ChangeLog 144 KB
Newer Older
1
2
3
4
5
535.	[bug]		jelte
	The log4cplus internal logging mechanism has been disabled, and no
	output from the log4cplus library itself should be printed to
	stderr anymore. This output can be enabled by using the
	compile-time option --enable-debug.
6
	(Trac #1081, git db55f102b30e76b72b134cbd77bd183cd01f95c0)
7

Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
8
9
10
11
12
13
14
534.	[func]*			vorner
	The b10-msgq now uses the same logging format as the rest
	of the system. However, it still doesn't obey the common
	configuration, as due to technical issues it is not able
	to read it yet.
	(git 9e6e821c0a33aab0cd0e70e51059d9a2761f76bb)

15
16
bind10-1.0.0-beta released on December 20, 2012

17
18
19
20
21
22
23
24
25
533.	[build]*		jreed
	Changed the package name in configure.ac from bind10-devel
	to bind10. This means the default sub-directories for
	etc, include, libexec, share, share/doc, and var are changed.
	If upgrading from a previous version, you may need to move
	and update your configurations or change references for the
	old locations.
	(git bf53fbd4e92ae835280d49fbfdeeebd33e0ce3f2)

26
27
28
29
30
31
32
33
34
532.	[func]		marcin
	Implemented configuration of DHCPv4 option values using
	the configuration manager. In order to set values for the
	data fields carried by a particular option, the user
	specifies a string of hexadecimal digits that is converted
	to binary data and stored in the option buffer. A more
	user-friendly way of specifying option content is planned.
	(Trac #2544, git fed1aab5a0f813c41637807f8c0c5f8830d71942)

35
531.	[func]		tomek
Tomek Mrugalski's avatar
Tomek Mrugalski committed
36
37
38
	b10-dhcp6: Added support for expired leases. Leases for IPv6
	addresses that are past their valid lifetime may be recycled, i.e.
	rellocated to other clients if needed.
39
40
	(Trac #2327, git 62a23854f619349d319d02c3a385d9bc55442d5e)

41
42
43
44
45
46
47
48
49
50
51
52
53
54
530.	[func]*		team
	b10-loadzone was fully overhauled.  It now uses C++-based zone
	parser and loader library, performing stricter checks, having
	more complete support for master file formats, producing more
	helpful logs, is more extendable for various types of data
	sources, and yet much faster than the old version.  In
	functionality the new version should be generally backwards
	compatible to the old version, but there are some
	incompatibilities: name fields of RDATA (in NS, SOA, etc) must
	be absolute for now; due to the stricter checks some input that was
	(incorrectly) accepted by the old version may now be rejected;
	command line options and arguments are not compatible.
	(Trac #2380, git 689b015753a9e219bc90af0a0b818ada26cc5968)

55
529.	[func]*		team
56
57
58
59
60
61
62
63
64
65
66
	The in-memory data source now uses a more complete master
	file parser to load textual zone files.  As of this change
	it supports multi-line RR representation and more complete
	support for escaped and quoted strings.  It also produces
	more helpful log messages when there is an error in the zone
	file.  It will be enhanced as more specific tasks in the
	#2368 meta ticket are completed.  The new parser is generally
	backward compatible to the previous one, but due to the
	tighter checks some input that has been accepted so far
	could now be rejected, so it's advisable to check if you
	use textual zone files directly loaded to memory.
67
68
	(Trac #2470, git c4cf36691115c15440b65cac16f1c7fcccc69521)

69
70
71
72
73
74
75
528.	[func]		marcin
	Implemented definitions for DHCPv4 option definitions identified
	by option codes: 1 to 63, 77, 81-82, 90-92, 118-119, 124-125.
	These definitions are now used by the DHCPv4 server to parse
	options received from a client.
	(Trac #2526, git 50a73567e8067fdbe4405b7ece5b08948ef87f98)

76
77
78
79
80
81
82
83
527.	[bug]		jelte
	Fixed a bug in the synchronous UDP server code where unexpected
	errors from ASIO or the system libraries could cause b10-auth to
	stop. In asynchronous mode these errors would be ignored
	completely. Both types have been updated to report the problem with
	an ERROR log message, drop the packet, and continue service.
	(Trac #2494, git db92f30af10e6688a7dc117b254cb821e54a6d95)

84
526.	[bug]		stephen
85
86
87
88
89
	Miscellaneous fixes to DHCP code including rationalisation of
	some methods in LeaseMgr and resolving some Doxygen/cppcheck
	issues.
	(Trac #2546, git 0140368ed066c722e5d11d7f9cf1c01462cf7e13)

90
525.	[func]		tomek
Tomek Mrugalski's avatar
Tomek Mrugalski committed
91
92
93
94
	b10-dhcp4: DHCPv4 server is now able to parse configuration. It
	is possible to specify IPv4 subnets with dynamic pools within
	them. Although configuration is accepted, it is not used yet. This
	will be implemented shortly.
95
96
	(Trac #2270, git de29c07129d41c96ee0d5eebdd30a1ea7fb9ac8a)

97
524.	[func]		tomek
Tomek Mrugalski's avatar
Tomek Mrugalski committed
98
99
	b10-dhcp6 is now able to handle RENEW messages. Leases are
	renewed and REPLY responses are sent back to clients.
100
101
	(Trac #2325, git 7f6c9d057cc0a7a10f41ce7da9c8565b9ee85246)

102
103
104
105
106
107
523.	[bug]		muks
	Fixed a problem in inmem NSEC3 lookup (for, instance when using a
	zone with no non-apex names) which caused exceptions when the zone
	origin was not added as an explicit NSEC3 record.
	(Trac #2503, git 6fe86386be0e7598633fe35999112c1a6e3b0370)

108
522.	[func]*		jelte
109
110
111
112
113
114
115
116
	Configuration of TSIG keys for b10-xfrin has changed; instead of
	specifying the full TSIG key (<name>:<base64>:<algo>) it now expects
	just the name, and uses the global TSIG Key Ring like all the other
	components (configuration list /tsig_keys/keys).
	Note: this is not automatically updated, so if you use TSIG in
	xfrin, you need to update your configuration.
	(Trac #1351, git e65b7b36f60f14b7abe083da411e6934cdfbae7a)

117
118
119
120
121
122
521.	[func]		marcin
	Implemented definitions for DHCPv6 standard options identified
	by codes up to 48. These definitions are now used by the DHCPv6
	server to create instances of options being sent to a client.
	(Trac #2491, git 0a4faa07777189ed9c25211987a1a9b574015a95)

123
124
125
126
127
128
129
130
131
132
133
134
135
136
520.	[func]		jelte
	The system no longer prints initial log messages to stdout
	regardless of what logging configuration is present, but it
	temporarily stores any log messages until the configuration is
	processed. If there is no specific configuration, or if the
	configuration cannot be accessed, it will still fall back to stdout.
	Note that there are still a few instances where output is printed,
	these shall be addressed separately.
	Note also that, currently, in case it falls back to stdout (such as
	when it cannot connect to b10-cfgmgr), all log messages are always
	printed (including debug messages), regardless of whether -v was
	used. This shall also be addressed in a future change.
	(Trac #2445, git 74a0abe5a6d10b28e4a3e360e87b129c232dea68)

Mukund Sivaraman's avatar
Mukund Sivaraman committed
137
519.	[bug]		muks
138
139
	Fixed a problem in inmem NSEC lookup which caused returning an
	incorrect NSEC record or (in rare cases) assert failures
140
141
	when a non-existent domain was queried, which was a sub-domain of
	a domain that existed.
Mukund Sivaraman's avatar
Mukund Sivaraman committed
142
143
	(Trac #2504, git 835553eb309d100b062051f7ef18422d2e8e3ae4)

144
145
146
147
518.	[func]		stephen
	Extend DHCP MySQL backend to handle IPv4 addresses.
	(Trac #2404, git ce7db48d3ff5d5aad12b1da5e67ae60073cb2607)

148
149
150
151
152
517.	[func]		stephen
	Added IOAddress::toBytes() to get byte representation of address.
	Also added convenience methods for V4/V6 address determination.
	(Trac #2396, git c23f87e8ac3ea781b38d688f8f7b58539f85e35a)

153
154
155
156
157
158
159
516.	[bug]		marcin
	Fixed 'make distcheck' failure when running perfdhcp unit tests.
	The unit tests used to read files from the folder specified
	with the path relative to current folder, thus when the test was
	run from a different folder the files could not be found.
	(Trac #2479, git 4e8325e1b309f1d388a3055ec1e1df98c377f383)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
160
161
162
163
164
165
166
167
515.	[bug]		jinmei
	The in-memory data source now accepts an RRSIG provided without
	a covered RRset in loading.  A subsequent query for its owner name
	of the covered type would generally result in NXRRSET; if the
	covered RRset is of type NSEC3, the corresponding NSEC3 processing
	would result in SERVFAIL.
	(Trac #2420, git 6744c100953f6def5500bcb4bfc330b9ffba0f5f)

168
169
170
171
172
173
514.	[bug]		jelte
	b10-msgq now handles socket errors more gracefully when sending data
	to clients. It no longer exits with 'broken pipe' errors, and is
	also better at resending data on temporary error codes from send().
	(Trac #2398, git 9f6b45ee210a253dca608848a58c824ff5e0d234)

174
175
176
177
178
179
180
181
513.	[func]		marcin
	Implemented the OptionCustom class for DHCPv4 and DHCPv6.
	This class represents an option which has a defined
	structure: a set of data fields of specific types and order.
	It is used to represent those options that can't be
	represented by any other specialized class.
	(Trac #2312, git 28d885b457dda970d9aecc5de018ec1120143a10)

182
183
184
185
186
187
188
189
512.	[func]		jelte
	Added a new tool b10-certgen, to check and update the self-signed
	SSL certificate used by b10-cmdctl. The original certificate
	provided has been removed, and a fresh one is generated upon first
	build. See the b10-certgen manpage for information on how to update
	existing installed certificates.
	(Trac #1044, git 510773dd9057ccf6caa8241e74a7a0b34ca971ab)

190
191
192
193
194
195
196
197
511.	[bug]		stephen
	Fixed a race condition in the DHCP tests whereby the test program
	spawned a subprocess and attempted to read (without waiting) from
	the interconnecting pipe before the subprocess had written
	anything.  The lack of output was being interpreted as a test
	failure.
	(Trac #2410, git f53e65cdceeb8e6da4723730e4ed0a17e4646579)

198
199
200
201
202
203
204
205
510.	[func]		marcin
	DHCP option instances can be created using a collection of strings.
	Each string represents a value of a particular data field within
	an option. The data field values, given as strings, are validated
	against the actual types of option fields specified in the options
	definitions.
	(Trac #2490, git 56cfd6612fcaeae9acec4a94e1e5f1a88142c44d)

