- New "rndc showconf" command. ``dad960025c2``
The new `rndc showconf` command prints the running server
- configuration. There are three options: - `rndc showconf -user`
- displays the user configuration (i.e., the contents of `named.conf`).
+ configuration. There are three options:
+
+ - `rndc showconf -user` displays the user configuration (i.e., the
+ contents of `named.conf`).
- `rndc showconf -builtin` displays the default settings, similar to
- `named -H`. - `rndc showconf -effective` displays the effective
- configuration. This is the merged combination of the `-user` and
- `-builtin` configurations. :gl:`#1075` :gl:`!11123`
+ `named -C`.
+ - `rndc showconf -effective` displays the effective
+ configuration. This is the merged combination of the `-user` and
+ `-builtin` configurations. :gl:`#1075` :gl:`!11123`
- "named-checkconf -b" dumps the built-in configuration. ``ac2b36c4bfc``
`cfg_rep_t`, which enables implementing a copy function specific for
each representation type a node can hold.
- This is pre-require work for MR !11121 !11122 !11123 :gl:`!11124`
+ This is pre-require work for MR :gl:`!11121` :gl:`!11122` :gl:`!11123`
+ :gl:`!11124`
- Run individual spatch form check-cocci.sh. ``a27275d2464``
Any command line parameters after `--` are forwarded to `spatch`
command, for instance:
- `util/check-cocci.sh -- --debug` `util/check-cocci.sh cocci/foo.spatch
- -- --debug`
+ `util/check-cocci.sh -- --debug`
+
+ `util/check-cocci.sh cocci/foo.spatch -- --debug`
Will (1) run all spatch files in cocci/ with --debug spatch option and
(2) run only `cocci/foo.spatch` with --debug options. :gl:`!11096`
of outstanding allocations, so it is still possible to figure out
what's still allocated by this memory context. :gl:`!11110`
-- Minimal meson version required is 1.3.0. ``6badc6e9396``
+- Minimal Meson version required is 1.3.0. ``6badc6e9396``
- The minimal required meson version is 1.3.0.
+ The minimal required Meson version is 1.3.0.
- Where distribution repositories don't provide meson 1.3.0 or newer,
- meson from PyPI may be used instead. :gl:`!10997`
+ Where distribution repositories don't provide Meson 1.3.0 or newer,
+ Meson from PyPI may be used instead. :gl:`!10997`
- Refactor notify code. ``0dd1da79590``
- Make libcap mandatory on Linux again. ``fb2b56a8880``
- When refactoring the BIND 9.21 build system to meson, libcap was
+ When refactoring the BIND 9.21 build system to Meson, libcap was
unintentionally made optional on Linux. :gl:`#5590` :gl:`!11136`
- Only unlink from SIEVE LRU if it is still linked. ``28926f210e1``
- Remove unused dns_zone_getnotifyacl() function. ``9215ae3c7ee``
- Deals with Coverity issues: - CID 638286: Concurrent data access
- violations (MISSING_LOCK). - CID 638287: Concurrent data access
- violations (MISSING_LOCK). :gl:`!11200`
+ Deals with Coverity issues:
+
+ - CID 638286: Concurrent data access violations (MISSING_LOCK).
+ - CID 638287: Concurrent data access
+ violations (MISSING_LOCK). :gl:`!11200`
- Restore reuseport to yes by default on supported platforms.
``056a32798c2``
The default configuration is conditioned by several compile-time
macro. While for most of them it's fine because they are defined in
the global `config.h` file included by default to all binaries (by
- meson), one specific is not defined here. `HAVE_SO_REUSEPORT_LB` was
+ Meson), one specific is not defined here. `HAVE_SO_REUSEPORT_LB` was
defined in `lib/isc/include/isc/netmgr.h` which is of course not
included in `bin/includes/defaultconfig.h`.
As a result, reuseport was disabled for all platform by default, even
the supported ones. This fixes the problem by checking if reuseport is
- available on the platform from meson `config.h` generation directly,
+ available on the platform from Meson `config.h` generation directly,
which makes `HAVE_SO_REUSEPORT_LB` available everywhere. :gl:`!11180`
- Save userconfig as text instead of a cfg_obj tree. ``9521f231694``
New Features
~~~~~~~~~~~~
-- New "rndc showconf" command.
+- New :option:`rndc showconf` command.
- The new `rndc showconf` command prints the running server
- configuration. There are three options: - `rndc showconf -user`
- displays the user configuration (i.e., the contents of `named.conf`).
- - `rndc showconf -builtin` displays the default settings, similar to
- `named -H`. - `rndc showconf -effective` displays the effective
- configuration. This is the merged combination of the `-user` and
- `-builtin` configurations. :gl:`#1075`
+ The new :option:`rndc showconf` command prints the running server
+ configuration. There are three options:
-- "named-checkconf -b" dumps the built-in configuration.
+ - ``rndc showconf -user`` shows only settings explicitly declared in
+ :iscman:`named.conf`.
+ - ``rndc showconf -builtin`` shows the default settings, similar to
+ :option:`named -C`.
+ - ``rndc showconf -effective`` shows the result of applying user
+ settings to defaults.
- `named-checkconf` now supports the command line switch `-b`, which
- prints the default built-in configuration used by `named`. When
- `-b` is in use, other options are ignored. :gl:`#1326`
+ :gl:`#1075`
-- Add support for Extended DNS Error 24 (Invalid Data)
+- :option:`named-checkconf -b` dumps the built-in configuration.
