diff options
author | cvs2git | 2004-12-18 23:01:27 (GMT) |
---|---|---|
committer | cvs2git | 2012-06-24 12:13:13 (GMT) |
commit | 24e67dd48de327a21070b419196301afef1a8022 (patch) | |
tree | 9d696a7188a0a4758d5c1fa5767b4bdc7615fff5 | |
parent | acdb7d00e156bcc489904e3a100144a9d1556c73 (diff) | |
download | bind-24e67dd48de327a21070b419196301afef1a8022.zip bind-24e67dd48de327a21070b419196301afef1a8022.tar.gz |
This commit was manufactured by cvs2git to create tag 'bind-9_2_4-1_2'.bind-9_2_4-1_2
Sprout from master 2004-09-24 11:21:06 UTC hawk <hawk@pld-linux.org> '- updated for bind 9.2.4'
Cherrypick from master 2003-07-06 18:44:30 UTC Arkadiusz Miśkiewicz <arekm@maven.pl> '- another broken init script :-( ankry, fix them':
named.init -> 1.24
Cherrypick from master 2004-12-18 22:57:36 UTC hawk <hawk@pld-linux.org> '- patch for bind 9.2.4 to make it working when its used with IPv6 only':
bind-destaddr.patch -> 1.1
Cherrypick from RA-branch 2004-12-18 23:01:27 UTC hawk <hawk@pld-linux.org> '- added patch fixing the problem with clients destination address finding':
bind.spec -> 1.171.2.6
Delete:
bind-chroot-ndc.patch
bind-fds.patch
bind-host.patch
bind-mkdep.patch
bind-nonlist.patch
bind-pidfile.patch
bind-probe_ipv6.patch
bind-pselect.patch
bind-res_randomid.patch
bind-sdb-ldap.patch
bind9-openssl.patch
host_991529+.diff
named-chroot.init
named.conf
resolver.5
utils-holelogd-linux.patch
-rw-r--r-- | bind-chroot-ndc.patch | 79 | ||||
-rw-r--r-- | bind-destaddr.patch | 44 | ||||
-rw-r--r-- | bind-fds.patch | 43 | ||||
-rw-r--r-- | bind-host.patch | 10 | ||||
-rw-r--r-- | bind-mkdep.patch | 120 | ||||
-rw-r--r-- | bind-nonlist.patch | 15 | ||||
-rw-r--r-- | bind-pidfile.patch | 15 | ||||
-rw-r--r-- | bind-probe_ipv6.patch | 12 | ||||
-rw-r--r-- | bind-pselect.patch | 15 | ||||
-rw-r--r-- | bind-res_randomid.patch | 10 | ||||
-rw-r--r-- | bind-sdb-ldap.patch | 717 | ||||
-rw-r--r-- | bind.spec | 52 | ||||
-rw-r--r-- | bind9-openssl.patch | 30 | ||||
-rw-r--r-- | host_991529+.diff | 206 | ||||
-rw-r--r-- | named-chroot.init | 92 | ||||
-rw-r--r-- | named.conf | 65 | ||||
-rw-r--r-- | named.init | 3 | ||||
-rw-r--r-- | resolver.5 | 224 | ||||
-rw-r--r-- | utils-holelogd-linux.patch | 39 |
19 files changed, 65 insertions, 1726 deletions
diff --git a/bind-chroot-ndc.patch b/bind-chroot-ndc.patch deleted file mode 100644 index 46eb5bf..0000000 --- a/bind-chroot-ndc.patch +++ /dev/null @@ -1,79 +0,0 @@ ---- bind-8.2.3/src/bin/ndc/pathnames.h Mon Jan 29 19:39:52 2001 -+++ bind-8.2.3-p/src/bin/ndc/pathnames.h Mon Jan 29 19:36:34 2001 -@@ -21,58 +21,62 @@ - - #include <paths.h> - -+#ifndef _CHROOTDIR -+#define _CHROOTDIR "/var/lib/named/chroot" -+#endif -+ - #ifndef _PATH_CONF --#define _PATH_CONF "/etc/named.conf" -+#define _PATH_CONF _CHROOTDIR "/etc/named.conf" - #endif - - #ifndef _PATH_DEBUG --#define _PATH_DEBUG "named.run" -+#define _PATH_DEBUG _CHROOTDIR "/var/tmp/named.run" - #endif - - #ifndef _PATH_DUMPFILE --#define _PATH_DUMPFILE "named_dump.db" -+#define _PATH_DUMPFILE _CHROOTDIR "/var/tmp/named_dump.db" - #endif - - #ifndef _PATH_NAMED --#define _PATH_NAMED "/usr/sbin/named" -+#define _PATH_NAMED _CHROOTDIR "/usr/sbin/named" - #endif - - #ifndef _PATH_PIDFILE --#define _PATH_PIDFILE "/var/run/named.pid" -+#define _PATH_PIDFILE _CHROOTDIR "/var/run/named.pid" - #endif - - #ifndef _PATH_NDCSOCK - #ifdef NEED_SECURE_DIRECTORY --#define _PATH_NDCSOCK "/var/run/ndc.d/ndc" -+#define _PATH_NDCSOCK _CHROOTDIR "/var/run/ndc.d/ndc" - #else --#define _PATH_NDCSOCK "/var/run/ndc" -+#define _PATH_NDCSOCK _CHROOTDIR "/var/run/ndc" - #endif - #endif - - #ifndef _PATH_STATS --#define _PATH_STATS "named.stats" -+#define _PATH_STATS _CHROOTDIR "/var/tmp/named.stats" - #endif - - #ifndef _PATH_MEMSTATS --#define _PATH_MEMSTATS "named.memstats" -+#define _PATH_MEMSTATS _CHROOTDIR "/var/tmp/named.memstats" - #endif - - #ifndef _PATH_TMPXFER --#define _PATH_TMPXFER "xfer.ddt.XXXXXX" -+#define _PATH_TMPXFER _CHROOTDIR "/var/tmp/xfer.ddt.XXXXXX" - #endif - - #ifndef _PATH_XFER --#define _PATH_XFER "/usr/sbin/named-xfer" -+#define _PATH_XFER _CHROOTDIR "/usr/sbin/named-xfer" - #endif - - #ifndef _PATH_XFERTRACE --#define _PATH_XFERTRACE "xfer.trace" -+#define _PATH_XFERTRACE _CHROOTDIR "/var/tmp/xfer.trace" - #endif - - #ifndef _PATH_XFERDDT --#define _PATH_XFERDDT "xfer.ddt" -+#define _PATH_XFERDDT _CHROOTDIR "/var/tmp/xfer.ddt" - #endif - - #ifndef _PATH_DEVNULL --#define _PATH_DEVNULL "/dev/null" -+#define _PATH_DEVNULL _CHROOTDIR "/dev/null" - #endif diff --git a/bind-destaddr.patch b/bind-destaddr.patch new file mode 100644 index 0000000..a32287a --- /dev/null +++ b/bind-destaddr.patch @@ -0,0 +1,44 @@ +diff -ur bind-9.2.4.orig/bin/named/client.c bind-9.2.4/bin/named/client.c +--- bind-9.2.4.orig/bin/named/client.c Fri Jul 23 04:56:59 2004 ++++ bind-9.2.4/bin/named/client.c Sat Dec 18 19:56:38 2004 +@@ -1299,35 +1299,15 @@ + } + + /* +- * Determine the destination address. For TCP/IPv6, we get this from +- * the receiving socket. For UDP/IPv6, we get it from the pktinfo +- * structure (if supported). For IPv4, we have to do with ++ * Determine the destination address. For IPv6, we get this from the ++ * pktinfo structure (if supported). For IPv4, we have to make do with + * the address of the interface where the request was received. + */ + if (client->interface->addr.type.sa.sa_family == AF_INET6) { +- result = ISC_R_FAILURE; +- +- if (TCP_CLIENT(client)) { +- isc_sockaddr_t destsockaddr; +- +- result = isc_socket_getsockname(client->tcpsocket, +- &destsockaddr); +- if (result == ISC_R_SUCCESS) +- isc_netaddr_fromsockaddr(&destaddr, +- &destsockaddr); +- } +- if (result != ISC_R_SUCCESS && +- (client->attributes & NS_CLIENTATTR_PKTINFO) != 0) { ++ if ((client->attributes & NS_CLIENTATTR_PKTINFO) != 0) + isc_netaddr_fromin6(&destaddr, &client->pktinfo.ipi6_addr); +- result = ISC_R_SUCCESS; +- } +- if (result != ISC_R_SUCCESS) { +- UNEXPECTED_ERROR(__FILE__, __LINE__, +- "failed to get request's " +- "destination: %s", +- isc_result_totext(result)); +- goto cleanup; +- } ++ else ++ isc_netaddr_any6(&destaddr); + } else { + isc_netaddr_fromsockaddr(&destaddr, &client->interface->addr); + } diff --git a/bind-fds.patch b/bind-fds.patch deleted file mode 100644 index 54a3404..0000000 --- a/bind-fds.patch +++ /dev/null @@ -1,43 +0,0 @@ ---- bind-8.1.2/src/lib/isc/eventlib.c~ Fri Mar 20 18:26:24 1998 -+++ bind-8.1.2/src/lib/isc/eventlib.c Wed Jan 6 17:44:03 1999 -@@ -290,9 +290,9 @@ - evPrintf(ctx, 4, - "pselect(%d, 0x%lx, 0x%lx, 0x%lx, %d.%09ld)\n", - ctx->fdMax+1, -- (u_long)ctx->rdLast.fds_bits[0], -- (u_long)ctx->wrLast.fds_bits[0], -- (u_long)ctx->exLast.fds_bits[0], -+ __FDS_BITS(&ctx->rdLast)[0], -+ __FDS_BITS(&ctx->wrLast)[0], -+ __FDS_BITS(&ctx->exLast)[0], - tp ? tp->tv_sec : -1, - tp ? tp->tv_nsec : -1); - ---- bind-8.1.2/src/lib/isc/ev_files.c~ Thu Feb 5 20:53:52 1998 -+++ bind-8.1.2/src/lib/isc/ev_files.c Wed Jan 6 17:46:18 1999 -@@ -139,9 +139,9 @@ - evPrintf(ctx, 5, - "evSelectFD(fd %d, mask 0x%x): new masks: 0x%lx 0x%lx 0x%lx\n", - fd, eventmask, -- (u_long)ctx->rdNext.fds_bits[0], -- (u_long)ctx->wrNext.fds_bits[0], -- (u_long)ctx->exNext.fds_bits[0]); -+ __FDS_BITS(&ctx->rdNext)[0], -+ __FDS_BITS(&ctx->wrNext)[0], -+ __FDS_BITS(&ctx->exNext)[0]); - - return (0); - } -@@ -250,9 +250,9 @@ - evPrintf(ctx, 5, - "evDeselectFD(fd %d, mask 0x%x): new masks: 0x%lx 0x%lx 0x%lx\n", - del->fd, eventmask, -- (u_long)ctx->rdNext.fds_bits[0], -- (u_long)ctx->wrNext.fds_bits[0], -- (u_long)ctx->exNext.fds_bits[0]); -+ __FDS_BITS(&ctx->rdNext)[0], -+ __FDS_BITS(&ctx->wrNext)[0], -+ __FDS_BITS(&ctx->exNext)[0]); - - /* Couldn't free it before now since we were using fields out of it. */ - FREE(del); diff --git a/bind-host.patch b/bind-host.patch deleted file mode 100644 index f4de8e5..0000000 --- a/bind-host.