forked from jevinskie/bind10
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathChangeLog
More file actions
3117 lines (2610 loc) · 126 KB
/
ChangeLog
File metadata and controls
3117 lines (2610 loc) · 126 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
bind10-devel-20120927 released on September 27, 2012
483. [func] marcin
libdhcp++: Added new parameter to define sub-second timeout
for DHCP packet reception. The total timeout is now specified
by two parameters: first specifies integral number of
seconds, second (which defaults to 0) specifies fractional
seconds with microsecond resolution.
(Trac #2231, git 15560cac16e4c52129322e3cb1787e0f47cf7850)
482. [func] team
Memory footprint of the in-memory data source has been
substantially improved. For example, b10-auth now requires much
less memory than BIND 9 named for loading and serving the same
zone in-memory. This is a transparent change in terms of user
operation; there's no need to update or change the configuration
to enable this feature.
Notes: multiple instances of b10-auth still make separate copies
of the memory image. Also, loading zones in memory still suspends
query processing, so manual reloading or reloading after incoming
transfer may cause service disruption for huge zones.
(Multiple Trac tickets, Summarized in Trac #2101)
481. [bug] vorner
The abbreviated form of IP addresses in ACLs is accepted
(eg. "from": ["127.0.0.1", "::1"] now works).
(Trac #2191, git 48b6e91386b46eed383126ad98dddfafc9f7e75e)
480. [doc] vorner
Added documentation about global TSIG key ring to the Guide.
(Trac #2189, git 52177bb31f5fb8e134aecb9fd039c368684ad2df)
479. [func] marcin
Refactored perfdhcp tool to C++, added missing unit tests and removed
the old code. The new code uses libdhcp++ (src/lib/dhcp) for DHCP
packet management, network interface management and packet
transmission.
(Trac #1954, git 8d56105742f3043ed4b561f26241f3e4331f51dc)
(Trac #1955, git 6f914bb2c388eb4dd3e5c55297f8988ab9529b3f)
(Trac #1956, git 6f914bb2c388eb4dd3e5c55297f8988ab9529b3f)
(Trac #1957, git 7fca81716ad3a755bf5744e88c3adeef15b04450)
(Trac #1958, git 94e17184270cda58f55e6da62e845695117fede3)
(Trac #1959, git a8cf043db8f44604c7773e047a9dc2861e58462a)
(Trac #1960, git 6c192e5c0903f349b4d80cf2bb6cd964040ae7da)
478. [func] naokikambe
New statistics items added into b10-xfrout: ixfr_running and
axfr_running. Their values can be obtained by invoking "Stats show
Xfrout" via bindctl while b10-xfrout is running.
(Trac #2222, git 91311bdbfea95f65c5e8bd8294ba08fac12405f1)
477. [bug] jelte
Fixed a problem with b10-msgq on OSX when using a custom Python
installation, that offers an unreliable select.poll() interface.
(Trac #2190, git e0ffa11d49ab949ee5a4ffe7682b0e6906667baa)
476. [bug] vorner
The Xfrin now accepts transfers with some TSIG signatures omitted, as
allowed per RFC2845, section 4.4. This solves a compatibility
issues with Knot and NSD.
(Trac #1357, git 7ca65cb9ec528118f370142d7e7b792fcc31c9cf)
475. [func] naokikambe
Added Xfrout statistics counters: notifyoutv4, notifyoutv6,
xfrrej, and xfrreqdone. These are per-zone type counters.
The value of these counters can be seen with zone name by
invoking "Stats show Xfrout" via bindctl.
(Trac #2158, git e68c127fed52e6034ab5309ddd506da03c37a08a)
474. [func] stephen
DHCP servers now use the BIND 10 logging system for messages.
(Trac #1545, git de69a92613b36bd3944cb061e1b7c611c3c85506)
473. [bug] jelte
TCP connections now time out in b10-auth if no (or not all) query
data is sent by the client. The timeout value defaults to 5000
milliseconds, but is configurable in Auth/tcp_recv_timeout.
(Trac #357, git cdf3f04442f8f131542bd1d4a2228a9d0bed12ff)
472. [build] jreed
All generated documentation is removed from the git repository.
The ./configure --enable-man option is removed. A new option
-enable-generate-docs is added; it checks for required
documentation building dependencies. Dummy documentation is
built and installed if not used. Distributed tarballs will
contain the generated documentation.
(Trac #1687, git 2d4063b1a354f5048ca9dfb195e8e169650f43d0)
471. [bug] vorner
Fixed a problem when b10-loadzone tried to tread semicolon
in string data as start of comment, which caused invalid
data being loaded.
(Trac #2188, git 12efec3477feb62d7cbe36bdcfbfc7aa28a36f57)
470. [func] naokikambe
The stats module now supports partial statistics updates. Each
module can return only statistics data which have been updated since
the last time it sent them to the stats module. The purpose of partial
updates is to reduce the amount of statistics data sent through the
message queue.
(Trac #2179, git d659abdd9f3f369a29830831297f64484ac7b051)
469. [bug] jelte
libdatasrc: the data source client list class now ignores zone
content problems (such as out-of-zone data) in MasterFiles type
zones, instead of aborting the entire configuration. It only logs
an error, and all other zones and datasources are still loaded. The
error log message has been improved to include the zone origin and
source file name. As a result of this change, b10-auth no longer
exits upon encountering such errors during startup.
(Trac #2178, git a75ed413e8a1c8e3702beea4811a46a1bf519bbd)
468. [func]* naokikambe, fujiwara
b10-stats polls the bind10 and b10-auth with new 'getstats' command
to retrieve statistics data. The "poll-interval" parameter in
b10-stats is for configuring the polling interval. All statistics
data collected once are preserved while b10-stats is running.
