ChangeLog 71.4 KB
Newer Older
1
2
3
4
5
6
7
8
9
303.	[bug]		jinmei
	Changed the installation path for the UNIX domain file used
	for the communication between b10-auth and b10-xfrout to a
	"@PACKAGE@" subdirectory (e.g. from /usr/local/var to
	/usr/local/var/bind10-devel).  This should be transparent change
	because this file is automatically created and cleaned up, but
	if the old file somehow remains, it can now be safely removed.
	(Trac #869, git 96e22f4284307b1d5f15e03837559711bb4f580c)

Jelte Jansen's avatar
Jelte Jansen committed
10
11
12
13
14
15
302.	[defect]	jelte
	msgq no longer crashes if the remote end is closed while msgq
	tries to send data. It will now simply drop the message and close
	the connection itself.
	(Trac #1180, git 6e68b97b050e40e073f736d84b62b3e193dd870a)

16
301.	[func]		stephen
17
18
19
	Add system test for IXFR over TCP.
	(Trac #1213, git 68ee3818bcbecebf3e6789e81ea79d551a4ff3e8)

Tomek Mrugalski's avatar
Tomek Mrugalski committed
20
300.	[func]*		tomek
21
22
23
24
25
26
27
	libdhcp: DHCP packet library was implemented. Currently it handles
	packet reception, option parsing, option generation and output
	packet building. Generic and specialized classes for several
	DHCPv6 options (IA_NA, IAADDR, address-list) are available. A
	simple code was added that leverages libdhcp. It is a skeleton
	DHCPv6 server. It receives incoming SOLICIT and REQUEST messages
	and responds with proper ADVERTISE and REPLY. Note that since
28
29
30
31
	LeaseManager is not implemented, server assigns the same
	hardcoded lease for every client. This change removes existing
	DHCPv6 echo server as it was only a proof of concept code.
	(Trac #1186, git 67ea6de047d4dbd63c25fe7f03f5d5cc2452ad7d)
32

33
34
35
36
37
38
39
40
41
299.	[build]		jreed
	Do not install the libfake_session, libtestutils, or libbench
	libraries. They are used by tests within the source tree.
	Convert all test-related makefiles to build test code at
	regular make time to better work with test-driven development.
	This reverts some of #1901. (The tests are ran using "make
	check".)
	(Trac #1286, git cee641fd3d12341d6bfce5a6fbd913e3aebc1e8e)

42
43
bind10-devel-20111014 released on October 14, 2011

44
45
46
47
298.	[doc]		jreed
	Shorten README. Include plain text format of the Guide.
	(git d1897d3, git 337198f)

Dima Volodin's avatar
Dima Volodin committed
48
297.	[func]		dvv
49
	Implement the SPF rrtype according to RFC4408.
Dima Volodin's avatar
Dima Volodin committed
50
51
	(Trac #1140, git 146934075349f94ee27f23bf9ff01711b94e369e)

52
296.	[build]		jreed
53
54
55
56
	Do not install the unittest libraries. At this time, they
	are not useful without source tree (and they may or may
	not have googletest support). Also, convert several makefiles
	to build tests at "check" time and not build time.
Jeremy C. Reed's avatar
Jeremy C. Reed committed
57
	(Trac #1091, git 2adf4a90ad79754d52126e7988769580d20501c3)
58

59
295.	[bug]		jinmei
JINMEI Tatuya's avatar
JINMEI Tatuya committed
60
61
62
63
64
65
66
67
	__init__.py for isc.dns was installed in the wrong directory,
	which would now make xfrin fail to start.  It was also bad
	in that it replaced any existing __init__.py in th public
	site-packages directory.  After applying this fix You may want to
	check if the wrong init file is in the wrong place, in which
	case it should be removed.
	(Trac #1285, git af3b17472694f58b3d6a56d0baf64601b0f6a6a1)

68
69
70
71
72
294.	[func]		jelte, jinmei, vorner
	b10-xfrin now supports incoming IXFR.  See BIND 10 Guide for
	how to configure it and operational notes.
	(Trac #1212, multiple git merges)

Jeremy C. Reed's avatar
Jeremy C. Reed committed
73
293.	[func]*		tomek
Tomek Mrugalski's avatar
Tomek Mrugalski committed
74
75
76
77
78
79
80
81
82
	b10-dhcp6: Implemented DHCPv6 echo server. It joins DHCPv6
	multicast groups and listens to incoming DHCPv6 client messages.
	Received messages are then echoed back to clients. This
	functionality is limited, but it can be used to test out client
	resiliency to unexpected messages. Note that network interface
	detection routines are not implemented yet, so interface name
	and its address must be specified in interfaces.txt.
	(Trac #878, git 3b1a604abf5709bfda7271fa94213f7d823de69d)

Dima Volodin's avatar
Dima Volodin committed
83
292.	[func]		dvv
84
	Implement the DLV rrtype according to RFC4431.
Dima Volodin's avatar
Dima Volodin committed
85
	(Trac #1144, git d267c0511a07c41cd92e3b0b9ee9bf693743a7cf)
86

Jeremy C. Reed's avatar
Jeremy C. Reed committed
87
291.	[func]		naokikambe
Naoki Kambe's avatar
Naoki Kambe committed
88
89
90
91
	Statistics items are specified by each module's spec file.
	Stats module can read these through the config manager. Stats
	module and stats httpd report statistics data and statistics
	schema by each module via both bindctl and HTTP/XML.
Jeremy C. Reed's avatar
Jeremy C. Reed committed
92
93
	(Trac #928,#929,#930,#1175,
	git 054699635affd9c9ecbe7a108d880829f3ba229e)
Naoki Kambe's avatar
Naoki Kambe committed
94

95
96
97
98
99
100
101
102
290.	[func]		jinmei
	libdns++/pydnspp: added an option parameter to the "from wire"
	methods of the Message class.  One option is defined,
	PRESERVE_ORDER, which specifies the parser to handle each RR
	separately, preserving the order, and constructs RRsets in the
	message sections so that each RRset contains only one RR.
	(Trac #1258, git c874cb056e2a5e656165f3c160e1b34ccfe8b302)

103
104
289.	[func]*		jinmei
	b10-xfrout: ACLs for xfrout can now be configured per zone basis.
105
	A per zone ACL is part of a more general zone configuration.  A
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
	quick example for configuring an ACL for zone "example.com" that
	rejects any transfer request for that zone is as follows:
	> config add Xfrout/zone_config
	> config set Xfrout/zone_config[0]/origin "example.com"
	> config add Xfrout/zone_config[0]/transfer_acl
	> config set Xfrout/zone_config[0]/transfer_acl[0] {"action": "REJECT"}
	The previous global ACL (query_acl) was renamed to transfer_acl,
	which now works as the default ACL.  Note: backward compatibility
	is not provided, so an existing configuration using query_acl
	needs to be updated by hand.
	Note: the per zone configuration framework is a temporary
	workaround.  It will eventually be redesigned as a system wide
	configuration.
	(Trac #1165, git 698176eccd5d55759fe9448b2c249717c932ac31)

Jeremy C. Reed's avatar
Jeremy C. Reed committed
121
288.	[bug]		stephen
122
123
124
125
126
127
	Fixed problem whereby the order in which component files appeared in
	rdataclass.cc was system dependent, leading to problems on some
	systems where data types were used before the header file in which
	they were declared was included.
	(Trac #1202, git 4a605525cda67bea8c43ca8b3eae6e6749797450)

128
129
130
131
132
133
134
135
287.	[bug]*		jinmei
	Python script files for log messages (xxx_messages.py) should have
	been installed under the "isc" package.  This fix itself should
	be a transparent change without affecting existing configurations
	or other operational practices, but you may want to clean up the
	python files from the common directly (such as "site-packages").
	(Trac #1101, git 0eb576518f81c3758c7dbaa2522bd8302b1836b3)

Jeremy C. Reed's avatar
Jeremy C. Reed committed
136
286.	[func]		ocean
137
138
139
140
	libdns++: Implement the HINFO rrtype support according to RFC1034,
	and RFC1035.
	(Trac #1112, git 12d62d54d33fbb1572a1aa3089b0d547d02924aa)

