summaryrefslogtreecommitdiffstats
path: root/ChangeLog
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 15:59:48 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 15:59:48 +0000
commit3b9b6d0b8e7f798023c9d109c490449d528fde80 (patch)
tree2e1c188dd7b8d7475cd163de9ae02c428343669b /ChangeLog
parentInitial commit. (diff)
downloadbind9-3b9b6d0b8e7f798023c9d109c490449d528fde80.tar.xz
bind9-3b9b6d0b8e7f798023c9d109c490449d528fde80.zip
Adding upstream version 1:9.18.19.upstream/1%9.18.19
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--ChangeLog20804
1 files changed, 20804 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
new file mode 100644
index 0000000..2f21454
--- /dev/null
+++ b/ChangeLog
@@ -0,0 +1,20804 @@
+ --- 9.18.19 released ---
+
+6246. [security] Fix use-after-free error in TLS DNS code when sending
+ data. (CVE-2023-4236) [GL #4242]
+
+6245. [security] Limit the amount of recursion that can be performed
+ by isccc_cc_fromwire. (CVE-2023-3341) [GL #4152]
+
+6244. [bug] Adjust log levels on malformed messages to NOTICE when
+ transferring in a zone. [GL #4290]
+
+6241. [bug] Take into account the possibility of partial TLS writes
+ in TLS DNS code. That helps to prevent DNS messages
+ corruption on long DNS over TLS streams. [GL #4255]
+
+6240. [bug] Use dedicated per-worker thread jemalloc memory
+ arenas for send buffers allocation to reduce memory
+ consumption and avoid lock contention. [GL #4038]
+
+6239. [func] Deprecate the 'dnssec-must-be-secure' option.
+ [GL #3700]
+
+6237. [bug] Address memory leaks due to not clearing OpenSSL error
+ stack. [GL #4159]
+
+6235. [doc] Clarify BIND 9 time formats. [GL #4266]
+
+6234. [bug] Restore stale-refresh-time value after flushing the
+ cache. [GL #4278]
+
+6232. [bug] Following the introduction of krb5-subdomain-self-rhs
+ and ms-subdomain-self-rhs update rules, removal of
+ nonexistent PTR and SRV records via UPDATE could fail.
+ [GL #4280]
+
+6231. [func] Make nsupdate honor -v for SOA requests if the server
+ is specified. [GL #1181]
+
+6230. [bug] Prevent an unnecessary query restart if a synthesized
+ CNAME target points to the CNAME owner. [GL #3835]
+
+6227. [bug] Check the statistics-channel HTTP Content-length
+ to prevent negative or overflowing values from
+ causing a crash. [GL #4125]
+
+6224. [bug] Check the If-Modified-Since value length to prevent
+ out-of-bounds write. [GL #4124]
+
+ --- 9.18.18 released ---
+
+6220. [func] Deprecate the 'dialup' and 'heartbeat-interval'
+ options. [GL #3700]
+
+6219. [bug] Ignore 'max-zone-ttl' on 'dnssec-policy insecure'.
+ [GL #4032]
+
+6215. [protocol] Return REFUSED to GSS-API TKEY requests if GSS-API
+ support is not configured. [GL #4225]
+
+6213. [bug] Mark a primary server as temporarily unreachable if the
+ TCP connection attempt times out. [GL #4215]
+
+6212. [bug] Don't process detach and close netmgr events when
+ the netmgr has been paused. [GL #4200]
+
+ --- 9.18.17 released ---
+
+6206. [bug] Add shutdown checks in dns_catz_dbupdate_callback() to
+ avoid a race with dns_catz_shutdown_catzs(). [GL #4171]
+
+6205. [bug] Restore support to read legacy HMAC-MD5 K file pairs.
+ [GL #4154]
+
+6204. [bug] Use NS records for relaxed QNAME-minimization mode.
+ This reduces the number of queries named makes when
+ resolving, as it allows the non-existence of NS RRsets
+ at non-referral nodes to be cached in addition to the
+ referrals that are normally cached. [GL #3325]
+
+6200. [bug] Fix nslookup erroneously reporting a timeout when the
+ input is delayed. [GL #4044]
+
+6199. [bug] Improve HTTP Connection: header protocol conformance
+ in the statistics channel. [GL #4126]
+
+6198. [func] Remove the holes in the isc_result_t enum to compact
+ the isc_result tables. [GL #4149]
+
+6197. [bug] Fix a data race between the dns_zone and dns_catz
+ modules when registering/unregistering a database
+ update notification callback for a catalog zone.
+ [GL #4132]
+
+6196. [cleanup] Report "permission denied" instead of "unexpected error"
+ when trying to update a zone file on a read-only file
+ system. Thanks to Midnight Veil. [GL #4134]
+
+6193. [bug] Fix a catz db update notification callback registration
+ logic error, which could crash named when receiving an
+ AXFR update for a catalog zone while the previous update
+ process of the catalog zone was already running.
+ [GL #4136]
+
+6166. [func] Retry without DNS COOKIE on FORMERR if it appears that
+ the FORMERR was due to the presence of a DNS COOKIE
+ option. [GL #4049]
+
+ --- 9.18.16 released ---
+
+6192. [security] A query that prioritizes stale data over lookup
+ triggers a fetch to refresh the stale data in cache.
+ If the fetch is aborted for exceeding the recursion
+ quota, it was possible for 'named' to enter an infinite
+ callback loop and crash due to stack overflow. This has
+ been fixed. (CVE-2023-2911) [GL #4089]
+
+6190. [security] Improve the overmem cleaning process to prevent the
+ cache going over the configured limit. (CVE-2023-2828)
+ [GL #4055]
+
+6188. [performance] Reduce memory consumption by allocating properly
+ sized send buffers for stream-based transports.
+ [GL #4038]
+
+6186. [bug] Fix a 'clients-per-query' miscalculation bug. When the
+ 'stale-answer-enable' options was enabled and the
+ 'stale-answer-client-timeout' option was enabled and
+ larger than 0, named was taking two places from the
+ 'clients-per-query' limit for each client and was
+ failing to gradually auto-tune its value, as configured.
+ [GL #4074]
+
+6185. [func] Add "ClientQuota" statistics channel counter, which
+ indicates the number of the resolver's spilled queries
+ due to reaching the clients per query quota. [GL !7978]
+
+6183. [bug] Fix a serve-stale bug where a delegation from cache
+ could be returned to the client. [GL #3950]
+
+6182. [cleanup] Remove configure checks for epoll, kqueue and
+ /dev/poll. [GL #4098]
+
+6181. [func] The "tkey-dhkey" option has been deprecated; a
+ warning will be logged when it is used. In a future
+ release, Diffie-Hellman TKEY mode will be removed.
+ [GL #3905]
+
+6180. [bug] The session key object could be incorrectly added
+ to multiple different views' keyrings. [GL #4079]
+
+6179. [bug] Fix an interfacemgr use-after-free error in
+ zoneconf.c:isself(). [GL #3765]
+
+6176. [test] Add support for using pytest & pytest-xdist to
+ execute the system test suite. [GL #3978]
+
+6174. [bug] BIND could get stuck on reconfiguration when a
+ 'listen' statement for HTTP is removed from the
+ configuration. That has been fixed. [GL #4071]
+
+6173. [bug] Properly process extra "nameserver" lines in
+ resolv.conf otherwise the next line is not properly
+ processed. [GL #4066]
+
+6169. [bug] named could crash when deleting inline-signing zones
+ with "rndc delzone". [GL #4054]
+
+6165. [bug] Fix a logic error in dighost.c which could call the
+ dighost_shutdown() callback twice and cause problems
+ if the callback function was not idempotent. [GL #4039]
+
+ --- 9.18.15 released ---
+
+6164. [bug] Set the rndc idle read timeout back to 60 seconds,
+ from the netmgr default of 30 seconds, in order to
+ match the behavior of 9.16 and earlier. [GL #4046]
+
+6161. [bug] Fix log file rotation when using absolute path as
+ file. [GL #3991]
+
+6157. [bug] When removing delegations in an OPTOUT range
+ empty-non-terminal NSEC3 records generated by
+ those delegations were not removed. [GL #4027]
+
+6156. [bug] Reimplement the maximum and idle timeouts for incoming
+ zone tranfers. [GL #4004]
+
+6155. [bug] Treat ISC_R_INVALIDPROTO as a networking error
+ in the dispatch code to avoid retrying with the
+ same server. [GL #4005]
+
+6152. [bug] In dispatch, honour the configured source-port
+ selection when UDP connection fails with address
+ in use error.
+
+ Also treat ISC_R_NOPERM same as ISC_R_ADDRINUSE.
+ [GL #3986]
+
+6149. [test] As a workaround, include an OpenSSL header file before
+ including cmocka.h in the unit tests, because OpenSSL
+ 3.1.0 uses __attribute__(malloc), conflicting with a
+ redefined malloc in cmocka.h. [GL #4000]
+
+ --- 9.18.14 released ---
+
+6145. [bug] Fix a possible use-after-free bug in the
+ dns__catz_done_cb() function. [GL #3997]
+
+6143. [bug] A reference counting problem on the error path in
+ the xfrin_connect_done() might cause an assertion
+ failure on shutdown. [GL #3989]
+
+6142. [bug] Reduce the number of dns_dnssec_verify calls made
+ determining if revoked keys needs to be removed from
+ the trust anchors. [GL #3981]
+
+6141. [bug] Fix several issues in nsupdate timeout handling and
+ update the -t option's documentation. [GL #3674]
+
+6138. [doc] Fix the DF-flag documentation on the outgoing
+ UDP packets. [GL #3710]
+
+6136. [cleanup] Remove the isc_fsaccess API in favor of creating
+ temporary file first and atomically replace the key
+ with non-truncated content. [GL #3982]
+
+6132. [doc] Remove a dead link in the DNSSEC guide. [GL #3967]
+
+6129. [cleanup] Value stored to 'source' during its initialization is
+ never read. [GL #3965]
+
+6128. [bug] Fix an omission in an earlier commit to avoid a race
+ between the 'dns__catz_update_cb()' and
+ 'dns_catz_dbupdate_callback()' functions. [GL #3968]
+
+6126. [cleanup] Deprecate zone type "delegation-only" and the
+ "delegation-only" and "root-delegation-only"
+ options. [GL #3953]
+
+6125. [bug] Hold a catz reference while the update process is
+ running, so that the catalog zone is not destroyed
+ during shutdown until the update process is finished or
+ properly canceled by the activated 'shuttingdown' flag.
+ [GL #3955]
+
+6124. [bug] When changing from a NSEC3 capable DNSSEC algorithm to
+ an NSEC3 incapable DNSSEC algorithm using KASP the zone
+ could sometimes be incompletely signed. [GL #3937]
+
+6121. [bug] Fix BIND and dig zone transfer hanging when
+ downloading large zones over TLS from a primary server,
+ especially over unstable connections. [GL #3867]
+
+ --- 9.18.13 released ---
+
+6120. [bug] Use two pairs of dns_db_t and dns_dbversion_t in a
+ catalog zone structure to avoid a race between the
+ dns__catz_update_cb() and dns_catz_dbupdate_callback()
+ functions. [GL #3907]
+
+6119. [bug] Make sure to revert the reconfigured zones to the
+ previous version of the view, when the new view
+ reconfiguration fails during the configuration of
+ one of the configured zones. [GL #3911]
+
+6116. [bug] Fix error path cleanup issues in dns_catz_new_zones()
+ and dns_catz_new_zone() functions. [GL #3900]
+
+6115. [bug] Unregister db update notify callback before detaching
+ from the previous db inside the catz update notify
+ callback. [GL #3777]
+
+6114. [func] Run the catalog zone update process on the offload
+ threads. [GL #3881]
+
+6113. [func] Add shutdown signaling for catalog zones. [GL !7571]
+
+6112. [func] Add reference count tracing for dns_catz_zone_t and
+ dns_catz_zones_t. [GL !7570]
+
+6105. [bug] Detach 'rpzs' and 'catzs' from the previous view in
+ configure_rpz() and configure_catz(), respectively,
+ just after attaching it to the new view. [GL #3880]
+
+6098. [test] Don't test HMAC-MD5 when not supported by libcrypto.
+ [GL #3871]
+
+6096. [bug] Fix RPZ reference counting error on shutdown in
+ dns__rpz_timer_cb(). [GL #3866]
+
+6095. [test] Test various 'islands of trust' configurations when
+ using managed keys. [GL #3662]
+
+6094. [bug] Building against (or running with) libuv versions
+ 1.35.0 and 1.36.0 is now a fatal error. The rules for
+ mixing and matching compile-time and run-time libuv
+ versions have been tightened for libuv versions between
+ 1.35.0 and 1.40.0. [GL #3840]
+
+6092. [bug] dnssec-cds failed to cleanup properly. [GL #3831]
+
+6089. [bug] Source ports configured for query-source,
+ transfer-source, etc, were being ignored. (This
+ feature is deprecated, but it is not yet removed,
+ so the bug still needed fixing.) [GL #3790]
+
+ --- 9.18.12 released ---
+
+6083. [bug] Fix DNSRPS-enabled builds as they were inadvertently
+ broken by change 6042. [GL #3827]
+
+6082. [test] fuzz/dns_message_checksig leaked memory when shutting
+ down. [GL #3828]
+
+6081. [bug] Handle primary server address lookup failures in
+ nsupdate more gracefully. [GL #3830]
+
+6080. [bug] 'named -V' leaked memory. [GL #3829]
+
+6079. [bug] Force set the DS state after a 'rdnc dnssec -checkds'
+ command. [GL #3822]
+
+6075. [bug] Add missing node lock when setting node->wild in
+ add_wildcard_magic. [GL #3799]
+
+6074. [func] Refactor the isc_nm_xfr_allowed() function to return
+ isc_result_t instead of boolean. [GL #3808]
+
+6073. [bug] Set RD=1 on DS requests to parental-agents. [GL #3783]
+
+6072. [bug] Avoid the OpenSSL lock contention when initializing
+ Message Digest Contexts by using explicit algorithm
+ fetching, initializing static contexts for every
+ supported algorithms, and initializing the new context
+ by copying the static copy. [GL #3795]
+
+6071. [func] The use of "port" when configuring query-source,
+ transfer-source, notify-source and parental-source
+ addresses has been deprecated, along with the
+ use-v[46]-udp-ports and avoid-v[46]-udp-ports
+ options. A warning will be logged when these
+ options are used. In a future release, they
+ will be removed. [GL #3781]
+
+
+6069. [bug] Detach from the view in zone_shutdown() to
+ release the memory held by the dead view
+ early. [GL #3801]
+
+6068. [bug] Downloading a zone via TLS from a server which does
+ not negotiate "dot" ALPN token could crash BIND
+ on shutdown. That has been fixed. [GL #3767]
+
+6057. [bug] Fix shutdown and error path bugs in the rpz unit.
+ [GL #3735]
+
+5850. [func] Run the RPZ update process on the offload threads.
+ [GL #3190]
+
+ --- 9.18.11 released ---
+
+6067. [security] Fix serve-stale crash when recursive clients soft quota
+ is reached. (CVE-2022-3924) [GL #3619]
+
+6066. [security] Handle RRSIG lookups when serve-stale is active.
+ (CVE-2022-3736) [GL #3622]
+
+6064. [security] An UPDATE message flood could cause named to exhaust all
+ available memory. This flaw was addressed by adding a
+ new "update-quota" statement that controls the number of
+ simultaneous UPDATE messages that can be processed or
+ forwarded. The default is 100. A stats counter has been
+ added to record events when the update quota is
+ exceeded, and the XML and JSON statistics version
+ numbers have been updated. (CVE-2022-3094) [GL #3523]
+
+6062. [func] The DSCP implementation, which has been
+ nonfunctional for some time, is now marked as
+ obsolete and the implementation has been removed.
+ Configuring DSCP values in named.conf has no
+ effect, and a warning will be logged that
+ the feature should no longer be used. [GL #3773]
+
+6061. [bug] Fix unexpected "Prohibited" extended DNS error
+ on allow-recursion. [GL #3743]
+
+6060. [bug] Fix a use-after-free bug in dns_zonemgr_releasezone()
+ by detaching from the zone manager outside of the write
+ lock. [GL #3768]
+
+6059. [bug] In some serve stale scenarios, like when following an
+ expired CNAME record, named could return SERVFAIL if the
+ previous request wasn't successful. Consider non-stale
+ data when in serve-stale mode. [GL #3678]
+
+6058. [bug] Prevent named from crashing when "rndc delzone"
+ attempts to delete a zone added by a catalog zone.
+ [GL #3745]
+
+6053. [bug] Fix an ADB quota management bug in resolver. [GL #3752]
+
+6051. [bug] Improve thread safety in the dns_dispatch unit.
+ [GL #3178] [GL #3636]
+
+6050. [bug] Changes to the RPZ response-policy min-update-interval
+ and add-soa options now take effect as expected when
+ named is reconfigured. [GL #3740]
+
+6049. [bug] Exclude ABD hashtables from the ADB memory
+ overmem checks and don't clean ADB names
+ and ADB entries used in the last 10 seconds
+ (ADB_CACHE_MINIMUM). [GL #3739]
+
+6048. [bug] Fix a log message error in dns_catz_update_from_db(),
+ where serials with values of 2^31 or larger were logged
+ incorrectly as negative numbers. [GL #3742]
+
+6047. [bug] Try the next server instead of trying the same
+ server again on an outgoing query timeout.
+ [GL #3637]
+
+6046. [bug] TLS session resumption might lead to handshake
+ failures when client certificates are used for
+ authentication (Mutual TLS). This has been fixed.
+ [GL #3725]
+
+6045. [cleanup] The list of supported DNSSEC algorithms changed log
+ level from "warning" to "notice" to match named's other
+ startup messages. [GL !7217]
+
+6044. [bug] There was an "RSASHA236" typo in a log message.
+ [GL !7206]
+
+5845. [bug] Refactor the timer to keep track of posted events
+ as to use isc_task_purgeevent() instead of using
+ isc_task_purgerange(). The isc_task_purgeevent()
+ has been refactored to purge a single event instead
+ of walking through the list of posted events.
+ [GL #3252]
+
+5830. [func] Implement incremental resizing of isc_ht hash tables to
+ perform the rehashing gradually. The catalog zone
+ implementation has been optimized to work with hundreds
+ of thousands of member zones. [GL #3212] [GL #3744]
+
+ --- 9.18.10 released ---
+
+6043. [bug] The key file IO locks objects would never get
+ deleted from the hashtable due to off-by-one error.
+ [GL #3727]
+
+6042. [bug] ANY responses could sometimes have the wrong TTL.
+ [GL #3613]
+
+6040. [bug] Speed up the named shutdown time by explicitly
+ canceling all recursing ns_client objects for
+ each ns_clientmgr. [GL #3183]
+
+6039. [bug] Removing a catalog zone from catalog-zones without
+ also removing the referenced zone could leave a
+ dangling pointer. [GL #3683]
+
+6036. [bug] nslookup and host were not honoring the selected port
+ in TCP mode. [GL #3721]
+
+6034. [func] Deprecate alt-transfer-source, alt-transfer-source-v6
+ and use-alt-transfer-source. [GL #3694]
+
+6031. [bug] Move the "final reference detached" log message
+ from dns_zone unit to the DEBUG(1) log level.
+ [GL #3707]
+
+6027. [bug] Fix assertion failure in isc_http API used by
+ statschannel if the read callback would be called
+ on HTTP request that has been already closed.
+ [GL #3693]
+
+6026. [cleanup] Deduplicate time unit conversion factors.
+ [GL !7033]
+
+6025. [bug] Copy TLS identifier when setting up primaries for
+ catalog member zones. [GL #3638]
+
+6024. [func] Deprecate 'auto-dnssec'. [GL #3667]
+
+6022. [performance] The decompression implementation in dns_name_fromwire()
+ is now smaller and faster. [GL #3655]
+
+6021. [bug] Use the current domain name when checking answers from
+ a dual-stack-server. [GL #3607]
+
+6020. [bug] Ensure 'named-checkconf -z' respects the check-wildcard
+ option when loading a zone. [GL #1905]
+
+6019. [func] Deprecate `coresize`, `datasize`, `files`, and
+ `stacksize` named.conf options. [GL #3676]
+
+
+6017. [bug] The view's zone table was not locked when it should
+ have been leading to race conditions when external
+ extensions that manipulate the zone table where in
+ use. [GL #3468]
+
+6015. [bug] Some browsers (Firefox) send more than 10 HTTP
+ headers. Bump the number of allowed HTTP headers
+ to 100. [GL #3670]
+
+5902. [func] NXDOMAIN cache records are no longer retained in
+ the cache after expiry, even when serve-stale is
+ in use. [GL #3386]
+
+ --- 9.18.9 released ---
+
+6013. [bug] Fix a crash that could happen when you change
+ a dnssec-policy zone with NSEC3 to start using
+ inline-signing. [GL #3591]
+
+6009. [bug] Don't trust a placeholder KEYDATA from the managed-keys
+ zone by adding it into secroots. [GL #2895]
+
+6008. [bug] Fixed a race condition that could cause a crash
+ in dns_zone_synckeyzone(). [GL #3617]
+
+6007. [cleanup] Don't enforce the jemalloc use on NetBSD. [GL #3634]
+
+6003. [bug] Fix an inheritance bug when setting the port on
+ remote servers in configuration. [GL #3627]
+
+6002. [bug] Fix a resolver prefetch bug when the record's TTL value
+ is equal to the configured prefetch eligibility value,
+ but the record was erroneously not treated as eligible
+ for prefetching. [GL #3603]
+
+6001. [bug] Always call dns_adb_endudpfetch() after calling
+ dns_adb_beginudpfetch() for UDP queries in resolver.c,
+ in order to adjust back the quota. [GL #3598]
+
+6000. [bug] Fix a startup issue on Solaris systems with many
+ (reportedly > 510) CPUs. Thanks to Stacey Marshall from
+ Oracle for deep investigation of the problem. [GL #3563]
+
+5999. [bug] rpz-ip rules could be ineffective in some scenarios
+ with CD=1 queries. [GL #3247]
+
+5998. [bug] The RecursClients statistics counter could overflow
+ in certain resolution scenarios. [GL #3584]
+
+5997. [cleanup] Less ceremonial UNEXPECTED_ERROR() and FATAL_ERROR()
+ reporting macros. [GL !6914]
+
+5996. [bug] Fix a couple of bugs in cfg_print_duration(), which
+ could result in generating incomplete duration values
+ when printing the configuration using named-checkconf.
+ [GL !6880]
+
+5994. [func] Refactor the isc_httpd implementation used in the
+ statistics channel. [GL !6879]
+
+ --- 9.18.8 released ---
+
+5991. [protocol] Add support for parsing and validating "dohpath" to
+ SVCB. [GL #3544]
+
+5990. [test] fuzz/dns_message_checksig now creates the key directory
+ it uses when testing in /tmp at run time. [GL #3569]
+
+5988. [bug] Some out of memory conditions in opensslrsa_link.c
+ could lead to memory leaks. [GL #3551]
+
+5984. [func] 'named -V' now reports the list of supported
+ DNSSEC/DS/HMAC algorithms and the supported TKEY modes.
+ [GL #3541]
+
+5983. [bug] Changing just the TSIG key names for primaries in
+ catalog zones' member zones was not effective.
+ [GL #3557]
+
+5982. [func] Extend dig to allow requests to be signed using SIG(0)
+ as well as providing a mechanism to specify the signing
+ time. [GL !5923]
+
+5981. [test] Add dns_message_checksig fuzzer to check messages
+ signed using TSIG or SIG(0). [GL !5923]
+
+5978. [port] The ability to use pkcs11 via engine_pkcs11 has been
+ restored, by only using deprecated APIs in
+ OpenSSL 3.0.0. BIND needs to be compiled with
+ '-DOPENSSL_API_COMPAT=10100' specified in the CFLAGS
+ at compile time. [GL !6711]
+
+5973. [bug] Fixed a possible invalid detach in UPDATE
+ processing. [GL #3522]
+
+5972. [bug] Gracefully handle when the statschannel HTTP connection
+ gets cancelled during sending data back to the client.
+ [GL #3542]
+
+5970. [func] Log the reason why a query was refused. [GL !6669]
+
+5967. [cleanup] Flagged the "random-device" option (which was
+ already nonoperational) as obsolete; configuring it
+ will generate a warning. [GL #3399]
+
+5963. [bug] Ensure struct named_server is properly initialized.
+ [GL #6531]
+
+ --- 9.18.7 released ---
+
+5962. [security] Fix memory leak in EdDSA verify processing.
+ (CVE-2022-38178) [GL #3487]
+
+5960. [security] Fix serve-stale crash that could happen when
+ stale-answer-client-timeout was set to 0 and there was
+ a stale CNAME in the cache for an incoming query.
+ (CVE-2022-3080) [GL #3517]
+
+5959. [security] Fix memory leaks in the DH code when using OpenSSL 3.0.0
+ and later versions. The openssldh_compare(),
+ openssldh_paramcompare(), and openssldh_todns()
+ functions were affected. (CVE-2022-2906) [GL #3491]
+
+5958. [security] When an HTTP connection was reused to get
+ statistics from the stats channel, and zlib
+ compression was in use, each successive
+ response sent larger and larger blocks of memory,
+ potentially reading past the end of the allocated
+ buffer. (CVE-2022-2881) [GL #3493]
+
+5957. [security] Prevent excessive resource use while processing large
+ delegations. (CVE-2022-2795) [GL #3394]
+
+5956. [func] Make RRL code treat all QNAMEs that are subject to
+ wildcard processing within a given zone as the same
+ name. [GL #3459]
+
+5955. [port] The libxml2 library has deprecated the usage of
+ xmlInitThreads() and xmlCleanupThreads() functions. Use
+ xmlInitParser() and xmlCleanupParser() instead.
+ [GL #3518]
+
+5954. [func] Fallback to IDNA2003 processing in dig when IDNA2008
+ conversion fails. [GL #3485]
+
+5953. [bug] Fix a crash on shutdown in delete_trace_entry(). Add
+ mctx attach/detach pair to make sure that the memory
+ context used by a memory pool is not destroyed before
+ the memory pool itself. [GL #3515]
+
+5952. [bug] Use quotes around address strings in YAML output.
+ [GL #3511]
+
+5951. [bug] In some cases, the dnstap query_message field was
+ erroneously set when logging response messages.
+ [GL #3501]
+
+5948. [bug] Fix nsec3.c:dns_nsec3_activex() function, add a missing
+ dns_db_detachnode() call. [GL #3500]
+
+5947. [func] Change dnssec-policy to allow graceful transition from
+ an NSEC only zone to NSEC3. [GL #3486]
+
+5946. [bug] Fix statistics channel's handling of multiple HTTP
+ requests in a single connection which have non-empty
+ request bodies. [GL #3463]
+
+5945. [bug] If parsing /etc/bind.key failed, delv could assert
+ when trying to parse the built in trust anchors as
+ the parser hadn't been reset. [GL !6468]
+
+5944. [bug] Fix +http-plain-get and +http-plain-post options
+ support in dig. Thanks to Marco Davids at SIDN for
+ reporting the problem. [GL !6672]
+
+5942. [bug] Fix tkey.c:buildquery() function's error handling by
+ adding the missing cleanup code. [GL #3492]
+
+5941. [func] Zones with dnssec-policy now require dynamic DNS or
+ inline-siging to be configured explicitly. [GL #3381]
+
+5938. [bug] An integer type overflow could cause an assertion
+ failure when freeing memory. [GL #3483]
+
+5936. [bug] Don't enable serve-stale for lookups that error because
+ it is a duplicate query or a query that would be
+ dropped. [GL #2982]
+
+5935. [bug] Fix DiG lookup reference counting bug, which could
+ be observed in NSSEARCH mode. [GL #3478]
+
+ --- 9.18.6 released ---
+
+5934. [func] Improve fetches-per-zone fetch limit logging to log
+ the final allowed and spilled values of the fetch
+ counters before the counter object gets destroyed.
+ [GL #3461]
+
+5933. [port] Automatically disable RSASHA1 and NSEC3RSASHA1 in
+ named on Fedorda 33, Oracle Linux 9 and RHEL9 when
+ they are disabled by the security policy. [GL #3469]
+
+5932. [bug] Fix rndc dumpdb -expired and always include expired
+ RRsets, not just for RBTDB_VIRTUAL time window.
+ [GL #3462]
+
+5931. [bug] Fix DiG query error handling robustness in NSSEARCH
+ mode by making sure that udp_ready(), tcp_connected(),
+ and send_done() callbacks start the next query in chain
+ even if there is some kind of error with the previous
+ query. [GL #3419]
+
+5930. [bug] Fix DiG query retry and fail-over bug in UDP mode.
+ Also simplify the overall retry and fail-over logic to
+ make it behave predictably, and always respect the
+ documented +retry/+tries count set by a command-line
+ option (or use the default values of 2 or 3
+ respectively). [GL #3407]
+
+5929. [bug] The "max-zone-ttl" option in "dnssec-policy" was
+ not fully effective; it was used for timing key
+ rollovers but did not actually place an upper limit
+ on TTLs when loading a zone. This has been
+ corrected, and the documentation has been clarified
+ to indicate that the old "max-zone-ttl" zone option
+ is now ignored when "dnssec-policy" is in use.
+ [GL #2918]
+
+5927. [bug] A race was possible in dns_dispatch_connect()
+ that could trigger an assertion failure if two
+ threads called it near-simultaneously. [GL #3456]
+
+5926. [func] Handle transient TCP connect() EADDRINUSE failures
+ on FreeBSD (and possibly other BSDs) by trying three
+ times before giving up. [GL #3451]
+
+5925. [bug] With a forwarder configured for all queries, resolution
+ failures encountered during DS chasing could trigger
+ assertion failures due to a logic bug in
+ resume_dslookup() that caused it to call
+ dns_resolver_createfetch() with an invalid name.
+ [GL #3439]
+
+5924. [func] When it's necessary to use AXFR to respond to an
+ IXFR request, a message explaining the reason
+ is now logged at level info. [GL #2683]
+
+5923. [bug] Fix inheritance for dnssec-policy when checking for
+ inline-signing. [GL #3438]
+
+5922. [bug] Forwarding of UPDATE message could fail with the
+ introduction of netmgr. This has been fixed. [GL #3389]
+
+5921. [test] Convert system tests to use a default DNSKEY algorithm
+ where the test is not DNSKEY algorithm specific.
+ [GL #3440]
+
+ --- 9.18.5 released ---
+
+5917. [bug] Update ifconfig.sh script as is miscomputed interface
+ identifiers when destroying interfaces. [GL #3061]
+
+5916. [bug] When resolving a name, don't give up immediately if an
+ authoritative server returns FORMERR; try the other
+ servers first. [GL #3152]
+
+5915. [bug] Detect missing closing brace (}) and computational
+ overflows in $GENERATE directives. [GL #3429]
+
+5914. [bug] When synth-from-dnssec generated a response using
+ records from a higher zone, it could unexpectedly prove
+ non-existance of records in a subordinate grafted-on
+ namespace. [GL #3402]
+
+5911. [bug] Update HTTP listener settings on reconfiguration.
+ [GL #3415]
+
+5910. [cleanup] Move built-in dnssec-policies into the defaultconf.
+ These are now printed with 'named -C'. [GL !6467]
+
+5909. [bug] The server-side destination port was missing from dnstap
+ captures of client traffic. [GL #3309]
+
+5908. [bug] Fix race conditions in route_connected(). [GL #3401]
+
+5907. [bug] Fix a crash in dig NS search mode when one of the NS
+ server queries fail. [GL #3207]
+
+5905. [bug] When the TCP connection would be closed/reset between
+ the connect/accept and the read, the uv_read_start()
+ return value would be unexpected and cause an assertion
+ failure. [GL #3400]
+
+5904. [func] Changed dnssec-signzone -H default to 0 additional
+ NSEC3 iterations. [GL #3395]
+
+5903. [bug] When named checks that the OPCODE in a response matches
+ that of the request, if there is a mismatch named logs
+ an error. Some of those error messages incorrectly
+ used RCODE instead of OPCODE to lookup the nemonic.
+ This has been corrected. [GL !6420]
+
+5901. [bug] When processing a catalog zone member zone make sure
+ that there is no configured pre-existing forward-only
+ forward zone with that name. [GL #2506]
+
+ --- 9.18.4 released ---
+
+5899. [func] Don't try to process DNSSEC-related and ZONEMD records
+ in catz. [GL #3380]
+
+5896. [func] Add some more dnssec-policy checks to detect weird
+ policies. [GL #1611]
+
+5895. [test] Add new set of unit test macros and move the unit
+ tests under single namespace in /tests/. [GL !6243]
+
+5893. [func] Add TLS session resumption support to the client-side
+ TLS code. [GL !6274]
+
+5891. [func] Key timing options for `dnssec-settime` and related
+ utilities now accept "UNSET" times as printed by
+ `dnssec-settime -p`. [GL #3361]
+
+5890. [bug] When the fetches-per-server quota was adjusted
+ because of an authoritative server timing out more
+ or less frequently, it was incorrectly set to 1
+ rather than the intended value. This has been
+ fixed. [GL #3327]
+
+5888. [bug] Only write key files if the dnssec-policy keymgr has
+ changed the metadata. [GL #3302]
+
+5837. [func] Key timing options for `dnssec-keygen` and
+ `dnssec-settime` now accept times as printed by
+ `dnssec-settime -p`. [GL !2947]
+
+ --- 9.18.3 released ---
+
+5886. [security] Fix a crash in DNS-over-HTTPS (DoH) code caused by
+ premature TLS stream socket object deletion.
+ (CVE-2022-1183) [GL #3216]
+
+5885. [bug] RPZ NSIP and NSDNAME rule processing didn't handle stub
+ and static-stub zones at or above the query name. This
+ has now been addressed. [GL #3232]
+
+5882. [contrib] Avoid name space collision in dlz modules by prefixing
+ functions with 'dlz_'. [GL !5778]
+
+5880. [func] Add new named command-line option -C to print built-in
+ defaults. [GL #1326]
+
+5879. [contrib] dlz: Add FALLTHROUGH and UNREACHABLE macros. [GL #3306]
+
+5877. [func] Introduce the concept of broken catalog zones described
+ in the DNS catalog zones draft version 5 document.
+ [GL #3224]
+
+5876. [func] Add DNS Extended Errors when stale answers are returned
+ from cache. [GL #2267]
+
+5875. [bug] Fixed a deadlock that could occur if an rndc
+ connection arrived during the shutdown of network
+ interfaces. [GL #3272]
+
+5873. [bug] Refactor the fctx_done() function to set fctx to
+ NULL after detaching, so that reference counting
+ errors will be easier to avoid. [GL #2969]
+
+5872. [bug] udp_recv() in dispatch could trigger an INSIST when the
+ callback's result indicated success but the response
+ was canceled in the meantime. [GL #3300]
+
+5866. [bug] Work around a jemalloc quirk which could trigger an
+ out-of-memory condition in named over time. [GL #3287]
+
+5863. [bug] If there was a pending negative cache DS entry,
+ validations depending upon it could fail. [GL #3279]
+
+5862. [bug] dig returned a 0 exit status on UDP connection failure.
+ [GL #3235]
+
+5861. [func] Implement support for catalog zones change of ownership
+ (coo) mechanism described in the DNS catalog zones draft
+ version 5 document. [GL #3223]
+
+5860. [func] Implement support for catalog zones options new syntax
+ based on catalog zones custom properties with "ext"
+ suffix described in the DNS catalog zones draft version
+ 5 document. [GL #3222]
+
+5859. [bug] Fix an assertion failure when using dig with +nssearch
+ and +tcp options by starting the next query in the
+ send_done() callback (like in the UDP mode) instead
+ of doing that recursively in start_tcp(). Also
+ ensure that queries interrupted while connecting
+ are detached properly. [GL #3144]
+
+5858. [bug] Don't remove CDS/CDNSKEY DELETE records on zone sign
+ when using 'auto-dnssec maintain;'. [GL #2931]
+
+5854. [func] Implement reference counting for TLS contexts and
+ allow reloading of TLS certificates on reconfiguration
+ without destroying the underlying TCP listener sockets
+ for TLS-based DNS transports. [GL #3122]
+
+5849. [cleanup] Remove use of exclusive mode in ns_interfacemgr in
+ favor of rwlocked access to localhost and localnets
+ members of dns_aclenv_t structure. [GL #3229]
+
+5842. [cleanup] Remove the task exclusive mode use in ns_clientmgr.
+ [GL #3230]
+
+5839. [func] Add support for remote TLS certificates
+ verification, both to BIND and dig, making it possible
+ to implement Strict and Mutual TLS authentication,
+ as described in RFC 9103, Section 9.3. [GL #3163]
+
+ --- 9.18.2 released ---
+
+5856. [bug] The "starting maxtime timer" message related to outgoing
+ zone transfers was incorrectly logged at the ERROR level
+ instead of DEBUG(1). [GL #3208]
+
+5855. [bug] Ensure that zone maintenance queries have a retry limit.
+ [GL #3242]
+
+5853. [bug] When using both the `+qr` and `+y` options `dig` could
+ crash if the connection to the first server was not
+ successful. [GL #3244]
+
+5852. [func] Add new "reuseport" option to enable/disable load
+ balancing of sockets. [GL #3249]
+
+5848. [bug] dig could hang in some cases involving multiple servers
+ in a lookup, when a request fails and the next one
+ refuses to start for some reason, for example if it was
+ an IPv4 mapped IPv6 address. [GL #3248]
+
+5844. [bug] dig +nssearch was hanging until manually interrupted.
+ [GL #3145]
+
+5843. [bug] When an UPDATE targets a zone that is not configured,
+ the requested zone name is now logged in the "not
+ authoritative" error message, so that it is easier to
+ track down problematic update clients. [GL #3209]
+
+5838. [cleanup] When modifying a member zone in a catalog zone, and it
+ is detected that the zone exists and was not created by
+ the current catalog zone, distinguish the two cases when
+ the zone was not added by a catalog zone at all, and
+ when the zone was added by a different catalog zone,
+ and log a warning message accordingly. [GL #3221]
+
+5836. [bug] Quote the dns64 prefix in error messages that complain
+ about problems with it, to avoid confusion with the
+ following dns64 ACLs. [GL #3210]
+
+5834. [cleanup] C99 variable-length arrays are difficult to use safely,
+ so avoid them except in test code. [GL #3201]
+
+5833. [bug] When encountering socket error while trying to initiate
+ a TCP connection to a server, dig could hang
+ indefinitely, when there were more servers to try.
+ [GL #3205]
+
+5832. [bug] When timing-out or having other types of socket errors
+ during a query, dig wasn't trying to perform the lookup
+ using other servers, in case they exist. [GL #3128]
+
+5831. [bug] When resending a UDP request in the result of a timeout,
+ the recv_done() function in dighost.c was prepending
+ the new query into the loookup's queries list instead
+ of inserting, which could cause an assertion failure
+ when the resent query's result was SERVFAIL. [GL #3020]
+
+5828. [bug] Replace single TCP write timer with per-TCP write
+ timers. [GL #3200]
+
+5825. [func] Set the minimum MTU on UDPv6 and TCPv6 sockets and
+ limit TCP maximum segment size (TCP_MAXSEG) to (1220)
+ for both TCPv4 and TCPv6 sockets. [GL #2201]
+
+5824. [bug] Invalid dnssec-policy definitions were being accepted
+ where the defined keys did not cover both KSK and ZSK
+ roles for a given algorithm. This is now checked for
+ and the dnssec-policy is rejected if both roles are
+ not present for all algorithms in use. [GL #3142]
+
+5823. [func] Replace hazard pointers based lock-free list with
+ locked-list based queue that's simpler and has no or
+ little performance impact. [GL #3180]
+
+5822. [bug] When calling dns_dispatch_send(), attach/detach
+ dns_request_t object as the read callback could
+ be called before send callback dereferencing
+ dns_request_t object too early. [GL #3105]
+
+5821. [bug] Fix query context management issues in the TCP part
+ of dig. [GL #3184]
+
+ --- 9.18.1 released ---
+
+5820. [security] An assertion could occur in resume_dslookup() if the
+ fetch had been shut down earlier. (CVE-2022-0667)
+ [GL #3129]
+
+5819. [security] Lookups involving a DNAME could trigger an INSIST when
+ "synth-from-dnssec" was enabled. (CVE-2022-0635)
+ [GL #3158]
+
+5818. [security] A synchronous call to closehandle_cb() caused
+ isc__nm_process_sock_buffer() to be called recursively,
+ which in turn left TCP connections hanging in the
+ CLOSE_WAIT state blocking indefinitely when
+ out-of-order processing was disabled. (CVE-2022-0396)
+ [GL #3112]
+
+5817. [security] The rules for acceptance of records into the cache
+ have been tightened to prevent the possibility of
+ poisoning if forwarders send records outside
+ the configured bailiwick. (CVE-2021-25220) [GL #2950]
+
+5816. [bug] Make BIND compile with LibreSSL 3.5.0, as it was using
+ not very accurate pre-processor checks for using shims.
+ [GL #3172]
+
+5815. [bug] If an oversized key name of a specific length was used
+ in the text form of an HTTP or SVBC record, an INSIST
+ could be triggered when parsing it. [GL #3175]
+
+5814. [bug] The RecursClients statistics counter could underflow
+ in certain resolution scenarios. [GL #3147]
+
+5812. [func] Drop the artificial limit on the number of queries
+ processed in a single TCP read callback. [GL #3141]
+
+5811. [bug] Reimplement the maximum and idle timeouts for outgoing
+ zone transfers. [GL #1897]
+
+5809. [bug] Reset client TCP connection when data received cannot
+ be parsed as a valid DNS request. [GL #3149]
+
+5808. [bug] Certain TCP failures were not caught and handled
+ correctly by the dispatch manager, causing
+ connections to time out rather than returning
+ SERVFAIL. [GL #3133]
+
+5807. [bug] Add a TCP "write" timer, and time out writing
+ connections after the "tcp-idle-timeout" period
+ has elapsed. [GL #3132]
+
+5806. [bug] An error in checking the "blackhole" ACL could cause
+ DNS requests sent by named to fail if the
+ destination address or prefix was specifically
+ excluded from the ACL. [GL #3157]
+
+5805. [func] The result of each resolver priming attempt is now
+ included in the "resolver priming query complete" log
+ message. [GL #3139]
+
+5804. [func] Add a debug log message when starting and ending
+ the task exclusive mode. [GL #3137]
+
+5803. [func] Use compile-time paths in the documentation.
+ [GL #2717]
+
+5802. [test] Add system test to test engine_pkcs11. [GL !5727]
+
+5801. [bug] Log "quota reached" message when hard quota
+ is reached when accepting a connection. [GL #3125]
+
+5800. [func] Add ECS support to the DLZ interface. [GL #3082]
+
+5799. [bug] Use L1 cache-line size detected at runtime. [GL #3108]
+
+5798. [test] Add system test to test dnssec-keyfromlabel. [GL #3092]
+
+5797. [bug] A failed view configuration during a named
+ reconfiguration procedure could cause inconsistencies
+ in BIND internal structures, causing a crash or other
+ unexpected errors. [GL #3060]
+
+ --- 9.18.0 released ---
+
+5796. [bug] Ignore the invalid (<= 0) values returned
+ by the sysconf() check for the L1 cache line
+ size. [GL #3108]
+
+5795. [bug] rndc could crash when interrupted by a signal
+ before receiving a response. [GL #3080]
+
+5794. [func] Set the IPV6_V6ONLY on all IPv6 sockets to
+ restrict the IPv6 sockets to sending and
+ receiving IPv6 packets only. [GL #3093]
+
+5793. [bug] Correctly detect and enable UDP recvmmsg support
+ in all versions of libuv that support it. [GL #3095]
+
+5792. [bug] Don't schedule zone events on ISC_R_SHUTTINGDOWN
+ event failures. [GL #3084]
+
+5791. [func] Remove workaround for servers returning FORMERR
+ when receiving NOTIFY query with SOA record in
+ ANSWER section. [GL #3086]
+
+5790. [bug] The control channel was incorrectly looking for
+ ISC_R_CANCELED as a signal that the named is
+ shutting down. In the dispatch refactoring,
+ the result code returned from network manager
+ is now ISC_R_SHUTTINGDOWN. Change the control
+ channel code to use ISC_R_SHUTTINGDOWN result
+ code to detect named being shut down. [GL #3079]
+
+ --- 9.17.22 released ---
+
+5789. [bug] Allow replacing expired zone signatures with
+ signatures created by the KSK. [GL #3049]
+
+5788. [bug] An assertion could occur if a catalog zone event was
+ scheduled while the task manager was being shut
+ down. [GL #3074]
+
+5787. [doc] Update 'auto-dnssec' documentation, it may only be
+ activated at zone level. [GL #3023]
+
+5786. [bug] Defer detaching from zone->raw in zone_shutdown() if
+ the zone is in the process of being dumped to disk, to
+ ensure that the unsigned serial number information is
+ always written in the raw-format header of the signed
+ version on an inline-signed zone. [GL #3071]
+
+5785. [bug] named could leak memory when two dnssec-policy clauses
+ had the same name. named failed to log this error.
+ [GL #3085]
+
+5784. [func] Implement TLS-contexts reuse. Reusing the
+ previously created TLS context objects can reduce
+ initialisation time for some configurations and enables
+ TLS session resumption for incoming zone transfers over
+ TLS (XoT). [GL #3067]
+
+5783. [func] named is now able to log TLS pre-master secrets for
+ debugging purposes. This requires setting the
+ SSLKEYLOGFILE environment variable appropriately.
+ [GL #2723]
+
+5782. [func] Use ECDSA P-256 instead of a 4096-bit RSA when
+ generating ephemeral key and certificate for the
+ 'tls ephemeral' configuration. [GL #2264]
+
+5781. [bug] Make BIND work with OpenSSL 3.0.1 as it is now
+ enforcing minimum buffer lengths in EVP_MAC_final and
+ hence EVP_DigestSignFinal. rndc and TSIG at a minimum
+ were broken by this change. [GL #3057]
+
+5780. [bug] The Linux kernel may send netlink messages
+ indicating that network interfaces have changed
+ when they have not. This caused frequent unnecessary
+ re-scans of the interfaces. Netlink messages now
+ only trigger re-scanning if a new address is seen
+ or an existing address is removed. [GL #3055]
+
+5779. [test] Drop cppcheck suppressions and workarounds. [GL #2886]
+
+5778. [bug] Destroyed TLS contexts could have been used after a
+ reconfiguration, making BIND unable to serve queries
+ over TLS and HTTPS. [GL #3053]
+
+5777. [bug] TCP connections could hang after receiving
+ non-matching responses. [GL #3042]
+
+5776. [bug] Add a missing isc_condition_destroy() for nmsocket
+ condition variable and add missing isc_mutex_destroy()
+ for nmworker lock. [GL #3051]
+
+ --- 9.17.21 released ---
+
+5775. [bug] Added a timer in the resolver to kill fetches that
+ have deadlocked as a result of dependency loops
+ with the ADB or the validator. This condition is
+ now logged with the message "shut down hung fetch
+ while resolving '<name>/<type>'". [GL #3040]
+
+5774. [func] Restore NSEC Aggressive Cache ("synth-from-dnssec")
+ as active by default. It is limited to NSEC only
+ and by default ignores NSEC records with next name
+ in form \000.domain. [GL #1265]
+
+5773. [func] Change the message when accepting TCP connection has
+ failed to say "Accepting TCP connection failed" and
+ change the log level for ISC_R_NOTCONNECTED, ISC_R_QUOTA
+ and ISC_R_SOFTQUOTA results codes from ERROR to INFO.
+ [GL #2700]
+
+5772. [bug] The resolver could hang on shutdown due to dispatch
+ resources not being cleaned up when a TCP connection
+ was reset. [GL #3026]
+
+5771. [bug] Use idn2 UseSTD3ASCIIRules=false to disable additional
+ unicode validity checks because enabling the additional
+ checks would break valid domain names that contains
+ non-alphanumerical characters such as underscore
+ character (_) or wildcard (*). This reverts change
+ [GL !5738] from the previous release. [GL #1610]
+
+5770. [func] BIND could abort on startup on systems using old
+ OpenSSL versions when 'protocols' option is used inside
+ a 'tls' statement. [GL !5602]
+
+5769. [func] Added support for client-side 'tls' parameters when
+ doing incoming zone transfers via XoT. [GL !5602]
+
+5768. [bug] dnssec-dsfromkey failed to omit revoked keys. [GL #853]
+
+5767. [func] Extend allow-transfer option with 'port' and
+ 'transport' options to restrict zone transfers to
+ a specific port and DNS transport protocol.
+ [GL #2776]
+
+5766. [func] Unused 'tls' clause options 'ca-file' and 'hostname'
+ were disabled. [GL !5600]
+
+5765. [bug] Fix a bug in DoH implementation making 'dig'
+ abort when ALPN negotiation fails. [GL #3022]
+
+5764. [bug] dns_sdlz_putrr failed to process some valid resource
+ records. [GL #3021]
+
+5763. [bug] Fix a bug in DoT code leading to an abort when
+ a zone transfer ends with an unexpected DNS message.
+ [GL #3004]
+
+5762. [bug] Fix a "named" crash related to removing and restoring a
+ `catalog-zone` entry in the configuration file and
+ running `rndc reconfig`. [GL #1608]
+
+5761. [bug] OpenSSL 3.0.0 support could fail to correctly read
+ ECDSA private keys leading to incorrect signatures
+ being generated. [GL #3014]
+
+5760. [bug] Prevent a possible use-after-free error in resolver.
+ [GL #3018]
+
+5759. [func] Set Extended DNS Error Code 18 - Prohibited if query
+ access is denied to the specific client. [GL #1836]
+
+5758. [bug] mdig now honors the operating system's preferred
+ ephemeral port range. [GL #2374]
+
+5757. [test] Replace sed in nsupdate system test with awk to
+ construct the nsupdate command. The sed expression
+ was not reliably changing the ttl. [GL #3003]
+
+5756. [func] Assign HTTP freshness lifetime to responses sent
+ via DNS-over-HTTPS, according to the recommendations
+ given in RFC 8484. [GL #2854]
+
+ --- 9.17.20 released ---
+
+5755. [bug] The statistics channel wasn't correctly handling
+ multiple HTTP requests, or pipelined or truncated
+ requests. [GL #2973]
+
+5754. [bug] "tls" statements may omit "key-file" and "cert-file",
+ but if either one is specified, then both must be.
+ [GL #2986]
+
+5753. [placeholder]
+
+5752. [bug] Fix an assertion failure caused by missing member zones
+ during a reload of a catalog zone. [GL #2308]
+
+5751. [port] Add support for OpenSSL 3.0.0. OpenSSL 3.0.0
+ deprecated 'engine' support. If OpenSSL 3.0.0 has
+ been built without support for deprecated functionality
+ pkcs11 via engine_pkcs11 is no longer available.
+ [GL #2843]
+
+5750. [bug] Fix a bug when comparing two RSA keys. There was a typo
+ which caused the "p" prime factors to not being
+ compared. [GL #2972]
+
+5749. [bug] Handle duplicate references to the same catalog
+ zone gracefully. [GL #2916]
+
+5748. [func] Update "nsec3param" defaults to iterations 0, salt
+ length 0. [GL #2956]
+
+5747. [func] Update rndc serve-stale status output to be less
+ confusing. [GL #2742]
+
+5746. [bug] A lame server delegation could lead to a loop in which
+ a resolver fetch depends on an ADB find which depends
+ on the same resolver fetch. Previously, this would
+ cause the fetch to hang until timing out, but after
+ change #5730 it would hang forever. The condition is
+ now detected and avoided. [GL #2927]
+
+5745. [bug] Fetch context objects now use attach/detach
+ semantics to make it easier to find and debug
+ reference-counting errors, and several such errors
+ have been fixed. [GL #2953]
+
+5744. [func] The network manager is now used for netlink sockets
+ to monitor network interface changes. This was the
+ last remaining use of the old isc_socket and
+ isc_socketmgr APIs, so they have now been removed.
+ The "named -S" argument and the "reserved-sockets"
+ option in named.conf have no function now, and are
+ deprecated. "socketmgr" statistics are no longer
+ reported in the statistics channel. [GL #2926]
+
+5743. [func] Add finer-grained "update-policy" rules,
+ "krb5-subdomain-self-rhs" and "ms-subdomain-self-rhs",
+ which restrict SRV and PTR record changes, allowing
+ only records whose content matches the machine name
+ embedded in the Kerberos principal making the change.
+ [GL #481]
+
+5742. [func] ISC_LIKELY() and ISC_UNLIKELY() macros have been
+ removed. [GL #2952]
+
+5741. [bug] Log files with "timestamp" suffixes could be left in
+ place after rolling, even if the number of preserved
+ log files exceeded the configured "versions" limit.
+ [GL #828]
+
+5740. [func] Implement incremental resizing of RBT hash table to
+ perform the rehashing gradually. [GL #2941]
+
+5739. [func] Change default of 'dnssec-dnskey-kskonly' to 'yes'.
+ [GL #1316]
+
+5738. [bug] Enable idn2 UseSTD3ASCIIRules=true to implement
+ additional unicode validity checks. [GL #1610]
+
+5737. [bug] Address Coverity warning in lib/dns/dnssec.c.
+ [GL #2935]
+
+ --- 9.17.19 released ---
+
+5736. [security] The "lame-ttl" option is now forcibly set to 0. This
+ effectively disables the lame server cache, as it could
+ previously be abused by an attacker to significantly
+ degrade resolver performance. (CVE-2021-25219)
+ [GL #2899]
+
+5735. [cleanup] The result codes which BIND 9 uses internally are now
+ all defined as a single list of enum values rather than
+ as multiple sets of integers scattered around shared
+ libraries. This prevents the need for locking in some
+ functions operating on result codes, and makes result
+ codes more debugger-friendly. [GL #719]
+
+5734. [bug] Fix intermittent assertion failures in dig which were
+ triggered during zone transfers. [GL #2884]
+
+5733. [func] Require the "dot" Application-Layer Protocol Negotiation
+ (ALPN) token to be selected in the TLS handshake for
+ zone transfers over TLS (XoT), as required by RFC 9103
+ section 7.1. [GL #2794]
+
+5732. [cleanup] Remove the dns_lib_init(), dns_lib_shutdown(),
+ ns_lib_init(), and ns_lib_shutdown() functions, as they
+ no longer served any useful purpose. [GL #88]
+
+5731. [bug] Disallow defining "http" configuration clauses called
+ "default" as they were silently ignored. [GL #2925]
+
+5730. [func] The resolver and the request and dispatch managers have
+ been substantially refactored, and are now based on the
+ network manager instead of the old isc_socket API. All
+ outgoing DNS queries and requests now use the new API;
+ isc_socket is only used to monitor for network interface
+ changes. [GL #2401]
+
+5729. [func] Allow finer control over TLS protocol configuration by
+ implementing new options for "tls" configuration clauses
+ ("dhparam-file", "ciphers", "prefer-server-ciphers",
+ "session-tickets"). These options make achieving perfect
+ forward secrecy (PFS) possible for DNS-over-TLS (DoT)
+ and DNS-over-HTTPS (DoH). [GL #2796]
+
+5728. [func] Allow specifying supported TLS protocol versions for
+ each "tls" configuration clause. [GL #2795]
+
+5727. [placeholder]
+
+5726. [bug] Fix a use-after-free bug which was triggered while
+ checking for duplicate "http" configuration clauses.
+ [GL #2924]
+
+5725. [bug] Fix an assertion failure triggered by passing an invalid
+ HTTP path to dig. [GL #2923]
+
+5724. [bug] Address a potential deadlock when checking zone content
+ consistency. [GL #2908]
+
+5723. [bug] Change 5709 broke backward compatibility for the
+ "check-names master ..." and "check-names slave ..."
+ options. This has been fixed. [GL #2911]
+
+5722. [bug] Preserve the contents of the receive buffer for TCPDNS
+ and TLSDNS when growing its size. [GL #2917]
+
+5721. [func] A new realloc()-like function, isc_mem_reget(), was
+ added to the libisc API for resizing memory chunks
+ allocated using isc_mem_get(). Memory (re)allocation
+ functions are now guaranteed to return non-NULL pointers
+ for zero-sized allocation requests. [GL !5440]
+
+5720. [contrib] Remove old-style DLZ drivers that had to be enabled at
+ build time. [GL #2814]
+
+5719. [func] Remove support for the "map" zone file format.
+ [GL #2882]
+
+5718. [bug] The "sig-signing-type" zone configuration option was
+ processed incorrectly, causing valid configurations to
+ be rejected. This has been fixed. [GL #2906]
+
+5717. [func] The "cache-file" option, which was documented as "for
+ testing purposes only" and not to be used, has been
+ removed. [GL #2903]
+
+5716. [placeholder]
+
+5715. [func] Add a check for ports specified in "*-source(-v6)"
+ options clashing with a global listening port. Such a
+ configuration was already unsupported, but it failed
+ silently; it is now treated as an error. [GL #2888]
+
+5714. [bug] Remove the "adjust interface" mechanism which was
+ responsible for setting up listeners on interfaces when
+ the "*-source(-v6)" address and port were the same as
+ the "listen-on(-v6)" address and port. Such a
+ configuration is no longer supported; under certain
+ timing conditions, that mechanism could prevent named
+ from listening on some TCP ports. This has been fixed.
+ [GL #2852]
+
+5713. [func] Add "primaries" as a synonym for "masters" and
+ "default-primaries" as a synonym for "default-masters"
+ in catalog zone configuration options. [GL #2818]
+
+5712. [func] Remove native PKCS#11 support in favor of engine_pkcs11
+ from the OpenSC project. [GL #2691]
+
+ --- 9.17.18 released ---
+
+5711. [bug] "map" files exceeding 2GB in size failed to load due to
+ a size comparison that incorrectly treated the file size
+ as a signed integer. [GL #2878]
+
+5710. [placeholder]
+
+5709. [func] When reporting zone types in the statistics channel, the
+ terms "primary" and "secondary" are now used instead of
+ "master" and "slave", respectively. Enum values
+ throughout the code have been updated to use this
+ terminology as well. [GL #1944]
+
+5708. [placeholder]
+
+5707. [bug] A bug was fixed which prevented dig from querying
+ DNS-over-HTTPS (DoH) servers via IPv6. [GL #2860]
+
+5706. [cleanup] Support for external applications to register with
+ libisc and use it has been removed. Export versions of
+ BIND 9 libraries have not been supported for some time,
+ but the isc_lib_register() function was still available;
+ it has now been removed. [GL !2420]
+
+5705. [bug] Change #5686 altered the internal memory structure of
+ zone databases, but neglected to update the MAPAPI value
+ for zone files in "map" format. This caused named to
+ attempt to load incompatible map files, triggering an
+ assertion failure on startup. The MAPAPI value has now
+ been updated, so named rejects outdated files when
+ encountering them. [GL #2872]
+
+5704. [bug] Change #5317 caused the EDNS TCP Keepalive option to be
+ ignored inadvertently in client requests. It has now
+ been fixed and this option is handled properly again.
+ [GL #1927]
+
+5703. [bug] Fix a crash in dig caused by closing an HTTP/2 socket
+ associated with an unused HTTP/2 session. [GL #2858]
+
+5702. [bug] Improve compatibility with DNS-over-HTTPS (DoH) clients
+ by allowing HTTP/2 request headers in any order.
+ [GL #2875]
+
+5701. [bug] named-checkconf failed to detect syntactically invalid
+ values of the "key" and "tls" parameters used to define
+ members of remote server lists. [GL #2461]
+
+5700. [bug] When a member zone was removed from a catalog zone,
+ journal files for the former were not deleted.
+ [GL #2842]
+
+5699. [func] Data structures holding DNSSEC signing statistics are
+ now grown and shrunk as necessary upon key rollover
+ events. [GL #1721]
+
+5698. [bug] When a DNSSEC-signed zone which only has a single
+ signing key available is migrated to use KASP, that key
+ is now treated as a Combined Signing Key (CSK).
+ [GL #2857]
+
+5697. [func] dnssec-cds now only generates SHA-2 DS records by
+ default and avoids copying deprecated SHA-1 records from
+ a child zone to its delegation in the parent. If the
+ child zone does not publish SHA-2 CDS records,
+ dnssec-cds will generate them from the CDNSKEY records.
+ The "-a algorithm" option now affects the process of
+ generating DS digest records from both CDS and CDNSKEY
+ records. Thanks to Tony Finch. [GL #2871]
+
+5696. [protocol] Support for HTTPS and SVCB record types has been added.
+ [GL #1132]
+
+5695. [func] Add a new dig command-line option, "+showbadcookie",
+ which causes a BADCOOKIE response message to be
+ displayed when it is received from the server.
+ [GL #2319]
+
+5694. [bug] Stale data in the cache could cause named to send
+ non-minimized queries despite QNAME minimization being
+ enabled. [GL #2665]
+
+5693. [func] Restore support for reading "timeout" and "attempts"
+ options from /etc/resolv.conf, and use their values in
+ dig, host, and nslookup. (This was previously supported
+ by liblwres, and was still mentioned in the man pages,
+ but had stopped working after liblwres was deprecated in
+ favor of libirs.) [GL #2785]
+
+5692. [bug] Fix a rare crash in DNS-over-HTTPS (DoH) code caused by
+ detaching from an HTTP/2 session handle too early when
+ sending data. [GL #2851]
+
+5691. [bug] When a dynamic zone was made available in another view
+ using the "in-view" statement, running "rndc freeze"
+ always reported an "already frozen" error even though
+ the zone was successfully frozen. [GL #2844]
+
+5690. [func] dnssec-signzone now honors Predecessor and Successor
+ metadata found in private key files: if a signature for
+ an RRset generated by the inactive predecessor exists
+ and does not need to be replaced, no additional
+ signature is now created for that RRset using the
+ successor key. This enables dnssec-signzone to gradually
+ replace RRSIGs during a ZSK rollover. [GL #1551]
+
+ --- 9.17.17 released ---
+
+5689. [security] An assertion failure occurred when named attempted to
+ send a UDP packet that exceeded the MTU size, if
+ Response Rate Limiting (RRL) was enabled.
+ (CVE-2021-25218) [GL #2856]
+
+5688. [bug] Zones using KASP and inline-signed zones failed to apply
+ changes from the unsigned zone to the signed zone under
+ certain circumstances. This has been fixed. [GL #2735]
+
+5687. [bug] "rndc reload <zonename>" could trigger a redundant
+ reload for an inline-signed zone whose zone file was not
+ modified since the last "rndc reload". This has been
+ fixed. [GL #2855]
+
+5686. [func] The number of internal data structures allocated for
+ each zone was reduced. [GL #2829]
+
+5685. [bug] named failed to check the opcode of responses when
+ performing zone refreshes, stub zone updates, and UPDATE
+ forwarding. This has been fixed. [GL #2762]
+
+5684. [func] The DNS-over-HTTP (DoH) configuration syntax was
+ extended:
+ - The maximum number of active DoH connections can now
+ be set using the "http-listener-clients" option. The
+ default is 300.
+ - The maximum number of concurrent HTTP/2 streams per
+ connection can now be set using the
+ "http-streams-per-connection" option. The default is
+ 100.
+ - Both of these values can also be set on a per-listener
+ basis using the "listener-clients" and
+ "streams-per-connection" parameters in an "http"
+ statement.
+ [GL #2809]
+
+5683. [bug] The configuration-checking code now verifies HTTP paths.
+ [GL !5231]
+
+5682. [bug] Some changes to "zone-statistics" settings were not
+ properly processed by "rndc reconfig". This has been
+ fixed. [GL #2820]
+
+5681. [func] Relax the checks in the dns_zone_cdscheck() function to
+ allow CDS and CDNSKEY records in the zone that do not
+ match an existing DNSKEY record, as long as the
+ algorithm matches. This allows a clean rollover from one
+ provider to another in a multi-signer DNSSEC
+ configuration. [GL #2710]
+
+5680. [bug] HTTP GET requests without query strings caused a crash
+ in DoH code. This has been fixed. [GL !5268]
+
+5679. [func] Thread affinity is no longer set. [GL #2822]
+
+5678. [bug] The "check DS" code failed to release all resources upon
+ named shutdown when a refresh was in progress. This has
+ been fixed. [GL #2811]
+
+5677. [func] Previously, named accepted FORMERR responses both with
+ and without an OPT record, as an indication that a given
+ server did not support EDNS. To implement full
+ compliance with RFC 6891, only FORMERR responses without
+ an OPT record are now accepted. This intentionally
+ breaks communication with servers that do not support
+ EDNS and that incorrectly echo back the query message
+ with the RCODE field set to FORMERR and the QR bit set
+ to 1. [GL #2249]
+
+5676. [func] Memory allocation has been substantially refactored; it
+ is now based on the memory allocation API provided by
+ the jemalloc library, which is a new optional build
+ dependency for BIND 9. [GL #2433]
+
+5675. [bug] Compatibility with DoH clients has been improved by
+ ignoring the value of the "Accept" HTTP header.
+ [GL !5246]
+
+5674. [bug] A shutdown hang was triggered by DoH clients prematurely
+ aborting HTTP/2 streams. This has been fixed. [GL !5245]
+
+5673. [func] Add a new build-time option, --disable-doh, to allow
+ building BIND 9 without the libnghttp2 library.
+ [GL #2478]
+
+5672. [bug] Authentication of rndc messages could fail if a
+ "controls" statement was configured with multiple key
+ algorithms for the same listener. This has been fixed.
+ [GL #2756]
+
+ --- 9.17.16 released ---
+
+5671. [bug] A race condition could occur where two threads were
+ competing for the same set of key file locks, leading to
+ a deadlock. This has been fixed. [GL #2786]
+
+5670. [bug] create_keydata() created an invalid placeholder keydata
+ record upon a refresh failure, which prevented the
+ database of managed keys from subsequently being read
+ back. This has been fixed. [GL #2686]
+
+5669. [func] KASP support was extended with the "check DS" feature.
+ Zones with "dnssec-policy" and "parental-agents"
+ configured now check for DS presence and can perform
+ automatic KSK rollovers. [GL #1126]
+
+5668. [bug] Rescheduling a setnsec3param() task when a zone failed
+ to load on startup caused a hang on shutdown. This has
+ been fixed. [GL #2791]
+
+5667. [bug] The configuration-checking code failed to account for
+ the inheritance rules of the "dnssec-policy" option.
+ This has been fixed. [GL #2780]
+
+5666. [doc] The safe "edns-udp-size" value was tweaked to match the
+ probing value from BIND 9.16 for better compatibility.
+ [GL #2183]
+
+5665. [bug] If nsupdate sends an SOA request and receives a REFUSED
+ response, it now fails over to the next available
+ server. [GL #2758]
+
+5664. [func] For UDP messages larger than the path MTU, named now
+ sends an empty response with the TC (TrunCated) bit set.
+ In addition, setting the DF (Don't Fragment) flag on
+ outgoing UDP sockets was re-enabled. [GL #2790]
+
+5663. [bug] Non-zero OPCODEs are now properly handled when receiving
+ queries over DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH)
+ channels. [GL #2787]
+
+5662. [bug] Views with recursion disabled are now configured with a
+ default cache size of 2 MB unless "max-cache-size" is
+ explicitly set. This prevents cache RBT hash tables from
+ being needlessly preallocated for such views. [GL #2777]
+
+5661. [bug] Change 5644 inadvertently introduced a deadlock: when
+ locking the key file mutex for each zone structure in a
+ different view, the "in-view" logic was not considered.
+ This has been fixed. [GL #2783]
+
+5660. [bug] The configuration-checking code failed to account for
+ the inheritance rules of the "key-directory" option.
+ [GL #2778]
+
+ This change was included in BIND 9.17.15.
+
+5659. [bug] When preparing DNS responses, named could replace the
+ letters 'W' (uppercase) and 'w' (lowercase) with '\000'.
+ This has been fixed. [GL #2779]
+
+ This change was included in BIND 9.17.15.
+
+5658. [bug] Increasing "max-cache-size" for a running named instance
+ (using "rndc reconfig") did not cause the hash tables
+ used by cache databases to be grown accordingly. This
+ has been fixed. [GL #2770]
+
+5657. [cleanup] Support was removed for both built-in atomics in old
+ versions of Clang (< 3.6.0) and GCC (< 4.7.0), and
+ atomics emulated with a mutex. [GL #2606]
+
+5656. [bug] Named now ensures that large responses work correctly
+ over DNS-over-HTTPS (DoH), and that zone transfer
+ requests over DoH are explicitly rejected. [GL !5148]
+
+5655. [bug] Signed, insecure delegation responses prepared by named
+ either lacked the necessary NSEC records or contained
+ duplicate NSEC records when both wildcard expansion and
+ CNAME chaining were required to prepare the response.
+ This has been fixed. [GL #2759]
+
+5654. [port] Windows support has been removed. [GL #2690]
+
+5653. [bug] A bug that caused the NSEC3 salt to be changed on every
+ restart for zones using KASP has been fixed. [GL #2725]
+
+ --- 9.17.14 released ---
+
+5652. [bug] A copy-and-paste error in change 5584 caused the
+ IP_DONTFRAG socket option to be enabled instead of
+ disabled. This has been fixed. [GL #2746]
+
+5651. [func] Refactor zone dumping to be processed asynchronously via
+ the uv_work_t thread pool API. [GL #2732]
+
+5650. [bug] Prevent a crash that could occur if serve-stale was
+ enabled and a prefetch was triggered during a query
+ restart. [GL #2733]
+
+5649. [bug] If a query was answered with stale data on a server with
+ DNS64 enabled, an assertion could occur if a non-stale
+ answer arrived afterward. [GL #2731]
+
+5648. [bug] The calculation of the estimated IXFR transaction size
+ in dns_journal_iter_init() was invalid. [GL #2685]
+
+5647. [func] The interface manager has been refactored to use fewer
+ client manager objects, which in turn use fewer memory
+ contexts and tasks. This should result in less
+ fragmented memory and better startup performance.
+ [GL #2433]
+
+5646. [bug] The default TCP timeout for rndc has been increased to
+ 60 seconds. This was its original value, but it had been
+ inadvertently lowered to 10 when rndc was updated to use
+ the network manager. [GL #2643]
+
+5645. [cleanup] Remove the rarely-used dns_name_copy() function and
+ rename dns_name_copynf() to dns_name_copy(). [GL !5081]
+
+5644. [bug] Fix a race condition in reading and writing key files
+ for zones using KASP and configured in multiple views.
+ [GL #1875]
+
+5643. [placeholder]
+
+5642. [bug] Zones which are configured in multiple views with
+ different values set for "dnssec-policy" and with
+ identical values set for "key-directory" are now
+ detected and treated as a configuration error.
+ [GL #2463]
+
+5641. [bug] Address a potential memory leak in
+ dst_key_fromnamedfile(). [GL #2689]
+
+5640. [func] Add new configuration options for setting the size of
+ receive and send buffers in the operating system:
+ "tcp-receive-buffer", "tcp-send-buffer",
+ "udp-receive-buffer", and "udp-send-buffer". [GL #2313]
+
+5639. [bug] Check that the first and last SOA record of an AXFR are
+ consistent. [GL #2528]
+
+ --- 9.17.13 released ---
+
+5638. [bug] Improvements related to network manager/task manager
+ integration:
+ - isc_managers_create() and isc_managers_destroy()
+ functions were added to handle setup and teardown of
+ netmgr, taskmgr, timermgr, and socketmgr, since these
+ require a precise order of operations now.
+ - Event queue processing is now quantized to prevent
+ infinite looping.
+ - The netmgr can now be paused from within a netmgr
+ thread.
+ - Deadlocks due to a conflict between netmgr's
+ pause/resume and listen/stoplistening operations were
+ fixed.
+ [GL #2654]
+
+5637. [placeholder]
+
+5636. [bug] named and named-checkconf did not report an error when
+ multiple zones with the "dnssec-policy" option set were
+ using the same zone file. This has been fixed.
+ [GL #2603]
+
+5635. [bug] Journal compaction could fail when a journal with
+ invalid transaction headers was not detected at startup.
+ This has been fixed. [GL #2670]
+
+5634. [bug] If "dnssec-policy" was active and a private key file was
+ temporarily offline during a rekey event, named could
+ incorrectly introduce replacement keys and break a
+ signed zone. This has been fixed. [GL #2596]
+
+5633. [doc] The "inline-signing" option was incorrectly described as
+ being inherited from the "options"/"view" levels and was
+ incorrectly accepted at those levels without effect.
+ This has been fixed. [GL #2536]
+
+5632. [func] Add a new built-in KASP, "insecure", which is used to
+ transition a zone from a signed to an unsigned state.
+ The existing built-in KASP "none" should no longer be
+ used to unsign a zone. [GL #2645]
+
+5631. [protocol] Update the implementation of the ZONEMD RR type to match
+ RFC 8976. [GL #2658]
+
+5630. [func] Treat DNSSEC responses containing NSEC3 records with
+ iteration counts greater than 150 as insecure.
+ [GL #2445]
+
+5629. [func] Reduce the maximum supported number of NSEC3 iterations
+ that can be configured for a zone to 150. [GL #2642]
+
+5628. [bug] Host and nslookup could crash upon receiving a SERVFAIL
+ response. This has been fixed. [GL #2564]
+
+5627. [bug] RRSIG(SOA) RRsets placed anywhere other than at the zone
+ apex were triggering infinite resigning loops. This has
+ been fixed. [GL #2650]
+
+5626. [bug] When generating zone signing keys, KASP now also checks
+ for key ID conflicts among newly created keys, rather
+ than just between new and existing ones. [GL #2628]
+
+5625. [bug] A deadlock could occur when multiple "rndc addzone",
+ "rndc delzone", and/or "rndc modzone" commands were
+ invoked simultaneously for different zones. This has
+ been fixed. [GL #2626]
+
+5624. [func] Task manager events are now processed inside network
+ manager loops. The task manager no longer needs its own
+ set of worker threads, which improves resolver
+ performance. [GL #2638]
+
+5623. [bug] When named was shut down during an ongoing zone
+ transfer, xfrin_fail() could incorrectly be called
+ twice. This has been fixed. [GL #2630]
+
+5622. [cleanup] The lib/samples/ directory has been removed, as export
+ versions of libraries are no longer maintained.
+ [GL !4835]
+
+5621. [placeholder]
+
+5620. [bug] If zone journal files written by BIND 9.16.11 or earlier
+ were present when BIND was upgraded, the zone file for
+ that zone could have been inadvertently rewritten with
+ the current zone contents. This caused the original zone
+ file structure (e.g. comments, $INCLUDE directives) to
+ be lost, although the zone data itself was preserved.
+ This has been fixed. [GL #2623]
+
+5619. [protocol] Implement draft-vandijk-dnsop-nsec-ttl, updating the
+ protocol such that NSEC(3) TTL values are set to the
+ minimum of the SOA MINIMUM value or the SOA TTL.
+ [GL #2347]
+
+5618. [bug] Change 5149 introduced some inconsistencies in the way
+ record TTLs were presented in cache dumps. These
+ inconsistencies have been eliminated. [GL #389]
+ [GL #2289]
+
+ --- 9.17.12 released ---
+
+5617. [placeholder]
+
+5616. [security] named crashed when a DNAME record placed in the ANSWER
+ section during DNAME chasing turned out to be the final
+ answer to a client query. (CVE-2021-25215) [GL #2540]
+
+5615. [security] Insufficient IXFR checks could result in named serving a
+ zone without an SOA record at the apex, leading to a
+ RUNTIME_CHECK assertion failure when the zone was
+ subsequently refreshed. This has been fixed by adding an
+ owner name check for all SOA records which are included
+ in a zone transfer. (CVE-2021-25214) [GL #2467]
+
+5614. [bug] Ensure all resources are properly cleaned up when a call
+ to gss_accept_sec_context() fails. [GL #2620]
+
+5613. [bug] It was possible to write an invalid transaction header
+ in the journal file for a managed-keys database after
+ upgrading. This has been fixed. Invalid headers in
+ existing journal files are detected and named is able
+ to recover from them. [GL #2600]
+
+5612. [bug] Continued refactoring of the network manager:
+ - allow recovery from read and connect timeout events,
+ - ensure that calls to isc_nm_*connect() always
+ return the connection status via a callback
+ function.
+ [GL #2401]
+
+5611. [func] Set "stale-answer-client-timeout" to "off" by default.
+ [GL #2608]
+
+5610. [bug] Prevent a crash which could happen when a lookup
+ triggered by "stale-answer-client-timeout" was attempted
+ right after recursion for a client query finished.
+ [GL #2594]
+
+5609. [func] The ISC implementation of SPNEGO was removed from BIND 9
+ source code. It was no longer necessary as all major
+ contemporary Kerberos/GSSAPI libraries include support
+ for SPNEGO. [GL #2607]
+
+5608. [bug] When sending queries over TCP, dig now properly handles
+ "+tries=1 +retry=0" by not retrying the connection when
+ the remote server closes the connection prematurely.
+ [GL #2490]
+
+5607. [bug] As "rndc dnssec -checkds" and "rndc dnssec -rollover"
+ commands may affect the next scheduled key event,
+ reconfiguration of zone keys is now triggered after
+ receiving either of these commands to prevent
+ unnecessary key rollover delays. [GL #2488]
+
+5606. [bug] CDS/CDNSKEY DELETE records are now removed when a zone
+ transitions from a secure to an insecure state.
+ named-checkzone also no longer reports an error when
+ such records are found in an unsigned zone. [GL #2517]
+
+5605. [bug] "dig -u" now uses the CLOCK_REALTIME clock source for
+ more accurate time reporting. [GL #2592]
+
+5604. [experimental] A "filter-a.so" plugin, which is similar to the
+ "filter-aaaa.so" plugin but which omits A records
+ instead of AAAA records, has been added. Thanks to
+ GitLab user @treysis. [GL #2585]
+
+5603. [placeholder]
+
+5602. [bug] Fix TCPDNS and TLSDNS timers in Network Manager. This
+ makes the "tcp-initial-timeout" and "tcp-idle-timeout"
+ options work correctly again. [GL #2583]
+
+5601. [bug] Zones using KASP could not be thawed after they were
+ frozen using "rndc freeze". This has been fixed.
+ [GL #2523]
+
+5600. [bug] Send a full certificate chain instead of just the leaf
+ certificate to DNS-over-TLS (DoT) and DNS-over-HTTPS
+ (DoH) clients. This makes BIND 9 DoT/DoH servers
+ compatible with a broader set of clients. [GL #2514]
+
+5599. [bug] Fix a named crash which occurred after skipping a
+ primary server while transferring a zone over TLS.
+ [GL #2562]
+
+5598. [port] Silence -Wchar-subscripts compiler warnings triggered on
+ some platforms due to calling character classification
+ functions declared in the <ctype.h> header with
+ arguments of type char. [GL #2567]
+
+ --- 9.17.11 released ---
+
+5597. [bug] When serve-stale was enabled and starting the recursive
+ resolution process for a query failed, a named instance
+ could crash if it was configured as both a recursive and
+ authoritative server. This problem was introduced by
+ change 5573 and has now been fixed. [GL #2565]
+
+5596. [func] Client-side support for DNS-over-HTTPS (DoH) has been
+ added to dig. "dig +https" can now query a server via
+ HTTP/2. [GL #1641]
+
+5595. [cleanup] Public header files for BIND 9 libraries no longer
+ directly include third-party library headers. This
+ prevents the need to include paths to third-party header
+ files in CFLAGS whenever BIND 9 public header files are
+ used, which could cause build-time issues on hosts with
+ older versions of BIND 9 installed. [GL #2357]
+
+5594. [bug] Building with --enable-dnsrps --enable-dnsrps-dl failed.
+ [GL #2298]
+
+5593. [bug] Journal files written by older versions of named can now
+ be read when loading zones, so that journal
+ incompatibility does not cause problems on upgrade.
+ Outdated journals are updated to the new format after
+ loading. [GL #2505]
+
+5592. [bug] Prevent hazard pointer table overflows on machines with
+ many cores, by allowing the thread IDs (serving as
+ indices into hazard pointer tables) of finished threads
+ to be reused by those created later. [GL #2396]
+
+5591. [bug] Fix a crash that occurred when
+ "stale-answer-client-timeout" was triggered without any
+ (stale) data available in the cache to answer the query.
+ [GL #2503]
+
+5590. [bug] NSEC3 records were not immediately created for dynamic
+ zones using NSEC3 with "dnssec-policy", resulting in
+ such zones going bogus. Add code to process the
+ NSEC3PARAM queue at zone load time so that NSEC3 records
+ for such zones are created immediately. [GL #2498]
+
+5589. [placeholder]
+
+5588. [func] Add a new "purge-keys" option for "dnssec-policy". This
+ option determines the period of time for which key files
+ are retained after they become obsolete. [GL #2408]
+
+5587. [bug] A standalone libtool script no longer needs to be
+ present in PATH to build BIND 9 from a source tarball
+ prepared using "make dist". [GL #2504]
+
+5586. [bug] An invalid direction field in a LOC record resulted in
+ an INSIST failure when a zone file containing such a
+ record was loaded. [GL #2499]
+
+5585. [func] Memory contexts and memory pool implementations were
+ refactored to reduce lock contention for shared memory
+ contexts by replacing mutexes with atomic operations.
+ The internal memory allocator was simplified so that it
+ is only a thin wrapper around the system allocator. This
+ change made the "-M external" named option redundant and
+ it was therefore removed. [GL #2433]
+
+5584. [bug] No longer set the IP_DONTFRAG option on UDP sockets, to
+ prevent dropping outgoing packets exceeding
+ "max-udp-size". [GL #2466]
+
+5583. [func] Changes to DNS-over-HTTPS (DoH) configuration syntax:
+ - When "http" is specified in "listen-on" or
+ "listen-on-v6" statements, "tls" must also now be
+ specified. If an unencrypted connection is desired
+ (for example, when running behind a reverse proxy),
+ use "tls none".
+ - "http default" can now be specified in "listen-on" and
+ "listen-on-v6" statements to use the default HTTP
+ endpoint of "/dns-query". It is no longer necessary to
+ include an "http" statement in named.conf unless
+ overriding this value.
+ [GL #2472]
+
+5582. [bug] BIND 9 failed to build when static OpenSSL libraries
+ were used and the pkg-config files for libssl and/or
+ libcrypto were unavailable. This has been fixed by
+ ensuring that the correct linking order for libssl and
+ libcrypto is always used. [GL #2402]
+
+5581. [bug] Fix a memory leak that occurred when inline-signed zones
+ were added to the configuration, followed by a
+ reconfiguration of named. [GL #2041]
+
+5580. [test] The system test framework no longer differentiates
+ between SKIPPED and UNTESTED system test results. Any
+ system test which is not run is now marked as SKIPPED.
+ [GL !4517]
+
+5579. [bug] If an invalid key name (e.g. "a..b") was specified in a
+ primaries list in named.conf, the wrong size was passed
+ to isc_mem_put(), resulting in the returned memory being
+ put on the wrong free list. This prevented named from
+ starting up. [GL #2460]
+
+ --- 9.17.10 released ---
+
+5578. [protocol] Make "check-names" accept A records below "_spf",
+ "_spf_rate", and "_spf_verify" labels in order to cater
+ for the "exists" SPF mechanism specified in RFC 7208
+ section 5.7 and appendix D.1. [GL #2377]
+
+5577. [bug] Fix the "three is a crowd" key rollover bug in KASP by
+ correctly implementing Equation (2) of the "Flexible and
+ Robust Key Rollover" paper. [GL #2375]
+
+5576. [experimental] Initial server-side implementation of DNS-over-HTTPS
+ (DoH). Support for both TLS-encrypted and unencrypted
+ HTTP/2 connections has been added to the network manager
+ and integrated into named. (Note: there is currently no
+ client-side support for DNS-over-HTTPS; this will be
+ added to dig in a future release.) [GL #1144]
+
+5575. [bug] When migrating to KASP, BIND 9 considered keys with the
+ "Inactive" and/or "Delete" timing metadata to be
+ possible active keys. This has been fixed. [GL #2406]
+
+5574. [func] Incoming zone transfers can now use TLS. Addresses in a
+ "primaries" list take an optional "tls" argument,
+ specifying either a previously configured "tls" block or
+ "ephemeral"; SOA queries and zone transfer requests are
+ then sent via TLS. [GL #2392]
+
+5573. [func] When serve-stale is enabled and stale data is available,
+ named now returns stale answers upon encountering any
+ unexpected error in the query resolution process.
+ However, the "stale-refresh-time" window is still only
+ started upon a timeout. [GL #2434]
+
+5572. [bug] Address potential double free in generatexml().
+ [GL #2420]
+
+5571. [bug] named failed to start when its configuration included a
+ zone with a non-builtin "allow-update" ACL attached.
+ [GL #2413]
+
+5570. [bug] Improve performance of the DNSSEC verification code by
+ reducing the number of repeated calls to
+ dns_dnssec_keyfromrdata(). [GL #2073]
+
+5569. [bug] Emit useful error message when "rndc retransfer" is
+ applied to a zone of inappropriate type. [GL #2342]
+
+5568. [bug] Fixed a crash in "dnssec-keyfromlabel" when using ECDSA
+ keys. [GL #2178]
+
+5567. [bug] Dig now reports unknown dash options while pre-parsing
+ the options. This prevents "-multi" instead of "+multi"
+ from reporting memory usage before ending option parsing
+ with "Invalid option: -lti". [GL #2403]
+
+5566. [func] Add "stale-answer-client-timeout" option, which is the
+ amount of time a recursive resolver waits before
+ attempting to answer the query using stale data from
+ cache. [GL #2247]
+
+5565. [func] The SONAMEs for BIND 9 libraries now include the current
+ BIND 9 version number, in an effort to tightly couple
+ internal libraries with a specific release. [GL #2387]
+
+5564. [cleanup] Network manager's TLSDNS module was refactored to use
+ libuv and libssl directly instead of a stack of TCP/TLS
+ sockets. [GL #2335]
+
+5563. [cleanup] Changed several obsolete configuration options to
+ ancient, making them fatal errors. Also cleaned up the
+ number of clause flags in the configuration parser.
+ [GL #1086]
+
+5562. [placeholder]
+
+5561. [bug] KASP incorrectly set signature validity to the value of
+ the DNSKEY signature validity. This is now fixed.
+ [GL #2383]
+
+5560. [func] The default value of "max-stale-ttl" has been changed
+ from 12 hours to 1 day and the default value of
+ "stale-answer-ttl" has been changed from 1 second to 30
+ seconds, following RFC 8767 recommendations. [GL #2248]
+
+ --- 9.17.9 released ---
+
+5559. [bug] The --with-maxminddb=PATH form of the build-time option
+ enabling support for libmaxminddb was not working
+ correctly. This has been fixed. [GL #2366]
+
+5558. [bug] Asynchronous hook modules could trigger an assertion
+ failure when the fetch handle was detached too late.
+ Thanks to Jinmei Tatuya at Infoblox. [GL #2379]
+
+5557. [bug] Prevent RBTDB instances from being destroyed by multiple
+ threads at the same time. [GL #2317]
+
+5556. [bug] Further tweak newline printing in dnssec-signzone and
+ dnssec-verify. [GL #2359]
+
+5555. [placeholder]
+
+5554. [bug] dnssec-signzone and dnssec-verify were missing newlines
+ between log messages. [GL #2359]
+
+5553. [bug] When reconfiguring named, removing "auto-dnssec" did not
+ turn off DNSSEC maintenance. [GL #2341]
+
+5552. [func] When switching to "dnssec-policy none;", named now
+ permits a safe transition to insecure mode and publishes
+ the CDS and CDNSKEY DELETE records, as described in RFC
+ 8078. [GL #1750]
+
+5551. [bug] named no longer attempts to assign threads to CPUs
+ outside the CPU affinity set. Thanks to Ole Bjørn
+ Hessen. [GL #2245]
+
+5550. [func] dnssec-signzone and named now log a warning when falling
+ back to the "increment" SOA serial method. [GL #2058]
+
+5549. [protocol] ipv4only.arpa is now served when DNS64 is configured.
+ [GL #385]
+
+5548. [placeholder]
+
+5547. [placeholder]
+
+ --- 9.17.8 released ---
+
+5546. [placeholder]
+
+5545. [func] OS support for load-balanced sockets is no longer
+ required to receive incoming queries in multiple netmgr
+ threads. [GL #2137]
+
+5544. [func] Restore the default value of "nocookie-udp-size" to 4096
+ bytes. [GL #2250]
+
+5543. [bug] Fix UDP performance issues caused by making netmgr
+ callbacks asynchronous-only. [GL #2320]
+
+5542. [bug] Refactor netmgr. [GL #1920] [GL #2034] [GL #2061]
+ [GL #2194] [GL #2221] [GL #2266] [GL #2283] [GL #2318]
+ [GL #2321]
+
+5541. [func] Adjust the "max-recursion-queries" default from 75 to
+ 100. [GL #2305]
+
+5540. [port] Fix building with native PKCS#11 support for AEP Keyper.
+ [GL #2315]
+
+5539. [bug] Tighten handling of missing DNS COOKIE responses over
+ UDP by falling back to TCP. [GL #2275]
+
+5538. [func] Add NSEC3 support to KASP. A new option for
+ "dnssec-policy", "nsec3param", can be used to set the
+ desired NSEC3 parameters. NSEC3 salt collisions are
+ automatically prevented during resalting. Salt
+ generation is now logged with zone context. [GL #1620]
+
+5537. [func] The query plugin mechanism has been extended
+ to support asynchronous operations. For example, a
+ plugin can now trigger recursion and resume
+ processing when it is complete. Thanks to Jinmei
+ Tatuya at Infoblox. [GL #2141]
+
+5536. [func] Dig can now report the DNS64 prefixes in use
+ (+dns64prefix). [GL #1154]
+
+5535. [bug] dig/nslookup/host could crash on shutdown after an
+ interrupt. [GL #2287] [GL #2288]
+
+5534. [bug] The CNAME synthesized from a DNAME was incorrectly
+ followed when the QTYPE was CNAME or ANY. [GL #2280]
+
+ --- 9.17.7 released ---
+
+5533. [func] Add the "stale-refresh-time" option, a time window that
+ starts after a failed lookup, during which a stale RRset
+ is served directly from cache before a new attempt to
+ refresh it is made. [GL #2066]
+
+5532. [cleanup] Unused header files were removed:
+ bin/rndc/include/rndc/os.h, lib/isc/timer_p.h,
+ lib/isccfg/include/isccfg/dnsconf.h and code related
+ to those files. [GL #1913]
+
+5531. [func] Add support for DNS over TLS (DoT) to dig and named.
+ dig output now includes the transport protocol used.
+ [GL #1816] [GL #1840]
+
+5530. [bug] dnstap did not capture responses to forwarded UPDATE
+ requests. [GL #2252]
+
+5529. [func] The network manager API is now used by named to send
+ zone transfer requests. [GL #2016]
+
+5528. [func] Convert dig, host, and nslookup to use the network
+ manager API. As a side effect of this change, "dig
+ +unexpected" no longer works, and has been disabled.
+ [GL #2140]
+
+5527. [bug] A NULL pointer dereference occurred when creating an NTA
+ recheck query failed. [GL #2244]
+
+5526. [bug] Fix a race/NULL dereference in TCPDNS read. [GL #2227]
+
+5525. [placeholder]
+
+5524. [func] Added functionality to the network manager to support
+ outgoing DNS queries in addition to incoming ones.
+ [GL #2235]
+
+5523. [bug] The initial lookup in a zone transitioning to/from a
+ signed state could fail if the DNSKEY RRset was not
+ found. [GL #2236]
+
+5522. [bug] Fixed a race/NULL dereference in TCPDNS send. [GL #2227]
+
+5521. [func] All use of libltdl was dropped. libuv's shared library
+ handling interface is now used instead. [GL !4278]
+
+5520. [bug] Fixed a number of shutdown races, reference counting
+ errors, and spurious log messages that could occur
+ in the network manager. [GL #2221]
+
+5519. [cleanup] Unused source code was removed: lib/dns/dbtable.c,
+ lib/dns/portlist.c, lib/isc/bufferlist.c, and code
+ related to those files. [GL #2060]
+
+5518. [bug] Stub zones now work correctly with primary servers using
+ "minimal-responses yes". [GL #1736]
+
+5517. [bug] Do not treat UV_EOF as a TCP4RecvErr or a TCP6RecvErr.
+ [GL #2208]
+
+ --- 9.17.6 released ---
+
+5516. [func] The default EDNS buffer size has been changed from 4096
+ to 1232 bytes, the EDNS buffer size probing has been
+ removed, and named now sets the DF (Don't Fragment) flag
+ on outgoing UDP packets. [GL #2183]
+
+5515. [func] Add 'rndc dnssec -rollover' command to trigger a manual
+ rollover for a specific key. [GL #1749]
+
+5514. [bug] Fix KASP expected key size for Ed25519 and Ed448.
+ [GL #2171]
+
+5513. [doc] The ARM section describing the "rrset-order" statement
+ was rewritten to make it unambiguous and up-to-date with
+ the source code. [GL #2139]
+
+5512. [bug] "rrset-order" rules using "order none" were causing
+ named to crash despite named-checkconf treating them as
+ valid. [GL #2139]
+
+5511. [bug] 'dig -u +yaml' failed to display timestamps to the
+ microsecond. [GL #2190]
+
+5510. [bug] Implement the attach/detach semantics for dns_message_t
+ to fix a data race in accessing an already-destroyed
+ fctx->rmessage. [GL #2124]
+
+5509. [bug] filter-aaaa: named crashed upon shutdown if it was in
+ the process of recursing for A RRsets. [GL #1040]
+
+5508. [func] Added new parameter "-expired" for "rndc dumpdb" that
+ also prints expired RRsets (awaiting cleanup) to the
+ dump file. [GL #1870]
+
+5507. [bug] Named could compute incorrect SIG(0) responses.
+ [GL #2109]
+
+5506. [bug] Properly handle failed sysconf() calls, so we don't
+ report invalid memory size. [GL #2166]
+
+5505. [bug] Updating contents of a mixed-case RPZ could cause some
+ rules to be ignored. [GL #2169]
+
+5504. [func] The "glue-cache" option has been marked as deprecated.
+ The glue cache feature will be permanently enabled in a
+ future release. [GL #2146]
+
+5503. [bug] Cleaned up reference counting of network manager
+ handles, now using isc_nmhandle_attach() and _detach()
+ instead of _ref() and _unref(). [GL #2122]
+
+ --- 9.17.5 released ---
+
+5502. [func] 'dig +bufsize=0' no longer disables EDNS. [GL #2054]
+
+5501. [func] Log CDS/CDNSKEY publication. [GL #1748]
+
+5500. [bug] Fix (non-)publication of CDS and CDNSKEY records.
+ [GL #2103]
+
+5499. [func] Add '-P ds' and '-D ds' arguments to dnssec-settime.
+ [GL #1748]
+
+5498. [test] The --with-gperftools-profiler configure option was
+ removed. [GL !4045]
+
+5497. [placeholder]
+
+5496. [bug] Address a TSAN report by ensuring each rate limiter
+ object holds a reference to its task. [GL #2081]
+
+5495. [bug] With query minimization enabled, named failed to
+ resolve ip6.arpa. names that had extra labels to the
+ left of the IPv6 part. [GL #1847]
+
+5494. [bug] Silence the EPROTO syslog message on older systems.
+ [GL #1928]
+
+5493. [bug] Fix off-by-one error when calculating new hash table
+ size. [GL #2104]
+
+5492. [bug] Tighten LOC parsing to reject a period (".") and/or "m"
+ as a value. Fix handling of negative altitudes which are
+ not whole meters. [GL #2074]
+
+5491. [bug] rbtversion->glue_table_size could be read without the
+ appropriate lock being held. [GL #2080]
+
+5490. [func] Refactor readline support to use pkg-config and add
+ support for the editline library. [GL !3942]
+
+5489. [bug] Named erroneously accepted certain invalid resource
+ records that were incorrectly processed after
+ subsequently being written to disk and loaded back, as
+ the wire format differed. Such records include: CERT,
+ IPSECKEY, NSEC3, NSEC3PARAM, NXT, SIG, TLSA, WKS, and
+ X25. [GL !3953]
+
+5488. [bug] NTA code needed to have a weak reference on its
+ associated view to prevent the latter from being deleted
+ while NTA tests were being performed. [GL #2067]
+
+5487. [cleanup] Update managed keys log messages to be less confusing.
