From ebcbc731ab60ca9dbc8c741eaf1ef4a03d4d4799 Mon Sep 17 00:00:00 2001 From: Peter Wemm Date: Mon, 22 Jan 1996 04:55:42 +0000 Subject: [PATCH] Import named-4.9.3-patch1 This is a small fix, as a result of talking to Ultrix Hesiod-enabled named's. Apparently there are some buffer overruns causing data mangling. --- usr.sbin/named/CHANGES | 2408 ++++++++++++++++++++++++++++++++++++++ usr.sbin/named/OPTIONS | 411 +++++++ usr.sbin/named/ns_main.c | 5 +- usr.sbin/named/ns_resp.c | 6 +- 4 files changed, 2825 insertions(+), 5 deletions(-) create mode 100644 usr.sbin/named/CHANGES create mode 100644 usr.sbin/named/OPTIONS diff --git a/usr.sbin/named/CHANGES b/usr.sbin/named/CHANGES new file mode 100644 index 000000000000..dcee37930aff --- /dev/null +++ b/usr.sbin/named/CHANGES @@ -0,0 +1,2408 @@ +$Id: CHANGES,v 8.27 1996/01/09 20:23:45 vixie Exp $ + + --- 4.9.3-p1 released --- + +575. [port] Ultrix/Hesiod named responses are oversized, we were + incorrectly accepting them and then overwriting the stack. + +574. [port] BSD/OS 2.1 required some ./BSD/Makefile changes. + + --- 4.9.3-rel released --- + +573. [contrib] put in "951231" version of contrib/host. + +572. [doc] new file doc/info/SCO-2 concerning porting. + +571. [bug] zones whose master files contained only $INCLUDEs were + incorrectly considered to not have any RR's (old bug.) + +570. [doc] trivial man/named.8 tweak. + +569. [doc] minor documentation tweak to shres/solaris/ISSUES. + + --- 4.9.3-beta34 released --- + +568. [bug] very minor initialization bug fixed in tools/dig.c. + +567. [bug] disabled VALIDATE; all this code is trash and will be removed + along with ALLOW_UPDATES very early in the next alpha cycle. + we are now back to the B26 level of stability, with several + minor bug fixes from intervening betas. + +566. [bug] fixed memory leak introduced in #565. + + --- 4.9.3-beta33 released --- + +565. [proto] we were generating truncated RRsets due to VALIDATE bugs. + +564. [proto] we weren't stopping early enough on some kinds of truncation. + +563. [doc] added doc/info/Solaris, concerning Sun Patch-ID# 102165-02. + +562. [bug] named/ns_resp.c had an overzealous #ifdef. + +561. [port] tools/nslookup/getinfo.c had an ANSI C nit. + +560. [port] shres/netbsd and Makefile's netbsd stuff was wrong. + +559. [doc] shres/* documentation had more pathname problems. + +558. [port] SCO OSE5 portability problem (minor). + +557. [doc] added doc/misc/style.txt out of my archives. + +556. [contrib] updated contrib/arlib, contrib/dnsparse (really!). + +555. [bug] quoted newlines were still broken even after #509. + +554. [bug] dangling CNAME cache chains could make named dump core. + +553. [bug] forwarders didn't work well with VALIDATE. + + --- 4.9.3-beta32 released --- + +552. [doc] ./Makefile had some out of date comments. + +551. [bug] shres/sunos/* needed some fine tuning. + +550. [contrib] contrib/dnsparse replaced with a later version. + + --- 4.9.3-beta31 released --- + +549. [bug] "make links" hadn't been tested in a while; shres/* req'd chg. + +548. [bug] shres/sunos/* needed some fixups due to a late Sun patch. + +547. [doc] Makefile comments for Linux were out of date. + +546. [doc] OPTIONS had an incorrect path name and some factual errors. + +545. [bug] shres/sunos/Makefile had some incorrect path names. + + --- 4.9.3-beta30 released --- + +544. [port] some systems with broken CPP's wouldn't compile ns_req.c. + +543. [bug] query restart bug in ns_resp.c. + + --- 4.9.3-beta29 released --- + +542. [port] rearranged signal() calls to make POSIX + SYSV possible. + +541. [port] padded _res to 512 bytes; moved initialized data to res_data.c. + +540. [port] added experimental shres/netbsd/ directory. + +539. [bug] we weren't able to load 0 ttl's in zone files. + +538. [doc] BOG corrections. + + --- 4.9.3-beta28 never released --- + +537. [contrib] new contrib/lamers/ directory. + +536. [bug] there was a possible deadlock condition over missing glue. + +535. [bug] previous patch to db_load() was misapplied. + +534. [bug] several ancient cache corruption bugs fixed in ns_resp(). + +533. [root] root servers required a new ``no-fetch-glue'' option. + +532. [bug] all kinds of stuff was broken under shres/ due to new subdir. + + --- 4.9.3-beta27 released --- + +531. [bug] limited support for labels containing \. (literal dot.) + +530. [bug] new root.cache file imported from internic. + +529. [bug] another set of bug fixes to the zone transfer scheduler. + +528. [bug] VALIDATE reenabled but without packet editing. + +527. [bug] glue passing through CNAMEs will now be cached properly. + +526. [bug] deleted zones should no longer cause core dumps. + +525. [func] several messages changed to be more informative. + +524. [bug] loc_ntoa() was returning a pointer to a stack variable. + +523. [bug] wildcard RR's were being deleted by purge_zone(). + +522. [bug] "ndc start" didn't work if no pid file existed. + +521. [port] Sun SVR4 fixes, including shared library support. + +520. [bug] we weren't using "forwarders" if "options forward_only" + wasn't set (in some cases.) + +519. [bug] named-xfer wasn't called res_init(). + +518. [bug] lots of byte order nits. + +517. [bug] "tools/host -a" now prints in RR format again. + +516. [proto] minimum TTL changes from five minutes to zero seconds. + +515. [bug] SOA TTL of zero is no longer considered an error. + +514. [bug] division by zero error corrected in ns_refreshtime(). + +513. [bug] we had the #ifdefs nexted backwards in . + +512. [bug] we were able to dump core while tracing due to a NULL pointer. + +511. [bug] DiG wasn't able to suppress all of res_debug.c's comments. + +510. [doc] BOG typos. new doc/misc/FAQ. new site in MIRRORS. + +509. [bug] another side effect of the inet_aton() change was fixed, + this time it was breaking escaped newlines in named.boot. + +508. [contrib] new contrib/host, contrib/misc/settransfer, contrib/msql. + contrib/umich/lame_delegation was withdrawn by the author. + +507. [bug] DiG didn't do ndots and was trigger happy about options. + +506. [port] NextStep, Interactive, SCO, Digital UNIX, ULTRIX improvements. + +505. [bug] we were overly restrictive about nonauthoritative NXDOMAINs. + +504. [bug] named was generating corrupt responses in au truncation. + +503. [port] shres/* now supports SunOS 4.1.4. + +502. [bug] nslookup wasn't behaving properly in the presence of "ndots". + +501. [bug] we now delay 5 seconds after an "ndc restart" or "ndc start". + +500. [bug] change #494 was incomplete. + + --- 4.9.3-beta26 released --- + +499. [bug] we needed a SERVFAIL in an error case. + +498. [bug] some recently added byte order bugs were stomped; + data_inaddr() was made slightly more conservative. + +497. [port] local_hostname_length() moved to its own source file. + +496. [bug] Beta25's change to compat/Makefile was wrong. + +495. [bug] tools/host.c wasn't processing cnames properly. + + --- 4.9.3-beta25 released --- + +494. [func] "include" directive in boot file is no longer fatal if the + specified file doesn't exist or is not readable. + +493. [bug] new interfaces' UDP sockets weren't affecting select()'s mask. + +492. [doc] another round of changes and cleanups to the BOG. + +491. [bug] various cleanups to lame server detection. + +490. [port] completely new shres/* from CKD. + +489. [doc] added a ***NOTE*** to ./INSTALL about operating system files. + +488. [port] GNU C Library changes for include/netdb.h. + +487. [func] named will try a little bit longer to bind() its stream socket. + +486. [contrib] new packages: contrib/inaddrtool and contrib/trnamed. + +485. [func] ns_forw will no longer forward to 0.0.0.0, 255.255.255.255, + or 127.0.0.1. + +484. [port] more POSIX_SIGNALS conversions. + +483. [bug] compat/Makefile wasn't passing on all definitions to submakes. + +482. [port] bad bug in NeXT C Library worked around. + +481. [doc] RFC 1794 is now included in doc/rfc. + +480. [bug] a debugging printf() was accessing freed memory. + +479. [port] doc/info/NCR has been replaced. + +478. [port] doc/info/interactive has been replaced by its author. + +477. [port] UNIXWARE 2.X changes. + +476. [bug] ns_init.c was creating files in "//tmp" rather than "/tmp". + +475. [bug] inet_aton() reverts to mostly previous behaviour. + +474. [bug] PTR->CNAME support added; name test fixed. + +473. [func] added gethostbyname2(), improved its man page. + +472. [port] Linux connect() can reconnect, res/res_send.c now knows this. + +471. [build] several "clean" targets were not removing ".depend" files. + +470. [bug] dqflush() was using memory after free()ing it and never closing + any file descriptors and not clearing select()'s mask bits. + + --- 4.9.3-beta24 released --- + +469. [bug] We no longer share static return buffers across functions in + res_debug.c. + +468. [logging] An extraneous haveComplained() was removed from ns_resp.c. + +467. [portdoc] Linux build doc changes. + + --- 4.9.3-beta23 released --- + +466. [doc] big reorg to BOG. + +465. [doc] minor corrections to man pages. + +464. [port] NEC Makefile changes. + +463. [contrib] random updates. + +462. [bug] res_send() wasn't always clearing errno, which led to + false-negative return conditions. + +461. [port] minor u_char-vs-char lint removed. + +460. [port] backed out a recent Linux portability change. + + --- 4.9.3-beta22 released --- + +459. [port] made a major lint pass. + +458. [func] paved over a bad security hole in named-xfer. + +457. [bug] negative caching vs (secure_zone | cname checking) bugs. + +456. [port] moved all:: target to be first in top level Makefile. + +455. [bug] res/res_send.c had a bad macro definition. + +454. [doc] RUNSON moved to doc/info. MIRRORS file added. + +453. [quality] learntFrom() was reformatted. + +452. [doc] minor changes for shlib/ISSUES, tools/nslookup/nslookup.help. + +451. [port] linux, NCR, Solaris, NExT portability changes. + +450. [func] added RES_NOALIASES flag, needed for security. + +449. [bug] we were defining a nonstandard DNS header flag as PR. no more. + + --- 4.9.3-beta21 released --- + +448. [port] systems with hundreds of network interfaces need big ioctl()'s. + +447. [func] zones without NS RR's or with mismatching SOA RR's are caught. + +446. [bug] miscellaneous fixes to res/gethnamaddr.c. + +445. [bug] the secure_zone logic was incomplete. + +444. [bug] bootfile "options" parsing was broken. + +443. [bug] named-xfer was munging incoming WKS RR's. + +442. [contrib] various cleanups. + + --- 4.9.3-beta20 released --- + +441. [contrib] put in DOC 2.1.1. + +440. [func] change/addition to the "lame delegation" syslog message. + +439. [bug] emulation macros WIFSIGNALED and WIFEXITED were bogus. + +438. [bug] missing "#ifndef INVQ" added. + +437. [doc] man pages and BOG updated to include new B18/B19 features. + +436. [port] PIDDIR definition removed from Solaris 2.X. + +435. [port] shres/Makefile fixed for new location of inet_addr.c. + +434. [port] getnetnamaddr.c had a spurious "#if defined(sun)" + +433. [bugs] random typos and glitches from the beta19 afternoon rush. + + --- 4.9.3-beta19 released --- + +432. [func] we should be much more resistant to root cache corruption now. + +431. [bug] tcp socket send buffer will now be set at 16K to avoid blocks. + +430. [bug] ns_req.c had two cases where it could overflow a buffer. + +429. [bug] the "." zone will now respect the setting of NO_GLUE. + +428. [func] 0.0.0.0 A RR's are allowed in the DB but we won't use them. + +427. [func] "options fake-iquery" added, users of Sun nslookup take note. + +426. [port] include/netdb.h now has some #ifdef sun defs in it. + +425. [bug] negative caching bugs in findns() and in ns_forw.c. + +424. [func] "limit transfers-per-ns" directive added. + +423. [bug] infinite loop fixed in named-xfer.c's version number printing. + +422. [bug] gethostbyname() of a dotted quad in an auto variable will + no longer cause the caller to consume random stack trash. + +421. [port] inet_aton() has moved from lib44bsd.a back to libresolv.a. + +420. [func] any punctuation character can now terminate an inet_aton(). + +419. [port] use sigemptyset(), sigaddset() - in preference to sigmask(). + + --- 4.9.3-beta18 released --- + +418. [bug] ``close(11): interrupted system call'' now fixed. + +417. [bug] big name servers would never refresh all their zones since + tryxfer() wasn't a "fair" scheduler. it is now. + +416. [func] SOA syntax errors will now lead to dead zones, not dead srvrs. + +415. [func] expiration values lower than refresh values cause a warning. + +414. [func] added "options" and "limit" directives to named.boot. + +413. [port] new file: doc/info/solaris.too. + +412. [bug] possible div-by-zero in ns_init.c. + +411. [port] NeXTstep, UNIXWARE, ISC, AUX changes/additions to top Makefile. + +410. [port] POSIX_SIGNALS covers a bit more code now. + +409. [bug] CNAME->PTR responses were triggering syslog() unnecessarily. + +408. [port] res_send.c's socket() calls were using the wrong arguments. + this was benign but with IPv6 looming, we need to clean it up. + +407. [bug] the delayed free() logic (DATUMREFCNT) didn't account for + the possibility of some NULL pointers, in ns_resp.c. + +406. [bug] we were walking through purged list items in ns_forw.c. + this caused bad things to happen when glue expired. + +405. [bug] "attempted update to auth zone" is no longer a warning. + +404. [bug] fp_nquery() is now used everywhere, fp_query() is deprecated. + +403. [port] hstrerror()'s result is now declared as const. + +402. [bug] a flakey initialization in the resolver has been fixed. + +401. [port] removed some junk around getnetbyname(), needs testing on suns. + +400. [func] BIND's version number now appears as a comment in zone files + written by named-xfer. + +399. [func] older, bogus HINFO RR's will now be fixed up with warnings. + +398. [bug] "SOA class not same as zone's" is now a zone load error. + +397. [func] all of the syslog() priorities have been lowered. + +396. [doc] added doc/misc/{FAQ.1of2,FAQ.2of2,vixie-security.ps}. + +368. [port] top level Makefile updates: .depend files aren't shipped; + solaris, linux, dec osf/1, dynix build more cleanly. + +367. [port] LOC RR logic has had some lint removed. also named-xfer.c. + +366. [contrib] dnswalk 1.8.3 is now included. + +365. [security] initial query ID is no longer a fixed constant. + + --- 4.9.3-beta17 released --- + +364. named/ndc.sh didn't always exit with nonzero on errors. + +363. include/arpa/Makefile was installing into //. + +362. convex cleanups. osf/1 cleanups. + +361. minor nit in sprintf() format string in tools/host.c. + + --- 4.9.3-beta16 released --- + +360. CRED is long gone. + +359. convex systems have getrusage(). + +358. CPPFLAGS wasn't quite right. + + --- 4.9.3-beta15 released --- + +357. netdb.h now externs h_errno. + +356. fixed odd corner case bug in res_query(). + +355. no BIND beta is complete without a patch to shres/PROBLEMS. + +354. minor addition to the "ndc" command line syntax. + +353. "." domain syslog() raised from LOG_DEBUG to LOG_WARNING. + +352. minor nit in named-xfer.c. + +351. the BSD/* Makefiles were mode 440, are now 444. + +350. new (undocumented) make target: "make mkdirs". + +349. output format change in tools/host.c. + +348. contrib/* updates. + +347. CPPFLAGS variable added to the Makefile tree, should quieten some makes. + nextstep, solaris, and svr4 systems have some new build parameters. + +346. BOG cleanups and addition of PX RR documentation. + +345. more items for RUNSON. + +344. several combinations and permutations of compilation options didn't work. + + --- 4.9.3-beta14 released --- + +343. Type cast fix for #340. + +343. Small change to RUNSON. + +342. Removed fsync() call, it really wasn't nec'y and was causing trouble. + + --- 4.9.3-beta13 released --- + +341. Small fix for #331. + +340. Inverse queries, if enabled, will be logged if QRYLOG is enabled and on. + +339. Nonrecursive servers (-r) will once again sysquery() for missing glue. + +338. named/ndc now preserves the user's $PATH. + +337. SUNSECURITY is now only on for shres/*. + +336. New version of contrib/host has been included. + +335. tools/nsquery.c and tools/nstest.c were moved to contrib/old/. + +334. Portability changes for HP-UX, Solaris, Linux, SCO UNIX. + +333. INVQ (inverse query support) now defaults to "off". + +332. Some of the internal hashing logic for syslog() rate limiting was not + accurate (more things were logged than should have been). + + --- 4.9.3-beta12-patch2 released --- + +331. Default domain in $INCLUDE files is now intuitive (rather than "."). + +330. Lame delegations are now only logged for class "IN". + +329. Format change to XSTATS output to make it more readable. + +328. Bad responses could cause core dumps in DiG, nslookup, etc. + +327. The now-requisite change to shres/* was discovered and put in. + +326. Portability changes for Linux, SCO, ULTRIX3, NeXT. + +325. Bit the bullet and reset all the RCS revision numbers to 8.1==4.9.3.b12. + + --- 4.9.3-beta12-patch1 released --- + +324. Added some missing pieces to the NSAP and NSAP_PTR handling. + +323. Tightened some of the GEN_AXFR code, fixed potential C_HS problem. + +322. Fixed minor niggle in the way "dig" parses its arguments. + +321. Final(?) tuning of the SunOS shres stuff. + +320. Reorganized the SunOS build params in the top level Makefile. + + --- 4.9.3-beta12 released --- + +319. Fixed DiG so that ". IN NS" was the default if no args are given. (Vixie) + +318. Merged the resolver with 4.4BSD's; made a BSD/ subdirectory off the main + tree for easy integration into BSD/OS, FreeBSD, NetBSD, et al; moved the + "master" subdirectory to "conf/master" to cut down on top level clutter. + +317. Lots of last minute fiddling to make Beta12 "right". (cast of thousands) + +316. Minor byte order bug in BIND_NOTIFY. (Grange) + +315. Added code to db_load() to detect "no RR's found" case. (Vixie; Heiney) + +314. "Zone declared more than once" test added. (Grange; Vixie) + +313. XSTATS interval was changed from "no more than once a minute, and usually + every fifteen minutes" to "no more than once an hour, and usually every + hour". (Gianopoulos; Vixie) + +312. Minor stuff in BIND_NOTIFY and the Ultrix and OSF/1 builds. (Heiney) + +311. Continuing hacks to LOC RR (experimental) and shres/*. (Davis) + + --- 4.9.3-beta11-patch5 released --- + +310. Minor BOG patches. (Shapiro) + +309. Minor LOC RR lint. (Heiney; Truck) + +308. Minor STUBS changes in ns_req.c. (Andrews) + +307. Ultrix and OSF/1 now install "man" (not "cat") pages. AIX now installs + *.[0-9] rather than *.0 pages. (Vixie, et al) + +306. conf/Info.* moved to new directory doc/info/*. (Vixie) + +305. NOTIFY could cause multiple simultaneous axfr's. (Andrews; Vixie) + + --- 4.9.3-beta11-patch4 released --- + +304. Minor fixes to PURGE_ZONE, CLEANCACHE, RETURNSOA, and dig. (Mark Andrews) + +303. LOC RR support is now in. (Chris Davis; Vixie) + +302. General portability stuff (with ISC leanings). (Mark Galbraith) + +301. Minor DiG portability fix. (Dima Volodin) + +300. Yet more HINFO fixes. (Gianopoulos) + +299. Really minor patch to tools/nstest.c, plus AIX fixes. (David Bolen) + +298. More shres/* fixes. (Davis; Woods) + +297. Minor SCO fixups. (Eduard Vopicka) + +296. Fixed #include problem in db_glue.c. (cast of thousands) + +295. Minor goofs in the sources. (Grange; Gianopoulos) + +294. Minor patch to the BOG (font problem). (Shapiro; Vixie) + + --- 4.9.3-beta11-patch3 released --- + +293. Minor #ifdef screwup corrected. (Mohamed Ellozy) + +292. Small HP-UX portability change. (Truck) + +291. Minor BOG correction. (Harlan Stenn) + +290. PX RR support. (Pierluigi Bonetti) + +289. Made random refresh interval a little more robust. (Miller; Vixie) + +288. Minor portability changes for DEC OSF/1. (Bob Heiney) + +287. We now do a setvbuf() on outbound AXFR streams since the system's + default size causes more write()'s (and therefore TCP segments) + than we really want. (Paul Mockapetris' idea; Paul Vixie's code.) + +286. Recast all uses of abort() to call private function panic(). This was + nec'y since we use the ABRT (IOT) signal to force a statistics dump, and + having it dump statistics inside of abort() was a bad thing. + (Mark Andrews noticed the problem; Paul Vixie fixed it.) + +285. Minor change to top-level Makefile for OSF/1 man pages. (Shapiro) + +284. Minor change to HINFO stuff. (Gianopoulos) + +283. Minor changes to XSTATS #ifdef's. (Benoit Grange) + +282. Minor change to top-level Makefile for ULTRIX/VAX. (William Gianopoulos) + + --- 4.9.3-beta11-patch2 released --- + +281. Another batch of (minor) HINFO changes. (William Gianopoulos) + +280. Minor formatting changes to keep ctags happy. (Craig Leres) + +279. Minor changes to OPTIONS. (Mark Seiden) + +278. New option XSTATS (default "on" for now). (Benoit Grange) + +277. res_mkquery() wasn't calling res_init(). (Philip Gladstone) + +276. Minor cleanup to shres/INSTALL. (Chris Davis) + +275. We now set a SO_LINGER on outbound zone transfers. (Peter Wemm; Vixie) + +274. Minor portability fix for VAX Ultrix. (Stan Barber) + +273. Fixed two time warp problems. (Bob Heiney; Paul Vixie) + +272. Named-xfer will now log and error and abort if it encounters an RR type + it doesn't recognize. (Mark Andrews; Paul Vixie) + +271. Minor cleanups to the HINFO comparison code in db_update. (Bryan Beecher) + +270. Made CLEANCACHE less of a CPU hog. (Benoit Grange; Mark Andrews) + +269. Add even more branches to the cred/clev decision tree, to make it more + robust about borderline data at zone cuts. (Jack McCann; Mark Andrews) + +268. New option (default: "on" for now): PURGE_ZONE. (Mark Andrews) + +267. Added contrib/misc/{soa-easy,dnsfind}.shar. I will not be including + this in the b11p2 diffs, though it will be in the next full kit. + (Tim Cook) + +266. I finally broke down and made a recommendation in the BOG with respect to + "nameserver 127.0.0.1". (Greg Woods supplied the patch) + +265. Minor portability stuff for SunOS. (Greg Woods) + + --- 4.9.3-beta11-patch1 released --- + +264. 900-second check removed; TTL==0 should work now. (Mark Andrews) + +263. Minor db_save() patch for initializing memory. (Bryan Beecher) + +262. Minor ESIX (SVR4.0.4/gcc) changes. (John Polstra) + +261. Minor dig-related patch to res_send.c. (Mark Andrews) + +260. Minor line number fix for ns_init(). (Havard Eidnes) + +259. NetBSD shared library stuff is now in contrib/misc/netbsd-shlib.shar. + (Matt Ragan) + +258. NeXT portability changes. (Allan Nathanson) + +257. Minor HP-UX portability stuff. (Lewis; Corrigan) + +256. Two medium sized bugs in BIND_NOTIFY. (Don "Truck" Lewis) + +255. Minor lint in ns_req.c. (Mark Andrews) + +254. Minor ndc.sh build problem. (Michael Corrigan) + +253. Minor coding inconsistency in res/res_comp.c. (Jeff Schreiber; Vixie) + +252. Minor BOG addition (SIGIOT). (Bryan Knowles) + + --- 4.9.3-beta11 released --- + +251. If a master zone's serial number goes backwards, named now logs a + warning. (Mark Andrews) + +250. Minor portability nit in ns_forw(). (Simon Leinen) + +249. Another portability problem fixed in ndc.sh. (Corrigan) + +248. Declaration problem with findZonePri() fixed. (Corrigan) + +247. References to CNAMES from MX/NS/MB will now be explicitly logged. (Vixie) + +246. Made the BIND_NOTIFY logic more robust; it still does not match the + current I-D (no delays yet). (Vixie) + +245. Fixed a writable-string problem. Added a lot of ANSI "const"'s. (Vixie) + + --- 4.9.3-beta10-patch1 released --- + +244. Added shres/PROBLEMS file. (Chris Davis) + +243. Corrected the BOG on the meaning of ".". (Doug Luce, Paul Vixie) + +242. SOA's can now be stored in $INCLUDE files. (John Lind) + +241. Rejection of 0.0.0.0 had a potential seg fault. (Mark Andrews) + +240. NoRecurse wasn't preventing queries for missing glue. (Mark Andrews) + +239. WKS nonaggregation test had bad length. (Ed Clarke, Chris Britton) + +238. NeXT library problem worked around. (Greg Wohletz) + +237. Core dump fixed in the dprintf() macro. (Eric Murray) + +236. MBZ fields in new queries were actually stack trash. (Olson, Vixie) + +235. Adds and changes to contrib/: + Added contrib/misc/dnstools.shar, from alt.sources. (Eric Murray) + Added contrib/misc/settransfer.shar (nonrecommended). (Tom Brisco) + Updated contrib/host/* with latest public version. (Eric Wassenaar) + Updated contrib/host/makezones with latest pub. version. (Philip Hazel) + +234. Made the "ps" command needed by ndc.sh a configurable parameter. + + --- 4.9.3-beta10 released --- + +233. Added and reordered a lot of code in ns_resp() to cause it to be + slighly harder to spoof with bad packets. More work needs to be done, + so that named will be as spoof-proof as the resolver has become. (Vixie.) + +232. Added new RR types to include/arpa/nameser.h, per RFC 1700. (Vixie) + +231. New "ndc" command. (Vixie) + +230. The VALIDATE option is now formally deprecated. It has bugs its detection + of invalid responses, and is known to mutilate perfectly valid CNAME + responses, to the detriment of clients. This code will likely be deleted + in the next BIND release, to be replaced by an ``always restart query'' + strategy. (Vixie) + +229. Moved a syslog() so that primary as well as secondary loads are logged. + +228. Resolver functions now reliably set h_errno. (Vixie, Wassenaar) + +227. Expired zones now lose their cached serial number information, giving + an opportunity to refresh a zone after a serial number goes backward. + (Andrews) + +226. Sun386i support crept in on little cat feet. (Brownlee) + +225. UDP packets could be overstuffed by 12 bytes. (Reilly, Vixie) + +224. failing connect()'s in named-xfer will no longer be logged. (Andrews) + +223. merged IETF stream (Vixie): + a. made ALLOW_UPDATES even more optional (it will disappear soon); + b. added NOTIFY option (experimental); + c. cleaned up some comments; + d. removed T_SA (was experimental, replaced by ROUND_ROBIN); + e. made named/Makefile's default CFLAGS -g (it usually inherits -O); + f. random code cleanup; + g. some internal errors are now fatal instead of warnings. + these changes were brought in once it became clear that there would be + another Beta of 4.9.3. + +222. tools/Makefile was using "make" instead of "${MAKE}". (Day) + +221. yet another bug was found and fixed in the SUNSECURITY code. (Brown) + +220. a variable reuse problem in the SUNSECURITY syslog()'s in gethnamaddr.c + was fixed. (Wohletz, Wemm, Vixie) + +219. "stub" root zones now affect the hint cache (STUBS is experimental). + in this situation it is reasonable to not have a "cache" directive, + and some code was reordered to make this possible. (Andrews) + +218. contrib/umich/lame-delegation/LISA-VI-paper.ps is now a proper + PostScript(tm) file. (Davis) + +217. syslog() cleanups in named-xfer.c. (Vixie, Barrett) + +216. shres/Makefile now forces -O. (Braniss, Ray) + +215. New contrib/misc/ctldns.sh. (Bush) + +214. New contrib/misc/dns-peers.info. (Wolfhugel) + +213. BOG and named(8) fixes. (Paffrath, Vixie, Hawkinson) + +212. database input errors will no longer cause the following line to + be ignored. (Gianopoulos) + +211. the TXT RR fixes done so far in 4.9.3 have been backed out; we're + back to the 4.9.2 behaviour. (Gianopoulos) + +210. the authority section will no longer duplicate the answer section + if both would contain the same NS RR set. (Vixie) + + --- 4.9.3-beta9-patch1 released --- + +209. installed marka's patch to CRED that fixes BETA9's flaw. + +208. added comment to README about -l44bsd and inet_aton(). + +207. new directory: contrib/multizdb. highly nonrecommended. + +206. small NextStep change in Makefile. + + --- 4.9.3-beta9 released --- + +205. minor Makefile fix after beta9 was previewed on bind-workers; also, a + new file conf/Info.Linux-more has been included. + +204. BOG fixes. + +203. netlists elements are now + { addr [ "&" mask ] } + which for the EBNF-impaired, means that "&" introduces an explicit mask. + implicit masks are either by-class or 0xffffffff, depending on ALLOW_HOSTS + in the call to get_netlist(). + +202. name compression is now case-insensitive. + +201. duplicate RRDATA won't trigger the new "auth warning" in db_update(). + + --- 4.9.3-beta8-patch2 released --- + +200. added a haveComplained() to limit auth warnings. + +199. fixed idiotic code reordering from patch1. + + --- 4.9.3-beta8-patch1 released --- + +198. a bad-string-termination bug was fixed in getnetanswer(). + +197. an uninitialized-variable bug was fixed in db_update(). + + --- 4.9.3-beta8 released --- + +196. Several minor corrections were made to the BOG. + +195. "clev" now distinguishes between root and TLD (wasn't worth a darn before) + +194. empty nodes in authority zones are now protected from non-auth updates. + (most of db_update() was rewritten to fix/support this.) + +193. negative cache items weren't updated before, now they are. + +192. zone updates from answers were prevented for new types but not if some + rr already existed with that type. fixed. also syslogged. + +191. the cache now distinguishes between authoritative answers and zone rr's. + +190. negative cache items are now marked appropriately authoritative. + +189. CRED is no longer optional. + +188. Another enhancement has been made to HINFO parsing. Named-xfer now + accepts RFC-bogus input formats generated by previous versions of BIND. + +187. SUNSECURITY now forces RES_DEFNAMES on so that relative "localhost" works. + +186. Minor portability fixes for DEC OSF/1, HP-UX. + + --- 4.9.3-beta7-patch2 released --- + +186. i forgot to comment out template Linux lines in top Makefile. fixed. + +185. "bogusns" directive significantly strengthened, for IN-ADDR.ARPA problem. + also fixed a bug in hardcoded root server lame detection. + + --- 4.9.3-beta7-patch1 released --- + +184. Yet another ULTRIX incompatibility has been worked around. + +183. Bogus HINFO RR's will no longer cause corrupt secondary zone files. + +182. NeXT support is now complete. Builds right out of the box. + +181. Updated TODO file. + +180. Added new INSTALL file. + +179. Minor doc fix in OPTIONS file. + +178. Security-related bug fix to new sunos shres/* stuff. + +177. Limited Linux portability was added. + +176. Trailing dots on zone names in named.boot are now ignored. + +175. Random lint was removed. + +174. DiG changes: increment version number (2.1), allow default domain (.). + + --- 4.9.3-beta7 released --- + +173. named-xfer would act strangely if trailing dot domains given as