NetBSD

History

itojun 261b3b5bbe ISC BIND 8.3.5 Highlights vs. 8.3.4 Maintenance release. --- 8.3.5-REL released --- (Mon Jun 2 03:15:53 PDT 2003) 1540. [bug] remove potential memory leak from net_data_create(). 1537. [bug] dig buffer overrun with large command lines. 1535. [bug] winnt: large zone transfers failed. 1536. [cleanup] use NS_MAXMSG to define TCP buffers. 1534. [func] The advertised EDNS UDP buffer size can now be set via named.conf (edns-udp-size). 1533. [bug] don't artificially restrict the update message size. 1532. [bug] use maximum sized answer buffers in res_findzonecut(). 1530. [bug] nslookup computed incorrect reverse lookup for IPv6. 1529. [lint] unused variable in dnsquery.c::main(). 1528. [bug] getaddrinfo() incorrectly rejected a numeric service under certian circumstances. 1527. [proto] add ns_t_apl (42). 1526. [doc] res_{get,set}servers(). 1523. [bug] getipnodebyname with AI_ADDRCONFIG set was broken on HPUX 11.11. Detect IPv6 interfaces under linux. 1519. [port] decunix: conflicting setnetgrent() and innetgr() prototypes. 1518. [cleanup] silence "No root nameservers for class XX" when "forward only;" is set in options. 1517. [cleanup] stop using putshort/putlong internally. 1513. [bug] use ipnodes.{byname,byaddr} for IPv6 NIS lookups. Add support for "YP_MULTI_". 1511. [cleanup] don't use argument names in function prototypes. 1510. [port] openbsd uses /bsd not /kernel. 1506. [bug] named could sometimes set tc incorrectly. 1505. [bug] potential overflow if pointer arithmetic wrapped. 1503. [bug] named could make unnecessary queries for glue if the additional section was full. 1501. [port] decunix: OSF 3.2 does not have native 64 bit support. 1500. [port] linux: namespace collision. 1499. [port] linux: #include <time.h> bin/dig/dig.c 1498. [bug] ns_makecanon() could under read its destination buffer by one character and fail to properly canonicalise. 1497. [bug] res_mkupdate() used compression pointers when it shouldn't. 1496. [bug] res_mkupdate() didn't support NAPTR. 1494. [bug] memory leak on thread destruction if gethostbyname() / getnetbyname() have been called by the thread. 1493. [bug] check scope for link local servers. 1492. [placeholder] 1491. [cleanup] indentation problems. 1490. [bug] the seek offset was miscalculated when truncating the ixfr log. 1489. [func] named no longer queries for missing additional A6 records. 1488. [port] decunix: TruCluster support. See port/decunix/TruCluster. 1487. [bug] getnetgroup() takes (char ) not (const char ). 1486. [func] res_query() now generates more/better debug on failure 1485. [func] res_send() records the nameserver the response came from. Dig retrieves this rather than reporting the first address. 1484. [bug] dig use sin.sin_port for IPv4. 1483. [bug] nslookup could dereference a NULL pointer under certain circumstances. 1482. [bug] provide local storage for localtime_r result. 1481. [bug] tv.tv_sec and time_t are not always the same type. 1480. [bug] gethostbyname(), getaddrinfo() could drop address if the previous call contained one of the new addresses. 1479. [func] try known lame servers if all other servers have failed. 1478. [cleanup] libbind: don't look for A6 records, don't follow DNAME record (use the CNAMES), remove some bitstring related functions. 1477. [cleanup] libbind: namespace cleanup (irs_* to __irs, dst_ to __dst_* and tree_* to __tree) 1476. [bug] dig wasn't using a random query id. 1475. [bug] "query-source address <listening interface> port " failed to use a system assigned port as documented. 1474. [bug] named wasn't seeing cached NODATA CNAME records. 1473. [bug] nslookup: buffer overrun when looking up reverse IPv6 addresses under IP6.INT when not found under IP6.ARPA. 1472. [port] freebsd; current has pselect(). 1471. [port] 'dig -P' failed on some platforms. 1470. [bug] J.ROOT-SERVERS.NET is now 192.58.128.30. 1467. [deleted] 1461. [func] return referrals for glue (NS/A/AAAA) if recursion is disabled (recursion no;). 1460. [bug] NS_MD5RSA_MAX_BITS was not correct. 1459. [bug] ns_sign2() could fail to compute a correct signature if the TSIG ownername was compressed. 1458. [bug] host: spurious "Unknown algorithm" message with default zone listing. missing white space before '(' in SOA format. 1457. [bug] bison didn't like ns_parser.y. 1456. [doc] document auth-nxdomain default is "no" (see # 524). 1455. [bug] named failed to allow a cached NODATA response for a ANY query to be retrieved. 1454. [contrib] nsverifier from Bob.Whelton@qwest.com. 1453. [bug] SOA answers should only be cached for the current tick. 1452. [bug] don't cache -ve response SOA record. 1451. [port] bsdos: maybe_fix_includes is not required. 1450. [bug] hint zones don't need to be reloaded when a "child" zone is removed. 1449. [bug] it was possible to orphan glue records. this could lead to panics in stale(). 1438. [bug] glue from a parent zone beneath a child zone could be deleted by loading a child zone. 1437. [bug] linux: probe_ipv6 was broken. 1436. [port] decunix: update sys/bitypes.h 1435. [func] named-xfer: log the zone name when reporting query sent. 1434. [doc] the man page for dn_expand failed to document eomorig. 1433. [lint] remove unused variable. 1432. [func] log TSIG key name if used with zone transfer. 1431. [func] new category "update-security". 1430. [func] libbind: the default nameservers now include ::1/:: as well as 127.0.0.1/0.0.0.0 if none are specified in resolv.conf. 1429. [port] libbind: use strlcat/strlcpy if available. 1428. [port] eventlib.c: cast tv_sec to long when calling printf(). 1427. [func] define INT8SZ 1426. [port] res_dprintf() now supports format checking w/ gcc. 1425. [bug] 'aa' was not being set appropriately with cross zone CNAMES. 1424. [cleanup] ip6_str2scopeid() now returns u_int32_t. 1423. [bug] 'ndc restart' could fail to restart named if there were no arguments to named. 1422. [cleanup] optarg() etc. are declared in unistd.h. 1421. [bug] clear and check errno when calling strtoul(). 1420. [cleanup] use %p instead of %#x for printing pointers. 1419. [cleanup] getinfo(): kill buflen manipulation. 1418. [port] cast pointers to (size_t) when aligning. 1417. [cleanup] make1101inaddr(): kill size manipulation. 1416. [port] log_vwrite() now supports format checking w/ gcc. 1415. [port] irix: probe for in6addr_any. 1414. [bug] strtoul() cast (char) to (unsigned char*). 1413. [bug] host: soa values are not signed. 1412. [bug] fix numeric port range check in getaddrinfo(). 1411. [port] freebsd/netbsd/openbsd: #define USE_IFNAMELINKID. 1410. [port] probe for sin6_scope_id when probing for IPv6 structs. 1409. [bug] dig: reverse6 computed a incorrect nibble string. 1408. [cleanup] res_mkquery.c: kill buflen manipulation. 1407. [port] namespace clash EV_ERR -> EV_SETERR		2003-06-03 07:04:45 +00:00
..
bin	unknown, not unkown. Noted by mjl.	2003-01-28 22:19:22 +00:00
doc/bog	"than" instead of "then".	2001-11-21 19:14:19 +00:00
include	ISC BIND 8.3.5	2003-06-03 07:04:45 +00:00
lib	ISC BIND 8.3.5	2003-06-03 07:04:45 +00:00
man	Fix some broken mdoc. Closes PR 21124 from Igor Sobrado.	2003-04-13 16:35:02 +00:00
bind2netbsd	no need to care about crypto portion on import - license is	2002-07-04 22:46:04 +00:00
LICENSE
LICENSE_RSA
README	sync with bind 8.3.4.	2002-11-17 14:09:52 +00:00
Version	sync with bind 8.3.4.	2002-11-17 14:09:52 +00:00

