upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-03 05:50:39 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

prep 9.13.5

Browse source
This commit is contained in:
Tinderbox User 2018-12-07 03:11:45 +00:00
parent cbde34e7a3
commit 5bd855251c
76 changed files with 566 additions and 351 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
CHANGES
View file

@ -1,3 +1,5 @@
--- 9.13.5 released ---
5108. [bug] Named could fail to determine bottom of zone when
removing out of date keys leading to invalid NSEC
and NSEC3 records being added to the zone. [GL #771]

4
README
View file

@ -104,6 +104,10 @@ BIND 9.13 features
BIND 9.13 is the newest development branch of BIND 9. It includes a number
of changes from BIND 9.12 and earlier releases. New features include:
* A new "plugin" mechanism has been added to allow query functionality
to be extended using dynamically loadable libraries. The "filter-aaaa"
feature has been removed from named and is now implemented as a
plugin.
* Socket and task code has been refactored to improve performance.
* QNAME minimization, as described in RFC 7816, is now supported.
* "Root key sentinel" support, enabling validating resolvers to indicate

3
README.md
View file

@ -122,6 +122,9 @@ BIND 9.13 is the newest development branch of BIND 9. It includes a
number of changes from BIND 9.12 and earlier releases. New features
include:
* A new "plugin" mechanism has been added to allow query functionality
to be extended using dynamically loadable libraries. The "filter-aaaa"
feature has been removed from named and is now implemented as a plugin.
* Socket and task code has been refactored to improve performance.
* QNAME minimization, as described in RFC 7816, is now supported.
* "Root key sentinel" support, enabling validating resolvers to indicate

9
bin/check/named-checkconf.8
View file

@ -39,7 +39,7 @@
named-checkconf \- named configuration file syntax checking tool
.SH "SYNOPSIS"
.HP \w'\fBnamed\-checkconf\fR\ 'u
\fBnamed\-checkconf\fR [\fB\-hjlvz\fR] [\fB\-p\fR\ [\fB\-x\fR\ ]] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] {filename}
\fBnamed\-checkconf\fR [\fB\-chjlvz\fR] [\fB\-p\fR\ [\fB\-x\fR\ ]] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] {filename}
.SH "DESCRIPTION"
.PP
\fBnamed\-checkconf\fR
@ -79,6 +79,13 @@ When loading a zonefile read the journal if it exists\&.
List all the configured zones\&. Each line of output contains the zone name, class (e\&.g\&. IN), view, and type (e\&.g\&. master or slave)\&.
.RE
.PP
\-c
.RS 4
Check "core" configuration only\&. This suppresses the loading of plugin modules, and causes all parameters to
\fBplugin\fR
statements to be ignored\&.
.RE
.PP
\-p
.RS 4
Print out the

10
bin/check/named-checkconf.html
View file

@ -33,7 +33,7 @@
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p>
<code class="command">named-checkconf</code>
[<code class="option">-hjlvz</code>]
[<code class="option">-chjlvz</code>]
[<code class="option">-p</code>
[<code class="option">-x</code>
]]
@ -88,6 +88,14 @@
(e.g. master or slave).
</p>
</dd>
<dt><span class="term">-c</span></dt>
<dd>
<p>
Check "core" configuration only. This suppresses the loading
of plugin modules, and causes all parameters to
<span class="command"><strong>plugin</strong></span> statements to be ignored.
</p>
</dd>
<dt><span class="term">-p</span></dt>
<dd>
<p>

10
bin/dnssec/dnssec-keygen.8
View file

@ -327,21 +327,21 @@ and
files are generated for symmetric cryptography algorithms such as HMAC\-MD5, even though the public and private key are equivalent\&.
.SH "EXAMPLE"
.PP
To generate a 768\-bit DSA key for the domain
To generate an ECDSAP256SHA256 key for the domain
\fBexample\&.com\fR, the following command would be issued:
.PP
\fBdnssec\-keygen \-a DSA \-b 768 \-n ZONE example\&.com\fR
\fBdnssec\-keygen \-a ECDSAP256SHA256 \-n ZONE example\&.com\fR
.PP
The command would print a string of the form:
.PP
\fBKexample\&.com\&.+003+26160\fR
\fBKexample\&.com\&.+013+26160\fR
.PP
In this example,
\fBdnssec\-keygen\fR
creates the files
Kexample\&.com\&.+003+26160\&.key
Kexample\&.com\&.+013+26160\&.key
and
Kexample\&.com\&.+003+26160\&.private\&.
Kexample\&.com\&.+013+26160\&.private\&.
.SH "SEE ALSO"
.PP
\fBdnssec-signzone\fR(8),

10
bin/dnssec/dnssec-keygen.html
View file

@ -498,22 +498,22 @@
<a name="id-1.11"></a><h2>EXAMPLE</h2>
<p>
To generate a 768-bit DSA key for the domain
To generate an ECDSAP256SHA256 key for the domain
<strong class="userinput"><code>example.com</code></strong>, the following command would be
issued:
</p>
<p><strong class="userinput"><code>dnssec-keygen -a DSA -b 768 -n ZONE example.com</code></strong>
<p><strong class="userinput"><code>dnssec-keygen -a ECDSAP256SHA256 -n ZONE example.com</code></strong>
</p>
<p>
The command would print a string of the form:
</p>
<p><strong class="userinput"><code>Kexample.com.+003+26160</code></strong>
<p><strong class="userinput"><code>Kexample.com.+013+26160</code></strong>
</p>
<p>
In this example, <span class="command"><strong>dnssec-keygen</strong></span> creates
the files <code class="filename">Kexample.com.+003+26160.key</code>
the files <code class="filename">Kexample.com.+013+26160.key</code>
and
<code class="filename">Kexample.com.+003+26160.private</code>.
<code class="filename">Kexample.com.+013+26160.private</code>.
</p>
</div>

6
bin/dnssec/dnssec-signzone.8
View file

@ -415,9 +415,9 @@ Specify which keys should be used to sign the zone\&. If no keys are specified,
.PP
The following command signs the
\fBexample\&.com\fR
zone with the DSA key generated by
zone with the ECDSAP256SHA256 key generated by key generated by
\fBdnssec\-keygen\fR
(Kexample\&.com\&.+003+17247)\&. Because the
(Kexample\&.com\&.+013+17247)\&. Because the
\fB\-S\fR
option is not being used, the zone\*(Aqs keys must be in the master file (db\&.example\&.com)\&. This invocation looks for
dsset
@ -428,7 +428,7 @@ files, in the current directory, so that DS records can be imported from them (\
.\}
.nf
% dnssec\-signzone \-g \-o example\&.com db\&.example\&.com \e
Kexample\&.com\&.+003+17247
Kexample\&.com\&.+013+17247
db\&.example\&.com\&.signed
%
.fi

9
bin/dnssec/dnssec-signzone.html
View file

@ -624,15 +624,16 @@
<p>
The following command signs the <strong class="userinput"><code>example.com</code></strong>
zone with the DSA key generated by <span class="command"><strong>dnssec-keygen</strong></span>
(Kexample.com.+003+17247). Because the <span class="command"><strong>-S</strong></span> option
is not being used, the zone's keys must be in the master file
zone with the ECDSAP256SHA256 key generated by key generated by
<span class="command"><strong>dnssec-keygen</strong></span> (Kexample.com.+013+17247).
Because the <span class="command"><strong>-S</strong></span> option is not being used,
the zone's keys must be in the master file
(<code class="filename">db.example.com</code>). This invocation looks
for <code class="filename">dsset</code> files, in the current directory,
so that DS records can be imported from them (<span class="command"><strong>-g</strong></span>).
</p>
<pre class="programlisting">% dnssec-signzone -g -o example.com db.example.com \
Kexample.com.+003+17247
Kexample.com.+013+17247
db.example.com.signed
%</pre>
<p>

12
bin/plugins/filter-aaaa.8
View file

@ -9,7 +9,7 @@
'\" t
.\" Title: filter-aaaa.so
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
.\" Date: 2018-08-13
.\" Manual: BIND9
.\" Source: ISC
@ -38,12 +38,12 @@
.SH "NAME"
filter-aaaa.so \- filter AAAA in DNS responses when A is present
.SH "SYNOPSIS"
.HP 28
\fBhook query "filter\-aaaa\&.so"\fR [\fI{\ parameters\ }\fR];
.HP \w'\fBplugin\ query\ "filter\-aaaa\&.so"\fR\ 'u
\fBplugin query "filter\-aaaa\&.so"\fR [\fI{\ parameters\ }\fR];
.SH "DESCRIPTION"
.PP
\fBfilter\-aaaa\&.so\fR
is a query hook module for
is a query plugin module for
\fBnamed\fR, enabling
\fBnamed\fR
to omit some IPv6 addresses when responding to clients\&.
@ -59,13 +59,13 @@ and
options\&. These options are now deprecated in
named\&.conf, but can be passed as parameters to the
\fBfilter\-aaaa\&.so\fR
hook module, for example:
plugin, for example:
.sp
.if n \{\
.RS 4
.\}
.nf
hook query "/usr/local/lib/filter\-aaaa\&.so" {
plugin query "/usr/local/lib/filter\-aaaa\&.so" {
filter\-aaaa\-on\-v4 yes;
filter\-aaaa\-on\-v6 yes;
filter\-aaaa { 192\&.0\&.2\&.1; 2001:db8:2::1; };

2
bin/plugins/filter-aaaa.c
View file

@ -460,7 +460,7 @@ plugin_destroy(void **instp) {
}
/*
* Returns hook module API version for compatibility checks.
* Returns plugin API version for compatibility checks.
*/
int
plugin_version(void) {

86
bin/plugins/filter-aaaa.html
View file

@ -10,27 +10,40 @@
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>filter-aaaa.so</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry">
<a name="man.filter-aaaa"></a><div class="titlepage"></div>
<div class="refnamediv">
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">filter-aaaa.so</span> &#8212; filter AAAA in DNS responses when A is present</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">hook query "filter-aaaa.so"</code> [<em class="replaceable"><code>{ parameters }</code></em>];
</p></div>
</div>
<div class="refsection">
<a name="id-1.7"></a><h2>DESCRIPTION</h2>
<p>
<span class="command"><strong>filter-aaaa.so</strong></span> is a query hook module for
<span class="application">filter-aaaa.so</span>
&#8212; filter AAAA in DNS responses when A is present
</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p>
<code class="command">plugin query "filter-aaaa.so"</code>
[<em class="replaceable"><code>{ parameters }</code></em>];
</p></div>
</div>
<div class="refsection">
<a name="id-1.7"></a><h2>DESCRIPTION</h2>
<p>
<span class="command"><strong>filter-aaaa.so</strong></span> is a query plugin module for
<span class="command"><strong>named</strong></span>, enabling <span class="command"><strong>named</strong></span>
to omit some IPv6 addresses when responding to clients.
</p>
<p>
<p>
Until BIND 9.12, this feature was implemented natively in
<span class="command"><strong>named</strong></span> and enabled with the
<span class="command"><strong>filter-aaaa</strong></span> ACL and the
@ -38,42 +51,45 @@
<span class="command"><strong>filter-aaaa-on-v6</strong></span> options. These options are
now deprecated in <code class="filename">named.conf</code>, but can be
passed as parameters to the <span class="command"><strong>filter-aaaa.so</strong></span>
hook module, for example:
plugin, for example:
</p>
<pre class="programlisting">
hook query "/usr/local/lib/filter-aaaa.so" {
<pre class="programlisting">
plugin query "/usr/local/lib/filter-aaaa.so" {
filter-aaaa-on-v4 yes;
filter-aaaa-on-v6 yes;
filter-aaaa { 192.0.2.1; 2001:db8:2::1; };
};
</pre>
<p>
<p>
This module is intended to aid transition from IPv4 to IPv6 by
withholding IPv6 addresses from DNS clients which are not connected
to the IPv6 Internet, when the name being looked up has an IPv4
address available. Use of this module is not recommended unless
absolutely necessary.
</p>
<p>
<p>
Note: This mechanism can erroneously cause other servers not to
give AAAA records to their clients. If a recursing server with
both IPv6 and IPv4 network connections queries an authoritative
server using this mechanism via IPv4, it will be denied AAAA
records even if its client is using IPv6.
</p>
</div>
<div class="refsection">
</div>
<div class="refsection">
<a name="id-1.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
<div class="variablelist"><dl class="variablelist">
<dt><span class="term"><span class="command"><strong>filter-aaaa</strong></span></span></dt>
<dd><p>
<dd>
<p>
Specifies a list of client addresses for which AAAA
filtering is to be applied. The default is
<strong class="userinput"><code>any</code></strong>.
</p></dd>
</p>
</dd>
<dt><span class="term"><span class="command"><strong>filter-aaaa-on-v4</strong></span></span></dt>
<dd>
<p>
<p>
If set to <strong class="userinput"><code>yes</code></strong>, the DNS client is
at an IPv4 address, in <span class="command"><strong>filter-aaaa</strong></span>,
and if the response does not include DNSSEC signatures,
@ -81,35 +97,39 @@ hook query "/usr/local/lib/filter-aaaa.so" {
This filtering applies to all responses and not only
authoritative responses.
</p>
<p>
<p>
If set to <strong class="userinput"><code>break-dnssec</code></strong>,
then AAAA records are deleted even when DNSSEC is
enabled. As suggested by the name, this causes the
response to fail to verify, because the DNSSEC protocol is
designed to detect deletions.
</p>
<p>
<p>
This mechanism can erroneously cause other servers not to
give AAAA records to their clients. A recursing server with
both IPv6 and IPv4 network connections that queries an
authoritative server using this mechanism via IPv4 will be
denied AAAA records even if its client is using IPv6.
</p>
</dd>
</dd>
<dt><span class="term"><span class="command"><strong>filter-aaaa-on-v6</strong></span></span></dt>
<dd><p>
<dd>
<p>
Identical to <span class="command"><strong>filter-aaaa-on-v4</strong></span>,
except it filters AAAA responses to queries from IPv6
clients instead of IPv4 clients. To filter all
responses, set both options to <strong class="userinput"><code>yes</code></strong>.
</p></dd>
</p>
</dd>
</dl></div>
</div>
<div class="refsection">
</div>
<div class="refsection">
<a name="id-1.9"></a><h2>SEE ALSO</h2>
<p>
<p>
<em class="citetitle">BIND 9 Administrator Reference Manual</em>.
</p>
</div>
</div>
</div></body>
</html>

14
configure vendored
View file

@ -842,7 +842,6 @@ infodir
docdir
oldincludedir
includedir
runstatedir
localstatedir
sharedstatedir
sysconfdir
@ -1002,7 +1001,6 @@ datadir='${datarootdir}'
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
oldincludedir='/usr/include'
docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
@ -1255,15 +1253,6 @@ do
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
-runstatedir | --runstatedir | --runstatedi | --runstated \
| --runstate | --runstat | --runsta | --runst | --runs \
| --run | --ru | --r)
ac_prev=runstatedir ;;
-runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
| --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
| --run=* | --ru=* | --r=*)
runstatedir=$ac_optarg ;;
-sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
ac_prev=sbindir ;;
-sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@ -1401,7 +1390,7 @@ fi
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
libdir localedir mandir runstatedir
libdir localedir mandir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
@ -1554,7 +1543,6 @@ Fine tuning of the installation directories:
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
--runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]

2
doc/arm/Bv9ARM.ch01.html
View file

@ -614,6 +614,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/Bv9ARM.ch02.html
View file

@ -146,6 +146,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

106
doc/arm/Bv9ARM.ch03.html
View file

@ -47,6 +47,11 @@
<dt><span class="section"><a href="Bv9ARM.ch03.html#tools">Tools for Use With the Name Server Daemon</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch03.html#signals">Signals</a></span></dt>
</dl></dd>
<dt><span class="section"><a href="Bv9ARM.ch03.html#module-info">Plugins</a></span></dt>
<dd><dl>
<dt><span class="section"><a href="Bv9ARM.ch03.html#id-1.4.6.5">Configuring Plugins</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch03.html#id-1.4.6.6">Developing Plugins</a></span></dt>
</dl></dd>
</dl>
</div>
@ -741,6 +746,105 @@ controls {
</div>
</div>
</div>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="module-info"></a>Plugins</h2></div></div></div>
<p>
Plugins are a mechanism to extend the functionality of
<span class="command"><strong>named</strong></span> using dynamically loadable libraries.
By using plugins, core server functionality can be kept simple
for the majority of users; more complex code implementing optional
features need only be installed by users that need those features.
</p>
<p>
The plugin interface is a work in progress, and is expected to evolve
as more plugins are added. Currently, only "query plugins" are supported;
these modify the name server query logic. Other plugin types may be added
in the future.
</p>
<p>
The only plugin currently included in BIND is
<code class="filename">filter-aaaa.so</code>, which replaces the
<span class="command"><strong>filter-aaaa</strong></span> feature that previously existed natively
as part of <span class="command"><strong>named</strong></span>.
The code for this feature has been removed from <span class="command"><strong>named</strong></span>,
and can no longer be configured using standard
<code class="filename">named.conf</code> syntax, but linking in the
<code class="filename">filter-aaaa.so</code> plugin provides identical
functionality.
</p>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="id-1.4.6.5"></a>Configuring Plugins</h3></div></div></div>
<p>
A plugin is configured with the <span class="command"><strong>plugin</strong></span>
statement in <code class="filename">named.conf</code>:
</p>
<pre class="screen">
plugin query "library.so" {
<em class="replaceable"><code>parameters</code></em>
};
</pre>
<p>
In this example, file <code class="filename">library.so</code> is the plugin
library. <code class="literal">query</code> indicates that this is a query
plugin.
</p>
<p>
</p>
<p>
Multiple <span class="command"><strong>plugin</strong></span> statements can be specified, to load
different plugins or multiple instances of the same plugin.
</p>
<p>
<em class="replaceable"><code>parameters</code></em> are passed as an opaque
string to the plugin's initialization routine. Configuration
syntax will differ depending on the module.
</p>
</div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
<a name="id-1.4.6.6"></a>Developing Plugins</h3></div></div></div>
<p>
Each plugin implements four functions:
</p>
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
<li class="listitem">
<span class="command"><strong>plugin_register</strong></span> to allocate memory,
configure a plugin instance, and attach to hook points within
<span class="command"><strong>named</strong></span>,</li>
<li class="listitem">
<span class="command"><strong>plugin_destroy</strong></span> to tear down the plugin
instance and free memory,</li>
<li class="listitem">
<span class="command"><strong>plugin_version</strong></span> to check that the plugin
is compatible with the current version of the plugin API,</li>
<li class="listitem">
<span class="command"><strong>plugin_check</strong></span> to test syntactic
correctness of the plugin parameters.</li>
</ul></div>
<p>
</p>
<p>
At various locations within the <span class="command"><strong>named</strong></span> source code,
there are "hook points" at which a plugin may register itself.
When a hook point is reached while <span class="command"><strong>named</strong></span> is
running, it is checked to see whether any plugins have registered
themselves there; if so, the associated "hook action" is called -
this is a function within the plugin library. Hook actions may
examine the runtime state and make changes - for example, modifying
the answers to be sent back to a client or forcing a query to be
aborted. More details can be found in the file
<code class="filename">lib/ns/include/ns/hooks.h</code>.
</p>
</div>
</div>
</div>
<div class="navfooter">
<hr>
@ -759,6 +863,6 @@ controls {
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/Bv9ARM.ch04.html
View file

