NetBSD/usr.sbin/named/host/RELEASE_NOTES

953 lines
40 KiB
Plaintext

@(#)RELEASE_NOTES e07@nikhef.nl (Eric Wassenaar) 961113
yymmdd Description of changes per release
TODO Things that still need to be done
WISHLIST Wishes expressed by various people
NOTES Important issues to keep in mind
MISC Miscellaneous reminders
# ----------------------------------------------------------------------
# Description of changes per release
# ----------------------------------------------------------------------
961113
Portability fix.
Trying to include <strings.h> was a bit over-ambitious
and caused confusion on some platforms.
On certain platforms PAGESIZE is not a constant, but
hides a sysconf() call. This precludes initialization
of static variables in malloc.c
There are no functional changes in this release.
961013
Configurable defaults.
Make the compiled-in read timeout during stream I/O
configurable in conf.h. The default value is 60 seconds.
Make the new default _res.retry and _res.retrans values
configurable in conf.h. Note that the _res.retrans value
can be overridden with the -s command line option.
Minor fixes.
Guard against possible interrupts during I/O handling.
961012
Multiple answers during zone listing.
Allow multiple resource records per reply buffer packet
during zone transfers. Currently BIND puts each resource
record in a seperate reply buffer, but there are other
implementations which behave differently. Important fix.
961010
New resource records and query types.
Add support for T_NAPTR resource records.
Define T_EID/T_NIMLOC/T_ATMA resource record types, but
they have no support yet.
Minor fixes.
When comparing domain names in routines indomain() or
samedomain(), properly handle embedded quoted dots.
This is just a generalization. Currently these modules
are used only in those cases where embedded quoted dots
are not valid.
Miscellaneous changes.
Attempt to further reduce lint clutter. It is difficult
to eliminate this altogether. There are too many subtle
differences between various platforms.
960929
New resource records and query types.
Define the new IXFR type as per RFC 1995. No support
for this yet, however.
Add support for T_KEY and T_SIG resource records.
These require some new utility functions.
Recognize T_NXT and T_SRV which still have draft status.
Extra safety checks.
After a positive return from an ordinary gethostbyname
or gethostbyaddr we cannot be absolutely sure that the
size of the canonical h_name is within bounds.
Note that this is guaranteed by host's internal modules.
Minor fixes.
Be more restrictive with respect to wildcard checking.
Make sure it is really specified as the first label.
Construct reverse in-addr.arpa name without trailing dot
if we know that this is already an absolute name.
Miscellaneous changes.
Print also the input name we are going to hostalias().
Rename a few variables for better readability.
Add various definitions that might be missing in the
default include files on some weird platforms.
Use a configurable limit for the number of recursive
chain lookups.
Some cleanup to avoid lint warnings on some platforms.
Revised manual page.
Some items needed an update.
Extend the list of related RFCs.
Several layout changes, suggested by Greg Woods.
960921
Extend functionality of -A option.
If the -A flag is specified along with any explicit
list mode option, it not only enables reversed address
checking, it also enables those special checks that are
normally suppressed during recursive listings, such as
checks for canonical host names and invalid underscores.
Revise -p option plus explicit server.
Consider the set of NS servers gotten from an explicit
server as authoritative if the -p option is also given.
This affects whether or not to print lame delegation
warnings in case the SOA record could not be retrieved.
Suppress lame delegation warnings in case the A records
for NS servers could not be retrieved and an explicit
server is specified. The latter was an oversight.
Indicated by Peter Koch <pk@TechFak.Uni-Bielefeld.DE>
Improve error reporting.
After a negative return from an ordinary gethostbyname
or gethostbyaddr we don't know whether or not the answer
was authoritative. Perform an extra lookup in some few
cases where we really want to distinguish between them.
This is kludgy, and needs improvement.
Revise additional checking during RR printout.
This prevents possible recursive loops in some cases.
Requires adapting the way state information is passed
via print_info() and print_rrec().
Make query section consistency checks.
When retrieving certain crucial information, such as
SOA or NS records, make sure the qdcount is exactly one
as it should be.
The values in the query section in a reply should match
those in the original query. This is already enforced
by the BIND 4.9 res_send(). An error is reported when a
mismatch is detected, but results are processed anyway.
Make sure response comes from a known server.
When using datagrams, compare the source address of the
response to the list of known servers. Ignore the answer
if there is a mismatch. Was missing for HOST_RES_SEND.
Minor bug fixes.
When retrieving SOA records, make sure they belong to
the requested domain.
Must properly set h_errno in some obscure circumstances.
Miscellaneous changes.
Clear the entire sockaddr_in before filling in the
relevant entries. Some platforms seem to rely on
sin_zero being actually zero.
960808
Conform to BIND 4.9.5 interpretation of TXT strings.
When multiple strings are encoded, they are now treated
and printed as individual quoted strings, separated by
whitespace. Formerly, they were concatenated and printed
as one single quoted string.
Note that this interpretation makes the TXT data field
multi-valued, and precludes the use of strings that are
longer than 255 characters.
960512
Allocate list of host data dynamically.
This avoids the MAXHOSTS static limit, and keeps the
initial BSS of the executable to a reasonable size.
Mentioned by Greg Woods <woods@most.weird.com>
The list will be expanded in chunks as needed during
zone transfers, but will not shrink again.
Escape special characters within quoted strings.
Data fields of TXT/HINFO/UINFO records are printed as
quoted strings. Some special embedded characters should
be backslash-escaped in the output format.
Properly handle tcp packet overflow.
If the supplied answer buffer space is insufficient to
store the entire answer, res_send() is supposed to
return the length of the entire untruncated answer, not
the number of bytes that are actually available.
Increase MAXPACKET packet buffer size.
This is now set to the maximum value used internally
by the BIND named. The same value is used by dig.
Although still static, it should be sufficient.
Miscellaneous changes.
Show the length of the received answer in various debug
messages. This gives some insight in case of truncation.
960417
Rudimentary support for AAAA RR.
Just decode and print the ip v6 address during regular
RR type processing, in the most straightforward way.
No provisions for reverse lookups yet.
Increase MAXPACKET packet buffer size.
The traditional value 1024 for the (tcp) packet size is
no longer sufficient (see moderators.uu.net MX records).
Miscellaneous changes.
In verbose mode, show the number of bytes in the answer
if it exceeds the (udp) packet size PACKETSZ (512), or
in case the answer is truncated. Print the truncation
indication at a more appropriate position.
951231
Cosmetic changes.
Print all relevant messages in debug mode to stdout,
and appropriately prefix them with ";; " to conform
with the BIND 4.9.3 conventions.
Miscellaneous changes.
Consider the all-ones broadcast address a fake address.
951024
Avoid potential alignment conflicts.
Allocate socket addresses of type struct sockaddr_in
instead of type struct sockaddr. The first one has
stricter alignment restrictions, although they have
the same size.
Correct various misspellings.
Noted by Keith Bostic <bostic@bsdi.com>
950925
Portability fix.
Refine type definitions for the arguments to various
resolver routines to be even more backward compatible,
and to avoid compilation or lint warning messages on
new platforms. It should run clean on BSD44 systems.
There are no functional changes in this release.
950923
Add new -z option to list delegated zones in a zone.
This is a new variant of the zone listing specials.
A zone transfer is done, and only the names of the
encountered delegated zones are printed.
This option is undocumented, and subject to change.
Sort list of delegated zones alphabetically.
Before acting on delegated zones during zone listings,
sort them in alphabetical order for prettier output.
Portability fix.
The BIND 4.9.3 resolver routines require the passed
buffer arguments to be of type u_char instead of char.
This causes a prototype mismatch for HOST_RES_SEND.
Mentioned by Geert Jan de Groot <geertj@ripe.net>
Minor command option functionality change.
The -L flag, when given without any other list mode
option, now implies the -l option.
Miscellaneous code cleanup.
Pass the name of the actually contacted server during
zone listings in more elegant way.
Avoid (harmless) lint warnings on picky platforms.
950822
Fix bug in recursive lookup handling.
During recursive lookups, e.g. when following CNAME
chains, querynames are always assumed to be already
fully qualified, and must be tried ``as is''.
The classical example of a CNAME that points to the
pseudo "localhost.", or an erroneously dot-terminated
single name, should not be subject to local aliasing
or search list processing. They were.
Reported by Alexander Dupuy <dupuy@smarts.com>
950809
Portability fix.
Check for SVR4 as well as for SYSV in port.h, which is
necessary for compilation via the master BIND Makefile.
Suggested by <Piete.Brooks@cl.cam.ac.uk>
There are no functional changes in this release.
950502
Maintain hash list for zone name lookups.
This should not be really necessary for most practical
purposes, but it makes processing of the .in-addr.arpa
zone and even the .COM zone at least feasible.
The latter still requires quite a lot of memory, and
some cpu time to filter out the glue records from its
50000 A records and 110000 NS records.
The toplevel zone count as of today is:
COM 50000 delegated zones
IN-ADDR.ARPA 30000 delegated zones
ORG 5000 delegated zones
NET 3000 delegated zones
EDU 2000 delegated zones
Suppress various checks in quiet mode.
This avoids costly checks and achieves some speedup
in cases that nothing would have been printed anyway.
Supply alternative recv_sock() module.
The select() system call may fail on the solaris 2.4
platform without appropriate patches. An alarm can be
used instead, at the cost of extra system call overhead.
950429
Fix bug in error reporting.
The name and address of the contacted server during
zone listings could be clobbered by intermediate
calls to res_send().
950427
Fix glitch in host name lookup.
New entry would be inadvertently added to the hash
list in case the MAXHOSTS limit was reached.
Miscellaneous changes.
Speedup comparison of zone names and host names by
looking up zone names in the host name hash list.
950407
Maintain hash list for host name lookups.
A linear search through the per-zone host name table
becomes very costly for zones with several thousands
of hosts. Significant speedup is achieved.
Even for recursive listings of many small zones the
reduction of total processing time is noticeable.
950318
Increase (static) maximum number of hosts.
This avoids imposing arbitrary limits in most cases.
950302
Prevent zone transfer for certain zones.
Some zones are known to contain bogus information.
E.g. definition of A records for all possible addresses
in a class-B network will bias the hostcount.
Add new -N option to define an explicit list of zones
for which a zone transfer is deliberately skipped.
Requested by Peter Koch <pk@TechFak.Uni-Bielefeld.DE>
Miscellaneous code cleanup.
Split off various tasks from monolithic list_zone().
Invert the double matching loop in sort_servers().
Fix glitch when comparing matching domain labels.
950115
Sort list of nameservers for a zone.
When the NS records for a zone are issued in BIND 4.9
round-robin fashion, this may yield an unfavorable
order for doing zone transfers. Apply some heuristic
to sort them according to preference, giving priority
to servers within your own domain or parent domains.
Add new option -P to define an explicit list of domains
of preferred servers, giving priority to matching ones.
Suggested by Marten Terpstra <marten@ripe.net>
Don't suppress certain rr data any more.
The preference value in the MX/RT/PX records and the
version number in the AFSDB record was suppressed in
non-verbose mode, unless the -T option was specified.
These values are now printed by default.
Requested by Geert Jan de Groot <geertj@ripe.net>
941210
Adapt implementation of LOC RR.
The binary data format has already changed twice:
the four 4-bit fields are now four 8-bit fields,
and log2 encoding has changed to power-of-10 encoding.
Support for this will be incorporated in BIND 4.9.3.
Still undocumented in the host manual page.
941206
Compatibility with BIND 4.9.3.
The NOCHANGE query response has now been conditionally
defined via #ifdef ALLOW_UPDATES. Older versions of
BIND may still return this (should have been FORMERR).
Improve error reporting.
Define a special h_errno status SERVER_FAILURE for the
case a SERVFAIL query response is returned. This is
used to report lame delegations during SOA checking
or zone transfers. Servers may return this code when
the zone data has expired altogether. This is not a
TRY_AGAIN situation if such server is authoritative.
Suggested by Peter Koch <pk@TechFak.Uni-Bielefeld.DE>
Rename special status NOT_AVAILABLE to QUERY_REFUSED.
Various minor changes.
Check for invalid characters in T_AAAA record names.
Print optional protocol and port from T_A record
after a comment sign. Not sure whether this has ever
been used.
941129
Implement LOC RR as defined by preliminary draft-RFC.
Requires conversion routines for spherical position,
vertical position, and precision.
Tested on big-endian, little-endian, Alpha, Cray.
This is only a pre-release.
Undocumented until RFC gets public.
941125
Recognize new RR types as reserved by RFC 1700.
Implement PX RR type as defined per RFC 1664.
Implement GPOS RR type as defined per RFC 1712.
Include few simple utility scripts.
These are just examples of wrappers to host.
nslookup -- emulate most functions of the real one.
mxlookup -- lookup records at each of its servers.
941006
Lessen restrictions for certain tests.
The checks for invalid underscores and canonical host
names were suppressed during recursive zone listings
on all levels. They are now suppressed only when not
operating on the base level. This enables the checks
during the ``host -C -L 1'' command.
Extend functionality of -A option.
If the -A flag is specified along with any explicit
list mode option, it enables reversed address checking.
The address of each encountered A record is reverse
mapped, and it is checked whether it is registered and
maps back to the A record name. This flag can safely
be specified in the ``host -CA -L 1'' command.
Add new -W option to list wildcard records in a zone.
This is a new variant of the zone listing specials.
A zone transfer is done, and only wildcard records
are printed. The default resource record type is MX.
This option is undocumented, and subject to change.
941004
Improve printout.
Include conversion of the various time values from the
SOA record in the comment part during ordinary printout.
941002
Call alternative res_debug print routine if available.
In BIND 4.9.* an alternative module is present which
accepts (as it should) the size of the query buffer.
Rearrange include files.
Move configuration definitions to new conf.h.
940917
Improve support for NSAP records, as per RFC 1637.
Print ordinary NSAP addresses with separating dots,
after the 1-byte AFI, then after every 2 bytes.
Add new option -n to generate reverse NSAP within the
nsap.int domain, similar to the -i option.
Print reverse NSAP in forward notation, unless forced
to print full zone file format.
940911
Verify that some host names are canonical.
This is formally required, but also in practice highly
desirable. The target hosts in NS and MX records only
are verified, being the most crucial.
Currently the test is skipped during recursive zone
processing, to avoid excessive output of non-canonical
MX targets.
When figuring out the nameservers for a zone before
doing a zone transfer, a non-canonical nameserver name
is always reported.
Report illegal domain names.
This is now done by default for 'host' related domain
names. The A and MX record names and NS and MX target
names are checked only.
Only alphanumeric characters and hyphen '-' are valid.
Currently the reporting of names containing underscores
is suppressed during recursive zone listings, to avoid
excessive output of such illegal host names.
During SOA checking, an illegal primary or hostmaster
is always reported.
Document the -I option.
This option does no longer trigger the checking of
invalid characters in names.
To suppress illegal underscore messages, use "-I _".
To show them during recursive listings, use "-I ''".
Modify various messages.
Make some warning messages slightly shorter, and start
the message with the resource record or zone name.
Most of the SOA check messages have been affected.
Remove the answer buf offset in the incomplete HINFO
warning messages.
Improve error reporting.
Include the name of an explicit server in ns_error()
messages describing h_errno. This was already done
for the errno messages.
Include the server name also in ns_error() messages
after a failing zone transfer from that server.
Define a special h_errno status NOT_AVAILABLE for the
case a query was explicitly refused. Some servers are
configured to refuse zone transfers.
Major update of manual page.
Explain some more failure messages.
Explain most of the common warning and error messages.
940819
Modify various messages.
Include the server name in messages reporting failures
and problems during zone transfers.
Implement ttl consistency checks.
Multiple records of same name/type/class should have the
same ttl value in zone listings. This is now checked.
A suitable hash function is needed to minimize overhead.
The approach is similar to the function used in sendmail.
This has been a long standing wish from
Peter Koch <pk@TechFak.Uni-Bielefeld.DE>
Various speedup fixes.
Avoid unnecessary indomain() calls during zone listings.
940713
Modify various messages.
Replace some of the ``extraneous'' messages with a more
descriptive text. Include name and type of the query in
messages reporting format errors in the response.
Include zone name in error messages during SOA check.
Revise check for valid names.
If a domain name refers to a ``mailbox'', the part up to
the first unquoted dot is the ``local part'' to which
the RFC 822 syntax rules apply.
940623
Revise res_send() strategy.
Mark bad server status for certain conditions which make
it unlikely that we will succeed during the next try.
Operating system failures are not in this category.
Nameserver unreachable status is now reported in a more
reliable fashion. A second try would sometimes timeout.
(May be useful for monitoring the upcoming summer 1994
reshuffling of EBONE/EuropaNET/NSFnet interconnections).
Facelift for socket I/O routines.
Systematically use _res_close() to close a connection.
Include the answer packet length in debug printout.
Extend resolver initialization.
Set initial query ID to some arbitrary number.
Various speedup fixes.
Avoid unnecessary strlen() calls during zone listings.
Check whether the resource record data must be printed
outside the print routine to avoid unnecessary overhead.
