Development release of BIND 10: bind10-devel-20110322 This is the tenth development release of BIND 10 since our first release one year ago. BIND 10 provides a C++ library for DNS (with python wrappers) and several cooperating daemons for providing authoritative DNS service (with SQLite3 which supports DNSSEC and in-memory backends), forwarding, and recursive name service. While, it contains prototype code and experimental interfaces, both the authoritative and resolver servers are being used in production. Documentation is included and also available via the BIND 10 website at http://bind10.isc.org/ The bind10-devel-20110322 source may be downloaded from: ftp://ftp.isc.org/isc/bind10/devel-20110322/bind10-devel-20110322.tar.gz A PGP signature of the distribution is at ftp://ftp.isc.org/isc/bind10/devel-20110322/bind10-devel-20110322.tar.gz.sha512.asc The signature was generated with the ISC public key, which is available at https://www.isc.org/about/openpgp Users and developers are encouraged to participate on the BIND 10 mailing lists. Please provide your feedback: https://lists.isc.org/mailman/listinfo/bind10-users https://lists.isc.org/mailman/listinfo/bind10-dev Bugs may be reported as tickets via the developers website (after logging into Trac): http://bind10.isc.org/ A summary of the significant changes since the previous release include (from the ChangeLog): 209. [func] jelte Resolver now uses the NSAS when looking for a nameserver to query for any specific zone. This also includes keeping track of the RTT for that nameserver. (Trac #495, git 76022a7e9f3ff339f0f9f10049aa85e5784d72c5) 208. [bug]* jelte Resolver now answers REFUSED on queries that are not for class IN. This includes the various CH TXT queries, which will be added later. (git 012f9e78dc611c72ea213f9bd6743172e1a2ca20) 207. [func] jelte Resolver now starts listening on localhost:53 if no configuration is set. (Trac #471, git 1960b5becbba05570b9c7adf5129e64338659f07) 206. [func] shane Add the ability to list the running BIND 10 processes using the command channel. To try this, use "Boss show_processes". (Trac #648, git 451bbb67c2b5d544db2f7deca4315165245d2b3b) 205. [bug] jinmei b10-auth, src/lib/datasrc: fixed a bug where b10-auth could return an empty additional section for delegation even if some glue is crucial when it fails to find some other glue records in its data source. (Trac #646, git 6070acd1c5b2f7a61574eda4035b93b40aab3e2b) 204. [bug] jinmei b10-auth, src/lib/datasrc: class ANY queries were not handled correctly in the generic data source (mainly for sqlite3). It could crash b10-auth in the worst case, and could result in incorrect responses in some other cases. (Trac #80, git c65637dd41c8d94399bd3e3cee965b694b633339) 203. [bug] zhang likun Fix resolver cache memory leak: when cache is destructed, rrset and message entries in it are not destructed properly. (Trac #643, git aba4c4067da0dc63c97c6356dc3137651755ffce) 202. [func] vorner It is possible to specify a different directory where we look for configuration files (by -p) and different configuration file to use (-c). Also, it is possible to specify the port on which cmdctl should listen (--cmdctl-port). (Trac #615, git 5514dd78f2d61a222f3069fc94723ca33fb3200b) 201. [bug] jerry src/bin/bindctl: bindctl doesn't show traceback on shutdown. (Trac #588, git 662e99ef050d98e86614c4443326568a0b5be437) 200. [bug] Jelte Fixed a bug where incoming TCP connections were not closed. (Trac #589, git 1d88daaa24e8b1ab27f28be876f40a144241e93b) 199. [func] ocean Cache negative responses (NXDOMAIN/NODATA) from authoritative server for recursive resolver. (Trac #493, git f8fb852bc6aef292555063590c361f01cf29e5ca) 198. [bug] jinmei b10-auth, src/lib/datasrc: fixed a bug where hot spot cache failed to reuse cached SOA for negative responses. Due to this bug b10-auth returned SERVFAIL when it was expected to return a negative response immediately after a specific SOA query for the zone. (Trac #626, git 721a53160c15e8218f6798309befe940b9597ba0) 197. [bug] zhang likun Remove expired message and rrset entries when looking up them in cache, touch or remove the rrset entry in cache properly when doing lookup or update. (Trac #661, git 