large
3575 enough to hold any legal domain name in presentation
3576 format + terminating NULL.
3578 301. [bug] Uninitialized pointer in host:printmessage(). [RT #159]
3580 300. [bug] Using both <isc/net.h> and <lwres/net.h> didn't work
3581 on platforms lacking IPv6 because each included their
3582 own ipv6 header file for the missing definitions. Now
3583 each library's ipv6.h defines the wrapper symbol of
3584 the other (ISC_IPV6_H and LWRES_IPV6_H).
3586 299. [cleanup] Get the user and group information before changing the
3587 root directory, so the administrator does not need to
3588 keep a copy of the user and group databases in the
3589 chroot'ed environment. Suggested by Hakan Olsson.
3591 298. [bug] A mutex deadlock occurred during shutdown of the
3592 interface manager under certain conditions.
3593 Digital Unix systems were the most affected.
3595 297. [bug] Specifying a key name that wasn't fully qualified
3596 in certain parts of the config file could cause
3597 an assertion failure.
3599 296. [bug] "make install" from a separate build directory
3600 failed unless configure had been run in the source
3601 directory, too.
3603 295. [bug] When invoked with type==CNAME and a message
3604 not constructed by dns_message_parse(),
3605 dns_message_findname() failed to find anything
3606 due to checking for attribute bits that are set
3607 only in dns_message_parse(). This caused an
3608 infinite loop when constructing the response to
3609 an ANY query at a CNAME in a secure zone.
3611 294. [bug] If we run out of space in while processing glue
3612 when reading a master file and commit "current name"
3613 reverts to "name_current" instead of staying as
3614 "name_glue".
3616 293. [port] Add support for FreeBSD 4.0 system tests.
3618 292. [bug] Due to problems with the way some operating systems
3619 handle simultaneous listening on IPv4 and IPv6
3620 addresses, the server no longer listens on IPv6
3621 addresses by default. To revert to the previous
3622 behavior, specify "listen-on-v6 { any; };" in
3623 the config file.
3625 291. [func] Caching servers no longer send outgoing queries
3626 over TCP just because the incoming recursive query
3627 was a TCP one.
3629 290. [cleanup] +twiddle option to dig (for testing only) removed.
3631 289. [cleanup] dig is now installed in $bindir instead of $sbindir.
3632 host is now installed in $bindir. (Be sure to remove
3633 any $sbindir/dig from a previous release.)
3635 288. [func] rndc is now installed by "make install" into $sbindir.
3637 287. [bug] rndc now works again as "rndc 127.1 reload" (for
3638 only that task). Parsing its configuration file and
3639 using digital signatures for authentication has been
3640 disabled until named supports the "controls" statement,
3641 post-9.0.0.
3643 286. [bug] On Solaris 2, when named inherited a signal state
3644 where SIGHUP had the SIG_IGN action, SIGHUP would
3645 be ignored rather than causing the server to reload
3646 its configuration.
3648 285. [bug] A change made to the dst API for beta4 inadvertently
3649 broke OMAPI's creation of a dst key from an incoming
3650 message, causing an assertion to be triggered. Fixed.
3652 284. [func] The DNSSEC key generation and signing tools now
3653 generate randomness from keyboard input on systems
3654 that lack /dev/random.
3656 283. [cleanup] The 'lwresd' program is now a link to 'named'.
3658 282. [bug] The lexer now returns ISC_R_RANGE if parsed integer is
3659 too big for an unsigned long.
3661 281. [bug] Fixed list of recognized config file category names.
3663 280. [func] Add isc-config.sh, which can be used to more
3664 easily build applications that link with
3665 our libraries.
3667 279. [bug] Private omapi function symbols shared between
3668 two or more files in libomapi.a were not namespace
3669 protected using the ISC convention of starting with
3670 the library name and two underscores ("omapi__"...)
3672 278. [bug] bin/named/logconf.c:category_fromconf() didn't take
3673 note of when isc_log_categorybyname() wasn't able
3674 to find the category name and would then apply the
3675 channel list of the unknown category to all categories.
3677 277. [bug] isc_log_categorybyname() and isc_log_modulebyname()
3678 would fail to find the first member of any category
3679 or module array apart from the internal defaults.
3680 Thus, for example, the "notify" category was improperly
3681 configured by named.
3683 276. [bug] dig now supports maximum sized TCP messages.
3685 275. [bug] The definition of lwres_gai_strerror() was missing
3686 the lwres_ prefix.
3688 274. [bug] TSIG AXFR verify failed when talking to a BIND 8
3689 server.
3691 273. [func] The default for the 'transfer-format' option is
3692 now 'many-answers'. This will break zone transfers
3693 to BIND 4.9.5 and older unless there is an explicit
3694 'one-answer' configuration.
3696 272. [bug] The sending of large TCP responses was canceled
3697 in mid-transmission due to a race condition
3698 caused by the failure to set the client object's
3699 "newstate" variable correctly when transitioning
3700 to the "working" state.
3702 271. [func] Attempt to probe the number of cpus in named
3703 if unspecified rather than defaulting to 1.
3705 270. [func] Allow maximum sized TCP answers.
3707 269. [bug] Failed DNSSEC validations could cause an assertion
3708 failure by causing clone_results() to be called with
3709 with hevent->node == NULL.
3711 268. [doc] A plain text version of the Administrator
3712 Reference Manual is now included in the distribution,
3713 as doc/arm/Bv9ARM.txt.
