CHANGES 110 KB
Newer Older
1
2
3
 965.	[bug]		Using non root hints caused a rbtdb node reference
			leak.	 [RT #1581, RT #1618]

4
5
 964.	[func]		Warn if non root hints data is found in hints file.

6
7
 963.	[bug]		bad ISC_LANG_ENDDECLS. [RT #1645]

8
9
10
 962.	[bug]		libbind: bad "#undef", don't attempt to install
			non-existant nlist.h.  [RT #1640]

11
12
13
 961.	[bug]		Tried to use a IPV6 feature when ISC_PLATFORM_HAVEIPV6
			was not defined.  [RT #1482]

14
15
16
 960.	[port]		liblwres failed to build on systems with support for
			getrrsetbyname() in the OS.  [RT #1592]

Andreas Gustafsson's avatar
Andreas Gustafsson committed
17
18
 959.	[port]		On FreeBSD, determine the number of CPUs by calling
			sysctlbyname().  [RT #1584]
19

20
21
 958.	[port]		ssize_t is not available on all platforms.  [RT #1607]

22
23
24
 957.	[bug]		sys/select.h inclusion was broken on older platforms.
			[RT #1607]

25
26
27
28
 956.	[bug]		ns_g_autorndcfile changed to ns_g_keyfile
			in named/win32/os.c due to code changes in
			change #953. win32 .make file for rndc-confgen
			updated to add include path for os.h header.
Andreas Gustafsson's avatar
Andreas Gustafsson committed
29

30
31
	--- 9.2.0rc1 released ---

32
33
34
 955.	[bug]		When using views, the zone's class was not being
			inherited from the view's class.  [RT #1583]

Andreas Gustafsson's avatar
Andreas Gustafsson committed
35
36
37
 954.	[bug]		When requesting AXFRs or IXFRs using dig, host, or
			nslookup, the RD bit should not be set as zone
			transfers are inherently nonrecursive.  [RT #1575]
38

Andreas Gustafsson's avatar
Andreas Gustafsson committed
39
40
41
42
43
44
45
46
47
 953.	[func]		The /var/run/named.key file from change #843
			has been replaced by /etc/rndc.key.  Both
			named and rndc will look for this file and use
			it to configure a default control channel key
			if not already configured using a different
			method (rndc.conf / controls).  Unlike
			named.key, rndc.key is not created automatically;
			it must be created by manually running
			"rndc-confgen -a".
48

49
50
51
 952.	[bug]		The server required manual intervention to serve the
			affected zones if it died between creating a journal
			and committing the first change to it.
52

53
54
55
56
 951.	[bug]		CFLAGS was not passed to the linker when
			linking some of the test programs under
			bin/tests. [RT #1555].

57
58
59
 950.	[bug]		Explicit TTLs did not properly override $TTL
			due to a bug in change 834. [RT #1558]

60
61
 949.	[bug]		host was unable to print records larger than 512
 			bytes. [RT #1557]
Andreas Gustafsson's avatar
typo    
Andreas Gustafsson committed
62

Andreas Gustafsson's avatar
Andreas Gustafsson committed
63
64
	--- 9.2.0b2 released ---

65
66
67
 948.	[port]		Integrated support for building on Windows NT /
			Windows 2000.

Andreas Gustafsson's avatar
typo    
Andreas Gustafsson committed
68
 947.	[bug]		dns_rdata_soa_t had a badly named element "mname" which
69
			was really the RNAME field from RFC1035.  To avoid
Andreas Gustafsson's avatar
typo    
Andreas Gustafsson committed
70
			confusion and silent errors that would occur it the
71
72
73
			"origin" and "mname" elements were given their correct
			names "mname" and "rname" respectively, the "mname"
			element is renamed to "contact".
74

75
76
77
78
 946.	[cleanup]	doc/misc/options is now machine-generated from the
			configuration parser syntax tables, and therefore
			more likely to be correct.

79
 945.	[func]		Add the new view-specific options
Andreas Gustafsson's avatar
Andreas Gustafsson committed
80
			"match-destinations" and "match-recursive-only".
81

82
83
 944.	[func]		Check for expired signatures on load.

84
 943.	[bug]		The server could crash when receiving a command
Andreas Gustafsson's avatar
Andreas Gustafsson committed
85
			via rndc if the configuration file listed only
86
87
			nonexistent keys in the controls statement.  [RT #1530]

88
89
90
 942.	[port]		libbind: GETNETBYADDR_ADDR_T was not correctly
			defined on some platforms.

91
 941.	[bug]		The configuration checker crashed if a slave
Andreas Gustafsson's avatar
Andreas Gustafsson committed
92
			zone didn't contain a masters statement. [RT #1514]
93

94
 940.	[bug]		Double zone locking failure on error path. [RT #1510]
95
96
97

	--- 9.2.0b1 released ---

98
99
100
101
 939.	[port]		Add the --disable-linux-caps option to configure for
 			systems that manage capabilities outside of named.
			[RT #1503]

Mark Andrews's avatar
Mark Andrews committed
102
103
 938.	[placeholder]

104
105
 937.	[bug]		A race when shutting down a zone could trigger a
			INSIST() failure. [RT #1034]
Andreas Gustafsson's avatar
Andreas Gustafsson committed
106
107
108

 936.	[func]		Warn about IPv4 addresses that are not complete
			dotted quads. [RT #1084]
109
110

 935.	[bug]		inet_pton failed to reject leading zeros.
111
112
113
114

 934.	[port]		Deal with systems where accept() spuriously returns
			ECONNRESET.

115
116
 933.	[bug]		configure failed doing libbind on platforms not
			supported by BIND 8.  [RT #1496]
117

118
119
	--- 9.2.0a3 released ---

120
121
122
123
 932.	[bug]		Use INSTALL_SCRIPT, not INSTALL_PROGRAM,
			when installing isc-config.sh.
			[RT #198, #1466]

124
 931.	[bug]		The controls statement only attempted to verify
125
			messages using the first key in the key list.
126
127
			(9.2.0a1/a2 only).

128
129
130
 930.	[func]		Query performance testing tool added as
			contrib/queryperf.