Mukund Sivaraman's avatar
Mukund Sivaraman committed
206
207
208
209
210
509.	[func]		muks
	Log messages now include the pid of the process that logged the
	message.
	(Trac #1745, git fc8bbf3d438e8154e7c2bdd322145a7f7854dc6a)

211
212
213
214
215
216
217
508.	[bug]		stephen
	Split the DHCP library into two directories, each with its own
	Makefile.  This properly solves the problem whereby a "make"
	operation with multiple threads could fail because of the
	dependencies between two libraries in the same directory.
	(Trac #2475, git 834fa9e8f5097c6fd06845620f68547a97da8ff8)

218
219
bind10-devel-20121115 released on November 15, 2012

220
507.	[doc]		jelte
221
222
223
224
	Added a chapter about the use of the bindctl command tool to
	to the BIND 10 guide.
	(Trac #2305, git c4b0294b5bf4a9d32fb18ab62ca572f492788d72)

225
226
227
228
229
230
231
506.	[security]		jinmei
	Fixed a use-after-free case in handling DNAME record with the
	in-memory data source.  This could lead to a crash of b10-auth
	if it serves a zone containing a DNAME RR from the in-memory
	data source.  This bug was introduced at bind10-devel-20120927.
	(Trac #2471, git 2b1793ac78f972ddb1ae2fd092a7f539902223ff)

232
233
234
235
236
237
505.	[bug]		jelte
	Fixed a bug in b10-xfrin where a wrong call was made during the
	final check of a TSIG-signed transfer, incorrectly rejecting the
	transfer.
	(Trac #2464, git eac81c0cbebee72f6478bdb5cda915f5470d08e1)

Naoki Kambe's avatar
Naoki Kambe committed
238
239
504.	[bug]*		naokikambe
	Fixed an XML format viewed from b10-stats-httpd. Regarding
240
241
242
243
244
245
	per-zone counters as zones of Xfrout, a part of the item
	values wasn't an exact XML format. A zone name can be
	specified in URI as
	/bind10/statistics/xml/Xfrout/zones/example.org/xfrreqdone.
	XSD and XSL formats are also changed to constant ones due
	to these changes.
Naoki Kambe's avatar
Naoki Kambe committed
246
247
	(Trac #2298, git 512d2d46f3cb431bcdbf8d90af27bff8874ba075)

248
503.	[func]		Stephen
249
250
251
252
253
254
255
256
	Add initial version of a MySQL backend for the DHCP code.  This
	implements the basic IPv6 lease access functions - add lease, delete
	lease and update lease.  The backend is enabled by specifying
	--with-dhcp-mysql on the "configure" command line: without this
	switch, the MySQL code is not compiled, so leaving BIND 10 able to
	be built on systems without MySQL installed.
	(Trac #2342, git c7defffb89bd0f3fdd7ad2437c78950bcb86ad37)

257
502.	[func]		vorner
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
258
259
260
261
	TTLs can be specified with units as well as number of seconds now.
	This allows specifications like "1D3H".
	(Trac #2384, git 44c321c37e17347f33ced9d0868af0c891ff422b)

262
501.	[func]		tomek
263
264
265
266
	Added DHCPv6 allocation engine, now used in the processing of DHCPv6
	messages.
	(Trac #2414, git b3526430f02aa3dc3273612524d23137b8f1fe87)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
267
268
269
270
271
272
273
274
275
276
500.	[bug]		jinmei
	Corrected the autoconf example in the examples directory so it can
	use the configured path to Boost to check availability of the BIND 10
	library.  Previously the sample configure script could fail if
	Boost is installed in an uncommon place.  Also, it now provides a
	helper m4 function and example usage for embedding the library
	path to executable (using linker options like -Wl,-R) to help
	minimize post-build hassles.
	(Trac #2356, git 36514ddc884c02a063e166d44319467ce6fb1d8f)

277
278
279
280
281
282
499.	[func]		team
	The b10-auth 'loadzone' command now uses the internal thread
	introduced in 495 to (re)load a zone in the background, so that
	query processing isn't blocked while loading a zone.
	(Trac #2213, git 686594e391c645279cc4a95e0e0020d1c01fba7e)

283
284
285
286
498.	[func]		marcin
	Implemented DHCPv6 option values configuration using configuration
	manager. In order to set values for data fields carried by the
	particular option, user specifies the string of hexadecimal digits
287
288
289
	that is in turn converted to binary data and stored into option
	buffer. More user friendly way of option content specification is
	planned.
290
291
	(Trac #2318, git e75c686cd9c14f4d6c2a242a0a0853314704fee9)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
292
293
294
295
296
297
298
299
300
497.	[bug]		jinmei
	Fixed several issues in isc-sysinfo:
	- make sure it doesn't report a negative value for free memory
	  size (this happened on FreeBSD, but can possibly occur on other
	  BSD variants)
	- correctly identifies the SMP support in kernel on FreeBSD
	- print more human readable uptime as well as the time in seconds
	(Trac #2297, git 59a449f506948e2371ffa87dcd19059388bd1657)

301
496.	[func]		tomek
302
303
304
305
	DHCPv6 Allocation Engine implemented. It allows address allocation
	from the configured subnets/pools. It currently features a single
	allocator: IterativeAllocator, which assigns addresses iteratively.
	Other allocators (hashed, random) are planned.
306
307
	(Trac #2324, git 8aa188a10298e3a55b725db36502a99d2a8d638a)

308
309
310
311
312
313
314
315
495.	[func]		team
	b10-auth now handles reconfiguration of data sources in
	background using a separate thread.  This means even if the new
	configuration includes a large amount of data to be loaded into
	memory (very large zones and/or a very large number of zones),
	the reconfiguration doesn't block query handling.
	(Multiple Trac tickets up to #2211)

316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
494.	[bug]		jinmei
	Fixed a problem that shutting down BIND 10 kept some of the
	processes alive.  It was two-fold: when the main bind10 process
	started as a root, started b10-sockcreator with the privilege, and
	then dropped the privilege, the bind10 process cannot kill the
	sockcreator via signal any more (when it has to), but it kept
	sending the signal and didn't stop.  Also, when running on Python
	3.1 (or older), the sockcreator had some additional file
	descriptor open, which prevented it from exiting even after the
	bind10 process terminated.  Now the bind10 process simply gives up
	killing a subprocess if it fails due to lack of permission, and it
	makes sure the socket creator is spawned without any unnecessary
	FDs open.
	(Trac #1858, git 405d85c8a0042ba807a3a123611ff383c4081ee1)

331
332
333
334
335
336
337
338
339
340
341
493.	[build]		jinmei
	Fixed build failure with newer versions of clang++.  These
	versions are stricter regarding "unused variable" and "unused
	(driver) arguments" warnings, and cause fatal build error
	with -Werror.  The affected versions of clang++ include Apple's
	customized version 4.1 included in Xcode 4.5.1.  So this fix
	will solve build errors for Mac OS X that uses newer versions of
	Xcode.
	(Trac #2340, git 55be177fc4f7537143ab6ef5a728bd44bdf9d783,
	3e2a372012e633d017a97029d13894e743199741 and commits before it
	with [2340] in the commit log)
Tomek Mrugalski's avatar
Tomek Mrugalski committed
342

343
492.	[func]		tomek
344
	libdhcpsrv: The DHCP Configuration Manager is now able to store
Tomek Mrugalski's avatar
Tomek Mrugalski committed
345
	information about IPv4 subnets and pools. It is still not possible
346
347
348
349
	to configure that information. Such capability will be implemented
	in a near future.
	(Trac #2237, git a78e560343b41f0f692c7903c938b2b2b24bf56b)

350
351
352
353
354
355
356
357
491.	[func]		tomek
	b10-dhcp6: Configuration for DHCPv6 has been implemented.
	Currently it is possible to configure IPv6 subnets and pools
	within those subnets, global and per subnet values of renew,
	rebind, preferred and valid lifetimes. Configured parameters
	are accepted, but are not used yet by the allocation engine yet.
	(Trac #2269, git 028bed9014b15facf1a29d3d4a822c9d14fc6411)

358
490.	[func]		tomek
359
	libdhcpsrv: An abstract API for lease database has been
360
361
	implemented. It offers a common interface to all concrete
	database backends.
362
363
	(Trac #2140, git df196f7609757253c4f2f918cd91012bb3af1163)

Mukund Sivaraman's avatar
Mukund Sivaraman committed
364
365
366
367
368
369
489.	[func]		muks
	The isc::dns::RRsetList class has been removed. It was now unused
	inside the BIND 10 codebase, and the interface was considered
	prone to misuse.
	(Trac #2266, git 532ac3d0054f6a11b91ee369964f3a84dabc6040)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
370
371
488.	[build]		jinmei
	On configure, changed the search order for Python executable.
372
	It first tries more specific file names such as "python3.2" before
JINMEI Tatuya's avatar
JINMEI Tatuya committed
373
374
375
376
	more generic "python3".  This will prevent configure failure on
	Mac OS X that installs Python3 via recent versions of Homebrew.
	(Trac #2339, git 88db890d8d1c64de49be87f03c24a2021bcf63da)

377
378
379
380
381
382
383
384
385
386
387
388
487.	[bug]		jinmei
	The bind10 process now terminates a component (subprocess) by the
	"config remove Boss/components" bindctl command even if the
	process crashes immediately before the command is sent to bind10.
	Previously this led to an inconsistent state between the
	configuration and an internal component list of bind10, and bind10
	kept trying to restart the component.  A known specific case of
	this problem is that b10-ddns could keep failing (due to lack of
	dependency modules) and the administrator couldn't stop the
	restart via bindctl.
	(Trac #2244, git 7565788d06f216ab254008ffdfae16678bcd00e5)

389
390
391
486.	[bug]*		jinmei
	All public header files for libb10-dns++ are now installed.
	Template configure.ac and utility AC macros for external projects
392
	using the library are provided under the "examples" directory.
393
394
395
396
	The src/bin/host was moved as part of the examples (and not
	installed with other BIND 10 programs any more).
	(Trac #1870, git 4973e638d354d8b56dcadf71123ef23c15662021)

397
398
399
400
401
402
403
404
405
485.	[bug]		jelte
	Several bugs have been fixed in bindctl; tab-completion now works
	within configuration lists, the problem where sometimes the
	completion added a part twice has been solved, and it no longer
	suggests the confusing value 'argument' as a completion-hint for
	configuration items. Additionally, bindctl no longer crashes upon
	input like 'config remove Boss'.
	(Trac #2254, git 9047de5e8f973e12e536f7180738e6b515439448)

