CHANGES 188 KB
Newer Older
Mark Andrews's avatar
Mark Andrews committed
1
2
1791.	[placeholder]	rt13230

3
4
5
1790.	[cleanup]	Move lib/dns/sec/dst up into lib/dns.  This should
			allow parallel make to succeed.

6
7
8
1789.	[bug]		Prerequisite test for tkey and dnssec could fail
			with "configure --with-libtool".

9
10
11
1788.	[bug]		libbind9.la/libbind9.so needs to link against
			libisccfg.la/libisccfg.so.

12
13
1787.	[port]		HPUX: both "cc" and "gcc" need -Wl,+vnocompatwarnings.

14
15
16
17
1786.	[port]		AIX: libt_api needs to be taught to look for
			T_testlist in the main executable (--with-libtool).
			[RT #13239]

18
19
20
1785.	[bug]		libbind9.la/libbind9.so needs to link against
			libisc.la/libisc.so.

21
22
23
24
1784.	[cleanup]	"libtool -allow-undefined" is the default.
			Leave hooks in configure to allow it to be set
			if needed in the future.

25
26
27
1783.	[cleanup]	We only need one copy of libtool.m4, ltmain.sh in the
			source tree.

28
29
1782.	[port]		OSX: --with-libtool + --enable-libbind broke on
			__evOptMonoTime.  [RT #13219]
Mark Andrews's avatar
Mark Andrews committed
30

31
1781.	[port]		FreeBSD 5.3: set PTHREAD_SCOPE_SYSTEM. [RT #12810]
Mark Andrews's avatar
Mark Andrews committed
32

33
34
1780.	[bug]		Update libtool to 1.5.10.

35
36
1779.	[port]		OSF 5.1: libtool didn't handle -pthread correctly.

37
38
39
1778.   [port]   	HUX 11.11: fix broken IN6ADDR_ANY_INIT and
			IN6ADDR_LOOPBACK_INIT macros.

40
41
1777.   [port]   	OSF 5.1: fix broken IN6ADDR_ANY_INIT and
			IN6ADDR_LOOPBACK_INIT macros.
42

43
44
1776.   [port]   	Solaris 2.9: fix broken IN6ADDR_ANY_INIT and
                        IN6ADDR_LOOPBACK_INIT macros.
Mark Andrews's avatar
Mark Andrews committed
45

46
47
1775.	[bug]		Only compile getnetent_r.c when threaded. [RT #13205]

48
49
1774.	[port]		Aix: Silence compiler warnings / build failures.
			[RT #13154]
Mark Andrews's avatar
Mark Andrews committed
50

51
1773.	[bug]		Fast retry on host / net unreachable. [RT #13153]
Mark Andrews's avatar
Mark Andrews committed
52

Mark Andrews's avatar
Mark Andrews committed
53
54
1772.	[placeholder]

Mark Andrews's avatar
Mark Andrews committed
55
56
1771.	[placeholder]

57
58
59
1770.	[bug]		named-checkconf failed to report missing a missing
			file clause for rbt{64} master/hint zones. [RT#13009]

60
61
62
1769.	[port]		win32: change compiler flags /MTd ==> /MDd,
			/MT ==> /MD.

63
64
65
1768.	[bug]		nsecnoexistnodata() could be called with a non-NSEC
			rdataset. [RT #12907]

66
67
1767.	[port]		Builds on IPv6 platforms without IPv6 Advanced API
			support for (struct in6_pktinfo) failed.  [RT #13077]
Mark Andrews's avatar
Mark Andrews committed
68

69
70
1766.	[bug]		Update the master file timestamp on successful refresh
			as well as the journal's timestamp. [RT# 13062]
Mark Andrews's avatar
Mark Andrews committed
71

72
73
1765.	[bug]		configure --with-openssl=auto failed. [RT #12937]

74
75
76
1764.	[bug]		dns_zone_replacedb failed to emit a error message
			if there was no SOA record in the replacment db.
			[RT #13016]
Mark Andrews's avatar
Mark Andrews committed
77

78
79
1763.	[func]		Perform sanity checks on NS records which refer to
			'in zone' names. [RT #13002]
Mark Andrews's avatar
Mark Andrews committed
80

81
82
1762.	[bug]		isc_interfaceiter_create() could return ISC_R_SUCCESS
			even when it failed. [RT #12995]
Mark Andrews's avatar
Mark Andrews committed
83

84
85
1761.	[bug]		'rndc dumpdb' didn't report unassociated entries.
			[RT #12971]
Mark Andrews's avatar
Mark Andrews committed
86

87
88
1760.	[bug]		Host / net unreachable was not penalising rtt
			estimates. [RT #12970]
Mark Andrews's avatar
Mark Andrews committed
89

90
91
1759.	[bug]		Named failed to startup if the OS supported IPv6
			but had no IPv6 interfaces configured. [RT #12942]
Mark Andrews's avatar
Mark Andrews committed
92

Mark Andrews's avatar
Mark Andrews committed
93
94
1758.	[placeholder]	rt12933

95
1757.	[func]		host now can turn on memory debugging flags with '-m'.
Mark Andrews's avatar
Mark Andrews committed
96

97
98
1756.	[func]		named-checkconf now checks the logging configuration.
			[RT #12352]
Mark Andrews's avatar
Mark Andrews committed
99

100
101
1755.	[func]		allow-update is now settable at the options / view
			level. [RT #6636]
Mark Andrews's avatar
Mark Andrews committed
102

103
104
105
1754.	[bug]		We wern't always attempting to query the parent
			server for the DS records at the zone cut.
			[RT #12774]
Mark Andrews's avatar
Mark Andrews committed
106

107
108
109
1753.	[bug]		Don't serve a slave zone which has no NS records.
			[RT #12894]

110
111
112
113
1752.	[port]		Move isc_app_start() to after ns_os_daemonise()
			as some fork() implementations unblock the signals
			that are blocked by isc_app_start(). [RT #12810]

114
115
1751.	[bug]		--enable-getifaddrs failed under linux. [RT #12867]

116
117
118
1750.	[port]		lib/bind/make/rules.in:subdirs was not bash friendly.
			[RT #12864]

119
120
1749.	[bug]		'check-names response ignore;' failed to ignore.
			[RT #12866]
Mark Andrews's avatar
Mark Andrews committed
121

122
123
1748.	[func]		dig now returns the byte count for axfr/ixfr.
			
