HardenedBSD/contrib/bind/CHANGES
Peter Wemm 15f7f56992 Import final bind-8.1.2 release.
Obtained from: ftp.isc.org
1998-06-11 05:01:49 +00:00

1313 lines
45 KiB
Plaintext

--- 8.1.2 released ---
380. [bug] Replaying the dynamic update log could trigger an
INSIST.
379. [port] Updated IRIX port.
378. [bug] The declaration for res_freeupdrec() in resolv.h
didn't use __P().
377. [func] The server now sets SO_SNDBUF on UDP sockets.
376. [port] The malloc() implementation on many systems didn't
like memcluster.c's 4KB block allocations, sometimes
causing huge amounts of memory to be wasted.
memcluster.c now allocates bigger chunks and makes
its own 4KB blocks.
375. [bug] If more than (sizeof u_long) gets occurred for a
particular memory bucket, an INSIST about puts < gets
might have been erroneously trigged. Now total
gets and outstanding gets are counted.
374. [port] SCO 3.2v4.2 doesn't have initgroups(), so we do not
want to define CAN_CHANGE_ID.
373. [port] Updated LynxOS port.
372. [port] Updated SCO 3.2v5.0.x port.
371. [bug] "make install" could fail on some Linux systems
because src/port/linux/include/net/Makefile didn't
cope with an empty HFILES variable.
370. [bug] Trying to update an expired slave zone would cause
the server to panic.
369. [bug] The Makefile for named-xfer didn't try to create
${DESTDIR}${DESTEXEC} if it didn't exist.
368. [bug] Interface scanning could get confused on BSD-like
systems if the sa_len of the address was less than
sizeof (struct sockaddr).
367. [func] The default value for the host-statistics option has
been changed to "no".
--- 8.1.2-T3B released ---
366. [bug] Z_AUTH was set on the cache zone do_reload().
365. [security] Missing bounds checking in inverse query handling
allowed an attacker to overwrite the server's stack.
364. [port] Added support for HP MPE.
363. [bug] named-xfer automatically restarts the transfer if the
SOA changes during the transfer. There was no limit
on the number of restarts, resulting in a lot of
wasted effort if the SOA was constantly changing.
The number of restarts is now limited.
362. [security] Requesting a zone transfer for a domain name which
had a resource record of a certain format would
cause the server to abort().
361. [bug] named-xfer tries to close files named might have
had open. On Solaris, sysconf(_SC_OPEN_MAX) can
return RLIM_INFINITY, and if it did named-xfer
would try to close all those files. named-xfer
now applies an upper limit of FD_SETSIZE.
360. [port] Solaris 2.5 systems needed <sys/resource.h> to
be included in port_after.h to get rlim_t.
--- 8.1.2-T3A released ---
359. [func] IRS group support is now controlled by the
WANT_IRS_GR define in port_before.h.
358. [port] Updated IRIX port.
357. [port] Added support for QNX.
356. [func] Added -u (set user id), -g (set group id), and
-t (chroot) command line options to 'named'.
355. [func] If getnetconf() fails because it can't create the
socket used to get the interface list, the server
will log an error if it is doing a periodic interface
scan, and panic otherwise. Previous versions of the
server always panicked.
354. [security] Bounds checking in named-xfer, dig, host, and nslookup
had problems similar to those in item 293. Added a
few more bounds checks to the server.
353. [port] Paths are no longer overridden in port_after.h, and
are now generated from the various DEST paths in
Makefile.set.
352. [bug] Because of problems with setting an infinite rlim_max
for RLIMIT_NOFILE on some systems, previous versions
of the server implemented "limit files unlimited" by
setting the limit to the value returned by
sysconf(_SC_OPEN_MAX). The server will now use
RLIM_INFINITY on systems which allow it.
351. [port] Updated HP/UX 10.x port.
350. [bug] errno could be changed by certain signal handlers.
These signal handlers now save errno on entry
and restore it on exit. This changes eliminates the
need for the SPURIOUS_ECHILD #define.
349. [bug] hesiod.h wasn't installed.
348. [port] Added support for LynxOS.
347. [bug] res_update() leaked the zone section it allocated.
This leak no longer occurs on normal returns, but
still occurs when there is an abnormal return. This
will be addressed in a future fix.
346. [bug] Fix 303 fixed one thing and broke another, resulting
in a nonfunctional grscan().
345. [bug] Fix 328 was bad, causing the root zone to be purged
every time a toplevel domain was reloaded.
344. [bug] The priming fix in change 330 erroneously called
unsched() twice, causing a core dump if priming
failed. The priming fix could also erroneously
query [0.0.0.0].0.
343. [bug] The REQUIRE() in free_rrecp() was wrong, and was
triggered by an unapproved update.
342. [port] Added support for SCO UNIX 3.2v5.0.4.
--- 8.1.2-T2A released ---
341. [port] The LOG_CONS option to openlog() does not work as
documented on some systems. The server will now use
LOG_CONS only if USE_LOG_CONS is defined by the
port. Currently the bsdos, decunix, freebsd, linux,
and netbsd ports define USE_LOG_CONS.
340. [bug] The pid file was updated before the configuration
file had been read.
339. [port] #define HAVE_GETRUSAGE for Solaris >= 2.5.
338. [func] 'host' can now print AAAA records.
337. [bug] rm_datum() erroneously set dp->d_next to NULL
when savedpp wasn't NULL. Given a dynamic update
operation that deleted more than one RR, this bug
would cause all but one of the RRs to be leaked, and
would prevent correct rollback if the update failed.
336. [bug] Make sure 's' isn't negative in res_send(). This
shouldn't happen, but there have been some reports
suggesting it can happen.
335. [lint] Cleaned up more gcc warnings.
334. [port] Added support for HP-UX 9.x.
333. [bug] db_glue.c didn't compile if DEBUG wasn't defined.
332. [bug] named-bootconf.pl didn't convert secondary lines
that didn't contain a filename correctly.
331. [bug] If the server was configured with forwarders (but
not in forward-only mode), and a query ran out of
forwarders and had no nameservers, then the server
would erroneously forward the request to [0.0.0.0].0.
330. [bug] If priming of the root servers failed, recovery could
take a long time. If using forwarders to prime
and the query expired, the first forwarder would
always be skipped on subsequent attempts. The server
complained about priming problems in forward-only mode,
even though it doesn't matter.
329. [port] Some versions of Linux apparently need SPURIOUS_ECHILD.
328. [bug] purge_zone() didn't recurse if given the root zone,
causing old data and new data for the root zone to be
merged.
327. [func] Add log_check() and log_check_channel().
326. [func] Add r_prev field to ns_updrec in <arpa/nameser.h>.
325. [bug] Rollback of a failed dynamic update was done in FIFO
order instead of LIFO order.
324. [bug] evTryAccept() closed the wrong fd if getsockname()
failed.
323. [bug] eventlib didn't clear bits that had been serviced
or deselected out of ctx->{rd,wr,ex}Last.
322. [bug] evDestroy() destroyed the files list before destroying
the streams list. If there were any active streams,
this would cause a double destroy of the streams'
file objects, very likely triggering an 'insist'.
321. [bug] The correct error code for a failed asynchronous
connect was not reported. It now is, at least on
systems that have the SO_ERROR socket option.
320. [func] Allow multiple pending accepts. evTryAccept() now
reports the errno if an error was queued.
319. [bug] The toplevel Makefile passed MARGS before $settings,
which prevented overriding a port's Makefile.set
from the command line.
318. [bug] The Solaris port_after.h checked for SUNOS_2_5_1
instead of SUNOS_5_5_1.
317. [unused] [This change number was allocated but not used.]
316. [bug] evTryAccept() didn't append to the done list correctly
if connLast wasn't NULL.
315. [bug] The dynamic update code was incorrectly converted to
clean up ns_updrec structures using the new clustered
memory allocator, and this would cause an 'insist' to
be triggered some time after a dynamic update had
been processed. Instead of freeing the ns_updrec
fields directly in ns_update.c, res_freeupdrec() was
added to the resolver.
314. [bug] Adding and then deleting an RR in a single dynamic
update request would crash the server.
313. [bug] The nameserver would only try zone transfers from
the master that answered its SOA query. If a master
for some reason can answer the SOA but not the AXFR,
the other masters (if any) should be tried.
312. [security] Bounds checking in the resolver and dynamic update
code had problems similar to those in item 293.
Added more checks to ns_resp.c.
311. [bug] The s_wbuf in the qstream structure was leaked in
certain zone transfer failures.
310. [bug] If the server ran out of memory in ns_xfr(), the
subsequent connection cleanup could modify the
z_numxfrs field of zone 0 instead of the zone being
transferred, causing an 'insist' to be triggered later.
309. [bug] NAMELEN() could return a negative length.
308. [func] Don't log ECONNRESET in stream_getlen().
307. [bug] include/isc/assertions.h and include/isc/list.h
weren't installed.
306. [bug] Timewarping into the future would cause repeating
timers to generate an event for every interval between
the previous time and the new time. Repeating timers
are now rescheduled based on the last event time, not
their due time. Idle timers now use the last event
time to compute the idle interval instead of the due
time.
305. [bug] The BOUNDS_CHECK() for the 5 32-bit integers in the
SOA RR was wrong.
304. [bug] lib/isc/assertions.c and lib/isc/memcluster.c did not
follow the port_{before/after}.h convention.
memcluster.c #included eventlib.h but did not need it.
--- 8.1.2-T1A released ---
303. [bug] 'bp' in grscan() in lib/irs/lcl_gr.c was incorrectly
validated, potentially causing corrupt data to be read.
302. [port] #define HAVE_GETRUSAGE for Solaris >= 2.5.1.
301. [port] Added support for Solaris 2.6.
300. [bug] The space for the pathname of named-xfer in the
options block leaked.
299. [bug] <irs.h> wasn't in the include directory, and wasn't
included before "port_after.h".
298. [func] Added "deallocate-on-exit" and "memstatistics-file"
options. If deallocate-on-exit is "yes", the server
will painstakingly deallocate every object it
allocated. This is slower than letting the OS clean
things up, but is helpful in detecting memory leaks.
297. [port] GNU libc 2.0 doesn't have <nlist.h> so in the
Linux port we now provide a stub nlist.h that
includes the real nlist.h if GNU libc < 2.0 and
does nothing if >= 2.0.
296. [bug] "make stdlinks" didn't "mkdir /var/obj" if /var/obj
didn't exist.
295. [bug] Specifying a query-source with and address and port
that the server was listening to didn't work.
294. [security] The server was willing to answer queries on its
forwarding sockets.
293. [security] rrextract() did insufficient bounds checking which
could cause it to crash the server by reading from
an invalid memory location.
292. [bug] The server sometimes leaked the flushset (ns_resp.c).
291. [bug] The server did not detect oversized UDP packets,
causing useless retries.
290. [bug] free_listen_info_list() leaked the IP matching lists;
the leak occurred when the config file was reloaded.
289. [bug] [This bug number was allocated for something that
turned out not to be a bug.]
288. [func] Add new list and assertion code to the ISC library.
287. [bug] "dig +sort" doesn't do anything, but was mentioned
in dig's usage message, as well as in the man page.
286. [bug] Some systems have a default FD_SETSIZE much smaller
than the number of files that can be opened. This
could cause problems in the resolver and eventlib.
FD_SETSIZE may now be set in
port/*/include/fd_setsize.h.
285. [bug] If OS probing failed to match any of the supported
ports, the build would try to continue with BSD 4.4
settings, with poor results in most situations. An
error message is now printed if probing fails.
284. [func] The interface list is now doubly-linked.
283. [bug] The server would panic if binding to an interface that
it had discovered failed. Simply not listening to
the interface is a better solution.
282. [bug] The nslookup Makefile didn't prefix DESTHELP with
DESTDIR when setting DEFS.
281. [bug] A socket() called in ns_main.c used PF_INET instead
of AF_INET.
280. [bug] The sample named.conf used "clean-interval" instead of
"cleaning-interval".
279. [bug] Some panic() messages in the IP matching code in
ns_config.c were wrong.
278. [bug] Setting an interval to zero (e.g. interface-interval)
eventually caused random timer destruction.
277. [bug] ns_panic() used "args" twice, but only called
va_start() and va_end() once.
276. [bug] nslookup's "ls" command always listed all records
instead of behaving the way its man page describes.
275. [bug] add_related_additional() leaked memory if the name
was already in the related array.
274. [bug] If a timer was cleared while in executing its callback,
and a new non-repeating timer was created afterwards
(but still in the callback), the new timer was
erroneously destroyed when the callback completed.
273. [func] Added transfer-source and host-statistics options.
272. [func] The zone number is now unsigned, allowing up to
65536 zones instead of the previous limit of 32768.
271. [func] Added evDefer().
270. [bug] The meaning of the count returned by select() varies
somewhat by operating system. Under certain
circumstances, this confused eventlib's accounting and
caused the server to spin.
269. [func] Added evLastEventTime().
268. [bug] Connections weren't cleaned up when the eventlib
context was destroyed.
267. [func] Added evTimeRW() and evUntimeRW() to control idle timer
usage in the eventlib streams module.
266. [func] Added file descriptor table to ev_files.c to improve
performance of evSelect() and evDeselect().
265. [func] Added evHold(), evUnhold(), and evTryAccept().
264. [func] Double-link many eventlib lists to allow faster
removal of list elements.
263. [bug] Remember the previous non-blocking status of
sockets given to evListen().
262. [func] Added idle timers to eventlib.
261. [func] Added clustered memory allocator to eventlib; eventlib
and named now use this allocator.
260. [func] The value of FD_SETSIZE that eventlib uses can be
set by changing include/fd_setsize.h.
259. [bug] Notification of hosts on the also-notify list stopped
after the first successful notification.
--- 8.1.1 released ---
258. [bug] Setting SO_SNDLOWAT to 0 in ns_xfr() wasn't doing
what it was intended to do, and could trigger a
kernel bug on various systems derived from BSD 4.4.
257. [bug] In lib/irs/dns_ho.c, variable needsort was used in
addrsort() before it was initialized.
256. [func] Ignore ECHILD from select() if SPURIOUS_ECHILD is
defined.
255. [bug] The contents of libport.a needed to be in libbind.a.
libport.a has been removed.
254. [install] Install library and .h files under /usr/local/bind
instead of /usr/local. When the include files were
in /usr/local/include, some compilers would
automatically use them. The clients would typically
not link with -lbind, causing unresolved symbols at
link time.
253. [port] Removed change 216.
252. [port] Added port for UnixWare 2.0.x.
251. [doc] Added a documentation on installing to non-default
locations.
250. [bug] The Makefiles for the binaries didn't create the
installation target directories if they didn't exist.
249. [bug] Change HAS_SA_LEN to HAVE_SA_LEN in the AIX 4 port.
248. [security] The server now caches only those response records
that are within the current query domain.
247. [bug] Forwarding of dynamic update requests sent to a
slave for the zone is broken. This will be fixed
in a future release, but in the meantime the server
will simply refuse the request. Cleaned up the
way some update code indicated that the request should
be refused.
--- 8.1.1-T2B released ---
246. [bug] process_prereq() could core dump if the name being
processed wasn't known.
245. [bug] It was possible to evSelectFD the same event bits
on the same fd more than once.
244. [bug] eventlib didn't decrement fdCount correctly if the
eventmask matched in multiple descriptor sets.
243. [lint] Improved comment in stale().
242. [port] Added port for OpenBSD.
241. [bug] evConnect() didn't evDeselect() the fd if connect()
failed, which would cause us to call select() with
a mask that included a closed file. select() would
then return EBADF and trigger an 'insist'.
240. [bug] evCancelConn() closed the fd.
239. [port] SunOS doesn't supply RAND_MAX.
238. [bug] fakeaddr() called inet_aton() which wasn't strict
enough. inet_pton() is now used.
237. [port] Added UnixWare 2.1.2 port.
236. [bug] The buffer in res_querydomain could overflow.
235. [bug] Fixed memory allocation problems in lib/irs/nis_gr.c.
234. [bug] evDeselectFD didn't restore the fd's previous
nonblocking status correctly.
233. [func] Define SPURIOUS_ECHILD in Solaris port. Don't
complain about getting ECHILD from recvfrom() if
SPURIOUS_ECHILD is defined.
232. [func] named-bootconf.pl now supplies a commented out
query-source directive and instructions to use it
if there's a firewall involved.
231. [bug] Changed a few strdup() calls in rrextract() into
savestr() calls. This prevents "related" checking
from being turned off if the server runs out of
memory.
230. [bug] If the query control structure was reset in ns_resp.c,
we leaked the memory used for the previous
qp->q_domain.
229. [func] Added the "dump-file" and "statistics-file" options.
228. [bug] named.conf called "statistics-interval"
"stats-interval".
227. [func] demoted "zones changed" and "zones shrunk" messages
in tryxfer() to debug level 3.
--- 8.1.1-T1A released ---
226. [bug] evCancelConn trashed the connections list if the
first element was removed. This could cause a
seg fault or trigger an 'insist'.
225. [bug] In the "cannot redefine listen-on for port ..."
error message, the port was not converted to host
byte order before being printed.
224. [port] Added port for AIX 4.
223. [bug] The dynamic update routine findzone() didn't match
class, so if you had two zones with the same name
but different classes (e.g. IN and HS), then
the wrong allow-update ACL could be used, and the
wrong zone could be updated.
222. [bug] If a dynamic master zone was updated and then was made
non-dynamic by removing the allow-update ACL or
changing it to "none" before the zone had been dumped,
then the master file would not reflect the update.
221. [func] added 'also-notify'.
220. [func] revised HAVE_GETRUSAGE ifdefs in ns_config.c. The
"cannot set resource limits on this system" message
on systems without HAVE_GETRUSAGE will now be logged
once per options block, and the message severity is
now "info" instead of "warning".
219. [bug] If the root name was encoded in a message using a
compression pointer, dn_expand() would erroneously
return "." as the name instead of "".
218. [bug] when gethostans() in dns_ho.c encountered a CNAME
while processing a PTR query, it erroneously required
that the CNAME target pass the res_hnok() test (i.e.
that it be an RFC 952 hostname).
217. [bug] dnsquery didn't work because it tried to use the
obsolete and broken p_query() call instead of
fp_nquery().
216. [port] set SH=bash in port/freebsd/Makefile.set.
215. [port] #define ts_sec and ts_nsec to tv_sec and tv_nsec
respectively in port/freebsd/include/port_before.h.
214. [bug] the clarification TTL changes (see change 145 below)
set the SOA minimum field to zero if the MSB was set.
The server now leaves the SOA RR alone, but sets
z_minimum to zero if the MSB is set.
213. [bug] if the SOA refresh or retry fields of a slave zone
were 0, an 'insist' would be triggered when zone
maintenance was performed. The server still leaves
the SOA RR alone, but now imposes a minimum value for
z_refresh and z_retry.
212. [func] added the clean-interval, interface-interval, and
statistics-interval options.
211. [func] scan for new or deleted interfaces periodically.
210. [func] the _PATH_DUMPFILE default is now "named_dump.db".
209. [bug] <isc/eventlib.h> and <isc/logging.h> were #included
after port_after.h. They are now #included before
it, since they #include system header files.
ns_lexer.h was #including <stdio.h> and ns_parseutil.h.
Now it #includes neither one. These changes required
that the definition of struct timespec be moved from
port_after.h to port_before.h in the ULTRIX, SunOS,
and A/UX ports.
208. [port] removed HAVE_GETRUSAGE from the Solaris port, since
Solaris only has it if a Berkeley compatibility
package is installed.
207. [bug] abortxfer() always used SIGKILL, which didn't give
named-xfer a chance to clean up after itself. Now
abortxfer() does a SIGTERM first. If the SIGTERM isn't
successful, it will use SIGKILL.
206. [bug] If two zones with the same name but different classes
(e.g. IN and HS) were defined, then a zone transfer
of whichever zone loaded first would work normally,
but a zone transfer of the second would give only the
NS and SOA RRs.
205. [bug] certain operating systems (notably Solaris) return
error codes the server didn't expect, and thus
treated as fatal to the interface. More error codes
are now recognized. The server will now log
unrecognized errors, but will not delete the
interface. Certain error results from recvfrom() and
accept() now panic the server.
204. [bug] stub zone transfers would fail if there were no
NS records in the SOA response. The stub logic
now works as intended and has more error checking.
203. [bug] we logged a failure of bind() in opensocket_d()
twice.
202. [port] Linux defines AF_INET6 as 10, so we use that value
in port/linux/include/port_after.h.
201. [bug] library Makefiles want to press on if linking of
an individual module fails. The 'ld' rule was
set up to do this, but the subsequent 'mv' rule
was not, causing the make to stop if the 'ld' failed.
Now the 'mv' is done only if the 'ld' succeeds.
200. [bug] the value of timeout.tv_sec was printed in SendRequest
(bin/nslookup/send.c). select() on some systems
(such as Linux) modifies the value of the timeout, so
printing it is useless since it will always be 0.
199. [func] if s is too big for FD_SETSIZE in res_send, complain
and try another nameserver.
198. [bug] sysnotify() was too strict in requiring an NS RR
for the server named in the SOA MNAME field. RFCs
1996 and 2136 say the NS RR is optional.
197. [bug] The parser erroneously freed zone_name if a zone
redefinition was attempted. This would cause the
server to dump core if a zone appeared more than
once in a configuration file.
196. [bug] Makefiles below port/*/include had "fi \" followed
by "done" on the next line. This made bash 2.0
unhappy. The "fi" is now followed by a ";".
195. [port] ULTRIX's sh doesn't like an empty "for x in ..." list,
and that was causing "make install" to fail in
the src/port/ultrix/include/rpc directory.
194. [port] add SH variable to toplevel Makefile, document the
need to use SH=bash on systems where /bin/sh is
derived from "ash".
193. [bug] named-bootconf.pl could repeat end-of-line comments
192. [bug] ndc was being installed in DESTBIN instead of
DESTSBIN.
191. [bug] block delivery of all other signals when in SIGTERM
handler in named-xfer.
190. [bug] named-bootconf.pl didn't handle non-masked xfrnets
correctly if the network was class B or class C.
--- 8.1-REL released ---
189. [port] update to the port/sco50 directory rcvd from author.
188. [func] to avoid potentially confusing log messages, don't
set Z_DYNAMIC if "allow-update { none; };" is
specified in the config file.
187. [bug] a panic() in new_ip_match_mask() erroneously
referred to the function as "new_ip_match_pattern".
186. [bug] transfers-in couldn't be set higher than the default.
It may now be set as high as 20.
185. [doc] add a stub example to named.conf.
184. [bug] the usage message was out-of-date.
183. [port] some systems don't define AF_INET6, so we
define it if necessary in all port_after.h
--- 8.1-T5B released ---
182. [bug] fix the way bindname is allocated in hesiod_to_bind().
181. [bug] MAXHOSTNAMELEN wasn't defined on Solaris.
180. [bug] a check for zptr != NULL in res_update was wrong. It
should have been zptr == NULL.
179. [bug] sq_remove() and sq_done() were calling ns_freexfr()
when any stream was removed, resulting in a panic
when the server was reloaded. ns_freexfr() is now
only called when a zone transfer stream is removed.
--- 8.1-T4B released ---
178. [bug] if the server was reloaded and then a zone was
deleted and the server reloaded again, all within
a short period of time, then pending NOTIFY messages
would cause the server to panic when they ran.
177. [lint] replaced BUFSIZ with a more appropriate size in
several places.
176. [func] change MAXDATA to 2*MAXDNAME + 5*INT32SZ.
175. [security] libirs now limits hostnames to MAXHOSTNAMELEN
characters.
174. [bug] we called ns_refreshtime() instead of ns_retrytime()
in the Z_NEED_RELOAD|Z_NEED_XFER|Z_QSERIAL case in
zone_maint().
173. [bug] the server didn't clear the Z_NEED_RELOAD flag in
zoneinit().
172. [bug] if a server was a slave for a zone, and an outbound
transfer ever hung or terminated unusually, regular
zone maintenance would cease for the zone.
171. [port] work around a bug in the Digital UNIX 4.0B SIOCGIFCONF
ioctl.
170. [func] the message logged when a zone is loaded now
indicates the class of the zone.
169. [func] the message logged when a zone is removed now
indicates both the type and class of the zone.
168. [bug] if a zone's type changed from master to slave on a
server reload, the server erroneously deleted the
new zone data as part of cleaning up the old zone
data.
167. [func] when converting from wire format to printable format,
represent special characters ".;\@$ by escaping them
with \ instead of converting them to \DDD.
166. [bug] when a slave zone expired, it was not scheduled for
immedidate maintenance.
165. [port] added port for SCO OSE 5.0.2, renamed port for
SCO UNIX 3.2v4.2.
164. [func] created the "response-checks" logging category.
163. [port] don't define AF_INET6 in nameser_compat.h.
162. [bug] the server panicked if a dynamic update request
was sent for a dynamic zone which had not loaded
because of syntax errors in the master file. The
server now returns NOTAUTH.
161. [bug] debugging messages in process_prereq() referred to
process_updates() instead of process_prereq().
160. [bug] hp was not reset after a realloc() in named-xfer.c
159. [bug] named-bootconf.pl didn't translate stub zones.
158. [lint] cast a number of "no effect" statements to void so
that gcc doesn't complain when invoked with
-Wall -W -Wno-unused
157. [lint] a number of uses of the %lu printf() format were
converted to %u; the corresponding casts to u_long
were removed.
156. [lint] converted z_deferupdcnt and z_updatecnt from int to
u_int32_t.
155. [func] maint_interval is now gone; SOA sanity checking
related to it is gone too.
154. [bug] in named-xfer, unsigned 32-bit integers were
sometimes stored in signed 32-bit variables and then
printed using a cast to u_long and printf() format
%lu. This would cause problems on 64-bit systems if
the MSB of the 32-bit integer was set. The variable
declarations have been changed to u_int32_t, and the
printf format is now %u.
153. [bug] log_open_stream() had two syslogs that said the
failing function was log_vwrite() instead of
log_open_stream().
152. [lint] made class, type, and dlen in rrextract() and
named-xfer.c/print_output() u_int16_t.
151. [bug] the server was incrementing nssSentFErr in the
formerr: code in ns_resp.c even though it wasn't
sending FORMERR to anyone.
150. [func] in "check-names response fail" mode, instead of
just dropping a failing response, we now send
REFUSED to the client and drop the query.
149. [bug] if there wasn't a space between the SOA minimum value
and a following ')' in a master file, the server
would generate an error when it tried to parse the
minimum value, causing the zone load to fail.
148. [func] the list of supported syslog facilities has been
increased; the following facilities may now be used,
provided they're available on the system 'named' is
being built on: kern, user, mail, daemon, auth,
syslog, lpr, news, uucp, cron, authpriv, ftp,
local[0-7].
147. [bug] the maybe_syslog_facility, logging_opt,
channel_severity, address_name, key_ref, key_stmt,
acl_stmt, zone_stmt, optional_class, and size_spec
rules in the parser either leaked memory or could
leak memory.
146. [func] if an RR set in a reply differed from an RR set in
the cache only in the TTL, we would not update the
TTL of the RR set in the cache. We now update this
TTL to that of the reply RR set if the reply RR set's
TTL is greater.
145. [func] follow the direction of the clarification draft and
treat TTLs as unsigned 32-bit integers, with a
maximum value of 2^31 - 1. TTLs greater than the
maximum will be converted to 0. A warning will
be issued if this conversion occurs while loading
a master zone or during inbound zone transfer.
144. [func] "dig version.bind. txt chaos" now returns only
the version number (e.g. "8.1-T4B").
143. [lint] fixed various mismatches between printf() format
string components and their corresponding
arguments.
142. [lint] SendRequest_close() in nslookup/send.c had a return
type of int instead of void.
141. [port] converted bcopy() to memcpy() or memmove() as
appropriate.
140. [bug] certain buffer size checking comparisons in
rdata_expand() weren't working because they were
checking to see if an unsigned value was < 0.
139. [func] convert a few address comparisons from == to using
ina_equal().
138. [bug] an address comparison used in marking a server as
bad was done incorrectly in ns_resp.c because the
comparison used = instead of ==.
137. [lint] cleaned up warnings caused by assignment used as
truth-value in various source files.
136. [func] changed eventlib-related INSIST statements into
INSIST_ERR, so that we can print out strerror(errno).
135. [lint] replaced _getshort() with ns_get16() and _getlong()
with ns_get32() in various source files.
134. [lint] findzone() and rdata_expand() were used before
they were declared in ns_update.c, and were not
declared static.
133. [lint] merge_logs() was not declared in ns_func.h.
132. [lint] Linux port_after.h didn't declare daemon(). We now
do so, but only if GNU libc < 2.0.
131. [lint] set_boolean_option() was not declared in ns_func.h.
130. [lint] yyparse() was not declared in ns_parser.y.
129. [lint] ns_lexer.h didn't declare lexer_end_file().
128. [lint] db_dump.c, db_lookup.c, db_update.c, db_glue.c,
db_save.c, ns_ncache.c, ns_req.c, ns_stats.c, and
ns_xfr.c didn't #include <string.h>
127. [lint] logging.c, ev_connects.c, ns_maint.c, ns_glue.c,
ns_update.c, dig/dig.c, nslookup/list.c,
nslookup/send.c, host/host.c, and
dnsquery/dnsquery.c didn't #include <unistd.h>.
126. [lint] res_update.c, heap.c, db_load.c, db_save.c, db_glue.c,
ns_lexer.c, ns_forw.c, ns_maint.c, ns_req.c,
ns_stats.c, ns_xfr.c, ns_glue.c, ns_config.c,
ns_update.c, host/host.c, nslookup/list.c, and
nslookup/getinfo.c didn't #include <stdlib.h>.
125. [lint] res_mkupdate.c, ns_update.c, nsupdate.c, ns_print.c,
didn't #include <ctype.h>.
124. [port] replaced bcmp() with memcmp().
123. [func] while not required, it's nice to preserve the order
of RRs as received when ROUND_ROBIN isn't on, so
we now do so.
122. [bug] under certain improbable conditions, the server
could erroneously set a maintenance timer for a
master zone. When the timer went off, it would
trigger the INSIST() in zone_maint().
121. [port] replaced bzero() with memset().
120. [func] added multiple-cnames option.
119. [bug] the timeout: code in ns_resp.c didn't clean up TCP
connections.
118. [port] added port for IRIX 5.3, 6.2, 6.4
117. [bug] removed declaration of getnum_error from db_load.c,
since it is now declared in ns_glob.h.
116. [bug] GNU libc 2.0 doesn't have a <net/route.h>, so in the
Linux port we now provide a stub net/route.h that
includes the real <net/route.h> if GNU libc < 2.0 and
does nothing if >= 2.0.
115. [func] on Linux systems, avoid an often unnecessary 'ranlib'
and the subsequent relinking of all binaries by using
the 's' flag of 'ar'.
114. [bug] 'make install' didn't work on HP/UX because the
path to the install script was wrong in many cases.
113. [bug] named-xfer didn't clean up properly when sent SIGTERM.
112. [bug] named-xfer didn't clean up properly if an error
occured in print_output().
111. [func] added "max-transfer-time-in" option. The server
used to allow a maximum of 2 hours for an inbound
zone transfer to complete. This time can now be
set globally or on a per-zone basis. The parameter
is the number of minutes a transfer can take.
110. [func] moved declaration of d_ns in struct databuf to improve
structure alignment.
109. [bug] addname() in ns_print.c didn't write an "@" for RRs
that contained a domain name which was the same as
the zone origin (it wrote nothing).
108. [bug] the server didn't check for EINTR in readable() and
writable() in ev_streams.c.
107. [bug] check for both EWOULDBLOCK and EAGAIN after certain
system calls instead of using PORT_WOULDBLK. This
fixes partial zone transfer problems reported on
Sun systems.
106. [bug] db_load() couldn't read SOAs with ( ) that were only
one line.
105. [bug] fixed typo in Linux Makefile.set MANROFF definition.
104. [func] move various rrset debugging messages, rm_datum, and
nsfree messages to debug level 3. Moved a few rrset
debugging messages to debug level 2.
103. [bug] d_rcnt could overflow; to prevent this it has been
increased to 32 bits. d_mark was made unsigned and
decreased to 12 bits.
102. [func] added macro DRCNTDEC to go along with DRCNTINC.
101. [bug] clean_cache() didn't count deleted RRs, so it
always reported "Cleaned cache of 0 RRs".
100. [bug] heap_for_each() didn't return a status, and didn't
check for a NULL context or a NULL action.
heap_element() didn't set errno to EINVAL when
given invalid arguments.
99. [bug] the category rule in the parser leaked memory.
98. [bug] "notify" was not recognized as a valid category
name.
97. [security] zone access control wasn't applied correctly to
names that didn't exist, allowing an attacker to
determine whether or not a given name exists in a
zone.
96. [bug] we didn't recognize certain non-fatal errno values
when recvfrom() failed; this would result in us
dropping an interface unnecessarily.
--- 8.1-T3B released ---
95. [bug] named-bootconf.pl didn't process xfrnets correctly
(if no netmask was specifed, it assumed a mask of
255.255.255.255 instead of the natural netmask for
the class of the address).
94. [bug] named-bootconf.pl didn't handle lines ending in a
comment.
93. [bug] if rename() failed in merge_logs(), we would return
garbage instead of -1.
92. [bug] writemsg() in named-xfer.c was returning a random
value instead of the number of bytes written.
91. [bug] schedretry() could set retry times in the past
because it was relying on 'tt' which hadn't been
updated. It now calls gettime(&tt).
90. [bug] 'tt' might not have been current when clean_cache()
was called.
89. [bug] ns_lexer.h didn't #include <ctype.h>
88. [cleanup] removed some relics of the early days of BIND 8's
new logging system from the parser and ns_config.c.
87. [bug] when writing to a TCP socket, the server didn't
handle errors from the write() correctly. Under the
right circumstances, this will cause the server to
spin. The most common trigger would be a large
outbound zone transfer where the far end died.
86. [cleanup] fixed comment in dig.c that messed up font-lock mode
in emacs.
85. [bug] inet_lnaof, inet_makeaddr, inet_netof, and
inet_network were missing from lib/inet.
84. [func] improved log_channel creation and use by making the
type more opaque. The logging API provides a more
complete set of services. Added the LOG_CHANNEL_OFF
flag.
83. [func] removed statistics_channel; it wasn't being used.
82. [lint] a few handler functions were declared as
void (*)() instead of void (*)(void). All now have
the latter declaration.
81. [port] added port for A/UX 3.1.1.
80. [port] added port for SCO UNIX 3.2v4.2.
79. [bug] when processsing slave zones during a config file
reload, in the "backup file changed" (or missing)
case we were calling purge_zone() and do_reload()
even if we had never successfully transferred and
loaded the zone.
78. [cleanup] moved writemsg() to named-xfer.c.
77. [cleanup] removed doupdate() from ns_resp.c.
76. [bug] writev() in lib/bsd would keep going if there was
a partial write; this could cause incorrect output.
75. [func] added readv() to lib/bsd.
74. [bug] if evConnect() failed in tcp_send() we were aborting
the server instead of just returning an error.
73. [port] automatically fix getgrgid() declaration in ULTRIX
4.5 grp.h.
72. [func] make port/*/Makefile invoke SUBDIR make in
include. Add/modify include and include/sys
Makefiles.
71. [port] added utimes() to lib/bsd.
70. [doc] README broken up into INSTALL, TODO, port/README.
Added more info about many topics.
69. [bug] NOTIFY didn't handle an unknown NS target. E.g.
if we had "test.domain NS unknown.name" and
"unknown.name" was not known, NOTIFY wasn't doing an
"A" query for "unknown.name".
68. [lint] tweaks to ERR() and OK() in eventlib_p.h.
67. [bug] 'ch' in main() was a char instead of an int.
66. [bug] in bin/named/Makefile, pathnames wasn't getting
linked with ${LIBBIND}, ${LIBPORT}, and ${SYSLIBS}.
65. [port] automatically fix timespec in BSD/OS 2.1 includes.
64. [func] lib/isc/heap.c now includes port_before.h and
port_after.h. Fix 58 (below) has been undone;
with port_after.h we'll now use __ansi_realloc()
from Fix 59.
63. [bug] STRIP and PS were missing from MARGS in bin/Makefile.
62. [func] RRs in the additional data section must relate to
RRs in the answer and authority sections. Only
certain RR types are allowed in the authority and
additional data sections.
61. [bug] Dynamic update didn't understand SRV records.
60. [bug] SRV records weren't decoded properly.
--- 8.1-T3A released ---
59. [bug] The IRS library also wanted an ANSI C realloc().
port/sunos now provides __ansi_realloc().
58. [bug] SunOS didn't like heap.c doing realloc() on a NULL
pointer (in ANSI C that is equivalent to malloc()),
so we malloc() instead.
57. [bug] interface discovery complained about bogus
interfaces on ULTRIX, SunOS, and HP/UX because
SIOCGIFCONF_ADDR wasn't defined in their port_after.h.
56. [API] created lib/nameser/ns_name.c and moved a lot of the
functionality from lib/resolv/res_comp.c into it.
functions older than 8.1 were stubbed out, but new
functions from 8.1 were just renamed/removed.
55. [bug] findzone in ns_update wasn't ignoring z_nil zones.
54. [bug] if the named-xfer exec() failed, a misleading message
was printed.
53. [bug] interface discovery didn't work on NetBSD because
HAVE_SA_LEN wasn't defined in port_after.h.
52. [func] log the host we got a NOTIFY message from
51. [bug] we weren't sending out NOTIFY messages if the SOA
was changed as the result of a dynamic update.
50. [bug] req_notify() wasn't calling sched_zone_maint() after
it called qserial_query().
49. [bug] initial_{data,stack,core}_size and initial_num_files
weren't in an #ifdef HAVE_GETRUSAGE block.
48. [func] use sysconf(_SC_OPEN_MAX) instead of getdtablesize()
in all cases when USE_POSIX is defined.
47. [bug] printupdatelog() was printing the post-update serial
number in the zone section instead of the pre-update
serial number.
46. [bug] zp->z_serial wasn't being updated if a dynamic update
changed the zone serial number.
45. [bug] the SEQ_GT test in db_update was backwards.
44. [func] merge_logs() didn't work because a 'break' wasn't
removed when class and type lookups were converted
to sym_ston.
43. [func] evResetTimer() added to eventlib.
42. [bug] incr_serial() doesn't need to call schedule_dump().
41. [bug] reset_retrytimer() could clear a timer that had
already been cleared.
40. [bug] some zone data structures weren't freed if the zone
was removed.
39. [func] The eventlib timers module now uses a heap to
implement the timer queue.
38. [bug] dynamic zones weren't dumped if they were removed
from the configuration file.
37. [func] created the "load" logging category.
36. [func] find_zone now uses a hash table instead of a linear
search.
35. [bug] we weren't scheduling a retry for dumps or soa serial
increments that failed.
34. [func] instead of doing all NOTIFY messages five seconds after
loading completes, we now spread them out over up
to fifteen minutes (the maximum delay depends on how
many zones there are).
33. [func] if there are too many qserials running, we'll try
again in five to thirty seconds.
32. [bug] z_dumptime wasn't getting set to zero after a
zone dump.
31. [func] Each zone now has a maintenance timer. sched_maint()
is gone. The new programming rule: if you change
zp->z_time, it's your reponsibility to ensure
sched_zone_maint(zp) gets called.
30. [func] short circuit PrintTimers evPrintfs if not debugging
at a level where PrintTimers would print something.
29. [bug] if a log message with a non-default category was
logged to a default category channel which had
print-category on, "default" was printed instead
of the category name.
28. [func] the performance of the main loop has been improved.
27. [bug] NOTIFY messages weren't being delayed after a
zone load.
26. [bug] the eventlib category wasn't working if the channel
wasn't the default debugging channel.
25. [func] added the "maintenance" logging category.
24. [func] periodic statistics dumps are now done using an
eventlib timer instead of in ns_maint().
23. [bug] names which have multiple CNAME records are illegal,
but the server was allowing them.
22. [func] convert to POSIX signals from eventlib signal handling;
the eventlib API no longer provides signal support.
21. [func] converted assert() to INSIST() so that the logging
system (category "insist") will be used if a
consistency check fails.
20. [bug] the server could exit when it shouldn't, and without
leaving a message or a core file, because it wasn't
handling SIGPIPE.
19. [port] Solaris has trouble if the size of the buffer used for
IP_OPTIONS processing isn't 40 bytes.
18. [bug] library Makefiles we were using 'ld' instead
of ${LD}. Added LD_LIBFLAGS.
17. [bug] on at least one OS, ctime() can return NULL and
this can cause problems. We now call checked_ctime()
in ns_glue.c, which returns "<unknown time>\n" if
ctime() fails.
16. [bug] some signal handlers were calling library routines
which POSIX does not designate as safe for use by
signal handlers.
15. [func] finished conversion to new options scheme of
name checking and inbound zone transfer parameters.
14. [func] added os_change_directory().
13. [bug] write_open() in ns_config.c wasn't checking if the
file was regular before unlinking.
12. [func] added "os" logging category.
11. [bug] named-bootconf.pl used the deprecated channel name
"default" instead of "default_syslog".
10. [bug] named-bootconf.pl didn't understand continuation lines.
9. [bug] remove -p from mkdep command in Makefiles for
bin/named and bin/nslookup.
8. [bug] add CDEBUG to Makefiles that link using ${CC}.
7. [bug] timestamp and level were printed twice for file
channels in lib/isc/logging.c.
6. [bug] off by one with on level_text subscript in
lib/isc/logging.c.
5. [bug] broken channels sometimes weren't marked as broken
in lib/isc/logging.c.
4. [bug] didn't set foundname=0 after try_again: in ns_resp.c.
3. [bug] update_pid_file() didn't put a newline after the pid.
2. [func] minor log message tweaks in ns_config.c.
1. [bug] zone names needed to be canonicalized in the parser.
--- 8.1-T2B released ---