Changelogs for 4.7.x ==================== .. changelog:: :version: 4.7.4 :released: 17th of April 2023 This is release 4.7.4 of the Authoritative Server. It contains various bug fixes, some performance improvements, and one new feature (``pdnsutil list-member-zones``). .. change:: :tags: Bug Fixes :pullreq: 12742 Properly encode json string containing binary data .. change:: :tags: Bug Fixes :pullreq: 12741 Prevent a race during the processing of SVC auto-hints .. change:: :tags: New Features :pullreq: 12676 pdnsutil, implement list-member-zones (Kees Monshouwer) .. change:: :tags: Bug Fixes :pullreq: 12675 lmdb delete fixes and tests (Kees Monshouwer) .. change:: :tags: Bug Fixes :pullreq: 12429 minicurl: stop leaking hostlist memory .. change:: :tags: Bug Fixes :pullreq: 12521 ixfrdist fixes and improvements .. change:: :tags: Improvements :pullreq: 12458 lock.hh: include .. change:: :tags: Bug Fixes :pullreq: 12746 Pick the right signer name when a NSEC name is also a delegation point .. change:: :tags: Improvements :pullreq: 12745 calm down the communicator loop .. change:: :tags: Bug Fixes :pullreq: 12744 Fix multiple-version IXFR request handling in ixfrdist .. change:: :tags: Improvements :pullreq: 12743 timeout handling for IXFRs as a client .. changelog:: :version: 4.7.3 :released: 9th of December 2022 This is release 4.7.3 of the Authoritative Server. It contains various fixes. .. change:: :tags: Bug Fixes :pullreq: 12299 lmdb: make outgoing notifications work .. change:: :tags: Bug Fixes :pullreq: 12266 lmdb: implement alsoNotifies .. change:: :tags: Bug Fixes :pullreq: 12291 API: do not create SOA and NS records for consumer zones .. change:: :tags: Improvements :pullreq: 12296 API: slightly clearer message when a backend cannot create domains .. change:: :tags: Bug Fixes :pullreq: 12273 API: fix newly created zone not rectified .. change:: :tags: Bug Fixes :pullreq: 12272 fix invalid catalog zone sql query for gpgsqlbackend .. change:: :tags: Bug Fixes :pullreq: 12181 fix pdns_control list-zones .. changelog:: :version: 4.7.2 :released: 1st of November 2022 This is version 4.7.2 of the Authoritative Server. It fixes one bug spotted after the release of 4.7.0, for which we forgot to include the fix in 4.7.1. .. change:: :tags: Bug Fixes :pullreq: 12130 Un-reverse xfr freshness check .. changelog:: :version: 4.7.1 :released: 31st of October 2022 This is version 4.7.1 of the Authoritative Server. It fixes a few bugs spotted after the release of 4.7.0. .. change:: :tags: Bug Fixes :pullreq: 12110 include auth 4.7 schema upgrade files in tarballs and packages .. change:: :tags: Bug Fixes :pullreq: 12124 catalog zones: avoid bulk zone reset while migrating to a catalog (Kees Monshouwer) .. change:: :tags: Bug Fixes :pullreq: 12124 catalog zones: stop wasting options update queries (Kees Monshouwer) .. changelog:: :version: 4.7.0 :released: 20th of October 2022 This is version 4.7.0 of the Authoritative Server. 4.7.0 brings support for :doc:`Catalog Zones <../catalog>`, developed by Kees Monshouwer. As part of that development, the freshness checks in the Primary code were reworked, reducing them from doing potentially thousands of SQL queries (if you have thousands of domains) to only a few. Installations with lots of domains will benefit greatly from this, even without using catalog zones. 4.7.0 also brings back GSS-TSIG support, previously removed for quality reasons, now reworked with many stability improvements. Other things of note: * LUA records, when queried over TCP, can now re-use a Lua state, giving a serious performance boost. * lmdbbackend databases now get a UUID assigned, making it easy for external software to spot if a database was completely replaced * lmdbbackend databases now optionally use random IDs for objects * a new LUA function called ``ifurlextup``, and improvements in other LUA record functions * autoprimary management in ``pdnsutil`` and the HTTP API * in beta, a key roller daemon, currently not packaged Please make sure to read the :doc:`upgrade notes <../upgrading>` before upgrading. Besides that, various other smaller features and improvements have landed - please browse the list below. .. change:: :tags: Bug Fixes :pullreq: 12069 Fix compilation of the event ports multiplexer (Jonathan Perkin) .. change:: :tags: Improvements :pullreq: 12085 pdnsutil check-zone, skip metadata check for backends without getAllDomainMetadata() (Kees Monshouwer) .. change:: :tags: Bug Fixes :pullreq: 12098 fix axfr for tinydns and pipe backend (Kees Monshouwer). Note that this was only broken since 4.7.0-beta2. .. changelog:: :version: 4.7.0-rc1 :released: 3rd of October 2022 This is the first release candidate for Authoritative Server 4.7.0. 4.7.0 brings support for :doc:`Catalog Zones <../catalog>`, developed by Kees Monshouwer. As part of that development, the freshness checks in the Primary code were reworked, reducing them from doing potentially thousands of SQL queries (if you have thousands of domains) to only a few. Installations with lots of domains will benefit greatly from this, even without using catalog zones. 4.7.0 also brings back GSS-TSIG support, previously removed for quality reasons, now reworked with many stability improvements. Other things of note: * LUA records, when queried over TCP, can now re-use a Lua state, giving a serious performance boost. * lmdbbackend databases now get a UUID assigned, making it easy for external software to spot if a database was completely replaced * lmdbbackend databases now optionally use random IDs for objects * a new LUA function called ``ifurlextup``, and improvements in other LUA record functions * autoprimary management in ``pdnsutil`` and the HTTP API * in beta, a key roller daemon, currently not packaged Please make sure to read the :doc:`upgrade notes <../upgrading>` before upgrading. Besides that, various other smaller features and improvements have landed - please browse the list below. .. change:: :tags: Bug Fixes :pullreq: 12043 AXFR server: abort on chunk with TC set .. change:: :tags: New Features :pullreq: 12042 add keyroller .. change:: :tags: Improvements :pullreq: 12040 pdnsutil edit-zone, detect capitalization changes in LUA, TXT and SPF records (Kees Monshouwer) .. change:: :tags: Bug Fixes :pullreq: 12030 axfr-retriever: abort on chunk with TC set .. change:: :tags: Improvements :pullreq: 12029 clang14 has reached macOS .. change:: :tags: Improvements :pullreq: 11972 docker: upgrade to bullseye .. changelog:: :version: 4.7.0-beta2 :released: 13th of September 2022 This is the first published beta for Authoritative Server 4.7.0. (beta1 was never released because of bugs found during the release process). 4.7.0 brings support for :doc:`Catalog Zones <../catalog>`, developed by Kees Monshouwer. As part of that development, the freshness checks in the Primary code were reworked, reducing them from doing potentially thousands of SQL queries (if you have thousands of domains) to only a few. Installations with lots of domains will benefit greatly from this, even without using catalog zones. 4.7.0 also brings back GSS-TSIG support, previously removed for quality reasons, now reworked with many stability improvements. Other things of note: * LUA records, when queried over TCP, can now re-use a Lua state, giving a serious performance boost. * lmdbbackend databases now get a UUID assigned, making it easy for external software to spot if a database was completely replaced * lmdbbackend databases now optionally use random IDs for objects * a new LUA function called ``ifurlextup``, and improvements in other LUA record functions * autoprimary management in ``pdnsutil`` and the HTTP API Please make sure to read the :doc:`upgrade notes <../upgrading>` before upgrading. Besides that, various other smaller features and improvements have landed - please browse the list below. .. change:: :tags: Improvements :pullreq: 11918 some small NSEC3PARAM-related fixes to the REST API (Kees Monshouwer) .. change:: :tags: Bug Fixes :pullreq: 11842 use getInnerRemote() for the remotes ring (Kees Monshouwer) .. change:: :tags: Improvements :pullreq: 11760, 11929, 11933 LUA records: make shared mode work for TCP queries .. change:: :tags: Bug Fixes :pullreq: 11815 make sure a notified zone is in the zone cache (Kees Monshouwer) .. change:: :tags: Bug Fixes :pullreq: 11759, 11755 getTSIGKey(s) cleanup (Kees Monshouwer) .. change:: :tags: New Features :pullreq: 11772, 11822, 11825, 11836 Implement catalog zones in the authoritative server (Kees Monshouwer) .. change:: :tags: Bug Fixes :pullreq: 11764 fix deleteDomain() in lmdb backend (Kees Monshouwer) .. change:: :tags: Bug Fixes :pullreq: 11738 2136: match autosplit TXT more usefully .. change:: :tags: New Features :pullreq: 11588 Extend LUA records (rage4) .. change:: :tags: Improvements :pullreq: 11727 Also allow generic record format in zone parsing for pdnsutil zonemd-verify-file .. change:: :tags: Improvements :pullreq: 11340 pdnsutil flush prompt (norve) .. change:: :tags: Bug Fixes :pullreq: 11350 no ALIAS and LUA record expansion in presigned zones (Kees Monshouwer) .. change:: :tags: Improvements :pullreq: 11655 Change dns_tolower() and dns_toupper() to use a table .. change:: :tags: Improvements :pullreq: 11639 auth packaging: add DoT support to sdig .. change:: :tags: Improvements :pullreq: 11599 Tweak for Coverity 1488422 .. change:: :tags: New Features :pullreq: 11590, 11493, 11432, 11414, 11426 RSA, ECDSA PEM import/export .. change:: :tags: Improvements :pullreq: 11562 Try harder to find libdecaf headers .. change:: :tags: Bug Fixes :pullreq: 11466 ixfr: Fix a case where an incomplete read caused by network error might result in a truncated zone .. change:: :tags: New Features :pullreq: 11389 auth API: fetch individual rrsets .. change:: :tags: Bug Fixes :pullreq: 11314 fix proxy protocol query statistics (Kees Monshouwer) .. change:: :tags: Bug Fixes :pullreq: 11354 lmdb random-ids: stop generating negative numbers .. change:: :tags: Improvements :pullreq: 11328 lmdb: make map size configurable .. change:: :tags: New Features :pullreq: 11143 reintroduce GSS-TSIG support .. change:: :tags: Bug Fixes :pullreq: 11882 Log "NULL" for nullptr-bound properties instead of dereferencing .. change:: :tags: Improvements :pullreq: 11813 web: stop sending Server: header .. change:: :tags: Improvements :pullreq: 11862 libssl: Properly load ciphers and digests with OpenSSL 3.0 .. change:: :tags: Bug Fixes :pullreq: 11908 initialize zone cache after dropping privileges .. change:: :tags: Bug Fixes :pullreq: 11860 Fix libcrypto handling in automake files .. change:: :tags: New Features :pullreq: 11508 New setting compare-signatures-on-zone-freshness-check to disable DO flag for SOA checks .. changelog:: :version: 4.7.0-beta1 :released: never Bugs were found after beta1 was tagged. Authoritative server 4.7.0-beta1 was never released. .. changelog:: :version: 4.7.0-alpha1 :released: 17th of February 2022 This is version 4.7.0-alpha1 of the Authoritative Server. This release contains a few new features compared to 4.6, and a couple of other fixes/changes. New features: * lmdbbackend databases now get a UUID assigned, making it easy for external software to spot if a database was completely replaced * lmdbbackend databases now optionally use random IDs for objects * a new LUA function called ``ifurlextup`` * autoprimary management in ``pdnsutil`` and the HTTP API Please make sure to read the :doc:`upgrade notes <../upgrading>` before upgrading. .. change:: :tags: New Features :pullreq: 11309 lmdb: add random ID generation feature .. change:: :tags: Improvements :pullreq: 11315 el7 builds: switch to boost 1.69 .. change:: :tags: Bug Fixes :pullreq: 11306 lmdb: default values for KeyDataDB members, thanks ubsan .. change:: :tags: New Features :pullreq: 11227 auth LUA: add ifurlextup function .. change:: :tags: Improvements :pullreq: 11262 builder: migrate EL8 builds to oraclelinux, rename centos8 to el8 where possible .. change:: :tags: New Features :pullreq: 11241 auth lmdb: add a UUID to newly created databases .. change:: :tags: New Features :pullreq: 11100 new ``pdnsutil zonemd-verify-file`` command .. change:: :tags: New Features :pullreq: 11102 auth: add autoprimary management in API & pdnsutil .. change:: :tags: Improvements :pullreq: 11108 libssl: fix compilation issues on older openssl versions .. change:: :tags: Bug Fixes :pullreq: 11101 save errno value as close(2) might clobber it