@ -2868,6 +2868,6 @@ $ORIGIN 0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa.
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

68
doc/arm/Bv9ARM.ch05.html
View file

@ -4626,63 +4626,6 @@ options {
internally. The use of this option is discouraged.
</p>
</dd>
<dt><span class="term"><span class="command"><strong>filter-aaaa-on-v4</strong></span></span></dt>
<dd>
<p>
This option is intended to help the
transition from IPv4 to IPv6 by not giving IPv6 addresses
to DNS clients unless they have connections to the IPv6
Internet. This is not recommended unless absolutely
necessary. The default is <strong class="userinput"><code>no</code></strong>.
The <span class="command"><strong>filter-aaaa-on-v4</strong></span> option
may also be specified in <span class="command"><strong>view</strong></span> statements
to override the global <span class="command"><strong>filter-aaaa-on-v4</strong></span>
option.
</p>
<p>
If <strong class="userinput"><code>yes</code></strong>,
the DNS client is at an IPv4 address, in <span class="command"><strong>filter-aaaa</strong></span>,
and if the response does not include DNSSEC signatures,
then all AAAA records are deleted from the response.
This filtering applies to all responses and not only
authoritative responses.
</p>
<p>
If <strong class="userinput"><code>break-dnssec</code></strong>,
then AAAA records are deleted even when DNSSEC is enabled.
As suggested by the name, this makes the response not verify,
because the DNSSEC protocol is designed detect deletions.
</p>
<p>
This mechanism can erroneously cause other servers to
not give AAAA records to their clients.
A recursing server with both IPv6 and IPv4 network connections
that queries an authoritative server using this mechanism
via IPv4 will be denied AAAA records even if its client is
using IPv6.
</p>
<p>
This mechanism is applied to authoritative as well as
non-authoritative records.
A client using IPv4 that is not allowed recursion can
erroneously be given AAAA records because the server is not
allowed to check for A records.
</p>
<p>
Some AAAA records are given to IPv4 clients in glue records.
IPv4 clients that are servers can then erroneously
answer requests for AAAA records received via IPv4.
</p>
</dd>
<dt><span class="term"><span class="command"><strong>filter-aaaa-on-v6</strong></span></span></dt>
<dd>
<p>
Identical to <span class="command"><strong>filter-aaaa-on-v4</strong></span>,
except it filters AAAA responses to queries from IPv6
clients instead of IPv4 clients. To filter all
responses, set both options to <strong class="userinput"><code>yes</code></strong>.
</p>
</dd>
<dt><span class="term"><span class="command"><strong>ixfr-from-differences</strong></span></span></dt>
<dd>
<p>
@ -5430,15 +5373,6 @@ options {
is <strong class="userinput"><code>none</code></strong>.
</p>
</dd>
<dt><span class="term"><span class="command"><strong>filter-aaaa</strong></span></span></dt>
<dd>
<p>
Specifies a list of addresses to which
<span class="command"><strong>filter-aaaa-on-v4</strong></span>
and <span class="command"><strong>filter-aaaa-on-v6</strong></span>
apply. The default is <strong class="userinput"><code>any</code></strong>.
</p>
</dd>
<dt><span class="term"><span class="command"><strong>keep-response-order</strong></span></span></dt>
<dd>
<p>
@ -15044,6 +14978,6 @@ HOST-127.EXAMPLE. MX 0 .
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/Bv9ARM.ch06.html
View file

@ -361,6 +361,6 @@ allow-query { !{ !10/8; any; }; key example; };
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/Bv9ARM.ch07.html
View file

@ -191,6 +191,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

45
doc/arm/Bv9ARM.ch08.html
View file

@ -36,7 +36,7 @@
<div class="toc">
<p><b>Table of Contents</b></p>
<dl class="toc">
<dt><span class="section"><a href="Bv9ARM.ch08.html#id-1.9.2">Release Notes for BIND Version 9.13.4</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#id-1.9.2">Release Notes for BIND Version 9.13.5</a></span></dt>
<dd><dl>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_intro">Introduction</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_versions">Note on Version Numbering</a></span></dt>
@ -55,7 +55,7 @@
</div>
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id-1.9.2"></a>Release Notes for BIND Version 9.13.4</h2></div></div></div>
<a name="id-1.9.2"></a>Release Notes for BIND Version 9.13.5</h2></div></div></div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
@ -174,6 +174,20 @@
in use. This flaw is disclosed in CVE-2018-5740. [GL #387]
</p>
</li>
<li class="listitem">
<p>
Code change #4964, intended to prevent double signatures
when deleting an inactive zone DNSKEY in some situations,
introduced a new problem during zone processing in which
some delegation glue RRsets are incorrectly identified
as needing RRSIGs, which are then created for them using
the current active ZSK for the zone. In some, but not all
cases, the newly-signed RRsets are added to the zone's
NSEC/NSEC3 chain, but incompletely -- this can result in
a broken chain, affecting validation of proof of nonexistence
for records in the zone. [GL #771]
</p>
</li>
</ul></div>
</div>
@ -203,6 +217,19 @@
as described in RFC 7706. [GL #33]
</p>
</li>
<li class="listitem">
<p>
A new <span class="command"><strong>plugin</strong></span> mechanism has been added to allow
extension of query processing functionality through the use of
external libraries. The new <code class="filename">filter-aaaa.so</code>
plugin replaces the <span class="command"><strong>filter-aaaa</strong></span> feature that
was formerly implemented as a native part of BIND.
</p>
<p>
The plugin API is a work in progress and is likely to evolve
as further plugins are implemented. [GL #15]
</p>
</li>
<li class="listitem">
<p>
BIND now can be compiled against the <span class="command"><strong>libidn2</strong></span>
@ -340,6 +367,18 @@
the operating system, and it cannot be built without threads.
</p>
</li>
<li class="listitem">
<p>
The <span class="command"><strong>filter-aaaa</strong></span>,
<span class="command"><strong>filter-aaaa-on-v4</strong></span>, and
<span class="command"><strong>filter-aaaa-on-v6</strong></span> options have been removed
from <span class="command"><strong>named</strong></span>, and can no longer be
configured using native <code class="filename">named.conf</code> syntax.
However, loading the new <code class="filename">filter-aaaa.so</code>
plugin and setting its parameters provides identical
functionality.
</p>
</li>
<li class="listitem">
<p>
<span class="command"><strong>named</strong></span> can no longer use the EDNS CLIENT-SUBNET
@ -721,6 +760,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/Bv9ARM.ch09.html
View file

@ -148,6 +148,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/Bv9ARM.ch10.html
View file

@ -914,6 +914,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/Bv9ARM.ch11.html
View file

@ -533,6 +533,6 @@ $ <strong class="userinput"><code>sample-update -a sample-update -k Kxxx.+nnn+mm
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

6
doc/arm/Bv9ARM.ch12.html
View file

@ -91,6 +91,9 @@
<span class="refentrytitle"><a href="man.dnstap-read.html"><span class="application">dnstap-read</span></a></span><span class="refpurpose"> &#8212; print dnstap data in human-readable form</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.filter-aaaa.html"><span class="application">filter-aaaa.so</span></a></span><span class="refpurpose"> &#8212; filter AAAA in DNS responses when A is present</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.host.html">host</a></span><span class="refpurpose"> &#8212; DNS lookup utility</span>
</dt>
<dt>
@ -185,6 +188,7 @@
</div>
@ -206,6 +210,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

14
doc/arm/Bv9ARM.html
View file

@ -32,7 +32,7 @@
<div>
<div><h1 class="title">
<a name="id-1"></a>BIND 9 Administrator Reference Manual</h1></div>
<div><p class="releaseinfo">BIND Version 9.13.4</p></div>
<div><p class="releaseinfo">BIND Version 9.13.5</p></div>
<div><p class="copyright">Copyright © 2000-2018 Internet Systems Consortium, Inc. ("ISC")</p></div>
</div>
<hr>
@ -76,6 +76,11 @@
<dt><span class="section"><a href="Bv9ARM.ch03.html#tools">Tools for Use With the Name Server Daemon</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch03.html#signals">Signals</a></span></dt>
</dl></dd>
<dt><span class="section"><a href="Bv9ARM.ch03.html#module-info">Plugins</a></span></dt>
<dd><dl>
<dt><span class="section"><a href="Bv9ARM.ch03.html#id-1.4.6.5">Configuring Plugins</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch03.html#id-1.4.6.6">Developing Plugins</a></span></dt>
</dl></dd>
</dl></dd>
<dt><span class="chapter"><a href="Bv9ARM.ch04.html">4. Advanced DNS Features</a></span></dt>
<dd><dl>
@ -237,7 +242,7 @@
</dl></dd>
<dt><span class="appendix"><a href="Bv9ARM.ch08.html">A. Release Notes</a></span></dt>
<dd><dl>
<dt><span class="section"><a href="Bv9ARM.ch08.html#id-1.9.2">Release Notes for BIND Version 9.13.4</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#id-1.9.2">Release Notes for BIND Version 9.13.5</a></span></dt>
<dd><dl>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_intro">Introduction</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_versions">Note on Version Numbering</a></span></dt>
@ -329,6 +334,9 @@
<span class="refentrytitle"><a href="man.dnstap-read.html"><span class="application">dnstap-read</span></a></span><span class="refpurpose"> &#8212; print dnstap data in human-readable form</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.filter-aaaa.html"><span class="application">filter-aaaa.so</span></a></span><span class="refpurpose"> &#8212; filter AAAA in DNS responses when A is present</span>
</dt>
<dt>
<span class="refentrytitle"><a href="man.host.html">host</a></span><span class="refpurpose"> &#8212; DNS lookup utility</span>
</dt>
<dt>
@ -432,6 +440,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

BIN
doc/arm/Bv9ARM.pdf
View file

Binary file not shown.

