unbound (1.4.7-0maemo0~devel1~svn2224) fremantle; urgency=low

  ** 20 August 2010: Wouter
        - openbsd-lint fixes: acl_list_get_mem used if debug-alloc enabled.
          iterator get_mem includes priv_get_mem.  delegpt nodup removed.
          listen_pushback, query_info_allocqname, write_socket, send_packet,
          comm_point_set_cb_arg and listen_resume removed.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Sat, 21 Aug 2010 00:00:00 +0200

unbound (1.4.7-0maemo0~devel1~svn2221) fremantle; urgency=low

  ** 19 August 2010: Wouter
        - Fix bug#321: resolution of rs.ripe.net artifacts with 0x20.
          Delegpt structures checked for duplicates always.
          No more nameserver lookups generated when depth is full anyway.
        - example.conf notes how to do DNSSEC validation and track the root.
        - iana portlist updated.

  ** 18 August 2010: Wouter
        - Fix bug#322: configure does not respect CFLAGS on Solaris.
          Pass CFLAGS="-xO4 -xtarget=generic" on the configure command line
          if use sun-cc, but some systems need different flags.

  ** 16 August 2010: Wouter
        - Fix acx_nlnetlabs.m4 configure output for autoconf-2.66 AS_TR_CPP
          changes, uses m4_bpatsubst now.
        - make test (or make check) should be more portable and run the unit 
          test and testbound scripts. (make longtest has special requirements).

 -- Hauke Lampe <lampe@hauke-lampe.de>  Fri, 20 Aug 2010 00:00:00 +0200

unbound (1.4.7-0maemo0~devel1~svn2212) fremantle; urgency=low

  ** 13 August 2010: Wouter
        - More pleasant remote control command parsing.
        - documentation added for return values reported by doxygen 1.7.1.
        - iana portlist updated.

  ** 9 August 2010: Wouter
        - Fix name of rrset printed that failed validation.

  ** 5 August 2010: Wouter
        - Return NXDOMAIN after chain of CNAMEs ends at name-not-found.

  ** 4 August 2010: Wouter
        - Fix validation in case a trust anchor enters into a zone with
          unsupported algorithms.

  ** 3 August 2010: Wouter
        - updated ldns tarball with bugfixes.
        - release tag 1.4.6.
        - trunk becomes 1.4.7 develop.
        - iana portlist updated.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Sat, 14 Aug 2010 00:00:00 +0200

unbound (1.4.6-0maemo0~devel1~svn2201) fremantle; urgency=low

  ** 22 July 2010: Wouter
        - more error details on failed remote control connection.

  ** 15 July 2010: Wouter
        - rlimit adjustments for select and ulimit can happen at the same time.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Mon, 26 Jul 2010 00:00:00 +0200

unbound (1.4.6-0maemo0~devel1~svn2198) fremantle; urgency=low

  ** 14 July 2010: Wouter
        - Donation text added to README.
        - Fix integer underflow in prefetch ttl creation from cache.  This
          fixes a potential negative prefetch ttl.

  ** 12 July 2010: Wouter
        - Changed the defaults for num-queries-per-thread/outgoing-range.
          For builtin-select: 512/960, for libevent 1024/4096 and for
          windows 24/48 (because of win api).  This makes the ratio this way
          to improve resilience under heavy load.  For high performance, use
          libevent and possibly higher numbers.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Wed, 14 Jul 2010 00:00:00 +0200

unbound (1.4.6-0maemo0~devel1~svn2190) fremantle; urgency=low

  ** 10 July 2010: Wouter
        - GOST enabled if SSL is recent and ldns has GOST enabled too.
        - ldns tarball updated.

  ** 9 July 2010: Wouter
        - iana portlist updated.
        - Fix validation of qtype DNSKEY when a key-cache entry exists but
          no rr-cache entry is used (it expired or prefetch), it then goes
          back up to the DS or trust-anchor to validate the DNSKEY.

  ** 7 July 2010: Wouter
        - Neat function prototypes, unshadowed local declarations.

  ** 6 July 2010: Wouter
        - failure to chown the pidfile is not fatal any more.
        - testbound uses UTC timezone.
        - ldns tarball updated (ports and works on Minix 3.1.7).  On Minix, add
          /usr/gnu/bin to PATH, use ./configure AR=/usr/gnu/bin/gar and gmake.

