CHANGES 196 KB
Newer Older
1
1879.	[func]		Added framework for handling multiple EDNS versions.
2
			[RT #14873]
3 4

1878.	[func]		dig can now specify the EDNS version when making
5
			a query. [RT #14873]
6

7 8
1868.	[func]		edns-udp-size can now be overridden on a per
			server basis. [RT #14851]
Mark Andrews's avatar
Mark Andrews committed
9

10 11
1867.	[bug]		It was possible to trigger a INSIST in
			dlv_validatezonekey(). [RT #14846]
Mark Andrews's avatar
Mark Andrews committed
12

13 14
1866.	[bug]		resolv.conf parse errors were being ignored by
			dig/host/nslookup. [RT #14841]
Mark Andrews's avatar
Mark Andrews committed
15

16 17
1865.	[bug]		Silently ignore nameservers in /etc/resolv.conf with
			bad addresses. [RT #14841]
Mark Andrews's avatar
Mark Andrews committed
18

19 20 21
1864.	[bug]		Don't try the alternative transfer source if you
			got a answer / transfer with the main source
			address. [RT #14802]
Mark Andrews's avatar
Mark Andrews committed
22

23 24
1863.	[bug]		rrset-order "fixed" error messages not complete.

25 26 27 28 29 30 31
1862.	[func]		Add additional zone data constancy checks.
			named-checkzone has extended checking of NS, MX and 
			SRV record and the hosts they reference.
			named has extended post zone load checks.
			New zone options: check-mx and integrity-check. 
			[RT #4940]

Mark Andrews's avatar
Mark Andrews committed
32 33
1861.	[placeholder]	rt14801

Mark Andrews's avatar
Mark Andrews committed
34 35
1860.	[placeholder]	rt14775

36
1859.	[func]		Add support for CH A record. [RT #14695]
Mark Andrews's avatar
Mark Andrews committed
37

38 39 40
1858.	[bug]		The flush-zones-on-shutdown option wasn't being
			parsed. [RT #14686]

Mark Andrews's avatar
Mark Andrews committed
41 42
1857.	[placeholder]	rt14673

Rob Austein's avatar
regen  
Rob Austein committed
43 44 45
1856.	[doc]		Switch Docbook toolchain from DSSSL to XSL.
			[RT #11398]

Mark Andrews's avatar
Mark Andrews committed
46 47
1855.	[placeholder]	rt14616

48 49 50
1854.	[bug]		lwres also needs to know the print format for
			(long long).  [RT #13754]

51 52 53
1853.	[bug]		Rework how DLV interacts with proveunsecure().
			[RT #13605]

54 55 56
1852.	[cleanup]	Remove last vestiges of dnssec-signkey and
			dnssec-makekeyset (removed from Makefile years ago).

57 58
1851.	[doc]		Doxygen comment markup. [RT #11398]

59 60
1850.	[bug]		Memory leak in lwres_getipnodebyaddr(). [RT #14591]

61 62 63
1849.	[doc]		All forms of the man pages (docbook, man, html) should
			have consistant copyright dates.

64 65
1848.	[bug]		Improve SMF integration. [RT #13238]

66
1847.	[bug]		isc_ondestroy_init() is called too late in
Mark Andrews's avatar
Mark Andrews committed
67
			dns_rbtdb_create()/dns_rbtdb64_create(). 
68 69
			[RT #13661]
			
70 71 72
1846.	[contrib]	query-loc-0.3.0 from Stephane Bortzmeyer
			<bortzmeyer@nic.fr>.

73 74 75
1845.	[bug]		Improve error reporting to distingish between
			accept()/fcntl() and socket()/fcntl() errors.
			[RT #13745]
Mark Andrews's avatar
Mark Andrews committed
76

77 78 79 80 81 82
1844.	[bug]		inet_pton() accepted more that 4 hexadecimal digits
			for each 16 bit piece of the IPv6 address.  The text
			representation of a IPv6 address has been tighted
			to disallow this (draft-ietf-ipv6-addr-arch-v4-02.txt).
			[RT #5662]

83 84 85 86 87
1843.	[cleanup]	CINCLUDES takes precedence over CFLAGS.  This helps
			when CFLAGS contains "-I /usr/local/include"
			resulting in old header files being used.

1842.	[port]		cmsg_len() could produce incorrect results on
88 89
			some platform. [RT #13744]

90 91
1841.	[bug]		"dig +nssearch" now makes a recursive query to
			find the list of nameservers to query. [RT #13694]
Mark Andrews's avatar
Mark Andrews committed
92

Mark Andrews's avatar
Mark Andrews committed
93
1840.	[func]		dnssec-signzone can now randomize signature end times
94 95
			(dnssec-signzone -j jitter). [RT #13609]

96 97
1839.	[bug]		<isc/hash.h> was not being installed.

98 99
1838.	[cleanup]	Don't allow Linux capabilities to be inherited.
			[RT #13707]
Mark Andrews's avatar
Mark Andrews committed
100

101 102
1837.	[bug]		Compile time option ISC_FACILITY was not effective
			for 'named -u <user>'.  [RT #13714]
Mark Andrews's avatar
Mark Andrews committed
103

104 105
1836.	[cleanup]	Silence compiler warnings in hash_test.c.

