[knot-dns-users] Knot DNS 1.6.5 patch release

Jan Včelák jan.vcelak at nic.cz
Tue Sep 1 18:26:09 CEST 2015


Hello list.

Today, CZ.NIC Labs releases Knot DNS 1.6.5. This patch release contains quite 
a lot of non-critical bug fixes and some minor improvements. Everyone is 
advised to upgrade.

Let's go through the fixed bugs quickly:

- The server no longer loads expired zones on 'knotc reload' and server
  startup.

- We have fixed a rare race-condition in the event scheduling code. The race
  caused that events for some zones were significantly delayed. (We were
  reported that the server is occasionally ignoring notify messages for random
  zones when the server is receiving many notifies. We believe this bug
  was the cause and the problem should no longer appear.)

- There was a bug in the NSEC proofs construction. When the zone contained
  many delegations, the NSEC proving non-existence of a covering wildcard was
  incorrect. The problem is fixed now.

- The TC flag was not set correctly for RRL slipped answers. This problem
  is resolved as well.

- We have disabled domain name compression for the root label '.' because it
  caused negative compression and some client implementations (like Go DNS)
  might have problem decoding these answers.

- The server is now checking whether it is executed in the systemd enviroment
  before using journald as a sink for log messages. Also the systemd library
  detection at a build time was improved.

- We have also eliminated compilation warnings in endian-conversion functions
  on OpenBSD.

And as for the new features:

- The persistent timers are now written to the on-disk database only on server
  shutdown. This change was done mainly to improve startup and reload
  performance.

- The 'max-conn-idle', 'max-conn-handshake', 'max-conn-reply', and
  'notify-timeout' config options now accept time units specification
  (e.g., one can use 2m instead of 120).

- We have added 'request-edns-option' config option, which allows inserting
  custom EDNS0 options into all queries initiated by the server.

And that's all folks. I would like to thank everyone involved in making this 
release, especially bug reporters. We are looking forward to your feedback.
The sources are available as usual.

Full changelog:
https://gitlab.labs.nic.cz/labs/knot/raw/1.6/NEWS

Source archives:
https://secure.nic.cz/files/knot-dns/knot-1.6.5.tar.xz
https://secure.nic.cz/files/knot-dns/knot-1.6.5.tar.gz

GPG signatures:
https://secure.nic.cz/files/knot-dns/knot-1.6.5.tar.xz.asc
https://secure.nic.cz/files/knot-dns/knot-1.6.5.tar.gz.asc

Best Regards,

Jan

--
 Jan Včelák, Knot DNS
 CZ.NIC Labs https://www.knot-dns.cz
 --------------------------------------------
 Milešovská 5, 130 00 Praha 3, Czech Republic
 WWW: https://labs.nic.cz https://www.nic.cz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.nic.cz/pipermail/knot-dns-users/attachments/20150901/7b51aeed/attachment.sig>


More information about the knot-dns-users mailing list