The "sendstats" command was removed from bind10 and b10-auth. The
"statistics-interval" configuration item was removed from b10-auth.
(Trac #2136, git dcb5ce50b4b4e50d28247d5f8b5cb8d90bda942a)
(Trac #2137, git d53bb65a43f6027b15a6edc08c137951e3ce5e0e)
(Trac #2138, git b34e3313460eebc9c272ca8c1beb27297c195150)
bind10-devel-20120816 released on August 16, 2012
467. [bug] jelte
For configurations, allow named sets to contain lists of items.
(Trac #2114, git 712637513505f7afb8434292ca2a98c3517dffd3)
466. [func] jelte
Allow bindctl to add and remove items to and from lists
and dicts for items of type "any". This is for easier
configurations.
(Trac #2184, git ad2d728d1496a9ff59d622077850eed0638b54eb)
465. [doc] vorner
Improved documentation about ACLs in the Guide.
(Trac #2066, git 76f733925b3f3560cfc2ee96d2a19905b623bfc3)
464. [func] jelte, muks
libdns++: The LabelSequence class has been extended with some new
methods. These are mainly intended for internal development, but
the class is public, so interested users may want to look into the
extensions.
(Trac #2052, git 57c61f2^..dbef0e2)
(Trac #2053, git 1fc2b06b57a008ec602daa2dac79939b3cc6b65d)
(Trac #2086, git 3fac7d5579c5f51b8e952b50db510b45bfa986f3)
(Trac #2087, git 49ad6346f574d00cfbd1d12905915fd0dd6a0bac)
(Trac #2148, git 285c2845ca96e7ef89f9158f1dea8cda147b6566)
463. [func] jinmei
Python isc.dns: the Name, RRType and RRClass classes are now
hashable. So, for example, objects of these classes can be used
as a dictionary key.
(Trac #1883, git 93ec40dd0a1df963c676037cc60c066c748b3030)
462. [build] jreed
BIND 10 now compiles against googletest-1.6.0 versions that are
installed on the system as source code. For such versions, use the
--with-gtest-source configure switch.
(Trac #1999, git 6a26d459a40d7eed8ebcff01835377b3394a78de)
461. [bug] muks
We now set g+w and g+s permissions (mode 02770) during
installation for the BIND 10 local state directory
($prefix/var/bind10-devel/) so that permissions to files
and sub-directories created in that directory are inherited.
(Trac #2171, git ab4d20907abdb3ce972172463dcc73405b3dee79)
460. [bug] muks
SSHFP's algorithm and fingerprint type checks have been relaxed
such that they will accept any values in [0,255]. This is so that
future algorithm and fingerprint types are accomodated.
(Trac #2124, git 49e6644811a7ad09e1326f20dd73ab43116dfd21)
459. [func] tomek
b10-dhcp6: DHCPv6 server component is now integrated into
BIND 10 framework. It can be started from BIND 10 (using bindctl)
and can receive commands. The only supported command for now
is 'Dhcp6 shutdown'.
b10-dhcp4: Command line-switch '-s' to disable msgq was added.
b10-dhcp6: Command line-switch '-s' to disable msgq was added.
(Trac #1708, git e0d7c52a71414f4de1361b09d3c70431c96daa3f)
458. [build]* jinmei
BIND 10 now relies on Boost offset_ptr, which caused some new
portability issues. Such issues are detected at ./configure time.
If ./configure stops due to this, try the following workaround:
- If it's about the use of mutable for a reference with clang++,
upgrade Boost version to 1.44 or higher, or try a different
compiler (e.g. g++ generally seems to be free from this issue)
- If it's about the use of "variadic templates", specify
--without-werror so the warning won't be promoted to an error.
Specifying BOOST_NO_USER_CONFIG in CXXFLAGS may also work
(which would be the case if Boost is installed via pkgsrc)
(Trac #2147, git 30061d1139aad8716e97d6b620c259752fd0a3cd)
457. [build]* muks
BIND 10 library names now have a "b10-" prefix. This is to avoid
clashes with other similarly named libraries on the system.
(Trac #2071, git ac20a00c28069804edc0a36050995df52f601efb)
456. [build] muks
BIND 10 now compiles against log4cplus-1.1.0 (RC releases)
also. Note: some older versions of log4cplus don't work any more;
known oldest workable version is 1.0.4. Thanks to John Lumby for
sending a patch.
(Trac #2169, git 7d7e5269d57451191c0aef1b127d292d3615fe2c)
455. [func]* vorner
The server now uses newer API for data sources. This would be an
internal change, however, the data sources are now configured
differently. Please, migrate your configuration to the top-level
"data_sources" module. Also the bind10 -n and --no-cache
and b10-auth -n options are removed.
(Trac #1976, git 0d4685b3e7603585afde1b587cbfefdfaf6a1bb3)
454. [bug] jelte
b10-cfgmgr now loads its configuration check plugins directly from
the plugin search path, as opposed to importing them from the
general python system module path list; this prevents naming
conflicts with real python modules.
(Trac #2119, git 2f68d7ac5c3c7cc88a3663191113eece32d46a3d)
453. [bug] jelte
b10-auth no longer tries to send DDNS UPDATE messages to b10-ddns if
b10-ddns is not running. Sending an UPDATE to BIND 10 that is not
configured to run DDNS will now result in a response with rcode
NOTIMP instead of SERVFAIL.
(Trac #1986, git bd6b0a5ed3481f78fb4e5cb0b18c7b6e5920f9f8)
452. [func] muks, jelte
isc-sysinfo: An initial implementation of the isc-sysinfo
tool is now available for Linux, OpenBSD, FreeBSD, and Mac
OS X. It gathers and outputs system information which can
be used by future tech support staff. This includes a
generic Python "sysinfo" module.
