Development release of BIND 10: bind10-devel-20110519

Jeremy C. Reed jreed at isc.org
Thu May 19 23:52:19 UTC 2011 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

	Development release of BIND 10: bind10-devel-20110519

This is the eleventh development release of BIND 10 and contains
numerous improvements and new features, including:

- - TSIG support for libdns++, pydnspp, and Xfrin (incoming
  zone transfers).

- - b10-stats-httpd daemon which provides statistics in XML format
  via HTTP.

- - b10-host DNS lookup utility which is a clone (in progress) of
  historical host(1) tool using libdns++.

BIND 10 provides a C++ library for DNS (with python wrappers) and
several cooperating daemons for providing authoritative DNS service
(with SQLite3 which supports DNSSEC and in-memory backends),
forwarding, and recursive name service. While it contains prototype
code and experimental interfaces, both the authoritative and resolver
servers are being used in production.

Documentation is included and also available via the BIND 10
website at http://bind10.isc.org/

The bind10-devel-20110519 source may be downloaded from:

	ftp://ftp.isc.org/isc/bind10/devel-20110519/bind10-devel-20110519.tar.gz

A PGP signature of the distribution is at

	ftp://ftp.isc.org/isc/bind10/devel-20110519/bind10-devel-20110519.tar.gz.sha512.asc

The signature was generated with the ISC public key, which is
available at https://www.isc.org/about/openpgp

Users and developers are encouraged to participate on the BIND 10
mailing lists. Please provide your feedback:

	https://lists.isc.org/mailman/listinfo/bind10-users
	https://lists.isc.org/mailman/listinfo/bind10-dev

Bugs may be reported as tickets via the developers website
(after logging into Trac):

	http://bind10.isc.org/

A summary of the significant changes since the previous release
include (from the ChangeLog):

242.	[func]		jinmei
	xfrin: added support for TSIG verify.  This change completes TSIG
	support in b10-xfrin.
	(Trac #914, git 78502c021478d97672232015b7df06a7d52e531b)

241.	[func]		jinmei
	pydnspp: added python extension for the TSIG API introduced in
	change 235.
	(Trac #905, git 081891b38f05f9a186814ab7d1cd5c572b8f777f)
	(Trac #915, git 0555ab65d0e43d03b2d40c95d833dd050eea6c23)

240.	[func]*		jelte
	Updated configuration options to Xfrin, so that you can specify
	a master address, port, and TSIG key per zone. Still only one per
	zone at this point, and TSIG keys are (currently) only specified
	by their full string representation. This replaces the
	Xfrin/master_addr, Xfrin/master_port, and short-lived
	Xfrin/tsig_key configurations with a Xfrin/zones list.
	(Trac #811, git 88504d121c5e08fff947b92e698a54d24d14c375)

239.	[bug]		jerry
	src/bin/xfrout: If a zone doesn't have notify slaves (only has
	one apex ns record - the primary master name server) will cause
	b10-xfrout uses 100% of CPU.
	(Trac #684, git d11b5e89203a5340d4e5ca51c4c02db17c33dc1f)

238.	[func]		zhang likun
	Implement the simplest forwarder, which pass everything through
	except QID, port number. The response will not be cached.
	(Trac #598_new, git 8e28187a582820857ef2dae9b13637a3881f13ba)

237.	[bug]		naokikambe
	Resolved that the stats module wasn't configurable in bindctl in
	spite of its having configuration items. The configuration part
	was removed from the original spec file "stats.spec" and was
	placed in a new spec file "stats-schema.spec". Because it means
	definitions of statistics items. The command part is still
	there. Thus stats module currently has no its own configuration,
	and the items in "stats-schema.spec" are neither visible nor
	configurable through bindctl. "stats-schema.spec" is shared with
	stats module and stats-httpd module, and maybe with other
	statistical modules in future. "stats.spec" has own configuration
	and commands of stats module, if it requires.
	(Trac#719, git a234b20dc6617392deb8a1e00eb0eed0ff353c0a)

236.	[func]		jelte
	C++ client side of configuration now uses BIND10 logging system.
	It also has improved error handling when communicating with the
	rest of the system.
	(Trac #743, git 86632c12308c3ed099d75eb828f740c526dd7ec0)

