ChangeLog

3XX.	[func]		tomek
	libdhcp++: Option6 and Pkt6 now follow the same design as
	options and packet for DHCPv4. General code refactoring after
	end of 2011 year release.
	(Trac #1540, git TBD)

359.	[bug]		kevin
	Corrected SOA serial check in xfrout.  It now compares the SOA
	serial of an IXFR query with that of the server based serial
	number arithmetic, and replies with a single SOA record of the
	server's current version if the former is equal to or newer
	than the latter.
	(Trac #1462, git ceeb87f6d539c413ebdc66e4cf718e7eb8559c45)

358.	[bug]		jinmei
	b10-resolver ignored default configuration parameters if listen_on
	failed (this can easily happen especially for a test environment
	where the run time user doesn't have root privilege), and even if
	listen_on was updated later the resolver wouldn't work correctly
	unless it's fully restarted (for example, all queries would be
	rejected due to an empty ACL).
	(Trac #1424, git 2cba8cb83cde4f34842898a848c0b1182bc20597)

357.	[bug]		jinmei
	ZoneFinder::find() for database based data sources didn't
	correctly identify out-of-zone query name and could return a
	confusing result such as NXRRSET.  It now returns NXDOMAIN with an
	empty RRset.  Note: we should rather throw an exception in such a
	case, which should be revisited later (see Trac #1536).
	(Trac #1430, git b35797ba1a49c78246abc8f2387901f9690b328d)

356.	[doc]		tomek
	BIND10 Guide updated. It now describes DHCPv4 and DHCPv6
	components, including their overview, usage, supported standard
	and limitations. libdhcp++ is also described.
	(Trac #1367, git 3758ab360efe1cdf616636b76f2e0fb41f2a62a0)

355.	[bug]		jinmei
	Python xfrin.diff module incorrectly combined RRSIGs of different
	type covered, possibly merging different TTLs.  As a result a
	secondary server could store different RRSIGs than those at the
	primary server if it gets these records via IXFR.
	(Trac #1502, git 57b06f8cb6681f591fa63f25a053eb6f422896ef)

354.	[func]		tomek
	dhcp4: Support for DISCOVER and OFFER implemented. b10-dhcp4 is
	now able to offer hardcoded leases to DHCPv4 clients.
	dhcp6: Code refactored to use the same approach as dhcp4.
	(Trac #1230, git aac05f566c49daad4d3de35550cfaff31c124513)

353.	[func]		tomek
	libdhcp++: Interface detection in Linux implemented. libdhcp++
	is now able (on Linux systems) to detect available network
	interfaces, its link-layer addresses, flags and configured
	IPv4 and IPv6 addresses. Interface detection on other
	systems is planned.
	(Trac #1237, git 8a040737426aece7cc92a795f2b712d7c3407513)

352.	[func]		tomek
	libdhcp++: Transmission and reception of DHCPv4 packets is now
	implemented. Low-level hacks are not implemented for transmission
	to hosts that don't have IPv4 address yet, so currently the code
	is usable for communication with relays only, not hosts on the
	same link.
	(Trac #1239, #1240, git f382050248b5b7ed1881b086d89be2d9dd8fe385)

351.	[func]		fdupont
	Alpha version of DHCP benchmarking tool added.  "perfdhcp" is able to
	test both IPv4 and IPv6 servers: it can time the four-packet exchange
	(DORA and SARR) as well as time the initial two-packet exchange (DO
	and SA).  More information can be obtained by invoking the utility
	(in tests/tools/perfdhcp) with the "-h" flag.
	(Trac #1450, git 85083a76107ba2236732b45524ce7018eefbaf90)

350.	[func]*		vorner
	The target parameter of ZoneFinder::find is no longer present, as the
	interface was awkward. To get all the RRsets of a single domain, use
	the new findAll method (the same applies to python version, the method
	is named find_all).
	(Trac #1483,#1484, git 0020456f8d118c9f3fd6fc585757c822b79a96f6)

349.	[bug]		dvv
	resolver: If an upstream server responds with FORMERR to an EDNS
	query, try querying it without EDNS.
	(Trac #1386, git 99ad0292af284a246fff20b3702fbd7902c45418)

348.	[bug]		stephen
	By default the logging output stream is now flushed after each write.
	This fixes a problem seen on some systems where the log output from
	different processes was jumbled up.  Flushing can be disabled by
	setting the appropriate option in the logging configuration.
	(Trac #1405, git 2f0aa20b44604b671e6bde78815db39381e563bf)

347.	[bug]		jelte
	Fixed a bug where adding Zonemgr/secondary_zones without explicitely
	setting the class value of the added zone resulted in a cryptic
	error in bindctl ("Error: class"). It will now correctly default to
	IN if not set. This also adds better checks on the name and class
	values, and better errors if they are bad.
	(Trac #1414, git 7b122af8489acf0f28f935a19eca2c5509a3677f)

346.	[build]*		jreed
	Renamed libdhcp to libdhcp++.
	(Trac #1446, git d394e64f4c44f16027b1e62b4ac34e054b49221d)

345.	[func]		tomek
	dhcp4: Dummy DHCPv4 component implemented. Currently it does
	nothing useful, except providing skeleton implementation that can
	be expanded in the future.
	(Trac #992, git d6e33479365c8f8f62ef2b9aa5548efe6b194601)

344.	[func]		y-aharen
	src/lib/statistics: Added statistics counter library for entire server
	items and per zone items. Also, modified b10-auth to use it. It is
	also intended to use in the other modules such as b10-resolver.
	(Trac #510, git afddaf4c5718c2a0cc31f2eee79c4e0cc625499f)

343.	[func]		jelte
	Added IXFR-out system tests, based on the first two test sets of
	http://bind10.isc.org/wiki/IxfrSystemTests.
	(Trac #1314, git 1655bed624866a766311a01214597db01b4c7cec)

342.	[bug]		stephen
	In the resolver, a FORMERR received from an upstream nameserver
	now results in a SERVFAIL being returned as a response to the original
	query.  Additional debug messages added to distinguish between
	different errors in packets received from upstream nameservers.
	(Trac #1383, git 9b2b249d23576c999a65d8c338e008cabe45f0c9)