3715 267. [func] Nsupdate is now provided in the distribution.
3717 266. [bug] zone.c:save_nsrrset() node was not initialized.
3719 265. [bug] dns_request_create() now works for TCP.
3721 264. [func] Dispatch can not take TCP sockets in connecting
3722 state. Set DNS_DISPATCHATTR_CONNECTED when calling
3723 dns_dispatch_createtcp() for connected TCP sockets
3724 or call dns_dispatch_starttcp() when the socket is
3725 connected.
3727 263. [func] New logging channel type 'stderr'
3729 channel some-name {
3730 stderr;
3731 severity error;
3732 }
3734 262. [bug] 'master' was not initialized in zone.c:stub_callback().
3736 261. [func] Add dns_zone_markdirty().
3738 260. [bug] Running named as a non-root user failed on Linux
3739 kernels new enough to support retaining capabilities
3740 after setuid().
3742 259. [func] New random-device and random-seed-file statements
3743 for global options block of named.conf. Both accept
3744 a single string argument.
3746 258. [bug] Fixed printing of lwres_addr_t.address field.
3748 257. [bug] The server detached the last zone manager reference
3749 too early, while it could still be in use by queries.
3750 This manifested itself as assertion failures during the
3751 shutdown process for busy name servers. [RT #133]
3753 256. [func] isc_ratelimiter_t now has attach/detach semantics, and
3754 isc_ratelimiter_shutdown guarantees that the rate
3755 limiter is detached from its task.
3757 255. [func] New function dns_zonemgr_attach().
3759 254. [bug] Suppress "query denied" messages on additional data
3760 lookups.
3762 --- 9.0.0b4 released ---
3764 253. [func] resolv.conf parser now recognises ';' and '#' as
3765 comments (anywhere in line, not just as the beginning).
3767 252. [bug] resolv.conf parser mishandled masks on sortlists.
3768 It also aborted when an unrecognized keyword was seen,
3769 now it silently ignores the entire line.
3771 251. [bug] lwresd caught an assertion failure on startup.
3773 250. [bug] fixed handling of size+unit when value would be too
3774 large for internal representation.
3776 249. [cleanup] max-cache-size config option now takes a size-spec
3777 like 'datasize', except 'default' is not allowed.
3779 248. [bug] global lame-ttl option was not being printed when
3780 config structures were written out.
3782 247. [cleanup] Rename cache-size config option to max-cache-size.
3784 246. [func] Rename global option cachesize to cache-size and
3785 add corresponding option to view statement.
3787 245. [bug] If an uncompressed name will take more than 255
3788 bytes and the buffer is sufficiently long,
3789 dns_name_fromwire should return DNS_R_FORMERR,
3790 not ISC_R_NOSPACE. This bug caused cause the
3791 server to catch an assertion failure when it
3792 received a query for a name longer than 255
3793 bytes.
3795 244. [bug] empty named.conf file and empty options statement are
3796 now parsed properly.
3798 243. [func] new cachesize option for named.conf
3800 242. [cleanup] fixed incorrect warning about auth-nxdomain usage.
3802 241. [cleanup] nscount and soacount have been removed from the
3803 dns_master_*() argument lists.
3805 240. [func] databases now come in three flavours: zone, cache
3806 and stub.
3808 239. [func] If ISC_MEM_DEBUG is enabled, the variable
3809 isc_mem_debugging controls whether messages
3810 are printed or not.
3812 238. [cleanup] A few more compilation warnings have been quieted:
3813 + missing sigwait prototype on BSD/OS 4.0/4.0.1.
3814 + PTHREAD_ONCE_INIT unbraced initializer warnings on
3815 Solaris 2.8.
3816 + IN6ADDR_ANY_INIT unbraced initializer warnings on
3817 BSD/OS 4.*, Linux and Solaris 2.8.
3819 237. [bug] If connect() returned ENOBUFS when the resolver was
3820 initiating a TCP query, the socket didn't get
3821 destroyed, and the server did not shut down cleanly.
3823 236. [func] Added new listen-on-v6 config file statement.
3825 235. [func] Consider it a config file error if a listen-on
3826 statement has an IPv6 address in it, or a
3827 listen-on-v6 statement has an IPv4 address in it.
3829 234. [bug] Allow a trusted-key's first field (domain-name) be
3830 either a quoted or an unquoted string, instead of
3831 requiring a quoted string.
3833 233. [cleanup] Convert all config structure integer values to unsigned
3834 integer (isc_uint32_t) to match grammer.
3836 232. [bug] Allow slave zones to not have a file.
3838 231. [func] Support new 'port' clause in config file options
3839 section. Causes 'listen-on', 'masters' and
3840 'also-notify' statements to use its value instead of
3841 default (53).
3843 230. [func] Replace the dst sign/verify API with a cleaner one.
3845 229. [func] Support config file sig-validity-interval statement
3846 in options, views and zone statements (master
3847 zones only).
3849 228. [cleanup] Logging messages in config module stripped of
3850 trailing period.
3852 227. [cleanup] The enumerated identifiers dns_rdataclass_*,
3853 dns_rcode_*, dns_opcode_*, and dns_trust_* are
3854 also now cast to their appropriate types, as with
3855 dns_rdatatype_* in item number 225 below.
3857 226. [func] dns_name_totext() now always prints the root name as
3858 '.', even when omit_final_dot is true.
3860 225. [cleanup] The enumerated dns_rdatatype_* identifiers are now
3861 cast to dns_rdatatype_t via macros of their same name
3862 so that they are of the proper integral type wherever
3863 a dns_rdatatype_t is needed.
3865 224. [cleanup] The entire project builds cleanly with gcc's
3866 -Wcast-qual and -Wwrite-strings warnings enabled,
3867 which is now the default when using gcc. (Warnings
3868 from confparser.c, because of yacc's code, are
3869 unfortunately to be expected.)
3871 223. [func] Several functions were reprototyped to qualify one
3872 or more of their arguments with "const". Similarly,
3873 several functions that return pointers now have
3874 those pointers qualified with const.
3876 222. [bug] The global 'also-notify' option was ignored.
3878 221. [bug] An uninitialized variable was sometimes passed to
3879 dns_rdata_freestruct() when loading a zone, causing
3880 an assertion failure.
3882 220. [cleanup] Set the default outgoing port in the view, and
3883 set it in sockaddrs returned from the ADB.
3884 [31-May-2000 explorer]
3886 219. [bug] Signed truncated messages more correctly follow
3887 the respective specs.
3889 218. [func] When an rdataset is signed, its ttl is normalized
3890 based on the signature validity period.
3892 217. [func] Also-notify and trusted-keys can now be used in
3893 the 'view' statement.
3895 216. [func] The 'max-cache-ttl' and 'max-ncache-ttl' options
3896 now work.
3898 215. [bug] Failures at certain points in request processing
3899 could cause the assertion INSIST(client->lockview
3900 == NULL) to be triggered.
3902 214. [func] New public function isc_netaddr_format(), for
3903 formatting network addresses in log messages.
3905 213. [bug] Don't leak memory when reloading the zone if
3906 an update-policy clause was present in the old zone.
3908 212. [func] Added dns_message_get/settsigkey, to make TSIG
3909 key management reasonable.
3911 211. [func] The 'key' and 'server' statements can now occur
3912 inside 'view' statements.
3914 210. [bug] The 'allow-transfer' option was ignored for slave
3915 zones, and the 'transfers-per-ns' option was
3916 was ignored for all zones.
3918 209. [cleanup] Upgraded openssl files to new version 0.9.5a
3920 208. [func] Added ISC_OFFSET_MAXIMUM for the maximum value
3921 of an isc_offset_t.
3923 207. [func] The dnssec tools properly use the logging subsystem.
3925 206. [cleanup] dst now stores the key name as a dns_name_t, not
3926 a char *.
3928 205. [cleanup] On IRIX, turn off the mostly harmless warnings 1692
3929 ("prototyped function redeclared without prototype")
3930 and 1552 ("variable ... set but not used") when
3931 compiling in the lib/dns/sec/{dnssafe,openssl}
3932 directories, which contain code imported from outside
3933 sources.
3935 204. [cleanup] On HP/UX, pass +vnocompatwarnings to the linker
3936 to quiet the warnings that "The linked output may not
3937 run on a PA 1.x system."
3939 203. [func] notify and zone soa queries are now tsig signed when
3940 appropriate.
3942 202. [func] isc_lex_getsourceline() changed from returning int
3943 to returning unsigned long, the type of its underlying
3944 counter.
3946 201. [cleanup] Removed the test/sdig program, it has been
3947 replaced by bin/dig/dig.
3950 --- 9.0.0b3 released ---
3952 200. [bug] Failures in sending query responses to clients
3953 (e.g., running out of network buffers) were
3954 not logged.
3956 199. [bug] isc_heap_delete() sometimes violated the heap
3957 invariant, causing timer events not to be posted
3958 when due.
3960 198. [func] Dispatch managers hold memory pools which
3961 any managed dispatcher may use. This allows
3962 us to avoid dipping into the memory context for
3963 most allocations. [19-May-2000 explorer]
3965 197. [bug] When an incoming AXFR or IXFR completes, the
3966 zone's internal state is refreshed from the
3967 SOA data. [19-May-2000 explorer]
3969 196. [func] Dispatchers can be shared easily between views
3970 and/or interfaces. [19-May-2000 explorer]
3972 195. [bug] Including the NXT record of the root domain
3973 in a negative response caused an assertion
3974 failure.
3976 194. [doc] The PDF version of the Administrator's Reference
3977 Manual is no longer included in the ISC BIND9
3978 distribution.
3980 193. [func] changed dst_key_free() prototype.
3982 192. [bug] Zone configuration validation is now done at end
3983 of config file parsing, and before loading
3984 callbacks.
3986 191. [func] Patched to compile on UnixWare 7.x. This platform
3987 is not directly supported by the ISC.
3989 190. [cleanup] The DNSSEC tools have been moved to a separate
3990 directory dnssec/ and given the following new,
3991 more descriptive names:
3993 dnssec-keygen
3994 dnssec-signzone
3995 dnssec-signkey
3996 dnssec-makekeyset
3998 Their command line arguments have also been changed to
3999 be more consistent. dnssec-keygen now prints the
4000 name of the generated key files (sans extension)
4001 on standard output to simplify its use in automated
4002 scripts.
4004 189. [func] isc_time_secondsastimet(), a new function, will ensure
4005 that the number of seconds in an isc_time_t does not
4006 exceed the range of a time_t, or return ISC_R_RANGE.
4007 Similarly, isc_time_now(), isc_time_nowplusinterval(),
4008 isc_time_add() and isc_time_subtract() now check the
4009 range for overflow/underflow. In the case of
4010 isc_time_subtract, this changed a calling requirement
4011 (ie, something that could generate an assertion)
4012 into merely a condition that returns an error result.
4013 isc_time_add() and isc_time_subtract() were void-
4014 valued before but now return isc_result_t.
4016 188. [func] Log a warning message when an incoming zone transfer
4017 contains out-of-zone data.
4019 187. [func] isc_ratelimter_enqueue() has an additional argument
4020 'task'.
4022 186. [func] dns_request_getresponse() has an additional argument
4023 'preserve_order'.
4025 185. [bug] Fixed up handling of ISC_MEMCLUSTER_LEGACY. Several
4026 public functions did not have an isc__ prefix, and
4027 referred to functions that had previously been
4028 renamed.
4030 184. [cleanup] Variables/functions which began with two leading
4031 underscores were made to conform to the ANSI/ISO
4032 standard, which says that such names are reserved.
4034 183. [func] ISC_LOG_PRINTTAG option for log channels. Useful
4035 for logging the program name or other identifier.
4037 182. [cleanup] New commandline parameters for dnssec tools
4039 181. [func] Added dst_key_buildfilename and dst_key_parsefilename
4041 180. [func] New isc_result_t ISC_R_RANGE. Supersedes DNS_R_RANGE.
4043 179. [func] options named.conf statement *must* now come
4044 before any zone or view statements.
4046 178. [func] Post-load of named.conf check verifies a slave zone
4047 has non-empty list of masters defined.
4049 177. [func] New per-zone boolean:
4051 enable-zone yes | no ;
4053 intended to let a zone be disabled without having
4054 to comment out the entire zone statement.
4056 176. [func] New global and per-view option:
4058 max-cache-ttl number
4060 175. [func] New global and per-view option:
4062 additional-data internal | minimal | maximal;
4064 174. [func] New public function isc_sockaddr_format(), for
4065 formatting socket addresses in log messages.
4067 173. [func] Keep a queue of zones waiting for zone transfer
4068 quota so that a new transfer can be dispatched
4069 immediately whenever quota becomes available.
4071 172. [bug] $TTL directive was sometimes missing from dumped
4072 master files because totext_ctx_init() failed to
4073 initialize ctx->current_ttl_valid.
4075 171. [cleanup] On NetBSD systems, the mit-pthreads or
4076 unproven-pthreads library is now always used
4077 unless --with-ptl2 is explicitly specified on
4078 the configure command line. The
4079 --with-mit-pthreads option is no longer needed
4080 and has been removed.
4082 170. [cleanup] Remove inter server consistancy checks from zone,
4083 these should return as a seperate module in 9.1.
4084 dns_zone_checkservers(), dns_zone_checkparents(),
4085 dns_zone_checkchildren(), dns_zone_checkglue().
4087 Remove dns_zone_setadb(), dns_zone_setresolver(),
4088 dns_zone_setrequestmgr() these should now be found
4089 via the view.
4091 169. [func] ratelimiter can now process N events per interval.
4093 168. [bug] include statements in named.conf caused syntax errors
4094 due to not consuming the semicolon ending the include
4095 statement before switching input streams.
4097 167. [bug] Make lack of masters for a slave zone a soft error.
4099 166. [bug] Keygen was overwriting existing keys if key_id
4100 conflicted, now it will retry, and non-null keys
4101 with key_id == 0 are not generated anymore. Key
4102 was not able to generate NOAUTHCONF DSA key,
4103 increased RSA key size to 2048 bits.
4105 165. [cleanup] Silence "end-of-loop condition not reached" warnings
4106 from Solaris compiler.
4108 164. [func] Added functions isc_stdio_open(), isc_stdio_close(),
4109 isc_stdio_seek(), isc_stdio_read(), isc_stdio_write(),
4110 isc_stdio_flush(), isc_stdio_sync(), isc_file_remove()
4111 to encapsulate nonportable usage of errno and sync.
4113 163. [func] Added result codes ISC_R_FILENOTFOUND and
4114 ISC_R_FILEEXISTS.
4116 162. [bug] Ensure proper range for arguments to ctype.h functions.
4118 161. [cleanup] error in yyparse prototype that only HPUX caught.
4120 160. [cleanup] getnet*() are not going to be implemented at this
4121 stage.
4123 159. [func] Redefinition of config file elements is now an
4124 error (instead of a warning).
4126 158. [bug] Log channel and category list copy routines
4127 weren't assigning properly to output parameter.
4129 157. [port] Fix missing prototype for getopt().
4131 156. [func] Support new 'database' statement in zone.
4133 database "quoted-string";
4135 155. [bug] ns_notify_start() was not detaching the found zone.
4137 154. [func] The signer now logs libdns warnings to stderr even when
4138 not verbose, and in a nicer format.
4140 153. [func] dns_rdata_tostruct() 'mctx' is now optional. If 'mctx'
4141 is NULL then you need to preserve the 'rdata' until
4142 you have finished using the structure as there may be
4143 references to the associated memory. If 'mctx' is
4144 non-NULL it is guaranteed that there are no references
4145 to memory associated with 'rdata'.
4147 dns_rdata_freestruct() must be called if 'mctx' was
4148 non-NULL and may safely be called if 'mctx' was NULL.
4150 152. [bug] keygen dumped core if domain name argument was omitted
4151 from command line.
4153 151. [func] Support 'disabled' statement in zone config (causes
4154 zone to be parsed and then ignored). Currently must
4155 come after the 'type' clause.
4157 150. [func] Support optional ports in masters and also-notify
4158 statements:
4160 masters [ port xxx ] { y.y.y.y [ port zzz ] ; }
4162 149. [cleanup] Removed usused argument 'olist' from
4163 dns_c_view_unsetordering().
4165 148. [cleanup] Stop issuing some warnings about some configuration
4166 file statements that were not implemented, but now are.
4168 147. [bug] Changed yacc union size to be smaller for yaccs that
4169 put yacc-stack on the real stack.
4171 146. [cleanup] More general redundant header file cleanup. Rather
4172 than continuing to itemize every header which changed,
4173 this changelog entry just notes that if a header file
4174 did not need another header file that it was including
4175 in order to provide its advertized functionality, the
4176 inclusion of the other header file was removed. See
4177 util/check-includes for how this was tested.
4179 145. [cleanup] Added <isc/lang.h> and ISC_LANG_BEGINDECLS/
4180 ISC_LANG_ENDDECLS to header files that had function
4181 prototypes, and removed it from those that did not.
4183 144. [cleanup] libdns header files too numerous to name were made
4184 to conform to the same style for multiple inclusion
4185 protection.
4187 143. [func] Added function dns_rdatatype_isknown().
4189 142. [cleanup] <isc/stdtime.h> does not need <time.h> or
4190 <isc/result.h>.
4192 141. [bug] Corrupt requests with multiple questions could
4193 cause an assertion failure.
4195 140. [cleanup] <isc/time.h> does not need <time.h> or <isc/result.h>.
4197 139. [cleanup] <isc/net.h> now includes <isc/types.h> instead of
4198 <isc/int.h> and <isc/result.h>.
4200 138. [cleanup] isc_strtouq moved from str.[ch] to string.[ch] and
4201 renamed isc_string_touint64. isc_strsep moved from
4202 strsep.c to string.c and renamed isc_string_separate.
4204 137. [cleanup] <isc/commandline.h>, <isc/mem.h>, <isc/print.h>
4205 <isc/serial.h>, <isc/string.h> and <isc/offset.h>
4206 made to conform to the same style for multiple
4207 inclusion protection.
4209 136. [cleanup] <isc/commandline.h>, <isc/interfaceiter.h>,
4210 <isc/net.h> and Win32's <isc/thread.h> needed
4211 ISC_LANG_BEGINDECLS/ISC_LANG_ENDDECLS.
4213 135. [cleanup] Win32's <isc/condition.h> did not need <isc/result.h>
4214 or <isc/boolean.h>, now uses <isc/types.h> in place
4215 of <isc/time.h>, and needed ISC_LANG_BEGINDECLS
4216 and ISC_LANG_ENDDECLS.
4218 134. [cleanup] <isc/dir.h> does not need <limits.h>.
4220 133. [cleanup] <isc/ipv6.h> needs <isc/platform.h>.
4222 132. [cleanup] <isc/app.h> does not need <isc/task.h>, but does
4223 need <isc/eventclass.h>.
4225 131. [cleanup] <isc/mutex.h> and <isc/util.h> need <isc/result.h>
4226 for ISC_R_* codes used in macros.
4228 130. [cleanup] <isc/condition.h> does not need <pthread.h> or
4229 <isc/boolean.h>, and now includes <isc/types.h>
4230 instead of <isc/time.h>.
4232 129. [bug] The 'default_debug' log channel was not set up when
4233 'category default' was present in the config file
4235 128. [cleanup] <isc/dir.h> had ISC_LANG_BEGINDECLS instead of
4236 ISC_LANG_ENDDECLS at end of header.
4238 127. [cleanup] The contracts for the comparision routines
4239 dns_name_fullcompare(), dns_name_compare(),
4240 dns_name_rdatacompare(), and dns_rdata_compare() now
4241 specify that the order value returned is < 0, 0, or > 0
4242 instead of -1, 0, or 1.
4244 126. [cleanup] <isc/quota.h> and <isc/taskpool.h> need <isc/lang.h>.
4246 125. [cleanup] <isc/eventclass.h>, <isc/ipv6.h>, <isc/magic.h>,
4247 <isc/mutex.h>, <isc/once.h>, <isc/region.h>, and
4248 <isc/resultclass.h> do not need <isc/lang.h>.
4250 124. [func] signer now imports parent's zone key signature
4251 and creates null keys/sets zone status bit for
4252 children when necessary
4254 123. [cleanup] <isc/event.h> does not need <stddef.h>.
4256 122. [cleanup] <isc/task.h> does not need <isc/mem.h> or
4257 <isc/result.h>.
4259 121. [cleanup] <isc/symtab.h> does not need <isc/mem.h> or
4260 <isc/result.h>. Multiple inclusion protection
4261 symbol fixed from ISC_SYMBOL_H to ISC_SYMTAB_H.
4262 isc_symtab_t moved to <isc/types.h>.
4264 120. [cleanup] <isc/socket.h> does not need <isc/boolean.h>,
4265 <isc/bufferlist.h>, <isc/task.h>, <isc/mem.h> or
4266 <isc/net.h>.
4268 119. [cleanup] structure definitions for generic rdata stuctures do
4269 not have _generic_ in their names.
