diff --git a/NEWS b/NEWS index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..0f602c5bcc124821a01f5114888d4daea73d40c5 100644 --- a/NEWS +++ b/NEWS @@ -0,0 +1,373 @@ +v1.3.0-rc1 - soon, 2013 +--------------------------- + +Features: + * faster zone parser + * full support for EUI and ILNP resource records + * lower memory footprint for large zones + * no compilation of zones + * improved scheduling of zone transfers + * logging of serials and timing information for zone transfers + * config: 'groups' keyword allowing to create groups of remotes + * config: 'include' keyword allowing other file includes + * client utilities: kdig, khost, knsupdate + * server identification using TXT/CH queries (RFC 4892) + +Bugfixes: + * + +v1.2.0 - Mar 29, 2013 +--------------------- + +Bugfixes: + * Memory leaks + +v1.2.0-rc4 - Mar 22, 2013 +------------------------- + +Features: + * knotc 'zonestatus' command + +Bugfixes: + * Check for broken recvmmsg() implementation + * Changing logfile ownership before dropping privileges + * knotc respects 'control' section from configuration + * RRL: resolved bucket collisions + * RRL: updated bucket mapping to conform RRL technical memo + +v1.2.0-rc3 - Mar 1, 2013 +------------------------ + +Features: + * Response rate limiting (see documentation) + +Bugfixes: + * Fixed OpenBSD build + * Responses to ANY should contain RRSIGs + +v1.2.0-rc2 - Feb 15, 2013 +------------------------- + +Bugfixes: + * Fixed processing of some non-standard dnames. + * Correct checking of label length bounds in some cases. + * More compliant rcodes in case of DDNS/TSIG failures. + * Correct processing of malformed DDNS prereq section. + +v1.2.0-rc1 - Jan 4, 2013 +------------------ + +Features: + * Dynamic updates, including forwarding (limited on signed zones) + * Updated remote control utility + * Configurable TCP timeouts + * LOC RR support + +v1.1.3 - Dec 19, 2012 +--------------------- + +Bugfixes: + * Updated manpage. + +v1.1.3-rc1 - Dec 6, 2012 +------------------------ + +Bugfixes: + * Fixed answering DS queries (RRSIGs not together with DS, AA bit + missing). + * Fixed setting ARCOUNT in some error responses with EDNS enabled. + * Fixed crash when compiling zone zone with NSEC3PARAM but no NSEC3 + and semantic checks enabled. + + +v1.1.2 - Nov 21, 2012 +--------------------- + +Bugfixes: + * Fixed debug message. + + +v1.1.2-rc1 - Nov 14, 2012 +------------------------- + +Bugfixes: + * Fixed crash on reload when config contained duplicate zones. + * Fixed scheduling of transfers. + + +v1.1.1 - Oct 31, 2012 +--------------------- + +Bugfixes: + * Fixed assertion failing when asking directly for a wildcard name. + + +v1.1.1-rc1 - Oct 23, 2012 +------------------------- + +Bugfixes: + * Crash after IXFR in certain cases when adding RRSIG in an IXFR. + * Fixed behaviour when incoming IXFR removes a zone cut. Previously + occluded names now become properly visible. Previously lead to a + crash when the server was asked for the previously occluded name. + * Fixed handling of zero-length strings in text zone dump. Caused the + compilation to fail. + * Fixed TSIG algorithm name comparison - the names should be in + canonical form. + * Fixed handling unknown RR types with type less than 251. + +Features: + * Improved compression of packets. Out-of-zone dnames present in RDATA + were not compressed. + * Slave zones are now automatically refreshed after startup. + * Proper response to IXFR/UDP query (returns SOA in Authority section). + + +v1.1.0 - Aug 31, 2012 +--------------------- + +Bugfixes: + * Syncing journal to zone was not updating the compiled zone database. + +Other improvements: + * Better checks of corrupted zone database. + + +v1.1.0-rc2 - Aug 23, 2012 +------------------------- + +New features: + * Signing