+2697. [port] win32: ensure that S_IFMT, S_IFDIR, S_IFCHR and
+ S_IFREG are defined after including <isc/stat.h>.
+ [RT #20309]
+
2696. [bug] named failed to successfully process some valid
acl constructs. [RT #20308]
Use -u to modify NSEC3 parameters or switch
between NSEC and NSEC3. [RT #20304]
-2690. [bug] win32: fix isc_thread_key_getspecific() prototype.
+2690. [bug] win32: fix isc_thread_key_getspecific() prototype.
[RT #20315]
2689. [bug] Correctly handle snprintf result. [RT #20306]
2676. [bug] --with-export-installdir should have been
--with-export-includedir. [RT #20252]
-2675. [bug] dnssec-signzone could crash if the key directory
+2675. [bug] dnssec-signzone could crash if the key directory
did not exist. [RT #20232]
--- 9.7.0a3 released ---
2665. [func] Clarify syntax for managed-keys {} statement, add
ARM documentation about RFC 5011 support. [RT #19874]
-2664. [bug] create_keydata() and minimal_update() in zone.c
+2664. [bug] create_keydata() and minimal_update() in zone.c
didn't properly check return values for some
functions. [RT #19956]
2663. [func] win32: allow named to run as a service using
"NT AUTHORITY\LocalService" as the account. [RT #19977]
-2662. [bug] lwres_getipnodebyname() and lwres_getipnodebyaddr()
+2662. [bug] lwres_getipnodebyname() and lwres_getipnodebyaddr()
returned a misleading error code when lwresd was
down. [RT #20028]
2629. [port] Check for seteuid()/setegid(), use setresuid()/
setresgid() if not present. [RT #19932]
-
-2628. [port] linux: Allow /var/run/named/named.pid to be opened
+
+2628. [port] linux: Allow /var/run/named/named.pid to be opened
at startup with reduced capabilities in operation.
[RT #19884]
2623. [bug] Named started seaches for DS non-optimally. [RT #19915]
2622. [bug] Printing of named.conf grammar was broken. [RT #19919]
-
+
2621. [doc] Made copyright boilterplate consistent. [RT #19833]
2620. [bug] Delay thawing the zone until the reload of it has
or with the -f KSK option, a 2048-bit RSASHA1
key-signing key. [RT #19300]
-2611. [func] Add -l option to dnssec-dsfromkey to generate
+2611. [func] Add -l option to dnssec-dsfromkey to generate
DLV records instead of DS records. [RT #19300]
2610. [port] sunos: Change #2363 was not complete. [RT #19796]
named process using the session key generated
by named
[RT #19284]
-
+
2608. [func] Perform post signing verification checks in
dnssec-signzone. These can be disabled with -P.
[RT #19542]
2589. [bug] dns_db_unregister() failed to clear '*dbimp'.
- [RT #19626]
+ [RT #19626]
2588. [bug] SO_REUSEADDR could be set unconditionally after failure
of bind(2) call. This should be rare and mostly
[RT #19209]
2569. [func] Move journalprint, nsec3hash, and genrandom
- commands from bin/tests into bin/tools;
+ commands from bin/tests into bin/tools;
"make install" will put them in $sbindir. [RT #19301]
2568. [bug] Report when the write to indicate a otherwise
2556. [port] Solaris: mkdir(2) on tmpfs filesystems does not do the
error checks in the correct order resulting in the
wrong error code sometimes being returned. [RT #19249]
-
+
2555. [func] dig: when emitting a hex dump also display the
corresponding characters. [RT #19258]
2529. [cleanup] Upgrade libtool to silence complaints from recent
version of autoconf. [RT #18657]
-2528. [cleanup] Silence spurious configure warning about
- --datarootdir [RT #19096]
+2528. [cleanup] Silence spurious configure warning about
+ --datarootdir [RT #19096]
2527. [placeholder]
oldest query or refusing to recurse due to quota.
[RT #19022]
-2506. [port] solaris: Check at configure time if
+2506. [port] solaris: Check at configure time if
hack_shutup_pthreadonceinit is needed. [RT #19037]
2505. [port] Treat amd64 similarly to x86_64 when determining
2478. [bug] 'addresses' could be used uninitialized in
configure_forward(). [RT #18800]
-
+
2477. [bug] dig: the global option to print the command line is
+cmd not print_cmd. Update the output to reflect
this. [RT #17008]
2473. [port] linux: raise the limit on open files to the possible
maximum value before spawning threads; 'files'
- specified in named.conf doesn't seem to work with
+ specified in named.conf doesn't seem to work with
threads as expected. [RT #18784]
2472. [port] linux: check the number of available cpu's before
2464. [port] linux: check that a capability is present before
trying to set it. [RT #18135]
-2463. [port] linux: POSIX doesn't include the IPv6 Advanced Socket
+2463. [port] linux: POSIX doesn't include the IPv6 Advanced Socket
API and glibc hides parts of the IPv6 Advanced Socket
API as a result. This is stupid as it breaks how the
two halves (Basic and Advanced) of the IPv6 Socket API
2456. [bug] In ACLs, ::/0 and 0.0.0.0/0 would both match any
address, regardless of family. They now correctly
distinguish IPv4 from IPv6. [RT #18559]
-
+
2455. [bug] Stop metadata being transferred via axfr/ixfr.
[RT #18639]
2442. [bug] A lock could be destroyed twice. [RT# 18626]
-2441. [bug] isc_radix_insert() could copy radix tree nodes
+2441. [bug] isc_radix_insert() could copy radix tree nodes
incompletely. [RT #18573]
2440. [bug] named-checkconf used an incorrect test to determine
implementation. Allow the use of kqueue,
epoll and /dev/poll to be selected at compile
time. [RT #18277]
-
+
2423. [security] Randomize server selection on queries, so as to
make forgery a little more difficult. Instead of
always preferring the server with the lowest RTT,
2406. [placeholder]
-2405. [cleanup] The default value for dnssec-validation was changed to
- "yes" in 9.5.0-P1 and all subsequent releases; this
- was inadvertently omitted from CHANGES at the time.
+2405. [cleanup] The default value for dnssec-validation was changed to
+ "yes" in 9.5.0-P1 and all subsequent releases; this
+ was inadvertently omitted from CHANGES at the time.
2404. [port] hpux: files unlimited support.
2380. [bug] dns_view_find() was not returning NXDOMAIN/NXRRSET
proofs which, in turn, caused validation failures
for insecure zones immediately below a secure zone
- the server was authoritative for. [RT #18112]
+ the server was authoritative for. [RT #18112]
2379. [contrib] queryperf/gen-data-queryperf.py: removed redundant
TLDs and supported RRs with TTLs [RT #17972]
2363. [port] sunos: pre-set "lt_cv_sys_max_cmd_len=4096;".
[RT #17513]
-2362. [cleanup] Make "rrset-order fixed" a compile-time option.
+2362. [cleanup] Make "rrset-order fixed" a compile-time option.
settable by "./configure --enable-fixed-rrset".
Disabled by default. [RT #17977]
interfaces if there are not listen-on-v6 clauses in
named.conf. [RT #17581]
-2335. [port] sunos: libbind and *printf() support for long long.
+2335. [port] sunos: libbind and *printf() support for long long.
[RT #17513]
2334. [bug] Bad REQUIRES in fromstruct_in_naptr(), off by one
bug in fromstruct_txt(). [RT #17609]
-
+
2333. [bug] Fix off by one error in isc_time_nowplusinterval().
[RT #17608]
2320. [func] Make statistics counters thread-safe for platforms
that support certain atomic operations. [RT #17466]
-2319. [bug] Silence Coverity warnings in
+2319. [bug] Silence Coverity warnings in
lib/dns/rdata/in_1/apl_42.c. [RT #17469]
2318. [port] sunos fixes for libbind. [RT #17514]
2301. [bug] Remove resource leak and fix error messages in
bin/tests/system/lwresd/lwtest.c. [RT #17474]
-2300. [bug] Fixed failure to close open file in
+2300. [bug] Fixed failure to close open file in
bin/tests/names/t_names.c. [RT #17473]
2299. [bug] Remove unnecessary NULL check in
2261. [bug] Fix memory leak with "any" and "none" ACLs [RT #17272]
2260. [bug] Reported wrong clients-per-query when increasing the
- value. [RT #17236]
+ value. [RT #17236]
2259. [placeholder]
intermediate values as timer->idle was reset by
isc_timer_touch(). [RT #17243]
-2253. [func] "max-cache-size" defaults to 32M.
+2253. [func] "max-cache-size" defaults to 32M.
"max-acache-size" defaults to 16M.
-2252. [bug] Fixed errors in sortlist code [RT #17216]
+2252. [bug] Fixed errors in sortlist code [RT #17216]
2251. [placeholder]
memory statistics file should be written or not.
Additionally named's -m option will cause the
statistics file to be written. [RT #17113]
-
-2249. [bug] Only set Authentic Data bit if client requested
- DNSSEC, per RFC 3655 [RT #17175]
-2248. [cleanup] Fix several errors reported by Coverity. [RT #17160]
+2249. [bug] Only set Authentic Data bit if client requested
+ DNSSEC, per RFC 3655 [RT #17175]
+
+2248. [cleanup] Fix several errors reported by Coverity. [RT #17160]
2247. [doc] Sort doc/misc/options. [RT #17067]
2235. [bug] <isc/atomic.h> was not being installed. [RT #17135]
-2234. [port] Correct some compiler warnings on SCO OSr5 [RT #17134]
-
-2233. [func] Add support for O(1) ACL processing, based on
- radix tree code originally written by Kevin
- Brintnall. [RT #16288]
+2234. [port] Correct some compiler warnings on SCO OSr5 [RT #17134]
+
+2233. [func] Add support for O(1) ACL processing, based on
+ radix tree code originally written by Kevin
+ Brintnall. [RT #16288]
2232. [bug] dns_adb_findaddrinfo() could fail and return
ISC_R_SUCCESS. [RT #17137]
2226. [placeholder]
2225. [bug] More support for systems with no IPv4 addresses.
- [RT #17111]
+ [RT #17111]
2224. [bug] Defer journal compaction if a xfrin is in progress.
[RT #17119]
2223. [bug] Make a new journal when compacting. [RT #17119]
2222. [func] named-checkconf now checks server key references.
- [RT #17097]
+ [RT #17097]
2221. [bug] Set the event result code to reflect the actual
record turned to caller when a cache update is
2220. [bug] win32: Address a race condition in final shutdown of
the Windows socket code. [RT #17028]
-
+
2219. [bug] Apply zone consistency checks to additions, not
removals, when updating. [RT #17049]
2217. [func] Adjust update log levels. [RT #17092]
2216. [cleanup] Fix a number of errors reported by Coverity.
- [RT #17094]
+ [RT #17094]
2215. [bug] Bad REQUIRE check isc_hmacsha1_verify(). [RT #17094]
localhost;) is used.
[RT #16987]
-
+
2205. [bug] libbind: change #2119 broke thread support. [RT #16982]
2204. [bug] "rndc flushanme name unknown-view" caused named
allow-query-on, allow-recursion-on and
allow-query-cache-on. [RT #16291]
-2164. [bug] The code to determine how named-checkzone /
+2164. [bug] The code to determine how named-checkzone /
named-compilezone was called failed under windows.
[RT #16764]
2095. [port] libbind: alway prototype inet_cidr_ntop_ipv6() and
net_cidr_ntop_ipv6(). [RT #16388]
-
+
2094. [contrib] Update named-bootconf. [RT# 16404]
2093. [bug] named-checkzone -s was broken.
2092. [bug] win32: dig, host, nslookup. Use registry config
if resolv.conf does not exist or no nameservers
- listed. [RT #15877]
+ listed. [RT #15877]
2091. [port] dighost.c: race condition on cleanup. [RT #16417]
1964. [func] Separate out MX and SRV to CNAME checks. [RT #15723]
-1963. [port] Tru64 4.0E doesn't support send() and recv().
+1963. [port] Tru64 4.0E doesn't support send() and recv().
[RT #15586]
1962. [bug] Named failed to clear old update-policy when it
1951. [security] Drop queries from particular well known ports.
Don't return FORMERR to queries from particular
well known ports. [RT #15636]
-
+
1950. [port] Solaris 2.5.1 and earlier cannot bind() then connect()
a TCP socket. This prevents the source address being
set for TCP connections. [RT #15628]
1945. [cleanup] dnssec-keygen: RSA (RSAMD5) is no longer recommended.
To generate a RSAMD5 key you must explicitly request
RSAMD5. [RT #13780]
-
+
1944. [cleanup] isc_hash_create() does not need a read/write lock.
[RT #15522]
[RT #15034]
1905. [bug] Strings returned from cfg_obj_asstring() should be
- treated as read-only. The prototype for
+ treated as read-only. The prototype for
cfg_obj_asstring() has been updated to reflect this.
[RT #15256]
1863. [bug] rrset-order "fixed" error messages not complete.
1862. [func] Add additional zone data constancy checks.
- named-checkzone has extended checking of NS, MX and
+ named-checkzone has extended checking of NS, MX and
SRV record and the hosts they reference.
named has extended post zone load checks.
- New zone options: check-mx and integrity-check.
+ New zone options: check-mx and integrity-check.
[RT #4940]
1861. [bug] dig could trigger a INSIST on certain malformed
1848. [bug] Improve SMF integration. [RT #13238]
1847. [bug] isc_ondestroy_init() is called too late in
- dns_rbtdb_create()/dns_rbtdb64_create().
+ dns_rbtdb_create()/dns_rbtdb64_create().
[RT #13661]
-
+
1846. [contrib] query-loc-0.3.0 from Stephane Bortzmeyer
<bortzmeyer@nic.fr>.
[RT #12866]
1748. [func] dig now returns the byte count for axfr/ixfr.
-
+
1747. [bug] BIND 8 compatibility: named/named-checkconf failed
to parse "host-statistics-max" in named.conf.
requested number of worker threads then destruction
of the manager would trigger an INSIST() failure.
[RT #12790]
-
+
1742. [bug] Deleting all records at a node then adding a
previously existing record, in a single UPDATE
transaction, failed to leave / regenerate the
1740. [bug] Replace rbt's hash algorithm as it performed badly
with certain zones. [RT #12729]
-
+
NOTE: a hash context now needs to be established
via isc_hash_create() if the application was not
already doing this.
1736. [bug] dst_key_fromnamedfile() could fail to read a
public key. [RT #12687]
-
+
1735. [bug] 'dig +sigtrace' could die with a REQUIRE failure.
[RE #12688]
1675. [bug] named would sometimes add extra NSEC records to
the authority section.
-
+
1674. [port] linux: increase buffer size used to scan
/proc/net/if_inet6.
1648. [func] Update dnssec-lookaside named.conf syntax to support
multiple dnssec-lookaside namespaces (not yet
- implemented).
+ implemented).
1647. [bug] It was possible trigger a INSIST when chasing a DS
record that required walking back over a empty node.
1638. [bug] "ixfr-from-differences" could generate a REQUIRE
failure if the journal open failed. [RT #11347]
-
+
1637. [bug] Node reference leak on error in addnoqname().
1636. [bug] The dump done callback could get ISC_R_SUCCESS even if
1607. [bug] dig, host and nslookup were still using random()
to generate query ids. [RT# 11013]
-1606. [bug] DLV insecurity proof was failing.
+1606. [bug] DLV insecurity proof was failing.
1605. [func] New dns_db_find() option DNS_DBFIND_COVERINGNSEC.
1604. [bug] A xfrout_ctx_create() failure would result in
xfrout_ctx_destroy() being called with a
partially initialized structure.
-
+
1603. [bug] nsupdate: set interactive based on isatty().
[RT# 10929]
1602. [bug] Logging to a file failed unless a size was specified.
[RT# 10925]
-1601. [bug] Silence spurious warning 'both "recursion no;" and
+1601. [bug] Silence spurious warning 'both "recursion no;" and
"allow-recursion" active' warning from view "_bind".
[RT# 10920]
projects / thirdparty / bind9.git / commitdiff
