Evan Hunt [Fri, 22 Mar 2013 19:27:54 +0000 (12:27 -0700)]
[master] add DSCP support
3535. [func] Add support for setting Differentiated Services Code
Point (DSCP) values in named. Most configuration
options which take a "port" option (e.g.,
listen-on, forwarders, also-notify, masters,
notify-source, etc) can now also take a "dscp"
option specifying a code point for use with
outgoing traffic, if supported by the underlying
OS. [RT #27596]
Mark Andrews [Wed, 20 Mar 2013 23:16:12 +0000 (10:16 +1100)]
3529. [func] Named now listens on both IPv4 and IPv6 interfaces
by default. Named previously only listened on IPv4
interfaces by default unless named was running in
IPv6 only mode. [RT #32945]
Evan Hunt [Wed, 20 Mar 2013 21:31:10 +0000 (14:31 -0700)]
[master] add dnssec-coverage tool
3528. [func] New "dnssec-coverage" command scans the timing
metadata for a set of DNSSEC keys and reports if a
lapse in signing coverage has been scheduled
inadvertently. (Note: This tool depends on python;
it will not be built or installed on systems that
do not have a python interpreter.) [RT #28098]
Evan Hunt [Tue, 19 Mar 2013 03:40:40 +0000 (20:40 -0700)]
[master] add xml/v2 and xml/v3 URIs
3527. [compat] Add a URI to allow applications to explicitly
request a particular XML schema from the statistics
channel, returning 404 if not supported. [RT #32481]
Evan Hunt [Thu, 14 Mar 2013 00:53:11 +0000 (17:53 -0700)]
[master] algorithm flexibility for rndc
3525. [func] Support for additional signing algorithms in rndc:
hmac-sha1, -sha224, -sha256, -sha384, and -sha512.
The -A option to rndc-confgen can be used to
select the algorithm for the generated key.
(The default is still hmac-md5; this may
change in a future release.) [RT #20363]
Evan Hunt [Wed, 13 Mar 2013 21:24:50 +0000 (14:24 -0700)]
[master] add JSON statistics channel
3524. [func] Added an alternate statistics channel in JSON format,
when the server is built with the json-c library:
http://[address]:[port]/json. [RT #32630]
Evan Hunt [Mon, 11 Mar 2013 23:49:52 +0000 (16:49 -0700)]
[master] DLZ modules: filesystem, ldap, wildcard
3523. [contrib] Ported filesystem and ldap DLZ drivers to
dynamically-loadable modules, and added the
"wildcard" module based on a contribution from
Vadim Goncharov <vgoncharov@nic.ru>. [RT #23569]
Evan Hunt [Thu, 7 Mar 2013 23:14:07 +0000 (15:14 -0800)]
[master] fix rndc replay protection
3519. [func] Full replay protection via four-way handshake is
now mandatory for rndc clients. Very old versions
of rndc will no longer work. [RT #32798]
Mark Andrews [Thu, 7 Mar 2013 07:44:45 +0000 (18:44 +1100)]
3518. [bug] Increase the size of dns_rrl_key.s.rtype by one bit
so that all dns_rrl_rtype_t enum values fit regardless
of whether it is teated as signed or unsigned by
the compiler. [RT #32792]
Evan Hunt [Mon, 4 Mar 2013 20:14:01 +0000 (12:14 -0800)]
[master] fix keysizes in confgen
3514. [bug] The ranges for valid key sizes in ddns-confgen and
rndc-confgen were too constrained. Keys up to 512
bits are now allowed for most algorithms, and up
to 1024 bits for hmac-sha384 and hmac-sha512.
[RT #32753]
projects / thirdparty / bind9.git / log
