Cross Reference: /netbsd-current/external/bsd/nsd/dist/dbcreate.c

History log of /netbsd-current/external/bsd/nsd/dist/dbcreate.c
Revision (<<< Hide revision tags) (Show revision tags >>>)	Date	Author	Comments
Revision tags: nsd-4-8-0
# 1.1.1.6	17-Feb-2024	christos	Import 4.8.0 (previous was 4.6.0) 29 November 2023: Wouter - Tag for 4.8.0rc1. 28 November 2023: Wouter - Set up doc/RELNOTES for upcoming release. - Fix unit test kill_from_pidfile function for nonexistent files because the argument is evaluated before the test expression. - Fix rr-test to also convert the contents of the just written output file. - Fix test set to remove -f nsd.db and rm nsd.db commands. - Fix test set to remove difffile option. 27 November 2023: Jeroen - Fix #14: Set timeout to 3s when servicing remaining TCP connections. - Fix: Always instate write handler after reading queries from TCP. - Answer first query on connections accepted just before reload. 27 November 2023: Wouter - Merge #305: faster stats. Statistics can be gathered while a reload is in progress. 27 November 2023: Willem - Merge #302: Test package fixes. Correct Auxfiles, kill_from_pidfile function and fix drop_updates, rr-test and xfr_update tests. 1 November 2023: Jeroen - Remove on-disk database. 31 October 2023: Wouter - Merge #301: improve the logging of ixfr fallbacks to axfr. 30 October 2023: Jeroen - Fix processing of consolidated IXFRs. 30 October 2023: Wouter - Fix for interprocess communication to set quit sync command from main process explicitly. 3 October 2023: Wouter - Merge #281: Proxy protocol. An implementation of PROXYv2 for NSD. It can be configured with proxy-protocol-port: portnum with the port number of the interface on which proxy traffic is handled. The interface can support proxy traffic for UDP, TCP and TLS. 21 September 2023: Wouter - Merge #295: Update e-mail addresses, add ref to support contracts 31 August 2023: Wouter - Fix autoconf 2.69 warnings in configure. 14 July 2023: Wouter - Merge #287: Update nsd.conf.5.in. 11 July 2023: Wouter - Fix unused variable warning in unit test of udb. 22 June 2023: Wouter - Fix #284: dnstap_collector.c: SOCK_NONBLOCK is not available on Mac/Darwin. 7 June 2023: Wouter - Merge #282: Improve nsd.conf man page. - Fix unused but set variable warning. - Fix #283: Compile failure in remote.c when --disable-bind8-stats and --without-ssl are specified. 31 May 2023: Wouter - Add missing items to doc/RELNOTES. - Tag for 4.7.0rc1. It became release 4.7.0 on 7 june 2023. The code repository continues with 4.7.1. 30 May 2023: Jeroen - Fix #240: Prefix messages originating from verifier. - Fix #275: Drop unnecessary root server checks. 30 May 2023: Wouter - Next version is 4.7.0, instead of 4.6.2, because of the added features, like TLS for DNSTAP. - Fix unused variable warning in unit test, from clang compile. 24 May 2023: Wouter - For #279: Note that autoreconf -fi creates the configure script and also the needed auxiliary files, for autoconf 2.69 and 2.71. 4 May 2023: Wouter - Fix to remove unused whitespace from acx_nlnetlabs.m4 and config.h. 1 May 2023: Wouter - make depend. - Fix for build to run flex and bison before compiling code that needs the headers. 13 April 2023: Wouter - Fix cirrus script for submit to coverity scan to libtoolize the configure script components config.guess and config.sub. - Fix readme status badge links. 28 March 2023: Wouter - Fix #273: Large TXT record breaks AXFR. - Fix ixfr create from adding too many record types. 16 March 2023: Wouter - Fix include brackets for ssl.h include statements, instead of quotes. - Fix static analyzer warning about nsd_event_method initialization. 15 March 2023: Wouter - Dnstap tls code fixes. 14 March 2023: Wouter - Fix dnstap to not check socket path when using IP address. - dnstap over TLS, default enabled. Configured with the options dnstap-tls, dnstap-tls-server-name, dnstap-tls-cert-bundle, dnstap-tls-client-key-file and dnstap-tls-client-cert-file. - Fix to compile without ssl with dnstap-tls code. 9 March 2023: Wouter - Fix #271: DNSTAP over TCP, with dnstap-ip: "127.0.0.1@3333". - Fix to clean more memory on exit of dnstap collector. 23 February 2023: Wouter - Fix #270: reserved identifier violation. 20 February 2023: Wouter - Merge #269 from Fale: Add systemd service unit. 16 February 2023: Wouter - Fix #266: Fix build with --without-ssl. - Fix #267: Allow unencrypted local operation of nsd-control. - Fix for #267: neater variable definitions. 2 February 2023: Wouter - Merge #265: Fix C99 compatibility issue. 30 January 2023: Wouter - Merge #263: Add bash autocompletion script for nsd-control. - Fix for #262: More error logging for SSL read failures for zone transfers. 27 January 2023: Wouter - Fix #262: Zone(s) not synchronizing properly via TLS. - Fix ixfr_and_restart test to wait for processes to come to a stop. 26 January 2023: Wouter - Fix configure for -Wstrict-prototypes. 10 November 2022: Wouter - Tag for NSD 4.6.1, the repository continues with version 4.6.2. - Fix #239: -Wincompatible-pointer-types warning in remote.c. - Fix unit tests to succeed with --disable-bind8-stats. 1 November 2022: Wouter - Fixup for non-trailing newline lexer change warnings. - Update doc/RELNOTES for changes. - Fix ixfr_gone unit test to not use system default zone list file. - Fix credns tests for vm usage, and not use system default zone list file. - Fix verify tests to use more portable bash location in script. - Fix verify_again test to use ipv4 address for test. 1 November 2022: Tom - Add SVCB dohpath support 28 September 2022: Jeroen - Set ALPN "dot" token during connection establishment as per RFC9103 section 7.1 (Thanks Cesar Kuroiwa). 21 September 2022: Tom - Change zone parsing to accept non-trailing newline. 1 September 2022: Wouter - Merge #231 from moritzbuhl: Fix checking if nonblocking sockets work on OpenBSD. 19 August 2022: Wouter - Update cirrus build script for newer Ubuntu image, and FreeBSD build with libtoolize to install auxiliary files. - Update to clang 14 in cirrus build test on Ubuntu Jammy 22.04. 7 July 2022: Tom - Fix #212: Change commandline control actions to always log. 1 July 2022: Wouter - Fix static analyzer reports, fix wrong log print when skipping xfr, fix to print error on pipe read fail, and assert an xfr is in progress during packet checks.
Revision tags: netbsd-10-0-RC4 netbsd-10-0-RC3 netbsd-10-0-RC2 netbsd-10-0-RC1 netbsd-10-base nsd-4-6-0
# 1.1.1.5	24-Sep-2022	christos	Import nsd-4.6.0; last import was nsd-4.3.5 23 June 2022: Wouter - Tag for 4.6.0rc1. It became 4.6.0 on 30 June 2022, and it continues with version 4.6.1. 17 June 2022: Wouter - Fix compilation with libev, without event_base_loopbreak. 16 June 2022: Wouter - Fix that the unit test verify_repat cleans up nsd on exit. - Fix to remove ixfrcreate.c asserts about uint16 within limits because of warnings from analyzers. 14 June 2022: Wouter - Fix compilation without libevent and compilation of nsd-mem. - Fix verify handler add of sigchld event for compilation without libevent. 3 June 2022: Wouter - Fix static analyzer reports on ixfrcreate temp file. - Fixup wrong ixfrcreate fread return check. 13 May 2022: Wouter - The code repo continues with version 4.5.1. 6 May 2022: Wouter - Merge PR #209: IXFR out This adds IXFR out functionality to NSD. NSD can copy IXFRs from upstream to downstream clients, or create IXFRs from zonefiles. The options store-ixfr: yes and create-ixfr: yes can be used to turn this on. Default is turned off. The options ixfr-number and ixfr-size can be used to tune the number of IXFR transfers and total data size stored. This is configured per zone, the IXFRs are served to the hosts that are allowed to perform zone transfers. And if TSIG is configured, signed with the same key. The content is stored to file if a zonefile is configured for the zone, in the zonefile.ixfr and zonefile.ixfr.2, .. files. They contain readable text format. The number of IXFRs is num.rixfr in statistics output, also per zone if per zone statistics are enabled. If offline, nsd-checkzone -i can create ixfr files. NSD already supports requesting IXFRs, this addition allows NSD to serve IXFR transfers to clients. NSD stops responding with NOTIMPL to IXFR requests, also for zones that do not have IXFR enabled. The clients gets a full zone reply or a status reply if the serial is up to date. - set version to 4.5.0 for feature change. - Tag for 4.5.0rc1 release. It became the 4.5.0 release on 13 May 2022. 14 April 2022: Wouter - Update cirrus script FreeBSD version. 25 March 2022: Wouter - Fix spelling error in comment in svcbparam_lookup_key. 2 March 2022: Wouter - Fix code analyzer zero divide warning. - Fix code analyzer large value with assertion. - Fix another code analyzer zero divide warning. - Fix code analyzer warning about uninitialized temp storage in loop. 10 February 2022: Wouter - Tag for 4.4.0rc1 release. This became 4.4.0 release on 17 Feb 2022, the code repository continues with version 4.4.1. 9 February 2022: Wouter - Fix unit tests for nds-control-setup exit code and the xfrd-tcp-max default. 7 February 2022: Wouter - Merge #207 Sync nsd-control-setup with unbound-control-setup to generate certificates with SANs. 28 January 2022: Wouter - Fix #206: build with --without-ssl fails. 27 January 2022: Wouter - current code branch continues as version 4.4.0, because of added feature. 26 January 2022: Wouter - Merge #193: Lower memory usage of the XFRD process by default. Instead of preallocating all elements, they are allocated when used. There are options for managing the memory usage, defaults are the same as before. xfrd-tcp-max sets the number of sockets for tcp connections that xfrd can make to download zone contents. And xfrd-tcp-pipeline the number of simultaneous transfers over the same connection. 12 January 2022: Wouter - Fix to document nsd-checkzone -p in the man page for nsd-checkzone. 7 January 2022: Wouter - Fix to change file mode before changing file owner for the nsd-control unix socket file. 3 January 2022: Wouter - Merge #204 from jonathangray: correct some spelling mistakes. 15 December 2021: Wouter - Fix #200: nsd-checkzone succeeds even with incorrect serial in SOA record. 2 December 2021: Wouter - Fix socket_partitioning unit test for FreeBSD. - Fix SVCB test to work around older dig with drill. - Fix unit test to not syslog setlogin failures. 1 December 2021: Wouter - Set up for branch for 4.3.9 release. This became release 4.3.9 on 9 Dec 2021 and included the changes until the SVCB fix on 2 dec 2021, but not the setlogin fix. The main branch continues as 4.3.10. - Fix unit tests for new answer-cookie default. 30 November 2021: Wouter - Fix to remove git tracking and ci information from release tarballs. 3 November 2021: Wouter - Fix #198: nsd-control reconfig core dump. 12 October 2021: Wouter - Tag for 4.3.8 release, from 4.3.8rc2. The main branch continues with version 4.3.9 in development. 7 October 2021: Wouter - Set default for answer-cookie to no. Because in server deployments with mixed server software, a default of yes causes issues. - Tag for 4.3.8rc2, includes the new answer-cookie default. 4 October 2021: Wouter - Tag for 4.3.8rc1. 29 September 2021: Wouter - Fix unit tests for svcb and xot to not touch the default zonelistfile. - Fix unit test for xot tertiary config for zonelistfile default. - Fix unit test for dns-cookies for no unshare, and allow-query for no IPv6 loopback. - Fix unit test allow query to check for IPv6. 22 September 2021: Wouter - Fix #194: Incorrect NSEC3 response for SOA query below delegation point. 13 September 2021: Wouter - Fix compile failure with openssl 1.0.2. 3 September 2021: Wouter - Fix not reachable annotation in radix_find_prefix_node. 31 August 2021: Willem - Fix #191: dname_parse_wire() returns fqdn wireformat length. 26 August 2021: Wouter - Fix #190: NSD returns 3 NSEC3 records for NODATA response. 23 August 2021: Wouter - Fix #189: nsd 4.3.7 crash answer_delegation: Assertion `query->delegation_rrset' failed. 17 August 2021: Wouter - Fix #188: NSD fails to build against openssl 1.1 on CentOS 7. - Fix sed script in ssldir split handling. 13 August 2021: Wouter - Merge #187: Support using system-wide crypto policies. 10 August 2021: Wouter - Merge #185 by cesarkuroiwa: Mutual TLS. - Fixes for #185: Document client-cert, client-key and client-key-pw in the man page. Fix yacc semicolon. Fix unused variable warning. Use strlcpy instead of strncpy. Fix spelling error in error printout. 