106 107
1835.	[bug]		Update dnssec-signzone's usage message. [RT #13657]

108 109
1834.	[bug]		Bad memset in rdata_test.c. [RT #13658]

110 111
1833.	[bug]		Race condition in isc_mutex_lock_profile(). [RT #13660]

112 113 114
1832.	[bug]		named fails to return BADKEY on unknown TSIG algorithm.
			[RT #13620]

115 116
1831.	[doc]		Update named-checkzone documentation. [RT#13604]

117 118
1830.	[bug]		adb lame cache has sence of test reversed. [RT #13600]

119 120
1829.	[bug]		win32: "pid-file none;" broken. [RT #13563]

121 122 123
1828.	[bug]		isc_rwlock_init() failed to properly cleanup if it
			encountered a error. [RT #13549]

124 125
1827.	[bug]		host: update usage message for '-a'. [RT #37116]

126 127 128 129 130
1826.	[bug]		Missing DESTROYLOCK() in isc_mem_createx() on out
			of memory error. [RT #13537]

1825.	[bug]		Missing UNLOCK() on out of memory error from in
			rbtdb.c:subtractrdataset(). [RT #13519]
131

132 133 134
1824.	[bug]		Memory leak on dns_zone_setdbtype() failure.
			[RT #13510]

135 136 137
1823.	[bug]		Wrong macro used to check for point to point interface.
			[RT#13418]

138 139
1822.	[bug]		check-names test for RT was reversed. [RT #13382]

Mark Andrews's avatar
Mark Andrews committed
140 141
1821.	[placeholder]

142
1820.	[bug]		Gracefully handle acl loops. [RT #13659]
Mark Andrews's avatar
Mark Andrews committed
143

144 145 146 147
1819.	[bug]		The validator needed to check both the algorithm and
			digest types of the DS to determine if it could be
			used to introduce a secure zone. [RT #13593]

148 149
1818.	[bug]		'named-checkconf -z' triggered an INSIST. [RT #13599]

150 151
1817.	[placeholder]	rt13587

152 153
1816.	[port]		UnixWare: failed to compile lib/isc/unix/net.c.
			[RT #13597]
Mark Andrews's avatar
Mark Andrews committed
154

155 156 157
1815.	[bug]		nsupdate triggered a REQUIRE if the server was set
			without also setting the zone and it encountered
			a CNAME and was using TSIG.  [RT #13086]
Mark Andrews's avatar
Mark Andrews committed
158

159
1814.	[func]		UNIX domain controls are now supported.
Mark Andrews's avatar
Mark Andrews committed
160

161 162 163 164 165 166
1813.	[func]		Restructured the data locking framework using
			architecture dependent atomic operations (when
			available), improving response performance on
			multi-processor machines significantly.
			x86, x86_64, alpha, and sparc64 are currently
			supported.
167

168 169 170
1812.	[port]		win32: IN6_IS_ADDR_UNSPECIFIED macro is incorrect.
			[RT #13453]

171 172
1811.	[func]		Preserve the case of domain names in rdata during
			zone transfers. [RT #13547]
Mark Andrews's avatar
Mark Andrews committed
173

174 175 176
1810.	[bug]		configure, lib/bind/configure make different default
			decisions about whether to do a threaded build.
			[RT #13212]
Mark Andrews's avatar
Mark Andrews committed
177

178 179
1809.	[bug]		"make distclean" failed for libbind if the platform
			is not supported.
Mark Andrews's avatar
Mark Andrews committed
180

181 182
1808.	[bug]		zone.c:notify_zone() contained a race condition,
			zone->db could change underneath it.  [RT #13511]
Mark Andrews's avatar
Mark Andrews committed
183

184 185
1807.	[bug]		When forwarding (forward only) set the active domain
			from the forward zone name. [RT #13526]
Mark Andrews's avatar
Mark Andrews committed
186

187 188 189
1806.	[bug]		The resolver returned the wrong result when a CNAME /
			DNAME was encountered when fetching glue from a
			secure namespace. [RT #13501]
Mark Andrews's avatar
Mark Andrews committed
190

191 192
1805.	[bug]		Pending status was not being cleared when DLV was
			active. [RT #13501]
Mark Andrews's avatar
Mark Andrews committed
193

194 195 196
1804.	[bug]		Ensure that if we are queried for glue that it fits
			in the additional section or TC is set to tell the
			client to retry using TCP. [RT #10114]
Mark Andrews's avatar
Mark Andrews committed
197

198 199
1803.	[bug]		dnssec-signzone sometimes failed to remove old
			RRSIGs. [RT #13483]
Mark Andrews's avatar
Mark Andrews committed
200

201
1802.	[bug]		Handle connection resets better. [RT #11280]
Mark Andrews's avatar
Mark Andrews committed
202

203 204
1801.	[func]		Report differences between hints and real NS rrset
			and associated address records.
Mark Andrews's avatar
Mark Andrews committed
205

206 207 208
1800.	[bug]		Changes #1719 allowed a INSIST to be triggered.
			[RT #13428]

209 210
1799.	[bug]		'rndc flushname' failed to flush negative cache
			entries. [RT #13438]
Mark Andrews's avatar
Mark Andrews committed
211

212 213
1798.	[func]		The server syntax has been extended to support a
			range of servers.  [RT #11132]
Mark Andrews's avatar
Mark Andrews committed
214

215 216 217
1797.	[func]		named-checkconf now check acls to verify that they
			only refer to existing acls. [RT #13101]

218
1796.	[func]		"rndc freeze/thaw" now freezes/thaws all zones.
Mark Andrews's avatar
Mark Andrews committed
219

