9.5.0b3

update libdns.def to remove nonexistent functions

.clang-format

@@ -1,73 +0,0 @@
-BasedOnStyle: LLVM
-IndentWidth: 8
-UseTab: Always
-BreakBeforeBraces: Custom
-BraceWrapping:
-  AfterClass:      false
-  AfterEnum:       false
-  AfterStruct:     false
-  AfterUnion:      false
-  AfterControlStatement: MultiLine
-  AfterFunction:   false # should also be MultiLine, but not yet supported
-  AfterExternBlock: false
-  BeforeElse:      false
-  IndentBraces:    false
-  SplitEmptyFunction: true
-AllowShortIfStatementsOnASingleLine: false
-IndentCaseLabels: false
-AlwaysBreakAfterReturnType: All
-Cpp11BracedListStyle: false
-ColumnLimit: 80
-AlignAfterOpenBracket: Align
-AlignConsecutiveDeclarations: false
-AlignConsecutiveMacros: true
-AlignTrailingComments: true
-AllowAllArgumentsOnNextLine: true
-AlwaysBreakBeforeMultilineStrings: false
-BreakBeforeBinaryOperators: None
-BreakBeforeTernaryOperators: true
-AlignEscapedNewlines: Left
-DerivePointerAlignment: false
-PointerAlignment: Right
-PointerBindsToType: false
-IncludeBlocks: Regroup
-IncludeCategories:
-  - Regex:           '^<isc/'
-    Priority:        5
-  - Regex:           '^<(pk11|pkcs11)/'
-    Priority:        10
-  - Regex:           '^<dns/'
-    Priority:        15
-  - Regex:           '^<dst/'
-    Priority:        20
-  - Regex:           '^<isccc/'
-    Priority:        25
-  - Regex:           '^<isccfg/'
-    Priority:        30
-  - Regex:           '^<ns/'
-    Priority:        35
-  - Regex:           '^<irs/'
-    Priority:        40
-  - Regex:           '^<bind9/'
-    Priority:        45
-  - Regex:           '^<(dig|named|rndc|confgen|dlz)/'
-    Priority:        50
-  - Regex:           '^<dlz_'
-    Priority:        55
-  - Regex:           '^".*"'
-    Priority:        99
-  - Regex:           '<openssl/'
-    Priority:        1
-  - Regex:           '<(mysql|protobuf-c)/'
-    Priority:        1
-  - Regex:           '.*'
-    Priority:        0
-KeepEmptyLinesAtTheStartOfBlocks: false
-MaxEmptyLinesToKeep: 1
-PenaltyBreakAssignment: 30
-PenaltyBreakComment: 10
-PenaltyBreakFirstLessLess: 0
-PenaltyBreakString: 80
-PenaltyExcessCharacter: 100
-Standard: Cpp11
-ContinuationIndentWidth: 8

.clang-format.headers

@@ -1,61 +0,0 @@
-BasedOnStyle: LLVM
-IndentWidth: 8
-UseTab: Always
-BreakBeforeBraces: Custom
-BraceWrapping:
-  AfterClass:      false
-  AfterEnum:       false
-  AfterStruct:     false
-  AfterUnion:      false
-  AfterControlStatement: MultiLine
-  AfterFunction:   false # should also be MultiLine, but not yet supported
-  AfterExternBlock: false
-  BeforeElse:      false
-  IndentBraces:    false
-  SplitEmptyFunction: true
-AllowShortIfStatementsOnASingleLine: false
-IndentCaseLabels: false
-AlwaysBreakAfterReturnType: All
-Cpp11BracedListStyle: false
-ColumnLimit: 80
-AlignAfterOpenBracket: Align
-AlignConsecutiveDeclarations: true
-AlignConsecutiveMacros: true
-AlignTrailingComments: true
-AllowAllArgumentsOnNextLine: true
-AlwaysBreakBeforeMultilineStrings: false
-BreakBeforeBinaryOperators: None
-BreakBeforeTernaryOperators: true
-AlignEscapedNewlines: Left
-DerivePointerAlignment: false
-PointerAlignment: Right
-PointerBindsToType: false
-IncludeBlocks: Regroup
-IncludeCategories:
-  - Regex:           '^<isc/'
-    Priority:        2
-  - Regex:           '^<dns/'
-    Priority:        3
-  - Regex:           '^<iscccc/'
-    Priority:        4
-  - Regex:           '^<isccfg/'
-    Priority:        5
-  - Regex:           '^<ns/'
-    Priority:        6
-  - Regex:           '^<bind9/)'
-    Priority:        7
-  - Regex:           '^(<[^/]*)/)'
-    Priority:        8
-  - Regex:           '<[[:alnum:].]+>'
-    Priority:        1
-  - Regex:           '".*"'
-    Priority:        9
-KeepEmptyLinesAtTheStartOfBlocks: false
-MaxEmptyLinesToKeep: 1
-PenaltyBreakAssignment: 30
-PenaltyBreakComment: 10
-PenaltyBreakFirstLessLess: 0
-PenaltyBreakString: 80
-PenaltyExcessCharacter: 100
-Standard: Cpp11
-ContinuationIndentWidth: 8

.cvsignore

@@ -0,0 +1,9 @@
+Makefile
+config.log
+config.h
+config.cache
+config.status
+libtool
+isc-config.sh
+configure.lineno
+autom4te.cache

.dir-locals.el

@@ -1,114 +0,0 @@
-;;; Directory Local Variables
-;;; For more information see (info "(emacs) Directory Variables")
-
-((c-mode .
-  ((eval .
-	 (set (make-local-variable 'directory-of-current-dir-locals-file)
-	      (file-name-directory (locate-dominating-file default-directory ".dir-locals.el"))
-	      )
-	 )
-   (eval .
-	 (set (make-local-variable 'include-directories)
-	      (list
-
-	       ;; top directory
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "./"))
-
-	       ;; libisc
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "lib/isc/unix/include"))
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "lib/isc/pthreads/include"))
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "lib/isc/include"))
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "lib/isc"))
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "lib/isc/netmgr"))
-
-	       ;; libdns
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "lib/dns/include"))
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "lib/dns"))
-
-	       ;; libisccc
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "lib/isccc/include"))
-
-	       ;; libisccfg
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "lib/isccfg/include"))
-
-	       ;; libns
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "lib/ns/include"))
-
-	       ;; libirs
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "lib/irs/include"))
-
-	       ;; libbind9
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "lib/bind9/include"))
-
-	       ;; bin
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "bin/check"))
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "bin/confgen/include"))
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "bin/confgen"))
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "bin/confgen/include"))	       
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "bin/dig/include"))
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "bin/named/include"))
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "bin/named/unix/include"))
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "bin/rndc/include"))
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "bin/dnssec/include"))
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "bin/named/include"))
-	       (expand-file-name
-		(concat directory-of-current-dir-locals-file "bin/rndc/include"))
-
-	       (expand-file-name "/usr/local/opt/openssl@1.1/include")
-	       (expand-file-name "/usr/local/opt/libxml2/include/libxml2")
-	       (expand-file-name "/usr/local/opt/json-c/include/json-c/")
-	       (expand-file-name "/usr/local/include")
-	       )
-	      )
-	 )
-
-   (eval setq flycheck-clang-include-path include-directories)
-   (eval setq flycheck-cppcheck-include-path include-directories)
-   (eval setq flycheck-gcc-include-path include-directories)
-   (eval setq flycheck-clang-args
-	 (list
-	  "-include"
-	  (expand-file-name
-	   (concat directory-of-current-dir-locals-file "config.h"))
-	  )
-	 )
-   (eval setq flycheck-gcc-args
-	 (list
-	  "-include"
-	  (expand-file-name
-	   (concat directory-of-current-dir-locals-file "config.h"))
-	  )
-	 )
-   (eval setq flycheck-cppcheck-args
-	 (list
-	  "--enable=all"
-	  "--suppress=missingIncludeSystem"
-	  (concat "-include=" (expand-file-name
-			       (concat directory-of-current-dir-locals-file "config.h")))
-	  )
-	 )
-   )
-  ))

.gitattributes

@@ -1,11 +0,0 @@
-*.sln.in eol=crlf
-*.vcxproj.* eol=crlf
-
-.gitignore			 export-ignore
-/conftools			 export-ignore
-/doc/design			 export-ignore
-/doc/dev			 export-ignore
-/util/**			 export-ignore
-/util/bindkeys.pl		-export-ignore
-/util/check-make-install.in	-export-ignore
-/util/mksymtbl.pl		-export-ignore

.gitignore

@@ -1,69 +0,0 @@
-*-symtbl.c
-*.a
-*.gcda
-*.gcno
-*.la
-*.lo
-*.log
-*.o
-*.orig
-*.plist/ # ccc-analyzer store its results in .plist directories
-*.rej
-*.so
-*.trs
-*_test
-*.ipch # vscode/intellisense precompiled header
-*~
-__pycache__/
-.ccache/
-.cproject
-.deps/
-.dirstamp
-.libs/
-.project
-.settings
-/aclocal.m4
-/ar-lib
-/autom4te.cache/
-/bind.keys.h
-/compile
-/config.cache
-/config.guess
-/config.h
-/config.h.in
-/config.log
-/config.status
-/config.sub
-/configure
-/configure.lineno
-/depcomp
-/install-sh
-/isc-config.sh
-/libltdl/*
-/libtool
-/ltmain.sh
-/m4/libtool.m4
-/m4/ltargz.m4
-/m4/ltdl.m4
-/m4/ltoptions.m4
-/m4/ltsugar.m4
-/m4/ltversion.m4
-/m4/lt~obsolete.m4
-/missing
-/py-compile
-/stamp-h1
-/test-driver
-Makefile
-Makefile.in
-ans.run
-gen.dSYM/
-kyua.log
-named.memstats
-named.run
-timestamp
-/compile_commands.json
-/cppcheck_html/
-/cppcheck.results
-/tsan
-/util/check-make-install
-/INSTALL

.gitlab/issue_templates/Bug.md

@@ -1,46 +0,0 @@
-<!--
-If the bug you are reporting is potentially security-related - for example,
-if it involves an assertion failure or other crash in `named` that can be
-triggered repeatedly - then please do *NOT* report it here, but send an
-email to [security-officer@isc.org](security-officer@isc.org).
--->
-
-### Summary
-
-(Summarize the bug encountered concisely.)
-
-### BIND version used
-
-(Paste the output of `named -V`.)
-
-### Steps to reproduce
-
-(How one can reproduce the issue - this is very important.)
-
-### What is the current *bug* behavior?
-
-(What actually happens.)
-
-### What is the expected *correct* behavior?
-
-(What you should see instead.)
-
-### Relevant configuration files
-
-(Paste any relevant configuration files - please use code blocks (```)
-to format console output. If submitting the contents of your
-configuration file in a non-confidential Issue, it is advisable to
-obscure key secrets: this can be done automatically by using
-`named-checkconf -px`.)
-
-### Relevant logs and/or screenshots
-
-(Paste any relevant logs - please use code blocks (```) to format console
-output, logs, and code, as it's very hard to read otherwise.)
-
-### Possible fixes
-
-(If you can, link to the line of code that might be responsible for the
-problem.)
-
-/label ~bug

.gitlab/issue_templates/Feature_Request.md

@@ -1,11 +0,0 @@
-### Description
-
-(Describe the problem, use cases, benefits, and/or goals.)
-
-### Request
-
-(Describe the solution you'd like to see.)
-
-### Links / references
-
-/label ~"feature request"

.gitlab/issue_templates/Release.md

@@ -1,74 +0,0 @@
-## Release Schedule
-
-**Code Freeze:**
-
-**Tagging Deadline:**
-
-**Public Release:**
-
-## Release Checklist
-
-### Before the Code Freeze
-
- - [ ] ***(QA)*** Inform Support and Marketing of impending release (and give estimated release dates).
- - [ ] ***(QA)*** Ensure there are no permanent test failures on any platform.
- - [ ] ***(QA)*** Check Perflab to ensure there has been no unexplained drop in performance for the versions being released.
- - [ ] ***(QA)*** Check whether all issues assigned to the release milestone are resolved[^1].
- - [ ] ***(QA)*** Ensure that there are no outstanding merge requests in the private repository[^1] (Subscription Edition only).
- - [ ] ***(QA)*** Ensure all merge requests marked for backporting have been indeed backported.
-
-### Before the Tagging Deadline
-
- - [ ] ***(QA)*** Look for outstanding documentation issues (e.g. `CHANGES` mistakes) and address them if any are found.
- - [ ] ***(QA)*** Ensure release notes are correct, ask Support and Marketing to check them as well.
- - [ ] ***(Support)*** Check release notes, ask QA to correct any mistakes found.
- - [ ] ***(Marketing)*** Check release notes, ask QA to correct any mistakes found.
- - [ ] ***(SwEng)*** Update API files for libraries with new version information.
- - [ ] ***(SwEng)*** Change software version and library versions in `configure.ac` (new major release only).
- - [ ] ***(SwEng)*** Rebuild `configure` using Autoconf on `docs.isc.org`.
- - [ ] ***(SwEng)*** Update `CHANGES`.
- - [ ] ***(SwEng)*** Update `CHANGES.SE` (Subscription Edition only).
- - [ ] ***(SwEng)*** Update `README.md`.
- - [ ] ***(SwEng)*** Update `version`.
- - [ ] ***(SwEng)*** Build documentation on `docs.isc.org`.
- - [ ] ***(QA)*** Check that all the above steps were performed correctly.
- - [ ] ***(QA)*** Check that the formatting is correct for text, PDF, and HTML versions of release notes.
- - [ ] ***(SwEng)*** Tag the releases[^2].  (Tags may only be pushed to the public repository for releases which are *not* security releases.)
- - [ ] ***(SwEng)*** If this is the first tag for a release (e.g. beta), create a release branch named `release_v9_X_Y` to allow development to continue on the maintenance branch whilst release engineering continues.
-
-### Before the ASN Deadline (for ASN Releases) or the Public Release Date (for Regular Releases)
-
- - [ ] ***(QA)*** Verify GitLab CI results for the tags created and prepare a QA report for the releases to be published.
- - [ ] ***(QA)*** Request signatures for the tarballs, providing their location and checksums.
- - [ ] ***(Signers)*** Validate tarball checksums, sign tarballs, and upload signatures.
- - [ ] ***(QA)*** Verify tarball signatures and check tarball checksums again.
- - [ ] ***(Support)*** Pre-publish ASN and/or Subscription Edition tarballs so that packages can be built.
- - [ ] ***(QA)*** Build and test ASN and/or Subscription Edition packages.
- - [ ] ***(QA)*** Notify Support that the releases have been prepared.
- - [ ] ***(Support)*** Send out ASNs (if applicable).
-
-### On the Day of Public Release
-
- - [ ] ***(Support)*** Wait for clearance from Security Officer to proceed with the public release (if applicable).
- - [ ] ***(Support)*** Place tarballs in public location on FTP site.
- - [ ] ***(Support)*** Publish links to downloads on ISC website.
- - [ ] ***(Support)*** Write release email to *bind-announce*.
- - [ ] ***(Support)*** Write email to *bind-users* (if a major release).
- - [ ] ***(Support)*** Update tickets in case of waiting support customers.
- - [ ] ***(QA)*** Build and test any outstanding private packages.
- - [ ] ***(QA)*** Build public packages (`*.deb`, RPMs).
- - [ ] ***(QA)*** Inform Marketing of the release.
- - [ ] ***(QA)*** Update the internal [BIND release dates wiki page](https://wiki.isc.org/bin/view/Main/BindReleaseDates) when public announcement has been made.
- - [ ] ***(Marketing)*** Post short note to Twitter.
- - [ ] ***(Marketing)*** Update [Wikipedia entry for BIND](https://en.wikipedia.org/wiki/BIND).
- - [ ] ***(Marketing)*** Write blog article (if a major release).
- - [ ] ***(QA)*** Ensure all new tags are annotated and signed.
- - [ ] ***(SwEng)*** Merge the automatically prepared `prep 9.X.Y` commit which updates `version` and documentation on the release branch into the relevant maintenance branch (`v9_X`).
- - [ ] ***(SwEng)*** Push tags for the published releases to the public repository.
- - [ ] ***(QA)*** For each maintained branch, update the `BIND_BASELINE_VERSION` variable for the `abi-check` job in `.gitlab-ci.yml` to the latest published BIND version tag for a given branch.
- - [ ] ***(QA)*** Prepare empty release notes for the next set of releases.
- - [ ] ***(QA)*** Update QA tools used in GitLab CI (e.g. Flake8, PyLint) by modifying the relevant `Dockerfile`.
-
-[^1]: If not, use the time remaining until the tagging deadline to ensure all outstanding issues are either resolved or moved to a different milestone.
-
-[^2]: Preferred command line: `git tag -u <DEVELOPER_KEYID> -a -s -m "BIND 9.X.Y[alphatag]" v9_X_Y[alphatag]`, where `[alphatag]` is an optional string such as `b1`, `rc1`, etc.

.lgtm.yml

@@ -1,35 +0,0 @@
-extraction:
-  cpp:
-    prepare:
-      packages:
-      - "libxml2-dev"
-      - "libjson-c-dev"
-      - "libssl-dev"
-      - "zlib1g-dev"
-      - "libcmocka-dev"
-      - "pkg-config"
-      - "libcap2-dev"
-      - "libedit-dev"
-      - "libidn2-dev"
-      - "libmaxminddb-dev"
-      - "libuv1-dev"
-    configure:
-      command:
-      - "autoreconf -fi"
-      - "CFLAGS=\"-Og -g\" ./configure --enable-developer"
-path_classifiers:
-  test:
-    - "lib/*/tests/"
-    - "bin/tests/"
-  docs:
-    - "**/*.xml"
-    - "**/*.docbook"
-    - "**/*.html"
-    - "**/*.1"
-    - "**/*.5"
-    - "**/*.8"
-queries:
-  - exclude: libltdl/
-  - exclude: fuzz/
-  - exclude: "bin/tests/system/*/ans*/*.py"
-  - exclude: cpp/use-of-goto

.pylintrc

@@ -1,7 +0,0 @@
-[MASTER]
-disable=
-    C0114, # missing-module-docstring
-    C0115, # missing-class-docstring
-    C0116, # missing-function-docstring
-    R0801, # duplicate-code
-    C0103, # invalid-name

AUTHORS

@@ -1,53 +0,0 @@
-Mark Andrews
-Andreas Gustafsson
-Evan Hunt
-Brian Wellington
-Bob Halley
-David Lawrence
-Michael Graff
-Michael Sawyer
-Ondřej Surý
-James Brister
-Tatuya JINMEI 神明達哉
-Francis Dupont
-Michał Kępień
-Danny Mayer
-Mukund Sivaraman
-Jeremy C. Reed
-William King
-Stephen Morris
-Witold Kręcicki
-Curtis Blackburn
-Scott Mann
-Rob Austein
-Jim Reid
-Eric Luce
-Olafur Gudmundsson
-Stephen Jacob
-Damien Neil
-Tony Finch
-Jakob Schlyter
-Petr Menšík
-Vernon Schryver
-Matt Nelson
-Shane Kerr
-Paul Ebersman
-Ray Bellis
-Shawn Routhier
-Ben Cottrell
-Tomas Hozza
-johnd
-Bill Parker
-李昶
-Kevin Chen
-Jonathan Casey
-Mary Stahl
-Mathieu Arnold
-David Hankins
-Paul Hoffman
-Paul Vixie
-Brian Conry
-Anay Panvalkar
-colleen
-Robert Edmonds
-João Damas

CODE_OF_CONDUCT.md

@@ -1,71 +0,0 @@
-# BIND 9 Code of Conduct
-
-Like the technical community as a whole, the BIND 9 team and community is made
-up of a mixture of professionals and volunteers from all over the world, working
-on every aspect of the mission - including mentorship, teaching, and connecting
-people.
-
-Diversity is one of our huge strengths, but it can also lead to communication
-issues and unhappiness. To that end, we have a few ground rules to which we expect
-people to adhere. This code applies equally to the core development team, open source contributors and those
-seeking help and guidance.
-
-This isn't an exhaustive list of things that you can't do. Rather, take it in
-the spirit in which it's intended - a guide to make it easier to enrich all of
-us and the technical communities in which we participate.
-
-This code of conduct applies to all spaces managed by the BIND 9 project or
-Internet Systems Consortium. This includes chat, the mailing lists, the issue
-tracker, and any other fora created by the project team which the
-community uses for communication. In addition, violations of this code outside
-these spaces may affect a person's ability to participate within them.
-
-If you believe someone is violating the code of conduct, we ask that you report
-it by emailing [conduct@isc.org](conduct@isc.org). For more details please see
-our [Reporting Guidelines](https://www.isc.org/conductreporting/).
-
-* **Be friendly and patient.**
-* **Be welcoming.** We strive to be a community that welcomes and supports
-  people of all backgrounds and identities. This includes, but is not limited to
-  members of any race, ethnicity, culture, national origin, colour, immigration
-  status, social and economic class, educational level, sex, sexual orientation,
-  gender identity and expression, age, size, family status, political belief,
-  religion, and mental and physical ability.
-* **Be considerate.** Your work will be used by other people, and you in turn
-  will depend on the work of others. Any decision you take will affect users and
-  colleagues, and you should take those consequences into account when making
-  decisions. Remember that we're a world-wide community, so you might not be
-  communicating in someone else's primary language.
-* **Be respectful.** Not all of us will agree all the time, but disagreement is
-  no excuse for poor behavior and poor manners. We might all experience some
-  frustration now and then, but we cannot allow that frustration to turn into a
-  personal attack. It's important to remember that a community where people feel
-  uncomfortable or threatened is not a productive one. Members of the BIND 9
-  community should be respectful when dealing with other members as well as with
-  people outside the BIND 9 community.
-* **Be careful in the words that you choose.** We are a community of
-  professionals, and we conduct ourselves professionally. Be kind to others. Do
-  not insult or put down other participants. Harassment and other exclusionary
-  behavior aren't acceptable. This includes, but is not limited to:
-  * Violent threats or language directed against another person.
-  * Discriminatory jokes and language.
-  * Posting sexually explicit or violent material.
-  * Posting (or threatening to post) other people's personally identifying
-    information ("doxing").
-  * Personal insults, especially those using racist or sexist terms.
-  * Unwelcome sexual attention.
-  * Advocating for, or encouraging, any of the above behavior.
-  * Repeated harassment of others. In general, if someone asks you to stop, then
-    stop.
-* **When we disagree, try to understand why.** Disagreements, both social and
-  technical, happen all the time and BIND 9 is no exception. It is important
-  that we resolve disagreements and differing views constructively. Remember
-  that we're different. The strength of BIND 9 comes from its varied community,
-  people from a wide range of backgrounds. Different people have different
-  perspectives on issues. Being unable to understand why someone holds a
-  viewpoint doesn't mean that they're wrong. Don't forget that it is human to
-  err and blaming each other doesn't get us anywhere. Instead, focus on helping
-  to resolve issues and learning from mistakes.
-
-Original text courtesy of the [Django Code of Conduct](https://www.djangoproject.com/conduct/)
-project.

CONTRIBUTING.md

@@ -1,203 +0,0 @@
-<!--
- - Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- -
- - This Source Code Form is subject to the terms of the Mozilla Public
- - License, v. 2.0. If a copy of the MPL was not distributed with this
- - file, You can obtain one at http://mozilla.org/MPL/2.0/.
- -
- - See the COPYRIGHT file distributed with this work for additional
- - information regarding copyright ownership.
--->
-## BIND 9 Source Access and Contributor Guidelines
-*May 28, 2020*
-
-### Contents
-
-1. [Access to source code](#access)
-1. [Reporting bugs](#bugs)
-1. [Contributing code](#contrib)
-
-### Introduction
-
-Thank you for using BIND 9!
-
-BIND is open source software that implements the Domain Name System (DNS)
-protocols for the Internet. It is a reference implementation of those
-protocols, but it is also production-grade software, suitable for use in
-high-volume and high-reliability applications.  It is very
-widely used DNS software, providing a robust and stable platform on top of
-which organizations can build distributed computing systems with the
-knowledge that those systems are fully compliant with published DNS
-standards.
-
-BIND is and will always remain free and openly available.  It can be
-used and modified in any way by anyone.
-
-BIND is maintained by [Internet Systems Consortium](https://www.isc.org),
-a public-benefit 501(c)(3) nonprofit, using a "managed open source" approach:
-anyone can see the source, but only ISC employees have commit access.
-In the past, the source could only be seen once ISC had published
-a release; read access to the source repository was restricted just
-as commit access was.  That has changed, as ISC now provides a
-public git mirror to the BIND source tree (see below).
-
-At ISC, we're committed to
-building communities that are welcoming and inclusive: environments where people
-are encouraged to share ideas, treat each other with respect, and collaborate
-towards the best solutions. To reinforce our commitment, ISC
-has adopted a slightly modified version of the Django
-[Code of Conduct](https://gitlab.isc.org/isc-projects/bind9/-/blob/master/CODE_OF_CONDUCT.md) for the BIND 9 project, as well as for the conduct of our
-developers throughout the industry.
-
-### <a name="access"></a>Access to source code
-
-Public BIND releases are always available from the
-[ISC FTP site](ftp://ftp.isc.org/isc/bind9).
-
-A public-access GIT repository is also available at
-[https://gitlab.isc.org](https://gitlab.isc.org).
-This repository is a mirror, updated several times per day, of the
-source repository maintained by ISC.  It contains all the public release
-branches; upcoming releases can be viewed in their current state at any
-time.  It does *not* contain development branches or unreviewed work in
-progress.  Commits which address security vulnerablilities are withheld
-until after public disclosure.
-
-You can browse the source online via
-[https://gitlab.isc.org/isc-projects/bind9](https://gitlab.isc.org/isc-projects/bind9)
-
-To clone the repository, use:
-
->       $ git clone https://gitlab.isc.org/isc-projects/bind9.git
-
-Release branch names are of the form `v9_X`, where X represents the second
-number in the BIND 9 version number.  So, to check out the BIND 9.12
-branch, use:
-
->       $ git checkout v9_12
-
-Whenever a branch is ready for publication, a tag is placed of the
-form `v9_X_Y`.  The 9.12.0 release, for instance, is tagged as `v9_12_0`.
-
-The branch in which the next major release is being developed is called
-`master`.
-
-### <a name="bugs"></a>Reporting bugs
-
-Reports of flaws in the BIND package, including software bugs, errors
-in the documentation, missing files in the tarball, suggested changes
-or requests for new features, etc., can be filed using
-[https://gitlab.isc.org/isc-projects/bind9/issues](https://gitlab.isc.org/isc-projects/bind9/issues).
-
-Due to a large ticket backlog, we are sometimes slow to respond,
-especially if a bug is cosmetic or if a feature request is vague or
-low in priority, but we try at least to acknowledge legitimate
-bug reports within a week.
-
-ISC's GitLab system is publicly readable; however, you must have
-an account to create a new issue. You can either register locally or
-use credentials from an existing account at GitHub, GitLab, Google,
-Twitter, or Facebook.
-
-### Reporting possible security issues
-If you think you may be seeing a potential security vulnerability in BIND
-(for example, a crash with REQUIRE, INSIST, or ASSERT failure), please
-report it immediately by emailing to security-officer@isc.org. Plain-text
-e-mail is not a secure choice for communications concerning undisclosed
-security issues so please encrypt your communications to us if possible,
-using the [ISC Security Officer public key](https://www.isc.org/pgpkey/).
-
-Do not discuss undisclosed security vulnerabilities on any public mailing list.
-ISC has a long history of handling reported vulnerabilities promptly and
-effectively and we respect and acknowledge responsible reporters.
-
-ISC's Security Vulnerability Disclosure Policy is documented at [https://kb.isc.org/docs/aa-00861](https://kb.isc.org/docs/aa-00861).
-
-If you have a crash, you may want to consult
-["What to do if your BIND or DHCP server has crashed."](https://kb.isc.org/docs/aa-00340)
-
-### <a name="contrib"></a>Contributing code
-
-BIND is licensed under the
-[Mozilla Public License 2.0](https://www.mozilla.org/en-US/MPL/2.0/).
-Earlier versions (BIND 9.10 and earlier) were licensed under the [ISC License](https://www.isc.org/licenses/)
-
-ISC does not require an explicit copyright assignment for patch
-contributions.  However, by submitting a patch to ISC, you implicitly
-certify that you are the author of the code, that you intend to relinquish
-exclusive copyright, and that you grant permission to publish your work
-under the open source license used for the BIND version(s) to which your
-patch will be applied.
-
-#### <a name="bind"></a>BIND code
-
-Patches for BIND may be submitted directly via merge requests in
-[ISC's GitLab](https://gitlab.isc.org/isc-projects/bind9/) source
-repository for BIND.
-
-Patches can also be submitted as diffs against a specific version of
-BIND -- preferably the current top of the `master` branch.  Diffs may
-be generated using either `git format-patch` or `git diff`.
-
-Those wanting to write code for BIND may be interested in the
-[developer information](doc/dev/dev.md) page, which includes information
-about BIND design and coding practices, including discussion of internal
-APIs and overall system architecture.
-
-Every patch submitted is reviewed by ISC engineers following our
-[code review process](doc/dev/dev.md#reviews) before it is merged.
-
-It may take considerable time to review patch submissions, especially if
-they don't meet ISC style and quality guidelines.  If a patch is a good
-idea, we can and will do additional work to bring it up to par, but if
-we're busy with other work, it may take us a long time to get to it.
-
-To ensure your patch is acted on as promptly as possible, please:
-
-* Try to adhere to the [BIND 9 coding style](doc/dev/style.md).
-* Run `make check` to ensure your change hasn't caused any
-  functional regressions.
-* Document your work, both in the patch itself and in the
-  accompanying email.
-* In patches that make non-trivial functional changes, include system
-  tests if possible; when introducing or substantially altering a
-  library API, include unit tests. See [Testing](doc/dev/dev.md#testing)
-  for more information.
-
-##### Changes to `configure`
-
-If you need to make changes to `configure`, you should not edit it
-directly; instead, edit `configure.in`, then run `autoconf`.  Similarly,
-instead of editing `config.h.in` directly, edit `configure.in` and run
-`autoheader`.
-
-When submitting a patch as a diff, it's fine to omit the `configure`
-diffs to save space.  Just send the `configure.in` diffs and we'll
-generate the new `configure` during the review process.
-
-##### Documentation
-
-All functional changes should be documented. There are three types
-of documentation in the BIND source tree:
-
-* Man pages are kept alongside the source code for the commands
-  they document, in files ending in `.rst`: for example, the
-  `named` man page is `bin/named/named.rst`.
-* The *BIND 9 Administrator Reference Manual* is in the .rst files in
-  `doc/arm/`; the PDF and HTML versions are automatically generated from the `.rst` files.
-* API documentation is in the header file describing the API, in
-  Doxygen-formatted comments.
-
-Patches to improve existing documentation are also very welcome!
-
-##### Tests
-
-BIND is a large and complex project. We rely heavily on continuous
-automated testing and cannot merge new code without adequate test coverage.
-Please see [the "Testing" section of doc/dev/dev.md](doc/dev/dev.md#testing)
-for more information.
-
-#### Thanks
-
-Thank you for your interest in contributing to the ongoing development
-of BIND 9.

COPYING

@@ -1 +0,0 @@
-LICENSE

COPYRIGHT

@@ -1,18 +1,21 @@
-Copyright (C) 1996-2020  Internet Systems Consortium, Inc. ("ISC")
+Copyright (C) 2004-2008  Internet Systems Consortium, Inc. ("ISC")
+Copyright (C) 1996-2003  Internet Software Consortium.
 
-This Source Code Form is subject to the terms of the Mozilla Public
-License, v. 2.0. If a copy of the MPL was not distributed with this
-file, You can obtain one at http://mozilla.org/MPL/2.0/.
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
 
- -----------------------------------------------------------------------------
+THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+PERFORMANCE OF THIS SOFTWARE.
 
-	Portions of this code release fall under one or more of the
-	following Copyright notices.  Please see individual source
-	files for details.
+$Id: COPYRIGHT,v 1.13.130.1 2008/01/02 23:46:28 tbox Exp $
 
-	For binary releases also see: OpenSSL-LICENSE.
-
-Copyright (C) 1996-2001  Nominum, Inc.
+Portions Copyright (C) 1996-2001  Nominum, Inc.
 
 Permission to use, copy, modify, and distribute this software for any
 purpose with or without fee is hereby granted, provided that the above
@@ -25,345 +28,3 @@ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
 OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
- -----------------------------------------------------------------------------
-
-Copyright (C) 1995-2000 by Network Associates, Inc.
-
-Permission to use, copy, modify, and/or distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
-ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE
-FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
-IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
- -----------------------------------------------------------------------------
-
-Copyright (C) 2002 Stichting NLnet, Netherlands, stichting@nlnet.nl.
-
-Permission to use, copy, modify, and distribute this software for any
-purpose with or without fee is hereby granted, provided that the
-above copyright notice and this permission notice appear in all
-copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND STICHTING NLNET
-DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-STICHTING NLNET BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
-CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
-OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE
-USE OR PERFORMANCE OF THIS SOFTWARE.
-
-The development of Dynamically Loadable Zones (DLZ) for Bind 9 was
-conceived and contributed by Rob Butler.
-
-Permission to use, copy, modify, and distribute this software for any
-purpose with or without fee is hereby granted, provided that the
-above copyright notice and this permission notice appear in all
-copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND ROB BUTLER
-DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
-ROB BUTLER BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
-CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
-OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE
-USE OR PERFORMANCE OF THIS SOFTWARE.
-
- -----------------------------------------------------------------------------
-
-Copyright (c) 1987, 1990, 1993, 1994
-     The Regents of the University of California.  All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-1. Redistributions of source code must retain the above copyright
-   notice, this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-3. Neither the name of the University nor the names of its contributors
-   may be used to endorse or promote products derived from this software
-   without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
- -----------------------------------------------------------------------------
-
-Copyright (C) The Internet Society 2005.  This version of
-this module is part of RFC 4178; see the RFC itself for
-full legal notices.
-
-(The above copyright notice is per RFC 3978 5.6 (a), q.v.)
-
- -----------------------------------------------------------------------------
-
-Copyright (c) 2004 Masarykova universita
-(Masaryk University, Brno, Czech Republic)
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-1. Redistributions of source code must retain the above copyright notice,
-   this list of conditions and the following disclaimer.
-
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-
-3. Neither the name of the University nor the names of its contributors may
-   be used to endorse or promote products derived from this software
-   without specific prior written permission.
- 
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
-LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGE.
-
- -----------------------------------------------------------------------------
-
-Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
-(Royal Institute of Technology, Stockholm, Sweden). 
-All rights reserved. 
-
-Redistribution and use in source and binary forms, with or without 
-modification, are permitted provided that the following conditions 
-are met: 
-
-1. Redistributions of source code must retain the above copyright 
-   notice, this list of conditions and the following disclaimer. 
-
-2. Redistributions in binary form must reproduce the above copyright 
-   notice, this list of conditions and the following disclaimer in the 
-   documentation and/or other materials provided with the distribution. 
-
-3. Neither the name of the Institute nor the names of its contributors 
-   may be used to endorse or promote products derived from this software 
-   without specific prior written permission. 
-
-THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
-ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
-SUCH DAMAGE. 
-
- -----------------------------------------------------------------------------
-
-Copyright (c) 1993 by Digital Equipment Corporation.
-
-Permission to use, copy, modify, and distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies, and that
-the name of Digital Equipment Corporation not be used in advertising or
-publicity pertaining to distribution of the document or software without
-specific, written prior permission.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL
-WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES
-OF MERCHANTABILITY AND FITNESS.   IN NO EVENT SHALL DIGITAL EQUIPMENT
-CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
-DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
-PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
-ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
-SOFTWARE.
-
- -----------------------------------------------------------------------------
-
-Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-1. Redistributions of source code must retain the above copyright
-   notice, this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-3. Neither the name of the project nor the names of its contributors
-   may be used to endorse or promote products derived from this software
-   without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
- -----------------------------------------------------------------------------
-
-Copyright (c) 1999-2000 by Nortel Networks Corporation
-
-Permission to use, copy, modify, and distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND NORTEL NETWORKS DISCLAIMS
-ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
-OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NORTEL NETWORKS
-BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES
-OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
-WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
-ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
-SOFTWARE.
-
- -----------------------------------------------------------------------------
-
-Copyright (C) 2004  Nominet, Ltd.
-
-Permission to use, copy, modify, and distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND NOMINET DISCLAIMS ALL WARRANTIES WITH
-REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
-INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-PERFORMANCE OF THIS SOFTWARE.
-
- -----------------------------------------------------------------------------
-
-Copyright (c) 1996, David Mazieres <dm@uun.org>
-Copyright (c) 2008, Damien Miller <djm@openbsd.org>
-
-Permission to use, copy, modify, and distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
------------------------------------------------------------------------------
-
-Copyright (c) 1995, 1997, 1998 The NetBSD Foundation, Inc.
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-1. Redistributions of source code must retain the above copyright
-   notice, this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-
-THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
-``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
-TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
-BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGE.
-
------------------------------------------------------------------------------
-
-Copyright (C) 2008-2011  Red Hat, Inc.
-
-Permission to use, copy, modify, and/or distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND Red Hat DISCLAIMS ALL WARRANTIES WITH
-REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-AND FITNESS.  IN NO EVENT SHALL Red Hat BE LIABLE FOR ANY SPECIAL, DIRECT,
-INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-PERFORMANCE OF THIS SOFTWARE.
-
------------------------------------------------------------------------------
-
-Copyright (c) 2013-2014, Farsight Security, Inc.
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-
-1. Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-
-2. Redistributions in binary form must reproduce the above copyright
-notice, this list of conditions and the following disclaimer in the
-documentation and/or other materials provided with the distribution.
-
-3. Neither the name of the copyright holder nor the names of its
-contributors may be used to endorse or promote products derived from
-this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
-TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
-CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
-EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
-OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
-OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
-ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
------------------------------------------------------------------------------
-
-Copyright (c) 2014 by Farsight Security, Inc.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-   http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.

ChangeLog

@@ -1 +0,0 @@
-CHANGES

FAQ

@@ -0,0 +1,798 @@
+Frequently Asked Questions about BIND 9
+
+Copyright © 2004-2008 Internet Systems Consortium, Inc. ("ISC")
+
+Copyright © 2000-2003 Internet Software Consortium.
+
+-----------------------------------------------------------------------
+
+1. Compilation and Installation Questions
+
+Q: I'm trying to compile BIND 9, and "make" is failing due to files not
+   being found. Why?
+
+A: Using a parallel or distributed "make" to build BIND 9 is not
+   supported, and doesn't work. If you are using one of these, use normal
+   make or gmake instead.
+
+Q: Isn't "make install" supposed to generate a default named.conf?
+
+A: Short Answer: No.
+
+   Long Answer: There really isn't a default configuration which fits any
+   site perfectly. There are lots of decisions that need to be made and
+   there is no consensus on what the defaults should be. For example
+   FreeBSD uses /etc/namedb as the location where the configuration files
+   for named are stored. Others use /var/named.
+
+   What addresses to listen on? For a laptop on the move a lot you may
+   only want to listen on the loop back interfaces.
+
+   Who do you offer recursive service to? Is there are firewall to
+   consider? If so is it stateless or stateful. Are you directly on the
+   Internet? Are you on a private network? Are you on a NAT'd network? The
+   answers to all these questions change how you configure even a caching
+   name server.
+
+2. Configuration and Setup Questions
+
+Q: Why does named log the warning message "no TTL specified - using SOA
+   MINTTL instead"?
+
+A: Your zone file is illegal according to RFC1035. It must either have a
+   line like:
+
+   $TTL 86400
+
+   at the beginning, or the first record in it must have a TTL field, like
+   the "84600" in this example:
+
+   example.com. 86400 IN SOA ns hostmaster ( 1 3600 1800 1814400 3600 )
+
+Q: Why do I get errors like "dns_zone_load: zone foo/IN: loading master
+   file bar: ran out of space"?
+
+A: This is often caused by TXT records with missing close quotes. Check
+   that all TXT records containing quoted strings have both open and close
+   quotes.
+
+Q: How do I restrict people from looking up the server version?
+
+A: Put a "version" option containing something other than the real version
+   in the "options" section of named.conf. Note doing this will not
+   prevent attacks and may impede people trying to diagnose problems with
+   your server. Also it is possible to "fingerprint" nameservers to
+   determine their version.
+
+Q: How do I restrict only remote users from looking up the server version?
+
+A: The following view statement will intercept lookups as the internal
+   view that holds the version information will be matched last. The
+   caveats of the previous answer still apply, of course.
+
+   view "chaos" chaos {
+           match-clients { <those to be refused>; };
+           allow-query { none; };
+           zone "." {
+                   type hint;
+                   file "/dev/null";  // or any empty file
+           };
+   };
+
+Q: What do "no source of entropy found" or "could not open entropy source
+   foo" mean?
+
+A: The server requires a source of entropy to perform certain operations,
+   mostly DNSSEC related. These messages indicate that you have no source
+   of entropy. On systems with /dev/random or an equivalent, it is used by
+   default. A source of entropy can also be defined using the
+   random-device option in named.conf.
+
+Q: I'm trying to use TSIG to authenticate dynamic updates or zone
+   transfers. I'm sure I have the keys set up correctly, but the server is
+   rejecting the TSIG. Why?
+
+A: This may be a clock skew problem. Check that the the clocks on the
+   client and server are properly synchronised (e.g., using ntp).
+
+Q: I see a log message like the following. Why?
+
+   couldn't open pid file '/var/run/named.pid': Permission denied
+
+A: You are most likely running named as a non-root user, and that user
+   does not have permission to write in /var/run. The common ways of
+   fixing this are to create a /var/run/named directory owned by the named
+   user and set pid-file to "/var/run/named/named.pid", or set pid-file to
+   "named.pid", which will put the file in the directory specified by the
+   directory option (which, in this case, must be writable by the named
+   user).
+
+Q: I can query the nameserver from the nameserver but not from other
+   machines. Why?
+
+A: This is usually the result of the firewall configuration stopping the
+   queries and / or the replies.
+
+Q: How can I make a server a slave for both an internal and an external
+   view at the same time? When I tried, both views on the slave were
+   transferred from the same view on the master.
+
+A: You will need to give the master and slave multiple IP addresses and
+   use those to make sure you reach the correct view on the other machine.
+
+   Master: 10.0.1.1 (internal), 10.0.1.2 (external, IP alias)
+       internal:
+           match-clients { !10.0.1.2; !10.0.1.4; 10.0.1/24; };
+                   notify-source 10.0.1.1;
+                   transfer-source 10.0.1.1;
+                   query-source address 10.0.1.1;
+       external:
+           match-clients { any; };
+           recursion no;   // don't offer recursion to the world
+           notify-source 10.0.1.2;
+           transfer-source 10.0.1.2;
+           query-source address 10.0.1.2;
+
+   Slave: 10.0.1.3 (internal), 10.0.1.4 (external, IP alias)
+       internal:
+           match-clients { !10.0.1.2; !10.0.1.4; 10.0.1/24; };
+           notify-source 10.0.1.3;
+           transfer-source 10.0.1.3;
+           query-source address 10.0.1.3;
+      external:
+           match-clients { any; };
+           recursion no;   // don't offer recursion to the world
+           notify-source 10.0.1.4;
+           transfer-source 10.0.1.4;
+           query-source address 10.0.1.4;
+
+   You put the external address on the alias so that all the other dns
+   clients on these boxes see the internal view by default.
+
+A: BIND 9.3 and later: Use TSIG to select the appropriate view.
+
+   Master 10.0.1.1:
+           key "external" {
+                   algorithm hmac-md5;
+                   secret "xxxxxxxx";
+           };
+           view "internal" {
+                   match-clients { !key external; 10.0.1/24; };
+                   ...
+           };
+           view "external" {
+                   match-clients { key external; any; };
+                   server 10.0.1.2 { keys external; };
+                   recursion no;
+                   ...
+           };
+
+   Slave 10.0.1.2:
+           key "external" {
+                   algorithm hmac-md5;
+                   secret "xxxxxxxx";
+           };
+           view "internal" {
+                   match-clients { !key external; 10.0.1/24; };
+                   ...
+           };
+           view "external" {
+                   match-clients { key external; any; };
+                   server 10.0.1.1 { keys external; };
+                   recursion no;
+                   ...
+           };
+
+Q: I get error messages like "multiple RRs of singleton type" and "CNAME
+   and other data" when transferring a zone. What does this mean?
+
+A: These indicate a malformed master zone. You can identify the exact
+   records involved by transferring the zone using dig then running
+   named-checkzone on it.
+
+   dig axfr example.com @master-server > tmp
+   named-checkzone example.com tmp
+
+   A CNAME record cannot exist with the same name as another record except
+   for the DNSSEC records which prove its existence (NSEC).
+
+   RFC 1034, Section 3.6.2: "If a CNAME RR is present at a node, no other
+   data should be present; this ensures that the data for a canonical name
+   and its aliases cannot be different. This rule also insures that a
+   cached CNAME can be used without checking with an authoritative server
+   for other RR types."
+
+Q: I get error messages like "named.conf:99: unexpected end of input"
+   where 99 is the last line of named.conf.
+
+A: Some text editors (notepad and wordpad) fail to put a line title
+   indication (e.g. CR/LF) on the last line of a text file. This can be
+   fixed by "adding" a blank line to the end of the file. Named expects to
+   see EOF immediately after EOL and treats text files where this is not
+   met as truncated.
+
+Q: How do I share a dynamic zone between multiple views?
+
+A: You choose one view to be master and the second a slave and transfer
+   the zone between views.
+
+   Master 10.0.1.1:
+           key "external" {
+                   algorithm hmac-md5;
+                   secret "xxxxxxxx";
+           };
+
+           key "mykey" {
+                   algorithm hmac-md5;
+                   secret "yyyyyyyy";
+           };
+
+           view "internal" {
+                   match-clients { !key external; 10.0.1/24; };
+                   server 10.0.1.1 {
+                           /* Deliver notify messages to external view. */
+                           keys { external; };
+                   };
+                   zone "example.com" {
+                           type master;
+                           file "internal/example.db";
+                           allow-update { key mykey; };
+                           notify-also { 10.0.1.1; };
+                   };
+           };
+
+           view "external" {
+                   match-clients { key external; any; };
+                   zone "example.com" {
+                           type slave;
+                           file "external/example.db";
+                           masters { 10.0.1.1; };
+                           transfer-source { 10.0.1.1; };
+                           // allow-update-forwarding { any; };
+                           // allow-notify { ... };
+                   };
+           };
+
+Q: I get a error message like "zone wireless.ietf56.ietf.org/IN: loading
+   master file primaries/wireless.ietf56.ietf.org: no owner".
+
+A: This error is produced when a line in the master file contains leading
+   white space (tab/space) but the is no current record owner name to
+   inherit the name from. Usually this is the result of putting white
+   space before a comment, forgetting the "@" for the SOA record, or
+   indenting the master file.
+
+Q: Why are my logs in GMT (UTC).
+
+A: You are running chrooted (-t) and have not supplied local timezone
+   information in the chroot area.
+
+   FreeBSD: /etc/localtime
+   Solaris: /etc/TIMEZONE and /usr/share/lib/zoneinfo
+   OSF: /etc/zoneinfo/localtime
+
+   See also tzset(3) and zic(8).
+
+Q: I get "rndc: connect failed: connection refused" when I try to run
+   rndc.
+
+A: This is usually a configuration error.
+
+   First ensure that named is running and no errors are being reported at
+   startup (/var/log/messages or equivalent). Running "named -g <usual
+   arguments>" from a title can help at this point.
+
+   Secondly ensure that named is configured to use rndc either by
+   "rndc-confgen -a", rndc-confgen or manually. The Administrators
+   Reference manual has details on how to do this.
+
+   Old versions of rndc-confgen used localhost rather than 127.0.0.1 in /
+   etc/rndc.conf for the default server. Update /etc/rndc.conf if
+   necessary so that the default server listed in /etc/rndc.conf matches
+   the addresses used in named.conf. "localhost" has two address
+   (127.0.0.1 and ::1).
+
+   If you use "rndc-confgen -a" and named is running with -t or -u ensure
+   that /etc/rndc.conf has the correct ownership and that a copy is in the
+   chroot area. You can do this by re-running "rndc-confgen -a" with
+   appropriate -t and -u arguments.
+
+Q: I get "transfer of 'example.net/IN' from 192.168.4.12#53: failed while
+   receiving responses: permission denied" error messages.
+
+A: These indicate a filesystem permission error preventing named creating
+   / renaming the temporary file. These will usually also have other
+   associated error messages like
+
+   "dumping master file: sl/tmp-XXXX5il3sQ: open: permission denied"
+
+   Named needs write permission on the directory containing the file.
+   Named writes the new cache file to a temporary file then renames it to
+   the name specified in named.conf to ensure that the contents are always
+   complete. This is to prevent named loading a partial zone in the event
+   of power failure or similar interrupting the write of the master file.
+
+   Note file names are relative to the directory specified in options and
+   any chroot directory ([<chroot dir>/][<options dir>]).
+
+   If named is invoked as "named -t /chroot/DNS" with the following
+   named.conf then "/chroot/DNS/var/named/sl" needs to be writable by the
+   user named is running as.
+
+   options {
+           directory "/var/named";
+   };
+
+   zone "example.net" {
+           type slave;
+           file "sl/example.net";
+           masters { 192.168.4.12; };
+   };
+
+Q: I want to forward all DNS queries from my caching nameserver to another
+   server. But there are some domains which have to be served locally, via
+   rbldnsd.
+
+   How do I achieve this ?
+
+A: options {
+           forward only;
+           forwarders { <ip.of.primary.nameserver>; };
+   };
+
+   zone "sbl-xbl.spamhaus.org" {
+           type forward; forward only;
+           forwarders { <ip.of.rbldns.server> port 530; };
+   };
+
+   zone "list.dsbl.org" {
+           type forward; forward only;
+           forwarders { <ip.of.rbldns.server> port 530; };
+   };
+
+
+Q: Can you help me understand how BIND 9 uses memory to store DNS zones?
+
+   Some times it seems to take several times the amount of memory it needs
+   to store the zone.
+
+A: When reloading a zone named my have multiple copies of the zone in
+   memory at one time. The zone it is serving and the one it is loading.
+   If reloads are ultra fast it can have more still.
+
+   e.g. Ones that are transferring out, the one that it is serving and the
+   one that is loading.
+
+   BIND 8 destroyed the zone before loading and also killed off outgoing
+   transfers of the zone.
+
+   The new strategy allows slaves to get copies of the new zone regardless
+   of how often the master is loaded compared to the transfer time. The
+   slave might skip some intermediate versions but the transfers will
+   complete and it will keep reasonably in sync with the master.
+
+   The new strategy also allows the master to recover from syntax and
+   other errors in the master file as it still has an in-core copy of the
+   old contents.
+
+3. General Questions
+
+Q: I keep getting log messages like the following. Why?
+
+   Dec 4 23:47:59 client 10.0.0.1#1355: updating zone 'example.com/IN':
+   update failed: 'RRset exists (value dependent)' prerequisite not
+   satisfied (NXRRSET)
+
+A: DNS updates allow the update request to test to see if certain
+   conditions are met prior to proceeding with the update. The message
+   above is saying that conditions were not met and the update is not
+   proceeding. See doc/rfc/rfc2136.txt for more details on prerequisites.
+
+Q: I keep getting log messages like the following. Why?
+
+   Jun 21 12:00:00.000 client 10.0.0.1#1234: update denied
+
+A: Someone is trying to update your DNS data using the RFC2136 Dynamic
+   Update protocol. Windows 2000 machines have a habit of sending dynamic
+   update requests to DNS servers without being specifically configured to
+   do so. If the update requests are coming from a Windows 2000 machine,
+   see http://support.microsoft.com/support/kb/articles/q246/8/04.asp for
+   information about how to turn them off.
+
+Q: When I do a "dig . ns", many of the A records for the root servers are
+   missing. Why?
+
+A: This is normal and harmless. It is a somewhat confusing side effect of
+   the way BIND 9 does RFC2181 trust ranking and of the efforts BIND 9
+   makes to avoid promoting glue into answers.
+
+   When BIND 9 first starts up and primes its cache, it receives the root
+   server addresses as additional data in an authoritative response from a
+   root server, and these records are eligible for inclusion as additional
+   data in responses. Subsequently it receives a subset of the root server
+   addresses as additional data in a non-authoritative (referral) response
+   from a root server. This causes the addresses to now be considered
+   non-authoritative (glue) data, which is not eligible for inclusion in
+   responses.
+
+   The server does have a complete set of root server addresses cached at
+   all times, it just may not include all of them as additional data,
+   depending on whether they were last received as answers or as glue. You
+   can always look up the addresses with explicit queries like "dig
+   a.root-servers.net A".
+
+Q: Why don't my zones reload when I do an "rndc reload" or SIGHUP?
+
+A: A zone can be updated either by editing zone files and reloading the
+   server or by dynamic update, but not both. If you have enabled dynamic
+   update for a zone using the "allow-update" option, you are not supposed
+   to edit the zone file by hand, and the server will not attempt to
+   reload it.
+
+Q: Why is named listening on UDP port other than 53?
+
+A: Named uses a system selected port to make queries of other nameservers.
+   This behaviour can be overridden by using query-source to lock down the
+   port and/or address. See also notify-source and transfer-source.
+
+Q: I get warning messages like "zone example.com/IN: refresh: failure
+   trying master 1.2.3.4#53: timed out".
+
+A: Check that you can make UDP queries from the slave to the master
+
+   dig +norec example.com soa @1.2.3.4
+
+   You could be generating queries faster than the slave can cope with.
+   Lower the serial query rate.
+
+   serial-query-rate 5; // default 20
+
+Q: I don't get RRSIG's returned when I use "dig +dnssec".
+
+A: You need to ensure DNSSEC is enabled (dnssec-enable yes;).
+
+Q: Can a NS record refer to a CNAME.
+
+A: No. The rules for glue (copies of the *address* records in the parent
+   zones) and additional section processing do not allow it to work.
+
+   You would have to add both the CNAME and address records (A/AAAA) as
+   glue to the parent zone and have CNAMEs be followed when doing
+   additional section processing to make it work. No nameserver
+   implementation supports either of these requirements.
+
+Q: What does "RFC 1918 response from Internet for 0.0.0.10.IN-ADDR.ARPA"
+   mean?
+
+A: If the IN-ADDR.ARPA name covered refers to a internal address space you
+   are using then you have failed to follow RFC 1918 usage rules and are
+   leaking queries to the Internet. You should establish your own zones
+   for these addresses to prevent you querying the Internet's name servers
+   for these addresses. Please see http://as112.net/ for details of the
+   problems you are causing and the counter measures that have had to be
+   deployed.
+
+   If you are not using these private addresses then a client has queried
+   for them. You can just ignore the messages, get the offending client to
+   stop sending you these messages as they are most probably leaking them
+   or setup your own zones empty zones to serve answers to these queries.
+
+   zone "10.IN-ADDR.ARPA" {
+           type master;
+           file "empty";
+   };
+
+   zone "16.172.IN-ADDR.ARPA" {
+           type master;
+           file "empty";
+   };
+
+   ...
+
+   zone "31.172.IN-ADDR.ARPA" {
+           type master;
+           file "empty";
+   };
+
+   zone "168.192.IN-ADDR.ARPA" {
+           type master;
+           file "empty";
+   };
+
+   empty:
+   @ 10800 IN SOA <name-of-server>. <contact-email>. (
+                  1 3600 1200 604800 10800 )
+   @ 10800 IN NS <name-of-server>.
+
+   Note
+
+   Future versions of named are likely to do this automatically.
+
+Q: Will named be affected by the 2007 changes to daylight savings rules in
+   the US.
+
+A: No, so long as the machines internal clock (as reported by "date -u")
+   remains at UTC. The only visible change if you fail to upgrade your OS,
+   if you are in a affected area, will be that log messages will be a hour
+   out during the period where the old rules do not match the new rules.
+
+   For most OS's this change just means that you need to update the
+   conversion rules from UTC to local time. Normally this involves
+   updating a file in /etc (which sets the default timezone for the
+   machine) and possibly a directory which has all the conversion rules
+   for the world (e.g. /usr/share/zoneinfo). When updating the OS do not
+   forget to update any chroot areas as well. See your OS's documentation
+   for more details.
+
+   The local timezone conversion rules can also be done on a individual
+   basis by setting the TZ environment variable appropriately. See your
+   OS's documentation for more details.
+
+Q: Is there a bugzilla (or other tool) database that mere mortals can have
+   (read-only) access to for bind?
+
+A: No. The BIND 9 bug database is kept closed for a number of reasons.
+   These include, but are not limited to, that the database contains
+   proprietory information from people reporting bugs. The database has in
+   the past and may in future contain unfixed bugs which are capable of
+   bringing down most of the Internet's DNS infrastructure.
+
+   The release pages for each version contain up to date lists of bugs
+   that have been fixed post release. That is as close as we can get to
+   providing a bug database.
+
+4. Operating-System Specific Questions
+
+4.1. HPUX
+
+Q: I get the following error trying to configure BIND:
+
+   checking if unistd.h or sys/types.h defines fd_set... no
+   configure: error: need either working unistd.h or sys/select.h
+
+A: You have attempted to configure BIND with the bundled C compiler. This
+   compiler does not meet the minimum compiler requirements to for
+   building BIND. You need to install a ANSI C compiler and / or teach
+   configure how to find the ANSI C compiler. The later can be done by
+   adjusting the PATH environment variable and / or specifying the
+   compiler via CC.
+
+   ./configure CC=<compiler> ...
+
+4.2. Linux
+
+Q: Why do I get the following errors:
+
+   general: errno2result.c:109: unexpected error:
+   general: unable to convert errno to isc_result: 14: Bad address
+   client: UDP client handler shutting down due to fatal receive error: unexpected error
+
+A: This is the result of a Linux kernel bug.
+
+   See: http://marc.theaimsgroup.com/?l=linux-netdev&m=113081708031466&w=2
+
+Q: Why do I see 5 (or more) copies of named on Linux?
+
+A: Linux threads each show up as a process under ps. The approximate
+   number of threads running is n+4, where n is the number of CPUs. Note
+   that the amount of memory used is not cumulative; if each process is
+   using 10M of memory, only a total of 10M is used.
+
+   Newer versions of Linux's ps command hide the individual threads and
+   require -L to display them.
+
+Q: Why does BIND 9 log "permission denied" errors accessing its
+   configuration files or zones on my Linux system even though it is
+   running as root?
+
+A: On Linux, BIND 9 drops most of its root privileges on startup. This
+   including the privilege to open files owned by other users. Therefore,
+   if the server is running as root, the configuration files and zone
+   files should also be owned by root.
+
+Q: I get the error message "named: capset failed: Operation not permitted"
+   when starting named.
+
+A: The capability module, part of "Linux Security Modules/LSM", has not
+   been loaded into the kernel. See insmod(8), modprobe(8).
+
+   The relevant modules can be loaded by running:
+
+   modprobe commoncap
+   modprobe capability
+
+Q: I'm running BIND on Red Hat Enterprise Linux or Fedora Core -
+
+   Why can't named update slave zone database files?
+
+   Why can't named create DDNS journal files or update the master zones
+   from journals?
+
+   Why can't named create custom log files?
+
+A: Red Hat Security Enhanced Linux (SELinux) policy security protections :
+
+   Red Hat have adopted the National Security Agency's SELinux security
+   policy ( see http://www.nsa.gov/selinux ) and recommendations for BIND
+   security , which are more secure than running named in a chroot and
+   make use of the bind-chroot environment unnecessary .
+
+   By default, named is not allowed by the SELinux policy to write, create
+   or delete any files EXCEPT in these directories:
+
+   $ROOTDIR/var/named/slaves
+   $ROOTDIR/var/named/data
+   $ROOTDIR/var/tmp
+
+
+   where $ROOTDIR may be set in /etc/sysconfig/named if bind-chroot is
+   installed.
+
+   The SELinux policy particularly does NOT allow named to modify the
+   $ROOTDIR/var/named directory, the default location for master zone
+   database files.
+
+   SELinux policy overrules file access permissions - so even if all the
+   files under /var/named have ownership named:named and mode rw-rw-r--,
+   named will still not be able to write or create files except in the
+   directories above, with SELinux in Enforcing mode.
+
+   So, to allow named to update slave or DDNS zone files, it is best to
+   locate them in $ROOTDIR/var/named/slaves, with named.conf zone
+   statements such as:
+
+   zone "slave.zone." IN {
+           type slave;
+           file "slaves/slave.zone.db";
+           ...
+   };
+   zone "ddns.zone." IN  {
+           type master;
+           allow-updates {...};
+           file "slaves/ddns.zone.db";
+   };
+
+
+   To allow named to create its cache dump and statistics files, for
+   example, you could use named.conf options statements such as:
+
+   options {
+           ...
+           dump-file "/var/named/data/cache_dump.db";
+           statistics-file "/var/named/data/named_stats.txt";
+           ...
+   };
+
+
+   You can also tell SELinux to allow named to update any zone database
+   files, by setting the SELinux tunable boolean parameter
+   'named_write_master_zones=1', using the system-config-securitylevel
+   GUI, using the 'setsebool' command, or in /etc/selinux/targeted/
+   booleans.
+
+   You can disable SELinux protection for named entirely by setting the
+   'named_disable_trans=1' SELinux tunable boolean parameter.
+
+   The SELinux named policy defines these SELinux contexts for named:
+
+   named_zone_t : for zone database files       - $ROOTDIR/var/named/*
+   named_conf_t : for named configuration files - $ROOTDIR/etc/{named,rndc}.*
+   named_cache_t: for files modifiable by named - $ROOTDIR/var/{tmp,named/{slaves,data}}
+
+
+   If you want to retain use of the SELinux policy for named, and put
+   named files in different locations, you can do so by changing the
+   context of the custom file locations .
+
+   To create a custom configuration file location, e.g. '/root/
+   named.conf', to use with the 'named -c' option, do:
+
+   # chcon system_u:object_r:named_conf_t /root/named.conf
+
+
+   To create a custom modifiable named data location, e.g. '/var/log/
+   named' for a log file, do:
+
+   # chcon system_u:object_r:named_cache_t /var/log/named
+
+
+   To create a custom zone file location, e.g. /root/zones/, do:
+
+   # chcon system_u:object_r:named_zone_t /root/zones/{.,*}
+
+
+   See these man-pages for more information : selinux(8), named_selinux
+   (8), chcon(1), setsebool(8)
+
+Q: Listening on individual IPv6 interfaces does not work.
+
+A: This is usually due to "/proc/net/if_inet6" not being available in the
+   chroot file system. Mount another instance of "proc" in the chroot file
+   system.
+
+   This can be be made permanent by adding a second instance to /etc/
+   fstab.
+
+   proc /proc           proc defaults 0 0
+   proc /var/named/proc proc defaults 0 0
+
+4.3. Windows
+
+Q: Zone transfers from my BIND 9 master to my Windows 2000 slave fail.
+   Why?
+
+A: This may be caused by a bug in the Windows 2000 DNS server where DNS
+   messages larger than 16K are not handled properly. This can be worked
+   around by setting the option "transfer-format one-answer;". Also check
+   whether your zone contains domain names with embedded spaces or other
+   special characters, like "John\032Doe\213s\032Computer", since such
+   names have been known to cause Windows 2000 slaves to incorrectly
+   reject the zone.
+
+Q: I get "Error 1067" when starting named under Windows.
+
+A: This is the service manager saying that named exited. You need to
+   examine the Application log in the EventViewer to find out why.
+
+   Common causes are that you failed to create "named.conf" (usually "C:\
+   windows\dns\etc\named.conf") or failed to specify the directory in
+   named.conf.
+
+   options {
+           Directory "C:\windows\dns\etc";
+   };
+
+4.4. FreeBSD
+
+Q: I have FreeBSD 4.x and "rndc-confgen -a" just sits there.
+
+A: /dev/random is not configured. Use rndcontrol(8) to tell the kernel to
+   use certain interrupts as a source of random events. You can make this
+   permanent by setting rand_irqs in /etc/rc.conf.
+
+   /etc/rc.conf
+   rand_irqs="3 14 15"
+
+   See also http://people.freebsd.org/~dougb/randomness.html
+
+4.5. Solaris
+
+Q: How do I integrate BIND 9 and Solaris SMF
+
+A: Sun has a blog entry describing how to do this.
+
+   http://blogs.sun.com/roller/page/anay/Weblog?catname=%2FSolaris
+
+4.6. Apple Mac OS X
+
+Q: How do I run BIND 9 on Apple Mac OS X?
+
+A: If you run Tiger(Mac OS 10.4) or later then this is all you need to do:
+
+   % sudo rndc-confgen  > /etc/rndc.conf
+
+   Copy the key statement from /etc/rndc.conf into /etc/rndc.key, e.g.:
+
+   key "rndc-key" {
+           algorithm hmac-md5;
+           secret "uvceheVuqf17ZwIcTydddw==";
+   };
+
+   Then start the relevant service:
+
+   % sudo service org.isc.named start
+
+   This is persistent upon a reboot, so you will have to do it only once.
+
+A: Alternatively you can just generate /etc/rndc.key by running:
+
+   % sudo rndc-confgen -a
+
+   Then start the relevant service:
+
+   % sudo service org.isc.named start
+
+   Named will look for /etc/rndc.key when it starts if it doesn't have a
+   controls section or the existing controls are missing keys sub-clauses.
+   This is persistent upon a reboot, so you will have to do it only once.
+

HISTORY.md

@@ -1,632 +0,0 @@
-<!--
- - Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- -
- - This Source Code Form is subject to the terms of the Mozilla Public
- - License, v. 2.0. If a copy of the MPL was not distributed with this
- - file, You can obtain one at http://mozilla.org/MPL/2.0/.
- -
- - See the COPYRIGHT file distributed with this work for additional
- - information regarding copyright ownership.
--->
-### Functional enhancements from prior major releases of BIND 9
-
-#### BIND 9.16
-
-BIND 9.16 (a stable branch based on the 9.15 development branch)
-includes a number of changes from BIND 9.14 and earlier releases.
-New features include:
-
-* New `dnssec-policy` statement to configure a key and signing policy
-  for zones, enabling automatic key regeneration and rollover.
-* New network manager based on `libuv`.
-* Added support for the new GeoIP2 geolocation API, `libmaxminddb`.
-* Improved DNSSEC trust anchor configuration using the `trust-anchors`
-  statement, permitting configuration of trust anchors in DS as well as
-  DNSKEY format.
-* YAML output for `dig`, `mdig`, and `delv`.
-
-#### BIND 9.14
-
-BIND 9.14 (a stable branch based on the 9.13 development branch)
-includes a number of changes from BIND 9.12 and earlier releases.
-New features include:
-
-* A new "plugin" mechanism has been added to allow query functionality
-  to be extended using dynamically loadable libraries. The "filter-aaaa"
-  feature has been removed from named and is now implemented as a plugin.
-* Socket and task code has been refactored to improve performance.
-* QNAME minimization, as described in RFC 7816, is now supported.
-* "Root key sentinel" support, enabling validating resolvers to indicate
-  via a special query which trust anchors are configured for the root zone.
-* Secondary zones can now be configured as "mirror" zones; their contents
-  are transferred in as with traditional slave zones, but are subject to
-  DNSSEC validation and are not treated as authoritative data when
-  answering. This makes it easier to configure a local copy of the root
-  zone as described in RFC 7706.
-* The "validate-except" option allows configuration of domains below which
-  DNSSEC validation should not be performed.
-* The default value of "dnssec-validation" is now "auto".
-* IDNA2008 is now supported when linking with `libidn2`.
-* "named -V" now outputs the default paths for files used by named
-  and other tools.
-
-In addition, workarounds that were formerly in place to enable resolution
-of domains whose authoritative servers did not respond to EDNS queries
-have been removed. See [https://dnsflagday.net](https://dnsflagday.net)
-for more details.
-
-Cryptographic support has been modernized. BIND now uses the
-best available pseudo-random number generator for the platform on which
-it's built. Very old versions of OpenSSL are no longer supported.
-Cryptography is now mandatory: building BIND without DNSSEC is no
-longer supported.
-
-Special code to support certain legacy operating systems has also
-been removed; see the file [PLATFORMS.md](PLATFORMS.md) for details
-of supported platforms. In addition to OpenSSL, BIND now requires
-support for IPv6, threads, and standard atomic operations provided
-by the C compiler.
-
-#### BIND 9.12
-
-BIND 9.12 includes a number of changes from BIND 9.11 and earlier releases.
-New features include:
-
-* `named` and related libraries have been substantially refactored for
-  improved query performance -- particularly on delegation heavy zones --
-  and for improved readability, maintainability, and testability.
-* Code implementing the name server query processing logic has been moved
-  into a new `libns` library, for easier testing and use in tools other
-  than `named`.
-* Cached, validated NSEC and other records can now be used to synthesize
-  NXDOMAIN responses.
-* The DNS Response Policy Service API (DNSRPS) is now supported.
-* Setting `'max-journal-size default'` now limits the size of journal files
-  to twice the size of the zone.
-* `dnstap-read -x` prints a hex dump of the wire format of each logged
-  DNS message.
-* `dnstap` output files can now be configured to roll automatically when
-  reaching a given size.
-* Log file timestamps can now also be formatted in ISO 8601 (local) or ISO
-  8601 (UTC) formats.
-* Logging channels and `dnstap` output files can now be configured to use a
-  timestamp as the suffix when rolling to a new file.
-* `'named-checkconf -l'` lists zones found in `named.conf`.
-* Added support for the EDNS Padding and Keepalive options.
-* 'new-zones-directory' option sets the location where the configuration
-  data for zones added by rndc addzone is stored.
-* The default key algorithm in `rndc-confgen` is now hmac-sha256.
-* `filter-aaaa-on-v4` and `filter-aaaa-on-v6` options are now available
-  by default without a configure option.
-* The obsolete `isc-hmac-fixup` command has been removed.
-
-#### BIND 9.11
-
-BIND 9.11.0 includes a number of changes from BIND 9.10 and earlier
-releases.  New features include:
-
-- Added support for Catalog Zones, a new method for provisioning servers: a
-  list of zones to be served is stored in a DNS zone, along with their
-  configuration parameters. Changes to the catalog zone are propagated to
-  slaves via normal AXFR/IXFR, whereupon the zones that are listed in it
-  are automatically added, deleted or reconfigured.
-- Added support for "dnstap", a fast and flexible method of capturing and
-  logging DNS traffic.
-- Added support for "dyndb", a new API for loading zone data from an
-  external database, developed by Red Hat for the FreeIPA project.
-- "fetchlimit" quotas are now compiled in by default.  These are for the
-  use of recursive resolvers that are are under high query load for domains
-  whose authoritative servers are nonresponsive or are experiencing a
-  denial of service attack:
-    - "fetches-per-server" limits the number of simultaneous queries that
-      can be sent to any single authoritative server.  The configured value
-      is a starting point; it is automatically adjusted downward if the
-      server is partially or completely non-responsive. The algorithm used
-      to adjust the quota can be configured via the "fetch-quota-params"
-      option.
-    - "fetches-per-zone" limits the number of simultaneous queries that can
-      be sent for names within a single domain.  (Note: Unlike
-      "fetches-per-server", this value is not self-tuning.)
-    - New stats counters have been added to count queries spilled due to
-      these quotas.
-- Added a new "dnssec-keymgr" key mainenance utility, which can generate or
-  update keys as needed to ensure that a zone's keys match a defined DNSSEC
-  policy.
-- The experimental "SIT" feature in BIND 9.10 has been renamed "COOKIE" and
-  is no longer optional. EDNS COOKIE is a mechanism enabling clients to
-  detect off-path spoofed responses, and servers to detect spoofed-source
-  queries.  Clients that identify themselves using COOKIE options are not
-  subject to response rate limiting (RRL) and can receive larger UDP
-  responses.
-- SERVFAIL responses can now be cached for a limited time (defaulting to 1
-  second, with an upper limit of 30).  This can reduce the frequency of
-  retries when a query is persistently failing.
-- Added an "nsip-wait-recurse" switch to RPZ. This causes NSIP rules to be
-  skipped if a name server IP address isn't in the cache yet; the address
-  will be looked up and the rule will be applied on future queries.
-- Added a Python RNDC module. This allows multiple commands to sent over a
-  persistent RNDC channel, which saves time.
-- The "controls" block in named.conf can now grant read-only "rndc" access
-  to specified clients or keys. Read-only clients could, for example, check
-  "rndc status" but could not reconfigure or shut down the server.
-- "rndc" commands can now return arbitrarily large amounts of text to the
-  caller.
-- The zone serial number of a dynamically updatable zone can now be set via
-  "rndc signing -serial <number> <zonename>".  This allows inline-signing
-  zones to be set to a specific serial number.
-- The new "rndc nta" command can be used to set a Negative Trust Anchor
-  (NTA), disabling DNSSEC validation for a specific domain; this can be
-  used when responses from a domain are known to be failing validation due
-  to administrative error rather than because of a spoofing attack.
-  Negative trust anchors are strictly temporary; by default they expire
-  after one hour, but can be configured to last up to one week.
-- "rndc delzone" can now be used on zones that were not originally created
-  by "rndc addzone".
-- "rndc modzone" reconfigures a single zone, without requiring the entire
-  server to be reconfigured.
-- "rndc showzone" displays the current configuration of a zone.
-- "rndc managed-keys" can be used to check the status of RFC 5011 managed
-  trust anchors, or to force trust anchors to be refreshed.
-- "max-cache-size" can now be set to a percentage of available memory. The
-  default is 90%.
-- Update forwarding performance has been improved by allowing a single TCP
-  connection to be shared by multiple updates.
-- The EDNS Client Subnet (ECS) option is now supported for authoritative
-  servers; if a query contains an ECS option then ACLs containing "geoip"
-  or "ecs" elements can match against the the address encoded in the
-  option.  This can be used to select a view for a query, so that different
-  answers can be provided depending on the client network.
-- The EDNS EXPIRE option has been implemented on the client side, allowing
-  a slave server to set the expiration timer correctly when transferring
-  zone data from another slave server.
-- The key generation and manipulation tools (dnssec-keygen, dnssec-settime,
-  dnssec-importkey, dnssec-keyfromlabel) now take "-Psync" and "-Dsync"
-  options to set the publication and deletion times of CDS and CDNSKEY
-  parent-synchronization records.  Both named and dnssec-signzone can now
-  publish and remove these records at the scheduled times.
-- A new "minimal-any" option reduces the size of UDP responses for query
-  type ANY by returning a single arbitrarily selected RRset instead of all
-  RRsets.
-- A new "masterfile-style" zone option controls the formatting of text zone
-  files:  When set to "full", a zone file is dumped in
-  single-line-per-record format.
-- "serial-update-method" can now be set to "date". On update, the serial
-  number will be set to the current date in YYYYMMDDNN format.
-- "dnssec-signzone -N date" sets the serial number to YYYYMMDDNN.
-- "named -L <filename>" causes named to send log messages to the specified
-  file by default instead of to the system log.
-- "dig +ttlunits" prints TTL values with time-unit suffixes: w, d, h, m, s
-  for weeks, days, hours, minutes, and seconds.
-- "dig +unknownformat" prints dig output in RFC 3597 "unknown record"
-  presentation format.
-- "dig +ednsopt" allows dig to set arbitrary EDNS options on requests.
-- "dig +ednsflags" allows dig to set yet-to-be-defined EDNS flags on
-  requests.
-- "mdig" is an alternate version of dig which sends multiple pipelined TCP
-  queries to a server.  Instead of waiting for a response after sending a
-  query, it sends all queries immediately and displays responses in the
-  order received.
-- "serial-query-rate" no longer controls NOTIFY messages.  These are
-  separately controlled by "notify-rate" and "startup-notify-rate".
-- "nsupdate" now performs "check-names" processing by default on records to
-  be added.  This can be disabled with "check-names no".
-- The statistics channel now supports DEFLATE compression, reducing the
-  size of the data sent over the network when querying statistics.
-- New counters have been added to the statistics channel to track the sizes
-  of incoming queries and outgoing responses in histogram buckets, as
-  specified in RSSAC002.
-- A new NXDOMAIN redirect method (option "nxdomain-redirect") has been
-  added, allowing redirection to a specified DNS namespace instead of a
-  single redirect zone.
-- When starting up, named now ensures that no other named process is
-  already running.
-- Files created by named to store information, including "mkeys" and "nzf"
-  files, are now named after their corresponding views unless the view name
-  contains characters incompatible with use as a filename. Old style
-  filenames (based on the hash of the view name) will still work.
-
-#### BIND 9.10.0
-
-BIND 9.10.0 includes a number of changes from BIND 9.9 and earlier
-releases.  New features include:
-
- - DNS Response-rate limiting (DNS RRL), which blunts the
-   impact of reflection and amplification attacks, is always
-   compiled in and no longer requires a compile-time option
-   to enable it.
- - An experimental "Source Identity Token" (SIT) EDNS option
-   is now available.  Similar to DNS Cookies as invented by
-   Donald Eastlake 3rd, these are designed to enable clients
-   to detect off-path spoofed responses, and to enable servers
-   to detect spoofed-source queries.  Servers can be configured
-   to send smaller responses to clients that have not identified
-   themselves using a SIT option, reducing the effectiveness of
-   amplification attacks.  RRL processing has also been updated;
-   clients proven to be legitimate via SIT are not subject to
-   rate limiting.  Use "configure --enable-sit" to enable this
-   feature in BIND.
- - A new zone file format, "map", stores zone data in a
-   format that can be mapped directly into memory, allowing
-   significantly faster zone loading.
- - "delv" (domain entity lookup and validation) is a new tool
-   with dig-like semantics for looking up DNS data and performing
-   internal DNSSEC validation.  This allows easy validation in
-   environments where the resolver may not be trustworthy, and
-   assists with troubleshooting of DNSSEC problems. (NOTE:
-   In previous development releases of BIND 9.10, this utility
-   was called "delve". The spelling has been changed to avoid
-   confusion with the "delve" utility included with the Xapian
-   search engine.)
- - Improved EDNS(0) processing for better resolver performance
-   and reliability over slow or lossy connections.
- - A new "configure --with-tuning=large" option tunes certain
-   compiled-in constants and default settings to values better
-   suited to large servers with abundant memory.  This can
-   improve performance on such servers, but will consume more
-   memory and may degrade performance on smaller systems.
- - Substantial improvement in response-policy zone (RPZ)
-   performance.  Up to 32 response-policy zones can be
-   configured with minimal performance loss.
- - To improve recursive resolver performance, cache records
-   which are still being requested by clients can now be
-   automatically refreshed from the authoritative server
-   before they expire, reducing or eliminating the time
-   window in which no answer is available in the cache.
- - New "rpz-client-ip" triggers and drop policies allowing
-   response policies based on the IP address of the client.
- - ACLs can now be specified based on geographic location
-   using the MaxMind GeoIP databases.  Use "configure
-   --with-geoip" to enable.
- - Zone data can now be shared between views, allowing
-   multiple views to serve the same zones authoritatively
-   without storing multiple copies in memory.
- - New XML schema (version 3) for the statistics channel
-   includes many new statistics and uses a flattened XML tree
-   for faster parsing. The older schema is now deprecated.
- - A new stylesheet, based on the Google Charts API, displays
-   XML statistics in charts and graphs on javascript-enabled
-   browsers.
- - The statistics channel can now provide data in JSON
-   format as well as XML.
- - New stats counters track TCP and UDP queries received
-   per zone, and EDNS options received in total.
- - The internal and export versions of the BIND libraries
-   (libisc, libdns, etc) have been unified so that external
-   library clients can use the same libraries as BIND itself.
- - A new compile-time option, "configure --enable-native-pkcs11",
-   allows BIND 9 cryptography functions to use the PKCS#11 API
-   natively, so that BIND can drive a cryptographic hardware
-   service module (HSM) directly instead of using a modified
-   OpenSSL as an intermediary. (Note: This feature requires an
-   HSM to have a full implementation of the PKCS#11 API; many
-   current HSMs only have partial implementations. The new
-   "pkcs11-tokens" command can be used to check API completeness.
-   Native PKCS#11 is known to work with the Thales nShield HSM
-   and with SoftHSM version 2 from the Open DNSSEC project.)
- - The new "max-zone-ttl" option enforces maximum TTLs for
-   zones. This can simplify the process of rolling DNSSEC keys
-   by guaranteeing that cached signatures will have expired
-   within the specified amount of time.
- - "dig +subnet" sends an EDNS CLIENT-SUBNET option when
-   querying.
- - "dig +expire" sends an EDNS EXPIRE option when querying.
-   When this option is sent with an SOA query to a server
-   that supports it, it will report the expiry time of
-   a slave zone.
- - New "dnssec-coverage" tool to check DNSSEC key coverage
-   for a zone and report if a lapse in signing coverage has
-   been inadvertently scheduled.
- - Signing algorithm flexibility and other improvements
-   for the "rndc" control channel.
- - "named-checkzone" and "named-compilezone" can now read
-   journal files, allowing them to process dynamic zones.
- - Multiple DLZ databases can now be configured.  Individual
-   zones can be configured to be served from a specific DLZ
-   database.  DLZ databases now serve zones of type "master"
-   and "redirect".
- - "rndc zonestatus" reports information about a specified zone.
- - "named" now listens on IPv6 as well as IPv4 interfaces
-   by default.
- - "named" now preserves the capitalization of names
-   when responding to queries: for instance, a query for
-   "example.com" may be answered with "example.COM" if the
-   name was configured that way in the zone file.  Some
-   clients have a bug causing them to depend on the older
-   behavior, in which the case of the answer always matched
-   the case of the query, rather than the case of the name
-   configured in the DNS.  Such clients can now be specified
-   in the new "no-case-compress" ACL; this will restore the
-   older behavior of "named" for those clients only.
- - new "dnssec-importkey" command allows the use of offline
-   DNSSEC keys with automatic DNSKEY management.
- - New "named-rrchecker" tool to verify the syntactic
-   correctness of individual resource records.
- - When re-signing a zone, the new "dnssec-signzone -Q" option
-   drops signatures from keys that are still published but are
-   no longer active.
- - "named-checkconf -px" will print the contents of configuration
-   files with the shared secrets obscured, making it easier to
-   share configuration (e.g. when submitting a bug report)
-   without revealing private information.
- - "rndc scan" causes named to re-scan network interfaces for
-   changes in local addresses.
- - On operating systems with support for routing sockets,
-   network interfaces are re-scanned automatically whenever
-   they change.
- - "tsig-keygen" is now available as an alternate command
-   name to use for "ddns-confgen".
-
-#### BIND 9.9.0
-
-BIND 9.9.0 includes a number of changes from BIND 9.8 and earlier
-releases.  New features include:
-
-- Inline signing, allowing automatic DNSSEC signing of
-  master zones without modification of the zonefile, or
-  "bump in the wire" signing in slaves.
-- NXDOMAIN redirection.
-- New 'rndc flushtree' command clears all data under a given
-  name from the DNS cache.
-- New 'rndc sync' command dumps pending changes in a dynamic
-  zone to disk without a freeze/thaw cycle.
-- New 'rndc signing' command displays or clears signing status
-  records in 'auto-dnssec' zones.
-- NSEC3 parameters for 'auto-dnssec' zones can now be set prior
-  to signing, eliminating the need to initially sign with NSEC.
-- Startup time improvements on large authoritative servers.
-- Slave zones are now saved in raw format by default.
-- Several improvements to response policy zones (RPZ).
-- Improved hardware scalability by using multiple threads
-  to listen for queries and using finer-grained client locking
-- The 'also-notify' option now takes the same syntax as
-  'masters', so it can used named masterlists and TSIG keys.
-- 'dnssec-signzone -D' writes an output file containing only DNSSEC
-  data, which can be included by the primary zone file.
-- 'dnssec-signzone -R' forces removal of signatures that are
-  not expired but were created by a key which no longer exists.
-- 'dnssec-signzone -X' allows a separate expiration date to
-  be specified for DNSKEY signatures from other signatures.
-- New '-L' option to dnssec-keygen, dnssec-settime, and
-  dnssec-keyfromlabel sets the default TTL for the key.
-- dnssec-dsfromkey now supports reading from standard input,
-  to make it easier to convert DNSKEY to DS.
-- RFC 1918 reverse zones have been added to the empty-zones
-  table per RFC 6303.
-- Dynamic updates can now optionally set the zone's SOA serial
-  number to the current UNIX time.
-- DLZ modules can now retrieve the source IP address of
-  the querying client.
-- 'request-ixfr' option can now be set at the per-zone level.
-- 'dig +rrcomments' turns on comments about DNSKEY records,
-  indicating their key ID, algorithm and function
-- Simplified nsupdate syntax and added readline support
-
-#### BIND 9.8.0
-
-BIND 9.8.0 includes a number of changes from BIND 9.7 and earlier
-releases.  New features include:
-
-- Built-in trust anchor for the root zone, which can be
-  switched on via "dnssec-validation auto;"
-- Support for DNS64.
-- Support for response policy zones (RPZ).
-- Support for writable DLZ zones.
-- Improved ease of configuration of GSS/TSIG for
-  interoperability with Active Directory
-- Support for GOST signing algorithm for DNSSEC.
-- Removed RTT Banding from server selection algorithm.
-- New "static-stub" zone type.
-- Allow configuration of resolver timeouts via
-  "resolver-query-timeout" option.
-- The DLZ "dlopen" driver is now built by default.
-- Added a new include file with function typedefs
-  for the DLZ "dlopen" driver.
-- Made "--with-gssapi" default.
-- More verbose error reporting from DLZ LDAP.
-
-#### BIND 9.7.0
-
-BIND 9.7.0 includes a number of changes from BIND 9.6 and earlier
-releases.  Most are intended to simplify DNSSEC configuration.
-New features include:
-
-- Fully automatic signing of zones by "named".
-- Simplified configuration of DNSSEC Lookaside Validation (DLV).
-- Simplified configuration of Dynamic DNS, using the "ddns-confgen"
-  command line tool or the "local" update-policy option.  (As a side
-  effect, this also makes it easier to configure automatic zone
-  re-signing.)
-- New named option "attach-cache" that allows multiple views to
-  share a single cache.
-- DNS rebinding attack prevention.
-- New default values for dnssec-keygen parameters.
-- Support for RFC 5011 automated trust anchor maintenance
-- Smart signing: simplified tools for zone signing and key
-  maintenance.
-- The "statistics-channels" option is now available on Windows.
-- A new DNSSEC-aware libdns API for use by non-BIND9 applications
-- On some platforms, named and other binaries can now print out
-  a stack backtrace on assertion failure, to aid in debugging.
-- A "tools only" installation mode on Windows, which only installs
-  dig, host, nslookup and nsupdate.
-- Improved PKCS#11 support, including Keyper support and explicit
-  OpenSSL engine selection.
-
-#### BIND 9.6.0
-
-- Full NSEC3 support
-- Automatic zone re-signing
-- New update-policy methods tcp-self and 6to4-self
-- The BIND 8 resolver library, libbind, has been removed from the BIND 9
-  distribution and is now available as a separate download.
-- Change the default pid file location from /var/run to
-  /var/run/{named,lwresd} for improved chroot/setuid support.
-
-#### BIND 9.5.0
-
-- GSS-TSIG support (RFC 3645).
-- DHCID support.
-- Experimental http server and statistics support for named via xml.
-- More detailed statistics counters including those supported in BIND 8.
-- Faster ACL processing.
-- Use Doxygen to generate internal documentation.
-- Efficient LRU cache-cleaning mechanism.
-- NSID support.
-
-BIND 9.4.0
-
-- Implemented "additional section caching (or acache)", an internal cache
-  framework for additional section content to improve response performance.
-  Several configuration options were provided to control the behavior.
-- New notify type 'master-only'.  Enable notify for master zones only.
-- Accept 'notify-source' style syntax for query-source.
-- rndc now allows addresses to be set in the server clauses.
-- New option "allow-query-cache".  This lets "allow-query" be used to
-  specify the default zone access level rather than having to have every
-  zone override the global value.  "allow-query-cache" can be set at both
-  the options and view levels.  If "allow-query-cache" is not set then
-  "allow-recursion" is used if set, otherwise "allow-query" is used if set
-  unless "recursion no;" is set in which case "none;" is used, otherwise
-  the default (localhost; localnets;) is used.
-- rndc: the source address can now be specified.
-- ixfr-from-differences now takes master and slave in addition to yes and
-  no at the options and view levels.
-- Allow the journal's name to be changed via named.conf.
-- 'rndc notify zone [class [view]]' resend the NOTIFY messages for the
-  specified zone.
-- 'dig +trace' now randomly selects the next servers to try.  Report if
-  there is a bad delegation.
-- Improve check-names error messages.
-- Make public the function to read a key file, dst_key_read_public().
-- dig now returns the byte count for axfr/ixfr.
-- allow-update is now settable at the options / view level.
-- named-checkconf now checks the logging configuration.
-- host now can turn on memory debugging flags with '-m'.
-- Don't send notify messages to self.
-- Perform sanity checks on NS records which refer to 'in zone' names.
-- New zone option "notify-delay".  Specify a minimum delay between sets of
-  NOTIFY messages.
-- Extend adjusting TTL warning messages.
-- Named and named-checkzone can now both check for non-terminal wildcard
-  records.
-- "rndc freeze/thaw" now freezes/thaws all zones.
-- named-checkconf now check acls to verify that they only refer to existing
-  acls.
-- The server syntax has been extended to support a range of servers.
-- Report differences between hints and real NS rrset and associated address
-  records.
-- Preserve the case of domain names in rdata during zone transfers.
-- Restructured the data locking framework using architecture dependent
-  atomic operations (when available), improving response performance on
-  multi-processor machines significantly.  x86, x86_64, alpha, powerpc, and
-  mips are currently supported.
-- UNIX domain controls are now supported.
-- Add support for additional zone file formats for improving loading
-  performance.  The masterfile-format option in named.conf can be used to
-  specify a non-default format.  A separate command named-compilezone was
-  provided to generate zone files in the new format.  Additionally, the -I
-  and -O options for dnssec-signzone specify the input and output formats.
-- dnssec-signzone can now randomize signature end times (dnssec-signzone -j
-  jitter).
-- Add support for CH A record.
-- Add additional zone data constancy checks.  named-checkzone has extended
-  checking of NS, MX and SRV record and the hosts they reference.  named
-  has extended post zone load checks.  New zone options: check-mx and
-  integrity-check.
-- edns-udp-size can now be overridden on a per server basis.
-- dig can now specify the EDNS version when making a query.
-- Added framework for handling multiple EDNS versions.
-- Additional memory debugging support to track size and mctx arguments.
-- Detect duplicates of UDP queries we are recursing on and drop them.  New
-  stats category "duplicates".
-- "USE INTERNAL MALLOC" is now runtime selectable.
-- The lame cache is now done on a <qname,qclass,qtype> basis as some
-  servers only appear to be lame for certain query types.
-- Limit the number of recursive clients that can be waiting for a single
-  query (<qname,qtype,qclass>) to resolve.  New options clients-per-query
-  and max-clients-per-query.
-- dig: report the number of extra bytes still left in the packet after
-  processing all the records.
-- Support for IPSECKEY rdata type.
-- Raise the UDP receive buffer size to 32k if it is less than 32k.
-- x86 and x86_64 now have separate atomic locking implementations.
-- named-checkconf now validates update-policy entries.
-- Attempt to make the amount of work performed in a iteration self tuning.
-  The covers nodes clean from the cache per iteration, nodes written to
-  disk when rewriting a master file and nodes destroyed per iteration when
-  destroying a zone or a cache.
-- ISC string copy API.
-- Automatic empty zone creation for D.F.IP6.ARPA and friends.  Note: RFC
-  1918 zones are not yet covered by this but are likely to be in a future
-  release.
-- New options: empty-server, empty-contact, empty-zones-enable and
-  disable-empty-zone.
-- dig now has a '-q queryname' and '+showsearch' options.
-- host/nslookup now continue (default)/fail on SERVFAIL.
-- dig now warns if 'RA' is not set in the answer when 'RD' was set in the
-  query.  host/nslookup skip servers that fail to set 'RA' when 'RD' is set
-  unless a server is explicitly set.
-- Integrate contributed DLZ code into named.
-- Integrate contributed IDN code from JPNIC.
-- libbind: corresponds to that from BIND 8.4.7.
-
-#### BIND 9.3.0
-
-- DNSSEC is now DS based (RFC 3658).
-- DNSSEC lookaside validation.
-- check-names is now implemented.
-- rrset-order is more complete.
-- IPv4/IPv6 transition support, dual-stack-servers.
-- IXFR deltas can now be generated when loading master files,
-  ixfr-from-differences.
-- It is now possible to specify the size of a journal, max-journal-size.
-- It is now possible to define a named set of master servers to be used in
-  masters clause, masters.
-- The advertised EDNS UDP size can now be set, edns-udp-size.
-- allow-v6-synthesis has been obsoleted.
-- Zones containing MD and MF will now be rejected.
-- dig, nslookup name. now report "Not Implemented" as NOTIMP rather than
-  NOTIMPL.  This will have impact on scripts that are looking for NOTIMPL.
-- libbind: corresponds to that from BIND 8.4.5.
-
-#### BIND 9.2.0
-
-- The size of the cache can now be limited using the "max-cache-size"
-  option.
-- The server can now automatically convert RFC1886-style recursive lookup
-  requests into RFC2874-style lookups, when enabled using the new option
-  "allow-v6-synthesis".  This allows stub resolvers that support AAAA
-  records but not A6 record chains or binary labels to perform lookups in
-  domains that make use of these IPv6 DNS features.
-- Performance has been improved.
-- The man pages now use the more portable "man" macros rather than the
-  "mandoc" macros, and are installed by "make install".
-- The named.conf parser has been completely rewritten.  It now supports
-  "include" directives in more places such as inside "view" statements, and
-  it no longer has any reserved words.
-- The "rndc status" command is now implemented.
-- rndc can now be configured automatically.
-- A BIND 8 compatible stub resolver library is now included in lib/bind.
-- OpenSSL has been removed from the distribution.  This means that to use
-  DNSSEC, OpenSSL must be installed and the --with-openssl option must be
-  supplied to configure.  This does not apply to the use of TSIG, which
-  does not require OpenSSL.
-- The source distribution now builds on Windows.  See
-  win32utils/readme1.txt and win32utils/win32-build.txt for details.
-- This distribution also includes a new lightweight stub resolver library
-  and associated resolver daemon that fully support forward and reverse
-  lookups of both IPv4 and IPv6 addresses.  This library is considered
-  experimental and is not a complete replacement for the BIND 8 resolver
-  library.  Applications that use the BIND 8 `res_*` functions to perform
-  DNS lookups or dynamic updates still need to be linked against the BIND 8
-  libraries.  For DNS lookups, they can also use the new "getrrsetbyname()"
-  API.
-- BIND 9.2 is capable of acting as an authoritative server for DNSSEC
-  secured zones.  This functionality is believed to be stable and complete
-  except for lacking support for verifications involving wildcard records
-  in secure zones.
-- When acting as a caching server, BIND 9.2 can be configured to perform
-  DNSSEC secure resolution on behalf of its clients.  This part of the
-  DNSSEC implementation is still considered experimental.  For detailed
-  information about the state of the DNSSEC implementation, see the file
-  doc/misc/dnssec.

LICENSE

@@ -1,362 +0,0 @@
-Mozilla Public License, version 2.0
-
-1. Definitions
-
-1.1. "Contributor"
-
-     means each individual or legal entity that creates, contributes to the
-     creation of, or owns Covered Software.
-
-1.2. "Contributor Version"
-
-     means the combination of the Contributions of others (if any) used by a
-     Contributor and that particular Contributor's Contribution.
-
-1.3. "Contribution"
-
-     means Covered Software of a particular Contributor.
-
-1.4. "Covered Software"
-
-     means Source Code Form to which the initial Contributor has attached the
-     notice in Exhibit A, the Executable Form of such Source Code Form, and
-     Modifications of such Source Code Form, in each case including portions
-     thereof.
-
-1.5. "Incompatible With Secondary Licenses"
-     means
-
-     a. that the initial Contributor has attached the notice described in
-        Exhibit B to the Covered Software; or
-
-     b. that the Covered Software was made available under the terms of
-        version 1.1 or earlier of the License, but not also under the terms of
-        a Secondary License.
-
-1.6. "Executable Form"
-
-     means any form of the work other than Source Code Form.
-
-1.7. "Larger Work"
-
-     means a work that combines Covered Software with other material, in a
-     separate file or files, that is not Covered Software.
-
-1.8. "License"
-
-     means this document.
-
-1.9. "Licensable"
-
-     means having the right to grant, to the maximum extent possible, whether
-     at the time of the initial grant or subsequently, any and all of the
-     rights conveyed by this License.
-
-1.10. "Modifications"
-
-     means any of the following:
-
-     a. any file in Source Code Form that results from an addition to,
-        deletion from, or modification of the contents of Covered Software; or
-
-     b. any new file in Source Code Form that contains any Covered Software.
-
-1.11. "Patent Claims" of a Contributor
-
-      means any patent claim(s), including without limitation, method,
-      process, and apparatus claims, in any patent Licensable by such
-      Contributor that would be infringed, but for the grant of the License,
-      by the making, using, selling, offering for sale, having made, import,
-      or transfer of either its Contributions or its Contributor Version.
-
-1.12. "Secondary License"
-
-      means either the GNU General Public License, Version 2.0, the GNU Lesser
-      General Public License, Version 2.1, the GNU Affero General Public
-      License, Version 3.0, or any later versions of those licenses.
-
-1.13. "Source Code Form"
-
-      means the form of the work preferred for making modifications.
-
-1.14. "You" (or "Your")
-
-      means an individual or a legal entity exercising rights under this
-      License. For legal entities, "You" includes any entity that controls, is
-      controlled by, or is under common control with You. For purposes of this
-      definition, "control" means (a) the power, direct or indirect, to cause
-      the direction or management of such entity, whether by contract or
-      otherwise, or (b) ownership of more than fifty percent (50%) of the
-      outstanding shares or beneficial ownership of such entity.
-
-
-2. License Grants and Conditions
-
-2.1. Grants
-
-     Each Contributor hereby grants You a world-wide, royalty-free,
-     non-exclusive license:
-
-     a. under intellectual property rights (other than patent or trademark)
-        Licensable by such Contributor to use, reproduce, make available,
-        modify, display, perform, distribute, and otherwise exploit its
-        Contributions, either on an unmodified basis, with Modifications, or
-        as part of a Larger Work; and
-
-     b. under Patent Claims of such Contributor to make, use, sell, offer for
-        sale, have made, import, and otherwise transfer either its
-        Contributions or its Contributor Version.
-
-2.2. Effective Date
-
-     The licenses granted in Section 2.1 with respect to any Contribution
-     become effective for each Contribution on the date the Contributor first
-     distributes such Contribution.
-
-2.3. Limitations on Grant Scope
-
-     The licenses granted in this Section 2 are the only rights granted under
-     this License. No additional rights or licenses will be implied from the
-     distribution or licensing of Covered Software under this License.
-     Notwithstanding Section 2.1(b) above, no patent license is granted by a
-     Contributor:
-
-     a. for any code that a Contributor has removed from Covered Software; or
-
-     b. for infringements caused by: (i) Your and any other third party's
-        modifications of Covered Software, or (ii) the combination of its
-        Contributions with other software (except as part of its Contributor
-        Version); or
-
-     c. under Patent Claims infringed by Covered Software in the absence of
-        its Contributions.
-
-     This License does not grant any rights in the trademarks, service marks,
-     or logos of any Contributor (except as may be necessary to comply with
-     the notice requirements in Section 3.4).
-
-2.4. Subsequent Licenses
-
-     No Contributor makes additional grants as a result of Your choice to
-     distribute the Covered Software under a subsequent version of this
-     License (see Section 10.2) or under the terms of a Secondary License (if
-     permitted under the terms of Section 3.3).
-
-2.5. Representation
-
-     Each Contributor represents that the Contributor believes its
-     Contributions are its original creation(s) or it has sufficient rights to
-     grant the rights to its Contributions conveyed by this License.
-
-2.6. Fair Use
-
-     This License is not intended to limit any rights You have under
-     applicable copyright doctrines of fair use, fair dealing, or other
-     equivalents.
-
-2.7. Conditions
-
-     Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in
-     Section 2.1.
-
-
-3. Responsibilities
-
-3.1. Distribution of Source Form
-
-     All distribution of Covered Software in Source Code Form, including any
-     Modifications that You create or to which You contribute, must be under
-     the terms of this License. You must inform recipients that the Source
-     Code Form of the Covered Software is governed by the terms of this
-     License, and how they can obtain a copy of this License. You may not
-     attempt to alter or restrict the recipients' rights in the Source Code
-     Form.
-
-3.2. Distribution of Executable Form
-
-     If You distribute Covered Software in Executable Form then:
-
-     a. such Covered Software must also be made available in Source Code Form,
-        as described in Section 3.1, and You must inform recipients of the
-        Executable Form how they can obtain a copy of such Source Code Form by
-        reasonable means in a timely manner, at a charge no more than the cost
-        of distribution to the recipient; and
-
-     b. You may distribute such Executable Form under the terms of this
-        License, or sublicense it under different terms, provided that the
-        license for the Executable Form does not attempt to limit or alter the
-        recipients' rights in the Source Code Form under this License.
-
-3.3. Distribution of a Larger Work
-
-     You may create and distribute a Larger Work under terms of Your choice,
-     provided that You also comply with the requirements of this License for
-     the Covered Software. If the Larger Work is a combination of Covered
-     Software with a work governed by one or more Secondary Licenses, and the
-     Covered Software is not Incompatible With Secondary Licenses, this
-     License permits You to additionally distribute such Covered Software
-     under the terms of such Secondary License(s), so that the recipient of
-     the Larger Work may, at their option, further distribute the Covered
-     Software under the terms of either this License or such Secondary
-     License(s).
-
-3.4. Notices
-
-     You may not remove or alter the substance of any license notices
-     (including copyright notices, patent notices, disclaimers of warranty, or
-     limitations of liability) contained within the Source Code Form of the
-     Covered Software, except that You may alter any license notices to the
-     extent required to remedy known factual inaccuracies.
-
-3.5. Application of Additional Terms
-
-     You may choose to offer, and to charge a fee for, warranty, support,
-     indemnity or liability obligations to one or more recipients of Covered
-     Software. However, You may do so only on Your own behalf, and not on
-     behalf of any Contributor. You must make it absolutely clear that any
-     such warranty, support, indemnity, or liability obligation is offered by
-     You alone, and You hereby agree to indemnify every Contributor for any
-     liability incurred by such Contributor as a result of warranty, support,
-     indemnity or liability terms You offer. You may include additional
-     disclaimers of warranty and limitations of liability specific to any
-     jurisdiction.
-
-4. Inability to Comply Due to Statute or Regulation
-
-   If it is impossible for You to comply with any of the terms of this License
-   with respect to some or all of the Covered Software due to statute,
-   judicial order, or regulation then You must: (a) comply with the terms of
-   this License to the maximum extent possible; and (b) describe the
-   limitations and the code they affect. Such description must be placed in a
-   text file included with all distributions of the Covered Software under
-   this License. Except to the extent prohibited by statute or regulation,
-   such description must be sufficiently detailed for a recipient of ordinary
-   skill to be able to understand it.
-
-5. Termination
-
-5.1. The rights granted under this License will terminate automatically if You
-     fail to comply with any of its terms. However, if You become compliant,
-     then the rights granted under this License from a particular Contributor
-     are reinstated (a) provisionally, unless and until such Contributor
-     explicitly and finally terminates Your grants, and (b) on an ongoing
-     basis, if such Contributor fails to notify You of the non-compliance by
-     some reasonable means prior to 60 days after You have come back into
-     compliance. Moreover, Your grants from a particular Contributor are
-     reinstated on an ongoing basis if such Contributor notifies You of the
-     non-compliance by some reasonable means, this is the first time You have
-     received notice of non-compliance with this License from such
-     Contributor, and You become compliant prior to 30 days after Your receipt
-     of the notice.
-
-5.2. If You initiate litigation against any entity by asserting a patent
-     infringement claim (excluding declaratory judgment actions,
-     counter-claims, and cross-claims) alleging that a Contributor Version
-     directly or indirectly infringes any patent, then the rights granted to
-     You by any and all Contributors for the Covered Software under Section
-     2.1 of this License shall terminate.
-
-5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user
-     license agreements (excluding distributors and resellers) which have been
-     validly granted by You or Your distributors under this License prior to
-     termination shall survive termination.
-
-6. Disclaimer of Warranty
-
-   Covered Software is provided under this License on an "as is" basis,
-   without warranty of any kind, either expressed, implied, or statutory,
-   including, without limitation, warranties that the Covered Software is free
-   of defects, merchantable, fit for a particular purpose or non-infringing.
-   The entire risk as to the quality and performance of the Covered Software
-   is with You. Should any Covered Software prove defective in any respect,
-   You (not any Contributor) assume the cost of any necessary servicing,
-   repair, or correction. This disclaimer of warranty constitutes an essential
-   part of this License. No use of  any Covered Software is authorized under
-   this License except under this disclaimer.
-
-7. Limitation of Liability
-
-   Under no circumstances and under no legal theory, whether tort (including
-   negligence), contract, or otherwise, shall any Contributor, or anyone who
-   distributes Covered Software as permitted above, be liable to You for any
-   direct, indirect, special, incidental, or consequential damages of any
-   character including, without limitation, damages for lost profits, loss of
-   goodwill, work stoppage, computer failure or malfunction, or any and all
-   other commercial damages or losses, even if such party shall have been
-   informed of the possibility of such damages. This limitation of liability
-   shall not apply to liability for death or personal injury resulting from
-   such party's negligence to the extent applicable law prohibits such
-   limitation. Some jurisdictions do not allow the exclusion or limitation of
-   incidental or consequential damages, so this exclusion and limitation may
-   not apply to You.
-
-8. Litigation
-
-   Any litigation relating to this License may be brought only in the courts
-   of a jurisdiction where the defendant maintains its principal place of
-   business and such litigation shall be governed by laws of that
-   jurisdiction, without reference to its conflict-of-law provisions. Nothing
-   in this Section shall prevent a party's ability to bring cross-claims or
-   counter-claims.
-
-9. Miscellaneous
-
-   This License represents the complete agreement concerning the subject
-   matter hereof. If any provision of this License is held to be
-   unenforceable, such provision shall be reformed only to the extent
-   necessary to make it enforceable. Any law or regulation which provides that
-   the language of a contract shall be construed against the drafter shall not
-   be used to construe this License against a Contributor.
-
-
-10. Versions of the License
-
-10.1. New Versions
-
-      Mozilla Foundation is the license steward. Except as provided in Section
-      10.3, no one other than the license steward has the right to modify or
-      publish new versions of this License. Each version will be given a
-      distinguishing version number.
-
-10.2. Effect of New Versions
-
-      You may distribute the Covered Software under the terms of the version
-      of the License under which You originally received the Covered Software,
-      or under the terms of any subsequent version published by the license
-      steward.
-
-10.3. Modified Versions
-
-      If you create software not governed by this License, and you want to
-      create a new license for such software, you may create and use a
-      modified version of this License if you rename the license and remove
-      any references to the name of the license steward (except to note that
-      such modified license differs from this License).
-
-10.4. Distributing Source Code Form that is Incompatible With Secondary
-      Licenses If You choose to distribute Source Code Form that is
-      Incompatible With Secondary Licenses under the terms of this version of
-      the License, the notice described in Exhibit B of this License must be
-      attached.
-
-Exhibit A - Source Code Form License Notice
-
-      This Source Code Form is subject to the
-      terms of the Mozilla Public License, v.
-      2.0. If a copy of the MPL was not
-      distributed with this file, You can
-      obtain one at
-      http://mozilla.org/MPL/2.0/.
-
-If it is not possible or desirable to put the notice in a particular file,
-then You may include the notice in a location (such as a LICENSE file in a
-relevant directory) where a recipient would be likely to look for such a
-notice.
-
-You may add additional accurate notices of copyright ownership.
-
-Exhibit B - "Incompatible With Secondary Licenses" Notice
-
-      This Source Code Form is "Incompatible
-      With Secondary Licenses", as defined by
-      the Mozilla Public License, v. 2.0.

Makefile.am

@@ -1,25 +0,0 @@
-include $(top_srcdir)/Makefile.top
-
-SUBDIRS = . libltdl lib doc bin
-
-BUILT_SOURCES = bind.keys.h
-CLEANFILES = bind.keys.h
-
-bind.keys.h: bind.keys Makefile
-	${PERL} ${top_srcdir}/util/bindkeys.pl ${top_srcdir}/bind.keys > $@
-
-dist_sysconf_DATA = bind.keys
-
-.PHONY: doc
-
-EXTRA_DIST = 			\
-	util/bindkeys.pl	\
-	contrib			\
-	CHANGES			\
-	COPYRIGHT		\
-	LICENSE			\
-	*.md
-
-dist-hook:
-	find $(distdir) -type f -name .gitignore -delete
-	git rev-parse --short HEAD | cut -b1-7 > $(distdir)/srcid

Makefile.docs

@@ -1,51 +0,0 @@
-SPHINX_V = $(SPHINX_V_@AM_V@)
-SPHINX_V_ = $(SPHINX_V_@AM_DEFAULT_V@)
-SPHINX_V_0 = -q
-SPHINX_V_1 = -n
-
-AM_V_SPHINX = $(AM_V_SPHINX_@AM_V@)
-AM_V_SPHINX_ = $(AM_V_SPHINX_@AM_DEFAULT_V@)
-AM_V_SPHINX_0 = @echo "  SPHINX   $@";
-
-SPHINXBUILDDIR = $(builddir)/_build
-
-common_SPHINXOPTS =			\
-	-c $(srcdir)			\
-	-a				\
-	$(SPHINX_V)
-
-ALLSPHINXOPTS =				\
-	$(common_SPHINXOPTS)		\
-	-D version="$(PACKAGE_VERSION)"	\
-	-D today="$(RELEASE_DATE)"	\
-	-D release="$(PACKAGE_VERSION)"	\
-	$(SPHINXOPTS)			\
-	$(srcdir)
-
-man_SPHINXOPTS =			\
-	$(common_SPHINXOPTS)		\
-	-D version="@""PACKAGE_VERSION@"\
-	-D today="@""RELEASE_DATE@"	\
-	-D release="@""PACKAGE_VERSION@"\
-	$(SPHINXOPTS)			\
-	$(srcdir)
-
-AM_V_SED = $(AM_V_SED_@AM_V@)
-AM_V_SED_ = $(AM_V_SED_@AM_DEFAULT_V@)
-AM_V_SED_0 = @echo "  SED $@";
-
-AM_V_CFG_TEST = $(AM_V_CFG_TEST_@AM_V@)
-AM_V_CFG_TEST_ = $(AM_V_CFG_TEST_@AM_DEFAULT_V@)
-AM_V_CFG_TEST_0 = @echo "  CFG_GEN $@";
-
-AM_V_RST_OPTIONS = $(AM_V_CFG_TEST_@AM_V@)
-AM_V_RST_OPTIONS_ = $(AM_V_RST_OPTIONS_@AM_DEFAULT_V@)
-AM_V_RST_OPTIONS_0 = @echo "  RST_OPTIONS $@";
-
-AM_V_RST_ZONEOPT = $(AM_V_CFG_TEST_@AM_V@)
-AM_V_RST_ZONEOPT_ = $(AM_V_RST_ZONEOPT_@AM_DEFAULT_V@)
-AM_V_RST_ZONEOPT_0 = @echo "  RST_ZONEOPT $@";
-
-AM_V_RST_GRAMMARS = $(AM_V_CFG_TEST_@AM_V@)
-AM_V_RST_GRAMMARS_ = $(AM_V_RST_GRAMMARS_@AM_DEFAULT_V@)
-AM_V_RST_GRAMMARS_0 = @echo "  RST_GRAMMARS $@";

Makefile.in

@@ -0,0 +1,68 @@
+# Copyright (C) 2004-2007  Internet Systems Consortium, Inc. ("ISC")
+# Copyright (C) 1998-2002  Internet Software Consortium.
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+# $Id: Makefile.in,v 1.50 2007/09/03 00:36:53 marka Exp $
+
+srcdir =	@srcdir@
+VPATH =		@srcdir@
+top_srcdir =	@top_srcdir@
+
+@BIND9_VERSION@
+
+SUBDIRS =	make lib bin doc @LIBBIND@
+TARGETS =
+
+@BIND9_MAKE_RULES@
+
+distclean::
+	@if [ "X@LIBBIND@" = "X" ] ; then \
+		i=lib/bind; \
+		echo "making $@ in `pwd`/$$i"; \
+		(cd $$i; ${MAKE} ${MAKEDEFS} $@) || exit 1; \
+	fi
+
+distclean::
+	rm -f config.cache config.h config.log config.status TAGS
+	rm -f libtool isc-config.sh configure.lineno
+	rm -f util/conf.sh docutil/docbook2man-wrapper.sh
+
+# XXX we should clean libtool stuff too.  Only do this after we add rules
+# to make it.
+maintainer-clean::
+	rm -f configure
+
+installdirs:
+	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${bindir} \
+	${DESTDIR}${localstatedir}/run ${DESTDIR}${sysconfdir}
+
+install:: isc-config.sh installdirs
+	${INSTALL_SCRIPT} isc-config.sh ${DESTDIR}${bindir}
+
+tags:
+	rm -f TAGS
+	find lib bin -name "*.[ch]" -print | @ETAGS@ -
+
+check: test
+
+test:
+	(cd bin/tests && ${MAKE} ${MAKEDEFS} test)
+
+FAQ: FAQ.xml
+	${XSLTPROC} doc/xsl/isc-docbook-text.xsl FAQ.xml | \
+	LC_ALL=C ${W3M} -T text/html -dump -cols 72 >$@.tmp
+	mv $@.tmp $@
+
+clean::
+	rm -f FAQ.tmp

Makefile.tests

@@ -1,10 +0,0 @@
-# Hey Emacs, this is -*- makefile-automake -*- file!
-# vim: filetype=automake
-
-AM_CPPFLAGS +=					\
-	$(CMOCKA_CFLAGS)			\
-	-DTESTS_DIR=\"$(abs_srcdir)\"		\
-	-DNAMED_PLUGINDIR=\"$(libdir)/named\"
-
-LDADD =			\
-	$(CMOCKA_LIBS)

Makefile.top

@@ -1,89 +0,0 @@
-# Hey Emacs, this is -*- makefile-automake -*- file!
-# vim: filetype=automake
-
-ACLOCAL_AMFLAGS = -I $(top_srcdir)/m4
-
-AM_CFLAGS =					\
-	$(STD_CFLAGS)
-
-AM_CPPFLAGS =					\
-	$(STD_CPPFLAGS)				\
-	-include $(top_builddir)/config.h	\
-	-I$(srcdir)/include
-
-if HAVE_GSSAPI
-AM_CPPFLAGS +=					\
-	$(GSSAPI_CFLAGS)
-endif
-
-LIBISC_CFLAGS =						\
-	-I$(top_srcdir)/include				\
-	-I$(top_srcdir)/lib/isc/unix/include		\
-	-I$(top_srcdir)/lib/isc/pthreads/include	\
-	-I$(top_srcdir)/lib/isc/include			\
-	-I$(top_builddir)/lib/isc/include
-
-if HAVE_JSON_C
-LIBISC_CFLAGS +=					\
-	$(JSON_C_CFLAGS)
-endif HAVE_JSON_C
-
-if HAVE_LIBXML2
-LIBISC_CFLAGS +=					\
-	$(LIBXML2_CFLAGS)
-endif HAVE_LIBXML2
-
-LIBISC_LIBS = $(top_builddir)/lib/isc/libisc.la
-
-LIBDNS_CFLAGS = \
-	-I$(top_srcdir)/lib/dns/include			\
-	-I$(top_builddir)/lib/dns/include
-
-LIBDNS_LIBS = \
-	$(top_builddir)/lib/dns/libdns.la
-
-if HAVE_DNSTAP
-LIBDNS_CFLAGS +=					\
-	$(DNSTAP_CFLAGS)
-endif HAVE_DNSTAP
-
-if HAVE_LMDB
-LIBDNS_CFLAGS +=					\
-	$(LMDB_CFLAGS)
-endif HAVE_LMDB
-
-LIBNS_CFLAGS = \
-	-I$(top_srcdir)/lib/ns/include
-
-LIBNS_LIBS = \
-	$(top_builddir)/lib/ns/libns.la
-
-LIBIRS_CFLAGS = \
-	-I$(top_srcdir)/lib/irs/include
-
-LIBIRS_LIBS = \
-	$(top_builddir)/lib/irs/libirs.la
-
-LIBISCCFG_CFLAGS = \
-	-I$(top_srcdir)/lib/isccfg/include
-
-LIBISCCFG_LIBS = \
-	$(top_builddir)/lib/isccfg/libisccfg.la
-
-LIBISCCC_CFLAGS = \
-	-I$(top_srcdir)/lib/isccc/include/
-
-LIBISCCC_LIBS = \
-	$(top_builddir)/lib/isccc/libisccc.la
-
-LIBBIND9_CFLAGS = \
-	-I$(top_srcdir)/lib/bind9/include
-
-LIBBIND9_LIBS = \
-	$(top_builddir)/lib/bind9/libbind9.la
-
-LIBLTDL_CFLAGS = \
-	-I$(top_srcdir)/libltdl
-
-LIBLTDL_LIBS = \
-	$(top_builddir)/libltdl/libltdlc.la

NEWS

@@ -1 +0,0 @@
-CHANGES

OPTIONS.md

@@ -1,27 +0,0 @@
-<!--
- - Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- -
- - This Source Code Form is subject to the terms of the Mozilla Public
- - License, v. 2.0. If a copy of the MPL was not distributed with this
- - file, You can obtain one at http://mozilla.org/MPL/2.0/.
- -
- - See the COPYRIGHT file distributed with this work for additional
- - information regarding copyright ownership.
--->
-Setting the `STD_CDEFINES` environment variable before running `configure`
-can be used to enable certain compile-time options that are not explicitly
-defined in `configure`.
-
-Some of these settings are:
-
-|Setting                            |Description |
-|-----------------------------------|----------------------------------------|
-|`-DISC_MEM_DEFAULTFILL=1`|Overwrite memory with tag values when allocating or freeing it; this impairs performance but makes debugging of memory problems easier.|
-|`-DISC_MEM_TRACKLINES=0`|Don't track memory allocations by file and line number; this improves performance but makes debugging more difficult.|
-|<nobr>`-DISC_FACILITY=LOG_LOCAL0`</nobr>|Change the default syslog facility for `named`|
-|`-DNS_CLIENT_DROPPORT=0`|Disable dropping queries from particular well-known ports:|
-|`-DCHECK_SIBLING=0`|Don't check sibling glue in `named-checkzone`|
-|`-DCHECK_LOCAL=0`|Don't check out-of-zone addresses in `named-checkzone`|
-|`-DNS_RUN_PID_DIR=0`|Create default PID files in `${localstatedir}/run` rather than `${localstatedir}/run/named/`|
-|`-DISC_BUFFER_USEINLINE=0`|Disable the use of inline functions to implement the `isc_buffer` API: this reduces performance but may be useful when debugging |
-|`-DISC_HEAP_CHECK`|Test heap consistency after every heap operation; used when debugging|

PLATFORMS.md

@@ -1,105 +0,0 @@
-<!--
- - Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- -
- - This Source Code Form is subject to the terms of the Mozilla Public
- - License, v. 2.0. If a copy of the MPL was not distributed with this
- - file, You can obtain one at http://mozilla.org/MPL/2.0/.
- -
- - See the COPYRIGHT file distributed with this work for additional
- - information regarding copyright ownership.
--->
-## Supported platforms
-
-In general, this version of BIND will build and run on any POSIX-compliant
-system with a C11-compliant C compiler, BSD-style sockets with RFC-compliant
-IPv6 support, POSIX-compliant threads, the `libuv` asynchronous I/O library,
-and the OpenSSL cryptography library.
-
-The following C11 features are used in BIND 9:
-
-* Atomic operations support from the compiler is needed, either in the form of
-  builtin operations, C11 atomics, or the `Interlocked` family of functions on
-  Windows.
-
-* Thread Local Storage support from the compiler is needed, either in the form
-  of C11 `_Thread_local`/`thread_local`, the `__thread` GCC extension, or
-  the `__declspec(thread)` MSVC extension on Windows.
-
-BIND 9.17 requires a fairly recent version of `libuv` (at least 1.x).  For
-some of the older systems listed below, you will have to install an updated
-`libuv` package from sources such as EPEL, PPA, or other native sources for
-updated packages. The other option is to build and install `libuv` from
-source.
-
-Certain optional BIND features have additional library dependencies.
-These include `libxml2` and `libjson-c` for statistics, `libmaxminddb` for
-geolocation, `libfstrm` and `libprotobuf-c` for DNSTAP, and `libidn2` for
-internationalized domain name conversion.
-
-ISC regularly tests BIND on many operating systems and architectures, but
-lacks the resources to test all of them. Consequently, ISC is only able to
-offer support on a "best effort" basis for some.
-
-### Regularly tested platforms
-
-As of Jul 2020, BIND 9.17 is fully supported and regularly tested on the
-following systems:
-
-* Debian 9, 10
-* Ubuntu LTS 16.04, 20.04
-* Fedora 32
-* Red Hat Enterprise Linux / CentOS 7, 8
-* FreeBSD 11.4, 12.1
-* OpenBSD 6.7
-* Alpine Linux 3.12
-
-The amd64, i386, armhf and arm64 CPU architectures are all fully supported.
-
-### Best effort
-
-The following are platforms on which BIND is known to build and run.
-ISC makes every effort to fix bugs on these platforms, but may be unable to
-do so quickly due to lack of hardware, less familiarity on the part of
-engineering staff, and other constraints. With the exception of Windows
-Server 2012 R2, none of these are tested regularly by ISC.
-
-* Windows Server 2012 R2, 2016 / x64
-* Windows 10 / x64
-* macOS 10.12+
-* Solaris 11
-* NetBSD
-* Other Linux distributions still supported by their vendors, such as:
-    * Ubuntu 19.04+
-    * Gentoo
-    * Arch Linux
-* OpenWRT/LEDE 17.01+
-* Other CPU architectures (mips, mipsel, sparc, ...)
-
-### Community maintained
-
-These systems may not all have the required dependencies for building BIND
-easily available, although it will be possible in many cases to compile
-those directly from source. The community and interested parties may wish
-to help with maintenance, and we welcome patch contributions, although we
-cannot guarantee that we will accept them.  All contributions will be
-assessed against the risk of adverse effect on officially supported
-platforms.
-
-* Platforms past or close to their respective EOL dates, such as:
-    * Ubuntu 14.04, 18.10
-    * CentOS 6
-    * Debian Jessie
-    * FreeBSD 10.x
-
-## Unsupported platforms
-
-These are platforms on which BIND 9.17 is known *not* to build or run:
-
-* Platforms without at least OpenSSL 1.0.2
-* Windows 10 / x86
-* Windows Server 2012 and older
-* Solaris 10 and older
-* Platforms that don't support IPv6 Advanced Socket API (RFC 3542)
-* Platforms that don't support atomic operations (via compiler or library)
-* Linux without NPTL (Native POSIX Thread Library)
-* Platforms on which `libuv` cannot be compiled

README

@@ -0,0 +1,558 @@
+BIND 9
+
+	BIND version 9 is a major rewrite of nearly all aspects of the
+	underlying BIND architecture.  Some of the important features of
+	BIND 9 are:
+
+		- DNS Security
+			DNSSEC (signed zones)
+			TSIG (signed DNS requests)
+
+		- IP version 6
+			Answers DNS queries on IPv6 sockets
+			IPv6 resource records (AAAA)
+			Experimental IPv6 Resolver Library
+
+		- DNS Protocol Enhancements
+			IXFR, DDNS, Notify, EDNS0
+			Improved standards conformance
+
+		- Views
+			One server process can provide multiple "views" of
+			the DNS namespace, e.g. an "inside" view to certain
+			clients, and an "outside" view to others.
+
+		- Multiprocessor Support
+
+		- Improved Portability Architecture
+
+
+	BIND version 9 development has been underwritten by the following
+	organizations:
+
+		Sun Microsystems, Inc.
+		Hewlett Packard
+		Compaq Computer Corporation
+		IBM
+		Process Software Corporation
+		Silicon Graphics, Inc.
+		Network Associates, Inc.
+		U.S. Defense Information Systems Agency
+		USENIX Association
+		Stichting NLnet - NLnet Foundation
+		Nominum, Inc.
+
+
+BIND 9.5.0
+
+	BIND 9.5.0 has a number of new features over 9.4,
+	including:
+
+	GSS-TSIG support (RFC 3645).
+
+	DHCID support.
+
+	Experimental http server and statistics support for named via xml.
+
+	More detailed statistics counters including those supported in BIND 8.
+
+	Faster ACL processing.
+
+	Use Doxygen to generate internal documentation.
+
+        Efficient LRU cache-cleaning mechanism.
+
+        NSID support.
+
+BIND 9.4.0
+
+	BIND 9.4.0 has a number of new features over 9.3,
+	including:
+
+	Implemented "additional section caching (or acache)", an
+	internal cache framework for additional section content to
+	improve response performance.  Several configuration options
+	were provided to control the behavior.
+
+	New notify type 'master-only'.  Enable notify for master
+	zones only.
+
+	Accept 'notify-source' style syntax for query-source.
+
+	rndc now allows addresses to be set in the server clauses.
+
+	New option "allow-query-cache".  This lets allow-query be
+	used to specify the default zone access level rather than
+	having to have every zone override the global value.
+	allow-query-cache can be set at both the options and view
+	levels. If allow-query-cache is not set then allow-recursion
+	is used if set, otherwise allow-query is used if set, otherwise
+	the default (localhost; localnets;) is used.
+
+	rndc: the source address can now be specified.
+
+	ixfr-from-differences now takes master and slave in addition
+	to yes and no at the options and view levels.
+
+	Allow the journal's name to be changed via named.conf.
+
+	'rndc notify zone [class [view]]' resend the NOTIFY messages
+	for the specified zone.
+
+	'dig +trace' now randomly selects the next servers to try.
+	Report if there is a bad delegation.
+
+	Improve check-names error messages.
+
+	Make public the function to read a key file, dst_key_read_public().
+
+	dig now returns the byte count for axfr/ixfr.
+			
+	allow-update is now settable at the options / view level.
+
+	named-checkconf now checks the logging configuration.
+
+	host now can turn on memory debugging flags with '-m'.
+
+	Don't send notify messages to self.
+
+	Perform sanity checks on NS records which refer to 'in zone' names.
+
+	New zone option "notify-delay".  Specify a minimum delay
+	between sets of NOTIFY messages.
+
+	Extend adjusting TTL warning messages.
+
+	Named and named-checkzone can now both check for non-terminal
+	wildcard records.
+
+	"rndc freeze/thaw" now freezes/thaws all zones.
+
+	named-checkconf now check acls to verify that they only
+	refer to existing acls.
+
+	The server syntax has been extended to support a range of
+	servers.
+
+	Report differences between hints and real NS rrset and
+	associated address records.
+
+	Preserve the case of domain names in rdata during zone
+	transfers.
+
+	Restructured the data locking framework using architecture
+	dependent atomic operations (when available), improving
+	response performance on multi-processor machines significantly.
+	x86, x86_64, alpha, powerpc, and mips are currently supported.
+
+	UNIX domain controls are now supported.
+
+	Add support for additional zone file formats for improving
+	loading performance.  The masterfile-format option in
+	named.conf can be used to specify a non-default format.  A
+	separate command named-compilezone was provided to generate
+	zone files in the new format.  Additionally, the -I and -O
+	options for dnssec-signzone specify the input and output
+	formats.
+
+	dnssec-signzone can now randomize signature end times
+	(dnssec-signzone -j jitter).
+
+	Add support for CH A record.
+
+	Add additional zone data constancy checks.  named-checkzone
+	has extended checking of NS, MX and SRV record and the hosts
+	they reference.  named has extended post zone load checks.
+	New zone options: check-mx and integrity-check.
+
+
+	edns-udp-size can now be overridden on a per server basis.
+
+	dig can now specify the EDNS version when making a query.
+
+	Added framework for handling multiple EDNS versions.
+
+	Additional memory debugging support to track size and mctx
+	arguments.
+
+	Detect duplicates of UDP queries we are recursing on and
+	drop them.  New stats category "duplicates".
+
+	"USE INTERNAL MALLOC" is now runtime selectable.
+
+	The lame cache is now done on a <qname,qclass,qtype> basis
+	as some servers only appear to be lame for certain query
+	types.
+
+	Limit the number of recursive clients that can be waiting
+	for a single query (<qname,qtype,qclass>) to resolve.  New
+	options clients-per-query and max-clients-per-query.
+
+	dig: report the number of extra bytes still left in the
+	packet after processing all the records.
+
+	Support for IPSECKEY rdata type.
+
+	Raise the UDP recieve buffer size to 32k if it is less than 32k.
+
+	x86 and x86_64 now have seperate atomic locking implementations.
+
+	named-checkconf now validates update-policy entries.
+
+	Attempt to make the amount of work performed in a iteration
+	self tuning.  The covers nodes clean from the cache per
+	iteration, nodes written to disk when rewriting a master
+	file and nodes destroyed per iteration when destroying a
+	zone or a cache.
+
+	ISC string copy API.
+
+	Automatic empty zone creation for D.F.IP6.ARPA and friends.
+	Note: RFC 1918 zones are not yet covered by this but are
+	likely to be in a future release.
+
+	New options: empty-server, empty-contact, empty-zones-enable
+	and disable-empty-zone.
+
+	dig now has a '-q queryname' and '+showsearch' options.
+
+	host/nslookup now continue (default)/fail on SERVFAIL.
+
+	dig now warns if 'RA' is not set in the answer when 'RD'
+	was set in the query.  host/nslookup skip servers that fail
+	to set 'RA' when 'RD' is set unless a server is explicitly
+	set.
+
+	Integrate contibuted DLZ code into named.
+
+	Integrate contibuted IDN code from JPNIC.
+
+	libbind: corresponds to that from BIND 8.4.7.
+
+BIND 9.3.0
+
+	BIND 9.3.0 has a number of new features over 9.2,
+	including:
+
+	DNSSEC is now DS based (RFC 3658).
+	See also RFC 3845, doc/draft/draft-ietf-dnsext-dnssec-*.
+
+	DNSSEC lookaside validation.
+
+	check-names is now implemented.
+	rrset-order in more complete.
+
+	IPv4/IPv6 transition support, dual-stack-servers.
+
+	IXFR deltas can now be generated when loading master files,
+	ixfr-from-differences.
+
+	It is now possible to specify the size of a journal, max-journal-size.
+
+	It is now possible to define a named set of master servers to be
+	used in masters clause, masters.
+
+	The advertised EDNS UDP size can now be set, edns-udp-size.
+
+	allow-v6-synthesis has been obsoleted.
+
+	NOTE:
+	* Zones containing MD and MF will now be rejected.
+	* dig, nslookup name. now report "Not Implemented" as
+	  NOTIMP rather than NOTIMPL.  This will have impact on scripts
+	  that are looking for NOTIMPL.
+
+	libbind: corresponds to that from BIND 8.4.5.
+
+BIND 9.2.0
+
+	BIND 9.2.0 has a number of new features over 9.1,
+	including:
+
+	  - The size of the cache can now be limited using the
+            "max-cache-size" option.
+
+	  - The server can now automatically convert RFC1886-style
+	    recursive lookup requests into RFC2874-style lookups, 
+	    when enabled using the new option "allow-v6-synthesis".
+            This allows stub resolvers that support AAAA records
+            but not A6 record chains or binary labels to perform
+            lookups in domains that make use of these IPv6 DNS
+            features.
+
+	  - Performance has been improved.
+
+	  - The man pages now use the more portable "man" macros
+	    rather than the "mandoc" macros, and are installed
+            by "make install".
+
+          - The named.conf parser has been completely rewritten.
+            It now supports "include" directives in more
+            places such as inside "view" statements, and it no
+            longer has any reserved words.
+
+          - The "rndc status" command is now implemented.
+
+	  - rndc can now be configured automatically.
+
+	  - A BIND 8 compatible stub resolver library is now
+	    included in lib/bind.
+
+	  - OpenSSL has been removed from the distribution.  This
+	    means that to use DNSSEC, OpenSSL must be installed and
+	    the --with-openssl option must be supplied to configure.
+	    This does not apply to the use of TSIG, which does not
+	    require OpenSSL.
+
+	  - The source distribution now builds on Windows NT/2000.
+	    See win32utils/readme1.txt and win32utils/win32-build.txt
+	    for details.
+
+	This distribution also includes a new lightweight stub
+	resolver library and associated resolver daemon that fully
+	support forward and reverse lookups of both IPv4 and IPv6
+	addresses.  This library is considered experimental and
+	is not a complete replacement for the BIND 8 resolver library.
+	Applications that use the BIND 8 res_* functions to perform
+	DNS lookups or dynamic updates still need to be linked against
+	the BIND 8 libraries.  For DNS lookups, they can also use the
+	new "getrrsetbyname()" API.
+
+	BIND 9.2 is capable of acting as an authoritative server
+	for DNSSEC secured zones.  This functionality is believed to
+	be stable and complete except for lacking support for
+	verifications involving wildcard records in secure zones.
+
+	When acting as a caching server, BIND 9.2 can be configured
+	to perform DNSSEC secure resolution on behalf of its clients.
+	This part of the DNSSEC implementation is still considered
+	experimental.  For detailed information about the state of the
+	DNSSEC implementation, see the file doc/misc/dnssec.
+
+	There are a few known bugs:
+
+		On some systems, IPv6 and IPv4 sockets interact in
+		unexpected ways.  For details, see doc/misc/ipv6.
+		To reduce the impact of these problems, the server
+		no longer listens for requests on IPv6 addresses
+		by default.  If you need to accept DNS queries over
+		IPv6, you must specify "listen-on-v6 { any; };"
+		in the named.conf options statement.
+
+		FreeBSD prior to 4.2 (and 4.2 if running as non-root)
+		and OpenBSD prior to 2.8 log messages like
+		"fcntl(8, F_SETFL, 4): Inappropriate ioctl for device".
+		This is due to a bug in "/dev/random" and impacts the
+		server's DNSSEC support.
+
+		OS X 10.1.4 (Darwin 5.4), OS X 10.1.5 (Darwin 5.5) and
+		OS X 10.2 (Darwin 6.0) reports errors like
+		"fcntl(3, F_SETFL, 4): Operation not supported by device".
+		This is due to a bug in "/dev/random" and impacts the
+		server's DNSSEC support.
+
+		--with-libtool does not work on AIX.
+
+		--with-libtool does not work on SunOS 4.  configure
+		requires "printf" which is not available.
+
+	A bug in the Windows 2000 DNS server can cause zone transfers
+	from a BIND 9 server to a W2K server to fail.  For details,
+	see the "Zone Transfers" section in doc/misc/migration.
+
+	For a detailed list of user-visible changes from
+	previous releases, see the CHANGES file.
+
+
+Building
+
+	BIND 9 currently requires a UNIX system with an ANSI C compiler,
+	basic POSIX support, and a 64 bit integer type.
+
+	We've had successful builds and tests on the following systems:
+
+		COMPAQ Tru64 UNIX 5.1B
+		Fedora Core 6
+		FreeBSD 4.10, 5.2.1, 6.2
+		HP-UX 11.11
+		Mac OS X 10.5
+		NetBSD 3.x and 4.0-beta
+		OpenBSD 3.3 and up
+		Solaris 8, 9, 9 (x86), 10
+		Ubuntu 7.04, 7.10
+		Windows NT/2000/XP/2003
+
+	We have recent reports from the user community that a supported
+	version of BIND will build and run on the following systems:
+
+		AIX 4.3, 5L
+		CentOS 4, 4.5, 5
+		Darwin 9.0.0d1/ARM
+		Debian 4
+		Fedora Core 5, 7
+		FreeBSD 6.1
+		HP-UX 11.23 PA
+		MacOS X 10.4, 10.5
+		Red Hat Enterprise Linux 4, 5
+		SCO OpenServer 5.0.6
+		Slackware 9, 10
+		SuSE 9, 10
+
+	To build, just
+
+		./configure
+		make
+
+	Do not use a parallel "make".
+
+	Several environment variables that can be set before running
+	configure will affect compilation:
+
+	    CC
+		The C compiler to use.	configure tries to figure
+		out the right one for supported systems.
+
+	    CFLAGS
+		C compiler flags.  Defaults to include -g and/or -O2
+		as supported by the compiler.  
+
+	    STD_CINCLUDES
+		System header file directories.	 Can be used to specify
+		where add-on thread or IPv6 support is, for example.
+		Defaults to empty string.
+
+	    STD_CDEFINES
+		Any additional preprocessor symbols you want defined.
+		Defaults to empty string.
+
+		Possible settings:
+		Change the default syslog facility of named/lwresd.
+		  -DISC_FACILITY=LOG_LOCAL0	
+		Enable DNSSEC signature chasing support in dig.
+		  -DDIG_SIGCHASE=1 (sets -DDIG_SIGCHASE_TD=1 and
+				    -DDIG_SIGCHASE_BU=1)
+		Disable dropping queries from particular well known ports.
+		  -DNS_CLIENT_DROPPORT=0
+		Disable support for "rrset-order fixed".
+		  -DDNS_RDATASET_FIXED=0
+
+	    LDFLAGS
+		Linker flags. Defaults to empty string.
+
+	The following need to be set when cross compiling.
+
+	    BUILD_CC
+		The native C compiler.
+	    BUILD_CFLAGS (optional)
+	    BUILD_CPPFLAGS (optional)
+		Possible Settings:
+		-DNEED_OPTARG=1		(optarg is not declared in <unistd.h>)
+	    BUILD_LDFLAGS (optional)
+	    BUILD_LIBS (optional)
+
+	To build shared libraries, specify "--with-libtool" on the
+	configure command line.
+
+	For the server to support DNSSEC, you need to build it
+	with crypto support.  You must have OpenSSL 0.9.5a
+	or newer installed and specify "--with-openssl" on the
+	configure command line.  If OpenSSL is installed under
+	a nonstandard prefix, you can tell configure where to
+	look for it using "--with-openssl=/prefix".
+
+	To build libbind (the BIND 8 resolver library), specify
+	"--enable-libbind" on the configure command line.
+
+	On some platforms, BIND 9 can be built with multithreading
+	support, allowing it to take advantage of multiple CPUs.
+	You can specify whether to build a multithreaded BIND 9 
+	by specifying "--enable-threads" or "--disable-threads"
+	on the configure command line.  The default is operating
+	system dependent.
+
+	If your operating system has integrated support for IPv6, it
+	will be used automatically.  If you have installed KAME IPv6
+	separately, use "--with-kame[=PATH]" to specify its location.
+
+	"make install" will install "named" and the various BIND 9 libraries.
+	By default, installation is into /usr/local, but this can be changed
+	with the "--prefix" option when running "configure".
+
+	You may specify the option "--sysconfdir" to set the directory 
+	where configuration files like "named.conf" go by default,
+	and "--localstatedir" to set the default parent directory
+	of "run/named.pid".   For backwards compatibility with BIND 8,
+	--sysconfdir defaults to "/etc" and --localstatedir defaults to
+	"/var" if no --prefix option is given.  If there is a --prefix
+	option, sysconfdir defaults to "$prefix/etc" and localstatedir
+	defaults to "$prefix/var".
+
+	To see additional configure options, run "configure --help".
+	Note that the help message does not reflect the BIND 8 
+	compatibility defaults for sysconfdir and localstatedir.
+
+	If you're planning on making changes to the BIND 9 source, you
+	should also "make depend".  If you're using Emacs, you might find
+	"make tags" helpful.
+
+	If you need to re-run configure please run "make distclean" first.
+	This will ensure that all the option changes take.
+
+	Building with gcc is not supported, unless gcc is the vendor's usual
+	compiler (e.g. the various BSD systems, Linux).
+	
+	Known compiler issues:
+	* gcc-3.2.1 and gcc-3.1.1 is known to cause problems with solaris-x86.
+	* gcc prior to gcc-3.2.3 ultrasparc generates incorrect code at -02.
+	* gcc-3.3.5 powerpc generates incorrect code at -02.
+	* Irix, MipsPRO 7.4.1m is known to cause problems.
+
+	A limited test suite can be run with "make test".  Many of
+	the tests require you to configure a set of virtual IP addresses
+	on your system, and some require Perl; see bin/tests/system/README
+	for details.
+
+	SunOS 4 requires "printf" to be installed to make the shared
+	libraries.  sh-utils-1.16 provides a "printf" which compiles
+	on SunOS 4.
+
+Documentation
+
+	The BIND 9 Administrator Reference Manual is included with the
+	source distribution in DocBook XML and HTML format, in the
+	doc/arm directory.
+
+	Some of the programs in the BIND 9 distribution have man pages
+	in their directories.  In particular, the command line
+	options of "named" are documented in /bin/named/named.8.
+	There is now also a set of man pages for the lwres library.
+
+	If you are upgrading from BIND 8, please read the migration
+	notes in doc/misc/migration.  If you are upgrading from
+	BIND 4, read doc/misc/migration-4to9.
+
+	Frequently asked questions and their answers can be found in
+	FAQ.
+
+
+Bug Reports and Mailing Lists
+
+	Bugs reports should be sent to
+
+		bind9-bugs@isc.org
+
+	To join the BIND Users mailing list, send mail to
+
+		bind-users-request@isc.org
+
+	archives of which can be found via
+
+		http://www.isc.org/ops/lists/
+
+	If you're planning on making changes to the BIND 9 source
+	code, you might want to join the BIND Workers mailing list.
+	Send mail to
+
+		bind-workers-request@isc.org
+
+

README.idnkit

@@ -0,0 +1,112 @@
+
+			BIND-9 IDN patch
+
+	       Japan Network Information Center (JPNIC)
+
+
+* What is this patch for?
+
+This patch adds internationalized domain name (IDN) support to BIND-9.
+You'll get internationalized version of dig/host/nslookup commands.
+
+    + internationalized dig/host/nslookup
+	dig/host/nslookup accepts non-ASCII domain names in the local
+	codeset (such as Shift JIS, Big5 or ISO8859-1) determined by
+	the locale information.  The domain names are normalized and
+	converted to the encoding on the DNS protocol, and sent to DNS
+	servers.  The replies are converted back to the local codeset
+	and displayed.
+
+
+* Compilation & installation
+
+0. Prerequisite
+
+You have to build and install idnkit before building this patched version
+of bind-9.
+
+1. Running configure script
+
+Run `configure' in the top directory.  See `README' for the
+configuration options.
+
+This patch adds the following 4 options to `configure'.  You should
+at least specify `--with-idn' option to enable IDN support.
+
+    --with-idn[=IDN_PREFIX]
+	To enable IDN support, you have to specify `--with-idn' option.
+	The argument IDN_PREFIX is the install prefix of idnkit.  If
+	IDN_PREFIX is omitted, PREFIX (derived from `--prefix=PREFIX')
+	is assumed.
+
+    --with-libiconv[=LIBICONV_PREFIX]
+	Specify this option if idnkit you have installed links GNU
+	libiconv.  The argument LIBICONV_PREFIX is install prefix of
+	GNU libiconv.  If the argument is omitted, PREFIX (derived
+	from `--prefix=PREFIX') is assumed.
+
+	`--with-libiconv' is shorthand option for GNU libiconv.
+
+	    --with-libiconv=/usr/local
+
+	This is equivalent to:
+
+	    --with-iconv='-L/usr/local/lib -R/usr/local/lib -liconv'
+
+	`--with-libiconv' assumes that your C compiler has `-R'
+	option, and that the option adds the specified run-time path
+	to an exacutable binary.  If `-R' option of your compiler has
+	different meaning, or your compiler lacks the option, you
+	should use `--with-iconv' option instead.  Binary command
+	without run-time path information might be unexecutable.
+	In that case, you would see an error message like:
+
+	    error in loading shared libraries: libiconv.so.2: cannot
+	    open shared object file
+
+	If both `--with-libiconv' and `--with-iconv' options are
+	specified, `--with-iconv' is prior to `--with-libiconv'.
+
+    --with-iconv=ICONV_LIBSPEC
+	If your libc doens't provide iconv(), you need to specify the
+	library containing iconv() with this option.  `ICONV_LIBSPEC'
+	is the argument(s) to `cc' or `ld' to link the library, for
+	example, `--with-iconv="-L/usr/local/lib -liconv"'.
+	You don't need to specify the header file directory for "iconv.h"
+	to the compiler, as it isn't included directly by bind-9 with
+	this patch.
+
+    --with-idnlib=IDN_LIBSPEC
+	With this option, you can explicitly specify the argument(s)
+	to `cc' or `ld' to link the idnkit's library, `libidnkit'.  If
+	this option is not specified, `-L${PREFIX}/lib -lidnkit' is
+	assumed, where ${PREFIX} is the installation prefix specified
+	with `--with-idn' option above.  You may need to use this
+	option to specify extra argments, for example,
+	`--with-idnlib="-L/usr/local/lib -R/usr/local/lib -lidnkit"'.
+
+Please consult `README' for other configuration options.
+
+Note that if you want to specify some extra header file directories,
+you should use the environment variable STD_CINCLUDES instead of
+CFLAGS, as described in README.
+
+2. Compilation and installation
+
+After running "configure", just do
+
+	make
+	make install
+
+for compiling and installing.
+
+
+* Contact information
+
+Please see http//www.nic.ad.jp/en/idn/ for the latest news
+about idnkit and this patch.
+
+Bug reports and comments on this kit should be sent to
+mdnkit-bugs@nic.ad.jp and idn-cmt@nic.ad.jp, respectively.
+
+; $Id: README.idnkit,v 1.2 2005/09/09 06:13:57 marka Exp $

README.md

@@ -1,390 +0,0 @@
-<!--
- - Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- -
- - This Source Code Form is subject to the terms of the Mozilla Public
- - License, v. 2.0. If a copy of the MPL was not distributed with this
- - file, You can obtain one at http://mozilla.org/MPL/2.0/.
- -
- - See the COPYRIGHT file distributed with this work for additional
- - information regarding copyright ownership.
--->
-# BIND 9
-
-### Contents
-
-1. [Introduction](#intro)
-1. [Reporting bugs and getting help](#help)
-1. [Contributing to BIND](#contrib)
-1. [BIND 9.17 features](#features)
-1. [Building BIND](#build)
-1. [macOS](#macos)
-1. [Dependencies](#dependencies)
-1. [Compile-time options](#opts)
-1. [Automated testing](#testing)
-1. [Documentation](#doc)
-1. [Change log](#changes)
-1. [Acknowledgments](#ack)
-
-### <a name="intro"/> Introduction
-
-BIND (Berkeley Internet Name Domain) is a complete, highly portable
-implementation of the Domain Name System (DNS) protocol.
-
-The BIND name server, `named`, can act as an authoritative name
-server, recursive resolver, DNS forwarder, or all three simultaneously. It
-implements views for split-horizon DNS, automatic DNSSEC zone signing and
-key management, catalog zones to facilitate provisioning of zone data
-throughout a name server constellation, response policy zones (RPZ) to
-protect clients from malicious data, response rate limiting (RRL) and
-recursive query limits to reduce distributed denial of service attacks,
-and many other advanced DNS features. BIND also includes a suite of
-administrative tools, including the `dig` and `delv` DNS lookup tools,
-`nsupdate` for dynamic DNS zone updates, `rndc` for remote name server
-administration, and more.
-
-BIND 9 began as a complete rewrite of the BIND architecture that was
-used in versions 4 and 8.  Internet Systems Consortium
-([https://www.isc.org](https://www.isc.org)), a 501(c)(3) US public benefit
-corporation dedicated to providing software and services in support of the
-Internet infrastructure, developed BIND 9 and is responsible for its
-ongoing maintenance and improvement. BIND is open source software
-licensed under the terms of the Mozilla Public License, version 2.0.
-
-For a summary of features introduced in past major releases of BIND,
-see the file [HISTORY](HISTORY.md).
-
-For a detailed list of changes made throughout the history of BIND 9, see
-the file [CHANGES](CHANGES). See [below](#changes) for details on the
-CHANGES file format.
-
-For up-to-date versions and release notes, see
-[https://www.isc.org/download/](https://www.isc.org/download/).
-
-For information about supported platforms, see [PLATFORMS](PLATFORMS.md).
-
-### <a name="help"/> Reporting bugs and getting help
-
-To report non-security-sensitive bugs or request new features, you may
-open an issue in the BIND 9 project on the
-[ISC GitLab server](https://gitlab.isc.org) at
-[https://gitlab.isc.org/isc-projects/bind9](https://gitlab.isc.org/isc-projects/bind9).
-
-Please note that, unless you explicitly mark the newly created issue as
-"confidential," it will be publicly readable. Please do not include any
-information in bug reports that you consider to be confidential unless
-the issue has been marked as such. In particular, if submitting the
-contents of your configuration file in a non-confidential issue, it is
-advisable to obscure key secrets; this can be done automatically by
-using `named-checkconf -px`.
-
-If you are reporting a bug that is a potential security issue, such as an
-assertion failure or other crash in `named`, please do *NOT* use GitLab to
-report it. Instead, send mail to
-[security-officer@isc.org](mailto:security-officer@isc.org) using our
-OpenPGP key to secure your message. (Information about OpenPGP and links
-to our key can be found at
-[https://www.isc.org/pgpkey](https://www.isc.org/pgpkey).) Please do not
-discuss the bug on any public mailing list.
-
-For a general overview of ISC security policies, read the Knowledgebase
-article at [https://kb.isc.org/docs/aa-00861](https://kb.isc.org/docs/aa-00861).
-
-Professional support and training for BIND are available from
-ISC. Contact us at [https://www.isc.org/contact](https://www.isc.org/contact)
-for more information.
-
-To join the __BIND Users__ mailing list, or view the archives, visit
-[https://lists.isc.org/mailman/listinfo/bind-users](https://lists.isc.org/mailman/listinfo/bind-users).
-
-If you're planning on making changes to the BIND 9 source code, you
-may also want to join the __BIND Workers__ mailing list, at
-[https://lists.isc.org/mailman/listinfo/bind-workers](https://lists.isc.org/mailman/listinfo/bind-workers).
-
-### <a name="contrib"/> Contributing to BIND
-
-ISC maintains a public git repository for BIND; details can be found
-at [https://www.isc.org/sourceaccess/](https://www.isc.org/sourceaccess/).
-
-Information for BIND contributors can be found in the following files:
-- General information: [CONTRIBUTING.md](CONTRIBUTING.md)
-- Code of Conduct: [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md)
-- BIND 9 code style: [doc/dev/style.md](doc/dev/style.md)
-- BIND architecture and developer guide: [doc/dev/dev.md](doc/dev/dev.md)
-
-Patches for BIND may be submitted as
-[merge requests](https://gitlab.isc.org/isc-projects/bind9/merge_requests)
-on the [ISC GitLab server](https://gitlab.isc.org).
-
-By default, external contributors do not have the ability to fork BIND on the
-GitLab server; if you wish to contribute code to BIND, you may request
-permission to do so. Thereafter, you can create git branches and directly
-submit requests that they be reviewed and merged.
-
-If you prefer, you may also submit code by opening a
-[GitLab issue](https://gitlab.isc.org/isc-projects/bind9/issues) and
-including your patch as an attachment, preferably generated by
-`git format-patch`.
-
-### <a name="features"/> BIND 9.17 features
-
-BIND 9.17 is the newest development branch of BIND 9. It includes a
-number of changes from BIND 9.16 and earlier releases. New features include:
-
-* The new option `max-ixfr-ratio` to limit the size of outgoing IXFR responses
-  before falling back to full zone transfers.
-* `rndc nta -d` and `rndc secroots` now include `validate-except` entries
-  when listing negative trust anchors.
-
-### <a name="build"/> Building BIND 9
-
-At a minimum, BIND requires a Unix or Linux system with an ANSI C compiler,
-basic POSIX support, and a 64-bit integer type. BIND also requires the
-`libuv` asynchronous I/O library, and a cryptography provider library
-such as OpenSSL or a hardware service module supporting PKCS#11. On
-Linux, BIND requires the `libcap` library to set process privileges,
-though this requirement can be overridden by disabling capability
-support at compile time. See [Compile-time options](#opts) below
-for details on other libraries that may be required to support
-optional features.
-
-Successful builds have been observed on many versions of Linux and
-Unix, including RHEL/CentOS, Fedora, Debian, Ubuntu, SLES, openSUSE,
-Slackware, Alpine, FreeBSD, NetBSD, OpenBSD, macOS, Solaris,
-OpenIndiana, OmniOS CE, HP-UX, and OpenWRT.
-
-BIND 9 is also available for Windows Server 2012 R2 and higher. See
-`win32utils/build.txt` for details on building for Windows
-systems.
-
-To build on a Unix or Linux system, use:
-
-		$ autoreconf -fi (if you are building in the git repository)
-		$ ./configure
-		$ make
-
-If you're planning on making changes to the BIND 9 source, you should run
-`make depend`.  If you're using Emacs, you might find `make tags` helpful.
-
-Several environment variables, which can be set before running `configure`,
-affect compilation.  Significant ones are:
-
-|Variable|Description |
-|--------------------|-----------------------------------------------|
-|`CC`|The C compiler to use.  `configure` tries to figure out the right one for supported systems.|
-|`CFLAGS`|C compiler flags.  Defaults to include -g and/or -O2 as supported by the compiler.  Please include '-g' if you need to set `CFLAGS`. |
-|`LDFLAGS`|Linker flags. Defaults to empty string.|
-
-Additional environment variables affecting the build are listed at the
-end of the `configure` help text, which can be obtained by running the
-command:
-
-    $ ./configure --help
-
-#### <a name="macos"> macOS
-
-Building on macOS assumes that the "Command Tools for Xcode" are installed.
-These can be downloaded from
-[https://developer.apple.com/download/more/](https://developer.apple.com/download/more/)
-or, if you have Xcode already installed, you can run
-`xcode-select--install`. (Note that an Apple ID may be required to access the download
-page.)
-
-#### <a name="dependencies"> Dependencies
-
-To build BIND you need to have the following packages installed:
-
-    libuv
-    pkg-config / pkgconfig / pkgconf
-
-To build BIND from the git repository, you need the following tools
-installed:
-
-    autoconf (includes autoreconf)
-    automake
-    libtool
-    libltdl-dev (Debian) / libtool-ltdl-dev (Fedora/CentOS) / libltdl (FreeBSD)
-
-#### <a name="opts"/> Compile-time options
-
-To see a full list of configuration options, run `configure --help`.
-
-To build shared libraries, specify `--with-libtool` on the `configure`
-command line.
-
-For the server to support DNSSEC, you need to build it with crypto support.
-To use OpenSSL, you should have OpenSSL 1.0.2e or newer installed. If the
-OpenSSL library is installed in a nonstandard location, specify the prefix
-using `--with-openssl=<PREFIX>` on the configure command line. To use a
-PKCS#11 hardware service module for cryptographic operations, specify the
-path to the PKCS#11 provider library using `--with-pkcs11=<PREFIX>`, and
-configure BIND with `--enable-native-pkcs11`.
-
-To support the HTTP statistics channel, the server must be linked with at
-least one of the following libraries: `libxml2`
-[http://xmlsoft.org](http://xmlsoft.org) or `json-c`
-[https://github.com/json-c/json-c](https://github.com/json-c/json-c).
-If these are installed at a nonstandard location, then:
-
-* for `libxml2`, specify the prefix using `--with-libxml2=/prefix`.
-* for `json-c`, adjust `PKG_CONFIG_PATH`.
-
-To support compression on the HTTP statistics channel, the server must be
-linked against `libzlib`. If this is installed in a nonstandard location,
-specify the prefix using `--with-zlib=/prefix`.
-
-To support storing configuration data for runtime-added zones in an LMDB
-database, the server must be linked with `liblmdb`. If this is installed in a
-nonstandard location, specify the prefix using `with-lmdb=/prefix`.
-
-To support MaxMind GeoIP2 location-based ACLs, the server must be linked
-with `libmaxminddb`. This is turned on by default if the library is
-found; if the library is installed in a nonstandard location,
-specify the prefix using `--with-maxminddb=/prefix`. GeoIP2 support
-can be switched off with `--disable-geoip`.
-
-For DNSTAP packet logging, you must have installed `libfstrm`
-[https://github.com/farsightsec/fstrm](https://github.com/farsightsec/fstrm)
-and `libprotobuf-c`
-[https://developers.google.com/protocol-buffers](https://developers.google.com/protocol-buffers),
-and BIND must be configured with `--enable-dnstap`.
-
-Certain compiled-in constants and default settings can be decreased to
-values better suited to small machines, e.g. OpenWRT boxes, by specifying
-`--with-tuning=small` on the `configure` command line. This decreases
-memory usage by using smaller structures, but degrades performance.
-
-On Linux, process capabilities are managed in user space using
-the `libcap` library, which can be installed on most Linux systems via
-the `libcap-dev` or `libcap-devel` package. Process capability support can
-also be disabled by configuring with `--disable-linux-caps`.
-
-On some platforms it is necessary to explicitly request large file support
-to handle files bigger than 2GB.  This can be done by using
-`--enable-largefile` on the `configure` command line.
-
-Support for the "fixed" rrset-order option can be enabled or disabled by
-specifying `--enable-fixed-rrset` or `--disable-fixed-rrset` on the
-configure command line. By default, fixed rrset-order is disabled to
-reduce memory footprint.
-
-The `--enable-querytrace` option causes `named` to log every step of
-processing every query. The `--enable-singletrace` option turns on the
-same verbose tracing, but allows an individual query to be separately
-traced by setting its query ID to 0. These options should only be enabled
-when debugging, because they have a significant negative impact on query
-performance.
-
-`make install` installs `named` and the various BIND 9 libraries. By
-default, installation is into /usr/local, but this can be changed with the
-`--prefix` option when running `configure`.
-
-You may specify the option `--sysconfdir` to set the directory where
-configuration files like `named.conf` go by default, and `--localstatedir`
-to set the default parent directory of `run/named.pid`. `--sysconfdir`
-defaults to `$prefix/etc` and `--localstatedir` defaults to `$prefix/var`.
-
-### <a name="testing"/> Automated testing
-
-A system test suite can be run with `make check`. The system tests require
-you to configure a set of virtual IP addresses on your system (this allows
-multiple servers to run locally and communicate with each other). These
-IP addresses can be configured by running the command
-`bin/tests/system/ifconfig.sh up` as root.
-
-Some tests require Perl and the `Net::DNS` and/or `IO::Socket::INET6` modules,
-and are skipped if these are not available. Some tests require Python
-and the `dnspython` module and are skipped if these are not available.
-See bin/tests/system/README for further details.
-
-Unit tests are implemented using the CMocka unit testing framework. To build
-them, use `configure --with-cmocka`. Execution of tests is done by the automake
-parallel test driver; unit tests are also run by `make check`.
-
-### <a name="doc"/> Documentation
-
-The *BIND 9 Administrator Reference Manual* (ARM) is included with the source
-distribution, and in .rst format, in the `doc/arm`
-directory. HTML and PDF versions are automatically generated and can
-be viewed at [https://bind9.readthedocs.io/en/latest/index.html](https://bind9.readthedocs.io/en/latest/index.html).
-
-Man pages for some of the programs in the BIND 9 distribution
-are also included in the BIND ARM.
-
-Frequently (and not-so-frequently) asked questions and their answers
-can be found in the ISC Knowledgebase at
-[https://kb.isc.org](https://kb.isc.org).
-
-Additional information on various subjects can be found in other
-`README` files throughout the source tree.
-
-### <a name="changes"/> Change log
-
-A detailed list of all changes that have been made throughout the
-development of BIND 9 is included in the file CHANGES, with the most recent
-changes listed first. Change notes include tags indicating the category of
-the change that was made; these categories are:
-
-|Category	|Description	        			|
-|--------------	|-----------------------------------------------|
-| [func] | New feature |
-| [bug] | General bug fix |
-| [security] | Fix for a significant security flaw |
-| [experimental] | Used for new features when the syntax or other aspects of the design are still in flux and may change |
-| [port] | Portability enhancement |
-| [maint] | Updates to built-in data such as root server addresses and keys |
-| [tuning] | Changes to built-in configuration defaults and constants to improve performance |
-| [performance] | Other changes to improve server performance |
-| [protocol] | Updates to the DNS protocol such as new RR types |
-| [test] | Changes to the automatic tests, not affecting server functionality |
-| [cleanup] | Minor corrections and refactoring |
-| [doc] | Documentation |
-| [contrib] | Changes to the contributed tools and libraries in the 'contrib' subdirectory |
-| [placeholder] | Used in the master development branch to reserve change numbers for use in other branches, e.g., when fixing a bug that only exists in older releases |
-
-In general, [func] and [experimental] tags only appear in new-feature
-releases (i.e., those with version numbers ending in zero). Some new
-functionality may be backported to older releases on a case-by-case basis.
-All other change types may be applied to all currently supported releases.
-
-#### Bug report identifiers
-
-Most notes in the CHANGES file include a reference to a bug report or
-issue number. Prior to 2018, these were usually of the form `[RT #NNN]`
-and referred to entries in the "bind9-bugs" RT database, which was not open
-to the public. More recent entries use the form `[GL #NNN]` or, less often,
-`[GL !NNN]`, which, respectively, refer to issues or merge requests in the
-GitLab database. Most of these are publicly readable, unless they include
-information which is confidential or security-sensitive.
-
-To look up a GitLab issue by its number, use the URL
-[https://gitlab.isc.org/isc-projects/bind9/issues/NNN](https://gitlab.isc.org/isc-projects/bind9/issues).
-To look up a merge request, use
-[https://gitlab.isc.org/isc-projects/bind9/merge_requests/NNN](https://gitlab.isc.org/isc-projects/bind9/merge_requests).
-
-In rare cases, an issue or merge request number may be followed with the
-letter "P". This indicates that the information is in the private ISC
-GitLab instance, which is not visible to the public.
-
-### <a name="ack"/> Acknowledgments
-
-* The original development of BIND 9 was underwritten by the
-  following organizations:
-
-		Sun Microsystems, Inc.
-		Hewlett Packard
-		Compaq Computer Corporation
-		IBM
-		Process Software Corporation
-		Silicon Graphics, Inc.
-		Network Associates, Inc.
-		U.S. Defense Information Systems Agency
-		USENIX Association
-		Stichting NLnet - NLnet Foundation
-		Nominum, Inc.
-
-* This product includes software developed by the OpenSSL Project for use
-  in the OpenSSL Toolkit.
-  [https://www.OpenSSL.org/](https://www.OpenSSL.org/)
-* This product includes cryptographic software written by Eric Young
-  (eay@cryptsoft.com).
-* This product includes software written by Tim Hudson (tjh@cryptsoft.com).

acconfig.h

@@ -0,0 +1,151 @@
+/*
+ * Copyright (C) 2004, 2005, 2007  Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 1999-2003  Internet Software Consortium.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/* $Id: acconfig.h,v 1.51 2007/06/19 23:46:59 tbox Exp $ */
+
+/*! \file */
+
+/***
+ *** This file is not to be included by any public header files, because
+ *** it does not get installed.
+ ***/
+@TOP@
+
+/** define to `int' if <sys/types.h> doesn't define.  */
+#undef ssize_t
+
+/** define on DEC OSF to enable 4.4BSD style sa_len support */
+#undef _SOCKADDR_LEN
+
+/** define if your system needs pthread_init() before using pthreads */
+#undef NEED_PTHREAD_INIT
+
+/** define if your system has sigwait() */
+#undef HAVE_SIGWAIT
+
+/** define if sigwait() is the UnixWare flavor */
+#undef HAVE_UNIXWARE_SIGWAIT
+
+/** define on Solaris to get sigwait() to work using pthreads semantics */
+#undef _POSIX_PTHREAD_SEMANTICS
+
+/** define if LinuxThreads is in use */
+#undef HAVE_LINUXTHREADS
+
+/** define if sysconf() is available */
+#undef HAVE_SYSCONF
+
+/** define if sysctlbyname() is available */
+#undef HAVE_SYSCTLBYNAME
+
+/** define if catgets() is available */
+#undef HAVE_CATGETS
+
+/** define if getifaddrs() exists */
+#undef HAVE_GETIFADDRS
+
+/** define if you have the NET_RT_IFLIST sysctl variable and sys/sysctl.h */
+#undef HAVE_IFLIST_SYSCTL
+
+/** define if chroot() is available */
+#undef HAVE_CHROOT
+
+/** define if tzset() is available */
+#undef HAVE_TZSET
+
+/** define if struct addrinfo exists */
+#undef HAVE_ADDRINFO
+
+/** define if getaddrinfo() exists */
+#undef HAVE_GETADDRINFO
+
+/** define if gai_strerror() exists */
+#undef HAVE_GAISTRERROR
+
+/** define if arc4random() exists */
+#undef HAVE_ARC4RANDOM
+
+/**
+ * define if pthread_setconcurrency() should be called to tell the
+ * OS how many threads we might want to run.
+ */
+#undef CALL_PTHREAD_SETCONCURRENCY
+
+/** define if IPv6 is not disabled */
+#undef WANT_IPV6
+
+/** define if flockfile() is available */
+#undef HAVE_FLOCKFILE
+
+/** define if getc_unlocked() is available */
+#undef HAVE_GETCUNLOCKED
+
+/** Shut up warnings about sputaux in stdio.h on BSD/OS pre-4.1 */
+#undef SHUTUP_SPUTAUX
+#ifdef SHUTUP_SPUTAUX
+struct __sFILE;
+extern __inline int __sputaux(int _c, struct __sFILE *_p);
+#endif
+
+/** Shut up warnings about missing sigwait prototype on BSD/OS 4.0* */
+#undef SHUTUP_SIGWAIT
+#ifdef SHUTUP_SIGWAIT
+int sigwait(const unsigned int *set, int *sig);
+#endif
+
+/** Shut up warnings from gcc -Wcast-qual on BSD/OS 4.1. */
+#undef SHUTUP_STDARG_CAST
+#if defined(SHUTUP_STDARG_CAST) && defined(__GNUC__)
+#include <stdarg.h>		/** Grr.  Must be included *every time*. */
+/**
+ * The silly continuation line is to keep configure from
+ * commenting out the #undef.
+ */
+ 
+#undef \
+	va_start
+#define	va_start(ap, last) \
+	do { \
+		union { const void *konst; long *var; } _u; \
+		_u.konst = &(last); \
+		ap = (va_list)(_u.var + __va_words(__typeof(last))); \
+	} while (0)
+#endif /** SHUTUP_STDARG_CAST && __GNUC__ */
+
+/** define if the system has a random number generating device */
+#undef PATH_RANDOMDEV
+
+/** define if pthread_attr_getstacksize() is available */
+#undef HAVE_PTHREAD_ATTR_GETSTACKSIZE
+
+/** define if pthread_attr_setstacksize() is available */
+#undef HAVE_PTHREAD_ATTR_SETSTACKSIZE
+
+/** define if you have strerror in the C library. */
+#undef HAVE_STRERROR
+
+/** Define if you are running under Compaq TruCluster. */
+#undef HAVE_TRUCLUSTER
+
+/* Define if OpenSSL includes DSA support */
+#undef HAVE_OPENSSL_DSA
+
+/* Define to the length type used by the socket API (socklen_t, size_t, int). */
+#undef ISC_SOCKADDR_LEN_T
+
+/* Define if threads need PTHREAD_SCOPE_SYSTEM */
+#undef NEED_PTHREAD_SCOPE_SYSTEM

aclocal.m4

@@ -0,0 +1,2 @@
+sinclude(./libtool.m4)dnl
+

bin/Makefile.am

@@ -1,5 +0,0 @@
-SUBDIRS = named rndc dig delv dnssec tools nsupdate check confgen tests plugins
-
-if HAVE_PKCS11
-SUBDIRS += pkcs11
-endif

bin/Makefile.in

@@ -0,0 +1,25 @@
+# Copyright (C) 2004, 2007  Internet Systems Consortium, Inc. ("ISC")
+# Copyright (C) 1998-2001  Internet Software Consortium.
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+# $Id: Makefile.in,v 1.25 2007/06/19 23:46:59 tbox Exp $
+
+srcdir =	@srcdir@
+VPATH =		@srcdir@
+top_srcdir =	@top_srcdir@
+
+SUBDIRS =	named rndc dig dnssec tests nsupdate check
+TARGETS =
+
+@BIND9_MAKE_RULES@

bin/check/.cvsignore

@@ -0,0 +1,6 @@
+Makefile
+.libs
+*.la
+*.lo
+named-checkconf
+named-checkzone

bin/check/.gitignore

@@ -1,3 +0,0 @@
-.libs
-named-checkconf
-named-checkzone

bin/check/Makefile.am

@@ -1,34 +0,0 @@
-include $(top_srcdir)/Makefile.top
-
-AM_CPPFLAGS +=			\
-	$(LIBISC_CFLAGS)	\
-	$(LIBDNS_CFLAGS)	\
-	$(LIBNS_CFLAGS)		\
-	$(LIBISCCFG_CFLAGS)	\
-	$(LIBBIND9_CFLAGS)
-
-AM_CPPFLAGS +=						\
-	-DNAMED_CONFFILE=\"${sysconfdir}/named.conf\"
-
-noinst_LTLIBRARIES = libcheck-tool.la
-
-libcheck_tool_la_SOURCES =	\
-	check-tool.h		\
-	check-tool.c
-
-LDADD =				\
-	libcheck-tool.la	\
-	$(LIBISC_LIBS)		\
-	$(LIBDNS_LIBS)		\
-	$(LIBNS_LIBS)		\
-	$(LIBISCCFG_LIBS)	\
-	$(LIBBIND9_LIBS)
-
-bin_PROGRAMS = named-checkconf named-checkzone
-
-install-exec-hook:
-	ln -f $(DESTDIR)$(bindir)/named-checkzone \
-	      $(DESTDIR)$(bindir)/named-compilezone
-
-uninstall-hook:
-	-rm -f $(DESTDIR)$(bindir)/named-compilezone

bin/check/Makefile.in

@@ -0,0 +1,98 @@
+# Copyright (C) 2004-2007  Internet Systems Consortium, Inc. ("ISC")
+# Copyright (C) 2000-2003  Internet Software Consortium.
+#
+# Permission to use, copy, modify, and/or distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# PERFORMANCE OF THIS SOFTWARE.
+
+# $Id: Makefile.in,v 1.32 2007/06/19 23:46:59 tbox Exp $
+
+srcdir =	@srcdir@
+VPATH =		@srcdir@
+top_srcdir =	@top_srcdir@
+
+@BIND9_VERSION@
+
+@BIND9_MAKE_INCLUDES@
+
+CINCLUDES =	${BIND9_INCLUDES} ${DNS_INCLUDES} ${ISCCFG_INCLUDES} \
+		${ISC_INCLUDES}
+
+CDEFINES = 	-DNAMED_CONFFILE=\"${sysconfdir}/named.conf\"
+CWARNINGS =
+
+DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_CRYPTO_LIBS@
+ISCCFGLIBS =	../../lib/isccfg/libisccfg.@A@
+ISCLIBS =	../../lib/isc/libisc.@A@
+BIND9LIBS =	../../lib/bind9/libbind9.@A@
+
+DNSDEPLIBS =	../../lib/dns/libdns.@A@
+ISCCFGDEPLIBS =	../../lib/isccfg/libisccfg.@A@
+ISCDEPLIBS =	../../lib/isc/libisc.@A@
+BIND9DEPLIBS =	../../lib/bind9/libbind9.@A@
+
+LIBS =		@LIBS@
+
+SUBDIRS =
+
+# Alphabetically
+TARGETS =	named-checkconf@EXEEXT@ named-checkzone@EXEEXT@
+
+# Alphabetically
+SRCS =		named-checkconf.c named-checkzone.c check-tool.c
+
+MANPAGES =	named-checkconf.8 named-checkzone.8
+
+HTMLPAGES =	named-checkconf.html named-checkzone.html
+
+MANOBJS =	${MANPAGES} ${HTMLPAGES}
+
+@BIND9_MAKE_RULES@
+
+named-checkconf.@O@: named-checkconf.c
+	${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \
+		-DVERSION=\"${VERSION}\" \
+		-c ${srcdir}/named-checkconf.c
+
+named-checkzone.@O@: named-checkzone.c
+	${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \
+		-DVERSION=\"${VERSION}\" \
+		-c ${srcdir}/named-checkzone.c
+
+named-checkconf@EXEEXT@: named-checkconf.@O@ check-tool.@O@ ${ISCDEPLIBS} \
+		${ISCCFGDEPLIBS} ${BIND9DEPLIBS}
+	${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \
+	named-checkconf.@O@ check-tool.@O@ ${BIND9LIBS} ${ISCCFGLIBS} \
+	${DNSLIBS} ${ISCLIBS} ${LIBS}
+
+named-checkzone@EXEEXT@: named-checkzone.@O@ check-tool.@O@ ${ISCDEPLIBS} ${DNSDEPLIBS}
+	${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \
+	named-checkzone.@O@ check-tool.@O@ ${ISCCFGLIBS} ${DNSLIBS} \
+	${ISCLIBS} ${LIBS}
+
+doc man:: ${MANOBJS}
+
+docclean manclean maintainer-clean::
+	rm -f ${MANOBJS}
+
+installdirs:
+	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${sbindir}
+	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${mandir}/man8
+
+install:: named-checkconf@EXEEXT@ named-checkzone@EXEEXT@ installdirs
+	${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named-checkconf@EXEEXT@ ${DESTDIR}${sbindir}
+	${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named-checkzone@EXEEXT@ ${DESTDIR}${sbindir}
+	(cd ${DESTDIR}${sbindir}; rm -f named-compilezone@EXEEXT@; ${LINK_PROGRAM} named-checkzone@EXEEXT@ named-compilezone@EXEEXT@)
+	for m in ${MANPAGES}; do ${INSTALL_DATA} ${srcdir}/$$m ${DESTDIR}${mandir}/man8; done
+	(cd ${DESTDIR}${mandir}/man8; rm -f named-compilezone.8; ${LINK_PROGRAM} named-checkzone.8 named-compilezone.8)
+
+clean distclean::
+	rm -f ${TARGETS} r1.htm

bin/check/check-tool.c

@@ -1,30 +1,34 @@
 /*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2007  Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2000-2002  Internet Software Consortium.
  *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
  *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
  */
 
+/* $Id: check-tool.c,v 1.31 2007/09/13 04:45:18 each Exp $ */
+
 /*! \file */
 
-#include <inttypes.h>
-#include <stdbool.h>
+#include <config.h>
+
 #include <stdio.h>
 
-#ifdef _WIN32
-#include <Winsock2.h>
-#endif /* ifdef _WIN32 */
-
+#include "check-tool.h"
 #include <isc/buffer.h>
 #include <isc/log.h>
 #include <isc/mem.h>
-#include <isc/net.h>
 #include <isc/netdb.h>
-#include <isc/print.h>
+#include <isc/net.h>
 #include <isc/region.h>
 #include <isc/stdio.h>
 #include <isc/string.h>
@@ -32,79 +36,70 @@
 #include <isc/types.h>
 #include <isc/util.h>
 
-#include <dns/db.h>
-#include <dns/dbiterator.h>
 #include <dns/fixedname.h>
 #include <dns/log.h>
 #include <dns/name.h>
 #include <dns/rdata.h>
 #include <dns/rdataclass.h>
 #include <dns/rdataset.h>
-#include <dns/rdatasetiter.h>
-#include <dns/rdatatype.h>
-#include <dns/result.h>
 #include <dns/types.h>
 #include <dns/zone.h>
 
 #include <isccfg/log.h>
 
-#include <ns/log.h>
+#ifdef HAVE_ADDRINFO
+#ifdef HAVE_GETADDRINFO
+#ifdef HAVE_GAISTRERROR
+#define USE_GETADDRINFO
+#endif
+#endif
+#endif
 
-#include "check-tool.h"
-
-#ifndef CHECK_SIBLING
-#define CHECK_SIBLING 1
-#endif /* ifndef CHECK_SIBLING */
-
-#ifndef CHECK_LOCAL
-#define CHECK_LOCAL 1
-#endif /* ifndef CHECK_LOCAL */
-
-#define CHECK(r)                             \
-	do {                                 \
-		result = (r);                \
+#define CHECK(r) \
+	do { \
+		result = (r); \
 		if (result != ISC_R_SUCCESS) \
-			goto cleanup;        \
-	} while (0)
+			goto cleanup; \
+	} while (0)   
 
-#define ERR_IS_CNAME	   1
-#define ERR_NO_ADDRESSES   2
+#define ERR_IS_CNAME 1
+#define ERR_NO_ADDRESSES 2
 #define ERR_LOOKUP_FAILURE 3
-#define ERR_EXTRA_A	   4
-#define ERR_EXTRA_AAAA	   5
-#define ERR_MISSING_GLUE   5
-#define ERR_IS_MXCNAME	   6
-#define ERR_IS_SRVCNAME	   7
+#define ERR_EXTRA_A 4
+#define ERR_EXTRA_AAAA 5
+#define ERR_MISSING_GLUE 5
+#define ERR_IS_MXCNAME 6
+#define ERR_IS_SRVCNAME 7
 
 static const char *dbtype[] = { "rbt" };
 
 int debug = 0;
-const char *journal = NULL;
-bool nomerge = true;
-#if CHECK_LOCAL
-bool docheckmx = true;
-bool dochecksrv = true;
-bool docheckns = true;
-#else  /* if CHECK_LOCAL */
-bool docheckmx = false;
-bool dochecksrv = false;
-bool docheckns = false;
-#endif /* if CHECK_LOCAL */
-dns_zoneopt_t zone_options = DNS_ZONEOPT_CHECKNS | DNS_ZONEOPT_CHECKMX |
-			     DNS_ZONEOPT_MANYERRORS | DNS_ZONEOPT_CHECKNAMES |
-			     DNS_ZONEOPT_CHECKINTEGRITY |
-#if CHECK_SIBLING
-			     DNS_ZONEOPT_CHECKSIBLING |
-#endif /* if CHECK_SIBLING */
-			     DNS_ZONEOPT_CHECKWILDCARD |
-			     DNS_ZONEOPT_WARNMXCNAME | DNS_ZONEOPT_WARNSRVCNAME;
+isc_boolean_t nomerge = ISC_TRUE;
+isc_boolean_t docheckmx = ISC_TRUE;
+isc_boolean_t dochecksrv = ISC_TRUE;
+isc_boolean_t docheckns = ISC_TRUE;
+unsigned int zone_options = DNS_ZONEOPT_CHECKNS | 
+			    DNS_ZONEOPT_CHECKMX |
+			    DNS_ZONEOPT_MANYERRORS |
+			    DNS_ZONEOPT_CHECKNAMES |
+			    DNS_ZONEOPT_CHECKINTEGRITY |
+			    DNS_ZONEOPT_CHECKWILDCARD |
+			    DNS_ZONEOPT_WARNMXCNAME |
+			    DNS_ZONEOPT_WARNSRVCNAME;
 
 /*
  * This needs to match the list in bin/named/log.c.
  */
-static isc_logcategory_t categories[] = { { "", 0 },
-					  { "unmatched", 0 },
-					  { NULL, 0 } };
+static isc_logcategory_t categories[] = {
+	{ "",		     0 },
+	{ "client",	     0 },
+	{ "network",	     0 },
+	{ "update",	     0 },
+	{ "queries",	     0 },
+	{ "unmatched", 	     0 },
+	{ "update-security", 0 },
+	{ NULL,		     0 }
+};
 
 static isc_symtab_t *symtab = NULL;
 static isc_mem_t *sym_mctx;
@@ -114,7 +109,7 @@ freekey(char *key, unsigned int type, isc_symvalue_t value, void *userarg) {
 	UNUSED(type);
 	UNUSED(value);
 	isc_mem_free(userarg, key);
-}
+} 
 
 static void
 add(char *key, int value) {
@@ -122,53 +117,55 @@ add(char *key, int value) {
 	isc_symvalue_t symvalue;
 
 	if (sym_mctx == NULL) {
-		isc_mem_create(&sym_mctx);
+		result = isc_mem_create(0, 0, &sym_mctx);
+		if (result != ISC_R_SUCCESS)
+			return;
 	}
 
 	if (symtab == NULL) {
 		result = isc_symtab_create(sym_mctx, 100, freekey, sym_mctx,
-					   false, &symtab);
-		if (result != ISC_R_SUCCESS) {
+					   ISC_FALSE, &symtab);
+		if (result != ISC_R_SUCCESS)
 			return;
-		}
 	}
 
 	key = isc_mem_strdup(sym_mctx, key);
+	if (key == NULL)
+		return;
 
 	symvalue.as_pointer = NULL;
 	result = isc_symtab_define(symtab, key, value, symvalue,
 				   isc_symexists_reject);
-	if (result != ISC_R_SUCCESS) {
+	if (result != ISC_R_SUCCESS)
 		isc_mem_free(sym_mctx, key);
-	}
 }
 
-static bool
+static isc_boolean_t
 logged(char *key, int value) {
 	isc_result_t result;
 
-	if (symtab == NULL) {
-		return (false);
-	}
+	if (symtab == NULL)
+		return (ISC_FALSE);
 
 	result = isc_symtab_lookup(symtab, key, value, NULL);
-	if (result == ISC_R_SUCCESS) {
-		return (true);
-	}
-	return (false);
+	if (result == ISC_R_SUCCESS)
+		return (ISC_TRUE);
+	return (ISC_FALSE);
 }
 
-static bool
-checkns(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner,
-	dns_rdataset_t *a, dns_rdataset_t *aaaa) {
+static isc_boolean_t
+checkns(dns_zone_t *zone, dns_name_t *name, dns_name_t *owner,
+	dns_rdataset_t *a, dns_rdataset_t *aaaa)
+{
+#ifdef USE_GETADDRINFO
 	dns_rdataset_t *rdataset;
 	dns_rdata_t rdata = DNS_RDATA_INIT;
 	struct addrinfo hints, *ai, *cur;
 	char namebuf[DNS_NAME_FORMATSIZE + 1];
 	char ownerbuf[DNS_NAME_FORMATSIZE];
 	char addrbuf[sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:123.123.123.123")];
-	bool answer = true;
-	bool match;
+	isc_boolean_t answer = ISC_TRUE;
+	isc_boolean_t match;
 	const char *type;
 	void *ptr = NULL;
 	int result;
@@ -177,11 +174,6 @@ checkns(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner,
 		a->type == dns_rdatatype_a);
 	REQUIRE(aaaa == NULL || !dns_rdataset_isassociated(aaaa) ||
 		aaaa->type == dns_rdatatype_aaaa);
-
-	if (a == NULL || aaaa == NULL) {
-		return (answer);
-	}
-
 	memset(&hints, 0, sizeof(hints));
 	hints.ai_flags = AI_CANONNAME;
 	hints.ai_family = PF_UNSPEC;
@@ -192,9 +184,8 @@ checkns(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner,
 	/*
 	 * Turn off search.
 	 */
-	if (dns_name_countlabels(name) > 1U) {
-		strlcat(namebuf, ".", sizeof(namebuf));
-	}
+	if (dns_name_countlabels(name) > 1U)
+		strcat(namebuf, ".");
 	dns_name_format(owner, ownerbuf, sizeof(ownerbuf));
 
 	result = getaddrinfo(namebuf, NULL, &hints, &ai);
@@ -207,26 +198,24 @@ checkns(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner,
 		 */
 		cur = ai;
 		while (cur != NULL && cur->ai_canonname == NULL &&
-		       cur->ai_next != NULL) {
+		       cur->ai_next != NULL)
 			cur = cur->ai_next;
-		}
-		if (cur != NULL && cur->ai_canonname != NULL &&
-		    strcasecmp(cur->ai_canonname, namebuf) != 0 &&
-		    !logged(namebuf, ERR_IS_CNAME))
-		{
+		if (ai != NULL && cur->ai_canonname != NULL &&
+		    strcasecmp(ai->ai_canonname, namebuf) != 0 &&
+		    !logged(namebuf, ERR_IS_CNAME)) {
 			dns_zone_log(zone, ISC_LOG_ERROR,
 				     "%s/NS '%s' (out of zone) "
-				     "is a CNAME '%s' (illegal)",
-				     ownerbuf, namebuf, cur->ai_canonname);
+				     "is a CNAME (illegal)",
+				     ownerbuf, namebuf);
 			/* XXX950 make fatal for 9.5.0 */
-			/* answer = false; */
+			/* answer = ISC_FALSE; */
 			add(namebuf, ERR_IS_CNAME);
 		}
 		break;
 	case EAI_NONAME:
 #if defined(EAI_NODATA) && (EAI_NODATA != EAI_NONAME)
 	case EAI_NODATA:
-#endif /* if defined(EAI_NODATA) && (EAI_NODATA != EAI_NONAME) */
+#endif
 		if (!logged(namebuf, ERR_NO_ADDRESSES)) {
 			dns_zone_log(zone, ISC_LOG_ERROR,
 				     "%s/NS '%s' (out of zone) "
@@ -235,154 +224,144 @@ checkns(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner,
 			add(namebuf, ERR_NO_ADDRESSES);
 		}
 		/* XXX950 make fatal for 9.5.0 */
-		return (true);
+		return (ISC_TRUE);
 
 	default:
 		if (!logged(namebuf, ERR_LOOKUP_FAILURE)) {
 			dns_zone_log(zone, ISC_LOG_WARNING,
-				     "getaddrinfo(%s) failed: %s", namebuf,
-				     gai_strerror(result));
+				     "getaddrinfo(%s) failed: %s",
+				     namebuf, gai_strerror(result));
 			add(namebuf, ERR_LOOKUP_FAILURE);
 		}
-		return (true);
+		return (ISC_TRUE);
 	}
-
+	if (a == NULL || aaaa == NULL)
+		return (answer);
 	/*
 	 * Check that all glue records really exist.
 	 */
-	if (!dns_rdataset_isassociated(a)) {
+	if (!dns_rdataset_isassociated(a))
 		goto checkaaaa;
-	}
 	result = dns_rdataset_first(a);
 	while (result == ISC_R_SUCCESS) {
 		dns_rdataset_current(a, &rdata);
-		match = false;
+		match = ISC_FALSE;
 		for (cur = ai; cur != NULL; cur = cur->ai_next) {
-			if (cur->ai_family != AF_INET) {
+			if (cur->ai_family != AF_INET)
 				continue;
-			}
 			ptr = &((struct sockaddr_in *)(cur->ai_addr))->sin_addr;
 			if (memcmp(ptr, rdata.data, rdata.length) == 0) {
-				match = true;
+				match = ISC_TRUE;
 				break;
 			}
 		}
 		if (!match && !logged(namebuf, ERR_EXTRA_A)) {
-			dns_zone_log(zone, ISC_LOG_ERROR,
-				     "%s/NS '%s' "
+			dns_zone_log(zone, ISC_LOG_ERROR, "%s/NS '%s' "
 				     "extra GLUE A record (%s)",
 				     ownerbuf, namebuf,
-				     inet_ntop(AF_INET, rdata.data, addrbuf,
-					       sizeof(addrbuf)));
+				     inet_ntop(AF_INET, rdata.data,
+					       addrbuf, sizeof(addrbuf)));
 			add(namebuf, ERR_EXTRA_A);
 			/* XXX950 make fatal for 9.5.0 */
-			/* answer = false; */
+			/* answer = ISC_FALSE; */
 		}
 		dns_rdata_reset(&rdata);
 		result = dns_rdataset_next(a);
 	}
 
-checkaaaa:
-	if (!dns_rdataset_isassociated(aaaa)) {
+ checkaaaa:
+	if (!dns_rdataset_isassociated(aaaa))
 		goto checkmissing;
-	}
 	result = dns_rdataset_first(aaaa);
 	while (result == ISC_R_SUCCESS) {
 		dns_rdataset_current(aaaa, &rdata);
-		match = false;
+		match = ISC_FALSE;
 		for (cur = ai; cur != NULL; cur = cur->ai_next) {
-			if (cur->ai_family != AF_INET6) {
+			if (cur->ai_family != AF_INET6)
 				continue;
-			}
-			ptr = &((struct sockaddr_in6 *)(cur->ai_addr))
-				       ->sin6_addr;
+			ptr = &((struct sockaddr_in6 *)(cur->ai_addr))->sin6_addr;
 			if (memcmp(ptr, rdata.data, rdata.length) == 0) {
-				match = true;
+				match = ISC_TRUE;
 				break;
 			}
 		}
 		if (!match && !logged(namebuf, ERR_EXTRA_AAAA)) {
-			dns_zone_log(zone, ISC_LOG_ERROR,
-				     "%s/NS '%s' "
+			dns_zone_log(zone, ISC_LOG_ERROR, "%s/NS '%s' "
 				     "extra GLUE AAAA record (%s)",
 				     ownerbuf, namebuf,
-				     inet_ntop(AF_INET6, rdata.data, addrbuf,
-					       sizeof(addrbuf)));
+				     inet_ntop(AF_INET6, rdata.data,
+					       addrbuf, sizeof(addrbuf)));
 			add(namebuf, ERR_EXTRA_AAAA);
 			/* XXX950 make fatal for 9.5.0. */
-			/* answer = false; */
+			/* answer = ISC_FALSE; */
 		}
 		dns_rdata_reset(&rdata);
 		result = dns_rdataset_next(aaaa);
 	}
 
-checkmissing:
+ checkmissing:
 	/*
 	 * Check that all addresses appear in the glue.
 	 */
 	if (!logged(namebuf, ERR_MISSING_GLUE)) {
-		bool missing_glue = false;
+		isc_boolean_t missing_glue = ISC_FALSE;
 		for (cur = ai; cur != NULL; cur = cur->ai_next) {
 			switch (cur->ai_family) {
 			case AF_INET:
 				rdataset = a;
-				ptr = &((struct sockaddr_in *)(cur->ai_addr))
-					       ->sin_addr;
+				ptr = &((struct sockaddr_in *)(cur->ai_addr))->sin_addr;
 				type = "A";
 				break;
 			case AF_INET6:
 				rdataset = aaaa;
-				ptr = &((struct sockaddr_in6 *)(cur->ai_addr))
-					       ->sin6_addr;
+				ptr = &((struct sockaddr_in6 *)(cur->ai_addr))->sin6_addr;
 				type = "AAAA";
 				break;
 			default:
-				continue;
+				 continue;
 			}
-			match = false;
-			if (dns_rdataset_isassociated(rdataset)) {
+			match = ISC_FALSE;
+			if (dns_rdataset_isassociated(rdataset))
 				result = dns_rdataset_first(rdataset);
-			} else {
+			else
 				result = ISC_R_FAILURE;
-			}
 			while (result == ISC_R_SUCCESS && !match) {
 				dns_rdataset_current(rdataset, &rdata);
 				if (memcmp(ptr, rdata.data, rdata.length) == 0)
-				{
-					match = true;
-				}
+					match = ISC_TRUE;
 				dns_rdata_reset(&rdata);
 				result = dns_rdataset_next(rdataset);
 			}
 			if (!match) {
-				dns_zone_log(zone, ISC_LOG_ERROR,
-					     "%s/NS '%s' "
+				dns_zone_log(zone, ISC_LOG_ERROR, "%s/NS '%s' "
 					     "missing GLUE %s record (%s)",
 					     ownerbuf, namebuf, type,
 					     inet_ntop(cur->ai_family, ptr,
-						       addrbuf,
-						       sizeof(addrbuf)));
+						       addrbuf, sizeof(addrbuf)));
 				/* XXX950 make fatal for 9.5.0. */
-				/* answer = false; */
-				missing_glue = true;
+				/* answer = ISC_FALSE; */
+				missing_glue = ISC_TRUE;
 			}
 		}
-		if (missing_glue) {
+		if (missing_glue)
 			add(namebuf, ERR_MISSING_GLUE);
-		}
 	}
 	freeaddrinfo(ai);
 	return (answer);
+#else
+	return (ISC_TRUE);
+#endif
 }
 
-static bool
-checkmx(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner) {
+static isc_boolean_t
+checkmx(dns_zone_t *zone, dns_name_t *name, dns_name_t *owner) {
+#ifdef USE_GETADDRINFO
 	struct addrinfo hints, *ai, *cur;
 	char namebuf[DNS_NAME_FORMATSIZE + 1];
 	char ownerbuf[DNS_NAME_FORMATSIZE];
 	int result;
 	int level = ISC_LOG_ERROR;
-	bool answer = true;
+	isc_boolean_t answer = ISC_TRUE;
 
 	memset(&hints, 0, sizeof(hints));
 	hints.ai_flags = AI_CANONNAME;
@@ -394,11 +373,10 @@ checkmx(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner) {
 	/*
 	 * Turn off search.
 	 */
-	if (dns_name_countlabels(name) > 1U) {
-		strlcat(namebuf, ".", sizeof(namebuf));
-	}
+	if (dns_name_countlabels(name) > 1U)
+		strcat(namebuf, ".");
 	dns_name_format(owner, ownerbuf, sizeof(ownerbuf));
-
+	
 	result = getaddrinfo(namebuf, NULL, &hints, &ai);
 	dns_name_format(name, namebuf, sizeof(namebuf) - 1);
 	switch (result) {
@@ -409,28 +387,22 @@ checkmx(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner) {
 		 */
 		cur = ai;
 		while (cur != NULL && cur->ai_canonname == NULL &&
-		       cur->ai_next != NULL) {
+		       cur->ai_next != NULL)
 			cur = cur->ai_next;
-		}
 		if (cur != NULL && cur->ai_canonname != NULL &&
-		    strcasecmp(cur->ai_canonname, namebuf) != 0)
-		{
-			if ((zone_options & DNS_ZONEOPT_WARNMXCNAME) != 0) {
+		    strcasecmp(cur->ai_canonname, namebuf) != 0) {
+			if ((zone_options & DNS_ZONEOPT_WARNMXCNAME) != 0)
 				level = ISC_LOG_WARNING;
-			}
 			if ((zone_options & DNS_ZONEOPT_IGNOREMXCNAME) == 0) {
 				if (!logged(namebuf, ERR_IS_MXCNAME)) {
 					dns_zone_log(zone, level,
 						     "%s/MX '%s' (out of zone)"
-						     " is a CNAME '%s' "
-						     "(illegal)",
-						     ownerbuf, namebuf,
-						     cur->ai_canonname);
+						     " is a CNAME (illegal)",
+						     ownerbuf, namebuf);
 					add(namebuf, ERR_IS_MXCNAME);
 				}
-				if (level == ISC_LOG_ERROR) {
-					answer = false;
-				}
+				if (level == ISC_LOG_ERROR)
+					answer = ISC_FALSE;
 			}
 		}
 		freeaddrinfo(ai);
@@ -439,7 +411,7 @@ checkmx(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner) {
 	case EAI_NONAME:
 #if defined(EAI_NODATA) && (EAI_NODATA != EAI_NONAME)
 	case EAI_NODATA:
-#endif /* if defined(EAI_NODATA) && (EAI_NODATA != EAI_NONAME) */
+#endif
 		if (!logged(namebuf, ERR_NO_ADDRESSES)) {
 			dns_zone_log(zone, ISC_LOG_ERROR,
 				     "%s/MX '%s' (out of zone) "
@@ -448,27 +420,31 @@ checkmx(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner) {
 			add(namebuf, ERR_NO_ADDRESSES);
 		}
 		/* XXX950 make fatal for 9.5.0. */
-		return (true);
+		return (ISC_TRUE);
 
 	default:
 		if (!logged(namebuf, ERR_LOOKUP_FAILURE)) {
 			dns_zone_log(zone, ISC_LOG_WARNING,
-				     "getaddrinfo(%s) failed: %s", namebuf,
-				     gai_strerror(result));
+			     "getaddrinfo(%s) failed: %s",
+			     namebuf, gai_strerror(result));
 			add(namebuf, ERR_LOOKUP_FAILURE);
 		}
-		return (true);
+		return (ISC_TRUE);
 	}
+#else
+	return (ISC_TRUE);
+#endif
 }
 
-static bool
-checksrv(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner) {
+static isc_boolean_t
+checksrv(dns_zone_t *zone, dns_name_t *name, dns_name_t *owner) {
+#ifdef USE_GETADDRINFO
 	struct addrinfo hints, *ai, *cur;
 	char namebuf[DNS_NAME_FORMATSIZE + 1];
 	char ownerbuf[DNS_NAME_FORMATSIZE];
 	int result;
 	int level = ISC_LOG_ERROR;
-	bool answer = true;
+	isc_boolean_t answer = ISC_TRUE;
 
 	memset(&hints, 0, sizeof(hints));
 	hints.ai_flags = AI_CANONNAME;
@@ -480,11 +456,10 @@ checksrv(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner) {
 	/*
 	 * Turn off search.
 	 */
-	if (dns_name_countlabels(name) > 1U) {
-		strlcat(namebuf, ".", sizeof(namebuf));
-	}
+	if (dns_name_countlabels(name) > 1U)
+		strcat(namebuf, ".");
 	dns_name_format(owner, ownerbuf, sizeof(ownerbuf));
-
+	
 	result = getaddrinfo(namebuf, NULL, &hints, &ai);
 	dns_name_format(name, namebuf, sizeof(namebuf) - 1);
 	switch (result) {
@@ -495,28 +470,22 @@ checksrv(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner) {
 		 */
 		cur = ai;
 		while (cur != NULL && cur->ai_canonname == NULL &&
-		       cur->ai_next != NULL) {
+		       cur->ai_next != NULL)
 			cur = cur->ai_next;
-		}
 		if (cur != NULL && cur->ai_canonname != NULL &&
-		    strcasecmp(cur->ai_canonname, namebuf) != 0)
-		{
-			if ((zone_options & DNS_ZONEOPT_WARNSRVCNAME) != 0) {
+		    strcasecmp(cur->ai_canonname, namebuf) != 0) {
+			if ((zone_options & DNS_ZONEOPT_WARNSRVCNAME) != 0)
 				level = ISC_LOG_WARNING;
-			}
 			if ((zone_options & DNS_ZONEOPT_IGNORESRVCNAME) == 0) {
 				if (!logged(namebuf, ERR_IS_SRVCNAME)) {
-					dns_zone_log(zone, level,
-						     "%s/SRV '%s'"
+					dns_zone_log(zone, level, "%s/SRV '%s'"
 						     " (out of zone) is a "
-						     "CNAME '%s' (illegal)",
-						     ownerbuf, namebuf,
-						     cur->ai_canonname);
+						     "CNAME (illegal)",
+						     ownerbuf, namebuf);
 					add(namebuf, ERR_IS_SRVCNAME);
 				}
-				if (level == ISC_LOG_ERROR) {
-					answer = false;
-				}
+				if (level == ISC_LOG_ERROR)
+					answer = ISC_FALSE;
 			}
 		}
 		freeaddrinfo(ai);
@@ -525,7 +494,7 @@ checksrv(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner) {
 	case EAI_NONAME:
 #if defined(EAI_NODATA) && (EAI_NODATA != EAI_NONAME)
 	case EAI_NODATA:
-#endif /* if defined(EAI_NODATA) && (EAI_NODATA != EAI_NONAME) */
+#endif
 		if (!logged(namebuf, ERR_NO_ADDRESSES)) {
 			dns_zone_log(zone, ISC_LOG_ERROR,
 				     "%s/SRV '%s' (out of zone) "
@@ -534,17 +503,20 @@ checksrv(dns_zone_t *zone, const dns_name_t *name, const dns_name_t *owner) {
 			add(namebuf, ERR_NO_ADDRESSES);
 		}
 		/* XXX950 make fatal for 9.5.0. */
-		return (true);
+		return (ISC_TRUE);
 
 	default:
 		if (!logged(namebuf, ERR_LOOKUP_FAILURE)) {
 			dns_zone_log(zone, ISC_LOG_WARNING,
-				     "getaddrinfo(%s) failed: %s", namebuf,
-				     gai_strerror(result));
+				     "getaddrinfo(%s) failed: %s",
+				     namebuf, gai_strerror(result));
 			add(namebuf, ERR_LOOKUP_FAILURE);
 		}
-		return (true);
+		return (ISC_TRUE);
 	}
+#else
+	return (ISC_TRUE);
+#endif
 }
 
 isc_result_t
@@ -553,123 +525,34 @@ setup_logging(isc_mem_t *mctx, FILE *errout, isc_log_t **logp) {
 	isc_logconfig_t *logconfig = NULL;
 	isc_log_t *log = NULL;
 
-	isc_log_create(mctx, &log, &logconfig);
+	RUNTIME_CHECK(isc_log_create(mctx, &log, &logconfig) == ISC_R_SUCCESS);
 	isc_log_registercategories(log, categories);
 	isc_log_setcontext(log);
 	dns_log_init(log);
 	dns_log_setcontext(log);
 	cfg_log_init(log);
-	ns_log_init(log);
 
 	destination.file.stream = errout;
 	destination.file.name = NULL;
 	destination.file.versions = ISC_LOG_ROLLNEVER;
 	destination.file.maximum_size = 0;
-	isc_log_createchannel(logconfig, "stderr", ISC_LOG_TOFILEDESC,
-			      ISC_LOG_DYNAMIC, &destination, 0);
-
-	RUNTIME_CHECK(isc_log_usechannel(logconfig, "stderr", NULL, NULL) ==
-		      ISC_R_SUCCESS);
+	RUNTIME_CHECK(isc_log_createchannel(logconfig, "stderr",
+				       ISC_LOG_TOFILEDESC,
+				       ISC_LOG_DYNAMIC,
+				       &destination, 0) == ISC_R_SUCCESS);
+	RUNTIME_CHECK(isc_log_usechannel(logconfig, "stderr",
+					 NULL, NULL) == ISC_R_SUCCESS);
 
 	*logp = log;
 	return (ISC_R_SUCCESS);
 }
 
-/*% scan the zone for oversize TTLs */
-static isc_result_t
-check_ttls(dns_zone_t *zone, dns_ttl_t maxttl) {
-	isc_result_t result;
-	dns_db_t *db = NULL;
-	dns_dbversion_t *version = NULL;
-	dns_dbnode_t *node = NULL;
-	dns_dbiterator_t *dbiter = NULL;
-	dns_rdatasetiter_t *rdsiter = NULL;
-	dns_rdataset_t rdataset;
-	dns_fixedname_t fname;
-	dns_name_t *name;
-	name = dns_fixedname_initname(&fname);
-	dns_rdataset_init(&rdataset);
-
-	CHECK(dns_zone_getdb(zone, &db));
-	INSIST(db != NULL);
-
-	CHECK(dns_db_newversion(db, &version));
-	CHECK(dns_db_createiterator(db, 0, &dbiter));
-
-	for (result = dns_dbiterator_first(dbiter); result == ISC_R_SUCCESS;
-	     result = dns_dbiterator_next(dbiter))
-	{
-		result = dns_dbiterator_current(dbiter, &node, name);
-		if (result == DNS_R_NEWORIGIN) {
-			result = ISC_R_SUCCESS;
-		}
-		CHECK(result);
-
-		CHECK(dns_db_allrdatasets(db, node, version, 0, &rdsiter));
-		for (result = dns_rdatasetiter_first(rdsiter);
-		     result == ISC_R_SUCCESS;
-		     result = dns_rdatasetiter_next(rdsiter))
-		{
-			dns_rdatasetiter_current(rdsiter, &rdataset);
-			if (rdataset.ttl > maxttl) {
-				char nbuf[DNS_NAME_FORMATSIZE];
-				char tbuf[255];
-				isc_buffer_t b;
-				isc_region_t r;
-
-				dns_name_format(name, nbuf, sizeof(nbuf));
-				isc_buffer_init(&b, tbuf, sizeof(tbuf) - 1);
-				CHECK(dns_rdatatype_totext(rdataset.type, &b));
-				isc_buffer_usedregion(&b, &r);
-				r.base[r.length] = 0;
-
-				dns_zone_log(zone, ISC_LOG_ERROR,
-					     "%s/%s TTL %d exceeds "
-					     "maximum TTL %d",
-					     nbuf, tbuf, rdataset.ttl, maxttl);
-				dns_rdataset_disassociate(&rdataset);
-				CHECK(ISC_R_RANGE);
-			}
-			dns_rdataset_disassociate(&rdataset);
-		}
-		if (result == ISC_R_NOMORE) {
-			result = ISC_R_SUCCESS;
-		}
-		CHECK(result);
-
-		dns_rdatasetiter_destroy(&rdsiter);
-		dns_db_detachnode(db, &node);
-	}
-
-	if (result == ISC_R_NOMORE) {
-		result = ISC_R_SUCCESS;
-	}
-
-cleanup:
-	if (node != NULL) {
-		dns_db_detachnode(db, &node);
-	}
-	if (rdsiter != NULL) {
-		dns_rdatasetiter_destroy(&rdsiter);
-	}
-	if (dbiter != NULL) {
-		dns_dbiterator_destroy(&dbiter);
-	}
-	if (version != NULL) {
-		dns_db_closeversion(db, &version, false);
-	}
-	if (db != NULL) {
-		dns_db_detach(&db);
-	}
-
-	return (result);
-}
-
 /*% load the zone */
 isc_result_t
 load_zone(isc_mem_t *mctx, const char *zonename, const char *filename,
 	  dns_masterformat_t fileformat, const char *classname,
-	  dns_ttl_t maxttl, dns_zone_t **zonep) {
+	  dns_zone_t **zonep)
+{
 	isc_result_t result;
 	dns_rdataclass_t rdclass;
 	isc_textregion_t region;
@@ -680,133 +563,80 @@ load_zone(isc_mem_t *mctx, const char *zonename, const char *filename,
 
 	REQUIRE(zonep == NULL || *zonep == NULL);
 
-	if (debug) {
+	if (debug)
 		fprintf(stderr, "loading \"%s\" from \"%s\" class \"%s\"\n",
 			zonename, filename, classname);
-	}
 
 	CHECK(dns_zone_create(&zone, mctx));
 
 	dns_zone_settype(zone, dns_zone_master);
 
-	isc_buffer_constinit(&buffer, zonename, strlen(zonename));
+	isc_buffer_init(&buffer, zonename, strlen(zonename));
 	isc_buffer_add(&buffer, strlen(zonename));
-	origin = dns_fixedname_initname(&fixorigin);
-	CHECK(dns_name_fromtext(origin, &buffer, dns_rootname, 0, NULL));
+	dns_fixedname_init(&fixorigin);
+	origin = dns_fixedname_name(&fixorigin);
+	CHECK(dns_name_fromtext(origin, &buffer, dns_rootname,
+				ISC_FALSE, NULL));
 	CHECK(dns_zone_setorigin(zone, origin));
-	dns_zone_setdbtype(zone, 1, (const char *const *)dbtype);
-	if (strcmp(filename, "-") == 0) {
-		CHECK(dns_zone_setstream(zone, stdin, fileformat,
-					 &dns_master_style_default));
-	} else {
-		CHECK(dns_zone_setfile(zone, filename, fileformat,
-				       &dns_master_style_default));
-	}
-	if (journal != NULL) {
-		CHECK(dns_zone_setjournal(zone, journal));
-	}
+	CHECK(dns_zone_setdbtype(zone, 1, (const char * const *) dbtype));
+	CHECK(dns_zone_setfile2(zone, filename, fileformat));
 
 	DE_CONST(classname, region.base);
 	region.length = strlen(classname);
 	CHECK(dns_rdataclass_fromtext(&rdclass, &region));
 
 	dns_zone_setclass(zone, rdclass);
-	dns_zone_setoption(zone, zone_options, true);
+	dns_zone_setoption(zone, zone_options, ISC_TRUE);
 	dns_zone_setoption(zone, DNS_ZONEOPT_NOMERGE, nomerge);
-
-	dns_zone_setmaxttl(zone, maxttl);
-
-	if (docheckmx) {
+	if (docheckmx)
 		dns_zone_setcheckmx(zone, checkmx);
-	}
-	if (docheckns) {
+	if (docheckns)
 		dns_zone_setcheckns(zone, checkns);
-	}
-	if (dochecksrv) {
+	if (dochecksrv)
 		dns_zone_setchecksrv(zone, checksrv);
-	}
-
-	CHECK(dns_zone_load(zone, false));
-
-	/*
-	 * When loading map files we can't catch oversize TTLs during
-	 * load, so we check for them here.
-	 */
-	if (fileformat == dns_masterformat_map && maxttl != 0) {
-		CHECK(check_ttls(zone, maxttl));
-	}
 
+	CHECK(dns_zone_load(zone));
 	if (zonep != NULL) {
 		*zonep = zone;
 		zone = NULL;
 	}
 
-cleanup:
-	if (zone != NULL) {
+ cleanup:
+	if (zone != NULL)
 		dns_zone_detach(&zone);
-	}
 	return (result);
 }
 
 /*% dump the zone */
 isc_result_t
 dump_zone(const char *zonename, dns_zone_t *zone, const char *filename,
-	  dns_masterformat_t fileformat, const dns_master_style_t *style,
-	  const uint32_t rawversion) {
+	  dns_masterformat_t fileformat, const dns_master_style_t *style)
+{
 	isc_result_t result;
 	FILE *output = stdout;
-	const char *flags;
-
-	flags = (fileformat == dns_masterformat_text) ? "w" : "wb";
 
 	if (debug) {
-		if (filename != NULL && strcmp(filename, "-") != 0) {
-			fprintf(stderr, "dumping \"%s\" to \"%s\"\n", zonename,
-				filename);
-		} else {
+		if (filename != NULL && strcmp(filename, "-") != 0)
+			fprintf(stderr, "dumping \"%s\" to \"%s\"\n",
+				zonename, filename);
+		else
 			fprintf(stderr, "dumping \"%s\"\n", zonename);
-		}
 	}
 
 	if (filename != NULL && strcmp(filename, "-") != 0) {
-		result = isc_stdio_open(filename, flags, &output);
+		result = isc_stdio_open(filename, "w+", &output);
 
 		if (result != ISC_R_SUCCESS) {
-			fprintf(stderr,
-				"could not open output "
-				"file \"%s\" for writing\n",
-				filename);
+			fprintf(stderr, "could not open output "
+				"file \"%s\" for writing\n", filename);
 			return (ISC_R_FAILURE);
 		}
 	}
 
-	result = dns_zone_dumptostream(zone, output, fileformat, style,
-				       rawversion);
-	if (output != stdout) {
+	result = dns_zone_dumptostream2(zone, output, fileformat, style);
+
+	if (output != stdout)
 		(void)isc_stdio_close(output);
-	}
 
 	return (result);
 }
-
-#ifdef _WIN32
-void
-InitSockets(void) {
-	WORD wVersionRequested;
-	WSADATA wsaData;
-	int err;
-
-	wVersionRequested = MAKEWORD(2, 0);
-
-	err = WSAStartup(wVersionRequested, &wsaData);
-	if (err != 0) {
-		fprintf(stderr, "WSAStartup() failed: %d\n", err);
-		exit(1);
-	}
-}
-
-void
-DestroySockets(void) {
-	WSACleanup();
-}
-#endif /* ifdef _WIN32 */

bin/check/check-tool.h

@@ -1,29 +1,33 @@
 /*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004, 2005, 2007  Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2000-2002  Internet Software Consortium.
  *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
  *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
  */
 
+/* $Id: check-tool.h,v 1.14 2007/06/18 23:47:17 tbox Exp $ */
+
 #ifndef CHECK_TOOL_H
 #define CHECK_TOOL_H
 
 /*! \file */
 
-#include <inttypes.h>
-#include <stdbool.h>
-
 #include <isc/lang.h>
 #include <isc/stdio.h>
 #include <isc/types.h>
 
 #include <dns/masterdump.h>
 #include <dns/types.h>
-#include <dns/zone.h>
 
 ISC_LANG_BEGINDECLS
 
@@ -33,28 +37,19 @@ setup_logging(isc_mem_t *mctx, FILE *errout, isc_log_t **logp);
 isc_result_t
 load_zone(isc_mem_t *mctx, const char *zonename, const char *filename,
 	  dns_masterformat_t fileformat, const char *classname,
-	  dns_ttl_t maxttl, dns_zone_t **zonep);
+	  dns_zone_t **zonep);
 
 isc_result_t
 dump_zone(const char *zonename, dns_zone_t *zone, const char *filename,
-	  dns_masterformat_t fileformat, const dns_master_style_t *style,
-	  const uint32_t rawversion);
-
-#ifdef _WIN32
-void
-InitSockets(void);
-void
-DestroySockets(void);
-#endif /* ifdef _WIN32 */
+	  dns_masterformat_t fileformat, const dns_master_style_t *style);
 
 extern int debug;
-extern const char *journal;
-extern bool nomerge;
-extern bool docheckmx;
-extern bool docheckns;
-extern bool dochecksrv;
-extern dns_zoneopt_t zone_options;
+extern isc_boolean_t nomerge;
+extern isc_boolean_t docheckmx;
+extern isc_boolean_t docheckns;
+extern isc_boolean_t dochecksrv;
+extern unsigned int zone_options;
 
 ISC_LANG_ENDDECLS
 
-#endif /* ifndef CHECK_TOOL_H */
+#endif

bin/check/named-checkconf.8

@@ -0,0 +1,94 @@
+.\" Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
+.\" Copyright (C) 2000-2002 Internet Software Consortium.
+.\" 
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\" 
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+.\" PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" $Id: named-checkconf.8,v 1.30 2007/06/20 02:27:32 marka Exp $
+.\"
+.hy 0
+.ad l
+.\"     Title: named\-checkconf
+.\"    Author: 
+.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/>
+.\"      Date: June 14, 2000
+.\"    Manual: BIND9
+.\"    Source: BIND9
+.\"
+.TH "NAMED\-CHECKCONF" "8" "June 14, 2000" "BIND9" "BIND9"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+named\-checkconf \- named configuration file syntax checking tool
+.SH "SYNOPSIS"
+.HP 16
+\fBnamed\-checkconf\fR [\fB\-h\fR] [\fB\-v\fR] [\fB\-j\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] {filename} [\fB\-z\fR]
+.SH "DESCRIPTION"
+.PP
+\fBnamed\-checkconf\fR
+checks the syntax, but not the semantics, of a named configuration file.
+.SH "OPTIONS"
+.PP
+\-h
+.RS 4
+Print the usage summary and exit.
+.RE
+.PP
+\-t \fIdirectory\fR
+.RS 4
+Chroot to
+\fIdirectory\fR
+so that include directives in the configuration file are processed as if run by a similarly chrooted named.
+.RE
+.PP
+\-v
+.RS 4
+Print the version of the
+\fBnamed\-checkconf\fR
+program and exit.
+.RE
+.PP
+\-z
+.RS 4
+Perform a test load of all master zones found in
+\fInamed.conf\fR.
+.RE
+.PP
+\-j
+.RS 4
+When loading a zonefile read the journal if it exists.
+.RE
+.PP
+filename
+.RS 4
+The name of the configuration file to be checked. If not specified, it defaults to
+\fI/etc/named.conf\fR.
+.RE
+.SH "RETURN VALUES"
+.PP
+\fBnamed\-checkconf\fR
+returns an exit status of 1 if errors were detected and 0 otherwise.
+.SH "SEE ALSO"
+.PP
+\fBnamed\fR(8),
+\fBnamed\-checkzone\fR(8),
+BIND 9 Administrator Reference Manual.
+.SH "AUTHOR"
+.PP
+Internet Systems Consortium
+.SH "COPYRIGHT"
+Copyright \(co 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
+.br
+Copyright \(co 2000\-2002 Internet Software Consortium.
+.br

bin/check/named-checkconf.c

@@ -1,72 +1,69 @@
 /*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2007  Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 1999-2002  Internet Software Consortium.
  *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
  *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
  */
 
+/* $Id: named-checkconf.c,v 1.46 2007/11/26 02:12:45 marka Exp $ */
+
 /*! \file */
 
-#include <errno.h>
-#include <stdbool.h>
-#include <stdio.h>
-#include <stdlib.h>
+#include <config.h>
+
+#include <errno.h>
+#include <stdlib.h>
+#include <stdio.h>
 
-#include <isc/attributes.h>
 #include <isc/commandline.h>
 #include <isc/dir.h>
+#include <isc/entropy.h>
 #include <isc/hash.h>
 #include <isc/log.h>
 #include <isc/mem.h>
-#include <isc/print.h>
 #include <isc/result.h>
 #include <isc/string.h>
 #include <isc/util.h>
 
-#include <dns/db.h>
-#include <dns/fixedname.h>
-#include <dns/log.h>
-#include <dns/name.h>
-#include <dns/rdataclass.h>
-#include <dns/result.h>
-#include <dns/rootns.h>
-#include <dns/zone.h>
-
-#include <isccfg/grammar.h>
 #include <isccfg/namedconf.h>
 
 #include <bind9/check.h>
 
+#include <dns/fixedname.h>
+#include <dns/log.h>
+#include <dns/name.h>
+#include <dns/result.h>
+#include <dns/zone.h>
+
 #include "check-tool.h"
 
 static const char *program = "named-checkconf";
 
-static bool loadplugins = true;
-
 isc_log_t *logc = NULL;
 
-#define CHECK(r)                             \
-	do {                                 \
-		result = (r);                \
+#define CHECK(r)\
+	do { \
+		result = (r); \
 		if (result != ISC_R_SUCCESS) \
-			goto cleanup;        \
+			goto cleanup; \
 	} while (0)
 
 /*% usage */
-ISC_NORETURN static void
-usage(void);
-
 static void
 usage(void) {
-	fprintf(stderr,
-		"usage: %s [-chijlvz] [-p [-x]] [-t directory] "
-		"[named.conf]\n",
-		program);
-	exit(1);
+        fprintf(stderr, "usage: %s [-h] [-j] [-v] [-z] [-t directory] "
+		"[named.conf]\n", program);
+        exit(1);
 }
 
 /*% directory callback */
@@ -87,28 +84,26 @@ directory_callback(const char *clausename, const cfg_obj_t *obj, void *arg) {
 	result = isc_dir_chdir(directory);
 	if (result != ISC_R_SUCCESS) {
 		cfg_obj_log(obj, logc, ISC_LOG_ERROR,
-			    "change directory to '%s' failed: %s\n", directory,
-			    isc_result_totext(result));
+			    "change directory to '%s' failed: %s\n",
+			    directory, isc_result_totext(result));
 		return (result);
 	}
 
 	return (ISC_R_SUCCESS);
 }
 
-static bool
+static isc_boolean_t
 get_maps(const cfg_obj_t **maps, const char *name, const cfg_obj_t **obj) {
 	int i;
 	for (i = 0;; i++) {
-		if (maps[i] == NULL) {
-			return (false);
-		}
-		if (cfg_map_get(maps[i], name, obj) == ISC_R_SUCCESS) {
-			return (true);
-		}
+		if (maps[i] == NULL)
+			return (ISC_FALSE);
+		if (cfg_map_get(maps[i], name, obj) == ISC_R_SUCCESS)
+			return (ISC_TRUE);
 	}
 }
 
-static bool
+static isc_boolean_t
 get_checknames(const cfg_obj_t **maps, const cfg_obj_t **obj) {
 	const cfg_listelt_t *element;
 	const cfg_obj_t *checknames;
@@ -118,200 +113,94 @@ get_checknames(const cfg_obj_t **maps, const cfg_obj_t **obj) {
 	int i;
 
 	for (i = 0;; i++) {
-		if (maps[i] == NULL) {
-			return (false);
-		}
+		if (maps[i] == NULL)
+			return (ISC_FALSE);
 		checknames = NULL;
 		result = cfg_map_get(maps[i], "check-names", &checknames);
-		if (result != ISC_R_SUCCESS) {
+		if (result != ISC_R_SUCCESS)
 			continue;
-		}
 		if (checknames != NULL && !cfg_obj_islist(checknames)) {
 			*obj = checknames;
-			return (true);
+			return (ISC_TRUE);
 		}
-		for (element = cfg_list_first(checknames); element != NULL;
-		     element = cfg_list_next(element))
-		{
+		for (element = cfg_list_first(checknames);
+		     element != NULL;
+		     element = cfg_list_next(element)) {
 			value = cfg_listelt_value(element);
 			type = cfg_tuple_get(value, "type");
-			if ((strcasecmp(cfg_obj_asstring(type), "primary") !=
-			     0) &&
-			    (strcasecmp(cfg_obj_asstring(type), "master") != 0))
-			{
+			if (strcasecmp(cfg_obj_asstring(type), "master") != 0)
 				continue;
-			}
 			*obj = cfg_tuple_get(value, "mode");
-			return (true);
+			return (ISC_TRUE);
 		}
 	}
 }
 
 static isc_result_t
-configure_hint(const char *zfile, const char *zclass, isc_mem_t *mctx) {
-	isc_result_t result;
-	dns_db_t *db = NULL;
-	dns_rdataclass_t rdclass;
-	isc_textregion_t r;
+config_get(const cfg_obj_t **maps, const char *name, const cfg_obj_t **obj) {
+	int i;
 
-	if (zfile == NULL) {
-		return (ISC_R_FAILURE);
+	for (i = 0;; i++) {
+		if (maps[i] == NULL)
+			return (ISC_R_NOTFOUND);
+		if (cfg_map_get(maps[i], name, obj) == ISC_R_SUCCESS)
+			return (ISC_R_SUCCESS);
 	}
-
-	DE_CONST(zclass, r.base);
-	r.length = strlen(zclass);
-	result = dns_rdataclass_fromtext(&rdclass, &r);
-	if (result != ISC_R_SUCCESS) {
-		return (result);
-	}
-
-	result = dns_rootns_create(mctx, rdclass, zfile, &db);
-	if (result != ISC_R_SUCCESS) {
-		return (result);
-	}
-
-	dns_db_detach(&db);
-	return (ISC_R_SUCCESS);
 }
 
 /*% configure the zone */
 static isc_result_t
-configure_zone(const char *vclass, const char *view, const cfg_obj_t *zconfig,
-	       const cfg_obj_t *vconfig, const cfg_obj_t *config,
-	       isc_mem_t *mctx, bool list) {
+configure_zone(const char *vclass, const char *view,
+	       const cfg_obj_t *zconfig, const cfg_obj_t *vconfig,
+	       const cfg_obj_t *config, isc_mem_t *mctx)
+{
 	int i = 0;
 	isc_result_t result;
 	const char *zclass;
 	const char *zname;
-	const char *zfile = NULL;
+	const char *zfile;
 	const cfg_obj_t *maps[4];
-	const cfg_obj_t *primariesobj = NULL;
-	const cfg_obj_t *inviewobj = NULL;
 	const cfg_obj_t *zoptions = NULL;
 	const cfg_obj_t *classobj = NULL;
 	const cfg_obj_t *typeobj = NULL;
 	const cfg_obj_t *fileobj = NULL;
-	const cfg_obj_t *dlzobj = NULL;
 	const cfg_obj_t *dbobj = NULL;
 	const cfg_obj_t *obj = NULL;
 	const cfg_obj_t *fmtobj = NULL;
 	dns_masterformat_t masterformat;
-	dns_ttl_t maxttl = 0;
 
 	zone_options = DNS_ZONEOPT_CHECKNS | DNS_ZONEOPT_MANYERRORS;
 
 	zname = cfg_obj_asstring(cfg_tuple_get(zconfig, "name"));
 	classobj = cfg_tuple_get(zconfig, "class");
-	if (!cfg_obj_isstring(classobj)) {
-		zclass = vclass;
-	} else {
+        if (!cfg_obj_isstring(classobj))
+                zclass = vclass;
+        else
 		zclass = cfg_obj_asstring(classobj);
-	}
 
 	zoptions = cfg_tuple_get(zconfig, "options");
 	maps[i++] = zoptions;
-	if (vconfig != NULL) {
+	if (vconfig != NULL)
 		maps[i++] = cfg_tuple_get(vconfig, "options");
-	}
 	if (config != NULL) {
 		cfg_map_get(config, "options", &obj);
-		if (obj != NULL) {
+		if (obj != NULL)
 			maps[i++] = obj;
-		}
-	}
-	maps[i] = NULL;
-
-	cfg_map_get(zoptions, "in-view", &inviewobj);
-	if (inviewobj != NULL && list) {
-		const char *inview = cfg_obj_asstring(inviewobj);
-		printf("%s %s %s in-view %s\n", zname, zclass, view, inview);
-	}
-	if (inviewobj != NULL) {
-		return (ISC_R_SUCCESS);
 	}
+	maps[i++] = NULL;
 
 	cfg_map_get(zoptions, "type", &typeobj);
-	if (typeobj == NULL) {
+	if (typeobj == NULL)
 		return (ISC_R_FAILURE);
-	}
-
-	if (list) {
-		const char *ztype = cfg_obj_asstring(typeobj);
-		printf("%s %s %s %s\n", zname, zclass, view, ztype);
+	if (strcasecmp(cfg_obj_asstring(typeobj), "master") != 0)
 		return (ISC_R_SUCCESS);
-	}
-
-	/*
-	 * Skip checks when using an alternate data source.
-	 */
-	cfg_map_get(zoptions, "database", &dbobj);
-	if (dbobj != NULL && strcmp("rbt", cfg_obj_asstring(dbobj)) != 0 &&
-	    strcmp("rbt64", cfg_obj_asstring(dbobj)) != 0)
-	{
-		return (ISC_R_SUCCESS);
-	}
-
-	cfg_map_get(zoptions, "dlz", &dlzobj);
-	if (dlzobj != NULL) {
-		return (ISC_R_SUCCESS);
-	}
-
+        cfg_map_get(zoptions, "database", &dbobj);
+        if (dbobj != NULL)
+                return (ISC_R_SUCCESS);
 	cfg_map_get(zoptions, "file", &fileobj);
-	if (fileobj != NULL) {
-		zfile = cfg_obj_asstring(fileobj);
-	}
-
-	/*
-	 * Check hints files for hint zones.
-	 * Skip loading checks for any type other than
-	 * master and redirect
-	 */
-	if (strcasecmp(cfg_obj_asstring(typeobj), "hint") == 0) {
-		return (configure_hint(zfile, zclass, mctx));
-	} else if ((strcasecmp(cfg_obj_asstring(typeobj), "primary") != 0) &&
-		   (strcasecmp(cfg_obj_asstring(typeobj), "master") != 0) &&
-		   (strcasecmp(cfg_obj_asstring(typeobj), "redirect") != 0))
-	{
-		return (ISC_R_SUCCESS);
-	}
-
-	/*
-	 * Is the redirect zone configured as a slave?
-	 */
-	if (strcasecmp(cfg_obj_asstring(typeobj), "redirect") == 0) {
-		cfg_map_get(zoptions, "primaries", &primariesobj);
-		if (primariesobj == NULL) {
-			cfg_map_get(zoptions, "masters", &primariesobj);
-		}
-
-		if (primariesobj != NULL) {
-			return (ISC_R_SUCCESS);
-		}
-	}
-
-	if (zfile == NULL) {
+	if (fileobj == NULL)
 		return (ISC_R_FAILURE);
-	}
-
-	obj = NULL;
-	if (get_maps(maps, "check-dup-records", &obj)) {
-		if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
-			zone_options |= DNS_ZONEOPT_CHECKDUPRR;
-			zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
-		} else if (strcasecmp(cfg_obj_asstring(obj), "fail") == 0) {
-			zone_options |= DNS_ZONEOPT_CHECKDUPRR;
-			zone_options |= DNS_ZONEOPT_CHECKDUPRRFAIL;
-		} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
-			zone_options &= ~DNS_ZONEOPT_CHECKDUPRR;
-			zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
-		} else {
-			INSIST(0);
-			ISC_UNREACHABLE();
-		}
-	} else {
-		zone_options |= DNS_ZONEOPT_CHECKDUPRR;
-		zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
-	}
+	zfile = cfg_obj_asstring(fileobj);
 
 	obj = NULL;
 	if (get_maps(maps, "check-mx", &obj)) {
@@ -324,10 +213,8 @@ configure_zone(const char *vclass, const char *view, const cfg_obj_t *zconfig,
 		} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
 			zone_options &= ~DNS_ZONEOPT_CHECKMX;
 			zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
-		} else {
+		} else
 			INSIST(0);
-			ISC_UNREACHABLE();
-		}
 	} else {
 		zone_options |= DNS_ZONEOPT_CHECKMX;
 		zone_options &= ~DNS_ZONEOPT_CHECKMXFAIL;
@@ -335,14 +222,12 @@ configure_zone(const char *vclass, const char *view, const cfg_obj_t *zconfig,
 
 	obj = NULL;
 	if (get_maps(maps, "check-integrity", &obj)) {
-		if (cfg_obj_asboolean(obj)) {
+		if (cfg_obj_asboolean(obj))
 			zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
-		} else {
+		else
 			zone_options &= ~DNS_ZONEOPT_CHECKINTEGRITY;
-		}
-	} else {
+	} else
 		zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
-	}
 
 	obj = NULL;
 	if (get_maps(maps, "check-mx-cname", &obj)) {
@@ -355,10 +240,8 @@ configure_zone(const char *vclass, const char *view, const cfg_obj_t *zconfig,
 		} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
 			zone_options |= DNS_ZONEOPT_WARNMXCNAME;
 			zone_options |= DNS_ZONEOPT_IGNOREMXCNAME;
-		} else {
+		} else
 			INSIST(0);
-			ISC_UNREACHABLE();
-		}
 	} else {
 		zone_options |= DNS_ZONEOPT_WARNMXCNAME;
 		zone_options &= ~DNS_ZONEOPT_IGNOREMXCNAME;
@@ -375,10 +258,8 @@ configure_zone(const char *vclass, const char *view, const cfg_obj_t *zconfig,
 		} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
 			zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
 			zone_options |= DNS_ZONEOPT_IGNORESRVCNAME;
-		} else {
+		} else
 			INSIST(0);
-			ISC_UNREACHABLE();
-		}
 	} else {
 		zone_options |= DNS_ZONEOPT_WARNSRVCNAME;
 		zone_options &= ~DNS_ZONEOPT_IGNORESRVCNAME;
@@ -386,25 +267,10 @@ configure_zone(const char *vclass, const char *view, const cfg_obj_t *zconfig,
 
 	obj = NULL;
 	if (get_maps(maps, "check-sibling", &obj)) {
-		if (cfg_obj_asboolean(obj)) {
+		if (cfg_obj_asboolean(obj))
 			zone_options |= DNS_ZONEOPT_CHECKSIBLING;
-		} else {
+		else
 			zone_options &= ~DNS_ZONEOPT_CHECKSIBLING;
-		}
-	}
-
-	obj = NULL;
-	if (get_maps(maps, "check-spf", &obj)) {
-		if (strcasecmp(cfg_obj_asstring(obj), "warn") == 0) {
-			zone_options |= DNS_ZONEOPT_CHECKSPF;
-		} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
-			zone_options &= ~DNS_ZONEOPT_CHECKSPF;
-		} else {
-			INSIST(0);
-			ISC_UNREACHABLE();
-		}
-	} else {
-		zone_options |= DNS_ZONEOPT_CHECKSPF;
 	}
 
 	obj = NULL;
@@ -418,50 +284,38 @@ configure_zone(const char *vclass, const char *view, const cfg_obj_t *zconfig,
 		} else if (strcasecmp(cfg_obj_asstring(obj), "ignore") == 0) {
 			zone_options &= ~DNS_ZONEOPT_CHECKNAMES;
 			zone_options &= ~DNS_ZONEOPT_CHECKNAMESFAIL;
-		} else {
+		} else
 			INSIST(0);
-			ISC_UNREACHABLE();
-		}
 	} else {
-		zone_options |= DNS_ZONEOPT_CHECKNAMES;
-		zone_options |= DNS_ZONEOPT_CHECKNAMESFAIL;
+               zone_options |= DNS_ZONEOPT_CHECKNAMES;
+               zone_options |= DNS_ZONEOPT_CHECKNAMESFAIL;
 	}
 
 	masterformat = dns_masterformat_text;
 	fmtobj = NULL;
-	if (get_maps(maps, "masterfile-format", &fmtobj)) {
+	result = config_get(maps, "masterfile-format", &fmtobj);
+	if (result == ISC_R_SUCCESS) {
 		const char *masterformatstr = cfg_obj_asstring(fmtobj);
-		if (strcasecmp(masterformatstr, "text") == 0) {
+		if (strcasecmp(masterformatstr, "text") == 0)
 			masterformat = dns_masterformat_text;
-		} else if (strcasecmp(masterformatstr, "raw") == 0) {
+		else if (strcasecmp(masterformatstr, "raw") == 0)
 			masterformat = dns_masterformat_raw;
-		} else if (strcasecmp(masterformatstr, "map") == 0) {
-			masterformat = dns_masterformat_map;
-		} else {
+		else
 			INSIST(0);
-			ISC_UNREACHABLE();
-		}
 	}
 
-	obj = NULL;
-	if (get_maps(maps, "max-zone-ttl", &obj)) {
-		maxttl = cfg_obj_asduration(obj);
-		zone_options |= DNS_ZONEOPT_CHECKTTL;
-	}
-
-	result = load_zone(mctx, zname, zfile, masterformat, zclass, maxttl,
-			   NULL);
-	if (result != ISC_R_SUCCESS) {
+	result = load_zone(mctx, zname, zfile, masterformat, zclass, NULL);
+	if (result != ISC_R_SUCCESS)
 		fprintf(stderr, "%s/%s/%s: %s\n", view, zname, zclass,
 			dns_result_totext(result));
-	}
-	return (result);
+	return(result);
 }
 
 /*% configure a view */
 static isc_result_t
 configure_view(const char *vclass, const char *view, const cfg_obj_t *config,
-	       const cfg_obj_t *vconfig, isc_mem_t *mctx, bool list) {
+	       const cfg_obj_t *vconfig, isc_mem_t *mctx)
+{
 	const cfg_listelt_t *element;
 	const cfg_obj_t *voptions;
 	const cfg_obj_t *zonelist;
@@ -469,111 +323,70 @@ configure_view(const char *vclass, const char *view, const cfg_obj_t *config,
 	isc_result_t tresult;
 
 	voptions = NULL;
-	if (vconfig != NULL) {
+	if (vconfig != NULL)
 		voptions = cfg_tuple_get(vconfig, "options");
-	}
 
 	zonelist = NULL;
-	if (voptions != NULL) {
+	if (voptions != NULL)
 		(void)cfg_map_get(voptions, "zone", &zonelist);
-	} else {
+	else
 		(void)cfg_map_get(config, "zone", &zonelist);
-	}
 
-	for (element = cfg_list_first(zonelist); element != NULL;
+	for (element = cfg_list_first(zonelist);
+	     element != NULL;
 	     element = cfg_list_next(element))
 	{
 		const cfg_obj_t *zconfig = cfg_listelt_value(element);
-		tresult = configure_zone(vclass, view, zconfig, vconfig, config,
-					 mctx, list);
-		if (tresult != ISC_R_SUCCESS) {
+		tresult = configure_zone(vclass, view, zconfig, vconfig,
+					 config, mctx);
+		if (tresult != ISC_R_SUCCESS)
 			result = tresult;
-		}
 	}
 	return (result);
 }
 
-static isc_result_t
-config_getclass(const cfg_obj_t *classobj, dns_rdataclass_t defclass,
-		dns_rdataclass_t *classp) {
-	isc_textregion_t r;
-
-	if (!cfg_obj_isstring(classobj)) {
-		*classp = defclass;
-		return (ISC_R_SUCCESS);
-	}
-	DE_CONST(cfg_obj_asstring(classobj), r.base);
-	r.length = strlen(r.base);
-	return (dns_rdataclass_fromtext(classp, &r));
-}
 
 /*% load zones from the configuration */
 static isc_result_t
-load_zones_fromconfig(const cfg_obj_t *config, isc_mem_t *mctx,
-		      bool list_zones) {
+load_zones_fromconfig(const cfg_obj_t *config, isc_mem_t *mctx) {
 	const cfg_listelt_t *element;
+	const cfg_obj_t *classobj;
 	const cfg_obj_t *views;
 	const cfg_obj_t *vconfig;
+	const char *vclass;
 	isc_result_t result = ISC_R_SUCCESS;
 	isc_result_t tresult;
 
 	views = NULL;
 
 	(void)cfg_map_get(config, "view", &views);
-	for (element = cfg_list_first(views); element != NULL;
+	for (element = cfg_list_first(views);
+	     element != NULL;
 	     element = cfg_list_next(element))
 	{
-		const cfg_obj_t *classobj;
-		dns_rdataclass_t viewclass;
 		const char *vname;
-		char buf[sizeof("CLASS65535")];
 
+		vclass = "IN";
 		vconfig = cfg_listelt_value(element);
-		if (vconfig == NULL) {
-			continue;
+		if (vconfig != NULL) {
+			classobj = cfg_tuple_get(vconfig, "class");
+			if (cfg_obj_isstring(classobj))
+				vclass = cfg_obj_asstring(classobj);
 		}
-
-		classobj = cfg_tuple_get(vconfig, "class");
-		tresult = config_getclass(classobj, dns_rdataclass_in,
-					  &viewclass);
-		if (tresult != ISC_R_SUCCESS) {
-			CHECK(tresult);
-		}
-
-		if (dns_rdataclass_ismeta(viewclass)) {
-			CHECK(ISC_R_FAILURE);
-		}
-
-		dns_rdataclass_format(viewclass, buf, sizeof(buf));
 		vname = cfg_obj_asstring(cfg_tuple_get(vconfig, "name"));
-		tresult = configure_view(buf, vname, config, vconfig, mctx,
-					 list_zones);
-		if (tresult != ISC_R_SUCCESS) {
+		tresult = configure_view(vclass, vname, config, vconfig, mctx);
+		if (tresult != ISC_R_SUCCESS)
 			result = tresult;
-		}
 	}
 
 	if (views == NULL) {
-		tresult = configure_view("IN", "_default", config, NULL, mctx,
-					 list_zones);
-		if (tresult != ISC_R_SUCCESS) {
+		tresult = configure_view("IN", "_default", config, NULL, mctx);
+		if (tresult != ISC_R_SUCCESS)
 			result = tresult;
-		}
 	}
-
-cleanup:
 	return (result);
 }
 
-static void
-output(void *closure, const char *text, int textlen) {
-	UNUSED(closure);
-	if (fwrite(text, 1, textlen, stdout) != (size_t)textlen) {
-		perror("fwrite");
-		exit(1);
-	}
-}
-
 /*% The main processing routine */
 int
 main(int argc, char **argv) {
@@ -584,71 +397,19 @@ main(int argc, char **argv) {
 	isc_mem_t *mctx = NULL;
 	isc_result_t result;
 	int exit_status = 0;
-	bool load_zones = false;
-	bool list_zones = false;
-	bool print = false;
-	bool nodeprecate = false;
-	unsigned int flags = 0;
+	isc_entropy_t *ectx = NULL;
+	isc_boolean_t load_zones = ISC_FALSE;
+	
+	isc_commandline_errprint = ISC_FALSE;
 
-	isc_commandline_errprint = false;
-
-	/*
-	 * Process memory debugging argument first.
-	 */
-#define CMDLINE_FLAGS "cdhijlm:t:pvxz"
-	while ((c = isc_commandline_parse(argc, argv, CMDLINE_FLAGS)) != -1) {
+	while ((c = isc_commandline_parse(argc, argv, "dhjt:vz")) != EOF) {
 		switch (c) {
-		case 'm':
-			if (strcasecmp(isc_commandline_argument, "record") == 0)
-			{
-				isc_mem_debugging |= ISC_MEM_DEBUGRECORD;
-			}
-			if (strcasecmp(isc_commandline_argument, "trace") == 0)
-			{
-				isc_mem_debugging |= ISC_MEM_DEBUGTRACE;
-			}
-			if (strcasecmp(isc_commandline_argument, "usage") == 0)
-			{
-				isc_mem_debugging |= ISC_MEM_DEBUGUSAGE;
-			}
-			if (strcasecmp(isc_commandline_argument, "size") == 0) {
-				isc_mem_debugging |= ISC_MEM_DEBUGSIZE;
-			}
-			if (strcasecmp(isc_commandline_argument, "mctx") == 0) {
-				isc_mem_debugging |= ISC_MEM_DEBUGCTX;
-			}
-			break;
-		default:
-			break;
-		}
-	}
-	isc_commandline_reset = true;
-
-	isc_mem_create(&mctx);
-
-	while ((c = isc_commandline_parse(argc, argv, CMDLINE_FLAGS)) != EOF) {
-		switch (c) {
-		case 'c':
-			loadplugins = false;
-			break;
-
 		case 'd':
 			debug++;
 			break;
 
-		case 'i':
-			nodeprecate = true;
-			break;
-
 		case 'j':
-			nomerge = false;
-			break;
-
-		case 'l':
-			list_zones = true;
-			break;
-
-		case 'm':
+			nomerge = ISC_FALSE;
 			break;
 
 		case 't':
@@ -658,109 +419,86 @@ main(int argc, char **argv) {
 					isc_result_totext(result));
 				exit(1);
 			}
-			break;
-
-		case 'p':
-			print = true;
+			result = isc_dir_chdir("/");
+			if (result != ISC_R_SUCCESS) {
+				fprintf(stderr, "isc_dir_chdir: %s\n",
+					isc_result_totext(result));
+				exit(1);
+			}
 			break;
 
 		case 'v':
-			printf("%s\n", PACKAGE_VERSION);
+			printf(VERSION "\n");
 			exit(0);
 
-		case 'x':
-			flags |= CFG_PRINTER_XKEY;
-			break;
-
 		case 'z':
-			load_zones = true;
-			docheckmx = false;
-			docheckns = false;
-			dochecksrv = false;
+			load_zones = ISC_TRUE;
+			docheckmx = ISC_FALSE;
+			docheckns = ISC_FALSE;
+			dochecksrv = ISC_FALSE;
 			break;
 
 		case '?':
-			if (isc_commandline_option != '?') {
+			if (isc_commandline_option != '?')
 				fprintf(stderr, "%s: invalid argument -%c\n",
 					program, isc_commandline_option);
-			}
-		/* FALLTHROUGH */
 		case 'h':
 			usage();
 
 		default:
-			fprintf(stderr, "%s: unhandled option -%c\n", program,
-				isc_commandline_option);
+			fprintf(stderr, "%s: unhandled option -%c\n",
+				program, isc_commandline_option);
 			exit(1);
 		}
 	}
 
-	if (((flags & CFG_PRINTER_XKEY) != 0) && !print) {
-		fprintf(stderr, "%s: -x cannot be used without -p\n", program);
-		exit(1);
-	}
-	if (print && list_zones) {
-		fprintf(stderr, "%s: -l cannot be used with -p\n", program);
-		exit(1);
-	}
-
-	if (isc_commandline_index + 1 < argc) {
+	if (isc_commandline_index + 1 < argc)
 		usage();
-	}
-	if (argv[isc_commandline_index] != NULL) {
+	if (argv[isc_commandline_index] != NULL)
 		conffile = argv[isc_commandline_index];
-	}
-	if (conffile == NULL || conffile[0] == '\0') {
+	if (conffile == NULL || conffile[0] == '\0')
 		conffile = NAMED_CONFFILE;
-	}
 
-#ifdef _WIN32
-	InitSockets();
-#endif /* ifdef _WIN32 */
+	RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS);
 
 	RUNTIME_CHECK(setup_logging(mctx, stdout, &logc) == ISC_R_SUCCESS);
 
+	RUNTIME_CHECK(isc_entropy_create(mctx, &ectx) == ISC_R_SUCCESS);
+	RUNTIME_CHECK(isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE)
+		      == ISC_R_SUCCESS);
+
 	dns_result_register();
 
 	RUNTIME_CHECK(cfg_parser_create(mctx, logc, &parser) == ISC_R_SUCCESS);
 
-	if (nodeprecate) {
-		cfg_parser_setflags(parser, CFG_PCTX_NODEPRECATED, true);
-	}
 	cfg_parser_setcallback(parser, directory_callback, NULL);
 
 	if (cfg_parse_file(parser, conffile, &cfg_type_namedconf, &config) !=
 	    ISC_R_SUCCESS)
-	{
 		exit(1);
-	}
 
-	result = bind9_check_namedconf(config, loadplugins, logc, mctx);
-	if (result != ISC_R_SUCCESS) {
+	result = bind9_check_namedconf(config, logc, mctx);
+	if (result != ISC_R_SUCCESS)
 		exit_status = 1;
-	}
 
-	if (result == ISC_R_SUCCESS && (load_zones || list_zones)) {
-		result = load_zones_fromconfig(config, mctx, list_zones);
-		if (result != ISC_R_SUCCESS) {
+	if (result == ISC_R_SUCCESS && load_zones) {
+		result = load_zones_fromconfig(config, mctx);
+		if (result != ISC_R_SUCCESS)
 			exit_status = 1;
-		}
 	}
 
-	if (print && exit_status == 0) {
-		cfg_printx(config, flags, output, NULL);
-	}
 	cfg_obj_destroy(parser, &config);
 
 	cfg_parser_destroy(&parser);
 
+	dns_name_destroy();
+
 	isc_log_destroy(&logc);
 
+	isc_hash_destroy();
+	isc_entropy_detach(&ectx);
+
 	isc_mem_destroy(&mctx);
 
-#ifdef _WIN32
-	DestroySockets();
-#endif /* ifdef _WIN32 */
-
 	return (exit_status);
 }

bin/check/named-checkconf.docbook

@@ -0,0 +1,171 @@
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+               "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
+	       [<!ENTITY mdash "&#8212;">]>
+<!--
+ - Copyright (C) 2004, 2005, 2007  Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2000-2002  Internet Software Consortium.
+ -
+ - Permission to use, copy, modify, and/or distribute this software for any
+ - purpose with or without fee is hereby granted, provided that the above
+ - copyright notice and this permission notice appear in all copies.
+ -
+ - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ - AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ - PERFORMANCE OF THIS SOFTWARE.
+-->
+
+<!-- $Id: named-checkconf.docbook,v 1.19 2007/06/19 06:58:03 marka Exp $ -->
+<refentry id="man.named-checkconf">
+  <refentryinfo>
+    <date>June 14, 2000</date>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle><application>named-checkconf</application></refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo>BIND9</refmiscinfo>
+  </refmeta>
+
+  <docinfo>
+    <copyright>
+      <year>2004</year>
+      <year>2005</year>
+      <year>2007</year>
+      <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
+    </copyright>
+    <copyright>
+      <year>2000</year>
+      <year>2001</year>
+      <year>2002</year>
+      <holder>Internet Software Consortium.</holder>
+    </copyright>
+  </docinfo>
+
+  <refnamediv>
+    <refname><application>named-checkconf</application></refname>
+    <refpurpose>named configuration file syntax checking tool</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <cmdsynopsis>
+      <command>named-checkconf</command>
+      <arg><option>-h</option></arg>
+      <arg><option>-v</option></arg>
+      <arg><option>-j</option></arg>
+      <arg><option>-t <replaceable class="parameter">directory</replaceable></option></arg>
+      <arg choice="req">filename</arg>
+      <arg><option>-z</option></arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>DESCRIPTION</title>
+    <para><command>named-checkconf</command>
+      checks the syntax, but not the semantics, of a named
+      configuration file.
+    </para>
+  </refsect1>
+
+  <refsect1>
+    <title>OPTIONS</title>
+
+    <variablelist>
+      <varlistentry>
+        <term>-h</term>
+        <listitem>
+          <para>
+            Print the usage summary and exit.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-t <replaceable class="parameter">directory</replaceable></term>
+        <listitem>
+          <para>
+            Chroot to <filename>directory</filename> so that
+            include
+            directives in the configuration file are processed as if
+            run by a similarly chrooted named.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-v</term>
+        <listitem>
+          <para>
+            Print the version of the <command>named-checkconf</command>
+            program and exit.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-z</term>
+        <listitem>
+          <para>
+	    Perform a test load of all master zones found in
+	    <filename>named.conf</filename>.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-j</term>
+        <listitem>
+          <para>
+            When loading a zonefile read the journal if it exists.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>filename</term>
+        <listitem>
+          <para>
+            The name of the configuration file to be checked.  If not
+            specified, it defaults to <filename>/etc/named.conf</filename>.
+          </para>
+        </listitem>
+      </varlistentry>
+
+    </variablelist>
+
+  </refsect1>
+
+  <refsect1>
+    <title>RETURN VALUES</title>
+    <para><command>named-checkconf</command>
+      returns an exit status of 1 if
+      errors were detected and 0 otherwise.
+    </para>
+  </refsect1>
+
+  <refsect1>
+    <title>SEE ALSO</title>
+    <para><citerefentry>
+        <refentrytitle>named</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+        <refentrytitle>named-checkzone</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citetitle>BIND 9 Administrator Reference Manual</citetitle>.
+    </para>
+  </refsect1>
+
+  <refsect1>
+    <title>AUTHOR</title>
+    <para><corpauthor>Internet Systems Consortium</corpauthor>
+    </para>
+  </refsect1>
+
+</refentry><!--
+ - Local variables:
+ - mode: sgml
+ - End:
+-->

bin/check/named-checkconf.html

@@ -0,0 +1,96 @@
+<!--
+ - Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2000-2002 Internet Software Consortium.
+ - 
+ - Permission to use, copy, modify, and distribute this software for any
+ - purpose with or without fee is hereby granted, provided that the above
+ - copyright notice and this permission notice appear in all copies.
+ - 
+ - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ - PERFORMANCE OF THIS SOFTWARE.
+-->
+<!-- $Id: named-checkconf.html,v 1.30 2007/06/20 02:27:32 marka Exp $ -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<title>named-checkconf</title>
+<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
+</head>
+<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
+<a name="man.named-checkconf"></a><div class="titlepage"></div>
+<div class="refnamediv">
+<h2>Name</h2>
+<p><span class="application">named-checkconf</span> &#8212; named configuration file syntax checking tool</p>
+</div>
+<div class="refsynopsisdiv">
+<h2>Synopsis</h2>
+<div class="cmdsynopsis"><p><code class="command">named-checkconf</code>  [<code class="option">-h</code>] [<code class="option">-v</code>] [<code class="option">-j</code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] {filename} [<code class="option">-z</code>]</p></div>
+</div>
+<div class="refsect1" lang="en">
+<a name="id2543387"></a><h2>DESCRIPTION</h2>
+<p><span><strong class="command">named-checkconf</strong></span>
+      checks the syntax, but not the semantics, of a named
+      configuration file.
+    </p>
+</div>
+<div class="refsect1" lang="en">
+<a name="id2543399"></a><h2>OPTIONS</h2>
+<div class="variablelist"><dl>
+<dt><span class="term">-h</span></dt>
+<dd><p>
+            Print the usage summary and exit.
+          </p></dd>
+<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
+<dd><p>
+            Chroot to <code class="filename">directory</code> so that
+            include
+            directives in the configuration file are processed as if
+            run by a similarly chrooted named.
+          </p></dd>
+<dt><span class="term">-v</span></dt>
+<dd><p>
+            Print the version of the <span><strong class="command">named-checkconf</strong></span>
+            program and exit.
+          </p></dd>
+<dt><span class="term">-z</span></dt>
+<dd><p>
+	    Perform a test load of all master zones found in
+	    <code class="filename">named.conf</code>.
+          </p></dd>
+<dt><span class="term">-j</span></dt>
+<dd><p>
+            When loading a zonefile read the journal if it exists.
+          </p></dd>
+<dt><span class="term">filename</span></dt>
+<dd><p>
+            The name of the configuration file to be checked.  If not
+            specified, it defaults to <code class="filename">/etc/named.conf</code>.
+          </p></dd>
+</dl></div>
+</div>
+<div class="refsect1" lang="en">
+<a name="id2543507"></a><h2>RETURN VALUES</h2>
+<p><span><strong class="command">named-checkconf</strong></span>
+      returns an exit status of 1 if
+      errors were detected and 0 otherwise.
+    </p>
+</div>
+<div class="refsect1" lang="en">
+<a name="id2543518"></a><h2>SEE ALSO</h2>
+<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
+      <span class="citerefentry"><span class="refentrytitle">named-checkzone</span>(8)</span>,
+      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
+    </p>
+</div>
+<div class="refsect1" lang="en">
+<a name="id2543548"></a><h2>AUTHOR</h2>
+<p><span class="corpauthor">Internet Systems Consortium</span>
+    </p>
+</div>
+</div></body>
+</html>

bin/check/named-checkconf.rst

@@ -1,105 +0,0 @@
-.. 
-   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-   
-   This Source Code Form is subject to the terms of the Mozilla Public
-   License, v. 2.0. If a copy of the MPL was not distributed with this
-   file, You can obtain one at http://mozilla.org/MPL/2.0/.
-   
-   See the COPYRIGHT file distributed with this work for additional
-   information regarding copyright ownership.
-
-..
-   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-
-   This Source Code Form is subject to the terms of the Mozilla Public
-   License, v. 2.0. If a copy of the MPL was not distributed with this
-   file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
-   See the COPYRIGHT file distributed with this work for additional
-   information regarding copyright ownership.
-
-
-.. highlight: console
-
-.. _man_named-checkconf:
-
-named-checkconf - named configuration file syntax checking tool
----------------------------------------------------------------
-
-Synopsis
-~~~~~~~~
-
-:program:`named-checkconf` [**-chjlvz**] [**-p** [**-x** ]] [**-t** directory] {filename}
-
-Description
-~~~~~~~~~~~
-
-``named-checkconf`` checks the syntax, but not the semantics, of a
-``named`` configuration file. The file, along with all files included by it, is parsed and checked for syntax
-errors. If no file is specified,
-``/etc/named.conf`` is read by default.
-
-Note: files that ``named`` reads in separate parser contexts, such as
-``rndc.key`` and ``bind.keys``, are not automatically read by
-``named-checkconf``. Configuration errors in these files may cause
-``named`` to fail to run, even if ``named-checkconf`` was successful.
-However, ``named-checkconf`` can be run on these files explicitly.
-
-Options
-~~~~~~~
-
-``-h``
-   This option prints the usage summary and exits.
-
-``-j``
-   When loading a zonefile, this option instructs ``named`` to read the journal if it exists.
-
-``-l``
-   This option lists all the configured zones. Each line of output contains the zone
-   name, class (e.g. IN), view, and type (e.g. primary or secondary).
-
-``-c``
-   This option specifies that only the "core" configuration should be checked. This suppresses the loading of
-   plugin modules, and causes all parameters to ``plugin`` statements to
-   be ignored.
-
-``-i``
-   This option ignores warnings on deprecated options.
-
-``-p``
-   This option prints out the ``named.conf`` and included files in canonical form if
-   no errors were detected. See also the ``-x`` option.
-
-``-t directory``
-   This option instructs ``named`` to chroot to ``directory``, so that ``include`` directives in the
-   configuration file are processed as if run by a similarly chrooted
-   ``named``.
-
-``-v``
-   This option prints the version of the ``named-checkconf`` program and exits.
-
-``-x``
-   When printing the configuration files in canonical form, this option obscures
-   shared secrets by replacing them with strings of question marks
-   (``?``). This allows the contents of ``named.conf`` and related files
-   to be shared - for example, when submitting bug reports -
-   without compromising private data. This option cannot be used without
-   ``-p``.
-
-``-z``
-   This option performs a test load of all zones of type ``primary`` found in ``named.conf``.
-
-``filename``
-   This indicates the name of the configuration file to be checked. If not specified,
-   it defaults to ``/etc/named.conf``.
-
-Return Values
-~~~~~~~~~~~~~
-
-``named-checkconf`` returns an exit status of 1 if errors were detected
-and 0 otherwise.
-
-See Also
-~~~~~~~~
-
-:manpage:`named(8)`, :manpage:`named-checkzone(8)`, BIND 9 Administrator Reference Manual.

bin/check/named-checkzone.8

@@ -0,0 +1,278 @@
+.\" Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC")
+.\" Copyright (C) 2000-2002 Internet Software Consortium.
+.\" 
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\" 
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+.\" REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+.\" AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+.\" INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+.\" LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+.\" OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+.\" PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" $Id: named-checkzone.8,v 1.42 2007/06/20 02:27:32 marka Exp $
+.\"
+.hy 0
+.ad l
+.\"     Title: named\-checkzone
+.\"    Author: 
+.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/>
+.\"      Date: June 13, 2000
+.\"    Manual: BIND9
+.\"    Source: BIND9
+.\"
+.TH "NAMED\-CHECKZONE" "8" "June 13, 2000" "BIND9" "BIND9"
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.SH "NAME"
+named\-checkzone, named\-compilezone \- zone file validity checking or converting tool
+.SH "SYNOPSIS"
+.HP 16
+\fBnamed\-checkzone\fR [\fB\-d\fR] [\fB\-h\fR] [\fB\-j\fR] [\fB\-q\fR] [\fB\-v\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-f\ \fR\fB\fIformat\fR\fR] [\fB\-F\ \fR\fB\fIformat\fR\fR] [\fB\-i\ \fR\fB\fImode\fR\fR] [\fB\-k\ \fR\fB\fImode\fR\fR] [\fB\-m\ \fR\fB\fImode\fR\fR] [\fB\-M\ \fR\fB\fImode\fR\fR] [\fB\-n\ \fR\fB\fImode\fR\fR] [\fB\-o\ \fR\fB\fIfilename\fR\fR] [\fB\-s\ \fR\fB\fIstyle\fR\fR] [\fB\-S\ \fR\fB\fImode\fR\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-w\ \fR\fB\fIdirectory\fR\fR] [\fB\-D\fR] [\fB\-W\ \fR\fB\fImode\fR\fR] {zonename} {filename}
+.HP 18
+\fBnamed\-compilezone\fR [\fB\-d\fR] [\fB\-j\fR] [\fB\-q\fR] [\fB\-v\fR] [\fB\-c\ \fR\fB\fIclass\fR\fR] [\fB\-C\ \fR\fB\fImode\fR\fR] [\fB\-f\ \fR\fB\fIformat\fR\fR] [\fB\-F\ \fR\fB\fIformat\fR\fR] [\fB\-i\ \fR\fB\fImode\fR\fR] [\fB\-k\ \fR\fB\fImode\fR\fR] [\fB\-m\ \fR\fB\fImode\fR\fR] [\fB\-n\ \fR\fB\fImode\fR\fR] [\fB\-o\ \fR\fB\fIfilename\fR\fR] [\fB\-s\ \fR\fB\fIstyle\fR\fR] [\fB\-t\ \fR\fB\fIdirectory\fR\fR] [\fB\-w\ \fR\fB\fIdirectory\fR\fR] [\fB\-D\fR] [\fB\-W\ \fR\fB\fImode\fR\fR] {zonename} {filename}
+.SH "DESCRIPTION"
+.PP
+\fBnamed\-checkzone\fR
+checks the syntax and integrity of a zone file. It performs the same checks as
+\fBnamed\fR
+does when loading a zone. This makes
+\fBnamed\-checkzone\fR
+useful for checking zone files before configuring them into a name server.
+.PP
+\fBnamed\-compilezone\fR
+is similar to
+\fBnamed\-checkzone\fR, but it always dumps the zone contents to a specified file in a specified format. Additionally, it applies stricter check levels by default, since the dump output will be used as an actual zone file loaded by
+\fBnamed\fR. When manually specified otherwise, the check levels must at least be as strict as those specified in the
+\fBnamed\fR
+configuration file.
+.SH "OPTIONS"
+.PP
+\-d
+.RS 4
+Enable debugging.
+.RE
+.PP
+\-h
+.RS 4
+Print the usage summary and exit.
+.RE
+.PP
+\-q
+.RS 4
+Quiet mode \- exit code only.
+.RE
+.PP
+\-v
+.RS 4
+Print the version of the
+\fBnamed\-checkzone\fR
+program and exit.
+.RE
+.PP
+\-j
+.RS 4
+When loading the zone file read the journal if it exists.
+.RE
+.PP
+\-c \fIclass\fR
+.RS 4
+Specify the class of the zone. If not specified "IN" is assumed.
+.RE
+.PP
+\-i \fImode\fR
+.RS 4
+Perform post\-load zone integrity checks. Possible modes are
+\fB"full"\fR
+(default),
+\fB"full\-sibling"\fR,
+\fB"local"\fR,
+\fB"local\-sibling"\fR
+and
+\fB"none"\fR.
+.sp
+Mode
+\fB"full"\fR
+checks that MX records refer to A or AAAA record (both in\-zone and out\-of\-zone hostnames). Mode
+\fB"local"\fR
+only checks MX records which refer to in\-zone hostnames.
+.sp
+Mode
+\fB"full"\fR
+checks that SRV records refer to A or AAAA record (both in\-zone and out\-of\-zone hostnames). Mode
+\fB"local"\fR
+only checks SRV records which refer to in\-zone hostnames.
+.sp
+Mode
+\fB"full"\fR
+checks that delegation NS records refer to A or AAAA record (both in\-zone and out\-of\-zone hostnames). It also checks that glue address records in the zone match those advertised by the child. Mode
+\fB"local"\fR
+only checks NS records which refer to in\-zone hostnames or that some required glue exists, that is when the nameserver is in a child zone.
+.sp
+Mode
+\fB"full\-sibling"\fR
+and
+\fB"local\-sibling"\fR
+disable sibling glue checks but are otherwise the same as
+\fB"full"\fR
+and
+\fB"local"\fR
+respectively.
+.sp
+Mode
+\fB"none"\fR
+disables the checks.
+.RE
+.PP
+\-f \fIformat\fR
+.RS 4
+Specify the format of the zone file. Possible formats are
+\fB"text"\fR
+(default) and
+\fB"raw"\fR.
+.RE
+.PP
+\-F \fIformat\fR
+.RS 4
+Specify the format of the output file specified. Possible formats are
+\fB"text"\fR
+(default) and
+\fB"raw"\fR. For
+\fBnamed\-checkzone\fR, this does not cause any effects unless it dumps the zone contents.
+.RE
+.PP
+\-k \fImode\fR
+.RS 4
+Perform
+\fB"check\-names"\fR
+checks with the specified failure mode. Possible modes are
+\fB"fail"\fR
+(default for
+\fBnamed\-compilezone\fR),
+\fB"warn"\fR
+(default for
+\fBnamed\-checkzone\fR) and
+\fB"ignore"\fR.
+.RE
+.PP
+\-m \fImode\fR
+.RS 4
+Specify whether MX records should be checked to see if they are addresses. Possible modes are
+\fB"fail"\fR,
+\fB"warn"\fR
+(default) and
+\fB"ignore"\fR.
+.RE
+.PP
+\-M \fImode\fR
+.RS 4
+Check if a MX record refers to a CNAME. Possible modes are
+\fB"fail"\fR,
+\fB"warn"\fR
+(default) and
+\fB"ignore"\fR.
+.RE
+.PP
+\-n \fImode\fR
+.RS 4
+Specify whether NS records should be checked to see if they are addresses. Possible modes are
+\fB"fail"\fR
+(default for
+\fBnamed\-compilezone\fR),
+\fB"warn"\fR
+(default for
+\fBnamed\-checkzone\fR) and
+\fB"ignore"\fR.
+.RE
+.PP
+\-o \fIfilename\fR
+.RS 4
+Write zone output to
+\fIfilename\fR. If
+\fIfilename\fR
+is
+\fI\-\fR
+then write to standard out. This is mandatory for
+\fBnamed\-compilezone\fR.
+.RE
+.PP
+\-s \fIstyle\fR
+.RS 4
+Specify the style of the dumped zone file. Possible styles are
+\fB"full"\fR
+(default) and
+\fB"relative"\fR. The full format is most suitable for processing automatically by a separate script. On the other hand, the relative format is more human\-readable and is thus suitable for editing by hand. For
+\fBnamed\-checkzone\fR
+this does not cause any effects unless it dumps the zone contents. It also does not have any meaning if the output format is not text.
+.RE
+.PP
+\-S \fImode\fR
+.RS 4
+Check if a SRV record refers to a CNAME. Possible modes are
+\fB"fail"\fR,
+\fB"warn"\fR
+(default) and
+\fB"ignore"\fR.
+.RE
+.PP
+\-t \fIdirectory\fR
+.RS 4
+Chroot to
+\fIdirectory\fR
+so that include directives in the configuration file are processed as if run by a similarly chrooted named.
+.RE
+.PP
+\-w \fIdirectory\fR
+.RS 4
+chdir to
+\fIdirectory\fR
+so that relative filenames in master file $INCLUDE directives work. This is similar to the directory clause in
+\fInamed.conf\fR.
+.RE
+.PP
+\-D
+.RS 4
+Dump zone file in canonical format. This is always enabled for
+\fBnamed\-compilezone\fR.
+.RE
+.PP
+\-W \fImode\fR
+.RS 4
+Specify whether to check for non\-terminal wildcards. Non\-terminal wildcards are almost always the result of a failure to understand the wildcard matching algorithm (RFC 1034). Possible modes are
+\fB"warn"\fR
+(default) and
+\fB"ignore"\fR.
+.RE
+.PP
+zonename
+.RS 4
+The domain name of the zone being checked.
+.RE
+.PP
+filename
+.RS 4
+The name of the zone file.
+.RE
+.SH "RETURN VALUES"
+.PP
+\fBnamed\-checkzone\fR
+returns an exit status of 1 if errors were detected and 0 otherwise.
+.SH "SEE ALSO"
+.PP
+\fBnamed\fR(8),
+\fBnamed\-checkconf\fR(8),
+RFC 1035,
+BIND 9 Administrator Reference Manual.
+.SH "AUTHOR"
+.PP
+Internet Systems Consortium
+.SH "COPYRIGHT"
+Copyright \(co 2004\-2007 Internet Systems Consortium, Inc. ("ISC")
+.br
+Copyright \(co 2000\-2002 Internet Software Consortium.
+.br

bin/check/named-checkzone.c

@@ -1,29 +1,35 @@
 /*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 2004-2007  Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (C) 1999-2003  Internet Software Consortium.
  *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
  *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ * PERFORMANCE OF THIS SOFTWARE.
  */
 
+/* $Id: named-checkzone.c,v 1.49 2007/06/18 23:47:17 tbox Exp $ */
+
 /*! \file */
 
-#include <inttypes.h>
-#include <stdbool.h>
+#include <config.h>
+
 #include <stdlib.h>
 
 #include <isc/app.h>
-#include <isc/attributes.h>
 #include <isc/commandline.h>
 #include <isc/dir.h>
-#include <isc/file.h>
+#include <isc/entropy.h>
 #include <isc/hash.h>
 #include <isc/log.h>
 #include <isc/mem.h>
-#include <isc/print.h>
 #include <isc/socket.h>
 #include <isc/string.h>
 #include <isc/task.h>
@@ -33,7 +39,6 @@
 #include <dns/db.h>
 #include <dns/fixedname.h>
 #include <dns/log.h>
-#include <dns/master.h>
 #include <dns/masterdump.h>
 #include <dns/name.h>
 #include <dns/rdataclass.h>
@@ -46,49 +51,43 @@
 
 static int quiet = 0;
 static isc_mem_t *mctx = NULL;
+static isc_entropy_t *ectx = NULL;
 dns_zone_t *zone = NULL;
 dns_zonetype_t zonetype = dns_zone_master;
 static int dumpzone = 0;
 static const char *output_filename;
-static const char *prog_name = NULL;
+static char *prog_name = NULL;
 static const dns_master_style_t *outputstyle = NULL;
 static enum { progmode_check, progmode_compile } progmode;
 
-#define ERRRET(result, function)                                              \
-	do {                                                                  \
-		if (result != ISC_R_SUCCESS) {                                \
-			if (!quiet)                                           \
-				fprintf(stderr, "%s() returned %s\n",         \
+#define ERRRET(result, function) \
+	do { \
+		if (result != ISC_R_SUCCESS) { \
+			if (!quiet) \
+				fprintf(stderr, "%s() returned %s\n", \
 					function, dns_result_totext(result)); \
-			return (result);                                      \
-		}                                                             \
+			return (result); \
+		} \
 	} while (0)
 
-ISC_NORETURN static void
-usage(void);
-
 static void
 usage(void) {
 	fprintf(stderr,
-		"usage: %s [-djqvD] [-c class] "
-		"[-f inputformat] [-F outputformat] [-J filename] "
-		"[-s (full|relative)] [-t directory] [-w directory] "
-		"[-k (ignore|warn|fail)] [-m (ignore|warn|fail)] "
-		"[-n (ignore|warn|fail)] [-r (ignore|warn|fail)] "
-		"[-i (full|full-sibling|local|local-sibling|none)] "
-		"[-M (ignore|warn|fail)] [-S (ignore|warn|fail)] "
-		"[-W (ignore|warn)] "
-		"%s zonename [ (filename|-) ]\n",
-		prog_name,
-		progmode == progmode_check ? "[-o filename]" : "-o filename");
+		"usage: %s [-djqvD] [-c class] [-o output] "
+		"[-f inputformat] [-F outputformat] "
+		"[-t directory] [-w directory] [-k (ignore|warn|fail)] "
+		"[-n (ignore|warn|fail)] [-m (ignore|warn|fail)] "
+		"[-i (full|local|none)] [-M (ignore|warn|fail)] "
+		"[-S (ignore|warn|fail)] [-W (ignore|warn)] "
+		"zonename filename\n", prog_name);
 	exit(1);
 }
 
 static void
 destroy(void) {
-	if (zone != NULL) {
+	if (zone != NULL)
 		dns_zone_detach(&zone);
-	}
+	dns_name_destroy();
 }
 
 /*% main processing routine */
@@ -96,7 +95,7 @@ int
 main(int argc, char **argv) {
 	int c;
 	char *origin = NULL;
-	const char *filename = NULL;
+	char *filename = NULL;
 	isc_log_t *lctx = NULL;
 	isc_result_t result;
 	char classname_in[] = "IN";
@@ -106,69 +105,46 @@ main(int argc, char **argv) {
 	const char *outputformatstr = NULL;
 	dns_masterformat_t inputformat = dns_masterformat_text;
 	dns_masterformat_t outputformat = dns_masterformat_text;
-	dns_masterrawheader_t header;
-	uint32_t rawversion = 1, serialnum = 0;
-	dns_ttl_t maxttl = 0;
-	bool snset = false;
-	bool logdump = false;
 	FILE *errout = stdout;
-	char *endp;
-
-	/*
-	 * Uncomment the following line if memory debugging is needed:
-	 * isc_mem_debugging |= ISC_MEM_DEBUGRECORD;
-	 */
 
 	outputstyle = &dns_master_style_full;
 
 	prog_name = strrchr(argv[0], '/');
-	if (prog_name == NULL) {
+	if (prog_name == NULL)
 		prog_name = strrchr(argv[0], '\\');
-	}
-	if (prog_name != NULL) {
+	if (prog_name != NULL)
 		prog_name++;
-	} else {
+	else
 		prog_name = argv[0];
-	}
 	/*
 	 * Libtool doesn't preserve the program name prior to final
 	 * installation.  Remove the libtool prefix ("lt-").
 	 */
-	if (strncmp(prog_name, "lt-", 3) == 0) {
+	if (strncmp(prog_name, "lt-", 3) == 0)
 		prog_name += 3;
-	}
-
-#define PROGCMP(X) \
-	(strcasecmp(prog_name, X) == 0 || strcasecmp(prog_name, X ".exe") == 0)
-
-	if (PROGCMP("named-checkzone")) {
+	if (strcmp(prog_name, "named-checkzone") == 0)
 		progmode = progmode_check;
-	} else if (PROGCMP("named-compilezone")) {
+	else if (strcmp(prog_name, "named-compilezone") == 0)
 		progmode = progmode_compile;
-	} else {
+	else
 		INSIST(0);
-		ISC_UNREACHABLE();
-	}
 
 	/* Compilation specific defaults */
 	if (progmode == progmode_compile) {
-		zone_options |= (DNS_ZONEOPT_CHECKNS | DNS_ZONEOPT_FATALNS |
-				 DNS_ZONEOPT_CHECKSPF | DNS_ZONEOPT_CHECKDUPRR |
+		zone_options |= (DNS_ZONEOPT_CHECKNS |
+				 DNS_ZONEOPT_FATALNS |
 				 DNS_ZONEOPT_CHECKNAMES |
 				 DNS_ZONEOPT_CHECKNAMESFAIL |
 				 DNS_ZONEOPT_CHECKWILDCARD);
-	} else {
-		zone_options |= (DNS_ZONEOPT_CHECKDUPRR | DNS_ZONEOPT_CHECKSPF);
 	}
 
 #define ARGCMP(X) (strcmp(isc_commandline_argument, X) == 0)
 
-	isc_commandline_errprint = false;
+	isc_commandline_errprint = ISC_FALSE;
 
 	while ((c = isc_commandline_parse(argc, argv,
-					  "c:df:hi:jJ:k:L:l:m:n:qr:s:t:o:vw:DF:"
-					  "M:S:T:W:")) != EOF)
-	{
+					 "c:df:hi:jk:m:n:qs:t:o:vw:DF:M:S:W:"))
+	       != EOF) {
 		switch (c) {
 		case 'c':
 			classname = isc_commandline_argument;
@@ -182,33 +158,33 @@ main(int argc, char **argv) {
 			if (ARGCMP("full")) {
 				zone_options |= DNS_ZONEOPT_CHECKINTEGRITY |
 						DNS_ZONEOPT_CHECKSIBLING;
-				docheckmx = true;
-				docheckns = true;
-				dochecksrv = true;
+				docheckmx = ISC_TRUE;
+				docheckns = ISC_TRUE;
+				dochecksrv = ISC_TRUE;
 			} else if (ARGCMP("full-sibling")) {
 				zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
 				zone_options &= ~DNS_ZONEOPT_CHECKSIBLING;
-				docheckmx = true;
-				docheckns = true;
-				dochecksrv = true;
+				docheckmx = ISC_TRUE;
+				docheckns = ISC_TRUE;
+				dochecksrv = ISC_TRUE;
 			} else if (ARGCMP("local")) {
 				zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
 				zone_options |= DNS_ZONEOPT_CHECKSIBLING;
-				docheckmx = false;
-				docheckns = false;
-				dochecksrv = false;
+				docheckmx = ISC_FALSE;
+				docheckns = ISC_FALSE;
+				dochecksrv = ISC_FALSE;
 			} else if (ARGCMP("local-sibling")) {
 				zone_options |= DNS_ZONEOPT_CHECKINTEGRITY;
 				zone_options &= ~DNS_ZONEOPT_CHECKSIBLING;
-				docheckmx = false;
-				docheckns = false;
-				dochecksrv = false;
+				docheckmx = ISC_FALSE;
+				docheckns = ISC_FALSE;
+				dochecksrv = ISC_FALSE;
 			} else if (ARGCMP("none")) {
 				zone_options &= ~DNS_ZONEOPT_CHECKINTEGRITY;
 				zone_options &= ~DNS_ZONEOPT_CHECKSIBLING;
-				docheckmx = false;
-				docheckns = false;
-				dochecksrv = false;
+				docheckmx = ISC_FALSE;
+				docheckns = ISC_FALSE;
+				dochecksrv = ISC_FALSE;
 			} else {
 				fprintf(stderr, "invalid argument to -i: %s\n",
 					isc_commandline_argument);
@@ -225,12 +201,7 @@ main(int argc, char **argv) {
 			break;
 
 		case 'j':
-			nomerge = false;
-			break;
-
-		case 'J':
-			journal = isc_commandline_argument;
-			nomerge = false;
+			nomerge = ISC_FALSE;
 			break;
 
 		case 'k':
@@ -250,38 +221,16 @@ main(int argc, char **argv) {
 			}
 			break;
 
-		case 'L':
-			snset = true;
-			endp = NULL;
-			serialnum = strtol(isc_commandline_argument, &endp, 0);
-			if (*endp != '\0') {
-				fprintf(stderr, "source serial number "
-						"must be numeric");
-				exit(1);
-			}
-			break;
-
-		case 'l':
-			zone_options |= DNS_ZONEOPT_CHECKTTL;
-			endp = NULL;
-			maxttl = strtol(isc_commandline_argument, &endp, 0);
-			if (*endp != '\0') {
-				fprintf(stderr, "maximum TTL "
-						"must be numeric");
-				exit(1);
-			}
-			break;
-
 		case 'n':
 			if (ARGCMP("ignore")) {
-				zone_options &= ~(DNS_ZONEOPT_CHECKNS |
+				zone_options &= ~(DNS_ZONEOPT_CHECKNS|
 						  DNS_ZONEOPT_FATALNS);
 			} else if (ARGCMP("warn")) {
 				zone_options |= DNS_ZONEOPT_CHECKNS;
 				zone_options &= ~DNS_ZONEOPT_FATALNS;
 			} else if (ARGCMP("fail")) {
-				zone_options |= DNS_ZONEOPT_CHECKNS |
-						DNS_ZONEOPT_FATALNS;
+				zone_options |= DNS_ZONEOPT_CHECKNS|
+					        DNS_ZONEOPT_FATALNS;
 			} else {
 				fprintf(stderr, "invalid argument to -n: %s\n",
 					isc_commandline_argument);
@@ -306,44 +255,10 @@ main(int argc, char **argv) {
 			}
 			break;
 
-		case 'o':
-			output_filename = isc_commandline_argument;
-			break;
-
 		case 'q':
 			quiet++;
 			break;
 
-		case 'r':
-			if (ARGCMP("warn")) {
-				zone_options |= DNS_ZONEOPT_CHECKDUPRR;
-				zone_options &= ~DNS_ZONEOPT_CHECKDUPRRFAIL;
-			} else if (ARGCMP("fail")) {
-				zone_options |= DNS_ZONEOPT_CHECKDUPRR |
-						DNS_ZONEOPT_CHECKDUPRRFAIL;
-			} else if (ARGCMP("ignore")) {
-				zone_options &= ~(DNS_ZONEOPT_CHECKDUPRR |
-						  DNS_ZONEOPT_CHECKDUPRRFAIL);
-			} else {
-				fprintf(stderr, "invalid argument to -r: %s\n",
-					isc_commandline_argument);
-				exit(1);
-			}
-			break;
-
-		case 's':
-			if (ARGCMP("full")) {
-				outputstyle = &dns_master_style_full;
-			} else if (ARGCMP("relative")) {
-				outputstyle = &dns_master_style_default;
-			} else {
-				fprintf(stderr,
-					"unknown or unsupported style: %s\n",
-					isc_commandline_argument);
-				exit(1);
-			}
-			break;
-
 		case 't':
 			result = isc_dir_chroot(isc_commandline_argument);
 			if (result != ISC_R_SUCCESS) {
@@ -352,10 +267,33 @@ main(int argc, char **argv) {
 					isc_result_totext(result));
 				exit(1);
 			}
+			result = isc_dir_chdir("/");
+			if (result != ISC_R_SUCCESS) {
+				fprintf(stderr, "isc_dir_chdir: %s\n",
+					isc_result_totext(result));
+				exit(1);
+			}
+			break;
+
+		case 's':
+			if (ARGCMP("full"))
+				outputstyle = &dns_master_style_full;
+			else if (ARGCMP("relative")) {
+				outputstyle = &dns_master_style_default;
+			} else {
+				fprintf(stderr,
+					"unknown or unsupported style: %s\n",
+					isc_commandline_argument);
+				exit(1);
+			}
+			break;
+
+		case 'o':
+			output_filename = isc_commandline_argument;
 			break;
 
 		case 'v':
-			printf("%s\n", PACKAGE_VERSION);
+			printf(VERSION "\n");
 			exit(0);
 
 		case 'w':
@@ -400,38 +338,23 @@ main(int argc, char **argv) {
 			}
 			break;
 
-		case 'T':
-			if (ARGCMP("warn")) {
-				zone_options |= DNS_ZONEOPT_CHECKSPF;
-			} else if (ARGCMP("ignore")) {
-				zone_options &= ~DNS_ZONEOPT_CHECKSPF;
-			} else {
-				fprintf(stderr, "invalid argument to -T: %s\n",
-					isc_commandline_argument);
-				exit(1);
-			}
-			break;
-
 		case 'W':
-			if (ARGCMP("warn")) {
+			if (ARGCMP("warn"))
 				zone_options |= DNS_ZONEOPT_CHECKWILDCARD;
-			} else if (ARGCMP("ignore")) {
+			else if (ARGCMP("ignore"))
 				zone_options &= ~DNS_ZONEOPT_CHECKWILDCARD;
-			}
 			break;
 
 		case '?':
-			if (isc_commandline_option != '?') {
+			if (isc_commandline_option != '?')
 				fprintf(stderr, "%s: invalid argument -%c\n",
 					prog_name, isc_commandline_option);
-			}
-		/* FALLTHROUGH */
 		case 'h':
 			usage();
 
 		default:
-			fprintf(stderr, "%s: unhandled option -%c\n", prog_name,
-				isc_commandline_option);
+			fprintf(stderr, "%s: unhandled option -%c\n",
+                                prog_name, isc_commandline_option);
 			exit(1);
 		}
 	}
@@ -439,48 +362,30 @@ main(int argc, char **argv) {
 	if (workdir != NULL) {
 		result = isc_dir_chdir(workdir);
 		if (result != ISC_R_SUCCESS) {
-			fprintf(stderr, "isc_dir_chdir: %s: %s\n", workdir,
-				isc_result_totext(result));
+			fprintf(stderr, "isc_dir_chdir: %s: %s\n",
+				workdir, isc_result_totext(result));
 			exit(1);
 		}
 	}
 
 	if (inputformatstr != NULL) {
-		if (strcasecmp(inputformatstr, "text") == 0) {
+		if (strcasecmp(inputformatstr, "text") == 0)
 			inputformat = dns_masterformat_text;
-		} else if (strcasecmp(inputformatstr, "raw") == 0) {
+		else if (strcasecmp(inputformatstr, "raw") == 0)
 			inputformat = dns_masterformat_raw;
-		} else if (strncasecmp(inputformatstr, "raw=", 4) == 0) {
-			inputformat = dns_masterformat_raw;
-			fprintf(stderr, "WARNING: input format raw, version "
-					"ignored\n");
-		} else if (strcasecmp(inputformatstr, "map") == 0) {
-			inputformat = dns_masterformat_map;
-		} else {
+		else {
 			fprintf(stderr, "unknown file format: %s\n",
-				inputformatstr);
+			    inputformatstr);
 			exit(1);
 		}
 	}
 
 	if (outputformatstr != NULL) {
-		if (strcasecmp(outputformatstr, "text") == 0) {
+		if (strcasecmp(outputformatstr, "text") == 0)
 			outputformat = dns_masterformat_text;
-		} else if (strcasecmp(outputformatstr, "raw") == 0) {
+		else if (strcasecmp(outputformatstr, "raw") == 0)
 			outputformat = dns_masterformat_raw;
-		} else if (strncasecmp(outputformatstr, "raw=", 4) == 0) {
-			char *end;
-
-			outputformat = dns_masterformat_raw;
-			rawversion = strtol(outputformatstr + 4, &end, 10);
-			if (end == outputformatstr + 4 || *end != '\0' ||
-			    rawversion > 1U) {
-				fprintf(stderr, "unknown raw format version\n");
-				exit(1);
-			}
-		} else if (strcasecmp(outputformatstr, "map") == 0) {
-			outputformat = dns_masterformat_map;
-		} else {
+		else {
 			fprintf(stderr, "unknown file format: %s\n",
 				outputformatstr);
 			exit(1);
@@ -488,93 +393,64 @@ main(int argc, char **argv) {
 	}
 
 	if (progmode == progmode_compile) {
-		dumpzone = 1; /* always dump */
-		logdump = !quiet;
+		dumpzone = 1;	/* always dump */
 		if (output_filename == NULL) {
-			fprintf(stderr, "output file required, but not "
-					"specified\n");
+			fprintf(stderr,
+				"output file required, but not specified\n");
 			usage();
 		}
 	}
 
-	if (output_filename != NULL) {
+	if (output_filename != NULL)
 		dumpzone = 1;
-	}
 
 	/*
-	 * If we are printing to stdout then send the informational
+	 * If we are outputing to stdout then send the informational
 	 * output to stderr.
 	 */
 	if (dumpzone &&
-	    (output_filename == NULL || strcmp(output_filename, "-") == 0 ||
+	    (output_filename == NULL ||
+	     strcmp(output_filename, "-") == 0 ||
 	     strcmp(output_filename, "/dev/fd/1") == 0 ||
 	     strcmp(output_filename, "/dev/stdout") == 0))
-	{
 		errout = stderr;
-		logdump = false;
-	}
 
-	if (argc - isc_commandline_index < 1 ||
-	    argc - isc_commandline_index > 2) {
+	if (isc_commandline_index + 2 != argc)
 		usage();
-	}
 
-#ifdef _WIN32
-	InitSockets();
-#endif /* ifdef _WIN32 */
-
-	isc_mem_create(&mctx);
-	if (!quiet) {
-		RUNTIME_CHECK(setup_logging(mctx, errout, &lctx) ==
-			      ISC_R_SUCCESS);
-	}
+	RUNTIME_CHECK(isc_mem_create(0, 0, &mctx) == ISC_R_SUCCESS);
+	if (!quiet)
+		RUNTIME_CHECK(setup_logging(mctx, errout, &lctx)
+			      == ISC_R_SUCCESS);
+	RUNTIME_CHECK(isc_entropy_create(mctx, &ectx) == ISC_R_SUCCESS);
+	RUNTIME_CHECK(isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE)
+		      == ISC_R_SUCCESS);
 
 	dns_result_register();
 
 	origin = argv[isc_commandline_index++];
-
-	if (isc_commandline_index == argc) {
-		/* "-" will be interpreted as stdin */
-		filename = "-";
-	} else {
-		filename = argv[isc_commandline_index];
-	}
-
-	isc_commandline_index++;
-
+	filename = argv[isc_commandline_index++];
 	result = load_zone(mctx, origin, filename, inputformat, classname,
-			   maxttl, &zone);
-
-	if (snset) {
-		dns_master_initrawheader(&header);
-		header.flags = DNS_MASTERRAW_SOURCESERIALSET;
-		header.sourceserial = serialnum;
-		dns_zone_setrawdata(zone, &header);
-	}
+			   &zone);
 
 	if (result == ISC_R_SUCCESS && dumpzone) {
-		if (logdump) {
+		if (!quiet && progmode == progmode_compile) {
 			fprintf(errout, "dump zone to %s...", output_filename);
 			fflush(errout);
 		}
-		result = dump_zone(origin, zone, output_filename, outputformat,
-				   outputstyle, rawversion);
-		if (logdump) {
+		result = dump_zone(origin, zone, output_filename,
+				   outputformat, outputstyle);
+		if (!quiet && progmode == progmode_compile)
 			fprintf(errout, "done\n");
-		}
 	}
 
-	if (!quiet && result == ISC_R_SUCCESS) {
+	if (!quiet && result == ISC_R_SUCCESS)
 		fprintf(errout, "OK\n");
-	}
 	destroy();
-	if (lctx != NULL) {
+	if (lctx != NULL)
 		isc_log_destroy(&lctx);
-	}
+	isc_hash_destroy();
+	isc_entropy_detach(&ectx);
 	isc_mem_destroy(&mctx);
-#ifdef _WIN32
-	DestroySockets();
-#endif /* ifdef _WIN32 */
-
 	return ((result == ISC_R_SUCCESS) ? 0 : 1);
 }

bin/check/named-checkzone.docbook

@@ -0,0 +1,455 @@
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+               "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
+	       [<!ENTITY mdash "&#8212;">]>
+<!--
+ - Copyright (C) 2004-2007  Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2000-2002  Internet Software Consortium.
+ -
+ - Permission to use, copy, modify, and/or distribute this software for any
+ - purpose with or without fee is hereby granted, provided that the above
+ - copyright notice and this permission notice appear in all copies.
+ -
+ - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ - AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ - PERFORMANCE OF THIS SOFTWARE.
+-->
+
+<!-- $Id: named-checkzone.docbook,v 1.34 2007/06/19 06:58:03 marka Exp $ -->
+<refentry id="man.named-checkzone">
+  <refentryinfo>
+    <date>June 13, 2000</date>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle><application>named-checkzone</application></refentrytitle>
+    <manvolnum>8</manvolnum>
+    <refmiscinfo>BIND9</refmiscinfo>
+  </refmeta>
+
+  <docinfo>
+    <copyright>
+      <year>2004</year>
+      <year>2005</year>
+      <year>2006</year>
+      <year>2007</year>
+      <holder>Internet Systems Consortium, Inc. ("ISC")</holder>
+    </copyright>
+    <copyright>
+      <year>2000</year>
+      <year>2001</year>
+      <year>2002</year>
+      <holder>Internet Software Consortium.</holder>
+    </copyright>
+  </docinfo>
+
+  <refnamediv>
+    <refname><application>named-checkzone</application></refname>
+    <refname><application>named-compilezone</application></refname>
+    <refpurpose>zone file validity checking or converting tool</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <cmdsynopsis>
+      <command>named-checkzone</command>
+      <arg><option>-d</option></arg>
+      <arg><option>-h</option></arg>
+      <arg><option>-j</option></arg>
+      <arg><option>-q</option></arg>
+      <arg><option>-v</option></arg>
+      <arg><option>-c <replaceable class="parameter">class</replaceable></option></arg>
+      <arg><option>-f <replaceable class="parameter">format</replaceable></option></arg>
+      <arg><option>-F <replaceable class="parameter">format</replaceable></option></arg>
+      <arg><option>-i <replaceable class="parameter">mode</replaceable></option></arg>
+      <arg><option>-k <replaceable class="parameter">mode</replaceable></option></arg>
+      <arg><option>-m <replaceable class="parameter">mode</replaceable></option></arg>
+      <arg><option>-M <replaceable class="parameter">mode</replaceable></option></arg>
+      <arg><option>-n <replaceable class="parameter">mode</replaceable></option></arg>
+      <arg><option>-o <replaceable class="parameter">filename</replaceable></option></arg>
+      <arg><option>-s <replaceable class="parameter">style</replaceable></option></arg>
+      <arg><option>-S <replaceable class="parameter">mode</replaceable></option></arg>
+      <arg><option>-t <replaceable class="parameter">directory</replaceable></option></arg>
+      <arg><option>-w <replaceable class="parameter">directory</replaceable></option></arg>
+      <arg><option>-D</option></arg>
+      <arg><option>-W <replaceable class="parameter">mode</replaceable></option></arg>
+      <arg choice="req">zonename</arg>
+      <arg choice="req">filename</arg>
+    </cmdsynopsis>
+    <cmdsynopsis>
+      <command>named-compilezone</command>
+      <arg><option>-d</option></arg>
+      <arg><option>-j</option></arg>
+      <arg><option>-q</option></arg>
+      <arg><option>-v</option></arg>
+      <arg><option>-c <replaceable class="parameter">class</replaceable></option></arg>
+      <arg><option>-C <replaceable class="parameter">mode</replaceable></option></arg>
+      <arg><option>-f <replaceable class="parameter">format</replaceable></option></arg>
+      <arg><option>-F <replaceable class="parameter">format</replaceable></option></arg>
+      <arg><option>-i <replaceable class="parameter">mode</replaceable></option></arg>
+      <arg><option>-k <replaceable class="parameter">mode</replaceable></option></arg>
+      <arg><option>-m <replaceable class="parameter">mode</replaceable></option></arg>
+      <arg><option>-n <replaceable class="parameter">mode</replaceable></option></arg>
+      <arg><option>-o <replaceable class="parameter">filename</replaceable></option></arg>
+      <arg><option>-s <replaceable class="parameter">style</replaceable></option></arg>
+      <arg><option>-t <replaceable class="parameter">directory</replaceable></option></arg>
+      <arg><option>-w <replaceable class="parameter">directory</replaceable></option></arg>
+      <arg><option>-D</option></arg>
+      <arg><option>-W <replaceable class="parameter">mode</replaceable></option></arg>
+      <arg choice="req">zonename</arg>
+      <arg choice="req">filename</arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>DESCRIPTION</title>
+    <para><command>named-checkzone</command>
+      checks the syntax and integrity of a zone file.  It performs the
+      same checks as <command>named</command> does when loading a
+      zone.  This makes <command>named-checkzone</command> useful for
+      checking zone files before configuring them into a name server.
+    </para>
+    <para>
+        <command>named-compilezone</command> is similar to
+	<command>named-checkzone</command>, but it always dumps the
+        zone contents to a specified file in a specified format.
+	Additionally, it applies stricter check levels by default,
+        since the dump output will be used as an actual zone file
+	loaded by <command>named</command>.
+	When manually specified otherwise, the check levels must at
+        least be as strict as those specified in the
+	<command>named</command> configuration file.
+     </para>
+  </refsect1>
+
+  <refsect1>
+    <title>OPTIONS</title>
+
+    <variablelist>
+      <varlistentry>
+        <term>-d</term>
+        <listitem>
+          <para>
+            Enable debugging.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-h</term>
+        <listitem>
+          <para>
+            Print the usage summary and exit.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-q</term>
+        <listitem>
+          <para>
+            Quiet mode - exit code only.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-v</term>
+        <listitem>
+          <para>
+            Print the version of the <command>named-checkzone</command>
+            program and exit.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-j</term>
+        <listitem>
+          <para>
+            When loading the zone file read the journal if it exists.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-c <replaceable class="parameter">class</replaceable></term>
+        <listitem>
+          <para>
+            Specify the class of the zone.  If not specified "IN" is assumed.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-i <replaceable class="parameter">mode</replaceable></term>
+	<listitem>
+	  <para>
+	      Perform post-load zone integrity checks.  Possible modes are
+	      <command>"full"</command> (default),
+	      <command>"full-sibling"</command>,
+	      <command>"local"</command>,
+	      <command>"local-sibling"</command> and
+	      <command>"none"</command>.
+	  </para>
+	  <para>
+	      Mode <command>"full"</command> checks that MX records
+	      refer to A or AAAA record (both in-zone and out-of-zone
+	      hostnames).  Mode <command>"local"</command> only
+	      checks MX records which refer to in-zone hostnames.
+	  </para>
+	  <para>
+	      Mode <command>"full"</command> checks that SRV records
+	      refer to A or AAAA record (both in-zone and out-of-zone
+	      hostnames).  Mode <command>"local"</command> only
+	      checks SRV records which refer to in-zone hostnames.
+	  </para>
+	  <para>
+	      Mode <command>"full"</command> checks that delegation NS
+	      records refer to A or AAAA record (both in-zone and out-of-zone
+	      hostnames).  It also checks that glue address records
+	      in the zone match those advertised by the child.
+	      Mode <command>"local"</command> only checks NS records which
+	      refer to in-zone hostnames or that some required glue exists,
+	      that is when the nameserver is in a child zone.
+	  </para>
+	  <para>
+	      Mode <command>"full-sibling"</command> and
+	      <command>"local-sibling"</command> disable sibling glue
+	      checks but are otherwise the same as <command>"full"</command>
+	      and <command>"local"</command> respectively.
+	  </para>
+	  <para>
+	      Mode <command>"none"</command> disables the checks.
+	  </para>
+	</listitem>
+      </varlistentry>
+
+      <varlistentry>
+	<term>-f <replaceable class="parameter">format</replaceable></term>
+	<listitem>
+	  <para>
+	    Specify the format of the zone file.
+	    Possible formats are <command>"text"</command> (default)
+	    and <command>"raw"</command>.
+	  </para>
+	</listitem>
+      </varlistentry>
+
+      <varlistentry>
+	<term>-F <replaceable class="parameter">format</replaceable></term>
+	<listitem>
+	  <para>
+	    Specify the format of the output file specified.
+	    Possible formats are <command>"text"</command> (default)
+	    and <command>"raw"</command>.
+	    For <command>named-checkzone</command>,
+	    this does not cause any effects unless it dumps the zone
+	    contents.
+	  </para>
+	</listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-k <replaceable class="parameter">mode</replaceable></term>
+        <listitem>
+          <para>
+            Perform <command>"check-names"</command> checks with the
+	    specified failure mode.
+            Possible modes are <command>"fail"</command>
+	    (default for <command>named-compilezone</command>),
+            <command>"warn"</command>
+	    (default for <command>named-checkzone</command>) and
+            <command>"ignore"</command>.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-m <replaceable class="parameter">mode</replaceable></term>
+        <listitem>
+          <para>
+            Specify whether MX records should be checked to see if they
+            are addresses.  Possible modes are <command>"fail"</command>,
+            <command>"warn"</command> (default) and
+            <command>"ignore"</command>.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+	<term>-M <replaceable class="parameter">mode</replaceable></term>
+        <listitem>
+	  <para>
+	    Check if a MX record refers to a CNAME.
+            Possible modes are <command>"fail"</command>,
+            <command>"warn"</command> (default) and
+            <command>"ignore"</command>.
+	  </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-n <replaceable class="parameter">mode</replaceable></term>
+        <listitem>
+          <para>
+            Specify whether NS records should be checked to see if they
+            are addresses.
+	    Possible modes are <command>"fail"</command>
+	    (default for <command>named-compilezone</command>),
+            <command>"warn"</command>
+	    (default for <command>named-checkzone</command>) and
+            <command>"ignore"</command>.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-o <replaceable class="parameter">filename</replaceable></term>
+        <listitem>
+          <para>
+            Write zone output to <filename>filename</filename>.
+	    If <filename>filename</filename> is <filename>-</filename> then
+	    write to standard out.
+	    This is mandatory for <command>named-compilezone</command>.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+	<term>-s <replaceable class="parameter">style</replaceable></term>
+	<listitem>
+	  <para>
+	    Specify the style of the dumped zone file.
+	    Possible styles are <command>"full"</command> (default)
+	    and <command>"relative"</command>.
+	    The full format is most suitable for processing
+	    automatically by a separate script.
+	    On the other hand, the relative format is more
+	    human-readable and is thus suitable for editing by hand.
+	    For <command>named-checkzone</command>
+	    this does not cause any effects unless it dumps the zone
+	    contents.
+	    It also does not have any meaning if the output format
+	    is not text.
+	  </para>
+	</listitem>
+      </varlistentry>
+
+      <varlistentry>
+	<term>-S <replaceable class="parameter">mode</replaceable></term>
+        <listitem>
+	  <para>
+	    Check if a SRV record refers to a CNAME.
+            Possible modes are <command>"fail"</command>,
+            <command>"warn"</command> (default) and
+            <command>"ignore"</command>.
+	  </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-t <replaceable class="parameter">directory</replaceable></term>
+        <listitem>
+          <para>
+            Chroot to <filename>directory</filename> so that
+            include
+            directives in the configuration file are processed as if
+            run by a similarly chrooted named.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-w <replaceable class="parameter">directory</replaceable></term>
+        <listitem>
+          <para>
+            chdir to <filename>directory</filename> so that
+            relative
+            filenames in master file $INCLUDE directives work.  This
+            is similar to the directory clause in
+            <filename>named.conf</filename>.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-D</term>
+        <listitem>
+          <para>
+            Dump zone file in canonical format.
+	    This is always enabled for <command>named-compilezone</command>.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>-W <replaceable class="parameter">mode</replaceable></term>
+        <listitem>
+          <para>
+            Specify whether to check for non-terminal wildcards.
+            Non-terminal wildcards are almost always the result of a
+            failure to understand the wildcard matching algorithm (RFC 1034).
+            Possible modes are <command>"warn"</command> (default)
+            and
+            <command>"ignore"</command>.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>zonename</term>
+        <listitem>
+          <para>
+            The domain name of the zone being checked.
+          </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>filename</term>
+        <listitem>
+          <para>
+            The name of the zone file.
+          </para>
+        </listitem>
+      </varlistentry>
+
+    </variablelist>
+
+  </refsect1>
+
+  <refsect1>
+    <title>RETURN VALUES</title>
+    <para><command>named-checkzone</command>
+      returns an exit status of 1 if
+      errors were detected and 0 otherwise.
+    </para>
+  </refsect1>
+
+  <refsect1>
+    <title>SEE ALSO</title>
+    <para><citerefentry>
+        <refentrytitle>named</refentrytitle><manvolnum>8</manvolnum>
+      </citerefentry>,
+      <citerefentry>
+        <refentrytitle>named-checkconf</refentrytitle><manvolnum>8</manvolnum>  
+      </citerefentry>,
+      <citetitle>RFC 1035</citetitle>,
+      <citetitle>BIND 9 Administrator Reference Manual</citetitle>.
+    </para>
+  </refsect1>
+
+  <refsect1>
+    <title>AUTHOR</title>
+    <para><corpauthor>Internet Systems Consortium</corpauthor>
+    </para>
+  </refsect1>
+
+</refentry><!--
+ - Local variables:
+ - mode: sgml
+ - End:
+-->

bin/check/named-checkzone.html

@@ -0,0 +1,262 @@
+<!--
+ - Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC")
+ - Copyright (C) 2000-2002 Internet Software Consortium.
+ - 
+ - Permission to use, copy, modify, and distribute this software for any
+ - purpose with or without fee is hereby granted, provided that the above
+ - copyright notice and this permission notice appear in all copies.
+ - 
+ - THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+ - REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+ - AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+ - INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+ - LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+ - PERFORMANCE OF THIS SOFTWARE.
+-->
+<!-- $Id: named-checkzone.html,v 1.42 2007/06/20 02:27:32 marka Exp $ -->
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<title>named-checkzone</title>
+<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
+</head>
+<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
+<a name="man.named-checkzone"></a><div class="titlepage"></div>
+<div class="refnamediv">
+<h2>Name</h2>
+<p><span class="application">named-checkzone</span>, <span class="application">named-compilezone</span> &#8212; zone file validity checking or converting tool</p>
+</div>
+<div class="refsynopsisdiv">
+<h2>Synopsis</h2>
+<div class="cmdsynopsis"><p><code class="command">named-checkzone</code>  [<code class="option">-d</code>] [<code class="option">-h</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-M <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-S <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div>
+<div class="cmdsynopsis"><p><code class="command">named-compilezone</code>  [<code class="option">-d</code>] [<code class="option">-j</code>] [<code class="option">-q</code>] [<code class="option">-v</code>] [<code class="option">-c <em class="replaceable"><code>class</code></em></code>] [<code class="option">-C <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-f <em class="replaceable"><code>format</code></em></code>] [<code class="option">-F <em class="replaceable"><code>format</code></em></code>] [<code class="option">-i <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-k <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-m <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-n <em class="replaceable"><code>mode</code></em></code>] [<code class="option">-o <em class="replaceable"><code>filename</code></em></code>] [<code class="option">-s <em class="replaceable"><code>style</code></em></code>] [<code class="option">-t <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-w <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-D</code>] [<code class="option">-W <em class="replaceable"><code>mode</code></em></code>] {zonename} {filename}</p></div>
+</div>
+<div class="refsect1" lang="en">
+<a name="id2543669"></a><h2>DESCRIPTION</h2>
+<p><span><strong class="command">named-checkzone</strong></span>
+      checks the syntax and integrity of a zone file.  It performs the
+      same checks as <span><strong class="command">named</strong></span> does when loading a
+      zone.  This makes <span><strong class="command">named-checkzone</strong></span> useful for
+      checking zone files before configuring them into a name server.
+    </p>
+<p>
+        <span><strong class="command">named-compilezone</strong></span> is similar to
+	<span><strong class="command">named-checkzone</strong></span>, but it always dumps the
+        zone contents to a specified file in a specified format.
+	Additionally, it applies stricter check levels by default,
+        since the dump output will be used as an actual zone file
+	loaded by <span><strong class="command">named</strong></span>.
+	When manually specified otherwise, the check levels must at
+        least be as strict as those specified in the
+	<span><strong class="command">named</strong></span> configuration file.
+     </p>
+</div>
+<div class="refsect1" lang="en">
+<a name="id2543704"></a><h2>OPTIONS</h2>
+<div class="variablelist"><dl>
+<dt><span class="term">-d</span></dt>
+<dd><p>
+            Enable debugging.
+          </p></dd>
+<dt><span class="term">-h</span></dt>
+<dd><p>
+            Print the usage summary and exit.
+          </p></dd>
+<dt><span class="term">-q</span></dt>
+<dd><p>
+            Quiet mode - exit code only.
+          </p></dd>
+<dt><span class="term">-v</span></dt>
+<dd><p>
+            Print the version of the <span><strong class="command">named-checkzone</strong></span>
+            program and exit.
+          </p></dd>
+<dt><span class="term">-j</span></dt>
+<dd><p>
+            When loading the zone file read the journal if it exists.
+          </p></dd>
+<dt><span class="term">-c <em class="replaceable"><code>class</code></em></span></dt>
+<dd><p>
+            Specify the class of the zone.  If not specified "IN" is assumed.
+          </p></dd>
+<dt><span class="term">-i <em class="replaceable"><code>mode</code></em></span></dt>
+<dd>
+<p>
+	      Perform post-load zone integrity checks.  Possible modes are
+	      <span><strong class="command">"full"</strong></span> (default),
+	      <span><strong class="command">"full-sibling"</strong></span>,
+	      <span><strong class="command">"local"</strong></span>,
+	      <span><strong class="command">"local-sibling"</strong></span> and
+	      <span><strong class="command">"none"</strong></span>.
+	  </p>
+<p>
+	      Mode <span><strong class="command">"full"</strong></span> checks that MX records
+	      refer to A or AAAA record (both in-zone and out-of-zone
+	      hostnames).  Mode <span><strong class="command">"local"</strong></span> only
+	      checks MX records which refer to in-zone hostnames.
+	  </p>
+<p>
+	      Mode <span><strong class="command">"full"</strong></span> checks that SRV records
+	      refer to A or AAAA record (both in-zone and out-of-zone
+	      hostnames).  Mode <span><strong class="command">"local"</strong></span> only
+	      checks SRV records which refer to in-zone hostnames.
+	  </p>
+<p>
+	      Mode <span><strong class="command">"full"</strong></span> checks that delegation NS
+	      records refer to A or AAAA record (both in-zone and out-of-zone
+	      hostnames).  It also checks that glue address records
+	      in the zone match those advertised by the child.
+	      Mode <span><strong class="command">"local"</strong></span> only checks NS records which
+	      refer to in-zone hostnames or that some required glue exists,
+	      that is when the nameserver is in a child zone.
+	  </p>
+<p>
+	      Mode <span><strong class="command">"full-sibling"</strong></span> and
+	      <span><strong class="command">"local-sibling"</strong></span> disable sibling glue
+	      checks but are otherwise the same as <span><strong class="command">"full"</strong></span>
+	      and <span><strong class="command">"local"</strong></span> respectively.
+	  </p>
+<p>
+	      Mode <span><strong class="command">"none"</strong></span> disables the checks.
+	  </p>
+</dd>
+<dt><span class="term">-f <em class="replaceable"><code>format</code></em></span></dt>
+<dd><p>
+	    Specify the format of the zone file.
+	    Possible formats are <span><strong class="command">"text"</strong></span> (default)
+	    and <span><strong class="command">"raw"</strong></span>.
+	  </p></dd>
+<dt><span class="term">-F <em class="replaceable"><code>format</code></em></span></dt>
+<dd><p>
+	    Specify the format of the output file specified.
+	    Possible formats are <span><strong class="command">"text"</strong></span> (default)
+	    and <span><strong class="command">"raw"</strong></span>.
+	    For <span><strong class="command">named-checkzone</strong></span>,
+	    this does not cause any effects unless it dumps the zone
+	    contents.
+	  </p></dd>
+<dt><span class="term">-k <em class="replaceable"><code>mode</code></em></span></dt>
+<dd><p>
+            Perform <span><strong class="command">"check-names"</strong></span> checks with the
+	    specified failure mode.
+            Possible modes are <span><strong class="command">"fail"</strong></span>
+	    (default for <span><strong class="command">named-compilezone</strong></span>),
+            <span><strong class="command">"warn"</strong></span>
+	    (default for <span><strong class="command">named-checkzone</strong></span>) and
+            <span><strong class="command">"ignore"</strong></span>.
+          </p></dd>
+<dt><span class="term">-m <em class="replaceable"><code>mode</code></em></span></dt>
+<dd><p>
+            Specify whether MX records should be checked to see if they
+            are addresses.  Possible modes are <span><strong class="command">"fail"</strong></span>,
+            <span><strong class="command">"warn"</strong></span> (default) and
+            <span><strong class="command">"ignore"</strong></span>.
+          </p></dd>
+<dt><span class="term">-M <em class="replaceable"><code>mode</code></em></span></dt>
+<dd><p>
+	    Check if a MX record refers to a CNAME.
+            Possible modes are <span><strong class="command">"fail"</strong></span>,
+            <span><strong class="command">"warn"</strong></span> (default) and
+            <span><strong class="command">"ignore"</strong></span>.
+	  </p></dd>
+<dt><span class="term">-n <em class="replaceable"><code>mode</code></em></span></dt>
+<dd><p>
+            Specify whether NS records should be checked to see if they
+            are addresses.
+	    Possible modes are <span><strong class="command">"fail"</strong></span>
+	    (default for <span><strong class="command">named-compilezone</strong></span>),
+            <span><strong class="command">"warn"</strong></span>
+	    (default for <span><strong class="command">named-checkzone</strong></span>) and
+            <span><strong class="command">"ignore"</strong></span>.
+          </p></dd>
+<dt><span class="term">-o <em class="replaceable"><code>filename</code></em></span></dt>
+<dd><p>
+            Write zone output to <code class="filename">filename</code>.
+	    If <code class="filename">filename</code> is <code class="filename">-</code> then
+	    write to standard out.
+	    This is mandatory for <span><strong class="command">named-compilezone</strong></span>.
+          </p></dd>
+<dt><span class="term">-s <em class="replaceable"><code>style</code></em></span></dt>
+<dd><p>
+	    Specify the style of the dumped zone file.
+	    Possible styles are <span><strong class="command">"full"</strong></span> (default)
+	    and <span><strong class="command">"relative"</strong></span>.
+	    The full format is most suitable for processing
+	    automatically by a separate script.
+	    On the other hand, the relative format is more
+	    human-readable and is thus suitable for editing by hand.
+	    For <span><strong class="command">named-checkzone</strong></span>
+	    this does not cause any effects unless it dumps the zone
+	    contents.
+	    It also does not have any meaning if the output format
+	    is not text.
+	  </p></dd>
+<dt><span class="term">-S <em class="replaceable"><code>mode</code></em></span></dt>
+<dd><p>
+	    Check if a SRV record refers to a CNAME.
+            Possible modes are <span><strong class="command">"fail"</strong></span>,
+            <span><strong class="command">"warn"</strong></span> (default) and
+            <span><strong class="command">"ignore"</strong></span>.
+	  </p></dd>
+<dt><span class="term">-t <em class="replaceable"><code>directory</code></em></span></dt>
+<dd><p>
+            Chroot to <code class="filename">directory</code> so that
+            include
+            directives in the configuration file are processed as if
+            run by a similarly chrooted named.
+          </p></dd>
+<dt><span class="term">-w <em class="replaceable"><code>directory</code></em></span></dt>
+<dd><p>
+            chdir to <code class="filename">directory</code> so that
+            relative
+            filenames in master file $INCLUDE directives work.  This
+            is similar to the directory clause in
+            <code class="filename">named.conf</code>.
+          </p></dd>
+<dt><span class="term">-D</span></dt>
+<dd><p>
+            Dump zone file in canonical format.
+	    This is always enabled for <span><strong class="command">named-compilezone</strong></span>.
+          </p></dd>
+<dt><span class="term">-W <em class="replaceable"><code>mode</code></em></span></dt>
+<dd><p>
+            Specify whether to check for non-terminal wildcards.
+            Non-terminal wildcards are almost always the result of a
+            failure to understand the wildcard matching algorithm (RFC 1034).
+            Possible modes are <span><strong class="command">"warn"</strong></span> (default)
+            and
+            <span><strong class="command">"ignore"</strong></span>.
+          </p></dd>
+<dt><span class="term">zonename</span></dt>
+<dd><p>
+            The domain name of the zone being checked.
+          </p></dd>
+<dt><span class="term">filename</span></dt>
+<dd><p>
+            The name of the zone file.
+          </p></dd>
+</dl></div>
+</div>
+<div class="refsect1" lang="en">
+<a name="id2544325"></a><h2>RETURN VALUES</h2>
+<p><span><strong class="command">named-checkzone</strong></span>
+      returns an exit status of 1 if
+      errors were detected and 0 otherwise.
+    </p>
+</div>
+<div class="refsect1" lang="en">
+<a name="id2544337"></a><h2>SEE ALSO</h2>
+<p><span class="citerefentry"><span class="refentrytitle">named</span>(8)</span>,
+      <span class="citerefentry"><span class="refentrytitle">named-checkconf</span>(8)</span>,
+      <em class="citetitle">RFC 1035</em>,
+      <em class="citetitle">BIND 9 Administrator Reference Manual</em>.
+    </p>
+</div>
+<div class="refsect1" lang="en">
+<a name="id2544370"></a><h2>AUTHOR</h2>
+<p><span class="corpauthor">Internet Systems Consortium</span>
+    </p>
+</div>
+</div></body>
+</html>

bin/check/named-checkzone.rst

@@ -1,215 +0,0 @@
-.. 
-   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-   
-   This Source Code Form is subject to the terms of the Mozilla Public
-   License, v. 2.0. If a copy of the MPL was not distributed with this
-   file, You can obtain one at http://mozilla.org/MPL/2.0/.
-   
-   See the COPYRIGHT file distributed with this work for additional
-   information regarding copyright ownership.
-
-..
-   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-
-   This Source Code Form is subject to the terms of the Mozilla Public
-   License, v. 2.0. If a copy of the MPL was not distributed with this
-   file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
-   See the COPYRIGHT file distributed with this work for additional
-   information regarding copyright ownership.
-
-
-.. highlight: console
-
-.. _man_named-checkzone:
-
-named-checkzone, named-compilezone - zone file validity checking or converting tool
------------------------------------------------------------------------------------
-
-Synopsis
-~~~~~~~~
-
-:program:`named-checkzone` [**-d**] [**-h**] [**-j**] [**-q**] [**-v**] [**-c** class] [**-f** format] [**-F** format] [**-J** filename] [**-i** mode] [**-k** mode] [**-m** mode] [**-M** mode] [**-n** mode] [**-l** ttl] [**-L** serial] [**-o** filename] [**-r** mode] [**-s** style] [**-S** mode] [**-t** directory] [**-T** mode] [**-w** directory] [**-D**] [**-W** mode] {zonename} {filename}
-
-:program:`named-compilezone` [**-d**] [**-j**] [**-q**] [**-v**] [**-c** class] [**-C** mode] [**-f** format] [**-F** format] [**-J** filename] [**-i** mode] [**-k** mode] [**-m** mode] [**-n** mode] [**-l** ttl] [**-L** serial] [**-r** mode] [**-s** style] [**-t** directory] [**-T** mode] [**-w** directory] [**-D**] [**-W** mode] {**-o** filename} {zonename} {filename}
-
-Description
-~~~~~~~~~~~
-
-``named-checkzone`` checks the syntax and integrity of a zone file. It
-performs the same checks as ``named`` does when loading a zone. This
-makes ``named-checkzone`` useful for checking zone files before
-configuring them into a name server.
-
-``named-compilezone`` is similar to ``named-checkzone``, but it always
-dumps the zone contents to a specified file in a specified format.
-It also applies stricter check levels by default, since the
-dump output is used as an actual zone file loaded by ``named``.
-When manually specified otherwise, the check levels must at least be as
-strict as those specified in the ``named`` configuration file.
-
-Options
-~~~~~~~
-
-``-d``
-   This option enables debugging.
-
-``-h``
-   This option prints the usage summary and exits.
-
-``-q``
-   This option sets quiet mode, which only sets an exit code to indicate
-   successful or failed completion.
-
-``-v``
-   This option prints the version of the ``named-checkzone`` program and exits.
-
-``-j``
-   When loading a zone file, this option tells ``named`` to read the journal if it exists. The journal
-   file name is assumed to be the zone file name with the
-   string ``.jnl`` appended.
-
-``-J filename``
-   When loading the zone file, this option tells ``named`` to read the journal from the given file, if
-   it exists. This implies ``-j``.
-
-``-c class``
-   This option specifies the class of the zone. If not specified, ``IN`` is assumed.
-
-``-i mode``
-   This option performs post-load zone integrity checks. Possible modes are
-   ``full`` (the default), ``full-sibling``, ``local``,
-   ``local-sibling``, and ``none``.
-
-   Mode ``full`` checks that MX records refer to A or AAAA records
-   (both in-zone and out-of-zone hostnames). Mode ``local`` only
-   checks MX records which refer to in-zone hostnames.
-
-   Mode ``full`` checks that SRV records refer to A or AAAA records
-   (both in-zone and out-of-zone hostnames). Mode ``local`` only
-   checks SRV records which refer to in-zone hostnames.
-
-   Mode ``full`` checks that delegation NS records refer to A or AAAA
-   records (both in-zone and out-of-zone hostnames). It also checks that
-   glue address records in the zone match those advertised by the child.
-   Mode ``local`` only checks NS records which refer to in-zone
-   hostnames or verifies that some required glue exists, i.e., when the
-   name server is in a child zone.
-
-   Modes ``full-sibling`` and ``local-sibling`` disable sibling glue
-   checks, but are otherwise the same as ``full`` and ``local``,
-   respectively.
-
-   Mode ``none`` disables the checks.
-
-``-f format``
-   This option specifies the format of the zone file. Possible formats are ``text``
-   (the default), ``raw``, and ``map``.
-
-``-F format``
-   This option specifies the format of the output file specified. For
-   ``named-checkzone``, this does not have any effect unless it dumps
-   the zone contents.
-
-   Possible formats are ``text`` (the default), which is the standard
-   textual representation of the zone, and ``map``, ``raw``, and
-   ``raw=N``, which store the zone in a binary format for rapid
-   loading by ``named``. ``raw=N`` specifies the format version of the
-   raw zone file: if ``N`` is 0, the raw file can be read by any version of
-   ``named``; if N is 1, the file can only be read by release 9.9.0 or
-   higher. The default is 1.
-
-``-k mode``
-   This option performs ``check-names`` checks with the specified failure mode.
-   Possible modes are ``fail`` (the default for ``named-compilezone``),
-   ``warn`` (the default for ``named-checkzone``), and ``ignore``.
-
-``-l ttl``
-   This option sets a maximum permissible TTL for the input file. Any record with a
-   TTL higher than this value causes the zone to be rejected. This
-   is similar to using the ``max-zone-ttl`` option in ``named.conf``.
-
-``-L serial``
-   When compiling a zone to ``raw`` or ``map`` format, this option sets the "source
-   serial" value in the header to the specified serial number. This is
-   expected to be used primarily for testing purposes.
-
-``-m mode``
-   This option specifies whether MX records should be checked to see if they are
-   addresses. Possible modes are ``fail``, ``warn`` (the default), and
-   ``ignore``.
-
-``-M mode``
-   This option checks whether a MX record refers to a CNAME. Possible modes are
-   ``fail``, ``warn`` (the default), and ``ignore``.
-
-``-n mode``
-   This option specifies whether NS records should be checked to see if they are
-   addresses. Possible modes are ``fail`` (the default for
-   ``named-compilezone``), ``warn`` (the default for ``named-checkzone``),
-   and ``ignore``.
-
-``-o filename``
-   This option writes the zone output to ``filename``. If ``filename`` is ``-``, then
-   the zone output is written to standard output. This is mandatory for ``named-compilezone``.
-
-``-r mode``
-   This option checks for records that are treated as different by DNSSEC but are
-   semantically equal in plain DNS. Possible modes are ``fail``,
-   ``warn`` (the default), and ``ignore``.
-
-``-s style``
-   This option specifies the style of the dumped zone file. Possible styles are
-   ``full`` (the default) and ``relative``. The ``full`` format is most
-   suitable for processing automatically by a separate script.
-   The relative format is more human-readable and is thus
-   suitable for editing by hand. For ``named-checkzone``, this does not
-   have any effect unless it dumps the zone contents. It also does not
-   have any meaning if the output format is not text.
-
-``-S mode``
-   This option checks whether an SRV record refers to a CNAME. Possible modes are
-   ``fail``, ``warn`` (the default), and ``ignore``.
-
-``-t directory``
-   This option tells ``named`` to chroot to ``directory``, so that ``include`` directives in the
-   configuration file are processed as if run by a similarly chrooted
-   ``named``.
-
-``-T mode``
-   This option checks whether Sender Policy Framework (SPF) records exist and issues a
-   warning if an SPF-formatted TXT record is not also present. Possible
-   modes are ``warn`` (the default) and ``ignore``.
-
-``-w directory``
-   This option instructs ``named`` to chdir to ``directory``, so that relative filenames in master file
-   ``$INCLUDE`` directives work. This is similar to the directory clause in
-   ``named.conf``.
-
-``-D``
-   This option dumps the zone file in canonical format. This is always enabled for
-   ``named-compilezone``.
-
-``-W mode``
-   This option specifies whether to check for non-terminal wildcards. Non-terminal
-   wildcards are almost always the result of a failure to understand the
-   wildcard matching algorithm (:rfc:`1034`). Possible modes are ``warn``
-   (the default) and ``ignore``.
-
-``zonename``
-   This indicates the domain name of the zone being checked.
-
-``filename``
-   This is the name of the zone file.
-
-Return Values
-~~~~~~~~~~~~~
-
-``named-checkzone`` returns an exit status of 1 if errors were detected
-and 0 otherwise.
-
-See Also
-~~~~~~~~
-
-:manpage:`named(8)`, :manpage:`named-checkconf(8)`, :rfc:`1035`, BIND 9 Administrator Reference
-Manual.