Jelte Jansen's avatar
Jelte Jansen committed
141
142
143
144
145
146
285.	[bug]		jelte
	sqlite3 data source: fixed a race condition on initial startup,
	when the database has not been initialized yet, and multiple
	processes are trying to do so, resulting in one of them failing.
	(Trac #326, git 5de6f9658f745e05361242042afd518b444d7466)

147
148
149
284.	[bug]		jerry
	b10-zonemgr: zonemgr will not terminate on empty zones, it will
	log a warning and try to do zone transfer for them.
150
	(Trac #1153, git 0a39659638fc68f60b95b102968d7d0ad75443ea)
151

Jeremy C. Reed's avatar
Jeremy C. Reed committed
152
283.	[bug]		zhanglikun
153
154
155
156
157
158
	Make stats and boss processes wait for answer messages from each
	other in block mode to avoid orphan answer messages, add an internal
	command "getstats" to boss process for getting statistics data from
	boss.
	(Trac #519, git 67d8e93028e014f644868fede3570abb28e5fb43)

Jeremy C. Reed's avatar
Jeremy C. Reed committed
159
282.	[func]		ocean
160
161
162
	libdns++: Implement the NAPTR rrtype according to RFC2915,
	RFC2168 and RFC3403.
	(Trac #1130, git 01d8d0f13289ecdf9996d6d5d26ac0d43e30549c)
163

164
165
bind10-devel-20110819 released on August 19, 2011

166
167
168
169
281.	[func]		jelte
	Added a new type for configuration data: "named set". This allows for
	similar configuration as the current "list" type, but with strings
	instead of indices as identifiers. The intended use is for instance
170
171
	/foo/zones/example.org/bar instead of /foo/zones[2]/bar. Currently
	this new type is not in use yet.
172
173
	(Trac #926, git 06aeefc4787c82db7f5443651f099c5af47bd4d6)

174
175
280.	[func]		jerry
	libdns++: Implement the MINFO rrtype according to RFC1035.
176
	(Trac #1113, git 7a9a19d6431df02d48a7bc9de44f08d9450d3a37)
177

178
179
279.	[func]		jerry
	libdns++: Implement the AFSDB rrtype according to RFC1183.
180
	(Trac #1114, git ce052cd92cd128ea3db5a8f154bd151956c2920c)
181

182
183
278.	[doc]		jelte
	Add logging configuration documentation to the guide.
184
	(Trac #1011, git 2cc500af0929c1f268aeb6f8480bc428af70f4c4)
185

186
277.	[func]		jerry
187
	libdns++: Implement the SRV rrtype according to RFC2782.
188
189
	(Trac #1128, git 5fd94aa027828c50e63ae1073d9d6708e0a9c223)

190
191
192
193
194
195
276.	[func]		stephen
	Although the top-level loggers are named after the program (e.g.
	b10-auth, b10-resolver), allow the logger configuration to omit the
	"b10-" prefix and use just the module name.
	(Trac #1003, git a01cd4ac5a68a1749593600c0f338620511cae2d)

196
197
198
199
200
201
202
203
204
205
275.	[func]		jinmei
	Added support for TSIG key matching in ACLs.  The xfrout ACL can
	now refer to TSIG key names using the "key" attribute.  For
	example, the following specifies an ACL that allows zone transfer
	if and only if the request is signed with a TSIG of a key name
	"key.example":
	> config set Xfrout/query_acl[0] {"action": "ACCEPT", \
	                                  "key": "key.example"}
	(Trac #1104, git 9b2e89cabb6191db86f88ee717f7abc4171fa979)

206
274.	[bug]		naokikambe
207
208
209
210
	add unittests for functions xml_handler, xsd_handler and xsl_handler
	respectively to make sure their behaviors are correct, regardless of
	whether type which xml.etree.ElementTree.tostring() after Python3.2
	returns is str or byte.
211
	(Trac #1021, git 486bf91e0ecc5fbecfe637e1e75ebe373d42509b)
212

213
273.	[func]		vorner
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
214
215
	It is possible to specify ACL for the xfrout module. It is in the ACL
	configuration key and has the usual ACL syntax. It currently supports
216
	only the source address. Default ACL accepts everything.
JINMEI Tatuya's avatar
JINMEI Tatuya committed
217
	(Trac #772, git 50070c824270d5da1db0b716db73b726d458e9f7)
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
218

219
220
221
222
223
272.	[func]		jinmei
	libdns++/pydnspp: TSIG signing now handles truncated DNS messages
	(i.e. with TC bit on) with TSIG correctly.
	(Trac #910, 8e00f359e81c3cb03c5075710ead0f87f87e3220)

224
225
226
227
228
229
271.	[func]		stephen
	Default logging for unit tests changed to severity DEBUG (level 99)
	with the output routed to /dev/null.  This can be altered by setting
	the B10_LOGGER_XXX environment variables.
	(Trac #1024, git 72a0beb8dfe85b303f546d09986461886fe7a3d8)

230
231
232
233
234
270.	[func]		jinmei
	Added python bindings for ACLs using the DNS request as the
	context.  They are accessible via the isc.acl.dns module.
	(Trac #983, git c24553e21fe01121a42e2136d0a1230d75812b27)

Yoshitaka Aharen's avatar
Yoshitaka Aharen committed
235
236
237
238
239
269.	[bug]		y-aharen
	Modified IntervalTimerTest not to rely on the accuracy of the timer.
	This fix addresses occasional failure of build tests.
	(Trac #1016, git 090c4c5abac33b2b28d7bdcf3039005a014f9c5b)

240
268.	[func]		stephen
241
242
243
244
	Add environment variable to allow redirection of logging output during
	unit tests.
	(Trac #1071, git 05164f9d61006869233b498d248486b4307ea8b6)

245
246
bind10-devel-20110705 released on July 05, 2011

247
248
249
250
251
252
253
267.	[func]		tomek
	Added a dummy module for DHCP6. This module does not actually
	do anything at this point, and BIND 10 has no option for
	starting it yet. It is included as a base for further
	development.
	(Trac #990, git 4a590df96a1b1d373e87f1f56edaceccb95f267d)

254
255
256
257
258
259
260
261
266.	[func]		Multiple developers
        Convert various error messages, debugging and other output
        to the new logging interface, including for b10-resolver,
        the resolver library, the CC library, b10-auth, b10-cfgmgr,
        b10-xfrin, and b10-xfrout. This includes a lot of new
        documentation describing the new log messages.
        (Trac #738, #739, #742, #746, #759, #761, #762)

262
263
264
265
266
267
268
269
270
271
272
273
274
275
265.	[func]*		jinmei
	b10-resolver: Introduced ACL on incoming queries.  By default the
	resolver accepts queries from ::1 and 127.0.0.1 and rejects all
	others.  The ACL can be configured with bindctl via the
	"Resolver/query_acl" parameter.  For example, to accept queries
	from 192.0.2.0/24 (in addition to the default list), do this:
	> config add Resolver/query_acl
	> config set Resolver/query_acl[2]/action "ACCEPT"
	> config set Resolver/query_acl[2]/from "192.0.2.0/24"
	> config commit
	(Trac #999, git e0744372924442ec75809d3964e917680c57a2ce,
	also based on other ACL related work done by stephen and vorner)

264.	[bug]		jerry
276
277
278
279
	b10-xfrout: fixed a busy loop in its notify-out subthread.  Due to
	the loop, the thread previously woke up every 0.5 seconds throughout
	most of the lifetime of b10-xfrout, wasting the corresponding CPU
	time.
280
	(Trac #1001, git fb993ba8c52dca4a3a261e319ed095e5af8db15a)
281

282
263.	[func]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
283
284
285
286
	Logging configuration can now also accept a * as a first-level
	name (e.g. '*', or '*.cache'), indicating that every module
	should use that configuration, unless overridden by an explicit
	logging configuration for that module
287
	(Trac #1004, git 0fad7d4a8557741f953eda9fed1d351a3d9dc5ef)
Jelte Jansen's avatar
Jelte Jansen committed
288

289
262.	[func]		stephen
290
291
292
293
294
	Add some initial documentation about the logging framework.
	Provide BIND 10 Messages Manual in HTML and DocBook? XML formats.
	This provides all the log message descriptions in a single document.
	A developer tool, tools/system_messages.py (available in git repo),
	was written to generate this.
295
	(Trac #1012, git 502100d7b9cd9d2300e78826a3bddd024ef38a74)
296

297
261.	[func]		stephen
298
	Add new-style logging messages to b10-auth.
299
	(Trac #738, git c021505a1a0d6ecb15a8fd1592b94baff6d115f4)
300

301
260.	[func]		stephen
302
303
	Remove comma between message identification and the message
	text in the new-style logging messages.
304
	(Trac #1031, git 1c7930a7ba19706d388e4f8dcf2a55a886b74cd2)
305

306
259.	[bug]		stephen
307
308
309
	Logging now correctly initialized in b10-auth.  Also, fixed
	bug whereby querying for "version.bind txt ch" would cause
	b10-auth to crash if BIND 10 was started with the "-v" switch.
310
	(Trac #1022,#1023, git 926a65fa08617be677a93e9e388df0f229b01067)
311

Jelte Jansen's avatar
Jelte Jansen committed
312
313
314
315
258.	[build]		jelte
	Now builds and runs with Python 3.2
	(Trac #710, git dae1d2e24f993e1eef9ab429326652f40a006dfb)

Jeremy C. Reed's avatar
Jeremy C. Reed committed
316
257.	[bug]		y-aharen
317
318
319
	Fixed a bug an instance of IntervalTimerImpl may be destructed 
	while deadline_timer is holding the handler. This fix addresses
	occasional failure of IntervalTimerTest.destructIntervalTimer.
320
	(Trac #957, git e59c215e14b5718f62699ec32514453b983ff603)
321

322
323
324
256.	[bug]		jerry
	src/bin/xfrin: update xfrin to check TSIG before other part of
	incoming message.
325
	(Trac #955, git 261450e93af0b0406178e9ef121f81e721e0855c)
326

327
328
329
255.	[func]		zhang likun
	src/lib/cache:  remove empty code in lib/cache and the corresponding
	suppression rule in	src/cppcheck-suppress.lst.
330
	(Trac #639, git 4f714bac4547d0a025afd314c309ca5cb603e212)
331

332
333
254.	[bug]		jinmei
	b10-xfrout: failed to send notifies over IPv6 correctly.
334
	(Trac #964, git 3255c92714737bb461fb67012376788530f16e40)
335

Jeremy C. Reed's avatar
Jeremy C. Reed committed
336
253.	[func]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
337
338
	Add configuration options for logging through the virtual module
	Logging.
339
	(Trac #736, git 9fa2a95177265905408c51d13c96e752b14a0824)
Jelte Jansen's avatar
Jelte Jansen committed
340

Jeremy C. Reed's avatar
Jeremy C. Reed committed
341
252.	[func]		stephen
342
	Add syslog as destination for logging.
343
	(Trac #976, git 31a30f5485859fd3df2839fc309d836e3206546e)
344

JINMEI Tatuya's avatar
JINMEI Tatuya committed
345
346
347
348
349
350
351
251.	[bug]*		jinmei
	Make sure bindctl private files are non readable to anyone except
	the owner or users in the same group.  Note that if BIND 10 is run
	with changing the user, this change means that the file owner or
	group will have to be adjusted.  Also note that this change is
	only effective for a fresh install; if these files already exist,
	their permissions must be adjusted by hand (if necessary).
352
	(Trac #870, git 461fc3cb6ebabc9f3fa5213749956467a14ebfd4)
JINMEI Tatuya's avatar
JINMEI Tatuya committed
353

Jeremy C. Reed's avatar
Jeremy C. Reed committed
354
250.	[bug]		ocean
355
356
357
	src/lib/util/encode, in some conditions, the DecodeNormalizer's
	iterator may reach the end() and when later being dereferenced
	it will cause crash on some platform.
358
	(Trac #838, git 83e33ec80c0c6485d8b116b13045b3488071770f)
359

Jeremy C. Reed's avatar
Jeremy C. Reed committed
360
249.	[func]		jerry
361
	xfrout: add support for TSIG verification.
362
	(Trac #816, git 3b2040e2af2f8139c1c319a2cbc429035d93f217)
363

Jeremy C. Reed's avatar
Jeremy C. Reed committed
364
248.	[func]		stephen
Stephen Morris's avatar
Stephen Morris committed
365
	Add file and stderr as destinations for logging.
366
	(Trac #555, git 38b3546867425bd64dbc5920111a843a3330646b)
Stephen Morris's avatar
Stephen Morris committed
367

Jeremy C. Reed's avatar
Jeremy C. Reed committed
368
247.	[func]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
369
	Upstream queries from the resolver now set EDNS0 buffer size.
370
	(Trac #834, git 48e10c2530fe52c9bde6197db07674a851aa0f5d)
Jelte Jansen's avatar
Jelte Jansen committed
371

Jeremy C. Reed's avatar
Jeremy C. Reed committed
372
246.	[func]		stephen
373
	Implement logging using log4cplus (http://log4cplus.sourceforge.net)
374
	(Trac #899, git 31d3f525dc01638aecae460cb4bc2040c9e4df10)
375

Jeremy C. Reed's avatar
Jeremy C. Reed committed
376
245.	[func]		vorner
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
377
378
379
380
	Authoritative server can now sign the answers using TSIG
	(configured in tsig_keys/keys, list of strings like
	"name:<base64-secret>:sha1-hmac"). It doesn't use them for
	ACL yet, only verifies them and signs if the request is signed.
381
	(Trac #875, git fe5e7003544e4e8f18efa7b466a65f336d8c8e4d)
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
382

Jeremy C. Reed's avatar
Jeremy C. Reed committed
383
244.	[func]		stephen
384
385
386
387
388
389
390
	In unit tests, allow the choice of whether unhandled exceptions are
	caught in the unit test program (and details printed) or allowed to
	propagate to the default exception handler.  See the bind10-dev thread
	https://lists.isc.org/pipermail/bind10-dev/2011-January/001867.html
	for more details.
	(Trac #542, git 1aa773d84cd6431aa1483eb34a7f4204949a610f)

391
243.	[func]*		feng
392
	Add optional hmac algorithm SHA224/384/812.
393
	(Trac #782, git 77d792c9d7c1a3f95d3e6a8b721ac79002cd7db1)
Jeremy C. Reed's avatar
Jeremy C. Reed committed
394

395
396
bind10-devel-20110519 released on May 19, 2011

397
398
399
400
401
402
403
404
405
406
407
242.	[func]		jinmei
	xfrin: added support for TSIG verify.  This change completes TSIG
	support in b10-xfrin.
	(Trac #914, git 78502c021478d97672232015b7df06a7d52e531b)

241.	[func]		jinmei
	pydnspp: added python extension for the TSIG API introduced in
	change 235.
	(Trac #905, git 081891b38f05f9a186814ab7d1cd5c572b8f777f)
	(Trac #915, git 0555ab65d0e43d03b2d40c95d833dd050eea6c23)

Jelte Jansen's avatar
Jelte Jansen committed
408
409
410
411
240.	[func]*		jelte
	Updated configuration options to Xfrin, so that you can specify
	a master address, port, and TSIG key per zone. Still only one per
	zone at this point, and TSIG keys are (currently) only specified
412
413
414
	by their full string representation. This replaces the
	Xfrin/master_addr, Xfrin/master_port, and short-lived
	Xfrin/tsig_key configurations with a Xfrin/zones list.
Jelte Jansen's avatar
Jelte Jansen committed
415
416
	(Trac #811, git 88504d121c5e08fff947b92e698a54d24d14c375)

417
239.	[bug]		jerry
418
	src/bin/xfrout: If a zone doesn't have notify slaves (only has
419
420
421
422
	one apex ns record - the primary master name server) will cause
	b10-xfrout uses 100% of CPU.
	(Trac #684, git d11b5e89203a5340d4e5ca51c4c02db17c33dc1f)

zhanglikun's avatar
zhanglikun committed
423
238.	[func]		zhang likun
424
	Implement the simplest forwarder, which pass everything through
zhanglikun's avatar
zhanglikun committed
425
426
427
	except QID, port number. The response will not be cached.
	(Trac #598_new, git 8e28187a582820857ef2dae9b13637a3881f13ba)

428
237.	[bug]		naokikambe
Naoki Kambe's avatar
Naoki Kambe committed
429
430
431
432
433
434
435
436
437
438
439
	Resolved that the stats module wasn't configurable in bindctl in
	spite of its having configuration items. The configuration part
	was removed from the original spec file "stats.spec" and was
	placed in a new spec file "stats-schema.spec". Because it means
	definitions of statistics items. The command part is still
	there. Thus stats module currently has no its own configuration,
	and the items in "stats-schema.spec" are neither visible nor
	configurable through bindctl. "stats-schema.spec" is shared with
	stats module and stats-httpd module, and maybe with other
	statistical modules in future. "stats.spec" has own configuration
	and commands of stats module, if it requires.
440
	(Trac #719, git a234b20dc6617392deb8a1e00eb0eed0ff353c0a)
441

Jelte Jansen's avatar
Jelte Jansen committed
442
443
444
445
446
447
236.	[func]		jelte
	C++ client side of configuration now uses BIND10 logging system.
	It also has improved error handling when communicating with the
	rest of the system.
	(Trac #743, git 86632c12308c3ed099d75eb828f740c526dd7ec0)

448
449
450
451
452
453
454
455
456
457
458
235.	[func]		jinmei
	libdns++: added support for TSIG signing and verification.  It can
	be done using a newly introduced TSIGContext class.
	Note: we temporarily disabled support for truncated signature
	and modified some part of the code introduced in #226 accordingly.
	We plan to fix this pretty soon.
	(Trac #812, git ebe0c4b1e66d359227bdd1bd47395fee7b957f14)
	(Trac #871, git 7c54055c0e47c7a0e36fcfab4b47ff180c0ca8c8)
	(Trac #813, git ffa2f0672084c1f16e5784cdcdd55822f119feaa)
	(Trac #893, git 5aaa6c0f628ed7c2093ecdbac93a2c8cf6c94349)

Jeremy C. Reed's avatar
Jeremy C. Reed committed
459
234.	[func]		jerry
460
461
	src/bin/xfrin: update xfrin to use TSIG. Currently it only supports
	sending a signed TSIG request or SOA request.
chenzhengzhang's avatar
chenzhengzhang committed
462
	(Trac #815, git a892818fb13a1839c82104523cb6cb359c970e88)
463

Jeremy C. Reed's avatar
Jeremy C. Reed committed
464
233.	[func]		stephen
465
466
467
	Added new-style logging statements to the NSAS code.
	(Trac #745, git ceef68cd1223ae14d8412adbe18af2812ade8c2d)

Jeremy C. Reed's avatar
Jeremy C. Reed committed
468
469
470
471
472
473
232.	[func]		stephen
	To facilitate the writing of extended descriptions in
	message files, altered the message file format.  The message
	is now flagged with a "%" as the first non-blank character
	in the line and the lines in the extended description are
	no longer preceded by a "+".
474
475
	(Trac #900, git b395258c708b49a5da8d0cffcb48d83294354ba3)

Jeremy C. Reed's avatar
Jeremy C. Reed committed
476
231.	[func]*		vorner
477
    The logging interface changed slightly. We use
Jeremy C. Reed's avatar
Jeremy C. Reed committed
478
479
480
481
482
	logger.foo(MESSAGE_ID).arg(bar); instead of logger.foo(MESSAGE_ID,
	bar); internally. The message definitions use '%1,%2,...'
	instead of '%s,%d', which allows us to cope better with
	mismatched placeholders and allows reordering of them in
	case of translation.
483
	(Trac #901, git 4903410e45670b30d7283f5d69dc28c2069237d6)
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
484

Naoki Kambe's avatar
Naoki Kambe committed
485
230.	[bug]		naokikambe
Naoki Kambe's avatar
Naoki Kambe committed
486
487
488
	Removed too repeated verbose messages in two cases of:
	 - when auth sends statistics data to stats
	 - when stats receives statistics data from other modules
489
	(Trac #620, git 0ecb807011196eac01f281d40bc7c9d44565b364)
Naoki Kambe's avatar
Naoki Kambe committed
490

491
492
493
494
495
496
497
498
499
500
501
502
503
229.	[doc]		jreed
	Add manual page for b10-host.
	(git a437d4e26b81bb07181ff35a625c540703eee845)

228.	[func]*		jreed
	The host tool is renamed to b10-host. While the utility is
	a work in progress, it is expected to now be shipped with
	tarballs. Its initial goal was to be a host(1) clone,
	rewritten in C++ from scratch and using BIND 10's libdns++.
	It now supports the -a (any), -c class, -d (verbose) switches
	and has improved output.
	(Trac #872, git d846851699d5c76937533adf9ff9d948dfd593ca)

504
505
506
507
508
509
227.	[build]		jreed
	Add missing libdns++ rdata files for the distribution (this
	fixes distcheck error). Change three generated libdns++
	headers to "nodist" so they aren't included in the distribution
	(they were mistakenly included in last tarball).

Jelte Jansen's avatar
Jelte Jansen committed
510
511
512
513
226.	[func]*		jelte
	Introduced an API for cryptographic operations. Currently it only
	supports HMAC, intended for use with TSIG. The current
	implementation uses Botan as the backend library.
514
515
	This introduces a new dependency, on Botan.  Currently only Botan
	1.8.x works; older or newer versions don't.
516
	(Trac #781, git 9df42279a47eb617f586144dce8cce680598558a)
Jelte Jansen's avatar
Jelte Jansen committed
517

518
225.	[func]		naokikambe
519
	Added the HTTP/XML interface (b10-stats-httpd) to the
520
521
	statistics feature in BIND 10. b10-stats-httpd is a standalone
	HTTP server and it requests statistics data to the stats
522
	daemon (b10-stats) and sends it to HTTP clients in XML
523
524
	format. Items of the data collected via b10-stats-httpd
	are almost equivalent to ones which are collected via
525
526
	bindctl. Since it also can send XSL (Extensible Stylesheet
	Language) document and XSD (XML Schema definition) document,
527
528
	XML document is human-friendly to view through web browsers
	and its data types are strictly defined.
529
	(Trac #547, git 1cbd51919237a6e65983be46e4f5a63d1877b1d3)
Naoki Kambe's avatar
Naoki Kambe committed
530

JINMEI Tatuya's avatar
JINMEI Tatuya committed
531
532
533
534
535
536
537
538
224.	[bug]		jinmei
	b10-auth, src/lib/datasrc: inconsistency between the hot spot
	cache and actual data source could cause a crash while query
	processing.  The crash could happen, e.g., when an sqlite3 DB file
	is being updated after a zone transfer while b10-auth handles a
	query using the corresponding sqlite3 data source.
	(Trac #851, git 2463b96680bb3e9a76e50c38a4d7f1d38d810643)

JINMEI Tatuya's avatar
JINMEI Tatuya committed
539
223.	[bug]		feng
540
541
542
	If ip address or port isn't usable for name server, name
	server process won't exist and give end user chance to
	reconfigure them.
hanfeng's avatar
hanfeng committed
543
	(Trac #775, git 572ac2cf62e18f7eb69d670b890e2a3443bfd6e7)
hanfeng's avatar
hanfeng committed
544

545
546
547
548
549
550
551
222.	[bug]*		jerry
	src/lib/zonemgr: Fix a bug that xfrin not checking for new
	copy of zone on startup.  Imposes some random jitters to
	avoid many zones need to do refresh at the same time. This
	removed the Zonemgr/jitter_scope setting and introduced
	Zonemgr/refresh_jitter and Zonemgr/reload_jitter.
	(Trac #387, git 1241ddcffa16285d0a7bb01d6a8526e19fbb70cb)
552

chenzhengzhang's avatar
chenzhengzhang committed
553
554
221.	[func]*		jerry
	src/lib/util: Create C++ utility library.
555
	(Trac #749, git 084d1285d038d31067f8cdbb058d626acf03566d)
chenzhengzhang's avatar
chenzhengzhang committed
556

557
220.	[func]		stephen
558
559
	Added the 'badpacket' program for testing; it sends a set of
	(potentially) bad packets to a nameserver and prints the responses.
560
	(Trac #703, git 1b666838b6c0fe265522b30971e878d9f0d21fde)
561

562
219.	[func]		ocean
563
564
565
	src/lib: move some dns related code out of asiolink library to
	asiodns library
	(Trac #751, git 262ac6c6fc61224d54705ed4c700dadb606fcb1c)
Ocean Wang's avatar
Ocean Wang committed
566

567
568
569
570
218.	[func]		jinmei
	src/lib/dns: added support for RP RDATA.
	(Trac #806, git 4e47d5f6b692c63c907af6681a75024450884a88)

571
217.	[bug]		jerry
572
573
574
	src/lib/dns/python: Use a signed version of larger size of
	integer and perform more strict range checks with
	PyArg_ParseTuple() in case of overflows.
chenzhengzhang's avatar
chenzhengzhang committed
575
	(Trac #363, git ce281e646be9f0f273229d94ccd75bf7e08d17cf)
chenzhengzhang's avatar
chenzhengzhang committed
576

577
216.	[func]		vorner
578
579
580
	The BIND10_XFROUT_SOCKET_FILE environment variable can be
	used to specify which socket should be used for communication
	between b10-auth and b10-xfrout. Mostly for testing reasons.
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
581
582
	(Trac #615, git 28b01ad5bf72472c824a7b8fc4a8dc394e22e462)

583
215.	[func]		vorner
584
585
586
587
	A new process, b10-sockcreator, is added, which will create
	sockets for the rest of the system.  It is the only part
	which will need to keep the root privileges. However, only
	the process exists, nothing can talk to it yet.
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
588
589
	(Trac #366, git b509cbb77d31e388df68dfe52709d6edef93df3f)

590
214.	[func]*		vorner
591
592
593
594
	Zone manager no longer thinks it is secondary master for
	all zones in the database. They are listed in
	Zonemgr/secondary_zones configuration variable (in the form
	[{"name": "example.com", "class": "IN"}]).
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
595
	(Trac #670, git 7c1e4d5e1e28e556b1d10a8df8d9486971a3f052)
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
596

597
213.	[bug]		naokikambe
598
599
600
601
602
603
604
605
	Solved incorrect datetime of "bind10.boot_time" and also
	added a new command "sendstats" for Bob. This command is
	to send statistics data to the stats daemon immediately.
	The solved problem is that statistics data doesn't surely
	reach to the daemon because Bob sent statistics data to
	the daemon while it is starting. So the daemon invokes the
	command for Bob after it starts up. This command is also
	useful for resending statistics data via bindctl manually.
Naoki Kambe's avatar
Naoki Kambe committed
606
	(Trac #521, git 1c269cbdc76f5dc2baeb43387c4d7ccc6dc863d2)
Naoki Kambe's avatar
Naoki Kambe committed
607

608
212.	[bug]		naokikambe
609
610
	Fixed that the ModuleCCSession object may group_unsubscribe in the
	closed CC session in being deleted.
Naoki Kambe's avatar
Naoki Kambe committed
611
	(Trac #698, git 0355bddc92f6df66ef50b920edd6ec3b27920d61)
612

613
211.	[func]		shane
614
	Implement "--brittle" option, which causes the server to exit
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
615
	if any of BIND 10's processes dies.
616
	(Trac #788, git 88c0d241fe05e5ea91b10f046f307177cc2f5bc5)
617

618
210.	[bug]		jerry
619
620
	src/bin/auth: fixed a bug where type ANY queries don't provide
	additional glue records for ANSWER section.
621
	(Trac #699, git 510924ebc57def8085cc0e5413deda990b2abeee)
622

623
624
bind10-devel-20110322 released on March 22, 2011

625
209.	[func]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
626
627
628
629
630
	Resolver now uses the NSAS when looking for a nameserver to
	query for any specific zone. This also includes keeping track of
	the RTT for that nameserver.
	(Trac #495, git 76022a7e9f3ff339f0f9f10049aa85e5784d72c5)

631
208.	[bug]*		jelte
Jelte Jansen's avatar
Jelte Jansen committed
632
633
634
635
636
	Resolver now answers REFUSED on queries that are not for class IN.
	This includes the various CH TXT queries, which will be added
	later.
	(git 012f9e78dc611c72ea213f9bd6743172e1a2ca20)

637
207.	[func]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
638
639
640
641
	Resolver now starts listening on localhost:53 if no configuration
	is set.
	(Trac #471, git 1960b5becbba05570b9c7adf5129e64338659f07)

642
206.	[func]		shane
643
	Add the ability to list the running BIND 10 processes using the
Shane Kerr's avatar
Shane Kerr committed
644
	command channel. To try this, use "Boss show_processes".
645
	(Trac #648, git 451bbb67c2b5d544db2f7deca4315165245d2b3b)
Shane Kerr's avatar
Shane Kerr committed
646

647
205.	[bug]		jinmei
JINMEI Tatuya's avatar
JINMEI Tatuya committed
648
649
650
651
652
653
	b10-auth, src/lib/datasrc: fixed a bug where b10-auth could return
	an empty additional section for delegation even if some glue is
	crucial when it fails to find some other glue records in its data
	source.
	(Trac #646, git 6070acd1c5b2f7a61574eda4035b93b40aab3e2b)

654
204.	[bug]		jinmei
655
656
657
658
659
660
	b10-auth, src/lib/datasrc: class ANY queries were not handled
	correctly in the generic data source (mainly for sqlite3).  It
	could crash b10-auth in the worst case, and could result in
	incorrect responses in some other cases.
	(Trac #80, git c65637dd41c8d94399bd3e3cee965b694b633339)

661
203.	[bug]		zhang likun
662
663
	Fix resolver cache memory leak: when cache is destructed, rrset
	and message entries in it are not destructed properly.
664
	(Trac #643, git aba4c4067da0dc63c97c6356dc3137651755ffce)
zhanglikun's avatar
zhanglikun committed
665

666
202.	[func]		vorner
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
667
	It is possible to specify a different directory where we look for
668
669
670
	configuration files (by -p) and different configuration file to
	use (-c).  Also, it is possible to specify the port on which
	cmdctl should listen (--cmdctl-port).
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
671
672
	(Trac #615, git 5514dd78f2d61a222f3069fc94723ca33fb3200b)

673
201.	[bug]		jerry
674
675
676
	src/bin/bindctl: bindctl doesn't show traceback on shutdown.
	(Trac #588, git 662e99ef050d98e86614c4443326568a0b5be437)

677
200.	[bug]		Jelte
Jelte Jansen's avatar
Jelte Jansen committed
678
679
680
	Fixed a bug where incoming TCP connections were not closed.
	(Trac #589, git 1d88daaa24e8b1ab27f28be876f40a144241e93b)

681
199.	[func]		ocean
682
683
684
	Cache negative responses (NXDOMAIN/NODATA) from authoritative
	server for recursive resolver.
	(Trac #493, git f8fb852bc6aef292555063590c361f01cf29e5ca)
Ocean Wang's avatar
Ocean Wang committed
685

686
198.	[bug]		jinmei
687
688
689
690
691
692
693
	b10-auth, src/lib/datasrc: fixed a bug where hot spot cache failed
	to reuse cached SOA for negative responses.  Due to this bug
	b10-auth returned SERVFAIL when it was expected to return a
	negative response immediately after a specific SOA query for
	the zone.
	(Trac #626, git 721a53160c15e8218f6798309befe940b9597ba0)

694
197.	[bug]		zhang likun
zhanglikun's avatar
zhanglikun committed
695
696
697
698
699
	Remove expired message and rrset entries when looking up them
	in cache, touch or remove the rrset entry in cache properly
	when doing lookup or update.
	(Trac #661, git 9efbe64fe3ff22bb5fba46de409ae058f199c8a7)

700
196.	[bug]		jinmei
zhanglikun's avatar
zhanglikun committed
701
702
703
704
705
	b10-auth, src/lib/datasrc: the backend of the in-memory data
	source could not handle the root name.  As a result b10-auth could
	not work as a root server when using the in-memory data source.
	(Trac #683, git 420ec42bd913fb83da37b26b75faae49c7957c46)

706
195.	[func]		stephen
Naoki Kambe's avatar
Naoki Kambe committed
707
708
709
710
	Resolver will now re-try a query over TCP if a response to a UDP
	query has the TC bit set.
	(Trac #499, git 4c05048ba059b79efeab53498737abe94d37ee07)

711
194.	[bug]		vorner
Naoki Kambe's avatar
Naoki Kambe committed
712
713
714
715
716
717
	Solved a 100% CPU usage problem after switching addresses in b10-auth
	(and possibly, but unconfirmed, in b10-resolver). It was caused by
	repeated reads/accepts on closed socket (the bug was in the code for a
	long time, recent changes made it show).
	(Trac #657, git e0863720a874d75923ea66adcfbf5b2948efb10a)

718
193.	[func]*		jreed
Naoki Kambe's avatar
Naoki Kambe committed
719
720
721
722
723
	Listen on the IPv6 (::) and IPv4 (0.0.0.0) wildcard addresses
	for b10-auth. This returns to previous behavior prior to
	change #184. Document the listen_on configuration in manual.
	(Trac #649, git 65a77d8fde64d464c75917a1ab9b6b3f02640ca6)

724
192.	[func]*		jreed
Naoki Kambe's avatar
Naoki Kambe committed
725
726
727
728
	Listen on standard domain port 53 for b10-auth and
	b10-resolver.
	(Trac #617, #618, git 137a6934a14cf0c5b5c065e910b8b364beb0973f)

729
191.	[func]		jinmei
Naoki Kambe's avatar
Naoki Kambe committed
730
731
732
733
734
735
736
737
738
	Imported system test framework of BIND 9.  It can be run by
	'make systest' at the top source directory.  Notes: currently it
	doesn't work when built in a separate tree.  It also requires
	perl, an inherited dependency from the original framework.
	Also, mainly for the purpose of tests, a new option "--pid-file"
	was added to BoB, with which the boss process will dump its PID
	to the specified file.
	(Trac #606, git 6ac000df85625f5921e8895a1aafff5e4be3ba9c)

739
190.	[func]		jelte
Naoki Kambe's avatar
Naoki Kambe committed
740
741
742
743
	Resolver now sets random qids on outgoing queries using
	the boost::mt19937 prng.
	(Trac #583, git 5222b51a047d8f2352bc9f92fd022baf1681ed81)

744
189.	[bug]		jreed
Naoki Kambe's avatar
Naoki Kambe committed
745
746
747
	Do not install the log message compiler.
	(Trac #634, git eb6441aca464980d00e3ff827cbf4195c5a7afc5)

748
188.	[bug]		zhang likun
749
750
751
	Make the rrset trust level ranking algorithm used by
	isc::cache::MessageEntry::getRRsetTrustLevel() follow RFC2181
	section 5.4.1.
zhanglikun's avatar
zhanglikun committed
752
	(Trac #595 git 19197b5bc9f2955bd6a8ca48a2d04472ed696e81)
753

754
187.	[bug]		zhang likun
zhanglikun's avatar
zhanglikun committed
755
756
757
758
	Fix the assert error in class isc::cache::RRsetCache by adding the
	check for empty pointer and test case for it.
	(Trac #638, git 54e61304131965c4a1d88c9151f8697dcbb3ce12)

759
186.	[bug]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
760
761
762
763
764
	b10-resolver could stop with an assertion failure on certain kinds
	of messages (there was a problem in error message creation). This
	fixes that.
	(Trac #607, git 25a5f4ec755bc09b54410fcdff22691283147f32)

765
185.	[bug]		vorner
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
766
767
768
769
	Tests use port from private range (53210), lowering chance of
	a conflict with something else (eg. running bind 10).
	(Trac #523, git 301da7d26d41e64d87c0cf72727f3347aa61fb40)

770
184.	[func]*		vorner
771
772
773
774
	Listening address and port configuration of b10-auth is the same as
	for b10-resolver now. That means, it is configured through bindctl
	at runtime, in the Auth/listen_on list, not through command line
	arguments.
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
775
776
	(Trac #575, #576, git f06ce638877acf6f8e1994962bf2dbfbab029edf)

777
183.	[bug]		jerry
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
778
	src/bin/xfrout: Enable parallel sessions between xfrout server and
779
780
	muti-Auth. The session needs to be created only on the first time
	or if an error occur.
781
	(Trac #419, git 1d60afb59e9606f312caef352ecb2fe488c4e751)
782

783
182.	[func]		jinmei
784
785
786
787
788
789
790
791
792
	Support cppcheck for static code check on C++ code.  If cppcheck
	is available, 'make cppcheck' on the top source directory will run
	the checker and should cleanly complete with an exit code of 0
	(at least with cppcheck 1.47).
	Note: the suppression list isn't included in the final
	distributions.  It should be created by hand or retrieved from
	the git repository.
	(Trac #613, git b973f67520682b63ef38b1451d309be9f4f4b218)

793
181.	[func]		feng
794
	Add stop interface into dns server, so we can stop each running
795
	server individually. With it, user can reconfigure her running server
796
	with different ip address or port.
797
	(Trac #388, git 6df94e2db856c1adc020f658cc77da5edc967555)
798

799
180.	[build]		jreed
Jeremy C. Reed's avatar
Jeremy C. Reed committed
800
	Fix custom DESTDIR for make install. Patch from Jan Engelhardt.
801
	(Trac #629, git 5ac67ede03892a5eacf42ce3ace1e4e376164c9f)
802

803
804
bind10-devel-20110224 released on February 24, 2011

805
179.	[func]		vorner
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
806
807
808
809
810
811
	It is possible to start and stop resolver and authoritative
	server without restart of the whole system. Change of the
	configuration (Boss/start_auth and Boss/start_resolver) is
	enough.
	(Trac #565, git 0ac0b4602fa30852b0d86cc3c0b4730deb1a58fe)

812
178.	[func]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
813
814
815
	Resolver now makes (limited) use of the cache
	(Trac #491, git 8b41f77f0099ddc7ca7d34d39ad8c39bb1a8363c)

816
177.	[func]		stephen
817
818
819
820
821
	The upstream fetch code in asiolink is now protocol agnostic to
	allow for the addition of fallback to TCP if a fetch response
	indicates truncation.
	(Trac #554, git 9739cbce2eaffc7e80640db58a8513295cf684de)

822
176.	[func]		likun
823
824
	src/lib/cache: Rename one interface: from lookupClosestRRset()
	to lookupDeepestNS(), and remove one parameter of it.
825
	(Trac #492, git ecbfb7cf929d62a018dd4cdc7a841add3d5a35ae)
826

827
175.	[bug]		jerry
828
829
830
831
	src/bin/xfrout: Xfrout use the case-sensitive mode to compress
	names in an AXFR massage.
	(Trac #253, git 004e382616150f8a2362e94d3458b59bb2710182)

832
174.	[bug]*		jinmei
833
834
835
836
837
838
839
840
	src/lib/dns: revised dnssectime functions so that they don't rely
	on the time_t type (whose size varies on different systems, which
	can lead to subtle bugs like some form of "year 2038 problem").
	Also handled 32-bit wrap around issues more explicitly, with more
	detailed tests.  The function API has been changed, but the effect
	should be minimal because these functions are mostly private.
	(Trac #61, git 09ece8cdd41c0f025e8b897b4883885d88d4ba5d)

841
173.	[bug]		jerry
842
843
844
845
846
	python/isc/notify: A notify_out test fails without network
	connectivity, encapsulate the socket behavior using a mock
	socket class to fix it.
	(Trac #346, git 319debfb957641f311102739a15059f8453c54ce)

847
172.	[func]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
848
849
850
851
852
	Improved the bindctl cli in various ways, mainly concerning
	list and map item addressing, the correct display of actual values,
	and internal help.
	(Trac #384, git e5fb3bc1ed5f3c0aec6eb40a16c63f3d0fc6a7b2)

853
171.	[func]		vorner
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
854
855
856
857
	b10-auth, src/lib/datasrc: in memory data source now works as a
	complete data source for authoritative DNS servers and b10-auth
	uses it.  It still misses major features, however, including
	DNSSEC support and zone transfer.
858
	(Last Trac #553, but many more,
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
859
	git 6f031a09a248e7684723c000f3e8cc981dcdb349)
860

861
170.	[bug]		jinmei
862
863
864
865
866
867
	Tightened validity checks in the NSEC3 constructors, both "from
	"text" and "from wire".  Specifically, wire data containing
	invalid type bitmaps or invalid lengths of salt or hash is now
	correctly rejected.
	(Trac #117, git 9c690982f24fef19c747a72f43c4298333a58f48)

868
169.	[func]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
869
870
	Added a basic implementation for a resolver cache (though not
	used yet).
871
	(Trac #449, git 8aa3b2246ae095bbe7f855fd11656ae3bdb98986)
Jelte Jansen's avatar
Jelte Jansen committed
872

873
168.	[bug]		vorner
874
875
876
	Boss no longer has the -f argument, which was undocumented and
	stayed as a relict of previous versions, currently causing only
	strange behaviour.
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
877
878
	(Trac #572, git 17f237478961005707d649a661cc72a4a0d612d4)

879
167.	[bug]		naokikambe
880
	Fixed failure of termination of msgq_test.py with python3
881
	coverage (3.3.1).
882
	(Trac #573, git 0e6a18e12f61cc482e07078776234f32605312e5)
883

884
166.	[func]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
885
886
887
	The resolver now sends back a SERVFAIL when there is a client
	timeout (timeout_client config setting), but it will not stop
	resolving (until there is a lookup timeout or a result).
888
	(Trac #497 and #489, git af0e5cd93bebb27cb5c4457f7759d12c8bf953a6)
Jelte Jansen's avatar
Jelte Jansen committed
889

890
165.	[func]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
891
892
893
	The resolver now handles CNAMEs, it will follow them, and include
	them in the answer. The maximum length of CNAME chains that is
	supported is 16.
894
	(Trac #497, git af0e5cd93bebb27cb5c4457f7759d12c8bf953a6)
Jelte Jansen's avatar
Jelte Jansen committed
895

896
164.	[bug]		y-aharen
Yoshitaka Aharen's avatar
Yoshitaka Aharen committed
897
898
899
900
	IntervalTimer: Modified the interface to accept interval in
	milliseconds. It shortens the time of the tests of IntervalTimer.
	(Trac #452, git c9f6acc81e24c4b8f0eb351123dc7b43f64e0914)

901
163.	[func]		vorner
902
903
904
905
	The pimpl design pattern is used in UDPServer, with a shared
	pointer. This makes it smaller to copy (which is done a lot as a
	sideeffect of being coroutine) and speeds applications of this
	class (notably b10-auth) up by around 10%.
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
906
907
	(Trac #537, git 94cb95b1d508541201fc064302ba836164d3cbe6)

908
162.	[func]		stephen
909
910
911
912
913
914
915
916
	Added C++ logging, allowing logging at different severities.
	Code specifies the message to be logged via a symbol, and the
	logging code picks up the message from an in-built dictionary.
	The contents of the dictionary can be replaced at run-time by
	locale-specific messages.  A message compiler program is provided
	to create message header files and supply the default messages.
	(Trac #438, git 7b1606cea7af15dc71f5ec1d70d958b00aa98af7)

917
161.	[func]		stephen
918
919
920
	Added ResponseScrubber class to examine response from
	a server and to remove out-of-bailiwick RRsets.  Also
	does cross-section checks to ensure consistency.
921
	(Trac #496, git b9296ca023cc9e76cda48a7eeebb0119166592c5)
922

923
160.	[func]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
924
925
926
927
928
  	Updated the resolver to take 3 different timeout values;
	timeout_query for outstanding queries we sent while resolving
	timeout_client for sending an answer back to the client
	timeout_lookup for stopping the resolving
	(currently 2 and 3 have the same final effect)
929
	(Trac #489, git 578ea7f4ba94dc0d8a3d39231dad2be118e125a2)
Jelte Jansen's avatar
Jelte Jansen committed
930

931
159.	[func]		smann
chenzhengzhang's avatar
chenzhengzhang committed
932
933
934
935
936
937
	The resolver now has a configurable set of root servers to start
	resolving at (called root_addresses). By default these are not
	(yet) filled in. If empty, a hardcoded address for f-root will be
	used right now.
	(Trac #483, git a07e078b4feeb01949133fc88c9939254c38aa7c)

938
158.	[func]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
939
940
941
942
943
944
945
	The Resolver module will now do (very limited) resolving, if not
	set to forwarding mode (i.e. if the configuration option
	forward_addresses is left empty). It only supports referrals that
	contain glue addresses at this point, and does no other processing
	of authoritative answers.
	(Trac #484, git 7b84de4c0e11f4a070e038ca4f093486e55622af)

946
157.	[bug]		vorner
Michal 'vorner' Vaner's avatar
Michal 'vorner' Vaner committed
947
948
949
950
	One frozen process no longer freezes the whole b10-msgq. It caused the
	whole system to stop working.
	(Trac #420, git 93697f58e4d912fa87bc7f9a591c1febc9e0d139)

951
156.	[func]		stephen
952
953
954
955
	Added ResponseClassifier class to examine response from
	a server and classify it into one of several categories.
	(Trac #487, git 18491370576e7438c7893f8551bbb8647001be9c)

Jelte Jansen's avatar
Jelte Jansen committed
956
957
bind10-devel-20110120 released on January 20, 2011

958
155.	[doc]		jreed
959
960
961
962
	Miscellaneous documentation improvements for man pages and
	the guide, including auth, resolver, stats, xfrout, and
	zonemgr.  (git c14c4741b754a1eb226d3bdc3a7abbc4c5d727c0)

963
154.	[bug]		jinmei
JINMEI Tatuya's avatar
JINMEI Tatuya committed
964
965
966
967
968
	b10-xfrin/b10-zonemgr: Fixed a bug where these programs didn't
	receive command responses from CC sessions.  Eventually the
	receive buffer became full, and many other components that rely
	on CC channels would stall (as noted in #420 and #513).  This is
	an urgent care fix due to the severity of the problem; we'll need
969
970
	to revisit it for cleaner fix later.
	(Trac #516, git 62c72fcdf4617e4841e901408f1e7961255b8194)
JINMEI Tatuya's avatar
JINMEI Tatuya committed
971

972
153.	[bug]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
973
974
975
976
	b10-cfgmgr: Fixed a bug where configuration updates sometimes
	lost previous settings in the configuration manager.
	(Trac #427, git 2df894155657754151e0860e2ca9cdbed7317c70)

977
152.	[func]*		jinmei
JINMEI Tatuya's avatar
JINMEI Tatuya committed
978
979
980
981
982
983
	b10-auth: Added new configuration variable "statistics-interval"
	to allow the user to change the timer interval for periodic
	statistics updates.  The update can also be disabled by setting
	the value to 0.  Disabling statistics updates will also work as
	a temporary workaround of a known issue that b10-auth can block in
	sending statistics and stop responding to queries as a result.
984
	(Trac #513, git 285c5ee3d5582ed6df02d1aa00387f92a74e3695)
JINMEI Tatuya's avatar
JINMEI Tatuya committed
985

986
151.	[bug]		smann
Scott Mann's avatar
Scott Mann committed
987
	lib/log/dummylog.h: 
988
989
990
991
	lib/log/dummylog.cc: Modify dlog so that it takes an optional
	2nd argument of type bool (true or false). This flag, if
	set, will cause the message to be printed whether or not
	-v is chosen.
992
        (Trac #432, git 880220478c3e8702d56d761b1e0b21b77d08ee5a)
JINMEI Tatuya's avatar
JINMEI Tatuya committed
993

