1581. [func] Disable DNSSEC support by default. To enable
DNSSEC specify "enable-dnssec yes;" in named.conf.
1565. [bug] CD flag should be copied to outgoing queries unless
the query is under a secure entry point in which case
CD should be set.
1558. [func] New DNSSEC 'disable-algorithms'. Support entry into
child zones for which we don't have a supported
algorithm. Such child zones are treated as unsigned.
1557. [func] Implement missing DNSSEC tests for
* NOQNAME proof with wildcard answers.
* NOWILDARD proof with NXDOMAIN.
Cache and return NOQNAME with wildcard answers.
1541. [func] NSEC now uses new bitmap format.
1519. [bug] dnssec-signzone:nsec_setbit() computed the wrong
length of the new bitmap.
1516. [func] Roll the DNSSEC types to RRSIG, NSEC and DNSKEY.
Check return values or cast them to (void), as required by the coding
standards; add exceptions to the coding standards for cases where this is
not desirable
1068. [bug] errno could be overwritten by catgets(). [RT #1921]
1066. [bug] Provide a thread safe wrapper for strerror().
[RT #1689]
(Also some changes to configure.in, config.h.in, and acconfig.h that were
necessary to allow config.h.in to be correctly regenerated with the
HAVE_STRERROR definition needed by 1066.)
I would have seen *before* I commited anything. So, include isc/thread.h,
isc/mutex.h and isc/condition.h even if ISC_PLATFORM_USETHREADS is not defined.
(What caused me to bother with this at all was a problem that I resolved
a few days ago by fixing configure ... though now that I think about it,
that probably means there is some other latent problem with inconsistent
definitions that could maybe be handled better. I'll look into it more
later, AFTER vacation.)
Cleanup of redundant/useless header file inclusion.
ISC style lint, primarily for function declarations and standalone
comments -- ie, those that appear on a line without any code, which
should be written as follows:
/*
* This is a comment.
*/