406
484.	[func]		tomek
Tomek Mrugalski's avatar
Tomek Mrugalski committed
407
408
409
410
	A new library (libb10-dhcpsrv) has been created. At present, it
	only holds the code for the DHCP Configuration Manager. Currently
	this object only supports basic configuration storage for the DHCPv6
	server,	but that capability will be expanded.
411
412
	(Trac #2238, git 6f29861b92742da34be9ae76968e82222b5bfd7d)

Jeremy C. Reed's avatar
Jeremy C. Reed committed
413
414
415
416
417
418
419
420
421
422
bind10-devel-20120927 released on September 27, 2012

483.	[func]		marcin
	libdhcp++: Added new parameter to define sub-second timeout
	for DHCP packet reception. The total timeout is now specified
	by two parameters:  first specifies integral number of
	seconds, second (which defaults to 0) specifies fractional
	seconds with microsecond resolution.
	(Trac #2231, git 15560cac16e4c52129322e3cb1787e0f47cf7850)

423
424
425
426
427
428
429
430
431
432
433
482.	[func]		team
	Memory footprint of the in-memory data source has been
	substantially improved.  For example, b10-auth now requires much
	less memory than BIND 9 named for loading and serving the same
	zone in-memory.  This is a transparent change in terms of user
	operation; there's no need to update or change the configuration
	to enable this feature.
	Notes: multiple instances of b10-auth still make separate copies
	of the memory image.  Also, loading zones in memory still suspends
	query processing, so manual reloading or reloading after incoming
	transfer may cause service disruption for huge zones.
Jeremy C. Reed's avatar
Jeremy C. Reed committed
434
	(Multiple Trac tickets, Summarized in Trac #2101)
435

Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
436
437
481.	[bug]		vorner
	The abbreviated form of IP addresses in ACLs is accepted
438
	(eg. "from": ["127.0.0.1", "::1"] now works).
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
439
440
	(Trac #2191, git 48b6e91386b46eed383126ad98dddfafc9f7e75e)

Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
441
480.	[doc]		vorner
Jeremy C. Reed's avatar
Jeremy C. Reed committed
442
	Added documentation about global TSIG key ring to the Guide.
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
443
	(Trac #2189, git 52177bb31f5fb8e134aecb9fd039c368684ad2df)
Jeremy C. Reed's avatar
Jeremy C. Reed committed
444

445
446
447
479.	[func]		marcin
	Refactored perfdhcp tool to C++, added missing unit tests and removed
	the old code. The new code uses libdhcp++ (src/lib/dhcp) for DHCP
448
449
	packet management, network interface management and packet
	transmission.
450
451
452
453
454
455
456
457
	(Trac #1954, git 8d56105742f3043ed4b561f26241f3e4331f51dc)
	(Trac #1955, git 6f914bb2c388eb4dd3e5c55297f8988ab9529b3f)
	(Trac #1956, git 6f914bb2c388eb4dd3e5c55297f8988ab9529b3f)
	(Trac #1957, git 7fca81716ad3a755bf5744e88c3adeef15b04450)
	(Trac #1958, git 94e17184270cda58f55e6da62e845695117fede3)
	(Trac #1959, git a8cf043db8f44604c7773e047a9dc2861e58462a)
	(Trac #1960, git 6c192e5c0903f349b4d80cf2bb6cd964040ae7da)

Naoki Kambe's avatar
Naoki Kambe committed
458
459
460
461
462
463
478.	[func]		naokikambe
	New statistics items added into b10-xfrout: ixfr_running and
	axfr_running.  Their values can be obtained by invoking "Stats show
	Xfrout" via bindctl while b10-xfrout is running.
	(Trac #2222, git 91311bdbfea95f65c5e8bd8294ba08fac12405f1)

464
465
466
467
468
477.	[bug]		jelte
	Fixed a problem with b10-msgq on OSX when using a custom Python
	installation, that offers an unreliable select.poll() interface.
	(Trac #2190, git e0ffa11d49ab949ee5a4ffe7682b0e6906667baa)

Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
469
476.	[bug]		vorner
Jeremy C. Reed's avatar
Jeremy C. Reed committed
470
	The Xfrin now accepts transfers with some TSIG signatures omitted, as
471
472
	allowed per RFC2845, section 4.4. This solves a compatibility
	issues with Knot and NSD.
Jeremy C. Reed's avatar
Jeremy C. Reed committed
473
	(Trac #1357, git 7ca65cb9ec528118f370142d7e7b792fcc31c9cf)
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
474

Naoki Kambe's avatar
Naoki Kambe committed
475
475.	[func]		naokikambe
476
477
478
479
	Added Xfrout statistics counters: notifyoutv4, notifyoutv6,
	xfrrej, and xfrreqdone. These are per-zone type counters.
	The value of these counters can be seen with zone name by
	invoking "Stats show Xfrout" via bindctl.
480
	(Trac #2158, git e68c127fed52e6034ab5309ddd506da03c37a08a)
481

482
474.	[func]		stephen
483
484
485
	DHCP servers now use the BIND 10 logging system for messages.
	(Trac #1545, git de69a92613b36bd3944cb061e1b7c611c3c85506)

486
487
488
489
490
491
473.	[bug]		jelte
	TCP connections now time out in b10-auth if no (or not all) query
	data is sent by the client. The timeout value defaults to 5000
	milliseconds, but is configurable in Auth/tcp_recv_timeout.
	(Trac #357, git cdf3f04442f8f131542bd1d4a2228a9d0bed12ff)

Jeremy C. Reed's avatar
Jeremy C. Reed committed
492
493
494
495
496
497
498
499
500
472.	[build]		jreed
	All generated documentation is removed from the git repository.
	The ./configure --enable-man option is removed. A new option
	-enable-generate-docs is added; it checks for required
	documentation building dependencies. Dummy documentation is
	built and installed if not used. Distributed tarballs will
	contain the generated documentation.
	(Trac #1687, git 2d4063b1a354f5048ca9dfb195e8e169650f43d0)

501
471.	[bug]		vorner
502
503
504
	Fixed a problem when b10-loadzone tried to tread semicolon
	in string data as start of comment, which caused invalid
	data being loaded.
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
505
506
	(Trac #2188, git 12efec3477feb62d7cbe36bdcfbfc7aa28a36f57)

Naoki Kambe's avatar
Naoki Kambe committed
507
470.	[func]		naokikambe
508
509
510
511
512
	The stats module now supports partial statistics updates. Each
	module can return only statistics data which have been updated since
	the last time it sent them to the stats module. The purpose of partial
	updates is to reduce the amount of statistics data sent through the
	message queue.
Naoki Kambe's avatar
Naoki Kambe committed
513
	(Trac #2179, git d659abdd9f3f369a29830831297f64484ac7b051)
514

515
516
517
518
519
520
521
522
523
524
525
469.	[bug]		jelte
	libdatasrc: the data source client list class now ignores zone
	content problems (such as out-of-zone data) in MasterFiles type
	zones, instead of aborting the entire configuration.  It only logs
	an error, and all other zones and datasources are still loaded. The
	error log message has been improved to include the zone origin and
	source file name.  As a result of this change, b10-auth no longer
	exits upon encountering such errors during startup.
	(Trac #2178, git a75ed413e8a1c8e3702beea4811a46a1bf519bbd)

468.	[func]*		naokikambe, fujiwara
Kazunori Fujiwara's avatar
Kazunori Fujiwara committed
526
	b10-stats polls the bind10 and b10-auth with new 'getstats' command
527
528
529
530
531
	to retrieve statistics data.  The "poll-interval" parameter in
	b10-stats is for configuring the polling interval.  All statistics
	data collected once are preserved while b10-stats is running.
	The "sendstats" command was removed from bind10 and b10-auth. The
	"statistics-interval" configuration item was removed from b10-auth.
532
533
	(Trac #2136, git dcb5ce50b4b4e50d28247d5f8b5cb8d90bda942a)
	(Trac #2137, git d53bb65a43f6027b15a6edc08c137951e3ce5e0e)
534
	(Trac #2138, git b34e3313460eebc9c272ca8c1beb27297c195150)
535

536
537
bind10-devel-20120816 released on August 16, 2012

538
539
540
541
542
543
544
545
546
547
467.	[bug]		jelte
	For configurations, allow named sets to contain lists of items.
	(Trac #2114, git 712637513505f7afb8434292ca2a98c3517dffd3)

466.	[func]		jelte
	Allow bindctl to add and remove items to and from lists
	and dicts for items of type "any". This is for easier
	configurations.
	(Trac #2184, git ad2d728d1496a9ff59d622077850eed0638b54eb)

548
549
550
551
465.	[doc]		vorner
	Improved documentation about ACLs in the Guide.
	(Trac #2066, git 76f733925b3f3560cfc2ee96d2a19905b623bfc3)

552
553
554
555
556
464.	[func]		jelte, muks
	libdns++: The LabelSequence class has been extended with some new
	methods.  These are mainly intended for internal development, but
	the class is public, so interested users may want to look into the
	extensions.
557
558
559
560
561
	(Trac #2052, git 57c61f2^..dbef0e2)
	(Trac #2053, git 1fc2b06b57a008ec602daa2dac79939b3cc6b65d)
	(Trac #2086, git 3fac7d5579c5f51b8e952b50db510b45bfa986f3)
	(Trac #2087, git 49ad6346f574d00cfbd1d12905915fd0dd6a0bac)
	(Trac #2148, git 285c2845ca96e7ef89f9158f1dea8cda147b6566)
562

Mukund Sivaraman's avatar
Mukund Sivaraman committed
563
564
565
566
463.	[func]		jinmei
	Python isc.dns: the Name, RRType and RRClass classes are now
	hashable.  So, for example, objects of these classes can be used
	as a dictionary key.
567
	(Trac #1883, git 93ec40dd0a1df963c676037cc60c066c748b3030)
Mukund Sivaraman's avatar
Mukund Sivaraman committed
568

Jeremy C. Reed's avatar
Jeremy C. Reed committed
569
462.	[build]		jreed
Mukund Sivaraman's avatar
Mukund Sivaraman committed
570
571
572
573
574
	BIND 10 now compiles against googletest-1.6.0 versions that are
	installed on the system as source code. For such versions, use the
	--with-gtest-source configure switch.
	(Trac #1999, git 6a26d459a40d7eed8ebcff01835377b3394a78de)

Mukund Sivaraman's avatar
Mukund Sivaraman committed
575
461.	[bug]		muks
576
577
578
579
	We now set g+w and g+s permissions (mode 02770) during
	installation for the BIND 10 local state directory
	($prefix/var/bind10-devel/) so that permissions to files
	and sub-directories created in that directory are inherited.
Mukund Sivaraman's avatar
Mukund Sivaraman committed
580
581
	(Trac #2171, git ab4d20907abdb3ce972172463dcc73405b3dee79)

