insensitive.
1599. [bug] Fix memory leak on error path when checking named.conf.
1598. [func] Specify that certain parts of the namespace must
be secure (dnssec-must-be-secure).
child zones for which we don't have a supported
algorithm. Such child zones are treated as unsigned.
1557. [func] Implement missing DNSSEC tests for
* NOQNAME proof with wildcard answers.
* NOWILDARD proof with NXDOMAIN.
Cache and return NOQNAME with wildcard answers.
[RT #6496]
implemented by marka, reviewed and documented by jinmei.
Notes:
lib/dns/zone.c had to be modified manually.
ARM html files were not regenerated (yet).
delegation-only check to all TLDs and root.
Note there are some TLDs that are NOT delegation
only (e.g. DE and MUSEUM) these can be excluded
from the checks buy using exclude.
root-delegation-only exclude { "DE"; "MUSEUM"; };
from BIND 8. See use-alt-transfer-source,
alt-transfer-source-v4 and alt-transfer-source-v6.
SECURITY: use-alt-transfer-source is ENABLED unless
you are using views. This may caues a security risk
resulting in accidental disclosure of wrong zone
content if the master supplying different source
content based on IP address. If you are not certian
ISC recommends setting use-alt-transfer-source no;
developer: marka
reviewer: explorer
been replaced with DNS_ADBFIND_STARTATZONE which
causes the search to start using the closest zone.
1444. [func] dns_view_findzonecut2() allows you to specify if the
cache should be searched for zonecuts.
developer: marka
reviewer: explorer
dns_portlist_create(), dns_portlist_add(),
dns_portlist_remove(), dns_portlist_match(),
dns_portlist_attach() and dns_portlist_detach().
1441. [func] It is now possible to tell dig to bind to a specific
source port.
1440. [func] It is now possible to tell named to avoid using
certian source ports (avoid-v4-udp-ports,
avoid-v6-udp-ports).
developer: marka
reviewer: explorer
stalled transfers.
1435. [bug] zmgr_resume_xfrs() was being called read locked
rather than write locked. zmgr_resume_xfrs()
was not being called if the zone was being
shutdown.
1434. [bug] "rndc reconfig" failed to initiate the initial
zone transfer of new slave zones.
developer: marka
reviewer: explorer