124
125
126
1747.	[bug]		BIND 8 compatability: named/named-checkconf failed
			to parse "host-statistics-max" in named.conf.

Mark Andrews's avatar
Mark Andrews committed
127
1746.	[func]		Make public the function to read a key file,
128
129
			dst_key_read_public(). [RT #12450]

130
131
132
1745.	[bug]		Dig/host/nslookup accept replies from link locals
			regardless of scope if no scope was specified when
			query was sent. [RT #12745]
Mark Andrews's avatar
Mark Andrews committed
133

134
135
136
1744.	[bug]		If tuple2msgname() failed to convert a tuple to
			a name a REQUIRE could be triggered. [RT #12796]

137
1743.	[bug]		If isc_taskmgr_create() was not able to create the
138
139
140
141
			requested number of worker threads then destruction
			of the manager would trigger an INSIST() failure.
			[RT #12790]
			
142
143
144
145
146
1742.	[bug]		Deleting all records at a node then adding a
			previously existing record, in a single UPDATE
			transaction, failed to leave / regenerate the
			associated RRSIG records. [RT #12788]

147
148
149
1741.	[bug]		Deleting all records at a node in a secure zone
			using a update-policy grant failed. [RT #12787]

150
151
152
153
154
155
1740.	[bug]		Replace rbt's hash algorithm as it performed badly
			with certain zones. [RT #12729]
			
			NOTE: a hash context now needs to be established
			via isc_hash_create() if the application was not
			already doing this.
Mark Andrews's avatar
Mark Andrews committed
156

157
158
1739.	[bug]		dns_rbt_deletetree() could incorrectly return
			ISC_R_QUOTA.  [RT #12695]
Mark Andrews's avatar
Mark Andrews committed
159

160
1738.	[bug]		Enable overrun checking by default. [RT #12695]
Mark Andrews's avatar
Mark Andrews committed
161

Mark Andrews's avatar
Mark Andrews committed
162
1737.	[bug]		named failed if more than 16 masters were specified.
163
164
			[RT #12627]

165
166
167
1736.	[bug]		dst_key_fromnamedfile() could fail to read a
			public key. [RT #12687]
			
168
169
170
1735.	[bug]		'dig +sigtrace' could die with a REQUIRE failure.
			[RE #12688]

171
172
173
1734.	[cleanup]	'rndc-confgen -a -t' remove extra '/' in path.
			[RT #12588]

174
175
1733.	[bug]		Return non-zero exit status on initial load failure.
			[RT #12658]
Mark Andrews's avatar
Mark Andrews committed
176

177
178
1732.	[bug]		'rrset-order name "*"' wasn't being applied to ".".
			[RT #12467]
Mark Andrews's avatar
Mark Andrews committed
179

180
181
1731.	[port]		darwin: relax version test in ifconfig.sh.
			[RT #12581]
Mark Andrews's avatar
Mark Andrews committed
182

183
184
1730.	[port]		Determine the length type used by the socket API.
			[RT #12581]
Mark Andrews's avatar
Mark Andrews committed
185

186
1729.	[func]		Improve check-names error messages.
Mark Andrews's avatar
Mark Andrews committed
187

188
1728.	[doc]		Update check-names documentation.
Mark Andrews's avatar
Mark Andrews committed
189

190
191
1727.	[bug]		named-checkzone: check-names support didn't match
			documentation.
Mark Andrews's avatar
Mark Andrews committed
192

Mark Andrews's avatar
aix5    
Mark Andrews committed
193
194
1726.	[port]		aix5: add support for aix5

195
196
1725.	[port]		linux: update error message on interaction of threads,
			capabilities and setuid support (named -u). [RT #12541]
Mark Andrews's avatar
Mark Andrews committed
197

198
199
1724.	[bug]		Look for DNSKEY records with "dig +sigtrace".
			[RT #12557]
Mark Andrews's avatar
Mark Andrews committed
200

201
202
1723.	[cleanup]	Silence compiler warnings from t_tasks.c. [RT #12493]

203
204
1722.	[bug]		Don't commit the journal on malformed ixfr streams.
			[RT #12519]
Mark Andrews's avatar
Mark Andrews committed
205

206
207
1721.	[bug]		Error message from the journal processing were not
			always identifing the relevent journal. [RT #12519]
Mark Andrews's avatar
Mark Andrews committed
208

209
210
1720.	[bug]		'dig +chase' did not terminate on a RFC 2308 Type 1
			negative response. [RT #12506]
Mark Andrews's avatar
Mark Andrews committed
211

212
213
1719.	[bug]		named was not correctly caching a RFC 2308 Type 1
			negative response. [RT #12506]
Mark Andrews's avatar
Mark Andrews committed
214

215
216
217
1718.	[bug]		nsupdate was not handling RFC 2308 Type 3 negative
			responses when looking for the zone / master server.
			[RT #12506]
Mark Andrews's avatar
Mark Andrews committed
218

219
220
221
1717.	[port]		solaris: ifconfig.sh did not support Solaris 10.
			"ifconfig.sh down" didn't work for Solaris 9.

222
223
224
1716.	[doc]		named.conf(5) was being installed in the wrong
			location.  [RT# 12441]

225
226
1715.	[func]		'dig +trace' now randomly selects the next servers
			to try.  Report if there is a bad delegation.
Mark Andrews's avatar
Mark Andrews committed
227

228
229
230
231
1714.	[bug]		dig/host/nslookup were only trying the first
			address when a nameserver was specified by name.
			[RT #12286]

232
233
234
1713.	[port]		linux: extend capset failure message to say:
			please ensure that the capset kernel module is
			loaded.  see insmod(8)
Mark Andrews's avatar
Mark Andrews committed
235

236
237
1712.	[bug]		Missing FULLCHECK for "trusted-key" in dig.