(Trac #2062, #2121, #2122, #2172,
git 144e80212746f8d55e6a59edcf689fec9f32ae95)
451. [bug] muks, jinmei
libdatasrc: the database-based data source now correctly returns
glue records on (not under) a zone cut, such as in the case where
the NS name of an NS record is identical to its owner name. (Note:
libdatasrc itself doesn't judge what kind of record type can be a
"glue"; it's the caller's responsibility.)
(Trac #1771, git 483f1075942965f0340291e7ff7dae7806df22af)
450. [func] tomek
b10-dhcp4: DHCPv4 server component is now integrated into
BIND 10 framework. It can be started from BIND 10 (using bindctl)
and can receive commands. The only supported command for now
is 'Dhcp4 shutdown'.
(Trac #1651, git 7e16a5a50d3311e63d10a224ec6ebcab5f25f62c)
bind10-devel-20120621 released on June 21, 2012
449. [bug] muks
b10-xfin: fixed a bug where xfrin sent the wrong notification
message to zonemgr on successful zone transfer. This also
solves other reported problems such as too frequent attempts
of zone refreshing (see Trac #1786 and #1834).
(Trac #2023, git b5fbf8a408a047a2552e89ef435a609f5df58d8c)
448. [func] team
b10-ddns is now functional and handles dynamic update requests
per RFC 2136. See BIND 10 guide for configuration and operation
details.
(Multiple Trac tickets)
447. [bug] jinmei
Fixed a bug in b10-xfrout where a helper thread could fall into
an infinite loop if b10-auth stops while the thread is waiting for
forwarded requests from b10-auth.
(Trac #988 and #1833, git 95a03bbefb559615f3f6e529d408b749964d390a)
446. [bug] muks
A number of warnings reported by Python about unclosed file and
socket objects were fixed. Some related code was also made safer.
(Trac #1828, git 464682a2180c672f1ed12d8a56fd0a5ab3eb96ed)
445. [bug]* jinmei
The pre-install check for older SQLite3 DB now refers to the DB
file with the prefix of DESTDIR. This ensures that 'make install'
with specific DESTDIR works regardless of the version of the DB
file installed in the default path.
(Trac #1982, git 380b3e8ec02ef45555c0113ee19329fe80539f71)
444. [bug] jinmei
libdatasrc: fixed ZoneFinder for database-based data sources so
that it handles type DS query correctly, i.e., treating it as
authoritative data even on a delegation point.
(Trac #1912, git 7130da883f823ce837c10cbf6e216a15e1996e5d)
443. [func]* muks
The logger now uses a lockfile named `logger_lockfile' that is
created in the local state directory to mutually separate
individual logging operations from various processes. This is
done so that log messages from different processes don't mix
together in the middle of lines. The `logger_lockfile` is created
with file permission mode 0660. BIND 10's local state directory
should be writable and perhaps have g+s mode bit so that the
`logger_lockfile` can be opened by a group of processes.
(Trac #1704, git ad8d445dd0ba208107eb239405166c5c2070bd8b)
442. [func] tomek
b10-dhcp4, b10-dhcp6: Both DHCP servers now accept -p parameter
that can be used to specify listening port number. This capability
is useful only for testing purposes.
(Trac #1503, git e60af9fa16a6094d2204f27c40a648fae313bdae)
441. [func] tomek
libdhcp++: Stub interface detection (support for interfaces.txt
file) was removed.
(Trac #1281, git 900fc8b420789a8c636bcf20fdaffc60bc1041e0)
bind10-devel-20120517 released on May 17, 2012
440. [func] muks
bindctl: improved some error messages so they will be more
helpful. Those include the one when the zone name is unspecified
or the name is invalid in the b10-auth configuration.
(Trac #1627, git 1a4d0ae65b2c1012611f4c15c5e7a29d65339104)
439. [func] team
The in-memory data source can now load zones from the
sqlite3 data source, so that zones stored in the database
(and updated for example by xfrin) can be served from memory.
(Trac #1789,#1790,#1792,#1793,#1911,
git 93f11d2a96ce4dba9308889bdb9be6be4a765b27)
438. [bug] naokikambe
b10-stats-httpd now sends the system a notification that
it is shutting down if it encounters a fatal error during
startup.
(Trac #1852, git a475ef271d4606f791e5ed88d9b8eb8ed8c90ce6)
437. [build] jinmei
Building BIND 10 may fail on MacOS if Python has been
installed via Homebrew unless --without-werror is specified.
The configure script now includes a URL that explains this
issue when it detects failure that is possibly because of
this problem.
(Trac #1907, git 0d03b06138e080cc0391fb912a5a5e75f0f97cec)
436. [bug] jelte
The --config-file option now works correctly with relative paths if
--data-path is not given.
(Trac #1889, git ce7d1aef2ca88084e4dacef97132337dd3e50d6c)
435. [func] team
The in-memory datasource now supports NSEC-signed zones.
(Trac #1802-#1810, git 2f9aa4a553a05aa1d9eac06f1140d78f0c99408b)
434. [func] tomek
libdhcp++: Linux interface detection refactored. The code is
now cleaner. Tests better support certain versions of ifconfig.
(Trac #1528, git 221f5649496821d19a40863e53e72685524b9ab2)
433. [func] tomek
libdhcp++: Option6 and Pkt6 now follow the same design as
options and packet for DHCPv4. General code refactoring after
end of 2011 year release.
(Trac #1540, git a40b6c665617125eeb8716b12d92d806f0342396)
432. [bug]* muks
BIND 10 now installs its header files in a BIND 10 specific
sub-directory in the install prefix.