2 August 2021: Wouter - Quieter tpkg/do-tests shell script with -q flag. - For #184: Note that all zones can be targeted by some nsd-control commands in the man page. 30 July 2021: Wouter - Move acx_nlnetlabs.m4 to version 41, with lib64 openssl dir check. - Fix to compile with OpenSSL 3.0.0beta2. - Fix configure detection of SSL_CTX_set_security_level. - Fix deprecated functions use from openssl 3.0.0beta2. 23 July 2021: Wouter - Fix free on shutdown of XoT SSL context. 22 July 2021: Wouter - tag 4.3.7 release, with the fixes between rc1 and this release. - main branch continues for 4.3.8. 20 July 2021: Wouter - Fix typo in xfrd-tcp.c. 15 July 2021: Wouter - tag for 4.3.7rc1. - Fix compile of cookies on FreeBSD without IPv6. - Fix for loop initial declaration for nonc99 compiler. 14 July 2021: Wouter - Fix truncate test for EDNS COOKIE making one less RR is added. - Attempt to fix gcc11 warning. 13 July 2021: Willem - Fixes for child server processes getting out of sync with the dnstap-collector process 13 July 2021: Willem - Interoperable DNS Cookies support as per RFC7873 and RFC9018 9 July 2021: Willem - Client side DNS Zone Transfer-over-TLS (XoT) support as per draft-ietf-dprive-xfr-over-tls 29 June 2021: Willem - Fix #168: Buffer overflow in the dname_to_string() function 14 June 2021: Wouter - Update configure nonblocking test to use host. 25 May 2021: Wouter - Fix #179: log notice and server-count. 21 May 2021: Wouter - Test code has -q option for quiet output. 17 May 2021: Wouter - Update the ACX_CHECK_NONBLOCKING_BROKEN test for the configure script. 7 May 2021: Wouter - Fix #176: please review Loglevel on missing zonefile. 6 May 2021: Wouter - Fix #174: NS Records below delegation are not ignored (nsd-checkzone also does not raise any issue). 4 May 2021: Wouter - Fix SVCB sort call sizeof to be the size of the elements sorted. 29 April 2021: Tom - Implement Syntax of SVCB and HTTPS RR type as per draft-ietf-dnsop-svcb-https 13 April 2021: Wouter - Fix for #128: Skip over sendmmsg invalid argument when port is zero. - Fix #171: Invalid negative response (NSEC3) after IXFR. - Fix to make nsec3_chain_find_prev return NULL if one nsec3 left. - remove debug settings from unit test. 9 April 2021: Wouter - Fix for #170: Fix build warnings when IPv6 is disabled. - Fix #170: Disabled IPv6 and DNSTAP enabled triggers a build error. 30 March 2021: Wouter - Fix configure failure for enable systemd because of autoconf. - This became release 4.3.6, the repository continues for 4.3.7 in development. 29 March 2021: Wouter - Note unlisted changes in RELNOTES and prepare for 4.3.6rc1 tag. 29 March 2021: Willem - Per zone Access Control List for queries with an allow-query: option. 24 March 2021: Wouter - Update acx_nlnetlabs.m4 to version 38, fix deprecation test. - Fix configure to use header checks with compile. - Fix warning about unused function log_addr. 18 March 2021: Tom - Add Extended DNS Errors RFC8914 15 March 2021: Wouter - Fix double config.h include in configlexer.c - Fix to remove configyyrename from makedist.sh and also update the flex and bison rules there to add the "c_" prefix. 13 March 2021: Willem - Fix #154: TXT with parentheses fails in 4.3.5. - Align parsing of TXT elements with how bind does it. - A -p option to nsd-checkzone to print a successfully read zone. 12 March 2021: Wouter - Fix that wildcard is printed as a star instead of escaped, in logs and in written zone files. - Fix unit test for wildcard printout change. 11 March 2021: Wouter - Fix #163: A TSIG noncompliance with RFC 2845. 9 March 2021: Willem - Enable configuring a control-interface by interface name. 19 February 2021: Wouter - Fix segfault on high verbosity for TLS channels with dnstap log local address. 18 February 2021: Wouter - Fix #146 with #147: DNSTAP log the local address of the server with the dnstap logs. 16 February 2021: Wouter - Man page documentation for dnstap options. 8 February 2021: Wouter - Fix AF_LOCAL compile error for Solaris. - Fix ifaddrs compile error for Solaris. - Fix ifaddrs.h compile error for Solaris. 4 February 2021: Wouter - Merge PR #153 from fobser: Repair -fno-common linker errors automatically. - Fix uninitialized access of log_buf in error printout on apply ixfr. 26 January 2021: Wouter - Prevent a few more yacc clashes.
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base nsd-4-3-5
# 1.1.1.4	15-Mar-2021	christos	Import 4.3.5: 19 January 2021: Wouter - Set branch ready for 4.3.5 release. Tag for 4.3.5rc1. Became the 4.3.5 release on 26 january 2021. This branch continues with 4.3.6 in development. 15 January 2021: Wouter - Fix #152: '' in Rdata causes the return code to be NOERROR instead of NX. - Add config.guess and config.sub to .gitignore for autoconf 2.70. - Fix #150: TXT record validation difference with BIND. - Fixup TXT record validation fix for escaped quotes. - Fixup TXT record validation fix for escaped backslashes. - Fixup escape character parse for quoted strings. 11 January 2021: Wouter - Fix #151: DNAME not applied more than once to resolve the query. - Fix dname test for #148. - For #151: fix to not produce loops in output. 5 January 2021: Wouter - Fix configure.ac for autoconf 2.70. 4 January 2021: Wouter - Fix #148: CNAME need not be followed after a synthesized CNAME for a CNAME query. 11 December 2020: Wouter - Fix that nsd-control has timeout when connection is down. - remove windows socket ifdefs from nsd-control. 3 December 2020: Wouter - For #145: Fix that service of remaining TCP and TLS connections does not allow new queries to be made, the connection is closed. Only existing queries and zone transfers are answered, new ones are rejected by a close of the channel. 30 November 2020: Wouter - Fix #144: fix better. 27 November 2020: Wouter - Fix #144: Typo fix in nsd.conf.5.in. 26 November 2020: Wouter - Fix #143: xfrd no hysteresis with NOT IMPLEMENTED rcode. 24 November 2020: Wouter - Merge PR #141: ZONEMD RR type. - tag for 4.3.4rc1. This became 4.3.4 release on 1 dec 2020. The code repo continues for 4.3.5 in development. 23 November 2020: Wouter - Fix #142: NODATA answers missin SOA in authority section after CNAME chain. - Fix for CVE-2020-28935 : Fix that symlink does not interfere with chown of pidfile. - fix writepid for retvalue 0. 9 November 2020: Wouter - Fix #138: NSD returns non-EDNS answer when QUESTION is empty. - Fix to check nscount in previous fix for EDNS in formerr response when there is no question. 28 October 2020: Wouter - Remove unused init_cfg_parse routine from configlexer. 20 October 2020: Wouter - Fix to add missing closest encloser NSEC3 for wildcard nodata type DS answer. 14 October 2020: Wouter - Fix #134: IPV4_MINIMAL_RESPONSE_SIZE vs EDNS_MAX_MESSAGE_LEN. 13 October 2020: Wouter - Fix missing parenthesis on size of fix to init buffer. 12 October 2020: Wouter - Fix #127: two minor `-Wcast-qual` cleanups - Fix #126: minor header hygiene - Fix #125: include config.h in compat/setproctitle.c and fix prototype of `setproctitle` - Fix #133: fix 0-init of local ( stack ) buffer. 8 October 2020: Wouter - tag for 4.3.3 release - current repository contains 4.3.4 in development. - Fix #129: ambiguous use of errno, in log message if sendmmsg fails. - Fix #128: Fix that the invalid port number is logged for sendmmsg failed: Invalid argument. 1 October 2020: Wouter - tag for 4.3.3rc1 release. 30 September 2020: Wouter - Updated date in nsd -v output. - Fixup bug013_truncate, checkconf and cutest_qroot tests for new default EDNS size. 29 September 2020: Willem - Follow DNS flag day 2020 advice and set default EDNS message size to 1232. 4 September 2020: Wouter - Remove unused space from LIBS on link line. 3 September 2020: Wouter - Merge PR #121: Increase log level of recreated database from WARNING to ERR. 1 September 2020: Wouter - Fix #119: fix compile warnings from new gcc. - Fix #119: warn when trying to parse a directory. 27 August 2020: Wouter - Merged PR #113 with fixes. Instead of listing an IP-address to listen on, an interface name can be specified in nsd.conf, with ip-address: eth0. The IP-addresses for that interface are then used. 26 August 2020: Wouter - Add xstrdup for PR #113. - Tidy up code like in PR #113. - Import code from PR #113. - Fix for unknown EVP_MAC_CTX_free function in openssl 3.0.0 tsig code. 24 August 2020: Wouter - Fix that configure checks for EVP_sha256 to detect openssl, because HMAC_CTX_new is deprecated in 3.0.0. - Port TSIG code for openssl 3.0.0-alpha6. - Sync acx_nlnetlabs.m4 with the unbound repo. - Review fixes for tsig, defensive free and zero. 4 August 2020: Wouter - Merge #117: mini_event.h (4.3.2 and 4.3.1) on OpenBSD cannot find fd_set - patch. 23 July 2020: Wouter - Merge #115 from millert: Fix strlcpy() usage. From OpenBSD. 15 July 2020: Wouter - Fix make install with --with-pidfile="". 14 July 2020: Wouter - Tag for 4.3.2 release. Master branch contains the next version in development, 4.3.3. 7 July 2020: Wouter - Tag for 4.3.2rc1. 6 July 2020: Wouter - Fix compile includes for xfr-inspect tool on FreeBSD. - Add tpkg/run_vm.sh that runs test when in a virtual machine. - Merge #112 from jaredmauch: log old and new serials when NSD rejects an IXFR due to an old serial number. - Fix bug034 test for vm test changes. 22 June 2020: Wouter - Remove errno reset behaviour from sendmmsg and recvmmsg replacement functions. - Fix unit test for different nsd-control-setup -h exit code. 19 June 2020: Wouter - Merge #108 from Nomis: Make the max-retry-time description clearer. - Retry when udp send buffer is full to wait until buffer space is available. 18 June 2020: Wouter - Do not log EAGAIN errors for sendmmsg, to stop log spam on OpenBSD. 17 June 2020: Wouter - Fix #107: nsd -v shows configure line, openssl version and libevent version. 27 May 2020: Wouter - Fix unlink of pidfile warning if not possible due to permissions, nsd can display the message at high verbosity levels. - Update contrib/nsd.service for chown of nsd.log and /var/log in ReadWritePaths. - Removed contrib/nsd.service, example is too complicated and not useful. 15 May 2020: Wouter - Merge PR#102 from and0x000: add missing default in documentation for drop-updates. - Fix checkconf test for log-only-syslog option. 14 May 2020: Wouter - Document default value for tcp-timeout. 13 May 2020: Jeroen - Fix #99: Fix copying of socket properties with reuseport enabled. 24 April 2020: Wouter - Fix #97: EDNS unknown version: query not in response. 21 April 2020: Wouter - Fix #96: log-only-syslog: yes sets to only use syslog, fixes that the default configuration and systemd results in duplicate log messages. 20 April 2020: Wouter - Fix #95: Removed make test check because tpkg not included in release tarballs. - Fix unused parameter compile warnings. 16 April 2020: Wouter - Tag for 4.3.1 release and track 4.3.2 release in code repository. - note sha256 digest algo use in makedist.sh. - Fix for posix shell syntax for trap in nsd-control-setup. - Fix to omit the listen-on lines from log at startup, unless verbose. - Fix uninitialised values for bindtodevice option at startup with reuseport and multiple interfaces. 8 April 2020: Wouter - Tag for 4.3.1rc2. 7 April 2020: Wouter - Merge PR #91 by gearnode: nsd-control-setup recreate certificates. The '-r' option recreates certificates. Without it it creates them if they do not exist, and does not modify them otherwise. 6 April 2020: Wouter - Merge PR #90 by phicoh: O_CLOEXEC should be FD_CLOEXEC. - Merge PR #92 by tonysgi: Fix typo. 2 April 2020: Wouter - Tag for 4.3.1rc1. 1 April 2020: Wouter - Fix for whitespace in minimal responses test for FreeBSD. 25 March 2020: Wouter - Merge PR #86 from noloader: Use precious variables for GREP, EGREP, SED, AWK, LEX and YACC. - For PR #86: Fix that programs loaded after CFLAGS and stuff is set, specifically the compiler, so that it can work if it needs special flags from that. Fix that lex only needs to support -i if actually defined, otherwise the output included in the source tarball can be used. - Merge PR #72 from noloader: Increase Travis testing coverage 23 March 2020: Wouter - Fix unterminated ifdef in nsd.h. - Fix unknown u_long in util.c for Issue #80 . 20 March 2020: Wouter - Merge PR #83 from noloader: Fix GNU HURD sched_setaffinity compile. - Fix #82: print error when system does not have setaffinity. - Fix #80: NetBSD and implicit declaration of reallocarray. - Fix for #80: Fix reallocarray test to define before include. - Fix for #80: Define alternatives for IFNAMSIZ if it does not exist. 19 March 2020: Wouter - Fix #76: cpuid typedef for Hurd, DragonflyBSD compile. - Fix #75: configure test for sched_setaffinity, and use cpuset_setaffinity otherwise. Also test for presence of sysconf. - Fix #74: GNU Hurd fix cast from pointer to integer of different size. - Fix for #74, #75: cpuset test for header contents and provide code. - Fix #78: Fix SO_SETFIB error on FreeBSD. 18 March 2020: Wouter - Fix #70: error: 'fd_set' undeclared. - Fix #71: error: 'for' loop initial declaration used outside C99 mode. - Fix to move declarations out of for loops in event test too. - Fix to move declarations out of for loops in popen3 test too. - Another fix to move declaration out of for loop for event test. - Fix to move declarations out of for loops in cutest regex display. 17 March 2020: Wouter - tag for 4.3.0 release and master branch has version 4.3.1. 10 March 2020: Wouter - repository has version number 4.3.0. Tag for 4.3.0rc1. 3 March 2020: Wouter - Fix that the retry wait does not exceed one day for zone transfers. 27 February 2020: Wouter - Fix warning on FreeBSD about pointer size cast. 26 February 2020: Wouter - Fixup fix of reuseport TCP for server close of sockets not used by it. And the unit test skips when the necessary debug output is not enabled. 25 February 2020: Wouter - Fix event unit test, signal has to be registered with signal_add, event_add not for every backend for signals. The event_initialized is not possible for every backend, so event_added variable. The agent write event fires after a timeout, instead of on event write so that it does not trigger a sigpipe event when the handlers stop. Timeout shorted to 0.1 second. event_get_fd was not implemented, so used ev_fd. Debug output printfs added to see what happens. - Fix checkconf test for new drop-updates config option. - Fix errors with reuseport and TCP file descriptors, it was closing them for server-1 in server-2 and server-3.. 7 February 2020: Jeroen - Add feature to drop queries with opcode UPDATE. 6 February 2020: Jeroen - Support SO_BINDTODEVICE on Linux. Specify bindtodevice: yes to bind sockets directly to the network interface. - Support SO_SETFIB on FreeBSD. Add setfib=<FIB> after an ip-address option to use the specified FIB for that socket. - Require user to add servers=<range> after an ip-address option to specify the servers that must listen on that socket. 6 February 2020: Wouter - Merge PR#60: Minor portability fixes from michaelforney, with avoid pointer arithmetic on void and avoid unnecessary VLA. 4 February 2020: Wouter - Merge PR#22: minimise-any: prefer polular and not large RRset, from Daisuke Higashi. - Fix responses for IXFR so that the authority section is not echoed in the response. 21 January 2020: Wouter - Fix leak in server bitset setup. 16 January 2020: Jeroen - Add zone resource record iterator for future zone-verification port. - Set FD_CLOEXEC on opened sockets. - Add popen3 implementation for future zone-verification port. - Add -r option to cutest so that a subset of tests can be run. 15 January 2020: Jeroen - Add feature to pin server proccesses to specific cpus. - Add feature to pin IP addresses to selected server processes. - Set process title to identify individual processes. 13 January 2020: Wouter - Merge pull request #59 from buddyns: add FreeBSD support for conf key ip-transparent. 10 January 2020: Wouter - Fix unreachable code in ssl set options code. - Fix bad shift in assertion code analyzer complaint. 6 January 2020: Wouter - Fix #56: Drop sparse TSIG signing support in NSD. Sign every axfr packet with TSIG, according to the latest draft-ietf-dnsop-rfc2845bis-06, Section 5.3.1. 12 December 2019: Wouter - Note that use-systemd is not necessary and ignored in man page. 11 December 2019: Wouter - Fix whitespace in nsd.conf.sample.in, patch from Paul Wouters. - use-systemd is ignored in nsd.conf, when NSD is compiled with libsystemd it always signals readiness, if possible. 9 December 2019: Wouter - Fix to define upper bounds on rr counts read from untrusted packet data. - Try different annotation for radix_find_prefix_node not reachable. - Separate acl_addr_match_range functions for ip4 and ip6, to please checkers. - Avoid unused variable warning in new match_range_v4 function. 6 December 2019: Wouter - Fix to define max number of EDNS records we are willing to spend time on. - Fix size of string len and capacity type cast in udbradtree. - Fix to protect rrcount in tsig_find_rr from overflow. - Annotate radix_find_prefix_node not reachable trail code. - Fix to protect rrcount in packet_find_notify_serial from overflow. - Fix to close socket on error in create_tcp_accept_sock. - Fix to log on failure to chmod for socket for remote control. - Fix to remove unneeded if in open of socket for remote control. - Fix to restore input parameter on call failure in create_dirs. - Please checker by terminating and initialising string read by remote control. - Fixup of random_generate negative modulo, from previous commit, and return srandom when random is used if no getrandom. 5 December 2019: Wouter - Fix fname null check of fname in namedb_read_zonefile. - Fix implicit cast of size in udb_radnode_array_grow. - Fix ignore of return value of ssl_printf in remote.c. - Fix unused check of fd in parent_handle_reload_command. - Fix to use getrandom() for randomness, if available. - Attempt to fix signedness of nscount lookup in ixfr query_process. - Fix identical branches for ssl_print of errors in remote.c. - Fix type cast bounds, signedness of opt_rdlen in edns_parse_record. - Fix to separate header and data lines in parse_zone_list_file.
Revision tags: netbsd-9-3-RELEASE netbsd-9-2-RELEASE netbsd-9-1-RELEASE phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406 netbsd-9-0-RELEASE netbsd-9-0-RC2 nsd-4-2-4 netbsd-9-0-RC1 phil-wifi-20191119 netbsd-9-base phil-wifi-20190609 nsd-4-1-27 nsd-4-1-26 pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 nsd-4-1-24
# 1.1.1.3	03-Sep-2018	christos	Import nsd-4.1.24 6 August 2018: Wouter - tag for 4.1.24 release. 30 July 2018: Wouter - Tag for NSD 4.1.23 release, trunk is 4.1.24, includes fix NSD time sensitive TSIG compare vulnerability. - Fix checkconf test for use-systemd option. 25 July 2018: Wouter - #4133: Fix that when IXFR contains a zone with broken NSEC3PARAM chain, NSD leniently attempts to find a working NSEC3PARAM. 23 July 2018: Wouter - Remove socket activation from systemd code, it was reported as not useful to enable. The readiness signalling is still there, and can be enabled with use-systemd: yes. - Only call sd_notify from systemd when use-systemd is yes. 6 July 2018: Wouter - RFC8162 support, for record type SMIMEA. - Fix that type CAA (and URI) in the zone file can contain dots when not in quotes. 26 June 2018: Wouter - configure --enable-systemd (needs pkg-config and libsystemd) can be used to then use-systemd: yes in nsd.conf and use socket activation and readiness signalling with systemd. 19 June 2018: Wouter - #4106: Fix that stats printed from nsd-control are recast from unsigned long to unsigned (remote.c). 14 June 2018: Wouter - Fix that first control-interface determines if TLS is used. Warn when IP address interfaces are used without TLS. 12 June 2018: Wouter - #4102: control interface via local socket. configure it with control-interface: "/path/nsd.ctl" The path has to start with a / to separate it from an IP address. The local socket does not use SSL, but unencrypted traffic, use file and containing directory permissions to restrict access. 6 June 2018: Wouter - Patch to fix openwrt for mac os build darwin detection in configure. 4 June 2018: Wouter - tag for 4.1.22rc1. Became 4.1.22 on 11 June, trunk is 4.1.23 in development from this point. 31 May 2018: Wouter - Fix to use same condition for nsec3 hash allocation and free. 23 May 2018: Wouter - Use accept4 to speed up answer of TCP queries, on Linux and FreeBSD and OpenBSD. 22 May 2018: Wouter - Fix nsec3 hash of parent and child co-hosted nsec3 enabled zones. 15 May 2018: Wouter - Fix memory free in unit test. 14 May 2018: Wouter - Tag for 4.1.21 release. - trunk has 4.1.22 in development. - refuse-any sends truncation (+TC) in reply to ANY queries over UDP, and allows TCP queries like normal. 7 May 2018: Wouter - Tag for 4.1.21rc1 release. 4 May 2018: Wouter - Fix #4093: Release notes not using 2018. 3 May 2018: Wouter - Fix buffer size warnings from compiler on filename lengths. 26 April 2018: Wouter - lower memory usage for tcp connections, so tcp-count can be higher. - Fix checkconf test for refuse-any option. 3 April 2018: Wouter - refuse-any nsd.conf option that refuses queries of type ANY. 5 March 2018: Wouter - Fix #3562: explain build error when flex missing. 20 February 2018: Wouter - For more clang warnings - Fix spelling error in xfr-inspect. 19 February 2018: Wouter - Fix for clang analysis complaints. 15 February 2018: Wouter - --enable-memclean cleans up memory for use with memory checkers, eg. valgrind. - Fix unused variable warnings from clang analyzer. 14 February 2018: Wouter - updated RELNOTES for upcoming release. - tag 4.1.20rc1, became release on 20 feb, trunk has 4.1.21 in development. 9 February 2018: Wouter - make depend: updated the make dependencies in the Makefile. 8 February 2018: Wouter - Fix memory leak when rehashing nsec3 after axfr or zonefile read, in the selectively allocated precompiled nsec3 hashes. 6 February 2018: Wouter - Fix memory leak in zone file read of unknown rr formatted RRs.
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base nsd-4-1-19
# 1.1.1.2	09-Feb-2018	christos	branches: 1.1.1.2.2; 1.1.1.2.4; NSD 4.1.19 Dec 11, 2017 Bugfixes ignore fallthrough compiler warning in flex EOF rule. Fix warnings emitted by clang for --enable-packed. Alignment is not a problem for x86_64, don't enable packed when the platform requires aligned access. Fix spelling error in xfr-inspect. Fix 3392: Fix regression in 4.1.18 for notify lists with ip4 and ip6 targets. Add test for support of -Wno-address-of-packed-member for --enable-packed. NSD 4.1.18 Nov 30, 2017 Features xfr-inspect, it is not installed, it prints xfr files from /tmp made with 'make xfr-inspect' in the source dir. retry timeout between sending notifies dropped from 15 to 3 sec. NSD sends 16 notifies simultaneously. configure --enable-packed reduces memory usage, at expense of unaligned reads. Saves about 17%. Save memory by selectively allocate precompiled nsec3 hashes, saves about 16% memory. make ip-transparent option work on OpenBSD. Save about 2% memory by changing usage count size in name tree. Fix #2871: Increase number of sockets for xfrd transfers. Bugfixes Fix gcc 7.1.1 warnings. Fix writev compile warning on FreeBSD. Fix #1446: A corrupted zone file "propagates" to good ones. nsd-control zonestatus prints wait time between attempts, for zones that are in that waiting time. Fix collision printout of nsec3 to print name, hash and reverse. Fix #1567: Change crit to err log level for gettimeofday failure. Add defines for compile without syslog. Fix crash for DS query when parent and child zones both configured in nsd.conf and parent zone has not loaded properly. NSD 4.1.17 Jul 21, 2017 Features zone parser parses type AVC (it has TXT format). Fix #1272: use writev to put tcp length field with data for outgoing zone transfer requests. Bugfixes Fix potential null pointer in nsec3 adjustment tree. Fix text format of deletes for CDS and CDNSKEY, single 0 to represent empty base64 or hex string. NSD 4.1.16 Apr 25, 2017 Features zone parser can parse acronyms for algorithms ED25519 and ED448. Fix 1243: Option to make NSD emit really minimal responses, minimal-responses: yes in nsd.conf. Bugfixes Calculate new udb index after growing the array, fix from Chaofeng Liu. Fix missing _t to _type conversion for disable-radix-tree option. Printout serial error with hint it may be too big. Fix 1228: OpenSSL include is not guarded with HAVE_SSL Patch for expire state in multi-master when masters includes broken master, from Manabu Sonoda. minor manpage fix. NSD 4.1.15 Feb 16, 2017 Bugfixes Fix nsd-control and ipv6 only. Squelch zone transfer error address family not supported by protocol at low verbosity levels. Fix #1195: Fix so that NSD fails on non-compliant values for Serial. Fix to rename _t typedefs because POSIX reserves them. Fix that nsec3 hash collisions only reported on verbosity level 3.
Revision tags: netbsd-8-0-RELEASE netbsd-8-0-RC2 netbsd-8-0-RC1 matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 bouyer-socketcan-base nsd-4-1-14
# 1.1.1.1	07-Jan-2017	christos	branches: 1.1.1.1.4; 1.1.1.1.8; Import nsd
Revision tags: nsd-4-6-0
# 1.1.1.5	24-Sep-2022	christos	Import nsd-4.6.0; last import was nsd-4.3.5 23 June 2022: Wouter - Tag for 4.6.0rc1. It became 4.6.0 on 30 June 2022, and it continues with version 4.6.1. 17 June 2022: Wouter - Fix compilation with libev, without event_base_loopbreak. 16 June 2022: Wouter - Fix that the unit test verify_repat cleans up nsd on exit. - Fix to remove ixfrcreate.c asserts about uint16 within limits because of warnings from analyzers. 14 June 2022: Wouter - Fix compilation without libevent and compilation of nsd-mem. - Fix verify handler add of sigchld event for compilation without libevent. 3 June 2022: Wouter - Fix static analyzer reports on ixfrcreate temp file. - Fixup wrong ixfrcreate fread return check. 13 May 2022: Wouter - The code repo continues with version 4.5.1. 6 May 2022: Wouter - Merge PR #209: IXFR out This adds IXFR out functionality to NSD. NSD can copy IXFRs from upstream to downstream clients, or create IXFRs from zonefiles. The options store-ixfr: yes and create-ixfr: yes can be used to turn this on. Default is turned off. The options ixfr-number and ixfr-size can be used to tune the number of IXFR transfers and total data size stored. This is configured per zone, the IXFRs are served to the hosts that are allowed to perform zone transfers. And if TSIG is configured, signed with the same key. The content is stored to file if a zonefile is configured for the zone, in the zonefile.ixfr and zonefile.ixfr.2, .. files. They contain readable text format. The number of IXFRs is num.rixfr in statistics output, also per zone if per zone statistics are enabled. If offline, nsd-checkzone -i can create ixfr files. NSD already supports requesting IXFRs, this addition allows NSD to serve IXFR transfers to clients. NSD stops responding with NOTIMPL to IXFR requests, also for zones that do not have IXFR enabled. The clients gets a full zone reply or a status reply if the serial is up to date. - set version to 4.5.0 for feature change. - Tag for 4.5.0rc1 release. It became the 4.5.0 release on 13 May 2022. 14 April 2022: Wouter - Update cirrus script FreeBSD version. 25 March 2022: Wouter - Fix spelling error in comment in svcbparam_lookup_key. 2 March 2022: Wouter - Fix code analyzer zero divide warning. - Fix code analyzer large value with assertion. - Fix another code analyzer zero divide warning. - Fix code analyzer warning about uninitialized temp storage in loop. 10 February 2022: Wouter - Tag for 4.4.0rc1 release. This became 4.4.0 release on 17 Feb 2022, the code repository continues with version 4.4.1. 9 February 2022: Wouter - Fix unit tests for nds-control-setup exit code and the xfrd-tcp-max default. 7 February 2022: Wouter - Merge #207 Sync nsd-control-setup with unbound-control-setup to generate certificates with SANs. 28 January 2022: Wouter - Fix #206: build with --without-ssl fails. 27 January 2022: Wouter - current code branch continues as version 4.4.0, because of added feature. 26 January 2022: Wouter - Merge #193: Lower memory usage of the XFRD process by default. Instead of preallocating all elements, they are allocated when used. There are options for managing the memory usage, defaults are the same as before. xfrd-tcp-max sets the number of sockets for tcp connections that xfrd can make to download zone contents. And xfrd-tcp-pipeline the number of simultaneous transfers over the same connection. 12 January 2022: Wouter - Fix to document nsd-checkzone -p in the man page for nsd-checkzone. 7 January 2022: Wouter - Fix to change file mode before changing file owner for the nsd-control unix socket file. 3 January 2022: Wouter - Merge #204 from jonathangray: correct some spelling mistakes. 15 December 2021: Wouter - Fix #200: nsd-checkzone succeeds even with incorrect serial in SOA record. 2 December 2021: Wouter - Fix socket_partitioning unit test for FreeBSD. - Fix SVCB test to work around older dig with drill. - Fix unit test to not syslog setlogin failures. 1 December 2021: Wouter - Set up for branch for 4.3.9 release. This became release 4.3.9 on 9 Dec 2021 and included the changes until the SVCB fix on 2 dec 2021, but not the setlogin fix. The main branch continues as 4.3.10. - Fix unit tests for new answer-cookie default. 30 November 2021: Wouter - Fix to remove git tracking and ci information from release tarballs. 3 November 2021: Wouter - Fix #198: nsd-control reconfig core dump. 12 October 2021: Wouter - Tag for 4.3.8 release, from 4.3.8rc2. The main branch continues with version 4.3.9 in development. 7 October 2021: Wouter - Set default for answer-cookie to no. Because in server deployments with mixed server software, a default of yes causes issues. - Tag for 4.3.8rc2, includes the new answer-cookie default. 4 October 2021: Wouter - Tag for 4.3.8rc1. 29 September 2021: Wouter - Fix unit tests for svcb and xot to not touch the default zonelistfile. - Fix unit test for xot tertiary config for zonelistfile default. - Fix unit test for dns-cookies for no unshare, and allow-query for no IPv6 loopback. - Fix unit test allow query to check for IPv6. 22 September 2021: Wouter - Fix #194: Incorrect NSEC3 response for SOA query below delegation point. 13 September 2021: Wouter - Fix compile failure with openssl 1.0.2. 3 September 2021: Wouter - Fix not reachable annotation in radix_find_prefix_node. 31 August 2021: Willem - Fix #191: dname_parse_wire() returns fqdn wireformat length. 26 August 2021: Wouter - Fix #190: NSD returns 3 NSEC3 records for NODATA response. 23 August 2021: Wouter - Fix #189: nsd 4.3.7 crash answer_delegation: Assertion `query->delegation_rrset' failed. 17 August 2021: Wouter - Fix #188: NSD fails to build against openssl 1.1 on CentOS 7. - Fix sed script in ssldir split handling. 13 August 2021: Wouter - Merge #187: Support using system-wide crypto policies. 10 August 2021: Wouter - Merge #185 by cesarkuroiwa: Mutual TLS. - Fixes for #185: Document client-cert, client-key and client-key-pw in the man page. Fix yacc semicolon. Fix unused variable warning. Use strlcpy instead of strncpy. Fix spelling error in error printout. 2 August 2021: Wouter - Quieter tpkg/do-tests shell script with -q flag. - For #184: Note that all zones can be targeted by some nsd-control commands in the man page. 30 July 2021: Wouter - Move acx_nlnetlabs.m4 to version 41, with lib64 openssl dir check. - Fix to compile with OpenSSL 3.0.0beta2. - Fix configure detection of SSL_CTX_set_security_level. - Fix deprecated functions use from openssl 3.0.0beta2. 23 July 2021: Wouter - Fix free on shutdown of XoT SSL context. 22 July 2021: Wouter - tag 4.3.7 release, with the fixes between rc1 and this release. - main branch continues for 4.3.8. 20 July 2021: Wouter - Fix typo in xfrd-tcp.c. 15 July 2021: Wouter - tag for 4.3.7rc1. - Fix compile of cookies on FreeBSD without IPv6. - Fix for loop initial declaration for nonc99 compiler. 14 July 2021: Wouter - Fix truncate test for EDNS COOKIE making one less RR is added. - Attempt to fix gcc11 warning. 13 July 2021: Willem - Fixes for child server processes getting out of sync with the dnstap-collector process 13 July 2021: Willem - Interoperable DNS Cookies support as per RFC7873 and RFC9018 9 July 2021: Willem - Client side DNS Zone Transfer-over-TLS (XoT) support as per draft-ietf-dprive-xfr-over-tls 29 June 2021: Willem - Fix #168: Buffer overflow in the dname_to_string() function 14 June 2021: Wouter - Update configure nonblocking test to use host. 25 May 2021: Wouter - Fix #179: log notice and server-count. 21 May 2021: Wouter - Test code has -q option for quiet output. 17 May 2021: Wouter - Update the ACX_CHECK_NONBLOCKING_BROKEN test for the configure script. 7 May 2021: Wouter - Fix #176: please review Loglevel on missing zonefile. 6 May 2021: Wouter - Fix #174: NS Records below delegation are not ignored (nsd-checkzone also does not raise any issue). 4 May 2021: Wouter - Fix SVCB sort call sizeof to be the size of the elements sorted. 29 April 2021: Tom - Implement Syntax of SVCB and HTTPS RR type as per draft-ietf-dnsop-svcb-https 13 April 2021: Wouter - Fix for #128: Skip over sendmmsg invalid argument when port is zero. - Fix #171: Invalid negative response (NSEC3) after IXFR. - Fix to make nsec3_chain_find_prev return NULL if one nsec3 left. - remove debug settings from unit test. 9 April 2021: Wouter - Fix for #170: Fix build warnings when IPv6 is disabled. - Fix #170: Disabled IPv6 and DNSTAP enabled triggers a build error. 30 March 2021: Wouter - Fix configure failure for enable systemd because of autoconf. - This became release 4.3.6, the repository continues for 4.3.7 in development. 29 March 2021: Wouter - Note unlisted changes in RELNOTES and prepare for 4.3.6rc1 tag. 29 March 2021: Willem - Per zone Access Control List for queries with an allow-query: option. 24 March 2021: Wouter - Update acx_nlnetlabs.m4 to version 38, fix deprecation test. - Fix configure to use header checks with compile. - Fix warning about unused function log_addr. 18 March 2021: Tom - Add Extended DNS Errors RFC8914 15 March 2021: Wouter - Fix double config.h include in configlexer.c - Fix to remove configyyrename from makedist.sh and also update the flex and bison rules there to add the "c_" prefix. 13 March 2021: Willem - Fix #154: TXT with parentheses fails in 4.3.5. - Align parsing of TXT elements with how bind does it. - A -p option to nsd-checkzone to print a successfully read zone. 12 March 2021: Wouter - Fix that wildcard is printed as a star instead of escaped, in logs and in written zone files. - Fix unit test for wildcard printout change. 11 March 2021: Wouter - Fix #163: A TSIG noncompliance with RFC 2845. 9 March 2021: Willem - Enable configuring a control-interface by interface name. 19 February 2021: Wouter - Fix segfault on high verbosity for TLS channels with dnstap log local address. 18 February 2021: Wouter - Fix #146 with #147: DNSTAP log the local address of the server with the dnstap logs. 16 February 2021: Wouter - Man page documentation for dnstap options. 8 February 2021: Wouter - Fix AF_LOCAL compile error for Solaris. - Fix ifaddrs compile error for Solaris. - Fix ifaddrs.h compile error for Solaris. 4 February 2021: Wouter - Merge PR #153 from fobser: Repair -fno-common linker errors automatically. - Fix uninitialized access of log_buf in error printout on apply ixfr. 26 January 2021: Wouter - Prevent a few more yacc clashes.
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base nsd-4-3-5
# 1.1.1.4	15-Mar-2021	christos	Import 4.3.5: 19 January 2021: Wouter - Set branch ready for 4.3.5 release. Tag for 4.3.5rc1. Became the 4.3.5 release on 26 january 2021. This branch continues with 4.3.6 in development. 15 January 2021: Wouter - Fix #152: '' in Rdata causes the return code to be NOERROR instead of NX. - Add config.guess and config.sub to .gitignore for autoconf 2.70. - Fix #150: TXT record validation difference with BIND. - Fixup TXT record validation fix for escaped quotes. - Fixup TXT record validation fix for escaped backslashes. - Fixup escape character parse for quoted strings. 11 January 2021: Wouter - Fix #151: DNAME not applied more than once to resolve the query. - Fix dname test for #148. - For #151: fix to not produce loops in output. 5 January 2021: Wouter - Fix configure.ac for autoconf 2.70. 4 January 2021: Wouter - Fix #148: CNAME need not be followed after a synthesized CNAME for a CNAME query. 11 December 2020: Wouter - Fix that nsd-control has timeout when connection is down. - remove windows socket ifdefs from nsd-control. 3 December 2020: Wouter - For #145: Fix that service of remaining TCP and TLS connections does not allow new queries to be made, the connection is closed. Only existing queries and zone transfers are answered, new ones are rejected by a close of the channel. 30 November 2020: Wouter - Fix #144: fix better. 27 November 2020: Wouter - Fix #144: Typo fix in nsd.conf.5.in. 26 November 2020: Wouter - Fix #143: xfrd no hysteresis with NOT IMPLEMENTED rcode. 24 November 2020: Wouter - Merge PR #141: ZONEMD RR type. - tag for 4.3.4rc1. This became 4.3.4 release on 1 dec 2020. The code repo continues for 4.3.5 in development. 23 November 2020: Wouter - Fix #142: NODATA answers missin SOA in authority section after CNAME chain. - Fix for CVE-2020-28935 : Fix that symlink does not interfere with chown of pidfile. - fix writepid for retvalue 0. 9 November 2020: Wouter - Fix #138: NSD returns non-EDNS answer when QUESTION is empty. - Fix to check nscount in previous fix for EDNS in formerr response when there is no question. 28 October 2020: Wouter - Remove unused init_cfg_parse routine from configlexer. 20 October 2020: Wouter - Fix to add missing closest encloser NSEC3 for wildcard nodata type DS answer. 14 October 2020: Wouter - Fix #134: IPV4_MINIMAL_RESPONSE_SIZE vs EDNS_MAX_MESSAGE_LEN. 13 October 2020: Wouter - Fix missing parenthesis on size of fix to init buffer. 12 October 2020: Wouter - Fix #127: two minor `-Wcast-qual` cleanups - Fix #126: minor header hygiene - Fix #125: include config.h in compat/setproctitle.c and fix prototype of `setproctitle` - Fix #133: fix 0-init of local ( stack ) buffer. 8 October 2020: Wouter - tag for 4.3.3 release - current repository contains 4.3.4 in development. - Fix #129: ambiguous use of errno, in log message if sendmmsg fails. - Fix #128: Fix that the invalid port number is logged for sendmmsg failed: Invalid argument. 1 October 2020: Wouter - tag for 4.3.3rc1 release. 30 September 2020: Wouter - Updated date in nsd -v output. - Fixup bug013_truncate, checkconf and cutest_qroot tests for new default EDNS size. 29 September 2020: Willem - Follow DNS flag day 2020 advice and set default EDNS message size to 1232. 4 September 2020: Wouter - Remove unused space from LIBS on link line. 3 September 2020: Wouter - Merge PR #121: Increase log level of recreated database from WARNING to ERR. 1 September 2020: Wouter - Fix #119: fix compile warnings from new gcc. - Fix #119: warn when trying to parse a directory. 27 August 2020: Wouter - Merged PR #113 with fixes. Instead of listing an IP-address to listen on, an interface name can be specified in nsd.conf, with ip-address: eth0. The IP-addresses for that interface are then used. 26 August 2020: Wouter - Add xstrdup for PR #113. - Tidy up code like in PR #113. - Import code from PR #113. - Fix for unknown EVP_MAC_CTX_free function in openssl 3.0.0 tsig code. 24 August 2020: Wouter - Fix that configure checks for EVP_sha256 to detect openssl, because HMAC_CTX_new is deprecated in 3.0.0. - Port TSIG code for openssl 3.0.0-alpha6. - Sync acx_nlnetlabs.m4 with the unbound repo. - Review fixes for tsig, defensive free and zero. 4 August 2020: Wouter - Merge #117: mini_event.h (4.3.2 and 4.3.1) on OpenBSD cannot find fd_set - patch. 23 July 2020: Wouter - Merge #115 from millert: Fix strlcpy() usage. From OpenBSD. 15 July 2020: Wouter - Fix make install with --with-pidfile="". 14 July 2020: Wouter - Tag for 4.3.2 release. Master branch contains the next version in development, 4.3.3. 7 July 2020: Wouter - Tag for 4.3.2rc1. 6 July 2020: Wouter - Fix compile includes for xfr-inspect tool on FreeBSD. - Add tpkg/run_vm.sh that runs test when in a virtual machine. - Merge #112 from jaredmauch: log old and new serials when NSD rejects an IXFR due to an old serial number. - Fix bug034 test for vm test changes. 22 June 2020: Wouter - Remove errno reset behaviour from sendmmsg and recvmmsg replacement functions. - Fix unit test for different nsd-control-setup -h exit code. 19 June 2020: Wouter - Merge #108 from Nomis: Make the max-retry-time description clearer. - Retry when udp send buffer is full to wait until buffer space is available. 18 June 2020: Wouter - Do not log EAGAIN errors for sendmmsg, to stop log spam on OpenBSD. 17 June 2020: Wouter - Fix #107: nsd -v shows configure line, openssl version and libevent version. 27 May 2020: Wouter - Fix unlink of pidfile warning if not possible due to permissions, nsd can display the message at high verbosity levels. - Update contrib/nsd.service for chown of nsd.log and /var/log in ReadWritePaths. - Removed contrib/nsd.service, example is too complicated and not useful. 15 May 2020: Wouter - Merge PR#102 from and0x000: add missing default in documentation for drop-updates. - Fix checkconf test for log-only-syslog option. 14 May 2020: Wouter - Document default value for tcp-timeout. 13 May 2020: Jeroen - Fix #99: Fix copying of socket properties with reuseport enabled. 24 April 2020: Wouter - Fix #97: EDNS unknown version: query not in response. 21 April 2020: Wouter - Fix #96: log-only-syslog: yes sets to only use syslog, fixes that the default configuration and systemd results in duplicate log messages. 20 April 2020: Wouter - Fix #95: Removed make test check because tpkg not included in release tarballs. - Fix unused parameter compile warnings. 16 April 2020: Wouter - Tag for 4.3.1 release and track 4.3.2 release in code repository. - note sha256 digest algo use in makedist.sh. - Fix for posix shell syntax for trap in nsd-control-setup. - Fix to omit the listen-on lines from log at startup, unless verbose. - Fix uninitialised values for bindtodevice option at startup with reuseport and multiple interfaces. 8 April 2020: Wouter - Tag for 4.3.1rc2. 7 April 2020: Wouter - Merge PR #91 by gearnode: nsd-control-setup recreate certificates. The '-r' option recreates certificates. Without it it creates them if they do not exist, and does not modify them otherwise. 6 April 2020: Wouter - Merge PR #90 by phicoh: O_CLOEXEC should be FD_CLOEXEC. - Merge PR #92 by tonysgi: Fix typo. 2 April 2020: Wouter - Tag for 4.3.1rc1. 1 April 2020: Wouter - Fix for whitespace in minimal responses test for FreeBSD. 25 March 2020: Wouter - Merge PR #86 from noloader: Use precious variables for GREP, EGREP, SED, AWK, LEX and YACC. - For PR #86: Fix that programs loaded after CFLAGS and stuff is set, specifically the compiler, so that it can work if it needs special flags from that. Fix that lex only needs to support -i if actually defined, otherwise the output included in the source tarball can be used. - Merge PR #72 from noloader: Increase Travis testing coverage 23 March 2020: Wouter - Fix unterminated ifdef in nsd.h. - Fix unknown u_long in util.c for Issue #80 . 20 March 2020: Wouter - Merge PR #83 from noloader: Fix GNU HURD sched_setaffinity compile. - Fix #82: print error when system does not have setaffinity. - Fix #80: NetBSD and implicit declaration of reallocarray. - Fix for #80: Fix reallocarray test to define before include. - Fix for #80: Define alternatives for IFNAMSIZ if it does not exist. 19 March 2020: Wouter - Fix #76: cpuid typedef for Hurd, DragonflyBSD compile. - Fix #75: configure test for sched_setaffinity, and use cpuset_setaffinity otherwise. Also test for presence of sysconf. - Fix #74: GNU Hurd fix cast from pointer to integer of different size. - Fix for #74, #75: cpuset test for header contents and provide code. - Fix #78: Fix SO_SETFIB error on FreeBSD. 18 March 2020: Wouter - Fix #70: error: 'fd_set' undeclared. - Fix #71: error: 'for' loop initial declaration used outside C99 mode. - Fix to move declarations out of for loops in event test too. - Fix to move declarations out of for loops in popen3 test too. - Another fix to move declaration out of for loop for event test. - Fix to move declarations out of for loops in cutest regex display. 17 March 2020: Wouter - tag for 4.3.0 release and master branch has version 4.3.1. 10 March 2020: Wouter - repository has version number 4.3.0. Tag for 4.3.0rc1. 3 March 2020: Wouter - Fix that the retry wait does not exceed one day for zone transfers. 27 February 2020: Wouter - Fix warning on FreeBSD about pointer size cast. 26 February 2020: Wouter - Fixup fix of reuseport TCP for server close of sockets not used by it. And the unit test skips when the necessary debug output is not enabled. 25 February 2020: Wouter - Fix event unit test, signal has to be registered with signal_add, event_add not for every backend for signals. The event_initialized is not possible for every backend, so event_added variable. The agent write event fires after a timeout, instead of on event write so that it does not trigger a sigpipe event when the handlers stop. Timeout shorted to 0.1 second. event_get_fd was not implemented, so used ev_fd. Debug output printfs added to see what happens. - Fix checkconf test for new drop-updates config option. - Fix errors with reuseport and TCP file descriptors, it was closing them for server-1 in server-2 and server-3.. 7 February 2020: Jeroen - Add feature to drop queries with opcode UPDATE. 6 February 2020: Jeroen - Support SO_BINDTODEVICE on Linux. Specify bindtodevice: yes to bind sockets directly to the network interface. - Support SO_SETFIB on FreeBSD. Add setfib=<FIB> after an ip-address option to use the specified FIB for that socket. - Require user to add servers=<range> after an ip-address option to specify the servers that must listen on that socket. 6 February 2020: Wouter - Merge PR#60: Minor portability fixes from michaelforney, with avoid pointer arithmetic on void and avoid unnecessary VLA. 4 February 2020: Wouter - Merge PR#22: minimise-any: prefer polular and not large RRset, from Daisuke Higashi. - Fix responses for IXFR so that the authority section is not echoed in the response. 21 January 2020: Wouter - Fix leak in server bitset setup. 16 January 2020: Jeroen - Add zone resource record iterator for future zone-verification port. - Set FD_CLOEXEC on opened sockets. - Add popen3 implementation for future zone-verification port. - Add -r option to cutest so that a subset of tests can be run. 15 January 2020: Jeroen - Add feature to pin server proccesses to specific cpus. - Add feature to pin IP addresses to selected server processes. - Set process title to identify individual processes. 13 January 2020: Wouter - Merge pull request #59 from buddyns: add FreeBSD support for conf key ip-transparent. 10 January 2020: Wouter - Fix unreachable code in ssl set options code. - Fix bad shift in assertion code analyzer complaint. 6 January 2020: Wouter - Fix #56: Drop sparse TSIG signing support in NSD. Sign every axfr packet with TSIG, according to the latest draft-ietf-dnsop-rfc2845bis-06, Section 5.3.1. 12 December 2019: Wouter - Note that use-systemd is not necessary and ignored in man page. 11 December 2019: Wouter - Fix whitespace in nsd.conf.sample.in, patch from Paul Wouters. - use-systemd is ignored in nsd.conf, when NSD is compiled with libsystemd it always signals readiness, if possible. 9 December 2019: Wouter - Fix to define upper bounds on rr counts read from untrusted packet data. - Try different annotation for radix_find_prefix_node not reachable. - Separate acl_addr_match_range functions for ip4 and ip6, to please checkers. - Avoid unused variable warning in new match_range_v4 function. 6 December 2019: Wouter - Fix to define max number of EDNS records we are willing to spend time on. - Fix size of string len and capacity type cast in udbradtree. - Fix to protect rrcount in tsig_find_rr from overflow. - Annotate radix_find_prefix_node not reachable trail code. - Fix to protect rrcount in packet_find_notify_serial from overflow. - Fix to close socket on error in create_tcp_accept_sock. - Fix to log on failure to chmod for socket for remote control. - Fix to remove unneeded if in open of socket for remote control. - Fix to restore input parameter on call failure in create_dirs. - Please checker by terminating and initialising string read by remote control. - Fixup of random_generate negative modulo, from previous commit, and return srandom when random is used if no getrandom. 5 December 2019: Wouter - Fix fname null check of fname in namedb_read_zonefile. - Fix implicit cast of size in udb_radnode_array_grow. - Fix ignore of return value of ssl_printf in remote.c. - Fix unused check of fd in parent_handle_reload_command. - Fix to use getrandom() for randomness, if available. - Attempt to fix signedness of nscount lookup in ixfr query_process. - Fix identical branches for ssl_print of errors in remote.c. - Fix type cast bounds, signedness of opt_rdlen in edns_parse_record. - Fix to separate header and data lines in parse_zone_list_file.
