4056. [bug] Expanded automatic testing of trust anchor
management and fixed several small bugs including
a memory leak and a possible loss of key state
information. [RT #38458]
4055. [func] "rndc managed-keys" can be used to check status
of trust anchors or to force keys to be refreshed,
Also, the managed keys data file has easier-to-read
comments. [RT #38458]
Based on a patch sent in by Tony Finch <dot@dotat.at>.
Also fix win32 implementation of isc_file_openunique() to use a random
filename instead of using the process id.
4034. [func] When added, negative trust anchors (NTA) are now
saved to files (viewname.nta), in order to
persist across restarts of the named server.
[RT #37087]
3999. [func] "mkeys" and "nzf" files are now named after
their corresponding views, unless the view name
contains characters that would be incompatible
with use in a filename (i.e., slash, backslash,
or capital letters). If a view name does contain
these characters, the files will still be named
using a cryptographic hash of the view name.
Regardless of this, if a file using the old name
format is found to exist, it will continue to be
used. [RT #37704]
No CHANGES entry for this as it isn't proved to cause an issue for
anyone (isc_msgcat_get() has to return a format specifier) and isn't a
user visible change.
Squashed commit of the following:
commit bcb15c9aa17b0b706aefd9efef5f7e0e951064a3
Author: Mukund Sivaraman <muks@isc.org>
Date: Wed Jun 4 16:55:16 2014 +0530
[27303] Supply format string as first arg to printf()
The old code only had a problem if isc_msgcat_get() returned a format
specifier (%n).
3760. [bug] Improve SIT with native PKCS#11 and on Windows.
[RT #35433]
3759. [port] Enable delve on Windows. [RT #35441]
3758. [port] Enable export library APIs on windows. [RT #35382]
3745. [func] "configure --with-tuning=large" adjusts various
compiled-in constants and default settings to
values suited to large servers with abundant
memory. [RT #29538]
