Emit fatal failures on locale to ACE encoding
Separate idnout support, disable it for libidn2 < 2.0
Add custom path to libidn. Leave default path for multilib support.
Allow turning off IDN input processing by dig option
Improve documentation, fix support in host
Fix configure changes to adjust help text
Use strlcpy with size guard
Improve IDN variants choosing. Fix idn2 function name.
Remove immediate idn_locale_to_ace and idn_ace_to_locale.
Signed-off-by: Petr Menšík <pemensik@redhat.com>
4756. [bug] Interrupting dig could lead to an INSIST failure after
certain errors were encountered while querying a host
whose name resolved to more than one address. Change
4537 increased the odds of triggering this issue by
causing dig to hang indefinitely when certain error
paths were evaluated. dig now also retries TCP queries
(once) if the server gracefully closes the connection
before sending a response. [RT #42832, #45159]
4674. [func] "dig +sigchase", and related options "+topdown" and
"+trusted-keys", have been removed. Use "delv" for
queries with DNSSEC validation. [RT #42793]
4549. [func] Added support for the EDNS TCP Keepalive option
(RFC 7828). [RT #42126]
4548. [func] Added support for the EDNS Padding option (RFC 7830).
[RT #42094]
experimental SIT option of BIND 9.10. The following
named.conf directives are avaliable: send-cookie,
cookie-secret, cookie-algorithm and nocookie-udp-size.
The following dig options are available:
+[no]cookie[=value] and +[no]badcookie. [RT #39928]
3813. [func] "host" now recognizes the "timeout", "attempts" and
"debug" options when set in /etc/resolv.conf.
(Thanks to Adam Tkac at RedHat.) [RT #21885]
in draft-andrews-dnsext-expire-00. Retrivial of
remaining time to expiry from slave zones is supported.
EXPIRE uses an experimental option code (65002) and
is subject to change. [RT #35416]
3749. [func] "dig +subnet" sends an EDNS client subnet option
containing the specified address/prefix when
querying. (Thanks to Wilmer van der Gaast.)
[RT #35415]
(which are similar to DNS Cookies by Donald Eastlake)
and are designed to help clients detect off path
spoofed responses and for servers to detect legitimate
clients.
SIT use a experimental EDNS option code (65001).
SIT can be enabled via --enable-developer or
--enable-sit. It is on by default in Windows.
RRL processing as been updated to know about SIT with
legitimate clients not being rate limited. [RT #35389]