Mukund Sivaraman's avatar
Mukund Sivaraman committed
582
583
584
585
586
587
460.	[bug]		muks
	SSHFP's algorithm and fingerprint type checks have been relaxed
	such that they will accept any values in [0,255]. This is so that
	future algorithm and fingerprint types are accomodated.
	(Trac #2124, git 49e6644811a7ad09e1326f20dd73ab43116dfd21)

588
459.	[func]		tomek
589
	b10-dhcp6: DHCPv6 server component is now integrated into
590
	BIND 10 framework. It can be started from BIND 10 (using bindctl)
591
592
593
594
	and can receive commands. The only supported command for now
	is 'Dhcp6 shutdown'.
	b10-dhcp4: Command line-switch '-s' to disable msgq was added.
	b10-dhcp6: Command line-switch '-s' to disable msgq was added.
Tomek Mrugalski's avatar
Tomek Mrugalski committed
595
	(Trac #1708, git e0d7c52a71414f4de1361b09d3c70431c96daa3f)
Kazunori Fujiwara's avatar
Kazunori Fujiwara committed
596

597
458.	[build]*		jinmei
JINMEI Tatuya's avatar
JINMEI Tatuya committed
598
599
600
601
602
603
604
605
606
607
608
609
	BIND 10 now relies on Boost offset_ptr, which caused some new
	portability issues.  Such issues are detected at ./configure time.
	If ./configure stops due to this, try the following workaround:
	- If it's about the use of mutable for a reference with clang++,
	  upgrade Boost version to 1.44 or higher, or try a different
	  compiler (e.g. g++ generally seems to be free from this issue)
	- If it's about the use of "variadic templates", specify
	  --without-werror so the warning won't be promoted to an error.
	  Specifying BOOST_NO_USER_CONFIG in CXXFLAGS may also work
	  (which would be the case if Boost is installed via pkgsrc)
	(Trac #2147, git 30061d1139aad8716e97d6b620c259752fd0a3cd)

610
457.	[build]*		muks
Mukund Sivaraman's avatar
Mukund Sivaraman committed
611
612
613
614
	BIND 10 library names now have a "b10-" prefix. This is to avoid
	clashes with other similarly named libraries on the system.
	(Trac #2071, git ac20a00c28069804edc0a36050995df52f601efb)

615
456.	[build]		muks
Mukund Sivaraman's avatar
Mukund Sivaraman committed
616
	BIND 10 now compiles against log4cplus-1.1.0 (RC releases)
617
618
619
	also.  Note: some older versions of log4cplus don't work any more;
	known oldest workable version is 1.0.4.  Thanks to John Lumby for
	sending a patch.
Mukund Sivaraman's avatar
Mukund Sivaraman committed
620
621
	(Trac #2169, git 7d7e5269d57451191c0aef1b127d292d3615fe2c)

Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
622
455.	[func]*		vorner
623
624
625
	The server now uses newer API for data sources. This would be an
	internal change, however, the data sources are now configured
	differently. Please, migrate your configuration to the top-level
626
627
	"data_sources" module.  Also the bind10 -n and --no-cache
	and b10-auth -n options are removed.
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
628
629
	(Trac #1976, git 0d4685b3e7603585afde1b587cbfefdfaf6a1bb3)

630
631
632
633
634
635
636
454.	[bug]		jelte
	b10-cfgmgr now loads its configuration check plugins directly from
	the plugin search path, as opposed to importing them from the
	general python system module path list; this prevents naming
	conflicts with real python modules.
	(Trac #2119, git 2f68d7ac5c3c7cc88a3663191113eece32d46a3d)

637
638
639
640
641
642
643
453.	[bug]		jelte
	b10-auth no longer tries to send DDNS UPDATE messages to b10-ddns if
	b10-ddns is not running. Sending an UPDATE to BIND 10 that is not
	configured to run DDNS will now result in a response with rcode
	NOTIMP instead of SERVFAIL.
	(Trac #1986, git bd6b0a5ed3481f78fb4e5cb0b18c7b6e5920f9f8)

644
645
646
647
648
649
650
651
452.	[func]		muks, jelte
	isc-sysinfo: An initial implementation of the isc-sysinfo
	tool is now available for Linux, OpenBSD, FreeBSD, and Mac
	OS X. It gathers and outputs system information which can
	be used by future tech support staff. This includes a
	generic Python "sysinfo" module.
	(Trac #2062, #2121, #2122, #2172,
	git 144e80212746f8d55e6a59edcf689fec9f32ae95)
Mukund Sivaraman's avatar
Mukund Sivaraman committed
652

JINMEI Tatuya's avatar
JINMEI Tatuya committed
653
654
655
656
657
658
659
660
451.	[bug]		muks, jinmei
	libdatasrc: the database-based data source now correctly returns
	glue records on (not under) a zone cut, such as in the case where
	the NS name of an NS record is identical to its owner name. (Note:
	libdatasrc itself doesn't judge what kind of record type can be a
	"glue"; it's the caller's responsibility.)
	(Trac #1771, git 483f1075942965f0340291e7ff7dae7806df22af)

661
450.	[func]		tomek
Tomek Mrugalski's avatar
Tomek Mrugalski committed
662
	b10-dhcp4: DHCPv4 server component is now integrated into
663
	BIND 10 framework. It can be started from BIND 10 (using bindctl)
Tomek Mrugalski's avatar
Tomek Mrugalski committed
664
665
	and can receive commands. The only supported command for now
	is 'Dhcp4 shutdown'.
666
	(Trac #1651, git 7e16a5a50d3311e63d10a224ec6ebcab5f25f62c)
Tomek Mrugalski's avatar
Tomek Mrugalski committed
667

Jeremy C. Reed's avatar
Jeremy C. Reed committed
668
bind10-devel-20120621 released on June 21, 2012
669

670
671
672
449.	[bug]		muks
	b10-xfin: fixed a bug where xfrin sent the wrong notification
	message to zonemgr on successful zone transfer. This also
Jeremy C. Reed's avatar
Jeremy C. Reed committed
673
	solves other reported problems such as too frequent attempts
674
675
676
	of zone refreshing (see Trac #1786 and #1834).
	(Trac #2023, git b5fbf8a408a047a2552e89ef435a609f5df58d8c)

677
678
679
680
681
682
448.	[func]		team
	b10-ddns is now functional and handles dynamic update requests
	per RFC 2136.  See BIND 10 guide for configuration and operation
	details.
	(Multiple Trac tickets)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
683
684
685
686
447.	[bug]		jinmei
	Fixed a bug in b10-xfrout where a helper thread could fall into
	an infinite loop if b10-auth stops while the thread is waiting for
	forwarded requests from b10-auth.
687
	(Trac #988 and #1833, git 95a03bbefb559615f3f6e529d408b749964d390a)
JINMEI Tatuya's avatar
JINMEI Tatuya committed
688

Mukund Sivaraman's avatar
Mukund Sivaraman committed
689
690
691
692
693
446.	[bug]		muks
	A number of warnings reported by Python about unclosed file and
	socket objects were fixed. Some related code was also made safer.
	(Trac #1828, git 464682a2180c672f1ed12d8a56fd0a5ab3eb96ed)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
694
695
696
697
698
699
700
445.	[bug]*		jinmei
	The pre-install check for older SQLite3 DB now refers to the DB
	file with the prefix of DESTDIR.  This ensures that 'make install'
	with specific DESTDIR works regardless of the version of the DB
	file installed in the default path.
	(Trac #1982, git 380b3e8ec02ef45555c0113ee19329fe80539f71)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
701
702
703
704
705
706
444.	[bug]		jinmei
	libdatasrc: fixed ZoneFinder for database-based data sources so
	that it handles type DS query correctly, i.e., treating it as
	authoritative data even on a delegation point.
	(Trac #1912, git 7130da883f823ce837c10cbf6e216a15e1996e5d)

707
443.	[func]*		muks
Mukund Sivaraman's avatar
Mukund Sivaraman committed
708
709
710
711
712
713
714
715
716
717
	The logger now uses a lockfile named `logger_lockfile' that is
	created in the local state directory to mutually separate
	individual logging operations from various processes. This is
	done so that log messages from different processes don't mix
	together in the middle of lines. The `logger_lockfile` is created
	with file permission mode 0660. BIND 10's local state directory
	should be writable and perhaps have g+s mode bit so that the
	`logger_lockfile` can be opened by a group of processes.
	(Trac #1704, git ad8d445dd0ba208107eb239405166c5c2070bd8b)

Tomek Mrugalski's avatar
Tomek Mrugalski committed
718
442.	[func]		tomek
Tomek Mrugalski's avatar
Tomek Mrugalski committed
719
720
721
	b10-dhcp4, b10-dhcp6: Both DHCP servers now accept -p parameter
	that can be used to specify listening port number. This capability
	is useful only for testing purposes.
Tomek Mrugalski's avatar
Tomek Mrugalski committed
722
723
	(Trac #1503, git e60af9fa16a6094d2204f27c40a648fae313bdae)

724
441.	[func]		tomek
725
726
	libdhcp++: Stub interface detection (support for interfaces.txt
	file) was removed.
727
	(Trac #1281, git 900fc8b420789a8c636bcf20fdaffc60bc1041e0)
728

Jeremy C. Reed's avatar
Jeremy C. Reed committed
729
bind10-devel-20120517 released on May 17, 2012
730

Jeremy C. Reed's avatar
Jeremy C. Reed committed
731
732
733
734
735
736
440.	[func]		muks
	bindctl: improved some error messages so they will be more
	helpful.  Those include the one when the zone name is unspecified
	or the name is invalid in the b10-auth configuration.
	(Trac #1627, git 1a4d0ae65b2c1012611f4c15c5e7a29d65339104)

737
439.	[func]		team
738
739
740
741
742
743
	The in-memory data source can now load zones from the
	sqlite3 data source, so that zones stored in the database
	(and updated for example by xfrin) can be served from memory.
	(Trac #1789,#1790,#1792,#1793,#1911,
	git 93f11d2a96ce4dba9308889bdb9be6be4a765b27)

744
438.	[bug]		naokikambe
745
746
747
748
749
750
751
752
753
754
755
756
757
	b10-stats-httpd now sends the system a notification that
	it is shutting down if it encounters a fatal error during
	startup.
	(Trac #1852, git a475ef271d4606f791e5ed88d9b8eb8ed8c90ce6)

437.	[build]		jinmei
	Building BIND 10 may fail on MacOS if Python has been
	installed via Homebrew unless --without-werror is specified.
	The configure script now includes a URL that explains this
	issue when it detects failure that is possibly because of
	this problem.
	(Trac #1907, git 0d03b06138e080cc0391fb912a5a5e75f0f97cec)

758
759
760
761
762
436.	[bug]		jelte
	The --config-file option now works correctly with relative paths if
	--data-path is not given.
	(Trac #1889, git ce7d1aef2ca88084e4dacef97132337dd3e50d6c)

763
764
765
766
435.	[func]		team
	The in-memory datasource now supports NSEC-signed zones.
	(Trac #1802-#1810, git 2f9aa4a553a05aa1d9eac06f1140d78f0c99408b)

767
434.	[func]		tomek
Tomek Mrugalski's avatar
Tomek Mrugalski committed
768
769
	libdhcp++: Linux interface detection refactored. The code is
	now cleaner. Tests better support certain versions of ifconfig.
770
	(Trac #1528, git 221f5649496821d19a40863e53e72685524b9ab2)
Tomek Mrugalski's avatar
Tomek Mrugalski committed
771

772
433.	[func]		tomek
773
774
775
	libdhcp++: Option6 and Pkt6 now follow the same design as
	options and packet for DHCPv4. General code refactoring after
	end of 2011 year release.
776
	(Trac #1540, git a40b6c665617125eeb8716b12d92d806f0342396)
777

Mukund Sivaraman's avatar
Mukund Sivaraman committed
778
779
780
781
782
432.	[bug]*		muks
	BIND 10 now installs its header files in a BIND 10 specific
	sub-directory in the install prefix.
	(Trac #1930, git fcf2f08db9ebc2198236bfa25cf73286821cba6b)

783
431.	[func]*		muks
Mukund Sivaraman's avatar
Mukund Sivaraman committed
784
785
786
	BIND 10 no longer starts b10-stats-httpd by default.
	(Trac #1885, git 5c8bbd7ab648b6b7c48e366e7510dedca5386f6c)

787
788
789
790
791
430.	[bug]		jelte
	When displaying configuration data, bindctl no longer treats
	optional list items as an error, but shows them as an empty list.
	(Trac #1520, git 0f18039bc751a8f498c1f832196e2ecc7b997b2a)

792
793
794
795
796
797
798
429.	[func]		jelte
	Added an 'execute' component to bindctl, which executes either a set
	of commands from a file or a built-in set of commands. Currently,
	only 'init_authoritative_server' is provided as a built-in set, but
	it is expected that more will be added later.
	(Trac #1843, git 551657702a4197ef302c567b5c0eaf2fded3e121)

799
428.	[bug]		marcin
Jeremy C. Reed's avatar
Jeremy C. Reed committed
800
801
	perfdhcp: bind to local address to allow reception of
	replies from IPv6 DHCP servers.
802
803
	(Trac #1908, git 597e059afaa4a89e767f8f10d2a4d78223af3940)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
804
805
806
807
808
809
810
427.	[bug]		jinmei
	libdatasrc, b10-xfrin: the zone updater for database-based data
	sources now correctly distinguishes NSEC3-related RRs (NSEC3 and
	NSEC3-covering RRSIG) from others, and the SQLite3 implementation
	now manipulates them in the separate table for the NSEC3 namespace.
	As a result b10-xfrin now correctly updates NSEC3-signed zones by
	inbound zone transfers.
811
	(Trac #1781,#1788,#1891, git 672f129700dae33b701bb02069cf276238d66be3)
JINMEI Tatuya's avatar
JINMEI Tatuya committed
812

Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
813
426.	[bug]		vorner
Jeremy C. Reed's avatar
Jeremy C. Reed committed
814
815
	The NSEC3 records are now included when transferring a
	signed zone out.
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
816
817
818
	(Trac #1782, git 36efa7d10ecc4efd39d2ce4dfffa0cbdeffa74b0)

425.	[func]*		muks
Mukund Sivaraman's avatar
Mukund Sivaraman committed
819
820
821
822
	Don't autostart b10-auth, b10-xfrin, b10-xfrout and b10-zonemgr in
	the default configuration.
	(Trac #1818, git 31de885ba0409f54d9a1615eff5a4b03ed420393)

823
824
825
826
827
424.	[bug]		jelte
	Fixed a bug in bindctl where in some cases, configuration settings
	in a named set could disappear, if a child element is modified.
	(Trac #1491, git 00a36e752802df3cc683023d256687bf222e256a)

828
829
830
831
832
833
834
835
836
837
838
839
423.	[bug]		jinmei
	The database based zone iterator now correctly resets mixed TTLs
	of the same RRset (when that happens) to the lowest one.  The
	previous implementation could miss lower ones if it appears in a
	later part of the RRset.
	(part of Trac #1791, git f1f0bc00441057e7050241415ee0367a09c35032)

422.	[bug]		jinmei
	The database based zone iterator now separates RRSIGs of the same
	name and type but for different covered types.
	(part of Trac #1791, git b4466188150a50872bc3c426242bc7bba4c5f38d)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
840
841
842
843
844
845
421.	[build]		jinmei
	Made sure BIND 10 can be built with clang++ 3.1.  (It failed on
	MacOS 10.7 using Xcode 4.3, but it's more likely to be a matter of
	clang version.)
	(Trac #1773, git ceaa247d89ac7d97594572bc17f005144c5efb8d)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
846
847
848
849
850
851
852
853
854
855
856
420.	[bug]*		jinmei, stephen
	Updated the DB schema used in the SQLite3 data source so it can
	use SQL indices more effectively.  The previous schema had several
	issues in this sense and could be very slow for some queries on a
	very large zone (especially for negative answers).  This change
	requires a major version up of the schema; use b10-dbutil to
	upgrade existing database files.  Note: 'make install' will fail
	unless old DB files installed in the standard location have been
	upgraded.
	(Trac #324, git 8644866497053f91ada4e99abe444d7876ed00ff)

857
858
859
860
861
862
419.	[bug]		jelte
	JSON handler has been improved; escaping now works correctly
	(including quotes in strings), and it now rejects more types of
	malformed input.
	(Trac #1626, git 3b09268518e4e90032218083bcfebf7821be7bd5)

Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
863
864
418.	[bug]		vorner
	Fixed crash in bindctl when config unset was called.
865
	(Trac #1715, git 098da24dddad497810aa2787f54126488bb1095c)
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
866

867
868
869
870
871
872
873
874
875
876
877
417.	[bug]		jelte
	The notify-out code now looks up notify targets in their correct
	zones (and no longer just in the zone that the notify is about).
	(Trac #1535, git 66300a3c4769a48b765f70e2d0dbf8bbb714435b)

416.	[func]*		jelte
	The implementations of ZoneFinder::find() now throw an OutOfZone
	exception when the name argument is not in or below the zone this
	zonefinder contains.
	(Trac #1535, git 66300a3c4769a48b765f70e2d0dbf8bbb714435b)

878
879
bind10-devel-20120329 released on March 29, 2012

880
881
415.	[doc]		jinmei, jreed
	BIND 10 Guide updated to now describe the in-memory data source
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
882
	configurations for b10-auth.
883
	(Trac #1732, git 434d8db8dfcd23a87b8e798e5702e91f0bbbdcf6)
884

JINMEI Tatuya's avatar
JINMEI Tatuya committed
885
886
887
888
889
890
414.	[bug]		jinmei
	b10-auth now correctly handles delegation from an unsigned zone
	(defined in the in-memory data source) when the query has DNSSEC
	DO bit on.  It previously returned SERVFAIL.
	(Trac #1836, git 78bb8f4b9676d6345f3fdd1e5cc89039806a9aba)

891
892
893
894
413.	[func]		stephen, jelte
	Created a new tool b10-dbutil, that can check and upgrade database
	schemas, to be used when incompatible changes are introduced in the
	backend database schema. Currently it only supports sqlite3 databases.
895
896
897
898
	Note: there's no schema change that requires this utility as of
	the March 29th release.  While running it shouldn't break
	an existing database file, it should be even more advisable not to
	run it at the moment.
899
900
	(Trac #963, git 49ba2cf8ac63246f389ab5e8ea3b3d081dba9adf)

901
902
903
904
905
906
907
908
909
910
412.	[func]		jelte
	Added a command-line option '--clear-config' to bind10, which causes
	the system to create a backup of the existing configuration database
	file, and start out with a clean default configuration. This can be
	used if the configuration file is corrupted to the point where it
	cannot be read anymore, and BIND 10 refuses to start. The name of
	the backup file can be found in the logs (CFGMGR_RENAMED_CONFIG_FILE).
	(Trac #1443, git 52b36c921ee59ec69deefb6123cbdb1b91dc3bc7)

411.	[func]		muks
911
	Add a -i/--no-kill command-line argument to bind10, which stops
912
913
914
915
	it from sending SIGTERM and SIGKILL to other b10 processes when
	they're shutting down.
	(Trac #1819, git 774554f46b20ca5ec2ef6c6d5e608114f14e2102)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
916
917
918
919
920
921
922
923
924
410.	[bug]		jinmei
	Python CC library now ensures write operations transmit all given
	data (unless an error happens).  Previously it didn't check the
	size of transmitted data, which could result in partial write on
	some systems (notably on OpenBSD) and subsequently cause system
	hang up or other broken state.  This fix specifically solves start
	up failure on OpenBSD.
	(Trac #1829, git 5e5a33213b60d89e146cd5e47d65f3f9833a9297)

925
926
927
928
929
930
409.	[bug]		jelte
	Fixed a parser bug in bindctl that could make bindctl crash. Also
	improved 'command help' output; argument order is now shown
	correctly, and parameter descriptions are shown as well.
	(Trac #1172, git bec26c6137c9b0a59a3a8ca0f55a17cfcb8a23de)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
931
932
933
934
935
936
937
408.	[bug]		stephen, jinmei
	b10-auth now filters out duplicate RRsets when building a
	response message using the new query handling logic.  It's
	currently only used with the in-memory data source, but will
	also be used for others soon.
	(Trac #1688, git b77baca56ffb1b9016698c00ae0a1496d603d197)

938
407.	[build]		haikuo
939
	Remove "--enable-boost-threads" switch in configure command. This
940
941
	thread lock mechanism is useless for bind10 and causes performance
	hits.
942
943
	(Trac #1680, git 9c4d0cadf4adc802cc41a2610dc2c30b25aad728)

Mukund Sivaraman's avatar
Mukund Sivaraman committed
944
945
946
947
948
406.	[bug]		muks
	On platforms such as OpenBSD where pselect() is not available,
	make a wrapper around select() in perfdhcp.
	(Trac #1639, git 6ea0b1d62e7b8b6596209291aa6c8b34b8e73191)

949
405.	[bug]		jinmei
950
951
952
953
954
955
956
957
	Make sure disabling Boost threads if the default configuration is
	to disable it for the system.  This fixes a crash and hang up
	problem on OpenBSD, where the use of Boost thread could be
	different in different program files depending on the order of
	including various header files, and could introduce inconsistent
	states between a library and a program.  Explicitly forcing the
	original default throughout the BIND 10 build environment will
	prevent this from happening.
958
	(Trac #1727, git 23f9c3670b544c5f8105958ff148aeba050bc1b4)
959