238
1711.	[func]		'rndc unfreeze' has been deprecated by 'rndc thaw'.
Mark Andrews's avatar
Mark Andrews committed
239

240
241
1710.	[func]		'rndc notify zone [class [view]]' resend the NOTIFY
			messages for the specified zone. [RT #9479]
Mark Andrews's avatar
Mark Andrews committed
242

243
1709.	[port]		solaris: add SMF support from Sun.
Mark Andrews's avatar
Mark Andrews committed
244

245
246
247
248
1708.	[cleanup]	Replaced dns_fullname_hash() with dns_name_fullhash()
			for conformance to the name space convention.  Binary
			backward compatibility to the old function name is
			provided. [RT #12376]
249

250
251
1707.	[contrib]	sdb/ldap updated to version 1.0-beta.

252
253
1706.	[bug]		'rndc stop' failed to cause zones to be flushed
			sometimes. [RT #12328]
Mark Andrews's avatar
Mark Andrews committed
254

255
1705.	[func]		Allow the journal's name to be changed via named.conf.
Mark Andrews's avatar
Mark Andrews committed
256

257
258
259
1704.	[port]		lwres needed a snprintf() implementation for
			platforms without snprintf().  Add missing
			"#include <isc/print.h>". [RT #12321]
Mark Andrews's avatar
Mark Andrews committed
260

261
262
1703.	[bug]		named would loop sending NOTIFY messages when it
			failed to receive a response. [RT #12322]
Mark Andrews's avatar
Mark Andrews committed
263

264
265
1702.	[bug]		also-notify should not be applied to builtin zones.
			[RT #12323]
Mark Andrews's avatar
Mark Andrews committed
266

267
268
1701.	[doc]		A minimal named.conf man page.

269
270
271
1700.	[func]		nslookup is no longer to be treated as deprecated.
			Remove "deprecated" warning message.  Add man page.

272
273
1699.	[bug]		dnssec-signzone can generate "not exact" errors
			when resigning. [RT #12281]
Mark Andrews's avatar
Mark Andrews committed
274

275
276
1698.	[doc]		Use reserved IPv6 documentation prefix.

277
278
279
280
1697.	[bug]		xxx-source{,-v6} was not effective when it
			specified one of listening addresses and a
			different port than the listening port. [RT #12257]

281
282
283
284
1696.	[bug]		dnssec-signzone failed to clean out nodes that
			consisted of only NSEC and RRSIG records.
			[RT #12154]

285
286
1695.	[bug]		DS records when forwarding require special handling.
			[RT #12133]
Mark Andrews's avatar
Mark Andrews committed
287

288
289
1694.	[bug]		Report if the builtin views of "_default" / "_bind"
			are defined in named.conf. [RT #12023]
Mark Andrews's avatar
Mark Andrews committed
290

291
292
1693.	[bug]		max-journal-size was not effective for master zones
			with ixfr-from-differences set. [RT# 12024]
Mark Andrews's avatar
Mark Andrews committed
293

Mark Andrews's avatar
Mark Andrews committed
294
1692.	[bug]		Don't set -I, -L and -R flags when libcrypto is in
295
296
			/usr/lib. [RT #11971]

297
298
1691.	[bug]		sdb's attachversion was not complete. [RT #11990]

299
300
1690.	[bug]		Delay detaching view from the client until UPDATE
			processing completes when shutting down. [RT #11714]
Mark Andrews's avatar
Mark Andrews committed
301

302
303
304
1689.	[bug]		DNS_NAME_TOREGION() and DNS_NAME_SPLIT() macros
			contained gratuitous semicolons. [RT #11707]

305
306
1688.	[bug]		LDFLAGS was not supported.

307
308
1687.	[bug]		Race condition in dispatch. [RT #10272]

309
310
311
1686.	[bug]		Named sent a extraneous NOTIFY when it received a
			redundant UPDATE request. [RT #11943]

Rob Austein's avatar
Rob Austein committed
312
1685.	[bug]		Change #1679 loop tests weren't quite right.
313

314
315
1684.	[func]		ixfr-from-differences now takes master and slave in
			addition to yes and no at the options and view levels.
Mark Andrews's avatar
Mark Andrews committed
316

317
318
1683.	[bug]		dig +sigchase could leak memory. [RT #11445]

319
320
1682.	[port]		Update configure test for (long long) printf format.
			[RT #5066]
Mark Andrews's avatar
Mark Andrews committed
321

322
323
1681.	[bug]		Only set SO_REUSEADDR when a port is specified in
			isc_socket_bind(). [RT #11742]
Mark Andrews's avatar
Mark Andrews committed
324

325
1680.	[func]		rndc: the source address can now be specified.
Mark Andrews's avatar
Mark Andrews committed
326

327
328
329
1679.	[bug]		When there was a single nameserver with multiple
			addresses for a zone not all addresses were tried.
			[RT #11706]
Mark Andrews's avatar
Mark Andrews committed
330

331
332
1678.	[bug]		RRSIG should use TYPEXXXXX for unknown types.

333
334
1677.	[bug]		dig: +aaonly didn't work, +aaflag undocumented.

335
336
337
338
339
340
1676.	[func]		New option "allow-query-cache".  This lets
			allow-query be used to specify the default zone
			access level rather than having to have every
			zone override the global value.  allow-query-cache
			can be set at both the options and view levels.
			If allow-query-cache is not set allow-query applies.
Mark Andrews's avatar
Mark Andrews committed
341

342
343
344
1675.	[bug]		named would sometimes add extra NSEC records to
			the authority section.
			
345
346
347
1674.	[port]		linux: increase buffer size used to scan
			/proc/net/if_inet6.

348
349
350
1673.	[port]		linux: issue a error messages if IPv6 interface
			scans fails.

Mark Andrews's avatar
Mark Andrews committed
351
1672.	[cleanup]	Tests which only function in a threaded build
352
353
354
355
			now return R:THREADONLY (rather than R:UNTESTED)
			in a non-threaded build.

1671.	[contrib]	queryperf: add NAPTR to the list of known types.
356

357
358
359
360
361
1670.	[func]		Log UPDATE requests to slave zones without an acl as
			"disabled" at debug level 3. [RT# 11657]

1669.	[placeholder]

362
363
1668.	[bug]		DIG_SIGCHASE was making bin/dig/host dump core.

364
365
1667.	[port]		linux: not all versions have IF_NAMESIZE.

366
367
1666.	[bug]		The optional port on hostnames in dual-stack-servers
			was being ignored.
Mark Andrews's avatar
Mark Andrews committed
368

369
370
1665.	[func]		rndc now allows addresses to be set in the
			server clauses.
Mark Andrews's avatar
Mark Andrews committed
371

Rob Austein's avatar
1664    
Rob Austein committed
372
373
1664.	[bug]		nsupdate needed KEY for SIG(0), not DNSKEY.

374
1663.	[func]		Look for OpenSSL by default.
Mark Andrews's avatar
Mark Andrews committed
375

Mark Andrews's avatar
wording    
Mark Andrews committed
376
377
1662.	[bug]		Change #1658 failed to change one use of 'type'
			to 'keytype'.
378

379
380
1661.	[bug]		Restore dns_name_concatenate() call in
			adb.c:set_target().  [RT #11582]
Mark Andrews's avatar
Mark Andrews committed
381

382
383
1660.	[bug]		win32: connection_reset_fix() was being called
			unconditionally.  [RT #11595]
Mark Andrews's avatar
Mark Andrews committed
384

385
386
387
388
389
390
391
1659.	[cleanup]	Cleanup some messages that were referring to KEY vs
			DNSKEY, NXT vs NSEC and SIG vs RRSIG.

1658.	[func]		Update dnssec-keygen to default to KEY for HMAC-MD5
			and DH.  Tighten which options apply to KEY and
			DNSKEY records.

392
393
394
395
396
1657.	[doc]		ARM: document query log output.

1656.	[doc]		Update DNSSEC description in ARM to cover DS, NSEC
			DNSKEY and RRSIG.  [RT #11542]

397
398
1655.	[bug]		Logging multiple versions w/o a size was broken.
			[RT #11446]
Mark Andrews's avatar
Mark Andrews committed
399

400
401
1654.	[bug]		isc_result_totext() contained array bounds read
			error.
Mark Andrews's avatar
Mark Andrews committed
402

403
404
405
1653.	[func]		Add key type checking to dst_key_fromfilename(),
			DST_TYPE_KEY should be used to read TSIG, TKEY and
			SIG(0) keys.
Mark Andrews's avatar
Mark Andrews committed
406

407
1652.	[bug]		TKEY still uses KEY.
Mark Andrews's avatar
Mark Andrews committed
408

409
410
411
412
1651.	[bug]		dig: process multiple dash options.

1650.	[bug]		dig, nslookup: flush standard out after each command.

413
414
1649.	[bug]		Silence "unexpected non-minimal diff" message.
			[RT #11206]
Mark Andrews's avatar
Mark Andrews committed
415

416
417
418
1648.	[func]		Update dnssec-lookaside named.conf syntax to support
			multiple dnssec-lookaside namespaces (not yet
			implemented).  
Mark Andrews's avatar
Mark Andrews committed
419

420
421
422
1647.	[bug]		It was possible trigger a INSIST when chasing a DS
			record that required walking back over a empty node.
			[RT #11445]
Mark Andrews's avatar
Mark Andrews committed
423

424
425
1646.	[bug]		win32: logging file versions didn't work with
			non-UNC filenames.  [RT#11486]
Mark Andrews's avatar
Mark Andrews committed
426

427
428
429
1645.	[bug]		named could trigger a REQUIRE failure if multiple
			masters with keys are specified.

430
431
1644.	[bug]		Update the journal modification time after a
			sucessfull refresh query. [RT #11436]
Mark Andrews's avatar
Mark Andrews committed
432

433
434
435
1643.	[bug]		dns_db_closeversion() could leak memory / node
			references. [RT #11163]

436
437
438
1642.	[port]		Support OpenSSL implementations which don't have
			DSA support. [RT #11360]

439
440
1641.	[bug]		Update the check-names description in ARM. [RT #11389]

441
442
443
1640.	[bug]		win32: isc_socket_cancel(ISC_SOCKCANCEL_ACCEPT) was
			incorrectly closing the socket.  [RT #11291]

444
445
1639.	[func]		Initial dlv system test.

446
447
448
1638.	[bug]		"ixfr-from-differences" could generate a REQUIRE
			failure if the journal open failed. [RT #11347]
			
449
450
1637.	[bug]		Node reference leak on error in addnoqname().

451
452
453
454
1636.	[bug]		The dump done callback could get ISC_R_SUCCESS even if
			a error had occured.  The database version no longer
			matched the version of the database that was dumped.

455
456
1635.	[bug]		Memory leak on error in query_addds().

457
458
1634.	[bug]		named didn't supply a useful error message when it
			detected duplicate views.  [RT #11208]
Mark Andrews's avatar
Mark Andrews committed
459

460
461
462
1633.	[bug]		named should return NOTIMP to update requests to a
			slaves without a allow-update-forwarding acl specified.
			[RT #11331]
Mark Andrews's avatar
Mark Andrews committed
463

464
465
1632.	[bug]		nsupdate failed to send prerequisite only UPDATE
			messages. [RT #11288]
Mark Andrews's avatar
Mark Andrews committed
466

467
468
469
1631.	[bug]		dns_journal_compact() could sometimes corrupt the
			journal. [RT #11124]

470
1630.	[contrib]	queryperf: add support for IPv6 transport.
471

472
473
1629.	[func]		dig now supports IPv6 scoped addresses with the
			extended format in the local-server part. [RT #8753]
474

475
476
1628.	[bug]		Typo in Compaq Trucluster support. [RT# 11264]

477
478
479
1627.	[bug]		win32: sockets were not being closed when the
			last external reference was removed. [RT# 11179]

480
481
1626.	[bug]		--enable-getifaddrs was broken. [RT#11259]

482
483
1625.	[bug]		named failed to load/transfer RFC2535 signed zones
			which contained CNAMES. [RT# 11237]
Mark Andrews's avatar
Mark Andrews committed
484