4271 118. [cleanup] libdns.a is now namespace-clean, on NetBSD, excepting
4272 YACC crust (yyparse, etc) [2000-apr-27 explorer]
4274 117. [cleanup] libdns.a changes:
4275 dns_zone_clearnotify() and dns_zone_addnotify()
4276 are replaced by dns_zone_setnotifyalso().
4277 dns_zone_clearmasters() and dns_zone_addmaster()
4278 are replaced by dns_zone_setmasters().
4280 116. [func] Added <isc/offset.h> for isc_offset_t (aka off_t
4281 on Unix systems).
4283 115. [port] Shut up the -Wmissing-declarations warning about
4284 <stdio.h>'s __sputaux on BSD/OS pre-4.1.
4286 114. [cleanup] <isc/sockaddr.h> does not need <isc/buffer.h> or
4287 <isc/list.h>.
4289 113. [func] Utility programs dig and host added.
4291 112. [cleanup] <isc/serial.h> does not need <isc/boolean.h>.
4293 111. [cleanup] <isc/rwlock.h> does not need <isc/result.h> or
4294 <isc/mutex.h>.
4296 110. [cleanup] <isc/result.h> does not need <isc/boolean.h> or
4297 <isc/list.h>.
4299 109. [bug] "make depend" did nothing for
4300 bin/tests/{db,mem,sockaddr,tasks,timers}/.
4302 108. [cleanup] DNS_SETBIT/DNS_GETBIT/DNS_CLEARBIT moved from
4303 <dns/types.h> to <dns/bit.h> and renamed to
4304 DNS_BIT_SET/DNS_BIT_GET/DNS_BIT_CLEAR.
4306 107. [func] Add keysigner and keysettool.
4308 106. [func] Allow dnssec verifications to ignore the validity
4309 period. Used by several of the dnssec tools.
4311 105. [doc] doc/dev/coding.html expanded with other
4312 implicit conventions the developers have used.
4314 104. [bug] Made compress_add and compress_find static to
4315 lib/dns/compress.c.
4317 103. [func] libisc buffer API changes for <isc/buffer.h>:
4318 Added:
4319 isc_buffer_base(b) (pointer)
4320 isc_buffer_current(b) (pointer)
4321 isc_buffer_active(b) (pointer)
4322 isc_buffer_used(b) (pointer)
4323 isc_buffer_length(b) (int)
4324 isc_buffer_usedlength(b) (int)
4325 isc_buffer_consumedlength(b) (int)
4326 isc_buffer_remaininglength(b) (int)
4327 isc_buffer_activelength(b) (int)
4328 isc_buffer_availablelength(b) (int)
4329 Removed:
4330 ISC_BUFFER_USEDCOUNT(b)
4331 ISC_BUFFER_AVAILABLECOUNT(b)
4332 isc_buffer_type(b)
4333 Changed names:
4334 isc_buffer_used(b, r) ->
4335 isc_buffer_usedregion(b, r)
4336 isc_buffer_available(b, r) ->
4337 isc_buffer_available_region(b, r)
4338 isc_buffer_consumed(b, r) ->
4339 isc_buffer_consumedregion(b, r)
4340 isc_buffer_active(b, r) ->
4341 isc_buffer_activeregion(b, r)
4342 isc_buffer_remaining(b, r) ->
4343 isc_buffer_remainingregion(b, r)
4345 Buffer types were removed, so the ISC_BUFFERTYPE_*
4346 macros are no more, and the type argument to
4347 isc_buffer_init and isc_buffer_allocate were removed.
4348 isc_buffer_putstr is now void (instead of isc_result_t)
4349 and requires that the caller ensure that there
4350 is enough available buffer space for the string.
4352 102. [port] Correctly detect inet_aton, inet_pton and inet_ptop
4353 on BSD/OS 4.1.
4355 101. [cleanup] Quieted EGCS warnings from lib/isc/print.c.
4357 100. [cleanup] <isc/random.h> does not need <isc/int.h> or
4358 <isc/mutex.h>. isc_random_t moved to <isc/types.h>.
4360 99. [cleanup] Rate limiter now has separate shutdown() and
4361 destroy() functions, and it guarantees that all
4362 queued events are delivered even in the shutdown case.
4364 98. [cleanup] <isc/print.h> does not need <stdarg.h> or <stddef.h>
4365 unless ISC_PLATFORM_NEEDVSNPRINTF is defined.
4367 97. [cleanup] <isc/ondestroy.h> does not need <stddef.h> or
4368 <isc/event.h>.
4370 96. [cleanup] <isc/mutex.h> does not need <isc/result.h>.
4372 95. [cleanup] <isc/mutexblock.h> does not need <isc/result.h>.
4374 94. [cleanup] Some installed header files did not compile as C++.
4376 93. [cleanup] <isc/msgcat.h> does not need <isc/result.h>.
4378 92. [cleanup] <isc/mem.h> does not need <stddef.h>, <isc/boolean.h>,
4379 or <isc/result.h>.
4381 91. [cleanup] <isc/log.h> does not need <sys/types.h> or
4382 <isc/result.h>.
4384 90. [cleanup] Removed unneeded ISC_LANG_BEGINDECLS/ISC_LANG_ENDDECLS
4385 from <named/listenlist.h>.
4387 89. [cleanup] <isc/lex.h> does not need <stddef.h>.
4389 88. [cleanup] <isc/interfaceiter.h> does not need <isc/result.h> or
4390 <isc/mem.h>. isc_interface_t and isc_interfaceiter_t
4391 moved to <isc/types.h>.
