of DNSSEC data in dig output and in generated
zone files:
- DNSKEY record comments are more verbose, no
longer used in multiline mode only
- multiline RRSIG records reformatted
- multiline output mode for NSEC3PARAM records
- "dig +norrcomments" suppresses DNSKEY comments
- "dig +split=X" breaks hex/base64 records into
fields of width X; "dig +nosplit" disables this.
[RT #22820]
to DNSSEC but are sematically equal according to plain
DNS. Apply plain DNS comparisons rather than DNSSEC
comparisons when processing UPDATE requests.
dnssec-signzone now removes such semantically duplicate
records prior to signing the RRset.
named-checkzone -r {ignore|warn|fail} (default warn)
named-compilezone -r {ignore|warn|fail} (default warn)
named.conf: check-dup-records {ignore|warn|fail};
Two new error codes. Also push back the last token, if it makes
sense to do so, so that it gets printed in the error message using
RETTOK macro, rather than straight return or RETERR.
Mostly, several functions that take pointers as arguments, almost
always char * pointers, had those pointers qualified with "const".
Those that returned pointers to previously const-qualified arguments
had their return values qualified as const. Some structure members
were qualified as const to retain that attribute from the variables
from which they were assigned.
The macro DE_CONST is used to deal with a handful of very special
places where something is qualified as const but really needs to have
its const qualifier removed.
rdata.c now defines macros for the prototypes of the basic rdata functions,
and all of the lib/dns/rdata/**/*.c files now use them.
Some minor integer-compatibility issues. (IE, ~0x03 is a signed int,
so assigning it to an unsigned int should use a cast. The type of an
enum member is int, so there are some conversion issues there, too.)
A pointers-to-function should not be cast to a pointer-to-object.
Variables should not be named for C reserved identifiers.
One or two set-but-not-used variables removed.
Minor other ISC style cleanups.
