[Pdns-dev] PowerDNS Authoritative Server 3.2 Release Candidate 2 available
Peter van Dijk
peter.van.dijk at netherlabs.nl
Wed Dec 19 13:33:52 CET 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi everybody,
Release Candidate 2 of the PowerDNS Authoritative Server 3.2 is available from:
http://powerdnssec.org/downloads/pdns-3.2-rc2.tar.gz
http://powerdnssec.org/downloads/packages/pdns-static-3.2rc2-1.i386.rpm
http://powerdnssec.org/downloads/packages/pdns-static-3.2rc2-1.x86_64.rpm
http://powerdnssec.org/downloads/packages/pdns-static_3.2-rc2-1_amd64.deb
http://powerdnssec.org/downloads/packages/pdns-static_3.2-rc2-1_i386.deb
You are cordially invited to (carefully) test this Release Candidate for
correct behaviour.
Full release notes, with clickable links, are available from:
http://doc.powerdns.com/changelog.html#changelog-auth-3-2
Changes between RC1 and RC2:
* Aki Tuomi contributed zone2json, a great way for programmers to benefit
from our zone file parser. Code in commit 2997, closes ticket 509.
* Our DNS TXT parser is not 8-bit safe, but our DNS TXT writer assumes the
reader is! Reported by Jan-Piet Mens in ticket 541, commit 2993 fixes our
writer but not yet our parser.
* Ruben d'Arco did some improvements to the MyDNS backend, and provided a
full test suite for it, that we now run after every commit. Code in commit
2988.
* Some exceptions from backends would lose their meaning while bubbling up.
Fixed by Aki Tuomi in commit 2985, closing ticket 639.
* The packet-cache honours max reply length while matching cached packets
against queries, but not EDNS status. This would mean that EDNS-enabled
replies with a 512 reply len could be returned on non-EDNS queries. Spotted
while investigating a report from Winfried Angele, patched by Ruben d'Arco
in commit 2982, closing ticket 630.
* Errors involving creating, deletion or changing permissions on the control
socket were unclear. Ruben d'Arco improved this in commit 2981.
* pipe-timeout was always documented to be in milliseconds, but it turns out
it was in seconds! commit 2971 changes them to actually be in ms, and
'increases' the default from 1000 seconds to 2000 milliseconds.
* Some exceptions would get dropped during inbound AXFR, yielding a log file
that says 'transaction started' and nothing after that, making AXFR fail
silently. commit 2976 and commit 2977 improve this somewhat.
* We now error out on empty labels inside of names (www..example.com) instead
of generating bogus reply packets. Code in commit 2972, reported by several
users.
* Doing chmod before chown, instead of the other way around, apparently
avoids requiring a whole SELinux capability. Reported by Sander Hoentjen,
fixed in r2965.
* Christian Hofstaedtler fixed a bug in our Debian init.d script. Code in
commit 2963.
* Superslave errors ('Unable to find backend willing to host ..') now include
the NSset found at the master, to aid debugging. Code in commit 2887.
* commit 2874 in RC1 broke compilation without SQLite3 and made query logging
unreliable. Fixed in commit 2888, commit 2889.
* The dnsreplay tool now processes single packet pcaps. Fix in commit 2895.
* PowerDNS always derives NSEC/NSEC3 from the actual zone content. To
accomodate this, zone2sql now drops NSEC/NSEC3 records, as those should
never be in a PowerDNS backend directly (commit 2915), bindbackend ignores
NSEC/NSEC3 while reading zonefiles (commit 2917) and pdnssec reports NSEC/
NSEC3 in the database as an error condition (commit 2918).
* The bindbackend now ignores NSEC/NSEC3 records while reading zonefiles.
Change in commit 2917.
* An EXPERIMENTAL feature ('direct-dnskey') for reading ZSKs from the records
table/your BIND zonefile was added in commit 2920, commit 2921, commit 2922
.
* While fully optional, PowerDNS supports direct RRSIG queries. Kees
Monshouwer improved on our behaviour for those queries in commit 2927.
* IPv6 glue situations require AAAA records for the receiving end of a
delegation in the ADDITIONAL section of a referral. This was supported
('do-ipv6-additional-processing') but not enabled by default. commit 2929
enables it by default.
* pdnssec check-zone now warns for CNAME-and-other data at names in your
zones. Code by Ruben d'Arco in commit 2930.
* Positive ANY-responses would include a spurious NSEC3. Corrected in commit
2932 and commit 2933, cleaned up by Kees Monshouwer in commit 2935.
* The ldapbackend now allows overriding the base dn for AXFR subtree search.
Fixed in commit 2934, closing ticket 536.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJQ0bP4AAoJENz1E/p+7RnzA/cP/i1r7i70jKxB7iRIetW/v/VO
uIan+5yEyTxVmmAIktvxCpLf9JrwyuHBr+fCinliOVoydYlWNA7AE75GafzvtDnq
ixYZS2YmGBFp6YUZQnaR59TCdj4+86kKg6LBhsEeGl3fayBKK7z9SwrQS0iEjOG1
QlOn1yBO5tFFG/oJUs7tqzgVZzbgshMYADrLn+51bP+D2Ec6poudQAwSSLoxvAvU
ptlw4oo4TVQK+w6n+ateZYjVTFJbj2fU+Qdd89TW2PUy0DaWEzA3b5IGXEnkeFQR
dMtg6y6x+SVQ+K53lhan1UwzRbTj5fDP831NhIC2f3SwMPgZH7QNbr3Rhj9LQF9Q
7hYbd9N+XP802ASY6t5iwDG7CDbO4aDfbO9KrOWIiMkSR0VfpRmYLx9JJD2fMGbN
Yfhy9KsZ4nRWzQftc7ricHTOAmqV3baYaak/3KP1jCMqVNH+lStxMGppg3DtJt5T
Po8IWjhIyF4k400f2+U4ikCoFQkTmNvZD3ea5oR1HvoP8mLiOttDsigXcmivdJGK
dvuvbPbwd/yNI4/yZweykmc1XHUDenA+ZnxRjiz/by3iP004aPTGG4swM/HhbnEX
rOsQI9VivxAdikoMOf61dcFLQCRMFjYLcF1F8dNuo7KSAHa2yQluF36gJZJeCF0m
6HMsOVVfOiAuJmGnk9Z1
=s46e
-----END PGP SIGNATURE-----
More information about the Pdns-dev
mailing list