(Trac #1930, git fcf2f08db9ebc2198236bfa25cf73286821cba6b)
431. [func]* muks
BIND 10 no longer starts b10-stats-httpd by default.
(Trac #1885, git 5c8bbd7ab648b6b7c48e366e7510dedca5386f6c)
430. [bug] jelte
When displaying configuration data, bindctl no longer treats
optional list items as an error, but shows them as an empty list.
(Trac #1520, git 0f18039bc751a8f498c1f832196e2ecc7b997b2a)
429. [func] jelte
Added an 'execute' component to bindctl, which executes either a set
of commands from a file or a built-in set of commands. Currently,
only 'init_authoritative_server' is provided as a built-in set, but
it is expected that more will be added later.
(Trac #1843, git 551657702a4197ef302c567b5c0eaf2fded3e121)
428. [bug] marcin
perfdhcp: bind to local address to allow reception of
replies from IPv6 DHCP servers.
(Trac #1908, git 597e059afaa4a89e767f8f10d2a4d78223af3940)
427. [bug] jinmei
libdatasrc, b10-xfrin: the zone updater for database-based data
sources now correctly distinguishes NSEC3-related RRs (NSEC3 and
NSEC3-covering RRSIG) from others, and the SQLite3 implementation
now manipulates them in the separate table for the NSEC3 namespace.
As a result b10-xfrin now correctly updates NSEC3-signed zones by
inbound zone transfers.
(Trac #1781,#1788,#1891, git 672f129700dae33b701bb02069cf276238d66be3)
426. [bug] vorner
The NSEC3 records are now included when transferring a
signed zone out.
(Trac #1782, git 36efa7d10ecc4efd39d2ce4dfffa0cbdeffa74b0)
425. [func]* muks
Don't autostart b10-auth, b10-xfrin, b10-xfrout and b10-zonemgr in
the default configuration.
(Trac #1818, git 31de885ba0409f54d9a1615eff5a4b03ed420393)
424. [bug] jelte
Fixed a bug in bindctl where in some cases, configuration settings
in a named set could disappear, if a child element is modified.
(Trac #1491, git 00a36e752802df3cc683023d256687bf222e256a)
423. [bug] jinmei
The database based zone iterator now correctly resets mixed TTLs
of the same RRset (when that happens) to the lowest one. The
previous implementation could miss lower ones if it appears in a
later part of the RRset.
(part of Trac #1791, git f1f0bc00441057e7050241415ee0367a09c35032)
422. [bug] jinmei
The database based zone iterator now separates RRSIGs of the same
name and type but for different covered types.
(part of Trac #1791, git b4466188150a50872bc3c426242bc7bba4c5f38d)
421. [build] jinmei
Made sure BIND 10 can be built with clang++ 3.1. (It failed on
MacOS 10.7 using Xcode 4.3, but it's more likely to be a matter of
clang version.)
(Trac #1773, git ceaa247d89ac7d97594572bc17f005144c5efb8d)
420. [bug]* jinmei, stephen
Updated the DB schema used in the SQLite3 data source so it can
use SQL indices more effectively. The previous schema had several
issues in this sense and could be very slow for some queries on a
very large zone (especially for negative answers). This change
requires a major version up of the schema; use b10-dbutil to
upgrade existing database files. Note: 'make install' will fail
unless old DB files installed in the standard location have been
upgraded.
(Trac #324, git 8644866497053f91ada4e99abe444d7876ed00ff)
419. [bug] jelte
JSON handler has been improved; escaping now works correctly
(including quotes in strings), and it now rejects more types of
malformed input.
(Trac #1626, git 3b09268518e4e90032218083bcfebf7821be7bd5)
418. [bug] vorner
Fixed crash in bindctl when config unset was called.
(Trac #1715, git 098da24dddad497810aa2787f54126488bb1095c)
417. [bug] jelte
The notify-out code now looks up notify targets in their correct
zones (and no longer just in the zone that the notify is about).
(Trac #1535, git 66300a3c4769a48b765f70e2d0dbf8bbb714435b)
416. [func]* jelte
The implementations of ZoneFinder::find() now throw an OutOfZone
exception when the name argument is not in or below the zone this
zonefinder contains.
(Trac #1535, git 66300a3c4769a48b765f70e2d0dbf8bbb714435b)
bind10-devel-20120329 released on March 29, 2012
415. [doc] jinmei, jreed
BIND 10 Guide updated to now describe the in-memory data source
configurations for b10-auth.
(Trac #1732, git 434d8db8dfcd23a87b8e798e5702e91f0bbbdcf6)
414. [bug] jinmei
b10-auth now correctly handles delegation from an unsigned zone
(defined in the in-memory data source) when the query has DNSSEC
DO bit on. It previously returned SERVFAIL.
(Trac #1836, git 78bb8f4b9676d6345f3fdd1e5cc89039806a9aba)
413. [func] stephen, jelte
Created a new tool b10-dbutil, that can check and upgrade database
schemas, to be used when incompatible changes are introduced in the
backend database schema. Currently it only supports sqlite3 databases.
Note: there's no schema change that requires this utility as of
the March 29th release. While running it shouldn't break
an existing database file, it should be even more advisable not to
run it at the moment.
(Trac #963, git 49ba2cf8ac63246f389ab5e8ea3b3d081dba9adf)
412. [func] jelte
Added a command-line option '--clear-config' to bind10, which causes
the system to create a backup of the existing configuration database
file, and start out with a clean default configuration. This can be
used if the configuration file is corrupted to the point where it
cannot be read anymore, and BIND 10 refuses to start. The name of
the backup file can be found in the logs (CFGMGR_RENAMED_CONFIG_FILE).
(Trac #1443, git 52b36c921ee59ec69deefb6123cbdb1b91dc3bc7)
411. [func] muks
Add a -i/--no-kill command-line argument to bind10, which stops
it from sending SIGTERM and SIGKILL to other b10 processes when
they're shutting down.
(Trac #1819, git 774554f46b20ca5ec2ef6c6d5e608114f14e2102)
410. [bug] jinmei
Python CC library now ensures write operations transmit all given
data (unless an error happens). Previously it didn't check the
size of transmitted data, which could result in partial write on
some systems (notably on OpenBSD) and subsequently cause system
hang up or other broken state. This fix specifically solves start
up failure on OpenBSD.
(Trac #1829, git 5e5a33213b60d89e146cd5e47d65f3f9833a9297)
409. [bug] jelte
Fixed a parser bug in bindctl that could make bindctl crash. Also
improved 'command help' output; argument order is now shown
correctly, and parameter descriptions are shown as well.
(Trac #1172, git bec26c6137c9b0a59a3a8ca0f55a17cfcb8a23de)
408. [bug] stephen, jinmei
b10-auth now filters out duplicate RRsets when building a
response message using the new query handling logic. It's
currently only used with the in-memory data source, but will
also be used for others soon.
(Trac #1688, git b77baca56ffb1b9016698c00ae0a1496d603d197)
407. [build] haikuo
Remove "--enable-boost-threads" switch in configure command. This
thread lock mechanism is useless for bind10 and causes performance
hits.
(Trac #1680, git 9c4d0cadf4adc802cc41a2610dc2c30b25aad728)
406. [bug] muks
On platforms such as OpenBSD where pselect() is not available,
make a wrapper around select() in perfdhcp.
(Trac #1639, git 6ea0b1d62e7b8b6596209291aa6c8b34b8e73191)
405. [bug] jinmei
Make sure disabling Boost threads if the default configuration is
to disable it for the system. This fixes a crash and hang up
problem on OpenBSD, where the use of Boost thread could be
different in different program files depending on the order of
including various header files, and could introduce inconsistent
states between a library and a program. Explicitly forcing the
original default throughout the BIND 10 build environment will
prevent this from happening.
(Trac #1727, git 23f9c3670b544c5f8105958ff148aeba050bc1b4)
404. [bug] naokikambe
The statistic counters are now properly accumulated across multiple
instances of b10-auth (if there are multiple instances), instead of
providing result for random instance.
(Trac #1751, git 3285353a660e881ec2b645e1bc10d94e5020f357)
403. [build]* jelte
The configure option for botan (--with-botan=PATH) is replaced by
--with-botan-config=PATH, which takes a full path to a botan-config
script, instead of the botan 'install' directory. Also, if not
provided, configure will try out config scripts and pkg-config
options until it finds one that works.
(Trac #1640, git 582bcd66dbd8d39f48aef952902f797260280637)
402. [func] jelte
b10-xfrout now has a visible command to send out notifies for
a given zone, callable from bindctl. Xfrout notify <zone> [class]
(Trac #1321, git 0bb258f8610620191d75cfd5d2308b6fc558c280)
401. [func]* jinmei
libdns++: updated the internal implementation of the
MessageRenderer class. This is mostly a transparent change, but
the new version now doesn't allow changing compression mode in the
middle of rendering (which shouldn't be an issue in practice).
On the other hand, name compression performance was significantly
improved: depending on the number of names, micro benchmark tests
showed the new version is several times faster than the previous
version .
(Trac #1603, git 9a2a86f3f47b60ff017ce1a040941d0c145cfe16)
400. [bug] stephen
Fix crash on Max OS X 10.7 by altering logging so as not to allocate
heap storage in the static initialization of logging objects.
(Trac #1698, git a8e53be7039ad50d8587c0972244029ff3533b6e)
399. [func] muks
Add support for the SSHFP RR type (RFC 4255).
(Trac #1136, git ea5ac57d508a17611cfae9d9ea1c238f59d52c51)
398. [func] jelte
The b10-xfrin module now logs more information on successful
incoming transfers. In the case of IXFR, it logs the number of
changesets, and the total number of added and deleted resource
records. For AXFR (or AXFR-style IXFR), it logs the number of
resource records. In both cases, the number of overhead DNS
messages, runtime, amount of wire data, and transfer speed are logged.
(Trac #1280, git 2b01d944b6a137f95d47673ea8367315289c205d)
397. [func] muks
The boss process now gives more helpful description when a
sub-process exits due to a signal.
(Trac #1673, git 1cd0d0e4fc9324bbe7f8593478e2396d06337b1e)
396. [func]* jinmei
libdatasrc: change the return type of ZoneFinder::find() so it can
contain more context of the search, which can be used for
optimizing post find() processing. A new method getAdditional()
is added to it for finding additional RRsets based on the result
of find(). External behavior shouldn't change. The query
handling code of b10-auth now uses the new interface.
(Trac #1607, git 2e940ea65d5b9f371c26352afd9e66719c38a6b9)
395. [bug] jelte
The log message compiler now errors (resulting in build failures) if
duplicate log message identifiers are found in a single message file.
Renamed one duplicate that was found (RESOLVER_SHUTDOWN, renamed to
RESOLVER_SHUTDOWN_RECEIVED).
(Trac #1093, git f537c7e12fb7b25801408f93132ed33410edae76)
(Trac #1741, git b8960ab85c717fe70ad282e0052ac0858c5b57f7)
394. [bug] jelte
b10-auth now catches any exceptions during response building; if any
datasource either throws an exception or causes an exception to be
thrown, the message processing code will now catch it, log a debug
message, and return a SERVFAIL response.
(Trac #1612, git b5740c6b3962a55e46325b3c8b14c9d64cf0d845)
393. [func] jelte
Introduced a new class LabelSequence in libdns++, which provides
lightweight accessor functionality to the Name class, for more
efficient comparison of parts of names.
(Trac #1602, git b33929ed5df7c8f482d095e96e667d4a03180c78)
392. [func]* jinmei
libdns++: revised the (Abstract)MessageRenderer class so that it
has a default internal buffer and the buffer can be temporarily
switched. The constructor interface was modified, and a new
method setBuffer() was added.
(Trac #1697, git 9cabc799f2bf9a3579dae7f1f5d5467c8bb1aa40)
391. [bug]* vorner
The long time unused configuration options of Xfrout "log_name",
"log_file", "log_severity", "log_version" and "log_max_bytes" were
removed, as they had no effect (Xfrout uses the global logging
framework). However, if you have them set, you need to remove
them from the configuration file or the configuration will be
rejected.
(Trac #1090, git ef1eba02e4cf550e48e7318702cff6d67c1ec82e)
bind10-devel-20120301 released on March 1, 2012
390. [bug] vorner
The UDP IPv6 packets are now correctly fragmented for maximum
guaranteed MTU, so they won't get lost because being too large
for some hop.
(Trac #1534, git ff013364643f9bfa736b2d23fec39ac35872d6ad)
389. [func]* vorner
Xfrout now uses the global TSIG keyring, instead of its own. This
means the keys need to be set only once (in tsig_keys/keys).
However, the old configuration of Xfrout/tsig_keys need to be
removed for Xfrout to work.
(Trac #1643, git 5a7953933a49a0ddd4ee1feaddc908cd2285522d)
388. [func] jreed
Use prefix "sockcreator-" for the private temporary directory
used for b10-sockcreator communication.
(git b98523c1260637cb33436964dc18e9763622a242)
387. [build] muks
Accept a --without-werror configure switch so that some builders can
disable the use of -Werror in CFLAGS when building.
(Trac #1671, git 8684a411d7718a71ad9fb616f56b26436c4f03e5)
386. [bug] jelte
Upon initial sqlite3 database creation, the 'diffs' table is now
always created. This already happened most of the time, but there
are a few cases where it was skipped, resulting in potential errors
in xfrout later.
(Trac #1717, git 30d7686cb6e2fa64866c983e0cfb7b8fabedc7a2)
385. [bug] jinmei
libdns++: masterLoad() didn't accept comments placed at the end of
an RR. Due to this the in-memory data source cannot load a master
file for a signed zone even if it's preprocessed with BIND 9's
named-compilezone.
Note: this fix is considered temporary and still only accepts some
limited form of such comments. The main purpose is to allow the
in-memory data source to load any signed or unsigned zone files as
long as they are at least normalized with named-compilezone.
(Trac #1667, git 6f771b28eea25c693fe93a0e2379af924464a562)
384. [func] jinmei, jelte, vorner, haikuo, kevin
b10-auth now supports NSEC3-signed zones in the in-memory data
source.
(Trac #1580, #1581, #1582, #1583, #1584, #1585, #1587, and
other related changes to the in-memory data source)
383. [build] jinmei
Fixed build failure on MacOS 10.7 (Lion) due to the use of
IPV6_PKTINFO; the OS requires a special definition to make it
visible to the compiler.
(Trac #1633, git 19ba70c7cc3da462c70e8c4f74b321b8daad0100)
382. [func] jelte
b10-auth now also experimentally supports statistics counters of
the rcode responses it sends. The counters can be shown as
rcode.<code name>, where code name is the lowercase textual
representation of the rcode (e.g. "noerror", "formerr", etc.).
Same note applies as for opcodes, see changelog entry 364.
(Trac #1613, git e98da500d7b02e11347431a74f2efce5a7d622aa)
381. [bug] jinmei
b10-auth: honor the DNSSEC DO bit in the new query handler.
(Trac #1695, git 61f4da5053c6a79fbc162fb16f195cdf8f94df64)
380. [bug] jinmei
libdns++: miscellaneous bug fixes for the NSECPARAM RDATA
implementation, including incorrect handling for empty salt and
incorrect comparison logic.
(Trac #1638, git 966c129cc3c538841421f1e554167d33ef9bdf25)
379. [bug] jelte
Configuration commands in bindctl now check for list indices if
the 'identifier' argument points to a child element of a list
item. Previously, it was possible to 'get' non-existent values
by leaving out the index, e.g. "config show Auth/listen_on/port,
which should be config show Auth/listen_on[<index>]/port, since
Auth/listen_on is a list. The command without an index will now
show an error. It is still possible to show/set the entire list
("config show Auth/listen_on").
(Trac #1649, git 003ca8597c8d0eb558b1819dbee203fda346ba77)
378. [func] vorner
It is possible to start authoritative server or resolver in multiple
instances, to use more than one core. Configuration is described in
the guide.
(Trac #1596, git 17f7af0d8a42a0a67a2aade5bc269533efeb840a)
377. [bug] jinmei
libdns++: miscellaneous bug fixes for the NSEC and NSEC3 RDATA
implementation, including a crash in NSEC3::toText() for some RR
types, incorrect handling of empty NSEC3 salt, and incorrect
comparison logic in NSEC3::compare().
(Trac #1641, git 28ba8bd71ae4d100cb250fd8d99d80a17a6323a2)
376. [bug] jinmei, vorner
The new query handling module of b10-auth did not handle type DS
query correctly: It didn't look for it in the parent zone, and
it incorrectly returned a DS from the child zone if it
happened to exist there. Both were corrected, and it now also
handles the case of having authority for the child and a grand
ancestor.
