Changelogs for 4.2.x
====================
.. changelog::
:version: 4.2.3
:released: September 2nd 2020
This release contains the fix for :doc:`PowerDNS Security Advisory 2020-05 <../security-advisories/powerdns-advisory-2020-05>` (CVE-2020-17482)
.. change::
:tags: Bug Fixes
:pullreq: 9499
Raise an exception on invalid hex content in unknown records.
.. change::
:tags: Bug Fixes
:pullreq: 9191
:tickets: 9181
mydns: add SOA to list() output
.. changelog::
:version: 4.2.2
:released: 9th of April 2020
.. change::
:tags: Bug Fixes
:pullreq: 9010
fix records ending up in wrong packet section (Kees Monshouwer)
.. change::
:tags: Improvements
:pullreq: 9003, 8736
cache: strictly enforce maximum size, and improve cleanup routine
.. change::
:tags: Bug Fixes
:pullreq: 9001
avoid IXFR-in corruption when deltas come in close together (please see the :ref:`ixfr-in-corruption-4.2.2` upgrade notes)
.. change::
:tags: New Features
:pullreq: 8786
api: add includerings option to statistics endpoint
.. change::
:tags: Bug Fixes
:pullreq: 8612
fix out-of-bound access for zero length "serialized" string when using lmdbbackend. (Kees Monshouwer)
.. change::
:tags: Bug Fixes
:pullreq: 8602
bind backend: pthread_mutex_t should be inited and destroyed and not be copied
.. changelog::
:version: 4.2.1
:released: 2nd of December 2019
This release fixes several bugs and makes a few features more robust or intuitive. It also contains a few performance improvements for API users.
.. change::
:tags: Bug Fixes
:pullreq: 8589
:tickets: 8572
LUA view: do not crash on empty IP list
.. change::
:tags: Bug Fixes
:pullreq: 8576
API: Accept headers without spaces
.. change::
:tags: Bug Fixes
:pullreq: 8570
:tickets: 8299
Avoid database state-related SERVFAILs after a LUA error
.. change::
:tags: Bug Fixes, Improvements, LMDB
:pullreq: 8568
:tickets: 8134
Just before 4.2.0, some SQL-related fixes broke edit-zone and other features with the LMDB backend. This has been fixed now. (backport by Kees Monshouwer)
.. change::
:tags: Performance, Improvements
:pullreq: 8457
API: reduce number of database connections (Kees Monshouwer)
.. change::
:tags: Bug Fixes
:pullreq: 8497
Clear the caches for the entire zone after a patch operation (was apex only).
The default default-api-rectify setting was ignored in patchZone(), rectify only took place when the API-RECTIFY metadata was set to "1".
(Kees Monshouwer)
.. change::
:tags: Improvements
:pullreq: 8546
Register a few known RR types and remove an unknown one
.. change::
:tags: New Features, Improvements
:pullreq: 8549
Add SLAVE-RENOTIFY zone metadata support (Matti Hiljanen)
.. change::
:tags: Bug Fixes
:pullreq: 8507
:tickets: 8217
rfc2136, pdnsutil: somewhat improve duplicate record handling
.. change::
:tags: Improvements
:pullreq: 8548
bindbackend: use metadata for also-notifies as well (Matti Hiljanen)
.. change::
:tags: Improvements
:pullreq: 8508
:tickets: 8218
pdnsutil increase-serial: under SOA-EDIT=INCEPTION-EPOCH, bump as if it is EPOCH
.. change::
:tags: New Features, Improvements
:pullreq: 8547
Add configurable timeout for inbound AXFR (Matti Hiljanen)
.. change::
:tags: Performance, Improvements
:pullreq: 8541
API: optionally do not return dnssec info in domain list (Chris Hofstaedtler)
.. change::
:tags: Improvements
:pullreq: 8454
Basic validation of $GENERATE parameters
.. change::
:tags: New Features, Improvements
:pullreq: 8428
Add CentOS 8 as builder target
.. change::
:tags: New Features, Improvements
:pullreq: 8341
gmysql backend, add an option to send the SSL capability flag
.. changelog::
:version: 4.2.0
:released: 30th of August 2019
Compared to the last release candidate, one more bug has been fixed.
The LMDB backend is incomplete in this version. Slaving zones works, loading zones with pdnsutil works, but more fine-grained edits (using edit-zone, or the REST API) fail. We hope to fix this soon in a 4.2.x release.
For an overview of features new since 4.1.x, please see `the 4.2.0 announcement blog post `__.
.. change::
:tags: Bug Fixes
:pullreq: 8229
bind getAllDomains: ignore per-zone exceptions
.. changelog::
:version: 4.2.0-rc3
:released: 29th of July 2019
Thanks to an overwhelming amount of testing by our fabulous user community, this release candidate contains a ton of bug fixes (and a few improvements) compared to the previous one. We hope this has shaken out all of the important bugs, so that we can release 4.2.0 soon!
