Feature Changes
~~~~~~~~~~~~~~~
-- The use of native PKCS#11 for Public-Key Cryptography in BIND 9 has been
- deprecated in favor of OpenSSL engine_pkcs11 from the OpenSC project.
- The ``--with-native-pkcs11`` configuration option will be removed from the
- next major BIND 9 release. The option to use the engine_pkcs11 OpenSSL
- engine is already available in BIND 9; please see the ARM section on
- PKCS#11 for details. :gl:`#2691`
-
-- ``named`` and ``named-checkconf`` now issue a warning when there is a single
- configured port in the ``query-source``, ``transfer-source``,
- ``notify-source``, and ``parental-source``, and/or in their respective IPv6 counterparts.
+- The use of native PKCS#11 for Public-Key Cryptography in BIND 9 has
+ been deprecated in favor of the engine_pkcs11 OpenSSL engine from the
+ `OpenSC`_ project. The ``--with-native-pkcs11`` configuration option
+ will be removed in the next major BIND 9 release. The option to use
+ the engine_pkcs11 OpenSSL engine is already available in BIND 9;
+ please see the :ref:`ARM section on PKCS#11 <pkcs11>` for details.
+ :gl:`#2691`
+
+- ``named`` and ``named-checkconf`` now issue a warning when there is a
+ single port configured for ``query-source``, ``transfer-source``,
+ ``notify-source``, ``parental-source``, and/or for their respective
+ IPv6 counterparts. :gl:`#2888`
+
+- ``named`` and ``named-checkconf`` now exit with an error when a single
+ port configured for ``query-source``, ``transfer-source``,
+ ``notify-source``, ``parental-source``, and/or their respective IPv6
+ counterparts clashes with a global listening port. This configuration
+ has not been supported since BIND 9.16.0, but no error was reported
+ until now (even though sending UDP messages such as NOTIFY failed).
:gl:`#2888`
-- ``named`` and ``named-checkconf`` now return an error when the single configured
- port in the ``query-source``, ``transfer-source``, ``notify-source``,
- ``parental-source``, and/or their respective IPv6 counterparts clashes with the
- global listening port. This configuration is no longer supported as of BIND
- 9.16.0 but no error was reported, although sending UDP messages
- (such as notifies) would fail. :gl:`#2888`
+- The ``map`` zone file format has been marked as deprecated and will be
+ removed in the next major BIND 9 release. :gl:`#2882`
-- The ``masterfile-format`` format ``map`` has been marked as deprecated and
- will be removed in a future release. :gl:`#2882`
+- Old-style Dynamically Loadable Zones (DLZ) drivers that had to be
+ enabled in ``named`` at build time have been marked as deprecated in
+ favor of new-style DLZ modules. Old-style DLZ drivers will be removed
+ in the next major BIND 9 release. :gl:`#2814`
-- The statically compiled DLZ drivers have been marked as deprecated in favor of
- dynamically loaded DLZ modules and will be removed in a future major
- release. :gl:`#2814`
+.. _OpenSC: https://github.com/OpenSC/libp11
Bug Fixes
~~~~~~~~~
-- When new IP addresses were added to the system during ``named``
- startup, ``named`` failed to listen on TCP for the newly added
- interfaces. :gl:`#2852`
+- When new IP addresses were set up by the operating system during
+ ``named`` startup, it could fail to listen for TCP connections on the
+ newly added interfaces. :gl:`#2852`
-- Reloading a catalog zone that referenced a missing/deleted zone
- caused a crash. This has been fixed. :gl:`#2308`
+- Reloading a catalog zone which referenced a missing/deleted member
+ zone triggered a runtime check failure, causing ``named`` to exit
+ prematurely. This has been fixed. :gl:`#2308`
projects / thirdparty / bind9.git / commitdiff
