lots of new features compared to 9.4.x, including:
Full NSEC3 support
Automatic zone re-signing
New update-policy methods tcp-self and 6to4-self
DHCID support.
More detailed statistics counters including those supported in BIND 8.
Faster ACL processing.
Efficient LRU cache-cleaning mechanism.
NSID support.
/usr/sbin/{named, lwresd}. Note that POSIX / C99 doesn't technically
allow __DATE__ to be (un|re)defined, but gcc does what we mean anyway.
Approved by: dougb
MFC after: 1 month
with this configuration, but Ruslan tells me that I was probably mistaken,
and on retest the .5 pages are being installed just fine.
Therefore reverse the MAN[58] change in favor of the more modern syntax.
Submitted by: ru
1. Install man files and links for the lwres library.
2. Fix the path in various files to say /etc/namedb/ instead of just /etc.
3. Correctly install the conf file man pages for named and rndc.
but have a knob (WANT_BIND_LIBS) to build and install them in /usr/lib
and /usr/include. Rumors are that this may be useful at a later point,
let's see.
What this really means is that all BIND libraries are now internal to
buildworld (by default, unless WANT_BIND_LIBS is defined), and linked
statically into various BIND executables.
While here, removed redundant -I's from CFLAGS in lib/bind makefiles.
Sponsored by: des
OK'ed by: dougb
POSIX threads libraries are not available. Add crypto support if
the crypto libraries are available. Build dnssec-{keygen,signzone}
if crypto is available.
Submitted by: (in part) dougb@
LDADD is not wrong, but the simple substitution in `make checkdpadd'
doesn't work if foo.a is not an installed library, so we use the full
path to foo.a in both DPADD and LDADD for non-installed libraries.
rendering of the man pages (turns some sequences of two blank lines
into a single blank line), and eliminates 306 errors generated while
formatting named.conf.5 .
for glue records and forces the glue record to be reloaded from the real NS.
The 5% ttl reduction can cause the glue IN A to timeout before the NS
record in certain situations, such as when the domain owner does not match
up NS records with the NIC. This behavior by domain owners is becoming
more common as primary zone serving iterates through another glue level
(i.e. exodus hosts the master NS's but the customer then redirects the
NS's to the real DNS servers). The result is that named would appear to
work properly for about 40 minutes, and then unexpectedly fail for that
zone. This causes named to behave very inconsistently and a google search
shows that it has obviously frustrated many, many people. So until the bind
guys make named behave consistently (either fail instantly or accomodate the
case), we need to set this option to accomodate the case. The result
will be much more consistent behavior and fewer head-scratching failures.
MFC after: 3 days
now depends. This keeps named the same as before the import, that is: only
linking against libc dynamically, at a little space increase, which might
be due to the source code changes anyway. Very neglectable space
difference.
Some people might dub it a hack. It will do for now at least.
files. Mostly -I${.CURDIR} was needed -- especially for YACC generated
files as the new cpp does not look in the ultimate source file
(ie, the .y file)'s directory as told by the "#line" directive. Some were
misspellings of "-I${.CURDIR}" as "-I.".
libraries, so that `ld -f' in can create correct dependencies for
yet-to-be-built libraries.
Use `DIR!= cd ...libbind; make -V .OBJDIR' to find libbind's object dir
if it doesn't seem to be in its usual place relative to ${.OBJDIR}.
This fixes `cd /usr/src/usr.sbin/nslookup; mkdir obj; make'.
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
"." means the object directory, so it is just confusing to use it
when nothing is included from the object directory unless the object
directory is also the source directory. It is confusing for "."
not to mean the source directory anyway, so used `-I.'s should be
replaced by `-I${.OBJDIR}'.