341.	[func]		tomek
	libdhcp++: Support for handling both IPv4 and IPv6 added.
	Also added support for binding IPv4 sockets.
	(Trac #1238, git 86a4ce45115dab4d3978c36dd2dbe07edcac02ac)

340.	[build]		jelte
	Fixed several linker issues related to recent gcc versions, botan
	and gtest.
	(Trac #1442, git 91fb141bfb3aadfdf96f13e157a26636f6e9f9e3)

339.	[bug]		jinmei
	libxfr, used by b10-auth to share TCP sockets with b10-xfrout,
	incorrectly propagated ASIO specific exceptions to the application
	if the given file name was too long.  This could lead to
	unexpected shut down of b10-auth.
	(Trac #1387, git a5e9d9176e9c60ef20c0f5ef59eeb6838ed47ab2)

338.	[bug]		jinmei
	b10-xfrin didn't check SOA serials of SOA and IXFR responses,
	which resulted in unnecessary transfer or unexpected IXFR
	timeouts (these issues were not overlooked but deferred to be
	fixed until #1278 was completed).  Validation on responses to SOA
	queries were tightened, too.
	(Trac #1299, git 6ff03bb9d631023175df99248e8cc0cda586c30a)

337.	[func]		tomek
	libdhcp++: Support for DHCPv4 option that can store a single
	address or a list of IPv4 addresses added. Support for END option
	added.
	(Trac #1350, git cc20ff993da1ddb1c6e8a98370438b45a2be9e0a)

336.	[func]		jelte
	libdns++ (and its python wrapper) now includes a class Serial, for 
	SOA SERIAL comparison and addition. Operations on instances of this 
	class follow the specification from RFC 1982. 
	Rdata::SOA::getSerial() now returns values of this type (and not 
	uint32_t).
	(Trac #1278, git 2ae72d76c74f61a67590722c73ebbf631388acbd)

335.	[bug]*		jelte
	The DataSourceClientContainer class that dynamically loads 
	datasource backend libraries no longer provides just a .so file name 
	to its call to dlopen(), but passes it an absolute path. This means 
	that it is no longer an system implementation detail that depends on 
	[DY]LD_LIBRARY_PATH which file is chosen, should there be multiple 
	options (for instance, when test-running a new build while a 
	different version is installed).
	These loadable libraries are also no longer installed in the default 
	library path, but in a subdirectory of the libexec directory of the 
	target ($prefix/libexec/[version]/backends).
	This also removes the need to handle b10-xfin and b10-xfrout as 
	'special' hardcoded components, and they are now started as regular 
	components as dictated by the configuration of the boss process.
	(Trac #1292, git 83ce13c2d85068a1bec015361e4ef8c35590a5d0)

334.	[bug]		jinmei
	b10-xfrout could potentially create an overflow response message
	(exceeding the 64KB max) or could create unnecessarily small
	messages.  The former was actually unlikely to happen due to the
	effect of name compression, and the latter was marginal and at least
	shouldn't cause an interoperability problem, but these were still
	potential problems and were fixed.
	(Trac #1389, git 3fdce88046bdad392bd89ea656ec4ac3c858ca2f)

333.	[bug]		dvv
	Solaris needs "-z now" to force non-lazy binding and prevent
	g++ static initialization code from deadlocking.
	(Trac #1439, git c789138250b33b6b08262425a08a2a0469d90433)

332.	[bug]		vorner
	C++ exceptions in the isc.dns.Rdata wrapper are now converted
	to python ones instead of just aborting the interpretter.
	(Trac #1407, git 5b64e839be2906b8950f5b1e42a3fadd72fca033)

bind10-devel-20111128 released on November 28, 2011

331.	[bug]		shane
	Fixed a bug in data source library where a zone with more labels
	than an out-of-bailiwick name server would cause an exception to
	be raised.
	(Trac #1430, git 81f62344db074bc5eea3aaf3682122fdec6451ad)

330.	[bug]		jelte
	Fixed a bug in b10-auth where it would sometimes fail because it
	tried to check for queued msgq messages before the session was
	fully running.
	(git c35d0dde3e835fc5f0a78fcfcc8b76c74bc727ca)

329.	[doc]		vorner, jreed
	Document the bind10 run control configuration in guide and
	manual page.
	(Trac #1341, git c1171699a2b501321ab54207ad26e5da2b092d63)

328.	[func]		jelte
	b10-auth now passes IXFR requests on to b10-xfrout, and no longer
	responds to them with NOTIMPL.
	(Trac #1390, git ab3f90da16d31fc6833d869686e07729d9b8c135)

327.	[func]		jinmei
	b10-xfrout now supports IXFR.  (Right now there is no user
	configurable parameter about this feature; b10-xfrout will
	always respond to IXFR requests according to RFC1995).
	(Trac #1371 and #1372, git 80c131f5b0763753d199b0fb9b51f10990bcd92b)

326.	[build]*		jinmei
	Added a check script for the SQLite3 schema version.  It will be
	run at the beginning of 'make install', and if it detects an old
	version of schema, installation will stop.  You'll then need to
	upgrade the database file by following the error message.
	(Trac #1404, git a435f3ac50667bcb76dca44b7b5d152f45432b57)

325.	[func]		jinmei
	Python isc.datasrc: added interfaces for difference management:
	DataSourceClient.get_updater() now has the 'journaling' parameter
	to enable storing diffs to the data source, and a new class
	ZoneJournalReader was introduced to retrieve them, which can be
	created by the new DataSourceClient.get_journal_reader() method.
	(Trac #1333, git 3e19362bc1ba7dc67a87768e2b172c48b32417f5,
	git 39def1d39c9543fc485eceaa5d390062edb97676)

324.	[bug]		jinmei
	Fixed reference leak in the isc.log Python module.  Most of all
	BIND 10 Python programs had memory leak (even though the pace of
	leak may be slow) due to this bug.
	(Trac #1359, git 164d651a0e4c1059c71f56b52ea87ac72b7f6c77)

