3787. [bug] The code that checks whether "auto-dnssec" is
allowed was ignoring "allow-update" ACLs set at
the options or view level. [RT #29536]
(cherry picked from commit 22e29471c7)
(cherry picked from commit 860eadb994)
3778. [bug] Log a warning when the wrong address family is
used in "listen-on" or "listen-on-v6". [RT #17848]
(cherry picked from commit 78f79084fc)
(cherry picked from commit 2b4781835c)
3775. [bug] dlz_dlopen driver could return the wrong error
code on API version mismatch, leading to a segfault.
[RT #35495]
(cherry picked from commit d51456e453)
(cherry picked from commit 82faa427b5)
3773. [func] "host", "nslookup" and "nsupdate" now have
options to print the version number and exit.
[RT #26057]
(cherry picked from commit d4600129e6)
3767. [func] Log explicitly when using rndc.key to configure
command channel. [RT #35316]
(cherry picked from commit 368aedf188)
(cherry picked from commit bc805c7c06)
3764. [bug] The dnssec-keygen/settime -S and -i options
(to set up a successor key and set the prepublication
interval) were missing from dnssec-keyfromlabel.
[RT #35394]
(cherry picked from commit a60bf97f9f)
(cherry picked from commit 49b3d91ce1)
3754. [cleanup] win32: Installer now places files in the
Program Files area rather than system services.
[RT #35361]
(cherry picked from commit bce9696c7a)
(cherry picked from commit 51dc1b4562)
3747. [bug] A race condition could lead to a core dump when
destroying a resolver fetch object. [RT #35385]
(cherry picked from commit 7f5bdf7f40)
(cherry picked from commit 314b626e20)
declarations despite being documented. This is
needed to support turning off forwarding and turning
on delegation only at the same name. [RT #35392]
(cherry picked from commit 38eabfcee7)
3740. [contrib] Minor fixes to configure --with-dlz-bdb,
--with-dlz-postgres and --with-dlz-odbc. [RT #35340]
(cherry picked from commit 14bf4702f3)
(cherry picked from commit 5c66e4954a)
3736. [bug] nsupdate: When specifying a server by name,
fall back to alternate addresses if the first
address for that name is not reachable. [RT #25784]
(cherry picked from commit 842a3e6d0e)
(cherry picked from commit 1a58baf293)
3731. [func] Added a "no-case-compress" ACL, which causes
named to use case-insensitive compression
(disabling change #3645) for specified
clients. (This is useful when dealing
with broken client implementations that
use case-sensitive name comparisons,
rejecting responses that fail to match the
capitalization of the query that was sent.)
[RT #35300]
(cherry picked from commit 166341d554)
(cherry picked from commit c2d3d0eda5)
3730. [cleanup] Added "never" as a synonym for "none" when
configuring key event dates in the dnssec tools.
[RT #35277]
3729. [bug] dnssec-kegeyn could set the publication date
incorrectly when only the activation date was
specified on the command line. [RT #35278]
(cherry picked from commit 5f06c523186be56c5b0cd9b1c230ea7a53960c53)
(cherry picked from commit ec146546f4)
3724. [bug] win32: Fixed a bug that prevented dig and
host from exiting properly after completing
a UDP query. [RT #35288]
(cherry picked from commit a8cdf2a2e7)
(cherry picked from commit b603c50553)
on a missing resolv.conf file and initializes the
structure as if it had been configured with:
nameserver ::1
nameserver 127.0.0.1
Note: Callers will need to be updated to treat
ISC_R_FILENOTFOUND as a qualified success or else
they will leak memory. The following code fragment
will work with both only and new versions without
changing the behaviour of the existing code.
resconf = NULL;
result = irs_resconf_load(mctx, "/etc/resolv.conf",
&resconf);
if (result != ISC_SUCCESS) {
if (resconf != NULL)
irs_resconf_destroy(&resconf);
....
}
[RT #35194]
(cherry picked from commit cd7f8d18f8)
3698. [cleanup] Replaced all uses of memcpy() with memmove().
[RT #35120]
(cherry picked from commit ebe54c7d2221c6a0a4b3d96bcae3280c823a45e6)
(cherry picked from commit 9b950c70f1a6406c0f3dff604822329d06fc4837)
3694. [bug] Warn when a key-directory is configured for a zone,
but does not exist or is not a directory. [RT #35109]
(cherry picked from commit c14ba71070)
(cherry picked from commit 2354181226)
ranges resulting in malformed names being generated
on some platforms. This could cause INSIST failures
when serving NSEC3 signed zones. [RT #35120]
(cherry picked from commit fa467e60c5)
