upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-26 11:32:01 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
26645 commits 18 branches 854 tags 440 MiB
Commit graph

5556 commits

Author SHA1 Message Date
Francis Dupont
9b9182fe00 Added Ed25519 support (#44696) 2017-07-31 15:26:00 +02:00
Tinderbox User
93ae9a09a9 regen master 2017-07-29 01:10:15 +00:00
Evan Hunt
268cea9c12 [master] glue-cache option 
4664.	[func]		Add a "glue-cache" option to enable or disable the
			glue cache. The default is "no" to reduce memory
			usage, but enabling this option will improve
			performance in delegation-heavy zones. [RT #45125]
 2017-07-28 12:57:50 -07:00
Evan Hunt
cee0d603a3 [master] remove unnecessary acronym expansions 2017-07-28 12:22:31 -07:00
Tinderbox User
2f575e645b regen master 2017-07-16 01:07:52 +00:00
Evan Hunt
8abc9db6bf [master] update relnotes to mention termination of windows XP support 2017-07-15 13:56:34 -07:00
Tinderbox User
a28cf7bfb5 regen master 2017-07-12 01:09:15 +00:00
Mark Andrews
56d8312a48 note change in AD setting on some truncated answers 2017-07-11 13:29:19 +10:00
Mark Andrews
9987992232 add note about .local 2017-07-11 12:43:31 +10:00
Tinderbox User
c6a2d3a9e6 regen master 2017-06-28 01:09:32 +00:00
Evan Hunt
581c1526ab [master] address TSIG bypass/forgery vulnerabilities 
4643.	[security]	An error in TSIG handling could permit unauthorized
			zone transfers or zone updates. (CVE-2017-3142)
			(CVE-2017-3143) [RT #45383]
 2017-06-27 11:39:19 -07:00
Tinderbox User
d6b626e9a7 regen master 2017-06-14 01:08:21 +00:00
Evan Hunt
bf05e66bb3 [master] prevent reload failure due to LMDB database perms 
4638.	[bug]		Reloading or reconfiguring named could fail on
			some platforms when LMDB was in use. [RT #45203]
 2017-06-13 10:15:34 -07:00
Evan Hunt
0471530aae [master] nsec3hash -r 
4637.	[func]		"nsec3hash -r" option ("rdata order") takes arguments
			in the same order as they appear in NSEC3 or
			NSEC3PARAM records, so that NSEC3 parameters can
			be cut and pasted from an existing record. Thanks
			to Tony Finch for the contribution. [RT #45183]
 2017-06-13 00:39:10 -07:00
Tinderbox User
d37d9a6873 regen master 2017-05-31 01:08:13 +00:00
Evan Hunt
967a3b9419 [master] quote service registry paths 
4532.	[security]	The BIND installer on Windows used an unquoted
                        service path, which can enable privilege escalation.
			(CVE-2017-3141) [RT #45229]
 2017-05-30 13:35:59 -07:00
Evan Hunt
2648c49be7 [master] fix rpz formerr loop 
4531.	[security]	Some RPZ configurations could go into an infinite
			query loop when encountering responses with TTL=0.
			(CVE-2017-3140) [RT #45181]
 2017-05-30 12:30:28 -07:00
Tinderbox User
a014b329f2 regen master 2017-05-19 01:09:39 +00:00
Evan Hunt
ef9ab10ce0 [master] remove outdated reference to libbind 2017-05-18 15:35:06 -07:00
Tinderbox User
bdf087ba00 regen master 2017-05-12 01:09:53 +00:00
Mark Andrews
d4d73bca79 add warning about semicolon no longer being escaped 2017-05-11 11:02:35 +10:00
Tinderbox User
f9d602f35c regen master 2017-05-05 01:08:31 +00:00
Evan Hunt
3a554a444c [master] fix lmdb delzone 
4616.	[bug]		When using LMDB, zones deleted using "rndc delzone"
			were not correctly removed from the new-zone
			database. [RT #45185]
 2017-05-04 12:32:32 -07:00
Tinderbox User
51da560543 regen master 2017-05-04 01:08:23 +00:00
Mark Andrews
071fe723a1 fix tag mismatch 2017-05-03 11:15:14 +10:00
Evan Hunt
d39ab7440e [master] automatically tune max-journal-size 
4613.	[func]		By default, the maximum size of a zone journal file
			is now twice the size of the zone's contents (there
			is little benefit to a journal larger than this).
			This can be overridden by setting "max-journal-size"
			to "unlimited" or to an explicit value up to 2G.
			Thanks to Tony Finch. [RT #38324]
 2017-05-02 13:23:08 -07:00
Evan Hunt
a7dc84cd4b [master] change markdown comment style for pandoc 2017-04-27 23:43:44 -07:00
Tinderbox User
57994a07f7 regen master 2017-04-27 00:43:03 +00:00
Mukund Sivaraman
241b49e611 Set a LMDB mapsize and also provide a config option to control it (#44954) 2017-04-26 23:51:26 +05:30
Tinderbox User
c118d16a1c regen master 2017-04-25 01:06:00 +00:00
Tinderbox User
18b7760b29 update copyright notice / whitespace 2017-04-24 23:45:33 +00:00
Evan Hunt
2dfb992349 [master] new-zones-directory option 
4610.	[func]		The "new-zones-directory" option specifies the
			location of NZF or NZD files for storing
			configuration of zones added by "rndc addzone".
			Thanks to Petr Menšík. [RT #44853]
 2017-04-23 23:16:53 -07:00
Evan Hunt
6ce8a05f6c [master] update copyrights that had been missed recently 2017-04-23 17:06:00 -07:00
Tinderbox User
f5fa655319 regen master 2017-04-23 01:06:11 +00:00
Tinderbox User
1f6505a424 update copyright notice / whitespace 2017-04-22 23:45:41 +00:00
Evan Hunt
3a10cf1f07 [master] add a release note for performance improvements 2017-04-21 21:48:50 -07:00
Mukund Sivaraman
03be5a6b4e Improve performance for delegation heavy answers and also general query performance (#44029) 2017-04-22 09:22:44 +05:30
Evan Hunt
8a28d9f1d4 [master] auto-generate named.conf.docbook 
4603.	[doc]		Automatically generate named.conf(5) man page
			from doc/misc/options. Thanks to Tony Finch.
			[RT #43525]
 2017-04-21 16:27:56 -07:00
Evan Hunt
d26ae7fc08 [master] give threads unique names to assist debugging 
4602.	[func]		Threads are now set to human-readable
			names to assist debugging, when supported by
			the OS. [RT #43234]
 2017-04-21 13:59:40 -07:00
Evan Hunt
f5c39b072c [master] hex output mode for dnstap-read 
4594.	[func]		"dnstap-read -x" prints a hex dump of the wire
			format of each logged DNS message. [RT #44816]
 2017-04-20 20:22:19 -07:00
Evan Hunt
95f7e98da0 [master] update README, remove FAQ 
4593.	[doc]		Update README using markdown, remove outdated FAQ
			file in favor of the knowledge base.
 2017-04-20 19:21:54 -07:00
Tinderbox User
2d863323b6 regen master 2017-04-21 01:05:18 +00:00
Tinderbox User
19643a1ded regen master 2017-04-13 01:05:08 +00:00
Evan Hunt
52e398c0af [master] formatting 2017-04-12 14:05:54 -07:00
Tinderbox User
e67fe90a1f regen master 2017-04-12 01:05:15 +00:00
Tinderbox User
0a1d79ed8f regen master 2017-03-30 01:05:19 +00:00
Mark Andrews
fe1ad70e51 add CVE-2017-3138 2017-03-30 02:56:33 +11:00
Tinderbox User
38704ecee9 regen master 2017-03-26 01:05:14 +00:00
Evan Hunt
39eb1d0353 [master] host -A 
4593.	[func]		"host -A" returns most records for a name but
			omits RRSIG, NSEC and NSEC3. (Thanks to Tony Finch.)
			[RT #43032]
 2017-03-25 12:49:25 -07:00
Tinderbox User
ecbef65ae5 regen master 2017-03-13 01:05:40 +00:00
Evan Hunt
d2650297ca [master] tag mismatch 2017-03-10 17:34:01 -08:00
Mark Andrews
786402ec12 fix tag mismatch 2017-03-10 13:05:59 +11:00
Tinderbox User
d2f2db283b update copyright notice / whitespace 2017-03-09 23:46:23 +00:00
Evan Hunt
612b2e2c0d [master] timestamp suffixes for log files 
4579.	[func]		Logging channels and dnstap output files can now
			be configured with a "suffix" option, set to
			either "increment" or "timestamp", indicating
			whether to use incrementing numbers or timestamps
			as the file suffix when rolling over a log file.
			[RT #42838]
 2017-03-08 23:20:40 -08:00
Evan Hunt
aa00b31b17 [master] fix ARM merge error 2017-03-08 22:51:26 -08:00
Tinderbox User
02716f97c1 regen master 2017-03-02 01:05:06 +00:00
Tinderbox User
a06081491c regen master 2017-02-24 01:04:54 +00:00
Evan Hunt
a1365a0042 [master] remove unnecessary INSIST 
4578.	[security]	Some chaining (CNAME or DNAME) responses to upstream
			queries could trigger assertion failures.
