We’re pleased to announce the second alpha release of the PowerDNS Authoritative Server version 4.0.0. This release is the first release to use OpenSSL for nearly all crypto-primitives (GOST is still provided by Botan) and has a breaking change in the API compared to alpha 1. A list of new features of the upcoming 4.0.0 release is available on our documentation website.
Notable changes since 4.0.0-alpha1:
- #3037 Remove superfluous gsql queries and stop relying on schema defaults
- #3176, #3139 OpenSSL support (Christian Hofstaedtler and Kees Monshouwer)
- #3128 ECDSA support to DNSSEC infra via OpenSSL (Kees Monshouwer)
- #3281, #3283, #3363 Remove Crypto++ and mbedTLS support
- #3298 Implement pdnsutil create-zone zone nsname, add-record, delete-rrset, replace-rrset
- #3407 API: Permit wildcard manipulation (Aki Tuomi)
- #3230 API: drop JSONP, add web security headers (Christian Hofstaedtler)
- #3428 API: Fix zone/records design mistake (Christian Hofstaedtler)
- Note: this is a breaking change from alpha1, please review the API documentation
Bug fixes
- #3124 Fix several bugs with introduced with the change to a single signing key (e.g. the SEP bit is set on these single keys)
- #3151 Catch DNSName build errors in dynhandler (Christian Hofstaedtler)
- #3264 GeoIP backend: Use correct id numbers for domains (Aki Tuomi)
- #3271 ZoneParser: Throw PDNSException on too many SOA data elements
- #3302 Fix bindbackend’s feedRecord to handle being slave for the root
- #3399 Report OpenSSL RSA keysize in bits (Kees Monshouwer)
Improvements
- #3119 Show DNSSEC keys for slaved zone (Aki Tuomi)
- #3255 Don’t log authentication errors before sending HTTP basic auth challenge (Jan Broer)
- #3338 Add weight feature to GeoIP backend (Aki Tuomi)
- #3364 Shrink PacketID by 10% by eliminating padding. (Andrew Nelless)
- #3443 Many speedup and correctness fixes
Tarballs are available from downloads.powerdns.com and packages for popular distributions are available from our repositories.
