13513N/A 657. [bug] When a listen-on statement in an lwres block does not
13513N/A specifiy a port, use 921, not 53. Also update the
10656N/A listen-on documentation. [RT #616]
10656N/A 656. [func] Treat an unescaped newline in a quoted string as
10656N/A an error. This means that TXT records with missing
10656N/A close quotes should have meaningful errors printed.
15153N/A 655. [bug] Improve error reporting on unexpected eof when loading
10656N/A 654. [bug] Origin was being forgotten in TCP retries in dig.
10656N/A 653. [bug] +defname option in dig was reversed in sense.
13525N/A 652. [bug] zone_saveunique() did not report the new name.
15153N/A 651. [func] The AD bit in responses now has the meaning
15153N/A specified in <draft-ietf-dnsext-ad-is-secure>.
15153N/A 650. [bug] SIG(0) records were being generated and verified
13525N/A 649. [bug] It was possible to join to an already running fctx
13525N/A after it had "cloned" its events, but before it sent
13525N/A them. In this case, the event of the newly joined
13525N/A fetch would not contain the answer, and would
13525N/A trigger the INSIST() in fctx_sendevents(). In
13525N/A BIND 9.0, this bug did not trigger an INSIST(), but
13525N/A caused the fetch to fail with a SERVFAIL result.
16320N/A 648. [port] Add support for pre-RFC2133 IPv6 implementations.
16320N/A 647. [bug] Resolver queries sent after following multiple
16320N/A referrals had excessively long retransmission
16320N/A timeouts due to incorrectly counting the referrals
16320N/A didn't _cleanly_ fix the problem it was trying to fix.
16320N/A 644. [bug] #622 needed more work. [RT #562]
13525N/A 643. [bug] xfrin error messages made more verbose, added class
15153N/A 642. [bug] Break the exit_check() race in the zone module.
13525N/A 641. [bug] $GENERATE caused a uninitialized link to be used.
15153N/A 640. [bug] Memory leak in error path could cause
15153N/A "mpctx->allocated == 0" failure. [RT #584]
15153N/A 639. [bug] Reading entropy from the keyboard would sometimes fail.
15153N/A to get a prototype for time() when pthreads was not
15258N/A 637. [port] Use isc_u?int64_t instead of (unsigned) long long in
15258N/A be compiled even if the platform does not need it.
13525N/A 636. [port] Shut up MSVC++ about a possible loss of precision
13525N/A in the ISC__BUFFER_PUTUINT*() macros. [RT #592]
15153N/A 635. [bug] Reloading a server with a configured blackhole list
13525N/A would cause an assertion. [RT #590]
13525N/A 634. [bug] A log file will completely stop being written when
15258N/A it reaches the maximum size in all cases, not just
15153N/A when versioning is also enabled. [RT #570]
13525N/A 633. [port] Cope with rlim_t missing on
BSD/OS systems. [RT #575]
15258N/A 632. [bug] The index array of the journal file was
15153N/A corrupted as it was written to disk.
13525N/A 631. [port] Build without thread support on systems without
15258N/A 630. [bug] Locking failure in zone code. [RT #582]
15258N/A 629. [bug] 9.1.0b1 dereferenced a null pointer and crashed
15258N/A when responding to a UDP IXFR request.
10656N/A 628. [bug] If the root hints contained only AAAA addresses,
16320N/A named would be unable to perform resolution.
16320N/A 627. [bug] The EDNS0 blackhole detection code of change 324
16320N/A waited for three retransmissions to each server,
16320N/A which takes much too long when a domain has many
16320N/A name servers and all of them drop EDNS0 queries.
16320N/A Now we retry without EDNS0 after three consecutive
16320N/A timeouts, even if they are all from different
16320N/A 626. [bug] The lightweight resolver daemon no longer crashes
15522N/A when asked for a SIG rrset. [RT #558]
15522N/A 625. [func] Zones now inherit their class from the enclosing view.
16320N/A 624. [bug] The zone object could get timer events after it had
16320N/A been destroyed, causing a server crash. [RT #571]
16320N/A 623. [func] Added "named-checkconf" and "named-checkzone" program
16320N/A 622. [bug] A canceled request could be destroyed before
16320N/A dns_request_destroy() was called. [RT #562]
16320N/A 621. [port] Disable IPv6 at runtime if IPv6 sockets are unusable.
16320N/A This mostly affects Red Hat Linux 7.0, which has
16320N/A conflicts between libc and the kernel.
16320N/A 620. [bug] dns_master_load*inc() now require 'task' and 'load'
16320N/A to be non-null. Also 'done' will not be called if
16320N/A dns_master_load*inc() fails immediately. [RT #565]
16320N/A 618. [bug] Queries to a signed zone could sometimes cause
16320N/A 617. [bug] When using dynamic update to add a new RR to an
16320N/A existing RRset with a different TTL, the journal
16320N/A entries generated from the update did not include
16320N/A explicit deletions and re-additions of the existing
16320N/A RRs to update their TTL to the new value.
16320N/A 616. [func] dnssec-signzone -t output now includes performance
16320N/A 615. [bug] dnssec-signzone did not like child keysets signed
16320N/A 614. [bug] Checks for uninitialized link fields were prone
16320N/A to false positives, causing assertion failures.
16320N/A The checks are now disabled by default and may
16320N/A be re-enabled by defining ISC_LIST_CHECKINIT.
16320N/A 613. [bug] "rndc reload zone" now reloads primary zones.
16320N/A It previously only updated slave and stub zones,
16320N/A if an SOA query indicated an out of date serial.
16320N/A 612. [cleanup] Shutup a ridiculously noisy HP-UX compiler that
16320N/A complains relentlessly about how its treatment
16320N/A of 'const' has changed as well as how casting
16320N/A sometimes tightens alignment constraints.
16320N/A 611. [func] allow-notify can be used to permit processing of
16320N/A notify messages from hosts other than a slave's
16320N/A 610. [func] rndc dumpdb is now supported.
16320N/A 609. [bug] getrrsetbyname() would crash lwresd if the server
16320N/A found more SIGs than answers. [RT #554]
16320N/A 608. [func] dnssec-signzone now adds a comment to the zone
16320N/A with the time the file was signed.
16320N/A 607. [bug] nsupdate would fail if it encountered a CNAME or
16320N/A DNAME in a response to an SOA query. [RT #515]
16320N/A 606. [bug] Compiling with --disable-threads failed due
16320N/A to isc_thread_self() being incorrectly defined
16320N/A as an integer rather than a function.
16320N/A 605. [func] New function isc_lex_getlasttokentext().
16320N/A numbers when long comments were present.
16320N/A 603. [bug] Make dig handle multiple types or classes on the same
16320N/A 602. [func] Cope automatically with UnixWare's broken
16320N/A IN6_IS_ADDR_* macros. [RT #539]
16320N/A 601. [func] Return a non-zero exit code if an update fails
16320N/A 600. [bug] Reverse lookups sometimes failed in dig, etc...
16320N/A 599. [func] Added four new functions to the libisc log API to
16320N/A support i18n messages. isc_log_iwrite(),
16320N/A isc_log_ivwrite(), isc_log_iwrite1() and
16320N/A 598. [bug] An update-policy statement would cause the server
16320N/A to assert while loading. [RT #536]
16320N/A 597. [func] dnssec-signzone is now multithreaded.
16320N/A 596. [bug] DNS_RDATASLAB_FORCE and DNS_RDATASLAB_EXACT are
16320N/A 595. [port] On Linux 2.2, socket() returns EINVAL when it
16320N/A should return EAFNOSUPPORT. Work around this.
16320N/A 594. [func] sdb drivers are now assumed to not be thread-safe
16320N/A unless the DNS_SDBFLAG_THREADSAFE flag is supplied.
16320N/A 593. [bug] If a secure zone was missing all its NXTs and
16320N/A a dynamic update was attempted, the server entered
16320N/A 592. [bug] The sig-validity-interval option now specifies a
16320N/A number of days, not seconds. This matches the
16320N/A 591. [bug] Work around non-reentrancy in openssl by disabling
16320N/A 590. [doc] There are now man pages for the lwres library in
16320N/A 589. [bug] The server could deadlock if a zone was updated
16320N/A 588. [bug] ctx->in_use was not being correctly initalised when
16320N/A when pushing a file for $INCLUDE. [RT #523]
16320N/A 587. [func] A warning is now printed if the "allow-update"
16320N/A option allows updates based on the source IP
16320N/A address, to alert users to the fact that this
16320N/A is insecure and becoming increasingly so as
16320N/A servers capable of update forwarding are being
16320N/A 586. [bug] multiple views with the same name were fatal. [RT #516]
16320N/A 585. [func] dns_db_addrdataset() and and dns_rdataslab_merge()
16320N/A now support 'exact' additions in a similar manner to
16320N/A dns_db_subtractrdataset() and dns_rdataslab_subtract().