+ [GL #2027]
+
+5486. [func] Add 'rndc dnssec -checkds' command, which signals to
+ named that the DS record for a given zone or key has
+ been updated in the parent zone. [GL #1613]
+
+ --- 9.17.4 released ---
+
+5485. [placeholder]
+
+5484. [func] Expire zero TTL records quickly rather than using them
+ for stale answers. [GL #1829]
+
+5483. [func] Keeping "stale" answers in cache has been disabled by
+ default and can be re-enabled with a new configuration
+ option "stale-cache-enable". [GL #1712]
+
+5482. [bug] If the Duplicate Address Detection (DAD) mechanism had
+ not yet finished after adding a new IPv6 address to the
+ system, BIND 9 would fail to bind to IPv6 addresses in a
+ tentative state. [GL #2038]
+
+5481. [security] "update-policy" rules of type "subdomain" were
+ incorrectly treated as "zonesub" rules, which allowed
+ keys used in "subdomain" rules to update names outside
+ of the specified subdomains. The problem was fixed by
+ making sure "subdomain" rules are again processed as
+ described in the ARM. (CVE-2020-8624) [GL #2055]
+
+5480. [security] When BIND 9 was compiled with native PKCS#11 support, it
+ was possible to trigger an assertion failure in code
+ determining the number of bits in the PKCS#11 RSA public
+ key with a specially crafted packet. (CVE-2020-8623)
+ [GL #2037]
+
+5479. [security] named could crash in certain query resolution scenarios
+ where QNAME minimization and forwarding were both
+ enabled. (CVE-2020-8621) [GL #1997]
+
+5478. [security] It was possible to trigger an assertion failure by
+ sending a specially crafted large TCP DNS message.
+ (CVE-2020-8620) [GL #1996]
+
+5477. [bug] The idle timeout for connected TCP sockets, which was
+ previously set to a high fixed value, is now derived
+ from the client query processing timeout configured for
+ a resolver. [GL #2024]
+
+5476. [security] It was possible to trigger an assertion failure when
+ verifying the response to a TSIG-signed request.
+ (CVE-2020-8622) [GL #2028]
+
+5475. [bug] Wildcard RPZ passthru rules could incorrectly be
+ overridden by other rules that were loaded from RPZ
+ zones which appeared later in the "response-policy"
+ statement. This has been fixed. [GL #1619]
+
+5474. [bug] dns_rdata_hip_next() failed to return ISC_R_NOMORE
+ when it should have. [GL !3880]
+
+5473. [func] The RBT hash table implementation has been changed
+ to use a faster hash function (HalfSipHash2-4) and
+ Fibonacci hashing for better distribution. Setting
+ "max-cache-size" now preallocates a fixed-size hash
+ table so that rehashing does not cause resolution
+ brownouts while the hash table is grown. [GL #1775]
+
+5472. [func] The statistics channel has been updated to use the
+ new network manager. [GL #2022]
+
+5471. [bug] The introduction of KASP support inadvertently caused
+ the second field of "sig-validity-interval" to always be
+ calculated in hours, even in cases when it should have
+ been calculated in days. This has been fixed. (Thanks to
+ Tony Finch.) [GL !3735]
+
+5470. [port] gsskrb5_register_acceptor_identity() is now only called
+ if gssapi_krb5.h is present. [GL #1995]
+
+5469. [port] On illumos, a constant called SEC is already defined in
+ <sys/time.h>, which conflicts with an identically named
+ constant in libbind9. This conflict has been resolved.
+ [GL #1993]
+
+5468. [bug] Addressed potential double unlock in process_fd().
+ [GL #2005]
+
+5467. [func] The control channel and the rndc utility have been
+ updated to use the new network manager. To support
+ this, the network manager was updated to enable
+ the initiation of client TCP connections. Its
+ internal reference counting has been refactored.
+
+ Note: As a side effect of this change, rndc cannot
+ currently be used with UNIX-domain sockets, and its
+ default timeout has changed from 60 seconds to 30.
+ These will be addressed in a future release.
+ [GL #1759]
+
+5466. [bug] Addressed an error in recursive clients stats reporting.
+ [GL #1719]
+
+5465. [func] Added fallback to built-in trust-anchors, managed-keys,
+ or trusted-keys if the bindkeys-file (bind.keys) cannot
+ be parsed. [GL #1235]
+
+5464. [bug] Requesting more than 128 files to be saved when rolling
+ dnstap log files caused a buffer overflow. This has been
+ fixed. [GL #1989]
+
+5463. [placeholder]
+
+5462. [bug] Move LMDB locking from LMDB itself to named. [GL #1976]
+
+5461. [bug] The STALE rdataset header attribute was updated while
+ the write lock was not being held, leading to incorrect
+ statistics. The header attributes are now converted to
+ use atomic operations. [GL #1475]
+
+5460. [cleanup] tsig-keygen was previously an alias for
+ ddns-confgen and was documented in the ddns-confgen
+ man page. This has been reversed; tsig-keygen is
+ now the primary name. [GL #1998]
+
+5459. [bug] Fixed bad isc_mem_put() size when an invalid type was
+ specified in an "update-policy" rule. [GL #1990]
+
+ --- 9.17.3 released ---
+
+5458. [bug] Prevent a theoretically possible NULL dereference caused
+ by a data race between zone_maintenance() and
+ dns_zone_setview_helper(). [GL #1627]
+
+5457. [placeholder]
+
+5456. [func] Added "primaries" as a synonym for "masters" in
+ named.conf, and "primary-only" as a synonym for
+ "master-only" in the parameters to "notify", to bring
+ terminology up-to-date with RFC 8499. [GL #1948]
+
+5455. [bug] named could crash when cleaning dead nodes in
+ lib/dns/rbtdb.c that were being reused. [GL #1968]
+
+5454. [bug] Address a startup crash that occurred when the server
+ was under load and the root zone had not yet been
+ loaded. [GL #1862]
+
+5453. [bug] named crashed on shutdown when a new rndc connection was
+ received during shutdown. [GL #1747]
+
+5452. [bug] The "blackhole" ACL was accidentally disabled for client
+ queries. [GL #1936]
+
+5451. [func] Add 'rndc dnssec -status' command. [GL #1612]
+
+5450. [placeholder]
+
+5449. [bug] Fix a socket shutdown race in netmgr udp. [GL #1938]
+
+5448. [bug] Fix a race condition in isc__nm_tcpdns_send().
+ [GL #1937]
+
+5447. [bug] IPv6 addresses ending in "::" could break YAML
+ parsing. A "0" is now appended to such addresses
+ in YAML output from dig, mdig, delv, and dnstap-read.
+ [GL #1952]
+
+5446. [bug] The validator could fail to accept a properly signed
+ RRset if an unsupported algorithm appeared earlier in
+ the DNSKEY RRset than a supported algorithm. It could
+ also stop if it detected a malformed public key.
+ [GL #1689]
+
+5445. [cleanup] Disable and disallow static linking. [GL #1933]
+
+5444. [bug] 'rndc dnstap -roll <value>' did not limit the number of
+ saved files to <value>. [GL !3728]
+
+5443. [bug] The "primary" and "secondary" keywords, when used
+ as parameters for "check-names", were not
+ processed correctly and were being ignored. [GL #1949]
+
+5442. [func] Add support for outgoing TCP connections in netmgr.
+ [GL #1958]
+
+5441. [placeholder]
+
+5440. [placeholder]
+
+5439. [bug] The DS RRset returned by dns_keynode_dsset() was used in
+ a non-thread-safe manner. [GL #1926]
+
+ --- 9.17.2 released ---
+
+5438. [bug] Fix a race in TCP accepting code. [GL #1930]
+
+5437. [bug] Fix a data race in lib/dns/resolver.c:log_formerr().
+ [GL #1808]
+
+5436. [security] It was possible to trigger an INSIST when determining
+ whether a record would fit into a TCP message buffer.
+ (CVE-2020-8618) [GL #1850]
+
+5435. [tests] Add RFC 4592 responses examples to the wildcard system
+ test. [GL #1718]
+
+5434. [security] It was possible to trigger an INSIST in
+ lib/dns/rbtdb.c:new_reference() with a particular zone
+ content and query patterns. (CVE-2020-8619) [GL #1111]
+ [GL #1718]
+
+5433. [placeholder]
+
+5432. [bug] Check the question section when processing AXFR, IXFR,
+ and SOA replies when transferring a zone in. [GL #1683]
+
+5431. [func] Reject DS records at the zone apex when loading
+ master files. Log but otherwise ignore attempts to
+ add DS records at the zone apex via UPDATE. [GL #1798]
+
+5430. [doc] Update docs - with netmgr, a separate listening socket
+ is created for each IPv6 interface (just as with IPv4).
+ [GL #1782]
+
+5429. [cleanup] Move BIND binaries which are neither daemons nor
+ administrative programs to $bindir. [GL #1724]
+
+5428. [bug] Clean up GSSAPI resources in nsupdate only after taskmgr
+ has been destroyed. Thanks to Petr Menšík. [GL !3316]
+
+5427. [placeholder]
+
+5426. [bug] Don't abort() when setting SO_INCOMING_CPU on the socket
+ fails. [GL #1911]
+
+5425. [func] The default value of "max-stale-ttl" has been changed
+ from 1 week to 12 hours. [GL #1877]
+
+5424. [bug] With KASP, when creating a successor key, the "goal"
+ state of the current active key (predecessor) was not
+ changed and thus never removed from the zone. [GL #1846]
+
+5423. [bug] Fix a bug in keymgr_key_has_successor(): it incorrectly
+ returned true if any other key in the keyring had a
+ successor. [GL #1845]
+
+5422. [bug] When using dnssec-policy, print correct key timing
+ metadata. [GL #1843]
+
+5421. [bug] Fix a race that could cause named to crash when looking
+ up the nodename of an RBT node if the tree was modified.
+ [GL #1857]
+
+5420. [bug] Add missing isc_{mutex,conditional}_destroy() calls
+ that caused a memory leak on FreeBSD. [GL #1893]
+
+5419. [func] Add new dig command line option, "+qid=<num>", which
+ allows the query ID to be set to an arbitrary value.
+ Add a new ./configure option, --enable-singletrace,
+ which allows trace logging of a single query when QID is
+ set to 0. [GL #1851]
+
+5418. [bug] delv failed to parse deprecated trusted-keys-style
+ trust anchors. [GL #1860]
+
+5417. [cleanup] The code determining the advertised UDP buffer size in
+ outgoing EDNS queries has been refactored to improve its
+ clarity. [GL #1868]
+
+5416. [bug] Fix a lock order inversion in lib/isc/unix/socket.c.
+ [GL #1859]
+
+5415. [test] Address race in dnssec system test that led to
+ test failures. [GL #1852]
+
+5414. [test] Adjust time allowed for journal truncation to occur
+ in nsupdate system test to avoid test failure.
+ [GL #1855]
+
+5413. [test] Address race in autosign system test that led to
+ test failures. [GL #1852]
+
+5412. [bug] 'provide-ixfr no;' failed to return up-to-date responses
+ when the serial was greater than or equal to the
+ current serial. [GL #1714]
+
+5411. [cleanup] TCP accept code has been refactored to use a single
+ accept() and pass the accepted socket to child threads
+ for processing. [GL !3320]
+
+5410. [func] Add the ability to specify per-type record count limits,
+ which are enforced when adding records via UPDATE, in an
+ "update-policy" statement. [GL #1657]
+
+5409. [performance] When looking up NSEC3 data in a zone database, skip the
+ check for empty non-terminal nodes; the NSEC3 tree does
+ not have any. [GL #1834]
+
+5408. [protocol] Print Extended DNS Errors if present in OPT record.
+ [GL #1835]
+
+5407. [func] Zone timers are now exported via statistics channel.
+ Thanks to Paul Frieden, Verizon Media. [GL #1232]
+
+5406. [func] Add a new logging category, "rpz-passthru", which allows
+ RPZ passthru actions to be logged in a separate channel.
+ [GL #54]
+
+5405. [bug] 'named-checkconf -p' could include spurious text in
+ server-addresses statements due to an uninitialized DSCP
+ value. [GL #1812]
+
+5404. [bug] 'named-checkconf -z' could incorrectly indicate
+ success if errors were found in one view but not in a
+ subsequent one. [GL #1807]
+
+5403. [func] Do not set UDP receive/send buffer sizes - use system
+ defaults. [GL #1713]
+
+5402. [bug] On FreeBSD, use SO_REUSEPORT_LB instead of SO_REUSEPORT.
+ Enable use of SO_REUSEADDR on all platforms which
+ support it. [GL !3365]
+
+5401. [bug] The number of input queues allocated during dnstap
+ initialization was too low, which could prevent some
+ dnstap data from being logged. [GL #1795]
+
+5400. [func] Add engine support to OpenSSL EdDSA implementation.
+ [GL #1763]
+
+5399. [func] Add engine support to OpenSSL ECDSA implementation.
+ [GL #1534]
+
+5398. [bug] Named could fail to restart if a zone with a double
+ quote (") in its name was added with 'rndc addzone'.
+ [GL #1695]
+
+5397. [func] Update PKCS#11 EdDSA implementation to PKCS#11 v3.0.
+ Thanks to Aaron Thompson. [GL !3326]
+
+5396. [func] When necessary (i.e. in libuv >= 1.37), use the
+ UV_UDP_RECVMMSG flag to enable recvmmsg() support in
+ libuv. [GL #1797]
+
+5395. [security] Further limit the number of queries that can be
+ triggered from a request. Root and TLD servers
+ are no longer exempt from max-recursion-queries.
+ Fetches for missing name server address records
+ are limited to 4 for any domain. (CVE-2020-8616)
+ [GL #1388]
+
+5394. [cleanup] Named formerly attempted to change the effective UID and
+ GID in named_os_openfile(), which could trigger a
+ spurious log message if they were already set to the
+ desired values. This has been fixed. [GL #1042]
+ [GL #1090]
+
+5393. [cleanup] Unused and/or redundant APIs were removed from libirs.
+ [GL #1758]
+
+5392. [bug] It was possible for named to crash during shutdown
+ or reconfiguration if an RPZ zone was still being
+ updated. [GL #1779]
+
+5391. [func] The BIND 9 build system has been changed to use a
+ typical autoconf+automake+libtool stack. When building
+ from the Git repository, run "autoreconf -fi" first.
+ [GL #4]
+
+5390. [security] Replaying a TSIG BADTIME response as a request could
+ trigger an assertion failure. (CVE-2020-8617)
+ [GL #1703]
+
+5389. [bug] Finish PKCS#11 code cleanup, fix a couple of smaller
+ bugs and use PKCS#11 v3.0 EdDSA macros and constants.
+ Thanks to Aaron Thompson. [GL !3391]
+
+5388. [func] Reject AXFR streams where the message ID is not
+ consistent. [GL #1674]
+
+5387. [placeholder]
+
+5386. [cleanup] Address Coverity warnings in lib/dns/keymgr.c.
+ [GL #1737]
+
+5385. [func] Make ISC rwlock implementation the default again.
+ [GL #1753]
+
+5384. [bug] With "dnssec-policy" in effect, "inline-signing" was
+ implicitly set to "yes". Now "inline-signing" is only
+ set to "yes" if the zone is not dynamic. [GL #1709]
+
+ --- 9.17.1 released ---
+
+5383. [func] Add a quota attach function with a callback and clean up
+ the isc_quota API. [GL !3280]
+
+5382. [bug] Use clock_gettime() instead of gettimeofday() for
+ isc_stdtime() function. [GL #1679]
+
+5381. [bug] Fix logging API data race by adding rwlock and caching
+ logging levels in stdatomic variables to restore
+ performance to original levels. [GL #1675] [GL #1717]
+
+5380. [contrib] Fix building MySQL DLZ modules against MySQL 8
+ libraries. [GL #1678]
+
+5379. [placeholder]
+
+5378. [bug] Receiving invalid DNS data was triggering an assertion
+ failure in nslookup. [GL #1652]
+
+5377. [placeholder]
+
+5376. [bug] Fix ineffective DNS rebinding protection when BIND is
+ configured as a forwarding DNS server. Thanks to Tobias
+ Klein. [GL #1574]
+
+5375. [test] Fix timing issues in the "kasp" system test. [GL #1669]
+
+5374. [bug] Statistics counters tracking recursive clients and
+ active connections could underflow. [GL #1087]
+
+5373. [bug] Collecting statistics for DNSSEC signing operations
+ (change 5254) caused an array of significant size (over
+ 100 kB) to be allocated for each configured zone. Each
+ of these arrays is tracking all possible key IDs; this
+ could trigger an out-of-memory condition on servers with
+ a high enough number of zones configured. Fixed by
+ tracking up to four keys per zone and rotating counters
+ when keys are replaced. This fixes the immediate problem
+ of high memory usage, but should be improved in a future
+ release by growing or shrinking the number of keys to
+ track upon key rollover events. [GL #1179]
+
+5372. [bug] Fix migration from existing DNSSEC key files
+ ("auto-dnssec maintain") to "dnssec-policy". [GL #1706]
+
+5371. [bug] Improve incremental updates of the RPZ summary
+ database to reduce delays that could occur when
+ a policy zone update included a large number of
+ record deletions. [GL #1447]
+
+5370. [bug] Deactivation of a netmgr handle associated with a
+ socket could be skipped in some circumstances.
+ Fixed by deactivating the netmgr handle before
+ scheduling the asynchronous close routine. [GL #1700]
+
+5369. [func] Add the ability to specify whether to wait for
+ nameserver domain names to be looked up, with a new RPZ
+ modifying directive 'nsdname-wait-recurse'. [GL #1138]
+
+5368. [bug] Named failed to restart if 'rndc addzone' names
+ contained special characters (e.g. '/'). [GL #1655]
+
+5367. [placeholder]
+
+ --- 9.17.0 released ---
+
+5366. [bug] Fix a race condition with the keymgr when the same
+ zone plus dnssec-policy is configured in multiple
+ views. [GL #1653]
+
+5365. [bug] Algorithm rollover was stuck on submitting DS
+ because keymgr thought it would move to an invalid
+ state. Fixed by checking the current key against
+ the desired state, not the existing state. [GL #1626]
+
+5364. [bug] Algorithm rollover waited too long before introducing
+ zone signatures. It waited to make sure all signatures
+ were regenerated, but when introducing a new algorithm,
+ all signatures are regenerated immediately. Only
+ add the sign delay if there is a predecessor key.
+ [GL #1625]
+
+5363. [bug] When changing a dnssec-policy, existing keys with
+ properties that no longer match were not being retired.
+ [GL #1624]
+
+5362. [func] Limit the size of IXFR responses so that AXFR will
+ be used instead if it would be smaller. This is
+ controlled by the "max-ixfr-ratio" option, which
+ is a percentage representing the ratio of IXFR size
+ to the size of the entire zone. This value cannot
+ exceed 100%, which is the default. [GL #1515]
+
+5361. [bug] named might not accept new connections after
+ hitting tcp-clients quota. [GL #1643]
+
+5360. [bug] delv could fail to load trust anchors in DNSKEY
+ format. [GL #1647]
+
+5359. [func] "rndc nta -d" and "rndc secroots" now include
+ "validate-except" entries when listing negative
+ trust anchors. These are indicated by the keyword
+ "permanent" in place of an expiry date. [GL #1532]
+
+5358. [bug] Inline master zones whose master files were touched
+ but otherwise unchanged and were subsequently reloaded
+ may have stopped re-signing. [GL !3135]
+
+5357. [bug] Newly added RRSIG records with expiry times before
+ the previous earliest expiry times might not be
+ re-signed in time. This was a side effect of 5315.
+ [GL !3137]
+
+5356. [func] Update dnssec-policy configuration statements:
+ - Rename "zone-max-ttl" dnssec-policy option to
+ "max-zone-ttl" for consistency with the existing
+ zone option.
+ - Allow for "lifetime unlimited" as a synonym for
+ "lifetime PT0S".
+ - Make "key-directory" optional.
+ - Warn if specifying a key length does not make
+ sense; fail if key length is out of range for
+ the algorithm.
+ - Allow use of mnemonics when specifying key
+ algorithm (e.g. "rsasha256", "ecdsa384", etc.).
+ - Make ISO 8601 durations case-insensitive.
+ [GL #1598]
+
+5355. [func] What was set with --with-tuning=large option in
+ older BIND9 versions is now a default, and
+ a --with-tuning=small option was added for small
+ (e.g. OpenWRT) systems. [GL !2989]
+
+5354. [bug] dnssec-policy created new KSK keys for zones in the
+ initial stage of signing (with the DS not yet in the
+ rumoured or omnipresent states). Fix by checking the
+ key goals rather than the active state when determining
+ whether new keys are needed. [GL #1593]
+
+5353. [doc] Document port and dscp parameters in forwarders
+ configuration option. [GL #914]
+
+5352. [bug] Correctly handle catalog zone entries containing
+ characters that aren't legal in filenames. [GL #1592]
+
+5351. [bug] CDS / CDNSKEY consistency checks failed to handle
+ removal records. [GL #1554]
+
+5350. [bug] When a view was configured with class CHAOS, the
+ server could crash while processing a query for a
+ non-existent record. [GL #1540]
+
+5349. [bug] Fix a race in task_pause/unpause. [GL #1571]
+
+5348. [bug] dnssec-settime -Psync was not being honoured.
+ Thanks to Tony Finch. [GL !2893]
+
+ --- 9.15.8 released ---
+
+5347. [bug] Fixed a bug that could cause an intermittent crash
+ in validator.c when validating a negative cache
+ entry. [GL #1561]
+
+5346. [bug] Make hazard pointer array allocations dynamic, fixing
+ a bug that caused named to crash on machines with more
+ than 40 cores. [GL #1493]
+
+5345. [func] Key-style trust anchors and DS-style trust anchors
+ can now both be used for the same name. [GL #1237]
+
+5344. [bug] Handle accept() errors properly in netmgr. [GL !2880]
+
+5343. [func] Add statistics counters to the netmgr. [GL #1311]
+
+5342. [bug] Disable pktinfo for IPv6 and bind to each interface
+ explicitly instead, because libuv doesn't support
+ pktinfo control messages. [GL #1558]
+
+5341. [func] Simplify passing the bound TCP socket to child
+ threads by using isc_uv_export/import functions.
+ [GL !2825]
+
+5340. [bug] Don't deadlock when binding to a TCP socket fails.
+ [GL #1499]
+
+5339. [bug] With some libmaxminddb versions, named could erroneously
+ match an IP address not belonging to any subnet defined
+ in a given GeoIP2 database to one of the existing
+ entries in that database. [GL #1552]
+
+5338. [bug] Fix line spacing in `rndc secroots`.
+ Thanks to Tony Finch. [GL !2478]
+
+5337. [func] 'named -V' now reports maxminddb and protobuf-c
+ versions. [GL !2686]
+
+ --- 9.15.7 released ---
+
+5336. [bug] The TCP high-water statistic could report an
+ incorrect value on startup. [GL #1392]
+
+5335. [func] Make TCP listening code multithreaded. [GL !2659]
+
+5334. [doc] Update documentation with dnssec-policy clarifications.
+ Also change some defaults. [GL !2711]
+
+5333. [bug] Fix duration printing on Solaris when value is not
+ an ISO 8601 duration. [GL #1460]
+
+5332. [func] Renamed "dnssec-keys" configuration statement
+ to the more descriptive "trust-anchors". [GL !2702]
+
+5331. [func] Use compiler-provided mechanisms for thread local
+ storage, and make the requirement for such mechanisms
+ explicit in configure. [GL #1444]
+
+5330. [bug] 'configure --without-python' was ineffective if
+ PYTHON was set in the environment. [GL #1434]
+
+5329. [bug] Reconfiguring named caused memory to be leaked when any
+ GeoIP2 database was in use. [GL #1445]
+
+5328. [bug] rbtdb.c:rdataset_{get,set}ownercase failed to obtain
+ a node lock. [GL #1417]
+
+5327. [func] Added a statistics counter to track queries
+ dropped because the recursive-clients quota was
+ exceeded. [GL #1399]
+
+5326. [bug] Add Python dependency on 'distutils.core' to configure.
+ 'distutils.core' is required for installation.
+ [GL #1397]
+
+5325. [bug] Addressed several issues with TCP connections in
+ the netmgr: restored support for TCP connection
+ timeouts, restored TCP backlog support, actively
+ close all open sockets during shutdown. [GL #1312]
+
+5324. [bug] Change the category of some log messages from general
+ to the more appropriate catergory of xfer-in. [GL #1394]
+
+5323. [bug] Fix a bug in DNSSEC trust anchor verification.
+ [GL !2609]
+
+5322. [placeholder]
+
+5321. [bug] Obtain write lock before updating version->records
+ and version->bytes. [GL #1341]
+
+5320. [cleanup] Silence TSAN on header->count. [GL #1344]
+
+ --- 9.15.6 released ---
+
+5319. [func] Trust anchors can now be configured using DS
+ format to represent a key digest, by using the
+ new "initial-ds" or "static-ds" keywords in
+ the "dnssec-keys" statement.
+
+ Note: DNSKEY-format and DS-format trust anchors
+ cannot both be used for the same domain name.
+ [GL #622]
+
+5318. [cleanup] The DNSSEC validation code has been refactored
+ for clarity and to reduce code duplication.
+ [GL #622]
+
+5317. [func] A new asynchronous network communications system
+ based on libuv is now used for listening for
+ incoming requests and responding to them. (The
+ old isc_socket API remains in use for sending
+ iterative queries and processing responses; this
+ will be changed too in a later release.)
+
+ This change will make it easier to improve
+ performance and implement new protocol layers
+ (e.g., DNS over TLS) in the future. [GL #29]
+
+5316. [func] A new "dnssec-policy" option has been added to
+ named.conf to implement a key and signing policy
+ (KASP) for zones. When this option is in use,
+ named can generate new keys as needed and
+ automatically roll both ZSK and KSK keys. (Note
+ that the syntax for this statement differs from
+ the dnssec policy used by dnssec-keymgr.)
+
+ See the ARM for configuration details. [GL #1134]
+
+5315. [bug] Apply the initial RRSIG expiration spread fixed
+ to all dynamically created records in the zone
+ including NSEC3. Also fix the signature clusters
+ when the server has been offline for prolonged
+ period of times. [GL #1256]
+
+5314. [func] Added a new statistics variable "tcp-highwater"
+ that reports the maximum number of simultaneous TCP
+ clients BIND has handled while running. [GL #1206]
+
+5313. [bug] The default GeoIP2 database location did not match
+ the ARM. 'named -V' now reports the default
+ location. [GL #1301]
+
+5312. [bug] Do not flush the cache for `rndc validation status`.
+ Thanks to Tony Finch. [GL !2462]
+
+5311. [cleanup] Include all views in output of `rndc validation status`.
+ Thanks to Tony Finch. [GL !2461]
+
+5310. [bug] TCP failures were affecting EDNS statistics. [GL #1059]
+
+5309. [placeholder]
+
+5308. [bug] Don't log DNS_R_UNCHANGED from sync_secure_journal()
+ at ERROR level in receive_secure_serial(). [GL #1288]
+
+5307. [bug] Fix hang when named-compilezone output is sent to pipe.
+ Thanks to Tony Finch. [GL !2481]
+
+5306. [security] Set a limit on number of simultaneous pipelined TCP
+ queries. (CVE-2019-6477) [GL #1264]
+
+5305. [bug] NSEC Aggressive Cache ("synth-from-dnssec") has been
+ disabled by default because it was found to have
+ a significant performance impact on the recursive
+ service. [GL #1265]
+
+5304. [bug] "dnskey-sig-validity 0;" was not being accepted.
+ [GL #876]
+
+5303. [placeholder]
+
+5302. [bug] Fix checking that "dnstap-output" is defined when
+ "dnstap" is specified in a view. [GL #1281]
+
+5301. [bug] Detect partial prefixes / incomplete IPv4 address in
+ acls. [GL #1143]
+
+5300. [bug] dig/mdig/delv: Add a colon after EDNS option names,
+ even when the option is empty, to improve
+ readability and allow correct parsing of YAML
+ output. [GL #1226]
+
+ --- 9.15.5 released ---
+
+5299. [security] A flaw in DNSSEC verification when transferring
+ mirror zones could allow data to be incorrectly
+ marked valid. (CVE-2019-6475) [GL #1252]
+
+5298. [security] Named could assert if a forwarder returned a
+ referral, rather than resolving the query, when QNAME
+ minimization was enabled. (CVE-2019-6476) [GL #1051]
+
+5297. [bug] Check whether a previous QNAME minimization fetch
+ is still running before starting a new one; return
+ SERVFAIL and log an error if so. [GL #1191]
+
+5296. [placeholder]
+
+5295. [cleanup] Split dns_name_copy() calls into dns_name_copy() and
+ dns_name_copynf() for those calls that can potentially
+ fail and those that should not fail respectively.
+ [GL !2265]
+
+5294. [func] Fallback to ACE name on output in locale, which does not
+ support converting it to unicode. [GL #846]
+
+5293. [bug] On Windows, named crashed upon any attempt to fetch XML
+ statistics from it. [GL #1245]
+
+5292. [bug] Queue 'rndc nsec3param' requests while signing inline
+ zone changes. [GL #1205]
+
+ --- 9.15.4 released ---
+
+5291. [placeholder]
+
+5290. [placeholder]
+
+5289. [bug] Address NULL pointer dereference in rpz.c:rpz_detach.
+ [GL #1210]
+
+5288. [bug] dnssec-must-be-secure was not always honored.
+ [GL #1209]
+
+5287. [placeholder]
+
+5286. [contrib] Address potential NULL pointer dereferences in
+ dlz_mysqldyn_mod.c. [GL #1207]
+
+5285. [port] win32: implement "-T maxudpXXX". [GL #837]
+
+5284. [func] Added +unexpected command line option to dig.
+ By default, dig won't accept a reply from a source
+ other than the one to which it sent the query.
+ Invoking dig with +unexpected argument will allow it
+ to process replies from unexpected sources.
+
+5283. [bug] When a response-policy zone expires, ensure that
+ its policies are removed from the RPZ summary
+ database. [GL #1146]
+
+5282. [bug] Fixed a bug in searching for possible wildcard matches
+ for query names in the RPZ summary database. [GL #1146]
+
+5281. [cleanup] Don't escape commas when reporting named's command
+ line. [GL #1189]
+
+5280. [protocol] Add support for displaying EDNS option LLQ. [GL #1201]
+
+5279. [bug] When loading, reject zones containing CDS or CDNSKEY
+ RRsets at the zone apex if they would cause DNSSEC
+ validation failures if published in the parent zone
+ as the DS RRset. [GL #1187]
+
+5278. [func] Add YAML output formats for dig, mdig and delv;
+ use the "+yaml" option to enable. [GL #1145]
+
+ --- 9.15.3 released ---
+
+5277. [bug] Cache DB statistics could underflow when serve-stale
+ was in use, because of a bug in counter maintenance
+ when RRsets become stale.
+
+ Functions for dumping statistics have been updated
+ to dump active, stale, and ancient statistic
+ counters. Ancient RRset counters are prefixed
+ with '~'; stale RRset counters are still prefixed
+ with '#'. [GL #602]
+
+5276. [func] DNSSEC Lookaside Validation (DLV) is now obsolete;
+ all code enabling its use has been removed from the
+ validator, "delv", and the DNSSEC tools. [GL #7]
+
+5275. [bug] Mark DS records included in referral messages
+ with trust level "pending" so that they can be
+ validated and cached immediately, with no need to
+ re-query. [GL #964]
+
+5274. [bug] Address potential use after free race when shutting
+ down rpz. [GL #1175]
+
+5273. [bug] Check that bits [64..71] of a dns64 prefix are zero.
+ [GL #1159]
+
+5272. [cleanup] Remove isc-config.sh script as the BIND 9 libraries
+ are now purely internal. [GL #1123]
+
+5271. [func] The normal (non-debugging) output of dnssec-signzone
+ and dnssec-verify tools now goes to stdout, instead of
+ the combination of stderr and stdout.
+
+5270. [bug] 'dig +expandaaaa +short' did not work. [GL #1152]
+
+5269. [port] cygwin: can return ETIMEDOUT on connect() with a
+ non-blocking socket. [GL #1133]
+
+5268. [placeholder]
+
+5267. [func] Allow statistics groups display to be toggle-able.
+ [GL #1030]
+
+5266. [bug] named-checkconf failed to report dnstap-output
+ missing from named.conf when dnstap was specified.
+ [GL #1136]
+
+5265. [bug] DNS64 and RPZ nodata (CNAME *.) rules interacted badly
+ [GL #1106]
+
+5264. [func] New DNS Cookie algorithm - siphash24 - has been added
+ to BIND 9, and the old HMAC-SHA DNS Cookie algorithms
+ have been removed. [GL #605]
+
+ --- 9.15.2 released ---
+
+5263. [cleanup] Use atomics and isc_refcount_t wherever possible.
+ [GL #1038]
+
+5262. [func] Removed support for the legacy GeoIP API. [GL #1112]
+
+5261. [cleanup] Remove SO_BSDCOMPAT socket option usage.
+
+5260. [bug] dnstap-read was producing malformed output for large
+ packets. [GL #1093]
+
+5259. [func] New option '-i' for 'named-checkconf' to ignore
+ warnings about deprecated options. [GL #1101]
+
+5258. [func] Added support for the GeoIP2 API from MaxMind. This
+ will be compiled in by default if the "libmaxminddb"
+ library is found at compile time, but can be
+ suppressed using "configure --disable-geoip".
+
+ Certain geoip ACL settings that were available with
+ legacy GeoIP are not available when using GeoIP2.
+ [GL #182]
+
+5257. [bug] Some statistics data was not being displayed.
+ Add shading to the zone tables. [GL #1030]
+
+5256. [bug] Ensure that glue records are included in root
+ priming responses if "minimal-responses" is not
+ set to "yes". [GL #1092]
+
+5255. [bug] Errors encountered while reloading inline-signing
+ zones could be ignored, causing the zone content to
+ be left in an incompletely updated state rather than
+ reverted. [GL #1109]
+
+5254. [func] Collect metrics to report to the statistics-channel
+ DNSSEC signing operations (dnssec-sign) and refresh
+ operations (dnssec-refresh) per zone and per keytag.
+ [GL #513]
+
+5253. [port] Support platforms that don't define ULLONG_MAX.
+ [GL #1098]
+
+5252. [func] Report if the last 'rndc reload/reconfig' failed in
+ rndc status. [GL !2040]
+
+5251. [bug] Statistics were broken in x86 Windows builds.
+ [GL #1081]
+
+5250. [func] The default size for RSA keys is now 2048 bits,
+ for both ZSKs and KSKs. [GL #1097]
+
+5249. [bug] Fix a possible underflow in recursion clients
+ statistics when hitting recursive clients
+ soft quota. [GL #1067]
+
+ --- 9.15.1 released ---
+
+5248. [func] To clarify the configuration of DNSSEC keys,
+ the "managed-keys" and "trusted-keys" options
+ have both been deprecated. The new "dnssec-keys"
+ statement can now be used for all trust anchors,
+ with the keywords "iniital-key" or "static-key"
+ to indicate whether the configured trust anchor
+ should be used for initialization of RFC 5011 key
+ management, or as a permanent trust anchor.
+
+ The "static-key" keyword will generate a warning if
+ used for the root zone.
+
+ Configurations using "trusted-keys" or "managed-keys"
+ will continue to work with no changes, but will
+ generate warnings in the log. In a future release,
+ these options will be marked obsolete. [GL #6]
+
+5247. [cleanup] The 'cleaning-interval' option has been removed.
+ [GL !1731]
+
+5246. [func] Log TSIG if appropriate in 'sending notify to' message.
+ [GL #1058]
+
+5245. [cleanup] Reduce logging level for IXFR up-to-date poll
+ responses. [GL #1009]
+
+5244. [security] Fixed a race condition in dns_dispatch_getnext()
+ that could cause an assertion failure if a
+ significant number of incoming packets were
+ rejected. (CVE-2019-6471) [GL #942]
+
+5243. [bug] Fix a possible race between dispatcher and socket
+ code in a high-load cold-cache resolver scenario.
+ [GL #943]
+
+5242. [bug] In relaxed qname minimization mode, fall back to
+ normal resolution when encountering a lame
+ delegation, and use _.domain/A queries rather
+ than domain/NS. [GL #1055]
+
+5241. [bug] Fix Ed448 private and public key ASN.1 prefix blobs.
+ [GL #225]
+
+5240. [bug] Remove key id calculation for RSAMD5. [GL #996]
+
+5239. [func] Change the json-c detection to pkg-config. [GL #855]
+
+5238. [bug] Fix a possible deadlock in TCP code. [GL #1046]
+
+5237. [bug] Recurse to find the root server list with 'dig +trace'.
+ [GL #1028]
+
+5236. [func] Add SipHash 2-4 implementation in lib/isc/siphash.c
+ and switch isc_hash_function() to use SipHash 2-4.
+ [GL #605]
+
+5235. [cleanup] Refactor lib/isc/app.c to be thread-safe, unused
+ parts of the API has been removed and the
+ isc_appctx_t data type has been changed to be
+ fully opaque. [GL #1023]
+
+5234. [port] arm: just use the compiler's default support for
+ yield. [GL #981]
+
+ --- 9.15.0 released ---
+
+5233. [bug] Negative trust anchors did not work with "forward only;"
+ to validating resolvers. [GL #997]
+
+5232. [placeholder]
+
+5231. [protocol] Add support for displaying CLIENT-TAG and SERVER-TAG.
+ [GL #960]
+
+5230. [protocol] The SHA-1 hash algorithm is no longer used when
+ generating DS and CDS records. [GL #1015]
+
+5229. [protocol] Enforce known SSHFP fingerprint lengths. [GL #852]
+
+5228. [func] If trusted-keys and managed-keys were configured
+ simultaneously for the same name, the key could
+ not be be rolled automatically. This is now
+ a fatal configuration error. [GL #868]
+
+5227. [placeholder]
+
+5226. [placeholder]
+
+5225. [func] Allow dig to print out AAAA record fully expanded.
+ with +[no]expandaaaa. [GL #765]
+
+5224. [bug] Only test provide-ixfr on TCP streams. [GL #991]
+
+5223. [bug] Fixed a race in the filter-aaaa plugin accessing
+ the hash table. [GL #1005]
+
+5222. [bug] 'delv -t ANY' could leak memory. [GL #983]
+
+5221. [test] Enable parallel execution of system tests on
+ Windows. [GL !4101]
+
+5220. [cleanup] Refactor the isc_stat structure to take advantage
+ of stdatomic. [GL !1493]
+
+5219. [bug] Fixed a race in the filter-aaaa plugin that could
+ trigger a crash when returning an instance object
+ to the memory pool. [GL #982]
+
+5218. [bug] Conditionally include <dlfcn.h>. [GL #995]
+
+5217. [bug] Restore key id calculation for RSAMD5. [GL #996]
+
+5216. [bug] Fetches-per-zone counter wasn't updated correctly
+ when doing qname minimization. [GL #992]
+
+5215. [bug] Change #5124 was incomplete; named could still
+ return FORMERR instead of SERVFAIL in some cases.
+ [GL #990]
+
+5214. [bug] win32: named now removes its lock file upon shutdown.
+ [GL #979]
+
+5213. [bug] win32: Eliminated a race which allowed named.exe running
+ as a service to be killed prematurely during shutdown.
+ [GL #978]
+
+5212. [placeholder]
+
+5211. [bug] Allow out-of-zone additional data to be included
+ in authoritative responses if recursion is allowed
+ and "minimal-responses" is disabled. This behavior
+ was inadvertently removed in change #4605. [GL #817]
+
+5210. [bug] When dnstap is enabled and recursion is not
+ available, incoming queries are now logged
+ as "auth". Previously, this depended on whether
+ recursion was requested by the client, not on
+ whether recursion was available. [GL #963]
+
+5209. [bug] When update-check-ksk is true, add_sigs was not
+ considering offline keys, leaving record sets signed
+ with the incorrect type key. [GL #763]
+
+5208. [test] Run valid rdata wire encodings through totext+fromtext
+ and tofmttext+fromtext methods to check these methods.
+ [GL #899]
+
+5207. [test] Check delv and dig TTL values. [GL #965]
+
+5206. [bug] Delv could print out bad TTLs. [GL #965]
+
+5205. [bug] Enforce that a DS hash exists. [GL #899]
+
+5204. [test] Check that dns_rdata_fromtext() produces a record that
+ will be accepted by dns_rdata_fromwire(). [GL #852]
+
+5203. [bug] Enforce whether key rdata exists or not in KEY,
+ DNSKEY, CDNSKEY and RKEY. [GL #899]
+
+5202. [bug] <dns/ecs.h> was missing ISC_LANG_ENDDECLS. [GL #976]
+
+5201. [bug] Fix a possible deadlock in RPZ update code. [GL #973]
+
+5200. [security] tcp-clients settings could be exceeded in some cases,
+ which could lead to exhaustion of file descriptors.
+ (CVE-2018-5743) [GL #615]
+
+5199. [security] In certain configurations, named could crash
+ if nxdomain-redirect was in use and a redirected
+ query resulted in an NXDOMAIN from the cache.
+ (CVE-2019-6467) [GL #880]
+
+5198. [bug] If a fetch context was being shut down and, at the same
+ time, we returned from qname minimization, an INSIST
+ could be hit. [GL #966]
+
+5197. [bug] dig could die in best effort mode on multiple SIG(0)
+ records. Similarly on multiple OPT and multiple TSIG
+ records. [GL #920]
+
+5196. [bug] make install failed with --with-dlopen=no. [GL #955]
+
+5195. [bug] "allow-update" and "allow-update-forwarding" were
+ treated as configuration errors if used at the
+ options or view level. [GL #913]
+
+5194. [bug] Enforce non empty ZOMEMD hash. [GL #899]
+
+5193. [bug] EID and NIMLOC failed to do multi-line output
+ correctly. [GL #899]
+
+5192. [placeholder]
+
+5191. [placeholder]
+
+5190. [bug] Ignore trust anchors using disabled algorithms.
+ [GL #806]
+
+5189. [cleanup] Remove revoked root DNSKEY from bind.keys. [GL #945]
+
+5188. [func] The "dnssec-enable" option is deprecated and no
+ longer has any effect; DNSSEC responses are
+ always enabled. [GL #866]
+
+5187. [test] Set time zone before running any tests in dnstap_test.
+ [GL #940]
+
+5186. [cleanup] More dnssec-keygen manual tidying. [GL !1678]
+
+5185. [placeholder]
+
+5184. [bug] Missing unlocks in sdlz.c. [GL #936]
+
+5183. [bug] Reinitialize ECS data before reusing client
+ structures. [GL #881]
+
+5182. [bug] Fix a high-load race/crash in handling of
+ isc_socket_close() in resolver. [GL #834]
+
+5181. [func] Add a mechanism for a DLZ module to signal that
+ the view's allow-transfer ACL should be used to
+ determine whether transfers are allowed. [GL #803]
+
+5180. [bug] delv now honors the operating system's preferred
+ ephemeral port range. [GL #925]
+
+5179. [cleanup] Replace some vague type declarations with the more
+ specific dns_secalg_t and dns_dsdigest_t.
+ Thanks to Tony Finch. [GL !1498]
+
+5178. [bug] Handle EDQUOT (disk quota) and ENOSPC (disk full)
+ errors when writing files. [GL #902]
+
+5177. [func] Add the ability to specify in named.conf whether a
+ response-policy zone's SOA record should be added
+ to the additional section (add-soa yes/no). [GL #865]
+
+5176. [tests] Remove a dependency on libxml in statschannel system
+ test. [GL #926]
+
+5175. [bug] Fixed a problem with file input in dnssec-keymgr,
+ dnssec-coverage and dnssec-checkds when using
+ python3. [GL #882]
+
+5174. [doc] Tidy dnssec-keygen manual. [GL !1557]
+
+5173. [bug] Fixed a race in socket code that could occur when
+ accept, send, or recv were called from an event
+ loop but the socket had been closed by another
+ thread. [RT #874]
+
+5172. [bug] nsupdate now honors the operating system's preferred
+ ephemeral port range. [GL #905]
+
+5171. [func] named plugins are now installed into a separate
+ directory. Supplying a filename (a string without path
+ separators) in a "plugin" configuration stanza now
+ causes named to look for that plugin in that directory.
+ [GL #878]
+
+5170. [test] Added --with-dlz-filesystem to feature-test. [GL !1587]
+
+5169. [bug] The presence of certain types in an otherwise
+ empty node could cause a crash while processing a
+ type ANY query. [GL #901]
+
+5168. [bug] Do not crash on shutdown when RPZ fails to load. Also,
+ keep previous version of the database if RPZ fails to
+ load. [GL #813]
+
+5167. [bug] nxdomain-redirect could sometimes lookup the wrong
+ redirect name. [GL #892]
+
+5166. [placeholder]
+
+5165. [contrib] Removed SDB drivers from contrib; they're obsolete.
+ [GL #428]
+
+5164. [bug] Correct errno to result translation in dlz filesystem
+ modules. [GL #884]
+
+5163. [cleanup] Out-of-tree builds failed --enable-dnstap. [GL #836]
+
+5162. [cleanup] Improve dnssec-keymgr manual. Thanks to Tony Finch.
+ [GL !1518]
+
+5161. [bug] Do not require the SEP bit to be set for mirror zone
+ trust anchors. [GL #873]
+
+5160. [contrib] Added DNAME support to the DLZ LDAP schema. Also
+ fixed a compilation bug affecting several DLZ
+ modules. [GL #872]
+
+5159. [bug] dnssec-coverage was incorrectly ignoring
+ names specified on the command line without
+ trailing dots. [GL !1478]
+
+5158. [protocol] Add support for AMTRELAY and ZONEMD. [GL #867]
+
+5157. [bug] Nslookup now errors out if there are extra command
+ line arguments. [GL #207]
+
+5156. [doc] Extended and refined the section of the ARM describing
+ mirror zones. [GL #774]
+
+5155. [func] "named -V" now outputs the default paths to
+ named.conf, rndc.conf, bind.keys, and other
+ files used or created by named and other tools, so
+ that the correct paths to these files can quickly be
+ determined regardless of the configure settings
+ used when BIND was built. [GL #859]
+
+5154. [bug] dig: process_opt could be called twice on the same
+ message leading to a assertion failure. [GL #860]
+
+5153. [func] Zone transfer statistics (size, number of records, and
+ number of messages) are now logged for outgoing
+ transfers as well as incoming ones. [GL #513]
+
+5152. [func] Improved logging of DNSSEC key events:
+ - Zone signing and DNSKEY maintenance events are
+ now logged to the "dnssec" category
+ - Messages are now logged when DNSSEC keys are
+ published, activated, inactivated, deleted,
+ or revoked.
+ [GL #714]
+
+5151. [func] Options that have been been marked as obsolete in
+ named.conf for a very long time are now fatal
+ configuration errors. [GL #358]
+
+5150. [cleanup] Remove the ability to compile BIND with assertions
+ disabled. [GL #735]
+
+5149. [func] "rndc dumpdb" now prints a line above a stale RRset
+ indicating how long the data will be retained in the
+ cache for emergency use. [GL #101]
+
+5148. [bug] named did not sign the TKEY response. [GL #821]
+
+5147. [bug] dnssec-keymgr: Add a five-minute margin to better
+ handle key events close to 'now'. [GL #848]
+
+5146. [placeholder]
+
+5145. [func] Use atomics instead of locked variables for isc_quota
+ and isc_counter. [GL !1389]
+
+5144. [bug] dig now returns a non-zero exit code when a TCP
+ connection is prematurely closed by a peer more than
+ once for the same lookup. [GL #820]
+
+5143. [bug] dnssec-keymgr and dnssec-coverage failed to find
+ key files for zone names ending in ".". [GL #560]
+
+5142. [cleanup] Removed "configure --disable-rpz-nsip" and
+ "--disable-rpz-nsdname" options. "nsip-enable"
+ and "nsdname-enable" both now default to yes,
+ regardless of compile-time settings. [GL #824]
+
+5141. [security] Zone transfer controls for writable DLZ zones were
+ not effective as the allowzonexfr method was not being
+ called for such zones. (CVE-2019-6465) [GL #790]
+
+5140. [bug] Don't immediately mark existing keys as inactive and
+ deleted when running dnssec-keymgr for the first
+ time. [GL #117]
+
+5139. [bug] If possible, don't use forwarders when priming.
+ This ensures we can get root server IP addresses
+ from priming query response glue, which may not
+ be present if the forwarding server is returning
+ minimal responses. [GL #752]
+
+5138. [bug] Under some circumstances named could hit an assertion
+ failure when doing qname minimization when using
+ forwarders. [GL #797]
+
+5137. [func] named now logs messages whenever a mirror zone becomes
+ usable or unusable for resolution purposes. [GL #818]
+
+5136. [cleanup] Check in named-checkconf that allow-update and
+ allow-update-forwarding are not set at the
+ view/options level; fix documentation. [GL #512]
+
+5135. [port] sparc: Use smt_pause() instead of pause. [GL #816]
+
+5134. [bug] win32: WSAStartup was not called before getservbyname
+ was called. [GL #590]
+
+5133. [bug] 'rndc managed-keys' didn't handle class and view
+ correctly and failed to add new lines between each
+ view. [GL !1327]
+
+5132. [bug] Fix race condition in cleanup part of dns_dt_create().
+ [GL !1323]
+
+5131. [cleanup] Address Coverity warnings. [GL #801]
+
+5130. [cleanup] Remove support for l10n message catalogs. [GL #709]
+
+5129. [contrib] sdlz_helper.c:build_querylist was not properly
+ splitting the query string. [GL #798]
+
+5128. [bug] Refreshkeytime was not being updated for managed
+ keys zones. [GL #784]
+
+5127. [bug] rcode.c:maybe_numeric failed to handle NUL in text
+ regions. [GL #807]
+
+5126. [bug] Named incorrectly accepted empty base64 and hex encoded
+ fields when reading master files. [GL #807]
+
+5125. [bug] Allow for up to 100 records or 64k of data when caching
+ a negative response. [GL #804]
+
+5124. [bug] Named could incorrectly return FORMERR rather than
+ SERVFAIL. [GL #804]
+
+5123. [bug] dig could hang indefinitely after encountering an error
+ before creating a TCP socket. [GL #692]
+
+5122. [bug] In a "forward first;" configuration, a forwarder
+ timeout did not prevent that forwarder from being
+ queried again after falling back to full recursive
+ resolution. [GL #315]
+
+5121. [contrib] dlz_stub_driver.c fails to return ISC_R_NOTFOUND on none
+ matching zone names. [GL !1299]
+
+5120. [placeholder]
+
+5119. [placeholder]
+
+5118. [security] Named could crash if it is managing a key with
+ `managed-keys` and the authoritative zone is rolling
+ the key to an unsupported algorithm. (CVE-2018-5745)
+ [GL #780]
+
+5117. [placeholder]
+
+5116. [bug] Named/named-checkconf triggered a assertion when
+ a mirror zone's name is bad. [GL #778]
+
+5115. [bug] Allow unsupported algorithms in zone when not used for
+ signing with dnssec-signzone. [GL #783]
+
+5114. [func] Include a 'reconfig/reload in progress' status line
+ in rndc status, use it in tests.
+
+5113. [port] Fixed a Windows build error.
+
+5112. [bug] Named/named-checkconf could dump core if there was
+ a missing masters clause and a bad notify clause.
+ [GL #779]
+
+5111. [bug] Occluded DNSKEY records could make it into the
+ delegating NSEC/NSEC3 bitmap. [GL #742]
+
+5110. [security] Named leaked memory if there were multiple Key Tag
+ EDNS options present. (CVE-2018-5744) [GL #772]
+
+5109. [cleanup] Remove support for RSAMD5 algorithm. [GL #628]
+
+ --- 9.13.5 released ---
+
+5108. [bug] Named could fail to determine bottom of zone when
+ removing out of date keys leading to invalid NSEC
+ and NSEC3 records being added to the zone. [GL #771]
+
+5107. [bug] 'host -U' did not work. [GL #769]
+
+5106. [experimental] A new "plugin" mechanism has been added to allow
+ extension of query processing functionality through
+ the use of dynamically loadable libraries. A
+ "filter-aaaa.so" plugin has been implemented,
+ replacing the filter-aaaa feature that was formerly
+ implemented as a native part of BIND.
+
+ The "filter-aaaa", "filter-aaaa-on-v4" and
+ "filter-aaaa-on-v6" options can no longer be
+ configured using native named.conf syntax. However,
+ loading the filter-aaaa.so plugin and setting its
+ parameters provides identical functionality.
+
+ Note that the plugin API is a work in progress and
+ is likely to evolve as further plugins are
+ implemented. [GL #15]
+
+5105. [bug] Fix a race between process_fd and socketclose in
+ unix socket code. [GL #744]
+
+5104. [cleanup] Log clearer informational message when a catz zone
+ is overridden by a zone in named.conf.
+ Thanks to Tony Finch. [GL !1157]
+
+5103. [bug] Add missing design by contract tests to dns_catz*.
+ [GL #748]
+
+5102. [bug] dnssec-coverage failed to use the default TTL when
+ checking KSK deletion times leading to a exception.
+ [GL #585]
+
+5101. [bug] Fix default installation path for Python modules and
+ remove the dnspython dependency accidentally introduced
+ by change 4970. [GL #730]
+
+5100. [func] Pin resolver tasks to specific task queues. [GL !1117]
+
+5099. [func] Failed mutex and conditional creations are always
+ fatal. [GL #674]
+
+ --- 9.13.4 released ---
+
+5098. [func] Failed memory allocations are now fatal. [GL #674]
+
+5097. [cleanup] Remove embedded ATF unit testing framework
+ from BIND source distribution. [GL !875]
+
+5096. [func] Use multiple event loops in socket code, and
+ make network threads CPU-affinitive. This
+ significantly improves performance on large
+ systems. [GL #666]
+
+5095. [test] Converted all unit tests from ATF to CMocka;
+ removed the source code for the ATF libraries.
+ Build with "configure --with-cmocka" to enable
+ unit testing. [GL #620]
+
+5094. [func] Add 'dig -r' to disable reading of .digrc. [GL !970]
+
+5093. [bug] Log lame qname-minimization servers only if they're
+ really lame. [GL #671]
+
+5092. [bug] Address memory leak on SIGTERM in nsupdate when using
+ GSS-TSIG. [GL #558]
+
+5091. [func] Two new global and per-view options min-cache-ttl
+ and min-ncache-ttl [GL #613]
+
+5090. [bug] dig and mdig failed to properly pre-parse dash value
+ pairs when value was a separate argument and started
+ with a dash. [GL #584]
+
+5089. [bug] Restore localhost fallback in dig and host which is
+ used when no nameserver addresses present in
+ /etc/resolv.conf are usable due to the requested
+ address family restrictions. [GL #433]
+
+5088. [bug] dig/host/nslookup could crash when interrupted close to
+ a query timeout. [GL #599]
+
+5087. [test] Check that result tables are complete. [GL #676]
+
+5086. [func] Log of RPZ now includes the QTYPE and QCLASS. [GL #623]
+
+5085. [bug] win32: Restore looking up nameservers, search list,
+ etc. [GL #186]
+
+5084. [placeholder]
+
+5083. [func] Add autoconf macro AX_POSIX_SHELL, so we
+ can use POSIX-compatible shell features
+ in the scripts.
+
+5082. [bug] Fixed a race that could cause a crash in
+ dig/host/nslookup. [GL #650]
+
+5081. [func] Use per-worker queues in task manager, make task
+ runners CPU-affine. [GL #659]
+
+5080. [func] Improvements to "rndc nta" user interface:
+ - catch and report invalid command line options
+ - when removing an NTA from all views, do not
+ abort with an error if the NTA was not found
+ in one of the views
+ - include the view name in "rndc nta -dump"
+ output, for consistency with the add and remove
+ actions
+ Thanks to Tony Finch. [GL !816]
+
+5079. [func] Disable IDN processing in dig and nslookup
+ when not on a tty. [GL #653]
+
+5078. [cleanup] Require python components to be explicitly disabled if
+ python is not available on unix platforms. [GL #601]
+
+5077. [cleanup] Remove ip6.int support (-i) from dig and mdig.
+ [GL !969]
+
+5076. [bug] "require-server-cookie" was not effective if
+ "rate-limit" was configured. [GL #617]
+
+5075. [bug] Refresh nameservers from cache when sending final
+ query in qname minimization. [GL #16]
+
+5074. [cleanup] Remove vector socket functions - isc_socket_recvv(),
+ isc_socket_sendtov(), isc_socket_sendtov2(),
+ isc_socket_sendv() - in order to simplify socket code.
+ [GL #645]
+
+5073. [bug] Destroy a task first when destroying rpzs and catzs.
+ [GL #84]
+
+5072. [bug] Add unit tests for isc_buffer_copyregion() and fix its
+ behavior for auto-reallocated buffers. [GL #644]
+
+5071. [bug] Comparison of NXT records was broken. [GL #631]
+
+5070. [bug] Record types which support a empty rdata field were
+ not handling the empty rdata field case. [GL #638]
+
+5069. [bug] Fix a hang on in RPZ when named is shutdown during RPZ
+ zone update. [GL !907]
+
+5068. [bug] Fix a race in RPZ with min-update-interval set to 0.
+ [GL #643]
+
+5067. [bug] Don't minimize qname when sending the query
+ to a forwarder. [GL #361]
+
+5066. [cleanup] Allow unquoted strings to be used as a zone names
+ in response-policy statements. [GL #641]
+
+5065. [bug] Only set IPV6_USE_MIN_MTU on IPv6. [GL #553]
+
+5064. [test] Initialize TZ environment variable before calling
+ dns_test_begin in dnstap_test. [GL #624]
+
+5063. [test] In statschannel test try a few times before failing
+ when checking if the compressed output is the same as
+ uncompressed. [GL !909]
+
+5062. [func] Use non-crypto-secure PRNG to generate nonces for
+ cookies. [GL !887]
+
+5061. [protocol] Add support for EID and NIMLOC. [GL #626]
+
+5060. [bug] GID, UID and UINFO could not be loaded using unknown
+ record format. [GL #627]
+
+5059. [bug] Display a per-view list of zones in the web interface.
+ [GL #427]
+
+5058. [func] Replace old message digest and hmac APIs with more
+ generic isc_md and isc_hmac APIs, and convert their
+ respective tests to cmocka. [GL #305]
+
+5057. [protocol] Add support for ATMA. [GL #619]
+
+5056. [placeholder]
+
+5055. [func] A default list of primary servers for the root zone is
+ now built into named, allowing the "masters" statement
+ to be omitted when configuring an IANA root zone
+ mirror. [GL #564]
+
+5054. [func] Attempts to use mirror zones with recursion disabled
+ are now considered a configuration error. [GL #564]
+
+5053. [func] The only valid zone-level NOTIFY settings for mirror
+ zones are now "notify no;" and "notify explicit;".
+ [GL #564]
+
+5052. [func] Mirror zones are now configured using "type mirror;"
+ rather than "mirror yes;". [GL #564]
+
+5051. [doc] Documentation incorrectly stated that the
+ "server-addresses" static-stub zone option accepts
+ custom port numbers. [GL #582]
+
+5050. [bug] The libirs version of getaddrinfo() was unable to parse
+ scoped IPv6 addresses present in /etc/resolv.conf.
+ [GL #187]
+
+5049. [cleanup] QNAME minimization has been deeply refactored. [GL #16]
+
+5048. [func] Add configure option to enable and enforce FIPS mode
+ in BIND 9. [GL #506]
+
+5047. [bug] Messages logged for certain query processing failures
+ now include a more specific error description if it is
+ available. [GL #572]
+
+5046. [bug] named could crash during shutdown if an RPZ
+ reload was in progress. [RT #46210]
+
+5045. [func] Remove support for DNSSEC algorithms 3 (DSA)
+ and 6 (DSA-NSEC3-SHA1). [GL #22]
+
+5044. [cleanup] If "dnssec-enable" is no, then "dnssec-validation"
+ now also defaults to no. [GL #388]
+
+5043. [bug] Fix creating and validating EdDSA signatures. [GL #579]
+
+5042. [test] Make the chained delegations in reclimit behave
+ like they would in a regular name server. [GL #578]
+
+5041. [test] The chain test contains a incomplete delegation.
+ [GL #568]
+
+5040. [func] Extended dnstap so that it can log UPDATE requests
+ and responses as separate message types. Thanks
+ to Greg Rabil. [GL #570]
+
+5039. [bug] Named could fail to preserve owner name case of new
+ RRset. [GL #420]
+
+5038. [bug] Chaosnet addresses were compared incorrectly.
+ [GL #562]
+
+5037. [func] "allow-recursion-on" and "allow-query-cache-on"
+ each now default to the other if only one of them
+ is set, in order to be more consistent with the way
+ "allow-recursion" and "allow-query-cache" work.
+ Also we now ensure that both query-cache ACLs are
+ checked when determining cache access. [GL #319]
+
+5036. [cleanup] Fixed a spacing/formatting error in some RPZ-related
+ error messages in the log. [GL !805]
+
+5035. [test] Fixed errors that prevented the DNSRPS subtests
+ from running in the rpz and rpzrecurse system
+ tests. [GL #503]
+
+5034. [bug] A race between threads could prevent zone maintenance
+ scheduled immediately after zone load from being
+ performed. [GL #542]
+
+5033. [bug] When adding NTAs to multiple views using "rndc nta",
+ the text returned via rndc was incorrectly terminated
+ after the first line, making it look as if only one
+ NTA had been added. Also, it was not possible to
+ differentiate between views with the same name but
+ different classes; this has been corrected with the
+ addition of a "-class" option. [GL #105]
+
+5032. [func] Add krb5-selfsub and ms-selfsub update policy rules.
+ [GL #511]
+
+5031. [cleanup] Various defines in platform.h has been either dropped
+ if always or never triggered on supported platforms
+ or replaced with config.h equivalents if the defines
+ didn't have any impact on public headers. Workarounds
+ for LinuxThreads have been removed because NPTL is
+ available since Linux kernel 2.6.0. [GL #525]
+
+5030. [bug] Align CMSG buffers to a 64-bit boundary, fixes crash
+ on architectures with strict alignment. [GL #521]
+
+ --- 9.13.3 released ---
+
+5029. [func] Workarounds for servers that misbehave when queried
+ with EDNS have been removed, because these broken
+ servers and the workarounds for their noncompliance
+ cause unnecessary delays, increase code complexity,
+ and prevent deployment of new DNS features. See
+ https://dnsflagday.net for further details. [GL #150]
+
+5028. [bug] Spread the initial RRSIG expiration times over the
+ entire working sig-validity-interval when signing a
+ zone in named to even out re-signing and transfer
+ loads. [GL #418]
+
+5027. [func] Set SO_SNDBUF size on sockets. [GL #74]
+
+5026. [bug] rndc reconfig should not touch already loaded zones.
+ [GL #276]
+
+5025. [cleanup] Remove isc_keyboard family of functions. [GL #178]
+
+5024. [func] Replace custom assembly for atomic operations with
+ atomic support from the compiler. The code will now use
+ C11 stdatomic, or __atomic, or __sync builtins with GCC
+ or Clang compilers, and Interlocked functions with MSVC.
+ [GL #10]
+
+5023. [cleanup] Remove wrappers that try to fix broken or incomplete
+ implementations of IPv6, pthreads and other core
+ functionality required and used by BIND. [GL #192]
+
+5022. [doc] Update ms-self, ms-subdomain, krb5-self, and
+ krb5-subdomain documentation. [GL !708]
+
+5021. [bug] dig returned a non-zero exit code when it received a
+ reply over TCP after a retry. [GL #487]
+
+5020. [func] RNG uses thread-local storage instead of locks, if
+ supported by platform. [GL #496]
+
+5019. [cleanup] A message is now logged when ixfr-from-differences is
+ set at zone level for an inline-signed zone. [GL #470]
+
+5018. [bug] Fix incorrect sizeof arguments in lib/isc/pk11.c.
+ [GL !588]
+
+5017. [bug] lib/isc/pk11.c failed to unlink the session before
+ releasing the lock which is unsafe. [GL !589]
+
+5016. [bug] Named could assert with overlapping filter-aaaa and
+ dns64 acls. [GL #445]
+
+5015. [bug] Reloading all zones caused zone maintenance to cease
+ for inline-signed zones. [GL #435]
+
+5014. [bug] Signatures loaded from the journal for the signed
+ version of an inline-signed zone were not scheduled for
+ refresh. [GL #482]
+
+5013. [bug] A referral response with a non-empty ANSWER section was
+ inadvertently being treated as an error. [GL #390]
+
+5012. [bug] Fix lock order reversal in pk11_initialize. [GL !590]
+
+5011. [func] Remove support for unthreaded named. [GL #478]
+
+5010. [func] New "validate-except" option specifies a list of
+ domains beneath which DNSSEC validation should not
+ be performed. [GL #237]
+
+5009. [bug] Upon an OpenSSL failure, the first error in the OpenSSL
+ error queue was not logged. [GL #476]
+
+5008. [bug] "rndc signing -nsec3param ..." requests were silently
+ ignored for zones which were not yet loaded or
+ transferred. [GL #468]
+
+5007. [cleanup] Replace custom ISC boolean and integer data types
+ with C99 stdint.h and stdbool.h types. [GL #9]
+
+5006. [cleanup] Code preparing a delegation response was extracted from
+ query_delegation() and query_zone_delegation() into a
+ separate function in order to decrease code
+ duplication. [GL #431]
+
+5005. [bug] dnssec-verify, and dnssec-signzone at the verification
+ step, failed on some validly signed zones. [GL #442]
+
+5004. [bug] 'rndc reconfig' could cause inline zones to stop
+ re-signing. [GL #439]
+
+5003. [bug] dns_acl_isinsecure did not handle geoip elements.
+ [GL #406]
+
+5002. [bug] mdig: Handle malformed +ednsopt option, support 100
+ +ednsopt options per query rather than 100 total and
+ address memory leaks if +ednsopt was specified.
+ [GL #410]
+
+5001. [bug] Fix refcount errors on error paths. [GL !563]
+
+5000. [bug] named_server_servestale() could leave the server in
+ exclusive mode if an error occurred. [GL #441]
+
+4999. [cleanup] Remove custom printf implementation in lib/isc/print.c.
+ [GL #261]
+
+4998. [test] Make resolver and cacheclean tests more civilized.
+
+4997. [security] named could crash during recursive processing
+ of DNAME records when "deny-answer-aliases" was
+ in use. (CVE-2018-5740) [GL #387]
+
+4996. [bug] dig: Handle malformed +ednsopt option. [GL #403]
+
+4995. [test] Add tests for "tcp-self" update policy. [GL !282]
+
+4994. [bug] Trust anchor telemetry queries were not being sent
+ upstream for locally served zones. [GL #392]
+
+4993. [cleanup] Remove support for silently ignoring 'no-change' deltas
+ from BIND 8 when processing an IXFR stream. 'no-change'
+ deltas will now trigger a fallback to AXFR as the
+ recovery mechanism. [GL #369]
+
+4992. [bug] The wrong address was being logged for trust anchor
+ telemetry queries. [GL #379]
+
+4991. [bug] "rndc reconfig" was incorrectly handling zones whose
+ "mirror" setting was changed. [GL #381]
+
+4990. [bug] Prevent a possible NULL reference in pkcs11-keygen.
+ [GL #401]
+
+4989. [cleanup] IDN support in dig has been reworked. IDNA2003
+ fallbacks were removed in the process. [GL #384]
+
+4988. [bug] Don't synthesize NXDOMAIN from NSEC for records under
+ a DNAME.
+
+ --- 9.13.2 released ---
+
+4987. [cleanup] dns_rdataslab_tordataset() and its related
+ dns_rdatasetmethods_t callbacks were removed as they
+ were not being used by anything in BIND. [GL #371]
+
+4986. [func] When built on Linux, BIND now requires the libcap
+ library to set process privileges, unless capability
+ support is explicitly overridden with "configure
+ --disable-linux-caps". [GL #321]
+
+4985. [func] Add a new slave zone option, "mirror", to enable
+ serving a non-authoritative copy of a zone that
+ is subject to DNSSEC validation before being
+ used. For now, this option is only meant to
+ facilitate deployment of an RFC 7706-style local
+ copy of the root zone. [GL #33]
+
+4984. [bug] Improve handling of very large incremental
+ zone transfers to prevent journal corruption. [GL #339]
+
+4983. [func] Add the ability to not return a DNS COOKIE option
+ when one is present in the request (answer-cookie no;).
+ [GL #173]
+
+4982. [cleanup] Return FORMERR if the question section is empty
+ and no COOKIE option is present; this restores
+ older behavior except in the newly specified
+ COOKIE case. [GL #260]
+
+4981. [bug] Fix race in cmsg buffer usage in socket code.
+ [GL #180]
+
+4980. [bug] Named-checkconf failed to detect bad in-view targets.
+ [GL #288]
+
+4979. [placeholder]
+
+4978. [test] Fix error handling and resolver configuration in the
+ "rpz" system test. [GL #312]
+
+4977. [func] When starting up, log the same details that
+ would be reported by 'named -V'. [GL #247]
+
+4976. [bug] Log the label with invalid prefix length correctly
+ when loading RPZ zones. [GL #254]
+
+4975. [bug] The server cookie computation for sha1 and sha256 did
+ not match the method described in RFC 7873. [GL #356]
+
+4974. [bug] Restore default rrset-order to random. [GL #336]
+
+4973. [func] verifyzone() and the functions it uses were moved to
+ libdns and refactored to prevent exit() from being
+ called upon failure. A side effect of that is that
+ dnssec-signzone and dnssec-verify now check for memory
+ leaks upon shutdown. [GL #266]
+
+4972. [func] Declare the 'rdata' argument for dns_rdata_tostruct()
+ to be const. [GL #341]
+
+4971. [bug] dnssec-signzone and dnssec-verify did not treat records
+ below a DNAME as out-of-zone data. [GL #298]
+
+4970. [func] Add QNAME minimization option to resolver. [GL #16]
+
+4969. [cleanup] Refactor zone logging functions. [GL #269]
+
+ --- 9.13.1 released ---
+
+4968. [bug] If glue records are signed, attempt to validate them.
+ [GL #209]
+
+4967. [cleanup] Add "answer-cookie" to the parser, marked obsolete.
+
+4966. [placeholder]
+
+4965. [func] Add support for marking options as deprecated.
+ [GL #322]
+
+4964. [bug] Reduce the probability of double signature when deleting
+ a DNSKEY by checking if the node is otherwise signed
+ by the algorithm of the key to be deleted. [GL #240]
+
+4963. [test] ifconfig.sh now uses "ip" instead of "ifconfig",
+ if available, to configure the test interfaces on
+ linux. [GL #302]
+
+4962. [cleanup] Move 'named -T' processing to its own function.
+ [GL #316]
+
+4961. [protocol] Remove support for ECC-GOST (GOST R 34.11-94).
+ [GL #295]
+
+4960. [security] When recursion is enabled, but the "allow-recursion"
+ and "allow-query-cache" ACLs are not specified,
+ they should be limited to local networks,
+ but were inadvertently set to match the default
+ "allow-query", thus allowing remote queries.
+ (CVE-2018-5738) [GL #309]
+
+4959. [func] NSID logging (enabled by the "request-nsid" option)
+ now has its own "nsid" category, instead of using the
+ "resolver" category. [GL !332]
+
+4958. [bug] Remove redundant space from NSEC3 record. [GL #281]
+
+4957. [func] The default setting for "dnssec-validation" is now
+ "auto", which activates DNSSEC validation using the
+ IANA root key. (The default can be changed back to
+ "yes", which activates DNSSEC validation only when keys
+ are explicitly configured in named.conf, by building
+ BIND with "configure --disable-auto-validation".)
+ [GL #30]
+
+4956. [func] Change isc_random() to be just PRNG using xoshiro128**,
+ and add isc_nonce_buf() that uses CSPRNG. [GL #289]
+
+4955. [cleanup] Silence cppcheck warnings in lib/dns/master.c.
+ [GL #286]
+
+4954. [func] Messages about serving of stale answers are now
+ directed to the "serve-stale" logging category.
+ Also clarified serve-stale documentation. [GL !323]
+
+4953. [bug] Removed the option to build the red black tree
+ database without a hash table; the non-hashing
+ version was buggy and is not needed. [GL #184]
+
+4952. [func] Authoritative server support in named for the
+ EDNS CLIENT-SUBNET option (which was experimental
+ and not practical to deploy) has been removed.
+
+ The ECS option is still supported in dig and mdig
+ via the +subnet option, and can be parsed and logged
+ when received by named, but it is no longer used
+ for ACL processing. The "geoip-use-ecs" option
+ is now obsolete; a warning will be logged if it is
+ used in named.conf. "ecs" tags in an ACL definition
+ are also obsolete and will cause the configuration
+ to fail to load. [GL #32]
+
+4951. [protocol] Add "HOME.ARPA" to list of built in empty zones as
+ per RFC 8375. [GL #273]
+
+ --- 9.13.0 released ---
+
+4950. [bug] ISC_SOCKEVENTATTR_TRUNC was not be set. [GL #238]
+
+4949. [placeholder]
+
+4948. [bug] When request-nsid is turned on, EDNS NSID options
+ should be logged at level info. Since change 3741
+ they have been logged at debug(3) by mistake.
+ [GL !290]
+
+4947. [func] Replace all random functions with isc_random(),
+ isc_random_buf() and isc_random_uniform() API.
+ [GL #221]
+
+4946. [bug] Additional glue was not being returned by resolver
+ for unsigned zones since change 4596. [GL #209]
+
+4945. [func] BIND can no longer be built without DNSSEC support.
+ A cryptography provider (i.e., OpenSSL or a hardware
+ service module with PKCS#11 support) must be
+ available. [GL #244]
+
+4944. [cleanup] Silence cppcheck portability warnings in
+ lib/isc/tests/buffer_test.c. [GL #239]
+
+4943. [bug] Change 4687 consumed too much memory when running
+ system tests with --with-tuning=large. Reduced the
+ hash table size to 512 entries for 'named -m record'
+ restoring the previous memory footprint. [GL #248]
+
+4942. [cleanup] Consolidate multiple instances of splitting of
+ batchline in dig into a single function. [GL #196]
+
+4941. [cleanup] Silence clang static analyzer warnings. [GL #196]
+
+4940. [cleanup] Extract the loop in dns__zone_updatesigs() into
+ separate functions to improve code readability.
+ [GL #135]
+
+4939. [test] Add basic unit tests for update_sigs(). [GL #135]
+
+4938. [placeholder]
+
+4937. [func] Remove support for OpenSSL < 1.0.0 [GL #191]
+
+4936. [func] Always use OpenSSL or PKCS#11 random data providers,
+ and remove the --{enable,disable}-crypto-rand configure
+ options. [GL #165]
+
+4935. [func] Add support for LibreSSL >= 2.7.0 (some OpenSSL 1.1.0
+ call were added). [GL #191]
+
+4934. [security] The serve-stale feature could cause an assertion failure
+ in rbtdb.c even when stale-answer-enable was false.
+ Simultaneous use of stale cache records and NSEC
+ aggressive negative caching could trigger a recursion
+ loop. (CVE-2018-5737) [GL #185]
+
+4933. [bug] Not creating signing keys for an inline signed zone
+ prevented changes applied to the raw zone from being
+ reflected in the secure zone until signing keys were
+ made available. [GL #159]
+
+4932. [bug] Bumped signed serial of an inline signed zone was
+ logged even when an error occurred while updating
+ signatures. [GL #159]
+
+4931. [func] Removed the "rbtdb64" database implementation.
+ [GL #217]
+
+4930. [bug] Remove a bogus check in nslookup command line
+ argument processing. [GL #206]
+
+4929. [func] Add the ability to set RA and TC in queries made by
+ dig (+[no]raflag, +[no]tcflag). [GL #213]
+
+4928. [func] The "dnskey-sig-validity" option allows
+ "sig-validity-interval" to be overridden for signatures
+ covering DNSKEY RRsets. [GL #145]
+
+4927. [placeholder]
+
+4926. [func] Add root key sentinel support. To disable, add
+ 'root-key-sentinel no;' to named.conf. [GL #37]
+
+4925. [func] Several configuration options that define intervals
+ can now take TTL value suffixes (for example, 2h or 1d)
+ in addition to integer parameters. These include
+ max-cache-ttl, max-ncache-ttl, max-policy-ttl,
+ fstrm-set-reopen-interval, interface-interval, and
+ min-update-interval. [GL #203]
+
+4924. [cleanup] Clean up the isc_string_* namespace and leave
+ only strlcpy and strlcat. [GL #178]
+
+4923. [cleanup] Refactor socket and socket event options into
+ enum types. [GL !135]
+
+4922. [bug] dnstap: Log the destination address of client
+ packets rather than the interface address.
+ [GL #197]
+
+4921. [cleanup] Add dns_fixedname_initname() and refactor the caller
+ code to make usage of the new function, as a part of
+ refactoring dns_fixedname_*() macros were turned into
+ functions. [GL #183]
+
+4920. [cleanup] Clean up libdns removing most of the backwards
+ compatibility wrappers.
+
+4919. [cleanup] Clean up the isc_hash_* namespace and leave only
+ the FNV-1a hash implementation. [GL #178]
+
+4918. [bug] Fix double free after keygen error in dnssec-keygen
+ when OpenSSL >= 1.1.0 is used and RSA_generate_key_ex
+ fails. [GL #109]
+
+4917. [func] Support 64 RPZ policy zones by default. [GL #123]
+
+4916. [func] Remove IDNA2003 support and the bundled idnkit-1.0
+ library.
+
+4915. [func] Implement IDNA2008 support in dig by adding support
+ for libidn2. New dig option +idnin has been added,
+ which allows to process invalid domain names much
+ like dig without IDN support. libidn2 version 2.0
+ or higher is needed for +idnout enabled by default.
+
+4914. [security] A bug in zone database reference counting could lead to
+ a crash when multiple versions of a slave zone were
+ transferred from a master in close succession.
+ (CVE-2018-5736) [GL #134]
+
+4913. [test] Re-implemented older unit tests in bin/tests as ATF,
+ removed the lib/tests unit testing library. [GL #115]
+
+4912. [test] Improved the reliability of the 'cds' system test.
+ [GL #136]
+
+4911. [test] Improved the reliability of the 'mkeys' system test.
+ [GL #128]
+
+4910. [func] Update util/check-changes to work on release branches.
+ [GL #113]
+
+4909. [bug] named-checkconf did not detect in-view zone collisions.
+ [GL #125]
+
+4908. [test] Eliminated unnecessary waiting in the allow_query
+ system test. Also changed its name to allow-query.
+ [GL #81]
+
+4907. [test] Improved the reliability of the 'notify' system
+ test. [GL #59]
+
+4906. [func] Replace getquad() with inet_pton(), completing
+ change #4900. [GL #56]
+
+4905. [bug] irs_resconf_load() ignored resolv.conf syntax errors
+ when "domain" or "search" options were present in that
+ file. [GL #110]
+
+4904. [bug] Temporarily revert change #4859. [GL #124]
+
+4903. [bug] "check-mx fail;" did not prevent MX records containing
+ IP addresses from being added to a zone by a dynamic
+ update. [GL #112]
+
+4902. [test] Improved the reliability of the 'ixfr' system
+ test. [GL #66]
+
+4901. [func] "dig +nssearch" now lists the name servers
+ for a domain that time out, as well as the servers
+ that respond. [GL #64]
+
+4900. [func] Remove all uses of inet_aton(). As a result of this
+ change, IPv4 addresses are now only accepted in
+ dotted-quad format. [GL #13]
+
+4899. [test] Convert most of the remaining system tests to be able
+ to run in parallel, continuing the work from change
+ #4895. To take advantage of this, use "make -jN check",
+ where N is the number of processors to use. [GL #91]
+
+4898. [func] Remove libseccomp based system-call filtering. [GL #93]
+
+4897. [test] Update to rpz system test so that it doesn't recurse.
+ [GL #68]
+
+4896. [test] cacheclean system test was not robust. [GL #82]
+
+4895. [test] Allow some system tests to run in parallel.
+ [RT #46602]
+
+4894. [bug] named could crash while rolling a dnstap output file.
+ [RT #46942]
+
+4893. [bug] Address various issues reported by cppcheck. [GL #51]
+
+4892. [bug] named could leak memory when "rndc reload" was invoked
+ before all zone loading actions triggered by a previous
+ "rndc reload" command were completed. [RT #47076]
+
+4891. [placeholder]
+
+4890. [func] Remove unused ondestroy callback from libisc.
+ [isc-projects/bind9!3]
+
+4889. [func] Warn about the use of old root keys without the new
+ root key being present. Warn about dlv.isc.org's
+ key being present. Warn about both managed and
+ trusted root keys being present. [RT #43670]
+
+4888. [test] Initialize sockets correctly in sample-update so
+ that the nsupdate system test will run on Windows.
+ [RT #47097]
+
+4887. [test] Enable the rpzrecurse test to run on Windows.
+ [RT #47093]
+
+4886. [doc] Document dig -u in manpage. [RT #47150]
+
+4885. [security] update-policy rules that otherwise ignore the name
+ field now require that it be set to "." to ensure
+ that any type list present is properly interpreted.
+ [RT #47126]
+
+4884. [bug] named could crash on shutdown due to a race between
+ shutdown_server() and ns__client_request(). [RT #47120]
+
+4883. [cleanup] Improved debugging output from dnssec-cds. [RT #47026]
+
+4882. [bug] Address potential memory leak in
+ dns_update_signaturesinc. [RT #47084]
+
+4881. [bug] Only include dst_openssl.h when OpenSSL is required.
+ [RT #47068]
+
+4880. [bug] Named wasn't returning the target of a cross-zone
+ CNAME between two served zones when recursion was
+ desired and available (RD=1, RA=1). (When this is
+ not the case, the CNAME target is deliberately
+ withheld to prevent accidental cache poisoning.)
+ [RT #47078]
+
+4879. [bug] dns_rdata_caa:value_len field was too small.
+ [RT #47086]
+
+4878. [bug] List 'ply' as a requirement for the 'isc' python
+ package. [RT #47065]
+
+4877. [bug] Address integer overflow when exponentially
+ backing off retry intervals. [RT #47041]
+
+4876. [bug] Address deadlock with accessing a keytable. [RT #47000]
+
+4875. [bug] Address compile failures on older systems. [RT #47015]
+
+4874. [bug] Wrong time display when reporting new keywarntime.
+ [RT #47042]
+
+4873. [doc] Grammars for named.conf included in the ARM are now
+ automatically generated by the configuration parser
+ itself. As a side effect of the work needed to
+ separate zone type grammars from each other, this
+ also makes checking of zone statements in
+ named-checkconf more correct and consistent.
+ [RT #36957]
+
+4872. [bug] Don't permit loading meta RR types such as TKEY
+ from master files. [RT #47009]
+
+4871. [bug] Fix configure glitch in detecting stdatomic.h
+ support on systems with multiple compilers.
+ [RT #46959]
+
+4870. [test] Update included ATF library to atf-0.21 preserving
+ the ATF tool. [RT #46967]
+
+4869. [bug] Address some cases where NULL with zero length could
+ be passed to memmove which is undefined behavior and
+ can lead to bad optimization. [RT #46888]
+
+4868. [func] dnssec-keygen can no longer generate HMAC keys.
+ Use tsig-keygen instead. [RT #46404]
+
+4867. [cleanup] Normalize rndc on/off commands (validation,
+ querylog, serve-stale) so they all accept the
+ same synonyms for on/off (yes/no, true/false,
+ enable/disable). Thanks to Tony Finch. [RT #47022]
+
+4866. [port] DST library initialization verifies MD5 (when MD5
+ was not disabled) and SHA-1 hash and HMAC support.
+ [RT #46764]
+
+4865. [cleanup] Simplify handling isc_socket_sendto2() return values.
+ [RT #46986]
+
+4864. [bug] named acting as a slave for a catalog zone crashed if
+ the latter contained a master definition without an IP
+ address. [RT #45999]
+
+4863. [bug] Fix various other bugs reported by Valgrind's
+ memcheck tool. [RT #46978]
+
+4862. [bug] The rdata flags for RRSIG were not being properly set
+ when constructing a rdataslab. [RT #46978]
+
+4861. [bug] The isc_crc64 unit test was not endian independent.
+ [RT #46973]
+
+4860. [bug] isc_int8_t should be signed char. [RT #46973]
+
+4859. [bug] A loop was possible when attempting to validate
+ unsigned CNAME responses from secure zones;
+ this caused a delay in returning SERVFAIL and
+ also increased the chances of encountering
+ CVE-2017-3145. [RT #46839]
+
+4858. [security] Addresses could be referenced after being freed
+ in resolver.c, causing an assertion failure.
+ (CVE-2017-3145) [RT #46839]
+
+4857. [bug] Maintain attach/detach semantics for event->db,
+ event->node, event->rdataset and event->sigrdataset
+ in query.c. [RT #46891]
+
+4856. [bug] 'rndc zonestatus' reported the wrong underlying type
+ for a inline slave zone. [RT #46875]
+
+4855. [bug] isc_time_formatshorttimestamp produced incorrect
+ output. [RT #46938]
+
+4854. [bug] query_synthcnamewildcard should stop generating the
+ response if query_synthwildcard fails. [RT #46939]
+
+4853. [bug] Add REQUIRE's and INSIST's to isc_time_formatISO8601L
+ and isc_time_formatISO8601Lms. [RT #46916]
+
+4852. [bug] Handle strftime() failing in isc_time_formatISO8601ms.
+ Add REQUIRE's and INSIST's to isc_time_formattimestamp,
+ isc_time_formathttptimestamp, isc_time_formatISO8601,
+ isc_time_formatISO8601ms. [RT #46892]
+
+4851. [port] Support using kyua as well as atf-run to run the unit
+ tests. [RT #46853]
+
+4850. [bug] Named failed to restart with multiple added zones in
+ lmdb database. [RT #46889]
+
+4849. [bug] Duplicate zones could appear in the .nzf file if
+ addzone failed. [RT #46435]
+
+4848. [func] Zone types "primary" and "secondary" can now be used
+ as synonyms for "master" and "slave" in named.conf.
+ [RT #46713]
+
+4847. [bug] dnssec-dnskey-kskonly was not being honored for
+ CDS and CDNSKEY. [RT #46755]
+
+4846. [test] Adjust timing values in runtime system test. Address
+ named.pid removal races in runtime system test.
+ [RT #46800]
+
+4845. [bug] Dig (non iOS) should exit on malformed names.
+ [RT #46806]
+
+4844. [test] Address memory leaks in libatf-c. [RT #46798]
+
+4843. [bug] dnssec-signzone free hashlist on exit. [RT #46791]
+
+4842. [bug] Conditionally compile opensslecdsa_link.c to avoid
+ warnings about unused function. [RT #46790]
+
+ --- 9.12.0rc1 released ---
+
+4841. [bug] Address -fsanitize=undefined warnings. [RT #46786]
+
+4840. [test] Add tests to cover fallback to using ZSK on inactive
+ KSK. [RT #46787]
+
+4839. [bug] zone.c:zone_sign was not properly determining
+ if there were active KSK and ZSK keys for
+ a algorithm when update-check-ksk is true
+ (default) leaving records unsigned with one or
+ more DNSKEY algorithms. [RT #46774]
+
+4838. [bug] zone.c:add_sigs was not properly determining
+ if there were active KSK and ZSK keys for
+ a algorithm when update-check-ksk is true
+ (default) leaving records unsigned with one or
+ more DNSKEY algorithms. [RT #46754]
+
+4837. [bug] dns_update_signatures{inc} (add_sigs) was not
+ properly determining if there were active KSK and
+ ZSK keys for a algorithm when update-check-ksk is
+ true (default) leaving records unsigned when there
+ were multiple DNSKEY algorithms for the zone.
+ [RT #46743]
+
+4836. [bug] Zones created using "rndc addzone" could
+ temporarily fail to inherit an "allow-transfer"
+ ACL that had been configured in the options
+ statement. [RT #46603]
+
+4835. [cleanup] Clean up and refactor LMDB-related code. [RT #46718]
+
+4834. [port] Fix LMDB support on OpenBSD. [RT #46718]
+
+4833. [bug] isc_event_free should check that the event is not
+ linked when called. [RT #46725]
+
+4832. [bug] Events were not being removed from zone->rss_events.
+ [RT #46725]
+
+4831. [bug] Convert the RRSIG expirytime to 64 bits for
+ comparisons in diff.c:resign. [RT #46710]
+
+4830. [bug] Failure to configure ATF when requested did not cause
+ an error in top-level configure script. [RT #46655]
+
+4829. [bug] isc_heap_delete did not zero the index value when
+ the heap was created with a callback to do that.
+ [RT #46709]
+
+4828. [bug] Do not use thread-local storage for storing LMDB reader
+ locktable slots. [RT #46556]
+
+4827. [misc] Add a precommit check script util/checklibs.sh
+ [RT #46215]
+
+4826. [cleanup] Prevent potential build failures in bin/confgen/ and
+ bin/named/ when using parallel make. [RT #46648]
+
+4825. [bug] Prevent a bogus "error during managed-keys processing
+ (no more)" warning from being logged. [RT #46645]
+
+4824. [port] Add iOS hooks to dig. [RT #42011]
+
+4823. [test] Refactor reclimit system test to improve its
+ reliability and speed. [RT #46632]
+
+4822. [bug] Use resign_sooner in dns_db_setsigningtime. [RT #46473]
+
+4821. [bug] When resigning ensure that the SOA's expire time is
+ always later that the resigning time of other records.
+ [RT #46473]
+
+4820. [bug] dns_db_subtractrdataset should transfer the resigning
+ information to the new header. [RT #46473]
+
+4819. [bug] Fully backout the transaction when adding a RRset
+ to the resigning / removal heaps fails. [RT #46473]
+
+4818. [test] The logfileconfig system test could intermittently
+ report false negatives on some platforms. [RT #46615]
+
+4817. [cleanup] Use DNS_NAME_INITABSOLUTE and DNS_NAME_INITNONABSOLUTE.
+ [RT #45433]
+
+4816. [bug] Don't use a common array for storing EDNS options
+ in DiG as it could fill up. [RT #45611]
+
+4815. [bug] rbt_test.c:insert_and_delete needed to call
+ dns_rbt_addnode instead of dns_rbt_addname. [RT #46553]
+
+4814. [cleanup] Use AS_HELP_STRING for consistent help text. [RT #46521]
+
+4813. [bug] Address potential read after free errors from
+ query_synthnodata, query_synthwildcard and
+ query_synthnxdomain. [RT #46547]
+
+4812. [bug] Minor improvements to stability and consistency of code
+ handling managed keys. [RT #46468]
+
+4811. [bug] Revert api changes to use <isc/buffer.h> inline
+ macros. Provide a alternative mechanism to turn
+ on the use of inline macros when building BIND.
+ [RT #46520]
+
+4810. [test] The chain system test failed if the IPv6 interfaces
+ were not configured. [RT #46508]
+
+ --- 9.12.0b2 released ---
+
+4809. [port] Check at configure time whether -latomic is needed
+ for stdatomic.h. [RT #46324]
+
+4808. [bug] Properly test for zlib.h. [RT #46504]
+
+4807. [cleanup] isc_rng_randombytes() returns a specified number of
+ bytes from the PRNG; this is now used instead of
+ calling isc_rng_random() multiple times. [RT #46230]
+
+4806. [func] Log messages related to loading of zones are now
+ directed to the "zoneload" logging category.
+ [RT #41640]
+
+4805. [bug] TCP4Active and TCP6Active weren't being updated
+ correctly. [RT #46454]
+
+4804. [port] win32: access() does not work on directories as
+ required by POSIX. Supply a alternative in
+ isc_file_isdirwritable. [RT #46394]
+
+4803. [placeholder]
+
+4802. [test] Refactor mkeys system test to make it quicker and more
+ reliable. [RT #45293]
+
+4801. [func] 'dnssec-lookaside auto;' and 'dnssec-lookaside .
+ trust-anchor dlv.isc.org;' now elicit warnings rather
+ than being fatal configuration errors. [RT #46410]
+
+4800. [bug] When processing delzone, write one zone config per
+ line to the NZF. [RT #46323]
+
+4799. [cleanup] Improve clarity of keytable unit tests. [RT #46407]
+
+4798. [func] Keys specified in "managed-keys" statements
+ are tagged as "initializing" until they have been
+ updated by a key refresh query. If initialization
+ fails it will be visible from "rndc secroots".
+ [RT #46267]
+
+4797. [func] Removed "isc-hmac-fixup", as the versions of BIND that
+ had the bug it worked around are long past end of
+ life. [RT #46411]
+
+4796. [bug] Increase the maximum configurable TCP keepalive
+ timeout to 65535. [RT #44710]
+
+4795. [func] A new statistics counter has been added to track
+ priming queries. [RT #46313]
+
+4794. [func] "dnssec-checkds -s" specifies a file from which
+ to read a DS set rather than querying the parent.
+ [RT #44667]
+
+4793. [bug] nsupdate -[46] could overflow the array of server
+ addresses. [RT #46402]
+
+4792. [bug] Fix map file header correctness check. [RT #38418]
+
+4791. [doc] Fixed outdated documentation about export libraries.
+ [RT #46341]
+
+4790. [bug] nsupdate could trigger a require when sending a
+ update to the second address of the server.
+ [RT #45731]
+
+4789. [cleanup] Check writability of new-zones-directory. [RT #46308]
+
+4788. [cleanup] When using "update-policy local", log a warning
+ when an update matching the session key is received
+ from a remote host. [RT #46213]
+
+4787. [cleanup] Turn nsec3param_salt_totext() into a public function,
+ dns_nsec3param_salttotext(), and add unit tests for it.
+ [RT #46289]
+
+4786. [func] The "filter-aaaa-on-v4" and "filter-aaaa-on-v6"
+ options are no longer conditionally compiled.
+ [RT #46340]
+
+4785. [func] The hmac-md5 algorithm is no longer recommended for
+ use with RNDC keys. The default in rndc-confgen
+ is now hmac-sha256. [RT #42272]
+
+4784. [func] The use of dnssec-keygen to generate HMAC keys is
+ deprecated in favor of tsig-keygen. dnssec-keygen
+ will print a warning when used for this purpose.
+ All HMAC algorithms will be removed from
+ dnssec-keygen in a future release. [RT #42272]
+
+4783. [test] dnssec: 'check that NOTIFY is sent at the end of
+ NSEC3 chain generation failed' required more time
+ on some machines for the IXFR to complete. [RT #46388]
+
+4782. [test] dnssec: 'checking positive and negative validation
+ with negative trust anchors' required more time to
+ complete on some machines. [RT #46386]
+
+4781. [maint] B.ROOT-SERVERS.NET is now 199.9.14.201. [RT #45889]
+
+4780. [bug] When answering ANY queries, don't include the NS
+ RRset in the authority section if it was already
+ in the answer section. [RT #44543]
+
+4779. [bug] Expire NTA at the start of the second. Don't update
+ the expiry value if the record has already expired
+ after a successful check. [RT #46368]
+
+4778. [test] Improve synth-from-dnssec testing. [RT #46352]
+
+4777. [cleanup] Removed a redundant call to configure_view_acl().
+ [RT #46369]
+
+4776. [bug] Improve portability of ht_test. [RT #46333]
+
+4775. [bug] Address Coverity warnings in ht_test.c and mem_test.c
+ [RT #46281]
+
+4774. [bug] <isc/util.h> was incorrectly included in several
+ header files. [RT #46311]
+
+4773. [doc] Fixed generating Doxygen documentation for functions
+ annotated using certain macros. Miscellaneous
+ Doxygen-related cleanups. [RT #46276]
+
+ --- 9.12.0b1 released ---
+
+4772. [test] Expanded unit testing framework for libns, using
+ hooks to interrupt query flow and inspect state
+ at specified locations. [RT #46173]
+
+4771. [bug] When sending RFC 5011 refresh queries, disregard
+ cached DNSKEY rrsets. [RT #46251]
+
+4770. [bug] Cache additional data from priming queries as glue.
+ Previously they were ignored as unsigned
+ non-answer data from a secure zone, and never
+ actually got added to the cache, causing hints
+ to be used frequently for root-server
+ addresses, which triggered re-priming. [RT #45241]
+
+4769. [func] The working directory and managed-keys directory has
+ to be writeable (and seekable). [RT #46077]
+
+4768. [func] By default, memory is no longer filled with tag values
+ when it is allocated or freed; this improves
+ performance but makes debugging of certain memory
+ issues more difficult. "named -M fill" turns memory
+ filling back on. (Building "configure
+ --enable-developer", turns memory fill on by
+ default again; it can then be disabled with
+ "named -M nofill".) [RT #45123]
+
+4767. [func] Add a new function, isc_buffer_printf(), which can be
+ used to append a formatted string to the used region of
+ a buffer. [RT #46201]
+
+4766. [cleanup] Address Coverity warnings. [RT #46150]
+
+4765. [bug] Address potential INSIST in dnssec-cds. [RT #46150]
+
+4764. [bug] Address portability issues in cds system test.
+ [RT #46214]
+
+4763. [contrib] Improve compatibility when building MySQL DLZ
+ module by using mysql_config if available.
+ [RT #45558]
+
+4762. [func] "update-policy local" is now restricted to updates
+ from local addresses. (Previously, other addresses
+ were allowed so long as updates were signed by the
+ local session key.) [RT #45492]
+
+4761. [protocol] Add support for DOA. [RT #45612]
+
+4760. [func] Add glue cache statistics counters. [RT #46028]
+
+4759. [func] Add logging channel "trust-anchor-telemetry" to
+ record trust-anchor-telemetry in incoming requests.
+ Both _ta-XXXX.<anchor>/NULL and EDNS KEY-TAG options
+ are logged. [RT #46124]
+
+4758. [doc] Remove documentation of unimplemented "topology".
+ [RT #46161]
+
+4757. [func] New "dnssec-cds" command creates a new parent DS
+ RRset based on CDS or CDNSKEY RRsets found in
+ a child zone, and generates either a dsset file
+ or stream of nsupdate commands to update the
+ parent. Thanks to Tony Finch. [RT #46090]
+
+4756. [bug] Interrupting dig could lead to an INSIST failure after
+ certain errors were encountered while querying a host
+ whose name resolved to more than one address. Change
+ 4537 increased the odds of triggering this issue by
+ causing dig to hang indefinitely when certain error
+ paths were evaluated. dig now also retries TCP queries
+ (once) if the server gracefully closes the connection
+ before sending a response. [RT #42832, #45159]
+
+4755. [cleanup] Silence unnecessary log message when NZF file doesn't
+ exist. [RT #46186]
+
+4754. [bug] dns_zone_setview needs a two stage commit to properly
+ handle errors. [RT #45841]
+
+4753. [contrib] Software obtainable from known upstream locations
+ (i.e., zkt, nslint, query-loc) has been removed.
+ Links to these and other packages can be found at
+ https://www.isc.org/community/tools [RT #46182]
+
+4752. [test] Add unit test for isc_net_pton. [RT #46171]
+
+4751. [func] "dnssec-signzone -S" can now automatically add parent
+ synchronization records (CDS and CDNSKEY) according
+ to key metadata set using the -Psync and -Dsync
+ options to dnssec-keygen and dnssec-settime.
+ [RT #46149]
+
+4750. [func] "rndc managed-keys destroy" shuts down RFC 5011 key
+ maintenance and deletes the managed-keys database.
+ If followed by "rndc reconfig" or a server restart,
+ key maintenance is reinitialized from scratch.
+ This is primarily intended for testing. [RT #32456]
+
+4749. [func] The ISC DLV service has been shut down, and all
+ DLV records have been removed from dlv.isc.org.
+ - Removed references to ISC DLV in documentation
+ - Removed DLV key from bind.keys
+ - No longer use ISC DLV by default in delv
+ - "dnssec-lookaside auto" and configuration of
+ "dnssec-lookaide" with dlv.isc.org as the trust
+ anchor are both now fatal errors.
+ [RT #46155]
+
+4748. [cleanup] Sprintf to snprintf coversions. [RT #46132]
+
+4747. [func] Synthesis of responses from DNSSEC-verified records.
+ Stage 3 - synthesize NODATA responses. [RT #40138]
+
+4746. [cleanup] Add configured prefixes to configure summary
+ output. [RT #46153]
+
+4745. [test] Add color-coded pass/fail messages to system
+ tests when running on terminals that support them.
+ [RT #45977]
+
+4744. [bug] Suppress trust-anchor-telemetry queries if
+ validation is disabled. [RT #46131]
+
+4743. [func] Exclude trust-anchor-telemetry queries from
+ synth-from-dnssec processing. [RT #46123]
+
+4742. [func] Synthesis of responses from DNSSEC-verified records.
+ Stage 2 - synthesis of records from wildcard data.
+ If the dns64 or filter-aaaa* is configured then the
+ involved lookups are currently excluded. [RT #40138]
+
+4741. [bug] Make isc_refcount_current() atomically read the
+ counter value. [RT #46074]
+
+4740. [cleanup] Avoid triggering format-truncated warnings. [RT #46107]
+
+4739. [cleanup] Address clang static analysis warnings. [RT #45952]
+
+4738. [port] win32: strftime mishandles %Z. [RT #46039]
+
+4737. [cleanup] Address Coverity warnings. [RT #46012]
+
+4736. [cleanup] (a) Added comments to NSEC3-related functions in
+ lib/dns/zone.c. (b) Refactored NSEC3 salt formatting
+ code. (c) Minor tweaks to lock and result handling.
+ [RT #46053]
+
+4735. [bug] Add @ISC_OPENSSL_LIBS@ to isc-config. [RT #46078]
+
+4734. [contrib] Added sample configuration for DNS-over-TLS in
+ contrib/dnspriv.
+
+4733. [bug] Change #4706 introduced a bug causing TCP clients
+ not be reused correctly, leading to unconstrained
+ memory growth. [RT #46029]
+
+4732. [func] Change default minimal-responses setting to
+ no-auth-recursive. [RT #46016]
+
+4731. [bug] Fix use after free when closing an LMDB. [RT #46000]
+
+4730. [bug] Fix out of bounds access in DHCID totext() method.
+ [RT #46001]
+
+4729. [bug] Don't use memset() to wipe memory, as it may be
+ removed by compiler optimizations when the
+ memset() occurs on automatic stack allocation
+ just before function return. [RT #45947]
+
+4728. [func] Use C11's stdatomic.h instead of isc_atomic
+ where available. [RT #40668]
+
+4727. [bug] Retransferring an inline-signed slave using NSEC3
+ around the time its NSEC3 salt was changed could result
+ in an infinite signing loop. [RT #45080]
+
+4726. [port] Prevent setsockopt() errors related to TCP_FASTOPEN
+ from being logged on FreeBSD if the kernel does not
+ support it. Notify the user when the kernel does
+ support TCP_FASTOPEN, but it is disabled by sysctl.
+ Add a new configure option, --disable-tcp-fastopen, to
+ disable use of TCP_FASTOPEN altogether. [RT #44754]
+
+4725. [bug] Nsupdate: "recvsoa" was incorrectly reported for
+ failures in sending the update message. The correct
+ location to be reported is "update_completed".
+ [RT #46014]
+
+4724. [func] By default, BIND now uses the random number
+ functions provided by the crypto library (i.e.,
+ OpenSSL or a PKCS#11 provider) as a source of
+ randomness rather than /dev/random. This is
+ suitable for virtual machine environments
+ which have limited entropy pools and lack
+ hardware random number generators.
+
+ This can be overridden by specifying another
+ entropy source via the "random-device" option
+ in named.conf, or via the -r command line option;
+ however, for functions requiring full cryptographic
+ strength, such as DNSSEC key generation, this
+ cannot be overridden. In particular, the -r
+ command line option no longer has any effect on
+ dnssec-keygen.
+
+ This can be disabled by building with
+ "configure --disable-crypto-rand".
+ [RT #31459] [RT #46047]
+
+4723. [bug] Statistics counter DNSTAPdropped was misidentified
+ as DNSSECdropped. [RT #46002]
+
+4722. [cleanup] Clean up uses of strcpy() and strcat() in favor of
+ strlcpy() and strlcat() for safety. [RT #45981]
+
+4721. [func] 'dnssec-signzone -x' and 'dnssec-dnskey-kskonly'
+ options now apply to CDNSKEY and DS records as well
+ as DNSKEY. Thanks to Tony Finch. [RT #45689]
+
+4720. [func] Added a statistics counter to track prefetch
+ queries. [RT #45847]
+
+4719. [bug] Address PVS static analyzer warnings. [RT #45946]
+
+4718. [func] Avoid searching for a owner name compression pointer
+ more than once when writing out a RRset. [RT #45802]
+
+4717. [bug] Treat replies with QCOUNT=0 as truncated if TC=1,
+ FORMERR if TC=0, and log the error correctly.
+ [RT #45836]
+
+4716. [placeholder]
+
+ --- 9.12.0a1 released ---
+
+4715. [bug] TreeMemMax was mis-identified as a second HeapMemMax
+ in the Json cache statistics. [RT #45980]
+
+4714. [port] openbsd/libressl: add support for building with
+ --enable-openssl-hash. [RT #45982]
+
+4713. [func] Added support for the DNS Response Policy Service
+ (DNSRPS) API, which allows named to use an external
+ response policy daemon when built with
+ "configure --enable-dnsrps". Thanks to Farsight
+ Security. [RT #43376]
+
+4712. [bug] "dig +domain" and "dig +search" didn't retain the
+ search domain when retrying with TCP. [RT #45547]
+
+4711. [test] Some RR types were missing from genzones.sh.
+ [RT #45782]
+
+4710. [cleanup] Changed the --enable-openssl-hash default to yes.
+ [RT #45019]
+
+4709. [cleanup] Use dns_name_fullhash() to hash names for RRL.
+ [RT #45435]
+
+4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier)
+ are no longer supported. [RT #45186]
+
+4707. [func] The lightweight resolver daemon and library (lwresd
+ and liblwres) have been removed. [RT #45186]
+
+4706. [func] Code implementing name server query processing has
+ been moved from bin/named to a new library "libns".
+ Functions remaining in bin/named are now prefixed
+ with "named_" rather than "ns_". This will make it
+ easier to write unit tests for name server code, or
+ link name server functionality into new tools.
+ [RT #45186]
+
+4705. [placeholder]
+
+4704. [cleanup] Silence Visual Studio compiler warnings. [RT #45898]
+
+4703. [bug] BINDInstall.exe was missing some buffer length checks.
+ [RT #45898]
+
+4702. [func] Update function declarations to use
+ dns_masterstyle_flags_t for style flags. [RT #45924]
+
+4701. [cleanup] Refactored lib/dns/tsig.c to reduce code
+ duplication and simplify the disabling of MD5.
+ [RT #45490]
+
+4700. [func] Serving of stale answers is now supported. This
+ allows named to provide stale cached answers when
+ the authoritative server is under attack.
+ See max-stale-ttl, stale-answer-enable,
+ stale-answer-ttl. [RT #44790]
+
+4699. [func] Multiple cookie-secret clauses can now be specified.
+ The first one specified is used to generate new
+ server cookies. [RT #45672]
+
+4698. [port] Add --with-python-install-dir configure option to allow
+ specifying a nonstandard installation directory for
+ Python modules. [RT #45407]
+
+4697. [bug] Restore workaround for Microsoft Windows TSIG hash
+ computation bug. [RT #45854]
+
+4696. [port] Enable filter-aaaa support by default on Windows
+ builds. [RT #45883]
+
+4695. [bug] cookie-secrets were not being properly checked by
+ named-checkconf. [RT #45886]
+
+4694. [func] dnssec-keygen no longer uses RSASHA1 by default;
+ the signing algorithm must be specified on
+ the command line with the "-a" option. Signing
+ scripts that rely on the existing default behavior
+ will break; use "dnssec-keygen -a RSASHA1" to
+ repair them. (The goal of this change is to make
+ it easier to find scripts using RSASHA1 so they
+ can be changed in the event of that algorithm
+ being deprecated in the future.) [RT #44755]
+
+4693. [func] Synthesis of responses from DNSSEC-verified records.
+ Stage 1 covers NXDOMAIN synthesis from NSEC records.
+ This is controlled by synth-from-dnssec and is enabled
+ by default. [RT #40138]
+
+4692. [bug] Fix build failures with libressl introduced in 4676.
+ [RT #45879]
+
+4691. [func] Add -4/-6 command line options to nsupdate and rndc.
+ [RT #45632]
+
+4690. [bug] Command line options -4/-6 were handled inconsistently
+ between tools. [RT #45632]
+
+4689. [cleanup] Turn on minimal responses for CDNSKEY and CDS in
+ addition to DNSKEY and DS. Thanks to Tony Finch.
+ [RT #45690]
+
+4688. [protocol] Check and display EDNS KEY TAG options (RFC 8145) in
+ messages. [RT #44804]
+
+4687. [func] Refactor tracklines code. [RT #45126]
+
+4686. [bug] dnssec-settime -p could print a bogus warning about
+ key deletion scheduled before its inactivation when a
+ key had an inactivation date set but no deletion date
+ set. [RT #45807]
+
+4685. [bug] dnssec-settime incorrectly calculated publication and
+ activation dates for a successor key. [RT #45806]
+
+4684. [bug] delv could send bogus DNS queries when an explicit
+ server address was specified on the command line along
+ with -4/-6. [RT #45804]
+
+4683. [bug] Prevent nsupdate from immediately exiting on invalid
+ user input in interactive mode. [RT #28194]
+
+4682. [bug] Don't report errors on records below a DNAME.
+ [RT #44880]
+
+4681. [bug] Log messages from the validator now include the
+ associated view unless the view is "_default/IN"
+ or "_dnsclient/IN". [RT #45770]
+
+4680. [bug] Fix failing over to another master server address when
+ nsupdate is used with GSS-API. [RT #45380]
+
+4679. [cleanup] Suggest using -o when dnssec-verify finds a SOA record
+ not at top of zone and -o is not used. [RT #45519]
+
+4678. [bug] geoip-use-ecs has the wrong type when geoip support
+ is disabled at configure time. [RT #45763]
+
+4677. [cleanup] Split up the main function in dig to better support
+ the iOS app version. [RT #45508]
+
+4676. [cleanup] Allow BIND to be built using OpenSSL 1.0.X with
+ deprecated functions removed. [RT #45706]
+
+4675. [cleanup] Don't use C++ keyword class. [RT #45726]
+
+4674. [func] "dig +sigchase", and related options "+topdown" and
+ "+trusted-keys", have been removed. Use "delv" for
+ queries with DNSSEC validation. [RT #42793]
+
+4673. [port] Silence GCC 7 warnings. [RT #45592]
+
+4672. [placeholder]
+
+4671. [bug] Fix a race condition that could cause the
+ resolver to crash with assertion failure when
+ chasing DS in specific conditions with a very
+ short RTT to the upstream nameserver. [RT #45168]
+
+4670. [cleanup] Ensure that a request MAC is never sent back
+ in an XFR response unless the signature was
+ verified. [RT #45494]
+
+4669. [func] Iterative query logic in resolver.c has been
+ refactored into smaller functions and commented,
+ for improved readability, maintainability and
+ testability. [RT #45362]
+
+4668. [bug] Use localtime_r and gmtime_r for thread safety.
+ [RT #45664]
+
+4667. [cleanup] Refactor RDATA unit tests. [RT #45610]
+
+4666. [bug] dnssec-keymgr: Domain names beginning with digits (0-9)
+ could cause a parser error when reading the policy
+ file. This now works correctly so long as the domain
+ name is quoted. [RT #45641]
+
+4665. [protocol] Added support for ED25519 and ED448 DNSSEC signing
+ algorithms (RFC 8080). (Note: these algorithms
+ depend on code currently in the development branch
+ of OpenSSL which has not yet been released.)
+ [RT #44696]
+
+4664. [func] Add a "glue-cache" option to enable or disable the
+ glue cache. The default is "yes". [RT #45125]
+
+4663. [cleanup] Clarify error message printed by dnssec-dsfromkey.
+ [RT #21731]
+
+4662. [performance] Improve cache memory cleanup of zero TTL records
+ by putting them at the tail of LRU header lists.
+ [RT #45274]
+
+4661. [bug] A race condition could occur if a zone was reloaded
+ while resigning, triggering a crash in
+ rbtdb.c:closeversion(). [RT #45276]
+
+4660. [bug] Remove spurious "peer" from Windows socket log
+ messages. [RT #45617]
+
+4659. [bug] Remove spurious log message about lmdb-mapsize
+ not being supported when parsing builtin
+ configuration file. [RT #45618]
+
+4658. [bug] Clean up build directory created by "setup.py install"
+ immediately. [RT #45628]
+
+4657. [bug] rrchecker system test result could be improperly
+ determined. [RT #45602]
+
+4656. [bug] Apply "port" and "dscp" values specified in catalog
+ zone's "default-masters" option to the generated
+ configuration of its member zones. [RT #45545]
+
+4655. [bug] Lack of seccomp could be falsely reported. [RT #45599]
+
+4654. [cleanup] Don't use C++ keywords delete, new and namespace.
+ [RT #45538]
+
+4653. [bug] Reorder includes to move @DST_OPENSSL_INC@ and
+ @ISC_OPENSSL_INC@ after shipped include directories.
+ [RT #45581]
+
+4652. [bug] Nsupdate could attempt to use a zeroed address on
+ server timeout. [RT #45417]
+
+4651. [test] Silence coverity warnings in tsig_test.c. [RT #45528]
+
+4650. [placeholder]
+
+4649. [bug] The wrong zone was logged when a catalog zone is added.
+ [RT #45520]
+
+4648. [bug] "rndc reconfig" on a slave no longer causes all member
+ zones of configured catalog zones to be removed from
+ configuration. [RT #45310]
+
+4647. [bug] Change 4643 broke verification of TSIG signed TCP
+ message sequences where not all the messages contain
+ TSIG records. These may be used in AXFR and IXFR
+ responses. [RT #45509]
+
+4646. [placeholder]
+
+4645. [bug] Fix PKCS#11 RSA parsing when MD5 is disabled.
+ [RT #45300]
+
+4644. [placeholder]
+
+4643. [security] An error in TSIG handling could permit unauthorized
+ zone transfers or zone updates. (CVE-2017-3142)
+ (CVE-2017-3143) [RT #45383]
+
+4642. [cleanup] Add more logging of RFC 5011 events affecting the
+ status of managed keys: newly observed keys,
+ deletion of revoked keys, etc. [RT #45354]
+
+4641. [cleanup] Parallel builds (make -j) could fail with --with-atf /
+ --enable-developer. [RT #45373]
+
+4640. [bug] If query_findversion failed in query_getdb due to
+ memory failure the error status was incorrectly
+ discarded. [RT #45331]
+
+4639. [bug] Fix a regression in --with-tuning reporting introduced
+ by change 4488. [RT #45396]
+
+4638. [bug] Reloading or reconfiguring named could fail on
+ some platforms when LMDB was in use. [RT #45203]
+
+4637. [func] "nsec3hash -r" option ("rdata order") takes arguments
+ in the same order as they appear in NSEC3 or
+ NSEC3PARAM records, so that NSEC3 parameters can
+ be cut and pasted from an existing record. Thanks
+ to Tony Finch for the contribution. [RT #45183]
+
+4636. [bug] Normalize rpz policy zone names when checking for
+ existence. [RT #45358]
+
+4635. [bug] Fix RPZ NSDNAME logging that was logging
+ failures as NSIP. [RT #45052]
+
+4634. [contrib] check5011.pl needs to handle optional space before
+ semi-colon in +multi-line output. [RT #45352]
+
+4633. [maint] Updated AAAA (2001:500:200::b) for B.ROOT-SERVERS.NET.
+
+4632. [security] The BIND installer on Windows used an unquoted
+ service path, which can enable privilege escalation.
+ (CVE-2017-3141) [RT #45229]
+
+4631. [security] Some RPZ configurations could go into an infinite
+ query loop when encountering responses with TTL=0.
+ (CVE-2017-3140) [RT #45181]
+
+4630. [bug] "dyndb" is dependent on dlopen existing / being
+ enabled. [RT #45291]
+
+4629. [bug] dns_client_startupdate could not be called with a
+ running client. [RT #45277]
+
+4628. [bug] Fixed a potential reference leak in query_getdb().
+ [RT #45247]
+
+4627. [placeholder]
+
+4626. [test] Added more tests for handling of different record
+ ordering in CNAME and DNAME responses. [QA #430]
+
+4625. [bug] Running "rndc addzone" and "rndc delzone" at close
+ to the same time could trigger a deadlock if using
+ LMDB. [RT #45209]
+
+4624. [placeholder]
+
+4623. [bug] Use --with-protobuf-c and --with-libfstrm to find
+ protoc-c and fstrm_capture. [RT #45187]
+
+4622. [bug] Remove unnecessary escaping of semicolon in CAA and
+ URI records. [RT #45216]
+
+4621. [port] Force alignment of oid arrays to silence loader
+ warnings. [RT #45131]
+
+4620. [port] Handle EPFNOSUPPORT being returned when probing
+ to see if a socket type is supported. [RT #45214]
+
+4619. [bug] Call isc_mem_put instead of isc_mem_free in
+ bin/named/server.c:setup_newzones. [RT #45202]
+
+4618. [bug] Check isc_mem_strdup results in dns_view_setnewzones.
+ Add logging for lmdb call failures. [RT #45204]
+
+4617. [test] Update rndc system test to be more delay tolerant.
+ [RT #45177]
+
+4616. [bug] When using LMDB, zones deleted using "rndc delzone"
+ were not correctly removed from the new-zone
+ database. [RT #45185]
+
+4615. [bug] AD could be set on truncated answer with no records
+ present in the answer and authority sections.
+ [RT #45140]
+
+4614. [test] Fixed an error in the sockaddr unit test. [RT #45146]
+
+4613. [func] By default, the maximum size of a zone journal file
+ is now twice the size of the zone's contents (there
+ is little benefit to a journal larger than this).
+ This can be overridden by setting "max-journal-size"
+ to "unlimited" or to an explicit value up to 2G.
+ Thanks to Tony Finch. [RT #38324]
+
+4612. [bug] Silence 'may be use uninitalised' warning and simplify
+ the code in lwres/getaddinfo:process_answer.
+ [RT #45158]
+
+4611. [bug] The default LMDB mapsize was too low and caused
+ errors after few thousand zones were added using
+ rndc addzone. A new config option "lmdb-mapsize"
+ has been introduced to configure the LMDB
+ mapsize depending on operational needs.
+ [RT #44954]
+
+4610. [func] The "new-zones-directory" option specifies the
+ location of NZF or NZD files for storing
+ configuration of zones added by "rndc addzone".
+ Thanks to Petr Menšík. [RT #44853]
+
+4609. [cleanup] Rearrange makefiles to enable parallel execution
+ (i.e. "make -j"). [RT #45078]
+
+4608. [func] DiG now warns about .local queries which are reserved
+ for Multicast DNS. [RT #44783]
+
+4607. [bug] The memory context's malloced and maxmalloced counters
+ were being updated without the appropriate lock being
+ held. [RT #44869]
+
+4606. [port] Stop using experimental "Experimental keys on scalar"
+ feature of perl as it has been removed. [RT #45012]
+
+4605. [performance] Improve performance for delegation heavy answers
+ and also general query performance. Removes the
+ acache feature that didn't significantly improve
+ performance. Adds a glue cache. Removes
+ additional-from-cache and additional-from-auth
+ features. Enables minimal-responses by
+ default. Improves performance of compression
+ code, owner case restoration, hash function,
+ etc. Uses inline buffer implementation by
+ default. Many other performance changes and fixes.
+ [RT #44029]
+
+4604. [bug] Don't use ERR_load_crypto_strings() when building
+ with OpenSSL 1.1.0. [RT #45117]
+
+4603. [doc] Automatically generate named.conf(5) man page
+ from doc/misc/options. Thanks to Tony Finch.
+ [RT #43525]
+
+4602. [func] Threads are now set to human-readable
+ names to assist debugging, when supported by
+ the OS. [RT #43234]
+
+4601. [bug] Reject incorrect RSA key lengths during key
+ generation and and sign/verify context
+ creation. [RT #45043]
+
+4600. [bug] Adjust RPZ trigger counts only when the entry
+ being deleted exists. [RT #43386]
+
+4599. [bug] Fix inconsistencies in inline signing time
+ comparison that were introduced with the
+ introduction of rdatasetheader->resign_lsb.
+ [RT #42112]
+
+4598. [func] Update fuzzing code to (1) reply to a DNSKEY
+ query from named with appropriate DNSKEY used in
+ fuzzing; (2) patch the QTYPE correctly in
+ resolver fuzzing; (3) comment things so the rest
+ of us are able to understand how fuzzing is
+ implemented in named; (4) Coding style changes,
+ cleanup, etc. [RT #44787]
+
+4597. [bug] The validator now ignores SHA-1 DS digest type
+ when a DS record with SHA-384 digest type is
+ present and is a supported digest type.
+ [RT #45017]
+
+4596. [bug] Validate glue before adding it to the additional
+ section. This also fixes incorrect TTL capping
+ when the RRSIG expired earlier than the TTL.
+ [RT #45062]
+
+4595. [func] dnssec-keygen will no longer generate RSA keys
+ less than 1024 bits in length. dnssec-keymgr
+ was similarly updated. [RT #36895]
+
+4594. [func] "dnstap-read -x" prints a hex dump of the wire
+ format of each logged DNS message. [RT #44816]
+
+4593. [doc] Update README using markdown, remove outdated FAQ
+ file in favor of the knowledge base.
+
+4592. [bug] A race condition on shutdown could trigger an
+ assertion failure in dispatch.c. [RT #43822]
+
+4591. [port] Addressed some python 3 compatibility issues.
+ Thanks to Ville Skytta. [RT #44955] [RT #44956]
+
+4590. [bug] Support for PTHREAD_MUTEX_ADAPTIVE_NP was not being
+ properly detected. [RT #44871]
+
+4589. [cleanup] "configure -q" is now silent. [RT #44829]
+
+4588. [bug] nsupdate could send queries for TKEY to the wrong
+ server when using GSSAPI. Thanks to Tomas Hozza.
+ [RT #39893]
+
+4587. [bug] named-checkzone failed to handle occulted data below
+ DNAMEs correctly. [RT #44877]
+
+4586. [func] dig, host and nslookup now use TCP for ANY queries.
+ [RT #44687]
+
+4585. [port] win32: Set CompileAS value. [RT #42474]
+
+4584. [bug] A number of memory usage statistics were not properly
+ reported when they exceeded 4G. [RT #44750]
+
+4583. [func] "host -A" returns most records for a name but
+ omits RRSIG, NSEC and NSEC3. (Thanks to Tony Finch.)
+ [RT #43032]
+
+4582. [security] 'rndc ""' could trigger a assertion failure in named.
+ (CVE-2017-3138) [RT #44924]
+
+4581. [port] Linux: Add getpid and getrandom to the list of system
+ calls named uses for seccomp. [RT #44883]
+
+4580. [bug] 4578 introduced a regression when handling CNAME to
+ referral below the current domain. [RT #44850]
+
+4579. [func] Logging channels and dnstap output files can now
+ be configured with a "suffix" option, set to
+ either "increment" or "timestamp", indicating
+ whether to use incrementing numbers or timestamps
+ as the file suffix when rolling over a log file.
+ [RT #42838]
+
+4578. [security] Some chaining (CNAME or DNAME) responses to upstream
+ queries could trigger assertion failures.
+ (CVE-2017-3137) [RT #44734]
+
+4577. [func] Make qtype of resolver fuzzing packet configurable
+ via command line. [RT #43540]
+
+4576. [func] The RPZ implementation has been substantially
+ refactored for improved performance and reliability.
+ [RT #43449]
+
+4575. [security] DNS64 with "break-dnssec yes;" can result in an
+ assertion failure. (CVE-2017-3136) [RT #44653]
+
+4574. [bug] Dig leaked memory with multiple +subnet options.
+ [RT #44683]
+
+4573. [func] Query logic has been substantially refactored (e.g.
+ query_find function has been split into smaller
+ functions) for improved readability, maintainability
+ and testability. [RT #43929]
+
+4572. [func] The "dnstap-output" option can now take "size" and
+ "versions" parameters to indicate the maximum size
+ a dnstap log file can grow before rolling to a new
+ file, and how many old files to retain. [RT #44502]
+
+4571. [bug] Out-of-tree builds of backtrace_test failed.
+
+4570. [cleanup] named did not correctly fall back to the built-in
+ initializing keys if the bind.keys file was present
+ but empty. [RT #44531]
+
+4569. [func] Store both local and remote addresses in dnstap
+ logging, and modify dnstap-read output format to
+ print them. [RT #43595]
+
+4568. [contrib] Added a --with-bind option to the dnsperf configure
+ script to specify BIND prefix path.
+
+4567. [port] Call getprotobyname and getservbyname prior to calling
+ chroot so that shared libraries get loaded. [RT #44537]
+
+4566. [func] Query logging now includes the ECS option if one
+ was included in the query. [RT #44476]
+
+4565. [cleanup] The inline macro versions of isc_buffer_put*()
+ did not implement automatic buffer reallocation.
+ [RT #44216]
+
+4564. [maint] Update the built in managed keys to include the
+ upcoming root KSK. [RT #44579]
+
+4563. [bug] Modified zones would occasionally fail to reload.
+ [RT #39424]
+
+4562. [func] Add additional memory statistics currently malloced
+ and maxmalloced per memory context. [RT #43593]
+
+4561. [port] Silence a warning in strict C99 compilers. [RT #44414]
+
+4560. [bug] mdig: add -m option to enable memory debugging rather
+ than having it on all the time. [RT #44509]
+
+4559. [bug] openssl_link.c didn't compile if ISC_MEM_TRACKLINES
+ was turned off. [RT #44509]
+
+4558. [bug] Synthesised CNAME before matching DNAME was still
+ being cached when it should not have been. [RT #44318]
+
+4557. [security] Combining dns64 and rpz can result in dereferencing
+ a NULL pointer (read). (CVE-2017-3135) [RT#44434]
+
+4556. [bug] Sending an EDNS Padding option using "dig
+ +ednsopt" could cause a crash in dig. [RT #44462]
+
+4555. [func] dig +ednsopt: EDNS options can now be specified by
+ name in addition to numeric value. [RT #44461]
+
+4554. [bug] Remove double unlock in dns_dispatchmgr_setudp.
+ [RT #44336]
+
+4553. [bug] Named could deadlock there were multiple changes to
+ NSEC/NSEC3 parameters for a zone being processed at
+ the same time. [RT #42770]
+
+4552. [bug] Named could trigger a assertion when sending notify
+ messages. [RT #44019]
+
+4551. [test] Add system tests for integrity checks of MX and
+ SRV records. [RT #43953]
+
+4550. [cleanup] Increased the number of available master file
+ output style flags from 32 to 64. [RT #44043]
+
+4549. [func] Added support for the EDNS TCP Keepalive option
+ (RFC 7828). [RT #42126]
+
+4548. [func] Added support for the EDNS Padding option (RFC 7830).
+ [RT #42094]
+
+4547. [port] Add support for --enable-native-pkcs11 on the AEP
+ Keyper HSM. [RT #42463]
+
+4546. [func] Extend the use of const declarations. [RT #43379]
+
+4545. [func] Expand YAML output from dnstap-read to include
+ a detailed breakdown of the DNS message contents.
+ [RT #43642]
+
+4544. [bug] Add message/payload size to dnstap-read YAML output.
+ [RT #43622]
+
+4543. [bug] dns_client_startupdate now delays sending the update
+ request until isc_app_ctxrun has been called.
+ [RT #43976]
+
+4542. [func] Allow rndc to manipulate redirect zones with using
+ -redirect as the zone name (use "-redirect." to
+ manipulate a zone named "-redirect"). [RT #43971]
+
+4541. [bug] rndc addzone should properly reject non master/slave
+ zones. [RT #43665]
+
+4540. [bug] Correctly handle ecs entries in dns_acl_isinsecure.
+ [RT #43601]
+
+4539. [bug] Referencing a nonexistent zone with RPZ could lead
+ to a assertion failure when configuring. [RT #43787]
+
+4538. [bug] Call dns_client_startresolve from client->task.
+ [RT #43896]
+
+4537. [bug] Handle timeouts better in dig/host/nslookup. [RT #43576]
+
+4536. [bug] ISC_SOCKEVENTATTR_USEMINMTU was not being cleared
+ when reusing the event structure. [RT #43885]
+
+4535. [bug] Address race condition in setting / testing of
+ DNS_REQUEST_F_SENDING. [RT #43889]
+
+4534. [bug] Only set RD, RA and CD in QUERY responses. [RT #43879]
+
+4533. [bug] dns_client_update should terminate on prerequisite
+ failures (NXDOMAIN, YXDOMAIN, NXRRSET, YXRRSET)
+ and also on BADZONE. [RT #43865]
+
+4532. [contrib] Make gen-data-queryperf.py python 3 compatible.
+ [RT #43836]
+
+4531. [security] 'is_zone' was not being properly updated by redirect2
+ and subsequently preserved leading to an assertion
+ failure. (CVE-2016-9778) [RT #43837]
+
+4530. [bug] Change 4489 broke the handling of CNAME -> DNAME
+ in responses resulting in SERVFAIL being returned.
+ [RT #43779]
+
+4529. [cleanup] Silence noisy log warning when DSCP probe fails
+ due to firewall rules. [RT #43847]
+
+4528. [bug] Only set the flag bits for the i/o we are waiting
+ for on EPOLLERR or EPOLLHUP. [RT #43617]
+
+4527. [doc] Support DocBook XSL Stylesheets v1.79.1. [RT #43831]
+
+4526. [doc] Corrected errors and improved formatting of
+ grammar definitions in the ARM. [RT #43739]
+
+4525. [doc] Fixed outdated documentation on managed-keys.
+ [RT #43810]
+
+4524. [bug] The net zero test was broken causing IPv4 servers
+ with addresses ending in .0 to be rejected. [RT #43776]
+
+4523. [doc] Expand config doc for <querysource4> and
+ <querysource6>. [RT #43768]
+
+4522. [bug] Handle big gaps in log file version numbers better.
+ [RT #38688]
+
+4521. [cleanup] Log it as an error if an entropy source is not
+ found and there is no fallback available. [RT #43659]
+
+4520. [cleanup] Alphabetize more of the grammar when printing it
+ out. Fix unbalanced indenting. [RT #43755]
+
+4519. [port] win32: handle ERROR_MORE_DATA. [RT #43534]
+
+4518. [func] The "print-time" option in the logging configuration
+ can now take arguments "local", "iso8601" or
+ "iso8601-utc" to indicate the format in which the
+ date and time should be logged. For backward
+ compatibility, "yes" is a synonym for "local".
+ [RT #42585]
+
+4517. [security] Named could mishandle authority sections that were
+ missing RRSIGs triggering an assertion failure.
+ (CVE-2016-9444) [RT # 43632]
+
+4516. [bug] isc_socketmgr_renderjson was missing from the
+ windows build. [RT #43602]
+
+4515. [port] FreeBSD: Find readline headers when they are in
+ edit/readline/ instead of readline/. [RT #43658]
+
+4514. [port] NetBSD: strip -WL, from ld command line. [RT #43204]
+
+4513. [cleanup] Minimum Python versions are now 2.7 and 3.2.
+ [RT #43566]
+
+4512. [bug] win32: @GEOIP_INC@ missing from delv.vcxproj.in.
+ [RT #43556]
+
+4511. [bug] win32: mdig.exe-BNFT was missing Configure. [RT #43554]
+
+4510. [security] Named mishandled some responses where covering RRSIG
+ records are returned without the requested data
+ resulting in a assertion failure. (CVE-2016-9147)
+ [RT #43548]
+
+4509. [test] Make the rrl system test more reliable on slower
+ machines by using mdig instead of dig. [RT #43280]
+
+4508. [security] Named incorrectly tried to cache TKEY records which
+ could trigger a assertion failure when there was
+ a class mismatch. (CVE-2016-9131) [RT #43522]
+
+4507. [bug] Named could incorrectly log 'allows updates by IP
+ address, which is insecure' [RT #43432]
+
+4506. [func] 'named-checkconf -l' will now list the zones found in
+ named.conf. [RT #43154]
+
+4505. [port] Use IP_PMTUDISC_OMIT if available. [RT #35494]
+
+4504. [security] Allow the maximum number of records in a zone to
+ be specified. This provides a control for issues
+ raised in CVE-2016-6170. [RT #42143]
+
+4503. [cleanup] "make uninstall" now removes files installed by
+ BIND. (This currently excludes Python files
+ due to lack of support in setup.py.) [RT #42192]
+
+4502. [func] Report multiple and experimental options when printing
+ grammar. [RT #43134]
+
+4501. [placeholder]
+
+4500. [bug] Support modifier I64 in isc__print_printf. [RT #43526]
+
+4499. [port] MacOSX: silence deprecated function warning
+ by using arc4random_stir() when available
+ instead of arc4random_addrandom(). [RT #43503]
+
+4498. [test] Simplify prerequisite checks in system tests.
+ [RT #43516]
+
+4497. [port] Add support for OpenSSL 1.1.0. [RT #41284]
+
+4496. [func] dig: add +idnout to control whether labels are
+ display in punycode or not. Requires idn support
+ to be enabled at compile time. [RT #43398]
+
+4495. [bug] A isc_mutex_init call was not being checked.
+ [RT #43391]
+
+4494. [bug] Look for <editline/readline.h>. [RT #43429]
+
+4493. [bug] bin/tests/system/dyndb/driver/Makefile.in should use
+ SO_TARGETS. [RT# 43336]
+
+4492. [bug] irs_resconf_load failed to initialize sortlistnxt
+ causing bad writes if resolv.conf contained a
+ sortlist directive. [RT #43459]
+
+4491. [bug] Improve message emitted when testing whether sendmsg
+ works with TOS/TCLASS fails. [RT #43483]
+
+4490. [maint] Added AAAA (2001:500:12::d0d) for G.ROOT-SERVERS.NET.
+
+4489. [security] It was possible to trigger assertions when processing
+ a response containing a DNAME answer. (CVE-2016-8864)
+ [RT #43465]
+
+4488. [port] Darwin: use -framework for Kerberos. [RT #43418]
+
+4487. [test] Make system tests work on Windows. [RT #42931]
+
+4486. [bug] Look in $prefix/lib/pythonX.Y/site-packages for
+ the python modules we install. [RT #43330]
+
+4485. [bug] Failure to find readline when requested should be
+ fatal to configure. [RT #43328]
+
+4484. [func] Check prefixes in acls to make sure the address and
+ prefix lengths are consistent. Warn only in
+ BIND 9.11 and earlier. [RT #43367]
+
+4483. [bug] Address use before require check and remove extraneous
+ dns_message_gettsigkey call in dns_tsig_sign.
+ [RT #43374]
+
+4482. [cleanup] Change #4455 was incomplete. [RT #43252]
+
+4481. [func] dig: make +class, +crypto, +multiline, +rrcomments,
+ +onesoa, +qr, +ttlid, +ttlunits and -u per lookup
+ rather than global. [RT #42450]
+
+4480. [placeholder]
+
+4479. [placeholder]
+
+4478. [func] Add +continue option to mdig, allow continue on socket
+ errors. [RT #43281]
+
+4477. [test] Fix mkeys test timing issues. [RT #41028]
+
+4476. [test] Fix reclimit test on slower machines. [RT #43283]
+
+4475. [doc] Update named-checkconf documentation. [RT #43153]
+
+4474. [bug] win32: call WSAStartup in fromtext_in_wks so that
+ getprotobyname and getservbyname work. [RT #43197]
+
+4473. [bug] Only call fsync / _commit on regular files. [RT #43196]
+
+4472. [bug] Named could fail to find the correct NSEC3 records when
+ a zone was updated between looking for the answer and
+ looking for the NSEC3 records proving nonexistence
+ of the answer. [RT #43247]
+
+ --- 9.11.0 released ---
+
+ --- 9.11.0rc3 released ---
+
+4471. [cleanup] Render client/query logging format consistent for
+ ease of log file parsing. (Note that this affects
+ "querylog" format: there is now an additional field
+ indicating the client object address.) [RT #43238]
+
+4470. [bug] Reset message with intent parse before
+ calling dns_dispatch_getnext. [RT #43229]
+
+4469. [placeholder]
+
+ --- 9.11.0rc2 released ---
+
+4468. [bug] Address ECS option handling issues. [RT #43191]
+
+4467. [security] It was possible to trigger an assertion when
+ rendering a message. (CVE-2016-2776) [RT #43139]
+
+4466. [bug] Interface scanning didn't work on a Windows system
+ without a non local IPv6 addresses. [RT #43130]
+
+4465. [bug] Don't use "%z" as Windows doesn't support it.
+ [RT #43131]
+
+4464. [bug] Fix windows python support. [RT #43173]
+
+4463. [bug] The dnstap system test failed on some systems.
+ [RT #43129]
+
+4462. [bug] Don't describe a returned EDNS COOKIE as "good"
+ when there isn't a valid server cookie. [RT #43167]
+
+4461. [bug] win32: not all external data was properly marked
+ as external data for windows dll. [RT #43161]
+
+ --- 9.11.0rc1 released ---
+
+4460. [test] Add system test for dnstap using unix domain sockets.
+ [RT #42926]
+
+4459. [bug] TCP client objects created to handle pipeline queries
+ were not cleaned up correctly, causing uncontrolled
+ memory growth. [RT #43106]
+
+4458. [cleanup] Update assertions to be more correct, and also remove
+ use of a reserved word. [RT #43090]
+
+4457. [maint] Added AAAA (2001:500:a8::e) for E.ROOT-SERVERS.NET.
+
+4456. [doc] Add DOCTYPE and lang attribute to <html> tags.
+ [RT #42587]
+
+4455. [cleanup] Allow dyndb modules to correctly log the filename
+ and line number when processing configuration text
+ from named.conf. [RT #43050]
+
+4454. [bug] 'rndc dnstap -reopen' had a race issue. [RT #43089]
+
+4453. [bug] Prefetching of DS records failed to update their
+ RRSIGs. [RT #42865]
+
+4452. [bug] The default key manager policy file is now
+ <sysdir>/dnssec-policy.conf (usually
+ /etc/dnssec-policy.conf). [RT #43064]
+
+4451. [cleanup] Log more useful information if a PKCS#11 provider
+ library cannot be loaded. [RT #43076]
+
+4450. [port] Provide more nuanced HSM support which better matches
+ the specific PKCS11 providers capabilities. [RT #42458]
+
+4449. [test] Fix catalog zones test on slower systems. [RT #42997]
+
+4448. [bug] win32: ::1 was not being found when iterating
+ interfaces. [RT #42993]
+
+4447. [tuning] Allow the fstrm_iothr_init() options to be set using
+ named.conf to control how dnstap manages the data
+ flow. [RT #42974]
+
+4446. [bug] The cache_find() and _findrdataset() functions
+ could find rdatasets that had been marked stale.
+ [RT #42853]
+
+4445. [cleanup] isc_errno_toresult() can now be used to call the
+ formerly private function isc__errno2result().
+ [RT #43050]
+
+4444. [bug] Fixed some issues related to dyndb: A bug caused
+ braces to be omitted when passing configuration text
+ from named.conf to a dyndb driver, and there was a
+ use-after-free in the sample dyndb driver. [RT #43050]
+
+4443. [func] Set TCP_MAXSEG in addition to IPV6_USE_MIN_MTU on
+ TCP sockets. [RT #42864]
+
+4442. [bug] Fix RPZ CIDR tree insertion bug that corrupted
+ tree data structure with overlapping networks
+ (longest prefix match was ineffective).
+ [RT #43035]
+
+4441. [cleanup] Alphabetize host's help output. [RT #43031]
+
+4440. [func] Enable TCP fast open support when available on the
+ server side. [RT #42866]
+
+4439. [bug] Address race conditions getting ownernames of nodes.
+ [RT #43005]
+
+4438. [func] Use LIFO rather than FIFO when processing startup
+ notify and refresh queries. [RT #42825]
+
+4437. [func] Minimal-responses now has two additional modes
+ no-auth and no-auth-recursive which suppress
+ adding the NS records to the authority section
+ as well as the associated address records for the
+ nameservers. [RT #42005]
+
+4436. [func] Return TLSA records as additional data for MX and SRV
+ lookups. [RT #42894]
+
+4435. [tuning] Only set IPV6_USE_MIN_MTU for UDP when the message
+ will not fit into a single IPv4 encapsulated IPv6
+ UDP packet when transmitted over a Ethernet link.
+ [RT #42871]
+
+4434. [protocol] Return EDNS EXPIRE option for master zones in addition
+ to slave zones. [RT #43008]
+
+4433. [cleanup] Report an error when passing an invalid option or
+ view name to "rndc dumpdb". [RT #42958]
+
+4432. [test] Hide rndc output on expected failures in logfileconfig
+ system test. [RT #27996]
+
+4431. [bug] named-checkconf now checks the rate-limit clause.
+ [RT #42970]
+
+4430. [bug] Lwresd died if a search list was not defined.
+ Found by 0x710DDDD At Alibaba Security. [RT #42895]
+
+4429. [bug] Address potential use after free on fclose() error.
+ [RT #42976]
+
+4428. [bug] The "test dispatch getnext" unit test could fail
+ in a threaded build. [RT #42979]
+
+4427. [bug] The "query" and "response" parameters to the
+ "dnstap" option had their functions reversed.
+
+ --- 9.11.0b3 released ---
+
+4426. [bug] Addressed Coverity warnings. [RT #42908]
+
+4425. [bug] arpaname, dnstap-read and named-rrchecker were not
+ being installed into ${prefix}/bin. Tidy up
+ installation issues with CHANGE 4421. [RT #42910]
+
+4424. [experimental] Named now sends _ta-XXXX.<trust-anchor>/NULL queries
+ to provide feedback to the trust-anchor administrators
+ about how key rollovers are progressing as per
+ draft-ietf-dnsop-edns-key-tag-02. This can be
+ disabled using 'trust-anchor-telemetry no;'.
+ [RT #40583]
+
+4423. [maint] Added missing IPv6 address 2001:500:84::b for
+ B.ROOT-SERVERS.NET. [RT #42898]
+
+4422. [port] Silence clang warnings in dig.c and dighost.c.
+ [RT #42451]
+
+4421. [func] When built with LMDB (Lightning Memory-mapped
+ Database), named will now use a database to store
+ the configuration for zones added by "rndc addzone"
+ instead of using a flat NZF file. This improves
+ performance of "rndc delzone" and "rndc modzone"
+ significantly. Existing NZF files will
+ automatically by converted to NZD databases.
+ To view the contents of an NZD or to roll back to
+ NZF format, use "named-nzd2nzf". To disable
+ this feature, use "configure --without-lmdb".
+ [RT #39837]
+
+4420. [func] nslookup now looks for AAAA as well as A by default.
+ [RT #40420]
+
+4419. [bug] Don't cause undefined result if the label of an
+ entry in catalog zone is changed. [RT #42708]
+
+4418. [bug] Fix a compiler warning in GSSAPI code. [RT #42879]
+
+4417. [bug] dnssec-keymgr could fail to create successor keys
+ if the prepublication interval was set to a value
+ smaller than the default. [RT #42820]
+
+4416. [bug] dnssec-keymgr: Domain names in policy files could
+ fail to match due to trailing dots. [RT #42807]
+
+4415. [bug] dnssec-keymgr: Expired/deleted keys were not always
+ excluded. [RT #42884]
+
+4414. [bug] Corrected a bug in the MIPS implementation of
+ isc_atomic_xadd(). [RT #41965]
+
+4413. [bug] GSSAPI negotiation could fail if GSS_S_CONTINUE_NEEDED
+ was returned. [RT #42733]
+
+ --- 9.11.0b2 released ---
+
+4412. [cleanup] Make fixes for GCC 6. ISC_OFFSET_MAXIMUM macro was
+ removed. [RT #42721]
+
+4411. [func] "rndc dnstap -roll" automatically rolls the
+ dnstap output file; the previous version is
+ saved with ".0" suffix, and earlier versions
+ with ".1" and so on. An optional numeric argument
+ indicates how many prior files to save. [RT #42830]
+
+4410. [bug] Address use after free and memory leak with dnstap.
+ [RT #42746]
+
+4409. [bug] DNS64 should exclude mapped addresses by default when
+ an exclude acl is not defined. [RT #42810]
+
+4408. [func] Continue waiting for expected response when we the
+ response we get does not match the request. [RT #41026]
+
+4407. [performance] Use GCC builtin for clz in RPZ lookup code.
+ [RT #42818]
+
+4406. [security] getrrsetbyname with a non absolute name could
+ trigger an infinite recursion bug in lwresd
+ and named with lwres configured if when combined
+ with a search list entry the resulting name is
+ too long. (CVE-2016-2775) [RT #42694]
+
+4405. [bug] Change 4342 introduced a regression where you could
+ not remove a delegation in a NSEC3 signed zone using
+ OPTOUT via nsupdate. [RT #42702]
+
+4404. [misc] Allow krb5-config to be used when configuring gssapi.
+ [RT #42580]
+
+4403. [bug] Rename variables and arguments that shadow: basename,
+ clone and gai_error.
+
+4402. [bug] protoc-c is now a hard requirement for --enable-dnstap.
+
+ --- 9.11.0b1 released ---
+
+4401. [misc] Change LICENSE to MPL 2.0.
+
+4400. [bug] ttl policy was not being inherited in policy.py.
+ [RT #42718]
+
+4399. [bug] policy.py 'ECCGOST', 'ECDSAP256SHA256', and
+ 'ECDSAP384SHA384' don't have settable keysize.
+ [RT #42718]
+
+4398. [bug] Correct spelling of ECDSAP256SHA256 in policy.py.
+ [RT #42718]
+
+4397. [bug] Update Windows python support. [RT #42538]
+
+4396. [func] dnssec-keymgr now takes a '-r randomfile' option.
+ [RT #42455]
+
+4395. [bug] Improve out-of-tree installation of python modules.
+ [RT #42586]
+
+4394. [func] Add rndc command "dnstap-reopen" to close and
+ reopen dnstap output files. [RT #41803]
+
+4393. [bug] Address potential NULL pointer dereferences in
+ dnstap code.
+
+4392. [func] Collect statistics for RSSAC02v3 traffic-volume,
+ traffic-sizes and rcode-volume reporting. [RT #41475]
+
+4391. [contrib] Fix leaks in contrib DLZ code. [RT #42707]
+
+4390. [doc] Description of masters with TSIG, allow-query and
+ allow-transfer options in catalog zones. [RT #42692]
+
+4389. [test] Rewritten test suite for catalog zones. [RT #42676]
+
+4388. [func] Support for master entries with TSIG keys in catalog
+ zones. [RT #42577]
+
+4387. [bug] Change 4336 was not complete leading to SERVFAIL
+ being return as NS records expired. [RT #42683]
+
+4386. [bug] Remove shadowed overmem function/variable. [RT #42706]
+
+4385. [func] Add support for allow-query and allow-transfer ACLs
+ to catalog zones. [RT #42578]
+
+4384. [bug] Change 4256 accidentally disabled logging of the
+ rndc command. [RT #42654]
+
+4383. [bug] Correct spelling error in stats channel description of
+ "EDNS client subnet option received". [RT #42633]
+
+4382. [bug] rndc {addzone,modzone,delzone,showzone} should all
+ compare the zone name using a canonical format.
+ [RT #42630]
+
+4381. [bug] Missing "zone-directory" option in catalog zone
+ definition caused BIND to crash. [RT #42579]
+
+ --- 9.11.0a3 released ---
+
+4380. [experimental] Added a "zone-directory" option to "catalog-zones"
+ syntax, allowing local masterfiles for slaves
+ that are provisioned by catalog zones to be stored
+ in a directory other than the server's working
+ directory. [RT #42527]
+
+4379. [bug] An INSIST could be triggered if a zone contains
+ RRSIG records with expiry fields that loop
+ using serial number arithmetic. [RT #40571]
+
+4378. [contrib] #include <isc/string.h> for strlcat in zone2ldap.c.
+ [RT #42525]
+
+4377. [bug] Don't reuse zero TTL responses beyond the current
+ client set (excludes ANY/SIG/RRSIG queries).
+ [RT #42142]
+
+4376. [experimental] Added support for Catalog Zones, a new method for
+ provisioning secondary servers in which a list of
+ zones to be served is stored in a DNS zone and can
+ be propagated to slaves via AXFR/IXFR. [RT #41581]
+
+4375. [func] Add support for automatic reallocation of isc_buffer
+ to isc_buffer_put* functions. [RT #42394]
+
+4374. [bug] Use SAVE/RESTORE macros in query.c to reduce the
+ probability of reference counting errors as seen
+ in 4365. [RT #42405]
+
+4373. [bug] Address undefined behavior in getaddrinfo. [RT #42479]
+
+4372. [bug] Address undefined behavior in libt_api. [RT #42480]
+
+4371. [func] New "minimal-any" option reduces the size of UDP
+ responses for qtype ANY by returning a single
+ arbitrarily selected RRset instead of all RRsets.
+ Thanks to Tony Finch. [RT #41615]
+
+4370. [bug] Address python3 compatibility issues with RNDC module.
+ [RT #42499] [RT #42506]
+
+ --- 9.11.0a2 released ---
+
+4369. [bug] Fix 'make' and 'make install' out-of-tree python
+ support. [RT #42484]
+
+4368. [bug] Fix a crash when calling "rndc stats" on some
+ Windows builds because some Visual Studio compilers
+ generated crashing code for the "%z" printf()
+ format specifier. [RT #42380]
+
+4367. [bug] Remove unnecessary assignment of loadtime in
+ zone_touched. [RT #42440]
+
+4366. [bug] Address race condition when updating rbtnode bit
+ fields. [RT #42379]
+
+4365. [bug] Address zone reference counting errors involving
+ nxdomain-redirect. [RT #42258]
+
+4364. [port] freebsd: add -Wl,-E to loader flags [RT #41690]
+
+4363. [port] win32: Disable explicit triggering UAC when running
+ BINDInstall.
+
+4362. [func] Changed rndc reconfig behavior so that newly added
+ zones are loaded asynchronously and the loading does
+ not block the server. [RT #41934]
+
+4361. [cleanup] Where supported, file modification times returned
+ by isc_file_getmodtime() are now accurate to the
+ nanosecond. [RT #41968]
+
+4360. [bug] Silence spurious 'bad key type' message when there is
+ a existing TSIG key. [RT #42195]
+
+4359. [bug] Inherited 'also-notify' lists were not being checked
+ by named-checkconf. [RT #42174]
+
+4358. [test] Added American Fuzzy Lop harness that allows
+ feeding fuzzed packets into BIND.
+ [RT #41723]
+
+4357. [func] Add the python RNDC module. [RT #42093]
+
+4356. [func] Add the ability to specify whether to wait for
+ nameserver addresses to be looked up or not to
+ RPZ with a new modifying directive 'nsip-wait-recurse'.
+ [RT #35009]
+
+4355. [func] "pkcs11-list" now displays the extractability
+ attribute of private or secret keys stored in
+ an HSM, as either "true", "false", or "never"
+ Thanks to Daniel Stirnimann. [RT #36557]
+
+4354. [bug] Check that the received HMAC length matches the
+ expected length prior to check the contents on the
+ control channel. This prevents a OOB read error.
+ This was reported by Lian Yihan, <lianyihan@360.cn>.
+ [RT #42215]
+
+4353. [cleanup] Update PKCS#11 header files. [RT #42175]
+
+4352. [cleanup] The ISC DNSSEC Lookaside Validation (DLV) service
+ is scheduled to be disabled in 2017. A warning is
+ now logged when named is configured to use it,
+ either explicitly or via "dnssec-lookaside auto;"
+ [RT #42207]
+
+4351. [bug] 'dig +noignore' didn't work. [RT #42273]
+
+4350. [contrib] Declare result in dlz_filesystem_dynamic.c.
+
+4349. [contrib] kasp2policy: A python script to create a DNSSEC
+ policy file from an OpenDNSSEC KASP XML file.
+
+4348. [func] dnssec-keymgr: A new python-based DNSSEC key
+ management utility, which reads a policy definition
+ file and can create or update DNSSEC keys as needed
+ to ensure that a zone's keys match policy, roll over
+ correctly on schedule, etc. Thanks to Sebastian
+ Castro for assistance in development. [RT #39211]
+
+4347. [port] Corrected a build error on x86_64 Solaris. [RT #42150]
+
+4346. [bug] Fixed a regression introduced in change #4337 which
+ caused signed domains with revoked KSKs to fail
+ validation. [RT #42147]
+
+4345. [contrib] perftcpdns mishandled the return values from
+ clock_nanosleep. [RT #42131]
+
+4344. [port] Address openssl version differences. [RT #42059]
+
+4343. [bug] dns_dnssec_syncupdate mis-declared in <dns/dnssec.h>.
+ [RT #42090]
+
+4342. [bug] 'rndc flushtree' could fail to clean the tree if there
+ wasn't a node at the specified name. [RT #41846]
+
+ --- 9.11.0a1 released ---
+
+4341. [bug] Correct the handling of ECS options with
+ address family 0. [RT #41377]
+
+4340. [performance] Implement adaptive read-write locks, reducing the
+ overhead of locks that are only held briefly.
+ [RT #37329]
+
+4339. [test] Use "mdig" to test pipelined queries. [RT #41929]
+
+4338. [bug] Reimplement change 4324 as it wasn't properly doing
+ all the required book keeping. [RT #41941]
+
+4337. [bug] The previous change exposed a latent flaw in
+ key refresh queries for managed-keys when
+ a cached DNSKEY had TTL 0. [RT #41986]
+
+4336. [bug] Don't emit records with zero ttl unless the records
+ were learnt with a zero ttl. [RT #41687]
+
+4335. [bug] zone->view could be detached too early. [RT #41942]
+
+4334. [func] 'named -V' now reports zlib version. [RT #41913]
+
+4333. [maint] L.ROOT-SERVERS.NET is now 199.7.83.42 and
+ 2001:500:9f::42.
+
+4332. [placeholder]
+
+4331. [func] When loading managed signed zones detect if the
+ RRSIG's inception time is in the future and regenerate
+ the RRSIG immediately. [RT #41808]
+
+4330. [protocol] Identify the PAD option as "PAD" when printing out
+ a message.
+
+4329. [func] Warn about a common misconfiguration when forwarding
+ RFC 1918 zones. [RT #41441]
+
+4328. [performance] Add dns_name_fromwire() benchmark test. [RT #41694]
+
+4327. [func] Log query and depth counters during fetches when
+ querytrace (./configure --enable-querytrace) is
+ enabled (helps in diagnosing). [RT #41787]
+
+4326. [protocol] Add support for AVC. [RT #41819]
+
+4325. [func] Add a line to "rndc status" indicating the
+ hostname and operating system details. [RT #41610]
+
+4324. [bug] When deleting records from a zone database, interior
+ nodes could be left empty but not deleted, damaging
+ search performance afterward. [RT #40997]
+
+4323. [bug] Improve HTTP header processing on statschannel.
+ [RT #41674]
+
+4322. [security] Duplicate EDNS COOKIE options in a response could
+ trigger an assertion failure. (CVE-2016-2088)
+ [RT #41809]
+
+4321. [bug] Zones using mapped files containing out-of-zone data
+ could return SERVFAIL instead of the expected NODATA
+ or NXDOMAIN results. [RT #41596]
+
+4320. [bug] Insufficient memory allocation when handling
+ "none" ACL could cause an assertion failure in
+ named when parsing ACL configuration. [RT #41745]
+
+4319. [security] Fix resolver assertion failure due to improper
+ DNAME handling when parsing fetch reply messages.
+ (CVE-2016-1286) [RT #41753]
+
+4318. [security] Malformed control messages can trigger assertions
+ in named and rndc. (CVE-2016-1285) [RT #41666]
+
+4317. [bug] Age all unused servers on fetch timeout. [RT #41597]
+
+4316. [func] Add option to tools to print RRs in unknown
+ presentation format [RT #41595].
+
+4315. [bug] Check that configured view class isn't a meta class.
+ [RT #41572].
+
+4314. [contrib] Added 'dnsperf-2.1.0.0-1', a set of performance
+ testing tools provided by Nominum, Inc.
+
+4313. [bug] Handle ns_client_replace failures in test mode.
+ [RT #41190]
+
+4312. [bug] dig's unknown DNS and EDNS flags (MBZ value) logging
+ was not consistent. [RT #41600]
+
+4311. [bug] Prevent "rndc delzone" from being used on
+ response-policy zones. [RT #41593]
+
+4310. [performance] Use __builtin_expect() where available to annotate
+ conditions with known behavior. [RT #41411]
+
+4309. [cleanup] Remove the spurious "none" filename from log messages
+ when processing built-in configuration. [RT #41594]
+
+4308. [func] Added operating system details to "named -V"
+ output. [RT #41452]
+
+4307. [bug] "dig +subnet" and "mdig +subnet" could send
+ incorrectly-formatted Client Subnet options
+ if the prefix length was not divisible by 8.
+ Also fixed a memory leak in "mdig". [RT #45178]
+
+4306. [maint] Added a PKCS#11 openssl patch supporting
+ version 1.0.2f [RT #38312]
+
+4305. [bug] dnssec-signzone was not removing unnecessary rrsigs
+ from the zone's apex. [RT #41483]
+
+4304. [port] xfer system test failed as 'tail -n +value' is not
+ portable. [RT #41315]
+
+4303. [bug] "dig +subnet" was unable to send a prefix length of
+ zero, as it was incorrectly changed to 32 for v4
+ prefixes or 128 for v6 prefixes. In addition to
+ fixing this, "dig +subnet=0" has been added as a
+ short form for 0.0.0.0/0. The same changes have
+ also been made in "mdig". [RT #41553]
+
+4302. [port] win32: fixed a build error in VS 2015. [RT #41426]
+
+4301. [bug] dnssec-settime -p [DP]sync was not working. [RT #41534]
+
+4300. [bug] A flag could be set in the wrong field when setting
+ up non-recursive queries; this could cause the
+ SERVFAIL cache to cache responses it shouldn't.
+ New querytrace logging has been added which
+ identified this error. [RT #41155]
+
+4299. [bug] Check that exactly totallen bytes are read when
+ reading a RRset from raw files in both single read
+ and incremental modes. [RT #41402]
+
+4298. [bug] dns_rpz_add errors in loadzone were not being
+ propagated up the call stack. [RT #41425]
+
+4297. [test] Ensure delegations in RPZ zones fail robustly.
+ [RT #41518]
+
+4296. [bug] TCP packet sizes were calculated incorrectly in the
+ stats channel; they could be counted in the wrong
+ histogram bucket. [RT #40587]
+
+4295. [bug] An unchecked result in dns_message_pseudosectiontotext()
+ could allow incorrect text formatting of EDNS EXPIRE
+ options. [RT #41437]
+
+4294. [bug] Fixed a regression in which "rndc stop -p" failed
+ to print the PID. [RT #41513]
+
+4293. [bug] Address memory leak on priming query creation failure.
+ [RT #41512]
+
+4292. [placeholder]
+
+4291. [cleanup] Added a required include to dns/forward.h. [RT #41474]
+
+4290. [func] The timers returned by the statistics channel
+ (indicating current time, server boot time, and
+ most recent reconfiguration time) are now reported
+ with millisecond accuracy. [RT #40082]
+
+4289. [bug] The server could crash due to memory being used
+ after it was freed if a zone transfer timed out.
+ [RT #41297]
+
+4288. [bug] Fixed a regression in resolver.c:possibly_mark()
+ which caused known-bogus servers to be queried
+ anyway. [RT #41321]
+
+4287. [bug] Silence an overly noisy log message when message
+ parsing fails. [RT #41374]
+
+4286. [security] render_ecs errors were mishandled when printing out
+ a OPT record resulting in a assertion failure.
+ (CVE-2015-8705) [RT #41397]
+
+4285. [security] Specific APL data could trigger a INSIST.
+ (CVE-2015-8704) [RT #41396]
+
+4284. [bug] Some GeoIP options were incorrectly documented
+ using abbreviated forms which were not accepted by
+ named. The code has been updated to allow both
+ long and abbreviated forms. [RT #41381]
+
+4283. [bug] OPENSSL_config is no longer re-callable. [RT #41348]
+
+4282. [func] 'dig +[no]mapped' determine whether the use of mapped
+ IPv4 addresses over IPv6 is permitted or not. The
+ default is +mapped. [RT #41307]
+
+4281. [bug] Teach dns_message_totext about BADCOOKIE. [RT #41257]
+
+4280. [performance] Use optimal message sizes to improve compression
+ in AXFRs. This reduces network traffic. [RT #40996]
+
+4279. [test] Don't use fixed ports when unit testing. [RT #41194]
+
+4278. [bug] 'delv +short +[no]split[=##]' didn't work as expected.
+ [RT #41238]
+
+4277. [performance] Improve performance of the RBT, the central zone
+ datastructure: The aux hashtable was improved,
+ hash function was updated to perform more
+ uniform mapping, uppernode was added to
+ dns_rbtnode, and other cleanups and performance
+ improvements were made. [RT #41165]
+
+4276. [protocol] Add support for SMIMEA. [RT #40513]
+
+4275. [performance] Lazily initialize dns_compress->table only when
+ compression is enabled. [RT #41189]
+
+4274. [performance] Speed up typemap processing from text. [RT #41196]
+
+4273. [bug] Only call dns_test_begin() and dns_test_end() once each
+ in nsec3_test as it fails with GOST if called multiple
+ times.
+
+4272. [bug] dig: the +norrcomments option didn't work with +multi.
+ [RT #41234]
+
+4271. [test] Unit tests could deadlock in isc__taskmgr_pause().
+ [RT #41235]
+
+4270. [security] Update allowed OpenSSL versions as named is
+ potentially vulnerable to CVE-2015-3193.
+
+4269. [bug] Zones using "map" format master files currently
+ don't work as policy zones. This limitation has
+ now been documented; attempting to use such zones
+ in "response-policy" statements is now a
+ configuration error. [RT #38321]
+
+4268. [func] "rndc status" now reports the path to the
+ configuration file. [RT #36470]
+
+4267. [test] Check sdlz error handling. [RT #41142]
+
+4266. [placeholder]
+
+4265. [bug] Address unchecked isc_mem_get calls. [RT #41187]
+
+4264. [bug] Check const of strchr/strrchr assignments match
+ argument's const status. [RT #41150]
+
+4263. [contrib] Address compiler warnings in mysqldyn module.
+ [RT #41130]
+
+4262. [bug] Fixed a bug in epoll socket code that caused
+ sockets to not be registered for ready
+ notification in some cases, causing named to not
+ read from or write to them, resulting in what
+ appear to the user as blocked connections.
+ [RT #41067]
+
+4261. [maint] H.ROOT-SERVERS.NET is 198.97.190.53 and 2001:500:1::53.
+ [RT #40556]
+
+4260. [security] Insufficient testing when parsing a message allowed
+ records with an incorrect class to be be accepted,
+ triggering a REQUIRE failure when those records
+ were subsequently cached. (CVE-2015-8000) [RT #40987]
+
+4259. [func] Add an option for non-destructive control channel
+ access using a "read-only" clause. In such
+ cases, a restricted set of rndc commands are
+ allowed for querying information from named.
+ [RT #40498]
+
+4258. [bug] Limit rndc query message sizes to 32 KiB. This should
+ not break any legitimate rndc commands, but will
+ prevent a rogue rndc query from allocating too
+ much memory. [RT #41073]
+
+4257. [cleanup] Python scripts reported incorrect version. [RT #41080]
+
+4256. [bug] Allow rndc command arguments to be quoted so as
+ to allow spaces. [RT #36665]
+
+4255. [performance] Add 'message-compression' option to disable DNS
+ compression in responses. [RT #40726]
+
+4254. [bug] Address missing lock when getting zone's serial.
+ [RT #41072]
+
+4253. [security] Address fetch context reference count handling error
+ on socket error. (CVE-2015-8461) [RT#40945]
+
+4252. [func] Add support for automating the generation CDS and
+ CDNSKEY rrsets to named and dnssec-signzone.
+ [RT #40424]
+
+4251. [bug] NTAs were deleted when the server was reconfigured
+ or reloaded. [RT #41058]
+
+4250. [func] Log the TSIG key in use during inbound zone
+ transfers. [RT #41075]
+
+4249. [func] Improve error reporting of TSIG / SIG(0) records in
+ the wrong location. [RT #41030]
+
+4248. [performance] Add an isc_atomic_storeq() function, use it in
+ stats counters to improve performance.
+ [RT #39972] [RT #39979]
+
+4247. [port] Require both HAVE_JSON and JSON_C_VERSION to be
+ defined to report json library version. [RT #41045]
+
+4246. [test] Ensure the statschannel system test runs when BIND
+ is not built with libjson. [RT #40944]
+
+4245. [placeholder]
+
+4244. [bug] The parser was not reporting that use-ixfr is obsolete.
+ [RT #41010]
+
+4243. [func] Improved stats reporting from Timothe Litt. [RT #38941]
+
+4242. [bug] Replace the client if not already replaced when
+ prefetching. [RT #41001]
+
+4241. [doc] Improved the TSIG, TKEY, and SIG(0) sections in
+ the ARM. [RT #40955]
+
+4240. [port] Fix LibreSSL compatibility. [RT #40977]
+
+4239. [func] Changed default servfail-ttl value to 1 second from 10.
+ Also, the maximum value is now 30 instead of 300.
+ [RT #37556]
+
+4238. [bug] Don't send to servers on net zero (0.0.0.0/8).
+ [RT #40947]
+
+4237. [doc] Upgraded documentation toolchain to use DocBook 5
+ and dblatex. [RT #40766]
+
+4236. [performance] On machines with 2 or more processors (CPU), the
+ default value for the number of UDP listeners
+ has been changed to the number of detected
+ processors minus one. [RT #40761]
+
+4235. [func] Added support in named for "dnstap", a fast method of
+ capturing and logging DNS traffic, and a new command
+ "dnstap-read" to read a dnstap log file. Use
+ "configure --enable-dnstap" to enable this
+ feature (note that this requires libprotobuf-c
+ and libfstrm). See the ARM for configuration details.
+
+ Thanks to Robert Edmonds of Farsight Security.
+ [RT #40211]
+
+4234. [func] Add deflate compression in statistics channel HTTP
+ server. [RT #40861]
+
+4233. [test] Add tests for CDS and CDNSKEY with delegation-only.
+ [RT #40597]
+
+4232. [contrib] Address unchecked memory allocation calls in
+ query-loc and zone2ldap. [RT #40789]
+
+4231. [contrib] Address unchecked calloc call in dlz_mysqldyn_mod.c.
+ [RT #40840]
+
+4230. [contrib] dlz_wildcard_dynamic.c:dlz_create could return a
+ uninitialized result. [RT #40839]
+
+4229. [bug] A variable could be used uninitialized in
+ dns_update_signaturesinc. [RT #40784]
+
+4228. [bug] Address race condition in dns_client_destroyrestrans.
+ [RT #40605]
+
+4227. [bug] Silence static analysis warnings. [RT #40828]
+
+4226. [bug] Address a theoretical shutdown race in
+ zone.c:notify_send_queue(). [RT #38958]
+
+4225. [port] freebsd/openbsd: Use '${CC} -shared' for building
+ shared libraries. [RT #39557]
+
+4224. [func] Added support for "dyndb", a new interface for loading
+ zone data from an external database, developed by
+ Red Hat for the FreeIPA project.
+
+ DynDB drivers fully implement the BIND database
+ API, and are capable of significantly better
+ performance and functionality than DLZ drivers,
+ while taking advantage of advanced database
+ features not available in BIND such as multi-master
+ replication.
+
+ Thanks to Adam Tkac and Petr Spacek of Red Hat.
+ [RT #35271]
+
+4223. [func] Add support for setting max-cache-size to percentage
+ of available physical memory, set default to 90%.
+ [RT #38442]
+
+4222. [func] Bias IPv6 servers when selecting the next server to
+ query. [RT #40836]
+
+4221. [bug] Resource leak on DNS_R_NXDOMAIN in fctx_create.
+ [RT #40583]
+
+4220. [doc] Improve documentation for zone-statistics.
+ [RT #36955]
+
+4219. [bug] Set event->result to ISC_R_WOULDBLOCK on EWOULDBLOCK,
+ EGAIN when these soft error are not retried for
+ isc_socket_send*().
+
+4218. [bug] Potential null pointer dereference on out of memory
+ if mmap is not supported. [RT #40777]
+
+4217. [protocol] Add support for CSYNC. [RT #40532]
+
+4216. [cleanup] Silence static analysis warnings. [RT #40649]
+
+4215. [bug] nsupdate: skip to next request on GSSTKEY create
+ failure. [RT #40685]
+
+4214. [protocol] Add support for TALINK. [RT #40544]
+
+4213. [bug] Don't reuse a cache across multiple classes.
+ [RT #40205]
+
+4212. [func] Re-query if we get a bad client cookie returned over
+ UDP. [RT #40748]
+
+4211. [bug] Ensure that lwresd gets at least one task to work
+ with if enabled. [RT #40652]
+
+4210. [cleanup] Silence use after free false positive. [RT #40743]
+
+4209. [bug] Address resource leaks in dlz modules. [RT #40654]
+
+4208. [bug] Address null pointer dereferences on out of memory.
+ [RT #40764]
+
+4207. [bug] Handle class mismatches with raw zone files.
+ [RT #40746]
+
+4206. [bug] contrib: fixed a possible NULL dereference in
+ DLZ wildcard module. [RT #40745]
+
+4205. [bug] 'named-checkconf -p' could include unwanted spaces
+ when printing tuples with unset optional fields.
+ [RT #40731]
+
+4204. [bug] 'dig +trace' failed to lookup the correct type if
+ the initial root NS query was retried. [RT #40296]
+
+4203. [test] The rrchecker system test now tests conversion
+ to and from unknown-type format. [RT #40584]
+
+4202. [bug] isccc_cc_fromwire() could return an incorrect
+ result. [RT #40614]
+
+4201. [func] The default preferred-glue is now the address record
+ type of the transport the query was received
+ over. [RT #40468]
+
+4200. [cleanup] win32: update BINDinstall to be BIND release
+ independent. [RT #38915]
+
+4199. [protocol] Add support for NINFO, RKEY, SINK, TA.
+ [RT #40545] [RT #40547] [RT #40561] [RT #40563]
+
+4198. [placeholder]
+
+4197. [bug] 'named-checkconf -z' didn't handle 'in-view' clauses.
+ [RT #40603]
+
+4196. [doc] Improve how "enum + other" types are documented.
+ [RT #40608]
+
+4195. [bug] 'max-zone-ttl unlimited;' was broken. [RT #40608]
+
+4194. [bug] named-checkconf -p failed to properly print a port
+ range. [RT #40634]
+
+4193. [bug] Handle broken servers that return BADVERS incorrectly.
+ [RT #40427]
+
+4192. [bug] The default rrset-order of random was not always being
+ applied. [RT #40456]
+
+4191. [protocol] Accept DNS-SD non LDH PTR records in reverse zones
+ as per RFC 6763. [RT #37889]
+
+4190. [protocol] Accept Active Directory gc._msdcs.<forest> name as
+ valid with check-names. <forest> still needs to be
+ LDH. [RT #40399]
+
+4189. [cleanup] Don't exit on overly long tokens in named.conf.
+ [RT #40418]
+
+4188. [bug] Support HTTP/1.0 client properly on the statistics
+ channel. [RT #40261]
+
+4187. [func] When any RR type implementation doesn't
+ implement totext() for the RDATA's wire
+ representation and returns ISC_R_NOTIMPLEMENTED,
+ such RDATA is now printed in unknown
+ presentation format (RFC 3597). RR types affected
+ include LOC(29) and APL(42). [RT #40317].
+
+4186. [bug] Fixed an RPZ bug where a QNAME would be matched
+ against a policy RR with wildcard owner name
+ (trigger) where the QNAME was the wildcard owner
+ name's parent. For example, the bug caused a query
+ with QNAME "example.com" to match a policy RR with
+ "*.example.com" as trigger. [RT #40357]
+
+4185. [bug] Fixed an RPZ bug where a policy RR with wildcard
+ owner name (trigger) would prevent another policy RR
+ with its parent owner name from being
+ loaded. For example, the bug caused a policy RR
+ with trigger "example.com" to not have any
+ effect when a previous policy RR with trigger
+ "*.example.com" existed in that RPZ zone.
+ [RT #40357]
+
+4184. [bug] Fixed a possible memory leak in name compression
+ when rendering long messages. (Also, improved
+ wire_test for testing such messages.) [RT #40375]
+
+4183. [cleanup] Use timing-safe memory comparisons in cryptographic
+ code. Also, the timing-safe comparison functions have
+ been renamed to avoid possible confusion with
+ memcmp(). Thanks to Loganaden Velvindron of
+ AFRINIC. [RT #40148]
+
+4182. [cleanup] Use mnemonics for RR class and type comparisons.
+ [RT #40297]
+
+4181. [bug] Queued notify messages could be dequeued from the
+ wrong rate limiter queue. [RT #40350]
+
+4180. [bug] Error responses in pipelined queries could
+ cause a crash in client.c. [RT #40289]
+
+4179. [bug] Fix double frees in getaddrinfo() in libirs.
+ [RT #40209]
+
+4178. [bug] Fix assertion failure in parsing UNSPEC(103) RR from
+ text. [RT #40274]
+
+4177. [bug] Fix assertion failure in parsing NSAP records from
+ text. [RT #40285]
+
+4176. [bug] Address race issues with lwresd. [RT #40284]
+
+4175. [bug] TKEY with GSS-API keys needed bigger buffers.
+ [RT #40333]
+
+4174. [bug] "dnssec-coverage -r" didn't handle time unit
+ suffixes correctly. [RT #38444]
+
+4173. [bug] dig +sigchase was not properly matching the trusted
+ key. [RT #40188]
+
+4172. [bug] Named / named-checkconf didn't handle a view of CLASS0.
+ [RT #40265]
+
+4171. [bug] Fixed incorrect class checks in TSIG RR
+ implementation. [RT #40287]
+
+4170. [security] An incorrect boundary check in the OPENPGPKEY
+ rdatatype could trigger an assertion failure.
+ (CVE-2015-5986) [RT #40286]
+
+4169. [test] Added a 'wire_test -d' option to read input as
+ raw binary data, for use as a fuzzing harness.
+ [RT #40312]
+
+4168. [security] A buffer accounting error could trigger an
+ assertion failure when parsing certain malformed
+ DNSSEC keys. (CVE-2015-5722) [RT #40212]
+
+4167. [func] Update rndc's usage output to include recently added
+ commands. Thanks to Tony Finch for submitting a
+ patch. [RT #40010]
+
+4166. [func] Print informative output from rndc showzone when
+ allow-new-zones is not enabled for a view. Thanks to
+ Tony Finch for submitting a patch. [RT #40009]
+
+4165. [security] A failure to reset a value to NULL in tkey.c could
+ result in an assertion failure. (CVE-2015-5477)
+ [RT #40046]
+
+4164. [bug] Don't rename slave files and journals on out of memory.
+ [RT #40033]
+
+4163. [bug] Address compiler warnings. [RT #40024]
+
+4162. [bug] httpdmgr->flags was not being initialized. [RT #40017]
+
+4161. [test] Add JSON test for traffic size stats; also test
+ for consistency between "rndc stats" and the XML
+ and JSON statistics channel contents. [RT #38700]
+
+4160. [placeholder]
+
+4159. [cleanup] Alphabetize dig's help output. [RT #39966]
+
+4158. [placeholder]
+
+4157. [placeholder]
+
+4156. [func] Added statistics counters to track the sizes
+ of incoming queries and outgoing responses in
+ histogram buckets, as specified in RSSAC002.
+ [RT #39049]
+
+4155. [func] Allow RPZ rewrite logging to be configured on a
+ per-zone basis using a newly introduced log clause in
+ the response-policy option. [RT #39754]
+
+4154. [bug] A OPT record should be included with the FORMERR
+ response when there is a malformed EDNS option.
+ [RT #39647]
+
+4153. [bug] Dig should zero non significant +subnet bits. Check
+ that non significant ECS bits are zero on receipt.
+ [RT #39647]
+
+4152. [func] Implement DNS COOKIE option. This replaces the
+ experimental SIT option of BIND 9.10. The following
+ named.conf directives are available: send-cookie,
+ cookie-secret, cookie-algorithm, nocookie-udp-size
+ and require-server-cookie. The following dig options
+ are available: +[no]cookie[=value] and +[no]badcookie.
+ [RT #39928]
+
+4151. [bug] 'rndc flush' could cause a deadlock. [RT #39835]
+
+4150. [bug] win32: listen-on-v6 { any; }; was not working. Apply
+ minimal fix. [RT #39667]
+
+4149. [bug] Fixed a race condition in the getaddrinfo()
+ implementation in libirs, which caused the delv
+ utility to crash with an assertion failure when using
+ the '@server' syntax with a hostname argument.
+ [RT #39899]
+
+4148. [bug] Fix a bug when printing zone names with '/' character
+ in XML and JSON statistics output. [RT #39873]
+
+4147. [bug] Filter-aaaa / filter-aaaa-on-v4 / filter-aaaa-on-v6
+ was returning referrals rather than nodata responses
+ when the AAAA records were filtered. [RT #39843]
+
+4146. [bug] Address reference leak that could prevent a clean
+ shutdown. [RT #37125]
+
+4145. [bug] Not all unassociated adb entries where being printed.
+ [RT #37125]
+
+4144. [func] Add statistics counters for nxdomain redirections.
+ [RT #39790]
+
+4143. [placeholder]
+
+4142. [bug] rndc addzone with view specified saved NZF config
+ that could not be read back by named. This has now
+ been fixed. [RT #39845]
+
+4141. [bug] A formatting bug caused rndc zonestatus to print
+ negative numbers for large serial values. This has
+ now been fixed. [RT #39854]
+
+4140. [cleanup] Remove redundant nzf_remove() call during delzone.
+ [RT #39844]
+
+4139. [doc] Fix rpz-client-ip documentation. [RT #39783]
+
+4138. [security] An uninitialized value in validator.c could result
+ in an assertion failure. (CVE-2015-4620) [RT #39795]
+
+4137. [bug] Make rndc reconfig report configuration errors the
+ same way rndc reload does. [RT #39635]
+
+4136. [bug] Stale statistics counters with the leading
+ '#' prefix (such as #NXDOMAIN) were not being
+ updated correctly. This has been fixed. [RT #39141]
+
+4135. [cleanup] Log expired NTA at startup. [RT #39680]
+
+4134. [cleanup] Include client-ip rules when logging the number
+ of RPZ rules of each type. [RT #39670]
+
+4133. [port] Update how various json libraries are handled.
+ [RT #39646]
+
+4132. [cleanup] dig: added +rd as a synonym for +recurse,
+ added +class as an unabbreviated alternative
+ to +cl. [RT #39686]
+
+4131. [bug] Addressed further problems with reloading RPZ
+ zones. [RT #39649]
+
+4130. [bug] The compatibility shim for *printf() misprinted some
+ large numbers. [RT #39586]
+
+4129. [port] Address API changes in OpenSSL 1.1.0. [RT #39532]
+
+4128. [bug] Address issues raised by Coverity 7.6. [RT #39537]
+
+4127. [protocol] CDS and CDNSKEY need to be signed by the key signing
+ key as per RFC 7344, Section 4.1. [RT #37215]
+
+4126. [bug] Addressed a regression introduced in change #4121.
+ [RT #39611]
+
+4125. [test] Added tests for dig, renamed delv test to digdelv.
+ [RT #39490]
+
+4124. [func] Log errors or warnings encountered when parsing the
+ internal default configuration. Clarify the logging
+ of errors and warnings encountered in rndc
+ addzone or modzone parameters. [RT #39440]
+
+4123. [port] Added %z (size_t) format options to the portable
+ internal printf/sprintf implementation. [RT #39586]
+
+4122. [bug] The server could match a shorter prefix than what was
+ available in CLIENT-IP policy triggers, and so, an
+ unexpected action could be taken. This has been
+ corrected. [RT #39481]
+
+4121. [bug] On servers with one or more policy zones
+ configured as slaves, if a policy zone updated
+ during regular operation (rather than at
+ startup) using a full zone reload, such as via
+ AXFR, a bug could allow the RPZ summary data to
+ fall out of sync, potentially leading to an
+ assertion failure in rpz.c when further
+ incremental updates were made to the zone, such
+ as via IXFR. [RT #39567]
+
+4120. [bug] A bug in RPZ could cause the server to crash if
+ policy zones were updated while recursion was
+ pending for RPZ processing of an active query.
+ [RT #39415]
+
+4119. [test] Allow dig to set the message opcode. [RT #39550]
+
+4118. [bug] Teach isc-config.sh about irs. [RT #39213]
+
+4117. [protocol] Add EMPTY.AS112.ARPA as per RFC 7534.
+
+4116. [bug] Fix a bug in RPZ that could cause some policy
+ zones that did not specifically require
+ recursion to be treated as if they did;
+ consequently, setting qname-wait-recurse no; was
+ sometimes ineffective. [RT #39229]
+
+4115. [func] "rndc -r" now prints the result code (e.g.,
+ ISC_R_SUCCESS, ISC_R_TIMEOUT, etc) after
+ running the requested command. [RT #38913]
+
+4114. [bug] Fix a regression in radix tree implementation
+ introduced by ECS code. This bug was never
+ released, but it was reported by a user testing
+ master. [RT #38983]
+
+4113. [test] Check for Net::DNS is some system test
+ prerequisites. [RT #39369]
+
+4112. [bug] Named failed to load when "root-delegation-only"
+ was used without a list of domains to exclude.
+ [RT #39380]
+
+4111. [doc] Alphabetize rndc man page. [RT #39360]
+
+4110. [bug] Address memory leaks / null pointer dereferences
+ on out of memory. [RT #39310]
+
+4109. [port] linux: support reading the local port range from
+ net.ipv4.ip_local_port_range. [RT # 39379]
+
+4108. [func] An additional NXDOMAIN redirect method (option
+ "nxdomain-redirect") has been added, allowing
+ redirection to a specified DNS namespace instead
+ of a single redirect zone. [RT #37989]
+
+4107. [bug] Address potential deadlock when updating zone content.
+ [RT #39269]
+
+4106. [port] Improve readline support. [RT #38938]
+
+4105. [port] Misc fixes for Microsoft Visual Studio
+ 2015 CTP6 in 64 bit mode. [RT #39308]
+
+4104. [bug] Address uninitialized elements. [RT #39252]
+
+4103. [port] Misc fixes for Microsoft Visual Studio
+ 2015 CTP6. [RT #39267]
+
+4102. [bug] Fix a use after free bug introduced in change
+ #4094. [RT #39281]
+
+4101. [bug] dig: the +split and +rrcomments options didn't
+ work with +short. [RT #39291]
+
+4100. [bug] Inherited owernames on the line immediately following
+ a $INCLUDE were not working. [RT #39268]
+
+4099. [port] clang: make unknown commandline options hard errors
+ when determining what options are supported.
+ [RT #39273]
+
+4098. [bug] Address use-after-free issue when using a
+ predecessor key with dnssec-settime. [RT #39272]
+
+4097. [func] Add additional logging about xfrin transfer status.
+ [RT #39170]
+
+4096. [bug] Fix a use after free of query->sendevent.
+ [RT #39132]
+
+4095. [bug] zone->options2 was not being properly initialized.
+ [RT #39228]
+
+4094. [bug] A race during shutdown or reconfiguration could
+ cause an assertion in mem.c. [RT #38979]
+
+4093. [func] Dig now learns the SIT value from truncated
+ responses when it retries over TCP. [RT #39047]
+
+4092. [bug] 'in-view' didn't work for zones beneath a empty zone.
+ [RT #39173]
+
+4091. [cleanup] Some cleanups in isc mem code. [RT #38896]
+
+4090. [bug] Fix a crash while parsing malformed CAA RRs in
+ presentation format, i.e., from text such as
+ from master files. Thanks to John Van de
+ Meulebrouck Brendgard for discovering and
+ reporting this problem. [RT #39003]
+
+4089. [bug] Send notifies immediately for slave zones during
+ startup. [RT #38843]
+
+4088. [port] Fixed errors when building with libressl. [RT #38899]
+
+4087. [bug] Fix a crash due to use-after-free due to sequencing
+ of tasks actions. [RT #38495]
+
+4086. [bug] Fix out-of-srcdir build with native pkcs11. [RT #38831]
+
+4085. [bug] ISC_PLATFORM_HAVEXADDQ could be inconsistently set.
+ [RT #38828]
+
+4084. [bug] Fix a possible race in updating stats counters.
+ [RT #38826]
+
+4083. [cleanup] Print the number of CPUs and UDP listeners
+ consistently in the log and in "rndc status"
+ output; indicate whether threads are supported
+ in "named -V" output. [RT #38811]
+
+4082. [bug] Incrementally sign large inline zone deltas.
+ [RT #37927]
+
+4081. [cleanup] Use dns_rdatalist_init consistently. [RT #38759]
+
+4080. [func] Completed change #4022, adding a "lock-file" option
+ to named.conf to override the default lock file,
+ in addition to the "named -X <filename>" command
+ line option. Setting the lock file to "none"
+ using either method disables the check completely.
+ [RT #37908]
+
+4079. [func] Preserve the case of the owner name of records to
+ the RRset level. [RT #37442]
+
+4078. [bug] Handle the case where CMSG_SPACE(sizeof(int)) !=
+ CMSG_SPACE(sizeof(char)). [RT #38621]
+
+4077. [test] Add static-stub regression test for DS NXDOMAIN
+ return making the static stub disappear. [RT #38564]
+
+4076. [bug] Named could crash on shutdown with outstanding
+ reload / reconfig events. [RT #38622]
+
+4075. [placeholder]
+
+4074. [cleanup] Cleaned up more warnings from gcc -Wshadow. [RT #38708]
+
+4073. [cleanup] Add libjson-c version number reporting to
+ "named -V"; normalize version number formatting.
+ [RT #38056]
+
+4072. [func] Add a --enable-querytrace configure switch for
+ very verbose query trace logging. (This option
+ has a negative performance impact and should be
+ used only for debugging.) [RT #37520]
+
+4071. [cleanup] Initialize pthread mutex attrs just once, instead of
+ doing it per mutex creation. [RT #38547]
+
+4070. [bug] Fix a segfault in nslookup in a query such as
+ "nslookup isc.org AMS.SNS-PB.ISC.ORG -all".
+ [RT #38548]
+
+4069. [doc] Reorganize options in the nsupdate man page.
+ [RT #38515]
+
+4068. [bug] Omit unknown serial number from JSON zone statistics.
+ [RT #38604]
+
+4067. [cleanup] Reduce noise from RRL when query logging is
+ disabled. [RT #38648]
+
+4066. [doc] Reorganize options in the dig man page. [RT #38516]
+
+4065. [test] Additional RFC 5011 tests. [RT #38569]
+
+4064. [contrib] dnssec-keyset.sh: Generates a specified number
+ of DNSSEC keys with timing set to implement a
+ pre-publication key rollover strategy. Thanks
+ to Jeffry A. Spain. [RT #38459]
+
+4063. [bug] Asynchronous zone loads were not handled
+ correctly when the zone load was already in
+ progress; this could trigger a crash in zt.c.
+ [RT #37573]
+
+4062. [bug] Fix an out-of-bounds read in RPZ code. If the
+ read succeeded, it doesn't result in a bug
+ during operation. If the read failed, named
+ could segfault. [RT #38559]
+
+4061. [bug] Handle timeout in legacy system test. [RT #38573]
+
+4060. [bug] dns_rdata_freestruct could be called on a
+ uninitialized structure when handling a error.
+ [RT #38568]
+
+4059. [bug] Addressed valgrind warnings. [RT #38549]
+
+4058. [bug] UDP dispatches could use the wrong pseudorandom
+ number generator context. [RT #38578]
+
+4057. [bug] 'dnssec-dsfromkey -T 0' failed to add ttl field.
+ [RT #38565]
+
+4056. [bug] Expanded automatic testing of trust anchor
+ management and fixed several small bugs including
+ a memory leak and a possible loss of key state
+ information. [RT #38458]
+
+4055. [func] "rndc managed-keys" can be used to check status
+ of trust anchors or to force keys to be refreshed,
+ Also, the managed keys data file has easier-to-read
+ comments. [RT #38458]
+
+4054. [func] Added a new tool 'mdig', a lightweight clone of
+ dig able to send multiple pipelined queries.
+ [RT #38261]
+
+4053. [security] Revoking a managed trust anchor and supplying
+ an untrusted replacement could cause named
+ to crash with an assertion failure.
+ (CVE-2015-1349) [RT #38344]
+
+4052. [bug] Fix a leak of query fetchlock. [RT #38454]
+
+4051. [bug] Fix a leak of pthread_mutexattr_t. [RT #38454]
+
+4050. [bug] RPZ could send spurious SERVFAILs in response
+ to duplicate queries. [RT #38510]
+
+4049. [bug] CDS and CDNSKEY had the wrong attributes. [RT #38491]
+
+4048. [bug] adb hash table was not being grown. [RT #38470]
+
+4047. [cleanup] "named -V" now reports the current running versions
+ of OpenSSL and the libxml2 libraries, in addition to
+ the versions that were in use at build time.
+
+4046. [bug] Accounting of "total use" in memory context
+ statistics was not correct. [RT #38370]
+
+4045. [bug] Skip to next master on dns_request_createvia4 failure.
+ [RT #25185]
+
+4044. [bug] Change 3955 was not complete, resulting in an assertion
+ failure if the timing was just right. [RT #38352]
+
+4043. [func] "rndc modzone" can be used to modify the
+ configuration of an existing zone, using similar
+ syntax to "rndc addzone". [RT #37895]
+
+4042. [bug] zone.c:iszonesecure was being called too late.
+ [RT #38371]
+
+4041. [func] TCP sockets can now be shared while connecting.
+ (This will be used to enable client-side support
+ of pipelined queries.) [RT #38231]
+
+4040. [func] Added server-side support for pipelined TCP
+ queries. Clients may continue sending queries via
+ TCP while previous queries are being processed
+ in parallel. (The new "keep-response-order"
+ option allows clients to be specified for which
+ the old behavior will still be used.) [RT #37821]
+
+4039. [cleanup] Cleaned up warnings from gcc -Wshadow. [RT #37381]
+
+4038. [bug] Add 'rpz' flag to node and use it to determine whether
+ to call dns_rpz_delete. This should prevent unbalanced
+ add / delete calls. [RT #36888]
+
+4037. [bug] also-notify was ignoring the tsig key when checking
+ for duplicates resulting in some expected notify
+ messages not being sent. [RT #38369]
+
+4036. [bug] Make call to open a temporary file name safe during
+ NZF creation. [RT #38331]
+
+4035. [bug] Close temporary and NZF FILE pointers before moving
+ the former into the latter's place, as required on
+ Windows. [RT #38332]
+
+4034. [func] When added, negative trust anchors (NTA) are now
+ saved to files (viewname.nta), in order to
+ persist across restarts of the named server.
+ [RT #37087]
+
+4033. [bug] Missing out of memory check in request.c:req_send.
+ [RT #38311]
+
+4032. [bug] Built-in "empty" zones did not correctly inherit the
+ "allow-transfer" ACL from the options or view.
+ [RT #38310]
+
+4031. [bug] named-checkconf -z failed to report a missing file
+ with a hint zone. [RT #38294]
+
+4030. [func] "rndc delzone" is now applicable to zones that were
+ configured in named.conf, as well as zones that
+ were added via "rndc addzone". (Note, however, that
+ if named.conf is not also modified, the deleted zone
+ will return when named is reloaded.) [RT #37887]
+
+4029. [func] "rndc showzone" displays the current configuration
+ of a specified zone. [RT #37887]
+
+4028. [bug] $GENERATE with a zero step was not being caught as a
+ error. A $GENERATE with a / but no step was not being
+ caught as a error. [RT #38262]
+
+4027. [port] Net::DNS 0.81 compatibility. [RT #38165]
+
+4026. [bug] Fix RFC 3658 reference in dig +sigchase. [RT #38173]
+
+4025. [port] bsdi: failed to build. [RT #38047]
+
+4024. [bug] dns_rdata_opt_first, dns_rdata_opt_next,
+ dns_rdata_opt_current, dns_rdata_txt_first,
+ dns_rdata_txt_next and dns_rdata_txt_current were
+ documented but not implemented. These have now been
+ implemented.
