Commit Graph

6436 Commits

Author SHA1 Message Date
Petr Špaček
85d0d86b62 Add release note for new crypto algorithm logging
(cherry picked from commit c138a8aa59)
2022-09-30 09:57:32 +10:00
Petr Špaček
2c09403ab4 Document list of crypto algorithms in named -V output
(cherry picked from commit c648e280e4)
2022-09-30 09:57:32 +10:00
Matthijs Mekking
df11527a9a Add inline-signing to config examples
Add 'inline-signing yes;' to configuration examples to have working
copy paste configurations.

(cherry picked from commit b13a0c8836d2d8bc5b4de1cdfcdb2057c0bb9d93)
2022-09-28 10:54:52 +02:00
Matthijs Mekking
5c0e98410f Update inline-signing requirement to ARM
This change was made in !6403, but the appropriate documentation
changes were not applied to the ARM.

(cherry picked from commit 7231383e4cc57caac36d03055e8627b12aa4b91a)
2022-09-28 10:54:52 +02:00
Matthijs Mekking
309bf3578b Add inline-signing requirement to DNSSEC Guide
This change was made in !6403, but the appropriate documentation
changes were not applied to the DNSSEC Guide.

(cherry picked from commit 09522c8d73)
2022-09-28 10:54:52 +02:00
Mark Andrews
3353529920 Add release note for [GL #3557]
(cherry picked from commit eacf41a20a)
2022-09-27 23:58:22 +10:00
Michal Nowak
5b1ab4615a Add Fedora 36
(cherry picked from commit a313c49a3b)
2022-09-27 09:42:50 +02:00
Petr Menšík
8b07d457ef Simplify allowing warnings during ARM build
RHEL8 Sphinx does not support all features used in ARM building. But
with few emitted warnings it can build the documentation fine. Simplify
warnings acceptance by allowing make doc SPHINX_W=''.

(cherry picked from commit 3db7e241d2)
2022-09-26 17:30:48 +02:00
Petr Menšík
e036ac4d3d Compatibility for building ARM on older sphinx
Make documentation building successful even on RHEL9 sphinx 3.4.3. It
does not like case-insensitive matching of terms, so provide lowercase
text description with Uppercase word reference.

(cherry picked from commit bc6c6b1184)
2022-09-26 17:29:07 +02:00
Michał Kępień
fe0b04d8d3 Fix the description of named's -n option
Since the advent of netmgr, named no longer creates a single thread per
CPU, but rather a set of two threads per CPU.  Update the man page for
named accordingly to prevent confusion.
2022-09-21 19:47:13 +02:00
Ondřej Surý
f830737c51 Provide stronger wording about the security of statistics channel
Add more text about the importance of properly securing the statistics
channel and what is and what is not considered a security vulnerability.

(cherry-picked from commit 6869c98d36)
2022-09-21 17:49:49 +02:00
Michał Kępień
69c38b5e1c Merge tag 'v9_16_33' into v9_16
BIND 9.16.33
2022-09-21 13:21:29 +02:00
Michał Kępień
666d315087 Set up release notes for BIND 9.16.34 2022-09-09 20:00:15 +02:00
Michał Kępień
907b764b2a Tweak and reword release notes 2022-09-08 14:33:43 +02:00
Michał Kępień
b54ee83d50 Prepare release notes for BIND 9.16.33 2022-09-08 14:33:43 +02:00
Mark Andrews
ffd69ff780 Add release note for [GL #3487]
(cherry picked from commit e6cb1de20b)
2022-09-08 12:16:36 +02:00
Mark Andrews
62c45573ba Add release note for [GL #3487] 2022-09-08 12:12:36 +02:00
Matthijs Mekking
8ee4c3bbdc Add release notes for #3517
(cherry picked from commit 97c6c3712e)
2022-09-08 12:08:28 +02:00
Michał Kępień
315d35589a Add release note for GL #3394
(cherry picked from commit 672072812c)
2022-09-08 11:11:30 +02:00
Aram Sargsyan
5b6e4465be Add CHANGES and release notes for [GL #3459]
(cherry picked from commit 0b0cf12741)
2022-09-08 09:41:15 +02:00
Aram Sargsyan
6f46bfe705 Document RRL processing for wildcard names
All valid wildcard domain names are interpreted as the zone's origin
name concatenated to the "*" name.

(cherry picked from commit 89c2032421)
2022-09-08 09:41:15 +02:00
Matthijs Mekking
77105a2f60 Add change and release note for #3381
Because folks want to know.

(cherry picked from commit 2b95c11905a1a5faff9efa97a4f2498aadfa467b)
2022-09-06 10:27:34 +02:00
Ondřej Surý
561ef63e14 Add CHANGES and release note for [GL #3485]
(cherry picked from commit 0fe7acb4e6)
2022-09-05 10:22:25 +02:00
Michal Nowak
87dc26e494 Add FreeBSD 13.1
(cherry picked from commit bc425be55e1736d4f2ffada5e8d76f96b08c8351)
2022-08-18 17:34:08 +02:00
Michal Nowak
16458122a8 Merge tag 'v9_16_32' into v9_16
BIND 9.16.32
2022-08-18 11:55:55 +02:00
Michal Nowak
591d58be6e Add OpenBSD 7.1
(cherry picked from commit 7edf8ab47cfd0cc3a633e941b2880ee11d75d6cd)
2022-08-16 17:17:34 +02:00
Matthijs Mekking
294431b8f8 Add release note and change entry for #2982
News worthy.

(cherry picked from commit 2bd4486766)
2022-08-09 09:38:23 +02:00
Michał Kępień
571a5b7cca Set up release notes for BIND 9.16.33 2022-08-05 06:58:17 +02:00
Michał Kępień
c2ca99b710 Tweak and reword release notes 2022-08-04 23:59:36 +02:00
Michał Kępień
814d9f7bc8 Prepare release notes for BIND 9.16.32 2022-08-04 23:59:36 +02:00
Aram Sargsyan
23bf8afbcb Add CHANGES and release notes for [GL #3461]
(cherry picked from commit 0d64f55f5d)
2022-08-01 14:01:37 +00:00
Matthijs Mekking
3c2f517415 Add change entry and release note for #3462
News worthy.

(cherry picked from commit 44bbc0175c)
2022-07-26 10:02:26 +02:00
Mark Andrews
8be8257914 Add release note for [GL #3469]
(cherry picked from commit 16b133af40)
2022-07-25 11:37:49 -04:00
Evan Hunt
a20584dcf8 CHANGES and release note for [GL #2918] 2022-07-22 15:24:34 -07:00
Evan Hunt
1ed5eb38e4 clarify "max-zone-ttl" documentation
The "max-zone-ttl" option should now be configured as part of
dnssec-policy. Use of this option in zone/view/options will be ignored
in any zone that also has dnssec-policy configured.
2022-07-22 15:24:29 -07:00
Petr Špaček
a94c063c19 Avoid opt-out flag in dnssec-signzone examples
Since !6413 we discourage opt-out, so we should not be advertising it in
the examples. Even worse, it was just thrown into the command line
without even mentioning its meaning in the surrounding text.

Related: !6413
(cherry picked from commit beae857288)
2022-07-21 15:19:38 +02:00
Petr Špaček
445863c9fd Remove errorneous shell output redirection from dnssec-signzone example
The > looked like shell output redirection. It was present since we
imported DNSSEC Guide into the ARM.

(cherry picked from commit 1ab564d605)
2022-07-21 15:19:38 +02:00
Michal Nowak
a0e7b05aba Merge tag 'v9_16_31' into v9_16
BIND 9.16.31
2022-07-21 14:37:36 +02:00
Michał Kępień
31012c1c0d Update documentation for named's -M option
Add "internal" to the list of legal values for the -M command-line
option (commit 1f7d2d53f0 added that
flag).

Make the style of the relevant paragraph more in line with the next one
and split its contents up into an unordered list of options for improved
readability.

(cherry picked from commit f0c31ceb3b)
2022-07-15 10:45:34 +02:00
Michal Nowak
0043999f54 Add Alpine Linux 3.16
(cherry picked from commit 0d0ab3db10)
2022-07-12 13:59:30 +02:00
Matthijs Mekking
60c297d717 Add release note and change entry for #3438
Bug worth mentioning.

(cherry picked from commit 689215a675)
2022-07-12 12:48:57 +02:00
Michał Kępień
c660730ea3 Set up release notes for BIND 9.16.32 2022-07-11 08:52:51 +02:00
Michał Kępień
5cbf8d3c18 Tweak and reword release notes 2022-07-11 06:32:55 +02:00
Michał Kępień
59da803e86 Prepare release notes for BIND 9.16.31 2022-07-11 06:32:55 +02:00
Petr Špaček
4caaff0afa Deduplicate Manual Signing between DNSSEC chapter and DNSSEC Guide
The two procedures were essentially the same, but each instance was
missing some details from the other. They are now combined into one text
in the DNSSEC Guide and linked from DNSSEC chapter.

(cherry picked from commit 7d25027898)
2022-07-07 12:04:39 +02:00
Suzanne Goldlust
71f3d521cb Minor grammar improvements in the Signing chapter of the DNSSEC Guide
(cherry picked from commit 6b1ad4dcfb)
2022-07-07 11:48:33 +02:00
Petr Špaček
dd46af7f59 Deduplicate key filename description in the DNSSEC Guide
Third time ...

(cherry picked from commit 7e96801841)
2022-07-07 11:40:45 +02:00
Petr Špaček
6c1b34e9b5 Use ECDSAP256SHA256 in DNSSEC signing examples
(cherry picked from commit 3eb6898a14)
2022-07-07 11:39:32 +02:00
Matthijs Mekking
0a13a85dff Add a section about key rollover
Describe how to do key rollovers with dnssec-policy. Update the
revert to unsigned recipe in the DNSSEC guide.

(cherry picked from commit f721986589)
2022-07-07 11:37:25 +02:00
Petr Špaček
75854c5e6b Rewrite DNSSEC Validation subchapter in the ARM
Mostly deduplicating and linking information across the ARM.
Generally people should not touch it unless they what they are doing, so
let's try to discourage them a bit.

(cherry picked from commit bffa3063f0)
2022-07-07 11:07:32 +02:00