Mark Andrews's avatar
Mark Andrews committed
131
 929.	[placeholder]
132
133

 928.	[bug]		nsupdate would send empty update packets if the
134
			send (or empty line) command was run after
135
136
137
138
			another send but before any new updates or
			prerequisites were specified.  It should simply
			ignore this command.

139
140
 927.	[bug]		Don't hold the zone lock for the entire dump to disk.
			[RT #1423]
141

142
143
144
145
 926.	[bug]		The resolver could deadlock with the ADB when
			shutting down (multithreaded builds only).
			[RT #1324]

146
 925.	[cleanup]	Remove openssl from the distribution; require that
Andreas Gustafsson's avatar
Andreas Gustafsson committed
147
			--with-openssl be specified if DNSSEC is needed.
148

149
150
 924.	[port]		Extend support for pre-RFC2133 IPv6 implementation.
			[RT #987]
151

152
153
154
155
156
157
 923.	[bug]		Multiline TSIG secrets (and other multiline strings)
			were not accepted in named.conf. [RT #1469]

 922.	[func]		Added two new lwres_getrrsetbyname() result codes,
			ERR_NONAME and ERR_NODATA.

158
 921.	[bug]		lwres returned an incorrect error code if it received
Andreas Gustafsson's avatar
Andreas Gustafsson committed
159
			a truncated message.
160
161

 920.	[func]		Increase the lwres receive buffer size to 16K.
Andreas Gustafsson's avatar
Andreas Gustafsson committed
162
			[RT #1451]
163

Brian Wellington's avatar
Brian Wellington committed
164
165
 919.	[placeholder]

Andreas Gustafsson's avatar
Andreas Gustafsson committed
166
167
168
169
170
171
 918.	[func]		In nsupdate, TSIG errors are no longer treated as
			fatal errors.

 917.	[func]		New nsupdate command 'key', allowing TSIG keys to
			be specified in the nsupdate command stream rather
			than the command line.
172

173
 916.	[bug]		Specifying type ixfr to dig without specifying
Andreas Gustafsson's avatar
Andreas Gustafsson committed
174
			a serial number failed in unexpected ways.
175

176
177
178
179
 915.	[func]		The named-checkconf and named-checkzone programs
			now have a '-v' option for printing their version.
			[RT #1151]

Andreas Gustafsson's avatar
typo    
Andreas Gustafsson committed
180
 914.	[bug]		Global 'server' statements were rejected when
181
182
183
			using views, even though they were accepted
			in 9.1. [RT #1368]

184
185
 913.	[bug]		Cache cleaning was not sufficiently aggressive.
			[RT #1441, #1444]
186
187
188
189
190
191
192

 912.	[bug]		Attempts to set the 'additional-from-cache' or
			'additional-from-auth' option to 'no' in a
			server with recursion enabled will now
			be ignored and cause a warning message.
			[RT #1145]

Mark Andrews's avatar
Mark Andrews committed
193
194
 911.	[placeholder]

Mark Andrews's avatar
Mark Andrews committed
195
 910.	[port]		Some pre-RFC2133 IPv6 implementations do not define
Andreas Gustafsson's avatar
Andreas Gustafsson committed
196
			IN6ADDR_ANY_INIT. [RT #1416]
David Lawrence's avatar
David Lawrence committed
197

198
199
 908.	[func]		New program, rndc-confgen, to simplify setting up rndc.

200
201
202
203
204
 907.	[func]		The ability to get entropy from either the
			random device, a user-provided file or from
			the keyboard was migrated from the DNSSEC tools
			to libisc as isc_entropy_usebestsource().

205
206
207
208
 906.	[port]		Separated the system independent portion of
			lib/isc/unix/entropy.c into lib/isc/entropy.c
			and added lib/isc/win32/entropy.c.

209
210
211
 905.	[bug]		Configuring a forward "zone" for the root domain
			did not work. [RT #1418]

212
 904.	[bug]		The server would leak memory if attempting to use
Andreas Gustafsson's avatar
Andreas Gustafsson committed
213
			an expired TSIG key. [RT #1406]
214

Andreas Gustafsson's avatar
Andreas Gustafsson committed
215
 903.	[bug]		dig should not crash when receiving a TCP packet
Andreas Gustafsson's avatar
Andreas Gustafsson committed
216
			of length 0.
217

218
219
220
 902.	[bug]		The -d option was ignored if both -t and -g were also
			specified.

David Lawrence's avatar
David Lawrence committed
221
 901.	[placeholder]
222

223
 900.	[bug]		A config.guess update changed the system identification
David Lawrence's avatar
David Lawrence committed
224
225
226
			string of FreeBSD systems; configure and
			bin/tests/system/ifconfig.sh now recognize the new
			string. 
Andreas Gustafsson's avatar
Andreas Gustafsson committed
227

Andreas Gustafsson's avatar
Andreas Gustafsson committed
228
229
	--- 9.2.0a2 released ---

230
231
232
233
 899.	[bug]		lib/dns/soa.c failed to compile on many platforms
			due to inappropriate use of a void value.
			[RT #1372, #1373, #1386, #1387, #1395]

234
235
236
 898.	[bug]		"dig" failed to set a nonzero exit status
			on UDP query timeout. [RT #1323]

237
 897.	[bug]		A config.guess update changed the system identification
238
239
240
			string of UnixWare systems; configure now recognizes
			the new string.

241
242
243
244
245
246
 896.	[bug]		If a configuration file is set on named's command line
			and it has a relative pathname, the current directory
			(after any possible jailing resulting from named -t)
			will be prepended to it so that reloading works
			properly even when a directory option is present.

247
248
249
 895.	[func]		New function, isc_dir_current(), akin to POSIX's
			getcwd().

250
251
252
 894.	[bug]		When using the DNSSEC tools, a message intended to warn
			when the keyboard was being used because of the lack
			of a suitable random device was not being printed.
253

254
255
256
257
 893.	[func]		Removed isc_file_test() and added isc_file_exists()
			for the basic functionality that was being added
			with isc_file_test().