323.	[bug]		jinmei
	b10-xfrout incorrectly skipped adding TSIG RRs to some
	intermediate responses (when TSIG is to be used for the
	responses).  While RFC2845 optionally allows to skip intermediate
	TSIGs (as long as the digest for the skipped part was included
	in a later TSIG), the underlying TSIG API doesn't support this
	mode of signing.
	(Trac #1370, git 76fb414ea5257b639ba58ee336fae9a68998b30d)

322.	[func]		jinmei
	datasrc: Added C++ API for retrieving difference of two versions
	of a zone.  A new ZoneJournalReader class was introduced for this
	purpose, and a corresponding factory method was added to
	DataSourceClient.
	(Trac #1332, git c1138d13b2692fa3a4f2ae1454052c866d24e654)

321.	[func]*		jinmei
	b10-xfrin now installs IXFR differences into the underlying data
	source (if it supports journaling) so that the stored differences
	can be used for subsequent IXFR-out transactions.
	Note: this is a backward incompatibility change for older sqlite3
	database files.  They need to be upgraded to have a "diffs" table.
	(Trac #1376, git 1219d81b49e51adece77dc57b5902fa1c6be1407)

320.	[func]*		vorner
	The --brittle switch was removed from the bind10 executable.
	It didn't work after change #316 (Trac #213) and the same
	effect can be accomplished by declaring all components as core.
	(Trac #1340, git f9224368908dd7ba16875b0d36329cf1161193f0)

319.	[func]		naokikambe
	b10-stats-httpd was updated. In addition of the access to all
	statistics items of all modules, the specified item or the items
	of the specified module name can be accessed.  For example, the
	URI requested by using the feature is showed as
	"/bind10/statistics/xml/Auth" or
	"/bind10/statistics/xml/Auth/queries.tcp". The list of all possible
	module names and all possible item names can be showed in the
	root document, whose URI is "/bind10/statistics/xml".  This change
	is not only for the XML documents but also is for the XSD and
	XSL documents.
	(Trac #917, git b34bf286c064d44746ec0b79e38a6177d01e6956)

318.	[func]		stephen
	Add C++ API for accessing zone difference information in
	database-based data sources.
	(Trac #1330, git 78770f52c7f1e7268d99e8bfa8c61e889813bb33)

317.	[func]		vorner
	datasrc: the getUpdater method of DataSourceClient supports an
	optional 'journaling' parameter to indicate the generated updater
	to store diffs.  The database based derived class implements this
	extension.
	(Trac #1331, git 713160c9bed3d991a00b2ea5e7e3e7714d79625d)

316.	[func]*		vorner
	The configuration of what parts of the system run is more
	flexible now.  Everything that should run must have an
	entry in Boss/components.
	(Trac #213, git 08e1873a3593b4fa06754654d22d99771aa388a6)

315.	[func]		tomek
	libdhcp: Support for DHCPv4 packet manipulation is now implemented.
	All fixed fields are now supported. Generic support for DHCPv4
	options is available (both parsing and assembly). There is no code
	that uses this new functionality yet, so it is not usable directly
	at this time. This code will be used by upcoming b10-dhcp4 daemon.
	(Trac #1228, git 31d5a4f66b18cca838ca1182b9f13034066427a7)

314.	[bug]		jelte
	b10-xfrin would previously initiate incoming transfers upon 
	receiving NOTIFY messages from any address (if the zone was 
	known to b10-xfrin, and using the configured address). It now 
	only starts a transfer if the source address from the NOTIFY 
	packet matches the configured master address and port. This was 
	really already fixed in release bind10-devel-20111014, but there 
	were some deferred cleanups to add.
	(Trac #1298, git 1177bfe30e17a76bea6b6447e14ae9be9e1ca8c2)

313.	[func]		jinmei
	datasrc: Added C++ API for adding zone differences to database
	based data sources.  It's intended to be used for the support for
	IXFR-in and dynamic update (so they can subsequently be retrieved
	for IXFR-out).  The addRecordDiff method of the DatabaseAccessor
	defines the interface, and a concrete implementation for SQLite3
	was provided.
	(Trac #1329, git 1aa233fab1d74dc776899df61181806679d14013)

312.	[func]		jelte
	Added an initial framework for doing system tests using the 
	cucumber-based BDD tool Lettuce. A number of general steps are
	included,  for instance running bind10 with specific
	configurations, sending queries, and inspecting query answers. A
	few very basic tests are included as well.
	(Trac #1290, git 6b75c128bcdcefd85c18ccb6def59e9acedd4437)

311.	[bug]		jelte
	Fixed a bug in bindctl where tab-completion for names that
	contain a hyphen resulted in unexpected behaviour, such as
	appending the already-typed part again.
	(Trac #1345, git f80ab7879cc29f875c40dde6b44e3796ac98d6da)

310.	[bug]		jelte
	Fixed a bug where bindctl could not set a value that is optional
	and has no default, resulting in the error that the setting
	itself was unknown. bindctl now correctly sees the setting and
	is able to set it.
	(Trac #1344, git 0e776c32330aee466073771600390ce74b959b38)

309.	[bug]		jelte
	Fixed a bug in bindctl where the removal of elements from a set
	with default values was not stored, unless the set had been
	modified in another way already.
	(Trac #1343, git 25c802dd1c30580b94345e83eeb6a168ab329a33)

308.	[build]		jelte
	The configure script will now use pkg-config for finding
	information about the Botan library. If pkg-config is unavailable,
	or unaware of Botan, it will fall back to botan-config. It will
	also use botan-config when a specific botan library directory is
	given using the '--with-botan=' flag
	(Trac #1194, git dc491833cf75ac1481ba1475795b0f266545013d)

307.	[func]		vorner
	When zone transfer in fails with IXFR, it is retried with AXFR
	automatically.
	(Trac #1279, git cd3588c9020d0310f949bfd053c4d3a4bd84ef88)

306.	[bug]		stephen
	Boss process now waits for the configuration manager to initialize
	itself before continuing with startup.  This fixes a race condition
	whereby the Boss could start the configuration manager and then
	immediately start components that depended on that component being
	fully initialized.
	(Trac #1271, git 607cbae949553adac7e2a684fa25bda804658f61)