2
doc/arm/man.arpaname.html
View file

@ -90,6 +90,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/man.ddns-confgen.html
View file

@ -220,6 +220,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/man.delv.html
View file

@ -625,6 +625,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dig.html
View file

@ -1151,6 +1151,6 @@ dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-cds.html
View file

@ -376,6 +376,6 @@ nsupdate -l
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-checkds.html
View file

@ -150,6 +150,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-coverage.html
View file

@ -270,6 +270,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-dsfromkey.html
View file

@ -289,6 +289,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-importkey.html
View file

@ -250,6 +250,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-keyfromlabel.html
View file

@ -498,6 +498,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

12
doc/arm/man.dnssec-keygen.html
View file

@ -516,22 +516,22 @@
<a name="id-1.13.12.11"></a><h2>EXAMPLE</h2>
<p>
To generate a 768-bit DSA key for the domain
To generate an ECDSAP256SHA256 key for the domain
<strong class="userinput"><code>example.com</code></strong>, the following command would be
issued:
</p>
<p><strong class="userinput"><code>dnssec-keygen -a DSA -b 768 -n ZONE example.com</code></strong>
<p><strong class="userinput"><code>dnssec-keygen -a ECDSAP256SHA256 -n ZONE example.com</code></strong>
</p>
<p>
The command would print a string of the form:
</p>
<p><strong class="userinput"><code>Kexample.com.+003+26160</code></strong>
<p><strong class="userinput"><code>Kexample.com.+013+26160</code></strong>
</p>
<p>
In this example, <span class="command"><strong>dnssec-keygen</strong></span> creates
the files <code class="filename">Kexample.com.+003+26160.key</code>
the files <code class="filename">Kexample.com.+013+26160.key</code>
and
<code class="filename">Kexample.com.+003+26160.private</code>.
<code class="filename">Kexample.com.+013+26160.private</code>.
</p>
</div>
@ -568,6 +568,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-keymgr.html
View file

@ -387,6 +387,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-revoke.html
View file

@ -171,6 +171,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-settime.html
View file

@ -349,6 +349,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

11
doc/arm/man.dnssec-signzone.html
View file

@ -642,15 +642,16 @@
<p>
The following command signs the <strong class="userinput"><code>example.com</code></strong>
zone with the DSA key generated by <span class="command"><strong>dnssec-keygen</strong></span>
(Kexample.com.+003+17247). Because the <span class="command"><strong>-S</strong></span> option
is not being used, the zone's keys must be in the master file
zone with the ECDSAP256SHA256 key generated by key generated by
<span class="command"><strong>dnssec-keygen</strong></span> (Kexample.com.+013+17247).
Because the <span class="command"><strong>-S</strong></span> option is not being used,
the zone's keys must be in the master file
(<code class="filename">db.example.com</code>). This invocation looks
for <code class="filename">dsset</code> files, in the current directory,
so that DS records can be imported from them (<span class="command"><strong>-g</strong></span>).
</p>
<pre class="programlisting">% dnssec-signzone -g -o example.com db.example.com \
Kexample.com.+003+17247
Kexample.com.+013+17247
db.example.com.signed
%</pre>
<p>
@ -700,6 +701,6 @@ db.example.com.signed
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

2
doc/arm/man.dnssec-verify.html
View file

@ -202,6 +202,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

11
doc/arm/man.dnstap-read.html
View file

@ -14,7 +14,7 @@
<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="up" href="Bv9ARM.ch12.html" title="Manual pages">
<link rel="prev" href="man.dnssec-verify.html" title="dnssec-verify">
<link rel="next" href="man.host.html" title="host">
<link rel="next" href="man.filter-aaaa.html" title="filter-aaaa.so">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="navheader">
@ -24,7 +24,7 @@
<td width="20%" align="left">
<a accesskey="p" href="man.dnssec-verify.html">Prev</a> </td>
<th width="60%" align="center">Manual pages</th>
<td width="20%" align="right"> <a accesskey="n" href="man.host.html">Next</a>
<td width="20%" align="right"> <a accesskey="n" href="man.filter-aaaa.html">Next</a>
</td>
</tr>
</table>
@ -131,17 +131,18 @@
<td width="40%" align="left">
<a accesskey="p" href="man.dnssec-verify.html">Prev</a> </td>
<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch12.html">Up</a></td>
<td width="40%" align="right"> <a accesskey="n" href="man.host.html">Next</a>
<td width="40%" align="right"> <a accesskey="n" href="man.filter-aaaa.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">
<span class="application">dnssec-verify</span> </td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top"> host</td>
<td width="40%" align="right" valign="top"> <span class="application">filter-aaaa.so</span>
</td>
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

90
doc/arm/man.filter-aaaa.html
View file

@ -10,7 +10,7 @@
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>filter-aaaa.so</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="up" href="Bv9ARM.ch12.html" title="Manual pages">
<link rel="prev" href="man.dnstap-read.html" title="dnstap-read">
@ -32,66 +32,82 @@
</div>
<div class="refentry">
<a name="man.filter-aaaa"></a><div class="titlepage"></div>
<div class="refnamediv">
<div class="refnamediv">
<h2>Name</h2>
<p><span class="application">filter-aaaa.so</span> &#8212; filter AAAA in DNS responses when A is present</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p><code class="command">hook query "filter-aaaa.so"</code> [<em class="replaceable"><code>{ parameters }</code></em>];
</p></div>
</div>
<div class="refsection">
<a name="id-1.13.19.7"></a><h2>DESCRIPTION</h2>
<p>
<span class="command"><strong>filter-aaaa.so</strong></span> is a query hook module for
<span class="application">filter-aaaa.so</span>
&#8212; filter AAAA in DNS responses when A is present
</p>
</div>
<div class="refsynopsisdiv">
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p>
<code class="command">plugin query "filter-aaaa.so"</code>
[<em class="replaceable"><code>{ parameters }</code></em>];
</p></div>
</div>
<div class="refsection">
<a name="id-1.13.19.7"></a><h2>DESCRIPTION</h2>
<p>
<span class="command"><strong>filter-aaaa.so</strong></span> is a query plugin module for
<span class="command"><strong>named</strong></span>, enabling <span class="command"><strong>named</strong></span>
to omit some IPv6 addresses when responding to clients.
</p>
<p>
Until BIND 9.12, this feature was impleented natively in
<p>
Until BIND 9.12, this feature was implemented natively in
<span class="command"><strong>named</strong></span> and enabled with the
<span class="command"><strong>filter-aaaa</strong></span> ACL and the
<span class="command"><strong>filter-aaaa-on-v4</strong></span> and
<span class="command"><strong>filter-aaaa-on-v6</strong></span> options. These options are
now deprecated in <code class="filename">named.conf</code>, but can be
passed as parameters to the <span class="command"><strong>filter-aaaa.so</strong></span>
hook module, for example:
plugin, for example:
</p>
<pre class="programlisting">
hook query "/usr/local/lib/filter-aaaa.so" {
<pre class="programlisting">
plugin query "/usr/local/lib/filter-aaaa.so" {
filter-aaaa-on-v4 yes;
filter-aaaa-on-v6 yes;
filter-aaaa { 192.0.2.1; 2001:db8:2::1; };
};
</pre>
<p>
<p>
This module is intended to aid transition from IPv4 to IPv6 by
withholding IPv6 addresses from DNS clients which are not connected
to the IPv6 Internet, when the name being looked up has an IPv4
address available. Use of this module is not recommended unless
absolutely necessary.
</p>
<p>
<p>
Note: This mechanism can erroneously cause other servers not to
give AAAA records to their clients. If a recursing server with
both IPv6 and IPv4 network connections queries an authoritative
server using this mechanism via IPv4, it will be denied AAAA
records even if its client is using IPv6.
</p>
</div>
<div class="refsection">
</div>
<div class="refsection">
<a name="id-1.13.19.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
<div class="variablelist"><dl class="variablelist">
<dt><span class="term"><span class="command"><strong>filter-aaaa</strong></span></span></dt>
<dd><p>
<dd>
<p>
Specifies a list of client addresses for which AAAA
filtering is to be applied. The default is
<strong class="userinput"><code>any</code></strong>.
</p></dd>
</p>
</dd>
<dt><span class="term"><span class="command"><strong>filter-aaaa-on-v4</strong></span></span></dt>
<dd>
<p>
<p>
If set to <strong class="userinput"><code>yes</code></strong>, the DNS client is
at an IPv4 address, in <span class="command"><strong>filter-aaaa</strong></span>,
and if the response does not include DNSSEC signatures,
@ -99,36 +115,40 @@ hook query "/usr/local/lib/filter-aaaa.so" {
This filtering applies to all responses and not only
authoritative responses.
</p>
<p>
<p>
If set to <strong class="userinput"><code>break-dnssec</code></strong>,
then AAAA records are deleted even when DNSSEC is
enabled. As suggested by the name, this causes the
response to fail to verify, because the DNSSEC protocol is
designed to detect deletions.
</p>
<p>
<p>
This mechanism can erroneously cause other servers not to
give AAAA records to their clients. A recursing server with
both IPv6 and IPv4 network connections that queries an
authoritative server using this mechanism via IPv4 will be
denied AAAA records even if its client is using IPv6.
</p>
</dd>
</dd>
<dt><span class="term"><span class="command"><strong>filter-aaaa-on-v6</strong></span></span></dt>
<dd><p>
<dd>
<p>
Identical to <span class="command"><strong>filter-aaaa-on-v4</strong></span>,
except it filters AAAA responses to queries from IPv6
clients instead of IPv4 clients. To filter all
responses, set both options to <strong class="userinput"><code>yes</code></strong>.
</p></dd>
</p>
</dd>
</dl></div>
</div>
<div class="refsection">
</div>
<div class="refsection">
<a name="id-1.13.19.9"></a><h2>SEE ALSO</h2>
<p>
<p>
<em class="citetitle">BIND 9 Administrator Reference Manual</em>.
</p>
</div>
</div>
</div>
<div class="navfooter">
<hr>
@ -148,6 +168,6 @@ hook query "/usr/local/lib/filter-aaaa.so" {
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.2 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

