Commit graph

27 commits

Author SHA1 Message Date
seb
c21c3ef3e6 Update to version 8.4.4.
Too many of changes and bug fixes since last packaged version to list here,
you would like to take a look at the enclosed CHANGES file.
2004-04-18 13:53:40 +00:00
jlam
7699290f10 If we're passing through MAKEFLAGS variables whose values may contain
spaces, use the :Q modifier instead of double-quoting the value.  This
avoids breakage when executing the just-in-time su targets.
2004-02-06 19:04:24 +00:00
grant
f33fb22363 bl3ify; fixes build on Solaris with SunPro. 2004-01-28 12:18:47 +00:00
agc
3ad1bdbf06 Move WRKSRC definition away from the first paragraph in a Makefile. 2004-01-20 12:18:15 +00:00
kristerw
f6d8743f8c Change MAINTAINER to "tech-pkg" instead of the previous "packages". 2003-12-03 22:14:45 +00:00
jmc
0b009ce693 Typo in data directory made vs one actually used. 2003-08-03 07:39:58 +00:00
seb
7f68beb965 Update to bind version 8.4.1.
Package changes:
* Use bsd.pkg.install full power: rc script handling, OWN_DIRS.
* Tweak BUILD_DIRS instead of using post-build and post-install time
  make invocations (with a little help of post-extract clean up).
* Automatic OPSYS PLIST handling.
* Install html documentation in a canonical pkgsrc directory.