arguments. + +172. setenv() now provided on systems that need it (NeXTStep, e.g.). + +171. doc changes for shres/*. + +170. fixed debugging output problem in ns_req.c. + +169. fixed portability "bugs" on ultrix systems (some tools wouldn't link). + +168. minor functionality change in named/ns_validate.c. + +167. minor lint in res/res_comp.c. + +166. minor change to contrib/doc-2.0/*. + + --- 4.9.3-beta6 released --- + +165. another small adjustment to the Apollo section of the Makefile. + +164. a completely new shres/* was submitted; contrib/sunlibc is deprecated. + +163. INVQ is back on again by default. See README. + +162. another set of patches for obscure corner cases in the HINFO parser. + +161. added new SUNOS4 macro to Makefile and conf/portability.h; this should + fix the trouble folks were having with strerror() on SunOS 4.X systems. + +160. minor Makefile changes. + +159. processes which send outbound zone transfers now close all inherited + descriptors, since they can be longer-lived than the main named. + + --- 4.9.3-beta5 released --- + +158. various lint involving options which are rarely defined. + +157. sunos needed -DBSD=43 rather than -DBSD. + +156. minor memory leak fixed in ns_req.c. + +155. some install directories for DGUX were wrong. + + --- 4.9.3-beta4 released --- + +154. a new man/* hierarchy was installed which should be more portable. + +153. a new contrib/host has been included. + +152. a parsing problem in HINFO was fixed. + +151. a few minor changes to contrib/sunlibc/Makefile. + +150. typo in res_send.c fixed. + +149. fine tuning the credibility-level heuristics. + +148. dn_expand() will fail on names which have bad characters in them. + +147. disappearing zones could cause a core dump in syslog() - fixed. + +146. text of warnings in named-xfer corrected. + +145. limited DGUX, RISCOS support added. + +144. contrib/sunlibc/Makefile MFLAGS/MARGS problem fixed. + +143. another SunOS recv() bug has been worked around. + +142. various BOG fixes. + +141. updated master/root.cache file from latest InterNIC version. + +140. Added ``max-fetch'' to named(8). + +139. NOT_BIND problem in named/tree.c fixed. + +138. minor lint, memory leaks, and portability problems were fixed. + + --- 4.9.3-beta3 released --- + +137. some serious (and recently) dynamic memory bugs were killed. + +136. a reference to uninitialized data was fixed in res_query(). + +135. a RES_STAYOPEN-related bug was fixed in res_send(). + +134. isascii() and isxdigit() now simulated on systems which lack them. + +133. named's local setproctitle() has been renamed to avoid system conflicts. + +132. minor bugfix to negative caching code. + +131. minor bugfix in validation code. + +130. the typestats[] multiple definition problem was fixed. + +129. some Sequent portability changes were folded in. + +128. a new contrib/sunlibc was donated, but hasn't been tested. + +127. minor changes to contrib/sunlibc/Info.*. is anybody using shres/*, tho? + +126. STDIN_FILENO and STDOUT_FILENO are now defined by conf/portability.h. + +125. there is now a ``max-fetch'' directive in the boot file (see the BOG). + +124. there is now a RENICE option in conf/options.h. + +123. the toplevel Makefile has been made slightly more readable. + +122. <> + +121. minor fixups in the lame delegation code. + + --- 4.9.3-beta2 released --- + +120. I upgraded my "-me" macros so that the included doc/bog/file.psf is OK. + +119. NXDOMAIN responses from the negative cache will now always be + authoritative. this is the least of all evils, trust me. + +118. strcasecmp() in compat/lib is now ANSI compliant. + +117. PTR RR's are no longer subject to ROUND_ROBIN processing. + +116. writev() emulation for SCO had a bug. + +115. the resolver no longer calls sscanf() or qsort(). + +114. minor debugging nit cleaned up in res_querydomain(). + +113. IP options on incoming connections are now logged and ignored. This + should probably be done for datagrams as well but not today. + +112. tree.c made portable to non-POSIX/ANSI systems. + +111. NSAP RR's are now supported. NSAP_PTR RR's are deprecated and so left out. + +110. outbound zone transfers are now logged. + +109. various lint cleaned up wrt 16-bit integer handling. + +108. named-xfer was exiting bogusly on some systems due to flakey kernel + interfaces. i've rewritten some of the code to avoid the problem, + and fixed plenty of lint in the process. + + --- 4.9.3-beta1 released --- + +107. Apollo systems were dumping core because of a missing #include . + +106. NSAP and NSAP_PTR RR's now recognized by res_debug() (but nothing else). + +105. NeXTstep 2.1/3.0 and Pyramid dcosx now nominally supported. + +104. res_querydomain() was doing Bad things if given an empty name. + + --- 4.9.3.a5.p4 published --- + +103. named-xfer's exit cause is now syslog()'d more often/clearly (Paul Vixie). + +102. I left out a ";" in the new compat/lib/ftruncate.c file (Craig Leres). + +101. X25, ISDN, and RT RR support have been added (Michael A. Meiszl). + + --- 4.9.3.a5.p3 published --- + +100. Another glitch (very minor this time) was found and fixed in the + QSERIAL logic. This was a performance problem only -- reliability + wasn't affected (Bob Heiney). + +99. SCO UNIX is now supported, thanks in part to Michael A. Meiszl. + +98. I witlessly used a GCC-only feature (automatic aggregate initialization) + in a5p2. Kazuhisa Shimizu was the first to report it. + + --- 4.9.3.a5.p2 published --- + +97. NEC EWS4800 EWS-UX/V Rel4.0/Rel4.2 support (from Kazuhisa Shimizu). + +96. Some of the security checking logic in the new res/gethnamaddr.c's + getanswer() was happening in the wrong order (thanks, Bob Heiney). + +95. Minor typo in the man/host.1 man page (caught by Robert Elz). + +94. DiG was groping core if given more than 10 tokens in a lookup string + (Michael J. Corrigan provided the fix). + +93. Queries to INADDR_ANY ("0.0.0.0") come back from the system's primary + interface, and res_send() was discarding them. A proper fix would add + a lot of code to the resolver, so for now we'll just work around it + (Michael J. Corrigan reported this). + +92. The "data outside zone" syslog message was misleading (Bob Heiney). + + --- 4.9.3.a5.p1 published --- + +91. res/gethnamaddr.c wouldn't compile on non-BSD systems since it depended + on LOG_AUTH which is a post-4.3 feature (Bob Heiney reported this). + + ****** 4.9.3-alpha5 released ****** + +90. redid most of my previous round of prototyping now that i truly + understand which variables and parameters should be u_char and which + ones should be char. (Vixie) + +89. added (optional) prototypes for _getshort() and _getlong(); this means + the calls all need casts of their argument since it usually isn't a + u_char*. Also prototyped res_query(), res_search, and the nominally + private but for some reason not static res_querydomain(). (Vixie) + +88. security related: responses from servers we didn't query are now ignored + by the resolver; answers with QDCOUNT!=1 are treated as errors; name + mismatches in the question or any part of the answer field are syslog()'d + and ignored. (Vixie) + +87. fixed a bug in the SUNSECURITY stuff. (Vixie) + +86. a long standing bug in the name hashing code that caused it to ``hash in'' + the case of the name's characters, was found and fixed. (twice.) (Vixie) + +85. Bob Heiney did some performance analysis and concluded that samedomain() + was soaking down cycles at a rate disproportionate to its usefulness; he + reimplemented it in a way that violated the (good,fast,cheap) rule. + +84. the RFC1101 implementation of getnetby*() was using case-sensitive + string compares. + +83. fp_query() will no longer try to format packets larger than PACKETSZ, + and for perversity, dig and named are now prepared to handle replies + (via TCP) larger than PACKETSZ. new function: __fp_nquery(). (Vixie) + +82. multiline initial syslog() is fixed (Bill G). + +81. Don Lewis sent in a big update for the lame delegation logic. Vixie fixed + one bug. Bryan Beecher had a big hand in this. + +80. TCP replies can now be up to 8K in size (don walsh). + +79. validation bug fixed (don lewis). + +78. BOG patches from mike minnich and others. + +77. more lint fixes for Cray (norb brotz). + +76. a new hostname(7) man page was contributed by Art Harkin. + +75. DESTINC is now a settable Makefile parameter (Marion Hakanson). + +74. the zones-not-transferring bug is finally gone. + +73. now using LOG_PERROR in openlog(); many parallel dprintf()'s are gone. + +72. inability to retrieve serial number via UDP now forces TCP transfer. + +71. removing secondary zone files and SIGHUP'ing will now force a transfer. + +70. "cache" directives can now specify "/class" as documented in the BOG. + +69. Mark Andrews' fix for the ns_forw core dump is in. + +68. Keith Bostic fixed some typo's in the man pages. + +67. Compiling without NCACHE is possible now (John Hanley). + +66. Bill Gianopoulos and Alan Barrett finally agreed on what glue was and + Bill's alpha4 patch is mostly gone now, and one new idea was added. + +65. BOG improvements (Vixie, Brooks). + +64. Mark Andrews' CLEANCACHE (recommended) and RETURNSOA (__NOT__ recommended!) + are in. RETURNSOA should not be enabled at this time; there's nothing + wrong with the code but it will cause cache corruption in older servers + and may not be necessary. The jury is still out. + +63. outbound zone transfers are now logged (requested by Ron Johnson). + +62. serial number queries sent out for zone transfer purposes will now be + limited to a maximum of four (4) simultaneous outstanding; this keeps + BIND from overflowing its UDP socket buffer when hundreds of zones must + be checked (still trying to fix Paul Pomes' problem). + +61. short A RR's in responses will no longer lead to purify errors due to short + malloc()'s in savedata() (thanks to Nicholas Briggs for reporting this). + + ****** 4.9.3-alpha4 released ****** + +60. manifest constants used instead of "sizeof({u_,}int{16,32}_t)", for + systems which lack 16- and 32-bit integers (paul vixie for norm brotz). + +59. zone transfer anti-glue logic made RFC1034-compliant (bill gianopoulos). + +58. seg fault in sysquery() (from LAME_DELEGATION) fixed (mark andrews). + + ****** 4.9.3-alpha3 released ****** + +57. a big, hefty patch was made to the negative caching logic (mark andrews). + +56. named-xfer will no longer scramble the default origin (alan barrett). + +55. random bits of lint found and removed (mario guerra). + +54. convexos-10 is now supported (jukka ukkonen). + +53. seg fault in database dumps (from VALIDATE) fixed (don lewis). + +52. problem with extra bogus 0.0.0.0 A RR's from VALIDATE fixed (mark andrews). + +51. the LAME_DELEGATION logic once written into 4.8.3 by don lewis has + been substantially reworked and put into 4.9.3-alpha3 (bryan beecher). + +50. all instances of "sizeof(HEADER)" were changed to "HFIXEDSZ" to make + life easier for the cray. also, "struct HEADER" in include/arpa/nameser.h + uses just bit fields now, for portability to 64-bit systems without + 16-bit integer types. (norb brotz suggested it; paul vixie did it). + +49. build changes for NeXT and AIX systems (artur romao; c. wolfhugel). + +48. random sunshlib changes (piete brooks). + +47. minor fixes for solaris build (carson gaspar; paul pomes). + +48. a few bugs were wrung out of the BOG (per hedeland; vixie). + + ****** 4.9.3-alpha2 released ****** + +47. several obscure Makefile problems were fixed (vixie). + +46. there is now a per-primary-NS quota for simultaneous zone transfers; this + will cut down on the retry thrashing seen on servers that are secondary for + thousands of zones (vixie). + +45. a bug introduced by change #23 has been fixed (marten terpstra; apb). + +44. the "data outside zone" messages are now consistent (piete brooks; vixie). + +43. several #include's were reordered in res/*.c and a few #ifdef's were + changed; BIND should now run OK on DGUX (henry miller). + +42. several changes to the conf/options.h and Makefile (vixie): + -> SVR4 has been added as a top-level Makefile CDEFS option + -> SYSV has moved from conf/options.h to the top level Makefile + -> INVQ is now an "#ifdef" rather than a "#if" + +41. resolver no longer uses initialized static data, which should make shared + libraries easier to generate (vixie did it, at the urging of many others). + +40. now compiles on Apollo DomainOS (don lewis). + + ****** 4.9.3-alpha1 released ****** + +39. lots of lint found and fixed (craig leres). + +38. illegal enum compare fixed in named/ns_stats.c (vixie). + +37. missing ')' added in SUNSECURITY section of res/gethnamaddr.c (h miller). + + ****** 4.9.3-prealpha released ****** + +36. ***REMOVED*** + +35. various bugs were fixed in the negative caching (vixie; mark andrews). + +34. several debugging and dump output problems were fixed (mark andrews). + +33. TXT RR's can now be read from zone files even if they lack quotes; + the RFC doesn't say quotes are needed (jim martin). + +32. limited support for AIX-3 is now included (christoph wolfhugel). + +31. SUNSECURITY is now an obvious default in ./Makefile (p killey; b beecher). + +30. VC queries that time out are now GC'd and SERVFAIL'd (mark andrews). + +29. HP-UX 9.0's top-level makefile variables have been changed (don lewis). + +28. various fixes for tools/host.c (jim martin; mark andrews). + +27. syslog messages logged by SUNSECURITY will now include the address of + the host that's having problems (david morrison). + +26. systems whose connect() calls fail if a socket is already connect()'d + will now have their sockets closed and recreated in res_send() (piete + brooks; mark andrews; vixie). + +25. res_send() will now corrected reset its "connected" variable when the + connectedness of a socket changes (mark andrews). + +24. SERVFAIL responses will no longer terminate the res_search() inner loop, + thus catastrophic problems with early search elements will no longer + prevent res_search() from trying later search elements (bryan beecher;vix). + +23. non-NS RR's for delegated subzones will no longer be accepted in a zone + transfer (alan p barrett). + +22. the setting for _PATH_PIDFILE is now overridden by the Makefile (l hume). + +21. named.restart.sh now has a smaller path with %DESTSBIN% first therein; + this should prevent the vendor version of named from being exec'd by + accident (leigh hume). + +20. big change: statistics are now kept "per name server" rather than as + a single global array. the /var/tmp/named.stats file format has changed + quite a bit, so older awk/perl scripts are likely to stop working. + +19. big change: every RR now keeps a pointer to a "nameser" struct; this + currently permits SIGINT-initiated dumps to include the address of all + non-zone data, which will help with tracking down corrupt data. + +18. db_load.c was missing two #ifdef/#endif's for CRED (mike minnich). + +17. don't aggregate SOA or WKS RR's in the cache (vixie). + +16. minor cosmetic changes (vixie). + +15. fixed typo in compat/Makefile ("LIBDIR" -> "DESTDIR") (rob davies). + +14. fixed spurious "accept: interrupted system calls" (vixie). + +13. named will now start as many named-xfer's as it should; previously it + lost track of the need for transfers at the beginning of each maint + cycle. also, we don't bother asking for an SOA if we know that our + zone is out of date. i've changed the transfer metrics so that more + transfers can happen concurrently, and maint cycles come more often. + (andrew partan; vixie). + +12. a number of LOG_ERR and LOG_CRIT syslogs were downgraded to LOG_NOTICE + (rob davies; vixie). + +11. sequence number checking now treats "zero" as a special case. + (craig leres; andrew partan; vixie). + +10. MFLAGS no longer used explicitly, since it is often used implicitly + (mark andrews; vixie). + +9. ADDAUTH is no longer considered experimental (tony stoneley; vixie). + +8. several obscure type bugs fixed (don lewis). + +7. signal handlers all now preserve errno (don lewis). + +6. TTL deprecation made more portable (don lewis). + +5. now compiles on Apollo DomainOS and is generally more POSIX-ish (don lewis). + +4. bryan beecher's "query" tool has been promoted to tools/ and renamed to + dnsquery. minor changes were required in several Makefiles (vixie). + +3. "make links" at the top level will now make a higher resolution link tree, + which makes porting easier on some systems (ian dickinson). + +2. Convex feof() bug now has a workaround (jukka ukkonen). + +1. gethostby*() will no longer overwrite its fixed-size array if a host with + too many addresses is handled (reported by piete brooks, fixed by vixie). + +-------------------------------------- 4.9.3 above, 4.9.2 below + +4.9.2 ------------------ FINAL ----------------- Paul Vixie + +57. updated TODO, README files. + +56. fix to contrib/sunlibc/Makefile. + +55. several new items in contrib/. + +54. Corrected bad command line parsing bug in tools/dig.c; also added the + old query timing code back in (thanks to Havard Eidnes). + +53. Ported contrib/decwrl/host.c to the modern interfaces. + +4.9.2 ------------------ BETA5 ----------------- Paul Vixie + +52. A number of optimizations that fell out of negative caching and/or the + validation code have been turned off in order to avoid confusing older + nameservers and their unfortunate assumptions about co-invariants. + Mark Andrews and Robert Elz were the principle debuggers and contributors + to this part of the effort. + +51. We're now much more portable to systems without Posix or BSD signals, + thanks to Bill Wisner. + +50. tools/host.c now has more reasonable error messages and can deal with + negative caching servers. + +49. Lots of Makefile gaffes are now fixed. + +48. New "host" in contrib/host/, complements of Eric Wassenaar. + +47. AFSDB support is now complete, thanks to Chris Everhart. + +46. The bug whereby named would sporadically return NXDOMAIN when it should + have sent back a referral has been fixed. + +4.9.2 ------------------ BETA3, BETA4 ----------------- Paul Vixie + +45. Robert Elz has provided updated LOCALDOMAIN environment variable + processing, making it more like resolv.conf's "search" than "domain". + In the spirit of this I have added a RES_OPTIONS environment variable + and a corresponding "options" keyword to resolv.conf. All of this is + documented in the man pages and in the BOG. Robert has also contributed + several bug fixes to the validation and negative caching code. + +4.9.2 ------------------ ALPHA ----------------- Paul Vixie + +44. BETA1, BETA2, and three patches to BETA2 have all come and gone without + itemized descriptions in this file. I'll provide the RCS history on the + code to anyone who asks, but basically what's been happening is that some + core dumps were fixed, others added, then those were fixed too. Meanwhile + RFC 1535 has been published, codifying CERT's concerns and our answer to + them. BIND is now RFC 1535 compatible. RFC's 1535, 1536, and 1537 are + now included in the doc/ directory. Note that Mark Andrews supplied many + of the fixes to the core dumps, some of which were introduced by me and + some by ISI's negative caching and/or validation code. + +43. patch05 to ALPHA2 (930908) released: this includes new DNSRCH logic to + correct a serious problem that CERT called me with today. the change is + subtle and will have the effect that names which could match either as + fully qualified names or partially qualified names using the local search + list will be found as fully qualified. previous releases would have found + them first through the local search list. local search lists are a bad + idea in my opinion; see new SEARCH_DEFAULT option in OPTIONS file for more + information. also in this release: limited Solaris support, in the form + of POSIX-style signal handling used on systems which support (or require) + it. as of this patch, 4.9.2 has a good chance of compiling out of the box + on Solaris, modulo makefile edits. dig and host should be more portable + now, too. + +42. patch04 to ALPHA2 (930908) released: this corrects several borderline + syntax errors in various Makefiles (Sun and Ultrix makes complained); + it corrects a coredump on Ultrix systems (which aren't really as POSIX + as i thought they were); it lets dig and nslookup compile again on SunOS; + and it cleans up some dirty junk in named-xfer.c. this stuff is really + really minor but i would like to see it tested on a Sun system before the + beta. + +41. patch03 to ALPHA2 (930908) released: this uses compat/include by default + which is helpful on BSD/386 systems and shouldn't hurt any others except + perhaps real 4.4BSD systems (and maybe not even those); it removes Bryan + Beecher's SHUFFLE_ADDRS option since he and I agree that Marshall Rose's + ROUND_ROBIN stuff is more general and cleaner; it includes various patches + to the documentation sent in by several folks (please print the BOG and + let me know if you find problems in it); it fixes "make depend" problem + in "man/" subdirectory; it fixes several outright bugs in Gregory Shapiro's + SECURE_ZONES code; it removes an obscure syslog() that should have been a + dprintf() ("validate_count -> 0"); it fixes a bug in NCACHE whereby a T_ANY + query for a name which was negatively cached but had children would return + _answers_ with the T_ANY type for subsequent queries; several newer syslog + messages were reworded to make them clearer; a portability bug in the + SUNSECURITY logic was fixed; another in the RFC1101 logic was fixed; + support for the PAGER environment variable was added to nslookup (sorry, + i know we're in functional freeze but this will enable development in the + next cycle and it was pretty simple) and only affects the "view" and "help" + commands. + +40. patch02 to ALPHA2 (930908) released; this includes more fixed from Mark + Andrews, this time to Anant's NCACHE stuff (memory leak and functional + bug). Also included is a patch from Gregory Neil Shapiro to his SECURE_ + ZONES code, which I hadn't noticed since I don't run it here. + +39. patch01 to ALPHA2 (930908) released; this includes some fixes from Mark + Andrews to his "clev" and ADDAUTH stuff. The "clev" patch fixes a problem + on all servers; the ADDAUTH stuff is still experimental so most users will + not be affected by it. Dave Morrison also sent a patch for the USE_UTIME + logic, which is important for ULTRIX systems. + +38. 4.9.2-ALPHA2 released on 930908. + +37. Mark Andrews sent an initial attempt at implementing ADDAUTH, which will + eventually allow named to include authority and glue RR's with all + authoritative answers. I am not sure that the design goal is right, and + the implementation currently sends back glue RR's but no authority RR's, + so I'm recommending against using this for now. But since it changes some + internal interfaces in a harmless enough way, I'm including the changes. + +36. Marshall Rose's ROUND_ROBIN code snuck in at the last hour. This is the + best answer I've seen to the problems purported to be solved by SA RR's, + and my wording in the OPTIONS file shows this. + +35. These items from TODO is now done: + + [vixie@pa.dec.com 25apr93]: clean up debugging + replace all "#ifdef DEBUG...fprintf(...)...#endif" with dprintf(...) + which would be a macro that only expands to an fprintf() if DEBUG is + set. dprintf(x, (args)) with x as the log level. perhaps change log + levels to be symbolic, and perhaps make them a mask instead of a limit. + + [vixie@pa.dec.com 25apr93]: clean up #ifdef's and portability + add and use function prototypes. make everything static that can be. + externs should only be in .h files (add more .h files, per module if + needed, to cover these). add "export" keyword (null define) to make + it clear which names are exported and which are static. all top-blevel + names in a module must be "export" or "static". + + [gshapiro@guest.wpi.edu and vixie@pa.dec.com 26apr93]: access control + "xfrnets" is ok but what we really need is full access control per + zone rather than a global list of acceptable client nets. this is + especially important if you send /etc/passwd via zone transfer. + + [postel@isi.edu anant@isi.edu jaffe@noc.rutgers.edu + 28apr93]: negative caching + Paul: + We'ed like to have included in 4.9.1 + our implemention for negative caching. + --jon & Anant. + + [vixie@pa.dec.com 16may93]: inet_addr needs to die + to be replaced by calls to inet_aton, which doesn't confuse the + broadcast address with bad addresses. + + [Paul: I know you said that you'd like to wait for the IETF DNS WG to + "bless" an official load balancing scheme, but I'll be adding my + shuffle A records to BIND 4.9 for use here at U-M anyhow. The code + mods to existing source files are minimal since the bulk of the work + is done in a separate .c I added. If you don't want SA records to + move into 4.9.1 unless they become official, please just toss this + first entry. --bryan@umich.edu] + + [bryan@umich.edu 25apr93]: add "shuffle A" records + There are several schemes for adding some kind of load balancing + capability to the DNS. Our "Shuffle Address" (SA) records are one + stab at this, and since they're in use at U-M, I need to add them + so we can use BIND 4.9 here. + + [bryan@umich.edu 25apr93]: add AFSDB records + AFSDB records were proposed in RFC xxxx. We use them here at the + University of Michigan, so I need to add them for our copy of + BIND 4.9. + + [bryan@umich.edu 25apr93]: small fix to resolver's p_cdname() + The current copy of p_cdname() in the resolver does not work + for query responses larger than 512 bytes (which can happen when + using TCP). A very small modification changes the "sanity check" + argument (the second one) to dn_expand() from "msg + 512" to + "cp + MAXCDNAME". (This showed up very recently.) + +34. While waiting for some last minute changes from volunteers, I looked + at my work queue and saw that asp@uunet.uu.net had asked a while ago + that named not fork/exec a named-xfer unless it had already determined + that the serial number was out of date. This is important to sites like + UUNET and DECWRL, which have thousands of "secondary" lines in their + named.boot and can take hours to check all the serial numbers at boot + time if named forks/execs named-xfer and lets named-xfer compare the + serial numbers, rather than comparing them in named and only fork/exec'ing + a named-xfer if it's actually neccessary to do a transfer. In spite of + C's lack of threads, this only took a few hours to do. So it's in. + +33. Gregory Shapiro's "secure_zone" changes are in. See the BOG. + +32. Internals changes: STATS is no longer optional; ns_req() has been split + into three functions for readability. Convex systems are now supported. + You can now define LOG_FAC in conf/options.h if you want to syslog as + LOG_LOCAL1 or some other non-LOG_DAEMON value. The mkstemp() problem on + ULTRIX has been fixed. More dead code has been eliminated. + +31. Large TCP queries are now printable in debug mode (which is used by + "dig" and "nslookup"), thanks to a patch and a lot of patient explain- + ations from Bryan Beecher. + +30. Data from subdomains ("deeper zones") is now considered more credible + than data from parent zones, if both are authoritative. This permits + a subdomain's data to differ from its parents delegation information + and have the most-local information supercede the least-local. Mark + Andrews sent this in, and it is nonoptional. + +29. rossc@ucc.su.oz.au's SUNSECURITY patch is now included, along with + marka@syd.dms.csiro.au's performance improvement to it. Note that + I am violating my own policies by including this, since it came + without a corresponding patch to OPTIONS, conf/options.h, and the BOG. + +28. Interfaces with multiple addresses were not being handled properly. + This is an issue for 4.3-Reno and later BSD systems, including BNR2 + ("Net-2") and 4.4BSD. Multiple addresses are not properly handled + as if they were all aliases for the localhost. + +27. Jukka Ukkonen sent me some patches for the Convex, + which I've put it but cannot test. + +26. sob@tmc.edu (Stan Barber) sent me new versions of contrib/host/host.c + and contrib/host/send.c, which I have installed but not tested. I am + still waiting for someone to update the version in tools/host.c, which + is going to be a lot more work. Contact me via e-mail if you want to + help. + +25. My credibility stuff from the original 4.9 (and before that, KJB) + was operating under a ``scorched earth'' policy due to a brain fault + on my part when I wrote the code originally. Tim.Goodwin@pipex.net + discovered this and sent in a patch. Note that throwing out glue is + generally OK since glue is generally NOT OK, but disposing of it after + ~20 references is a lot better than disposing of it after 1 reference. + +24. NS RR sorting on forwarded and system queries was not happening + unless more than 1024 milliseconds of RTT variance existed among + the servers. This was a good value for development and testing + but not for production use. The value is now 128 milliseconds. + No, this should not be a configurable in the boot file. + +23. I am including a file doc/FAQ which was posted to usenet as: + From: craig@ecel.uwa.edu.au (Craig Richmond - division) + Newsgroups: comp.protocols.tcp-ip.domains + Subject: FAQ: Setting up a basic DNS server for a domain + Date: 3 Aug 1993 10:53:51 GMT + Organization: The University of Western Australia + Lines: 1088 + Message-ID: <23lg3v$1go@uniwa.uwa.edu.au> + Summary: Step by Step implementation of a DNS server + Keywords: FAQ DNS setup + +22. named-xfer now syslogs if the remote server's serial number is _lower_ + than ours, which does seem like a bad thing. per@erix.ericsson.se + (Per Hedeland) sent this in. + +21. man/resolver.3 had a typo on the exp_dn argument to dn_expand. fixed. + (Steve Alexander sent this in.) + +20. include/sys/cdefs.h moved to compat/include/sys/cdefs.h since some + systems have their own which must be used. the top-level makefile + must be edited if you are on one of these systems, since the default + CFLAGS includes this new directory as a -I directive. sys/bitypes.h + has also moved. + +19. A neccessary bug fix for ISI's VALIDATE/NCACHE code has been incorporated. + If you had to rebuild without these turned on in options.h to get your + CNAME lookups to work again in an earlier 4.9.2 ALPHA, you can turn them + on again now. + +18. The q_system field of the query structure has been removed in favor of + a q_type field containing