An error occurred while loading the file. Please try again.
-
Jan Včelák authored
Change-Id: I429b3833c5db9e78220beb1ea72980b557ba06c4
c95bb951
Forked from
Knot projects / Knot DNS
13346 commits behind the upstream repository.
RELNOTES 10.26 KiB
v1.2.0 - Mar 29, 2013
---------------------
Bugfixes:
* Memory leaks
v1.2.0-rc4 - Mar 22, 2013
-------------------------
Features:
* knotc 'zonestatus' command
Bugfixes:
* Check for broken recvmmsg() implementation
* Changing logfile ownership before dropping privileges
* knotc respects 'control' section from configuration
* RRL: resolved bucket collisions
* RRL: updated bucket mapping to conform RRL technical memo
v1.2.0-rc3 - Mar 1, 2013
------------------------
Features:
* Response rate limiting (see documentation)
Bugfixes:
* Fixed OpenBSD build
* Responses to ANY should contain RRSIGs
v1.2.0-rc2 - Feb 15, 2013
-------------------------
Bugfixes:
* Fixed processing of some non-standard dnames.
* Correct checking of label length bounds in some cases.
* More compliant rcodes in case of DDNS/TSIG failures.
* Correct processing of malformed DDNS prereq section.
v1.2.0-rc1 - Jan 4, 2013
------------------
Features:
* Dynamic updates, including forwarding (limited on signed zones)
* Updated remote control utility
* Configurable TCP timeouts
* LOC RR support
v1.1.3 - Dec 19, 2012
---------------------
Bugfixes:
* Updated manpage.
v1.1.3-rc1 - Dec 6, 2012
------------------------
Bugfixes:
* Fixed answering DS queries (RRSIGs not together with DS, AA bit
missing).
* Fixed setting ARCOUNT in some error responses with EDNS enabled.
* Fixed crash when compiling zone zone with NSEC3PARAM but no NSEC3
and semantic checks enabled.
v1.1.2 - Nov 21, 2012
---------------------
Bugfixes:
* Fixed debug message.
v1.1.2-rc1 - Nov 14, 2012
-------------------------
Bugfixes:
* Fixed crash on reload when config contained duplicate zones.
* Fixed scheduling of transfers.
v1.1.1 - Oct 31, 2012
---------------------
Bugfixes:
* Fixed assertion failing when asking directly for a wildcard name.
v1.1.1-rc1 - Oct 23, 2012
-------------------------
Bugfixes:
* Crash after IXFR in certain cases when adding RRSIG in an IXFR.
* Fixed behaviour when incoming IXFR removes a zone cut. Previously
occluded names now become properly visible. Previously lead to a
crash when the server was asked for the previously occluded name.
* Fixed handling of zero-length strings in text zone dump. Caused the
compilation to fail.
* Fixed TSIG algorithm name comparison - the names should be in
canonical form.
* Fixed handling unknown RR types with type less than 251.
Features:
* Improved compression of packets. Out-of-zone dnames present in RDATA
were not compressed.
* Slave zones are now automatically refreshed after startup.
* Proper response to IXFR/UDP query (returns SOA in Authority section).
v1.1.0 - Aug 31, 2012
---------------------
Bugfixes:
* Syncing journal to zone was not updating the compiled zone database.
Other improvements:
* Better checks of corrupted zone database.
v1.1.0-rc2 - Aug 23, 2012
-------------------------
New features:
* Signing SOA with TSIG queries when checking zone version with master.
Bugfixes:
* Fixed ixfr-from-differences journal generation in case of IPSECKEY
and APL records.
* Fixed possible leak on server shutdown with a pending transfer.
Other improvements:
* Improved user manual.
v1.1.0-rc1 - Aug 17, 2012
-------------------------
New features:
* Optionally disable ANY queries for authoritative answers.
* Dropping identical records in zone and incoming transfers.
* Support for '/' in zone names.
* Generating journal from reloaded zone (EXPERIMENTAL). * Outgoing-only interfaces in configuration file.
* Following DNAME if the synthetized name is in the same zone.
Bugfixes:
* Crash when zone contained RRSIG signing a CNAME, but did not
contain the CNAME.
* Malformed packets parsing.
* Failed IXFR caused memory leaks.
* Failed IXFR might have resulted in inconsistent zone structures.
* Fixed answering to +dnssec queries when NSEC3 chain is corrupted.
* Fixed answering when transitioning from NSEC3 to NSEC.
* Fixed answering when zone contains multiple NSEC3 chains.
* Handling RRSets with different TTLs - TTL from the first RR is used.
* Synchronization of zone reload and zone transfers.
* Fixed build on NetBSD 5 and FreeBSD.
* Fixed binding to both IPv4 and IPv6 at the same time on special
interfaces.
* Fixed access rights of created files.
* Semantic checks corrupted RDATA domain names which are covered by
wildcard in the same zone.
Other improvements:
* IXFR-in optimized.
* Many zones loading optimized.
* More detailed log messages (mostly transfer-related).
* Copying Question section to error responses.
* Using zone name from config file as default origin in zone file.