Mark Andrews's avatar
Mark Andrews committed
220
1795.	[bug]		"rndc dumpdb" was not fully documented.  Minor
221
			formating issues with "rndc dumpdb -all".  [RT #13396]
Mark Andrews's avatar
Mark Andrews committed
222

223 224
1794.	[func]		Named and named-checkzone can now both check for
			non-terminal wildcard records.
Mark Andrews's avatar
Mark Andrews committed
225

226
1793.	[func]		Extend adjusting TTL warning messages. [RT #13378]
Mark Andrews's avatar
Mark Andrews committed
227

228 229
1792.	[func]		New zone option "notify-delay".  Specify a minimum
			delay between sets of NOTIFY messages.
Mark Andrews's avatar
Mark Andrews committed
230

231 232
1791.	[bug]		'host -t a' still printed out AAAA and MX records.
			[RT #13230]
Mark Andrews's avatar
Mark Andrews committed
233

234 235 236
1790.	[cleanup]	Move lib/dns/sec/dst up into lib/dns.  This should
			allow parallel make to succeed.

237 238 239
1789.	[bug]		Prerequisite test for tkey and dnssec could fail
			with "configure --with-libtool".

240 241 242
1788.	[bug]		libbind9.la/libbind9.so needs to link against
			libisccfg.la/libisccfg.so.

243 244
1787.	[port]		HPUX: both "cc" and "gcc" need -Wl,+vnocompatwarnings.

245 246 247 248
1786.	[port]		AIX: libt_api needs to be taught to look for
			T_testlist in the main executable (--with-libtool).
			[RT #13239]

249 250 251
1785.	[bug]		libbind9.la/libbind9.so needs to link against
			libisc.la/libisc.so.

252 253 254 255
1784.	[cleanup]	"libtool -allow-undefined" is the default.
			Leave hooks in configure to allow it to be set
			if needed in the future.

256 257 258
1783.	[cleanup]	We only need one copy of libtool.m4, ltmain.sh in the
			source tree.

259 260
1782.	[port]		OSX: --with-libtool + --enable-libbind broke on
			__evOptMonoTime.  [RT #13219]
Mark Andrews's avatar
Mark Andrews committed
261

262
1781.	[port]		FreeBSD 5.3: set PTHREAD_SCOPE_SYSTEM. [RT #12810]
Mark Andrews's avatar
Mark Andrews committed
263

264 265
1780.	[bug]		Update libtool to 1.5.10.

266 267
1779.	[port]		OSF 5.1: libtool didn't handle -pthread correctly.

268 269 270
1778.   [port]   	HUX 11.11: fix broken IN6ADDR_ANY_INIT and
			IN6ADDR_LOOPBACK_INIT macros.

271 272
1777.   [port]   	OSF 5.1: fix broken IN6ADDR_ANY_INIT and
			IN6ADDR_LOOPBACK_INIT macros.
273

274 275
1776.   [port]   	Solaris 2.9: fix broken IN6ADDR_ANY_INIT and
                        IN6ADDR_LOOPBACK_INIT macros.
Mark Andrews's avatar
Mark Andrews committed
276

277 278
1775.	[bug]		Only compile getnetent_r.c when threaded. [RT #13205]

279 280
1774.	[port]		Aix: Silence compiler warnings / build failures.
			[RT #13154]
Mark Andrews's avatar
Mark Andrews committed
281

282
1773.	[bug]		Fast retry on host / net unreachable. [RT #13153]
Mark Andrews's avatar
Mark Andrews committed
283

Mark Andrews's avatar
Mark Andrews committed
284 285
1772.	[placeholder]

Mark Andrews's avatar
Mark Andrews committed
286 287
1771.	[placeholder]

288 289 290
1770.	[bug]		named-checkconf failed to report missing a missing
			file clause for rbt{64} master/hint zones. [RT#13009]

291 292 293
1769.	[port]		win32: change compiler flags /MTd ==> /MDd,
			/MT ==> /MD.

294 295 296
1768.	[bug]		nsecnoexistnodata() could be called with a non-NSEC
			rdataset. [RT #12907]

297 298
1767.	[port]		Builds on IPv6 platforms without IPv6 Advanced API
			support for (struct in6_pktinfo) failed.  [RT #13077]
Mark Andrews's avatar
Mark Andrews committed
299

300 301
1766.	[bug]		Update the master file timestamp on successful refresh
			as well as the journal's timestamp. [RT# 13062]
Mark Andrews's avatar
Mark Andrews committed
302

303 304
1765.	[bug]		configure --with-openssl=auto failed. [RT #12937]

305 306 307
1764.	[bug]		dns_zone_replacedb failed to emit a error message
			if there was no SOA record in the replacment db.
			[RT #13016]
Mark Andrews's avatar
Mark Andrews committed
308

309 310
1763.	[func]		Perform sanity checks on NS records which refer to
			'in zone' names. [RT #13002]
Mark Andrews's avatar
Mark Andrews committed
311

312 313
1762.	[bug]		isc_interfaceiter_create() could return ISC_R_SUCCESS
			even when it failed. [RT #12995]
Mark Andrews's avatar
Mark Andrews committed
314

315 316
1761.	[bug]		'rndc dumpdb' didn't report unassociated entries.
			[RT #12971]
Mark Andrews's avatar
Mark Andrews committed
317

318 319
1760.	[bug]		Host / net unreachable was not penalising rtt
			estimates. [RT #12970]
Mark Andrews's avatar
Mark Andrews committed
320

321 322
1759.	[bug]		Named failed to startup if the OS supported IPv6
			but had no IPv6 interfaces configured. [RT #12942]
Mark Andrews's avatar
Mark Andrews committed
323

324
1758.	[func]		Don't send notify messages to self. [RT #12933]
Mark Andrews's avatar
Mark Andrews committed
325

326
1757.	[func]		host now can turn on memory debugging flags with '-m'.
Mark Andrews's avatar
Mark Andrews committed
327

328 329
1756.	[func]		named-checkconf now checks the logging configuration.
			[RT #12352]
Mark Andrews's avatar
Mark Andrews committed
330

331 332
1755.	[func]		allow-update is now settable at the options / view
			level. [RT #6636]
Mark Andrews's avatar
Mark Andrews committed
333

334 335 336
1754.	[bug]		We wern't always attempting to query the parent
			server for the DS records at the zone cut.
			[RT #12774]
Mark Andrews's avatar
Mark Andrews committed
337

338 339 340
1753.	[bug]		Don't serve a slave zone which has no NS records.
			[RT #12894]

341 342 343 344
1752.	[port]		Move isc_app_start() to after ns_os_daemonise()
			as some fork() implementations unblock the signals
			that are blocked by isc_app_start(). [RT #12810]

345 346
1751.	[bug]		--enable-getifaddrs failed under linux. [RT #12867]

347 348 349
1750.	[port]		lib/bind/make/rules.in:subdirs was not bash friendly.
			[RT #12864]

350 351
1749.	[bug]		'check-names response ignore;' failed to ignore.
			[RT #12866]
Mark Andrews's avatar
Mark Andrews committed
352

353 354
1748.	[func]		dig now returns the byte count for axfr/ixfr.
			
355 356 357
1747.	[bug]		BIND 8 compatability: named/named-checkconf failed
			to parse "host-statistics-max" in named.conf.

Mark Andrews's avatar
Mark Andrews committed
358
1746.	[func]		Make public the function to read a key file,
359 360
			dst_key_read_public(). [RT #12450]

361 362 363
1745.	[bug]		Dig/host/nslookup accept replies from link locals
			regardless of scope if no scope was specified when
			query was sent. [RT #12745]
Mark Andrews's avatar
Mark Andrews committed
364

365 366 367
1744.	[bug]		If tuple2msgname() failed to convert a tuple to
			a name a REQUIRE could be triggered. [RT #12796]

368
1743.	[bug]		If isc_taskmgr_create() was not able to create the
369 370 371 372
			requested number of worker threads then destruction
			of the manager would trigger an INSIST() failure.
			[RT #12790]
			
373 374 375 376 377
1742.	[bug]		Deleting all records at a node then adding a
			previously existing record, in a single UPDATE
			transaction, failed to leave / regenerate the
			associated RRSIG records. [RT #12788]

378 379 380
1741.	[bug]		Deleting all records at a node in a secure zone
			using a update-policy grant failed. [RT #12787]

381 382 383 384 385 386
1740.	[bug]		Replace rbt's hash algorithm as it performed badly
			with certain zones. [RT #12729]
			
			NOTE: a hash context now needs to be established
			via isc_hash_create() if the application was not
			already doing this.
Mark Andrews's avatar
Mark Andrews committed
387

388 389
1739.	[bug]		dns_rbt_deletetree() could incorrectly return
			ISC_R_QUOTA.  [RT #12695]
Mark Andrews's avatar
Mark Andrews committed
390

391
1738.	[bug]		Enable overrun checking by default. [RT #12695]
Mark Andrews's avatar
Mark Andrews committed
392

Mark Andrews's avatar
Mark Andrews committed
393
1737.	[bug]		named failed if more than 16 masters were specified.
394 395
			[RT #12627]

396 397 398
1736.	[bug]		dst_key_fromnamedfile() could fail to read a
			public key. [RT #12687]
			
399 400 401
1735.	[bug]		'dig +sigtrace' could die with a REQUIRE failure.
			[RE #12688]

402 403 404
1734.	[cleanup]	'rndc-confgen -a -t' remove extra '/' in path.
			[RT #12588]

405 406
1733.	[bug]		Return non-zero exit status on initial load failure.
			[RT #12658]
Mark Andrews's avatar
Mark Andrews committed
407

408 409
1732.	[bug]		'rrset-order name "*"' wasn't being applied to ".".
			[RT #12467]
Mark Andrews's avatar
Mark Andrews committed
410

411 412
1731.	[port]		darwin: relax version test in ifconfig.sh.
			[RT #12581]
Mark Andrews's avatar
Mark Andrews committed
413

414 415
1730.	[port]		Determine the length type used by the socket API.
			[RT #12581]
Mark Andrews's avatar
Mark Andrews committed
416

417
1729.	[func]		Improve check-names error messages.
Mark Andrews's avatar
Mark Andrews committed
418

419
1728.	[doc]		Update check-names documentation.
Mark Andrews's avatar
Mark Andrews committed
420

421 422
1727.	[bug]		named-checkzone: check-names support didn't match
			documentation.
Mark Andrews's avatar
Mark Andrews committed
423

Mark Andrews's avatar
aix5  
Mark Andrews committed
424 425
1726.	[port]		aix5: add support for aix5

426 427
1725.	[port]		linux: update error message on interaction of threads,
			capabilities and setuid support (named -u). [RT #12541]
Mark Andrews's avatar
Mark Andrews committed
428

429 430
1724.	[bug]		Look for DNSKEY records with "dig +sigtrace".
			[RT #12557]
Mark Andrews's avatar
Mark Andrews committed
431

