upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-11 07:19:59 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

prep 9.14.5

Browse source
This commit is contained in:
Tinderbox User 2019-08-13 08:52:34 +00:00
parent 7f67efcc14
commit cbc0f07a70
10 changed files with 147 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
README
View file

@ -380,8 +380,8 @@ issue number. Prior to 2018, these were usually of the form [RT #NNN] and
referred to entries in the "bind9-bugs" RT database, which was not open to
the public. More recent entries use the form [GL #NNN] or, less often, [GL
!NNN], which, respectively, refer to issues or merge requests in the
Gitlab database. Most of these are publically readable, unless they
include information which is confidential or security senstive.
Gitlab database. Most of these are publicly readable, unless they include
information which is confidential or security senstive.
To look up a Gitlab issue by its number, use the URL https://
gitlab.isc.org/isc-projects/bind9/issues/NNN. To look up a merge request,

20
bin/dig/dig.1
View file

@ -361,14 +361,20 @@ Display [do not display] the CLASS when printing the record\&.
.PP
\fB+[no]cmd\fR
.RS 4
Toggles the printing of the initial comment in the output identifying the version of
Toggles the printing of the initial comment in the output, identifying the version of
\fBdig\fR
and the query options that have been applied\&. This comment is printed by default\&.
and the query options that have been applied\&. This option always has global effect; it cannot be set globally and then overridden on a per\-lookup basis\&. The default is to print this comment\&.
.RE
.PP
\fB+[no]comments\fR
.RS 4
Toggle the display of comment lines in the output\&. The default is to print comments\&.
Toggles the display of some comment lines in the output, containing information about the packet header and OPT pseudosection, and the names of the response section\&. The default is to print these comments\&.
.sp
Other types of comments in the output are not affected by this option, but can be controlled using other command line switches\&. These include
\fB+[no]cmd\fR,
\fB+[no]question\fR,
\fB+[no]stats\fR, and
\fB+[no]rrcomments\fR\&.
.RE
.PP
\fB+[no]cookie\fR\fB[=####]\fR
@ -561,12 +567,12 @@ would cause a 48\-byte query to be padded to 64 bytes\&. The default block size
.PP
\fB+[no]qr\fR
.RS 4
Print [do not print] the query as it is sent\&. By default, the query is not printed\&.
Toggles the display of the query message as it is sent\&. By default, the query is not printed\&.
.RE
.PP
\fB+[no]question\fR
.RS 4
Print [do not print] the question section of a query when an answer is returned\&. The default is to print the question section as a comment\&.
Toggles the display of the question section of a query when an answer is returned\&. The default is to print the question section as a comment\&.
.RE
.PP
\fB+[no]raflag\fR
@ -619,7 +625,7 @@ determines if the name will be treated as relative or not and hence whether a se
.PP
\fB+[no]short\fR
.RS 4
Provide a terse answer\&. The default is to print the answer in a verbose form\&.
Provide a terse answer\&. The default is to print the answer in a verbose form\&. This option always has global effect; it cannot be set globally and then overridden on a per\-lookup basis\&.
.RE
.PP
\fB+[no]showsearch\fR
@ -649,7 +655,7 @@ causes fields not to be split at all\&. The default is 56 characters, or 44 char
.PP
\fB+[no]stats\fR
.RS 4
This query option toggles the printing of statistics: when the query was made, the size of the reply and so on\&. The default behavior is to print the query statistics\&.
Toggles the printing of statistics: when the query was made, the size of the reply and so on\&. The default behavior is to print the query statistics as a comment after each lookup\&.
.RE
.PP
\fB+[no]subnet=addr[/prefix\-length]\fR