* Additional records are now added to response also from
wildcard-covered names.
v1.0.6 - Jun 13, 2012
---------------------
Bugfixes
* Fixed potential problems with RCU synchronization.
* Adding NSEC/NSEC3 for all wildcard CNAMEs in the response.
v1.0.5 - May 17, 2012
---------------------
Bugfixes:
* Fixed bug with creating journal files.
v1.0.4 - May 16, 2012
---------------------
New features:
* Parallel loading of zones to the server.
* RFC3339-complaint format of log time.
* Support for TLSA (RR type 52).
* knotc checkzone (as a dry-run of zone compile).
* knotc refresh for forcing Knot to update all zones from master
servers.
* Reopening log files upon start (used to truncate them).
Bugfixes:
* Copying OPCODE and RD bit from query to NOTIMPL responses.
* Corrected response to CNAME queries if the canonical name was also
an alias (was adding the whole CNAME chain to the response).
* Fixed crash when NS or MX points to an alias.
* Fixed problem with early closing of filedescriptors (lead to crash
when compiling and loading or bootstrapping and restarting the server
with a lot of zones).
Other improvements:
* Significantly sped up IXFR-in and reduced its memory requirements.
v1.0.3 - Apr 17, 2012
---------------------
Bugfixes:
* Corrected handling of EDNS0 when TCP is used (was applying the UDP size limit).
* Fixed slow compilation of zones.
* Fixed potential crash with many concurrent transfers.
* Fixed missing include for FreeBSD.
v1.0.2 - Apr 13, 2012
---------------------
New features:
* Configuration checker (invoked via knotc).
* Specifying source interface for transfers and NOTIFY requests directly.
Bugfixes:
* Fixed leak when querying non-existing name and zone SOA TTL > minimal.
* Fixed some minor bugs in tansfers.
Other improvements:
* Improved log messages (added date and time, better specification of XFR remote).
* Improved saving incoming IXFR to journal (memory optimized).
* Now using system scheduler (better for Linux).
* Decreased thread stack size.
v1.0.1 - Mar 9, 2012
--------------------
New features:
* Implemented jitter to REFRESH/RETRY timers.
* Implemented magic bytes for journal.
* Improved error messages.
Bugfixes:
* Problem with creating IXFR journal for bootstrapped zone.
* Race condition in processing NOTIFY/SOA queries.
* Leak when reloading zone with NSEC3.
* Processing of APL RR.
* TSIG improper assignment of algorithm type.
v1.0.0 - Feb 29, 2012
---------------------
New features:
* Support for subnets in ACL.
* Debug messages enabling in configure.
* Optimized memory consuption of zone structures.
Bugfixes:
* Memory errors and leaks.
* Fixed improper handling of failed IXFR/IN.
* Several other minor bugfixes.
v1.0-rc1 - Feb 14, 2012
-----------------------
New features:
* NSID support (RFC5001).
* Root zone support.
* Automatic zone compiling on server start.
* Setting user to run Knot under in config file.
* Dropping privileges after binding to port 53.
+ Support for Linux capabilities(7).
* Setting source address of outgoing transfers in config file.
* Custom PID file. * CNAME loop detection.
* Timeout on TCP connections.
* Basic defense against DoS attacks.
Bugfixes:
* Fixed IXFR processing.
* Patched URCU so that it compiles on architectures without TLS in compiler (NetBSD, OpenBSD).
* Fixed response to DS query at parent zone.
* A lot of other bugfixes.
v0.9.1 - Jan 20, 2012
---------------------
New features:
* RRSet rotation
Bugfixes:
* Fixed build on BSD.
* Fixes in parsing and dumping of zone
- types IPSECKEY, WKS, DLV, APL, NSAP
Other changes:
* Replaced pseudo-random number generator by one with MIT/BSD license.
v0.9 - Jan 13, 2012
-------------------
New features:
* TSIG support in both client and server.
* Use of sendmmsg() on Linux 3.0+ (improves performance).
Bugfixes:
* Knot was not accepting AXFR-style IXFR with first SOA in a separate
packet (i.e. from Power DNS).
* Wrong SOA TTL in negative answers.
* Wrong max packet size for outgoing transfers (was causing the
packets to be malformed).
* Wrong handling of WKS record in zone compiler.
* Problems with zone bootstrapping.
v0.8.1 - Dec 1, 2011
--------------------
Bugfixes:
* Handling SPF record.
* Wrong text dump of unknown records.
v0.8.0 - Beta Release - Nov 3, 2011
-----------------------------------
Features:
* AXFR-in/-out
* IXFR-in/-out
* EDNS0
* DNSSEC
* NSEC3
* IPv6
* Runtime reconfiguration
Known issues:
* Missing support for TSIG
* Root zone support
* NSID support
* Other DNS classes than IN
* RRSet rotation not implmented
* Dynamic update support * IXFR code might be flaky sometimes
* IXFR may be slow when too much (10 000+) RRSets are transfered at once
Platforms (tested on):
* Linux (2.6.x and newer), FreeBSD 8.2, Mac OS X 10.6, 10.7