Andreas Gustafsson's avatar
Andreas Gustafsson committed
258
259
 892.	[placeholder]

260
 891.	[bug]		Return an error when a SIG(0) signed response to
Andreas Gustafsson's avatar
Andreas Gustafsson committed
261
			an unsigned query is seen.  This should actually
262
263
			do the verification, but it's not currently
			possible. [RT #1391]
264

265
266
 890.	[cleanup]	The man pages no longer require the mandoc macros
			and should now format cleanly using most versions of
Andreas Gustafsson's avatar
typo    
Andreas Gustafsson committed
267
			nroff, and HTML versions of the man pages have been
Andreas Gustafsson's avatar
Andreas Gustafsson committed
268
			added.	Both are generated from DocBook source.
269

270
271
272
273
 889.	[port]		Eliminated blank lines before .TH in nroff man
			pages since they cause problems with some versions
			of nroff. [RT #1390]

274
 888.	[bug]		Don't die when using TKEY to delete a nonexistent
Andreas Gustafsson's avatar
Andreas Gustafsson committed
275
			TSIG key. [RT #1392]
276

277
278
279
 887.	[port]		Detect broken compilers that can't call static
			functions from inline functions.  [RT #1212]

280
281
 866.	[func]		Close debug only file channels when debug is set to
			zero. [RT #1246]
282

283
284
285
286
 865.	[bug]		The new configuration parser did not allow
			the optional debug level in a "severity debug"
			clause of a logging channel to be omitted.
			This is now allowed and treated as "severity
Andreas Gustafsson's avatar
Andreas Gustafsson committed
287
			debug 1;" like it does in BIND 8.2.4, not as
288
289
290
			"severity debug 0;" like it did in BIND 9.1.
			[RT #1367]

291
292
293
 864.	[cleanup]	Multithreading is now enabled by default on
			OSF1, Solaris 2.7 and newer, AIX, IRIX, and HP-UX.

294
295
296
297
298
299
 863.	[bug]		If an error occurred while an outgoing zone transfer
			was starting up, the server could access a domain
			name that had already been freed when logging a
			message saying that the transfer was starting. 
			[RT #1383]

Mark Andrews's avatar
Mark Andrews committed
300
301
302
 862.	[bug]		Use after realloc(), non portable pointer arithmetic in
			grmerge().

303
 861.	[port]		Add support for Mac OS X, by making it equivalent
Andreas Gustafsson's avatar
Andreas Gustafsson committed
304
			to Darwin.  This was derived from the config.guess
305
306
			file shipped with Mac OS X. [RT #1355]

307
 860.	[func]		Drop cross class glue in zone transfers.
308
309
310
311
312
313
314
315
316
317
318
319

 859.	[bug]		Cache cleaning now won't swamp the CPU if there
			is a persistent overlimit condition.

 858.	[func]		isc_mem_setwater() no longer requires that when the
			callback function is non-NULL then its hi_water
			argument must be greater than its lo_water argument
			(they can now be equal) or that they be non-zero.

 857.	[cleanup]	Use ISC_MAGIC() to define all magic numbers for
			structs, for our friends in EBCDIC-land.

320
321
322
323
 856.	[func]		Allow partial rdatasets to be returned in answer and
			authority sections to help non-TCP capable clients
			recover from truncation.  [RT #1301]

324
325
 855.	[bug]		Stop spurious "using RFC 1035 TTL semantics" warnings.

326
 854.	[bug]		The config parser didn't properly handle config
Andreas Gustafsson's avatar
Andreas Gustafsson committed
327
			options that were specified in units of time other
328
329
			than seconds.  [RT #1372]

330
331
332
 853.	[bug]		configure_view_acl() failed to detach existing acls.
			[RT #1374]

333
 852.	[bug]		Handle responses from servers which do not know
334
335
			about IXFR.

336
 851.	[cleanup]	The obsolete support-ixfr option was not properly
Andreas Gustafsson's avatar
Andreas Gustafsson committed
337
			ignored.
338

339
340
	--- 9.2.0a1 released ---

341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
 850.	[bug]		dns_rbt_findnode() would not find nodes that were
			split on a bitstring label somewhere other than in
			the last label of the node. [RT #1351]

 849.	[func]		<isc/net.h> will ensure INADDR_LOOPBACK is defined.

 848.	[func]		A minimum max-cache-size of two megabytes is enforced
			by the cache cleaner.

 847.	[func]		Added isc_file_test(), which currently only has
			some very basic functionality to test for the
			existence of a file, whether a pathname is absolute,
			or whether a pathname is the fundamental representation
			of the current directory.  It is intended that this
			function can be expanded to test other things a
			programmer might want to know about a file.

Andreas Gustafsson's avatar
typo    
Andreas Gustafsson committed
358
 846.	[func]		A non-zero 'param' to dst_key_generate() when making an
359
360
361
362
363
364
365
			hmac-md5 key means that good entropy is not required.

 845.	[bug]		The access rights on the public file of a symmetric
			key are now restricted as soon as the file is opened,
			rather than after it has been written and closed.

 844.	[func]		<isc/net.h> will ensure INADDR_LOOPBACK is defined,
Andreas Gustafsson's avatar
Andreas Gustafsson committed
366
			just as <lwres/net.h> does.
367
368
369
370
371
372
373
374
375
376

 843.	[func]		If no controls statement is present in named.conf,
			or if any inet phrase of a controls statement is 
			lacking a keys clause, then a key will be automatically
			generated by named and an rndc.conf-style file
			named named.key will be written that uses it.  rndc
			will use this file only if its normal configuration
			file, or one provided on the command line, does not
			exist.

377
378
 842.	[func]		'rndc flush' now takes an optional view.

379
 841.	[bug]		When sdb modules were not declared threadsafe, their
Andreas Gustafsson's avatar
Andreas Gustafsson committed
380
			create and destroy functions were not serialized.
381

382
383
384
385
 840.	[bug]		The config file parser could print the wrong file
			name if an error was detected after an included file
			was parsed. [RT #1353]

386
 839.	[func]		Dump packets for which there was no view or that the
Mark Andrews's avatar
Redo:    
Mark Andrews committed
387
			class could not be determined to category "unmatched".
388

Mark Andrews's avatar
Mark Andrews committed
389
 838.	[port]		UnixWare 7.x.x is now suported by
390
			bin/tests/system/ifconfig.sh.
391
392

 837.	[cleanup]	Multithreading is now enabled by default only on
393
			OSF1, Solaris 2.7 and newer, and AIX.
394

395
 836.	[func]		Upgraded libtool to 1.4.
396

397
398
399
400
 835.	[bug]		The dispatcher could enter a busy loop if
			it got an I/O error receiving on a UDP socket.
			[RT #1293]

401
402
403
404
405
406
407
408
 834.	[func]		Accept (but warn about) master files beginning with
			an SOA record without an explicit TTL field and
			lacking a $TTL directive, by using the SOA MINTTL
			as a default TTL.  This is for backwards compatibility
			with old versions of BIND 8, which accepted such
			files without warning although they are illegal
			according to RFC1035.