9efbe64fe3ff22bb5fba46de409ae058f199c8a7) 196. [bug] jinmei b10-auth, src/lib/datasrc: the backend of the in-memory data source could not handle the root name. As a result b10-auth could not work as a root server when using the in-memory data source. (Trac #683, git 420ec42bd913fb83da37b26b75faae49c7957c46) 195. [func] stephen Resolver will now re-try a query over TCP if a response to a UDP query has the TC bit set. (Trac #499, git 4c05048ba059b79efeab53498737abe94d37ee07) 194. [bug] vorner Solved a 100% CPU usage problem after switching addresses in b10-auth (and possibly, but unconfirmed, in b10-resolver). It was caused by repeated reads/accepts on closed socket (the bug was in the code for a long time, recent changes made it show). (Trac #657, git e0863720a874d75923ea66adcfbf5b2948efb10a) 193. [func]* jreed Listen on the IPv6 (::) and IPv4 (0.0.0.0) wildcard addresses for b10-auth. This returns to previous behavior prior to change #184. Document the listen_on configuration in manual. (Trac #649, git 65a77d8fde64d464c75917a1ab9b6b3f02640ca6) 192. [func]* jreed Listen on standard domain port 53 for b10-auth and b10-resolver. (Trac #617, #618, git 137a6934a14cf0c5b5c065e910b8b364beb0973f) 191. [func] jinmei Imported system test framework of BIND 9. It can be run by 'make systest' at the top source directory. Notes: currently it doesn't work when built in a separate tree. It also requires perl, an inherited dependency from the original framework. Also, mainly for the purpose of tests, a new option "--pid-file" was added to BoB, with which the boss process will dump its PID to the specified file. (Trac #606, git 6ac000df85625f5921e8895a1aafff5e4be3ba9c) 190. [func] jelte Resolver now sets random qids on outgoing queries using the boost::mt19937 prng. (Trac #583, git 5222b51a047d8f2352bc9f92fd022baf1681ed81) 189. [bug] jreed Do not install the log message compiler. (Trac #634, git eb6441aca464980d00e3ff827cbf4195c5a7afc5) 188. [bug] zhang likun Make the rrset trust level ranking algorithm used by isc::cache::MessageEntry::getRRsetTrustLevel() follow RFC2181 section 5.4.1. (Trac #595 git 19197b5bc9f2955bd6a8ca48a2d04472ed696e81) 187. [bug] zhang likun Fix the assert error in class isc::cache::RRsetCache by adding the check for empty pointer and test case for it. (Trac #638, git 54e61304131965c4a1d88c9151f8697dcbb3ce12) 186. [bug] jelte b10-resolver could stop with an assertion failure on certain kinds of messages (there was a problem in error message creation). This fixes that. (Trac #607, git 25a5f4ec755bc09b54410fcdff22691283147f32) 185. [bug] vorner Tests use port from private range (53210), lowering chance of a conflict with something else (eg. running bind 10). (Trac #523, git 301da7d26d41e64d87c0cf72727f3347aa61fb40) 184. [func]* vorner Listening address and port configuration of b10-auth is the same as for b10-resolver now. That means, it is configured through bindctl at runtime, in the Auth/listen_on list, not through command line arguments. (Trac #575, #576, git f06ce638877acf6f8e1994962bf2dbfbab029edf) 183. [bug] jerry src/bin/xfrout: Enable parallel sessions between xfrout server and muti-Auth. The session needs to be created only on the first time or if an error occur. (Trac #419, git 1d60afb59e9606f312caef352ecb2fe488c4e751) 182. [func] jinmei Support cppcheck for static code check on C++ code. If cppcheck is available, 'make cppcheck' on the top source directory will run the checker and should cleanly complete with an exit code of 0 (at least with cppcheck 1.47). Note: the suppression list isn't included in the final distributions. It should be created by hand or retrieved from the git repository. (Trac #613, git b973f67520682b63ef38b1451d309be9f4f4b218) 181. [func] feng Add stop interface into dns server, so we can stop each running server individually. With it, user can reconfigure her running server with different ip address or port. (Trac #388, git 6df94e2db856c1adc020f658cc77da5edc967555) 180. [build] jreed Fix custom DESTDIR for make install. Patch from Jan Engelhardt. (Trac #629, git 5ac67ede03892a5eacf42ce3ace1e4e376164c9f) Please let us know about your experiences with using BIND 10. Jeremy C. Reed ISC Release Engineer