Development release of BIND 10: bind10-devel-20110519 This is the eleventh development release of BIND 10 and contains numerous improvements and new features, including: - TSIG support for libdns++, pydnspp, and Xfrin (incoming zone transfers). - b10-stats-httpd daemon which provides statistics in XML format via HTTP. - b10-host DNS lookup utility which is a clone (in progress) of historical host(1) tool using libdns++. BIND 10 provides a C++ library for DNS (with python wrappers) and several cooperating daemons for providing authoritative DNS service (with SQLite3 which supports DNSSEC and in-memory backends), forwarding, and recursive name service. While it contains prototype code and experimental interfaces, both the authoritative and resolver servers are being used in production. Documentation is included and also available via the BIND 10 website at http://bind10.isc.org/ The bind10-devel-20110519 source may be downloaded from: ftp://ftp.isc.org/isc/bind10/devel-20110519/bind10-devel-20110519.tar.gz A PGP signature of the distribution is at ftp://ftp.isc.org/isc/bind10/devel-20110519/bind10-devel-20110519.tar.gz.sha512.asc The signature was generated with the ISC public key, which is available at https://www.isc.org/about/openpgp Users and developers are encouraged to participate on the BIND 10 mailing lists. Please provide your feedback: https://lists.isc.org/mailman/listinfo/bind10-users https://lists.isc.org/mailman/listinfo/bind10-dev Bugs may be reported as tickets via the developers website (after logging into Trac): http://bind10.isc.org/ A summary of the significant changes since the previous release include (from the ChangeLog): 242. [func] jinmei xfrin: added support for TSIG verify. This change completes TSIG support in b10-xfrin. (Trac #914, git 78502c021478d97672232015b7df06a7d52e531b) 241. [func] jinmei pydnspp: added python extension for the TSIG API introduced in change 235. (Trac #905, git 081891b38f05f9a186814ab7d1cd5c572b8f777f) (Trac #915, git 0555ab65d0e43d03b2d40c95d833dd050eea6c23) 240. [func]* jelte Updated configuration options to Xfrin, so that you can specify a master address, port, and TSIG key per zone. Still only one per zone at this point, and TSIG keys are (currently) only specified by their full string representation. This replaces the Xfrin/master_addr, Xfrin/master_port, and short-lived Xfrin/tsig_key configurations with a Xfrin/zones list. (Trac #811, git 88504d121c5e08fff947b92e698a54d24d14c375) 239. [bug] jerry src/bin/xfrout: If a zone doesn't have notify slaves (only has one apex ns record - the primary master name server) will cause b10-xfrout uses 100% of CPU. (Trac #684, git d11b5e89203a5340d4e5ca51c4c02db17c33dc1f) 238. [func] zhang likun Implement the simplest forwarder, which pass everything through except QID, port number. The response will not be cached. (Trac #598_new, git 8e28187a582820857ef2dae9b13637a3881f13ba) 237. [bug] naokikambe Resolved that the stats module wasn't configurable in bindctl in spite of its having configuration items. The configuration part was removed from the original spec file "stats.spec" and was placed in a new spec file "stats-schema.spec". Because it means definitions of statistics items. The command part is still there. Thus stats module currently has no its own configuration, and the items in "stats-schema.spec" are neither visible nor configurable through bindctl. "stats-schema.spec" is shared with stats module and stats-httpd module, and maybe with other statistical modules in future. "stats.spec" has own configuration and commands of stats module, if it requires. (Trac#719, git a234b20dc6617392deb8a1e00eb0eed0ff353c0a) 236. [func] jelte C++ client side of configuration now uses BIND10 logging system. It also has improved error handling when communicating with the rest of the system. (Trac #743, git 86632c12308c3ed099d75eb828f740c526dd7ec0) 235. [func] jinmei libdns++: added support for TSIG signing and verification. It can be done using a newly introduced TSIGContext class. Note: we temporarily disabled support for truncated signature and modified some part of the code introduced in #226 accordingly. We plan to fix this pretty soon. (Trac #812, git ebe0c4b1e66d359227bdd1bd47395fee7b957f14) (Trac #871, git 7c54055c0e47c7a0e36fcfab4b47ff180c0ca8c8) (Trac #813, git ffa2f0672084c1f16e5784cdcdd55822f119feaa) (Trac #893, git 5aaa6c0f628ed7c2093ecdbac93a2c8cf6c94349) 234. [func] jerry src/bin/xfrin: update xfrin to use TSIG. Currently it only supports sending a signed TSIG request or SOA request. (Trac #815, git a892818fb13a1839c82104523cb6cb359c970e88) 233. [func] stephen Added new-style logging statements to the NSAS code. (Trac #745, git ceef68cd1223ae14d8412adbe18af2812ade8c2d) 232. [func] stephen To facilitate the writing of extended descriptions in message files, altered the message file format. The message is now flagged with a "%" as the first non-blank character in the line and the lines in the extended description are no longer preceded by a "+". (Trac #900, git b395258c708b49a5da8d0cffcb48d83294354ba3) 231. [func]* vorner The logging interface changed slightly. We use logger.foo(MESSAGE_ID).arg(bar); instead of logger.foo(MESSAGE_ID, bar); internally. The message definitions use '%1,%2,...' instead of '%s,%d', which allows us to cope better with mismatched placeholders and allows reordering of them in case of translation. (Trac901, git 4903410e45670b30d7283f5d69dc28c2069237d6) 230. [bug] naokikambe Removed too repeated verbose messages in two cases of: - when auth sends statistics data to stats - when stats receives statistics data from other modules (Trac#620, git 0ecb807011196eac01f281d40bc7c9d44565b364) 229. [doc] jreed Add manual page for b10-host. (git a437d4e26b81bb07181ff35a625c540703eee845) 228. [func]* jreed The host tool is renamed to b10-host. While the utility is a work in progress, it is expected to now be shipped with tarballs. Its initial goal was to be a host(1) clone, rewritten in C++ from scratch and using BIND 10's libdns++. It now supports the -a (any), -c class, -d (verbose) switches and has improved output. (Trac #872, git d846851699d5c76937533adf9ff9d948dfd593ca) 227. [build] jreed Add missing libdns++ rdata files for the distribution (this fixes distcheck error). Change three generated libdns++ headers to "nodist" so they aren't included in the distribution (they were mistakenly included in last tarball). 226. [func]* jelte Introduced an API for cryptographic operations. Currently it only supports HMAC, intended for use with TSIG. The current implementation uses Botan as the backend library. This introduces a new dependency, on Botan. Currently only Botan 1.8.x works; older or newer versions don't. (Trac #781, git 9df42279a47eb617f586144dce8cce680598558a) 225. [func] naokikambe Added the HTTP/XML interface (b10-stats-httpd) to the statistics feature in BIND 10. b10-stats-httpd is a standalone HTTP server and it requests statistics data to the stats daemon (b10-stats) and sends it to HTTP clients in XML format. Items of the data collected via b10-stats-httpd are almost equivalent to ones which are collected via bindctl. Since it also can send XSL (Extensible Stylesheet Language) document and XSD(XML Schema definition) document, XML document is human-friendly to view through web browsers and its data types are strictly defined. (Trac #547, git 1cbd51919237a6e65983be46e4f5a63d1877b1d3) 224. [bug] jinmei b10-auth, src/lib/datasrc: inconsistency between the hot spot cache and actual data source could cause a crash while query processing. The crash could happen, e.g., when an sqlite3 DB file is being updated after a zone transfer while b10-auth handles a query using the corresponding sqlite3 data source. (Trac #851, git 2463b96680bb3e9a76e50c38a4d7f1d38d810643) 223. [bug] feng If ip address or port isn't usable for name server, name server process won't exist and give end user chance to reconfigure them. (Trac #775, git 572ac2cf62e18f7eb69d670b890e2a3443bfd6e7) 222. [bug]* jerry src/lib/zonemgr: Fix a bug that xfrin not checking for new copy of zone on startup. Imposes some random jitters to avoid many zones need to do refresh at the same time. This removed the Zonemgr/jitter_scope setting and introduced Zonemgr/refresh_jitter and Zonemgr/reload_jitter. (Trac #387, git 1241ddcffa16285d0a7bb01d6a8526e19fbb70cb) 221. [func]* jerry src/lib/util: Create C++ utility library. (Trac #749, git 084d1285d038d31067f8cdbb058d626acf03566d) 220. [func] stephen Added the 'badpacket' program for testing; it sends a set of (potentially) bad packets to a nameserver and prints the responses. (Trac #703, git 1b666838b6c0fe265522b30971e878d9f0d21fde) 219. [func] ocean src/lib: move some dns related code out of asiolink library to asiodns library (Trac #751, git 262ac6c6fc61224d54705ed4c700dadb606fcb1c) 218. [func] jinmei src/lib/dns: added support for RP RDATA. (Trac #806, git 4e47d5f6b692c63c907af6681a75024450884a88) 217. [bug] jerry src/lib/dns/python: Use a signed version of larger size of integer and perform more strict range checks with PyArg_ParseTuple() in case of overflows. (Trac #363, git ce281e646be9f0f273229d94ccd75bf7e08d17cf) 216. [func] vorner The BIND10_XFROUT_SOCKET_FILE environment variable can be used to specify which socket should be used for communication between b10-auth and b10-xfrout. Mostly for testing reasons. (Trac #615, git 28b01ad5bf72472c824a7b8fc4a8dc394e22e462) 215. [func] vorner A new process, b10-sockcreator, is added, which will create sockets for the rest of the system. It is the only part which will need to keep the root privileges. However, only the process exists, nothing can talk to it yet. (Trac #366, git b509cbb77d31e388df68dfe52709d6edef93df3f) 214. [func]* vorner Zone manager no longer thinks it is secondary master for all zones in the database. They are listed in Zonemgr/secondary_zones configuration variable (in the form [{"name": "example.com", "class": "IN"}]). (Trac #670, git 7c1e4d5e1e28e556b1d10a8df8d9486971a3f052) 213. [bug] naokikambe Solved incorrect datetime of "bind10.boot_time" and also added a new command "sendstats" for Bob. This command is to send statistics data to the stats daemon immediately. The solved problem is that statistics data doesn't surely reach to the daemon because Bob sent statistics data to the daemon while it is starting. So the daemon invokes the command for Bob after it starts up. This command is also useful for resending statistics data via bindctl manually. (Trac #521, git 1c269cbdc76f5dc2baeb43387c4d7ccc6dc863d2) 212. [bug] naokikambe Fixed that the ModuleCCSession object may group_unsubscribe in the closed CC session in being deleted. (Trac #698, git 0355bddc92f6df66ef50b920edd6ec3b27920d61) 211. [func] shane Implement "--brittle" option, which causes the server to exit if any of BIND 10's processes dies. (Trac #788, git 88c0d241fe05e5ea91b10f046f307177cc2f5bc5) 210. [bug] jerry src/bin/auth: fixed a bug where type ANY queries don't provide additional glue records for ANSWER section. (Trac #699, git 510924ebc57def8085cc0e5413deda990b2abeee) We just launched the BIND 10 External Test Program. Please give us your feedback and earn our respect, admiration, and t-shirts. http://bind10.isc.org/wiki/external_test Jeremy C. Reed ISC Release Engineer