+3312. [bug] named-checkconf didn't detect a bad dns64 clients acl.
+ [RT #27631]
+
3306. [bug] Improve DNS64 reverse zone performance. [RT #28563]
3305. [func] Add wire format lookup method to sdb. [RT #28563]
keys if the zone name contained character that
required special mappings. [RT #28600]
-3265. [bug] Address lock order reversal with inline-signing
- support. [27557]
+3265. [bug] Address lock order reversal with inline-signing
+ support. [27557]
-3264. [bug] Automatic regeneration of signatures in an
- inline-signing zone could stall when the server
- was restarted. [RT #27344]
+3264. [bug] Automatic regeneration of signatures in an
+ inline-signing zone could stall when the server
+ was restarted. [RT #27344]
-3263. [bug] "rndc sync" did not affect the unsigned side of an
- inline-signing zone. [RT #27337]
+3263. [bug] "rndc sync" did not affect the unsigned side of an
+ inline-signing zone. [RT #27337]
-3262. [bug] Signed responses were handled incorrectly by RPZ.
- [RT #27316]
+3262. [bug] Signed responses were handled incorrectly by RPZ.
+ [RT #27316]
-3252. [bug] When master zones using inline-signing were
- updated while the server was offline, the source
- zone could fall out of sync with the signed
- copy. They can now resynchronize. [RT #26676]
+3252. [bug] When master zones using inline-signing were
+ updated while the server was offline, the source
+ zone could fall out of sync with the signed
+ copy. They can now resynchronize. [RT #26676]
-3248. [bug] Configure options --enable-fixed-rrset and
- --enable-exportlib were incompatible with each
- other. [RT #27087]
+3248. [bug] Configure options --enable-fixed-rrset and
+ --enable-exportlib were incompatible with each
+ other. [RT #27087]
-3246. [bug] Named failed to start with a empty also-notify list.
- [RT #27087]
+3246. [bug] Named failed to start with a empty also-notify list.
+ [RT #27087]
-3243. [port] freebsd,netbsd,bsdi: the thread defaults were not
- being properly set.
+3243. [port] freebsd,netbsd,bsdi: the thread defaults were not
+ being properly set.
-3239. [bug] dns_dnssec_findmatchingkeys needs to use a consistent
- timestamp. [RT #26883]
+3239. [bug] dns_dnssec_findmatchingkeys needs to use a consistent
+ timestamp. [RT #26883]
-3236. [bug] Backed out changes #3182 and #3202, related to
- EDNS(0) fallback behavior. [RT #26416]
+3236. [bug] Backed out changes #3182 and #3202, related to
+ EDNS(0) fallback behavior. [RT #26416]
-3233. [bug] 'rndc freeze/thaw' didn't work for inline zones.
- [RT #26632]
+3233. [bug] 'rndc freeze/thaw' didn't work for inline zones.
+ [RT #26632]
-3220. [bug] Change #3186 was incomplete; dns_db_rpz_findips()
- could fail to set the database version correctly,
- causing an assertion failure. [RT #26180]
+3220. [bug] Change #3186 was incomplete; dns_db_rpz_findips()
+ could fail to set the database version correctly,
+ causing an assertion failure. [RT #26180]
-3198. [doc] Clarified that dnssec-settime can alter keyfile
- permissions. [RT #24866]
+3198. [doc] Clarified that dnssec-settime can alter keyfile
+ permissions. [RT #24866]
-3195. [cleanup] Silence "file not found" warnings when loading
- managed-keys zone. [RT #26340]
+3195. [cleanup] Silence "file not found" warnings when loading
+ managed-keys zone. [RT #26340]
-3186. [bug] Version/db mis-match in rpz code. [RT #26180]
+3186. [bug] Version/db mis-match in rpz code. [RT #26180]
-3184. [bug] named had excessive cpu usage when a redirect zone was
- configured. [RT #26013]
+3184. [bug] named had excessive cpu usage when a redirect zone was
+ configured. [RT #26013]
-3182. [bug] Auth servers behind firewalls which block packets
- greater than 512 bytes may cause other servers to
- perform poorly. Now, adb retains edns information
- and caches noedns servers. [RT #23392/24964]
+3182. [bug] Auth servers behind firewalls which block packets
+ greater than 512 bytes may cause other servers to
+ perform poorly. Now, adb retains edns information
+ and caches noedns servers. [RT #23392/24964]
-3172. [port] darwin 10.* and freebsd [89] are now built threaded by
- default.
+3172. [port] darwin 10.* and freebsd [89] are now built threaded by
+ default.
-3171. [bug] Exclusively lock the task when adding a zone using
- 'rndc addzone'. [RT #25600]
+3171. [bug] Exclusively lock the task when adding a zone using
+ 'rndc addzone'. [RT #25600]
-3168. [bug] Nxdomain redirection could trigger an assert with
- a ANY query. [RT #26017]
+3168. [bug] Nxdomain redirection could trigger an assert with
+ a ANY query. [RT #26017]
-3160. [bug] When printing out a NSEC3 record in multiline form
- the newline was not being printed causing type codes
- to be run together. [RT #25873]
+3160. [bug] When printing out a NSEC3 record in multiline form
+ the newline was not being printed causing type codes
+ to be run together. [RT #25873]
-3141. [bug] Silence spurious "zone serial (0) unchanged" messages
- associated with empty zones. [RT #25079]
+3141. [bug] Silence spurious "zone serial (0) unchanged" messages
+ associated with empty zones. [RT #25079]
-3131. [tuning] Improve scalability by allocating one zone task
- per 100 zones at startup time, rather than using a
- fixed-size task table. [RT #24406]
+3131. [tuning] Improve scalability by allocating one zone task
+ per 100 zones at startup time, rather than using a
+ fixed-size task table. [RT #24406]
-3129. [bug] Named could crash on 'rndc reconfig' when
- allow-new-zones was set to yes and named ACLs
- were used. [RT #22739]
+3129. [bug] Named could crash on 'rndc reconfig' when
+ allow-new-zones was set to yes and named ACLs
+ were used. [RT #22739]
-3126. [security] Using DNAME record to generate replacements caused
- RPZ to exit with a assertion failure. [RT #24766]
+3126. [security] Using DNAME record to generate replacements caused
+ RPZ to exit with a assertion failure. [RT #24766]
-3125. [security] Using wildcard CNAME records as a replacement with
- RPZ caused named to exit with a assertion failure.
- [RT #24715]
+3125. [security] Using wildcard CNAME records as a replacement with
+ RPZ caused named to exit with a assertion failure.
+ [RT #24715]
-3100. [security] Certain response policy zone configurations could
- trigger an INSIST when receiving a query of type
- RRSIG. [RT #24280]
+3100. [security] Certain response policy zone configurations could
+ trigger an INSIST when receiving a query of type
+ RRSIG. [RT #24280]
-3005. [port] Solaris: Work around the lack of
- gsskrb5_register_acceptor_identity() by setting
- the KRB5_KTNAME environment variable to the
- contents of tkey-gssapi-keytab. Also fixed
- test errors on MacOSX. [RT #22853]
+3005. [port] Solaris: Work around the lack of
+ gsskrb5_register_acceptor_identity() by setting
+ the KRB5_KTNAME environment variable to the
+ contents of tkey-gssapi-keytab. Also fixed
+ test errors on MacOSX. [RT #22853]
-3003. [experimental] Added update-policy match type "external",
- enabling named to defer the decision of whether to
- allow a dynamic update to an external daemon.
- (Contributed by Andrew Tridgell.) [RT #22758]
+3003. [experimental] Added update-policy match type "external",
+ enabling named to defer the decision of whether to
+ allow a dynamic update to an external daemon.
+ (Contributed by Andrew Tridgell.) [RT #22758]
-3000. [bug] More TKEY/GSS fixes:
- - nsupdate can now get the default realm from
- the user's Kerberos principal
- - corrected gsstest compilation flags
- - improved documentation
- - fixed some NULL dereferences
- [RT #22795]
+3000. [bug] More TKEY/GSS fixes:
+ - nsupdate can now get the default realm from
+ the user's Kerberos principal
+ - corrected gsstest compilation flags
+ - improved documentation
+ - fixed some NULL dereferences
+ [RT #22795]
-2992. [contrib] contrib/check-secure-delegation.pl: A simple tool
- for looking at a secure delegation. [RT #22059]
+2992. [contrib] contrib/check-secure-delegation.pl: A simple tool
+ for looking at a secure delegation. [RT #22059]
-2991. [contrib] contrib/zone-edit.sh: A simple zone editing tool for
- dynamic zones. [RT #22365]
+2991. [contrib] contrib/zone-edit.sh: A simple zone editing tool for
+ dynamic zones. [RT #22365]
-2990. [bug] 'dnssec-settime -S' no longer tests prepublication
- interval validity when the interval is set to 0.
- [RT #22761]
+2990. [bug] 'dnssec-settime -S' no longer tests prepublication
+ interval validity when the interval is set to 0.
+ [RT #22761]
-2988. [experimental] Added a "dlopen" DLZ driver, allowing the creation
- of external DLZ drivers that can be loaded as
- shared objects at runtime rather than linked with
- named. Currently this is switched on via a
- compile-time option, "configure --with-dlz-dlopen".
- Note: the syntax for configuring DLZ zones
- is likely to be refined in future releases.
- (Contributed by Andrew Tridgell of the Samba
- project.) [RT #22629]
+2988. [experimental] Added a "dlopen" DLZ driver, allowing the creation
+ of external DLZ drivers that can be loaded as
+ shared objects at runtime rather than linked with
+ named. Currently this is switched on via a
+ compile-time option, "configure --with-dlz-dlopen".
+ Note: the syntax for configuring DLZ zones
+ is likely to be refined in future releases.
+ (Contributed by Andrew Tridgell of the Samba
+ project.) [RT #22629]
-2985. [bug] Add a regression test for change #2896. [RT #21324]
+2985. [bug] Add a regression test for change #2896. [RT #21324]
-2983. [bug] Include "loadkeys" in rndc help output. [RT #22493]
+2983. [bug] Include "loadkeys" in rndc help output. [RT #22493]
-2980. [bug] named didn't properly handle UPDATES that changed the
- TTL of the NSEC3PARAM RRset. [RT #22363]
+2980. [bug] named didn't properly handle UPDATES that changed the
+ TTL of the NSEC3PARAM RRset. [RT #22363]
-2977. [bug] 'nsupdate -l' report if the session key is missing.
- [RT #21670]
+2977. [bug] 'nsupdate -l' report if the session key is missing.
+ [RT #21670]
-2973. [bug] bind.keys.h was being removed by the "make clean"
- at the end of configure resulting in build failures
- where there is very old version of perl installed.
- Move it to "make maintainer-clean". [RT #22230]
+2973. [bug] bind.keys.h was being removed by the "make clean"
+ at the end of configure resulting in build failures
+ where there is very old version of perl installed.
+ Move it to "make maintainer-clean". [RT #22230]
-2963. [security] The allow-query acl was being applied instead of the
- allow-query-cache acl to cache lookups. [RT #22114]
+2963. [security] The allow-query acl was being applied instead of the
+ allow-query-cache acl to cache lookups. [RT #22114]
-2961. [bug] Be still more selective about the non-authoritative
- answers we apply change 2748 to. [RT #22074]
+2961. [bug] Be still more selective about the non-authoritative
+ answers we apply change 2748 to. [RT #22074]
-2949. [bug] dns_view_setnewzones() contained a memory leak if
- it was called multiple times. [RT #21942]
+2949. [bug] dns_view_setnewzones() contained a memory leak if
+ it was called multiple times. [RT #21942]
-2948. [port] MacOS: provide a mechanism to configure the test
- interfaces at reboot. See bin/tests/system/README
- for details.
+2948. [port] MacOS: provide a mechanism to configure the test
+ interfaces at reboot. See bin/tests/system/README
+ for details.
-2940. [port] Remove connection aborted error message on
- Windows. [RT #21549]
+2940. [port] Remove connection aborted error message on
+ Windows. [RT #21549]
-2938. [bug] When generating signed responses, from a signed zone
- that uses NSEC3, named would use a uninitialised
- pointer if it needed to skip a NSEC3 record because
- it didn't match the selected NSEC3PARAM record for
- zone. [RT# 21868]
+2938. [bug] When generating signed responses, from a signed zone
+ that uses NSEC3, named would use a uninitialised
+ pointer if it needed to skip a NSEC3 record because
+ it didn't match the selected NSEC3PARAM record for
+ zone. [RT# 21868]
-2930. [experimental] New "rndc addzone" and "rndc delzone" commads
- allow dynamic addition and deletion of zones.
- To enable this feature, specify a "new-zone-file"
- option at the view or options level in named.conf.
- Zone configuration information for the new zones
- will be written into that file. To make the new
- zones persist after a restart, "include" the file
- into named.conf in the appropriate view. (Note:
- This feature is not yet documented, and its syntax
- is expected to change.) [RT #19447]
+2930. [experimental] New "rndc addzone" and "rndc delzone" commads
+ allow dynamic addition and deletion of zones.
+ To enable this feature, specify a "new-zone-file"
+ option at the view or options level in named.conf.
+ Zone configuration information for the new zones
+ will be written into that file. To make the new
+ zones persist after a restart, "include" the file
+ into named.conf in the appropriate view. (Note:
+ This feature is not yet documented, and its syntax
+ is expected to change.) [RT #19447]
-2928. [bug] Be more selective about the non-authoritative
- answer we apply change 2748 to. [RT #21594]
+2928. [bug] Be more selective about the non-authoritative
+ answer we apply change 2748 to. [RT #21594]
-2914. [bug] Make the "autosign" system test more portable.
- [RT #20997]
+2914. [bug] Make the "autosign" system test more portable.
+ [RT #20997]
-2909. [bug] named-checkconf -p could die if "update-policy local;"
- was specified in named.conf. [RT #21416]
+2909. [bug] named-checkconf -p could die if "update-policy local;"
+ was specified in named.conf. [RT #21416]
-2907. [bug] The export version of libdns had undefined references.
- [RT #21444]
+2907. [bug] The export version of libdns had undefined references.
+ [RT #21444]
-2906. [bug] Address RFC 5011 implementation issues. [RT #20903]
+2906. [bug] Address RFC 5011 implementation issues. [RT #20903]
-2903. [bug] managed-keys-directory missing from namedconf.c.
- [RT #21370]
+2903. [bug] managed-keys-directory missing from namedconf.c.
+ [RT #21370]
-2897. [bug] NSEC3 chains could be left behind when transitioning
- to insecure. [RT #21040]
+2897. [bug] NSEC3 chains could be left behind when transitioning
+ to insecure. [RT #21040]
-2896. [bug] "rndc sign" failed to properly update the zone
- when adding a DNSKEY for publication only. [RT #21045]
+2896. [bug] "rndc sign" failed to properly update the zone
+ when adding a DNSKEY for publication only. [RT #21045]
-2893. [bug] Improve managed keys support. New named.conf option
- managed-keys-directory. [RT #20924]
+2893. [bug] Improve managed keys support. New named.conf option
+ managed-keys-directory. [RT #20924]
-2892. [bug] Handle REVOKED keys better. [RT #20961]
+2892. [bug] Handle REVOKED keys better. [RT #20961]
-2887. [bug] Report the keytag times in UTC in the .key file,
- local time is presented as a comment within the
- comment. [RT #21223]
+2887. [bug] Report the keytag times in UTC in the .key file,
+ local time is presented as a comment within the
+ comment. [RT #21223]
-2886. [bug] ctime() is not thread safe. [RT #21223]
+2886. [bug] ctime() is not thread safe. [RT #21223]
-2880. [cleanup] Make the output of dnssec-keygen and dnssec-revoke
- consistent. [RT #21078]
+2880. [cleanup] Make the output of dnssec-keygen and dnssec-revoke
+ consistent. [RT #21078]
-2873. [bug] Cancelling a dynamic update via the dns/client module
- could trigger an assertion failure. [RT #21133]
+2873. [bug] Cancelling a dynamic update via the dns/client module
+ could trigger an assertion failure. [RT #21133]
-2872. [bug] Modify dns/client.c:dns_client_createx() to only
- require one of IPv4 or IPv6 rather than both.
- [RT #21122]
+2872. [bug] Modify dns/client.c:dns_client_createx() to only
+ require one of IPv4 or IPv6 rather than both.
+ [RT #21122]
-2871. [bug] Type mismatch in mem_api.c between the definition and
- the header file, causing build failure with
- --enable-exportlib. [RT #21138]
+2871. [bug] Type mismatch in mem_api.c between the definition and
+ the header file, causing build failure with
+ --enable-exportlib. [RT #21138]
-2861. [doc] dnssec-settime man pages didn't correctly document the
- inactivation time. [RT #21039]
+2861. [doc] dnssec-settime man pages didn't correctly document the
+ inactivation time. [RT #21039]
-2860. [bug] named-checkconf's usage was out of date. [RT #21039]
+2860. [bug] named-checkconf's usage was out of date. [RT #21039]
-2848. [doc] Moved README.dnssec, README.libdns, README.pkcs11 and
- README.rfc5011 into the ARM. [RT #20899]
+2848. [doc] Moved README.dnssec, README.libdns, README.pkcs11 and
+ README.rfc5011 into the ARM. [RT #20899]
-2847. [cleanup] Corrected usage message in dnssec-settime. [RT #20921]
+2847. [cleanup] Corrected usage message in dnssec-settime. [RT #20921]
-2845. [bug] RFC 5011 client could crash on shutdown. [RT #20903]
+2845. [bug] RFC 5011 client could crash on shutdown. [RT #20903]
-2841. [bug] Change 2836 was not complete. [RT #20883]
+2841. [bug] Change 2836 was not complete. [RT #20883]
-2839. [bug] A KSK revoked by named could not be deleted.
- [RT #20881]
+2839. [bug] A KSK revoked by named could not be deleted.
+ [RT #20881]
-2836. [bug] Keys that were scheduled to become active could
- be delayed. [RT #20874]
+2836. [bug] Keys that were scheduled to become active could
+ be delayed. [RT #20874]
-2835. [bug] Key inactivity dates were inadvertently stored in
- the private key file with the outdated tag
- "Unpublish" rather than "Inactive". This has been
- fixed; however, any existing keys that had Inactive
- dates set will now need to have them reset, using
- 'dnssec-settime -I'. [RT #20868]
+2835. [bug] Key inactivity dates were inadvertently stored in
+ the private key file with the outdated tag
+ "Unpublish" rather than "Inactive". This has been
+ fixed; however, any existing keys that had Inactive
+ dates set will now need to have them reset, using
+ 'dnssec-settime -I'. [RT #20868]
-2833. [cleanup] Fix usage messages in dnssec-keygen and dnssec-settime.
- [RT #20851]
+2833. [cleanup] Fix usage messages in dnssec-keygen and dnssec-settime.
+ [RT #20851]
-2832. [bug] Modify "struct stat" in lib/export/samples/nsprobe.c
- to avoid redefinition in some OSs [RT 20831]
+2832. [bug] Modify "struct stat" in lib/export/samples/nsprobe.c
+ to avoid redefinition in some OSs [RT 20831]
-2824. [bug] "rndc sign" was not being run by the correct task.
- [RT #20759]
+2824. [bug] "rndc sign" was not being run by the correct task.
+ [RT #20759]
-2821. [doc] Add note that named-checkconf doesn't automatically
- read rndc.key and bind.keys [RT #20758]
+2821. [doc] Add note that named-checkconf doesn't automatically
+ read rndc.key and bind.keys [RT #20758]
-2816. [bug] previous_closest_nsec() could fail to return
- data for NSEC3 nodes [RT #29730]
+2816. [bug] previous_closest_nsec() could fail to return
+ data for NSEC3 nodes [RT #29730]
-2811. [cleanup] Add "rndc sign" to list of commands in rndc usage
- output. [RT #20733]
+2811. [cleanup] Add "rndc sign" to list of commands in rndc usage
+ output. [RT #20733]
-2809. [cleanup] Restored accidentally-deleted text in usage output
- in dnssec-settime and dnssec-revoke [RT #20739]
+2809. [cleanup] Restored accidentally-deleted text in usage output
+ in dnssec-settime and dnssec-revoke [RT #20739]
-2808. [bug] Remove the attempt to install atomic.h from lib/isc.
- atomic.h is correctly installed by the architecture
- specific subdirectories. [RT #20722]
+2808. [bug] Remove the attempt to install atomic.h from lib/isc.
+ atomic.h is correctly installed by the architecture
+ specific subdirectories. [RT #20722]
-2807. [bug] Fixed a possible ASSERT when reconfiguring zone
- keys. [RT #20720]
+2807. [bug] Fixed a possible ASSERT when reconfiguring zone
+ keys. [RT #20720]
-2806. [bug] "rdnc sign" could delay re-signing the DNSKEY
- when it had changed. [RT #20703]
+2806. [bug] "rdnc sign" could delay re-signing the DNSKEY
+ when it had changed. [RT #20703]
-2805. [bug] Fixed namespace problems encountered when building
- external programs using non-exported BIND9 libraries
- (i.e., built without --enable-exportlib). [RT #20679]
+2805. [bug] Fixed namespace problems encountered when building
+ external programs using non-exported BIND9 libraries
+ (i.e., built without --enable-exportlib). [RT #20679]
-2804. [bug] Send notifies when a zone is signed with "rndc sign"
- or as a result of a scheduled key change. [RT #20700]
+2804. [bug] Send notifies when a zone is signed with "rndc sign"
+ or as a result of a scheduled key change. [RT #20700]
-2803. [port] win32: Install named-journalprint, nsec3hash, arpaname
- and genrandom under windows. [RT #20670]
+2803. [port] win32: Install named-journalprint, nsec3hash, arpaname
+ and genrandom under windows. [RT #20670]
-2802. [cleanup] Rename journalprint to named-journalprint. [RT #20670]
+2802. [cleanup] Rename journalprint to named-journalprint. [RT #20670]
-2799. [cleanup] Changed the "secure-to-insecure" option to
- "dnssec-secure-to-insecure", and "dnskey-ksk-only"
- to "dnssec-dnskey-kskonly", for clarity. [RT #20586]
+2799. [cleanup] Changed the "secure-to-insecure" option to
+ "dnssec-secure-to-insecure", and "dnskey-ksk-only"
+ to "dnssec-dnskey-kskonly", for clarity. [RT #20586]
-2798. [bug] Addressed bugs in managed-keys initialization
- and rollover. [RT #20683]
+2798. [bug] Addressed bugs in managed-keys initialization
+ and rollover. [RT #20683]
2796. [bug] Missing dns_rdataset_disassociate() call in
dns_nsec3_delnsec3sx(). [RT #20681]
2788. [bug] dnssec-signzone could sign with keys that were
not requested [RT #20625]
-2787. [bug] Spurious log message when zone keys were
- dynamically reconfigured. [RT #20659]
+2787. [bug] Spurious log message when zone keys were
+ dynamically reconfigured. [RT #20659]
2785. [bug] Revoked keys could fail to self-sign [RT #20652]
2770. [cleanup] Add log messages to resolver.c to indicate events
causing FORMERR responses. [RT #20526]
-2769. [cleanup] Change #2742 was incomplete. [RT #19589]
+2769. [cleanup] Change #2742 was incomplete. [RT #19589]
2768. [bug] dnssec-signzone: -S no longer implies -g [RT #20568]
socketmgr state if the socket is not pending on a
read or write. [RT #20603]
-2764. [bug] "rndc-confgen -a" could trigger a REQUIRE. [RT #20610]
+2764. [bug] "rndc-confgen -a" could trigger a REQUIRE. [RT #20610]
-2756. [bug] Fixed corrupt logfile message in update.c. [RT# 20597]
+2756. [bug] Fixed corrupt logfile message in update.c. [RT# 20597]
-2753. [bug] Removed an unnecessary warning that could appear when
- building an NSEC chain. [RT #20589]
+2753. [bug] Removed an unnecessary warning that could appear when
+ building an NSEC chain. [RT #20589]
-2776. [bug] Change #2762 was not correct. [RT #20647]
+2776. [bug] Change #2762 was not correct. [RT #20647]
-2762. [bug] DLV validation failed with a local slave DLV zone.
- [RT #20577]
+2762. [bug] DLV validation failed with a local slave DLV zone.
+ [RT #20577]
-2752. [bug] Locking violation. [RT #20587]
+2752. [bug] Locking violation. [RT #20587]
-2751. [bug] Fixed a memory leak in dnssec-keyfromlabel. [RT #20588]
+2751. [bug] Fixed a memory leak in dnssec-keyfromlabel. [RT #20588]
2746. [port] hpux: address signed/unsigned expansion mismatch of
dns_rbtnode_t.nsec. [RT #20542]
-2745. [bug] configure script didn't probe the return type of
- gai_strerror(3) correctly. [RT #20573]
+2745. [bug] configure script didn't probe the return type of
+ gai_strerror(3) correctly. [RT #20573]
-2774. [bug] Existing cache DB wasn't being reused after
- reconfiguration. [RT #20629]
+2774. [bug] Existing cache DB wasn't being reused after
+ reconfiguration. [RT #20629]
-2742. [cleanup] Clarify some DNSSEC-related log messages in
- validator.c. [RT #19589]
+2742. [cleanup] Clarify some DNSSEC-related log messages in
+ validator.c. [RT #19589]
2739. [cleanup] Clean up API for initializing and clearing trust
anchors for a view. [RT #20211]
2725. [doc] Added information about the file "managed-keys.bind"
to the ARM. [RT #20235]
-2724. [bug] Updates to a existing node in secure zone using NSEC
- were failing. [RT #20448]
+2724. [bug] Updates to a existing node in secure zone using NSEC
+ were failing. [RT #20448]
2720. [bug] RFC 5011 trust anchor updates could trigger an
assert if the DNSKEY record was unsigned. [RT #20406]
2674. [bug] "dnssec-lookaside auto;" crashed if named was built
without openssl. [RT #20231]
-2673. [bug] The managed-keys.bind zone file could fail to
- load due to a spurious result from sync_keyzone()
- [RT #20045]
+2673. [bug] The managed-keys.bind zone file could fail to
+ load due to a spurious result from sync_keyzone()
+ [RT #20045]
2671. [bug] Add support for PKCS#11 providers not returning
the public exponent in RSA private keys
2657. [cleanup] Lower "journal file <path> does not exist, creating it"
log level to debug 1. [RT #20058]
-2654. [bug] Improve error reporting on duplicated names for