432 433
1723.	[cleanup]	Silence compiler warnings from t_tasks.c. [RT #12493]

434 435
1722.	[bug]		Don't commit the journal on malformed ixfr streams.
			[RT #12519]
Mark Andrews's avatar
Mark Andrews committed
436

437 438
1721.	[bug]		Error message from the journal processing were not
			always identifing the relevent journal. [RT #12519]
Mark Andrews's avatar
Mark Andrews committed
439

440 441
1720.	[bug]		'dig +chase' did not terminate on a RFC 2308 Type 1
			negative response. [RT #12506]
Mark Andrews's avatar
Mark Andrews committed
442

443 444
1719.	[bug]		named was not correctly caching a RFC 2308 Type 1
			negative response. [RT #12506]
Mark Andrews's avatar
Mark Andrews committed
445

446 447 448
1718.	[bug]		nsupdate was not handling RFC 2308 Type 3 negative
			responses when looking for the zone / master server.
			[RT #12506]
Mark Andrews's avatar
Mark Andrews committed
449

450 451 452
1717.	[port]		solaris: ifconfig.sh did not support Solaris 10.
			"ifconfig.sh down" didn't work for Solaris 9.

453 454 455
1716.	[doc]		named.conf(5) was being installed in the wrong
			location.  [RT# 12441]

456 457
1715.	[func]		'dig +trace' now randomly selects the next servers
			to try.  Report if there is a bad delegation.
Mark Andrews's avatar
Mark Andrews committed
458

459 460 461 462
1714.	[bug]		dig/host/nslookup were only trying the first
			address when a nameserver was specified by name.
			[RT #12286]

463 464 465
1713.	[port]		linux: extend capset failure message to say:
			please ensure that the capset kernel module is
			loaded.  see insmod(8)
Mark Andrews's avatar
Mark Andrews committed
466

467 468
1712.	[bug]		Missing FULLCHECK for "trusted-key" in dig.

469
1711.	[func]		'rndc unfreeze' has been deprecated by 'rndc thaw'.
Mark Andrews's avatar
Mark Andrews committed
470

471 472
1710.	[func]		'rndc notify zone [class [view]]' resend the NOTIFY
			messages for the specified zone. [RT #9479]
Mark Andrews's avatar
Mark Andrews committed
473

474
1709.	[port]		solaris: add SMF support from Sun.
Mark Andrews's avatar
Mark Andrews committed
475

476 477 478 479
1708.	[cleanup]	Replaced dns_fullname_hash() with dns_name_fullhash()
			for conformance to the name space convention.  Binary
			backward compatibility to the old function name is
			provided. [RT #12376]
480

481 482
1707.	[contrib]	sdb/ldap updated to version 1.0-beta.

483 484
1706.	[bug]		'rndc stop' failed to cause zones to be flushed
			sometimes. [RT #12328]
Mark Andrews's avatar
Mark Andrews committed
485

486
1705.	[func]		Allow the journal's name to be changed via named.conf.
Mark Andrews's avatar
Mark Andrews committed
487

488 489 490
1704.	[port]		lwres needed a snprintf() implementation for
			platforms without snprintf().  Add missing
			"#include <isc/print.h>". [RT #12321]
Mark Andrews's avatar
Mark Andrews committed
491

492 493
1703.	[bug]		named would loop sending NOTIFY messages when it
			failed to receive a response. [RT #12322]
Mark Andrews's avatar
Mark Andrews committed
494

495 496
1702.	[bug]		also-notify should not be applied to builtin zones.
			[RT #12323]
Mark Andrews's avatar
Mark Andrews committed
497

498 499
1701.	[doc]		A minimal named.conf man page.

500 501 502
1700.	[func]		nslookup is no longer to be treated as deprecated.
			Remove "deprecated" warning message.  Add man page.

503 504
1699.	[bug]		dnssec-signzone can generate "not exact" errors
			when resigning. [RT #12281]
Mark Andrews's avatar
Mark Andrews committed
505

506 507
1698.	[doc]		Use reserved IPv6 documentation prefix.

508 509 510 511
1697.	[bug]		xxx-source{,-v6} was not effective when it
			specified one of listening addresses and a
			different port than the listening port. [RT #12257]

512 513 514 515
1696.	[bug]		dnssec-signzone failed to clean out nodes that
			consisted of only NSEC and RRSIG records.
			[RT #12154]

516 517
1695.	[bug]		DS records when forwarding require special handling.
			[RT #12133]
Mark Andrews's avatar
Mark Andrews committed
518

519 520
1694.	[bug]		Report if the builtin views of "_default" / "_bind"
			are defined in named.conf. [RT #12023]
Mark Andrews's avatar
Mark Andrews committed
521

522 523
1693.	[bug]		max-journal-size was not effective for master zones
			with ixfr-from-differences set. [RT# 12024]
Mark Andrews's avatar
Mark Andrews committed
524

Mark Andrews's avatar
Mark Andrews committed
525
1692.	[bug]		Don't set -I, -L and -R flags when libcrypto is in
526 527
			/usr/lib. [RT #11971]

528 529
1691.	[bug]		sdb's attachversion was not complete. [RT #11990]

530 531
1690.	[bug]		Delay detaching view from the client until UPDATE
			processing completes when shutting down. [RT #11714]
Mark Andrews's avatar
Mark Andrews committed
532

533 534 535
1689.	[bug]		DNS_NAME_TOREGION() and DNS_NAME_SPLIT() macros
			contained gratuitous semicolons. [RT #11707]

536 537
1688.	[bug]		LDFLAGS was not supported.

538 539
1687.	[bug]		Race condition in dispatch. [RT #10272]

540 541 542
1686.	[bug]		Named sent a extraneous NOTIFY when it received a
			redundant UPDATE request. [RT #11943]

Rob Austein's avatar
Rob Austein committed
543
1685.	[bug]		Change #1679 loop tests weren't quite right.
544

545 546
1684.	[func]		ixfr-from-differences now takes master and slave in
			addition to yes and no at the options and view levels.
Mark Andrews's avatar
Mark Andrews committed
547

548 549
1683.	[bug]		dig +sigchase could leak memory. [RT #11445]

550 551
1682.	[port]		Update configure test for (long long) printf format.
			[RT #5066]
Mark Andrews's avatar
Mark Andrews committed
552

553 554
1681.	[bug]		Only set SO_REUSEADDR when a port is specified in
			isc_socket_bind(). [RT #11742]
Mark Andrews's avatar
Mark Andrews committed
555

556
1680.	[func]		rndc: the source address can now be specified.
Mark Andrews's avatar
Mark Andrews committed
557

558 559 560
1679.	[bug]		When there was a single nameserver with multiple
			addresses for a zone not all addresses were tried.
			[RT #11706]
Mark Andrews's avatar
Mark Andrews committed
561

562 563
1678.	[bug]		RRSIG should use TYPEXXXXX for unknown types.

564 565
1677.	[bug]		dig: +aaonly didn't work, +aaflag undocumented.

566 567 568 569 570 571
1676.	[func]		New option "allow-query-cache".  This lets
			allow-query be used to specify the default zone
			access level rather than having to have every
			zone override the global value.  allow-query-cache
			can be set at both the options and view levels.
			If allow-query-cache is not set allow-query applies.
Mark Andrews's avatar
Mark Andrews committed
572

573 574 575
1675.	[bug]		named would sometimes add extra NSEC records to
			the authority section.
			
576 577 578
1674.	[port]		linux: increase buffer size used to scan
			/proc/net/if_inet6.

579 580 581
1673.	[port]		linux: issue a error messages if IPv6 interface
			scans fails.

Mark Andrews's avatar
Mark Andrews committed
582
1672.	[cleanup]	Tests which only function in a threaded build
583 584 585 586
			now return R:THREADONLY (rather than R:UNTESTED)
			in a non-threaded build.

1671.	[contrib]	queryperf: add NAPTR to the list of known types.
587

588 589 590 591 592
1670.	[func]		Log UPDATE requests to slave zones without an acl as
			"disabled" at debug level 3. [RT# 11657]

1669.	[placeholder]

593 594
1668.	[bug]		DIG_SIGCHASE was making bin/dig/host dump core.

595 596
1667.	[port]		linux: not all versions have IF_NAMESIZE.

597 598
1666.	[bug]		The optional port on hostnames in dual-stack-servers
			was being ignored.
Mark Andrews's avatar
Mark Andrews committed
599

600 601
1665.	[func]		rndc now allows addresses to be set in the
			server clauses.
Mark Andrews's avatar
Mark Andrews committed
602

Rob Austein's avatar
1664  
Rob Austein committed
603 604
1664.	[bug]		nsupdate needed KEY for SIG(0), not DNSKEY.

605
1663.	[func]		Look for OpenSSL by default.
Mark Andrews's avatar
Mark Andrews committed
606

Mark Andrews's avatar
wording  
Mark Andrews committed
607 608
1662.	[bug]		Change #1658 failed to change one use of 'type'
			to 'keytype'.
609

610 611
1661.	[bug]		Restore dns_name_concatenate() call in
			adb.c:set_target().  [RT #11582]
Mark Andrews's avatar
Mark Andrews committed
612

613 614
1660.	[bug]		win32: connection_reset_fix() was being called
			unconditionally.  [RT #11595]
Mark Andrews's avatar
Mark Andrews committed
615

616 617 618 619 620 621 622
1659.	[cleanup]	Cleanup some messages that were referring to KEY vs
			DNSKEY, NXT vs NSEC and SIG vs RRSIG.

1658.	[func]		Update dnssec-keygen to default to KEY for HMAC-MD5
			and DH.  Tighten which options apply to KEY and
			DNSKEY records.

623 624 625 626 627
1657.	[doc]		ARM: document query log output.

1656.	[doc]		Update DNSSEC description in ARM to cover DS, NSEC
			DNSKEY and RRSIG.  [RT #11542]

628 629
1655.	[bug]		Logging multiple versions w/o a size was broken.
			[RT #11446]
Mark Andrews's avatar
Mark Andrews committed
630

631 632
1654.	[bug]		isc_result_totext() contained array bounds read
			error.
Mark Andrews's avatar
Mark Andrews committed
633

634 635 636
1653.	[func]		Add key type checking to dst_key_fromfilename(),
			DST_TYPE_KEY should be used to read TSIG, TKEY and
			SIG(0) keys.
Mark Andrews's avatar
Mark Andrews committed
637

638
1652.	[bug]		TKEY still uses KEY.
Mark Andrews's avatar
Mark Andrews committed
639

640 641 642 643
1651.	[bug]		dig: process multiple dash options.

1650.	[bug]		dig, nslookup: flush standard out after each command.