+
+ dns_rdata_spf_first, dns_rdata_spf_next and
+ dns_rdata_spf_current were documented but not
+ implemented. The prototypes for these
+ functions have been removed. [RT #38068]
+
+4023. [bug] win32: socket handling with explicit ports and
+ invoking named with -4 was broken for some
+ configurations. [RT #38068]
+
+4022. [func] Stop multiple spawns of named by limiting number of
+ processes to 1. This is done by using a lockfile and
+ checking whether we can listen on any configured
+ TCP interfaces. [RT #37908]
+
+4021. [bug] Adjust max-recursion-queries to accommodate
+ the need for more queries when the cache is
+ empty. [RT #38104]
+
+4020. [bug] Change 3736 broke nsupdate's SOA MNAME discovery
+ resulting in updates being sent to the wrong server.
+ [RT #37925]
+
+4019. [func] If named is not configured to validate the answer
+ then allow fallback to plain DNS on timeout even
+ when we know the server supports EDNS. [RT #37978]
+
+4018. [placeholder]
+
+4017. [test] Add system test to check lookups to legacy servers
+ with broken DNS behavior. [RT #37965]
+
+4016. [bug] Fix a dig segfault due to bad linked list usage.
+ [RT #37591]
+
+4015. [bug] Nameservers that are skipped due to them being
+ CNAMEs were not being logged. They are now logged
+ to category 'cname' as per BIND 8. [RT #37935]
+
+4014. [bug] When including a master file origin_changed was
+ not being properly set leading to a potentially
+ spurious 'inherited owner' warning. [RT #37919]
+
+4013. [func] Add a new tcp-only option to server (config) /
+ peer (struct) to use TCP transport to send
+ queries (in place of UDP transport with a
+ TCP fallback on truncated (TC set) response).
+ [RT #37800]
+
+4012. [cleanup] Check returned status of OpenSSL digest and HMAC
+ functions when they return one. Note this applies
+ only to FIPS capable OpenSSL libraries put in
+ FIPS mode and MD5. [RT #37944]
+
+4011. [bug] master's list port and dscp inheritance was not
+ properly implemented. [RT #37792]
+
+4010. [cleanup] Clear the prefetchable state when initiating a
+ prefetch. [RT #37399]
+
+4009. [func] delv: added a +tcp option. [RT #37855]
+
+4008. [contrib] Updated zkt to latest version (1.1.3). [RT #37886]
+
+4007. [doc] Remove acl forward reference restriction. [RT #37772]
+
+4006. [security] A flaw in delegation handling could be exploited
+ to put named into an infinite loop. This has
+ been addressed by placing limits on the number
+ of levels of recursion named will allow (default 7),
+ and the number of iterative queries that it will
+ send (default 50) before terminating a recursive
+ query (CVE-2014-8500).
+
+ The recursion depth limit is configured via the
+ "max-recursion-depth" option, and the query limit
+ via the "max-recursion-queries" option. [RT #37580]
+
+4005. [func] The buffer used for returning text from rndc
+ commands is now dynamically resizable, allowing
+ arbitrarily large amounts of text to be sent back
+ to the client. (Prior to this change, it was
+ possible for the output of "rndc tsig-list" to be
+ truncated.) [RT #37731]
+
+4004. [bug] When delegations had AAAA glue but not A, a
+ reference could be leaked causing an assertion
+ failure on shutdown. [RT #37796]
+
+4003. [security] When geoip-directory was reconfigured during
+ named run-time, the previously loaded GeoIP
+ data could remain, potentially causing wrong
+ ACLs to be used or wrong results to be served
+ based on geolocation (CVE-2014-8680). [RT #37720]
+
+4002. [security] Lookups in GeoIP databases that were not
+ loaded could cause an assertion failure
+ (CVE-2014-8680). [RT #37679]
+
+4001. [security] The caching of GeoIP lookups did not always
+ handle address families correctly, potentially
+ resulting in an assertion failure (CVE-2014-8680).
+ [RT #37672]
+
+4000. [bug] NXDOMAIN redirection incorrectly handled NXRRSET
+ from the redirect zone. [RT #37722]
+
+3999. [func] "mkeys" and "nzf" files are now named after
+ their corresponding views, unless the view name
+ contains characters that would be incompatible
+ with use in a filename (i.e., slash, backslash,
+ or capital letters). If a view name does contain
+ these characters, the files will still be named
+ using a cryptographic hash of the view name.
+ Regardless of this, if a file using the old name
+ format is found to exist, it will continue to be
+ used. [RT #37704]
+
+3998. [bug] isc_radix_search was returning matches that were
+ too precise. [RT #37680]
+
+3997. [protocol] Add OPENGPGKEY record. [RT# 37671]
+
+3996. [bug] Address use after free on out of memory error in
+ keyring_add. [RT #37639]
+
+3995. [bug] receive_secure_serial holds the zone lock for too
+ long. [RT #37626]
+
+3994. [func] Dig now supports setting the last unassigned DNS
+ header flag bit (dig +zflag). [RT #37421]
+
+3993. [func] Dig now supports EDNS negotiation by default.
+ (dig +[no]ednsnegotiation).
+
+ Note: This is disabled by default in BIND 9.10
+ and enabled by default in BIND 9.11. [RT #37604]
+
+3992. [func] DiG can now send queries without questions
+ (dig +header-only). [RT #37599]
+
+3991. [func] Add the ability to buffer logging output by specifying
+ "buffered yes;" when defining a channel. [RT #26561]
+
+3990. [test] Add tests for unknown DNSSEC algorithm handling.
+ [RT #37541]
+
+3989. [cleanup] Remove redundant dns_db_resigned calls. [RT #35748]
+
+3988. [func] Allow the zone serial of a dynamically updatable
+ zone to be updated via "rndc signing -serial".
+ [RT #37404]
+
+3987. [port] Handle future Visual Studio 14 incompatible changes.
+ [RT #37380]
+
+3986. [doc] Add the BIND version number to page footers
+ in the ARM. [RT #37398]
+
+3985. [doc] Describe how +ndots and +search interact in dig.
+ [RT #37529]
+
+3984. [func] Accept 256 byte long PINs in native PKCS#11
+ crypto. [RT #37410]
+
+3983. [bug] Change #3940 was incomplete: negative trust anchors
+ could be set to last up to a week, but the
+ "nta-lifetime" and "nta-recheck" options were
+ still limited to one day. [RT #37522]
+
+3982. [doc] Include release notes in product documentation.
+ [RT #37272]
+
+3981. [bug] Cache DS/NXDOMAIN independently of other query types.
+ [RT #37467]
+
+3980. [bug] Improve --with-tuning=large by self tuning of SO_RCVBUF
+ size. [RT #37187]
+
+3979. [bug] Negative trust anchor fetches were not properly
+ managed. [RT #37488]
+
+3978. [test] Added a unit test for Diffie-Hellman key
+ computation, completing change #3974. [RT #37477]
+
+3977. [cleanup] "rndc secroots" reported a "not found" error when
+ there were no negative trust anchors set. [RT #37506]
+
+3976. [bug] When refreshing managed-key trust anchors, clear
+ any cached trust so that they will always be
+ revalidated with the current set of secure
+ roots. [RT #37506]
+
+3975. [bug] Don't populate or use the bad cache for queries that
+ don't request or use recursion. [RT #37466]
+
+3974. [bug] Handle DH_compute_key() failure correctly in
+ openssldh_link.c. [RT #37477]
+
+3973. [test] Added hooks for Google Performance Tools CPU profiler,
+ including real-time/wall-clock profiling. Use
+ "configure --with-gperftools-profiler" to enable.
+ [RT #37339]
+
+3972. [bug] Fix host's usage statement. [RT #37397]
+
+3971. [bug] Reduce the cascading failures due to a bad $TTL line
+ in named-checkconf / named-checkzone. [RT #37138]
+
+3970. [contrib] Fixed a use after free bug in the SDB LDAP driver.
+ [RT #37237]
+
+3969. [test] Added 'delv' system test. [RT #36901]
+
+3968. [bug] Silence spurious log messages when using 'named -[46]'.
+ [RT #37308]
+
+3967. [test] Add test for inlined signed zone in multiple views
+ with different DNSKEY sets. [RT #35759]
+
+3966. [bug] Missing dns_db_closeversion call in receive_secure_db.
+ [RT #35746]
+
+3965. [func] Log outgoing packets and improve packet logging to
+ support logging the remote address. [RT #36624]
+
+3964. [func] nsupdate now performs check-names processing.
+ [RT #36266]
+
+3963. [test] Added NXRRSET test cases to the "dlzexternal"
+ system test. [RT #37344]
+
+3962. [bug] 'dig +topdown +trace +sigchase' address unhandled error
+ conditions. [RT #34663]
+
+3961. [bug] Forwarding of SIG(0) signed UPDATE messages failed with
+ BADSIG. [RT #37216]
+
+3960. [bug] 'dig +sigchase' could loop forever. [RT #37220]
+
+3959. [bug] Updates could be lost if they arrived immediately
+ after a rndc thaw. [RT #37233]
+
+3958. [bug] Detect when writeable files have multiple references
+ in named.conf. [RT #37172]
+
+3957. [bug] "dnssec-keygen -S" failed for ECCGOST, ECDSAP256SHA256
+ and ECDSAP384SHA384. [RT #37183]
+
+3956. [func] Notify messages are now rate limited by notify-rate and
+ startup-notify-rate instead of serial-query-rate.
+ [RT #24454]
+
+3955. [bug] Notify messages due to changes are no longer queued
+ behind startup notify messages. [RT #24454]
+
+3954. [bug] Unchecked mutex init in dlz_dlopen_driver.c [RT #37112]
+
+3953. [bug] Don't escape semi-colon in TXT fields. [RT #37159]
+
+3952. [bug] dns_name_fullcompare failed to set *nlabelsp when the
+ two name pointers were the same. [RT #37176]
+
+3951. [func] Add the ability to set yet-to-be-defined EDNS flags
+ to dig (+ednsflags=#). [RT #37142]
+
+3950. [port] Changed the bin/python Makefile to work around a
+ bmake bug in FreeBSD 10 and NetBSD 6. [RT #36993]
+
+3949. [experimental] Experimental support for draft-andrews-edns1 by sending
+ EDNS(1) queries (define DRAFT_ANDREWS_EDNS1 when
+ building). Add support for limiting the EDNS version
+ advertised to servers: server { edns-version 0; };
+ Log the EDNS version received in the query log.
+ [RT #35864]
+
+3948. [port] solaris: RCVBUFSIZE was too large on Solaris with
+ --with-tuning=large. [RT #37059]
+
+3947. [cleanup] Set the executable bit on libraries when using
+ libtool. [RT #36786]
+
+3946. [cleanup] Improved "configure" search for a python interpreter.
+ [RT #36992]
+
+3945. [bug] Invalid wildcard expansions could be incorrectly
+ accepted by the validator. [RT #37093]
+
+3944. [test] Added a regression test for "server-id". [RT #37057]
+
+3943. [func] SERVFAIL responses can now be cached for a
+ limited time (configured by "servfail-ttl",
+ default 10 seconds, limit 30). This can reduce
+ the frequency of retries when an authoritative
+ server is known to be failing, e.g., due to
+ ongoing DNSSEC validation problems. [RT #21347]
+
+3942. [bug] Wildcard responses from a optout range should be
+ marked as insecure. [RT #37072]
+
+3941. [doc] Include the BIND version number in the ARM. [RT #37067]
+
+3940. [func] "rndc nta" now allows negative trust anchors to be
+ set for up to one week. [RT #37069]
+
+3939. [func] Improve UPDATE forwarding performance by allowing TCP
+ connections to be shared. [RT #37039]
+
+3938. [func] Added quotas to be used in recursive resolvers
+ that are under high query load for names in zones
+ whose authoritative servers are nonresponsive or
+ are experiencing a denial of service attack.
+
+ - "fetches-per-server" limits the number of
+ simultaneous queries that can be sent to any
+ single authoritative server. The configured
+ value is a starting point; it is automatically
+ adjusted downward if the server is partially or
+ completely non-responsive. The algorithm used to
+ adjust the quota can be configured via the
+ "fetch-quota-params" option.
+ - "fetches-per-zone" limits the number of
+ simultaneous queries that can be sent for names
+ within a single domain. (Note: Unlike
+ "fetches-per-server", this value is not
+ self-tuning.)
+ - New stats counters have been added to count
+ queries spilled due to these quotas.
+
+ See the ARM for details of these options. [RT #37125]
+
+3937. [func] Added some debug logging to better indicate the
+ conditions causing SERVFAILs when resolving.
+ [RT #35538]
+
+3936. [func] Added authoritative support for the EDNS Client
+ Subnet (ECS) option.
+
+ ACLs can now include "ecs" elements which specify
+ an address or network prefix; if an ECS option is
+ included in a DNS query, then the address encoded
+ in the option will be matched against "ecs" ACL
+ elements.
+
+ Also, if an ECS address is included in a query,
+ then it will be used instead of the client source
+ address when matching "geoip" ACL elements. This
+ behavior can be overridden with "geoip-use-ecs no;".
+ (Note: to enable "geoip" ACLs, use "configure
+ --with-geoip". This requires libGeoIP version
+ 1.5.0 or higher.)
+
+ When "ecs" or "geoip" ACL elements are used to
+ select a view for a query, the response will include
+ an ECS option to indicate which client network the
+ answer is valid for.
+
+ (Thanks to Vincent Bernat.) [RT #36781]
+
+3935. [bug] "geoip asnum" ACL elements would not match unless
+ the full organization name was specified. They
+ can now match against the AS number alone (e.g.,
+ AS1234). [RT #36945]
+
+3934. [bug] Catch bad 'sit-secret' in named-checkconf. Improve
+ sit-secret documentation. [RT #36980]
+
+3933. [bug] Corrected the implementation of dns_rdata_casecompare()
+ for the HIP rdata type. [RT #36911]
+
+3932. [test] Improved named-checkconf tests. [RT #36911]
+
+3931. [cleanup] Cleanup how dlz grammar is defined. [RT #36879]
+
+3930. [bug] "rndc nta -r" could cause a server hang if the
+ NTA was not found. [RT #36909]
+
+3929. [bug] 'host -a' needed to clear idnoptions. [RT #36963]
+
+3928. [test] Improve rndc system test. [RT #36898]
+
+3927. [bug] dig: report PKCS#11 error codes correctly when
+ compiled with --enable-native-pkcs11. [RT #36956]
+
+3926. [doc] Added doc for geoip-directory. [RT #36877]
+
+3925. [bug] DS lookup of RFC 1918 empty zones failed. [RT #36917]
+
+3924. [bug] Improve 'rndc addzone' error reporting. [RT #35187]
+
+3923. [bug] Sanity check the xml2-config output. [RT #22246]
+
+3922. [bug] When resigning, dnssec-signzone was removing
+ all signatures from delegation nodes. It now
+ retains DS and (if applicable) NSEC signatures.
+ [RT #36946]
+
+3921. [bug] AD was inappropriately set on RPZ responses. [RT #36833]
+
+3920. [doc] Added doc for masterfile-style. [RT #36823]
+
+3919. [bug] dig: continue to next line if a address lookup fails
+ in batch mode. [RT #36755]
+
+3918. [doc] Update check-spf documentation. [RT #36910]
+
+3917. [bug] dig, nslookup and host now continue on names that are
+ too long after applying a search list elements.
+ [RT #36892]
+
+3916. [contrib] zone2sqlite checked wrong result code. Address
+ compiler warnings. [RT #36931]
+
+3915. [bug] Address a assertion if a route event arrived while
+ shutting down. [RT #36887]
+
+3914. [bug] Allow the URI target and CAA value fields to
+ be zero length. [RT #36737]
+
+3913. [bug] Address race issue in dispatch. [RT #36731]
+
+3912. [bug] Address some unrecoverable lookup failures. [RT #36330]
+
+3911. [func] Implement EDNS EXPIRE option client side, allowing
+ a slave server to set the expiration timer correctly
+ when transferring zone data from another slave
+ server. [RT #35925]
+
+3910. [bug] Fix races to free event during shutdown. [RT #36720]
+
+3909. [bug] When computing the number of elements required for a
+ acl count_acl_elements could have a short count leading
+ to a assertion failure. Also zero out new acl elements
+ in dns_acl_merge. [RT #36675]
+
+3908. [bug] rndc now differentiates between a zone in multiple
+ views and a zone that doesn't exist at all. [RT #36691]
+
+3907. [cleanup] Alphabetize rndc help. [RT #36683]
+
+3906. [protocol] Update URI record format to comply with
+ draft-faltstrom-uri-08. [RT #36642]
+
+3905. [bug] Address deadlock between view.c and adb.c. [RT #36341]
+
+3904. [func] Add the RPZ SOA to the additional section. [RT36507]
+
+3903. [bug] Improve the accuracy of DiG's reported round trip
+ time. [RT 36611]
+
+3902. [bug] liblwres wasn't handling link-local addresses in
+ nameserver clauses in resolv.conf. [RT #36039]
+
+3901. [protocol] Added support for CAA record type (RFC 6844).
+ [RT #36625]
+
+3900. [bug] Fix a crash in PostgreSQL DLZ driver. [RT #36637]
+
+3899. [bug] "request-ixfr" is only applicable to slave and redirect
+ zones. [RT #36608]
+
+3898. [bug] Too small a buffer in tohexstr() calls in test code.
+ [RT #36598]
+
+3897. [bug] RPZ summary information was not properly being updated
+ after a AXFR resulting in changes sometimes being
+ ignored. [RT #35885]
+
+3896. [bug] Address performance issues with DSCP code on some
+ platforms. [RT #36534]
+
+3895. [func] Add the ability to set the DSCP code point to dig.
+ [RT #36546]
+
+3894. [bug] Buffers in isc_print_vsnprintf were not properly
+ initialized leading to potential overflows when
+ printing out quad values. [RT #36505]
+
+3893. [bug] Peer DSCP values could be returned without being set.
+ [RT #36538]
+
+3892. [bug] Setting '-t aaaa' in .digrc had unintended side
+ effects. [RT #36452]
+
+3891. [bug] Use ${INSTALL_SCRIPT} rather than ${INSTALL_PROGRAM}
+ to install python programs.
+
+3890. [bug] RRSIG sets that were not loaded in a single transaction
+ at start up where not being correctly added to
+ re-signing heaps. [RT #36302]
+
+3889. [port] hurd: configure fixes as per:
+ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746540
+
+3888. [func] 'rndc status' now reports the number of automatic
+ zones. [RT #36015]
+
+3887. [cleanup] Make all static symbols in rbtdb64 end in "64" so
+ they are easier to use in a debugger. [RT #36373]
+
+3886. [bug] rbtdb_write_header should use a once to initialize
+ FILE_VERSION. [RT #36374]
+
+3885. [port] Use 'open()' rather than 'file()' to open files in
+ python.
+
+3884. [protocol] Add CDS and CDNSKEY record types. [RT #36333]
+
+3883. [placeholder]
+
+3882. [func] By default, negative trust anchors will be tested
+ periodically to see whether data below them can be
+ validated, and if so, they will be allowed to
+ expire early. The "rndc nta -force" option
+ overrides this behavior. The default NTA lifetime
+ and the recheck frequency can be configured by the
+ "nta-lifetime" and "nta-recheck" options. [RT #36146]
+
+3881. [bug] Address memory leak with UPDATE error handling.
+ [RT #36303]
+
+3880. [test] Update ans.pl to work with new TSIG support in
+ Net::DNS; add additional Net::DNS version prerequisite
+ checks. [RT #36327]
+
+3879. [func] Add version printing option to various BIND utilities.
+ [RT #10686]
+
+3878. [bug] Using the incorrect filename for a DLZ module
+ caused a segmentation fault on startup. [RT #36286]
+
+3877. [bug] Inserting and deleting parent and child nodes
+ in response policy zones could trigger an assertion
+ failure. [RT #36272]
+
+3876. [bug] Improve efficiency of DLZ redirect zones by
+ suppressing unnecessary database lookups. [RT #35835]
+
+3875. [cleanup] Clarify log message when unable to read private
+ key files. [RT #24702]
+
+3874. [test] Check that only "check-names master" is needed for
+ updates to be accepted.
+
+3873. [protocol] Only warn for SPF without TXT spf record. [RT #36210]
+
+3872. [bug] Address issues found by static analysis. [RT #36209]
+
+3871. [bug] Don't publish an activated key automatically before
+ its publish time. [RT #35063]
+
+3870. [func] Updated the random number generator used in
+ the resolver to use the updated ChaCha based one
+ (similar to OpenBSD's changes). Also moved the
+ RNG to libisc and added unit tests for it.
+ [RT #35942]
+
+3869. [doc] Document that in-view zones cannot be used for
+ response policy zones. [RT #35941]
+
+3868. [bug] isc_mem_setwater incorrectly cleared hi_called
+ potentially leaving over memory cleaner running.
+ [RT #35270]
+
+3867. [func] "rndc nta" can now be used to set a temporary
+ negative trust anchor, which disables DNSSEC
+ validation below a specified name for a specified
+ period of time (not exceeding 24 hours). This
+ can be used when validation for a domain is known
+ to be failing due to a configuration error on
+ the part of the domain owner rather than a
+ spoofing attack. [RT #29358]
+
+3866. [bug] Named could die on disk full in generate_session_key.
+ [RT #36119]
+
+3865. [test] Improved testability of the red-black tree
+ implementation and added unit tests. [RT #35904]
+
+3864. [bug] RPZ didn't work well when being used as forwarder.
+ [RT #36060]
+
+3863. [bug] The "E" flag was missing from the query log as a
+ unintended side effect of code rearrangement to
+ support EDNS EXPIRE. [RT #36117]
+
+3862. [cleanup] Return immediately if we are not going to log the
+ message in ns_client_dumpmessage.
+
+3861. [security] Missing isc_buffer_availablelength check results
+ in a REQUIRE assertion when printing out a packet
+ (CVE-2014-3859). [RT #36078]
+
+3860. [bug] ioctl(DP_POLL) array size needs to be determined
+ at run time as it is limited to {OPEN_MAX}.
+ [RT #35878]
+
+3859. [placeholder]
+
+3858. [bug] Disable GCC 4.9 "delete null pointer check".
+ [RT #35968]
+
+3857. [bug] Make it harder for a incorrect NOEDNS classification
+ to be made. [RT #36020]
+
+3856. [bug] Configuring libjson without also configuring libxml
+ resulted in a REQUIRE assertion when retrieving
+ statistics using json. [RT #36009]
+
+3855. [bug] Limit smoothed round trip time aging to no more than
+ once a second. [RT #32909]
+
+3854. [cleanup] Report unrecognized options, if any, in the final
+ configure summary. [RT #36014]
+
+3853. [cleanup] Refactor dns_rdataslab_fromrdataset to separate out
+ the handling of a rdataset with no records. [RT #35968]
+
+3852. [func] Increase the default number of clients available
+ for servicing lightweight resolver queries, and
+ make them configurable via the "lwres-tasks" and
+ "lwres-clients" options. (Thanks to Tomas Hozza.)
+ [RT #35857]
+
+3851. [func] Allow libseccomp based system-call filtering
+ on Linux; use "configure --enable-seccomp" to
+ turn it on. Thanks to Loganaden Velvindron
+ of AFRINIC for the contribution. [RT #35347]
+
+3850. [bug] Disabling forwarding could trigger a REQUIRE assertion.
+ [RT #35979]
+
+3849. [doc] Alphabetized dig's +options. [RT #35992]
+
+3848. [bug] Adjust 'statistics-channels specified but not effective'
+ error message to account for JSON support. [RT #36008]
+
+3847. [bug] 'configure --with-dlz-postgres' failed to fail when
+ there is not support available.
+
+3846. [bug] "dig +notcp ixfr=<serial>" should result in a UDP
+ ixfr query. [RT #35980]
+
+3845. [placeholder]
+
+3844. [bug] Use the x64 version of the Microsoft Visual C++
+ Redistributable when built for 64 bit Windows.
+ [RT #35973]
+
+3843. [protocol] Check EDNS EXPIRE option in dns_rdata_fromwire.
+ [RT #35969]
+
+3842. [bug] Adjust RRL log-only logging category. [RT #35945]
+
+3841. [cleanup] Refactor zone.c:add_opt to use dns_message_buildopt.
+ [RT #35924]
+
+3840. [port] Check for arc4random_addrandom() before using it;
+ it's been removed from OpenBSD 5.5. [RT #35907]
+
+3839. [test] Use only posix-compatible shell in system tests.
+ [RT #35625]
+
+3838. [protocol] EDNS EXPIRE as been assigned a code point of 9.
+
+3837. [security] A NULL pointer is passed to query_prefetch resulting
+ a REQUIRE assertion failure when a fetch is actually
+ initiated (CVE-2014-3214). [RT #35899]
+
+3836. [bug] Address C++ keyword usage in header file.
+
+3835. [bug] Geoip ACL elements didn't work correctly when
+ referenced via named or nested ACLs. [RT #35879]
+
+3834. [bug] The re-signing heaps were not being updated soon enough
+ leading to multiple re-generations of the same RRSIG
+ when a zone transfer was in progress. [RT #35273]
+
+3833. [bug] Cross compiling was broken due to calling genrandom at
+ build time. [RT #35869]
+
+3832. [func] "named -L <filename>" causes named to send log
+ messages to the specified file by default instead
+ of to the system log. (Thanks to Tony Finch.)
+ [RT #35845]
+
+3831. [cleanup] Reduce logging noise when EDNS state changes occur.
+ [RT #35843]
+
+3830. [func] When query logging is enabled, log query errors at
+ the same level ('info') as the queries themselves.
+ [RT #35844]
+
+3829. [func] "dig +ttlunits" causes dig to print TTL values
+ with time-unit suffixes: w, d, h, m, s for
+ weeks, days, hours, minutes, and seconds. (Thanks
+ to Tony Finch.) [RT #35823]
+
+3828. [func] "dnssec-signzone -N date" updates serial number
+ to the current date in YYYYMMDDNN format.
+ [RT #35800]
+
+3827. [placeholder]
+
+3826. [bug] Corrected bad INSIST logic in isc_radix_remove().
+ [RT #35870]
+
+3825. [bug] Address sign extension bug in isc_regex_validate.
+ [RT #35758]
+
+3824. [bug] A collision between two flag values could cause
+ problems with cache cleaning when SIT was enabled.
+ [RT #35858]
+
+3823. [func] Log the rpz cname target when rewriting. [RT #35667]
+
+3822. [bug] Log the correct type of static-stub zones when
+ removing them. [RT #35842]
+
+3821. [contrib] Added a new "mysqldyn" DLZ module with dynamic
+ update and transaction support. Thanks to Marty
+ Lee for the contribution. [RT #35656]
+
+3820. [func] The DLZ API doesn't pass the database version to
+ the lookup() function; this can cause DLZ modules
+ that allow dynamic updates to mishandle prerequisite
+ checks. This has been corrected by adding a
+ 'dbversion' field to the dns_clientinfo_t
+ structure. [RT #35656]
+
+3819. [bug] NSEC3 hashes need to be able to be entered and
+ displayed without padding. This is not a issue for
+ currently defined algorithms but may be for future
+ hash algorithms. [RT #27925]
+
+3818. [bug] Stop lying to the optimizer that 'void *arg' is a
+ constant in isc_event_allocate.
+
+3817. [func] The "delve" command is now spelled "delv" to avoid
+ a namespace collision with the Xapian project.
+ [RT #35801]
+
+3816. [func] "dig +qr" now reports query size. (Thanks to
+ Tony Finch.) [RT #35822]
+
+3815. [doc] Clarify "nsupdate -y" usage in man page. [RT #35808]
+
+3814. [func] The "masterfile-style" zone option controls the
+ formatting of dumped zone files. Options are
+ "relative" (multiline format) and "full" (one
+ record per line). The default is "relative".
+ [RT #20798]
+
+3813. [func] "host" now recognizes the "timeout", "attempts" and
+ "debug" options when set in /etc/resolv.conf.
+ (Thanks to Adam Tkac at RedHat.) [RT #21885]
+
+3812. [func] Dig now supports sending arbitrary EDNS options from
+ the command line (+ednsopt=code[:value]). [RT #35584]
+
+3811. [func] "serial-update-method date;" sets serial number
+ on dynamic update to today's date in YYYYMMDDNN
+ format. (Thanks to Bradley Forschinger.) [RT #24903]
+
+3810. [bug] Work around broken nameservers that fail to ignore
+ unknown EDNS options. [RT #35766]
+
+3809. [doc] Fix SIT and NSID documentation.
+
+3808. [doc] Clean up "prefetch" documentation. [RT #35751]
+
+3807. [bug] Fix sign extension bug in dns_name_fromtext when
+ lowercase is set. [RT #35743]
+
+3806. [test] Improved system test portability. [RT #35625]
+
+3805. [contrib] Added contrib/perftcpdns, a performance testing tool
+ for DNS over TCP. [RT #35710]
+
+ --- 9.10.0rc1 released ---
+
+3804. [bug] Corrected a race condition in dispatch.c in which
+ portentry could be reset leading to an assertion
+ failure in socket_search(). (Change #3708
+ addressed the same issue but was incomplete.)
+ [RT #35128]
+
+3803. [bug] "named-checkconf -z" incorrectly rejected zones
+ using alternate data sources for not having a "file"
+ option. [RT #35685]
+
+3802. [bug] Various header files were not being installed.
+
+3801. [port] Fix probing for gssapi support on FreeBSD. [RT #35615]
+
+3800. [bug] A pending event on the route socket could cause an
+ assertion failure when shutting down named. [RT #35674]
+
+3799. [bug] Improve named's command line error reporting.
+ [RT #35603]
+
+3798. [bug] 'rndc zonestatus' was reporting the wrong re-signing
+ time. [RT #35659]
+
+3797. [port] netbsd: geoip support probing was broken. [RT #35642]
+
+3796. [bug] Register dns and pkcs#11 error codes. [RT #35629]
+
+3795. [bug] Make named-checkconf detect raw masterfiles for
+ hint zones and reject them. [RT #35268]
+
+3794. [maint] Added AAAA for C.ROOT-SERVERS.NET.
+
+3793. [bug] zone.c:save_nsec3param() could assert when out of
+ memory. [RT #35621]
+
+3792. [func] Provide links to the alternate statistics views when
+ displaying in a browser. [RT #35605]
+
+3791. [placeholder]
+
+3790. [bug] Handle broken nameservers that send BADVERS in
+ response to unknown EDNS options. Maintain
+ statistics on BADVERS responses.
+
+3789. [bug] Null pointer dereference on rbt creation failure.
+
+3788. [bug] dns_peer_getrequestsit was returning request_nsid by
+ mistake.
+
+ --- 9.10.0b2 released ---
+
+3787. [bug] The code that checks whether "auto-dnssec" is
+ allowed was ignoring "allow-update" ACLs set at
+ the options or view level. [RT #29536]
+
+3786. [func] Provide more detailed error codes when using
+ native PKCS#11. "pkcs11-tokens" now fails robustly
+ rather than asserting when run against an HSM with
+ an incomplete PKCS#11 API implementation. [RT #35479]
+
+3785. [bug] Debugging code dumphex didn't accept arbitrarily long
+ input (only compiled with -DDEBUG). [RT #35544]
+
+3784. [bug] Using "rrset-order fixed" when it had not been
+ enabled at compile time caused inconsistent
+ results. It now works as documented, defaulting
+ to cyclic mode. [RT #28104]
+
+3783. [func] "tsig-keygen" is now available as an alternate
+ command name for "ddns-confgen". It generates
+ a TSIG key in named.conf format without comments.
+ [RT #35503]
+
+3782. [func] Specifying "auto" as the salt when using
+ "rndc signing -nsec3param" causes named to
+ generate a 64-bit salt at random. [RT #35322]
+
+3781. [tuning] Use adaptive mutex locks when available; this
+ has been found to improve performance under load
+ on many systems. "configure --with-locktype=standard"
+ restores conventional mutex locks. [RT #32576]
+
+3780. [bug] $GENERATE handled negative numbers incorrectly.
+ [RT #25528]
+
+3779. [cleanup] Clarify the error message when using an option
+ that was not enabled at compile time. [RT #35504]
+
+3778. [bug] Log a warning when the wrong address family is
+ used in "listen-on" or "listen-on-v6". [RT #17848]
+
+3777. [bug] EDNS EXPIRE code could dump core when processing
+ DLZ queries. [RT #35493]
+
+3776. [func] "rndc -q" suppresses output from successful
+ rndc commands. Errors are printed on stderr.
+ [RT #21393]
+
+3775. [bug] dlz_dlopen driver could return the wrong error
+ code on API version mismatch, leading to a segfault.
+ [RT #35495]
+
+3774. [func] When using "request-nsid", log the NSID value in
+ printable form as well as hex. [RT #20864]
+
+3773. [func] "host", "nslookup" and "nsupdate" now have
+ options to print the version number and exit.
+ [RT #26057]
+
+3772. [contrib] Added sqlite3 dynamically-loadable DLZ module.
+ (Based in part on a contribution from Tim Tessier.)
+ [RT #20822]
+
+3771. [cleanup] Adjusted log level for "using built-in key"
+ messages. [RT #24383]
+
+3770. [bug] "dig +trace" could fail with an assertion when it
+ needed to fall back to TCP due to a truncated
+ response. [RT #24660]
+
+3769. [doc] Improved documentation of "rndc signing -list".
+ [RT #30652]
+
+3768. [bug] "dnssec-checkds" was missing the SHA-384 digest
+ algorithm. [RT #34000]
+
+3767. [func] Log explicitly when using rndc.key to configure
+ command channel. [RT #35316]
+
+3766. [cleanup] Fixed problems with building outside the source
+ tree when using native PKCS#11. [RT #35459]
+
+3765. [bug] Fixed a bug in "rndc secroots" that could crash
+ named when dumping an empty keynode. [RT #35469]
+
+3764. [bug] The dnssec-keygen/settime -S and -i options
+ (to set up a successor key and set the prepublication
+ interval) were missing from dnssec-keyfromlabel.
+ [RT #35394]
+
+3763. [bug] delve: Cache DNSSEC records to avoid the need to
+ re-fetch them when restarting validation. [RT #35476]
+
+3762. [bug] Address build problems with --pkcs11-native +
+ --with-openssl with ECDSA support. [RT #35467]
+
+3761. [bug] Address dangling reference bug in dns_keytable_add.
+ [RT #35471]
+
+3760. [bug] Improve SIT with native PKCS#11 and on Windows.
+ [RT #35433]
+
+3759. [port] Enable delve on Windows. [RT #35441]
+
+3758. [port] Enable export library APIs on Windows. [RT #35382]
+
+3757. [port] Enable Python tools (dnssec-coverage,
+ dnssec-checkds) to run on Windows. [RT #34355]
+
+3756. [bug] GSSAPI Kerberos realm checking was broken in
+ check_config leading to spurious messages being
+ logged. [RT #35443]
+
+ --- 9.10.0b1 released ---
+
+3755. [func] Add stats counters for known EDNS options + others.
+ [RT #35447]
+
+3754. [cleanup] win32: Installer now places files in the
+ Program Files area rather than system services.
+ [RT #35361]
+
+3753. [bug] allow-notify was ignoring keys. [RT #35425]
+
+3752. [bug] Address potential REQUIRE failure if
+ DNS_STYLEFLAG_COMMENTDATA is set when printing out
+ a rdataset.
+
+3751. [tuning] The default setting for the -U option (setting
+ the number of UDP listeners per interface) has
+ been adjusted to improve performance. [RT #35417]
+
+3750. [experimental] Partially implement EDNS EXPIRE option as described
+ in draft-andrews-dnsext-expire-00. Retrieval of
+ the remaining time until expiry for slave zones
+ is supported.
+
+ EXPIRE uses an experimental option code (65002),
+ which is subject to change. [RT #35416]
+
+3749. [func] "dig +subnet" sends an EDNS client subnet option
+ containing the specified address/prefix when
+ querying. (Thanks to Wilmer van der Gaast.)
+ [RT #35415]
+
+3748. [test] Use delve to test dns_client interfaces. [RT #35383]
+
+3747. [bug] A race condition could lead to a core dump when
+ destroying a resolver fetch object. [RT #35385]
+
+3746. [func] New "max-zone-ttl" option enforces maximum
+ TTLs for zones. If loading a zone containing a
+ higher TTL, the load fails. DDNS updates with
+ higher TTLs are accepted but the TTL is truncated.
+ (Note: Currently supported for master zones only;
+ inline-signing slaves will be added.) [RT #38405]
+
+3745. [func] "configure --with-tuning=large" adjusts various
+ compiled-in constants and default settings to
+ values suited to large servers with abundant
+ memory. [RT #29538]
+
+3744. [experimental] SIT: send and process Source Identity Tokens
+ (similar to DNS Cookies by Donald Eastlake 3rd),
+ which are designed to help clients detect off-path
+ spoofed responses and for servers to identify
+ legitimate clients.
+
+ SIT uses an experimental EDNS option code (65001),
+ which will be changed to an IANA-assigned value
+ if the experiment is deemed a success.
+
+ SIT can be enabled via "configure --enable-sit" (or
+ --enable-developer). It is enabled by default in
+ Windows.
+
+ Servers can be configured to send smaller responses
+ to clients that have not identified themselves via
+ SIT. RRL processing has also been updated;
+ legitimate clients are not subject to rate
+ limiting. [RT #35389]
+
+3743. [bug] delegation-only flag wasn't working in forward zone
+ declarations despite being documented. This is
+ needed to support turning off forwarding and turning
+ on delegation only at the same name. [RT #35392]
+
+3742. [port] linux: libcap support: declare curval at start of
+ block. [RT #35387]
+
+3741. [func] "delve" (domain entity lookup and validation engine):
+ A new tool with dig-like semantics for performing DNS
+ lookups, with internal DNSSEC validation, using the
+ same resolver and validator logic as named. This
+ allows easy validation of DNSSEC data in environments
+ with untrustworthy resolvers, and assists with
+ troubleshooting of DNSSEC problems. [RT #32406]
+
+3740. [contrib] Minor fixes to configure --with-dlz-bdb,
+ --with-dlz-postgres and --with-dlz-odbc. [RT #35340]
+
+3739. [func] Added per-zone stats counters to track TCP and
+ UDP queries. [RT #35375]
+
+3738. [bug] --enable-openssl-hash failed to build. [RT #35343]
+
+3737. [bug] 'rndc retransfer' could trigger a assertion failure
+ with inline zones. [RT #35353]
+
+3736. [bug] nsupdate: When specifying a server by name,
+ fall back to alternate addresses if the first
+ address for that name is not reachable. [RT #25784]
+
+3735. [cleanup] Merged the libiscpk11 library into libisc
+ to simplify dependencies. [RT #35205]
+
+3734. [bug] Improve building with libtool. [RT #35314]
+
+3733. [func] Improve interface scanning support. Interface
+ information will be automatically updated if the
+ OS supports routing sockets (MacOS, *BSD, Linux).
+ Use "automatic-interface-scan no;" to disable.
+
+ Add "rndc scan" to trigger a scan. [RT #23027]
+
+3732. [contrib] Fixed a type mismatch causing the ODBC DLZ
+ driver to dump core on 64-bit systems. [RT #35324]
+
+3731. [func] Added a "no-case-compress" ACL, which causes
+ named to use case-insensitive compression
+ (disabling change #3645) for specified
+ clients. (This is useful when dealing
+ with broken client implementations that
+ use case-sensitive name comparisons,
+ rejecting responses that fail to match the
+ capitalization of the query that was sent.)
+ [RT #35300]
+
+3730. [cleanup] Added "never" as a synonym for "none" when
+ configuring key event dates in the dnssec tools.
+ [RT #35277]
+
+3729. [bug] dnssec-keygen could set the publication date
+ incorrectly when only the activation date was
+ specified on the command line. [RT #35278]
+
+3728. [doc] Expanded native-PKCS#11 documentation,
+ specifically pkcs11: URI labels. [RT #35287]
+
+3727. [func] The isc_bitstring API is no longer used and
+ has been removed from libisc. [RT #35284]
+
+3726. [cleanup] Clarified the error message when attempting
+ to configure more than 32 response-policy zones.
+ [RT #35283]
+
+3725. [contrib] Updated zkt and nslint to newest versions,
+ cleaned up and rearranged the contrib
+ directory, and added a README.
+
+ --- 9.10.0a2 released ---
+
+3724. [bug] win32: Fixed a bug that prevented dig and
+ host from exiting properly after completing
+ a UDP query. [RT #35288]
+
+3723. [cleanup] Imported keys are now handled the same way
+ regardless of DNSSEC algorithm. [RT #35215]
+
+3722. [bug] Using geoip ACLs in a blackhole statement
+ could cause a segfault. [RT #35272]
+
+3721. [doc] Improved documentation of the EDNS processing
+ enhancements introduced in change #3593. [RT #35275]
+
+3720. [bug] Address compiler warnings. [RT #35261]
+
+3719. [bug] Address memory leak in in peer.c. [RT #35255]
+
+3718. [bug] A missing ISC_LINK_INIT in log.c. [RT #35260]
+
+3717. [port] hpux: Treat EOPNOTSUPP as a expected error code when
+ probing to see if it is possible to set dscp values
+ on a per packet basis. [RT #35252]
+
+3716. [bug] The dns_request code was setting dcsp values when not
+ requested. [RT #35252]
+
+3715. [bug] The region and city databases could fail to
+ initialize when using some versions of libGeoIP,
+ causing assertion failures when named was
+ configured to use them. [RT #35427]
+
+3714. [test] System tests that need to test for cryptography
+ support before running can now use a common
+ "testcrypto.sh" script to do so. [RT #35213]
+
+3713. [bug] Save memory by not storing "also-notify" addresses
+ in zone objects that are configured not to send
+ notify requests. [RT #35195]
+
+3712. [placeholder]
+
+3711. [placeholder]
+
+3710. [bug] Address double dns_zone_detach when switching to
+ using automatic empty zones from regular zones.
+ [RT #35177]
+
+3709. [port] Use built-in versions of strptime() and timegm()
+ on all platforms to avoid portability issues.
+ [RT #35183]
+
+3708. [bug] Address a portentry locking issue in dispatch.c.
+ [RT #35128]
+
+3707. [bug] irs_resconf_load now returns ISC_R_FILENOTFOUND
+ on a missing resolv.conf file and initializes the
+ structure as if it had been configured with:
+
+ nameserver ::1
+ nameserver 127.0.0.1
+
+ Note: Callers will need to be updated to treat
+ ISC_R_FILENOTFOUND as a qualified success or else
+ they will leak memory. The following code fragment
+ will work with both old and new versions without
+ changing the behaviour of the existing code.
+
+ resconf = NULL;
+ result = irs_resconf_load(mctx, "/etc/resolv.conf",
+ &resconf);
+ if (result != ISC_SUCCESS) {
+ if (resconf != NULL)
+ irs_resconf_destroy(&resconf);
+ ....
+ }
+
+ [RT #35194]
+
+3706. [contrib] queryperf: Fixed a possible integer overflow when
+ printing results. [RT #35182]
+
+3705. [func] "configure --enable-native-pkcs11" enables BIND
+ to use the PKCS#11 API for all cryptographic
+ functions, so that it can drive a hardware service
+ module directly without the need to use a modified
+ OpenSSL as intermediary (so long as the HSM's vendor
+ provides a complete-enough implementation of the
+ PKCS#11 interface). This has been tested successfully
+ with the Thales nShield HSM and with SoftHSMv2 from
+ the OpenDNSSEC project. [RT #29031]
+
+3704. [protocol] Accept integer timestamps in RRSIG records. [RT #35185]
+
+3703. [func] To improve recursive resolver performance, cache
+ records which are still being requested by clients
+ can now be automatically refreshed from the
+ authoritative server before they expire, reducing
+ or eliminating the time window in which no answer
+ is available in the cache. See the "prefetch" option
+ for more details. [RT #35041]
+
+3702. [func] 'dnssec-coverage -l' option specifies a length
+ of time to check for coverage; events further into
+ the future are ignored. 'dnssec-coverage -z'
+ checks only ZSK events, and 'dnssec-coverage -k'
+ checks only KSK events. (Thanks to Peter Palfrader.)
+ [RT #35168]
+
+3701. [func] named-checkconf can now obscure shared secrets
+ when printing by specifying '-x'. [RT #34465]
+
+3700. [func] Allow access to subgroups of XML statistics via
+ special URLs http://<server>:<port>/xml/v3/server,
+ /zones, /net, /tasks, /mem, and /status. [RT #35115]
+
+3699. [bug] Improvements to statistics channel XSL stylesheet:
+ the stylesheet can now be cached by the browser;
+ section headers are omitted from the stats display
+ when there is no data in those sections to be
+ displayed; counters are now right-justified for
+ easier readability. [RT #35117]
+
+3698. [cleanup] Replaced all uses of memcpy() with memmove().
+ [RT #35120]
+
+3697. [bug] Handle "." as a search list element when IDN support
+ is enabled. [RT #35133]
+
+3696. [bug] dig failed to handle AXFR style IXFR responses which
+ span multiple messages. [RT #35137]
+
+3695. [bug] Address a possible race in dispatch.c. [RT #35107]
+
+3694. [bug] Warn when a key-directory is configured for a zone,
+ but does not exist or is not a directory. [RT #35108]
+
+3693. [security] memcpy was incorrectly called with overlapping
+ ranges resulting in malformed names being generated
+ on some platforms. This could cause INSIST failures
+ when serving NSEC3 signed zones (CVE-2014-0591).
+ [RT #35120]
+
+3692. [bug] Two calls to dns_db_getoriginnode were fatal if there
+ was no data at the node. [RT #35080]
+
+3691. [contrib] Address null pointer dereference in LDAP and
+ MySQL DLZ modules.
+
+3690. [bug] Iterative responses could be missed when the source
+ port for an upstream query was the same as the
+ listener port (53). [RT #34925]
+
+3689. [bug] Fixed a bug causing an insecure delegation from one
+ static-stub zone to another to fail with a broken
+ trust chain. [RT #35081]
+
+3688. [bug] loadnode could return a freed node on out of memory.
+ [RT #35106]
+
+3687. [bug] Address null pointer dereference in zone_xfrdone.
+ [RT #35042]
+
+3686. [func] "dnssec-signzone -Q" drops signatures from keys
+ that are still published but no longer active.
+ [RT #34990]
+
+3685. [bug] "rndc refresh" didn't work correctly with slave
+ zones using inline-signing. [RT #35105]
+
+3684. [bug] The list of included files would grow on reload.
+ [RT 35090]
+
+3683. [cleanup] Add a more detailed "not found" message to rndc
+ commands which specify a zone name. [RT #35059]
+
+3682. [bug] Correct the behavior of rndc retransfer to allow
+ inline-signing slave zones to retain NSEC3 parameters
+ instead of reverting to NSEC. [RT #34745]
+
+3681. [port] Update the Windows build system to support feature
+ selection and WIN64 builds. This is a work in
+ progress. [RT #34160]
+
+3680. [bug] Ensure buffer space is available in "rndc zonestatus".
+ [RT #35084]
+
+3679. [bug] dig could fail to clean up TCP sockets still
+ waiting on connect(). [RT #35074]
+
+3678. [port] Update config.guess and config.sub. [RT #35060]
+
+3677. [bug] 'nsupdate' leaked memory if 'realm' was used multiple
+ times. [RT #35073]
+
+3676. [bug] "named-checkconf -z" now checks zones of type
+ hint and redirect as well as master. [RT #35046]
+
+3675. [misc] Provide a place for third parties to add version
+ information for their extensions in the version
+ file by setting the EXTENSIONS variable.
+
+ --- 9.10.0a1 released ---
+
+3674. [bug] RPZ zeroed ttls if the query type was '*'. [RT #35026]
+
+3673. [func] New "in-view" zone option allows direct sharing
+ of zones between views. [RT #32968]
+
+3672. [func] Local address can now be specified when using
+ dns_client API. [RT #34811]
+
+3671. [bug] Don't allow dnssec-importkey overwrite a existing
+ non-imported private key.
+
+3670. [bug] Address read after free in server side of
+ lwres_getrrsetbyname. [RT #29075]
+
+3669. [port] freebsd: --with-gssapi needs -lhx509. [RT #35001]
+
+3668. [bug] Fix cast in lex.c which could see 0xff treated as eof.
+ [RT #34993]
+
+3667. [test] dig: add support to keep the TCP socket open between
+ successive queries (+[no]keepopen). [RT #34918]
+
+3666. [func] Add a tool, named-rrchecker, for checking the syntax
+ of individual resource records. This tool is intended
+ to be called by provisioning systems so that the front
+ end does not need to be upgraded to support new DNS
+ record types. [RT #34778]
+
+3665. [bug] Failure to release lock on error in receive_secure_db.
+ [RT #34944]
+
+3664. [bug] Updated OpenSSL PKCS#11 patches to fix active list
+ locking and other bugs. [RT #34855]
+
+3663. [bug] Address bugs in dns_rdata_fromstruct and
+ dns_rdata_tostruct for WKS and ISDN types. [RT #34910]
+
+3662. [bug] 'host' could die if a UDP query timed out. [RT #34870]
+
+3661. [bug] Address lock order reversal deadlock with inline zones.
+ [RT #34856]
+
+3660. [cleanup] Changed the name of "isc-config.sh" to "bind9-config".
+ [RT #23825]
+
+3659. [port] solaris: don't add explicit dependencies/rules for
+ python programs as make won't use the implicit rules.
+ [RT #34835]
+
+3658. [port] linux: Address platform specific compilation issue
+ when libcap-devel is installed. [RT #34838]
+
+3657. [port] Some readline clones don't accept NULL pointers when
+ calling add_history. [RT #34842]
+
+3656. [security] Treat an all zero netmask as invalid when generating
+ the localnets acl. (The prior behavior could
+ allow unexpected matches when using some versions
+ of Winsock: CVE-2013-6320.) [RT #34687]
+
+3655. [cleanup] Simplify TCP message processing when requesting a
+ zone transfer. [RT #34825]
+
+3654. [bug] Address race condition with manual notify requests.
+ [RT #34806]
+
+3653. [func] Create delegations for all "children" of empty zones
+ except "forward first". [RT #34826]
+
+3652. [bug] Address bug with rpz-drop policy. [RT #34816]
+
+3651. [tuning] Adjust when a master server is deemed unreachable.
+ [RT #27075]
+
+3650. [tuning] Use separate rate limiting queues for refresh and
+ notify requests. [RT #30589]
+
+3649. [cleanup] Include a comment in .nzf files, giving the name of
+ the associated view. [RT #34765]
+
+3648. [test] Updated the ATF test framework to version 0.17.
+ [RT #25627]
+
+3647. [bug] Address a race condition when shutting down a zone.
+ [RT #34750]
+
+3646. [bug] Journal filename string could be set incorrectly,
+ causing garbage in log messages. [RT #34738]
+
+3645. [protocol] Use case sensitive compression when responding to
+ queries. [RT #34737]
+
+3644. [protocol] Check that EDNS subnet client options are well formed.
+ [RT #34718]
+
+3643. [doc] Clarify RRL "slip" documentation.
+
+3642. [func] Allow externally generated DNSKEY to be imported
+ into the DNSKEY management framework. A new tool
+ dnssec-importkey is used to do this. [RT #34698]
+
+3641. [bug] Handle changes to sig-validity-interval settings
+ better. [RT #34625]
+
+3640. [bug] ndots was not being checked when searching. Only
+ continue searching on NXDOMAIN responses. Add the
+ ability to specify ndots to nslookup. [RT #34711]
+
+3639. [bug] Treat type 65533 (KEYDATA) as opaque except when used
+ in a key zone. [RT #34238]
+
+3638. [cleanup] Add the ability to handle ENOPROTOOPT in case it is
+ encountered. [RT #34668]
+
+3637. [bug] 'allow-query-on' was checking the source address
+ rather than the destination address. [RT #34590]
+
+3636. [bug] Automatic empty zones now behave better with
+ forward only "zones" beneath them. [RT #34583]
+
+3635. [bug] Signatures were not being removed from a zone with
+ only KSK keys for a algorithm. [RT #34439]
+
+3634. [func] Report build-id in rndc status. Report build-id
+ when building from a git repository. [RT #20422]
+
+3633. [cleanup] Refactor OPT processing in named to make it easier
+ to support new EDNS options. [RT #34414]
+
+3632. [bug] Signature from newly inactive keys were not being
+ removed. [RT #32178]
+
+3631. [bug] Remove spurious warning about missing signatures when
+ qtype is SIG. [RT #34600]
+
+3630. [bug] Ensure correct ID computation for MD5 keys. [RT #33033]
+
+3629. [func] Allow the printing of cryptographic fields in DNSSEC
+ records by dig to be suppressed (dig +nocrypto).
+ [RT #34534]
+
+3628. [func] Report DNSKEY key id's when dumping the cache.
+ [RT #34533]
+
+3627. [bug] RPZ changes were not effective on slaves. [RT #34450]
+
+3626. [func] dig: NSID output now easier to read. [RT #21160]
+
+3625. [bug] Don't send notify messages to machines outside of the
+ test setup.
+
+3624. [bug] Look for 'json_object_new_int64' when looking for a
+ the json library. [RT #34449]
+
+3623. [placeholder]
+
+3622. [tuning] Eliminate an unnecessary lock when incrementing
+ cache statistics. [RT #34339]
+
+3621. [security] Incorrect bounds checking on private type 'keydata'
+ can lead to a remotely triggerable REQUIRE failure
+ (CVE-2013-4854). [RT #34238]
+
+3620. [func] Added "rpz-client-ip" policy triggers, enabling
+ RPZ responses to be configured on the basis of
+ the client IP address; this can be used, for
+ example, to blacklist misbehaving recursive
+ or stub resolvers. [RT #33605]
+
+3619. [bug] Fixed a bug in RPZ with "recursive-only no;"
+ [RT #33776]
+
+3618. [func] "rndc reload" now checks modification times of
+ include files as well as master files to determine
+ whether to skip reloading a zone. [RT #33936]
+
+3617. [bug] Named was failing to answer queries during
+ "rndc reload" [RT #34098]
+
+3616. [bug] Change #3613 was incomplete. [RT #34177]
+
+3615. [cleanup] "configure" now finishes by printing a summary
+ of optional BIND features and whether they are
+ active or inactive. ("configure --enable-full-report"
+ increases the verbosity of the summary.) [RT #31777]
+
+3614. [port] Check for <linux/types.h>. [RT #34162]
+
+3613. [bug] named could crash when deleting inline-signing
+ zones with "rndc delzone". [RT #34066]
+
+3612. [port] Check whether to use -ljson or -ljson-c. [RT #34115]
+
+3611. [bug] Improved resistance to a theoretical authentication
+ attack based on differential timing. [RT #33939]
+
+3610. [cleanup] win32: Some executables had been omitted from the
+ installer. [RT #34116]
+
+3609. [bug] Corrected a possible deadlock in applications using
+ the export version of the isc_app API. [RT #33967]
+
+3608. [port] win32: added todos.pl script to ensure all text files
+ the win32 build depends on are converted to DOS
+ newline format. [RT #22067]
+
+3607. [bug] dnssec-keygen had broken 'Invalid keyfile' error
+ message. [RT #34045]
+
+3606. [func] "rndc flushtree" now flushes matching
+ records in the address database and bad cache
+ as well as the DNS cache. (Previously only the
+ DNS cache was flushed.) [RT #33970]
+
+3605. [port] win32: Addressed several compatibility issues
+ with newer versions of Visual Studio. [RT #33916]
+
+3604. [bug] Fixed a compile-time error when building with
+ JSON but not XML. [RT #33959]
+
+3603. [bug] Install <isc/stat.h>. [RT #33956]
+
+3602. [contrib] Added DLZ Perl module, allowing Perl scripts to
+ integrate with named and serve DNS data.
+ (Contributed by John Eaglesham of Yahoo.)
+
+3601. [bug] Added to PKCS#11 openssl patches a value len
+ attribute in DH derive key. [RT #33928]
+
+3600. [cleanup] dig: Fixed a typo in the warning output when receiving
+ an oversized response. [RT #33910]
+
+3599. [tuning] Check for pointer equivalence in name comparisons.
+ [RT #18125]
+
+3598. [cleanup] Improved portability of map file code. [RT #33820]
+
+3597. [bug] Ensure automatic-resigning heaps are reconstructed
+ when loading zones in map format. [RT #33381]
+
+3596. [port] Updated win32 build documentation, added
+ dnssec-verify. [RT #22067]
+
+3595. [port] win32: Fix build problems introduced by change #3550.
+ [RT #33807]
+
+3594. [maint] Update config.guess and config.sub. [RT #33816]
+
+3593. [func] Update EDNS processing to better track remote server
+ capabilities. [RT #30655]
+
+3592. [doc] Moved documentation of rndc command options to the
+ rndc man page. [RT #33506]
+
+3591. [func] Use CRC-64 to detect map file corruption at load
+ time. [RT #33746]
+
+3590. [bug] When using RRL on recursive servers, defer
+ rate-limiting until after recursion is complete;
+ also, use correct rcode for slipped NXDOMAIN
+ responses. [RT #33604]
+
+3589. [func] Report serial numbers in when starting zone transfers.
+ Report accepted NOTIFY requests including serial.
+ [RT #33037]
+
+3588. [bug] dig: addressed a memory leak in the sigchase code
+ that could cause a shutdown crash. [RT #33733]
+
+3587. [func] 'named -g' now checks the logging configuration but
+ does not use it. [RT #33473]
+
+3586. [bug] Handle errors in xmlDocDumpFormatMemoryEnc. [RT #33706]
+
+3585. [func] "rndc delzone -clean" option removes zone files
+ when deleting a zone. [RT #33570]
+
+3584. [security] Caching data from an incompletely signed zone could
+ trigger an assertion failure in resolver.c
+ (CVE-2013-3919). [RT #33690]
+
+3583. [bug] Address memory leak in GSS-API processing [RT #33574]
+
+3582. [bug] Silence false positive warning regarding missing file
+ directive for inline slave zones. [RT #33662]
+
+3581. [bug] Changed the tcp-listen-queue default to 10. [RT #33029]
+
+3580. [bug] Addressed a possible race in acache.c [RT #33602]
+
+3579. [maint] Updates to PKCS#11 openssl patches, supporting
+ versions 0.9.8y, 1.0.0k, 1.0.1e [RT #33463]
+
+3578. [bug] 'rndc -c file' now fails if 'file' does not exist.
+ [RT #33571]
+
+3577. [bug] Handle zero TTL values better. [RT #33411]
+
+3576. [bug] Address a shutdown race when validating. [RT #33573]
+
+3575. [func] Changed the logging category for RRL events from
+ 'queries' to 'query-errors'. [RT #33540]
+
+3574. [doc] The 'hostname' keyword was missing from server-id
+ description in the named.conf man page. [RT #33476]
+
+3573. [bug] "rndc addzone" and "rndc delzone" incorrectly handled
+ zone names containing punctuation marks and other
+ nonstandard characters. [RT #33419]
+
+3572. [func] Threads are now enabled by default on most
+ operating systems. [RT #25483]
+
+3571. [bug] Address race condition in dns_client_startresolve().
+ [RT #33234]
+
+3570. [bug] Check internal pointers are valid when loading map
+ files. [RT #33403]
+
+3569. [contrib] Ported mysql DLZ driver to dynamically-loadable
+ module, and added multithread support. [RT #33394]
+
+3568. [cleanup] Add a product description line to the version file,
+ to be reported by named -v/-V. [RT #33366]
+
+3567. [bug] Silence clang static analyzer warnings. [RT #33365]
+
+3566. [func] Log when forwarding updates to master. [RT #33240]
+
+3565. [placeholder]
+
+3564. [bug] Improved handling of corrupted map files. [RT #33380]
+
+3563. [contrib] zone2sqlite failed with some table names. [RT #33375]
+
+3562. [func] Update map file header format to include a SHA-1 hash
+ of the database content, so that corrupted map files
+ can be rejected at load time. [RT #32459]
+
+3561. [bug] dig: issue a warning if an EDNS query returns FORMERR
+ or NOTIMP. Adjust usage message. [RT #33363]
+
+3560. [bug] isc-config.sh did not honor includedir and libdir
+ when set via configure. [RT #33345]
+
+3559. [func] Check that both forms of Sender Policy Framework
+ records exist or do not exist. [RT #33355]
+
+3558. [bug] IXFR of a DLZ stored zone was broken. [RT #33331]
+
+3557. [bug] Reloading redirect zones was broken. [RT #33292]
+
+3556. [maint] Added AAAA for D.ROOT-SERVERS.NET.
+
+3555. [bug] Address theoretical race conditions in acache.c
+ (change #3553 was incomplete). [RT #33252]
+
+3554. [bug] RRL failed to correctly rate-limit upward
+ referrals and failed to count dropped error
+ responses in the statistics. [RT #33225]
+
+3553. [bug] Address suspected double free in acache. [RT #33252]
+
+3552. [bug] Wrong getopt option string for 'nsupdate -r'.
+ [RT #33280]
+
+3551. [bug] resolver.querydscp[46] were uninitialized. [RT #32686]
+
+3550. [func] Unified the internal and export versions of the
+ BIND libraries, allowing external clients to use
+ the same libraries as BIND. [RT #33131]
+
+3549. [doc] Documentation for "request-nsid" was missing.
+ [RT #33153]
+
+3548. [bug] The NSID request code in resolver.c was broken
+ resulting in invalid EDNS options being sent.
+ [RT #33153]
+
+3547. [bug] Some malformed unknown rdata records were not properly
+ detected and rejected. [RT #33129]
+
+3546. [func] Add EUI48 and EUI64 types. [RT #33082]
+
+3545. [bug] RRL slip behavior was incorrect when set to 1.
+ [RT #33111]
+
+3544. [contrib] check5011.pl: Script to report the status of
+ managed keys as recorded in managed-keys.bind.
+ Contributed by Tony Finch <dot@dotat.at>
+
+3543. [bug] Update socket structure before attaching to socket
+ manager after accept. [RT #33084]
+
+3542. [placeholder]
+
+3541. [bug] Parts of libdns were not properly initialized when
+ built in libexport mode. [RT #33028]
+
+3540. [test] libt_api: t_info and t_assert were not thread safe.
+
+3539. [port] win32: timestamp format didn't match other platforms.
+
+3538. [test] Running "make test" now requires loopback interfaces
+ to be set up. [RT #32452]
+
+3537. [tuning] Slave zones, when updated, now send NOTIFY messages
+ to peers before being dumped to disk rather than
+ after. [RT #27242]
+
+3536. [func] Add support for setting Differentiated Services Code
+ Point (DSCP) values in named. Most configuration
+ options which take a "port" option (e.g.,
+ listen-on, forwarders, also-notify, masters,
+ notify-source, etc) can now also take a "dscp"
+ option specifying a code point for use with
+ outgoing traffic, if supported by the underlying
+ OS. [RT #27596]
+
+3535. [bug] Minor win32 cleanups. [RT #32962]
+
+3534. [bug] Extra text after an embedded NULL was ignored when
+ parsing zone files. [RT #32699]
+
+3533. [contrib] query-loc-0.4.0: memory leaks. [RT #32960]
+
+3532. [contrib] zkt: fixed buffer overrun, resource leaks. [RT #32960]
+
+3531. [bug] win32: A uninitialized value could be returned on out
+ of memory. [RT #32960]
+
+3530. [contrib] Better RTT tracking in queryperf. [RT #30128]
+
+3529. [func] Named now listens on both IPv4 and IPv6 interfaces
+ by default. Named previously only listened on IPv4
+ interfaces by default unless named was running in
+ IPv6 only mode. [RT #32945]
+
+3528. [func] New "dnssec-coverage" command scans the timing
+ metadata for a set of DNSSEC keys and reports if a
+ lapse in signing coverage has been scheduled
+ inadvertently. (Note: This tool depends on python;
+ it will not be built or installed on systems that
+ do not have a python interpreter.) [RT #28098]
+
+3527. [compat] Add a URI to allow applications to explicitly
+ request a particular XML schema from the statistics
+ channel, returning 404 if not supported. [RT #32481]
+
+3526. [cleanup] Set up dependencies for unit tests correctly during
+ build. [RT #32803]
+
+3525. [func] Support for additional signing algorithms in rndc:
+ hmac-sha1, -sha224, -sha256, -sha384, and -sha512.
+ The -A option to rndc-confgen can be used to
+ select the algorithm for the generated key.
+ (The default is still hmac-md5; this may
+ change in a future release.) [RT #20363]
+
+3524. [func] Added an alternate statistics channel in JSON format,
+ when the server is built with the json-c library:
+ http://[address]:[port]/json. [RT #32630]
+
+3523. [contrib] Ported filesystem and ldap DLZ drivers to
+ dynamically-loadable modules, and added the
+ "wildcard" module based on a contribution from
+ Vadim Goncharov <vgoncharov@nic.ru>. [RT #23569]
+
+3522. [bug] DLZ lookups could fail to return SERVFAIL when
+ they ought to. [RT #32685]
+
+3521. [bug] Address memory leak in opensslecdsa_link.c. [RT #32249]
+
+3520. [bug] 'mctx' was not being referenced counted in some places
+ where it should have been. [RT #32794]
+
+3519. [func] Full replay protection via four-way handshake is
+ now mandatory for rndc clients. Very old versions
+ of rndc will no longer work. [RT #32798]
+
+3518. [bug] Increase the size of dns_rrl_key.s.rtype by one bit
+ so that all dns_rrl_rtype_t enum values fit regardless
+ of whether it is treated as signed or unsigned by
+ the compiler. [RT #32792]
+
+3517. [bug] Reorder destruction to avoid shutdown race. [RT #32777]
+
+3516. [placeholder]
+
+3515. [port] '%T' is not portable in strftime(). [RT #32763]
+
+3514. [bug] The ranges for valid key sizes in ddns-confgen and
+ rndc-confgen were too constrained. Keys up to 512
+ bits are now allowed for most algorithms, and up
+ to 1024 bits for hmac-sha384 and hmac-sha512.
+ [RT #32753]
+
+3513. [func] "dig -u" prints times in microseconds rather than
+ milliseconds. [RT #32704]
+
+3512. [func] "rndc validation check" reports the current status
+ of DNSSEC validation. [RT #21397]
+
+3511. [doc] Improve documentation of redirect zones. [RT #32756]
+
+3510. [func] "rndc status" and XML statistics channel now report
+ server start and reconfiguration times. [RT #21048]
+
+3509. [cleanup] Added a product line to version file to allow for
+ easy naming of different products (BIND
+ vs BIND ESV, for example). [RT #32755]
+
+3508. [contrib] queryperf was incorrectly rejecting the -T option.
+ [RT #32338]
+
+3507. [bug] Statistics channel XSL had a glitch when attempting
+ to chart query data before any queries had been
+ received. [RT #32620]
+
+3506. [func] When setting "max-cache-size" and "max-acache-size",
+ the keyword "unlimited" is no longer defined as equal
+ to 4 gigabytes (except on 32-bit platforms); it
+ means literally unlimited. [RT #32358]
+
+3505. [bug] When setting "max-cache-size" and "max-acache-size",
+ larger values than 4 gigabytes could not be set
+ explicitly, though larger sizes were available
+ when setting cache size to 0. This has been
+ corrected; the full range is now available.
+ [RT #32358]
+
+3504. [func] Add support for ACLs based on geographic location,
+ using MaxMind GeoIP databases. Based on code
+ contributed by Ken Brownfield <kb@slide.com>.
+ [RT #30681]
+
+3503. [doc] Clarify size_spec syntax. [RT #32449]
+
+3502. [func] zone-statistics: "no" is now a synonym for "none",
+ instead of "terse". [RT #29165]
+
+3501. [func] zone-statistics now takes three options: full,
+ terse, and none. "yes" and "no" are retained as
+ synonyms for full and terse, respectively. [RT #29165]
+
+3500. [security] Support NAPTR regular expression validation on
+ all platforms without using libregex, which
+ can be vulnerable to memory exhaustion attack
+ (CVE-2013-2266). [RT #32688]
+
+3499. [doc] Corrected ARM documentation of built-in zones.
+ [RT #32694]
+
+3498. [bug] zone statistics for zones which matched a potential
+ empty zone could have their zone-statistics setting
+ overridden.
+
+3497. [func] When deleting a slave/stub zone using 'rndc delzone'
+ report the files that were being used so they can
+ be cleaned up if desired. [RT #27899]
+
+3496. [placeholder]
+
+3495. [func] Support multiple response-policy zones (up to 32),
+ while improving RPZ performance. "response-policy"
+ syntax now includes a "min-ns-dots" clause, with
+ default 1, to exclude top-level domains from
+ NSIP and NSDNAME checking. --enable-rpz-nsip and
+ --enable-rpz-nsdname are now the default. [RT #32251]
+
+3494. [func] DNS RRL: Blunt the impact of DNS reflection and
+ amplification attacks by rate-limiting substantially-
+ identical responses. [RT #28130]
+
+3493. [contrib] Added BDBHPT dynamically-loadable DLZ module,
+ contributed by Mark Goldfinch. [RT #32549]
+
+3492. [bug] Fixed a regression in zone loading performance
+ due to lock contention. [RT #30399]
+
+3491. [bug] Slave zones using inline-signing must specify a
+ file name. [RT #31946]
+
+3490. [bug] When logging RDATA during update, truncate if it's
+ too long. [RT #32365]
+
+3489. [bug] --enable-developer now turns on ISC_LIST_CHECKINIT.
+ dns_dlzcreate() failed to properly initialize
+ dlzdb.link. When cloning a rdataset do not copy
+ the link contents. [RT #32651]
+
+3488. [bug] Use after free error with DH generated keys. [RT #32649]
+
+3487. [bug] Change 3444 was not complete. There was a additional
+ place where the NOQNAME proof needed to be saved.
+ [RT #32629]
+
+3486. [bug] named could crash when using TKEY-negotiated keys
+ that had been deleted and then recreated. [RT #32506]
+
+3485. [cleanup] Only compile openssl_gostlink.c if we support GOST.
+
+3484. [bug] Some statistics were incorrectly rendered in XML.
+ [RT #32587]
+
+3483. [placeholder]
+
+3482. [func] dig +nssearch now prints name servers that don't
+ have address records (missing AAAA or A, or the name
+ doesn't exist). [RT #29348]
+
+3481. [cleanup] Removed use of const const in atf.
+
+3480. [bug] Silence logging noise when setting up zone
+ statistics. [RT #32525]
+
+3479. [bug] Address potential memory leaks in gssapi support
+ code. [RT #32405]
+
+3478. [port] Fix a build failure in strict C99 environments
+ [RT #32475]
+
+3477. [func] Expand logging when adding records via DDNS update
+ [RT #32365]
+
+3476. [bug] "rndc zonestatus" could report a spurious "not
+ found" error on inline-signing zones. [RT #29226]
+
+3475. [cleanup] Changed name of 'map' zone file format (previously
+ 'fast'). [RT #32458]
+
+3474. [bug] nsupdate could assert when the local and remote
+ address families didn't match. [RT #22897]
+
+3473. [bug] dnssec-signzone/verify could incorrectly report
+ an error condition due to an empty node above an
+ opt-out delegation lacking an NSEC3. [RT #32072]
+
+3472. [bug] The active-connections counter in the socket
+ statistics could underflow. [RT #31747]
+
+3471. [bug] The number of UDP dispatches now defaults to
+ the number of CPUs even if -n has been set to
+ a higher value. [RT #30964]
+
+3470. [bug] Slave zones could fail to dump when successfully
+ refreshing after an initial failure. [RT #31276]
+
+3469. [bug] Handle DLZ lookup failures more gracefully. Improve
+ backward compatibility between versions of DLZ dlopen
+ API. [RT #32275]
+
+3468. [security] RPZ rules to generate A records (but not AAAA records)
+ could trigger an assertion failure when used in
+ conjunction with DNS64 (CVE-2012-5689). [RT #32141]
+
+3467. [bug] Added checks in dnssec-keygen and dnssec-settime
+ to check for delete date < inactive date. [RT #31719]
+
+3466. [contrib] Corrected the DNS_CLIENTINFOMETHODS_VERSION check
+ in DLZ example driver. [RT #32275]
+
+3465. [bug] Handle isolated reserved ports. [RT #31778]
+
+3464. [maint] Updates to PKCS#11 openssl patches, supporting
+ versions 0.9.8x, 1.0.0j, 1.0.1c [RT #29749]
+
+3463. [doc] Clarify managed-keys syntax in ARM. [RT #32232]
+
+3462. [doc] Clarify server selection behavior of dig when using
+ -4 or -6 options. [RT #32181]
+
+3461. [bug] Negative responses could incorrectly have AD=1
+ set. [RT #32237]
+
+3460. [bug] Only link against readline where needed. [RT #29810]
+
+3459. [func] Added -J option to named-checkzone/named-compilezone
+ to specify the path to the journal file. [RT #30958]
+
+3458. [bug] Return FORMERR when presented with a overly long
+ domain named in a request. [RT #29682]
+
+3457. [protocol] Add ILNP records (NID, LP, L32, L64). [RT #31836]
+
+3456. [port] g++47: ATF failed to compile. [RT #32012]
+
+3455. [contrib] queryperf: fix getopt option list. [RT #32338]
+
+3454. [port] sparc64: improve atomic support. [RT #25182]
+
+3453. [bug] 'rndc addzone' of a zone with 'inline-signing yes;'
+ failed. [RT #31960]
+
+3452. [bug] Accept duplicate singleton records. [RT #32329]
+
+3451. [port] Increase per thread stack size from 64K to 1M.
+ [RT #32230]
+
+3450. [bug] Stop logfileconfig system test spam system logs.
+ [RT #32315]
+
+3449. [bug] gen.c: use the pre-processor to construct format
+ strings so that compiler can perform sanity checks;
+ check the snprintf results. [RT #17576]
+
+3448. [bug] The allow-query-on ACL was not processed correctly.
+ [RT #29486]
+
+3447. [port] Add support for libxml2-2.9.x [RT #32231]
+
+3446. [port] win32: Add source ID (see change #3400) to build.
+ [RT #31683]
+
+3445. [bug] Warn about zone files with blank owner names
+ immediately after $ORIGIN directives. [RT #31848]
+
+3444. [bug] The NOQNAME proof was not being returned from cached
+ insecure responses. [RT #21409]
+
+3443. [bug] ddns-confgen: Some TSIG algorithms were incorrectly
+ rejected when generating keys. [RT #31927]
+
+3442. [port] Net::DNS 0.69 introduced a non backwards compatible
+ change. [RT #32216]
+
+3441. [maint] D.ROOT-SERVERS.NET is now 199.7.91.13.
+
+3440. [bug] Reorder get_key_struct to not trigger a assertion when
+ cleaning up due to out of memory error. [RT #32131]
+
+3439. [placeholder]
+
+3438. [bug] Don't accept unknown data escape in quotes. [RT #32031]
+
+3437. [bug] isc_buffer_init -> isc_buffer_constinit to initialize
+ buffers with constant data. [RT #32064]
+
+3436. [bug] Check malloc/calloc return values. [RT #32088]
+
+3435. [bug] Cross compilation support in configure was broken.
+ [RT #32078]
+
+3434. [bug] Pass client info to the DLZ findzone() entry
+ point in addition to lookup(). This makes it
+ possible for a database to answer differently
+ whether it's authoritative for a name depending
+ on the address of the client. [RT #31775]
+
+3433. [bug] dlz_findzone() did not correctly handle
+ ISC_R_NOMORE. [RT #31172]
+
+3432. [func] Multiple DLZ databases can now be configured.
+ DLZ databases are searched in the order configured,
+ unless set to "search no", in which case a
+ zone can be configured to be retrieved from a
+ particular DLZ database by using a "dlz <name>"
+ option in the zone statement. DLZ databases can
+ support type "master" and "redirect" zones.
+ [RT #27597]
+
+3431. [bug] ddns-confgen: Some valid key algorithms were
+ not accepted. [RT #31927]
+
+3430. [bug] win32: isc_time_formatISO8601 was missing the
+ 'T' between the date and time. [RT #32044]
+
+3429. [bug] dns_zone_getserial2 could a return success without
+ returning a valid serial. [RT #32007]
+
+3428. [cleanup] dig: Add timezone to date output. [RT #2269]
+
+3427. [bug] dig +trace incorrectly displayed name server
+ addresses instead of names. [RT #31641]
+
+3426. [bug] dnssec-checkds: Clearer output when records are not
+ found. [RT #31968]
+
+3425. [bug] "acacheentry" reference counting was broken resulting
+ in use after free. [RT #31908]
+
+3424. [func] dnssec-dsfromkey now emits the hash without spaces.
+ [RT #31951]
+
+3423. [bug] "rndc signing -nsec3param" didn't accept the full
+ range of possible values. Address portability issues.
+ [RT #31938]
+
+3422. [bug] Added a clear error message for when the SOA does not
+ match the referral. [RT #31281]
+
+3421. [bug] Named loops when re-signing if all keys are offline.
+ [RT #31916]
+
+3420. [bug] Address VPATH compilation issues. [RT #31879]
+
+3419. [bug] Memory leak on validation cancel. [RT #31869]
+
+3418. [func] New XML schema (version 3.0) for the statistics channel
+ adds query type statistics at the zone level, and
+ flattens the XML tree and uses compressed format to
+ optimize parsing. Includes new XSL that permits
+ charting via the Google Charts API on browsers that
+ support javascript in XSL. The old XML schema has been
+ deprecated. [RT #30023]
+
+3417. [placeholder]
+
+3416. [bug] Named could die on shutdown if running with 128 UDP
+ dispatches per interface. [RT #31743]
+
+3415. [bug] named could die with a REQUIRE failure if a validation
+ was canceled. [RT #31804]
+
+3414. [bug] Address locking issues found by Coverity. [RT #31626]
+
+3413. [func] Record the number of DNS64 AAAA RRsets that have been
+ synthesized. [RT #27636]
+
+3412. [bug] Copy timeval structure from control message data.
+ [RT #31548]
+
+3411. [tuning] Use IPV6_USE_MIN_MTU or equivalent with TCP in addition
+ to UDP. [RT #31690]
+
+3410. [bug] Addressed Coverity warnings. [RT #31626]
+
+3409. [contrib] contrib/dane/mkdane.sh: Tool to generate TLSA RR's
+ from X.509 certificates, for use with DANE
+ (DNS-based Authentication of Named Entities).
+ [RT #30513]
+
+3408. [bug] Some DNSSEC-related options (update-check-ksk,
+ dnssec-loadkeys-interval, dnssec-dnskey-kskonly)
+ are now legal in slave zones as long as
+ inline-signing is in use. [RT #31078]
+
+3407. [placeholder]
+
+3406. [bug] mem.c: Fix compilation errors when building with
+ ISC_MEM_TRACKLINES or ISC_MEMPOOL_NAMES disabled.
+ Also, ISC_MEM_DEBUG is no longer optional. [RT #31559]
+
+3405. [bug] Handle time going backwards in acache. [RT #31253]
+
+3404. [bug] dnssec-signzone: When re-signing a zone, remove
+ RRSIG and NSEC records from nodes that used to be
+ in-zone but are now below a zone cut. [RT #31556]
+
+3403. [bug] Silence noisy OpenSSL logging. [RT #31497]
+
+3402. [test] The IPv6 interface numbers used for system
+ tests were incorrect on some platforms. [RT #25085]
+
+3401. [bug] Addressed Coverity warnings. [RT #31484]
+
+3400. [cleanup] "named -V" can now report a source ID string, defined
+ in the "srcid" file in the build tree and normally set
+ to the most recent git hash. [RT #31494]
+
+3399. [port] netbsd: rename 'bool' parameter to avoid namespace
+ clash. [RT #31515]
+
+3398. [bug] SOA parameters were not being updated with inline
+ signed zones if the zone was modified while the
+ server was offline. [RT #29272]
+
+3397. [bug] dig crashed when using +nssearch with +tcp. [RT #25298]
+
+3396. [bug] OPT records were incorrectly removed from signed,
+ truncated responses. [RT #31439]
+
+3395. [protocol] Add RFC 6598 reverse zones to built in empty zones
+ list, 64.100.IN-ADDR.ARPA ... 127.100.IN-ADDR.ARPA.
+ [RT #31336]
+
+3394. [bug] Adjust 'successfully validated after lower casing
+ signer' log level and category. [RT #31414]
+
+3393. [bug] 'host -C' could core dump if REFUSED was received.
+ [RT #31381]
+
+3392. [func] Keep statistics on REFUSED responses. [RT #31412]
+
+3391. [bug] A DNSKEY lookup that encountered a CNAME failed.
+ [RT #31262]
+
+3390. [bug] Silence clang compiler warnings. [RT #30417]
+
+3389. [bug] Always return NOERROR (not 0) in TSIG. [RT #31275]
+
+3388. [bug] Fixed several Coverity warnings.
+ Note: This change includes a fix for a bug that
+ was subsequently determined to be an exploitable
+ security vulnerability, CVE-2012-5688: named could
+ die on specific queries with dns64 enabled.
+ [RT #30996]
+
+3387. [func] DS digest can be disabled at runtime with
+ disable-ds-digests. [RT #21581]
+
+3386. [bug] Address locking violation when generating new NSEC /
+ NSEC3 chains. [RT #31224]
+
+3385. [bug] named-checkconf didn't detect missing master lists
+ in also-notify clauses. [RT #30810]
+
+3384. [bug] Improved logging of crypto errors. [RT #30963]
+
+3383. [security] A certain combination of records in the RBT could
+ cause named to hang while populating the additional
+ section of a response. [RT #31090]
+
+3382. [bug] SOA query from slave used use-v6-udp-ports range,
+ if set, regardless of the address family in use.
+ [RT #24173]
+
+3381. [contrib] Update queryperf to support more RR types.
+ [RT #30762]
+
+3380. [bug] named could die if a nonexistent master list was
+ referenced in a also-notify. [RT #31004]
+
+3379. [bug] isc_interval_zero and isc_time_epoch should be
+ "const (type)* const". [RT #31069]
+
+3378. [bug] Handle missing 'managed-keys-directory' better.
+ [RT #30625]
+
+3377. [bug] Removed spurious newline from NSEC3 multiline
+ output. [RT #31044]
+
+3376. [bug] Lack of EDNS support was being recorded without a
+ successful response. [RT #30811]
+
+3375. [bug] 'rndc dumpdb' failed on empty caches. [RT #30808]
+
+3374. [bug] isc_parse_uint32 failed to return a range error on
+ systems with 64 bit longs. [RT #30232]
+
+3373. [bug] win32: open raw files in binary mode. [RT #30944]
+
+3372. [bug] Silence spurious "deleted from unreachable cache"
+ messages. [RT #30501]
+
+3371. [bug] AD=1 should behave like DO=1 when deciding whether to
+ add NS RRsets to the additional section or not.
+ [RT #30479]
+
+3370. [bug] Address use after free while shutting down. [RT #30241]
+
+3369. [bug] nsupdate terminated unexpectedly in interactive mode
+ if built with readline support. [RT #29550]
+
+3368. [bug] <dns/iptable.h>, <dns/private.h> and <dns/zone.h>
+ were not C++ safe.
+
+3367. [bug] dns_dnsseckey_create() result was not being checked.
+ [RT #30685]
+
+3366. [bug] Fixed Read-After-Write dependency violation for IA64
+ atomic operations. [RT #25181]
+
+3365. [bug] Removed spurious newlines from log messages in
+ zone.c [RT #30675]
+
+3364. [security] Named could die on specially crafted record.
+ [RT #30416]
+
+3363. [bug] Need to allow "forward" and "fowarders" options
+ in static-stub zones; this had been overlooked.
+ [RT #30482]
+
+3362. [bug] Setting some option values to 0 in named.conf
+ could trigger an assertion failure on startup.
+ [RT #27730]
+
+3361. [bug] "rndc signing -nsec3param" didn't work correctly
+ when salt was set to '-' (no salt). [RT #30099]
+
+3360. [bug] 'host -w' could die. [RT #18723]
+
+3359. [bug] An improperly-formed TSIG secret could cause a
+ memory leak. [RT #30607]
+
+3358. [placeholder]
+
+3357. [port] Add support for libxml2-2.8.x [RT #30440]
+
+3356. [bug] Cap the TTL of signed RRsets when RRSIGs are
+ approaching their expiry, so they don't remain
+ in caches after expiry. [RT #26429]
+
+3355. [port] Use more portable awk in verify system test.
+
+3354. [func] Improve OpenSSL error logging. [RT #29932]
+
+3353. [bug] Use a single task for task exclusive operations.
+ [RT #29872]
+
+3352. [bug] Ensure that learned server attributes timeout of the
+ adb cache. [RT #29856]
+
+3351. [bug] isc_mem_put and isc_mem_putanddetach didn't report
+ caller if either ISC_MEM_DEBUGSIZE or ISC_MEM_DEBUGCTX
+ memory debugging flags are set. [RT #30243]
+
+3350. [bug] Memory read overrun in isc___mem_reallocate if
+ ISC_MEM_DEBUGCTX memory debugging flag is set.
+ [RT #30240]
+
+3349. [bug] Change #3345 was incomplete. [RT #30233]
+
+3348. [bug] Prevent RRSIG data from being cached if a negative
+ record matching the covering type exists at a higher
+ trust level. Such data already can't be retrieved from
+ the cache since change 3218 -- this prevents it
+ being inserted into the cache as well. [RT #26809]
+
+3347. [bug] dnssec-settime: Issue a warning when writing a new
+ private key file would cause a change in the
+ permissions of the existing file. [RT #27724]
+
+3346. [security] Bad-cache data could be used before it was
+ initialized, causing an assert. [RT #30025]
+
+3345. [bug] Addressed race condition when removing the last item
+ or inserting the first item in an ISC_QUEUE.
+ [RT #29539]
+
+3344. [func] New "dnssec-checkds" command checks a zone to
+ determine which DS records should be published
+ in the parent zone, or which DLV records should be
+ published in a DLV zone, and queries the DNS to
+ ensure that it exists. (Note: This tool depends
+ on python; it will not be built or installed on
+ systems that do not have a python interpreter.)
+ [RT #28099]
+
+3343. [placeholder]
+
+3342. [bug] Change #3314 broke saving of stub zones to disk
+ resulting in excessive cpu usage in some cases.
+ [RT #29952]
+
+3341. [func] New "dnssec-verify" command checks a signed zone
+ to ensure correctness of signatures and of NSEC/NSEC3
+ chains. [RT #23673]
+
+3340. [func] Added new 'map' zone file format, which is an image
+ of a zone database that can be loaded directly into
+ memory via mmap(), allowing much faster zone loading.
+ (Note: Because of pointer sizes and other
+ considerations, this file format is platform-dependent;
+ 'map' zone files cannot always be transferred from one
+ server to another.) [RT #25419]
+
+3339. [func] Allow the maximum supported rsa exponent size to be
+ specified: "max-rsa-exponent-size <value>;" [RT #29228]
+
+3338. [bug] Address race condition in units tests: asyncload_zone
+ and asyncload_zt. [RT #26100]
+
+3337. [bug] Change #3294 broke support for the multiple keys
+ in controls. [RT #29694]
+
+3336. [func] Maintain statistics for RRsets tagged as "stale".
+ [RT #29514]
+
+3335. [func] nslookup: return a nonzero exit code when unable
+ to get an answer. [RT #29492]
+
+3334. [bug] Hold a zone table reference while performing a
+ asynchronous load of a zone. [RT #28326]
+
+3333. [bug] Setting resolver-query-timeout too low can cause
+ named to not recover if it loses connectivity.
+ [RT #29623]
+
+3332. [bug] Re-use cached DS rrsets if possible. [RT #29446]
+
+3331. [security] dns_rdataslab_fromrdataset could produce bad
+ rdataslabs. [RT #29644]
+
+3330. [func] Fix missing signatures on NOERROR results despite
+ RPZ rewriting. Also
+ - add optional "recursive-only yes|no" to the
+ response-policy statement
+ - add optional "max-policy-ttl" to the response-policy
+ statement to limit the false data that
+ "recursive-only no" can introduce into
+ resolvers' caches
+ - add a RPZ performance test to bin/tests/system/rpz
+ when queryperf is available.
+ - the encoding of PASSTHRU action to "rpz-passthru".
+ (The old encoding is still accepted.)
+ [RT #26172]
+
+
+3329. [bug] Handle RRSIG signer-name case consistently: We
+ generate RRSIG records with the signer-name in
+ lower case. We accept them with any case, but if
+ they fail to validate, we try again in lower case.
+ [RT #27451]
+
+3328. [bug] Fixed inconsistent data checking in dst_parse.c.
+ [RT #29401]
+
+3327. [func] Added 'filter-aaaa-on-v6' option; this is similar
+ to 'filter-aaaa-on-v4' but applies to IPv6
+ connections. (Use "configure --enable-filter-aaaa"
+ to enable this option.) [RT #27308]
+
+3326. [func] Added task list statistics: task model, worker
+ threads, quantum, tasks running, tasks ready.
+ [RT #27678]
+
+3325. [func] Report cache statistics: memory use, number of
+ nodes, number of hash buckets, hit and miss counts.
+ [RT #27056]
+
+3324. [test] Add better tests for ADB stats [RT #27057]
+
+3323. [func] Report the number of buckets the resolver is using.
+ [RT #27020]
+
+3322. [func] Monitor the number of active TCP and UDP dispatches.
+ [RT #27055]
+
+3321. [func] Monitor the number of recursive fetches and the
+ number of open sockets, and report these values in
+ the statistics channel. [RT #27054]
+
+3320. [func] Added support for monitoring of recursing client
+ count. [RT #27009]
+
+3319. [func] Added support for monitoring of ADB entry count and
+ hash size. [RT #27057]
+
+3318. [tuning] Reduce the amount of work performed while holding a
+ bucket lock when finished with a fetch context.
+ [RT #29239]
+
+3317. [func] Add ECDSA support (RFC 6605). [RT #21918]
+
+3316. [tuning] Improved locking performance when recursing.
+ [RT #28836]
+
+3315. [tuning] Use multiple dispatch objects for sending upstream
+ queries; this can improve performance on busy
+ multiprocessor systems by reducing lock contention.
+ [RT #28605]
+
+3314. [bug] The masters list could be updated while stub_callback
+ or refresh_callback were using it. [RT #26732]
+
+3313. [protocol] Add TLSA record type. [RT #28989]
+
+3312. [bug] named-checkconf didn't detect a bad dns64 clients acl.
+ [RT #27631]
+
+3311. [bug] Abort the zone dump if zone->db is NULL in
+ zone.c:zone_gotwritehandle. [RT #29028]
+
+3310. [test] Increase table size for mutex profiling. [RT #28809]
+
+3309. [bug] resolver.c:fctx_finddone() was not thread safe.
+ [RT #27995]
+
+3308. [placeholder]
+
+3307. [bug] Add missing ISC_LANG_BEGINDECLS and ISC_LANG_ENDDECLS.
+ [RT #28956]
+
+3306. [bug] Improve DNS64 reverse zone performance. [RT #28563]
+
+3305. [func] Add wire format lookup method to sdb. [RT #28563]
+
+3304. [bug] Use hmctx, not mctx when freeing rbtdb->heaps.
+ [RT #28571]
+
+3303. [bug] named could die when reloading. [RT #28606]
+
+3302. [bug] dns_dnssec_findmatchingkeys could fail to find
+ keys if the zone name contained character that
+ required special mappings. [RT #28600]
+
+3301. [contrib] Update queryperf to build on darwin. Add -R flag
+ for non-recursive queries. [RT #28565]
+
+3300. [bug] Named could die if gssapi was enabled in named.conf
+ but was not compiled in. [RT #28338]
+
+3299. [bug] Make SDB handle errors from database drivers better.
+ [RT #28534]
+
+3298. [bug] Named could dereference a NULL pointer in
+ zmgr_start_xfrin_ifquota if the zone was being removed.
+ [RT #28419]
+
+3297. [bug] Named could die on a malformed master file. [RT #28467]
+
+3296. [bug] Named could die with a INSIST failure in
+ client.c:exit_check. [RT #28346]
+
+3295. [bug] Adjust isc_time_secondsastimet range check to be more
+ portable. [RT # 26542]
+
+3294. [bug] isccc/cc.c:table_fromwire failed to free alist on
+ error. [RT #28265]
+
+3293. [func] nsupdate: list supported type. [RT #28261]
+
+3292. [func] Log messages in the axfr stream at debug 10.
+ [RT #28040]
+
+3291. [port] Fixed a build error on systems without ENOTSUP.
+ [RT #28200]
+
+3290. [bug] <isc/hmacsha.h> was not being installed. [RT #28169]
+
+3289. [bug] 'rndc retransfer' failed for inline zones. [RT #28036]
+
+3288. [bug] dlz_destroy() function wasn't correctly registered
+ by the DLZ dlopen driver. [RT #28056]
+
+3287. [port] Update ans.pl to work with Net::DNS 0.68. [RT #28028]
+
+3286. [bug] Managed key maintenance timer could fail to start
+ after 'rndc reconfig'. [RT #26786]
+
+3285. [bug] val-frdataset was incorrectly disassociated in
+ proveunsecure after calling startfinddlvsep.
+ [RT #27928]
+
+3284. [bug] Address race conditions with the handling of
+ rbtnode.deadlink. [RT #27738]
+
+3283. [bug] Raw zones with with more than 512 records in a RRset
+ failed to load. [RT #27863]
+
+3282. [bug] Restrict the TTL of NS RRset to no more than that
+ of the old NS RRset when replacing it.
+ [RT #27792] [RT #27884]
+
+3281. [bug] SOA refresh queries could be treated as cancelled
+ despite succeeding over the loopback interface.
+ [RT #27782]
+
+3280. [bug] Potential double free of a rdataset on out of memory
+ with DNS64. [RT #27762]
+
+3279. [bug] Hold a internal reference to the zone while performing
+ a asynchronous load. Address potential memory leak
+ if the asynchronous is cancelled. [RT #27750]
+
+3278. [bug] Make sure automatic key maintenance is started
+ when "auto-dnssec maintain" is turned on during
+ "rndc reconfig". [RT #26805]
+
+3277. [bug] win32: isc_socket_dup is not implemented. [RT #27696]
+
+3276. [bug] win32: ns_os_openfile failed to return NULL on
+ safe_open failure. [RT #27696]
+
+3275. [bug] Corrected rndc -h output; the 'rndc sync -clean'
+ option had been misspelled as '-clear'. (To avoid
+ future confusion, both options now work.) [RT #27173]
+
+3274. [placeholder]
+
+3273. [bug] AAAA responses could be returned in the additional
+ section even when filter-aaaa-on-v4 was in use.
+ [RT #27292]
+
+3272. [func] New "rndc zonestatus" command prints information
+ about the specified zone. [RT #21671]
+
+3271. [port] darwin: mksymtbl is not always stable, loop several
+ times before giving up. mksymtbl was using non
+ portable perl to covert 64 bit hex strings. [RT #27653]
+
+ --- 9.9.0rc2 released ---
+
+3270. [bug] "rndc reload" didn't reuse existing zones correctly
+ when inline-signing was in use. [RT #27650]
+
+3269. [port] darwin 11 and later now built threaded by default.
+
+3268. [bug] Convert RRSIG expiry times to 64 timestamps to work
+ out the earliest expiry time. [RT #23311]
+
+3267. [bug] Memory allocation failures could be mis-reported as
+ unexpected error. New ISC_R_UNSET result code.
+ [RT #27336]
+
+3266. [bug] The maximum number of NSEC3 iterations for a
+ DNSKEY RRset was not being properly computed.
+ [RT #26543]
+
+3265. [bug] Corrected a problem with lock ordering in the
+ inline-signing code. [RT #27557]
+
+3264. [bug] Automatic regeneration of signatures in an
+ inline-signing zone could stall when the server
+ was restarted. [RT #27344]
+
+3263. [bug] "rndc sync" did not affect the unsigned side of an
+ inline-signing zone. [RT #27337]
+
+3262. [bug] Signed responses were handled incorrectly by RPZ.
+ [RT #27316]
+
+3261. [func] RRset ordering now defaults to random. [RT #27174]
+
+3260. [bug] "rrset-order cyclic" could appear not to rotate
+ for some query patterns. [RT #27170/27185]
+
+ --- 9.9.0rc1 released ---
+
+3259. [bug] named-compilezone: Suppress "dump zone to <file>"
+ message when writing to stdout. [RT #27109]
+
+3258. [test] Add "forcing full sign with unreadable keys" test.