994
150.	[bug]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
995
	b10-cfgmgr: No longer save the configuration on exit. Configuration
Jeremy C. Reed's avatar
Jeremy C. Reed committed
996
	is already saved if it is changed successfully, so writing it on
Jelte Jansen's avatar
Jelte Jansen committed
997
998
999
1000
	exit (and hence, when nothing has changed too) is unnecessary and
	may even cause problems.
	(Trac #435, git fd7baa38c08d54d5b5f84930c1684c436d2776dc)

1001
149.	[bug]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
1002
1003
1004
	bindctl: Check if the user session has disappeared (either by a
	timeout or by a server restart), and reauthenticate if so. This
	fixes the 'cmdctl not running' problem.
1005
        (Trac #431, git b929be82fec5f92e115d8985552f84b4fdd385b9)
Jelte Jansen's avatar
Jelte Jansen committed
1006

1007
148.	[func]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
1008
1009
1010
1011
1012
1013
	bindctl: Command results are now pretty-printed (i.e. printed in
	a more readable form). Empty results are no longer printed at all
	(used to print '{}'), and the message
	'send the command to cmd-ctrl' has also been removed.
	(git 3954c628c13ec90722a2d8816f52a380e0065bae)

1014
147.	[bug]		jinmei
1015
1016
	python/isc/config: Fixed a bug that importing custom configuration
	(in b10-config.db) of a remote module didn't work.
1017
	(Trac #478, git ea4a481003d80caf2bff8d0187790efd526d72ca)
1018

1019
146.	[func]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
1020
1021
1022
1023
1024
1025
	Command arguments were not validated internally against their
	specifications. This change fixes that (on the C++ side, Python
	side depends on an as yet planned addition). Note: this is only
	an added internal check, the cli already checks format.
	(Trac #473, git 5474eba181cb2fdd80e2b2200e072cd0a13a4e52)

1026
145.	[func]*		jinmei
1027
1028
1029
1030
1031
	b10-auth: added a new command 'loadzone' for (re)loading a
	specific zone.  The command syntax is generic but it is currently
	only feasible for class IN in memory data source.  To reload a
	zone "example.com" via bindctl, execute the command as follows:
	> Auth loadzone origin = example.com
1032
1033
	(Trac #467 git 4f7e1f46da1046de527ab129a88f6aad3dba7562
	from 1d7d3918661ba1c6a8b1e40d8fcbc5640a84df12)
1034

1035
144.	[build]		jinmei
JINMEI Tatuya's avatar
JINMEI Tatuya committed
1036
1037
1038
1039
1040
1041
1042
	Introduced a workaround for clang++ build on FreeBSD (and probably
	some other OSes).  If building BIND 10 fails with clang++ due to
	a link error about "__dso_handle", try again from the configure
	script with CXX_LIBTOOL_LDFLAGS=-L/usr/lib (the path actually
	doesn't matter; the important part is the -L flag).  This
	workaround is not automatically enabled as it's difficult to
	detect the need for it dynamically, and must be enabled via the
1043
1044
	variable by hand.
	(Trac #474, git cfde436fbd7ddf3f49cbbd153999656e8ca2a298)
JINMEI Tatuya's avatar
JINMEI Tatuya committed
1045

1046
143.	[build]		jinmei
JINMEI Tatuya's avatar
JINMEI Tatuya committed
1047
1048
1049
	Fixed build problems with clang++ in unit tests due to recent
	changes.  No behavior change. (Trac #448, svn r4133)

1050
142.	[func]		jinmei
JINMEI Tatuya's avatar
JINMEI Tatuya committed
1051
1052
1053
1054
1055
1056
	b10-auth: updated query benchmark so that it can test in memory
	data source.  Also fixed a bug that the output buffer isn't
	cleared after query processing, resulting in misleading results
	or program crash.  This is a regression due to change #135.
	(Trac #465, svn r4103)

1057
141.	[bug]		jinmei
JINMEI Tatuya's avatar
JINMEI Tatuya committed
1058
1059
1060
1061
	b10-auth: Fixed a bug that the authoritative server includes
	trailing garbage data in responses.  This is a regression due to
	change #135. (Trac #462, svn r4081)

1062
140.	[func]		y-aharen
1063
	src/bin/auth: Added a feature to count queries and send counter
1064
	values to statistics periodically. To support it, added wrapping
1065
	class of asio::deadline_timer to use as interval timer.
1066
1067
	The counters can be seen using the "Stats show" command from
	bindctl.  The result would look like:
1068
	  ... "auth.queries.tcp": 1, "auth.queries.udp": 1 ...
1069
1070
	Using the "Auth sendstats" command you can make b10-auth send the
	counters to b10-stats immediately.
1071
1072
	(Trac #347, svn r4026)

1073
139.	[build]		jreed
1074
	Introduced configure option and make targets for generating
Jeremy C. Reed's avatar
Jeremy C. Reed committed
1075
1076
1077
1078
	Python code coverage report. This adds new make targets:
	report-python-coverage and clean-python-coverage. The C++
	code coverage targets were renamed to clean-cpp-coverage
	and report-cpp-coverage. (Trac #362, svn r4023)
1079

1080
138.	[func]*		jinmei
JINMEI Tatuya's avatar
JINMEI Tatuya committed
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
	b10-auth: added a configuration interface to support in memory
	data sources.  For example, the following command to bindctl
	will configure a memory data source containing the "example.com"
	zone with the zone file named "example.com.zone":
	> config set Auth/datasources/ [{"type": "memory", "zones": \
	 [{"origin": "example.com", "file": "example.com.zone"}]}]
	By default, the memory data source is disabled; it must be
	configured explicitly.  To disable it again, specify a null list
	for Auth/datasources:
	> config set Auth/datasources/ []
	Notes: it's currently for class IN only.  The zone files are not
	actually loaded into memory yet (which will soon be implemented).
	This is an experimental feature and the syntax may change in
	future versions.
	(Trac #446, svn r3998)

1097
137.	[bug]		jreed
Jeremy C. Reed's avatar
Jeremy C. Reed committed
1098
1099
	Fix run_*.sh scripts that are used for development testing
	so they use a msgq socket file in the build tree.
Jeremy C. Reed's avatar
Jeremy C. Reed committed
1100
	(Trac #226, svn r3989)
Jeremy C. Reed's avatar
Jeremy C. Reed committed
1101

1102
136.	[bug]		jelte
Jelte Jansen's avatar
Jelte Jansen committed
1103
1104
1105
1106
1107
1108
  	bindctl (and the configuration manager in general) now no longer
	accepts 'unknown' data; i.e. data for modules that it does not know
	about, or configuration items that are not specified in the .spec
	files.
	(Trac #202, svn r3967)

1109
135.	[func]		each
1110
	Add b10-resolver. This is an example recursive server that
1111
1112
1113
	currently does forwarding only and no caching.
	(Trac #327, svn r3903)

1114
134.	[func]		vorner
1115
	b10-resolver supports timeouts and retries in forwarder mode.
Michal Vaner's avatar
Michal Vaner committed
1116
1117
	(Trac #401, svn r3660)

1118
133.	[func]		vorner
Michal Vaner's avatar
Michal Vaner committed
1119
	New temporary logging function available in isc::log. It is used by
1120
	b10-resolver.
Michal Vaner's avatar
Michal Vaner committed
1121
1122
	(Trac #393, r3602)

1123
132.	[func]		vorner
1124
	The b10-resolver is configured through config manager.
Michal Vaner's avatar
Michal Vaner committed
1125
1126
1127
	It has "listen_on" and "forward_addresses" options.
	(Trac #389, r3448)

1128
131.	[func]		jerry
1129
1130
1131
1132
1133
1134
	src/lib/datasrc: Introduced two template classes RBTree and RBNode
	to provide the generic map with domain name as key and anything as
	the value. Because of some unresolved design issue, the new classes
	are only intended to be used by memory zone and zone table.
	(Trac #397, svn r3890)

Jeremy C. Reed's avatar