Revision tags: netbsd-9-3-RELEASE netbsd-9-2-RELEASE netbsd-9-1-RELEASE phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406 netbsd-9-0-RELEASE netbsd-9-0-RC2 nsd-4-2-4 netbsd-9-0-RC1 phil-wifi-20191119 netbsd-9-base phil-wifi-20190609 nsd-4-1-27 nsd-4-1-26 pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 nsd-4-1-24
# 1.1.1.3	03-Sep-2018	christos	Import nsd-4.1.24 6 August 2018: Wouter - tag for 4.1.24 release. 30 July 2018: Wouter - Tag for NSD 4.1.23 release, trunk is 4.1.24, includes fix NSD time sensitive TSIG compare vulnerability. - Fix checkconf test for use-systemd option. 25 July 2018: Wouter - #4133: Fix that when IXFR contains a zone with broken NSEC3PARAM chain, NSD leniently attempts to find a working NSEC3PARAM. 23 July 2018: Wouter - Remove socket activation from systemd code, it was reported as not useful to enable. The readiness signalling is still there, and can be enabled with use-systemd: yes. - Only call sd_notify from systemd when use-systemd is yes. 6 July 2018: Wouter - RFC8162 support, for record type SMIMEA. - Fix that type CAA (and URI) in the zone file can contain dots when not in quotes. 26 June 2018: Wouter - configure --enable-systemd (needs pkg-config and libsystemd) can be used to then use-systemd: yes in nsd.conf and use socket activation and readiness signalling with systemd. 19 June 2018: Wouter - #4106: Fix that stats printed from nsd-control are recast from unsigned long to unsigned (remote.c). 14 June 2018: Wouter - Fix that first control-interface determines if TLS is used. Warn when IP address interfaces are used without TLS. 12 June 2018: Wouter - #4102: control interface via local socket. configure it with control-interface: "/path/nsd.ctl" The path has to start with a / to separate it from an IP address. The local socket does not use SSL, but unencrypted traffic, use file and containing directory permissions to restrict access. 6 June 2018: Wouter - Patch to fix openwrt for mac os build darwin detection in configure. 4 June 2018: Wouter - tag for 4.1.22rc1. Became 4.1.22 on 11 June, trunk is 4.1.23 in development from this point. 31 May 2018: Wouter - Fix to use same condition for nsec3 hash allocation and free. 23 May 2018: Wouter - Use accept4 to speed up answer of TCP queries, on Linux and FreeBSD and OpenBSD. 22 May 2018: Wouter - Fix nsec3 hash of parent and child co-hosted nsec3 enabled zones. 15 May 2018: Wouter - Fix memory free in unit test. 14 May 2018: Wouter - Tag for 4.1.21 release. - trunk has 4.1.22 in development. - refuse-any sends truncation (+TC) in reply to ANY queries over UDP, and allows TCP queries like normal. 7 May 2018: Wouter - Tag for 4.1.21rc1 release. 4 May 2018: Wouter - Fix #4093: Release notes not using 2018. 3 May 2018: Wouter - Fix buffer size warnings from compiler on filename lengths. 26 April 2018: Wouter - lower memory usage for tcp connections, so tcp-count can be higher. - Fix checkconf test for refuse-any option. 3 April 2018: Wouter - refuse-any nsd.conf option that refuses queries of type ANY. 5 March 2018: Wouter - Fix #3562: explain build error when flex missing. 20 February 2018: Wouter - For more clang warnings - Fix spelling error in xfr-inspect. 19 February 2018: Wouter - Fix for clang analysis complaints. 15 February 2018: Wouter - --enable-memclean cleans up memory for use with memory checkers, eg. valgrind. - Fix unused variable warnings from clang analyzer. 14 February 2018: Wouter - updated RELNOTES for upcoming release. - tag 4.1.20rc1, became release on 20 feb, trunk has 4.1.21 in development. 9 February 2018: Wouter - make depend: updated the make dependencies in the Makefile. 8 February 2018: Wouter - Fix memory leak when rehashing nsec3 after axfr or zonefile read, in the selectively allocated precompiled nsec3 hashes. 6 February 2018: Wouter - Fix memory leak in zone file read of unknown rr formatted RRs.
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base nsd-4-1-19
# 1.1.1.2	09-Feb-2018	christos	branches: 1.1.1.2.2; 1.1.1.2.4; NSD 4.1.19 Dec 11, 2017 Bugfixes ignore fallthrough compiler warning in flex EOF rule. Fix warnings emitted by clang for --enable-packed. Alignment is not a problem for x86_64, don't enable packed when the platform requires aligned access. Fix spelling error in xfr-inspect. Fix 3392: Fix regression in 4.1.18 for notify lists with ip4 and ip6 targets. Add test for support of -Wno-address-of-packed-member for --enable-packed. NSD 4.1.18 Nov 30, 2017 Features xfr-inspect, it is not installed, it prints xfr files from /tmp made with 'make xfr-inspect' in the source dir. retry timeout between sending notifies dropped from 15 to 3 sec. NSD sends 16 notifies simultaneously. configure --enable-packed reduces memory usage, at expense of unaligned reads. Saves about 17%. Save memory by selectively allocate precompiled nsec3 hashes, saves about 16% memory. make ip-transparent option work on OpenBSD. Save about 2% memory by changing usage count size in name tree. Fix #2871: Increase number of sockets for xfrd transfers. Bugfixes Fix gcc 7.1.1 warnings. Fix writev compile warning on FreeBSD. Fix #1446: A corrupted zone file "propagates" to good ones. nsd-control zonestatus prints wait time between attempts, for zones that are in that waiting time. Fix collision printout of nsec3 to print name, hash and reverse. Fix #1567: Change crit to err log level for gettimeofday failure. Add defines for compile without syslog. Fix crash for DS query when parent and child zones both configured in nsd.conf and parent zone has not loaded properly. NSD 4.1.17 Jul 21, 2017 Features zone parser parses type AVC (it has TXT format). Fix #1272: use writev to put tcp length field with data for outgoing zone transfer requests. Bugfixes Fix potential null pointer in nsec3 adjustment tree. Fix text format of deletes for CDS and CDNSKEY, single 0 to represent empty base64 or hex string. NSD 4.1.16 Apr 25, 2017 Features zone parser can parse acronyms for algorithms ED25519 and ED448. Fix 1243: Option to make NSD emit really minimal responses, minimal-responses: yes in nsd.conf. Bugfixes Calculate new udb index after growing the array, fix from Chaofeng Liu. Fix missing _t to _type conversion for disable-radix-tree option. Printout serial error with hint it may be too big. Fix 1228: OpenSSL include is not guarded with HAVE_SSL Patch for expire state in multi-master when masters includes broken master, from Manabu Sonoda. minor manpage fix. NSD 4.1.15 Feb 16, 2017 Bugfixes Fix nsd-control and ipv6 only. Squelch zone transfer error address family not supported by protocol at low verbosity levels. Fix #1195: Fix so that NSD fails on non-compliant values for Serial. Fix to rename _t typedefs because POSIX reserves them. Fix that nsec3 hash collisions only reported on verbosity level 3.
Revision tags: netbsd-8-0-RELEASE netbsd-8-0-RC2 netbsd-8-0-RC1 matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 bouyer-socketcan-base nsd-4-1-14
# 1.1.1.1	07-Jan-2017	christos	branches: 1.1.1.1.4; 1.1.1.1.8; Import nsd
Revision tags: nsd-4-3-5
# 1.1.1.4	15-Mar-2021	christos	Import 4.3.5: 19 January 2021: Wouter - Set branch ready for 4.3.5 release. Tag for 4.3.5rc1. Became the 4.3.5 release on 26 january 2021. This branch continues with 4.3.6 in development. 15 January 2021: Wouter - Fix #152: '' in Rdata causes the return code to be NOERROR instead of NX. - Add config.guess and config.sub to .gitignore for autoconf 2.70. - Fix #150: TXT record validation difference with BIND. - Fixup TXT record validation fix for escaped quotes. - Fixup TXT record validation fix for escaped backslashes. - Fixup escape character parse for quoted strings. 11 January 2021: Wouter - Fix #151: DNAME not applied more than once to resolve the query. - Fix dname test for #148. - For #151: fix to not produce loops in output. 5 January 2021: Wouter - Fix configure.ac for autoconf 2.70. 4 January 2021: Wouter - Fix #148: CNAME need not be followed after a synthesized CNAME for a CNAME query. 11 December 2020: Wouter - Fix that nsd-control has timeout when connection is down. - remove windows socket ifdefs from nsd-control. 3 December 2020: Wouter - For #145: Fix that service of remaining TCP and TLS connections does not allow new queries to be made, the connection is closed. Only existing queries and zone transfers are answered, new ones are rejected by a close of the channel. 30 November 2020: Wouter - Fix #144: fix better. 27 November 2020: Wouter - Fix #144: Typo fix in nsd.conf.5.in. 26 November 2020: Wouter - Fix #143: xfrd no hysteresis with NOT IMPLEMENTED rcode. 24 November 2020: Wouter - Merge PR #141: ZONEMD RR type. - tag for 4.3.4rc1. This became 4.3.4 release on 1 dec 2020. The code repo continues for 4.3.5 in development. 23 November 2020: Wouter - Fix #142: NODATA answers missin SOA in authority section after CNAME chain. - Fix for CVE-2020-28935 : Fix that symlink does not interfere with chown of pidfile. - fix writepid for retvalue 0. 9 November 2020: Wouter - Fix #138: NSD returns non-EDNS answer when QUESTION is empty. - Fix to check nscount in previous fix for EDNS in formerr response when there is no question. 28 October 2020: Wouter - Remove unused init_cfg_parse routine from configlexer. 20 October 2020: Wouter - Fix to add missing closest encloser NSEC3 for wildcard nodata type DS answer. 14 October 2020: Wouter - Fix #134: IPV4_MINIMAL_RESPONSE_SIZE vs EDNS_MAX_MESSAGE_LEN. 13 October 2020: Wouter - Fix missing parenthesis on size of fix to init buffer. 12 October 2020: Wouter - Fix #127: two minor `-Wcast-qual` cleanups - Fix #126: minor header hygiene - Fix #125: include config.h in compat/setproctitle.c and fix prototype of `setproctitle` - Fix #133: fix 0-init of local ( stack ) buffer. 8 October 2020: Wouter - tag for 4.3.3 release - current repository contains 4.3.4 in development. - Fix #129: ambiguous use of errno, in log message if sendmmsg fails. - Fix #128: Fix that the invalid port number is logged for sendmmsg failed: Invalid argument. 1 October 2020: Wouter - tag for 4.3.3rc1 release. 30 September 2020: Wouter - Updated date in nsd -v output. - Fixup bug013_truncate, checkconf and cutest_qroot tests for new default EDNS size. 29 September 2020: Willem - Follow DNS flag day 2020 advice and set default EDNS message size to 1232. 4 September 2020: Wouter - Remove unused space from LIBS on link line. 3 September 2020: Wouter - Merge PR #121: Increase log level of recreated database from WARNING to ERR. 1 September 2020: Wouter - Fix #119: fix compile warnings from new gcc. - Fix #119: warn when trying to parse a directory. 27 August 2020: Wouter - Merged PR #113 with fixes. Instead of listing an IP-address to listen on, an interface name can be specified in nsd.conf, with ip-address: eth0. The IP-addresses for that interface are then used. 26 August 2020: Wouter - Add xstrdup for PR #113. - Tidy up code like in PR #113. - Import code from PR #113. - Fix for unknown EVP_MAC_CTX_free function in openssl 3.0.0 tsig code. 24 August 2020: Wouter - Fix that configure checks for EVP_sha256 to detect openssl, because HMAC_CTX_new is deprecated in 3.0.0. - Port TSIG code for openssl 3.0.0-alpha6. - Sync acx_nlnetlabs.m4 with the unbound repo. - Review fixes for tsig, defensive free and zero. 4 August 2020: Wouter - Merge #117: mini_event.h (4.3.2 and 4.3.1) on OpenBSD cannot find fd_set - patch. 23 July 2020: Wouter - Merge #115 from millert: Fix strlcpy() usage. From OpenBSD. 15 July 2020: Wouter - Fix make install with --with-pidfile="". 14 July 2020: Wouter - Tag for 4.3.2 release. Master branch contains the next version in development, 4.3.3. 7 July 2020: Wouter - Tag for 4.3.2rc1. 6 July 2020: Wouter - Fix compile includes for xfr-inspect tool on FreeBSD. - Add tpkg/run_vm.sh that runs test when in a virtual machine. - Merge #112 from jaredmauch: log old and new serials when NSD rejects an IXFR due to an old serial number. - Fix bug034 test for vm test changes. 22 June 2020: Wouter - Remove errno reset behaviour from sendmmsg and recvmmsg replacement functions. - Fix unit test for different nsd-control-setup -h exit code. 19 June 2020: Wouter - Merge #108 from Nomis: Make the max-retry-time description clearer. - Retry when udp send buffer is full to wait until buffer space is available. 18 June 2020: Wouter - Do not log EAGAIN errors for sendmmsg, to stop log spam on OpenBSD. 