4393 87. [cleanup] <isc/heap.h> does not need <isc/boolean.h>,
4394 <isc/mem.h> or <isc/result.h>.
4396 86. [cleanup] isc_bufferlist_t moved from <isc/bufferlist.h> to
4397 <isc/types.h>.
4399 85. [cleanup] <isc/bufferlist.h> does not need <isc/buffer.h>,
4400 <isc/list.h>, <isc/mem.h>, <isc/region.h> or
4401 <isc/int.h>.
4403 84. [func] allow-query ACL checks now apply to all data
4404 added to a response.
4406 83. [func] If the server is authoritative for both a
4407 delegating zone and its (nonsecure) delegatee, and
4408 a query is made for a KEY RR at the top of the
4409 delegatee, then the server will look for a KEY
4410 in the delegator if it is not found in the delegatee.
4412 82. [cleanup] <isc/buffer.h> does not need <isc/list.h>.
4414 81. [cleanup] <isc/int.h> and <isc/boolean.h> do not need
4415 <isc/lang.h>.
4417 80. [cleanup] <isc/print.h> does not need <stdio.h> or <stdlib.h>.
4419 79. [cleanup] <dns/callbacks.h> does not need <stdio.h>.
4421 78. [cleanup] lwres_conftest renamed to lwresconf_test for
4422 consistency with other *_test programs.
4424 77. [cleanup] typedef of isc_time_t and isc_interval_t moved from
4425 <isc/time.h> to <isc/types.h>.
4427 76. [cleanup] Rewrote keygen.
4429 75. [func] Don't load a zone if its database file is older
4430 than the last time the zone was loaded.
4432 74. [cleanup] Removed mktemplate.o and ufile.o from libisc.a,
4433 subsumed by file.o.
4435 73. [func] New "file" API in libisc, including new function
4436 isc_file_getmodtime, isc_mktemplate renamed to
4437 isc_file_mktemplate and isc_ufile renamed to
4438 isc_file_openunique. By no means an exhaustive API,
4439 it is just what's needed for now.
4441 72. [func] DNS_RBTFIND_NOPREDECESSOR and DNS_RBTFIND_NOOPTIONS
4442 added for dns_rbt_findnode, the former to disable the
4443 setting of the chain to the predecessor, and the
4444 latter to make clear when no options are set.
4446 71. [cleanup] Made explicit the implicit REQUIREs of
4447 isc_time_seconds, isc_time_nanoseconds, and
4448 isc_time_subtract.
4450 70. [func] isc_time_set() added.
4452 69. [bug] The zone object's master and also-notify lists grew
4453 longer with each server reload.
4455 68. [func] Partial support for SIG(0) on incoming messages.
4457 67. [performance] Allow use of alternate (compile-time supplied)
4458 OpenSSL libraries/headers.
4460 66. [func] Data in authoritative zones should have a trust level
4461 beyond secure.
4463 65. [cleanup] Removed obsolete typedef of dns_zone_callbackarg_t
4464 from <dns/types.h>.
4466 64. [func] The RBT, DB, and zone table APIs now allow the
4467 caller find the most-enclosing superdomain of
4468 a name.
4470 63. [func] Generate NOTIFY messages.
4472 62. [func] Add UDP refresh support.
4474 61. [cleanup] Use single quotes consistently in log messages.
4476 60. [func] Catch and disallow singleton types on message
4477 parse.
4479 59. [bug] Cause net/host unreachable to be a hard error
4480 when sending and receiving.
4482 58. [bug] bin/named/query.c could sometimes trigger the
4483 (client->query.attributes & NS_QUERYATTR_NAMEBUFUSED)
4484 == 0 assertion in query_newname().
4486 57. [func] Added dns_nxt_typepresent()
4488 56. [bug] SIG records were not properly returned in cached
4489 negative answers.
4491 55. [bug] Responses containing multiple names in the authority
4492 section were not negatively cached.
4494 54. [bug] If a fetch with sigrdataset==NULL joined one with
4495 sigrdataset!=NULL or vice versa, the resolver
4496 could catch an assertion or lose signature data,
4497 respectively.
4499 53. [port] freebsd 4.0: lib/isc/unix/socket.c requires
4500 <sys/param.h>.
4502 52. [bug] rndc: taskmgr and socketmgr were not initialized
4503 to NULL.
4505 51. [cleanup] dns/compress.h and dns/zt.h did not need to include
4506 dns/rbt.h; it was needed only by compress.c and zt.c.
4508 50. [func] RBT deletion no longer requires a valid chain to work,
4509 and dns_rbt_deletenode was added.
4511 49. [func] Each cache now has its own mctx.
4513 48. [func] isc_task_create() no longer takes an mctx.
4514 isc_task_mem() has been eliminated.
4516 47. [func] A number of modules now use memory context reference
4517 counting.
4519 46. [func] Memory contexts are now reference counted.
4520 Added isc_mem_inuse() and isc_mem_preallocate().
4521 Renamed isc_mem_destroy_check() to
4522 isc_mem_setdestroycheck().
4524 45. [bug] The trusted-key statement incorrectly loaded keys.
4526 44. [bug] Don't include authority data if it would force us
4527 to unset the AD bit in the message.
4529 43. [bug] DNSSEC verification of cached rdatasets was failing.
4531 42. [cleanup] Simplified logging of messages with embedded domain
4532 names by introducing a new convenience function
4533 dns_name_format().
4535 41. [func] Use PR_SET_KEEPCAPS on Linux 2.3.99-pre3 and later
4536 to allow 'named' to run as a non-root user while
4537 retaining the ability to bind() to privileged
4538 ports.
4540 40. [func] Introduced new logging category "dnssec" and
4541 logging module "dns/validator".
4543 39. [cleanup] Moved the typedefs for isc_region_t, isc_textregion_t,
4544 and isc_lex_t to <isc/types.h>.
4546 38. [bug] TSIG signed incoming zone transfers work now.
4548 37. [bug] If the first RR in an incoming zone transfer was
4549 not an SOA, the server died with an assertion failure
4550 instead of just reporting an error.
4552 36. [cleanup] Change DNS_R_SUCCESS (and others) to ISC_R_SUCCESS
4554 35. [performance] Log messages which are of a level too high to be
4555 logged by any channel in the logging configuration
4556 will not cause the log mutex to be locked.
4558 34. [bug] Recursion was allowed even with 'recursion no'.
4560 33. [func] The RBT now maintains a parent pointer at each node.
4562 32. [cleanup] bin/lwresd/client.c needs <string.h> for memset()
4563 prototype.
4565 31. [bug] Use ${LIBTOOL} to compile bin/named/main.@O@.
4567 30. [func] config file grammer change to support optional
4568 class type for a view.
4570 29. [func] support new config file view options:
4572 auth-nxdomain recursion query-source
4573 query-source-v6 transfer-source
4574 transfer-source-v6 max-transfer-time-out
4575 max-transfer-idle-out transfer-format
4576 request-ixfr provide-ixfr cleaning-interval
4577 fetch-glue notify rfc2308-type1 lame-ttl
4578 max-ncache-ttl min-roots
4580 28. [func] support lame-ttl, min-roots and serial-queries
4581 config global options.
4583 27. [bug] Only include <netinet6/in6.h> on BSD/OS 4.[01]*.
4584 Including it on other platforms (eg, NetBSD) can
4585 cause a forced #error from the C preprocessor.
4587 26. [func] new match-clients statement in config file view.
4589 25. [bug] make install failed to install <isc/log.h> and
4590 <isc/ondestroy.h>.
4592 24. [cleanup] Eliminate some unnecessary #includes of header
4593 files from header files.
4595 23. [cleanup] Provide more context in log messages about client
4596 requests, using a new function ns_client_log().
4598 22. [bug] SIGs weren't returned in the answer section when
4599 the query resulted in a fetch.
4601 21. [port] Look at STD_CINCLUDES after CINCLUDES during
4602 compilation, so additional system include directories
4603 can be searched but header files in the bind9 source
4604 tree with conflicting names take precedence. This
4605 avoids issues with installed versions of dnssafe and
4606 openssl.
4608 20. [func] Configuration file post-load validation of zones
4609 failed if there were no zones.
4611 19. [bug] dns_zone_notifyreceive() failed to unlock the zone
4612 lock in certain error cases.
4614 18. [bug] Use AC_TRY_LINK rather than AC_TRY_COMPILE in
4615 configure.in to check for presence of in6addr_any.
4617 17. [func] Do configuration file post-load validation of zones.
4619 16. [bug] put quotes around key names on config file
4620 output to avoid possible keyword clashes.
4622 15. [func] Add dns_name_dupwithoffsets(). This function is
4623 improves comparison performance for duped names.
4625 14. [bug] free_rbtdb() could have 'put' unallocated memory in
4626 an unlikely error path.
4628 13. [bug] lib/dns/master.c and lib/dns/xfrin.c didn't ignore
4629 out-of-zone data.
4631 12. [bug] Fixed possible unitialized variable error.
4633 11. [bug] axfr_rrstream_first() didn't check the result code of
4634 db_rr_iterator_first(), possibly causing an assertion
4635 to be triggered later.
4637 10. [bug] A bug in the code which makes EDNS0 OPT records in
4638 bin/named/client.c and lib/dns/resolver.c could
4639 trigger an assertion.
4641 9. [cleanup] replaced bit-setting code in confctx.c and replaced
4642 repeated code with macro calls.
4644 8. [bug] Shutdown of incoming zone transfer accessed
4645 freed memory.
4647 7. [cleanup] removed 'listen-on' from view statement.
4649 6. [bug] quote RR names when generating config file to
4650 prevent possible clash with config file keywords
4651 (such as 'key').
4653 5. [func] syntax change to named.conf file: new ssu grant/deny
4654 statements must now be enclosed by an 'update-policy'
4655 block.
4657 4. [port] bin/named/unix/os.c didn't compile on systems with
4658 linux 2.3 kernel includes due to conflicts between
4659 C library includes and the kernel includes. We now
4660 get only what we need from <linux/capability.h>, and
4661 avoid pulling in other linux kernel .h files.
4663 3. [bug] TKEYs go in the answer section of responses, not
4664 the additional section.
4666 2. [bug] Generating cryptographic randomness failed on
4667 systems without /dev/random.
4669 1. [bug] The installdirs rule in
4670 lib/isc/unix/include/isc/Makefile.in had a typo which
4671 prevented the isc directory from being created if it
4672 didn't exist.
4674 --- 9.0.0b2 released ---
4676 # This tells Emacs to use hard tabs in this file.
4677 # Local Variables:
4678 # indent-tabs-mode: t
4679 # End: