freebsd-skq/contrib/bind/CHANGES
2000-10-31 12:35:45 +00:00

2928 lines
94 KiB
Plaintext

--- 8.2.3-T6B released ---
1029. [bug] incredibly busy systems could starve handle_needs().
1028. [protocol] unrecognized TSIG was returning NOERROR (now NOTAUTH).
1027. [support] INSIST(), ENSURE(), et al, now always have sideeffects.
1026. [port] some kernels bogusly return tv_usec>1000000 from
gettimeofday(). panic and dump core when this happens.
1025. [proto] NOTIFY messages should have AA.
1024. [bug] we were unwilling to use the last 10 octets of a
response buffer in certain transaction types.
1023. [port] HP-UX 10.20 was looping inside contrib/dnssigner.
1022. [port] ensure that all handled signals are unblocked.
1021. [bug] the "host" command wasn't properly printing SRV RR's.
1020. [contrib] new "updatehosts" (V1.1.0) contributed by author.
1019. [port] separate CFLAGS and CPPFLAGS for unusual builds.
1018. [bug] When maintain_ixfr_base is set to "no" a zones IXFR
file was still being written too.
1017. [doc] resolver(3) was out of date with respect to recent API
changes.
1016. [bug] nslookup wasn't properly printing SIG RR's.
1015. [bug] when merging group information gr_name and gr_passwd
could be left pointing at freed memory.
1014. [bug] iquery: DoS (potential), information leak.
1013. [bug] mangled hostent structures returned by
gethostbyname_r() and friends.
1012. [doc] add named-bootconf example to INSTALL.
1011. [bug] if spawnxfer() fails we should return immediately.
1010. [bug] bad responses to the initial IXFR/SOA query could
result in using an uninitalised variable.
1009. [port] Add support for darwin / Mac OS X
1008. [doc] specify allow-query default in named.conf.
1007. [bug] only set STREAM_AXFRIXFR if the original query is
an IXFR.
--- 8.2.3-T5B (RC3) released ---
1006. [port] Windows/NT does not have fchown().
1005. [bug] RD was sometimes left set, inappropriately.
1004. [bug] cached NXT's were corrupted.
1003. [bug] correction to #997.
1002. [bug] file descriptor leak in res_nclose().
1001. [port] some builds were too fast.
--- 8.2.3-T4B (RC2) released ---
1000. [bug] #996 was wrongly implemented; replacement fix.
--- 8.2.3-T3B released ---
999. [support] named now makes an effort to create its files with
ownership as specified by -u and -g command options.
998. [support] show version number in NOTIFY log messages.
997. [support] forwarders are now used in order by measured RTT.
996. [protocol] if answering ixfr with full zone, used qtype axfr.
995. [bug] "dig -b" was broken due to missing switch "break;"
994. [bug] named-xfer did not handle empty question sections.
993. [bug] TSIG AXFR was completely broken in DiG.
992. [bug] OPTION_USE_IXFR and OPTION_MAINTAIN_IXFR_BASE had
non-single-bit flag values in src/bin/named/ns_defs.h.
991. [protocol] send A6 glue records in xfr.
990. [bug] we could loose track of a bottom of zone cut if the
write buffer filled up at just the correct moment.
989. [bug] apply to "fetch-glue no;" to notify processing. need
to add A records that would be found this way w/
also-notify.
988. [support] report expired zones when detected in maintainence
pass.
987. [feature] "ndc reconfig -noexpired" skip attempts to load
expired zoned when reconfiguring.
986. [bug] pushlev only needs to be called for axfr/zxfr not ixfr.
--- 8.2.3-T2B released ---
985. [support] remove "view" command from nslookup (it used mktemp()).
984. [bug] always restart processing query from scratch if we
have chased a CNAME as we might still have the answer
in the cache once the CNAME has been resolved.
983. [support] "notify from non-master server" is now debug, not info.
982. [bug] rollback the compression pointers array when a
RRset/RR does not fit.
981. [port] decunix: typedef (u_)int#m_t
980. [bug] mishandled memget failure w/ TCP connections.
979. [bug] we were failing to call ns_stopxfrs() before calling
purge_zone() in some cases.
978. [port] sco50: setsockopt(SO_REUSEADDR) fails on unix domain
sockets
977. [bug] we should be returning notimpl for update forwarding
rather than refused. a client receiving refused
should terminate the update attempt. notimpl should
just cause the client to skip to the next server.
976. [bug] some stats weren't getting incremented, & added a few.
975. [support] SLAVE_FORWARD is now redundant and has been removed.
974. [port] ultrix with vendor's y2k patch explicitly desupported.
973. [bug] some field names added in #935 conflicted with macros.
972. [support] restore heartbeat notifies.
971. [bug] out of order updates in log.
970. [port] solaris: add ipv6 interface scanning support.
969. [bug] post process a zone load to remove any non-glue at
or below bottom of zone.
968. [bug] TSIGs failed to verify if the key name was compressed.
967. [bug] zones signed by the BIND 9 signer failed to load.
--- 8.2.3-T1A released ---
966. [bug] nslookup and dig misprinted root zone in $ORIGIN.
965. [feature] dig's command line input buffer was rather small.
964. [bug] make res_nsearch() behave like res_search() of olde.
963. [bug] res_debug::do_section() can no longer spin all VM.
962. [bug] another almost-complete rewrite of IXFR from kjd (462)
961. [bug] acl "none" now fails to match but doesn't end search.
960. [bug] more hesiod library fixes from danny.
959. [doc] christos fixed several man page typos and brainos.
958. [bug] getnameinfo() should accept experimental/multicast.
957. [port] ultrix again. "cd" now presumed to be silent again.
956. [bug] multiline was not being cleared correctly.
955. [bug] explicit TTL on SOA records were being replaced with
soa minimum.
954. [bug] cannot load a signed root zone.
953. [bug] memory overrun in set_zone_ixfr_file().
952. [bug] errs was not being correctly adjusted if the included
master file did not exist in db_load().
951. [bug] contrib/dns_signer/signer: write_trim_name
array bounds write error.
950. [bug] hesiod: ctx->res was not being initalised.
949. [port] aix32: add prand_conf.h and define WCOREDUMP
948. [bug] fixed logic error in a number of expressions causing
res_ninit() not to be called when it should be.
947. [bug] sanity check in dst_read_key() wasn't.
946. [port] freebsd: threaded library support.
945. [bug] wrong file name logged in ixfr_have_log().
944. [doc] add forwarders to zone types master/slave/stub in
named.conf man page.
943. [bug] raise CNAME and OTHER / multiple CNAME logging to
warning.
942. [bug] bad referrals logged for forwarders.
941. [bug] lame server detection wasn't checking for SOA record.
940. [clarity] unapproved -> denied in log messages.
939. [bug] reload_master and purgeandload should write the zone
if it has been updated.
938. [bug] update and ixfr logs could get corrupted. fseek()
before ftell() on fopen(, "a+") file.
937. [support] allow parallel makes to work.
936. [protocol] add preliminary A6 glue recognition in ns_req.
935. [cleanup] res_nsend() segmented into multiple functions for
readability. also fixed two file descriptor leaks.
CAN_RECONNECT is gone, keep one socket per nameserver.
934. [bug] Perror and Aerror where incorrect if DEBUG is not
defined.
933. [port] cygwin port added
932. [port] sco42 does not have unix domain sockets or gethostid.
931. [bug] eventlib was not handling unix domain sockets
correctly.
930. [bug] we wern't using all the potential compression pointers
in the question section.
929. [bug] we were accepting updates (adds) with illegal ttls.
928. [bug] if we manage to get a illegal ttl stored, print it
unsigened.
927. [port] hpux: (11.* 10.30) Makefile.set.gcc
926. [port] hpux10: gcc needs -D_HPUX_SOURCE and -fPIC
925. [protocol] when a slave loads it should notify others (RFC 1996).
924. [port] sunos solaris: #define NEED_SECURE_DIRECTORY to
secure the directory containing unix domain socket
rather than the socket itself.
923. [support] shutup "make clean" about missing threaded directories.
922. [bug] removing an cached zone file then performing a
"ndc reload zone" should force a zone transfer.
921. [bug] nsupdate: listuprec was not being initalised.
920. [port] aix4: Makefile.set.gcc
aix4: __P was being defined by <net/radix.h>
919 [port] linux: remove one level of symbolic linkage when
performing make links on port/linux/include
918. [bug] update prerequisite could match w/ wildcard.
917. [port] irix: make the current IRIX release (6.5) work by
not patching res_debug.c. see INSTALL if you have
problems with 6.3.
916. [bug] removing / changing a zone type could result in
Z_NOTIFY being cleared / tested against the wrong zone.
915. [bug] evNewWaitList() was not maintaining the prev chain.
914. [bug] signal EWOULDBLOCK if EV_POLL'ing with no timers.
913. [bug] input could get lost on the server side of a ctl sock.
912. [bug] nsupdate now allows explicit 0 TTL's on added RR's.
911. [bug] gethostbyname() should not return duplicate addresses.
910. [bug] address-sorting logic was exiting early.
909. [bug] dig wasn't respecting the +ti and +ret arguments.
908. [contrib] Tony Stoneley sent us an updated misc/makezones.
907. [port] winnt fixes from Larry at Nortel.
906. [bug] res_findzonecut() failed if the NS referred to a CNAME.
905. [doc] Minor fix to doc/man/Makefile for getnameinfo
904. [bug] bin/host wasn't looking up MX records if no
-t flags were passed to it.
--- 8.2.2-P6 released ---
903. [bug] divide by zero bug when querying for SIG records from
a secure zone.
902. [support] don't attempt to set q_fzone if we won't be using it.
901. [support] delay notify timer setting until all zones have been
loaded.
900. [port] hpux10 fix call to bison; sco call bison consistenly.
899. [bug] dynamically allocate buffer used to display RR rather
than uses a fixed sized one. grow as needed.
898. [bug] if truncation caused no RR's to appear in the answer we
mis-classified the answer on a NODATA.
897. [support] descriptors used by named should not be inherited by
named-xfer.
896. [contrib] add contrib/adm/adm-nxt, an exploit for the NXT bug
in 8.2 and 8.2.1. as before, we do not recommend its
use, and we do recommend that you run the latest BIND.
--- 8.2.2-P5 released ---
895. [port] minor NT build and documentation improvements.
894. [bug] incorrect "key" statements in named.conf weren't
handled properly.
--- 8.2.2-P4 released ---
893. [bug] DNSSEC logic in bin/host broke -t any
892. [bug] multiple SOA on AXFR bug
--- 8.2.2-P3 released ---
891. [bug] options { also-notify { ... }; }; resulted in wrong
pointer being memput with the wrong size on reload.
890. [port] A/UX portability improved.
889. [port] added IPv6 portability for OpenBSD, NetBSD, FreeBSD.
--- 8.2.2-P2 released (internal release) ---
888. [support] add default: all tag to top src/Makefile so that "make"
will work properly in some OS'.
887. [bug] "dig ... axfr" was printing spurious "TSIG ok" msgs.
886. [support] top-level Makefile now included in all tarballs.
885. [support] IXFR improvements.
884. [bug] some deprecated NXT RR forms weren't ignored properly.
883. [support] "host" command can now try to verify dnssec signatures.
882. [contrib] dns_signer/ had some last minute problems (by author).
881. [bug] possible sprintf() overflow prevented.
880. [support] minor tweak to bin/dig/dig.c TSIG code to clarify
whether res_nsend or res_nsendsigned is being used.
879. [support] add "noesw" target to top-level Makefile (for PL1).
878. [port] aix4 HAS_INET6_STRUCTS was not being set based on the
existance of _IN6_ADDR_STRUCT.
877. [port] freebsd + KAME need a different Makefile.set
see INSTALL notes.
876. [port] IPv6 probe for MPE/IX, NetBSD.
875. [bug] bad NAPTR RRs could be loaded from zone files.
874. [port] update irix_patch in irix port.
873. [port] add SRC/tools to sco's make [std]links.
--- 8.2.2-REL released ---
872. [bug] named-xfer could free() a string twice.
871. [port] linux support for broken IPv6.
870. [port] more NT fixes and improvements from larry at bay.
869. [bug] disable client side IXFR (in named-xfer) for now.
868. [bug] updated named-bootconf to handle case insensitive parts
of named.boot. added stubs support. class was not
being reset.
867. [support] updated INSTALL notes.
866. [port] More NT fixes from larry at bay.
865. [port] add #include <limits.h> to next's port_before.h
864. [port] change solaris' Makefile.set files to use yacc and lex.
also clean up install and binary paths.
863. [bug] lib/isc/ctl_srvr.c needed fcntl.h #included
--- 8.2.2-T8B (RC2) released ---
862. [port] another NT infusion from larry over at bay.
861. [support] improve support for tsig'd updates.
860. [port] add IPv6 probing to: decunix hpux irix lynxos mpe
netbsd qnx rhapsody sco50
859. [bug] set control sockets to close-on-exec;
potential file descriptor leaks in ctl_srvr.
858. [bug] make ns_samename() and use it instead of strcasecmp().
857. [bug] unset update-log can lead to debugging msg mishaps.
--- 8.2.2-T7B (RC1) released ---
856. [bug] IXFR finally works and is reenabled.
855. [port] more win/nt changes from bay.
854. [bug] /etc/hosts lines longer than 8K can crash gethostent().
853. [bug] another linked list bug shaken out of ns_update.
852. [bug] compiled in pathname for nslookup help file was wrong.
851. [bug] ns_update had an off by 2 bug when checking names in
SRV records causing unexpected failures.
850. [bug] empty updates triggered an overambitious INSIST().
--- 8.2.2-T6B released ---
849. [support] print rcode on failed UPDATE messages.
848. [port] paths.h and port_before.h tweaks from SCO for unixware7.
847. [port] add SRC/irix_patch to make links in IRIX
846. [support] restore some diagnotics lost when #634 was done.
845. [support] WATSQ patch from Ted Rule of Flextech Television.
844. [support] added src/DNSSEC with a note about BIND-8.1.2 interop.
843. [bug] IXFR fixes.
842. [bug] pointer arithmetic on (void *) not ANSI C.
841. [port] sco50: make install: libport.a not longer exists.
840. [bug] turning on touch_timer() in ctl_clnt.c found a bug.
839. [contrib] new version of contrib/host (from author).
838. [support] improve error reporting; remove lint.
837. [bug] bin/host/host.c was not RFC2317 compliant.
836. [port] hpux portability and speed improvements.
835. [port] some shell's "cd" produce output - fix in port/systype.
--- 8.2.2-T5A released ---
834. [support] massive changes to dynupd API.
833. [port] more Win/NT.
832. [feature] boolean: treat-cr-as-space. If yes, BIND will treat
'\r' the same as it treats ' ' and '\t' in zone files.
831. [bugs] DNSSEC/CAIRN workshop results (in addition to #826):
- invalid size passed into b64_ntop in SIG parser
- Invalid TSIG keys are now logged and ignored
instead of panicing.
- trusted-keys didn't work if a trailing dot
was present
- a DST problem that occurs when one of the
multiprecision integers begins with a 0 byte.
- TSIG signed truncated responses were mishandled.
- minor RFC2535 changes.
830. [doc] Minor updates to INSTALL
829. [support] we need to cache SOA NXDOMAIN queries if only for a
clock tick.
828. [support] multiple zone warning clearer.
827. [bug] the ctl interface was clearing already-cleared timers.
826. [contrib] various improvements to contrib/dns_signer (from TIS).
825. [support] change __NAMESER and __RES to 19991006.
824. [port] sco50 needed #define __BIND_RES_TEXT in port_after.h
823. [bug] named-xfer missed a SIG text format change
822. [bug] TSIG signed truncated responses crashed the server
821. [bug] potential reference after free bugs.
820. [port] ultrix finally works again.
819. [bug] removed test for missing glue from nslookup()
as it got false matches. There is no simple
test for missing glue.
818. [bug] back out #790, there was no memory leak.
817. [port] Solaris needed #define BSD_COMP in port_before.h.
--- 8.2.2-T4B released ---
816. [bug] you could not raise the number of available file
descriptors after the first call to res_send() and
make use of them.
815. [feature] report version via command line option (-v).
814. [feature] getipnodebyname, getipnodebyaddr and freehostent added.
These are RFC 2553 newcomers to the RFC 2133 set.
813. [support] better diagnostics when trying to clean up old
unix control socket.
812. [bug] uninitalised variable.
811. [port] sco50 make links was not linking resolv.h.diffs
810. [bug] zone transfer did not transfer all DNSSEC records
at delegation points.
809. [support] res_[n]sendupdate has died before it could be used.
808. [bug] res_send() wasn't checking for EINTR after select().
807. [support] it's now possible to send TSIG'd updates.
806. [support] ns_parserr() was uncompressing from the wrong base
in a certain corner case trod on by res_findzonecut().
805. [bug] only set SO_LINGER if required by the OS,
#define DO_SO_LINGER to do so.
804. [bug] another swath of IXFR fixes.
803. [port] Compaq Tru64 UNIX 4.0B with ZK3's experimental IPv6 kit
installed will at least build, but hasn't been tested.
802. [support] we no longer cache NXDOMAIN if the QTYPE was SOA.
801. [bug] our negative caching logic would log spurious errors
if the response had an empty question section.
800. [bug] #764 was too aggressive in one case.
799. [port] ultrix is a still-moving target.
798. [support] QRYLOG now logs the QCLASS
797. [bug] closing a thread which had called get*by*() would
leak memory.
796. [support] deallocate_on_exit now frees memory allocated by irs.
795. [port] solaris 2.4 SO_REUSEADDR generates errors on
unix domain sockets.
794. [bug] ixfr_have_log() was logging wrong file name.
793. [bug] clean_cache() was not alway removing complete RRsets.
792. [bug] deallocate-on-exit caused references to freed memory.
791. [support] MEMCLUSTER_DEBUG had an array size error.
790. [bug] fix minor memory leak in ixfr code.
789. [bug] #669 was too aggressive. more than cached data was
removed.
788. [bugs] improvements to tsig and dnssec.
787. [port] win/nt lint.
786. [port] IRIX and emul_ioctl().
785. [bug] #780 broke A record update support.
784. [bugs] still trying to get IXFR working again.
--- 8.2.2-T3B released ---
783. [support] make res_send() more friendly to the java scheduler.
782. [support] dangling cnames aren't errors, stop logging them.
781. [support] add -n option to ndc command, to run nonstandard named.
780. [bug] UPDATE did not support the AAAA RR.
779. [bug] miscellaneous IXFR fixes.
778. [support] don't complain to syslog about negative caching RRs.
--- 8.2.2-T2B released ---
777. [bug] getword() didn't increment lineno at EOF.
776. [bug] the NOERROR_NODATA cookie overlapped a valid rcode.
775. [protocol] we weren't sending properly formated FORMERR responses.
774. [bug] UPDATE did not support the SRV RR.
773. [bug] named-xfer was calling inet_ntoa in one printf.
772. [typo] Typo in ns_parser.y on maybe_zero_port: line.
771. [lint] UNLINK now performs a INIT_LINK so explicit INIT_LINK's
are nolonger needed after UNLINK.
770. [protocol] dynamic update prerequisites were inappropiately
matching wildcards, at variance with RFC 2136.
769. [bug] ordering of CNAMES was driven by original query type.
768. [support] MINROOTS is now a configuration option "min-roots".
767. [clarity] adjust XFR log messages to be more clear about cause.
766. [support] add "serial-queries" option to dynamify MAXQSERIAL.
765. [feature] added evInitID() and evTestID() for NOTIFY work.
764. [bug] DNSSEC changed the semantics of match() without
changing all the call sites that cared about it.
763. [bug] NOTIFY events caused by dynamic update weren't being
deferred, and multiple NOTIFY events weren't being
coalesced.
762. [support] don't rotate log file versions on server startup.
761. [port] named-xfer's openlog() was unconditionally using the
LOG_CONS option. now it does what named does.
--- 8.2.2-T1A released ---
760. [port] preliminary win/nt from baynetworks (thanks!)
759. [support] new compile time option BIND_IXFR, defaults to "off",
since our testing has shown up some problems with it.
758. [feature] new "ndc reconfig" command only finds new/gone zones,
doesn't stat() master files or qserial() slave SOA's.
757. [support] FORCED_RELOAD is no longer optional.
756. [support] fixed output format of hmac keys; removed DST chaff.
755. [feature] "also-notify" is now a global option.
754. [bug] the control socket was not checked for event lib
compatability.
753. [feature] "ndc help" now returns one line command summaries.
752. [feature] "ndc trace" now takes an optional "level" argument.
751. [support] debugging output could segfault in ns_print.c::addstr.
750. [port] A/UX 3.1.1.
749. [port] #9 has now been done for all Makefiles.
748. [feature] "transfer-source" is now a global option.
747. [support] SORT_RESPONSE is no longer a compile time option, since
the behaviour can be turned off at runtime with the
"rrset_order fixed;" option.
746. [bug] don't bother rescanning the interfaces if setuid!=root.
745. [protocol] IXFR transmission was just plain wrong in some cases.
744. [support] allow the calling location of strings to be recorded.
743. [feature] $GENERATE now supports more record types, and options.
742. [port] port/sco50 was using /usr/local/etc for its ndc socket.
741. [port] HPUX needed __BIND_RES_TEXT.
740. [bug] #634 had the unfortunate side effect of disabling IXFR.
739. [port] probe for IPv6 structures, solaris openbsd freebsd
738. [bug] invalidate pointers back into linked list when element
is removed.
737. [port] solaris: expr is sensitive to LC_COLLATE
736. [bug] potential single file descriptor leak opening
/dev/random.
735. [bug] memory leak: having rrset-order set and reconfiguring
the server results in a memory leak.
734. [port] linux only fills in as many entries as will fill the
buffer with SIOCGIFCONF.
733. [bug] RD is not being set on first message to first forwarder
resulting in false "Lame Server" reports and degraded
service.
732. [bug] errors reading keys from master files could cause the
the server to drop core.
731. [bug] highestFD was not reflecting the highest value the
library could cope with.
730. [port] rand() does not modify the LSB on BSD based systems.
729. [bug] allow-query responses were dependent upon cache
contents.
728. [bug] it wasn't possible to specify the flags of trusted keys
in hex, which was inconvenient since dig prints hex.
727. [bug] TSIG keys weren't properly shared with named-xfer if
the zone named contained a slash (/).
726. [bug] TSIG keys weren't reloaded correctly with 'ndc reload'.
725. [bug] only the first key in an acl was matched correctly.
724. [bug] "ndc restart" needed a short delay before checking
for the health of a newly started name server.
723. [bug] TSIG signed zone transfer failed on especially
large zones.
722. [doc] the example named.conf file had invalid TSIG usage.
721. [bug] duplicate records were tripping the cname-and-otherdata
test, which wasn't necessary since they'll be ignored.
720. [port] solaris doesn't have gethostid() the way we build.
719. [lint] lots of lint fixed by bob and paul.
718. [bug] multiple CNAME support was not cycling the cnames in
an RRset properly.
717. [bug] wrong /bin/ps flags in solaris prand_conf.h. minor
tweak to ports/prand_conf/prand_conf.c to ensure proper
flags in future ports.
716. [bug] log files are now closed/reopened on a size basis.
715. [clarity] root servers don't need to be primed.
714. [typo] extra "q" in a message in ns_maint.c.
--- 8.2.1 released ---
713. [bug] don't loop on untimely eof within config file.
712. [port] hp-ux signals; aix bit types.
711. [perf] don't call find_zone() four times from within qnew().
--- 8.2.1-t7b released ---
710. [bug] can fetch zone from own address if port is different.
709. [bug] make sure zones are properly reinited when they die.
708. [bug] end marker or sizeof, but not both please.
--- 8.2.1-t7a released ---
707. [port] AIX, HPUX, SunOS.
706. [feature] zone forwarding can now be applied to master, slave
and stub zones as well as forward zones.
705. [bug] some zone options were not being copied.
704. [bug] very obscure problem fixed in res_update().
703. [bug] single-zone reload was stomping freed memory.
--- 8.2.1-t6b released ---
702. [port] solaris vs. enum; linux vs. IPv6.
701. [bug] NOTIFY rejection logic still wasn't correct.
700. [bug] complete #697
--- 8.2.1-t5b (rc2) released ---
699. [bug] if getting the ixfr change log fails send a axfr style
response.
698. [bug] res_notify() was rejecting valid NOTIFY messages.
re-organise code so that logged messages are more
appropriate.
697. [port] linux.
some versions define _GNU_SOURCE in features.h
some version require the compiler to set the byte order
when probing for IPv6 structures.
696. [bug] don't use NULL file pointer if IXFR transaction log
cannot be opened due to permission errors.
695. [lint] another considerable amount of lint was removed.
694. [bug] only the last two forwarders would be used.
693. [bug] nsfwdadd() needed to continue outer loop.
692. [bug] RD was not being cleared by ns_forw(). this could
cause DNS storms between lame servers.
691. [bug] We still had some leftover named-xfer ixfr tmp files.
690. [bug] return IXFR in question section of AXFR style IXFR
response.
689. [bug] we now return "up to date" response to IXFR queries
when required.
688. [bug] UDP IXFR now tells the client to use TCP.
687. [bug] IXFR was incorrectly reporting errors on DNSSEC RRs.
686. [port] hpux Makefile.set improvement (+O2 -> +ESlit).
685. [feature] mark recursive queries in query log.
684. [bug] named-xfer now ignores out-of-class glue.
--- 8.2.1-t4b (RC1) released ---
683. [lint] considerable lint was removed.
682. [perf] another round of performance tweaks from HP (thanks!).
681. [bug] SIG wasn't being ignored when generating NOTIFY msgs.
680. [feature] delay parent reload as long as we can after removing
child zone to save multiple parent reloads.
679. [port] port probe now recognizes SCO 5.0.5.
678. [doc] not all man pages were being installed.
677. [feature] lost feature "allow-recursion" added back in.
676. [bug] "100" was too small for ndc message sizes.
675. [bug] we weren't storing a (needed) extra copy of the zname.
674. [bug] SIGTERM wasn't working the first time it was sent.
--- 8.2.1-t3b released ---
673. [bug] nslookup wasn't accepting _ at the beginning of names.
672. [bug] ndc was only passing the verb across the command
channel and not the arguements. Reload of a single
zone "really" works now.
671. [feature] you can reload multiple zones with a single ndc reload
command. e.g. ndc reload zone1 zone2 ...
670. [bug] db_load did not work unless a RR had the class defined.
669. [bug] the cache is now purged when a forwarder is {re}loaded.
668. [bug] complete #652.
667. [bug] allow-query wasn't being allowed for stub zones.
666. [usability] only try to chown()/chmod() a control socket when the
owner or permissions _change_ between reloads.
665. [bug] "options topology" is now possible to set.
664. [security] add important solaris-related security note to README.
663. [bug] "ndc -q" now turns off initial header and EOF printing.
--- 8.2.1-t2b released ---
662. [usability] src/conf/ added, containing some of ISC's config files.
661. [protocol] we weren't sending AAAA RR's as AXFR glue.
660. [port] IRIX.
659. [contrib] author-submitted changes to dnssigner, new cider2named.
658. [protocol] print better messages wrt TSIG. add p_rcode().
remove _res_resultcodes[]. improve key handling.
657. [port] apply cpp to /usr/include/netinet/in.h to work out if
struct sockaddr_in6 and struct in6_addr/inaddr6 are
defined.
656. [bug] Classless IN-ADDR support was broken.
655. [bug] major overhaul of IXFR code.
654. [bug] dynamic update of non top of zone SOA now ZONEERR.
653. [feature] check-names now applied dynamic updates as if
the zone was being loaded. REFUSED returned.
652. [port/bug] many operating systems allow more descriptors than
their default FD_SETSIZE has room for. we catch this
now, both by asking the operating system not to do this
and by treating as invalid any out-of-range descriptor.
651. [protocol] any soft failures in res_send() will now cause the
final return value to be TRY_AGAIN. previously the
last server response received was the one returned.
650. [doc] resolver.5 man page clarified and corrected; res_init()
made to do what the man page now says it does.
649. [port] make header files c++ compatible.
648. [bug] multiple options definitions of allow-query /
allow-transfer / sortlist / blackist / topology
are not allowed. warn rather than silently applying
the last definition.
647. [bug] options max-ixfr-log-size was not being applied.
646. [feature] memcluster debugging support improved.
-DRECORD_MEMCLUSTER to enable.
645. [bug] memory leaks
644. [bug] res_update() could not delete the first CNAME
in a chain.
643. [bug] res_update() did not correctly handle labels
with periods.
642. [port] SCO 5.0 portability improved.
641. [feature] $TTL now takes TTLs of the form 1w6d7h32m20s.
640. [bug] was returning NODATA rather than NXDOMAIN after a
dynamic update removed the last RR from a childless
node.
639. [bug] another fix for "rrset_order fixed".
--- 8.2.1-t1a released ---
638. [bug] ixfr was still creating the wrong file names sometimes.
637. [bug] bin/dnsquery/dnsquery.c wasn't init'ing the resolver
correctly befloew calling gethostbyname().
636. [port] inet_ntoa() had to go back to being non-const for now.
635. [bug] AXFR wasn't forcing an autoincrement of SOA.SERIAL
following a batch of UPDATE requests.
634. [feature] check all master soa's and use best serial, rather
than trying them in order and grabbing the first
one who answers with one better than the local one.
633. [port] SunOS 4.1.4 has a broken recvfrom() with non-blocking
sockets.
632. [bug] res_mkupdate() signed/unsigned stupidity.
631. [bug] HMAC-MD5 fixes
630. [bug] NSTATS output was spaceless.
629. [misc] improvements to TSIG error logging.
628. [bug] "rrset_order fixed" was LIFO rather than FIFO.
627. [bug] TSIG signed zone transfers broken.
626. [bug] multiple CNAME support was broken.
625. [bug] key names are really domains so they need to be
made canonical.
624. [bug] ns_name_pton() accepted domains of the form
"example.." when it should have rejected them.
623. [feature] it is occasionally useful to know the local address
used to perform a zone transfer. this is now logged.
622. [bug] missing check for malloc() failures in strndup().
621. [bug] various things were wrong with nslookup's "ls -d" cmd.
620. [feature] forwarders are now retried like queries to the
delegated nameservers. forward only should be
more robust as a result.
619. [protocol] don't refresh TTL's from delegation information.
618. [feature] ndc is now quiet and verbose when it should be.
617. [bug] SOA counters now have minima as well as maxima.
616. [bug] needs were not always processed in a timely fashion.
615. [bug] ns_shutdown() memput() the wrong amount of memory
when freeing the zones array.
614. [feature] ndc can now reload single zones including the root
zone.
613. [bug] check for old unix domain socket / fifo prior to
attempting to establish control channel. error
message no longer just noise.
612. [port] Solaris UNIX domain sockets return different error
codes and also may use FIFOs.
611. [bug] extend control timeout to 10 minutes. reloads can
take a long time.
610. [bug] when reloading via the control channel we were
reporting that we were about to reload after the
reload was performed. Ensure message is set prior
to reloading.
609. [bug] zoneTypeString() could be called with NULL pointer.
608. [bug] set various pointers to NULL after associated
memory has been released to prevent accidental use.
607. [bug] finddata() was returning SIG's inappropriately.
606. [bug] fix two memory leaks in db_sec.c.
605. [feature] better error reporting from named-xfer.
604. [bug] fix a bug in the handling of $TTL's absence.
603. [port] add contributed/untested rhapsody port.
602. [bug] multiple "type hint" zones are now supported.
601. [bug] z_ftime wasn't being reset when fopen() failed.
600. [bug] gen_res_get() was initializing the wrong variable.
599. [bug] "ndc reload" exercised an uninitialized variable.
598. [bug] "nslookup reports danger" was reported ambiguously.
597. [bug] we weren't priming the cache in forward-only mode.
596. [bugs] many small bugs in DNSSEC handling were fixed.
595. [bug] nsupdate failed to support quite a few rr types:
sig,key,nxt,eid,numloc,srv,atma,naptr,kx,cert
594. [proto] BADID removed per I-D.
593. [bug] mk_update() didn't support SIG.
592. [bug] lcl_pr and lcl_ho were using uninitialized bufsizes.
591. [port] linux.
590. [port] irix.
589. [doc] hesiod(3) man page contrib'd in 1996 finally put in.
588. [bug] too many lame servers at once was fatal.
--- 8.2 released ---
587. [perf] uses about 5% less memory than 8.1.2 now.
586. [perf] faster at tcp, therefore less blocking on udp.
585. [misc] various releng lint.
584. [bug] IXFR wasn't doing DNSSEC RRtypes.
583. [bug] dnskeygen now fully qualifies its names; better usage.
582. [port] irix needed some patches applied during the build.
581. [bug] match_order() could dump core after "ndc reload".
580. [bug] ip_match_is_none() could dump core.
579. [bug] state names were off by one in src/lib/isc/ctl_srvr.c.
578. [misc] try without "transfer-source" if axfr connect() fails.
577. [contrib] sqlbind-8.
576. [bug] insecure updates weren't supported.
575. [doc] better documentation of key, trusted-key, zone pubkey.
574. [bug] was freeing freed memory on exit.
573. [port] nextstep.
572. [misc] centralize the name hashing logic (widen in some cases)
571. [perf] the new db_marshal() code was taking too much memory.
570. [perf] the lame server storage was taking too much memory.
569. [bug] src/lib/isc/ctl_srvr.c had an incomplete assertion.
568. [doc] Brent Baccala contributed an nsupdate man page.
567. [port] mpe, nextstep.
566. [protocol] upgrade to tsig draft 08.
565. [lint] use right relative paths for dnssafe includes in dst.
564. [bug] default security level for update rr's wasn't set.
563. [bug] debugging output in dprint_key_info() could panic us.
562. [perf] 8.2-t6b used 30% more memory on root name servers than
8.1.2 did. most of that was db_marshal hash tables.
--- 8.2-T6B released ---
561. [bug] DST more graceful in handling unsupported algorithms.
560. [feature] lame server ttl now a configuration option. Re-enable
lame server negative caching.
559. [bug] sysquery() was still using the child's name when it
switched to using the parent's NS list causing false
lame server reports.
558. [bug] disable lame server negative caching for the present.
557. [bug] undersized tcp messages are now detected early.
556. [bug] DNSSEC fine tuning.
555. [bug] the named.conf lexer was depending on two characters
worth of putback buffer, ansi c guarantees one char.
554. [port] port to "next" contributed by jack bryans.
553. [contrib] added "snoof", another script kiddie toy.
552. [bug] allow-query didn't interact well with external cnames.
551. [bug] validate_zone could crash the server.
550. [lint] ns_maint was using ns_log_default, not ns_log_in_xfer.
549. [port] netbsd and openbsd improved. prand_conf improved.
548. [bug] ns_resp was using the wrong logging category.
547. [bug] dig was reinit'ing its resolver flags incorrectly.
546. [bug] nsupdate didn't handle HINFO,ISDN,TXT,X25 correctly.
545. [feature] added dnssafe back in.
544. [feature] removed DES encryption support.
543. [port] cleaned cylink of non used definitons in headerfiles.
542. [bug] include/dst no longer needed
541. [bug] CERT records are allowed to have alg == 0.
540. [doc] Removed outdated doc/secure, updated dnssigner
documentation, updated dnskeygen.1
539. [bug] db_dump() was misparsing CERT records.
538. [feature] The KEY set is along with SOA, NS, A, AAAA records.
537. [bug] Multiple signatures are handled correctly.
536. [bug] SIG record expiration should be checked when the
SIG is verified.
535. [bug] Queries for SIG records of non-authoritative
names should not look in the cache or cache the
results.
534. [bug] DNSSEC SIG records are dropped when they don't
sign any data correctly.
533. [bug] SIG and NXT records are correctly handled when
received in responses by named
532. [bug] dynamic update data is now always considered
insecure, rather than having no security status.
531. [bug] dynamic update can again remove all data associated
with a name (type ANY, class ANY).
530. [lint] downgraded "ctl: unexpected eof" from error to debug.
529. [port] unixware 7 port received.
528. [bug] timeouts could make ctl_srvr dump core.
527. [bug] we were not reliably reaping our children.
526. [bug] Cached CNAMES pointing to servers returning Type 3/4
NXDOMAIN are translated to Type 3 NODATA responses.
525. [bug] nscount could be short if we had to recurse after
following a cname and we got a negative response.
NS rrset got split between AU and AD sections.
524. [protocol] RFC 2308 support added.
523. [feature] mark lame servers as such and don't use them for NTTL.
522. [port] solaris 7 is now known to work.
521. [port] sunos4 should be supported now.
520. [bug] inet_pton() was allowing some bad ipv6 addresses in.
519. [bug] refuse duplicate also-notify's; optimize logging.
518. [port] hpux portability fixes.
517. [contrib] dnswalk wasn't copying with 8.* "dig" output.
516. [port] MPE portability fix.
--- 8.2-T5B released ---
515. [security] lib/dnssafe code removed; now a separate patch.
514. [port] freebsd patches.
513. [bug] memory leak in res_mkupdate().
512. [bug] $GENERATE could use an unset ttl.
511. [bug] $TTL warning test was wrong.
510. [port] bugs and things found by the netbsd folks.
509. [bug] The labels field in the SIG record may be less than
the number of labels in the domain name if the
owner of the SIG is a wildcard.
508. [bug] rrset ordering contained an off-by-one error
507. [bug] NXT set processing was not distinguishing
between the upper and lower sets at delegation
points.
506. [contrib] more script-kiddie toys, this time contrib/adm.
505. [bug] the ixfr changes to named-xfer destabilized stubs.
504. [port] some IRIX problems fixed.
503. [bug] ixfr wasn't correctly setting up its qsp.
--- 8.2-T4A released ---
502. [bug] some config file parsing was still using malloc().
501. [feature] named sets the AD bit in the header when returning
authenticated data
500. [bug] dst_verify_data returns the documented error codes
499. [bug] verify_set now verifies the correct data
498. [bug] ixfr was not completely finished.
497. [bug] don't put zone 0 on the free list.
496. [bug] Losing all but last RR of RRset.
495. [port] random portability noise.
494. [bug] sysquery() should not let nlookup() change its data.
493. [feature] add "options ... rrset_order ... cyclic|random|etc".
this allows round robin to be turned off selectively,
or replaced with pseudorandom ordering, or whatever.
492. [bug] src/bin/named/db_sec.c was memputting objects twice.
491. [feature] add IRP (Information Retrieval Protocol) and daemon.
this is functionally similar to solaris "nscd".
490. [bug] lib/isc/ctl_srvr.c couldn't overlap read and write.
(also: add session context set/get.)
489. [bug] "cname and other data" was more complex than thought.
488. [port] some netbsd portability stuff. (still not working?)
487. [port] digital unix 3.2 wasn't working (4.0d was though).
486. [feature] add "sortlist", which may yet be merged/renamed into
the "topology" verb.
485. [bug] do not complain about default TTLs unless a master.
484. [contrib] add contrib/z0ne, a useful tool for crackers.
483. [contrib] add contrib/query-loc[-*] to look up LOC RR's.
482. [bug] all RR's must now be of the same class as the zone.
481. [bug] outbound zone transfers are killed on any UPDATE.
--- 8.2-T3A released ---
480. [bug] ns_update was corrupting TXT records
479. [bug] res_mkupdate was not handling WKS, HINFO, TXT,
X25, ISDN, NSAP and LOC records.
478. [bug] name_pack could leave a bad compression pointer.
477. [port] improved support for FreeBSD 3.0.
476. [bug] BSDI contributed some fixes to the /etc/group parsing.
475. [bug] another memory leak in hesiod_resolve().
474. [bug] SRV RR names were being compressed on output.
473. [feature] IXFR is no longer optional and has been cleaned up.
472. [bug] IXFR was disabling USE_PID_FILE.
471. [feature] add support for CERT records.
470. [bug] rrset_db_upgrade was updating the wrong cache.
469. [performance] use a free list for unused zones.
468. [feature] add getaddrinfo, courtesy of WIDE.
467. [lint] include/dst/dst.h moved to include/isc/dst.h.
466. [bug] fix core dump introduced with tsig glue.
--- 8.2-T2A released ---
465. [bug] ref counting bug in ns_xfr.
464. [bug] correct cut&pasteo in IXFR config syntax.
463. [lint] clean psf files after top level "make tar".
--- 8.2-T1A released ---
462. [feature] we now use randomized query id's.
461. [feature] new option "version" added.
460. [feature] add initial IXFR support from Check Point Technologies.
459. [bug] res_update() was putting debugging info on stderr.
458. [doc] add named.conf(5), improve doc/html.
457. [feature] named-bootconf is now written in /bin/sh and it is
now installed in ${DESTSBIN}.
456. [bug] res->defdname[] wasn't always properly \0 terminated.
455. [bug] _PATH_MEMSTATS was never being used.
454. [doc] the html docs weren't clear about logging having to
be specified first in the named.conf file.
453. [feature] add zone type "forward" for selective forwarding
(sometimes called "split horizon" or "fake root").
452. [bug] lib/irs/* was generally not coping with
oversized lines and files not ending in \n.
451. [port] BSD/OS 2.* is now a separate port.
450. [Feature] added DNS key generator in bin/dnskeygen.
449. [contrib] added DNS zone signer in contrib/dns_signer.
448. [doc] sample named.conf and html documentation include
examples of DNSSEC / TSIG configurations.
447. [feature] named verifies TSIG records on incoming messages, and
generates TSIG records on outgoing messages.
446. [feature] res_nsendsigned, res_nfindprimary, res_nsendupdate
provide TSIG aware resolver functions.
445. [feature] ns_sign and ns_verify generate/authenticate TSIG
signatures on DNS messages. ns_sign_tcp,
ns_sign_tcp_init, ns_verify_tcp, and
ns_verify_tcp_init are used for tcp transfers.
444. [feature] acls can now include shared key names.
443. [feature] added DNSSEC verification of zone data on load and
partial verification of signed data received over
the wire.
442. [feature] lib/dst (TIS digital signature toolkit), lib/dnssafe,
and lib/cylink added to provide functionality
needed for DNSSEC and transaction signatures.
441. [bug] fixed memory leak in hesoid support.
440. [bug] support for res in lib irs was a mess. _res now
controls the behaviour of get*by*() again.
439. [bug] fix *END_RESULT macros in port/solaris/port_before.h.
438. [feature] permit the install user and group to be overridden.
437. [feature] TCP truncation now reports IP address of the server.
436. [bug] memory leaks in nsupdate.
435. [doc] updated resolver.3
434. [bug] named.run was not always being created when ndc trace
was run.
433. [bug] req_notify required the slave zone to have been loaded.
this may not be the case when a zone has expired or
is being established over a dial on demand link.
432. [feature] blackhole queries from these nets. do not use these
nets to resolve queries.
431. [feature] loop breaking with UDP based well known services.
430. [bug] memory leaks in dispatch_message.
429. [feature] fast retries on host/net unreachable.
428. [bug] CNAME and other data is now a hard error.
427. [feature] support very large numbers of virtual interfaces.
426. [bug] bring named closer into line with the data ranking
in RFC 2181, Section 5.4.1.
425. [bug] removed spurious debug statment that generated a lot
false bug reports.
424. [bug] closed file descriptor leaks in ns_update.
423. [feature] loc_ntoa() can now accept NULL like other _ntoa's.
422. [feature] you can now specify a port on the master statement
to allow transfers from a non standard port.
421. [feature] warn when the root hints do not match reality.
420. [misc] added support for bcc (bounds checking compiler).
419. [feature] bring negative caching into RFC 2308 compliance.
418. [bug] expire now behaviour now as per RFC 1034/1035.
417. [bug] updates and zone transfers weren't locking eachother.
416. [port] support added for HPUX B.11.*
415. [feature] ndc is a C program now, uses new "controls" subsystem.
414. [feature] "controls" element of named.conf now live and working.
413. [feature] octal and hexadecimal numbers now parsed in named.conf.
412. [bug] we now support 2**24-1 (16M) zones. (need namespaces!)
411. [bug] fix *END_RESULT macros in port/bsdos/port_before.h
410. [feature] added support for dial on demand links between
servers.
409. [port] remove aggregious use of snprintf().
408. [feature] add -b option to dig to set srcaddr of tcp connects.
407. [feature] added $GENERATE to generate sets of RR's that only
differ by an interator.
