[nycbug-talk] Fw: BIND 10 - 1.0.0 Release Candidate
Brett Wynkoop
nycbug at wynn.com
Fri Feb 15 00:35:57 EST 2013
Begin forwarded message:
Date: Thu, 14 Feb 2013 21:25:44 -0600 (CST)
From: "Jeremy C. Reed" <jreed at isc.org>
To: staff at isc.org
Subject: BIND 10 - 1.0.0 Release Candidate
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
BIND 10 - 1.0.0 Release Candidate
Welcome to the first release candidate toward the first production
BIND 10 1.0.0 release. BIND 10 provides a C++ library for DNS
(with python wrappers) and several cooperating daemons for providing
authoritative DNS service (with in-memory and SQLite3 backends and
DNSSEC support), dynamic DNS, zone transfers, and experimental
forwarding and recursive name service. Supplementary components
are included for statistics collection and reporting and remote
configuration and control.
This version of BIND 10 also includes the latest snapshot of the
BIND 10 DHCP development. The snapshot includes a C++ library for
DHCP and two DHCP servers, one for IPv4 and one for IPv6. Features
of these servers are:
* Able to allocate and renew addresses, and handle lease expiration
and releases.
* Supports a subset of clients:
- DHCPv4 clients connected to the server via a relay.
- DHCPv6 clients on the same LAN as the server.
* Able to configure values for standard options returned to a client,
either globally or on a per-subnet basis.
* Able to define new options and configure them in the same way as
standard options.
* Leases are stored in a MySQL database.
* Configuration, logging and process control uses the same mechanisms
as the BIND 10 DNS server.
Note: The default testing account and password for bindctl/b10-cmdctl
is now removed; a new account for remote configuration and control
can be created with b10-cmdctl-usermgr, for example:
b10-cmdctl-usermgr
--file /usr/local/etc/bind10/cmdctl-accounts.csv
We are looking for testers to provide feedback about using this
release candidate. For more information about BIND 10, the release
schedule, and the community testing plans, please see:
http://bind10.isc.org/wiki/ProductionRelease
Documentation is included and also available via the BIND 10 website
at http://bind10.isc.org/
The bind10-1.0.0-rc source may be downloaded from:
ftp://ftp.isc.org/isc/bind10/1.0.0-rc/bind10-1.0.0-rc.tar.gz
A PGP signature of the distribution is at
ftp://ftp.isc.org/isc/bind10/1.0.0-rc/bind10-1.0.0-rc.tar.gz.sha512.asc
The signature was generated with the ISC code signing key which is
available at https://www.isc.org/about/openpgp
A summary of the significant changes since the previous release
include (from the ChangeLog):
580. [func]* muks
There is no longer a default user account. The old default
account with username 'root' has been removed. In a fresh installation
of BIND 10, the administrator has to configure a user account using
the b10-cmdctl-usermgr program.
(Trac #2641, git 54e8f4061f92c2f9e5b8564240937515efa6d934)
579. [bug] jinmei
libdatasrc/b10-auth: corrected some corner cases in query
handling of in-memory data source that led to the following invalid/odd
responses from b10-auth:
- duplicate RRs in answer and additional for type ANY query
- incorrect NSEC for no error, no data (NXRRSET) response that
matches a wildcard
(Trac #2585, git abe78fae4ba3aca5eb01806dd4e05607b1241745)
578. [bug] jinmei
b10-auth now returns closest encloser NSEC3 proof to queries for
an empty non terminal derived from an Opt-Out NSEC RR, as
clarified in errata 3441 for RFC5155. Previously it regarded such case
as broken zone and returned SERVFAIL.
(Trac #2659, git 24c235cb1b379c6472772d340e21577c3460b742)
577. [func] muks
Added an SQLite3 index on records(rname, rdtype). This decreases
insert performance by ~28% and adds about ~20% to the file size,
but increases zone iteration performance. As it introduces a new
index, a database upgrade would be required.
(Trac #1756, git 9b3c959af13111af1fa248c5010aa33ee7e307ee)
576. [bug] tmark, tomek
b10-dhcp6: Fixed bug when the server aborts operation when
receiving renew and there are no IPv6 subnets configured.
(Trac #2719, git 3132b8b19495470bbfd0f2ba0fe7da443926034b)
575. [bug] marcin
b10-dhcp6: Fixed the bug whereby the subnet for the incoming
packet was selected using only its source address. The subnet
is now selected using either source address or the name of the
server's interface on which the packet has been received.
(Trac #2704, git 1cbacf19a28bdae50bb9bd3767bca0147fde37ed)
574. [func] tmark
b10-dhcp4, b10-dhcp6: Composite key indexes were added to the
lease tables to reduce lease search time. The lease4 table now has two
additional indexes: a) hwaddr/subnet_id and b)
client_id/subnet_id. The lease6 now has the one additional index:
iaid/subnet_id/duid. Adding these indexes significantly improves lease
acquisition performance.
(Trac #2699,#2703, git 54bbed5fcbe237c5a49b515ae4c55148723406ce)
573. [bug] stephen
Fixed problem whereby the DHCP server crashed if it ran out of
addresses. Such a condition now causes a packet to be returned
to the client refusing the allocation of an address.
(Trac #2681, git 87ce14cdb121b37afb5b1931af51bed7f6323dd6)
572. [bug] marcin
perfdhcp: Fixed bug where the command line switches used to
run the perfdhcp where printed as ASCII codes.
(Trac #2700, git b8d6b949eb7f4705e32fbdfd7694ca2e6a6a5cdc)
571. [build] jinmei
The ./configure script can now handle output from python-config
--ldflags that contains a space after -L switches. This fixes
failure reported on some Solaris environments.
(Trac #2661, git e6f86f2f5eec8e6003c13d36804a767a840d96d6)
570. [bug] tmark, marcin, tomek
b10-dhcp4: Address renewal now works properly for DHCPv4 clients
that do not send client ID.
(Trac #2702, git daf2abe68ce9c111334a15c14e440730f3a085e2)
569. [bug] tomek
b10-dhcp4: Fix bug whereby a DHCP packet without a client ID
could crash the MySQL lease database backend.
(Trac #2697, git b5e2be95d21ed750ad7cf5e15de2058aa8bc45f4)
568. [func] muks
Various message IDs have been renamed to remove the word 'ERROR'
from them when they are not logged at ERROR severity level.
(Trac #2672, git 660a0d164feaf055677f375977f7ed327ead893e)
567. [doc] marcin, stephen, tomek
Update DHCP sections of the BIND 10 guide.
(Trac #2657, git 1d0c2004865d1bf322bf78d13630d992e39179fd)
566. [func]* jinmei
libdns++/Python isc.dns: In Python isc.dns, function style
constants for RRType, RRClass, Rcode and Opcode were deprecated
and replaced with straightforward object constants, e.g., from
RRType.AAAA() to RRType.AAAA. This is a backward incompatible
change (see the Trac ticket for a conversion script if needed).
Also, these constants are now more consistent between C++
and Python, and RRType constants for all currently standardized
types are now supported (even if Rdata for these are not yet
available).
(Trac #1866 and #2409, git
e5005185351cf73d4a611407c2cfcd163f80e428)
565. [func]* jelte
The main initializer script (formerly known as either 'bind10',
'boss', or 'bob'), has been renamed to b10-init (and Init in
configuration). Configuring which components are run is
henceforth done through '/Init/components', and the sbin/bind10 script
is now simply a shellscript that runs b10-init. Existing configuration
is automatically updated. NOTE: once configuration with this update
has been saved (by committing any new change with bindctl), you
cannot run older versions of BIND 10 anymore with this
configuration. (Trac #1901, git
bae3798603affdb276f370c1ac6b33b011a5ed4f)
564. [func] muks
libdns++: the CNAME, DNAME, MX, NS, PTR and SRV Rdata classes
now use the generic lexer in constructors from text. This means that
the name fields in such RRs in a zone file can now be
non-absolute (the origin name in that context will be used), e.g., when
loaded by b10-loadzone. One additional change to the libdns++ API is
that the existing string constructors for these Rdata classes also use
the generic lexer, and they now expect an absolute name (with
the trailing '.') in the name fields.
(Trac #2390, git a01569277cda3f78b1171bbf79f15ecf502e81e2)
(Trac #2656, git 5a0d055137287f81e23fbeedd35236fee274596d)
563. [build] jinmei
Added --disable-rpath configure option to avoid embedding
library paths to binaries. Patch from Adam Tkac.
(Trac #2667, git 1c50c5a6ee7e9675e3ab154f2c7f975ef519fca2)
562. [func]* vorner
The b10-xfrin now performs basic sanity check on just received
zone. It'll reject severely broken zones (such as missing NS
records).
(Trac #2439, git 44699b4b18162581cd1dd39be5fb76ca536012e6)
561. [bug] kambe, jelte
b10-stats-httpd no longer dumps request information to the
console, but uses the bind10 logging system. Additionally, the logging
identifiers have been changed from STATHTTPD_* to STATSHTTPD_*
(Trac #1897, git 93716b025a4755a8a2cbf250a9e4187741dbc9bb)
560. [bug] jinmei
b10-auth now sets the TTL of SOA RR for negative responses to
the minimum of the RR TTL and the minimum TTL of the SOA RDATA
as specified in RFC2308; previously the RR TTL was always used.