This release, sadly, cripples the LMDB backend somewhat, due to `transaction-related fixes for the SQL backends `__. We hope to fix `this issue `__ before 4.2.0, or otherwise, early in 4.2.x.
.. change::
:tags: Bug Fixes
:pullreq: 8168
packethandler: Compare TSIG key name using DNSName
.. change::
:tags: Improvements
:pullreq: 8172, 8173
boost.m4 improvements
.. change::
:tags: Bug Fixes
:pullreq: 8169
Make sure we always compile with BOOST_CB_ENABLE_DEBUG set to 0
.. change::
:tags: Bug Fixes
:pullreq: 8058
Fix SERVFAIL when backend returns empty DNSName
.. change::
:tags: Improvements
:pullreq: 8126
add metric for open TCP connections
.. change::
:tags: Bug Fixes
:pullreq: 8149
stop using select() in places where FDs can be >1023
.. change::
:tags: Bug Fixes
:pullreq: 8166
pdnsutil increase-serial: set right ordername
.. change::
:tags: Bug Fixes
:pullreq: 8097
use BIGINT for notified_serial in pg schema (Klaus Darilion)
.. change::
:tags: Improvements, Robustness, Performance
:pullreq: 8092
Various robustness and performance improvements around domain IDs (Kees Monshouwer)
.. change::
:tags: Bug Fixes
:pullreq: 8056
Fix the accounting of servfail-queries in the distributor
.. change::
:tags: Improvements, Build
:pullreq: 8064
remove unused import to enable compile on illumos (Thomas Mieslinger)
.. change::
:tags: Improvements, Performance
:pullreq: 8051
ixfrdist: limit XFR chunk size to 16k
.. change::
:tags: Bug Fixes
:pullreq: 8028
limit compression pointers to 14 bits
.. change::
:tags: Bug Fixes
:pullreq: 8037
catch name & IP parse errors during outgoing notify preparations
.. change::
:tags: Improvements
:pullreq: 7998
Fix a memory leak when sqlite3_exec() fails
.. change::
:tags: Improvements, Build
:pullreq: 8019, 7980
don't enable the tbhandler when libc only pretends to be glibc (James Taylor)
.. change::
:tags: Improvements
:pullreq: 8006
Fix a leak on 'Backend reported permanent error which prevented lookup' error
.. change::
:tags: Improvements
:pullreq: 7996
Clear CMSG_SPACE(sizeof(data)) in cmsghdr to appease valgrind
.. change::
:tags: New Features
:pullreq: 7550
web: make max request/response body size configurable
.. change::
:tags: Improvements
:pullreq: 7918
deprecate SOA autocomplete in pdnsutil check-zone (Kees Monshouwer)
.. change::
:tags: Improvements, Packaging
:pullreq: 7889
move /var/lib/pdns to pdns-server debian package
.. change::
:tags: Improvements
:pullreq: 7890
Show newer features in configure output and --version
.. change::
:tags: Improvements, Performance
:pullreq: 7910
completely disable the packet when cache-ttl=0 (Kees Monshouwer)
.. change::
:tags: Improvements
:pullreq: 7943
Improve error when notification comes in for non-slave zone
.. change::
:tags: Improvements
:pullreq: 7962
web: add edited_serial to Zone object
.. change::
:tags: Improvements, Build
:pullreq: 7871
Adapt calidns for openbsd and other systems without rcvmmsg(2)
.. change::
:tags: Improvements, Performance
:pullreq: 7699
DNSName, speed up toString() conversion
.. changelog::
:version: 4.2.0-rc2
:released: 14th of June 2019
.. change::
:tags: Improvements, LMDB
:pullreq: 7807
Make explicit lmdbbackend synchronous option
.. change::
:tags: Improvements, LMDB
:pullreq: 7700
Reduce mmap size for lmdb on 32 bits plus restrict number of shards
.. change::
:tags: Bug Fixes, LMDB
:pullreq: 7784, 7697, 7643
LMDB improvements:
* lmdbbackend: auth was unset in get() (always true) (Kees Monshouwer)
* LMDB defaulted to port 0 for master addresses unless explicitly set
* fix ``getAllDomains()`` (Kees Monshouwer)
.. change::
:tags: Bug fixes, Backends
:pullreq: 7891
auth API, pdnsutil: improve backend transaction correctness
.. change::
:tags: Robustness, Backends
:pullreq: 7881
detect SOA cache pollution caused by broken backends (Kees Monshouwer)
.. change::
:tags: Improvements, Backends
:pullreq: 7852
sqlite3: make journal mode configurable; default to WAL
.. change::
:tags: Bug Fixes, Backends
:pullreq: 7854
auth gsql ``getAllDomains``: ignore stou errors
.. change::
:tags: Performance, Backends
:pullreq: 7460