16320N/A 584. [func] You can now say 'notify explicit'; to suppress
16320N/A notification of the servers listed in NS records
16320N/A and notify only those servers listed in the
16320N/A 583. [func] "rndc querylog" will now toggle logging of
16320N/A queries, like "ndc querylog" in BIND 8.
16320N/A 582. [bug] dns_zone_idetach() failed to lock the zone.
16320N/A 581. [bug] log severity was not being correctly processed.
16320N/A 580. [func] Ignore trailing garbage on incoming DNS packets,
16320N/A for interoperability with broken server
16320N/A 579. [bug] nsupdate did not take a filename to read update from.
16320N/A 578. [func] New config option "notify-source", to specify the
16320N/A source address for notify messages.
16320N/A 577. [func] Log illegal RDATA combinations.
e.g. multiple
16320N/A singlton types, cname and other data.
16320N/A 576. [doc] isc_log_create() description did not match reality.
16320N/A 575. [bug] isc_log_create() was not setting internal state
16320N/A correctly to reflect the default channels created.
16320N/A 574. [bug] TSIG signed queries sent by the resolver would fail to
16320N/A have their responses validated and would leak memory.
16320N/A 573. [bug] The journal files of IXFRed slave zones were
16320N/A inadvertantly discarded on server reload, causing
16320N/A "journal out of sync with zone" errors on subsequent
16320N/A 572. [bug] Quoted strings were not accepted as key names in
16320N/A 571. [bug] It was possible to create an rdataset of singleton
16320N/A type which had more than one rdata. [RT #154]
16320N/A both a CNAME and "other data". [RT #154]
16320N/A 569. [func] The DNSSEC AD bit will not be set on queries which
16320N/A have not requested a DNSSEC response.
16320N/A 567. [bug] Setting the zone transfer timeout to zero caused an
16320N/A 566. [func] New public function dns_timer_setidle().
16320N/A 565. [func] Log queries more like BIND 8: query logging is now
16320N/A done to category "queries", level "info". [RT #169]
16320N/A 564. [func] Add sortlist support to lwresd.
16320N/A 563. [func] New public functions dns_rdatatype_format() and
16320N/A dns_rdataclass_format(), for convenient formatting
16320N/A 561. [func] The 'datasize', 'stacksize', 'coresize' and 'files'
16320N/A clauses of the options{} statement are now implemented.
16320N/A 560. [bug] dns_name_split did not properly the resulting prefix
16320N/A when a maximal length bitstring label was split which
16320N/A was preceded by another bitstring label. [RT #429]
16320N/A 559. [bug] dns_name_split did not properly create the suffix
16320N/A when splitting within a maximal length bitstring label.
16320N/A 558. [func] New functions, isc_resource_getlimit and
16320N/A 557. [func] Symbolic constants for libisc integral types.
16320N/A 556. [func] The DNSSEC OK bit in the EDNS extended flags
16320N/A is now implemented. Responses to queries without
16320N/A this bit set will not contain any DNSSEC records.
16320N/A 555. [bug] A slave server attempting a zone transfer could
16320N/A crash with an assertion failure on certain
16320N/A malformed responses from the master. [RT #457]
16320N/A 554. [bug] In some cases, not all of the dnssec tools were
16320N/A 553. [bug] Incoming zone transfers deferred due to quota
16320N/A were not started when quota was increased but
16320N/A only when a transfer in progress finished. [RT #456]
16320N/A 552. [bug] We were not correctly detecting the end of all c-style
16320N/A 551. [func] Implemented the 'sortlist' option.
16320N/A 550. [func] Support unknown rdata types and classes.
16320N/A 549. [bug] "make" did not immediately abort the build when a
16320N/A subdirectory make failed [RT #450].
16320N/A 548. [func] The lexer now ungets tokens more correctly.
16320N/A 546. [func] Option 'lame-ttl' is now implemented.
16320N/A 545. [func] Name limit and counting options removed from dig;
16320N/A they didn't work properly, and cannot be correctly
16320N/A implemented without significant changes.
16320N/A 544. [func] Add statistics option, enable statistics-file option,
16320N/A add RNDC option "dump-statistics" to write out a
16320N/A 543. [doc] The 'port' option is now documented.
16320N/A 542. [func] Add support for update forwarding as required for
16320N/A full compliance with RFC2136. It is turned off
16320N/A by default and can be enabled using the
16320N/A 'allow-update-forwarding' option.
16320N/A 541. [func] Add bogus server support.
16320N/A 540. [func] Add dialup support.
16320N/A 539. [func] Support the blackhole option.
16320N/A 538. [bug] fix buffer overruns by 1 in lwres_getnameinfo().
16320N/A 536. [func] Use transfer-source{-v6} when sending refresh queries.
16320N/A Transfer-source{-v6} now take a optional port
16320N/A parameter for setting the UDP source port. The port
16320N/A 535. [func] Use transfer-source{-v6} when forwarding update
16320N/A 534. [func] Ancestors have been removed from RBT chains. Ancestor
16320N/A information can be discerned via node parent pointers.
16320N/A 533. [func] Incorporated name hashing into the RBT database to
16320N/A 532. [func] Implement DNS UPDATE pseudo records using
16320N/A 531. [func] Rdata really should be initalized before being assigned
16320N/A to (dns_rdata_fromwire(), dns_rdata_fromtext(),
16320N/A dns_rdata_clone(), dns_rdata_fromregion()),
16320N/A 530. [func] New function dns_rdata_invalidate().
16320N/A 529. [bug] 521 contained a bug which caused zones to always
16320N/A 528. [func] The ISC_LIST_XXXX macros now perform sanity checks
16320N/A on their arguements. ISC_LIST_XXXXUNSAFE can be use
16320N/A to skip the checks however use with caution.
16320N/A 527. [func] New function dns_rdata_clone().
16320N/A 526. [bug] nsupdate incorrectly refused to add RRs with a TTL
16320N/A 525. [func] New arguments 'options' for dns_db_subtractrdataset(),
16320N/A and 'flags' for dns_rdataslab_subtract() allowing you
16320N/A to request that the RR's must exist prior to deletion.
16320N/A DNS_R_NOTEXACT is returned if the condition is not met.
16320N/A 524. [func] The 'forward' and 'forwarders' statement in
16320N/A non-forward zones should work now.
16320N/A 523. [doc] The source to the Administrator Reference Manual is
16320N/A now an XML file using the DocBook DTD, and is included
16320N/A in the distribution. The plain text version of the
16320N/A ARM is temporarily unavailable while we figure out
16320N/A how to generate readable plain text from the XML.
16320N/A 522. [func] The lightweight resolver daemon can now use
16320N/A a real configuration file, and its functionality
16320N/A can be provided by a name server. Also, the -p and -P
16320N/A options to lwresd have been reversed.
16320N/A 521. [bug] Detect master files which contain $INCLUDE and always
16320N/A 520. [bug] Upgraded libtool to 1.3.5, which makes shared
16320N/A library builds almost work on AIX (and possibly
16320N/A 519. [bug] dns_name_split() would improperly split some bitstring
16320N/A labels, zeroing a few of the least signficant bits in
16320N/A the prefix part. When such an improperly created
16320N/A prefix was returned to the RBT database, the bogus
16320N/A label was dutifully stored, corrupting the tree.
16320N/A 518. [bug] The resolver did not realize that a DNAME which was
16320N/A "the answer" to the client's query was "the answer",
16320N/A and such queries would fail. [RT #399]
16320N/A 517. [bug] The resolver's DNAME code would trigger an assertion
16320N/A if there was more than one DNAME in the chain.
16320N/A 516. [bug] Cache lookups which had a NULL node pointer,
e.g. 16320N/A those by dns_view_find(), and which would match a
16320N/A 515. [bug] The ssu table was not being attached / detached
16320N/A by dns_zone_[sg]etssutable. [RT#397]
16320N/A 514. [func] Retry refresh and notify queries if they timeout.
16320N/A 513. [func] New functionality added to rdnc and server to allow
16320N/A individual zones to be refreshed or reloaded.
16320N/A 512. [bug] The zone transfer code could throw an execption with
16320N/A 511. [bug] The message code could throw an assertion on an
16320N/A out of memory failure. [RT #392]
16320N/A 510. [bug] Remove spurious view notify warning. [RT #376]
16320N/A 509. [func] Add support for write of zone files on shutdown.
16320N/A 508. [func] dns_message_parse() can now do a best-effort
16320N/A attempt, which should allow dig to print more invalid
16320N/A 507. [func] New functions dns_zone_flush(), dns_zt_flushanddetach()
16320N/A 506. [func] Do not fail to start on errors in zone files.
16320N/A 505. [bug] nsupdate was printing "unknown result code". [RT #373]
16320N/A 504. [bug] The zone was not being marked as dirty when updated via
16320N/A 503. [bug] dumptime was not being set along with
16320N/A 502. [func] On a SERVFAIL reply, DiG will now try the next server
16320N/A in the list, unless the +fail option is specified.