Use bcopy() instead of sprintf() in obvious cases.
Better output format control.
In non-verbose and non-debug mode, only pure resource
record output is written to stdout.
Add new -Z option to force resource record output to be
in full zone listing format, including trailing dot in
domain names, plus ttl value and class indicator.
Rearrange include files.
Define resource record structures in rrec.h.
Function declarations moved to defs.h.
940615
Various portability changes.
Avoid use of sizeof() for all entities that have a fixed
field width, and use predefined constants instead. This
is necessary for systems without 16 or 32 bit integers.
Fix use of ipaddr_t and struct in_addr appropriately.
All this makes the utility portable to e.g. Cray.
Save and restore state during recursive lookup.
Error codes could be clobbered during MAILB tracing.
Miscellaneous minor code cleanup.
940603
Fix implementation for -F option properly.
Exchanging the role of stdout and the logfile now works
on all platforms. Asked by Artur Romao <artur@dns.pt>
940526
Combine explicit server and -p option.
If both are specified, the explicit server is contacted
to retrieve the desired servers for the given zone
during zone listing/checking modes. This is useful for
checking zones that have not been registered yet.
Requested by Geert Jan de Groot <geertj@ripe.net>
Rudimentary support for NSAP records.
This is still very experimental. It is unclear how an
NSAP address should be encoded in the resource record,
and how its hierarchical structure is decided.
Inspired by the 4.9 diffs from cisco.com.
940317
Print SOA serial always as an unsigned value.
Warn about ``extraordinary'' serial if high bit is set.
Reset errno to avoid stale values.
Could happen when doing multiple gethostbyaddr() calls
in extended mode when the BIND res_send() is linked in.
Problem noted by <Piete.Brooks@cl.cam.ac.uk>
Solaris portability fix.
For solaris 2.x use res_gethostby{addr,name} modules
to force dns lookups. The __switch_gethostby{addr,name}
modules have disappeared in solaris 2.3.
930926
Extend -I option with argument containing allowed chars.
This string specifies formally illegal, but silently
allowed characters when checking illegal domain names.
The -I option is still necessary to enable checking.
Still done only for resource record names in listings.
Note that some hesiod names contain the '/' character.
Indicated by Peter Koch <pk@TechFak.Uni-Bielefeld.DE>.
Additional SOA record checks.
Check hostmaster field for illegal chars, such as '@'
(needed as long as data field names are not checked).
Revised SOA record checks.
Check primary field against list of known nameservers.
Issue warning if not among the authoritative servers.
This may be intentional in special cases, however.
Required some code reshuffling.
Add new -M option to list mailable subdomains in a zone.
This is a new variant of the zone listing specials.
A zone transfer is done (without listing anything by
default) to determine the available delegated zones.
For each of these zones, the MX records are printed.
Experimental, undocumented. Insufficient too: you
really want to see also the domains for which only
an MX record exist.
Cleanup terminology in the code documentation.
Remove the word 'subdomain' and cleanup the confusion
between 'domain' versus 'zone'.
Update manual page.
Use terminology that is technically more correct.
Explain various things that were still missing.
930919
Print actual name that was queried in error messages.
Formerly, only the (possibly abbreviated) queryname
as specified on the command line was printed.
Special care must be given if domain search is enabled,
especially in the enforced BIND compatibility mode.
Looks much better. Asked by <Piete.Brooks@cl.cam.ac.uk>
Some more SOA record tests.
Some records have the name of the zone specified in the
field that should contain the name of the primary server.
Miscellaneous minor changes.
Slightly modify the nameserver name printout during -C.
Set proper h_errno when answer buffer counts are corrupt.
Add new -V option to print version number.
Define version in separate vers.c
Use class mnemonics as defined in RFC 1035.
Print 'CH' instead of 'CHAOS'. Anyone using this ?
Recognize obsolete 'CS' or 'CSNET'. Pretty useless.
Just for ultimate completeness.
Check for invalid characters in domain names.
Only alphanumeric characters and hyphen '-' are valid.
Unfortunately, the use of underscore '_' is widespread,
so issuing a warning by default is unrealistic. Therefore:
Add new -I option to warn about illegal domain names.
Currently done only for resource record names during zone
listing. Could be extended to domain names in data fields.
Perhaps a warning by default in case illegal other than
underscore. Option is still undocumented as the semantics
are subject to change.
930915
Add -R option to always first try search domains.
Normally querynames are assumed to be fully qualified
and are tried as such, unless it is a single name which
is always tried, and only once, in the default domain.
This option sets RES_DNSRCH and simulates the default
BIND behavior, with the exception that NO_DATA status
terminates the search immediately.
With the additional otherwise undocumented -B option the
BIND behavior is fully enforced and the search continues.
Added only for testing purposes, not for general use.
Few more BIND 4.9 compatibility changes.
Some resolver routines have gotten new argument types.
Adapt Makefile to BIND conventions.
The Makefile can be used completely stand-alone,
or can be invoked from the master BIND Makefile.
Affects names of various (inherited) make variables.
Change BIND_RES_SEND to HOST_RES_SEND with opposite
meaning. Default is HOST_RES_SEND in case stand-alone.
930911
Extension of user interface.
Allow multiple arguments on command line or from stdin.
Requires new syntax for specifying explicit server.
New options -x and '-X server' indicate extended syntax.
Quite a lot reshuffling of code. Urgently requested by
<Piete.Brooks@cl.cam.ac.uk> and Paul Vixie <paul@vix.com>
Configurable default options.
Use an environment variable HOST_DEFAULTS to pre-define
default options and parameters. These are interpolated
in front of the command line arguments before scanning.
Syntax is the same as the command line syntax.
Fix bug when querying single name without dot.
Not only the default domain, but also the eventual other
search domains would be tried, although DNSRCH is off.
This is a long-standing bug. Very important fix.
930908
Various declaration changes for portability.
Print TXT/HINFO/UINFO strings within double quotes.
It is done both in regular and zone listing output.
This is conforming the syntax for zone input files.
Add trailing dot to domain names in zone listing.
This is conforming the syntax for zone input files.
The trailing dot is not added in regular output.
Define exit codes in new exit.h header file.
This avoids the need to include /usr/ucbinclude when
running in non-BSD mode on solaris 2.x platforms.
Attempt to diagnose lame delegations.
Error messages about lame delegations are given during
zone listings and when checking SOA records (but only when
the contacted servers are supposed to be authoritative).
Also in case servers from NS records turn out not to exist.
This may need some refinement for special cases.
Perform some extra checks during zone listings.
Check for unexpected error status in packets. Only the
very first packet in response to a transfer query can
have an error status.
Issue warning if only a single nameserver found.
Not an error per se, but not much redundancy then.
Suggested by Peter Koch <pk@TechFak.Uni-Bielefeld.DE>.
Check for anomalous empty zone transfers.
Transfers consisting of only SOA records could occur if
we queried the victim of a lame delegation which happened
to have the SOA record present. Fake an error that will
result in a lame delegation message.
Mentioned by Peter Koch <pk@TechFak.Uni-Bielefeld.DE>.
Indicate list/check failure/success via exit code.
Failure status is returned in case any error has been
reported via errmsg or pr_error (not pr_warning).
For Ruediger Volk <rv@deins.informatik.uni-dortmund.de>
Add -o option to suppress rr output to stdout.
Can be used in combination with -f to separate rr output
from verbose comments and error output.
Perform some SOA timer consistency checks.
Check timer values for anomalies, such as (retry > refresh)
or (refresh + retry > expire).
Suggested by Peter Koch <pk@TechFak.Uni-Bielefeld.DE>.
Also compare all values instead of just serial.
More accurate reporting of zones processed.
Print total number of successful zone transfers versus the
number of attempted transfers. Print count of zones which
were successfully processed (transferred or -C checked)
versus the number of zones requested to be processed.
From this we can deduce the number of transfers that failed
and the number of times we couldn't find any nameservers.
930901
Increase MAXNSNAME from 12 to 16.
This is conforming NSMAX in ns.h
Don't accumulate statistics if not necessary.
Skip the costly host count scan in case nothing would
be reported at all according to the command line options.
Add some extra checks during zone listings.
Check for invalid nonzero nscount and arcount.
Special handling for non-authoritative answers.
We had already NO_RREC for non-authoritative NO_DATA, but
non-authoritative HOST_NOT_FOUND would yield TRY_AGAIN.
Change this to NO_HOST to issue a separate error message.
This identifies some special cases, e.g. queries for a
non-existing name using class C_ANY when the nameserver
is authoritative only for one specific class.
Use TRY_AGAIN in both cases during zone listing errors.
Minor declaration changes for portability.
Add -F option to exchange role of stdout and logfile.
The '-F file' is the same as '-f file' but all stdout
output goes to the logfile, and stdout only gets the extra
resource record output (so that it can be used in pipes).
Implementation is inherently unportable. Supported only on
a few platforms where it happens to work.
Explain status messages in the manual page.
Include address and name of server in perror messages.
This gives a lot more information in case stderr and stdout
are differently redirected.
930830
Make error checking in some routines uniform.
Miscellaneous declaration changes.
Filter resource record class appropriately.
In zone listings records of different class can show up,
e.g. HS records are mixed with IN records. Only records
of the requested class should be processed. This fixes
problems with recursive zone traversals and inaccurate
statistics. Pointed out by <Yves.Devillers@inria.fr>
and <Piet.Beertema@EU.net>. Important fix.
Include record class, if special, in some output.
Show the class if it is not the default IN class.
Include address of duplicate hosts in message.
This may help to locate the problem.
Properly concatenate long TXT strings that are split.
Long TXT strings (>255) are split as of BIND 4.8.3.
They were displayed incorrectly with TAB separators.
Problem noted by Peter Koch <pk@TechFak.Uni-Bielefeld.DE>.
Cleanup some DNS terminology in output messages.
Fix some confusion between '(sub)domain' and 'zone'. Only
done in the output of host, not yet in the documentation.
Pointed out by Peter Koch <pk@TechFak.Uni-Bielefeld.DE>.
Implement host address list as hashed list.
The linear list is replaced with a hashed list, using the
low-order address bits as the key. This may dramatically
speed up recursive zone listings. Very important fix.
Suggested by Peter Koch <pk@TechFak.Uni-Bielefeld.DE>.
Miscellaneous portability hooks.
Add new port.h header file.
Change u_long to u_int for resource record fields.
These are fixed 32-bit quantities.
Note that BIND 4.9 uses u_int32_t for these, but still uses
(inconsistently) u_short instead of u_int16_t.
Necessary for port to alpha and BIND 4.9.
Change u_long to ipaddr_t for 32-bit address fields.
For the time being, make this identical to u_long for non-
alpha machines with pre-BIND 4.9 to avoid lint warnings.
Note that BIND 4.9 uses u_int32_t for these.
Necessary for port to alpha and BIND 4.9.
Introduce new typedef for 'struct state'.
Necessary for BIND 4.9.
Make all arguments to vararg routines same type.
No more mixing of arbitrary pointers and ints. Only number
of arguments is variable. Requires few silly interfaces.
Necessary for port to alpha.
Add the RELEASE_NOTES file to explain changes.
930209
Lookup server name with default resolver values.
Check SOA records without nameserver recursion.
Implement new RR types from RFC 1183 and 1348.
921005
Anticipate ultrix specific resolv.h
Miscellaneous declaration changes.
Some reshuffling of code.
920702
Recognize alternative program call names.
Distinguish between auth and non-auth NO_DATA.
920624
Lookup server name before changing nameserver address.
Handle possible truncation in zone transfers.
Provide private simplified version of res_send().
Add -u option to force virtual circuit connections.
Move all socket I/O routines to separate send.c.
920616
Allocate list of zonenames dynamically, not statically.
Move and slightly modify the test for fake hosts.
Suppress host count statistics during inverse listing.
Miscellaneous documentation updates.
920315
Improve counting of hosts within domain.
Discard glue records not directly within domain.
Keep track of hosts with duplicate address.
Add -D option to list duplicate hosts.
Add -E option to list extrazone hosts.
Miscellaneous casting and typing cleanup.
Increase (static) number of possible subdomains.
911201
Option -T also prints MX preference value.
Save name of longest hostname found (just for fun).
Undocumented option -g to select long names (fun).
911010
Don't recurse on cnames if querytype is cname.
910923
Count gateway hosts (with multiple addresses).
Add -G option to list gateway hosts.
910905
Improve counting of hosts within domain.
Allow hosts not directly within domain.
Increase (static) maximum number of hosts.
910415
Improve finding of subdomain names.
Allow subdomains not directly within domain.
Check for unauthoritative glue records.
Add -T option to print ttl when non-verbose.
Improve connect timeout handling.
Improve dotted quad parsing.
Minimum ttl is now called default ttl.
910129
Maintain count of hosts during domain listings.
Check for hosts with same name as subdomain.
Add -H option for special host count mode.
Recognize obsolete T_MAILA.
# ----------------------------------------------------------------------
# TODO
# ----------------------------------------------------------------------
Enhance reverse mapping.
The new BIND 4.9.* gethostbyaddr() can be configured
to return host aliases in case multiple PTR records
were encountered during the reverse lookup.
It is unclear what the official host name should be.
Should perhaps abandon the idea of official host name.
However, the PTR records are still exempt from the new
round-robin scheduling, and are returned in the order
in which they are defined in the zone file.
Enhance error reporting.
After a negative return from gethostbyname/gethostbyaddr
we want to know whether the answer was authoritative or
not. In a few places we are able to find out, but this
is a kludge and needs to be reimplemented.
# ----------------------------------------------------------------------
# WISHLIST
# ----------------------------------------------------------------------
Skip printing of second SOA in zone listing.
Asked by Peter Koch <pk@TechFak.Uni-Bielefeld.DE>.
# ----------------------------------------------------------------------
# NOTES
# ----------------------------------------------------------------------
Include files and resolver library.
If you are linking this utility with an explicit resolver
library, make sure you will be compiling with the same
include files that were used to build the resolver library.
The BIND 4.9 include file <resolv.h> is incompatible with
the BIND 4.8 version. This utility can handle both versions,
but you cannot link with an 4.9 library after compilation
with the 4.8 include files, and vice versa.
Old resolver libraries.
The res_mkquery() routine in the SUN-supplied resolver
library on SunOS <= 4.1.3 adds the default domain to given
single names if REF_DEFNAMES is set. This is not correct and
leads to undesired results if you query about toplevel domains.
It may be a pre-BIND 4.8.2 problem.
The same behavior is reported in the default ultrix resolver.
This will not be fixed in host. The documentation states that
you need BIND 4.8.2 or higher.
Problem noted by Peter Koch <pk@TechFak.Uni-Bielefeld.DE>.
Vendor-specific resolver libraries.
Some vendors supply resolver libraries with configurable
lookup strategies for gethostbyname/gethostbyaddr, e.g. to
consult DNS, NIS, /etc/hosts, or other databases, in specific
order. Such libraries are to be avoided when linking host.
It is meant to query the DNS and DNS only.
SUN's resolver library on solaris 2.x
If you are on solaris 2.x and you don't have a proper BIND
resolver library to link with, but have to use the broken
default library, you can define NO_YP_LOOKUP in the Makefile
to prevent gethostbyname/gethostbyaddr querying the YP/NIS.
SUN will probably implement BIND 4.9.3 after its release.
Multiple answers during zone listing.
During zone transfers BIND encapsulates every resource
record in a seperate reply buffer containing a HEADER
and an answer section (ancount == 1). The authority and
additional section are empty. The query section is also
empty except in the very first reply buffer.
Some non-BIND implementations may send multiple answers
per reply buffer (ancount > 1).
# ----------------------------------------------------------------------
# MISC
# ----------------------------------------------------------------------
Port to DEC/Alpha with OSF/1.
Requested by various people.
This requires basically two adaptations:
- sizeof(u_long) is 64 bits instead of 32 bits.
Affects ip address fields and some fixed fields in the
nameserver query/answer buffers.
- pointers in C subroutine arguments are 64 bit quantities.
Affects the varargs modules.
Suggestions by Dietrich Wiegandt <dietrich@dxcern.cern.ch>
and David Cherkus <cherkus@zk3.dec.com>.
Compatibility with BIND 4.9.
Don't use the u_long types any more.
The 'struct state' is now 'struct __res_state'.
New resolver library has various hooks for 'dig'.
New resolver library prints to stdout with leading ";" but
unfortunately not everywhere. It prints to stderr sometimes
also with ";" but does not so in the perror() messages.
(Things have been corrected in BIND 4.9.3).
BIND 4.9 prints FQDN with trailing dot.
BIND 4.9 prints TXT strings within double quotes.
New features of BIND 4.9.3.
Don't use sizeof() for u_int, u_short, struct in_addr, and
HEADER, but use predefined constants for entities that have
a fixed field width.
A new parameter _res.ndots has been defined.
The res_search() module may query the given name ``as_is''.
The res_search() module retries after SERVFAIL.
The res_send() module marks a bad server status for almost
every error condition.
Extra checks are carried out to ensure that a reply packet
really is the answer to a query: nameserver addresses and
query fields are compared.