speedup ``getUpdatedMasters()`` for the gsql backends (Kees Monshouwer)
.. change::
:tags: Bug Fixes, Backends
:pullreq: 7831, 7787
Rectify/ENT fixes:
* Allow updates to override existing ENT records
* Fix ENTs removal when "replacing" new records via the API
.. change::
:tags: Bug Fixes, Backends
:pullreq: 7363
Cleanup SOA editing (Kees Monshouwer)
.. change::
:tags: Backends
:pullreq: 7753
pdns_control reopens geoip databases on reload (jpmens)
.. change::
:tags: Backends
:pullreq: 7696
b2b-migrate did not open a transaction, breaking it for lmdb
.. change::
:tags: Backends
:pullreq: 7706
No longer filter DNSSEC metadata when DNSSEC is enabled in gsql
.. change::
:tags: Backends
:pullreq: 7580
Rectify for ent records in narrow zones was slightly wrong. (Kees Monshouwer)
.. change::
:tags: Backends
:pullreq: 7529
Clear caches (meta-data, keys) on domain deletion
.. change::
:tags: Performance, LUA
:pullreq: 7869, 7897
optionally reuse Lua state
.. change::
:tags: Improvements, Portability
:pullreq: 7862, 7861, 7818, 7668
Portability/building improvements:
* Update boost.m4 to the latest version
* Check if ``-latomic`` is needed instead of hardcoding (neheb)
* Use ``net-snmp-config --netsnmp-agent-libs`` instead of ``--agent-libs``
* bump boost requirement to 1.42 unconditionally
.. change::
:tags: Improvements, Robustness
:pullreq: 7864, 7865, 7708
Robustness improvements:
* Fix warnings reported by Coverity
* Initialize cURL before starting any thread
* Don't do unaligned memory access
.. change::
:tags: Improvements, Compliance
:pullreq: 7873
Always truncate when the additional records do not fit in a response (Kees Monshouwer)
.. change::
:tags: Improvements, Compliance
:pullreq: 7859
Remove ``disable-tcp`` option
.. change::
:tags: Improvements, Compliance
:pullreq: 7615
RKEY is missing algorithm field (DNS-Leo)
.. change::
:tags: Bug Fixes, Compliance
:pullreq: 7789, 7772
DNSSEC fixes:
* Don't sign insecure records with keys from other zones (Kees Monshouwer)
* always add DS for secure zones, broken since #7523 (Kees Monshouwer)
.. change::
:tags: Improvements, Compliance
:pullreq: 7410
Ignore Path MTU Discovery on UDP server socket
.. change::
:tags: Features, Tools
:pullreq: 7832
add DoH support to sdig
.. change::
:tags: Bug Fixes, Tools
:pullreq: 7801
:tickets: 7667
pdnsutil: show DS for second and further keys too
.. change::
:tags: Features, Tools
:pullreq: 7655
dumresp: add TCP support
.. change::
:tags: Deprecation, API
:pullreq: 7797
API: mark ``set-ptr`` as deprecated (zeha)
.. change::
:tags: Robustness
:pullreq: 7790, 7569, 7662, 7503, 7517, 7587
Various robustness improvements:
* Do not busy loop if we get lots of notifies.
* Improve error reporting with garbage in the 'master' field of the database
* Do not exit on exception resolving addresses to notify
* Auth ringbuffer summaries were case sensitive & accounted delegations incorrectly
* plug mysql_thread_init memory leak
* Ensure we increase the number of queued queries before decreasing it
.. change::
:tags: Performance, DNSSEC
:pullreq: 7523
disable dnssec pre-processing for non dnssec zones and avoid a lot of ``isSecuredZone()`` calls (Kees Monshouwer)
.. change::
:tags: Bug fixes
:pullreq: 7723
rename 'supermaster' option to 'superslave'
.. change::
:tags: Improvements, Webserver
:pullreq: 5932
improve logging in the web server
.. change::
:tags: Features, Tools
:pullreq: 7481
pdnsutil, dnswasher: add support for encrypting IP addresses
.. change::
:tags: Improvements
:pullreq: 7584
GSQL: Log more data in error messages
.. changelog::
:version: 4.2.0-rc1
:released: 19th of March 2019
.. change::
:tags: Bug Fixes
:pullreq: 7576
:tickets: 7573
Insufficient validation in the HTTP remote backend (CVE-2019-3871, PowerDNS Security Advisory :doc:`2019-03 <../security-advisories/powerdns-advisory-2019-03>`)
.. change::
:tags: Bug Fixes, API
:pullreq: 7546
:tickets: 7545
Fix API search failed with "Commands out of sync; you can't run this command now".
.. change::
:tags: Bug Fixes, GeoIP
:pullreq: 7219
Fix static lookup when using weighted records on multiple record types.