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- bind-8.2/src/bin/host/host.c.host Mon Jan 11 16:15:38 1999 -+++ bind-8.2/src/bin/host/host.c Wed Mar 31 10:51:54 1999 -@@ -1310,6 +1310,7 @@ - - amtToRead = len; - cp = buf.qb2; -+ if (amtToRead > NS_PACKETSZ) amtToRead=NS_PACKETSZ; - while (amtToRead > 0 && - (numRead = read(sockFD, cp, amtToRead)) > 0) { - cp += numRead; diff --git a/bind-mkdep.patch b/bind-mkdep.patch deleted file mode 100644 index 0b81fa0..0000000 --- a/bind-mkdep.patch +++ /dev/null @@ -1,120 +0,0 @@ -diff -ur src.old/lib/bsd/Makefile src/lib/bsd/Makefile ---- src.old/lib/bsd/Makefile Mon Feb 22 03:47:57 1999 -+++ src/lib/bsd/Makefile Mon May 24 15:24:40 1999 -@@ -79,7 +79,7 @@ - -rmdir ${THREADED} - - depend: FRC -- mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} -+ ../../port/linux/bin/mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} - - links: FRC - @set -e; ln -s SRC/*.[ch] . -diff -ur src.old/lib/cylink/Makefile src/lib/cylink/Makefile ---- src.old/lib/cylink/Makefile Mon Feb 22 03:47:57 1999 -+++ src/lib/cylink/Makefile Mon May 24 15:24:58 1999 -@@ -81,7 +81,7 @@ - -rmdir ${THREADED} - - depend: FRC -- mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} -+ ../../port/linux/bin/mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} - - links: FRC - @set -e; ln -s SRC/*.[ch] . -diff -ur src.old/lib/dnssafe/Makefile src/lib/dnssafe/Makefile ---- src.old/lib/dnssafe/Makefile Tue Feb 23 06:26:59 1999 -+++ src/lib/dnssafe/Makefile Mon May 24 15:24:13 1999 -@@ -98,7 +98,7 @@ - -rmdir ${THREADED} - - depend: FRC -- mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} -+ ../../port/linux/bin/mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} - - links: FRC - @set -e; ln -s SRC/*.[ch] . -diff -ur src.old/lib/dst/Makefile src/lib/dst/Makefile ---- src.old/lib/dst/Makefile Sun Mar 7 10:33:47 1999 -+++ src/lib/dst/Makefile Mon May 24 15:25:19 1999 -@@ -83,7 +83,7 @@ - -rmdir ${THREADED} - - depend: FRC -- mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} -+ ../../port/linux/bin/mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} - - links: FRC - @set -e; ln -s SRC/*.[ch] SRC/*.pl . -diff -ur src.old/lib/inet/Makefile src/lib/inet/Makefile ---- src.old/lib/inet/Makefile Wed Mar 3 09:07:16 1999 -+++ src/lib/inet/Makefile Mon May 24 15:27:19 1999 -@@ -80,7 +80,7 @@ - - - depend: FRC -- mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} -+ ../../port/linux/bin/mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} - - links: FRC - @set -e; ln -s SRC/*.[ch] . -diff -ur src.old/lib/irs/Makefile src/lib/irs/Makefile ---- src.old/lib/irs/Makefile Mon Feb 22 03:47:58 1999 -+++ src/lib/irs/Makefile Mon May 24 15:27:48 1999 -@@ -100,7 +100,7 @@ - -rmdir ${THREADED} - - depend: FRC -- mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} -+ ../../port/linux/bin/mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} - - links: FRC - @set -e; ln -s SRC/*.[ch] . -diff -ur src.old/lib/isc/Makefile src/lib/isc/Makefile ---- src.old/lib/isc/Makefile Mon Feb 22 03:47:58 1999 -+++ src/lib/isc/Makefile Mon May 24 15:28:15 1999 -@@ -82,7 +82,7 @@ - -rmdir ${THREADED} - - depend: FRC -- mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} -+ ../../port/linux/bin/mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} - - links: FRC - @set -e; ln -s SRC/*.[ch] . -diff -ur src.old/lib/nameser/Makefile src/lib/nameser/Makefile ---- src.old/lib/nameser/Makefile Mon Feb 22 03:47:59 1999 -+++ src/lib/nameser/Makefile Mon May 24 15:28:32 1999 -@@ -75,7 +75,7 @@ - -rmdir ${THREADED} - - depend: FRC -- mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} -+ ../../port/linux/bin/mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} - - links: FRC - @set -e; ln -s SRC/*.[ch] . -diff -ur src.old/lib/resolv/Makefile src/lib/resolv/Makefile ---- src.old/lib/resolv/Makefile Mon Feb 22 03:47:59 1999 -+++ src/lib/resolv/Makefile Mon May 24 15:28:50 1999 -@@ -79,7 +79,7 @@ - -rmdir ${THREADED} - - depend: FRC -- mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} -+ ../../port/linux/bin/mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} - - links: FRC - @set -e; ln -s SRC/*.[ch] . -diff -ur src.old/port/linux/Makefile src/port/linux/Makefile ---- src.old/port/linux/Makefile Mon Feb 22 03:48:02 1999 -+++ src/port/linux/Makefile Mon May 24 15:22:43 1999 -@@ -67,7 +67,7 @@ - rm -f *.${O} *.BAK *.CKP *~ - - depend:: FRC -- mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} -+ bin/mkdep -I${INCL} -I${PORTINCL} ${CPPFLAGS} ${SRCS} - - links: FRC - @set -e; ln -s SRC/*.[ch] SRC/bin SRC/Makefile.set SRC/probe . diff --git a/bind-nonlist.patch b/bind-nonlist.patch deleted file mode 100644 index 6a791bc..0000000 --- a/bind-nonlist.patch +++ /dev/null @@ -1,15 +0,0 @@ ---- src/bin/named/ns_udp.c.nonlist Wed Jun 10 03:54:37 1998 -+++ src/bin/named/ns_udp.c Wed Jun 10 03:57:14 1998 -@@ -34,7 +34,11 @@ - #include <ctype.h> - #include <errno.h> - #include <netdb.h> --#include <nlist.h> -+ -+#if defined(CHECK_UDP_SUM) || defined(FIX_UDP_SUM) -+#include <libelf/nlist.h> -+#endif -+ - #include <resolv.h> - #include <stdio.h> - #include <syslog.h> diff --git a/bind-pidfile.patch b/bind-pidfile.patch deleted file mode 100644 index 60ffdbb..0000000 --- a/bind-pidfile.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff -urN bind-8.2.2_P5.org/src/bin/named/ns_config.c bind-8.2.2_P5/src/bin/named/ns_config.c ---- bind-8.2.2_P5.org/src/bin/named/ns_config.c Tue Nov 9 00:09:42 1999 -+++ bind-8.2.2_P5/src/bin/named/ns_config.c Wed Feb 2 17:30:14 2000 -@@ -1445,8 +1445,10 @@ - return (NULL); - } - -+ /* If file isn't our or named is running as root */ -+ if ((geteuid() == 0) || (geteuid() != sb.st_uid)) - (void)unlink(filename); -- fd = open(filename, O_WRONLY|O_CREAT|O_EXCL, -+ fd = open(filename, O_WRONLY|O_CREAT|O_TRUNC, - S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH); - if (fd < 0) - return (NULL); diff --git a/bind-probe_ipv6.patch b/bind-probe_ipv6.patch deleted file mode 100644 index 7c68cd0..0000000 --- a/bind-probe_ipv6.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -urN src.orig/port/linux/include/Makefile src/port/linux/include/Makefile ---- src.orig/port/linux/include/Makefile Tue May 18 08:42:52 1999 -+++ src/port/linux/include/Makefile Mon Aug 2 18:32:26 1999 -@@ -68,7 +68,7 @@ - all depend:: port_ipv6.h - - port_ipv6.h: FRC -- probe_ipv6 -+ ../bin/probe_ipv6 - - distclean:: clean - diff --git a/bind-pselect.patch b/bind-pselect.patch deleted file mode 100644 index 43ab757..0000000 --- a/bind-pselect.patch +++ /dev/null @@ -1,15 +0,0 @@ ---- src/lib/isc/eventlib.c Sat Mar 21 00:26:24 1998 -+++ src.orig/lib/isc/eventlib.c Sat Dec 5 17:43:14 1998 -@@ -42,7 +42,11 @@ - #include "port_after.h" - - /* Forward. */ -- -+#if ((__GLIBC__ == 2) && (__GLIBC_MINOR__ >= 1)) -+#include <sys/select.h> /* Another piece of shit from glibc guys ...;(( */ -+#undef NEED_PSELECT -+#endif /* glibc-2.1 */ -+ - #ifdef NEED_PSELECT - static int pselect(int, void *, void *, void *, struct timespec*); - #endif diff --git a/bind-res_randomid.patch b/bind-res_randomid.patch deleted file mode 100644 index 1b2ec71..0000000 --- a/bind-res_randomid.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- bind-chroot-8.2.2_P5/src/lib/resolv/res_init.c.orig Sun Jan 9 12:47:08 2000 -+++ bind-chroot-8.2.2_P5/src/lib/resolv/res_init.c Sun Jan 9 12:55:35 2000 -@@ -92,6 +92,7 @@ - #include <unistd.h> - - #include "port_after.h" -+#undef res_randomid - - /* Options. Should all be left alone. */ - #define RESOLVSORT diff --git a/bind-sdb-ldap.patch b/bind-sdb-ldap.patch deleted file mode 100644 index 1049c2b..0000000 --- a/bind-sdb-ldap.patch +++ /dev/null @@ -1,717 +0,0 @@ -diff -urN bind-9.2.3-orig/bin/named/Makefile.in bind-9.2.3/bin/named/Makefile.in ---- bind-9.2.3-orig/bin/named/Makefile.in 2001-05-31 18:45:00.000000000 -0600 -+++ bind-9.2.3/bin/named/Makefile.in 2003-11-16 14:52:51.000000000 -0700 -@@ -26,10 +26,10 @@ - # - # Add database drivers here. - # --DBDRIVER_OBJS = --DBDRIVER_SRCS = -+DBDRIVER_OBJS = ldapdb.