			(CVE-2017-3137) [RT #44734]
 2017-02-23 14:34:33 -08:00
Tinderbox User
c4dbad7b36 regen master 2017-02-21 01:04:58 +00:00
Witold Krecicki
fa9b4de716 4576. [func] The RPZ implementation has been substantially refactored for improved performance and reliability. [RT #43449] 2017-02-20 11:57:28 +01:00
Tinderbox User
a32fa1246e regen master 2017-02-16 01:05:00 +00:00
Mark Andrews
009c98a1be add CVE-2017-3136 note 
(cherry picked from commit d77eadc261)
 2017-02-15 12:45:38 +11:00
Tinderbox User
a95dc83de5 regen master 2017-02-09 01:04:58 +00:00
wpk
96912e44b0 4573. [func] Query logic has been substantially refactored (e.g. query_find function has been split into smaller functions) for improved readability, maintainability 2017-02-08 22:15:01 +01:00
Evan Hunt
7fcd72f574 [master] mismatched tag 2017-02-07 18:28:40 -08:00
Evan Hunt
ef0ddc8ba3 [master] doc style 2017-02-07 08:18:15 -08:00
Mark Andrews
009aabd2e5 fix tag mismatch 2017-02-07 12:11:45 +11:00
Evan Hunt
c4e4bd6a09 [master] dnstap size and versions options 
4572.	[func]		The "dnstap-output" option can now take "size" and
			"versions" parameters to indicate the maximum size
			a dnstap log file can grow before rolling to a new
			file, and how many old files to retain. [RT #44502]
 2017-02-06 16:34:58 -08:00
Evan Hunt
5b4d6d2ff8 [master] removed extra note about bind.keys update 2017-02-06 14:19:53 -08:00
Tinderbox User
513cec7786 regen master 2017-02-05 01:04:55 +00:00
Evan Hunt
650b5e7592 [master] store local and remote addresses in dnstap 
4569.	[func]		Store both local and remote addresses in dnstap
			logging, and modify dnstap-read output format to
			print them. [RT #43595]
 2017-02-03 17:05:58 -08:00
Tinderbox User
04241eba68 regen master 2017-02-03 01:04:52 +00:00
Tinderbox User
194f07c628 update copyright notice / whitespace 2017-02-02 23:45:47 +00:00
Evan Hunt
aace5d0fb3 [master] include ECS in query logging 
4566.	[func]		Query logging now includes the ECS option if one
			was included in the query. [RT #44476]
 2017-02-02 11:54:28 -08:00
Mark Andrews
294d73d990 new root KSK 2017-02-02 18:26:52 +11:00
Mark Andrews
2f5444972a perform more testing on rndc <op> -redirect 2017-02-02 17:25:54 +11:00
Tinderbox User
59297922ce regen master 2017-02-02 01:04:40 +00:00
Evan Hunt
caf7f57771 [master] clarify client logging doc 2017-02-01 14:51:02 -08:00
Tinderbox User
1f691c3d22 regen master 2017-01-31 01:05:39 +00:00
Evan Hunt
cd668ea57f [master] change 4558 was incomplete 2017-01-30 14:10:30 -08:00
Tinderbox User
ff52f52a31 regen master 2017-01-25 01:04:56 +00:00
Evan Hunt
afa0ff0cbb [master] expand relnote 2017-01-23 20:04:04 -08:00
Tinderbox User
431ed6eede regen master 2017-01-24 01:04:59 +00:00
Mark Andrews
b1b5229a47 4556. [security] Combining dns64 and rpz can result in dereferencing 
a NULL pointer (read).  (CVE-2017-3135) [RT#44434]

(cherry picked from commit 5abe80ef13)
 2017-01-24 09:55:51 +11:00
Tinderbox User
4502e3c5dd regen master 2017-01-21 01:04:48 +00:00
Tinderbox User
96f5064e3c update copyright notice / whitespace 2017-01-20 23:45:34 +00:00
Evan Hunt
25a9b90369 [master] symbolic option names for dig +ednsopt 
4555.	[func]		dig +ednsopt: EDNS options can now be specified by
			name in addition to numeric value. [RT #44461]
 2017-01-19 23:46:37 -08:00
Tinderbox User
89e63ad516 regen master 2017-01-13 01:04:59 +00:00
Mark Andrews
d2e1b47d4f 4553. [bug] Named could deadlock there were multiple changes to 
NSEC/NSEC3 parameters for a zone being processed at
                        the same time. [RT #42770]
 2017-01-12 14:25:45 +11:00
Mark Andrews
42924b40af 4552. [bug] Named could trigger a assertion when sending notify 
messages. [RT #44019]
 2017-01-12 14:17:43 +11:00
Tinderbox User
86b7ae6b77 regen master 2017-01-10 01:04:52 +00:00
Tinderbox User
2067cfdb46 regen master 2017-01-06 01:05:20 +00:00
Tinderbox User
37ae137942 regen master 2017-01-05 01:05:07 +00:00
Evan Hunt
5804332588 [master] EDNS padding and keepalive support 
4549.	[func]		Added support for the EDNS TCP Keepalive option
			(RFC 7828). [RT #42126]

4548.	[func]		Added support for the EDNS Padding option (RFC 7830).