960
404.	[bug]		naokikambe
961
962
963
	The statistic counters are now properly accumulated across multiple
	instances of b10-auth (if there are multiple instances), instead of
	providing result for random instance.
964
	(Trac #1751, git 3285353a660e881ec2b645e1bc10d94e5020f357)
965

Jeremy C. Reed's avatar
Jeremy C. Reed committed
966
403.	[build]*		jelte
967
968
969
970
971
972
973
	The configure option for botan (--with-botan=PATH) is replaced by
	--with-botan-config=PATH, which takes a full path to a botan-config
	script, instead of the botan 'install' directory. Also, if not
	provided, configure will try out config scripts and pkg-config
	options until it finds one that works.
	(Trac #1640, git 582bcd66dbd8d39f48aef952902f797260280637)

974
975
976
977
978
402.	[func]		jelte
	b10-xfrout now has a visible command to send out notifies for
	a given zone, callable from bindctl. Xfrout notify <zone> [class]
	(Trac #1321, git 0bb258f8610620191d75cfd5d2308b6fc558c280)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
979
980
981
982
983
984
985
986
987
988
989
401.	[func]*		jinmei
	libdns++: updated the internal implementation of the
	MessageRenderer class.  This is mostly a transparent change, but
	the new version now doesn't allow changing compression mode in the
	middle of rendering (which shouldn't be an issue in practice).
	On the other hand, name compression performance was significantly
	improved: depending on the number of names, micro benchmark tests
	showed the new version is several times faster than the previous
	version .
	(Trac #1603, git 9a2a86f3f47b60ff017ce1a040941d0c145cfe16)

990
991
992
993
994
400.	[bug]		stephen
	Fix crash on Max OS X 10.7 by altering logging so as not to allocate
	heap storage in the static initialization of logging objects.
	(Trac #1698, git a8e53be7039ad50d8587c0972244029ff3533b6e)

Mukund Sivaraman's avatar
Mukund Sivaraman committed
995
996
997
998
399.	[func]		muks
	Add support for the SSHFP RR type (RFC 4255).
	(Trac #1136, git ea5ac57d508a17611cfae9d9ea1c238f59d52c51)

Jelte Jansen's avatar
Jelte Jansen committed
999
1000
1001
1002
1003
1004
1005
1006
1007
398.	[func]		jelte
	The b10-xfrin module now logs more information on successful
	incoming transfers. In the case of IXFR, it logs the number of
	changesets, and the total number of added and deleted resource
	records. For AXFR (or AXFR-style IXFR), it logs the number of
	resource records. In both cases, the number of overhead DNS
	messages, runtime, amount of wire data, and transfer speed are logged.
	(Trac #1280, git 2b01d944b6a137f95d47673ea8367315289c205d)

Mukund Sivaraman's avatar
Mukund Sivaraman committed
1008
1009
1010
1011
1012
397.	[func]		muks
	The boss process now gives more helpful description when a
	sub-process exits due to a signal.
	(Trac #1673, git 1cd0d0e4fc9324bbe7f8593478e2396d06337b1e)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
1013
1014
1015
1016
1017
1018
1019
1020
1021
396.	[func]*		jinmei
	libdatasrc: change the return type of ZoneFinder::find() so it can
	contain more context of the search, which can be used for
	optimizing post find() processing.  A new method getAdditional()
	is added to it for finding additional RRsets based on the result
	of find().  External behavior shouldn't change.  The query
	handling code of b10-auth now uses the new interface.
	(Trac #1607, git 2e940ea65d5b9f371c26352afd9e66719c38a6b9)

1022
1023
1024
1025
1026
1027
1028
1029
395.	[bug]		jelte
	The log message compiler now errors (resulting in build failures) if
	duplicate log message identifiers are found in a single message file.
	Renamed one duplicate that was found (RESOLVER_SHUTDOWN, renamed to
	RESOLVER_SHUTDOWN_RECEIVED).
	(Trac #1093, git f537c7e12fb7b25801408f93132ed33410edae76)
	(Trac #1741, git b8960ab85c717fe70ad282e0052ac0858c5b57f7)

1030
394.	[bug]		jelte
1031
1032
1033
1034
1035
1036
	b10-auth now catches any exceptions during response building; if any
	datasource either throws an exception or causes an exception to be
	thrown, the message processing code will now catch it, log a debug
	message, and return a SERVFAIL response.
	(Trac #1612, git b5740c6b3962a55e46325b3c8b14c9d64cf0d845)

1037
1038
1039
1040
1041
1042
393.	[func]		jelte
	Introduced a new class LabelSequence in libdns++, which provides
	lightweight accessor functionality to the Name class, for more
	efficient comparison of parts of names.
	(Trac #1602, git b33929ed5df7c8f482d095e96e667d4a03180c78)

1043
392.	[func]*		jinmei
1044
1045
1046
1047
1048
1049
	libdns++: revised the (Abstract)MessageRenderer class so that it
	has a default internal buffer and the buffer can be temporarily
	switched.  The constructor interface was modified, and a new
	method setBuffer() was added.
	(Trac #1697, git 9cabc799f2bf9a3579dae7f1f5d5467c8bb1aa40)

Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1050
1051
1052
391.	[bug]*		vorner
	The long time unused configuration options of Xfrout "log_name",
	"log_file", "log_severity", "log_version" and "log_max_bytes" were
1053
1054
1055
1056
	removed, as they had no effect (Xfrout uses the global logging
	framework).  However, if you have them set, you need to remove
	them from the configuration file or the configuration will be
	rejected.
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1057
1058
	(Trac #1090, git ef1eba02e4cf550e48e7318702cff6d67c1ec82e)

1059
1060
bind10-devel-20120301 released on March 1, 2012

Jeremy C. Reed's avatar
Jeremy C. Reed committed
1061
1062
1063
1064
390.	[bug]		vorner
	The UDP IPv6 packets are now correctly fragmented for maximum
	guaranteed MTU, so they won't get lost because being too large
	for some hop.
1065
	(Trac #1534, git ff013364643f9bfa736b2d23fec39ac35872d6ad)
1066

Jeremy C. Reed's avatar
Jeremy C. Reed committed
1067
1068
1069
1070
1071
389.	[func]*		vorner
	Xfrout now uses the global TSIG keyring, instead of its own. This
	means the keys need to be set only once (in tsig_keys/keys).
	However, the old configuration of Xfrout/tsig_keys need to be
	removed for Xfrout to work.
1072
	(Trac #1643, git 5a7953933a49a0ddd4ee1feaddc908cd2285522d)
1073

1074
1075
1076
388.	[func]		jreed
	Use prefix "sockcreator-" for the private temporary directory
	used for b10-sockcreator communication.
Jeremy C. Reed's avatar
Jeremy C. Reed committed
1077
	(git b98523c1260637cb33436964dc18e9763622a242)
1078

Mukund Sivaraman's avatar
Mukund Sivaraman committed
1079
1080
1081
1082
1083
387.	[build]		muks
	Accept a --without-werror configure switch so that some builders can
	disable the use of -Werror in CFLAGS when building.
	(Trac #1671, git 8684a411d7718a71ad9fb616f56b26436c4f03e5)

1084
1085
1086
1087
1088
1089
1090
386.	[bug]		jelte
	Upon initial sqlite3 database creation, the 'diffs' table is now
	always created. This already happened most of the time, but there
	are a few cases where it was skipped, resulting in potential errors
	in xfrout later.
	(Trac #1717, git 30d7686cb6e2fa64866c983e0cfb7b8fabedc7a2)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
385.	[bug]		jinmei
	libdns++: masterLoad() didn't accept comments placed at the end of
	an RR.  Due to this the in-memory data source cannot load a master
	file for a signed zone even if it's preprocessed with BIND 9's
	named-compilezone.
	Note: this fix is considered temporary and still only accepts some
	limited form of such comments.  The main purpose is to allow the
	in-memory data source to load any signed or unsigned zone files as
	long as they are at least normalized with named-compilezone.
	(Trac #1667, git 6f771b28eea25c693fe93a0e2379af924464a562)

1102
1103
1104
384.	[func]		jinmei, jelte, vorner, haikuo, kevin
	b10-auth now supports NSEC3-signed zones in the in-memory data
	source.
1105
1106
	(Trac #1580, #1581, #1582, #1583, #1584, #1585, #1587, and
	other related changes to the in-memory data source)
1107

JINMEI Tatuya's avatar
JINMEI Tatuya committed
1108
383.	[build]		jinmei
1109
1110
1111
	Fixed build failure on MacOS 10.7 (Lion) due to the use of
	IPV6_PKTINFO; the OS requires a special definition to make it
	visible to the compiler.
JINMEI Tatuya's avatar
JINMEI Tatuya committed
1112
1113
1114
	(Trac #1633, git 19ba70c7cc3da462c70e8c4f74b321b8daad0100)

382.	[func]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
1115
	b10-auth now also experimentally supports statistics counters of
Jeremy C. Reed's avatar
Jeremy C. Reed committed
1116
	the rcode responses it sends. The counters can be shown as
Jelte Jansen's avatar
Jelte Jansen committed
1117
1118
1119
1120
1121
	rcode.<code name>, where code name is the lowercase textual
	representation of the rcode (e.g. "noerror", "formerr", etc.).
	Same note applies as for opcodes, see changelog entry 364.
	(Trac #1613, git e98da500d7b02e11347431a74f2efce5a7d622aa)

Jelte Jansen's avatar
Jelte Jansen committed
1122
381.	[bug]		jinmei
Jelte Jansen's avatar
Jelte Jansen committed
1123
	b10-auth: honor the DNSSEC DO bit in the new query handler.
Jelte Jansen's avatar
Jelte Jansen committed
1124
1125
	(Trac #1695, git 61f4da5053c6a79fbc162fb16f195cdf8f94df64)

1126
1127
1128
1129
1130
1131
380.	[bug]		jinmei
	libdns++: miscellaneous bug fixes for the NSECPARAM RDATA
	implementation, including incorrect handling for empty salt and
	incorrect comparison logic.
	(Trac #1638, git 966c129cc3c538841421f1e554167d33ef9bdf25)

Jelte Jansen's avatar
Jelte Jansen committed
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
379.	[bug]		jelte
	Configuration commands in bindctl now check for list indices if
	the 'identifier' argument points to a child element of a list
	item. Previously, it was possible to 'get' non-existent values
	by leaving out the index, e.g. "config show Auth/listen_on/port,
	which should be config show Auth/listen_on[<index>]/port, since
	Auth/listen_on is a list. The command without an index will now
	show an error. It is still possible to show/set the entire list
	("config show Auth/listen_on").
	(Trac #1649, git 003ca8597c8d0eb558b1819dbee203fda346ba77)

Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1143
378.	[func]		vorner
1144
	It is possible to start authoritative server or resolver in multiple
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1145
1146
1147
1148
	instances, to use more than one core. Configuration is described in
	the guide.
	(Trac #1596, git 17f7af0d8a42a0a67a2aade5bc269533efeb840a)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
1149
1150
1151
1152
1153
1154
1155
377.	[bug]		jinmei
	libdns++: miscellaneous bug fixes for the NSEC and NSEC3 RDATA
	implementation, including a crash in NSEC3::toText() for some RR
	types, incorrect handling of empty NSEC3 salt, and incorrect
	comparison logic in NSEC3::compare().
	(Trac #1641, git 28ba8bd71ae4d100cb250fd8d99d80a17a6323a2)

1156
376.	[bug]		jinmei, vorner
JINMEI Tatuya's avatar
JINMEI Tatuya committed
1157
1158
1159
1160
1161
1162
1163
1164
	The new query handling module of b10-auth did not handle type DS
	query correctly: It didn't look for it in the parent zone, and
	it incorrectly returned a DS from the child zone if it
	happened to exist there.  Both were corrected, and it now also
	handles the case of having authority for the child and a grand
	ancestor.
	(Trac #1570, git 2858b2098a10a8cc2d34bf87463ace0629d3670e)

1165
375.	[func]		jelte
Jeremy C. Reed's avatar
Jeremy C. Reed committed
1166
1167
1168
1169
1170
	Modules now inform the system when they are stopping. As a result,
	they are removed from the 'active modules' list in bindctl, which
	can then inform the user directly when it tries to send them a
	command or configuration update.  Previously this would result
	in a 'not responding' error instead of 'not running'.
Jelte Jansen's avatar
Jelte Jansen committed
1171
1172
	(Trac #640, git 17e78fa1bb1227340aa9815e91ed5c50d174425d)

1173
374.	[func]*		stephen
1174
1175
1176
1177
1178
	Alter RRsetPtr and ConstRRsetPtr to point to AbstractRRset (instead
	of RRset) to allow for specialised implementations of RRsets in
	data sources.
	(Trac #1604, git 3071211d2c537150a691120b0a5ce2b18d010239)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
1179
1180
1181
1182
1183
373.	[bug]		jinmei
	libdatasrc: the in-memory data source incorrectly rejected loading
	a zone containing a CNAME RR with RRSIG and/or NSEC.
	(Trac #1551, git 76f823d42af55ce3f30a0d741fc9297c211d8b38)

Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1184
1185
372.	[func]		vorner
	When the allocation of a socket fails for a different reason than the
JINMEI Tatuya's avatar
JINMEI Tatuya committed
1186
1187
	socket not being provided by the OS, the b10-auth and b10-resolver
	abort, as the system might be in inconsistent state after such error.
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1188
1189
	(Trac #1543, git 49ac4659f15c443e483922bf9c4f2de982bae25d)

Jelte Jansen's avatar
Jelte Jansen committed
1190
1191
1192
1193
1194
371.	[bug]		jelte
	The new query handling module of b10-auth (currently only used with
	the in-memory data source) now correctly includes the DS record (or
	the denial of its existence if NSEC is used) when returning a
	delegation from a signed zone.
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1195
	(Trac #1573, git bd7a3ac98177573263950303d4b2ea7400781d0f)
Jelte Jansen's avatar
Jelte Jansen committed
1196

JINMEI Tatuya's avatar
JINMEI Tatuya committed
1197
1198
1199
1200
1201
1202
1203
1204
370.	[func]		jinmei
	libdns++: a new class NSEC3Hash was introduced as a utility for
	calculating NSEC3 hashes for various purposes.  Python binding was
	provided, too.  Also fixed a small bug in the NSEC3PARAM RDATA
	implementation that empty salt in text representation was
	rejected.
	(Trac #1575, git 2c421b58e810028b303d328e4e2f5b74ea124839)

Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1205
369.	[func]		vorner
Jeremy C. Reed's avatar
Jeremy C. Reed committed
1206
1207
1208
1209
1210
	The SocketRequestor provides more information about what error
	happened when it throws, by using subclasses of the original
	exception. This way a user not interested in the difference can
	still use the original exception, while it can be recognized if
	necessary.
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1211
1212
	(Trac #1542, git 2080e0316a339fa3cadea00e10b1ec4bc322ada0)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
1213
1214
1215
1216
1217
1218
1219
1220
1221
368.	[func]*		jinmei
	libdatasrc: the interface of ZoneFinder() was changed: WILDCARD
	related result codes were deprecated and removed, and the
	corresponding information is now provided via a separate accessor
	method on FindResult.  Other separate FindResult methods will
	also tell the caller whether the zone is signed with NSEC or NSEC3
	(when necessary and applicable).
	(Trac #1611, git c175c9c06034b4118e0dfdbccd532c2ebd4ba7e8)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
1222
1223
1224
1225
1226
1227
1228
367.	[bug]		jinmei
	libdatasrc: in-memory data source could incorrectly reject to load
	zones containing RRSIG records.  For example, it didn't allow
	RRSIG that covers a CNAME RR.  This fix also makes sure find()
	will return RRsets with RRSIGs if they are signed.
	(Trac #1614, git e8241ea5a4adea1b42a60ee7f2c5cfb87301734c)

Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1229
1230
366.	[bug]		vorner
	Fixed problem where a directory named "io" conflicted with the python3
JINMEI Tatuya's avatar
JINMEI Tatuya committed
1231
1232
	standard module "io" and caused the installation to fail.  The
	offending directory has been renamed to "cio".
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1233
1234
	(Trac #1561, git d81cf24b9e37773ba9a0d5061c779834ff7d62b9)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
1235
1236
1237
1238
1239
365.	[bug]		jinmei
	libdatasrc: in-memory datasource incorrectly returned delegation
	for DS lookups.
	(Trac #1571, git d22e90b5ef94880183cd652e112399b3efb9bd67)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
364.	[func]		jinmei
	b10-auth experimentally supports statistics counters of incoming
	requests per opcode.  The counters can be (e.g.) shown as
	opcode.<code name> in the output of the bindctl "Stats show"
	command, where <code name> is lower-cased textual representation
	of opcodes ("query", "notify", etc).
	Note: This is an experimental attempt of supporting more
	statistics counters for b10-auth, and the interface and output may
	change in future versions.
	(Trac #1399, git 07206ec76e2834de35f2e1304a274865f8f8c1a5)

Jeremy C. Reed's avatar
Jeremy C. Reed committed
1251
1252
bind10-devel-20120119 released on January 19, 2012

1253
363.	[func]		jelte
Jeremy C. Reed's avatar
Jeremy C. Reed committed
1254
1255
1256
	Added dummy DDNS module b10-ddns. Currently it does not
	provide any functionality, but it is a skeleton implementation
	that will be expanded later.
1257
1258
	(Trac #1451, git b0d0bf39fbdc29a7879315f9b8e6d602ef3afb1b)

Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1259
362.	[func]*		vorner
Jeremy C. Reed's avatar
Jeremy C. Reed committed
1260
1261
1262
1263
	Due to the socket creator changes, b10-auth and b10-resolver
	are no longer needed to start as root. They are started as
	the user they should be running, so they no longer have
	the -u flag for switching the user after initialization.
1264
1265
1266
1267
	Note: this change broke backward compatibility to boss component
	configuration.  If your b10-config.db contains "setuid" for
	Boss.components, you'll need to remove that entry by hand before
	starting BIND 10.
1268
1269
	(Trac #1508, #1509, #1510,
	git edc5b3c12eb45437361484c843794416ad86bb00)
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1270
1271

361.	[func]		vorner,jelte,jinmei
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1272
	The socket creator is now used to provide sockets. It means you can
1273
1274
	reconfigure the ports and addresses at runtime even when the rest
	of the bind10 runs as non root user.
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1275
1276
	(Trac #805,#1522, git 1830215f884e3b5efda52bd4dbb120bdca863a6a)

Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1277
1278
1279
1280
1281
360.	[bug]		vorner
	Fixed problem where bindctl crashed when a duplicate non-string
	item was added  to a list.  This error is now properly reported.
	(Trac #1515, git a3cf5322a73e8a97b388c6f8025b92957e5d8986)

1282
1283
1284
1285
1286
1287
1288
1289
359.	[bug]		kevin
	Corrected SOA serial check in xfrout.  It now compares the SOA
	serial of an IXFR query with that of the server based serial
	number arithmetic, and replies with a single SOA record of the
	server's current version if the former is equal to or newer
	than the latter.
	(Trac #1462, git ceeb87f6d539c413ebdc66e4cf718e7eb8559c45)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
1290
1291
1292
1293
1294
1295
1296
1297
1298
358.	[bug]		jinmei
	b10-resolver ignored default configuration parameters if listen_on
	failed (this can easily happen especially for a test environment
	where the run time user doesn't have root privilege), and even if
	listen_on was updated later the resolver wouldn't work correctly
	unless it's fully restarted (for example, all queries would be
	rejected due to an empty ACL).
	(Trac #1424, git 2cba8cb83cde4f34842898a848c0b1182bc20597)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
1299
1300
1301
1302
1303
357.	[bug]		jinmei
	ZoneFinder::find() for database based data sources didn't
	correctly identify out-of-zone query name and could return a
	confusing result such as NXRRSET.  It now returns NXDOMAIN with an
	empty RRset.  Note: we should rather throw an exception in such a
1304
	case, which should be revisited later (see Trac #1536).
JINMEI Tatuya's avatar
JINMEI Tatuya committed
1305
1306
	(Trac #1430, git b35797ba1a49c78246abc8f2387901f9690b328d)

Tomek Mrugalski's avatar
Tomek Mrugalski committed
1307
356.	[doc]		tomek
1308
	BIND 10 Guide updated. It now describes DHCPv4 and DHCPv6
Tomek Mrugalski's avatar
Tomek Mrugalski committed
1309
1310
	components, including their overview, usage, supported standard
	and limitations. libdhcp++ is also described.
Tomek Mrugalski's avatar
Tomek Mrugalski committed
1311
	(Trac #1367, git 3758ab360efe1cdf616636b76f2e0fb41f2a62a0)
Tomek Mrugalski's avatar
Tomek Mrugalski committed
1312

1313
1314
1315
1316
1317
1318
1319
1320
355.	[bug]		jinmei
	Python xfrin.diff module incorrectly combined RRSIGs of different
	type covered, possibly merging different TTLs.  As a result a
	secondary server could store different RRSIGs than those at the
	primary server if it gets these records via IXFR.
	(Trac #1502, git 57b06f8cb6681f591fa63f25a053eb6f422896ef)