485
486
1624.	[bug]		zonemgr_putio() call should be locked. [RT# 11163]

487
488
489
1623.	[bug]		A serial number of zero was being displayed in the
			"sending notifies" log message when also-notify was
			used. [RT #11177]
Mark Andrews's avatar
Mark Andrews committed
490

491
492
1622.	[func]		probe the system to see if IPV6_(RECV)PKTINFO is
			available, and suppress wildcard binding if not.
493

494
495
1621.	[bug]		match-destinations did not work for IPv6 TCP queries.
			[RT# 11156]
496

497
1620.	[func]		When loading a zone report if it is signed. [RT #11149]
Mark Andrews's avatar
Mark Andrews committed
498

499
500
501
1619.	[bug]		Missing ISC_LIST_UNLINK in end_reserved_dispatches().
			[RT# 11118]

502
503
504
1618.	[bug]		Fencepost errors in dns_name_ishostname() and
			dns_name_ismailbox() could trigger a INSIST().

505
506
1617.	[port]		win32: VC++ 6.0 support.

507
508
1616.	[compat]	Ensure that named's version is visible in the core
			dump. [RT #11127]
Mark Andrews's avatar
Mark Andrews committed
509

510
511
512
1615.	[port]		Define ISC_SOCKADDR_LEN_T based on _BSD_SOCKLEN_T_ if
			it is defined.

513
1614.	[port]		win32: silence resource limit messages. [RT# 11101]
Mark Andrews's avatar
Mark Andrews committed
514

515
516
517
1613.	[bug]		Builds would fail on machines w/o a if_nametoindex().
			Missing #ifdef ISC_PLATFORM_HAVEIFNAMETOINDEX/#endif.
			[RT #11119]
Mark Andrews's avatar
Mark Andrews committed
518

519
520
1612.	[bug]		check-names at the option/view level could trigger
			an INSIST. [RT# 11116]
Mark Andrews's avatar
Mark Andrews committed
521

522
523
1611.	[bug]		solaris: IPv6 interface scanning failed to cope with
			no active IPv6 interfaces.
Mark Andrews's avatar
Mark Andrews committed
524

525
526
527
1610.	[bug]		On dual stack machines "dig -b" failed to set the
			address type to be looked up with "@server".
			[RT #11069]
Mark Andrews's avatar
Mark Andrews committed
528

529
530
531
1609.	[func]		dig now has support to chase DNSSEC signature chains.
			Requires -DDIG_SIGCHASE=1 to be set in STD_CDEFINES.

Mark Andrews's avatar
Mark Andrews committed
532
533
534
535
			DNSSEC validation code in dig coded by Olivier Courtay
			(olivier.courtay@irisa.fr) for the IDsA project
			(http://idsa.irisa.fr).

536
537
538
1608.	[func]		dig and host now accept -4/-6 to select IP transport
			to use when making queries.

539
540
541
1607.	[bug]		dig, host and nslookup were still using random()
			to generate query ids. [RT# 11013]

Mark Andrews's avatar
Mark Andrews committed
542
1606.	[bug]	 	DLV insecurity proof was failing.
543
544

1605.	[func]		New dns_db_find() option DNS_DBFIND_COVERINGNSEC.
Mark Andrews's avatar
Mark Andrews committed
545

546
547
548
549
1604.	[bug]		A xfrout_ctx_create() failure would result in
			xfrout_ctx_destroy() being called with a
			partially initaliased structure.
			
550
551
1603.	[bug]		nsupdate: set interactive based on isatty().
			[RT# 10929]
Mark Andrews's avatar
Mark Andrews committed
552

553
554
1602.	[bug]		Logging to a file failed unless a size was specified.
			[RT# 10925]
Mark Andrews's avatar
Mark Andrews committed
555

556
557
558
1601.	[bug]		Silence spurious warning 'both "recursion no;" and 
			"allow-recursion" active' warning from view "_bind".
			[RT# 10920]
Mark Andrews's avatar
Mark Andrews committed
559

560
561
1600.	[bug]		Duplicate zone pre-load checks were not case
			insensitive.
Mark Andrews's avatar
Mark Andrews committed
562

563
1599.	[bug]		Fix memory leak on error path when checking named.conf.
Mark Andrews's avatar
Mark Andrews committed
564

565
566
1598.	[func]		Specify that certain parts of the namespace must
			be secure (dnssec-must-be-secure).
Mark Andrews's avatar
Mark Andrews committed
567

Mark Andrews's avatar
Mark Andrews committed
568
569
1597.	[placeholder]	rt6496a

570
1596.	[func]		Accept 'notify-source' style syntax for query-source.
Mark Andrews's avatar
Mark Andrews committed
571

572
573
1595.	[func]		New notify type 'master-only'.  Enable notify for
			master zones only.
Mark Andrews's avatar
Mark Andrews committed
574

575
576
1594.	[bug]		'rndc dumpdb' could prevent named from answering
			queries while the dump was in progress.  [RT #10565]
Mark Andrews's avatar
Mark Andrews committed
577

578
579
1593.	[bug]		rndc should return "unknown command" to unknown
			commands. [RT# 10642]
Mark Andrews's avatar
Mark Andrews committed
580

Mark Andrews's avatar
Mark Andrews committed
581
1592.	[bug]		configure_view() could leak a dispatch. [RT# 10675]
582

583
584
1591.	[bug]		libbind: updated to BIND 8.4.5.

585
586
1590.	[port]		netbsd: update thread support.

587
588
1589.	[func]		DNSSEC lookaside validation.

589
590
1588.	[bug]		win32: TCP sockets could become blocked. [RT #10115]

591
592
1587.	[bug]		dns_message_settsigkey() failed to clear existing key.
			[RT #10590]
Mark Andrews's avatar
Mark Andrews committed
593

594
595
1586.	[func]		"check-names" is now implemented.