+ [RT #27153]
+
+3257. [bug] Do not generate a error message when calling fsync()
+ in a pipe or socket. [RT #27109]
+
+3256. [bug] Disable empty zones for lwresd -C. [RT #27139]
+
+3255. [func] No longer require that a empty zones be explicitly
+ enabled or that a empty zone is disabled for
+ RFC 1918 empty zones to be configured. [RT #27139]
+
+3254. [bug] Set isc_socket_ipv6only() on the IPv6 control channels.
+ [RT #22249]
+
+3253. [bug] Return DNS_R_SYNTAX when the input to a text field is
+ too long. [RT #26956]
+
+3252. [bug] When master zones using inline-signing were
+ updated while the server was offline, the source
+ zone could fall out of sync with the signed
+ copy. They can now resynchronize. [RT #26676]
+
+3251. [bug] Enforce a upper bound (65535 bytes) on the amount of
+ memory dns_sdlz_putrr() can allocate per record to
+ prevent run away memory consumption on ISC_R_NOSPACE.
+ [RT #26956]
+
+3250. [func] 'configure --enable-developer'; turn on various
+ configure options, normally off by default, that
+ we want developers to build and test with. [RT #27103]
+
+3249. [bug] Update log message when saving slave zones files for
+ analysis after load failures. [RT #27087]
+
+3248. [bug] Configure options --enable-fixed-rrset and
+ --enable-exportlib were incompatible with each
+ other. [RT #27087]
+
+3247. [bug] 'raw' format zones failed to preserve load order
+ breaking 'fixed' sort order. [RT #27087]
+
+3246. [bug] Named failed to start with a empty also-notify list.
+ [RT #27087]
+
+3245. [bug] Don't report a error unchanged serials unless there
+ were other changes when thawing a zone with
+ ixfr-fromdifferences. [RT #26845]
+
+3244. [func] Added readline support to nslookup and nsupdate.
+ Also simplified nsupdate syntax to make "update"
+ and "prereq" optional. [RT #24659]
+
+3243. [port] freebsd,netbsd,bsdi: the thread defaults were not
+ being properly set.
+
+3242. [func] Extended the header of raw-format master files to
+ include the serial number of the zone from which
+ they were generated, if different (as in the case
+ of inline-signing zones). This is to be used in
+ inline-signing zones, to track changes between the
+ unsigned and signed versions of the zone, which may
+ have different serial numbers.
+
+ (Note: raw zonefiles generated by this version of
+ BIND are no longer compatible with prior versions.
+ To generate a backward-compatible raw zonefile
+ using dnssec-signzone or named-compilezone, specify
+ output format "raw=0" instead of simply "raw".)
+ [RT #26587]
+
+3241. [bug] Address race conditions in the resolver code.
+ [RT #26889]
+
+3240. [bug] DNSKEY state change events could be missed. [RT #26874]
+
+3239. [bug] dns_dnssec_findmatchingkeys needs to use a consistent
+ timestamp. [RT #26883]
+
+3238. [bug] keyrdata was not being reinitialized in
+ lib/dns/rbtdb.c:iszonesecure. [RT #26913]
+
+3237. [bug] dig -6 didn't work with +trace. [RT #26906]
+
+3236. [bug] Backed out changes #3182 and #3202, related to
+ EDNS(0) fallback behavior. [RT #26416]
+
+3235. [func] dns_db_diffx, a extended dns_db_diff which returns
+ the generated diff and optionally writes it to a
+ journal. [RT #26386]
+
+3234. [bug] 'make depend' produced invalid makefiles. [RT #26830]
+
+3233. [bug] 'rndc freeze/thaw' didn't work for inline zones.
+ [RT #26632]
+
+3232. [bug] Zero zone->curmaster before return in
+ dns_zone_setmasterswithkeys(). [RT #26732]
+
+3231. [bug] named could fail to send a incompressible zone.
+ [RT #26796]
+
+3230. [bug] 'dig axfr' failed to properly handle a multi-message
+ axfr with a serial of 0. [RT #26796]
+
+3229. [bug] Fix local variable to struct var assignment
+ found by CLANG warning.
+
+3228. [tuning] Dynamically grow symbol table to improve zone
+ loading performance. [RT #26523]
+
+3227. [bug] Interim fix to make WKS's use of getprotobyname()
+ and getservbyname() self thread safe. [RT #26232]
+
+3226. [bug] Address minor resource leakages. [RT #26624]
+
+3225. [bug] Silence spurious "setsockopt(517, IPV6_V6ONLY) failed"
+ messages. [RT #26507]
+
+3224. [bug] 'rndc signing' argument parsing was broken. [RT #26684]
+
+3223. [bug] 'task_test privilege_drop' generated false positives.
+ [RT #26766]
+
+3222. [cleanup] Replace dns_journal_{get,set}_bitws with
+ dns_journal_{get,set}_sourceserial. [RT #26634]
+
+3221. [bug] Fixed a potential core dump on shutdown due to
+ referencing fetch context after it's been freed.
+ [RT #26720]
+
+ --- 9.9.0b2 released ---
+
+3220. [bug] Change #3186 was incomplete; dns_db_rpz_findips()
+ could fail to set the database version correctly,
+ causing an assertion failure. [RT #26180]
+
+3219. [bug] Disable NOEDNS caching following a timeout.
+
+3218. [security] Cache lookup could return RRSIG data associated with
+ nonexistent records, leading to an assertion
+ failure. [RT #26590]
+
+3217. [cleanup] Fix build problem with --disable-static. [RT #26476]
+
+3216. [bug] resolver.c:validated() was not thread-safe. [RT #26478]
+
+3215. [bug] 'rndc recursing' could cause a core dump. [RT #26495]
+
+3214. [func] Add 'named -U' option to set the number of UDP
+ listener threads per interface. [RT #26485]
+
+3213. [doc] Clarify ixfr-from-differences behavior. [RT #25188]
+
+3212. [bug] rbtdb.c: failed to remove a node from the deadnodes
+ list prior to adding a reference to it leading a
+ possible assertion failure. [RT #23219]
+
+3211. [func] dnssec-signzone: "-f -" prints to stdout; "-O full"
+ option prints in single-line-per-record format.
+ [RT #20287]
+
+3210. [bug] Canceling the oldest query due to recursive-client
+ overload could trigger an assertion failure. [RT #26463]
+
+3209. [func] Add "dnssec-lookaside 'no'". [RT #24858]
+
+3208. [bug] 'dig -y' handle unknown tsig algorithm better.
+ [RT #25522]
+
+3207. [contrib] Fixed build error in Berkeley DB DLZ module. [RT #26444]
+
+3206. [cleanup] Add ISC information to log at start time. [RT #25484]
+
+3205. [func] Upgrade dig's defaults to better reflect modern
+ nameserver behavior. Enable "dig +adflag" and
+ "dig +edns=0" by default. Enable "+dnssec" when
+ running "dig +trace". [RT #23497]
+
+3204. [bug] When a master server that has been marked as
+ unreachable sends a NOTIFY, mark it reachable
+ again. [RT #25960]
+
+3203. [bug] Increase log level to 'info' for validation failures
+ from expired or not-yet-valid RRSIGs. [RT #21796]
+
+3202. [bug] NOEDNS caching on timeout was too aggressive.
+ [RT #26416]
+
+3201. [func] 'rndc querylog' can now be given an on/off parameter
+ instead of only being used as a toggle. [RT #18351]
+
+3200. [doc] Some rndc functions were undocumented or were
+ missing from 'rndc -h' output. [RT #25555]
+
+3199. [func] When logging client information, include the name
+ being queried. [RT #25944]
+
+3198. [doc] Clarified that dnssec-settime can alter keyfile
+ permissions. [RT #24866]
+
+3197. [bug] Don't try to log the filename and line number when
+ the config parser can't open a file. [RT #22263]
+
+3196. [bug] nsupdate: return nonzero exit code when target zone
+ doesn't exist. [RT #25783]
+
+3195. [cleanup] Silence "file not found" warnings when loading
+ managed-keys zone. [RT #26340]
+
+3194. [doc] Updated RFC references in the 'empty-zones-enable'
+ documentation. [RT #25203]
+
+3193. [cleanup] Changed MAXZONEKEYS to DNS_MAXZONEKEYS, moved to
+ dnssec.h. [RT #26415]
+
+3192. [bug] A query structure could be used after being freed.
+ [RT #22208]
+
+3191. [bug] Print NULL records using "unknown" format. [RT #26392]
+
+3190. [bug] Underflow in error handling in isc_mutexblock_init.
+ [RT #26397]
+
+3189. [test] Added a summary report after system tests. [RT #25517]
+
+3188. [bug] zone.c:zone_refreshkeys() could fail to detach
+ references correctly when errors occurred, causing
+ a hang on shutdown. [RT #26372]
+
+3187. [port] win32: support for Visual Studio 2008. [RT #26356]
+
+ --- 9.9.0b1 released ---
+
+3186. [bug] Version/db mismatch in rpz code. [RT #26180]
+
+3185. [func] New 'rndc signing' option for auto-dnssec zones:
+ - 'rndc signing -list' displays the current
+ state of signing operations
+ - 'rndc signing -clear' clears the signing state
+ records for keys that have fully signed the zone
+ - 'rndc signing -nsec3param' sets the NSEC3
+ parameters for the zone
+ The 'rndc keydone' syntax is removed. [RT #23729]
+
+3184. [bug] named had excessive cpu usage when a redirect zone was
+ configured. [RT #26013]
+
+3183. [bug] Added RTLD_GLOBAL flag to dlopen call. [RT #26301]
+
+3182. [bug] Auth servers behind firewalls which block packets
+ greater than 512 bytes may cause other servers to
+ perform poorly. Now, adb retains edns information
+ and caches noedns servers. [RT #23392/24964]
+
+3181. [func] Inline-signing is now supported for master zones.
+ [RT #26224]
+
+3180. [func] Local copies of slave zones are now saved in raw
+ format by default, to improve startup performance.
+ 'masterfile-format text;' can be used to override
+ the default, if desired. [RT #25867]
+
+3179. [port] kfreebsd: build issues. [RT #26273]
+
+3178. [bug] A race condition introduced by change #3163 could
+ cause an assertion failure on shutdown. [RT #26271]
+
+3177. [func] 'rndc keydone', remove the indicator record that
+ named has finished signing the zone with the
+ corresponding key. [RT #26206]
+
+3176. [doc] Corrected example code and added a README to the
+ sample external DLZ module in contrib/dlz/example.
+ [RT #26215]
+
+3175. [bug] Fix how DNSSEC positive wildcard responses from a
+ NSEC3 signed zone are validated. Stop sending a
+ unnecessary NSEC3 record when generating such
+ responses. [RT #26200]
+
+3174. [bug] Always compute to revoked key tag from scratch.
+ [RT #26186]
+
+3173. [port] Correctly validate root DS responses. [RT #25726]
+
+3172. [port] darwin 10.* and freebsd [89] are now built threaded by
+ default.
+
+3171. [bug] Exclusively lock the task when adding a zone using
+ 'rndc addzone'. [RT #25600]
+
+ --- 9.9.0a3 released ---
+
+3170. [func] RPZ update:
+ - fix precedence among competing rules
+ - improve ARM text including documenting rule precedence
+ - try to rewrite CNAME chains until first hit
+ - new "rpz" logging channel
+ - RDATA for CNAME rules can include wildcards
+ - replace "NO-OP" named.conf policy override with
+ "PASSTHRU" and add "DISABLED" override ("NO-OP"
+ is still recognized)
+ [RT #25172]
+
+3169. [func] Catch db/version mis-matches when calling dns_db_*().
+ [RT #26017]
+
+3168. [bug] Nxdomain redirection could trigger an assert with
+ a ANY query. [RT #26017]
+
+3167. [bug] Negative answers from forwarders were not being
+ correctly tagged making them appear to not be cached.
+ [RT #25380]
+
+3166. [bug] Upgrading a zone to support inline-signing failed.
+ [RT #26014]
+
+3165. [bug] dnssec-signzone could generate new signatures when
+ resigning, even when valid signatures were already
+ present. [RT #26025]
+
+3164. [func] Enable DLZ modules to retrieve client information,
+ so that responses can be changed depending on the
+ source address of the query. [RT #25768]
+
+3163. [bug] Use finer-grained locking in client.c to address
+ concurrency problems with large numbers of threads.
+ [RT #26044]
+
+3162. [test] start.pl: modified to allow for "named.args" in
+ ns*/ subdirectory to override stock arguments to
+ named. Largely from RT #26044, but no separate ticket.
+
+3161. [bug] zone.c:del_sigs failed to always reset rdata leading
+ assertion failures. [RT #25880]
+
+3160. [bug] When printing out a NSEC3 record in multiline form
+ the newline was not being printed causing type codes
+ to be run together. [RT #25873]
+
+3159. [bug] On some platforms, named could assert on startup
+ when running in a chrooted environment without
+ /proc. [RT #25863]
+
+3158. [bug] Recursive servers would prefer a particular UDP
+ socket instead of using all available sockets.
+ [RT #26038]
+
+3157. [tuning] Reduce the time spent in "rndc reconfig" by parsing
+ the config file before pausing the server. [RT #21373]
+
+3156. [placeholder]
+
+ --- 9.9.0a2 released ---
+
+3155. [bug] Fixed a build failure when using contrib DLZ
+ drivers (e.g., mysql, postgresql, etc). [RT #25710]
+
+3154. [bug] Attempting to print an empty rdataset could trigger
+ an assert. [RT #25452]
+
+3153. [func] Extend request-ixfr to zone level and remove the
+ side effect of forcing an AXFR. [RT #25156]
+
+3152. [cleanup] Some versions of gcc and clang failed due to
+ incorrect use of __builtin_expect. [RT #25183]
+
+3151. [bug] Queries for type RRSIG or SIG could be handled
+ incorrectly. [RT #21050]
+
+3150. [func] Improved startup and reconfiguration time by
+ enabling zones to load in multiple threads. [RT #25333]
+
+3149. [placeholder]
+
+3148. [bug] Processing of normal queries could be stalled when
+ forwarding a UPDATE message. [RT #24711]
+
+3147. [func] Initial inline signing support. [RT #23657]
+
+ --- 9.9.0a1 released ---
+
+3146. [test] Fixed gcc4.6.0 errors in ATF. [RT #25598]
+
+3145. [test] Capture output of ATF unit tests in "./atf.out" if
+ there were any errors while running them. [RT #25527]
+
+3144. [bug] dns_dbiterator_seek() could trigger an assert when
+ used with a nonexistent database node. [RT #25358]
+
+3143. [bug] Silence clang compiler warnings. [RT #25174]
+
+3142. [bug] NAPTR is class agnostic. [RT #25429]
+
+3141. [bug] Silence spurious "zone serial (0) unchanged" messages
+ associated with empty zones. [RT #25079]
+
+3140. [func] New command "rndc flushtree <name>" clears the
+ specified name from the server cache along with
+ all names under it. [RT #19970]
+
+3139. [test] Added tests from RFC 6234, RFC 2202, and RFC 1321
+ for the hashing algorithms (md5, sha1 - sha512, and
+ their hmac counterparts). [RT #25067]
+
+3138. [bug] Address memory leaks and out-of-order operations when
+ shutting named down. [RT #25210]
+
+3137. [func] Improve hardware scalability by allowing multiple
+ worker threads to process incoming UDP packets.
+ This can significantly increase query throughput
+ on some systems. [RT #22992]
+
+3136. [func] Add RFC 1918 reverse zones to the list of built-in
+ empty zones switched on by the 'empty-zones-enable'
+ option. [RT #24990]
+
+3135. [port] FreeBSD: workaround broken IPV6_USE_MIN_MTU processing.
+ See http://www.freebsd.org/cgi/query-pr.cgi?pr=158307
+ [RT #24950]
+
+3134. [bug] Improve the accuracy of dnssec-signzone's signing
+ statistics. [RT #16030]
+
+3133. [bug] Change #3114 was incomplete. [RT #24577]
+
+3132. [placeholder]
+
+3131. [tuning] Improve scalability by allocating one zone task
+ per 100 zones at startup time, rather than using a
+ fixed-size task table. [RT #24406]
+
+3130. [func] Support alternate methods for managing a dynamic
+ zone's serial number. Two methods are currently
+ defined using serial-update-method, "increment"
+ (default) and "unixtime". [RT #23849]
+
+3129. [bug] Named could crash on 'rndc reconfig' when
+ allow-new-zones was set to yes and named ACLs
+ were used. [RT #22739]
+
+3128. [func] Inserting an NSEC3PARAM via dynamic update in an
+ auto-dnssec zone that has not been signed yet
+ will cause it to be signed with the specified NSEC3
+ parameters when keys are activated. The
+ NSEC3PARAM record will not appear in the zone until
+ it is signed, but the parameters will be stored.
+ [RT #23684]
+
+3127. [bug] 'rndc thaw' will now remove a zone's journal file
+ if the zone serial number has been changed and
+ ixfr-from-differences is not in use. [RT #24687]
+
+3126. [security] Using DNAME record to generate replacements caused
+ RPZ to exit with a assertion failure. [RT #24766]
+
+3125. [security] Using wildcard CNAME records as a replacement with
+ RPZ caused named to exit with a assertion failure.
+ [RT #24715]
+
+3124. [bug] Use an rdataset attribute flag to indicate
+ negative-cache records rather than using rrtype 0;
+ this will prevent problems when that rrtype is
+ used in actual DNS packets. [RT #24777]
+
+3123. [security] Change #2912 exposed a latent flaw in
+ dns_rdataset_totext() that could cause named to
+ crash with an assertion failure. [RT #24777]
+
+3122. [cleanup] dnssec-settime: corrected usage message. [RT #24664]
+
+3121. [security] An authoritative name server sending a negative
+ response containing a very large RRset could
+ trigger an off-by-one error in the ncache code
+ and crash named. [RT #24650]
+
+3120. [bug] Named could fail to validate zones listed in a DLV
+ that validated insecure without using DLV and had
+ DS records in the parent zone. [RT #24631]
+
+3119. [bug] When rolling to a new DNSSEC key, a private-type
+ record could be created and never marked complete.
+ [RT #23253]
+
+3118. [bug] nsupdate could dump core on shutdown when using
+ SIG(0) keys. [RT #24604]
+
+3117. [cleanup] Remove doc and parser references to the
+ never-implemented 'auto-dnssec create' option.
+ [RT #24533]
+
+3116. [func] New 'dnssec-update-mode' option controls updates
+ of DNSSEC records in signed dynamic zones. Set to
+ 'no-resign' to disable automatic RRSIG regeneration
+ while retaining the ability to sign new or changed
+ data. [RT #24533]
+
+3115. [bug] Named could fail to return requested data when
+ following a CNAME that points into the same zone.
+ [RT #24455]
+
+3114. [bug] Retain expired RRSIGs in dynamic zones if key is
+ inactive and there is no replacement key. [RT #23136]
+
+3113. [doc] Document the relationship between serial-query-rate
+ and NOTIFY messages.
+
+3112. [doc] Add missing descriptions of the update policy name
+ types "ms-self", "ms-subdomain", "krb5-self" and
+ "krb5-subdomain", which allow machines to update
+ their own records, to the BIND 9 ARM.
+
+3111. [bug] Improved consistency checks for dnssec-enable and
+ dnssec-validation, added test cases to the
+ checkconf system test. [RT #24398]
+
+3110. [bug] dnssec-signzone: Wrong error message could appear
+ when attempting to sign with no KSK. [RT #24369]
+
+3109. [func] The also-notify option now uses the same syntax
+ as a zone's masters clause. This means it is
+ now possible to specify a TSIG key to use when
+ sending notifies to a given server, or to include
+ an explicit named masters list in an also-notify
+ statement. [RT #23508]
+
+3108. [cleanup] dnssec-signzone: Clarified some error and
+ warning messages; removed #ifdef ALLOW_KSKLESS_ZONES
+ code (use -P instead). [RT #20852]
+
+3107. [bug] dnssec-signzone: Report the correct number of ZSKs
+ when using -x. [RT #20852]
+
+3106. [func] When logging client requests, include the name of
+ the TSIG key if any. [RT #23619]
+
+3105. [bug] GOST support can be suppressed by "configure
+ --without-gost" [RT #24367]
+
+3104. [bug] Better support for cross-compiling. [RT #24367]
+
+3103. [bug] Configuring 'dnssec-validation auto' in a view
+ instead of in the options statement could trigger
+ an assertion failure in named-checkconf. [RT #24382]
+
+3102. [func] New 'dnssec-loadkeys-interval' option configures
+ how often, in minutes, to check the key repository
+ for updates when using automatic key maintenance.
+ Default is every 60 minutes (formerly hard-coded
+ to 12 hours). [RT #23744]
+
+3101. [bug] Zones using automatic key maintenance could fail
+ to check the key repository for updates. [RT #23744]
+
+3100. [security] Certain response policy zone configurations could
+ trigger an INSIST when receiving a query of type
+ RRSIG. [RT #24280]
+
+3099. [test] "dlz" system test now runs but gives R:SKIPPED if
+ not compiled with --with-dlz-filesystem. [RT #24146]
+
+3098. [bug] DLZ zones were answering without setting the AA bit.
+ [RT #24146]
+
+3097. [test] Add a tool to test handling of malformed packets.
+ [RT #24096]
+
+3096. [bug] Set KRB5_KTNAME before calling log_cred() in
+ dst_gssapi_acceptctx(). [RT #24004]
+
+3095. [bug] Handle isolated reserved ports in the port range.
+ [RT #23957]
+
+3094. [doc] Expand dns64 documentation.
+
+3093. [bug] Fix gssapi/kerberos dependencies [RT #23836]
+
+3092. [bug] Signatures for records at the zone apex could go
+ stale due to an incorrect timer setting. [RT #23769]
+
+3091. [bug] Fixed a bug in which zone keys that were published
+ and then subsequently activated could fail to trigger
+ automatic signing. [RT #22911]
+
+3090. [func] Make --with-gssapi default [RT #23738]
+
+3089. [func] dnssec-dsfromkey now supports reading keys from
+ standard input "dnssec-dsfromkey -f -". [RT #20662]
+
+3088. [bug] Remove bin/tests/system/logfileconfig/ns1/named.conf
+ and add setup.sh in order to resolve changing
+ named.conf issue. [RT #23687]
+
+3087. [bug] DDNS updates using SIG(0) with update-policy match
+ type "external" could cause a crash. [RT #23735]
+
+3086. [bug] Running dnssec-settime -f on an old-style key will
+ now force an update to the new key format even if no
+ other change has been specified, using "-P now -A now"
+ as default values. [RT #22474]
+
+3085. [func] New '-R' option in dnssec-signzone forces removal
+ of signatures which have not yet expired but
+ were generated by a key that no longer exists.
+ [RT #22471]
+
+3084. [func] A new command "rndc sync" dumps pending changes in
+ a dynamic zone to disk; "rndc sync -clean" also
+ removes the journal file after syncing. Also,
+ "rndc freeze" no longer removes journal files.
+ [RT #22473]
+
+3083. [bug] NOTIFY messages were not being sent when generating
+ a NSEC3 chain incrementally. [RT #23702]
+
+3082. [port] strtok_r is threads only. [RT #23747]
+
+3081. [bug] Failure of DNAME substitution did not return
+ YXDOMAIN. [RT #23591]
+
+3080. [cleanup] Replaced compile time constant by STDTIME_ON_32BITS.
+ [RT #23587]
+
+3079. [bug] Handle isc_event_allocate failures in t_tasks.
+ [RT #23572]
+
+3078. [func] Added a new include file with function typedefs
+ for the DLZ "dlopen" driver. [RT #23629]
+
+3077. [bug] zone.c:zone_refreshkeys() incorrectly called
+ dns_zone_attach(), use zone->irefs instead. [RT #23303]
+
+3076. [func] New '-L' option in dnssec-keygen, dnsset-settime, and
+ dnssec-keyfromlabel sets the default TTL of the
+ key. When possible, automatic signing will use that
+ TTL when the key is published. [RT #23304]
+
+3075. [bug] dns_dnssec_findzonekeys{2} used a inconsistent
+ timestamp when determining which keys are active.
+ [RT #23642]
+
+3074. [bug] Make the adb cache read through for zone data and
+ glue learn for zone named is authoritative for.
+ [RT #22842]
+
+3073. [bug] managed-keys changes were not properly being recorded.
+ [RT #20256]
+
+3072. [bug] dns_dns64_aaaaok() potential NULL pointer dereference.
+ [RT #20256]
+
+3071. [bug] has_nsec could be used uninitialized in
+ update.c:next_active. [RT #20256]
+
+3070. [bug] dnssec-signzone potential NULL pointer dereference.
+ [RT #20256]
+
+3069. [cleanup] Silence warnings messages from clang static analysis.
+ [RT #20256]
+
+3068. [bug] Named failed to build with a OpenSSL without engine
+ support. [RT #23473]
+
+3067. [bug] ixfr-from-differences {master|slave}; failed to
+ select the master/slave zones. [RT #23580]
+
+3066. [func] The DLZ "dlopen" driver is now built by default,
+ no longer requiring a configure option. To
+ disable it, use "configure --without-dlopen".
+ Driver also supported on win32. [RT #23467]
+
+3065. [bug] RRSIG could have time stamps too far in the future.
+ [RT #23356]
+
+3064. [bug] powerpc: add sync instructions to the end of atomic
+ operations. [RT #23469]
+
+3063. [contrib] More verbose error reporting from DLZ LDAP. [RT #23402]
+
+3062. [func] Made several changes to enhance human readability
+ of DNSSEC data in dig output and in generated
+ zone files:
+ - DNSKEY record comments are more verbose, no
+ longer used in multiline mode only
+ - multiline RRSIG records reformatted
+ - multiline output mode for NSEC3PARAM records
+ - "dig +norrcomments" suppresses DNSKEY comments
+ - "dig +split=X" breaks hex/base64 records into
+ fields of width X; "dig +nosplit" disables this.
+ [RT #22820]
+
+3061. [func] New option "dnssec-signzone -D", only write out
+ generated DNSSEC records. [RT #22896]
+
+3060. [func] New option "dnssec-signzone -X <date>" allows
+ specification of a separate expiration date
+ for DNSKEY RRSIGs and other RRSIGs. [RT #22141]
+
+3059. [test] Added a regression test for change #3023.
+
+3058. [bug] Cause named to terminate at startup or rndc reconfig/
+ reload to fail, if a log file specified in the conf
+ file isn't a plain file. [RT #22771]
+
+3057. [bug] "rndc secroots" would abort after the first error
+ and so could miss some views. [RT #23488]
+
+3056. [func] Added support for URI resource record. [RT #23386]
+
+3055. [placeholder]
+
+3054. [bug] Added elliptic curve support check in
+ GOST OpenSSL engine detection. [RT #23485]
+
+3053. [bug] Under a sustained high query load with a finite
+ max-cache-size, it was possible for cache memory
+ to be exhausted and not recovered. [RT #23371]
+
+3052. [test] Fixed last autosign test report. [RT #23256]
+
+3051. [bug] NS records obscure DNAME records at the bottom of the
+ zone if both are present. [RT #23035]
+
+3050. [bug] The autosign system test was timing dependent.
+ Wait for the initial autosigning to complete
+ before running the rest of the test. [RT #23035]
+
+3049. [bug] Save and restore the gid when creating creating
+ named.pid at startup. [RT #23290]
+
+3048. [bug] Fully separate view key management. [RT #23419]
+
+3047. [bug] DNSKEY NODATA responses not cached fixed in
+ validator.c. Tests added to dnssec system test.
+ [RT #22908]
+
+3046. [bug] Use RRSIG original TTL to compute validated RRset
+ and RRSIG TTL. [RT #23332]
+
+3045. [removed] Replaced by change #3050.
+
+3044. [bug] Hold the socket manager lock while freeing the socket.
+ [RT #23333]
+
+3043. [test] Merged in the NetBSD ATF test framework (currently
+ version 0.12) for development of future unit tests.
+ Use configure --with-atf to build ATF internally
+ or configure --with-atf=prefix to use an external
+ copy. [RT #23209]
+
+3042. [bug] dig +trace could fail attempting to use IPv6
+ addresses on systems with only IPv4 connectivity.
+ [RT #23297]
+
+3041. [bug] dnssec-signzone failed to generate new signatures on
+ ttl changes. [RT #23330]
+
+3040. [bug] Named failed to validate insecure zones where a node
+ with a CNAME existed between the trust anchor and the
+ top of the zone. [RT #23338]
+
+3039. [func] Redirect on NXDOMAIN support. [RT #23146]
+
+3038. [bug] Install <dns/rpz.h>. [RT #23342]
+
+3037. [doc] Update COPYRIGHT to contain all the individual
+ copyright notices that cover various parts.
+
+3036. [bug] Check built-in zone arguments to see if the zone
+ is re-usable or not. [RT #21914]
+
+3035. [cleanup] Simplify by using strlcpy. [RT #22521]
+
+3034. [cleanup] nslookup: use strlcpy instead of safecopy. [RT #22521]
+
+3033. [cleanup] Add two INSIST(bucket != DNS_ADB_INVALIDBUCKET).
+ [RT #22521]
+
+3032. [bug] rdatalist.c: add missing REQUIREs. [RT #22521]
+
+3031. [bug] dns_rdataclass_format() handle a zero sized buffer.
+ [RT #22521]
+
+3030. [bug] dns_rdatatype_format() handle a zero sized buffer.
+ [RT #22521]
+
+3029. [bug] isc_netaddr_format() handle a zero sized buffer.
+ [RT #22521]
+
+3028. [bug] isc_sockaddr_format() handle a zero sized buffer.
+ [RT #22521]
+
+3027. [bug] Add documented REQUIREs to cfg_obj_asnetprefix() to
+ catch NULL pointer dereferences before they happen.
+ [RT #22521]
+
+3026. [bug] lib/isc/httpd.c: check that we have enough space
+ after calling grow_headerspace() and if not
+ re-call grow_headerspace() until we do. [RT #22521]
+
+3025. [bug] Fixed a possible deadlock due to zone resigning.
+ [RT #22964]
+
+3024. [func] RTT Banding removed due to minor security increase
+ but major impact on resolver latency. [RT #23310]
+
+3023. [bug] Named could be left in an inconsistent state when
+ receiving multiple AXFR response messages that were
+ not all TSIG-signed. [RT #23254]
+
+3022. [bug] Fixed rpz SERVFAILs after failed zone transfers
+ [RT #23246]
+
+3021. [bug] Change #3010 was incomplete. [RT #22296]
+
+3020. [bug] auto-dnssec failed to correctly update the zone when
+ changing the DNSKEY RRset. [RT #23232]
+
+3019. [test] Test: check apex NSEC3 records after adding DNSKEY
+ record via UPDATE. [RT #23229]
+
+3018. [bug] Named failed to check for the "none;" acl when deciding
+ if a zone may need to be re-signed. [RT #23120]
+
+3017. [doc] dnssec-keyfromlabel -I was not properly documented.
+ [RT #22887]
+
+3016. [bug] rndc usage missing '-b'. [RT #22937]
+
+3015. [port] win32: fix IN6_IS_ADDR_LINKLOCAL and
+ IN6_IS_ADDR_SITELOCAL macros. [RT #22724]
+
+3014. [placeholder]
+
+3013. [bug] The DNS64 ttl was not always being set as expected.
+ [RT #23034]
+
+3012. [bug] Remove DNSKEY TTL change pairs before generating
+ signing records for any remaining DNSKEY changes.
+ [RT #22590]
+
+3011. [func] Change the default query timeout from 30 seconds
+ to 10. Allow setting this in named.conf using the new
+ 'resolver-query-timeout' option, which specifies a max
+ time in seconds. 0 means 'default' and anything longer
+ than 30 will be silently set to 30. [RT #22852]
+
+3010. [bug] Fixed a bug where "rndc reconfig" stopped the timer
+ for refreshing managed-keys. [RT #22296]
+
+3009. [bug] clients-per-query code didn't work as expected with
+ particular query patterns. [RT #22972]
+
+ --- 9.8.0b1 released ---
+
+3008. [func] Response policy zones (RPZ) support. [RT #21726]
+
+3007. [bug] Named failed to preserve the case of domain names in
+ rdata which is not compressible when writing master
+ files. [RT #22863]
+
+3006. [func] Allow dynamically generated TSIG keys to be preserved
+ across restarts of named. Initially this is for
+ TSIG keys generated using GSSAPI. [RT #22639]
+
+3005. [port] Solaris: Work around the lack of
+ gsskrb5_register_acceptor_identity() by setting
+ the KRB5_KTNAME environment variable to the
+ contents of tkey-gssapi-keytab. Also fixed
+ test errors on MacOSX. [RT #22853]
+
+3004. [func] DNS64 reverse support. [RT #22769]
+
+3003. [experimental] Added update-policy match type "external",
+ enabling named to defer the decision of whether to
+ allow a dynamic update to an external daemon.
+ (Contributed by Andrew Tridgell.) [RT #22758]
+
+3002. [bug] isc_mutex_init_errcheck() failed to destroy attr.
+ [RT #22766]
+
+3001. [func] Added a default trust anchor for the root zone, which
+ can be switched on by setting "dnssec-validation auto;"
+ in the named.conf options. [RT #21727]
+
+3000. [bug] More TKEY/GSS fixes:
+ - nsupdate can now get the default realm from
+ the user's Kerberos principal
+ - corrected gsstest compilation flags
+ - improved documentation
+ - fixed some NULL dereferences
+ [RT #22795]
+
+2999. [func] Add GOST support (RFC 5933). [RT #20639]
+
+2998. [func] Add isc_task_beginexclusive and isc_task_endexclusive
+ to the task api. [RT #22776]
+
+2997. [func] named -V now reports the OpenSSL and libxml2 versions
+ it was compiled against. [RT #22687]
+
+2996. [security] Temporarily disable SO_ACCEPTFILTER support.
+ [RT #22589]
+
+2995. [bug] The Kerberos realm was not being correctly extracted
+ from the signer's identity. [RT #22770]
+
+2994. [port] NetBSD: use pthreads by default on NetBSD >= 5.0, and
+ do not use threads on earlier versions. Also kill
+ the unproven-pthreads, mit-pthreads, and ptl2 support.
+
+2993. [func] Dynamically grow adb hash tables. [RT #21186]
+
+2992. [contrib] contrib/check-secure-delegation.pl: A simple tool
+ for looking at a secure delegation. [RT #22059]
+
+2991. [contrib] contrib/zone-edit.sh: A simple zone editing tool for
+ dynamic zones. [RT #22365]
+
+2990. [bug] 'dnssec-settime -S' no longer tests prepublication
+ interval validity when the interval is set to 0.
+ [RT #22761]
+
+2989. [func] Added support for writable DLZ zones. (Contributed
+ by Andrew Tridgell of the Samba project.) [RT #22629]
+
+2988. [experimental] Added a "dlopen" DLZ driver, allowing the creation
+ of external DLZ drivers that can be loaded as
+ shared objects at runtime rather than linked with
+ named. Currently this is switched on via a
+ compile-time option, "configure --with-dlz-dlopen".
+ Note: the syntax for configuring DLZ zones
+ is likely to be refined in future releases.
+ (Contributed by Andrew Tridgell of the Samba
+ project.) [RT #22629]
+
+2987. [func] Improve ease of configuring TKEY/GSS updates by
+ adding a "tkey-gssapi-keytab" option. If set,
+ updates will be allowed with any key matching
+ a principal in the specified keytab file.
+ "tkey-gssapi-credential" is no longer required
+ and is expected to be deprecated. (Contributed
+ by Andrew Tridgell of the Samba project.)
+ [RT #22629]
+
+2986. [func] Add new zone type "static-stub". It's like a stub
+ zone, but the nameserver names and/or their IP
+ addresses are statically configured. [RT #21474]
+
+2985. [bug] Add a regression test for change #2896. [RT #21324]
+
+2984. [bug] Don't run MX checks when the target of the MX record
+ is ".". [RT #22645]
+
+2983. [bug] Include "loadkeys" in rndc help output. [RT #22493]
+
+ --- 9.8.0a1 released ---
+
+2982. [bug] Reference count dst keys. dst_key_attach() can be used
+ increment the reference count.
+
+ Note: dns_tsigkey_createfromkey() callers should now
+ always call dst_key_free() rather than setting it
+ to NULL on success. [RT #22672]
+
+2981. [func] Partial DNS64 support (AAAA synthesis). [RT #21991]
+
+2980. [bug] named didn't properly handle UPDATES that changed the
+ TTL of the NSEC3PARAM RRset. [RT #22363]
+
+2979. [bug] named could deadlock during shutdown if two
+ "rndc stop" commands were issued at the same
+ time. [RT #22108]
+
+2978. [port] hpux: look for <devpoll.h> [RT #21919]
+
+2977. [bug] 'nsupdate -l' report if the session key is missing.
+ [RT #21670]
+
+2976. [bug] named could die on exit after negotiating a GSS-TSIG
+ key. [RT #22573]
+
+2975. [bug] rbtdb.c:cleanup_dead_nodes_callback() acquired the
+ wrong lock which could lead to server deadlock.
+ [RT #22614]
+
+2974. [bug] Some valid UPDATE requests could fail due to a
+ consistency check examining the existing version
+ of the zone rather than the new version resulting
+ from the UPDATE. [RT #22413]
+
+2973. [bug] bind.keys.h was being removed by the "make clean"
+ at the end of configure resulting in build failures
+ where there is very old version of perl installed.
+ Move it to "make maintainer-clean". [RT #22230]
+
+2972. [bug] win32: address windows socket errors. [RT #21906]
+
+2971. [bug] Fixed a bug that caused journal files not to be
+ compacted on Windows systems as a result of
+ non-POSIX-compliant rename() semantics. [RT #22434]
+
+2970. [security] Adding a NO DATA negative cache entry failed to clear
+ any matching RRSIG records. A subsequent lookup of
+ of NO DATA cache entry could trigger a INSIST when the
+ unexpected RRSIG was also returned with the NO DATA
+ cache entry.
+
+ CVE-2010-3613, VU#706148. [RT #22288]
+
+2969. [security] Fix acl type processing so that allow-query works
+ in options and view statements. Also add a new
+ set of tests to verify proper functioning.
+
+ CVE-2010-3615, VU#510208. [RT #22418]
+
+2968. [security] Named could fail to prove a data set was insecure
+ before marking it as insecure. One set of conditions
+ that can trigger this occurs naturally when rolling
+ DNSKEY algorithms.
+
+ CVE-2010-3614, VU#837744. [RT #22309]
+
+2967. [bug] 'host -D' now turns on debugging messages earlier.
+ [RT #22361]
+
+2966. [bug] isc_print_vsnprintf() failed to check if there was
+ space available in the buffer when adding a left
+ justified character with a non zero width,
+ (e.g. "%-1c"). [RT #22270]
+
+2965. [func] Test HMAC functions using test data from RFC 2104 and
+ RFC 4634. [RT #21702]
+
+2964. [placeholder]
+
+2963. [security] The allow-query acl was being applied instead of the
+ allow-query-cache acl to cache lookups. [RT #22114]
+
+2962. [port] win32: add more dependencies to BINDBuild.dsw.
+ [RT #22062]
+
+2961. [bug] Be still more selective about the non-authoritative
+ answers we apply change 2748 to. [RT #22074]
+
+2960. [func] Check that named accepts non-authoritative answers.
+ [RT #21594]
+
+2959. [func] Check that named starts with a missing masterfile.
+ [RT #22076]
+
+2958. [bug] named failed to start with a missing master file.
+ [RT #22076]
+
+2957. [bug] entropy_get() and entropy_getpseudo() failed to match
+ the API for RAND_bytes() and RAND_pseudo_bytes()
+ respectively. [RT #21962]
+
+2956. [port] Enable atomic operations on the PowerPC64. [RT #21899]
+
+2955. [func] Provide more detail in the recursing log. [RT #22043]
+
+2954. [bug] contrib: dlz_mysql_driver.c bad error handling on
+ build_sqldbinstance failure. [RT #21623]
+
+2953. [bug] Silence spurious "expected covering NSEC3, got an
+ exact match" message when returning a wildcard
+ no data response. [RT #21744]
+
+2952. [port] win32: named-checkzone and named-checkconf failed
+ to initialize winsock. [RT #21932]
+
+2951. [bug] named failed to generate a correct signed response
+ in a optout, delegation only zone with no secure
+ delegations. [RT #22007]
+
+2950. [bug] named failed to perform a SOA up to date check when
+ falling back to TCP on UDP timeouts when
+ ixfr-from-differences was set. [RT #21595]
+
+2949. [bug] dns_view_setnewzones() contained a memory leak if
+ it was called multiple times. [RT #21942]
+
+2948. [port] MacOS: provide a mechanism to configure the test
+ interfaces at reboot. See bin/tests/system/README
+ for details.
+
+2947. [placeholder]
+
+2946. [doc] Document the default values for the minimum and maximum
+ zone refresh and retry values in the ARM. [RT #21886]
+
+2945. [doc] Update empty-zones list in ARM. [RT #21772]
+
+2944. [maint] Remove ORCHID prefix from built in empty zones.
+ [RT #21772]
+
+2943. [func] Add support to load new keys into managed zones
+ without signing immediately with "rndc loadkeys".
+ Add support to link keys with "dnssec-keygen -S"
+ and "dnssec-settime -S". [RT #21351]
+
+2942. [contrib] zone2sqlite failed to setup the entropy sources.
+ [RT #21610]
+
+2941. [bug] sdb and sdlz (dlz's zone database) failed to support
+ DNAME at the zone apex. [RT #21610]
+
+2940. [port] Remove connection aborted error message on
+ Windows. [RT #21549]
+
+2939. [func] Check that named successfully skips NSEC3 records
+ that fail to match the NSEC3PARAM record currently
+ in use. [RT #21868]
+
+2938. [bug] When generating signed responses, from a signed zone
+ that uses NSEC3, named would use a uninitialized
+ pointer if it needed to skip a NSEC3 record because
+ it didn't match the selected NSEC3PARAM record for
+ zone. [RT #21868]
+
+2937. [bug] Worked around an apparent race condition in over
+ memory conditions. Without this fix a DNS cache DB or
+ ADB could incorrectly stay in an over memory state,
+ effectively refusing further caching, which
+ subsequently made a BIND 9 caching server unworkable.
+ This fix prevents this problem from happening by
+ polling the state of the memory context, rather than
+ making a copy of the state, which appeared to cause
+ a race. This is a "workaround" in that it doesn't
+ solve the possible race per se, but several experiments
+ proved this change solves the symptom. Also, the
+ polling overhead hasn't been reported to be an issue.
+ This bug should only affect a caching server that
+ specifies a finite max-cache-size. It's also quite
+ likely that the bug happens only when enabling threads,
+ but it's not confirmed yet. [RT #21818]
+
+2936. [func] Improved configuration syntax and multiple-view
+ support for addzone/delzone feature (see change
+ #2930). Removed "new-zone-file" option, replaced
+ with "allow-new-zones (yes|no)". The new-zone-file
+ for each view is now created automatically, with
+ a filename generated from a hash of the view name.
+ It is no longer necessary to "include" the
+ new-zone-file in named.conf; this happens
+ automatically. Zones that were not added via
+ "rndc addzone" can no longer be removed with
+ "rndc delzone". [RT #19447]
+
+2935. [bug] nsupdate: improve 'file not found' error message.
+ [RT #21871]
+
+2934. [bug] Use ANSI C compliant shift range in lib/isc/entropy.c.
+ [RT #21871]
+
+2933. [bug] 'dig +nsid' used stack memory after it went out of
+ scope. This could potentially result in a unknown,
+ potentially malformed, EDNS option being sent instead
+ of the desired NSID option. [RT #21781]
+
+2932. [cleanup] Corrected a numbering error in the "dnssec" test.
+ [RT #21597]
+
+2931. [bug] Temporarily and partially disable change 2864
+ because it would cause infinite attempts of RRSIG
+ queries. This is an urgent care fix; we'll
+ revisit the issue and complete the fix later.
+ [RT #21710]
+
+2930. [experimental] New "rndc addzone" and "rndc delzone" commands
+ allow dynamic addition and deletion of zones.
+ To enable this feature, specify a "new-zone-file"
+ option at the view or options level in named.conf.
+ Zone configuration information for the new zones
+ will be written into that file. To make the new
+ zones persist after a restart, "include" the file
+ into named.conf in the appropriate view. (Note:
+ This feature is not yet documented, and its syntax
+ is expected to change.) [RT #19447]
+
+2929. [bug] Improved handling of GSS security contexts:
+ - added LRU expiration for generated TSIGs
+ - added the ability to use a non-default realm
+ - added new "realm" keyword in nsupdate
+ - limited lifetime of generated keys to 1 hour
+ or the lifetime of the context (whichever is
+ smaller)
+ [RT #19737]
+
+2928. [bug] Be more selective about the non-authoritative
+ answer we apply change 2748 to. [RT #21594]
+
+2927. [placeholder]
+
+2926. [placeholder]
+
+2925. [bug] Named failed to accept uncachable negative responses
+ from insecure zones. [RT #21555]
+
+2924. [func] 'rndc secroots' dump a combined summary of the
+ current managed keys combined with trusted keys.
+ [RT #20904]
+
+2923. [bug] 'dig +trace' could drop core after "connection
+ timeout". [RT #21514]
+
+2922. [contrib] Update zkt to version 1.0.
+
+2921. [bug] The resolver could attempt to destroy a fetch context
+ too soon. [RT #19878]
+
+2920. [func] Allow 'filter-aaaa-on-v4' to be applied selectively
+ to IPv4 clients. New acl 'filter-aaaa' (default any).
+
+2919. [func] Add autosign-ksk and autosign-zsk virtual time tests.
+ [RT #20840]
+
+2918. [maint] Add AAAA address for I.ROOT-SERVERS.NET.
+
+2917. [func] Virtual time test framework. [RT #20801]
+
+2916. [func] Add framework to use IPv6 in tests.
+ fd92:7065:b8e:ffff::1 ... fd92:7065:b8e:ffff::7
+
+2915. [cleanup] Be smarter about which objects we attempt to compile
+ based on configure options. [RT #21444]
+
+2914. [bug] Make the "autosign" system test more portable.
+ [RT #20997]
+
+2913. [func] Add pkcs#11 system tests. [RT #20784]
+
+2912. [func] Windows clients don't like UPDATE responses that clear
+ the zone section. [RT #20986]
+
+2911. [bug] dnssec-signzone didn't handle out of zone records well.
+ [RT #21367]
+
+2910. [func] Sanity check Kerberos credentials. [RT #20986]
+
+2909. [bug] named-checkconf -p could die if "update-policy local;"
+ was specified in named.conf. [RT #21416]
+
+2908. [bug] It was possible for re-signing to stop after removing
+ a DNSKEY. [RT #21384]
+
+2907. [bug] The export version of libdns had undefined references.
+ [RT #21444]
+
+2906. [bug] Address RFC 5011 implementation issues. [RT #20903]
+
+2905. [port] aix: set use_atomic=yes with native compiler.
+ [RT #21402]
+
+2904. [bug] When using DLV, sub-zones of the zones in the DLV,
+ could be incorrectly marked as insecure instead of
+ secure leading to negative proofs failing. This was
+ a unintended outcome from change 2890. [RT #21392]
+
+2903. [bug] managed-keys-directory missing from namedconf.c.
+ [RT #21370]
+
+2902. [func] Add regression test for change 2897. [RT #21040]
+
+2901. [port] Use AC_C_FLEXIBLE_ARRAY_MEMBER. [RT #21316]
+
+2900. [bug] The placeholder negative caching element was not
+ properly constructed triggering a INSIST in
+ dns_ncache_towire(). [RT #21346]
+
+2899. [port] win32: Support linking against OpenSSL 1.0.0.
+
+2898. [bug] nslookup leaked memory when -domain=value was
+ specified. [RT #21301]
+
+2897. [bug] NSEC3 chains could be left behind when transitioning
+ to insecure. [RT #21040]
+
+2896. [bug] "rndc sign" failed to properly update the zone
+ when adding a DNSKEY for publication only. [RT #21045]
+
+2895. [func] genrandom: add support for the generation of multiple
+ files. [RT #20917]
+
+2894. [contrib] DLZ LDAP support now use '$' not '%'. [RT #21294]
+
+2893. [bug] Improve managed keys support. New named.conf option
+ managed-keys-directory. [RT #20924]
+
+2892. [bug] Handle REVOKED keys better. [RT #20961]
+
+2891. [maint] Update empty-zones list to match
+ draft-ietf-dnsop-default-local-zones-13. [RT #21099]
+
+2890. [bug] Handle the introduction of new trusted-keys and
+ DS, DLV RRsets better. [RT #21097]
+
+2889. [bug] Elements of the grammar where not properly reported.
+ [RT #21046]
+
+2888. [bug] Only the first EDNS option was displayed. [RT #21273]
+
+2887. [bug] Report the keytag times in UTC in the .key file,
+ local time is presented as a comment within the
+ comment. [RT #21223]
+
+2886. [bug] ctime() is not thread safe. [RT #21223]
+
+2885. [bug] Improve -fno-strict-aliasing support probing in
+ configure. [RT #21080]
+
+2884. [bug] Insufficient validation in dns_name_getlabelsequence().
+ [RT #21283]
+
+2883. [bug] 'dig +short' failed to handle really large datasets.
+ [RT #21113]
+
+2882. [bug] Remove memory context from list of active contexts
+ before clearing 'magic'. [RT #21274]
+
+2881. [bug] Reduce the amount of time the rbtdb write lock
+ is held when closing a version. [RT #21198]
+
+2880. [cleanup] Make the output of dnssec-keygen and dnssec-revoke
+ consistent. [RT #21078]
+
+2879. [contrib] DLZ bdbhpt driver fails to close correct cursor.
+ [RT #21106]
+
+2878. [func] Incrementally write the master file after performing
+ a AXFR. [RT #21010]
+
+2877. [bug] The validator failed to skip obviously mismatching
+ RRSIGs. [RT #21138]
+
+2876. [bug] Named could return SERVFAIL for negative responses
+ from unsigned zones. [RT #21131]
+
+2875. [bug] dns_time64_fromtext() could accept non digits.
+ [RT #21033]
+
+2874. [bug] Cache lack of EDNS support only after the server
+ successfully responds to the query using plain DNS.
+ [RT #20930]
+
+2873. [bug] Canceling a dynamic update via the dns/client module
+ could trigger an assertion failure. [RT #21133]
+
+2872. [bug] Modify dns/client.c:dns_client_createx() to only
+ require one of IPv4 or IPv6 rather than both.
+ [RT #21122]
+
+2871. [bug] Type mismatch in mem_api.c between the definition and
+ the header file, causing build failure with
+ --enable-exportlib. [RT #21138]
+
+2870. [maint] Add AAAA address for L.ROOT-SERVERS.NET.
+
+2869. [bug] Fix arguments to dns_keytable_findnextkeynode() call.
+ [RT #20877]
+
+2868. [cleanup] Run "make clean" at the end of configure to ensure
+ any changes made by configure are integrated.
+ Use --with-make-clean=no to disable. [RT #20994]
+
+2867. [bug] Don't set GSS_C_SEQUENCE_FLAG as Windows DNS servers
+ don't like it. [RT #20986]
+
+2866. [bug] Windows does not like the TSIG name being compressed.
+ [RT #20986]
+
+2865. [bug] memset to zero event.data. [RT #20986]
+
+2864. [bug] Direct SIG/RRSIG queries were not handled correctly.
+ [RT #21050]
+
+2863. [port] linux: disable IPv6 PMTUD and use network minimum MTU.
+ [RT #21056]
+
+2862. [bug] nsupdate didn't default to the parent zone when
+ updating DS records. [RT #20896]
+
+2861. [doc] dnssec-settime man pages didn't correctly document the
+ inactivation time. [RT #21039]
+
+2860. [bug] named-checkconf's usage was out of date. [RT #21039]
+
+2859. [bug] When canceling validation it was possible to leak
+ memory. [RT #20800]
+
+2858. [bug] RTT estimates were not being adjusted on ICMP errors.
+ [RT #20772]
+
+2857. [bug] named-checkconf did not fail on a bad trusted key.
+ [RT #20705]
+
+2856. [bug] The size of a memory allocation was not always properly
+ recorded. [RT #20927]
+
+2855. [func] nsupdate will now preserve the entered case of domain
+ names in update requests it sends. [RT #20928]
+
+2854. [func] dig: allow the final soa record in a axfr response to
+ be suppressed, dig +onesoa. [RT #20929]
+
+2853. [bug] add_sigs() could run out of scratch space. [RT #21015]
+
+2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619]
+
+2851. [doc] nslookup.1, removed <informalexample> from the docbook
+ source as it produced bad nroff. [RT #21007]
+
+2850. [bug] If isc_heap_insert() failed due to memory shortage
+ the heap would have corrupted entries. [RT #20951]
+
+2849. [bug] Don't treat errors from the xml2 library as fatal.
+ [RT #20945]
+
+2848. [doc] Moved README.dnssec, README.libdns, README.pkcs11 and
+ README.rfc5011 into the ARM. [RT #20899]
+
+2847. [cleanup] Corrected usage message in dnssec-settime. [RT #20921]
+
+2846. [bug] EOF on unix domain sockets was not being handled
+ correctly. [RT #20731]
+
+2845. [bug] RFC 5011 client could crash on shutdown. [RT #20903]
+
+2844. [doc] notify-delay default in ARM was wrong. It should have
+ been five (5) seconds.
+
+2843. [func] Prevent dnssec-keygen and dnssec-keyfromlabel from
+ creating key files if there is a chance that the new
+ key ID will collide with an existing one after
+ either of the keys has been revoked. (To override
+ this in the case of dnssec-keyfromlabel, use the -y
+ option. dnssec-keygen will simply create a
+ different, non-colliding key, so an override is
+ not necessary.) [RT #20838]
+
+2842. [func] Added "smartsign" and improved "autosign" and
+ "dnssec" regression tests. [RT #20865]
+
+2841. [bug] Change 2836 was not complete. [RT #20883]
+
+2840. [bug] Temporary fixed pkcs11-destroy usage check.
+ [RT #20760]
+
+2839. [bug] A KSK revoked by named could not be deleted.
+ [RT #20881]
+
+2838. [placeholder]
+
+2837. [port] Prevent Linux spurious warnings about fwrite().
+ [RT #20812]
+
+2836. [bug] Keys that were scheduled to become active could
+ be delayed. [RT #20874]
+
+2835. [bug] Key inactivity dates were inadvertently stored in
+ the private key file with the outdated tag
+ "Unpublish" rather than "Inactive". This has been
+ fixed; however, any existing keys that had Inactive
+ dates set will now need to have them reset, using
+ 'dnssec-settime -I'. [RT #20868]
+
+2834. [bug] HMAC-SHA* keys that were longer than the algorithm
+ digest length were used incorrectly, leading to
+ interoperability problems with other DNS
+ implementations. This has been corrected.
+ (Note: If an oversize key is in use, and
+ compatibility is needed with an older release of
+ BIND, the new tool "isc-hmac-fixup" can convert
+ the key secret to a form that will work with all
+ versions.) [RT #20751]
+
+2833. [cleanup] Fix usage messages in dnssec-keygen and dnssec-settime.
+ [RT #20851]
+
+2832. [bug] Modify "struct stat" in lib/export/samples/nsprobe.c
+ to avoid redefinition in some OSs [RT 20831]
+
+2831. [security] Do not attempt to validate or cache
+ out-of-bailiwick data returned with a secure
+ answer; it must be re-fetched from its original
+ source and validated in that context. [RT #20819]
+
+2830. [bug] Changing the OPTOUT setting could take multiple
+ passes. [RT #20813]
+
+2829. [bug] Fixed potential node inconsistency in rbtdb.c.
+ [RT #20808]
+
+2828. [security] Cached CNAME or DNAME RR could be returned to clients
+ without DNSSEC validation. [RT #20737]
+
+2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712]
+
+2826. [bug] NSEC3->NSEC transitions could fail due to a lock not
+ being released. [RT #20740]
+
+2825. [bug] Changing the setting of OPTOUT in a NSEC3 chain that
+ was in the process of being created was not properly
+ recorded in the zone. [RT #20786]
+
+2824. [bug] "rndc sign" was not being run by the correct task.
+ [RT #20759]
+
+2823. [bug] rbtdb.c:getsigningtime() was missing locks. [RT #20781]
+
+2822. [bug] rbtdb.c:loadnode() could return the wrong result.
+ [RT #20802]
+
+2821. [doc] Add note that named-checkconf doesn't automatically
+ read rndc.key and bind.keys [RT #20758]
+
+2820. [func] Handle read access failure of OpenSSL configuration
+ file more user friendly (PKCS#11 engine patch).
+ [RT #20668]
+
+2819. [cleanup] Removed unnecessary DNS_POINTER_MAXHOPS define.
+ [RT #20771]
+
+2818. [cleanup] rndc could return an incorrect error code
+ when a zone was not found. [RT #20767]
+
+2817. [cleanup] Removed unnecessary isc_task_endexclusive() calls.
+ [RT #20768]
+
+2816. [bug] previous_closest_nsec() could fail to return
+ data for NSEC3 nodes [RT #29730]
+
+2815. [bug] Exclusively lock the task when freezing a zone.
+ [RT #19838]
+
+2814. [func] Provide a definitive error message when a master
+ zone is not loaded. [RT #20757]
+
+2813. [bug] Better handling of unreadable DNSSEC key files.
+ [RT #20710]
+
+2812. [bug] Make sure updates can't result in a zone with
+ NSEC-only keys and NSEC3 records. [RT #20748]
+
+2811. [cleanup] Add "rndc sign" to list of commands in rndc usage
+ output. [RT #20733]
+
+2810. [doc] Clarified the process of transitioning an NSEC3 zone
+ to insecure. [RT #20746]
+
+2809. [cleanup] Restored accidentally-deleted text in usage output
+ in dnssec-settime and dnssec-revoke [RT #20739]
+
+2808. [bug] Remove the attempt to install atomic.h from lib/isc.
+ atomic.h is correctly installed by the architecture
+ specific subdirectories. [RT #20722]
+
+2807. [bug] Fixed a possible ASSERT when reconfiguring zone
+ keys. [RT #20720]
+
+ --- 9.7.0rc1 released ---
+
+2806. [bug] "rdnc sign" could delay re-signing the DNSKEY
+ when it had changed. [RT #20703]
+
+2805. [bug] Fixed namespace problems encountered when building
+ external programs using non-exported BIND9 libraries
+ (i.e., built without --enable-exportlib). [RT #20679]
+
+2804. [bug] Send notifies when a zone is signed with "rndc sign"
+ or as a result of a scheduled key change. [RT #20700]
+
+2803. [port] win32: Install named-journalprint, nsec3hash, arpaname
+ and genrandom under windows. [RT #20670]
+
+2802. [cleanup] Rename journalprint to named-journalprint. [RT #20670]
+
+2801. [func] Detect and report records that are different according
+ to DNSSEC but are semantically equal according to plain
+ DNS. Apply plain DNS comparisons rather than DNSSEC
+ comparisons when processing UPDATE requests.
+ dnssec-signzone now removes such semantically duplicate
+ records prior to signing the RRset.
+
+ named-checkzone -r {ignore|warn|fail} (default warn)
+ named-compilezone -r {ignore|warn|fail} (default warn)
+
+ named.conf: check-dup-records {ignore|warn|fail};
+
+2800. [func] Reject zones which have NS records which refer to
+ CNAMEs, DNAMEs or don't have address record (class IN
+ only). Reject UPDATEs which would cause the zone
+ to fail the above checks if committed. [RT #20678]
+
+2799. [cleanup] Changed the "secure-to-insecure" option to
+ "dnssec-secure-to-insecure", and "dnskey-ksk-only"
+ to "dnssec-dnskey-kskonly", for clarity. [RT #20586]
+
+2798. [bug] Addressed bugs in managed-keys initialization
+ and rollover. [RT #20683]
+
+2797. [bug] Don't decrement the dispatch manager's maxbuffers.
+ [RT #20613]
+
+2796. [bug] Missing dns_rdataset_disassociate() call in
+ dns_nsec3_delnsec3sx(). [RT #20681]
+
+2795. [cleanup] Add text to differentiate "update with no effect"
+ log messages. [RT #18889]
+
+2794. [bug] Install <isc/namespace.h>. [RT #20677]
+
+2793. [func] Add "autosign" and "metadata" tests to the
+ automatic tests. [RT #19946]
+
+2792. [func] "filter-aaaa-on-v4" can now be set in view
+ options (if compiled in). [RT #20635]
+
+2791. [bug] The installation of isc-config.sh was broken.
+ [RT #20667]
+
+2790. [bug] Handle DS queries to stub zones. [RT #20440]
+
+2789. [bug] Fixed an INSIST in dispatch.c [RT #20576]
+
+2788. [bug] dnssec-signzone could sign with keys that were
+ not requested [RT #20625]
+
+2787. [bug] Spurious log message when zone keys were
+ dynamically reconfigured. [RT #20659]
+
+2786. [bug] Additional could be promoted to answer. [RT #20663]
+
+ --- 9.7.0b3 released ---
+
+2785. [bug] Revoked keys could fail to self-sign [RT #20652]
+
+2784. [bug] TC was not always being set when required glue was
+ dropped. [RT #20655]
+
+2783. [func] Return minimal responses to EDNS/UDP queries with a UDP
+ buffer size of 512 or less. [RT #20654]
+
+2782. [port] win32: use getaddrinfo() for hostname lookups.
+ [RT #20650]
+
+2781. [bug] Inactive keys could be used for signing. [RT #20649]
+
+2780. [bug] dnssec-keygen -A none didn't properly unset the
+ activation date in all cases. [RT #20648]
+
+2779. [bug] Dynamic key revocation could fail. [RT #20644]
+
+2778. [bug] dnssec-signzone could fail when a key was revoked
+ without deleting the unrevoked version. [RT #20638]
+
+2777. [contrib] DLZ MYSQL auto reconnect support discovery was wrong.
+
+2776. [bug] Change #2762 was not correct. [RT #20647]
+
+2775. [bug] Accept RSASHA256 and RSASHA512 as NSEC3 compatible
+ in dnssec-keyfromlabel. [RT #20643]
+
+2774. [bug] Existing cache DB wasn't being reused after
+ reconfiguration. [RT #20629]
+
+2773. [bug] In autosigned zones, the SOA could be signed
+ with the KSK. [RT #20628]
+
+2772. [security] When validating, track whether pending data was from
+ the additional section or not and only return it if
+ validates as secure. [RT #20438]
+
+2771. [bug] dnssec-signzone: DNSKEY records could be
+ corrupted when importing from key files [RT #20624]
+
+2770. [cleanup] Add log messages to resolver.c to indicate events
+ causing FORMERR responses. [RT #20526]
+
+2769. [cleanup] Change #2742 was incomplete. [RT #19589]
+
+2768. [bug] dnssec-signzone: -S no longer implies -g [RT #20568]
+
+2767. [bug] named could crash on startup if a zone was
+ configured with auto-dnssec and there was no
+ key-directory. [RT #20615]
+
+2766. [bug] isc_socket_fdwatchpoke() should only update the
+ socketmgr state if the socket is not pending on a
+ read or write. [RT #20603]
+
+2765. [bug] Skip masters for which the TSIG key cannot be found.
+ [RT #20595]
+
+2764. [bug] "rndc-confgen -a" could trigger a REQUIRE. [RT #20610]
+
+2763. [bug] "rndc sign" didn't create an NSEC chain. [RT #20591]
+
+2762. [bug] DLV validation failed with a local slave DLV zone.
+ [RT #20577]
+
+2761. [cleanup] Enable internal symbol table for backtrace only for
+ systems that are known to work. Currently, BSD
+ variants, Linux and Solaris are supported. [RT #20202]
+
+2760. [cleanup] Corrected named-compilezone usage summary. [RT #20533]
+
+2759. [doc] Add information about .jbk/.jnw files to
+ the ARM. [RT #20303]
+
+2758. [bug] win32: Added a workaround for a windows 2008 bug
+ that could cause the UDP client handler to shut
+ down. [RT #19176]
+
+2757. [bug] dig: assertion failure could occur in connect
+ timeout. [RT #20599]
+
+2756. [bug] Fixed corrupt logfile message in update.c. [RT #20597]
+
+2755. [placeholder]
+
+2754. [bug] Secure-to-insecure transitions failed when zone
+ was signed with NSEC3. [RT #20587]
+
+2753. [bug] Removed an unnecessary warning that could appear when
+ building an NSEC chain. [RT #20589]
+
+2752. [bug] Locking violation. [RT #20587]
+
+2751. [bug] Fixed a memory leak in dnssec-keyfromlabel. [RT #20588]
+
+2750. [bug] dig: assertion failure could occur when a server
+ didn't have an address. [RT #20579]
+
+2749. [bug] ixfr-from-differences generated a non-minimal ixfr
+ for NSEC3 signed zones. [RT #20452]
+
+2748. [func] Identify bad answers from GTLD servers and treat them
+ as referrals. [RT #18884]
+
+2747. [bug] Journal roll forwards failed to set the re-signing
+ time of RRSIGs correctly. [RT #20541]
+
+2746. [port] hpux: address signed/unsigned expansion mismatch of
+ dns_rbtnode_t.nsec. [RT #20542]
+
+2745. [bug] configure script didn't probe the return type of
+ gai_strerror(3) correctly. [RT #20573]
+
+2744. [func] Log if a query was over TCP. [RT #19961]
+
+2743. [bug] RRSIG could be incorrectly set in the NSEC3 record
+ for a insecure delegation.
+
+ --- 9.7.0b2 released ---
+
+2742. [cleanup] Clarify some DNSSEC-related log messages in
+ validator.c. [RT #19589]
+
+2741. [func] Allow the dnssec-keygen progress messages to be
+ suppressed (dnssec-keygen -q). Automatically
+ suppress the progress messages when stdin is not
+ a tty. [RT #20474]
+
+2740. [placeholder]
+
+2739. [cleanup] Clean up API for initializing and clearing trust
+ anchors for a view. [RT #20211]
+
+2738. [func] Add RSASHA256 and RSASHA512 tests to the dnssec system
+ test. [RT #20453]
+
+2737. [func] UPDATE requests can leak existence information.
+ [RT #17261]
+
+2736. [func] Improve the performance of NSEC signed zones with
+ more than a normal amount of glue below a delegation.
+ [RT #20191]
+
+2735. [bug] dnssec-signzone could fail to read keys
+ that were specified on the command line with
+ full paths, but weren't in the current
+ directory. [RT #20421]
+
+2734. [port] cygwin: arpaname did not compile. [RT #20473]
+
+2733. [cleanup] Clean up coding style in pkcs11-* tools. [RT #20355]
+
+2732. [func] Add optional filter-aaaa-on-v4 option, available
+ if built with './configure --enable-filter-aaaa'.
+ Filters out AAAA answers to clients connecting
+ via IPv4. (This is NOT recommended for general
+ use.) [RT #20339]
+
+2731. [func] Additional work on change 2709. The key parser
+ will now ignore unrecognized fields when the
+ minor version number of the private key format
+ has been increased. It will reject any key with
+ the major version number increased. [RT #20310]
+
+2730. [func] Have dnssec-keygen display a progress indication
+ a la 'openssl genrsa' on standard error. Note
+ when the first '.' is followed by a long stop
+ one has the choice between slow generation vs.
+ poor random quality, i.e., '-r /dev/urandom'.
+ [RT #20284]
+
+2729. [func] When constructing a CNAME from a DNAME use the DNAME
+ TTL. [RT #20451]
+
+2728. [bug] dnssec-keygen, dnssec-keyfromlabel and
+ dnssec-signzone now warn immediately if asked to
+ write into a nonexistent directory. [RT #20278]
+
+2727. [func] The 'key-directory' option can now specify a relative
+ path. [RT #20154]
+
+2726. [func] Added support for SHA-2 DNSSEC algorithms,
+ RSASHA256 and RSASHA512. [RT #20023]
+
+2725. [doc] Added information about the file "managed-keys.bind"
+ to the ARM. [RT #20235]
+
+2724. [bug] Updates to a existing node in secure zone using NSEC
+ were failing. [RT #20448]
+
+2723. [bug] isc_base32_totext(), isc_base32hex_totext(), and
+ isc_base64_totext(), didn't always mark regions of
+ memory as fully consumed after conversion. [RT #20445]
+
+2722. [bug] Ensure that the memory associated with the name of
+ a node in a rbt tree is not altered during the life
+ of the node. [RT #20431]
+
+2721. [port] Have dst__entropy_status() prime the random number
+ generator. [RT #20369]
+
+2720. [bug] RFC 5011 trust anchor updates could trigger an
+ assert if the DNSKEY record was unsigned. [RT #20406]
+
+2719. [func] Skip trusted/managed keys for unsupported algorithms.
+ [RT #20392]
+
+2718. [bug] The space calculations in opensslrsa_todns() were
+ incorrect. [RT #20394]
+
+2717. [bug] named failed to update the NSEC/NSEC3 record when
+ the last private type record was removed as a result
+ of completing the signing the zone with a key.
+ [RT #20399]
+
+2716. [bug] nslookup debug mode didn't return the ttl. [RT #20414]
+
+ --- 9.7.0b1 released ---
+
+2715. [bug] Require OpenSSL support to be explicitly disabled.
+ [RT #20288]
+
+2714. [port] aix/powerpc: 'asm("ics");' needs non standard assembler
+ flags.
+
+2713. [bug] powerpc: atomic operations missing asm("ics") /
+ __isync() calls.
+
+2712. [func] New 'auto-dnssec' zone option allows zone signing
+ to be fully automated in zones configured for
+ dynamic DNS. 'auto-dnssec allow;' permits a zone
+ to be signed by creating keys for it in the
+ key-directory and using 'rndc sign <zone>'.
+ 'auto-dnssec maintain;' allows that too, plus it
+ also keeps the zone's DNSSEC keys up to date
+ according to their timing metadata. [RT #19943]
+
+2711. [port] win32: Add the bin/pkcs11 tools into the full
+ build. [RT #20372]
+
+2710. [func] New 'dnssec-signzone -x' flag and 'dnskey-ksk-only'
+ zone option cause a zone to be signed with only KSKs
+ signing the DNSKEY RRset, not ZSKs. This reduces
+ the size of a DNSKEY answer. [RT #20340]
+
+2709. [func] Added some data fields, currently unused, to the
+ private key file format, to allow implementation
+ of explicit key rollover in a future release
+ without impairing backward or forward compatibility.
+ [RT #20310]
+
+2708. [func] Insecure to secure and NSEC3 parameter changes via
+ update are now fully supported and no longer require
+ defines to enable. We now no longer overload the
+ NSEC3PARAM flag field, nor the NSEC OPT bit at the
+ apex. Secure to insecure changes are controlled by
+ by the named.conf option 'secure-to-insecure'.
+
+ Warning: If you had previously enabled support by
+ adding defines at compile time to BIND 9.6 you should
+ ensure that all changes that are in progress have
+ completed prior to upgrading to BIND 9.7. BIND 9.7
+ is not backwards compatible.
+
+2707. [func] dnssec-keyfromlabel no longer require engine name
+ to be specified in the label if there is a default
+ engine or the -E option has been used. Also, it
+ now uses default algorithms as dnssec-keygen does
+ (i.e., RSASHA1, or NSEC3RSASHA1 if -3 is used).
+ [RT #20371]
+
+2706. [bug] Loading a zone with a very large NSEC3 salt could
+ trigger an assert. [RT #20368]
+
+2705. [placeholder]
+
+2704. [bug] Serial of dynamic and stub zones could be inconsistent
+ with their SOA serial. [RT #19387]
+
+2703. [func] Introduce an OpenSSL "engine" argument with -E
+ for all binaries which can take benefit of
+ crypto hardware. [RT #20230]
+
+2702. [func] Update PKCS#11 tools (bin/pkcs11) [RT #20225 & all]
+
+2701. [doc] Correction to ARM: hmac-md5 is no longer the only
+ supported TSIG key algorithm. [RT #18046]
+
+2700. [doc] The match-mapped-addresses option is discouraged.
+ [RT #12252]
+
+2699. [bug] Missing lock in rbtdb.c. [RT #20037]
+
+2698. [placeholder]
+
+2697. [port] win32: ensure that S_IFMT, S_IFDIR, S_IFCHR and
+ S_IFREG are defined after including <isc/stat.h>.
+ [RT #20309]
+
+2696. [bug] named failed to successfully process some valid
+ acl constructs. [RT #20308]
+
+2695. [func] DHCP/DDNS - update fdwatch code for use by
+ DHCP. Modify the api to isc_sockfdwatch_t (the
+ callback function for isc_socket_fdwatchcreate)
+ to include information about the direction (read
+ or write) and add isc_socket_fdwatchpoke.
+ [RT #20253]
+
+2694. [bug] Reduce default NSEC3 iterations from 100 to 10.
+ [RT #19970]
+
+2693. [port] Add some noreturn attributes. [RT #20257]
+
+2692. [port] win32: 32/64 bit cleanups. [RT #20335]
+
+2691. [func] dnssec-signzone: retain the existing NSEC or NSEC3
+ chain when re-signing a previously-signed zone.
+ Use -u to modify NSEC3 parameters or switch
+ between NSEC and NSEC3. [RT #20304]
+
+2690. [bug] win32: fix isc_thread_key_getspecific() prototype.
+ [RT #20315]
+
+2689. [bug] Correctly handle snprintf result. [RT #20306]
+
+2688. [bug] Use INTERFACE_F_POINTTOPOINT, not IFF_POINTOPOINT,
+ to decide to fetch the destination address. [RT #20305]
+
+2687. [bug] Fixed dnssec-signzone -S handling of revoked keys.
+ Also, added warnings when revoking a ZSK, as this is
+ not defined by protocol (but is legal). [RT #19943]
+
+2686. [bug] dnssec-signzone should clean the old NSEC chain when
+ signing with NSEC3 and vice versa. [RT #20301]
+
+2685. [contrib] Update contrib/zkt to version 0.99c. [RT #20054]
+
+2684. [cleanup] dig: formalize +ad and +cd as synonyms for
+ +adflag and +cdflag. [RT #19305]
+
+2683. [bug] dnssec-signzone should clean out old NSEC3 chains when
+ the NSEC3 parameters used to sign the zone change.
+ [RT #20246]
+
+2682. [bug] "configure --enable-symtable=all" failed to
+ build. [RT #20282]
+
+2681. [bug] IPSECKEY RR of gateway type 3 was not correctly
+ decoded. [RT #20269]
+
+2680. [func] Move contrib/pkcs11-keygen to bin/pkcs11. [RT #20067]
+
+2679. [func] dig -k can now accept TSIG keys in named.conf
+ format. [RT #20031]
+
+2678. [func] Treat DS queries as if "minimal-response yes;"
+ was set. [RT #20258]
+
+2677. [func] Changes to key metadata behavior:
+ - Keys without "publish" or "active" dates set will
+ no longer be used for smart signing. However,
+ those dates will be set to "now" by default when
+ a key is created; to generate a key but not use
+ it yet, use dnssec-keygen -G.
+ - New "inactive" date (dnssec-keygen/settime -I)
+ sets the time when a key is no longer used for
+ signing but is still published.
+ - The "unpublished" date (-U) is deprecated in
+ favor of "deleted" (-D).
+ [RT #20247]
+
+2676. [bug] --with-export-installdir should have been
+ --with-export-includedir. [RT #20252]
+
+2675. [bug] dnssec-signzone could crash if the key directory
+ did not exist. [RT #20232]
+
+ --- 9.7.0a3 released ---
+
+2674. [bug] "dnssec-lookaside auto;" crashed if named was built
+ without openssl. [RT #20231]
+
+2673. [bug] The managed-keys.bind zone file could fail to
+ load due to a spurious result from sync_keyzone()
+ [RT #20045]
+
+2672. [bug] Don't enable searching in 'host' when doing reverse
+ lookups. [RT #20218]
+
+2671. [bug] Add support for PKCS#11 providers not returning
+ the public exponent in RSA private keys
+ (OpenCryptoki for instance) in
+ dnssec-keyfromlabel. [RT #19294]
+
+2670. [bug] Unexpected connect failures failed to log enough
+ information to be useful. [RT #20205]
+
+2669. [func] Update PKCS#11 support to support Keyper HSM.
+ Update PKCS#11 patch to be against openssl-0.9.8i.
+
+2668. [func] Several improvements to dnssec-* tools, including:
+ - dnssec-keygen and dnssec-settime can now set key
+ metadata fields 0 (to unset a value, use "none")
+ - dnssec-revoke sets the revocation date in
+ addition to the revoke bit
+ - dnssec-settime can now print individual metadata
+ fields instead of always printing all of them,
+ and can print them in unix epoch time format for
+ use by scripts
+ [RT #19942]
+
+2667. [func] Add support for logging stack backtrace on assertion
+ failure (not available for all platforms). [RT #19780]
+
+2666. [func] Added an 'options' argument to dns_name_fromstring()
+ (API change from 9.7.0a2). [RT #20196]
+
+2665. [func] Clarify syntax for managed-keys {} statement, add
+ ARM documentation about RFC 5011 support. [RT #19874]
+
+2664. [bug] create_keydata() and minimal_update() in zone.c
+ didn't properly check return values for some
+ functions. [RT #19956]
+
+2663. [func] win32: allow named to run as a service using
+ "NT AUTHORITY\LocalService" as the account. [RT #19977]
+
+2662. [bug] lwres_getipnodebyname() and lwres_getipnodebyaddr()
+ returned a misleading error code when lwresd was
+ down. [RT #20028]
+
+2661. [bug] Check whether socket fd exceeds FD_SETSIZE when
+ creating lwres context. [RT #20029]
+
+2660. [func] Add a new set of DNS libraries for non-BIND9
+ applications. See README.libdns. [RT #19369]
+
+2659. [doc] Clarify dnssec-keygen doc: key name must match zone
+ name for DNSSEC keys. [RT #19938]
+
+2658. [bug] dnssec-settime and dnssec-revoke didn't process
+ key file paths correctly. [RT #20078]
+
+2657. [cleanup] Lower "journal file <path> does not exist, creating it"
+ log level to debug 1. [RT #20058]
+
+2656. [func] win32: add a "tools only" check box to the installer
+ which causes it to only install dig, host, nslookup,
+ nsupdate and relevant DLLs. [RT #19998]
+
+2655. [doc] Document that key-directory does not affect
+ bind.keys, rndc.key or session.key. [RT #20155]
+
+2654. [bug] Improve error reporting on duplicated names for
+ deny-answer-xxx. [RT #20164]
+
+2653. [bug] Treat ENGINE_load_private_key() failures as key
+ not found rather than out of memory. [RT #18033]
+
+2652. [func] Provide more detail about what record is being
+ deleted. [RT #20061]
+
+2651. [bug] Dates could print incorrectly in K*.key files on
+ 64-bit systems. [RT #20076]
+
+2650. [bug] Assertion failure in dnssec-signzone when trying
+ to read keyset-* files. [RT #20075]
+
+2649. [bug] Set the domain for forward only zones. [RT #19944]
+
+2648. [port] win32: isc_time_seconds() was broken. [RT #19900]
+
+2647. [bug] Remove unnecessary SOA updates when a new KSK is
+ added. [RT #19913]
+
+2646. [bug] Incorrect cleanup on error in socket.c. [RT #19987]
+
+2645. [port] "gcc -m32" didn't work on amd64 and x86_64 platforms
+ which default to 64 bits. [RT #19927]
+
+ --- 9.7.0a2 released ---
+
+2644. [bug] Change #2628 caused a regression on some systems;
+ named was unable to write the PID file and would
+ fail on startup. [RT #20001]
+
+2643. [bug] Stub zones interacted badly with NSEC3 support.
+ [RT #19777]
+
+2642. [bug] nsupdate could dump core on solaris when reading
+ improperly formatted key files. [RT #20015]
+
+2641. [bug] Fixed an error in parsing update-policy syntax,
+ added a regression test to check it. [RT #20007]
+
+2640. [security] A specially crafted update packet will cause named
+ to exit. [RT #20000]
+
+2639. [bug] Silence compiler warnings in gssapi code. [RT #19954]
+
+2638. [bug] Install arpaname. [RT #19957]
+
+2637. [func] Rationalize dnssec-signzone's signwithkey() calling.
+ [RT #19959]
+
+2636. [func] Simplify zone signing and key maintenance with the
+ dnssec-* tools. Major changes:
+ - all dnssec-* tools now take a -K option to
+ specify a directory in which key files will be
+ stored
+ - DNSSEC can now store metadata indicating when
+ they are scheduled to be published, activated,
+ revoked or removed; these values can be set by
+ dnssec-keygen or overwritten by the new
+ dnssec-settime command
+ - dnssec-signzone -S (for "smart") option reads key
+ metadata and uses it to determine automatically
+ which keys to publish to the zone, use for
+ signing, revoke, or remove from the zone
+ [RT #19816]
+
+2635. [bug] isc_inet_ntop() incorrectly handled 0.0/16 addresses.
+ [RT #19716]
+
+2634. [port] win32: Add support for libxml2, enable
+ statschannel. [RT #19773]
+
+2633. [bug] Handle 15 bit rand() functions. [RT #19783]
+
+2632. [func] util/kit.sh: warn if documentation appears to be out of
+ date. [RT #19922]
+
+2631. [bug] Handle "//", "/./" and "/../" in mkdirpath().
+ [RT #19926 ]
+
+2630. [func] Improved syntax for DDNS autoconfiguration: use
+ "update-policy local;" to switch on local DDNS in a
+ zone. (The "ddns-autoconf" option has been removed.)
+ [RT #19875]
+
+2629. [port] Check for seteuid()/setegid(), use setresuid()/
+ setresgid() if not present. [RT #19932]
+
+2628. [port] linux: Allow /var/run/named/named.pid to be opened
+ at startup with reduced capabilities in operation.
+ [RT #19884]
+
+2627. [bug] Named aborted if the same key was included in
+ trusted-keys more than once. [RT #19918]
+
+2626. [bug] Multiple trusted-keys could trigger an assertion
+ failure. [RT #19914]
+
+2625. [bug] Missing UNLOCK in rbtdb.c. [RT #19865]
+
+2624. [func] 'named-checkconf -p' will print out the parsed
+ configuration. [RT #18871]
+
+2623. [bug] Named started searches for DS non-optimally. [RT #19915]
+
+2622. [bug] Printing of named.conf grammar was broken. [RT #19919]
+
+2621. [doc] Made copyright boilerplate consistent. [RT #19833]
+
+2620. [bug] Delay thawing the zone until the reload of it has
+ completed successfully. [RT #19750]
+
+2619. [func] Add support for RFC 5011, automatic trust anchor
+ maintenance. The new "managed-keys" statement can
+ be used in place of "trusted-keys" for zones which
+ support this protocol. (Note: this syntax is
+ expected to change prior to 9.7.0 final.) [RT #19248]
+
+2618. [bug] The sdb and sdlz db_interator_seek() methods could
+ loop infinitely. [RT #19847]
+
+2617. [bug] ifconfig.sh failed to emit an error message when
+ run from the wrong location. [RT #19375]
+
+2616. [bug] 'host' used the nameservers from resolv.conf even
+ when a explicit nameserver was specified. [RT #19852]
+
+2615. [bug] "__attribute__((unused))" was in the wrong place
+ for ia64 gcc builds. [RT #19854]
+
+2614. [port] win32: 'named -v' should automatically be executed
+ in the foreground. [RT #19844]
+
+2613. [placeholder]
+
+ --- 9.7.0a1 released ---
+
+2612. [func] Add default values for the arguments to
+ dnssec-keygen. Without arguments, it will now
+ generate a 1024-bit RSASHA1 zone-signing key,
+ or with the -f KSK option, a 2048-bit RSASHA1
+ key-signing key. [RT #19300]
+
+2611. [func] Add -l option to dnssec-dsfromkey to generate
+ DLV records instead of DS records. [RT #19300]
+
+2610. [port] sunos: Change #2363 was not complete. [RT #19796]
+
+2609. [func] Simplify the configuration of dynamic zones:
+ - add ddns-confgen command to generate
+ configuration text for named.conf
+ - add zone option "ddns-autoconf yes;", which
+ causes named to generate a TSIG session key
+ and allow updates to the zone using that key
+ - add '-l' (localhost) option to nsupdate, which
+ causes nsupdate to connect to a locally-running
+ named process using the session key generated
+ by named
+ [RT #19284]
+
+2608. [func] Perform post signing verification checks in
+ dnssec-signzone. These can be disabled with -P.
+
+ The post sign verification test ensures that for each
+ algorithm in use there is at least one non revoked
+ self signed KSK key. That all revoked KSK keys are
+ self signed. That all records in the zone are signed
+ by the algorithm. [RT #19653]
+
+2607. [bug] named could incorrectly delete NSEC3 records for
+ empty nodes when processing a update request.
+ [RT #19749]
+
+2606. [bug] "delegation-only" was not being accepted in
+ delegation-only type zones. [RT #19717]
+
+2605. [bug] Accept DS responses from delegation only zones.
+ [RT # 19296]
+
+2604. [func] Add support for DNS rebinding attack prevention through
+ new options, deny-answer-addresses and
+ deny-answer-aliases. Based on contributed code from
+ JD Nurmi, Google. [RT #18192]
+
+2603. [port] win32: handle .exe extension of named-checkzone and
+ named-comilezone argv[0] names under windows.
+ [RT #19767]
+
+2602. [port] win32: fix debugging command line build of libisccfg.
+ [RT #19767]
+
+2601. [doc] Mention file creation mode mask in the
+ named manual page.
+
+2600. [doc] ARM: miscellaneous reformatting for different
+ page widths. [RT #19574]
+
+2599. [bug] Address rapid memory growth when validation fails.
+ [RT #19654]
+
+2598. [func] Reserve the -F flag. [RT #19657]
+
+2597. [bug] Handle a validation failure with a insecure delegation
+ from a NSEC3 signed master/slave zone. [RT #19464]
+
+2596. [bug] Stale tree nodes of cache/dynamic rbtdb could stay
+ long, leading to inefficient memory usage or rejecting
+ newer cache entries in the worst case. [RT #19563]
+
+2595. [bug] Fix unknown extended rcodes in dig. [RT #19625]
+
+2594. [func] Have rndc warn if using its default configuration
+ file when the key file also exists. [RT #19424]
+
+2593. [bug] Improve a corner source of SERVFAILs [RT #19632]
+
+2592. [bug] Treat "any" as a type in nsupdate. [RT #19455]
+
+2591. [bug] named could die when processing a update in
+ removed_orphaned_ds(). [RT #19507]
+
+2590. [func] Report zone/class of "update with no effect".
+ [RT #19542]
+
+2589. [bug] dns_db_unregister() failed to clear '*dbimp'.
+ [RT #19626]
+
+2588. [bug] SO_REUSEADDR could be set unconditionally after failure
+ of bind(2) call. This should be rare and mostly
+ harmless, but may cause interference with other
+ processes that happen to use the same port. [RT #19642]
+
+2587. [func] Improve logging by reporting serial numbers for
+ when zone serial has gone backwards or unchanged.
+ [RT #19506]
+
+2586. [bug] Missing cleanup of SIG rdataset in searching a DLZ DB
+ or SDB. [RT #19577]
+
+2585. [bug] Uninitialized socket name could be referenced via a
+ statistics channel, triggering an assertion failure in
+ XML rendering. [RT #19427]
+
+2584. [bug] alpha: gcc optimization could break atomic operations.
+ [RT #19227]
+
+2583. [port] netbsd: provide a control to not add the compile
+ date to the version string, -DNO_VERSION_DATE.
+
+2582. [bug] Don't emit warning log message when we attempt to
+ remove non-existent journal. [RT #19516]
+
+2581. [contrib] dlz/mysql set MYSQL_OPT_RECONNECT option on connection.
+ Requires MySQL 5.0.19 or later. [RT #19084]
+
+2580. [bug] UpdateRej statistics counter could be incremented twice
+ for one rejection. [RT #19476]
+
+2579. [bug] DNSSEC lookaside validation failed to handle unknown
+ algorithms. [RT #19479]
+
+2578. [bug] Changed default sig-signing-type to 65534, because
+ 65535 turns out to be reserved. [RT #19477]
+
+2577. [doc] Clarified some statistics counters. [RT #19454]
+
+2576. [bug] NSEC record were not being correctly signed when
+ a zone transitions from insecure to secure.
+ Handle such incorrectly signed zones. [RT #19114]
+
+2575. [func] New functions dns_name_fromstring() and
+ dns_name_tostring(), to simplify conversion
+ of a string to a dns_name structure and vice
+ versa. [RT #19451]
+
+2574. [doc] Document nsupdate -g and -o. [RT #19351]
+
+2573. [bug] Replacing a non-CNAME record with a CNAME record in a
+ single transaction in a signed zone failed. [RT #19397]
+
+2572. [func] Simplify DLV configuration, with a new option
+ "dnssec-lookaside auto;" This is the equivalent
+ of "dnssec-lookaside . trust-anchor dlv.isc.org;"
+ plus setting a trusted-key for dlv.isc.org.
+
+ Note: The trusted key is hard-coded into named,
+ but is also stored in (and can be overridden
+ by) $sysconfdir/bind.keys. As the ISC DLV key
+ rolls over it can be kept up to date by replacing
+ the bind.keys file with a key downloaded from
+ https://www.isc.org/solutions/dlv. [RT #18685]
+
+2571. [func] Add a new tool "arpaname" which translates IP addresses
+ to the corresponding IN-ADDR.ARPA or IP6.ARPA name.
+ [RT #18976]
+
+2570. [func] Log the destination address the query was sent to.
+ [RT #19209]
+
+2569. [func] Move journalprint, nsec3hash, and genrandom
+ commands from bin/tests into bin/tools;
+ "make install" will put them in $sbindir. [RT #19301]
+
+2568. [bug] Report when the write to indicate a otherwise
+ successful start fails. [RT #19360]
+
+2567. [bug] dst__privstruct_writefile() could miss write errors.
+ write_public_key() could miss write errors.
+ dnssec-dsfromkey could miss write errors.
+ [RT #19360]
+
+2566. [cleanup] Clarify logged message when an insecure DNSSEC
+ response arrives from a zone thought to be secure:
+ "insecurity proof failed" instead of "not
+ insecure". [RT #19400]
+
+2565. [func] Add support for HIP record. Includes new functions
+ dns_rdata_hip_first(), dns_rdata_hip_next()
+ and dns_rdata_hip_current(). [RT #19384]
+
+2564. [bug] Only take EDNS fallback steps when processing timeouts.
+ [RT #19405]
+
+2563. [bug] Dig could leak a socket causing it to wait forever
+ to exit. [RT #19359]
+
+2562. [doc] ARM: miscellaneous improvements, reorganization,
+ and some new content.
+
+2561. [doc] Add isc-config.sh(1) man page. [RT #16378]
+
+2560. [bug] Add #include <config.h> to iptable.c. [RT #18258]
+
+2559. [bug] dnssec-dsfromkey could compute bad DS records when
+ reading from a K* files. [RT #19357]
+
+2558. [func] Set the ownership of missing directories created
+ for pid-file if -u has been specified on the command
+ line. [RT #19328]
+
+2557. [cleanup] PCI compliance:
+ * new libisc log module file
+ * isc_dir_chroot() now also changes the working
+ directory to "/".
+ * additional INSISTs
+ * additional logging when files can't be removed.
+
+2556. [port] Solaris: mkdir(2) on tmpfs filesystems does not do the
+ error checks in the correct order resulting in the
+ wrong error code sometimes being returned. [RT #19249]
+
+2555. [func] dig: when emitting a hex dump also display the
+ corresponding characters. [RT #19258]
+
+2554. [bug] Validation of uppercase queries from NSEC3 zones could
+ fail. [RT #19297]
+
+2553. [bug] Reference leak on DNSSEC validation errors. [RT #19291]
+
+2552. [bug] zero-no-soa-ttl-cache was not being honored.
+ [RT #19340]
+
+2551. [bug] Potential Reference leak on return. [RT #19341]
+
+2550. [bug] Check --with-openssl=<path> finds <openssl/opensslv.h>.
+ [RT #19343]
+
+2549. [port] linux: define NR_OPEN if not currently defined.
+ [RT #19344]
+
+2548. [bug] Install iterated_hash.h. [RT #19335]
+
+2547. [bug] openssl_link.c:mem_realloc() could reference an
+ out-of-range area of the source buffer. New public
+ function isc_mem_reallocate() was introduced to address
+ this bug. [RT #19313]
+
+2546. [func] Add --enable-openssl-hash configure flag to use
+ OpenSSL (in place of internal routine) for hash
+ functions (MD5, SHA[12] and HMAC). [RT #18815]
+
+2545. [doc] ARM: Legal hostname checking (check-names) is
+ for SRV RDATA too. [RT #19304]
+
+2544. [cleanup] Removed unused structure members in adb.c. [RT #19225]
+
+2543. [contrib] Update contrib/zkt to version 0.98. [RT #19113]
+
+2542. [doc] Update the description of dig +adflag. [RT #19290]
+
+2541. [bug] Conditionally update dispatch manager statistics.
+ [RT #19247]
+
+2540. [func] Add a nibble mode to $GENERATE. [RT #18872]
+
+2539. [security] Update the interaction between recursion, allow-query,
+ allow-query-cache and allow-recursion. [RT #19198]
+
+2538. [bug] cache/ADB memory could grow over max-cache-size,
+ especially with threads and smaller max-cache-size
+ values. [RT #19240]
+
+2537. [func] Added more statistics counters including those on socket
+ I/O events and query RTT histograms. [RT #18802]
+
+2536. [cleanup] Silence some warnings when -Werror=format-security is
+ specified. [RT #19083]
+
+2535. [bug] dig +showsearch and +trace interacted badly. [RT #19091]
+
+2534. [func] Check NAPTR records regular expressions and
+ replacement strings to ensure they are syntactically
+ valid and consistent. [RT #18168]
+
+2533. [doc] ARM: document @ (at-sign). [RT #17144]
+
+2532. [bug] dig: check the question section of the response to
+ see if it matches the asked question. [RT #18495]
+
+2531. [bug] Change #2207 was incomplete. [RT #19098]
+
+2530. [bug] named failed to reject insecure to secure transitions
+ via UPDATE. [RT #19101]
+
+2529. [cleanup] Upgrade libtool to silence complaints from recent
+ version of autoconf. [RT #18657]
+
+2528. [cleanup] Silence spurious configure warning about
+ --datarootdir [RT #19096]
+
+2527. [placeholder]
+
+2526. [func] New named option "attach-cache" that allows multiple
+ views to share a single cache to save memory and
+ improve lookup efficiency. Based on contributed code
+ from Barclay Osborn, Google. [RT #18905]
+
+2525. [func] New logging category "query-errors" to provide detailed
+ internal information about query failures, especially
+ about server failures. [RT #19027]
+
+2524. [port] sunos: dnssec-signzone needs strtoul(). [RT #19129]
+
+2523. [bug] Random type rdata freed by dns_nsec_typepresent().
+ [RT #19112]
+
+2522. [security] Handle -1 from DSA_do_verify() and EVP_VerifyFinal().
+
+2521. [bug] Improve epoll cross compilation support. [RT #19047]
+
+2520. [bug] Update xml statistics version number to 2.0 as change
+ #2388 made the schema incompatible to the previous
+ version. [RT #19080]
+
+2519. [bug] dig/host with -4 or -6 didn't work if more than two
+ nameserver addresses of the excluded address family
+ preceded in resolv.conf. [RT #19081]
+
+2518. [func] Add support for the new CERT types from RFC 4398.
+ [RT #19077]
+
+2517. [bug] dig +trace with -4 or -6 failed when it chose a
+ nameserver address of the excluded address type.
+ [RT #18843]
+
+2516. [bug] glue sort for responses was performed even when not
+ needed. [RT #19039]
+
+2515. [port] win32: build dnssec-dsfromkey and dnssec-keyfromlabel.
+ [RT #19063]
+
+2514. [bug] dig/host failed with -4 or -6 when resolv.conf contains
+ a nameserver of the excluded address family.
+ [RT #18848]
+
+2513. [bug] Fix windows cli build. [RT #19062]
+
+2512. [func] Print a summary of the cached records which make up
+ the negative response. [RT #18885]
+
+2511. [cleanup] dns_rdata_tofmttext() add const to linebreak.
