From: Tinderbox User Date: Mon, 9 Sep 2019 13:13:39 +0000 (+0000) Subject: prep for 9.15.4 X-Git-Tag: v9.15.4^2 X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=badb8a474eb8464d78c8bd7dfb7ee9509ed67753;p=thirdparty%2Fbind9.git prep for 9.15.4 --- diff --git a/README b/README index 5c3e78f56b0..40cca3dea6c 100644 --- a/README +++ b/README @@ -110,6 +110,7 @@ of changes from BIND 9.14 and earlier releases. New features include: * Support for the new GeoIP2 geolocation API * Improved DNSSEC key configuration using dnssec-keys + * YAML output for dig, mdig, and delv. Building BIND diff --git a/bin/delv/delv.1 b/bin/delv/delv.1 index 14ed98d2a95..48b298a7a7e 100644 --- a/bin/delv/delv.1 +++ b/bin/delv/delv.1 @@ -409,6 +409,11 @@ Controls whether to use TCP when sending queries\&. The default is to use UDP un .RS 4 Print all RDATA in unknown RR type presentation format (RFC 3597)\&. The default is to print RDATA for known types in the type\*(Aqs presentation format\&. .RE +.PP +\fB+[no]yaml\fR +.RS 4 +Print response data in YAML format\&. +.RE .SH "FILES" .PP /etc/bind\&.keys diff --git a/bin/delv/delv.html b/bin/delv/delv.html index 2c00605c637..7ba08add2ad 100644 --- a/bin/delv/delv.html +++ b/bin/delv/delv.html @@ -548,6 +548,12 @@ in the type's presentation format.

+
+[no]yaml
+
+

+ Print response data in YAML format. +

+

diff --git a/bin/dig/dig.1 b/bin/dig/dig.1 index c17d9a65597..edcc350c98e 100644 --- a/bin/dig/dig.1 +++ b/bin/dig/dig.1 @@ -744,6 +744,13 @@ Display [do not display] the TTL when printing the record\&. Display [do not display] the TTL in friendly human\-readable time units of "s", "m", "h", "d", and "w", representing seconds, minutes, hours, days and weeks\&. Implies +ttlid\&. .RE .PP +\fB+[no]unexpected\fR +.RS 4 +Accept [do not accept] answers from unexpected sources\&. By default, +\fBdig\fR +won\*(Aqt accept a reply from a source other than the one to which it sent the query\&. +.RE +.PP \fB+[no]unknownformat\fR .RS 4 Print all RDATA in unknown RR type presentation format (RFC 3597)\&. The default is to print RDATA for known types in the type\*(Aqs presentation format\&. @@ -756,6 +763,13 @@ Use [do not use] TCP when querying name servers\&. This alternate syntax to is provided for backwards compatibility\&. The "vc" stands for "virtual circuit"\&. .RE .PP +\fB+[no]yaml\fR +.RS 4 +Print the responses (and, if +\fB+qr\fR +is in use, also the outgoing queries) in a detailed YAML format\&. +.RE +.PP \fB+[no]zflag\fR .RS 4 Set [do not set] the last unassigned DNS header flag in a DNS query\&. This flag is off by default\&. diff --git a/bin/dig/dig.html b/bin/dig/dig.html index a078616f01e..2d329cee93f 100644 --- a/bin/dig/dig.html +++ b/bin/dig/dig.html @@ -1000,6 +1000,14 @@ seconds, minutes, hours, days and weeks. Implies +ttlid.

+
+[no]unexpected
+
+

+ Accept [do not accept] answers from unexpected sources. By + default, dig won't accept a reply from a + source other than the one to which it sent the query. +

+
+[no]unknownformat

@@ -1017,6 +1025,13 @@ stands for "virtual circuit".

+
+[no]yaml
+
+

+ Print the responses (and, if +qr is in use, + also the outgoing queries) in a detailed YAML format. +

+
+[no]zflag

diff --git a/bin/tools/mdig.1 b/bin/tools/mdig.1 index 7829d9ceead..9cae8eb8719 100644 --- a/bin/tools/mdig.1 +++ b/bin/tools/mdig.1 @@ -233,6 +233,11 @@ Use [do not use] TCP when querying name servers\&. This alternate syntax to \fI+[no]tcp\fR is provided for backwards compatibility\&. The "vc" stands for "virtual circuit"\&. .RE +.PP +\fB+[no]yaml\fR +.RS 4 +Print the responses in a detailed YAML format\&. +.RE .SH "LOCAL OPTIONS" .PP The diff --git a/bin/tools/mdig.html b/bin/tools/mdig.html index 1a617c4688e..cc258041c01 100644 --- a/bin/tools/mdig.html +++ b/bin/tools/mdig.html @@ -333,6 +333,12 @@ stands for "virtual circuit".