644 645
1649.	[bug]		Silence "unexpected non-minimal diff" message.
			[RT #11206]
Mark Andrews's avatar
Mark Andrews committed
646

647 648 649
1648.	[func]		Update dnssec-lookaside named.conf syntax to support
			multiple dnssec-lookaside namespaces (not yet
			implemented).  
Mark Andrews's avatar
Mark Andrews committed
650

651 652 653
1647.	[bug]		It was possible trigger a INSIST when chasing a DS
			record that required walking back over a empty node.
			[RT #11445]
Mark Andrews's avatar
Mark Andrews committed
654

655 656
1646.	[bug]		win32: logging file versions didn't work with
			non-UNC filenames.  [RT#11486]
Mark Andrews's avatar
Mark Andrews committed
657

658 659 660
1645.	[bug]		named could trigger a REQUIRE failure if multiple
			masters with keys are specified.

661 662
1644.	[bug]		Update the journal modification time after a
			sucessfull refresh query. [RT #11436]
Mark Andrews's avatar
Mark Andrews committed
663

664 665 666
1643.	[bug]		dns_db_closeversion() could leak memory / node
			references. [RT #11163]

667 668 669
1642.	[port]		Support OpenSSL implementations which don't have
			DSA support. [RT #11360]

670 671
1641.	[bug]		Update the check-names description in ARM. [RT #11389]

672 673 674
1640.	[bug]		win32: isc_socket_cancel(ISC_SOCKCANCEL_ACCEPT) was
			incorrectly closing the socket.  [RT #11291]

675 676
1639.	[func]		Initial dlv system test.

677 678 679
1638.	[bug]		"ixfr-from-differences" could generate a REQUIRE
			failure if the journal open failed. [RT #11347]
			
680 681
1637.	[bug]		Node reference leak on error in addnoqname().

682 683 684 685
1636.	[bug]		The dump done callback could get ISC_R_SUCCESS even if
			a error had occured.  The database version no longer
			matched the version of the database that was dumped.

686 687
1635.	[bug]		Memory leak on error in query_addds().

688 689
1634.	[bug]		named didn't supply a useful error message when it
			detected duplicate views.  [RT #11208]
Mark Andrews's avatar
Mark Andrews committed
690

691 692 693
1633.	[bug]		named should return NOTIMP to update requests to a
			slaves without a allow-update-forwarding acl specified.
			[RT #11331]
Mark Andrews's avatar
Mark Andrews committed
694

695 696
1632.	[bug]		nsupdate failed to send prerequisite only UPDATE
			messages. [RT #11288]
Mark Andrews's avatar
Mark Andrews committed
697

698 699 700
1631.	[bug]		dns_journal_compact() could sometimes corrupt the
			journal. [RT #11124]

701
1630.	[contrib]	queryperf: add support for IPv6 transport.
702

703 704
1629.	[func]		dig now supports IPv6 scoped addresses with the
			extended format in the local-server part. [RT #8753]
705

706 707
1628.	[bug]		Typo in Compaq Trucluster support. [RT# 11264]

708 709 710
1627.	[bug]		win32: sockets were not being closed when the
			last external reference was removed. [RT# 11179]

711 712
1626.	[bug]		--enable-getifaddrs was broken. [RT#11259]

713 714
1625.	[bug]		named failed to load/transfer RFC2535 signed zones
			which contained CNAMES. [RT# 11237]
Mark Andrews's avatar
Mark Andrews committed
715

716 717
1624.	[bug]		zonemgr_putio() call should be locked. [RT# 11163]

718 719 720
1623.	[bug]		A serial number of zero was being displayed in the
			"sending notifies" log message when also-notify was
			used. [RT #11177]
Mark Andrews's avatar
Mark Andrews committed
721

722 723
1622.	[func]		probe the system to see if IPV6_(RECV)PKTINFO is
			available, and suppress wildcard binding if not.
724

725 726
1621.	[bug]		match-destinations did not work for IPv6 TCP queries.
			[RT# 11156]
727

728
1620.	[func]		When loading a zone report if it is signed. [RT #11149]
Mark Andrews's avatar
Mark Andrews committed
729

730 731 732
1619.	[bug]		Missing ISC_LIST_UNLINK in end_reserved_dispatches().
			[RT# 11118]

733 734 735
1618.	[bug]		Fencepost errors in dns_name_ishostname() and
			dns_name_ismailbox() could trigger a INSIST().

736 737
1617.	[port]		win32: VC++ 6.0 support.

738 739
1616.	[compat]	Ensure that named's version is visible in the core
			dump. [RT #11127]
Mark Andrews's avatar
Mark Andrews committed
740

741 742 743
1615.	[port]		Define ISC_SOCKADDR_LEN_T based on _BSD_SOCKLEN_T_ if
			it is defined.

744
1614.	[port]		win32: silence resource limit messages. [RT# 11101]
Mark Andrews's avatar
Mark Andrews committed
745

746 747 748
1613.	[bug]		Builds would fail on machines w/o a if_nametoindex().
			Missing #ifdef ISC_PLATFORM_HAVEIFNAMETOINDEX/#endif.
			[RT #11119]
Mark Andrews's avatar
Mark Andrews committed
749

750 751
1612.	[bug]		check-names at the option/view level could trigger
			an INSIST. [RT# 11116]
Mark Andrews's avatar
Mark Andrews committed
752

753 754
1611.	[bug]		solaris: IPv6 interface scanning failed to cope with
			no active IPv6 interfaces.
Mark Andrews's avatar
Mark Andrews committed
755

756 757 758
1610.	[bug]		On dual stack machines "dig -b" failed to set the
			address type to be looked up with "@server".
			[RT #11069]
Mark Andrews's avatar
Mark Andrews committed
759

760 761 762
1609.	[func]		dig now has support to chase DNSSEC signature chains.
			Requires -DDIG_SIGCHASE=1 to be set in STD_CDEFINES.

