5beb22a9d6
New Features Support for CAA record types, as described in RFC 6844 "DNS Certification Authority Authorization (CAA) Resource Record", was added. [RT#36625] [RT #36737] Disallow "request-ixfr" from being specified in zone statements where it is not valid (it is only valid for slave and redirect zones) [RT #36608] Support for CDS and CDNSKEY resource record types was added. For details see the proposed Informational Internet-Draft "Automating DNSSEC Delegation Trust Maintenance" at http://tools.ietf.org/html/draft-ietf-dnsop-delegation-trust-maintainance-14. [RT #36333] Added version printing options to various BIND utilities. [RT #26057] [RT #10686] On Windows, enable the Python tools "dnssec-coverage" and "dnssec-checkds". [RT #34355] Added a "no-case-compress" ACL, which causes named to use case-insensitive compression (disabling change #3645) for specified clients. (This is useful when dealing with broken client implementations that use case-sensitive name comparisons, rejecting responses that fail to match the capitalization of the query that was sent.) [RT #35300] Feature Changes Adds RPZ SOA to the additional section of responses to clearly indicate the use of RPZ in a manner that is intended to avoid causing issues for downstream resolvers and forwarders [RT #36507] rndc now gives distinct error messages when an unqualified zone name matches multiple views vs. matching no views [RT #36691] Improves the accuracy of dig's reported round trip times. [RT #36611] The Windows installer now places files in the Program Files area rather than system services. [RT #35361] When an SPF record exists in a zone but no equivalent TXT record does, a warning will be issued. The warning for the reverse condition is no longer issued. See the check-spf option in the documentation for details. [RT #36210] "named" will now log explicitly when using rndc.key to configure command channel. [RT #35316] The default setting for the -U option (setting the number of UDP listeners per interface) has been adjusted to improve performance. [RT #35417] Aging of smoothed round-trip time measurements is now limited to no more than once per second, to improve accuracy in selecting the best name server. [RT #32909] DNSSEC keys that have been marked active but have no publication date are no longer presumed to be publishable. [RT #35063] Bug Fixes The Makefile in bin/python was changed to work around a bmake bug in FreeBSD 10 and NetBSD 6. [RT #36993] (**) Corrected bugs in the handling of wildcard records by the DNSSEC validator: invalid wildcard expansions could be treated as valid if signed, and valid wildcard expansions in NSEC3 opt-out ranges had the AD bit set incorrectly in responses. [RT #37093] [RT #37072] When resigning, dnssec-signzone was removing all signatures from delegation nodes. It now retains DS and (if applicable) NSEC signatures. [RT #36946] The AD flag was being set inappopriately on RPZ responses. [RT #36833] Updates the URI record type to current draft standard, draft-faltstrom-uri-08, and allows the value field to be zero length [RT #36642] [RT #36737] RRSIG sets that were not loaded in a single transaction at start up were not being correctly added to re-signing heaps. [RT #36302] Setting '-t aaaa' in .digrc had unintended side-effects. [RT #36452] A race condition could cause a crash in isc_event_free during shutdown. [RT #36720] Addresses a race condition issue in dispatch. [RT #36731] acl elements could be miscounted, causing a crash while loading a config [RT #36675] Corrects a deadlock between view.c and adb.c. [RT #36341] liblwres wasn't properly handling link-local addresses in nameserver clauses in resolv.conf. [RT #36039] Buffers in isc_print_vsnprintf were not properly initialized leading to potential overflows when printing out quad values. [RT #36505] Don't call qsort() with a null pointer, and disable the GCC 4.9 "delete null pointer check" optimizer option. This fixes problems when using GNU GCC 4.9.0 where its compiler code optimizations may cause crashes in BIND. For more information, see the operational advisory at https://kb.isc.org/article/AA-01167/. [RT #35968] Fixed a bug that could cause repeated resigning of records in dynamically signed zones. [RT #35273] Fixed a bug that could cause an assertion failure after forwarding was disabled. [RT #35979] Fixed a bug that caused SERVFAILs when using RPZ on a system configured as a forwarder. [RT #36060] Worked around a limitation in Solaris's /dev/poll implementation that could cause named to fail to start when configured to use more sockets than the system could accomodate. [RT #35878]
41 lines
1,002 B
C
41 lines
1,002 B
C
$NetBSD: patch-lib_lwres_getaddrinfo.c,v 1.2 2014/10/14 16:21:02 taca Exp $
|
|
|
|
* Add fix for KAME based implementation.
|
|
|
|
--- lib/lwres/getaddrinfo.c.orig 2014-09-16 19:27:20.000000000 +0000
|
|
+++ lib/lwres/getaddrinfo.c
|
|
@@ -142,6 +142,10 @@
|
|
#include <lwres/stdlib.h>
|
|
#include <lwres/string.h>
|
|
|
|
+#ifdef __KAME__
|
|
+#include <net/if.h>
|
|
+#endif
|
|
+
|
|
#define SA(addr) ((struct sockaddr *)(addr))
|
|
#define SIN(addr) ((struct sockaddr_in *)(addr))
|
|
#define SIN6(addr) ((struct sockaddr_in6 *)(addr))
|
|
@@ -366,14 +370,22 @@ lwres_getaddrinfo(const char *hostname,
|
|
p = strchr(ntmp, '%');
|
|
ep = NULL;
|
|
|
|
+#ifdef __KAME__
|
|
+ if (p != NULL) {
|
|
+ scopeid = if_nametoindex(p + 1);
|
|
+ if (scopeid)
|
|
+ p = NULL;
|
|
+ }
|
|
+#endif
|
|
/*
|
|
* Vendors may want to support non-numeric
|
|
* scopeid around here.
|
|
*/
|
|
|
|
- if (p != NULL)
|
|
+ if (p != NULL) {
|
|
scopeid = (lwres_uint32_t)strtoul(p + 1,
|
|
&ep, 10);
|
|
+ }
|
|
if (p != NULL && ep != NULL && ep[0] == '\0')
|
|
*p = '\0';
|
|
else {
|