The ZoneFinder class was extended partly for implementing this
and partly for allowing further optimization.
(Trac #2309 and #2635, git
ee17e979fcde48b59d91c74ac368244169065f3b)
559. [bug] jelte
b10-cmdctl no longer aborts on basic file issues with its https
certificate or private key file. It performs additional checks,
and provides better error logs if these fail. Additionally, bindctl
provides a better error report if it is unable to connect over
https connection. This issue could occur if BIND 10 was
installed with root privileges but then started as a normal user.
(Trac #2595, git 09b1a2f927483b407d70e98f5982f424cc872149)
558. [func] marcin
b10-dhcp4: server now adds configured options to its
responses to a client when client requests them.
A few basic options: Routers, Domain Name, Domain
Name Servers and Subnet Mask are added regardless
if client requested them or not.
(Trac #2591, git aeec2dc1b9c511d17971ac63138576c37e7c5164)
557. [doc] stephen
Update DHCP sections of the BIND 10 guide.
(Trac #2642, git e5faeb5fa84b7218fde486347359504cf692510e)
556. [bug] marcin
Fixed DHCP servers configuration whereby the servers did not
receive a configuration stored in the database on their startup.
Also, the configuration handler function now uses full
configuration instead of partial to configure the server. This
guarantees that dependencies between various configuration parameters
are fulfilled.
(Trac #2637, git 91aa998226f1f91a232f2be59a53c9568c4ece77)
555. [func] marcin
The encapsulated option space name can be specified for
a DHCP option. It comprises sub-options being sent within
an option that encapsulates this option space.
(Trac #2314, git 27e6119093723a1e46a239ec245a8b4b10677635)
554. [func] jinmei
b10-loadzone: improved completion log message and intermediate
reports: It now logs the precise number of loaded RRs on
completion, and intermediate reports show additional information
such as the estimated progress in percentage and estimated time
to complete.
(Trac #2574, git 5b8a824054313bdecb8988b46e55cb2e94cb2d6c)
553. [func] stephen
Values of the parameters to access the DHCP server lease
database can now be set through the BIND 10 configuration mechanism.
(Trac #2559, git 6c6f405188cc02d2358e114c33daff58edabd52a)
552. [bug] shane
Build on Raspberry PI.
The main issue was use of char for reading from input streams,
which is incorrect, as EOF is returned as an int -1, which would
then get cast into a char -1.
A number of other minor issues were also fixed.
(Trac #2571, git 525333e187cc4bbbbde288105c9582c1024caa4a)
551. [bug] shane
Kill msgq if we cannot connect to it on startup.
When the boss process was unable to connect to the msgq, it
would exit. However, it would leave the msgq process running. This has
been fixed, and the msgq is now stopped in this case.
(Trac #2608, git 016925ef2437e0396127e135c937d3a55539d224)
550. [func] tomek
b10-dhcp4: The DHCPv4 server now generates a server identifier
the first time it is run. The identifier is preserved in a file
across server restarts.
b10-dhcp6: The server identifier is now preserved in a file
across server restarts.
(Trac #2597, git fa342a994de5dbefe32996be7eebe58f6304cff7)
549. [func] tomek
b10-dhcp6: It is now possible to specify that a configured
subnet is reachable locally over specified interface (see "interface"
parameter in Subnet6 configuration).
(Trac #2596, git a70f6172194a976b514cd7d67ce097bbca3c2798)
548. [func] vorner
The message queue daemon now appears on the bus. This has two
effects, one is it obeys logging configuration and logs to the
correct place like the rest of the modules. The other is it
appears in bindctl as module (but it doesn't have any commands
or configuration yet).
(Trac #2582, git ced31d8c5a0f2ca930b976d3caecfc24fc04634e)
547. [func]* vorner
The b10-loadzone now performs more thorough sanity check on the
loaded data. Some of the checks are now fatal and zone failing
them will be rejected.
(Trac #2436, git 48d999f1cb59f308f9f30ba2639521d2a5a85baa)
546. [func] marcin
DHCP option definitions can be now created using the
Configuration Manager. The option definition specifies
the option code, name and the types of the data being
carried by the option. The Configuration Manager
reports an error on attempt to override standard DHCP
option definition.
(Trac #2317, git 71e25eb81e58a695cf3bad465c4254b13a50696e)
545. [func] jinmei
libdns++: the SOA Rdata class now uses the generic lexer in
constructors from text. This means that the MNAME and RNAME of
an SOA RR in a zone file can now be non absolute (the origin name
in that context will be used), e.g., when loaded by
b10-loadzone. (Trac #2500, git 019ca218027a218921519f205139b96025df2bb5)
544. [func] tomek
b10-dhcp4: Allocation engine support for IPv4 added. Currently
supported operations are server selection (Discover/Offer),
address assignment (Request/Ack), address renewal (Request/Ack),
and address release (Release). Expired leases can be reused.