Mark Andrews's avatar
Mark Andrews committed
596
1585.	[placeholder]
Mark Andrews's avatar
Mark Andrews committed
597

Mark Andrews's avatar
Mark Andrews committed
598
1584.	[bug]		"make test" failed with a read only source tree.
599
			[RT #10461]
Mark Andrews's avatar
Mark Andrews committed
600

601
602
1583.	[bug]		Records add via UPDATE failed to get the correct trust
			level. [RT #10452]
Mark Andrews's avatar
Mark Andrews committed
603

604
605
1582.	[bug]		rrset-order failed to work on RRsets with more
			than 32 elements. [RT #10381]
Mark Andrews's avatar
Mark Andrews committed
606

607
1581.	[func]		Disable DNSSEC support by default.  To enable
608
			DNSSEC specify "dnssec-enable yes;" in named.conf.
609

Mark Andrews's avatar
Mark Andrews committed
610
1580.	[bug]		Zone destruction on final detach takes a long time.
611
			[RT #3746]
Mark Andrews's avatar
Mark Andrews committed
612

613
1579.	[bug]		Multiple task managers could not be created.
Mark Andrews's avatar
Mark Andrews committed
614

615
616
1578.	[bug]		Don't use CLASS E IPv4 addresses when resolving.
			[RT #10346]
Mark Andrews's avatar
Mark Andrews committed
617

618
619
1577.	[bug]		Use isc_uint32_t in ultrasparc optimizer bug
			workaround code. [RT #10331]
Mark Andrews's avatar
Mark Andrews committed
620

621
622
1576.	[bug]		Race condition in dns_dispatch_addresponse().
			[RT# 10272]
Mark Andrews's avatar
Mark Andrews committed
623

624
1575.	[func]		Log TSIG name on TSIG verify failure. [RT #4404]
Mark Andrews's avatar
Mark Andrews committed
625

626
627
628
1574.	[bug]		Don't attempt to open the controls socket(s) when
			running tests. [RT #9091]

629
630
631
1573.	[port]		linux: update to libtool 1.5.2 so that
			"make install DESTDIR=/xx" works with
			"configure --with-libtool".  [RT #9941]
Mark Andrews's avatar
Mark Andrews committed
632

633
634
1572.	[bug]		nsupdate: sign the soa query to find the enclosing
			zone if the server is specified. [RT #10148]
Mark Andrews's avatar
Mark Andrews committed
635

636
1571.	[bug]		rbt:hash_node() could fail leaving the hash table
Mark Andrews's avatar
Mark Andrews committed
637
			in an inconsistent state.  [RT #10208]
Mark Andrews's avatar
Mark Andrews committed
638

639
640
641
1570.	[bug]		nsupdate failed to handle classes other than IN.
			New keyword 'class' which sets the default class.
			[RT #10202]
Mark Andrews's avatar
Mark Andrews committed
642

643
644
1569.	[func]		nsupdate new command 'answer' which displays the
			complete answer message to the last update.
Mark Andrews's avatar
Mark Andrews committed
645

646
1568.	[bug]		nsupdate now reports that the update failed in
Mark Andrews's avatar
Mark Andrews committed
647
			interactive mode. [RT# 10236]
Mark Andrews's avatar
Mark Andrews committed
648

649
650
1567.	[bug]		B.ROOT-SERVERS.NET is now 192.228.79.201.

651
652
653
654
1566.	[port]		Support for the cmsg framework on Solaris and HP/UX.
			This also solved the problem that match-destinations
			for IPv6 addresses did not work on these systems.
			[RT #10221]
655

Mark Andrews's avatar
Mark Andrews committed
656
657
658
1565.	[bug]		CD flag should be copied to outgoing queries unless
			the query is under a secure entry point in which case
			CD should be set.
659

660
661
662
663
664
1564.	[func]		Attempt to provide a fallback entropy source to be
			used if named is running chrooted and named is unable
			to open entropy source within the chroot area.
			[RT #10133]

Mark Andrews's avatar
Mark Andrews committed
665
666
1563.	[bug]		Gracefully fail when unable to obtain neither an IPv4
			nor an IPv6 dispatch. [RT #10230]
667

668
669
670
1562.	[bug]		isc_socket_create() and isc_socket_accept() could
			leak memory under error conditions. [RT #10230]

671
672
673
1561.	[bug]		It was possible to release the same name twice if
			named ran out of memory. [RT #10197]

674
675
676
1560.	[port]		FreeBSD: work around FreeBSD 5.2 mapping EAI_NODATA
			and EAI_NONAME to the same value.

677
1559.	[port]		named should ignore SIGFSZ.
Mark Andrews's avatar
Mark Andrews committed
678

679
680
681
682
683
684
685
686
687
1558.	[func]		New DNSSEC 'disable-algorithms'.  Support entry into
			child zones for which we don't have a supported
			algorithm.  Such child zones are treated as unsigned.

1557.	[func]		Implement missing DNSSEC tests for
			* NOQNAME proof with wildcard answers.
			* NOWILDARD proof with NXDOMAIN.
			Cache and return NOQNAME with wildcard answers.

Mark Andrews's avatar
Mark Andrews committed
688
1556.	[bug]		nsupdate now treats all names as fully qualified.
689
			[RT #6427]
Mark Andrews's avatar
Mark Andrews committed
690

Mark Andrews's avatar
now->no    
Mark Andrews committed
691
1555.	[func]		'rrset-order cyclic' no longer has a random starting
692
693
			point. [RT #7572]

Mark Andrews's avatar
Mark Andrews committed
694
1554.	[bug]		dig, host, nslookup failed when no nameservers
695
696
			were specified in /etc/resolv.conf. [RT #8232]

697
1553.	[bug]		The windows socket code could stop accepting
Mark Andrews's avatar
Mark Andrews committed
698
			connections. [RT#10115]
699

700
701
1552.	[bug]		Accept NOTIFY requests from mapped masters if
			matched-mapped is set. [RT #10049]
Mark Andrews's avatar
Mark Andrews committed
702

703
704
1551.	[port]		Open "/dev/null" before calling chroot().

705
706
1550.	[port]		Call tzset(), if available, before calling chroot().

707
708
709
1549.	[func]		named-checkzone can now write out the zone contents
			in a easily parsable format (-D and -o).

Mark Andrews's avatar
Mark Andrews committed
710
711
712
1548.	[bug]		When parsing APL records it was possible to silently
			accept out of range ADDRESSFAMILY values. [RT# 9979]

713
714
715
1547.	[bug]		Named wasted memory recording duplicate lame zone
			entries. [RT #9341]

716
717
718
1546.	[bug]		We were rejecting valid secure CNAME to negative
			answers.

719
720
721
722
1545.	[bug]		It was possible to leak memory if named was unable to
			bind to the specified transfer source and TSIG was
			being used. [RT #10120]

723
724
1544.	[bug]		Named would logged a single entry to a file despite it
			being over the specified size limit.
Mark Andrews's avatar
Mark Andrews committed
725

726
1543.	[bug]		Logging using "versions unlimited" did not work.
Mark Andrews's avatar
Mark Andrews committed
727

Mark Andrews's avatar
Mark Andrews committed
728
729
1542.	[placeholder]

730
1541.	[func]		NSEC now uses new bitmap format.
Mark Andrews's avatar
Mark Andrews committed
731

732
733
1540.	[bug]		"rndc reload <dynamiczone>" was silently accepted.
			[RT #8934]
Mark Andrews's avatar
Mark Andrews committed
734

735
736
1539.	[bug]		Open UDP sockets for notify-source and transfer-source
			that use reserved ports at startup. [RT #9475]
Mark Andrews's avatar
Mark Andrews committed
737

Mark Andrews's avatar
Mark Andrews committed
738
739
1538.	[placeholder]	rt9997

740
1537.	[func]		New option "querylog".  If set specify whether query
Mark Andrews's avatar
Mark Andrews committed
741
			logging is to be enabled or disabled at startup.
Mark Andrews's avatar
Mark Andrews committed
742

743
744
1536.	[bug]		Windows socket code failed to log a error description
			when returning ISC_R_UNEXPECTED. [RT #9998]
Mark Andrews's avatar
Mark Andrews committed
745

Mark Andrews's avatar
Mark Andrews committed
746
747
1535.	[placeholder]

748
1534.	[bug]		Race condition when priming cache. [RT# 9940]
Mark Andrews's avatar
Mark Andrews committed
749

Mark Andrews's avatar
Mark Andrews committed
750
1533.	[func]		Warn if both "recursion no;" and "allow-recursion"
751
			are active. [RT# 4389]
Mark Andrews's avatar
Mark Andrews committed
752

753
754
755
1532.	[port]		netbsd: the configure test for <sys/sysctl.h>
			requires <sys/param.h>.

Mark Andrews's avatar
Mark Andrews committed
756
1531.	[port]		AIX more libtool fixes.
757

758
1530.	[bug]		It was possible to trigger a INSIST() failure if a
Mark Andrews's avatar
grammar    
Mark Andrews committed
759
			slave master file was removed at just the correct
760
761
			moment. [RT #9462]

Mark Andrews's avatar
Mark Andrews committed
762
1529.	[bug]		"notify explicit;" failed to log that NOTIFY messages
Mark Andrews's avatar
Mark Andrews committed
763
			were being sent for the zone. [RT# 9442]
Mark Andrews's avatar
Mark Andrews committed
764

765
766
1528.	[cleanup]	Simplify some dns_name_ functions based on the
			deprecation of bitstring labels.
767

768
769
1527.	[cleanup]	Reduce the number of gettimeofday() calls without
			losing necessary timer granularity.
770

771
772
1526.	[placeholder]

Mark Andrews's avatar
Mark Andrews committed
773
774
1525.	[bug]		dns_cache_create() could trigger a REQUIRE
			failure in isc_mem_put() during error cleanup.
775
			[RT# 9360]
776

777
778
779
1524.	[port]		AIX needs to be able to resolve all symbols when
			creating shared libraries (--with-libtool).

780
781
1523.	[bug]		Fix race condition in rbtdb. [RT# 9189]

782
783
784
1522.	[bug]		dns_db_findnode() relax the requirements on 'name'.
			[RT# 9286]

785
786
787
1521.	[bug]		dns_view_createresolver() failed to check the
			result from isc_mem_create(). [RT# 9294]

788
789
1520.	[protocol]	Add SSHFP (SSH Finger Print) type.

790
791
792
1519.	[bug]		dnssec-signzone:nsec_setbit() computed the wrong
			length of the new bitmap.

Mark Andrews's avatar
Mark Andrews committed
793
1518.	[bug]		dns_nsec_buildrdata(), and hence dns_nsec_build(),
794
795
796
			contained a off-by-one error when working out the
			number of octets in the bitmap.

Mark Andrews's avatar
Mark Andrews committed
797
798
1517.	[port]		Support for IPv6 interface scanning on HP/UX and
			TrueUNIX 5.1.
799

Mark Andrews's avatar
Mark Andrews committed
800
1516.	[func]		Roll the DNSSEC types to RRSIG, NSEC and DNSKEY.
801

Mark Andrews's avatar
Mark Andrews committed
802
803
1515.	[func]		Allow transfer source to be set in a server statement.
			[RT #6496]
804

Mark Andrews's avatar
Mark Andrews committed
805
806
1514.	[bug]		named: isc_hash_destroy() was being called too early.
			[RT #9160]
807

Mark Andrews's avatar
Mark Andrews committed
808
1513.	[doc]		Add "US" to root-delegation-only exclude list.
809

Mark Andrews's avatar
Mark Andrews committed
810
811
1512.	[bug]		Extend the delegation-only logging to return query
			type, class and responding nameserver.
812

Mark Andrews's avatar
Mark Andrews committed
813
814
1511.	[bug]		delegation-only was generating false positives
			on negative answers from subzones.
815

Mark Andrews's avatar
Mark Andrews committed
816
817
818
819
820
1510.	[func]		New view option "root-delegation-only".  Apply
			delegation-only check to all TLDs and root.
			Note there are some TLDs that are NOT delegation
			only (e.g. DE, LV, US and MUSEUM) these can be excluded
			from the checks by using exclude.
821