.. change::
:tags: Improvements, DNSSEC
:pullreq: 7516
Report ``checkKey`` errors upwards.
.. change::
:tags: Bug Fixes, MySQL
:pullreq: 7496
:tickets: 7493
Fix invalid SOA record in MySQL which prevented the authoritative
server from starting.
.. change::
:tags: Improvements
:pullreq: 6872
ixfrdist: Add option to limit AXFR record count.
.. change::
:tags: Improvements, API
:pullreq: 7326
:tickets: 5430
Add ``type`` filter to search-data api.
.. change::
:tags: Improvements, Internals
:pullreq: 7502
Use a less expensive way to get memory stats for ``real-memory-usage``.
.. change::
:tags: Improvements, API
:pullreq: 7359
:tickets: 7357
Add ``rcode`` response statistics on API.
.. change::
:tags: Improvements
:pullreq: 7490
:tickets: 7393
Lua records: Add ``useragent`` option to ``ifurlup`` and set a default.
.. change::
:tags: Improvements, Remote
:pullreq: 7448
:tickets: 7444
remotebackend: Implement ``getUpdatedMasters``.
.. change::
:tags: Bug Fixes
:pullreq: 7494
Correctly interpret an empty AXFR response to an IXFR query.
.. change::
:tags: Improvements
:pullreq: 7492
:tickets: 6853
Lua: Expose ``dns_random`` as ``pdnsrandom``.
.. change::
:tags: Improvements, API
:pullreq: 7491
:tickets: 6451
Use commas instead of spaces when setting Zone Masters via the REST API.
.. change::
:tags: Bug Fixes, API
:pullreq: 7488
:tickets: 6114
Improve handling of out of range ``modified_at`` value.
.. change::
:tags: Bug Fixes, Tools
:pullreq: 7482
Fix output order of pdnsutil ``add-record``.
.. change::
:tags: Bug Fixes
:pullreq: 7352
Respect packet size limits, even with ECS and TSIG.
.. change::
:tags: Bug Fixes
:pullreq: 7459
:tickets: 7429
Fix dot stripping in ``setcontent()``.
.. change::
:tags: Improvements, API
:pullreq: 7463
Improve RRset validation.
.. change::
:tags: Bug Fixes, MySQL
:pullreq: 7475
Avoid infinite loop in mydnsbackend.
.. change::
:tags: Bug Fixes, LMDB
:pullreq: 7472
:tickets: 7471
Do not compress the root since LMDB backend cannot set a root zone
with a compressible SOA record.
.. change::
:tags: Bug Fixes, LMDB
:pullreq: 7470
:tickets: 7453
Avoid duplicate NSEC3 records in presigned zones in LMDB backend.
.. change::
:tags: New Features, LMDB
:pullreq: 7453
Authoritative LMDB backend.
.. change::
:tags: Improvements, Internals
:pullreq: 7412
Be smarter about trimming whitespace when creating records from ASCII.
.. change::
:tags: Improvements, Internals
:pullreq: 6634
More sandboxing using SystemD's features.
.. change::
:tags: Improvements, Internals
:pullreq: 7353
Fix attempt to restrict / speed-up additional processing to auth zone.
.. change::
:tags: Bug Fixes, Tools
:pullreq: 7148
sdig: Handle non-IN class records better.
.. change::
:tags: Improvements, DNSSEC
:pullreq: 7340
Error on DNSSEC default misconfiguration.
.. change::
:tags: Bug Fixes, Improvements, Tools
:pullreq: 7364
Dnsscope off-by-one + domain-filter.
.. change::
:tags: Bug Fixes, Internals
:pullreq: 7382
Fix ``dns_random()`` always returning 0 when the minimum acceptable value is 0.
.. change::
:tags: Bug Fixes, Internals
:pullreq: 7320
Lower ``udp-truncation-threshold`` by default to 1232.
.. change::
:tags: Improvements, Internals
:pullreq: 7293
Make ``pdns_control notify *`` also notify slaves zones.
.. change::
:tags: Improvements, Internals
:pullreq: 7348
Zero out QTYPE response numbers in our statistics. Makes Valgrind
usable on auth again.
.. change::
:tags: Bug Fixes, Tools
:pullreq: 7244
:tickets: 7319
pdns_notify: Support hostname for notification.
.. change::
:tags: Improvements, Internals
:pullreq: 7345
Improve memory handling for NSEC(3) records with lots of types.
.. change::
:tags: Bug Fixes
:pullreq: 7341
Fix replying from ANY address for non-standard port.
.. change::
:tags: Improvements, API
:pullreq: 7286
Fix a couple of Swagger / OpenAPI issues.
.. change::
:tags: Bug Fixes
:pullreq: 7288
Fix a few off-by-one errors.
.. change::
:tags: Bug Fixes, GeoIP
:pullreq: 7227
:tickets: 7219
Forbid 0 as weight value.
.. change::
:tags: Bug Fixes, Internals
:pullreq: 7294
Prevent leak of file descriptor if running out of ports for incoming AXFR.
.. change::
:tags: Improvements, DNSSEC
:pullreq: 7284
Fallback to SHA1 for the signatures cache if MD5 is not available.
.. change::
:tags: Bug Fixes, API
:pullreq: 7278
:tickets: 7277
Prevent more than one CNAME / SOA record in the same RRset.
.. change::
:tags: Improvements, Internals
:pullreq: 7245
Use a cache-able soa record for the serial check caused by a notify.
.. change::
:tags: Improvements
:pullreq: 6894
Improved Lua records - Added all selector, and backupSelector fallbacks.
.. change::
:tags: Bug Fixes
:pullreq: 6823
:tickets: 6821
On incoming NOTIFY load our serial from backend to have it available during slave-check.
Also log ourserial to ease debugging.
.. change::
:tags: Improvements, API, DNSSEC
:pullreq: 5988
API: Add TSIG key manipulation endpoints.
.. change::
:tags: Improvements
:pullreq: 7026
Configure ``--enable-pdns-option`` ``--with-third-party-module``.
.. change::
:tags: Improvements
:pullreq: 6731
:tickets: 6693
Address some known LUA Records issues:
* Better check input lists,
* Report lua wildcards errors,
* Exposes ``DNSName::getRawLabels`` in lua env,
* Better document LUA functions and objects.
.. change::
:tags: Improvements, API
:pullreq: 7233
Make API changes do a rectify by default, add an option to disable.
.. change::
:tags: Bug Fixes, Improvements
:pullreq: 6838
:tickets: 1355, 1366
Remove ``autoserial`` from the Authoritative Server. Serial 0 was a little bit too special in PowerDNS.
.. change::
:tags: Bug Fixes
:pullreq: 7228
Handle ANY queries with Lua records.
.. change::
:tags: Improvements
:pullreq: 6869
Remove ``out-of-zone-additional-processing`` setting.
.. change::
:tags: Bug Fixes
:pullreq: 7217
geoip: properly delete libGeoIP return values.
.. change::
:tags: Bug Fixes
:pullreq: 7067
SOA-check: reject NXDOMAIN response and check label of RR against qname.
.. change::
:tags: Improvements, DNSSEC
:pullreq: 6958
Improve RSA key warnings.
.. change::
:tags: Bug Fixes
:pullreq: 7201
Fix ``carbon-instance`` / ``carbon-namespace`` inconsistencies.
.. change::
:tags:
:pullreq: 7196
:tickets: 7195
geoipbackend: Allow empty content for ENT record.
.. change::
:tags: Tools, DNSSEC
:pullreq: 7187
pdnsutil.1 & settings:
* Add Ed25519 and Ed448,
* Document ECC keysizes,
* Remove old algos.
.. change::
:tags: Bug Fixes, API
:pullreq: 6871
Check DNSNames that should be hostnames.
.. change::
:tags:
:pullreq: 6959
:tickets: 2362, 6951
Add namespace and instance variable to carbon key.
.. change::
:tags: Bug Fixes, Packages
:pullreq: 7134
Fix up the BIND config files on upgrade.
.. change::
:tags: Bug Fixes
:pullreq: 7024
geoipbackend: Handle read error for config file.
.. change::
:tags: Improvements
:pullreq: 7069
Use unique pointers in the OpenSSL signer.
.. change::
:tags: API, Removed Features
:pullreq: 7025
Remove ``api-logfile`` flag and grep API endpoint.
.. change::
:tags: Improvements
:pullreq: 6962
Store ``NetmaskTree`` nodes in a set for faster removal.
.. change::
:tags: New Features
:pullreq: 6969
Adds the glorious log-log histograms.
.. change::
:tags: Bug Fixes
:pullreq: 7017
Make sure we escape ``127`` in TXT records.
.. change::
:tags: Bug Fixes
:pullreq: 4598
Add support for NONE SOA-EDIT kind.
.. change::
:tags: Tools
:pullreq: 6997
Name threads in the programs.
.. change::
:tags: Improvements
:pullreq: 6727
ALIAS: Respond SERVFAIL on non-NOERRORs from resolver.
.. change::
:tags: Improvements
:pullreq: 6910
Add support for OpenSSL 1.1.1's ed25519 and ed448 for signing and verifying.
.. change::
:tags: Improvements
:pullreq: 6822
Add incremental ``slave-check`` backoff also for failed AXFR.
.. change::
:tags: Bug Fixes
:pullreq: 6923
Respond correctly to DS query at delegation in unsigned zone.
.. change::
:tags: Improvements
:pullreq: 6975
Enhance query-logging with timing for MySQL, PostgreSQL and SQLite.
.. change::
:tags: Improvements
:pullreq: 6811
Apply ALIAS scopemask after chasing.