17 June 2020: Wouter - Fix #107: nsd -v shows configure line, openssl version and libevent version. 27 May 2020: Wouter - Fix unlink of pidfile warning if not possible due to permissions, nsd can display the message at high verbosity levels. - Update contrib/nsd.service for chown of nsd.log and /var/log in ReadWritePaths. - Removed contrib/nsd.service, example is too complicated and not useful. 15 May 2020: Wouter - Merge PR#102 from and0x000: add missing default in documentation for drop-updates. - Fix checkconf test for log-only-syslog option. 14 May 2020: Wouter - Document default value for tcp-timeout. 13 May 2020: Jeroen - Fix #99: Fix copying of socket properties with reuseport enabled. 24 April 2020: Wouter - Fix #97: EDNS unknown version: query not in response. 21 April 2020: Wouter - Fix #96: log-only-syslog: yes sets to only use syslog, fixes that the default configuration and systemd results in duplicate log messages. 20 April 2020: Wouter - Fix #95: Removed make test check because tpkg not included in release tarballs. - Fix unused parameter compile warnings. 16 April 2020: Wouter - Tag for 4.3.1 release and track 4.3.2 release in code repository. - note sha256 digest algo use in makedist.sh. - Fix for posix shell syntax for trap in nsd-control-setup. - Fix to omit the listen-on lines from log at startup, unless verbose. - Fix uninitialised values for bindtodevice option at startup with reuseport and multiple interfaces. 8 April 2020: Wouter - Tag for 4.3.1rc2. 7 April 2020: Wouter - Merge PR #91 by gearnode: nsd-control-setup recreate certificates. The '-r' option recreates certificates. Without it it creates them if they do not exist, and does not modify them otherwise. 6 April 2020: Wouter - Merge PR #90 by phicoh: O_CLOEXEC should be FD_CLOEXEC. - Merge PR #92 by tonysgi: Fix typo. 2 April 2020: Wouter - Tag for 4.3.1rc1. 1 April 2020: Wouter - Fix for whitespace in minimal responses test for FreeBSD. 25 March 2020: Wouter - Merge PR #86 from noloader: Use precious variables for GREP, EGREP, SED, AWK, LEX and YACC. - For PR #86: Fix that programs loaded after CFLAGS and stuff is set, specifically the compiler, so that it can work if it needs special flags from that. Fix that lex only needs to support -i if actually defined, otherwise the output included in the source tarball can be used. - Merge PR #72 from noloader: Increase Travis testing coverage 23 March 2020: Wouter - Fix unterminated ifdef in nsd.h. - Fix unknown u_long in util.c for Issue #80 . 20 March 2020: Wouter - Merge PR #83 from noloader: Fix GNU HURD sched_setaffinity compile. - Fix #82: print error when system does not have setaffinity. - Fix #80: NetBSD and implicit declaration of reallocarray. - Fix for #80: Fix reallocarray test to define before include. - Fix for #80: Define alternatives for IFNAMSIZ if it does not exist. 19 March 2020: Wouter - Fix #76: cpuid typedef for Hurd, DragonflyBSD compile. - Fix #75: configure test for sched_setaffinity, and use cpuset_setaffinity otherwise. Also test for presence of sysconf. - Fix #74: GNU Hurd fix cast from pointer to integer of different size. - Fix for #74, #75: cpuset test for header contents and provide code. - Fix #78: Fix SO_SETFIB error on FreeBSD. 18 March 2020: Wouter - Fix #70: error: 'fd_set' undeclared. - Fix #71: error: 'for' loop initial declaration used outside C99 mode. - Fix to move declarations out of for loops in event test too. - Fix to move declarations out of for loops in popen3 test too. - Another fix to move declaration out of for loop for event test. - Fix to move declarations out of for loops in cutest regex display. 17 March 2020: Wouter - tag for 4.3.0 release and master branch has version 4.3.1. 10 March 2020: Wouter - repository has version number 4.3.0. Tag for 4.3.0rc1. 3 March 2020: Wouter - Fix that the retry wait does not exceed one day for zone transfers. 27 February 2020: Wouter - Fix warning on FreeBSD about pointer size cast. 26 February 2020: Wouter - Fixup fix of reuseport TCP for server close of sockets not used by it. And the unit test skips when the necessary debug output is not enabled. 25 February 2020: Wouter - Fix event unit test, signal has to be registered with signal_add, event_add not for every backend for signals. The event_initialized is not possible for every backend, so event_added variable. The agent write event fires after a timeout, instead of on event write so that it does not trigger a sigpipe event when the handlers stop. Timeout shorted to 0.1 second. event_get_fd was not implemented, so used ev_fd. Debug output printfs added to see what happens. - Fix checkconf test for new drop-updates config option. - Fix errors with reuseport and TCP file descriptors, it was closing them for server-1 in server-2 and server-3.. 7 February 2020: Jeroen - Add feature to drop queries with opcode UPDATE. 6 February 2020: Jeroen - Support SO_BINDTODEVICE on Linux. Specify bindtodevice: yes to bind sockets directly to the network interface. - Support SO_SETFIB on FreeBSD. Add setfib=<FIB> after an ip-address option to use the specified FIB for that socket. - Require user to add servers=<range> after an ip-address option to specify the servers that must listen on that socket. 6 February 2020: Wouter - Merge PR#60: Minor portability fixes from michaelforney, with avoid pointer arithmetic on void and avoid unnecessary VLA. 4 February 2020: Wouter - Merge PR#22: minimise-any: prefer polular and not large RRset, from Daisuke Higashi. - Fix responses for IXFR so that the authority section is not echoed in the response. 21 January 2020: Wouter - Fix leak in server bitset setup. 16 January 2020: Jeroen - Add zone resource record iterator for future zone-verification port. - Set FD_CLOEXEC on opened sockets. - Add popen3 implementation for future zone-verification port. - Add -r option to cutest so that a subset of tests can be run. 15 January 2020: Jeroen - Add feature to pin server proccesses to specific cpus. - Add feature to pin IP addresses to selected server processes. - Set process title to identify individual processes. 13 January 2020: Wouter - Merge pull request #59 from buddyns: add FreeBSD support for conf key ip-transparent. 10 January 2020: Wouter - Fix unreachable code in ssl set options code. - Fix bad shift in assertion code analyzer complaint. 6 January 2020: Wouter - Fix #56: Drop sparse TSIG signing support in NSD. Sign every axfr packet with TSIG, according to the latest draft-ietf-dnsop-rfc2845bis-06, Section 5.3.1. 12 December 2019: Wouter - Note that use-systemd is not necessary and ignored in man page. 11 December 2019: Wouter - Fix whitespace in nsd.conf.sample.in, patch from Paul Wouters. - use-systemd is ignored in nsd.conf, when NSD is compiled with libsystemd it always signals readiness, if possible. 9 December 2019: Wouter - Fix to define upper bounds on rr counts read from untrusted packet data. - Try different annotation for radix_find_prefix_node not reachable. - Separate acl_addr_match_range functions for ip4 and ip6, to please checkers. - Avoid unused variable warning in new match_range_v4 function. 6 December 2019: Wouter - Fix to define max number of EDNS records we are willing to spend time on. - Fix size of string len and capacity type cast in udbradtree. - Fix to protect rrcount in tsig_find_rr from overflow. - Annotate radix_find_prefix_node not reachable trail code. - Fix to protect rrcount in packet_find_notify_serial from overflow. - Fix to close socket on error in create_tcp_accept_sock. - Fix to log on failure to chmod for socket for remote control. - Fix to remove unneeded if in open of socket for remote control. - Fix to restore input parameter on call failure in create_dirs. - Please checker by terminating and initialising string read by remote control. - Fixup of random_generate negative modulo, from previous commit, and return srandom when random is used if no getrandom. 5 December 2019: Wouter - Fix fname null check of fname in namedb_read_zonefile. - Fix implicit cast of size in udb_radnode_array_grow. - Fix ignore of return value of ssl_printf in remote.c. - Fix unused check of fd in parent_handle_reload_command. - Fix to use getrandom() for randomness, if available. - Attempt to fix signedness of nscount lookup in ixfr query_process. - Fix identical branches for ssl_print of errors in remote.c. - Fix type cast bounds, signedness of opt_rdlen in edns_parse_record. - Fix to separate header and data lines in parse_zone_list_file.
Revision tags: netbsd-9-1-RELEASE phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406 netbsd-9-0-RELEASE netbsd-9-0-RC2 nsd-4-2-4 netbsd-9-0-RC1 phil-wifi-20191119 netbsd-9-base phil-wifi-20190609 nsd-4-1-27 nsd-4-1-26 pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 nsd-4-1-24
# 1.1.1.3	03-Sep-2018	christos	Import nsd-4.1.24 6 August 2018: Wouter - tag for 4.1.24 release. 30 July 2018: Wouter - Tag for NSD 4.1.23 release, trunk is 4.1.24, includes fix NSD time sensitive TSIG compare vulnerability. - Fix checkconf test for use-systemd option. 25 July 2018: Wouter - #4133: Fix that when IXFR contains a zone with broken NSEC3PARAM chain, NSD leniently attempts to find a working NSEC3PARAM. 23 July 2018: Wouter - Remove socket activation from systemd code, it was reported as not useful to enable. The readiness signalling is still there, and can be enabled with use-systemd: yes. - Only call sd_notify from systemd when use-systemd is yes. 6 July 2018: Wouter - RFC8162 support, for record type SMIMEA. - Fix that type CAA (and URI) in the zone file can contain dots when not in quotes. 26 June 2018: Wouter - configure --enable-systemd (needs pkg-config and libsystemd) can be used to then use-systemd: yes in nsd.conf and use socket activation and readiness signalling with systemd. 19 June 2018: Wouter - #4106: Fix that stats printed from nsd-control are recast from unsigned long to unsigned (remote.c). 14 June 2018: Wouter - Fix that first control-interface determines if TLS is used. Warn when IP address interfaces are used without TLS. 12 June 2018: Wouter - #4102: control interface via local socket. configure it with control-interface: "/path/nsd.ctl" The path has to start with a / to separate it from an IP address. The local socket does not use SSL, but unencrypted traffic, use file and containing directory permissions to restrict access. 6 June 2018: Wouter - Patch to fix openwrt for mac os build darwin detection in configure. 4 June 2018: Wouter - tag for 4.1.22rc1. Became 4.1.22 on 11 June, trunk is 4.1.23 in development from this point. 31 May 2018: Wouter - Fix to use same condition for nsec3 hash allocation and free. 23 May 2018: Wouter - Use accept4 to speed up answer of TCP queries, on Linux and FreeBSD and OpenBSD. 22 May 2018: Wouter - Fix nsec3 hash of parent and child co-hosted nsec3 enabled zones. 15 May 2018: Wouter - Fix memory free in unit test. 14 May 2018: Wouter - Tag for 4.1.21 release. - trunk has 4.1.22 in development. - refuse-any sends truncation (+TC) in reply to ANY queries over UDP, and allows TCP queries like normal. 7 May 2018: Wouter - Tag for 4.1.21rc1 release. 4 May 2018: Wouter - Fix #4093: Release notes not using 2018. 3 May 2018: Wouter - Fix buffer size warnings from compiler on filename lengths. 26 April 2018: Wouter - lower memory usage for tcp connections, so tcp-count can be higher. - Fix checkconf test for refuse-any option. 3 April 2018: Wouter - refuse-any nsd.conf option that refuses queries of type ANY. 5 March 2018: Wouter - Fix #3562: explain build error when flex missing. 20 February 2018: Wouter - For more clang warnings - Fix spelling error in xfr-inspect. 19 February 2018: Wouter - Fix for clang analysis complaints. 15 February 2018: Wouter - --enable-memclean cleans up memory for use with memory checkers, eg. valgrind. - Fix unused variable warnings from clang analyzer. 14 February 2018: Wouter - updated RELNOTES for upcoming release. - tag 4.1.20rc1, became release on 20 feb, trunk has 4.1.21 in development. 9 February 2018: Wouter - make depend: updated the make dependencies in the Makefile. 8 February 2018: Wouter - Fix memory leak when rehashing nsec3 after axfr or zonefile read, in the selectively allocated precompiled nsec3 hashes. 6 February 2018: Wouter - Fix memory leak in zone file read of unknown rr formatted RRs.