Mark Andrews's avatar
Mark Andrews committed
822
823
824
			root-delegation-only exclude {
				"DE"; "LV"; "US"; "MUSEUM";
			};
825

Mark Andrews's avatar
Mark Andrews committed
826
827
1509.	[bug]		Hint zones should accept delegation-only.  Forward
			zone should not accept delegation-only.
828

Mark Andrews's avatar
Mark Andrews committed
829
830
1508.	[bug]		Don't apply delegation-only checks to answers from
			forwarders.
831

Mark Andrews's avatar
Mark Andrews committed
832
833
1507.	[bug]		Handle BIND 8 style returns to NS queries to parents
			when making delegation-only checks.
834

Mark Andrews's avatar
Mark Andrews committed
835
1506.	[bug]		Wrong return type for dns_view_isdelegationonly().
836

Mark Andrews's avatar
Mark Andrews committed
837
1505.	[bug]		Uninitialized rdataset in sdb. [RT #8750]
838

Mark Andrews's avatar
Mark Andrews committed
839
1504.	[func]		New zone type "delegation-only".
840

Mark Andrews's avatar
Mark Andrews committed
841
1503.	[port]		win32: install libeay32.dll outside of system32.
842

Mark Andrews's avatar
Mark Andrews committed
843
1502.	[bug]		nsupdate: adjust timeouts for UPDATE requests over TCP.
844

Mark Andrews's avatar
Mark Andrews committed
845
846
1501.	[func]		Allow TCP queue length to be specified via
			named.conf, tcp-listen-queue.
847

Mark Andrews's avatar
Mark Andrews committed
848
849
1500.	[bug]		host failed to lookup MX records.  Also look up
			AAAA records.
850

Mark Andrews's avatar
Mark Andrews committed
851
852
1499.	[bug]		isc_random need to be seeded better if arc4random()
			is not used.
853

Mark Andrews's avatar
Mark Andrews committed
854
1498.	[port]		bsdos: 5.x support.
Mark Andrews's avatar
Mark Andrews committed
855

Mark Andrews's avatar
Mark Andrews committed
856
1497.	[placeholder]
857

Mark Andrews's avatar
Mark Andrews committed
858
1496.	[port]		test for pthread_attr_setstacksize().
859

Mark Andrews's avatar
Mark Andrews committed
860
1495.	[cleanup]	Replace hash functions with universal hash.
861

Mark Andrews's avatar
Mark Andrews committed
862
1494.	[security]	Turn on RSA BLINDING as a precaution.
Mark Andrews's avatar
Mark Andrews committed
863

Mark Andrews's avatar
Mark Andrews committed
864
1493.	[placeholder]
865

Mark Andrews's avatar
Mark Andrews committed
866
867
1492.	[cleanup]	Preserve rwlock quota context when upgrading /
			downgrading. [RT #5599]
868

Mark Andrews's avatar
Mark Andrews committed
869
870
1491.	[bug]		dns_master_dump*() would produce extraneous $ORIGIN
			lines. [RT #6206]
871

Mark Andrews's avatar
Mark Andrews committed
872
873
1490.	[bug]		Accept reading state as well as working state in
			ns_client_next(). [RT #6813]
874

Mark Andrews's avatar
Mark Andrews committed
875
876
1489.	[compat]	Treat 'allow-update' on slave zones as a warning.
			[RT #3469]
877

Mark Andrews's avatar
Mark Andrews committed
878
879
1488.	[bug]		Don't override trust levels for glue addresses.
			[RT #5764]
880

Mark Andrews's avatar
Mark Andrews committed
881
882
883
1487.	[bug]		A REQUIRE() failure could be triggered if a zone was
			queued for transfer and the zone was then removed.
			[RT #6189]
884

Mark Andrews's avatar
Mark Andrews committed
885
886
1486.	[bug]		isc_print_snprintf() '%%' consumed one too many format
			characters. [RT# 8230]
887

Mark Andrews's avatar
Mark Andrews committed
888
1485.	[bug]		gen failed to handle high type values. [RT #6225]
889

Mark Andrews's avatar
Mark Andrews committed
890
891
1484.	[bug]		The number of records reported after a AXFR was wrong.
			[RT #6229]
892

Mark Andrews's avatar
Mark Andrews committed
893
894
895
1483.	[bug]		dig axfr failed if the message id in the answer failed
			to match that in the request.  Only the id in the first
			message is required to match. [RT #8138]
Mark Andrews's avatar
Mark Andrews committed
896

Mark Andrews's avatar
Mark Andrews committed
897
898
899
1482.	[bug]		named could fail to start if the kernel supports
			IPv6 but no interfaces are configured.  Similarly
			for IPv4. [RT #6229]
900

Mark Andrews's avatar
Mark Andrews committed
901
902
1481.	[bug]		Refresh and stub queries failed to use masters keys
			if specified. [RT #7391]
903

Mark Andrews's avatar
Mark Andrews committed
904
905
906
907
908
1480.	[bug]		Provide replay protection for rndc commands.  Full
			replay protection requires both rndc and named to
			be updated.  Partial replay protection (limited
			exposure after restart) is provided if just named
			is updated.
909

Mark Andrews's avatar
Mark Andrews committed
910
911
912
1479.	[bug]		cfg_create_tuple() failed to handle out of
			memory cleanup.  parse_list() would leak memory
			on syntax errors.
Mark Andrews's avatar
Mark Andrews committed
913

Mark Andrews's avatar
Mark Andrews committed
914
1478.	[port]		ifconfig.sh didn't account for other virtual
Mark Andrews's avatar
Mark Andrews committed
915
			interfaces.  It now takes a optional argument
Mark Andrews's avatar
Mark Andrews committed
916
			to specify the first interface number. [RT #3907]
917

Mark Andrews's avatar
Mark Andrews committed
918
1477.	[bug]		memory leak using stub zones and TSIG.
Mark Andrews's avatar
Mark Andrews committed
919

Mark Andrews's avatar
Mark Andrews committed
920
1476.	[placeholder]
921

Mark Andrews's avatar
Mark Andrews committed
922
1475.	[port]		Probe for old sprintf().
923