305.	[bug]		jinmei
	Python isc.dns, isc.datasrc, xfrin, xfrout: fixed reference leak
	in Message.get_question(), Message.get_section(),
	RRset.get_rdata(), and DataSourceClient.get_updater().
	The leak caused severe memory leak in b10-xfrin, and (although no
	one reported it) should have caused less visible leak in
	b10-xfrout.  b10-xfrin had its own leak, which was also fixed.
	(Trac #1028, git a72886e643864bb6f86ab47b115a55e0c7f7fcad)

304.	[bug]		jelte
	The run_bind10.sh test script now no longer runs processes from
	an installed version of BIND 10, but will correctly use the
	build tree paths.
	(Trac #1246, git 1d43b46ab58077daaaf5cae3c6aa3e0eb76eb5d8)

303.	[bug]		jinmei
	Changed the installation path for the UNIX domain file used
	for the communication between b10-auth and b10-xfrout to a
	"@PACKAGE@" subdirectory (e.g. from /usr/local/var to
	/usr/local/var/bind10-devel).  This should be transparent change
	because this file is automatically created and cleaned up, but
	if the old file somehow remains, it can now be safely removed.
	(Trac #869, git 96e22f4284307b1d5f15e03837559711bb4f580c)

302.	[bug]		jelte
	msgq no longer crashes if the remote end is closed while msgq
	tries to send data. It will now simply drop the message and close
	the connection itself.
	(Trac #1180, git 6e68b97b050e40e073f736d84b62b3e193dd870a)

301.	[func]		stephen
	Add system test for IXFR over TCP.
	(Trac #1213, git 68ee3818bcbecebf3e6789e81ea79d551a4ff3e8)

300.	[func]*		tomek
	libdhcp: DHCP packet library was implemented. Currently it handles
	packet reception, option parsing, option generation and output
	packet building. Generic and specialized classes for several
	DHCPv6 options (IA_NA, IAADDR, address-list) are available. A
	simple code was added that leverages libdhcp. It is a skeleton
	DHCPv6 server. It receives incoming SOLICIT and REQUEST messages
	and responds with proper ADVERTISE and REPLY. Note that since
	LeaseManager is not implemented, server assigns the same
	hardcoded lease for every client. This change removes existing
	DHCPv6 echo server as it was only a proof of concept code.
	(Trac #1186, git 67ea6de047d4dbd63c25fe7f03f5d5cc2452ad7d)

299.	[build]		jreed
	Do not install the libfake_session, libtestutils, or libbench
	libraries. They are used by tests within the source tree.
	Convert all test-related makefiles to build test code at
	regular make time to better work with test-driven development.
	This reverts some of #1901. (The tests are ran using "make
	check".)
	(Trac #1286, git cee641fd3d12341d6bfce5a6fbd913e3aebc1e8e)

bind10-devel-20111014 released on October 14, 2011

298.	[doc]		jreed
	Shorten README. Include plain text format of the Guide.
	(git d1897d3, git 337198f)

297.	[func]		dvv
	Implement the SPF rrtype according to RFC4408.
	(Trac #1140, git 146934075349f94ee27f23bf9ff01711b94e369e)

296.	[build]		jreed
	Do not install the unittest libraries. At this time, they
	are not useful without source tree (and they may or may
	not have googletest support). Also, convert several makefiles
	to build tests at "check" time and not build time.
	(Trac #1091, git 2adf4a90ad79754d52126e7988769580d20501c3)

295.	[bug]		jinmei
	__init__.py for isc.dns was installed in the wrong directory,
	which would now make xfrin fail to start.  It was also bad
	in that it replaced any existing __init__.py in th public
	site-packages directory.  After applying this fix You may want to
	check if the wrong init file is in the wrong place, in which
	case it should be removed.
	(Trac #1285, git af3b17472694f58b3d6a56d0baf64601b0f6a6a1)

294.	[func]		jelte, jinmei, vorner
	b10-xfrin now supports incoming IXFR.  See BIND 10 Guide for
	how to configure it and operational notes.
	(Trac #1212, multiple git merges)

293.	[func]*		tomek
	b10-dhcp6: Implemented DHCPv6 echo server. It joins DHCPv6
	multicast groups and listens to incoming DHCPv6 client messages.
	Received messages are then echoed back to clients. This
	functionality is limited, but it can be used to test out client
	resiliency to unexpected messages. Note that network interface
	detection routines are not implemented yet, so interface name
	and its address must be specified in interfaces.txt.
	(Trac #878, git 3b1a604abf5709bfda7271fa94213f7d823de69d)

292.	[func]		dvv
	Implement the DLV rrtype according to RFC4431.
	(Trac #1144, git d267c0511a07c41cd92e3b0b9ee9bf693743a7cf)

291.	[func]		naokikambe
	Statistics items are specified by each module's spec file.
	Stats module can read these through the config manager. Stats
	module and stats httpd report statistics data and statistics
	schema by each module via both bindctl and HTTP/XML.
	(Trac #928,#929,#930,#1175,
	git 054699635affd9c9ecbe7a108d880829f3ba229e)

290.	[func]		jinmei
	libdns++/pydnspp: added an option parameter to the "from wire"
	methods of the Message class.  One option is defined,
	PRESERVE_ORDER, which specifies the parser to handle each RR
	separately, preserving the order, and constructs RRsets in the
	message sections so that each RRset contains only one RR.
	(Trac #1258, git c874cb056e2a5e656165f3c160e1b34ccfe8b302)

289.	[func]*		jinmei
	b10-xfrout: ACLs for xfrout can now be configured per zone basis.
	A per zone ACL is part of a more general zone configuration.  A
	quick example for configuring an ACL for zone "example.com" that
	rejects any transfer request for that zone is as follows:
	> config add Xfrout/zone_config
	> config set Xfrout/zone_config[0]/origin "example.com"
	> config add Xfrout/zone_config[0]/transfer_acl
	> config set Xfrout/zone_config[0]/transfer_acl[0] {"action": "REJECT"}
	The previous global ACL (query_acl) was renamed to transfer_acl,
	which now works as the default ACL.  Note: backward compatibility
	is not provided, so an existing configuration using query_acl
	needs to be updated by hand.
	Note: the per zone configuration framework is a temporary
	workaround.  It will eventually be redesigned as a system wide
	configuration.
	(Trac #1165, git 698176eccd5d55759fe9448b2c249717c932ac31)