16320N/A 501. [bug] Incorrect port numbers were being displayed by
16320N/A 500. [func] Nearly useless +details option removed from DiG.
16320N/A 499. [func] In DiG, specifying a class with -c or type with -t
16320N/A changes command-line parsing so that classes and
16320N/A types are only recognized if following -c or -t.
16320N/A This allows hosts with the same name as a class or
16320N/A 498. [doc] There is now a man page for "dig"
16320N/A 497. [bug] The error messages printed when an IP match list
16320N/A contained a network address with a nonzero host
16320N/A part where not sufficiently detailed. [RT #365]
16320N/A 496. [bug] named didn't sanity check numeric parameters. [RT #361]
16320N/A 495. [bug] nsupdate was unable to handle large records. [RT #368]
16320N/A 494. [func] Do not cache NXDOMAIN responses for SOA queries.
16320N/A 493. [func] Return non-cachable (ttl = 0) NXDOMAIN responses
16320N/A for SOA queries. This makes it easier to locate
16320N/A the containing zone without polluting intermediate
16320N/A 492. [bug] attempting to reload a zone caused the server fail
16320N/A 491. [bug] nsupdate would segfault when sending certain
16320N/A prerequisites with empty RDATA. [RT #356]
16320N/A obtained an SOA containing the zone's configured
16320N/A retry time, perform the SOA query retries using
16320N/A 489. [func] The zone manager now has a "i/o" queue.
16320N/A 488. [bug] Locks weren't properly destroyed in some cases.
16320N/A 487. [port] flockfile() is not defined on all systems.
16320N/A 486. [bug] nslookup: "set all" and "server" commands showed
16320N/A the incorrect port number if a port other than 53
16320N/A 485. [func] When dig had more than one server to query, it would
16320N/A send all of the messages at the same time. Add
16320N/A rate limiting of the transmitted messages.
16320N/A 484. [bug] When the server was reloaded after removing addresses
16320N/A were still listening on the removed addresses due
16320N/A to reference count loops. [RT #325]
16320N/A 483. [bug] nslookup: "set all" showed a "search" option but it
16320N/A 482. [bug] nslookup: a plain "server" or "lserver" should be
16320N/A 481. [bug] nslookup:get_next_command() stack size could exceed
16320N/A 480. [bug] strtok() is not thread safe. [RT #349]
16320N/A 479. [func] The test suite can now be run by typing "make check"
16320N/A or "make test" at the top level.
16320N/A 478. [bug] "make install" failed if the directory specified with
16320N/A --prefix did not already exist.
16320N/A its directory was created. [RT #324]
16320N/A 476. [bug] A zone could expire while a zone transfer was in
16320N/A progress triggering a INSIST failure. [RT #329]
16320N/A 475. [bug] query_getzonedb() sometimes returned a non-null version
16320N/A on failure. This caused assertion failures when
16320N/A generating query responses where names subject to
16320N/A additional section processing pointed to a zone
16320N/A to which access had been denied by means of the
16320N/A 474. [bug] The mnemonic of the CHAOS class is CH according to
16320N/A RFC1035, but it was printed and read only as CHAOS.
16320N/A We now accept both forms as input, and print it
16320N/A 473. [bug] nsupdate overran the end of the list of name servers
16320N/A when no servers could be reached, typically causing
16320N/A it to print the error message "dns_request_create:
16320N/A 472. [bug] Off-by-one error caused isc_time_add() to sometimes
16320N/A 470. [feature] $GENERATE is now supported. See also
16320N/A 469. [bug] "query-source address * port 53;" now works.
16320N/A 468. [bug] dns_master_load*() failed to report file and line
16320N/A number in certain error conditions.
16320N/A 467. [bug] dns_master_load*() failed to log an error if
16320N/A 466. [bug] dns_master_load*() could return success when it failed.
16320N/A 465. [cleanup] Allow 0 to be set as an omapi_value_t value by
16320N/A 464. [cleanup] Build with openssl's RSA code instead of dnssafe.
16320N/A 463. [bug] nsupdate sent malformed SOA queries to the second
16320N/A query sent to the first one failed.
16320N/A 462. [bug] --disable-ipv6 should work now.
16320N/A 461. [bug] Specifying an unknown key in the "keys" clause of the
16320N/A "controls" statement caused a NULL pointer dereference.
16320N/A 460. [bug] Much of the DNSSEC code only worked with class IN.
16320N/A 459. [bug] Nslookup processed the "set" command incorrectly.
16320N/A 458. [bug] Nslookup didn't properly check class and type values.
16320N/A timeouts in certain situations, causing an
16320N/A unnecessary warning message to be printed.
16320N/A 456. [bug] Stub zones were not resetting the refresh and expire
16320N/A counters, loadtime or clearing the DNS_ZONE_REFRESH
16320N/A (refresh in progress) flag upon successful update.
16320N/A This disabled further refreshing of the stub zone,
16320N/A causing it to eventually expire. [RT #300]
16320N/A 455. [doc] Document IPv4 prefix notation does not require a
16320N/A dotted decimal quad but may be just dotted decimal.
16320N/A 454. [bug] Enforce dotted decimal and dotted decimal quad where
16320N/A 453. [bug] Warn if the obsolete option "maintain-ixfr-base"
16320N/A 452. [bug] Warn if the unimplemented option "statistics-file"
16320N/A 451. [func] Update forwarding implememted.
16320N/A 450. [func] New function ns_client_sendraw().
16320N/A 449. [bug] isc_bitstring_copy() only works correctly if the
16320N/A two bitstrings have the same lsb0 value, but this
16320N/A requirement was not documented, nor was there a
16320N/A 448. [bug] Host output formatting change, to match v8. [RT #255]
16320N/A 447. [bug] Dig didn't properly retry in TCP mode after
16320N/A 446. [bug] Confusing notify log message. [RT #298]
16320N/A 445. [bug] Doing a 0 bit isc_bitstring_copy() of an lsb0
16320N/A bitstring triggered a REQUIRE statement. The REQUIRE
16320N/A statement was incorrect. [RT #297]
16320N/A 444. [func] "recursion denied" messages are always logged at
16320N/A debug level 1, now, rather than sometimes at ERROR.
16320N/A This silences these warnings in the usual case, where
16320N/A some clients set the RD bit in all queries.
16320N/A 443. [bug] When loading a master file failed because of an
16320N/A unrecognized RR type name, the error message
16320N/A did not include the file name and line number.
16320N/A 442. [bug] TSIG signed messages that did not match any view
16320N/A 441. [bug] Nodes obscured by a DNAME were inaccessible even
16320N/A when DNS_DBFIND_GLUEOK was set.
16320N/A 440. [func] New function dns_zone_forwardupdate().
16320N/A 439. [func] New function dns_request_createraw().
16320N/A 438. [func] New function dns_message_getrawmessage().
16320N/A 437. [func] Log NOTIFY activity to the notify channel.
16320N/A 436. [bug] If recvmsg() returned EHOSTUNREACH or ENETUNREACH,
16320N/A which sometimes happens on Linux, named would enter
16320N/A a busy loop. Also, unexpected socket errors were
16320N/A not logged at a high enough logging level to be
16320N/A useful in diagnosing this situation. [RT #275]
16320N/A 435. [bug] dns_zone_dump() overwrote existing zone files
16320N/A rather than writing to a temporary file and
16320N/A renaming. This could lead to empty or partial
16320N/A zone files being left around in certain error
16320N/A conditions involving the initial transfer of a
16320N/A slave zone, interfering with subsequent server
16320N/A 434. [func] New function isc_file_isabsolute().
16320N/A 433. [func] isc_base64_decodestring() now accepts newlines
16320N/A within the base64 data. This makes it possible
16320N/A to break up the key data in a "trusted-keys"
16320N/A statement into multiple lines. [RT #284]
16320N/A retry time is now a random value between 75% and
16320N/A 431. [func] Log at ISC_LOG_INFO when a zone is successfully
16320N/A 430. [bug] Rewrote the lightweight resolver client management
16320N/A code to handle shutdown correctly and general
16320N/A 429. [bug] The space reserved for a TSIG record in a response
16320N/A was 2 bytes too short, leading to message
16320N/A DNS_R_BADDB for nodes which had neither NXT nor SIG NXT
16320N/A generating negative responses in a secure zone.
16320N/A 427. [bug] Avoid going into an infinite loop when the validator
16320N/A gets a negative response to a key query where the
16320N/A records are signed by the missing key.
16320N/A 426. [bug] Attempting to generate an oversized RSA key could
16320N/A cause dnssec-keygen to dump core.