39
bin/dig/dig.html
View file

@ -481,16 +481,28 @@
<dd>
<p>
Toggles the printing of the initial comment in the
output identifying the version of <span class="command"><strong>dig</strong></span>
and the query options that have been applied. This
comment is printed by default.
output, identifying the version of <span class="command"><strong>dig</strong></span>
and the query options that have been applied. This option
always has global effect; it cannot be set globally
and then overridden on a per-lookup basis. The default
is to print this comment.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]comments</code></span></dt>
<dd>
<p>
Toggle the display of comment lines in the output.
The default is to print comments.
Toggles the display of some comment lines in the output,
containing information about the packet header and
OPT pseudosection, and the names of the response
section. The default is to print these comments.
</p>
<p>
Other types of comments in the output are not affected by
this option, but can be controlled using other command
line switches. These include <span class="command"><strong>+[no]cmd</strong></span>,
<span class="command"><strong>+[no]question</strong></span>,
<span class="command"><strong>+[no]stats</strong></span>, and
<span class="command"><strong>+[no]rrcomments</strong></span>.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]cookie[<span class="optional">=####</span>]</code></span></dt>
@ -757,14 +769,14 @@
<dt><span class="term"><code class="option">+[no]qr</code></span></dt>
<dd>
<p>
Print [do not print] the query as it is sent. By
default, the query is not printed.
Toggles the display of the query message as it is sent.
By default, the query is not printed.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]question</code></span></dt>
<dd>
<p>
Print [do not print] the question section of a query
Toggles the display of the question section of a query
when an answer is returned. The default is to print
the question section as a comment.
</p>
@ -834,7 +846,9 @@
<dd>
<p>
Provide a terse answer. The default is to print the
answer in a verbose form.
answer in a verbose form. This option always has global
effect; it cannot be set globally and then overridden on
a per-lookup basis.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]showsearch</code></span></dt>
@ -867,10 +881,9 @@
<dt><span class="term"><code class="option">+[no]stats</code></span></dt>
<dd>
<p>
This query option toggles the printing of statistics:
when the query was made, the size of the reply and
so on. The default behavior is to print the query
statistics.
Toggles the printing of statistics: when the query was made,
the size of the reply and so on. The default behavior is to
print the query statistics as a comment after each lookup.
</p>
</dd>
<dt><span class="term"><code class="option">+[no]subnet=addr[/prefix-length]</code></span></dt>

6
bin/named/named.conf.5
View file

@ -10,12 +10,12 @@
.\" Title: named.conf
.\" Author:
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
.\" Date: 2019-04-25
.\" Date: 2019-07-21
.\" Manual: BIND9
.\" Source: ISC
.\" Language: English
.\"
.TH "NAMED\&.CONF" "5" "2019\-04\-25" "ISC" "BIND9"
.TH "NAMED\&.CONF" "5" "2019\-07\-21" "ISC" "BIND9"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@ -227,7 +227,7 @@ options {
check\-wildcard \fIboolean\fR;
cleaning\-interval \fIinteger\fR;
clients\-per\-query \fIinteger\fR;
cookie\-algorithm ( aes | sha1 | sha256 );
cookie\-algorithm ( aes | sha1 | sha256 | siphash24 );
cookie\-secret \fIstring\fR;
coresize ( default | unlimited | \fIsizeval\fR );
datasize ( default | unlimited | \fIsizeval\fR );

2
bin/named/named.conf.html
View file

@ -208,7 +208,7 @@ options
check-wildcard <em class="replaceable"><code>boolean</code></em>;<br>
cleaning-interval <em class="replaceable"><code>integer</code></em>;<br>
clients-per-query <em class="replaceable"><code>integer</code></em>;<br>
cookie-algorithm ( aes | sha1 | sha256 );<br>
cookie-algorithm ( aes | sha1 | sha256 | siphash24 );<br>
cookie-secret <em class="replaceable"><code>string</code></em>;<br>
coresize ( default | unlimited | <em class="replaceable"><code>sizeval</code></em> );<br>
datasize ( default | unlimited | <em class="replaceable"><code>sizeval</code></em> );<br>

6
doc/arm/Bv9ARM.html
View file

@ -32,7 +32,7 @@
<div>
<div><h1 class="title">
<a name="id-1"></a>BIND 9 Administrator Reference Manual</h1></div>
<div><p class="releaseinfo">BIND Version 9.14.4</p></div>
<div><p class="releaseinfo">BIND Version 9.14.5</p></div>
<div><p class="copyright">Copyright © 2000-2019 Internet Systems Consortium, Inc. ("ISC")</p></div>
</div>
<hr>
@ -242,7 +242,7 @@
</dl></dd>
<dt><span class="appendix"><a href="Bv9ARM.ch08.html">A. Release Notes</a></span></dt>
<dd><dl>
<dt><span class="section"><a href="Bv9ARM.ch08.html#id-1.9.2">Release Notes for BIND Version 9.14.4</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#id-1.9.2">Release Notes for BIND Version 9.14.5</a></span></dt>
<dd><dl>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_intro">Introduction</a></span></dt>
<dt><span class="section"><a href="Bv9ARM.ch08.html#relnotes_versions">Note on Version Numbering</a></span></dt>
@ -438,6 +438,6 @@
</tr>
</table>
</div>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.14.4 (Stable Release)</p>
<p xmlns:db="http://docbook.org/ns/docbook" style="text-align: center;">BIND 9.14.5 (Stable Release)</p>
</body>
</html>

BIN
doc/arm/Bv9ARM.pdf
View file

Binary file not shown.