409
410
411
412
 833.	[cleanup]	Moved dns_soa_*() from <dns/journal.h> to
			<dns/soa.h>, and extended them to support
			all the integer-valued fields of the SOA RR.

413
414
415
416
 832.	[bug]		The default location for named.conf in named-checkconf
			should depend on --sysconfdir like it does in named.
			[RT #1258]

Andreas Gustafsson's avatar
Andreas Gustafsson committed
417
418
 831.	[placeholder]

419
420
 830.	[func]		Implement 'rndc status'.

Bob Halley's avatar
Bob Halley committed
421
422
423
424
 829.	[bug]		The DNS_R_ZONECUT result code should only be returned
			when an ANY query is made with DNS_DBFIND_GLUEOK set.
			In all other ANY query cases, returning the delegation
			is better.
425

426
427
428
 828.	[bug]		The errno value from recvfrom() could be overwritten
			by logging code. [RT #1293]

429
430
431
432
433
 827.	[bug]		When an IXFR protocol error occurs, the slave
			should retry with AXFR.

 826.	[bug]		Some IXFR protocol errors were not detected.

434
 825.	[bug]		zone.c:ns_query() detached from the wrong zone
Andreas Gustafsson's avatar
Andreas Gustafsson committed
435
			reference. [RT #1264] 
436

437
 824.	[bug]		Correct line numbers reported by dns_master_load().
438
			[RT #1263]
439

440
441
442
 823.	[func]		The output of "dig -h" now goes to stdout so that it
			can easily be piped through "more". [RT #1254]

443
 822.	[bug]		Sending nxrrset prerequisites would crash nsupdate.
Andreas Gustafsson's avatar
Andreas Gustafsson committed
444
			[RT #1248]
445

446
 821.	[bug]		The program name used when logging to syslog should
Andreas Gustafsson's avatar
Andreas Gustafsson committed
447
			be stripped of leading path components.
448
449
			[RT #1178, #1232]

Andreas Gustafsson's avatar
Andreas Gustafsson committed
450
451
452
453
 820.	[bug]		Name server address lookups failed to follow
			A6 chains into the glue of local authoritative
			zones.

454
455
456
457
458
 819.	[bug]		In certain cases, the resolver's attempts to
			restart an address lookup at the root could cause
			the fetch to deadlock (with itself) instead of
			restarting. [RT #1225]

459
460
461
 818.	[bug]		Certain pathological responses to ANY queries could
			cause an assertion failure. [RT #1218]

462
 817.	[func]		Adjust timeouts for dialup zone queries.
Andreas Gustafsson's avatar
Andreas Gustafsson committed
463

464
 816.	[bug]		Report potential problems with log file accessibility
465
466
467
			at configuration time, since such problems can't
			reliably be reported at the time they actually occur.

468
469
470
 815.	[bug]		If a log file was specified with a path separator
			character (i.e. "/") in its name and the directory
			did not exist, the log file's name was treated as
Andreas Gustafsson's avatar
Andreas Gustafsson committed
471
			though it were the directory name. [RT #1189]
472

Andreas Gustafsson's avatar
   
Andreas Gustafsson committed
473
474
475
476
477
478
479
 814.	[bug]		Socket objects left over from accept() failures
			were incorrectly destroyed, causing corruption
			of socket manager data structures.

 813.	[bug]		File descriptors exceeding FD_SETSIZE were handled
			badly. [RT #1192]

480
481
482
 812.	[bug]		dig sometimes printed incomplete IXFR responses
			due to an uninitialized variable. [RT #1188]

Brian Wellington's avatar
Brian Wellington committed
483
 811.	[bug]		Parentheses were not quoted in zone dumps. [RT #1194]
484

485
 810.	[bug]		The signer name in SIG records was not properly
Andreas Gustafsson's avatar
Andreas Gustafsson committed
486
			downcased when signing/verifying records. [RT #1186]
487

488
 809.	[bug]		Configuring a non-local address as a transfer-source
Andreas Gustafsson's avatar
Andreas Gustafsson committed
489
			could cause an assertion failure during load.
490

491
492
 808.	[func]		Add 'rndc flush' to flush the server's cache.

Andreas Gustafsson's avatar
Andreas Gustafsson committed
493
494
495
 807.	[bug]		When setting up TCP connections for incoming zone
			transfers, the transfer-source port was not
			ignored like it should be.
496

Andreas Gustafsson's avatar
Andreas Gustafsson committed
497
 806.	[bug]		DNS_R_SEENINCLUDE was failing to propagate back up
Andreas Gustafsson's avatar
Andreas Gustafsson committed
498
			the calling stack to the zone maintence level, causing
Andreas Gustafsson's avatar
typo    
Andreas Gustafsson committed
499
			zones to not reload when an included file was touched
Andreas Gustafsson's avatar
Andreas Gustafsson committed
500
			but the top-level zone file was not.
501
502
503
504

 805.	[bug]		When using "forward only", missing root hints should
			not cause queries to fail. [RT #1143]

505
 804.	[bug]		Attempting to obtain entropy could fail in some
Andreas Gustafsson's avatar
Andreas Gustafsson committed
506
			situations.  This would be most common on systems
507
508
			with user-space threads. [RT #1131]

509
 803.	[bug]		Treat all SIG queries as if they have the CD bit set,
Andreas Gustafsson's avatar
Andreas Gustafsson committed
510
			otherwise no data will be returned [RT #749]
511

512
 802.	[bug]		DNSSEC key tags were computed incorrectly in almost
Andreas Gustafsson's avatar
Andreas Gustafsson committed
513
			all cases. [RT #1146]
514

515
 801.	[bug]		nsupdate should treat lines beginning with ';' as
Andreas Gustafsson's avatar
Andreas Gustafsson committed
516
			comments. [RT #1139]
517

518
 800.	[bug]		dnssec-signzone produced incorrect statistics for
Andreas Gustafsson's avatar
Andreas Gustafsson committed
519
			large zones. [RT #1133]
520

521
522
523
 799.	[bug]		The ADB didn't find AAAA glue in a zone unless A6
			glue was also present.

