- FEATURES:
- ip-freebind: yesno option in nsd.conf sets IP_FREEBIND socket
option for Linux, binds to interfaces and addresses that are
down.
- NSD includes AAAA before A for queries over IPV6 (in
delegations). And TC is set if no glue can be provided with
a delegation because of packet size.
- print notice that nsd is starting before taking off.
- BUG FIXES:
- Fix for openssl 1.1.0, HMAC_CTX size not exported from
openssl.
- Fix#751: NSD fails to occlude names below a DNAME.
- If set without nsd.db print "" as the default in the man
pages.
- Fix#755: NSD spins after a zone update and a lot of TCP
queries.
- Fix for NSEC3 with zone signed without exact match for empty
nonterminals, the answer for that domain gets closest
encloser.
- #772 Document that recvmmsg has IPv6 problems on some linux
kernels.
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=25
- Change the nsd.db file version because of nanosecond precision
fix.
- changes from 4.1.8
- #732: tcp-mss, outgoing-tcp-mss options for nsd.conf, patch
from Daisuke Higashi.
- #739: zonefile changes when mtime is small are detected on
reload, if filesystem supports precision mtime values.
- RR type CSYNC (RFC7477) syntax is supported.
- take advantage of arc4random_uniform if available, patch from
Loganaden Velvindron.
- Fix flto check for OSX clang.
- Define _DEFAULT_SOURCE with _BSD_SOURCE for glibc 2.20 on
Linux.
- Fix#736: segfault during zone transfer.
- Fix#744: Fix that NSD replies for configured but unloaded zone
with SERVFAIL, not REFUSED.
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=24
- support configure --with-dbfile="" for nodb mode by default,
where there is no binary database, but nsd reads and writes
zonefiles.
- reuseport: no is the default, because the feature is not
troublefree.
- configure --enable-ratelimit-default-is-off with
--enable-ratelimit to set the default ratelimit to disabled but
available in nsd.conf.
- version: "string" option to set chaos version query reply
string.
- Fix zones updates from nsd parent event loop when there are a
lot of interfaces.
- portability fixes.
- patch from Doug Hogan for SSL_OP_NO_SSLvx options, for the new
defaults in the ssl libraries.
- updated contrib/nsd.spec, from Bálint Szigeti, with new
configure options.
- Allocate less memory for TSIG digest.
- Fix#721: Fix wrong error code (FORMERR) returned for unknown
opcode. NOTIMP expected.
- Fix zonec ttl mismatch printout to include more information.
- Fix TCP responses when REUSEPORT is in use by turning it off.
- Document default in manpage for rrl-slip, ip4 and 6
prefixlength.
- Explain rrl-slip better in documentation.
- Document that ratelimit qps and slip are updated in reconfig.
- Fix up defaults in manpage.
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=23
- RFC 7344: CDS and CDNSKEY (read record types).
- per zone statistics with --enable-zone-stats, config zone with
zonestats: "name", zones configured with the same string are
added.
- Disabled use of SSLv3 in nsd-control.
- nsd-checkconf -f prints out full name of pidfile (with dir).
- Synthesize CNAMEs with same TTL as DNAME.
- Fix that expired zones stay expired after a server restart.
- Fix "xfrd_handle_ipc: bad mode" log errors when compiled with
--disable-bind8-stats.
- Fix#616: retry xfer for zones with no content after command.
- Fix char used as array index warnings on NetBSD.
- Fix that queries for noname CH TXT are REFUSED instead of
nodata.
- Fixes for wildcard addition and deletion, speedup for some
cases.
- Fix that failure to add tcp to tcp base does not leak the
socket.
- Patch nsd_munin_ from Philip Paeps to use type ABSOLUTE.
- Fix spinning NSD with lots of failing transfers, due to pointer
comparison using void pointer subtraction (from Otto Moerbeek).
- Fix bug#637: fix that nsd.db grows limitlessly, an off by one
on one megabyte free chunks, created during AXFRs of large
zones, that caused the one megabyte chunk to be leaked.
- Fix casts for ctype functions (from Todd Miller).
- correct some hyphen-used-as-minus-sign (from Andreas Schulze)
in man pages.
- Fix zonesdir chroot error message.
OBS-URL: https://build.opensuse.org/package/show/server:dns/nsd?expand=0&rev=19