bit definitions. The old PRIMING_CACHE magic + cookie is no longer used. Go to the end of the universe, do not pass go. + +17. Converted to ANSI C. All functions are static unless they are actually + needed outside the current module ("file" in C terminology); static + functions are declared with prototypes if they are forward-referenced. + Externally visible functions are declared in separate header files, with + prototypes. ns.h and db.h have been split into four new header files: + db.h -> db_defs.h db_glob.h db_func.h + ns.h -> ns_defs.h ns_glob.h ns_func.h + + The *_defs files contain only structure and type definitions, and macro + definitions. Nothing that generates text or data space in the executable + is declared here. + + The *_glob files contain only global variable declarations, which used to + be defined in the various *.c files in a more or less random fashion. The + declarations are "extern" if included from non-main()-containing files, but + are defined globally and given initial values in main()-ish files. This + reuse of the same declarations insures that the type and size declarations + match between definitions and external references to them. + + The *_func files contains function prototypes for global ("extern") + functions. The prototypes are all optional so will not break non-ANSI + systems. Note that I don't have such a system any more so I may be wrong. + +16. Removed all remaining references to "short" or "long" that did not + depend on the vague semantics of those types. Most uses were actually + depending on a size of 16 bits for short and 32 bits for long, and there + are processors/compilers where each of these types is different. This + work was begun in 4.9 and is now complete. Note that some structs that + are used in large data structures use "char" for 8-bit integers. It helps. + +05Jul93 - ALPHA Released + +This is the cleanup release after 4.9. I'm going to try the TCSH style of +logging the changes; let me know if you think it's a bad way of doing it. + +15. the resolver now includes an implementation of RFC 1101, which allows + network names to be encoded in the DNS tree rather than in /etc/networks. + this implementation is by rps@matuc2.mat.uc.pt (Rui Pedro Mendes Salgueiro) + i put the test program and original documentation in contrib/rfc1101/. i + would like to see their main.c ("nettest") turned into a tools/nettest, + but i'm not willing to do the work myself. it needs a man page, etc. + +14. as expected the initial HS zone transfer stuff didn't work that well. + thanks to , retries after failed SOA queries will use + C_IN rather than falling through to C_HS inappropriately. + +13. ns_init.c was fcntl(SETFL)'ing in a destructive way. it now does a + fcntl(GETFL) to get the old option mask and then |'s in the new flag. + this patch came from Eduard Vopicka . + +12. there are two new conf/Info.* files; check 'em out. + +11. ultrix (some versions, especially the vax ones) libc.a had some bad + naming conventions for some resolver routines. getshort/putshort just + have to be real functions, not just macros, or you can't link anything + with this resolver. patch was sent by . + +10. sethostent(x) for host files was sticky for nonzero 'x' (avalon@anu.edu.au) + +9. hp9000s700 is now supported in include/arpa/nameser.h (avalon@anu.edu.au) + +8. statistics dumps now print the time in decimal-seconds-since-1970 in + addition to the old "ctime" format, for ease of debugging. (Peter Koch). + +7. systems with 14-character filename limitations have apparently been + having trouble in named-xfer since its temporary file names are bigger + than they can handle. ash@hp sent in some patches a while ago, enabled + with SHORT_FNAMES in conf/options.h, to deal with this appropriately. + We should probably just generate short names always. + +6. Some security stuff from ISI. According to Anant Kumar : + + The validation procedure is the major change here. Currently, we + accept anything from a server, as long as we had asked it a question. + This implies that a malicious server can really send us any data and + we not only pass it on, we also cache it for as long as the TTL + holds. This can be really bad for our health and for that of those + who use the DNS. + + We add this procedure to verify for each RR returned by a server + that it is indeed authoritative for either that zone, or for a + parent zone. We end up trusting the root servers for everything! + Also, the more rich our cache is the more choosy we become about the + data we add on to it. This stuff is all ifdef'd with "#ifdef VALIDATE" + + The negative caching stuff adds on a d_rcode field to the databufs. + Any positive entry now shows a NOERROR there while negative entries + have either a NXDOMAIN or NOERROR_NODATA. NOERROR_NODATA rcode is + never returned. It is used only to differentiate, within the + internal database, between negative and positive entries. We use the + regular hash table (hashtab) to store negative entries, too. Only + authoritative answers are negative cached, for NTTL (parameterized, + currently 10 minutes) seconds. Non-authoritative NXDOMAINs or + NOERROR with zero RR count, now generated, are now accepted but + never cached. This is ifdef'd with "#ifdef NCACHE". + +5. "make install" now has a prayer of working for the man pages. an observation + was made that net2++ systems _require_ formatted "cat" pages and that older + systems are _able_ to use them, so that's all we install. + +4. i wrote man pages for named.reload, named.restart, and named-xfer. these + were actually in 4.9.1 for 4.4BSD. + +3. unneeded functions in compat/lib will now generate placeholder symbols, to + make sure that the linker doesn't generate ugly-but-harmless warnings. + +2. my ignorance of the true meaning of _POSIX_SOURCE has been corrected, + along with the ugly-but-working code in conf/portability.h and elsewhere. + +1. non-resolver routines moved from res/ to compat/lib/. this will shorten + libresolv.a and make it easier to integrate new BIND releases into Net-2 + descendents such as 4.4BSD and BSD/386. + +4.9.1 ------------------ + +This is the integration of the changes that were made for 4.4BSD. This +release will not be published. Changes include: + +doc/BOG/*: many changes to improve appearance of the output, including + orphan-avoidance and better tab stops. Sent to me by someone on + the net who deserves thanks but I've lost the original mail. Oops. + +include/*: the CSRG people weren't entirely pleased with the interface + changes i made to the res_*() and inet_*() functions. in particular, + the changes from "long" to "u_int32_t" were too sweeping in their + opinion since Posix is already working on standardizing them and + might look unkindly on an apparently-still-evolving interface. also, + the possibility that all the vendors will change their implementations + to match the new interface is apparently rather dim. therefore most + externally-visible occurances of the int32_t type have been changed + back to "long" in the resolver interface. we believe that this should + still be portable to Cray and AXP machines, but i'll wait to hear from + someone who can actually try it out and let me know. + +tools/*: the "net2" version of "lex" requires some additional flags and libs, + and this had implications for the Makefiles and the dig.c source file. + nslookup's man page is now in man/ rather than tools/nslookup, for + consistency. + +named/*: last-minute 4.9-FINAL changes to named-xfer.c and db_load.c resulted + in corruption of TXT records on zone transfers, and a high number of + useless syslog(SYS_ERR) messages about zones already being up to date. + these last-minute changes have been massaged into better shape and are + now a lot readier for prime time than they were. a lesson was learned. + + the inet_aton() function is now used where appropriate, rather than the + old inet_addr(). this is just an evolutionary move that should have no + practical implications. bad addresses in the "tcplist", "bogusns", and + "sortlist" directives (from named.boot) are now syslogged. + + some open files are still inherited by named-xfer from named, but they + are properly closed now. + + the SIGXFSZ signal is now accepted as an alias for SIGHUP, in support + of the wierd DEC Hesiod implementation. no practical significance. + +res/*: one important bug fix in the gethostent() stuff, and a whole bunch of + evolutionary include file changes. + +include/*: include/sys was moved to compat/include/sys, since systems that + do not need it really really really need to get their own instead. + at some point i'm going to move the res/*.c files that are needed for + compatibility but not really part of the resolver, into compat/lib. + +general: there are more settable parameters in the top-level Makefile, and + they are propagated downward into the subdirectories' Makefiles. you + should not have to edit any Makefile except the top-level one. Note + that "make links" still creates local Makefiles in the build directory + because "mkdep" still edits the Makefiles on most systems. + +4.9-FINAL ------------------- + +Kevin Dunlap sent in some changes for the BOG. So did a lot of other folks. + +Someone asked about AXP-OSF, so I did a trivial 64-bit port. Porting to +other 64-bit systems should be simple now. Someone also sent in some MIPS +RISCOS portability changes, which were simple and therefore were put in. +Note that some type names have been added to BSD 4.4 as a result of this +work; they are going to be in in BSD 4.4 but they are in a +local include file called in this distribution, with +appropriate #ifdef's in the include files that depend on them. Those of you +who are porting to 64-bit platforms where "long" isn't 32 bits should be +using these new names for your types; there was no standard before this, +but the names we've added for BIND 4.9 and BSD 4.4 are going to be proposed +to Posix at some point. Sometimes it's just not OK for "int" to be the +"natural integer size of the machine" and you just _have_ to tell the compiler +how many bits you want. + +The NIC added a new root server, thus pushing the size of a nonauthoritative +root server response (which includes the root server list in the answer as +well as the authority sections) over the 512-byte limit. This showed up a +long-term BIND bug wherein it failed to set the TC ("truncation occurred") +bit if truncation occurred anywhere but the answer section. Since truncation +was occuring at the end of the packet, in the additional data section, this +meant that BIND was generating truncated responses without setting TC in the +response header. Upon further investigation, I found that BIND ignored TC +on responses it received from other name servers. RFC 1035 states that RR's +from truncated responses should not be cached; with creative interpretation +of the exact 1035 wording, I found a way to reach this goal while still +caching the answer section (as long as the truncation occurred in some other +section, which 1035 gives no definitive way to determine but I'm happy with +my guess). + +While researching the above, I finally broke down and added credibility +output to the zone dump files. They are in the comments so should cause +no trouble. There's more work to be done on the dump output; in particular, +Phil Almquist proposed and even prototyped a "tagging" of all RR's with the +A RR of the nameserver that sent them to us; this feature should be added +and the dump output should include it. This would add a lot to our ability +to track down corrupt data. + +Don Lewis and I had more discussions about TC and ended up agreeing that the +right thing to do is to set TC on responses that overflow in the answer or +authority section, truncating at an RR boundary, but do not set TC on responses +that overflow in the additional-data section (truncating at a {name,type} +boundary). This actually solves the root server problem pretty well, since +BIND 4.9 will, when it tries to use an NS whose A isn't in the cache, generate +a sysquery() for the missing A. (Heck, additional data TTL's are depreciated +at the rate of 5% per use, so this would end up happening pretty quickly even +if we did cache a partial {name,type} -- but now we won't have to.) + +While trying to fix all of this stuff I ended up moving some functions around +to avoid duplicating them in different source files, and I reformatted some +source lines that went over 80 characters. I also made a few things "static" +that used to be unneccessarily global. More of that will happen in 4.9.1. + +DEC's product version of MIT Hesiod uses SIGXFSZ for what we do with SIGHUP; +since the default for SIGXFSZ is to exit, it seemed prudent to wire it up to +do what SIGHUP does instead, so that this BIND can run on DEC Hesiod servers. + +At the request of several people, I integrated the USC "dig" and Rutgers +"host" tools into the distribution. This required some changes to the +resolver library's debugging output formats, which will be visible in +nslookup, nsquery, and any other tool that sets the RES_DEBUG option. +Note that there is no support for "DEFNAMES" in this version of dig, due +to design changes between 4.8 (from which "dig" is derived) and 4.9. there +is no reason in principle why it can't be made to work, but it doesn't work +now. therefore only fully-qualified names can be looked up with this "dig". + +I had to change the name of the resolver "state" structure to be "__res_state" +for standards conformance (really, it is not reasonable to expect that because +a program includes it will never define its own structure called +"state". This change highlights the imperative that any application which is +relinked against this resolver must first be recompiled against these include +files (notably ). This is true for almost all versions of libresolv. + +I asked for items for the "TODO" list and got quite a few. Check them out +before you hack; someone else may already have started doing what you want to +do. I also asked for tools for the "contrib" subdirectory and got 650KB worth. +They make the BIND 4.9 distribution a lot larger than 4.8.3 was, but the extra +bytes are well worth their weight. + +Kenneth Almquist (no relation to Phil, as far as I know) posted a patch for +res_send() that lets it keep track of servers that are responding "SERVFAIL" +or some other fatal condition; these servers are NOT used for retries of the +current query. This information is not persistent between calls to res_send() +since future calls will probably be for different {name,type} queries, which +will not neccessarily fail in the same way. This change is trivial and makes +a measurable difference in the amount of DNS traffic on my local net. + +4.9-BETA ------------------- April 17, 1993 -- Paul Vixie -- DECWRL + +"Peter Koch" 's previous patch caused core +dumps on some systems. I fixed part of it and Peter sent me a fix for +the rest of it. All is now well. + +The Bind Operations Guide in doc/BOG has been updated to 4.9. Also, the +man page in man/named.8 has had some patches applied. The copyrights are +all fixed now. Let's get this thing OUT of here! + +4.9-ALPHA ------------------- March 15, 1993 -- Paul Vixie -- DECWRL + +There was a really bad