]> git.ipfire.org Git - thirdparty/pdns.git/blame - docs/changelog/4.2.rst
projects / thirdparty / pdns.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #11431 from jroessler-ox/docs-kskzskroll-update
[thirdparty/pdns.git] / docs / changelog / 4.2.rst
CommitLineData
0a94459a 1Changelogs for 4.2.x
2====================
3
5e58aee0
PD		 4.. changelog::
5 :version: 4.2.3
6 :released: September 2nd 2020
7
8 This release contains the fix for :doc:`PowerDNS Security Advisory 2020-05 <../security-advisories/powerdns-advisory-2020-05>` (CVE-2020-17482)
9
10 .. change::
11 :tags: Bug Fixes
12 :pullreq: 9499
13
14 Raise an exception on invalid hex content in unknown records.
15
16 .. change::
17 :tags: Bug Fixes
18 :pullreq: 9191
19 :tickets: 9181
20
21 mydns: add SOA to list() output
22
f87a4264
PD		 23.. changelog::
24 :version: 4.2.2
25 :released: 9th of April 2020
26
f87a4264
PD		 27 .. change::
28 :tags: Bug Fixes
29 :pullreq: 9010
30
31 fix records ending up in wrong packet section (Kees Monshouwer)
32
33 .. change::
1f552b3b 34 :tags: Improvements
f87a4264
PD		 35 :pullreq: 9003, 8736
36
37 cache: strictly enforce maximum size, and improve cleanup routine
38
39 .. change::
40 :tags: Bug Fixes
41 :pullreq: 9001
42
43 avoid IXFR-in corruption when deltas come in close together (please see the :ref:`ixfr-in-corruption-4.2.2` upgrade notes)
44
45 .. change::
46 :tags: New Features
47 :pullreq: 8786
48
49 api: add includerings option to statistics endpoint
50
51 .. change::
52 :tags: Bug Fixes
53 :pullreq: 8612
54
55 fix out-of-bound access for zero length "serialized" string when using lmdbbackend. (Kees Monshouwer)
56
57 .. change::
58 :tags: Bug Fixes
59 :pullreq: 8602
60
61 bind backend: pthread_mutex_t should be inited and destroyed and not be copied
62
2d99f328
PD		 63.. changelog::
64 :version: 4.2.1
65 :released: 2nd of December 2019
66
67 This release fixes several bugs and makes a few features more robust or intuitive. It also contains a few performance improvements for API users.
68
69 .. change::
70 :tags: Bug Fixes
71 :pullreq: 8589
72 :tickets: 8572
73
74 LUA view: do not crash on empty IP list
75
76 .. change::
77 :tags: Bug Fixes
78 :pullreq: 8576
79
80 API: Accept headers without spaces
81
82 .. change::
83 :tags: Bug Fixes
84 :pullreq: 8570
85 :tickets: 8299
86
87 Avoid database state-related SERVFAILs after a LUA error
88
89 .. change::
90 :tags: Bug Fixes, Improvements, LMDB
91 :pullreq: 8568
92 :tickets: 8134
93
94 Just before 4.2.0, some SQL-related fixes broke edit-zone and other features with the LMDB backend. This has been fixed now. (backport by Kees Monshouwer)
95
96 .. change::
97 :tags: Performance, Improvements
98 :pullreq: 8457
99
100 API: reduce number of database connections (Kees Monshouwer)
101
96f77af6
PD		 102 .. change::
103 :tags: Bug Fixes
104 :pullreq: 8497
105
106 Clear the caches for the entire zone after a patch operation (was apex only).
107 The default default-api-rectify setting was ignored in patchZone(), rectify only took place when the API-RECTIFY metadata was set to "1".
108 (Kees Monshouwer)
109
2d99f328
PD		 110 .. change::
111 :tags: Improvements
112 :pullreq: 8546
113
114 Register a few known RR types and remove an unknown one
115
116 .. change::
117 :tags: New Features, Improvements
118 :pullreq: 8549
119
120 Add SLAVE-RENOTIFY zone metadata support (Matti Hiljanen)
121
122 .. change::
123 :tags: Bug Fixes
124 :pullreq: 8507
125 :tickets: 8217
126
127 rfc2136, pdnsutil: somewhat improve duplicate record handling
128
129 .. change::
130 :tags: Improvements
131 :pullreq: 8548
132
133 bindbackend: use metadata for also-notifies as well (Matti Hiljanen)
134
135 .. change::
136 :tags: Improvements
137 :pullreq: 8508
138 :tickets: 8218
139
140 pdnsutil increase-serial: under SOA-EDIT=INCEPTION-EPOCH, bump as if it is EPOCH
141
142 .. change::
143 :tags: New Features, Improvements
144 :pullreq: 8547
145
146 Add configurable timeout for inbound AXFR (Matti Hiljanen)
147
148 .. change::
149 :tags: Performance, Improvements
150 :pullreq: 8541
151
92e42ffd 152 API: optionally do not return dnssec info in domain list (Chris Hofstaedtler)
2d99f328
PD		 153
154 .. change::
155 :tags: Improvements
156 :pullreq: 8454
157
158 Basic validation of $GENERATE parameters
159
160 .. change::
161 :tags: New Features, Improvements
162 :pullreq: 8428
163
164 Add CentOS 8 as builder target
165
166 .. change::
167 :tags: New Features, Improvements
168 :pullreq: 8341
169
170 gmysql backend, add an option to send the SSL capability flag
171
cdad20bb
PD		 172.. changelog::
173 :version: 4.2.0
174 :released: 30th of August 2019
175
176 Compared to the last release candidate, one more bug has been fixed.
177
f0eeb9b9 178 The LMDB backend is incomplete in this version. Slaving zones works, loading zones with pdnsutil works, but more fine-grained edits (using edit-zone, or the REST API) fail. We hope to fix this soon in a 4.2.x release.
cdad20bb
PD		 179
180 For an overview of features new since 4.1.x, please see `the 4.2.0 announcement blog post <http://blog.powerdns.com/2019/08/29/powerdns-authoritative-server-4-2-0/>`__.