16320N/A 425. [bug] Warn about the auth-nxdomain default value change
16320N/A if there is no auth-nxdomain statement in the
16320N/A 424. [bug] notify_createmessage() could trigger an assertion
16320N/A failure when creating the notify message failed,
16320N/A e.g. due to corrupt zones with multiple SOA records.
16320N/A 423. [bug] When responding to a recusive query, errors that occur
16320N/A after following a CNAME should cause the query to fail.
16320N/A 422. [func] get rid of isc_random_t, and make isc_random_get()
16320N/A and isc_random_jitter() use rand() internally
16320N/A instead of local state. Note that isc_random_*()
16320N/A functions are only for weak, non-critical "randomness"
16320N/A such as timing jitter and such.
16320N/A 421. [bug] nslookup would exit when given a blank line as input.
16320N/A 420. [bug] nslookup failed to implement the "exit" command.
16320N/A 419. [bug] The certificate type PKIX was misspelled as SKIX.
16320N/A 418. [bug] At debug levels >= 10, getting an unexpected
16320N/A socket receive error would crash the server
16320N/A while trying to log the error message.
16320N/A 417. [func] Add isc_app_block() and isc_app_unblock(), which
16320N/A allow an application to handle signals while
16320N/A 416. [bug] Slave zones with no master file tried to use a
16320N/A NULL pointer for a journal file name when they
16320N/A 415. [bug] The logging code leaked file descriptors.
16320N/A 414. [bug] Server did not shut down until all incoming zone
16320N/A 413. [bug] Notify could attempt to use the zone database after
16320N/A 412. [bug] named -v didn't print the version.
16320N/A 411. [bug] A typo in the HS A code caused an assertion failure.
16320N/A 410. [bug] lwres_gethostbyname() and company set lwres_h_errno
16320N/A 409. [bug] If named was shut down early in the startup
16320N/A process, ns_omapi_shutdown() would attempt to lock
16320N/A an unintialized mutex. [RT #262]
16320N/A 408. [bug] stub zones could leak memory and reference counts if
16320N/A all the masters were unreachable.
16320N/A 407. [bug] isc_rwlock_lock() would needlessly block
16320N/A readers when it reached the read quota even
16320N/A 406. [bug] Log messages were occasionally lost or corrupted
16320N/A due to a race condition in isc_log_doit().
16320N/A 405. [func] Add support for selective forwarding (forward zones)
16320N/A 404. [bug] The request library didn't completely work with IPv6.
16320N/A 403. [bug] "host" did not use the search list.
16320N/A 402. [bug] Treat undefined acls as errors, rather than
16320N/A warning and then later throwing an assertion.
16320N/A 401. [func] Added simple database API.
16320N/A 400. [bug] SIG(0) signing and verifying was done incorrectly.
16320N/A 399. [bug] When reloading the server with a config file
16320N/A containing a syntax error, it could catch an
16320N/A assertion failure trying to perform zone
16320N/A maintenance on, or sending notifies from,
16320N/A tentatively created zones whose views were
16320N/A never fully configured and lacked an address
16320N/A 398. [bug] "dig" sometimes caught an assertion failure when
16320N/A using TSIG, depending on the key length.
16320N/A 397. [func] Added utility functions dns_view_gettsig() and
16320N/A 396. [doc] There is now a man page for "nsupdate"
16320N/A 395. [bug] nslookup printed incorrect RR type mnemonics
16320N/A for RRs of type >= 21 [RT #237].
16320N/A 394. [bug] Current name was not propagated via $INCLUDE.
16320N/A 393. [func] Initial answer while loading (awl) support.
16320N/A Entry points: dns_master_loadfileinc(),
16320N/A dns_master_loadstreaminc(), dns_master_loadbufferinc().
16320N/A Note: calls to dns_master_load*inc() should be rate
16320N/A be rate limited so as to not use up all file
16320N/A 392. [func] Add ISC_R_FAMILYNOSUPPORT. Returned when OS does
16320N/A not support the given address family requested.
16320N/A 391. [clarity] ISC_R_FAMILY -> ISC_R_FAMILYMISMATCH.
16320N/A 390. [func] The function dns_zone_setdbtype() now takes
16320N/A both the zone database type and its arguments,
16320N/A making the functions dns_zone_adddbarg()
16320N/A and dns_zone_cleardbargs() unnecessary.
16320N/A 389. [bug] Attempting to send a reqeust over IPv6 using
16320N/A dns_request_create() on a system without IPv6
16320N/A support caused an assertion failure [RT #235].
16320N/A 388. [func] dig and host can now do reverse ipv6 lookups.
16320N/A 387. [func] Add dns_byaddr_createptrname(), which converts
16320N/A an address into the name used by a PTR query.
16320N/A 386. [bug] Missing strdup() of ACL name caused random
16320N/A ACL matching failures [RT #228].
16320N/A 385. [cleanup] Removed functions dns_zone_equal(), dns_zone_print(),
16320N/A 384. [bug] nsupdate was incorrectly limiting TTLs to 65535 instead
16320N/A 383. [func] When writing a master file, print the SOA and NS
16320N/A records (and their SIGs) before other records.
16320N/A 382. [bug] named -u failed on many Linux systems where the
16320N/A libc provided kernel headers do not match
16320N/A 381. [bug] Check for IPV6_RECVPKTINFO and use it instead of
16320N/A IPV6_PKTINFO if found. [RT #229]
16320N/A 380. [bug] nsupdate didn't work with IPv6.
16320N/A 379. [func] New library function isc_sockaddr_anyofpf().
16320N/A 378. [func] named and lwresd will log the command line arguments
16320N/A they were started with in the "starting ..." message.
16320N/A 377. [bug] When additional data lookups were refused due to
16320N/A "allow-query", the databases were still being
16320N/A attached causing reference leaks.
16320N/A 376. [bug] The server should always use good entropy when
16320N/A performing cryptographic functions needing entropy.
16320N/A 375. [bug] Per-zone "allow-query" did not properly override the
16320N/A 374. [bug] SOA in authoritative negative responses had wrong TTL.
16320N/A 373. [func] nslookup is now installed by "make install".
16320N/A 372. [bug] Deal with Microsoft DNS servers appending two bytes of
16320N/A garbage to zone transfer requests.
16320N/A 371. [bug] At high debug levels, doing an outgoing zone transfer
16320N/A of a very large RRset could cause an assertion failure
16320N/A 370. [bug] The error messages for rollforward failures were
16320N/A max-retry-time, min-retry-time,
16320N/A max-refresh-time, min-refresh-time.
16320N/A 368. [func] Restructure the internal ".bind" view so that more
16320N/A 367. [bug] Allow proper selection of server on nslookup command
16320N/A 366. [func] Allow use of '-' batch file in dig for stdin.
16320N/A 365. [bug] nsupdate -k leaked memory.
16320N/A 364. [func] Added additional-from-{cache,auth}
16320N/A 362. [bug] rndc no longer aborts if the configuration file is
16320N/A missing an options statement. [RT #209]
16320N/A 361. [func] When the RBT find or chain functions set the name and
16320N/A origin for a node that stores the root label
16320N/A the name is now set to an empty name, instead of ".",
16320N/A to simplify later use of the name and origin by
16320N/A dns_name_concatenate(), dns_name_totext() or
16320N/A 360. [func] dns_name_totext() and dns_name_format() now allow
16320N/A an empty name to be passed, which is formatted as "@".
16320N/A 359. [bug] dnssec-signzone occasionally signed glue records.
16320N/A 358. [cleanup] Rename the intermediate files used by the dnssec
16320N/A 357. [bug] The zone file parser crashed if the argument
16320N/A to $INCLUDE was a quoted string.
16320N/A 356. [cleanup] isc_task_send no longer requires event->sender to
16320N/A 355. [func] Added isc_dir_createunique(), similar to mkdtemp().
16320N/A 354. [doc] Man pages for the dnssec tools are now included in
16320N/A 352. [bug] Race condition in dns_client_t startup could cause
16320N/A 351. [bug] Constructing a response with rcode SERVFAIL to a TSIG
16320N/A signed query could crash the server.
16320N/A 350. [bug] Also-notify lists specified in the global options
16320N/A block were not correctly reference counted, causing
16320N/A 349. [bug] Processing a query with the CD bit set now works
16320N/A and 'additional-from-cache' now supported in view and
16320N/A 347. [bug] Don't crash if an argument is left off options in dig.
16320N/A 346. [func] Add support for .digrc config file, in the
16320N/A * Significantly improve structure handling
16320N/A * Don't pre-load entire batch files
16320N/A * Shorten timeouts to match v8's behavior
16320N/A 344. [bug] When shutting down, lwresd sometimes tried
16320N/A to shut down its client tasks twice,
16320N/A 343. [bug] Although zone maintenance SOA queries and
16320N/A notify requests were signed with TSIG keys
16320N/A when configured for the server in case,
16320N/A the TSIG was not verified on the response.