README

This is the source portion of BIND version 8.  Its companions are "doc" and
"contrib" so you are probably not missing anything.

See the CHANGES file for a detailed listing of all changes.  See the INSTALL
file for information on building and installing BIND.

See the SUPPORT file for information on obtaining commercial support for ISC
artifacts including BIND, INN, and DHCP.

Note that BIND 8 is in "end-of-life", having been replaced by BIND 9.  See
http://www.isc.org/ for more details.

BIND 8.3.4 Highlights
	Security Fix DoS and buffer overrun.

BIND 8.3.3 Highlights
	Security Fix libbind. All applications linked against libbind
	need to relinked.
	'rndc restart' now preserves named's arguements

BIND 8.3.2 Highlights
	dig, nslookup, host and nsupdate have improved IPv6 support.

BIND 8.3.1 Highlights
	Critical bug fix to prevent DNS storms. If you have BIND 8.3.0 you
	need to upgrade.

BIND 8.3.0 Highlights
	IPv6 transport support in resolver (from KAME).
	Opaque rdata support.
	EDNS0 support.
	Glue ordering to help non-ENDS0 aware clients (servers) cope with
	larger responses as a result of IPv6 by allowing A records to be added
	first to the additional section.  IPv6 capable clients are expected to
	use EDNS0 to allow larger responses to be sent.
	Bug Fixes, includes BIND 8.2.5 changes.

BIND 8.2.4 Highlights
	NSAP processing was not RFC 1706 compliant. NOTE: OLD MASTER FILES
	NEED TO BE CORRECTED AND CACHE FILES REMOVED.
	Fixes long-standing protocol incompatibility in DNSSEC support.
	Avoids fwd'ing to root name servers if response will be rejected.
	new port/cygwin contributed by s_c_biggs@bigfoot.com.
	new contrib/mdnkit (V1.3) from author.
	new contrib/adm from official ftp site.
	new contrib/host from author.
	new contrib/dnsp from author.
	fixed file descriptor leak in resolver.
	fixed a major memory leak in the processing of dynamic updates.
	numerous portability improvements.
	numerous bug fixes.

BIND 8.2.3 Highlights

	Improved support for Windows NT and Windows 2000.
	Host stats are no longer required to track the source of a record.
	IXFR improvements.
	Forwarders track and use RTT to select fastest.
	Unix domain sockets implementions that require the directory
	to be secure, are now secured.
	Many minor problems fixed.
	Linux DoS removed.

BIND 8.2.2 patchlevel 5 Highlights

	Bug in named-xfer (from patchlevel 4).
	Portability to IPv6 versions of FreeBSD, OpenBSD, NetBSD.
	Portability improvements (A/UX, AIX, IRIX, NetBSD, SCO, MPE/IX, NT).
	"also-notify" option could cause memory allocation errors.
	IXFR improvements (though client-side is still disabled).
	Contributed software upgraded (including TIS's "dns_signer").
	Several latent denial-of-service bugs fixed (from audits, not abuse).
	New "make noesw" top-level target for removing encumbered components.

BIND 8.2.2 Highlights

	Interoperability with MS-Win2K has been improved.                     
	Server-side IXFR is now known to work even under high load.                 
	Support for Windows/NT (thanks to BayNetworks).
	More fixes, especially to DNSSEC, TSIG, IXFR, and selective forwarding.
	More portability improvements and lint removal (A/UX 3.1.1, SCO 5.0).
	Better NOTIFY behaviour, especially with large update volume.
	Better UPDATE handling, including SRV RR support and RFC compliance.
	Fix for "ndc reload ZONENAME" (specific zone reload) problems.
	Fix for round robin when multiple CNAMEs are in use.
	New "min-roots" (MINROOTS) and "serial-queries" (MAXQSERIAL) options.
	Log files are no longer auto-rotated every time the server starts up.
	New "ndc reconfig" command only finds new/deleted zones, no stat()ing.
	New global options for "transfer-source" and "also-notify".
	$GENERATE now supports more record types, and options.

BIND 8.2.1 Highlights

	Bug fixes, especially to DNSSEC, TSIG, IXFR, and selective forwarding.
	Portability improvements and lint removal.
	Use best SOA rather than first-better when selecting an AXFR master.
	$TTL now accepts symbolic time values (such as "$TTL 1h30m").
	"ndc reload" now accepts a zone argument, for single-zone reloads.
	ndc is better behaved; is verbose or quiet when appropriate.
	event and error reporting improvements.

BIND 8.2 Highlights

	RFC 2308 (Negative Caching)
	RFC 2181 (DNS Clarifications)
	RFC 2065 (DNS Security)
	TSIG (Transaction SIGnatures)
	support for multiple virtual name servers
	NDC uses a "control channel" now (no more signals)
	"Split DNS" via zone type "forward".

	Many bug fixes
	Documentation improvements
	Performance enhancements

BIND 8.1.2 Highlights

	Security fixes for a number of problems including:

		An attacker could overwrite the stack if inverse query support
		was enabled.

		A number of denial of service attacks where malformed packets
		could cause the server to crash.

		The server was willing to answer queries on its forwarding
		sockets.

	Several memory leaks have been plugged.

	The server no longer panics if a periodic interface scan fails due
	to no file descriptors being available.

	Updates to a number of ports.  New ports for QNX, LynxOS, HP-UX 9.x,
	and HP MPE.

	"files unlimited" now works as expected on systems where setting
	an infinite rlim_max for RLIMIT_NOFILE works.

	Adding and deleting the same record in the same dynamic update no
	longer crashes the server.

	If a dynamic update fails, rollback is now done in LIFO order instead
	of FIFO order.

	Better behavior when priming of the root servers fails.

	purge_zone() didn't work correctly for the root zone, allowing
	old data to persist after loading the zone.

	Improved handling of oversized UDP packets.

	All hosts on the also-notify list are now notified.

	The meaning of the count returned by select() varies somewhat by
	operating system, and this could cause previous releases of the
	server to spin.

	Per-host statistics may be disabled by specifying 'host-statistics no'
	in named.conf.

	The maximum number of zones has been increased from 32768 to 65536.

	query-source may specify an address and port that the server is
	already listening on.  BIND 8.1.1 required that either the address
	or port be wild.  E.g., you can now say:

		listen-on port 53 { 10.0.0.1; };
		query-source address 10.0.0.1 port 53;

	The value of FD_SETSIZE to use may be specified.

	Experimental -u (set user id), -g (set group id), and -t (chroot)
	command line options.  See the INSTALL file for details.

BIND 8 Features

	-> DNS Dynamic Updates (RFC 2136)

	-> DNS Change Notification (RFC 1996)

	-> Completely new configuration syntax

	-> Flexible, categorized logging system

	-> IP-address-based access control for queries, zone transfers, and
	   updates that may be specified on a zone-by-zone basis

	-> More efficient zone transfers

	-> Improved performance for servers with thousands of zones

	-> The server no longer forks for outbound zone transfers

	-> Many bug fixes

File and Directory Overview

	CHANGES				history of added features and
					fixed bugs

	INSTALL				how to build and install

	README				this file
						
	TODO				features planned but not yet written

	Version				the version number of this release

	bin/*				source for executables, including
					the nameserver

	include/*			public .h files

	lib/*				the resolver and various BIND
					support libraries

	port/*				ports to various operating systems
	

Kits, Questions, Comments, and Bug Reports

    <URL:ftp://ftp.isc.org/isc/bind/src/cur>        current non-test release
    <URL:ftp://ftp.isc.org/isc/bind/src/testing>    latest public test kit

    <URL:usenet:comp.protocols.dns.bind>            using BIND
    <URL:usenet:comp.protocols.dns.ops>             DNS operations in general
    <URL:usenet:comp.protocols.dns.std>             DNS standards in general

    <URL:mailto:bind-users-request@vix.com>         gw'd to u:c.p.d.bind
    <URL:mailto:namedroppers-request@internic.net>  gw'd to u:c.p.d.std
    <URL:mailto:bind-workers-request@vix.com>       code warriors only please

    <URL:http://www.isc.org/bind.html>		    the BIND home page
    <URL:mailto:bind-bugs@isc.org>		    bug reports

To Support the Effort

	Note that BIND is supported by the Internet Software Consortium, and
	although it is free for use and redistribution and incorporation into
	vendor products and export and anything else you can think of, it
	costs money to produce.  That money comes from ISPs, hardware and
	software vendors, companies who make extensive use of the software,
	and generally kind hearted folk such as yourself.

	The Internet Software Consortium has also commissioned a DHCP server
	implementation, has taken over official support/release of the INN
	system, and has supported the Kerberos Version 5 effort at MIT.  You
	can learn more about the ISC's goals and accomplishments from the web
	page at <URL:http://www.isc.org/>.