List of bugs in BIND 9ΒΆ

Following bugs are somehow important for bind-dyndb-ldap developers or users:

  • Two calls to BIND’s function dns_db_getoriginnode() are fatal if there are no data at the node.
  • Freelists in memory context consume memory indefinitely
    • ISC-Bugs #35160
    • detailed description
    • WONTFIX: There is really no way to do this without a complete redesign of isc_mem.
    • It means that we have to limit amount of small allocations artifically in our code. Otherwise we can consume gigabytes of memory which will never be returned to the operating system.
  • In-line signing: raw and secure zones are getting out-of-sync
    • ISC-Bugs #36196
    • detailed description
    • waiting for reply from ISC
      • References: <RT-Ticket-36196@isc.org> <538EF176.5050302@redhat.com>
  • PKCS#11 PIN is silently truncated to 32 bytes
    • ISC-Bugs #37410
    • This affects pkcs11-* utilities and also key files generated by dnssec-keyfromlabel: Login to token is refused with an error similar to “invalid PIN”.
    • Fixed by 7fbfa379e25b675ec46ae30925b4b2923a07c893, new maximum is 256 bytes.
  • dns_name_fullcompare() doesn’t fill nlabelsp correctly if name pointers are equal