20
doc/arm/man.host.html
View file

@ -13,7 +13,7 @@
<meta name="generator" content="DocBook XSL Stylesheets V1.78.1">
<link rel="home" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">
<link rel="up" href="Bv9ARM.ch12.html" title="Manual pages">
<link rel="prev" href="man.dnstap-read.html" title="dnstap-read">
<link rel="prev" href="man.filter-aaaa.html" title="filter-aaaa.so">
<link rel="next" href="man.mdig.html" title="mdig">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
@ -22,7 +22,7 @@
<tr><th colspan="3" align="center">host</th></tr>
<tr>
<td width="20%" align="left">
<a accesskey="p" href="man.dnstap-read.html">Prev</a> </td>
<a accesskey="p" href="man.filter-aaaa.html">Prev</a> </td>
<th width="60%" align="center">Manual pages</th>
<td width="20%" align="right"> <a accesskey="n" href="man.mdig.html">Next</a>
</td>
@ -70,7 +70,7 @@
</div>
<div class="refsection">
<a name="id-1.13.19.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.20.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>host</strong></span>
@ -97,7 +97,7 @@
</div>
<div class="refsection">
<a name="id-1.13.19.8"></a><h2>OPTIONS</h2>
<a name="id-1.13.20.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term">-4</span></dt>
@ -312,7 +312,7 @@
</div>
<div class="refsection">
<a name="id-1.13.19.9"></a><h2>IDN SUPPORT</h2>
<a name="id-1.13.20.9"></a><h2>IDN SUPPORT</h2>
<p>
If <span class="command"><strong>host</strong></span> has been built with IDN (internationalized
@ -328,14 +328,14 @@
</div>
<div class="refsection">
<a name="id-1.13.19.10"></a><h2>FILES</h2>
<a name="id-1.13.20.10"></a><h2>FILES</h2>
<p><code class="filename">/etc/resolv.conf</code>
</p>
</div>
<div class="refsection">
<a name="id-1.13.19.11"></a><h2>SEE ALSO</h2>
<a name="id-1.13.20.11"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry">
<span class="refentrytitle">dig</span>(1)
@ -352,20 +352,20 @@
<table width="100%" summary="Navigation footer">
<tr>
<td width="40%" align="left">
<a accesskey="p" href="man.dnstap-read.html">Prev</a> </td>
<a accesskey="p" href="man.filter-aaaa.html">Prev</a> </td>
<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch12.html">Up</a></td>
<td width="40%" align="right"> <a accesskey="n" href="man.mdig.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">
<span class="application">dnstap-read</span> </td>
<span class="application">filter-aaaa.so</span> </td>
<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>
<td width="40%" align="right" valign="top"> <span class="application">mdig</span>
</td>
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

12
doc/arm/man.mdig.html
View file

@ -84,7 +84,7 @@
</div>
<div class="refsection">
<a name="id-1.13.20.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.21.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>mdig</strong></span>
is a multiple/pipelined query version of <span class="command"><strong>dig</strong></span>:
@ -134,7 +134,7 @@
</div>
<div class="refsection">
<a name="id-1.13.20.8"></a><h2>ANYWHERE OPTIONS</h2>
<a name="id-1.13.21.8"></a><h2>ANYWHERE OPTIONS</h2>
<p>
@ -158,7 +158,7 @@
</div>
<div class="refsection">
<a name="id-1.13.20.9"></a><h2>GLOBAL OPTIONS</h2>
<a name="id-1.13.21.9"></a><h2>GLOBAL OPTIONS</h2>
<p>
@ -358,7 +358,7 @@
</div>
<div class="refsection">
<a name="id-1.13.20.10"></a><h2>LOCAL OPTIONS</h2>
<a name="id-1.13.21.10"></a><h2>LOCAL OPTIONS</h2>
<p>
@ -577,7 +577,7 @@
</div>
<div class="refsection">
<a name="id-1.13.20.11"></a><h2>SEE ALSO</h2>
<a name="id-1.13.21.11"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry">
<span class="refentrytitle">dig</span>(1)
@ -604,6 +604,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

20
doc/arm/man.named-checkconf.html
View file

@ -51,7 +51,7 @@
<h2>Synopsis</h2>
<div class="cmdsynopsis"><p>
<code class="command">named-checkconf</code>
[<code class="option">-hjlvz</code>]
[<code class="option">-chjlvz</code>]
[<code class="option">-p</code>
[<code class="option">-x</code>
]]
@ -61,7 +61,7 @@
</div>
<div class="refsection">
<a name="id-1.13.21.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.22.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>named-checkconf</strong></span>
checks the syntax, but not the semantics, of a
@ -83,7 +83,7 @@
</div>
<div class="refsection">
<a name="id-1.13.21.8"></a><h2>OPTIONS</h2>
<a name="id-1.13.22.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term">-h</span></dt>
@ -106,6 +106,14 @@
(e.g. master or slave).
</p>
</dd>
<dt><span class="term">-c</span></dt>
<dd>
<p>
Check "core" configuration only. This suppresses the loading
of plugin modules, and causes all parameters to
<span class="command"><strong>plugin</strong></span> statements to be ignored.
</p>
</dd>
<dt><span class="term">-p</span></dt>
<dd>
<p>
@ -160,7 +168,7 @@
</div>
<div class="refsection">
<a name="id-1.13.21.9"></a><h2>RETURN VALUES</h2>
<a name="id-1.13.22.9"></a><h2>RETURN VALUES</h2>
<p><span class="command"><strong>named-checkconf</strong></span>
returns an exit status of 1 if
@ -169,7 +177,7 @@
</div>
<div class="refsection">
<a name="id-1.13.21.10"></a><h2>SEE ALSO</h2>
<a name="id-1.13.22.10"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry">
<span class="refentrytitle">named</span>(8)
@ -200,6 +208,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

10
doc/arm/man.named-checkzone.html
View file

@ -111,7 +111,7 @@
</div>
<div class="refsection">
<a name="id-1.13.22.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.23.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>named-checkzone</strong></span>
checks the syntax and integrity of a zone file. It performs the
@ -133,7 +133,7 @@
</div>
<div class="refsection">
<a name="id-1.13.22.8"></a><h2>OPTIONS</h2>
<a name="id-1.13.23.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
@ -421,7 +421,7 @@
</div>
<div class="refsection">
<a name="id-1.13.22.9"></a><h2>RETURN VALUES</h2>
<a name="id-1.13.23.9"></a><h2>RETURN VALUES</h2>
<p><span class="command"><strong>named-checkzone</strong></span>
returns an exit status of 1 if
@ -430,7 +430,7 @@
</div>
<div class="refsection">
<a name="id-1.13.22.10"></a><h2>SEE ALSO</h2>
<a name="id-1.13.23.10"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry">
<span class="refentrytitle">named</span>(8)
@ -463,6 +463,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

6
doc/arm/man.named-journalprint.html
View file

@ -56,7 +56,7 @@
</div>
<div class="refsection">
<a name="id-1.13.23.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.24.7"></a><h2>DESCRIPTION</h2>
<p>
<span class="command"><strong>named-journalprint</strong></span>
@ -84,7 +84,7 @@
</div>
<div class="refsection">
<a name="id-1.13.23.8"></a><h2>SEE ALSO</h2>
<a name="id-1.13.24.8"></a><h2>SEE ALSO</h2>
<p>
<span class="citerefentry">
@ -117,6 +117,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

10
doc/arm/man.named-nzd2nzf.html
View file

@ -57,7 +57,7 @@
</div>
<div class="refsect1">
<a name="id-1.13.24.6"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.25.6"></a><h2>DESCRIPTION</h2>
<p>
<span class="command"><strong>named-nzd2nzf</strong></span> converts an NZD database to NZF
@ -71,7 +71,7 @@
</div>
<div class="refsect1">
<a name="id-1.13.24.7"></a><h2>ARGUMENTS</h2>
<a name="id-1.13.25.7"></a><h2>ARGUMENTS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term">filename</span></dt>
@ -85,7 +85,7 @@
</div>
<div class="refsect1">
<a name="id-1.13.24.8"></a><h2>SEE ALSO</h2>
<a name="id-1.13.25.8"></a><h2>SEE ALSO</h2>
<p>
<em class="citetitle">BIND 9 Administrator Reference Manual</em>
@ -93,7 +93,7 @@
</div>
<div class="refsect1">
<a name="id-1.13.24.9"></a><h2>AUTHOR</h2>
<a name="id-1.13.25.9"></a><h2>AUTHOR</h2>
<p><span class="corpauthor">Internet Systems Consortium</span>
</p>
@ -119,6 +119,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

6
doc/arm/man.named-rrchecker.html
View file

@ -60,7 +60,7 @@
</div>
<div class="refsection">
<a name="id-1.13.25.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.26.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>named-rrchecker</strong></span>
read a individual DNS resource record from standard input and checks if it
@ -90,7 +90,7 @@
</div>
<div class="refsection">
<a name="id-1.13.25.8"></a><h2>SEE ALSO</h2>
<a name="id-1.13.26.8"></a><h2>SEE ALSO</h2>
<p>
<em class="citetitle">RFC 1034</em>,
@ -121,6 +121,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

36
doc/arm/man.named.conf.html
View file

@ -55,7 +55,7 @@
</div>
<div class="refsection">
<a name="id-1.13.26.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.27.7"></a><h2>DESCRIPTION</h2>
<p><code class="filename">named.conf</code> is the configuration file
for
@ -76,7 +76,7 @@
</div>
<div class="refsection">
<a name="id-1.13.26.8"></a><h2>ACL</h2>
<a name="id-1.13.27.8"></a><h2>ACL</h2>
<div class="literallayout"><p><br>
acl <em class="replaceable"><code>string</code></em> { <em class="replaceable"><code>address_match_element</code></em>; ... };<br>
@ -84,7 +84,7 @@ acl
</div>
<div class="refsection">
<a name="id-1.13.26.9"></a><h2>CONTROLS</h2>
<a name="id-1.13.27.9"></a><h2>CONTROLS</h2>
<div class="literallayout"><p><br>
controls {<br>
@ -102,7 +102,7 @@ controls
</div>
<div class="refsection">
<a name="id-1.13.26.10"></a><h2>DLZ</h2>
<a name="id-1.13.27.10"></a><h2>DLZ</h2>
<div class="literallayout"><p><br>
dlz <em class="replaceable"><code>string</code></em> {<br>
@ -113,7 +113,7 @@ dlz
</div>
<div class="refsection">
<a name="id-1.13.26.11"></a><h2>DYNDB</h2>
<a name="id-1.13.27.11"></a><h2>DYNDB</h2>
<div class="literallayout"><p><br>
dyndb <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>quoted_string</code></em> {<br>
@ -122,7 +122,7 @@ dyndb
</div>
<div class="refsection">
<a name="id-1.13.26.12"></a><h2>KEY</h2>
<a name="id-1.13.27.12"></a><h2>KEY</h2>
<div class="literallayout"><p><br>
key <em class="replaceable"><code>string</code></em> {<br>
@ -133,7 +133,7 @@ key
</div>
<div class="refsection">
<a name="id-1.13.26.13"></a><h2>LOGGING</h2>
<a name="id-1.13.27.13"></a><h2>LOGGING</h2>
<div class="literallayout"><p><br>
logging {<br>
@ -156,7 +156,7 @@ logging
<div class="refsection">
<a name="id-1.13.26.14"></a><h2>MANAGED-KEYS</h2>
<a name="id-1.13.27.14"></a><h2>MANAGED-KEYS</h2>
<div class="literallayout"><p><br>
managed-keys { <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>integer</code></em><br>
@ -165,7 +165,7 @@ managed-keys
</div>
<div class="refsection">
<a name="id-1.13.26.15"></a><h2>MASTERS</h2>
<a name="id-1.13.27.15"></a><h2>MASTERS</h2>
<div class="literallayout"><p><br>
masters <em class="replaceable"><code>string</code></em> [ port <em class="replaceable"><code>integer</code></em> ] [ dscp<br>
@ -176,7 +176,7 @@ masters
</div>
<div class="refsection">
<a name="id-1.13.26.16"></a><h2>OPTIONS</h2>
<a name="id-1.13.27.16"></a><h2>OPTIONS</h2>
<div class="literallayout"><p><br>
options {<br>
@ -480,7 +480,7 @@ options
</div>
<div class="refsection">
<a name="id-1.13.26.17"></a><h2>SERVER</h2>
<a name="id-1.13.27.17"></a><h2>SERVER</h2>
<div class="literallayout"><p><br>
server <em class="replaceable"><code>netprefix</code></em> {<br>
@ -519,7 +519,7 @@ server
</div>
<div class="refsection">
<a name="id-1.13.26.18"></a><h2>STATISTICS-CHANNELS</h2>
<a name="id-1.13.27.18"></a><h2>STATISTICS-CHANNELS</h2>
<div class="literallayout"><p><br>
statistics-channels {<br>
@ -532,7 +532,7 @@ statistics-channels
</div>
<div class="refsection">
<a name="id-1.13.26.19"></a><h2>TRUSTED-KEYS</h2>
<a name="id-1.13.27.19"></a><h2>TRUSTED-KEYS</h2>
<div class="literallayout"><p><br>
trusted-keys { <em class="replaceable"><code>string</code></em> <em class="replaceable"><code>integer</code></em> <em class="replaceable"><code>integer</code></em><br>
@ -541,7 +541,7 @@ trusted-keys
</div>
<div class="refsection">
<a name="id-1.13.26.20"></a><h2>VIEW</h2>
<a name="id-1.13.27.20"></a><h2>VIEW</h2>
<div class="literallayout"><p><br>
view <em class="replaceable"><code>string</code></em> [ <em class="replaceable"><code>class</code></em> ] {<br>
@ -918,7 +918,7 @@ view
</div>
<div class="refsection">
<a name="id-1.13.26.21"></a><h2>ZONE</h2>
<a name="id-1.13.27.21"></a><h2>ZONE</h2>
<div class="literallayout"><p><br>
zone <em class="replaceable"><code>string</code></em> [ <em class="replaceable"><code>class</code></em> ] {<br>
@ -1019,14 +1019,14 @@ zone
</div>
<div class="refsection">
<a name="id-1.13.26.22"></a><h2>FILES</h2>
<a name="id-1.13.27.22"></a><h2>FILES</h2>
<p><code class="filename">/etc/named.conf</code>
</p>
</div>
<div class="refsection">
<a name="id-1.13.26.23"></a><h2>SEE ALSO</h2>
<a name="id-1.13.27.23"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry">
<span class="refentrytitle">ddns-confgen</span>(8)
@ -1067,6 +1067,6 @@ zone
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

14
doc/arm/man.named.html
View file

@ -79,7 +79,7 @@
</div>
<div class="refsection">
<a name="id-1.13.27.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.28.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>named</strong></span>
is a Domain Name System (DNS) server,
@ -96,7 +96,7 @@
</div>
<div class="refsection">
<a name="id-1.13.27.8"></a><h2>OPTIONS</h2>
<a name="id-1.13.28.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
@ -375,7 +375,7 @@
</div>
<div class="refsection">
<a name="id-1.13.27.9"></a><h2>SIGNALS</h2>
<a name="id-1.13.28.9"></a><h2>SIGNALS</h2>
<p>
In routine operation, signals should not be used to control
@ -405,7 +405,7 @@
</div>
<div class="refsection">
<a name="id-1.13.27.10"></a><h2>CONFIGURATION</h2>
<a name="id-1.13.28.10"></a><h2>CONFIGURATION</h2>
<p>
The <span class="command"><strong>named</strong></span> configuration file is too complex
@ -426,7 +426,7 @@
</div>
<div class="refsection">
<a name="id-1.13.27.11"></a><h2>FILES</h2>
<a name="id-1.13.28.11"></a><h2>FILES</h2>
<div class="variablelist"><dl class="variablelist">
@ -447,7 +447,7 @@
</div>
<div class="refsection">
<a name="id-1.13.27.12"></a><h2>SEE ALSO</h2>
<a name="id-1.13.28.12"></a><h2>SEE ALSO</h2>
<p><em class="citetitle">RFC 1033</em>,
<em class="citetitle">RFC 1034</em>,
@ -492,6 +492,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

8
doc/arm/man.nsec3hash.html
View file

@ -67,7 +67,7 @@
</div>
<div class="refsection">
<a name="id-1.13.28.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.29.7"></a><h2>DESCRIPTION</h2>
<p>
<span class="command"><strong>nsec3hash</strong></span> generates an NSEC3 hash based on
@ -87,7 +87,7 @@
</div>
<div class="refsection">
<a name="id-1.13.28.8"></a><h2>ARGUMENTS</h2>
<a name="id-1.13.29.8"></a><h2>ARGUMENTS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term">salt</span></dt>
@ -128,7 +128,7 @@
</div>
<div class="refsection">
<a name="id-1.13.28.9"></a><h2>SEE ALSO</h2>
<a name="id-1.13.29.9"></a><h2>SEE ALSO</h2>
<p>
<em class="citetitle">BIND 9 Administrator Reference Manual</em>,
@ -155,6 +155,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

