--- /dev/null
+4639. [bug] Fix a regression in --with-tuning reporting introduced
+ by change 4488. [RT #45396]
+
+4638. [bug] Reloading or reconfiguring named could fail on
+ some platforms when LMDB was in use. [RT #45203]
+
+4630. [bug] "dyndb" is dependent on dlopen existing / being
+ enabled. [RT #45291]
+
+4625. [bug] Running "rndc addzone" and "rndc delzone" at close
+ to the same time could trigger a deadlock if using
+ LMDB. [RT #45209]
+
+4520. [cleanup] Alphabetize more of the grammar when printing it
+ out. Fix unbalanced indenting. [RT #43755]
+
+4471. [cleanup] Render client/query logging format consistent for
+ ease of log file parsing. (Note that this affects
+ "querylog" format: there is now an additional field
+ indicating the client object address.) [RT #43238]
+
+4425. [bug] arpaname, dnstap-read and named-rrchecker were not
+ being installed into ${prefix}/bin. Tidy up
+ installation issues with CHANGE 4421. [RT #42910]
+
+4348. [func] dnssec-keymgr: A new python-based DNSSEC key
+ management utility, which reads a policy definition
+ file and can create or update DNSSEC keys as needed
+ to ensure that a zone's keys match policy, roll over
+ correctly on schedule, etc. Thanks to Sebastian
+ Castro for assistance in development. [RT #39211]
+
+4307. [bug] "dig +subnet" and "mdig +subnet" could send
+ incorrectly-formatted Client Subnet options
+ if the prefix length was not divisible by 8.
+ Also fixed a memory leak in "mdig". [RT #45178]
+
+4303. [bug] "dig +subnet" was unable to send a prefix length of
+ zero, as it was incorrectly changed to 32 for v4
+ prefixes or 128 for v6 prefixes. In addition to
+ fixing this, "dig +subnet=0" has been added as a
+ short form for 0.0.0.0/0. The same changes have
+ also been made in "mdig". [RT #41553]
+
+4300. [bug] A flag could be set in the wrong field when setting
+ up non-recursive queries; this could cause the
+ SERVFAIL cache to cache responses it shouldn't.
+ New querytrace logging has been added which
+ identified this error. [RT #41155]
+
+4161. [test] Add JSON test for traffic size stats; also test
+ for consistency between "rndc stats" and the XML
+ and JSON statistics channel contents. [RT #38700]
+
+4056. [bug] Expanded automatic testing of trust anchor
+ management and fixed several small bugs including
+ a memory leak and a possible loss of key state
+ information. [RT #38458]
+
+3949. [experimental] Experimental support for draft-andrews-edns1 by sending
+ EDNS(1) queries (define DRAFT_ANDREWS_EDNS1 when
+ building). Add support for limiting the EDNS version
+ advertised to servers: server { edns-version 0; };
+ Log the EDNS version received in the query log.
+ [RT #35864]
+
+3938. [func] Added quotas to be used in recursive resolvers
+ that are under high query load for names in zones
+ whose authoritative servers are nonresponsive or
+ are experiencing a denial of service attack.
+
+ - "fetches-per-server" limits the number of
+ simultaneous queries that can be sent to any
+ single authoritative server. The configured
+ value is a starting point; it is automatically
+ adjusted downward if the server is partially or
+ completely non-responsive. The algorithm used to
+ adjust the quota can be configured via the
+ "fetch-quota-params" option.
+ - "fetches-per-zone" limits the number of
+ simultaneous queries that can be sent for names
+ within a single domain. (Note: Unlike
+ "fetches-per-server", this value is not
+ self-tuning.)
+ - New stats counters have been added to count
+ queries spilled due to these quotas.
+
+ See the ARM for details of these options. [RT #37125]
+
+3930. [bug] "rndc nta -r" could cause a server hang if the
+ NTA was not found. [RT #36909]
+
+3920. [doc] Added doc for masterfile-style. [RT #36823]
+
+3875. [cleanup] Clarify log message when unable to read private
+ key files. [RT #24702]
+
+3821. [contrib] Added a new "mysqldyn" DLZ module with dynamic
+ update and transaction support. Thanks to Marty
+ Lee for the contribution. [RT #35656]
+
projects / thirdparty / bind9.git / commitdiff