406. [doc] added manpage for inet_cidr_ntop() inet_cidr_pton().
405. [bug] res_nsend() closed sockets unnecessarily on timeout.
handle change NS list and RES_STAYOPEN generically.
404. [bug] inet_addr/inet_aton/inet_network accepted illegal
inputs as legal. Also enforce octal input.
403. [bug] inet_cidr_ntop() was not producing correct output for
all possible inputs.
402. [bug] fix retry/retransmit logic in face of network errors.
401. [doc] the "transfer-source" zone option wasn't documented.
400. [bug] bin/host was dumping core - converted to use getopt.
399. [port] use time() rather than gettimeofday() in dig.
398. [bug] named could exit silently on assertion failures,
now assertion failures are logged using INSIST.
397. [port] add an AIX 3.2 port (requires GNU utilities).
396. [bug] dig and nslookup allowed sscanf/sprintf overflows.
395. [bug] dig and nslookup were unable to deal with 64KB answers.
394. [feature] add RES_NOCHECKNAME and "options no-check-names" (in
resolv.conf) to turn off modern host/mail name checks.
393. [bug] lib/isc/tree.c was missing a critical \ (#if DEBUG).
392. [bug] inet_aton() wasn't requiring nonterminal octets to
be in the range of octets, i.e., 1.300.1.1.
391. [bug] fix bug in MAX_XFERS_RUNNING logic.
390. [bug] ns_update() was capable of renaming an open file.
389. [feature] libbind.a now has a "ctl" subsystem, which is planned
to replace signals as a the communication path between
"ndc" and "named". preliminary support is in "named".
388. [feature] preliminary/nonfunctional/nonstandard ZXFR support.
387. [feature] inet_cidr_pton() and inet_cidr_ntop() added.
386. [bug] inet_net_pton() was not parsing hex correctly.
385. [feature] three new options for the RES_OPTIONS environment var
or for the "options" directive in /etc/resolv.conf:
attempts:NN default res.retry
timeout:NN default res.retrans
rotate use ALL listed nameservers
384. [feature] there is now a nearly-thread-safe resolver API, with
the old non-thread-safe API being a set of stubs on
top of this. it is possible to program without _res.
note: the documentation has not been updated. also
note: IRS is a thread-ready API, get*by*() is not.
(see ../contrib/manyhosts for an example application.)
383. [contrib] bsdi contributed an /etc/services.db hack, which is
currently conditionalized for bsd/os but would work
on any modern BSD-derived system (DB, snprintf, etc).
382. [port] bsd/os 4.0 defines its own pselect(), which differs
from the one we simulated. we now simulate the right
one, and use the right one.
381. [contrib] added contrib/srv, the beginnings of SRV client side.
--- 8.1.2 released ---
380. [bug] Replaying the dynamic update log could trigger an
INSIST.
379. [port] Updated IRIX port.
378. [bug] The declaration for res_freeupdrec() in resolv.h
didn't use __P().
377. [func] The server now sets SO_SNDBUF on UDP sockets.
376. [port] The malloc() implementation on many systems didn't
like memcluster.c's 4KB block allocations, sometimes
causing huge amounts of memory to be wasted.
memcluster.c now allocates bigger chunks and makes
its own 4KB blocks.
375. [bug] If more than (sizeof u_long) gets occurred for a
particular memory bucket, an INSIST about puts < gets
might have been erroneously trigged. Now total
gets and outstanding gets are counted.
374. [port] SCO 3.2v4.2 doesn't have initgroups(), so we do not
want to define CAN_CHANGE_ID.
373. [port] Updated LynxOS port.
372. [port] Updated SCO 3.2v5.0.x port.
371. [bug] "make install" could fail on some Linux systems
because src/port/linux/include/net/Makefile didn't
cope with an empty HFILES variable.
370. [bug] Trying to update an expired slave zone would cause
the server to panic.
369. [bug] The Makefile for named-xfer didn't try to create
${DESTDIR}${DESTEXEC} if it didn't exist.
368. [bug] Interface scanning could get confused on BSD-like
systems if the sa_len of the address was less than
sizeof (struct sockaddr).
367. [func] The default value for the host-statistics option has
been changed to "no".
--- 8.1.2-T3B released ---
366. [bug] Z_AUTH was set on the cache zone do_reload().
365. [security] Missing bounds checking in inverse query handling
allowed an attacker to overwrite the server's stack.
364. [port] Added support for HP MPE.
363. [bug] named-xfer automatically restarts the transfer if the
SOA changes during the transfer. There was no limit
on the number of restarts, resulting in a lot of
wasted effort if the SOA was constantly changing.
The number of restarts is now limited.
362. [security] Requesting a zone transfer for a domain name which
had a resource record of a certain format would
cause the server to abort().
361. [bug] named-xfer tries to close files named might have
had open. On Solaris, sysconf(_SC_OPEN_MAX) can
return RLIM_INFINITY, and if it did named-xfer
would try to close all those files. named-xfer
now applies an upper limit of FD_SETSIZE.
360. [port] Solaris 2.5 systems needed <sys/resource.h> to
be included in port_after.h to get rlim_t.
--- 8.1.2-T3A released ---
359. [func] IRS group support is now controlled by the
WANT_IRS_GR define in port_before.h.
358. [port] Updated IRIX port.
357. [port] Added support for QNX.
356. [func] Added -u (set user id), -g (set group id), and
-t (chroot) command line options to 'named'.
355. [func] If getnetconf() fails because it can't create the
socket used to get the interface list, the server
will log an error if it is doing a periodic interface
scan, and panic otherwise. Previous versions of the
server always panicked.
354. [security] Bounds checking in named-xfer, dig, host, and nslookup
had problems similar to those in item 293. Added a
few more bounds checks to the server.
353. [port] Paths are no longer overridden in port_after.h, and
are now generated from the various DEST paths in
Makefile.set.
352. [bug] Because of problems with setting an infinite rlim_max
for RLIMIT_NOFILE on some systems, previous versions
of the server implemented "limit files unlimited" by
setting the limit to the value returned by
sysconf(_SC_OPEN_MAX). The server will now use
RLIM_INFINITY on systems which allow it.
351. [port] Updated HP/UX 10.x port.
350. [bug] errno could be changed by certain signal handlers.
These signal handlers now save errno on entry
and restore it on exit. This changes eliminates the
need for the SPURIOUS_ECHILD #define.
349. [bug] hesiod.h wasn't installed.
348. [port] Added support for LynxOS.
347. [bug] res_update() leaked the zone section it allocated.
This leak no longer occurs on normal returns, but
still occurs when there is an abnormal return. This
will be addressed in a future fix.
346. [bug] Fix 303 fixed one thing and broke another, resulting
in a nonfunctional grscan().
345. [bug] Fix 328 was bad, causing the root zone to be purged
every time a toplevel domain was reloaded.
344. [bug] The priming fix in change 330 erroneously called
unsched() twice, causing a core dump if priming
failed. The priming fix could also erroneously
query [0.0.0.0].0.
343. [bug] The REQUIRE() in free_rrecp() was wrong, and was
triggered by an unapproved update.
342. [port] Added support for SCO UNIX 3.2v5.0.4.
--- 8.1.2-T2A released ---
341. [port] The LOG_CONS option to openlog() does not work as
documented on some systems. The server will now use
LOG_CONS only if USE_LOG_CONS is defined by the
port. Currently the bsdos, decunix, freebsd, linux,
and netbsd ports define USE_LOG_CONS.
340. [bug] The pid file was updated before the configuration
file had been read.
339. [port] #define HAVE_GETRUSAGE for Solaris >= 2.5.
338. [func] 'host' can now print AAAA records.
337. [bug] rm_datum() erroneously set dp->d_next to NULL
when savedpp wasn't NULL. Given a dynamic update
operation that deleted more than one RR, this bug
would cause all but one of the RRs to be leaked, and
would prevent correct rollback if the update failed.
336. [bug] Make sure 's' isn't negative in res_send(). This
shouldn't happen, but there have been some reports
suggesting it can happen.
335. [lint] Cleaned up more gcc warnings.
334. [port] Added support for HP-UX 9.x.
333. [bug] db_glue.c didn't compile if DEBUG wasn't defined.
332. [bug] named-bootconf.pl didn't convert secondary lines
that didn't contain a filename correctly.
331. [bug] If the server was configured with forwarders (but
not in forward-only mode), and a query ran out of
forwarders and had no nameservers, then the server
would erroneously forward the request to [0.0.0.0].0.
330. [bug] If priming of the root servers failed, recovery could
take a long time. If using forwarders to prime
and the query expired, the first forwarder would
always be skipped on subsequent attempts. The server
complained about priming problems in forward-only mode,
even though it doesn't matter.
329. [port] Some versions of Linux apparently need SPURIOUS_ECHILD.
328. [bug] purge_zone() didn't recurse if given the root zone,
causing old data and new data for the root zone to be
merged.
327. [func] Add log_check() and log_check_channel().
326. [func] Add r_prev field to ns_updrec in <arpa/nameser.h>.
325. [bug] Rollback of a failed dynamic update was done in FIFO
order instead of LIFO order.
324. [bug] evTryAccept() closed the wrong fd if getsockname()
failed.
323. [bug] eventlib didn't clear bits that had been serviced
or deselected out of ctx->{rd,wr,ex}Last.
322. [bug] evDestroy() destroyed the files list before destroying
the streams list. If there were any active streams,
this would cause a double destroy of the streams'
file objects, very likely triggering an 'insist'.
321. [bug] The correct error code for a failed asynchronous
connect was not reported. It now is, at least on
systems that have the SO_ERROR socket option.
320. [func] Allow multiple pending accepts. evTryAccept() now
reports the errno if an error was queued.
319. [bug] The toplevel Makefile passed MARGS before $settings,
which prevented overriding a port's Makefile.set
from the command line.
318. [bug] The Solaris port_after.h checked for SUNOS_2_5_1
instead of SUNOS_5_5_1.
317. [unused] [This change number was allocated but not used.]
316. [bug] evTryAccept() didn't append to the done list correctly
if connLast wasn't NULL.
315. [bug] The dynamic update code was incorrectly converted to
clean up ns_updrec structures using the new clustered
memory allocator, and this would cause an 'insist' to
be triggered some time after a dynamic update had
been processed. Instead of freeing the ns_updrec
fields directly in ns_update.c, res_freeupdrec() was
added to the resolver.
314. [bug] Adding and then deleting an RR in a single dynamic
update request would crash the server.
313. [bug] The nameserver would only try zone transfers from
the master that answered its SOA query. If a master
for some reason can answer the SOA but not the AXFR,
the other masters (if any) should be tried.
312. [security] Bounds checking in the resolver and dynamic update
code had problems similar to those in item 293.
Added more checks to ns_resp.c.
311. [bug] The s_wbuf in the qstream structure was leaked in
certain zone transfer failures.
310. [bug] If the server ran out of memory in ns_xfr(), the
subsequent connection cleanup could modify the
z_numxfrs field of zone 0 instead of the zone being
transferred, causing an 'insist' to be triggered later.
309. [bug] NAMELEN() could return a negative length.
308. [func] Don't log ECONNRESET in stream_getlen().
307. [bug] include/isc/assertions.h and include/isc/list.h
weren't installed.
306. [bug] Timewarping into the future would cause repeating
timers to generate an event for every interval between
the previous time and the new time. Repeating timers
are now rescheduled based on the last event time, not
their due time. Idle timers now use the last event
time to compute the idle interval instead of the due
time.
305. [bug] The BOUNDS_CHECK() for the 5 32-bit integers in the
SOA RR was wrong.
304. [bug] lib/isc/assertions.c and lib/isc/memcluster.c did not
follow the port_{before/after}.h convention.
memcluster.c #included eventlib.h but did not need it.
--- 8.1.2-T1A released ---
303. [bug] 'bp' in grscan() in lib/irs/lcl_gr.c was incorrectly
validated, potentially causing corrupt data to be read.
302. [port] #define HAVE_GETRUSAGE for Solaris >= 2.5.1.
301. [port] Added support for Solaris 2.6.
300. [bug] The space for the pathname of named-xfer in the
options block leaked.
299. [bug] <irs.h> wasn't in the include directory, and wasn't
included before "port_after.h".
298. [func] Added "deallocate-on-exit" and "memstatistics-file"
options. If deallocate-on-exit is "yes", the server
will painstakingly deallocate every object it
allocated. This is slower than letting the OS clean
things up, but is helpful in detecting memory leaks.
297. [port] GNU libc 2.0 doesn't have <nlist.h> so in the
Linux port we now provide a stub nlist.h that
includes the real nlist.h if GNU libc < 2.0 and
does nothing if >= 2.0.
296. [bug] "make stdlinks" didn't "mkdir /var/obj" if /var/obj
didn't exist.
295. [bug] Specifying a query-source with and address and port
that the server was listening to didn't work.
294. [security] The server was willing to answer queries on its
forwarding sockets.
293. [security] rrextract() did insufficient bounds checking which
could cause it to crash the server by reading from
an invalid memory location.
292. [bug] The server sometimes leaked the flushset (ns_resp.c).
291. [bug] The server did not detect oversized UDP packets,
causing useless retries.
290. [bug] free_listen_info_list() leaked the IP matching lists;
the leak occurred when the config file was reloaded.
289. [bug] [This bug number was allocated for something that
turned out not to be a bug.]
288. [func] Add new list and assertion code to the ISC library.
287. [bug] "dig +sort" doesn't do anything, but was mentioned
in dig's usage message, as well as in the man page.
286. [bug] Some systems have a default FD_SETSIZE much smaller
than the number of files that can be opened. This
could cause problems in the resolver and eventlib.
FD_SETSIZE may now be set in
port/*/include/fd_setsize.h.
285. [bug] If OS probing failed to match any of the supported
ports, the build would try to continue with BSD 4.4
settings, with poor results in most situations. An
error message is now printed if probing fails.
284. [func] The interface list is now doubly-linked.
283. [bug] The server would panic if binding to an interface that
it had discovered failed. Simply not listening to
the interface is a better solution.
282. [bug] The nslookup Makefile didn't prefix DESTHELP with
DESTDIR when setting DEFS.
281. [bug] A socket() called in ns_main.c used PF_INET instead
of AF_INET.
280. [bug] The sample named.conf used "clean-interval" instead of
"cleaning-interval".
279. [bug] Some panic() messages in the IP matching code in
ns_config.c were wrong.
278. [bug] Setting an interval to zero (e.g. interface-interval)
eventually caused random timer destruction.
277. [bug] ns_panic() used "args" twice, but only called
va_start() and va_end() once.
276. [bug] nslookup's "ls" command always listed all records
instead of behaving the way its man page describes.
275. [bug] add_related_additional() leaked memory if the name
was already in the related array.
274. [bug] If a timer was cleared while in executing its callback,
and a new non-repeating timer was created afterwards
(but still in the callback), the new timer was
erroneously destroyed when the callback completed.
273. [func] Added transfer-source and host-statistics options.
272. [func] The zone number is now unsigned, allowing up to
65536 zones instead of the previous limit of 32768.
271. [func] Added evDefer().
270. [bug] The meaning of the count returned by select() varies
somewhat by operating system. Under certain
circumstances, this confused eventlib's accounting and
caused the server to spin.
269. [func] Added evLastEventTime().
268. [bug] Connections weren't cleaned up when the eventlib
context was destroyed.
267. [func] Added evTimeRW() and evUntimeRW() to control idle timer
usage in the eventlib streams module.
266. [func] Added file descriptor table to ev_files.c to improve
performance of evSelect() and evDeselect().
265. [func] Added evHold(), evUnhold(), and evTryAccept().
264. [func] Double-link many eventlib lists to allow faster
removal of list elements.
263. [bug] Remember the previous non-blocking status of
sockets given to evListen().
262. [func] Added idle timers to eventlib.
261. [func] Added clustered memory allocator to eventlib; eventlib
and named now use this allocator.
260. [func] The value of FD_SETSIZE that eventlib uses can be
set by changing include/fd_setsize.h.
259. [bug] Notification of hosts on the also-notify list stopped
after the first successful notification.
--- 8.1.1 released ---
258. [bug] Setting SO_SNDLOWAT to 0 in ns_xfr() wasn't doing
what it was intended to do, and could trigger a
kernel bug on various systems derived from BSD 4.4.
257. [bug] In lib/irs/dns_ho.c, variable needsort was used in
addrsort() before it was initialized.
256. [func] Ignore ECHILD from select() if SPURIOUS_ECHILD is
defined.
255. [bug] The contents of libport.a needed to be in libbind.a.
libport.a has been removed.
254. [install] Install library and .h files under /usr/local/bind
instead of /usr/local. When the include files were
in /usr/local/include, some compilers would
automatically use them. The clients would typically
not link with -lbind, causing unresolved symbols at
link time.
253. [port] Removed change 216.
252. [port] Added port for UnixWare 2.0.x.
251. [doc] Added a documentation on installing to non-default
locations.
250. [bug] The Makefiles for the binaries didn't create the
installation target directories if they didn't exist.
249. [bug] Change HAS_SA_LEN to HAVE_SA_LEN in the AIX 4 port.
248. [security] The server now caches only those response records
that are within the current query domain.
247. [bug] Forwarding of dynamic update requests sent to a
slave for the zone is broken. This will be fixed
in a future release, but in the meantime the server
will simply refuse the request. Cleaned up the
way some update code indicated that the request should
be refused.
--- 8.1.1-T2B released ---
246. [bug] process_prereq() could core dump if the name being
processed wasn't known.
245. [bug] It was possible to evSelectFD the same event bits
on the same fd more than once.
244. [bug] eventlib didn't decrement fdCount correctly if the
eventmask matched in multiple descriptor sets.
243. [lint] Improved comment in stale().
242. [port] Added port for OpenBSD.
241. [bug] evConnect() didn't evDeselect() the fd if connect()
failed, which would cause us to call select() with
a mask that included a closed file. select() would
then return EBADF and trigger an 'insist'.
240. [bug] evCancelConn() closed the fd.
239. [port] SunOS doesn't supply RAND_MAX.
238. [bug] fakeaddr() called inet_aton() which wasn't strict
enough. inet_pton() is now used.
237. [port] Added UnixWare 2.1.2 port.
236. [bug] The buffer in res_querydomain could overflow.
235. [bug] Fixed memory allocation problems in lib/irs/nis_gr.c.
234. [bug] evDeselectFD didn't restore the fd's previous
nonblocking status correctly.
233. [func] Define SPURIOUS_ECHILD in Solaris port. Don't
complain about getting ECHILD from recvfrom() if
SPURIOUS_ECHILD is defined.
232. [func] named-bootconf.pl now supplies a commented out
query-source directive and instructions to use it
if there's a firewall involved.
231. [bug] Changed a few strdup() calls in rrextract() into
savestr() calls. This prevents "related" checking
from being turned off if the server runs out of
memory.
230. [bug] If the query control structure was reset in ns_resp.c,
we leaked the memory used for the previous
qp->q_domain.
229. [func] Added the "dump-file" and "statistics-file" options.
228. [bug] named.conf called "statistics-interval"
"stats-interval".
227. [func] demoted "zones changed" and "zones shrunk" messages
in tryxfer() to debug level 3.
--- 8.1.1-T1A released ---
226. [bug] evCancelConn trashed the connections list if the
first element was removed. This could cause a
seg fault or trigger an 'insist'.
225. [bug] In the "cannot redefine listen-on for port ..."
error message, the port was not converted to host
byte order before being printed.
224. [port] Added port for AIX 4.
223. [bug] The dynamic update routine findzone() didn't match
class, so if you had two zones with the same name
but different classes (e.g. IN and HS), then
the wrong allow-update ACL could be used, and the
wrong zone could be updated.
222. [bug] If a dynamic master zone was updated and then was made
non-dynamic by removing the allow-update ACL or
changing it to "none" before the zone had been dumped,
then the master file would not reflect the update.
221. [func] added 'also-notify'.
220. [func] revised HAVE_GETRUSAGE ifdefs in ns_config.c. The
"cannot set resource limits on this system" message
on systems without HAVE_GETRUSAGE will now be logged
once per options block, and the message severity is
now "info" instead of "warning".
219. [bug] If the root name was encoded in a message using a
compression pointer, dn_expand() would erroneously
return "." as the name instead of "".
218. [bug] when gethostans() in dns_ho.c encountered a CNAME
while processing a PTR query, it erroneously required
that the CNAME target pass the res_hnok() test (i.e.
that it be an RFC 952 hostname).
217. [bug] dnsquery didn't work because it tried to use the
obsolete and broken p_query() call instead of
fp_nquery().
216. [port] set SH=bash in port/freebsd/Makefile.set.
215. [port] #define ts_sec and ts_nsec to tv_sec and tv_nsec
respectively in port/freebsd/include/port_before.h.
214. [bug] the clarification TTL changes (see change 145 below)
set the SOA minimum field to zero if the MSB was set.
The server now leaves the SOA RR alone, but sets
z_minimum to zero if the MSB is set.
213. [bug] if the SOA refresh or retry fields of a slave zone
were 0, an 'insist' would be triggered when zone
maintenance was performed. The server still leaves
the SOA RR alone, but now imposes a minimum value for
z_refresh and z_retry.
212. [func] added the clean-interval, interface-interval, and
statistics-interval options.
211. [func] scan for new or deleted interfaces periodically.
210. [func] the _PATH_DUMPFILE default is now "named_dump.db".
209. [bug] <isc/eventlib.h> and <isc/logging.h> were #included
after port_after.h. They are now #included before
it, since they #include system header files.
ns_lexer.h was #including <stdio.h> and ns_parseutil.h.
Now it #includes neither one. These changes required
that the definition of struct timespec be moved from
port_after.h to port_before.h in the ULTRIX, SunOS,
and A/UX ports.
208. [port] removed HAVE_GETRUSAGE from the Solaris port, since
Solaris only has it if a Berkeley compatibility
package is installed.
207. [bug] abortxfer() always used SIGKILL, which didn't give
named-xfer a chance to clean up after itself. Now
abortxfer() does a SIGTERM first. If the SIGTERM isn't
successful, it will use SIGKILL.
206. [bug] If two zones with the same name but different classes
(e.g. IN and HS) were defined, then a zone transfer
of whichever zone loaded first would work normally,
but a zone transfer of the second would give only the
NS and SOA RRs.
205. [bug] certain operating systems (notably Solaris) return
error codes the server didn't expect, and thus
treated as fatal to the interface. More error codes
are now recognized. The server will now log
unrecognized errors, but will not delete the
interface. Certain error results from recvfrom() and
accept() now panic the server.
204. [bug] stub zone transfers would fail if there were no
NS records in the SOA response. The stub logic
now works as intended and has more error checking.
203. [bug] we logged a failure of bind() in opensocket_d()
twice.
202. [port] Linux defines AF_INET6 as 10, so we use that value
in port/linux/include/port_after.h.
201. [bug] library Makefiles want to press on if linking of
an individual module fails. The 'ld' rule was
set up to do this, but the subsequent 'mv' rule
was not, causing the make to stop if the 'ld' failed.
Now the 'mv' is done only if the 'ld' succeeds.
200. [bug] the value of timeout.tv_sec was printed in SendRequest
(bin/nslookup/send.c). select() on some systems
(such as Linux) modifies the value of the timeout, so
printing it is useless since it will always be 0.
199. [func] if s is too big for FD_SETSIZE in res_send, complain
and try another nameserver.
198. [bug] sysnotify() was too strict in requiring an NS RR
for the server named in the SOA MNAME field. RFCs
1996 and 2136 say the NS RR is optional.
197. [bug] The parser erroneously freed zone_name if a zone
redefinition was attempted. This would cause the
server to dump core if a zone appeared more than
once in a configuration file.
196. [bug] Makefiles below port/*/include had "fi \" followed
by "done" on the next line. This made bash 2.0
unhappy. The "fi" is now followed by a ";".
195. [port] ULTRIX's sh doesn't like an empty "for x in ..." list,
and that was causing "make install" to fail in
the src/port/ultrix/include/rpc directory.
194. [port] add SH variable to toplevel Makefile, document the
need to use SH=bash on systems where /bin/sh is
derived from "ash".
193. [bug] named-bootconf.pl could repeat end-of-line comments
192. [bug] ndc was being installed in DESTBIN instead of
DESTSBIN.
191. [bug] block delivery of all other signals when in SIGTERM
handler in named-xfer.
190. [bug] named-bootconf.pl didn't handle non-masked xfrnets
correctly if the network was class B or class C.
--- 8.1-REL released ---
189. [port] update to the port/sco50 directory rcvd from author.
188. [func] to avoid potentially confusing log messages, don't
set Z_DYNAMIC if "allow-update { none; };" is
specified in the config file.
187. [bug] a panic() in new_ip_match_mask() erroneously
referred to the function as "new_ip_match_pattern".
186. [bug] transfers-in couldn't be set higher than the default.
It may now be set as high as 20.
185. [doc] add a stub example to named.conf.
184. [bug] the usage message was out-of-date.
183. [port] some systems don't define AF_INET6, so we
define it if necessary in all port_after.h
--- 8.1-T5B released ---
182. [bug] fix the way bindname is allocated in hesiod_to_bind().
181. [bug] MAXHOSTNAMELEN wasn't defined on Solaris.
180. [bug] a check for zptr != NULL in res_update was wrong. It
should have been zptr == NULL.
179. [bug] sq_remove() and sq_done() were calling ns_freexfr()
when any stream was removed, resulting in a panic
when the server was reloaded. ns_freexfr() is now
only called when a zone transfer stream is removed.
--- 8.1-T4B released ---
178. [bug] if the server was reloaded and then a zone was
deleted and the server reloaded again, all within
a short period of time, then pending NOTIFY messages
would cause the server to panic when they ran.
177. [lint] replaced BUFSIZ with a more appropriate size in
several places.
176. [func] change MAXDATA to 2*MAXDNAME + 5*INT32SZ.
175. [security] libirs now limits hostnames to MAXHOSTNAMELEN
characters.
174. [bug] we called ns_refreshtime() instead of ns_retrytime()
in the Z_NEED_RELOAD|Z_NEED_XFER|Z_QSERIAL case in
zone_maint().
173. [bug] the server didn't clear the Z_NEED_RELOAD flag in
zoneinit().
172. [bug] if a server was a slave for a zone, and an outbound
transfer ever hung or terminated unusually, regular
zone maintenance would cease for the zone.
171. [port] work around a bug in the Digital UNIX 4.0B SIOCGIFCONF
ioctl.
170. [func] the message logged when a zone is loaded now
indicates the class of the zone.
169. [func] the message logged when a zone is removed now
indicates both the type and class of the zone.
168. [bug] if a zone's type changed from master to slave on a
server reload, the server erroneously deleted the
new zone data as part of cleaning up the old zone
data.
167. [func] when converting from wire format to printable format,
represent special characters ".;\@$ by escaping them
with \ instead of converting them to \DDD.
166. [bug] when a slave zone expired, it was not scheduled for
immedidate maintenance.
165. [port] added port for SCO OSE 5.0.2, renamed port for
SCO UNIX 3.2v4.2.
164. [func] created the "response-checks" logging category.
163. [port] don't define AF_INET6 in nameser_compat.h.
162. [bug] the server panicked if a dynamic update request
was sent for a dynamic zone which had not loaded
because of syntax errors in the master file. The
server now returns NOTAUTH.
161. [bug] debugging messages in process_prereq() referred to
process_updates() instead of process_prereq().
160. [bug] hp was not reset after a realloc() in named-xfer.c
159. [bug] named-bootconf.pl didn't translate stub zones.
158. [lint] cast a number of "no effect" statements to void so
that gcc doesn't complain when invoked with
-Wall -W -Wno-unused
157. [lint] a number of uses of the %lu printf() format were
converted to %u; the corresponding casts to u_long
were removed.
156. [lint] converted z_deferupdcnt and z_updatecnt from int to
u_int32_t.
155. [func] maint_interval is now gone; SOA sanity checking
related to it is gone too.
154. [bug] in named-xfer, unsigned 32-bit integers were
sometimes stored in signed 32-bit variables and then
printed using a cast to u_long and printf() format
%lu. This would cause problems on 64-bit systems if
the MSB of the 32-bit integer was set. The variable
declarations have been changed to u_int32_t, and the
printf format is now %u.
153. [bug] log_open_stream() had two syslogs that said the
failing function was log_vwrite() instead of
log_open_stream().
152. [lint] made class, type, and dlen in rrextract() and
named-xfer.c/print_output() u_int16_t.
151. [bug] the server was incrementing nssSentFErr in the
formerr: code in ns_resp.c even though it wasn't
sending FORMERR to anyone.
150. [func] in "check-names response fail" mode, instead of
just dropping a failing response, we now send
REFUSED to the client and drop the query.
149. [bug] if there wasn't a space between the SOA minimum value
and a following ')' in a master file, the server
would generate an error when it tried to parse the
minimum value, causing the zone load to fail.
148. [func] the list of supported syslog facilities has been
increased; the following facilities may now be used,
provided they're available on the system 'named' is
being built on: kern, user, mail, daemon, auth,
syslog, lpr, news, uucp, cron, authpriv, ftp,
local[0-7].
147. [bug] the maybe_syslog_facility, logging_opt,
channel_severity, address_name, key_ref, key_stmt,
acl_stmt, zone_stmt, optional_class, and size_spec
rules in the parser either leaked memory or could
leak memory.
146. [func] if an RR set in a reply differed from an RR set in
the cache only in the TTL, we would not update the
TTL of the RR set in the cache. We now update this
TTL to that of the reply RR set if the reply RR set's
TTL is greater.
145. [func] follow the direction of the clarification draft and
treat TTLs as unsigned 32-bit integers, with a
maximum value of 2^31 - 1. TTLs greater than the
maximum will be converted to 0. A warning will
be issued if this conversion occurs while loading
a master zone or during inbound zone transfer.
144. [func] "dig version.bind. txt chaos" now returns only
the version number (e.g. "8.1-T4B").
143. [lint] fixed various mismatches between printf() format
string components and their corresponding
arguments.
142. [lint] SendRequest_close() in nslookup/send.c had a return
type of int instead of void.
141. [port] converted bcopy() to memcpy() or memmove() as
appropriate.
140. [bug] certain buffer size checking comparisons in
rdata_expand() weren't working because they were
checking to see if an unsigned value was < 0.
139. [func] convert a few address comparisons from == to using
ina_equal().
138. [bug] an address comparison used in marking a server as
bad was done incorrectly in ns_resp.c because the
comparison used = instead of ==.
137. [lint] cleaned up warnings caused by assignment used as
truth-value in various source files.
136. [func] changed eventlib-related INSIST statements into
INSIST_ERR, so that we can print out strerror(errno).
135. [lint] replaced _getshort() with ns_get16() and _getlong()
with ns_get32() in various source files.
134. [lint] findzone() and rdata_expand() were used before
they were declared in ns_update.c, and were not
declared static.
133. [lint] merge_logs() was not declared in ns_func.h.
132. [lint] Linux port_after.h didn't declare daemon(). We now
do so, but only if GNU libc < 2.0.
131. [lint] set_boolean_option() was not declared in ns_func.h.
130. [lint] yyparse() was not declared in ns_parser.y.
129. [lint] ns_lexer.h didn't declare lexer_end_file().
128. [lint] db_dump.c, db_lookup.c, db_update.c, db_glue.c,
db_save.c, ns_ncache.c, ns_req.c, ns_stats.c, and
ns_xfr.c didn't #include <string.h>
127. [lint] logging.c, ev_connects.c, ns_maint.c, ns_glue.c,
ns_update.c, dig/dig.c, nslookup/list.c,
nslookup/send.c, host/host.c, and
dnsquery/dnsquery.c didn't #include <unistd.h>.
126. [lint] res_update.c, heap.c, db_load.c, db_save.c, db_glue.c,
ns_lexer.c, ns_forw.c, ns_maint.c, ns_req.c,
ns_stats.c, ns_xfr.c, ns_glue.c, ns_config.c,
ns_update.c, host/host.c, nslookup/list.c, and
nslookup/getinfo.c didn't #include <stdlib.h>.
125. [lint] res_mkupdate.c, ns_update.c, nsupdate.c, ns_print.c,
didn't #include <ctype.h>.
124. [port] replaced bcmp() with memcmp().
123. [func] while not required, it's nice to preserve the order
of RRs as received when ROUND_ROBIN isn't on, so
we now do so.
122. [bug] under certain improbable conditions, the server
could erroneously set a maintenance timer for a
master zone. When the timer went off, it would
trigger the INSIST() in zone_maint().
121. [port] replaced bzero() with memset().
120. [func] added multiple-cnames option.
119. [bug] the timeout: code in ns_resp.c didn't clean up TCP
connections.
118. [port] added port for IRIX 5.3, 6.2, 6.4
117. [bug] removed declaration of getnum_error from db_load.c,
since it is now declared in ns_glob.h.
116. [bug] GNU libc 2.0 doesn't have a <net/route.h>, so in the
Linux port we now provide a stub net/route.h that
includes the real <net/route.h> if GNU libc < 2.0 and
does nothing if >= 2.0.
115. [func] on Linux systems, avoid an often unnecessary 'ranlib'
and the subsequent relinking of all binaries by using
the 's' flag of 'ar'.
114. [bug] 'make install' didn't work on HP/UX because the
path to the install script was wrong in many cases.
113. [bug] named-xfer didn't clean up properly when sent SIGTERM.
112. [bug] named-xfer didn't clean up properly if an error
occured in print_output().
111. [func] added "max-transfer-time-in" option. The server
used to allow a maximum of 2 hours for an inbound
zone transfer to complete. This time can now be
set globally or on a per-zone basis. The parameter
is the number of minutes a transfer can take.
110. [func] moved declaration of d_ns in struct databuf to improve
structure alignment.
109. [bug] addname() in ns_print.c didn't write an "@" for RRs
that contained a domain name which was the same as
the zone origin (it wrote nothing).
108. [bug] the server didn't check for EINTR in readable() and
writable() in ev_streams.c.
107. [bug] check for both EWOULDBLOCK and EAGAIN after certain
system calls instead of using PORT_WOULDBLK. This
fixes partial zone transfer problems reported on
Sun systems.
106. [bug] db_load() couldn't read SOAs with ( ) that were only
one line.
105. [bug] fixed typo in Linux Makefile.set MANROFF definition.
104. [func] move various rrset debugging messages, rm_datum, and
nsfree messages to debug level 3. Moved a few rrset
debugging messages to debug level 2.
103. [bug] d_rcnt could overflow; to prevent this it has been
increased to 32 bits. d_mark was made unsigned and
decreased to 12 bits.
102. [func] added macro DRCNTDEC to go along with DRCNTINC.
101. [bug] clean_cache() didn't count deleted RRs, so it
always reported "Cleaned cache of 0 RRs".
100. [bug] heap_for_each() didn't return a status, and didn't
check for a NULL context or a NULL action.
heap_element() didn't set errno to EINVAL when
given invalid arguments.
99. [bug] the category rule in the parser leaked memory.
98. [bug] "notify" was not recognized as a valid category
name.
97. [security] zone access control wasn't applied correctly to
names that didn't exist, allowing an attacker to
determine whether or not a given name exists in a
zone.
96. [bug] we didn't recognize certain non-fatal errno values
when recvfrom() failed; this would result in us
dropping an interface unnecessarily.
--- 8.1-T3B released ---
95. [bug] named-bootconf.pl didn't process xfrnets correctly
(if no netmask was specifed, it assumed a mask of
255.255.255.255 instead of the natural netmask for
the class of the address).
94. [bug] named-bootconf.pl didn't handle lines ending in a
comment.
93. [bug] if rename() failed in merge_logs(), we would return
garbage instead of -1.
92. [bug] writemsg() in named-xfer.c was returning a random
value instead of the number of bytes written.
91. [bug] schedretry() could set retry times in the past
because it was relying on 'tt' which hadn't been
updated. It now calls gettime(&tt).
90. [bug] 'tt' might not have been current when clean_cache()
was called.
89. [bug] ns_lexer.h didn't #include <ctype.h>
88. [cleanup] removed some relics of the early days of BIND 8's
new logging system from the parser and ns_config.c.
87. [bug] when writing to a TCP socket, the server didn't
handle errors from the write() correctly. Under the
right circumstances, this will cause the server to
spin. The most common trigger would be a large
outbound zone transfer where the far end died.
86. [cleanup] fixed comment in dig.c that messed up font-lock mode
in emacs.
85. [bug] inet_lnaof, inet_makeaddr, inet_netof, and
inet_network were missing from lib/inet.
84. [func] improved log_channel creation and use by making the
type more opaque. The logging API provides a more
complete set of services. Added the LOG_CHANNEL_OFF
flag.
83. [func] removed statistics_channel; it wasn't being used.
82. [lint] a few handler functions were declared as
void (*)() instead of void (*)(void). All now have
the latter declaration.
81. [port] added port for A/UX 3.1.1.
80. [port] added port for SCO UNIX 3.2v4.2.
79. [bug] when processsing slave zones during a config file
reload, in the "backup file changed" (or missing)
case we were calling purge_zone() and do_reload()
even if we had never successfully transferred and
loaded the zone.
78. [cleanup] moved writemsg() to named-xfer.c.
77. [cleanup] removed doupdate() from ns_resp.c.
76. [bug] writev() in lib/bsd would keep going if there was
a partial write; this could cause incorrect output.
75. [func] added readv() to lib/bsd.
74. [bug] if evConnect() failed in tcp_send() we were aborting
the server instead of just returning an error.
73. [port] automatically fix getgrgid() declaration in ULTRIX
4.5 grp.h.
72. [func] make port/*/Makefile invoke SUBDIR make in
include. Add/modify include and include/sys
Makefiles.
71. [port] added utimes() to lib/bsd.
70. [doc] README broken up into INSTALL, TODO, port/README.
Added more info about many topics.
69. [bug] NOTIFY didn't handle an unknown NS target. E.g.
if we had "test.domain NS unknown.name" and
"unknown.name" was not known, NOTIFY wasn't doing an
"A" query for "unknown.name".
68. [lint] tweaks to ERR() and OK() in eventlib_p.h.
67. [bug] 'ch' in main() was a char instead of an int.
66. [bug] in bin/named/Makefile, pathnames wasn't getting
linked with ${LIBBIND}, ${LIBPORT}, and ${SYSLIBS}.
65. [port] automatically fix timespec in BSD/OS 2.1 includes.
64. [func] lib/isc/heap.c now includes port_before.h and
port_after.h. Fix 58 (below) has been undone;
with port_after.h we'll now use __ansi_realloc()
from Fix 59.
63. [bug] STRIP and PS were missing from MARGS in bin/Makefile.
62. [func] RRs in the additional data section must relate to
RRs in the answer and authority sections. Only
certain RR types are allowed in the authority and
additional data sections.
61. [bug] Dynamic update didn't understand SRV records.
60. [bug] SRV records weren't decoded properly.
--- 8.1-T3A released ---
59. [bug] The IRS library also wanted an ANSI C realloc().
port/sunos now provides __ansi_realloc().
58. [bug] SunOS didn't like heap.c doing realloc() on a NULL
pointer (in ANSI C that is equivalent to malloc()),
so we malloc() instead.
57. [bug] interface discovery complained about bogus
interfaces on ULTRIX, SunOS, and HP/UX because
SIOCGIFCONF_ADDR wasn't defined in their port_after.h.
56. [API] created lib/nameser/ns_name.c and moved a lot of the
functionality from lib/resolv/res_comp.c into it.
functions older than 8.1 were stubbed out, but new
functions from 8.1 were just renamed/removed.
55. [bug] findzone in ns_update wasn't ignoring z_nil zones.
54. [bug] if the named-xfer exec() failed, a misleading message
was printed.
53. [bug] interface discovery didn't work on NetBSD because
HAVE_SA_LEN wasn't defined in port_after.h.
52. [func] log the host we got a NOTIFY message from
51. [bug] we weren't sending out NOTIFY messages if the SOA
was changed as the result of a dynamic update.
50. [bug] req_notify() wasn't calling sched_zone_maint() after
it called qserial_query().
49. [bug] initial_{data,stack,core}_size and initial_num_files
weren't in an #ifdef HAVE_GETRUSAGE block.
48. [func] use sysconf(_SC_OPEN_MAX) instead of getdtablesize()
in all cases when USE_POSIX is defined.
47. [bug] printupdatelog() was printing the post-update serial
number in the zone section instead of the pre-update
serial number.
46. [bug] zp->z_serial wasn't being updated if a dynamic update
changed the zone serial number.
45. [bug] the SEQ_GT test in db_update was backwards.
44. [func] merge_logs() didn't work because a 'break' wasn't
removed when class and type lookups were converted
to sym_ston.
43. [func] evResetTimer() added to eventlib.
42. [bug] incr_serial() doesn't need to call schedule_dump().
41. [bug] reset_retrytimer() could clear a timer that had
already been cleared.
40. [bug] some zone data structures weren't freed if the zone
was removed.
39. [func] The eventlib timers module now uses a heap to
implement the timer queue.
38. [bug] dynamic zones weren't dumped if they were removed
from the configuration file.
37. [func] created the "load" logging category.
36. [func] find_zone now uses a hash table instead of a linear
search.
35. [bug] we weren't scheduling a retry for dumps or soa serial
increments that failed.
34. [func] instead of doing all NOTIFY messages five seconds after
loading completes, we now spread them out over up
to fifteen minutes (the maximum delay depends on how
many zones there are).
33. [func] if there are too many qserials running, we'll try
again in five to thirty seconds.
32. [bug] z_dumptime wasn't getting set to zero after a
zone dump.
31. [func] Each zone now has a maintenance timer. sched_maint()
is gone. The new programming rule: if you change
zp->z_time, it's your reponsibility to ensure
sched_zone_maint(zp) gets called.
30. [func] short circuit PrintTimers evPrintfs if not debugging
at a level where PrintTimers would print something.
29. [bug] if a log message with a non-default category was
logged to a default category channel which had
print-category on, "default" was printed instead
of the category name.
28. [func] the performance of the main loop has been improved.
27. [bug] NOTIFY messages weren't being delayed after a
zone load.
26. [bug] the eventlib category wasn't working if the channel
wasn't the default debugging channel.
25. [func] added the "maintenance" logging category.
24. [func] periodic statistics dumps are now done using an
eventlib timer instead of in ns_maint().
23. [bug] names which have multiple CNAME records are illegal,
but the server was allowing them.
22. [func] convert to POSIX signals from eventlib signal handling;
the eventlib API no longer provides signal support.
21. [func] converted assert() to INSIST() so that the logging
system (category "insist") will be used if a
consistency check fails.
20. [bug] the server could exit when it shouldn't, and without
leaving a message or a core file, because it wasn't
handling SIGPIPE.
19. [port] Solaris has trouble if the size of the buffer used for
IP_OPTIONS processing isn't 40 bytes.
18. [bug] library Makefiles we were using 'ld' instead
of ${LD}. Added LD_LIBFLAGS.
17. [bug] on at least one OS, ctime() can return NULL and
this can cause problems. We now call checked_ctime()
in ns_glue.c, which returns "<unknown time>\n" if
ctime() fails.
16. [bug] some signal handlers were calling library routines
which POSIX does not designate as safe for use by
signal handlers.
15. [func] finished conversion to new options scheme of
name checking and inbound zone transfer parameters.
14. [func] added os_change_directory().
13. [bug] write_open() in ns_config.c wasn't checking if the
file was regular before unlinking.
12. [func] added "os" logging category.
11. [bug] named-bootconf.pl used the deprecated channel name
"default" instead of "default_syslog".
10. [bug] named-bootconf.pl didn't understand continuation lines.
9. [bug] remove -p from mkdep command in Makefiles for
bin/named and bin/nslookup.
8. [bug] add CDEBUG to Makefiles that link using ${CC}.
7. [bug] timestamp and level were printed twice for file
channels in lib/isc/logging.c.
6. [bug] off by one with on level_text subscript in
lib/isc/logging.c.
5. [bug] broken channels sometimes weren't marked as broken
in lib/isc/logging.c.
4. [bug] didn't set foundname=0 after try_again: in ns_resp.c.
3. [bug] update_pid_file() didn't put a newline after the pid.
2. [func] minor log message tweaks in ns_config.c.
1. [bug] zone names needed to be canonicalized in the parser.
--- 8.1-T2B released ---