288.	[bug]		stephen
	Fixed problem whereby the order in which component files appeared in
	rdataclass.cc was system dependent, leading to problems on some
	systems where data types were used before the header file in which
	they were declared was included.
	(Trac #1202, git 4a605525cda67bea8c43ca8b3eae6e6749797450)

287.	[bug]*		jinmei
	Python script files for log messages (xxx_messages.py) should have
	been installed under the "isc" package.  This fix itself should
	be a transparent change without affecting existing configurations
	or other operational practices, but you may want to clean up the
	python files from the common directly (such as "site-packages").
	(Trac #1101, git 0eb576518f81c3758c7dbaa2522bd8302b1836b3)

286.	[func]		ocean
	libdns++: Implement the HINFO rrtype support according to RFC1034,
	and RFC1035.
	(Trac #1112, git 12d62d54d33fbb1572a1aa3089b0d547d02924aa)

285.	[bug]		jelte
	sqlite3 data source: fixed a race condition on initial startup,
	when the database has not been initialized yet, and multiple
	processes are trying to do so, resulting in one of them failing.
	(Trac #326, git 5de6f9658f745e05361242042afd518b444d7466)

284.	[bug]		jerry
	b10-zonemgr: zonemgr will not terminate on empty zones, it will
	log a warning and try to do zone transfer for them.
	(Trac #1153, git 0a39659638fc68f60b95b102968d7d0ad75443ea)

283.	[bug]		zhanglikun
	Make stats and boss processes wait for answer messages from each
	other in block mode to avoid orphan answer messages, add an internal
	command "getstats" to boss process for getting statistics data from
	boss.
	(Trac #519, git 67d8e93028e014f644868fede3570abb28e5fb43)

282.	[func]		ocean
	libdns++: Implement the NAPTR rrtype according to RFC2915,
	RFC2168 and RFC3403.
	(Trac #1130, git 01d8d0f13289ecdf9996d6d5d26ac0d43e30549c)

bind10-devel-20110819 released on August 19, 2011

281.	[func]		jelte
	Added a new type for configuration data: "named set". This allows for
	similar configuration as the current "list" type, but with strings
	instead of indices as identifiers. The intended use is for instance
	/foo/zones/example.org/bar instead of /foo/zones[2]/bar. Currently
	this new type is not in use yet.
	(Trac #926, git 06aeefc4787c82db7f5443651f099c5af47bd4d6)

280.	[func]		jerry
	libdns++: Implement the MINFO rrtype according to RFC1035.
	(Trac #1113, git 7a9a19d6431df02d48a7bc9de44f08d9450d3a37)

279.	[func]		jerry
	libdns++: Implement the AFSDB rrtype according to RFC1183.
	(Trac #1114, git ce052cd92cd128ea3db5a8f154bd151956c2920c)

278.	[doc]		jelte
	Add logging configuration documentation to the guide.
	(Trac #1011, git 2cc500af0929c1f268aeb6f8480bc428af70f4c4)

277.	[func]		jerry
	libdns++: Implement the SRV rrtype according to RFC2782.
	(Trac #1128, git 5fd94aa027828c50e63ae1073d9d6708e0a9c223)

276.	[func]		stephen
	Although the top-level loggers are named after the program (e.g.
	b10-auth, b10-resolver), allow the logger configuration to omit the
	"b10-" prefix and use just the module name.
	(Trac #1003, git a01cd4ac5a68a1749593600c0f338620511cae2d)

275.	[func]		jinmei
	Added support for TSIG key matching in ACLs.  The xfrout ACL can
	now refer to TSIG key names using the "key" attribute.  For
	example, the following specifies an ACL that allows zone transfer
	if and only if the request is signed with a TSIG of a key name
	"key.example":
	> config set Xfrout/query_acl[0] {"action": "ACCEPT", \
	                                  "key": "key.example"}
	(Trac #1104, git 9b2e89cabb6191db86f88ee717f7abc4171fa979)

274.	[bug]		naokikambe
	add unittests for functions xml_handler, xsd_handler and xsl_handler
	respectively to make sure their behaviors are correct, regardless of
	whether type which xml.etree.ElementTree.tostring() after Python3.2
	returns is str or byte.
	(Trac #1021, git 486bf91e0ecc5fbecfe637e1e75ebe373d42509b)

273.	[func]		vorner
	It is possible to specify ACL for the xfrout module. It is in the ACL
	configuration key and has the usual ACL syntax. It currently supports
	only the source address. Default ACL accepts everything.
	(Trac #772, git 50070c824270d5da1db0b716db73b726d458e9f7)

272.	[func]		jinmei
	libdns++/pydnspp: TSIG signing now handles truncated DNS messages
	(i.e. with TC bit on) with TSIG correctly.
	(Trac #910, 8e00f359e81c3cb03c5075710ead0f87f87e3220)

271.	[func]		stephen
	Default logging for unit tests changed to severity DEBUG (level 99)
	with the output routed to /dev/null.  This can be altered by setting
	the B10_LOGGER_XXX environment variables.
	(Trac #1024, git 72a0beb8dfe85b303f546d09986461886fe7a3d8)

270.	[func]		jinmei
	Added python bindings for ACLs using the DNS request as the
	context.  They are accessible via the isc.acl.dns module.
	(Trac #983, git c24553e21fe01121a42e2136d0a1230d75812b27)

269.	[bug]		y-aharen
	Modified IntervalTimerTest not to rely on the accuracy of the timer.
	This fix addresses occasional failure of build tests.
	(Trac #1016, git 090c4c5abac33b2b28d7bdcf3039005a014f9c5b)

268.	[func]		stephen
	Add environment variable to allow redirection of logging output during
	unit tests.
	(Trac #1071, git 05164f9d61006869233b498d248486b4307ea8b6)

bind10-devel-20110705 released on July 05, 2011

267.	[func]		tomek
	Added a dummy module for DHCP6. This module does not actually
	do anything at this point, and BIND 10 has no option for
	starting it yet. It is included as a base for further
	development.
	(Trac #990, git 4a590df96a1b1d373e87f1f56edaceccb95f267d)

266.	[func]		Multiple developers
        Convert various error messages, debugging and other output
        to the new logging interface, including for b10-resolver,
        the resolver library, the CC library, b10-auth, b10-cfgmgr,
        b10-xfrin, and b10-xfrout. This includes a lot of new
        documentation describing the new log messages.
        (Trac #738, #739, #742, #746, #759, #761, #762)

265.	[func]*		jinmei
	b10-resolver: Introduced ACL on incoming queries.  By default the
	resolver accepts queries from ::1 and 127.0.0.1 and rejects all
	others.  The ACL can be configured with bindctl via the
	"Resolver/query_acl" parameter.  For example, to accept queries
	from 192.0.2.0/24 (in addition to the default list), do this:
	> config add Resolver/query_acl
	> config set Resolver/query_acl[2]/action "ACCEPT"
	> config set Resolver/query_acl[2]/from "192.0.2.0/24"
	> config commit
	(Trac #999, git e0744372924442ec75809d3964e917680c57a2ce,
	also based on other ACL related work done by stephen and vorner)

264.	[bug]		jerry
	b10-xfrout: fixed a busy loop in its notify-out subthread.  Due to
	the loop, the thread previously woke up every 0.5 seconds throughout
	most of the lifetime of b10-xfrout, wasting the corresponding CPU
	time.
	(Trac #1001, git fb993ba8c52dca4a3a261e319ed095e5af8db15a)

263.	[func]		jelte
	Logging configuration can now also accept a * as a first-level
	name (e.g. '*', or '*.cache'), indicating that every module
	should use that configuration, unless overridden by an explicit
	logging configuration for that module
	(Trac #1004, git 0fad7d4a8557741f953eda9fed1d351a3d9dc5ef)

262.	[func]		stephen
	Add some initial documentation about the logging framework.
	Provide BIND 10 Messages Manual in HTML and DocBook? XML formats.
	This provides all the log message descriptions in a single document.
	A developer tool, tools/system_messages.py (available in git repo),
	was written to generate this.
	(Trac #1012, git 502100d7b9cd9d2300e78826a3bddd024ef38a74)

261.	[func]		stephen
	Add new-style logging messages to b10-auth.
	(Trac #738, git c021505a1a0d6ecb15a8fd1592b94baff6d115f4)

260.	[func]		stephen
	Remove comma between message identification and the message
	text in the new-style logging messages.
	(Trac #1031, git 1c7930a7ba19706d388e4f8dcf2a55a886b74cd2)

259.	[bug]		stephen
	Logging now correctly initialized in b10-auth.  Also, fixed
	bug whereby querying for "version.bind txt ch" would cause
	b10-auth to crash if BIND 10 was started with the "-v" switch.
	(Trac #1022,#1023, git 926a65fa08617be677a93e9e388df0f229b01067)

258.	[build]		jelte
	Now builds and runs with Python 3.2
	(Trac #710, git dae1d2e24f993e1eef9ab429326652f40a006dfb)

257.	[bug]		y-aharen
	Fixed a bug an instance of IntervalTimerImpl may be destructed 
	while deadline_timer is holding the handler. This fix addresses
	occasional failure of IntervalTimerTest.destructIntervalTimer.
	(Trac #957, git e59c215e14b5718f62699ec32514453b983ff603)

256.	[bug]		jerry
	src/bin/xfrin: update xfrin to check TSIG before other part of
	incoming message.
	(Trac #955, git 261450e93af0b0406178e9ef121f81e721e0855c)

255.	[func]		zhang likun
	src/lib/cache:  remove empty code in lib/cache and the corresponding
	suppression rule in	src/cppcheck-suppress.lst.
	(Trac #639, git 4f714bac4547d0a025afd314c309ca5cb603e212)

254.	[bug]		jinmei
	b10-xfrout: failed to send notifies over IPv6 correctly.
	(Trac #964, git 3255c92714737bb461fb67012376788530f16e40)

253.	[func]		jelte
	Add configuration options for logging through the virtual module
	Logging.
	(Trac #736, git 9fa2a95177265905408c51d13c96e752b14a0824)

252.	[func]		stephen
	Add syslog as destination for logging.
	(Trac #976, git 31a30f5485859fd3df2839fc309d836e3206546e)

251.	[bug]*		jinmei
	Make sure bindctl private files are non readable to anyone except
	the owner or users in the same group.  Note that if BIND 10 is run
	with changing the user, this change means that the file owner or
	group will have to be adjusted.  Also note that this change is
	only effective for a fresh install; if these files already exist,
	their permissions must be adjusted by hand (if necessary).
	(Trac #870, git 461fc3cb6ebabc9f3fa5213749956467a14ebfd4)

250.	[bug]		ocean
	src/lib/util/encode, in some conditions, the DecodeNormalizer's
	iterator may reach the end() and when later being dereferenced
	it will cause crash on some platform.
	(Trac #838, git 83e33ec80c0c6485d8b116b13045b3488071770f)

249.	[func]		jerry
	xfrout: add support for TSIG verification.
	(Trac #816, git 3b2040e2af2f8139c1c319a2cbc429035d93f217)

248.	[func]		stephen
	Add file and stderr as destinations for logging.
	(Trac #555, git 38b3546867425bd64dbc5920111a843a3330646b)

247.	[func]		jelte
	Upstream queries from the resolver now set EDNS0 buffer size.
	(Trac #834, git 48e10c2530fe52c9bde6197db07674a851aa0f5d)

246.	[func]		stephen
	Implement logging using log4cplus (http://log4cplus.sourceforge.net)
	(Trac #899, git 31d3f525dc01638aecae460cb4bc2040c9e4df10)

245.	[func]		vorner
	Authoritative server can now sign the answers using TSIG
	(configured in tsig_keys/keys, list of strings like
	"name:<base64-secret>:sha1-hmac"). It doesn't use them for
	ACL yet, only verifies them and signs if the request is signed.
	(Trac #875, git fe5e7003544e4e8f18efa7b466a65f336d8c8e4d)

244.	[func]		stephen
	In unit tests, allow the choice of whether unhandled exceptions are
	caught in the unit test program (and details printed) or allowed to
	propagate to the default exception handler.  See the bind10-dev thread
	https://lists.isc.org/pipermail/bind10-dev/2011-January/001867.html
	for more details.
	(Trac #542, git 1aa773d84cd6431aa1483eb34a7f4204949a610f)

243.	[func]*		feng
	Add optional hmac algorithm SHA224/384/512.
	(Trac #782, git 77d792c9d7c1a3f95d3e6a8b721ac79002cd7db1)

bind10-devel-20110519 released on May 19, 2011

242.	[func]		jinmei
	xfrin: added support for TSIG verify.  This change completes TSIG
	support in b10-xfrin.
	(Trac #914, git 78502c021478d97672232015b7df06a7d52e531b)

241.	[func]		jinmei
	pydnspp: added python extension for the TSIG API introduced in
	change 235.
	(Trac #905, git 081891b38f05f9a186814ab7d1cd5c572b8f777f)
	(Trac #915, git 0555ab65d0e43d03b2d40c95d833dd050eea6c23)

240.	[func]*		jelte
	Updated configuration options to Xfrin, so that you can specify
	a master address, port, and TSIG key per zone. Still only one per
	zone at this point, and TSIG keys are (currently) only specified
	by their full string representation. This replaces the
	Xfrin/master_addr, Xfrin/master_port, and short-lived
	Xfrin/tsig_key configurations with a Xfrin/zones list.
	(Trac #811, git 88504d121c5e08fff947b92e698a54d24d14c375)

239.	[bug]		jerry
	src/bin/xfrout: If a zone doesn't have notify slaves (only has
	one apex ns record - the primary master name server) will cause
	b10-xfrout uses 100% of CPU.
	(Trac #684, git d11b5e89203a5340d4e5ca51c4c02db17c33dc1f)

238.	[func]		zhang likun
	Implement the simplest forwarder, which pass everything through
	except QID, port number. The response will not be cached.
	(Trac #598_new, git 8e28187a582820857ef2dae9b13637a3881f13ba)

237.	[bug]		naokikambe
	Resolved that the stats module wasn't configurable in bindctl in
	spite of its having configuration items. The configuration part
	was removed from the original spec file "stats.spec" and was
	placed in a new spec file "stats-schema.spec". Because it means
	definitions of statistics items. The command part is still
	there. Thus stats module currently has no its own configuration,
	and the items in "stats-schema.spec" are neither visible nor
	configurable through bindctl. "stats-schema.spec" is shared with
	stats module and stats-httpd module, and maybe with other
	statistical modules in future. "stats.spec" has own configuration
	and commands of stats module, if it requires.
	(Trac #719, git a234b20dc6617392deb8a1e00eb0eed0ff353c0a)

236.	[func]		jelte
	C++ client side of configuration now uses BIND10 logging system.
	It also has improved error handling when communicating with the
	rest of the system.
	(Trac #743, git 86632c12308c3ed099d75eb828f740c526dd7ec0)

235.	[func]		jinmei
	libdns++: added support for TSIG signing and verification.  It can
	be done using a newly introduced TSIGContext class.
	Note: we temporarily disabled support for truncated signature
	and modified some part of the code introduced in #226 accordingly.
	We plan to fix this pretty soon.
	(Trac #812, git ebe0c4b1e66d359227bdd1bd47395fee7b957f14)
	(Trac #871, git 7c54055c0e47c7a0e36fcfab4b47ff180c0ca8c8)
	(Trac #813, git ffa2f0672084c1f16e5784cdcdd55822f119feaa)
	(Trac #893, git 5aaa6c0f628ed7c2093ecdbac93a2c8cf6c94349)

234.	[func]		jerry
	src/bin/xfrin: update xfrin to use TSIG. Currently it only supports
	sending a signed TSIG request or SOA request.
	(Trac #815, git a892818fb13a1839c82104523cb6cb359c970e88)

233.	[func]		stephen
	Added new-style logging statements to the NSAS code.
	(Trac #745, git ceef68cd1223ae14d8412adbe18af2812ade8c2d)

232.	[func]		stephen
	To facilitate the writing of extended descriptions in
	message files, altered the message file format.  The message
	is now flagged with a "%" as the first non-blank character
	in the line and the lines in the extended description are
	no longer preceded by a "+".
	(Trac #900, git b395258c708b49a5da8d0cffcb48d83294354ba3)

231.	[func]*		vorner
    The logging interface changed slightly. We use
	logger.foo(MESSAGE_ID).arg(bar); instead of logger.foo(MESSAGE_ID,
	bar); internally. The message definitions use '%1,%2,...'
	instead of '%s,%d', which allows us to cope better with
	mismatched placeholders and allows reordering of them in
	case of translation.
	(Trac #901, git 4903410e45670b30d7283f5d69dc28c2069237d6)

230.	[bug]		naokikambe
	Removed too repeated verbose messages in two cases of:
	 - when auth sends statistics data to stats
	 - when stats receives statistics data from other modules
	(Trac #620, git 0ecb807011196eac01f281d40bc7c9d44565b364)

229.	[doc]		jreed
	Add manual page for b10-host.
	(git a437d4e26b81bb07181ff35a625c540703eee845)

228.	[func]*		jreed
	The host tool is renamed to b10-host. While the utility is
	a work in progress, it is expected to now be shipped with
	tarballs. Its initial goal was to be a host(1) clone,
	rewritten in C++ from scratch and using BIND 10's libdns++.
	It now supports the -a (any), -c class, -d (verbose) switches
	and has improved output.
	(Trac #872, git d846851699d5c76937533adf9ff9d948dfd593ca)

227.	[build]		jreed
	Add missing libdns++ rdata files for the distribution (this
	fixes distcheck error). Change three generated libdns++
	headers to "nodist" so they aren't included in the distribution
	(they were mistakenly included in last tarball).

226.	[func]*		jelte
	Introduced an API for cryptographic operations. Currently it only
	supports HMAC, intended for use with TSIG. The current
	implementation uses Botan as the backend library.
	This introduces a new dependency, on Botan.  Currently only Botan
	1.8.x works; older or newer versions don't.
	(Trac #781, git 9df42279a47eb617f586144dce8cce680598558a)

225.	[func]		naokikambe
	Added the HTTP/XML interface (b10-stats-httpd) to the
	statistics feature in BIND 10. b10-stats-httpd is a standalone
	HTTP server and it requests statistics data to the stats
	daemon (b10-stats) and sends it to HTTP clients in XML
	format. Items of the data collected via b10-stats-httpd
	are almost equivalent to ones which are collected via
	bindctl. Since it also can send XSL (Extensible Stylesheet
	Language) document and XSD (XML Schema definition) document,
	XML document is human-friendly to view through web browsers
	and its data types are strictly defined.
	(Trac #547, git 1cbd51919237a6e65983be46e4f5a63d1877b1d3)

224.	[bug]		jinmei
	b10-auth, src/lib/datasrc: inconsistency between the hot spot
	cache and actual data source could cause a crash while query
	processing.  The crash could happen, e.g., when an sqlite3 DB file
	is being updated after a zone transfer while b10-auth handles a
	query using the corresponding sqlite3 data source.
	(Trac #851, git 2463b96680bb3e9a76e50c38a4d7f1d38d810643)

223.	[bug]		feng
	If ip address or port isn't usable for name server, name
	server process won't exist and give end user chance to
	reconfigure them.
	(Trac #775, git 572ac2cf62e18f7eb69d670b890e2a3443bfd6e7)

222.	[bug]*		jerry
	src/lib/zonemgr: Fix a bug that xfrin not checking for new
	copy of zone on startup.  Imposes some random jitters to
	avoid many zones need to do refresh at the same time. This
	removed the Zonemgr/jitter_scope setting and introduced
	Zonemgr/refresh_jitter and Zonemgr/reload_jitter.
	(Trac #387, git 1241ddcffa16285d0a7bb01d6a8526e19fbb70cb)

221.	[func]*		jerry
	src/lib/util: Create C++ utility library.
	(Trac #749, git 084d1285d038d31067f8cdbb058d626acf03566d)

220.	[func]		stephen
	Added the 'badpacket' program for testing; it sends a set of
	(potentially) bad packets to a nameserver and prints the responses.
	(Trac #703, git 1b666838b6c0fe265522b30971e878d9f0d21fde)

219.	[func]		ocean
	src/lib: move some dns related code out of asiolink library to
	asiodns library
	(Trac #751, git 262ac6c6fc61224d54705ed4c700dadb606fcb1c)

218.	[func]		jinmei
	src/lib/dns: added support for RP RDATA.
	(Trac #806, git 4e47d5f6b692c63c907af6681a75024450884a88)

217.	[bug]		jerry
	src/lib/dns/python: Use a signed version of larger size of
	integer and perform more strict range checks with
	PyArg_ParseTuple() in case of overflows.
	(Trac #363, git ce281e646be9f0f273229d94ccd75bf7e08d17cf)

216.	[func]		vorner
	The BIND10_XFROUT_SOCKET_FILE environment variable can be
	used to specify which socket should be used for communication
	between b10-auth and b10-xfrout. Mostly for testing reasons.
	(Trac #615, git 28b01ad5bf72472c824a7b8fc4a8dc394e22e462)

215.	[func]		vorner
	A new process, b10-sockcreator, is added, which will create
	sockets for the rest of the system.  It is the only part
	which will need to keep the root privileges. However, only
	the process exists, nothing can talk to it yet.
	(Trac #366, git b509cbb77d31e388df68dfe52709d6edef93df3f)

214.	[func]*		vorner
	Zone manager no longer thinks it is secondary master for
	all zones in the database. They are listed in
	Zonemgr/secondary_zones configuration variable (in the form
	[{"name": "example.com", "class": "IN"}]).
	(Trac #670, git 7c1e4d5e1e28e556b1d10a8df8d9486971a3f052)

213.	[bug]		naokikambe
	Solved incorrect datetime of "bind10.boot_time" and also
	added a new command "sendstats" for Bob. This command is
	to send statistics data to the stats daemon immediately.
	The solved problem is that statistics data doesn't surely
	reach to the daemon because Bob sent statistics data to
	the daemon while it is starting. So the daemon invokes the
	command for Bob after it starts up. This command is also
	useful for resending statistics data via bindctl manually.
	(Trac #521, git 1c269cbdc76f5dc2baeb43387c4d7ccc6dc863d2)

212.	[bug]		naokikambe
	Fixed that the ModuleCCSession object may group_unsubscribe in the
	closed CC session in being deleted.
	(Trac #698, git 0355bddc92f6df66ef50b920edd6ec3b27920d61)

211.	[func]		shane
	Implement "--brittle" option, which causes the server to exit
	if any of BIND 10's processes dies.
	(Trac #788, git 88c0d241fe05e5ea91b10f046f307177cc2f5bc5)

210.	[bug]		jerry
	src/bin/auth: fixed a bug where type ANY queries don't provide
	additional glue records for ANSWER section.
	(Trac #699, git 510924ebc57def8085cc0e5413deda990b2abeee)

bind10-devel-20110322 released on March 22, 2011

209.	[func]		jelte
	Resolver now uses the NSAS when looking for a nameserver to
	query for any specific zone. This also includes keeping track of
	the RTT for that nameserver.
	(Trac #495, git 76022a7e9f3ff339f0f9f10049aa85e5784d72c5)

208.	[bug]*		jelte
	Resolver now answers REFUSED on queries that are not for class IN.
	This includes the various CH TXT queries, which will be added
	later.
	(git 012f9e78dc611c72ea213f9bd6743172e1a2ca20)

207.	[func]		jelte
	Resolver now starts listening on localhost:53 if no configuration
	is set.
	(Trac #471, git 1960b5becbba05570b9c7adf5129e64338659f07)

206.	[func]		shane
	Add the ability to list the running BIND 10 processes using the
	command channel. To try this, use "Boss show_processes".