From e63b385073cb76fa9d22b5d9b3ac0423957a913f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Thu, 4 Feb 2021 10:40:25 +0100 Subject: [PATCH] Document the build-time requirement for nghttp2 --- PLATFORMS.md | 2 +- README.md | 14 +++++++------- doc/notes/notes-current.rst | 8 +++++--- 3 files changed, 13 insertions(+), 11 deletions(-) diff --git a/PLATFORMS.md b/PLATFORMS.md index 398123df17..ec8d2138a6 100644 --- a/PLATFORMS.md +++ b/PLATFORMS.md @@ -13,7 +13,7 @@ In general, this version of BIND will build and run on any POSIX-compliant system with a C11-compliant C compiler, BSD-style sockets with RFC-compliant IPv6 support, POSIX-compliant threads, the `libuv` asynchronous I/O library, -and the OpenSSL cryptography library. +the OpenSSL cryptography library, and the `nghttp2` HTTP/2 library. The following C11 features are used in BIND 9: diff --git a/README.md b/README.md index 61560d2b22..823f212e1c 100644 --- a/README.md +++ b/README.md @@ -128,13 +128,13 @@ including your patch as an attachment, preferably generated by At a minimum, BIND requires a Unix or Linux system with an ANSI C compiler, basic POSIX support, and a 64-bit integer type. BIND also requires the -`libuv` asynchronous I/O library, and a cryptography provider library -such as OpenSSL or a hardware service module supporting PKCS#11. On -Linux, BIND requires the `libcap` library to set process privileges, -though this requirement can be overridden by disabling capability -support at compile time. See [Compile-time options](#opts) below -for details on other libraries that may be required to support -optional features. +`libuv` asynchronous I/O library, the `nghttp2` HTTP/2 library, and a +cryptography provider library such as OpenSSL or a hardware service +module supporting PKCS#11. On Linux, BIND requires the `libcap` library +to set process privileges, though this requirement can be overridden by +disabling capability support at compile time. See [Compile-time +options](#opts) below for details on other libraries that may be +required to support optional features. Successful builds have been observed on many versions of Linux and Unix, including RHEL/CentOS, Fedora, Debian, Ubuntu, SLES, openSUSE, diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index a4a2babf21..5a843a8ab7 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -52,9 +52,11 @@ New Features an optional ``tls`` option which specifies either a previously configured ``tls`` statement or ``ephemeral``. [GL #2392] -- ``named`` now supports DNS-over-HTTPS (DoH). Both TLS-encrypted and - unencrypted HTTP/2 connections are supported (the latter may be used to - offload encryption to other software). +- Support for DNS-over-HTTPS (DoH) was added to ``named``. Because of + this, the ``nghttp2`` HTTP/2 library is now required for building the + development branch of BIND 9. Both TLS-encrypted and unencrypted + HTTP/2 connections are supported (the latter may be used to offload + encryption to other software). Note that there is no client-side support for HTTPS as yet; this will be added to ``dig`` in a future release. [GL #1144]