.. change::
:tags: Improvements
:pullreq: 6948
Fix compilation with LibreSSL 2.7.0+.
.. change::
:tags: Bug Fixes
:pullreq: 6917
Release memory in case of error in the OpenSSL ECDSA constructor.
.. change::
:tags: Bug Fixes
:pullreq: 6913
:tickets: 6912
Actually truncate truncated responses.
.. change::
:tags: Improvements, Packages
:pullreq: 6921
Remove GOST and Botan support.
.. change::
:tags: Improvements, API
:pullreq: 6668
Add zone lookup by ``/zones?zone=example.org``.
.. change::
:tags: Bug Fixes
:pullreq: 6858
RFC2136 fixes.
.. change::
:tags: Improvements
:pullreq: 6825
Add option ``send-signed-notify`` to send NOTIFYs without TSIG signature.
.. change::
:tags: Removed Features, API
:pullreq: 6845
Drop ``api-readonly`` configuration setting.
.. change::
:tags: Bug Fixes
:pullreq: 6857
Remove SOA-check backoff on incoming NOTIFY and fix ``d_lock`` handling.
.. change::
:tags: Bug Fixes, Tools
:pullreq: 6859
Make ``edit-zone`` catch zoneparser exceptions as well.
.. change::
:tags: Improvements, Tools
:pullreq: 6843
``check-all-zones``: find duplicate zones and SOAs.
.. change::
:tags: Bug Fixes
:pullreq: 6834
``check-zone``: allow null MX, SRV.
.. change::
:tags: Bug Fixes
:pullreq: 6844
Workaround MariaDB pretending to be MySQL.
.. change::
:tags: Improvements
:pullreq: 6824
Add the serials when logging the final result of a slave check.
.. change::
:tags: Bug Fixes, API
:pullreq: 6780, 6816
Make sure that we use strict weak records ordering in the API.
(Doing this avoids concurrent records / comments iteration from running out of sync.)
.. change::
:tags: Bug Fixes
:pullreq: 6738
Reset the TSIG state between queries.
.. change::
:tags: Improvements, Tools
:pullreq: 6774
calidns: Accurate qps targets.
.. change::
:tags:
:pullreq: 6769
LuaWrapper: Disable maybe uninitialized warnings with boost optional.
.. change::
:tags: Bug Fixes
:pullreq: 6495
Only parse ``resolv.conf`` once - this avoids race conditions.
.. change::
:tags: Improvements
:pullreq: 6730
Implement a smarter dedup for filling packets in auth.
.. change::
:tags: Improvements, Tools
:pullreq: 6691
pdns_control notify: Handle slave w/o renotify properly.
.. change::
:tags: Improvements, Tools
:pullreq: 6653
pdnsutil: Occlusion and auth check improvements.
.. change::
:tags: Bug Fixes
:pullreq: 6655
Sign CDS/CDNSKEY RRsets with the KSK.
.. change::
:tags: Improvements
:pullreq: 6658
luawrapper: Report caught ``std::exception`` as ``lua_error``.
.. change::
:tags: Bug Fixes
:pullreq: 6686
Initialize some missed qtypes: WKS, SMIMEA.
.. change::
:tags: Bug Fixes
:pullreq: 6677
geoipbackend: Check ``GeoIP_id_by_addr_gl`` and ``GeoIP_id_by_addr_v6_gl`` return value.
.. change::
:tags: Bug Fixes
:pullreq: 6499
stubresolver: Improve locking.
.. change::
:tags: Improvements
:pullreq: 6633
Reject duplicate RRsets in patchZone.
.. change::
:tags: Bug Fixes, API
:pullreq: 6647
Remove ENTs when "replacing" new records.
.. change::
:tags: Bug Fixes
:pullreq: 6648
gmysql: Use future-proof statement for transaction isolation.
.. change::
:tags: Improvements, API
:pullreq: 6649
API export function output change to add IN to the output.
.. change::
:tags: Improvements, API
:pullreq: 6662
:tickets: 6652
Send correct response codes for the CryptoKey endpoints.
.. change::
:tags: Improvements
:pullreq: 6659
Ensure ALIAS answers over TCP have correct name.
.. change::
:tags: Bug Fixes, Tools
:pullreq: 6617
calidns: Don't issue socket buffer or SCHED_FIFO warnings in quiet mode.
.. change::
:tags: Bug Fixes, API
:pullreq: 6614
Restrict creation of OPT and TSIG rrsets.
.. change::
:tags: Improvements
:pullreq: 6561
Fix some minor issues for presigned (large) bind zones.
.. change::
:tags: Tools
:pullreq: 6582
dnsreplay: Add more checks against bogus PCAP.
.. change::
:tags: Bug Fixes, Improvements
:pullreq: 6585
:tickets: 6584
Geoip: Fix poisoning of cache when hit service's default network.