181
182 .. change::
183 :tags: Bug Fixes
184 :pullreq: 8229
185
186 bind getAllDomains: ignore per-zone exceptions
187
e40011c8
PD		 188.. changelog::
189 :version: 4.2.0-rc3
190 :released: 29th of July 2019
191
192 Thanks to an overwhelming amount of testing by our fabulous user community, this release candidate contains a ton of bug fixes (and a few improvements) compared to the previous one. We hope this has shaken out all of the important bugs, so that we can release 4.2.0 soon!
193
194 This release, sadly, cripples the LMDB backend somewhat, due to `transaction-related fixes for the SQL backends <https://github.com/PowerDNS/pdns/pull/7891>`__. We hope to fix `this issue <https://github.com/PowerDNS/pdns/issues/8134>`__ before 4.2.0, or otherwise, early in 4.2.x.
195
196 .. change::
197 :tags: Bug Fixes
198 :pullreq: 8168
199
200 packethandler: Compare TSIG key name using DNSName
201
202 .. change::
203 :tags: Improvements
204 :pullreq: 8172, 8173
205
206 boost.m4 improvements
207
208 .. change::
209 :tags: Bug Fixes
210 :pullreq: 8169
211
212 Make sure we always compile with BOOST_CB_ENABLE_DEBUG set to 0
213
214 .. change::
215 :tags: Bug Fixes
216 :pullreq: 8058
217
218 Fix SERVFAIL when backend returns empty DNSName
219
220 .. change::
221 :tags: Improvements
222 :pullreq: 8126
223
224 add metric for open TCP connections
225
226 .. change::
227 :tags: Bug Fixes
228 :pullreq: 8149
229
230 stop using select() in places where FDs can be >1023
231
232 .. change::
233 :tags: Bug Fixes
234 :pullreq: 8166
235
236 pdnsutil increase-serial: set right ordername
237
238 .. change::
239 :tags: Bug Fixes
240 :pullreq: 8097
241
242 use BIGINT for notified_serial in pg schema (Klaus Darilion)
243
244 .. change::
245 :tags: Improvements, Robustness, Performance
246 :pullreq: 8092
247
248 Various robustness and performance improvements around domain IDs (Kees Monshouwer)
249
250 .. change::
251 :tags: Bug Fixes
252 :pullreq: 8056
253
254 Fix the accounting of servfail-queries in the distributor
255
256 .. change::
257 :tags: Improvements, Build
258 :pullreq: 8064
259
260 remove unused import to enable compile on illumos (Thomas Mieslinger)
261
262 .. change::
263 :tags: Improvements, Performance
264 :pullreq: 8051
265
266 ixfrdist: limit XFR chunk size to 16k
267
268 .. change::
269 :tags: Bug Fixes
270 :pullreq: 8028
271
272 limit compression pointers to 14 bits
273
274 .. change::
275 :tags: Bug Fixes
276 :pullreq: 8037
277
278 catch name & IP parse errors during outgoing notify preparations
279
280 .. change::
281 :tags: Improvements
282 :pullreq: 7998
283
284 Fix a memory leak when sqlite3_exec() fails
285
286 .. change::
287 :tags: Improvements, Build
288 :pullreq: 8019, 7980
289
290 don't enable the tbhandler when libc only pretends to be glibc (James Taylor)
291
292 .. change::
293 :tags: Improvements
294 :pullreq: 8006
295
296 Fix a leak on 'Backend reported permanent error which prevented lookup' error
297
298 .. change::
299 :tags: Improvements
300 :pullreq: 7996
301
302 Clear CMSG_SPACE(sizeof(data)) in cmsghdr to appease valgrind
303
304 .. change::
305 :tags: New Features
306 :pullreq: 7550
307
308 web: make max request/response body size configurable
309
310 .. change::
311 :tags: Improvements
312 :pullreq: 7918
313
314 deprecate SOA autocomplete in pdnsutil check-zone (Kees Monshouwer)
315
316 .. change::
317 :tags: Improvements, Packaging
318 :pullreq: 7889
319
320 move /var/lib/pdns to pdns-server debian package
321
322 .. change::
323 :tags: Improvements
324 :pullreq: 7890
325
326 Show newer features in configure output and --version
327
328 .. change::
329 :tags: Improvements, Performance
330 :pullreq: 7910
331
332 completely disable the packet when cache-ttl=0 (Kees Monshouwer)
333
334 .. change::
335 :tags: Improvements
336 :pullreq: 7943
337
338 Improve error when notification comes in for non-slave zone
339
340 .. change::
341 :tags: Improvements
342 :pullreq: 7962
343
344 web: add edited_serial to Zone object
345
346 .. change::
347 :tags: Improvements, Build
348 :pullreq: 7871
349
350 Adapt calidns for openbsd and other systems without rcvmmsg(2)
351
352 .. change::
353 :tags: Improvements, Performance
354 :pullreq: 7699
355
356 DNSName, speed up toString() conversion
357
0a94459a 358.. changelog::
5ed037ea 359 :version: 4.2.0-rc2
360 :released: 14th of June 2019
361
362 .. change::
363 :tags: Improvements, LMDB
364 :pullreq: 7807
365
366 Make explicit lmdbbackend synchronous option
367
368 .. change::
369 :tags: Improvements, LMDB
370 :pullreq: 7700
371
372 Reduce mmap size for lmdb on 32 bits plus restrict number of shards
373
374 .. change::
375 :tags: Bug Fixes, LMDB
376 :pullreq: 7784, 7697, 7643
377
378 LMDB improvements:
379
380 * lmdbbackend: auth was unset in get() (always true) (Kees Monshouwer)
381 * LMDB defaulted to port 0 for master addresses unless explicitly set
382 * fix ``getAllDomains()`` (Kees Monshouwer)
383
384 .. change::
385 :tags: Bug fixes, Backends
386 :pullreq: 7891
387
388 auth API, pdnsutil: improve backend transaction correctness
389
390 .. change::
391 :tags: Robustness, Backends
392 :pullreq: 7881
393
394 detect SOA cache pollution caused by broken backends (Kees Monshouwer)
395
396 .. change::
397 :tags: Improvements, Backends
398 :pullreq: 7852
399
400 sqlite3: make journal mode configurable; default to WAL
401
402 .. change::
403 :tags: Bug Fixes, Backends
404 :pullreq: 7854
405
406 auth gsql ``getAllDomains``: ignore stou errors
407
408 .. change::
409 :tags: Performance, Backends
410 :pullreq: 7460
411
412 speedup ``getUpdatedMasters()`` for the gsql backends (Kees Monshouwer)
413
414 .. change::
415 :tags: Bug Fixes, Backends
416 :pullreq: 7831, 7787
417
418 Rectify/ENT fixes:
419
420 * Allow updates to override existing ENT records
421 * Fix ENTs removal when "replacing" new records via the API
422
423 .. change::
424 :tags: Bug Fixes, Backends
425 :pullreq: 7363
426
427 Cleanup SOA editing (Kees Monshouwer)
428
429 .. change::
430 :tags: Backends
431 :pullreq: 7753
432
433 pdns_control reopens geoip databases on reload (jpmens)
434
435 .. change::
436 :tags: Backends
437 :pullreq: 7696
438
439 b2b-migrate did not open a transaction, breaking it for lmdb
440
441 .. change::
442 :tags: Backends
443 :pullreq: 7706
444
445 No longer filter DNSSEC metadata when DNSSEC is enabled in gsql
446
447 .. change::
448 :tags: Backends
449 :pullreq: 7580
450
451 Rectify for ent records in narrow zones was slightly wrong. (Kees Monshouwer)
452
453 .. change::
454 :tags: Backends
455 :pullreq: 7529
456
457 Clear caches (meta-data, keys) on domain deletion
458
459 .. change::
460 :tags: Performance, LUA
461 :pullreq: 7869, 7897
462
463 optionally reuse Lua state
464
465 .. change::
466 :tags: Improvements, Portability
467 :pullreq: 7862, 7861, 7818, 7668
468
469 Portability/building improvements:
470
471 * Update boost.m4 to the latest version
472 * Check if ``-latomic`` is needed instead of hardcoding (neheb)
473 * Use ``net-snmp-config --netsnmp-agent-libs`` instead of ``--agent-libs``
474 * bump boost requirement to 1.42 unconditionally
475
476 .. change::
477 :tags: Improvements, Robustness
478 :pullreq: 7864, 7865, 7708
479
480 Robustness improvements:
481
482 * Fix warnings reported by Coverity
483 * Initialize cURL before starting any thread
484 * Don't do unaligned memory access
485
486 .. change::
487 :tags: Improvements, Compliance
488 :pullreq: 7873
489
490 Always truncate when the additional records do not fit in a response (Kees Monshouwer)
491
492 .. change::
493 :tags: Improvements, Compliance
494 :pullreq: 7859
495
496 Remove ``disable-tcp`` option
497
498 .. change::
499 :tags: Improvements, Compliance
500 :pullreq: 7615
501
502 RKEY is missing algorithm field (DNS-Leo)
503
504 .. change::
505 :tags: Bug Fixes, Compliance
506 :pullreq: 7789, 7772
507
508 DNSSEC fixes:
509
510 * Don't sign insecure records with keys from other zones (Kees Monshouwer)
511 * always add DS for secure zones, broken since #7523 (Kees Monshouwer)
512
513 .. change::
514 :tags: Improvements, Compliance
515 :pullreq: 7410
516
517 Ignore Path MTU Discovery on UDP server socket
518
519 .. change::
520 :tags: Features, Tools
521 :pullreq: 7832
522
523 add DoH support to sdig
524
525 .. change::
526 :tags: Bug Fixes, Tools
527 :pullreq: 7801
528 :tickets: 7667
529
530 pdnsutil: show DS for second and further keys too
531
532 .. change::
533 :tags: Features, Tools
534 :pullreq: 7655
535
536 dumresp: add TCP support
537
538 .. change::
539 :tags: Deprecation, API
540 :pullreq: 7797
541
542 API: mark ``set-ptr`` as deprecated (zeha)
543
544 .. change::
545 :tags: Robustness
546 :pullreq: 7790, 7569, 7662, 7503, 7517, 7587
547
548 Various robustness improvements:
549
550 * Do not busy loop if we get lots of notifies.
551 * Improve error reporting with garbage in the 'master' field of the database
552 * Do not exit on exception resolving addresses to notify
553 * Auth ringbuffer summaries were case sensitive & accounted delegations incorrectly
554 * plug mysql_thread_init memory leak
555 * Ensure we increase the number of queued queries before decreasing it
556
557 .. change::
558 :tags: Performance, DNSSEC
559 :pullreq: 7523
560
561 disable dnssec pre-processing for non dnssec zones and avoid a lot of ``isSecuredZone()`` calls (Kees Monshouwer)
562
563 .. change::
564 :tags: Bug fixes
565 :pullreq: 7723
566
567 rename 'supermaster' option to 'superslave'
568
569 .. change::
570 :tags: Improvements, Webserver
571 :pullreq: 5932
572
573 improve logging in the web server
574
575 .. change::
576 :tags: Features, Tools
577 :pullreq: 7481
578
579 pdnsutil, dnswasher: add support for encrypting IP addresses
580
581 .. change::
582 :tags: Improvements
583 :pullreq: 7584
584
585 GSQL: Log more data in error messages
586
587.. changelog::
588 :version: 4.2.0-rc1
589 :released: 19th of March 2019
0a94459a 590
e303c61e
EW		 591 .. change::
592 :tags: Bug Fixes
593 :pullreq: 7576
594 :tickets: 7573
595
596 Insufficient validation in the HTTP remote backend (CVE-2019-3871, PowerDNS Security Advisory :doc:`2019-03 <../security-advisories/powerdns-advisory-2019-03>`)
597
598 .. change::
599 :tags: Bug Fixes, API
600 :pullreq: 7546
601 :tickets: 7545
602
603 Fix API search failed with "Commands out of sync; you can't run this command now".
604
605 .. change::
606 :tags: Bug Fixes, GeoIP
607 :pullreq: 7219
608
609 Fix static lookup when using weighted records on multiple record types.
610
611 .. change::
612 :tags: Improvements, DNSSEC
613 :pullreq: 7516
614
615 Report ``checkKey`` errors upwards.
616
ee3e3ec6 617 .. change::
618 :tags: Bug Fixes, MySQL
619 :pullreq: 7496
620 :tickets: 7493
621
622 Fix invalid SOA record in MySQL which prevented the authoritative
623 server from starting.
624
625 .. change::
626 :tags: Improvements
627 :pullreq: 6872
628
629 ixfrdist: Add option to limit AXFR record count.
630
631 .. change::
632 :tags: Improvements, API
633 :pullreq: 7326
634 :tickets: 5430
635
636 Add ``type`` filter to search-data api.
637
638 .. change::
639 :tags: Improvements, Internals
640 :pullreq: 7502
641
642 Use a less expensive way to get memory stats for ``real-memory-usage``.
643
644 .. change::
645 :tags: Improvements, API
646 :pullreq: 7359
647 :tickets: 7357
648
649 Add ``rcode`` response statistics on API.
650
651 .. change::
652 :tags: Improvements
653 :pullreq: 7490
654 :tickets: 7393
655
656 Lua records: Add ``useragent`` option to ``ifurlup`` and set a default.
657
658 .. change::
659 :tags: Improvements, Remote
660 :pullreq: 7448
661 :tickets: 7444
662
663 remotebackend: Implement ``getUpdatedMasters``.
664
665 .. change::
666 :tags: Bug Fixes
667 :pullreq: 7494
668
669 Correctly interpret an empty AXFR response to an IXFR query.
670
671 .. change::
672 :tags: Improvements
673 :pullreq: 7492
674 :tickets: 6853
675
676 Lua: Expose ``dns_random`` as ``pdnsrandom``.
677
678 .. change::
679 :tags: Improvements, API
680 :pullreq: 7491
681 :tickets: 6451
682
683 Use commas instead of spaces when setting Zone Masters via the REST API.
684
685 .. change::
686 :tags: Bug Fixes, API
687 :pullreq: 7488
688 :tickets: 6114
689
690 Improve handling of out of range ``modified_at`` value.
691
692 .. change::
693 :tags: Bug Fixes, Tools
694 :pullreq: 7482
695
696 Fix output order of pdnsutil ``add-record``.
697
698 .. change::
699 :tags: Bug Fixes
700 :pullreq: 7352
701
702 Respect packet size limits, even with ECS and TSIG.
703
704 .. change::
705 :tags: Bug Fixes
706 :pullreq: 7459
707 :tickets: 7429
708
709 Fix dot stripping in ``setcontent()``.
710
711 .. change::
712 :tags: Improvements, API
713 :pullreq: 7463
714
715 Improve RRset validation.
716
717 .. change::
718 :tags: Bug Fixes, MySQL
719 :pullreq: 7475
720
721 Avoid infinite loop in mydnsbackend.
722
723 .. change::
724 :tags: Bug Fixes, LMDB
725 :pullreq: 7472
726 :tickets: 7471
727
728 Do not compress the root since LMDB backend cannot set a root zone
729 with a compressible SOA record.
730
731 .. change::
732 :tags: Bug Fixes, LMDB
733 :pullreq: 7470
734 :tickets: 7453
735
736 Avoid duplicate NSEC3 records in presigned zones in LMDB backend.
737
738 .. change::
739 :tags: New Features, LMDB
740 :pullreq: 7453
741
742 Authoritative LMDB backend.
743
744 .. change::
745 :tags: Improvements, Internals
746 :pullreq: 7412
747
748 Be smarter about trimming whitespace when creating records from ASCII.
749
750 .. change::
751 :tags: Improvements, Internals
752 :pullreq: 6634
753
754 More sandboxing using SystemD's features.
755
756 .. change::
757 :tags: Improvements, Internals
758 :pullreq: 7353
759
760 Fix attempt to restrict / speed-up additional processing to auth zone.
761
762 .. change::
763 :tags: Bug Fixes, Tools
764 :pullreq: 7148
765
766 sdig: Handle non-IN class records better.
767
768 .. change::
769 :tags: Improvements, DNSSEC
770 :pullreq: 7340
771
772 Error on DNSSEC default misconfiguration.
773
774 .. change::
775 :tags: Bug Fixes, Improvements, Tools
776 :pullreq: 7364
777
778 Dnsscope off-by-one + domain-filter.
779
780 .. change::
781 :tags: Bug Fixes, Internals
782 :pullreq: 7382
783
784 Fix ``dns_random()`` always returning 0 when the minimum acceptable value is 0.
785
786 .. change::
787 :tags: Bug Fixes, Internals
788 :pullreq: 7320
789
790 Lower ``udp-truncation-threshold`` by default to 1232.
791
792 .. change::
793 :tags: Improvements, Internals
794 :pullreq: 7293
795
796 Make ``pdns_control notify *`` also notify slaves zones.
797
798 .. change::
799 :tags: Improvements, Internals
800 :pullreq: 7348
801
802 Zero out QTYPE response numbers in our statistics. Makes Valgrind
803 usable on auth again.
804
805 .. change::
806 :tags: Bug Fixes, Tools
807 :pullreq: 7244
808 :tickets: 7319
809
810 pdns_notify: Support hostname for notification.
811
812 .. change::
813 :tags: Improvements, Internals
814 :pullreq: 7345
815
816 Improve memory handling for NSEC(3) records with lots of types.
817
818 .. change::
819 :tags: Bug Fixes
820 :pullreq: 7341
821
822 Fix replying from ANY address for non-standard port.
823
824 .. change::
825 :tags: Improvements, API
826 :pullreq: 7286
827
828 Fix a couple of Swagger / OpenAPI issues.
829
830 .. change::
831 :tags: Bug Fixes
832 :pullreq: 7288
833
834 Fix a few off-by-one errors.
835
836 .. change::
837 :tags: Bug Fixes, GeoIP
838 :pullreq: 7227
839 :tickets: 7219
840
841 Forbid 0 as weight value.
842
843 .. change::
844 :tags: Bug Fixes, Internals
845 :pullreq: 7294
846
847 Prevent leak of file descriptor if running out of ports for incoming AXFR.
848
849 .. change::
850 :tags: Improvements, DNSSEC
851 :pullreq: 7284
852
853 Fallback to SHA1 for the signatures cache if MD5 is not available.
854
855 .. change::
856 :tags: Bug Fixes, API
857 :pullreq: 7278
858 :tickets: 7277
859
860 Prevent more than one CNAME / SOA record in the same RRset.
861
0a94459a 862 .. change::
863 :tags: Improvements, Internals
864 :pullreq: 7245
865
866 Use a cache-able soa record for the serial check caused by a notify.
867
868 .. change::
869 :tags: Improvements
870 :pullreq: 6894
871
872 Improved Lua records - Added all selector, and backupSelector fallbacks.
873
874 .. change::
875 :tags: Bug Fixes
876 :pullreq: 6823
877 :tickets: 6821
878
879 On incoming NOTIFY load our serial from backend to have it available during slave-check.
880
881 Also log ourserial to ease debugging.
882
883 .. change::
884 :tags: Improvements, API, DNSSEC
885 :pullreq: 5988
886
887 API: Add TSIG key manipulation endpoints.
888
889 .. change::
890 :tags: Improvements
891 :pullreq: 7026
892
893 Configure ``--enable-pdns-option`` ``--with-third-party-module``.
894
895 .. change::
896 :tags: Improvements
897 :pullreq: 6731
898 :tickets: 6693
899
900 Address some known LUA Records issues:
901
902 * Better check input lists,
903 * Report lua wildcards errors,
904 * Exposes ``DNSName::getRawLabels`` in lua env,
905 * Better document LUA functions and objects.
906
907 .. change::
908 :tags: Improvements, API
909 :pullreq: 7233
910
911 Make API changes do a rectify by default, add an option to disable.
912
913 .. change::
914 :tags: Bug Fixes, Improvements
915 :pullreq: 6838
916 :tickets: 1355, 1366
917
918 Remove ``autoserial`` from the Authoritative Server. Serial 0 was a little bit too special in PowerDNS.
919
920 .. change::
921 :tags: Bug Fixes
922 :pullreq: 7228
923
924 Handle ANY queries with Lua records.
925
926 .. change::
927 :tags: Improvements
928 :pullreq: 6869
929
930 Remove ``out-of-zone-additional-processing`` setting.
931
932 .. change::
933 :tags: Bug Fixes
934 :pullreq: 7217
935
936 geoip: properly delete libGeoIP return values.
937
938 .. change::
939 :tags: Bug Fixes
940 :pullreq: 7067
941
942 SOA-check: reject NXDOMAIN response and check label of RR against qname.
943
944 .. change::
945 :tags: Improvements, DNSSEC
946 :pullreq: 6958
947
948 Improve RSA key warnings.
949
950 .. change::
951 :tags: Bug Fixes
952 :pullreq: 7201
953
954 Fix ``carbon-instance`` / ``carbon-namespace`` inconsistencies.
955
956 .. change::
957 :tags: <nil>
958 :pullreq: 7196
959 :tickets: 7195
960
961 geoipbackend: Allow empty content for ENT record.
962
963 .. change::
964 :tags: Tools, DNSSEC
965 :pullreq: 7187
966
967 pdnsutil.1 & settings:
968
969 * Add Ed25519 and Ed448,
970 * Document ECC keysizes,
971 * Remove old algos.
972
973 .. change::
974 :tags: Bug Fixes, API
975 :pullreq: 6871
976
977 Check DNSNames that should be hostnames.
978
979 .. change::
980 :tags: <nil>
981 :pullreq: 6959
982 :tickets: 2362, 6951
983
984 Add namespace and instance variable to carbon key.
985
986 .. change::
987 :tags: Bug Fixes, Packages
988 :pullreq: 7134
989
990 Fix up the BIND config files on upgrade.
991
992 .. change::
993 :tags: Bug Fixes
994 :pullreq: 7024
995
996 geoipbackend: Handle read error for config file.
997
998 .. change::
999 :tags: Improvements
1000 :pullreq: 7069
1001
1002 Use unique pointers in the OpenSSL signer.
1003
1004 .. change::
1005 :tags: API, Removed Features
1006 :pullreq: 7025
1007
1008 Remove ``api-logfile`` flag and grep API endpoint.
1009
1010 .. change::
1011 :tags: Improvements
1012 :pullreq: 6962
1013
1014 Store ``NetmaskTree`` nodes in a set for faster removal.
1015
1016 .. change::
1017 :tags: New Features
1018 :pullreq: 6969
1019
1020 Adds the glorious log-log histograms.
1021
1022 .. change::
1023 :tags: Bug Fixes
1024 :pullreq: 7017
1025
1026 Make sure we escape ``127`` in TXT records.
1027
1028 .. change::
1029 :tags: Bug Fixes
1030 :pullreq: 4598
1031
1032 Add support for NONE SOA-EDIT kind.
1033
1034 .. change::
1035 :tags: Tools
1036 :pullreq: 6997
1037
1038 Name threads in the programs.
1039
1040 .. change::
1041 :tags: Improvements
1042 :pullreq: 6727
1043
1044 ALIAS: Respond SERVFAIL on non-NOERRORs from resolver.
1045
1046 .. change::
1047 :tags: Improvements
1048 :pullreq: 6910
1049
1050 Add support for OpenSSL 1.1.1's ed25519 and ed448 for signing and verifying.
1051
1052 .. change::
1053 :tags: Improvements
1054 :pullreq: 6822
1055
1056 Add incremental ``slave-check`` backoff also for failed AXFR.
1057
1058 .. change::
1059 :tags: Bug Fixes
1060 :pullreq: 6923
1061
1062 Respond correctly to DS query at delegation in unsigned zone.
1063
1064 .. change::
1065 :tags: Improvements
1066 :pullreq: 6975
1067
1068 Enhance query-logging with timing for MySQL, PostgreSQL and SQLite.
1069
1070 .. change::
1071 :tags: Improvements
1072 :pullreq: 6811
1073
1074 Apply ALIAS scopemask after chasing.
1075
1076 .. change::
1077 :tags: Improvements
1078 :pullreq: 6948
1079
1080 Fix compilation with LibreSSL 2.7.0+.
1081
1082 .. change::
1083 :tags: Bug Fixes
1084 :pullreq: 6917
1085
1086 Release memory in case of error in the OpenSSL ECDSA constructor.
1087
1088 .. change::
1089 :tags: Bug Fixes
1090 :pullreq: 6913
1091 :tickets: 6912
1092
1093 Actually truncate truncated responses.
1094
1095 .. change::
1096 :tags: Improvements, Packages
1097 :pullreq: 6921
1098
1099 Remove GOST and Botan support.
1100
1101 .. change::
1102 :tags: Improvements, API
1103 :pullreq: 6668
1104
1105 Add zone lookup by ``/zones?zone=example.org``.
1106
1107 .. change::
1108 :tags: Bug Fixes
1109 :pullreq: 6858
1110
1111 RFC2136 fixes.
1112
1113 .. change::
1114 :tags: Improvements
1115 :pullreq: 6825
1116
1117 Add option ``send-signed-notify`` to send NOTIFYs without TSIG signature.
1118
1119 .. change::
1120 :tags: Removed Features, API
1121 :pullreq: 6845
1122
1123 Drop ``api-readonly`` configuration setting.
1124
1125 .. change::
1126 :tags: Bug Fixes
1127 :pullreq: 6857
1128
1129 Remove SOA-check backoff on incoming NOTIFY and fix ``d_lock`` handling.
1130
1131 .. change::
1132 :tags: Bug Fixes, Tools
1133 :pullreq: 6859
1134
1135 Make ``edit-zone`` catch zoneparser exceptions as well.
1136
1137 .. change::
1138 :tags: Improvements, Tools
1139 :pullreq: 6843
1140
1141 ``check-all-zones``: find duplicate zones and SOAs.
1142
1143 .. change::
1144 :tags: Bug Fixes
1145 :pullreq: 6834
1146
1147 ``check-zone``: allow null MX, SRV.
1148
1149 .. change::
1150 :tags: Bug Fixes
1151 :pullreq: 6844
1152
1153 Workaround MariaDB pretending to be MySQL.
1154
1155 .. change::
1156 :tags: Improvements
1157 :pullreq: 6824
1158
1159 Add the serials when logging the final result of a slave check.
1160
1161 .. change::
1162 :tags: Bug Fixes, API
1163 :pullreq: 6780, 6816
1164
1165 Make sure that we use strict weak records ordering in the API.
1166 (Doing this avoids concurrent records / comments iteration from running out of sync.)
1167
1168 .. change::
1169 :tags: Bug Fixes
1170 :pullreq: 6738
1171
1172 Reset the TSIG state between queries.
1173
1174 .. change::
1175 :tags: Improvements, Tools
1176 :pullreq: 6774
1177
1178 calidns: Accurate qps targets.
1179
1180 .. change::
1181 :tags: <nil>
1182 :pullreq: 6769
1183
1184 LuaWrapper: Disable maybe uninitialized warnings with boost optional.
1185
1186 .. change::
1187 :tags: Bug Fixes
1188 :pullreq: 6495
1189
1190 Only parse ``resolv.conf`` once - this avoids race conditions.
1191
1192 .. change::
1193 :tags: Improvements
1194 :pullreq: 6730
1195
1196 Implement a smarter dedup for filling packets in auth.
1197
1198 .. change::
1199 :tags: Improvements, Tools
1200 :pullreq: 6691
1201
1202 pdns_control notify: Handle slave w/o renotify properly.
1203
1204 .. change::
1205 :tags: Improvements, Tools
1206 :pullreq: 6653
1207
1208 pdnsutil: Occlusion and auth check improvements.
1209
1210 .. change::
1211 :tags: Bug Fixes
1212 :pullreq: 6655
1213
1214 Sign CDS/CDNSKEY RRsets with the KSK.
1215
1216 .. change::
1217 :tags: Improvements
1218 :pullreq: 6658
1219
1220 luawrapper: Report caught ``std::exception`` as ``lua_error``.
1221
1222 .. change::
1223 :tags: Bug Fixes
1224 :pullreq: 6686
1225
1226 Initialize some missed qtypes: WKS, SMIMEA.
1227
1228 .. change::
1229 :tags: Bug Fixes
1230 :pullreq: 6677
1231
1232 geoipbackend: Check ``GeoIP_id_by_addr_gl`` and ``GeoIP_id_by_addr_v6_gl`` return value.
1233
1234 .. change::
1235 :tags: Bug Fixes
1236 :pullreq: 6499
1237
1238 stubresolver: Improve locking.
1239
1240 .. change::
1241 :tags: Improvements
1242 :pullreq: 6633
1243
1244 Reject duplicate RRsets in patchZone.
1245
1246 .. change::
1247 :tags: Bug Fixes, API
1248 :pullreq: 6647
1249
1250 Remove ENTs when "replacing" new records.
1251
1252 .. change::
1253 :tags: Bug Fixes
1254 :pullreq: 6648
1255
1256 gmysql: Use future-proof statement for transaction isolation.
1257
1258 .. change::
1259 :tags: Improvements, API
1260 :pullreq: 6649
1261
1262 API export function output change to add IN to the output.
1263
1264 .. change::
1265 :tags: Improvements, API
1266 :pullreq: 6662
1267 :tickets: 6652
1268
1269 Send correct response codes for the CryptoKey endpoints.
1270
1271 .. change::
1272 :tags: Improvements
1273 :pullreq: 6659
1274
1275 Ensure ALIAS answers over TCP have correct name.
1276
1277 .. change::
1278 :tags: Bug Fixes, Tools
1279 :pullreq: 6617
1280
1281 calidns: Don't issue socket buffer or SCHED_FIFO warnings in quiet mode.
1282
1283 .. change::
1284 :tags: Bug Fixes, API
1285 :pullreq: 6614
1286
1287 Restrict creation of OPT and TSIG rrsets.
1288
1289 .. change::
1290 :tags: Improvements
1291 :pullreq: 6561
1292
1293 Fix some minor issues for presigned (large) bind zones.
1294
1295 .. change::
1296 :tags: Tools
1297 :pullreq: 6582
1298
1299 dnsreplay: Add more checks against bogus PCAP.
1300
1301 .. change::
1302 :tags: Bug Fixes, Improvements
1303 :pullreq: 6585
1304 :tickets: 6584
1305
1306 Geoip: Fix poisoning of cache when hit service's default network.
1307
1308 Also includes an optimization to make lookups faster.
1309
1310 .. change::
1311 :tags: Improvements, Tools
1312 :pullreq: 6594
1313
1314 pdnsutil: also load modules through the ``load-modules`` directive.
1315
1316 .. change::
1317 :tags: Improvements, Tools
1318 :pullreq: 6601
1319
1320 calidns: Add ``quiet``, ``minimum-success-rate`` options to use from a script.