Changes since bind version 8.3.4:
        --- 8.4.1-REL released --- (Sun Jun  8 15:11:32 PDT 2003)
1548.   [port]          winnt: make recv visible from libbind.
1547.   [port]          cope with spurious EINVAL from evRead.
1546.   [cleanup]       dig now reports version 8.4.
1545.   [bug]           getifaddrs_sun6 was broken.
1544.   [port]          hpux 10.20 has a broken recvfrom().  Revert to recv()
                        in named-xfer and work around deprecated recv() in
                        OSF.
1543.   [bug]           named failed to send notifies to servers that live
                        in zones it was authoritative for.
1542.   [bug]           set IPV6_USE_MIN_MTU on IPv6 sockets if the kernel
                        supports it.
1541.   [bug]           getifaddrs_sun6() should be a no-op on early SunOS
                        releases.
        --- 8.4.0-REL released --- (Sun Jun  1 17:49:31 PDT 2003)
1540.   [bug]           remove potential memory leak from net_data_create().
1539.   [port]          protect references to sin6_scope_id with #ifdef.
1538.   [port]          linux: not all distributions define IF_NAMESIZE.
        --- 8.4.0-RC2 released --- (Tue May 27 18:31:53 PDT 2003)
1537.   [bug]           dig buffer overrun with large command lines.
1536.   [cleanup]       use NS_MAXMSG to define TCP buffers.
1535.   [bug]           winnt: large zone transfers failed.
1534.   [func]          The advertised EDNS UDP buffer size can now be set
                        via named.conf (edns-udp-size).
1533.   [bug]           don't artificially restrict the update message size.
1532.   [bug]           use maximum sized answer buffers in res_findzonecut().
1531.   [port]          darwin: has getifaddrs().
1530.   [bug]           nslookup computed incorrect reverse lookup for IPv6.
1529.   [lint]          unused variable in dnsquery.c::main().
1528.   [bug]           getaddrinfo() incorrectly rejected a numeric service
                        under certian circumstances.
1527.   [proto]         add ns_t_apl (42).
1526.   [doc]           res_{get,set}servers().
1525.   [bug]           named failed to start on linux machines w/o IPv6
                        support.
        --- 8.4.0-RC1 released --- (Fri May  2 18:20:02 PDT 2003)
1524.   [bug]           update documentation for IPv6 transport support.
1523.   [bug]           getipnodebyname with AI_ADDRCONFIG set was broken
                        on HPUX 11.11.  Detect IPv6 interfaces under linux.
1522.   [port]          ultrix doesn't have msg_control (NO_MSG_CONTROL).
1521.   [bug]           query-source{-v6} was broken.
1520.   [port]          hpux: socket returns EPROTONOSUPPORT for unsupported
                        family.
1519.   [port]          decunix: conflicting setnetgrent() and innetgr()
                        prototypes.
1518.   [cleanup]       silence "No root nameservers for class XX" when
                        "forward only;" is set in options.
1517.   [cleanup]       stop using putshort/putlong internally.
1516.   [port]          bsdos: now know correct appearance information for
                        getifaddrs/freeifaddrs.
        --- 8.4.0-T2B released --- (Wed Apr 23 21:11:59 PDT 2003)
1515.   [port]          solaris doesn't have msg_control (NO_MSG_CONTROL).
1514.   [port]          hpux doesn't have msg_control (NO_MSG_CONTROL).
1513.   [bug]           use ipnodes.{byname,byaddr} for IPv6 NIS lookups.
                        Add support for "YP_MULTI_".
1512.   [func]          provide a getifaddrs() implementation for OS's
                        that don't have one.  Includes IPv6 support for
                        Solaris, HPUX and Linux.
1511.   [cleanup]       don't use argument names in function prototypes.
1510.   [port]          openbsd uses /bsd not /kernel.
1509.   [port]          bsd: extract sin6_scope_id from internal form.
1508.   [bug]           not all references to sin6_scope_id were protected.
1507.   [bug]           don't attempt to send using address families not
                        supported by the kernel.
1506.   [bug]           named could sometimes set tc incorrectly.
1505.   [bug]           potential overflow if pointer arithmetic wrapped.
1504.   [port]          sa_family_t doesn't exist on all platforms.
1503.   [bug]           named could make unnecessary queries for glue if the
                        additional section was full.
1502.   [port]          some IPv6 references were not protected.
1501.   [port]          decunix: OSF 3.2 does not have native 64 bit support.
1500.   [port]          linux: namespace collision.
1499.   [port]          linux: #include <time.h> bin/dig/dig.c
1498.   [bug]           ns_makecanon() could under read its destination buffer
                        by one character and fail to properly canonicalise.
1497.   [bug]           res_mkupdate() used compression pointers when it
                        shouldn't.
1496.   [bug]           res_mkupdate() didn't support NAPTR.
        --- 8.4.0-T1B released --- (Mon Apr  7 20:00:15 PDT 2003)
1495.   [func]          IPv6 transport support for named, named-xfer and
                        ndc.
1494.   [bug]           memory leak on thread destruction if gethostbyname() /
                        getnetbyname() have been called by the thread.
1493.   [bug]           check scope for link local servers.
1492.   [placeholder]
1491.   [cleanup]       indentation problems.
1490.   [bug]           the seek offset was miscalculated when truncating
                        the ixfr log.
1489.   [func]          named no longer queries for missing additional A6
                        records.
1488.   [port]          decunix: TruCluster support.
                        See port/decunix/TruCluster.
1487.   [bug]           getnetgroup() takes (char **) not (const char **).
1486.   [func]          res_query() now generates more/better debug on failure
1485.   [func]          res_send() records the nameserver the response came
                        from.  Dig retrieves this rather than reporting the
                        first address.
1484.   [bug]           dig use sin.sin_port for IPv4.
1483.   [bug]           nslookup could dereference a NULL pointer under certain
                        circumstances.
1482.   [bug]           provide local storage for localtime_r result.
1481.   [bug]           tv.tv_sec and time_t are not always the same type.
1480.   [bug]           gethostbyname(), getaddrinfo() could drop address
                        if the previous call contained one of the new
                        addresses.
1479.   [func]          try known lame servers if all other servers have
                        failed.
1478.   [cleanup]       libbind: don't look for A6 records, don't follow
                        DNAME record (use the CNAMES), remove some bitstring
                        related functions.
1477.   [cleanup]       libbind: namespace cleanup (irs_* to __irs*,
                        dst_* to __dst_* and tree_* to __tree*)
1476.   [bug]           dig wasn't using a random query id.
1475.   [bug]           "query-source address <listening interface> port *"
                        failed to use a system assigned port as documented.
1474.   [bug]           named wasn't seeing cached NODATA CNAME records.
1473.   [bug]           nslookup: buffer overrun when looking up reverse
                        IPv6 addresses under IP6.INT when not found under
                        IP6.ARPA.
1472.   [port]          freebsd; current has pselect().
1471.   [port]          'dig -P' failed on some platforms.
1470.   [bug]           J.ROOT-SERVERS.NET is now 192.58.128.30.
1467.   [deleted]
1461.   [func]          return referrals for glue (NS/A/AAAA) if recursion is
                        disabled (recursion no;).
1460.   [bug]           NS_MD5RSA_MAX_BITS was not correct.
1459.   [bug]           ns_sign2() could fail to compute a correct signature
                        if the TSIG ownername was compressed.
1458.   [bug]           host: spurious "Unknown algorithm" message with default
                        zone listing.  missing white space before '(' in SOA
                        format.
1457.   [bug]           bison didn't like ns_parser.y.
1456.   [doc]           document auth-nxdomain default is "no" (see # 524).
1455.   [bug]           named failed to allow a cached NODATA response for
                        a ANY query to be retrieved.
1454.   [contrib]       nsverifier from Bob.Whelton@qwest.com.
1453.   [bug]           SOA answers should only be cached for the current
                        tick.
1452.   [bug]           don't cache -ve response SOA record.
1451.   [port]          bsdos: maybe_fix_includes is not required.
1450.   [bug]           hint zones don't need to be reloaded when a "child"
                        zone is removed.
1449.   [bug]           it was possible to orphan glue records.  this could
                        lead to panics in stale().
1438.   [bug]           glue from a parent zone beneath a child zone could
                        be deleted by loading a child zone.
1437.   [bug]           linux: probe_ipv6 was broken.
1436.   [port]          decunix: update sys/bitypes.h
1435.   [func]          named-xfer: log the zone name when reporting query
                        sent.
1434.   [doc]           the man page for dn_expand failed to document eomorig.
1433.   [lint]          remove unused variable.
1432.   [func]          log TSIG key name if used with zone transfer.
1431.   [func]          new category "update-security".
1430.   [func]          libbind: the default nameservers now include ::1/::
                        as well as 127.0.0.1/0.0.0.0 if none are specified in
                        resolv.conf.
1429.   [port]          libbind: use strlcat/strlcpy if available.
1428.   [port]          eventlib.c: cast tv_sec to long when calling *printf().
1427.   [func]          define INT8SZ
1426.   [port]          res_dprintf() now supports format checking w/ gcc.
1425.   [bug]           'aa' was not being set appropriately with cross zone
                        CNAMES.
1424.   [cleanup]       ip6_str2scopeid() now returns u_int32_t.
1423.   [bug]           'ndc restart' could fail to restart named if there
                        were no arguments to named.
1422.   [cleanup]       optarg() etc. are declared in unistd.h.
1421.   [bug]           clear and check errno when calling strtoul().
1420.   [cleanup]       use %p instead of %#x for printing pointers.
1419.   [cleanup]       getinfo(): kill buflen manipulation.
1418.   [port]          cast pointers to (size_t) when aligning.
1417.   [cleanup]       make1101inaddr(): kill size manipulation.
1416.   [port]          log_vwrite() now supports format checking w/ gcc.
1415.   [port]          irix: probe for in6addr_any.
1414.   [bug]           strtoul() cast (char*) to (unsigned char*).
1413.   [bug]           host: soa values are not signed.
1412.   [bug]           fix numeric port range check in getaddrinfo().
1411.   [port]          freebsd/netbsd/openbsd: #define USE_IFNAMELINKID.
1410.   [port]          probe for sin6_scope_id when probing for IPv6 structs.
1409.   [bug]           dig: reverse6 computed a incorrect nibble string.
1408.   [cleanup]       res_mkquery.c: kill buflen manipulation.
1407.   [port]          namespace clash EV_ERR -> EV_SETERR
2003-07-31 23:58:48 +00:00
grant
e8b57d5540 whitespace fix 2003-05-07 09:51:20 +00:00
is
85605d4eb8 Obey PKG_SYSCONFDIR 2003-03-06 11:43:27 +00:00
jlam
d7f69e47ce Instead of including bsd.pkg.install.mk directly in a package Makefile,
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set
to "YES".  This enforces the requirement that bsd.pkg.install.mk be
included at the end of a package Makefile.  Idea suggested by Julio M.
Merino Vidal <jmmv at menta.net>.
2003-01-28 22:03:00 +00:00
cjep
208af56920 Make this package happier on Solaris. Thanks to Pierre Bourgin.
Fixs PR#18953
2002-12-07 21:34:04 +00:00
itojun
56b5bea064 upgrade to 8.3.4. all security patches are applied in 8.3.3nb1. 2002-11-17 16:08:08 +00:00
itojun
6f4df524e8 pull in http://www.isc.org/products/BIND/patches/bind833.patch
bump PKGREVISION

---
1469.  [bug]           buffer length calculation for PX was wrong.
1468.  [bug]           ns_name_ntol() could overwite a zero length buffer.
1467.  [bug]           off by one bug in ns_makecannon().
1466.  [bug]           large ENDS UDP buffer size could trigger a assertion.
1465.  [bug]           possible NULL pointer dereference in db_sec.c
1464.  [bug]           the buffer used to construct the -ve record was not
                       big enough for all possible SOA records.  use pointer
                       arithmetic to calculate the remaining size in this
                       buffer.
1463.  [bug]           use serial space arithmetic to determine if a SIG is
                       too old, in the future or has internally constistant
                       times.
1462.  [bug]           write buffer overflow in make_rr().
2002-11-14 04:13:46 +00:00
itojun
6e0dab8bee upgrade to 8.3.3. includes important security fix.
--- 8.3.3-REL released --- (Wed Jun 26 21:15:43 PDT 2002)
1301.	[func]		log attempts to exploit #1300.
1300.	[bug]		Remote buffer overrun.
1299.	[func]		Log to xfer-in when a named-xfer fails and one of
			the masters returned REFUSED.
1298.	[bug]		named could leak a OPT record when returning a
			negative response.
1297.	[func]		'ndc restart' will now attempt to preserve the
			arguments named was started with.
			Use 'ndc restart --' to clear the arguements.
			Use 'ndc restart <new arguements>' to restart named
			with a alternate set of arguements.
1296.	[bug]		delay setting need_restart until the response to
			ndc exec has been sent.
1295.	[func]		new ndc command 'args'.  returns the arguements that
			named was started with %xx escaped.
1294.	[bug]		#1272 broke linkage for those OS's using -lfl (flex).
			Move -ll/-lfl to LIBL for all platforms.
	--- 8.3.2-REL released --- (Mon Jun 17 20:24:32 PDT 2002)
1293.	[doc]		update man pages for 'dig', 'dnsquery' and 'host'
			to reflect IPv6 capabilities (nslookup and nsupdate
			were already IPv4/IPv6 agnostic).
1292.	[func]		host: the default lookups now also include AAAA
			records.
1291.	[func]		'dig -x <ip6>' now works.
1290.	[bug]		'dig @server' fail to report the IPv6 address of the
			server in error messages.
1289.	[contrib]	normalize_zone now handles $TTL.
1288.	[bug]		named: -t and -w could not be used together.
1287.	[func]		report serial(s) in out going transfer operation.
	--- 8.3.2-RC1 released --- (Thu May 30 23:06:11 PDT 2002)
1286.	[func]		libbind: no longer attempts bit string labels for
			IPv6 reverse resolution.  Try IP6.ARPA then IP6.INT
			for nibble style resolution.
1285.	[port]		linux: ss_family vs __ss_family in sockaddr_storage.
1284.	[port]		freebsd: 5.0 uses gid_t rather that int for
			GETGROUPLIST_ARGS
1283.	[port]		bsdi: 4.2 also has struct sockaddr_storage.
1282.	[bug]		nslookup was using inet_ntoa() to print out a IPv6
			address.
1281.	[bug]		escape '(' and ')' when coverting to presentation
			form.
1280.	[func]		server { edns yes_or_no; } is now supported.
1279.	[bug]		nslookup: partial coversion to similar style outputs
			for both -type=aaaa and -type=a.
1278.	[bug]		free() of non-malloced memory in nslookup.
1277.	[port]		cast all instances of yytext in commands.l to (char*)
			to silence compilers on OS's where lex declares it
			as (unsigned char *).
1276.	[port]		hpux 11.22: ansify GetAnswer in getinfo.c to
			silence compiler.
1275.	[bug]		bad declaration of si in tsig_key_from_addr().
1274.	[port]		hpux 11.22: ansify hexstring() and display() in
			addr.c to silence compiler.
1273.	[bug]		const pointer conficts in res_debug.c.
1272.	[port]		hpux 11.22: don't link against -ll unless required.
1272.	[bug]		main_need_num was not last entry in enum.
			main_need_tick nolonger required.
1271.	[port]		hpux: treat all hpux systems as BIG_ENDIAN, don't
			include <sys/mbuf.h>.
1270.	[port]		hpux 11.22 namespace clash DATASIZE -> BIND_DATASIZE.
1269.	[port]		hpux 11.11 interface scaning.
1268.	[port]		solaris: 64 bit binary compatability.
1267.	[bug]		aix4: missing IN6_IS_ADDR_V4COMPAT macro.
1266.	[bug]		If you are using TSIG #1261 introduced the potential
			of a infinite loop.
1265.	[bug]		nslookup failed on platforms that don't have BSD 43
			style sockets.
1264.	[bug]		LINK_INIT and UNLINK were not compatible with
			C++, use LINK_INIT_TYPE and UNLINK_TYPE instead.
	--- 8.3.2-T1B released --- (Tue May  7 18:49:58 PDT 2002)
1263.	[bug]		gethostans() could get out of sync parsing the
			response if there was a very long CNAME chain.
1262.	[bug]		winnt: dumpdb and stats should now work reliably.
1261.	[bug]		using a valid TSIG with a compressed ownername could
			result a INSIST() failure.
1260.	[func]		"notify explicit;" from BIND 9.
1259.	[misc]		leave the verification of the OPT options to the
			caller.
1258.	[func]		accept SOA MNAME field as legitimate additional
			data.
1257.	[bug]		malformed response to query w/ tsig + edns.
1256.	[port]		darwin: probe for IPv6 support.
1255.	[bug]		xfers_running could become out of sync if a zone
			was removed while it was being transfered.
1254.	[func]		nsupdate can now update IPv6 servers.
1253.	[func]		host now accepts IPv6 addresses.
1253.	[bug]		reserve space for the signature when performing a
			zone transfer.
1252.	[func]		dnsquery now accepts IPv6 addresses.
1251.	[bug]		win32: it was possible to call RegCloseKey() on a
			invalid key.
1250	[func]		nslookup now accepts IPv6 addresses.
1249.	[func]		dig now accepts IPv6 addresses.
1248.	[doc]		correct some typos in named.conf.5 and corresponding
			html.
1247.	[bug]		get_salen() IPv6 support was broken for OSs w/o sa_len.
1246.	[support]	add highly dangerous compile time option
			NXDOMAIN_ON_DENIAL.  it should not be used
			except in testing.
1245.	[bug]		if we don't have enough file descriptors to open
			a socket attempt to close a idle tcp client.
1244.	[port]		bsdi: 4.3 has struct sockaddr_storage.
1243.	[bug]		SERVFAIL can have too many other causes to be used
			say whether a server supports EDNS or not.
1242.	[port]		64k answer buffers were causing stack space to be
			exceeded for certian OS.  Use heap space instead.
1241.	[bug]		getnameinfo() failed to lookup IPv4 mapped /
			compatible addresses.
1340.	[bug]		reference after free for included conf file name.
1339.	[bug]		doaddinfo would not always attempt to fetch missing
			glue when it should have.
1338.	[bug]		an IPv6 only nameserver could generate spurious
			sysquery errors.
1337.	[port]		linux: IN6ADDR_LOOPBACK_INIT, IN6ADDR_ANY_INIT and
			sockaddr_storage not declared by early kernels.
1336.	[bug]		getaddrinfo() could call freeaddrinfo() with an
			invalid pointer.
1335.	[bug]		res_nupdate() failed to update the name servers
			addresses before sending the update.
1334.	[bug]		A6 is expected in the additional section.
2002-06-28 06:03:04 +00:00
wiz
31c709e26c Use BIND_VERSION instead of spreading hardcoded version number around.
Proposed in pkg/16202 by Greg A. Woods.
2002-06-17 12:18:22 +00:00
taca
63aea3f4ee Make sure to initialize the last parameter of explore_fqdn().
This fix getaddrinfo() from crash, reported as PR 16683.