@O@ -+DBDRIVER_SRCS = ldapdb.c - DBDRIVER_INCLUDES = --DBDRIVER_LIBS = -+DBDRIVER_LIBS = -lldap -llber -lresolv - - CINCLUDES = -I${srcdir}/include -I${srcdir}/unix/include \ - ${LWRES_INCLUDES} ${DNS_INCLUDES} \ -diff -urN bind-9.2.3-orig/bin/named/include/ldapdb.h bind-9.2.3/bin/named/include/ldapdb.h ---- bind-9.2.3-orig/bin/named/include/ldapdb.h 1969-12-31 17:00:00.000000000 -0700 -+++ bind-9.2.3/bin/named/include/ldapdb.h 2003-11-16 14:52:51.000000000 -0700 -@@ -0,0 +1,6 @@ -+#include <isc/types.h> -+ -+isc_result_t ldapdb_init(void); -+ -+void ldapdb_clear(void); -+ -diff -urN bind-9.2.3-orig/bin/named/ldapdb.c bind-9.2.3/bin/named/ldapdb.c ---- bind-9.2.3-orig/bin/named/ldapdb.c 1969-12-31 17:00:00.000000000 -0700 -+++ bind-9.2.3/bin/named/ldapdb.c 2003-11-16 14:52:51.000000000 -0700 -@@ -0,0 +1,552 @@ -+/* -+ * ldapdb.c version 0.9 -+ * -+ * Copyright (C) 2002 Stig Venaas -+ * -+ * Permission to use, copy, modify, and distribute this software for any -+ * purpose with or without fee is hereby granted, provided that the above -+ * copyright notice and this permission notice appear in all copies. -+ */ -+ -+/* -+ * If you are using an old LDAP API uncomment the define below. Only do this -+ * if you know what you're doing or get compilation errors on ldap_memfree(). -+ */ -+/* #define RFC1823API */ -+ -+#include <config.h> -+ -+#include <string.h> -+#include <stdio.h> -+#include <stdlib.h> -+#include <ctype.h> -+ -+#include <isc/mem.h> -+#include <isc/print.h> -+#include <isc/result.h> -+#include <isc/util.h> -+#include <isc/thread.h> -+ -+#include <dns/sdb.h> -+ -+#include <named/globals.h> -+#include <named/log.h> -+ -+#include <ldap.h> -+#include "ldapdb.h" -+ -+/* -+ * A simple database driver for LDAP -+ */ -+ -+/* enough for name with 8 labels of max length */ -+#define MAXNAMELEN 519 -+ -+static dns_sdbimplementation_t *ldapdb = NULL; -+ -+struct ldapdb_data { -+ char *hostport; -+ char *hostname; -+ int portno; -+ char *base; -+ int defaultttl; -+ char *filterall; -+ int filteralllen; -+ char *filterone; -+ int filteronelen; -+ char *filtername; -+}; -+ -+/* used by ldapdb_getconn */ -+ -+struct ldapdb_entry { -+ void *index; -+ size_t size; -+ void *data; -+ struct ldapdb_entry *next; -+}; -+ -+static struct ldapdb_entry *ldapdb_find(struct ldapdb_entry *stack, -+ const void *index, size_t size) { -+ while (stack != NULL) { -+ if (stack->size == size && !memcmp(stack->index, index, size)) -+ return stack; -+ stack = stack->next; -+ } -+ return NULL; -+} -+ -+static void ldapdb_insert(struct ldapdb_entry **stack, -+ struct ldapdb_entry *item) { -+ item->next = *stack; -+ *stack = item; -+} -+ -+static void ldapdb_lock(int what) { -+ static isc_mutex_t lock; -+ -+ switch (what) { -+ case 0: -+ isc_mutex_init(&lock); -+ break; -+ case 1: -+ LOCK(&lock); -+ break; -+ case -1: -+ UNLOCK(&lock); -+ break; -+ } -+} -+ -+/* data == NULL means cleanup */ -+static LDAP ** -+ldapdb_getconn(struct ldapdb_data *data) -+{ -+ static struct ldapdb_entry *allthreadsdata = NULL; -+ struct ldapdb_entry *threaddata, *conndata; -+ unsigned long threadid; -+ -+ if (data == NULL) { -+ /* cleanup */ -+ /* lock out other threads */ -+ ldapdb_lock(1); -+ while (allthreadsdata != NULL) { -+ threaddata = allthreadsdata; -+ free(threaddata->index); -+ while (threaddata->data != NULL) { -+ conndata = threaddata->data; -+ free(conndata->index); -+ if (conndata->data != NULL) -+ ldap_unbind((LDAP *)conndata->data); -+ threaddata->data = conndata->next; -+ free(conndata); -+ } -+ allthreadsdata = threaddata->next; -+ free(threaddata); -+ } -+ ldapdb_lock(-1); -+ return (NULL); -+ } -+ -+ /* look for connection data for current thread */ -+ threadid = isc_thread_self(); -+ threaddata = ldapdb_find(allthreadsdata, &threadid, sizeof(threadid)); -+ if (threaddata == NULL) { -+ /* no data for this thread, create empty connection list */ -+ threaddata = malloc(sizeof(*threaddata)); -+ if (threaddata == NULL) -+ return (NULL); -+ threaddata->index = malloc(sizeof(threadid)); -+ if (threaddata->index == NULL) { -+ free(threaddata); -+ return (NULL); -+ } -+ *(unsigned long *)threaddata->index = threadid; -+ threaddata->size = sizeof(threadid); -+ threaddata->data = NULL; -+ -+ /* need to lock out other threads here */ -+ ldapdb_lock(1); -+ ldapdb_insert(&allthreadsdata, threaddata); -+ ldapdb_lock(-1); -+ } -+ -+ /* threaddata points at the connection list for current thread */ -+ /* look for existing connection to our server */ -+ conndata = ldapdb_find((struct ldapdb_entry *)threaddata->data, -+ data->hostport, strlen(data->hostport)); -+ if (conndata == NULL) { -+ /* no connection data structure for this server, create one */ -+ conndata = malloc(sizeof(*conndata)); -+ if (conndata == NULL) -+ return (NULL); -+ (char *)conndata->index = data->hostport; -+ conndata->size = strlen(data->hostport); -+ conndata->data = NULL; -+ ldapdb_insert((struct ldapdb_entry **)&threaddata->data, -+ conndata); -+ } -+ -+ return (LDAP **)&conndata->data; -+} -+ -+static void -+ldapdb_bind(struct ldapdb_data *data, LDAP **ldp) -+{ -+ if (*ldp != NULL) -+ ldap_unbind(*ldp); -+ *ldp = ldap_open(data->hostname, data->portno); -+ if (*ldp == NULL) -+ return; -+ if (ldap_simple_bind_s(*ldp, NULL, NULL) != LDAP_SUCCESS) { -+ ldap_unbind(*ldp); -+ *ldp = NULL; -+ } -+} -+ -+static isc_result_t -+ldapdb_search(const char *zone, const char *name, void *dbdata, void *retdata) -+{ -+ struct ldapdb_data *data = dbdata; -+ isc_result_t result = ISC_R_NOTFOUND; -+ LDAP **ldp; -+ LDAPMessage *res, *e; -+ char *fltr, *a, **vals, **names; -+ char type[64]; -+#ifdef RFC1823API -+ void *ptr; -+#else -+ BerElement *ptr; -+#endif -+ int i, j, errno, msgid; -+ -+ ldp = ldapdb_getconn(data); -+ if (ldp == NULL) -+ return (ISC_R_FAILURE); -+ if (*ldp == NULL) { -+ ldapdb_bind(data, ldp); -+ if (*ldp == NULL) { -+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, -+ "LDAP sdb zone '%s': bind failed", zone); -+ return (ISC_R_FAILURE); -+ } -+ } -+ -+ if (name == NULL) { -+ fltr = data->filterall; -+ } else { -+ if (strlen(name) > MAXNAMELEN) { -+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, -+ "LDAP sdb zone '%s': name %s too long", zone, name); -+ return (ISC_R_FAILURE); -+ } -+ sprintf(data->filtername, "%s))", name); -+ fltr = data->filterone; -+ } -+ -+ msgid = ldap_search(*ldp, data->base, LDAP_SCOPE_SUBTREE, fltr, NULL, 0); -+ if (msgid == -1) { -+ ldapdb_bind(data, ldp); -+ if (*ldp != NULL) -+ msgid = ldap_search(*ldp, data->base, LDAP_SCOPE_SUBTREE, fltr, NULL, 0); -+ } -+ -+ if (*ldp == NULL || msgid == -1) { -+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, -+ "LDAP sdb zone '%s': search failed, filter %s", zone, fltr); -+ return (ISC_R_FAILURE); -+ } -+ -+ /* Get the records one by one as they arrive and return them to bind */ -+ while ((errno = ldap_result(*ldp, msgid, 0, NULL, &res)) != LDAP_RES_SEARCH_RESULT ) { -+ LDAP *ld = *ldp; -+ int ttl = data->defaultttl; -+ -+ /* not supporting continuation references at present */ -+ if (errno != LDAP_RES_SEARCH_ENTRY) { -+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, -+ "LDAP sdb zone '%s': ldap_result returned %d", zone, errno); -+ ldap_msgfree(res); -+ return (ISC_R_FAILURE); -+ } -+ -+ /* only one entry per result message */ -+ e = ldap_first_entry(ld, res); -+ if (e == NULL) { -+ ldap_msgfree(res); -+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, -+ "LDAP sdb zone '%s': ldap_first_entry failed", zone); -+ return (ISC_R_FAILURE); -+ } -+ -+ if (name == NULL) { -+ names = ldap_get_values(ld, e, "relativeDomainName"); -+ if (names == NULL) -+ continue; -+ } -+ -+ vals = ldap_get_values(ld, e, "dNSTTL"); -+ if (vals != NULL) { -+ ttl = atoi(vals[0]); -+ ldap_value_free(vals); -+ } -+ -+ for (a = ldap_first_attribute(ld, e, &ptr); a != NULL; a = ldap_next_attribute(ld, e, ptr)) { -+ char *s; -+ -+ for (s = a; *s; s++) -+ *s = toupper(*s); -+ s = strstr(a, "RECORD"); -+ if ((s == NULL) || (s == a) || (s - a >= (signed int)sizeof(type))) { -+#ifndef RFC1823API -+ ldap_memfree(a); -+#endif -+ continue; -+ } -+ -+ strncpy(type, a, s - a); -+ type[s - a] = '\0'; -+ vals = ldap_get_values(ld, e, a); -+ if (vals != NULL) { -+ for (i = 0; vals[i] != NULL; i++) { -+ if (name != NULL) { -+ result = dns_sdb_putrr(retdata, type, ttl, vals[i]); -+ } else { -+ for (j = 0; names[j] != NULL; j++) { -+ result = dns_sdb_putnamedrr(retdata, names[j], type, ttl, vals[i]); -+ if (result != ISC_R_SUCCESS) -+ break; -+ } -+ } -+; if (result != ISC_R_SUCCESS) { -+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, -+ "LDAP sdb zone '%s': dns_sdb_put... failed for %s", zone, vals[i]); -+ ldap_value_free(vals); -+#ifndef RFC1823API -+ ldap_memfree(a); -+ if (ptr != NULL) -+ ber_free(ptr, 0); -+#endif -+ if (name == NULL) -+ ldap_value_free(names); -+ ldap_msgfree(res); -+ return (ISC_R_FAILURE); -+ } -+ } -+ ldap_value_free(vals); -+ } -+#ifndef RFC1823API -+ ldap_memfree(a); -+#endif -+ } -+#ifndef RFC1823API -+ if (ptr != NULL) -+ ber_free(ptr, 0); -+#endif -+ if (name == NULL) -+ ldap_value_free(names); -+ -+ /* cleanup this result */ -+ ldap_msgfree(res); -+ } -+ -+ return (result); -+} -+ -+ -+/* callback routines */ -+static isc_result_t -+ldapdb_lookup(const char *zone, const char *name, void *dbdata, -+ dns_sdblookup_t *lookup) -+{ -+ return ldapdb_search(zone, name, dbdata, lookup); -+} -+ -+static isc_result_t -+ldapdb_allnodes(const char *zone, void *dbdata, -+ dns_sdballnodes_t *allnodes) -+{ -+ return ldapdb_search(zone, NULL, dbdata, allnodes); -+} -+ -+static char * -+unhex(char *in) -+{ -+ static const char hexdigits[] = "0123456789abcdef"; -+ char *p, *s = in; -+ int d1, d2; -+ -+ while ((s = strchr(s, '%'))) { -+ if (!(s[1] && s[2])) -+ return NULL; -+ if ((p = strchr(hexdigits, tolower(s[1]))) == NULL) -+ return NULL; -+ d1 = p - hexdigits; -+ if ((p = strchr(hexdigits, tolower(s[2]))) == NULL) -+ return NULL; -+ d2 = p - hexdigits; -+ *s++ = d1 << 4 | d2; -+ memmove(s, s + 2, strlen(s) - 1); -+ } -+ return in; -+} -+ -+ -+ -+static void -+free_data(struct ldapdb_data *data) -+{ -+ if (data->hostport != NULL) -+ isc_mem_free(ns_g_mctx, data->hostport); -+ if (data->hostname != NULL) -+ isc_mem_free(ns_g_mctx, data->hostname); -+ if (data->filterall != NULL) -+ isc_mem_put(ns_g_mctx, data->filterall, data->filteralllen); -+ if (data->filterone != NULL) -+ isc_mem_put(ns_g_mctx, data->filterone, data->filteronelen); -+ isc_mem_put(ns_g_mctx, data, sizeof(struct ldapdb_data)); -+} -+ -+ -+static isc_result_t -+ldapdb_create(const char *zone, int argc, char **argv, -+ void *driverdata, void **dbdata) -+{ -+ struct ldapdb_data *data; -+ char *s, *filter = NULL; -+ int defaultttl; -+ -+ UNUSED(driverdata); -+ -+ /* we assume that only one thread will call create at a time */ -+ /* want to do this only once for all instances */ -+ -+ if ((argc < 2) -+ || (argv[0] != strstr( argv[0], "ldap://")) -+ || ((defaultttl = atoi(argv[1])) < 1)) -+ return (ISC_R_FAILURE); -+ data = isc_mem_get(ns_g_mctx, sizeof(struct ldapdb_data)); -+ if (data == NULL) -+ return (ISC_R_NOMEMORY); -+ -+ memset(data, 0, sizeof(struct ldapdb_data)); -+ data->hostport = isc_mem_strdup(ns_g_mctx, argv[0] + strlen("ldap://")); -+ if (data->hostport == NULL) { -+ free_data(data); -+ return (ISC_R_NOMEMORY); -+ } -+ -+ data->defaultttl = defaultttl; -+ -+ s = strchr(data->hostport, '/'); -+ if (s != NULL) { -+ *s++ = '\0'; -+ data->base = s; -+ /* attrs, scope, filter etc? */ -+ s = strchr(s, '?'); -+ if (s != NULL) { -+ *s++ = '\0'; -+ /* ignore attributes */ -+ s = strchr(s, '?'); -+ if (s != NULL) { -+ *s++ = '\0'; -+ /* ignore scope */ -+ s = strchr(s, '?'); -+ if (s != NULL) { -+ *s++ = '\0'; -+ /* filter */ -+ filter = s; -+ s = strchr(s, '?'); -+ if (s != NULL) { -+ *s++ = '\0'; -+ } -+ if (*filter == '\0') { -+ filter = NULL; -+ } -+ } -+ } -+ } -+ if (*data->base == '\0') { -+ data->base = NULL; -+ } -+ -+ if ((data->base != NULL && unhex(data->base) == NULL) || (filter != NULL && unhex(filter) == NULL)) { -+ free_data(data); -+ isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR, -+ "LDAP sdb zone '%s': bad hex values", zone); -+ return (ISC_R_FAILURE); -+ } -+ } -+ -+ /* compute filterall and filterone once and for all */ -+ if (filter == NULL) { -+ data->filteralllen = strlen(zone) + strlen("(zoneName=)") + 1; -+ data->filteronelen = strlen(zone) + strlen("(&(zoneName=)(relativeDomainName=))") + MAXNAMELEN + 1; -+ } else { -+ data->filteralllen = strlen(filter) + strlen(zone) + strlen("(&(zoneName=))") + 1; -+ data->filteronelen = strlen(filter) + strlen(zone) + strlen("(&(zoneName=)(relativeDomainName=))") + MAXNAMELEN + 1; -+ } -+ -+ data->filterall = isc_mem_get(ns_g_mctx, data->filteralllen); -+ if (data->filterall == NULL) { -+ free_data(data); -+ return (ISC_R_NOMEMORY); -+ } -+ data->filterone = isc_mem_get(ns_g_mctx, data->filteronelen); -+ if (data->filterone == NULL) { -+ free_data(data); -+ return (ISC_R_NOMEMORY); -+ } -+ -+ if (filter == NULL) { -+ sprintf(data->filterall, "(zoneName=%s)", zone); -+ sprintf(data->filterone, "(&(zoneName=%s)(relativeDomainName=", zone); -+ } else { -+ sprintf(data->filterall, "(&%s(zoneName=%s))", filter, zone); -+ sprintf(data->filterone, "(&%s(zoneName=%s)(relativeDomainName=", filter, zone); -+ } -+ data->filtername = data->filterone + strlen(data->filterone); -+ -+ /* support URLs with literal IPv6 addresses */ -+ data->hostname = isc_mem_strdup(ns_g_mctx, data->hostport + (*data->hostport == '[' ? 1 : 0)); -+ if (data->hostname == NULL) { -+ free_data(data); -+ return (ISC_R_NOMEMORY); -+ } -+ -+ if (*data->hostport == '[' && -+ (s = strchr(data->hostname, ']')) != NULL ) -+ *s++ = '\0'; -+ else -+ s = data->hostname; -+ s = strchr(s, ':'); -+ if (s != NULL) { -+ *s++ = '\0'; -+ data->portno = atoi(s); -+ } else -+ data->portno = LDAP_PORT; -+ -+ *dbdata = data; -+ return (ISC_R_SUCCESS); -+} -+ -+static void -+ldapdb_destroy(const char *zone, void *driverdata, void **dbdata) { -+ struct ldapdb_data *data = *dbdata; -+ -+ UNUSED(zone); -+ UNUSED(driverdata); -+ -+ free_data(data); -+} -+ -+static dns_sdbmethods_t ldapdb_methods = { -+ ldapdb_lookup, -+ NULL, /* authority */ -+ ldapdb_allnodes, -+ ldapdb_create, -+ ldapdb_destroy -+}; -+ -+/* Wrapper around dns_sdb_register() */ -+isc_result_t -+ldapdb_init(void) { -+ unsigned int flags = -+ DNS_SDBFLAG_RELATIVEOWNER | -+ DNS_SDBFLAG_RELATIVERDATA | -+ DNS_SDBFLAG_THREADSAFE; -+ -+ ldapdb_lock(0); -+ return (dns_sdb_register("ldap", &ldapdb_methods, NULL, flags, -+ ns_g_mctx, &ldapdb)); -+} -+ -+/* Wrapper around dns_sdb_unregister() */ -+void -+ldapdb_clear(void) { -+ if (ldapdb != NULL) { -+ /* clean up thread data */ -+ ldapdb_getconn(NULL); -+ dns_sdb_unregister(&ldapdb); -+ } -+} -diff -urN bind-9.2.3-orig/bin/named/main.c bind-9.2.3/bin/named/main.c ---- bind-9.2.3-orig/bin/named/main.c 2003-10-09 01:32:33.000000000 -0600 -+++ bind-9.2.3/bin/named/main.c 2003-11-16 14:52:51.000000000 -0700 -@@ -64,6 +64,7 @@ - * Include header files for database drivers here. - */ - /* #include "xxdb.h" */ -+#include <ldapdb.h> - - static isc_boolean_t want_stats = ISC_FALSE; - static char program_name[ISC_DIR_NAMEMAX] = "named"; -@@ -544,6 +545,7 @@ - * Add calls to register sdb drivers here. - */ - /* xxdb_init(); */ -+ ldapdb_init(); - - ns_server_create(ns_g_mctx, &ns_g_server); - } -@@ -558,6 +560,7 @@ - * Add calls to unregister sdb drivers here. - */ - /* xxdb_clear(); */ -+ ldapdb_clear(); - - isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, - ISC_LOG_NOTICE, "exiting"); -diff -urN bind-9.2.3-orig/doc/INSTALL.sdb-ldap bind-9.2.3/doc/INSTALL.sdb-ldap ---- bind-9.2.3-orig/doc/INSTALL.sdb-ldap 1969-12-31 17:00:00.000000000 -0700 -+++ bind-9.2.3/doc/INSTALL.sdb-ldap 2003-11-16 14:53:32.000000000 -0700 -@@ -0,0 +1,59 @@ -+This is the INSTALL file for 0.9. See -+http://www.venaas.no/ldap/bind-sdb/ for updates or other information. -+ -+BUILDING -+ -+You need the source for BIND 9.1.0 or newer (for zone transfers you -+will need at least 9.1.1rc3 due to a bug). Basically you need to follow -+the instructions in doc/misc/sdb, if my instructions doesn't make sense, -+please have a look at that as well. -+ -+Copy ldapdb.c to bin/named and ldapdb.h to bin/named/include in the -+source tree. -+ -+Next alter bin/named/Makefile.in. Add ldapdb.