insensitive.
1599. [bug] Fix memory leak on error path when checking named.conf.
1598. [func] Specify that certain parts of the namespace must
be secure (dnssec-must-be-secure).
1581. [func] Disable DNSSEC support by default. To enable
DNSSEC specify "enable-dnssec yes;" in named.conf.
1565. [bug] CD flag should be copied to outgoing queries unless
the query is under a secure entry point in which case
CD should be set.
1558. [func] New DNSSEC 'disable-algorithms'. Support entry into
child zones for which we don't have a supported
algorithm. Such child zones are treated as unsigned.
1557. [func] Implement missing DNSSEC tests for
* NOQNAME proof with wildcard answers.
* NOWILDARD proof with NXDOMAIN.
Cache and return NOQNAME with wildcard answers.
1541. [func] NSEC now uses new bitmap format.
1519. [bug] dnssec-signzone:nsec_setbit() computed the wrong
length of the new bitmap.
1516. [func] Roll the DNSSEC types to RRSIG, NSEC and DNSKEY.
child zones for which we don't have a supported
algorithm. Such child zones are treated as unsigned.
1557. [func] Implement missing DNSSEC tests for
* NOQNAME proof with wildcard answers.
* NOWILDARD proof with NXDOMAIN.
Cache and return NOQNAME with wildcard answers.
[RT #6496]
implemented by marka, reviewed and documented by jinmei.
Notes:
lib/dns/zone.c had to be modified manually.
ARM html files were not regenerated (yet).
delegation-only check to all TLDs and root.
Note there are some TLDs that are NOT delegation
only (e.g. DE and MUSEUM) these can be excluded
from the checks buy using exclude.
root-delegation-only exclude { "DE"; "MUSEUM"; };
delegation-only check to all TLDs and root.
Note there are some TLDs that are NOT delegation
only (e.g. DE and MUSEUM) these can be excluded
from the checks buy using exclude.
root-delegation-only exclude { "DE"; "MUSEUM"; };
zone should not accept delegation-only.
1508. [bug] Don't apply delegation-only checks to answers from
forwarders.
1507. [bug] Handle BIND 8 style returns to NS queries to parents
when making delegation-only checks.
1506. [bug] Wrong return type for dns_view_isdelegationonly().
1505. [bug] Uninitialised rdataset in sdb. [RT #8750]
1504. [func] New zone type "delegation-only".
dns_portlist_create(), dns_portlist_add(),
dns_portlist_remove(), dns_portlist_match(),
dns_portlist_attach() and dns_portlist_detach().
1441. [func] It is now possible to tell dig to bind to a specific
source port.
1440. [func] It is now possible to tell named to avoid using
certian source ports (avoid-v4-udp-ports,
avoid-v6-udp-ports).
