aboutsummaryrefslogtreecommitdiff
path: root/external/unbound/doc/Changelog
diff options
context:
space:
mode:
Diffstat (limited to 'external/unbound/doc/Changelog')
-rw-r--r--external/unbound/doc/Changelog78
1 files changed, 78 insertions, 0 deletions
diff --git a/external/unbound/doc/Changelog b/external/unbound/doc/Changelog
index 31f84c445..f06654de4 100644
--- a/external/unbound/doc/Changelog
+++ b/external/unbound/doc/Changelog
@@ -1,3 +1,81 @@
+29 May 2015: Wouter
+ - Fix that unparseable error responses are ratelimited.
+ - SOA negative TTL is capped at minimumttl in its rdata section.
+ - cache-max-negative-ttl config option, default 3600.
+
+26 May 2015: Wouter
+ - Document that ratelimit works with unbound-control set_option.
+
+21 May 2015: Wouter
+ - iana portlist update.
+ - documentation proposes ratelimit of 1000 (closer to what upstream
+ servers expect from us).
+
+20 May 2015: Wouter
+ - DLV is going to be decommissioned. Advice to stop using it, and
+ put text in the example configuration and man page to that effect.
+
+10 May 2015: Wouter
+ - Change syntax of particular validator error to be easier for
+ machine parse, swap rrset and ip adres info so it looks like:
+ validation failure <www.example.nl. TXT IN>: signature crypto
+ failed from 2001:DB8:7:bba4::53 for <*.example.nl. NSEC IN>
+
+1 May 2015: Wouter
+ - caps-whitelist in unbound.conf allows whitelist of loadbalancers
+ that cannot work with caps-for-id or its fallback.
+
+30 April 2015: Wouter
+ - Unit test for type ANY synthesis.
+
+22 April 2015: Wouter
+ - Removed contrib/unbound_unixsock.diff, because it has been
+ integrated, use control-interface: /path in unbound.conf.
+ - iana portlist update.
+
+17 April 2015: Wouter
+ - Synthesize ANY responses from cache. Does not search exhaustively,
+ but MX,A,AAAA,SOA,NS also CNAME.
+ - Fix leaked dns64prefix configuration string.
+
+16 April 2015: Wouter
+ - Add local-zone type inform_deny, that logs query and drops answer.
+ - Ratelimit does not apply to prefetched queries, and ratelimit-factor
+ is default 10. Repeated normal queries get resolved and with
+ prefetch stay in the cache.
+ - Fix bug#664: libunbound python3 related fixes (from Tomas Hozza)
+ Use print_function also for Python2.
+ libunbound examples: produce sorted output.
+ libunbound-Python: libldns is not used anymore.
+ Fix issue with Python 3 mapping of FILE* using file_py3.i from ldns.
+
+10 April 2015: Wouter
+ - unbound-control ratelimit_list lists high rate domains.
+ - ratelimit feature, ratelimit: 100, or some sensible qps, can be
+ used to turn it on. It ratelimits recursion effort per zone.
+ For particular names you can configure exceptions in unbound.conf.
+ - Fix that get_option for cache-sizes does not print double newline.
+ - Fix#663: ssl handshake fails when using unix socket because dh size
+ is too small.
+
+8 April 2015: Wouter
+ - Fix crash in dnstap: Do not try to log TCP responses after timeout.
+
+7 April 2015: Wouter
+ - Libunbound skips dos-line-endings from etc/hosts.
+ - Unbound exits with a fatal error when the auto-trust-anchor-file
+ fails to be writable. This is seconds after startup. You can
+ load a readonly auto-trust-anchor-file with trust-anchor-file.
+ The file has to be writable to notice the trust anchor change,
+ without it, a trust anchor change will be unnoticed and the system
+ will then become inoperable.
+ - unbound-control list_insecure command shows the negative trust
+ anchors currently configured, patch from Jelte Jansen.
+
+2 April 2015: Wouter
+ - Fix #660: Fix interface-automatic broken in the presence of
+ asymmetric routing.
+
26 March 2015: Wouter
- remote.c probedelay line is easier to read.
- rename ldns subdirectory to sldns to avoid name collision.