SOA with TSIG queries when checking zone version with master. + +Bugfixes: + * Fixed ixfr-from-differences journal generation in case of IPSECKEY + and APL records. + * Fixed possible leak on server shutdown with a pending transfer. + +Other improvements: + * Improved user manual. + + +v1.1.0-rc1 - Aug 17, 2012 +------------------------- + +New features: + * Optionally disable ANY queries for authoritative answers. + * Dropping identical records in zone and incoming transfers. + * Support for '/' in zone names. + * Generating journal from reloaded zone (EXPERIMENTAL). + * Outgoing-only interfaces in configuration file. + * Following DNAME if the synthetized name is in the same zone. + +Bugfixes: + * Crash when zone contained RRSIG signing a CNAME, but did not + contain the CNAME. + * Malformed packets parsing. + * Failed IXFR caused memory leaks. + * Failed IXFR might have resulted in inconsistent zone structures. + * Fixed answering to +dnssec queries when NSEC3 chain is corrupted. + * Fixed answering when transitioning from NSEC3 to NSEC. + * Fixed answering when zone contains multiple NSEC3 chains. + * Handling RRSets with different TTLs - TTL from the first RR is used. + * Synchronization of zone reload and zone transfers. + * Fixed build on NetBSD 5 and FreeBSD. + * Fixed binding to both IPv4 and IPv6 at the same time on special + interfaces. + * Fixed access rights of created files. + * Semantic checks corrupted RDATA domain names which are covered by + wildcard in the same zone. + +Other improvements: + * IXFR-in optimized. + * Many zones loading optimized. + * More detailed log messages (mostly transfer-related). + * Copying Question section to error responses. + * Using zone name from config file as default origin in zone file. + * Additional records are now added to response also from + wildcard-covered names. + +v1.0.6 - Jun 13, 2012 +--------------------- + +Bugfixes + * Fixed potential problems with RCU synchronization. + * Adding NSEC/NSEC3 for all wildcard CNAMEs in the response. + + +v1.0.5 - May 17, 2012 +--------------------- + +Bugfixes: + * Fixed bug with creating journal files. + + +v1.0.4 - May 16, 2012 +--------------------- + +New features: + * Parallel loading of zones to the server. + * RFC3339-complaint format of log time. + * Support for TLSA (RR type 52). + * knotc checkzone (as a dry-run of zone compile). + * knotc refresh for forcing Knot to update all zones from master + servers. + * Reopening log files upon start (used to truncate them). + +Bugfixes: + * Copying OPCODE and RD bit from query to NOTIMPL responses. + * Corrected response to CNAME queries if the canonical name was also + an alias (was adding the whole CNAME chain to the response). + * Fixed crash when NS or MX points to an alias. + * Fixed problem with early closing of filedescriptors (lead to crash + when compiling and loading or bootstrapping and restarting the server + with a lot of zones). + +Other improvements: + * Significantly sped up IXFR-in and reduced its memory requirements. + + +v1.0.3 - Apr 17, 2012 +--------------------- + +Bugfixes: + * Corrected handling of EDNS0 when TCP is used (was applying the UDP size limit). + * Fixed slow compilation of zones. + * Fixed potential crash with many concurrent transfers. + * Fixed missing include for FreeBSD. + + +v1.0.2 - Apr 13, 2012 +--------------------- + +New features: + * Configuration checker (invoked via knotc). + * Specifying source interface for transfers and NOTIFY requests directly. + +Bugfixes: + * Fixed leak when querying non-existing name and zone SOA TTL > minimal. + * Fixed some minor bugs in tansfers. + +Other improvements: + * Improved log messages (added date and time, better specification of XFR remote). + * Improved saving incoming IXFR to journal (memory optimized). + * Now using system scheduler (better for Linux). + * Decreased thread stack size. + + +v1.0.1 - Mar 9, 2012 +-------------------- + +New features: + * Implemented jitter to REFRESH/RETRY timers. + * Implemented magic bytes for journal. + * Improved error messages. + +Bugfixes: + * Problem with creating IXFR journal for bootstrapped zone. + * Race condition in processing NOTIFY/SOA queries. + * Leak when reloading zone with NSEC3. + * Processing of APL RR. + * TSIG improper assignment of algorithm type. + + +v1.0.0 - Feb 29, 2012 +--------------------- + +New features: + * Support for subnets in ACL. + * Debug messages enabling in configure. + * Optimized memory consuption of zone structures. + +Bugfixes: + * Memory errors and leaks. + * Fixed improper handling of failed IXFR/IN. + * Several other minor bugfixes. + + +v1.0-rc1 - Feb 14, 2012 +----------------------- + +New features: + * NSID support (RFC5001). + * Root zone support. + * Automatic zone compiling on server start. + * Setting user to run Knot under in config file. + * Dropping privileges after binding to port 53. + + Support for Linux capabilities(7). + * Setting source address of outgoing transfers in config file. + * Custom PID file. + * CNAME loop detection. + * Timeout on TCP connections. + * Basic defense against DoS attacks. + +Bugfixes: + * Fixed IXFR processing. + * Patched URCU so that it compiles on architectures without TLS in compiler (NetBSD, OpenBSD). + * Fixed response to DS query at parent zone. + * A lot of other bugfixes. + + +v0.9.1 - Jan 20, 2012 +--------------------- + +New features: + * RRSet rotation + +Bugfixes: + * Fixed build on BSD. + * Fixes in parsing and dumping of zone + - types IPSECKEY, WKS, DLV, APL, NSAP + +Other changes: + * Replaced pseudo-random number generator by one with MIT/BSD license. + + +v0.9 - Jan 13, 2012 +------------------- + +New features: + * TSIG support in both client and server. + * Use of sendmmsg() on Linux 3.0+ (improves performance). + +Bugfixes: + * Knot was not accepting AXFR-style IXFR with first SOA in a separate + packet (i.e. from Power DNS). + * Wrong SOA TTL in negative answers. + * Wrong max packet size for outgoing transfers (was causing the + packets to be malformed). + * Wrong handling of WKS record in zone compiler. + * Problems with zone bootstrapping. + + +v0.8.1 - Dec 1, 2011 +-------------------- + +Bugfixes: + * Handling SPF record. + * Wrong text dump of unknown records. + + +v0.8.0 - Beta Release - Nov 3, 2011 +----------------------------------- + +Features: + * AXFR-in/-out + * IXFR-in/-out + * EDNS0 + * DNSSEC + * NSEC3 + * IPv6 + * Runtime reconfiguration + +Known issues: + * Missing support for TSIG + * Root zone support + * NSID support + * Other DNS classes than IN + * RRSet rotation not implmented + * Dynamic update support + * IXFR code might be flaky sometimes + * IXFR may be slow when too much (10 000+) RRSets are transfered at once + +Platforms (tested on): + * Linux (2.6.x and newer), FreeBSD 8.2, Mac OS X 10.6, 10.7 diff --git a/RELNOTES b/RELNOTES deleted file mode 100644 index 0f602c5bcc124821a01f5114888d4daea73d40c5..0000000000000000000000000000000000000000 --- a/RELNOTES +++ /dev/null @@ -1,373 +0,0 @@ -v1.3.0-rc1 - soon, 2013 ---------------------------- - -Features: - * faster zone parser - * full support for EUI and ILNP resource records - * lower memory footprint for large zones - * no compilation of zones - * improved scheduling of zone transfers - * logging of serials and timing information for zone transfers - * config: 'groups' keyword allowing to create groups of remotes - * config: 'include' keyword allowing other file includes - * client utilities: kdig, khost, knsupdate - * server identification using TXT/CH queries (RFC 4892) - -Bugfixes: - * - -v1.2.0 - Mar 29, 2013 ---------------------- - -Bugfixes: - * Memory leaks - -v1.2.0-rc4 - Mar 22, 2013 -------------------------- - -Features: - * knotc 'zonestatus' command - -Bugfixes: - * Check for broken recvmmsg() implementation - * Changing logfile ownership before dropping privileges - * knotc respects 'control' section from configuration - * RRL: resolved bucket collisions - * RRL: updated bucket mapping to conform RRL technical memo - -v1.2.0-rc3 - Mar 1, 2013 ------------------------- - -Features: - * Response rate limiting (see documentation) - -Bugfixes: - * Fixed OpenBSD build - * Responses to ANY should contain RRSIGs - -v1.2.0-rc2 - Feb 15, 2013 -------------------------- - -Bugfixes: - * Fixed processing of some non-standard dnames. - * Correct checking of label length bounds in some cases. - * More compliant rcodes in case of DDNS/TSIG failures. - * Correct processing of malformed DDNS prereq section. - -v1.2.0-rc1 - Jan 4, 2013 ------------------- - -Features: - * Dynamic updates, including forwarding (limited on signed zones) - * Updated remote control utility - * Configurable TCP timeouts - * LOC RR support - -v1.1.3 - Dec 19, 2012 ---------------------- - -Bugfixes: - * Updated manpage. - -v1.1.3-rc1 - Dec 6, 2012 ------------------------- - -Bugfixes: - * Fixed answering DS queries (RRSIGs not together with DS, AA bit - missing). - * Fixed setting ARCOUNT in some error responses with EDNS enabled. - * Fixed crash when compiling zone zone with NSEC3PARAM but no NSEC3 - and semantic checks enabled. - - -v1.1.2 - Nov 21, 2012 ---------------------- - -Bugfixes: - * Fixed debug message. - - -v1.1.2-rc1 - Nov 14, 2012 -------------------------- - -Bugfixes: - * Fixed crash on reload when config contained duplicate zones. - * Fixed scheduling of transfers. - - -v1.1.1 - Oct 31, 2012 ---------------------- - -Bugfixes: - * Fixed assertion failing when asking directly for a wildcard name. - - -v1.1.1-rc1 - Oct 23, 2012 -------------------------- - -Bugfixes: - * Crash after IXFR in certain cases when adding RRSIG in an IXFR. - * Fixed behaviour when incoming IXFR removes a zone cut. Previously - occluded names now become properly visible. Previously lead to a - crash when the server was asked for the previously occluded name. - * Fixed handling of zero-length strings in text zone dump. Caused the - compilation to fail. - * Fixed TSIG algorithm name comparison - the names should be in - canonical form. - * Fixed handling unknown RR types with type less than 251. - -Features: - * Improved compression of packets. Out-of-zone dnames present in RDATA - were not compressed. - * Slave zones are now automatically refreshed after startup. - * Proper response to IXFR/UDP query (returns SOA in Authority section). - - -v1.1.0 - Aug 31, 2012 ---------------------- - -Bugfixes: - * Syncing journal to zone was not updating the compiled zone database. - -Other improvements: - * Better checks of corrupted zone database. - - -v1.1.0-rc2 - Aug 23, 2012 -------------------------- - -New features: - * Signing SOA with TSIG queries when checking zone version with master. - -Bugfixes: - * Fixed ixfr-from-differences journal generation in case of IPSECKEY - and APL records. - * Fixed possible leak on server shutdown with a pending transfer. - -Other improvements: - * Improved user manual. - - -v1.1.0-rc1 - Aug 17, 2012 -------------------------- - -New features: - * Optionally disable ANY queries for authoritative answers. - * Dropping identical records in zone and incoming transfers. - * Support for '/' in zone names. - * Generating journal from reloaded zone (EXPERIMENTAL). - * Outgoing-only interfaces in configuration file. - * Following DNAME if the synthetized name is in the same zone. - -Bugfixes: - * Crash when zone contained RRSIG signing a CNAME, but did not - contain the CNAME. - * Malformed packets parsing. - * Failed IXFR caused memory leaks. - * Failed IXFR might have resulted in inconsistent zone structures. - * Fixed answering to +dnssec queries when NSEC3 chain is corrupted. - * Fixed answering when transitioning from NSEC3 to NSEC. - * Fixed answering when zone contains multiple NSEC3 chains. - * Handling RRSets with different TTLs - TTL from the first RR is used. - * Synchronization of zone reload and zone transfers. - * Fixed build on NetBSD 5 and FreeBSD. - * Fixed binding to both IPv4 and IPv6 at the same time on special - interfaces. - * Fixed access rights of created files. - * Semantic checks corrupted RDATA domain names which are covered by - wildcard in the same zone. - -Other improvements: - * IXFR-in optimized. - * Many zones loading optimized. - * More detailed log messages (mostly transfer-related). - * Copying Question section to error responses. - * Using zone name from config file as default origin in zone file. - * Additional records are now added to response also from - wildcard-covered names. - -v1.0.6 - Jun 13, 2012 ---------------------- - -Bugfixes - * Fixed potential problems with RCU synchronization. - * Adding NSEC/NSEC3 for all wildcard CNAMEs in the response. - - -v1.0.5 - May 17, 2012 ---------------------- - -Bugfixes: - * Fixed bug with creating journal files. - - -v1.0.4 - May 16, 2012 ---------------------- - -New features: - * Parallel loading of zones to the server. - * RFC3339-complaint format of log time. - * Support for TLSA (RR type 52). - * knotc checkzone (as a dry-run of zone compile). - * knotc refresh for forcing Knot to update all zones from master - servers. - * Reopening log files upon start (used to truncate them). - -Bugfixes: - * Copying OPCODE and RD bit from query to NOTIMPL responses. - * Corrected response to CNAME queries if the canonical name was also - an alias (was adding the whole CNAME chain to the response). - * Fixed crash when NS or MX points to an alias. - * Fixed problem with early closing of filedescriptors (lead to crash - when compiling and loading or bootstrapping and restarting the server - with a lot of zones). - -Other improvements: - * Significantly sped up IXFR-in and reduced its memory requirements. - - -v1.0.3 - Apr 17, 2012 ---------------------- - -Bugfixes: - * Corrected handling of EDNS0 when TCP is used (was applying the UDP size limit). - * Fixed slow compilation of zones. - * Fixed potential crash with many concurrent transfers. - * Fixed missing include for FreeBSD. - - -v1.0.2 - Apr 13, 2012 ---------------------- - -New features: - * Configuration checker (invoked via knotc). - * Specifying source interface for transfers and NOTIFY requests directly. - -Bugfixes: - * Fixed leak when querying non-existing name and zone SOA TTL > minimal. - * Fixed some minor bugs in tansfers. - -Other improvements: - * Improved log messages (added date and time, better specification of XFR remote). - * Improved saving incoming IXFR to journal (memory optimized). - * Now using system scheduler (better for Linux). - * Decreased thread stack size. - - -v1.0.1 - Mar 9, 2012 --------------------- - -New features: - * Implemented jitter to REFRESH/RETRY timers. - * Implemented magic bytes for journal. - * Improved error messages. - -Bugfixes: - * Problem with creating IXFR journal for bootstrapped zone. - * Race condition in processing NOTIFY/SOA queries. - * Leak when reloading zone with NSEC3. - * Processing of APL RR. - * TSIG improper assignment of algorithm type. - - -v1.0.0 - Feb 29, 2012 ---------------------- - -New features: - * Support for subnets in ACL. - * Debug messages enabling in configure. - * Optimized memory consuption of zone structures. - -Bugfixes: - * Memory errors and leaks. - * Fixed improper handling of failed IXFR/IN. - * Several other minor bugfixes. - - -v1.0-rc1 - Feb 14, 2012 ------------------------ - -New features: - * NSID support (RFC5001). - * Root zone support. - * Automatic zone compiling on server start. - * Setting user to run Knot under in config file. - * Dropping privileges after binding to port 53. - + Support for Linux capabilities(7). - * Setting source address of outgoing transfers in config file. - * Custom PID file. - * CNAME loop detection. - * Timeout on TCP connections. - * Basic defense against DoS attacks. - -Bugfixes: - * Fixed IXFR processing. - * Patched URCU so that it compiles on architectures without TLS in compiler (NetBSD, OpenBSD). - * Fixed response to DS query at parent zone. - * A lot of other bugfixes. - - -v0.9.1 - Jan 20, 2012 ---------------------- - -New features: - * RRSet rotation - -Bugfixes: - * Fixed build on BSD. - * Fixes in parsing and dumping of zone - - types IPSECKEY, WKS, DLV, APL, NSAP - -Other changes: - * Replaced pseudo-random number generator by one with MIT/BSD license. - - -v0.9 - Jan 13, 2012 -------------------- - -New features: - * TSIG support in both client and server. - * Use of sendmmsg() on Linux 3.0+ (improves performance). - -Bugfixes: - * Knot was not accepting AXFR-style IXFR with first SOA in a separate - packet (i.e. from Power DNS). - * Wrong SOA TTL in negative answers. - * Wrong max packet size for outgoing transfers (was causing the - packets to be malformed). - * Wrong handling of WKS record in zone compiler. - * Problems with zone bootstrapping. - - -v0.8.1 - Dec 1, 2011 --------------------- - -Bugfixes: - * Handling SPF record. - * Wrong text dump of unknown records. - - -v0.8.0 - Beta Release - Nov 3, 2011 ------------------------------------ - -Features: - * AXFR-in/-out - * IXFR-in/-out - * EDNS0 - * DNSSEC - * NSEC3 - * IPv6 - * Runtime reconfiguration - -Known issues: - * Missing support for TSIG - * Root zone support - * NSID support - * Other DNS classes than IN - * RRSet rotation not implmented - * Dynamic update support - * IXFR code might be flaky sometimes - * IXFR may be slow when too much (10 000+) RRSets are transfered at once - -Platforms (tested on): - * Linux (2.6.x and newer), FreeBSD 8.2, Mac OS X 10.6, 10.7 diff --git a/THANKS b/THANKS new file mode 100644 index 0000000000000000000000000000000000000000..3060814e96df0ba7ae38699e89cfd7c16dd2783d --- /dev/null +++ b/THANKS @@ -0,0 +1,37 @@ +Knot DNS THANKS file + +Knot DNS was originally written by CZ.NIC Labs. It would not be what +it is today without the invaluable help of these people, who have +reported problems, suggested improvements, or submitted actual code. +Please help us keep this list complete and free from errors. Also see +the AUTHORS file for the list of people with contributions significant +enough to warrant copyright assignment. + +Anton Shterenlikht mexas@bristol.ac.uk +Geert Hendrickx geert@hendrickx.be +Michal 'vorner' Vaner vorner@ucw.cz +Ondřej Caletka ondrej@caletka.cz + + +================ + +Local Variables: +mode: text +coding: utf-8 +End: + + +Copyright (C) 2011 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz> + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program. If not, see <http://www.gnu.org/licenses/>. diff --git a/configure.ac b/configure.ac index 4e69e8bb70dc4d9eecdf5e01df823c865df66e9f..c0cf0de729f3d3c1cc90613914000911e154b524 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ AC_PREREQ([2.60]) AC_INIT([knot], [1.3.0-dev], [knot-dns@labs.nic.cz]) -AM_INIT_AUTOMAKE([gnu subdir-objects dist-xz -Wall -Werror]) +AM_INIT_AUTOMAKE([gnits subdir-objects dist-xz -Wall -Werror]) AC_CONFIG_SRCDIR([src/knot/main.c]) AC_CONFIG_HEADERS([src/config.h]) AC_CONFIG_MACRO_DIR([m4])