| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
too many changes to be mentioned here.
|
|
out of date - it was based on a.out OBJECT_FMT, and added entries in the
generated PLISTs to reflect the symlinks that ELF packages uses. It also
tried to be clever, and removed and recreated any symbolic links that were
created, which has resulted in some fun, especially with packages which
use dlopen(3) to load modules. Some recent changes to our ld.so to bring
it more into line with other Operating Systems also exposed some cracks.
+ Modify bsd.pkg.mk and its shared object handling, so that PLISTs now contain
the ELF symlinks.
+ Don't mess about with file system entries when handling shared objects in
bsd.pkg.mk, since it's likely that libtool and the BSD *.mk processing will
have got it right, and have a much better idea than we do.
+ Modify PLISTs to contain "ELF symlinks"
+ On a.out platforms, delete any "ELF symlinks" from the generated PLISTs
+ On ELF platforms, no extra processing needs to be done in bsd.pkg.mk
+ Modify print-PLIST target in bsd.pkg.mk to add dummy symlink entries on
a.out platforms
+ Update the documentation in Packages.txt
With many thanks to Thomas Klausner for keeping me honest with this.
|
|
Remove ONLY_FOR_PLATFORM, and let it fail while installing the DEPENDS.
|
|
|
|
by the configure. Instead, set LDFLAGS so that unproven-pthreads
can be found before pth. Fixes pr #11418.
|
|
--- 9.0.1 released ---
547. [bug] dnssafe doesn't correctly handle RSA keys longer
than 2000 bits. Disable support for long keys.
--- 9.0.1rc2 released ---
527. [bug] When a hint zone was configured, the spurious warning
messages "Hint zones do not have a forward field" and
"Hint zones do not have a forwarders field" were
printed. [RT #439]
--- 9.0.1rc1 released ---
526. [bug] nsupdate incorrectly refused to add RRs with a TTL
of 0.
523. [doc] The source to the Administrator Reference Manual is
now an XML file using the DocBook DTD, and is included
in the distribution. The plain text version of the
ARM is temporarily unavailable while we figure out
how to generate readable plain text from the XML.
520. [bug] Upgraded libtool to 1.3.5, which makes shared
library builds almost work on AIX (and possibly
others).
519. [bug] dns_name_split() would improperly split some bitstring
labels, zeroing a few of the least signficant bits in
the prefix part. When such an improperly created
prefix was returned to the RBT database, the bogus
label was dutifully stored, corrupting the tree.
[RT #369]
518. [bug] The resolver did not realize that a DNAME which was
"the answer" to the client's query was "the answer",
and such queries would fail. [RT #399]
517. [bug] The resolver's DNAME code would trigger an assertion
if there was more than one DNAME in the chain.
[RT #399]
516. [bug] Cache lookups which had a NULL node pointer, e.g.
those by dns_view_find(), and which would match a
DNAME, would trigger an INSIST(!search.need_cleanup)
assertion. [RT #399]
515. [bug] The ssu table was not being attached / detached
by dns_zone_[sg]etssutable. [RT#397]
511. [bug] The message code could throw an assertion on an
out of memory failure. [RT #392]
510. [bug] Remove spurious view notify warning. [RT #376]
505. [bug] nsupdate was printing "unknown result code". [RT #373]
502. [func] On a SERVFAIL reply, DiG will now try the next server
in the list, unless the +fail option is specified.
501. [bug] Incorrect port numbers were being displayed by
nslookup. [RT #352]
500. [func] Nearly useless +details option removed from DiG.
499. [func] In DiG, specifying a class with -c or type with -t
changes command-line parsing so that classes and
types are only recognized if following -c or -t.
This allows hosts with the same name as a class or
type to be looked up.
498. [doc] There is now a man page for "dig"
in doc/man/bin/dig.1.
495. [bug] nsupdate was unable to handle large records. [RT #368]
491. [bug] nsupdate would segfault when sending certain
prerequisites with empty RDATA. [RT #356]
488. [bug] Locks weren't properly destroyed in some cases.
486. [bug] nslookup: "set all" and "server" commands showed
the incorrect port number if a port other than 53
was specified. [RT #352]
485. [func] When dig had more than one server to query, it would
send all of the messages at the same time. Add
rate limiting of the transmitted messages.
483. [bug] nslookup: "set all" showed a "search" option but it
was not settable.
482. [bug] nslookup: a plain "server" or "lserver" should be
treated as a lookup.
481. [bug] nslookup:get_next_command() stack size could exceed
per thread limit.
480. [bug] strtok() is not thread safe. [RT #349]
476. [bug] A zone could expire while a zone transfer was in
progress triggering a INSIST failure. [RT #329]
475. [bug] query_getzonedb() sometimes returned a non-null version
on failure. This caused assertion failures when
generating query responses where names subject to
additional section processing pointed to a zone
to which access had been denied by means of the
allow-query option. [RT #336]
474. [bug] The mnemonic of the CHAOS class is CH according to
RFC1035, but it was printed and read only as CHAOS.
We now accept both forms as input, and print it
as CH. [RT #305]
473. [bug] nsupdate overran the end of the list of name servers
when no servers could be reached, typically causing
it to print the error message "dns_request_create:
not implemented".
472. [bug] Off-by-one error caused isc_time_add() to sometimes
produce invalid time values.
471. [bug] nsupdate didn't compile on HP/UX 10.20
463. [bug] nsupdate sent malformed SOA queries to the second
and subsequent name servers in resolv.conf if the
query sent to the first one failed.
459. [bug] Nslookup processed the "set" command incorrectly.
458. [bug] Nslookup didn't properly check class and type values.
[RT #305]
457. [bug] Dig/host/hslookup didn't properly handle connect
timeouts in certain situations, causing an
unnecessary warning message to be printed.
447. [bug] Dig didn't properly retry in TCP mode after
a truncated reply. [RT #277]
403. [bug] "host" did not use the search list.
395. [bug] nslookup printed incorrect RR type mnemonics
for RRs of type >= 21 [RT #237].
388. [func] dig and host can now do reverse ipv6 lookups.
387. [func] Add dns_byaddr_createptrname(), which converts
an address into the name used by a PTR query.
379. [func] New library function isc_sockaddr_anyofpf().
347. [bug] Don't crash if an argument is left off options in dig.
346. [func] Add support for .digrc config file, in the
user's current directory
345. [bug] Large-scale changes/cleanups to dig:
* Significantly improve structure handling
* Don't pre-load entire batch files
* Add name/rr counting/limiting
* Fix SIGINT handling
* Shorten timeouts to match v8's behavior
--- 9.0.0 released ---
|
|
in before the 1.5 release. Changes are bugfixes only.
|
|
makes patch-ab unnecessary:
* A typo in the HS A code caused an assertion failure.
* lwres_gethostbyname() and company set lwres_h_errno
to a random value on success.
* If named was shut down early in the startup
process, ns_omapi_shutdown() would attempt to lock
an unintialized mutex. [RT #262]
* stub zones could leak memory and reference counts if
all the masters were unreachable.
* isc_rwlock_lock() would needlessly block
readers when it reached the read quota even
if no writers were waiting.
* Log messages were occasionally lost or corrupted
due to a race condition in isc_log_doit().
* The request library didn't completely work with IPv6.
* Check for IPV6_RECVPKTINFO and use it instead of
IPV6_PKTINFO if found. [RT #229]
|
|
for finding this.
Update bind to 9.0.0rc4. Changes and fixes are:
* "host" did not use the search list.
* Treat undefined acls as errors, rather than
warning and then later throwing an assertion.
* SIG(0) signing and verifying was done incorrectly.
* When reloading the server with a config file
containing a syntax error, it could catch an
assertion failure trying to perform zone
maintenance on, or sending notifies from,
tentatively created zones whose views were
never fully configured and lacked an address
database and request manager.
* "dig" sometimes caught an assertion failure when
using TSIG, depending on the key length.
* Many debugging messages were partially formatted
even when debugging was turned off, causing a
significant decrease in query performance.
* There is now a man page for "nsupdate"
* nslookup printed incorrect RR type mnemonics
for RRs of type >= 21
* Attempting to send a reqeust over IPv6 using
dns_request_create() on a system without IPv6
support caused an assertion failure [RT #235].
* Missing strdup() of ACL name caused random
ACL matching failures [RT #228].
* nsupdate was incorrectly limiting TTLs to 65535 instead
of 2147483647.
* When writing a master file, print the SOA and NS
records (and their SIGs) before other records.
* named -u failed on many Linux systems where the
libc provided kernel headers do not match
the current kernel.
* nsupdate didn't work with IPv6.
|
|
add patch to help 2292bis environment (= latest KAME, Solaris8).
--- rc1 -> rc2
--- 9.0.0rc2 released ---
377. [bug] When additional data lookups were refused due to
"allow-query", the databases were still being
attached causing reference leaks.
376. [bug] The server should always use good entropy when
performing cryptographic functions needing entropy.
375. [bug] Per-zone allow-query did not properly override the
view/global one for CNAME targets and additional
data [RT #220].
374. [bug] SOA in authoritative negative responses had wrong TTL.
373. [func] nslookup is now installed by "make install".
372. [bug] Deal with Microsoft DNS servers appending two bytes of
garbage to zone transfer requests.
371. [bug] At high debug levels, doing an outgoing zone transfer
of a very large RRset could cause an assertion failure
during logging.
370. [bug] The error messages for rollforward failures were
overly terse.
367. [bug] Allow proper selection of server on nslookup command
line.
365. [bug] nsupdate -k leaked memory.
362. [bug] rndc no longer aborts if the configuration file is
missing an options statement. [RT #209]
359. [bug] dnssec-signzone occasionally signed glue records.
357. [bug] The zone file parser crashed if the argument
to $INCLUDE was a quoted string.
354. [doc] Man pages for the dnssec tools are now included in
the distribution, in doc/man/dnssec.
353. [bug] double increment in lwres/gethost.c:copytobuf().
(RT# 187)
352. [bug] Race condition in dns_client_t startup could cause
an assertion failure.
351. [bug] Constructing a response with rcode SERVFAIL to a TSIG
signed query could crash the server.
350. [bug] Also-notify lists specified in the global options
block were not correctly reference counted, causing
a memory leak.
349. [bug] Processing a query with the CD bit set now works
as expected.
344. [bug] When shutting down, lwresd sometimes tried
to shut down its client tasks twice,
triggering an assertion.
343. [bug] Although zone maintenance SOA queries and
notify requests were signed with TSIG keys
when configured for the server in case,
the TSIG was not verified on the response.
342. [bug] The wrong name was being passed to
dns_name_dup() when generating a TSIG
key using TKEY.
340. [bug] The top-level COPYRIGHT file was missing from
the distribution.
339. [bug] DNSSEC validation of the response to an ANY
query at a name with a CNAME RR in a secure
zone triggered an assertion failure.
337. [bug] "dig" did not recognize "nsap-ptr" as an RR type
on the command line.
336. [bug] "dig -f" used 64 k of memory for each line in
the file. It now uses much less, though still
proportionally to the file size.
335. [bug] named would occasionally attempt recursion when
it was disallowed or undesired.
333. [bug] The resolver incorrectly accepted referrals to
domains that were not parents of the query name,
causing assertion failures.
331. [bug] Only log "recursion denied" if RD is set. (RT #178)
|
|
Changes are too numerous to list here in detail, but highlights are:
The communication between "rndc" and "named" is now
authenticated using digital signatures. Because of
this, rndc now requires a configuration file "rndc.conf"
containing a shared secret, with a corresponding
"controls" clause in named.conf.
When the server is chrooted using the -t option,
it no longer needs copies of the passwd and group
files in the chroot environment.
Various bug fixes and cleanups, especially
in the dig, host, nslookup, and nsupdate
programs.
There are a few known bugs:
The option "query-source * port 53;" will not work as
expected. Instead of the wildcard address "*", you need
to use an explicit source IP address.
On some systems, IPv6 and IPv4 sockets interact in
unexpected ways. For details, see doc/misc/ipv6.
To reduce the impact of these problems, the server
no longer listens for requests on IPv6 addresses
by default. If you need to accept DNS queries over
IPv6, you must specify "listen-on-v6 { any; };"
in the named.conf options statement.
There are known problems with thread signal handling
under Solaris 2.6.
|
|
Changes: This is still _not_ a release candidate for BIND 9.0.0;
More configuration options can be specified separately for each
view, including the "key" and "server" statements; Fixed:
Numerous bugs have been fixed and the code has been cleaned
up. Added: Stub zones have been implemented; Additional
configuration options have been implemented, such as
"max-cache-ttl" and "max-ncache-ttl".
|
|
|
|
The "dig" and "host" tools have been completely rewritten and
are included in the base distribution. Fixed: Most bugs reported
against beta 2. Added: The server now supports "views", a
mechanism for answering DNS queries differently to different
requestors. This will make split DNS setups much easier to build;
NOTIFY (RFC1996) has been implemented; Basic support for validation
of DNSSEC signatures has been implemented (for details, see
"doc/misc/dnssec").
|
|
Fixes PR 9795 by Michael Wolfson.
|
|
ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc/README-IPv6.html
|
|
|
|
|
|
Many more config file options
implemented (see doc/misc/options for a
summary of the current implementation
status), portability improvements, (works
much better than beta 1 on FreeBSD 3.4),
and bugfixes (almost all bugs reported
against beta 1 have been fixed).
|
|
|
|
|
|
|
|
be most useful to advanced users working with IPv6 or DNSSEC.
BIND 9.0.0b1 is not functionally complete, and is not a release
candidate for BIND 9.0.0. The ISC anticipates a number of additional
beta releases between now and May, when BIND 9.0.0 is scheduled to
be released.
The ISC does not recommend using BIND 9.0.0b1 for "production"
services.
|