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base nsd-4-1-19
# 1.1.1.2	09-Feb-2018	christos	branches: 1.1.1.2.2; 1.1.1.2.4; NSD 4.1.19 Dec 11, 2017 Bugfixes ignore fallthrough compiler warning in flex EOF rule. Fix warnings emitted by clang for --enable-packed. Alignment is not a problem for x86_64, don't enable packed when the platform requires aligned access. Fix spelling error in xfr-inspect. Fix 3392: Fix regression in 4.1.18 for notify lists with ip4 and ip6 targets. Add test for support of -Wno-address-of-packed-member for --enable-packed. NSD 4.1.18 Nov 30, 2017 Features xfr-inspect, it is not installed, it prints xfr files from /tmp made with 'make xfr-inspect' in the source dir. retry timeout between sending notifies dropped from 15 to 3 sec. NSD sends 16 notifies simultaneously. configure --enable-packed reduces memory usage, at expense of unaligned reads. Saves about 17%. Save memory by selectively allocate precompiled nsec3 hashes, saves about 16% memory. make ip-transparent option work on OpenBSD. Save about 2% memory by changing usage count size in name tree. Fix #2871: Increase number of sockets for xfrd transfers. Bugfixes Fix gcc 7.1.1 warnings. Fix writev compile warning on FreeBSD. Fix #1446: A corrupted zone file "propagates" to good ones. nsd-control zonestatus prints wait time between attempts, for zones that are in that waiting time. Fix collision printout of nsec3 to print name, hash and reverse. Fix #1567: Change crit to err log level for gettimeofday failure. Add defines for compile without syslog. Fix crash for DS query when parent and child zones both configured in nsd.conf and parent zone has not loaded properly. NSD 4.1.17 Jul 21, 2017 Features zone parser parses type AVC (it has TXT format). Fix #1272: use writev to put tcp length field with data for outgoing zone transfer requests. Bugfixes Fix potential null pointer in nsec3 adjustment tree. Fix text format of deletes for CDS and CDNSKEY, single 0 to represent empty base64 or hex string. NSD 4.1.16 Apr 25, 2017 Features zone parser can parse acronyms for algorithms ED25519 and ED448. Fix 1243: Option to make NSD emit really minimal responses, minimal-responses: yes in nsd.conf. Bugfixes Calculate new udb index after growing the array, fix from Chaofeng Liu. Fix missing _t to _type conversion for disable-radix-tree option. Printout serial error with hint it may be too big. Fix 1228: OpenSSL include is not guarded with HAVE_SSL Patch for expire state in multi-master when masters includes broken master, from Manabu Sonoda. minor manpage fix. NSD 4.1.15 Feb 16, 2017 Bugfixes Fix nsd-control and ipv6 only. Squelch zone transfer error address family not supported by protocol at low verbosity levels. Fix #1195: Fix so that NSD fails on non-compliant values for Serial. Fix to rename _t typedefs because POSIX reserves them. Fix that nsec3 hash collisions only reported on verbosity level 3.
Revision tags: netbsd-8-0-RELEASE netbsd-8-0-RC2 netbsd-8-0-RC1 matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 bouyer-socketcan-base nsd-4-1-14
# 1.1.1.1	07-Jan-2017	christos	branches: 1.1.1.1.4; 1.1.1.1.8; Import nsd
Revision tags: nsd-4-1-24
# 1.1.1.3	03-Sep-2018	christos	Import nsd-4.1.24 6 August 2018: Wouter - tag for 4.1.24 release. 30 July 2018: Wouter - Tag for NSD 4.1.23 release, trunk is 4.1.24, includes fix NSD time sensitive TSIG compare vulnerability. - Fix checkconf test for use-systemd option. 25 July 2018: Wouter - #4133: Fix that when IXFR contains a zone with broken NSEC3PARAM chain, NSD leniently attempts to find a working NSEC3PARAM. 23 July 2018: Wouter - Remove socket activation from systemd code, it was reported as not useful to enable. The readiness signalling is still there, and can be enabled with use-systemd: yes. - Only call sd_notify from systemd when use-systemd is yes. 6 July 2018: Wouter - RFC8162 support, for record type SMIMEA. - Fix that type CAA (and URI) in the zone file can contain dots when not in quotes. 26 June 2018: Wouter - configure --enable-systemd (needs pkg-config and libsystemd) can be used to then use-systemd: yes in nsd.conf and use socket activation and readiness signalling with systemd. 19 June 2018: Wouter - #4106: Fix that stats printed from nsd-control are recast from unsigned long to unsigned (remote.c). 14 June 2018: Wouter - Fix that first control-interface determines if TLS is used. Warn when IP address interfaces are used without TLS. 12 June 2018: Wouter - #4102: control interface via local socket. configure it with control-interface: "/path/nsd.ctl" The path has to start with a / to separate it from an IP address. The local socket does not use SSL, but unencrypted traffic, use file and containing directory permissions to restrict access. 6 June 2018: Wouter - Patch to fix openwrt for mac os build darwin detection in configure. 4 June 2018: Wouter - tag for 4.1.22rc1. Became 4.1.22 on 11 June, trunk is 4.1.23 in development from this point. 31 May 2018: Wouter - Fix to use same condition for nsec3 hash allocation and free. 23 May 2018: Wouter - Use accept4 to speed up answer of TCP queries, on Linux and FreeBSD and OpenBSD. 22 May 2018: Wouter - Fix nsec3 hash of parent and child co-hosted nsec3 enabled zones. 15 May 2018: Wouter - Fix memory free in unit test. 14 May 2018: Wouter - Tag for 4.1.21 release. - trunk has 4.1.22 in development. - refuse-any sends truncation (+TC) in reply to ANY queries over UDP, and allows TCP queries like normal. 7 May 2018: Wouter - Tag for 4.1.21rc1 release. 4 May 2018: Wouter - Fix #4093: Release notes not using 2018. 3 May 2018: Wouter - Fix buffer size warnings from compiler on filename lengths. 26 April 2018: Wouter - lower memory usage for tcp connections, so tcp-count can be higher. - Fix checkconf test for refuse-any option. 3 April 2018: Wouter - refuse-any nsd.conf option that refuses queries of type ANY. 5 March 2018: Wouter - Fix #3562: explain build error when flex missing. 20 February 2018: Wouter - For more clang warnings - Fix spelling error in xfr-inspect. 19 February 2018: Wouter - Fix for clang analysis complaints. 15 February 2018: Wouter - --enable-memclean cleans up memory for use with memory checkers, eg. valgrind. - Fix unused variable warnings from clang analyzer. 14 February 2018: Wouter - updated RELNOTES for upcoming release. - tag 4.1.20rc1, became release on 20 feb, trunk has 4.1.21 in development. 9 February 2018: Wouter - make depend: updated the make dependencies in the Makefile. 8 February 2018: Wouter - Fix memory leak when rehashing nsec3 after axfr or zonefile read, in the selectively allocated precompiled nsec3 hashes. 6 February 2018: Wouter - Fix memory leak in zone file read of unknown rr formatted RRs.
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base nsd-4-1-19
# 1.1.1.2	09-Feb-2018	christos	NSD 4.1.19 Dec 11, 2017 Bugfixes ignore fallthrough compiler warning in flex EOF rule. Fix warnings emitted by clang for --enable-packed. Alignment is not a problem for x86_64, don't enable packed when the platform requires aligned access. Fix spelling error in xfr-inspect. Fix 3392: Fix regression in 4.1.18 for notify lists with ip4 and ip6 targets. Add test for support of -Wno-address-of-packed-member for --enable-packed. NSD 4.1.18 Nov 30, 2017 Features xfr-inspect, it is not installed, it prints xfr files from /tmp made with 'make xfr-inspect' in the source dir. retry timeout between sending notifies dropped from 15 to 3 sec. NSD sends 16 notifies simultaneously. configure --enable-packed reduces memory usage, at expense of unaligned reads. Saves about 17%. Save memory by selectively allocate precompiled nsec3 hashes, saves about 16% memory. make ip-transparent option work on OpenBSD. Save about 2% memory by changing usage count size in name tree. Fix #2871: Increase number of sockets for xfrd transfers. Bugfixes Fix gcc 7.1.1 warnings. Fix writev compile warning on FreeBSD. Fix #1446: A corrupted zone file "propagates" to good ones. nsd-control zonestatus prints wait time between attempts, for zones that are in that waiting time. Fix collision printout of nsec3 to print name, hash and reverse. Fix #1567: Change crit to err log level for gettimeofday failure. Add defines for compile without syslog. Fix crash for DS query when parent and child zones both configured in nsd.conf and parent zone has not loaded properly. NSD 4.1.17 Jul 21, 2017 Features zone parser parses type AVC (it has TXT format). Fix #1272: use writev to put tcp length field with data for outgoing zone transfer requests. Bugfixes Fix potential null pointer in nsec3 adjustment tree. Fix text format of deletes for CDS and CDNSKEY, single 0 to represent empty base64 or hex string. NSD 4.1.16 Apr 25, 2017 Features zone parser can parse acronyms for algorithms ED25519 and ED448. Fix 1243: Option to make NSD emit really minimal responses, minimal-responses: yes in nsd.conf. Bugfixes Calculate new udb index after growing the array, fix from Chaofeng Liu. Fix missing _t to _type conversion for disable-radix-tree option. Printout serial error with hint it may be too big. Fix 1228: OpenSSL include is not guarded with HAVE_SSL Patch for expire state in multi-master when masters includes broken master, from Manabu Sonoda. minor manpage fix. NSD 4.1.15 Feb 16, 2017 Bugfixes Fix nsd-control and ipv6 only. Squelch zone transfer error address family not supported by protocol at low verbosity levels. Fix #1195: Fix so that NSD fails on non-compliant values for Serial. Fix to rename _t typedefs because POSIX reserves them. Fix that nsec3 hash collisions only reported on verbosity level 3.
Revision tags: netbsd-8-0-RELEASE netbsd-8-0-RC2 netbsd-8-0-RC1 matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 bouyer-socketcan-base nsd-4-1-14
# 1.1.1.1	07-Jan-2017	christos	branches: 1.1.1.1.4; Import nsd
Revision tags: nsd-4-1-19
# 1.1.1.2	09-Feb-2018	christos	NSD 4.1.19 Dec 11, 2017 Bugfixes ignore fallthrough compiler warning in flex EOF rule. Fix warnings emitted by clang for --enable-packed. Alignment is not a problem for x86_64, don't enable packed when the platform requires aligned access. Fix spelling error in xfr-inspect. Fix 3392: Fix regression in 4.1.18 for notify lists with ip4 and ip6 targets. Add test for support of -Wno-address-of-packed-member for --enable-packed. NSD 4.1.18 Nov 30, 2017 Features xfr-inspect, it is not installed, it prints xfr files from /tmp made with 'make xfr-inspect' in the source dir. retry timeout between sending notifies dropped from 15 to 3 sec. NSD sends 16 notifies simultaneously. configure --enable-packed reduces memory usage, at expense of unaligned reads. Saves about 17%. Save memory by selectively allocate precompiled nsec3 hashes, saves about 16% memory. make ip-transparent option work on OpenBSD. Save about 2% memory by changing usage count size in name tree. Fix #2871: Increase number of sockets for xfrd transfers. Bugfixes Fix gcc 7.1.1 warnings. Fix writev compile warning on FreeBSD. Fix #1446: A corrupted zone file "propagates" to good ones. nsd-control zonestatus prints wait time between attempts, for zones that are in that waiting time. Fix collision printout of nsec3 to print name, hash and reverse. Fix #1567: Change crit to err log level for gettimeofday failure. Add defines for compile without syslog. Fix crash for DS query when parent and child zones both configured in nsd.conf and parent zone has not loaded properly. NSD 4.1.17 Jul 21, 2017 Features zone parser parses type AVC (it has TXT format). Fix #1272: use writev to put tcp length field with data for outgoing zone transfer requests. Bugfixes Fix potential null pointer in nsec3 adjustment tree. Fix text format of deletes for CDS and CDNSKEY, single 0 to represent empty base64 or hex string. NSD 4.1.16 Apr 25, 2017 Features zone parser can parse acronyms for algorithms ED25519 and ED448. Fix 1243: Option to make NSD emit really minimal responses, minimal-responses: yes in nsd.conf. Bugfixes Calculate new udb index after growing the array, fix from Chaofeng Liu. Fix missing _t to _type conversion for disable-radix-tree option. Printout serial error with hint it may be too big. Fix 1228: OpenSSL include is not guarded with HAVE_SSL Patch for expire state in multi-master when masters includes broken master, from Manabu Sonoda. minor manpage fix. NSD 4.1.15 Feb 16, 2017 Bugfixes Fix nsd-control and ipv6 only. Squelch zone transfer error address family not supported by protocol at low verbosity levels. Fix #1195: Fix so that NSD fails on non-compliant values for Serial. Fix to rename _t typedefs because POSIX reserves them. Fix that nsec3 hash collisions only reported on verbosity level 3.
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1 pgoyette-localcount-20170320 bouyer-socketcan-base nsd-4-1-14
# 1.1.1.1	07-Jan-2017	christos	branches: 1.1.1.1.4; Import nsd
Revision tags: nsd-4-1-14
# 1.1.1.1	07-Jan-2017	christos	Import nsd