+
+[no]yaml
+
+

+ Print the responses in a detailed YAML format. +

+

diff --git a/doc/arm/Bv9ARM.html b/doc/arm/Bv9ARM.html index 4a6d9086fb5..f51222702c4 100644 --- a/doc/arm/Bv9ARM.html +++ b/doc/arm/Bv9ARM.html @@ -32,7 +32,7 @@

BIND 9 Administrator Reference Manual

-

BIND Version 9.15.3

+

BIND Version 9.15.4


@@ -245,7 +245,7 @@
A. Release Notes
-
Release Notes for BIND Version 9.15.3
+
Release Notes for BIND Version 9.15.4
Introduction
Note on Version Numbering
@@ -443,6 +443,6 @@ -

BIND 9.15.3 (Development Release)

+

BIND 9.15.4 (Development Release)

diff --git a/doc/arm/Bv9ARM.pdf b/doc/arm/Bv9ARM.pdf index 596f06cbaa5..66c3639350f 100644 Binary files a/doc/arm/Bv9ARM.pdf and b/doc/arm/Bv9ARM.pdf differ diff --git a/doc/arm/notes.html b/doc/arm/notes.html index 6e6493cbf0b..657821f602a 100644 --- a/doc/arm/notes.html +++ b/doc/arm/notes.html @@ -15,7 +15,7 @@

-Release Notes for BIND Version 9.15.3

+Release Notes for BIND Version 9.15.4

@@ -123,6 +123,15 @@

New Features

    +
  • +

    + Added a new command line option to dig: + <comand>+[no]unexpected</comand>. By default, dig + won't accept a reply from a source other than the one to which + it sent the query. Add the +unexpected argument + to enable it to process replies from unexpected sources. +

    +
  • The GeoIP2 API from MaxMind is now supported. Geolocation support @@ -196,9 +205,16 @@

  • - Statistics channel groups are now toggleable. [GL #1030] + Statistics channel groups are now toggleable. [GL #1030]

  • +
  • +

    + dig, mdig and + delv can all now take a +yaml + option to print output in a a detailed YAML format. [RT #1145] +

    +

@@ -288,7 +304,7 @@ A SipHash 2-4 based DNS Cookie (RFC 7873) algorithm has been added and made default. Old non-default HMAC-SHA based DNS Cookie algorithms have been removed, and only the default AES algorithm is being kept - for legacy reasons. This changes doesn't have any operational impact + for legacy reasons. This change doesn't have any operational impact in most common scenarios. [GL #605]

@@ -386,8 +402,8 @@

  • - named-checkconf now correctly reports missing - dnstap-output option when + named-checkconf now correctly reports + a missing dnstap-output option when dnstap is set. [GL #1136]

  • @@ -403,6 +419,13 @@ when run with +expandaaaa +short. [GL #1152]

    +
  • +

    + When a response-policy zone expires, ensure + that its policies are removed from the RPZ summary database. + [GL #1146] +

    +
  • diff --git a/doc/arm/notes.pdf b/doc/arm/notes.pdf index c2090f9e100..d6d1fc3327d 100644 Binary files a/doc/arm/notes.pdf and b/doc/arm/notes.pdf differ diff --git a/doc/arm/notes.txt b/doc/arm/notes.txt index 896a7ad6463..81fd3256933 100644 --- a/doc/arm/notes.txt +++ b/doc/arm/notes.txt @@ -1,4 +1,4 @@ -Release Notes for BIND Version 9.15.3 +Release Notes for BIND Version 9.15.4 Introduction @@ -65,6 +65,11 @@ Security Fixes New Features + * Added a new command line option to dig: +[no]unexpected. By default, dig won't accept a reply from a source other than + the one to which it sent the query. Add the +unexpected argument to + enable it to process replies from unexpected sources. + * The GeoIP2 API from MaxMind is now supported. Geolocation support will be compiled in by default if the libmaxminddb library is found at compile time, but can be turned off by using configure --disable-geoip @@ -109,6 +114,9 @@ New Features * Statistics channel groups are now toggleable. [GL #1030] + * dig, mdig and delv can all now take a +yaml option to print output in + a a detailed YAML format. [RT #1145] + Removed Features * The dnssec-enable option has been obsoleted and no longer has any @@ -153,8 +161,8 @@ Feature Changes * A SipHash 2-4 based DNS Cookie (RFC 7873) algorithm has been added and made default. Old non-default HMAC-SHA based DNS Cookie algorithms have been removed, and only the default AES algorithm is being kept - for legacy reasons. This changes doesn't have any operational impact - in most common scenarios. [GL #605] + for legacy reasons. This change doesn't have any operational impact in + most common scenarios. [GL #605] If you are running multiple DNS Servers (different versions of BIND 9 or DNS server from multiple vendors) responding from the same IP @@ -207,7 +215,7 @@ Bug Fixes * named-checkconf now checks DNS64 prefixes to ensure bits 64-71 are zero. [GL #1159] - * named-checkconf now correctly reports missing dnstap-output option + * named-checkconf now correctly reports a missing dnstap-output option when dnstap is set. [GL #1136] * Handle ETIMEDOUT error on connect() with a non-blocking socket. [GL # @@ -216,6 +224,9 @@ Bug Fixes * dig now correctly expands the IPv6 address when run with +expandaaaa +short. [GL #1152] + * When a response-policy zone expires, ensure that its policies are + removed from the RPZ summary database. [GL #1146] + License BIND is open source software licensed under the terms of the Mozilla