16
doc/arm/man.nslookup.html
View file

@ -58,7 +58,7 @@
</div>
<div class="refsection">
<a name="id-1.13.29.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.30.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>Nslookup</strong></span>
is a program to query Internet domain name servers. <span class="command"><strong>Nslookup</strong></span>
@ -72,7 +72,7 @@
</div>
<div class="refsection">
<a name="id-1.13.29.8"></a><h2>ARGUMENTS</h2>
<a name="id-1.13.30.8"></a><h2>ARGUMENTS</h2>
<p>
Interactive mode is entered in the following cases:
@ -121,7 +121,7 @@ nslookup -query=hinfo -timeout=10
</div>
<div class="refsection">
<a name="id-1.13.29.9"></a><h2>INTERACTIVE COMMANDS</h2>
<a name="id-1.13.30.9"></a><h2>INTERACTIVE COMMANDS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term"><code class="constant">host</code> [<span class="optional">server</span>]</span></dt>
@ -372,7 +372,7 @@ nslookup -query=hinfo -timeout=10
</div>
<div class="refsection">
<a name="id-1.13.29.10"></a><h2>RETURN VALUES</h2>
<a name="id-1.13.30.10"></a><h2>RETURN VALUES</h2>
<p>
<span class="command"><strong>nslookup</strong></span> returns with an exit status of 1
if any query failed, and 0 otherwise.
@ -380,7 +380,7 @@ nslookup -query=hinfo -timeout=10
</div>
<div class="refsection">
<a name="id-1.13.29.11"></a><h2>IDN SUPPORT</h2>
<a name="id-1.13.30.11"></a><h2>IDN SUPPORT</h2>
<p>
If <span class="command"><strong>nslookup</strong></span> has been built with IDN (internationalized
@ -397,14 +397,14 @@ nslookup -query=hinfo -timeout=10
</div>
<div class="refsection">
<a name="id-1.13.29.12"></a><h2>FILES</h2>
<a name="id-1.13.30.12"></a><h2>FILES</h2>
<p><code class="filename">/etc/resolv.conf</code>
</p>
</div>
<div class="refsection">
<a name="id-1.13.29.13"></a><h2>SEE ALSO</h2>
<a name="id-1.13.30.13"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry">
<span class="refentrytitle">dig</span>(1)
@ -437,6 +437,6 @@ nslookup -query=hinfo -timeout=10
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

16
doc/arm/man.nsupdate.html
View file

@ -77,7 +77,7 @@
</div>
<div class="refsection">
<a name="id-1.13.30.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.31.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>nsupdate</strong></span>
is used to submit Dynamic DNS Update requests as defined in RFC 2136
@ -137,7 +137,7 @@
</div>
<div class="refsection">
<a name="id-1.13.30.8"></a><h2>OPTIONS</h2>
<a name="id-1.13.31.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
@ -308,7 +308,7 @@
</div>
<div class="refsection">
<a name="id-1.13.30.9"></a><h2>INPUT FORMAT</h2>
<a name="id-1.13.31.9"></a><h2>INPUT FORMAT</h2>
<p><span class="command"><strong>nsupdate</strong></span>
reads input from
@ -672,7 +672,7 @@
</div>
<div class="refsection">
<a name="id-1.13.30.10"></a><h2>EXAMPLES</h2>
<a name="id-1.13.31.10"></a><h2>EXAMPLES</h2>
<p>
The examples below show how
@ -728,7 +728,7 @@
</div>
<div class="refsection">
<a name="id-1.13.30.11"></a><h2>FILES</h2>
<a name="id-1.13.31.11"></a><h2>FILES</h2>
<div class="variablelist"><dl class="variablelist">
@ -766,7 +766,7 @@
</div>
<div class="refsection">
<a name="id-1.13.30.12"></a><h2>SEE ALSO</h2>
<a name="id-1.13.31.12"></a><h2>SEE ALSO</h2>
<p>
<em class="citetitle">RFC 2136</em>,
@ -789,7 +789,7 @@
</div>
<div class="refsection">
<a name="id-1.13.30.13"></a><h2>BUGS</h2>
<a name="id-1.13.31.13"></a><h2>BUGS</h2>
<p>
The TSIG key is redundantly stored in two separate files.
@ -818,6 +818,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

8
doc/arm/man.pkcs11-destroy.html
View file

@ -63,7 +63,7 @@
</div>
<div class="refsection">
<a name="id-1.13.31.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.32.7"></a><h2>DESCRIPTION</h2>
<p>
<span class="command"><strong>pkcs11-destroy</strong></span> destroys keys stored in a
@ -78,7 +78,7 @@
</div>
<div class="refsection">
<a name="id-1.13.31.8"></a><h2>ARGUMENTS</h2>
<a name="id-1.13.32.8"></a><h2>ARGUMENTS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term">-m <em class="replaceable"><code>module</code></em></span></dt>
@ -127,7 +127,7 @@
</div>
<div class="refsection">
<a name="id-1.13.31.9"></a><h2>SEE ALSO</h2>
<a name="id-1.13.32.9"></a><h2>SEE ALSO</h2>
<p>
<span class="citerefentry">
@ -162,6 +162,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

8
doc/arm/man.pkcs11-keygen.html
View file

@ -66,7 +66,7 @@
</div>
<div class="refsection">
<a name="id-1.13.32.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.33.7"></a><h2>DESCRIPTION</h2>
<p>
<span class="command"><strong>pkcs11-keygen</strong></span> causes a PKCS#11 device to generate
@ -76,7 +76,7 @@
</div>
<div class="refsection">
<a name="id-1.13.32.8"></a><h2>ARGUMENTS</h2>
<a name="id-1.13.33.8"></a><h2>ARGUMENTS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term">-a <em class="replaceable"><code>algorithm</code></em></span></dt>
@ -162,7 +162,7 @@
</div>
<div class="refsection">
<a name="id-1.13.32.9"></a><h2>SEE ALSO</h2>
<a name="id-1.13.33.9"></a><h2>SEE ALSO</h2>
<p>
<span class="citerefentry">
@ -200,6 +200,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

8
doc/arm/man.pkcs11-list.html
View file

@ -61,7 +61,7 @@
</div>
<div class="refsection">
<a name="id-1.13.33.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.34.7"></a><h2>DESCRIPTION</h2>
<p>
<span class="command"><strong>pkcs11-list</strong></span>
@ -75,7 +75,7 @@
</div>
<div class="refsection">
<a name="id-1.13.33.8"></a><h2>ARGUMENTS</h2>
<a name="id-1.13.34.8"></a><h2>ARGUMENTS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term">-P</span></dt>
@ -123,7 +123,7 @@
</div>
<div class="refsection">
<a name="id-1.13.33.9"></a><h2>SEE ALSO</h2>
<a name="id-1.13.34.9"></a><h2>SEE ALSO</h2>
<p>
<span class="citerefentry">
@ -158,6 +158,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

8
doc/arm/man.pkcs11-tokens.html
View file

@ -57,7 +57,7 @@
</div>
<div class="refsection">
<a name="id-1.13.34.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.35.7"></a><h2>DESCRIPTION</h2>
<p>
<span class="command"><strong>pkcs11-tokens</strong></span>
@ -67,7 +67,7 @@
</div>
<div class="refsection">
<a name="id-1.13.34.8"></a><h2>ARGUMENTS</h2>
<a name="id-1.13.35.8"></a><h2>ARGUMENTS</h2>
<div class="variablelist"><dl class="variablelist">
<dt><span class="term">-m <em class="replaceable"><code>module</code></em></span></dt>
@ -88,7 +88,7 @@
</div>
<div class="refsection">
<a name="id-1.13.34.9"></a><h2>SEE ALSO</h2>
<a name="id-1.13.35.9"></a><h2>SEE ALSO</h2>
<p>
<span class="citerefentry">
@ -123,6 +123,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

10
doc/arm/man.rndc-confgen.html
View file

@ -65,7 +65,7 @@
</div>
<div class="refsection">
<a name="id-1.13.35.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.36.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>rndc-confgen</strong></span>
generates configuration files
@ -84,7 +84,7 @@
</div>
<div class="refsection">
<a name="id-1.13.35.8"></a><h2>OPTIONS</h2>
<a name="id-1.13.36.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
@ -206,7 +206,7 @@
</div>
<div class="refsection">
<a name="id-1.13.35.9"></a><h2>EXAMPLES</h2>
<a name="id-1.13.36.9"></a><h2>EXAMPLES</h2>
<p>
To allow <span class="command"><strong>rndc</strong></span> to be used with
@ -225,7 +225,7 @@
</div>
<div class="refsection">
<a name="id-1.13.35.10"></a><h2>SEE ALSO</h2>
<a name="id-1.13.36.10"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry">
<span class="refentrytitle">rndc</span>(8)
@ -260,6 +260,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

10
doc/arm/man.rndc.conf.html
View file

@ -55,7 +55,7 @@
</div>
<div class="refsection">
<a name="id-1.13.36.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.37.7"></a><h2>DESCRIPTION</h2>
<p><code class="filename">rndc.conf</code> is the configuration file
for <span class="command"><strong>rndc</strong></span>, the BIND 9 name server control
@ -143,7 +143,7 @@
</div>
<div class="refsection">
<a name="id-1.13.36.8"></a><h2>EXAMPLE</h2>
<a name="id-1.13.37.8"></a><h2>EXAMPLE</h2>
<pre class="programlisting">
@ -221,7 +221,7 @@
</div>
<div class="refsection">
<a name="id-1.13.36.9"></a><h2>NAME SERVER CONFIGURATION</h2>
<a name="id-1.13.37.9"></a><h2>NAME SERVER CONFIGURATION</h2>
<p>
The name server must be configured to accept rndc connections and
@ -233,7 +233,7 @@
</div>
<div class="refsection">
<a name="id-1.13.36.10"></a><h2>SEE ALSO</h2>
<a name="id-1.13.37.10"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry">
<span class="refentrytitle">rndc</span>(8)
@ -268,6 +268,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

12
doc/arm/man.rndc.html
View file

@ -67,7 +67,7 @@
</div>
<div class="refsection">
<a name="id-1.13.37.7"></a><h2>DESCRIPTION</h2>
<a name="id-1.13.38.7"></a><h2>DESCRIPTION</h2>
<p><span class="command"><strong>rndc</strong></span>
controls the operation of a name
@ -100,7 +100,7 @@
</div>
<div class="refsection">
<a name="id-1.13.37.8"></a><h2>OPTIONS</h2>
<a name="id-1.13.38.8"></a><h2>OPTIONS</h2>
<div class="variablelist"><dl class="variablelist">
@ -210,7 +210,7 @@
</div>
<div class="refsection">
<a name="id-1.13.37.9"></a><h2>COMMANDS</h2>
<a name="id-1.13.38.9"></a><h2>COMMANDS</h2>
<p>
A list of commands supported by <span class="command"><strong>rndc</strong></span> can
@ -973,7 +973,7 @@
</div>
<div class="refsection">
<a name="id-1.13.37.10"></a><h2>LIMITATIONS</h2>
<a name="id-1.13.38.10"></a><h2>LIMITATIONS</h2>
<p>
There is currently no way to provide the shared secret for a
@ -985,7 +985,7 @@
</div>
<div class="refsection">
<a name="id-1.13.37.11"></a><h2>SEE ALSO</h2>
<a name="id-1.13.38.11"></a><h2>SEE ALSO</h2>
<p><span class="citerefentry">
<span class="refentrytitle">rndc.conf</span>(5)
@ -1024,6 +1024,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.4 (Development Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.13.5 (Development Release)</p>
</body>
</html>

41
doc/arm/notes.html
View file

@ -15,7 +15,7 @@
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id-1.2"></a>Release Notes for BIND Version 9.13.4</h2></div></div></div>
<a name="id-1.2"></a>Release Notes for BIND Version 9.13.5</h2></div></div></div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
@ -134,6 +134,20 @@
in use. This flaw is disclosed in CVE-2018-5740. [GL #387]
</p>
</li>
<li class="listitem">
<p>
Code change #4964, intended to prevent double signatures
when deleting an inactive zone DNSKEY in some situations,
introduced a new problem during zone processing in which
some delegation glue RRsets are incorrectly identified
as needing RRSIGs, which are then created for them using
the current active ZSK for the zone. In some, but not all
cases, the newly-signed RRsets are added to the zone's
NSEC/NSEC3 chain, but incompletely -- this can result in
a broken chain, affecting validation of proof of nonexistence
for records in the zone. [GL #771]
</p>
</li>
</ul></div>
</div>
@ -163,6 +177,19 @@
as described in RFC 7706. [GL #33]
</p>
</li>
<li class="listitem">
<p>
A new <span class="command"><strong>plugin</strong></span> mechanism has been added to allow
extension of query processing functionality through the use of
external libraries. The new <code class="filename">filter-aaaa.so</code>
plugin replaces the <span class="command"><strong>filter-aaaa</strong></span> feature that
was formerly implemented as a native part of BIND.
</p>
<p>
The plugin API is a work in progress and is likely to evolve
as further plugins are implemented. [GL #15]
</p>
</li>
<li class="listitem">
<p>
BIND now can be compiled against the <span class="command"><strong>libidn2</strong></span>
@ -300,6 +327,18 @@
the operating system, and it cannot be built without threads.
</p>
</li>
<li class="listitem">
<p>
The <span class="command"><strong>filter-aaaa</strong></span>,
<span class="command"><strong>filter-aaaa-on-v4</strong></span>, and
<span class="command"><strong>filter-aaaa-on-v6</strong></span> options have been removed
from <span class="command"><strong>named</strong></span>, and can no longer be
configured using native <code class="filename">named.conf</code> syntax.
However, loading the new <code class="filename">filter-aaaa.so</code>
plugin and setting its parameters provides identical
functionality.
</p>
</li>
<li class="listitem">
<p>
<span class="command"><strong>named</strong></span> can no longer use the EDNS CLIENT-SUBNET

BIN
doc/arm/notes.pdf
View file

Binary file not shown.

25
doc/arm/notes.txt
View file

@ -1,4 +1,4 @@
Release Notes for BIND Version 9.13.4
Release Notes for BIND Version 9.13.5
Introduction
@ -79,6 +79,16 @@ Security Fixes
deny-answer-aliases was in use. This flaw is disclosed in
CVE-2018-5740. [GL #387]
* Code change #4964, intended to prevent double signatures when deleting
an inactive zone DNSKEY in some situations, introduced a new problem
during zone processing in which some delegation glue RRsets are
incorrectly identified as needing RRSIGs, which are then created for
them using the current active ZSK for the zone. In some, but not all
cases, the newly-signed RRsets are added to the zone's NSEC/NSEC3
chain, but incompletely -- this can result in a broken chain,
affecting validation of proof of nonexistence for records in the zone.
[GL #771]
New Features
* Task manager and socket code have been substantially modified. The
@ -95,6 +105,14 @@ New Features
facilitate deployment of a local copy of the root zone, as described
in RFC 7706. [GL #33]
* A new plugin mechanism has been added to allow extension of query
processing functionality through the use of external libraries. The
new filter-aaaa.so plugin replaces the filter-aaaa feature that was
formerly implemented as a native part of BIND.
The plugin API is a work in progress and is likely to evolve as
further plugins are implemented. [GL #15]
* BIND now can be compiled against the libidn2 library to add IDNA2008
support. Previously, BIND supported IDNA2003 using the (now obsolete
and unsupported) idnkit-1 library.
@ -179,6 +197,11 @@ Removed Features
requires threading support (either POSIX or Windows) from the
operating system, and it cannot be built without threads.
* The filter-aaaa, filter-aaaa-on-v4, and filter-aaaa-on-v6 options have
been removed from named, and can no longer be configured using native
named.conf syntax. However, loading the new filter-aaaa.so plugin and
setting its parameters provides identical functionality.
* named can no longer use the EDNS CLIENT-SUBNET option for view
selection. In its existing form, the authoritative ECS feature was not
fully RFC-compliant, and could not realistically have been deployed in

10
doc/misc/options
View file

@ -24,9 +24,6 @@ dlz <string> {
dyndb <string> <quoted_string> {
<unspecified-text> }; // may occur multiple times
hook ( query ) <string> [ { <unspecified-text> }
]; // may occur multiple times
key <string> {
algorithm <string>;
secret <string>;
@ -391,6 +388,9 @@ options {
zone-statistics ( full | terse | none | <boolean> );
};
plugin ( query ) <string> [ { <unspecified-text>
} ]; // may occur multiple times
server <netprefix> {
bogus <boolean>;
edns <boolean>;
@ -543,8 +543,6 @@ view <string> [ <class> ] {
forwarders [ port <integer> ] [ dscp <integer> ] { ( <ipv4_address>
| <ipv6_address> ) [ port <integer> ] [ dscp <integer> ]; ... };
glue-cache <boolean>;
hook ( query ) <string> [ {
<unspecified-text> } ]; // may occur multiple times
inline-signing <boolean>;
ixfr-from-differences ( primary | master | secondary | slave |
<boolean> );
@ -607,6 +605,8 @@ view <string> [ <class> ] {
nta-lifetime <ttlval>;
nta-recheck <ttlval>;
nxdomain-redirect <string>;
plugin ( query ) <string> [ {
<unspecified-text> } ]; // may occur multiple times
preferred-glue <string>;
prefetch <integer> [ <integer> ];
provide-ixfr <boolean>;

4
lib/bind9/api
View file

@ -9,6 +9,6 @@
# 9.11: 160-169,1100-1199
# 9.12: 1200-1299
# 9.13: 1300-1399
LIBINTERFACE = 1301
LIBREVISION = 1
LIBINTERFACE = 1302
LIBREVISION = 0
LIBAGE = 0

2
lib/dns/api
View file

@ -9,6 +9,6 @@
# 9.11: 160-169,1100-1199
# 9.12: 1200-1299
# 9.13: 1300-1399
LIBINTERFACE = 1304
LIBINTERFACE = 1305
LIBREVISION = 0
LIBAGE = 0

2
lib/irs/api
View file

@ -10,5 +10,5 @@
# 9.12: 1200-1299
# 9.13: 1300-1399
LIBINTERFACE = 1301
LIBREVISION = 1
LIBREVISION = 2
LIBAGE = 0

2
lib/isc/api
View file

@ -9,6 +9,6 @@
# 9.11: 160-169,1100-1199
# 9.12: 1200-1299
# 9.13: 1300-1399
LIBINTERFACE = 1304
LIBINTERFACE = 1305
LIBREVISION = 0
LIBAGE = 0

2
lib/isccfg/parser.c
View file

@ -1567,7 +1567,7 @@ doc_optional_btext(cfg_printer_t *pctx, const cfg_type_t *type) {
cfg_print_cstr(pctx, "[ { <unspecified-text> } ]");
}
cfg_type_t cfg_type_optional_bracketed_text = {
LIBISCCFG_EXTERNAL_DATA cfg_type_t cfg_type_optional_bracketed_text = {
"optional_btext", parse_optional_btext, print_optional_btext,
doc_optional_btext, NULL, NULL
};

1
lib/isccfg/win32/libisccfg.def
View file

@ -154,6 +154,7 @@ cfg_ungettoken
;cfg_type_netaddr6
;cfg_type_netaddr6wild
;cfg_type_netprefix
;cfg_type_optional_bracketed_text
;cfg_type_percentage
;cfg_type_qstring
;cfg_type_rndcconf

4
lib/ns/api
View file

@ -9,6 +9,6 @@
# 9.11: 160-169
# 9.12: 1200-1299
# 9.13: 1300-1399
LIBINTERFACE = 1303
LIBREVISION = 1
LIBINTERFACE = 1304
LIBREVISION = 0
LIBAGE = 0

2
version
View file

@ -5,7 +5,7 @@ PRODUCT=BIND
DESCRIPTION="(Development Release)"
MAJORVER=9
MINORVER=13
PATCHVER=4
PATCHVER=5
RELEASETYPE=
RELEASEVER=
EXTENSIONS=