Commit 09dd476a authored by Internet Software Consortium, Inc's avatar Internet Software Consortium, Inc Committed by Lamont Jones

9.5.0a5

parent 8dc48682

Too many changes to show.

To preserve performance only 1000 of 1000+ files are displayed.

This diff is collapsed.
......@@ -13,7 +13,7 @@ LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
$Id: COPYRIGHT,v 1.9.18.3 2007/01/08 02:41:59 marka Exp $
$Id: COPYRIGHT,v 1.12 2007/01/03 04:53:20 marka Exp $
Portions Copyright (C) 1996-2001 Nominum, Inc.
......
......@@ -18,7 +18,7 @@
- PERFORMANCE OF THIS SOFTWARE.
-->
<!-- $Id: FAQ.xml,v 1.4.4.8 2007/02/05 05:23:39 marka Exp $ -->
<!-- $Id: FAQ.xml,v 1.18 2007/02/05 05:18:22 marka Exp $ -->
<article class="faq">
<title>Frequently Asked Questions about BIND 9</title>
......
......@@ -13,7 +13,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.43.18.4 2006/05/19 00:04:01 marka Exp $
# $Id: Makefile.in,v 1.47 2006/05/19 00:04:02 marka Exp $
srcdir = @srcdir@
VPATH = @srcdir@
......
......@@ -43,22 +43,25 @@ BIND 9
Nominum, Inc.
BIND 9.4.2
BIND 9.5.0
BIND 9.4.2 is a maintenance release, containing fixes for
a number of bugs in 9.4.1.
BIND 9.5.0 has a number of new features over 9.4,
including:
GSS-TSIG support (RFC 3645).
BIND 9.4.1
DHCID support.
BIND 9.4.1 is a security release, containing a fix for
a security bugs in 9.4.0.
Experimental http server and statistics support for named via xml.
Use Doxygen to generate internal documention.
BIND 9.4.0
BIND 9.4.0 has a number of new features over 9.3,
including:
Implemented "additional section caching" (or "acache"), an
Implemented "additional section caching (or acache)", an
internal cache framework for additional section content to
improve response performance. Several configuration options
were provided to control the behavior.
......@@ -147,11 +150,12 @@ BIND 9.4.0
Add support for CH A record.
Add additional zone data consistancy checks. named-checkzone
Add additional zone data constancy checks. named-checkzone
has extended checking of NS, MX and SRV record and the hosts
they reference. named has extended post zone load checks.
New zone options: check-mx and integrity-check.
edns-udp-size can now be overridden on a per server basis.
dig can now specify the EDNS version when making a query.
......@@ -164,7 +168,7 @@ BIND 9.4.0
Detect duplicates of UDP queries we are recursing on and
drop them. New stats category "duplicates".
Memory management. "USE INTERNAL MALLOC" is now runtime selectable.
"USE INTERNAL MALLOC" is now runtime selectable.
The lame cache is now done on a <qname,qclass,qtype> basis
as some servers only appear to be lame for certain query
......@@ -179,9 +183,9 @@ BIND 9.4.0
Support for IPSECKEY rdata type.
Raise the UDP receive buffer size to 32k if it is less than 32k.
Raise the UDP recieve buffer size to 32k if it is less than 32k.
x86 and x86_64 now have separate atomic locking implementations.
x86 and x86_64 now have seperate atomic locking implementations.
named-checkconf now validates update-policy entries.
......@@ -209,69 +213,9 @@ BIND 9.4.0
to set 'RA' when 'RD' is set unless a server is explicitly
set.
Integrate contributed DLZ code into named.
Integrate contributed IDN code from JPNIC.
Validate pending NS RRsets, in the authority section, prior
to returning them if it can be done without requiring DNSKEYs
to be fetched.
It is now possible to configure named to accept expired
RRSIGs. Default "dnssec-accept-expired no;". Setting
"dnssec-accept-expired yes;" leaves named vulnerable to
replay attacks.
Additional memory leakage checks.
The maximum EDNS UDP response named will send can now be
set in named.conf (max-udp-size). This is independent of
the advertised receive buffer (edns-udp-size).
Named now falls back to advertising EDNS with a 512 byte
receive buffer if the initial EDNS queries fail.
Control the zeroing of the negative response TTL to a soa
query. Defaults "zero-no-soa-ttl yes;" and
"zero-no-soa-ttl-cache no;".
Separate out MX and SRV to CNAME checks.
dig/nslookup/host: warn about missing "QR".
TSIG HMACSHA1, HMACSHA224, HMACSHA256, HMACSHA384 and
HMACSHA512 support.
Integrate contibuted DLZ code into named.
dnssec-signzone: output the SOA record as the first record
in the signed zone.
Two new update policies. "selfsub" and "selfwild".
dig, nslookup and host now advertise a 4096 byte EDNS UDP
buffer size by default.
Report when a zone is removed.
DS/DLV SHA256 digest algorithm support.
Implement "rrset-order fixed".
Check the KSK flag when updating a secure dynamic zone.
New zone option "update-check-ksk yes;".
It is now possible to explicitly enable DNSSEC validation.
default dnssec-validation no; to be changed to yes in 9.5.0.
It is now possible to enable/disable DNSSEC validation
from rndc. This is useful for the mobile hosts where the
current connection point breaks DNSSEC (firewall/proxy).
rndc validation newstate [view]
dnssec-signzone can now update the SOA record of the signed
zone, either as an increment or as the system time().
Statistics about acache now recorded and sent to log.
Integrate contibuted IDN code from JPNIC.
libbind: corresponds to that from BIND 8.4.7.
......@@ -589,8 +533,9 @@ Bug Reports and Mailing Lists
http://www.isc.org/ops/lists/
If you're planning on making changes to the BIND 9 source
code, you might want to join the BIND Forum as a Worker.
This gives you access to the bind-workers@isc.org mailing
list and pre-release access to the code.
code, you might want to join the BIND Workers mailing list.
Send mail to
bind-workers-request@isc.org
http://www.isc.org/sw/guild/bf/
......@@ -109,4 +109,4 @@ about idnkit and this patch.
Bug reports and comments on this kit should be sent to
mdnkit-bugs@nic.ad.jp and idn-cmt@nic.ad.jp, respectively.
; $Id: README.idnkit,v 1.2.2.2 2005/09/12 02:12:08 marka Exp $
; $Id: README.idnkit,v 1.2 2005/09/09 06:13:57 marka Exp $
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: acconfig.h,v 1.44.18.5 2005/04/29 00:15:20 marka Exp $ */
/* $Id: acconfig.h,v 1.49 2005/04/29 00:22:24 marka Exp $ */
/*! \file */
......
......@@ -13,7 +13,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: Makefile.in,v 1.24.18.6 2006/06/09 00:54:08 marka Exp $
# $Id: Makefile.in,v 1.30 2006/06/09 00:54:09 marka Exp $
srcdir = @srcdir@
VPATH = @srcdir@
......
This diff is collapsed.
/*
* Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2000-2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: check-tool.h,v 1.7.18.4 2005/06/20 01:19:25 marka Exp $ */
/* $Id: check-tool.h,v 1.13 2007/05/21 03:46:41 tbox Exp $ */
#ifndef CHECK_TOOL_H
#define CHECK_TOOL_H
......@@ -23,6 +23,7 @@
/*! \file */
#include <isc/lang.h>
#include <isc/stdio.h>
#include <isc/types.h>
#include <dns/masterdump.h>
......@@ -31,7 +32,7 @@
ISC_LANG_BEGINDECLS
isc_result_t
setup_logging(isc_mem_t *mctx, isc_log_t **logp);
setup_logging(isc_mem_t *mctx, FILE *errout, isc_log_t **logp);
isc_result_t
load_zone(isc_mem_t *mctx, const char *zonename, const char *filename,
......
......@@ -13,7 +13,7 @@
.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
.\" PERFORMANCE OF THIS SOFTWARE.
.\"
.\" $Id: named-checkconf.8,v 1.16.18.13 2007/06/20 02:26:58 marka Exp $
.\" $Id: named-checkconf.8,v 1.29 2007/05/21 04:09:03 marka Exp $
.\"
.hy 0
.ad l
......@@ -33,13 +33,18 @@
named\-checkconf \- named configuration file syntax checking tool
.SH "SYNOPSIS"
.HP 16
\fBnamed\-checkconf\fR [\fB\-v\fR] [\fB\-j\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] {filename} [\fB\-z\fR]
\fBnamed\-checkconf\fR [\fB\-h\fR] [\fB\-v\fR] [\fB\-j\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] {filename} [\fB\-z\fR]
.SH "DESCRIPTION"
.PP
\fBnamed\-checkconf\fR
checks the syntax, but not the semantics, of a named configuration file.
.SH "OPTIONS"
.PP
\-h
.RS 4
Print the usage summary and exit.
.RE
.PP
\-t \fIdirectory\fR
.RS 4
Chroot to
......@@ -77,7 +82,6 @@ returns an exit status of 1 if errors were detected and 0 otherwise.
.SH "SEE ALSO"
.PP
\fBnamed\fR(8),
\fBnamed\-checkzone\fR(8),
BIND 9 Administrator Reference Manual.
.SH "AUTHOR"
.PP
......
/*
* Copyright (C) 2004-2006 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC")
* Copyright (C) 1999-2002 Internet Software Consortium.
*
* Permission to use, copy, modify, and distribute this software for any
......@@ -15,7 +15,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: named-checkconf.c,v 1.28.18.14 2006/02/28 03:10:47 marka Exp $ */
/* $Id: named-checkconf.c,v 1.44 2007/05/21 03:46:41 tbox Exp $ */
/*! \file */
......@@ -47,6 +47,8 @@
#include "check-tool.h"
static const char *program = "named-checkconf";
isc_log_t *logc = NULL;
#define CHECK(r)\
......@@ -59,8 +61,8 @@ isc_log_t *logc = NULL;
/*% usage */
static void
usage(void) {
fprintf(stderr, "usage: named-checkconf [-j] [-v] [-z] [-t directory] "
"[named.conf]\n");
fprintf(stderr, "usage: %s [-h] [-j] [-v] [-z] [-t directory] "
"[named.conf]\n", program);
exit(1);
}
......@@ -397,7 +399,9 @@ main(int argc, char **argv) {