(Trac #1570, git 2858b2098a10a8cc2d34bf87463ace0629d3670e)
375. [func] jelte
Modules now inform the system when they are stopping. As a result,
they are removed from the 'active modules' list in bindctl, which
can then inform the user directly when it tries to send them a
command or configuration update. Previously this would result
in a 'not responding' error instead of 'not running'.
(Trac #640, git 17e78fa1bb1227340aa9815e91ed5c50d174425d)
374. [func]* stephen
Alter RRsetPtr and ConstRRsetPtr to point to AbstractRRset (instead
of RRset) to allow for specialised implementations of RRsets in
data sources.
(Trac #1604, git 3071211d2c537150a691120b0a5ce2b18d010239)
373. [bug] jinmei
libdatasrc: the in-memory data source incorrectly rejected loading
a zone containing a CNAME RR with RRSIG and/or NSEC.
(Trac #1551, git 76f823d42af55ce3f30a0d741fc9297c211d8b38)
372. [func] vorner
When the allocation of a socket fails for a different reason than the
socket not being provided by the OS, the b10-auth and b10-resolver
abort, as the system might be in inconsistent state after such error.
(Trac #1543, git 49ac4659f15c443e483922bf9c4f2de982bae25d)
371. [bug] jelte
The new query handling module of b10-auth (currently only used with
the in-memory data source) now correctly includes the DS record (or
the denial of its existence if NSEC is used) when returning a
delegation from a signed zone.
(Trac #1573, git bd7a3ac98177573263950303d4b2ea7400781d0f)
370. [func] jinmei
libdns++: a new class NSEC3Hash was introduced as a utility for
calculating NSEC3 hashes for various purposes. Python binding was
provided, too. Also fixed a small bug in the NSEC3PARAM RDATA
implementation that empty salt in text representation was
rejected.
(Trac #1575, git 2c421b58e810028b303d328e4e2f5b74ea124839)
369. [func] vorner
The SocketRequestor provides more information about what error
happened when it throws, by using subclasses of the original
exception. This way a user not interested in the difference can
still use the original exception, while it can be recognized if
necessary.
(Trac #1542, git 2080e0316a339fa3cadea00e10b1ec4bc322ada0)
368. [func]* jinmei
libdatasrc: the interface of ZoneFinder() was changed: WILDCARD
related result codes were deprecated and removed, and the
corresponding information is now provided via a separate accessor
method on FindResult. Other separate FindResult methods will
also tell the caller whether the zone is signed with NSEC or NSEC3
(when necessary and applicable).
(Trac #1611, git c175c9c06034b4118e0dfdbccd532c2ebd4ba7e8)
367. [bug] jinmei
libdatasrc: in-memory data source could incorrectly reject to load
zones containing RRSIG records. For example, it didn't allow
RRSIG that covers a CNAME RR. This fix also makes sure find()
will return RRsets with RRSIGs if they are signed.
(Trac #1614, git e8241ea5a4adea1b42a60ee7f2c5cfb87301734c)
366. [bug] vorner
Fixed problem where a directory named "io" conflicted with the python3
standard module "io" and caused the installation to fail. The
offending directory has been renamed to "cio".
(Trac #1561, git d81cf24b9e37773ba9a0d5061c779834ff7d62b9)
365. [bug] jinmei
libdatasrc: in-memory datasource incorrectly returned delegation
for DS lookups.
(Trac #1571, git d22e90b5ef94880183cd652e112399b3efb9bd67)
364. [func] jinmei
b10-auth experimentally supports statistics counters of incoming
requests per opcode. The counters can be (e.g.) shown as
opcode.<code name> in the output of the bindctl "Stats show"
command, where <code name> is lower-cased textual representation
of opcodes ("query", "notify", etc).
Note: This is an experimental attempt of supporting more
statistics counters for b10-auth, and the interface and output may
change in future versions.
(Trac #1399, git 07206ec76e2834de35f2e1304a274865f8f8c1a5)
bind10-devel-20120119 released on January 19, 2012
363. [func] jelte
Added dummy DDNS module b10-ddns. Currently it does not
provide any functionality, but it is a skeleton implementation
that will be expanded later.
(Trac #1451, git b0d0bf39fbdc29a7879315f9b8e6d602ef3afb1b)
362. [func]* vorner
Due to the socket creator changes, b10-auth and b10-resolver
are no longer needed to start as root. They are started as
the user they should be running, so they no longer have
the -u flag for switching the user after initialization.
Note: this change broke backward compatibility to boss component
configuration. If your b10-config.db contains "setuid" for
Boss.components, you'll need to remove that entry by hand before
starting BIND 10.
(Trac #1508, #1509, #1510,
git edc5b3c12eb45437361484c843794416ad86bb00)
361. [func] vorner,jelte,jinmei
The socket creator is now used to provide sockets. It means you can
reconfigure the ports and addresses at runtime even when the rest
of the bind10 runs as non root user.
(Trac #805,#1522, git 1830215f884e3b5efda52bd4dbb120bdca863a6a)
360. [bug] vorner
Fixed problem where bindctl crashed when a duplicate non-string
item was added to a list. This error is now properly reported.
(Trac #1515, git a3cf5322a73e8a97b388c6f8025b92957e5d8986)
359. [bug] kevin
Corrected SOA serial check in xfrout. It now compares the SOA
serial of an IXFR query with that of the server based serial
number arithmetic, and replies with a single SOA record of the
server's current version if the former is equal to or newer
than the latter.