354.	[func]		tomek
Tomek Mrugalski's avatar
Tomek Mrugalski committed
1321
1322
1323
	dhcp4: Support for DISCOVER and OFFER implemented. b10-dhcp4 is
	now able to offer hardcoded leases to DHCPv4 clients.
	dhcp6: Code refactored to use the same approach as dhcp4.
Tomek Mrugalski's avatar
Tomek Mrugalski committed
1324
	(Trac #1230, git aac05f566c49daad4d3de35550cfaff31c124513)
Tomek Mrugalski's avatar
Tomek Mrugalski committed
1325

1326
353.	[func]		tomek
Tomek Mrugalski's avatar
Tomek Mrugalski committed
1327
	libdhcp++: Interface detection in Linux implemented. libdhcp++
1328
1329
1330
1331
	is now able (on Linux systems) to detect available network
	interfaces, its link-layer addresses, flags and configured
	IPv4 and IPv6 addresses. Interface detection on other
	systems is planned.
Tomek Mrugalski's avatar
Tomek Mrugalski committed
1332
1333
	(Trac #1237, git 8a040737426aece7cc92a795f2b712d7c3407513)

1334
352.	[func]		tomek
1335
1336
1337
1338
1339
	libdhcp++: Transmission and reception of DHCPv4 packets is now
	implemented. Low-level hacks are not implemented for transmission
	to hosts that don't have IPv4 address yet, so currently the code
	is usable for communication with relays only, not hosts on the
	same link.
1340
	(Trac #1239, #1240, git f382050248b5b7ed1881b086d89be2d9dd8fe385)
Tomek Mrugalski's avatar
Tomek Mrugalski committed
1341

Jeremy C. Reed's avatar
Jeremy C. Reed committed
1342
351.	[func]		fdupont
1343
1344
	Alpha version of DHCP benchmarking tool added.  "perfdhcp" is able to
	test both IPv4 and IPv6 servers: it can time the four-packet exchange
Jeremy C. Reed's avatar
Jeremy C. Reed committed
1345
1346
1347
	(DORA and SARR) as well as time the initial two-packet exchange (DO
	and SA).  More information can be obtained by invoking the utility
	(in tests/tools/perfdhcp) with the "-h" flag.
1348
1349
	(Trac #1450, git 85083a76107ba2236732b45524ce7018eefbaf90)

1350
350.	[func]*		vorner
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1351
1352
1353
1354
1355
1356
	The target parameter of ZoneFinder::find is no longer present, as the
	interface was awkward. To get all the RRsets of a single domain, use
	the new findAll method (the same applies to python version, the method
	is named find_all).
	(Trac #1483,#1484, git 0020456f8d118c9f3fd6fc585757c822b79a96f6)

Dima Volodin's avatar
Dima Volodin committed
1357
349.	[bug]		dvv
Jeremy C. Reed's avatar
Jeremy C. Reed committed
1358
1359
	resolver: If an upstream server responds with FORMERR to an EDNS
	query, try querying it without EDNS.
Dima Volodin's avatar
Dima Volodin committed
1360
	(Trac #1386, git 99ad0292af284a246fff20b3702fbd7902c45418)
Dima Volodin's avatar
Dima Volodin committed
1361

1362
1363
1364
348.	[bug]		stephen
	By default the logging output stream is now flushed after each write.
	This fixes a problem seen on some systems where the log output from
Jeremy C. Reed's avatar
Jeremy C. Reed committed
1365
1366
	different processes was jumbled up.  Flushing can be disabled by
	setting the appropriate option in the logging configuration.
1367
1368
	(Trac #1405, git 2f0aa20b44604b671e6bde78815db39381e563bf)

Jelte Jansen's avatar
Jelte Jansen committed
1369
347.	[bug]		jelte
Jeremy C. Reed's avatar
Jeremy C. Reed committed
1370
	Fixed a bug where adding Zonemgr/secondary_zones without explicitly
Jelte Jansen's avatar
Jelte Jansen committed
1371
1372
1373
1374
1375
1376
	setting the class value of the added zone resulted in a cryptic
	error in bindctl ("Error: class"). It will now correctly default to
	IN if not set. This also adds better checks on the name and class
	values, and better errors if they are bad.
	(Trac #1414, git 7b122af8489acf0f28f935a19eca2c5509a3677f)

Jeremy C. Reed's avatar
Jeremy C. Reed committed
1377
346.	[build]*		jreed
1378
1379
1380
	Renamed libdhcp to libdhcp++.
	(Trac #1446, git d394e64f4c44f16027b1e62b4ac34e054b49221d)

1381
345.	[func]		tomek
Tomek Mrugalski's avatar
Tomek Mrugalski committed
1382
1383
1384
	dhcp4: Dummy DHCPv4 component implemented. Currently it does
	nothing useful, except providing skeleton implementation that can
	be expanded in the future.
Tomek Mrugalski's avatar
Tomek Mrugalski committed
1385
	(Trac #992, git d6e33479365c8f8f62ef2b9aa5548efe6b194601)
Tomek Mrugalski's avatar
Tomek Mrugalski committed
1386

1387
344.	[func]		y-aharen
1388
1389
1390
	src/lib/statistics: Added statistics counter library for entire server
	items and per zone items. Also, modified b10-auth to use it. It is
	also intended to use in the other modules such as b10-resolver.
Yoshitaka Aharen's avatar
Yoshitaka Aharen committed
1391
	(Trac #510, git afddaf4c5718c2a0cc31f2eee79c4e0cc625499f)
1392

Jelte Jansen's avatar
Jelte Jansen committed
1393
1394
1395
1396
1397
343.	[func]		jelte
	Added IXFR-out system tests, based on the first two test sets of
	http://bind10.isc.org/wiki/IxfrSystemTests.
	(Trac #1314, git 1655bed624866a766311a01214597db01b4c7cec)

1398
1399
342.	[bug]		stephen
	In the resolver, a FORMERR received from an upstream nameserver
Jeremy C. Reed's avatar
Jeremy C. Reed committed
1400
	now results in a SERVFAIL being returned as a response to the original
1401
1402
1403
1404
	query.  Additional debug messages added to distinguish between
	different errors in packets received from upstream nameservers.
	(Trac #1383, git 9b2b249d23576c999a65d8c338e008cabe45f0c9)

1405
341.	[func]		tomek
Tomek Mrugalski's avatar
Tomek Mrugalski committed
1406
1407
	libdhcp++: Support for handling both IPv4 and IPv6 added.
	Also added support for binding IPv4 sockets.
1408
1409
	(Trac #1238, git 86a4ce45115dab4d3978c36dd2dbe07edcac02ac)

Jelte Jansen's avatar
Jelte Jansen committed
1410
1411
1412
1413
1414
340.	[build]		jelte
	Fixed several linker issues related to recent gcc versions, botan
	and gtest.
	(Trac #1442, git 91fb141bfb3aadfdf96f13e157a26636f6e9f9e3)

1415
1416
1417
1418
1419
1420
1421
339.	[bug]		jinmei
	libxfr, used by b10-auth to share TCP sockets with b10-xfrout,
	incorrectly propagated ASIO specific exceptions to the application
	if the given file name was too long.  This could lead to
	unexpected shut down of b10-auth.
	(Trac #1387, git a5e9d9176e9c60ef20c0f5ef59eeb6838ed47ab2)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
1422
1423
1424
1425
1426
338.	[bug]		jinmei
	b10-xfrin didn't check SOA serials of SOA and IXFR responses,
	which resulted in unnecessary transfer or unexpected IXFR
	timeouts (these issues were not overlooked but deferred to be
	fixed until #1278 was completed).  Validation on responses to SOA
1427
	queries were tightened, too.
JINMEI Tatuya's avatar
JINMEI Tatuya committed
1428
1429
	(Trac #1299, git 6ff03bb9d631023175df99248e8cc0cda586c30a)

Tomek Mrugalski's avatar
Tomek Mrugalski committed
1430
337.	[func]		tomek
1431
1432
1433
	libdhcp++: Support for DHCPv4 option that can store a single
	address or a list of IPv4 addresses added. Support for END option
	added.
Tomek Mrugalski's avatar
Tomek Mrugalski committed
1434
1435
	(Trac #1350, git cc20ff993da1ddb1c6e8a98370438b45a2be9e0a)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
1436
336.	[func]		jelte
1437
1438
1439
1440
	libdns++ (and its python wrapper) now includes a class Serial, for
	SOA SERIAL comparison and addition. Operations on instances of this
	class follow the specification from RFC 1982.
	Rdata::SOA::getSerial() now returns values of this type (and not
Jelte Jansen's avatar
Jelte Jansen committed
1441
1442
1443
	uint32_t).
	(Trac #1278, git 2ae72d76c74f61a67590722c73ebbf631388acbd)

Jelte Jansen's avatar
Jelte Jansen committed
1444
335.	[bug]*		jelte
1445
1446
1447
1448
1449
1450
	The DataSourceClientContainer class that dynamically loads
	datasource backend libraries no longer provides just a .so file name
	to its call to dlopen(), but passes it an absolute path. This means
	that it is no longer an system implementation detail that depends on
	[DY]LD_LIBRARY_PATH which file is chosen, should there be multiple
	options (for instance, when test-running a new build while a
Jelte Jansen's avatar
Jelte Jansen committed
1451
	different version is installed).
1452
1453
	These loadable libraries are also no longer installed in the default
	library path, but in a subdirectory of the libexec directory of the
Jelte Jansen's avatar
Jelte Jansen committed
1454
	target ($prefix/libexec/[version]/backends).
1455
1456
	This also removes the need to handle b10-xfin and b10-xfrout as
	'special' hardcoded components, and they are now started as regular
Jelte Jansen's avatar
Jelte Jansen committed
1457
1458
1459
	components as dictated by the configuration of the boss process.
	(Trac #1292, git 83ce13c2d85068a1bec015361e4ef8c35590a5d0)

1460
1461
1462
1463
1464
1465
1466
1467
1468
334.	[bug]		jinmei
	b10-xfrout could potentially create an overflow response message
	(exceeding the 64KB max) or could create unnecessarily small
	messages.  The former was actually unlikely to happen due to the
	effect of name compression, and the latter was marginal and at least
	shouldn't cause an interoperability problem, but these were still
	potential problems and were fixed.
	(Trac #1389, git 3fdce88046bdad392bd89ea656ec4ac3c858ca2f)

Jeremy C. Reed's avatar
Jeremy C. Reed committed
1469
1470
1471
333.	[bug]		dvv
	Solaris needs "-z now" to force non-lazy binding and prevent
	g++ static initialization code from deadlocking.
Dima Volodin's avatar
Dima Volodin committed
1472
1473
	(Trac #1439, git c789138250b33b6b08262425a08a2a0469d90433)

Jeremy C. Reed's avatar
Jeremy C. Reed committed
1474
332.	[bug]		vorner
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
1475
	C++ exceptions in the isc.dns.Rdata wrapper are now converted