235.	[func]		jinmei
	libdns++: added support for TSIG signing and verification.  It can
	be done using a newly introduced TSIGContext class.
	Note: we temporarily disabled support for truncated signature
	and modified some part of the code introduced in #226 accordingly.
	We plan to fix this pretty soon.
	(Trac #812, git ebe0c4b1e66d359227bdd1bd47395fee7b957f14)
	(Trac #871, git 7c54055c0e47c7a0e36fcfab4b47ff180c0ca8c8)
	(Trac #813, git ffa2f0672084c1f16e5784cdcdd55822f119feaa)
	(Trac #893, git 5aaa6c0f628ed7c2093ecdbac93a2c8cf6c94349)

234.	[func]		jerry
	src/bin/xfrin: update xfrin to use TSIG. Currently it only supports
	sending a signed TSIG request or SOA request.
	(Trac #815, git a892818fb13a1839c82104523cb6cb359c970e88)

233.	[func]		stephen
	Added new-style logging statements to the NSAS code.
	(Trac #745, git ceef68cd1223ae14d8412adbe18af2812ade8c2d)

232.	[func]		stephen
	To facilitate the writing of extended descriptions in
	message files, altered the message file format.  The message
	is now flagged with a "%" as the first non-blank character
	in the line and the lines in the extended description are
	no longer preceded by a "+".
	(Trac #900, git b395258c708b49a5da8d0cffcb48d83294354ba3)

231.	[func]*		vorner
	The logging interface changed slightly. We use
	logger.foo(MESSAGE_ID).arg(bar); instead of logger.foo(MESSAGE_ID,
	bar); internally. The message definitions use '%1,%2,...'
	instead of '%s,%d', which allows us to cope better with
	mismatched placeholders and allows reordering of them in
	case of translation.
	(Trac901, git 4903410e45670b30d7283f5d69dc28c2069237d6)

230.	[bug]		naokikambe
	Removed too repeated verbose messages in two cases of:
	 - when auth sends statistics data to stats
	 - when stats receives statistics data from other modules
	(Trac#620, git 0ecb807011196eac01f281d40bc7c9d44565b364)

229.	[doc]		jreed
	Add manual page for b10-host.
	(git a437d4e26b81bb07181ff35a625c540703eee845)

228.	[func]*		jreed
	The host tool is renamed to b10-host. While the utility is
	a work in progress, it is expected to now be shipped with
	tarballs. Its initial goal was to be a host(1) clone,
	rewritten in C++ from scratch and using BIND 10's libdns++.
	It now supports the -a (any), -c class, -d (verbose) switches
	and has improved output.
	(Trac #872, git d846851699d5c76937533adf9ff9d948dfd593ca)

227.	[build]		jreed
	Add missing libdns++ rdata files for the distribution (this
	fixes distcheck error). Change three generated libdns++
	headers to "nodist" so they aren't included in the distribution
	(they were mistakenly included in last tarball).

226.	[func]*		jelte
	Introduced an API for cryptographic operations. Currently it only
	supports HMAC, intended for use with TSIG. The current
	implementation uses Botan as the backend library.
	This introduces a new dependency, on Botan.  Currently only Botan
	1.8.x works; older or newer versions don't.
	(Trac #781, git 9df42279a47eb617f586144dce8cce680598558a)

225.	[func]		naokikambe
	Added the HTTP/XML interface (b10-stats-httpd) to the
	statistics feature in BIND 10. b10-stats-httpd is a standalone
	HTTP server and it requests statistics data to the stats
	daemon (b10-stats) and sends it to HTTP clients in XML
	format. Items of the data collected via b10-stats-httpd
	are almost equivalent to ones which are collected via
	bindctl. Since it also can send XSL (Extensible Stylesheet
	Language) document and XSD(XML Schema definition) document,
	XML document is human-friendly to view through web browsers
	and its data types are strictly defined.
	(Trac #547, git 1cbd51919237a6e65983be46e4f5a63d1877b1d3)

224.	[bug]		jinmei
	b10-auth, src/lib/datasrc: inconsistency between the hot spot
	cache and actual data source could cause a crash while query
	processing.  The crash could happen, e.g., when an sqlite3 DB file
	is being updated after a zone transfer while b10-auth handles a
	query using the corresponding sqlite3 data source.
	(Trac #851, git 2463b96680bb3e9a76e50c38a4d7f1d38d810643)

223.	[bug]		feng
	If ip address or port isn't usable for name server, name
	server process won't exist and give end user chance to
	reconfigure them.
	(Trac #775, git 572ac2cf62e18f7eb69d670b890e2a3443bfd6e7)

222.	[bug]*		jerry
	src/lib/zonemgr: Fix a bug that xfrin not checking for new
	copy of zone on startup.  Imposes some random jitters to
	avoid many zones need to do refresh at the same time. This
	removed the Zonemgr/jitter_scope setting and introduced
	Zonemgr/refresh_jitter and Zonemgr/reload_jitter.
	(Trac #387, git 1241ddcffa16285d0a7bb01d6a8526e19fbb70cb)

221.	[func]*		jerry
	src/lib/util: Create C++ utility library.
	(Trac #749, git 084d1285d038d31067f8cdbb058d626acf03566d)

220.	[func]		stephen
	Added the 'badpacket' program for testing; it sends a set of
	(potentially) bad packets to a nameserver and prints the responses.
	(Trac #703, git 1b666838b6c0fe265522b30971e878d9f0d21fde)

219.	[func]		ocean
	src/lib: move some dns related code out of asiolink library to
	asiodns library
	(Trac #751, git 262ac6c6fc61224d54705ed4c700dadb606fcb1c)

218.	[func]		jinmei
	src/lib/dns: added support for RP RDATA.
	(Trac #806, git 4e47d5f6b692c63c907af6681a75024450884a88)

217.	[bug]		jerry
	src/lib/dns/python: Use a signed version of larger size of
	integer and perform more strict range checks with
	PyArg_ParseTuple() in case of overflows.
	(Trac #363, git ce281e646be9f0f273229d94ccd75bf7e08d17cf)

216.	[func]		vorner
	The BIND10_XFROUT_SOCKET_FILE environment variable can be
	used to specify which socket should be used for communication
	between b10-auth and b10-xfrout. Mostly for testing reasons.
	(Trac #615, git 28b01ad5bf72472c824a7b8fc4a8dc394e22e462)

215.	[func]		vorner
	A new process, b10-sockcreator, is added, which will create
	sockets for the rest of the system.  It is the only part
	which will need to keep the root privileges. However, only
	the process exists, nothing can talk to it yet.
	(Trac #366, git b509cbb77d31e388df68dfe52709d6edef93df3f)

214.	[func]*		vorner
	Zone manager no longer thinks it is secondary master for
	all zones in the database. They are listed in
	Zonemgr/secondary_zones configuration variable (in the form
	[{"name": "example.com", "class": "IN"}]).
	(Trac #670, git 7c1e4d5e1e28e556b1d10a8df8d9486971a3f052)

213.	[bug]		naokikambe
	Solved incorrect datetime of "bind10.boot_time" and also
	added a new command "sendstats" for Bob. This command is
	to send statistics data to the stats daemon immediately.
	The solved problem is that statistics data doesn't surely
	reach to the daemon because Bob sent statistics data to
	the daemon while it is starting. So the daemon invokes the
	command for Bob after it starts up. This command is also
	useful for resending statistics data via bindctl manually.
	(Trac #521, git 1c269cbdc76f5dc2baeb43387c4d7ccc6dc863d2)

212.	[bug]		naokikambe
	Fixed that the ModuleCCSession object may group_unsubscribe in the
	closed CC session in being deleted.
	(Trac #698, git 0355bddc92f6df66ef50b920edd6ec3b27920d61)

211.	[func]		shane
	Implement "--brittle" option, which causes the server to exit
	if any of BIND 10's processes dies.
	(Trac #788, git 88c0d241fe05e5ea91b10f046f307177cc2f5bc5)

210.	[bug]		jerry
	src/bin/auth: fixed a bug where type ANY queries don't provide
	additional glue records for ANSWER section.
	(Trac #699, git 510924ebc57def8085cc0e5413deda990b2abeee)

We just launched the BIND 10 External Test Program. Please give us
your feedback and earn our respect, admiration, and t-shirts.
http://bind10.isc.org/wiki/external_test

Jeremy C. Reed
ISC Release Engineer
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (NetBSD)

iEYEARECAAYFAk3VrQQACgkQs9Bv5D4YwC11WACgntTHqDfZgKyR2gV4lHkv0/1W
dFYAoK3D0dLlWiKiTpafVhozZk+fe5Mz
=uJSD
-----END PGP SIGNATURE-----

More information about the bind10-announce mailing list