- Extended DNS Error 24 (Invalid Data) is returned when the server
- cannot answer data for a zone it is configured for. This occurs
- typically when an authoritative server does not have loaded the DB of
- a configured zone, or a secondary server zone is expired.
+ :iscman:`named-checkconf` now supports the option ``-b``, that prints
+ the default built-in configuration used by :iscman:`named`. When
+ the option is used, other options are ignored. :gl:`#1326`
- See RFC 8914 section 4.25. :gl:`#1836`
+- Add support for Extended DNS Error 24 (Invalid Data).
-- Named-checkconf -e prints the effective configuration.
+ See :rfc:`8914` section 4.25. :gl:`#1836`
- The new `named-checkconf -e` option prints the effective server
- configuration, including all the default settings, that would result
- from loading the specified configuration file into `named`.
- :gl:`#2798`
+- :option:`named-checkconf -e` prints the effective configuration.
+
+ The new :option:`named-checkconf -e` option prints the effective
+ server configuration. This is what would result from loading the
+ specified configuration file into :iscman:`named`. The report
+ includes all default settings, as modified by user values from the
+ configuration file. :gl:`#2798`
Removed Features
~~~~~~~~~~~~~~~~
-- Remove the "tkey-domain" statement.
+- Remove the ``tkey-domain`` statement.
The previously deprecated ``tkey-domain`` statement has now been
removed. :gl:`#4204`
-- Remove the "tkey-gssapi-credential" statement.
+- Remove the ``tkey-gssapi-credential`` statement.
The previously deprecated ``tkey-gssapi-credential`` statement and all
code related to it have now been removed. :gl:`#4204`
Feature Changes
~~~~~~~~~~~~~~~
-- Minimal meson version required is 1.3.0.
-
- The minimal required meson version is 1.3.0.
+- Minimal Meson version required is 1.3.0.
- Where distribution repositories don't provide meson 1.3.0 or newer,
- meson from PyPI may be used instead.
+ Where distribution repositories don't provide Meson 1.3.0 or newer,
+ the PyPI repository may be used instead.
Bug Fixes
~~~~~~~~~
- Report when a zone reload is already in progress.
- If a zone reload was already in progress when `rndc reload <zone>` was
- run, the message returned was "zone reload queued", which was
- technically correct, but it was identical to the message returned when
- a reload was not in progress. Consequently, a user could issue two
- reload commands without realizing that only one reload had actually
- taken place. This has been addressed by changing the message returned
- to "zone reload was already queued". :gl:`#5140`
+ Previously, if a user attempted to manually reload a zone that was
+ already being reloaded, the message returned was "zone reload queued".
+ The message has been changed to "zone reload was already queued".
+ :gl:`#5140`
-- Fix dnssec-keygen key collision checking for KEY rrtype keys.
+- Fix :iscman:`dnssec-keygen` key collision checking for KEY RRtype
+ keys.
The :iscman:`dnssec-keygen` utility program failed to detect possible
- Key ID collisions with the existing keys generated using the
- non-default ``-T KEY`` option (e.g. for ``SIG(0)``). This has been
- fixed. :gl:`#5506`
+ KEY ID collisions with existing keys generated using the non-default
+ ``-T KEY`` option (e.g., for ``SIG(0)``). This has been fixed.
+ :gl:`#5506`
-- Fix shutdown INSIST in dns_dispatchmgr_getblackhole.
+- Fix shutdown assertion in ``dns_dispatchmgr_getblackhole``.
- Previously, `named` could trigger an assertion in
- `dns_dispatchmgr_getblackhole` while shutting down. This has been
+ Previously, :iscman:`named` could trigger an assertion in
+ ``dns_dispatchmgr_getblackhole`` while shutting down. This has been
fixed. :gl:`#5525`
-- Dnssec-verify now uses exit code 1 when failing due to illegal
- options.
+- :iscman:`dnssec-verify` now uses exit code 1 when failing due to
+ illegal options.
- Previously, dnssec-verify exited with code 0 if the options could not
- be parsed. This has been fixed. :gl:`#5574`
+ Previously, :iscman:`dnssec-verify` exited with code 0 if the options
+ could not be parsed. This has been fixed. :gl:`#5574`
-- Prevent assertion failures of dig when server is specified before the
- -b option.
+- Prevent assertion failures of :iscman:`dig` when a server is specified
+ before the ``-b`` option.
Previously, :iscman:`dig` could exit with an assertion failure when
- the server was specified before the :option:`dig -b` option. This has
+ a server was specified before the :option:`dig -b` option. This has
been fixed. :gl:`#5609`
-- Skip unsupported algorithms when looking for signing key.
+- Skip unsupported algorithms when looking for a signing key.
A mix of supported and unsupported DNSSEC algorithms in the same zone
- could have caused validation failures. Ignore the DNSSEC keys with
- unsupported algorithm when looking for the signing keys. :gl:`#5622`
+ could cause validation failures. Unsupported algorithms are now
+ ignored when looking for signing keys. :gl:`#5622`
- Fix fuzzing builds.
- Previously fuzzing builds were broken due to some typos in the
- `meson.build`.
+ Previously, fuzzing builds were broken due to typos in meson.build.
- Skip buffer allocations if not logging.
- Currently, during IXFR we allocate a 2KB buffer for IXFR change
- logging regardless of the log level. This commit introduces an early
- check on the log level in dns_diff_print to avoid this.
+ Previously, we allocated a 2KB buffer for IXFR change logging,
+ regardless of the log level.
- Results in a speedup from 28% in the test case from issue #5442.
+ This results in a 28% speedup in some scenarios.
projects / thirdparty / bind9.git / commitdiff