+ [RT #18885]
+
+2510. [bug] "dig +sigchase" could trigger REQUIRE failures.
+ [RT #19033]
+
+2509. [bug] Specifying a fixed query source port was broken.
+ [RT #19051]
+
+2508. [placeholder]
+
+2507. [func] Log the recursion quota values when killing the
+ oldest query or refusing to recurse due to quota.
+ [RT #19022]
+
+2506. [port] solaris: Check at configure time if
+ hack_shutup_pthreadonceinit is needed. [RT #19037]
+
+2505. [port] Treat amd64 similarly to x86_64 when determining
+ atomic operation support. [RT #19031]
+
+2504. [bug] Address race condition in the socket code. [RT #18899]
+
+2503. [port] linux: improve compatibility with Linux Standard
+ Base. [RT #18793]
+
+2502. [cleanup] isc_radix: Improve compliance with coding style,
+ document function in <isc/radix.h>. [RT #18534]
+
+2501. [func] $GENERATE now supports all rdata types. Multi-field
+ rdata types need to be quoted. See the ARM for
+ details. [RT #18368]
+
+2500. [contrib] contrib/sdb/pgsql/zonetodb.c called non-existent
+ function. [RT #18582]
+
+2499. [port] solaris: lib/lwres/getaddrinfo.c namespace clash.
+ [RT #18837]
+
+ --- 9.6.0rc1 released ---
+
+2498. [bug] Removed a bogus function argument used with
+ ISC_SOCKET_USE_POLLWATCH: it could cause compiler
+ warning or crash named with the debug 1 level
+ of logging. [RT #18917]
+
+2497. [bug] Don't add RRSIG bit to NSEC3 bit map for insecure
+ delegation.
+
+2496. [bug] Add sanity length checks to NSID option. [RT #18813]
+
+2495. [bug] Tighten RRSIG checks. [RT #18795]
+
+2494. [bug] isc/radix.h, dns/sdlz.h and dns/dlz.h were not being
+ installed. [RT #18826]
+
+2493. [bug] The linux capabilities code was not correctly cleaning
+ up after itself. [RT #18767]
+
+2492. [func] Rndc status now reports the number of cpus discovered
+ and the number of worker threads when running
+ multi-threaded. [RT #18273]
+
+2491. [func] Attempt to re-use a local port if we are already using
+ the port. [RT #18548]
+
+2490. [port] aix: work around a kernel bug where IPV6_RECVPKTINFO
+ is cleared when IPV6_V6ONLY is set. [RT #18785]
+
+2489. [port] solaris: Workaround Solaris's kernel bug about
+ /dev/poll:
+ http://bugs.opensolaris.org/view_bug.do?bug_id=6724237
+ Define ISC_SOCKET_USE_POLLWATCH at build time to enable
+ this workaround. [RT #18870]
+
+2488. [func] Added a tool, dnssec-dsfromkey, to generate DS records
+ from keyset and .key files. [RT #18694]
+
+2487. [bug] Give TCP connections longer to complete. [RT #18675]
+
+2486. [func] The default locations for named.pid and lwresd.pid
+ are now /var/run/named/named.pid and
+ /var/run/lwresd/lwresd.pid respectively.
+
+ This allows the owner of the containing directory
+ to be set, for "named -u" support, and allows there
+ to be a permanent symbolic link in the path, for
+ "named -t" support. [RT #18306]
+
+2485. [bug] Change update's the handling of obscured RRSIG
+ records. Not all orphaned DS records were being
+ removed. [RT #18828]
+
+2484. [bug] It was possible to trigger a REQUIRE failure when
+ adding NSEC3 proofs to the response in
+ query_addwildcardproof(). [RT #18828]
+
+2483. [port] win32: chroot() is not supported. [RT #18805]
+
+2482. [port] libxml2: support versions 2.7.* in addition
+ to 2.6.*. [RT #18806]
+
+ --- 9.6.0b1 released ---
+
+2481. [bug] rbtdb.c:matchparams() failed to handle NSEC3 chain
+ collisions. [RT #18812]
+
+2480. [bug] named could fail to emit all the required NSEC3
+ records. [RT #18812]
+
+2479. [bug] xfrout:covers was not properly initialized. [RT #18801]
+
+2478. [bug] 'addresses' could be used uninitialized in
+ configure_forward(). [RT #18800]
+
+2477. [bug] dig: the global option to print the command line is
+ +cmd not print_cmd. Update the output to reflect
+ this. [RT #17008]
+
+2476. [doc] ARM: improve documentation for max-journal-size and
+ ixfr-from-differences. [RT #15909] [RT #18541]
+
+2475. [bug] LRU cache cleanup under overmem condition could purge
+ particular entries more aggressively. [RT #17628]
+
+2474. [bug] ACL structures could be allocated with insufficient
+ space, causing an array overrun. [RT #18765]
+
+2473. [port] linux: raise the limit on open files to the possible
+ maximum value before spawning threads; 'files'
+ specified in named.conf doesn't seem to work with
+ threads as expected. [RT #18784]
+
+2472. [port] linux: check the number of available cpu's before
+ calling chroot as it depends on "/proc". [RT #16923]
+
+2471. [bug] named-checkzone was not reporting missing mandatory
+ glue when sibling checks were disabled. [RT #18768]
+
+2470. [bug] Elements of the isc_radix_node_t could be incorrectly
+ overwritten. [RT #18719]
+
+2469. [port] solaris: Work around Solaris's select() limitations.
+ [RT #18769]
+
+2468. [bug] Resolver could try unreachable servers multiple times.
+ [RT #18739]
+
+2467. [bug] Failure of fcntl(F_DUPFD) wasn't logged. [RT #18740]
+
+2466. [doc] ARM: explain max-cache-ttl 0 SERVFAIL issue.
+ [RT #18302]
+
+2465. [bug] Adb's handling of lame addresses was different
+ for IPv4 and IPv6. [RT #18738]
+
+2464. [port] linux: check that a capability is present before
+ trying to set it. [RT #18135]
+
+2463. [port] linux: POSIX doesn't include the IPv6 Advanced Socket
+ API and glibc hides parts of the IPv6 Advanced Socket
+ API as a result. This is stupid as it breaks how the
+ two halves (Basic and Advanced) of the IPv6 Socket API
+ were designed to be used but we have to live with it.
+ Define _GNU_SOURCE to pull in the IPv6 Advanced Socket
+ API. [RT #18388]
+
+2462. [doc] Document -m (enable memory usage debugging)
+ option for dig. [RT #18757]
+
+2461. [port] sunos: Change #2363 was not complete. [RT #17513]
+
+ --- 9.6.0a1 released ---
+
+2460. [bug] Don't call dns_db_getnsec3parameters() on the cache.
+ [RT #18697]
+
+2459. [contrib] Import dnssec-zkt to contrib/zkt. [RT #18448]
+
+2458. [doc] ARM: update and correction for max-cache-size.
+ [RT #18294]
+
+2457. [tuning] max-cache-size is reverted to 0, the previous
+ default. It should be safe because expired cache
+ entries are also purged. [RT #18684]
+
+2456. [bug] In ACLs, ::/0 and 0.0.0.0/0 would both match any
+ address, regardless of family. They now correctly
+ distinguish IPv4 from IPv6. [RT #18559]
+
+2455. [bug] Stop metadata being transferred via axfr/ixfr.
+ [RT #18639]
+
+2454. [func] nsupdate: you can now set a default ttl. [RT #18317]
+
+2453. [bug] Remove NULL pointer dereference in dns_journal_print().
+ [RT #18316]
+
+2452. [func] Improve bin/test/journalprint. [RT #18316]
+
+2451. [port] solaris: handle runtime linking better. [RT #18356]
+
+2450. [doc] Fix lwresd docbook problem for manual page.
+ [RT #18672]
+
+2449. [placeholder]
+
+2448. [func] Add NSEC3 support. [RT #15452]
+
+2447. [cleanup] libbind has been split out as a separate product.
+
+2446. [func] Add a new log message about build options on startup.
+ A new command-line option '-V' for named is also
+ provided to show this information. [RT #18645]
+
+2445. [doc] ARM out-of-date on empty reverse zones (list includes
+ RFC1918 address, but these are not yet compiled in).
+ [RT #18578]
+
+2444. [port] Linux, FreeBSD, AIX: Turn off path mtu discovery
+ (clear DF) for UDP responses and requests.
+
+2443. [bug] win32: UDP connect() would not generate an event,
+ and so connected UDP sockets would never clean up.
+ Fix this by doing an immediate WSAConnect() rather
+ than an io completion port type for UDP.
+
+2442. [bug] A lock could be destroyed twice. [RT #18626]
+
+2441. [bug] isc_radix_insert() could copy radix tree nodes
+ incompletely. [RT #18573]
+
+2440. [bug] named-checkconf used an incorrect test to determine
+ if an ACL was set to none.
+
+2439. [bug] Potential NULL dereference in dns_acl_isanyornone().
+ [RT #18559]
+
+2438. [bug] Timeouts could be logged incorrectly under win32.
+
+2437. [bug] Sockets could be closed too early, leading to
+ inconsistent states in the socket module. [RT #18298]
+
+2436. [security] win32: UDP client handler can be shutdown. [RT #18576]
+
+2435. [bug] Fixed an ACL memory leak affecting win32.
+
+2434. [bug] Fixed a minor error-reporting bug in
+ lib/isc/win32/socket.c.
+
+2433. [tuning] Set initial timeout to 800ms.
+
+2432. [bug] More Windows socket handling improvements. Stop
+ using I/O events and use IO Completion Ports
+ throughout. Rewrite the receive path logic to make
+ it easier to support multiple simultaneous
+ requesters in the future. Add stricter consistency
+ checking as a compile-time option (define
+ ISC_SOCKET_CONSISTENCY_CHECKS; defaults to off).
+
+2431. [bug] Acl processing could leak memory. [RT #18323]
+
+2430. [bug] win32: isc_interval_set() could round down to
+ zero if the input was less than NS_INTERVAL
+ nanoseconds. Round up instead. [RT #18549]
+
+2429. [doc] nsupdate should be in section 1 of the man pages.
+ [RT #18283]
+
+2428. [bug] dns_iptable_merge() mishandled merges of negative
+ tables. [RT #18409]
+
+2427. [func] Treat DNSKEY queries as if "minimal-response yes;"
+ was set. [RT #18528]
+
+2426. [bug] libbind: inet_net_pton() can sometimes return the
+ wrong value if excessively large net masks are
+ supplied. [RT #18512]
+
+2425. [bug] named didn't detect unavailable query source addresses
+ at load time. [RT #18536]
+
+2424. [port] configure now probes for a working epoll
+ implementation. Allow the use of kqueue,
+ epoll and /dev/poll to be selected at compile
+ time. [RT #18277]
+
+2423. [security] Randomize server selection on queries, so as to
+ make forgery a little more difficult. Instead of
+ always preferring the server with the lowest RTT,
+ pick a server with RTT within the same 128
+ millisecond band. [RT #18441]
+
+2422. [bug] Handle the special return value of a empty node as
+ if it was a NXRRSET in the validator. [RT #18447]
+
+2421. [func] Add new command line option '-S' for named to specify
+ the max number of sockets. [RT #18493]
+ Use caution: this option may not work for some
+ operating systems without rebuilding named.
+
+2420. [bug] Windows socket handling cleanup. Let the io
+ completion event send out canceled read/write
+ done events, which keeps us from writing to memory
+ we no longer have ownership of. Add debugging
+ socket_log() function. Rework TCP socket handling
+ to not leak sockets.
+
+2419. [cleanup] Document that isc_socket_create() and isc_socket_open()
+ should not be used for isc_sockettype_fdwatch sockets.
+ [RT #18521]
+
+2418. [bug] AXFR request on a DLZ could trigger a REQUIRE failure
+ [RT #18430]
+
+2417. [bug] Connecting UDP sockets for outgoing queries could
+ unexpectedly fail with an 'address already in use'
+ error. [RT #18411]
+
+2416. [func] Log file descriptors that cause exceeding the
+ internal maximum. [RT #18460]
+
+2415. [bug] 'rndc dumpdb' could trigger various assertion failures
+ in rbtdb.c. [RT #18455]
+
+2414. [bug] A masterdump context held the database lock too long,
+ causing various troubles such as dead lock and
+ recursive lock acquisition. [RT #18311, #18456]
+
+2413. [bug] Fixed an unreachable code path in socket.c. [RT #18442]
+
+2412. [bug] win32: address a resource leak. [RT #18374]
+
+2411. [bug] Allow using a larger number of sockets than FD_SETSIZE
+ for select(). To enable this, set ISC_SOCKET_MAXSOCKETS
+ at compilation time. [RT #18433]
+
+ Note: with changes #2469 and #2421 above, there is no
+ need to tweak ISC_SOCKET_MAXSOCKETS at compilation time
+ any more.
+
+2410. [bug] Correctly delete m_versionInfo. [RT #18432]
+
+2409. [bug] Only log that we disabled EDNS processing if we were
+ subsequently successful. [RT #18029]
+
+2408. [bug] A duplicate TCP dispatch event could be sent, which
+ could then trigger an assertion failure in
+ resquery_response(). [RT #18275]
+
+2407. [port] hpux: test for sys/dyntune.h. [RT #18421]
+
+2406. [placeholder]
+
+2405. [cleanup] The default value for dnssec-validation was changed to
+ "yes" in 9.5.0-P1 and all subsequent releases; this
+ was inadvertently omitted from CHANGES at the time.
+
+2404. [port] hpux: files unlimited support.
+
+2403. [bug] TSIG context leak. [RT #18341]
+
+2402. [port] Support Solaris 2.11 and over. [RT #18362]
+
+2401. [bug] Expect to get E[MN]FILE errno internal_accept()
+ (from accept() or fcntl() system calls). [RT #18358]
+
+2400. [bug] Log if kqueue()/epoll_create()/open(/dev/poll) fails.
+ [RT #18297]
+
+2399. [placeholder]
+
+2398. [bug] Improve file descriptor management. New,
+ temporary, named.conf option reserved-sockets,
+ default 512. [RT #18344]
+
+2397. [bug] gssapi_functions had too many elements. [RT #18355]
+
+2396. [bug] Don't set SO_REUSEADDR for randomized ports.
+ [RT #18336]
+
+2395. [port] Avoid warning and no effect from "files unlimited"
+ on Linux when running as root. [RT #18335]
+
+2394. [bug] Default configuration options set the limit for
+ open files to 'unlimited' as described in the
+ documentation. [RT #18331]
+
+2393. [bug] nested acls containing keys could trigger an
+ assertion in acl.c. [RT #18166]
+
+2392. [bug] remove 'grep -q' from acl test script, some platforms
+ don't support it. [RT #18253]
+
+2391. [port] hpux: cover additional recvmsg() error codes.
+ [RT #18301]
+
+2390. [bug] dispatch.c could make a false warning on 'odd socket'.
+ [RT #18301].
+
+2389. [bug] Move the "working directory writable" check to after
+ the ns_os_changeuser() call. [RT #18326]
+
+2388. [bug] Avoid using tables for layout purposes in
+ statistics XSL [RT #18159].
+
+2387. [bug] Silence compiler warnings in lib/isc/radix.c.
+ [RT #18147] [RT #18258]
+
+2386. [func] Add warning about too small 'open files' limit.
+ [RT #18269]
+
+2385. [bug] A condition variable in socket.c could leak in
+ rare error handling [RT #17968].
+
+2384. [security] Fully randomize UDP query ports to improve
+ forgery resilience. [RT #17949, #18098]
+
+2383. [bug] named could double queries when they resulted in
+ SERVFAIL due to overkilling EDNS0 failure detection.
+ [RT #18182]
+
+2382. [doc] Add descriptions of DHCID, IPSECKEY, SPF and SSHFP
+ to ARM.
+
+2381. [port] dlz/mysql: support multiple install layouts for
+ mysql. <prefix>/include/{,mysql/}mysql.h and
+ <prefix>/lib/{,mysql/}. [RT #18152]
+
+2380. [bug] dns_view_find() was not returning NXDOMAIN/NXRRSET
+ proofs which, in turn, caused validation failures
+ for insecure zones immediately below a secure zone
+ the server was authoritative for. [RT #18112]
+
+2379. [contrib] queryperf/gen-data-queryperf.py: removed redundant
+ TLDs and supported RRs with TTLs [RT #17972]
+
+2378. [bug] gssapi_functions{} had a redundant member in BIND 9.5.
+ [RT #18169]
+
+2377. [bug] Address race condition in dnssec-signzone. [RT #18142]
+
+2376. [bug] Change #2144 was not complete.
+
+2375. [placeholder]
+
+2374. [bug] "blackhole" ACLs could cause named to segfault due
+ to some uninitialized memory. [RT #18095]
+
+2373. [bug] Default values of zone ACLs were re-parsed each time a
+ new zone was configured, causing an overconsumption
+ of memory. [RT #18092]
+
+2372. [bug] Fixed incorrect TAG_HMACSHA256_BITS value [RT #18047]
+
+2371. [doc] Add +nsid option to dig man page. [RT #18039]
+
+2370. [bug] "rndc freeze" could trigger an assertion in named
+ when called on a nonexistent zone. [RT #18050]
+
+2369. [bug] libbind: Array bounds overrun on read in bitncmp().
+ [RT #18054]
+
+2368. [port] Linux: use libcap for capability management if
+ possible. [RT #18026]
+
+2367. [bug] Improve counting of dns_resstatscounter_retry
+ [RT #18030]
+
+2366. [bug] Adb shutdown race. [RT #18021]
+
+2365. [bug] Fix a bug that caused dns_acl_isany() to return
+ spurious results. [RT #18000]
+
+2364. [bug] named could trigger a assertion when serving a
+ malformed signed zone. [RT #17828]
+
+2363. [port] sunos: pre-set "lt_cv_sys_max_cmd_len=4096;".
+ [RT #17513]
+
+2362. [cleanup] Make "rrset-order fixed" a compile-time option.
+ settable by "./configure --enable-fixed-rrset".
+ Disabled by default. [RT #17977]
+
+2361. [bug] "recursion" statistics counter could be counted
+ multiple times for a single query. [RT #17990]
+
+2360. [bug] Fix a condition where we release a database version
+ (which may acquire a lock) while holding the lock.
+
+2359. [bug] Fix NSID bug. [RT #17942]
+
+2358. [doc] Update host's default query description. [RT #17934]
+
+2357. [port] Don't use OpenSSL's engine support in versions before
+ OpenSSL 0.9.7f. [RT #17922]
+
+2356. [bug] Built in mutex profiler was not scalable enough.
+ [RT #17436]
+
+2355. [func] Extend the number statistics counters available.
+ [RT #17590]
+
+2354. [bug] Failed to initialize some rdatasetheader_t elements.
+ [RT #17927]
+
+2353. [func] Add support for Name Server ID (RFC 5001).
+ 'dig +nsid' requests NSID from server.
+ 'request-nsid yes;' causes recursive server to send
+ NSID requests to upstream servers. Server responds
+ to NSID requests with the string configured by
+ 'server-id' option. [RT #17091]
+
+2352. [bug] Various GSS_API fixups. [RT #17729]
+
+2351. [bug] convertxsl.pl generated very long lines. [RT #17906]
+
+2350. [port] win32: IPv6 support. [RT #17797]
+
+2349. [func] Provide incremental re-signing support for secure
+ dynamic zones. [RT #1091]
+
+2348. [func] Use the EVP interface to OpenSSL. Add PKCS#11 support.
+ Documentation is in the new README.pkcs11 file.
+ New tool, dnssec-keyfromlabel, which takes the
+ label of a key pair in a HSM and constructs a DNS
+ key pair for use by named and dnssec-signzone.
+ [RT #16844]
+
+2347. [bug] Delete now traverses the RB tree in the canonical
+ order. [RT #17451]
+
+2346. [func] Memory statistics now cover all active memory contexts
+ in increased detail. [RT #17580]
+
+2345. [bug] named-checkconf failed to detect when forwarders
+ were set at both the options/view level and in
+ a root zone. [RT #17671]
+
+2344. [bug] Improve "logging{ file ...; };" documentation.
+ [RT #17888]
+
+2343. [bug] (Seemingly) duplicate IPv6 entries could be
+ created in ADB. [RT #17837]
+
+2342. [func] Use getifaddrs() if available under Linux. [RT #17224]
+
+2341. [bug] libbind: add missing -I../include for off source
+ tree builds. [RT #17606]
+
+2340. [port] openbsd: interface configuration. [RT #17700]
+
+2339. [port] tru64: support for libbind. [RT #17589]
+
+2338. [bug] check_ds() could be called with a non DS rdataset.
+ [RT #17598]
+
+2337. [bug] BUILD_LDFLAGS was not being correctly set. [RT #17614]
+
+2336. [func] If "named -6" is specified then listen on all IPv6
+ interfaces if there are not listen-on-v6 clauses in
+ named.conf. [RT #17581]
+
+2335. [port] sunos: libbind and *printf() support for long long.
+ [RT #17513]
+
+2334. [bug] Bad REQUIRES in fromstruct_in_naptr(), off by one
+ bug in fromstruct_txt(). [RT #17609]
+
+2333. [bug] Fix off by one error in isc_time_nowplusinterval().
+ [RT #17608]
+
+2332. [contrib] query-loc-0.4.0. [RT #17602]
+
+2331. [bug] Failure to regenerate any signatures was not being
+ reported nor being past back to the UPDATE client.
+ [RT #17570]
+
+2330. [bug] Remove potential race condition when handling
+ over memory events. [RT #17572]
+
+ WARNING: API CHANGE: over memory callback
+ function now needs to call isc_mem_waterack().
+ See <isc/mem.h> for details.
+
+2329. [bug] Clearer help text for dig's '-x' and '-i' options.
+
+2328. [maint] Add AAAA addresses for A.ROOT-SERVERS.NET,
+ F.ROOT-SERVERS.NET, H.ROOT-SERVERS.NET,
+ J.ROOT-SERVERS.NET, K.ROOT-SERVERS.NET and
+ M.ROOT-SERVERS.NET.
+
+2327. [bug] It was possible to dereference a NULL pointer in
+ rbtdb.c. Implement dead node processing in zones as
+ we do for caches. [RT #17312]
+
+2326. [bug] It was possible to trigger a INSIST in the acache
+ processing.
+
+2325. [port] Linux: use capset() function if available. [RT #17557]
+
+2324. [bug] Fix IPv6 matching against "any;". [RT #17533]
+
+2323. [port] tru64: namespace clash. [RT #17547]
+
+2322. [port] MacOS: work around the limitation of setrlimit()
+ for RLIMIT_NOFILE. [RT #17526]
+
+2321. [placeholder]
+
+2320. [func] Make statistics counters thread-safe for platforms
+ that support certain atomic operations. [RT #17466]
+
+2319. [bug] Silence Coverity warnings in
+ lib/dns/rdata/in_1/apl_42.c. [RT #17469]
+
+2318. [port] sunos fixes for libbind. [RT #17514]
+
+2317. [bug] "make distclean" removed bind9.xsl.h. [RT #17518]
+
+2316. [port] Missing #include <isc/print.h> in lib/dns/gssapictx.c.
+ [RT #17513]
+
+2315. [bug] Used incorrect address family for mapped IPv4
+ addresses in acl.c. [RT #17519]
+
+2314. [bug] Uninitialized memory use on error path in
+ bin/named/lwdnoop.c. [RT #17476]
+
+2313. [cleanup] Silence Coverity warnings. Handle private stacks.
+ [RT #17447] [RT #17478]
+
+2312. [cleanup] Silence Coverity warning in lib/isc/unix/socket.c.
+ [RT #17458]
+
+2311. [bug] IPv6 addresses could match IPv4 ACL entries and
+ vice versa. [RT #17462]
+
+2310. [bug] dig, host, nslookup: flush stdout before emitting
+ debug/fatal messages. [RT #17501]
+
+2309. [cleanup] Fix Coverity warnings in lib/dns/acl.c and iptable.c.
+ [RT #17455]
+
+2308. [cleanup] Silence Coverity warning in bin/named/controlconf.c.
+ [RT #17495]
+
+2307. [bug] Remove infinite loop from lib/dns/sdb.c. [RT #17496]
+
+2306. [bug] Remove potential race from lib/dns/resolver.c.
+ [RT #17470]
+
+2305. [security] inet_network() buffer overflow. CVE-2008-0122.
+
+2304. [bug] Check returns from all dns_rdata_tostruct() calls.
+ [RT #17460]
+
+2303. [bug] Remove unnecessary code from bin/named/lwdgnba.c.
+ [RT #17471]
+
+2302. [bug] Fix memset() calls in lib/tests/t_api.c. [RT #17472]
+
+2301. [bug] Remove resource leak and fix error messages in
+ bin/tests/system/lwresd/lwtest.c. [RT #17474]
+
+2300. [bug] Fixed failure to close open file in
+ bin/tests/names/t_names.c. [RT #17473]
+
+2299. [bug] Remove unnecessary NULL check in
+ bin/nsupdate/nsupdate.c. [RT #17475]
+
+2298. [bug] isc_mutex_lock() failure not caught in
+ bin/tests/timers/t_timers.c. [RT #17468]
+
+2297. [bug] isc_entropy_createfilesource() failure not caught in
+ bin/tests/dst/t_dst.c. [RT #17467]
+
+2296. [port] Allow docbook stylesheet location to be specified to
+ configure. [RT #17457]
+
+2295. [bug] Silence static overrun error in bin/named/lwaddr.c.
+ [RT #17459]
+
+2294. [func] Allow the experimental statistics channels to have
+ multiple connections and ACL.
+ Note: the stats-server and stats-server-v6 options
+ available in the previous beta releases are replaced
+ with the generic statistics-channels statement.
+
+2293. [func] Add ACL regression test. [RT #17375]
+
+2292. [bug] Log if the working directory is not writable.
+ [RT #17312]
+
+2291. [bug] PR_SET_DUMPABLE may be set too late. Also report
+ failure to set PR_SET_DUMPABLE. [RT #17312]
+
+2290. [bug] Let AD in the query signal that the client wants AD
+ set in the response. [RT #17301]
+
+2289. [func] named-checkzone now reports the out-of-zone CNAME
+ found. [RT #17309]
+
+2288. [port] win32: mark service as running when we have finished
+ loading. [RT #17441]
+
+2287. [bug] Use 'volatile' if the compiler supports it. [RT #17413]
+
+2286. [func] Allow a TCP connection to be used as a weak
+ authentication method for reverse zones.
+ New update-policy methods tcp-self and 6to4-self.
+ [RT #17378]
+
+2285. [func] Test framework for client memory context management.
+ [RT #17377]
+
+2284. [bug] Memory leak in UPDATE prerequisite processing.
+ [RT #17377]
+
+2283. [bug] TSIG keys were not attaching to the memory
+ context. TSIG keys should use the rings
+ memory context rather than the clients memory
+ context. [RT #17377]
+
+2282. [bug] Acl code fixups. [RT #17346] [RT #17374]
+
+2281. [bug] Attempts to use undefined acls were not being logged.
+ [RT #17307]
+
+2280. [func] Allow the experimental http server to be reached
+ over IPv6 as well as IPv4. [RT #17332]
+
+2279. [bug] Use setsockopt(SO_NOSIGPIPE), when available,
+ to protect applications from receiving spurious
+ SIGPIPE signals when using the resolver.
+
+2278. [bug] win32: handle the case where Windows returns no
+ search list or DNS suffix. [RT #17354]
+
+2277. [bug] Empty zone names were not correctly being caught at
+ in the post parse checks. [RT #17357]
+
+2276. [bug] Install <dst/gssapi.h>. [RT #17359]
+
+2275. [func] Add support to dig to perform IXFR queries over UDP.
+ [RT #17235]
+
+2274. [func] Log zone transfer statistics. [RT #17336]
+
+2273. [bug] Adjust log level to WARNING when saving inconsistent
+ stub/slave master and journal files. [RT #17279]
+
+2272. [bug] Handle illegal dnssec-lookaside trust-anchor names.
+ [RT #17262]
+
+2271. [bug] Fix a memory leak in http server code [RT #17100]
+
+2270. [bug] dns_db_closeversion() version->writer could be reset
+ before it is tested. [RT #17290]
+
+2269. [contrib] dbus memory leaks and missing va_end calls. [RT #17232]
+
+2268. [bug] 0.IN-ADDR.ARPA was missing from the empty zones
+ list.
+
+ --- 9.5.0b1 released ---
+
+2267. [bug] Radix tree node_num value could be set incorrectly,
+ causing positive ACL matches to look like negative
+ ones. [RT #17311]
+
+2266. [bug] client.c:get_clientmctx() returned the same mctx
+ once the pool of mctx's was filled. [RT #17218]
+
+2265. [bug] Test that the memory context's basic_table is non NULL
+ before freeing. [RT #17265]
+
+2264. [bug] Server prefix length was being ignored. [RT #17308]
+
+2263. [bug] "named-checkconf -z" failed to set default value
+ for "check-integrity". [RT #17306]
+
+2262. [bug] Error status from all but the last view could be
+ lost. [RT #17292]
+
+2261. [bug] Fix memory leak with "any" and "none" ACLs [RT #17272]
+
+2260. [bug] Reported wrong clients-per-query when increasing the
+ value. [RT #17236]
+
+2259. [placeholder]
+
+ --- 9.5.0a7 released ---
+
+2258. [bug] Fallback from IXFR/TSIG to SOA/AXFR/TSIG broken.
+ [RT #17241]
+
+2257. [bug] win32: Use the full path to vcredist_x86.exe when
+ calling it. [RT #17222]
+
+2256. [bug] win32: Correctly register the installation location of
+ bindevt.dll. [RT #17159]
+
+2255. [maint] L.ROOT-SERVERS.NET is now 199.7.83.42.
+
+2254. [bug] timer.c:dispatch() failed to lock timer->lock
+ when reading timer->idle allowing it to see
+ intermediate values as timer->idle was reset by
+ isc_timer_touch(). [RT #17243]
+
+2253. [func] "max-cache-size" defaults to 32M.
+ "max-acache-size" defaults to 16M.
+
+2252. [bug] Fixed errors in sortlist code [RT #17216]
+
+2251. [placeholder]
+
+2250. [func] New flag 'memstatistics' to state whether the
+ memory statistics file should be written or not.
+ Additionally named's -m option will cause the
+ statistics file to be written. [RT #17113]
+
+2249. [bug] Only set Authentic Data bit if client requested
+ DNSSEC, per RFC 3655 [RT #17175]
+
+2248. [cleanup] Fix several errors reported by Coverity. [RT #17160]
+
+2247. [doc] Sort doc/misc/options. [RT #17067]
+
+2246. [bug] Make the startup of test servers (ans.pl) more
+ robust. [RT #17147]
+
+2245. [bug] Validating lack of DS records at trust anchors wasn't
+ working. [RT #17151]
+
+2244. [func] Allow the check of nameserver names against the
+ SOA MNAME field to be disabled by specifying
+ 'notify-to-soa yes;'. [RT #17073]
+
+2243. [func] Configuration files without a newline at the end now
+ parse without error. [RT #17120]
+
+2242. [bug] nsupdate: GSS-TSIG support using the Heimdal Kerberos
+ library could require a source of random data.
+ [RT #17127]
+
+2241. [func] nsupdate: add a interactive 'help' command. [RT #17099]
+
+2240. [bug] Cleanup nsupdates GSS-TSIG support. Convert
+ a number of INSIST()s into plain fatal() errors
+ which report the triggering result code.
+ The 'key' command wasn't disabling GSS-TSIG.
+ [RT #17099]
+
+2239. [func] Ship a pre built bin/named/bind9.xsl.h. [RT #17114]
+
+2238. [bug] It was possible to trigger a REQUIRE when a
+ validation was canceled. [RT #17106]
+
+2237. [bug] libbind: res_init() was not thread aware. [RT #17123]
+
+2236. [bug] dnssec-signzone failed to preserve the case of
+ of wildcard owner names. [RT #17085]
+
+2235. [bug] <isc/atomic.h> was not being installed. [RT #17135]
+
+2234. [port] Correct some compiler warnings on SCO OSr5 [RT #17134]
+
+2233. [func] Add support for O(1) ACL processing, based on
+ radix tree code originally written by Kevin
+ Brintnall. [RT #16288]
+
+2232. [bug] dns_adb_findaddrinfo() could fail and return
+ ISC_R_SUCCESS. [RT #17137]
+
+2231. [bug] Building dlzbdb (contrib/dlz/bin/dlzbdb) was broken.
+ [RT #17088]
+
+2230. [bug] We could INSIST reading a corrupted journal.
+ [RT #17132]
+
+2229. [bug] Null pointer dereference on query pool creation
+ failure. [RT #17133]
+
+2228. [contrib] contrib: Change 2188 was incomplete.
+
+2227. [cleanup] Tidied up the FAQ. [RT #17121]
+
+2226. [placeholder]
+
+2225. [bug] More support for systems with no IPv4 addresses.
+ [RT #17111]
+
+2224. [bug] Defer journal compaction if a xfrin is in progress.
+ [RT #17119]
+
+2223. [bug] Make a new journal when compacting. [RT #17119]
+
+2222. [func] named-checkconf now checks server key references.
+ [RT #17097]
+
+2221. [bug] Set the event result code to reflect the actual
+ record turned to caller when a cache update is
+ rejected due to a more credible answer existing.
+ [RT #17017]
+
+2220. [bug] win32: Address a race condition in final shutdown of
+ the Windows socket code. [RT #17028]
+
+2219. [bug] Apply zone consistency checks to additions, not
+ removals, when updating. [RT #17049]
+
+2218. [bug] Remove unnecessary REQUIRE from dns_validator_create().
+ [RT #16976]
+
+2217. [func] Adjust update log levels. [RT #17092]
+
+2216. [cleanup] Fix a number of errors reported by Coverity.
+ [RT #17094]
+
+2215. [bug] Bad REQUIRE check isc_hmacsha1_verify(). [RT #17094]
+
+2214. [bug] Deregister OpenSSL lock callback when cleaning
+ up. Reorder OpenSSL cleanup so that RAND_cleanup()
+ is called before the locks are destroyed. [RT #17098]
+
+2213. [bug] SIG0 diagnostic failure messages were looking at the
+ wrong status code. [RT #17101]
+
+2212. [func] 'host -m' now causes memory statistics and active
+ memory to be printed at exit. [RT 17028]
+
+2211. [func] Update "dynamic update temporarily disabled" message.
+ [RT #17065]
+
+2210. [bug] Deleting class specific records via UPDATE could
+ fail. [RT #17074]
+
+2209. [port] osx: linking against user supplied static OpenSSL
+ libraries failed as the system ones were still being
+ found. [RT #17078]
+
+2208. [port] win32: make sure both build methods produce the
+ same output. [RT #17058]
+
+2207. [port] Some implementations of getaddrinfo() fail to set
+ ai_canonname correctly. [RT #17061]
+
+ --- 9.5.0a6 released ---
+
+2206. [security] "allow-query-cache" and "allow-recursion" now
+ cross inherit from each other.
+
+ If allow-query-cache is not set in named.conf then
+ allow-recursion is used if set, otherwise allow-query
+ is used if set, otherwise the default (localnets;
+ localhost;) is used.
+
+ If allow-recursion is not set in named.conf then
+ allow-query-cache is used if set, otherwise allow-query
+ is used if set, otherwise the default (localnets;
+ localhost;) is used.
+
+ [RT #16987]
+
+2205. [bug] libbind: change #2119 broke thread support. [RT #16982]
+
+2204. [bug] "rndc flushname name unknown-view" caused named
+ to crash. [RT #16984]
+
+2203. [security] Query id generation was cryptographically weak.
+ [RT # 16915]
+
+2202. [security] The default acls for allow-query-cache and
+ allow-recursion were not being applied. [RT #16960]
+
+2201. [bug] The build failed in a separate object directory.
+ [RT #16943]
+
+2200. [bug] The search for cached NSEC records was stopping to
+ early leading to excessive DLV queries. [RT #16930]
+
+2199. [bug] win32: don't call WSAStartup() while loading dlls.
+ [RT #16911]
+
+2198. [bug] win32: RegCloseKey() could be called when
+ RegOpenKeyEx() failed. [RT #16911]
+
+2197. [bug] Add INSIST to catch negative responses which are
+ not setting the event result code appropriately.
+ [RT #16909]
+
+2196. [port] win32: yield processor while waiting for once to
+ to complete. [RT #16958]
+
+2195. [func] dnssec-keygen now defaults to nametype "ZONE"
+ when generating DNSKEYs. [RT #16954]
+
+2194. [bug] Close journal before calling 'done' in xfrin.c.
+
+ --- 9.5.0a5 released ---
+
+2193. [port] win32: BINDInstall.exe is now linked statically.
+ [RT #16906]
+
+2192. [port] win32: use vcredist_x86.exe to install Visual
+ Studio's redistributable dlls if building with
+ Visual Stdio 2005 or later.
+
+2191. [func] named-checkzone now allows dumping to stdout (-).
+ named-checkconf now has -h for help.
+ named-checkzone now has -h for help.
+ rndc now has -h for help.
+ Better handling of '-?' for usage summaries.
+ [RT #16707]
+
+2190. [func] Make fallback to plain DNS from EDNS due to timeouts
+ more visible. New logging category "edns-disabled".
+ [RT #16871]
+
+2189. [bug] Handle socket() returning EINTR. [RT #15949]
+
+2188. [contrib] queryperf: autoconf changes to make the search for
+ libresolv or libbind more robust. [RT #16299]
+
+2187. [bug] query_addds(), query_addwildcardproof() and
+ query_addnxrrsetnsec() should take a version
+ argument. [RT #16368]
+
+2186. [port] cygwin: libbind: check for struct sockaddr_storage
+ independently of IPv6. [RT #16482]
+
+2185. [port] sunos: libbind: check for ssize_t, memmove() and
+ memchr(). [RT #16463]
+
+2184. [bug] bind9.xsl.h didn't build out of the source tree.
+ [RT #16830]
+
+2183. [bug] dnssec-signzone didn't handle offline private keys
+ well. [RT #16832]
+
+2182. [bug] dns_dispatch_createtcp() and dispatch_createudp()
+ could return ISC_R_SUCCESS when they ran out of
+ memory. [RT #16365]
+
+2181. [port] sunos: libbind: add paths.h from BIND 8. [RT #16462]
+
+2180. [cleanup] Remove bit test from 'compress_test' as they
+ are no longer needed. [RT #16497]
+
+2179. [func] 'rndc command zone' will now find 'zone' if it is
+ unique to all the views. [RT #16821]
+
+2178. [bug] 'rndc reload' of a slave or stub zone resulted in
+ a reference leak. [RT #16867]
+
+2177. [bug] Array bounds overrun on read (rcodetext) at
+ debug level 10+. [RT #16798]
+
+2176. [contrib] dbus update to handle race condition during
+ initialization (Bugzilla 235809). [RT #16842]
+
+2175. [bug] win32: windows broadcast condition variable support
+ was broken. [RT #16592]
+
+2174. [bug] I/O errors should always be fatal when reading
+ master files. [RT #16825]
+
+2173. [port] win32: When compiling with MSVS 2005 SP1 we also
+ need to ship Microsoft.VC80.MFCLOC.
+
+ --- 9.5.0a4 released ---
+
+2172. [bug] query_addsoa() was being called with a non zone db.
+ [RT #16834]
+
+2171. [bug] Handle breaks in DNSSEC trust chains where the parent
+ servers are not DS aware (DS queries to the parent
+ return a referral to the child).
+
+2170. [func] Add acache processing to test suite. [RT #16711]
+
+2169. [bug] host, nslookup: when reporting NXDOMAIN report the
+ given name and not the last name searched for.
+ [RT #16763]
+
+2168. [bug] nsupdate: in non-interactive mode treat syntax errors
+ as fatal errors. [RT #16785]
+
+2167. [bug] When re-using a automatic zone named failed to
+ attach it to the new view. [RT #16786]
+
+ --- 9.5.0a3 released ---
+
+2166. [bug] When running in batch mode, dig could misinterpret
+ a server address as a name to be looked up, causing
+ unexpected output. [RT #16743]
+
+2165. [func] Allow the destination address of a query to determine
+ if we will answer the query or recurse.
+ allow-query-on, allow-recursion-on and
+ allow-query-cache-on. [RT #16291]
+
+2164. [bug] The code to determine how named-checkzone /
+ named-compilezone was called failed under windows.
+ [RT #16764]
+
+2163. [bug] If only one of query-source and query-source-v6
+ specified a port the query pools code broke (change
+ 2129). [RT #16768]
+
+2162. [func] Allow "rrset-order fixed" to be disabled at compile
+ time. [RT #16665]
+
+2161. [bug] Fix which log messages are emitted for 'rndc flush'.
+ [RT #16698]
+
+2160. [bug] libisc wasn't handling NULL ifa_addr pointers returned
+ from getifaddrs(). [RT #16708]
+
+ --- 9.5.0a2 released ---
+
+2159. [bug] Array bounds overrun in acache processing. [RT #16710]
+
+2158. [bug] ns_client_isself() failed to initialize key
+ leading to a REQUIRE failure. [RT #16688]
+
+2157. [func] dns_db_transfernode() created. [RT #16685]
+
+2156. [bug] Fix node reference leaks in lookup.c:lookup_find(),
+ resolver.c:validated() and resolver.c:cache_name().
+ Fix a memory leak in rbtdb.c:free_noqname().
+ Make lookup.c:lookup_find() robust against
+ event leaks. [RT #16685]
+
+2155. [contrib] SQLite sdb module from jaboydjr@netwalk.com.
+ [RT #16694]
+
+2154. [func] Scoped (e.g. IPv6 link-local) addresses may now be
+ matched in acls by omitting the scope. [RT #16599]
+
+2153. [bug] nsupdate could leak memory. [RT #16691]
+
+2152. [cleanup] Use sizeof(buf) instead of fixed number in
+ dighost.c:get_trusted_key(). [RT #16678]
+
+2151. [bug] Missing newline in usage message for journalprint.
+ [RT #16679]
+
+2150. [bug] 'rrset-order cyclic' uniformly distribute the
+ starting point for the first response for a given
+ RRset. [RT #16655]
+
+2149. [bug] isc_mem_checkdestroyed() failed to abort on
+ if there were still active memory contexts.
+ [RT #16672]
+
+2148. [func] Add positive logging for rndc commands. [RT #14623]
+
+2147. [bug] libbind: remove potential buffer overflow from
+ hmac_link.c. [RT #16437]
+
+2146. [cleanup] Silence Linux's spurious "obsolete setsockopt
+ SO_BSDCOMPAT" message. [RT #16641]
+
+2145. [bug] Check DS/DLV digest lengths for known digests.
+ [RT #16622]
+
+2144. [cleanup] Suppress logging of SERVFAIL from forwarders.
+ [RT #16619]
+
+2143. [bug] We failed to restart the IPv6 client when the
+ kernel failed to return the destination the
+ packet was sent to. [RT #16613]
+
+2142. [bug] Handle master files with a modification time that
+ matches the epoch. [RT #16612]
+
+2141. [bug] dig/host should not be setting IDN_ASCCHECK (IDN
+ equivalent of LDH checks). [RT #16609]
+
+2140. [bug] libbind: missing unlock on pthread_key_create()
+ failures. [RT #16654]
+
+2139. [bug] dns_view_find() was being called with wrong type
+ in adb.c. [RT #16670]
+
+2138. [bug] Lock order reversal in resolver.c. [RT #16653]
+
+2137. [port] Mips little endian and/or mips 64 bit are now
+ supported for atomic operations. [RT #16648]
+
+2136. [bug] nslookup/host looped if there was no search list
+ and the host didn't exist. [RT #16657]
+
+2135. [bug] Uninitialized rdataset in sdlz.c. [RT #16656]
+
+2134. [func] Additional statistics support. [RT #16666]
+
+2133. [port] powerpc: Support both IBM and MacOS Power PC
+ assembler syntaxes. [RT #16647]
+
+2132. [bug] Missing unlock on out of memory in
+ dns_dispatchmgr_setudp().
+
+2131. [contrib] dlz/mysql: AXFR was broken. [RT #16630]
+
+2130. [func] Log if CD or DO were set. [RT #16640]
+
+2129. [func] Provide a pool of UDP sockets for queries to be
+ made over. See use-queryport-pool, queryport-pool-ports
+ and queryport-pool-updateinterval. [RT #16415]
+
+2128. [doc] xsltproc --nonet, update DTD versions. [RT #16635]
+
+2127. [port] Improved OpenSSL 0.9.8 support. [RT #16563]
+
+2126. [security] Serialize validation of type ANY responses. [RT #16555]
+
+2125. [bug] dns_zone_getzeronosoattl() REQUIRE failure if DLZ
+ was defined. [RT #16574]
+
+2124. [security] It was possible to dereference a freed fetch
+ context. [RT #16584]
+
+ --- 9.5.0a1 released ---
+
+2123. [func] Use Doxygen to generate internal documentation.
+ [RT #11398]
+
+2122. [func] Experimental http server and statistics support
+ for named via xml.
+
+2121. [func] Add a 10 slot dead masters cache (LRU) with a 600
+ second timeout. [RT #16553]
+
+2120. [doc] Fix markup on nsupdate man page. [RT #16556]
+
+2119. [compat] libbind: allow res_init() to succeed enough to
+ return the default domain even if it was unable
+ to allocate memory.
+
+2118. [bug] Handle response with long chains of domain name
+ compression pointers which point to other compression
+ pointers. [RT #16427]
+
+2117. [bug] DNSSEC fixes: named could fail to cache NSEC records
+ which could lead to validation failures. named didn't
+ handle negative DS responses that were in the process
+ of being validated. Check CNAME bit before accepting
+ NODATA proof. To be able to ignore a child NSEC there
+ must be SOA (and NS) set in the bitmap. [RT #16399]
+
+2116. [bug] 'rndc reload' could cause the cache to continually
+ be cleaned. [RT #16401]
+
+2115. [bug] 'rndc reconfig' could trigger a INSIST if the
+ number of masters for a zone was reduced. [RT #16444]
+
+2114. [bug] dig/host/nslookup: searches for names with multiple
+ labels were failing. [RT #16447]
+
+2113. [bug] nsupdate: if a zone is specified it should be used
+ for server discover. [RT #16455]
+
+2112. [security] Warn if weak RSA exponent is used. [RT #16460]
+
+2111. [bug] Fix a number of errors reported by Coverity.
+ [RT #16507]
+
+2110. [bug] "minimal-responses yes;" interacted badly with BIND 8
+ priming queries. [RT #16491]
+
+2109. [port] libbind: silence aix 5.3 compiler warnings. [RT #16502]
+
+2108. [func] DHCID support. [RT #16456]
+
+2107. [bug] dighost.c: more cleanup of buffers. [RT #16499]
+
+2106. [func] 'rndc status' now reports named's version. [RT #16426]
+
+2105. [func] GSS-TSIG support (RFC 3645).
+
+2104. [port] Fix Solaris SMF error message.
+
+2103. [port] Add /usr/sfw to list of locations for OpenSSL
+ under Solaris.
+
+2102. [port] Silence Solaris 10 warnings.
+
+2101. [bug] OpenSSL version checks were not quite right.
+ [RT #16476]
+
+2100. [port] win32: copy libeay32.dll to Build\Debug.
+ Copy Debug\named-checkzone to Debug\named-compilezone.
+
+2099. [port] win32: more manifest issues.
+
+2098. [bug] Race in rbtdb.c:no_references(), which occasionally
+ triggered an INSIST failure about the node lock
+ reference. [RT #16411]
+
+2097. [bug] named could reference a destroyed memory context
+ after being reloaded / reconfigured. [RT #16428]
+
+2096. [bug] libbind: handle applications that fail to detect
+ res_init() failures better.
+
+2095. [port] libbind: always prototype inet_cidr_ntop_ipv6() and
+ net_cidr_ntop_ipv6(). [RT #16388]
+
+2094. [contrib] Update named-bootconf. [RT #16404]
+
+2093. [bug] named-checkzone -s was broken.
+
+2092. [bug] win32: dig, host, nslookup. Use registry config
+ if resolv.conf does not exist or no nameservers
+ listed. [RT #15877]
+
+2091. [port] dighost.c: race condition on cleanup. [RT #16417]
+
+2090. [port] win32: Visual C++ 2005 command line manifest support.
+ [RT #16417]
+
+2089. [security] Raise the minimum safe OpenSSL versions to
+ OpenSSL 0.9.7l and OpenSSL 0.9.8d. Versions
+ prior to these have known security flaws which
+ are (potentially) exploitable in named. [RT #16391]
+
+2088. [security] Change the default RSA exponent from 3 to 65537.
+ [RT #16391]
+
+2087. [port] libisc failed to compile on OS's w/o a vsnprintf.
+ [RT #16382]
+
+2086. [port] libbind: FreeBSD now has get*by*_r() functions.
+ [RT #16403]
+
+2085. [doc] win32: added index.html and README to zip. [RT #16201]
+
+2084. [contrib] dbus update for 9.3.3rc2.
+
+2083. [port] win32: Visual C++ 2005 support.
+
+2082. [doc] Document 'cache-file' as a test only option.
+
+2081. [port] libbind: minor 64-bit portability fix in memcluster.c.
+ [RT #16360]
+
+2080. [port] libbind: res_init.c did not compile on older versions
+ of Solaris. [RT #16363]
+
+2079. [bug] The lame cache was not handling multiple types
+ correctly. [RT #16361]
+
+2078. [bug] dnssec-checkzone output style "default" was badly
+ named. It is now called "relative". [RT #16326]
+
+2077. [bug] 'dnssec-signzone -O raw' wasn't outputting the
+ complete signed zone. [RT #16326]
+
+2076. [bug] Several files were missing #include <config.h>
+ causing build failures on OSF. [RT #16341]
+
+2075. [bug] The spillat timer event handler could leak memory.
+ [RT #16357]
+
+2074. [bug] dns_request_createvia2(), dns_request_createvia3(),
+ dns_request_createraw2() and dns_request_createraw3()
+ failed to send multiple UDP requests. [RT #16349]
+
+2073. [bug] Incorrect semantics check for update policy "wildcard".
+ [RT #16353]
+
+2072. [bug] We were not generating valid HMAC SHA digests.
+ [RT #16320]
+
+2071. [port] Test whether gcc accepts -fno-strict-aliasing.
+ [RT #16324]
+
+2070. [bug] The remote address was not always displayed when
+ reporting dispatch failures. [RT #16315]
+
+2069. [bug] Cross compiling was not working. [RT #16330]
+
+2068. [cleanup] Lower incremental tuning message to debug 1.
+ [RT #16319]
+
+2067. [bug] 'rndc' could close the socket too early triggering
+ a INSIST under Windows. [RT #16317]
+
+2066. [security] Handle SIG queries gracefully. [RT #16300]
+
+2065. [bug] libbind: probe for HPUX prototypes for
+ endprotoent_r() and endservent_r(). [RT 16313]
+
+2064. [bug] libbind: silence AIX compiler warnings. [RT #16218]
+
+2063. [bug] Change #1955 introduced a bug which caused the first
+ 'rndc flush' call to not free memory. [RT #16244]
+
+2062. [bug] 'dig +nssearch' was reusing a buffer before it had
+ been returned by the socket code. [RT #16307]
+
+2061. [bug] Accept expired wildcard message reversed. [RT #16296]
+
+2060. [bug] Enabling DLZ support could leave views partially
+ configured. [RT #16295]
+
+2059. [bug] Search into cache rbtdb could trigger an INSIST
+ failure while cleaning up a stale rdataset.
+ [RT #16292]
+
+2058. [bug] Adjust how we calculate rtt estimates in the presence
+ of authoritative servers that drop EDNS and/or CD
+ requests. Also fallback to EDNS/512 and plain DNS
+ faster for zones with less than 3 servers. [RT #16187]
+
+2057. [bug] Make setting "ra" dependent on both allow-query-cache
+ and allow-recursion. [RT #16290]
+
+2056. [bug] dig: ixfr= was not being treated case insensitively
+ at all times. [RT #15955]
+
+2055. [bug] Missing goto after dropping multicast query.
+ [RT #15944]
+
+2054. [port] freebsd: do not explicitly link against -lpthread.
+ [RT #16170]
+
+2053. [port] netbsd:libbind: silence compiler warnings. [RT #16220]
+
+2052. [bug] 'rndc' improve connect failed message to report
+ the failing address. [RT #15978]
+
+2051. [port] More strtol() fixes. [RT #16249]
+
+2050. [bug] Parsing of NSAP records was not case insensitive.
+ [RT #16287]
+
+2049. [bug] Restore SOA before AXFR when falling back from
+ a attempted IXFR when transferring in a zone.
+ Allow a initial SOA query before attempting
+ a AXFR to be requested. [RT #16156]
+
+2048. [bug] It was possible to loop forever when using
+ avoid-v4-udp-ports / avoid-v6-udp-ports when
+ the OS always returned the same local port.
+ [RT #16182]
+
+2047. [bug] Failed to initialize the interface flags to zero.
+ [RT #16245]
+
+2046. [bug] rbtdb.c:rdataset_setadditional() could cause duplicate
+ cleanup [RT #16247].
+
+2045. [func] Use lock buckets for acache entries to limit memory
+ consumption. [RT #16183]
+
+2044. [port] Add support for atomic operations for Itanium.
+ [RT #16179]
+
+2043. [port] nsupdate/nslookup: Force the flushing of the prompt
+ for interactive sessions. [RT #16148]
+
+2042. [bug] named-checkconf was incorrectly rejecting the
+ logging category "config". [RT #16117]
+
+2041. [bug] "configure --with-dlz-bdb=yes" produced a bad
+ set of libraries to be linked. [RT #16129]
+
+2040. [bug] rbtdb no_references() could trigger an INSIST
+ failure with --enable-atomic. [RT #16022]
+
+2039. [func] Check that all buffers passed to the socket code
+ have been retrieved when the socket event is freed.
+ [RT #16122]
+
+2038. [bug] dig/nslookup/host was unlinking from wrong list
+ when handling errors. [RT #16122]
+
+2037. [func] When unlinking the first or last element in a list
+ check that the list head points to the element to
+ be unlinked. [RT #15959]
+
+2036. [bug] 'rndc recursing' could cause trigger a REQUIRE.
+ [RT #16075]
+
+2035. [func] Make falling back to TCP on UDP refresh failure
+ optional. Default "try-tcp-refresh yes;" for BIND 8
+ compatibility. [RT #16123]
+
+2034. [bug] gcc: set -fno-strict-aliasing. [RT #16124]
+
+2033. [bug] We weren't creating multiple client memory contexts
+ on demand as expected. [RT #16095]
+
+2032. [bug] Remove a INSIST in query_addadditional2(). [RT #16074]
+
+2031. [bug] Emit a error message when "rndc refresh" is called on
+ a non slave/stub zone. [RT # 16073]
+
+2030. [bug] We were being overly conservative when disabling
+ openssl engine support. [RT #16030]
+
+2029. [bug] host printed out the server multiple times when
+ specified on the command line. [RT #15992]
+
+2028. [port] linux: socket.c compatibility for old systems.
+ [RT #16015]
+
+2027. [port] libbind: Solaris x86 support. [RT #16020]
+
+2026. [bug] Rate limit the two recursive client exceeded messages.
+ [RT #16044]
+
+2025. [func] Update "zone serial unchanged" message. [RT #16026]
+
+2024. [bug] named emitted spurious "zone serial unchanged"
+ messages on reload. [RT #16027]
+
+2023. [bug] "make install" should create ${localstatedir}/run and
+ ${sysconfdir} if they do not exist. [RT #16033]
+
+2022. [bug] If dnssec validation is disabled only assert CD if
+ CD was requested. [RT #16037]
+
+2021. [bug] dnssec-enable no; triggered a REQUIRE. [RT #16037]
+
+2020. [bug] rdataset_setadditional() could leak memory. [RT #16034]
+
+2019. [tuning] Reduce the amount of work performed per quantum
+ when cleaning the cache. [RT #15986]
+
+2018. [bug] Checking if the HMAC MD5 private file was broken.
+ [RT #15960]
+
+2017. [bug] allow-query default was not correct. [RT #15946]
+
+2016. [bug] Return a partial answer if recursion is not
+ allowed but requested and we had the answer
+ to the original qname. [RT #15945]
+
+2015. [cleanup] use-additional-cache is now acache-enable for
+ consistency. Default acache-enable off in BIND 9.4
+ as it requires memory usage to be configured.
+ It may be enabled by default in BIND 9.5 once we
+ have more experience with it.
+
+2014. [func] Statistics about acache now recorded and sent
+ to log. [RT #15976]
+
+2013. [bug] Handle unexpected TSIGs on unsigned AXFR/IXFR
+ responses more gracefully. [RT #15941]
+
+2012. [func] Don't insert new acache entries if acache is full.
+ [RT #15970]
+
+2011. [func] dnssec-signzone can now update the SOA record of
+ the signed zone, either as an increment or as the
+ system time(). [RT #15633]
+
+2010. [placeholder] rt15958
+
+2009. [bug] libbind: Coverity fixes. [RT #15808]
+
+2008. [func] It is now possible to enable/disable DNSSEC
+ validation from rndc. This is useful for the
+ mobile hosts where the current connection point
+ breaks DNSSEC (firewall/proxy). [RT #15592]
+
+ rndc validation newstate [view]
+
+2007. [func] It is now possible to explicitly enable DNSSEC
+ validation. default dnssec-validation no; to
+ be changed to yes in 9.5.0. [RT #15674]
+
+2006. [security] Allow-query-cache and allow-recursion now default
+ to the built in acls "localnets" and "localhost".
+
+ This is being done to make caching servers less
+ attractive as reflective amplifying targets for
+ spoofed traffic. This still leave authoritative
+ servers exposed.
+
+ The best fix is for full BCP 38 deployment to
+ remove spoofed traffic.
+
+2005. [bug] libbind: Retransmission timeouts should be
+ based on which attempt it is to the nameserver
+ and not the nameserver itself. [RT #13548]
+
+2004. [bug] dns_tsig_sign() could pass a NULL pointer to
+ dst_context_destroy() when cleaning up after a
+ error. [RT #15835]
+
+2003. [bug] libbind: The DNS name/address lookup functions could
+ occasionally follow a random pointer due to
+ structures not being completely zeroed. [RT #15806]
+
+2002. [bug] libbind: tighten the constraints on when
+ struct addrinfo._ai_pad exists. [RT #15783]
+
+2001. [func] Check the KSK flag when updating a secure dynamic zone.
+ New zone option "update-check-ksk yes;". [RT #15817]
+
+2000. [bug] memmove()/strtol() fix was incomplete. [RT #15812]
+
+1999. [func] Implement "rrset-order fixed". [RT #13662]
+
+1998. [bug] Restrict handling of fifos as sockets to just SunOS.
+ This allows named to connect to entropy gathering
+ daemons that use fifos instead of sockets. [RT #15840]
+
+1997. [bug] Named was failing to replace negative cache entries
+ when a positive one for the type was learnt.
+ [RT #15818]
+
+1996. [bug] nsupdate: if a zone has been specified it should
+ appear in the output of 'show'. [RT #15797]
+
+1995. [bug] 'host' was reporting multiple "is an alias" messages.
+ [RT #15702]
+
+1994. [port] OpenSSL 0.9.8 support. [RT #15694]
+
+1993. [bug] Log messages, via syslog, were missing the space
+ after the timestamp if "print-time yes" was specified.
+ [RT #15844]
+
+1992. [bug] Not all incoming zone transfer messages included the
+ view. [RT #15825]
+
+1991. [cleanup] The configuration data, once read, should be treated
+ as read only. Expand the use of const to enforce this
+ at compile time. [RT #15813]
+
+1990. [bug] libbind: isc's override of broken gettimeofday()
+ implementations was not always effective.
+ [RT #15709]
+
+1989. [bug] win32: don't check the service password when
+ re-installing. [RT #15882]
+
+1988. [bug] Remove a bus error from the SHA256/SHA512 support.
+ [RT #15878]
+
+1987. [func] DS/DLV SHA256 digest algorithm support. [RT #15608]
+
+1986. [func] Report when a zone is removed. [RT #15849]
+
+1985. [protocol] DLV has now been assigned a official type code of
+ 32769. [RT #15807]
+
+ Note: care should be taken to ensure you upgrade
+ both named and dnssec-signzone at the same time for
+ zones with DLV records where named is the master
+ server for the zone. Also any zones that contain
+ DLV records should be removed when upgrading a slave
+ zone. You do not however have to upgrade all
+ servers for a zone with DLV records simultaneously.
+
+1984. [func] dig, nslookup and host now advertise a 4096 byte
+ EDNS UDP buffer size by default. [RT #15855]
+
+1983. [func] Two new update policies. "selfsub" and "selfwild".
+ [RT #12895]
+
+1982. [bug] DNSKEY was being accepted on the parent side of
+ a delegation. KEY is still accepted there for
+ RFC 3007 validated updates. [RT #15620]
+
+1981. [bug] win32: condition.c:wait() could fail to reattain
+ the mutex lock.
+
+1980. [func] dnssec-signzone: output the SOA record as the
+ first record in the signed zone. [RT #15758]
+
+1979. [port] linux: allow named to drop core after changing
+ user ids. [RT #15753]
+
+1978. [port] Handle systems which have a broken recvmsg().
+ [RT #15742]
+
+1977. [bug] Silence noisy log message. [RT #15704]
+
+1976. [bug] Handle systems with no IPv4 addresses. [RT #15695]
+
+1975. [bug] libbind: isc_gethexstring() could misparse multi-line
+ hex strings with comments. [RT #15814]
+
+1974. [doc] List each of the zone types and associated zone
+ options separately in the ARM.
+
+1973. [func] TSIG HMACSHA1, HMACSHA224, HMACSHA256, HMACSHA384 and
+ HMACSHA512 support. [RT #13606]
+
+1972. [contrib] DBUS dynamic forwarders integration from
+ Jason Vas Dias <jvdias@redhat.com>.
+
+1971. [port] linux: make detection of missing IF_NAMESIZE more
+ robust. [RT #15443]
+
+1970. [bug] nsupdate: adjust UDP timeout when falling back to
+ unsigned SOA query. [RT #15775]
+
+1969. [bug] win32: the socket code was freeing the socket
+ structure too early. [RT #15776]
+
+1968. [bug] Missing lock in resolver.c:validated(). [RT #15739]
+
+1967. [func] dig/nslookup/host: warn about missing "QR". [RT #15779]
+
+1966. [bug] Don't set CD when we have fallen back to plain DNS.
+ [RT #15727]
+
+1965. [func] Suppress spurious "recursion requested but not
+ available" warning with 'dig +qr'. [RT #15780].
+
+1964. [func] Separate out MX and SRV to CNAME checks. [RT #15723]
+
+1963. [port] Tru64 4.0E doesn't support send() and recv().
+ [RT #15586]
+
+1962. [bug] Named failed to clear old update-policy when it
+ was removed. [RT #15491]
+
+1961. [bug] Check the port and address of responses forwarded
+ to dispatch. [RT #15474]
+
+1960. [bug] Update code should set NSEC ttls from SOA MINIMUM.
+ [RT #15465]
+
+1959. [func] Control the zeroing of the negative response TTL to
+ a soa query. Defaults "zero-no-soa-ttl yes;" and
+ "zero-no-soa-ttl-cache no;". [RT #15460]
+
+1958. [bug] Named failed to update the zone's secure state
+ until the zone was reloaded. [RT #15412]
+
+1957. [bug] Dig mishandled responses to class ANY queries.
+ [RT #15402]
+
+1956. [bug] Improve cross compile support, 'gen' is now built
+ by native compiler. See README for additional
+ cross compile support information. [RT #15148]
+
+1955. [bug] Pre-allocate the cache cleaning iterator. [RT #14998]
+
+1954. [func] Named now falls back to advertising EDNS with a
+ 512 byte receive buffer if the initial EDNS queries
+ fail. [RT #14852]
+
+1953. [func] The maximum EDNS UDP response named will send can
+ now be set in named.conf (max-udp-size). This is
+ independent of the advertised receive buffer
+ (edns-udp-size). [RT #14852]
+
+1952. [port] hpux: tell the linker to build a runtime link
+ path "-Wl,+b:". [RT #14816].
+
+1951. [security] Drop queries from particular well known ports.
+ Don't return FORMERR to queries from particular
+ well known ports. [RT #15636]
+
+1950. [port] Solaris 2.5.1 and earlier cannot bind() then connect()
+ a TCP socket. This prevents the source address being
+ set for TCP connections. [RT #15628]
+
+1949. [func] Addition memory leakage checks. [RT #15544]
+
+1948. [bug] If was possible to trigger a REQUIRE failure in
+ xfrin.c:maybe_free() if named ran out of memory.
+ [RT #15568]
+
+1947. [func] It is now possible to configure named to accept
+ expired RRSIGs. Default "dnssec-accept-expired no;".
+ Setting "dnssec-accept-expired yes;" leaves named
+ vulnerable to replay attacks. [RT #14685]
+
+1946. [bug] resume_dslookup() could trigger a REQUIRE failure
+ when using forwarders. [RT #15549]
+
+1945. [cleanup] dnssec-keygen: RSA (RSAMD5) is no longer recommended.
+ To generate a RSAMD5 key you must explicitly request
+ RSAMD5. [RT #13780]
+
+1944. [cleanup] isc_hash_create() does not need a read/write lock.
+ [RT #15522]
+
+1943. [bug] Set the loadtime after rolling forward the journal.
+ [RT #15647]
+
+1942. [bug] If the name of a DNSKEY match that of one in
+ trusted-keys do not attempt to validate the DNSKEY
+ using the parents DS RRset. [RT #15649]
+
+1941. [bug] ncache_adderesult() should set eresult even if no
+ rdataset is passed to it. [RT #15642]
+
+1940. [bug] Fixed a number of error conditions reported by
+ Coverity.
+
+1939. [bug] The resolver could dereference a null pointer after
+ validation if all the queries have timed out.
+ [RT #15528]
+
+1938. [bug] The validator was not correctly handling unsecure
+ negative responses at or below a SEP. [RT #15528]
+
+1937. [bug] sdlz doesn't handle RRSIG records. [RT #15564]
+
+1936. [bug] The validator could leak memory. [RT #15544]
+
+1935. [bug] 'acache' was DO sensitive. [RT #15430]
+
+1934. [func] Validate pending NS RRsets, in the authority section,
+ prior to returning them if it can be done without
+ requiring DNSKEYs to be fetched. [RT #15430]
+
+1933. [bug] dump_rdataset_raw() had a incorrect INSIST. [RT #15534]
+
+1932. [bug] hpux: LDFLAGS was getting corrupted. [RT #15530]
+
+1931. [bug] Per-client mctx could require a huge amount of memory,
+ particularly for a busy caching server. [RT #15519]
+
+1930. [port] HPUX: ia64 support. [RT #15473]
+
+1929. [port] FreeBSD: extend use of PTHREAD_SCOPE_SYSTEM.
+
+1928. [bug] Race in rbtdb.c:currentversion(). [RT #15517]
+
+1927. [bug] Access to soanode or nsnode in rbtdb violated the
+ lock order rule and could cause a dead lock.
+ [RT #15518]
+
+1926. [bug] The Windows installer did not check for empty
+ passwords. BINDinstall was being installed in
+ the wrong place. [RT #15483]
+
+1925. [port] All outer level AC_TRY_RUNs need cross compiling
+ defaults. [RT #15469]
+
+1924. [port] libbind: hpux ia64 support. [RT #15473]
+
+1923. [bug] ns_client_detach() called too early. [RT #15499]
+
+1922. [bug] check-tool.c:setup_logging() missing call to
+ dns_log_setcontext().
+
+1921. [bug] Client memory contexts were not using internal
+ malloc. [RT #15434]
+
+1920. [bug] The cache rbtdb lock array was too small to
+ have the desired performance characteristics.
+ [RT #15454]
+
+1919. [contrib] queryperf: a set of new features: collecting/printing
+ response delays, printing intermediate results, and
+ adjusting query rate for the "target" qps.
+
+1918. [bug] Memory leak when checking acls. [RT #15391]
+
+1917. [doc] funcsynopsisinfo wasn't being treated as verbatim
+ when generating man pages. [RT #15385]
+
+1916. [func] Integrate contributed IDN code from JPNIC. [RT #15383]
+
+1915. [bug] dig +ndots was broken. [RT #15215]
+
+1914. [protocol] DS is required to accept mnemonic algorithms
+ (RFC 4034). Still emit numeric algorithms for
+ compatibility with RFC 3658. [RT #15354]
+
+1913. [func] Integrate contributed DLZ code into named. [RT #11382]
+
+1912. [port] aix: atomic locking for powerpc. [RT #15020]
+
+1911. [bug] Update windows socket code. [RT #14965]
+
+1910. [bug] dig's +sigchase code overhauled. [RT #14933]
+
+1909. [bug] The DLV code has been re-worked to make no longer
+ query order sensitive. [RT #14933]
+
+1908. [func] dig now warns if 'RA' is not set in the answer when
+ 'RD' was set in the query. host/nslookup skip servers
+ that fail to set 'RA' when 'RD' is set unless a server
+ is explicitly set. [RT #15005]
+
+1907. [func] host/nslookup now continue (default)/fail on SERVFAIL.
+ [RT #15006]
+
+1906. [func] dig now has a '-q queryname' and '+showsearch' options.
+ [RT #15034]
+
+1905. [bug] Strings returned from cfg_obj_asstring() should be
+ treated as read-only. The prototype for
+ cfg_obj_asstring() has been updated to reflect this.
+ [RT #15256]
+
+1904. [func] Automatic empty zone creation for D.F.IP6.ARPA and
+ friends. Note: RFC 1918 zones are not yet covered by
+ this but are likely to be in a future release.
+
+ New options: empty-server, empty-contact,
+ empty-zones-enable and disable-empty-zone.
+
+1903. [func] ISC string copy API.
+
+1902. [func] Attempt to make the amount of work performed in a
+ iteration self tuning. The covers nodes clean from
+ the cache per iteration, nodes written to disk when
+ rewriting a master file and nodes destroyed per
+ iteration when destroying a zone or a cache.
+ [RT #14996]
+
+1901. [cleanup] Don't add DNSKEY records to the additional section.
+
+1900. [bug] ixfr-from-differences failed to ensure that the
+ serial number increased. [RT #15036]
+
+1899. [func] named-checkconf now validates update-policy entries.
+ [RT #14963]
+
+1898. [bug] Extend ISC_SOCKADDR_FORMATSIZE and
+ ISC_NETADDR_FORMATSIZE to allow for scope details.
+
+1897. [func] x86 and x86_64 now have separate atomic locking
+ implementations.
+
+1896. [bug] Recursive clients soft quota support wasn't working
+ as expected. [RT #15103]
+
+1895. [bug] A escaped character is, potentially, converted to
+ the output character set too early. [RT #14666]
+
+1894. [doc] Review ARM for BIND 9.4.
+
+1893. [port] Use uintptr_t if available. [RT #14606]
+
+1892. [func] Support for SPF rdata type. [RT #15033]
+
+1891. [port] freebsd: pthread_mutex_init can fail if it runs out
+ of memory. [RT #14995]
+
+1890. [func] Raise the UDP receive buffer size to 32k if it is
+ less than 32k. [RT #14953]
+
+1889. [port] sunos: non blocking i/o support. [RT #14951]
+
+1888. [func] Support for IPSECKEY rdata type. [RT #14967]
+
+1887. [bug] The cache could delete expired records too fast for
+ clients with a virtual time in the past. [RT #14991]
+
+1886. [bug] fctx_create() could return success even though it
+ failed. [RT #14993]
+
+1885. [func] dig: report the number of extra bytes still left in
+ the packet after processing all the records.
+
+1884. [cleanup] dighost.c: move external declarations into <dig/dig.h>.
+
+1883. [bug] dnssec-signzone, dnssec-keygen: handle negative debug
+ levels. [RT #14962]
+
+1882. [func] Limit the number of recursive clients that can be
+ waiting for a single query (<qname,qtype,qclass>) to
+ resolve. New options clients-per-query and
+ max-clients-per-query.
+
+1881. [func] Add a system test for named-checkconf. [RT #14931]
+
+1880. [func] The lame cache is now done on a <qname,qclass,qtype>
+ basis as some servers only appear to be lame for
+ certain query types. [RT #14916]
+
+1879. [func] "USE INTERNAL MALLOC" is now runtime selectable.
+ [RT #14892]
+
+1878. [func] Detect duplicates of UDP queries we are recursing on
+ and drop them. New stats category "duplicate".
+ [RT #2471]
+
+1877. [bug] Fix unreasonably low quantum on call to
+ dns_rbt_destroy2(). Remove unnecessary unhash_node()
+ call. [RT #14919]
+
+1876. [func] Additional memory debugging support to track size
+ and mctx arguments. [RT #14814]
+
+1875. [bug] process_dhtkey() was using the wrong memory context
+ to free some memory. [RT #14890]
+
+1874. [port] sunos: portability fixes. [RT #14814]
+
+1873. [port] win32: isc__errno2result() now reports its caller.
+ [RT #13753]
+
+1872. [port] win32: Handle ERROR_NETNAME_DELETED. [RT #13753]
+
+1871. [placeholder]
+
+1870. [func] Added framework for handling multiple EDNS versions.
+ [RT #14873]
+
+1869. [func] dig can now specify the EDNS version when making
+ a query. [RT #14873]
+
+1868. [func] edns-udp-size can now be overridden on a per
+ server basis. [RT #14851]
+
+1867. [bug] It was possible to trigger a INSIST in
+ dlv_validatezonekey(). [RT #14846]
+
+1866. [bug] resolv.conf parse errors were being ignored by
+ dig/host/nslookup. [RT #14841]
+
+1865. [bug] Silently ignore nameservers in /etc/resolv.conf with
+ bad addresses. [RT #14841]
+
+1864. [bug] Don't try the alternative transfer source if you
+ got a answer / transfer with the main source
+ address. [RT #14802]
+
+1863. [bug] rrset-order "fixed" error messages not complete.
+
+1862. [func] Add additional zone data constancy checks.
+ named-checkzone has extended checking of NS, MX and
+ SRV record and the hosts they reference.
+ named has extended post zone load checks.
+ New zone options: check-mx and integrity-check.
+ [RT #4940]
+
+1861. [bug] dig could trigger a INSIST on certain malformed
+ responses. [RT #14801]
+
+1860. [port] solaris 2.8: hack_shutup_pthreadmutexinit was
+ incorrectly set. [RT #14775]
+
+1859. [func] Add support for CH A record. [RT #14695]
+
+1858. [bug] The flush-zones-on-shutdown option wasn't being
+ parsed. [RT #14686]
+
+1857. [bug] named could trigger a INSIST() if reconfigured /
+ reloaded too fast. [RT #14673]
+
+1856. [doc] Switch Docbook toolchain from DSSSL to XSL.
+ [RT #11398]
+
+1855. [bug] ixfr-from-differences was failing to detect changes
+ of ttl due to dns_diff_subtract() was ignoring the ttl
+ of records. [RT #14616]
+
+1854. [bug] lwres also needs to know the print format for
+ (long long). [RT #13754]
+
+1853. [bug] Rework how DLV interacts with proveunsecure().
+ [RT #13605]
+
+1852. [cleanup] Remove last vestiges of dnssec-signkey and
+ dnssec-makekeyset (removed from Makefile years ago).
+
+1851. [doc] Doxygen comment markup. [RT #11398]
+
+1850. [bug] Memory leak in lwres_getipnodebyaddr(). [RT #14591]
+
+1849. [doc] All forms of the man pages (docbook, man, html) should
+ have consistent copyright dates.
+
+1848. [bug] Improve SMF integration. [RT #13238]
+
+1847. [bug] isc_ondestroy_init() is called too late in
+ dns_rbtdb_create()/dns_rbtdb64_create().
+ [RT #13661]
+
+1846. [contrib] query-loc-0.3.0 from Stephane Bortzmeyer
+ <bortzmeyer@nic.fr>.
+
+1845. [bug] Improve error reporting to distinguish between
+ accept()/fcntl() and socket()/fcntl() errors.
+ [RT #13745]
+
+1844. [bug] inet_pton() accepted more that 4 hexadecimal digits
+ for each 16 bit piece of the IPv6 address. The text
+ representation of a IPv6 address has been tightened
+ to disallow this (draft-ietf-ipv6-addr-arch-v4-02.txt).
+ [RT #5662]
+
+1843. [cleanup] CINCLUDES takes precedence over CFLAGS. This helps
+ when CFLAGS contains "-I /usr/local/include"
+ resulting in old header files being used.
+
+1842. [port] cmsg_len() could produce incorrect results on
+ some platform. [RT #13744]
+
+1841. [bug] "dig +nssearch" now makes a recursive query to
+ find the list of nameservers to query. [RT #13694]
+
+1840. [func] dnssec-signzone can now randomize signature end times
+ (dnssec-signzone -j jitter). [RT #13609]
+
+1839. [bug] <isc/hash.h> was not being installed.
+
+1838. [cleanup] Don't allow Linux capabilities to be inherited.
+ [RT #13707]
+
+1837. [bug] Compile time option ISC_FACILITY was not effective
+ for 'named -u <user>'. [RT #13714]
+
+1836. [cleanup] Silence compiler warnings in hash_test.c.
+
+1835. [bug] Update dnssec-signzone's usage message. [RT #13657]
+
+1834. [bug] Bad memset in rdata_test.c. [RT #13658]
+
+1833. [bug] Race condition in isc_mutex_lock_profile(). [RT #13660]
+
+1832. [bug] named fails to return BADKEY on unknown TSIG algorithm.
+ [RT #13620]
+
+1831. [doc] Update named-checkzone documentation. [RT #13604]
+
+1830. [bug] adb lame cache has sense of test reversed. [RT #13600]
+
+1829. [bug] win32: "pid-file none;" broken. [RT #13563]
+
+1828. [bug] isc_rwlock_init() failed to properly cleanup if it
+ encountered a error. [RT #13549]
+
+1827. [bug] host: update usage message for '-a'. [RT #37116]
+
+1826. [bug] Missing DESTROYLOCK() in isc_mem_createx() on out
+ of memory error. [RT #13537]
+
+1825. [bug] Missing UNLOCK() on out of memory error from in
+ rbtdb.c:subtractrdataset(). [RT #13519]
+
+1824. [bug] Memory leak on dns_zone_setdbtype() failure.
+ [RT #13510]
+
+1823. [bug] Wrong macro used to check for point to point interface.
+ [RT #13418]
+
+1822. [bug] check-names test for RT was reversed. [RT #13382]
+
+1821. [placeholder]
+
+1820. [bug] Gracefully handle acl loops. [RT #13659]
+
+1819. [bug] The validator needed to check both the algorithm and
+ digest types of the DS to determine if it could be
+ used to introduce a secure zone. [RT #13593]
+
+1818. [bug] 'named-checkconf -z' triggered an INSIST. [RT #13599]
+
+1817. [func] Add support for additional zone file formats for
+ improving loading performance. The masterfile-format
+ option in named.conf can be used to specify a
+ non-default format. A separate command
+ named-compilezone was provided to generate zone files
+ in the new format. Additionally, the -I and -O options
+ for dnssec-signzone specify the input and output
+ formats.
+
+1816. [port] UnixWare: failed to compile lib/isc/unix/net.c.
+ [RT #13597]
+
+1815. [bug] nsupdate triggered a REQUIRE if the server was set
+ without also setting the zone and it encountered
+ a CNAME and was using TSIG. [RT #13086]
+
+1814. [func] UNIX domain controls are now supported.
+
+1813. [func] Restructured the data locking framework using
+ architecture dependent atomic operations (when
+ available), improving response performance on
+ multi-processor machines significantly.
+ x86, x86_64, alpha, powerpc, and mips are currently
+ supported.
+
+1812. [port] win32: IN6_IS_ADDR_UNSPECIFIED macro is incorrect.
+ [RT #13453]
+
+1811. [func] Preserve the case of domain names in rdata during
+ zone transfers. [RT #13547]
+
+1810. [bug] configure, lib/bind/configure make different default
+ decisions about whether to do a threaded build.
+ [RT #13212]
+
+1809. [bug] "make distclean" failed for libbind if the platform
+ is not supported.
+
+1808. [bug] zone.c:notify_zone() contained a race condition,
+ zone->db could change underneath it. [RT #13511]
+
+1807. [bug] When forwarding (forward only) set the active domain
+ from the forward zone name. [RT #13526]
+
+1806. [bug] The resolver returned the wrong result when a CNAME /
+ DNAME was encountered when fetching glue from a
+ secure namespace. [RT #13501]
+
+1805. [bug] Pending status was not being cleared when DLV was
+ active. [RT #13501]
+
+1804. [bug] Ensure that if we are queried for glue that it fits
+ in the additional section or TC is set to tell the
+ client to retry using TCP. [RT #10114]
+
+1803. [bug] dnssec-signzone sometimes failed to remove old
+ RRSIGs. [RT #13483]
+
+1802. [bug] Handle connection resets better. [RT #11280]
+
+1801. [func] Report differences between hints and real NS rrset
+ and associated address records.
+
+1800. [bug] Changes #1719 allowed a INSIST to be triggered.
+ [RT #13428]
+
+1799. [bug] 'rndc flushname' failed to flush negative cache
+ entries. [RT #13438]
+
+1798. [func] The server syntax has been extended to support a
+ range of servers. [RT #11132]
+
+1797. [func] named-checkconf now check acls to verify that they
+ only refer to existing acls. [RT #13101]
+
+1796. [func] "rndc freeze/thaw" now freezes/thaws all zones.
+
+1795. [bug] "rndc dumpdb" was not fully documented. Minor
+ formatting issues with "rndc dumpdb -all". [RT #13396]
+
+1794. [func] Named and named-checkzone can now both check for
+ non-terminal wildcard records.
+
+1793. [func] Extend adjusting TTL warning messages. [RT #13378]
+
+1792. [func] New zone option "notify-delay". Specify a minimum
+ delay between sets of NOTIFY messages.
+
+1791. [bug] 'host -t a' still printed out AAAA and MX records.
+ [RT #13230]
+
+1790. [cleanup] Move lib/dns/sec/dst up into lib/dns. This should
+ allow parallel make to succeed.
+
+1789. [bug] Prerequisite test for tkey and dnssec could fail
+ with "configure --with-libtool".
+
+1788. [bug] libbind9.la/libbind9.so needs to link against
+ libisccfg.la/libisccfg.so.
+
+1787. [port] HPUX: both "cc" and "gcc" need -Wl,+vnocompatwarnings.
+
+1786. [port] AIX: libt_api needs to be taught to look for
+ T_testlist in the main executable (--with-libtool).
+ [RT #13239]
+
+1785. [bug] libbind9.la/libbind9.so needs to link against
+ libisc.la/libisc.so.
+
+1784. [cleanup] "libtool -allow-undefined" is the default.
+ Leave hooks in configure to allow it to be set
+ if needed in the future.
+
+1783. [cleanup] We only need one copy of libtool.m4, ltmain.sh in the
+ source tree.
+
+1782. [port] OSX: --with-libtool + --enable-libbind broke on
+ __evOptMonoTime. [RT #13219]
+
+1781. [port] FreeBSD 5.3: set PTHREAD_SCOPE_SYSTEM. [RT #12810]
+
+1780. [bug] Update libtool to 1.5.10.
+
+1779. [port] OSF 5.1: libtool didn't handle -pthread correctly.
+
+1778. [port] HUX 11.11: fix broken IN6ADDR_ANY_INIT and
+ IN6ADDR_LOOPBACK_INIT macros.
+
+1777. [port] OSF 5.1: fix broken IN6ADDR_ANY_INIT and
+ IN6ADDR_LOOPBACK_INIT macros.
+
+1776. [port] Solaris 2.9: fix broken IN6ADDR_ANY_INIT and
+ IN6ADDR_LOOPBACK_INIT macros.
+
+1775. [bug] Only compile getnetent_r.c when threaded. [RT #13205]
+
+1774. [port] Aix: Silence compiler warnings / build failures.
+ [RT #13154]
+
+1773. [bug] Fast retry on host / net unreachable. [RT #13153]
+
+1772. [placeholder]
+
+1771. [placeholder]
+
+1770. [bug] named-checkconf failed to report missing a missing
+ file clause for rbt{64} master/hint zones. [RT #13009]
+
+1769. [port] win32: change compiler flags /MTd ==> /MDd,
+ /MT ==> /MD.
+
+1768. [bug] nsecnoexistnodata() could be called with a non-NSEC
+ rdataset. [RT #12907]
+
+1767. [port] Builds on IPv6 platforms without IPv6 Advanced API
+ support for (struct in6_pktinfo) failed. [RT #13077]
+
+1766. [bug] Update the master file timestamp on successful refresh
+ as well as the journal's timestamp. [RT #13062]
+
+1765. [bug] configure --with-openssl=auto failed. [RT #12937]
+
+1764. [bug] dns_zone_replacedb failed to emit a error message
+ if there was no SOA record in the replacement db.
+ [RT #13016]
+
+1763. [func] Perform sanity checks on NS records which refer to
+ 'in zone' names. [RT #13002]
+
+1762. [bug] isc_interfaceiter_create() could return ISC_R_SUCCESS
+ even when it failed. [RT #12995]
+
+1761. [bug] 'rndc dumpdb' didn't report unassociated entries.
+ [RT #12971]
+
+1760. [bug] Host / net unreachable was not penalising rtt
+ estimates. [RT #12970]
+
+1759. [bug] Named failed to startup if the OS supported IPv6
+ but had no IPv6 interfaces configured. [RT #12942]
+
+1758. [func] Don't send notify messages to self. [RT #12933]
+
+1757. [func] host now can turn on memory debugging flags with '-m'.
+
+1756. [func] named-checkconf now checks the logging configuration.
+ [RT #12352]
+
+1755. [func] allow-update is now settable at the options / view
+ level. [RT #6636]
+
+1754. [bug] We weren't always attempting to query the parent
+ server for the DS records at the zone cut.
+ [RT #12774]
+
+1753. [bug] Don't serve a slave zone which has no NS records.
+ [RT #12894]
+
+1752. [port] Move isc_app_start() to after ns_os_daemonise()
+ as some fork() implementations unblock the signals
+ that are blocked by isc_app_start(). [RT #12810]
+
+1751. [bug] --enable-getifaddrs failed under linux. [RT #12867]
+
+1750. [port] lib/bind/make/rules.in:subdirs was not bash friendly.
+ [RT #12864]
+
+1749. [bug] 'check-names response ignore;' failed to ignore.
+ [RT #12866]
+
+1748. [func] dig now returns the byte count for axfr/ixfr.
+
+1747. [bug] BIND 8 compatibility: named/named-checkconf failed
+ to parse "host-statistics-max" in named.conf.
+
+1746. [func] Make public the function to read a key file,
+ dst_key_read_public(). [RT #12450]
+
+1745. [bug] Dig/host/nslookup accept replies from link locals
+ regardless of scope if no scope was specified when
+ query was sent. [RT #12745]
+
+1744. [bug] If tuple2msgname() failed to convert a tuple to
+ a name a REQUIRE could be triggered. [RT #12796]
+
+1743. [bug] If isc_taskmgr_create() was not able to create the
+ requested number of worker threads then destruction
+ of the manager would trigger an INSIST() failure.
+ [RT #12790]
+
+1742. [bug] Deleting all records at a node then adding a
+ previously existing record, in a single UPDATE
+ transaction, failed to leave / regenerate the
+ associated RRSIG records. [RT #12788]
+
+1741. [bug] Deleting all records at a node in a secure zone
+ using a update-policy grant failed. [RT #12787]
+
+1740. [bug] Replace rbt's hash algorithm as it performed badly
+ with certain zones. [RT #12729]
+
+ NOTE: a hash context now needs to be established
+ via isc_hash_create() if the application was not
+ already doing this.
+
+1739. [bug] dns_rbt_deletetree() could incorrectly return
+ ISC_R_QUOTA. [RT #12695]
+
+1738. [bug] Enable overrun checking by default. [RT #12695]
+
+1737. [bug] named failed if more than 16 masters were specified.
+ [RT #12627]
+
+1736. [bug] dst_key_fromnamedfile() could fail to read a
+ public key. [RT #12687]
+
+1735. [bug] 'dig +sigtrace' could die with a REQUIRE failure.
+ [RE #12688]
+
+1734. [cleanup] 'rndc-confgen -a -t' remove extra '/' in path.
+ [RT #12588]
+
+1733. [bug] Return non-zero exit status on initial load failure.
+ [RT #12658]
+
+1732. [bug] 'rrset-order name "*"' wasn't being applied to ".".
+ [RT #12467]
+
+1731. [port] darwin: relax version test in ifconfig.sh.
+ [RT #12581]
+
+1730. [port] Determine the length type used by the socket API.
+ [RT #12581]
+
+1729. [func] Improve check-names error messages.
+
+1728. [doc] Update check-names documentation.
+
+1727. [bug] named-checkzone: check-names support didn't match
+ documentation.
+
+1726. [port] aix5: add support for aix5.
+
+1725. [port] linux: update error message on interaction of threads,
+ capabilities and setuid support (named -u). [RT #12541]
+
+1724. [bug] Look for DNSKEY records with "dig +sigtrace".
+ [RT #12557]
+
+1723. [cleanup] Silence compiler warnings from t_tasks.c. [RT #12493]
+
+1722. [bug] Don't commit the journal on malformed ixfr streams.
+ [RT #12519]
+
+1721. [bug] Error message from the journal processing were not
+ always identifying the relevant journal. [RT #12519]
+
+1720. [bug] 'dig +chase' did not terminate on a RFC 2308 Type 1
+ negative response. [RT #12506]
+
+1719. [bug] named was not correctly caching a RFC 2308 Type 1
+ negative response. [RT #12506]
+
+1718. [bug] nsupdate was not handling RFC 2308 Type 3 negative
+ responses when looking for the zone / master server.
+ [RT #12506]
+
+1717. [port] solaris: ifconfig.sh did not support Solaris 10.
+ "ifconfig.sh down" didn't work for Solaris 9.
+
+1716. [doc] named.conf(5) was being installed in the wrong
+ location. [RT #12441]
+
+1715. [func] 'dig +trace' now randomly selects the next servers
+ to try. Report if there is a bad delegation.
+
+1714. [bug] dig/host/nslookup were only trying the first
+ address when a nameserver was specified by name.
+ [RT #12286]
+
+1713. [port] linux: extend capset failure message to say:
+ please ensure that the capset kernel module is
+ loaded. see insmod(8)
+
+1712. [bug] Missing FULLCHECK for "trusted-key" in dig.
+
+1711. [func] 'rndc unfreeze' has been deprecated by 'rndc thaw'.
+
+1710. [func] 'rndc notify zone [class [view]]' resend the NOTIFY
+ messages for the specified zone. [RT #9479]
+
+1709. [port] solaris: add SMF support from Sun.
+
+1708. [cleanup] Replaced dns_fullname_hash() with dns_name_fullhash()
+ for conformance to the name space convention. Binary
+ backward compatibility to the old function name is
+ provided. [RT #12376]
+
+1707. [contrib] sdb/ldap updated to version 1.0-beta.
+
+1706. [bug] 'rndc stop' failed to cause zones to be flushed
+ sometimes. [RT #12328]
+
+1705. [func] Allow the journal's name to be changed via named.conf.
+
+1704. [port] lwres needed a snprintf() implementation for
+ platforms without snprintf(). Add missing
+ "#include <isc/print.h>". [RT #12321]
+
+1703. [bug] named would loop sending NOTIFY messages when it
+ failed to receive a response. [RT #12322]
+
+1702. [bug] also-notify should not be applied to built in zones.
+ [RT #12323]
+
+1701. [doc] A minimal named.conf man page.
+
+1700. [func] nslookup is no longer to be treated as deprecated.
+ Remove "deprecated" warning message. Add man page.
+
+1699. [bug] dnssec-signzone can generate "not exact" errors
+ when resigning. [RT #12281]
+
+1698. [doc] Use reserved IPv6 documentation prefix.
+
+1697. [bug] xxx-source{,-v6} was not effective when it
+ specified one of listening addresses and a
+ different port than the listening port. [RT #12257]
+
+1696. [bug] dnssec-signzone failed to clean out nodes that
+ consisted of only NSEC and RRSIG records.
+ [RT #12154]
+
+1695. [bug] DS records when forwarding require special handling.
+ [RT #12133]
+
+1694. [bug] Report if the builtin views of "_default" / "_bind"
+ are defined in named.conf. [RT #12023]
+
+1693. [bug] max-journal-size was not effective for master zones
+ with ixfr-from-differences set. [RT #12024]
+
+1692. [bug] Don't set -I, -L and -R flags when libcrypto is in
+ /usr/lib. [RT #11971]
+
+1691. [bug] sdb's attachversion was not complete. [RT #11990]
+
+1690. [bug] Delay detaching view from the client until UPDATE
+ processing completes when shutting down. [RT #11714]
+
+1689. [bug] DNS_NAME_TOREGION() and DNS_NAME_SPLIT() macros
+ contained gratuitous semicolons. [RT #11707]
+
+1688. [bug] LDFLAGS was not supported.
+
+1687. [bug] Race condition in dispatch. [RT #10272]
+
+1686. [bug] Named sent a extraneous NOTIFY when it received a
+ redundant UPDATE request. [RT #11943]
+
+1685. [bug] Change #1679 loop tests weren't quite right.
+
+1684. [func] ixfr-from-differences now takes master and slave in
+ addition to yes and no at the options and view levels.
+
+1683. [bug] dig +sigchase could leak memory. [RT #11445]
+
+1682. [port] Update configure test for (long long) printf format.
+ [RT #5066]
+
+1681. [bug] Only set SO_REUSEADDR when a port is specified in
+ isc_socket_bind(). [RT #11742]
+
+1680. [func] rndc: the source address can now be specified.
+
+1679. [bug] When there was a single nameserver with multiple
+ addresses for a zone not all addresses were tried.
+ [RT #11706]
+
+1678. [bug] RRSIG should use TYPEXXXXX for unknown types.
+
+1677. [bug] dig: +aaonly didn't work, +aaflag undocumented.
+
+1676. [func] New option "allow-query-cache". This lets
+ allow-query be used to specify the default zone
+ access level rather than having to have every
+ zone override the global value. allow-query-cache
+ can be set at both the options and view levels.
+ If allow-query-cache is not set allow-query applies.
+
+1675. [bug] named would sometimes add extra NSEC records to
+ the authority section.
+
+1674. [port] linux: increase buffer size used to scan
+ /proc/net/if_inet6.
+
+1673. [port] linux: issue a error messages if IPv6 interface
+ scans fails.
+
+1672. [cleanup] Tests which only function in a threaded build
+ now return R:THREADONLY (rather than R:UNTESTED)
+ in a non-threaded build.
+
+1671. [contrib] queryperf: add NAPTR to the list of known types.
+
+1670. [func] Log UPDATE requests to slave zones without an acl as
+ "disabled" at debug level 3. [RT #11657]
+
+1669. [placeholder]
+
+1668. [bug] DIG_SIGCHASE was making bin/dig/host dump core.
+
+1667. [port] linux: not all versions have IF_NAMESIZE.
+
+1666. [bug] The optional port on hostnames in dual-stack-servers
+ was being ignored.
+
+1665. [func] rndc now allows addresses to be set in the
+ server clauses.
+
+1664. [bug] nsupdate needed KEY for SIG(0), not DNSKEY.
+
+1663. [func] Look for OpenSSL by default.
+
+1662. [bug] Change #1658 failed to change one use of 'type'
+ to 'keytype'.
+
+1661. [bug] Restore dns_name_concatenate() call in
+ adb.c:set_target(). [RT #11582]
+
+1660. [bug] win32: connection_reset_fix() was being called
+ unconditionally. [RT #11595]
+
+1659. [cleanup] Cleanup some messages that were referring to KEY vs
+ DNSKEY, NXT vs NSEC and SIG vs RRSIG.
+
+1658. [func] Update dnssec-keygen to default to KEY for HMAC-MD5
+ and DH. Tighten which options apply to KEY and
+ DNSKEY records.
+
+1657. [doc] ARM: document query log output.
+
+1656. [doc] Update DNSSEC description in ARM to cover DS, NSEC
+ DNSKEY and RRSIG. [RT #11542]
+
+1655. [bug] Logging multiple versions w/o a size was broken.
+ [RT #11446]
+
+1654. [bug] isc_result_totext() contained array bounds read
+ error.
