Changelog

1.x
	* Added contribution from Simon Vallet to perform simple trust
          anchor validation from within the library


11 Apr 2007 1.2.0:
	* canonicalization of rdata in DNSSEC functions now adheres to the
          rr type list in rfc3597, not rfc4035, which will be updated
	  (see http://www.ops.ietf.org/lists/namedroppers/namedroppers.2007/msg00183.html)
	* ldns-walk now support dnames with maximum label length
	* ldnsd now takes an extra argument containing the address to listen on
	* signing no longer signs every rrset with KSK's, but only the DNSKEY rrset
	* ported to Solaris 10
	* added ldns_send_buffer() function
	* added ldns-testpkts fake packet server
	* added ldns-notify to send NOTIFY packets
	* ldns-dpa can now accurately calculate the number of matches per
	  second
	* libtool is now used for compilation too (still gcc, but not directly)
	* Bugfixes:
		- TSIG signing buffer size
		- resolv.conf reading (comments)
		- dname comparison off by one error
		- typo in keyfetchers output file name fixed (a . too much)
		- fixed zone file parser when comments contain ( or )
		- fixed LOC RR type
		- fixed CERT RR type

	Drill:
	* drill prints error on failed axfr.
	* drill now accepts mangled packets with -f
	* old -c option (use tcp) changed to -t
	* -c option to specify alternative resolv.conf file added
	* feedback of signature chase improved
	* chaser now stops at root when no trusted keys are found
	  instead of looping forever trying to find the DS for .
	* Fixed bugs:
		- wildcard on multiple labels signature verification
		- error in -f packet writing for malformed packets
		- made KSK check more resilient


7 Jul 2006: 1.1.0: ldns-team
	* Added tutorials and an introduction to the documentation
	* Added include/ and lib/ dirs so that you can compile against ldns
	  without installing ldns on your system
	* Makefile updates
	* Starting usage of assert throughout the library to catch illegal calls
	* Solaris 9 testing was carried out. Ldns now compiles on that
	  platform; some gnuism were identified and fixed.
	* The ldns_zone structure was stress tested. The current setup
	 (ie. just a list of rrs) can scale to zone file in order of
  	  megabytes. Sorting such zone is still difficult.
	* Reading multiline b64 encoded rdata works.
	* OpenSSL was made optional, configure --without-ssl.
	  Ofcourse all dnssec/tsig related functions are disabled
	* Building of examples and drill now happens with the same
	  defines as the building of ldns itself.
	* Preliminary sha-256 support was added. Currently is your
     	  OpenSSL supports it, it is supported in the DS creation.
	* ldns_resolver_search was implemented
	* Fixed a lot of bugs

	Drill:
	* -r was killed in favor of -o <header bit mnemonic> which 
	  allows for a header bits setting (and maybe more in the
	  future)
	* DNSSEC is never automaticaly set, even when you query
	  for DNSKEY/RRSIG or DS.
	* Implement a crude RTT check, it now distinguishes between
	  reachable and unreachable.
        * A form of secure tracing was added
        * Secure Chasing has been improved
	* -x does a reverse lookup for the given IP address
	
	Examples:
	* ldns-dpa was added to the examples - this is the Dns Packet
	  Analyzer tool.
	* ldnsd - as very, very simple nameserver impl.
	* ldns-zsplit - split zones for parrallel signing
	* ldns-zcat - cat split zones back together
        * ldns-keyfetcher - Fetches DNSKEY records with a few (non-strong, 
	  non-DNSSEC) anti-spoofing techniques.
	* ldns-walk - 'Walks' a DNSSEC signed zone
	* Added an all-static target to the makefile so you can use examples
	  without installing the library
	* When building in the source tree or in a direct subdirectory of
	  the build dir, configure does not need --with-ldns=../ anymore

	Code:
	* All networking code was moved to net.c
	* rdata.c: added asserts to the rdf set/get functions
	* const keyword was added to pointer arguments that 
	  aren't changed

	API:
	Changed:
	* renamed ldns/dns.h to ldns/ldns.h
	* ldns_rr_new_frm_str() is extented with an extra variable which
	  in common use may be NULL. This trickles through to:
          o ldns_rr_new_frm_fp
	  o ldns_rr_new_frm_fp_l
	  Which also get an extra variable
	  Also the function has been changed to return a status message.
	  The compiled RR is returned in the first argument.
	* ldns_zone_new_frm_fp_l()  and ldns_zone_new_frm_fp() are
          changed to return a status msg.
	* ldns_key_new_frm_fp is changed to return ldns_status and
	  the actual key list in the first argument
	* ldns_rdata_new_frm_fp[_l]() are changed to return a status.
	  the rdf is return in the first argument
        * ldns_resolver_new_frm_fp: same treatment: return status and 
	  the new resolver in the first argument
	* ldns_pkt_query_new_frm_str(): same: return status and the
	  packet in the first arg
	* tsig.h: internal used functions are now static:
	  ldns_digest_name and ldns_tsig_mac_new
	* ldns_key_rr2ds has an extra argument to specify the hash to
	  use.
	* ldns_pkt_rcode() is renamed to ldns_pkt_get_rcode, ldns_pkt_rcode
	  is now the rcode type, like ldns_pkt_opcode
	New:
	* ldns_resolver_searchlist_count: return the searchlist counter
	* ldns_zone_sort: Sort a zone
	* ldns_bgsend(): background send, returns a socket.
	* ldns_pkt_empty(): check is a packet is empty
	* ldns_rr_list_pop_rr_list(): pop multiple rr's from another rr_list
	* ldns_rr_list_push_rr_list(): push multiple rr's to an rr_list
        * ldns_rr_list_compare(): compare 2 ldns_rr_lists
	* ldns_pkt_push_rr_list: rr_list equiv for rr
	* ldns_pkt_safe_push_rr_list: rr_list equiv for rr
	Removed:
	* ldns_resolver_bgsend(): was not used in 1.0.0 and is not used now
	* ldns_udp_server_connect(): was faulty and isn't really part of
	  the core ldns idea any how.
	* ldns_rr_list_insert_rr(): obsoleted, because not used.
	* char *_when was removed from the ldns_pkt structure


18 Oct 2005: 1.0.0: ldns-team
	* Commited a patch from Håkan Olsson
	* Added UPDATE support (Jakob Schlyter and Håkan Olsson)
	* License change: ldns is now BSD licensed
	* ldns now depends on SSL
	* Networking code cleanup, added (some) server udp/tcp support
	* A zone type is introduced. Currently this is a list
	  of RRs, so it will not scale well.
	* [beta] Zonefile parsing was added
	* [tools] Drill was added to ldns - see drill/
	* [tools] experimental signer was added
	* [building] better check for ssl
	* [building] major revision of build system
	* [building] added rpm .spec in packaging/ (thanks to Paul Wouters)
	* [building] A lot of cleanup in the build scripts (thanks to Jakob Schlyter
	and Paul Wouters)

28 Jul 2005: 0.70: ldns-team
	* [func] ldns_pkt_get_section now returns copies from the rrlists
	  in the packet. This can be freed by the user program
	* [code] added ldns_ prefixes to function from util.h
	* [inst] removed documentation from default make install
	* Usual fixes in documentation and code

20 Jun 2005: 0.66: ldns-team
	Rel. Focus: drill-pre2 uses some functions which are
	not in 0.65
	* dnssec_cd bit function was added
	* Zone infrastructure was added
	* Usual fixes in documentation and code

13 Jun 2005: 0.65: ldns-team
	* Repository is online at: 
	  http://www.nlnetlabs.nl/ldns/svn/
	* Apply reference copying throuhgout ldns, except in 2 
	  places in the ldns_resolver structure (._domain and
	 ._nameservers)
	* Usual array of bugfixes
	* Documentation added
	* keygen.c added as an example for DNSSEC programming

23 May 2005: 0.60: ldns-team
	* Removed config.h from the header installed files
	  (you're not supposed to include that in a libary)
	* Further tweaking
	  - DNSSEC signing/verification works
	  - Assorted bug fixes and tweaks (memory management) 

May 2005: 0.50: ldns-team
	* First usable release
	* Basic DNS functionality works
	* DNSSEC validation works