@O@ to DBDRIVER_OBJS and -+ldapdb.c to DBDRIVER_SRCS. You also need to add something like -+-I/usr/local/include to DBDRIVER_INCLUDES and -+-L/usr/local/lib -lldap -llber -lresolv to DBDRIVER_LIBS -+depending on what LDAP library you have and where you installed it. -+ -+Finally you need to edit bin/named/main.c. Below where it says -+"#include "xxdb.h"", add the line "#include <ldapdb.h>". Below where -+it says "xxdb_init();" add the line "ldapdb_init();", and finally -+below where it says "xxdb_clear();", add "ldapdb_clear();". -+ -+Now you should hopefully be able to build it. If you get an error -+message about ldap_memfree() not being defined, you're probably -+using an LDAP library with the interface defined in RFC 1823. To -+build, uncomment the #define RFC1823API line near the top of ldapdb.c. -+ -+ -+CONFIGURING -+ -+Before you do any configuring of LDAP stuff, please try to configure -+and start bind as usual to see if things work. -+ -+To do anything useful, you need to store a zone in some LDAP server. -+From this release on, you must use a schema called dNSZone. Note that -+it relies on some attribute definitions in the Cosine schema, so that -+must be included as well. The Cosine schema probably comes with your -+LDAP server. You can find dNSZone and further details on how to store -+the data in your LDAP server at -+http://www.venaas.no/ldap/bind-sdb/ -+ -+For an example, have a look at my venaas.com zone. Try a subtree search -+for objectClass=* at -+ldap ldap://129.241.20.67/dc=venaas,dc=com,o=DNS,dc=venaas,dc=no -+ -+To use it with BIND, I've added the following to named.conf: -+zone "venaas.com" { -+ type master; -+ database "ldap ldap://129.241.20.67/dc=venaas,dc=com,o=DNS,dc=venaas,dc=no 172800"; -+}; -+ -+When doing lookups BIND will do a sub-tree search below the base in the -+URL. The number 172800 is the TTL which will be used for all entries that -+haven't got the dNSTTL attribute. It is also possible to add an filter to -+the URL, say ldap://host/base???(o=internal) -+ -+Stig Venaas <venaas@uninett.no> 2002-04-17 -diff -urN bind-9.2.3-orig/doc/README.sdb-ldap bind-9.2.3/doc/README.sdb-ldap ---- bind-9.2.3-orig/doc/README.sdb-ldap 1969-12-31 17:00:00.000000000 -0700 -+++ bind-9.2.3/doc/README.sdb-ldap 2003-11-16 14:53:18.000000000 -0700 -@@ -0,0 +1,40 @@ -+This is an attempt at an LDAP back-end for BIND 9 using the new simplified -+database interface "sdb". This is the nineth release (0.9) and seems to -+be pretty stable. Note that since version 0.4 a new schema is used. -+It is not backwards compatible with versions before 0.4. -+ -+In 0.9 the code has been cleaned up a bit and should be slightly faster -+than previous versions. It also fixes an error with zone transfers (AXFR) -+and entries with multiple relativeDomainName values. The problem was -+that it would only use the first value in the result. There's no need -+to upgrade unless you use such entries. -+ -+0.8 uses asynchronous LDAP search which should give better performance. -+Thanks to Ashley Burston for providing patch. Another new feature is -+allowing filters in URLs. The syntax is as in RFC 2255. Few people will -+need this, but if you have say an internal and external version of the -+same zone, you could stick say o=internal and o=external into different -+entries, and specify for instance ldap://host/base???(o=internal) -+Some error logging has also been added. -+ -+0.7 allows space and other characters to be used in URLs by use of %-quoting. -+For instance space can be written as %20. It also fixes a problem with some -+servers and/or APIs that do not preserve attribute casing. -+ -+0.6 fixes some memory leaks present in older versions unless compiled with -+the RFC 1823 API. -+ -+The big changes in 0.5 are thread support and improved connection handling. -+Multiple threads can now access the back-end simultaneously, and rather than -+having one connection per zone, there is now one connection per thread per -+LDAP server. This should help people with multiple CPUs and people with a -+huge number of zones. One final change is support for literal IPv6 addresses -+in LDAP URLs. At least OpenLDAP 2 has IPv6 support, so if you use OpenLDAP 2 -+libraries and server, you got all you need. -+ -+If you have bug reports, fixes, comments, questions or whatever, please -+contact me. See also http://www.venaas.no/ldap/bind-sdb/ for information. -+ -+See INSTALL for how to build, install and use. -+ -+Stig Venaas <venaas@uninett.no> 2001-12-29 @@ -2,7 +2,6 @@ # Conditional build: %bcond_without ssl # build without OpenSSL support %bcond_without ipv6 # build without IPv6 support -%bcond_without ldap # build without LDAP support # Summary: BIND - DNS name server Summary(de): BIND - DNS-Namenserver @@ -15,13 +14,13 @@ Summary(tr): DNS alan adý sunucusu Summary(uk): BIND - cÅÒ×ÅÒ ÓÉÓÔÅÍÉ ÄÏÍÅÎÎÉÈ ¦ÍÅÎ (DNS) Summary(zh_CN): Internet ÓòÃû·þÎñÆ÷ Name: bind -Version: 9.2.3 -Release: 9 +Version: 9.2.4 +Release: 1.2 Epoch: 5 License: BSD-like Group: Networking/Daemons Source0: ftp://ftp.isc.org/isc/bind9/%{version}/%{name}-%{version}.tar.gz -# Source0-md5: 94ae7b0f20dc406fdbbf6fac5d57b32f +# Source0-md5: 2ccbddbab59aedd6b8711b628b5472bd Source1: %{name}-conf.tar.gz # Source1-md5: 8ee77729f806fcd548fe0cceb34b4a06 Source2: named.init @@ -30,16 +29,14 @@ Source4: named.logrotate Source5: nslookup.8 Source6: http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/%{name}-non-english-man-pages.tar.bz2 # Source6-md5: 35b1dfaa12615c9802126ee833e0e7f7 -Source7: http://www.venaas.no/ldap/bind-sdb/dnszone-schema.txt -# Source7-md5: c9a17d8cf8c1a6d4fad6138a1c3f36c4 Patch0: %{name}-time.patch Patch1: %{name}-autoconf.patch Patch2: %{name}-includedir-libbind.patch Patch3: %{name}-link.patch Patch4: %{name}-pmake.patch +Patch5: %{name}-destaddr.patch # from idnkit -Patch5: %{name}-idn.patch -Patch6: %{name}-sdb-ldap.patch +Patch6: %{name}-idn.patch URL: http://www.isc.org/products/BIND/bind9.html BuildRequires: autoconf BuildRequires: automake @@ -47,10 +44,8 @@ BuildRequires: bison BuildRequires: flex BuildRequires: libtool BuildRequires: idnkit-devel -%{?with_ldap:BuildRequires: openldap-devel} -%{?with_ssl:BuildRequires: openssl-devel >= 0.9.7d} -BuildRequires: rpmbuild(macros) >= 1.159 -PreReq: %{name}-libs = %{epoch}:%{version}-%{release} +%{?with_ssl:BuildRequires: openssl-devel >= 0.9.6m} +PreReq: %{name}-libs = %{epoch}:%{version} PreReq: rc-scripts >= 0.2.0 Requires(pre): fileutils Requires(pre): /bin/id @@ -61,14 +56,12 @@ Requires(postun): /usr/sbin/groupdel Requires(postun): /usr/sbin/userdel Requires(post,preun): /sbin/chkconfig Requires: psmisc >= 20.1 -Provides: group(named) Provides: nameserver -Provides: user(named) +BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) Obsoletes: caching-nameserver Obsoletes: nameserver Conflicts: %{name}-chroot Conflicts: kernel < 2.2.18 -BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS @@ -159,8 +152,7 @@ Summary(tr): DNS araçlarý - host, dig, dnsquery, nslookup Summary(uk): õÔÉ̦ÔÉ ÄÌÑ ÎÁÄÓÉÌÁÎÎÑ ÚÁÐÉÔ¦× ÄÏ ÓÅÒ×ÅÒ¦× DNS Summary(zh_CN): Internet ÓòÃû·þÎñÆ÷ʵÓù¤¾ß Group: Networking/Utilities -Requires: %{name}-libs = %{epoch}:%{version}-%{release} -Requires: iconv +Requires: %{name}-libs = %{epoch}:%{version} %description utils Bind-utils contains a collection of utilities for querying DNS (Domain @@ -247,7 +239,7 @@ Summary(pt_BR): Todos os arquivos de cabeçalho e bibliotecas para desenvolviment Summary(ru): èÅÄÅÒÙ É ÂÉÂÌÉÏÔÅËÉ ÒÁÚÒÁÂÏÔÞÉËÁ ÄÌÑ bind Summary(uk): èÅÄÅÒÉ ÔÁ ¦Â̦ÏÔÅËÉ ÐÒÏÇÒÁͦÓÔÁ ÄÌÑ bind Group: Development/Libraries -Requires: %{name}-libs = %{epoch}:%{version}-%{release} +Requires: %{name}-libs = %{epoch}:%{version} %description devel The bind-devel package contains all the include files and symlinks @@ -286,7 +278,7 @@ Summary(pt_BR): Bibliotecas estáticas para desenvolvimento DNS Summary(ru): óÔÁÔÉÞÅÓËÉÅ ÂÉÂÌÉÏÔÅËÉ ÒÁÚÒÁÂÏÔÞÉËÁ ÄÌÑ bind Summary(uk): óÔÁÔÉÞΦ ¦Â̦ÏÔÅËÉ ÐÒÏÇÒÁͦÓÔÁ ÄÌÑ bind Group: Development/Libraries -Requires: %{name}-devel = %{epoch}:%{version}-%{release} +Requires: %{name}-devel = %{epoch}:%{version} %description static Static bind libraries. @@ -313,7 +305,7 @@ BIND. %patch3 -p1 %patch4 -p1 %patch5 -p1 -%{?with_ldap:%patch6 -p1} +%patch6 -p1 %build %{__libtoolize} @@ -349,7 +341,7 @@ bzip2 -dc %{SOURCE6} | tar xf - -C $RPM_BUILD_ROOT%{_mandir} install conf-pld/*.zone $RPM_BUILD_ROOT%{_var}/lib/named/M install conf-pld/*.hint $RPM_BUILD_ROOT%{_var}/lib/named -install conf-pld/*.conf $RPM_BUILD_ROOT%{_var}/lib/named%{_sysconfdir} +install conf-pld/*.conf $RPM_BUILD_ROOT%{_var}/lib/named/%{_sysconfdir} install bin/tests/named.conf EXAMPLE-CONFIG-named install bin/tests/ndc.conf EXAMPLE-CONFIG-ndc install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/named @@ -362,9 +354,6 @@ ln -sf %{_var}/lib/named/named.stats $RPM_BUILD_ROOT%{_var}/log/named.stats touch $RPM_BUILD_ROOT%{_var}/lib/named/{named.{log,stats},dev/{random,null}} -%{?with_ldap:mkdir -p $RPM_BUILD_ROOT%{_datadir}/openldap/schema/} -%{?with_ldap:install %{SOURCE7} $RPM_BUILD_ROOT%{_datadir}/openldap/schema/dnszone.schema} - # we don't want Makefiles in documentation... rm -f doc/misc/Makefile* @@ -393,7 +382,7 @@ if [ -n "`id -u named 2>/dev/null`" ]; then fi else echo "Adding user named UID=58." - /usr/sbin/useradd -u 58 -g 58 -d /tmp -s /bin/false -c "BIND user" named || exit 1 + /usr/sbin/useradd -u 58 -g 58 -d /dev/null -s /bin/false -c "BIND user" named || exit 1 fi %post @@ -414,8 +403,10 @@ fi %postun if [ "$1" = "0" ]; then - %userremove named - %groupremove named + echo "Removing user named." + %{_sbindir}/userdel named + echo "Removing group named." + %{_sbindir}/groupdel named fi %post libs -p /sbin/ldconfig @@ -423,7 +414,7 @@ fi %files %defattr(644,root,root,755) -%doc README EXAMPLE-CONFIG-* FAQ doc/misc/* doc/arm/*.html doc/rfc/index %{?with_ldap:doc/*.sdb-ldap} +%doc README EXAMPLE-CONFIG-* FAQ doc/misc/* doc/arm/*.html doc/rfc/index %attr(754,root,root) /etc/rc.d/init.d/named %attr(640,root,root) %config(noreplace) %verify(not size mtime md5) /etc/sysconfig/named @@ -432,8 +423,6 @@ fi %attr(755,root,root) %{_sbindir}/* -%{?with_ldap:%{_datadir}/openldap/schema/*.schema} - %{_mandir}/man8/dns* %{_mandir}/man8/lwres* %{_mandir}/man8/named* @@ -444,12 +433,11 @@ fi %attr(770,root,named) %dir %{_var}/lib/named %attr(750,root,named) %dir %{_var}/lib/named/M %attr(770,root,named) %dir %{_var}/lib/named/S -%attr(750,root,named) %dir %{_var}/lib/named%{_sysconfdir} %attr(770,root,named) %dir %{_var}/lib/named/dev %config(noreplace) %verify(not size mtime md5) %{_var}/lib/named/M/* %config(noreplace) %verify(not size mtime md5) %{_var}/lib/named/root.* -%attr(640,root,named) %config(noreplace) %verify(not size mtime md5) %{_var}/lib/named%{_sysconfdir}/* +%attr(640,root,named) %config(noreplace) %verify(not size mtime md5) %{_var}/lib/named/%{_sysconfdir}/* #%ghost %{_var}/lib/named/dev/* %attr(770,root,named) %{_var}/lib/named/dev/* diff --git a/bind9-openssl.patch b/bind9-openssl.patch deleted file mode 100644 index 6377eb9..0000000 --- a/bind9-openssl.patch +++ /dev/null @@ -1,30 +0,0 @@ -diff -urN bind-9.0.1rc2.org/configure.in bind-9.0.1rc2/configure.in ---- bind-9.0.1rc2.org/configure.in Tue Nov 7 11:04:02 2000 -+++ bind-9.0.1rc2/configure.in Wed Nov 8 11:15:29 2000 -@@ -184,12 +184,13 @@ - # - AC_MSG_CHECKING(for compatible OpenSSL library) - --DST_PRIVATEOPENSSL='-DDST_USE_PRIVATE_OPENSSL' --dst_privateopenssl='openssl' --DST_OPENSSL_INC='-I${srcdir}/../openssl/include' -+DNS_OPENSSL_LIBS="-lssl -lcrypto" -+DST_PRIVATEOPENSSL='' -+dst_privateopenssl='' -+DST_OPENSSL_INC='' - DST_OPENSSL_LIB='' --DST_OPENSSL_OBJS='${OPENSSLOBJS}' --AC_MSG_RESULT(using private library) -+DST_OPENSSL_OBJS='' -+AC_MSG_RESULT(using shared library) - - AC_SUBST(DST_PRIVATEOPENSSL) - AC_SUBST(dst_privateopenssl) -@@ -202,7 +203,6 @@ - # it as needed) if it is found. - # - --DNS_OPENSSL_LIBS="" - AC_SUBST(DNS_OPENSSL_LIBS) - - # diff --git a/host_991529+.diff b/host_991529+.diff deleted file mode 100644 index 73060f4..0000000 --- a/host_991529+.diff +++ /dev/null @@ -1,206 +0,0 @@ -diff -Nru host/Makefile host+/Makefile ---- host/Makefile Wed Mar 15 22:51:39 2000 -+++ host+/Makefile Wed Jun 14 01:01:09 2000 -@@ -60,6 +60,8 @@ - # This is the default in either case if you compile stand-alone. - CONFIGDEFS = -DHOST_RES_SEND - -+CONFIGDEFS = -DHOST_RES_SEND -DIPV6 -+ - # ---------------------------------------------------------------------- - # Include file directories. - # This program must be compiled with the same include files that -diff -Nru host/README.ip6.int host+/README.ip6.int ---- host/README.ip6.int Thu Jan 1 01:00:00 1970 -+++ host+/README.ip6.int Wed Jun 14 01:05:05 2000 -@@ -0,0 +1,17 @@ -+Use -DIPV6 in the Makefile to turn IPv6 addresses recognition. This -+version of host recognizes IPv6 addresses in the following formats: -+ -+3ffe:8010:: normal format of a host (mask 128) address -+3ffe:8010::1 normal format of a host (mask 128) address -+3ffe:8010::/28 with mask -+3ffe:8010:2::/28 with mask; :2: will be masked -+3ffe:8010:2 relaxed format; default mask will be 48 in this case -+3ffe:8010/28 default mask 32 but shorten explicitely to 28 -+ -+All of the above addresses will be transformed into ip6.int domain form, -+e.g. 3ffe:8010/28 -> 1.0.8.E.F.F.3.ip6.int. ::/0 can be used to ask -+about just ip6.int. -+ -+There no IPv6 communication support yet. -+ -+rzm@icm.edu.pl -diff -Nru host/defs.h host+/defs.h ---- host/defs.h Wed Mar 29 20:19:00 2000 -+++ host+/defs.h Tue Jun 13 18:39:39 2000 -@@ -87,6 +87,7 @@ - int parse_type PROTO((char *)); - int parse_class PROTO((char *)); - char *in_addr_arpa PROTO((char *)); -+char *ip6_int PROTO((char *)); - char *nsap_int PROTO((char *)); - void print_host PROTO((char *, struct hostent *)); - void show_res PROTO((void)); -diff -Nru host/info.c host+/info.c ---- host/info.c Mon Mar 27 12:59:11 2000 -+++ host+/info.c Tue Jun 13 21:06:15 2000 -@@ -63,6 +63,7 @@ - int nodata = 0; /* NO_DATA status during DNSRCH */ - int nquery = 0; /* number of extra search queries */ - -+ if (name==NULL) return FALSE; - /* - * Single dot means root zone. - */ -diff -Nru host/main.c host+/main.c ---- host/main.c Wed Mar 29 22:38:09 2000 -+++ host+/main.c Wed Jun 14 00:55:58 2000 -@@ -1273,6 +1273,7 @@ - input char *name; /* command line argument */ - { - bool result; /* result status of action taken */ -+ bool rev6 = FALSE; - - /* check for nonsense input name */ - if (strlength(name) > MAXDNAME) -@@ -1297,6 +1298,13 @@ - else - queryaddr = inet_addr(queryname); - -+#ifdef IPV6 -+ if (index(queryname,':')) { -+ rev6 = TRUE; -+ queryname = ip6_int(queryname); -+ } -+#endif -+ - /* - * Generate reverse in-addr.arpa query if so requested. - * The input name must be a dotted quad, and be convertible. -@@ -1304,7 +1312,11 @@ - if (reverse) - { - if (queryaddr == NOT_DOTTED_QUAD) -- name = NULL; -+ if (rev6) { -+ name = ip6_int(queryname); -+ } else { -+ name = NULL; -+ } - else - name = in_addr_arpa(queryname); - -@@ -1323,18 +1335,18 @@ - * Heuristic to check whether we are processing a reverse mapping domain. - * Normalize to not have trailing dot, unless it is the root zone. - */ -- if ((queryaddr == NOT_DOTTED_QUAD) && !reverse) -+ if ((queryaddr == NOT_DOTTED_QUAD) && !rev6 && !reverse) - { - char namebuf[MAXDNAME+1]; - register int n; - -- name = strcpy(namebuf, queryname); -+ name = strncpy(namebuf, queryname, sizeof(namebuf)); - - n = strlength(name); - if (n > 1 && name[n-1] == '.') - name[n-1] = '\0'; - -- reverse = indomain(name, ARPA_ROOT, FALSE); -+ reverse = indomain(name, ARPA_ROOT, FALSE) || indomain(name, IPNG_ROOT, FALSE); - } - - /* -@@ -1370,7 +1382,7 @@ - /* set querytype for regular mode if unspecified */ - if ((querytype == T_NONE) && !listmode) - { -- if ((queryaddr != NOT_DOTTED_QUAD) || reverse) -+ if ((queryaddr != NOT_DOTTED_QUAD) || rev6 || reverse) - querytype = T_PTR; - else - querytype = T_A; -diff -Nru host/util.c host+/util.c ---- host/util.c Mon Mar 27 13:34:15 2000 -+++ host+/util.c Wed Jun 14 01:00:08 2000 -@@ -209,6 +209,78 @@ - } - - /* -+** IP6_INT -- Convert IPv6 string to reverse ip6.int -+** ------------------------------------------------------------------ -+** -+** Returns: -+** Pointer to appropriate reverse ip6.int name with -+** trailing dot to force absolute domain name. NULL -+** in case of invalid IPv6 input string. -+*/ -+ -+char * -+ip6_int(ipv6) -+input char *ipv6; /* input string with IPv6 */ -+{ -+ static char dombuf[ 128/4*3 + sizeof(IPNG_ROOT) + 2]; -+#ifdef IPV6 -+ char ipv6addr [8*4 + 7 + 1 + 3 + 2], *mask, *p, buf2[5]; -+ struct in6_addr ip6buf; -+ int nmask = -1, err, i, colons = 0; -+ -+ strncpy(ipv6addr, ipv6, sizeof(ipv6addr)); -+ -+ mask = index(ipv6addr, '/'); -+ if (mask) { -+ *mask = '\0'; -+ mask++; -+ nmask = atoi(mask); -+ } -+ -+ p = ipv6addr; while(*p) if (*p++==':') colons++; -+/* printf("addr: %s, colons: %d, last: %c\n", ipv6addr, colons, p[-1]); */ -+ -+ /* relaxing address format: remove last : */ -+ if ( (p-ipv6addr>=2) && (p[-1]==':') && (p[-2]!=':') ) p[-1] = '\0'; -+ -+ /* mask not set, derived from non-standard formatted address */ -+ if ( (colons<7) && (p[-1]!=':') && (strstr(ipv6addr,"::")==0) ) { -+ strcat(ipv6addr, "::"); -+ if (nmask==-1) nmask = (colons+1)*16; -+ } -+ -+ if (nmask==-1) nmask = 128; -+ -+ err = inet_pton(AF_INET6, ipv6addr, &ip6buf); -+ if (err == -1) { -+ errmsg("Address (%s) format error: %s", ipv6, strerror(errno)); -+ return ipv6; -+ } -+ if (err == 0) { -+ errmsg("Address `%s' not valid"); -+ return ipv6; -+ } -+ -+/* for (i=0; i<16; i++) printf("%02X ", ip6buf.s6_addr[i]); printf("/%d\n", nmask); */ -+ -+ nmask -= nmask%4; -+ dombuf[0] = '\0'; -+ while (nmask>0) { -+ if (nmask%8==0) { -+ sprintf(buf2, "%X.", ip6buf.s6_addr[(nmask-1)/8] % 16); -+ } else { -+ sprintf(buf2, "%X.", ip6buf.s6_addr[(nmask-1)/8] / 16); -+ } -+ strcat(dombuf, buf2); -+ nmask -= 4; /* 8 bits at a time */ -+ } -+ strcat(dombuf, IPNG_ROOT); -+ strcat(dombuf, "."); -+#endif -+ return dombuf; -+} -+ -+/* - ** NSAP_INT -- Convert dotted nsap address string to reverse nsap.int - ** ------------------------------------------------------------------ - ** diff --git a/named-chroot.init b/named-chroot.init deleted file mode 100644 index 6f69168..0000000 --- a/named-chroot.init +++ /dev/null @@ -1,92 +0,0 @@ -#!/bin/sh -# -# named This shell script takes care of starting and stopping -# named (BIND DNS server). -# -# chkconfig: 345 55 45 -# description: named (BIND) is a Domain Name Server (DNS) \ -# that is used to resolve host names to IP addresses. - -# Source function library -. /etc/rc.d/init.d/functions - -# Source networking configuration -. /etc/sysconfig/network - -# Try get config.. -[ -f /etc/sysconfig/named ] && . /etc/sysconfig/named - -# Check that networking is up. -if is_yes "${NETWORKING}"; then - if [ ! -f /var/lock/subsys/network ]; then - msg_network_down "Named" - exit 1 - fi -else - exit 0 -fi - -# Sanity check -[ -f /etc/named.conf ] || exit 0 - -RETVAL=0 -# See how we were called. -case "$1" in - start) - # Check if the service is already running? - if [ ! -f /var/lock/subsys/named ]; then - msg_starting "holelogd.named" - daemon holelogd.named /var/lib/named/chroot/dev/log - RETVAL=$? - [ $RETVAL -eq 0 ] || exit 1 - msg_starting "Named" - touch /var/log/named && chown named.named /var/log/named - daemon /var/lib/named/chroot/usr/sbin/named \ - -u named -g named -t /var/lib/named/chroot - RETVAL=$? - if [ $RETVAL -eq 0 ]; then - touch /var/lock/subsys/named - chown named.named /var/lib/named/chroot/var/run/named.pid - ln -sf /var/lib/named/chroot/var/run/named.pid /var/run/named.pid - fi - else - msg_already_running "Named" - fi - ;; - stop) - if [ -f /var/lock/subsys/named ]; then - msg_stopping "Named" - killproc named - msg_stopping "holelogd.named" - killproc holelogd.named - rm -f /var/lock/subsys/named >/dev/null 2>&1 - else - msg_not_running "Named" - fi - ;; - status) - /usr/sbin/ndc.chroot status - exit $? - ;; - reload|force-reload) - if [ -f /var/lock/subsys/named ]; then - msg_reloading "Named" - killproc named -HUP - RETVAL=$? - else - msg_not_running "Named" >&2 - exit 7 - fi - - ;; - restart) - $0 stop - $0 start - exit $? - ;; - *) - msg_usage "$0 {start|stop|restart|reload|force-reload|status}" - exit 3 -esac - -exit $RETVAL diff --git a/named.conf b/named.conf deleted file mode 100644 index 772b711..0000000 --- a/named.conf +++ /dev/null @@ -1,65 +0,0 @@ -// This is an exaple configuration file for named ( /etc/named.conf ) -// Przyk³adowy plik konfiguracyjny /etc/named.conf dla serwera nazw `named' - -options { - directory "/var/lib/named"; - check-names master fail; -// check-names slave warn; - check-names response ignore; - datasize default; - deallocate-on-exit no; - host-statistics no; - fake-iquery no; -}; - -controls { - unix "/var/run/ndc" perm 0600 owner 0 group 0; -}; - - -zone "localhost" IN { - type master; - file "M/localhost.zone"; - check-names fail; - allow-update { none; }; - allow-transfer { any; }; -}; - -zone "0.0.127.in-addr.arpa" IN { - type master; - file "M/127.0.0.zone"; - check-names fail; - allow-update { none; }; - allow-transfer { any; }; -}; - -zone "." IN { - type hint; - file "root.hint"; -}; - -//zone "pld-linux.org" IN { -// type slave; -// file "S/pld-linux.org.zone"; -// masters { -// 195.116.211.3; -// }; -// check-names warn; -// allow-query { any; }; -// allow-transfer { any; }; -// }; - -logging { - channel xfer-log { - file "/var/log/named"; - print-category yes; - print-severity yes; - print-time yes; - severity info; - }; - category xfer-in { xfer-log; }; - category xfer-out { xfer-log; }; - category notify { xfer-log; }; - category load { xfer-log; }; -}; - @@ -39,9 +39,8 @@ case "$1" in # Check if the service is already running? if [ ! -f /var/lock/subsys/named ]; then msg_starting "Named" - modprobe -s capability > /dev/null 2>&1 touch /var/lib/named/named.log && \ - chown named:named /var/lib/named/named.log + chown named.named /var/lib/named/named.log daemon named -u named -t /var/lib/named \ -c /etc/named.conf -n ${NUM_CPUS:-1} </dev/null RETVAL=$? diff --git a/resolver.5 b/resolver.5 deleted file mode 100644 index 11c0e08..0000000 --- a/resolver.5 +++ /dev/null @@ -1,224 +0,0 @@ -.\" Copyright (c) 1986 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms are permitted -.\" provided that the above copyright notice and this paragraph are -.\" duplicated in all such forms and that any documentation, -.\" advertising materials, and other materials related to such -.\" distribution and use acknowledge that the software was developed -.\" by the University of California, Berkeley. The name of the -.\" University may not be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. -.\" -.\" @(#)resolver.5 5.9 (Berkeley) 12/14/89 -.\" $Id$ -.\" -.Dd November 11, 1993 -.Dt RESOLVER 5 -.Os BSD 4 -.Sh NAME -.Nm resolver -.Nd resolver configuration file -.Sh SYNOPSIS -.Pa /etc/resolv.conf -.Sh DESCRIPTION -The -.Nm resolver -is a set of routines in the C library -.Pq Xr resolve 3 -that provide access to the Internet Domain Name System. -The -.Nm resolver -configuration file contains information that is read -by the -.Nm resolver -routines the first time they are invoked by a process. -The file is designed to be human readable and contains a list of -keywords with values that provide various types of -.Nm resolver -information. -.Pp -On a normally configured system, this file should not be necessary. -The only name server to be queried will be on the local machine, -the domain name is determined from the host name, -and the domain search path is constructed from the domain name. -.Pp -The different configuration directives are: -.Bl -tag -width "nameser" -.It Li nameserver -Internet address (in dot notation) of a name server that the -.Nm resolver -should query. Up to -.Dv MAXNS -(see -.Pa <resolv.h> ) -name servers may be listed, one per keyword. -If there are multiple servers, the -.Nm resolver -library queries them in the order listed. -If no -.Li nameserver -entries are present, the default is to use the name server on the local machine. -(The algorithm used is to try a name server, and if the query times out, -try the next, until out of name servers, -then repeat trying all the name servers -until a maximum number of retries are made). -.It Li domain -Local domain name. -Most queries for names within this domain can use short names -relative to the local domain. -If no -.Li domain -entry is present, the domain is determined from the local host name returned by -.Xr gethostname 2 ; -the domain part is taken to be everything after the first -.Sq \&. . -Finally, if the host name does not contain a domain part, the root -domain is assumed. -.It Li search -Search list for host-name lookup. -The search list is normally determined from the local domain name; -by default, it contains only the local domain name. -This may be changed by listing the desired domain search path -following the -.Li search -keyword with spaces or tabs separating the names. -Most -.Nm resolver -queries will be attempted using each component -of the search path in turn until a match is found. -Note that this process may be slow and will generate a lot of network -traffic if the servers for the listed domains are not local, -and that queries will time out if no server is available -for one of the domains. -.Pp -The search list is currently limited to six domains -with a total of 256 characters. -.It Li sortlist -Allows addresses returned by gethostbyname to be sorted. -A -.Li sortlist -is specified by IP address netmask pairs. The netmask is -optional and defaults to the natural netmask of the net. The IP address -and optional network pairs are separated by slashes. Up to 10 pairs may -be specified. For example: -.Bd -literal -offset indent -sortlist 130.155.160.0/255.255.240.0 130.155.0.0 -.Ed -.It Li options -Allows certain internal -.Nm resolver -variables to be modified. -The syntax is -.D1 Li options Ar option ... -where -.Ar option -is one of the following: -.Bl -tag -width "ndots:n " -.It Li debug -sets -.Dv RES_DEBUG -in -.Ft _res.options . -.It Li ndots: Ns Ar n -sets a threshold for the number of dots which -must appear in a name given to -.Fn res_query -(see -.Xr resolver 3 ) -before an -.Em initial absolute query -will be made. The default for -.Ar n -is -.Dq 1 , -meaning that if there are -.Em any -dots in a name, the name will be tried first as an absolute name before any -.Em search list -elements are appended to it. -.It Li timeout: Ns Ar n -sets the amount of time the resolver will wait for a response from a remote -name server before retrying the query via a different name server. Measured in -seconds, the default is -.Dv RES_TIMEOUT -(see -.Pa <resolv.h> ). -.It Li attempts: Ns Ar n -sets the number of times the resolver will send a query to its name servers -before giving up and returning an error to the calling application. The -default is -.Dv RES_DFLRETRY -(see -.Pa <resolv.h> ). -.It Li rotate -sets -.Dv RES_ROTATE -in -.Ft _res.options , -which causes round robin selection of nameservers from among those listed. -This has the effect of spreading the query load among all listed servers, -rather than having all clients try the first listed server first every time. -.It Li no-check-names -sets -.Dv RES_NOCHECKNAME -in -.Ft _res.options , -which disables the modern BIND checking of incoming host names and mail names -for invalid characters such as underscore (_), non-ASCII, or control characters. -.It Li inet6 -sets -.Dv RES_USE_INET6 -in -.Ft _res.options . -This has the effect of trying a AAAA query before an A query inside the -.Ft gethostbyname -function, and of mapping IPv4 responses in IPv6 ``tunnelled form'' if no -AAAA records are found but an A record set exists. -.El -.El -.Pp -The -.Li domain -and -.Li search -keywords are mutually exclusive. -If more than one instance of these keywords is present, -the last instance wins. -.Pp -The -.Li search -keyword of a system's -.Pa resolv.conf -file can be -overridden on a per-process basis by setting the environment variable -.Dq Ev LOCALDOMAIN -to a space-separated list of search domains. -.Pp -The -.Li options -keyword of a system's -.Pa resolv.conf -file can be amended on a per-process basis by setting the environment variable -.Dq Ev RES_OPTIONS to a space-separated list of -.Nm resolver -options as explained above under -.Li options . -.Pp -The keyword and value must appear on a single line, and the keyword -(e.g., -.Li nameserver ) -must start the line. The value follows the keyword, separated by white space. -.Sh FILES -.Pa /etc/resolv.conf -.Pa <resolv.h> -.Sh SEE ALSO -.Xr gethostbyname 3 , -.Xr hostname 7 , -.Xr named 8 , -.Xr resolver 3 , -.Xr resolver 5 . -.Dq Name Server Operations Guide for Sy BIND diff --git a/utils-holelogd-linux.patch b/utils-holelogd-linux.patch deleted file mode 100644 index b20bac4..0000000 --- a/utils-holelogd-linux.patch +++ /dev/null @@ -1,39 +0,0 @@ ---- bind-chroot-8.2.2_P5/utils-1.0/holelogd.c.orig Sun Sep 15 22:39:42 1996 -+++ bind-chroot-8.2.2_P5/utils-1.0/holelogd.c Sun Jan 9 18:26:33 2000 -@@ -64,10 +64,10 @@ - (void)unlink(holename); - unxls.sun_family = AF_UNIX; - (void) strncpy(unxls.sun_path, holename, sizeof unxls.sun_path); -- listenfd = socket(AF_UNIX, SOCK_STREAM, 0); -+ listenfd = socket(AF_UNIX, SOCK_DGRAM, 0); - if (listenfd < 0 || bind(listenfd, (struct sockaddr *) &unxls, - sizeof(unxls.sun_family)+strlen(unxls.sun_path)) < 0 || -- chmod(holename, 0666) < 0 || listen(listenfd, 5) < 0) { -+ chmod(holename, 0666) < 0) { - syslog(LOG_ERR, "Can't create AF_UNIX listen socket %s (%m) - exiting", - holename); - exit(1); -@@ -77,7 +77,7 @@ - - logaddr.sa_family = AF_UNIX; - (void) strncpy(logaddr.sa_data, logname, sizeof(logaddr.sa_data)); -- logfd = socket(AF_UNIX, SOCK_STREAM, 0); -+ logfd = socket(AF_UNIX, SOCK_DGRAM, 0); - if (logfd < 0) { - syslog(LOG_ERR, "Can't create AF_UNIX socket (%m) - exiting"); - exit(1); -@@ -118,14 +118,6 @@ - for (fd = 0; fd < FD_SETSIZE; fd++) { - if (FD_ISSET(fd, &readfds)) { - if (fd == listenfd) { -- int len; -- len = sizeof(unxs); -- fd = accept(listenfd, (struct sockaddr *)&unxs, &len); -- if (fd >= 0) { -- FD_SET(fd, &cfds); -- } -- } -- else { - int i; - char buf[1024]; - i = read(fd, buf, 1024); |