bug affecting wildcards. I received a patch +from "Peter Koch" which fixes some of +it, but I can't quite motivate myself to fix the rest of it since I +know that what's _really_ wrong is going to require chainsaws and +dynamite to fix and that'll add another year to the release. I think +that this patch will hold us for a while. + +There are a LOT of portability changes that I'm holding onto, especially +including 64-bit fixes. Do not submit any more portability changes +until 4.9.1 opens. Go ahead and make them, but be prepared to remake +them later. Let me know what you are doing but don't send me any diffs +for portability until I ask for them. 4.9 has been stuck in the barrel +for way too long already -- patches that don't fix RFC-noncompliance or +core dumps will just go into my "todo" folder (which is presently a +black hole of great mass). + +4.9-ALPHA ---------------- Febrtuary 2, 1992 -- Paul Vixie -- DECWRL + +Mostly portability fixes. The nslookup "lex" problem is BSDI-specific +and I'm not going to hold up release because of it. This will be the +last alpha release before the public beta. It is, as usual, running +the DEC.COM primary name service and has done so for more than a week +without any problems. + +4.9-ALPHA ---------------- January 10, 1993 -- Paul Vixie -- DECWRL + +Once I get the known bug in nslookup (see below) fixed, this version is going +to go into public beta. I would appreciate it if everyone would try it out. + +KNOWN BUG IN THIS RELEASE: something wild is going on inside of the yylex() +routing on BSD/386 systems. It only affects nslookup. I'm still trying to +figure out how I'm going to debug this; lex experts, please see what's going +on. None of the changes since the 930105 release should have been capable +of producing this change, but something is sure doing it. + +I finally fixed the {GET,PUT}{SHORT,LONG} macros to stop issuing warnings +on HP-UX systems. They are also warning-free on Ultrix(SPIM,VAX), BSDI(386), +and SunOS(SPARC) systems. I took the plunge and changed the internal functions +in res/res_comp.c to depend on these macros instead of duplicating the code, +and everything still works. + +Tom Limoncelli found three ancient memory leaks. I fixed two of them +but the last one looks too much like a "cannot happen" for me to be +willing to experiment with it. Besides which, it's "very" minor. + +Uses setsid() on POSIX systems. PID file is now optional. (arc@sgi) + +Comments (";" or "#") are now allowed in resolv.conf (arc@sgi). + +Documentation and copyright changes in README. + +Known to compile on NeXT machines. + +Some portability changes for AIX, whose CC is very picky. + +I forgot to mention in the 921227 release that T_RP is supported (arc@sgi). + +I included a number of changes that Alan Barrett has been trying to get +in since the 921221 version. Most are portability-related, and the few +things that are functional are changes to my own previous additions :-), +so I'm fairly sure that they are doing the right thing. Alan's changes +include: + + include/arpa/nameser.h + improved error diagnosis in the BYTE_ORDER configuration. + + changed hp9000 test to hp9000s300. As far as I know, there is + no hp9000 preprocessor symbol. Should probably add other + hp9000s tests, but have not done so. + + named/ns.h + Moved the XFER-related stuff from the end of the file to near + the top, where it is grouped with similar stuff. + + Makefiles: + Add SYSLIBS variable, so folk can compile with -lBSD easily. + + Changed install targets to make them easier to customise. + + make links wasn't handling named.{reload,restart}* + + Add ${CDEBUG} flag to link step. Some debuggers don't work + right if the program isn't linked with the -g flag. + + struct timeval members are declared as unsigned long on some systems. + Add casts to (long) in several if statements that appear to assume + that tv_sec is signed. + + PID_FIX in ns_main.c controlled more than just whether or not the + pid file gets fixed. + Changed it to control only that one feature. + + For debugging, it is useful for a nameserver to listen to non-standard + port, but to forward requests to a standard port. + Add "-p remote/local" option to named/ns_main.c. + Also needed some other changes elsewhere. + + Don't forward back to the host that asked us a question, unless they + asked from some port other than their nameserver port. This allows a + dig or nslookup user on a host to ask us questions with + recursion-desired, where we are willing to recursively ask the + nameserver on their host. However, if a nameserver asks us something + we will not recurse back to them. + nslookup() in named/ns_forw.c checks for this and returns -1. + ns_forw() and sysquery() notice this and return SERVFAIL. + + Moved the nsContainsUs functionality from a separate routine + into nslookup(). No need to do the same tree walk several times. + + While trying to track down various problems, added detection + and logging of errors in several syscalls in ns_main.c. + + Avoid integer overflow in roundtrip time calc in ns_resp. + This needs a definition for INT_MAX. + + Fixed root zone transfer bug. Also corrected some slightly misleading + comments in the doaxfr() code, and added some more comments. + +4.9-ALPHA ---------------- January 5, 1993 -- Paul Vixie -- DECWRL + +This one was built and tested on Ultrix 4.2 (SPIM, MIPS CC and GCC), +BSD/386 (Gamma.4), Sun SPARC (4.0.3, sorry, that's the latest I have), +4.3BSD Reno (VAX, PCC), and Ultrix 3.0 (VAX PCC). + +Moved res/defs.h to conf/portability.h; named/options.h to conf/options.h. + +Portability changes for O_NDELAY. SUNOS is really strange about this. + +Removed some unneccessary goto's added to ns_main.c on 1jan. Oops. + +Art Harkin of HP sent in a number of small (read: obviously correct) +improvements, some related to portability, some to functionality. + +4.9-ALPHA ---------------- January 1, 1993 -- Paul Vixie -- DECWRL + +Changed all O_NONBLOCK to O_NDELAY. Changed all {r}index to str{r}chr. + +Added some SysV support in the form of bcopy->memcpy, bzero->memset. + +Added C_HS support to named-xfer (greg@duke.cs.unlv.edu). + +Fixed a line-number problem in asp's "include" logic (asp@uunet.uu.net). + +streamq's were being used after free(). bug report from fuat@ans.net +and jpe@ee.egr.duke.edu. bug fix by vixie. + +In the resolver, we now default to address 127.0.0.1 rather than 0.0.0.0. +There's a comment in the code that explains why. + +In the resolver, arc@xingping.esg.sgi.com changed it to use inet_aton() +and included that function for those not running 4.4bsd. + +arc@xingping.esg.sgi.com also provided lots of portability fixes and +general cleanups, in particular to nslookup which he maintains for CSRG. + +4.9-ALPHA ---------------- December 27, 1992 -- Paul Vixie -- DECWRL + +Added strtoul() to libresolv.a since it's yet another neccessary function +that older systems don't have. If we can stomach strcasecmp() we can sure +handle this. + +Moved res/named/gethostnamadr.c to res/gethnamaddr.c (note basename change) +and res/named/sethostent.c to res/sethostent.c. Since the host table stuff +isn't in separate files any more I saw no reason to retain the subdirectory. + +Updated all the copyrights and applied the small lint changes that bring +the baseline of this version from "4.8.3 as seen on ucbarpa" up to "4.8.3 +as released with net-2". Thanks to the alpha testers for pointing this out +to me and for sending in the diffs. + +With much howling and screaming, I ported this to UMIPS (MIPS System V). +There are a lot of really bad things going on in their libc.a, and now +they're going on in BIND as well. + +I added a "res/defs.h" file and then proceeded to include it from all kinds +of files that aren't in res/. I'm thinking of moving it but I'm also trying +to figure out where -- include/ is the wrong place. res/defs.h has in it all +the ugly ifdef's needed to figure out whether this is a late-model BSD system, +a POSIX system, or just old. + +All the "#endif" and "#else" cpp directives now have comments around their +annotations. It turns out that System V CPP complains about "#endif DEBUG" +but has no problem with "#endif /*DEBUG*/". In many cases where the #ifdef +was obviously visible and unambiguous, I simply removed the annotation. + +The "l" is now a ";". Thanks to all who replied :-). + +There was a very bad bug in the named-xfer interface. 'nuff said. + +AIX needs a 32-bit field for PID's. I can't imagine. But it's fixed. + +The "domain" directive in named.boot is now an option, defaulting to off. + +There was a benign bug in sqrm(). + +doaxfr() is now shorter and clearer. + +There is an "include" directive in the named.boot file now. Its syntax is +simple: "include somefile". No quotes, no "#", no . This feature +was in 4.9-ALPHA as well, courtesy of Andrew Partan. I forgot to document it. + +4.9-ALPHA ---------------- December 21, 1992 -- Paul Vixie -- DECWRL + +This release incorporates fixes from a lot of people, including many from +DECWRL. Some fixes are just lint; some are to avoid dumping core on non-VAX +computers; many are to fix promiscuity, corruption, and rudeness. + +Various internal DEC programmers have ported the old 4.8.3 code to various +not-entirely-BSD-like platforms and turned up some interesting lint. All +of this has been fixed. Also, we fixed a bad bug in the handling of timeouts +and SERVFAIL's when forwarders and slave are both used. + +I have made major changes to the code inside the ALLOW_UPDATES ifdef's, but +I don't use it and have never compiled with that option turned on so I don't +know if it still works. Given that SNMP has come and there is an IETF WG for +SNMP management of the DNS, I am thinking very seriously of purging all of the +ALLOW_UPDATES code in 4.9.1. I suspect that Mike Schwartz will let me know if +this is ok.. + +(interrim "KJB" notes) ------------------- March, 1992 -- Paul Vixie -- DECWRL + +If we are about to forward a query for some zone for which we are one of the +servers, we send back a SERVFAIL instead. If we don't have it, chances are +good that the other name servers won't have it either. This is the major +cause of "network meltdown" when the root servers declare you as a name server +for some zone you don't know about and havn't configured yourself for. + +Fixed a memory leak such that if db_update() fails to update the database +from a response packet, a databuf will no longer be orphaned. Also fixed +what looks like a similar leak in the ALLOW_UPDATES code but I don't use it +that hasn't been tested. + +Fixed a memory sponge such that if we forward a query to someone who is not +ever going to answer it, we will eventually expire it from our query queue. +Previously it would expire after N retries to N' different servers, which +could be a very long time. Particularly in the case of lame delegations and +other forwarding loops, we feel that 90 seconds (two max-retry intervals) is +enough time for a query to be answered. While we were into this code we made +several fields in the query structure into "short"'s since they were only +being used to store smallish integers. The query list gets Very Long during +a forwarding loop -- even 90 seconds worth of queries is a lot of queries. + +This version includes my hacks that assign a "credibility index" to each + such that when more credible data arrives for a given +, all old data is purged. When equally-credible data arrives it +is aggregated in the way we all know and love; when less credible data +arrives it is completely ignored. Credibility, from best to worst, is: + 1. zone files (primary or secondary) + 2. authoritative answers + 3. non-authoritative answers and authority records + 4. additional data + 5. zone files ("cache" or "bootstrap" information) +You need this version of bind if you still show any A RR's in network +32.0.0.0 when you look up uucp-gw-1.pa.dec.com's A or adobe.com's NS. + +I have also added some extra code to prevent pollution of the internal +"hint cache." In all versions of BIND that I was able to test, any IN_A +response to any sysquery() would cause the IN_A RR to be added to the +fcachetab ("hint cache"). This resulted in lots of extra cruft in the hint +cache, that wasn't timed out properly, which in turn resulted in lots of +strange answers ('nuff said, take my word for it.) + +Though changes have been made to make the Ultrix and GNU (2.1) C compilers +stop complaining about the source, it should still compile and run just +about anywhere. In fact, after I cleaned up lots of old lint, this version +of BIND is known to compile and run on: + + Ultrix 4.2 (MIPS or VAX) + SunOS 4.0.3 + BSD/386 (BSDi beta) + +This was being released as King James Bind because, like KJ Sendmail, it is +a merge of every major variant of Bind that we know about. It was +assembled and tested by Paul Vixie of DEC NSL/WRL, with generous donations +of code and advice from Win Treese of DEC CRL. Changes from Don Lewis of +Harris, Andrew Partan of UUNET, and Piet Beertema of EUNet are also included. +See the OPTIONS file for a description of the changes you can control with +#ifdef's. + +This server has been run on UUCP-GW-{1,2}.PA.DEC.COM, which are in the UUCP +Zone. Our named.boot file has ~1900 lines in it. Before we instituted the +changes in this release, our name server usually ran at about 16MB virtual, +15MB physical, growing slowly but constantly until we restarted it. +Whenever a new zone was added to the NIC's root zone listing us as a name +server, our servers would kill themselves and eachother (and NS.UU.NET, one +of the other UUCP Zone name servers) with forwarding loops. After these +changes, we run at a fairly constant 8MB virtual and physical size, and our +apparent CPU utilization is always 0.0% since we never finish a quantum and +the scheduler always sees us as waiting for I-O. In other words, life is good. + +Notes from UCB version 4.8.3 follow: + +------------------- + +This is version 4.8.3 of bind. It is a test release that updates +versions 4.8 and 4.8.1 with fixes, and is essentially the same as +the version of named on the 4.3BSD Reno release. Although it is +currently described as a test release, it is believed to be reasonably +stable and more usable than the previously-released versions. +Here are some of the more important changes: + + o A list of domains may be specified for searching in resolv.conf instead + of just the local domain name. + + o gethostbyname() will accept a dotted quad. + + o Support has been added for the the T_TXT data type and for the class + C_HS. These are both used by Hesiod from Project Athena at MIT. + + o All of the pathnames have been put into one header file. This + makes it easier to change the location based upon your local + configuration. + + o Responses are only accepted from an address to which we might of sent + the request. This might cause problems if some server is multihomed + and is still running BIND 4.3, but it prevents attacks induced by + sending responses from another address. + + o Numerous bugs have been fixed: Adding a new authoritative zone now + works when the server has a cached SOA record. Comparisons in the + db now look at type and class as well instead of dropping records + with identical data. Scheduling of maintenance interrupts has been + moved to one routine avoid spurious ones. Named goes into the background + after more of the initialization is done. Stream connection queue + handling was cleaned up including a bug that caused data corruption + and core dumps. Sys5 no longer can have multiple transfers of the + same zone occuring at the same time. Handle CNAME -> CNAME loops + more gracefully. Avoid making one server never get queried. Border + conditions in resolver are checked more accurately. + + o Nslookup has been updated. + +There are several bug reports that have yet to be integrated into this +version. Hopefully they will be dealt with in the next release. Please +send feedback on this release. + +Notes from versions 4.8.1 and 4.8 follow: + +------------------ + +This is version 4.8.1 of bind. It is a test release that includes +version 4.8 with fixes, asynchronous zone transfer and better reload +capabilities. Although it is currently described as a test release, +it is believed to be reasonably stable and more usable than the currently- +released version, 4.8. The changes of note are: + + o The asynchronous zone transfer code previously posted to the bind + mailing list has been integrated, completed and tested. There are + a number of changes from the version posted, including fixes to + allow top-level domains to work and a simplification of the timer + code. + + o The code for reloading the server has been changed so that only + primary zones master files that have changed are reloaded. The + cache and secondary zones are not flushed, and the sortlist, domain, + etc. are reset to correspond to the boot file contents. + + o Several bugs have been fixed: the name "*" is not interpreted as + a wildcard in cached zones, only in primary zones. Secondary servers + no longer decrement the time-to-live of records by the time since + they verified the zone with the master; as a result, they never + hand out nameserver referrals with too short a TTL to be usable. + A bug was fixed that caused secondary servers with out-of-date + zones to return empty answers between the actual expiration time + and the next timeout. + +There are several other bugs that have been reported but have not yet +been fixed. In addition, the next regular release of named will +support negative caching, but this has not been integrated. + +I would appreciate receiving feedback on this release; in particular, +problems (or lack of problems) when installing on various systems. +I attempted to update the SysV code when integrating the zone-transfer, +but haven't tested it. + +The notes from version 4.8 follow. + +---------- +Welcome to version 4.8 of bind. + +There have been several changes to the named boot file (/etc/named.boot) +of which you should be aware. The "domain" line for each zone is no longer +needed, but one such line may still be used to specify a default domain +to be used for queries containing names with only a single component. +The term "suffixes", which was added in version 4.7alpha, has been removed. + +The manual page on named (named.8) has been updated to reflect all +these changes. Please read this and look at the example files +before installation. You should also note the changes in the +resolver code to support non-fully-qualified addresses and per-user +host aliases. See hostname(7) for an overview. Two new routines +have been added to the resolver library since the last test release: +res_query formulates a query, sends it, waits for a response and does +preliminary error checking; res_search implements the search rules +of gethostbyname using res_query. + +The MX lookup routine in sendmail has been modified to use res_search. +Also, dn_skip takes an additional parameter and has been renamed +to dn_skipname. While old sendmail binaries will work with the new +version of bind, because of these changes, it is desirable to install +new sendmail sources and recompile sendmail. Do not rebuild sendmail +from old sources. The new sendmail is on ucbarpa.Berkeley.EDU for +anonymous FTP from pub/4.3/sendmail.MX.tar and pub/4.3/sendmail.MX.tar.Z. + +There have been numerous changes to named, fixing most of the known +bugs that can be fixed without major structural changes in the server. +Several server configurations that failed before should now work. +Certain robustness problems have been fixed, in particular bounds- +checking when processing incoming packets. Two changes have been made +in preparation for negative caching: SOA records are sent in the authority +section in negative responses with NXDOMAIN set, and a bug was fixed that +caused confusion and repeated requests if a response had no error, no answer +and an SOA in the authority section. As such responses are already sent +by other servers, and will be sent by the next release of BIND, it is +important that all sites upgrade to this version as quickly as possible. + +The root "hint" cache and cache file remain the largest problem area, +along with named's naivete in accepting bogus server's data. +These will be addressed in the next release, along with asynchronous +zone transfers, intelligent reloading of zone files, faster startup, +and caching of negative responses. + +This version (4.8) will replace the last officially released version (4.5). +Version 4.5 has a serious bug that causes the generation of a continuous +stream of bogons to the root domain servers (bogus queries with the query +response bit set and possibly garbage for nsid and rcode). It is imperative +that these versions of named be replaced as fast as possible. We urge you to +field 4.8 quickly, for the sake of the root domain servers. + + Mike Karels + Jean Wood + bind@ucbarpa.Berkeley.EDU + +## ++Copyright++ +## - +## Copyright (c) +## The Regents of the University of California. All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by the University of +## California, Berkeley and its contributors. +## 4. Neither the name of the University nor the names of its contributors +## may be used to endorse or promote products derived from this software +## without specific prior written permission. +## +## THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +## ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +## IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +## ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +## FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +## DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +## OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +## HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +## LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +## OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +## SUCH DAMAGE. +## - +## Portions Copyright (c) 1993 by Digital Equipment Corporation. +## +## Permission to use, copy, modify, and distribute this software for any +## purpose with or without fee is hereby granted, provided that the above +## copyright notice and this permission notice appear in all copies, and that +## the name of Digital Equipment Corporation not be used in advertising or +## publicity pertaining to distribution of the document or software without +## specific, written prior permission. +## +## THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL +## WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES +## OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT +## CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL +## DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR +## PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS +## ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS +## SOFTWARE. +## - +## --Copyright-- diff --git a/usr.sbin/named/OPTIONS b/usr.sbin/named/OPTIONS new file mode 100644 index 000000000000..ccc5e278e026 --- /dev/null +++ b/usr.sbin/named/OPTIONS @@ -0,0 +1,411 @@ +OPTIONS + Original: Paul Vixie, 28Mar92 + Revised: $Id: OPTIONS,v 8.5 1995/12/29 21:08:13 vixie Exp $ + +Options available in this version of BIND are controlled by conf/options.h, +rather than by $(DEFS) in the Makefile. The options are: + +DEBUG (origin: U C Berkeley) + enables the -d command line option, and allows SIGUSR1 to increment +and SIGUSR2 to clear the internal variable "debug", which in turn controls +hundreds of fprintf()'s out to /usr/tmp/named.run. + you probably want this. it makes the binary bigger but not slower (or +at least not much slower), but SIGUSR[12] are the only way you'll track down +misconfigured name servers that hose you down with billions of bogus requests. + you may need this, it is on by default. + +ALLOW_T_UNSPEC (origin: MIT Project Athena) + enables the "unspec" RR type for ancient Athena software that does not +know about TXT RR's. + you probably do not care about this, it is off by default. + +ALLOW_UPDATES (origin: Mike Schwartz, University of Washington) + enables "dynamic updates", described in "doc/DynamicUpdate". this lets +you update named's in-memory database on the fly if you have the right client. +there is absolutely no security around this; if you enable it, anyone who can +reach your server can update your database. + this code doesn't compile any more and will be removed shortly. + +INVQ (origin: U C Berkeley, with #ifdef's by Paul Vixie) + enables "inverse queries", which in all of the internet only one +client ever uses: ancient nslookup. if you build named with INVQ defined, +you get the time-honored behaviour of supporting this whole class of queries +for no real purpose other than to waste a few hundred kilobytes of your +memory and about 3% of named's total CPU time. if you build with INVQ +undefined, old nslookups will not be able to reach your server in their +startup phase, and you will have to use the "server" command after it fails +over to some other server, or use "nslookup - 0" to get in from the shell. + you probably do not want this. + +DSTORAGE (origin: U C Berkeley, with #ifdef's by Paul Vixie) + enables a malloc-debugger that checks for overruns on both ends of +each allocated block of memory. used when debugging since C has no bounds +or type checking. + you probably do not want this, it is off by default. + +DMALLOC (origin: Paul Vixie of Digital) + enables a malloc-debugger that traces all allocated blocks of memory +such that SIGIOT's output (see STATS option) includes a list of all mallocs +in the program, how many times each has been called, how many blocks of memory +allocated by that malloc are not yet free, and how many bytes they use up. +under each one will be a list of each free/realloc that has deallocated a block +of that malloc's memory, and how many times it has done so. + this is extremely helpful for finding memory leaks. as such, you +probably do not want this unless you are debugging named. + you probably do not need this, it is off by default. + +XFRNETS (origin: Paul Vixie of Digital) + enables the "xfrnets" command in named.boot. this has the same +syntax as "forwarders" and "sortlist" -- that is, a list of dotted quads. +each one is a network (16.0.0.0 and 130.180.0.0 are examples) or a host. +if you put any xfrnets commands into your named.boot, then zone transfers +will only be honored if they come from inside one of the specified +networks. this is very useful if you want to keep people outside from +being able to trivially map your entire network, but it doesn't stop them +from iterating so it's more annoying than secure. + this feature was once called "tcplist" out of ignorance on my part, +but with advice from phil almquist i decided to rename it "xfrnets" and make +it only control zone transfers -- previously it controlled all TCP connections +which made certain TCP-only resolvers unable to use our servers. the "tcplist" +syntax still works; it is a synonym for "xfrnets". + it is also nice if you want to keep the outside world from making your +nameserver fork and swap trying to do unauthorized zone transfers. if you have +large zone files or use BIND for TXT records you will find this useful. + you probably want this, it is on by default. + +PID_FIX (origin: Don Lewis of Harris) + tells named that if it starts up but can't keep going because another +nameserver is already running (and sitting on the server port), it should +put the /etc/named.pid (/var/run/named.pid) file back the way it found it. + you probably want this, it is on by default. + +FWD_LOOP (origin: Don Lewis of Harris) + tells named that if you list any of your own IP addresses in a +"forwarders" command in your named.boot file, you should be scolded. + you probably want this, it is on by default. + +NO_GLUE (origin: Don Lewis of Harris, and Andrew Partan of UUNET) + tells named-xfer that incoming zone transfers should be checked +for "glue" that comes from a zone outside the zone being transfered, and +comment this garbage out in the zone file so that when named reads in the +zone file after named-xfer exits, the garbage will not be entered into the +memory-resident database. + also tells named that when it is performing an outgoing zone +transfer, it should not send any of these "glue" records. + you definitely want this, it is on by default. + +BOGUSNS (origin: Piet Beertema of EUNet) + enables the "bogusns" command in named.boot. this has the same +syntax as forwarders and sortlist. any NS RR's that come in whose addresses +are on the list of "bogusns" addresses will be ignored. this is the last +resort when someone is bogusly advertising themselves as a root server. + just in case, though you won't use it often. + you probably want this, it is on by default. + +QRYLOG (origin: Bryan Beecher of UMich) + enables "query logging", such that SIGWINCH toggles tracing of all +incoming queries. the trace is sent to syslog, and is huge, but when you +need this you will need it bad and it does not slow named down or make it +larger. + If you define QRYLOG you may also start up named in query logging +mode by using the -q flag. If you do so you will probably want to analyze +the logs produced, the dnsstats and lamers scrips (in the contrib/umich +and contrib/lamers directories) will do it for you. + you probably want this, it is on by default. + +LOGFAC (origin: various people) + If you start up named with the -q flag you will be logging +large amounts of data, and probably will not want them logged to the +default logging facility, which is LOG_DAEMON. You will want to +redefine LOGFAC, presumably to LOC_LOCALn (0 <= n <= 7). Remember to +modify /etc/syslog.conf appropriately. + This only works on a system with a modern syslogd. + as such, it is on by default. + +YPKLUDGE (origin: Piet Beertema of EUNet) + certain versions of NIS/YP are capable of using the DNS for names +that cannot be found in the YP servers. of these, certain versions can't +tell the difference between a dotted quad and a domain name, and they send +queries to the DNS for dotted quads as if they were domain names. if your +named does not do anything special with these queries, they will end up +getting forwarded to other servers, effectively hosing all of you down with +endless useless network traffic. YPKLUDGE enables some checking in named +that lets it catch these bogus queries and send back immediate errors. + If you run "ypserv -i" you definitely want this, as a malconfigured +NIS server can cause DNS "flood" queries otherwise. Trust me. + this is off by default. + +TRACEROOT (origin: pma@cnd.hp.com and Bryan Beecher of UMich) + enables some checking in named for bogus root nameservers. This +code has been in use at U-M for years, so it is pretty well tested, plus we +have never been burned by the "bogus root NS scares" that have plagued the +DNS off and on. + this feature people will very much want to use, it is on by default. + +LOCALDOM (origin: Berkeley) + if set, the "domain" directive is recognized in the named.boot file. +this causes us to retry queries with the specified domain appended to the +name if the first lookup fails. this is a very bad idea since a given name +server will often be used by clients in more than one domain -- a name server +should _not_ make any presumptions as to the "home domain" of a requestor. + you almost certainly do not want this, it is off by default. + +SLAVE_FORWARD (origin: pma@sdd.hp.com) + if set, "slave" servers behave in an arguably more-correct way. this +is an experimental addition to BIND 4.9 that causes slaves to time out queries +in 60/N seconds where N is the number of forwarders defined. previously a +query would time out almost immediately, which caused a lot of unnecessary +network traffic. + you probably want this, it is on by default. + +FORCED_RELOAD (origin: pma@sdd.hp.com) + if set, then when a HUP signal is received, all secondary zones are +scheduled for serial-number comparison with the primaries. this has the effect +that if you HUP your server, it will refresh any zones which have changed, +even if those zones' refresh times have not been reached. + you probably want this, it is on by default. + +WANT_PIDFILE (origin: berkeley, parameterized by arc@sgi) + if set, a file called named.pid will be created in /etc or /var/run +when the name server has started. this file can be used to send signals to +BIND, as in "kill -HUP `cat /etc/named.pid`". + unless you are only on an SGI (where killall(1M) makes the pid file +unnecessary); + you probably want this, it is on by default. + +DOTTED_SERIAL (origin: berkeley; parameterized by vixie) + if set, allows a somewhat arcane n.m syntax in the serial number +field of an SOA. this is officially deprecated for 4.9; you should use +straight integer values and find an encoding that does not depend on +scaled-integer pseudodecimals. i suggest YYYYMMDDnn where YYYY is the +four-digit year, MM is the two-digit month, DD is the two-digit day-of-month, +and nn is a daily version number in case you change your serial number more +than once in a day. this encoding will overflow in the year 4294 gregorian. + you almost certainly do not want this, but if you have old zone files +lying around and you don't want to think your way through converting their +serial numbers, this deprecated behaviour is available. + graciously, it is on by default. + +SENSIBLE_DOTS (origin: kagotani@cs.titech.ac.jp; parameterized by vixie) + if set, changes the semantics of an "n.m" serial number from + n*10^(3+int(0.9+log10(m))) + m +to + n*10000+m + if you are using DOTTED_SERIAL in spite of its deprecated status, +and you are interested in a more predictable and sensible interpretation of +dotted numbers, then you probably want this. + it is off by default. + +VALIDATE (origin: USC/ISI) + enables a validation procedure to provide some security in an +otherwise insecure environment. Any RRs are accepted from a server only if +the server is authoritative over that domain. We consider a server +authoritative (for validation purposes) for even the sub-domains that it has +delegated to others. RRs are validated against the data we have in cache +already. Invalid records are neither cached nor returned. + it is off by default because it is hopeless, and the code will all +be ripped out of BIND in the near future. + +NCACHE (origin: USC/ISI) + enables negative caching. We cache only authoritative NXDOMAIN or +authoritative NOERROR with zero RR count. Non-authoritative NXDOMAIN answers +now contain NS records in the authority section. Non-authoritative NOERROR +responses have no authority or additional records to differentiate them from +referrals. They are cached for NTTL secs (currently 10 minutes) and are timed +out when the ttl expires. + you probably want this, it is on by default. + +RESOLVSORT (origin: marka@syd.dms.csiro.au) + enable sorting of addresses returned by gethostbyname. Sorting order +is specified by address/netmask pairs. This enables a host to override the +sortlist specified in the nameserver. + you probably want this, it is on by default. + +STUBS (origin: marka@syd.dms.csiro.au) + enable transfer and loading of NS records only for a zone. +still experimental. it won't hurt to enable it, but it may not work perfectly +so using it could lead to some confusion. + you probably don't care, it is on by default. + +SUNSECURITY (origin: rossc@ucc.su.oz.au) + enable checking of PTR records in gethostbyaddr() to detect +spoofing. Forced on SunOS 4 shared library as rlogin etc. depend on this. + you should probably not set this by hand. + +SECURE_ZONES (origin: gshapiro@guest.wpi.edu) + enables support for secure zones. This restricts access to +information in the zone according to the information found in the +secure_zone TXT RR found in the zone. If none is found, the zone is +world-readable. For information on the format of the secure_zone TXT +RR, see the Name Server Operations Guide for BIND. + you probably want this, it is on by default. + +ROUND_ROBIN (origin: Marshall Rose of TPC.INT) + if set, causes the databuf list in a namebuf to be rotated by one +slot after each access to it. this has the effect that if multiple RR's +of a given type are present, they will be given in "round robin" order +instead of always being given in the same order. + you probably want this, it is on by default. + +ADDAUTH (origin: marka@syd.dms.csiro.au) + if set, cause NS and glue A records to be returned with authoritative +answers. this causes slightly larger replies but less DNS traffic overall. + unless you have Mac's with an older version of Mac/TCP; + you probably want this, it is on by default. + +RFC1535 (origin: paul@vix.com) + if set, the resolver's default "search" list will be just the entire +"domain" name rather than the sliding window it had before 4.9.2. this will +make the default search list shorter, so folks who are saying "domain a.b.c" +and relying on the implicit "search a.b.c a.b c" will miss "a.b" and "c". + this option is on for compatibility with RFC 1535. + you should NOT turn it off, it is on by default. + +GEN_AXFR (origin: mark@comp.vuw.ac.nz, tytso@ATHENA.MIT.EDU, gdmr@dcs.ed.ac.uk) + if set, allows specification of zones in classes other than "IN" in +the named.boot file. Allows an optional "/class" on the "primary" and +"secondary" directives. Also fixes zone transfers so only data in the class +requested is transfered. + you probably want this, it is on by default. + +DATUMREFCNT (origin: mark andrews) + you want this. it will not be optional in future releases. + +LAME_DELEGATION (origin: don lewis; reworked by bryan beecher and don lewis) + this will detect the condition where some other server has told you +that a given set of servers is authoritative for some domain, and at least +one of those "delegated" servers disagrees (i.e., answers non-authoritatively). + you probably want this, it is on by default. + +LAME_LOGGING (origin: don lewis) + enable logging of lame delegations and set the log level + you may want this, it is on by default. + +RETURNSOA (origin: mark andrews) + This allows negative caching to work. Without this, older +pre-4.9.3 nameservers will not accept -ve cached anwsers. We actually +store the SOA record from the authority section rather that what was +requested because it is the existence of the NXDOMAIN that matters not +the type of data. The zone of the SOA record is tagged to the end of +the SOA record to allow it to be reconstructed. + You probably DO NOT WANT THIS, it's experimental and dangerous. + it is off by default. + +CLEANCACHE (origin: mark andrews) + Bind consumes memory without bound without this option. This +patch allows bind to periodically remove any stale entries in the +cache. Bind's memory usage should stabilize after approximately 1 day of +operation, as most TTL's are <= 1 day. Without this option stale entries +are only removed when they are looked up. + You probably want this, it is on by default. + +PURGE_ZONE (origin: mark andrews) + Various junk below a zone tends to hang around and corrupt future +zone data if a zone grows deeper. PURGE_ZONE will remove all traces of or +data which could be part of zone before loading a new one. + You probably want this, it is on by default. + +STATS (origin: Paul Vixie) + Named's internal statistics can take a fair amount of memory and +if you aren't interested in looking at these numbers you should disable +the feature. Future versions may require this. + You probably want this, it is on by default. + +RENICE (origin: bp@deins.informatik.uni-dortmund.de) + if set, the process priority of the AXFR subprocesses is changed to +"normal". If you are planning to raise the priority of the main nameserver +process, you will use this. + You probably want this, it is on by default. + +GETSER_LOGGING (origin: Paul Vixie) + if set, errors that occur during the fetch of serial numbers for zone +transfer consideration will be syslog()'d. this can lead to a lot of logging, +but is very helpful if you don't know why a zone isn't transfering. + You may not want this, but it is on by default. + +SHORT_FNAMES (origin: pma@sdd.hp.com) + on systems whose file names can only be 14 characters long, the temp +files created by named-xfer need to be constructed somewhat differently. this +should probably become the default since it is harmless. + you probably don't care one way or the other, it is off by default. + +XSTATS (origin: Benoit.Grange@inria.fr) + if set, the name server keeps more STATS about requests +received, and logs to syslog total counters from time to time. If you +aren't interested in looking at these numbers you should disable the +feature. Requires STATS. + You may want this, it is on by default. + +BIND_NOTIFY (origin: paul@vix.com) + experimental at this time; an internet draft is circulating. this +option informs slaves ("secondary" servers in BIND's erroneous terminology) +instantly when the master (primary, or another slave) loads a new zone. it +works fine and seems to cause no problems with slaves that don't support it, +but it does not implement the current internet draft (it lacks some necessary +delays) and causes a lot of extra syslog traffic, especially at startup. if +you don't mind running code that will absolutely NOT be compatible with the +eventual standard when the RFC is released, go ahead and turn this on. + vendors should not enable this in versions shipped to customers. + You will want this when it becomes compliant, it is off by default. + +LOC_RR (origin: ckd@kei.com) + incorporates support for the LOC RR type, currently in the +internet-draft stage. + you don't want this yet, it is off by default. + +SORT_RESPONSE (legacy) + should responses be sorted in what the server considers an optimal +order for the client? this is on by default but it does very little good. + +## ++Copyright++ 1989 +## - +## Copyright (c) 1989 +## The Regents of the University of California. All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in the +## documentation and/or other materials provided with the distribution. +## 3. All advertising materials mentioning features or use of this software +## must display the following acknowledgement: +## This product includes software developed by the University of +## California, Berkeley and its contributors. +## 4. Neither the name of the University nor the names of its contributors +## may be used to endorse or promote products derived from this software +## without specific prior written permission. +## +## THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +## ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +## IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +## ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +## FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +## DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +## OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +## HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +## LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +## OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +## SUCH DAMAGE. +## - +## Portions Copyright (c) 1993 by Digital Equipment Corporation. +## +## Permission to use, copy, modify, and distribute this software for any +## purpose with or without fee is hereby granted, provided that the above +## copyright notice and this permission notice appear in all copies, and that +## the name of Digital Equipment Corporation not be used in advertising or +## publicity pertaining to distribution of the document or software without +## specific, written prior permission. +## +## THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL +## WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES +## OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT +## CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL +## DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR +## PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS +## ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS +## SOFTWARE. +## - +## --Copyright-- diff --git a/usr.sbin/named/ns_main.c b/usr.sbin/named/ns_main.c index 6e102303d734..add9fe4be3b4 100644 --- a/usr.sbin/named/ns_main.c +++ b/usr.sbin/named/ns_main.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static char sccsid[] = "@(#)ns_main.c 4.55 (Berkeley) 7/1/91"; -static char rcsid[] = "$Id: ns_main.c,v 8.12 1995/12/29 07:16:18 vixie Exp $"; +static char rcsid[] = "$Id: ns_main.c,v 8.13 1996/01/09 20:23:55 vixie Exp $"; #endif /* not lint */ /* @@ -652,7 +652,8 @@ main(argc, argv, envp) for (udpcnt = 0; udpcnt < 42; udpcnt++) { /*XXX*/ int from_len = sizeof(from_addr); - if ((n = recvfrom(dqp->dq_dfd, (char *)buf, sizeof(buf), 0, + if ((n = recvfrom(dqp->dq_dfd, (char *)buf, + MIN(PACKETSZ, sizeof buf), 0, (struct sockaddr *)&from_addr, &from_len)) < 0) { #if defined(SPURIOUS_ECONNREFUSED) diff --git a/usr.sbin/named/ns_resp.c b/usr.sbin/named/ns_resp.c index 4a987ab86c97..c4b81b255244 100644 --- a/usr.sbin/named/ns_resp.c +++ b/usr.sbin/named/ns_resp.c @@ -1,6 +1,6 @@ #if !defined(lint) && !defined(SABER) static char sccsid[] = "@(#)ns_resp.c 4.65 (Berkeley) 3/3/91"; -static char rcsid[] = "$Id: ns_resp.c,v 8.18 1995/12/29 21:08:13 vixie Exp $"; +static char rcsid[] = "$Id: ns_resp.c,v 8.19 1996/01/09 20:23:55 vixie Exp $"; #endif /* not lint */ /* @@ -944,10 +944,10 @@ ns_resp(msg, msglen) */ if ((!restart || !cname) && qp->q_cmsglen && ancount) { dprintf(1, (ddt, "Cname second pass\n")); - newmsglen = qp->q_cmsglen; + newmsglen = MIN(PACKETSZ, qp->q_cmsglen); bcopy(qp->q_cmsg, newmsg, newmsglen); } else { - newmsglen = msglen; + newmsglen = MIN(PACKETSZ, msglen); bcopy(msg, newmsg, newmsglen); } hp = (HEADER *) newmsg;