524
525
526
 798.	[bug]		nsupdate should be able to reject bad input lines
			and continue. [RT #1130]

527
 797.	[func]		Issue a warning if the 'directory' option contains
Andreas Gustafsson's avatar
Andreas Gustafsson committed
528
			a relative path. [RT #269]
529
530
531
532
533

 796.	[func]		When a size limit is associated with a log file,
			only roll it when the size is reached, not every
			time the log file is opened. [RT #1096]

534
535
 795.	[func]		Add the +multiline option to dig. [RT #1095]

536
 794.	[func]		Implement the "port" and "default-port" statements
Andreas Gustafsson's avatar
Andreas Gustafsson committed
537
			in rndc.conf.
538

539
 793.	[cleanup]	The DNSSEC tools could create filenames that were
Andreas Gustafsson's avatar
Andreas Gustafsson committed
540
			illegal or contained shell metacharacters.  They
541
542
543
			now use a different text encoding of names that
			doesn't have these problems. [RT #1101]

544
 792.	[cleanup]	Replace the OMAPI command channel protocol with a
Andreas Gustafsson's avatar
Andreas Gustafsson committed
545
			simpler one.
546

547
 791.	[bug]		The command channel now works over IPv6.
548

549
550
551
 790.	[bug]		Wildcards created using dynamic update or IXFR
			could fail to match. [RT #1111]

552
553
554
555
 789.	[bug]		The "localhost" and "localnets" ACLs did not match
			when used as the second element of a two-element
			sortlist item.

Andreas Gustafsson's avatar
Andreas Gustafsson committed
556
 788.	[func]		Add the "match-mapped-addresses" option, which
Andreas Gustafsson's avatar
Andreas Gustafsson committed
557
			causes IPv6 v4mapped addresses to be treated as
558
559
			IPv4 addresses for the purpose of acl matching.

Andreas Gustafsson's avatar
Andreas Gustafsson committed
560
561
 787.	[bug]		The DNSSEC tools failed to downcase domain
			names when mapping them into file names.
562

Andreas Gustafsson's avatar
Andreas Gustafsson committed
563
564
 786.	[bug]		When DNSSEC signing/verifying data, owner names were
			not properly downcased.
565

566
567
568
 785.	[bug]		A race condition in the resolver could cause
			an assertion failure. [RT #673, #872, #1048]

569
570
 784.	[bug]		nsupdate and other programs would not quit properly
			if some signals were blocked by the caller. [RT #1081]
571

572
573
574
575
 783.	[bug]		Following CNAMEs could cause an assertion failure
			when either using an sdb database or under very
			rare conditions.

Andreas Gustafsson's avatar
Andreas Gustafsson committed
576
 782.	[func]		Implement the "serial-query-rate" option.
577

578
579
580
 781.	[func]		Avoid error packet loops by dropping duplicate FORMERR
			responses. [RT #1006]

581
582
 780.	[bug]		Error handling code dealing with out of memory or
			other rare errors could lead to assertion failures
Andreas Gustafsson's avatar
Andreas Gustafsson committed
583
			by calling functions on unitialized names. [RT #1065]
584

Bob Halley's avatar
Bob Halley committed
585
 779.	[func]		Added the "minimal-responses" option.
586
587
588
589
590

 778.	[bug]		When starting cache cleaning, cleaning_timer_action()
			returned without first pausing the iterator, which
			could cause deadlock. [RT #998]

591
592
 777.	[bug]		An empty forwarders list in a zone failed to override
			global forwarders. [RT #995]
Brian Wellington's avatar
Brian Wellington committed
593

594
595
 776.	[func]		Improved error reporting in denied messages. [RT #252]

Brian Wellington's avatar
Brian Wellington committed
596
 775.	[placeholder]
597

598
599
600
601
602
 774.	[func]		max-cache-size is implemented.

 773.	[func]		Added isc_rwlock_trylock() to attempt to lock without
			blocking.

603
604
605
606
 772.	[bug]		Owner names could be incorrectly omitted from cache
			dumps in the presence of negative caching entries.
			[RT #991]

607
 771.	[cleanup]	TSIG errors related to unsynchronized clocks
Andreas Gustafsson's avatar
Andreas Gustafsson committed
608
			are logged better. [RT #919]
609

610
611
612
 770.	[func]		Add the "edns yes_or_no" statement to the server
			clause. [RT #524]

613
614
 769.	[func]		Improved error reporting when parsing rdata. [RT #740]

615
616
617
618
 768.	[bug]		The server did not emit an SOA when a CNAME
			or DNAME chain ended in NXDOMAIN in an
			authoritative zone.

Brian Wellington's avatar
Brian Wellington committed
619
 767.	[placeholder]
620

Bob Halley's avatar
Bob Halley committed
621
622
 766.	[bug]		A few cases in query_find() could leak fname.
			This would trigger the mpctx->allocated == 0
623
624
625
			assertion when the server exited.
			[RT #739, #776, #798, #812, #818, #821, #845,
			#892, #935, #966]
Bob Halley's avatar
Bob Halley committed
626

627
628
629
630
631
632
633
634
635
636
637
638
 765.	[func]		ACL names are once again case insensitive, like
			in BIND 8. [RT #252]

 764.	[func]		Configuration files now allow "include" directives
			in more places, such as inside the "view" statement.
			[RT #377, #728, #860]

 763.	[func]		Configuration files no longer have reserved words.
			[RT #731, #753]

 762.	[cleanup]	The named.conf and rndc.conf file parsers have
			been completely rewritten.
639

640
641
642
 761.	[bug]		_REENTRANT was still defined when building with
			--disable-threads.

643
644
 760.	[contrib]	Significant enhancements to the pgsql sdb driver.

Andreas Gustafsson's avatar
Andreas Gustafsson committed
645
646
647
648
649
650
651
652
653
654
 759.	[bug]		The resolver didn't turn off "avoid fetches" mode
			when restarting, possibly causing resolution
			to fail when it should not.  This bug only affected
			platforms which support both IPv4 and IPv6. [RT #927]

 758.	[bug]		The "avoid fetches" code did not treat negative
			cache entries correctly, causing fetches that would
			be useful to be avoided.  This bug only affected
			platforms which support both IPv4 and IPv6. [RT #927]

655
656
 757.	[func]		Log zone transfers.

657
658
659
 756.	[bug]		dns_zone_load() could "return" success when no master
			file was configured.

Andreas Gustafsson's avatar
Andreas Gustafsson committed
660
 755.	[bug]		Fix incorrectly formatted log messages in zone.c.
661

662
663
 754.	[bug]		Certain failure conditions sending UDP packets
			could cause the server to retry the transmission
664
665
			indefinitely. [RT #902]

666
667
668
 753.	[bug]		dig, host, and nslookup would fail to contact a
			remote server if getaddrinfo() returned an IPv6
			address on a system that doesn't support IPv6.
Brian Wellington's avatar
Brian Wellington committed
669
			[RT #917]
670

Andreas Gustafsson's avatar
Andreas Gustafsson committed
671
672
 752.	[func]		Correct bad tv_usec elements returned by
			gettimeofday().
673

Mark Andrews's avatar
Mark Andrews committed
674
 751.	[func]		Log successful zone loads / transfers.	[RT #898]
675

676
 750.	[bug]		A query should not match a DNAME whose trust level
Andreas Gustafsson's avatar
Andreas Gustafsson committed
677
			is pending. [RT #916]
678
679
680
681

 749.	[bug]		When a query matched a DNAME in a secure zone, the
			server did not return the signature of the DNAME.
			[RT #915]
682
683

 748.	[doc]		List supported RFCs in doc/misc/rfc-compliance.
Andreas Gustafsson's avatar
Andreas Gustafsson committed
684
			[RT #781]
685

686
687
 747.	[bug]		The code to determine whether an IXFR was possible
			did not properly check for a database that could
688
			not have a journal. [RT #865, #908]
689

690
691
692
 746.	[bug]		The sdb didn't clone rdatasets properly, causing
			a crash when the server followed delegations. [RT #905]

Andreas Gustafsson's avatar
Andreas Gustafsson committed
693
 745.	[func]		Report the owner name of records that fail
Mark Andrews's avatar
Mark Andrews committed
694
			semantic checks while loading.
695

696
697
698
 744.	[bug]		When returning DNS_R_CNAME or DNS_R_DNAME as the
			result of an ANY or SIG query, the resolver failed
			to setup the return event's rdatasets, causing an
Andreas Gustafsson's avatar
Andreas Gustafsson committed
699
			assertion failure in the query code. [RT #881]
700

701
702
 743.	[bug]		Receiving a large number of certain malformed
			answers could cause named to stop responding.
Andreas Gustafsson's avatar
Andreas Gustafsson committed
703
			[RT #861]
704

Brian Wellington's avatar
Brian Wellington committed
705
706
 742.	[placeholder]

707
708
 741.	[port]		Support openssl-engine. [RT #709]

709
710
 740.	[port]		Handle openssl library mismatches slightly better.

711
712
713
714
 739.	[port]		Look for /dev/random in configure, rather than
			assuming it will be there for only a predefined
			set of OSes.

715
716
 738.	[bug]		If a non-threadsafe sdb driver supported AXFR and
			received an AXFR request, it would deadlock or die
717
			with an assertion failure. [RT #852]
718

Andreas Gustafsson's avatar
Andreas Gustafsson committed
719
 737.	[port]		stdtime.c failed to compile on certain platforms.
720
721
722

 736.	[func]		New functions isc_task_{begin,end}exclusive().

723
 735.	[doc]		Add BIND 4 migration notes.
724

725
 734.	[bug]		An attempt to re-lock the zone lock could occur if
Mark Andrews's avatar
Mark Andrews committed
726
727
			the server was shutdown during a zone tranfer.
			[RT #830]
728
729

 733.	[bug]		Reference counts of dns_acl_t objects need to be
730
			locked but were not. [RT #801, #821]
731

Andreas Gustafsson's avatar
Andreas Gustafsson committed
732
 732.	[bug]		Glue with 0 TTL could also cause SERVFAIL. [RT #828]
Bob Halley's avatar
Bob Halley committed
733

Brian Wellington's avatar
Brian Wellington committed
734
 731.	[bug]		Certain zone errors could cause named-checkzone to
Andreas Gustafsson's avatar
Andreas Gustafsson committed
735
			fail ungracefully. [RT #819]
736
737
738
739

 730.	[bug]		lwres_getaddrinfo() returns the correct result when
			it fails to contact a server. [RT #768]

740
741
 729.	[port]		pthread_setconcurrency() needs to be called on Solaris.

742
743
 728.	[bug]		Fix comment processing on master file directives.
			[RT# 757]
744

745
746
747
748
749
 727.	[port]		Work around OS bug where accept() succeeds but
			fails to fill in the peer address of the accepted
			connection, by treating it as an error rather than
			an assertion failure. [RT #809]

750
751
 726.	[func]		Implement the "trace" and "notrace" commands in rndc.

752
753
 725.	[bug]		Installing man pages could fail.

754
755
756
 724.	[func]		New libisc functions isc_netaddr_any(),
			isc_netaddr_any6().

757
 723.	[bug]		Referrals whose NS RRs had a 0 TTL caused the resolver
Andreas Gustafsson's avatar
Andreas Gustafsson committed
758
			to return DNS_R_SERVFAIL. [RT #783]
759
760

 722.	[func]		Allow incremental loads to be canceled.
761
762
763

 721.	[cleanup]	Load manager and dns_master_loadfilequota() are no
			more.
764
765
766
767

 720.	[bug]		Server could enter infinite loop in
			dispatch.c:do_cancel(). [RT #733]

768
 719.	[bug]		Rapid reloads could trigger an assertion failure.
Andreas Gustafsson's avatar
Andreas Gustafsson committed
769
			[RT #743, #763]
770
771
772
773

 718.	[cleanup]	"internal" is no longer a reserved word in named.conf.
			[RT #753, #731]

774
775
776
777
 717.	[bug]		Certain TKEY processing failure modes could
			reference an uninitialized variable, causing the
			server to crash. [RT #750]

778
 716.	[bug]		The first line of a $INCLUDE master file was lost if
Andreas Gustafsson's avatar
grammar    
Andreas Gustafsson committed
779
			an origin was specified. [RT #744]
780
781
782
783

 715.	[bug]		Resolving some A6 chains could cause an assertion
			failure in adb.c. [RT #738]

784
785
786
 714.	[bug]		Preserve interval timers across reloads unless changed.
			[RT# 729]

787
788
 713.	[func]		named-checkconf takes '-t directory' similar to named.
			[RT #726]
Andreas Gustafsson's avatar
grammar    
Andreas Gustafsson committed
789

790
791
792
 712.	[bug]		Sending a large signed update message caused an
			assertion failure. [RT #718]

793
794
795
 711.	[bug]		The libisc and liblwres implementations of
			inet_ntop contained an off by one error.