Mark Andrews's avatar
Mark Andrews committed
763 764 765 766
			DNSSEC validation code in dig coded by Olivier Courtay
			(olivier.courtay@irisa.fr) for the IDsA project
			(http://idsa.irisa.fr).

767 768 769
1608.	[func]		dig and host now accept -4/-6 to select IP transport
			to use when making queries.

770 771 772
1607.	[bug]		dig, host and nslookup were still using random()
			to generate query ids. [RT# 11013]

Mark Andrews's avatar
Mark Andrews committed
773
1606.	[bug]	 	DLV insecurity proof was failing.
774 775

1605.	[func]		New dns_db_find() option DNS_DBFIND_COVERINGNSEC.
Mark Andrews's avatar
Mark Andrews committed
776

777 778 779 780
1604.	[bug]		A xfrout_ctx_create() failure would result in
			xfrout_ctx_destroy() being called with a
			partially initaliased structure.
			
781 782
1603.	[bug]		nsupdate: set interactive based on isatty().
			[RT# 10929]
Mark Andrews's avatar
Mark Andrews committed
783

784 785
1602.	[bug]		Logging to a file failed unless a size was specified.
			[RT# 10925]
Mark Andrews's avatar
Mark Andrews committed
786

787 788 789
1601.	[bug]		Silence spurious warning 'both "recursion no;" and 
			"allow-recursion" active' warning from view "_bind".
			[RT# 10920]
Mark Andrews's avatar
Mark Andrews committed
790

791 792
1600.	[bug]		Duplicate zone pre-load checks were not case
			insensitive.
Mark Andrews's avatar
Mark Andrews committed
793

794
1599.	[bug]		Fix memory leak on error path when checking named.conf.
Mark Andrews's avatar
Mark Andrews committed
795

796 797
1598.	[func]		Specify that certain parts of the namespace must
			be secure (dnssec-must-be-secure).
Mark Andrews's avatar
Mark Andrews committed
798

Mark Andrews's avatar
Mark Andrews committed
799 800
1597.	[placeholder]	rt6496a

801
1596.	[func]		Accept 'notify-source' style syntax for query-source.
Mark Andrews's avatar
Mark Andrews committed
802

803 804
1595.	[func]		New notify type 'master-only'.  Enable notify for
			master zones only.
Mark Andrews's avatar
Mark Andrews committed
805

806 807
1594.	[bug]		'rndc dumpdb' could prevent named from answering
			queries while the dump was in progress.  [RT #10565]
Mark Andrews's avatar
Mark Andrews committed
808

809 810
1593.	[bug]		rndc should return "unknown command" to unknown
			commands. [RT# 10642]
Mark Andrews's avatar
Mark Andrews committed
811

Mark Andrews's avatar
Mark Andrews committed
812
1592.	[bug]		configure_view() could leak a dispatch. [RT# 10675]
813

814 815
1591.	[bug]		libbind: updated to BIND 8.4.5.

816 817
1590.	[port]		netbsd: update thread support.

818 819
1589.	[func]		DNSSEC lookaside validation.

820 821
1588.	[bug]		win32: TCP sockets could become blocked. [RT #10115]

822 823
1587.	[bug]		dns_message_settsigkey() failed to clear existing key.
			[RT #10590]
Mark Andrews's avatar
Mark Andrews committed
824

825 826
1586.	[func]		"check-names" is now implemented.

Mark Andrews's avatar
Mark Andrews committed
827
1585.	[placeholder]
Mark Andrews's avatar
Mark Andrews committed
828

Mark Andrews's avatar
Mark Andrews committed
829
1584.	[bug]		"make test" failed with a read only source tree.
830
			[RT #10461]
Mark Andrews's avatar
Mark Andrews committed
831

832 833
1583.	[bug]		Records add via UPDATE failed to get the correct trust
			level. [RT #10452]
Mark Andrews's avatar
Mark Andrews committed
834

835 836
1582.	[bug]		rrset-order failed to work on RRsets with more
			than 32 elements. [RT #10381]
Mark Andrews's avatar
Mark Andrews committed
837

838
1581.	[func]		Disable DNSSEC support by default.  To enable
839
			DNSSEC specify "dnssec-enable yes;" in named.conf.
840

Mark Andrews's avatar
Mark Andrews committed
841
1580.	[bug]		Zone destruction on final detach takes a long time.
842
			[RT #3746]
Mark Andrews's avatar
Mark Andrews committed
843

844
1579.	[bug]		Multiple task managers could not be created.
Mark Andrews's avatar
Mark Andrews committed
845

846 847
1578.	[bug]		Don't use CLASS E IPv4 addresses when resolving.
			[RT #10346]
Mark Andrews's avatar
Mark Andrews committed
848

849 850
1577.	[bug]		Use isc_uint32_t in ultrasparc optimizer bug
			workaround code. [RT #10331]
Mark Andrews's avatar
Mark Andrews committed
851

852 853
1576.	[bug]		Race condition in dns_dispatch_addresponse().
			[RT# 10272]
Mark Andrews's avatar
Mark Andrews committed
854

855
1575.	[func]		Log TSIG name on TSIG verify failure. [RT #4404]