]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
regen master
authorTinderbox User <tbox@isc.org>
Sun, 17 Sep 2017 01:09:06 +0000 (01:09 +0000)
committerTinderbox User <tbox@isc.org>
Sun, 17 Sep 2017 01:09:06 +0000 (01:09 +0000)
configure
doc/arm/Bv9ARM.ch09.html
doc/arm/notes.html

index 84a29b6b9f0f18b369b856d66f07ff3ab11074f0..548fbeca95ac0a0c3d537700b79d13fd63ac878a 100755 (executable)
--- a/configure
+++ b/configure
@@ -936,7 +936,6 @@ infodir
 docdir
 oldincludedir
 includedir
-runstatedir
 localstatedir
 sharedstatedir
 sysconfdir
@@ -1099,7 +1098,6 @@ datadir='${datarootdir}'
 sysconfdir='${prefix}/etc'
 sharedstatedir='${prefix}/com'
 localstatedir='${prefix}/var'
-runstatedir='${localstatedir}/run'
 includedir='${prefix}/include'
 oldincludedir='/usr/include'
 docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
@@ -1352,15 +1350,6 @@ do
   | -silent | --silent | --silen | --sile | --sil)
     silent=yes ;;
 
-  -runstatedir | --runstatedir | --runstatedi | --runstated \
-  | --runstate | --runstat | --runsta | --runst | --runs \
-  | --run | --ru | --r)
-    ac_prev=runstatedir ;;
-  -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
-  | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
-  | --run=* | --ru=* | --r=*)
-    runstatedir=$ac_optarg ;;
-
   -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
     ac_prev=sbindir ;;
   -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@@ -1498,7 +1487,7 @@ fi
 for ac_var in  exec_prefix prefix bindir sbindir libexecdir datarootdir \
                datadir sysconfdir sharedstatedir localstatedir includedir \
                oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
-               libdir localedir mandir runstatedir
+               libdir localedir mandir
 do
   eval ac_val=\$$ac_var
   # Remove trailing slashes.
@@ -1651,7 +1640,6 @@ Fine tuning of the installation directories:
   --sysconfdir=DIR        read-only single-machine data [PREFIX/etc]
   --sharedstatedir=DIR    modifiable architecture-independent data [PREFIX/com]
   --localstatedir=DIR     modifiable single-machine data [PREFIX/var]
-  --runstatedir=DIR       modifiable per-process data [LOCALSTATEDIR/run]
   --libdir=DIR            object code libraries [EPREFIX/lib]
   --includedir=DIR        C header files [PREFIX/include]
   --oldincludedir=DIR     C header files for non-gcc [/usr/include]
index 3ba97d8440268ef620dfad8f668e94def2c5b1b9..6f7d0c16fbff5c267f292d6ffa562e7bb168fd09 100644 (file)
       </li>
 <li class="listitem">
        <p>
-         The <code class="option">print-time</code> option in the
-         <code class="option">logging</code> configuration can now take arguments
+         The <span class="command"><strong>print-time</strong></span> option in the
+         <span class="command"><strong>logging</strong></span> configuration can now take arguments
          <strong class="userinput"><code>local</code></strong>, <strong class="userinput"><code>iso8601</code></strong> or
          <strong class="userinput"><code>iso8601-utc</code></strong> to indicate the format in
          which the date and time should be logged. For backward
          "[ECS <em class="replaceable"><code>address/source/scope</code></em>]".
        </p>
       </li>
+<li class="listitem">
+       <p>
+         When <span class="command"><strong>named</strong></span> is linked with OpenSSL, the
+         OpenSSL RAND routine can be used as the source of entropy/
+         randomness by specifying
+         <span class="command"><strong>random-device openssl;</strong></span> in
+         <code class="filename">named.conf</code>. It can also be used in tools
+         such as <span class="command"><strong>dnssec-keygen</strong></span>,
+         <span class="command"><strong>tsig-keygen</strong></span>,
+         and <span class="command"><strong>nsupdate</strong></span> by specifying
+         <span class="command"><strong>-r openssl</strong></span> on the command line.
+         This is suitable for a virtual machine environment without
+         a hardware random number generator.
+         This behavior can be overridden by using
+         <span class="command"><strong>configure --disable-crypto-rand</strong></span> or
+         building with native PKCS#11. [RT #31459]
+       </p>
+      </li>
 </ul></div>
   </div>
 
        <p>
          <span class="command"><strong>dnssec-keygen</strong></span> no longer has default
          algorithm settings. It is necessary to explicitly specify the
-         algorithm on the command line with the <code class="option">-a</code> option
+         algorithm on the command line with the <span class="command"><strong>-a</strong></span> option
          when generating keys. This may cause errors with existing signing
          scripts if they rely on current defaults. The intent is to
          reduce the long-term cost of transitioning to newer algorithms in
          The default output format for <span class="command"><strong>dnstap-read</strong></span> has
          been updated to include these addresses, with the initiating
          address first and the responding address second, separated by
-         "-%gt;" or "%lt;-" to indicate in which direction the message
+         "-&gt;" or "&lt;-" to indicate in which direction the message
          was sent. [RT #43595]
        </p>
       </li>
index bf78e258b23126b92d5a4a017e0d1731618f1bfb..803d992c022536ba1414cacff2fa87209775224d 100644 (file)
       </li>
 <li class="listitem">
        <p>
-         The <code class="option">print-time</code> option in the
-         <code class="option">logging</code> configuration can now take arguments
+         The <span class="command"><strong>print-time</strong></span> option in the
+         <span class="command"><strong>logging</strong></span> configuration can now take arguments
          <strong class="userinput"><code>local</code></strong>, <strong class="userinput"><code>iso8601</code></strong> or
          <strong class="userinput"><code>iso8601-utc</code></strong> to indicate the format in
          which the date and time should be logged. For backward
          "[ECS <em class="replaceable"><code>address/source/scope</code></em>]".
        </p>
       </li>
+<li class="listitem">
+       <p>
+         When <span class="command"><strong>named</strong></span> is linked with OpenSSL, the
+         OpenSSL RAND routine can be used as the source of entropy/
+         randomness by specifying
+         <span class="command"><strong>random-device openssl;</strong></span> in
+         <code class="filename">named.conf</code>. It can also be used in tools
+         such as <span class="command"><strong>dnssec-keygen</strong></span>,
+         <span class="command"><strong>tsig-keygen</strong></span>,
+         and <span class="command"><strong>nsupdate</strong></span> by specifying
+         <span class="command"><strong>-r openssl</strong></span> on the command line.
+         This is suitable for a virtual machine environment without
+         a hardware random number generator.
+         This behavior can be overridden by using
+         <span class="command"><strong>configure --disable-crypto-rand</strong></span> or
+         building with native PKCS#11. [RT #31459]
+       </p>
+      </li>
 </ul></div>
   </div>
 
        <p>
          <span class="command"><strong>dnssec-keygen</strong></span> no longer has default
          algorithm settings. It is necessary to explicitly specify the
-         algorithm on the command line with the <code class="option">-a</code> option
+         algorithm on the command line with the <span class="command"><strong>-a</strong></span> option
          when generating keys. This may cause errors with existing signing
          scripts if they rely on current defaults. The intent is to
          reduce the long-term cost of transitioning to newer algorithms in
          The default output format for <span class="command"><strong>dnstap-read</strong></span> has
          been updated to include these addresses, with the initiating
          address first and the responding address second, separated by
-         "-%gt;" or "%lt;-" to indicate in which direction the message
+         "-&gt;" or "&lt;-" to indicate in which direction the message
          was sent. [RT #43595]
        </p>
       </li>