Commit 0868e570 authored by Ondřej Surý's avatar Ondřej Surý Committed by Evan Hunt

Update release notes to mention removal of legacy system workarounds

parent 3023f14c
Pipeline #4617 canceled with stages
in 1 minute and 2 seconds
Supported platforms
In general, this version of BIND will build and run on any POSIX-compliant
system with a C99-compliant C compiler, BSD-style sockets, and the OpenSSL
cryptography library. To build with multiprocessing support, a
C11-compliant C compiler will be needed for standard atomics.
system with a C99-compliant C compiler, BSD-style sockets with RFC-compliant
IPv6 support, POSIX-compliant threads, and the OpenSSL cryptography library.
Atomic operations support from the compiler is needed, either in the form of
builtin operations, C11 atomics or the Interlocked family of functions on
Windows.
ISC regularly tests BIND on many operating systems and architectures, but
lacks the resources to test all of them. Consequently, ISC is only able to
......@@ -53,4 +55,6 @@ These are platforms on which BIND is known not to build or run:
* Platforms without at least OpenSSL 1.0.2
* Windows 10 / x86
* Windows Server 2012
* Windows Server 2012 and older
* Platforms that don't support IPv6 Advanced Socket API (RFC 3542)
* Platforms that don't support atomic operations (via compiler or library)
......@@ -11,9 +11,11 @@
## Supported platforms
In general, this version of BIND will build and run on any POSIX-compliant
system with a C99-compliant C compiler, BSD-style sockets, and the OpenSSL
cryptography library. To build with multiprocessing support, a
C11-compliant C compiler will be needed for standard atomics.
system with a C99-compliant C compiler, BSD-style sockets with RFC-compliant
IPv6 support, POSIX-compliant threads, and the OpenSSL cryptography library.
Atomic operations support from the compiler is needed, either in the form of
builtin operations, C11 atomics or the Interlocked family of functions on
Windows.
ISC regularly tests BIND on many operating systems and architectures, but
lacks the resources to test all of them. Consequently, ISC is only able to
......@@ -61,4 +63,6 @@ These are platforms on which BIND is known *not* to build or run:
* Platforms without at least OpenSSL 1.0.2
* Windows 10 / x86
* Windows Server 2012
* Windows Server 2012 and older
* Platforms that don't support IPv6 Advanced Socket API (RFC 3542)
* Platforms that don't support atomic operations (via compiler or library)
......@@ -51,6 +51,38 @@
</para>
</section>
<section xml:id="relnotes_platforms"><info><title>Supported Platforms</title></info>
<para>
BIND 9.13 has undergone substantial code refactoring and cleanup,
and some very old code has been removed that was needed to support
legacy platforms which are no longer supported by their vendors
and for which ISC is no longer able to perform quality assurance
testing. Specifically, workarounds for old versions of UnixWare,
BSD/OS, AIX, Tru64, SunOS, TruCluster and IRIX have been removed.
On UNIX-like systems, BIND now requires support for POSIX.1c
threads (IEEE Std 1003.1c-1995), the Advanced Sockets API for
IPv6 (RFC 3542), and standard atomic operations provided by the
C compiler.
</para>
<para>
More information can be found in the <filename>PLATFORM.md</filename>
file that is included in the source distribution of BIND 9. If your
platform compiler and system libraries provide the above features,
BIND 9 should compile and run. If that isn't the case, the BIND
development team will generally accept patches that add support
for systems that are still supported by their respective vendors.
</para>
<para>
As of BIND 9.13, the BIND development team has also made cryptography
(i.e., TSIG and DNSSEC) an integral part of the DNS server. The
OpenSSL cryptography library must be available for the target
platform. A PKCS#11 provider can be used instead for Public Key
cryptography (i.e., DNSSEC signing and validation), but OpenSSL is
still required for general cryptography operations such as hashing
and random number generation.
</para>
</section>
<section xml:id="relnotes_download"><info><title>Download</title></info>
<para>
The latest versions of BIND 9 software can always be found at
......@@ -349,7 +381,7 @@
<listitem>
<para>
BIND can no longer be built without DNSSEC support. A cryptography
provder (i.e., OpenSSL or a hardware service module with
provider (i.e., OpenSSL or a hardware service module with
PKCS#11 support) must be available. [GL #244]
</para>
</listitem>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment