This commit was manufactured by cvs2git to create tag 'v9_0_0'.

520.   [bug]           Upgraded libtool to 1.3.5, which allows shared
                        library builds to work on AIX (and possibly others).

CHANGES

@@ -1,207 +1,14 @@
- 522.	[func]		The lightweight resolver daemon can now use
-			a real configuration file, and its functionality
-			can be provided by a name server.  Also, the -p and -P
-			options to lwresd have been reversed.
 
- 521.	[bug]		Detect master files which contain $INCLUDE and always
-			reload. [RT #196]
-
- 520.	[bug]		Upgraded libtool to 1.3.5, which allows shared
-			library builds to work on AIX (and possibly others).
-
- 519.	[bug]		dns_name_split() would improperly split some bitstring
-			labels, zeroing a few of the least signficant bits in
-			the prefix part.  When such an improperly created
-			prefix was returned to the RBT database, the bogus
-			label was dutifully stored, corrupting the tree.
-			[RT #369]
-
- 518.	[bug]		The resolver did not realize that a DNAME which was
-			"the answer" to the client's query was "the answer",
-			and such queries would fail. [RT #399]
-
- 517.	[bug]		The resolver's DNAME code would trigger an assertion
-			if there was more than one DNAME in the chain.
-			[RT #399]
-
- 516.	[bug]		Cache lookups which had a NULL node pointer, e.g.
-			those by dns_view_find(), and which would match a
-			DNAME, would trigger an INSIST(!search.need_cleanup)
-			assertion. [RT #399]
-
- 515.	[bug]		The ssu table was not being attached / detached
-			by dns_zone_[sg]etssutable. [RT#397]
-
- 514.	[func]		Retry refresh and notify queries if they timeout.
-			[RT #388]
-
- 513.	[func]		New functionality added to rdnc and server to allow
-			individual zones to be refreshed ore reloaded.
-
- 512.	[bug]		The zone tranfer code could throw an execption with
-			an invalid IXFR stream.
-
- 511.	[bug]		The message code could throw an assertion on an
-			out of memory failure. [RT #392]
-
- 510.	[bug]		Remove spurious view notify warning. [RT #376]
-
- 509.	[func]		Add support for write of zone files on shutdown.
-
- 508.	[func]		dns_message_parse() can now do a best-effort
-			attempt, which should allow dig to print more invalid
-			messages.
-
- 507.	[func]		New functions dns_zone_flush(), dns_zt_flushanddetach()
-			and dns_view_flushanddetach().
-
- 506.	[func]		Do not fail to start on errors in zone files.
-
- 505.	[bug]		nsupdate was printing "unknown result code". [RT #373]
-
- 504.	[bug]		The zone was not being marked as dirty when updated via
-			IXFR.
-
- 503.	[bug]		dumptime was not being set along with
-			DNS_ZONEFLG_NEEDDUMP.
-
- 502.	[func]		On a SERVFAIL reply, DiG will now try the next server
-			in the list, unless the +fail option is specified.
-
- 501.	[bug]		Incorrect port numbers were being displayed by
-			nslookup.  [RT #352]
-
- 500.   [func]		Nearly useless +details option removed from DiG.
-
- 499.	[func]		In DiG, specifying a class with -c or type with -t
-			changes command-line parsing so that classes and
-			types are only recognized if following -c or -t.
-			This allows hosts with the same name as a class or
-			type to be looked up.
-
- 498.	[doc]		There is now a man page for "dig" 
-			in doc/man/bin/dig.1.
-
- 497.	[bug]		The error messages printed when an IP match list
-			contained a network address with a nonzero host
-			part where not sufficiently detailed. [RT #365]
-
- 496.	[bug]		named didn't sanity check numeric parameters [RT #361]
-
- 495.	[bug]		nsupdate was unable to handle large records [RT #368]
-
- 494.	[func]		Do not cache NXDOMAIN responses for SOA queries.
-
- 493.	[func]		Return non-cachable (ttl = 0) NXDOMAIN responses
-			for SOA queries.  This makes it easier to locate
-			the containing zone without polluting intermediate
-			caches.
-
- 492.	[bug]		attempting to reload a zone caused the server fail
-			to shutdown cleanly. [RT #360]
-
- 491.	[bug]		nsupdate would segfault when sending certain
-			prerequisites with empty RDATA. [RT #356]
-
- 490.	[func]		When a slave/stub zone has not yet successfully
-			obtained an SOA containing the zone's configured
-			retry time, perform the SOA query retries using
-			exponential backoff. [RT #337]
-
- 489.	[func]		The zone manager now has a "i/o" queue.
-
- 488.	[bug]		Locks weren't properly destroyed in some cases.
-
- 487.	[port]		flockfile() is not defined on all systems.
-
- 486.	[bug]		nslookup: "set all" and "server" commands showed
-			the incorrect port number if a port other than 53
-			was specified. [RT #352]
-
- 485.	[func]		When dig had more than one server to query, it would
-			send all of the messages at the same time.  Add
-			rate limiting of the transmitted messages.
-
- 484.	[bug]		When the server was reloaded after removing addresses 
-			from the named.conf "listen-on" statement, sockets
-			were still listening on the removed addresses due
-			to reference count loops. [RT #325]
-
- 483.	[bug]		nslookup: "set all" showed search but it was not
-			settable.
-
- 482.	[bug]		nslookup: a plain "server" or "lserver" should be
-			treated as a lookup.
-
- 481.	[bug]		nslookup:get_next_command() stack size exceeds
-			per thread limit.
-
- 480.	[bug]		strtok() is not thread safe. [RT #349]
-
- 479.	[func]		The test suite can now be run by typing "make check"
-			or "make test" at the top level.
-
- 478.	[bug]		"make install" failed if the directory specified with
-			--prefix did not already exist.
-
- 477.	[bug]		The the isc-config.sh script could be installed before
-			its directory was created. [RT #324]
-
- 476.	[bug]		A zone could expire while a zone transfer was in
-			progress triggering a INSIST failure. [RT #329]
-
- 475.	[bug]		query_getzonedb() sometimes returned a non-null version
-			on failure.  This caused assertion failures when
-			generating query responses where names subject to
-			additional section processing pointed to a zone
-			to which access had been denied by means of the
-			allow-query option. [RT #336]
-
- 474.	[bug]		The mnemonic of the CHAOS class is CH according to
-			RFC1035, but it was printed and read only as CHAOS.
-			We now accept both forms as input, and print it
-			as CH. [RT #305]
-
- 473.	[bug]		nsupdate overran the end of the list of name servers
-			when no servers could be reached, typically causing 
-			it to print the error message "dns_request_create:
-			not implemented".
-
- 472.	[bug]		Off-by-one error caused isc_time_add() to sometimes
-			produce invalid time values.
-
- 471.	[bug]		nsupdate didn't compile on HP/UX 10.20
-
- 470.	[feature]	$GENERATE is now supported.  See also
-			doc/misc/migration.
-
- 469.	[bug]		"query-source address * port 53;" now works.
-
- 468.	[bug]		dns_master_load*() failed to report file and line
-			number in certain error conditions.
-
- 467.	[bug]		dns_master_load*() failed to log an error if
-			pushfile() failed.
-
- 466.	[bug]		dns_master_load*() could return success when it failed.
-
- 465.	[cleanup]	Allow 0 to be set as an omapi_value_t value by
-			omapi_value_storeint().
-
- 464.	[cleanup]	Build with openssl's RSA code instead of dnssafe.
+	--- 9.0.0 released ---
 
  463.	[bug]		nsupdate sent malformed SOA queries to the second
 			and subsequent name servers in resolv.conf if the
 			query sent to the first one failed.
 
- 462.	[bug]		--disable-ipv6 should work now.
-
  461.	[bug]		Specifying an unknown key in the "keys" clause of the
 			"controls" statement caused a NULL pointer dereference.
 			[RT #316]
 
- 460.	[bug]		Much of the DNSSEC code only worked with class IN.
-
  459.	[bug]		Nslookup processed the "set" command incorrectly.
 
  458.	[bug]		Nslookup didn't properly check class and type values.
@@ -217,11 +24,7 @@
 			This disabled further refreshing of the stub zone,
 			causing it to eventually expire. [RT #300]
 
- 455.	[doc]		Document IPv4 prefix notation does not require a
-			dotted decimal quad but may be just dotted decimal.
-
- 454.	[bug]		Enforce dotted decimal and dotted decimal quad where
-			documented as such in named.conf. [RT #304, RT #311]
+	--- 9.0.0rc6 released ---
 
  453.	[bug]		Warn if the obsolete option "maintain-ixfr-base"
 			is specified in named.conf. [RT #306]
@@ -229,31 +32,10 @@
  452.	[bug]		Warn if the unimplemented option "statistics-file"
 			is specified in named.conf. [RT #301]
 
- 451.	[func]		Update forwarding implememted.
-
- 450.	[func]		New function ns_client_sendraw().
-
- 449.	[bug]		isc_bitstring_copy() only works correctly if the
-			two bitstrings have the same lsb0 value, but this
-			requirement was not documented, nor was there a
-			REQUIRE for it.
-
- 448.   [bug]		Host output formatting change, to match v8. [RT #255]
-
- 447.   [bug]		Dig didn't properly retry in TCP mode after
-			a truncated reply.  [RT #277]
-
- 446.	[bug]		Confusing notify log message. [RT #298]
-
  445.	[bug]		Doing a 0 bit isc_bitstring_copy() of an lsb0
 			bitstring triggered a REQUIRE statement.  The REQUIRE
 			statement was incorrect. [RT #297]
 
- 444.	[func]		"recursion denied" messages are always logged at
-			debug level 1, now, rather than sometimes at ERROR.
-			This silences these warnings in the usual case, where
-			some clients set the RD bit in all queries.
-
  443.	[bug]		When loading a master file failed because of an
 			unrecognized RR type name, the error message
 			did not include the file name and line number. 
@@ -265,14 +47,6 @@
  441.	[bug]		Nodes obscured by a DNAME were inaccessible even
 			when DNS_DBFIND_GLUEOK was set.
 
- 440.	[func]		New function dns_zone_forwardupdate().
-
- 439.	[func]		New function dns_request_createraw().
-
- 438.	[func]		New function dns_message_getrawmessage().
-
- 437.	[func]		Log NOTIFY activity to the notify channel.
-
  436.	[bug]		If recvmsg() returned EHOSTUNREACH or ENETUNREACH,
 			which sometimes happens on Linux, named would enter
 			a busy loop.  Also, unexpected socket errors were
@@ -287,29 +61,11 @@
 			slave zone, interfering with subsequent server
 			startup. [RT #282]
 
- 434.	[func]		New function isc_file_isabsolute().
-
- 433.	[func]		isc_base64_decodestring() now accepts newlines
-			within the base64 data.  This makes it possible 
-			to break up the key data in a "trusted-keys"
-			statement into multiple lines. [RT #284]
-
- 432.	[func]		Added refresh/retry jitter.  The actual refresh/
-			retry time is now a random value between 75% and
-			100% of the configured value.
-
- 431.	[func]		Log at ISC_LOG_INFO when a zone is successfully
-			loaded.
-
- 430.	[bug]		Rewrote the lightweight resolver client management
-			code to handle shutdown correctly and general
-			cleanup.
-
  429.	[bug]		The space reserved for a TSIG record in a response
 			was 2 bytes too short, leading to message
 			generation failures.
 
- 428.   [bug]		rbtdb.c:find_closest_nxt() erroneously returned
+ 428.	[bug]		rbtdb.c:find_closest_nxt() erroneously returned
 			DNS_R_BADDB for nodes which had neither NXT nor SIG NXT
 			(e.g. glue).  This could cause SERVFAILs when
 			generating negative responses in a secure zone.
@@ -325,20 +81,9 @@
 			if there is no auth-nxdomain statement in the
 			config file. [RT #287]
 
- 424.	[bug]		notify_createmessage() could trigger an assertion
-			failure when creating the notify message failed,
-			e.g. due to corrupt zones with multiple SOA records.
-			[RT #279]
-
- 423.	[bug]		When responding to a recusive query, errors that occur
-			after following a CNAME should cause the query to fail.
-			[RT #274]
-
- 422.	[func]		get rid of isc_random_t, and make isc_random_get()
-			and isc_random_jitter() use rand() internally
-			instead of local state.  Note that isc_random_*()
-			functions are only for weak, non-critical "randomness"
-			such as timing jitter and such.
+ 424.	[bug]		notify_createmessage() could trigger an assertion failure
+			when creating the notify message failed, e.g. due to
+			corrupt zones with multiple SOA records. [RT #279]
 
  421.	[bug]		nslookup would exit when given a blank line as input.
 
@@ -350,23 +95,16 @@
 			socket receive error would crash the server
 			while trying to log the error message.
 
- 417.	[func]		Add isc_app_block() and isc_app_unblock(), which
-			allow an application to handle signals while
-			blocking.		
-
  416.	[bug]		Slave zones with no master file tried to use a
 			NULL pointer for a journal file name when they
 			received an IXFR. [RT #273]
 
  415.	[bug]		The logging code leaked file descriptors.
 
- 414.	[bug]		Server did not shut down until all incoming zone 
-			transfers were finished.
-
  413.	[bug]		Notify could attempt to use the zone database after
 			it had been unloaded. [RT#267]
 
- 412.	[bug]		named -v didn't print the version.
+	--- 9.0.0rc5 released ---
 
  411.	[bug]		A typo in the HS A code caused an assertion failure.
 
@@ -387,10 +125,13 @@
  406.	[bug]		Log messages were occasionally lost or corrupted
 			due to a race condition in isc_log_doit().
 
- 405.	[func]		Add support for selective forwarding (forward zones)
-
  404.	[bug]		The request library didn't completely work with IPv6.
 
+ 381.	[bug]		Check for IPV6_RECVPKTINFO and use it instead of
+			IPV6_PKTINFO if found. [RT #229]
+
+	--- 9.0.0rc4 released ---
+
  403.	[bug]		"host" did not use the search list.
 
  402.	[bug]		Treat undefined acls as errors, rather than
@@ -404,15 +145,18 @@
 			containing a syntax error, it could catch an
 			assertion failure trying to perform zone
 			maintenance on, or sending notifies from,
-			tentatively created zones whose	views were
-			never fully configured and lacked an address 
+			tentatively created zones whose views were
+			never fully configured and lacked an address
 			database and request manager.
 
  398.	[bug]		"dig" sometimes caught an assertion failure when
 			using TSIG, depending on the key length.
 
- 397.	[func]		Added utility functions dns_view_gettsig() and
-			dns_view_getpeertsig().
+ 330.	[bug]		Many debugging messages were partially formatted
+			even when debugging was turned off, causing a
+			significant decrease in query performance.
+
+	--- 9.0.0rc3 released ---
 
  396.	[doc]		There is now a man page for "nsupdate" 
 			in doc/man/bin/nsupdate.8.
@@ -420,41 +164,13 @@
  395.	[bug]		nslookup printed incorrect RR type mnemonics
 			for RRs of type >= 21 [RT #237].
 
- 394.	[bug]		Current name was not propagated via $INCLUDE.
-
- 393.	[func]		Initial answer while loading (awl) support.
-			Entry points: dns_master_loadfileinc(),
-			dns_master_loadstreaminc(), dns_master_loadbufferinc().
-			Note: calls to dns_master_load*inc() should be rate
-			be rate limited so as to not use up all file
-			descriptors.
-
- 392.	[func]		Add ISC_R_FAMILYNOSUPPORT.  Returned when OS does
-			not support the given address family requested. 
-
- 391.	[clarity]	ISC_R_FAMILY -> ISC_R_FAMILYMISMATCH.
-
- 390.	[func]		The function dns_zone_setdbtype() now takes
-			an argc/argv style vector of words and sets 
-			both the zone database type and its arguments,
-			making the functions dns_zone_adddbarg()
-			and dns_zone_cleardbargs() unnecessary.
-
- 389.	[bug]		Attempting to send a reqeust over IPv6 using 
+ 389.	[bug]		Attempting to send a reqeust over IPv6 using
 			dns_request_create() on a system without IPv6
 			support caused an assertion failure [RT #235].
 
- 388.	[func]		dig and host can now do reverse ipv6 lookups.
-
- 387.	[func]		Add dns_byaddr_createptrname(), which converts
-			an address into the name used by a PTR query.
-
  386.	[bug]		Missing strdup() of ACL name caused random
 			ACL matching failures [RT #228].
 
- 385.	[cleanup]	Removed functions dns_zone_equal(), dns_zone_print(),
-			and dns_zt_print().
-
  384.	[bug]		nsupdate was incorrectly limiting TTLs to 65535 instead
 			of 2147483647.
 
@@ -465,15 +181,9 @@
 			libc provided kernel headers do not match
 			the current kernel.
 
- 381.	[bug]		Check for IPV6_RECVPKTINFO and use it instead of
-			IPV6_PKTINFO if found. [RT #229]
-
  380.	[bug]		nsupdate didn't work with IPv6.
 
- 379.	[func]		New library function isc_sockaddr_anyofpf().
-
- 378.	[func]		named and lwresd will log the command line arguments
-			they were started with in the "starting ..." message.
+	--- 9.0.0rc2 released ---
 
  377.	[bug]		When additional data lookups were refused due to 
 			"allow-query", the databases were still being
@@ -482,7 +192,7 @@
  376.	[bug]		The server should always use good entropy when
 			performing cryptographic functions needing entropy.
 
- 375.	[bug]		Per-zone "allow-query" did not properly override the
+ 375.	[bug]		Per-zone allow-query did not properly override the
 			view/global one for CNAME targets and additional
 			data [RT #220].
 
@@ -500,50 +210,19 @@
  370.	[bug]		The error messages for rollforward failures were
 			overly terse.
 
- 369.	[func]		Support new named.conf options, view and zone 
-			statements: 
-
-				max-retry-time, min-retry-time, 
-				max-refresh-time, min-refresh-time.
-
- 368.	[func]		Restructure the internal ".bind" view so that more
-			zones can be added to it.
-
  367.	[bug]		Allow proper selection of server on nslookup command
 			line.
 
- 366.	[func]		Allow use of '-' batch file in dig for stdin.
-
  365.	[bug]		nsupdate -k leaked memory.
 
- 364.	[func]		Added additional-from-{cache,auth}
-
  362.	[bug]		rndc no longer aborts if the configuration file is
 			missing an options statement. [RT #209]
 
- 361.	[func]		When the RBT find or chain functions set the name and
-			origin for a node that stores the root label
-			the name is now set to an empty name, instead of ".",
-			to simplify later use of the name and origin by
-			dns_name_concatenate(), dns_name_totext() or
-			dns_name_format().
-
- 360.	[func]		dns_name_totext() and dns_name_format() now allow
-			an empty name to be passed, which is formatted as "@".
-
  359.	[bug]		dnssec-signzone occasionally signed glue records.
 
- 358.	[cleanup]	Rename the intermediate files used by the dnssec
-			programs.
-
  357.	[bug]		The zone file parser crashed if the argument
 			to $INCLUDE was a quoted string.
 
- 356.	[cleanup]	isc_task_send no longer requires event->sender to
-			be non-null.
-
- 355.	[func]		Added isc_dir_createunique(), similar to mkdtemp().
-
  354.	[doc]		Man pages for the dnssec tools are now included in
 			the distribution, in doc/man/dnssec.
 
@@ -563,25 +242,8 @@
  349.	[bug]		Processing a query with the CD bit set now works
 			as expected.
 
- 348.	[func]		New boolean named.conf options 'additional-from-auth'
-			and 'additional-from-cache' now supported in view and
-			global options statement.
-
- 347.	[bug]		Don't crash if when an argument is left off
-			options in dig.
-
- 346.	[func]		Add support for .digrc config file, in the
-			user's current directory
-
- 345.	[bug]		Large-scale changes/cleanups to dig:
-			* Significantly improve structure handling
-			* Don't pre-load entire batch files
-			* Add name/rr counting/limiting
-			* Fix SIGINT handling
-			* Shorten timeouts to match v8's behavior
-
  344.	[bug]		When shutting down, lwresd sometimes tried
-			to shut down its client tasks twice,
+			to shut down its client tasks twice, 
 			triggering an assertion.
 
  343.	[bug]		Although zone maintenance SOA queries and
@@ -600,8 +262,6 @@
 			query at a name with a CNAME RR in a secure
 			zone triggered an assertion failure.
 
- 338.	[bug]		lwresd logged to syslog as named, not lwresd.
-
  337.	[bug]		"dig" did not recognize "nsap-ptr" as an RR type
 			on the command line.
 
@@ -612,19 +272,13 @@
  335.	[bug]		named would occasionally attempt recursion when
 			it was disallowed or undesired.
 
- 334.	[func]		Added hmac-md5 to libisc.
-
  333.	[bug]		The resolver incorrectly accepted referrals to
 			domains that were not parents of the query name,
 			causing assertion failures.
 
- 332.	[func]		New function dns_name_reset().
-
  331.	[bug]		Only log "recursion denied" if RD is set. (RT #178)
 
- 330.	[bug]		Many debugging messages were partially formatted
-			even when debugging was turned off, causing a
-			significant decrease in query performance.
+	--- 9.0.0rc1 released ---
 
  329.	[func]		omapi_auth_register() now takes a size_t argument for
 			the length of a key's secret data.  Previously
@@ -632,14 +286,6 @@
 
  328.	[func]		Added isc_base64_decodestring().
 
- 327.	[bug]		rndc.conf parser wasn't correctly recognising an IP
-			address where a host specification was required.
-
- 326.	[func]		'keys' in an 'inet' control statement is now
-			required and must have at least one item in it.
-			A "not supported" warning is now issued if a 'unix'
-			control channel is defined.
-
  325.	[bug]		isc_lex_gettoken was processing octal strings when
 			ISC_LEXOPT_CNUMBER was not set.
 
@@ -647,16 +293,16 @@
 			response after a number of retransmissions.
 			This is to allow queries some chance of succeeding
 			even if all the authoritative servers of a zone
-			silently discard EDNS0 requests instead of
+			silently discard EDNS0 requests instead of 
 			sending an error response like they ought to.
 
  323.	[bug]		dns_rbt_findname() did not ignore empty rbt nodes.
-			Because of this, servers authoritative for a parent
+			Because of this, servers authoritative for a parent 
 			and grandchild zone but not authoritative for the
 			intervening child zone did not correctly issue
 			referrals to the servers of the child zone.
 
- 322.	[bug]		Queries for KEY RRs are now sent to the parent
+ 322.	[bug]		Queries for KEY RRs are now sent to the parent 
 			server before the authoritative one, making
 			DNSSEC insecurity proofs work in many cases
 			where they previously didn't.
@@ -686,7 +332,7 @@
 
  315.	[bug]		Handle non-empty blanks lines. (RT #163)
 
- 314.	[func]		The named.conf controls statement can now have
+ 314.	[func]		The named.conf controls statement can now have 
 			more than one key specified for the inet clause.
 
  313.	[bug]		When parsing resolv.conf, don't terminate on an
@@ -714,7 +360,7 @@
 			  - allow "port xxx" to be left out of statement,
 			    in which case it defaults to omapi's default port
 			    of 953.
-
+ 
  309.	[bug]		When sending a referral, the server did not look
 			for name server addresses as glue in the zone
 			holding the NS RRset in the case where this zone
@@ -745,10 +391,10 @@
 			are listed in resolv.conf, silently ignore them
 			instead of returning failure.
 
- 303.	[bug]		Add additional sanity checks to differentiate a AXFR
+ 303.	[bug]		add additional sanity checks to differentiate a AXFR
 			response vs a IXFR response. (RT #157)
 
- 302.	[bug]		In dig, host, and nslookup, MXNAME should be large
+ 302.	[bug]		In dig, host, and nslookup, MXNAME should be large 
 			enough to hold any legal domain name in presentation
 			format + terminating NULL.
 
@@ -765,6 +411,8 @@
 			keep a copy of the user and group databases in the
 			chroot'ed environment.	Suggested by Hakan Olsson.
 
+	--- 9.0.0b5 released ---
+
  298.	[bug]		A mutex deadlock occurred during shutdown of the
 			interface manager under certain conditions.
 			Digital Unix systems were the most affected.
@@ -790,8 +438,6 @@
 			reverts to "name_current" instead of staying as
 			"name_glue".
 
- 293.	[port]		Add support for FreeBSD 4.0 system tests.
-
  292.	[bug]		Due to problems with the way some operating systems
 			handle simultaneous listening on IPv4 and IPv6
 			addresses, the server no longer listens on IPv6
@@ -817,7 +463,7 @@
 			disabled until named supports the "controls" statement,
 			post-9.0.0.
 
- 286.	[bug]		On Solaris 2, when named inherited a signal state
+ 286.	[bug]		On Solaris 2, when named inherited a signal state 
 			where SIGHUP had the SIG_IGN action, SIGHUP would
 			be ignored rather than causing the server to reload
 			its configuration.
@@ -832,7 +478,7 @@
 
  283.	[cleanup]	The 'lwresd' program is now a link to 'named'.
 
- 282.	[bug]		The lexer now returns ISC_R_RANGE if parsed integer is
+ 282.	[bug]		The lexer now returns ISC_R_RANGE if parsed integer is 
 			too big for an unsigned long.
 
  281.	[bug]		Fixed list of recognized config file category names.
@@ -859,7 +505,7 @@
 
  276.	[bug]		dig now supports maximum sized TCP messages.
 
- 275.	[bug]		The definition of lwres_gai_strerror() was missing
+ 275.	[bug]		The definition of lwres_gai_strerror() was missing 
 			the lwres_ prefix.
 
  274.	[bug]		TSIG AXFR verify failed when talking to a BIND 8
@@ -885,7 +531,7 @@
 			failure by causing clone_results() to be called with
 			with hevent->node == NULL.
 
- 268.	[doc]		A plain text version of the Administrator
+ 268.	[doc]		A plain text version of the Administrator 
 			Reference Manual is now included in the distribution,
 			as doc/arm/Bv9ARM.txt.
 
@@ -982,7 +628,7 @@
  240.	[func]		databases now come in three flavours: zone, cache
 			and stub.
 
- 239.	[func]		If ISC_MEM_DEBUG is enabled, the variable
+ 239.	[feature]	If ISC_MEM_DEBUG is enabled, the variable
 			isc_mem_debugging controls whether messages
 			are printed or not.
 
@@ -995,14 +641,14 @@
 
  237.	[bug]		If connect() returned ENOBUFS when the resolver was
 			initiating a TCP query, the socket didn't get
-			destroyed, and the server did not shut down cleanly.
+			destroyed, and the server did not shut down cleanly. 
 
  236.	[func]		Added new listen-on-v6 config file statement.
 
- 235.	[func]		Consider it a config file error if a listen-on
-			statement has an IPv6 address in it, or a
+ 235.	[func]		Consider it a config file error if a listen-on 
+			statement has an IPv6 address in it, or a 
 			listen-on-v6 statement has an IPv4 address in it.
-
+			
  234.	[bug]		Allow a trusted-key's first field (domain-name) be
 			either a quoted or an unquoted string, instead of
 			requiring a quoted string.
@@ -1019,11 +665,11 @@
 
  230.	[func]		Replace the dst sign/verify API with a cleaner one.
 
- 229.	[func]		Support config file sig-validity-interval statement
-			in options, views and zone statements (master
+ 229.	[func]		Support config file sig-validity-interval statement 
+			in options, views and zone statements (master 
 			zones only).
 
- 228.	[cleanup]	Logging messages in config module stripped of
+ 228.	[cleanup]	Logging messages in config module stripped of 
 			trailing period.
 
  227.	[cleanup]	The enumerated identifiers dns_rdataclass_*,
@@ -1069,7 +715,7 @@
  217.	[func]		Also-notify and trusted-keys can now be used in
 			the 'view' statement.
 
- 216.	[func]		The 'max-cache-ttl' and 'max-ncache-ttl' options
+ 216.	[func]		The 'max-cache-ttl' and 'max-ncache-ttl' options 
 			now work.
 
  215.	[bug]		Failures at certain points in request processing
@@ -1156,14 +802,14 @@
 
  193.	[func]		changed dst_key_free() prototype.
 
- 192.	[bug]		Zone configuration validation is now done at end
+ 192.	[bug]		Zone configuration validation is now done at end 
 			of config file parsing, and before loading
 			callbacks.
 
  191.	[func]		Patched to compile on UnixWare 7.x.  This platform
 			is not directly supported by the ISC.
 
- 190.	[cleanup]	The DNSSEC tools have been moved to a separate
+ 190.	[cleanup]	The DNSSEC tools have been moved to a separate 
 			directory dnssec/ and given the following new,
 			more descriptive names:
 
@@ -1231,7 +877,7 @@
 			to comment out the entire zone statement.
 
  176.	[func]		New global and per-view option:
-
+				
 				max-cache-ttl number
 
  175.	[func]		New global and per-view option:
@@ -1245,7 +891,7 @@
 			quota so that a new transfer can be dispatched
 			immediately whenever quota becomes available.
 
- 172.	[bug]		$TTL directive was sometimes missing from dumped
+ 172.	[bug]		$TTL directive was sometimes missing from dumped 
 			master files because totext_ctx_init() failed to
 			initialize ctx->current_ttl_valid.
 
@@ -1317,7 +963,7 @@
  153.	[func]		dns_rdata_tostruct() 'mctx' is now optional.  If 'mctx'
 			is NULL then you need to preserve the 'rdata' until
 			you have finished using the structure as there may be
-			references to the associated memory.  If 'mctx' is
+			references to the associated memory.  If 'mctx' is 
 			non-NULL it is guaranteed that there are no references
 			to memory associated with 'rdata'.
 
@@ -1332,7 +978,7 @@
 			come after the 'type' clause.
 
  150.	[func]		Support optional ports in masters and also-notify
-			statements:
+			statements: 
 
 				masters [ port xxx ] { y.y.y.y [ port zzz ] ; }
 
@@ -1453,7 +1099,7 @@
 			are replaced by dns_zone_setnotifyalso().
 			dns_zone_clearmasters() and dns_zone_addmaster()
 			are replaced by dns_zone_setmasters().
-
+			
  116.	[func]		Added <isc/offset.h> for isc_offset_t (aka off_t
 			on Unix systems).
 
@@ -1535,7 +1181,7 @@
 			<isc/mutex.h>.	isc_random_t moved to <isc/types.h>.
 
   99.	[cleanup]	Rate limiter now has separate shutdown() and
-			destroy() functions, and it guarantees that all
+			destroy() functions, and it guarantees that all 
 			queued events are delivered even in the shutdown case.
 
   98.	[cleanup]	<isc/print.h> does not need <stdarg.h> or <stddef.h>
@@ -1599,7 +1245,7 @@
 			consistency with other *_test programs.
 
   77.	[cleanup]	typedef of isc_time_t and isc_interval_t moved from
-			<isc/time.h> to <isc/types.h>.
+			<isc/time.h> to <isc/types.h>.	
 
   76.	[cleanup]	Rewrote keygen.
 
@@ -1717,12 +1363,12 @@
   40.	[func]		Introduced new logging category "dnssec" and
 			logging module "dns/validator".
 
-  39.	[cleanup]	Moved the typedefs for isc_region_t, isc_textregion_t,
+  39.	[cleanup]	Moved the typedefs for isc_region_t, isc_textregion_t, 
 			and isc_lex_t to <isc/types.h>.
 
   38.	[bug]		TSIG signed incoming zone transfers work now.
 
-  37.	[bug]		If the first RR in an incoming zone transfer was
+  37.	[bug]		If the first RR in an incoming zone transfer was 
 			not an SOA, the server died with an assertion failure
 			instead of just reporting an error.
 
@@ -1741,7 +1387,7 @@
 
   31.	[bug]		Use ${LIBTOOL} to compile bin/named/main.@O@.
 
-  30.	[func]		config file grammer change to support optional
+  30.	[func]		config file grammer change to support optional 
 			class type for a view.
 
   29.	[func]		support new config file view options:
@@ -1754,9 +1400,9 @@
 				fetch-glue notify rfc2308-type1 lame-ttl
 				max-ncache-ttl min-roots
 
-  28.	[func]		support lame-ttl, min-roots and serial-queries
+  28.	[func]		support lame-ttl, min-roots and serial-queries 
 			config global options.
-
+			
   27.	[bug]		Only include <netinet6/in6.h> on BSD/OS 4.[01]*.
 			Including it on other platforms (eg, NetBSD) can
 			cause a forced #error from the C preprocessor.
@@ -1793,7 +1439,7 @@
 
   17.	[func]		Do configuration file post-load validation of zones.
 
-  16.	[bug]		put quotes around key names on config file
+  16.	[bug]		put quotes around key names on config file 
 			output to avoid possible keyword clashes.
 
   15.	[func]		Add dns_name_dupwithoffsets().	This function is
@@ -1823,11 +1469,11 @@
 
    7.	[cleanup]	removed 'listen-on' from view statement.
 
-   6.	[bug]		quote RR names when generating config file to
-			prevent possible clash with config file keywords
+   6.	[bug]		quote RR names when generating config file to 
+			prevent possible clash with config file keywords 
 			(such as 'key').
 
-   5.	[func]		syntax change to named.conf file: new ssu grant/deny
+   5.	[func]		syntax change to named.conf file: new ssu grant/deny 
 			statements must now be enclosed by an 'update-policy'
 			block.
 

COPYRIGHT

@@ -4,11 +4,11 @@ Permission to use, copy, modify, and distribute this software for any
 purpose with or without fee is hereby granted, provided that the above
 copyright notice and this permission notice appear in all copies.
 
-THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+SOFTWARE.

Makefile.in

@@ -1,19 +1,19 @@
 # Copyright (C) 1998-2000  Internet Software Consortium.
-#
+# 
 # Permission to use, copy, modify, and distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
 # copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-# INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+# ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+# CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+# DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+# SOFTWARE.
 
-# $Id: Makefile.in,v 1.33 2000/09/20 19:05:50 gson Exp $
+# $Id: Makefile.in,v 1.21.2.6 2000/07/27 01:48:49 gson Exp $
 
 srcdir =	@srcdir@
 VPATH =		@srcdir@
@@ -23,6 +23,15 @@ top_srcdir =	@top_srcdir@
 
 SUBDIRS =	make lib bin
 TARGETS =
+DISTFILES =	CHANGES COPYRIGHT Makefile.in README \
+		acconfig.h aclocal.m4 config.guess config.h.in config.h.win32 \
+		config.status.win32 config.sub configure configure.in \
+		isc-config.sh.in install-sh libtool.m4 ltconfig ltmain.sh \
+		lib make contrib \
+		version
+DOCDISTFILES =	arm draft misc rfc
+DOCMANDISTFILES = bin dnssec
+BINDISTFILES =	Makefile.in dig dnssec named nsupdate rndc tests
 
 @BIND9_MAKE_RULES@
 
@@ -31,17 +40,30 @@ distclean::
 	rm -f libtool isc-config.sh
 	rm -f util/conf.sh
 
-installdirs:
-	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${bindir}
+cleandir: distclean
 
-install:: isc-config.sh installdirs
+install:: isc-config.sh
 	${INSTALL_PROGRAM} isc-config.sh ${DESTDIR}${bindir}
 
+kit: kitclean
+	mkdir bind-${VERSION}
+	@(cd bind-${VERSION}; for i in ${DISTFILES}; do ln -s ../$$i $$i; done)
+	mkdir bind-${VERSION}/doc
+	@(cd bind-${VERSION}/doc; for i in ${DOCDISTFILES}; do \
+		ln -s ../../doc/$$i $$i; done)
+	mkdir bind-${VERSION}/doc/man
+	@(cd bind-${VERSION}/doc/man; for i in ${DOCMANDISTFILES}; do \
+		ln -s ../../../doc/man/$$i $$i; done)
+	mkdir bind-${VERSION}/bin
+	@(cd bind-${VERSION}/bin; for i in ${BINDISTFILES}; do \
+		ln -s ../../bin/$$i $$i; done)
+	gtar -c -v -z -h --exclude '*CVS*' -f bind-${VERSION}.tar.gz \
+		bind-${VERSION}
+	rm -rf bind-${VERSION}
+
+kitclean: distclean
+	rm -rf bind-${VERSION}
+
 tags:
 	rm -f TAGS
 	find lib bin -name "*.[ch]" -print | @ETAGS@ -
-
-check: test
-
-test:
-	(cd bin/tests && ${MAKE} ${MAKEDEFS} test)

README

@@ -44,14 +44,66 @@ BIND 9
 		Stichting NLnet - NLnet Foundation
 
 
+BIND 9.0.0
 
-BIND 9.1.0a1
+	BIND 9.0.0 is the first "general availability" release of BIND
+	version 9. It is aimed at early adopters and those who wish to 
+	make use of new 9.0 features, such as IPv6 and DNSSEC secure 
+	resolution support.
 
-	This is an unreleased alpha version of BIND 9.1.0.
+	We are running BIND 9 in production, and it has been used
+	as a root name server.
 
-	For a detailed list of user-visible changes from
-	previous releases, see the CHANGES file.
+	BIND 9.0.0 is primarily a name server software distribution.
+	In addition to the name server, it also includes a new
+	lightweight stub resolver library and associated resolver
+	daemon that fully support forward and reverse lookups of both
+	IPv4 and IPv6 addresses.  This library is still considered
+	experimental and is not a complete replacement for the BIND 8
+	resolver library.  In particular, applications that use the
+	BIND 8 res_* functions to perform DNS queries or dynamic
+	updates still need to be linked against the BIND 8 libraries.
 
+	BIND 9.0.0 is capable of acting as an authoritative server
+	for DNSSEC secured zones.  This functionality is believed to
+	be stable and complete except for lacking support for wildcard
+	records in secure zones.
+
+	When acting as a caching server, BIND 9.0.0 can be configured
+	to perform DNSSEC secure resolution on behalf of its clients.
+	This part of the DNSSEC implementation is still considered
+	experimental.  For detailed information about the state of the
+	DNSSEC implementation, see the file doc/misc/dnssec.
+
+	There are a few known bugs:
+
+		The option "query-source * port 53;" will not work as
+		expected.  Instead of the wildcard address "*", you need 
+		to use an explicit source IP address.
+
+		On some systems, IPv6 and IPv4 sockets interact in
+		unexpected ways.  For details, see doc/misc/ipv6.
+		To reduce the impact of these problems, the server
+		no longer listens for requests on IPv6 addresses
+		by default.  If you need to accept DNS queries over
+		IPv6, you must specify "listen-on-v6 { any; };"
+		in the named.conf options statement.
+
+		There are known problems with thread signal handling 
+		under Solaris 2.6.
+
+		The "isc_timer_reset" test sometimes fails on HP-UX 11
+		for unknown reasons, but the server itself seems to
+		run fine.
+
+		On FreeBSD systems, the server logs error messages
+		like "fcntl(8, F_SETFL, 4): Inappropriate ioctl for
+		device".  This is due to a bug in the FreeBSD
+		/dev/random device.  The bug has been reported
+		to the FreeBSD maintainers.  A similar problem is
+		reported to exist on OpenBSD.
+
+		The configure option --disable-ipv6 is not functional.
 
 Building
 
@@ -62,52 +114,47 @@ Building
 
 		AIX 4.3
 		COMPAQ Tru64 UNIX 4.0D
-                COMPAQ Tru64 UNIX 5 (with IPv6 EAK)
-		FreeBSD 3.4-STABLE, 3.5, 4.0, 4.1
+		COMPAQ Tru64 UNIX 5 (with IPv6 EAK)
+		FreeBSD 3.4-STABLE
 		HP-UX 11
 		IRIX64 6.5
 		NetBSD-current (with unproven-pthreads-0.17)
 		Red Hat Linux 6.0, 6.1, 6.2
 		Solaris 2.6, 7, 8
 
-	Additionally, we have unverified reports of success from users
-	of the following systems:
-
-		Slackware Linux 7.0 with 2.4.0-test6 kernel and glibc 2.1.3
-
 	To build, just
 
 		./configure
 		make
 
-        Several environment variables that can be set before running
-        configure will affect compilation:
+	Several environment variables that can be set before running
+	configure will affect compilation:
 
-            CC
-                The C compiler to use.  configure tries to figure
-                out the right one for supported systems.
+	    CC
+		The C compiler to use.	configure tries to figure
+		out the right one for supported systems.
 
-            CFLAGS
-                C compiler flags.  Defaults to include -g and/or -O2
-                as supported by the compiler.
+	    CFLAGS
+		C compiler flags.  Defaults to include -g and/or -O2
+		as supported by the compiler.
 
-            STD_CINCLUDES
-                System header file directories.  Can be used to specify
-                where add-on thread or IPv6 support is, for example.
-                Defaults to empty string.
+	    STD_CINCLUDES
+		System header file directories.	 Can be used to specify
+		where add-on thread or IPv6 support is, for example.
+		Defaults to empty string.
 
-            STD_CDEFINES
-                Any additional preprocessor symbols you want defined.
-                Defaults to empty string.
+	    STD_CDEFINES
+		Any additional preprocessor symbols you want defined.
+		Defaults to empty string.
 
-        To build shared libraries, specify "--with-libtool" on the
+	To build shared libraries, specify "--with-libtool" on the
 	configure command line.
 
 	If your operating system has integrated support for IPv6, it
 	will be used automatically.  If you have installed KAME IPv6
 	separately, use "--with-kame[=PATH]" to specify its location.
-
-        To see additional configure options, run "configure --help".
+	
+	To see additional configure options, run "configure --help".
 
 	"make install" will install "named" and the various BIND 9 libraries.
 	By default, installation is into /usr/local, but this can be changed
@@ -143,6 +190,7 @@ Documentation
 
 
 Bug Reports and Mailing Lists
+
 	Bugs reports should be sent to
 
 		bind9-bugs@isc.org
@@ -157,4 +205,3 @@ Bug Reports and Mailing Lists
 
 		bind9-workers-request@isc.org
 
-

TODO

@@ -0,0 +1,18 @@
+
+1.	Rdataset/Rdatalist Union
+2.	ev_ prefix for ISC_EVENT_COMMON
+3.	Finish mempool conversion of message.c
+4.	Improve buffer & region APIs (inline?)
+5.	isc/util.h publish or perish
+6.	magic number listing
+7.	Eliminate dns_result_t and old DNS_R_ codes
+8.	Check base 64 code; does it have the problems that
+	the BIND 8 code does?
+9.	Authority is optional if we have answers?
+10.	AD bit setting.
+11.	KEY duplication (answer + additional) in any query
+12.	Fix rdata META flag to be set for TSIG, TKEY, OPT
+13.	Intergrate (replace?) old per zone SOA timers with zomemgr
+14.	RWlock for zonemgr zone list
+15.	CHAOS A's
+16.	implement "doc" checks out of zonemgr.

acconfig.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: acconfig.h,v 1.29 2000/09/22 18:52:32 bwelling Exp $ */
+/* $Id: acconfig.h,v 1.23 2000/06/22 21:48:56 tale Exp $ */
 
 /***
  *** This file is not to be included by any public header files, because
@@ -72,12 +72,6 @@
  */
 #undef CALL_PTHREAD_SETCONCURRENCY
 
-/* define if IPv6 is not disabled */
-#undef WANT_IPV6
-
-/* define if flockfile() is available */
-#undef HAVE_FLOCKFILE
-
 /* Shut up warnings about sputaux in stdio.h on BSD/OS pre-4.1 */
 #undef SHUTUP_SPUTAUX
 #ifdef SHUTUP_SPUTAUX
@@ -108,6 +102,3 @@ int sigwait(const unsigned int *set, int *sig);
 		ap = (va_list)(_u.var + __va_words(__typeof(last))); \
 	} while (0)
 #endif /* SHUTUP_STDARG_CAST && __GNUC__ */
-
-/* define if the system has a random number generating device */
-#undef PATH_RANDOMDEV

bin/Makefile.in

@@ -1,19 +1,19 @@
 # Copyright (C) 1998-2000  Internet Software Consortium.
-#
+# 
 # Permission to use, copy, modify, and distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
 # copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-# INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+# ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+# CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+# DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+# SOFTWARE.
 
-# $Id: Makefile.in,v 1.19 2000/08/01 01:11:11 tale Exp $
+# $Id: Makefile.in,v 1.15.2.2 2000/06/29 00:05:25 gson Exp $
 
 srcdir =	@srcdir@
 VPATH =		@srcdir@

bin/dig/.cvsignore

@@ -2,5 +2,3 @@ Makefile
 dig
 host
 nslookup
-*.lo
-.libs

bin/dig/Makefile.in

@@ -1,19 +1,19 @@
 # Copyright (C) 2000  Internet Software Consortium.
-#
+# 
 # Permission to use, copy, modify, and distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
 # copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-# INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+# ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+# CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+# DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+# SOFTWARE.
 
-# $Id: Makefile.in,v 1.17 2000/09/29 23:42:11 mws Exp $
+# $Id: Makefile.in,v 1.10.2.2 2000/08/08 00:17:59 gson Exp $
 
 srcdir =	@srcdir@
 VPATH =		@srcdir@
@@ -25,10 +25,10 @@ top_srcdir =	@top_srcdir@
 
 CINCLUDES =	-I${srcdir}/include ${DNS_INCLUDES} ${ISC_INCLUDES}
 
-CDEFINES =	-DVERSION=\"${VERSION}\"
+CDEFINES =	
 CWARNINGS =
 
-DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_OPENSSL_LIBS@ @DNS_GSSAPI_LIBS@
+DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_OPENSSL_LIBS@
 ISCLIBS =	../../lib/isc/libisc.@A@
 
 DNSDEPLIBS =	../../lib/dns/libdns.@A@
@@ -44,7 +44,7 @@ TARGETS =	dig host nslookup
 
 OBJS =		dig.@O@ dighost.@O@ host.@O@ nslookup.@O@
 
-UOBJS =
+UOBJS =		
 
 SRCS =		dig.c dighost.c host.c nslookup.c
 
@@ -63,7 +63,9 @@ clean distclean::
 	rm -f ${TARGETS}
 
 installdirs:
-	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${bindir}
+	if [ ! -d ${DESTDIR}${bindir} ]; then \
+		mkdir ${DESTDIR}${bindir}; \
+	fi
 
 install:: dig host nslookup installdirs
 	${LIBTOOL} ${INSTALL_PROGRAM} dig ${DESTDIR}${bindir}

bin/dig/dig.1

@@ -1,462 +0,0 @@
-.\" Copyright (C) @YEARS@  Internet Software Consortium.
-.\" 
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\" 
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.\" $Id: dig.1,v 1.4 2000/09/29 18:25:00 mws Exp $
-.\" 
-.Dd Jun 30, 2000
-.Dt DIG 1
-.Os BIND9 9
-.ds vT BIND9 Programmer's Manual
-.Sh NAME
-.Nm dig
-.Nd DNS lookup utility
-.Sh SYNOPSIS
-.Nm dig
-.Op @server
-.Op Fl b Ar address
-.Op Fl c Ar class
-.Op Fl f Ar filename
-.Op Fl k Ar filename
-.Op Fl p Ar port#
-.Op Fl t Ar type
-.Op Fl x Ar addr
-.Op Fl y Ar name:key
-.Op name
-.Op type
-.Op class
-.Op queryopt ...
-.Nm dig
-.Fl h
-.Nm dig
-.Op global-queryopt ...
-.Op query1
-.Op query2 ...
-.Sh DESCRIPTION
-.Pp
-.Nm dig 
-(domain information groper) is a flexible tool for interrogating DNS
-name servers.
-It performs DNS lookups and displays the answers that are returned from
-the name server(s) that were queried.
-Most DNS administrators use
-.Nm dig
-to troubleshoot DNS problems because of its flexibility, ease of use and
-clarity of output.
-Other lookup tools tend to have less functionality than
-.Nm dig .
-.Pp
-Although
-.Nm dig
-is normally used with command-line arguments, it also has a batch
-mode of operation for reading lookup requests from a file.
-A brief summary of its command-line arguments and options is printed
-when the
-.Fl h
-option is given.
-Unlike earlier versions, the BIND9 implementation of 
-.Nm dig
-allows multiple lookups to be issued from the command line.
-.Pp
-Unless it is told to query a specific name server,
-.Nm dig
-will try each of the servers listed in
-.Pa /etc/resolv.conf .
-.Pp
-When no command line arguments or options are given,
-will perform an NS query for "." (the root).
-.Sh SIMPLE USAGE
-.Pp
-A typical invocation of
-.Nm dig
-looks like:
-.Bd -ragged | -offset indent
-.Ic dig Ar @server name type
-.Ed
-.Pp
-where:
-.Bl -tag -width server
-.It Ar server
-is the name or IP address of the name server to query.
-An IPv4 address can be provided in dotted-decimal notation.
-When the supplied
-.Ar server
-argument is a hostname,
-.Nm dig
-resolves that name before querying that name server.
-If no
-.Ar server
-argument is provided,
-.Nm dig
-consults
-.Pa /etc/resolv.conf 
-and queries the name servers listed there.
-The reply from the name server that responds is displayed.
-.It Ar name
-is the name of the resource record that is to be looked up.
-.It Ar type
-indicates what type of query is required - ANY, A, MX, SIG, etc.
-.Ar type
-can be any valid query type.
-If no
-.Ar type
-argument is supplied,
-.Nm dig
-will perform a lookup for an A record.
-.El
-.Pp
-.Sh OPTIONS
-The 
-.Fl b
-option sets the source IP address of the query to
-.Ar address . 
-This must be a valid
-address on one of the host's network interfaces.
-.Pp
-The default query class (IN for internet) is overridden by the
-.Fl c
-option.
-.Ar class
-is any valid class, such as HS for Hesiod records or CH for
-CHAOSNET records.
-.Pp
-The
-.Fl f
-option makes
-.Nm dig 
-operate in batch mode by reading a list of lookup requests to process
-from the file
-.Ar filename .
-The file contains a number of queries, one per line.
-Each entry in the file should be organised in the same way they would be
-presented as queries to
-.Nm dig
-using the command-line interface.
-.Pp
-If a non-standard port number is to be queried, the
-.Fl p
-option is used.
-.Ar port#
-is the port number that
-.Nm dig
-will send its queries instead of the standard DNS port number 53.
-This option would be used to test a name server that has been configured
-to listen for queries on a non-standard port number.
-.Pp
-The
-.Fl t
-option sets the query type to
-.Ar type .
-It can be any valid query type which is supported in BIND9.
-The default query type "A", unless the
-.Fl x
-option is supplied to indicate a reverse lookup.
-A zone transfer can be requested by specifying a type of AXFR.
-When an incremental zone transfer (IXFR) is required,
-.Ar type
-is set to
-.Dv ixfr=N .
-The incremental zone transfer will contain the changes made to the zone
-since the serial number in the zone's SOA record was
-.Ar N .
-.Pp
-Reverse lookups - mapping addresses to names - are simplified
-by the
-.Fl x
-option.
-.Ar addr
-is an IPv4 address in dotted-decimal notation, or a colon-delimited
-IPv6 address.
-When this option is used, there is no need to provide the
-.Ar name ,
-.Ar class 
-and
-.Ar type
-arguments.
-.Nm dig
-automatically performs a lookup for a name like
-.Dv 11.12.13.10.in-addr.arpa
-and sets the query type and class to PTR and IN respectively.
-By default, IPv6 addresses are looked up using the
-IP6.ARPA domain and binary labels as defined in RFC2874.
-To use the older RFC1886 method using the IP6.INT domain and "nibble" labels,
-specify the
-.Fl n
-(nibble) option.
-.Pp
-To sign the DNS queries sent by
-.Nm dig
-and their responses using transaction signatures (TSIG),
-specify a TSIG key file using the
-.Fl k
-option.  You can also specify the TSIG key itself on the command
-line using the
-.Fl y
-option; 
-.Ar name
-is the name of the TSIG key and
-.Ar key
-is the actual key.  The key is a base-64 encoded string,
- typically generated by
-.Xr dnssec-keygen 8 .
-Caution should be taken when using the
-.Fl y
-option on multi-user systems as the key can be visible
-in the output from
-.Xr ps 1
-or in the shell's history file.
-When using TSIG authentication with
-.Nm dig ,
-the name server that is queried needs to know the key and algorithm
-that is being used.
-In BIND, this is done by providing appropriate
-.Dv key{}
-and
-.Dv server{}
-statements in 
-.Pa named.conf .
-.Sh QUERY OPTIONS
-.Nm dig
-provides a number of query options which affect the way in which 
-lookups are made and the results displayed.
-Some of these set or reset flag bits in the query header,
-some determine which sections of the answer get printed,
-and others determine the timeout and retry strategies.
-.Pp
-Each query option is identified by a keyword preceded by a
-plus sign: \*q+\*q.
-Some keywords set or reset an option.
-These may be preceded by the string \*qno\*q to negate the meaning of
-that keyword.
-Other keywords assign values to options like the timeout interval.
-They have the form
-.Dv +keyword=value .
-The query options are:
-.Bl -tag -width +[no]additional
-.It +[no]tcp
-Use [do not use] TCP when querying name servers.
-The default behaviour is to use UDP unless an AXFR or IXFR query is
-requested, in which case a TCP connection is used.
-.It +[no]vc
-Use [do not use] TCP when querying name servers.
-This alternate syntax to
-.Ar +[no]tcp
-is provided for backwards compatibility.
-The "vc" stands for "virtual circuit".
-.It +[no]ignore
-Ignore truncation in UDP responses instead of 
-retrying with TCP.  By default, TCP retries are
-performed.
-.It +domain=somename
-Set the default domain to
-.Ar somename ,
-as if specified in a
-.Dv domain
-directive in 
-.Pa /etc/resolv.conf .
-.It +[no]search
-Use [do not use] the search list in 
-.Pa resolv.conf 
-(if any).
-The search list is not used by default.
-.It +[no]defname
-Use [do not use] the default domain name, if any, in
-.Pa resolv.conf 
-The default is not to append that name to 
-.Ar name
-when making queries. 
-.It +[no]aaonly
-This option does nothing.
-It is provided for compatibilty with old versions of
-.Nm dig
-where it set an unimplemented resolver flag.
-.It +[no]adflag
-Set [do not set] the AD (authentic data) bit in the query.
-The AD bit currently has a standard meaning only in responses,
-not in queries, but the ability to set the bit in the query
-is provided for completeness.
-.It +[no]cdflag
-Set [do not set] the CD (checking disabled) bit in the query.
-This requests the server to not perform DNSSEC validation
-of responses.
-.It +[no]recursive
-Toggle the setting of the RD (recursion desired) bit in the query.
-This bit is set by default, which means 
-.Nm dig .
-normally sends recursive queries.
-Recursion is automatically disabled when the
-.Ar +nssearch
-or
-.Ar +trace
-query options are used.
-.It +[no]nssearch
-When this option is set,
-.Nm dig
-attempts to find the authoritative name servers for the zone containing
-the name being looked up and
-display the SOA record that each name server has for the zone.
-.It +[no]trace
-Toggle tracing of the delegation path from the root name servers for
-the name being looked up.
-Tracing is disabled by default.
-When tracing is enabled,
-.Nm dig
-makes iterative queries to resolve the name being looked up.
-It will follow referrals from the root servers, showing
-the answer from each server that was used to resolve the lookup.
-.It +[no]cmd
-toggles the printing of the initial comment in the output identifying
-the version of
-.Nm dig
-and the query options that have been applied.
-This comment is printed by default.
-.It +[no]short
-Provide a terse answer.
-The default is to print the answer in a verbose form.
-.It +[no]identify
-Show [or do not show] the IP address and port number that supplied the
-answer when the
-.Ar +short
-option is enabled.
-If short form answers are requested, the default is not to show
-the source address and port number of the server that provided the
-answer.
-.It +[no]comments
-Toggle the display of comment lines in the output.
-The default is to print comments.
-.It +[no]stats
-This query option toggles the printing of statistics: when the query was
-made, the size of the reply and so on.
-The default behaviour is to print the query statistics.
-.It +[no]qr
-Print [do not print] the query as it is sent.
-before sending the query.  By default, the query is not printed.
-.It +[no]question
-Print [do not print] the question section of a query when an answer is
-returned.
-The default is to print the question section as a comment.
-.It +[no]answer
-Display [do not display] the answer section of a reply.
-The default is to display it.
-.It +[no]authority
-Display [do not display] the authority section of a reply.
-The default is to display it.
-.It +[no]additional
-Display [do not display] the additional section of a reply.
-The default is to display it.
-.It +[no]all
-Set or clear all display flags
-.It +time=T
-Sets the timeout for a query to
-.Dv T
-seconds.
-The default time out is 5 seconds.
-An attempt to set
-.Dv T
-to less than 1 will result in a query timeout of 1 second being applied.
-.It +tries=A
-Sets the number of times to retry UDP queries to server to
-.Dv T
-instead of the default, 3.
-If 
-.Dv T
-is less than or equal to zero, the number of retries is silently rounded
-up to 1.
-.It +ndots=D
-Set the number of dots that have to appear in
-.Ar name
-to
-.Dv D
-for it to be considered absolute.  The default value is that
-defined using the ndots statement in
-.Pa /etc/resolv.conf ,
-or 1 if no ndots statement is present.  Names with fewer
-dots are interpreted as relative names and will be searched 
-for in the domains listed in the 
-.Dv search
-or
-.Dv domain
-directive in
-.Pa /etc/resolv.conf .
-.It +bufsize=B
-Set the UDP message buffer size advertised using EDNS0 to
-.Dv B
-bytes.
-The maximum and minimum sizes of this buffer are 65535 and 0
-respectively.
-Values outside this range are rounded up or down appropriately.
-.El
-.Sh MULTIPLE QUERIES
-.Pp
-The BIND 9
-implementation of
-.Nm dig 
-supports specifying multiple queries on the command line
-(in addition to supporting the
-.Fl f
-batch file option).
-Each of those queries can be supplied with its own set of flags,
-options and query options.
-.Pp
-In this case,
-.Ar query1 ,
-.Ar query2 
-and so on represent an individual query in the command-line syntax described
-above.
-Each consists of any of the standard options and flags, the name to be looked
-up, an optional query type and class and any query options that should
-be applied to that query.
-.Pp
-A global set of query options, which should be applied to all queries, can
-also be supplied.
-These global query options must precede the first tuple of name, class, type,
-options, flags, and query options supplied on the command line.
-Any global query options can be overridden by a
-query-specific set of query options.
-For example:
-.Bd -literal
-dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
-.Ed
-.Pp
-shows how
-.Nm dig
-could be used from the command line to make three lookups: an ANY query
-for
-.Dv www.isc.org ,
-a reverse lookup of 127.0.0.1
-and
-a query for the NS records of
-.Dv isc.org .
-A global query option of
-.Ar +qr
-is applied, so that
-.Nm dig
-shows the initial query it made for each lookup.
-The final query has a local query option of
-.Ar +noqr
-which means that
-.Nm dig
-will not print the initial query when it looks up the
-NS records for
-.Dv isc.org .
-.Sh FILES
-.Pa /etc/resolv.conf
-.Sh SEE ALSO
-.Xr host 1 ,
-.Xr resolver 5 ,
-.Xr named 8 ,
-.Xr dnssec-keygen 8 ,
-.Xr RFC1035 .
-.Sh BUGS 
-There are probably too many query options. 

bin/dig/host.1

@@ -1,214 +0,0 @@
-.\" Copyright (C) 2000  Internet Software Consortium.
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.\" $Id: host.1,v 1.5 2000/08/22 17:02:49 gson Exp $
-.\"
-.Dd Jun 30, 2000
-.Dt HOST 1
-.Os BIND9 9
-.ds vT BIND9 Programmer's Manual
-.Sh NAME
-.Nm host
-.Nd DNS lookup utility
-.Sh SYNOPSIS
-.Nm host
-.Op Fl aCdlnrTwv
-.Op Fl c Ar class
-.Op Fl N Ar ndots
-.Op Fl R Ar number
-.Op Fl t Ar type
-.Op Fl W Ar wait
-.Ar name
-.Op Ar server
-.Sh DESCRIPTION
-.Nm host
-is a simple utility for performing DNS lookups.
-It is normally used to convert names to IP addresses and vice versa.
-When no arguments or options are given,
-.Nm host
-prints a short summary of its command line arguments and options.
-.Pp
-.Ar name
-is the domain name that is to be looked up.
-It can also be a dotted-decimal IPv4 address
-or a colon-delimited IPv6 address,
-in which case
-.Nm host
-will by default perform a reverse lookup for that address.
-.Ar server
-is an optional argument which is either the name or IP address of the
-name server that
-.Nm host
-should query instead of the server or servers listed in
-.Pa /etc/resolv.conf .
-.Pp
-The
-.Fl a
-(all) option is equivalent to setting the
-.Fl v
-option and asking
-.Nm host
-to make a query of type ANY.
-.Pp
-When the
-.Fl C
-option is used,
-.Nm host
-will attempt to display the SOA records for zone
-.Ar name
-from all the listed authoritative name servers for that zone.
-The list of name servers is defined by the NS records that are found for
-the zone.
-.Pp
-The
-.Fl c
-option instructs to make a DNS query of class
-.Ar class .
-This can be used to lookup Hesiod or Chaosnet class resource records.
-The default class is IN: Internet.
-.Pp
-Verbose output is generated by
-.Nm host
-when the
-.Fl d
-or
-.Fl v
-option is used.
-The two options are equivalent.
-They have been provided for backwards compatibility.
-In previous versions, the
-.Fl d
-option switched on debugging traces and
-.Fl v
-enabled verbose output.
-.Pp
-List mode is selected by the
-.Fl l
-option.
-This makes
-.Nm host
-perform a zone transfer for zone
-.Ar name .
-The argument is provided for compatibility with older implemementations.
-This option is equivalent to making a query of type AXFR.
-.Pp
-The
-.Fl n
-option specifies that reverse lookups of IPv6 addresses should
-use the IP6.INT domain and "nibble" labels as defined in RFC1886.
-The default is to use IP6.ARPA and binary labels as defined in RFC2874.
-.Pp
-The
-.Fl N
-option sets the number of dots that have to be in
-.Ar name
-for it to be considered absolute.  The default value is that
-defined using the ndots statement in
-.Pa /etc/resolv.conf ,
-or 1 if no ndots statement is present.  Names with fewer
-dots are interpreted as relative names and will be searched 
-for in the domains listed in the 
-.Dv search
-or
-.Dv domain
-directive in
-.Pa /etc/resolv.conf .
-.Pp
-The number of UDP retries for a lookup can be changed with the
-.Fl R
-option.
-.Ar number
-indicates how many times
-.Nm host
-will repeat a query that does not get answered.
-The default number of retries is 1.
-If
-.Ar number
-is negative or zero, the number of retries will default to 1.
-.Pp
-Non-recursive queries can be made via the
-.Fl r
-option.
-Setting this option clears the
-.Dv RD
-- recursion desired - bit in the query which
-.Nm host
-makes.
-This should mean that the name server receiving the query will not attempt
-to resolve
-.Ar name .
-The
-.Fl r
-option enables
-.Nm host
-to mimic the behaviour of a name server by making non-recursive queries
-and expecting to receive answers to those queries that are usually
-referrals to other name servers.
-.Pp
-By default
-.Nm host
-uses UDP when making queries.
-The
-.Fl T
-option makes it use a TCP connection when querying the name server.
-TCP will be automatically selected for queries that require it, 
-such as zone transfer (AXFR) requests.
-.Pp
-The
-.Fl t
-option is used to select the query type.
-.Ar type
-can be any recognised query type: CNAME, NS, SOA, SIG, KEY, AXFR, etc.
-When no query type is specified,
-.Nm host
-automatically selects an appropriate query type.
-By default it looks for A records, but if the
-.Fl C
-option was given, queries will be made for SOA records,
-and if
-.Ar name
-is a dotted-decimal IPv4 address or colon-delimited IPv6 address,
-.Nm host
-will query for PTR records.
-.Pp
-The time to wait for a reply can be controlled through the
-.Fl W
-and
-.Fl w
-options.
-The
-.Fl W
-option makes
-.Nm host
-wait for
-.Ar wait
-seconds.
-If
-.Ar wait
-is less than one,
-the wait interval is set to one second.
-When the
-.Fl w
-option is used,
-.Nm host
-will effectively wait forever for a reply.
-The time to wait for a response will be set to the number of seconds
-given by the hardware's maximum value for an integer quantity.
-.Sh FILES
-.Pa /etc/resolv.conf
-.Sh SEE ALSO
-.Xr dig 1 ,
-.Xr resolver 5
-.Xr named 8 .

bin/dig/host.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: host.c,v 1.54 2000/09/27 00:02:01 mws Exp $ */
+/* $Id: host.c,v 1.29.2.6 2000/09/15 22:56:14 gson Exp $ */
 
 #include <config.h>
 #include <stdlib.h>
@@ -25,19 +25,14 @@ extern int h_errno;
 
 #include <isc/app.h>
 #include <isc/commandline.h>
-#include <isc/netaddr.h>
 #include <isc/string.h>
 #include <isc/util.h>
 #include <isc/task.h>
 
-#include <dns/byaddr.h>
-#include <dns/fixedname.h>
 #include <dns/message.h>
 #include <dns/name.h>
 #include <dns/rdata.h>
-#include <dns/rdataclass.h>
 #include <dns/rdataset.h>
-#include <dns/rdatatype.h>
 
 #include <dig/dig.h>
 
@@ -45,17 +40,30 @@ extern ISC_LIST(dig_lookup_t) lookup_list;
 extern ISC_LIST(dig_server_t) server_list;
 extern ISC_LIST(dig_searchlist_t) search_list;
 
-extern isc_boolean_t debugging;
+extern isc_boolean_t have_ipv6, show_details, debugging;
+extern in_port_t port;
 extern unsigned int timeout;
 extern isc_mem_t *mctx;
+extern dns_messageid_t id;
+extern dns_name_t rootorg;
+extern char *rootspace[BUFSIZE];
+extern isc_buffer_t rootbuf;
+extern int sendcount;
 extern int ndots;
 extern int tries;
 extern isc_boolean_t usesearch;
 extern int lookup_counter;
+extern int exitcode;
+extern isc_taskmgr_t *taskmgr;
 extern char *progname;
 extern isc_task_t *global_task;
 
-isc_boolean_t short_form = ISC_TRUE, listed_server = ISC_FALSE;
+isc_boolean_t 
+	short_form = ISC_TRUE,
+	filter = ISC_FALSE,
+	showallsoa = ISC_FALSE,
+	tcpmode = ISC_FALSE,
+	listed_server = ISC_FALSE;
 
 static const char *opcodetext[] = {
 	"QUERY",
@@ -104,7 +112,7 @@ static const char *rtypetext[] = {
 	"MF",				/* 4 */
 	"is an alias for",		/* 5 */
 	"SOA",				/* 6 */
-	"MB",				/* 7 */
+	"MB",				/* 7 */	
 	"MG",				/* 8 */
 	"MR",				/* 9 */
 	"NULL",				/* 10 */
@@ -205,14 +213,13 @@ static const char *rtypetext[] = {
 static void
 show_usage(void) {
 	fputs(
-"Usage: host [-aCdlrTwv] [-c class] [-n] [-N ndots] [-t type] [-W time]\n"
+"Usage: host [-aCdlrTwv] [-c class] [-N ndots] [-t type] [-W time]\n"
 "            [-R number] hostname [server]\n"
 "       -a is equivalent to -v -t *\n"
 "       -c specifies query class for non-IN data\n"
 "       -C compares SOA records on authorative nameservers\n"
 "       -d is equivalent to -v\n"
 "       -l lists all hosts in a domain, using AXFR\n"
-"       -n Use the nibble form of IPv6 reverse lookup\n"
 "       -N changes the number of dots allowed before root lookup is done\n"
 "       -r disables recursive processing\n"
 "       -R specifies number of retries for UDP packets\n"
@@ -221,11 +228,12 @@ show_usage(void) {
 "       -v enables verbose output\n"
 "       -w specifies to wait forever for a reply\n"
 "       -W specifies how long to wait for a reply\n", stderr);
-	exit(1);
-}
+	exit(exitcode);
+}				
 
 void
 dighost_shutdown(void) {
+	free_lists();
 	isc_app_shutdown();
 }
 
@@ -235,7 +243,7 @@ received(int bytes, int frmsize, char *frm, dig_query_t *query) {
 	isc_result_t result;
 	int diff;
 
-	if (!short_form) {
+	if ((!short_form) || (show_details)) {
 		result = isc_time_now(&now);
 		check_result(result, "isc_time_now");
 		diff = isc_time_microdiff(&now, &query->time_sent);
@@ -297,7 +305,7 @@ printsection(dns_message_t *msg, dns_section_t sectionid,
 	isc_boolean_t first;
 	isc_boolean_t no_rdata;
 	const char *rtt;
-
+	
 	if (sectionid == DNS_SECTION_QUESTION)
 		no_rdata = ISC_TRUE;
 	else
@@ -341,7 +349,7 @@ printsection(dns_message_t *msg, dns_section_t sectionid,
 #else
 				UNUSED(first); /* Shut up compiler. */
 #endif
-			} else {
+			} else { 
 				loopresult = dns_rdataset_first(rdataset);
 				while (loopresult == ISC_R_SUCCESS) {
 					dns_rdataset_current(rdataset, &rdata);
@@ -368,14 +376,14 @@ printsection(dns_message_t *msg, dns_section_t sectionid,
 			else
 				printf("%.*s", (int)r.length, (char *)r.base);
 		}
-
+		
 		result = dns_message_nextname(msg, sectionid);
 		if (result == ISC_R_NOMORE)
 			break;
 		else if (result != ISC_R_SUCCESS)
 			return (result);
 	}
-
+	
 	return (ISC_R_SUCCESS);
 }
 
@@ -389,7 +397,7 @@ printrdata(dns_message_t *msg, dns_rdataset_t *rdataset, dns_name_t *owner,
 	char t[4096];
 
 	UNUSED(msg);
-	if (headers)
+	if (headers) 
 		printf(";; %s SECTION:\n", set_name);
 
 	isc_buffer_init(&target, t, sizeof(t));
@@ -415,19 +423,13 @@ printmessage(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers) {
 
 	UNUSED(headers);
 
-	if (listed_server) {
-		printf("Using domain server:\n");
-		printf("Name: %s\n", query->servname);
-		result = isc_buffer_allocate(mctx, &b, MXNAME);
-		check_result(result, "isc_buffer_allocate");
-		result = isc_sockaddr_totext(&query->sockaddr, b);
-		check_result(result, "isc_sockaddr_totext");
-		printf("Address: %.*s\n",
-		       (int)isc_buffer_usedlength(b),
-		       (char*)isc_buffer_base(b));
-		isc_buffer_free(&b);
-		printf("Aliases: \n\n");
-	}
+	/*
+	 * Exitcode 9 means we timed out, but if we're printing a message,
+	 * we much have recovered.  Go ahead and reset it to code 0, and
+	 * call this a success.
+	 */
+	if (exitcode == 9)
+		exitcode = 0;
 
 	if (msg->rcode != 0) {
 		result = isc_buffer_allocate(mctx, &b, MXNAME);
@@ -506,8 +508,21 @@ printmessage(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers) {
 				      ISC_TF(!short_form), query);
 		if (result != ISC_R_SUCCESS)
 			return (result);
+       } else {
+               if ((short_form) && (listed_server)) {
+                        printf("Using domain server:\n");
+                        printf("Name: %s\n", query->servname);
+                        result = isc_buffer_allocate(mctx, &b, MXNAME);
+                        check_result(result, "isc_buffer_allocate");
+                        result = isc_sockaddr_totext(&query->sockaddr, b);
+                        check_result(result, "isc_sockaddr_totext");
+                        printf("Address: %.*s\n",
+                               (int)isc_buffer_usedlength(b),
+                               (char*)isc_buffer_base(b));
+                        isc_buffer_free(&b);
+                        printf("Aliases: \n\n");
+                }
 	}
-
 	if (! ISC_LIST_EMPTY(msg->sections[DNS_SECTION_AUTHORITY]) &&
 	    !short_form) {
 		printf("\n");
@@ -539,65 +554,42 @@ printmessage(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers) {
 
 static void
 parse_args(isc_boolean_t is_batchfile, int argc, char **argv) {
+	isc_boolean_t recursion = ISC_TRUE;
 	char hostname[MXNAME];
+	char querytype[32] = "";
+	char queryclass[32] = "";
 	dig_server_t *srv;
 	dig_lookup_t *lookup;
 	int i, c, n, adrs[4];
 	char store[MXNAME];
-	isc_textregion_t tr;
-	isc_result_t result;
-	dns_rdatatype_t rdtype;
-	dns_rdataclass_t rdclass;
 
 	UNUSED(is_batchfile);
 
-	lookup = make_empty_lookup();
-
-	while ((c = isc_commandline_parse(argc, argv, "lvwrdt:c:aTCN:R:W:Dn"))
+	while ((c = isc_commandline_parse(argc, argv, "lvwrdt:c:aTCN:R:W:D"))
 	       != EOF) {
 		switch (c) {
 		case 'l':
-			lookup->tcp_mode = ISC_TRUE;
-			lookup->rdtype = dns_rdatatype_axfr;
+			tcpmode = ISC_TRUE;
+			filter = ISC_TRUE;
+			strcpy(querytype, "axfr");
 			break;
 		case 'v':
 		case 'd':
 			short_form = ISC_FALSE;
 			break;
 		case 'r':
-			lookup->recurse = ISC_FALSE;
+			recursion = ISC_FALSE;
 			break;
 		case 't':
-			tr.base = isc_commandline_argument;
-			tr.length = strlen(isc_commandline_argument);
-			result = dns_rdatatype_fromtext(&rdtype,
-						   (isc_textregion_t *)&tr);
-
-			if (result != ISC_R_SUCCESS)
-				fprintf (stderr,"Warning: invalid type: %s\n",
-					 isc_commandline_argument);
-			else
-				lookup->rdtype = rdtype;
+			strncpy (querytype, isc_commandline_argument, 32);
 			break;
 		case 'c':
-			tr.base = isc_commandline_argument;
-			tr.length = strlen(isc_commandline_argument);
-			result = dns_rdataclass_fromtext(&rdclass,
-						   (isc_textregion_t *)&tr);
-
-			if (result != ISC_R_SUCCESS)
-				fprintf (stderr,"Warning: invalid class: %s\n",
-					 isc_commandline_argument);
-			else
-				lookup->rdclass = rdclass;
+			strncpy (queryclass, isc_commandline_argument, 32);
 			break;
 		case 'a':
-			lookup->rdtype = dns_rdatatype_any;
+			strcpy (querytype, "any");
 			short_form = ISC_FALSE;
 			break;
-		case 'n':
-			lookup->nibble = ISC_TRUE;
-			break;
 		case 'w':
 			/*
 			 * The timer routines are coded such that
@@ -616,17 +608,19 @@ parse_args(isc_boolean_t is_batchfile, int argc, char **argv) {
 				tries = 1;
 			break;
 		case 'T':
-			lookup->tcp_mode = ISC_TRUE;
+			tcpmode = ISC_TRUE;
 			break;
 		case 'C':
 			debug("showing all SOAs");
-			lookup->rdtype = dns_rdatatype_soa;
-			lookup->rdclass = dns_rdataclass_in;
-			lookup->ns_search_only = ISC_TRUE;
-			lookup->trace_root = ISC_TRUE;
+			if (querytype[0] == 0)
+				strcpy(querytype, "soa");
+			if (queryclass[0] == 0)
+				strcpy(queryclass, "in");
+			showallsoa = ISC_TRUE;
+			show_details = ISC_TRUE;
 			break;
 		case 'N':
-			debug("setting NDOTS to %s",
+			debug("setting NDOTS to %s", 
 			      isc_commandline_argument);
 			ndots = atoi(isc_commandline_argument);
 			break;
@@ -640,19 +634,31 @@ parse_args(isc_boolean_t is_batchfile, int argc, char **argv) {
 	}
 	strncpy(hostname, argv[isc_commandline_index], MXNAME);
 	if (argc > isc_commandline_index + 1) {
-		srv = make_server(argv[isc_commandline_index+1]);
+		srv = isc_mem_allocate(mctx, sizeof(struct dig_server));
+		if (srv == NULL)
+			fatal("Memory allocation failure.");
+		strncpy(srv->servername,
+			argv[isc_commandline_index+1], MXNAME-1);
 		debug("server is %s", srv->servername);
 		ISC_LIST_APPEND(server_list, srv, link);
 		listed_server = ISC_TRUE;
 	}
-
+	
+	lookup = isc_mem_allocate(mctx, sizeof(struct dig_lookup));
+	if (lookup == NULL)	
+		fatal("Memory allocation failure.");
 	lookup->pending = ISC_FALSE;
+	/* 
+	 * XXXMWS Add IPv6 translation here, probably using inet_pton
+	 * to extract the formatted text.
+	 */
 	if (strspn(hostname, "0123456789.") == strlen(hostname)) {
 		lookup->textname[0] = 0;
 		n = sscanf(hostname, "%d.%d.%d.%d", &adrs[0], &adrs[1],
 				   &adrs[2], &adrs[3]);
 		if (n == 0) {
 			show_usage();
+			exit(exitcode);
 		}
 		for (i = n - 1; i >= 0; i--) {
 			snprintf(store, MXNAME/8, "%d.",
@@ -660,35 +666,47 @@ parse_args(isc_boolean_t is_batchfile, int argc, char **argv) {
 			strncat(lookup->textname, store, MXNAME);
 		}
 		strncat(lookup->textname, "in-addr.arpa.", MXNAME);
-		lookup->rdtype = dns_rdatatype_ptr;
-	} else if (strspn(hostname, "0123456789abcdef.:") == strlen(hostname))
-	{
-		isc_netaddr_t addr;
-		dns_fixedname_t fname;
-		isc_buffer_t b;
-
-		addr.family = AF_INET6;
-		n = inet_pton(AF_INET6, hostname, &addr.type.in6);
-		if (n <= 0)
-			goto notv6;
-		dns_fixedname_init(&fname);
-		result = dns_byaddr_createptrname(&addr, lookup->nibble,
-						  dns_fixedname_name(&fname));
-		if (result != ISC_R_SUCCESS)
-			show_usage();
-		isc_buffer_init(&b, lookup->textname, sizeof lookup->textname);
-		result = dns_name_totext(dns_fixedname_name(&fname),
-					 ISC_FALSE, &b);
-		isc_buffer_putuint8(&b, 0);
-		if (result != ISC_R_SUCCESS)
-			show_usage();
-		lookup->rdtype = dns_rdatatype_ptr;
+		if (querytype[0] == 0)
+			strcpy(querytype, "ptr");
 	} else {
- notv6:
 		strncpy(lookup->textname, hostname, MXNAME);
 	}
+	if (querytype[0] == 0)
+		strcpy(querytype, "a");
+	if (queryclass[0] == 0)
+		strcpy(queryclass, "in");
+	strncpy(lookup->rttext, querytype, 32);
+	strncpy(lookup->rctext, queryclass, 32);
+	lookup->namespace[0] = 0;
+	lookup->sendspace = NULL;
+	lookup->sendmsg = NULL;
+	lookup->name = NULL;
+	lookup->oname = NULL;
+	lookup->timer = NULL;
+	lookup->xfr_q = NULL;
+	lookup->origin = NULL;
+	lookup->querysig = NULL;
+	lookup->doing_xfr = ISC_FALSE;
+	lookup->ixfr_serial = 0;
+	lookup->defname = ISC_FALSE;
+	lookup->identify = ISC_FALSE;
+	lookup->recurse = recursion;
+	lookup->ns_search_only = showallsoa;
+	lookup->use_my_server_list = ISC_FALSE;
+	lookup->retries = tries;
+	lookup->udpsize = 0;
+	lookup->nsfound = 0;
+	lookup->trace = ISC_FALSE;
+	lookup->trace_root = showallsoa;
+	lookup->tcp_mode = tcpmode;
 	lookup->new_search = ISC_TRUE;
+	lookup->aaonly = ISC_FALSE;
+	lookup->adflag = ISC_FALSE;
+	lookup->cdflag = ISC_FALSE;
+	ISC_LIST_INIT(lookup->q);
 	ISC_LIST_APPEND(lookup_list, lookup, link);
+	lookup->origin = NULL;
+	ISC_LIST_INIT(lookup->my_server_list);
 
 	usesearch = ISC_TRUE;
 }
@@ -703,17 +721,28 @@ main(int argc, char **argv) {
 
 	debug("main()");
 	progname = argv[0];
-	result = isc_app_start();
-	check_result(result, "isc_app_start");
 	setup_libs();
 	parse_args(ISC_FALSE, argc, argv);
 	setup_system();
 	result = isc_app_onrun(mctx, global_task, onrun_callback, NULL);
 	check_result(result, "isc_app_onrun");
 	isc_app_run();
-	cancel_all();
-	destroy_libs();
+	/*
+	 * XXXMWS This code should really NOT be bypassed.  However,
+	 * until the proper code can be added to handle SIGTERM/INT
+	 * correctly, just exit out "hard" and deal as best we can.
+	 */
+#if 0
+	if (taskmgr != NULL) {
+		debug("freeing taskmgr");
+		isc_taskmgr_destroy(&taskmgr);
+        }
+	if (isc_mem_debugging)
+		isc_mem_stats(mctx, stderr);
 	isc_app_finish();
+	if (mctx != NULL)
+		isc_mem_destroy(&mctx);	
+#endif
 	return (0);
 }
 

bin/dig/include/dig/dig.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: dig.h,v 1.53 2000/10/13 17:54:00 mws Exp $ */
+/* $Id: dig.h,v 1.25.2.4 2000/08/07 23:50:17 gson Exp $ */
 
 #ifndef DIG_H
 #define DIG_H
@@ -32,8 +32,8 @@
 #include <isc/sockaddr.h>
 #include <isc/socket.h>
 
-#define MXSERV 6
-#define MXNAME (DNS_NAME_MAXTEXT+1)
+#define MXSERV 4
+#define MXNAME 1005
 #define MXRD 32
 #define BUFSIZE 512
 #define COMMSIZE 0xffff
@@ -43,10 +43,8 @@
 /*
  * Default timeout values
  */
-#define TCP_TIMEOUT 10
-#define UDP_TIMEOUT 5
-
-#define SERVER_TIMEOUT 1
+#define TCP_TIMEOUT 60
+#define UDP_TIMEOUT 30
 
 #define LOOKUP_LIMIT 64
 /*
@@ -68,7 +66,6 @@ ISC_LANG_BEGINDECLS
 typedef struct dig_lookup dig_lookup_t;
 typedef struct dig_query dig_query_t;
 typedef struct dig_server dig_server_t;
-typedef ISC_LIST(dig_server_t) dig_serverlist_t;
 typedef struct dig_searchlist dig_searchlist_t;
 
 struct dig_lookup {
@@ -77,8 +74,8 @@ struct dig_lookup {
 		waiting_connect,
 		doing_xfr,
 		ns_search_only,
+		use_my_server_list,
 		identify,
-		ignore,
 		recurse,
 		aaonly,
 		adflag,
@@ -87,20 +84,16 @@ struct dig_lookup {
 		trace_root,
 		defname,
 		tcp_mode,
-		nibble,
 		comments,
 		stats,
 		section_question,
 		section_answer,
 		section_authority,
 		section_additional,
-		servfail_stops,
-		new_search,
-		besteffort;
+		new_search;
 	char textname[MXNAME]; /* Name we're going to be looking up */
-	char cmdline[MXNAME];
-	dns_rdatatype_t rdtype;
-	dns_rdataclass_t rdclass;
+	char rttext[MXRD]; /* rdata type text */
+	char rctext[MXRD]; /* rdata class text */
 	char namespace[BUFSIZE];
 	char onamespace[BUFSIZE];
 	isc_buffer_t namebuf;
@@ -114,8 +107,7 @@ struct dig_lookup {
 	dns_name_t *oname;
 	ISC_LINK(dig_lookup_t) link;
 	ISC_LIST(dig_query_t) q;
-	dig_query_t *current_query;
-	dig_serverlist_t my_server_list;
+	ISC_LIST(dig_server_t) my_server_list;
 	dig_searchlist_t *origin;
 	dig_query_t *xfr_q;
 	int retries;
@@ -124,10 +116,6 @@ struct dig_lookup {
 	isc_uint32_t ixfr_serial;
 	isc_buffer_t rdatabuf;
 	char rdatastore[MXNAME];
-#ifdef DNS_OPT_NEWCODES
-	char zonename[MXNAME];
-	char viewname[MXNAME];
-#endif /* DNS_OPT_NEWCODES */
 	dst_context_t *tsigctx;
 	isc_buffer_t *querysig;
 	isc_uint32_t msgcounter;
@@ -135,16 +123,15 @@ struct dig_lookup {
 
 struct dig_query {
 	dig_lookup_t *lookup;
-	isc_boolean_t waiting_connect,
+	isc_boolean_t working,
+		waiting_connect,
 		first_pass,
 		first_soa_rcvd,
 		second_rr_rcvd,
-		first_repeat_rcvd,
-		recv_made;
+		first_repeat_rcvd;
 	isc_uint32_t first_rr_serial;
 	isc_uint32_t second_rr_serial;
-	isc_uint32_t rr_count;
-	isc_uint32_t name_count;
+	int retries;
 	char *servname;
 	isc_bufferlist_t sendlist,
 		recvlist,
@@ -186,6 +173,12 @@ debug(const char *format, ...);
 void
 check_result(isc_result_t result, const char *msg);
 
+isc_boolean_t
+isclass(char *text);
+
+isc_boolean_t
+istype(char *text);
+
 void
 setup_lookup(dig_lookup_t *lookup);
 
@@ -198,6 +191,9 @@ start_lookup(void);
 void
 onrun_callback(isc_task_t *task, isc_event_t *event);
 
+void
+send_udp(dig_lookup_t *lookup);
+
 int
 dhmain(int argc, char **argv);
 
@@ -207,28 +203,15 @@ setup_libs(void);
 void
 setup_system(void);
 
+void
+free_lists(void);
+
 dig_lookup_t *
 requeue_lookup(dig_lookup_t *lookold, isc_boolean_t servers);
 
-dig_lookup_t *
-make_empty_lookup(void);
-
-dig_lookup_t *
-clone_lookup(dig_lookup_t *lookold, isc_boolean_t servers);
-
 dig_server_t *
 make_server(const char *servname);
 
-void
-clone_server_list(dig_serverlist_t src,
-		  dig_serverlist_t *dest);
-
-void
-cancel_all(void);
-
-void
-destroy_libs(void);
-
 /*
  * Routines needed in dig.c and host.c.
  */
@@ -244,9 +227,6 @@ trying(int frmsize, char *frm, dig_lookup_t *lookup);
 void
 dighost_shutdown(void);
 
-char *
-next_token(char **stringp, const char *delim);
-
 ISC_LANG_ENDDECLS
 
 #endif

bin/dig/nslookup.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: nslookup.c,v 1.57 2000/10/12 17:09:03 mws Exp $ */
+/* $Id: nslookup.c,v 1.20.2.8 2000/09/15 22:56:15 gson Exp $ */
 
 #include <config.h>
 
@@ -23,24 +23,21 @@
 
 extern int h_errno;
 
+#include <dns/message.h>
+#include <dns/name.h>
+#include <dns/rdata.h>
+#include <dns/rdataset.h>
+#include <dns/rdatatype.h>
+#include <dns/rdataclass.h>
 #include <isc/app.h>
 #include <isc/buffer.h>
 #include <isc/commandline.h>
-#include <isc/event.h>
+#include <isc/condition.h>
+#include <isc/mutex.h>
 #include <isc/string.h>
 #include <isc/timer.h>
 #include <isc/util.h>
 #include <isc/task.h>
-#include <isc/netaddr.h>
-
-#include <dns/message.h>
-#include <dns/name.h>
-#include <dns/fixedname.h>
-#include <dns/rdata.h>
-#include <dns/rdataclass.h>
-#include <dns/rdataset.h>
-#include <dns/rdatatype.h>
-#include <dns/byaddr.h>
 
 #include <dig/dig.h>
 
@@ -48,7 +45,7 @@ extern ISC_LIST(dig_lookup_t) lookup_list;
 extern ISC_LIST(dig_server_t) server_list;
 extern ISC_LIST(dig_searchlist_t) search_list;
 
-extern isc_boolean_t have_ipv6,
+extern isc_boolean_t have_ipv6, show_details,
 	usesearch, trace, qr, debugging;
 extern in_port_t port;
 extern unsigned int timeout;
@@ -63,7 +60,7 @@ extern int lookup_counter;
 extern char fixeddomain[MXNAME];
 extern int exitcode;
 extern isc_taskmgr_t *taskmgr;
-extern isc_task_t *global_task;
+extern isc_mempool_t *commctx;
 extern char *progname;
 
 isc_boolean_t short_form = ISC_TRUE, printcmd = ISC_TRUE,
@@ -78,10 +75,11 @@ isc_boolean_t identify = ISC_FALSE,
 	section_answer = ISC_TRUE, section_authority = ISC_TRUE,
 	section_additional = ISC_TRUE, recurse = ISC_TRUE,
 	defname = ISC_TRUE, aaonly = ISC_FALSE;
+isc_mutex_t lock;
+isc_condition_t cond;
 isc_boolean_t busy = ISC_FALSE, in_use = ISC_FALSE;
 char defclass[MXRD] = "IN";
 char deftype[MXRD] = "A";
-isc_event_t *global_event = NULL;
 
 static const char *rcodetext[] = {
 	"NOERROR",
@@ -111,7 +109,7 @@ static const char *rtypetext[] = {
 	"mf = ",			/* 4 */
 	"canonical name = ",		/* 5 */
 	"soa = ",		       	/* 6 */
-	"mb = ",		       	/* 7 */
+	"mb = ",		       	/* 7 */	
 	"mg = ",		       	/* 8 */
 	"mr = ",		       	/* 9 */
 	"rtype_10 = ",		       	/* 10 */
@@ -148,45 +146,41 @@ static const char *rtypetext[] = {
 	"optional = "};			/* 41 */
 
 
-static void flush_lookup_list(void);
-static void getinput(isc_task_t *task, isc_event_t *event);
-
 static void
 show_usage(void) {
-	fputs("Usage:\n", stderr);
-}
+	fputs (
+"Usage:\n"
+, stderr);
+}				
 
 void
 dighost_shutdown(void) {
-	isc_event_t *event = global_event;
 
-	flush_lookup_list();
-	debug("dighost_shutdown()");
+	debug ("dighost_dhutdown()");
+	isc_mutex_lock(&lock);
+	busy = ISC_FALSE;
+	debug ("signalling out");
+	isc_condition_signal(&cond);
+	isc_mutex_unlock(&lock);
 
-	if (!in_use) {
-		isc_app_shutdown();
-		return;
-	}
-
-	isc_task_send(global_task, &event);
 }
-
 void
 received(int bytes, int frmsize, char *frm, dig_query_t *query) {
-	UNUSED(bytes);
-	UNUSED(frmsize);
-	UNUSED(frm);
-	UNUSED(query);
+	UNUSED (bytes);
+	UNUSED (frmsize);
+	UNUSED (frm);
+	UNUSED (query);
 }
 
 void
 trying(int frmsize, char *frm, dig_lookup_t *lookup) {
-	UNUSED(frmsize);
-	UNUSED(frm);
-	UNUSED(lookup);
+	UNUSED (frmsize);
+	UNUSED (frm);
+	UNUSED (lookup);
 
 }
 
+
 static isc_result_t
 printsection(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers,
 	     dns_section_t section) {
@@ -196,13 +190,20 @@ printsection(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers,
 	dns_rdataset_t *rdataset = NULL;
 	dns_rdata_t rdata;
 	char *ptr;
-	char *input;
 
-	UNUSED(query);
-	UNUSED(headers);
+	UNUSED (query);
+	UNUSED (headers);
 
 	debug("printsection()");
 
+	/*
+	 * Exitcode 9 means we timed out, but if we're printing a message,
+	 * we much have recovered.  Go ahead and reset it to code 0, and
+	 * call this a success.
+	 */
+	if (exitcode == 9)
+		exitcode = 0;
+
 	result = dns_message_firstname(msg, section);
 	if (result == ISC_R_NOMORE)
 		return (ISC_R_SUCCESS);
@@ -212,7 +213,7 @@ printsection(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers,
 	check_result(result, "isc_buffer_allocate");
 	for (;;) {
 		name = NULL;
-		dns_message_currentname(msg, section,
+		dns_message_currentname(msg, section, 
 					&name);
 		for (rdataset = ISC_LIST_HEAD(name->list);
 		     rdataset != NULL;
@@ -260,41 +261,41 @@ printsection(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers,
 					check_result(result,
 						     "dns_rdata_totext");
 					((char *)isc_buffer_used(b))[0]=0;
-					input = isc_buffer_base(b);
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(isc_buffer_base(b),
+						     " \t\r\n");
 					if (ptr == NULL)
 						break;
 					printf("\torigin = %s\n",
 					       ptr);
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(NULL, " \t\r\n");
 					if (ptr == NULL)
 						break;
 					printf("\tmail addr = %s\n",
 					       ptr);
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(NULL, " \t\r\n");
 					if (ptr == NULL)
 						break;
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(NULL, " \t\r\n");
 					if (ptr == NULL)
 						break;
 					printf("\tserial = %s\n",
 					       ptr);
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(NULL, " \t\r\n");
 					if (ptr == NULL)
 						break;
 					printf("\trefresh = %s\n",
 					       ptr);
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(NULL, " \t\r\n");
 					if (ptr == NULL)
 						break;
 					printf("\tretry = %s\n",
 					       ptr);
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(NULL, " \t\r\n");
 					if (ptr == NULL)
 						break;
 					printf("\texpire = %s\n",
 					       ptr);
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(NULL, " \t\r\n");
 					if (ptr == NULL)
 						break;
 					printf("\tminimum = %s\n",
@@ -309,24 +310,24 @@ printsection(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers,
 					check_result(result,
 						     "dns_name_totext");
 					if (rdata.type <= 41)
-						printf("%.*s\t%s",
+						printf ("%.*s\t%s",
 						(int)isc_buffer_usedlength(b),
 						(char*)isc_buffer_base(b),
 						rtypetext[rdata.type]);
 					else
-						printf("%.*s\trdata_%d = ",
+						printf ("%.*s\trdata_%d = ",
 						(int)isc_buffer_usedlength(b),
 						(char*)isc_buffer_base(b),
 						 rdata.type);
 					isc_buffer_clear(b);
-					result = dns_rdata_totext(&rdata,
+					result = dns_rdata_totext(&rdata, 
 								  NULL, b);
 					check_result(result,
 						     "dns_rdata_totext");
 					printf("%.*s\n",
 					       (int)isc_buffer_usedlength(b),
 					       (char*)isc_buffer_base(b));
-				}
+				}	
 				loopresult = dns_rdataset_next(rdataset);
 			}
 		}
@@ -351,25 +352,32 @@ detailsection(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers,
 	dns_rdataset_t *rdataset = NULL;
 	dns_rdata_t rdata;
 	char *ptr;
-	char *input;
 
-	UNUSED(query);
+	UNUSED (query);
 
 	debug("detailsection()");
 
+	/*
+	 * Exitcode 9 means we timed out, but if we're printing a message,
+	 * we much have recovered.  Go ahead and reset it to code 0, and
+	 * call this a success.
+	 */
+	if (exitcode == 9)
+		exitcode = 0;
+
 	if (headers) {
 		switch (section) {
 		case DNS_SECTION_QUESTION:
-			puts("    QUESTIONS:");
+			puts ("    QUESTIONS:");
 			break;
 		case DNS_SECTION_ANSWER:
-			puts("    ANSWERS:");
+			puts ("    ANSWERS:");
 			break;
 		case DNS_SECTION_AUTHORITY:
-			puts("    AUTHORITY RECORDS:");
+			puts ("    AUTHORITY RECORDS:");
 			break;
 		case DNS_SECTION_ADDITIONAL:
-			puts("    ADDITIONAL RECORDS:");
+			puts ("    ADDITIONAL RECORDS:");
 			break;
 		}
 	}
@@ -383,7 +391,7 @@ detailsection(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers,
 	check_result(result, "isc_buffer_allocate");
 	for (;;) {
 		name = NULL;
-		dns_message_currentname(msg, section,
+		dns_message_currentname(msg, section, 
 					&name);
 		for (rdataset = ISC_LIST_HEAD(name->list);
 		     rdataset != NULL;
@@ -409,41 +417,41 @@ detailsection(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers,
 					check_result(result,
 						     "dns_rdata_totext");
 					((char *)isc_buffer_used(b))[0]=0;
-					input = isc_buffer_base(b);
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(isc_buffer_base(b),
+						     " \t\r\n");
 					if (ptr == NULL)
 						break;
 					printf("\torigin = %s\n",
 					       ptr);
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(NULL, " \t\r\n");
 					if (ptr == NULL)
 						break;
 					printf("\tmail addr = %s\n",
 					       ptr);
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(NULL, " \t\r\n");
 					if (ptr == NULL)
 						break;
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(NULL, " \t\r\n");
 					if (ptr == NULL)
 						break;
 					printf("\tserial = %s\n",
 					       ptr);
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(NULL, " \t\r\n");
 					if (ptr == NULL)
 						break;
 					printf("\trefresh = %s\n",
 					       ptr);
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(NULL, " \t\r\n");
 					if (ptr == NULL)
 						break;
 					printf("\tretry = %s\n",
 					       ptr);
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(NULL, " \t\r\n");
 					if (ptr == NULL)
 						break;
 					printf("\texpire = %s\n",
 					       ptr);
-					ptr = next_token(&input, " \t\r\n");
+					ptr = strtok(NULL, " \t\r\n");
 					if (ptr == NULL)
 						break;
 					printf("\tminimum = %s\n",
@@ -452,20 +460,20 @@ detailsection(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers,
 				default:
 					isc_buffer_clear(b);
 					if (rdata.type <= 41)
-						printf("\t%s",
+						printf ("\t%s",
 						rtypetext[rdata.type]);
 					else
-						printf("\trdata_%d = ",
+						printf ("\trdata_%d = ",
 						 rdata.type);
 					isc_buffer_clear(b);
-					result = dns_rdata_totext(&rdata,
+					result = dns_rdata_totext(&rdata, 
 								  NULL, b);
 					check_result(result,
 						     "dns_rdata_totext");
 					printf("%.*s\n",
 					       (int)isc_buffer_usedlength(b),
 					       (char*)isc_buffer_base(b));
-				}
+				}	
 				loopresult = dns_rdataset_next(rdataset);
 			}
 		}
@@ -487,8 +495,9 @@ printmessage(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers) {
 	isc_region_t r;
 	isc_result_t result;
 
-	debug("printmessage()");
-	debug("continuing on with rcode != 0");
+	debug ("printmessage()");
+
+	debug ("continuing on with rcode != 0");
 	result = isc_buffer_allocate(mctx, &b, MXNAME);
 	check_result(result, "isc_buffer_allocate");
 	printf("Server:\t\t%s\n", query->servname);
@@ -498,7 +507,6 @@ printmessage(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers) {
 	       (char*)isc_buffer_base(b));
 	isc_buffer_free(&b);
 	puts("");
-
 	if (msg->rcode != 0) {
 		result = isc_buffer_allocate(mctx, &b, MXNAME);
 		check_result(result, "isc_buffer_allocate");
@@ -510,30 +518,26 @@ printmessage(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers) {
 		       (int)r.length, (char*)r.base,
 		       rcodetext[msg->rcode]);
 		isc_buffer_free(&b);
-		debug("returning with rcode == 0");
+		debug ("returning with rcode == 0");
 		return (ISC_R_SUCCESS);
 	}
 	if (!short_form){
-		puts("------------");
+		puts ("------------");
 		/*		detailheader(query, msg);*/
 		detailsection(query, msg, headers, DNS_SECTION_QUESTION);
 		detailsection(query, msg, headers, DNS_SECTION_ANSWER);
 		detailsection(query, msg, headers, DNS_SECTION_AUTHORITY);
 		detailsection(query, msg, headers, DNS_SECTION_ADDITIONAL);
-		puts("------------");
+		puts ("------------");
 	}
-
+	
 	if ((msg->flags & DNS_MESSAGEFLAG_AA) == 0)
-		puts("Non-authoritative answer:");
-	if (!ISC_LIST_EMPTY(msg->sections[DNS_SECTION_ANSWER]))
-		printsection(query, msg, headers, DNS_SECTION_ANSWER);
-	else
-		printf("*** Can't find %s: No answer\n",
-		       query->lookup->textname);
-
+		puts ("Non-authorative answer:");
+	printsection(query, msg, headers, DNS_SECTION_ANSWER);
+	
 	if (((msg->flags & DNS_MESSAGEFLAG_AA) == 0) &&
-	    (query->lookup->rdtype != dns_rdatatype_a)) {
-		puts("\nAuthoritative answers can be found from:");
+	    (strcasecmp(query->lookup->rttext,"a") != 0)) {
+		puts ("\nAuthorative answers can be found from:");
 		printsection(query, msg, headers,
 			     DNS_SECTION_AUTHORITY);
 		printsection(query, msg, headers,
@@ -543,21 +547,21 @@ printmessage(dig_query_t *query, dns_message_t *msg, isc_boolean_t headers) {
 }
 
 static void
-show_settings(isc_boolean_t full, isc_boolean_t serv_only) {
+show_settings(isc_boolean_t full) {
 	dig_server_t *srv;
 	isc_sockaddr_t sockaddr;
 	isc_buffer_t *b = NULL;
 	isc_result_t result;
-
+	
 	srv = ISC_LIST_HEAD(server_list);
 
 	while (srv != NULL) {
 		result = isc_buffer_allocate(mctx, &b, MXNAME);
 		check_result(result, "isc_buffer_allocate");
-		get_address(srv->servername, port, &sockaddr);
+		get_address(srv->servername, 53, &sockaddr);
 		result = isc_sockaddr_totext(&sockaddr, b);
 		check_result(result, "isc_sockaddr_totext");
-		printf("Default server: %s\nAddress: %.*s\n",
+		printf ("Default server: %s\nAddress: %.*s\n",
 			srv->servername, (int)isc_buffer_usedlength(b),
 			(char*)isc_buffer_base(b));
 		isc_buffer_free(&b);
@@ -565,21 +569,19 @@ show_settings(isc_boolean_t full, isc_boolean_t serv_only) {
 			return;
 		srv = ISC_LIST_NEXT(srv, link);
 	}
-	if (serv_only)
-		return;
-	printf("\n\tSet options:\n");
-	printf("\t  %s\t\t\t%s\t\t%s\n",
+	printf ("\n\tSet options:\n");
+	printf ("\t  %s\t\t\t%s\t\t%s\n",
 		tcpmode?"vc":"novc", short_form?"nodebug":"debug",
 		debugging?"d2":"nod2");
-	printf("\t  %s\t\t%s\t%s\n",
+	printf ("\t  %s\t\t%s\t\t%s\n",
 		defname?"defname":"nodefname",
-		usesearch?"search  ":"nosearch",
+		usesearch?"search":"nosearch",
 		recurse?"recurse":"norecurse");
-	printf("\t  timeout = %d\t\tretry = %d\tport = %d\n",
+	printf ("\t  timeout = %d\t\tretry = %d\tport = %d\n",
 		timeout, tries, port);
-	printf("\t  querytype = %-8s\tclass = %s\n", deftype, defclass);
+	printf ("\t  querytype = %-8s\tclass=%s\n",deftype, defclass);
 #if 0
-	printf("\t  domain = %s\n", fixeddomain);
+	printf ("\t  domain = %s\n", fixeddomain);
 #endif
 
 }
@@ -589,7 +591,7 @@ testtype(char *typetext) {
 	isc_result_t result;
 	isc_textregion_t tr;
 	dns_rdatatype_t rdtype;
-
+	
 	tr.base = typetext;
 	tr.length = strlen(typetext);
 	result = dns_rdatatype_fromtext(&rdtype, &tr);
@@ -621,8 +623,10 @@ testclass(char *typetext) {
 
 static void
 setoption(char *opt) {
-	if (strncasecmp(opt, "all", 4) == 0) {
-		show_settings(ISC_TRUE, ISC_FALSE);
+	dig_server_t *srv;
+
+	if (strncasecmp(opt,"all",4) == 0) {
+		show_settings(ISC_TRUE);
 	} else if (strncasecmp(opt, "class=", 6) == 0) {
 		if (testclass(&opt[6]))
 			strncpy(defclass, &opt[6], MXRD);
@@ -631,7 +635,7 @@ setoption(char *opt) {
 			strncpy(defclass, &opt[3], MXRD);
 	} else if (strncasecmp(opt, "type=", 5) == 0) {
 		if (testtype(&opt[5]))
-			strncpy(deftype, &opt[3], MXRD);
+			strncpy(deftype, &opt[5], MXRD);
 	} else if (strncasecmp(opt, "ty=", 3) == 0) {
 		if (testtype(&opt[3]))
 			strncpy(deftype, &opt[3], MXRD);
@@ -675,95 +679,61 @@ setoption(char *opt) {
 		debugging = ISC_TRUE;
 	} else if (strncasecmp(opt, "nod2", 4) == 0) {
 		debugging = ISC_FALSE;
-	} else if (strncasecmp(opt, "search",3) == 0) {
-		usesearch = ISC_TRUE;
-	} else if (strncasecmp(opt, "nosearch",5) == 0) {
-		usesearch = ISC_FALSE;
 	} else if (strncasecmp(opt, "sil",3) == 0) {
 		deprecation_msg = ISC_FALSE;
 	} else {
-		printf("*** Invalid option: %s\n", opt);	
+		srv = make_server(opt);
+		debug("server is %s", srv->servername);
+		ISC_LIST_APPEND(server_list, srv, link);
 	}
 }
 
 static dig_lookup_t*
 addlookup(char *opt) {
 	dig_lookup_t *lookup;
-	isc_result_t result;
-	isc_textregion_t tr;
-	dns_rdatatype_t rdtype;
-	dns_rdataclass_t rdclass;
 
-	debug("addlookup()");
-	tr.base = deftype;
-	tr.length = strlen(deftype);
-	result = dns_rdatatype_fromtext(&rdtype, &tr);
-	if (result != ISC_R_SUCCESS) {
-		printf("unknown query type: %s\n", deftype);
-		rdclass = dns_rdatatype_a;
+	debug ("addlookup()");
+	lookup = isc_mem_allocate(mctx, sizeof(struct dig_lookup));
+	if (lookup == NULL)
+		fatal("Memory allocation failure.");
+	lookup->pending = ISC_FALSE;
+	strncpy(lookup->textname, opt, MXNAME-1);
+	if (istype(deftype))
+		strncpy(lookup->rttext, deftype, MXNAME);
+	else {
+		strcpy(lookup->rttext, "a");
+		printf ("unknown query type: %s\n",deftype);
 	}
-	tr.base = defclass;
-	tr.length = strlen(defclass);
-	result = dns_rdataclass_fromtext(&rdclass, &tr);
-	if (result != ISC_R_SUCCESS) {
-		printf("unknown query class: %s\n", defclass);
-		rdclass = dns_rdataclass_in;
+	if (isclass(defclass))
+		strncpy(lookup->rctext, defclass, MXNAME);
+	else {
+		strcpy(lookup->rctext, "in");
+		printf ("unknown query class: %s\n",defclass);
 	}
-	lookup = make_empty_lookup();
-	if (strspn(opt, "0123456789.") == strlen(opt)) {
-		int n, i, adrs[4];
-		char store[MXNAME];
-
-		lookup->textname[0] = 0;
-		n = sscanf(opt, "%d.%d.%d.%d", &adrs[0], &adrs[1],
-				   &adrs[2], &adrs[3]);
-		if (n == 0) {
-			show_usage();
-		}
-		for (i = n - 1; i >= 0; i--) {
-			snprintf(store, MXNAME/8, "%d.",
-				 adrs[i]);
-			strncat(lookup->textname, store, MXNAME);
-		}
-		strncat(lookup->textname, "in-addr.arpa.", MXNAME);
-		lookup->rdtype = dns_rdatatype_ptr;
-	} else if (strspn(opt, "0123456789abcdef.:") == strlen(opt))
-	{
-		isc_netaddr_t addr;
-		dns_fixedname_t fname;
-		isc_buffer_t b;
-		int n;
-
-		addr.family = AF_INET6;
-		n = inet_pton(AF_INET6, opt, &addr.type.in6);
-		if (n <= 0)
-			goto notv6;
-		dns_fixedname_init(&fname);
-		result = dns_byaddr_createptrname(&addr, lookup->nibble,
-						  dns_fixedname_name(&fname));
-		if (result != ISC_R_SUCCESS)
-			show_usage();
-		isc_buffer_init(&b, lookup->textname, sizeof lookup->textname);
-		result = dns_name_totext(dns_fixedname_name(&fname),
-					 ISC_FALSE, &b);
-		isc_buffer_putuint8(&b, 0);
-		if (result != ISC_R_SUCCESS)
-			show_usage();
-		lookup->rdtype = dns_rdatatype_ptr;
-	} else {
-	notv6:
-		strncpy(lookup->textname, opt, MXNAME-1);
-		lookup->rdtype = rdtype;
-	}
-	lookup->rdclass = rdclass;
+	lookup->namespace[0]=0;
+	lookup->sendspace = NULL;
+	lookup->sendmsg=NULL;
+	lookup->name=NULL;
+	lookup->oname=NULL;
+	lookup->timer = NULL;
+	lookup->xfr_q = NULL;
+	lookup->origin = NULL;
+	lookup->querysig = NULL;
+	lookup->use_my_server_list = ISC_FALSE;
+	lookup->doing_xfr = ISC_FALSE;
+	lookup->ixfr_serial = 0;
+	lookup->defname = ISC_FALSE;
 	lookup->trace = ISC_TF(trace || ns_search_only);
 	lookup->trace_root = trace;
 	lookup->ns_search_only = ns_search_only;
 	lookup->identify = identify;
 	lookup->recurse = recurse;
 	lookup->aaonly = aaonly;
+	lookup->adflag = ISC_FALSE;
+	lookup->cdflag = ISC_FALSE;
 	lookup->retries = tries;
 	lookup->udpsize = bufsize;
+	lookup->nsfound = 0;
 	lookup->comments = comments;
 	lookup->tcp_mode = tcpmode;
 	lookup->stats = stats;
@@ -784,7 +754,7 @@ static void
 flush_server_list(void) {
 	dig_server_t *s, *ps;
 
-	debug("flush_server_list()");
+	debug ("flush_lookup_list()");
 	s = ISC_LIST_HEAD(server_list);
 	while (s != NULL) {
 		ps = s;
@@ -792,9 +762,10 @@ flush_server_list(void) {
 		ISC_LIST_DEQUEUE(server_list, ps, link);
 		isc_mem_free(mctx, ps);
 	}
+
 }
 
-/*
+/* 
  * This works on the global server list, instead of on a per-lookup
  * server list, since the change is persistent.
  */
@@ -802,9 +773,6 @@ static void
 setsrv(char *opt) {
 	dig_server_t *srv;
 
-	if (opt == NULL) {
-		return;
-	}
 	flush_server_list();
 	srv=isc_mem_allocate(mctx, sizeof(struct dig_server));
 	if (srv == NULL)
@@ -815,50 +783,43 @@ setsrv(char *opt) {
 
 static void
 get_next_command(void) {
-	char *buf;
+	char input[COMMSIZE];
 	char *ptr, *arg;
-	char *input;
 
-	buf = isc_mem_allocate(mctx, COMMSIZE);
-	if (buf == NULL)
-		fatal("Memory allocation failure.");
 	fputs("> ", stderr);
-	ptr = fgets(buf, COMMSIZE, stdin);
+	ptr = fgets(input, COMMSIZE, stdin);
 	if (ptr == NULL) {
 		in_use = ISC_FALSE;
-		goto cleanup;
+		return;
 	}
-	input = buf;
-	ptr = next_token(&input, " \t\r\n");
+	ptr = strtok(input, " \t\r\n");
 	if (ptr == NULL)
-		goto cleanup;
-	arg = next_token(&input, " \t\r\n");
+		return;
+	arg = strtok(NULL, " \t\r\n");
 	if ((strcasecmp(ptr, "set") == 0) &&
 	    (arg != NULL))
 		setoption(arg);
 	else if ((strcasecmp(ptr, "server") == 0) ||
 		 (strcasecmp(ptr, "lserver") == 0)) {
+		printf("Server:\t%s\n", arg); 
 		setsrv(arg);
-		show_settings(ISC_TRUE, ISC_TRUE);
 	} else if (strcasecmp(ptr, "exit") == 0) {
 		in_use = ISC_FALSE;
-		goto cleanup;
+		return;
 	} else if (strcasecmp(ptr, "help") == 0 ||
 		   strcasecmp(ptr, "?") == 0)
 	{
 		printf("The '%s' command is not yet implemented.\n", ptr);
-		goto cleanup;
+		return;
 	} else if (strcasecmp(ptr, "finger") == 0 ||
 		   strcasecmp(ptr, "root") == 0 ||
 		   strcasecmp(ptr, "ls") == 0 ||
 		   strcasecmp(ptr, "view") == 0)
 	{
 		printf("The '%s' command is not implemented.\n", ptr);
-		goto cleanup;
-	} else
+		return;
+	} else 
 		addlookup(ptr);
- cleanup:
-	isc_mem_free(mctx, buf);
 }
 
 static void
@@ -867,7 +828,7 @@ parse_args(int argc, char **argv) {
 	isc_boolean_t have_lookup = ISC_FALSE;
 
 	for (argc--, argv++; argc > 0; argc--, argv++) {
-		debug("main parsing %s", argv[0]);
+		debug ("main parsing %s", argv[0]);
 		if (argv[0][0] == '-') {
 			if ((argv[0][1] == 'h') &&
 			    (argv[0][2] == 0)) {
@@ -912,6 +873,8 @@ flush_lookup_list(void) {
 			if (ISC_LINK_LINKED(&q->lengthbuf, link))
 				ISC_LIST_DEQUEUE(q->lengthlist, &q->lengthbuf,
 						 link);
+			INSIST(q->recvspace != NULL);
+			isc_mempool_put(commctx, q->recvspace);
 			isc_buffer_invalidate(&q->recvbuf);
 			isc_buffer_invalidate(&q->lengthbuf);
 			qp = q;
@@ -919,16 +882,20 @@ flush_lookup_list(void) {
 			ISC_LIST_DEQUEUE(l->q, qp, link);
 			isc_mem_free(mctx, qp);
 		}
-		s = ISC_LIST_HEAD(l->my_server_list);
-		while (s != NULL) {
-			sp = s;
-			s = ISC_LIST_NEXT(s, link);
-			ISC_LIST_DEQUEUE(l->my_server_list, sp, link);
-			isc_mem_free(mctx, sp);
+		if (l->use_my_server_list) {
+			s = ISC_LIST_HEAD(l->my_server_list);
+			while (s != NULL) {
+				sp = s;
+				s = ISC_LIST_NEXT(s, link);
+				ISC_LIST_DEQUEUE(l->my_server_list, sp, link);
+				isc_mem_free(mctx, sp);
 
+			}
 		}
 		if (l->sendmsg != NULL)
 			dns_message_destroy(&l->sendmsg);
+		if (l->sendspace != NULL)
+			isc_mempool_put(commctx, l->sendspace);
 		if (l->timer != NULL)
 			isc_timer_detach(&l->timer);
 		lp = l;
@@ -936,24 +903,7 @@ flush_lookup_list(void) {
 		ISC_LIST_DEQUEUE(lookup_list, lp, link);
 		isc_mem_free(mctx, lp);
 	}
-}
-
-static void
-getinput(isc_task_t *task, isc_event_t *event) {
-	UNUSED(task);
-	if (global_event == NULL)
-		global_event = event;
-	while (in_use) {
-		isc_app_block();
-		get_next_command();
-		isc_app_unblock();
-		if (ISC_LIST_HEAD(lookup_list) != NULL) {
-			start_lookup();
-			return;
-		}
-	}
-	isc_app_shutdown();
-}
+}	
 
 int
 main(int argc, char **argv) {
@@ -963,38 +913,68 @@ main(int argc, char **argv) {
 	ISC_LIST_INIT(server_list);
 	ISC_LIST_INIT(search_list);
 
-	result = isc_app_start();
-	check_result(result, "isc_app_start");
-
 	setup_libs();
 	progname = argv[0];
+	result = isc_mutex_init(&lock);
+	check_result(result, "isc_mutex_init");
+	result = isc_condition_init(&cond);
+	check_result(result, "isc_condition_init");
+	result = isc_mutex_trylock(&lock);
+	check_result(result, "isc_mutex_trylock");
 
 	parse_args(argc, argv);
 
 	if (deprecation_msg) {
-		fputs(
+		puts (
 "Note:  nslookup is deprecated and may be removed from future releases.\n"
 "Consider using the `dig' or `host' programs instead.  Run nslookup with\n"
-"the `-sil[ent]' option to prevent this message from appearing.\n", stderr);
+"the `-sil[ent]' option to prevent this message from appearing.\n");
 	}
 	setup_system();
 
-	if (in_use)
-		result = isc_app_onrun(mctx, global_task, onrun_callback,
-				       NULL);
-	else
-		result = isc_app_onrun(mctx, global_task, getinput, NULL);
-	check_result(result, "isc_app_onrun");
-	in_use = ISC_TF(!in_use);
+	if (in_use) {
+		busy = ISC_TRUE;
+		start_lookup();
+		while (busy) {
+			result = isc_condition_wait(&cond, &lock);
+			check_result(result, "isc_condition_wait");
+		}
+		flush_lookup_list();
+		in_use = ISC_FALSE;
+	} else {
+		show_settings(ISC_FALSE);
+		in_use = ISC_TRUE;
+	}
 
-	(void)isc_app_run();
+	while (in_use) {
+		get_next_command();
+		if (ISC_LIST_HEAD(lookup_list) != NULL) {
+			busy = ISC_TRUE;
+			start_lookup();
+			while (busy) {
+				result = isc_condition_wait(&cond, &lock);
+				check_result(result, "isc_condition_wait");
+			}
+			debug ("out of the condition wait");
+			flush_lookup_list();
+		}
+	}
 
-	puts("");
-	debug("done, and starting to shut down");
-	if (global_event != NULL)
-		isc_event_free(&global_event);
-	destroy_libs();
+	puts ("");
+	debug ("done, and starting to shut down");
+	free_lists();
+	isc_mutex_destroy(&lock);
+	isc_condition_destroy(&cond);
+	if (taskmgr != NULL) {
+		debug ("freeing taskmgr");
+		isc_taskmgr_destroy(&taskmgr);
+        }
+	if (isc_mem_debugging)
+		isc_mem_stats(mctx, stderr);
 	isc_app_finish();
-
+	if (mctx != NULL)
+		isc_mem_destroy(&mctx);	
+	
 	return (0);
 }
+

bin/dnssec/.cvsignore

@@ -3,5 +3,3 @@ dnssec-keygen
 dnssec-makekeyset
 dnssec-signkey
 dnssec-signzone
-*.lo
-.libs

bin/dnssec/Makefile.in

@@ -1,19 +1,19 @@
 # Copyright (C) 2000  Internet Software Consortium.
-#
+# 
 # Permission to use, copy, modify, and distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
 # copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-# INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+# ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+# CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+# DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+# SOFTWARE.
 
-# $Id: Makefile.in,v 1.11 2000/09/20 19:05:52 gson Exp $
+# $Id: Makefile.in,v 1.7 2000/06/22 21:49:01 tale Exp $
 
 srcdir =	@srcdir@
 VPATH =		@srcdir@
@@ -26,7 +26,7 @@ CINCLUDES =	${DNS_INCLUDES} ${ISC_INCLUDES}
 CDEFINES =
 CWARNINGS =
 
-DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_OPENSSL_LIBS@ @DNS_GSSAPI_LIBS@
+DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_OPENSSL_LIBS@
 ISCLIBS =	../../lib/isc/libisc.@A@
 
 DNSDEPLIBS =	../../lib/dns/libdns.@A@
@@ -66,7 +66,9 @@ clean distclean::
 	rm -f ${TARGETS}
 
 installdirs:
-	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${sbindir}
+	if [ ! -d ${DESTDIR}${sbindir} ]; then \
+		mkdir ${DESTDIR}${sbindir}; \
+	fi
 
 install:: ${TARGSTS} installdirs
 	${LIBTOOL} ${INSTALL_PROGRAM} ${TARGETS} ${DESTDIR}${sbindir}

bin/dnssec/dnssec-keygen.8

@@ -1,303 +0,0 @@
-.\" Copyright (C) 2000  Internet Software Consortium.
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.\" $Id: dnssec-keygen.8,v 1.7 2000/08/01 01:18:49 tale Exp $
-.\"
-.Dd Jun 30, 2000
-.Dt DNSSEC-KEYGEN 8
-.Os BIND9 9
-.ds vT BIND9 Programmer's Manual
-.Sh NAME
-.Nm dnssec-keygen
-.Nd key generation tool for DNSSEC
-.Sh SYNOPSIS
-.Nm dnssec-keygen
-.Fl a Ar algorithm
-.Fl b Ar keysize
-.Op Fl e
-.Op Fl g Ar generator
-.Op Fl h
-.Fl n Ar nametype
-.Op Fl p Ar protocol-value
-.Op Fl r Ar randomdev
-.Op Fl s Ar strength-value
-.Op Fl t Ar type
-.Op Fl v Ar level
-.Ar name
-.Sh DESCRIPTION
-.Nm dnssec-keygen
-generates keys for DNSSEC, Secure DNS, as defined in RFC2535.
-It also generates keys for use in Transaction Signatures, TSIG, which
-is defined in RFC2845.
-.Pp
-A short summary of the options and arguments to
-.Nm dnssec-keygen
-is printed by the
-.Fl h
-(help) option.
-.Pp
-The
-.Fl a ,
-.Fl b ,
-and
-.Fl n
-options and their arguments must be supplied when generating keys.
-The domain name that the key has to be generated for is given by
-.Ar name .
-.Pp
-The choice of encryption algorithm is selected by the
-.Fl a
-option to
-.Nm dnssec-keygen .
-.Ar algorithm
-must be one of
-.Dv RSAMD5 ,
-.Dv DH ,
-.Dv DSA
-or
-.Dv HMAC-MD5
-to indicate that an RSA, Diffie-Hellman, Digital Signature
-Algorithm or HMAC-MD5 key is required.
-An argument of
-.Dv RSA
-can also be given, which is equivalent to
-.Dv RSAMD5 .
-The argument identifying the encryption algorithm is case-insensitive.
-DNSSEC specifies DSA as a mandatory algorithm and RSA as a recommended one.
-Implementations of TSIG must support HMAC-MD5.
-.Pp
-The number of bits in the key is determined by the
-.Ar keysize
-argument following the
-.Fl b
-option.
-The choice of key size depends on the algorithm that is used.
-RSA keys must be between 512 and 2048 bits.
-Diffie-Hellman keys must be between 128 and 4096 bits.
-For DSA, the key size must be between 512 and 1024 bits and a multiple
-of 64.
-The length of an HMAC-MD5 key can be between 1 and 512 bits.
-.Pp
-The
-.Fl n
-option specifies how the generated key will be used.
-.Ar nametype
-can be either
-.Dv ZONE ,
-.Dv HOST ,
-.Dv ENTITY ,
-or
-.Dv USER
-to indicate that the key will be used for signing a zone, host,
-entity or user respectively.
-In this context
-.Dv HOST
-and
-.Dv ENTITY
-are identical.
-.Ar nametype
-is case-insensitive.
-.Pp
-The
-.Fl e
-option can only be used when generating RSA keys.
-It tells
-.Nm dnssec-keygen
-to use a large exponent.
-When creating Diffie-Hellman keys, the
-.Fl g
-option selects the Diffie-Hellman generator
-.Ar generator
-that is to be used.
-The only supported values value of
-.Ar generator
-are 2 and 5.
-If no Diffie-Hellman generator is supplied, a known prime
-from RFC2539 will be used if possible; otherwise 2 will be used as the
-generator.
-.Pp
-The
-.Fl p
-option sets the protocol value for the generated key to
-.Ar protocol-value .
-The default is 2 (email) for keys of type
-.Dv USER
-and 3 (DNSSEC) for all other key types.
-Other possible values for this argument are listed in RFC2535 and its
-successors.
-.Pp
-.Nm dnssec-keygen
-uses random numbers to seed the process
-of generating keys.
-If the system does not have a
-.Pa /dev/random
-device that can be used for generating random numbers,
-.Nm dnssec-keygen
-will prompt for keyboard input and use the time intervals between
-keystrokes to provide randomness.
-The
-.Fl r
-option overrides this behaviour, making
-.Nm dnssec-keygen
-use
-.Ar randomdev
-as a source of random data.
-.Pp
-The key's strength value can be set with the
-.Fl s
-option.
-The generated key will sign DNS resource records
-with a strength value of
-.Ar strength-value .
-It should be a number between 0 and 15.
-The default strength is zero.
-The key strength field currently has no defined purpose in DNSSEC.
-.Pp
-The
-.Fl t
-option indicates if the key is to be used for authentication or
-confidentiality.
-.Ar type
-can be one of
-.Dv AUTHCONF ,
-.Dv NOAUTHCONF ,
-.Dv NOAUTH
-or
-.Dv NOCONF .
-The default is
-.Dv AUTHCONF .
-If type is
-.Dv AUTHCONF
-the key can be used for authentication and confidentialty.
-Setting
-.Ar type
-to
-.Dv NOAUTHCONF
-indicates that the key cannot be used for authentication or confidentialty.
-A value of
-.Dv NOAUTH
-means the key can be used for confidentiality but not for
-authentication.
-Similarly,
-.Dv NOCONF
-defines that the key cannot be used for confidentiality though it can
-be used for authentication.
-.Pp
-The
-.Fl v
-option can be used to make
-.Nm dnssec-keygen
-more verbose.
-As the debugging/tracing level
-.Ar level
-increases,
-.Nm dnssec-keygen
-generates increasingly detailed reports about what it is doing.
-The default level is zero.
-.Sh GENERATED KEYS
-When
-.Nm dnssec-keygen
-completes it prints a string of the form
-.Ar Knnnn.+aaa+iiiii
-on the standard output.
-This is an identification string for the key it has generated.
-These strings can be supplied as arguments to
-.Xr dnssec-makekeyset 8 .
-.Pp
-The
-.Ar nnnn.
-part is the dot-terminated domain name given by
-.Ar name .
-The DNSSEC algorithm identifier is indicated by
-.Ar aaa -
-001 for RSA, 002 for Diffie-Hellman, 003 for DSA or 157 for HMAC-MD5.
-.Ar iiiii
-is a five-digit number identifying the key.
-.Pp
-.Nm dnssec-keygen
-creates two files.
-The file names are adapted from the key identification string above.
-They have names of the form:
-.Ar Knnnn.+aaa+iiiii.key
-and
-.Ar Knnnn.+aaa+iiiii.private .
-These contain the public and private parts of the key respectively.
-The files generated by
-.Nm dnssec-keygen
-obey this naming convention to
-make it easy for the signing tool
-.Xr dnssec-signzone 8
-to identify which file(s) have to be read to find the necessary
-key(s) for generating or validating signatures.
-.Pp
-The
-.Ar .key
-file contains a KEY resource record that can be inserted into a zone file
-with a
-.Dv $INCLUDE
-statement.
-The private part of the key is in the
-.Ar .private
-file.
-It contains details of the encryption algorithm that was used and any
-relevant parameters: prime number, exponent, modulus, subprime, etc.
-For obvious security reasons, this file does not have general read
-permission.
-The private part of the key is used by
-.Xr dnssec-signzone 8
-to generate signatures and the public part is used to verify the
-signatures.
-Both
-.Ar .key
-and
-.Ar .private
-key files are generated for symmetric encryption algorithm such as
-HMAC-MD5, even though the public and private key are equivalent.
-.Sh EXAMPLE
-To generate a 768-bit DSA key for the domain
-.Dv example.com ,
-the following command would be issued:
-.Pp
-.Dl # dnssec-keygen -a DSA -b 768 -n ZONE example.com
-.Dl Kexample.com.+003+26160
-.Pp
-.Nm dnssec-keygen
-has printed the key identification string
-.Dv Kexample.com.+003+26160 ,
-indicating a DSA key with identifier 26160.
-It will also have created the files
-.Pa Kexample.com.+003+26160.key
-and
-.Pa Kexample.com.+003+26160.private
-containing respectively the public and private keys for the generated
-DSA key.
-.Sh FILES
-.Pa /dev/random
-.Sh SEE ALSO
-.Xr RFC2535,
-.Xr RFC2845,
-.Xr RFC2539,
-.Xr dnssec-makekeyset 8 ,
-.Xr dnssec-signkey 8 ,
-.Xr dnssec-signzone 8 .
-.Sh BUGS
-The naming convention for the public and private key files is a little
-clumsy.
-It won't work for domain names that are longer than 236 characters
-because of the
-.Ar .+aaa+iiiii.private
-suffix results in filenames that are too long for most
-.Ux
-systems.

bin/dnssec/dnssec-keygen.c

@@ -1,11 +1,11 @@
 /*
  * Portions Copyright (C) 2000  Internet Software Consortium.
  * Portions Copyright (C) 1995-2000 by Network Associates, Inc.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
+ * 
  * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM AND
  * NETWORK ASSOCIATES DISCLAIM ALL WARRANTIES WITH REGARD TO THIS
  * SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
@@ -17,7 +17,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: dnssec-keygen.c,v 1.42 2000/09/26 22:11:20 bwelling Exp $ */
+/* $Id: dnssec-keygen.c,v 1.36 2000/06/22 02:48:12 bwelling Exp $ */
 
 #include <config.h>
 
@@ -35,7 +35,6 @@
 #include <dns/keyvalues.h>
 #include <dns/log.h>
 #include <dns/name.h>
-#include <dns/rdataclass.h>
 #include <dns/result.h>
 #include <dns/secalg.h>
 
@@ -57,7 +56,7 @@ dsa_size_ok(int size) {
 static void
 usage(void) {
 	printf("Usage:\n");
-	printf("    %s -a alg -b bits -n type [options] name\n\n", program);
+	printf("    %s [options] name\n\n", program);
 	printf("Required options:\n");
 	printf("    -a algorithm: RSA | RSAMD5 | DH | DSA | HMAC-MD5\n");
 	printf("    -b key size, in bits:\n");
@@ -68,16 +67,17 @@ usage(void) {
 	printf("    -n nametype: ZONE | HOST | ENTITY | USER\n");
 	printf("    name: owner of the key\n");
 	printf("Other options:\n");
-	printf("    -c class (default: IN)\n");
 	printf("    -e use large exponent (RSA only)\n");
 	printf("    -g use specified generator (DH only)\n");
-	printf("    -t type: AUTHCONF | NOAUTHCONF | NOAUTH | NOCONF "
-	       "(default: AUTHCONF)\n");
-	printf("    -p protocol value "
-	       "(default: 2 [email] for USER, 3 [dnssec] otherwise)\n");
-	printf("    -s strength value this key signs DNS records with "
-	       "(default: 0)\n");
-	printf("    -r randomdev (a file containing random data)\n");
+	printf("    -t type: AUTHCONF | NOAUTHCONF | NOAUTH | NOCONF\n");
+	printf("        default: AUTHCONF\n");
+	printf("    -p protocol value\n");
+	printf("        default: 2 (email) for User keys, "
+	       			"3 (dnssec) for all others\n");
+	printf("    -s strength value this key signs DNS records with\n");
+	printf("        default: 0\n");
+	printf("    -r randomdev\n");
+        printf("        a file containing random data\n");
 	printf("    -v verbose level\n");
 
 	exit (-1);
@@ -86,7 +86,6 @@ usage(void) {
 int
 main(int argc, char **argv) {
 	char		*algname = NULL, *nametype = NULL, *type = NULL;
-	char		*classname = NULL;
 	char		*randomfile = NULL;
 	char		*prog, *endp;
 	dst_key_t	*key = NULL, *oldkey;
@@ -104,7 +103,6 @@ main(int argc, char **argv) {
 	isc_buffer_t	buf;
 	isc_log_t	*log = NULL;
 	isc_entropy_t	*ectx = NULL;
-	dns_rdataclass_t rdclass;
 
 	RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS);
 
@@ -121,20 +119,20 @@ main(int argc, char **argv) {
 	dns_result_register();
 
 	while ((ch = isc_commandline_parse(argc, argv,
-					   "a:b:c:eg:n:t:p:s:hr:v:")) != -1)
+					   "a:b:eg:n:t:p:s:hr:v:")) != -1)
 	{
 	    switch (ch) {
 		case 'a':
-			algname = isc_commandline_argument;
+			algname = isc_mem_strdup(mctx,
+						  isc_commandline_argument);
+			if (algname == NULL)
+				fatal("out of memory");
 			break;
 		case 'b':
 			size = strtol(isc_commandline_argument, &endp, 10);
 			if (*endp != '\0' || size < 0)
 				fatal("-b requires a non-negative number");
 			break;
-		case 'c':
-			classname = isc_commandline_argument;
-			break;
 		case 'e':
 			rsa_exp = 1;
 			break;
@@ -145,12 +143,13 @@ main(int argc, char **argv) {
 				fatal("-g requires a positive number");
 			break;
 		case 'n':
-			nametype = isc_commandline_argument;
+			nametype = isc_mem_strdup(mctx,
+						  isc_commandline_argument);
 			if (nametype == NULL)
 				fatal("out of memory");
 			break;
 		case 't':
-			type = isc_commandline_argument;
+			type = isc_mem_strdup(mctx, isc_commandline_argument);
 			if (type == NULL)
 				fatal("out of memory");
 			break;
@@ -168,7 +167,10 @@ main(int argc, char **argv) {
 				      "[0..15]");
 			break;
 		case 'r':
-			randomfile = isc_commandline_argument;
+			randomfile = isc_mem_strdup(mctx,
+						    isc_commandline_argument);
+			if (randomfile == NULL)
+				fatal("out of memory");
 			break;
 		case 'v':
 			endp = NULL;
@@ -183,10 +185,12 @@ main(int argc, char **argv) {
 			fprintf(stderr, "%s: invalid argument -%c\n",
 				program, ch);
 			usage();
-		}
+		} 
 	}
 
 	setup_entropy(mctx, randomfile, &ectx);
+	if (randomfile != NULL)
+		isc_mem_free(mctx, randomfile);
 	ret = dst_lib_init(mctx, ectx,
 			   ISC_ENTROPY_BLOCKING | ISC_ENTROPY_GOODONLY);
 	if (ret != ISC_R_SUCCESS)
@@ -271,15 +275,6 @@ main(int argc, char **argv) {
 	else
 		fatal("invalid nametype %s", nametype);
 
-	if (classname != NULL) {
-		r.base = classname;
-		r.length = strlen(classname);
-		ret = dns_rdataclass_fromtext(&rdclass, &r);
-		if (ret != ISC_R_SUCCESS)
-			fatal("unknown class %s",classname);
-	} else 
-		rdclass = dns_rdataclass_in;
-
 	flags |= signatory;
 
 	if (protocol == -1) {
@@ -324,32 +319,29 @@ main(int argc, char **argv) {
 
 	isc_buffer_init(&buf, filename, sizeof(filename) - 1);
 
-	do {
-		conflict = ISC_FALSE;
+	do { 
+		conflict = ISC_FALSE; 
 		oldkey = NULL;
 
 		/* generate the key */
 		ret = dst_key_generate(name, alg, size, param, flags, protocol,
-				       rdclass, mctx, &key);
+				       mctx, &key);
 		isc_entropy_stopcallbacksources(ectx);
 
 		if (ret != ISC_R_SUCCESS) {
-			char namestr[DNS_NAME_FORMATSIZE];
-			char algstr[ALG_FORMATSIZE];
-			dns_name_format(name, namestr, sizeof namestr);
-			alg_format(alg, algstr, sizeof algstr);
 			fatal("failed to generate key %s/%s: %s\n",
-			      namestr, algstr, dst_result_totext(ret));
+			      nametostr(name), algtostr(alg),
+			      dst_result_totext(ret));
 			exit(-1);
 		}
-
+		
 		/*
 		 * Try to read a key with the same name, alg and id from disk.
-		 * If there is one we must continue generating a new one
+		 * If there is one we must continue generating a new one 
 		 * unless we were asked to generate a null key, in which
 		 * case we return failure.
 		 */
-		ret = dst_key_fromfile(name, dst_key_id(key), alg,
+		ret = dst_key_fromfile(name, dst_key_id(key), alg, 
 				       DST_TYPE_PRIVATE, NULL, mctx, &oldkey);
 		/* do not overwrite an existing key  */
 		if (ret == ISC_R_SUCCESS) {
@@ -377,20 +369,22 @@ main(int argc, char **argv) {
 		      "already exists");
 
 	ret = dst_key_tofile(key, DST_TYPE_PUBLIC | DST_TYPE_PRIVATE, NULL);
-	if (ret != ISC_R_SUCCESS) {
-		char keystr[KEY_FORMATSIZE];
-		key_format(key, keystr, sizeof keystr);
-		fatal("failed to write key %s: %s\n", keystr,
-		      isc_result_totext(ret));
-	}
+	if (ret != ISC_R_SUCCESS)
+		fatal("failed to write key %s/%s/%d: %s\n", nametostr(name),
+		      algtostr(alg), dst_key_id(key), isc_result_totext(ret));
 
 	isc_buffer_clear(&buf);
 	ret = dst_key_buildfilename(key, 0, NULL, &buf);
 	printf("%s\n", filename);
+	isc_mem_free(mctx, algname);
+	isc_mem_free(mctx, nametype);
 	isc_mem_free(mctx, prog);
+	if (type != NULL)
+		isc_mem_free(mctx, type);
 	dst_key_free(&key);
 
-	cleanup_logging(&log);
+	if (log != NULL)
+		isc_log_destroy(&log);
 	cleanup_entropy(&ectx);
 	dst_lib_destroy();
 	if (verbose > 10)

bin/dnssec/dnssec-makekeyset.8

@@ -1,210 +0,0 @@
-.\" Copyright (C) 2000  Internet Software Consortium.
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.\" $Id: dnssec-makekeyset.8,v 1.8 2000/08/01 01:18:50 tale Exp $
-.\"
-.Dd Jun 30, 2000
-.Dt DNSSEC-MAKEKEYSET 8
-.Os BIND9 9
-.ds vT BIND9 Programmer's Manual
-.Sh NAME
-.Nm dnssec-makekeyset
-.Nd produce a set of DNSSEC keys
-.Sh SYNOPSIS
-.Nm dnssec-makekeyset
-.Op Fl h
-.Op Fl s Ar start-time
-.Op Fl e Ar end-time
-.Op Fl t Ar TTL
-.Op Fl r Ar randomdev
-.Op Fl p
-.Op Fl v Ar level
-.Ar keyfile ....
-.Sh DESCRIPTION
-.Nm dnssec-makekeyset
-generates a key set from one or more keys created by
-.Xr dnssec-keygen 8 .
-It creates a file containing KEY and SIG records for some zone which
-can then be signed by the zone's parent if the parent zone is
-DNSSEC-aware.
-.Ar keyfile
-should be a key identification string as reported by
-.Xr dnssec-keygen 8 :
-i.e.
-.Ar Knnnn.+aaa+iiiii
-where
-.Ar nnnn
-is the name of the key,
-.Ar aaa
-is the encryption algorithm and
-.Ar iiiii
-is the key identifier.
-Multiple
-.Ar keyfile
-arguments can be supplied when there are several keys to be combined
-by
-.Nm dnssec-makekeyset
-into a key set.
-.Pp
-For any SIG records that are in the key set, the start time when the
-SIG records become valid is specified with the
-.Fl s
-option.
-.Ar start-time
-can either be an absolute or relative date.
-An absolute start time is indicated by a number in YYYYMMDDHHMMSS
-notation: 20000530144500 denotes 14:45:00 UTC on May 30th, 2000.
-A relative start time is supplied when
-.Ar start-time
-is given as +N: N seconds from the current time.
-If no
-.Fl s
-option is supplied, the current date and time is used for the start
-time of the SIG records.
-.Pp
-The expiry date for the SIG records can be set by the
-.Fl e
-option.
-Note that in this context, the expiry date specifies when the SIG
-records are no longer valid, not when they are deleted from caches on name
-servers.
-.Ar end-date
-also represents an absolute or relative date.
-YYYYMMDDHHMMSS notation is used as before to indicate an absolute date
-and time.
-When
-.Ar end-date
-is +N,
-it indicates that the SIG records will expire in N seconds after their
-start date.
-If
-.Ar end-date
-is written as now+N,
-the SIG records will expire in N seconds after the current time.
-When no expiry date is set for the SIG records,
-.Nm dnssec-makekeyset
-defaults to an expire time of 30 days from the start time of the SIG
-records.
-.Pp
-An alternate source of random data can be specified with the
-.Fl r
-option.
-.Ar randomdev
-is the name of the file to use to obtain random data.
-By default
-.Pa /dev/random
-is used if this device is available.
-If it is not provided by the operating system and no
-.Fl r
-option is used,
-.Nm dnssec-makekeyset
-will prompt the user for input from the keyboard and use the time
-between keystrokes to derive some random data.
-.Pp
-The
-.Fl p
-option instructs
-.Nm dnssec-makekeyset
-to use pseudo-random data when self-signing the keyset.  This is faster, but
-less secure, than using genuinely random data for signing.
-This option may be useful when the entropy source is limited.
-.Pp
-The
-.Fl t
-option is followed by a time-to-live argument
-.Ar TTL
-which indicates the TTL value that will be assigned to the assembled KEY
-and SIG records in the output file.
-.Ar TTL
-is expressed in seconds.
-If no
-.Fl t
-option is provided,
-.Nm dnssec-makekeyset
-prints a warning and uses a default TTL of 3600 seconds.
-.Pp
-The
-.Fl v
-option can be used to make
-.Nm dnssec-makekeyset
-more verbose.
-As the debugging/tracing level
-.Ar level
-increases,
-.Nm dnssec-makekeyset
-generates increasingly detailed reports about what it is doing.
-The default level is zero.
-.Pp
-The
-.Fl h
-option makes
-.Nm dnssec-makekeyset
-to print a short summary of its options and arguments.
-.Pp
-If
-.Nm dnssec-makekeyset
-is successful, it creates a file name of the form
-.Ar keyset-nnnn. .
-This file contains the KEY and SIG records for domain
-.Dv nnnn ,
-the domain name part from the key file identifier produced when
-.Nm dnssec-keygen
-created the domain's public and private keys.
-The
-.Ar keyset
-file can then be transferred to the DNS administrator of the parent
-zone for them to sign the contents with
-.Xr dnssec-signkey 8 .
-.Sh EXAMPLE
-The following command generates a key set for the DSA key for
-.Dv example.com
-that was shown in the
-.Xr dnssec-keygen 8
-man page.
-The backslash is for typographic reasons and would not be provided on
-the command line when running
-.Nm dnssec-makekeyset .
-.nf
-.Dl # dnssec-makekeyset -t 86400 -s 20000701120000 \e\p
-.Dl -e +2592000 Kexample.com.+003+26160
-.fi
-.Pp
-.Nm dnssec-makekeyset
-will create a file called
-.Pa keyset-example.com.
-containing a SIG and KEY record for
-.Dv example.com.
-These records will have a TTL of 86400 seconds (1 day).
-The SIG record becomes valid at noon UTC on July 1st 2000 and expires
-30 days (2592000 seconds) later.
-.Pp
-The DNS administrator for
-.Dv example.com
-could then send
-.Pa keyset-example.com.
-to the DNS administrator for
-.Dv .com
-so that they could sign the resource records in the file.
-This assumes that the
-.Dv .com
-zone is DNSSEC-aware and the administrators of the two zones have some
-mechanism for authenticating each other and exchanging the keys and
-signatures securely.
-.Sh FILES
-.Pa /dev/random .
-.Sh SEE ALSO
-.Xr RFC2535 ,
-.Xr dnssec-keygen 8 ,
-.Xr dnssec-signkey 8 .

bin/dnssec/dnssec-makekeyset.c

@@ -1,11 +1,11 @@
 /*
  * Portions Copyright (C) 2000  Internet Software Consortium.
  * Portions Copyright (C) 1995-2000 by Network Associates, Inc.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
+ * 
  * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM AND
  * NETWORK ASSOCIATES DISCLAIM ALL WARRANTIES WITH REGARD TO THIS
  * SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
@@ -17,7 +17,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: dnssec-makekeyset.c,v 1.41 2000/09/26 22:11:21 bwelling Exp $ */
+/* $Id: dnssec-makekeyset.c,v 1.28.2.2 2000/08/15 01:20:32 gson Exp $ */
 
 #include <config.h>
 
@@ -64,6 +64,31 @@ static isc_entropy_t *ectx = NULL;
 
 static keylist_t keylist;
 
+static isc_stdtime_t
+strtotime(char *str, isc_int64_t now, isc_int64_t base) {
+	isc_int64_t val, offset;
+	isc_result_t result;
+	char *endp;
+
+	if (str[0] == '+') {
+		offset = strtol(str + 1, &endp, 0);
+		if (*endp != '\0')
+			fatal("time value %s is invalid", str);
+		val = base + offset;
+	} else if (strncmp(str, "now+", 4) == 0) {
+		offset = strtol(str + 4, &endp, 0);
+		if (*endp != '\0')
+			fatal("time value %s is invalid", str);
+		val = now + offset;
+	} else {
+		result = dns_time64_fromtext(str, &val);
+		if (result != ISC_R_SUCCESS)
+			fatal("time %s must be numeric", str);
+	}
+
+	return ((isc_stdtime_t) val);
+}
+
 static void
 usage(void) {
 	fprintf(stderr, "Usage:\n");
@@ -78,8 +103,6 @@ usage(void) {
 	fprintf(stderr, "\t\tSIG end time  - "
 			     "absolute|from start|from now (now + 30 days)\n");
 	fprintf(stderr, "\t-t ttl\n");
-	fprintf(stderr, "\t-p\n");
-	fprintf(stderr, "\t\tuse pseudorandom data (faster but less secure)\n");
 	fprintf(stderr, "\t-r randomdev:\n");
 	fprintf(stderr, "\t\ta file containing random data\n");
 	fprintf(stderr, "\t-v level:\n");
@@ -115,8 +138,6 @@ main(int argc, char *argv[]) {
 	isc_log_t *log = NULL;
 	keynode_t *keynode;
 	dns_name_t *savedname = NULL;
-	unsigned int eflags;
-	isc_boolean_t pseudorandom = ISC_FALSE;
 
 	result = isc_mem_create(0, 0, &mctx);
 	if (result != ISC_R_SUCCESS)
@@ -125,15 +146,21 @@ main(int argc, char *argv[]) {
 
 	dns_result_register();
 
-	while ((ch = isc_commandline_parse(argc, argv, "s:e:t:r:v:ph")) != -1)
+	while ((ch = isc_commandline_parse(argc, argv, "s:e:t:r:v:h")) != -1)
 	{
 		switch (ch) {
 		case 's':
-			startstr = isc_commandline_argument;
+			startstr = isc_mem_strdup(mctx,
+						  isc_commandline_argument);
+			if (startstr == NULL)
+				fatal("out of memory");
 			break;
 
 		case 'e':
-			endstr = isc_commandline_argument;
+			endstr = isc_mem_strdup(mctx,
+						isc_commandline_argument);
+			if (endstr == NULL)
+				fatal("out of memory");
 			break;
 
 		case 't':
@@ -144,7 +171,10 @@ main(int argc, char *argv[]) {
 			break;
 
 		case 'r':
-			randomfile = isc_commandline_argument;
+			randomfile = isc_mem_strdup(mctx,
+						    isc_commandline_argument);
+			if (randomfile == NULL)
+				fatal("out of memory");
 			break;
 
 		case 'v':
@@ -154,10 +184,6 @@ main(int argc, char *argv[]) {
 				fatal("verbose level must be numeric");
 			break;
 
-		case 'p':
-			pseudorandom = ISC_TRUE;
-			break;
-
 		case 'h':
 		default:
 			usage();
@@ -172,22 +198,26 @@ main(int argc, char *argv[]) {
 		usage();
 
 	setup_entropy(mctx, randomfile, &ectx);
-	eflags = ISC_ENTROPY_BLOCKING;
-	if (!pseudorandom)
-		eflags |= ISC_ENTROPY_GOODONLY;
-	result = dst_lib_init(mctx, ectx, eflags);
+	if (randomfile != NULL)
+		isc_mem_free(mctx, randomfile);
+	result = dst_lib_init(mctx, ectx,
+			      ISC_ENTROPY_BLOCKING | ISC_ENTROPY_GOODONLY);
 	if (result != ISC_R_SUCCESS)
 		fatal("could not initialize dst");
 
 	isc_stdtime_get(&now);
 
-	if (startstr != NULL)
+	if (startstr != NULL) {
 		starttime = strtotime(startstr, now, now);
+		isc_mem_free(mctx, startstr);
+	}
 	else
 		starttime = now;
 
-	if (endstr != NULL)
+	if (endstr != NULL) {
 		endtime = strtotime(endstr, now, starttime);
+		isc_mem_free(mctx, endstr);
+	}
 	else
 		endtime = starttime + (30 * 24 * 60 * 60);
 
@@ -200,7 +230,7 @@ main(int argc, char *argv[]) {
 	setup_logging(verbose, mctx, &log);
 
 	dns_rdatalist_init(&rdatalist);
-	rdatalist.rdclass = 0;
+	rdatalist.rdclass = dns_rdataclass_in;
 	rdatalist.type = dns_rdatatype_key;
 	rdatalist.covers = 0;
 	rdatalist.ttl = ttl;
@@ -208,23 +238,17 @@ main(int argc, char *argv[]) {
 	ISC_LIST_INIT(keylist);
 
 	for (i = 0; i < argc; i++) {
-		char namestr[DNS_NAME_FORMATSIZE];
-		isc_buffer_t namebuf;
-
+		char namestr[1025];
 		key = NULL;
 		result = dst_key_fromnamedfile(argv[i], DST_TYPE_PUBLIC,
 					       mctx, &key);
 		if (result != ISC_R_SUCCESS)
 			fatal("error loading key from %s", argv[i]);
-		if (rdatalist.rdclass == 0)
-			rdatalist.rdclass = dst_key_class(key);
 
-		isc_buffer_init(&namebuf, namestr, sizeof namestr);
-		result = dns_name_totext(dst_key_name(key), ISC_FALSE,
-					 &namebuf);
-		check_result(result, "dns_name_totext");
-		isc_buffer_putuint8(&namebuf, 0);
-		
+		strncpy(namestr, nametostr(dst_key_name(key)),
+			sizeof(namestr) - 1);
+		namestr[sizeof(namestr) - 1] = 0;
+
 		if (savedname == NULL) {
 			savedname = isc_mem_get(mctx, sizeof(dns_name_t));
 			if (savedname == NULL)
@@ -235,22 +259,19 @@ main(int argc, char *argv[]) {
 			if (result != ISC_R_SUCCESS)
 				fatal("out of memory");
 		} else {
-			char savednamestr[DNS_NAME_FORMATSIZE];
-			dns_name_format(savedname, savednamestr,
-					sizeof savednamestr);
 			if (!dns_name_equal(savedname, dst_key_name(key)) != 0)
 				fatal("all keys must have the same owner - %s "
 				      "and %s do not match",
-				      savednamestr, namestr);
+				      nametostr(savedname), namestr);
 		}
 		if (output == NULL) {
 			output = isc_mem_allocate(mctx,
-						  strlen("keyset-") +
-						  strlen(namestr) + 1);
+						  strlen(namestr) +
+						  strlen("keyset") + 1);
 			if (output == NULL)
 				fatal("out of memory");
-			strcpy(output, "keyset-");
-			strcat(output, namestr);
+			strcpy(output, namestr);
+			strcat(output, "keyset");
 		}
 		if (domain == NULL) {
 			dns_fixedname_init(&fdomain);
@@ -269,7 +290,7 @@ main(int argc, char *argv[]) {
 						       DST_TYPE_PRIVATE,
 						       mctx, &zonekey);
 			if (result != ISC_R_SUCCESS)
-				fatal("failed to read private key %s: %s",
+				fatal("failed to read key %s: %s",
 				      argv[i], isc_result_totext(result));
 			keynode = isc_mem_get(mctx, sizeof (keynode_t));
 			if (keynode == NULL)
@@ -290,7 +311,7 @@ main(int argc, char *argv[]) {
 			fatal("failed to convert key %s to a DNS KEY: %s",
 			      argv[i], isc_result_totext(result));
 		isc_buffer_usedregion(&b, &r);
-		dns_rdata_fromregion(rdata, rdatalist.rdclass,
+		dns_rdata_fromregion(rdata, dns_rdataclass_in,
 				     dns_rdatatype_key, &r);
 		ISC_LIST_APPEND(rdatalist.rdata, rdata, link);
 		dst_key_free(&key);
@@ -301,7 +322,7 @@ main(int argc, char *argv[]) {
 	check_result(result, "dns_rdatalist_tordataset()");
 
 	dns_rdatalist_init(&sigrdatalist);
-	sigrdatalist.rdclass = rdatalist.rdclass;
+	sigrdatalist.rdclass = dns_rdataclass_in;
 	sigrdatalist.type = dns_rdatatype_sig;
 	sigrdatalist.covers = dns_rdatatype_key;
 	sigrdatalist.ttl = ttl;
@@ -325,12 +346,12 @@ main(int argc, char *argv[]) {
 					 &starttime, &endtime, mctx, &b,
 					 rdata);
 		isc_entropy_stopcallbacksources(ectx);
-		if (result != ISC_R_SUCCESS) {
-			char keystr[KEY_FORMATSIZE];
-			key_format(keynode->key, keystr, sizeof keystr);
-			fatal("failed to sign keyset with key %s: %s",
-			      keystr, isc_result_totext(result));
-		}
+		if (result != ISC_R_SUCCESS)
+			fatal("failed to sign keyset with key %s/%s/%d: %s",
+			      nametostr(dst_key_name(keynode->key)),
+			      algtostr(dst_key_alg(keynode->key)),
+			      dst_key_id(keynode->key),
+			      isc_result_totext(result));
 		ISC_LIST_APPEND(sigrdatalist.rdata, rdata, link);
 		dns_rdataset_init(&sigrdataset);
 		result = dns_rdatalist_tordataset(&sigrdatalist, &sigrdataset);
@@ -339,12 +360,9 @@ main(int argc, char *argv[]) {
 
 	db = NULL;
 	result = dns_db_create(mctx, "rbt", domain, dns_dbtype_zone,
-			       rdataset.rdclass, 0, NULL, &db);
-	if (result != ISC_R_SUCCESS) {
-		char domainstr[DNS_NAME_FORMATSIZE];
-		dns_name_format(domain, domainstr, sizeof domainstr);
-		fatal("failed to create a database for %s", domainstr);
-	}
+			       dns_rdataclass_in, 0, NULL, &db);
+	if (result != ISC_R_SUCCESS)
+		fatal("failed to create a database for %s", nametostr(domain));
 
 	version = NULL;
 	dns_db_newversion(db, &version);
@@ -361,12 +379,9 @@ main(int argc, char *argv[]) {
 	dns_db_detachnode(db, &node);
 	dns_db_closeversion(db, &version, ISC_TRUE);
 	result = dns_db_dump(db, version, output);
-	if (result != ISC_R_SUCCESS) {
-		char domainstr[DNS_NAME_FORMATSIZE];
-		dns_name_format(domain, domainstr, sizeof domainstr);
+	if (result != ISC_R_SUCCESS)
 		fatal("failed to write database for %s to %s",
-		      domainstr, output);
-	}
+		      nametostr(domain), output);
 
 	dns_db_detach(&db);
 
@@ -396,7 +411,8 @@ main(int argc, char *argv[]) {
 		isc_mem_put(mctx, savedname, sizeof(dns_name_t));
 	}
 
-	cleanup_logging(&log);
+	if (log != NULL)
+		isc_log_destroy(&log);
 	cleanup_entropy(&ectx);
 
 	isc_mem_free(mctx, output);

bin/dnssec/dnssec-signkey.8

@@ -1,159 +0,0 @@
-.\" Copyright (C) 2000  Internet Software Consortium.
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.\" $Id: dnssec-signkey.8,v 1.9 2000/08/01 01:18:51 tale Exp $
-.\"
-.Dd Jun 30, 2000
-.Dt DNSSEC-SIGNKEY 8
-.Os BIND9 9
-.ds vT BIND9 Programmer's Manual
-.Sh NAME
-.Nm dnssec-signkey
-.Nd DNSSEC keyset signing tool
-.Sh SYNOPSIS
-.Nm dnssec-signkey
-.Op Fl h
-.Op Fl p
-.Op Fl r Ar randomdev
-.Op Fl v Ar level
-.Ar keyset
-.Ar keyfile ...
-.Sh DESCRIPTION
-.Nm dnssec-signkey
-is used to sign a key set for a child zone.
-Typically this would be provided by a
-.Ar keyset
-file generated by
-.Xr dnssec-makekeyset 8 .
-This provides a mechanism for a DNSSEC-aware zone to sign the keys of
-any DNSSEC-aware child zones.
-The child zone's key set gets signed with the zone keys for its parent
-zone.
-.Ar keyset
-will be the pathname of the child zone's
-.Ar keyset
-file.
-Each
-.Ar keyfile
-argument will be a key identification string as reported by
-.Xr dnssec-keygen 8
-for the parent zone.
-This allows the child's keys to be signed by more than one
-parent zone key.
-.Pp
-The
-.Fl h
-option makes
-.Nm dnssec-signkey
-print a short summary of its command line options
-and arguments.
-.Pp
-.Nm dnssec-signkey
-may need random numbers in the process of generating keys.
-If the system does not have a
-.Pa /dev/random
-device that can be used for generating random numbers,
-.Nm dnssec-signkey
-will prompt for keyboard input and use the time intervals between
-keystrokes to provide randomness.
-The
-.Fl r
-option overrides this behaviour, making
-.Nm dnssec-signkey
-use
-.Ar randomdev
-as a source of random data.
-.Pp
-The
-.Fl p
-option instructs
-.Nm dnssec-signkey
-to use pseudo-random data when signing the keys.  This is faster, but
-less secure, than using genuinely random data for signing.
-This option may be useful when there are many child zone keysets to
-sign or if the entropy source is limited.
-It could also be used for short-lived keys and signatures that don't
-require as much protection against cryptanalysis, such as when the key
-will be discarded long before it could be compromised.
-.Pp
-The
-.Fl v
-option can be used to make
-.Nm dnssec-signkey
-more verbose.
-As the debugging/tracing level
-.Ar level
-increases,
-.Nm dnssec-signkey
-generates increasingly detailed reports about what it is doing.
-The default level is zero.
-.Pp
-When
-.Nm dnssec-signkey
-completes successfully, it generates a file called
-.Ar signedkey-nnnn.
-containing the signed keys for child zone
-.Ar nnnn .
-The keys from the
-.Ar keyset
-file will have been signed by the parent zone's key or keys which were
-supplied as
-.Ar keyfile
-arguments.
-This file should be sent to the DNS administrator of the child zone.
-They arrange for its contents to be incorporated into the zone file
-when it next gets signed with
-.Xr dnssec-signzone 8 .
-A copy of the generated
-.Ar signedkey
-file should be kept by the parent zone's DNS administrator, since
-it will be needed when signing the parent zone.
-.Sh EXAMPLE
-The DNS administrator for a DNSSEC-aware
-.Dv .com
-zone would use the following command to make
-.Nm dnssec-signkey
-sign the
-.Ar keyset
-file for
-.Dv example.com
-created in the example shown in the man page for
-.Xr dnssec-makekeyset 8 :
-.Pp
-.Dl # dnssec-signkey keyset-example.com. Kcom.+003+51944
-.Pp
-where
-.Dv Kcom.+003+51944
-was a key file identifier that was produced when
-.Xr dnssec-keygen 8
-generated a key for the
-.Dv .com
-zone.
-.Pp
-.Nm dnssec-signkey
-will produce a file called
-.Dv signedkey-example.com.
-which has the keys for
-.Dv example.com
-signed by the
-.Dv com
-zone's zone key.
-.Sh FILES
-.Pa /dev/random
-.Sh SEE ALSO
-.Xr RFC2535,
-.Xr dnssec-keygen 8 ,
-.Xr dnssec-makekeyset 8 ,
-.Xr dnssec-signzone 8 .

bin/dnssec/dnssec-signkey.c

@@ -1,11 +1,11 @@
 /*
  * Portions Copyright (C) 2000  Internet Software Consortium.
  * Portions Copyright (C) 1995-2000 by Network Associates, Inc.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
+ * 
  * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM AND
  * NETWORK ASSOCIATES DISCLAIM ALL WARRANTIES WITH REGARD TO THIS
  * SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
@@ -17,7 +17,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: dnssec-signkey.c,v 1.38 2000/10/17 07:22:21 marka Exp $ */
+/* $Id: dnssec-signkey.c,v 1.28.2.1 2000/08/15 01:20:34 gson Exp $ */
 
 #include <config.h>
 
@@ -31,10 +31,8 @@
 
 #include <dns/db.h>
 #include <dns/dnssec.h>
-#include <dns/fixedname.h>
 #include <dns/log.h>
 #include <dns/rdata.h>
-#include <dns/rdataclass.h>
 #include <dns/rdatalist.h>
 #include <dns/rdataset.h>
 #include <dns/rdatastruct.h>
@@ -58,7 +56,7 @@ struct keynode {
 };
 typedef ISC_LIST(keynode_t) keylist_t;
 
-static isc_stdtime_t starttime = 0, endtime = 0, now;
+static isc_stdtime_t now;
 
 static isc_mem_t *mctx = NULL;
 static isc_entropy_t *ectx = NULL;
@@ -72,12 +70,6 @@ usage(void) {
 	fprintf(stderr, "\n");
 
 	fprintf(stderr, "Options: (default value in parenthesis) \n");
-	fprintf(stderr, "\t-c class (IN)\n");
-	fprintf(stderr, "\t-s YYYYMMDDHHMMSS|+offset:\n");
-	fprintf(stderr, "\t\tSIG start time - absolute|offset (from keyset)\n");
-	fprintf(stderr, "\t-e YYYYMMDDHHMMSS|+offset|\"now\"+offset]:\n");
-	fprintf(stderr, "\t\tSIG end time  - absolute|from start|from now "
-		"(from keyset)\n");
 	fprintf(stderr, "\t-v level:\n");
 	fprintf(stderr, "\t\tverbose level (0)\n");
 	fprintf(stderr, "\t-p\n");
@@ -144,7 +136,6 @@ findkey(dns_rdata_sig_t *sig) {
 int
 main(int argc, char *argv[]) {
 	int i, ch;
-	char *startstr = NULL, *endstr = NULL, *classname = NULL;
 	char tdomain[1025];
 	dns_fixedname_t fdomain;
 	dns_name_t *domain;
@@ -163,39 +154,28 @@ main(int argc, char *argv[]) {
 	isc_result_t result;
 	isc_buffer_t b;
 	isc_region_t r;
-	isc_textregion_t tr;
 	isc_log_t *log = NULL;
 	keynode_t *keynode;
 	isc_boolean_t pseudorandom = ISC_FALSE;
 	unsigned int eflags;
-	dns_rdataclass_t rdclass;
 
 	result = isc_mem_create(0, 0, &mctx);
 	check_result(result, "isc_mem_create()");
 
 	dns_result_register();
 
-	while ((ch = isc_commandline_parse(argc, argv, "c:s:e:pr:v:h")) != -1)
+	while ((ch = isc_commandline_parse(argc, argv, "pr:v:h")) != -1)
 	{
 		switch (ch) {
-		case 'c':
-			classname = isc_commandline_argument;
-			break;
-
-		case 's':
-			startstr = isc_commandline_argument;
-			break;
-						
-		case 'e':
-			endstr = isc_commandline_argument;
-			break;
-
 		case 'p':
 			pseudorandom = ISC_TRUE;
 			break;
 
 		case 'r':
-			randomfile = isc_commandline_argument;
+			randomfile = isc_mem_strdup(mctx,
+						    isc_commandline_argument);
+			if (randomfile == NULL)
+				fatal("out of memory");
 			break;
 
 		case 'v':
@@ -218,16 +198,9 @@ main(int argc, char *argv[]) {
 	if (argc < 2)
 		usage();
 
-	if (classname != NULL) {
-		tr.base = classname;
-		tr.length = strlen(classname);
-		result = dns_rdataclass_fromtext(&rdclass, &tr);
-		if (result != ISC_R_SUCCESS)
-			fatal("unknown class %s",classname);
-	} else
-		rdclass = dns_rdataclass_in;
-
 	setup_entropy(mctx, randomfile, &ectx);
+	if (randomfile != NULL)
+		isc_mem_free(mctx, randomfile);
 	eflags = ISC_ENTROPY_BLOCKING;
 	if (!pseudorandom)
 		eflags |= ISC_ENTROPY_GOODONLY;
@@ -237,20 +210,16 @@ main(int argc, char *argv[]) {
 
 	isc_stdtime_get(&now);
 
-	if ((startstr == NULL || endstr == NULL) &&
-	    !(startstr == NULL && endstr == NULL))
-		fatal("if -s or -e is specified, both must be");
-
 	setup_logging(verbose, mctx, &log);
 
-	if (strlen(argv[0]) < 8 || strncmp(argv[0], "keyset-", 7) != 0)
-		fatal("keyset file '%s' must start with keyset-", argv[0]);
+	if (strlen(argv[0]) < 8 ||
+	    strcmp(argv[0] + strlen(argv[0]) - 7, ".keyset") != 0)
+		fatal("keyset file must end in .keyset");
 
 	dns_fixedname_init(&fdomain);
 	domain = dns_fixedname_name(&fdomain);
-	isc_buffer_init(&b, argv[0] + strlen("keyset-"),
-			strlen(argv[0]) - strlen("keyset-"));
-	isc_buffer_add(&b, strlen(argv[0]) - strlen("keyset-"));
+	isc_buffer_init(&b, argv[0], strlen(argv[0]) - 7);
+	isc_buffer_add(&b, strlen(argv[0]) - 7);
 	result = dns_name_fromtext(domain, &b, dns_rootname, ISC_FALSE, NULL);
 	if (result != ISC_R_SUCCESS)
 		fatal("'%s' does not contain a valid domain name", argv[0]);
@@ -261,19 +230,19 @@ main(int argc, char *argv[]) {
 	tdomain[r.length] = 0;
 
 	output = isc_mem_allocate(mctx,
-				  strlen("signedkey-") + strlen(tdomain) + 1);
+				  strlen(tdomain) + strlen("signedkey") + 1);
 	if (output == NULL)
 		fatal("out of memory");
-	strcpy(output, "signedkey-");
-	strcat(output, tdomain);
+	strcpy(output, tdomain);
+	strcat(output, "signedkey");
 
 	db = NULL;
 	result = dns_db_create(mctx, "rbt", domain, dns_dbtype_zone,
-			       rdclass, 0, NULL, &db);
+			       dns_rdataclass_in, 0, NULL, &db);
 	check_result(result, "dns_db_create()");
 
 	result = dns_db_load(db, argv[0]);
-	if (result != ISC_R_SUCCESS && result != DNS_R_SEENINCLUDE)
+	if (result != ISC_R_SUCCESS)
 		fatal("failed to load database from '%s': %s", argv[0],
 		      isc_result_totext(result));
 
@@ -282,23 +251,17 @@ main(int argc, char *argv[]) {
 
 	node = NULL;
 	result = dns_db_findnode(db, domain, ISC_FALSE, &node);
-	if (result != ISC_R_SUCCESS) {
-		char domainstr[DNS_NAME_FORMATSIZE];
-		dns_name_format(domain, domainstr, sizeof domainstr);
+	if (result != ISC_R_SUCCESS)
 		fatal("failed to find database node '%s': %s",
-		      domainstr, isc_result_totext(result));
-	}
+		      nametostr(domain), isc_result_totext(result));
 
 	dns_rdataset_init(&rdataset);
 	dns_rdataset_init(&sigrdataset);
 	result = dns_db_findrdataset(db, node, version, dns_rdatatype_key, 0,
 				     0, &rdataset, &sigrdataset);
-	if (result != ISC_R_SUCCESS) {
-		char domainstr[DNS_NAME_FORMATSIZE];
-		dns_name_format(domain, domainstr, sizeof domainstr);
+	if (result != ISC_R_SUCCESS)
 		fatal("failed to find rdataset '%s KEY': %s",
-		      domainstr, isc_result_totext(result));
-	}
+		      nametostr(domain), isc_result_totext(result));
 
 	loadkeys(domain, &rdataset);
 
@@ -314,25 +277,15 @@ main(int argc, char *argv[]) {
 		key = findkey(&sig);
 		result = dns_dnssec_verify(domain, &rdataset, key,
 					   ISC_TRUE, mctx, &sigrdata);
-		if (result != ISC_R_SUCCESS) {
-			char keystr[KEY_FORMATSIZE];
-			key_format(key, keystr, sizeof keystr);
-			fatal("signature by key '%s' did not verify: %s",
-			      keystr, isc_result_totext(result));
-		}
+		if (result != ISC_R_SUCCESS)
+			fatal("signature by key '%s/%s/%d' did not verify: %s",
+			      nametostr(dst_key_name(key)),
+			      algtostr(dst_key_alg(key)),
+			      dst_key_id(key), isc_result_totext(result));
 		dns_rdata_freestruct(&sig);
 		result = dns_rdataset_next(&sigrdataset);
 	} while (result == ISC_R_SUCCESS);
 
-	if (startstr != NULL) {
-		starttime = strtotime(startstr, now, now);
-		endtime = strtotime(endstr, now, starttime);
-	} else {
-		starttime = sig.timesigned;
-		endtime = sig.timeexpire;
-	}
-
-
 	for (keynode = ISC_LIST_HEAD(keylist);
 	     keynode != NULL;
 	     keynode = ISC_LIST_NEXT(keynode, link))
@@ -372,15 +325,14 @@ main(int argc, char *argv[]) {
 			fatal("out of memory");
 		isc_buffer_init(&b, data, BUFSIZE);
 		result = dns_dnssec_sign(domain, &rdataset, key,
-					 &starttime, &endtime,
+					 &sig.timesigned, &sig.timeexpire,
 					 mctx, &b, rdata);
 		isc_entropy_stopcallbacksources(ectx);
-		if (result != ISC_R_SUCCESS) {
-			char keystr[KEY_FORMATSIZE];
-			key_format(key, keystr, sizeof keystr);
-			fatal("key '%s' failed to sign data: %s",
-			      keystr, isc_result_totext(result));
-		}
+		if (result != ISC_R_SUCCESS)
+			fatal("key '%s/%s/%d' failed to sign data: %s",
+			      nametostr(dst_key_name(key)),
+			      algtostr(dst_key_alg(key)),
+			      dst_key_id(key), isc_result_totext(result));
 		ISC_LIST_APPEND(sigrdatalist.rdata, rdata, link);
 		dst_key_free(&key);
 	}
@@ -420,7 +372,8 @@ main(int argc, char *argv[]) {
 		isc_mem_put(mctx, keynode, sizeof(keynode_t));
 	}
 
-	cleanup_logging(&log);
+	if (log != NULL)
+		isc_log_destroy(&log);
 
         isc_mem_free(mctx, output);
 	cleanup_entropy(&ectx);

bin/dnssec/dnssec-signzone.8

@@ -1,254 +0,0 @@
-.\" Copyright (C) 2000  Internet Software Consortium.
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.\" $Id: dnssec-signzone.8,v 1.12 2000/08/17 22:08:16 gson Exp $
-.\"
-.Dd Jun 30, 2000
-.Dt DNSSEC-SIGNZONE 8
-.Os BIND9 9
-.ds vT BIND9 Programmer's Manual
-.Sh NAME
-.Nm dnssec-signzone
-.Nd DNSSEC zone signing tool
-.Sh SYNOPSIS
-.Nm dnssec-signzone
-.Op Fl a
-.Op Fl c Ar cycle-time
-.Op Fl s Ar start-time
-.Op Fl e Ar end-time
-.Op Fl o Ar origin
-.Op Fl f Ar output-file
-.Op Fl p
-.Op Fl r Ar randomdev
-.Op Fl v Ar level
-.Ar zonefile
-.Op keyfile ....
-.Sh DESCRIPTION
-.Pp
-.Nm dnssec-signzone
-is used to sign a zone.
-Any
-.Ar signedkey
-files for the zone to be signed should be present in the current
-directory, along with the keys that will be used to sign the zone.
-If no
-.Ar keyfile
-arguments are supplied, the default behaviour is to use all of the zone's
-keys that are present in the current directory.
-Providing specific
-.Ar keyfile
-arguments constrains
-.Nm dnssec-signzone
-to only use those keys for signing the zone.
-Each
-.Ar keyfile
-argument would be an identification string for a key created with
-.Xr dnssec-keygen 8 .
-If the zone to be signed has any secure subzones, the
-.Ar signedkey
-files for those subzones need to be available in the
-current working directory used by
-.Nm dnssec-signzone .
-.Pp
-.Ar zonefile
-is the name of the unsigned zone file.
-Unless the file name is the same as the name of the zone, the
-.Fl o
-option should be given.
-.Ar origin
-will be the fully qualified domain origin for the zone.
-.Pp
-.Nm dnssec-signzone
-will generate NXT and SIG records for the zone and produce a signed
-version of the zone.
-If there is a
-.Ar signedkey
-file from the zone's parent, the parent's signatures will be
-incorporated into the generated signed zone file.
-The security status of delegations from the the signed zone
-- i.e. whether the child zones are DNSSEC-aware or not - is
-set according to the presence or absence of a
-.Ar signedkey
-file for the child in case.
-.Pp
-By default,
-.Nm dnssec-signzone
-generates a file called
-.Ar zonefile.signed
-containing the signed zone file.
-The output file name can be overridden usign the
-.Fl f
-option.
-.\" Don't hyphenate YYYYMMDDHHMMSS
-.nh YYYYMMDDHHMMSS
-.Pp
-.Nm dnssec-signzone
-does not verify the signatures by default.
-The
-.Fl a
-option makes it verify the signatures it generated.
-.Pp
-The date and time when the generated
-SIG records become valid can be specified with the
-.Fl s
-option.
-.Ar start-time
-can either be an absolute or relative date.
-An absolute start time is indicated by a number in YYYYMMDDHHMMSS
-notation: 20000530144500 denotes 14:45:00 UTC on May 30th, 2000.
-A relative start time is supplied when
-.Ar start-time
-is given as +N: N seconds from the current time.
-If no
-.Fl s
-option is supplied, the current date and time is used for the start
-time of the SIG records.
-.Pp
-The expiry date for the SIG records can be set by the
-.Fl e
-option.
-Note that in this context, the expiry date specifies when the SIG
-records are no longer valid, not when they are deleted from caches on name
-servers.
-.Ar end-date
-also represents an absolute or relative date.
-YYYYMMDDHHMMSS notation is used as before to indicate an absolute date
-and time.
-When
-.Ar end-date
-is +N,
-it indicates that the SIG records will expire in N seconds after their
-start date.
-If
-.Ar end-date
-is supplied as now+N,
-the SIG records will expire in N seconds after the current time.
-When no expiry date is set for the SIG records,
-.Nm dnssec-signzone
-defaults to an expire time of 30 days from the start time of the SIG
-records.
-.Pp
-When a previously signed zone is passed as input to
-.Nm dnssec-signzone ,
-records may be resigned.  Whether or not to resign records is configurable
-by using the
-.Fl c
-option, which specifies the cycle period as an offset from the current time
-(in seconds).  If a SIG record expires after the cycle period, it is retained.
-Otherwise, it is considered to be expiring soon, and
-.Nm dnssec-signzone
-will remove it and generate a new SIG record to replace it.
-.Pp
-The default cycle period is one quarter of the difference between the
-specified signature end and start dates.  So if the
-.Fl e
-and
-.Fl s
-options are not specified,
-.Nm dnssec-signzone
-generates signatures that are valid for 30 days from the current date
-by default, with a cycle period of 7.5 days.  Therefore, if any SIG records
-are due to expire in less than 7.5 days, they would be replaced
-with new ones.
-.Pp
-.Nm dnssec-signzone
-may need random numbers in the process of signing the zone.
-If the system does not have a
-.Pa /dev/random
-device that can be used for generating random numbers,
-.Nm dnssec-signzone
-will prompt for keyboard input and use the time intervals between
-keystrokes to provide randomness.
-The
-.Fl r
-option overrides this behaviour, making
-.Nm dnssec-signzone
-use
-.Ar randomdev
-as a source of random data.
-.Pp
-The
-.Fl p
-option instructs
-.Nm dnssec-signzone
-to use pseudo-random data when signing the keys.  This is faster, but
-less secure, than using genuinely random data for signing.
-This option may be useful when signing large zones or when the 
-entropy source is limited.
-.Pp
-An option of
-.Fl h
-makes
-.Nm dnssec-signzone
-print a short summary of its command line options
-and arguments.
-.Pp
-The
-.Fl v
-option can be used to make
-.Nm dnssec-signzone
-more verbose.
-As the debugging/tracing level
-.Ar level
-increases,
-.Nm dnssec-signzone
-generates increasingly detailed reports about what it is doing.
-The default level is zero.
-.Sh EXAMPLE
-The example below shows how
-.Nm dnssec-signzone
-could be used to sign the
-.Dv example.com
-zone with the key that was generated in the example given in the
-man page for
-.Xr dnssec-keygen 8 .
-The zone file for this zone is
-.Dv example.com ,
-which is the same as the origin, so there is no need to use the
-.Fl o
-option to set the origin.
-The zone's keys were either appended to the zone file or
-incorporated using a
-.Dv $INCLUDE
-statement.
-If there was a
-.Ar signedkey
-file from the parent zone - i.e.
-.Dv signedkey-example.com.
-- it should be present in the current directory.
-This allows the parent zone's signature to be included in the signed
-version of the
-.Dv example.com
-zone.
-.Pp
-.Dl # dnssec-signzone example.com Kexample.com.+003+26160
-.Pp
-.Nm dnssec-signzone
-will create a file called
-.Dv example.com.signed ,
-the signed version of the
-.Dv example.com
-zone.
-This file can then be referenced in a
-.Dv zone{}
-statement in
-.Pa /etc/named.conf
-so that it can be loaded by the name server.
-.Sh FILES
-.Pa /dev/random
-.Sh SEE ALSO
-.Xr RFC2535,
-.Xr dnssec-keygen 8 ,
-.Xr dnssec-signkey 8 .

bin/dnssec/dnssectool.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: dnssectool.c,v 1.22 2000/09/26 22:11:24 bwelling Exp $ */
+/* $Id: dnssectool.c,v 1.12.2.1 2000/08/07 16:41:38 gson Exp $ */
 
 #include <config.h>
 
@@ -27,15 +27,12 @@
 #include <isc/string.h>
 #include <isc/time.h>
 #include <isc/util.h>
-#include <isc/print.h>
 
 #include <dns/log.h>
 #include <dns/name.h>
-#include <dns/rdatastruct.h>
 #include <dns/rdatatype.h>
 #include <dns/result.h>
 #include <dns/secalg.h>
-#include <dns/time.h>
 
 #include "dnssectool.h"
 
@@ -78,50 +75,49 @@ vbprintf(int level, const char *fmt, ...) {
 	va_end(ap);
 }
 
-void
-type_format(const dns_rdatatype_t type, char *cp, unsigned int size) {
+char *
+nametostr(dns_name_t *name) {
 	isc_buffer_t b;
 	isc_region_t r;
 	isc_result_t result;
+	static char data[1025];
 
-	isc_buffer_init(&b, cp, size - 1);
+	isc_buffer_init(&b, data, sizeof(data));
+	result = dns_name_totext(name, ISC_FALSE, &b);
+	check_result(result, "dns_name_totext()");
+	isc_buffer_usedregion(&b, &r);
+	r.base[r.length] = 0;
+	return (char *) r.base;
+}
+
+char *
+typetostr(const dns_rdatatype_t type) {
+	isc_buffer_t b;
+	isc_region_t r;
+	isc_result_t result;
+	static char data[20];
+
+	isc_buffer_init(&b, data, sizeof(data));
 	result = dns_rdatatype_totext(type, &b);
 	check_result(result, "dns_rdatatype_totext()");
 	isc_buffer_usedregion(&b, &r);
 	r.base[r.length] = 0;
+	return (char *) r.base;
 }
 
-void
-alg_format(const dns_secalg_t alg, char *cp, unsigned int size) {
+char *
+algtostr(const dns_secalg_t alg) {
 	isc_buffer_t b;
 	isc_region_t r;
 	isc_result_t result;
+	static char data[10];
 
-	isc_buffer_init(&b, cp, size - 1);
+	isc_buffer_init(&b, data, sizeof(data));
 	result = dns_secalg_totext(alg, &b);
 	check_result(result, "dns_secalg_totext()");
 	isc_buffer_usedregion(&b, &r);
 	r.base[r.length] = 0;
-}
-
-void
-sig_format(dns_rdata_sig_t *sig, char *cp, unsigned int size) {
-	char namestr[DNS_NAME_FORMATSIZE];
-	char algstr[DNS_NAME_FORMATSIZE];
-
-	dns_name_format(&sig->signer, namestr, sizeof namestr);
-	alg_format(sig->algorithm, algstr, sizeof algstr);
-	snprintf(cp, size, "%s/%s/%d", namestr, algstr, sig->keyid);
-}
-
-void
-key_format(const dst_key_t *key, char *cp, unsigned int size) {
-	char namestr[DNS_NAME_FORMATSIZE];
-	char algstr[DNS_NAME_FORMATSIZE];
-
-	dns_name_format(dst_key_name(key), namestr, sizeof namestr);
-	alg_format(dst_key_alg(key), algstr, sizeof algstr);
-	snprintf(cp, size, "%s/%s/%d", namestr, algstr, dst_key_id(key));
+	return ((char *)r.base);
 }
 
 void
@@ -147,7 +143,7 @@ setup_logging(int verbose, isc_mem_t *mctx, isc_log_t **logp) {
 		level = ISC_LOG_DEBUG(verbose - 2 + 1);
 		break;
 	}
-
+	
 	RUNTIME_CHECK(isc_log_create(mctx, &log, &logconfig) == ISC_R_SUCCESS);
 	isc_log_setcontext(log);
 	dns_log_init(log);
@@ -171,28 +167,13 @@ setup_logging(int verbose, isc_mem_t *mctx, isc_log_t **logp) {
 				       &destination,
 				       ISC_LOG_PRINTTAG|ISC_LOG_PRINTLEVEL);
 	check_result(result, "isc_log_createchannel()");
-
+	
 	RUNTIME_CHECK(isc_log_usechannel(logconfig, "stderr",
 					 NULL, NULL) == ISC_R_SUCCESS);
 
 	*logp = log;
 }
 
-void
-cleanup_logging(isc_log_t **logp) {
-	isc_log_t *log;
-
-	REQUIRE(logp != NULL);
-
-	log = *logp;
-	if (log == NULL)
-		return;
-	isc_log_destroy(&log);
-	isc_log_setcontext(NULL);
-	dns_log_setcontext(NULL);
-	logp = NULL;
-}
-
 static isc_result_t
 kbdstart(isc_entropysource_t *source, void *arg, isc_boolean_t blocking) {
 	isc_keyboard_t *kbd = (isc_keyboard_t *)arg;
@@ -206,7 +187,7 @@ kbdstart(isc_entropysource_t *source, void *arg, isc_boolean_t blocking) {
 		if (!wantkeyboard) {
 			fprintf(stderr, "You must use the keyboard to create "
 				"entropy, since your system is lacking\n");
-			fprintf(stderr, "/dev/random (or equivalent)\n\n");
+			fprintf(stderr, "/dev/random\n\n");
 		}
 		first = ISC_FALSE;
 	}
@@ -274,15 +255,13 @@ setup_entropy(isc_mem_t *mctx, const char *randomfile, isc_entropy_t **ectx) {
 			      isc_result_totext(result));
 	}
 	else {
-#ifdef PATH_RANDOMDEV
 		if (randomfile == NULL) {
 			result = isc_entropy_createfilesource(*ectx,
-							      PATH_RANDOMDEV);
+							      "/dev/random");
 			if (result == ISC_R_SUCCESS)
 				return;
 		}
 		else
-#endif
 			wantkeyboard = ISC_TRUE;
 		result = isc_entropy_createcallbacksource(*ectx, kbdstart,
 							  kbdget, kbdstop,
@@ -299,28 +278,3 @@ cleanup_entropy(isc_entropy_t **ectx) {
 		isc_entropy_destroysource(&source);
 	isc_entropy_detach(ectx);
 }
-
-isc_stdtime_t
-strtotime(char *str, isc_int64_t now, isc_int64_t base) {
-	isc_int64_t val, offset;
-	isc_result_t result;
-	char *endp;
-
-	if (str[0] == '+') {
-		offset = strtol(str + 1, &endp, 0);
-		if (*endp != '\0')
-			fatal("time value %s is invalid", str);
-		val = base + offset;
-	} else if (strncmp(str, "now+", 4) == 0) {
-		offset = strtol(str + 4, &endp, 0);
-		if (*endp != '\0')
-			fatal("time value %s is invalid", str);
-		val = now + offset;
-	} else {
-		result = dns_time64_fromtext(str, &val);
-		if (result != ISC_R_SUCCESS)
-			fatal("time %s must be numeric", str);
-	}
-
-	return ((isc_stdtime_t) val);
-}

bin/dnssec/dnssectool.h

@@ -1,29 +1,26 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: dnssectool.h,v 1.12 2000/09/26 22:11:25 bwelling Exp $ */
+/* $Id: dnssectool.h,v 1.6 2000/06/22 21:49:07 tale Exp $ */
 
 #ifndef DNSSECTOOL_H
 #define DNSSECTOOL_H 1
 
 #include <isc/log.h>
-#include <isc/stdtime.h>
-#include <dns/rdatastruct.h>
-#include <dst/dst.h>
 
 void
 fatal(const char *format, ...) ISC_FORMAT_PRINTF(1, 2);
@@ -34,35 +31,22 @@ check_result(isc_result_t result, const char *message);
 void
 vbprintf(int level, const char *fmt, ...);
 
-void
-type_format(const dns_rdatatype_t type, char *cp, unsigned int size);
-#define TYPE_FORMATSIZE 10
+char *
+nametostr(dns_name_t *name);
 
-void
-alg_format(const dns_secalg_t alg, char *cp, unsigned int size);
-#define ALG_FORMATSIZE 10
+char *
+typetostr(const dns_rdatatype_t type);
 
-void
-sig_format(dns_rdata_sig_t *sig, char *cp, unsigned int size);
-#define SIG_FORMATSIZE (DNS_NAME_FORMATSIZE + ALG_FORMATSIZE + sizeof("65535"))
-
-void
-key_format(const dst_key_t *key, char *cp, unsigned int size);
-#define KEY_FORMATSIZE (DNS_NAME_FORMATSIZE + ALG_FORMATSIZE + sizeof("65535"))
+char *
+algtostr(const dns_secalg_t alg);
 
 void
 setup_logging(int verbose, isc_mem_t *mctx, isc_log_t **logp);
 
-void
-cleanup_logging(isc_log_t **logp);
-
 void
 setup_entropy(isc_mem_t *mctx, const char *randomfile, isc_entropy_t **ectx);
 
 void
 cleanup_entropy(isc_entropy_t **ectx);
 
-isc_stdtime_t
-strtotime(char *str, isc_int64_t now, isc_int64_t base);
-
 #endif /* DNSSEC_DNSSECTOOL_H */

bin/lwresd/Makefile.in

@@ -1,19 +1,19 @@
 # Copyright (C) 2000  Internet Software Consortium.
-#
+# 
 # Permission to use, copy, modify, and distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
 # copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-# INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+# ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+# CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+# DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+# SOFTWARE.
 
-# $Id: Makefile.in,v 1.13 2000/08/17 02:11:39 bwelling Exp $
+# $Id: Makefile.in,v 1.10 2000/06/22 21:49:08 tale Exp $
 
 srcdir =	@srcdir@
 VPATH =		@srcdir@
@@ -23,12 +23,12 @@ top_srcdir =	@top_srcdir@
 
 @BIND9_INCLUDES@
 
-CINCLUDES =	${LWRES_INCLUDES} ${DNS_INCLUDES} ${ISC_INCLUDES}
+CINCLUDES =	${LWRES_INCLUDES} ${DNS_INCLUDES} ${ISC_INCLUDES} 
 
-CDEFINES =
+CDEFINES =	
 CWARNINGS =
 
-DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_OPENSSL_LIBS@ @DNS_GSSAPI_LIBS@
+DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_OPENSSL_LIBS@
 ISCLIBS =	../../lib/isc/libisc.@A@
 LWRESLIBS =	../../lib/lwres/liblwres.@A@
 

bin/lwresd/client.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: client.c,v 1.30 2000/08/01 01:11:30 tale Exp $ */
+/* $Id: client.c,v 1.28 2000/06/22 21:49:09 tale Exp $ */
 
 #include <config.h>
 
@@ -286,7 +286,7 @@ client_send(isc_task_t *task, isc_event_t *ev) {
 
 	UNUSED(task);
 	UNUSED(dev);
-
+	
 	INSIST(CLIENT_ISSEND(client));
 	INSIST(client->sendbuf == dev->region.base);
 

bin/lwresd/client.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: client.h,v 1.18 2000/08/01 01:11:31 tale Exp $ */
+/* $Id: client.h,v 1.16 2000/06/22 21:49:10 tale Exp $ */
 
 #ifndef LWD_CLIENT_H
 #define LWD_CLIENT_H 1

bin/lwresd/err_pkt.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: err_pkt.c,v 1.7 2000/08/01 01:11:32 tale Exp $ */
+/* $Id: err_pkt.c,v 1.5 2000/06/22 21:49:11 tale Exp $ */
 
 #include <config.h>
 

bin/lwresd/main.c

@@ -1,26 +1,26 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: main.c,v 1.45 2000/08/01 01:11:33 tale Exp $ */
+/* $Id: main.c,v 1.43 2000/06/22 21:49:12 tale Exp $ */
 
 /*
  * Main program for the Lightweight Resolver Daemon.
  *
- * To paraphrase the old saying about X11, "It's not a lightweight deamon
+ * To paraphrase the old saying about X11, "It's not a lightweight deamon 
  * for resolvers, it's a deamon for lightweight resolvers".
  */
 
@@ -82,7 +82,7 @@ static isc_logcategory_t logcategories[] = {
 };
 
 #define LWRES_LOGCATEGORY_NETWORK	(&logcategories[0])
-
+	
 
 static isc_result_t
 create_view(isc_mem_t *mctx) {
@@ -91,8 +91,8 @@ create_view(isc_mem_t *mctx) {
 	dns_db_t *rootdb;
 	unsigned int attrs;
 	dns_dispatch_t *disp4 = NULL;
-	dns_dispatch_t *disp6 = NULL;
-
+	dns_dispatch_t *disp6 = NULL;		
+	
 	view = NULL;
 	cache = NULL;
 
@@ -121,7 +121,7 @@ create_view(isc_mem_t *mctx) {
 
 	if (isc_net_probeipv4() == ISC_R_SUCCESS) {
 		isc_sockaddr_t any4;
-
+		
 		isc_sockaddr_any(&any4);
 		attrs = DNS_DISPATCHATTR_IPV4 | DNS_DISPATCHATTR_UDP;
 		result = dns_dispatch_getudp(dispatchmgr, sockmgr,
@@ -133,9 +133,9 @@ create_view(isc_mem_t *mctx) {
 
 	if (isc_net_probeipv6() == ISC_R_SUCCESS) {
 		isc_sockaddr_t any6;
-
+		
 		isc_sockaddr_any6(&any6);
-
+		
 		attrs = DNS_DISPATCHATTR_IPV6 | DNS_DISPATCHATTR_UDP;
 		result = dns_dispatch_getudp(dispatchmgr, sockmgr,
 					     taskmgr, &any6, 512, 6, 1024,
@@ -143,7 +143,7 @@ create_view(isc_mem_t *mctx) {
 		if (result != ISC_R_SUCCESS)
 			goto out;
 	}
-
+	
 	result = dns_view_createresolver(view, taskmgr, 16, sockmgr,
 					 timermgr, 0, dispatchmgr,
 					 disp4, disp6);
@@ -152,7 +152,7 @@ create_view(isc_mem_t *mctx) {
 		dns_dispatch_detach(&disp4);
 	if (disp6 != NULL)
 		dns_dispatch_detach(&disp6);
-
+	
 	if (result != ISC_R_SUCCESS)
 		goto out;
 
@@ -177,7 +177,7 @@ create_view(isc_mem_t *mctx) {
 			isc_mem_put(mctx, sa, sizeof (*sa));
 			sa = ISC_LIST_HEAD(forwarders);
 		}
-
+			
 	}
 
 	dns_view_freeze(view);
@@ -379,7 +379,7 @@ main(int argc, char **argv) {
 			      isc_result_totext(result));
 		exit(1);
 	}
-
+			      
 	INSIST(result == ISC_R_SUCCESS);
 
 	cmgr = isc_mem_get(mem, sizeof(clientmgr_t) * NTASKS);
@@ -495,7 +495,7 @@ main(int argc, char **argv) {
 	cmgr = NULL;
 
 	dns_dispatchmgr_destroy(&dispatchmgr);
-
+	
 	isc_log_destroy(&lctx);
 
 	/*

bin/lwresd/process_gabn.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: process_gabn.c,v 1.31 2000/08/01 01:11:34 tale Exp $ */
+/* $Id: process_gabn.c,v 1.29 2000/06/22 21:49:13 tale Exp $ */
 
 #include <config.h>
 
@@ -293,7 +293,7 @@ process_gabn_finddone(isc_task_t *task, isc_event_t *ev) {
 				client->find = NULL;
 			else
 				dns_adb_destroyfind(&client->find);
-
+				
 		}
 		generate_reply(client);
 		return;

bin/lwresd/process_gnba.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: process_gnba.c,v 1.26 2000/08/01 01:11:35 tale Exp $ */
+/* $Id: process_gnba.c,v 1.24 2000/06/22 21:49:15 tale Exp $ */
 
 #include <config.h>
 
@@ -91,7 +91,7 @@ byaddr_done(isc_task_t *task, isc_event_t *event) {
 		 * fails.
 		 */
 		client->options |= DNS_BYADDROPT_IPV6NIBBLE;
-
+		
 		start_byaddr(client);
 		return;
 	}

bin/lwresd/process_noop.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: process_noop.c,v 1.9 2000/08/01 01:11:36 tale Exp $ */
+/* $Id: process_noop.c,v 1.7 2000/06/22 21:49:16 tale Exp $ */
 
 #include <config.h>
 

bin/named/Makefile.in

@@ -1,19 +1,19 @@
 # Copyright (C) 1998-2000  Internet Software Consortium.
-#
+# 
 # Permission to use, copy, modify, and distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
 # copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-# INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+# ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+# CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+# DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+# SOFTWARE.
 
-# $Id: Makefile.in,v 1.55 2000/09/20 19:05:54 gson Exp $
+# $Id: Makefile.in,v 1.49.2.2 2000/07/11 17:23:01 gson Exp $
 
 srcdir =	@srcdir@
 VPATH =		@srcdir@
@@ -27,11 +27,11 @@ CINCLUDES =	-I${srcdir}/include -I${srcdir}/unix/include \
 		${LWRES_INCLUDES} ${DNS_INCLUDES} ${ISC_INCLUDES} \
 		${OMAPI_INCLUDES}
 
-CDEFINES =
+CDEFINES =	
 CWARNINGS =
 
 OMAPILIBS =	../../lib/omapi/libomapi.@A@
-DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_OPENSSL_LIBS@ @DNS_GSSAPI_LIBS@
+DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_OPENSSL_LIBS@
 ISCLIBS =	../../lib/isc/libisc.@A@
 LWRESLIBS =	../../lib/lwres/liblwres.@A@
 
@@ -80,7 +80,9 @@ clean distclean::
 	rm -f ${TARGETS}
 
 installdirs:
-	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${sbindir}
+	if [ ! -d ${DESTDIR}${sbindir} ]; then \
+		mkdir ${DESTDIR}${sbindir}; \
+	fi
 
 install:: named lwresd installdirs
 	${LIBTOOL} ${INSTALL_PROGRAM} named ${DESTDIR}${sbindir}

bin/named/aclconf.c

@@ -1,201 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/* $Id: aclconf.c,v 1.23 2000/08/11 02:34:45 bwelling Exp $ */
-
-#include <config.h>
-
-#include <isc/mem.h>
-#include <isc/string.h>		/* Required for HP/UX (and others?) */
-#include <isc/util.h>
-
-#include <dns/acl.h>
-#include <dns/aclconf.h>
-#include <dns/fixedname.h>
-#include <dns/log.h>
-
-void
-dns_aclconfctx_init(dns_aclconfctx_t *ctx) {
-	ISC_LIST_INIT(ctx->named_acl_cache);
-}
-
-void
-dns_aclconfctx_destroy(dns_aclconfctx_t *ctx) {
-     	dns_acl_t *dacl, *next;
-	for (dacl = ISC_LIST_HEAD(ctx->named_acl_cache);
-	     dacl != NULL;
-	     dacl = next)
-	{
-		next = ISC_LIST_NEXT(dacl, nextincache);
-		dns_acl_detach(&dacl);
-	}
-}
-
-static isc_result_t
-convert_named_acl(char *aclname, dns_c_ctx_t *cctx,
-		  dns_aclconfctx_t *ctx, isc_mem_t *mctx,
-		  dns_acl_t **target)
-{
-	isc_result_t result;
-	dns_c_acl_t *cacl;
-	dns_acl_t *dacl;
-
-	/* Look for an already-converted version. */
-	for (dacl = ISC_LIST_HEAD(ctx->named_acl_cache);
-	     dacl != NULL;
-	     dacl = ISC_LIST_NEXT(dacl, nextincache))
-	{
-		if (strcmp(aclname, dacl->name) == 0) {
-			dns_acl_attach(dacl, target);
-			return (ISC_R_SUCCESS);
-		}
-	}
-	/* Not yet converted.  Convert now. */
-	result = dns_c_acltable_getacl(cctx->acls, aclname, &cacl);
-	if (result != ISC_R_SUCCESS) {
-		isc_log_write(dns_lctx, DNS_LOGCATEGORY_SECURITY,
-			      DNS_LOGMODULE_ACL, ISC_LOG_WARNING,
-			      "undefined ACL '%s'", aclname);
-		return (result);
-	}
-	result = dns_acl_fromconfig(cacl->ipml, cctx, ctx, mctx, &dacl);
-	if (result != ISC_R_SUCCESS)
-		return (result);
-	dacl->name = isc_mem_strdup(dacl->mctx, aclname);
-	if (dacl->name == NULL)
-		return (ISC_R_NOMEMORY);
-	ISC_LIST_APPEND(ctx->named_acl_cache, dacl, nextincache);
-	dns_acl_attach(dacl, target);
-	return (ISC_R_SUCCESS);
-}
-
-static isc_result_t
-convert_keyname(char *txtname, isc_mem_t *mctx, dns_name_t *dnsname) {
-	isc_result_t result;
-	isc_buffer_t buf;
-	dns_fixedname_t fixname;
-	unsigned int keylen;
-
-	keylen = strlen(txtname);
-	isc_buffer_init(&buf, txtname, keylen);
-	isc_buffer_add(&buf, keylen);
-	dns_fixedname_init(&fixname);
-	result = dns_name_fromtext(dns_fixedname_name(&fixname), &buf,
-				   dns_rootname, ISC_FALSE, NULL);
-	if (result != ISC_R_SUCCESS) {
-		isc_log_write(dns_lctx, DNS_LOGCATEGORY_SECURITY,
-			      DNS_LOGMODULE_ACL, ISC_LOG_WARNING,
-			      "key name \"%s\" is not a valid domain name",
-			      txtname);
-		return (result);
-	}
-	return (dns_name_dup(dns_fixedname_name(&fixname), mctx, dnsname));
-}
-
-isc_result_t
-dns_acl_fromconfig(dns_c_ipmatchlist_t *caml,
-		   dns_c_ctx_t *cctx,
-		   dns_aclconfctx_t *ctx,
-		   isc_mem_t *mctx,
-		   dns_acl_t **target)
-{
-	isc_result_t result;
-	unsigned int count;
-	dns_acl_t *dacl = NULL;
-	dns_aclelement_t *de;
-	dns_c_ipmatchelement_t *ce;
-
-	REQUIRE(target != NULL && *target == NULL);
-
-	count = 0;
-	for (ce = ISC_LIST_HEAD(caml->elements);
-	     ce != NULL;
-	     ce = ISC_LIST_NEXT(ce, next))
-		count++;
-
-	result = dns_acl_create(mctx, count, &dacl);
-	if (result != ISC_R_SUCCESS)
-		return (result);
-
-	de = dacl->elements;
-	for (ce = ISC_LIST_HEAD(caml->elements);
-	     ce != NULL;
-	     ce = ISC_LIST_NEXT(ce, next))
-	{
-		de->negative = dns_c_ipmatchelement_isneg(ce);
-		switch (ce->type) {
-		case dns_c_ipmatch_pattern:
-			de->type = dns_aclelementtype_ipprefix;
-			isc_netaddr_fromsockaddr(&de->u.ip_prefix.address,
-						 &ce->u.direct.address);
-			/* XXX "mask" is a misnomer */
-			de->u.ip_prefix.prefixlen = ce->u.direct.mask;
-			break;
-		case dns_c_ipmatch_key:
-			de->type = dns_aclelementtype_keyname;
-			dns_name_init(&de->u.keyname, NULL);
-			result = convert_keyname(ce->u.key, mctx,
-						 &de->u.keyname);
-			if (result != ISC_R_SUCCESS)
-				goto cleanup;
-			break;
-		case dns_c_ipmatch_indirect:
-			de->type = dns_aclelementtype_nestedacl;
-			result = dns_acl_fromconfig(ce->u.indirect.list,
-						    cctx, ctx, mctx,
-						    &de->u.nestedacl);
-			if (result != ISC_R_SUCCESS)
-				goto cleanup;
-			break;
-		case dns_c_ipmatch_localhost:
-			de->type = dns_aclelementtype_localhost;
-			break;
-
-		case dns_c_ipmatch_any:
-			de->type = dns_aclelementtype_any;
-			break;
-
-		case dns_c_ipmatch_localnets:
-			de->type = dns_aclelementtype_localnets;
-			break;
-		case dns_c_ipmatch_acl:
-			de->type = dns_aclelementtype_nestedacl;
-			result = convert_named_acl(ce->u.aclname,
-						   cctx, ctx, mctx,
-						   &de->u.nestedacl);
-			if (result != ISC_R_SUCCESS)
-				goto cleanup;
-			break;
-		default:
-			isc_log_write(dns_lctx, DNS_LOGCATEGORY_SECURITY,
-				      DNS_LOGMODULE_ACL, ISC_LOG_WARNING,
-				      "address match list contains "
-				      "unsupported element type");
-			result = ISC_R_FAILURE;
-			goto cleanup;
-		}
-		de++;
-		dacl->length++;
-	}
-
-	*target = dacl;
-	return (ISC_R_SUCCESS);
-
- cleanup:
-	dns_acl_detach(&dacl);
-	return (result);
-}

bin/named/include/named/aclconf.h

@@ -1,71 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/* $Id: aclconf.h,v 1.9 2000/08/01 01:23:38 tale Exp $ */
-
-#ifndef DNS_ACLCONF_H
-#define DNS_ACLCONF_H 1
-
-#include <isc/lang.h>
-
-#include <dns/confctx.h>
-#include <dns/types.h>
-
-typedef struct dns_aclconfctx {
-	ISC_LIST(dns_acl_t) named_acl_cache;
-} dns_aclconfctx_t;
-
-/***
- *** Functions
- ***/
-
-ISC_LANG_BEGINDECLS
-
-void
-dns_aclconfctx_init(dns_aclconfctx_t *ctx);
-/*
- * Initialize an ACL configuration context.
- */
-
-void
-dns_aclconfctx_destroy(dns_aclconfctx_t *ctx);
-/*
- * Destroy an ACL configuration context.
- */
-
-isc_result_t
-dns_acl_fromconfig(dns_c_ipmatchlist_t *caml,
-		   dns_c_ctx_t *cctx,
-		   dns_aclconfctx_t *ctx,
-		   isc_mem_t *mctx,
-		   dns_acl_t **target);
-/*
- * Construct a new dns_acl_t from configuration data in 'caml' and
- * 'cctx'.  Memory is allocated through 'mctx'.
- *
- * Any named ACLs referred to within 'caml' will be be converted
- * inte nested dns_acl_t objects.  Multiple references to the same
- * named ACLs will be converted into shared references to a single
- * nested dns_acl_t object when the referring objects were created
- * passing the same ACL configuration context 'ctx'.
- *
- * On success, attach '*target' to the new dns_acl_t object.
- */
-
-ISC_LANG_ENDDECLS
-
-#endif /* DNS_ACLCONF_H */

bin/named/include/named/client.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: client.h,v 1.45 2000/10/12 21:51:48 mws Exp $ */
+/* $Id: client.h,v 1.37.2.1 2000/07/26 23:51:33 bwelling Exp $ */
 
 #ifndef NAMED_CLIENT_H
 #define NAMED_CLIENT_H 1
@@ -35,21 +35,21 @@
  * Each ns_client_t object can handle only one TCP connection or UDP
  * request at a time.  Therefore, several ns_client_t objects are
  * typically created to serve each network interface, e.g., one
- * for handling TCP requests and a few (one per CPU) for handling
+ * for handling TCP requests and a few (one per CPU) for handling 
  * UDP requests.
  *
  * Incoming requests are classified as queries, zone transfer
- * requests, update requests, notify requests, etc, and handed off
+ * requests, update requests, notify requests, etc, and handed off 
  * to the appropriate request handler.  When the request has been
- * fully handled (which can be much later), the ns_client_t must be
- * notified of this by calling one of the following functions
+ * fully handled (which can be much later), the ns_client_t must be 
+ * notified of this by calling one of the following functions 
  * exactly once in the context of its task:
  *
  *   ns_client_send()	(sending a non-error response)
  *   ns_client_error()	(sending an error response)
  *   ns_client_next()	(sending no response)
  *
- * This will release any resources used by the request and
+ * This will release any resources used by the request and 
  * and allow the ns_client_t to listen for the next request.
  *
  * A ns_clientmgr_t manages a number of ns_client_t objects.
@@ -69,8 +69,6 @@
 #include <dns/name.h>
 #include <dns/types.h>
 #include <dns/tcpmsg.h>
-#include <dns/fixedname.h>
-#include <dns/opt.h>
 
 #include <named/types.h>
 #include <named/query.h>
@@ -109,10 +107,6 @@ struct ns_client {
 	unsigned char *		sendbuf;
 	dns_rdataset_t *	opt;
 	isc_uint16_t		udpsize;
-#ifdef DNS_OPT_NEWCODES
-	dns_fixedname_t *       opt_zone;
-        isc_buffer_t *          opt_view;
-#endif /* DNS_OPT_NEWCODES */
 	void			(*next)(ns_client_t *);
 	void			(*shutdown)(void *arg, isc_result_t result);
 	void 			*shutdown_arg;
@@ -136,14 +130,6 @@ struct ns_client {
 	client_list_t		*list;
 };
 
-#ifdef DNS_OPT_NEWCODES
-/*
- * Number of attr fields (opt_zone, opt_view) in above structure.  Used in
- * client_addoptattrs()
- */
-#define CLIENT_NUMATTRS 2
-#endif /* DNS_OPT_NEWCODES */
-
 #define NS_CLIENT_MAGIC			0x4E534363U	/* NSCc */
 #define NS_CLIENT_VALID(c)		ISC_MAGIC_VALID(c, NS_CLIENT_MAGIC)
 
@@ -168,13 +154,6 @@ ns_client_send(ns_client_t *client);
  * send client->message as a response.
  */
 
-void
-ns_client_sendraw(ns_client_t *client, dns_message_t *msg);
-/*
- * Finish processing the current client request and
- * send msg as a response using client->message->id for the id.
- */
-
 void
 ns_client_error(ns_client_t *client, isc_result_t result);
 /*
@@ -186,7 +165,7 @@ ns_client_error(ns_client_t *client, isc_result_t result);
 void
 ns_client_next(ns_client_t *client, isc_result_t result);
 /*
- * Finish processing the current client request,
+ * Finish processing the current client request, 
  * return no response to the client.
  */
 
@@ -250,7 +229,7 @@ isc_result_t
 ns_client_checkacl(ns_client_t  *client,
 		   const char *opname, dns_acl_t *acl,
 		   isc_boolean_t default_allow,
-		   int log_level);
+		   isc_boolean_t logfailure);
 /*
  * Convenience function for client request ACL checking.
  *
@@ -260,7 +239,7 @@ ns_client_checkacl(ns_client_t  *client,
  * Log messages will refer to the request as an 'opname' request.
  *
  * Notes:
- *	This is appropriate for checking allow-update,
+ *	This is appropriate for checking allow-update, 
  * 	allow-query, allow-transfer, etc.  It is not appropriate
  * 	for checking the blackhole list because we treat positive
  * 	matches as "allow" and negative matches as "deny"; in

bin/named/include/named/globals.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: globals.h,v 1.46 2000/10/13 22:35:46 bwelling Exp $ */
+/* $Id: globals.h,v 1.42 2000/06/22 21:49:39 tale Exp $ */
 
 #ifndef NAMED_GLOBALS_H
 #define NAMED_GLOBALS_H 1
@@ -53,11 +53,10 @@ EXTERN isc_socketmgr_t *	ns_g_socketmgr		INIT(NULL);
 EXTERN omapi_object_t *		ns_g_omapimgr		INIT(NULL);
 EXTERN const char *		ns_g_version		INIT(VERSION);
 EXTERN in_port_t		ns_g_port		INIT(0);
-EXTERN in_port_t		lwresd_g_listenport	INIT(0);
+EXTERN in_port_t		lwresd_g_queryport	INIT(0);
 
 EXTERN ns_server_t *		ns_g_server		INIT(NULL);
-
-EXTERN isc_boolean_t		ns_g_lwresdonly		INIT(ISC_FALSE);
+EXTERN ns_lwresd_t *		ns_g_lwresd		INIT(NULL);
 
 /*
  * Logging.
@@ -72,11 +71,7 @@ EXTERN unsigned int		ns_g_debuglevel		INIT(0);
  */
 EXTERN const char *		ns_g_conffile		INIT(NS_SYSCONFDIR
 							     "/named.conf");
-EXTERN const char *		lwresd_g_conffile	INIT(NS_SYSCONFDIR
-							     "/lwresd.conf");
-EXTERN const char *		lwresd_g_resolvconffile	INIT("/etc"
-							     "/resolv.conf");
-EXTERN isc_boolean_t		lwresd_g_useresolvconf	INIT(ISC_FALSE);
+EXTERN const char *		lwresd_g_conffile      INIT("/etc/resolv.conf");
 
 /*
  * Misc.

bin/named/include/named/interfacemgr.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: interfacemgr.h,v 1.21 2000/09/26 18:26:20 gson Exp $ */
+/* $Id: interfacemgr.h,v 1.17 2000/06/22 21:49:40 tale Exp $ */
 
 #ifndef NAMED_INTERFACEMGR_H
 #define NAMED_INTERFACEMGR_H 1
@@ -27,8 +27,8 @@
 /*
  * Interface manager
  *
- * The interface manager monitors the operating system's list
- * of network interfaces, creating and destroying listeners
+ * The interface manager monitors the operating system's list 
+ * of network interfaces, creating and destroying listeners 
  * as needed.
  *
  * Reliability:
@@ -62,7 +62,7 @@
  *** Types
  ***/
 
-#define IFACE_MAGIC		0x493A2D29U	/* I:-). */
+#define IFACE_MAGIC		0x493A2D29U	/* I:-). */	
 #define NS_INTERFACE_VALID(t)	ISC_MAGIC_VALID(t, IFACE_MAGIC)
 
 struct ns_interface {
@@ -73,12 +73,13 @@ struct ns_interface {
 	unsigned int		generation;     /* Generation number. */
 	isc_sockaddr_t		addr;           /* Address and port. */
 	char 			name[32];	/* Null terminated. */
+	isc_socket_t *		udpsocket; 	/* UDP socket. */
 	dns_dispatch_t *	udpdispatch;	/* UDP dispatcher. */
 	isc_socket_t *		tcpsocket;	/* TCP socket. */
+	isc_task_t *		task;
 	int			ntcptarget;	/* Desired number of concurrent
 						   TCP accepts */
 	int			ntcpcurrent;	/* Current ditto, locked */
-	ns_clientmgr_t *	clientmgr;	/* Client manager. */
 	ISC_LINK(ns_interface_t) link;
 };
 
@@ -90,7 +91,7 @@ isc_result_t
 ns_interfacemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr,
 		       isc_socketmgr_t *socketmgr,
 		       dns_dispatchmgr_t *dispatchmgr,
-		       ns_interfacemgr_t **mgrp);
+		       ns_clientmgr_t *clientmgr, ns_interfacemgr_t **mgrp);
 /*
  * Create a new interface manager.
  *
@@ -102,7 +103,7 @@ ns_interfacemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr,
 void
 ns_interfacemgr_attach(ns_interfacemgr_t *source, ns_interfacemgr_t **target);
 
-void
+void 
 ns_interfacemgr_detach(ns_interfacemgr_t **targetp);
 
 void
@@ -134,20 +135,21 @@ ns_interfacemgr_setlistenon6(ns_interfacemgr_t *mgr, ns_listenlist_t *value);
  * The previous IPv6 listen-on list is freed.
  */
 
+isc_result_t
+ns_interfacemgr_findudpdispatcher(ns_interfacemgr_t *mgr,
+				  isc_sockaddr_t *address,
+				  dns_dispatch_t **dispatchp);
+/*
+ * Find a UDP dispatcher matching 'address', if it exists.
+ */
+
 dns_aclenv_t *
 ns_interfacemgr_getaclenv(ns_interfacemgr_t *mgr);
 
 void
 ns_interface_attach(ns_interface_t *source, ns_interface_t **target);
 
-void
+void 
 ns_interface_detach(ns_interface_t **targetp);
 
-void
-ns_interface_shutdown(ns_interface_t *ifp);
-/*
- * Stop listening for queries on interface 'ifp'.
- * May safely be called multiple times.
- */
-
 #endif /* NAMED_INTERFACEMGR_H */

bin/named/include/named/listenlist.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: listenlist.h,v 1.9 2000/08/01 01:12:06 tale Exp $ */
+/* $Id: listenlist.h,v 1.7 2000/06/23 01:34:38 gson Exp $ */
 
 #ifndef NAMED_LISTENLIST_H
 #define NAMED_LISTENLIST_H 1

bin/named/include/named/log.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: log.h,v 1.15 2000/08/01 01:12:07 tale Exp $ */
+/* $Id: log.h,v 1.13 2000/06/22 21:49:43 tale Exp $ */
 
 #ifndef NAMED_LOG_H
 #define NAMED_LOG_H 1
@@ -55,7 +55,7 @@ ns_log_init(isc_boolean_t safe);
  * Initialize the logging system and set up an initial default
  * logging default configuration that will be used until the
  * config file has been read.
- *
+ * 
  * If 'safe' is true, use a default configuration that refrains
  * from opening files.  This is to avoid creating log files
  * as root.

bin/named/include/named/logconf.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: logconf.h,v 1.8 2000/08/01 01:12:08 tale Exp $ */
+/* $Id: logconf.h,v 1.6 2000/06/22 21:49:44 tale Exp $ */
 
 #ifndef NAMED_LOGCONF_H
 #define NAMED_LOGCONF_H 1

bin/named/include/named/lwdclient.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: lwdclient.h,v 1.7 2000/10/12 20:45:19 bwelling Exp $ */
+/* $Id: lwdclient.h,v 1.2.2.1 2000/06/26 21:47:36 gson Exp $ */
 
 #ifndef NAMED_LWDCLIENT_H
 #define NAMED_LWDCLIENT_H 1
@@ -37,12 +37,10 @@
 
 struct ns_lwdclient {
 	isc_sockaddr_t		address;	/* where to reply */
-	struct in6_pktinfo	pktinfo;
-	isc_boolean_t		pktinfo_valid;
 	ns_lwdclientmgr_t	*clientmgr;	/* our parent */
 	ISC_LINK(ns_lwdclient_t) link;
 	unsigned int		state;
-	void			*arg;		/* packet processing state */
+	void		       *arg;		/* packet processing state */
 
 	/*
 	 * Received data info.
@@ -163,14 +161,12 @@ struct ns_lwdclient {
 			((c)->state = NS_LWDCLIENT_STATESENDDONE)
 
 struct ns_lwdclientmgr {
-	ns_lwresd_t	       *lwresd;
 	isc_mem_t	       *mctx;
+	isc_task_t	       *task;		/* owning task */
 	isc_socket_t	       *sock;		/* socket to use */
 	dns_view_t	       *view;
-	lwres_context_t	       *lwctx;		/* lightweight proto context */
-	isc_task_t	       *task;		/* owning task */
 	unsigned int		flags;
-	ISC_LINK(ns_lwdclientmgr_t)	link;
+	lwres_context_t	       *lwctx;		/* lightweight proto context */
 	ISC_LIST(ns_lwdclient_t)	idle;		/* idle client slots */
 	ISC_LIST(ns_lwdclient_t)	running;	/* running clients */
 };
@@ -178,9 +174,6 @@ struct ns_lwdclientmgr {
 #define NS_LWDCLIENTMGR_FLAGRECVPENDING		0x00000001
 #define NS_LWDCLIENTMGR_FLAGSHUTTINGDOWN	0x00000002
 
-void
-ns_lwdclientmgr_create(ns_lwresd_t *, unsigned int, isc_taskmgr_t *);
-
 void
 ns_lwdclient_initialize(ns_lwdclient_t *, ns_lwdclientmgr_t *);
 
@@ -199,9 +192,6 @@ ns_lwdclient_shutdown(isc_task_t *, isc_event_t *);
 void
 ns_lwdclient_send(isc_task_t *, isc_event_t *);
 
-isc_result_t
-ns_lwdclient_sendreply(ns_lwdclient_t *client, isc_region_t *r);
-
 /*
  * Processing functions of various types.
  */

bin/named/include/named/lwresd.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: lwresd.h,v 1.7 2000/10/04 23:19:01 bwelling Exp $ */
+/* $Id: lwresd.h,v 1.2.2.1 2000/06/28 00:19:06 gson Exp $ */
 
 #ifndef NAMED_LWRESD_H
 #define NAMED_LWRESD_H 1
@@ -23,48 +23,23 @@
 #include <isc/types.h>
 #include <isc/sockaddr.h>
 
-#include <dns/confctx.h>
 #include <dns/types.h>
 
 struct ns_lwresd {
 	isc_uint32_t magic;
-
-	isc_mutex_t lock;
-	ISC_LIST(ns_lwdclientmgr_t) cmgrs;
+	ns_lwdclientmgr_t *cmgr;
 	isc_socket_t *sock;
+	unsigned int ntasks;
 	dns_view_t *view;
 	isc_mem_t *mctx;
-	isc_boolean_t shutting_down;
+	isc_task_t *task;
+	dns_dispatchmgr_t *dispmgr;
 };
 
-/*
- * Configure lwresd.
- */
-isc_result_t
-ns_lwresd_configure(isc_mem_t *mctx, dns_c_ctx_t *cctx);
-
-/*
- * Create a configuration context based on resolv.conf and default parameters.
- */
-isc_result_t
-ns_lwresd_parseresolvconf(isc_mem_t *mctx, dns_c_ctx_t **ctxp);
-
-/*
- * Trigger shutdown.
- */
 void
-ns_lwresd_shutdown(void);
-
-/*
- * INTERNAL FUNCTIONS.
- */
-void
-ns__lwresd_destroy(ns_lwresd_t *lwresdp);
-
-void *
-ns__lwresd_memalloc(void *arg, size_t size);
+ns_lwresd_create(isc_mem_t *mctx, dns_view_t *view, ns_lwresd_t **lwresdp);
 
 void
-ns__lwresd_memfree(void *arg, void *mem, size_t size);
+ns_lwresd_destroy(ns_lwresd_t **lwresdp);
 
 #endif /* NAMED_LWRESD_H */

bin/named/include/named/main.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: main.h,v 1.6 2000/08/01 01:12:11 tale Exp $ */
+/* $Id: main.h,v 1.4 2000/06/22 21:49:47 tale Exp $ */
 
 #ifndef NAMED_MAIN_H
 #define NAMED_MAIN_H 1

bin/named/include/named/notify.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: notify.h,v 1.8 2000/08/01 01:12:12 tale Exp $ */
+/* $Id: notify.h,v 1.6 2000/06/22 21:49:48 tale Exp $ */
 
 #ifndef NAMED_NOTIFY_H
 #define NAMED_NOTIFY_H 1

bin/named/include/named/omapi.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: omapi.h,v 1.12 2000/10/12 21:51:49 mws Exp $ */
+/* $Id: omapi.h,v 1.7.2.1 2000/07/11 17:23:07 gson Exp $ */
 
 #ifndef NAMED_OMAPI_H
 #define NAMED_OMAPI_H 1
@@ -32,13 +32,9 @@
  */
 #define NS_OMAPI_CONTROL		"control"
 
-
-#define NS_OMAPI_COMMAND_STOP		"stop"
-#define NS_OMAPI_COMMAND_HALT		"halt"
 #define NS_OMAPI_COMMAND_RELOAD		"reload"
 #define NS_OMAPI_COMMAND_RELOADCONFIG	"reload-config"
 #define NS_OMAPI_COMMAND_RELOADZONES	"reload-zones"
-#define NS_OMAPI_COMMAND_REFRESH	"refresh"
 
 isc_result_t
 ns_omapi_init(void);

bin/named/include/named/query.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: query.h,v 1.22 2000/09/06 20:35:22 gson Exp $ */
+/* $Id: query.h,v 1.17.2.1 2000/07/28 17:56:09 gson Exp $ */
 
 #ifndef NAMED_QUERY_H
 #define NAMED_QUERY_H 1
@@ -44,7 +44,6 @@ struct ns_query {
 	unsigned int			dboptions;
 	unsigned int			fetchoptions;
 	dns_db_t *			gluedb;
-	dns_db_t *			authdb;
 	dns_fetch_t *			fetch;
 	dns_a6context_t			a6ctx;
 	isc_bufferlist_t		namebufs;
@@ -52,15 +51,14 @@ struct ns_query {
 	ISC_LIST(ns_dbversion_t)	freeversions;
 };
 
-#define NS_QUERYATTR_RECURSIONOK	0x0001
-#define NS_QUERYATTR_CACHEOK		0x0002
-#define NS_QUERYATTR_PARTIALANSWER	0x0004
-#define NS_QUERYATTR_NAMEBUFUSED	0x0008
-#define NS_QUERYATTR_RECURSING		0x0010
-#define NS_QUERYATTR_CACHEGLUEOK	0x0020
-#define NS_QUERYATTR_QUERYOKVALID	0x0040
-#define NS_QUERYATTR_QUERYOK		0x0080
-#define NS_QUERYATTR_WANTRECURSION	0x0100
+#define NS_QUERYATTR_RECURSIONOK	0x01
+#define NS_QUERYATTR_CACHEOK		0x02
+#define NS_QUERYATTR_PARTIALANSWER	0x04
+#define NS_QUERYATTR_NAMEBUFUSED	0x08
+#define NS_QUERYATTR_RECURSING		0x10
+#define NS_QUERYATTR_CACHEGLUEOK	0x20
+#define NS_QUERYATTR_QUERYOKVALID	0x40
+#define NS_QUERYATTR_QUERYOK		0x80
 
 isc_result_t
 ns_query_init(ns_client_t *client);

bin/named/include/named/server.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: server.h,v 1.40 2000/10/12 21:51:50 mws Exp $ */
+/* $Id: server.h,v 1.32.2.1 2000/07/26 23:51:35 bwelling Exp $ */
 
 #ifndef NAMED_SERVER_H
 #define NAMED_SERVER_H 1
@@ -43,7 +43,7 @@ struct ns_server {
 
 	/* Common rwlock for the server's configurable data. */
 	isc_rwlock_t		conflock;
-
+	
 	/* Configurable data. */
 	isc_quota_t		xfroutquota;
 	isc_quota_t		tcpquota;
@@ -53,18 +53,16 @@ struct ns_server {
 	dns_aclenv_t		aclenv;
 
 	/* Server data structures. */
-	dns_loadmgr_t *		loadmgr;
 	dns_zonemgr_t *		zonemgr;
+	ns_clientmgr_t *	clientmgr;
 	dns_viewlist_t		viewlist;
 	ns_interfacemgr_t *	interfacemgr;
 	dns_db_t *		in_roothints;
 	dns_tkeyctx_t *		tkeyctx;
 	isc_timer_t *		interface_timer;
-
+	
 	isc_mutex_t		reload_event_lock;
 	isc_event_t *		reload_event;
-
-	isc_boolean_t		flushonshutdown;
 };
 
 #define NS_SERVER_MAGIC			0x53564552	/* SVER */
@@ -94,16 +92,5 @@ ns_server_reloadwanted(ns_server_t *server);
  * is ignored.
  */
 
-void
-ns_server_flushonshutdown(ns_server_t *server, isc_boolean_t flush);
-/*
- * Inform the server that the zones should be flushed to disk on shutdown.
- */
-
-isc_result_t
-ns_server_reloadzone(ns_server_t *server, char *args);
-
-isc_result_t
-ns_server_refreshzone(ns_server_t *server, char *args);
 
 #endif /* NAMED_SERVER_H */

bin/named/include/named/tkeyconf.h

@@ -1,51 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/* $Id: tkeyconf.h,v 1.6 2000/08/01 01:24:49 tale Exp $ */
-
-#ifndef DNS_TKEYCONF_H
-#define DNS_TKEYCONF_H 1
-
-#include <isc/types.h>
-#include <isc/lang.h>
-
-#include <dns/confctx.h>
-
-ISC_LANG_BEGINDECLS
-
-isc_result_t
-dns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx, isc_entropy_t *ectx,
-		       dns_tkeyctx_t **tctxp);
-/*
- * 	Create a TKEY context and configure it, including the default DH key
- *	and default domain, according to 'cfg'.
- *
- *	Requires:
- *		'cfg' is a valid configuration context.
- *		'mctx' is not NULL
- *		'ectx' is not NULL
- *		'tctx' is not NULL
- *		'*tctx' is NULL
- *
- *	Returns:
- *		ISC_R_SUCCESS
- *		ISC_R_NOMEMORY
- */
-
-ISC_LANG_ENDDECLS
-
-#endif /* DNS_TKEYCONF_H */

bin/named/include/named/tsigconf.h

@@ -1,49 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/* $Id: tsigconf.h,v 1.6 2000/08/01 01:24:51 tale Exp $ */
-
-#ifndef DNS_TSIGCONF_H
-#define DNS_TSIGCONF_H 1
-
-#include <isc/types.h>
-#include <isc/lang.h>
-
-#include <dns/confctx.h>
-
-ISC_LANG_BEGINDECLS
-
-isc_result_t
-dns_tsigkeyring_fromconfig(dns_c_view_t *confview, dns_c_ctx_t *confctx,
-			   isc_mem_t *mctx, dns_tsig_keyring_t **ringp);
-/*
- * Create a TSIG key ring and configure it according to the 'key'
- * statements in 'confview' and 'confctx'.
- *
- *	Requires:
- *		'confctx' is a valid configuration context.
- *		'mctx' is not NULL
- *		'ring' is not NULL, and '*ring' is NULL
- *
- *	Returns:
- *		ISC_R_SUCCESS
- *		ISC_R_NOMEMORY
- */
-
-ISC_LANG_ENDDECLS
-
-#endif /* DNS_TSIGCONF_H */

bin/named/include/named/types.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: types.h,v 1.15 2000/08/01 01:12:17 tale Exp $ */
+/* $Id: types.h,v 1.13 2000/06/22 21:49:52 tale Exp $ */
 
 #ifndef NAMED_TYPES_H
 #define NAMED_TYPES_H 1

bin/named/include/named/update.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: update.h,v 1.7 2000/09/13 01:30:34 marka Exp $ */
+/* $Id: update.h,v 1.4 2000/06/22 21:49:54 tale Exp $ */
 
 #ifndef NAMED_UPDATE_H
 #define NAMED_UPDATE_H 1
@@ -44,6 +44,6 @@
  ***/
 
 void
-ns_update_start(ns_client_t *client, isc_result_t sigresult);
+ns_update_start(ns_client_t *client);
 
 #endif /* NAMED_UPDATE_H */

bin/named/include/named/xfrout.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: xfrout.h,v 1.6 2000/08/01 01:12:19 tale Exp $ */
+/* $Id: xfrout.h,v 1.4 2000/06/22 21:49:55 tale Exp $ */
 
 #ifndef NAMED_XFROUT_H
 #define NAMED_XFROUT_H 1

bin/named/include/named/zoneconf.h

@@ -1,65 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/* $Id: zoneconf.h,v 1.13 2000/08/01 01:24:59 tale Exp $ */
-
-#ifndef DNS_ZONECONF_H
-#define DNS_ZONECONF_H 1
-
-#include <isc/lang.h>
-#include <isc/types.h>
-
-#include <dns/aclconf.h>
-
-ISC_LANG_BEGINDECLS
-
-isc_result_t
-dns_zone_configure(dns_c_ctx_t *cctx, dns_c_view_t *cview, dns_c_zone_t *czone,
-		   dns_aclconfctx_t *ac, dns_zone_t *zone);
-/*
- * Configure or reconfigure a zone according to the named.conf
- * data in 'cctx' and 'czone'.
- *
- * The zone origin is not configured, it is assumed to have been set
- * at zone creation time.
- *
- * Require:
- *	'lctx' to be initalised or NULL.
- *	'cctx' to be initalised or NULL.
- *	'ac' to point to an initialized ns_aclconfctx_t.
- *	'czone' to be initalised.
- *	'zone' to be initalised.
- */
-
-isc_boolean_t
-dns_zone_reusable(dns_zone_t *zone, dns_c_zone_t *czone);
-/*
- * If 'zone' can be safely reconfigured according to the configuration
- * data in 'czone', return ISC_TRUE.  If the configuration data is so
- * different from the current zone state that the zone needs to be destroyed
- * and recreated, return ISC_FALSE.
- */
-
-isc_result_t
-dns_zonemgr_configure(dns_c_ctx_t *cctx, dns_zonemgr_t *zonemgr);
-/*
- * Configure the zone manager according to the named.conf data
- * in 'cctx'.
- */
-ISC_LANG_ENDDECLS
-
-#endif /* DNS_ZONECONF_H */

bin/named/interfacemgr.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: interfacemgr.c,v 1.51 2000/09/26 18:26:18 gson Exp $ */
+/* $Id: interfacemgr.c,v 1.44.2.2 2000/07/10 23:32:02 gson Exp $ */
 
 #include <config.h>
 
@@ -31,7 +31,7 @@
 #include <named/log.h>
 #include <named/interfacemgr.h>
 
-#define IFMGR_MAGIC		0x49464D47U	/* IFMG. */
+#define IFMGR_MAGIC		0x49464D47U	/* IFMG. */	
 #define NS_INTERFACEMGR_VALID(t) ISC_MAGIC_VALID(t, IFMGR_MAGIC)
 
 #define IFMGR_COMMON_LOGARGS \
@@ -45,6 +45,7 @@ struct ns_interfacemgr {
 	isc_taskmgr_t *		taskmgr;	/* Task manager. */
 	isc_socketmgr_t *	socketmgr;	/* Socket manager. */
 	dns_dispatchmgr_t *	dispatchmgr;
+	ns_clientmgr_t *	clientmgr;	/* Client manager. */
 	unsigned int		generation;	/* Current generation no. */
 	ns_listenlist_t *	listenon4;
 	ns_listenlist_t *	listenon6;
@@ -59,7 +60,7 @@ isc_result_t
 ns_interfacemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr,
 		       isc_socketmgr_t *socketmgr,
 		       dns_dispatchmgr_t *dispatchmgr,
-		       ns_interfacemgr_t **mgrp)
+		       ns_clientmgr_t *clientmgr, ns_interfacemgr_t **mgrp)
 {
 	isc_result_t result;
 	ns_interfacemgr_t *mgr;
@@ -67,7 +68,7 @@ ns_interfacemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr,
 	REQUIRE(mctx != NULL);
 	REQUIRE(mgrp != NULL);
 	REQUIRE(*mgrp == NULL);
-
+	
 	mgr = isc_mem_get(mctx, sizeof(*mgr));
 	if (mgr == NULL)
 		return (ISC_R_NOMEMORY);
@@ -80,10 +81,10 @@ ns_interfacemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr,
 	mgr->taskmgr = taskmgr;
 	mgr->socketmgr = socketmgr;
 	mgr->dispatchmgr = dispatchmgr;
+	mgr->clientmgr = clientmgr;
 	mgr->generation = 1;
 	mgr->listenon4 = NULL;
-	mgr->listenon6 = NULL;
-	
+	mgr->listenon6 = NULL;	
 	ISC_LIST_INIT(mgr->interfaces);
 
 	/*
@@ -97,7 +98,7 @@ ns_interfacemgr_create(isc_mem_t *mctx, isc_taskmgr_t *taskmgr,
 	result = dns_aclenv_init(mctx, &mgr->aclenv);
 	if (result != ISC_R_SUCCESS)
 		goto cleanup_listenon;
-
+	
 	mgr->references = 1;
 	mgr->magic = IFMGR_MAGIC;
 	*mgrp = mgr;
@@ -117,7 +118,7 @@ ns_interfacemgr_destroy(ns_interfacemgr_t *mgr) {
 	dns_aclenv_destroy(&mgr->aclenv);
 	ns_listenlist_detach(&mgr->listenon4);
 	ns_listenlist_detach(&mgr->listenon6);
-	DESTROYLOCK(&mgr->lock);
+	isc_mutex_destroy(&mgr->lock);
 	mgr->magic = 0;
 	isc_mem_put(mgr->mctx, mgr, sizeof *mgr);
 }
@@ -137,7 +138,7 @@ ns_interfacemgr_attach(ns_interfacemgr_t *source, ns_interfacemgr_t **target) {
 	*target = source;
 }
 
-void
+void 
 ns_interfacemgr_detach(ns_interfacemgr_t **targetp) {
 	isc_result_t need_destroy = ISC_FALSE;
 	ns_interfacemgr_t *target = *targetp;
@@ -174,7 +175,7 @@ ns_interface_create(ns_interfacemgr_t *mgr, isc_sockaddr_t *addr,
 {
         ns_interface_t *ifp;
 	isc_result_t result;
-
+	
 	REQUIRE(NS_INTERFACEMGR_VALID(mgr));
 	ifp = isc_mem_get(mgr->mctx, sizeof(*ifp));
 	if (ifp == NULL)
@@ -184,24 +185,26 @@ ns_interface_create(ns_interfacemgr_t *mgr, isc_sockaddr_t *addr,
 	ifp->addr = *addr;
 	strncpy(ifp->name, name, sizeof(ifp->name));
 	ifp->name[sizeof(ifp->name)-1] = '\0';
-	ifp->clientmgr = NULL;
 
 	result = isc_mutex_init(&ifp->lock);
 	if (result != ISC_R_SUCCESS)
 		goto lock_create_failure;
 
-	result = ns_clientmgr_create(mgr->mctx, mgr->taskmgr,
-				     ns_g_timermgr,
-				     &ifp->clientmgr);
+	/*
+	 * Create a task.
+	 */
+	ifp->task = NULL;
+	result = isc_task_create(mgr->taskmgr, 0, &ifp->task);
 	if (result != ISC_R_SUCCESS) {
 		isc_log_write(IFMGR_COMMON_LOGARGS, ISC_LOG_ERROR,
-			      "ns_clientmgr_create() failed: %s",
-			      isc_result_totext(result));
-		goto clientmgr_create_failure;
+				 "isc_task_create() failed: %s",
+				 isc_result_totext(result));
+		goto task_create_failure;
 	}
+	isc_task_setname(ifp->task, "ifp", ifp);
 
 	ifp->udpdispatch = NULL;
-
+	
 	ifp->tcpsocket = NULL;
 	/*
 	 * Create a single TCP client object.  It will replace itself
@@ -212,9 +215,7 @@ ns_interface_create(ns_interfacemgr_t *mgr, isc_sockaddr_t *addr,
 	ifp->ntcptarget = 1;
 	ifp->ntcpcurrent = 0;
 
-	ISC_LINK_INIT(ifp, link);
-
-	ns_interfacemgr_attach(mgr, &ifp->mgr);
+	ns_interfacemgr_attach(mgr, &ifp->mgr);	
 	ISC_LIST_APPEND(mgr->interfaces, ifp, link);
 
 	ifp->references = 1;
@@ -223,8 +224,8 @@ ns_interface_create(ns_interfacemgr_t *mgr, isc_sockaddr_t *addr,
 
 	return (ISC_R_SUCCESS);
 
- clientmgr_create_failure:
-	DESTROYLOCK(&ifp->lock);
+ task_create_failure:
+	isc_mutex_destroy(&ifp->lock);
  lock_create_failure:
 	ifp->magic = 0;
 	isc_mem_put(mgr->mctx, ifp, sizeof(*ifp));
@@ -237,7 +238,7 @@ ns_interface_listenudp(ns_interface_t *ifp) {
 	isc_result_t result;
 	unsigned int attrs;
 	unsigned int attrmask;
-
+	
 	attrs = 0;
 	attrs |= DNS_DISPATCHATTR_UDP;
 	if (isc_sockaddr_pf(&ifp->addr) == AF_INET)
@@ -258,7 +259,7 @@ ns_interface_listenudp(ns_interface_t *ifp) {
 		goto udp_dispatch_failure;
 	}
 
-	result = ns_clientmgr_createclients(ifp->clientmgr, ns_g_cpus,
+	result = ns_clientmgr_createclients(ifp->mgr->clientmgr, ns_g_cpus,
 					    ifp, ISC_FALSE);
 	if (result != ISC_R_SUCCESS) {
 		UNEXPECTED_ERROR(__FILE__, __LINE__,
@@ -277,7 +278,7 @@ ns_interface_listenudp(ns_interface_t *ifp) {
 static isc_result_t
 ns_interface_accepttcp(ns_interface_t *ifp) {
 	isc_result_t result;
-
+	
 	/*
 	 * Open a TCP socket.
 	 */
@@ -306,7 +307,7 @@ ns_interface_accepttcp(ns_interface_t *ifp) {
 		goto tcp_listen_failure;
 	}
 
-	result = ns_clientmgr_createclients(ifp->clientmgr,
+	result = ns_clientmgr_createclients(ifp->mgr->clientmgr,
 					    ifp->ntcptarget, ifp,
 					    ISC_TRUE);
 	if (result != ISC_R_SUCCESS) {
@@ -332,7 +333,7 @@ ns_interface_setup(ns_interfacemgr_t *mgr, isc_sockaddr_t *addr,
 	isc_result_t result;
 	ns_interface_t *ifp = NULL;
 	REQUIRE(ifpret != NULL && *ifpret == NULL);
-
+	
 	result = ns_interface_create(mgr, addr, name, &ifp);
 	if (result != ISC_R_SUCCESS)
 		return (result);
@@ -353,35 +354,30 @@ ns_interface_setup(ns_interfacemgr_t *mgr, isc_sockaddr_t *addr,
 	}
 	*ifpret = ifp;
 	return (ISC_R_SUCCESS);
-
+	
  cleanup_interface:
-	ISC_LIST_UNLINK(ifp->mgr->interfaces, ifp, link);
+	ISC_LIST_UNLINK(ifp->mgr->interfaces, ifp, link);	
 	ns_interface_detach(&ifp);
 	return (result);
 }
 
-void
-ns_interface_shutdown(ns_interface_t *ifp) {
-	if (ifp->clientmgr != NULL)
-		ns_clientmgr_destroy(&ifp->clientmgr);
-}
-
 static void
 ns_interface_destroy(ns_interface_t *ifp) {
 	isc_mem_t *mctx = ifp->mgr->mctx;
 	REQUIRE(NS_INTERFACE_VALID(ifp));
 
-	ns_interface_shutdown(ifp);
-
 	if (ifp->udpdispatch != NULL)
 		dns_dispatch_detach(&ifp->udpdispatch);
-	if (ifp->tcpsocket != NULL)
+	if (ifp->tcpsocket != NULL) {
+		isc_socket_cancel(ifp->tcpsocket, NULL, ISC_SOCKCANCEL_ALL);
 		isc_socket_detach(&ifp->tcpsocket);
+	}
 
-	DESTROYLOCK(&ifp->lock);
+	isc_task_detach(&ifp->task);
+	isc_mutex_destroy(&ifp->lock);
 
 	ns_interfacemgr_detach(&ifp->mgr);
-
+	
 	ifp->magic = 0;
 	isc_mem_put(mctx, ifp, sizeof(*ifp));
 }
@@ -396,7 +392,7 @@ ns_interface_attach(ns_interface_t *source, ns_interface_t **target) {
 	*target = source;
 }
 
-void
+void 
 ns_interface_detach(ns_interface_t **targetp) {
 	isc_result_t need_destroy = ISC_FALSE;
 	ns_interface_t *target = *targetp;
@@ -444,7 +440,6 @@ purge_old_interfaces(ns_interfacemgr_t *mgr) {
 			isc_log_write(IFMGR_COMMON_LOGARGS,
 				      ISC_LOG_INFO,
 				      "no longer listening on %s", sabuf);
-			ns_interface_shutdown(ifp);
 			ns_interface_detach(&ifp);
 		}
 	}
@@ -478,7 +473,7 @@ do_ipv4(ns_interfacemgr_t *mgr) {
 	result = clearacl(mgr->mctx, &mgr->aclenv.localnets);
 	if (result != ISC_R_SUCCESS)
 		goto cleanup_iter;
-
+	
 	for (result = isc_interfaceiter_first(iter);
 	     result == ISC_R_SUCCESS;
 	     result = isc_interfaceiter_next(iter))
@@ -488,7 +483,7 @@ do_ipv4(ns_interfacemgr_t *mgr) {
 		ns_listenelt_t *le;
 		dns_aclelement_t elt;
 		unsigned int prefixlen;
-
+		
 		result = isc_interfaceiter_current(iter, &interface);
 		if (result != ISC_R_SUCCESS)
 			break;
@@ -515,7 +510,7 @@ do_ipv4(ns_interfacemgr_t *mgr) {
 		result = dns_acl_appendelement(mgr->aclenv.localhost, &elt);
 		if (result != ISC_R_SUCCESS)
 			goto ignore_interface;
-
+		
 		for (le = ISC_LIST_HEAD(mgr->listenon4->elts);
 		     le != NULL;
 		     le = ISC_LIST_NEXT(le, link))
@@ -543,7 +538,7 @@ do_ipv4(ns_interfacemgr_t *mgr) {
 					       &match, NULL);
 			if (match <= 0)
 				continue;
-
+			
 			ifp = find_matching_interface(mgr, &listen_sockaddr);
 			if (ifp != NULL) {
 				ifp->generation = mgr->generation;
@@ -555,7 +550,7 @@ do_ipv4(ns_interfacemgr_t *mgr) {
 					      ISC_LOG_INFO,
 					      "listening on IPv4 interface "
 					      "%s, %s", interface.name, sabuf);
-
+				
 				result = ns_interface_setup(mgr,
 							    &listen_sockaddr,
 							    interface.name,
@@ -615,7 +610,7 @@ listenon_is_ip6_any(ns_listenlist_t *p, in_port_t *portp) {
 	if (ISC_LIST_NEXT(elt, link) != NULL)
 		return (ISC_FALSE); /* More than one listen-on-v6 stmt */
 	if (elt->acl->length != 1)
-		return (ISC_FALSE);
+		return (ISC_FALSE); 
 	if (elt->acl->elements[0].negative == ISC_FALSE &&
 	    elt->acl->elements[0].type == dns_aclelementtype_any) {
 		*portp = elt->port;
@@ -634,14 +629,14 @@ do_ipv6(ns_interfacemgr_t *mgr) {
 
 	if (listenon_is_ip6_none(mgr->listenon6))
 		return;
-
+	
 	if (! listenon_is_ip6_any(mgr->listenon6, &port)) {
 		isc_log_write(IFMGR_COMMON_LOGARGS,
-		      ISC_LOG_ERROR,
+		      ISC_LOG_ERROR,			
 		      "bad IPv6 listen-on list: must be 'any' or 'none'");
 		return;
 	}
-
+		
 	in6a = in6addr_any;
 	isc_sockaddr_fromin6(&listen_addr, &in6a, port);
 
@@ -654,7 +649,7 @@ do_ipv6(ns_interfacemgr_t *mgr) {
 		result = ns_interface_setup(mgr, &listen_addr, "<any>", &ifp);
 		if (result != ISC_R_SUCCESS) {
 			isc_log_write(IFMGR_COMMON_LOGARGS,
-				      ISC_LOG_ERROR,
+				      ISC_LOG_ERROR,			
 				      "listening on IPv6 interfaces failed");
 			/* Continue. */
 		}
@@ -666,7 +661,7 @@ ns_interfacemgr_scan(ns_interfacemgr_t *mgr, isc_boolean_t verbose) {
 
 	REQUIRE(NS_INTERFACEMGR_VALID(mgr));
 
-	mgr->generation++;	/* Increment the generation count. */
+	mgr->generation++;	/* Increment the generation count. */ 
 
 	if (isc_net_probeipv6() == ISC_R_SUCCESS) {
 		do_ipv6(mgr);
@@ -714,3 +709,21 @@ ns_interfacemgr_setlistenon6(ns_interfacemgr_t *mgr, ns_listenlist_t *value) {
 	UNLOCK(&mgr->lock);
 }
 
+isc_result_t
+ns_interfacemgr_findudpdispatcher(ns_interfacemgr_t *mgr,
+				  isc_sockaddr_t *address,
+				  dns_dispatch_t **dispatchp)
+{
+	ns_interface_t *ifp;
+
+	/*
+	 * Find a UDP dispatcher matching 'address', if it exists.
+	 */
+
+	ifp = find_matching_interface(mgr, address);
+	if (ifp == NULL || ifp->udpdispatch == NULL)
+		return (ISC_R_NOTFOUND);
+	dns_dispatch_attach(ifp->udpdispatch, dispatchp);
+
+	return (ISC_R_SUCCESS);
+}

bin/named/listenlist.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: listenlist.c,v 1.8 2000/08/01 01:11:41 tale Exp $ */
+/* $Id: listenlist.c,v 1.6 2000/06/23 01:34:36 gson Exp $ */
 
 #include <config.h>
 
@@ -77,7 +77,7 @@ destroy(ns_listenlist_t *list) {
 		next = ISC_LIST_NEXT(elt, link);
 		ns_listenelt_destroy(elt);
 	}
-	isc_mem_put(list->mctx, list, sizeof(*list));
+	isc_mem_put(list->mctx, list, sizeof(*list));	
 }
 
 void
@@ -113,7 +113,7 @@ ns_listenlist_default(isc_mem_t *mctx, in_port_t port,
 		result = dns_acl_none(mctx, &acl);
 	if (result != ISC_R_SUCCESS)
 		goto cleanup;
-
+	
 	result = ns_listenelt_create(mctx, port, acl, &elt);
 	if (result != ISC_R_SUCCESS)
 		goto cleanup_acl;

bin/named/log.c

@@ -1,26 +1,24 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: log.c,v 1.24 2000/09/26 22:12:13 bwelling Exp $ */
+/* $Id: log.c,v 1.20 2000/06/22 21:49:22 tale Exp $ */
 
 #include <config.h>
 
-#include <isc/result.h>
-
 #include <named/log.h>
 
 /*
@@ -90,8 +88,6 @@ ns_log_init(isc_boolean_t safe) {
 
  cleanup:
 	isc_log_destroy(&ns_g_lctx);
-	isc_log_setcontext(NULL);
-	dns_log_setcontext(NULL);
 
 	return (result);
 }
@@ -100,7 +96,7 @@ isc_result_t
 ns_log_setdefaultchannels(isc_logconfig_t *lcfg) {
 	isc_result_t result;
 	isc_logdestination_t destination;
-
+	
 	/*
 	 * By default, the logging library makes "default_debug" log to
 	 * stderr.  In BIND, we want to override this and log to named.run
@@ -135,7 +131,7 @@ ns_log_setdefaultchannels(isc_logconfig_t *lcfg) {
 isc_result_t
 ns_log_setsafechannels(isc_logconfig_t *lcfg) {
 	isc_result_t result;
-
+	
 	if (! ns_g_logstderr) {
 		result = isc_log_createchannel(lcfg, "default_debug",
                                                ISC_LOG_TONULL,
@@ -180,6 +176,4 @@ ns_log_setdefaultcategory(isc_logconfig_t *lcfg) {
 void
 ns_log_shutdown(void) {
 	isc_log_destroy(&ns_g_lctx);
-	isc_log_setcontext(NULL);
-	dns_log_setcontext(NULL);
 }

bin/named/logconf.c

@@ -1,25 +1,24 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: logconf.c,v 1.25 2000/08/25 01:08:20 bwelling Exp $ */
+/* $Id: logconf.c,v 1.22 2000/06/23 17:59:08 tale Exp $ */
 
 #include <config.h>
 
-#include <isc/result.h>
 #include <isc/string.h>
 
 #include <named/log.h>
@@ -96,14 +95,14 @@ channel_fromconf(dns_c_logchan_t *cchan, isc_logconfig_t *lctx) {
 	unsigned int type;
 	unsigned int flags = 0;
 	int level;
-
+	
 	type = ISC_LOG_TONULL;
 	switch (cchan->ctype) {
 	case dns_c_logchan_file:
 		type = ISC_LOG_TOFILE;
 		{
 			const char *path = NULL;
-			isc_int32_t versions = ISC_LOG_ROLLNEVER;
+			isc_int32_t versions = ISC_LOG_ROLLNEVER; 
 			/*
 			 * XXXDCL should be isc_offset_t, but that
 			 * is incompatible with dns_c_logchan_getsize.
@@ -172,10 +171,10 @@ channel_fromconf(dns_c_logchan_t *cchan, isc_logconfig_t *lctx) {
 			flags |= ISC_LOG_PRINTLEVEL;
 		/* XXX ISC_LOG_PRINTMODULE */
 	}
-
+	
 	level = ISC_LOG_INFO;
 	(void)dns_c_logchan_getdebuglevel(cchan, &level);
-
+	
 	result = isc_log_createchannel(lctx, cchan->name,
 				       type, level, &dest, flags);
 	return (result);
@@ -189,7 +188,7 @@ ns_log_configure(isc_logconfig_t *lcctx, dns_c_logginglist_t *clog) {
 	isc_boolean_t default_set = ISC_FALSE;
 
 	CHECK(ns_log_setdefaultchannels(lcctx));
-
+		
 	for (cchan = ISC_LIST_HEAD(clog->channels);
 	     cchan != NULL;
 	     cchan = ISC_LIST_NEXT(cchan, next)) {

bin/named/lwdclient.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: lwdclient.c,v 1.9 2000/10/12 20:45:11 bwelling Exp $ */
+/* $Id: lwdclient.c,v 1.3.2.1 2000/06/26 21:47:32 gson Exp $ */
 
 #include <config.h>
 
@@ -24,19 +24,12 @@
 #include <isc/task.h>
 #include <isc/util.h>
 
-#include <dns/adb.h>
 #include <dns/view.h>
 #include <dns/log.h>
 
 #include <named/types.h>
-#include <named/lwresd.h>
 #include <named/lwdclient.h>
 
-#define SHUTTINGDOWN(cm) ((cm->flags & NS_LWDCLIENTMGR_FLAGSHUTTINGDOWN) != 0)
-
-static void
-lwdclientmgr_shutdown_callback(isc_task_t *task, isc_event_t *ev);
-
 void
 ns_lwdclient_log(int level, const char *format, ...) {
 	va_list args;
@@ -48,124 +41,18 @@ ns_lwdclient_log(int level, const char *format, ...) {
 	va_end(args);
 }
 
-void
-ns_lwdclientmgr_create(ns_lwresd_t *lwresd, unsigned int nclients,
-		    isc_taskmgr_t *taskmgr)
-{
-	ns_lwdclientmgr_t *cm;
-	ns_lwdclient_t *client;
-	unsigned int i;
-
-	cm = isc_mem_get(lwresd->mctx, sizeof(ns_lwdclientmgr_t));
-	if (cm == NULL)
-		return;
-
-	cm->lwresd = lwresd;
-	cm->mctx = lwresd->mctx;
-	cm->sock = lwresd->sock;
-	cm->view = lwresd->view;
-	cm->lwctx = NULL;
-	cm->task = NULL;
-	cm->flags = 0;
-	ISC_LINK_INIT(cm, link);
-	ISC_LIST_INIT(cm->idle);
-	ISC_LIST_INIT(cm->running);
-
-	if (lwres_context_create(&cm->lwctx, cm->mctx,
-				 ns__lwresd_memalloc, ns__lwresd_memfree,
-				 LWRES_CONTEXT_SERVERMODE)
-	    != ISC_R_SUCCESS)
-		goto errout;
-
-	for (i = 0 ; i < nclients ; i++) {
-		client = isc_mem_get(lwresd->mctx, sizeof(ns_lwdclient_t));
-		if (client != NULL) {
-			ns_lwdclient_log(50, "created client %p, manager %p",
-					 client, cm);
-			ns_lwdclient_initialize(client, cm);
-		}
-	}
-
-	/*
-	 * If we could create no clients, clean up and return.
-	 */
-	if (ISC_LIST_EMPTY(cm->idle))
-		goto errout;
-
-	if (isc_task_create(taskmgr, 0, &cm->task) != ISC_R_SUCCESS)
-		goto errout;
-
-	/*
-	 * This MUST be last, since there is no way to cancel an onshutdown...
-	 */
-	if (isc_task_onshutdown(cm->task, lwdclientmgr_shutdown_callback, cm)
-	    != ISC_R_SUCCESS)
-		goto errout;
-
-	/*
-	 * Nothing between the onshutdown call and the end of this 
-	 * function is allowed to fail without crashing the server
-	 * via INSIST() or REQUIRE().
-	 */
-
-	ISC_LIST_APPEND(lwresd->cmgrs, cm, link);
-
-	return;
-
- errout:
-	client = ISC_LIST_HEAD(cm->idle);
-	while (client != NULL) {
-		ISC_LIST_UNLINK(cm->idle, client, link);
-		isc_mem_put(lwresd->mctx, client, sizeof (*client));
-		client = ISC_LIST_HEAD(cm->idle);
-	}
-
-	if (cm->task != NULL)
-		isc_task_detach(&cm->task);
-
-	if (cm->lwctx != NULL)
-		lwres_context_destroy(&cm->lwctx);
-
-	isc_mem_put(lwresd->mctx, cm, sizeof (*cm));
-}
-
 static void
-lwdclientmgr_destroy(ns_lwdclientmgr_t *cm) {
-	ns_lwdclient_t *client;
-	ns_lwresd_t *lwresd = cm->lwresd;
-
-	if (!SHUTTINGDOWN(cm))
+clientmgr_can_die(ns_lwdclientmgr_t *cm) {
+	if ((cm->flags & NS_LWDCLIENTMGR_FLAGSHUTTINGDOWN) == 0)
 		return;
 
-	/*
-	 * run through the idle list and free the clients there.  Idle
-	 * clients do not have a recv running nor do they have any finds
-	 * or similar running.
-	 */
-	client = ISC_LIST_HEAD(cm->idle);
-	while (client != NULL) {
-		ns_lwdclient_log(50, "destroying client %p, manager %p",
-				 client, cm);
-		ISC_LIST_UNLINK(cm->idle, client, link);
-		isc_mem_put(cm->mctx, client, sizeof (*client));
-		client = ISC_LIST_HEAD(cm->idle);
-	}
-
-	if (!ISC_LIST_EMPTY(cm->running))
+	if (ISC_LIST_HEAD(cm->running) != NULL)
 		return;
 
 	lwres_context_destroy(&cm->lwctx);
-	cm->view = NULL;
-	cm->sock = NULL;
+	isc_socket_detach(&cm->sock);
+	dns_view_detach(&cm->view);
 	isc_task_detach(&cm->task);
-
-	LOCK(&lwresd->lock);
-	ISC_LIST_UNLINK(lwresd->cmgrs, cm, link);
-	ns_lwdclient_log(50, "destroying manager %p", cm);
-	isc_mem_put(lwresd->mctx, cm, sizeof (*cm));
-	UNLOCK(&lwresd->lock);
-
-	ns__lwresd_destroy(lwresd);
 }
 
 static void
@@ -238,13 +125,12 @@ ns_lwdclient_recv(isc_task_t *task, isc_event_t *ev) {
 		return;
 	}
 
+	/*
+	 * XXXMLG If we wanted to run on ipv6 as well, we'd need the pktinfo
+	 * bits.  Right now we don't, so don't remember them.
+	 */
 	client->recvlength = dev->n;
 	client->address = dev->address;
-	if ((dev->attributes & ISC_SOCKEVENTATTR_PKTINFO) != 0) {
-		client->pktinfo = dev->pktinfo;
-		client->pktinfo_valid = ISC_TRUE;
-	} else
-		client->pktinfo_valid = ISC_FALSE;
 	isc_event_free(&ev);
 	dev = NULL;
 
@@ -262,10 +148,8 @@ ns_lwdclient_startrecv(ns_lwdclientmgr_t *cm) {
 	isc_result_t result;
 	isc_region_t r;
 
-	if (SHUTTINGDOWN(cm)) {
-		lwdclientmgr_destroy(cm);
+	if ((cm->flags & NS_LWDCLIENTMGR_FLAGSHUTTINGDOWN) != 0)
 		return (ISC_R_SUCCESS);
-	}
 
 	/*
 	 * If a recv is already running, don't bother.
@@ -307,50 +191,25 @@ ns_lwdclient_startrecv(ns_lwdclientmgr_t *cm) {
 	return (ISC_R_SUCCESS);
 }
 
-static void
-lwdclientmgr_shutdown_callback(isc_task_t *task, isc_event_t *ev) {
+void
+ns_lwdclient_shutdown(isc_task_t *task, isc_event_t *ev) {
 	ns_lwdclientmgr_t *cm = ev->ev_arg;
-	ns_lwdclient_t *client;
 
-	REQUIRE(!SHUTTINGDOWN(cm));
+	REQUIRE((cm->flags & NS_LWDCLIENTMGR_FLAGSHUTTINGDOWN) == 0);
 
-	ns_lwdclient_log(50, "got shutdown event, task %p, lwdclientmgr %p",
-			 task, cm);
-
-	/*
-	 * run through the idle list and free the clients there.  Idle
-	 * clients do not have a recv running nor do they have any finds
-	 * or similar running.
-	 */
-	client = ISC_LIST_HEAD(cm->idle);
-	while (client != NULL) {
-		ns_lwdclient_log(50, "destroying client %p, manager %p",
-				 client, cm);
-		ISC_LIST_UNLINK(cm->idle, client, link);
-		isc_mem_put(cm->mctx, client, sizeof (*client));
-		client = ISC_LIST_HEAD(cm->idle);
-	}
+	ns_lwdclient_log(50, "got shutdown event, task %p", task);
 
 	/*
 	 * Cancel any pending I/O.
 	 */
-	isc_socket_cancel(cm->sock, task, ISC_SOCKCANCEL_ALL);
+	if ((cm->flags & NS_LWDCLIENTMGR_FLAGRECVPENDING) != 0)
+		isc_socket_cancel(cm->sock, task, ISC_SOCKCANCEL_ALL);
 
 	/*
 	 * Run through the running client list and kill off any finds
 	 * in progress.
 	 */
-	client = ISC_LIST_HEAD(cm->running);
-	while (client != NULL) {
-		if (client->find != client->v4find
-		    && client->find != client->v6find)
-			dns_adb_cancelfind(client->find);
-		if (client->v4find != NULL)
-			dns_adb_cancelfind(client->v4find);
-		if (client->v6find != NULL)
-			dns_adb_cancelfind(client->v6find);
-		client = ISC_LIST_NEXT(client, link);
-	}
+	/* XXXMLG */
 
 	cm->flags |= NS_LWDCLIENTMGR_FLAGSHUTTINGDOWN;
 
@@ -378,6 +237,8 @@ ns_lwdclient_stateidle(ns_lwdclient_t *client) {
 
 	NS_LWDCLIENT_SETIDLE(client);
 
+	clientmgr_can_die(cm);
+
 	ns_lwdclient_startrecv(cm);
 }
 
@@ -389,7 +250,7 @@ ns_lwdclient_send(isc_task_t *task, isc_event_t *ev) {
 
 	UNUSED(task);
 	UNUSED(dev);
-
+	
 	INSIST(NS_LWDCLIENT_ISSEND(client));
 	INSIST(client->sendbuf == dev->region.base);
 
@@ -407,19 +268,6 @@ ns_lwdclient_send(isc_task_t *task, isc_event_t *ev) {
 	isc_event_free(&ev);
 }
 
-isc_result_t
-ns_lwdclient_sendreply(ns_lwdclient_t *client, isc_region_t *r) {
-	struct in6_pktinfo *pktinfo;
-	ns_lwdclientmgr_t *cm = client->clientmgr;
-
-	if (client->pktinfo_valid)
-		pktinfo = &client->pktinfo;
-	else
-		pktinfo = NULL;
-	return (isc_socket_sendto(cm->sock, r, cm->task, ns_lwdclient_send,
-				  client, &client->address, pktinfo));
-}
-
 void
 ns_lwdclient_initialize(ns_lwdclient_t *client, ns_lwdclientmgr_t *cmgr) {
 	client->clientmgr = cmgr;
@@ -441,7 +289,5 @@ ns_lwdclient_initialize(ns_lwdclient_t *client, ns_lwdclientmgr_t *cmgr) {
 	client->byaddr = NULL;
 	client->addrinfo = NULL;
 
-	client->pktinfo_valid = ISC_FALSE;
-
 	ISC_LIST_APPEND(cmgr->idle, client, link);
 }

bin/named/lwderror.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: lwderror.c,v 1.5 2000/10/12 20:45:13 bwelling Exp $ */
+/* $Id: lwderror.c,v 1.2 2000/06/22 21:49:25 tale Exp $ */
 
 #include <config.h>
 
@@ -71,7 +71,8 @@ ns_lwdclient_errorpktsend(ns_lwdclient_t *client, isc_uint32_t _result) {
 	r.base = client->buffer;
 	r.length = b.used;
 	client->sendbuf = client->buffer;
-	result = ns_lwdclient_sendreply(client, &r);
+	result = isc_socket_sendto(cm->sock, &r, cm->task, ns_lwdclient_send,
+				   client, &client->address, NULL);
 	if (result != ISC_R_SUCCESS) {
 		ns_lwdclient_stateidle(client);
 		return;

bin/named/lwdgabn.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: lwdgabn.c,v 1.7 2000/10/12 20:45:14 bwelling Exp $ */
+/* $Id: lwdgabn.c,v 1.3.2.1 2000/06/26 21:47:33 gson Exp $ */
 
 #include <config.h>
 
@@ -177,7 +177,8 @@ generate_reply(ns_lwdclient_t *client) {
 	r.length = lwb.used;
 	client->sendbuf = r.base;
 	client->sendlength = r.length;
-	result = ns_lwdclient_sendreply(client, &r);
+	result = isc_socket_sendto(cm->sock, &r, cm->task, ns_lwdclient_send,
+				   client, &client->address, NULL);
 	if (result != ISC_R_SUCCESS)
 		goto out;
 
@@ -296,7 +297,7 @@ process_gabn_finddone(isc_task_t *task, isc_event_t *ev) {
 				client->find = NULL;
 			else
 				dns_adb_destroyfind(&client->find);
-
+				
 		}
 		generate_reply(client);
 		return;
@@ -452,14 +453,14 @@ start_find(ns_lwdclient_t *client) {
 }
 
 
-static void
+static void            
 init_gabn(ns_lwdclient_t *client) {
 	int i;
 
 	/*
 	 * Initialize the real name and alias arrays in the reply we're
 	 * going to build up.
-	 */
+	 */     
 	for (i = 0 ; i < LWRES_MAX_ALIASES ; i++) {
 		client->aliases[i] = NULL;
 		client->aliaslen[i] = 0;

bin/named/lwdgnba.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: lwdgnba.c,v 1.8 2000/10/17 18:34:52 bwelling Exp $ */
+/* $Id: lwdgnba.c,v 1.3.2.1 2000/06/26 21:47:35 gson Exp $ */
 
 #include <config.h>
 
@@ -100,7 +100,7 @@ byaddr_done(isc_task_t *task, isc_event_t *event) {
 		 * fails.
 		 */
 		client->options |= DNS_BYADDROPT_IPV6NIBBLE;
-
+		
 		start_byaddr(client);
 		return;
 	}
@@ -151,7 +151,9 @@ byaddr_done(isc_task_t *task, isc_event_t *event) {
 	r.length = lwb.used;
 	client->sendbuf = r.base;
 	client->sendlength = r.length;
-	result = ns_lwdclient_sendreply(client, &r);
+	result = isc_socket_sendto(cm->sock, &r,
+				   cm->task, ns_lwdclient_send,
+				   client, &client->address, NULL);
 	if (result != ISC_R_SUCCESS)
 		goto out;
 
@@ -168,8 +170,7 @@ byaddr_done(isc_task_t *task, isc_event_t *event) {
 		lwres_context_freemem(cm->lwctx,
 				      lwb.base, lwb.length);
 
-	if (event != NULL)
-		isc_event_free(&event);
+	isc_event_free(&event);
 }
 
 static void

bin/named/lwdnoop.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: lwdnoop.c,v 1.5 2000/10/12 20:45:18 bwelling Exp $ */
+/* $Id: lwdnoop.c,v 1.2 2000/06/22 21:49:29 tale Exp $ */
 
 #include <config.h>
 
@@ -61,7 +61,9 @@ ns_lwdclient_processnoop(ns_lwdclient_t *client, lwres_buffer_t *b) {
 	r.length = lwb.used;
 	client->sendbuf = r.base;
 	client->sendlength = r.length;
-	result = ns_lwdclient_sendreply(client, &r);
+	result = isc_socket_sendto(client->clientmgr->sock, &r,
+				   client->clientmgr->task, ns_lwdclient_send,
+				   client, &client->address, NULL);
 	if (result != ISC_R_SUCCESS)
 		goto out;
 

bin/named/lwresd.8

@@ -1,168 +0,0 @@
-.\" Copyright (C) 2000  Internet Software Consortium.
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.\" $Id: lwresd.8,v 1.7 2000/08/30 20:43:28 bwelling Exp $
-.\"
-.Dd Jun 30, 2000
-.Dt LWRESD 8
-.Os BIND9 9
-.ds vT BIND 9 Programmer's Manual
-.Sh NAME
-.Nm lwresd
-.Nd lightweight resolver daemon
-.Sh SYNOPSIS
-.Nm lwresd
-.Op Fl C Ar config-file
-.Op Fl d Ar debuglevel
-.Op Fl f g s
-.Op Fl i Ar pid-file
-.Op Fl n Ar #cpus
-.Op Fl P Ar query-port#
-.Op Fl p Ar port#
-.Op Fl t Ar directory
-.Op Fl u Ar user-id
-.Op Fl v
-.Sh DESCRIPTION
-.Nm lwresd
-is the daemon providing name lookup services to clients that use
-the BIND 9 lightweight resolver library.
-It is essentially a stripped-down, caching-only name server that
-answers queries using the BIND 9 lightweight resolver protocol
-rather than the DNS protocol.
-.Pp
-.Nm lwresd
-listens for resolver queries on a UDP port on the IPv4 loopback
-interface, 127.0.0.1.
-This means that
-.Nm lwresd
-can only be used by processes running on the local machine.
-By default UDP port number 921 is used for lightweight resolver
-requests and responses.
-.Pp
-Incoming lightweight resolver requests are decoded by
-.Nm lwresd
-which then resolves them using the DNS protocol.
-When the DNS lookup completes,
-.Nm lwresd
-encodes the answers from the name servers in the lightweight
-resolver format and returns them to the client that made the original
-request.
-.Pp
-If
-.Pa /etc/resolv.conf
-contains any
-.Sy nameserver
-entries,
-.Nm lwresd
-sends recursive DNS queries to those servers.  This
-is similar to the use of forwarders in a chaching name
-server.  If no
-.Sy nameserver
-entries are  present, or if forwarding fails,
-.Nm lwresd
-resolves the queries autonomously starting at the
-root name servers, using a compiled-in list of root
-servers hints.
-.Pp
-The options to
-.Nm lwresd
-are as follows:
-.Bl -tag -width Ds
-.It Fl C
-use
-.Ar config-file
-as the configuration file instead of the default,
-.Pa /etc/resolv.conf .
-.It Fl d
-set the daemon's debug level to
-.Ar debuglevel .
-Debugging traces from
-.Nm lwresd
-become more verbose as the debug level increases.
-.It Fl f
-run
-.Nm lwresd
-in the foreground.
-.It Fl g
-run
-.Nm lwresd
-in the foreground and force all logging to
-.Dv stderr .
-.It Fl i
-write the daemon's process id to
-.Ar pid-file
-instead of the default pathname.
-.It Fl n
-create
-.Ar #cpus
-worker threads to take advantage of multiple CPUs.
-If no option is given,
-.Nm lwresd
-will try to determine the number of CPUs present and create
-one thread per CPU.  If
-.Nm lwresd
-is unable to determine the number of CPUs, a single worker thread
-is created.
-.It Fl P
-send DNS lookups to port number
-.Ar query-port#
-when querying name servers.
-This provides a way of testing the lightweight resolver daemon with a
-name server that listens for queries on a non-standard port number.
-.It Fl p
-listen for lightweight resolver queries on the loopback interface
-using UDP port
-.Ar port#
-instead of the default port number, 921.
-.It Fl s
-write memory usage statistics to
-.Dv stdout
-on exit.
-This option is only of interest to BIND 9 developers and may be
-removed or changed in a future release.
-.It Fl t
-tells
-.Nm lwresd
-to chroot() to
-.Ar directory
-immediately after reading its configuration file.
-.It Fl u
-run
-.Nm lwresd
-as
-.Ar user-id ,
-which is a user name or numeric id that must be present in the
-password file.
-The lightweight resolver daemon will change its user-id after it has
-carried out any privileged operations, such as writing the process-id
-file or binding a socket to a privileged port (typically any port
-less than 1024).
-.It Fl v
-report the version number and exit.
-.El
-.Sh FILES
-.Bl -tag -width  /var/run/lwresd.pid -compact
-.It Pa /etc/resolv.conf
-default configuration file
-.It Pa /var/run/lwresd.pid
-default process-id file
-.El
-.Sh SEE ALSO
-.Xr named 8 ,
-.Xr lwres 3 .
-.Sh NOTES
-.Nm lwresd
-is a daemon for lightweight resolvers, not a lightweight daemon
-for resolvers.

bin/named/lwresd.c

@@ -1,29 +1,27 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: lwresd.c,v 1.18 2000/10/10 23:05:01 bwelling Exp $ */
+/* $Id: lwresd.c,v 1.8.2.3 2000/07/21 22:46:47 gson Exp $ */
 
 /*
  * Main program for the Lightweight Resolver Daemon.
  *
- * To paraphrase the old saying about X11, "It's not a lightweight deamon
+ * To paraphrase the old saying about X11, "It's not a lightweight deamon 
  * for resolvers, it's a deamon for lightweight resolvers".
- *
- * A lot of this code was copied from omapi.
  */
 
 #include <config.h>
@@ -33,7 +31,6 @@
 #include <isc/app.h>
 #include <isc/magic.h>
 #include <isc/mem.h>
-#include <isc/once.h>
 #include <isc/print.h>
 #include <isc/string.h>
 #include <isc/task.h>
@@ -41,8 +38,6 @@
 #include <isc/util.h>
 
 #include <dns/cache.h>
-#include <dns/confctx.h>
-#include <dns/conflwres.h>
 #include <dns/db.h>
 #include <dns/dispatch.h>
 #include <dns/log.h>
@@ -64,565 +59,392 @@
 /*
  * The goal number of clients we can handle will be NTASKS * NRECVS.
  */
-#define NTASKS		2	/* tasks to create to handle lwres queries */
-#define NRECVS		2	/* max clients per task */
-
-typedef struct ns_lwreslistener ns_lwreslistener_t;
-
-typedef ISC_LIST(ns_lwreslistener_t) ns_lwreslistenerlist_t;
-
-struct ns_lwreslistener {
-	isc_mem_t *			mctx;
-	isc_sockaddr_t			address;
-	ns_lwresd_t			*manager;
-	dns_view_t			*view;
-	LINK(ns_lwreslistener_t)        link;
-};
-
-static ns_lwreslistenerlist_t listeners;
-static isc_mutex_t listeners_lock;
-static isc_once_t once = ISC_ONCE_INIT;
+#define NTASKS		20	/* tasks to create to handle lwres queries */
+#define NRECVS		 5	/* max clients per task */
+#define NTHREADS	 1	/* # threads to create in thread manager */
 
 static void
-lwresd_shutdown(ns_lwresd_t **lwresdp);
-
-
-static void
-initialize_mutex(void) {
-	RUNTIME_CHECK(isc_mutex_init(&listeners_lock) == ISC_R_SUCCESS);
+fatal(const char *msg, isc_result_t result) {
+	isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_LWRESD,
+		      ISC_LOG_CRITICAL, "%s: %s", msg,
+		      isc_result_totext(result));
+	isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_LWRESD,
+		      ISC_LOG_CRITICAL, "exiting (due to fatal error)");
+		      exit(1);
 }
 
-
 /*
  * Wrappers around our memory management stuff, for the lwres functions.
  */
-void *
-ns__lwresd_memalloc(void *arg, size_t size) {
+static void *
+mem_alloc(void *arg, size_t size) {
 	return (isc_mem_get(arg, size));
 }
 
-void
-ns__lwresd_memfree(void *arg, void *mem, size_t size) {
+static void
+mem_free(void *arg, void *mem, size_t size) {
 	isc_mem_put(arg, mem, size);
 }
 
-void
-ns__lwresd_destroy(ns_lwresd_t *lwresd) {
-	isc_mem_t *mctx;
+static void
+shutdown_lwresd(isc_task_t *task, isc_event_t *event) {
+	ns_lwresd_t *lwresd = event->ev_arg;
 
-	LOCK(&lwresd->lock);
-	if (!ISC_LIST_EMPTY(lwresd->cmgrs) || (!lwresd->shutting_down)) {
-		UNLOCK(&lwresd->lock);
-		return;
-	}
+	UNUSED(task);
+
+	dns_dispatchmgr_destroy(&lwresd->dispmgr);
 
 	/*
-	 * At this point, nothing can have the lwresd locked, since there
-	 * are no clients running.
+	 * Wait for everything to die off by waiting for the sockets
+	 * to be detached.
 	 */
-	UNLOCK(&lwresd->lock);
-
 	isc_socket_detach(&lwresd->sock);
+
+	/*
+	 * Kill off the view.
+	 */
 	dns_view_detach(&lwresd->view);
 
-	mctx = lwresd->mctx;
+	isc_task_detach(&lwresd->task);
 
-	lwresd->magic = 0;
-	isc_mem_put(mctx, lwresd, sizeof(*lwresd));
-	isc_mem_detach(&mctx);
+	isc_event_free(&event);
 }
 
-isc_result_t
-ns_lwresd_parseresolvconf(isc_mem_t *mctx, dns_c_ctx_t **ctxp) {
-	dns_c_ctx_t *ctx = NULL;
-	lwres_context_t *lwctx = NULL;
-	lwres_conf_t *lwc = NULL;
-	isc_sockaddr_t sa;
+
+static void
+parse_resolv_conf(isc_mem_t *mctx, isc_sockaddrlist_t *forwarders) {
+	lwres_context_t *lwctx;
+	lwres_conf_t *lwc;
+	int lwresult;
+	struct in_addr ina;
+	struct in6_addr ina6;
+	isc_sockaddr_t *sa;
 	int i;
 	in_port_t port;
-	dns_c_iplist_t *forwarders = NULL;
-	dns_c_iplist_t *locallist = NULL;
-	dns_c_lwreslist_t *lwreslist = NULL;
-	dns_c_lwres_t *lwres = NULL;
-	isc_result_t result;
-	lwres_result_t lwresult;
-	struct in_addr localhost;
 
-	result = dns_c_ctx_new(mctx, &ctx);
-	if (result != ISC_R_SUCCESS)
-		goto cleanup;
-	
 	lwctx = NULL;
-	lwresult = lwres_context_create(&lwctx, mctx, ns__lwresd_memalloc,
-					ns__lwresd_memfree,
+	lwresult = lwres_context_create(&lwctx, mctx, mem_alloc, mem_free,
 					LWRES_CONTEXT_SERVERMODE);
 	if (lwresult != LWRES_R_SUCCESS)
-		goto cleanup;
+		return;
 
-	lwresult = lwres_conf_parse(lwctx, lwresd_g_resolvconffile);
+	lwresult = lwres_conf_parse(lwctx, lwresd_g_conffile);
 	if (lwresult != LWRES_R_SUCCESS)
-		goto cleanup;
+		goto out;
 
 	lwc = lwres_conf_get(lwctx);
 	INSIST(lwc != NULL);
 
-	/*
-	 * Build the list of forwarders.
-	 */
-	result = dns_c_iplist_new(mctx, lwc->nsnext, &forwarders);
-	if (result != ISC_R_SUCCESS)
-		goto cleanup;
-
-	if (ns_g_port != 0)
-		port = ns_g_port;
-	else
+	if (lwresd_g_queryport == 0)
 		port = 53;
+	else
+		port = lwresd_g_queryport;
 
+	/*
+	 * Run through the list of nameservers, and set them to be our
+	 * forwarders.
+	 */
 	for (i = 0 ; i < lwc->nsnext ; i++) {
-		if (lwc->nameservers[i].family != LWRES_ADDRTYPE_V4 &&
-		    lwc->nameservers[i].family != LWRES_ADDRTYPE_V6)
-			continue;
-
-		if (lwc->nameservers[i].family == LWRES_ADDRTYPE_V4) {
-			struct in_addr ina;
+		switch (lwc->nameservers[i].family) {
+		case LWRES_ADDRTYPE_V4:
+			sa = isc_mem_get(mctx, sizeof *sa);
+			INSIST(sa != NULL);
 			memcpy(&ina.s_addr, lwc->nameservers[i].address, 4);
-			isc_sockaddr_fromin(&sa, &ina, port);
-		} else {
-			struct in6_addr ina6;
+			isc_sockaddr_fromin(sa, &ina, port);
+			ISC_LIST_APPEND(*forwarders, sa, link);
+			sa = NULL;
+			break;
+		case LWRES_ADDRTYPE_V6:
+			sa = isc_mem_get(mctx, sizeof *sa);
+			INSIST(sa != NULL);
 			memcpy(&ina6.s6_addr, lwc->nameservers[i].address, 16);
-			isc_sockaddr_fromin6(&sa, &ina6, port);
-		}
-#ifndef NOMINUM_PUBLIC
-		result = dns_c_iplist_append(forwarders, sa, NULL);
-#else /* NOMINUM_PUBLIC */
-		result = dns_c_iplist_append(forwarders, sa);
-#endif /* NOMINUM_PUBLIC */
-		if (result != ISC_R_SUCCESS)
-			goto cleanup;
-	}
-
-	if (forwarders->nextidx != 0) {
-		result = dns_c_ctx_setforwarders(ctx, ISC_FALSE, forwarders);
-		if (result != ISC_R_SUCCESS)
-			goto cleanup;
-		forwarders = NULL;
-		result = dns_c_ctx_setforward(ctx, dns_c_forw_first);
-		if (result != ISC_R_SUCCESS)
-			goto cleanup;
-	}
-
-	result = dns_c_lwreslist_new(mctx, &lwreslist);
-	if (result != ISC_R_SUCCESS)
-		goto cleanup;
-
-	result = dns_c_lwres_new(mctx, &lwres);
-	if (result != ISC_R_SUCCESS)
-		goto cleanup;
-
-	port = lwresd_g_listenport;
-	if (port == 0)
-		port = LWRES_UDP_PORT;
-
-	if (lwc->lwnext == 0) {
-		localhost.s_addr = htonl(INADDR_LOOPBACK);
-		isc_sockaddr_fromin(&sa, &localhost, port);
-	} else {
-		if (lwc->lwservers[0].family != LWRES_ADDRTYPE_V4 &&
-		    lwc->lwservers[0].family != LWRES_ADDRTYPE_V6)
-		{
-			result = ISC_R_FAMILYNOSUPPORT;
-			goto cleanup;
-		}
-
-		if (lwc->lwservers[0].family == LWRES_ADDRTYPE_V4) {
-			struct in_addr ina;
-			memcpy(&ina.s_addr, lwc->lwservers[0].address, 4);
-			isc_sockaddr_fromin(&sa, &ina, port);
-		} else {
-			struct in6_addr ina6;
-			memcpy(&ina6.s6_addr, lwc->lwservers[0].address, 16);
-			isc_sockaddr_fromin6(&sa, &ina6, port);
+			isc_sockaddr_fromin6(sa, &ina6, port);
+			ISC_LIST_APPEND(*forwarders, sa, link);
+			sa = NULL;
+			break;
+		default:
+			break;
 		}
 	}
 
-	result = dns_c_iplist_new(mctx, 1, &locallist);
-	if (result != ISC_R_SUCCESS)
-		goto cleanup;
-#ifndef NOMINUM_PUBLIC
-	result = dns_c_iplist_append(locallist, sa, NULL);
-#else /* NOMINUM_PUBLIC */
-	result = dns_c_iplist_append(locallist, sa);
-#endif /* NOMINUM_PUBLIC */
-	if (result != ISC_R_SUCCESS)
-		goto cleanup;
-
-	result = dns_c_lwres_setlistenon(lwres, locallist);
-	if (result != ISC_R_SUCCESS)
-		goto cleanup;
-	dns_c_iplist_detach(&locallist);
-
-	result = dns_c_lwreslist_append(lwreslist, lwres, ISC_FALSE);
-	if (result != ISC_R_SUCCESS)
-		goto cleanup;
-	lwres = NULL;
-
-	result = dns_c_ctx_setlwres(ctx, lwreslist, ISC_FALSE);
-	if (result != ISC_R_SUCCESS)
-		goto cleanup;
-	lwreslist = NULL;
-
-	*ctxp = ctx;
-
-	result = ISC_R_SUCCESS;
-
- cleanup:
-	if (result != ISC_R_SUCCESS) {
-		if (forwarders != NULL)
-			dns_c_iplist_detach(&forwarders);
-		if (locallist != NULL)
-			dns_c_iplist_detach(&locallist);
-		if (lwres != NULL)
-			dns_c_lwres_delete(&lwres);
-		if (lwreslist != NULL)
-			dns_c_lwreslist_delete(&lwreslist);
-		dns_c_ctx_delete(&ctx);
-	}
-
-	if (lwctx != NULL) {
-		lwres_conf_clear(lwctx);
-		lwres_context_destroy(&lwctx);
-	}
-
-	return (result);
+ out:
+	lwres_conf_clear(lwctx);
+	lwres_context_destroy(&lwctx);
 }
 
 static isc_result_t
-lwresd_create(isc_mem_t *mctx, dns_view_t *view,
-	      isc_sockaddr_t *address, ns_lwresd_t **lwresdp) {
+ns_lwresd_createview(ns_lwresd_t *lwresd, dns_view_t **viewp) {
+	dns_cache_t *cache;
+	isc_result_t result;
+	dns_db_t *rootdb;
+	unsigned int attrs;
+	isc_sockaddr_t any4, any6;
+	dns_dispatch_t *disp4 = NULL;
+	dns_dispatch_t *disp6 = NULL;		
+	isc_sockaddrlist_t forwarders;
+	dns_view_t *view;
+
+	REQUIRE(viewp != NULL && *viewp == NULL);
+	cache = NULL;
+
+	result = dns_dispatchmgr_create(lwresd->mctx, ns_g_entropy,
+					&lwresd->dispmgr);
+
+	if (result != ISC_R_SUCCESS)
+		fatal("creating dispatch manager", result);
+
+	/*
+	 * View.
+	 */
+	view = NULL;
+	result = dns_view_create(lwresd->mctx, dns_rdataclass_in, "_default",
+				 &view);
+	if (result != ISC_R_SUCCESS)
+		return (result);
+
+	/*
+	 * Cache.
+	 */
+	result = dns_cache_create(lwresd->mctx, ns_g_taskmgr, ns_g_timermgr,
+				  dns_rdataclass_in, "rbt", 0, NULL, &cache);
+	if (result != ISC_R_SUCCESS)
+		goto out;
+	dns_view_setcache(view, cache);
+	dns_cache_detach(&cache);
+
+	/*
+	 * Resolver.
+	 *
+	 * XXXMLG hardwired number of tasks.
+	 */
+
+	if (isc_net_probeipv6() == ISC_R_SUCCESS) {
+		isc_sockaddr_any6(&any6);
+
+		attrs = DNS_DISPATCHATTR_IPV6 | DNS_DISPATCHATTR_UDP;
+		result = dns_dispatch_getudp(lwresd->dispmgr, ns_g_socketmgr,
+					     ns_g_taskmgr, &any6, 512, 6, 1024,
+					     17, 19, attrs, attrs, &disp6);
+		if (result != ISC_R_SUCCESS)
+		goto out;
+	}
+	if (isc_net_probeipv4() == ISC_R_SUCCESS) {
+		isc_sockaddr_any(&any4);
+
+		attrs = DNS_DISPATCHATTR_IPV4 | DNS_DISPATCHATTR_UDP;
+		result = dns_dispatch_getudp(lwresd->dispmgr, ns_g_socketmgr,
+					     ns_g_taskmgr, &any4, 512, 6, 1024,
+					     17, 19, attrs, attrs, &disp4);
+		if (result != ISC_R_SUCCESS)
+			goto out;
+	}
+	if (disp4 == NULL && disp6 == NULL)
+		fatal("not listening on IPv4 or IPv6", ISC_R_FAILURE);
+	
+	result = dns_view_createresolver(view, ns_g_taskmgr, 16,
+					 ns_g_socketmgr, ns_g_timermgr, 0,
+					 lwresd->dispmgr, disp4, disp6);
+	if (disp4 != NULL)
+		dns_dispatch_detach(&disp4);
+	if (disp6 != NULL)
+		dns_dispatch_detach(&disp6);
+
+	if (result != ISC_R_SUCCESS)
+		goto out;
+
+	rootdb = NULL;
+	result = dns_rootns_create(lwresd->mctx, dns_rdataclass_in, NULL,
+				   &rootdb);
+	if (result != ISC_R_SUCCESS)
+		goto out;
+	dns_view_sethints(view, rootdb);
+	dns_db_detach(&rootdb);
+
+	/*
+	 * If we have forwarders, set them here.
+	 */
+	ISC_LIST_INIT(forwarders);
+	parse_resolv_conf(lwresd->mctx, &forwarders);
+	if (ISC_LIST_HEAD(forwarders) != NULL) {
+		isc_sockaddr_t *sa;
+
+		dns_resolver_setforwarders(view->resolver, &forwarders);
+		dns_resolver_setfwdpolicy(view->resolver, dns_fwdpolicy_only);
+		sa = ISC_LIST_HEAD(forwarders);
+		while (sa != NULL) {
+			ISC_LIST_UNLINK(forwarders, sa, link);
+			isc_mem_put(lwresd->mctx, sa, sizeof (*sa));
+			sa = ISC_LIST_HEAD(forwarders);
+		}
+	}
+
+	dns_view_freeze(view);
+	*viewp = view;
+
+	return (ISC_R_SUCCESS);
+
+out:
+	dns_view_detach(&view);
+	return (result);
+}
+
+void
+ns_lwresd_create(isc_mem_t *mctx, dns_view_t *view, ns_lwresd_t **lwresdp) {
 	ns_lwresd_t *lwresd;
-	unsigned int i;
-	ns_lwdclientmgr_t *cm;
+	isc_sockaddr_t localhost;
+	struct in_addr lh_addr;
+	unsigned int i, j;
+	ns_lwdclient_t *client;
 	isc_socket_t *sock;
 	isc_result_t result;
 
-	REQUIRE(view != NULL);
-
 	sock = NULL;
-	result = isc_socket_create(ns_g_socketmgr, isc_sockaddr_pf(address),
-				   isc_sockettype_udp, &sock);
-	if (result != ISC_R_SUCCESS) {
-		isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
-			      NS_LOGMODULE_LWRESD, ISC_LOG_WARNING,
-			      "failed to create socket: %s",
-			      isc_result_totext(result));
-		return (result);
-	}
+	result = isc_socket_create(ns_g_socketmgr, AF_INET, isc_sockettype_udp,
+				   &sock);
+	if (result != ISC_R_SUCCESS)
+		fatal("failed to create socket", result);
 
-	if (isc_sockaddr_getport(address) == 0) {
-		in_port_t port;
-		port = lwresd_g_listenport;
-		if (port == 0)
-			port = LWRES_UDP_PORT;
-		isc_sockaddr_setport(address, port);
-	}
+	lh_addr.s_addr = htonl(INADDR_LOOPBACK);
+	if (ns_g_port != 0)
+		lwres_udp_port = ns_g_port;
+	isc_sockaddr_fromin(&localhost, &lh_addr, lwres_udp_port);
 
-	result = isc_socket_bind(sock, address);
+	result = isc_socket_bind(sock, &localhost);
 	if (result != ISC_R_SUCCESS) {
 		isc_socket_detach(&sock);
-		isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
-			      NS_LOGMODULE_LWRESD, ISC_LOG_WARNING,
-			      "failed to bind socket: %s",
-			      isc_result_totext(result));
-		return (result);
+		fatal("failed to bind lwresd protocol socket", result);
 	}
 
+	ns_os_writepidfile(lwresd_g_defaultpidfile);
+
 	lwresd = isc_mem_get(mctx, sizeof(*lwresd));
-	if (lwresd == NULL) {
-		isc_socket_detach(&sock);
-		isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
-			      NS_LOGMODULE_LWRESD, ISC_LOG_WARNING,
-			      "failed to allocate lwres object");
-		return (ISC_R_NOMEMORY);
-	}
+	if (lwresd == NULL)
+		fatal("allocating lightweight resolver object", ISC_R_NOMEMORY);
 
 	lwresd->mctx = NULL;
 	isc_mem_attach(mctx, &lwresd->mctx);
 
-	RUNTIME_CHECK(isc_mutex_init(&lwresd->lock) == ISC_R_SUCCESS);
-
-	lwresd->shutting_down = ISC_FALSE;
 	lwresd->sock = sock;
+
 	lwresd->view = NULL;
-	ISC_LIST_INIT(lwresd->cmgrs);
-	dns_view_attach(view, &lwresd->view);
-
-	/*
-	 * Create the managers.
-	 */
-	for (i = 0 ; i < NTASKS ; i++)
-		ns_lwdclientmgr_create(lwresd, NRECVS, ns_g_taskmgr);
-
-	/*
-	 * Ensure that we have created at least one.
-	 */
-	INSIST(!ISC_LIST_EMPTY(lwresd->cmgrs));
-
-	/*
-	 * Walk the list of clients and start each one up.
-	 */
-	LOCK(&lwresd->lock);
-	cm = ISC_LIST_HEAD(lwresd->cmgrs);
-	while (cm != NULL) {
-		ns_lwdclient_startrecv(cm);
-		cm = ISC_LIST_NEXT(cm, link);
+	lwresd->dispmgr = NULL;
+	if (view != NULL)
+		dns_view_attach(view, &lwresd->view);
+	else {
+		result = ns_lwresd_createview(lwresd, &lwresd->view);
+		if (result != ISC_R_SUCCESS)
+			fatal("failed to create default view", result);
+	}
+
+	lwresd->task = NULL;
+	result = isc_task_create(ns_g_taskmgr, 0, &lwresd->task);
+	if (result != ISC_R_SUCCESS)
+		fatal("allocating lightweight resolver task", result);
+	isc_task_setname(lwresd->task, "lwresd", lwresd);
+	result = isc_task_onshutdown(lwresd->task, shutdown_lwresd, lwresd);
+	if (result != ISC_R_SUCCESS)
+		fatal("allocating lwresd onshutdown event", result);
+
+	lwresd->cmgr = isc_mem_get(lwresd->mctx,
+				   sizeof(ns_lwdclientmgr_t) * NTASKS);
+	if (lwresd->cmgr == NULL)
+		fatal("allocating lwresd client manager", ISC_R_NOMEMORY);
+
+	/*
+	 * Create one task for each client manager.
+	 */
+	for (i = 0 ; i < NTASKS ; i++) {
+		char name[16];
+		lwresd->cmgr[i].task = NULL;
+		lwresd->cmgr[i].sock = NULL;
+		isc_socket_attach(lwresd->sock, &lwresd->cmgr[i].sock);
+		lwresd->cmgr[i].view = NULL;
+		lwresd->cmgr[i].flags = 0;
+		result = isc_task_create(ns_g_taskmgr, 0,
+					 &lwresd->cmgr[i].task);
+		if (result != ISC_R_SUCCESS)
+			break;
+		result = isc_task_onshutdown(lwresd->cmgr[i].task,
+					     ns_lwdclient_shutdown,
+					     &lwresd->cmgr[i]);
+		if (result != ISC_R_SUCCESS)
+			break;
+		ISC_LIST_INIT(lwresd->cmgr[i].idle);
+		ISC_LIST_INIT(lwresd->cmgr[i].running);
+		snprintf(name, sizeof(name), "lwd client %d", i);
+		isc_task_setname(lwresd->cmgr[i].task, name, &lwresd->cmgr[i]);
+		lwresd->cmgr[i].mctx = lwresd->mctx;
+		lwresd->cmgr[i].lwctx = NULL;
+		result = lwres_context_create(&lwresd->cmgr[i].lwctx,
+					      lwresd->mctx,
+					      mem_alloc, mem_free,
+					      LWRES_CONTEXT_SERVERMODE);
+		if (result != ISC_R_SUCCESS) {
+			isc_task_detach(&lwresd->cmgr[i].task);
+			break;
+		}
+		dns_view_attach(lwresd->view, &lwresd->cmgr[i].view);
+	}
+	INSIST(i > 0);
+	lwresd->ntasks = i;  /* remember how many we managed to create */
+
+	/*
+	 * Now, run through each client manager and populate it with
+	 * client structures.  Do this by creating one receive for each
+	 * task, in a loop, so each task has a chance of getting at least
+	 * one client structure.
+	 */
+	for (i = 0 ; i < NRECVS ; i++) {
+		client = isc_mem_get(lwresd->mctx,
+				     sizeof(ns_lwdclient_t) * lwresd->ntasks);
+		if (client == NULL)
+			break;
+		for (j = 0 ; j < lwresd->ntasks ; j++)
+			ns_lwdclient_initialize(&client[j], &lwresd->cmgr[j]);
+	}
+	INSIST(i > 0);
+
+	/*
+	 * Issue one read request for each task we have.
+	 */
+	for (j = 0 ; j < lwresd->ntasks ; j++) {
+		result = ns_lwdclient_startrecv(&lwresd->cmgr[j]);
+		INSIST(result == ISC_R_SUCCESS);
 	}
-	UNLOCK(&lwresd->lock);
 
 	lwresd->magic = LWRESD_MAGIC;
 	*lwresdp = lwresd;
-
-	return (ISC_R_SUCCESS);
-}
-
-static void
-free_listener(ns_lwreslistener_t **listenerp) {
-	ns_lwreslistener_t *listener = *listenerp;
-
-	if (listener->view != NULL)
-		dns_view_detach(&listener->view);
-	if (listener->manager != NULL)
-		lwresd_shutdown(&listener->manager);
-
-	isc_mem_put(listener->mctx, listener, sizeof(*listener));
-	*listenerp = NULL;
-}
-
-static isc_result_t
-lwres_listen(ns_lwreslistener_t *listener) {
-	isc_result_t result;
-
-	REQUIRE(listener->manager == NULL);
-
-	result = lwresd_create(listener->mctx, listener->view,
-			       &listener->address, &listener->manager);
-
-	return (result);
-}
-
-static void
-update_listener(ns_lwreslistener_t **listenerp, dns_c_lwres_t *lwres,
-		isc_sockaddr_t *address)
-{
-	ns_lwreslistener_t *listener;
-	isc_result_t result;
-	const char *vname;
-	dns_view_t *view;
-
-	for (listener = ISC_LIST_HEAD(listeners);
-	     listener != NULL;
-	     listener = ISC_LIST_NEXT(listener, link))
-	{
-		if (isc_sockaddr_equal(address, &listener->address)) {
-			/*
-			 * There is already a listener for this sockaddr.
-			 * Update the other values.
-			 */
-			if (lwres->view == NULL)
-				vname = "_default";
-			else
-				vname = lwres->view;
-			if (listener->view == NULL ||
-			    strcmp(vname, listener->view->name) != 0)
-			{
-				if (listener->view != NULL)
-					dns_view_detach(&listener->view);
-				view = NULL;
-				result = dns_viewlist_find(
-							&ns_g_server->viewlist,
-							lwres->view,
-							lwres->viewclass,
-							&view);
-				if (result != ISC_R_SUCCESS) {
-					isc_log_write(ns_g_lctx,
-						      NS_LOGCATEGORY_GENERAL,
-						      NS_LOGMODULE_LWRESD,
-						      ISC_LOG_WARNING,
-						      "couldn't find view %s",
-						      lwres->view);
-					return;
-				}
-				dns_view_attach(view, &listener->view);
-				dns_view_detach(&view);
-			}
-			break;
-		}
-
-	}
-
-	*listenerp = listener;
-}
-
-static void
-add_listener(isc_mem_t *mctx, ns_lwreslistener_t **listenerp,
-	     dns_c_lwres_t *lwres, isc_sockaddr_t *address)
-{
-	ns_lwreslistener_t *listener;
-	isc_result_t result = ISC_R_SUCCESS;
-	dns_view_t *view;
-	const char *vname;
-
-	listener = isc_mem_get(mctx, sizeof(ns_lwreslistener_t));
-	if (listener == NULL)
-		result = ISC_R_NOMEMORY;
-
-	if (result == ISC_R_SUCCESS) {
-		listener->mctx = mctx;
-		listener->view = NULL;
-		listener->manager = NULL;
-		listener->address = *address;
-	}
-
-	view = NULL;
-	if (lwres->view == NULL)
-		vname = "_default";
-	else
-		vname = lwres->view;
-	result = dns_viewlist_find(&ns_g_server->viewlist, vname,
-				   lwres->viewclass, &view);
-	if (result != ISC_R_SUCCESS) {
-		isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
-			      NS_LOGMODULE_LWRESD, ISC_LOG_WARNING,
-			      "couldn't find view %s", lwres->view);
-		return;
-	}
-	dns_view_attach(view, &listener->view);
-	dns_view_detach(&view);
-
-	if (result == ISC_R_SUCCESS)
-		result = lwres_listen(listener);
-
-	if (result == ISC_R_SUCCESS) {
-		char socktext[ISC_SOCKADDR_FORMATSIZE];
-		isc_sockaddr_format(address, socktext, sizeof(socktext));
-		isc_log_write(ns_g_lctx, ISC_LOGCATEGORY_GENERAL,
-			      NS_LOGMODULE_LWRESD, ISC_LOG_NOTICE,
-			      "lwres listening on %s", socktext);
-		*listenerp = listener;
-
-	} else {
-		char socktext[ISC_SOCKADDR_FORMATSIZE];
-		if (listener != NULL)
-			free_listener(&listener);
-
-		isc_sockaddr_format(address, socktext, sizeof(socktext));
-		isc_log_write(ns_g_lctx, ISC_LOGCATEGORY_GENERAL,
-			      NS_LOGMODULE_LWRESD, ISC_LOG_WARNING,
-			      "couldn't add lwres channel %s: %s",
-			      socktext, isc_result_totext(result));
-	}
-}
-
-isc_result_t
-ns_lwresd_configure(isc_mem_t *mctx, dns_c_ctx_t *cctx) {
-	dns_c_lwres_t *lwres = NULL;
-	dns_c_lwreslist_t *list = NULL;
-	ns_lwreslistener_t *listener;
-	ns_lwreslistenerlist_t new_listeners;
-	isc_result_t result;
-
-	REQUIRE(mctx != NULL);
-	REQUIRE(cctx != NULL);
-
-	RUNTIME_CHECK(isc_once_do(&once, initialize_mutex) == ISC_R_SUCCESS);
-
-	ISC_LIST_INIT(new_listeners);
-
-	result = dns_c_ctx_getlwres(cctx, &list);
-
-	LOCK(&listeners_lock);
-	/*
-	 * Run through the new lwres address list, noting sockets that
-	 * are already being listened on and moving them to the new list.
-	 *
-	 * Identifying duplicates addr/port combinations is left to either
-	 * the underlying config code, or to the bind attempt getting an
-	 * address-in-use error.
-	 */
-	if (result == ISC_R_SUCCESS) {
-		for (lwres = dns_c_lwreslist_head(list);
-		     lwres != NULL;
-		     lwres = dns_c_lwreslist_next(lwres))
-		{
-			unsigned int i;
-			isc_sockaddr_t *address;
-
-			for (i = 0; i < lwres->listeners->nextidx; i++) {
-				address = &lwres->listeners->ips[i];
-				update_listener(&listener, lwres, address);
-				if (listener != NULL)
-					/*
-					 * Remove the listener from the old
-					 * list, so it won't be shut down.
-					 */
-					ISC_LIST_UNLINK(listeners, listener,
-							link);
-				else
-					/*
-					 * This is a new listener.
-					 */
-					add_listener(mctx, &listener, lwres,
-						     address);
-	
-				if (listener != NULL)
-					ISC_LIST_APPEND(new_listeners,
-							listener, link);
-			}
-		}
-	}
-
-	/*
-	 * Put all of the valid listeners on the listeners list.
-	 * Anything already on listeners in the process of shutting down
-	 * will be taken care of by listen_done().
-	 */
-	ISC_LIST_APPENDLIST(listeners, new_listeners, link);
-
-	UNLOCK(&listeners_lock);
-
-	return (ISC_R_SUCCESS);
-}
-
-static void
-lwresd_shutdown(ns_lwresd_t **lwresdp) {
-	ns_lwdclientmgr_t *cm;
-	ns_lwresd_t *lwresd;
-
-	INSIST(lwresdp != NULL && VALID_LWRESD(*lwresdp));
-
-	lwresd = *lwresdp;
-	*lwresdp = NULL;
-
-	LOCK(&lwresd->lock);
-	lwresd->shutting_down = ISC_TRUE;
-	cm = ISC_LIST_HEAD(lwresd->cmgrs);
-	while (cm != NULL) {
-		isc_task_shutdown(cm->task);
-		cm = ISC_LIST_NEXT(cm, link);
-	}
-	UNLOCK(&lwresd->lock);
-
-	ns__lwresd_destroy(lwresd);
 }
 
 void
-ns_lwresd_shutdown(void) {
-	ns_lwreslistener_t *listener;
+ns_lwresd_destroy(ns_lwresd_t **lwresdp) {
+	ns_lwresd_t *lwresd;
+	ns_lwdclient_t *client;
+	isc_mem_t *mctx;
 
-	RUNTIME_CHECK(isc_once_do(&once, initialize_mutex) == ISC_R_SUCCESS);
+	REQUIRE(lwresdp != NULL);
+	lwresd = *lwresdp;
+	REQUIRE(VALID_LWRESD(lwresd));
 
-	while (!ISC_LIST_EMPTY(listeners)) {
-		listener = ISC_LIST_HEAD(listeners);
-		ISC_LIST_UNLINK(listeners, listener, link);
-		free_listener(&listener);
+	mctx = lwresd->mctx;
+
+	/*
+	 * Free up memory allocated.  This is somewhat magical.  We allocated
+	 * the ns_lwdclient_t's in blocks, but the first task always has the
+	 * first pointer.  Just loop here, freeing them.
+	 */
+	client = ISC_LIST_HEAD(lwresd->cmgr[0].idle);
+	while (client != NULL) {
+		ISC_LIST_UNLINK(lwresd->cmgr[0].idle, client, link);
+		isc_mem_put(mctx, client,
+			    sizeof(ns_lwdclient_t) * lwresd->ntasks);
+		client = ISC_LIST_HEAD(lwresd->cmgr[0].idle);
 	}
+	INSIST(ISC_LIST_EMPTY(lwresd->cmgr[0].running));
+
+	isc_mem_put(mctx, lwresd->cmgr, sizeof(ns_lwdclientmgr_t) * NTASKS);
+	lwresd->magic = 0;
+	isc_mem_put(mctx, lwresd, sizeof(*lwresd));
+	isc_mem_detach(&mctx);
+	*lwresdp = NULL;
 }

bin/named/main.c

@@ -1,25 +1,24 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: main.c,v 1.89 2000/10/13 22:35:43 bwelling Exp $ */
+/* $Id: main.c,v 1.71.2.2 2000/07/11 17:23:02 gson Exp $ */
 
 #include <config.h>
 
-#include <ctype.h>
 #include <stdlib.h>
 #include <string.h>
 
@@ -39,7 +38,7 @@
  * Defining NS_MAIN provides storage declaratons (rather than extern)
  * for variables in named/globals.h.
  */
-#define NS_MAIN 1
+#define NS_MAIN 1		
 
 #include <named/globals.h>	/* Explicit, though named/log.h includes it. */
 #include <named/interfacemgr.h>
@@ -51,8 +50,8 @@
 #include <named/main.h>
 
 static isc_boolean_t	want_stats = ISC_FALSE;
+static isc_boolean_t	lwresd_only = ISC_FALSE;
 static const char *	program_name = "named";
-static char    		saved_command_line[512];
 
 void
 ns_main_earlyfatal(const char *format, ...) {
@@ -97,8 +96,8 @@ assertion_failed(const char *file, int line, isc_assertiontype_t type,
 			      "%s:%d: %s(%s) failed", file, line,
 			      isc_assertion_typetotext(type), cond);
 		isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
-			      NS_LOGMODULE_MAIN, ISC_LOG_CRITICAL,
-			      "exiting (due to assertion failure)");
+			       NS_LOGMODULE_MAIN, ISC_LOG_CRITICAL,
+			       "exiting (due assertion failure)");
 	} else {
 		fprintf(stderr, "%s:%d: %s(%s) failed\n",
 			file, line, isc_assertion_typetotext(type), cond);
@@ -174,117 +173,33 @@ lwresd_usage(void) {
 	fprintf(stderr,
 		"usage: lwresd [-C conffile] [-d debuglevel] "
 		"[-f|-g] [-n number_of_cpus]\n"
-		"              [-p port] [-P listen-port] [-s] "
-		"[-t chrootdir]\n"
-		"              [-u username] [-i pidfile]\n");
+		"              [-p listen-port] [-P query-port] [-s] "
+		"[-t chrootdir] [-u username] [-i pidfile]\n");
 }
 
 static void
 usage(void) {
-	if (ns_g_lwresdonly) {
-		lwresd_usage();
-		return;
-	}
 	fprintf(stderr,
 		"usage: named [-c conffile] [-d debuglevel] "
 		"[-f|-g] [-n number_of_cpus]\n"
 		"             [-p port] [-s] [-t chrootdir] [-u username]\n");
 }
 
-static void
-save_command_line(int argc, char *argv[]) {
-	int i;
-	char *src;
-	char *dst;
-	char *eob;
-	const char truncated[] = "...";
-	isc_boolean_t quoted = ISC_FALSE;
-
-	dst = saved_command_line;
-	eob = saved_command_line + sizeof(saved_command_line);
-
-	for (i = 1; i < argc && dst < eob; i++) {
-		*dst++ = ' ';
-
-		src = argv[i];
-		while (*src != '\0' && dst < eob) {
-			/*
-			 * This won't perfectly produce a shell-independent
-			 * pastable command line in all circumstances, but
-			 * comes close, and for practical purposes will
-			 * nearly always be fine.
-			 */
-			if (quoted || isalnum(*src & 0xff) ||
-			    *src == '-' || *src == '_' ||
-			    *src == '.' || *src == '/') {
-				*dst++ = *src++;
-				quoted = ISC_FALSE;
-			} else {
-				*dst++ = '\\';
-				quoted = ISC_TRUE;
-			}
-		}
-	}
-
-	INSIST(sizeof(saved_command_line) >= sizeof(truncated));
-
-	if (dst == eob)
-		strcpy(eob - sizeof(truncated), truncated);
-	else
-		*dst = '\0';
-}
-
-static int
-parse_int(char *arg, const char *desc) {
-	char *endp;
-	int tmp;
-	long int ltmp;
-
-	ltmp = strtol(arg, &endp, 10);
-	tmp = (int) ltmp;
-	if (*endp != '\0')
-		ns_main_earlyfatal("%s '%s' must be numeric", desc, arg);
-	if (tmp < 0 || tmp != ltmp)
-		ns_main_earlyfatal("%s '%s' out of range", desc, arg);
-	return (tmp);
-}
-
-static void
-parse_command_line(int argc, char *argv[]) {
+static void 
+parse_lwresd_command_line(int argc, char *argv[]) {
 	int ch;
-	int port;
-	char *s;
-
-	save_command_line(argc, argv);
-
-	/*
-	 * See if we should run as lwresd.
-	 */
-	s = strrchr(argv[0], '/');
-	if (s == NULL)
-		s = argv[0];
-	else
-		s++;
-	if (strcmp(s, "lwresd") == 0)
-		ns_g_lwresdonly = ISC_TRUE;
+	unsigned int port;
 
 	isc_commandline_errprint = ISC_FALSE;
 	while ((ch = isc_commandline_parse(argc, argv,
-					   "c:C:d:fgi:ln:N:p:P:st:u:vx:")) !=
+					   "C:d:fgi:n:p:P:st:u:")) !=
 	       -1) {
 		switch (ch) {
-		case 'c':
-			ns_g_conffile = isc_commandline_argument;
+		case 'C':
 			lwresd_g_conffile = isc_commandline_argument;
 			break;
-		/* XXXBEW Should -C be removed? */
-		case 'C':
-			lwresd_g_resolvconffile = isc_commandline_argument;
-			lwresd_g_useresolvconf = ISC_TRUE;
-			break;
 		case 'd':
-			ns_g_debuglevel = parse_int(isc_commandline_argument,
-						    "debug level");
+			ns_g_debuglevel = atoi(isc_commandline_argument);
 			break;
 		case 'f':
 			ns_g_foreground = ISC_TRUE;
@@ -293,34 +208,104 @@ parse_command_line(int argc, char *argv[]) {
 			ns_g_foreground = ISC_TRUE;
 			ns_g_logstderr = ISC_TRUE;
 			break;
-		/* XXXBEW -i should be removed */
 		case 'i':
 			lwresd_g_defaultpidfile = isc_commandline_argument;
 			break;
-		case 'l':
-			ns_g_lwresdonly = ISC_TRUE;
-			break;
-		case 'N': /* Deprecated. */
 		case 'n':
-			ns_g_cpus = parse_int(isc_commandline_argument,
-					      "number of cpus");
+			ns_g_cpus = atoi(isc_commandline_argument);
 			if (ns_g_cpus == 0)
 				ns_g_cpus = 1;
 			break;
 		case 'p':
-			port = parse_int(isc_commandline_argument, "port");
+			port = atoi(isc_commandline_argument);
 			if (port < 1 || port > 65535)
 				ns_main_earlyfatal("port '%s' out of range",
 						   isc_commandline_argument);
 			ns_g_port = port;
 			break;
-		/* XXXBEW Should -P be removed? */
 		case 'P':
-			port = parse_int(isc_commandline_argument, "port");
+			port = atoi(isc_commandline_argument);
 			if (port < 1 || port > 65535)
 				ns_main_earlyfatal("port '%s' out of range",
 						   isc_commandline_argument);
-			lwresd_g_listenport = port;
+			lwresd_g_queryport = port;
+			break;
+		case 's':
+			/* XXXRTH temporary syntax */
+			want_stats = ISC_TRUE;
+			break;
+		case 't':
+			/* XXXJAB should we make a copy? */
+			ns_g_chrootdir = isc_commandline_argument;
+			break;
+		case 'u':
+			ns_g_username = isc_commandline_argument;
+			break;
+		case '?':
+			lwresd_usage();
+			ns_main_earlyfatal("unknown option '-%c'",
+					   isc_commandline_option);
+		default:
+			ns_main_earlyfatal("parsing options returned %d", ch);
+		}
+	}
+
+	argc -= isc_commandline_index;
+	argv += isc_commandline_index;
+
+	if (argc > 0) {
+		lwresd_usage();
+		ns_main_earlyfatal("extra command line arguments");
+	}
+}
+
+static void 
+parse_command_line(int argc, char *argv[]) {
+	int ch;
+	unsigned int port;
+	char *s;
+
+	s = strrchr(argv[0], '/');
+	if (s == NULL)
+		s = argv[0];
+	else
+		s++;
+	if (strcmp(s, "lwresd") == 0) {
+		lwresd_only = ISC_TRUE;
+		parse_lwresd_command_line(argc, argv);
+		return;
+	}
+
+	isc_commandline_errprint = ISC_FALSE;
+	while ((ch = isc_commandline_parse(argc, argv,
+					   "c:d:fgn:N:p:st:u:x:")) !=
+	       -1) {
+		switch (ch) {
+		case 'c':
+			ns_g_conffile = isc_commandline_argument;
+			break;
+		case 'd':
+			ns_g_debuglevel = atoi(isc_commandline_argument);
+			break;
+		case 'f':
+			ns_g_foreground = ISC_TRUE;
+			break;
+		case 'g':
+			ns_g_foreground = ISC_TRUE;
+			ns_g_logstderr = ISC_TRUE;
+			break;
+		case 'N': /* Deprecated. */
+		case 'n':
+			ns_g_cpus = atoi(isc_commandline_argument);
+			if (ns_g_cpus == 0)
+				ns_g_cpus = 1;
+			break;
+		case 'p':
+			port = atoi(isc_commandline_argument);
+			if (port < 1 || port > 65535)
+				ns_main_earlyfatal("port '%s' out of range",
+						   isc_commandline_argument);
+			ns_g_port = port;
 			break;
 		case 's':
 			/* XXXRTH temporary syntax */
@@ -333,9 +318,6 @@ parse_command_line(int argc, char *argv[]) {
 		case 'u':
 			ns_g_username = isc_commandline_argument;
 			break;
-		case 'v':
-			printf("BIND %s\n", ns_g_version);
-			exit(0);
 		case 'x':
 			/* XXXRTH temporary syntax */
 			ns_g_cachefile = isc_commandline_argument;
@@ -364,9 +346,6 @@ create_managers(void) {
 
 	if (ns_g_cpus == 0)
 		ns_g_cpus = isc_os_ncpus();
-	isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER,
-		      ISC_LOG_INFO, "using %u CPU%s",
-		      ns_g_cpus, ns_g_cpus == 1 ? "" : "s");
 	result = isc_taskmgr_create(ns_g_mctx, ns_g_cpus, 0, &ns_g_taskmgr);
 	if (result != ISC_R_SUCCESS) {
 		UNEXPECTED_ERROR(__FILE__, __LINE__,
@@ -399,24 +378,20 @@ create_managers(void) {
 		return (ISC_R_UNEXPECTED);
 	}
 
-#ifdef PATH_RANDOMDEV
-	(void)isc_entropy_createfilesource(ns_g_entropy, PATH_RANDOMDEV);
-#endif
+	(void)isc_entropy_createfilesource(ns_g_entropy, "/dev/random");
 
 	return (ISC_R_SUCCESS);
 }
 
 static void
 destroy_managers(void) {
-	if (!ns_g_lwresdonly)
+	if (!lwresd_only)
 		/*
 		 * The omapi listeners need to be stopped here so that
 		 * isc_taskmgr_destroy() won't block on the omapi task.
 		 */
 		ns_omapi_shutdown(ISC_TRUE);
 
-	ns_lwresd_shutdown();
-
 	isc_entropy_detach(&ns_g_entropy);
 	/*
 	 * isc_taskmgr_destroy() will  block until all tasks have exited,
@@ -465,17 +440,19 @@ setup(void) {
 		ns_os_daemonize();
 
 	isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
-		      ISC_LOG_NOTICE, "starting BIND %s%s", ns_g_version,
-		      saved_command_line);
+		      ISC_LOG_NOTICE, "starting BIND %s", ns_g_version);
 
 	result = create_managers();
 	if (result != ISC_R_SUCCESS)
 		ns_main_earlyfatal("create_managers() failed: %s",
 				   isc_result_totext(result));
 
-	ns_server_create(ns_g_mctx, &ns_g_server);
+	if (lwresd_only)
+		ns_lwresd_create(ns_g_mctx, NULL, &ns_g_lwresd);
+	else
+		ns_server_create(ns_g_mctx, &ns_g_server);
 
-	if (!ns_g_lwresdonly) {
+	if (!lwresd_only) {
 		result = ns_omapi_init();
 		if (result != ISC_R_SUCCESS)
 			ns_main_earlyfatal("ns_omapi_init() failed: %s",
@@ -487,7 +464,10 @@ static void
 cleanup(void) {
 	destroy_managers();
 
-	ns_server_destroy(&ns_g_server);
+	if (lwresd_only)
+		ns_lwresd_destroy(&ns_g_lwresd);
+	else
+		ns_server_destroy(&ns_g_server);
 
 	isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
 		      ISC_LOG_NOTICE, "exiting");
@@ -503,7 +483,7 @@ main(int argc, char *argv[]) {
 	isc_error_setfatal(library_fatal_error);
 	isc_error_setunexpected(library_unexpected_error);
 
-	ns_os_init(program_name);
+	ns_os_init();
 
 	result = isc_app_start();
 	if (result != ISC_R_SUCCESS)
@@ -528,7 +508,7 @@ main(int argc, char *argv[]) {
 	 */
 	do {
 		result = isc_app_run();
-
+		
 		if (result == ISC_R_RELOAD) {
 			ns_server_reloadwanted(ns_g_server);
 		} else if (result != ISC_R_SUCCESS) {

bin/named/named.8

@@ -1,165 +0,0 @@
-.\" Copyright (C) 2000  Internet Software Consortium.
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.\" $Id: named.8,v 1.9 2000/08/30 20:43:27 bwelling Exp $
-.\"
-.Dd Jun 30, 2000
-.Dt NAMED 8
-.Os BIND9 9
-.ds vT BIND9 Programmer's Manual
-.Sh NAME
-.Nm named
-.Nd Internet domain name server
-.Sh SYNOPSIS
-.Nm named
-.Op Fl c Ar config-file
-.Op Fl d Ar debuglevel
-.Op Fl f g s
-.Op Fl n Ar #cpus
-.Op Fl p Ar port#
-.Op Fl t Ar directory
-.Op Fl u Ar user-id
-.Op Fl v
-.Op Fl x Ar cache-file
-.Sh DESCRIPTION
-.Nm named
-is a Domain Name System (DNS) server, part of the BIND 9 distribution
-from ISC.  For more information on the DNS, see RFCs 1033, 1034, and 1035.
-.Pp
-When invoked without arguments,
-.Nm named
-will read the default configuration file
-.Pa /etc/named.conf ,
-read any initial data, and listen for queries.
-.Pp
-The options to
-.Nm named
-are as follows:
-.Bl -tag -width Ds
-.It Fl c
-use
-.Ar config-file
-as the configuration file instead of the default,
-.Pa /etc/named.conf .
-.It Fl d
-set the daemon's debug level to
-.Ar debuglevel .
-Debugging traces from
-.Nm named
-become more verbose as the debug level increases.
-.It Fl f
-run
-.Nm named
-in the foreground.
-.It Fl g
-run
-.Nm named
-in the foreground and force all logging to
-.Dv stderr .
-.It Fl n
-create
-.Ar #cpus
-worker threads to take advantage of multiple CPUs.
-If no option is given,
-.Nm named
-will try to determine the number of CPUs present and create
-one thread per CPU.  If
-.Nm named
-is unable to determine the number of CPUs, a single worker thread
-is created.
-.It Fl p
-listen for queries on  port
-.Ar port#
-instead of the default port number, 53.
-.It Fl s
-write memory usage statistics to
-.Dv stdout
-on exit.
-This option is mainly of interest
-to BIND9 developers and may be removed or changed in a future release.
-.It Fl t
-tells
-.Nm named
-to chroot() to
-.Ar directory
-immediately after reading its config file.
-This should be used in conjunction with the
-.Fl u
-option, as chrooting a process running as root doesn't 
-enhance security on most systems - the way chroot() is defined
-allows a process with root privileges to escape the chroot jail.
-.It Fl u
-run
-.Nm named
-as UID
-.Ar user-id .
-.Nm named
-will change its UID after it has
-carried out any privileged operations, such as
-creating sockets that listen on privileged ports.
-.Pp
-On Linux, 
-.Nm named
-uses the kernel's capability mechanism to drop
-all root privileges except the ability to bind() to a privileged
-port.  Unfortunately, this means that the "-u" option only works 
-when 
-.Nm named
-is run on 2.3.99-pre3 or later kernel, since previous
-kernels did not allow privileges to be retained after setuid().
-.It Fl v
-report the version number and exit.
-.It Fl x
-load data from
-.Ar cache-file .
-into the cache of the default view.
-This option must not be used.
-It is only of interest
-to BIND9 developers and may be removed or changed in a future release.
-.El
-.Sh SIGNALS
-In routine operation, signals should not be used to \*qcontrol\*q the
-name server.
-.Nm rndc
-should be used instead.
-Sending the name server a
-.Dv SIGHUP
-signal forces a reload of the server.
-A
-.Dv SIGINT
-or
-.Dv SIGTERM
-signal can be used to gracefully shut down the server.
-Sending any other signals to the name server
-will have an undefined outcome.
-.\".Sh CONFIGURATION FILE FORMAT
-.\".Nm named 's
-.\"configuration file is too complex to describe in detail here.
-.\"A complete description is provided in the BIND9 Administrator
-.\"Reference Manual.
-.Sh FILES
-.Bl -tag -width  /var/run/named.pid -compact
-.It Pa /etc/named.conf
-default configuration file
-.It Pa /var/run/named.pid
-default process-id file
-.El
-.Sh SEE ALSO
-.Xr RFC1033 ,
-.Xr RFC1034 ,
-.Xr RFC1035 ,
-.Xr rndc 8 ,
-.Xr lwresd 8 ,
-BIND9 Administrator Reference Manual, June 2000.

bin/named/named.conf.test

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: named.conf.test,v 1.5 2000/08/01 01:11:52 tale Exp $ */
+/* $Id: named.conf.test,v 1.3 2000/06/22 21:49:32 tale Exp $ */
 
 options {
 		directory "/var/named";

bin/named/notify.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: notify.c,v 1.20 2000/08/01 01:11:54 tale Exp $ */
+/* $Id: notify.c,v 1.18 2000/06/23 17:26:36 marka Exp $ */
 
 #include <config.h>
 
@@ -32,7 +32,7 @@
 /*
  * This module implements notify as in RFC 1996.
  */
-
+  
 /**************************************************************************/
 
 /*
@@ -145,7 +145,7 @@ ns_notify_start(ns_client_t *client) {
 	dns_name_t *zonename;
 	dns_rdataset_t *zone_rdataset;
 	dns_zone_t *zone = NULL;
-
+	
 	/*
 	 * Interpret the question section.
 	 */
@@ -188,7 +188,7 @@ ns_notify_start(ns_client_t *client) {
 	}
 	dns_zone_detach(&zone);
 	return;
-
+	
  failure:
 	if (zone != NULL)
 		dns_zone_detach(&zone);

bin/named/omapi.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: omapi.c,v 1.22 2000/10/17 19:24:29 bwelling Exp $ */
+/* $Id: omapi.c,v 1.13.2.1 2000/07/11 17:23:04 gson Exp $ */
 
 /*
  * Principal Author: DCL
@@ -23,11 +23,7 @@
 
 #include <config.h>
 
-#include <string.h>
-
-#include <isc/app.h>
 #include <isc/event.h>
-#include <isc/mem.h>
 #include <isc/util.h>
 
 #include <named/log.h>
@@ -64,7 +60,6 @@ control_setvalue(omapi_object_t *handle, omapi_string_t *name,
 {
 	isc_region_t region;
 	isc_result_t result;
-	char *args;
 
 	INSIST(handle == (omapi_object_t *)&control);
 
@@ -79,42 +74,11 @@ control_setvalue(omapi_object_t *handle, omapi_string_t *name,
 	 * Compare the 'name' parameter against all known control commands.
 	 */
 	if (omapi_string_strcmp(name, NS_OMAPI_COMMAND_RELOAD) == 0) {
-		result = ISC_R_SUCCESS;
-		if (value != NULL) {
-			args = omapi_data_strdup(ns_g_mctx, value);
-			if (args == NULL)
-				result = ISC_R_NOMEMORY;
-			else if (strcmp(args, NS_OMAPI_COMMAND_RELOAD) == 0)
-				ns_server_reloadwanted(ns_g_server);
-			/* XXX Can the previous case ever happen??? */
-			else
-				result = ns_server_reloadzone(ns_g_server,
-							      args);
-			if (args != NULL)
-				isc_mem_free(ns_g_mctx, args);
-		} else {
+		if (omapi_data_getint(value) != 0)
 			ns_server_reloadwanted(ns_g_server);
-		}
-	} else if (omapi_string_strcmp(name, NS_OMAPI_COMMAND_REFRESH) == 0) {
-		result = ISC_R_SUCCESS;
-		if (value != NULL) {
-			args = omapi_data_strdup(ns_g_mctx, value);
-			if (args == NULL)
-				result = ISC_R_NOMEMORY;
-			else if (strcmp(args, NS_OMAPI_COMMAND_RELOAD) != 0)
-				result = ns_server_refreshzone(ns_g_server,
-							      args);
-			if (args != NULL)
-				isc_mem_free(ns_g_mctx, args);
-		}
-	} else if (omapi_string_strcmp(name, NS_OMAPI_COMMAND_HALT) == 0) {
-		ns_server_flushonshutdown(ns_g_server, ISC_FALSE);
-		isc_app_shutdown();
-		result = ISC_R_SUCCESS;
-	} else if (omapi_string_strcmp(name, NS_OMAPI_COMMAND_STOP) == 0) {
-		ns_server_flushonshutdown(ns_g_server, ISC_TRUE);
-		isc_app_shutdown();
+
 		result = ISC_R_SUCCESS;
+
 	} else if (omapi_string_strcmp(name,
 				       NS_OMAPI_COMMAND_RELOADCONFIG) == 0 ||
 		   omapi_string_strcmp(name,
@@ -124,6 +88,7 @@ control_setvalue(omapi_object_t *handle, omapi_string_t *name,
 			      "control_setvalue: '%.*s' not yet implemented",
 			      REGION_FMT(&region));
 		result = ISC_R_NOTIMPLEMENTED;
+
 	} else {
 		isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL,
 			      NS_LOGMODULE_OMAPI, ISC_LOG_WARNING,

bin/named/omapiconf.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: omapiconf.c,v 1.12 2000/09/15 03:22:45 tale Exp $ */
+/* $Id: omapiconf.c,v 1.4.2.6 2000/09/15 16:24:12 gson Exp $ */
 
 /*
  * Principal Author: DCL
@@ -279,7 +279,7 @@ register_keys(dns_c_ctrl_t *control, dns_c_kdeflist_t *keydeflist,
 					   keydef->keyid, socktext,
 					   isc_result_totext(result));
 	}
-}
+}		     			 
 
 static void
 update_listener(ns_omapilistener_t **listenerp, dns_c_ctrl_t *control,
@@ -429,7 +429,7 @@ ns_omapi_configure(isc_mem_t *mctx, dns_c_ctx_t *cctx,
 	/*
 	 * Run through the new control channel list, noting sockets that
 	 * are already being listened on and moving them to the new list.
-	 *
+	 *			
 	 * Identifying duplicates addr/port combinations is left to either
 	 * the underlying config code, or to the bind attempt getting an
 	 * address-in-use error.
@@ -483,7 +483,7 @@ ns_omapi_configure(isc_mem_t *mctx, dns_c_ctx_t *cctx,
 				 */
 				add_listener(mctx, &listener, control, cctx,
 					     aclconfctx, socktext);
-
+				
 			if (listener != NULL)
 				ISC_LIST_APPEND(new_listeners, listener, link);
 

bin/named/query.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: query.c,v 1.138 2000/10/17 20:57:22 mws Exp $ */
+/* $Id: query.c,v 1.109.2.11 2000/08/22 01:45:09 bwelling Exp $ */
 
 #include <config.h>
 
@@ -25,7 +25,6 @@
 #include <dns/db.h>
 #include <dns/events.h>
 #include <dns/message.h>
-#include <dns/opt.h>
 #include <dns/rdata.h>
 #include <dns/rdatalist.h>
 #include <dns/rdataset.h>
@@ -54,8 +53,6 @@
 				  NS_QUERYATTR_RECURSING) != 0)
 #define CACHEGLUEOK(c)		(((c)->query.attributes & \
 				  NS_QUERYATTR_CACHEGLUEOK) != 0)
-#define WANTRECURSION(c)	(((c)->query.attributes & \
-				  NS_QUERYATTR_WANTRECURSION) != 0)
 
 #if 0
 #define CTRACE(m)       isc_log_write(ns_g_lctx, \
@@ -76,11 +73,6 @@
 #define DNS_GETDB_NOEXACT 0x01U
 #define DNS_GETDB_NOLOG 0x02U
 
-/*
- * Server-wide counter of queries
- */
-isc_uint64_t            globalcount[DNS_ZONE_COUNTSIZE];
-
 
 static isc_result_t
 query_simplefind(void *arg, dns_name_t *name, dns_rdatatype_t type,
@@ -107,35 +99,6 @@ query_maybeputqname(ns_client_t *client) {
 	}
 }
 
-static isc_uint64_t
-query_getglobals(unsigned int counter) {
-	REQUIRE(counter < DNS_ZONE_COUNTSIZE);
-
-	return(globalcount[counter]);
-}
-
-static void
-query_count(dns_zone_t *zone, isc_boolean_t is_zone,
-	    dns_zonecount_t counter)
-{
-	REQUIRE(counter < DNS_ZONE_COUNTSIZE);
-
-	globalcount[counter]++;
-	if (!is_zone || zone == NULL) {
-	isc_log_write(dns_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_QUERY,
-		      1, "global counter %s set to %ld", 
-		      dns_zonecount_names[counter],
-		      (long)globalcount[counter]);
-		return;
-	}
-	dns_zone_count(zone, counter);
-	isc_log_write(dns_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_QUERY,
-		      1, "zone counter %s set to %ld, global %ld", 
-		      dns_zonecount_names[counter],
-		      (long)dns_zone_getcounts(zone, counter),
-		      (long)globalcount[counter]);
-}
-
 static inline void
 query_reset(ns_client_t *client, isc_boolean_t everything) {
 	isc_buffer_t *dbuf, *dbuf_next;
@@ -151,7 +114,7 @@ query_reset(ns_client_t *client, isc_boolean_t everything) {
 	 */
 	if (client->query.fetch != NULL) {
 		dns_resolver_cancelfetch(client->query.fetch);
-
+					 
 		client->query.fetch = NULL;
 	}
 
@@ -169,9 +132,6 @@ query_reset(ns_client_t *client, isc_boolean_t everything) {
 	}
 	ISC_LIST_INIT(client->query.activeversions);
 
-	if (client->query.authdb != NULL)
-		dns_db_detach(&client->query.authdb);
-
 	/*
 	 * Clean up free versions.
 	 */
@@ -212,7 +172,6 @@ query_reset(ns_client_t *client, isc_boolean_t everything) {
 	client->query.dboptions = 0;
 	client->query.fetchoptions = 0;
 	client->query.gluedb = NULL;
-	client->query.authdb = NULL;
 }
 
 static void
@@ -423,7 +382,7 @@ query_getdbversion(ns_client_t *client) {
 	dbversion = ISC_LIST_HEAD(client->query.freeversions);
 	INSIST(dbversion != NULL);
 	ISC_LIST_UNLINK(client->query.freeversions, dbversion, link);
-
+	
 	return (dbversion);
 }
 
@@ -437,7 +396,6 @@ ns_query_init(ns_client_t *client) {
 	client->query.restarts = 0;
 	client->query.qname = NULL;
 	client->query.fetch = NULL;
-	client->query.authdb = NULL;
 	query_reset(client, ISC_FALSE);
 	result = query_newdbversion(client, 3);
 	if (result != ISC_R_SUCCESS)
@@ -463,8 +421,7 @@ query_findversion(ns_client_t *client, dns_db_t *db,
 	     dbversion = ISC_LIST_NEXT(dbversion, link)) {
 		if (dbversion->db == db)
 			break;
-	}
-
+	}	
 	if (dbversion == NULL) {
 		/*
 		 * This is a new zone for this query.  Add it to
@@ -481,7 +438,7 @@ query_findversion(ns_client_t *client, dns_db_t *db,
 		*newzonep = ISC_TRUE;
 	} else
 		*newzonep = ISC_FALSE;
-
+	
 	return (dbversion);
 }
 
@@ -511,30 +468,9 @@ query_getzonedb(ns_client_t *client, dns_name_t *name, unsigned int options,
 	if (result == ISC_R_SUCCESS || result == DNS_R_PARTIALMATCH)
 		result = dns_zone_getdb(zone, &db);
 
-	if (result != ISC_R_SUCCESS)		
+	if (result != ISC_R_SUCCESS)
 		goto fail;
 
-	/*
-	 * If this is the first time we are called (that is, looking up
-	 * the actual name in the query section) remember this database.
-	 *
-	 * If authdb is non-NULL, we have been here before, and the
-	 * found database is always returned.
-	 *
-	 * This limits our searching to the zone where the first name
-	 * (the query target) is found.  This prevents following CNAMES
-	 * or DNAMES into other zones and prevents returning additional
-	 * data from other zones.
-	 */
-	if (!client->view->additionalfromauth) {
-		if (client->query.authdb != NULL) {
-			if (db != client->query.authdb)
-				goto refuse;
-		} else {
-			dns_db_attach(db, &client->query.authdb);
-		}
-	}
-
 	/*
 	 * If the zone has an ACL, we'll check it, otherwise
 	 * we use the view's "allow-query" ACL.  Each ACL is only checked
@@ -554,6 +490,7 @@ query_getzonedb(ns_client_t *client, dns_name_t *name, unsigned int options,
 		result = DNS_R_SERVFAIL;
 		goto fail;
 	}
+	*versionp = dbversion->version;
 	if (new_zone) {
 		check_acl = ISC_TRUE;
 	} else if (!dbversion->queryok) {
@@ -588,8 +525,7 @@ query_getzonedb(ns_client_t *client, dns_name_t *name, unsigned int options,
 	if (check_acl) {
 		isc_boolean_t log = ISC_TF((options & DNS_GETDB_NOLOG) == 0);
 		result = ns_client_checkacl(client, "query", queryacl,
-					    ISC_TRUE,
-					    log ? ISC_LOG_INFO : ISC_LOG_DEBUG(3));
+					    ISC_TRUE, log);
 
 		if (queryacl == client->view->queryacl) {
 			if (result == ISC_R_SUCCESS) {
@@ -623,7 +559,6 @@ query_getzonedb(ns_client_t *client, dns_name_t *name, unsigned int options,
 	/* Transfer ownership. */
 	*zonep = zone;
 	*dbp = db;
-	*versionp = dbversion->version;
 
 	return (ISC_R_SUCCESS);
 
@@ -678,10 +613,8 @@ query_getcachedb(ns_client_t *client, dns_db_t **dbp, unsigned int options)
 
 	if (check_acl) {
 		isc_boolean_t log = ISC_TF((options & DNS_GETDB_NOLOG) == 0);
-		result = ns_client_checkacl(client, "query",
-					    client->view->queryacl,
-					    ISC_TRUE,
-					    log ? ISC_LOG_INFO : ISC_LOG_DEBUG(3));
+		result = ns_client_checkacl(client, "query", client->view->queryacl,
+					    ISC_TRUE, log);
 		if (result == ISC_R_SUCCESS) {
 			/*
 			 * We were allowed by the default
@@ -725,25 +658,6 @@ query_getdb(ns_client_t *client, dns_name_t *name, unsigned int options,
 {
 	isc_result_t result;
 
-#ifdef DNS_OPT_NEWCODES_LIVE
-	if (client->opt_zone != NULL) {
-		result = query_getzonedb(client, &(client->opt_zone->name),
-					 options, zonep, dbp, versionp);
-		if (result == ISC_R_SUCCESS)
-			*is_zonep = ISC_TRUE;
-		else
-			result = DNS_R_REFUSED;
-	} else {
-		result = query_getzonedb(client, name, options, zonep, dbp,
-					 versionp);
-		if (result == ISC_R_SUCCESS) {
-			*is_zonep = ISC_TRUE;
-		} else if (result == ISC_R_NOTFOUND) {
-			result = query_getcachedb(client, dbp, options);
-			*is_zonep = ISC_FALSE;
-		}
-	}
-#else /* DNS_OPT_NEWCODES_LIVE */
 	result = query_getzonedb(client, name, options, zonep, dbp, versionp);
 	if (result == ISC_R_SUCCESS) {
 		*is_zonep = ISC_TRUE;
@@ -751,7 +665,7 @@ query_getdb(ns_client_t *client, dns_name_t *name, unsigned int options,
 		result = query_getcachedb(client, dbp, options);
 		*is_zonep = ISC_FALSE;
 	}
-#endif /* DNS_OPT_NEWCODES_LIVE */
+
 	return (result);
 }
 
@@ -805,7 +719,6 @@ query_simplefind(void *arg, dns_name_t *name, dns_rdatatype_t type,
 		if (dns_rdataset_isassociated(sigrdataset))
 			dns_rdataset_disassociate(sigrdataset);
 		if (is_zone) {
-			query_count(zone, is_zone, dns_zonecount_delegate);
 			if (USECACHE(client)) {
 				/*
 				 * Either the answer is in the cache, or we
@@ -864,13 +777,6 @@ query_simplefind(void *arg, dns_name_t *name, dns_rdatatype_t type,
 			dns_rdataset_disassociate(sigrdataset);
 		result = ISC_R_NOTFOUND;
 	}
-	/*
-	 * If we get here, the result is ISC_R_SUCCESS, and we found the
-	 * answer we were looking for in the zone.  Update the zone's
-	 * query counter.
-	 */
-	if (result == ISC_R_SUCCESS)
-		query_count(zone, is_zone, dns_zonecount_success);
 
  cleanup:
 	if (dns_rdataset_isassociated(&zrdataset)) {
@@ -1032,7 +938,7 @@ query_addadditional(void *arg, dns_name_t *name, dns_rdatatype_t qtype) {
 		/*
 		 * Most likely the client isn't allowed to query the cache.
 		 */
-		goto try_glue;
+		goto try_glue; 
 
 	result = dns_db_find(db, name, version, type,  client->query.dboptions,
 			     client->now, &node, fname, rdataset,
@@ -1125,7 +1031,7 @@ query_addadditional(void *arg, dns_name_t *name, dns_rdatatype_t qtype) {
 			rdataset = query_newrdataset(client);
 			if (rdataset == NULL)
 				goto addname;
-		}
+		}	
 		if (sigrdataset != NULL) {
 			if (dns_rdataset_isassociated(sigrdataset))
 				dns_rdataset_disassociate(sigrdataset);
@@ -1133,7 +1039,7 @@ query_addadditional(void *arg, dns_name_t *name, dns_rdatatype_t qtype) {
 			sigrdataset = query_newrdataset(client);
 			if (sigrdataset == NULL)
 				goto addname;
-		}
+		}	
 		result = dns_db_findrdataset(db, node, version,
 					     dns_rdatatype_a, 0,
 					     client->now, rdataset,
@@ -1400,10 +1306,10 @@ query_addrdataset(ns_client_t *client, dns_name_t *fname,
 	dns_rdatatype_t type = rdataset->type;
 
 	/*
-	 * Add 'rdataset' and any pertinent additional data to
+	 * Add 'rdataset' and any pertinent additional data to 
 	 * 'fname', a name in the response message for 'client'.
 	 */
-
+	
 	CTRACE("query_addrdataset");
 
 	ISC_LIST_APPEND(fname->list, rdataset, link);
@@ -1514,7 +1420,7 @@ query_addrrset(ns_client_t *client, dns_name_t **namep,
 }
 
 static inline isc_result_t
-query_addsoa(ns_client_t *client, dns_db_t *db, isc_boolean_t zero_ttl) {
+query_addsoa(ns_client_t *client, dns_db_t *db) {
 	dns_name_t *name, *fname;
 	dns_dbnode_t *node;
 	isc_result_t result, eresult;
@@ -1570,11 +1476,6 @@ query_addsoa(ns_client_t *client, dns_db_t *db, isc_boolean_t zero_ttl) {
 		dns_rdataset_current(rdataset, &rdata);
 		dns_rdata_tostruct(&rdata, &soa, NULL);
 
-		if (zero_ttl) {
-			rdataset->ttl = 0;
-			sigrdataset->ttl = 0;
-		}
-
 		/*
 		 * Add the SOA and its SIG to the response, with the
 		 * TTLs adjusted per RFC2308 section 3.
@@ -1873,7 +1774,7 @@ query_addbestns(ns_client_t *client) {
 
 static inline isc_result_t
 query_checktype(dns_rdatatype_t type) {
-
+	
 	/*
 	 * XXXRTH  OPT still needs to be added.
 	 *	   Should get help with this from rdata.c
@@ -1962,9 +1863,9 @@ query_resume(isc_task_t *task, isc_event_t *event) {
 		RWLOCK(&client->lockview->conflock, isc_rwlocktype_read);
 
 		query_find(client, devent);
-
+		
 		RWUNLOCK(&client->lockview->conflock, isc_rwlocktype_read);
-		dns_view_detach(&client->lockview);
+		dns_view_detach(&client->lockview);		
 		dns_zonemgr_unlockconf(ns_g_server->zonemgr,
 				       isc_rwlocktype_read);
 		RWUNLOCK(&ns_g_server->conflock, isc_rwlocktype_read);
@@ -1982,12 +1883,12 @@ query_recurse(ns_client_t *client, dns_rdatatype_t qtype, dns_name_t *qdomain,
 	 * We are about to recurse, which means that this client will
 	 * be unavailable for serving new requests for an indeterminate
 	 * amount of time.  If this client is currently responsible
-	 * for handling incoming queries, set up a new client
+	 * for handling incoming queries, set up a new client 
 	 * object to handle them while we are waiting for a
 	 * response.
 	 */
 	if (! client->mortal) {
-		result = isc_quota_attach(&ns_g_server->recursionquota,
+		result = isc_quota_attach(&ns_g_server->recursionquota, 
 					  &client->recursionquota);
 		if (result == ISC_R_SUCCESS)
 			result = ns_client_replace(client);
@@ -1996,7 +1897,7 @@ query_recurse(ns_client_t *client, dns_rdatatype_t qtype, dns_name_t *qdomain,
 				      NS_LOGMODULE_QUERY, ISC_LOG_WARNING,
 				      "no more recursive clients: %s",
 				      isc_result_totext(result));
-			return (result);
+			return (result); 
 		}
 	}
 
@@ -2034,7 +1935,7 @@ query_recurse(ns_client_t *client, dns_rdatatype_t qtype, dns_name_t *qdomain,
 		query_putrdataset(client, &rdataset);
 		query_putrdataset(client, &sigrdataset);
 	}
-
+	
 	return (result);
 }
 
@@ -2078,7 +1979,7 @@ query_findparentkey(ns_client_t *client, dns_name_t *name,
 		result = ISC_R_FAILURE;
 		goto cleanup;
 	}
-
+		
 	result = dns_db_find(pdb, name, pversion, dns_rdatatype_key,
 			     client->query.dboptions,
 			     client->now, &pnode,
@@ -2145,17 +2046,16 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 	dns_namereln_t namereln;
 	int order;
 	isc_buffer_t *dbuf;
+	isc_region_t r;
 	isc_buffer_t b;
 	isc_result_t result, eresult;
 	dns_fixedname_t fixed;
 	dns_dbversion_t *version;
 	dns_zone_t *zone;
-	dns_rdata_cname_t cname;
-	dns_rdata_dname_t dname;
 
 	CTRACE("query_find");
 
-	/*
+	/*	
 	 * One-time initialization.
 	 *
 	 * It's especially important to initialize anything that the cleanup
@@ -2200,20 +2100,17 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 		 */
 		dbuf = query_getnamebuf(client);
 		if (dbuf == NULL) {
-			query_count(zone, is_zone, dns_zonecount_failure);
 			QUERY_ERROR(DNS_R_SERVFAIL);
 			goto cleanup;
 		}
 		fname = query_newname(client, dbuf, &b);
 		if (fname == NULL) {
-			query_count(zone, is_zone, dns_zonecount_failure);
 			QUERY_ERROR(DNS_R_SERVFAIL);
 			goto cleanup;
 		}
 		tname = dns_fixedname_name(&event->foundname);
 		result = dns_name_concatenate(tname, NULL, fname, NULL);
 		if (result != ISC_R_SUCCESS) {
-			query_count(zone, is_zone, dns_zonecount_failure);
 			QUERY_ERROR(DNS_R_SERVFAIL);
 			goto cleanup;
 		}
@@ -2236,11 +2133,10 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 	result = query_getdb(client, client->query.qname, 0, &zone, &db,
 			     &version, &is_zone);
 	if (result != ISC_R_SUCCESS) {
-		query_count(NULL, ISC_FALSE, dns_zonecount_failure);
 		if (result == DNS_R_REFUSED)
 			QUERY_ERROR(DNS_R_REFUSED);
 		else
-		        QUERY_ERROR(DNS_R_SERVFAIL);
+			QUERY_ERROR(DNS_R_SERVFAIL);
 		goto cleanup;
 	}
 
@@ -2278,7 +2174,6 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 		type = qtype;
 	else {
 		CTRACE("find_query: REFUSED: qcount != 1");
-		query_count(zone, is_zone, dns_zonecount_failure);
 		QUERY_ERROR(DNS_R_REFUSED);
 		goto cleanup;
 	}
@@ -2289,7 +2184,6 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 	result = query_checktype(qtype);
 	if (result != ISC_R_SUCCESS) {
 		CTRACE("find_query: non supported query type");
-		query_count(zone, is_zone, dns_zonecount_failure);
 		QUERY_ERROR(result);
 		goto cleanup;
 	}
@@ -2307,7 +2201,6 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 	 */
 	dbuf = query_getnamebuf(client);
 	if (dbuf == NULL) {
-		query_count(zone, is_zone, dns_zonecount_failure);
 		QUERY_ERROR(DNS_R_SERVFAIL);
 		goto cleanup;
 	}
@@ -2315,7 +2208,6 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 	rdataset = query_newrdataset(client);
 	sigrdataset = query_newrdataset(client);
 	if (fname == NULL || rdataset == NULL || sigrdataset == NULL) {
-		query_count(zone, is_zone, dns_zonecount_failure);
 		QUERY_ERROR(DNS_R_SERVFAIL);
 		goto cleanup;
 	}
@@ -2371,8 +2263,6 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 			result = dns_name_concatenate(client->query.qname,
 						      NULL, fname, NULL);
 			if (result != ISC_R_SUCCESS) {
-				query_count(zone, is_zone,
-					    dns_zonecount_failure);
 				QUERY_ERROR(DNS_R_SERVFAIL);
 				goto cleanup;
 			}
@@ -2390,17 +2280,11 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 	CTRACE("query_find: resume");
 	switch (result) {
 	case ISC_R_SUCCESS:
-			query_count(zone, is_zone, dns_zonecount_success);
 		/*
 		 * This case is handled in the main line below.
 		 */
 		break;
 	case DNS_R_GLUE:
-#ifdef DNS_OPT_NEWCODES_LIVE
-		if (client->opt_zone != NULL)
-			break;
-		/* Fallthrough if we don't have opt_zone */
-#endif /* DNS_OPT_NEWCODES_LIVE */ 
 	case DNS_R_ZONECUT:
 		/*
 		 * These cases are handled in the main line below.
@@ -2409,20 +2293,12 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 		authoritative = ISC_FALSE;
 		break;
 	case ISC_R_NOTFOUND:
-#ifdef DNS_OPT_NEWCODES_LIVE
-		/*
-		 * If we've passed in opt_zone, don't try anything more.
-		 */
-		if (client->opt_zone != NULL)
-			break;
-#endif /* DNS_OPT_NEWCODES_LIVE */
 		/*
 		 * The cache doesn't even have the root NS.  Get them from
 		 * the hints DB.
 		 */
 		INSIST(!is_zone);
 		INSIST(client->view->hints != NULL);
-		query_count(zone, is_zone, dns_zonecount_delegate);
 		if (db != NULL)
 			dns_db_detach(&db);
 		dns_db_attach(client->view->hints, &db);
@@ -2434,7 +2310,6 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 			 * We can't even find the hints for the root
 			 * nameservers!
 			 */
-			query_count(zone, is_zone, dns_zonecount_failure);
 			QUERY_ERROR(DNS_R_SERVFAIL);
 			goto cleanup;
 		}
@@ -2443,14 +2318,6 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 		 */
 		/* FALLTHROUGH */
 	case DNS_R_DELEGATION:
-#ifdef DNS_OPT_NEWCODES_LIVE
-		/*
-		 * If we've passed in opt_zone, don't try anything more.
-		 */
-		if (client->opt_zone != NULL) {
-			break;
-		}
-#endif /* DNS_OPT_NEWCODES_LIVE */
 		authoritative = ISC_FALSE;
 		if (is_zone) {
 			/*
@@ -2534,8 +2401,6 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 				/*
 				 * Recurse!
 				 */
-				query_count(zone, is_zone,
-					    dns_zonecount_recurse);
 				if (type == dns_rdatatype_key)
 					result = query_recurse(client, qtype,
 							       NULL, NULL);
@@ -2545,17 +2410,12 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 				if (result == ISC_R_SUCCESS)
 					client->query.attributes |=
 						NS_QUERYATTR_RECURSING;
-				else {
-					query_count(zone, is_zone,
-						       dns_zonecount_failure);
+				else
 					QUERY_ERROR(DNS_R_SERVFAIL);
-				}
 			} else {
 				/*
 				 * This is the best answer.
 				 */
-				query_count(zone, is_zone,
-					    dns_zonecount_delegate);
 				client->query.gluedb = zdb;
 				client->query.attributes |=
 					NS_QUERYATTR_CACHEGLUEOK;
@@ -2570,7 +2430,6 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 		goto cleanup;
 	case DNS_R_NXRRSET:
 		INSIST(is_zone);
-		query_count(zone, is_zone, dns_zonecount_nxrrset);
 		if (dns_rdataset_isassociated(rdataset)) {
 			/*
 			 * If we've got a NXT record, we need to save the
@@ -2595,9 +2454,8 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 		/*
 		 * Add SOA.
 		 */
-		result = query_addsoa(client, db, ISC_FALSE);
+		result = query_addsoa(client, db);
 		if (result != ISC_R_SUCCESS) {
-			query_count(zone, is_zone, dns_zonecount_failure);
 			QUERY_ERROR(result);
 			goto cleanup;
 		}
@@ -2614,7 +2472,6 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 		goto cleanup;
 	case DNS_R_NXDOMAIN:
 		INSIST(is_zone);
-		query_count(zone, is_zone, dns_zonecount_nxdomain);
 		if (client->query.restarts > 0) {
 			/*
 			 * We hit a dead end following a CNAME or DNAME.
@@ -2643,17 +2500,10 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 			query_releasename(client, &fname);
 		}
 		/*
-		 * Add SOA.  If the query was for a SOA record force the
-		 * ttl to zero so that it is possible for clients to find
-		 * the containing zone of a arbitary name with a stub
-		 * resolver and not have it cached.
+		 * Add SOA.
 		 */
-		if (qtype == dns_rdatatype_soa)
-			result = query_addsoa(client, db, ISC_TRUE);
-		else
-			result = query_addsoa(client, db, ISC_FALSE);
+		result = query_addsoa(client, db);
 		if (result != ISC_R_SUCCESS) {
-			query_count(zone, is_zone, dns_zonecount_failure);
 			QUERY_ERROR(result);
 			goto cleanup;
 		}
@@ -2673,13 +2523,8 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 		client->message->rcode = dns_rcode_nxdomain;
 		goto cleanup;
 	case DNS_R_NCACHENXDOMAIN:
-		INSIST(!is_zone);
-		query_count(NULL, is_zone, dns_zonecount_nxdomain);
-		goto ncachenxrrset;
 	case DNS_R_NCACHENXRRSET:
 		INSIST(!is_zone);
-		query_count(NULL, is_zone, dns_zonecount_nxrrset);
-	ncachenxrrset:
 		authoritative = ISC_FALSE;
 		/*
 		 * Set message rcode, if required.
@@ -2726,12 +2571,10 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 		if (result != ISC_R_SUCCESS)
 			goto cleanup;
 		dns_rdataset_current(trdataset, &rdata);
-		result = dns_rdata_tostruct(&rdata, &cname, NULL);
-		if (result != ISC_R_SUCCESS)
-			goto cleanup;
+		r.base = rdata.data;
+		r.length = rdata.length;
 		dns_name_init(tname, NULL);
-		dns_name_clone(&cname.cname, tname);
-		dns_rdata_freestruct(&cname);
+		dns_name_fromregion(tname, &r);
 		query_maybeputqname(client);
 		client->query.qname = tname;
 		want_restart = ISC_TRUE;
@@ -2772,12 +2615,10 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 		if (result != ISC_R_SUCCESS)
 			goto cleanup;
 		dns_rdataset_current(trdataset, &rdata);
-		result = dns_rdata_tostruct(&rdata, &dname, NULL);
-		if (result != ISC_R_SUCCESS)
-			goto cleanup;
+		r.base = rdata.data;
+		r.length = rdata.length;
 		dns_name_init(tname, NULL);
-		dns_name_clone(&dname.dname, tname);
-		dns_rdata_freestruct(&dname);
+		dns_name_fromregion(tname, &r);
 		/*
 		 * Construct the new qname.
 		 */
@@ -2786,7 +2627,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 		result = dns_name_split(client->query.qname, nlabels, nbits,
 					prefix, NULL);
 		if (result != ISC_R_SUCCESS)
-			goto cleanup;
+			goto cleanup;	
 		INSIST(fname == NULL);
 		dbuf = query_getnamebuf(client);
 		if (dbuf == NULL)
@@ -2838,7 +2679,6 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 		/*
 		 * Something has gone wrong.
 		 */
-		query_count(zone, is_zone, dns_zonecount_failure);
 		QUERY_ERROR(DNS_R_SERVFAIL);
 		goto cleanup;
 	}
@@ -2852,7 +2692,6 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 		rdsiter = NULL;
 		result = dns_db_allrdatasets(db, node, version, 0, &rdsiter);
 		if (result != ISC_R_SUCCESS) {
-			query_count(zone, is_zone, dns_zonecount_failure);
 			QUERY_ERROR(DNS_R_SERVFAIL);
 			goto cleanup;
 		}
@@ -2919,21 +2758,18 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 				/*
 				 * Add SOA.
 				 */
-				result = query_addsoa(client, db, ISC_FALSE);
+				result = query_addsoa(client, db);
 				if (result == ISC_R_SUCCESS)
 					result = ISC_R_NOMORE;
 			} else {
 				/*
 				 * Something went wrong.
 				 */
-				query_count(zone, is_zone,
-					    dns_zonecount_failure);
 				result = DNS_R_SERVFAIL;
 			}
 		}
 		dns_rdatasetiter_destroy(&rdsiter);
 		if (result != ISC_R_NOMORE) {
-			query_count(zone, is_zone, dns_zonecount_failure);
 			QUERY_ERROR(DNS_R_SERVFAIL);
 			goto cleanup;
 		}
@@ -3019,15 +2855,9 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 		goto restart;
 	}
 
-	if (eresult != ISC_R_SUCCESS &&
-	    (!PARTIALANSWER(client) || WANTRECURSION(client))) {
-		/*
-		 * If we don't have any answer to give the client,
-		 * or if the client requested recursion and thus wanted
-		 * the complete answer, send an error response.
-		 */
-		 ns_client_error(client, eresult);
-		 ns_client_detach(&client);
+	if (eresult != ISC_R_SUCCESS && !PARTIALANSWER(client)) {
+		ns_client_error(client, eresult);
+		ns_client_detach(&client);
 	} else if (!RECURSING(client)) {
 		/*
 		 * We are done.  Make a final tweak to the AA bit if the
@@ -3037,9 +2867,9 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 		if (client->message->rcode == dns_rcode_nxdomain &&
 		    client->view->auth_nxdomain == ISC_TRUE)
 			client->message->flags |= DNS_MESSAGEFLAG_AA;
-
+		
 		ns_client_send(client);
-		ns_client_detach(&client);
+		ns_client_detach(&client);		
 	}
 	CTRACE("query_find: done");
 }
@@ -3047,7 +2877,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
 static inline void
 log_query(ns_client_t *client) {
 	isc_buffer_t b;
-	char namebuf[DNS_NAME_FORMATSIZE];
+	char namebuf[1024];
 	char text[256];
 	isc_region_t r;
 	dns_rdataset_t *rdataset;
@@ -3059,7 +2889,7 @@ log_query(ns_client_t *client) {
 	/* XXXRTH  Allow this to be turned off! */
 
 	dns_name_format(client->query.qname, namebuf, sizeof(namebuf));
-
+	
 	isc_buffer_init(&b, (unsigned char *)text, sizeof(text));
 	for (rdataset = ISC_LIST_HEAD(client->query.qname->list);
 	     rdataset != NULL;
@@ -3084,7 +2914,7 @@ ns_query_start(ns_client_t *client) {
 	dns_message_t *message = client->message;
 	dns_rdataset_t *rdataset;
 	ns_client_t *qclient;
-
+	
 	CTRACE("ns_query_start");
 
 	/*
@@ -3092,11 +2922,7 @@ ns_query_start(ns_client_t *client) {
 	 */
 	client->next = query_next;
 
-	if ((message->flags & DNS_MESSAGEFLAG_RD) != 0)
-		client->query.attributes |= NS_QUERYATTR_WANTRECURSION;
-	
-	if ((client->view->cachedb == NULL)
-	    || (!client->view->additionalfromcache)) {
+	if (client->view->cachedb == NULL) {
 		/*
 		 * We don't have a cache.  Turn off cache support and
 		 * recursion.
@@ -3108,7 +2934,7 @@ ns_query_start(ns_client_t *client) {
 		/*
 		 * If the client isn't allowed to recurse (due to
 		 * "recursion no", the allow-recursion ACL, or the
-		 * lack of a resolver in this view), or if it
+		 * lack of a resolver in this view), or if it 
 		 * doesn't want recursion, turn recursion off.
 		 */
 		client->query.attributes &= ~NS_QUERYATTR_RECURSIONOK;
@@ -3141,42 +2967,55 @@ ns_query_start(ns_client_t *client) {
 	log_query(client);
 
 	/*
-	 * Check for multiple question queries, since edns1 is dead.
+	 * Check for illegal meta-classes and meta-types in
+	 * multiple question queries (edns1 section 5.1).
 	 */
 	if (message->counts[DNS_SECTION_QUESTION] > 1) {
-		ns_client_error(client, DNS_R_FORMERR);
-		return;
+		if (dns_rdataclass_ismeta(message->rdclass)) {
+			ns_client_error(client, DNS_R_FORMERR);
+			return;
+		}
+		for (rdataset = ISC_LIST_HEAD(client->query.qname->list);
+		     rdataset != NULL;
+		     rdataset = ISC_LIST_NEXT(rdataset, link)) {
+			if (dns_rdatatype_ismeta(rdataset->type)) {
+				ns_client_error(client, DNS_R_FORMERR);
+				return;
+			}
+		}
 	}
-
+	
 	/*
 	 * Check for meta-queries like IXFR and AXFR.
 	 */
-	rdataset = ISC_LIST_HEAD(client->query.qname->list);
-	INSIST(rdataset != NULL);
-	if (dns_rdatatype_ismeta(rdataset->type)) {
-		switch (rdataset->type) {
-		case dns_rdatatype_any:
-			break; /* Let query_find handle it. */
-		case dns_rdatatype_ixfr:
-		case dns_rdatatype_axfr:
-			ns_xfr_start(client, rdataset->type);
-			return;
-		case dns_rdatatype_maila:
-		case dns_rdatatype_mailb:
-			ns_client_error(client, DNS_R_NOTIMP);
-			return;
-		case dns_rdatatype_tkey:
-			result = dns_tkey_processquery(client->message,
-						ns_g_server->tkeyctx,
-						client->view->dynamickeys);
-			if (result == ISC_R_SUCCESS)
-				ns_client_send(client);
-			else
-				ns_client_error(client, result);
-			return;
-		default: /* TSIG, etc. */
-			ns_client_error(client, DNS_R_FORMERR);
-			return;
+	if (message->counts[DNS_SECTION_QUESTION] == 1) {
+		rdataset = ISC_LIST_HEAD(client->query.qname->list);
+		INSIST(rdataset != NULL);
+		if (dns_rdatatype_ismeta(rdataset->type)) {
+			switch (rdataset->type) {
+			case dns_rdatatype_any:
+				break; /* Let query_find handle it. */
+			case dns_rdatatype_ixfr:
+			case dns_rdatatype_axfr:
+				ns_xfr_start(client, rdataset->type);
+				return;
+			case dns_rdatatype_maila:
+			case dns_rdatatype_mailb:
+				ns_client_error(client, DNS_R_NOTIMP);
+				return;
+			case dns_rdatatype_tkey:
+				result = dns_tkey_processquery(client->message,
+							  ns_g_server->tkeyctx,
+						    client->view->dynamickeys);
+				if (result == ISC_R_SUCCESS)
+					ns_client_send(client);
+				else
+					ns_client_error(client, result);
+				return;
+			default: /* TSIG, etc. */
+				ns_client_error(client, DNS_R_FORMERR);
+				return;
+			}
 		}
 	}
 
@@ -3215,5 +3054,3 @@ ns_query_start(ns_client_t *client) {
 	ns_client_attach(client, &qclient);
 	query_find(qclient, NULL);
 }
-
-

bin/named/tkeyconf.c

@@ -1,111 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/* $Id: tkeyconf.c,v 1.15 2000/10/12 01:08:32 bwelling Exp $ */
-
-#include <config.h>
-
-#include <isc/buffer.h>
-#include <isc/string.h>		/* Required for HP/UX (and others?) */
-#include <isc/mem.h>
-
-#include <dns/fixedname.h>
-#include <dns/keyvalues.h>
-#include <dns/name.h>
-#include <dns/tkey.h>
-#include <dns/tkeyconf.h>
-
-#include <dst/gssapi.h>
-
-#define RETERR(x) do { \
-	result = (x); \
-	if (result != ISC_R_SUCCESS) \
-		goto failure; \
-	} while (0)
-
-
-isc_result_t
-dns_tkeyctx_fromconfig(dns_c_ctx_t *cfg, isc_mem_t *mctx, isc_entropy_t *ectx,
-		       dns_tkeyctx_t **tctxp)
-{
-	isc_result_t result;
-	dns_tkeyctx_t *tctx = NULL;
-	char *s;
-	isc_uint32_t n;
-	dns_fixedname_t fname;
-	dns_name_t *name;
-	isc_buffer_t b;
-
-	result = dns_tkeyctx_create(mctx, ectx, &tctx);
-	if (result != ISC_R_SUCCESS)
-		return (result);
-
-	s = NULL;
-	result = dns_c_ctx_gettkeydhkey(cfg, &s, &n);
-	if (result == ISC_R_SUCCESS) {
-		isc_buffer_init(&b, s, strlen(s));
-		isc_buffer_add(&b, strlen(s));
-		dns_fixedname_init(&fname);
-		name = dns_fixedname_name(&fname);
-		RETERR(dns_name_fromtext(name, &b, dns_rootname,
-					 ISC_FALSE, NULL));
-		RETERR(dst_key_fromfile(name, n, DNS_KEYALG_DH,
-					DST_TYPE_PUBLIC|DST_TYPE_PRIVATE,
-					NULL, mctx, &tctx->dhkey));
-	} else if (result != ISC_R_NOTFOUND)
-		goto failure;
-
-	s = NULL;
-	result = dns_c_ctx_gettkeydomain(cfg, &s);
-	if (result == ISC_R_SUCCESS) {
-		isc_buffer_init(&b, s, strlen(s));
-		isc_buffer_add(&b, strlen(s));
-		dns_fixedname_init(&fname);
-		name = dns_fixedname_name(&fname);
-		RETERR(dns_name_fromtext(name, &b, dns_rootname, ISC_FALSE,
-					 NULL));
-		tctx->domain = isc_mem_get(mctx, sizeof(dns_name_t));
-		if (tctx->domain == NULL) {
-			result = ISC_R_NOMEMORY;
-			goto failure;
-		}
-		dns_name_init(tctx->domain, NULL);
-		RETERR(dns_name_dup(name, mctx, tctx->domain));
-	} else if (result != ISC_R_NOTFOUND)
-		goto failure;
-
-	result = dns_c_ctx_gettkeygsscred(cfg, &s);
-	if (result == ISC_R_SUCCESS) {
-		isc_buffer_init(&b, s, strlen(s));
-		isc_buffer_add(&b, strlen(s));
-		dns_fixedname_init(&fname);
-		name = dns_fixedname_name(&fname);
-		RETERR(dns_name_fromtext(name, &b, dns_rootname, ISC_FALSE,
-					 NULL));
-		RETERR(dst_gssapi_acquirecred(name, ISC_FALSE,
-					      &tctx->gsscred));
-	} else if (result != ISC_R_NOTFOUND)
-		goto failure;
-
-	*tctxp = tctx;
-	return (ISC_R_SUCCESS);
-
- failure:
-	dns_tkeyctx_destroy(&tctx);
-	return (result);
-}
-

bin/named/tsigconf.c

@@ -1,154 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/* $Id: tsigconf.c,v 1.11 2000/08/01 01:23:02 tale Exp $ */
-
-#include <config.h>
-
-#include <isc/base64.h>
-#include <isc/buffer.h>
-#include <isc/mem.h>
-#include <isc/string.h>
-
-#include <dns/tsig.h>
-#include <dns/tsigconf.h>
-
-static isc_result_t
-add_initial_keys(dns_c_kdeflist_t *list, dns_tsig_keyring_t *ring,
-		 isc_mem_t *mctx)
-{
-	dns_c_kdef_t *key;
-	unsigned char *secret = NULL;
-	int secretalloc = 0;
-	int secretlen = 0;
-	isc_result_t ret;
-	isc_stdtime_t now;
-
-	key = ISC_LIST_HEAD(list->keydefs);
-	while (key != NULL) {
-		dns_name_t keyname;
-		dns_name_t *alg, tempalg;
-		char keynamedata[1024], algdata[1024];
-		isc_buffer_t keynamesrc, keynamebuf, algsrc, algbuf;
-		isc_buffer_t secretbuf;
-
-		dns_name_init(&keyname, NULL);
-
-		/*
-		 * Create the key name.
-		 */
-		isc_buffer_init(&keynamesrc, key->keyid, strlen(key->keyid));
-		isc_buffer_add(&keynamesrc, strlen(key->keyid));
-		isc_buffer_init(&keynamebuf, keynamedata, sizeof(keynamedata));
-		ret = dns_name_fromtext(&keyname, &keynamesrc, dns_rootname,
-					ISC_TRUE, &keynamebuf);
-		if (ret != ISC_R_SUCCESS)
-			goto failure;
-
-		/*
-		 * Create the algorithm.
-		 */
-		if (strcasecmp(key->algorithm, "hmac-md5") == 0)
-			alg = dns_tsig_hmacmd5_name;
-		else {
-			dns_name_init(&tempalg, NULL);
-			isc_buffer_init(&algsrc, key->algorithm,
-					strlen(key->algorithm));
-			isc_buffer_add(&algsrc, strlen(key->algorithm));
-			isc_buffer_init(&algbuf, algdata, sizeof(algdata));
-			ret = dns_name_fromtext(&tempalg, &algsrc,
-						dns_rootname,
-						ISC_TRUE, &algbuf);
-			if (ret != ISC_R_SUCCESS)
-				goto failure;
-			alg = &tempalg;
-		}
-
-		if (strlen(key->secret) % 4 != 0) {
-			ret = ISC_R_BADBASE64;
-			goto failure;
-		}
-		secretalloc = secretlen = strlen(key->secret) * 3 / 4;
-		secret = isc_mem_get(mctx, secretlen);
-		if (secret == NULL) {
-			ret = ISC_R_NOMEMORY;
-			goto failure;
-		}
-		isc_buffer_init(&secretbuf, secret, secretlen);
-		ret = isc_base64_decodestring(mctx, key->secret, &secretbuf);
-		if (ret != ISC_R_SUCCESS)
-			goto failure;
-		secretlen = isc_buffer_usedlength(&secretbuf);
-
-		isc_stdtime_get(&now);
-		ret = dns_tsigkey_create(&keyname, alg, secret, secretlen,
-					 ISC_FALSE, NULL, now, now,
-					 mctx, ring, NULL);
-		isc_mem_put(mctx, secret, secretalloc);
-		secret = NULL;
-		if (ret != ISC_R_SUCCESS)
-			goto failure;
-		key = ISC_LIST_NEXT(key, next);
-	}
-	return (ISC_R_SUCCESS);
-
- failure:
-	if (secret != NULL)
-		isc_mem_put(mctx, secret, secretalloc);
-	return (ret);
-
-}
-
-isc_result_t
-dns_tsigkeyring_fromconfig(dns_c_view_t *confview, dns_c_ctx_t *confctx,
-			   isc_mem_t *mctx, dns_tsig_keyring_t **ringp)
-{
-	dns_c_kdeflist_t *keylist;
-	dns_tsig_keyring_t *ring = NULL;
-	isc_result_t result;
-
-	result = dns_tsigkeyring_create(mctx, &ring);
-	if (result != ISC_R_SUCCESS)
-		return (result);
-
-	keylist = NULL;
-	result = dns_c_ctx_getkdeflist(confctx, &keylist);
-	if (result == ISC_R_SUCCESS)
-		result = add_initial_keys(keylist, ring, mctx);
-	else if (result == ISC_R_NOTFOUND)
-		result = ISC_R_SUCCESS;
-	if (result != ISC_R_SUCCESS)
-		goto failure;
-
-	if (confview != NULL) {
-		keylist = NULL;
-		result = dns_c_view_getkeydefs(confview, &keylist);
-		if (result == ISC_R_SUCCESS)
-			result = add_initial_keys(keylist, ring, mctx);
-		else if (result == ISC_R_NOTFOUND)
-			result = ISC_R_SUCCESS;
-		if (result != ISC_R_SUCCESS)
-			goto failure;
-	}
-
-	*ringp = ring;
-	return (ISC_R_SUCCESS);
-
- failure:
-	dns_tsigkeyring_destroy(&ring);
-	return (result);
-}

bin/named/unix/.cvsignore

@@ -1,3 +1 @@
 Makefile
-*.lo
-.libs

bin/named/unix/Makefile.in

@@ -1,19 +1,19 @@
 # Copyright (C) 1999, 2000  Internet Software Consortium.
-#
+# 
 # Permission to use, copy, modify, and distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
 # copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-# INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+# ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+# CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+# DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+# SOFTWARE.
 
-# $Id: Makefile.in,v 1.5 2000/08/01 01:12:20 tale Exp $
+# $Id: Makefile.in,v 1.3 2000/06/22 21:49:56 tale Exp $
 
 srcdir =	@srcdir@
 VPATH =		@srcdir@
@@ -22,9 +22,9 @@ top_srcdir =	@top_srcdir@
 @BIND9_INCLUDES@
 
 CINCLUDES =	-I${srcdir}/include -I${srcdir}/../include \
-		${DNS_INCLUDES} ${ISC_INCLUDES}
+		${DNS_INCLUDES} ${ISC_INCLUDES} 
 
-CDEFINES =
+CDEFINES =	
 CWARNINGS =
 
 OBJS =		os.@O@

bin/named/unix/include/named/os.h

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: os.h,v 1.11 2000/08/01 01:12:23 tale Exp $ */
+/* $Id: os.h,v 1.7.2.1 2000/07/10 22:07:58 gson Exp $ */
 
 #ifndef NS_OS_H
 #define NS_OS_H 1
@@ -23,7 +23,7 @@
 #include <isc/types.h>
 
 void
-ns_os_init(const char *progname);
+ns_os_init(void);
 
 void
 ns_os_daemonize(void);

bin/named/unix/os.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: os.c,v 1.32 2000/08/29 17:54:23 bwelling Exp $ */
+/* $Id: os.c,v 1.18.2.3 2000/08/15 00:20:57 gson Exp $ */
 
 #include <config.h>
 
@@ -37,53 +37,10 @@
 #include <named/os.h>
 
 static char *pidfile = NULL;
-
-/*
- * If there's no <linux/capability.h>, we don't care about <linux/prctl.h>
- */
-#ifndef HAVE_LINUX_CAPABILITY_H
-#undef HAVE_LINUX_PRCTL_H
-#endif
-
-/*
- * Linux defines:
- * 	(T) HAVE_LINUXTHREADS
- * 	(C) HAVE_LINUX_CAPABILITY_H
- * 	(P) HAVE_LINUX_PRCTL_H
- * The possible cases are:
- * 	none:	setuid() normally
- * 	T:	no setuid()
- * 	C:	setuid() normally, drop caps (keep CAP_SETUID)
- * 	T+C:	no setuid(), drop caps (don't keep CAP_SETUID)
- * 	T+C+P:	setuid() early, drop caps (keep CAP_SETUID)
- * 	C+P:	setuid() normally, drop caps (keep CAP_SETUID)
- *	P:	not possible
- *	T+P:	not possible
- *
- * if (C)
- * 	caps = BIND_SERVICE + CHROOT + SETGID
- * 	if ((T && C && P) || !T)
- * 		caps += SETUID
- * 	endif
- * 	capset(caps)
- * endif
- * if (T && C && P && -u)
- * 	setuid()
- * else if (T && -u)
- * 	fail
- * --> start threads
- * if (!T && -u)
- * 	setuid()
- * if (C && (P || !-u))
- * 	caps = BIND_SERVICE
- * 	capset(caps)
- * endif
- *
- * It will be nice when Linux threads work properly with setuid().
- */
-
 #ifdef HAVE_LINUXTHREADS
 static pid_t mainpid = 0;
+static isc_boolean_t non_root_caps = ISC_FALSE;
+static isc_boolean_t non_root = ISC_FALSE;
 #endif
 
 static struct passwd *runas_pw = NULL;
@@ -91,9 +48,6 @@ static isc_boolean_t done_setuid = ISC_FALSE;
 
 #ifdef HAVE_LINUX_CAPABILITY_H
 
-static isc_boolean_t non_root = ISC_FALSE;
-static isc_boolean_t non_root_caps = ISC_FALSE;
-
 /*
  * We define _LINUX_FS_H to prevent it from being included.  We don't need
  * anything from it, and the files it includes cause warnings with 2.2
@@ -165,12 +119,10 @@ linux_initialprivs(void) {
 	 */
 	caps |= (1 << CAP_SYS_CHROOT);
 
-#if defined(HAVE_LINUX_PRCTL_H) || !defined(HAVE_LINUXTHREADS)
+#ifdef HAVE_LINUX_PRCTL_H
 	/*
-	 * We can setuid() only if either the kernel supports keeping
-	 * capabilities after setuid() (which we don't know until we've
-	 * tried) or we're not using threads.  If either of these is
-	 * true, we want the setuid capability.
+	 * If the kernel supports keeping capabilities after setuid(), we
+	 * also want the setuid capability.  We don't know until we've tried.
 	 */
 	caps |= (1 << CAP_SETUID);
 #endif
@@ -230,7 +182,7 @@ linux_keepcaps(void) {
 
 
 static void
-setup_syslog(const char *progname) {
+setup_syslog(void) {
 	int options;
 
 	options = LOG_PID;
@@ -238,12 +190,12 @@ setup_syslog(const char *progname) {
 	options |= LOG_NDELAY;
 #endif
 
-	openlog(progname, options, LOG_DAEMON);
+	openlog("named", options, LOG_DAEMON);
 }
 
 void
-ns_os_init(const char *progname) {
-	setup_syslog(progname);
+ns_os_init(void) {
+	setup_syslog();
 #ifdef HAVE_LINUX_CAPABILITY_H
 	linux_initialprivs();
 #endif
@@ -350,38 +302,29 @@ ns_os_changeuser(void) {
 	done_setuid = ISC_TRUE;
 
 #ifdef HAVE_LINUXTHREADS
-#ifdef HAVE_LINUX_CAPABILITY_H
 	if (!non_root_caps)
-#endif
 		ns_main_earlyfatal(
-		   "-u not supported on Linux kernels older than "
-		   "2.3.99-pre3 when using threads");
-#endif
+		   "-u not supported on Linux kernels older than 2.3.99-pre3");
+#endif	
 
 	if (setgid(runas_pw->pw_gid) < 0)
 		ns_main_earlyfatal("setgid(): %s", strerror(errno));
 
 	if (setuid(runas_pw->pw_uid) < 0)
 		ns_main_earlyfatal("setuid(): %s", strerror(errno));
-
-#if defined(HAVE_LINUX_CAPABILITY_H) && !defined(HAVE_LINUXTHREADS)
-	linux_minprivs();
-#endif
 }
 
 void
 ns_os_minprivs(void) {
+#ifdef HAVE_LINUX_CAPABILITY_H
 #ifdef HAVE_LINUX_PRCTL_H
 	linux_keepcaps();
+	ns_os_changeuser();
 #endif
 
-#ifdef HAVE_LINUXTHREADS
-	ns_os_changeuser(); /* Call setuid() before threads are started */
-#endif
-
-#if defined(HAVE_LINUX_CAPABILITY_H) && defined(HAVE_LINUXTHREADS)
 	linux_minprivs();
-#endif
+
+#endif /* HAVE_LINUX_CAPABILITY_H */
 }
 
 static int

bin/named/xfrout.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: xfrout.c,v 1.76 2000/09/12 18:45:36 explorer Exp $ */
+/* $Id: xfrout.c,v 1.68.2.3 2000/08/22 19:59:44 gson Exp $ */
 
 #include <config.h>
 
@@ -61,11 +61,6 @@
 #define XFROUT_DEBUG_LOGARGS(n) \
 	XFROUT_COMMON_LOGARGS, ISC_LOG_DEBUG(n)
 
-#define XFROUT_RR_LOGARGS \
-	XFROUT_COMMON_LOGARGS, XFROUT_RR_LOGLEVEL
-
-#define XFROUT_RR_LOGLEVEL	ISC_LOG_DEBUG(8)
-
 /*
  * Fail unconditionally and log as a client error.
  * The test against ISC_R_SUCCESS is there to keep the Solaris compiler
@@ -89,9 +84,9 @@
 /**************************************************************************/
 /*
  * A db_rr_iterator_t is an iterator that iterates over an entire database,
- * returning one RR at a time, in some arbitrary order.
+ * returning one RR at a time, in some arbitrary order. 
  */
-
+	
 typedef struct db_rr_iterator db_rr_iterator_t;
 
 struct db_rr_iterator {
@@ -152,21 +147,21 @@ db_rr_iterator_first(db_rr_iterator_t *it) {
 		return (it->result);
 	it->result = dns_dbiterator_current(it->dbit, &it->node,
 				    dns_fixedname_name(&it->fixedname));
-	if (it->result != ISC_R_SUCCESS)
+	if (it->result != ISC_R_SUCCESS) 
 		return (it->result);
 
 	it->result = dns_db_allrdatasets(it->db, it->node,
 					 it->ver, it->now,
 					 &it->rdatasetit);
-	if (it->result != ISC_R_SUCCESS)
+	if (it->result != ISC_R_SUCCESS) 
 		return (it->result);
-
+		
 	it->result = dns_rdatasetiter_first(it->rdatasetit);
-	if (it->result != ISC_R_SUCCESS)
+	if (it->result != ISC_R_SUCCESS) 
 		return (it->result);
 
 	dns_rdatasetiter_current(it->rdatasetit, &it->rdataset);
-
+	
 	it->result = dns_rdataset_first(&it->rdataset);
 	return (it->result);
 }
@@ -214,9 +209,6 @@ db_rr_iterator_next(db_rr_iterator_t *it) {
 		if (it->result != ISC_R_SUCCESS)
 			return (it->result);
 		dns_rdatasetiter_current(it->rdatasetit, &it->rdataset);
-		it->result = dns_rdataset_first(&it->rdataset);
-		if (it->result != ISC_R_SUCCESS)
-			return (it->result);
 	}
 	return (it->result);
 }
@@ -251,8 +243,10 @@ db_rr_iterator_current(db_rr_iterator_t *it, dns_name_t **name,
 static void
 log_rr(dns_name_t *name, dns_rdata_t *rdata, isc_uint32_t ttl) {
 	isc_result_t result;
+
 	isc_buffer_t buf;
 	char mem[2000];
+	isc_region_t r;
 	dns_rdatalist_t rdl;
 	dns_rdataset_t rds;
 
@@ -264,7 +258,7 @@ log_rr(dns_name_t *name, dns_rdata_t *rdata, isc_uint32_t ttl) {
 	dns_rdataset_init(&rds);
 	ISC_LIST_APPEND(rdl.rdata, rdata, link);
 	RUNTIME_CHECK(dns_rdatalist_tordataset(&rdl, &rds) == ISC_R_SUCCESS);
-
+		
 	isc_buffer_init(&buf, mem, sizeof(mem));
 	result = dns_rdataset_totext(&rds, name,
 				     ISC_FALSE, ISC_FALSE, &buf);
@@ -274,18 +268,17 @@ log_rr(dns_name_t *name, dns_rdata_t *rdata, isc_uint32_t ttl) {
 	 * very long lines with a repetitive prefix.
 	 */
 	if (result == ISC_R_SUCCESS) {
-		/*
-		 * Get rid of final newline.
-		 */
+		/* Get rid of final newline. */
 		INSIST(buf.used >= 1 &&
-		       ((char *) buf.base)[buf.used - 1] == '\n');
+		       ((char *) buf.base)[buf.used-1] == '\n');
 		buf.used--;
 		
-		isc_log_write(XFROUT_RR_LOGARGS, "%.*s",
-			      (int)isc_buffer_usedlength(&buf),
-			      (char *)isc_buffer_base(&buf));
+		isc_buffer_usedregion(&buf, &r);
+		isc_log_write(XFROUT_DEBUG_LOGARGS(8),
+			      "%.*s", (int) r.length, (char *) r.base);
 	} else {
-		isc_log_write(XFROUT_RR_LOGARGS, "<RR too large to print>");
+		isc_log_write(XFROUT_DEBUG_LOGARGS(8),
+			      "<RR too large to print>");
 	}
 }
 
@@ -303,7 +296,7 @@ typedef struct rrstream {
 	rrstream_methods_t	*methods;
 } rrstream_t;
 
-struct rrstream_methods {
+struct rrstream_methods {	
 	isc_result_t 		(*first)(rrstream_t *);
 	isc_result_t 		(*next)(rrstream_t *);
 	void			(*current)(rrstream_t *,
@@ -358,7 +351,7 @@ ixfr_rrstream_create(isc_mem_t *mctx,
 	s->common.mctx = mctx;
 	s->common.methods = &ixfr_rrstream_methods;
 	s->journal = NULL;
-
+	
 	CHECK(dns_journal_open(mctx, journal_filename,
 			       ISC_FALSE, &s->journal));
 	CHECK(dns_journal_iter_init(s->journal, begin_serial, end_serial));
@@ -379,7 +372,7 @@ ixfr_rrstream_first(rrstream_t *rs) {
 
 static isc_result_t
 ixfr_rrstream_next(rrstream_t *rs) {
-	ixfr_rrstream_t *s = (ixfr_rrstream_t *) rs;
+	ixfr_rrstream_t *s = (ixfr_rrstream_t *) rs;	
 	return (dns_journal_next_rr(s->journal));
 }
 
@@ -388,7 +381,7 @@ ixfr_rrstream_current(rrstream_t *rs,
 		       dns_name_t **name, isc_uint32_t *ttl,
 		       dns_rdata_t **rdata)
 {
-	ixfr_rrstream_t *s = (ixfr_rrstream_t *) rs;
+	ixfr_rrstream_t *s = (ixfr_rrstream_t *) rs;	
 	dns_journal_current_rr(s->journal, name, ttl, rdata);
 }
 
@@ -403,7 +396,7 @@ ixfr_rrstream_destroy(rrstream_t **rsp) {
 static rrstream_methods_t ixfr_rrstream_methods = {
 	ixfr_rrstream_first,
 	ixfr_rrstream_next,
-	ixfr_rrstream_current,
+	ixfr_rrstream_current,		
 	ixfr_rrstream_destroy
 };
 
@@ -485,7 +478,7 @@ static isc_result_t
 axfr_rrstream_next(rrstream_t *rs) {
 	axfr_rrstream_t *s = (axfr_rrstream_t *) rs;
 	isc_result_t result;
-
+	
 	/* Skip SOA records. */
 	for (;;) {
 		dns_name_t *name_dummy = NULL;
@@ -514,14 +507,14 @@ static void
 axfr_rrstream_destroy(rrstream_t **rsp) {
 	axfr_rrstream_t *s = (axfr_rrstream_t *) *rsp;
 	if (s->it_valid)
-		db_rr_iterator_destroy(&s->it);
+		db_rr_iterator_destroy(&s->it); 
 	isc_mem_put(s->common.mctx, s, sizeof(*s));
 }
 
 static rrstream_methods_t axfr_rrstream_methods = {
 	axfr_rrstream_first,
 	axfr_rrstream_next,
-	axfr_rrstream_current,
+	axfr_rrstream_current,		
 	axfr_rrstream_destroy
 };
 
@@ -559,7 +552,7 @@ soa_rrstream_create(isc_mem_t *mctx, dns_db_t *db, dns_dbversion_t *ver,
 	s->common.mctx = mctx;
 	s->common.methods = &soa_rrstream_methods;
 	s->soa_tuple = NULL;
-
+	
 	CHECK(dns_db_createsoatuple(db, ver, mctx, DNS_DIFFOP_EXISTS,
 				    &s->soa_tuple));
 
@@ -587,7 +580,7 @@ static void
 soa_rrstream_current(rrstream_t *rs, dns_name_t **name, isc_uint32_t *ttl,
 		     dns_rdata_t **rdata)
 {
-	soa_rrstream_t *s = (soa_rrstream_t *) rs;
+	soa_rrstream_t *s = (soa_rrstream_t *) rs;	
 	*name = &s->soa_tuple->name;
 	*ttl = s->soa_tuple->ttl;
 	*rdata = &s->soa_tuple->rdata;
@@ -604,7 +597,7 @@ soa_rrstream_destroy(rrstream_t **rsp) {
 static rrstream_methods_t soa_rrstream_methods = {
 	soa_rrstream_first,
 	soa_rrstream_next,
-	soa_rrstream_current,
+	soa_rrstream_current,		
 	soa_rrstream_destroy
 };
 
@@ -615,7 +608,7 @@ static rrstream_methods_t soa_rrstream_methods = {
  * a concatenated stream consisting of the soa_rrstream, then
  * the data stream, then the soa_rrstream again.
  *
- * The component streams are owned by the compound_rrstream_t
+ * The component streams are owned by the compound_rrstream_t 
  * and are destroyed with it.
  */
 
@@ -689,7 +682,7 @@ compound_rrstream_first(rrstream_t *rs) {
 static isc_result_t
 compound_rrstream_next(rrstream_t *rs) {
 	compound_rrstream_t *s = (compound_rrstream_t *) rs;
-	rrstream_t *curstream = s->components[s->state];
+	rrstream_t *curstream = s->components[s->state];	
 	s->result = curstream->methods->next(curstream);
 	while (s->result == ISC_R_NOMORE) {
 		if (s->state == 2)
@@ -725,7 +718,7 @@ compound_rrstream_destroy(rrstream_t **rsp) {
 static rrstream_methods_t compound_rrstream_methods = {
 	compound_rrstream_first,
 	compound_rrstream_next,
-	compound_rrstream_current,
+	compound_rrstream_current,		
 	compound_rrstream_destroy
 };
 
@@ -815,7 +808,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
 	dns_rdataset_t *soa_rdataset;
 	dns_rdata_t soa_rdata;
 	isc_boolean_t have_soa = ISC_FALSE;
-	const char *mnemonic = NULL;
+	const char *mnemonic = NULL;	
 	isc_mem_t *mctx = client->mctx;
 	dns_message_t *request = client->message;
 	xfrout_ctx_t *xfr = NULL;
@@ -836,7 +829,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
 		INSIST(0);
 		break;
 	}
-
+	
 	ns_client_log(client,
 		      DNS_LOGCATEGORY_XFER_OUT, NS_LOGMODULE_XFER_OUT,
 		      ISC_LOG_DEBUG(6), "%s request", mnemonic);
@@ -881,12 +874,12 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
 	case dns_zone_slave:
 		break;	/* Master and slave zones are OK for transfer. */
 	default:
-		FAILC(DNS_R_NOTAUTH, "non-authoritative zone");
+		FAILC(DNS_R_NOTAUTH, "non-authoritative zone"); 
 	}
 	CHECK(dns_zone_getdb(zone, &db));
 	dns_db_currentversion(db, &ver);
 
-	xfrout_log1(client, question_name, ISC_LOG_DEBUG(6),
+	xfrout_log1(client, question_name, ISC_LOG_DEBUG(6), 
 		    "%s question section OK", mnemonic);
 
 	/*
@@ -906,7 +899,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
 		 */
 		if (! dns_name_equal(soa_name, question_name))
 			continue;
-
+		
 		for (soa_rdataset = ISC_LIST_HEAD(soa_name->list);
 		     soa_rdataset != NULL;
 		     soa_rdataset = ISC_LIST_NEXT(soa_rdataset, link))
@@ -934,35 +927,35 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
 	if (result != ISC_R_NOMORE)
 		CHECK(result);
 
-	xfrout_log1(client, question_name, ISC_LOG_DEBUG(6),
+	xfrout_log1(client, question_name, ISC_LOG_DEBUG(6), 
 		    "%s authority section OK", mnemonic);
 
 	/*
 	 * Decide whether to allow this transfer.
 	 */
 	CHECK(ns_client_checkacl(client, "zone transfer",
-				 dns_zone_getxfracl(zone), ISC_TRUE,
-				 ISC_LOG_ERROR));
+				 dns_zone_getxfracl(zone), ISC_TRUE, ISC_TRUE));
 
 	/*
 	 * AXFR over UDP is not possible.
 	 */
 	if (reqtype == dns_rdatatype_axfr &&
-	    (client->attributes & NS_CLIENTATTR_TCP) == 0)
+	    (client->attributes & NS_CLIENTATTR_TCP) == 0) {
 		FAILC(DNS_R_FORMERR, "attempted AXFR over UDP");
+	}
 
 	/*
 	 * Look up the requesting server in the peer table.
 	 */
 	isc_netaddr_fromsockaddr(&na, &client->peeraddr);
 	(void)dns_peerlist_peerbyaddr(client->view->peers, &na, &peer);
-
+	   
 	/*
 	 * Decide on the transfer format (one-answer or many-answers).
 	 */
 	if (peer != NULL)
 		(void)dns_peer_gettransferformat(peer, &format);
-
+	
 	/*
 	 * Get a dynamically allocated copy of the current SOA.
 	 */
@@ -972,7 +965,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
 	if (reqtype == dns_rdatatype_ixfr) {
 		isc_uint32_t begin_serial, current_serial;
 		isc_boolean_t provide_ixfr;
-
+		
 		/*
 		 * Outgoing IXFR may have been disabled for this peer
 		 * or globally.
@@ -982,7 +975,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
 			(void) dns_peer_getprovideixfr(peer, &provide_ixfr);
 		if (provide_ixfr == ISC_FALSE)
 			goto axfr_fallback;
-
+		
 		if (! have_soa)
 			FAILC(DNS_R_FORMERR,
 			      "IXFR request missing SOA");
@@ -992,13 +985,13 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
 
 		/*
 		 * RFC1995 says "If an IXFR query with the same or
-		 * newer version number than that of the server
-		 * is received, it is replied to with a single SOA
+		 * newer version number than that of the server 
+		 * is received, it is replied to with a single SOA 
 		 * record of the server's current version, just as
 		 * in AXFR".  The claim about AXFR is incorrect,
 		 * but other than that, we do as the RFC says.
 		 *
-		 * Sending a single SOA record is also how we refuse
+		 * Sending a single SOA record is also how we refuse 
 		 * IXFR over UDP (currently, we always do).
 		 */
 		if (DNS_SERIAL_GE(begin_serial, current_serial) ||
@@ -1014,7 +1007,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
 					      &data_stream);
 		if (result == ISC_R_NOTFOUND ||
 		    result == ISC_R_RANGE) {
-			xfrout_log1(client, question_name, ISC_LOG_DEBUG(4),
+			xfrout_log1(client, question_name, ISC_LOG_DEBUG(4), 
 				    "IXFR version not in journal, "
 				    "falling back to AXFR");
 			goto axfr_fallback;
@@ -1041,7 +1034,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
 	 * Create the xfrout context object.  This transfers the ownership
 	 * of "stream", "db", "ver", and "quota" to the xfrout context object.
 	 */
-	CHECK(xfrout_ctx_create(mctx, client, request->id, question_name,
+	CHECK(xfrout_ctx_create(mctx, client, request->id, question_name, 
 				reqtype, db, ver, quota, stream,
 				dns_message_gettsigkey(request),
 				tsigbuf,
@@ -1054,7 +1047,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
 	db = NULL;
 	ver = NULL;
 	quota = NULL;
-
+	
 	CHECK(xfr->stream->methods->first(xfr->stream));
 
 	/*
@@ -1064,7 +1057,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
 	 */
 	sendstream(xfr);
 	xfr = NULL;
-
+	
 	result = ISC_R_SUCCESS;
 
  failure:
@@ -1090,7 +1083,7 @@ ns_xfr_start(ns_client_t *client, dns_rdatatype_t reqtype) {
 	} else if (result != ISC_R_SUCCESS) {
 		ns_client_log(client, DNS_LOGCATEGORY_XFER_OUT,
 			      NS_LOGMODULE_XFER_OUT,
-			      ISC_LOG_DEBUG(3), "zone transfer setup failed");
+			      ISC_LOG_DEBUG(3), "zone transfer setup failed"); 
 		ns_client_error(client, result);
 	}
 }
@@ -1110,7 +1103,7 @@ xfrout_ctx_create(isc_mem_t *mctx, ns_client_t *client, unsigned int id,
 	void *mem;
 	isc_interval_t maxinterval, idleinterval;
 	isc_time_t expires;
-
+	
 	INSIST(xfrp != NULL && *xfrp == NULL);
 	xfr = isc_mem_get(mctx, sizeof(*xfr));
 	if (xfr == NULL)
@@ -1134,7 +1127,7 @@ xfrout_ctx_create(isc_mem_t *mctx, ns_client_t *client, unsigned int id,
 	xfr->many_answers = many_answers,
 	xfr->sends = 0;
 	xfr->shuttingdown = ISC_FALSE;
-
+	
 	/*
 	 * Allocate a temporary buffer for the uncompressed response
 	 * message data.  The size should be no more than 65535 bytes
@@ -1184,10 +1177,10 @@ xfrout_ctx_create(isc_mem_t *mctx, ns_client_t *client, unsigned int id,
 	 */
 	xfr->client->shutdown = xfrout_client_shutdown;
 	xfr->client->shutdown_arg = xfr;
-
+		
 	*xfrp = xfr;
 	return (ISC_R_SUCCESS);
-
+	
 failure:
 	xfrout_ctx_destroy(&xfr);
 	return (result);
@@ -1199,7 +1192,7 @@ failure:
  *
  * Requires:
  *	The stream iterator is initialized and points at an RR,
- *      or possiby at the end of the stream (that is, the
+ *      or possiby at the end of the stream (that is, the 
  *      _first method of the iterator has been called).
  */
 static void
@@ -1216,7 +1209,7 @@ sendstream(xfrout_ctx_t *xfr) {
 	isc_buffer_clear(&xfr->txbuf);
 
 	/*
-	 * Build a response dns_message_t, temporarily storing the raw,
+	 * Build a response dns_message_t, temporarily storing the raw, 
 	 * uncompressed owner names and RR data contiguously in xfr->buf.
 	 * We know that if the uncompressed data fits in xfr->buf,
 	 * the compressed data will surely fit in a TCP message.
@@ -1236,7 +1229,7 @@ sendstream(xfrout_ctx_t *xfr) {
 		isc_buffer_free(&xfr->lasttsig);
 
 	/*
-	 * Include a question section in the first message only.
+	 * Include a question section in the first message only. 
 	 * BIND 8.2.1 will not recognize an IXFR if it does not have a
 	 * question section.
 	 */
@@ -1249,7 +1242,7 @@ sendstream(xfrout_ctx_t *xfr) {
 		 * and 4 bytes of question.
 		 */
 		isc_buffer_add(&xfr->buf, 12 + 4);
-
+		
 		qrdataset = NULL;
 		result = dns_message_gettemprdataset(msg, &qrdataset);
 		if (result != ISC_R_SUCCESS)
@@ -1276,7 +1269,7 @@ sendstream(xfrout_ctx_t *xfr) {
 	}
 	else
 		msg->tcp_continuation = 1;
-
+	
 	/*
 	 * Try to fit in as many RRs as possible, unless "one-answer"
 	 * format has been requested.
@@ -1285,12 +1278,12 @@ sendstream(xfrout_ctx_t *xfr) {
 		dns_name_t *name = NULL;
 		isc_uint32_t ttl;
 		dns_rdata_t *rdata = NULL;
-
+		
 		dns_name_t *msgname = NULL;
 		dns_rdata_t *msgrdata = NULL;
 		dns_rdatalist_t *msgrdl = NULL;
 		dns_rdataset_t *msgrds = NULL;
-
+		
 		unsigned int size;
 		isc_region_t r;
 
@@ -1300,19 +1293,19 @@ sendstream(xfrout_ctx_t *xfr) {
 		isc_buffer_availableregion(&xfr->buf, &r);
 		if (size >= r.length) {
 			/*
-			 * RR would not fit.  If there are other RRs in the
-			 * buffer, send them now and leave this RR to the
+			 * RR would not fit.  If there are other RRs in the 
+			 * buffer, send them now and leave this RR to the 
 			 * next message.  If this RR overflows the buffer
 			 * all by itself, fail.
 			 *
-			 * In theory some RRs might fit in a TCP message
+			 * In theory some RRs might fit in a TCP message 
 			 * when compressed even if they do not fit when
 			 * uncompressed, but surely we don't want
 			 * to send such monstrosities to an unsuspecting
 			 * slave.
 			 */
 			if (n_rrs == 0) {
-				xfrout_log(xfr, ISC_LOG_WARNING,
+				xfrout_log(xfr, ISC_LOG_WARNING, 
 					   "RR too large for zone transfer "
 					   "(%d bytes)", size);
 				/* XXX DNS_R_RRTOOLARGE? */
@@ -1322,9 +1315,9 @@ sendstream(xfrout_ctx_t *xfr) {
 			break;
 		}
 
-		if (isc_log_wouldlog(ns_g_lctx, XFROUT_RR_LOGLEVEL))
-			log_rr(name, rdata, ttl); /* XXX */
-
+		if (isc_log_wouldlog(ns_g_lctx, ISC_LOG_DEBUG(8)))
+			log_rr(name, rdata, ttl);
+		
 		dns_message_gettempname(msg, &msgname);
 		dns_name_init(msgname, NULL);
 		isc_buffer_availableregion(&xfr->buf, &r);
@@ -1335,7 +1328,7 @@ sendstream(xfrout_ctx_t *xfr) {
 
 		/* Reserve space for RR header. */
 		isc_buffer_add(&xfr->buf, 10);
-
+		
 		dns_message_gettemprdata(msg, &msgrdata);
 		isc_buffer_availableregion(&xfr->buf, &r);
 		r.length = rdata->length;
@@ -1377,12 +1370,12 @@ sendstream(xfrout_ctx_t *xfr) {
 		CHECK(dns_message_rendersection(msg, DNS_SECTION_QUESTION, 0));
 		CHECK(dns_message_rendersection(msg, DNS_SECTION_ANSWER, 0));
 		CHECK(dns_message_renderend(msg));
-
+		
 		isc_buffer_usedregion(&xfr->txbuf, &used);
 		isc_buffer_putuint16(&xfr->txlenbuf, used.length);
 		region.base = xfr->txlenbuf.base;
 		region.length = 2 + used.length;
-		xfrout_log(xfr, ISC_LOG_DEBUG(8),
+		xfrout_log(xfr, ISC_LOG_DEBUG(8), 
 			   "sending TCP message of %d bytes",
 			   used.length);
 		CHECK(isc_socket_send(xfr->client->tcpsocket, /* XXX */
@@ -1438,8 +1431,8 @@ xfrout_ctx_destroy(xfrout_ctx_t **xfrp) {
 	if (xfr->lasttsig != NULL)
 		isc_buffer_free(&xfr->lasttsig);
 	if (xfr->quota != NULL)
-		isc_quota_detach(&xfr->quota);
-	if (xfr->ver != NULL)
+		isc_quota_detach(&xfr->quota);		
+	if (xfr->ver != NULL) 
 		dns_db_closeversion(xfr->db, &xfr->ver, ISC_FALSE);
 	if (xfr->db != NULL)
 		dns_db_detach(&xfr->db);
@@ -1453,7 +1446,7 @@ xfrout_ctx_destroy(xfrout_ctx_t **xfrp) {
 
 static void
 xfrout_senddone(isc_task_t *task, isc_event_t *event) {
-	isc_socketevent_t *sev = (isc_socketevent_t *)event;
+	isc_socketevent_t *sev = (isc_socketevent_t *)event;	
 	xfrout_ctx_t *xfr = (xfrout_ctx_t *)event->ev_arg;
 	isc_result_t evresult = sev->result;
 
@@ -1513,14 +1506,14 @@ xfrout_client_shutdown(void *arg, isc_result_t result) {
 
 /*
  * Log outgoing zone transfer messages in a format like
- * <client>: transfer of <zone>: <message>
+ * <client>: transfer of <zone>: <message> 
  */
 static void
 xfrout_logv(ns_client_t *client, dns_name_t *zonename, int level,
 	    const char *fmt, va_list ap)
 {
 	char msgbuf[2048];
-	char namebuf[DNS_NAME_FORMATSIZE];
+	char namebuf[1024];
 
 	dns_name_format(zonename, namebuf, sizeof(namebuf));
 	vsnprintf(msgbuf, sizeof(msgbuf), fmt, ap);

bin/named/zoneconf.c

@@ -1,502 +0,0 @@
-/*
- * Copyright (C) 1999, 2000  Internet Software Consortium.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/* $Id: zoneconf.c,v 1.63 2000/10/17 07:22:35 marka Exp $ */
-
-#include <config.h>
-
-#include <isc/mem.h>
-#include <isc/string.h>		/* Required for HP/UX (and others?) */
-#include <isc/util.h>
-
-#include <dns/acl.h>
-#include <dns/ssu.h>
-#include <dns/zone.h>
-#include <dns/zoneconf.h>
-
-/*
- * These are BIND9 server defaults, not necessarily identical to the
- * library defaults defined in zone.c.
- */
-#define MAX_XFER_TIME (2*3600)	/* Documented default is 2 hours. */
-#define DNS_DEFAULT_IDLEIN 3600		/* 1 hour */
-#define DNS_DEFAULT_IDLEOUT 3600	/* 1 hour */
-
-#define RETERR(x) do { \
-	isc_result_t _r = (x); \
-	if (_r != ISC_R_SUCCESS) \
-		return (_r); \
-	} while (0)
-
-/*
- * Convenience function for configuring a single zone ACL.
- */
-static isc_result_t
-configure_zone_acl(dns_c_zone_t *czone, dns_c_ctx_t *cctx, dns_c_view_t *cview,
-		   dns_aclconfctx_t *aclconfctx, dns_zone_t *zone,
-		   isc_result_t (*getcacl)(dns_c_zone_t *,
-					   dns_c_ipmatchlist_t **),
-		   isc_result_t (*getviewcacl)(dns_c_view_t *
-					       , dns_c_ipmatchlist_t **),
-		   isc_result_t (*getglobalcacl)(dns_c_ctx_t *,
-						 dns_c_ipmatchlist_t **),
-		   void (*setzacl)(dns_zone_t *, dns_acl_t *),
-		   void (*clearzacl)(dns_zone_t *))
-{
-	isc_result_t result;
-	dns_c_ipmatchlist_t *cacl;
-	dns_acl_t *dacl = NULL;
-	result = (*getcacl)(czone, &cacl);
-	if (result == ISC_R_NOTFOUND && getviewcacl != NULL && cview != NULL) {
-		result = (*getviewcacl)(cview, &cacl);
-	}
-	if (result == ISC_R_NOTFOUND && getglobalcacl != NULL) {
-		result = (*getglobalcacl)(cctx, &cacl);
-	}
-	if (result == ISC_R_SUCCESS) {
-		result = dns_acl_fromconfig(cacl, cctx, aclconfctx,
-					   dns_zone_getmctx(zone), &dacl);
-		dns_c_ipmatchlist_detach(&cacl);
-		if (result != ISC_R_SUCCESS)
-			return (result);
-		(*setzacl)(zone, dacl);
-		dns_acl_detach(&dacl);
-		return (ISC_R_SUCCESS);
-	} else if (result == ISC_R_NOTFOUND) {
-		(*clearzacl)(zone);
-		return (ISC_R_SUCCESS);
-	} else {
-		return (result);
-	}
-}
-
-/*
- * Conver a config file zone type into a server zone type.
- */
-static dns_zonetype_t
-dns_zonetype_fromconf(dns_c_zonetype_t cztype) {
-	switch (cztype) {
-	case dns_c_zone_master:
-		return dns_zone_master;
-	case dns_c_zone_slave:
-		return dns_zone_slave;
-	case dns_c_zone_stub:
-		return dns_zone_stub;
-	default:
-		/*
-		 * Hint and forward zones are not really zones;
-		 * they should never get this far.
-		 */
-		INSIST(0);
-		return (dns_zone_none); /*NOTREACHED*/
-	}
-}
-
-/*
- * Helper function for strtoargv().  Pardon the gratuitous recursion.
- */
-static isc_result_t
-strtoargvsub(isc_mem_t *mctx, char *s, unsigned int *argcp,
-	     char ***argvp, unsigned int n)
-{
-	isc_result_t result;
-	
-	/* Discard leading whitespace. */
-	while (*s == ' ' || *s == '\t')
-		s++;
-	
-	if (*s == '\0') {
-		/* We have reached the end of the string. */
-		*argcp = n;
-		*argvp = isc_mem_get(mctx, n * sizeof(char *));
-		if (*argvp == NULL)
-			return (ISC_R_NOMEMORY);
-	} else {
-		char *p = s;
-		while (*p != ' ' && *p != '\t' && *p != '\0')
-			p++;
-		if (*p != '\0')
-			*p++ = '\0';
-
-		result = strtoargvsub(mctx, p, argcp, argvp, n + 1);
-		if (result != ISC_R_SUCCESS)
-			return (result);
-		(*argvp)[n] = s;
-	}
-	return (ISC_R_SUCCESS);
-}
-
-/*
- * Tokenize the string "s" into whitespace-separated words,
- * return the number of words in '*argcp' and an array
- * of pointers to the words in '*argvp'.  The caller
- * must free the array using isc_mem_put().  The string
- * is modified in-place.
- */
-static isc_result_t
-strtoargv(isc_mem_t *mctx, char *s, unsigned int *argcp, char ***argvp) {
-	return (strtoargvsub(mctx, s, argcp, argvp, 0));
-}
-
-isc_result_t
-dns_zone_configure(dns_c_ctx_t *cctx, dns_c_view_t *cview,
-		   dns_c_zone_t *czone, dns_aclconfctx_t *ac,
-		   dns_zone_t *zone)
-{
-	isc_result_t result;
-	isc_boolean_t boolean;
-	const char *filename = NULL;
-	dns_notifytype_t notifytype;
-#ifdef notyet
-	dns_c_severity_t severity;
-#endif
-	dns_c_iplist_t *iplist;
-	isc_sockaddr_t sockaddr;
-	isc_uint32_t uintval;
-	isc_sockaddr_t sockaddr_any4, sockaddr_any6;
-	dns_ssutable_t *ssutable = NULL;
-	char *cpval;
-	unsigned int dbargc;
-	char **dbargv;
-	static char default_dbtype[] = "rbt";
-	isc_mem_t *mctx = dns_zone_getmctx(zone);
-
-	isc_sockaddr_any(&sockaddr_any4);
-	isc_sockaddr_any6(&sockaddr_any6);
-
-	/*
-	 * Configure values common to all zone types.
-	 */
-
-	dns_zone_setclass(zone, czone->zclass);
-
-	dns_zone_settype(zone, dns_zonetype_fromconf(czone->ztype));
-
-	cpval = NULL;
-	result = dns_c_zone_getdatabase(czone, &cpval);
-#ifdef notyet
-	if (result != ISC_R_SUCCESS && cview != NULL)
-		result = dns_c_view_getdatabase(cview, &cpval);
-	if (result != ISC_R_SUCCESS)
-		result = dns_c_ctx_getdatabase(cview, &cpval);
-#endif
-	if (result != ISC_R_SUCCESS)
-		cpval = default_dbtype;
-	RETERR(strtoargv(mctx, cpval, &dbargc, &dbargv));
-	/*
-	 * ANSI C is strange here.  There is no logical reason why (char **)
-	 * cannot be promoted automatically to (const char * const *) by the
-	 * compiler w/o generating a warning.
-	 */
-	RETERR(dns_zone_setdbtype(zone, dbargc, (const char * const *)dbargv));
-	isc_mem_put(mctx, dbargv, dbargc * sizeof(*dbargv));
-
-	result = dns_c_zone_getfile(czone, &filename);
-	if (result == ISC_R_SUCCESS)
-		RETERR(dns_zone_setdatabase(zone, filename));
-	else if (czone->ztype != dns_c_zone_slave &&
-		 czone->ztype != dns_c_zone_stub)
-		return (result);
-
-#ifdef notyet
-	result = dns_c_zone_getchecknames(czone, &severity);
-	if (result == ISC_R_SUCCESS)
-		dns_zone_setchecknames(zone, severity);
-	else
-		dns_zone_setchecknames(zone, dns_c_severity_warn);
-#endif
-
-#ifndef NOMINUM_PUBLIC
-	if (czone->ztype == dns_c_zone_slave)
-		RETERR(configure_zone_acl(czone, cctx, cview, ac, zone,
-					  dns_c_zone_getallownotify,
-					  dns_c_view_getallownotify,
-					  dns_c_ctx_getallownotify,
-					  dns_zone_setnotifyacl,
-					  dns_zone_clearnotifyacl));
-#endif /* NOMINUM_PUBLIC */
-	/*
-	 * XXXAG This probably does not make sense for stubs.
-	 */
-	RETERR(configure_zone_acl(czone, cctx, cview, ac, zone,
-				  dns_c_zone_getallowquery,
-				  dns_c_view_getallowquery,
-				  dns_c_ctx_getallowquery,
-				  dns_zone_setqueryacl,
-				  dns_zone_clearqueryacl));
-
-	if (czone->ztype != dns_c_zone_hint) {
-		result = dns_c_zone_getdialup(czone, &boolean);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getdialup(cctx, &boolean);
-		if (result != ISC_R_SUCCESS)
-			boolean = ISC_FALSE;
-		dns_zone_setoption(zone, DNS_ZONEOPT_DIALUP, boolean);
-	} 
-
-#ifndef NOMINUM_PUBLIC
-	if (czone->ztype != dns_c_zone_stub) {
-		result = dns_c_zone_getmaxnames(czone, &uintval);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getmaxnames(cview, &uintval);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getmaxnames(cctx, &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = 0;
-		dns_zone_setmaxnames(zone, uintval);
-	}
-
-	if (czone->ztype == dns_c_zone_slave) {
-		result = dns_c_zone_getnotifyforward(czone, &boolean);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getnotifyforward(cview, &boolean);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getnotifyforward(cctx, &boolean);
-		if (result != ISC_R_SUCCESS)
-			boolean = ISC_FALSE;
-		dns_zone_setoption(zone, DNS_ZONEOPT_NOTIFYFORWARD, boolean);
-	}
-#endif /* NOMINUM_PUBLIC */
-
-	/*
-	 * Configure master functionality.  This applies
-	 * to primary masters (type "master") and slaves
-	 * acting as masters (type "slave"), but not to stubs.
-	 */
-	if (czone->ztype != dns_c_zone_stub) {
-		result = dns_c_zone_getnotify(czone, &notifytype);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getnotify(cview, &notifytype);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getnotify(cctx, &notifytype);
-		if (result != ISC_R_SUCCESS)
-			notifytype = dns_notifytype_yes;
-		dns_zone_setnotifytype(zone, notifytype);
-
-		iplist = NULL;
-		result = dns_c_zone_getalsonotify(czone, &iplist);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getalsonotify(cview, &iplist);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getalsonotify(cctx, &iplist);
-		if (result == ISC_R_SUCCESS) {
-			result = dns_zone_setalsonotify(zone, iplist->ips,
-						        iplist->nextidx);
-			dns_c_iplist_detach(&iplist);
-			if (result != ISC_R_SUCCESS)
-				return (result);
-
-		} else
-			RETERR(dns_zone_setalsonotify(zone, NULL, 0));
-
-		RETERR(configure_zone_acl(czone, cctx, cview, ac, zone,
-					  dns_c_zone_getallowtransfer,
-					  dns_c_view_gettransferacl,
-					  dns_c_ctx_getallowtransfer,
-					  dns_zone_setxfracl,
-					  dns_zone_clearxfracl));
-
-		result = dns_c_zone_getmaxtranstimeout(czone, &uintval);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getmaxtransfertimeout(cview,
-								  &uintval);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getmaxtransfertimeout(cctx,
-								 &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = MAX_XFER_TIME;
-		dns_zone_setmaxxfrout(zone, uintval);
-
-		result = dns_c_zone_getmaxtransidleout(czone, &uintval);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getmaxtransferidleout(cview,
-								  &uintval);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getmaxtransferidleout(cctx,
-								 &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = DNS_DEFAULT_IDLEOUT;
-		dns_zone_setidleout(zone, uintval);
-	}
-
-	/*
-	 * Configure update-related options.  These apply to
-	 * primary masters only.
-	 */
-	if (czone->ztype == dns_c_zone_master) {
-		RETERR(configure_zone_acl(czone, cctx, NULL, ac, zone,
-					  dns_c_zone_getallowupd,
-					  NULL, NULL,
-					  dns_zone_setupdateacl,
-					  dns_zone_clearupdateacl));
-
-		result = dns_c_zone_getssuauth(czone, &ssutable);
-		if (result == ISC_R_SUCCESS)
-			dns_zone_setssutable(zone, ssutable);
-
-		result = dns_c_zone_getsigvalidityinterval(czone, &uintval);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getsigvalidityinterval(cview,
-								  &uintval);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getsigvalidityinterval(cctx,
-								 &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = 30 * 24 * 3600;
-		dns_zone_setsigvalidityinterval(zone, uintval);
-	}
-
-	/*
-	 * Configure slave functionality.
-	 */
-	switch (czone->ztype) {
-	case dns_c_zone_slave:
-	case dns_c_zone_stub:
-		iplist = NULL;
-		result = dns_c_zone_getmasterips(czone, &iplist);
-		if (result == ISC_R_SUCCESS)
-#ifndef NOMINUM_PUBLIC
-			result = dns_zone_setmasterswithkeys(zone,
-							     iplist->ips,
-							     iplist->keys,
-							     iplist->nextidx);
-#else /* NOMINUM_PUBLIC */
-			result = dns_zone_setmasters(zone, iplist->ips,
-						     iplist->nextidx);
-#endif /* NOMINUM_PUBLIC */
-		else
-			result = dns_zone_setmasters(zone, NULL, 0);
-		RETERR(result);
-
-		result = dns_c_zone_getmaxtranstimein(czone, &uintval);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getmaxtransfertimein(cctx,
-								&uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = MAX_XFER_TIME;
-		dns_zone_setmaxxfrin(zone, uintval);
-
-		result = dns_c_zone_getmaxtransidlein(czone, &uintval);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getmaxtransferidlein(cctx,
-								&uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = DNS_DEFAULT_IDLEIN;
-		dns_zone_setidlein(zone, uintval);
-
-		result = dns_c_zone_gettransfersource(czone, &sockaddr);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_gettransfersource(cview,
-							      &sockaddr);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_gettransfersource(cctx, &sockaddr);
-		if (result != ISC_R_SUCCESS)
-			sockaddr = sockaddr_any4;
-		dns_zone_setxfrsource4(zone, &sockaddr);
-
-		result = dns_c_zone_gettransfersourcev6(czone, &sockaddr);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_gettransfersourcev6(cview,
-								&sockaddr);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_gettransfersourcev6(cctx,
-							       &sockaddr);
-		if (result != ISC_R_SUCCESS)
-			sockaddr = sockaddr_any6;
-		dns_zone_setxfrsource6(zone, &sockaddr);
-
-		result = dns_c_zone_getmaxrefreshtime(czone, &uintval);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getmaxrefreshtime(cview, &uintval);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getmaxrefreshtime(cctx, &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = DNS_ZONE_MAXREFRESH;
-		dns_zone_setmaxrefreshtime(zone, uintval);
-
-		result = dns_c_zone_getminrefreshtime(czone, &uintval);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getminrefreshtime(cview, &uintval);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getminrefreshtime(cctx, &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = DNS_ZONE_MINREFRESH;
-		dns_zone_setminrefreshtime(zone, uintval);
-
-		result = dns_c_zone_getmaxretrytime(czone, &uintval);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getmaxretrytime(cview, &uintval);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getmaxretrytime(cctx, &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = DNS_ZONE_MAXRETRY;
-		dns_zone_setmaxretrytime(zone, uintval);
-
-		result = dns_c_zone_getminretrytime(czone, &uintval);
-		if (result != ISC_R_SUCCESS && cview != NULL)
-			result = dns_c_view_getminretrytime(cview, &uintval);
-		if (result != ISC_R_SUCCESS)
-			result = dns_c_ctx_getminretrytime(cctx, &uintval);
-		if (result != ISC_R_SUCCESS)
-			uintval = DNS_ZONE_MINRETRY;
-		dns_zone_setminretrytime(zone, uintval);
-
-		break;
-
-	default:
-		break;
-	}
-
-	return (ISC_R_SUCCESS);
-}
-
-isc_boolean_t
-dns_zone_reusable(dns_zone_t *zone, dns_c_zone_t *czone) {
-	const char *cfilename;
-	const char *zfilename;
-
-	if (dns_zonetype_fromconf(czone->ztype) != dns_zone_gettype(zone))
-		return (ISC_FALSE);
-
-	cfilename = NULL;
-	(void) dns_c_zone_getfile(czone, &cfilename);
-	zfilename = dns_zone_getdatabase(zone);
-	if (cfilename == NULL || zfilename == NULL ||
-	    strcmp(cfilename, zfilename) != 0)
-		return (ISC_FALSE);
-
-	return (ISC_TRUE);
-}
-
-isc_result_t
-dns_zonemgr_configure(dns_c_ctx_t *cctx, dns_zonemgr_t *zmgr) {
-	isc_uint32_t val;
-	isc_result_t result;
-
-	result = dns_c_ctx_gettransfersin(cctx, &val);
-	if (result != ISC_R_SUCCESS)
-		val = 10;
-	dns_zonemgr_settransfersin(zmgr, val);
-
-	result = dns_c_ctx_gettransfersperns(cctx, &val);
-	if (result != ISC_R_SUCCESS)
-		val = 2;
-	dns_zonemgr_settransfersperns(zmgr, val);
-
-	return (ISC_R_SUCCESS);
-}
-

bin/nsupdate/.cvsignore

@@ -1,4 +1,2 @@
 Makefile
 nsupdate
-*.lo
-.libs

bin/nsupdate/Makefile.in

@@ -1,19 +1,19 @@
 # Copyright (C) 2000  Internet Software Consortium.
-#
+# 
 # Permission to use, copy, modify, and distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
 # copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-# INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+# ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+# CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+# DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+# SOFTWARE.
 
-# $Id: Makefile.in,v 1.8 2000/09/20 19:05:55 gson Exp $
+# $Id: Makefile.in,v 1.2.2.2 2000/07/10 19:10:32 bwelling Exp $
 
 srcdir =	@srcdir@
 VPATH =		@srcdir@
@@ -25,11 +25,11 @@ top_srcdir =	@top_srcdir@
 
 CINCLUDES =	-I${srcdir}/include ${LWRES_INCLUDES} ${DNS_INCLUDES} ${ISC_INCLUDES}
 
-CDEFINES =
+CDEFINES =	
 CWARNINGS =
 
 LWRESLIBS =	../../lib/lwres/liblwres.@A@
-DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_OPENSSL_LIBS@ @DNS_GSSAPI_LIBS@
+DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_OPENSSL_LIBS@
 ISCLIBS =	../../lib/isc/libisc.@A@
 
 LWRESDEPLIBS =	../../lib/lwres/liblwres.@A@
@@ -40,13 +40,13 @@ DEPLIBS =	${DNSDEPLIBS} ${ISCDEPLIBS}
 
 LIBS =		${LWRESLIBS} ${DNSLIBS} ${ISCLIBS} @LIBS@
 
-SUBDIRS =
+SUBDIRS =	
 
 TARGETS =	nsupdate
 
 OBJS =		nsupdate.@O@
 
-UOBJS =
+UOBJS =		
 
 SRCS =		nsupdate.c
 
@@ -59,7 +59,9 @@ clean distclean::
 	rm -f ${TARGETS}
 
 installdirs:
-	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${bindir}
+	if [ ! -d ${DESTDIR}${bindir} ]; then \
+		mkdir ${DESTDIR}${bindir}; \
+	fi
 
 install:: nsupdate
 	${LIBTOOL} ${INSTALL_PROGRAM} nsupdate ${DESTDIR}${bindir}

bin/nsupdate/nsupdate.8

@@ -1,340 +0,0 @@
-.\" Copyright (C) 2000  Internet Software Consortium.
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.\" $Id: nsupdate.8,v 1.7 2000/08/15 20:15:49 gson Exp $
-.\"
-.Dd Jun 30, 2000
-.Dt NSUPDATE 8
-.Os BIND9 9
-.ds vT BIND9 Programmer's Manual
-.Sh NAME
-.Nm nsupdate
-.Nd Dynamic DNS update utility
-.Sh SYNOPSIS
-.Nm nsupdate
-.Op Fl d
-.Oo
-.Fl y Ar keyname:secret |
-.Fl k Ar keyfile
-.Oc
-.Op Fl v
-.Sh DESCRIPTION
-.Nm nsupdate
-is used to submit Dynamic DNS Update requests as defined in RFC2136
-to a name server.
-This allows resource records to be added or removed from a zone
-without manually editing the zone file.
-A single update request can contain requests to add or remove more than one
-resource record.
-.Pp
-Zones that are under dynamic control via
-.Nm nsupdate
-or a DHCP server should not be edited by hand.
-Manual edits could
-conflict with dynamic updates and cause data to be lost.
-.Pp
-The resource records that are dynamically added or removed with
-.Nm nsupdate
-have to be in the same zone.
-Requests are sent to the zone's master server.
-This is identified by the MNAME field of the zone's SOA record.
-.Pp
-The
-.Fl d
-option makes
-.Nm nsupdate
-operate in debug mode.
-This provides tracing information about the update requests that are
-made and the replies received from the name server.
-.Pp
-Transaction signatures can be used to authenticate the Dynamic DNS
-updates.
-These use the TSIG resource record type described in RFC2845.
-The signatures rely on a shared secret that should only be known to
-.Nm nsupdate
-and the name server.
-Currently, the only supported encryption algorithm for TSIG is
-HMAC-MD5, which is defined in RFC 2104.
-Once other algorithms are defined for TSIG, applications will need to
-ensure they select the appropriate algorithm as well as the key when
-authenticating each other.
-For instance suitable
-.Dv key{}
-and
-.Dv server{}
-statements would be added to
-.Pa /etc/named.conf
-so that the name server can associate the appropriate secret key
-and algorithm with the IP address of the
-client application that will be using TSIG authentication.
-.Nm nsupdate
-does not read
-.Pa /etc/named.conf .
-.Pp
-.Nm nsupdate
-uses the
-.Fl y
-or
-.Fl k
-option to provide the shared secret needed to generate a TSIG record
-for authenticating Dynamic DNS update requests.
-These options are mutually exclusive.
-With the
-.Fl k
-option,
-.Nm nsupdate
-reads the shared secret from the file
-.Ar keyfile ,
-whose name is of the form 
-.Pa K{name}.+157.+{random}.private .
-For historical
-reasons, the file 
-.Pa K{name}.+157.+{random}.key
-must also be present.  When the
-.Fl y
-option is used, a signature is generated from
-.Ar keyname:secret.
-.Ar keyname
-is the name of the key,
-and
-.Ar secret
-is the base64 encoded shared secret.
-Use of the
-.Fl y
-option is discouraged because the shared secret is supplied as a command
-line argument in clear text.
-This may be visible in the output from
-.Xr ps 1
-or in a history file maintained by the user's shell.
-.Pp
-By default
-.Nm nsupdate
-uses UDP to send update requests to the name server.
-The
-.Fl v
-option makes
-.Nm nsupdate
-use a TCP connection.
-This may be preferable when a batch of update requests is made.
-.Sh INPUT FORMAT
-.Nm nsupdate
-reads commands from its standard input.
-Each command is supplied on exactly one line of input.
-Some commands are for administrative purposes.
-The others are either update instructions or prerequisite checks on the
-contents of the zone.
-These checks set conditions that some name or set of
-resource records (RRset) either exists or is absent from the zone.
-These conditions must be met if the entire update request is to succeed.
-Updates will be rejected if the tests for the prerequisite conditions fail.
-.Pp
-Every update request consists of zero or more prerequisites
-and zero or more updates.
-This allows a suitably authenticated update request to proceed if some
-specified resource records are present or missing from the zone.
-A blank input line causes the accumulated commands to be sent as one Dynamic
-DNS update request to the name server.
-.Pp
-The command formats and their meaning are as follows:
-.Bl -ohang indent
-.It Xo
-.Ic server Va servername Op port
-.Xc
-.sp 1
-Sends all dynamic update requests to the name server
-.Va servername .
-When no server statement is provided,
-.Nm nsupdate
-will send updates to the master server of the correct zone.
-The MNAME field of that zone's SOA record will identify the master
-server for that zone.
-.Va port
-is the port number on
-.Va servername
-where the dynamic update requests get sent.
-If no port number is specified, the default DNS port number of 53 is
-used.
-.It Xo
-.Ic zone Va zonename
-.Xc
-.sp 1
-Specifies that all updates are to be made to the zone
-.Va zonename .
-If no
-.Va zone
-statement is provided,
-.Nm nsupdate
-will attempt determine the correct zone to update based on the rest of the input.
-.It Xo
-.Ic prereq nxdomain Va domain-name
-.Xc
-.sp 1
-Requires that no resource record of any type exists with name
-.Va domain-name .
-.It Xo
-.Ic prereq yxdomain Va domain-name
-.Xc
-.sp 1
-Requires that
-.Va domain-name
-exists (has as at least one resource record, of any type).
-.It Xo
-.Ic prereq nxrrset Va domain-name Op class
-.Va type
-.Xc
-.sp 1
-Requires that no resource record exists of the specified
-.Va type ,
-.Va class
-and
-.Va domain-name .
-If
-.Va class
-is omitted, IN (internet) is assumed.
-.It Xo
-.Ic prereq yxrrset
-.Va domain-name Op class
-.Va type
-.Xc
-.sp 1
-This requires that a resource record of the specified
-.Va type ,
-.Va class
-and
-.Va domain-name
-must exist.
-If
-.Va class
-is omitted, IN (internet) is assumed.
-.It Xo
-.Ic prereq yxrrset
-.Va domain-name Op class
-.Va type data...
-.Xc
-.sp 1
-The
-.Va data
-from each set of prerequisites of this form
-sharing a common
-.Va type ,
-.Va class ,
-and 
-.Va domain-name
-are combined to form a set of RRs.  This set of RRs must
-exactly match the set of RRs existing in the zone at the
-given 
-.Va type ,
-.Va class ,
-and 
-.Va domain-name .
-The
-.Va data
-are written in the standard text representation of the resource record's
-RDATA.
-.It Xo
-.Ic update delete
-.Va domain-name Op class
-.Va Op type Op data...
-.Xc
-.sp 1
-Deletes any resource records named
-.Va domain-name .
-If
-.Va type
-and
-.Va data
-is provided, only matching resource records will be removed.
-The internet class is assumed if
-.Va class
-is not supplied.
-.It Xo
-.Ic update add
-.Va domain-name ttl Op class
-.Va type data..
-.Xc
-.sp 1
-Adds a new resource record with the specified
-.Va ttl ,
-.Va class
-and
-.Va data .
-.El
-.Sh EXAMPLES
-The examples below show how
-.Nm nsupdate
-could be used to insert and delete resource records from the
-.Dv example.com
-zone.
-Notice that the input in each example contains a trailing blank line so that
-a group of commands are sent as one dynamic update request to the
-master name server for
-.Dv example.com .
-.Bd -literal -offset indent
-# nsupdate
-> update delete oldhost.example.com A
-> update add newhost.example.com 86400 A 172.16.1.1
->
-.Ed
-.Pp
-Any A records for
-.Dv oldhost.example.com
-are deleted.
-and an A record for
-.Dv newhost.example.com
-it IP address 172.16.1.1 is added.
-The newly-added record has a 1 day TTL (86400 seconds)
-.Bd -literal -offset indent
-# nsupdate
-> prereq nxdomain nickname.example.com
-> update add nickname.example.com CNAME somehost.example.com
->
-.Ed
-.Pp
-The prerequisite condition gets the name server to check that there
-are no resource records of any type for
-.Dv nickname.example.com .
-If there are, the update request fails.
-If this name does not exist, a CNAME for it is added.
-This ensures that when the CNAME is added, it cannot conflict with the
-long-standing rule in RFC1034 that a name must not exist as any other
-record type if it exists as a CNAME.
-(The rule has been updated for DNSSEC in RFC2535 to allow CNAMEs to have
-SIG, KEY and NXT records.)
-.Pp
-.Sh FILES
-.Bl -tag -width K{name}.+157.+{random}.private -compact
-.It Pa /etc/resolv.conf
-used to identify default name server
-.It Pa K{name}.+157.+{random}.key
-base-64 encoding of HMAC-MD5 key created by
-.Xr dnssec-keygen 8 .
-.It Pa K{name}.+157.+{random}.private
-base-64 encoding of HMAC-MD5 key created by
-.Xr dnssec-keygen 8 .
-.El
-.Sh SEE ALSO
-.Xr RFC2136 ,
-.Xr RFC2137 ,
-.Xr RFC2104 ,
-.Xr RFC2845 ,
-.Xr RFC1034 ,
-.Xr RFC2535 ,
-.Xr named 8 ,
-.Xr dnssec-keygen 8 .
-.Sh BUGS
-The TSIG key is redundantly stored in two separate files.
-This is a consequence of nsupdate using the DST library
-for its cryptographic operations, and may change in future
-releases.

bin/nsupdate/nsupdate.c

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: nsupdate.c,v 1.55 2000/10/06 18:58:30 bwelling Exp $ */
+/* $Id: nsupdate.c,v 1.8.2.7 2000/09/15 23:47:14 gson Exp $ */
 
 #include <config.h>
 
@@ -26,18 +26,14 @@
 #include <stdlib.h>
 #include <unistd.h>
 
-#if (!(defined(HAVE_ADDRINFO) && defined(HAVE_GETADDRINFO)))
-extern int h_errno;
-#endif
-
-#include <isc/app.h>
 #include <isc/base64.h>
 #include <isc/buffer.h>
+#include <isc/condition.h>
 #include <isc/commandline.h>
 #include <isc/entropy.h>
-#include <isc/event.h>
 #include <isc/lex.h>
 #include <isc/mem.h>
+#include <isc/mutex.h>
 #include <isc/region.h>
 #include <isc/sockaddr.h>
 #include <isc/socket.h>
@@ -50,7 +46,6 @@ extern int h_errno;
 #include <dns/callbacks.h>
 #include <dns/dispatch.h>
 #include <dns/events.h>
-#include <dns/fixedname.h>
 #include <dns/message.h>
 #include <dns/name.h>
 #include <dns/rdata.h>
@@ -68,14 +63,13 @@ extern int h_errno;
 #include <lwres/lwres.h>
 #include <lwres/net.h>
 
-#define MAXCMD (4 * 1024)
-#define INITDATA (32 * 1024)
-#define MAXDATA (64 * 1024)
+#define MXNAME 256
+#define MAXPNAME 1025
+#define MAXCMD 1024
 #define NAMEBUF 512
 #define WORDLEN 512
-#define PACKETSIZE ((64 * 1024) - 1)
-#define INITTEXT (2 * 1024)
-#define MAXTEXT (128 * 1024)
+#define PACKETSIZE 2048
+#define MSGTEXT 4096
 #define FIND_TIMEOUT 5
 #define TTL_MAX 2147483647	/* Maximum signed 32 bit integer. */
 
@@ -83,13 +77,15 @@ extern int h_errno;
 
 #define RESOLV_CONF "/etc/resolv.conf"
 
+static isc_boolean_t busy = ISC_FALSE;
 static isc_boolean_t debugging = ISC_FALSE, ddebugging = ISC_FALSE;
 static isc_boolean_t have_ipv6 = ISC_FALSE;
 static isc_boolean_t is_dst_up = ISC_FALSE;
 static isc_boolean_t usevc = ISC_FALSE;
+static isc_mutex_t lock;
+static isc_condition_t cond;
 static isc_taskmgr_t *taskmgr = NULL;
 static isc_task_t *global_task = NULL;
-static isc_event_t *global_event = NULL;
 static isc_mem_t *mctx = NULL;
 static dns_dispatchmgr_t *dispatchmgr = NULL;
 static dns_requestmgr_t *requestmgr = NULL;
@@ -103,6 +99,7 @@ static dns_name_t *origin; /* Points to one of above, or dns_rootname */
 static dns_fixedname_t fuserzone;
 static dns_name_t *userzone = NULL;
 static dns_tsigkey_t *key = NULL;
+static dns_tsig_keyring_t *keyring = NULL;
 static lwres_context_t *lwctx = NULL;
 static lwres_conf_t *lwconf;
 static isc_sockaddr_t *servers;
@@ -130,7 +127,7 @@ static void
 fatal(const char *format, ...) {
 	va_list args;
 
-	va_start(args, format);
+	va_start(args, format);	
 	vfprintf(stderr, format, args);
 	va_end(args);
 	fprintf(stderr, "\n");
@@ -142,7 +139,7 @@ debug(const char *format, ...) {
 	va_list args;
 
 	if (debugging) {
-		va_start(args, format);
+		va_start(args, format);	
 		vfprintf(stderr, format, args);
 		va_end(args);
 		fprintf(stderr, "\n");
@@ -154,7 +151,7 @@ ddebug(const char *format, ...) {
 	va_list args;
 
 	if (ddebugging) {
-		va_start(args, format);
+		va_start(args, format);	
 		vfprintf(stderr, format, args);
 		va_end(args);
 		fprintf(stderr, "\n");
@@ -250,12 +247,17 @@ setup_key(void) {
 	dns_fixedname_t fkeyname;
 	dns_name_t *keyname;
 
+	result = dns_tsigkeyring_create(mctx, &keyring);
+	check_result(result, "dns_tsigkeyringcreate");
+
 	dns_fixedname_init(&fkeyname);
 	keyname = dns_fixedname_name(&fkeyname);
 
 	if (keystr != NULL) {
 		isc_buffer_t keynamesrc;
 		char *secretstr;
+		isc_buffer_t secretsrc;
+		isc_lex_t *lex = NULL;
 		char *s;
 
 		debug("Creating key...");
@@ -278,16 +280,27 @@ setup_key(void) {
 		if (secret == NULL)
 			fatal("out of memory");
 
+		isc_buffer_init(&secretsrc, secretstr, strlen(secretstr));
+		isc_buffer_add(&secretsrc, strlen(secretstr));
+
 		isc_buffer_init(&secretbuf, secret, secretlen);
-		result = isc_base64_decodestring(mctx, secretstr, &secretbuf);
+
+		result = isc_lex_create(mctx, strlen(secretstr), &lex);
+		check_result(result, "isc_lex_create");
+		result = isc_lex_openbuffer(lex, &secretsrc);
+		check_result(result, "isc_lex_openbuffer");
+		result = isc_base64_tobuffer(lex, &secretbuf, -1);
 		if (result != ISC_R_SUCCESS) {
 			fprintf(stderr, "Couldn't create key from %s: %s\n",
 				keystr, isc_result_totext(result));
+			isc_lex_close(lex);
+			isc_lex_destroy(&lex);
 			goto failure;
 		}
-
 		secretlen = isc_buffer_usedlength(&secretbuf);
 		debug("close");
+		isc_lex_close(lex);
+		isc_lex_destroy(&lex);
 	} else {
 		dst_key_t *dstkey = NULL;
 
@@ -315,11 +328,11 @@ setup_key(void) {
 		dst_key_free(&dstkey);
 				    
 	}
-
+		
 	debug("keycreate");
 	result = dns_tsigkey_create(keyname, dns_tsig_hmacmd5_name,
 				    secret, secretlen, ISC_TRUE, NULL, 0, 0,
-				    mctx, NULL, &key);
+				    mctx, keyring, &key);
 	if (result != ISC_R_SUCCESS) {
 		char *str;
 		if (keystr != NULL)
@@ -336,6 +349,7 @@ setup_key(void) {
 
 	if (secret != NULL)
 		isc_mem_free(mctx, secret);
+	dns_tsigkeyring_destroy(&keyring);
 }
 
 static void
@@ -349,7 +363,14 @@ setup_system(void) {
 
 	ddebug("setup_system()");
 
-	dns_result_register();
+	/*
+	 * Warning: This is not particularly good randomness.  We'll
+	 * just use random() now for getting id values, but doing so
+	 * does NOT insure that id's can't be guessed.
+	 *
+	 * XXX Shouldn't random() be called somewhere if this is here?
+	 */
+	srandom(getpid() + (int)&setup_system);
 
 	result = isc_net_probeipv4();
 	check_result(result, "isc_net_probeipv4");
@@ -517,7 +538,7 @@ parse_args(int argc, char **argv) {
 		case 'M': /* was -dm */
 			debugging = ISC_TRUE;
 			ddebugging = ISC_TRUE;
-			isc_mem_debugging = 1;
+			isc_mem_debugging = ISC_TRUE;
 			break;
 		case 'y':
 			keystr = isc_commandline_argument;
@@ -593,42 +614,31 @@ parse_rdata(char **cmdlinep, dns_rdataclass_t rdataclass,
 	dns_rdatacallbacks_t callbacks;
 	isc_result_t result;
 	dns_name_t *rn;
-	int bufsz = INITDATA;
 
 	while (*cmdline != 0 && isspace((unsigned char)*cmdline))
 		cmdline++;
 
 	if (*cmdline != 0) {
-		dns_rdatacallbacks_init(&callbacks);
+		result = isc_lex_create(mctx, WORDLEN, &lex);
+		check_result(result, "isc_lex_create");	
+
+		isc_buffer_init(&source, cmdline, strlen(cmdline));
+		isc_buffer_add(&source, strlen(cmdline));
+		result = isc_lex_openbuffer(lex, &source);
+		check_result(result, "isc_lex_openbuffer");
+
+		result = isc_buffer_allocate(mctx, &buf, MXNAME);
+		check_result(result, "isc_buffer_allocate");
+		dns_rdatacallbacks_init_stdio(&callbacks);
 		if (userzone != NULL)
 			rn = userzone;
 		else
 			rn = origin;
-		do {
-			result = isc_lex_create(mctx, strlen(cmdline), &lex);
-			check_result(result, "isc_lex_create");
-			isc_buffer_init(&source, cmdline, strlen(cmdline));
-			isc_buffer_add(&source, strlen(cmdline));
-			result = isc_lex_openbuffer(lex, &source);
-			check_result(result, "isc_lex_openbuffer");
-			if (buf != NULL)
-				isc_buffer_free(&buf);
-			if (bufsz > MAXDATA) {
-				fprintf(stderr, "couldn't allocate enough "
-					"space for the rdata\n");
-				exit(1);
-			}
-			result = isc_buffer_allocate(mctx, &buf, bufsz);
-			check_result(result, "isc_buffer_allocate");
-			result = dns_rdata_fromtext(*rdatap, rdataclass,
-						    rdatatype,
-						    lex, rn, ISC_FALSE, buf,
-						    &callbacks);
-			bufsz *= 2;
-			isc_lex_destroy(&lex);
-		} while (result == ISC_R_NOSPACE);
-		check_result(result, "dns_rdata_fromtext");
+		result = dns_rdata_fromtext(*rdatap, rdataclass, rdatatype,
+					    lex, rn, ISC_FALSE, buf,
+					    &callbacks);
 		dns_message_takebuffer(msg, &buf);
+		isc_lex_destroy(&lex);
 		if (result != ISC_R_SUCCESS)
 			return (STATUS_MORE);
 	}
@@ -726,7 +736,7 @@ make_prereq(char *cmdline, isc_boolean_t ispositive, isc_boolean_t isrrset) {
 	ISC_LIST_INIT(rdatalist->rdata);
 	ISC_LIST_APPEND(rdatalist->rdata, rdata, link);
 	dns_rdataset_init(rdataset);
-	dns_rdatalist_tordataset(rdatalist, rdataset);
+	dns_rdatalist_tordataset(rdatalist, rdataset);		
 	ISC_LIST_INIT(name->list);
 	ISC_LIST_APPEND(name->list, rdataset, link);
 	dns_message_addname(updatemsg, name, DNS_SECTION_PREREQUISITE);
@@ -997,37 +1007,23 @@ evaluate_update(char *cmdline) {
 }
 
 static void
-show_message(dns_message_t *msg) {
+show_message(void) {
 	isc_result_t result;
-	isc_buffer_t *buf = NULL;
-	int bufsz;
+	char store[MSGTEXT];
+	isc_buffer_t buf;
 
 	ddebug("show_message()");
-	bufsz = INITTEXT;
-	do { 
-		if (bufsz > MAXTEXT) {
-			fprintf(stderr, "couldn't allocate large enough"
-				"buffer to display message\n");
-			exit(1);
-		}
-		if (buf != NULL)
-			isc_buffer_free(&buf);
-		result = isc_buffer_allocate(mctx, &buf, bufsz);
-		check_result(result, "isc_buffer_allocate");
-		result = dns_message_totext(msg, 0, buf);
-		bufsz *= 2;
-	} while (result == ISC_R_NOSPACE);
+	isc_buffer_init(&buf, store, MSGTEXT);
+	result = dns_message_totext(updatemsg, 0, &buf);
 	if (result != ISC_R_SUCCESS) {
-		fprintf(stderr, "Failed to convert message to text format.\n");
-		isc_buffer_free(&buf);
+		fprintf(stderr, "Failed to concert message to text format.\n");
 		return;
 	}
 	printf("Outgoing update query:\n%.*s",
-	       (int)isc_buffer_usedlength(buf),
-	       (char*)isc_buffer_base(buf));
-	isc_buffer_free(&buf);
+	       (int)isc_buffer_usedlength(&buf),
+	       (char*)isc_buffer_base(&buf));
 }
-
+	
 
 static isc_uint16_t
 get_next_command(void) {
@@ -1037,9 +1033,8 @@ get_next_command(void) {
 
 	ddebug("get_next_command()");
 	fprintf(stdout, "> ");
-	cmdline = fgets(cmdlinebuf, MAXCMD, stdin);
-	if (cmdline == NULL)
-		return (STATUS_QUIT);
+	fgets (cmdlinebuf, MAXCMD, stdin);
+	cmdline = cmdlinebuf;
 	word = nsu_strsep(&cmdline, " \t\r\n");
 
 	if (feof(stdin))
@@ -1059,7 +1054,7 @@ get_next_command(void) {
 	if (strcasecmp(word, "send") == 0)
 		return (STATUS_SEND);
 	if (strcasecmp(word, "show") == 0) {
-		show_message(updatemsg);
+		show_message();
 		return (STATUS_MORE);
 	}
 	fprintf(stderr, "incorrect section name: %s\n", word);
@@ -1080,17 +1075,23 @@ user_interaction(void) {
 }
 
 static void
-done_update(void) {
-	isc_event_t *event = global_event;
-	isc_task_send(global_task, &event);
+done_update(isc_boolean_t acquirelock) {
+	if (acquirelock)
+		LOCK(&lock);
+	busy = ISC_FALSE;
+	SIGNAL(&cond);
+	if (acquirelock)
+		UNLOCK(&lock);
 }
 
 static void
 update_completed(isc_task_t *task, isc_event_t *event) {
 	dns_requestevent_t *reqev = NULL;
 	isc_result_t result;
+	isc_buffer_t buf;
 	dns_message_t *rcvmsg = NULL;
-
+	char bufstore[MSGTEXT];
+	
 	UNUSED(task);
 
 	ddebug("updated_completed()");
@@ -1104,38 +1105,21 @@ update_completed(isc_task_t *task, isc_event_t *event) {
 
 	result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &rcvmsg);
 	check_result(result, "dns_message_create");
-	result = dns_request_getresponse(reqev->request, rcvmsg,
-					 DNS_MESSAGEPARSE_PRESERVEORDER);
+	result = dns_request_getresponse(reqev->request, rcvmsg, ISC_TRUE);
 	check_result(result, "dns_request_getresponse");
 	if (debugging) {
-		isc_buffer_t *buf = NULL;
-		int bufsz;
-
-		bufsz = INITTEXT;
-		do { 
-			if (bufsz > MAXTEXT) {
-				fprintf (stderr, "couldn't allocate large "
-					 "enough buffer to display message\n");
-				exit(1);
-			}
-			if (buf != NULL)
-				isc_buffer_free(&buf);
-			result = isc_buffer_allocate(mctx, &buf, bufsz);
-			check_result(result, "isc_buffer_allocate");
-			result = dns_message_totext(rcvmsg, 0, buf);
-			bufsz *= 2;
-		} while (result == ISC_R_NOSPACE);
+		isc_buffer_init(&buf, bufstore, MSGTEXT);
+		result = dns_message_totext(rcvmsg, 0, &buf);
 		check_result(result, "dns_message_totext");
 		fprintf(stderr, "\nReply from update query:\n%.*s\n",
-			(int)isc_buffer_usedlength(buf),
-			(char*)isc_buffer_base(buf));
-		isc_buffer_free(&buf);
+			(int)isc_buffer_usedlength(&buf),
+			(char*)isc_buffer_base(&buf));
 	}
 	dns_message_destroy(&rcvmsg);
  done:
 	dns_request_destroy(&reqev->request);
 	isc_event_free(&event);
-	done_update();
+	done_update(ISC_TRUE);
 }
 
 static void
@@ -1204,13 +1188,13 @@ recvsoa(isc_task_t *task, isc_event_t *event) {
 
 	if (eresult != ISC_R_SUCCESS) {
 		char addrbuf[ISC_SOCKADDR_FORMATSIZE];
-
+	
 		isc_sockaddr_format(addr, addrbuf, sizeof(addrbuf));
 		fprintf(stderr, "; Communication with %s failed: %s\n",
 		       addrbuf, isc_result_totext(eresult));
 		if (userserver != NULL)
 			fatal("Couldn't talk to specified nameserver.");
-		else if (++ns_inuse >= lwconf->nsnext)
+		else if (ns_inuse++ >= lwconf->nsnext)
 			fatal("Couldn't talk to any default nameserver.");
 		ddebug("Destroying request [%lx]", request);
 		dns_request_destroy(&request);
@@ -1225,31 +1209,19 @@ recvsoa(isc_task_t *task, isc_event_t *event) {
 	ddebug("About to create rcvmsg");
 	result = dns_message_create(mctx, DNS_MESSAGE_INTENTPARSE, &rcvmsg);
 	check_result(result, "dns_message_create");
-	result = dns_request_getresponse(request, rcvmsg,
-					 DNS_MESSAGEPARSE_PRESERVEORDER);
+	result = dns_request_getresponse(request, rcvmsg, ISC_TRUE);
 	check_result(result, "dns_request_getresponse");
 	section = DNS_SECTION_ANSWER;
 	if (debugging) {
-		isc_buffer_t *buf = NULL;
-		int bufsz;
-		bufsz = INITTEXT;
-		do {
-			if (buf != NULL)
-				isc_buffer_free(&buf);
-			if (bufsz > MAXTEXT) {
-				fprintf(stderr, "couldn't allocate enough "
-					 "space for debugging message\n");
-				exit(1);
-			}
-			result = isc_buffer_allocate(mctx, &buf, bufsz);
-			check_result(result, "isc_buffer_allocate");
-			result = dns_message_totext(rcvmsg, 0, buf);
-		} while (result == ISC_R_NOSPACE);
+		isc_buffer_t buf;
+		char bufstore[MSGTEXT];
+
+		isc_buffer_init(&buf, bufstore, MSGTEXT);
+		result = dns_message_totext(rcvmsg, 0, &buf);
 		check_result(result, "dns_message_totext");
 		fprintf(stderr, "Reply from SOA query:\n%.*s\n",
-			(int)isc_buffer_usedlength(buf),
-			(char*)isc_buffer_base(buf));
-		isc_buffer_free(&buf);
+			(int)isc_buffer_usedlength(&buf),
+			(char*)isc_buffer_base(&buf));
 	}
 
 	if (rcvmsg->rcode != dns_rcode_noerror &&
@@ -1287,7 +1259,7 @@ recvsoa(isc_task_t *task, isc_event_t *event) {
 	}
 
 	if (debugging) {
-		char namestr[DNS_NAME_FORMATSIZE];
+		char namestr[MAXPNAME];
 		dns_name_format(name, namestr, sizeof(namestr));
 		fprintf(stderr, "Found zone name: %s\n", namestr);
 	}
@@ -1309,7 +1281,7 @@ recvsoa(isc_task_t *task, isc_event_t *event) {
 		zonename = name;
 
 	if (debugging) {
-		char namestr[DNS_NAME_FORMATSIZE];
+		char namestr[MAXPNAME];
 		dns_name_format(&master, namestr, sizeof(namestr));
 		fprintf(stderr, "The master is: %s\n", namestr);
 	}
@@ -1317,7 +1289,7 @@ recvsoa(isc_task_t *task, isc_event_t *event) {
 	if (userserver != NULL)
 		serveraddr = userserver;
 	else {
-		char serverstr[DNS_NAME_MAXTEXT+1];
+		char serverstr[MXNAME];
 		isc_buffer_t buf;
 
 		isc_buffer_init(&buf, serverstr, sizeof(serverstr));
@@ -1372,7 +1344,7 @@ start_update(void) {
 
 	result = dns_message_firstname(updatemsg, DNS_SECTION_UPDATE);
 	if (result != ISC_R_SUCCESS) {
-		done_update();
+		done_update(ISC_FALSE);
 		return;
 	}
 
@@ -1417,9 +1389,15 @@ cleanup(void) {
 
 	if (key != NULL) {
 		debug("Freeing key");
+		dns_tsigkey_setdeleted(key);
 		dns_tsigkey_detach(&key);
 	}
 
+	if (keyring != NULL) {
+		debug("Freeing keyring %lx", keyring);
+		dns_tsigkeyring_destroy(&keyring);
+	}
+
 	if (updatemsg != NULL)
 		dns_message_destroy(&updatemsg);
 
@@ -1438,7 +1416,7 @@ cleanup(void) {
 	lwres_context_destroy(&lwctx);
 
 	isc_mem_put(mctx, servers, ns_total * sizeof(isc_sockaddr_t));
-
+		
 	ddebug("Shutting down request manager");
 	dns_requestmgr_shutdown(requestmgr);
 	dns_requestmgr_detach(&requestmgr);
@@ -1454,10 +1432,6 @@ cleanup(void) {
 	ddebug("Ending task");
 	isc_task_detach(&global_task);
 
-	ddebug("Destroying event task");
-	if (global_event != NULL)
-		isc_event_free(&global_event);
-
 	ddebug("Shutting down task manager");
 	isc_taskmgr_destroy(&taskmgr);
 
@@ -1473,46 +1447,33 @@ cleanup(void) {
 	isc_mem_destroy(&mctx);
 }
 
-static void
-getinput(isc_task_t *task, isc_event_t *event) {
-	isc_boolean_t more;
-
-	UNUSED(task);
-
-	if (global_event == NULL)
-		global_event = event;
-
-	reset_system();
-	isc_app_block();
-	more = user_interaction();
-	isc_app_unblock();
-	if (!more) {
-		isc_app_shutdown();
-		return;
-	}
-	start_update();
-	return;
-}
-
 int
 main(int argc, char **argv) {
         isc_result_t result;
 
-	isc_app_start();
-
         parse_args(argc, argv);
 
         setup_system();
+        result = isc_mutex_init(&lock);
+        check_result(result, "isc_mutex_init");
+        result = isc_condition_init(&cond);
+        check_result(result, "isc_condition_init");
+	LOCK(&lock);
 
-	result = isc_app_onrun(mctx, global_task, getinput, NULL);
-	check_result(result, "isc_app_onrun");
-
-	(void)isc_app_run();
+        while (ISC_TRUE) {
+		reset_system();
+                if (!user_interaction())
+			break;
+		busy = ISC_TRUE;
+		start_update();
+		while (busy)
+			WAIT(&cond, &lock);
+        }
 
         fprintf(stdout, "\n");
+        isc_mutex_destroy(&lock);
+        isc_condition_destroy(&cond);
         cleanup();
 
-	isc_app_finish();
-
         return (0);
 }

bin/rndc/Makefile.in

@@ -1,19 +1,19 @@
 # Copyright (C) 2000  Internet Software Consortium.
-#
+# 
 # Permission to use, copy, modify, and distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
 # copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-# INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+# ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+# CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+# DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+# SOFTWARE.
 
-# $Id: Makefile.in,v 1.14 2000/09/20 19:05:56 gson Exp $
+# $Id: Makefile.in,v 1.7.2.3 2000/07/12 01:18:43 gson Exp $
 
 srcdir =	@srcdir@
 VPATH =		@srcdir@
@@ -26,11 +26,11 @@ top_srcdir =	@top_srcdir@
 CINCLUDES =	-I${top_srcdir}/bin/named/include \
 		${ISC_INCLUDES} ${DNS_INCLUDES} ${OMAPI_INCLUDES}
 
-CDEFINES =
+CDEFINES =	
 CWARNINGS =
 
 OMAPILIBS =	../../lib/omapi/libomapi.@A@
-DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_OPENSSL_LIBS@ @DNS_GSSAPI_LIBS@
+DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_OPENSSL_LIBS@
 ISCLIBS =	../../lib/isc/libisc.@A@
 
 OMAPIDEPLIBS =	../../lib/omapi/libomapi.@A@
@@ -57,7 +57,9 @@ rndc: ${OBJS} ${DEPLIBS}
 	${LIBTOOL} ${CC} ${CFLAGS} -o $@ ${OBJS} ${LIBS}
 
 installdirs:
-	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${sbindir}
+	if [ ! -d ${DESTDIR}${sbindir} ]; then \
+		mkdir ${DESTDIR}${sbindir}; \
+	fi
 
 install:: rndc
 	${LIBTOOL} ${INSTALL_PROGRAM} rndc ${DESTDIR}${sbindir}

bin/rndc/rndc.8

@@ -1,166 +0,0 @@
-.\" Copyright (C) 2000  Internet Software Consortium.
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.\" $Id: rndc.8,v 1.8 2000/08/01 01:18:46 tale Exp $
-.\"
-.Dd Jun 30, 2000
-.Dt RDNC 8
-.Os BIND9 9
-.ds vT BIND9 Programmer's Manual
-.Sh NAME
-.Nm rdnc
-.Nd name server control utility
-.Sh SYNOPSIS
-.Nm rndc
-.Op Fl c Ar config-file
-.Op Fl M
-.Op Fl m
-.Op Fl p Ar port#
-.Op Fl s Ar server
-.Op Fl v
-.Op Fl y Ar key_id
-.Ar command ....
-.Sh DESCRIPTION
-This command allows the system administrator to control the operation
-of a name server.
-It supersedes the
-.Xr ndc 8
-utility that was provided in old BIND releases.
-If
-.Nm rndc
-is invoked with no command line options or arguments, it
-prints a short summary of the supported commands and the available
-options and their arguments.
-.Pp
-.Nm rndc
-communicates with the name server over a TCP connection,
-sending commands authenticated with digital signatures.
-In the current versions of
-.Nm rndc
-and
-.Xr named 8
-the only supported encryption algorithm is HMAC-MD5, which uses a
-shared secret on each end of the connection.
-This provides TSIG-style authentication for the command request
-and the name server's response.
-All commands sent over the channel
-must be signed by a key_id known to the server.
-.Pp
-.Nm rndc
-reads its default configuration file,
-.Pa /etc/rndc.conf
-to determine how to contact the name server and decide what algorithm
-and keys is should use.
-The
-.Fl c
-option can be used to specify an alternate configuration file.
-.Pp
-.Ar server
-is the name or address of the server which matches a
-.Dv server{}
-statement in the configuration file for
-.Nm rndc .
-If no
-.Ar server
-is supplied on the command line, the host named by the
-.Dv default-server
-clause in the
-.Dv options{}
-statement of the configuration file will be used.
-.Pp
-The
-.Fl p
-option can be used to make
-.Nm rndc
-send commands to TCP port number
-.Ar port#
-on the system running the name server instead of BIND 9's
-default control channel port of 953.
-.Pp
-The
-.Fl y
-option identifies the
-.Ar key_id
-to use from the configuration file.
-.Ar key_id
-must be known by
-.Xr named
-with the same algorithm and secret string in order for
-control message validation to succeed.
-If no
-.Fl y
-option is provided,
-.Nm rndc
-will first look for a
-.Dv key
-clause in the
-.Dv server{}
-statement of the server being used, or if no
-.Dv server{}
-statement is present for that host, then the
-.Dv default-key
-clause of the
-.Dv options{}
-statement.
-Note that the configuration file for
-.Nm rdnc
-contains shared secrets which are used to send authenticated
-control commands to name servers.
-It should therefore not have general read or write access.
-.Pp
-The
-.Fl M ,
-.Fl m ,
-and
-.Fl v
-options provided debugging information and are primarily of interest
-only to the BIND 9 developers.
-They might be changed or removed in future releases.
-.Pp
-The only valid value for
-.Ar command
-is \*qreload\*q, which forces the name server to reload its configuation
-file and zones.
-Further commands will be provided in future releases as the management
-capabilities of
-.Nm rndc
-are extended.
-.Sh LIMITATIONS
-.Nm rndc
-currently only supports the
-.Dv reload
-command.
-Future releases will provide more commands so that
-.Nm rndc
-offers at least as many management capabilities as the old
-.Xr ndc
-utility.
-.Pp
-There is currently no way to provide the shared secret for a key_id
-without using the configuration file.
-.Pp
-Several error messages could be clearer.
-For example, trying to connect
-from an address that is not in the list of acceptable addresses
-configured into
-.Xr named
-will result in the error message "end of file" when the server
-unceremoniously closes the connection.
-.Sh SEE ALSO
-.Xr rndc.conf 5 ,
-.Xr named 8 ,
-.Xr named.conf 5 ,
-.Xr RFC2845 ,
-.Xr ndc 8 .

bin/rndc/rndc.c

@@ -1,23 +1,23 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: rndc.c,v 1.27 2000/10/12 21:51:51 mws Exp $ */
+/* $Id: rndc.c,v 1.12.2.6 2000/08/02 20:59:13 gson Exp $ */
 
-/*
+/* 
  * Principal Author: DCL
  */
 
@@ -52,8 +52,6 @@ typedef struct ndc_object {
 	OMAPI_OBJECT_PREAMBLE;
 } ndc_object_t;
 
-#define REGION_FMT(x) (int)(x)->length, (x)->base
-
 static ndc_object_t ndc_g_ndc;
 static omapi_objecttype_t *ndc_type;
 
@@ -69,11 +67,12 @@ notify(const char *fmt, ...) {
 	}
 }
 
+
 /*
  * Send a control command to the server.
  */
 static isc_result_t
-send_command(omapi_object_t *manager, char *command, char *args) {
+send_command(omapi_object_t *manager, char *command) {
 	omapi_object_t *message = NULL;
 	isc_result_t result;
 
@@ -135,8 +134,9 @@ send_command(omapi_object_t *manager, char *command, char *args) {
 	/*
 	 * Set the command being sent.
 	 */
-	result = omapi_object_setstring((omapi_object_t *)&ndc_g_ndc,
-					command, args);
+	if (result == ISC_R_SUCCESS)
+		result = omapi_object_setboolean((omapi_object_t *)&ndc_g_ndc,
+						 command, ISC_TRUE);
 
 	if (result == ISC_R_SUCCESS) {
 		/*
@@ -180,7 +180,6 @@ ndc_signalhandler(omapi_object_t *handle, const char *name, va_list ap) {
 	REQUIRE(handle->type == ndc_type);
 
 	ndc = (ndc_object_t *)handle;
-	notify("ndc_signalhandler: %s", name);
 
 	if (strcmp(name, "status") == 0) {
 		/*
@@ -228,25 +227,6 @@ ndc_signalhandler(omapi_object_t *handle, const char *name, va_list ap) {
 	return (result);
 }
 
-static isc_result_t
-ndc_setvalue(omapi_object_t *handle, omapi_string_t *name,
-	     omapi_data_t *value)
-{
-	isc_region_t region;
-/*
-	isc_result_t result;
-	char *message;
-*/
-	UNUSED(value);
-	
-	INSIST(handle == (omapi_object_t *)&ndc_g_ndc);
-	
-	omapi_string_totext(name, &region);
-	notify("ndc_setvalue: %.*s\n", REGION_FMT(&region));
-
-	return (ISC_R_SUCCESS);
-}
-
 static void
 usage(void) {
 	fprintf(stderr, "\
@@ -297,15 +277,12 @@ main(int argc, char **argv) {
 	const char *keyname = NULL;
 	char secret[1024];
 	isc_buffer_t secretbuf;
-	char *command, *args;
+	char *command;
 	const char *servername = NULL;
 	const char *host = NULL;
 	unsigned int port = NS_OMAPI_PORT;
 	unsigned int algorithm;
 	int ch;
-	int len;
-	char *zonename = NULL;
-	char *viewname = NULL;
 
 	progname = strrchr(*argv, '/');
 	if (progname != NULL)
@@ -313,15 +290,14 @@ main(int argc, char **argv) {
 	else
 		progname = *argv;
 
-	while ((ch = isc_commandline_parse(argc, argv, "c:Mmp:s:Vv:y:z:"))
-	       != -1) {
+	while ((ch = isc_commandline_parse(argc, argv, "c:Mmp:s:vy:")) != -1) {
 		switch (ch) {
 		case 'c':
 			conffile = isc_commandline_argument;
 			break;
 
 		case 'M':
-			isc_mem_debugging = 1;
+			isc_mem_debugging = ISC_TRUE;
 			break;
 
 		case 'm':
@@ -340,18 +316,18 @@ main(int argc, char **argv) {
 		case 's':
 			servername = isc_commandline_argument;
 			break;
-		case 'V':
+
+		case 'v':
+			/*
+			 * Undocumented, for testing.
+			 */
 			verbose = ISC_TRUE;
 			break;
-		case 'v':
-			viewname = isc_commandline_argument;
-			break;
+
 		case 'y':
 			keyname = isc_commandline_argument;
 			break;
-		case 'z':
-			zonename = isc_commandline_argument;
-			break;
+
 		case '?':
 			usage();
 			exit(1);
@@ -386,7 +362,7 @@ main(int argc, char **argv) {
 	(void)dns_c_ndcctx_getoptions(config, &configopts);
 
 	if (servername == NULL && configopts != NULL)
-		(void)dns_c_ndcopts_getdefserver(configopts, &servername);
+		result = dns_c_ndcopts_getdefserver(configopts, &servername);
 
 	if (servername != NULL)
 		result = dns_c_ndcctx_getserver(config, servername, &server);
@@ -445,7 +421,7 @@ main(int argc, char **argv) {
 
 	DO("register omapi object",
 	   omapi_object_register(&ndc_type, "ndc",
-				 ndc_setvalue,		/* setvalue */
+				 NULL,			/* setvalue */
 				 NULL,			/* getvalue */
 				 NULL,			/* destroy */
 				 ndc_signalhandler,
@@ -478,28 +454,15 @@ main(int argc, char **argv) {
 	 */
 	ndc_g_ndc.waitresult = ISC_R_SUCCESS;
 
-	while ((args = *argv++) != NULL &&
+	while ((command = *argv++) != NULL &&
 	       result == ISC_R_SUCCESS &&
 	       ndc_g_ndc.waitresult == ISC_R_SUCCESS) {
 
-		/* Skip leading white space. */
-		args += strspn(args, " \t\r\n");
-
-		/* Extract command */
-		len = strcspn(args, " \t\r\n");
-		if (len == 0)
-			continue;
-		command = isc_mem_get(mctx, len + 1);
-		if (command == NULL)
-			DO("isc_mem_get", ISC_R_NOMEMORY);
-		strncpy(command, args, len);
-		command[len] = '\0';
-
 		notify(command);
 
 		if (strcmp(command, "dumpdb") == 0) {
 			result = ISC_R_NOTIMPLEMENTED;
-
+			
 		} else if (strcmp(command, "notrace") == 0) {
 			result = ISC_R_NOTIMPLEMENTED;
 
@@ -508,51 +471,8 @@ main(int argc, char **argv) {
 			result = ISC_R_NOTIMPLEMENTED;
 
 		} else if (strcmp(command, "reload") == 0) {
-			char omapiargs[DNS_NAME_MAXTEXT];
-			omapiargs[0]=0;
-			if (zonename != NULL) {	
-				strncat(omapiargs, "Z", 1);
-				omapiargs[DNS_NAME_MAXTEXT-1] = 0;
-				strncat(omapiargs, zonename,
-					DNS_NAME_MAXTEXT);
-				omapiargs[DNS_NAME_MAXTEXT-1] = 0;
-			}
-			if (zonename != NULL && viewname != NULL) {
-				strncat(omapiargs, " ",
-					DNS_NAME_MAXTEXT);
-				omapiargs[DNS_NAME_MAXTEXT-1] = 0;
-			}
-			if (viewname != NULL) {	
-				strncat(omapiargs, "V", 1);
-				omapiargs[DNS_NAME_MAXTEXT-1] = 0;
-				strncat(omapiargs, viewname,
-					DNS_NAME_MAXTEXT);
-				omapiargs[DNS_NAME_MAXTEXT-1] = 0;
-			}
-			result = send_command(omapimgr, command, omapiargs);
-		} else if (strcmp(command, "refresh") == 0) {
-			char omapiargs[DNS_NAME_MAXTEXT];
-			omapiargs[0]=0;
-			if (zonename != NULL) {	
-				strncat(omapiargs, "Z", 1);
-				omapiargs[DNS_NAME_MAXTEXT-1] = 0;
-				strncat(omapiargs, zonename,
-					DNS_NAME_MAXTEXT);
-				omapiargs[DNS_NAME_MAXTEXT-1] = 0;
-			}
-			if (zonename != NULL && viewname != NULL) {
-				strncat(omapiargs, " ",
-					DNS_NAME_MAXTEXT);
-				omapiargs[DNS_NAME_MAXTEXT-1] = 0;
-			}
-			if (viewname != NULL) {	
-				strncat(omapiargs, "V", 1);
-				omapiargs[DNS_NAME_MAXTEXT-1] = 0;
-				strncat(omapiargs, viewname,
-					DNS_NAME_MAXTEXT);
-				omapiargs[DNS_NAME_MAXTEXT-1] = 0;
-			}
-			result = send_command(omapimgr, command, omapiargs);
+			result = send_command(omapimgr, command);
+
 		} else if (strcmp(command, "restart") == 0) {
 			result = ISC_R_NOTIMPLEMENTED;
 
@@ -563,12 +483,10 @@ main(int argc, char **argv) {
 			result = ISC_R_NOTIMPLEMENTED;
 
 		} else if (strcmp(command, "stop") == 0) {
-			result = send_command(omapimgr, command, args);
+			result = ISC_R_NOTIMPLEMENTED;
 
 		} else if (strcmp(command, "trace") == 0) {
 			result = ISC_R_NOTIMPLEMENTED;
-		} else {
-			result = send_command(omapimgr, command, args);
 		}
 
 		if (result == ISC_R_NOTIMPLEMENTED)
@@ -587,7 +505,6 @@ main(int argc, char **argv) {
 		else
 			printf("%s: %s command successful\n",
 			       progname, command);
-		isc_mem_put(mctx, command, len + 1);
 	}
 
 	notify("command loop done");

bin/rndc/rndc.conf

@@ -1,21 +1,21 @@
 /*
  * Copyright (C) 2000  Internet Software Consortium.
- *
+ * 
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
- * DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
- * INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
- * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
- * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
- * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
- * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
  */
 
-/* $Id: rndc.conf,v 1.6 2000/08/01 01:12:29 tale Exp $ */
+/* $Id: rndc.conf,v 1.3.2.1 2000/07/11 19:36:05 gson Exp $ */
 
 /*
  * Sample rndc configuration file.

bin/rndc/rndc.conf.5

@@ -1,202 +0,0 @@
-.\" Copyright (C) 2000  Internet Software Consortium.
-.\"
-.\" Permission to use, copy, modify, and distribute this software for any
-.\" purpose with or without fee is hereby granted, provided that the above
-.\" copyright notice and this permission notice appear in all copies.
-.\"
-.\" THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-.\" DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-.\" INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-.\" FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-.\" NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-.\" WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.\" $Id: rndc.conf.5,v 1.6 2000/08/01 01:18:48 tale Exp $
-.\"
-.Dd Jun 30, 2000
-.Dt RDNC.CONF 5
-.Os BIND9 9
-.ds vT BIND9 Programmer's Manual
-.Sh NAME
-.Nm rdnc.conf
-.Nd rdnc configuration file
-.Sh SYNOPSIS
-.Nm rdnc.conf
-.Sh DESCRIPTION
-The BIND9 utility for controlling the name server,
-.Nm rndc ,
-has its own configuration file
-.Pa /etc/rndc.conf .
-This file has a similar structure and syntax to
-.Pa named.conf ,
-the file used to configure the name server.
-Statements are enclosed in braces and terminated with a semi-colon.
-Clauses in the statements are also semi-colon terminated.
-The usual comment styles are supported:
-.Bl -tag -width UNIX-style:
-.It C style: /* */
-.It C++ style: // to end of line
-.It Unix style: # to end of line
-.El
-.Pp
-.Pa rndc.conf
-is much simpler than
-.Pa named.conf .
-The file uses three statements: an
-.Dv options{}
-statement, a
-.Dv server{}
-statement and a
-.Dv key{}
-statement.
-.Pp
-The
-.Dv options{}
-statement contains two clauses.
-The
-.Dv default-server
-clause
-is followed by the name or address of a name server.
-This host will
-be used when no name server is given as an argument to
-.Nm rndc .
-The
-.Dv default-key
-clause
-is followed by the name of a key which is identified by a
-.Dv key{}
-statement.
-If no
-.Fl y
-option is provided on the
-.Xr rndc
-command line, and no
-.Dv key
-clause is found in a a matching
-.Dv server{}
-statement, this default key will be used to authenticate the server's
-commands and responses.
-.Pp
-After the keyword
-.Dv server ,
-the
-.Dv server{}
-statement is followed by a string which is the hostname or address for a
-name server.
-The statement has a single clause,
-.Dv key .
-The key name must match the name of a
-.Dv key{}
-statement in the file.
-.Pp
-The
-.Dv key{}
-statement begins with an identifying string, the name of the key.
-The statement has two clauses.
-.Dv algorithm
-identifies the encryption algorithm for
-.Nm rndc
-to use; currently only HMAC-MD5 is supported.
-This is followed by a
-.Dv secret
-clause which contains the base-64 encoding of the
-algorithm's encryption key.
-The base-64 string is enclosed in double quotes.
-.Pp
-There are two common ways to generate the base-64 string for the
-.Dv secret .
-The BIND 9 program
-.Xr dnssec-keygen 8
-can be used to generate a random key, or the
-.Xr mmencode 1
-program, also known as
-.Xr mimencode 1 ,
-can be used to generate a base-64 string from known input.
-.Xr mmencode
-does not ship with BIND 9 but is available on many systems.
-See the
-.Sx EXAMPLES
-section for sample command lines for each.
-.Pp
-Host and key names must be quoted using double quotes if they
-match a keyword, such as having a key named "key".
-.Sh EXAMPLE
-.Bd -literal indent
-options {
-    default-server  localhost;
-    default-key     samplekey;
-};
-
-server localhost {
-    key     samplekey;
-};
-
-key samplekey {
-    algorithm hmac-md5;
-    secret "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K";
-};
-.Ed
-.Pp
-In the above example,
-.Nm rndc
-will by default use the server at localhost (127.0.0.1) and the key called
-.Dv samplekey .
-Commands to the localhost server will use the
-.Dv samplekey
-key.
-The
-.Dv key{}
-statement indicates that
-.Dv samplekey
-uses the HMAC-MD5 algorithm and its
-.Dv secret
-clause contains the base-64 encoding of the HMAC-MD5 secret enclosed
-in double quotes.
-.Pp
-To generate a random secret with
-.Xr dnssec-keygen :
-.Bd -literal indent
-$ dnssec-keygen -a hmac-md5 -b 128 -n user rndc
-.Ed
-.Pp
-The base-64 string will appear in two files,
-.Pa Krndc.+157.+{random}.key
-and
-.Pa Krndc.+157.+{random}.private .
-After extracting the key to be
-placed in the
-.Nm rndc.conf
-and
-.Xr named.conf
-.Dv key{}
-statements, the
-.Pa .key
-and
-.Pa .private
-files can be removed.
-.Pp
-To generate a secret from known input with
-.Xr mmenode :
-.Bd -literal indent
-$ echo "known plaintext for a secret" | mmencode
-.Ed
-.Sh LIMITATIONS
-There is currently no way to specify the port for
-.Xr rndc
-to use.  This will be remedied in future releases by allowing a
-.Dv port
-clause to the
-.Dv server{}
-statement and a
-.Dv default-port
-clause to the
-.Dv options{}
-statement.
-.Sh SEE ALSO
-.Xr rndc 8 ,
-.Xr named.conf 8 ,
-.Xr dnssec-keygen 8 ,
-.Xr mmencode 1 ,
-"BIND9 Administrators Manual".

bin/tests/.cvsignore

@@ -12,13 +12,11 @@ dispatch_test
 entropy_test
 entropy2_test
 fsaccess_test
-genrandom
 gxba_test
 gxbn_test
 headerdep_test.sh
 hash_test
 inter_test
-journalprint
 keyboard_test
 lex_test
 lfsr_test
@@ -41,7 +39,6 @@ rwlock_test
 sdig
 serial_test
 shutdown_test
-sig0_test
 sock_test
 sym_test
 t_journal

bin/tests/Kchild.example.+003+04017.key

@@ -1 +0,0 @@
-child.example. IN KEY 256 3 3 ALeiYGFXbil6PgHnkm5ZE67ygEVDvGT/gqZmLH7tGboofcPSfyhh1hpw dxZgJ26d/gynWMGVSYzaXfzsxpPoNeYn+qeevQoJOaxXXlfcy8Ik52Rm eW0J9mWlf9hsD7ShIhh1+0kRYGCOCaU25wIe3SLVkN3HgqiCBDYnBY0u nMkqRadiUnoEa3Tcvc9kJx9r9gDstR2A9A5sBhFLI/XQ0gViHHLVpQ4x hz+rTLb/xrBoAb5sQJT3xUjhhdNo9HuL6kwdLdSu//PCl1QnY9NpYPVV SKUo

bin/tests/Kchild.example.+003+04017.private

@@ -1,7 +0,0 @@
-Private-key-format: v1.2
-Algorithm: 3 (DSA)
-Prime(p): vGT/gqZmLH7tGboofcPSfyhh1hpwdxZgJ26d/gynWMGVSYzaXfzsxpPoNeYn+qeevQoJOaxXXlfcy8Ik52RmeQ==
-Subprime(q): t6JgYVduKXo+AeeSblkTrvKARUM=
-Base(g): bQn2ZaV/2GwPtKEiGHX7SRFgYI4JpTbnAh7dItWQ3ceCqIIENicFjS6cySpFp2JSegRrdNy9z2QnH2v2AOy1HQ==
-Private_value(x): J1Ctez8+w1PTR56Hze3pGoe0Wag=
-Public_value(y): gPQObAYRSyP10NIFYhxy1aUOMYc/q0y2/8awaAG+bECU98VI4YXTaPR7i+pMHS3Urv/zwpdUJ2PTaWD1VUilKA==

bin/tests/Makefile.in

@@ -1,19 +1,19 @@
 # Copyright (C) 1998-2000  Internet Software Consortium.
-#
+# 
 # Permission to use, copy, modify, and distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
 # copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
-# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-# INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
-# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
-# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
-# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+# 
+# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+# ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+# CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+# DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+# SOFTWARE.
 
-# $Id: Makefile.in,v 1.103 2000/10/02 20:13:47 bwelling Exp $
+# $Id: Makefile.in,v 1.96 2000/06/22 21:50:03 tale Exp $
 
 srcdir =	@srcdir@
 VPATH =		@srcdir@
@@ -27,7 +27,7 @@ CINCLUDES =	${DNS_INCLUDES} ${ISC_INCLUDES} ${LWRES_INCLUDES} \
 CDEFINES =
 CWARNINGS =
 
-DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_OPENSSL_LIBS@ @DNS_GSSAPI_LIBS@
+DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_OPENSSL_LIBS@
 ISCLIBS =	../../lib/isc/libisc.@A@
 OMAPILIBS =	../../lib/omapi/libomapi.@A@
 LWRESLIBS =	../../lib/lwres/liblwres.@A@
@@ -42,7 +42,7 @@ LIBS =		@LIBS@
 SUBDIRS = db dst master mem names net rbt sockaddr tasks timers system
 
 # Alphabetically
-TARGETS =	genrandom
+TARGETS =	
 
 XTARGETS =	adb_test \
 		byaddr_test \
@@ -58,7 +58,6 @@ XTARGETS =	adb_test \
 		hash_test \
 		fsaccess_test \
 		inter_test \
-		journalprint \
 		keyboard_test \
 		lex_test \
 		lfsr_test \
@@ -78,13 +77,13 @@ XTARGETS =	adb_test \
 		rwlock_test \
 		serial_test \
 		shutdown_test \
-		sig0_test \
 		sock_test \
 		sym_test \
 		task_test \
 		timer_test \
 		tkey_test \
-		wire_test
+		wire_test \
+		zone2_test
 
 # Alphabetically
 SRCS =		adb_test.c \
@@ -101,7 +100,6 @@ SRCS =		adb_test.c \
 		hash_test.c \
 		fsaccess_test.c \
 		inter_test.c \
-		journalprint.c \
 		keyboard_test.c \
 		lex_test.c \
 		lfsr_test.c \
@@ -122,22 +120,19 @@ SRCS =		adb_test.c \
 		rwlock_test.c \
 		serial_test.c \
 		shutdown_test.c \
-		sig0_test.c \
 		sock_test.c \
 		sym_test.c \
 		task_test.c \
 		timer_test.c \
 		tkey_test.c \
 		wire_test.c \
-		zone_test.c
+		zone_test.c \
+		zone2_test.c
 
 @BIND9_MAKE_RULES@
 
 all_tests: ${XTARGETS}
 
-genrandom: genrandom.@O@
-	${LIBTOOL} ${CC} ${CFLAGS} -o $@ genrandom.@O@
-
 adb_test: adb_test.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
 	${LIBTOOL} ${CC} ${CFLAGS} -o $@ adb_test.@O@ \
 		${DNSLIBS} ${ISCLIBS} ${LIBS}
@@ -246,6 +241,10 @@ serial_test: serial_test.@O@ ${ISCDEPLIBS}
 	${LIBTOOL} ${CC} ${CFLAGS} -o $@ serial_test.@O@ \
 		${ISCLIBS} ${LIBS}
 
+zone2_test: zone2_test.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
+	${LIBTOOL} ${CC} ${CFLAGS} -o $@ zone2_test.@O@ \
+		${DNSLIBS} ${ISCLIBS} ${LIBS}
+
 zone_test: zone_test.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
 	${LIBTOOL} ${CC} ${CFLAGS} -o $@ zone_test.@O@ \
 		${DNSLIBS} ${ISCLIBS} ${LIBS}
@@ -298,14 +297,6 @@ gxba_test: gxba_test.@O@ ${LWRESDEPLIBS}
 	${LIBTOOL} ${CC} ${CFLAGS} -o $@ gxba_test.@O@ \
 		${LWRESLIBS} ${ISCLIBS} ${LIBS}
 
-sig0_test: sig0_test.@O@ ${DNSDEPLIBS}
-	${LIBTOOL} ${CC} ${CFLAGS} -o $@ sig0_test.@O@ \
-		${DNSLIBS} ${ISCLIBS} ${LIBS}
-
-journalprint: journalprint.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
-	${LIBTOOL} ${CC} ${CFLAGS} -o $@ journalprint.@O@ \
-		${DNSLIBS} ${ISCLIBS} ${LIBS}
-
 distclean::
 	rm -f headerdep_test.sh