Some options (e.g. Router Option) are still hardcoded, so the
DHCPv4 server is not yet usable, although its address allocation
is operational.
(Trac #2320, git 60606cabb1c9584700b1f642bf2af21a35c64573)
543. [func]* jelte
When calling getFullConfig() as a module, , the configuration
is now returned as properly-structured JSON. Previously, the structure
had been flattened, with all data being labelled by fully-qualified
element names.
(Trac #2619, git bed3c88c25ea8f7e951317775e99ebce3340ca22)
542. [func] marcin
Created OptionSpace and OptionSpace6 classes to represent DHCP
option spaces. The option spaces are used to group instances
and definitions of options having uniqe codes. A special type
of option space is the so-called "vendor specific option space"
which groups sub-options sent within Vendor Encapsulated
Options. The new classes are not used yet but they will be used once
the creation of option spaces by configuration manager is
implemented.
(Trac #2313, git 37a27e19be874725ea3d560065e5591a845daa89)
541. [func] marcin
Added routines to search for configured DHCP options and their
definitions using name of the option space they belong to.
New routines are called internally from the DHCPv4 and DHCPv6
servers code.
(Trac #2315, git 741fe7bc96c70df35d9a79016b0aa1488e9b3ac8)
540. [func] marcin
DHCP Option values can be now specified using a string of
tokens separated with comma sign. Subsequent tokens are used
to set values for corresponding data fields in a particular
DHCP option. The format of the token matches the data type
of the corresponding option field: e.g. "192.168.2.1" for IPv4
address, "5" for integer value etc.
(Trac #2545, git 792c129a0785c73dd28fd96a8f1439fe6534a3f1)
539. [func] stephen
Add logging to the DHCP server library.
(Trac #2524, git b55b8b6686cc80eed41793c53d1779f4de3e9e3c)
538. [bug] muks
Added escaping of special characters (double-quotes, semicolon,
backslash, etc.) in text-like RRType's toText() implementation.
Without this change, some TXT and SPF RDATA were incorrectly
stored in SQLite3 datasource as they were not escaped.
(Trac #2535, git f516fc484544b7e08475947d6945bc87636d4115)
537. [func] tomek
b10-dhcp6: Support for RELEASE message has been added. Clients
are now able to release their non-temporary IPv6 addresses.
(Trac #2326, git 0974318566abe08d0702ddd185156842c6642424)
536. [build] jinmei
Detect a build issue on FreeBSD with g++ 4.2 and Boost
installed via FreeBSD ports at ./configure time. This seems to be a
bug of FreeBSD ports setup and has been reported to the
maintainer: http://www.freebsd.org/cgi/query-pr.cgi?pr=174753
Until it's fixed, you need to build BIND 10 for FreeBSD that has
this problem with specifying --without-werror, with clang++
(development version), or with manually extracted Boost header
files (no compiled Boost library is necessary).
(Trac #1991, git 6b045bcd1f9613e3835551cdebd2616ea8319a36)
535. [bug] jelte
The log4cplus internal logging mechanism has been disabled, and
no output from the log4cplus library itself should be printed to
stderr anymore. This output can be enabled by using the
compile-time option --enable-debug.
(Trac #1081, git db55f102b30e76b72b134cbd77bd183cd01f95c0)
534. [func]* vorner
The b10-msgq now uses the same logging format as the rest
of the system. However, it still doesn't obey the common
configuration, as due to technical issues it is not able
to read it yet.
(git 9e6e821c0a33aab0cd0e70e51059d9a2761f76bb)
Thanks again to those who contributed bug reports, code, and reviews.
Bugs may be reported as tickets via the developers website (after
logging into Trac) at:
http://bind10.isc.org/
Please feel free to participate and share your feedback on the BIND
10 mailing lists:
https://lists.isc.org/mailman/listinfo/bind10-users
https://lists.isc.org/mailman/listinfo/bind10-dev
Jeremy C. Reed
ISC Release Engineering
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (NetBSD)
iEYEARECAAYFAlEdqlYACgkQs9Bv5D4YwC3t9QCdFmHE9bVZq0WRa4E1pq5t1JtK
CMgAoNTXHYMMlvMU6bzARXBOsgYq2ZW5
=JulM
-----END PGP SIGNATURE-----
--
wynkoop at wynn.com http://prd4.wynn.com/wynkoop/pgp-keys.txt
917-642-6925
718-717-5435
I would never invade the United States. There would be a gun behind
every blade of grass. --Isoroku Yamamoto
More information about the talk
mailing list