Also includes an optimization to make lookups faster.
.. change::
:tags: Improvements, Tools
:pullreq: 6594
pdnsutil: also load modules through the ``load-modules`` directive.
.. change::
:tags: Improvements, Tools
:pullreq: 6601
calidns: Add ``quiet``, ``minimum-success-rate`` options to use from a script.
.. change::
:tags: New Features, Tools
:pullreq: 6564
Add ``dnspcap2calidns`` to convert PCAP to the calidns format.
.. change::
:tags: Bug Fixes, Tools
:pullreq: 6580
dnsreplay: Bail out on a too small outgoing buffer.
.. change::
:tags: Bug Fixes, Tools
:pullreq: 6559
pdnsutil: Use new domain in ``b2bmigrate``.
.. change::
:tags: Bug Fixes, API
:pullreq: 6571
Increase serial after DNSSEC related updates.
.. change::
:tags: Improvements
:pullreq: 6558
bindbackend: Refuse launch suffixes.
.. change::
:tags: Improvements, Tools
:pullreq: 6526
calidns: Add an option to read ECS values from the query file, skip comments.
.. change::
:tags: Bug Fixes
:pullreq: 6531
Avoid interleaved access to B (via ``d_dk``). Before this patch,
the meta lookup would interfere with the already-started
``B.lookup``. This caused failures with odbc/MSSQL.
.. change::
:tags: Improvements
:pullreq: 6530
Add missing overrides.
.. change::
:tags: Improvements, Tools
:pullreq: 6525
calidns: Add a ``maximum-qps`` option to stay at a given stable load.
.. change::
:tags: New Features
:pullreq: 6171
LUA Records (yes we know it is "Lua").
.. change::
:tags: Bug Fixes
:pullreq: 6481
Add return 0 for correct exit of ``set-kind`` and ``set-account``.
.. change::
:tags: Bug Fixes, Tools
:pullreq: 6487
Link ``dnspcap2protobuf`` against librt when needed.
.. change::
:tags: Bug Fixes
:pullreq: 6484
Recheck serial when AXFR is done.
.. change::
:tags: Improvements, Internals
:pullreq: 5274
dns_random: Implement new dns_random.
.. change::
:tags: New Features
:pullreq: 5821
:tickets: 5260
LDAP misc updates:
* ALIAS support,
* DNAME support.
.. change::
:tags: Improvements
:pullreq: 6427
Avoid an isane amount of new backend connections during an AXFR.
.. change::
:tags: Improvements, Internals
:pullreq: 6358
Remove ``theLog`` and ``theL`` and replace this with a global ``g_log``.
.. change::
:tags: Improvements, Tools
:pullreq: 6331
Add TCP support for ALIAS.
.. change::
:tags: Improvements
:pullreq: 6377
Add support for MB and MG RR types.
.. change::
:tags: Improvements
:pullreq: 6102
Add actual EDNS buffer size logging, not just our interpretation.
.. change::
:tags: Improvements, Internals
:pullreq: 6312
Lower 'packet too short' loglevel.
.. change::
:tags: Bug Fixes
:pullreq: 6396
Report unparseable data in stoul ``invalid_argument`` exception.
.. change::
:tags: New Features, Tools
:pullreq: 6374
Add quiet modifier to pdnsutil ``rectify-all-zones`` command.
.. change::
:tags: Bug Fixes
:pullreq: 6370
Fix handling of user defined AXFR filters return values.
.. change::
:tags: Bug Fixes
:pullreq: 6342
:tickets: 6263
Reload ``/etc/resolv.conf`` when modified.
.. change::
:tags: Bug Fixes, Tools
:pullreq: 6354
Rather than crash, sheepishly report no file/linenum in pdnsutil.
.. change::
:tags: Improvements, Tools
:pullreq: 6326
calidns: Add the ``--ecs`` parameter to add random ECS values to queries.
.. change::
:tags: Improvements
:pullreq: 6157
Lua2 backend: This is a rewrite of the lua backend. It uses AuthLua4 as basis and more strongly typed access using LuaContext.
.. change::
:tags: Improvements
:pullreq: 5361
:tickets: 3602
Make requests always return to sender, for usage in multimaster slave zones. Also - made sure that the master that is questioned for updates will be selected randomly, to prevent repeatedly asking a dead master for updates.
.. change::
:tags: Improvements, API
:pullreq: 6325
Return status ``409`` if domain already exists.
.. change::
:tags: Improvements
:pullreq: 6276
Reject updates if they would lead to CNAME+Other data.
.. change::
:tags: Improvements
:pullreq: 6243
Fix rectify (ordername) for non-DNSSEC zones.
.. change::
:tags: Improvements
:pullreq: 6278
pkcs11signers: Fix yubikey NEO to work.
.. change::
:tags: Bug Fixes
:pullreq: 6297
Make ``check-zone`` error on rows that have content but shouldn't.
.. change::
:tags: Improvements
:pullreq: 6100
Make ``outgoing-query-address`` and ``outgoing-query-address6``
behaviours equivalent.
.. change::
:tags: Improvements
:pullreq: 6128
:tickets: 5268
GeoIPbackend improvements:
* Adds MMDB support. Now geoip backend can be compiled without geoip support,
* Adds location support,
* Fixes SERVFAIL if expansion is empty.
.. change::
:tags: Improvements
:pullreq: 6295
Fix syntax error for ``replace-rrset``. (@lordievader)
.. change::
:tags: Improvements, API
:pullreq: 2603
Expose ``ResponseStats`` via REST API.
.. change::
:tags: Improvements, Internals
:pullreq: 6230
Remove all traces of selectmplexer, fix up pollmplexer.
.. change::
:tags: Bug Fixes, Tools
:pullreq: 6172
IXFR: correct behavior of dealing with DNS Name with multiple records; speed up IXFR transaction.
.. change::
:tags: Bug Fixes
:pullreq: 6152
bindbackend: handle ``std::exception`` during startup zone-parsing.
.. change::
:tags: Improvements, Tools
:pullreq: 6166
Add an ``--initial-port`` option to dnsreplay.
.. change::
:tags: Improvements
:pullreq: 6220
:tickets: 5079, 5594, 5654
Add XPF support to sdig, PowerDNS Recursor and dnsdist.
.. change::
:tags: Improvements, Internals
:pullreq: 5068
:tickets: 1010
Change from ``time_t`` to ``uint32_t`` for serial in ``calculateSOASerial``.
.. change::
:tags: Improvements
:pullreq: 5960
Check more thoroughly the source of UDP answers.
.. change::
:tags: Improvements
:pullreq: 6162
Slave cleanups. (@zeha)
.. change::
:tags: Bug Fixes
:pullreq: 6019
:tickets: 5915
gmysql-backend: set unsigned attribute on ``notified_serial`` column.
.. change::
:tags: Improvements
:pullreq: 6158
:tickets: 2611
pdns: Improve record parsing
.. change::
:tags: Bug Fixes
:pullreq: 6018
Escaping unusual DNS label octets in DNSName is off by one.
.. change::
:tags: Improvements, Internals
:pullreq: 5979
Use ``toLogString()`` for logging and throwing.
.. change::
:tags: Improvements, Internals
:pullreq: 6156
Remove obsolete EDNS PING code. (@zeha)
.. change::
:tags: Bug Fixes
:pullreq: 6155
Update EDNS Option code list.
.. change::
:tags: Improvements
:pullreq: 6146
Changes to compile and run on NetBSD.
.. change::
:tags: Bug Fixes
:pullreq: 4547
Remove ``serializeSOAData``, refactor ``calculate``/``edit``/``increaseSOA``.
.. change::
:tags: Improvements, Tools
:pullreq: 6063
Add colour to diff output of pdnsutil.
.. change::
:tags:
:pullreq: 6124
:tickets: 6101, 6120
Improve tests and two bugfixes:
* Fix xfrIP to reject invalid ips,
* Accept seconds since epoch in RRSIG timestamps too.
(@stbuehler)
.. change::
:tags: Improvements
:pullreq: 6139
Forbid creating algo 5/8/10 keys with out-of-spec sizes.
.. change::
:tags: Bug Fixes
:pullreq: 6132
Add methods missing from AuthLua4 when Lua support is disabled.
.. change::
:tags: Bug Fixes
:pullreq: 6129
Init openssl and libsodium before chrooting in pdnsutil.
.. change::
:tags: Bug Fixes, LDAP
:pullreq: 6122
Fix listing zones incl. AXFR.
.. change::
:tags: Bug Fixes
:pullreq: 6107
Fix uninitialized index in Lua's DNSPacket::getRRS() binding.
.. change::
:tags: Bug Fixes
:pullreq: 6103
:tickets: 6089
Fix out of bounds exception in CAA processing.
.. change::
:tags: Improvements, API
:pullreq: 6076
Return ``404`` for non-existing zones.
.. change::
:tags: Improvements
:pullreq: 5862
:tickets: 5854
Add Draft of Swagger spec for Authoritative Server HTTP API.
.. change::
:tags: Bug Fixes
:pullreq: 6029
:tickets: 6028
Forbid label compression in ALIAS wire format.
.. change::
:tags: Improvements
:pullreq: 7359
:tickets: 7357
API: Add response-by-qtype and response-by-rcode on /statistics endpoint
.. change::
:tags: Improvements
:pullreq: 6021
Several improvements to processing of notifies.
* Turn off supermaster support by default (adds new setting).
* PowerDNS was wasting a lot of queries while processing notifies.
* Use comboaddress for IPs (was strings)