Bump to bind 8.3.1nb1.
2002-05-08 16:20:56 +00:00
itojun
783d9b25d4 upgrade to 8.3.1.
changes are available at http://www.isc.org/products/BIND/bind8.html
2002-03-23 05:34:54 +00:00
jmc
5ce11e5ccd bsd.pkg.install.mk is supposed to come before bsd.pkg.mk per Packages.txt 2002-02-06 03:35:39 +00:00
abs
d82fbf3818 Updated bind8 to 8.2.4nb1:
Include a basic rc.d script (based on apache), and fixup installed paths
    for Linux
2001-12-24 14:10:54 +00:00
itojun
1d8d44e973 upgrade to 8.2.4.
Fixes long-standing protocol incompatibility in DNSSEC support.
Avoids fwd'ing to root name servers if response will be rejected.
new port/cygwin contributed by s_c_biggs@bigfoot.com.
new contrib/mdnkit (V1.3) from author.
new contrib/adm from official ftp site.
new contrib/host from author.
new contrib/dnsp from author.
fixed file descriptor leak in resolver.
numerous portability improvements.
numerous bug fixes.
2001-05-17 18:56:03 +00:00
hubertf
d32e698de6 Cleanup MKDIR usage => INSTALL_*_DIR
XXX need to teach pkglint to be more picky about this
2001-02-25 04:17:35 +00:00
wiz
a13ea108bb Update to new COMMENT style: COMMENT var in Makefile instead of pkg/COMMENT. 2001-02-17 17:52:59 +00:00
itojun
9e911699d3 upgrade to 8.2.3. includes very important security fixes.
--- 8.2.3-REL released ---

1139.	[bug]		inet_{net_,}ntop() had an off-by-one error.

1138.	[bug]		purge_nonglue() should only be fatal on master
			servers.

1138.	[port]		add include/errs.h to various ports.
			winnt: #1130 caused linkage failures.

	--- 8.2.3-RC5 released ---

1137.	[bug]		rfc1034 escape sequences not processed when replaying
			updates.

1136.	[port]		winnt: named nolonger creates resolv.conf.

1135.	[bug]		fixup from #1130/1132.

1134.	[port]		winnt: SIOCGIFADDR, SIOCGIFFLAGS, SIOCGIFDSTADDR and
			mkstemp() fixes.

1133.	[bug]		sorting of SIG/non-SIG records prior to rrset ordering
			of was broken.

	--- 8.2.3-RC4 released ---

1132.	[lint]		more #1130.

1131.	[support]	TTL 0 is now allowed in zone files.

1130.	[lint]		massive, massive delinting from "gcc -Wall".

1129.	[support]	"max_log_size_ixfr" is now a scaled number (4m, etc).

1128.	[contrib]	updated mdnkit.

1127.	[port]		winnt: support for more interfaces, dnskeygen.

1126.	[bug]		resolver: close cached file descriptors when socket()
			fails.

1125.	[bug]		when ns_addr_list is rotated, rotate cached file
			descriptors.

1124.	[bug]		the select() timeout was not always being correctly
			computed.

1123.	[bug]		changes to ns_addr_list were not being reflected into
			our private copy.

1122.	[port]		sco: DESTRUN and DESTSBIN can't be the same.

1121.	[cleanup]	re-word "server is ??? priming" status message.

1120.	[bug]		more #1108 fine tuning.

1119.	[bug]		"delete all" RRs were not being printed correctly.

1118.	[port]		winnt: always install the named executable

1117.	[port]		linux: turn off returning ICMP port unreachables.

1116.	[bug]		minor tweak to #1108

1115.	[bug]		fail if tsig transfers are requested but we can't
			communicate the keys to named-xfer.

1114.	[bug]		remove extraneous semi-colon from ns_parser.y

	--- 8.2.3-T9B released ---

1113.	[support]	show config file name and age in "ndc status"

1112.	[support]	"ndc status" no longer mentions loading of config.

1111.	[port]		some versions of sunos don't have _POSIX_PATH_MAX

1110.	[bug]		zones with Null keys at delegation incorreclty rejected.

1109.	[support]	named-xfer was bombing on non-TSIG'd zones

1108.	[support]	ignore queries that come in during long synch ops

1107.	[func]		allow the default syslog facility to be set by
			adding -DISC_FACILITY=<value> to CDEBUG in Makefile.set.

1106.	[func]		host statistics can now be cleared after they are
			dumped.  Use "ndc stats clear".

1105.	[func]		host-statistics-max can be used to set a upper bound
			on the number hosts we collect statistics against.

1104.	[func]		the source of a record is no longer dependent on
			setting "host-statistics yes;"

1103.	[doc]		winnt: updated port specific notes.

1102.	[port]		winnt: BINDctrl fixes

1101.	[port]		winnt: install fixes

1100.	[bug]		named-xfer some memory allocations were not checked.

1099.	[bug]		more missing INIT_LINK's.

1098.	[support]	force gmake to fail if the sub-shell fails.

1097.	[port]		winnt: lower the logging level so that BINDCtrl status
			checks do not cause the eventlog to fillup.

1096.	[bug]		don't pass '-i' to named-xfer unless we are going
			to attempt a IXFR.

1095.	[bug]		dig: report missing arguements.

1094.	[port]		winnt: more cylink fixes, updated install.

1093.	[bug]		winnt: build lib cylink correctly

1092.	[cleanup]	winnt: snmpmib.c is nolonger required

1091.	[support]	winnt: workout the install directory.

1090.	[bug]		winnt: install was copying old over new.

1089.	[bug]		winnt: fix copyright for nameserver.c
			winnt: snmpmib.c not needed in libbind.dsp

1088.	[bug]		#1053 still contained NAPTR problems.

	--- 8.2.3-T8B released ---

1087.	[port]		sunos/gcc _POSIX_PATH_MAX isn't defined when it should
			be.

1086.	[doc]		malformed man page for heap.

1085.	[bug]		ixfr responses to zones we don't server were malformed.

1084.	[bug]		INIT_LINK before APPEND in four more places.

1083.	[support]	only log "no options before zone" config error
			before FIRST zone [kjd].

1082.	[bug]		have client-side IXFR work in single answer mode [kjd].

1081.	[bug]		have server-side IXFR work in single answer mode [kjd].

1080.	[support]	still do IXFR's even when a file name is not specified
			for zone [kjd].

1079.	[support]	need to have a file name for a hints zone [kjd].

1078.	[port]		WinNT interface enumeration fixes from Danny Mayer.

1077.	[support]	format string audit.

1076.	[port]		now recognize RH7.0's "strndup()"

1075.	[contrib]	add contrib/resparse-1.3 [Henning Schulzrinne @CU]

1074.	[support]	INSIST that lists are correctly managed.

1073.	[port]		Win/NT port work from Danny Mayer.  Dig, host and
			nslookup have been added.

1072.	[port]		work around a gcc bug on solaris.

1071.	[bug]		memory leak in res_nsendsigned().

1070.	[bug]		We were accepting non syntactically valis SOA records.

1069.	[port]		movefile() is now part of libbind as isc_movefile(),
			remaining rename() calls converted to isc_movefile().

1068.	[bug]		purge the zone from memory if an error is detected
			on loading.

1067.	[bug]		reload the parent zone if loading the child zone fails,
			the parent zone may otherwise be corrupted.

1066.	[bug]		refresh/retry timer need to be reset after IXFR

1065.	[bug]		IXFR change list could be freed to early.

1064.	[bug]		unchecked memget in sx_send_ixfr().

1063.	[bug]		fix #1041 was incomplete.

1062.	[bug]		host printed out address records multiple times if
			they were at the end of a CNAME chain.

1061.	[bug]		host failed to look for A records for the second an
			subsequent entries in the search list when using
			the default lookup.

1060.	[bug]		$GENERATE did not reject a out of zone LHS.

1059.	[bug]		res_findzonecut() contained a bad debugging printf.

1058.	[bug]		possible NULL pointer de-reference in
			dst_key_to_buffer().

1057.	[doc]		document that bogus causes anti-alias processing.

1056.	[bug]		ns_sprintrrf() could incorrectly print "." as "@".

1055.	[bug]		aa was being cleared on notify "queries" prior to
			testing.

1054.	[bug]		NAPTR records were using name compression.

1053.	[bug]		NAPTR records were not being printed correctly.

1052.	[bug]		UPDATES w/ NAPTR records were failing.

1051.	[contrib]	YADDAS: Yet another DNS database awk script.

1050.	[bug]		named-bootconf did not handle cacheless secondary/stub
			zones.  NOTE cacheless secondary/stub zones are not
			recommended.

1049.	[bug]		buffer overruns by 1 in getnameinfo().

1048.	[bug]		ns_ctl_install() was corrupting the server_controls
			list.

1047.	[bug]		req_iquery() wasn't doing a final update on buflenp.

1046.	[port]		Win/NT port improved by its author.

	--- 8.2.3-T7B released ---

1045.	[bug]		forwarded and initiated TCP queries weren't affected
			by the "query-source" config option, and weren't being
			set nonblocking.

1044.	[support]	add HITCOUNTS compile-time option (from lamont@hp.com).

1043.	[bug]		dnsquery's command line args could overflow buffers.

1042.	[doc]		maintain-ixfr-base had wrong description in
			named.conf(5).

1041.	[bug]		host assumed axfr returned "one-answer" responses.

1040.	[bug]		add d_rcnt processing to update processing.

1039.	[bug]		qcomp wasn't stable.

1038.	[port]		solaris needs a strerror that does not return NULL,
			call isc_strerror instead.

1037.	[support]	soften #1025 -- continue to accept !AA notify req's.

1036.	[debug]		add TKEY debugging support.

1035.	[bug]		ndc's "help" command worked in signal but not channel
			mode.

1034.	[bug]		loc_ntoa() failed to correctly print altitudes in the
			range [-0.99 .. -0.01].

1033.	[port]		Win/NT portability infusion from Larry @NortelNetworks.

1032.	[bug]		fix minor signal buglet introduced in #1029.

1031.	[bug]		nslookup now correctly refuses to accept qtypes AXFR
			or IXFR.  (use nslookup "ls", not queries, for this.)

1030.	[protocol]	nslookup "ls" command now uses writev() rather than two
			write()'s, to get msglen and query into same tcp seg.

	--- 8.2.3-T6B released ---

1029.	[bug]		incredibly busy systems could starve handle_needs().

1028.	[protocol]	unrecognized TSIG was returning NOERROR (now NOTAUTH).

1027.	[support]	INSIST(), ENSURE(), et al, now always have sideeffects.

1026.	[port]		some kernels bogusly return tv_usec>1000000 from
			gettimeofday().  panic and dump core when this happens.

1025.	[proto]		NOTIFY messages should have AA.

1024.	[bug]		we were unwilling to use the last 10 octets of a
			response buffer in certain transaction types.

1023.	[port]		HP-UX 10.20 was looping inside contrib/dnssigner.

1022.	[port]		ensure that all handled signals are unblocked.

1021.	[bug]		the "host" command wasn't properly printing SRV RR's.

1020.	[contrib]	new "updatehosts" (V1.1.0) contributed by author.

1019.	[port]		separate CFLAGS and CPPFLAGS for unusual builds.

1018.	[bug]		When maintain_ixfr_base is set to "no" a zones IXFR
			file was still being written too.

1017.	[doc]		resolver(3) was out of date with respect to recent API
			changes.

1016.	[bug]		nslookup wasn't properly printing SIG RR's.

1015.	[bug]		when merging group information gr_name and gr_passwd
			could be left pointing at freed memory.

1014.	[bug]		iquery: DoS (potential), information leak.

1013.	[bug]		mangled hostent structures returned by
			gethostbyname_r() and friends.

1012.	[doc]		add named-bootconf example to INSTALL.

1011.	[bug]		if spawnxfer() fails we should return immediately.

1010.	[bug]		bad responses to the initial IXFR/SOA query could
			result in using an uninitalised variable.

1009.	[port]		Add support for darwin / Mac OS X

1008.	[doc]		specify allow-query default in named.conf.

1007.	[bug]		only set STREAM_AXFRIXFR if the original query is
			an IXFR.

	--- 8.2.3-T5B (RC3) released ---

1006.	[port]		Windows/NT does not have fchown().

1005.	[bug]		RD was sometimes left set, inappropriately.

1004.	[bug]		cached NXT's were corrupted.

1003.	[bug]		correction to #997.

1002.	[bug]		file descriptor leak in res_nclose().

1001.	[port]		some builds were too fast.

	--- 8.2.3-T4B (RC2) released ---

1000.	[bug]		#996 was wrongly implemented; replacement fix.

	--- 8.2.3-T3B released ---

 999.	[support]	named now makes an effort to create its files with
			ownership as specified by -u and -g command options.

 998.	[support]	show version number in NOTIFY log messages.

 997.	[support]	forwarders are now used in order by measured RTT.

 996.	[protocol]	if answering ixfr with full zone, used qtype axfr.

 995.	[bug]		"dig -b" was broken due to missing switch "break;"

 994.	[bug]		named-xfer did not handle empty question sections.

 993.	[bug]		TSIG AXFR was completely broken in DiG.

 992.	[bug]		OPTION_USE_IXFR and OPTION_MAINTAIN_IXFR_BASE had
			non-single-bit flag values in src/bin/named/ns_defs.h.

 991.	[protocol]	send A6 glue records in xfr.

 990.	[bug]		we could loose track of a bottom of zone cut if the
			write buffer filled up at just the correct moment.

 989.	[bug]		apply to "fetch-glue no;" to notify processing.  need
			to add A records that would be found this way w/
			also-notify.

 988.	[support]	report expired zones when detected in maintainence
			pass.

 987.	[feature]	"ndc reconfig -noexpired" skip attempts to load
			expired zoned when reconfiguring.

 986.	[bug]		pushlev only needs to be called for axfr/zxfr not ixfr.

	--- 8.2.3-T2B released ---

 985.	[support]	remove "view" command from nslookup (it used mktemp()).

 984.	[bug]		always restart processing query from scratch if we
			have chased a CNAME as we might still have the answer
			in the cache once the CNAME has been resolved.

 983.	[support]	"notify from non-master server" is now debug, not info.

 982.	[bug]		rollback the compression pointers array when a
			RRset/RR does not fit.

 981.	[port]		decunix: typedef (u_)int#m_t

 980.	[bug]		mishandled memget failure w/ TCP connections.

 979.	[bug]		we were failing to call ns_stopxfrs() before calling
			purge_zone() in some cases.

 978.	[port]		sco50: setsockopt(SO_REUSEADDR) fails on unix domain
			sockets

 977.	[bug]		we should be returning notimpl for update forwarding
			rather than refused.  a client receiving refused
			should terminate the update attempt.  notimpl should
			just cause the client to skip to the next server.

 976.	[bug]		some stats weren't getting incremented, & added a few.

 975.	[support]	SLAVE_FORWARD is now redundant and has been removed.

 974.	[port]		ultrix with vendor's y2k patch explicitly desupported.

 973.	[bug]		some field names added in #935 conflicted with macros.

 972.	[support]	restore heartbeat notifies.

 971.	[bug]		out of order updates in log.

 970.	[port]		solaris: add ipv6 interface scanning support.

 969.	[bug]		post process a zone load to remove any non-glue at
			or below bottom of zone.

 968.	[bug]		TSIGs failed to verify if the key name was compressed.

 967.	[bug]		zones signed by the BIND 9 signer failed to load.

	--- 8.2.3-T1A released ---

 966.	[bug]		nslookup and dig misprinted root zone in $ORIGIN.

 965.	[feature]	dig's command line input buffer was rather small.

 964.	[bug]		make res_nsearch() behave like res_search() of olde.

 963.	[bug]		res_debug::do_section() can no longer spin all VM.

 962.	[bug]		another almost-complete rewrite of IXFR from kjd (462)

 961.	[bug]		acl "none" now fails to match but doesn't end search.

 960.	[bug]		more hesiod library fixes from danny.

 959.	[doc]		christos fixed several man page typos and brainos.

 958.	[bug]		getnameinfo() should accept experimental/multicast.

 957.	[port]		ultrix again.  "cd" now presumed to be silent again.

 956.	[bug]		multiline was not being cleared correctly.

 955.	[bug]		explicit TTL on SOA records were being replaced with
			soa minimum.

 954.	[bug]		cannot load a signed root zone.

 953.	[bug]		memory overrun in set_zone_ixfr_file().

 952.	[bug]		errs was not being correctly adjusted if the included
			master file did not exist in db_load().

 951.	[bug]		contrib/dns_signer/signer: write_trim_name
			array bounds write error.

 950.	[bug]		hesiod: ctx->res was not being initalised.

 949.	[port]		aix32: add prand_conf.h and define WCOREDUMP

 948.	[bug]		fixed logic error in a number of expressions causing
			res_ninit() not to be called when it should be.

 947.	[bug]		sanity check in dst_read_key() wasn't.

 946.	[port]		freebsd: threaded library support.

 945.	[bug]		wrong file name logged in ixfr_have_log().

 944.	[doc]		add forwarders to zone types  master/slave/stub in
			named.conf man page.

 943.	[bug]		raise CNAME and OTHER / multiple CNAME logging to
			warning.

 942.	[bug]		bad referrals logged for forwarders.

 941.	[bug]		lame server detection wasn't checking for SOA record.

 940.	[clarity]	unapproved -> denied in log messages.

 939.	[bug]		reload_master and purgeandload should write the zone
			if it has been updated.

 938.	[bug]		update and ixfr logs could get corrupted.  fseek()
			before ftell() on fopen(, "a+") file.

 937.	[support]	allow parallel makes to work.

 936.	[protocol]	add preliminary A6 glue recognition in ns_req.

 935.	[cleanup]	res_nsend() segmented into multiple functions for
			readability.  also fixed two file descriptor leaks.
			CAN_RECONNECT is gone, keep one socket per nameserver.

 934.	[bug]		Perror and Aerror where incorrect if DEBUG is not
			defined.

 933.	[port]		cygwin port added

 932.	[port]		sco42 does not have unix domain sockets or gethostid.

 931.	[bug]		eventlib was not handling unix domain sockets
			correctly.

 930.	[bug]		we wern't using all the potential compression pointers
			in the question section.

 929.	[bug]		we were accepting updates (adds) with illegal ttls.

 928.	[bug]		if we manage to get a illegal ttl stored, print it
			unsigened.

 927.	[port]		hpux: (11.* 10.30) Makefile.set.gcc

 926.	[port]		hpux10: gcc needs -D_HPUX_SOURCE and -fPIC

 925.	[protocol]	when a slave loads it should notify others (RFC 1996).

 924.	[port]		sunos solaris: #define NEED_SECURE_DIRECTORY to
			secure the directory containing unix domain socket
			rather than the socket itself.

 923.	[support]	shutup "make clean" about missing threaded directories.

 922.	[bug]		removing an cached zone file then performing a
			"ndc reload zone" should force a zone transfer.

 921.	[bug]		nsupdate: listuprec was not being initalised.

 920.	[port]		aix4: Makefile.set.gcc
 			aix4: __P was being defined by <net/radix.h>

 919	[port]		linux: remove one level of symbolic linkage when
			performing make links on port/linux/include

 918.	[bug]		update prerequisite could match w/ wildcard.

 917.	[port]		irix: make the current IRIX release (6.5) work by
			not patching res_debug.c. see INSTALL if you have
			problems with 6.3.

 916.	[bug]		removing / changing a zone type could result in
			Z_NOTIFY being cleared / tested against the wrong zone.

 915.	[bug]		evNewWaitList() was not maintaining the prev chain.

 914.	[bug]		signal EWOULDBLOCK if EV_POLL'ing with no timers.

 913.	[bug]		input could get lost on the server side of a ctl sock.

 912.	[bug]		nsupdate now allows explicit 0 TTL's on added RR's.

 911.	[bug]		gethostbyname() should not return duplicate addresses.

 910.	[bug]		address-sorting logic was exiting early.

 909.	[bug]		dig wasn't respecting the +ti and +ret arguments.

 908.	[contrib]	Tony Stoneley sent us an updated misc/makezones.

 907.	[port]		winnt fixes from Larry at Nortel.

 906.	[bug]		res_findzonecut() failed if the NS referred to a CNAME.

 905.	[doc]		Minor fix to doc/man/Makefile for getnameinfo

 904.	[bug]		bin/host wasn't looking up MX records if no
			-t flags were passed to it.
2001-01-27 07:33:21 +00:00
itojun
ac1d741d3d upgrade to 8.2.2P7.
NOTE: we may need to run a printf format string audit like we did for
in-tree BIND8.


	--- 8.2.2-P7 released ---

1048.	[bug]		ns_ctl_install() was corrupting the server_controls
			list.

1007.	[bug]		only set STREAM_AXFRIXFR if the original query is
			an IXFR.

 982.	[bug]		rollback the compression pointers array when a
			RRset/RR does not fit.

 962.	[bug]		another almost-complete rewrite of IXFR from kjd (462)
			[incorporate ZXFR DoS fix from #962]

	--- 8.2.2-P6 released ---

 903.	[bug]		divide by zero bug when querying for SIG records from
			a secure zone.

 902.	[support]	don't attempt to set q_fzone if we won't be using it.

 901.	[support]	delay notify timer setting until all zones have been
			loaded.

 900.	[port]		hpux10 fix call to bison; sco call bison consistenly.

 899.	[bug]		dynamically allocate buffer used to display RR rather
			than uses a fixed sized one. grow as needed.

 898.	[bug]		if truncation caused no RR's to appear in the answer we
			mis-classified the answer on a NODATA.

 897.	[support]	descriptors used by named should not be inherited by
			named-xfer.

 896.	[contrib]	add contrib/adm/adm-nxt, an exploit for the NXT bug
			in 8.2 and 8.2.1.  as before, we do not recommend its
			use, and we do recommend that you run the latest BIND.

	--- 8.2.2-P5 released ---
2000-11-10 07:38:22 +00:00
rh
0ffd4439da Update bind8 to 8.2.2p5. This fixes a couple more security holes and
closes PR 8796 by Takahiro Kambe, thx!
1999-11-16 17:08:13 +00:00
rh
c88efe6849 clean up and make this package hier(7) compliant. 1999-11-13 10:02:37 +00:00
rh
c40274f37f Import of bind8 package as submitted in pkg/8782 by Greg A. Woods (with
some modifications), thanks!

XXX: this package definitely needs some more work, specifically to make it
hier(7) compliant.  However, I don't have the time for that at the moment,
I therefore mainly commit this for the sake of providing a quick security
fix for the affected systems.
1999-11-12 18:23:52 +00:00