  ** 5 July 2010: Wouter
        - log if a server is skipped because it is on the donotquery list,
          at verbosity 4, to enable diagnosis why no queries to 127.0.0.1.
        - added feature to print configure date, target and options with -h.
        - added feature to print event backend system details with -h.
        - wdiff is not actually required by make test, updated requirements.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Sun, 11 Jul 2010 00:00:00 +0200

unbound (1.4.6-0maemo0~devel1~svn2173) fremantle; urgency=low

  ** 1 July 2010: Wouter
        - Fix RFC4035 compliance with 2.2 statement that the DNSKEY at apex
          must be signed with all algorithms from the DS rrset at the parent.
          This is now checked and becomes bogus if not.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Fri, 02 Jul 2010 00:00:00 +0200

unbound (1.4.6-0maemo0~devel1~svn2171) fremantle; urgency=low

  ** 28 June 2010: Wouter
        - Fix jostle list bug found by Vince (luoce@cnnic), it caused the qps
          in overload situations to be about 5 qps for the class of shortly
          serviced queries.
          The capacity of the resolver is then about (numqueriesperthread / 2)
          / (average time for such long queries) qps for long queries.
          And about (numqueriesperthread / 2)/(jostletimeout in whole seconds)
          qps for short queries, per thread.
        - Fix the max number of reply-address count to be applied for duplicate
          queries, and not for new query list entries.  This raises the memory
          usage to a max of (16+1)*numqueriesperthread reply addresses.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Wed, 30 Jun 2010 00:00:00 +0200

unbound (1.4.6-0maemo0~devel1~svn2169) fremantle; urgency=low

  ** 25 June 2010: Wouter
        - Fix handling of corner case reply from lame server, follows rfc2308.
          It could lead to a nodata reply getting into the cache if the search
          for a non-lame server turned up other misconfigured servers.
        - unbound.h has extern "C" statement for easier include in c++.

  ** 23 June 2010: Wouter
        - iana portlist updated.
        - makedist upgraded cross compile openssl option, like this: 
          ./makedist.sh -s -wssl openssl-1.0.0a.tar.gz -w --enable-gost

  ** 22 June 2010: Wouter
        - Unbound reports libev or libevent correctly in logs in verbose mode.
        - Fix to unload gost dynamic library module for leak testing.

  ** 18 June 2010: Wouter
        - iana portlist updated.

  ** 17 June 2010: Wouter
        - Add AAAA to root hints for I.ROOT-SERVERS.NET.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Sat, 26 Jun 2010 00:00:00 +0200

unbound (1.4.6-0maemo0~devel1~svn2156) fremantle; urgency=low

  ** 16 June 2010: Wouter
        - Fix assertion failure reported by Kai Storbeck from XS4ALL, the
          assertion was wrong.
        - updated ldns tarball.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Wed, 16 Jun 2010 00:00:00 +0200

unbound (1.4.6-0maemo0~devel1~svn2153) fremantle; urgency=low

  ** 15 June 2010: Wouter
        - Fix TCPreply on systems with no writev, if just 1 byte could be sent.
        - Fix to use one pointer less for iterator query state store_parent_NS.
        - makedist crosscompile to windows uses builtin ldns not host ldns.
        - Max referral count from 30 to 130, because 128 one character domains
          is valid DNS.
        - added documentation for the histogram printout to syslog.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Tue, 15 Jun 2010 00:01:00 +0200

unbound (1.4.5-0maemo0) fremantle; urgency=low

  ** 15 June 2010: Wouter
        - tag 1.4.5 created.
        - trunk contains 1.4.6 in development.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Tue, 15 Jun 2010 00:00:00 +0200

unbound (1.4.5-0maemo0~devel1~svn2146) fremantle; urgency=low

  ** 11 June 2010: Wouter
        - When retry to parent the retrycount is not wiped, so failed 
          nameservers are not tried again.
        - iana portlist updated.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Sat, 12 Jun 2010 00:00:00 +0200

unbound (1.4.5-0maemo0~devel1~svn2144) fremantle; urgency=low

  ** 10 June 2010: Wouter
        - Fix bug where a long loop could be entered, now cycle detection
          has a loop-counter and maximum search amount.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Thu, 10 Jun 2010 00:00:00 +0200

unbound (1.4.5-0maemo0~devel1~svn2143) fremantle; urgency=low

  ** 4 June 2010: Wouter
        - iana portlist updated.
        - 1.4.5rc1 tag created.

  ** 3 June 2010: Wouter
        - ldns tarball updated, 1.6.5.
        - review comments, split dependency cycle tracking for parentside
          last resort lookups for A and AAAA so there are more lookup options.

  ** 2 June 2010: Wouter
        - Fix compile warning if compiled without threads.
        - updated ldns-tarball with current ldns svn (pre 1.6.5).
        - GOST disabled-by-default, the algorithm number is allocated but the
          RFC is still has to pass AUTH48 at the IETF.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Fri, 04 Jun 2010 00:00:00 +0200

unbound (1.4.5-0maemo0~devel1~svn2129) fremantle; urgency=low

  ** 1 June 2010: Wouter
        - Ignore Z flag in incoming messages too.
        - Fix storage of negative parent glue if that last resort fails.
        - libtoolize 2.2.6b, autoconf 2.65 applied to configure.
        - new splint flags for newer splint install.

  ** 31 May 2010: Wouter
        - Fix AD flag handling, it could in some cases mistakenly copy the AD 
          flag from upstream servers.
        - alloc_special_obtain out of memory is not a fatal error any more,
          enabling unbound to continue longer in out of memory conditions.
        - parentside names are dispreferred but not said to be dnssec-lame.
        - parentside check for cached newname glue.
        - fix parentside and querytargets modulestate, for dump_requestlist.
        - unbound-control-setup makes keys -rw-r--- so not all users permitted.
        - fix parentside from cache to be marked dispreferred for bad names.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Tue, 01 Jun 2010 00:00:00 +0200

unbound (1.4.5-0maemo0~devel1~svn2119) fremantle; urgency=low

  ** 28 May 2010: Wouter
        - iana portlist updated.
        - parent-child disagreement approach altered.  Older fixes are
          removed in place of a more exhaustive search for misconfigured data
          available via the parent of a delegation.
          This is designed to be throttled by cache entries, with TTL from the
          parent if possible.  Additionally the loop-counter is used.
          It also tests for NS RRset differences between parent and child.
          The fetch of misconfigured data should be more reliable and thorough.
          It should work reliably even with no or only partial data in cache.
          Data received from the child (as always) is deemed more
          authoritative than information received from the delegation parent.
          The search for misconfigured data is not performed normally.

  ** 26 May 2010: Wouter
        - Contribution from Migiel de Vos (Surfnet): nagios patch for
          unbound-host, in contrib/ (in the source tarball).  Makes
          unbound-host suitable for monitoring dnssec(-chain) status.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Fri, 28 May 2010 00:00:00 +0200

unbound (1.4.5-0maemo0~devel1~svn2115) fremantle; urgency=low

  * dh_makeshlibs breaks on Maemo autobuilder, works in local SDK
  * debug: disable dh_makeshlibs, works in local SDK, see what breaks it
    * without makeshlibs, shlibdeps doesn't find libunbound2
    * added static deps
    * test with mockup next
  * note to self: changing targets:
    *  make realclean; svn update; dpkg-buildpackage

 -- Hauke Lampe <lampe@hauke-lampe.de>  Sat, 22 May 2010 00:01:00 +0200

unbound (1.4.5-0maemo0~devel~svn2115) fremantle; urgency=low

  ** 21 May 2010: Wouter
        - EDNS timeout code will not fire if EDNS status already known.
        - EDNS failure not stored if EDNS status known to work.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Sat, 22 May 2010 00:00:00 +0200

unbound (1.4.5-0~ppa~lampe1+svn2114) unstable; urgency=low

  ** 9 May 2010: Wouter
        - Fix resolution for domains like safesvc.com.cn.  If the iterator
          can not recurse further and it finds the delegation in a state
          where it would otherwise have rejected it outhand if so received
          from a cache lookup, then it can try to ask higherup (with loop
          protection).
        - Fix comments in iter_utils:dp_is_useless.

  ** 18 May 2010: Wouter
        - Fix various compiler warnings from the clang llvm compiler.
        - iana portlist updated.

 -- Hauke Lampe <lampe@hauke-lampe.de>  Wed, 19 May 2010 00:00:00 +0200

unbound (1.4.5-0~ppa~lampe1+svn2110) unstable; urgency=low

  * svn rev. 2110

 -- Hauke Lampe <lampe@hauke-lampe.de>  Tue, 11 May 2010 00:00:00 +0200