16320N/A 342. [bug] The wrong name was being passed to
16320N/A dns_name_dup() when generating a TSIG
16320N/A statement to allow authentication via TSIG keys:
16320N/A 340. [bug] The top-level COPYRIGHT file was missing from
16320N/A 339. [bug] DNSSEC validation of the response to an ANY
16320N/A query at a name with a CNAME RR in a secure
16320N/A zone triggered an assertion failure.
16320N/A 338. [bug] lwresd logged to syslog as named, not lwresd.
16320N/A 337. [bug] "dig" did not recognize "nsap-ptr" as an RR type
16320N/A 336. [bug] "dig -f" used 64 k of memory for each line in
16320N/A the file. It now uses much less, though still
16320N/A proportionally to the file size.
16320N/A 335. [bug] named would occasionally attempt recursion when
16320N/A it was disallowed or undesired.
16320N/A 334. [func] Added hmac-md5 to libisc.
16320N/A 333. [bug] The resolver incorrectly accepted referrals to
16320N/A domains that were not parents of the query name,
16320N/A 332. [func] New function dns_name_reset().
16320N/A 331. [bug] Only log "recursion denied" if RD is set. (RT #178)
16320N/A 330. [bug] Many debugging messages were partially formatted
16320N/A even when debugging was turned off, causing a
16320N/A significant decrease in query performance.
16320N/A 329. [func] omapi_auth_register() now takes a size_t argument for
16320N/A the length of a key's secret data. Previously
16320N/A OMAPI only stored secrets up to the first NUL byte.
16320N/A 328. [func] Added isc_base64_decodestring().
16320N/A address where a host specification was required.
16320N/A 326. [func] 'keys' in an 'inet' control statement is now
16320N/A required and must have at least one item in it.
16320N/A A "not supported" warning is now issued if a 'unix'
16320N/A 325. [bug] isc_lex_gettoken was processing octal strings when
16320N/A ISC_LEXOPT_CNUMBER was not set.
16320N/A 324. [func] In the resolver, turn EDNS0 off if there is no
16320N/A response after a number of retransmissions.
16320N/A This is to allow queries some chance of succeeding
16320N/A even if all the authoritative servers of a zone
16320N/A silently discard EDNS0 requests instead of
16320N/A sending an error response like they ought to.
16320N/A 323. [bug] dns_rbt_findname() did not ignore empty rbt nodes.
16320N/A Because of this, servers authoritative for a parent
16320N/A and grandchild zone but not authoritative for the
16320N/A intervening child zone did not correctly issue
16320N/A referrals to the servers of the child zone.
16320N/A 322. [bug] Queries for KEY RRs are now sent to the parent
16320N/A server before the authoritative one, making
16320N/A DNSSEC insecurity proofs work in many cases
16320N/A 321. [bug] When synthesizing a CNAME RR for a DNAME
16320N/A response, query_addcname() failed to intitialize
16320N/A the type and class of the CNAME dns_rdata_t,
16320N/A uses authentication to talk to named, command
16320N/A line syntax changed. This will all be described
16320N/A to configure the OMAPI command channel.
16320N/A 318. [func] dns_c_ndcctx_destroy() could never return anything
16320N/A except ISC_R_SUCCESS; made it have void return instead.
16320N/A 317. [func] Use callbacks from libomapi to determine if a
16320N/A new connection is valid, and if a key requested
16320N/A to be used with that connection is valid.
16320N/A 316. [bug] Generate a warning if we detect an unexpected <eof>
16320N/A 315. [bug] Handle non-empty blanks lines. (RT #163)
16320N/A more than one key specified for the inet clause.
16320N/A error. Instead, parse as much as possible, but
16320N/A still return an error if one was found.
16320N/A 312. [bug] Increase the number of allowed elements in the
16320N/A are more than this, ignore the remainder rather
16320N/A than returning a failure in lwres_conf_parse.
16320N/A 311. [bug] lwres_conf_parse failed when the first line of
16320N/A - allow "port xxx" to be left out of statement,
16320N/A in which case it defaults to omapi's default port
16320N/A 309. [bug] When sending a referral, the server did not look
16320N/A for name server addresses as glue in the zone
16320N/A holding the NS RRset in the case where this zone
16320N/A was not the same as the one where it looked for
16320N/A name server addresses as authoritative data.
16320N/A 308. [bug] Treat a SOA record not at top of zone as an error
16320N/A 307. [bug] When canceling a query, the resolver didn't check for
16320N/A isc_socket_sendto() calls that did not yet have their
16320N/A completion events posted, so it could (rarely) end up
16320N/A destroying the query context and then want to use
16320N/A it again when the send event posted, triggering an
16320N/A assertion as it tried to cancel an already-canceled
16320N/A 306. [bug] Reading HMAC-MD5 private key files didn't work.
16320N/A 305. [bug] When reloading the server with a config file
16320N/A containing a syntax error, it could catch an
16320N/A assertion failure trying to perform zone
16320N/A maintenance on tentatively created zones whose
16320N/A views were never fully configured and lacked
16320N/A 304. [bug] If more than LWRES_CONFMAXNAMESERVERS servers
16320N/A 303. [bug] Add additional sanity checks to differentiate a AXFR
16320N/A response vs a IXFR response. (RT #157)
16320N/A 302. [bug] In dig, host, and nslookup, MXNAME should be large
16320N/A enough to hold any legal domain name in presentation
16320N/A 301. [bug] Uninitalised pointer in host:printmessage(). (RT #159)
16320N/A on platforms lacking IPv6 because each included their
16320N/A own ipv6 header file for the missing definitions. Now
16320N/A the other (ISC_IPV6_H and LWRES_IPV6_H).
16320N/A 299. [cleanup] Get the user and group information before changing the
16320N/A root directory, so the administrator does not need to
16320N/A keep a copy of the user and group databases in the
16320N/A chroot'ed environment. Suggested by Hakan Olsson.
16320N/A 298. [bug] A mutex deadlock occurred during shutdown of the
16320N/A interface manager under certain conditions.
16320N/A Digital Unix systems were the most affected.
16320N/A 297. [bug] Specifying a key name that wasn't fully qualified
16320N/A in certain parts of the config file could cause
16320N/A 296. [bug] "make install" from a separate build directory
16320N/A failed unless configure had been run in the source
16320N/A 295. [bug] When invoked with type==CNAME and a message
16320N/A not constructed by dns_message_parse(),
16320N/A dns_message_findname() failed to find anything
16320N/A due to checking for attribute bits that are set
16320N/A only in dns_message_parse(). This caused an
16320N/A infinite loop when constructing the response to
16320N/A an ANY query at a CNAME in a secure zone.
16320N/A 294. [bug] If we run out of space in while processing glue
16320N/A when reading a master file and commit "current name"
16320N/A reverts to "name_current" instead of staying as
16320N/A 293. [port] Add support for FreeBSD 4.0 system tests.
16320N/A 292. [bug] Due to problems with the way some operating systems
16320N/A handle simultaneous listening on IPv4 and IPv6
16320N/A addresses, the server no longer listens on IPv6
16320N/A addresses by default. To revert to the previous
16320N/A behavior, specify "listen-on-v6 { any; };" in
16320N/A 291. [func] Caching servers no longer send outgoing queries
16320N/A over TCP just because the incoming recursive query
16320N/A 290. [cleanup] +twiddle option to dig (for testing only) removed.
16320N/A 289. [cleanup] dig is now installed in $bindir instead of $sbindir.
16320N/A host is now installed in $bindir. (Be sure to remove
16320N/A 288. [func] rndc is now installed by "make install" into $sbindir.
16320N/A 287. [bug] rndc now works again as "rndc 127.1 reload" (for
16320N/A only that task). Parsing its configuration file and
16320N/A using digital signatures for authentication has been
16320N/A disabled until named supports the "controls" statement,
16320N/A 286. [bug] On Solaris 2, when named inherited a signal state
16320N/A where SIGHUP had the SIG_IGN action, SIGHUP would
16320N/A be ignored rather than causing the server to reload
16320N/A 285. [bug] A change made to the dst API for beta4 inadvertently
16320N/A broke OMAPI's creation of a dst key from an incoming
16320N/A message, causing an assertion to be triggered. Fixed.
16320N/A 284. [func] The DNSSEC key generation and signing tools now
16320N/A generate randomness from keyboard input on systems
16320N/A 283. [cleanup] The 'lwresd' program is now a link to 'named'.
16320N/A 282. [bug] The lexer now returns ISC_R_RANGE if parsed integer is
16320N/A 281. [bug] Fixed list of recognized config file category names.
16320N/A easily build applications that link with
16320N/A 279. [bug] Private omapi function symbols shared between
16320N/A protected using the ISC convention of starting with
16320N/A the library name and two underscores ("omapi__"...)
16320N/A note of when isc_log_categorybyname() wasn't able
16320N/A to find the category name and would then apply the
16320N/A channel list of the unknown category to all categories.