+
+1653. [func] Add key type checking to dst_key_fromfilename(),
+ DST_TYPE_KEY should be used to read TSIG, TKEY and
+ SIG(0) keys.
+
+1652. [bug] TKEY still uses KEY.
+
+1651. [bug] dig: process multiple dash options.
+
+1650. [bug] dig, nslookup: flush standard out after each command.
+
+1649. [bug] Silence "unexpected non-minimal diff" message.
+ [RT #11206]
+
+1648. [func] Update dnssec-lookaside named.conf syntax to support
+ multiple dnssec-lookaside namespaces (not yet
+ implemented).
+
+1647. [bug] It was possible trigger a INSIST when chasing a DS
+ record that required walking back over a empty node.
+ [RT #11445]
+
+1646. [bug] win32: logging file versions didn't work with
+ non-UNC filenames. [RT #11486]
+
+1645. [bug] named could trigger a REQUIRE failure if multiple
+ masters with keys are specified.
+
+1644. [bug] Update the journal modification time after a
+ successful refresh query. [RT #11436]
+
+1643. [bug] dns_db_closeversion() could leak memory / node
+ references. [RT #11163]
+
+1642. [port] Support OpenSSL implementations which don't have
+ DSA support. [RT #11360]
+
+1641. [bug] Update the check-names description in ARM. [RT #11389]
+
+1640. [bug] win32: isc_socket_cancel(ISC_SOCKCANCEL_ACCEPT) was
+ incorrectly closing the socket. [RT #11291]
+
+1639. [func] Initial dlv system test.
+
+1638. [bug] "ixfr-from-differences" could generate a REQUIRE
+ failure if the journal open failed. [RT #11347]
+
+1637. [bug] Node reference leak on error in addnoqname().
+
+1636. [bug] The dump done callback could get ISC_R_SUCCESS even if
+ a error had occurred. The database version no longer
+ matched the version of the database that was dumped.
+
+1635. [bug] Memory leak on error in query_addds().
+
+1634. [bug] named didn't supply a useful error message when it
+ detected duplicate views. [RT #11208]
+
+1633. [bug] named should return NOTIMP to update requests to a
+ slaves without a allow-update-forwarding acl specified.
+ [RT #11331]
+
+1632. [bug] nsupdate failed to send prerequisite only UPDATE
+ messages. [RT #11288]
+
+1631. [bug] dns_journal_compact() could sometimes corrupt the
+ journal. [RT #11124]
+
+1630. [contrib] queryperf: add support for IPv6 transport.
+
+1629. [func] dig now supports IPv6 scoped addresses with the
+ extended format in the local-server part. [RT #8753]
+
+1628. [bug] Typo in Compaq Trucluster support. [RT #11264]
+
+1627. [bug] win32: sockets were not being closed when the
+ last external reference was removed. [RT #11179]
+
+1626. [bug] --enable-getifaddrs was broken. [RT #11259]
+
+1625. [bug] named failed to load/transfer RFC2535 signed zones
+ which contained CNAMES. [RT #11237]
+
+1624. [bug] zonemgr_putio() call should be locked. [RT #11163]
+
+1623. [bug] A serial number of zero was being displayed in the
+ "sending notifies" log message when also-notify was
+ used. [RT #11177]
+
+1622. [func] probe the system to see if IPV6_(RECV)PKTINFO is
+ available, and suppress wildcard binding if not.
+
+1621. [bug] match-destinations did not work for IPv6 TCP queries.
+ [RT #11156]
+
+1620. [func] When loading a zone report if it is signed. [RT #11149]
+
+1619. [bug] Missing ISC_LIST_UNLINK in end_reserved_dispatches().
+ [RT #11118]
+
+1618. [bug] Fencepost errors in dns_name_ishostname() and
+ dns_name_ismailbox() could trigger a INSIST().
+
+1617. [port] win32: VC++ 6.0 support.
+
+1616. [compat] Ensure that named's version is visible in the core
+ dump. [RT #11127]
+
+1615. [port] Define ISC_SOCKADDR_LEN_T based on _BSD_SOCKLEN_T_ if
+ it is defined.
+
+1614. [port] win32: silence resource limit messages. [RT #11101]
+
+1613. [bug] Builds would fail on machines w/o a if_nametoindex().
+ Missing #ifdef ISC_PLATFORM_HAVEIFNAMETOINDEX/#endif.
+ [RT #11119]
+
+1612. [bug] check-names at the option/view level could trigger
+ an INSIST. [RT #11116]
+
+1611. [bug] solaris: IPv6 interface scanning failed to cope with
+ no active IPv6 interfaces.
+
+1610. [bug] On dual stack machines "dig -b" failed to set the
+ address type to be looked up with "@server".
+ [RT #11069]
+
+1609. [func] dig now has support to chase DNSSEC signature chains.
+ Requires -DDIG_SIGCHASE=1 to be set in STD_CDEFINES.
+
+ DNSSEC validation code in dig coded by Olivier Courtay
+ (olivier.courtay@irisa.fr) for the IDsA project
+ (http://idsa.irisa.fr).
+
+1608. [func] dig and host now accept -4/-6 to select IP transport
+ to use when making queries.
+
+1607. [bug] dig, host and nslookup were still using random()
+ to generate query ids. [RT #11013]
+
+1606. [bug] DLV insecurity proof was failing.
+
+1605. [func] New dns_db_find() option DNS_DBFIND_COVERINGNSEC.
+
+1604. [bug] A xfrout_ctx_create() failure would result in
+ xfrout_ctx_destroy() being called with a
+ partially initialized structure.
+
+1603. [bug] nsupdate: set interactive based on isatty().
+ [RT #10929]
+
+1602. [bug] Logging to a file failed unless a size was specified.
+ [RT #10925]
+
+1601. [bug] Silence spurious warning 'both "recursion no;" and
+ "allow-recursion" active' warning from view "_bind".
+ [RT #10920]
+
+1600. [bug] Duplicate zone pre-load checks were not case
+ insensitive.
+
+1599. [bug] Fix memory leak on error path when checking named.conf.
+
+1598. [func] Specify that certain parts of the namespace must
+ be secure (dnssec-must-be-secure).
+
+1597. [func] Allow notify-source and query-source to be specified
+ on a per server basis similar to transfer-source.
+ [RT #6496]
+
+1596. [func] Accept 'notify-source' style syntax for query-source.
+
+1595. [func] New notify type 'master-only'. Enable notify for
+ master zones only.
+
+1594. [bug] 'rndc dumpdb' could prevent named from answering
+ queries while the dump was in progress. [RT #10565]
+
+1593. [bug] rndc should return "unknown command" to unknown
+ commands. [RT #10642]
+
+1592. [bug] configure_view() could leak a dispatch. [RT #10675]
+
+1591. [bug] libbind: updated to BIND 8.4.5.
+
+1590. [port] netbsd: update thread support.
+
+1589. [func] DNSSEC lookaside validation.
+
+1588. [bug] win32: TCP sockets could become blocked. [RT #10115]
+
+1587. [bug] dns_message_settsigkey() failed to clear existing key.
+ [RT #10590]
+
+1586. [func] "check-names" is now implemented.
+
+1585. [placeholder]
+
+1584. [bug] "make test" failed with a read only source tree.
+ [RT #10461]
+
+1583. [bug] Records add via UPDATE failed to get the correct trust
+ level. [RT #10452]
+
+1582. [bug] rrset-order failed to work on RRsets with more
+ than 32 elements. [RT #10381]
+
+1581. [func] Disable DNSSEC support by default. To enable
+ DNSSEC specify "dnssec-enable yes;" in named.conf.
+
+1580. [bug] Zone destruction on final detach takes a long time.
+ [RT #3746]
+
+1579. [bug] Multiple task managers could not be created.
+
+1578. [bug] Don't use CLASS E IPv4 addresses when resolving.
+ [RT #10346]
+
+1577. [bug] Use isc_uint32_t in ultrasparc optimizer bug
+ workaround code. [RT #10331]
+
+1576. [bug] Race condition in dns_dispatch_addresponse().
+ [RT #10272]
+
+1575. [func] Log TSIG name on TSIG verify failure. [RT #4404]
+
+1574. [bug] Don't attempt to open the controls socket(s) when
+ running tests. [RT #9091]
+
+1573. [port] linux: update to libtool 1.5.2 so that
+ "make install DESTDIR=/xx" works with
+ "configure --with-libtool". [RT #9941]
+
+1572. [bug] nsupdate: sign the soa query to find the enclosing
+ zone if the server is specified. [RT #10148]
+
+1571. [bug] rbt:hash_node() could fail leaving the hash table
+ in an inconsistent state. [RT #10208]
+
+1570. [bug] nsupdate failed to handle classes other than IN.
+ New keyword 'class' which sets the default class.
+ [RT #10202]
+
+1569. [func] nsupdate new command 'answer' which displays the
+ complete answer message to the last update.
+
+1568. [bug] nsupdate now reports that the update failed in
+ interactive mode. [RT #10236]
+
+1567. [maint] B.ROOT-SERVERS.NET is now 192.228.79.201.
+
+1566. [port] Support for the cmsg framework on Solaris and HP/UX.
+ This also solved the problem that match-destinations
+ for IPv6 addresses did not work on these systems.
+ [RT #10221]
+
+1565. [bug] CD flag should be copied to outgoing queries unless
+ the query is under a secure entry point in which case
+ CD should be set.
+
+1564. [func] Attempt to provide a fallback entropy source to be
+ used if named is running chrooted and named is unable
+ to open entropy source within the chroot area.
+ [RT #10133]
+
+1563. [bug] Gracefully fail when unable to obtain neither an IPv4
+ nor an IPv6 dispatch. [RT #10230]
+
+1562. [bug] isc_socket_create() and isc_socket_accept() could
+ leak memory under error conditions. [RT #10230]
+
+1561. [bug] It was possible to release the same name twice if
+ named ran out of memory. [RT #10197]
+
+1560. [port] FreeBSD: work around FreeBSD 5.2 mapping EAI_NODATA
+ and EAI_NONAME to the same value.
+
+1559. [port] named should ignore SIGFSZ.
+
+1558. [func] New DNSSEC 'disable-algorithms'. Support entry into
+ child zones for which we don't have a supported
+ algorithm. Such child zones are treated as unsigned.
+
+1557. [func] Implement missing DNSSEC tests for
+ * NOQNAME proof with wildcard answers.
+ * NOWILDARD proof with NXDOMAIN.
+ Cache and return NOQNAME with wildcard answers.
+
+1556. [bug] nsupdate now treats all names as fully qualified.
+ [RT #6427]
+
+1555. [func] 'rrset-order cyclic' no longer has a random starting
+ point per query. [RT #7572]
+
+1554. [bug] dig, host, nslookup failed when no nameservers
+ were specified in /etc/resolv.conf. [RT #8232]
+
+1553. [bug] The windows socket code could stop accepting
+ connections. [RT #10115]
+
+1552. [bug] Accept NOTIFY requests from mapped masters if
+ matched-mapped is set. [RT #10049]
+
+1551. [port] Open "/dev/null" before calling chroot().
+
+1550. [port] Call tzset(), if available, before calling chroot().
+
+1549. [func] named-checkzone can now write out the zone contents
+ in a easily parsable format (-D and -o).
+
+1548. [bug] When parsing APL records it was possible to silently
+ accept out of range ADDRESSFAMILY values. [RT #9979]
+
+1547. [bug] Named wasted memory recording duplicate lame zone
+ entries. [RT #9341]
+
+1546. [bug] We were rejecting valid secure CNAME to negative
+ answers.
+
+1545. [bug] It was possible to leak memory if named was unable to
+ bind to the specified transfer source and TSIG was
+ being used. [RT #10120]
+
+1544. [bug] Named would logged a single entry to a file despite it
+ being over the specified size limit.
+
+1543. [bug] Logging using "versions unlimited" did not work.
+
+1542. [placeholder]
+
+1541. [func] NSEC now uses new bitmap format.
+
+1540. [bug] "rndc reload <dynamiczone>" was silently accepted.
+ [RT #8934]
+
+1539. [bug] Open UDP sockets for notify-source and transfer-source
+ that use reserved ports at startup. [RT #9475]
+
+1538. [placeholder] rt9997
+
+1537. [func] New option "querylog". If set specify whether query
+ logging is to be enabled or disabled at startup.
+
+1536. [bug] Windows socket code failed to log a error description
+ when returning ISC_R_UNEXPECTED. [RT #9998]
+
+1535. [placeholder]
+
+1534. [bug] Race condition when priming cache. [RT #9940]
+
+1533. [func] Warn if both "recursion no;" and "allow-recursion"
+ are active. [RT #4389]
+
+1532. [port] netbsd: the configure test for <sys/sysctl.h>
+ requires <sys/param.h>.
+
+1531. [port] AIX more libtool fixes.
+
+1530. [bug] It was possible to trigger a INSIST() failure if a
+ slave master file was removed at just the correct
+ moment. [RT #9462]
+
+1529. [bug] "notify explicit;" failed to log that NOTIFY messages
+ were being sent for the zone. [RT #9442]
+
+1528. [cleanup] Simplify some dns_name_ functions based on the
+ deprecation of bitstring labels.
+
+1527. [cleanup] Reduce the number of gettimeofday() calls without
+ losing necessary timer granularity.
+
+1526. [func] Implemented "additional section caching (or acache)",
+ an internal cache framework for additional section
+ content to improve response performance. Several
+ configuration options were provided to control the
+ behavior.
+
+1525. [bug] dns_cache_create() could trigger a REQUIRE
+ failure in isc_mem_put() during error cleanup.
+ [RT #9360]
+
+1524. [port] AIX needs to be able to resolve all symbols when
+ creating shared libraries (--with-libtool).
+
+1523. [bug] Fix race condition in rbtdb. [RT #9189]
+
+1522. [bug] dns_db_findnode() relax the requirements on 'name'.
+ [RT #9286]
+
+1521. [bug] dns_view_createresolver() failed to check the
+ result from isc_mem_create(). [RT #9294]
+
+1520. [protocol] Add SSHFP (SSH Finger Print) type.
+
+1519. [bug] dnssec-signzone:nsec_setbit() computed the wrong
+ length of the new bitmap.
+
+1518. [bug] dns_nsec_buildrdata(), and hence dns_nsec_build(),
+ contained a off-by-one error when working out the
+ number of octets in the bitmap.
+
+1517. [port] Support for IPv6 interface scanning on HP/UX and
+ TrueUNIX 5.1.
+
+1516. [func] Roll the DNSSEC types to RRSIG, NSEC and DNSKEY.
+
+1515. [func] Allow transfer source to be set in a server statement.
+ [RT #6496]
+
+1514. [bug] named: isc_hash_destroy() was being called too early.
+ [RT #9160]
+
+1513. [doc] Add "US" to root-delegation-only exclude list.
+
+1512. [bug] Extend the delegation-only logging to return query
+ type, class and responding nameserver.
+
+1511. [bug] delegation-only was generating false positives
+ on negative answers from sub-zones.
+
+1510. [func] New view option "root-delegation-only". Apply
+ delegation-only check to all TLDs and root.
+ Note there are some TLDs that are NOT delegation
+ only (e.g. DE, LV, US and MUSEUM) these can be excluded
+ from the checks by using exclude.
+
+ root-delegation-only exclude {
+ "DE"; "LV"; "US"; "MUSEUM";
+ };
+
+1509. [bug] Hint zones should accept delegation-only. Forward
+ zone should not accept delegation-only.
+
+1508. [bug] Don't apply delegation-only checks to answers from
+ forwarders.
+
+1507. [bug] Handle BIND 8 style returns to NS queries to parents
+ when making delegation-only checks.
+
+1506. [bug] Wrong return type for dns_view_isdelegationonly().
+
+1505. [bug] Uninitialized rdataset in sdb. [RT #8750]
+
+1504. [func] New zone type "delegation-only".
+
+1503. [port] win32: install libeay32.dll outside of system32.
+
+1502. [bug] nsupdate: adjust timeouts for UPDATE requests over TCP.
+
+1501. [func] Allow TCP queue length to be specified via
+ named.conf, tcp-listen-queue.
+
+1500. [bug] host failed to lookup MX records. Also look up
+ AAAA records.
+
+1499. [bug] isc_random need to be seeded better if arc4random()
+ is not used.
+
+1498. [port] bsdos: 5.x support.
+
+1497. [placeholder]
+
+1496. [port] test for pthread_attr_setstacksize().
+
+1495. [cleanup] Replace hash functions with universal hash.
+
+1494. [security] Turn on RSA BLINDING as a precaution.
+
+1493. [placeholder]
+
+1492. [cleanup] Preserve rwlock quota context when upgrading /
+ downgrading. [RT #5599]
+
+1491. [bug] dns_master_dump*() would produce extraneous $ORIGIN
+ lines. [RT #6206]
+
+1490. [bug] Accept reading state as well as working state in
+ ns_client_next(). [RT #6813]
+
+1489. [compat] Treat 'allow-update' on slave zones as a warning.
+ [RT #3469]
+
+1488. [bug] Don't override trust levels for glue addresses.
+ [RT #5764]
+
+1487. [bug] A REQUIRE() failure could be triggered if a zone was
+ queued for transfer and the zone was then removed.
+ [RT #6189]
+
+1486. [bug] isc_print_snprintf() '%%' consumed one too many format
+ characters. [RT #8230]
+
+1485. [bug] gen failed to handle high type values. [RT #6225]
+
+1484. [bug] The number of records reported after a AXFR was wrong.
+ [RT #6229]
+
+1483. [bug] dig axfr failed if the message id in the answer failed
+ to match that in the request. Only the id in the first
+ message is required to match. [RT #8138]
+
+1482. [bug] named could fail to start if the kernel supports
+ IPv6 but no interfaces are configured. Similarly
+ for IPv4. [RT #6229]
+
+1481. [bug] Refresh and stub queries failed to use masters keys
+ if specified. [RT #7391]
+
+1480. [bug] Provide replay protection for rndc commands. Full
+ replay protection requires both rndc and named to
+ be updated. Partial replay protection (limited
+ exposure after restart) is provided if just named
+ is updated.
+
+1479. [bug] cfg_create_tuple() failed to handle out of
+ memory cleanup. parse_list() would leak memory
+ on syntax errors.
+
+1478. [port] ifconfig.sh didn't account for other virtual
+ interfaces. It now takes a optional argument
+ to specify the first interface number. [RT #3907]
+
+1477. [bug] memory leak using stub zones and TSIG.
+
+1476. [placeholder]
+
+1475. [port] Probe for old sprintf().
+
+1474. [port] Provide strtoul() and memmove() for platforms
+ without them.
+
+1473. [bug] create_map() and create_string() failed to handle out
+ of memory cleanup. [RT #6813]
+
+1472. [contrib] idnkit-1.0 from JPNIC, replaces mdnkit.
+
+1471. [bug] libbind: updated to BIND 8.4.0.
+
+1470. [bug] Incorrect length passed to snprintf. [RT #5966]
+
+1469. [func] Log end of outgoing zone transfer at same level
+ as the start of transfer is logged. [RT #4441]
+
+1468. [func] Internal zones are no longer counted for
+ 'rndc status'. [RT #4706]
+
+1467. [func] $GENERATES now supports optional class and ttl.
+
+1466. [bug] lwresd configuration errors resulted in memory
+ and lock leaks. [RT #5228]
+
+1465. [bug] isc_base64_decodestring() and isc_base64_tobuffer()
+ failed to check that trailing bits were zero allowing
+ some invalid base64 strings to be accepted. [RT #5397]
+
+1464. [bug] Preserve "out of zone" data for outgoing zone
+ transfers. [RT #5192]
+
+1463. [bug] dns_rdata_from{wire,struct}() failed to catch bad
+ NXT bit maps. [RT #5577]
+
+1462. [bug] parse_sizeval() failed to check the token type.
+ [RT #5586]
+
+1461. [bug] Remove deadlock from rbtdb code. [RT #5599]
+
+1460. [bug] inet_pton() failed to reject certain malformed
+ IPv6 literals.
+
+1459. [placeholder]
+
+1458. [cleanup] sprintf() -> snprintf().
+
+1457. [port] Provide strlcat() and strlcpy() for platforms without
+ them.
+
+1456. [contrib] gen-data-queryperf.py from Stephane Bortzmeyer.
+
+1455. [bug] <netaddr> missing from server grammar in
+ doc/misc/options. [RT #5616]
+
+1454. [port] Use getifaddrs() if available for interface scanning.
+ --disable-getifaddrs to override. Glibc currently
+ has a getifaddrs() that does not support IPv6.
+ Use --enable-getifaddrs=glibc to force the use of
+ this version under linux machines.
+
+1453. [doc] ARM: $GENERATE example wasn't accurate. [RT #5298]
+
+1452. [placeholder]
+
+1451. [bug] rndc-confgen didn't exit with a error code for all
+ failures. [RT #5209]
+
+1450. [bug] Fetching expired glue failed under certain
+ circumstances. [RT #5124]
+
+1449. [bug] query_addbestns() didn't handle running out of memory
+ gracefully.
+
+1448. [bug] Handle empty wildcards labels.
+
+1447. [bug] We were casting (unsigned int) to and from (void *).
+ rdataset->private4 is now rdataset->privateuint4
+ to reflect a type change.
+
+1446. [func] Implemented undocumented alternate transfer sources
+ from BIND 8. See use-alt-transfer-source,
+ alt-transfer-source and alt-transfer-source-v6.
+
+ SECURITY: use-alt-transfer-source is ENABLED unless
+ you are using views. This may cause a security risk
+ resulting in accidental disclosure of wrong zone
+ content if the master supplying different source
+ content based on IP address. If you are not certain
+ ISC recommends setting use-alt-transfer-source no;
+
+1445. [bug] DNS_ADBFIND_STARTATROOT broke stub zones. This has
+ been replaced with DNS_ADBFIND_STARTATZONE which
+ causes the search to start using the closest zone.
+
+1444. [func] dns_view_findzonecut2() allows you to specify if the
+ cache should be searched for zone cuts.
+
+1443. [func] Masters lists can now be specified and referenced
+ in zone masters clauses and other masters lists.
+
+1442. [func] New functions for manipulating port lists:
+ dns_portlist_create(), dns_portlist_add(),
+ dns_portlist_remove(), dns_portlist_match(),
+ dns_portlist_attach() and dns_portlist_detach().
+
+1441. [func] It is now possible to tell dig to bind to a specific
+ source port.
+
+1440. [func] It is now possible to tell named to avoid using
+ certain source ports (avoid-v4-udp-ports,
+ avoid-v6-udp-ports).
+
+1439. [bug] Named could return NOERROR with certain NOTIFY
+ failures. Return NOTAUTH if the NOTIFY zone is
+ not being served.
+
+1438. [func] Log TSIG (if any) when logging NOTIFY requests.
+
+1437. [bug] Leave space for stdio to work in. [RT #5033]
+
+1436. [func] dns_zonemgr_resumexfrs() can be used to restart
+ stalled transfers.
+
+1435. [bug] zmgr_resume_xfrs() was being called read locked
+ rather than write locked. zmgr_resume_xfrs()
+ was not being called if the zone was being
+ shutdown.
+
+1434. [bug] "rndc reconfig" failed to initiate the initial
+ zone transfer of new slave zones.
+
+1433. [bug] named could trigger a REQUIRE failure if it could
+ not get a file descriptor when attempting to write
+ a master file. [RT #4347]
+
+1432. [func] The advertised EDNS UDP buffer size can now be set
+ via named.conf (edns-udp-size).
+
+1431. [bug] isc_print_snprintf() "%s" with precision could walk off
+ end of argument. [RT #5191]
+
+1430. [port] linux: IPv6 interface scanning support.
+
+1429. [bug] Prevent the cache getting locked to old servers.
+
+1428. [placeholder]
+
+1427. [bug] Race condition in adb with threaded build.
+
+1426. [placeholder]
+
+1425. [port] linux/libbind: define __USE_MISC when testing *_r()
+ function prototypes in netdb.h. [RT #4921]
+
+1424. [bug] EDNS version not being correctly printed.
+
+1423. [contrib] queryperf: added A6 and SRV.
+
+1422. [func] Log name/type/class when denying a query. [RT #4663]
+
+1421. [func] Differentiate updates that don't succeed due to
+ prerequisites (unsuccessful) vs other reasons
+ (failed).
+
+1420. [port] solaris: work around gcc optimizer bug.
+
+1419. [port] openbsd: use /dev/arandom. [RT #4950]
+
+1418. [bug] 'rndc reconfig' did not cause new slaves to load.
+
+1417. [func] ID.SERVER/CHAOS is now a built in zone.
+ See "server-id" for how to configure.
+
+1416. [bug] Empty node should return NOERROR NODATA, not NXDOMAIN.
+ [RT #4715]
+
+1415. [func] DS TTL now derived from NS ttl. NXT TTL now derived
+ from SOA MINIMUM.
+
+1414. [func] Support for KSK flag.
+
+1413. [func] Explicitly request the (re-)generation of DS records
+ from keysets (dnssec-signzone -g).
+
+1412. [func] You can now specify servers to be tried if a nameserver
+ has IPv6 address and you only support IPv4 or the
+ reverse. See dual-stack-servers.
+
+1411. [bug] empty nodes should stop wildcard matches. [RT #4802]
+
+1410. [func] Handle records that live in the parent zone, e.g. DS.
+
+1409. [bug] DS should have attribute DNS_RDATATYPEATTR_DNSSEC.
+
+1408. [bug] "make distclean" was not complete. [RT #4700]
+
+1407. [bug] lfsr incorrectly implements the shift register.
+ [RT #4617]
+
+1406. [bug] dispatch initializes one of the LFSR's with a incorrect
+ polynomial. [RT #4617]
+
+1405. [func] Use arc4random() if available.
+
+1404. [bug] libbind: ns_name_ntol() could overwrite a zero length
+ buffer.
+
+1403. [func] dnssec-signzone, dnssec-keygen, dnssec-makekeyset
+ dnssec-signkey now report their version in the
+ usage message.
+
+1402. [cleanup] A6 has been moved to experimental and is no longer
+ fully supported.
+
+1401. [bug] adb wasn't clearing state when the timer expired.
+
+1400. [bug] Block the addition of wildcard NS records by IXFR
+ or UPDATE. [RT #3502]
+
+1399. [bug] Use serial number arithmetic when testing SIG
+ timestamps. [RT #4268]
+
+1398. [doc] ARM: notify-also should have been also-notify.
+ [RT #4345]
+
+1397. [maint] J.ROOT-SERVERS.NET is now 192.58.128.30.
+
+1396. [func] dnssec-signzone: adjust the default signing time by
+ 1 hour to allow for clock skew.
+
+1395. [port] OpenSSL 0.9.7 defines CRYPTO_LOCK_ENGINE but doesn't
+ have a working implementation. [RT #4079]
+
+1394. [func] It is now possible to check if a particular element is
+ in a acl. Remove duplicate entries from the localnets
+ acl.
+
+1393. [port] Bind to individual IPv6 interfaces if IPV6_IPV6ONLY
+ is not available in the kernel to prevent accidentally
+ listening on IPv4 interfaces.
+
+1392. [bug] named-checkzone: update usage.
+
+1391. [func] Add support for IPv6 scoped addresses in named.
+
+1390. [func] host now supports ixfr.
+
+1389. [bug] named could fail to rotate long log files. [RT #3666]
+
+1388. [port] irix: check for sys/sysctl.h and NET_RT_IFLIST before
+ defining HAVE_IFLIST_SYSCTL. [RT #3770]
+
+1387. [bug] named could crash due to an access to invalid memory
+ space (which caused an assertion failure) in
+ incremental cleaning. [RT #3588]
+
+1386. [bug] named-checkzone -z stopped on errors in a zone.
+ [RT #3653]
+
+1385. [bug] Setting serial-query-rate to 10 would trigger a
+ REQUIRE failure.
+
+1384. [bug] host was incompatible with BIND 8 in its exit code and
+ in the output with the -l option. [RT #3536]
+
+1383. [func] Track the serial number in a IXFR response and log if
+ a mismatch occurs. This is a more specific error than
+ "not exact". [RT #3445]
+
+1382. [bug] make install failed with --enable-libbind. [RT #3656]
+
+1381. [bug] named failed to correctly process answers that
+ contained DNAME records where the resulting CNAME
+ resulted in a negative answer.
+
+1380. [func] 'rndc recursing' dump recursing queries to
+ 'recursing-file = "named.recursing";'.
+
+1379. [func] 'rndc status' now reports tcp and recursion quota
+ states.
+
+1378. [func] Improved positive feedback for 'rndc {reload|refresh}.
+
+1377. [func] dns_zone_load{new}() now reports if the zone was
+ loaded, queued for loading to up to date.
+
+1376. [func] New function dns_zone_logc() to log to specified
+ category.
+
+1375. [func] 'rndc dumpdb' now dumps the adb cache along with the
+ data cache.
+
+1374. [func] dns_adb_dump() now logs the lame zones associated
+ with each server.
+
+1373. [bug] Recovery from expired glue failed under certain
+ circumstances.
+
+1372. [bug] named crashes with an assertion failure on exit when
+ sharing the same port for listening and querying, and
+ changing listening addresses several times. [RT #3509]
+
+1371. [bug] notify-source-v6, transfer-source-v6 and
+ query-source-v6 with explicit addresses and using the
+ same ports as named was listening on could interfere
+ with named's ability to answer queries sent to those
+ addresses.
+
+1370. [bug] dig '+[no]recurse' was incorrectly documented.
+
+1369. [bug] Adding an NS record as the lexicographically last
+ record in a secure zone didn't work.
+
+1368. [func] remove support for bitstring labels.
+
+1367. [func] Use response times to select forwarders.
+
+1366. [contrib] queryperf usage was incomplete. Add '-h' for help.
+
+1365. [func] "localhost" and "localnets" acls now include IPv6
+ addresses / prefixes.
+
+1364. [func] Log file name when unable to open memory statistics
+ and dump database files. [RT #3437]
+
+1363. [func] Listen-on-v6 now supports specific addresses.
+
+1362. [bug] remove IFF_RUNNING test when scanning interfaces.
+
+1361. [func] log the reason for rejecting a server when resolving
+ queries.
+
+1360. [bug] --enable-libbind would fail when not built in the
+ source tree for certain OS's.
+
+1359. [security] Support patches OpenSSL libraries.
+ http://www.cert.org/advisories/CA-2002-23.html
+
+1358. [bug] It was possible to trigger a INSIST when debugging
+ large dynamic updates. [RT #3390]
+
+1357. [bug] nsupdate was extremely wasteful of memory.
+
+1356. [tuning] Reduce the number of events / quantum for zone tasks.
+
+1355. [bug] Fix DNSSEC wildcard proof for CNAME/DNAME.
+
+1354. [doc] lwres man pages had illegal nroff.
+
+1353. [contrib] sdb/ldap to version 0.9.
+
+1352. [bug] dig, host, nslookup when falling back to TCP use the
+ current search entry (if any). [RT #3374]
+
+1351. [bug] lwres_getipnodebyname() returned the wrong name
+ when given a IPv4 literal, af=AF_INET6 and AI_MAPPED
+ was set.
+
+1350. [bug] dns_name_fromtext() failed to handle too many labels
+ gracefully.
+
+1349. [security] Minimum OpenSSL version now 0.9.6e (was 0.9.5a).
+ http://www.cert.org/advisories/CA-2002-23.html
+
+1348. [port] win32: Rewrote code to use I/O Completion Ports
+ in socket.c and eliminating a host of socket
+ errors. Performance is enhanced.
+
+1347. [placeholder]
+
+1346. [placeholder]
+
+1345. [port] Use a explicit -Wformat with gcc. Not all versions
+ include it in -Wall.
+
+1344. [func] Log if the serial number on the master has gone
+ backwards.
+ If you have multiple machines specified in the masters
+ clause you may want to set 'multi-master yes;' to
+ suppress this warning.
+
+1343. [func] Log successful notifies received (info). Adjust log
+ level for failed notifies to notice.
+
+1342. [func] Log remote address with TCP dispatch failures.
+
+1341. [func] Allow a rate limiter to be stalled.
+
+1340. [bug] Delay and spread out the startup refresh load.
+
+1339. [func] dig, host and nslookup now use IP6.ARPA for nibble
+ lookups. Bit string lookups are no longer attempted.
+
+1338. [placeholder]
+
+1337. [placeholder]
+
+1336. [func] Nibble lookups under IP6.ARPA are now supported by
+ dns_byaddr_create(). dns_byaddr_createptrname() is
+ deprecated, use dns_byaddr_createptrname2() instead.
+
+1335. [bug] When performing a nonexistence proof, the validator
+ should discard parent NXTs from higher in the DNS.
+
+1334. [bug] When signing/verifying rdatasets, duplicate rdatas
+ need to be suppressed.
+
+1333. [contrib] queryperf now reports a summary of returned
+ rcodes (-c), rcodes are printed in mnemonic form (-v).
+
+1332. [func] Report the current serial with periodic commits when
+ rolling forward the journal.
+
+1331. [func] Generate DNSSEC wildcard proofs.
+
+1330. [bug] When processing events (non-threaded) only allow
+ the task one chance to use to use its quantum.
+
+1329. [func] named-checkzone will now check if nameservers that
+ appear to be IP addresses. Available modes "fail",
+ "warn" (default) and "ignore" the results of the
+ check.
+
+1328. [bug] The validator could incorrectly verify an invalid
+ negative proof.
+
+1327. [bug] The validator would incorrectly mark data as insecure
+ when seeing a bogus signature before a correct
+ signature.
+
+1326. [bug] DNAME/CNAME signatures were not being cached when
+ validation was not being performed. [RT #3284]
+
+1325. [bug] If the tcpquota was exhausted it was possible to
+ to trigger a INSIST() failure.
+
+1324. [port] darwin: ifconfig.sh now supports darwin.
+
+1323. [port] linux: Slackware 4.0 needs <asm/unistd.h>. [RT #3205]
+
+1322. [bug] dnssec-signzone usage message was misleading.
+
+1321. [bug] If the last RRset in a zone is glue, dnssec-signzone
+ would incorrectly duplicate its output and sign it.
+
+1320. [doc] query-source-v6 was missing from options section.
+ [RT #3218]
+
+1319. [func] libbind: log attempts to exploit #1318.
+
+1318. [bug] libbind: Remote buffer overrun.
+
+1317. [port] libbind: TrueUNIX 5.1 does not like __align as a
+ element name.
+
+1316. [bug] libbind: gethostans() could get out of sync parsing
+ the response if there was a very long CNAME chain.
+
+1315. [bug] Options should apply to the internal _bind view.
+
+1314. [port] Handle ECONNRESET from sendmsg() [unix].
+
+1313. [func] Query log now says if the query was signed (S) or
+ if EDNS was used (E).
+
+1312. [func] Log TSIG key used w/ outgoing zone transfers.
+
+1311. [bug] lwres_getrrsetbyname leaked memory. [RT #3159]
+
+1310. [bug] 'rndc stop' failed to cause zones to be flushed
+ sometimes. [RT #3157]
+
+1309. [func] Log that a zone transfer was covered by a TSIG.
+
+1308. [func] DS (delegation signer) support.
+
+1307. [bug] nsupdate: allow white space base64 key data.
+
+1306. [bug] Badly encoded LOC record when the size, horizontal
+ precision or vertical precision was 0.1m.
+
+1305. [bug] Document that internal zones are included in the
+ rndc status results.
+
+1304. [func] New function: dns_zone_name().
+
+1303. [func] Option 'flush-zones-on-shutdown <boolean>;'.
+
+1302. [func] Extended rndc dumpdb to support dumping of zones and
+ view selection: 'dumpdb [-all|-zones|-cache] [view]'.
+
+1301. [func] New category 'update-security'.
+
+1300. [port] Compaq Trucluster support.
+
+1299. [bug] Set AI_ADDRCONFIG when looking up addresses
+ via getaddrinfo() (affects dig, host, nslookup, rndc
+ and nsupdate).
+
+1298. [bug] The CINCLUDES macro in lib/dns/sec/dst/Makefile
+ could be left with a trailing "\" after configure
+ has been run.
+
+1297. [port] linux: make handling EINVAL from socket() no longer
+ conditional on #ifdef LINUX.
+
+1296. [bug] isc_log_closefilelogs() needed to lock the log
+ context.
+
+1295. [bug] isc_log_setdebuglevel() needed to lock the log
+ context.
+
+1294. [func] libbind: no longer attempts bit string labels for
+ IPv6 reverse resolution. Try IP6.ARPA then IP6.INT
+ for nibble style resolution.
+
+1293. [func] Entropy can now be retrieved from EGDs. [RT #2438]
+
+1292. [func] Enable IPv6 support when using ioctl style interface
+ scanning and OS supports SIOCGLIFADDR using struct
+ if_laddrreq.
+
+1291. [func] Enable IPv6 support when using sysctl style interface
+ scanning.
+
+1290. [func] "dig axfr" now reports the number of messages
+ as well as the number of records.
+
+1289. [port] See if -ldl is required for OpenSSL? [RT #2672]
+
+1288. [bug] Adjusted REQUIRE's in lib/dns/name.c to better
+ reflect written requirements.
+
+1287. [bug] REQUIRE that DNS_DBADD_MERGE only be set when adding
+ a rdataset to a zone db in the rbtdb implementation of
+ addrdataset.
+
+1286. [bug] dns_name_downcase() enforce requirement that
+ target != NULL or name->buffer != NULL.
+
+1285. [func] lwres: probe the system to see what address families
+ are currently in use.
+
+1284. [bug] The RTT estimate on unused servers was not aged.
+ [RT #2569]
+
+1283. [func] Use "dataready" accept filter if available.
+
+1282. [port] libbind: hpux 11.11 interface scanning.
+
+1281. [func] Log zone when unable to get private keys to update
+ zone. Log zone when NXT records are missing from
+ secure zone.
+
+1280. [bug] libbind: escape '(' and ')' when converting to
+ presentation form.
+
+1279. [port] Darwin uses (unsigned long) for size_t. [RT #2590]
+
+1278. [func] dig: now supports +[no]cl +[no]ttlid.
+
+1277. [func] You can now create your own customized printing
+ styles: dns_master_stylecreate() and
+ dns_master_styledestroy().
+
+1276. [bug] libbind: const pointer conflicts in res_debug.c.
+
+1275. [port] libbind: hpux: treat all hpux systems as BIG_ENDIAN.
+
+1274. [bug] Memory leak in lwres_gnbarequest_parse().
+
+1273. [port] libbind: solaris: 64 bit binary compatibility.
+
+1272. [contrib] Berkeley DB 4.0 sdb implementation from
+ Nuno Miguel Rodrigues <nmr@co.sapo.pt>.
+
+1271. [bug] "recursion available: {denied,approved}" was too
+ confusing.
+
+1270. [bug] Check that system inet_pton() and inet_ntop() support
+ AF_INET6.
+
+1269. [port] Openserver: ifconfig.sh support.
+
+1268. [port] Openserver: the value FD_SETSIZE depends on whether
+ <sys/param.h> is included or not. Be consistent.
+
+1267. [func] isc_file_openunique() now creates file using mode
+ 0666 rather than 0600.
+
+1266. [bug] ISC_LINK_INIT, ISC_LINK_UNLINK, ISC_LIST_DEQUEUE,
+ __ISC_LINK_UNLINKUNSAFE and __ISC_LIST_DEQUEUEUNSAFE
+ are not C++ compatible, use *_TYPE versions instead.
+
+1265. [bug] libbind: LINK_INIT and UNLINK were not compatible with
+ C++, use LINK_INIT_TYPE and UNLINK_TYPE instead.
+
+1264. [placeholder]
+
+1263. [bug] Reference after free error if dns_dispatchmgr_create()
+ failed.
+
+1262. [bug] ns_server_destroy() failed to set *serverp to NULL.
+
+1261. [func] libbind: ns_sign2() and ns_sign_tcp() now provide
+ support for compressed TSIG owner names.
+
+1260. [func] libbind: res_update can now update IPv6 servers,
+ new function res_findzonecut2().
+
+1259. [bug] libbind: get_salen() IPv6 support was broken for OSs
+ w/o sa_len.
+
+1258. [bug] libbind: res_nametotype() and res_nametoclass() were
+ broken.
+
+1257. [bug] Failure to write pid-file should not be fatal on
+ reload. [RT #2861]
+
+1256. [contrib] 'queryperf' now has EDNS (-e) + DNSSEC DO (-D) support.
+
+1255. [bug] When verifying that an NXT proves nonexistence, check
+ the rcode of the message and only do the matching NXT
+ check. That is, for NXDOMAIN responses, check that
+ the name is in the range between the NXT owner and
+ next name, and for NOERROR NODATA responses, check
+ that the type is not present in the NXT bitmap.
+
+1254. [func] preferred-glue option from BIND 8.3.
+
+1253. [bug] The dnssec system test failed to remove the correct
+ files.
+
+1252. [bug] Dig, host and nslookup were not checking the address
+ the answer was coming from against the address it was
+ sent to. [RT #2692]
+
+1251. [port] win32: a make file contained absolute version specific
+ references.
+
+1250. [func] Nsupdate will report the address the update was
+ sent to.
+
+1249. [bug] Missing masters clause was not handled gracefully.
+ [RT #2703]
+
+1248. [bug] DESTDIR was not being propagated between makes.
+
+1247. [bug] Don't reset the interface index for link/site local
+ addresses. [RT #2576]
+
+1246. [func] New functions isc_sockaddr_issitelocal(),
+ isc_sockaddr_islinklocal(), isc_netaddr_issitelocal()
+ and isc_netaddr_islinklocal().
+
+1245. [bug] Treat ENOBUFS, ENOMEM and ENFILE as soft errors for
+ accept().
+
+1244. [bug] Receiving a TCP message from a blackhole address would
+ prevent further messages being received over that
+ interface.
+
+1243. [bug] It was possible to trigger a REQUIRE() in
+ dns_message_findtype(). [RT #2659]
+
+1242. [bug] named-checkzone failed if a journal existed. [RT #2657]
+
+1241. [bug] Drop received UDP messages with a zero source port
+ as these are invariably forged. [RT #2621]
+
+1240. [bug] It was possible to leak zone references by
+ specifying an incorrect zone to rndc.
+
+1239. [bug] Under certain circumstances named could continue to
+ use a name after it had been freed triggering
+ INSIST() failures. [RT #2614]
+
+1238. [bug] It is possible to lockup the server when shutting down
+ if notifies were being processed. [RT #2591]
+
+1237. [bug] nslookup: "set q=type" failed.
+
+1236. [bug] dns_rdata{class,type}_fromtext() didn't handle non
+ NULL terminated text regions. [RT #2588]
+
+1235. [func] Report 'out of memory' errors from openssl.
+
+1234. [bug] contrib/sdb: 'zonetodb' failed to call
+ dns_result_register(). DNS_R_SEENINCLUDE should not
+ be fatal.
+
+1233. [bug] The flags field of a KEY record can be expressed in
+ hex as well as decimal.
+
+1232. [bug] unix/errno2result() didn't handle EADDRNOTAVAIL.
+
+1231. [port] HPUX 11.11 recvmsg() can return spurious EADDRNOTAVAIL.
+
+1230. [bug] isccc_cc_isreply() and isccc_cc_isack() were broken.
+
+1229. [bug] named would crash if it received a TSIG signed
+ query as part of an AXFR response. [RT #2570]
+
+1228. [bug] 'make install' did not depend on 'make all'. [RT #2559]
+
+1227. [bug] dns_lex_getmastertoken() now returns ISC_R_BADNUMBER
+ if a number was expected and some other token was
+ found. [RT #2532]
+
+1226. [func] Use EDNS for zone refresh queries. [RT #2551]
+
+1225. [func] dns_message_setopt() no longer requires that
+ dns_message_renderbegin() to have been called.
+
+1224. [bug] 'rrset-order' and 'sortlist' should be additive
+ not exclusive.
+
+1223. [func] 'rrset-order' partially works 'cyclic' and 'random'
+ are supported.
+
+1222. [bug] Specifying 'port *' did not always result in a system
+ selected (non-reserved) port being used. [RT #2537]
+
+1221. [bug] Zone types 'master', 'slave' and 'stub' were not being
+ compared case insensitively. [RT #2542]
+
+1220. [func] Support for APL rdata type.
+
+1219. [func] Named now reports the TSIG extended error code when
+ signature verification fails. [RT #1651]
+
+1218. [bug] Named incorrectly returned SERVFAIL rather than
+ NOTAUTH when there was a TSIG BADTIME error. [RT #2519]
+
+1217. [func] Report locations of previous key definition when a
+ duplicate is detected.
+
+1216. [bug] Multiple server clauses for the same server were not
+ reported. [RT #2514]
+
+1215. [port] solaris: add support to ifconfig.sh for x86 2.5.1
+
+1214. [bug] Win32: isc_file_renameunique() could leave zero length
+ files behind.
+
+1213. [func] Report view associated with client if it is not a
+ standard view (_default or _bind).
+
+1212. [port] libbind: 64k answer buffers were causing stack space
+ to be exceeded for certain OS. Use heap space instead.
+
+1211. [bug] dns_name_fromtext() incorrectly handled certain
+ valid octal bitlabels. [RT #2483]
+
+1210. [bug] libbind: getnameinfo() failed to lookup IPv4 mapped /
+ compatible addresses. [RT #2461]
+
+1209. [bug] Dig, host, nslookup were not checking the message ids
+ on the responses. [RT #2454]
+
+1208. [bug] dns_master_load*() failed to log a error message if
+ an error was detected when parsing the owner name of
+ a record. [RT #2448]
+
+1207. [bug] libbind: getaddrinfo() could call freeaddrinfo() with
+ an invalid pointer.
+
+1206. [bug] SERVFAIL and NOTIMP responses to an EDNS query should
+ trigger a non-EDNS retry.
+
+1205. [bug] OPT, TSIG and TKEY cannot be used to set the "class"
+ of the message. [RT #2449]
+
+1204. [bug] libbind: res_nupdate() failed to update the name
+ server addresses before sending the update.
+
+1203. [func] Report locations of previous acl and zone definitions
+ when a duplicate is detected.
+
+1202. [func] New functions: cfg_obj_line() and cfg_obj_file().
+
+1201. [bug] Require that if 'callbacks' is passed to
+ dns_rdata_fromtext(), callbacks->error and
+ callbacks->warn are initialized.
+
+1200. [bug] Log 'errno' that we are unable to convert to
+ isc_result_t. [RT #2404]
+
+1199. [doc] ARM reference to RFC 2157 should have been RFC 1918.
+ [RT #2436]
+
+1198. [bug] OPT printing style was not consistent with the way the
+ header fields are printed. The DO bit was not reported
+ if set. Report if any of the MBZ bits are set.
+
+1197. [bug] Attempts to define the same acl multiple times were not
+ detected.
+
+1196. [contrib] update mdnkit to 2.2.3.
+
+1195. [bug] Attempts to redefine builtin acls should be caught.
+ [RT #2403]
+
+1194. [bug] Not all duplicate zone definitions were being detected
+ at the named.conf checking stage. [RT #2431]
+
+1193. [bug] dig +besteffort parsing didn't handle packet
+ truncation. dns_message_parse() has new flag
+ DNS_MESSAGE_IGNORETRUNCATION.
+
+1192. [bug] The seconds fields in LOC records were restricted
+ to three decimal places. More decimal places should
+ be allowed but warned about.
+
+1191. [bug] A dynamic update removing the last non-apex name in
+ a secure zone would fail. [RT #2399]
+
+1190. [func] Add the "rndc freeze" and "rndc unfreeze" commands.
+ [RT #2394]
+
+1189. [bug] On some systems, malloc(0) returns NULL, which
+ could cause the caller to report an out of memory
+ error. [RT #2398]
+
+1188. [bug] Dynamic updates of a signed zone would fail if
+ some of the zone private keys were unavailable.
+
+1187. [bug] named was incorrectly returning DNSSEC records
+ in negative responses when the DO bit was not set.
+
+1186. [bug] isc_hex_tobuffer(,,length = 0) failed to unget the
+ EOL token when reading to end of line.
+
+1185. [bug] libbind: don't assume statp->_u._ext.ext is valid
+ unless RES_INIT is set when calling res_*init().
+
+1184. [bug] libbind: call res_ndestroy() if RES_INIT is set
+ when res_*init() is called.
+
+1183. [bug] Handle ENOSR error when writing to the internal
+ control pipe. [RT #2395]
+
+1182. [bug] The server could throw an assertion failure when
+ constructing a negative response packet.
+
+1181. [func] Add the "key-directory" configuration statement,
+ which allows the server to look for online signing
+ keys in alternate directories.
+
+1180. [func] dnssec-keygen should always generate keys with
+ protocol 3 (DNSSEC), since it's less confusing
+ that way.
+
+1179. [func] Add SIG(0) support to nsupdate.
+
+1178. [bug] Follow and cache (if appropriate) A6 and other
+ data chains to completion in the additional section.
+
+1177. [func] Report view when loading zones if it is not a
+ standard view (_default or _bind). [RT #2270]
+
+1176. [doc] Document that allow-v6-synthesis is only performed
+ for clients that are supplied recursive service.
+ [RT #2260]
+
+1175. [bug] named-checkzone and named-checkconf failed to call
+ dns_result_register() at startup which could
+ result in runtime exceptions when printing
+ "out of memory" errors. [RT #2335]
+
+1174. [bug] Win32: add WSAECONNRESET to the expected errors
+ from connect(). [RT #2308]
+
+1173. [bug] Potential memory leaks in isc_log_create() and
+ isc_log_settag(). [RT #2336]
+
+1172. [doc] Add CERT, GPOS, KX, NAPTR, NSAP, PX and TXT to
+ table of RR types in ARM.
+
+1171. [func] Added function isc_region_compare(), updated files in
+ lib/dns to use this function instead of local one.
+
+1170. [bug] Don't attempt to print the token when a I/O error
+ occurs when parsing named.conf. [RT #2275]
+
+1169. [func] Identify recursive queries in the query log.
+
+1168. [bug] Empty also-notify clauses were not handled. [RT #2309]
+
+1167. [contrib] nslint-2.1a3 (from author).
+
+1166. [bug] "Not Implemented" should be reported as NOTIMP,
+ not NOTIMPL. [RT #2281]
+
+1165. [bug] We were rejecting notify-source{-v6} in zone clauses.
+
+1164. [bug] Empty masters clauses in slave / stub zones were not
+ handled gracefully. [RT #2262]
+
+1163. [func] isc_time_formattimestamp() now includes the year.
+
+1162. [bug] The allow-notify option was not accepted in slave
+ zone statements.
+
+1161. [bug] named-checkzone looped on unbalanced brackets.
+ [RT #2248]
+
+1160. [bug] Generating Diffie-Hellman keys longer than 1024
+ bits could fail. [RT #2241]
+
+1159. [bug] MD and MF are not permitted to be loaded by RFC1123.
+
+1158. [func] Report the client's address when logging notify
+ messages.
+
+1157. [func] match-clients and match-destinations now accept
+ keys. [RT #2045]
+
+1156. [port] The configure test for strsep() incorrectly
+ succeeded on certain patched versions of
+ AIX 4.3.3. [RT #2190]
+
+1155. [func] Recover from master files being removed from under
+ us.
+
+1154. [bug] Don't attempt to obtain the netmask of a interface
+ if there is no address configured. [RT #2176]
+
+1153. [func] 'rndc {stop|halt} -p' now reports the process id
+ of the instance of named being shutdown.
+
+1152. [bug] libbind: read buffer overflows.
+
+1151. [bug] nslookup failed to check that the arguments to
+ the port, timeout, and retry options were
+ valid integers and in range. [RT #2099]
+
+1150. [bug] named incorrectly accepted TTL values
+ containing plus or minus signs, such as
+ 1d+1h-1s.
+
+1149. [func] New function isc_parse_uint32().
+
+1148. [func] 'rndc-confgen -a' now provides positive feedback.
+
+1147. [func] Set IPV6_V6ONLY on IPv6 sockets if supported by
+ the OS. listen-on-v6 { any; }; should no longer
+ result in IPv4 queries be accepted. Similarly
+ control { inet :: ... }; should no longer result
+ in IPv4 connections being accepted. This can be
+ overridden at compile time by defining
+ ISC_ALLOW_MAPPED=1.
+
+1146. [func] Allow IPV6_IPV6ONLY to be set/cleared on a socket if
+ supported by the OS by a new function
+ isc_socket_ipv6only().
+
+1145. [func] "host" no longer reports a NOERROR/NODATA response
+ by printing nothing. [RT #2065]
+
+1144. [bug] rndc-confgen would crash if both the -a and -t
+ options were specified. [RT #2159]
+
+1143. [bug] When a trusted-keys statement was present and named
+ was built without crypto support, it would leak memory.
+
+1142. [bug] dnssec-signzone would fail to delete temporary files
+ in some failure cases. [RT #2144]
+
+1141. [bug] When named rejected a control message, it would
+ leak a file descriptor and memory. It would also
+ fail to respond, causing rndc to hang.
+ [RT #2139, #2164]
+
+1140. [bug] rndc-confgen did not accept IPv6 addresses as arguments
+ to the -s option. [RT #2138]
+
+1139. [func] It is now possible to flush a given name from the
+ cache(s) via 'rndc flushname name [view]'. [RT #2051]
+
+1138. [func] It is now possible to flush a given name from the
+ cache by calling the new function
+ dns_cache_flushname().
+
+1137. [func] It is now possible to flush a given name from the
+ ADB by calling the new function dns_adb_flushname().
+
+1136. [bug] CNAME records synthesized from DNAMEs did not
+ have a TTL of zero as required by RFC2672.
+ [RT #2129]
+
+1135. [func] You can now override the default syslog() facility for
+ named/lwresd at compile time. [RT #1982]
+
+1134. [bug] Multi-threaded servers could deadlock in ferror()
+ when reloading zone files. [RT #1951, #1998]
+
+1133. [bug] IN6_IS_ADDR_LOOPBACK was not portably defined on
+ platforms without IN6_IS_ADDR_LOOPBACK. [RT #2106]
+
+1132. [func] Improve UPDATE prerequisite failure diagnostic messages.
+
+1131. [bug] The match-destinations view option did not work with
+ IPv6 destinations. [RT #2073, #2074]
+
+1130. [bug] Log messages reporting an out-of-range serial number
+ did not include the out-of-range number but the
+ following token. [RT #2076]
+
+1129. [bug] Multi-threaded servers could crash under heavy
+ resolution load due to a race condition. [RT #2018]
+
+1128. [func] sdb drivers can now provide RR data in either text
+ or wire format, the latter using the new functions
+ dns_sdb_putrdata() and dns_sdb_putnamedrdata().
+
+1127. [func] rndc: If the server to contact has multiple addresses,
+ try all of them.
+
+1126. [bug] The server could access a freed event if shut
+ down while a client start event was pending
+ delivery. [RT #2061]
+
+1125. [bug] rndc: -k option was missing from usage message.
+ [RT #2057]
+
+1124. [doc] dig: +[no]dnssec, +[no]besteffort and +[no]fail
+ are now documented. [RT #2052]
+
+1123. [bug] dig +[no]fail did not match description. [RT #2052]
+
+1122. [tuning] Resolution timeout reduced from 90 to 30 seconds.
+ [RT #2046]
+
+1121. [bug] The server could attempt to access a NULL zone
+ table if shut down while resolving.
+ [RT #1587, #2054]
+
+1120. [bug] Errors in options were not fatal. [RT #2002]
+
+1119. [func] Added support in Win32 for NTFS file/directory ACL's
+ for access control.
+
+1118. [bug] On multi-threaded servers, a race condition
+ could cause an assertion failure in resolver.c
+ during resolver shutdown. [RT #2029]
+
+1117. [port] The configure check for in6addr_loopback incorrectly
+ succeeded on AIX 4.3 when compiling with -O2
+ because the test code was optimized away.
+ [RT #2016]
+
+1116. [bug] Setting transfers in a server clause, transfers-in,
+ or transfers-per-ns to a value greater than
+ 2147483647 disabled transfers. [RT #2002]
+
+1115. [func] Set maximum values for cleaning-interval,
+ heartbeat-interval, interface-interval,
+ max-transfer-idle-in, max-transfer-idle-out,
+ max-transfer-time-in, max-transfer-time-out,
+ statistics-interval of 28 days and
+ sig-validity-interval of 3660 days. [RT #2002]
+
+1114. [port] Ignore more accept() errors. [RT #2021]
+
+1113. [bug] The allow-update-forwarding option was ignored
+ when specified in a view. [RT #2014]
+
+1112. [placeholder]
+
+1111. [bug] Multi-threaded servers could deadlock processing
+ recursive queries due to a locking hierarchy
+ violation in adb.c. [RT #2017]
+
+1110. [bug] dig should only accept valid abbreviations of +options.
+ [RT #2003]
+
+1109. [bug] nsupdate accepted illegal ttl values.
+
+1108. [bug] On Win32, rndc was hanging when named was not running
+ due to failure to select for exceptional conditions
+ in select(). [RT #1870]
+
+1107. [bug] nsupdate could catch an assertion failure if an
+ invalid domain name was given as the argument to
+ the "zone" command.
+
+1106. [bug] After seeing an out of range TTL, nsupdate would
+ treat all TTLs as out of range. [RT #2001]
+
+1105. [port] OpenUNIX 8 enable threads by default. [RT #1970]
+
+1104. [bug] Invalid arguments to the transfer-format option
+ could cause an assertion failure. [RT #1995]
+
+1103. [port] OpenUNIX 8 support (ifconfig.sh). [RT #1970]
+
+1102. [doc] Note that query logging is enabled by directing the
+ queries category to a channel.
+
+1101. [bug] Array bounds read error in lwres_gai_strerror.
+
+1100. [bug] libbind: DNSSEC key ids were computed incorrectly.
+
+1099. [cleanup] libbind: defining REPORT_ERRORS in lib/bind/dst caused
+ compile time errors.
+
+1098. [bug] libbind: HMAC-MD5 key files are now mode 0600.
+
+1097. [func] libbind: RES_PRF_TRUNC for dig.
+
+1096. [func] libbind: "DNSSEC OK" (DO) support.
+
+1095. [func] libbind: resolver option: no-tld-query. disables
+ trying unqualified as a tld. no_tld_query is also
+ supported for FreeBSD compatibility.
+
+1094. [func] libbind: add support gcc's format string checking.
+
+1093. [doc] libbind: miscellaneous nroff fixes.
+
+1092. [bug] libbind: get*by*() failed to check if res_init() had
+ been called.
+
+1091. [bug] libbind: misplaced va_end().
+
+1090. [bug] libbind: dns_ho.c:add_hostent() was not returning
+ the amount of memory consumed resulting in garbage
+ address being returned. Alignment calculations were
+ wasting space. We weren't suppressing duplicate
+ addresses.
+
+1089. [func] libbind: inet_{cidr,net}_{pton,ntop}() now have IPv6
+ support.
+
+1088. [port] libbind: MPE/iX C.70 (incomplete)
+
+1087. [bug] libbind: struct __res_state too large on 64 bit arch.
+
+1086. [port] libbind: sunos: old sprintf.
+
+1085. [port] libbind: solaris: sys_nerr and sys_errlist do not
+ exist when compiling in 64 bit mode.
+
+1084. [cleanup] libbind: gai_strerror() rewritten.
+
+1083. [bug] The default control channel listened on the
+ wildcard address, not the loopback as documented.
+ [RT #1975]
+
+1082. [bug] The -g option to named incorrectly caused logging
+ to be sent to syslog in addition to stderr.
+ [RT #1974]
+
+1081. [bug] Multicast queries were incorrectly identified
+ based on the source address, not the destination
+ address.
+
+1080. [bug] BIND 8 compatibility: accept bare IP prefixes
+ as the second element of a two-element top level
+ sort list statement. [RT #1964]
+
+1079. [bug] BIND 8 compatibility: accept bare elements at top
+ level of sort list treating them as if they were
+ a single element list. [RT #1963]
+
+1078. [bug] We failed to correct bad tv_usec values in one case.
+ [RT #1966]
+
+1077. [func] Do not accept further recursive clients when
+ the total number of recursive lookups being
+ processed exceeds max-recursive-clients, even
+ if some of the lookups are internally generated.
+ [RT #1915, #1938]
+
+1076. [bug] A badly defined global key could trigger an assertion
+ on load/reload if views were used. [RT #1947]
+
+1075. [bug] Out-of-range network prefix lengths were not
+ reported. [RT #1954]
+
+1074. [bug] Running out of memory in dump_rdataset() could
+ cause an assertion failure. [RT #1946]
+
+1073. [bug] The ADB cache cleaning should also be space driven.
+ [RT #1915, #1938]
+
+1072. [bug] The TCP client quota could be exceeded when
+ recursion occurred. [RT #1937]
+
+1071. [bug] Sockets listening for TCP DNS connections
+ specified an excessive listen backlog. [RT #1937]
+
+1070. [bug] Copy DNSSEC OK (DO) to response as specified by
+ draft-ietf-dnsext-dnssec-okbit-03.txt.
+
+1069. [placeholder]
+
+1068. [bug] errno could be overwritten by catgets(). [RT #1921]
+
+1067. [func] Allow quotas to be soft, isc_quota_soft().
+
+1066. [bug] Provide a thread safe wrapper for strerror().
+ [RT #1689]
+
+1065. [func] Runtime support to select new / old style interface
+ scanning using ioctls.
+
+1064. [bug] Do not shut down active network interfaces if we
+ are unable to scan the interface list. [RT #1921]
+
+1063. [bug] libbind: "make install" was failing on IRIX.
+ [RT #1919]
+
+1062. [bug] If the control channel listener socket was shut
+ down before server exit, the listener object could
+ be freed twice. [RT #1916]
+
+1061. [bug] If periodic cache cleaning happened to start
+ while cleaning due to reaching the configured
+ maximum cache size was in progress, the server
+ could catch an assertion failure. [RT #1912]
+
+1060. [func] Move refresh, stub and notify UDP retry processing
+ into dns_request.
+
+1059. [func] dns_request now support will now retry UDP queries,
+ dns_request_createvia2() and dns_request_createraw2().
+
+1058. [func] Limited lifetime ticker timers are now available,
+ isc_timertype_limited.
+
+1057. [bug] Reloading the server after adding a "file" clause
+ to a zone statement could cause the server to
+ crash due to a typo in change 1016.
+
+1056. [bug] Rndc could catch an assertion failure on SIGINT due
+ to an uninitialized variable. [RT #1908]
+
+1055. [func] Version and hostname queries can now be disabled
+ using "version none;" and "hostname none;",
+ respectively.
+
+1054. [bug] On Win32, cfg_categories and cfg_modules need to be
+ exported from the libisccfg DLL.
+
+1053. [bug] Dig did not increase its timeout when receiving
+ AXFRs unless the +time option was used. [RT #1904]
+
+1052. [bug] Journals were not being created in binary mode
+ resulting in "journal format not recognized" error
+ under Win32. [RT #1889]
+
+1051. [bug] Do not ignore a network interface completely just
+ because it has a noncontiguous netmask. Instead,
+ omit it from the localnets ACL and issue a warning.
+ [RT #1891]
+
+1050. [bug] Log messages reporting malformed IP addresses in
+ address lists such as that of the forwarders option
+ failed to include the correct error code, file
+ name, and line number. [RT #1890]
+
+1049. [func] "pid-file none;" will disable writing a pid file.
+ [RT #1848]
+
+1048. [bug] Servers built with -DISC_MEM_USE_INTERNAL_MALLOC=1
+ didn't work.
+
+1047. [bug] named was incorrectly refusing all requests signed
+ with a TSIG key derived from an unsigned TKEY
+ negotiation with a NOERROR response. [RT #1886]
+
+1046. [bug] The help message for the --with-openssl configure
+ option was inaccurate. [RT #1880]
+
+1045. [bug] It was possible to skip saving glue for a nameserver
+ for a stub zone.
+
+1044. [bug] Specifying allow-transfer, notify-source, or
+ notify-source-v6 in a stub zone was not treated
+ as an error.
+
+1043. [bug] Specifying a transfer-source or transfer-source-v6
+ option in the zone statement for a master zone was
+ not treated as an error. [RT #1876]
+
+1042. [bug] The "config" logging category did not work properly.
+ [RT #1873]
+
+1041. [bug] Dig/host/nslookup could catch an assertion failure
+ on SIGINT due to an uninitialized variable. [RT #1867]
+
+1040. [bug] Multiple listen-on-v6 options with different ports
+ were not accepted. [RT #1875]
+
+1039. [bug] Negative responses with CNAMEs in the answer section
+ were cached incorrectly. [RT #1862]
+
+1038. [bug] In servers configured with a tkey-domain option,
+ TKEY queries with an owner name other than the root
+ could cause an assertion failure. [RT #1866, #1869]
+
+1037. [bug] Negative responses whose authority section contain
+ SOA or NS records whose owner names are not equal
+ equal to or parents of the query name should be
+ rejected. [RT #1862]
+
+1036. [func] Silently drop requests received via multicast as
+ long as there is no final multicast DNS standard.
+
+1035. [bug] If we respond to multicast queries (which we
+ currently do not), respond from a unicast address
+ as specified in RFC 1123. [RT #137]
+
+1034. [bug] Ignore the RD bit on multicast queries as specified
+ in RFC 1123. [RT #137]
+
+1033. [bug] Always respond to requests with an unsupported opcode
+ with NOTIMP, even if we don't have a matching view
+ or cannot determine the class.
+
+1032. [func] hostname.bind/txt/chaos now returns the name of
+ the machine hosting the nameserver. This is useful
+ in diagnosing problems with anycast servers.
+
+1031. [bug] libbind.a: isc__gettimeofday() infinite recursion.
+ [RT #1858]
+
+1030. [bug] On systems with no resolv.conf file, nsupdate
+ exited with an error rather than defaulting
+ to using the loopback address. [RT #1836]
+
+1029. [bug] Some named.conf errors did not cause the loading
+ of the configuration file to return a failure
+ status even though they were logged. [RT #1847]
+
+1028. [bug] On Win32, dig/host/nslookup looked for resolv.conf
+ in the wrong directory. [RT #1833]
+
+1027. [bug] RRs having the reserved type 0 should be rejected.
+ [RT #1471]
+
+1026. [placeholder]
+
+1025. [bug] Don't use multicast addresses to resolve iterative
+ queries. [RT #101]
+
+1024. [port] Compilation failed on HP-UX 11.11 due to
+ incompatible use of the SIOCGLIFCONF macro
+ name. [RT #1831]
+
+1023. [func] Accept hints without TTLs.
+
+1022. [bug] Don't report empty root hints as "extra data".
+ [RT #1802]
+
+1021. [bug] On Win32, log message timestamps were one month
+ later than they should have been, and the server
+ would exhibit unspecified behavior in December.
+
+1020. [bug] IXFR log messages did not distinguish between
+ true IXFRs, AXFR-style IXFRs, and mere version
+ polls. [RT #1811]
+
+1019. [bug] The value of the lame-ttl option was limited to 18000
+ seconds, not 1800 seconds as documented. [RT #1803]
+
+1018. [bug] The default log channel was not always initialized
+ correctly. [RT #1813]
+
+1017. [bug] When specifying TSIG keys to dig and nsupdate using
+ the -k option, they must be HMAC-MD5 keys. [RT #1810]
+
+1016. [bug] Slave zones with no backup file were re-transferred
+ on every server reload.
+
+1015. [bug] Log channels that had a "versions" option but no
+ "size" option failed to create numbered log
+ files. [RT #1783]
+
+1014. [bug] Some queries would cause statistics counters to
+ increment more than once or not at all. [RT #1321]
+
+1013. [bug] It was possible to cancel a query twice when marking
+ a server as bogus or by having a blackhole acl.
+ [RT #1776]
+
+1012. [bug] The -p option to named did not behave as documented.
+
+1011. [cleanup] Removed isc_dir_current().
+
+1010. [bug] The server could attempt to execute a command channel
+ command after initiating server shutdown, causing
+ an assertion failure. [RT #1766]
+
+1009. [port] OpenUNIX 8 support. [RT #1728]
+
+1008. [port] libtool.m4, ltmain.sh from libtool-1.4.2.
+
+1007. [port] config.guess, config.sub from autoconf-2.52.
+
+1006. [bug] If a KEY RR was found missing during DNSSEC validation,
+ an assertion failure could subsequently be triggered
+ in the resolver. [RT #1763]
+
+1005. [bug] Don't copy nonzero RCODEs from request to response.
+ [RT #1765]
+
+1004. [port] Deal with recvfrom() returning EHOSTDOWN. [RT #1770]
+
+1003. [func] Add the +retry option to dig.
+
+1002. [bug] When reporting an unknown class name in named.conf,
+ including the file name and line number. [RT #1759]
+
+1001. [bug] win32 socket code doio_recv was not catching a
+ WSACONNRESET error when a client was timing out
+ the request and closing its socket. [RT #1745]
+
+1000. [bug] BIND 8 compatibility: accept "HESIOD" as an alias
+ for class "HS". [RT #1759]
+
+ 999. [func] "rndc retransfer zone [class [view]]" added.
+ [RT #1752]
+
+ 998. [func] named-checkzone now has arguments to specify the
+ chroot directory (-t) and working directory (-w).
+ [RT #1755]
+
+ 997. [func] Add support for RSA-SHA1 keys (RFC3110).
+
+ 996. [func] Issue warning if the configuration filename contains
+ the chroot path.
+
+ 995. [bug] dig, host, nslookup: using a raw IPv6 address as a
+ target address should be fatal on a IPv4 only system.
+
+ 994. [func] Treat non-authoritative responses to queries for type
+ NS as referrals even if the NS records are in the
+ answer section, because BIND 8 servers incorrectly
+ send them that way. This is necessary for DNSSEC
+ validation of the NS records of a secure zone to
+ succeed when the parent is a BIND 8 server. [RT #1706]
+
+ 993. [func] dig: -v now reports the version.
+
+ 992. [doc] dig: ~/.digrc is now documented.
+
+ 991. [func] Lower UDP refresh timeout messages to level
+ debug 1.
+
+ 990. [bug] The rndc-confgen man page was not installed.
+
+ 989. [bug] Report filename if $INCLUDE fails for file related
+ errors. [RT #1736]
+
+ 988. [bug] 'additional-from-auth no;' did not work reliably
+ in the case of queries answered from the cache.
+ [RT #1436]
+
+ 987. [bug] "dig -help" didn't show "+[no]stats".
+
+ 986. [bug] "dig +noall" failed to clear stats and command
+ printing.
+
+ 985. [func] Consider network interfaces to be up iff they have
+ a nonzero IP address rather than based on the
+ IFF_UP flag. [RT #1160]
+
+ 984. [bug] Multi-threading should be enabled by default on
+ Solaris 2.7 and newer, but it wasn't.
+
+ 983. [func] The server now supports generating IXFR difference
+ sequences for non-dynamic zones by comparing zone
+ versions, when enabled using the new config
+ option "ixfr-from-differences". [RT #1727]
+
+ 982. [func] If "memstatistics-file" is set in options the memory
+ statistics will be written to it.
+
+ 981. [func] The dnssec tools can now take multiple '-r randomfile'
+ arguments.
+
+ 980. [bug] Incoming zone transfers restarting after an error
+ could trigger an assertion failure. [RT #1692]
+
+ 979. [func] Incremental master file dumping. dns_master_dumpinc(),
+ dns_master_dumptostreaminc(), dns_dumpctx_attach(),
+ dns_dumpctx_detach(), dns_dumpctx_cancel(),
+ dns_dumpctx_db() and dns_dumpctx_version().
+
+ 978. [bug] dns_db_attachversion() had an invalid REQUIRE()
+ condition.
+
+ 977. [bug] Improve "not at top of zone" error message.
+
+ 976. [func] named-checkconf can now test load master zones
+ (named-checkconf -z). [RT #1468]
+
+ 975. [bug] "max-cache-size default;" as a view option
+ caused an assertion failure.
+
+ 974. [bug] "max-cache-size unlimited;" as a global option
+ was not accepted.
+
+ 973. [bug] Failed to log the question name when logging:
+ "bad zone transfer request: non-authoritative zone
+ (NOTAUTH)".
+
+ 972. [bug] The file modification time code in zone.c was using the
+ wrong epoch. [RT #1667]
+
+ 971. [placeholder]
+
+ 970. [func] 'max-journal-size' can now be used to set a target
+ size for a journal.
+
+ 969. [func] dig now supports the undocumented dig 8 feature
+ of allowing arbitrary labels, not just dotted
+ decimal quads, with the -x option. This can be
+ used to conveniently look up RFC2317 names as in
+ "dig -x 10.0.0.0-127". [RT #827, #1576, #1598]
+
+ 968. [bug] On win32, the isc_time_now() function was unnecessarily
+ calling strtime(). [RT #1671]
+
+ 967. [bug] On win32, the link for bindevt was not including the
+ required resource file to enable the event viewer
+ to interpret the error messages in the event log,
+ [RT #1668]
+
+ 966. [placeholder]
+
+ 965. [bug] Including data other than root server NS and A
+ records in the root hint file could cause a rbtdb
+ node reference leak. [RT #1581, #1618]
+
+ 964. [func] Warn if data other than root server NS and A records
+ are found in the root hint file. [RT #1581, #1618]
+
+ 963. [bug] Bad ISC_LANG_ENDDECLS. [RT #1645]
+
+ 962. [bug] libbind: bad "#undef", don't attempt to install
+ non-existent nlist.h. [RT #1640]
+
+ 961. [bug] Tried to use a IPV6 feature when ISC_PLATFORM_HAVEIPV6
+ was not defined. [RT #1482]
+
+ 960. [port] liblwres failed to build on systems with support for
+ getrrsetbyname() in the OS. [RT #1592]
+
+ 959. [port] On FreeBSD, determine the number of CPUs by calling
+ sysctlbyname(). [RT #1584]
+
+ 958. [port] ssize_t is not available on all platforms. [RT #1607]
+
+ 957. [bug] sys/select.h inclusion was broken on older platforms.
+ [RT #1607]
+
+ 956. [bug] ns_g_autorndcfile changed to ns_g_keyfile
+ in named/win32/os.c due to code changes in
+ change #953. win32 .make file for rndc-confgen
+ updated to add include path for os.h header.
+
+ --- 9.2.0rc1 released ---
+
+ 955. [bug] When using views, the zone's class was not being
+ inherited from the view's class. [RT #1583]
+
+ 954. [bug] When requesting AXFRs or IXFRs using dig, host, or
+ nslookup, the RD bit should not be set as zone
+ transfers are inherently non-recursive. [RT #1575]
+
+ 953. [func] The /var/run/named.key file from change #843
+ has been replaced by /etc/rndc.key. Both
+ named and rndc will look for this file and use
+ it to configure a default control channel key
+ if not already configured using a different
+ method (rndc.conf / controls). Unlike
+ named.key, rndc.key is not created automatically;
+ it must be created by manually running
+ "rndc-confgen -a".
+
+ 952. [bug] The server required manual intervention to serve the
+ affected zones if it died between creating a journal
+ and committing the first change to it.
+
+ 951. [bug] CFLAGS was not passed to the linker when
+ linking some of the test programs under
+ bin/tests. [RT #1555].
+
+ 950. [bug] Explicit TTLs did not properly override $TTL
+ due to a bug in change 834. [RT #1558]
+
+ 949. [bug] host was unable to print records larger than 512
+ bytes. [RT #1557]
+
+ --- 9.2.0b2 released ---
+
+ 948. [port] Integrated support for building on Windows NT /
+ Windows 2000.
+
+ 947. [bug] dns_rdata_soa_t had a badly named element "mname" which
+ was really the RNAME field from RFC1035. To avoid
+ confusion and silent errors that would occur it the
+ "origin" and "mname" elements were given their correct
+ names "mname" and "rname" respectively, the "mname"
+ element is renamed to "contact".
+
+ 946. [cleanup] doc/misc/options is now machine-generated from the
+ configuration parser syntax tables, and therefore
+ more likely to be correct.
+
+ 945. [func] Add the new view-specific options
+ "match-destinations" and "match-recursive-only".
+
+ 944. [func] Check for expired signatures on load.
+
+ 943. [bug] The server could crash when receiving a command
+ via rndc if the configuration file listed only
+ nonexistent keys in the controls statement. [RT #1530]
+
+ 942. [port] libbind: GETNETBYADDR_ADDR_T was not correctly
+ defined on some platforms.
+
+ 941. [bug] The configuration checker crashed if a slave
+ zone didn't contain a masters statement. [RT #1514]
+
+ 940. [bug] Double zone locking failure on error path. [RT #1510]
+
+ --- 9.2.0b1 released ---
+
+ 939. [port] Add the --disable-linux-caps option to configure for
+ systems that manage capabilities outside of named.
+ [RT #1503]
+
+ 938. [placeholder]
+
+ 937. [bug] A race when shutting down a zone could trigger a
+ INSIST() failure. [RT #1034]
+
+ 936. [func] Warn about IPv4 addresses that are not complete
+ dotted quads. [RT #1084]
+
+ 935. [bug] inet_pton failed to reject leading zeros.
+
+ 934. [port] Deal with systems where accept() spuriously returns
+ ECONNRESET.
+
+ 933. [bug] configure failed doing libbind on platforms not
+ supported by BIND 8. [RT #1496]
+
+ --- 9.2.0a3 released ---
+
+ 932. [bug] Use INSTALL_SCRIPT, not INSTALL_PROGRAM,
+ when installing isc-config.sh.
+ [RT #198, #1466]
+
+ 931. [bug] The controls statement only attempted to verify
+ messages using the first key in the key list.
+ (9.2.0a1/a2 only).
+
+ 930. [func] Query performance testing tool added as
+ contrib/queryperf.
+
+ 929. [placeholder]
+
+ 928. [bug] nsupdate would send empty update packets if the
+ send (or empty line) command was run after
+ another send but before any new updates or
+ prerequisites were specified. It should simply
+ ignore this command.
+
+ 927. [bug] Don't hold the zone lock for the entire dump to disk.
+ [RT #1423]
+
+ 926. [bug] The resolver could deadlock with the ADB when
+ shutting down (multi-threaded builds only).
+ [RT #1324]
+
+ 925. [cleanup] Remove openssl from the distribution; require that
+ --with-openssl be specified if DNSSEC is needed.
+
+ 924. [port] Extend support for pre-RFC2133 IPv6 implementation.
+ [RT #987]
+
+ 923. [bug] Multiline TSIG secrets (and other multiline strings)
+ were not accepted in named.conf. [RT #1469]
+
+ 922. [func] Added two new lwres_getrrsetbyname() result codes,
+ ERR_NONAME and ERR_NODATA.
+
+ 921. [bug] lwres returned an incorrect error code if it received
+ a truncated message.
+
+ 920. [func] Increase the lwres receive buffer size to 16K.
+ [RT #1451]
+
+ 919. [placeholder]
+
+ 918. [func] In nsupdate, TSIG errors are no longer treated as
+ fatal errors.
+
+ 917. [func] New nsupdate command 'key', allowing TSIG keys to
+ be specified in the nsupdate command stream rather
+ than the command line.
+
+ 916. [bug] Specifying type ixfr to dig without specifying
+ a serial number failed in unexpected ways.
+
+ 915. [func] The named-checkconf and named-checkzone programs
+ now have a '-v' option for printing their version.
+ [RT #1151]
+
+ 914. [bug] Global 'server' statements were rejected when
+ using views, even though they were accepted
+ in 9.1. [RT #1368]
+
+ 913. [bug] Cache cleaning was not sufficiently aggressive.
+ [RT #1441, #1444]
+
+ 912. [bug] Attempts to set the 'additional-from-cache' or
+ 'additional-from-auth' option to 'no' in a
+ server with recursion enabled will now
+ be ignored and cause a warning message.
+ [RT #1145]
+
+ 911. [placeholder]
+
+ 910. [port] Some pre-RFC2133 IPv6 implementations do not define
+ IN6ADDR_ANY_INIT. [RT #1416]
+
+ 909. [placeholder]
+
+ 908. [func] New program, rndc-confgen, to simplify setting up rndc.
+
+ 907. [func] The ability to get entropy from either the
+ random device, a user-provided file or from
+ the keyboard was migrated from the DNSSEC tools
+ to libisc as isc_entropy_usebestsource().
+
+ 906. [port] Separated the system independent portion of
+ lib/isc/unix/entropy.c into lib/isc/entropy.c
+ and added lib/isc/win32/entropy.c.
+
+ 905. [bug] Configuring a forward "zone" for the root domain
+ did not work. [RT #1418]
+
+ 904. [bug] The server would leak memory if attempting to use
+ an expired TSIG key. [RT #1406]
+
+ 903. [bug] dig should not crash when receiving a TCP packet
+ of length 0.
+
+ 902. [bug] The -d option was ignored if both -t and -g were also
+ specified.
+
+ 901. [placeholder]
+
+ 900. [bug] A config.guess update changed the system identification
+ string of FreeBSD systems; configure and
+ bin/tests/system/ifconfig.sh now recognize the new
+ string.
+
+ --- 9.2.0a2 released ---
+
+ 899. [bug] lib/dns/soa.c failed to compile on many platforms
+ due to inappropriate use of a void value.
+ [RT #1372, #1373, #1386, #1387, #1395]
+
+ 898. [bug] "dig" failed to set a nonzero exit status
+ on UDP query timeout. [RT #1323]
+
+ 897. [bug] A config.guess update changed the system identification
+ string of UnixWare systems; configure now recognizes
+ the new string.
+
+ 896. [bug] If a configuration file is set on named's command line
+ and it has a relative pathname, the current directory
+ (after any possible jailing resulting from named -t)
+ will be prepended to it so that reloading works
+ properly even when a directory option is present.
+
+ 895. [func] New function, isc_dir_current(), akin to POSIX's
+ getcwd().
+
+ 894. [bug] When using the DNSSEC tools, a message intended to warn
+ when the keyboard was being used because of the lack
+ of a suitable random device was not being printed.
+
+ 893. [func] Removed isc_file_test() and added isc_file_exists()
+ for the basic functionality that was being added
+ with isc_file_test().
+
+ 892. [placeholder]
+
+ 891. [bug] Return an error when a SIG(0) signed response to
+ an unsigned query is seen. This should actually
+ do the verification, but it's not currently
+ possible. [RT #1391]
+
+ 890. [cleanup] The man pages no longer require the mandoc macros
+ and should now format cleanly using most versions of
+ nroff, and HTML versions of the man pages have been
+ added. Both are generated from DocBook source.
+
+ 889. [port] Eliminated blank lines before .TH in nroff man
+ pages since they cause problems with some versions
+ of nroff. [RT #1390]
+
+ 888. [bug] Don't die when using TKEY to delete a nonexistent
+ TSIG key. [RT #1392]
+
+ 887. [port] Detect broken compilers that can't call static
+ functions from inline functions. [RT #1212]
+
+ 886. [placeholder]
+
+ 885. [placeholder]
+
+ 884. [placeholder]
+
+ 883. [placeholder]
+
+ 882. [placeholder]
+
+ 881. [placeholder]
+
+ 880. [placeholder]
+
+ 879. [placeholder]
+
+ 878. [placeholder]
+
+ 877. [placeholder]
+
+ 876. [placeholder]
+
+ 875. [placeholder]
+
+ 874. [placeholder]
+
+ 873. [placeholder]
+
+ 872. [placeholder]
+
+ 871. [placeholder]
+
+ 870. [placeholder]
+
+ 869. [placeholder]
+
+ 868. [placeholder]
+
+ 867. [placeholder]
+
+ 866. [func] Close debug only file channels when debug is set to
+ zero. [RT #1246]
+
+ 865. [bug] The new configuration parser did not allow
+ the optional debug level in a "severity debug"
+ clause of a logging channel to be omitted.
+ This is now allowed and treated as "severity
+ debug 1;" like it does in BIND 8.2.4, not as
+ "severity debug 0;" like it did in BIND 9.1.
+ [RT #1367]
+
+ 864. [cleanup] Multi-threading is now enabled by default on
+ OSF1, Solaris 2.7 and newer, AIX, IRIX, and HP-UX.
+
+ 863. [bug] If an error occurred while an outgoing zone transfer
+ was starting up, the server could access a domain
+ name that had already been freed when logging a
+ message saying that the transfer was starting.
+ [RT #1383]
+
+ 862. [bug] Use after realloc(), non portable pointer arithmetic in
+ grmerge().
+
+ 861. [port] Add support for Mac OS X, by making it equivalent
+ to Darwin. This was derived from the config.guess
+ file shipped with Mac OS X. [RT #1355]
+
+ 860. [func] Drop cross class glue in zone transfers.
+
+ 859. [bug] Cache cleaning now won't swamp the CPU if there
+ is a persistent over limit condition.
+
+ 858. [func] isc_mem_setwater() no longer requires that when the
+ callback function is non-NULL then its hi_water
+ argument must be greater than its lo_water argument
+ (they can now be equal) or that they be non-zero.
+
+ 857. [cleanup] Use ISC_MAGIC() to define all magic numbers for
+ structs, for our friends in EBCDIC-land.
+
+ 856. [func] Allow partial rdatasets to be returned in answer and
+ authority sections to help non-TCP capable clients
+ recover from truncation. [RT #1301]
+
+ 855. [bug] Stop spurious "using RFC 1035 TTL semantics" warnings.
+
+ 854. [bug] The config parser didn't properly handle config
+ options that were specified in units of time other
+ than seconds. [RT #1372]
+
+ 853. [bug] configure_view_acl() failed to detach existing acls.
+ [RT #1374]
+
+ 852. [bug] Handle responses from servers which do not know
+ about IXFR.
+
+ 851. [cleanup] The obsolete support-ixfr option was not properly
+ ignored.
+
+ --- 9.2.0a1 released ---
+
+ 850. [bug] dns_rbt_findnode() would not find nodes that were
+ split on a bitstring label somewhere other than in
+ the last label of the node. [RT #1351]
+
+ 849. [func] <isc/net.h> will ensure INADDR_LOOPBACK is defined.
+
+ 848. [func] A minimum max-cache-size of two megabytes is enforced
+ by the cache cleaner.
+
+ 847. [func] Added isc_file_test(), which currently only has
+ some very basic functionality to test for the
+ existence of a file, whether a pathname is absolute,
+ or whether a pathname is the fundamental representation
+ of the current directory. It is intended that this
+ function can be expanded to test other things a
+ programmer might want to know about a file.
+
+ 846. [func] A non-zero 'param' to dst_key_generate() when making an
+ hmac-md5 key means that good entropy is not required.
+
+ 845. [bug] The access rights on the public file of a symmetric
+ key are now restricted as soon as the file is opened,
+ rather than after it has been written and closed.
+
+ 844. [func] <isc/net.h> will ensure INADDR_LOOPBACK is defined,
+ just as <lwres/net.h> does.
+
+ 843. [func] If no controls statement is present in named.conf,
+ or if any inet phrase of a controls statement is
+ lacking a keys clause, then a key will be automatically
+ generated by named and an rndc.conf-style file
+ named named.key will be written that uses it. rndc
+ will use this file only if its normal configuration
+ file, or one provided on the command line, does not
+ exist.
+
+ 842. [func] 'rndc flush' now takes an optional view.
+
+ 841. [bug] When sdb modules were not declared threadsafe, their
+ create and destroy functions were not serialized.
+
+ 840. [bug] The config file parser could print the wrong file
+ name if an error was detected after an included file
+ was parsed. [RT #1353]
+
+ 839. [func] Dump packets for which there was no view or that the
+ class could not be determined to category "unmatched".
+
+ 838. [port] UnixWare 7.x.x is now supported by
+ bin/tests/system/ifconfig.sh.
+
+ 837. [cleanup] Multi-threading is now enabled by default only on
+ OSF1, Solaris 2.7 and newer, and AIX.
+
+ 836. [func] Upgraded libtool to 1.4.
+
+ 835. [bug] The dispatcher could enter a busy loop if
+ it got an I/O error receiving on a UDP socket.
+ [RT #1293]
+
+ 834. [func] Accept (but warn about) master files beginning with
+ an SOA record without an explicit TTL field and
+ lacking a $TTL directive, by using the SOA MINTTL
+ as a default TTL. This is for backwards compatibility
+ with old versions of BIND 8, which accepted such
+ files without warning although they are illegal
+ according to RFC1035.
+
+ 833. [cleanup] Moved dns_soa_*() from <dns/journal.h> to
+ <dns/soa.h>, and extended them to support
+ all the integer-valued fields of the SOA RR.
+
+ 832. [bug] The default location for named.conf in named-checkconf
+ should depend on --sysconfdir like it does in named.
+ [RT #1258]
+
+ 831. [placeholder]
+
+ 830. [func] Implement 'rndc status'.
+
+ 829. [bug] The DNS_R_ZONECUT result code should only be returned
+ when an ANY query is made with DNS_DBFIND_GLUEOK set.
+ In all other ANY query cases, returning the delegation
+ is better.
+
+ 828. [bug] The errno value from recvfrom() could be overwritten
+ by logging code. [RT #1293]
+
+ 827. [bug] When an IXFR protocol error occurs, the slave
+ should retry with AXFR.
+
+ 826. [bug] Some IXFR protocol errors were not detected.
+
+ 825. [bug] zone.c:ns_query() detached from the wrong zone
+ reference. [RT #1264]
+
+ 824. [bug] Correct line numbers reported by dns_master_load().
+ [RT #1263]
+
+ 823. [func] The output of "dig -h" now goes to stdout so that it
+ can easily be piped through "more". [RT #1254]
+
+ 822. [bug] Sending nxrrset prerequisites would crash nsupdate.
+ [RT #1248]
+
+ 821. [bug] The program name used when logging to syslog should
+ be stripped of leading path components.
+ [RT #1178, #1232]
+
+ 820. [bug] Name server address lookups failed to follow
+ A6 chains into the glue of local authoritative
+ zones.
+
+ 819. [bug] In certain cases, the resolver's attempts to
+ restart an address lookup at the root could cause
+ the fetch to deadlock (with itself) instead of
+ restarting. [RT #1225]
+
+ 818. [bug] Certain pathological responses to ANY queries could
+ cause an assertion failure. [RT #1218]
+
+ 817. [func] Adjust timeouts for dialup zone queries.
+
+ 816. [bug] Report potential problems with log file accessibility
+ at configuration time, since such problems can't
+ reliably be reported at the time they actually occur.
+
+ 815. [bug] If a log file was specified with a path separator
+ character (i.e. "/") in its name and the directory
+ did not exist, the log file's name was treated as
+ though it were the directory name. [RT #1189]
+
+ 814. [bug] Socket objects left over from accept() failures
+ were incorrectly destroyed, causing corruption
+ of socket manager data structures.
+
+ 813. [bug] File descriptors exceeding FD_SETSIZE were handled
+ badly. [RT #1192]
+
+ 812. [bug] dig sometimes printed incomplete IXFR responses
+ due to an uninitialized variable. [RT #1188]
+
+ 811. [bug] Parentheses were not quoted in zone dumps. [RT #1194]
+
+ 810. [bug] The signer name in SIG records was not properly
+ down-cased when signing/verifying records. [RT #1186]
+
+ 809. [bug] Configuring a non-local address as a transfer-source
+ could cause an assertion failure during load.
+
+ 808. [func] Add 'rndc flush' to flush the server's cache.
+
+ 807. [bug] When setting up TCP connections for incoming zone
+ transfers, the transfer-source port was not
+ ignored like it should be.
+
+ 806. [bug] DNS_R_SEENINCLUDE was failing to propagate back up
+ the calling stack to the zone maintenance level,
+ causing zones to not reload when an included file was
+ touched but the top-level zone file was not.
+
+ 805. [bug] When using "forward only", missing root hints should
+ not cause queries to fail. [RT #1143]
+
+ 804. [bug] Attempting to obtain entropy could fail in some
+ situations. This would be most common on systems
+ with user-space threads. [RT #1131]
+
+ 803. [bug] Treat all SIG queries as if they have the CD bit set,
+ otherwise no data will be returned [RT #749]
+
+ 802. [bug] DNSSEC key tags were computed incorrectly in almost
+ all cases. [RT #1146]
+
+ 801. [bug] nsupdate should treat lines beginning with ';' as
+ comments. [RT #1139]
+
+ 800. [bug] dnssec-signzone produced incorrect statistics for
+ large zones. [RT #1133]
+
+ 799. [bug] The ADB didn't find AAAA glue in a zone unless A6
+ glue was also present.
+
+ 798. [bug] nsupdate should be able to reject bad input lines
+ and continue. [RT #1130]
+
+ 797. [func] Issue a warning if the 'directory' option contains
+ a relative path. [RT #269]
+
+ 796. [func] When a size limit is associated with a log file,
+ only roll it when the size is reached, not every
+ time the log file is opened. [RT #1096]
+
+ 795. [func] Add the +multiline option to dig. [RT #1095]
+
+ 794. [func] Implement the "port" and "default-port" statements
+ in rndc.conf.
+
+ 793. [cleanup] The DNSSEC tools could create filenames that were
+ illegal or contained shell meta-characters. They
+ now use a different text encoding of names that
+ doesn't have these problems. [RT #1101]
+
+ 792. [cleanup] Replace the OMAPI command channel protocol with a
+ simpler one.
+
+ 791. [bug] The command channel now works over IPv6.
+
+ 790. [bug] Wildcards created using dynamic update or IXFR
+ could fail to match. [RT #1111]
+
+ 789. [bug] The "localhost" and "localnets" ACLs did not match
+ when used as the second element of a two-element
+ sortlist item.
+
+ 788. [func] Add the "match-mapped-addresses" option, which
+ causes IPv6 v4mapped addresses to be treated as
+ IPv4 addresses for the purpose of acl matching.
+
+ 787. [bug] The DNSSEC tools failed to downcase domain
+ names when mapping them into file names.
+
+ 786. [bug] When DNSSEC signing/verifying data, owner names were
+ not properly down-cased.
+
+ 785. [bug] A race condition in the resolver could cause
+ an assertion failure. [RT #673, #872, #1048]
+
+ 784. [bug] nsupdate and other programs would not quit properly
+ if some signals were blocked by the caller. [RT #1081]
+
+ 783. [bug] Following CNAMEs could cause an assertion failure
+ when either using an sdb database or under very
+ rare conditions.
+
+ 782. [func] Implement the "serial-query-rate" option.
+
+ 781. [func] Avoid error packet loops by dropping duplicate FORMERR
+ responses. [RT #1006]
+
+ 780. [bug] Error handling code dealing with out of memory or
+ other rare errors could lead to assertion failures
+ by calling functions on uninitialized names. [RT #1065]
+
+ 779. [func] Added the "minimal-responses" option.
+
+ 778. [bug] When starting cache cleaning, cleaning_timer_action()
+ returned without first pausing the iterator, which
+ could cause deadlock. [RT #998]
+
+ 777. [bug] An empty forwarders list in a zone failed to override
+ global forwarders. [RT #995]
+
+ 776. [func] Improved error reporting in denied messages. [RT #252]
+
+ 775. [placeholder]
+
+ 774. [func] max-cache-size is implemented.
+
+ 773. [func] Added isc_rwlock_trylock() to attempt to lock without
+ blocking.
+
+ 772. [bug] Owner names could be incorrectly omitted from cache
+ dumps in the presence of negative caching entries.
+ [RT #991]
+
+ 771. [cleanup] TSIG errors related to unsynchronized clocks
+ are logged better. [RT #919]
+
+ 770. [func] Add the "edns yes_or_no" statement to the server
+ clause. [RT #524]
+
+ 769. [func] Improved error reporting when parsing rdata. [RT #740]
+
+ 768. [bug] The server did not emit an SOA when a CNAME
+ or DNAME chain ended in NXDOMAIN in an
+ authoritative zone.
+
+ 767. [placeholder]
+
+ 766. [bug] A few cases in query_find() could leak fname.
+ This would trigger the mpctx->allocated == 0
+ assertion when the server exited.
+ [RT #739, #776, #798, #812, #818, #821, #845,
+ #892, #935, #966]
+
+ 765. [func] ACL names are once again case insensitive, like
+ in BIND 8. [RT #252]
+
+ 764. [func] Configuration files now allow "include" directives
+ in more places, such as inside the "view" statement.
+ [RT #377, #728, #860]
+
+ 763. [func] Configuration files no longer have reserved words.
+ [RT #731, #753]
+
+ 762. [cleanup] The named.conf and rndc.conf file parsers have
+ been completely rewritten.
+
+ 761. [bug] _REENTRANT was still defined when building with
+ --disable-threads.