64
doc/arm/notes.html
View file

@ -15,7 +15,7 @@
<div class="section">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="id-1.2"></a>Release Notes for BIND Version 9.14.4</h2></div></div></div>
<a name="id-1.2"></a>Release Notes for BIND Version 9.14.5</h2></div></div></div>
<div class="section">
<div class="titlepage"><div><div><h3 class="title">
@ -152,6 +152,26 @@
as a result of a zone update. [GL #513]
</p>
</li>
<li class="listitem">
<p>
A SipHash 2-4 based DNS Cookie (RFC 7873) algorithm has been added.
[GL #605]
</p>
<p>
If you are running multiple DNS Servers (different versions of BIND 9
or DNS server from multiple vendors) responding from the same IP
address (anycast or load-balancing scenarios), you'll have to make
sure that all the servers are configured with the same DNS Cookie
algorithm and same Server Secret for the best performance.
</p>
</li>
<li class="listitem">
<p>
DS records included in DNS referral messages can now be validated
and cached immediately, reducing the number of queries needed for
a DNSSEC validation. [GL #964]
</p>
</li>
</ul></div>
</div>
@ -176,6 +196,48 @@
to root priming queries; this has been corrected. [GL #1092]
</p>
</li>
<li class="listitem">
<p>
Cache database statistics counters could report invalid values
when stale answers were enabled, because of a bug in counter
maintenance when cache data becomes stale. The statistics counters
have been corrected to report the number of RRsets for each
RR type that are active, stale but still potentially served,
or stale and marked for deletion. [GL #602]
</p>
</li>
<li class="listitem">
<p>
Interaction between DNS64 and RPZ No Data rule (CNAME *.) could
cause unexpected results; this has been fixed. [GL #1106]
</p>
</li>
<li class="listitem">
<p>
<span class="command"><strong>named-checkconf</strong></span> now checks DNS64 prefixes
to ensure bits 64-71 are zero. [GL #1159]
</p>
</li>
<li class="listitem">
<p>
<span class="command"><strong>named-checkconf</strong></span> could crash during
configuration if configured to use "geoip continent" ACLs with
legacy GeoIP. [GL #1163]
</p>
</li>
<li class="listitem">
<p>
<span class="command"><strong>named-checkconf</strong></span> now correctly reports missing
<span class="command"><strong>dnstap-output</strong></span> option when
<span class="command"><strong>dnstap</strong></span> is set. [GL #1136]
</p>
</li>
<li class="listitem">
<p>
Handle ETIMEDOUT error on connect() with a non-blocking
socket. [GL #1133]
</p>
</li>
</ul></div>
</div>

BIN
doc/arm/notes.pdf
View file

Binary file not shown.

37
doc/arm/notes.txt
View file

@ -1,4 +1,4 @@
Release Notes for BIND Version 9.14.4
Release Notes for BIND Version 9.14.5
Introduction
@ -82,6 +82,19 @@ New Features
maintenance, as opposed to having been generated as a result of a zone
update. [GL #513]
* A SipHash 2-4 based DNS Cookie (RFC 7873) algorithm has been added.
[GL #605]
If you are running multiple DNS Servers (different versions of BIND 9
or DNS server from multiple vendors) responding from the same IP
address (anycast or load-balancing scenarios), you'll have to make
sure that all the servers are configured with the same DNS Cookie
algorithm and same Server Secret for the best performance.
* DS records included in DNS referral messages can now be validated and
cached immediately, reducing the number of queries needed for a DNSSEC
validation. [GL #964]
Bug Fixes
* When qname-minimization was set to relaxed, some improperly configured
@ -94,6 +107,28 @@ Bug Fixes
* Glue address records were not being returned in responses to root
priming queries; this has been corrected. [GL #1092]
* Cache database statistics counters could report invalid values when
stale answers were enabled, because of a bug in counter maintenance
when cache data becomes stale. The statistics counters have been
corrected to report the number of RRsets for each RR type that are
active, stale but still potentially served, or stale and marked for
deletion. [GL #602]
* Interaction between DNS64 and RPZ No Data rule (CNAME *.) could cause
unexpected results; this has been fixed. [GL #1106]
* named-checkconf now checks DNS64 prefixes to ensure bits 64-71 are
zero. [GL #1159]
* named-checkconf could crash during configuration if configured to use
"geoip continent" ACLs with legacy GeoIP. [GL #1163]
* named-checkconf now correctly reports missing dnstap-output option
when dnstap is set. [GL #1136]
* Handle ETIMEDOUT error on connect() with a non-blocking socket. [GL #
1133]
License
BIND is open source software licensed under the terms of the Mozilla