16320N/A 277. [bug] isc_log_categorybyname() and isc_log_modulebyname()
16320N/A would fail to find the first member of any category
16320N/A or module array apart from the internal defaults.
16320N/A Thus, for example, the "notify" category was improperly
16320N/A 276. [bug] dig now supports maximum sized TCP messages.
16320N/A 275. [bug] The definition of lwres_gai_strerror() was missing
16320N/A 274. [bug] TSIG AXFR verify failed when talking to a BIND 8
16320N/A 273. [func] The default for the 'transfer-format' option is
16320N/A now 'many-answers'. This will break zone transfers
16320N/A to BIND 4.9.5 and older unless there is an explicit
16320N/A 272. [bug] The sending of large TCP responses was canceled
16320N/A in mid-transmission due to a race condition
16320N/A caused by the failure to set the client object's
16320N/A "newstate" variable correctly when transitioning
16320N/A 271. [func] Attempt to probe the number of cpus in named
16320N/A if unspecified rather than defaulting to 1.
16320N/A 270. [func] Allow maximum sized TCP answers.
16320N/A 269. [bug] Failed DNSSEC validations could cause an assertion
16320N/A failure by causing clone_results() to be called with
16320N/A 268. [doc] A plain text version of the Administrator
16320N/A Reference Manual is now included in the distribution,
16320N/A 267. [func] Nsupdate is now provided in the distribution.
16320N/A 265. [bug] dns_request_create() now works for TCP.
16320N/A 264. [func] Dispatch can not take TCP sockets in connecting
16320N/A state. Set DNS_DISPATCHATTR_CONNECTED when calling
16320N/A dns_dispatch_createtcp() for connected TCP sockets
16320N/A or call dns_dispatch_starttcp() when the socket is
16320N/A 263. [func] New logging channel type 'stderr'
16320N/A 262. [bug] 'master' was not initalized in
zone.c:stub_callback().
16320N/A 261. [func] Add dns_zone_markdirty().
16320N/A 260. [bug] Running named as a non-root user failed on Linux
16320N/A kernels new enough to support retaining capabilities
16320N/A 259. [func] New random-device and random-seed-file statements
16320N/A 257. [bug] The server detached the last zone manager reference
16320N/A too early, while it could still be in use by queries.
16320N/A This manifested itself as assertion failures during the
16320N/A shutdown process for busy name servers (RT #133).
16320N/A isc_ratelimiter_shutdown guarantees that the rate
16320N/A limiter is detached from its task.
16320N/A 255. [func] New function dns_zonemgr_attach().
16320N/A 254. [bug] Suppress "query denied" messages on additional data
16320N/A comments (anywhere in line, not just as the beginning).
16320N/A It also aborted when an unrecognized keyword was seen,
16320N/A now it silently ignores the entire line.
16320N/A 251. [bug] lwresd caught an assertion failure on startup.
16320N/A 250. [bug] fixed handling of size+unit when value would be too
16320N/A large for internal representation.
16320N/A 249. [cleanup] max-cache-size config option now takes a size-spec
16320N/A like 'datasize', except 'default' is not allowed.
16320N/A 248. [bug] global lame-ttl option was not being printed when
16320N/A config structures were written out.
16320N/A 247. [cleanup] Rename cache-size config option to max-cache-size.
16320N/A 246. [func] Rename global option cachesize to cache-size and
16320N/A add corresponding option to view statement.
16320N/A 245. [bug] If an uncompressed name will take more than 255
16320N/A bytes and the buffer is sufficiently long,
16320N/A dns_name_fromwire should return DNS_R_FORMERR,
16320N/A not ISC_R_NOSPACE. This bug caused cause the
16320N/A server to catch an assertion failure when it
16320N/A received a query for a name longer than 255
16320N/A 242. [cleanup] fixed incorrect warning about auth-nxdomain usage.
16320N/A 241. [cleanup] nscount and soacount have been removed from the
16320N/A dns_master_*() arguement lists.
16320N/A 240. [func] databases now come in three flavours: zone, cache
16320N/A 239. [func] If ISC_MEM_DEBUG is enabled, the variable
16320N/A isc_mem_debugging controls whether messages
16320N/A 238. [cleanup] A few more compilation warnings have been quieted:
16320N/A + PTHREAD_ONCE_INIT unbraced initializer warnings on
16320N/A + IN6ADDR_ANY_INIT unbraced initializer warnings on
16320N/A 237. [bug] If connect() returned ENOBUFS when the resolver was
16320N/A initiating a TCP query, the socket didn't get
16320N/A destroyed, and the server did not shut down cleanly.
16320N/A 236. [func] Added new listen-on-v6 config file statement.
16320N/A 235. [func] Consider it a config file error if a listen-on
16320N/A statement has an IPv6 address in it, or a
16320N/A listen-on-v6 statement has an IPv4 address in it.
16320N/A 234. [bug] Allow a trusted-key's first field (domain-name) be
16320N/A either a quoted or an unquoted string, instead of
16320N/A 233. [cleanup] Convert all config structure integer values to unsigned
16320N/A integer (isc_uint32_t) to match grammer.
16320N/A 232. [bug] Allow slave zones to not have a file.
16320N/A 231. [func] Support new 'port' clause in config file options
16320N/A section. Causes 'listen-on', 'masters' and
16320N/A 'also-notify' statements to use its value instead of
16320N/A 229. [func] Support config file sig-validity-interval statement
16320N/A in options, views and zone statements (master
16320N/A 228. [cleanup] Logging messages in config module stripped of
16320N/A 227. [cleanup] The enumerated identifiers dns_rdataclass_*,
16320N/A dns_rcode_*, dns_opcode_*, and dns_trust_* are
16320N/A also now cast to their appropriate types, as with
16320N/A dns_rdatatype_* in item number 225 below.
16320N/A 226. [func] dns_name_totext() now always prints the root name as
16320N/A '.', even when omit_final_dot is true.
16320N/A 225. [cleanup] The enumerated dns_rdatatype_* identifiers are now
16320N/A cast to dns_rdatatype_t via macros of their same name
16320N/A so that they are of the proper integral type wherever
16320N/A 224. [cleanup] The entire project builds cleanly with gcc's
16320N/A -Wcast-qual and -Wwrite-strings warnings enabled,
16320N/A which is now the default when using gcc. (Warnings
16320N/A 223. [func] Several functions were reprototyped to qualify one
16320N/A or more of their arguments with "const". Similarly,
16320N/A several functions that return pointers now have
16320N/A those pointers qualified with const.
16320N/A 222. [bug] The global 'also-notify' option was ignored.
16320N/A 221. [bug] An uninitialized variable was sometimes passed to
16320N/A dns_rdata_freestruct() when loading a zone, causing
16320N/A 220. [cleanup] Set the default outgoing port in the view, and
16320N/A set it in sockaddrs returned from the ADB.
16320N/A 219. [bug] Signed truncated messages more correctly follow
16320N/A 218. [func] When an rdataset is signed, its ttl is normalized
16320N/A based on the signature validity period.
16320N/A 217. [func] Also-notify and trusted-keys can now be used in
16320N/A 216. [func] The 'max-cache-ttl' and 'max-ncache-ttl' options
16320N/A 215. [bug] Failures at certain points in request processing
16320N/A could cause the assertion INSIST(client->lockview
16320N/A 214. [func] New public function isc_netaddr_format(), for
16320N/A formatting network addresses in log messages.
16320N/A 213. [bug] Don't leak memory when reloading the zone if
16320N/A an update-policy clause was present in the old zone.
16320N/A 211. [func] The 'key' and 'server' statements can now occur
16320N/A 210. [bug] The 'allow-transfer' option was ignored for slave
16320N/A zones, and the 'transfers-per-ns' option was
16320N/A 209. [cleanup] Upgraded openssl files to new version 0.9.5a
16320N/A 208. [func] Added ISC_OFFSET_MAXIMUM for the maximum value
16320N/A 207. [func] The dnssec tools properly use the logging subsystem.
16320N/A 206. [cleanup] dst now stores the key name as a dns_name_t, not
16320N/A 205. [cleanup] On IRIX, turn off the mostly harmless warnings 1692
16320N/A ("prototyped function redeclared without prototype")
16320N/A and 1552 ("variable ... set but not used") when
16320N/A directories, which contain code imported from outside
16320N/A 204. [cleanup] On
HP/UX, pass +vnocompatwarnings to the linker
16320N/A to quiet the warnings that "The linked output may not
16320N/A 203. [func] notify and zone soa queries are now tsig signed when
16320N/A 202. [func] isc_lex_getsourceline() changed from returning int
16320N/A to returning unsigned long, the type of its underlying
16320N/A 200. [bug] Failures in sending query responses to clients
16320N/A 199. [bug] isc_heap_delete() sometimes violated the heap
16320N/A invariant, causing timer events not to be posted
16320N/A 198. [func] Dispatch managers hold memory pools which
16320N/A any managed dispatcher may use. This allows
16320N/A us to avoid dipping into the memory context for
16320N/A most allocations. [19-May-2000 explorer]
16320N/A 197. [bug] When an incoming AXFR or IXFR completes, the
16320N/A zone's internal state is refreshed from the
16320N/A SOA data. [19-May-2000 explorer]
16320N/A 196. [func] Dispatchers can be shared easily between views
16320N/A 195. [bug] Including the NXT record of the root domain
16320N/A in a negative response caused an assertion
16320N/A 194. [doc] The PDF version of the Administrator's Reference
16320N/A Manual is no longer included in the ISC BIND9
16320N/A 193. [func] changed dst_key_free() prototype.