			[RT #42094]
 2017-01-04 09:16:30 -08:00
Tinderbox User
fdc6f64030 regen master 2016-12-29 04:58:08 +00:00
Evan Hunt
8f2b2012a4 [master] release notes 2016-12-28 20:19:47 -08:00
Tinderbox User
6ce6801f3f regen master 2016-12-29 01:05:39 +00:00
Mark Andrews
2c1c4b99a1 4508. [security] Named incorrectly tried to cache TKEY records which 
could trigger a assertion failure when there was
                            a class mismatch. (CVE-2016-9131) [RT #43522]
 2016-12-29 11:07:40 +11:00
Evan Hunt
eff07b51df [master] release notes 2016-12-28 12:05:08 -08:00
Evan Hunt
cc1a796b78 [master] release note 2016-12-28 11:07:27 -08:00
Tinderbox User
190ea9e6b8 regen master 2016-12-28 01:05:39 +00:00
Mark Andrews
5093e8d482 4542. [func] Allow rndc to manipulate redirect zones with using 
-redirect as the zone name (use "-redirect." to
                        manipulate a zone named "-redirect"). [RT #43971]
 2016-12-28 11:36:31 +11:00
Tinderbox User
dd0e617038 regen master 2016-12-27 01:05:51 +00:00
Evan Hunt
c5b8b74113 [master] clarify auth ECS is not meant for production use 2016-12-26 16:52:30 -08:00
Tinderbox User
16fde7f0b3 regen master 2016-12-07 01:05:34 +00:00
Mark Andrews
1b8ce3b330 4527. [doc] Support DocBook XSL Stylesheets v1.79.1. [RT #43831] 2016-12-07 10:49:55 +11:00
Tinderbox User
807bf70d07 regenerate 2016-12-05 19:19:01 +00:00
Tinderbox User
b06a5726eb regen master 2016-12-05 18:24:42 +00:00
Evan Hunt
ca58c1ea25 [master] fixed ARM grammars 
4526.	[doc]		Corrected errors and improved formatting of
			grammar defintiions in the ARM. [RT #43739]
 2016-12-05 00:43:10 -08:00
Evan Hunt
e1ba21bd58 [master] fix managed-keys doc 
4525.	[doc]		Fixed outdated documentation on managed-keys.
			[RT #43810]
 2016-12-04 20:22:20 -08:00
Mukund Sivaraman
5c843b384d Add doc function for cfg_type_querysource4 and cfg_type_querysource6 (#43768) 2016-12-02 11:16:08 +05:30
Tinderbox User
09c44ec7f1 regen master 2016-11-30 01:06:25 +00:00
Tinderbox User
c8b6065dde regen master 2016-11-25 21:01:07 +00:00
Mark Andrews
e527dcdb00 automate insertion of copyright year list into Bv9ARM-book.xml 2016-11-26 07:49:23 +11:00
Tinderbox User
ee2c593635 regen master 2016-11-24 01:05:57 +00:00
Evan Hunt
62c85a4a52 [master] allow different time formats: local, iso8601, iso8601-utc 
4518.	[func]		The "print-time" option in the logging configuration
			can now take arguments "local", "iso8601" or
			"iso8601-utc" to indicate the format in which the
			date and time should be logged. For backward
			compatibility, "yes" is a synonym for "local".
			[RT #42585]
 2016-11-22 23:34:47 -08:00
Evan Hunt
f26fab1103 [master] clean up relnotes 2016-11-22 23:32:37 -08:00
Mark Andrews
cbd3082c62 add rfc7477 and rfc8020 2016-11-16 19:12:09 +11:00
Tinderbox User
8d8839b3a0 regen master 2016-11-03 01:06:32 +00:00
Mark Andrews
5f8412a4cb 4504. [security] Allow the maximum number of records in a zone to 
be specified.  This provides a control for issues
                        raised in CVE-2016-6170. [RT #42143]
 2016-11-02 17:31:27 +11:00
Tinderbox User
05caf20a11 regen master 2016-11-02 01:07:10 +00:00
Mark Andrews
89286906dc 4502. [func] Report multiple and experimental options when printing 
grammar. [RT #43134]
 2016-11-02 10:04:57 +11:00
Tinderbox User
c970f162b6 regen master 2016-10-29 01:06:53 +00:00
Tinderbox User
0b15ee0705 regen master 2016-10-16 01:06:28 +00:00
Tinderbox User
5e32012dcf regen master 2016-10-10 01:04:44 +00:00
Tinderbox User
f925373f21 regen master 2016-10-06 01:05:06 +00:00
Tinderbox User
ddb166caff regen master 2016-10-04 22:13:44 +00:00
Mark Andrews
413e9b90de sync with 9.11.0 2016-09-30 14:48:13 +10:00
Tinderbox User
f1814f50c9 regen master 2016-09-29 01:05:10 +00:00
Tinderbox User
03bb19ed38 regen master 2016-09-26 13:42:17 +00:00
Tinderbox User
6caf463209 regen master 2016-09-23 01:05:40 +00:00
Evan Hunt
c4b7db4932 [master] render querylog format consistent, and add a release note 
4471.	[cleanup]	Render client/query logging format consistent for
			ease of log file parsing. (Note that this affects
			"querylog" format: there is now an additional field
			indicating the client object address.) [RT #43238]
 2016-09-22 14:48:56 -07:00
Mark Andrews
4f713200f8 sync with 9.11.0rc2 2016-09-20 20:54:27 +10:00
Tinderbox User
18c84f3b0b regen master 2016-09-14 01:04:44 +00:00
Tinderbox User
91ff2c5a4b regen master 2016-09-09 02:18:18 +00:00
Mark Andrews
9ffbc3f9b3 reorder 2016-09-09 11:54:19 +10:00
Mark Andrews
d4c8a622c0 add CVE-2016-2776 2016-09-09 11:50:24 +10:00
Tinderbox User
1a49346184 regen master 2016-09-02 01:04:40 +00:00
Mark Andrews
fe09d4b609 s/secret_string/algorithm_id/ for cookie-algorithm 2016-09-01 12:04:47 +10:00
Tinderbox User
9465a47983 regen master 2016-09-01 01:04:48 +00:00
Evan Hunt
b46760b373 [master] correct default value of tcp-clients 2016-08-30 23:02:27 -07:00
Mark Andrews
63fe88e8d8 4456. [doc] Add DOCTYPE and lang attribute to <html> tags. 
[RT #42587]
 2016-08-26 15:14:04 +10:00
Tinderbox User
65c09d514e regen master 2016-08-26 01:04:37 +00:00
Jeremy C. Reed
25a13a0861 fix the 8K number 
from the upstream source:
/** Default `buffer_hint` value. */
 2016-08-25 13:55:17 -04:00
Evan Hunt
bfb479d5e3 [master] fix dnssec-policy.conf in notes 2016-08-25 08:19:01 -07:00
Tinderbox User
5883460271 regen master 2016-08-25 01:04:54 +00:00
Evan Hunt
864dc79dce [master] add missing release notes and fix other doc nits 2016-08-24 16:25:20 -07:00
Evan Hunt
1e50c0d857 [master] add dnssec-keygen and nslookup man page links to ARM 2016-08-24 20:39:03 +00:00
Tinderbox User
a1458d47a5 regen master 2016-08-19 01:52:16 +00:00
Evan Hunt
dd666442d3 [master] document power of 2 requirement for fstrm-set-input-queue-size 2016-08-18 18:10:32 -07:00
Evan Hunt
b715ad3cdb [master] missed renaming SIT to COOKIE 2016-08-18 18:08:35 -07:00
Tinderbox User
b297f5cdd5 regen master 2016-08-19 01:04:52 +00:00
Mark Andrews
934837913f 4447. [tuning] Allow the fstrm_iothr_init() options to be set using 
named.conf to control how dnstap manages the data
                        flow. [RT #42974]
 2016-08-18 11:16:06 +10:00
Francis Dupont
f4288bafe9 Updated WIN32 part of TCP_FASTOPEN doc 2016-08-15 19:43:20 +02:00
Mark Andrews
a977bc4c8e 4440. [func] Enable TCP fast open support when available on the 
server side. [RT #42866]
 2016-08-12 15:31:33 +10:00
Tinderbox User
a7115b8b4d regen master 2016-08-12 01:04:57 +00:00
Mark Andrews
78e31dd187 4437. [func] Minimal-responses now has two additional modes 
no-auth and no-auth-recursive which suppress
                        adding the NS records to the authority section
                        as well as the associated address records for the
                        nameservers. [RT #42005]
 2016-08-12 10:48:51 +10:00
Mark Andrews
969e4ba50c sync with 9.11.0.b3 2016-07-30 07:14:31 +10:00
Tinderbox User
49834f2f8d regen master 2016-07-27 01:07:09 +00:00
Mark Andrews
915544f389 add mdig, named-nzd2nzf, pkcs11-destroy, pkcs11-list, pkcs11-keygen and pkcs11-tokens manpages 2016-07-27 05:00:20 +10:00
Tinderbox User
e31a24d05b regen master 2016-07-23 01:08:43 +00:00
Mark Andrews
f20179857a 4424. [experimental] Named now sends _ta-XXXX.<trust-anchor>/NULL queries 
to provide feedback to the trust-anchor administrators
                        about how key rollovers are progressing as per
                        draft-ietf-dnsop-edns-key-tag-02.  This can be
                        disabled using 'trust-anchor-telemetry no;'.
                        [RT #40583]
 2016-07-22 20:02:17 +10:00
Tinderbox User
806ed3a2f1 regen master 2016-07-22 01:05:36 +00:00
Tinderbox User
2bc4d454e1 update copyright notice / whitespace 2016-07-21 23:46:03 +00:00
Evan Hunt
02991b6884 [master] add release note 2016-07-21 13:36:28 -07:00
Evan Hunt
eca74c52c1 [master] store "addzone" zone config in a NZD database 
4421.	[func]		When built with LMDB (Lightning Memory-mapped
			Database), named will now use a database to store
			the configuration for zones added by "rndc addzone"
			instead of using a flat NZF file. This improves
			performance of "rndc delzone" and "rndc modzone"
			significantly. Existing NZF files will
			automatically by converted to NZD databases.
			To view the contents of an NZD or to roll back to
			NZF format, use "named-nzd2nzf". To disable
                        this feature, use "configure --without-lmdb".
                        [RT #39837]
 2016-07-21 11:13:37 -07:00
Mark Andrews
ed1a24cc86 update example copyright notice 2016-07-21 19:09:16 +10:00
Mark Andrews
ba99d845a2 update example copyright notice 2016-07-21 19:05:03 +10:00
Tinderbox User
6807a2dc3c regen master 2016-07-21 07:11:01 +00:00
Mark Andrews
813e9f7ee2 copyright 2016-07-21 17:00:44 +10:00
Evan Hunt
da8ac39a23 [master] remove SIT doc 2016-07-20 21:36:08 -07:00
Mark Andrews
203b6934f4 sync w/ 9.11.0b2 2016-07-14 15:13:57 +10:00
Tinderbox User
bc8c067281 regen master 2016-07-14 01:06:14 +00:00
Mark Andrews
8f7881684b grammar 2016-07-14 09:42:31 +10:00
Evan Hunt
ffa622d7a3 [master] rndc dnstap -roll 
4411.	[func]		"rndc dnstap -roll" automatically rolls the
			dnstap output file; the previous version is
			saved with ".0" suffix, and earlier versions
			with ".1" and so on. An optional numeric argument
			indicates how many prior files to save. [RT #42830]
 2016-07-13 01:12:47 -07:00
Tinderbox User
b7b2e64450 regen master 2016-07-13 04:45:35 +00:00
Mark Andrews
e55168b7bf add [RT #42694] 2016-07-13 11:37:18 +10:00
Mark Andrews
268f9e6832 issue -> flaw 2016-07-13 11:23:12 +10:00
Tinderbox User
98ef4d0786 regen master 2016-07-12 01:05:41 +00:00
Mark Andrews
909d442cc0 add CVE-2016-2775 2016-07-12 01:09:13 +10:00
Mark Andrews
557c7221fd 4409. [bug] DNS64 should exlude mapped addresses by default when 
a exclude acl is not defined. [RT #42810]
 2016-07-11 14:11:34 +10:00
Tinderbox User
df52e5c7d5 regen master 2016-07-08 01:05:32 +00:00
Mark Andrews
429701008e add note for rt42694 2016-07-07 13:47:25 +10:00
Tinderbox User
b3d352f01d regen master 2016-07-07 01:05:27 +00:00
Mark Andrews
4d0b0596d9 license section is no longer a list 
(cherry picked from commit d2647cd5fd)
 2016-07-06 13:02:11 +10:00
Mark Andrews
a367a6eb9b spelling 2016-07-06 12:56:20 +10:00
Tinderbox User
6aba65d9f0 regen master 2016-07-06 01:05:19 +00:00
Tinderbox User
63f4908b14 regen master 2016-07-05 01:05:04 +00:00
Tinderbox User
3257ef2d96 regen master 2016-07-03 01:05:19 +00:00
Evan Hunt
c2d0738d5c [master] notes formatting, fix a CHANGES tag 2016-07-02 14:06:17 -07:00
Tinderbox User
e95f0bb5c0 regen master 2016-06-28 01:04:44 +00:00
Witold Krecicki
aea7ab20c0 Fix a typo and missing link in notes.xml 2016-06-27 20:11:21 +02:00
Curtis Blackburn
809239a853 cleanup of notes.xml 
added better text to describe the license change

    added information about the following changes to notes.xml

    +4396. [func] dnssec-keymgr now takes a '-r randomfile' option.
    + [RT #42455]
    +4392. [func] Collect statistics for RSSAC02v3 traffic-volume,
    + traffic-sizes and rcode-volume reporting. [RT #41475]
    +4388. [func] Support for master entries with TSIG keys in catalog
    + zones. [RT #42577]
    +4385. [func] Add support for allow-query and allow-transfer ACLs
    + to catalog zones. [RT #42578]
 2016-06-27 09:55:15 -07:00
Mark Andrews
0c27b3fe77 4401. [misc] Change LICENSE to MPL 2.0. 2016-06-27 14:56:38 +10:00
Tinderbox User
76cf91b5df regen master 2016-06-24 01:05:13 +00:00
Mark Andrews
7d262a3647 4394. [func] Add rndc command "dnstap-reopen" to close and 
reopen dnstap output filed. [RT #41803]
 2016-06-24 09:37:04 +10:00
Tinderbox User
5dde14e170 regen master 2016-06-23 01:05:13 +00:00
Witold Krecicki
322efcb27d 4400. [doc] Description of masters with TSIG, allow-query and 
allow-transfer options in catalog zones. [RT #42692]
 2016-06-22 12:47:37 +02:00
Tinderbox User
63fc155616 regen master 2016-06-22 01:05:11 +00:00
Mark Andrews
13dcf86725 request-ixfr is a slave option rather than a master option 2016-06-22 08:12:17 +10:00
Tinderbox User
7e4b5437f1 regen master 2016-06-14 01:05:13 +00:00
Francis Dupont
e9d097511e AEP keyper PKCS#11 provider is available in 64 bits 2016-06-13 15:43:57 +02:00
Mukund Sivaraman
f163503bce Use absolute names in catalog zone examples 2016-06-13 16:09:34 +05:30
Tinderbox User
e76f113739 regen master 2016-06-02 01:05:09 +00:00
Tinderbox User
408e9e235a regen master 2016-06-01 01:04:18 +00:00
Tinderbox User
77393407fd regenerate 2016-05-31 22:49:06 +00:00
Tinderbox User
1e126d80e1 regen master 2016-05-31 22:47:07 +00:00
Evan Hunt
3d0b7d5cc3 [master] zone-directory option for catalog zones 
4380.	[experimental]	Added a "zone-directory" option to "catalog-zones"
			syntax, allowing local masterfiles for slaves
			that are provisioned by catalog zones to be stored
			in a directory other than the server's working
			directory. [RT #42527]
 2016-05-31 10:36:27 -07:00
Mark Andrews
44fa277367 7873:Domain Name System (DNS) Cookies 2016-05-30 13:38:46 +10:00
Tinderbox User
f1f5f896c1 regen master 2016-05-28 01:05:40 +00:00
Jeremy C. Reed
ecf8e705e6 fix a few typos in doc 2016-05-27 15:22:54 -04:00
Tinderbox User
7898bf1fbc regenerate 2016-05-27 15:45:47 +00:00
Tinderbox User
260e8e04b0 regen master 2016-05-27 01:05:21 +00:00
Evan Hunt
6c2a76b3e2 [master] copyrights, win32 definitions 2016-05-26 12:36:17 -07:00
Witold Krecicki
7a00d69909 4376. [experimental] Added support for Catalog Zones, a new method for 
provisioning secondary servers in which a list of
                        zones to be served is stored in a DNS zone and can
                        be propagated to slaves via AXFR/IXFR. [RT #41581]

4375.   [func]          Add support for automatic reallocation of isc_buffer
                        to isc_buffer_put* functions. [RT #42394]
 2016-05-26 21:23:19 +02:00
Evan Hunt
5c5dcf34c3 [master] spelling 2016-05-25 18:44:59 -07:00
Evan Hunt
8e4d28d018 [master] extend release notes 2016-05-25 18:40:47 -07:00
Evan Hunt
9211688e88 [master] fix tag mismatch 2016-05-25 18:32:38 -07:00
Evan Hunt
0cbe448914 [master] minimal-any 
4371.	[func]		New "minimal-any" option reduces the size of UDP
			responses for qtype ANY by returning a single
			arbitrarily selected RRset instead of all RRsets.
			Thanks to Tony Finch. [RT #41615]
 2016-05-25 13:54:34 -07:00
Tinderbox User
3ba1f79ade regen master 2016-05-24 01:04:01 +00:00
Mark Andrews
47d19078de note RNDC module 2016-05-24 10:47:58 +10:00
Tinderbox User
22e21a4213 regen master 2016-05-17 05:39:19 +00:00
Tinderbox User
221870ba7b regen master 2016-05-17 04:27:10 +00:00
Mark Andrews
259107718f update for 9.11.0a2 2016-05-17 14:08:30 +10:00
Tinderbox User
9b3ef7211c regen master 2016-05-17 04:03:51 +00:00
Mark Andrews
bf8d171a66 add RFC7793 2016-05-13 17:00:17 +10:00
Tinderbox User
05cf9e3285 update copyright notice / whitespace 2016-05-11 23:45:23 +00:00
Mark Andrews
bf4fe7ca1b 7830: The EDNS(0) Padding Option 2016-05-11 12:08:20 +10:00
Tinderbox User
56bd026e6c regen master 2016-05-10 01:05:28 +00:00
Mark Andrews
2fef945936 remove repeated like 2016-05-10 07:22:59 +10:00
Tinderbox User
f33abec8a6 regen master 2016-05-06 01:05:45 +00:00
Witold Krecicki
e846f127d6 4362. [func] Changed rndc reconfig behaviour so that newly added 
zones are loaded asynchronously and the loading does
			not block the server. [RT #41934]
 2016-05-05 21:41:12 +02:00
Evan Hunt
370c6e0ac1 [master] add nsip-wait-recurse release note 2016-05-05 09:33:28 -07:00
Mark Andrews
08e36aa5a5 4356. [func] Add the ability to specify whether to wait for 
nameserver addresses to be looked up or not to
                        rpz with a new modifying directive 'nsip-wait-recurse'.                         [RT #35009]
 2016-05-05 16:29:05 +10:00
Tinderbox User
006283c423 regen master 2016-05-05 01:05:35 +00:00
Evan Hunt
66074f152f [master] log message when using ISC DLV 
4352.	[cleanup]	The ISC DNSSEC Lookaside Validation (DLV) service
			is scheduled to be disabled in 2017.  A warning is
			now logged when named is configured to use it,
			either explicitly or via "dnssec-lookaside auto;"
			[RT #42207]
 2016-05-04 14:37:25 -07:00
Tinderbox User
3241ddcf93 regen master 2016-04-30 01:05:59 +00:00
Mark Andrews
1bebd86e9f fix tag mis-match 2016-04-29 11:10:21 +10:00
Evan Hunt
f6096b958c [master] dnssec-keymgr 
4349.   [contrib]       kasp2policy: A python script to create a DNSSEC
                        policy file from an OpenDNSSEC KASP XML file.

4348.	[func]		dnssec-keymgr: A new python-based DNSSEC key
			management utility, which reads a policy definition
			file and can create or update DNSSEC keys as needed
			to ensure that a zone's keys match policy, roll over
			correctly on schedule, etc.  Thanks to Sebastian
			Castro for assistance in development. [RT #39211]
 2016-04-28 00:16:01 -07:00
Tinderbox User
6b7cba2b10 regen master 2016-03-25 01:05:22 +00:00
Evan Hunt
4d3f9f216a [master] better relnote for read-only controls option 2016-03-24 16:52:17 -07:00
Evan Hunt
1831596a79 [master] fixes for release notes 2016-03-24 14:40:44 -07:00
Evan Hunt
936bfae6d5 [master] remove pre-9.11.0a1 security fixes from 9.11 release notes 2016-03-24 12:11:53 -07:00
Tinderbox User
e285c11870 regen master 2016-03-24 01:05:08 +00:00
Tinderbox User
6e3f736f73 regenerate 2016-03-23 06:50:54 +00:00
Tinderbox User
46472a450e regen master 2016-03-23 06:45:14 +00:00
Evan Hunt
bee8d5b202 [master] fix broken tag 2016-03-22 21:38:25 -07:00
Evan Hunt
4488842485 [master] prep 9.11.0a1 2016-03-22 20:00:47 -07:00
Tinderbox User
6a178481cf regen master 2016-03-17 01:05:26 +00:00
Jeremy C. Reed
6693c9a2f0 fix spelling 2016-03-16 15:41:18 -04:00