Andreas Gustafsson's avatar
Andreas Gustafsson committed
796
797
 710.	[func]		The forwarders statement now takes an optional
			port. [RT #418]
798

799
800
801
 709.	[bug]		ANY or SIG queries for data with a TTL of 0
			would return SERVFAIL. [RT #620]

802
 708.	[bug]		When building with --with-openssl, the openssl headers
Andreas Gustafsson's avatar
Andreas Gustafsson committed
803
			included with BIND 9 should not be used. [RT #702]
804

805
 707.	[func]		The "filename" argument to named-checkzone is no
Andreas Gustafsson's avatar
typo    
Andreas Gustafsson committed
806
			longer optional, to reduce confusion. [RT #612]
807

808
809
 706.	[bug]		Zones with an explicit "allow-update { none; };"
			were considered dynamic and therefore not reloaded
Andreas Gustafsson's avatar
typo    
Andreas Gustafsson committed
810
			on SIGHUP or "rndc reload".
811

Andreas Gustafsson's avatar
grammar    
Andreas Gustafsson committed
812
 705.	[port]		Work out resource limit type for use where rlim_t is
813
814
			not available. [RT #695]

Mark Andrews's avatar
Mark Andrews committed
815
 704.	[port]		RLIMIT_NOFILE is not available on all platforms.
816
817
			[RT #695]

818
 703.	[port]		sys/select.h is needed on older platforms. [RT #695]
819

820
821
822
 702.	[func]		If the address 0.0.0.0 is seen in resolv.conf,
			use 127.0.0.1 instead. [RT #693]

823
824
 701.	[func]		Root hints are now fully optional.  Class IN
			views use compiled-in hints by default, as
Andreas Gustafsson's avatar
Andreas Gustafsson committed
825
			before.	 Non-IN views with no root hints now
826
827
828
829
			provide authoritative service but not recursion.
			A warning is logged if a view has neither root
			hints nor authoritative data for the root. [RT #696]

830
 700.	[bug]		$GENERATE range check was wrong. [RT #688]
831

832
833
 699.	[bug]		The lexer mishandled empty quoted strings. [RT #694]

834
835
836
 698.	[bug]		Aborting nsupdate with ^C would lead to several
			race conditions.

837
838
839
840
 697.	[bug]		nsupdate was not compatible with the undocumented
			BIND 8 behavior of ignoring TTLs in "update delete"
			commands. [RT #693]

841
 696.	[bug]		lwresd would die with an assertion failure when passed
Andreas Gustafsson's avatar
Andreas Gustafsson committed
842
			a zero-length name. [RT #692]
843

844
845
846
 695.	[bug]		If the resolver attempted to query a blackholed or
			bogus server, the resolution would fail immediately.

847
848
 694.	[bug]		$GENERATE did not produce the last entry.
			[RT #682, #683]
849

850
851
852
 693.	[bug]		An empty lwres statement in named.conf caused
			the server to crash while loading.

853
854
855
 692.	[bug]		Deal with systems that have getaddrinfo() but not
			gai_strerror(). [RT #679]

856
 691.	[bug]		Configuring per-view forwarders caused an assertion
Andreas Gustafsson's avatar
Andreas Gustafsson committed
857
			failure. [RT #675, #734]
858

859
860
 690.	[func]		$GENERATE now supports DNAME. [RT #654]

861
862
 689.	[doc]		man pages are now installed. [RT #210]

Bob Halley's avatar
Bob Halley committed
863
864
 688.	[func]		"make tags" now works on systems with the
			"Exuberant Ctags" etags.
865

866
 687.	[bug]		Only say we have IPv6, with sufficent functionality,
Andreas Gustafsson's avatar
Andreas Gustafsson committed
867
			if it has actually been tested. [RT #586]
Andreas Gustafsson's avatar
style    
Andreas Gustafsson committed
868

869
870
871
 686.	[bug]		dig and nslookup can now be properly aborted during
			blocking operations. [RT #568]

Andreas Gustafsson's avatar
style    
Andreas Gustafsson committed
872
 685.	[bug]		nslookup should use the search list/domain options
873
			from resolv.conf by default. [RT #405, #630]
874

Andreas Gustafsson's avatar
style    
Andreas Gustafsson committed
875
 684.	[bug]		Memory leak with view forwarders. [RT #656]
876

Andreas Gustafsson's avatar
style    
Andreas Gustafsson committed
877
 683.	[bug]		File descriptor leak in isc_lex_openfile().
878

Mark Andrews's avatar
Mark Andrews committed
879
 682.	[bug]		nslookup displayed SOA records incorrectly. [RT #665]
880

Andreas Gustafsson's avatar
style    
Andreas Gustafsson committed
881
 681.	[bug]		$GENERATE specifying output format was broken. [RT #653]
882

Andreas Gustafsson's avatar
style    
Andreas Gustafsson committed
883
 680.	[bug]		dns_rdata_fromstruct() mishandled options bigger
884
885
			than 255 octets.

886
887
888
 679.	[bug]		$INCLUDE could leak memory and file descriptors on
			reload. [RT #639]

Andreas Gustafsson's avatar
typo    
Andreas Gustafsson committed
889
 678.	[bug]		"transfer-format one-answer;" could trigger an assertion
890
			failure. [RT #646]
891

892
893
894
 677.	[bug]		dnssec-signzone would occasionally use the wrong ttl
			for database operations and fail. [RT #643]

895
896
897
898
 676.	[bug]		Log messages about lame servers to category
			'lame-servers' rather than 'resolver', so as not
			to be gratuitously incompatible with BIND 8.