16320N/A 192. [bug] Zone configuration validation is now done at end
16320N/A of config file parsing, and before loading
16320N/A 191. [func] Patched to compile on UnixWare
7.x. This platform
16320N/A is not directly supported by the ISC.
16320N/A 190. [cleanup] The DNSSEC tools have been moved to a separate
16320N/A directory dnssec/ and given the following new,
16320N/A Their command line arguments have also been changed to
16320N/A be more consistent. dnssec-keygen now prints the
16320N/A name of the generated key files (sans extension)
16320N/A on standard output to simplify its use in automated
16320N/A 189. [func] isc_time_secondsastimet(), a new function, will ensure
16320N/A that the number of seconds in an isc_time_t does not
16320N/A exceed the range of a time_t, or return ISC_R_RANGE.
16320N/A Similarly, isc_time_now(), isc_time_nowplusinterval(),
16320N/A isc_time_add() and isc_time_subtract() now check the
16320N/A isc_time_subtract, this changed a calling requirement
16320N/A (ie, something that could generate an assertion)
16320N/A into merely a condition that returns an error result.
16320N/A isc_time_add() and isc_time_subtract() were void-
16320N/A valued before but now return isc_result_t.
16320N/A 188. [func] Log a warning message when an incoming zone transfer
16320N/A 187. [func] isc_ratelimter_enqueue() has an additional arguement
16320N/A 186. [func] dns_request_getresponse() has an additional arguement
16320N/A 185. [bug] Fixed up handling of ISC_MEMCLUSTER_LEGACY. Several
16320N/A public functions did not have an isc__ prefix, and
16320N/A referred to functions that had previously been
16320N/A standard, which says that such names are reserved.
16320N/A 183. [func] ISC_LOG_PRINTTAG option for log channels. Useful
16320N/A for logging the program name or other identifier.
16320N/A 182. [cleanup] New commandline parameters for dnssec tools
16320N/A 181. [func] Added dst_key_buildfilename and dst_key_parsefilename
16320N/A 180. [func] New isc_result_t ISC_R_RANGE. Supersedes DNS_R_RANGE.
16320N/A before any zone or view statements.
16320N/A has non-empty list of masters defined.
16320N/A 177. [func] New per-zone boolean:
16320N/A intended to let a zone be disabled without having
16320N/A to comment out the entire zone statement.
16320N/A 176. [func] New global and per-view option:
16320N/A 175. [func] New global and per-view option:
16320N/A additional-data internal | minimal | maximal;
16320N/A 174. [func] New public function isc_sockaddr_format(), for
16320N/A formatting socket addresses in log messages.
16320N/A 173. [func] Keep a queue of zones waiting for zone transfer
16320N/A quota so that a new transfer can be dispatched
16320N/A immediately whenever quota becomes available.
16320N/A 172. [bug] $TTL directive was sometimes missing from dumped
16320N/A master files because totext_ctx_init() failed to
16320N/A initialize ctx->current_ttl_valid.
16320N/A 171. [cleanup] On NetBSD systems, the mit-pthreads or
16320N/A unproven-pthreads library is now always used
16320N/A unless --with-ptl2 is explicitly specified on
16320N/A the configure command line. The
16320N/A --with-mit-pthreads option is no longer needed
16320N/A 170. [cleanup] Remove inter server consistancy checks from zone,
16320N/A these should return as a seperate module in 9.1.
16320N/A dns_zone_checkservers(), dns_zone_checkparents(),
16320N/A dns_zone_checkchildren(), dns_zone_checkglue().
16320N/A Remove dns_zone_setadb(), dns_zone_setresolver(),
16320N/A dns_zone_setrequestmgr() these should now be found
16320N/A 169. [func] ratelimiter can now process N events per interval.
16320N/A due to not consuming the semicolon ending the include
16320N/A statement before switching input streams.
16320N/A 167. [bug] Make lack of masters for a slave zone a soft error.
16320N/A 166. [bug] Keygen was overwriting existing keys if key_id
16320N/A conflicted, now it will retry, and non-null keys
16320N/A with key_id == 0 are not generated anymore. Key
16320N/A was not able to generate NOAUTHCONF DSA key,
16320N/A increased RSA key size to 2048 bits.
16320N/A 165. [cleanup] Silence "end-of-loop condition not reached" warnings
16320N/A 164. [func] Added functions isc_stdio_open(), isc_stdio_close(),
16320N/A isc_stdio_seek(), isc_stdio_read(), isc_stdio_write(),
16320N/A isc_stdio_flush(), isc_stdio_sync(), isc_file_remove()
10656N/A to encapsulate nonportable usage of errno and sync.
10656N/A 163. [func] Added result codes ISC_R_FILENOTFOUND and
15153N/A 162. [bug] Ensure proper range for arguments to
ctype.h functions.
15153N/A 161. [cleanup] error in yyparse prototype that only HPUX caught.
15153N/A 160. [cleanup] getnet*() are not going to be implemented at this
12935N/A 159. [func] Redefinition of config file elements is now an
15153N/A 158. [bug] Log channel and category list copy routines
15153N/A weren't assigning properly to output parameter.
15153N/A 157. [port] Fix missing prototype for getopt().
15153N/A 156. [func] Support new 'database' statement in zone.
16320N/A 155. [bug] ns_notify_start() was not detaching the found zone.
15153N/A 154. [func] The signer now logs libdns warnings to stderr even when
15153N/A not verbose, and in a nicer format.
15153N/A 153. [func] dns_rdata_tostruct() 'mctx' is now optional. If 'mctx'
15153N/A is NULL then you need to preserve the 'rdata' until
15153N/A you have finished using the structure as there may be
16320N/A references to the associated memory. If 'mctx' is
16320N/A non-NULL it is guaranteed that there are no references
16320N/A to memory associated with 'rdata'.
16320N/A dns_rdata_freestruct() must be called if 'mctx' was
15153N/A non-NULL and may safely be called if 'mctx' was NULL.
15153N/A 152. [bug] keygen dumped core if domain name argument was omitted
15153N/A 151. [func] Support 'disabled' statement in zone config (causes
15153N/A zone to be parsed and then ignored). Currently must
15153N/A 150. [func] Support optional ports in masters and also-notify
15153N/A 149. [cleanup] Removed usused argument 'olist' from
15153N/A 148. [cleanup] Stop issuing some warnings about some configuration
15153N/A file statements that were not implemented, but now are.
15153N/A 147. [bug] Changed yacc union size to be smaller for yaccs that
15153N/A put yacc-stack on the real stack.
15153N/A 146. [cleanup] More general redundant header file cleanup. Rather
15153N/A than continuing to itemize every header which changed,
15153N/A this changelog entry just notes that if a header file
15153N/A did not need another header file that it was including
15153N/A in order to provide its advertized functionality, the
15153N/A inclusion of the other header file was removed. See
15153N/A ISC_LANG_ENDDECLS to header files that had function
15153N/A prototypes, and removed it from those that did not.
15153N/A 144. [cleanup] libdns header files too numerous to name were made
15153N/A to conform to the same style for multiple inclusion
15153N/A 143. [func] Added function dns_rdatatype_isknown().
15153N/A 141. [bug] Corrupt requests with multiple questions could
138. [cleanup] isc_strtouq moved from str.[ch] to string.[ch] and
renamed isc_string_touint64. isc_strsep moved from
made to conform to the same style for multiple
for ISC_R_* codes used in macros.
129. [bug] The 'default_debug' log channel was not set up when
'category default' was present in the config file
128. [cleanup] <
isc/dir.h> had ISC_LANG_BEGINDECLS instead of
ISC_LANG_ENDDECLS at end of header.
127. [cleanup] The contracts for the comparision routines
dns_name_fullcompare(), dns_name_compare(),
dns_name_rdatacompare(), and dns_rdata_compare() now
specify that the order value returned is < 0, 0, or > 0
124. [func] signer now imports parent's zone key signature
and creates null
keys/sets zone status bit for
symbol fixed from ISC_SYMBOL_H to ISC_SYMTAB_H.
119. [cleanup] structure definitions for generic rdata stuctures do
not have _generic_ in their names.
118. [cleanup]
libdns.a is now namespace-clean, on NetBSD, excepting
YACC crust (yyparse, etc) [2000-apr-27 explorer]
dns_zone_clearnotify() and dns_zone_addnotify()
are replaced by dns_zone_setnotifyalso().
dns_zone_clearmasters() and dns_zone_addmaster()
are replaced by dns_zone_setmasters().
116. [func] Added <
isc/offset.h> for isc_offset_t (aka off_t
115. [port] Shut up the -Wmissing-declarations warning about
113. [func] Utility programs dig and host added.
109. [bug] "make depend" did nothing for
107. [func] Add keysigner and keysettool.
106. [func] Allow dnssec verifications to ignore the validity
period. Used by several of the dnssec tools.
implicit conventions the developers have used.
104. [bug] Made compress_add and compress_find static to
isc_buffer_base(b) (pointer)
isc_buffer_current(b) (pointer)
isc_buffer_active(b) (pointer)
isc_buffer_used(b) (pointer)
isc_buffer_length(b) (int)
isc_buffer_usedlength(b) (int)
isc_buffer_consumedlength(b) (int)
isc_buffer_remaininglength(b) (int)
isc_buffer_activelength(b) (int)
isc_buffer_availablelength(b) (int)
ISC_BUFFER_AVAILABLECOUNT(b)
isc_buffer_usedregion(b, r)
isc_buffer_available(b, r) ->
isc_buffer_available_region(b, r)
isc_buffer_consumed(b, r) ->
isc_buffer_consumedregion(b, r)
isc_buffer_active(b, r) ->
isc_buffer_activeregion(b, r)
isc_buffer_remaining(b, r) ->
isc_buffer_remainingregion(b, r)
Buffer types were removed, so the ISC_BUFFERTYPE_*
macros are no more, and the type argument to
isc_buffer_init and isc_buffer_allocate were removed.
isc_buffer_putstr is now void (instead of isc_result_t)
and requires that the caller ensure that there
is enough available buffer space for the string.
102. [port] Correctly detect inet_aton, inet_pton and inet_ptop
99. [cleanup] Rate limiter now has separate shutdown() and
destroy() functions, and it guarantees that all
queued events are delivered even in the shutdown case.
unless ISC_PLATFORM_NEEDVSNPRINTF is defined.
94. [cleanup] Some installed header files did not compile as C++.
<
isc/mem.h>. isc_interface_t and isc_interfaceiter_t
84. [func] allow-query ACL checks now apply to all data
83. [func] If the server is authoritative for both a
delegating zone and its (nonsecure) delegatee, and
a query is made for a KEY RR at the top of the
delegatee, then the server will look for a KEY
in the delegator if it is not found in the delegatee.
78. [cleanup] lwres_conftest renamed to lwresconf_test for
consistency with other *_test programs.
77. [cleanup] typedef of isc_time_t and isc_interval_t moved from
76. [cleanup] Rewrote keygen.
75. [func] Don't load a zone if its database file is older
than the last time the zone was loaded.
73. [func] New "file" API in libisc, including new function
isc_file_getmodtime, isc_mktemplate renamed to
isc_file_mktemplate and isc_ufile renamed to
isc_file_openunique. By no means an exhaustive API,
it is just what's needed for now.
72. [func] DNS_RBTFIND_NOPREDECESSOR and DNS_RBTFIND_NOOPTIONS
added for dns_rbt_findnode, the former to disable the
setting of the chain to the predecessor, and the
latter to make clear when no options are set.
71. [cleanup] Made explicit the implicit REQUIREs of
isc_time_seconds, isc_time_nanoseconds, and
70. [func] isc_time_set() added.
69. [bug] The zone object's master and also-notify lists grew
longer with each server reload.
68. [func] Partial support for SIG(0) on incoming messages.
67. [performance] Allow use of alternate (compile-time supplied)
66. [func] Data in authoritative zones should have a trust level
65. [cleanup] Removed obsolete typedef of dns_zone_callbackarg_t
64. [func] The RBT, DB, and zone table APIs now allow the
caller find the most-enclosing superdomain of
63 [func] Generate NOTIFY messages.
62. [func] Add UDP refresh support.
61. [cleanup] Use single quotes consistently in log messages.
60. [func] Catch and disallow singleton types on message
59. [bug] Cause
net/host unreachable to be a hard error
when sending and receiving.
== 0 assertion in query_newname().
57. [func] Added dns_nxt_typepresent()
56. [bug] SIG records were not properly returned in cached
55. [bug] Responses containing multiple names in the authority
section were not negatively cached.
54. [bug] If a fetch with sigrdataset==NULL joined one with
sigrdataset!=NULL or vice versa, the resolver
could catch an assertion or lose signature data,
52. [bug] rndc: taskmgr and socketmgr were not initialized
50. [func] RBT deletion no longer requires a valid chain to work,
and dns_rbt_deletenode was added.
49. [func] Each cache now has its own mctx.
48. [func] isc_task_create() no longer takes an mctx.
isc_task_mem() has been eliminated.
47. [func] A number of modules now use memory context reference
46. [func] Memory contexts are now reference counted.
Added isc_mem_inuse() and isc_mem_preallocate().
Renamed isc_mem_destroy_check() to
isc_mem_setdestroycheck().
45. [bug] The trusted-key statement incorrectly loaded keys.
44. [bug] Don't include authority data if it would force us
to unset the AD bit in the message.
43. [bug] DNSSEC verification of cached rdatasets was failing.
42. [cleanup] Simplified logging of messages with embedded domain
names by introducing a new convenience function
41. [func] Use PR_SET_KEEPCAPS on Linux 2.3.99-pre3 and later
to allow 'named' to run as a non-root user while
retaining the ability to bind() to privileged
40. [func] Introduced new logging category "dnssec" and
39. [cleanup] Moved the typedefs for isc_region_t, isc_textregion_t,
38. [bug] TSIG signed incoming zone transfers work now.
37. [bug] If the first RR in an incoming zone transfer was
not an SOA, the server died with an assertion failure
instead of just reporting an error.
36. [cleanup] Change DNS_R_SUCCESS (and others) to ISC_R_SUCCESS
35. [performance] Log messages which are of a level too high to be
logged by any channel in the logging configuration
will not cause the log mutex to be locked.
34. [bug] Recursion was allowed even with 'recursion no'.
33. [func] The RBT now maintains a parent pointer at each node.
30. [func] config file grammer change to support optional
29. [func] support new config file view options:
auth-nxdomain recursion query-source
query-source-v6 transfer-source
transfer-source-v6 max-transfer-time-out
max-transfer-idle-out transfer-format
request-ixfr provide-ixfr cleaning-interval
fetch-glue notify rfc2308-type1 lame-ttl
28. [func] support lame-ttl, min-roots and serial-queries
Including it on other platforms (eg, NetBSD) can
cause a forced #error from the C preprocessor.
26. [func] new match-clients statement in config file view.
25. [bug] make install failed to install <
isc/log.h> and
24. [cleanup] Eliminate some unnecessary #includes of header
23. [cleanup] Provide more context in log messages about client
requests, using a new function ns_client_log().
22. [bug] SIGs weren't returned in the answer section when
the query resulted in a fetch.
21. [port] Look at STD_CINCLUDES after CINCLUDES during
compilation, so additional system include directories
can be searched but header files in the bind9 source
tree with conflicting names take precedence. This
avoids issues with installed versions of dnssafe and
20. [func] Configuration file post-load validation of zones
failed if there were no zones.
19. [bug] dns_zone_notifyreceive() failed to unlock the zone
lock in certain error cases.
18. [bug] Use AC_TRY_LINK rather than AC_TRY_COMPILE in
17. [func] Do configuration file post-load validation of zones.
16. [bug] put quotes around key names on config file
output to avoid possible keyword clashes.
15. [func] Add dns_name_dupwithoffsets(). This function is
improves comparison performance for duped names.
14. [bug] free_rbtdb() could have 'put' unallocated memory in
12. [bug] Fixed possible unitialized variable error.
11. [bug] axfr_rrstream_first() didn't check the result code of
db_rr_iterator_first(), possibly causing an assertion
10. [bug] A bug in the code which makes EDNS0 OPT records in
9. [cleanup] replaced bit-setting code in
confctx.c and replaced
repeated code with macro calls.
8. [bug] Shutdown of incoming zone transfer accessed
7. [cleanup] removed 'listen-on' from view statement.
6. [bug] quote RR names when generating config file to
prevent possible clash with config file keywords
statements must now be enclosed by an 'update-policy'
linux 2.3 kernel includes due to conflicts between
C library includes and the kernel includes. We now
avoid pulling in other linux kernel .h files.
3. [bug] TKEYs go in the answer section of responses, not
2. [bug] Generating cryptographic randomness failed on
1. [bug] The installdirs rule in
prevented the isc directory from being created if it
# This tells Emacs to use hard tabs in this file.