- deny-answer-xxx. [RT #20164]
+2654. [bug] Improve error reporting on duplicated names for
+ deny-answer-xxx. [RT #20164]
-2651. [bug] Dates could print incorrectly in K*.key files on
- 64-bit systems. [RT #20076]
+2651. [bug] Dates could print incorrectly in K*.key files on
+ 64-bit systems. [RT #20076]
-2650. [bug] Assertion failure in dnssec-signzone when trying
- to read keyset-* files. [RT #20075]
+2650. [bug] Assertion failure in dnssec-signzone when trying
+ to read keyset-* files. [RT #20075]
-2644. [bug] Change #2628 caused a regression on some systems;
- named was unable to write the PID file and would
- fail on startup. [RT #20001]
+2644. [bug] Change #2628 caused a regression on some systems;
+ named was unable to write the PID file and would
+ fail on startup. [RT #20001]
-2641. [bug] Fixed an error in parsing update-policy syntax,
- added a regression test to check it. [RT #20007]
+2641. [bug] Fixed an error in parsing update-policy syntax,
+ added a regression test to check it. [RT #20007]
2638. [bug] Install arpaname. [RT #19957]
2634. [port] win32: Add support for libxml2, enable
statschannel. [RT #19773]
-2631. [bug] Handle "//", "/./" and "/../" in mkdirpath().
- [RT #19926 ]
+2631. [bug] Handle "//", "/./" and "/../" in mkdirpath().
+ [RT #19926 ]
-2629. [port] Check for seteuid()/setegid(), use setresuid()/
- setresgid() if not present. [RT #19932]
+2629. [port] Check for seteuid()/setegid(), use setresuid()/
+ setresgid() if not present. [RT #19932]
-2628. [port] linux: Allow /var/run/named/named.pid to be opened
- at startup with reduced capabilities in operation.
- [RT #19884]
+2628. [port] linux: Allow /var/run/named/named.pid to be opened
+ at startup with reduced capabilities in operation.
+ [RT #19884]
-2627. [bug] Named aborted if the same key was included in
- trusted-keys more than once. [RT #19918]
+2627. [bug] Named aborted if the same key was included in
+ trusted-keys more than once. [RT #19918]
-2626. [bug] Multiple trusted-keys could trigger an assertion
- failure. [RT #19914]
+2626. [bug] Multiple trusted-keys could trigger an assertion
+ failure. [RT #19914]
-2622. [bug] Printing of named.conf grammar was broken. [RT #19919]
+2622. [bug] Printing of named.conf grammar was broken. [RT #19919]
-2600. [doc] ARM: miscellaneous reformatting for different
- page widths. [RT #19574]
+2600. [doc] ARM: miscellaneous reformatting for different
+ page widths. [RT #19574]
2566. [cleanup] Clarify logged message when an insecure DNSSEC
response arrives from a zone thought to be secure:
"insecurity proof failed" instead of "not
insecure". [RT #19400]
-2525. [experimental] New logging category "query-errors" to provide detailed
+2525. [experimental] New logging category "query-errors" to provide detailed
internal information about query failures, especially
about server failures. [RT #19027]
3021. [bug] Change #3010 was incomplete. [RT #22296]
3022. [bug] Fixed rpz SERVFAILs after failed zone transfers
- [RT #23246]
+ [RT #23246]
3038. [bug] Install <dns/rpz.h>. [RT #23342]
2655. [doc] Document that key-directory does not affect
bind.keys, rndc.key or session.key. [RT #20155]
-2810. [doc] Clarified the process of transitioning an NSEC3 zone
- to insecure. [RT #20746]
+2810. [doc] Clarified the process of transitioning an NSEC3 zone
+ to insecure. [RT #20746]
projects / thirdparty / bind9.git / commitdiff