Brian Wellington's avatar
Brian Wellington committed
899
 675.	[bug]		TKEY queries could cause the server to leak
900
901
			memory.

902
903
 674.	[func]		Allow messages to be TSIG signed / verified using
			a offset from the current time.
904
905
906
907
908

 673.	[func]		The server can now convert RFC1886-style recursive
			lookup requests into RFC2874-style lookups, when 
			enabled using the new option "allow-v6-synthesis".

909
910
911
 672.	[bug]		The wrong time was in the "time signed" field when
			replying with BADTIME error.

912
913
914
 671.	[bug]		The message code was failing to parse a message with
			no question section and a TSIG record. [RT #628]

915
916
917
918
 670.	[bug]		The lwres replacements for getaddrinfo and
			getipnodebyname didn't properly check for the
			existence of the sockaddr sa_len field.

919
 669.	[bug]		dnssec-keygen now makes the public key file
920
921
			non-world-readable for symmetric keys. [RT #403]

922
923
924
 668.	[func]		named-checkzone now reports multiple errors in master
			files.

925
926
927
928
 667.	[bug]		On Linux, running named with the -u option and a
			non-world-readable configuration file didn't work.
			[RT #626]

Brian Wellington's avatar
Brian Wellington committed
929
930
 666.	[bug]		If a request sent by dig is longer than 512 bytes,
			use TCP.
931

932
933
934
 665.	[bug]		Signed responses were not sent when the size of the
			TSIG + question exceeded the maximum message size.
			[RT #628]
935

936
937
938
939
 664.	[bug]		The t_tasks and t_timers module tests are now skipped
			when building without threads, since they require
			threads.

940
941
942
943
944
 663.	[func]		Accept a size_spec, not just an integer, in the
			(unimplemented and ignored) max-ixfr-log-size option
			for compatibility with recent versions of BIND 8.
			[RT #613]

945
 662.	[bug]		dns_rdata_fromtext() failed to log certain errors.
946

947
948
 661.	[bug]		Certain UDP IXFR requests caused an assertion failure
			(mpctx->allocated == 0). [RT #355, #394, #623]
949

950
951
 660.	[port]		Detect multiple CPUs on HP-UX and IRIX.

952
953
954
955
 659.	[performance]	Rewrite the name compression code to be much faster.

 658.	[cleanup]	Remove all vestiges of 16 bit global compression.

956
 657.	[bug]		When a listen-on statement in an lwres block does not
Brian Wellington's avatar
Brian Wellington committed
957
			specify a port, use 921, not 53.  Also update the
958
959
			listen-on documentation. [RT #616]

960
961
962
963
 656.	[func]		Treat an unescaped newline in a quoted string as
			an error.  This means that TXT records with missing
			close quotes should have meaningful errors printed.

964
965
966
 655.	[bug]		Improve error reporting on unexpected eof when loading
			zones. [RT #611]

967
 654.	[bug]		Origin was being forgotten in TCP retries in dig.
968
			[RT #574]
969

Mark Andrews's avatar
Mark Andrews committed
970
 653.	[bug]		+defname option in dig was reversed in sense.
971
			[RT #549]
972

973
974
 652.	[bug]		zone_saveunique() did not report the new name.

975
976
977
 651.	[func]		The AD bit in responses now has the meaning
			specified in <draft-ietf-dnsext-ad-is-secure>.

978
979
980
 650.	[bug]		SIG(0) records were being generated and verified
			incorrectly. [RT #606]

981
982
983
984
985
986
987
 649.	[bug]		It was possible to join to an already running fctx
			after it had "cloned" its events, but before it sent
			them.  In this case, the event of the newly joined
			fetch would not contain the answer, and would
			trigger the INSIST() in fctx_sendevents().  In
			BIND 9.0, this bug did not trigger an INSIST(), but
			caused the fetch to fail with a SERVFAIL result.
988
			[RT #588, #597, #605, #607]
989

990
 648.	[port]		Add support for pre-RFC2133 IPv6 implementations.
991

992
993
994
995
996
 647.	[bug]		Resolver queries sent after following multiple
			referrals had excessively long retransmission
			timeouts due to incorrectly counting the referrals
			as "restarts".

997
998
999
 646.	[bug]		The UnixWare ISC_PLATFORM_FIXIN6INADDR fix in isc/net.h
			didn't _cleanly_ fix the problem it was trying to fix.

1000
1001
1002
 645.	[port]		BSD/OS 3.0 needs pthread_init(). [RT #603]

 644.	[bug]		#622 needed more work. [RT #562]
1003

1004
 643.	[bug]		xfrin error messages made more verbose, added class
Andreas Gustafsson's avatar
Andreas Gustafsson committed
1005
			of the zone. [RT# 599]
1006

1007
1008
1009
 642.	[bug]		Break the exit_check() race in the zone module.
			[RT #598]

1010
1011
	--- 9.1.0b2 released ---

1012
1013
 641.	[bug]		$GENERATE caused a uninitialized link to be used.
			[RT #595]
1014

1015
1016
 640.	[bug]		Memory leak in error path could cause
			"mpctx->allocated == 0" failure. [RT #584]
1017

1018
1019
1020
 639.	[bug]		Reading entropy from the keyboard would sometimes fail.
			[RT #591]

1021
1022
1023
 638.	[port]		lib/isc/random.c needed to explicitly include time.h
			to get a prototype for time() when pthreads was not
			being used. [RT #592]
1024

1025
1026
1027
1028
1029
 637.	[port]		Use isc_u?int64_t instead of (unsigned) long long in
			lib/isc/print.c.  Also allow lib/isc/print.c to
			be compiled even if the platform does not need it.
			[RT #592]

1030
1031
1032
 636.	[port]		Shut up MSVC++ about a possible loss of precision
			in the ISC__BUFFER_PUTUINT*() macros. [RT #592]

1033
1034
1035
 635.	[bug]		Reloading a server with a configured blackhole list
			would cause an assertion. [RT #590]

1036
1037
1038
1039
 634.	[bug]		A log file will completely stop being written when
			it reaches the maximum size in all cases, not just
			when versioning is also enabled. [RT #570]