(Trac #1462, git ceeb87f6d539c413ebdc66e4cf718e7eb8559c45)
358. [bug] jinmei
b10-resolver ignored default configuration parameters if listen_on
failed (this can easily happen especially for a test environment
where the run time user doesn't have root privilege), and even if
listen_on was updated later the resolver wouldn't work correctly
unless it's fully restarted (for example, all queries would be
rejected due to an empty ACL).
(Trac #1424, git 2cba8cb83cde4f34842898a848c0b1182bc20597)
357. [bug] jinmei
ZoneFinder::find() for database based data sources didn't
correctly identify out-of-zone query name and could return a
confusing result such as NXRRSET. It now returns NXDOMAIN with an
empty RRset. Note: we should rather throw an exception in such a
case, which should be revisited later (see Trac #1536).
(Trac #1430, git b35797ba1a49c78246abc8f2387901f9690b328d)
356. [doc] tomek
BIND 10 Guide updated. It now describes DHCPv4 and DHCPv6
components, including their overview, usage, supported standard
and limitations. libdhcp++ is also described.
(Trac #1367, git 3758ab360efe1cdf616636b76f2e0fb41f2a62a0)
355. [bug] jinmei
Python xfrin.diff module incorrectly combined RRSIGs of different
type covered, possibly merging different TTLs. As a result a
secondary server could store different RRSIGs than those at the
primary server if it gets these records via IXFR.
(Trac #1502, git 57b06f8cb6681f591fa63f25a053eb6f422896ef)
354. [func] tomek
dhcp4: Support for DISCOVER and OFFER implemented. b10-dhcp4 is
now able to offer hardcoded leases to DHCPv4 clients.
dhcp6: Code refactored to use the same approach as dhcp4.
(Trac #1230, git aac05f566c49daad4d3de35550cfaff31c124513)
353. [func] tomek
libdhcp++: Interface detection in Linux implemented. libdhcp++
is now able (on Linux systems) to detect available network
interfaces, its link-layer addresses, flags and configured
IPv4 and IPv6 addresses. Interface detection on other
systems is planned.
(Trac #1237, git 8a040737426aece7cc92a795f2b712d7c3407513)
352. [func] tomek
libdhcp++: Transmission and reception of DHCPv4 packets is now
implemented. Low-level hacks are not implemented for transmission
to hosts that don't have IPv4 address yet, so currently the code
is usable for communication with relays only, not hosts on the
same link.
(Trac #1239, #1240, git f382050248b5b7ed1881b086d89be2d9dd8fe385)
351. [func] fdupont
Alpha version of DHCP benchmarking tool added. "perfdhcp" is able to
test both IPv4 and IPv6 servers: it can time the four-packet exchange
(DORA and SARR) as well as time the initial two-packet exchange (DO
and SA). More information can be obtained by invoking the utility
(in tests/tools/perfdhcp) with the "-h" flag.
(Trac #1450, git 85083a76107ba2236732b45524ce7018eefbaf90)
350. [func]* vorner
The target parameter of ZoneFinder::find is no longer present, as the
interface was awkward. To get all the RRsets of a single domain, use
the new findAll method (the same applies to python version, the method
is named find_all).
(Trac #1483,#1484, git 0020456f8d118c9f3fd6fc585757c822b79a96f6)
349. [bug] dvv
resolver: If an upstream server responds with FORMERR to an EDNS
query, try querying it without EDNS.
(Trac #1386, git 99ad0292af284a246fff20b3702fbd7902c45418)
348. [bug] stephen
By default the logging output stream is now flushed after each write.
This fixes a problem seen on some systems where the log output from
different processes was jumbled up. Flushing can be disabled by
setting the appropriate option in the logging configuration.
(Trac #1405, git 2f0aa20b44604b671e6bde78815db39381e563bf)
347. [bug] jelte
Fixed a bug where adding Zonemgr/secondary_zones without explicitly
setting the class value of the added zone resulted in a cryptic
error in bindctl ("Error: class"). It will now correctly default to
IN if not set. This also adds better checks on the name and class
values, and better errors if they are bad.
(Trac #1414, git 7b122af8489acf0f28f935a19eca2c5509a3677f)
346. [build]* jreed
Renamed libdhcp to libdhcp++.
(Trac #1446, git d394e64f4c44f16027b1e62b4ac34e054b49221d)
345. [func] tomek
dhcp4: Dummy DHCPv4 component implemented. Currently it does
nothing useful, except providing skeleton implementation that can
be expanded in the future.
(Trac #992, git d6e33479365c8f8f62ef2b9aa5548efe6b194601)
344. [func] y-aharen
src/lib/statistics: Added statistics counter library for entire server
items and per zone items. Also, modified b10-auth to use it. It is
also intended to use in the other modules such as b10-resolver.
(Trac #510, git afddaf4c5718c2a0cc31f2eee79c4e0cc625499f)
343. [func] jelte
Added IXFR-out system tests, based on the first two test sets of
http://bind10.isc.org/wiki/IxfrSystemTests.
(Trac #1314, git 1655bed624866a766311a01214597db01b4c7cec)
342. [bug] stephen
In the resolver, a FORMERR received from an upstream nameserver
now results in a SERVFAIL being returned as a response to the original
query. Additional debug messages added to distinguish between
different errors in packets received from upstream nameservers.
(Trac #1383, git 9b2b249d23576c999a65d8c338e008cabe45f0c9)
341. [func] tomek
libdhcp++: Support for handling both IPv4 and IPv6 added.
Also added support for binding IPv4 sockets.
(Trac #1238, git 86a4ce45115dab4d3978c36dd2dbe07edcac02ac)
340. [build] jelte
Fixed several linker issues related to recent gcc versions, botan
and gtest.