+
+ 760. [contrib] Significant enhancements to the pgsql sdb driver.
+
+ 759. [bug] The resolver didn't turn off "avoid fetches" mode
+ when restarting, possibly causing resolution
+ to fail when it should not. This bug only affected
+ platforms which support both IPv4 and IPv6. [RT #927]
+
+ 758. [bug] The "avoid fetches" code did not treat negative
+ cache entries correctly, causing fetches that would
+ be useful to be avoided. This bug only affected
+ platforms which support both IPv4 and IPv6. [RT #927]
+
+ 757. [func] Log zone transfers.
+
+ 756. [bug] dns_zone_load() could "return" success when no master
+ file was configured.
+
+ 755. [bug] Fix incorrectly formatted log messages in zone.c.
+
+ 754. [bug] Certain failure conditions sending UDP packets
+ could cause the server to retry the transmission
+ indefinitely. [RT #902]
+
+ 753. [bug] dig, host, and nslookup would fail to contact a
+ remote server if getaddrinfo() returned an IPv6
+ address on a system that doesn't support IPv6.
+ [RT #917]
+
+ 752. [func] Correct bad tv_usec elements returned by
+ gettimeofday().
+
+ 751. [func] Log successful zone loads / transfers. [RT #898]
+
+ 750. [bug] A query should not match a DNAME whose trust level
+ is pending. [RT #916]
+
+ 749. [bug] When a query matched a DNAME in a secure zone, the
+ server did not return the signature of the DNAME.
+ [RT #915]
+
+ 748. [doc] List supported RFCs in doc/misc/rfc-compliance.
+ [RT #781]
+
+ 747. [bug] The code to determine whether an IXFR was possible
+ did not properly check for a database that could
+ not have a journal. [RT #865, #908]
+
+ 746. [bug] The sdb didn't clone rdatasets properly, causing
+ a crash when the server followed delegations. [RT #905]
+
+ 745. [func] Report the owner name of records that fail
+ semantic checks while loading.
+
+ 744. [bug] When returning DNS_R_CNAME or DNS_R_DNAME as the
+ result of an ANY or SIG query, the resolver failed
+ to setup the return event's rdatasets, causing an
+ assertion failure in the query code. [RT #881]
+
+ 743. [bug] Receiving a large number of certain malformed
+ answers could cause named to stop responding.
+ [RT #861]
+
+ 742. [placeholder]
+
+ 741. [port] Support openssl-engine. [RT #709]
+
+ 740. [port] Handle openssl library mismatches slightly better.
+
+ 739. [port] Look for /dev/random in configure, rather than
+ assuming it will be there for only a predefined
+ set of OSes.
+
+ 738. [bug] If a non-threadsafe sdb driver supported AXFR and
+ received an AXFR request, it would deadlock or die
+ with an assertion failure. [RT #852]
+
+ 737. [port] stdtime.c failed to compile on certain platforms.
+
+ 736. [func] New functions isc_task_{begin,end}exclusive().
+
+ 735. [doc] Add BIND 4 migration notes.
+
+ 734. [bug] An attempt to re-lock the zone lock could occur if
+ the server was shutdown during a zone transfer.
+ [RT #830]
+
+ 733. [bug] Reference counts of dns_acl_t objects need to be
+ locked but were not. [RT #801, #821]
+
+ 732. [bug] Glue with 0 TTL could also cause SERVFAIL. [RT #828]
+
+ 731. [bug] Certain zone errors could cause named-checkzone to
+ fail ungracefully. [RT #819]
+
+ 730. [bug] lwres_getaddrinfo() returns the correct result when
+ it fails to contact a server. [RT #768]
+
+ 729. [port] pthread_setconcurrency() needs to be called on Solaris.
+
+ 728. [bug] Fix comment processing on master file directives.
+ [RT #757]
+
+ 727. [port] Work around OS bug where accept() succeeds but
+ fails to fill in the peer address of the accepted
+ connection, by treating it as an error rather than
+ an assertion failure. [RT #809]
+
+ 726. [func] Implement the "trace" and "notrace" commands in rndc.
+
+ 725. [bug] Installing man pages could fail.
+
+ 724. [func] New libisc functions isc_netaddr_any(),
+ isc_netaddr_any6().
+
+ 723. [bug] Referrals whose NS RRs had a 0 TTL caused the resolver
+ to return DNS_R_SERVFAIL. [RT #783]
+
+ 722. [func] Allow incremental loads to be canceled.
+
+ 721. [cleanup] Load manager and dns_master_loadfilequota() are no
+ more.
+
+ 720. [bug] Server could enter infinite loop in
+ dispatch.c:do_cancel(). [RT #733]
+
+ 719. [bug] Rapid reloads could trigger an assertion failure.
+ [RT #743, #763]
+
+ 718. [cleanup] "internal" is no longer a reserved word in named.conf.
+ [RT #753, #731]
+
+ 717. [bug] Certain TKEY processing failure modes could
+ reference an uninitialized variable, causing the
+ server to crash. [RT #750]
+
+ 716. [bug] The first line of a $INCLUDE master file was lost if
+ an origin was specified. [RT #744]
+
+ 715. [bug] Resolving some A6 chains could cause an assertion
+ failure in adb.c. [RT #738]
+
+ 714. [bug] Preserve interval timers across reloads unless changed.
+ [RT #729]
+
+ 713. [func] named-checkconf takes '-t directory' similar to named.
+ [RT #726]
+
+ 712. [bug] Sending a large signed update message caused an
+ assertion failure. [RT #718]
+
+ 711. [bug] The libisc and liblwres implementations of
+ inet_ntop contained an off by one error.
+
+ 710. [func] The forwarders statement now takes an optional
+ port. [RT #418]
+
+ 709. [bug] ANY or SIG queries for data with a TTL of 0
+ would return SERVFAIL. [RT #620]
+
+ 708. [bug] When building with --with-openssl, the openssl headers
+ included with BIND 9 should not be used. [RT #702]
+
+ 707. [func] The "filename" argument to named-checkzone is no
+ longer optional, to reduce confusion. [RT #612]
+
+ 706. [bug] Zones with an explicit "allow-update { none; };"
+ were considered dynamic and therefore not reloaded
+ on SIGHUP or "rndc reload".
+
+ 705. [port] Work out resource limit type for use where rlim_t is
+ not available. [RT #695]
+
+ 704. [port] RLIMIT_NOFILE is not available on all platforms.
+ [RT #695]
+
+ 703. [port] sys/select.h is needed on older platforms. [RT #695]
+
+ 702. [func] If the address 0.0.0.0 is seen in resolv.conf,
+ use 127.0.0.1 instead. [RT #693]
+
+ 701. [func] Root hints are now fully optional. Class IN
+ views use compiled-in hints by default, as
+ before. Non-IN views with no root hints now
+ provide authoritative service but not recursion.
+ A warning is logged if a view has neither root
+ hints nor authoritative data for the root. [RT #696]
+
+ 700. [bug] $GENERATE range check was wrong. [RT #688]
+
+ 699. [bug] The lexer mishandled empty quoted strings. [RT #694]
+
+ 698. [bug] Aborting nsupdate with ^C would lead to several
+ race conditions.
+
+ 697. [bug] nsupdate was not compatible with the undocumented
+ BIND 8 behavior of ignoring TTLs in "update delete"
+ commands. [RT #693]
+
+ 696. [bug] lwresd would die with an assertion failure when passed
+ a zero-length name. [RT #692]
+
+ 695. [bug] If the resolver attempted to query a blackholed or
+ bogus server, the resolution would fail immediately.
+
+ 694. [bug] $GENERATE did not produce the last entry.
+ [RT #682, #683]
+
+ 693. [bug] An empty lwres statement in named.conf caused
+ the server to crash while loading.
+
+ 692. [bug] Deal with systems that have getaddrinfo() but not
+ gai_strerror(). [RT #679]
+
+ 691. [bug] Configuring per-view forwarders caused an assertion
+ failure. [RT #675, #734]
+
+ 690. [func] $GENERATE now supports DNAME. [RT #654]
+
+ 689. [doc] man pages are now installed. [RT #210]
+
+ 688. [func] "make tags" now works on systems with the
+ "Exuberant Ctags" etags.
+
+ 687. [bug] Only say we have IPv6, with sufficient functionality,
+ if it has actually been tested. [RT #586]
+
+ 686. [bug] dig and nslookup can now be properly aborted during
+ blocking operations. [RT #568]
+
+ 685. [bug] nslookup should use the search list/domain options
+ from resolv.conf by default. [RT #405, #630]
+
+ 684. [bug] Memory leak with view forwarders. [RT #656]
+
+ 683. [bug] File descriptor leak in isc_lex_openfile().
+
+ 682. [bug] nslookup displayed SOA records incorrectly. [RT #665]
+
+ 681. [bug] $GENERATE specifying output format was broken. [RT #653]
+
+ 680. [bug] dns_rdata_fromstruct() mishandled options bigger
+ than 255 octets.
+
+ 679. [bug] $INCLUDE could leak memory and file descriptors on
+ reload. [RT #639]
+
+ 678. [bug] "transfer-format one-answer;" could trigger an assertion
+ failure. [RT #646]
+
+ 677. [bug] dnssec-signzone would occasionally use the wrong ttl
+ for database operations and fail. [RT #643]
+
+ 676. [bug] Log messages about lame servers to category
+ 'lame-servers' rather than 'resolver', so as not
+ to be gratuitously incompatible with BIND 8.
+
+ 675. [bug] TKEY queries could cause the server to leak
+ memory.
+
+ 674. [func] Allow messages to be TSIG signed / verified using
+ a offset from the current time.
+
+ 673. [func] The server can now convert RFC1886-style recursive
+ lookup requests into RFC2874-style lookups, when
+ enabled using the new option "allow-v6-synthesis".
+
+ 672. [bug] The wrong time was in the "time signed" field when
+ replying with BADTIME error.
+
+ 671. [bug] The message code was failing to parse a message with
+ no question section and a TSIG record. [RT #628]
+
+ 670. [bug] The lwres replacements for getaddrinfo and
+ getipnodebyname didn't properly check for the
+ existence of the sockaddr sa_len field.
+
+ 669. [bug] dnssec-keygen now makes the public key file
+ non-world-readable for symmetric keys. [RT #403]
+
+ 668. [func] named-checkzone now reports multiple errors in master
+ files.
+
+ 667. [bug] On Linux, running named with the -u option and a
+ non-world-readable configuration file didn't work.
+ [RT #626]
+
+ 666. [bug] If a request sent by dig is longer than 512 bytes,
+ use TCP.
+
+ 665. [bug] Signed responses were not sent when the size of the
+ TSIG + question exceeded the maximum message size.
+ [RT #628]
+
+ 664. [bug] The t_tasks and t_timers module tests are now skipped
+ when building without threads, since they require
+ threads.
+
+ 663. [func] Accept a size_spec, not just an integer, in the
+ (unimplemented and ignored) max-ixfr-log-size option
+ for compatibility with recent versions of BIND 8.
+ [RT #613]
+
+ 662. [bug] dns_rdata_fromtext() failed to log certain errors.
+
+ 661. [bug] Certain UDP IXFR requests caused an assertion failure
+ (mpctx->allocated == 0). [RT #355, #394, #623]
+
+ 660. [port] Detect multiple CPUs on HP-UX and IRIX.
+
+ 659. [performance] Rewrite the name compression code to be much faster.
+
+ 658. [cleanup] Remove all vestiges of 16 bit global compression.
+
+ 657. [bug] When a listen-on statement in an lwres block does not
+ specify a port, use 921, not 53. Also update the
+ listen-on documentation. [RT #616]
+
+ 656. [func] Treat an unescaped newline in a quoted string as
+ an error. This means that TXT records with missing
+ close quotes should have meaningful errors printed.
+
+ 655. [bug] Improve error reporting on unexpected eof when loading
+ zones. [RT #611]
+
+ 654. [bug] Origin was being forgotten in TCP retries in dig.
+ [RT #574]
+
+ 653. [bug] +defname option in dig was reversed in sense.
+ [RT #549]
+
+ 652. [bug] zone_saveunique() did not report the new name.
+
+ 651. [func] The AD bit in responses now has the meaning
+ specified in <draft-ietf-dnsext-ad-is-secure>.
+
+ 650. [bug] SIG(0) records were being generated and verified
+ incorrectly. [RT #606]
+
+ 649. [bug] It was possible to join to an already running fctx
+ after it had "cloned" its events, but before it sent
+ them. In this case, the event of the newly joined
+ fetch would not contain the answer, and would
+ trigger the INSIST() in fctx_sendevents(). In
+ BIND 9.0, this bug did not trigger an INSIST(), but
+ caused the fetch to fail with a SERVFAIL result.
+ [RT #588, #597, #605, #607]
+
+ 648. [port] Add support for pre-RFC2133 IPv6 implementations.
+
+ 647. [bug] Resolver queries sent after following multiple
+ referrals had excessively long retransmission
+ timeouts due to incorrectly counting the referrals
+ as "restarts".
+
+ 646. [bug] The UnixWare ISC_PLATFORM_FIXIN6INADDR fix in isc/net.h
+ didn't _cleanly_ fix the problem it was trying to fix.
+
+ 645. [port] BSD/OS 3.0 needs pthread_init(). [RT #603]
+
+ 644. [bug] #622 needed more work. [RT #562]
+
+ 643. [bug] xfrin error messages made more verbose, added class
+ of the zone. [RT #599]
+
+ 642. [bug] Break the exit_check() race in the zone module.
+ [RT #598]
+
+ --- 9.1.0b2 released ---
+
+ 641. [bug] $GENERATE caused a uninitialized link to be used.
+ [RT #595]
+
+ 640. [bug] Memory leak in error path could cause
+ "mpctx->allocated == 0" failure. [RT #584]
+
+ 639. [bug] Reading entropy from the keyboard would sometimes fail.
+ [RT #591]
+
+ 638. [port] lib/isc/random.c needed to explicitly include time.h
+ to get a prototype for time() when pthreads was not
+ being used. [RT #592]
+
+ 637. [port] Use isc_u?int64_t instead of (unsigned) long long in
+ lib/isc/print.c. Also allow lib/isc/print.c to
+ be compiled even if the platform does not need it.
+ [RT #592]
+
+ 636. [port] Shut up MSVC++ about a possible loss of precision
+ in the ISC__BUFFER_PUTUINT*() macros. [RT #592]
+
+ 635. [bug] Reloading a server with a configured blackhole list
+ would cause an assertion. [RT #590]
+
+ 634. [bug] A log file will completely stop being written when
+ it reaches the maximum size in all cases, not just
+ when versioning is also enabled. [RT #570]
+
+ 633. [port] Cope with rlim_t missing on BSD/OS systems. [RT #575]
+
+ 632. [bug] The index array of the journal file was
+ corrupted as it was written to disk.
+
+ 631. [port] Build without thread support on systems without
+ pthreads.
+
+ 630. [bug] Locking failure in zone code. [RT #582]
+
+ 629. [bug] 9.1.0b1 dereferenced a null pointer and crashed
+ when responding to a UDP IXFR request.
+
+ 628. [bug] If the root hints contained only AAAA addresses,
+ named would be unable to perform resolution.
+
+ 627. [bug] The EDNS0 blackhole detection code of change 324
+ waited for three retransmissions to each server,
+ which takes much too long when a domain has many
+ name servers and all of them drop EDNS0 queries.
+ Now we retry without EDNS0 after three consecutive
+ timeouts, even if they are all from different
+ servers. [RT #143]
+
+ 626. [bug] The lightweight resolver daemon no longer crashes
+ when asked for a SIG rrset. [RT #558]
+
+ 625. [func] Zones now inherit their class from the enclosing view.
+
+ 624. [bug] The zone object could get timer events after it had
+ been destroyed, causing a server crash. [RT #571]
+
+ 623. [func] Added "named-checkconf" and "named-checkzone" program
+ for syntax checking named.conf files and zone files,
+ respectively.
+
+ 622. [bug] A canceled request could be destroyed before
+ dns_request_destroy() was called. [RT #562]
+
+ 621. [port] Disable IPv6 at runtime if IPv6 sockets are unusable.
+ This mostly affects Red Hat Linux 7.0, which has
+ conflicts between libc and the kernel.
+
+ 620. [bug] dns_master_load*inc() now require 'task' and 'load'
+ to be non-null. Also 'done' will not be called if
+ dns_master_load*inc() fails immediately. [RT #565]
+
+ 619. [placeholder]
+
+ 618. [bug] Queries to a signed zone could sometimes cause
+ an assertion failure.
+
+ 617. [bug] When using dynamic update to add a new RR to an
+ existing RRset with a different TTL, the journal
+ entries generated from the update did not include
+ explicit deletions and re-additions of the existing
+ RRs to update their TTL to the new value.
+
+ 616. [func] dnssec-signzone -t output now includes performance
+ statistics.
+
+ 615. [bug] dnssec-signzone did not like child keysets signed
+ by multiple keys.
+
+ 614. [bug] Checks for uninitialized link fields were prone
+ to false positives, causing assertion failures.
+ The checks are now disabled by default and may
+ be re-enabled by defining ISC_LIST_CHECKINIT.
+
+ 613. [bug] "rndc reload zone" now reloads primary zones.
+ It previously only updated slave and stub zones,
+ if an SOA query indicated an out of date serial.
+
+ 612. [cleanup] Shutup a ridiculously noisy HP-UX compiler that
+ complains relentlessly about how its treatment
+ of 'const' has changed as well as how casting
+ sometimes tightens alignment constraints.
+
+ 611. [func] allow-notify can be used to permit processing of
+ notify messages from hosts other than a slave's
+ masters.
+
+ 610. [func] rndc dumpdb is now supported.
+
+ 609. [bug] getrrsetbyname() would crash lwresd if the server
+ found more SIGs than answers. [RT #554]
+
+ 608. [func] dnssec-signzone now adds a comment to the zone
+ with the time the file was signed.
+
+ 607. [bug] nsupdate would fail if it encountered a CNAME or
+ DNAME in a response to an SOA query. [RT #515]
+
+ 606. [bug] Compiling with --disable-threads failed due
+ to isc_thread_self() being incorrectly defined
+ as an integer rather than a function.
+
+ 605. [func] New function isc_lex_getlasttokentext().
+
+ 604. [bug] The named.conf parser could print incorrect line
+ numbers when long comments were present.
+
+ 603. [bug] Make dig handle multiple types or classes on the same
+ query more correctly.
+
+ 602. [func] Cope automatically with UnixWare's broken
+ IN6_IS_ADDR_* macros. [RT #539]
+
+ 601. [func] Return a non-zero exit code if an update fails
+ in nsupdate.
+
+ 600. [bug] Reverse lookups sometimes failed in dig, etc...
+
+ 599. [func] Added four new functions to the libisc log API to
+ support i18n messages. isc_log_iwrite(),
+ isc_log_ivwrite(), isc_log_iwrite1() and
+ isc_log_ivwrite1() were added.
+
+ 598. [bug] An update-policy statement would cause the server
+ to assert while loading. [RT #536]
+
+ 597. [func] dnssec-signzone is now multi-threaded.
+
+ 596. [bug] DNS_RDATASLAB_FORCE and DNS_RDATASLAB_EXACT are
+ not mutually exclusive.
+
+ 595. [port] On Linux 2.2, socket() returns EINVAL when it
+ should return EAFNOSUPPORT. Work around this.
+ [RT #531]
+
+ 594. [func] sdb drivers are now assumed to not be thread-safe
+ unless the DNS_SDBFLAG_THREADSAFE flag is supplied.
+
+ 593. [bug] If a secure zone was missing all its NXTs and
+ a dynamic update was attempted, the server entered
+ an infinite loop.
+
+ 592. [bug] The sig-validity-interval option now specifies a
+ number of days, not seconds. This matches the
+ documentation. [RT #529]
+
+ --- 9.1.0b1 released ---
+
+ 591. [bug] Work around non-reentrancy in openssl by disabling
+ pre-computation in keys.
+
+ 590. [doc] There are now man pages for the lwres library in
+ doc/man/lwres.
+
+ 589. [bug] The server could deadlock if a zone was updated
+ while being transferred out.
+
+ 588. [bug] ctx->in_use was not being correctly initialized when
+ when pushing a file for $INCLUDE. [RT #523]
+
+ 587. [func] A warning is now printed if the "allow-update"
+ option allows updates based on the source IP
+ address, to alert users to the fact that this
+ is insecure and becoming increasingly so as
+ servers capable of update forwarding are being
+ deployed.
+
+ 586. [bug] multiple views with the same name were fatal. [RT #516]
+
+ 585. [func] dns_db_addrdataset() and dns_rdataslab_merge()
+ now support 'exact' additions in a similar manner to
+ dns_db_subtractrdataset() and dns_rdataslab_subtract().
+
+ 584. [func] You can now say 'notify explicit'; to suppress
+ notification of the servers listed in NS records
+ and notify only those servers listed in the
+ 'also-notify' option.
+
+ 583. [func] "rndc querylog" will now toggle logging of
+ queries, like "ndc querylog" in BIND 8.
+
+ 582. [bug] dns_zone_idetach() failed to lock the zone.
+ [RT #199, #463]
+
+ 581. [bug] log severity was not being correctly processed.
+ [RT #485]
+
+ 580. [func] Ignore trailing garbage on incoming DNS packets,
+ for interoperability with broken server
+ implementations. [RT #491]
+
+ 579. [bug] nsupdate did not take a filename to read update from.
+ [RT #492]
+
+ 578. [func] New config option "notify-source", to specify the
+ source address for notify messages.
+
+ 577. [func] Log illegal RDATA combinations. e.g. multiple
+ singleton types, cname and other data.
+
+ 576. [doc] isc_log_create() description did not match reality.
+
+ 575. [bug] isc_log_create() was not setting internal state
+ correctly to reflect the default channels created.
+
+ 574. [bug] TSIG signed queries sent by the resolver would fail to
+ have their responses validated and would leak memory.
+
+ 573. [bug] The journal files of IXFRed slave zones were
+ inadvertently discarded on server reload, causing
+ "journal out of sync with zone" errors on subsequent
+ reloads. [RT #482]
+
+ 572. [bug] Quoted strings were not accepted as key names in
+ address match lists.
+
+ 571. [bug] It was possible to create an rdataset of singleton
+ type which had more than one rdata. [RT #154]
+ [RT #279]
+
+ 570. [bug] rbtdb.c allowed zones containing nodes which had
+ both a CNAME and "other data". [RT #154]
+
+ 569. [func] The DNSSEC AD bit will not be set on queries which
+ have not requested a DNSSEC response.
+
+ 568. [func] Add sample simple database drivers in contrib/sdb.
+
+ 567. [bug] Setting the zone transfer timeout to zero caused an
+ assertion failure. [RT #302]
+
+ 566. [func] New public function dns_timer_setidle().
+
+ 565. [func] Log queries more like BIND 8: query logging is now
+ done to category "queries", level "info". [RT #169]
+
+ 564. [func] Add sortlist support to lwresd.
+
+ 563. [func] New public functions dns_rdatatype_format() and
+ dns_rdataclass_format(), for convenient formatting
+ of rdata type/class mnemonics in log messages.
+
+ 562. [cleanup] Moved lib/dns/*conf.c to bin/named where they belong.
+
+ 561. [func] The 'datasize', 'stacksize', 'coresize' and 'files'
+ clauses of the options{} statement are now implemented.
+
+ 560. [bug] dns_name_split did not properly the resulting prefix
+ when a maximal length bitstring label was split which
+ was preceded by another bitstring label. [RT #429]
+
+ 559. [bug] dns_name_split did not properly create the suffix
+ when splitting within a maximal length bitstring label.
+
+ 558. [func] New functions, isc_resource_getlimit and
+ isc_resource_setlimit.
+
+ 557. [func] Symbolic constants for libisc integral types.
+
+ 556. [func] The DNSSEC OK bit in the EDNS extended flags
+ is now implemented. Responses to queries without
+ this bit set will not contain any DNSSEC records.
+
+ 555. [bug] A slave server attempting a zone transfer could
+ crash with an assertion failure on certain
+ malformed responses from the master. [RT #457]
+
+ 554. [bug] In some cases, not all of the dnssec tools were
+ properly installed.
+
+ 553. [bug] Incoming zone transfers deferred due to quota
+ were not started when quota was increased but
+ only when a transfer in progress finished. [RT #456]
+
+ 552. [bug] We were not correctly detecting the end of all c-style
+ comments. [RT #455]
+
+ 551. [func] Implemented the 'sortlist' option.
+
+ 550. [func] Support unknown rdata types and classes.
+
+ 549. [bug] "make" did not immediately abort the build when a
+ subdirectory make failed [RT #450].
+
+ 548. [func] The lexer now ungets tokens more correctly.
+
+ 547. [placeholder]
+
+ 546. [func] Option 'lame-ttl' is now implemented.
+
+ 545. [func] Name limit and counting options removed from dig;
+ they didn't work properly, and cannot be correctly
+ implemented without significant changes.
+
+ 544. [func] Add statistics option, enable statistics-file option,
+ add RNDC option "dump-statistics" to write out a
+ query statistics file.
+
+ 543. [doc] The 'port' option is now documented.
+
+ 542. [func] Add support for update forwarding as required for
+ full compliance with RFC2136. It is turned off
+ by default and can be enabled using the
+ 'allow-update-forwarding' option.
+
+ 541. [func] Add bogus server support.
+
+ 540. [func] Add dialup support.
+
+ 539. [func] Support the blackhole option.
+
+ 538. [bug] fix buffer overruns by 1 in lwres_getnameinfo().
+
+ 537. [placeholder]
+
+ 536. [func] Use transfer-source{-v6} when sending refresh queries.
+ Transfer-source{-v6} now take a optional port
+ parameter for setting the UDP source port. The port
+ parameter is ignored for TCP.
+
+ 535. [func] Use transfer-source{-v6} when forwarding update
+ requests.
+
+ 534. [func] Ancestors have been removed from RBT chains. Ancestor
+ information can be discerned via node parent pointers.
+
+ 533. [func] Incorporated name hashing into the RBT database to
+ improve search speed.
+
+ 532. [func] Implement DNS UPDATE pseudo records using
+ DNS_RDATA_UPDATE flag.
+
+ 531. [func] Rdata really should be initialized before being assigned
+ to (dns_rdata_fromwire(), dns_rdata_fromtext(),
+ dns_rdata_clone(), dns_rdata_fromregion()),
+ check that it is.
+
+ 530. [func] New function dns_rdata_invalidate().
+
+ 529. [bug] 521 contained a bug which caused zones to always
+ reload. [RT #410]
+
+ 528. [func] The ISC_LIST_XXXX macros now perform sanity checks
+ on their arguments. ISC_LIST_XXXXUNSAFE can be use
+ to skip the checks however use with caution.
+
+ 527. [func] New function dns_rdata_clone().
+
+ 526. [bug] nsupdate incorrectly refused to add RRs with a TTL
+ of 0.
+
+ 525. [func] New arguments 'options' for dns_db_subtractrdataset(),
+ and 'flags' for dns_rdataslab_subtract() allowing you
+ to request that the RR's must exist prior to deletion.
+ DNS_R_NOTEXACT is returned if the condition is not met.
+
+ 524. [func] The 'forward' and 'forwarders' statement in
+ non-forward zones should work now.
+
+ 523. [doc] The source to the Administrator Reference Manual is
+ now an XML file using the DocBook DTD, and is included
+ in the distribution. The plain text version of the
+ ARM is temporarily unavailable while we figure out
+ how to generate readable plain text from the XML.
+
+ 522. [func] The lightweight resolver daemon can now use
+ a real configuration file, and its functionality
+ can be provided by a name server. Also, the -p and -P
+ options to lwresd have been reversed.
+
+ 521. [bug] Detect master files which contain $INCLUDE and always
+ reload. [RT #196]
+
+ 520. [bug] Upgraded libtool to 1.3.5, which makes shared
+ library builds almost work on AIX (and possibly
+ others).
+
+ 519. [bug] dns_name_split() would improperly split some bitstring
+ labels, zeroing a few of the least significant bits in
+ the prefix part. When such an improperly created
+ prefix was returned to the RBT database, the bogus
+ label was dutifully stored, corrupting the tree.
+ [RT #369]
+
+ 518. [bug] The resolver did not realize that a DNAME which was
+ "the answer" to the client's query was "the answer",
+ and such queries would fail. [RT #399]
+
+ 517. [bug] The resolver's DNAME code would trigger an assertion
+ if there was more than one DNAME in the chain.
+ [RT #399]
+
+ 516. [bug] Cache lookups which had a NULL node pointer, e.g.
+ those by dns_view_find(), and which would match a
+ DNAME, would trigger an INSIST(!search.need_cleanup)
+ assertion. [RT #399]
+
+ 515. [bug] The ssu table was not being attached / detached
+ by dns_zone_[sg]etssutable. [RT #397]
+
+ 514. [func] Retry refresh and notify queries if they timeout.
+ [RT #388]
+
+ 513. [func] New functionality added to rdnc and server to allow
+ individual zones to be refreshed or reloaded.
+
+ 512. [bug] The zone transfer code could throw an exception with
+ an invalid IXFR stream.
+
+ 511. [bug] The message code could throw an assertion on an
+ out of memory failure. [RT #392]
+
+ 510. [bug] Remove spurious view notify warning. [RT #376]
+
+ 509. [func] Add support for write of zone files on shutdown.
+
+ 508. [func] dns_message_parse() can now do a best-effort
+ attempt, which should allow dig to print more invalid
+ messages.
+
+ 507. [func] New functions dns_zone_flush(), dns_zt_flushanddetach()
+ and dns_view_flushanddetach().
+
+ 506. [func] Do not fail to start on errors in zone files.
+
+ 505. [bug] nsupdate was printing "unknown result code". [RT #373]
+
+ 504. [bug] The zone was not being marked as dirty when updated via
+ IXFR.
+
+ 503. [bug] dumptime was not being set along with
+ DNS_ZONEFLG_NEEDDUMP.
+
+ 502. [func] On a SERVFAIL reply, DiG will now try the next server
+ in the list, unless the +fail option is specified.
+
+ 501. [bug] Incorrect port numbers were being displayed by
+ nslookup. [RT #352]
+
+ 500. [func] Nearly useless +details option removed from DiG.
+
+ 499. [func] In DiG, specifying a class with -c or type with -t
+ changes command-line parsing so that classes and
+ types are only recognized if following -c or -t.
+ This allows hosts with the same name as a class or
+ type to be looked up.
+
+ 498. [doc] There is now a man page for "dig"
+ in doc/man/bin/dig.1.
+
+ 497. [bug] The error messages printed when an IP match list
+ contained a network address with a nonzero host
+ part where not sufficiently detailed. [RT #365]
+
+ 496. [bug] named didn't sanity check numeric parameters. [RT #361]
+
+ 495. [bug] nsupdate was unable to handle large records. [RT #368]
+
+ 494. [func] Do not cache NXDOMAIN responses for SOA queries.
+
+ 493. [func] Return non-cachable (ttl = 0) NXDOMAIN responses
+ for SOA queries. This makes it easier to locate
+ the containing zone without polluting intermediate
+ caches.
+
+ 492. [bug] attempting to reload a zone caused the server fail
+ to shutdown cleanly. [RT #360]
+
+ 491. [bug] nsupdate would segfault when sending certain
+ prerequisites with empty RDATA. [RT #356]
+
+ 490. [func] When a slave/stub zone has not yet successfully
+ obtained an SOA containing the zone's configured
+ retry time, perform the SOA query retries using
+ exponential backoff. [RT #337]
+
+ 489. [func] The zone manager now has a "i/o" queue.
+
+ 488. [bug] Locks weren't properly destroyed in some cases.
+
+ 487. [port] flockfile() is not defined on all systems.
+
+ 486. [bug] nslookup: "set all" and "server" commands showed
+ the incorrect port number if a port other than 53
+ was specified. [RT #352]
+
+ 485. [func] When dig had more than one server to query, it would
+ send all of the messages at the same time. Add
+ rate limiting of the transmitted messages.
+
+ 484. [bug] When the server was reloaded after removing addresses
+ from the named.conf "listen-on" statement, sockets
+ were still listening on the removed addresses due
+ to reference count loops. [RT #325]
+
+ 483. [bug] nslookup: "set all" showed a "search" option but it
+ was not settable.
+
+ 482. [bug] nslookup: a plain "server" or "lserver" should be
+ treated as a lookup.
+
+ 481. [bug] nslookup:get_next_command() stack size could exceed
+ per thread limit.
+
+ 480. [bug] strtok() is not thread safe. [RT #349]
+
+ 479. [func] The test suite can now be run by typing "make check"
+ or "make test" at the top level.
+
+ 478. [bug] "make install" failed if the directory specified with
+ --prefix did not already exist.
+
+ 477. [bug] The the isc-config.sh script could be installed before
+ its directory was created. [RT #324]
+
+ 476. [bug] A zone could expire while a zone transfer was in
+ progress triggering a INSIST failure. [RT #329]
+
+ 475. [bug] query_getzonedb() sometimes returned a non-null version
+ on failure. This caused assertion failures when
+ generating query responses where names subject to
+ additional section processing pointed to a zone
+ to which access had been denied by means of the
+ allow-query option. [RT #336]
+
+ 474. [bug] The mnemonic of the CHAOS class is CH according to
+ RFC1035, but it was printed and read only as CHAOS.
+ We now accept both forms as input, and print it
+ as CH. [RT #305]
+
+ 473. [bug] nsupdate overran the end of the list of name servers
+ when no servers could be reached, typically causing
+ it to print the error message "dns_request_create:
+ not implemented".
+
+ 472. [bug] Off-by-one error caused isc_time_add() to sometimes
+ produce invalid time values.
+
+ 471. [bug] nsupdate didn't compile on HP/UX 10.20
+
+ 470. [func] $GENERATE is now supported. See also
+ doc/misc/migration.
+
+ 469. [bug] "query-source address * port 53;" now works.
+
+ 468. [bug] dns_master_load*() failed to report file and line
+ number in certain error conditions.
+
+ 467. [bug] dns_master_load*() failed to log an error if
+ pushfile() failed.
+
+ 466. [bug] dns_master_load*() could return success when it failed.
+
+ 465. [cleanup] Allow 0 to be set as an omapi_value_t value by
+ omapi_value_storeint().
+
+ 464. [cleanup] Build with openssl's RSA code instead of dnssafe.
+
+ 463. [bug] nsupdate sent malformed SOA queries to the second
+ and subsequent name servers in resolv.conf if the
+ query sent to the first one failed.
+
+ 462. [bug] --disable-ipv6 should work now.
+
+ 461. [bug] Specifying an unknown key in the "keys" clause of the
+ "controls" statement caused a NULL pointer dereference.
+ [RT #316]
+
+ 460. [bug] Much of the DNSSEC code only worked with class IN.
+
+ 459. [bug] Nslookup processed the "set" command incorrectly.
+
+ 458. [bug] Nslookup didn't properly check class and type values.
+ [RT #305]
+
+ 457. [bug] Dig/host/hslookup didn't properly handle connect
+ timeouts in certain situations, causing an
+ unnecessary warning message to be printed.
+
+ 456. [bug] Stub zones were not resetting the refresh and expire
+ counters, loadtime or clearing the DNS_ZONE_REFRESH
+ (refresh in progress) flag upon successful update.
+ This disabled further refreshing of the stub zone,
+ causing it to eventually expire. [RT #300]
+
+ 455. [doc] Document IPv4 prefix notation does not require a
+ dotted decimal quad but may be just dotted decimal.
+
+ 454. [bug] Enforce dotted decimal and dotted decimal quad where
+ documented as such in named.conf. [RT #304, RT #311]
+
+ 453. [bug] Warn if the obsolete option "maintain-ixfr-base"
+ is specified in named.conf. [RT #306]
+
+ 452. [bug] Warn if the unimplemented option "statistics-file"
+ is specified in named.conf. [RT #301]
+
+ 451. [func] Update forwarding implemented.
+
+ 450. [func] New function ns_client_sendraw().
+
+ 449. [bug] isc_bitstring_copy() only works correctly if the
+ two bitstrings have the same lsb0 value, but this
+ requirement was not documented, nor was there a
+ REQUIRE for it.
+
+ 448. [bug] Host output formatting change, to match v8. [RT #255]
+
+ 447. [bug] Dig didn't properly retry in TCP mode after
+ a truncated reply. [RT #277]
+
+ 446. [bug] Confusing notify log message. [RT #298]
+
+ 445. [bug] Doing a 0 bit isc_bitstring_copy() of an lsb0
+ bitstring triggered a REQUIRE statement. The REQUIRE
+ statement was incorrect. [RT #297]
+
+ 444. [func] "recursion denied" messages are always logged at
+ debug level 1, now, rather than sometimes at ERROR.
+ This silences these warnings in the usual case, where
+ some clients set the RD bit in all queries.
+
+ 443. [bug] When loading a master file failed because of an
+ unrecognized RR type name, the error message
+ did not include the file name and line number.
+ [RT #285]
+
+ 442. [bug] TSIG signed messages that did not match any view
+ crashed the server. [RT #290]
+
+ 441. [bug] Nodes obscured by a DNAME were inaccessible even
+ when DNS_DBFIND_GLUEOK was set.
+
+ 440. [func] New function dns_zone_forwardupdate().
+
+ 439. [func] New function dns_request_createraw().
+
+ 438. [func] New function dns_message_getrawmessage().
+
+ 437. [func] Log NOTIFY activity to the notify channel.
+
+ 436. [bug] If recvmsg() returned EHOSTUNREACH or ENETUNREACH,
+ which sometimes happens on Linux, named would enter
+ a busy loop. Also, unexpected socket errors were
+ not logged at a high enough logging level to be
+ useful in diagnosing this situation. [RT #275]
+
+ 435. [bug] dns_zone_dump() overwrote existing zone files
+ rather than writing to a temporary file and
+ renaming. This could lead to empty or partial
+ zone files being left around in certain error
+ conditions involving the initial transfer of a
+ slave zone, interfering with subsequent server
+ startup. [RT #282]
+
+ 434. [func] New function isc_file_isabsolute().
+
+ 433. [func] isc_base64_decodestring() now accepts newlines
+ within the base64 data. This makes it possible
+ to break up the key data in a "trusted-keys"
+ statement into multiple lines. [RT #284]
+
+ 432. [func] Added refresh/retry jitter. The actual refresh/
+ retry time is now a random value between 75% and
+ 100% of the configured value.
+
+ 431. [func] Log at ISC_LOG_INFO when a zone is successfully
+ loaded.
+
+ 430. [bug] Rewrote the lightweight resolver client management
+ code to handle shutdown correctly and general
+ cleanup.
+
+ 429. [bug] The space reserved for a TSIG record in a response
+ was 2 bytes too short, leading to message
+ generation failures.
+
+ 428. [bug] rbtdb.c:find_closest_nxt() erroneously returned
+ DNS_R_BADDB for nodes which had neither NXT nor SIG NXT
+ (e.g. glue). This could cause SERVFAILs when
+ generating negative responses in a secure zone.
+
+ 427. [bug] Avoid going into an infinite loop when the validator
+ gets a negative response to a key query where the
+ records are signed by the missing key.
+
+ 426. [bug] Attempting to generate an oversized RSA key could
+ cause dnssec-keygen to dump core.
+
+ 425. [bug] Warn about the auth-nxdomain default value change
+ if there is no auth-nxdomain statement in the
+ config file. [RT #287]
+
+ 424. [bug] notify_createmessage() could trigger an assertion
+ failure when creating the notify message failed,
+ e.g. due to corrupt zones with multiple SOA records.
+ [RT #279]
+
+ 423. [bug] When responding to a recursive query, errors that occur
+ after following a CNAME should cause the query to fail.
+ [RT #274]
+
+ 422. [func] get rid of isc_random_t, and make isc_random_get()
+ and isc_random_jitter() use rand() internally
+ instead of local state. Note that isc_random_*()
+ functions are only for weak, non-critical "randomness"
+ such as timing jitter and such.
+
+ 421. [bug] nslookup would exit when given a blank line as input.
+
+ 420. [bug] nslookup failed to implement the "exit" command.
+
+ 419. [bug] The certificate type PKIX was misspelled as SKIX.
+
+ 418. [bug] At debug levels >= 10, getting an unexpected
+ socket receive error would crash the server
+ while trying to log the error message.
+
+ 417. [func] Add isc_app_block() and isc_app_unblock(), which
+ allow an application to handle signals while
+ blocking.
+
+ 416. [bug] Slave zones with no master file tried to use a
+ NULL pointer for a journal file name when they
+ received an IXFR. [RT #273]
+
+ 415. [bug] The logging code leaked file descriptors.
+
+ 414. [bug] Server did not shut down until all incoming zone
+ transfers were finished.
+
+ 413. [bug] Notify could attempt to use the zone database after
+ it had been unloaded. [RT #267]
+
+ 412. [bug] named -v didn't print the version.
+
+ 411. [bug] A typo in the HS A code caused an assertion failure.
+
+ 410. [bug] lwres_gethostbyname() and company set lwres_h_errno
+ to a random value on success.
+
+ 409. [bug] If named was shut down early in the startup
+ process, ns_omapi_shutdown() would attempt to lock
+ an uninitialized mutex. [RT #262]
+
+ 408. [bug] stub zones could leak memory and reference counts if
+ all the masters were unreachable.
+
+ 407. [bug] isc_rwlock_lock() would needlessly block
+ readers when it reached the read quota even
+ if no writers were waiting.
+
+ 406. [bug] Log messages were occasionally lost or corrupted
+ due to a race condition in isc_log_doit().
+
+ 405. [func] Add support for selective forwarding (forward zones)
+
+ 404. [bug] The request library didn't completely work with IPv6.
+
+ 403. [bug] "host" did not use the search list.
+
+ 402. [bug] Treat undefined acls as errors, rather than
+ warning and then later throwing an assertion.
+ [RT #252]
+
+ 401. [func] Added simple database API.
+
+ 400. [bug] SIG(0) signing and verifying was done incorrectly.
+ [RT #249]
+
+ 399. [bug] When reloading the server with a config file
+ containing a syntax error, it could catch an
+ assertion failure trying to perform zone
+ maintenance on, or sending notifies from,
+ tentatively created zones whose views were
+ never fully configured and lacked an address
+ database and request manager.
+
+ 398. [bug] "dig" sometimes caught an assertion failure when
+ using TSIG, depending on the key length.
+
+ 397. [func] Added utility functions dns_view_gettsig() and
+ dns_view_getpeertsig().
+
+ 396. [doc] There is now a man page for "nsupdate"
+ in doc/man/bin/nsupdate.8.
+
+ 395. [bug] nslookup printed incorrect RR type mnemonics
+ for RRs of type >= 21 [RT #237].
+
+ 394. [bug] Current name was not propagated via $INCLUDE.
+
+ 393. [func] Initial answer while loading (awl) support.
+ Entry points: dns_master_loadfileinc(),
+ dns_master_loadstreaminc(), dns_master_loadbufferinc().
+ Note: calls to dns_master_load*inc() should be rate
+ be rate limited so as to not use up all file
+ descriptors.
+
+ 392. [func] Add ISC_R_FAMILYNOSUPPORT. Returned when OS does
+ not support the given address family requested.
+
+ 391. [clarity] ISC_R_FAMILY -> ISC_R_FAMILYMISMATCH.
+
+ 390. [func] The function dns_zone_setdbtype() now takes
+ an argc/argv style vector of words and sets
+ both the zone database type and its arguments,
+ making the functions dns_zone_adddbarg()
+ and dns_zone_cleardbargs() unnecessary.
+
+ 389. [bug] Attempting to send a request over IPv6 using
+ dns_request_create() on a system without IPv6
+ support caused an assertion failure [RT #235].
+
+ 388. [func] dig and host can now do reverse ipv6 lookups.
+
+ 387. [func] Add dns_byaddr_createptrname(), which converts
+ an address into the name used by a PTR query.
+
+ 386. [bug] Missing strdup() of ACL name caused random
+ ACL matching failures [RT #228].
+
+ 385. [cleanup] Removed functions dns_zone_equal(), dns_zone_print(),
+ and dns_zt_print().
+
+ 384. [bug] nsupdate was incorrectly limiting TTLs to 65535 instead
+ of 2147483647.
+
+ 383. [func] When writing a master file, print the SOA and NS
+ records (and their SIGs) before other records.
+
+ 382. [bug] named -u failed on many Linux systems where the
+ libc provided kernel headers do not match
+ the current kernel.
+
+ 381. [bug] Check for IPV6_RECVPKTINFO and use it instead of
+ IPV6_PKTINFO if found. [RT #229]
+
+ 380. [bug] nsupdate didn't work with IPv6.
+
+ 379. [func] New library function isc_sockaddr_anyofpf().
+
+ 378. [func] named and lwresd will log the command line arguments
+ they were started with in the "starting ..." message.
+
+ 377. [bug] When additional data lookups were refused due to
+ "allow-query", the databases were still being
+ attached causing reference leaks.
+
+ 376. [bug] The server should always use good entropy when
+ performing cryptographic functions needing entropy.
+
+ 375. [bug] Per-zone "allow-query" did not properly override the
+ view/global one for CNAME targets and additional
+ data [RT #220].
+
+ 374. [bug] SOA in authoritative negative responses had wrong TTL.
+
+ 373. [func] nslookup is now installed by "make install".
+
+ 372. [bug] Deal with Microsoft DNS servers appending two bytes of
+ garbage to zone transfer requests.
+
+ 371. [bug] At high debug levels, doing an outgoing zone transfer
+ of a very large RRset could cause an assertion failure
+ during logging.
+
+ 370. [bug] The error messages for roll-forward failures were
+ overly terse.
+
+ 369. [func] Support new named.conf options, view and zone
+ statements:
+
+ max-retry-time, min-retry-time,
+ max-refresh-time, min-refresh-time.
+
+ 368. [func] Restructure the internal ".bind" view so that more
+ zones can be added to it.
+
+ 367. [bug] Allow proper selection of server on nslookup command
+ line.
+
+ 366. [func] Allow use of '-' batch file in dig for stdin.
+
+ 365. [bug] nsupdate -k leaked memory.
+
+ 364. [func] Added additional-from-{cache,auth}
+
+ 363. [placeholder]
+
+ 362. [bug] rndc no longer aborts if the configuration file is
+ missing an options statement. [RT #209]
+
+ 361. [func] When the RBT find or chain functions set the name and
+ origin for a node that stores the root label
+ the name is now set to an empty name, instead of ".",
+ to simplify later use of the name and origin by
+ dns_name_concatenate(), dns_name_totext() or
+ dns_name_format().
+
+ 360. [func] dns_name_totext() and dns_name_format() now allow
+ an empty name to be passed, which is formatted as "@".
+
+ 359. [bug] dnssec-signzone occasionally signed glue records.
+
+ 358. [cleanup] Rename the intermediate files used by the dnssec
+ programs.
+
+ 357. [bug] The zone file parser crashed if the argument
+ to $INCLUDE was a quoted string.
+
+ 356. [cleanup] isc_task_send no longer requires event->sender to
+ be non-null.
+
+ 355. [func] Added isc_dir_createunique(), similar to mkdtemp().
+
+ 354. [doc] Man pages for the dnssec tools are now included in
+ the distribution, in doc/man/dnssec.
+
+ 353. [bug] double increment in lwres/gethost.c:copytobuf().
+ [RT #187]
+
+ 352. [bug] Race condition in dns_client_t startup could cause
+ an assertion failure.
+
+ 351. [bug] Constructing a response with rcode SERVFAIL to a TSIG
+ signed query could crash the server.
+
+ 350. [bug] Also-notify lists specified in the global options
+ block were not correctly reference counted, causing
+ a memory leak.
+
+ 349. [bug] Processing a query with the CD bit set now works
+ as expected.
+
+ 348. [func] New boolean named.conf options 'additional-from-auth'
+ and 'additional-from-cache' now supported in view and
+ global options statement.
+
+ 347. [bug] Don't crash if an argument is left off options in dig.
+
+ 346. [placeholder]
+
+ 345. [bug] Large-scale changes/cleanups to dig:
+ * Significantly improve structure handling
+ * Don't pre-load entire batch files
+ * Add name/rr counting/limiting
+ * Fix SIGINT handling
+ * Shorten timeouts to match v8's behavior
+
+ 344. [bug] When shutting down, lwresd sometimes tried
+ to shut down its client tasks twice,
+ triggering an assertion.
+
+ 343. [bug] Although zone maintenance SOA queries and
+ notify requests were signed with TSIG keys
+ when configured for the server in case,
+ the TSIG was not verified on the response.
+
+ 342. [bug] The wrong name was being passed to
+ dns_name_dup() when generating a TSIG
+ key using TKEY.
+
+ 341. [func] Support 'key' clause in named.conf zone masters
+ statement to allow authentication via TSIG keys:
+
+ masters {
+ 10.0.0.1 port 5353 key "foo";
+ 10.0.0.2 ;
+ };
+
+ 340. [bug] The top-level COPYRIGHT file was missing from
+ the distribution.
+
+ 339. [bug] DNSSEC validation of the response to an ANY
+ query at a name with a CNAME RR in a secure
+ zone triggered an assertion failure.
+
+ 338. [bug] lwresd logged to syslog as named, not lwresd.
+
+ 337. [bug] "dig" did not recognize "nsap-ptr" as an RR type
+ on the command line.
+
+ 336. [bug] "dig -f" used 64 k of memory for each line in
+ the file. It now uses much less, though still
+ proportionally to the file size.
+
+ 335. [bug] named would occasionally attempt recursion when
+ it was disallowed or undesired.
+
+ 334. [func] Added hmac-md5 to libisc.
+
+ 333. [bug] The resolver incorrectly accepted referrals to
+ domains that were not parents of the query name,
+ causing assertion failures.
+
+ 332. [func] New function dns_name_reset().
+
+ 331. [bug] Only log "recursion denied" if RD is set. [RT #178]
+
+ 330. [bug] Many debugging messages were partially formatted
+ even when debugging was turned off, causing a
+ significant decrease in query performance.
+
+ 329. [func] omapi_auth_register() now takes a size_t argument for
+ the length of a key's secret data. Previously
+ OMAPI only stored secrets up to the first NUL byte.
+
+ 328. [func] Added isc_base64_decodestring().
+
+ 327. [bug] rndc.conf parser wasn't correctly recognizing an IP
+ address where a host specification was required.
+
+ 326. [func] 'keys' in an 'inet' control statement is now
+ required and must have at least one item in it.
+ A "not supported" warning is now issued if a 'unix'
+ control channel is defined.
+
+ 325. [bug] isc_lex_gettoken was processing octal strings when
+ ISC_LEXOPT_CNUMBER was not set.
+
+ 324. [func] In the resolver, turn EDNS0 off if there is no
+ response after a number of retransmissions.
+ This is to allow queries some chance of succeeding
+ even if all the authoritative servers of a zone
+ silently discard EDNS0 requests instead of
+ sending an error response like they ought to.
+
+ 323. [bug] dns_rbt_findname() did not ignore empty rbt nodes.
+ Because of this, servers authoritative for a parent
+ and grandchild zone but not authoritative for the
+ intervening child zone did not correctly issue
+ referrals to the servers of the child zone.
+
+ 322. [bug] Queries for KEY RRs are now sent to the parent
+ server before the authoritative one, making
+ DNSSEC insecurity proofs work in many cases
+ where they previously didn't.
+
+ 321. [bug] When synthesizing a CNAME RR for a DNAME
+ response, query_addcname() failed to initialize
+ the type and class of the CNAME dns_rdata_t,
+ causing random failures.
+
+ 320. [func] Multiple rndc changes: parses an rndc.conf file,
+ uses authentication to talk to named, command
+ line syntax changed. This will all be described
+ in the ARM.
+
+ 319. [func] The named.conf "controls" statement is now used
+ to configure the OMAPI command channel.
+
+ 318. [func] dns_c_ndcctx_destroy() could never return anything
+ except ISC_R_SUCCESS; made it have void return instead.
+
+ 317. [func] Use callbacks from libomapi to determine if a
+ new connection is valid, and if a key requested
+ to be used with that connection is valid.
+
+ 316. [bug] Generate a warning if we detect an unexpected <eof>
+ but treat as <eol><eof>.
+
+ 315. [bug] Handle non-empty blanks lines. [RT #163]
+
+ 314. [func] The named.conf controls statement can now have
+ more than one key specified for the inet clause.
+
+ 313. [bug] When parsing resolv.conf, don't terminate on an
+ error. Instead, parse as much as possible, but
+ still return an error if one was found.
+
+ 312. [bug] Increase the number of allowed elements in the
+ resolv.conf search path from 6 to 8. If there
+ are more than this, ignore the remainder rather
+ than returning a failure in lwres_conf_parse.
+
+ 311. [bug] lwres_conf_parse failed when the first line of
+ resolv.conf was empty or a comment.
+
+ 310. [func] Changes to named.conf "controls" statement (inet
+ subtype only)
+
+ - support "keys" clause
+
+ controls {
+ inet * port 1024
+ allow { any; } keys { "foo"; }
+ }
+
+ - allow "port xxx" to be left out of statement,
+ in which case it defaults to omapi's default port
+ of 953.
+
+ 309. [bug] When sending a referral, the server did not look
+ for name server addresses as glue in the zone
+ holding the NS RRset in the case where this zone
+ was not the same as the one where it looked for
+ name server addresses as authoritative data.
+
+ 308. [bug] Treat a SOA record not at top of zone as an error
+ when loading a zone. [RT #154]
+
+ 307. [bug] When canceling a query, the resolver didn't check for
+ isc_socket_sendto() calls that did not yet have their
+ completion events posted, so it could (rarely) end up
+ destroying the query context and then want to use
+ it again when the send event posted, triggering an
+ assertion as it tried to cancel an already-canceled
+ query. [RT #77]
+
+ 306. [bug] Reading HMAC-MD5 private key files didn't work.
+
+ 305. [bug] When reloading the server with a config file
+ containing a syntax error, it could catch an
+ assertion failure trying to perform zone
+ maintenance on tentatively created zones whose
+ views were never fully configured and lacked
+ an address database.
+
+ 304. [bug] If more than LWRES_CONFMAXNAMESERVERS servers
+ are listed in resolv.conf, silently ignore them
+ instead of returning failure.
+
+ 303. [bug] Add additional sanity checks to differentiate a AXFR
+ response vs a IXFR response. [RT #157]
+
+ 302. [bug] In dig, host, and nslookup, MXNAME should be large
+ enough to hold any legal domain name in presentation
+ format + terminating NULL.
+
+ 301. [bug] Uninitialized pointer in host:printmessage(). [RT #159]
+
+ 300. [bug] Using both <isc/net.h> and <lwres/net.h> didn't work
+ on platforms lacking IPv6 because each included their
+ own ipv6 header file for the missing definitions. Now
+ each library's ipv6.h defines the wrapper symbol of
+ the other (ISC_IPV6_H and LWRES_IPV6_H).
+
+ 299. [cleanup] Get the user and group information before changing the
+ root directory, so the administrator does not need to
+ keep a copy of the user and group databases in the
+ chroot'ed environment. Suggested by Hakan Olsson.
+
+ 298. [bug] A mutex deadlock occurred during shutdown of the
+ interface manager under certain conditions.
+ Digital Unix systems were the most affected.
+
+ 297. [bug] Specifying a key name that wasn't fully qualified
+ in certain parts of the config file could cause
+ an assertion failure.
+
+ 296. [bug] "make install" from a separate build directory
+ failed unless configure had been run in the source
+ directory, too.
+
+ 295. [bug] When invoked with type==CNAME and a message
+ not constructed by dns_message_parse(),
+ dns_message_findname() failed to find anything
+ due to checking for attribute bits that are set
+ only in dns_message_parse(). This caused an
+ infinite loop when constructing the response to
+ an ANY query at a CNAME in a secure zone.
+
+ 294. [bug] If we run out of space in while processing glue
+ when reading a master file and commit "current name"
+ reverts to "name_current" instead of staying as
+ "name_glue".
+
+ 293. [port] Add support for FreeBSD 4.0 system tests.
+
+ 292. [bug] Due to problems with the way some operating systems
+ handle simultaneous listening on IPv4 and IPv6
+ addresses, the server no longer listens on IPv6
+ addresses by default. To revert to the previous
+ behavior, specify "listen-on-v6 { any; };" in
+ the config file.
+
+ 291. [func] Caching servers no longer send outgoing queries
+ over TCP just because the incoming recursive query
+ was a TCP one.
+
+ 290. [cleanup] +twiddle option to dig (for testing only) removed.
+
+ 289. [cleanup] dig is now installed in $bindir instead of $sbindir.
+ host is now installed in $bindir. (Be sure to remove
+ any $sbindir/dig from a previous release.)
+
+ 288. [func] rndc is now installed by "make install" into $sbindir.
+
+ 287. [bug] rndc now works again as "rndc 127.1 reload" (for
+ only that task). Parsing its configuration file and
+ using digital signatures for authentication has been
+ disabled until named supports the "controls" statement,
+ post-9.0.0.
+
+ 286. [bug] On Solaris 2, when named inherited a signal state
+ where SIGHUP had the SIG_IGN action, SIGHUP would
+ be ignored rather than causing the server to reload
+ its configuration.
+
+ 285. [bug] A change made to the dst API for beta4 inadvertently
+ broke OMAPI's creation of a dst key from an incoming
+ message, causing an assertion to be triggered. Fixed.
+
+ 284. [func] The DNSSEC key generation and signing tools now
+ generate randomness from keyboard input on systems
+ that lack /dev/random.
+
+ 283. [cleanup] The 'lwresd' program is now a link to 'named'.
+
+ 282. [bug] The lexer now returns ISC_R_RANGE if parsed integer is
+ too big for an unsigned long.
+
+ 281. [bug] Fixed list of recognized config file category names.
+
+ 280. [func] Add isc-config.sh, which can be used to more
+ easily build applications that link with
+ our libraries.
+
+ 279. [bug] Private omapi function symbols shared between
+ two or more files in libomapi.a were not namespace
+ protected using the ISC convention of starting with
+ the library name and two underscores ("omapi__"...)
+
+ 278. [bug] bin/named/logconf.c:category_fromconf() didn't take
+ note of when isc_log_categorybyname() wasn't able
+ to find the category name and would then apply the
+ channel list of the unknown category to all categories.
+
+ 277. [bug] isc_log_categorybyname() and isc_log_modulebyname()
+ would fail to find the first member of any category
+ or module array apart from the internal defaults.
+ Thus, for example, the "notify" category was improperly
+ configured by named.
+
+ 276. [bug] dig now supports maximum sized TCP messages.
+
+ 275. [bug] The definition of lwres_gai_strerror() was missing
+ the lwres_ prefix.
+
+ 274. [bug] TSIG AXFR verify failed when talking to a BIND 8
+ server.
+
+ 273. [func] The default for the 'transfer-format' option is
+ now 'many-answers'. This will break zone transfers
+ to BIND 4.9.5 and older unless there is an explicit
+ 'one-answer' configuration.
+
+ 272. [bug] The sending of large TCP responses was canceled
+ in mid-transmission due to a race condition
+ caused by the failure to set the client object's
+ "newstate" variable correctly when transitioning
+ to the "working" state.
+
+ 271. [func] Attempt to probe the number of cpus in named
+ if unspecified rather than defaulting to 1.
+
+ 270. [func] Allow maximum sized TCP answers.
+
+ 269. [bug] Failed DNSSEC validations could cause an assertion
+ failure by causing clone_results() to be called with
+ with hevent->node == NULL.
+
+ 268. [doc] A plain text version of the Administrator
+ Reference Manual is now included in the distribution,
+ as doc/arm/Bv9ARM.txt.
+
+ 267. [func] Nsupdate is now provided in the distribution.
+
+ 266. [bug] zone.c:save_nsrrset() node was not initialized.
+
+ 265. [bug] dns_request_create() now works for TCP.
+
+ 264. [func] Dispatch can not take TCP sockets in connecting
+ state. Set DNS_DISPATCHATTR_CONNECTED when calling
+ dns_dispatch_createtcp() for connected TCP sockets
+ or call dns_dispatch_starttcp() when the socket is
+ connected.
+
+ 263. [func] New logging channel type 'stderr'
+
+ channel some-name {
+ stderr;
+ severity error;
+ }
+
+ 262. [bug] 'master' was not initialized in zone.c:stub_callback().
+
+ 261. [func] Add dns_zone_markdirty().
+
+ 260. [bug] Running named as a non-root user failed on Linux
+ kernels new enough to support retaining capabilities
+ after setuid().
+
+ 259. [func] New random-device and random-seed-file statements
+ for global options block of named.conf. Both accept
+ a single string argument.
+
+ 258. [bug] Fixed printing of lwres_addr_t.address field.
+
+ 257. [bug] The server detached the last zone manager reference
+ too early, while it could still be in use by queries.
+ This manifested itself as assertion failures during the
+ shutdown process for busy name servers. [RT #133]
+
+ 256. [func] isc_ratelimiter_t now has attach/detach semantics, and
+ isc_ratelimiter_shutdown guarantees that the rate
+ limiter is detached from its task.
+
+ 255. [func] New function dns_zonemgr_attach().
+
+ 254. [bug] Suppress "query denied" messages on additional data
+ lookups.
+
+ --- 9.0.0b4 released ---
+
+ 253. [func] resolv.conf parser now recognizes ';' and '#' as
+ comments (anywhere in line, not just as the beginning).
+
+ 252. [bug] resolv.conf parser mishandled masks on sortlists.
+ It also aborted when an unrecognized keyword was seen,
+ now it silently ignores the entire line.
+
+ 251. [bug] lwresd caught an assertion failure on startup.
+
+ 250. [bug] fixed handling of size+unit when value would be too
+ large for internal representation.
+
+ 249. [cleanup] max-cache-size config option now takes a size-spec
+ like 'datasize', except 'default' is not allowed.
+
+ 248. [bug] global lame-ttl option was not being printed when
+ config structures were written out.
+
+ 247. [cleanup] Rename cache-size config option to max-cache-size.
+
+ 246. [func] Rename global option cachesize to cache-size and
+ add corresponding option to view statement.
+
+ 245. [bug] If an uncompressed name will take more than 255
+ bytes and the buffer is sufficiently long,
+ dns_name_fromwire should return DNS_R_FORMERR,
+ not ISC_R_NOSPACE. This bug caused cause the
+ server to catch an assertion failure when it
+ received a query for a name longer than 255
+ bytes.
+
+ 244. [bug] empty named.conf file and empty options statement are
+ now parsed properly.
+
+ 243. [func] new cachesize option for named.conf
+
+ 242. [cleanup] fixed incorrect warning about auth-nxdomain usage.
+
+ 241. [cleanup] nscount and soacount have been removed from the
+ dns_master_*() argument lists.
+
+ 240. [func] databases now come in three flavours: zone, cache
+ and stub.
+
+ 239. [func] If ISC_MEM_DEBUG is enabled, the variable
+ isc_mem_debugging controls whether messages
+ are printed or not.
+
+ 238. [cleanup] A few more compilation warnings have been quieted:
+ + missing sigwait prototype on BSD/OS 4.0/4.0.1.
+ + PTHREAD_ONCE_INIT unbraced initializer warnings on
+ Solaris 2.8.
+ + IN6ADDR_ANY_INIT unbraced initializer warnings on
+ BSD/OS 4.*, Linux and Solaris 2.8.
+
+ 237. [bug] If connect() returned ENOBUFS when the resolver was
+ initiating a TCP query, the socket didn't get
+ destroyed, and the server did not shut down cleanly.
+
+ 236. [func] Added new listen-on-v6 config file statement.
+
+ 235. [func] Consider it a config file error if a listen-on
+ statement has an IPv6 address in it, or a
+ listen-on-v6 statement has an IPv4 address in it.
+
+ 234. [bug] Allow a trusted-key's first field (domain-name) be
+ either a quoted or an unquoted string, instead of
+ requiring a quoted string.
+
+ 233. [cleanup] Convert all config structure integer values to unsigned
+ integer (isc_uint32_t) to match grammar.
+
+ 232. [bug] Allow slave zones to not have a file.
+
+ 231. [func] Support new 'port' clause in config file options
+ section. Causes 'listen-on', 'masters' and
+ 'also-notify' statements to use its value instead of
+ default (53).
+
+ 230. [func] Replace the dst sign/verify API with a cleaner one.
+
+ 229. [func] Support config file sig-validity-interval statement
+ in options, views and zone statements (master
+ zones only).
+
+ 228. [cleanup] Logging messages in config module stripped of
+ trailing period.
+
+ 227. [cleanup] The enumerated identifiers dns_rdataclass_*,
+ dns_rcode_*, dns_opcode_*, and dns_trust_* are
+ also now cast to their appropriate types, as with
+ dns_rdatatype_* in item number 225 below.
+
+ 226. [func] dns_name_totext() now always prints the root name as
+ '.', even when omit_final_dot is true.
+
+ 225. [cleanup] The enumerated dns_rdatatype_* identifiers are now
+ cast to dns_rdatatype_t via macros of their same name
+ so that they are of the proper integral type wherever
+ a dns_rdatatype_t is needed.
+
+ 224. [cleanup] The entire project builds cleanly with gcc's
+ -Wcast-qual and -Wwrite-strings warnings enabled,
+ which is now the default when using gcc. (Warnings
+ from confparser.c, because of yacc's code, are
+ unfortunately to be expected.)
+
+ 223. [func] Several functions were re-prototyped to qualify one
+ or more of their arguments with "const". Similarly,
+ several functions that return pointers now have
+ those pointers qualified with const.
+
+ 222. [bug] The global 'also-notify' option was ignored.
+
+ 221. [bug] An uninitialized variable was sometimes passed to
+ dns_rdata_freestruct() when loading a zone, causing
+ an assertion failure.
+
+ 220. [cleanup] Set the default outgoing port in the view, and
+ set it in sockaddrs returned from the ADB.
+ [31-May-2000 explorer]
+
+ 219. [bug] Signed truncated messages more correctly follow
+ the respective specs.
+
+ 218. [func] When an rdataset is signed, its ttl is normalized
+ based on the signature validity period.
+
+ 217. [func] Also-notify and trusted-keys can now be used in
+ the 'view' statement.
+
+ 216. [func] The 'max-cache-ttl' and 'max-ncache-ttl' options
+ now work.
+
+ 215. [bug] Failures at certain points in request processing
+ could cause the assertion INSIST(client->lockview
+ == NULL) to be triggered.
+
+ 214. [func] New public function isc_netaddr_format(), for
+ formatting network addresses in log messages.
+
+ 213. [bug] Don't leak memory when reloading the zone if
+ an update-policy clause was present in the old zone.
+
+ 212. [func] Added dns_message_get/settsigkey, to make TSIG
+ key management reasonable.
+
+ 211. [func] The 'key' and 'server' statements can now occur
+ inside 'view' statements.
+
+ 210. [bug] The 'allow-transfer' option was ignored for slave
+ zones, and the 'transfers-per-ns' option was
+ was ignored for all zones.
+
+ 209. [cleanup] Upgraded openssl files to new version 0.9.5a
+
+ 208. [func] Added ISC_OFFSET_MAXIMUM for the maximum value
+ of an isc_offset_t.
+
+ 207. [func] The dnssec tools properly use the logging subsystem.
+
+ 206. [cleanup] dst now stores the key name as a dns_name_t, not
+ a char *.
+
+ 205. [cleanup] On IRIX, turn off the mostly harmless warnings 1692
+ ("prototyped function redeclared without prototype")
+ and 1552 ("variable ... set but not used") when
+ compiling in the lib/dns/sec/{dnssafe,openssl}
+ directories, which contain code imported from outside
+ sources.
+
+ 204. [cleanup] On HP/UX, pass +vnocompatwarnings to the linker
+ to quiet the warnings that "The linked output may not
+ run on a PA 1.x system."
+
+ 203. [func] notify and zone soa queries are now tsig signed when
+ appropriate.
+
+ 202. [func] isc_lex_getsourceline() changed from returning int
+ to returning unsigned long, the type of its underlying
+ counter.
+
+ 201. [cleanup] Removed the test/sdig program, it has been
+ replaced by bin/dig/dig.
+
+ --- 9.0.0b3 released ---
+
+ 200. [bug] Failures in sending query responses to clients
+ (e.g., running out of network buffers) were
+ not logged.
+
+ 199. [bug] isc_heap_delete() sometimes violated the heap
+ invariant, causing timer events not to be posted
+ when due.
+
+ 198. [func] Dispatch managers hold memory pools which
+ any managed dispatcher may use. This allows
+ us to avoid dipping into the memory context for
+ most allocations. [19-May-2000 explorer]
+
+ 197. [bug] When an incoming AXFR or IXFR completes, the
+ zone's internal state is refreshed from the
+ SOA data. [19-May-2000 explorer]
+
+ 196. [func] Dispatchers can be shared easily between views
+ and/or interfaces. [19-May-2000 explorer]
+
+ 195. [bug] Including the NXT record of the root domain
+ in a negative response caused an assertion
+ failure.
+
+ 194. [doc] The PDF version of the Administrator's Reference
+ Manual is no longer included in the ISC BIND9
+ distribution.
+
+ 193. [func] changed dst_key_free() prototype.
+
+ 192. [bug] Zone configuration validation is now done at end
+ of config file parsing, and before loading
+ callbacks.
+
+ 191. [func] Patched to compile on UnixWare 7.x. This platform
+ is not directly supported by the ISC.
+
+ 190. [cleanup] The DNSSEC tools have been moved to a separate
+ directory dnssec/ and given the following new,
+ more descriptive names:
+
+ dnssec-keygen
+ dnssec-signzone
+ dnssec-signkey
+ dnssec-makekeyset
+
+ Their command line arguments have also been changed to
+ be more consistent. dnssec-keygen now prints the
+ name of the generated key files (sans extension)
+ on standard output to simplify its use in automated
+ scripts.
+
+ 189. [func] isc_time_secondsastimet(), a new function, will ensure
+ that the number of seconds in an isc_time_t does not
+ exceed the range of a time_t, or return ISC_R_RANGE.
+ Similarly, isc_time_now(), isc_time_nowplusinterval(),
+ isc_time_add() and isc_time_subtract() now check the
+ range for overflow/underflow. In the case of
+ isc_time_subtract, this changed a calling requirement
+ (ie, something that could generate an assertion)
+ into merely a condition that returns an error result.
+ isc_time_add() and isc_time_subtract() were void-
+ valued before but now return isc_result_t.
+
+ 188. [func] Log a warning message when an incoming zone transfer
+ contains out-of-zone data.
+
+ 187. [func] isc_ratelimiter_enqueue() has an additional argument
+ 'task'.
+
+ 186. [func] dns_request_getresponse() has an additional argument
+ 'preserve_order'.
+
+ 185. [bug] Fixed up handling of ISC_MEMCLUSTER_LEGACY. Several
+ public functions did not have an isc__ prefix, and
+ referred to functions that had previously been
+ renamed.
+
+ 184. [cleanup] Variables/functions which began with two leading
+ underscores were made to conform to the ANSI/ISO
+ standard, which says that such names are reserved.
+
+ 183. [func] ISC_LOG_PRINTTAG option for log channels. Useful
+ for logging the program name or other identifier.
+
+ 182. [cleanup] New command-line parameters for dnssec tools
+
+ 181. [func] Added dst_key_buildfilename and dst_key_parsefilename
+
+ 180. [func] New isc_result_t ISC_R_RANGE. Supersedes DNS_R_RANGE.
+
+ 179. [func] options named.conf statement *must* now come
+ before any zone or view statements.
+
+ 178. [func] Post-load of named.conf check verifies a slave zone
+ has non-empty list of masters defined.
+
+ 177. [func] New per-zone boolean:
+
+ enable-zone yes | no ;
+
+ intended to let a zone be disabled without having
+ to comment out the entire zone statement.
+
+ 176. [func] New global and per-view option:
+
+ max-cache-ttl number
+
+ 175. [func] New global and per-view option:
+
+ additional-data internal | minimal | maximal;
+
+ 174. [func] New public function isc_sockaddr_format(), for
+ formatting socket addresses in log messages.
+
+ 173. [func] Keep a queue of zones waiting for zone transfer
+ quota so that a new transfer can be dispatched
+ immediately whenever quota becomes available.
+
+ 172. [bug] $TTL directive was sometimes missing from dumped
+ master files because totext_ctx_init() failed to
+ initialize ctx->current_ttl_valid.
+
+ 171. [cleanup] On NetBSD systems, the mit-pthreads or
+ unproven-pthreads library is now always used
+ unless --with-ptl2 is explicitly specified on
+ the configure command line. The
+ --with-mit-pthreads option is no longer needed
+ and has been removed.
+
+ 170. [cleanup] Remove inter server consistency checks from zone,
+ these should return as a separate module in 9.1.
+ dns_zone_checkservers(), dns_zone_checkparents(),
+ dns_zone_checkchildren(), dns_zone_checkglue().
+
+ Remove dns_zone_setadb(), dns_zone_setresolver(),
+ dns_zone_setrequestmgr() these should now be found
+ via the view.
+
+ 169. [func] ratelimiter can now process N events per interval.
+
+ 168. [bug] include statements in named.conf caused syntax errors
+ due to not consuming the semicolon ending the include
+ statement before switching input streams.
+
+ 167. [bug] Make lack of masters for a slave zone a soft error.
+
+ 166. [bug] Keygen was overwriting existing keys if key_id
+ conflicted, now it will retry, and non-null keys
+ with key_id == 0 are not generated anymore. Key
+ was not able to generate NOAUTHCONF DSA key,
+ increased RSA key size to 2048 bits.
+
+ 165. [cleanup] Silence "end-of-loop condition not reached" warnings
+ from Solaris compiler.
+
+ 164. [func] Added functions isc_stdio_open(), isc_stdio_close(),
+ isc_stdio_seek(), isc_stdio_read(), isc_stdio_write(),
+ isc_stdio_flush(), isc_stdio_sync(), isc_file_remove()
+ to encapsulate nonportable usage of errno and sync.
+
+ 163. [func] Added result codes ISC_R_FILENOTFOUND and
+ ISC_R_FILEEXISTS.
+
+ 162. [bug] Ensure proper range for arguments to ctype.h functions.
+
+ 161. [cleanup] error in yyparse prototype that only HPUX caught.
+
+ 160. [cleanup] getnet*() are not going to be implemented at this
+ stage.
+
+ 159. [func] Redefinition of config file elements is now an
+ error (instead of a warning).
+
+ 158. [bug] Log channel and category list copy routines
+ weren't assigning properly to output parameter.
+
+ 157. [port] Fix missing prototype for getopt().
+
+ 156. [func] Support new 'database' statement in zone.
+
+ database "quoted-string";
+
+ 155. [bug] ns_notify_start() was not detaching the found zone.
+
+ 154. [func] The signer now logs libdns warnings to stderr even when
+ not verbose, and in a nicer format.
+
+ 153. [func] dns_rdata_tostruct() 'mctx' is now optional. If 'mctx'
+ is NULL then you need to preserve the 'rdata' until
+ you have finished using the structure as there may be
+ references to the associated memory. If 'mctx' is
+ non-NULL it is guaranteed that there are no references
+ to memory associated with 'rdata'.
+
+ dns_rdata_freestruct() must be called if 'mctx' was
+ non-NULL and may safely be called if 'mctx' was NULL.
+
+ 152. [bug] keygen dumped core if domain name argument was omitted
+ from command line.
+
+ 151. [func] Support 'disabled' statement in zone config (causes
+ zone to be parsed and then ignored). Currently must
+ come after the 'type' clause.
+
+ 150. [func] Support optional ports in masters and also-notify
+ statements:
+
+ masters [ port xxx ] { y.y.y.y [ port zzz ] ; }
+
+ 149. [cleanup] Removed unused argument 'olist' from
+ dns_c_view_unsetordering().
+
+ 148. [cleanup] Stop issuing some warnings about some configuration
+ file statements that were not implemented, but now are.
+
+ 147. [bug] Changed yacc union size to be smaller for yaccs that
+ put yacc-stack on the real stack.
+
+ 146. [cleanup] More general redundant header file cleanup. Rather
+ than continuing to itemize every header which changed,
+ this changelog entry just notes that if a header file
+ did not need another header file that it was including
+ in order to provide its advertised functionality, the
+ inclusion of the other header file was removed. See
+ util/check-includes for how this was tested.
+
+ 145. [cleanup] Added <isc/lang.h> and ISC_LANG_BEGINDECLS/
+ ISC_LANG_ENDDECLS to header files that had function
+ prototypes, and removed it from those that did not.
+
+ 144. [cleanup] libdns header files too numerous to name were made
+ to conform to the same style for multiple inclusion
+ protection.
+
+ 143. [func] Added function dns_rdatatype_isknown().
+
+ 142. [cleanup] <isc/stdtime.h> does not need <time.h> or
+ <isc/result.h>.
+
+ 141. [bug] Corrupt requests with multiple questions could
+ cause an assertion failure.
+
+ 140. [cleanup] <isc/time.h> does not need <time.h> or <isc/result.h>.
+
+ 139. [cleanup] <isc/net.h> now includes <isc/types.h> instead of
+ <isc/int.h> and <isc/result.h>.
+
+ 138. [cleanup] isc_strtouq moved from str.[ch] to string.[ch] and
+ renamed isc_string_touint64. isc_strsep moved from
+ strsep.c to string.c and renamed isc_string_separate.
+
+ 137. [cleanup] <isc/commandline.h>, <isc/mem.h>, <isc/print.h>
+ <isc/serial.h>, <isc/string.h> and <isc/offset.h>
+ made to conform to the same style for multiple
+ inclusion protection.
+
+ 136. [cleanup] <isc/commandline.h>, <isc/interfaceiter.h>,
+ <isc/net.h> and Win32's <isc/thread.h> needed
+ ISC_LANG_BEGINDECLS/ISC_LANG_ENDDECLS.
+
+ 135. [cleanup] Win32's <isc/condition.h> did not need <isc/result.h>
+ or <isc/boolean.h>, now uses <isc/types.h> in place
+ of <isc/time.h>, and needed ISC_LANG_BEGINDECLS
+ and ISC_LANG_ENDDECLS.
+
+ 134. [cleanup] <isc/dir.h> does not need <limits.h>.
+
+ 133. [cleanup] <isc/ipv6.h> needs <isc/platform.h>.
+
+ 132. [cleanup] <isc/app.h> does not need <isc/task.h>, but does
+ need <isc/eventclass.h>.
+
+ 131. [cleanup] <isc/mutex.h> and <isc/util.h> need <isc/result.h>
+ for ISC_R_* codes used in macros.
+
+ 130. [cleanup] <isc/condition.h> does not need <pthread.h> or
+ <isc/boolean.h>, and now includes <isc/types.h>
+ instead of <isc/time.h>.
+
+ 129. [bug] The 'default_debug' log channel was not set up when
+ 'category default' was present in the config file
+
+ 128. [cleanup] <isc/dir.h> had ISC_LANG_BEGINDECLS instead of
+ ISC_LANG_ENDDECLS at end of header.
+
+ 127. [cleanup] The contracts for the comparison routines
+ dns_name_fullcompare(), dns_name_compare(),
+ dns_name_rdatacompare(), and dns_rdata_compare() now
+ specify that the order value returned is < 0, 0, or > 0
+ instead of -1, 0, or 1.
+
+ 126. [cleanup] <isc/quota.h> and <isc/taskpool.h> need <isc/lang.h>.
+
+ 125. [cleanup] <isc/eventclass.h>, <isc/ipv6.h>, <isc/magic.h>,
+ <isc/mutex.h>, <isc/once.h>, <isc/region.h>, and
+ <isc/resultclass.h> do not need <isc/lang.h>.
+
+ 124. [func] signer now imports parent's zone key signature
+ and creates null keys/sets zone status bit for
+ children when necessary
+
+ 123. [cleanup] <isc/event.h> does not need <stddef.h>.
+
+ 122. [cleanup] <isc/task.h> does not need <isc/mem.h> or
+ <isc/result.h>.
+
+ 121. [cleanup] <isc/symtab.h> does not need <isc/mem.h> or
+ <isc/result.h>. Multiple inclusion protection
+ symbol fixed from ISC_SYMBOL_H to ISC_SYMTAB_H.
+ isc_symtab_t moved to <isc/types.h>.
+
+ 120. [cleanup] <isc/socket.h> does not need <isc/boolean.h>,
+ <isc/bufferlist.h>, <isc/task.h>, <isc/mem.h> or
+ <isc/net.h>.
+
+ 119. [cleanup] structure definitions for generic rdata structures do
+ not have _generic_ in their names.
+
+ 118. [cleanup] libdns.a is now namespace-clean, on NetBSD, excepting
+ YACC crust (yyparse, etc) [2000-apr-27 explorer]
+
+ 117. [cleanup] libdns.a changes:
+ dns_zone_clearnotify() and dns_zone_addnotify()
+ are replaced by dns_zone_setnotifyalso().
+ dns_zone_clearmasters() and dns_zone_addmaster()
+ are replaced by dns_zone_setmasters().
+
+ 116. [func] Added <isc/offset.h> for isc_offset_t (aka off_t
+ on Unix systems).
+
+ 115. [port] Shut up the -Wmissing-declarations warning about
+ <stdio.h>'s __sputaux on BSD/OS pre-4.1.
+
+ 114. [cleanup] <isc/sockaddr.h> does not need <isc/buffer.h> or
+ <isc/list.h>.
+
+ 113. [func] Utility programs dig and host added.
+
+ 112. [cleanup] <isc/serial.h> does not need <isc/boolean.h>.
+
+ 111. [cleanup] <isc/rwlock.h> does not need <isc/result.h> or
+ <isc/mutex.h>.
+
+ 110. [cleanup] <isc/result.h> does not need <isc/boolean.h> or
+ <isc/list.h>.
+
+ 109. [bug] "make depend" did nothing for
+ bin/tests/{db,mem,sockaddr,tasks,timers}/.
+
+ 108. [cleanup] DNS_SETBIT/DNS_GETBIT/DNS_CLEARBIT moved from
+ <dns/types.h> to <dns/bit.h> and renamed to
+ DNS_BIT_SET/DNS_BIT_GET/DNS_BIT_CLEAR.
+
+ 107. [func] Add keysigner and keysettool.
+
+ 106. [func] Allow dnssec verifications to ignore the validity
+ period. Used by several of the dnssec tools.
+
+ 105. [doc] doc/dev/coding.html expanded with other
+ implicit conventions the developers have used.
+
+ 104. [bug] Made compress_add and compress_find static to
+ lib/dns/compress.c.
+
+ 103. [func] libisc buffer API changes for <isc/buffer.h>:
+ Added:
+ isc_buffer_base(b) (pointer)
+ isc_buffer_current(b) (pointer)
+ isc_buffer_active(b) (pointer)
+ isc_buffer_used(b) (pointer)
+ isc_buffer_length(b) (int)
+ isc_buffer_usedlength(b) (int)
+ isc_buffer_consumedlength(b) (int)
+ isc_buffer_remaininglength(b) (int)
+ isc_buffer_activelength(b) (int)
+ isc_buffer_availablelength(b) (int)
+ Removed:
+ ISC_BUFFER_USEDCOUNT(b)
+ ISC_BUFFER_AVAILABLECOUNT(b)
+ isc_buffer_type(b)
+ Changed names:
+ isc_buffer_used(b, r) ->
+ isc_buffer_usedregion(b, r)
+ isc_buffer_available(b, r) ->
+ isc_buffer_available_region(b, r)
+ isc_buffer_consumed(b, r) ->
+ isc_buffer_consumedregion(b, r)
+ isc_buffer_active(b, r) ->
+ isc_buffer_activeregion(b, r)
+ isc_buffer_remaining(b, r) ->
+ isc_buffer_remainingregion(b, r)
+
+ Buffer types were removed, so the ISC_BUFFERTYPE_*
+ macros are no more, and the type argument to
+ isc_buffer_init and isc_buffer_allocate were removed.
+ isc_buffer_putstr is now void (instead of isc_result_t)
+ and requires that the caller ensure that there
+ is enough available buffer space for the string.
+
+ 102. [port] Correctly detect inet_aton, inet_pton and inet_ptop
+ on BSD/OS 4.1.
+
+ 101. [cleanup] Quieted EGCS warnings from lib/isc/print.c.
+
+ 100. [cleanup] <isc/random.h> does not need <isc/int.h> or
+ <isc/mutex.h>. isc_random_t moved to <isc/types.h>.
+
+ 99. [cleanup] Rate limiter now has separate shutdown() and
+ destroy() functions, and it guarantees that all
+ queued events are delivered even in the shutdown case.
+
+ 98. [cleanup] <isc/print.h> does not need <stdarg.h> or <stddef.h>
+ unless ISC_PLATFORM_NEEDVSNPRINTF is defined.
+
+ 97. [cleanup] <isc/ondestroy.h> does not need <stddef.h> or
+ <isc/event.h>.
+
+ 96. [cleanup] <isc/mutex.h> does not need <isc/result.h>.
+
+ 95. [cleanup] <isc/mutexblock.h> does not need <isc/result.h>.
+
+ 94. [cleanup] Some installed header files did not compile as C++.
+
+ 93. [cleanup] <isc/msgcat.h> does not need <isc/result.h>.
+
+ 92. [cleanup] <isc/mem.h> does not need <stddef.h>, <isc/boolean.h>,
+ or <isc/result.h>.
+
+ 91. [cleanup] <isc/log.h> does not need <sys/types.h> or
+ <isc/result.h>.
+
+ 90. [cleanup] Removed unneeded ISC_LANG_BEGINDECLS/ISC_LANG_ENDDECLS
+ from <named/listenlist.h>.
+
+ 89. [cleanup] <isc/lex.h> does not need <stddef.h>.
+
+ 88. [cleanup] <isc/interfaceiter.h> does not need <isc/result.h> or
+ <isc/mem.h>. isc_interface_t and isc_interfaceiter_t
+ moved to <isc/types.h>.
+
+ 87. [cleanup] <isc/heap.h> does not need <isc/boolean.h>,
+ <isc/mem.h> or <isc/result.h>.
+
+ 86. [cleanup] isc_bufferlist_t moved from <isc/bufferlist.h> to
+ <isc/types.h>.
+
+ 85. [cleanup] <isc/bufferlist.h> does not need <isc/buffer.h>,
+ <isc/list.h>, <isc/mem.h>, <isc/region.h> or
+ <isc/int.h>.
+
+ 84. [func] allow-query ACL checks now apply to all data
+ added to a response.
+
+ 83. [func] If the server is authoritative for both a
+ delegating zone and its (nonsecure) delegatee, and
+ a query is made for a KEY RR at the top of the
+ delegatee, then the server will look for a KEY
+ in the delegator if it is not found in the delegatee.
+
+ 82. [cleanup] <isc/buffer.h> does not need <isc/list.h>.
+
+ 81. [cleanup] <isc/int.h> and <isc/boolean.h> do not need
+ <isc/lang.h>.
+
+ 80. [cleanup] <isc/print.h> does not need <stdio.h> or <stdlib.h>.
+
+ 79. [cleanup] <dns/callbacks.h> does not need <stdio.h>.
+
+ 78. [cleanup] lwres_conftest renamed to lwresconf_test for
+ consistency with other *_test programs.
+
+ 77. [cleanup] typedef of isc_time_t and isc_interval_t moved from
+ <isc/time.h> to <isc/types.h>.
+
+ 76. [cleanup] Rewrote keygen.
+
+ 75. [func] Don't load a zone if its database file is older
+ than the last time the zone was loaded.
+
+ 74. [cleanup] Removed mktemplate.o and ufile.o from libisc.a,
+ subsumed by file.o.
+
+ 73. [func] New "file" API in libisc, including new function
+ isc_file_getmodtime, isc_mktemplate renamed to
+ isc_file_mktemplate and isc_ufile renamed to
+ isc_file_openunique. By no means an exhaustive API,
+ it is just what's needed for now.
+
+ 72. [func] DNS_RBTFIND_NOPREDECESSOR and DNS_RBTFIND_NOOPTIONS
+ added for dns_rbt_findnode, the former to disable the
+ setting of the chain to the predecessor, and the
+ latter to make clear when no options are set.
+
+ 71. [cleanup] Made explicit the implicit REQUIREs of
+ isc_time_seconds, isc_time_nanoseconds, and
+ isc_time_subtract.
+
+ 70. [func] isc_time_set() added.
+
+ 69. [bug] The zone object's master and also-notify lists grew
+ longer with each server reload.
+
+ 68. [func] Partial support for SIG(0) on incoming messages.
+
+ 67. [performance] Allow use of alternate (compile-time supplied)
+ OpenSSL libraries/headers.
+
+ 66. [func] Data in authoritative zones should have a trust level
+ beyond secure.
+
+ 65. [cleanup] Removed obsolete typedef of dns_zone_callbackarg_t
+ from <dns/types.h>.
+
+ 64. [func] The RBT, DB, and zone table APIs now allow the
+ caller find the most-enclosing superdomain of
+ a name.
+
+ 63. [func] Generate NOTIFY messages.
+
+ 62. [func] Add UDP refresh support.
+
+ 61. [cleanup] Use single quotes consistently in log messages.
+
+ 60. [func] Catch and disallow singleton types on message
+ parse.
+
+ 59. [bug] Cause net/host unreachable to be a hard error
+ when sending and receiving.
+
+ 58. [bug] bin/named/query.c could sometimes trigger the
+ (client->query.attributes & NS_QUERYATTR_NAMEBUFUSED)
+ == 0 assertion in query_newname().
+
+ 57. [func] Added dns_nxt_typepresent()
+
+ 56. [bug] SIG records were not properly returned in cached
+ negative answers.
+
+ 55. [bug] Responses containing multiple names in the authority
+ section were not negatively cached.
+
+ 54. [bug] If a fetch with sigrdataset==NULL joined one with
+ sigrdataset!=NULL or vice versa, the resolver
+ could catch an assertion or lose signature data,
+ respectively.
+
+ 53. [port] freebsd 4.0: lib/isc/unix/socket.c requires
+ <sys/param.h>.
+
+ 52. [bug] rndc: taskmgr and socketmgr were not initialized
+ to NULL.
+
+ 51. [cleanup] dns/compress.h and dns/zt.h did not need to include
+ dns/rbt.h; it was needed only by compress.c and zt.c.
+
+ 50. [func] RBT deletion no longer requires a valid chain to work,
+ and dns_rbt_deletenode was added.
+
+ 49. [func] Each cache now has its own mctx.
+
+ 48. [func] isc_task_create() no longer takes an mctx.
+ isc_task_mem() has been eliminated.
+
+ 47. [func] A number of modules now use memory context reference
+ counting.
+
+ 46. [func] Memory contexts are now reference counted.
+ Added isc_mem_inuse() and isc_mem_preallocate().
+ Renamed isc_mem_destroy_check() to
+ isc_mem_setdestroycheck().
+
+ 45. [bug] The trusted-key statement incorrectly loaded keys.
+
+ 44. [bug] Don't include authority data if it would force us
+ to unset the AD bit in the message.
+
+ 43. [bug] DNSSEC verification of cached rdatasets was failing.
+
+ 42. [cleanup] Simplified logging of messages with embedded domain
+ names by introducing a new convenience function
+ dns_name_format().
+
+ 41. [func] Use PR_SET_KEEPCAPS on Linux 2.3.99-pre3 and later
+ to allow 'named' to run as a non-root user while
+ retaining the ability to bind() to privileged
+ ports.
+
+ 40. [func] Introduced new logging category "dnssec" and
+ logging module "dns/validator".
+
+ 39. [cleanup] Moved the typedefs for isc_region_t, isc_textregion_t,
+ and isc_lex_t to <isc/types.h>.
+
+ 38. [bug] TSIG signed incoming zone transfers work now.
+
+ 37. [bug] If the first RR in an incoming zone transfer was
+ not an SOA, the server died with an assertion failure
+ instead of just reporting an error.
+
+ 36. [cleanup] Change DNS_R_SUCCESS (and others) to ISC_R_SUCCESS
+
+ 35. [performance] Log messages which are of a level too high to be
+ logged by any channel in the logging configuration
+ will not cause the log mutex to be locked.
+
+ 34. [bug] Recursion was allowed even with 'recursion no'.
+
+ 33. [func] The RBT now maintains a parent pointer at each node.
+
+ 32. [cleanup] bin/lwresd/client.c needs <string.h> for memset()
+ prototype.
+
+ 31. [bug] Use ${LIBTOOL} to compile bin/named/main.@O@.
+
+ 30. [func] config file grammar change to support optional
+ class type for a view.
+
+ 29. [func] support new config file view options:
+
+ auth-nxdomain recursion query-source
+ query-source-v6 transfer-source
+ transfer-source-v6 max-transfer-time-out
+ max-transfer-idle-out transfer-format
+ request-ixfr provide-ixfr cleaning-interval
+ fetch-glue notify rfc2308-type1 lame-ttl
+ max-ncache-ttl min-roots
+
+ 28. [func] support lame-ttl, min-roots and serial-queries
+ config global options.
+
+ 27. [bug] Only include <netinet6/in6.h> on BSD/OS 4.[01]*.
+ Including it on other platforms (eg, NetBSD) can
+ cause a forced #error from the C preprocessor.
+
+ 26. [func] new match-clients statement in config file view.
+
+ 25. [bug] make install failed to install <isc/log.h> and
+ <isc/ondestroy.h>.
+
+ 24. [cleanup] Eliminate some unnecessary #includes of header
+ files from header files.
+
+ 23. [cleanup] Provide more context in log messages about client
+ requests, using a new function ns_client_log().
+
+ 22. [bug] SIGs weren't returned in the answer section when
+ the query resulted in a fetch.
+
+ 21. [port] Look at STD_CINCLUDES after CINCLUDES during
+ compilation, so additional system include directories
+ can be searched but header files in the bind9 source
+ tree with conflicting names take precedence. This
+ avoids issues with installed versions of dnssafe and
+ openssl.
+
+ 20. [func] Configuration file post-load validation of zones
+ failed if there were no zones.
+
+ 19. [bug] dns_zone_notifyreceive() failed to unlock the zone
+ lock in certain error cases.
+
+ 18. [bug] Use AC_TRY_LINK rather than AC_TRY_COMPILE in
+ configure.in to check for presence of in6addr_any.
+
+ 17. [func] Do configuration file post-load validation of zones.
+
+ 16. [bug] put quotes around key names on config file
+ output to avoid possible keyword clashes.
+
+ 15. [func] Add dns_name_dupwithoffsets(). This function is
+ improves comparison performance for duped names.
+
+ 14. [bug] free_rbtdb() could have 'put' unallocated memory in
+ an unlikely error path.
+
+ 13. [bug] lib/dns/master.c and lib/dns/xfrin.c didn't ignore
+ out-of-zone data.
+
+ 12. [bug] Fixed possible uninitialized variable error.
+
+ 11. [bug] axfr_rrstream_first() didn't check the result code of
+ db_rr_iterator_first(), possibly causing an assertion
+ to be triggered later.
+
+ 10. [bug] A bug in the code which makes EDNS0 OPT records in
+ bin/named/client.c and lib/dns/resolver.c could
+ trigger an assertion.
+
+ 9. [cleanup] replaced bit-setting code in confctx.c and replaced
+ repeated code with macro calls.
+
+ 8. [bug] Shutdown of incoming zone transfer accessed
+ freed memory.
+
+ 7. [cleanup] removed 'listen-on' from view statement.
+
+ 6. [bug] quote RR names when generating config file to
+ prevent possible clash with config file keywords
+ (such as 'key').
+
+ 5. [func] syntax change to named.conf file: new ssu grant/deny
+ statements must now be enclosed by an 'update-policy'
+ block.
+
+ 4. [port] bin/named/unix/os.c didn't compile on systems with
+ linux 2.3 kernel includes due to conflicts between
+ C library includes and the kernel includes. We now
+ get only what we need from <linux/capability.h>, and
+ avoid pulling in other linux kernel .h files.
+
+ 3. [bug] TKEYs go in the answer section of responses, not
+ the additional section.
+
+ 2. [bug] Generating cryptographic randomness failed on
+ systems without /dev/random.
+
+ 1. [bug] The installdirs rule in
+ lib/isc/unix/include/isc/Makefile.in had a typo which
+ prevented the isc directory from being created if it
+ didn't exist.
+
+ --- 9.0.0b2 released ---
+
+# This tells Emacs to use hard tabs in this file.
+# Local Variables:
+# indent-tabs-mode: t
+# End: