Navigation:
Browse pkgsrc
(this page) 2015-10-26 20:23:08 by Fredrik Pettai | Files touched by this commit (6) |  |
Log message: Knot DNS 2.0.1 (2015-09-02) =========================== Bugfixes: --------- - Do not reload expired zones on 'knotc reload' and server startup - Fix rare race-condition in event scheduling causing delayed event execution - Fix skipping of non-authoritative nodes in NSEC proofs - Fix TC flag setting in RRL slipped answers - Disable domain name compression for root label - Log via journald only when running under systemd - Fix CNAME following when quering for NSEC RR type - Fix refreshing of DNSSEC signatures for zone keys - Fix binding an unavailable IPv6 address on Linux (IP_FREEBIND) - Fix infinite loop in knotc zonestatus and memstats - Fix memory leak in configuration on server shutdown - Fix broken dnsproxy module - Fix DNSSEC KASP timestamps parsing in strict POSIX environment - fix multi value parsing on big-endian - Adapt to Nettle 3 API break causing base64 decoding failures on big-endian Features: --------- - Add 'keymgr zone key ds' to show key's DS record - Add 'keymgr tsig generate' to generate TSIG keys - Add query module scoping to process either all queries or zone queries only - Add support for file name globbing in config file includes - Add 'request-edns-option' config option to add custom EDNS0 option into server initiated queries Improvements: ------------- - Send minimal responses (remove NS from Authority section for NOERROR) - Update persistent timers only on shutdown for better performance - Allow change of RR TTL over DDNS - Documentation fixes, updates, and improvements in formatting - Install yparser and zscanner header files - Improve lookup of libsystemd build dependencies - Fix compilation warnings in endian conversion functions on OpenBSD Knot DNS 2.0.0 (2015-06-26) =========================== Bugfixes: --------- - Fix lost NOTIFY message if received during zone transfer - Disable fast zone parser when compiled in Clang (workaround for Clang bug) - kdig: Record correct dnstap SocketProtocol when retrying over TCP - kdig: Hide TSIG section with +noall - Do not set AA flag for AXFR/IXFR queries Features: --------- - DNSSEC: separate library, switch to GnuTLS, new utilities - DNSSEC: basic KASP support (generate initial keys, ZSK rollover) - Configuration: New text format in YAML, binary store in LMDB - Zone parser: Split long TXT/SPF strings into multiple strings - kdig: Add generic dump style option (+generic) - Try all master servers in multi-master environment - Improved remotes and ACLs (multiple addresses, multiple keys) - Basic support for zone file patterns (%s to substitute zone name) - Disable zone file synchronization by setting 'zonefile_sync' to '-1' - knsupdate: Add input prompt in interactive mode and 'quit' command - knsupdate: Allow TSIG algorithm specification in interactive prompt Improvements: ------------- - Zone dump: Do not write class for SOA record (unified with other RR types) - Zone dump: Do not write master server address into the zone file - Documentation: Manual pages are included in HTML and PDF |
| 2015-06-30 15:17:10 by Fredrik Pettai | Files touched by this commit (2) |
Log message: fix rc script |
| 2015-01-18 17:00:02 by Sebastian Wiedenroth | Files touched by this commit (1) |
Log message: bulk build wants zlib |
| 2014-11-10 22:20:32 by Fredrik Pettai | Files touched by this commit (5) | |
Log message: Knot DNS 1.5.3 (2014-09-15) ========================== Bugfixes: --------- - Some specific incoming IXFRs were causing server to crash - Rare sychronization error during reload caused read-after-free - Response synthetization module did not work properly with DNSSEC-enabled zones - When Knot sent AXFR when IXFR was requested, message ID and opcode were wrong - Knot failed to send large messages to remote control (present since 1.5.1) Knot DNS 1.5.2 (2014-09-08) ========================== Bugfixes: --------- - Some RR parsing corner cases were not handled properly - AXFR-style IXFR was refused and had to be retransfered - Hash character (#) was not properly escaped when storing text zone file Knot DNS 1.5.1 (2014-08-19) =========================== Features: --------- - Basic support for logging using systemd journal - DDNS: Ability to process updates in bulk Improvements: ------------- - Unified logging messages structure - DNSSEC: More strict controls for signing keys Bugfixes: --------- - DNSSEC: DNAMEs in RDATA were not lowercased before signing - EDNS: OPT RR were not put into responsing for some errors - TSIG: DDNS responses were not signed with TSIG - DDNS: Prerequisite checks failed for some inputs - knsupdate: Zone origin was not used for deletions Knot DNS 1.5.0 (2014-07-08) =========================== Features: --------- - DDNS forwarding reimplemented Improvements: ------------- - Transfer sizes logged in bytes if needed - Logging outgoing NOTIFY messages - Logging unauthorized incoming NOTIFYs Bugfixes: --------- - Zone flush planning after bootstrap - Incorrect incoming AXFR message sizes - DDNS signing changes were freed too soon, posibility of stale data - knotc remote control key handling Knot DNS 1.5.0-rc2 (2014-06-18) =============================== Features: --------- - edns-client-subnet support in kdig - Optional asynchronous startup (config "asynchronous-start") Improvements: ------------- - Preempt task queue for faster reload - Lazy zone file write after zone transfer (governed by "zonefile-sync") Bugfixes: --------- - Close zone transfer after SERVFAIL response - Incremental to full zone transfer fallback, wrong log message - Zone events corner cases, reload replanning Knot DNS 1.5.0-rc1 (2014-06-03) =============================== Features: --------- - Pluggable query processing modules - Synthetic IPv4/IPv6 reverse/forward records (optional module) - dnstap support in both utilities & server (optional module) - NOTIFY message support and new TSIG section in kdig - Zone transfer master failover Improvements: ------------- - Query processing and core functionality overhaul - Performance and reduced memory footprint - Faster zone events scheduling - RFC compliant queries/responses in some corner cases - Log messages - New documentation (Sphinx) |
| 2014-09-27 23:27:11 by Fredrik Pettai | Files touched by this commit (2) |
Log message:
v1.4.7 - Jun 18, 2014
---------------------
Bugfixes:
* Fixed DDNS corner cases
* Fixed zone EXPIRE timer
* Fixed semantic checks false positives
* Fixed sending malformed IXFR with automatic DNSSEC
* Fixed NAPTR record serialization
|
| 2014-06-29 08:53:41 by David A. Holland | Files touched by this commit (1) |
Log message: add missing openssl buildlink, appeared in linux build |
| 2014-06-02 13:57:17 by Fredrik Pettai | Files touched by this commit (2) |
Log message:
v1.4.6 - May 22, 2014
---------------------
Bugfixes:
* Fix possible signing loop when doing key rollover
* Fixed sending of malformed UDP empty responses
|
| 2014-05-12 16:52:54 by Fredrik Pettai | Files touched by this commit (2) |
Log message:
v1.4.5 - Apr 14, 2014
---------------------
Bugfixes:
* Fix possible weakness in TSIG signature checking
|
| 2014-04-02 23:08:22 by Fredrik Pettai | Files touched by this commit (2) |
Log message:
v1.4.4 - Mar 24, 2014
---------------------
Features:
* Server is logging remote control commands
* 'knotc reload' doesn't refresh unchanged zones
* 'knotc -f refresh' forces zone retransfer
Bugfixes:
* Missing notifications after DDNS/automatic resign
* Zone is rebootstrapped if the zone file is unreadable
* Progressive bootstrap retry backoff
* Zone file parser allows asterisk as part of the label
* Journal maximum entry size fixes
* Sign DNSKEYs in non-apex nodes as regular RR sets
* Various spelling and typo fixes
|
| 2014-03-21 13:23:52 by Thomas Klausner | Files touched by this commit (1) |
Log message: Fix MASTER_SITES. Addresses PR 48673. |
New packages: