Make the randombackend go ‘native’ and directly supply records that can be sent to packets.Fix some bugs in the LDAP backend and in the MyDNS backend.Hash the storage of records in the BindBackend.Remove the ASCII DNSResourceRecord from the hot path of packet assembly.¶Ī number of fixes and improvements that are difficult to untangle: ¶Īpply non-local-bind to query-local-address and query-local-address6 when possible. References: #4122, #5255, pull request 5266, pull request 5269, pull request 5270Īdd function to the MyDNS backend to allow backend-to-backend migrations (Aki Tuomi). Support 2-character country codes and the MaxMind cities database in the GeoIP backend (Aki Tuomi). Many improvements and additions to the LDAP backend (Grégory Oestreicher). Support “native” zones in the BIND backend. References: #4821, pull request 5263, pull request 5264, pull request 5321 Send a notification to all slave servers after every dnsupdate (Kees Monshouwer, Florian Obser). ¶Īllow the use of a Lua script to validate DNS Update requests (Aki Tuomi). ¶Ĭalidns: add –increment and –want-recursion flags. Implement CryptoKey in the API (Wolfgang Studier, Tudor Soroceanu, Benjamin Zengin). References: pull request 4093, pull request 5038 References: pull request 1701, pull request 4964, pull request 4965Īdd API endpoints for Domain metadata (Christian Kröger). ¶Īllow forwarding of NOTIFY messages using forward-notify ¶ References: #3781, pull request 5190, pull request 5271Īdd option to set a global lua-axfr-script (Kees Monshouwer). References: #4204, pull request 5132, pull request 5258 This makes the authoritative server pass the EDNS compliance test.Īdd cache hit/miss statistics (Kees Monshouwer). Hash the entire query in the packet cache, split caches. ¶Īdd TCP management options described in section 10 of RFC 7766. ¶įix a crash when getting a public GOST key if the private one is not set. This is needed to roll without double sigs. Make the auth also publish CDS/CDNSKEY records for inactive keys, as Remove “” around secpoll result which fixes pdns_control show security-status not working. Log the needed size when a MySQL result was truncated. Make bindbackend startTransaction to return false when it has This was not only inconsistent behaviour but also done incorrectly. Remove printing of DS records from pdnsutil export-zone-dnskey …. Improve trailing dot handling internally which lead to a segfault in Make default options singular and use defaults in Cryptokey API-endpoint ¶ X-PDNS-New-Serial response headers with the zone serials before Report the offending name+type so the admin can find the offendingįor zone PATCH requests, add new X-PDNS-Old-Serial and When throwing because of bogus content in the tinydns database, We also did not remove entries in case of IXFR. QC/PC split up, we only removed entries for the AXFR’d domain from ¶Ĭorrectly purge entries from the caches after a transfer. Treat requestor’s payload size lower than 512 as equal to 512.īefore, we did not follow RFC 6891 section 6.2.3 correctly. To read more about this please see the blog post mentioned above or read the migration guide. This feature (‘recursor=’) was frequently confusing and also delivered inconsistent results, for example when a query ended up referring to a CNAME that was outside of the Authoritative Server’s knowledge. Previously, the PowerDNS Authoritative Server contained a facility for sending recursion desired queries to a resolving backend, possibly after first consulting its local cache. Recursor passthrough removal: This will impact many installations, and we realize this may be painful, but it is necessary. Our packages now ship with PKCS #11 support.Support for Botan 2.x (and removal of support for Botan 1.10),.
0 Comments
Leave a Reply. |