1321
1322 .. change::
1323 :tags: New Features, Tools
1324 :pullreq: 6564
1325
1326 Add ``dnspcap2calidns`` to convert PCAP to the calidns format.
1327
1328 .. change::
1329 :tags: Bug Fixes, Tools
1330 :pullreq: 6580
1331
1332 dnsreplay: Bail out on a too small outgoing buffer.
1333
1334 .. change::
1335 :tags: Bug Fixes, Tools
1336 :pullreq: 6559
1337
1338 pdnsutil: Use new domain in ``b2bmigrate``.
1339
1340 .. change::
1341 :tags: Bug Fixes, API
1342 :pullreq: 6571
1343
1344 Increase serial after DNSSEC related updates.
1345
1346 .. change::
1347 :tags: Improvements
1348 :pullreq: 6558
1349
1350 bindbackend: Refuse launch suffixes.
1351
1352 .. change::
1353 :tags: Improvements, Tools
1354 :pullreq: 6526
1355
1356 calidns: Add an option to read ECS values from the query file, skip comments.
1357
1358 .. change::
1359 :tags: Bug Fixes
1360 :pullreq: 6531
1361
1362 Avoid interleaved access to B (via ``d_dk``). Before this patch,
1363 the meta lookup would interfere with the already-started
1364 ``B.lookup``. This caused failures with odbc/MSSQL.
1365
1366 .. change::
1367 :tags: Improvements
1368 :pullreq: 6530
1369
1370 Add missing overrides.
1371
1372 .. change::
1373 :tags: Improvements, Tools
1374 :pullreq: 6525
1375
1376 calidns: Add a ``maximum-qps`` option to stay at a given stable load.
1377
1378 .. change::
1379 :tags: New Features
1380 :pullreq: 6171
1381
1382 LUA Records (yes we know it is "Lua").
1383
1384 .. change::
1385 :tags: Bug Fixes
1386 :pullreq: 6481
1387
1388 Add return 0 for correct exit of ``set-kind`` and ``set-account``.
1389
1390 .. change::
1391 :tags: Bug Fixes, Tools
1392 :pullreq: 6487
1393
1394 Link ``dnspcap2protobuf`` against librt when needed.
1395
1396 .. change::
1397 :tags: Bug Fixes
1398 :pullreq: 6484
1399
1400 Recheck serial when AXFR is done.
1401
1402 .. change::
1403 :tags: Improvements, Internals
1404 :pullreq: 5274
1405
1406 dns_random: Implement new dns_random.
1407
1408 .. change::
1409 :tags: New Features
1410 :pullreq: 5821
1411 :tickets: 5260
1412
1413 LDAP misc updates:
1414
1415 * ALIAS support,
1416 * DNAME support.
1417
1418 .. change::
1419 :tags: Improvements
1420 :pullreq: 6427
1421
1422 Avoid an isane amount of new backend connections during an AXFR.
1423
1424 .. change::
1425 :tags: Improvements, Internals
1426 :pullreq: 6358
1427
1428 Remove ``theLog`` and ``theL`` and replace this with a global ``g_log``.
1429
1430 .. change::
1431 :tags: Improvements, Tools
1432 :pullreq: 6331
1433
1434 Add TCP support for ALIAS.
1435
1436 .. change::
1437 :tags: Improvements
1438 :pullreq: 6377
1439
1440 Add support for MB and MG RR types.
1441
1442 .. change::
1443 :tags: Improvements
1444 :pullreq: 6102
1445
1446 Add actual EDNS buffer size logging, not just our interpretation.
1447
1448 .. change::
1449 :tags: Improvements, Internals
1450 :pullreq: 6312
1451
1452 Lower 'packet too short' loglevel.
1453
1454 .. change::
1455 :tags: Bug Fixes
1456 :pullreq: 6396
1457
1458 Report unparseable data in stoul ``invalid_argument`` exception.
1459
1460 .. change::
1461 :tags: New Features, Tools
1462 :pullreq: 6374
1463
1464 Add quiet modifier to pdnsutil ``rectify-all-zones`` command.
1465
1466 .. change::
1467 :tags: Bug Fixes
1468 :pullreq: 6370
1469
1470 Fix handling of user defined AXFR filters return values.
1471
1472 .. change::
1473 :tags: Bug Fixes
1474 :pullreq: 6342
1475 :tickets: 6263
1476
1477 Reload ``/etc/resolv.conf`` when modified.
1478
1479 .. change::
1480 :tags: Bug Fixes, Tools
1481 :pullreq: 6354
1482
1483 Rather than crash, sheepishly report no file/linenum in pdnsutil.
1484
1485 .. change::
1486 :tags: Improvements, Tools
1487 :pullreq: 6326
1488
1489 calidns: Add the ``--ecs`` parameter to add random ECS values to queries.
1490
1491 .. change::
1492 :tags: Improvements
1493 :pullreq: 6157
1494
1495 Lua2 backend: This is a rewrite of the lua backend. It uses AuthLua4 as basis and more strongly typed access using LuaContext.
1496
1497 .. change::
1498 :tags: Improvements
1499 :pullreq: 5361
1500 :tickets: 3602
1501
ef2ea4bf 1502 Make requests always return to sender, for usage in multimaster slave zones. Also - made sure that the master that is questioned for updates will be selected randomly, to prevent repeatedly asking a dead master for updates.
0a94459a 1503
1504 .. change::
1505 :tags: Improvements, API
1506 :pullreq: 6325
1507
1508 Return status ``409`` if domain already exists.
1509
1510 .. change::
1511 :tags: Improvements
1512 :pullreq: 6276
1513
1514 Reject updates if they would lead to CNAME+Other data.
1515
1516 .. change::
1517 :tags: Improvements
1518 :pullreq: 6243
1519
1520 Fix rectify (ordername) for non-DNSSEC zones.
1521
1522 .. change::
1523 :tags: Improvements
1524 :pullreq: 6278
1525
1526 pkcs11signers: Fix yubikey NEO to work.
1527
1528 .. change::
1529 :tags: Bug Fixes
1530 :pullreq: 6297
1531
1532 Make ``check-zone`` error on rows that have content but shouldn't.
1533
1534 .. change::
1535 :tags: Improvements
1536 :pullreq: 6100
1537
1538 Make ``outgoing-query-address`` and ``outgoing-query-address6``
1539 behaviours equivalent.
1540
1541 .. change::
1542 :tags: Improvements
1543 :pullreq: 6128
1544 :tickets: 5268
1545
1546 GeoIPbackend improvements:
1547
1548 * Adds MMDB support. Now geoip backend can be compiled without geoip support,
1549 * Adds location support,
1550 * Fixes SERVFAIL if expansion is empty.
1551
1552 .. change::
1553 :tags: Improvements
1554 :pullreq: 6295
1555
1556 Fix syntax error for ``replace-rrset``. (@lordievader)
1557
1558 .. change::
1559 :tags: Improvements, API
1560 :pullreq: 2603
1561
1562 Expose ``ResponseStats`` via REST API.
1563
1564 .. change::
1565 :tags: Improvements, Internals
1566 :pullreq: 6230
1567
1568 Remove all traces of selectmplexer, fix up pollmplexer.
1569
1570 .. change::
1571 :tags: Bug Fixes, Tools
1572 :pullreq: 6172
1573
1574 IXFR: correct behavior of dealing with DNS Name with multiple records; speed up IXFR transaction.
1575
1576 .. change::
1577 :tags: Bug Fixes
1578 :pullreq: 6152
1579
1580 bindbackend: handle ``std::exception`` during startup zone-parsing.
1581
1582 .. change::
1583 :tags: Improvements, Tools
1584 :pullreq: 6166
1585
1586 Add an ``--initial-port`` option to dnsreplay.
1587
1588 .. change::
1589 :tags: Improvements
1590 :pullreq: 6220
1591 :tickets: 5079, 5594, 5654
1592
9d75f4ae 1593 Add XPF support to sdig, PowerDNS Recursor and dnsdist.
0a94459a 1594
1595 .. change::
1596 :tags: Improvements, Internals
1597 :pullreq: 5068
1598 :tickets: 1010
1599
1600 Change from ``time_t`` to ``uint32_t`` for serial in ``calculateSOASerial``.
1601
1602 .. change::
1603 :tags: Improvements
1604 :pullreq: 5960
1605
1606 Check more thoroughly the source of UDP answers.
1607
1608 .. change::
1609 :tags: Improvements
1610 :pullreq: 6162
1611
1612 Slave cleanups. (@zeha)
1613
1614 .. change::
1615 :tags: Bug Fixes
1616 :pullreq: 6019
1617 :tickets: 5915
1618
1619 gmysql-backend: set unsigned attribute on ``notified_serial`` column.
1620
1621 .. change::
1622 :tags: Improvements
1623 :pullreq: 6158
1624 :tickets: 2611
1625
1626 pdns: Improve record parsing
1627
1628 .. change::
1629 :tags: Bug Fixes
1630 :pullreq: 6018
1631
1632 Escaping unusual DNS label octets in DNSName is off by one.
1633
1634 .. change::
1635 :tags: Improvements, Internals
1636 :pullreq: 5979
1637
1638 Use ``toLogString()`` for logging and throwing.
1639
1640 .. change::
1641 :tags: Improvements, Internals
1642 :pullreq: 6156
1643
1644 Remove obsolete EDNS PING code. (@zeha)
1645
1646 .. change::
1647 :tags: Bug Fixes
1648 :pullreq: 6155
1649
1650 Update EDNS Option code list.
1651
1652 .. change::
1653 :tags: Improvements
1654 :pullreq: 6146
1655
1656 Changes to compile and run on NetBSD.
1657
1658 .. change::
1659 :tags: Bug Fixes
1660 :pullreq: 4547
1661
1662 Remove ``serializeSOAData``, refactor ``calculate``/``edit``/``increaseSOA``.
1663
1664 .. change::
1665 :tags: Improvements, Tools
1666 :pullreq: 6063
1667
1668 Add colour to diff output of pdnsutil.
1669
1670 .. change::
1671 :tags: <nil>
1672 :pullreq: 6124
1673 :tickets: 6101, 6120
1674
1675 Improve tests and two bugfixes:
1676
1677 * Fix xfrIP to reject invalid ips,
1678 * Accept seconds since epoch in RRSIG timestamps too.
1679
1680 (@stbuehler)
1681
1682 .. change::
1683 :tags: Improvements
1684 :pullreq: 6139
1685
1686 Forbid creating algo 5/8/10 keys with out-of-spec sizes.
1687
1688 .. change::
1689 :tags: Bug Fixes
1690 :pullreq: 6132
1691
1692 Add methods missing from AuthLua4 when Lua support is disabled.
1693
1694 .. change::
1695 :tags: Bug Fixes
1696 :pullreq: 6129
1697
1698 Init openssl and libsodium before chrooting in pdnsutil.
1699
1700 .. change::
1701 :tags: Bug Fixes, LDAP
1702 :pullreq: 6122
1703
1704 Fix listing zones incl. AXFR.
1705
1706 .. change::
1707 :tags: Bug Fixes
1708 :pullreq: 6107
1709
1710 Fix uninitialized index in Lua's DNSPacket::getRRS() binding.
1711
1712 .. change::
1713 :tags: Bug Fixes
1714 :pullreq: 6103
1715 :tickets: 6089
1716
1717 Fix out of bounds exception in CAA processing.
1718
1719 .. change::
1720 :tags: Improvements, API
1721 :pullreq: 6076
1722
1723 Return ``404`` for non-existing zones.
1724
1725 .. change::
1726 :tags: Improvements
1727 :pullreq: 5862
1728 :tickets: 5854
1729
1730 Add Draft of Swagger spec for Authoritative Server HTTP API.
1731
1732 .. change::
1733 :tags: Bug Fixes
1734 :pullreq: 6029
1735 :tickets: 6028
1736
1737 Forbid label compression in ALIAS wire format.
300c6dde
TB		 1738
1739 .. change::
1740 :tags: Improvements
1741 :pullreq: 7359
1742 :tickets: 7357
1743
1744 API: Add response-by-qtype and response-by-rcode on /statistics endpoint
985a932c
GD		 1745
1746 .. change::
1747 :tags: Improvements
1748 :pullreq: 6021
1749
1750 Several improvements to processing of notifies.
1751
1752 * Turn off supermaster support by default (adds new setting).
1753 * PowerDNS was wasting a lot of queries while processing notifies.
1754 * Use comboaddress for IPs (was strings)
Unnamed repository; edit this file 'description' to name the repository.