This is version 4.3.2 of the Authoritative Server. This release fixes latency calculations to match the approach used in 4.4.0, to make comparisons between 4.3 and 4.4 more useful. It also contains a few build-related improvements.
fix rounding inaccuracy in latency statistics (Kees Monshouwer)¶
References: pull request 9786
This is version 4.3.1 of the Authoritative Server. This release contains the fix for PowerDNS Security Advisory 2020-05 (CVE-2020-17482). It also contains several other fixes and improvements:
add ubuntu focal target¶
References: pull request 9083
EL8 pkgs: Build mysql backend against mariadb-connector-c-devel¶
References: pull request 9036
gpgsql: Reintroduce prepared statements (Chris Hofstaedtler)¶
References: pull request 9219
gsqlite3backend: add missing indexes (Kees Monshouwer)¶
References: pull request 9233
use real remote for supermaster createSlaveDomain() (Kees Monshouwer)¶
References: pull request 9224
Optimize IXFR-to-AXFR fallback path (Chris Hofstaedtler)¶
References: pull request 9176
Install bind SQL schema files as part of bindbackend (Chris Hofstaedtler)¶
References: pull request 9013
Do not send out of zone lookups to the backends (Kees Monshouwer)¶
References: pull request 9480
Raise an exception on invalid hex content in unknown records.¶
References: pull request 9498
Handle the extra single-row result set of MySQL stored procedures (Chris Hofstaedtler)¶
References: pull request 9444
This is version 4.3.0 of the Authoritative Server. It contains all changes mentioned in the alpha, beta and RC versions below, plus two more bugfixes.
If you are upgrading from beta2 or rc2, AND ONLY THEN, please read pull request #8975 very carefully.
reduce the number of temporary memory allocations¶
References: pull request 8951
avoid IXFR-in corruption when deltas come in close together (please see the IXFR-in corruption upgrade notes)¶
References: pull request 8977
improve sql schema updates¶
References: pull request 8975
Fix NSECx for unpublished DNSKEYs properly¶
References: pull request 8973
This is the first Release Candidate for version 4.3.0 of the Authoritative Server. The version called 4.3.0-rc1 was never released because of the cache cleanup change mentioned below.
Make sure we look at 10% of all cached items during cleanup (Kees Monshouwer)¶
References: pull request 8924
emit correct NSEC/NSEC3 bitmaps in hidden key situations (Robin Geuze)¶
References: pull request 8936
This is the second beta for version 4.3.0 of the Authoritative Server. We expect this to be the final beta. Please see the upgrade notes for some breaking changes including a mandatory schema upgrade for database backends.
Some minor fixes have been left out from the list below; some other bugs may have been fixed accidentally as a result of the tremendous amount of work that goes into each of our major releases.
As announced in Backend removals in the upcoming Authoritative Server release, we have removed five backends.
add full option to ‘pdns_control show-config’ (Kees Monshouwer)¶
References: pull request 8094
Add ‘IO wait’ and ‘steal’ metrics on Linux¶
References: pull request 8783
API: add includerings option to statistics endpoint¶
References: pull request 8784
Add an extended status report in the bind backend¶
References: pull request 8682
adjust NSEC TTLs to negative TTL¶
References: pull request 8811
Add more SQL schema files to packages and tarballs (Matt Nordhoff)¶
References: pull request 8776
only log “No question section in packet” at Debug logging level¶
References: #7970, pull request 8828
do not update identical notified serials (Kees Monshouwer)¶
References: pull request 8096
IXFR: only sign SOA in empty response for +DO queries¶
References: pull request 8779
Prepare the caches’ buckets in advance¶
References: pull request 8793
Rework NetmaskTree for better CPU and memory efficiency. (Stephan Bosch)¶
References: pull request 8355
Refuse NSEC records with a bitmap length > 32¶
References: pull request 8826
YaHTTP: Support bracketed IPv6 addresses¶
References: pull request 8815
Make sure the default-publish-cds and default-publish-cdnskey options are respected for AXFR (Robin Geuze)¶
References: pull request 8788
This is the first beta for version 4.3.0 of the Authoritative Server. Please see the upgrade notes for some minor breaking changes.
Some minor fixes have been left out from the list below; some other bugs may have been fixed accidentally as a result of the tremendous amount of work that goes into each of our major releases.
As announced in Backend removals in the upcoming Authoritative Server release, we have removed five backends.
add default-publish-{cds|cdnskey} options¶
References: pull request 8594
remotebackend: Support alsoNotifies, setFresh, getUnfreshSlaveInfos¶
References: pull request 8701, pull request 8732
Add support for managing unpublished DNSSEC keys (Robin Geuze, TransIP)¶
References: pull request 8177
allow local-ipv6 until 4.4.0¶
References: pull request 8749
Add metrics about the size of our in-memory rings¶
References: pull request 8681
gpgsqlbackend: stop using prepared statements (Chris Hofstaedtler)¶
References: pull request 8627
Enforce a strict maximum size for the packet and records caches¶
References: pull request 8713
make sure records from LMDB backend end up in the right packet section (Kees Monshouwer)¶
References: pull request 8628
Clear the TSIG algo between iterations in the API¶
References: pull request 8649
HTTP API: Allow DNAME in apex with SOA and NS records¶
References: pull request 8668
remove the implicit 5->7 algorithm upgrade¶
References: pull request 8754
Make Lua mandatory for Auth (Chris Hofstaedtler)¶
References: pull request 8744
This is the first alpha for version 4.3.0 of the Authoritative Server. Please see the upgrade notes for some minor breaking changes.
gmysql backend, add an option to send the SSL capability flag (Kees Monshouwer)¶
References: pull request 8328
pdnsutil: offer to increase serial after edit-zone¶
References: pull request 6496
remove goracle, lua, mydns, opendbx, oracle backends (Kees Monshouwer, Robin Geuze)¶
References: pull request 7455, pull request 8313, pull request 8432, pull request 8434, pull request 8435, pull request 8436
deprecate SOA autocomplete in pdnsutil check-zone (Kees Monshouwer)¶
References: pull request 7918
API: optionally, do not return dnssec info in domain list (zeha)¶
References: pull request 4628
zone file parser: Add a parameter to limit the number of ‘$GENERATE’ steps¶
References: pull request 8451, pull request 8492
api: avoid a large number of new database connections (Kees Monshouwer)¶
References: pull request 8457
Emulate a buffered read in the pipe backend, ~3x faster¶
References: pull request 8159
LUA performance: register lua functions only once (chbruyand)¶
References: pull request 8307
API: make max request/response body size configurable¶
References: pull request 7550
API: add edited_serial to Zone object¶
References: pull request 7962
Improve error when notification comes in for non-slave zone¶
References: pull request 7943
LUA record: rewrote the health checking system¶
References: pull request 8249
various memory/thread correctness fixes¶
References: pull request 8006, pull request 8208, pull request 8350, pull request 8351, pull request 8580, pull request 8601
LUA view: do not crash on empty IP list¶
References: #8572, pull request 8575
REST API: accept headers without spaces¶
References: pull request 8562
on luaSynth exception, drain db output¶
References: #8299, pull request 8301
tinydnsbackend: limit timestamp-based TTLs (smellyspice)¶
References: #7439, pull request 8225
Ensure that pdns can read pdns.conf when upgrading from an older package (mnordhoff)¶
References: pull request 8352
Ixfrdist: handle reading of empty files gracefully¶
References: pull request 8424
webserver: handle exceptions instead of SIGABRTing the world¶
References: pull request 8296