bin/check/win32/checkconf.vcxproj.filters.in

@@ -1,27 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <ItemGroup>
-    <Filter Include="Source Files">
-      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
-      <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
-    </Filter>
-    <Filter Include="Header Files">
-      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
-      <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
-    </Filter>
-    <Filter Include="Resource Files">
-      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
-      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
-    </Filter>
-  </ItemGroup>
-  <ItemGroup>
-    <ClInclude Include="..\check-tool.h">
-      <Filter>Header Files</Filter>
-    </ClInclude>
-  </ItemGroup>
-  <ItemGroup>
-    <ClCompile Include="..\named-checkconf.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-  </ItemGroup>
-</Project>

bin/check/win32/checkconf.vcxproj.in

@@ -1,144 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project DefaultTargets="Build" ToolsVersion="@TOOLS_VERSION@" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <ItemGroup Label="ProjectConfigurations">
-    <ProjectConfiguration Include="Debug|@PLATFORM@">
-      <Configuration>Debug</Configuration>
-      <Platform>@PLATFORM@</Platform>
-    </ProjectConfiguration>
-    <ProjectConfiguration Include="Release|@PLATFORM@">
-      <Configuration>Release</Configuration>
-      <Platform>@PLATFORM@</Platform>
-    </ProjectConfiguration>
-  </ItemGroup>
-  <PropertyGroup Label="Globals">
-    <ProjectGuid>{03A96113-CB14-43AA-AEB2-48950E3915C5}</ProjectGuid>
-    <Keyword>Win32Proj</Keyword>
-    <RootNamespace>checkconf</RootNamespace>
-    @WINDOWS_TARGET_PLATFORM_VERSION@
-  </PropertyGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'" Label="Configuration">
-    <ConfigurationType>Application</ConfigurationType>
-    <UseDebugLibraries>true</UseDebugLibraries>
-    <CharacterSet>MultiByte</CharacterSet>
-    @PLATFORM_TOOLSET@
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'" Label="Configuration">
-    <ConfigurationType>Application</ConfigurationType>
-    <UseDebugLibraries>false</UseDebugLibraries>
-    <WholeProgramOptimization>true</WholeProgramOptimization>
-    <CharacterSet>MultiByte</CharacterSet>
-    @PLATFORM_TOOLSET@
-  </PropertyGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
-  <ImportGroup Label="ExtensionSettings">
-  </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <PropertyGroup Label="UserMacros" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <LinkIncremental>true</LinkIncremental>
-    <OutDir>..\..\..\Build\$(Configuration)\</OutDir>
-    <IntDir>.\$(Configuration)\</IntDir>
-    <IntDirSharingDetected>None</IntDirSharingDetected>
-    <TargetName>named-$(ProjectName)</TargetName>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <LinkIncremental>false</LinkIncremental>
-    <OutDir>..\..\..\Build\$(Configuration)\</OutDir>
-    <IntDir>.\$(Configuration)\</IntDir>
-    <IntDirSharingDetected>None</IntDirSharingDetected>
-    <TargetName>named-$(ProjectName)</TargetName>
-  </PropertyGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <ClCompile>
-      <PrecompiledHeader>
-      </PrecompiledHeader>
-      <WarningLevel>Level4</WarningLevel>
-      <TreatWarningAsError>false</TreatWarningAsError>
-      <Optimization>Disabled</Optimization>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <PrecompiledHeaderOutputFile>.\$(Configuration)\$(ProjectName).pch</PrecompiledHeaderOutputFile>
-      <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
-      <ObjectFileName>.\$(Configuration)\</ObjectFileName>
-      <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
-      <BrowseInformation>true</BrowseInformation>
-      <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
-      <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\dns\include;..\..\..\lib\bind9\include;..\..\..\lib\isccfg\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <CompileAs>CompileAsC</CompileAs>
-    </ClCompile>
-    <Link>
-      <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>true</GenerateDebugInformation>
-      <OutputFile>..\..\..\Build\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
-      <AdditionalLibraryDirectories>$(Configuration);..\..\..\lib\isc\win32\$(Configuration);..\..\..\lib\dns\win32\$(Configuration);..\..\..\lib\isccfg\win32\$(Configuration);..\..\..\lib\isccc\win32\$(Configuration);..\..\..\lib\bind9\win32\$(Configuration);..\..\..\lib\ns\win32\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
-      <AdditionalDependencies>@OPENSSL_LIB@checktool.lib;libisc.lib;libdns.lib;libisccfg.lib;libisccc.lib;libbind9.lib;libns.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
-    </Link>
-  </ItemDefinitionGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <ClCompile>
-      <WarningLevel>Level1</WarningLevel>
-      <TreatWarningAsError>true</TreatWarningAsError>
-      <PrecompiledHeader>
-      </PrecompiledHeader>
-      <Optimization>MaxSpeed</Optimization>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <IntrinsicFunctions>@INTRINSIC@</IntrinsicFunctions>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
-      <WholeProgramOptimization>false</WholeProgramOptimization>
-      <StringPooling>true</StringPooling>
-      <PrecompiledHeaderOutputFile>.\$(Configuration)\$(ProjectName).pch</PrecompiledHeaderOutputFile>
-      <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
-      <ObjectFileName>.\$(Configuration)\</ObjectFileName>
-      <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
-      <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
-      <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\dns\include;..\..\..\lib\bind9\include;..\..\..\lib\isccfg\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <CompileAs>CompileAsC</CompileAs>
-    </ClCompile>
-    <Link>
-      <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>false</GenerateDebugInformation>
-      <EnableCOMDATFolding>true</EnableCOMDATFolding>
-      <OptimizeReferences>true</OptimizeReferences>
-      <OutputFile>..\..\..\Build\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
-      <AdditionalLibraryDirectories>$(Configuration);..\..\..\lib\isc\win32\$(Configuration);..\..\..\lib\dns\win32\$(Configuration);..\..\..\lib\isccfg\win32\$(Configuration);..\..\..\lib\isccc\win32\$(Configuration);..\..\..\lib\bind9\win32\$(Configuration);..\..\..\lib\ns\win32\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
-      <AdditionalDependencies>@OPENSSL_LIB@checktool.lib;libisc.lib;libdns.lib;libisccfg.lib;libisccc.lib;libbind9.lib;libns.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
-      <LinkTimeCodeGeneration>Default</LinkTimeCodeGeneration>
-    </Link>
-  </ItemDefinitionGroup>
-  <ItemGroup>
-    <ClInclude Include="..\check-tool.h" />
-  </ItemGroup>
-  <ItemGroup>
-    <ClCompile Include="..\named-checkconf.c" />
-  </ItemGroup>
-  <ItemGroup>
-    <ProjectReference Include="..\..\..\lib\isc\win32\libisc.vcxproj">
-      <Project>{3840E563-D180-4761-AA9C-E6155F02EAFF}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\lib\dns\win32\libdns.vcxproj">
-      <Project>{5FEBFD4E-CCB0-48B9-B733-E15EEB85C16A}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\lib\ns\win32\libns.vcxproj">
-      <Project>{82ACD33C-E75F-45B8-BB6D-42643A10D7EE}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\lib\isccfg\win32\libisccfg.vcxproj">
-      <Project>{B2DFA58C-6347-478E-81E8-01E06999D4F1}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\lib\bind9\win32\libbind9.vcxproj">
-      <Project>{E741C10B-B075-4206-9596-46765B665E03}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\bin\check\win32\checktool.vcxproj">
-      <Project>{2C1F7096-C5B5-48D4-846F-A7ACA454335D}</Project>
-    </ProjectReference>
-  </ItemGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
-  <ImportGroup Label="ExtensionTargets">
-  </ImportGroup>
-</Project>

bin/check/win32/checkconf.vcxproj.user

@@ -1,3 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-</Project>

bin/check/win32/checktool.dsp

@@ -0,0 +1,113 @@
+# Microsoft Developer Studio Project File - Name="checktool" - Package Owner=<4>
+# Microsoft Developer Studio Generated Build File, Format Version 6.00
+# ** DO NOT EDIT **
+
+# TARGTYPE "Win32 (x86) Static-Link Library" 0x0104
+
+CFG=checktool - Win32 Debug
+!MESSAGE This is not a valid makefile. To build this project using NMAKE,
+!MESSAGE use the Export Makefile command and run
+!MESSAGE 
+!MESSAGE NMAKE /f "checktool.mak".
+!MESSAGE 
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE 
+!MESSAGE NMAKE /f "checktool.mak" CFG="checktool - Win32 Debug"
+!MESSAGE 
+!MESSAGE Possible choices for configuration are:
+!MESSAGE 
+!MESSAGE "checktool - Win32 Release" (based on "Win32 (x86) Static-Link Library")
+!MESSAGE "checktool - Win32 Debug" (based on "Win32 (x86) Static-Link Library")
+!MESSAGE 
+
+# Begin Project
+# PROP AllowPerConfigDependencies 0
+# PROP Scc_ProjName ""
+# PROP Scc_LocalPath ""
+CPP=cl.exe
+MTL=midl.exe
+RSC=rc.exe
+
+!IF  "$(CFG)" == "checktool - Win32 Release"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "Release"
+# PROP BASE Intermediate_Dir "Release"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "Release"
+# PROP Intermediate_Dir "Release"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /YX /FD /c
+# ADD CPP /nologo /MD /W3 /GX /O2 /I "./" /I "../../../" /I "../include" /I "../../../lib/isc/win32" /I "../../../lib/isc/win32/include" /I "../../../lib/isc/include" /I "../../../lib/isccfg/include" /I "../../../lib/dns/include" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "__STDC__" /D "_MBCS" /YX /FD /c /Fdchecktool
+# SUBTRACT CPP /X
+# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32
+# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32
+# ADD BASE RSC /l 0x409 /d "NDEBUG"
+# ADD RSC /l 0x409 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 
+# ADD LINK32 /out:"Release/checktool.lib"
+
+!ELSEIF  "$(CFG)" == "checktool - Win32 Debug"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "Debug"
+# PROP BASE Intermediate_Dir "Debug"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "Debug"
+# PROP Intermediate_Dir "Debug"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /GZ /c
+# ADD CPP /nologo /MDd /W3 /Gm /GX /ZI /Od /I "./" /I "../../../" /I "../include" /I "../../../lib/isc/win32" /I "../../../lib/isc/win32/include" /I "../../../lib/isc/include" /I "../../../lib/isccfg/include" /I "../../../lib/dns/include" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "__STDC__" /D "_MBCS" /FR /YX /FD /GZ /c /Fdchecktool
+# SUBTRACT CPP /X
+# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /win32
+# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32
+# ADD BASE RSC /l 0x409 /d "_DEBUG"
+# ADD RSC /l 0x409 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 
+# ADD LINK32 /debug out:"Debug/checktool.lib"
+
+!ENDIF 
+
+# Begin Target
+
+# Name "checktool - Win32 Release"
+# Name "checktool - Win32 Debug"
+# Begin Group "Source Files"
+
+# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
+# End Group
+# Begin Group "Header Files"
+
+# PROP Default_Filter "h;hpp;hxx;hm;inl"
+# End Group
+# Begin Group "Resource Files"
+
+# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
+# End Group
+# Begin Group "Main Dns Lib"
+
+# PROP Default_Filter "c"
+# Begin Source File
+
+SOURCE=..\check-tool.c
+# End Source File
+# End Group
+# End Target
+# End Project

bin/check/win32/checktool.dsw

@@ -0,0 +1,29 @@
+Microsoft Developer Studio Workspace File, Format Version 6.00
+# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE!
+
+###############################################################################
+
+Project: "checktool"=".\checktool.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+}}}
+
+###############################################################################
+
+Global:
+
+Package=<5>
+{{{
+}}}
+
+Package=<3>
+{{{
+}}}
+
+###############################################################################
+

bin/check/win32/checktool.vcxproj.filters.in

@@ -1,18 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <ItemGroup>
-    <Filter Include="Source Files">
-      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
-      <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
-    </Filter>
-    <Filter Include="Resource Files">
-      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
-      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
-    </Filter>
-  </ItemGroup>
-  <ItemGroup>
-    <ClCompile Include="..\check-tool.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-  </ItemGroup>
-</Project>

bin/check/win32/checktool.vcxproj.in

@@ -1,124 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project DefaultTargets="Build" ToolsVersion="@TOOLS_VERSION@" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <ItemGroup Label="ProjectConfigurations">
-    <ProjectConfiguration Include="Debug|@PLATFORM@">
-      <Configuration>Debug</Configuration>
-      <Platform>@PLATFORM@</Platform>
-    </ProjectConfiguration>
-    <ProjectConfiguration Include="Release|@PLATFORM@">
-      <Configuration>Release</Configuration>
-      <Platform>@PLATFORM@</Platform>
-    </ProjectConfiguration>
-  </ItemGroup>
-  <ItemGroup>
-    <ClCompile Include="..\check-tool.c" />
-  </ItemGroup>
-  <PropertyGroup Label="Globals">
-    <ProjectGuid>{2C1F7096-C5B5-48D4-846F-A7ACA454335D}</ProjectGuid>
-    <Keyword>Win32Proj</Keyword>
-    <RootNamespace>checktool</RootNamespace>
-    @WINDOWS_TARGET_PLATFORM_VERSION@
-  </PropertyGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'" Label="Configuration">
-    <ConfigurationType>StaticLibrary</ConfigurationType>
-    <UseDebugLibraries>true</UseDebugLibraries>
-    <CharacterSet>MultiByte</CharacterSet>
-    @PLATFORM_TOOLSET@
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'" Label="Configuration">
-    <ConfigurationType>StaticLibrary</ConfigurationType>
-    <UseDebugLibraries>false</UseDebugLibraries>
-    <WholeProgramOptimization>true</WholeProgramOptimization>
-    <CharacterSet>MultiByte</CharacterSet>
-    @PLATFORM_TOOLSET@
-  </PropertyGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
-  <ImportGroup Label="ExtensionSettings">
-  </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <PropertyGroup Label="UserMacros" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <OutDir>.\$(Configuration)\</OutDir>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <IntDir>.\$(Configuration)\</IntDir>
-    <IntDirSharingDetected>None</IntDirSharingDetected>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <OutDir>.\$(Configuration)\</OutDir>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <IntDir>.\$(Configuration)\</IntDir>
-    <IntDirSharingDetected>None</IntDirSharingDetected>
-  </PropertyGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <ClCompile>
-      <PrecompiledHeader>
-      </PrecompiledHeader>
-      <WarningLevel>Level4</WarningLevel>
-      <TreatWarningAsError>false</TreatWarningAsError>
-      <Optimization>Disabled</Optimization>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <PrecompiledHeaderOutputFile>.\$(Configuration)\$(TargetName).pch</PrecompiledHeaderOutputFile>
-      <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
-      <ObjectFileName>.\$(Configuration)\</ObjectFileName>
-      <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
-      <BrowseInformation>true</BrowseInformation>
-      <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
-      <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@..\include;..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\isccfg\include;..\..\..\lib\dns\include;..\..\..\lib\ns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <CompileAs>CompileAsC</CompileAs>
-    </ClCompile>
-    <Lib>
-      <OutputFile>.\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
-    </Lib>
-  </ItemDefinitionGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <ClCompile>
-      <WarningLevel>Level1</WarningLevel>
-      <TreatWarningAsError>true</TreatWarningAsError>
-      <PrecompiledHeader>
-      </PrecompiledHeader>
-      <Optimization>MaxSpeed</Optimization>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <IntrinsicFunctions>@INTRINSIC@</IntrinsicFunctions>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_LIB;%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
-      <WholeProgramOptimization>false</WholeProgramOptimization>
-      <StringPooling>true</StringPooling>
-      <PrecompiledHeaderOutputFile>.\$(Configuration)\$(TargetName).pch</PrecompiledHeaderOutputFile>
-      <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
-      <ObjectFileName>.\$(Configuration)\</ObjectFileName>
-      <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
-      <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
-      <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@..\include;..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\isccfg\include;..\..\..\lib\dns\include;..\..\..\lib\ns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <CompileAs>CompileAsC</CompileAs>
-    </ClCompile>
-    <Lib>
-      <OutputFile>.\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
-    </Lib>
-  </ItemDefinitionGroup>
-  <ItemGroup>
-    <ProjectReference Include="..\..\..\lib\isc\win32\libisc.vcxproj">
-      <Project>{3840E563-D180-4761-AA9C-E6155F02EAFF}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\lib\dns\win32\libdns.vcxproj">
-      <Project>{5FEBFD4E-CCB0-48B9-B733-E15EEB85C16A}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\lib\ns\win32\libns.vcxproj">
-      <Project>{82ACD33C-E75F-45B8-BB6D-42643A10D7EE}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\lib\isccfg\win32\libisccfg.vcxproj">
-      <Project>{B2DFA58C-6347-478E-81E8-01E06999D4F1}</Project>
-    </ProjectReference>
-  </ItemGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
-  <ImportGroup Label="ExtensionTargets">
-  </ImportGroup>
-</Project>

bin/check/win32/checktool.vcxproj.user

@@ -1,3 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-</Project>

bin/check/win32/checkzone.vcxproj.filters.in

@@ -1,27 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <ItemGroup>
-    <Filter Include="Source Files">
-      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
-      <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
-    </Filter>
-    <Filter Include="Header Files">
-      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
-      <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
-    </Filter>
-    <Filter Include="Resource Files">
-      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
-      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
-    </Filter>
-  </ItemGroup>
-  <ItemGroup>
-    <ClInclude Include="..\check-tool.h">
-      <Filter>Header Files</Filter>
-    </ClInclude>
-  </ItemGroup>
-  <ItemGroup>
-    <ClCompile Include="..\named-checkzone.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-  </ItemGroup>
-</Project>

bin/check/win32/checkzone.vcxproj.in

@@ -1,152 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project DefaultTargets="Build" ToolsVersion="@TOOLS_VERSION@" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <ItemGroup Label="ProjectConfigurations">
-    <ProjectConfiguration Include="Debug|@PLATFORM@">
-      <Configuration>Debug</Configuration>
-      <Platform>@PLATFORM@</Platform>
-    </ProjectConfiguration>
-    <ProjectConfiguration Include="Release|@PLATFORM@">
-      <Configuration>Release</Configuration>
-      <Platform>@PLATFORM@</Platform>
-    </ProjectConfiguration>
-  </ItemGroup>
-  <PropertyGroup Label="Globals">
-    <ProjectGuid>{66028555-7DD5-4016-B601-9EF9A1EE8BFA}</ProjectGuid>
-    <Keyword>Win32Proj</Keyword>
-    <RootNamespace>checkzone</RootNamespace>
-    @WINDOWS_TARGET_PLATFORM_VERSION@
-  </PropertyGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'" Label="Configuration">
-    <ConfigurationType>Application</ConfigurationType>
-    <UseDebugLibraries>true</UseDebugLibraries>
-    <CharacterSet>MultiByte</CharacterSet>
-    @PLATFORM_TOOLSET@
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'" Label="Configuration">
-    <ConfigurationType>Application</ConfigurationType>
-    <UseDebugLibraries>false</UseDebugLibraries>
-    <WholeProgramOptimization>true</WholeProgramOptimization>
-    <CharacterSet>MultiByte</CharacterSet>
-    @PLATFORM_TOOLSET@
-  </PropertyGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
-  <ImportGroup Label="ExtensionSettings">
-  </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <PropertyGroup Label="UserMacros" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <LinkIncremental>true</LinkIncremental>
-    <OutDir>..\..\..\Build\$(Configuration)\</OutDir>
-    <IntDir>.\$(Configuration)\</IntDir>
-    <IntDirSharingDetected>None</IntDirSharingDetected>
-    <TargetName>named-$(ProjectName)</TargetName>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <LinkIncremental>false</LinkIncremental>
-    <OutDir>..\..\..\Build\$(Configuration)\</OutDir>
-    <IntDir>.\$(Configuration)\</IntDir>
-    <IntDirSharingDetected>None</IntDirSharingDetected>
-    <TargetName>named-$(ProjectName)</TargetName>
-  </PropertyGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <ClCompile>
-      <PrecompiledHeader>
-      </PrecompiledHeader>
-      <WarningLevel>Level4</WarningLevel>
-      <TreatWarningAsError>false</TreatWarningAsError>
-      <Optimization>Disabled</Optimization>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <PrecompiledHeaderOutputFile>.\$(Configuration)\$(ProjectName).pch</PrecompiledHeaderOutputFile>
-      <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
-      <ObjectFileName>.\$(Configuration)\</ObjectFileName>
-      <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
-      <BrowseInformation>true</BrowseInformation>
-      <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
-      <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\dns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <CompileAs>CompileAsC</CompileAs>
-    </ClCompile>
-    <Link>
-      <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>true</GenerateDebugInformation>
-      <OutputFile>..\..\..\Build\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
-      <AdditionalLibraryDirectories>$(Configuration);..\..\..\lib\isc\win32\$(Configuration);..\..\..\lib\dns\win32\$(Configuration);..\..\..\lib\isccfg\win32\$(Configuration);..\..\..\lib\ns\win32\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
-      <AdditionalDependencies>@OPENSSL_LIB@checktool.lib;libisc.lib;libdns.lib;libisccfg.lib;libns.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
-    </Link>
-    <PostBuildEvent>
-      <Command>cd ..\..\..\Build\$(Configuration)
-copy /Y named-checkzone.exe named-compilezone.exe
-copy /Y named-checkzone.ilk named-compilezone.ilk
-</Command>
-    </PostBuildEvent>
-  </ItemDefinitionGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <ClCompile>
-      <WarningLevel>Level1</WarningLevel>
-      <TreatWarningAsError>true</TreatWarningAsError>
-      <PrecompiledHeader>
-      </PrecompiledHeader>
-      <Optimization>MaxSpeed</Optimization>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <IntrinsicFunctions>@INTRINSIC@</IntrinsicFunctions>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
-      <WholeProgramOptimization>false</WholeProgramOptimization>
-      <StringPooling>true</StringPooling>
-      <PrecompiledHeaderOutputFile>.\$(Configuration)\$(ProjectName).pch</PrecompiledHeaderOutputFile>
-      <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
-      <ObjectFileName>.\$(Configuration)\</ObjectFileName>
-      <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
-      <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
-      <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@@OPENSSL_INC@..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\dns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <CompileAs>CompileAsC</CompileAs>
-    </ClCompile>
-    <Link>
-      <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>false</GenerateDebugInformation>
-      <EnableCOMDATFolding>true</EnableCOMDATFolding>
-      <OptimizeReferences>true</OptimizeReferences>
-      <OutputFile>..\..\..\Build\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
-      <AdditionalLibraryDirectories>$(Configuration);..\..\..\lib\isc\win32\$(Configuration);..\..\..\lib\dns\win32\$(Configuration);..\..\..\lib\isccfg\win32\$(Configuration);..\..\..\lib\ns\win32\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
-      <AdditionalDependencies>@OPENSSL_LIB@checktool.lib;libisc.lib;libdns.lib;libisccfg.lib;libns.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
-      <LinkTimeCodeGeneration>Default</LinkTimeCodeGeneration>
-    </Link>
-    <PostBuildEvent>
-      <Command>cd ..\..\..\Build\$(Configuration)
-copy /Y named-checkzone.exe named-compilezone.exe
-</Command>
-    </PostBuildEvent>
-  </ItemDefinitionGroup>
-  <ItemGroup>
-    <ClInclude Include="..\check-tool.h" />
-  </ItemGroup>
-  <ItemGroup>
-    <ClCompile Include="..\named-checkzone.c" />
-  </ItemGroup>
-  <ItemGroup>
-    <ProjectReference Include="..\..\..\lib\isc\win32\libisc.vcxproj">
-      <Project>{3840E563-D180-4761-AA9C-E6155F02EAFF}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\lib\dns\win32\libdns.vcxproj">
-      <Project>{5FEBFD4E-CCB0-48B9-B733-E15EEB85C16A}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\lib\ns\win32\libns.vcxproj">
-      <Project>{82ACD33C-E75F-45B8-BB6D-42643A10D7EE}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\lib\isccfg\win32\libisccfg.vcxproj">
-      <Project>{B2DFA58C-6347-478E-81E8-01E06999D4F1}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\bin\check\win32\checktool.vcxproj">
-      <Project>{2C1F7096-C5B5-48D4-846F-A7ACA454335D}</Project>
-    </ProjectReference>
-  </ItemGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
-  <ImportGroup Label="ExtensionTargets">
-  </ImportGroup>
-</Project>

bin/check/win32/checkzone.vcxproj.user

@@ -1,3 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-</Project>

bin/check/win32/namedcheckconf.dsp

@@ -0,0 +1,107 @@
+# Microsoft Developer Studio Project File - Name="namedcheckconf" - Package Owner=<4>
+# Microsoft Developer Studio Generated Build File, Format Version 6.00
+# ** DO NOT EDIT **
+
+# TARGTYPE "Win32 (x86) Console Application" 0x0103
+
+CFG=namedcheckconf - Win32 Debug
+!MESSAGE This is not a valid makefile. To build this project using NMAKE,
+!MESSAGE use the Export Makefile command and run
+!MESSAGE 
+!MESSAGE NMAKE /f "namedcheckconf.mak".
+!MESSAGE 
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE 
+!MESSAGE NMAKE /f "namedcheckconf.mak" CFG="namedcheckconf - Win32 Debug"
+!MESSAGE 
+!MESSAGE Possible choices for configuration are:
+!MESSAGE 
+!MESSAGE "namedcheckconf - Win32 Release" (based on "Win32 (x86) Console Application")
+!MESSAGE "namedcheckconf - Win32 Debug" (based on "Win32 (x86) Console Application")
+!MESSAGE 
+
+# Begin Project
+# PROP AllowPerConfigDependencies 0
+# PROP Scc_ProjName ""
+# PROP Scc_LocalPath ""
+CPP=cl.exe
+RSC=rc.exe
+
+!IF  "$(CFG)" == "namedcheckconf - Win32 Release"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "Release"
+# PROP BASE Intermediate_Dir "Release"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "Release"
+# PROP Intermediate_Dir "Release"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD CPP /nologo /MD /W3 /GX /O2 /I "./" /I "../../../" /I "../../../lib/isc/win32" /I "../../../lib/isc/win32/include" /I "../../../lib/isc/include" /I "../../../lib/isc/noatomic/include" /I "../../../lib/dns/include" /I "../../../lib/bind9/include" /I "../../../lib/isccfg/include" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "__STDC__" /FR /YX /FD /c
+# ADD BASE RSC /l 0x409 /d "NDEBUG"
+# ADD RSC /l 0x409 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
+# ADD LINK32 user32.lib advapi32.lib ws2_32.lib Release/checktool.lib ../../../lib/isc/win32/Release/libisc.lib ../../../lib/dns/win32/Release/libdns.lib ../../../lib/isccfg/win32/Release/libisccfg.lib ../../../lib/bind9/win32/Release/libbind9.lib /nologo /subsystem:console /machine:I386 /out:"../../../Build/Release/named-checkconf.exe"
+
+!ELSEIF  "$(CFG)" == "namedcheckconf - Win32 Debug"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "Debug"
+# PROP BASE Intermediate_Dir "Debug"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "Debug"
+# PROP Intermediate_Dir "Debug"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
+# ADD CPP /nologo /MDd /W3 /Gm /GX /ZI /Od /I "./" /I "../../../" /I "../../../lib/isc/win32" /I "../../../lib/isc/win32/include" /I "../../../lib/isc/include" /I "../../../lib/isc/noatomic/include" /I "../../../lib/dns/include" /I "../../../lib/bind9/include" /I "../../../lib/isccfg/include" /D "_DEBUG" /D "__STDC__" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /FR /FD /GZ /c
+# SUBTRACT CPP /X /YX
+# ADD BASE RSC /l 0x409 /d "_DEBUG"
+# ADD RSC /l 0x409 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 user32.lib advapi32.lib ws2_32.lib Debug/checktool.lib ../../../lib/isc/win32/Debug/libisc.lib ../../../lib/dns/win32/Debug/libdns.lib ../../../lib/isccfg/win32/Debug/libisccfg.lib ../../../lib/bind9/win32/Debug/libbind9.lib ../../../lib/bind9/win32/Debug/libbind9.lib /nologo /subsystem:console /debug /machine:I386 /out:"../../../Build/Debug/named-checkconf.exe" /pdbtype:sept
+
+!ENDIF 
+
+# Begin Target
+
+# Name "namedcheckconf - Win32 Release"
+# Name "namedcheckconf - Win32 Debug"
+# Begin Group "Source Files"
+
+# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
+# Begin Source File
+
+SOURCE="..\named-checkconf.c"
+# End Source File
+# End Group
+# Begin Group "Header Files"
+
+# PROP Default_Filter "h;hpp;hxx;hm;inl"
+# Begin Source File
+
+SOURCE="..\check-tool.h"
+# End Source File
+# End Group
+# Begin Group "Resource Files"
+
+# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
+# End Group
+# End Target
+# End Project

bin/check/win32/namedcheckconf.dsw

@@ -0,0 +1,29 @@
+Microsoft Developer Studio Workspace File, Format Version 6.00
+# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE!
+
+###############################################################################
+
+Project: "namedcheckconf"=".\namedcheckconf.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+}}}
+
+###############################################################################
+
+Global:
+
+Package=<5>
+{{{
+}}}
+
+Package=<3>
+{{{
+}}}
+
+###############################################################################
+

bin/check/win32/namedcheckconf.mak

@@ -0,0 +1,404 @@
+# Microsoft Developer Studio Generated NMAKE File, Based on namedcheckconf.dsp
+!IF "$(CFG)" == ""
+CFG=namedcheckconf - Win32 Debug
+!MESSAGE No configuration specified. Defaulting to namedcheckconf - Win32 Debug.
+!ENDIF 
+
+!IF "$(CFG)" != "namedcheckconf - Win32 Release" && "$(CFG)" != "namedcheckconf - Win32 Debug"
+!MESSAGE Invalid configuration "$(CFG)" specified.
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE 
+!MESSAGE NMAKE /f "namedcheckconf.mak" CFG="namedcheckconf - Win32 Debug"
+!MESSAGE 
+!MESSAGE Possible choices for configuration are:
+!MESSAGE 
+!MESSAGE "namedcheckconf - Win32 Release" (based on "Win32 (x86) Console Application")
+!MESSAGE "namedcheckconf - Win32 Debug" (based on "Win32 (x86) Console Application")
+!MESSAGE 
+!ERROR An invalid configuration is specified.
+!ENDIF 
+
+!IF "$(OS)" == "Windows_NT"
+NULL=
+!ELSE 
+NULL=nul
+!ENDIF 
+
+CPP=cl.exe
+RSC=rc.exe
+
+!IF  "$(CFG)" == "namedcheckconf - Win32 Release"
+_VC_MANIFEST_INC=0
+_VC_MANIFEST_BASENAME=__VC80
+!ELSE
+_VC_MANIFEST_INC=1
+_VC_MANIFEST_BASENAME=__VC80.Debug
+!ENDIF
+
+####################################################
+# Specifying name of temporary resource file used only in incremental builds:
+
+!if "$(_VC_MANIFEST_INC)" == "1"
+_VC_MANIFEST_AUTO_RES=$(_VC_MANIFEST_BASENAME).auto.res
+!else
+_VC_MANIFEST_AUTO_RES=
+!endif
+
+####################################################
+# _VC_MANIFEST_EMBED_EXE - command to embed manifest in EXE:
+
+!if "$(_VC_MANIFEST_INC)" == "1"
+
+#MT_SPECIAL_RETURN=1090650113
+#MT_SPECIAL_SWITCH=-notify_resource_update
+MT_SPECIAL_RETURN=0
+MT_SPECIAL_SWITCH=
+_VC_MANIFEST_EMBED_EXE= \
+if exist $@.manifest mt.exe -manifest $@.manifest -out:$(_VC_MANIFEST_BASENAME).auto.manifest $(MT_SPECIAL_SWITCH) & \
+if "%ERRORLEVEL%" == "$(MT_SPECIAL_RETURN)" \
+rc /r $(_VC_MANIFEST_BASENAME).auto.rc & \
+link $** /out:$@ $(LFLAGS)
+
+!else
+
+_VC_MANIFEST_EMBED_EXE= \
+if exist $@.manifest mt.exe -manifest $@.manifest -outputresource:$@;1
+
+!endif
+
+####################################################
+# _VC_MANIFEST_EMBED_DLL - command to embed manifest in DLL:
+
+!if "$(_VC_MANIFEST_INC)" == "1"
+
+#MT_SPECIAL_RETURN=1090650113
+#MT_SPECIAL_SWITCH=-notify_resource_update
+MT_SPECIAL_RETURN=0
+MT_SPECIAL_SWITCH=
+_VC_MANIFEST_EMBED_EXE= \
+if exist $@.manifest mt.exe -manifest $@.manifest -out:$(_VC_MANIFEST_BASENAME).auto.manifest $(MT_SPECIAL_SWITCH) & \
+if "%ERRORLEVEL%" == "$(MT_SPECIAL_RETURN)" \
+rc /r $(_VC_MANIFEST_BASENAME).auto.rc & \
+link $** /out:$@ $(LFLAGS)
+
+!else
+
+_VC_MANIFEST_EMBED_EXE= \
+if exist $@.manifest mt.exe -manifest $@.manifest -outputresource:$@;2
+
+!endif
+####################################################
+# _VC_MANIFEST_CLEAN - command to clean resources files generated temporarily:
+
+!if "$(_VC_MANIFEST_INC)" == "1"
+
+_VC_MANIFEST_CLEAN=-del $(_VC_MANIFEST_BASENAME).auto.res \
+    $(_VC_MANIFEST_BASENAME).auto.rc \
+    $(_VC_MANIFEST_BASENAME).auto.manifest
+
+!else
+
+_VC_MANIFEST_CLEAN=
+
+!endif
+
+!IF  "$(CFG)" == "namedcheckconf - Win32 Release"
+
+OUTDIR=.\Release
+INTDIR=.\Release
+# Begin Custom Macros
+OutDir=.\Release
+# End Custom Macros
+
+!IF "$(RECURSE)" == "0" 
+
+ALL : "..\..\..\Build\Release\named-checkconf.exe" "$(OUTDIR)\namedcheckconf.bsc"
+
+!ELSE 
+
+ALL : "libdns - Win32 Release" "libisccfg - Win32 Release" "libisc - Win32 Release" "..\..\..\Build\Release\named-checkconf.exe" "$(OUTDIR)\namedcheckconf.bsc"
+
+!ENDIF 
+
+!IF "$(RECURSE)" == "1" 
+CLEAN :"libisc - Win32 ReleaseCLEAN" "libisccfg - Win32 ReleaseCLEAN" "libdns - Win32 ReleaseCLEAN" 
+!ELSE 
+CLEAN :
+!ENDIF 
+	-@erase "$(INTDIR)\check-tool.obj"
+	-@erase "$(INTDIR)\check-tool.sbr"
+	-@erase "$(INTDIR)\named-checkconf.obj"
+	-@erase "$(INTDIR)\named-checkconf.sbr"
+	-@erase "$(INTDIR)\vc60.idb"
+	-@erase "$(OUTDIR)\namedcheckconf.bsc"
+	-@erase "..\..\..\Build\Release\named-checkconf.exe"
+	-@$(_VC_MANIFEST_CLEAN)
+
+"$(OUTDIR)" :
+    if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
+
+CPP_PROJ=/nologo /MD /W3 /GX /O2 /I "./" /I "../../../" /I "../../../lib/isc/win32" /I "../../../lib/isc/win32/include" /I "../../../lib/isc/include" /I "../../../lib/isc/noatomic/include" /I "../../../lib/dns/include" /I "../../../lib/bind9/include" /I "../../../lib/isccfg/include" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "__STDC__" /FR"$(INTDIR)\\" /Fp"$(INTDIR)\namedcheckconf.pch" /YX /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /c 
+BSC32=bscmake.exe
+BSC32_FLAGS=/nologo /o"$(OUTDIR)\namedcheckconf.bsc" 
+BSC32_SBRS= \
+	"$(INTDIR)\check-tool.sbr" \
+	"$(INTDIR)\named-checkconf.sbr"
+
+"$(OUTDIR)\namedcheckconf.bsc" : "$(OUTDIR)" $(BSC32_SBRS)
+    $(BSC32) @<<
+  $(BSC32_FLAGS) $(BSC32_SBRS)
+<<
+
+LINK32=link.exe
+LINK32_FLAGS=user32.lib advapi32.lib ws2_32.lib ../../../lib/isc/win32/Release/libisc.lib  ../../../lib/dns/win32/Release/libdns.lib ../../../lib/isccfg/win32/Release/libisccfg.lib ../../../lib/bind9/win32/Release/libbind9.lib /nologo /subsystem:console /incremental:no /pdb:"$(OUTDIR)\named-checkconf.pdb" /machine:I386 /out:"../../../Build/Release/named-checkconf.exe" 
+LINK32_OBJS= \
+	"$(INTDIR)\check-tool.obj" \
+	"$(INTDIR)\named-checkconf.obj" \
+	"..\..\..\lib\isc\win32\Release\libisc.lib" \
+	"..\..\..\lib\isccfg\win32\Release\libisccfg.lib" \
+	"..\..\..\lib\dns\win32\Release\libdns.lib"
+
+"..\..\..\Build\Release\named-checkconf.exe" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
+    $(LINK32) @<<
+  $(LINK32_FLAGS) $(LINK32_OBJS)
+<<
+    $(_VC_MANIFEST_EMBED_EXE)
+
+!ELSEIF  "$(CFG)" == "namedcheckconf - Win32 Debug"
+
+OUTDIR=.\Debug
+INTDIR=.\Debug
+# Begin Custom Macros
+OutDir=.\Debug
+# End Custom Macros
+
+!IF "$(RECURSE)" == "0" 
+
+ALL : "..\..\..\Build\Debug\named-checkconf.exe" "$(OUTDIR)\namedcheckconf.bsc"
+
+!ELSE 
+
+ALL : "libdns - Win32 Debug" "libisccfg - Win32 Debug" "libisc - Win32 Debug" "..\..\..\Build\Debug\named-checkconf.exe" "$(OUTDIR)\namedcheckconf.bsc"
+
+!ENDIF 
+
+!IF "$(RECURSE)" == "1" 
+CLEAN :"libisc - Win32 DebugCLEAN" "libisccfg - Win32 DebugCLEAN" "libdns - Win32 DebugCLEAN" 
+!ELSE 
+CLEAN :
+!ENDIF 
+	-@erase "$(INTDIR)\check-tool.obj"
+	-@erase "$(INTDIR)\check-tool.sbr"
+	-@erase "$(INTDIR)\named-checkconf.obj"
+	-@erase "$(INTDIR)\named-checkconf.sbr"
+	-@erase "$(INTDIR)\vc60.idb"
+	-@erase "$(INTDIR)\vc60.pdb"
+	-@erase "$(OUTDIR)\named-checkconf.pdb"
+	-@erase "$(OUTDIR)\namedcheckconf.bsc"
+	-@erase "..\..\..\Build\Debug\named-checkconf.exe"
+	-@erase "..\..\..\Build\Debug\named-checkconf.ilk"
+	-@$(_VC_MANIFEST_CLEAN)
+
+"$(OUTDIR)" :
+    if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
+
+CPP_PROJ=/nologo /MDd /W3 /Gm /GX /ZI /Od /I "./" /I "../../../" /I "../../../lib/isc/win32" /I "../../../lib/isc/win32/include" /I "../../../lib/isc/include" /I "../../../lib/isc/noatomic/include" /I "../../../lib/dns/include" /I "../../../lib/bind9/include" /I "../../../lib/isccfg/include" /D "_DEBUG" /D "__STDC__" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /FR"$(INTDIR)\\" /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /GZ /c 
+BSC32=bscmake.exe
+BSC32_FLAGS=/nologo /o"$(OUTDIR)\namedcheckconf.bsc" 
+BSC32_SBRS= \
+	"$(INTDIR)\check-tool.sbr" \
+	"$(INTDIR)\named-checkconf.sbr"
+
+"$(OUTDIR)\namedcheckconf.bsc" : "$(OUTDIR)" $(BSC32_SBRS)
+    $(BSC32) @<<
+  $(BSC32_FLAGS) $(BSC32_SBRS)
+<<
+
+LINK32=link.exe
+LINK32_FLAGS=user32.lib advapi32.lib ws2_32.lib ../../../lib/isc/win32/Debug/libisc.lib  ../../../lib/dns/win32/Debug/libdns.lib ../../../lib/isccfg/win32/Debug/libisccfg.lib ../../../lib/bind9/win32/Debug/libbind9.lib ../../../lib/bind9/win32/Debug/libbind9.lib /nologo /subsystem:console /incremental:yes /pdb:"$(OUTDIR)\named-checkconf.pdb" /debug /machine:I386 /out:"../../../Build/Debug/named-checkconf.exe" /pdbtype:sept 
+LINK32_OBJS= \
+	"$(INTDIR)\check-tool.obj" \
+	"$(INTDIR)\named-checkconf.obj" \
+	"..\..\..\lib\isc\win32\Debug\libisc.lib" \
+	"..\..\..\lib\isccfg\win32\Debug\libisccfg.lib" \
+	"..\..\..\lib\dns\win32\Debug\libdns.lib"
+
+"..\..\..\Build\Debug\named-checkconf.exe" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
+    $(LINK32) @<<
+  $(LINK32_FLAGS) $(LINK32_OBJS)
+<<
+    $(_VC_MANIFEST_EMBED_EXE)
+
+!ENDIF 
+
+.c{$(INTDIR)}.obj::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cpp{$(INTDIR)}.obj::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cxx{$(INTDIR)}.obj::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.c{$(INTDIR)}.sbr::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cpp{$(INTDIR)}.sbr::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cxx{$(INTDIR)}.sbr::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+
+!IF "$(NO_EXTERNAL_DEPS)" != "1"
+!IF EXISTS("namedcheckconf.dep")
+!INCLUDE "namedcheckconf.dep"
+!ELSE 
+!MESSAGE Warning: cannot find "namedcheckconf.dep"
+!ENDIF 
+!ENDIF 
+
+
+!IF "$(CFG)" == "namedcheckconf - Win32 Release" || "$(CFG)" == "namedcheckconf - Win32 Debug"
+SOURCE="..\check-tool.c"
+
+"$(INTDIR)\check-tool.obj"	"$(INTDIR)\check-tool.sbr" : $(SOURCE) "$(INTDIR)"
+	$(CPP) $(CPP_PROJ) $(SOURCE)
+
+
+SOURCE="..\named-checkconf.c"
+
+"$(INTDIR)\named-checkconf.obj"	"$(INTDIR)\named-checkconf.sbr" : $(SOURCE) "$(INTDIR)"
+	$(CPP) $(CPP_PROJ) $(SOURCE)
+
+
+!IF  "$(CFG)" == "namedcheckconf - Win32 Release"
+
+"libisc - Win32 Release" : 
+   cd "..\..\..\lib\isc\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libisc.mak" CFG="libisc - Win32 Release" 
+   cd "..\..\..\bin\check\win32"
+
+"libisc - Win32 ReleaseCLEAN" : 
+   cd "..\..\..\lib\isc\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libisc.mak" CFG="libisc - Win32 Release" RECURSE=1 CLEAN 
+   cd "..\..\..\bin\check\win32"
+
+!ELSEIF  "$(CFG)" == "namedcheckconf - Win32 Debug"
+
+"libisc - Win32 Debug" : 
+   cd "..\..\..\lib\isc\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libisc.mak" CFG="libisc - Win32 Debug" 
+   cd "..\..\..\bin\check\win32"
+
+"libisc - Win32 DebugCLEAN" : 
+   cd "..\..\..\lib\isc\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libisc.mak" CFG="libisc - Win32 Debug" RECURSE=1 CLEAN 
+   cd "..\..\..\bin\check\win32"
+
+!ENDIF 
+
+!IF  "$(CFG)" == "namedcheckconf - Win32 Release"
+
+"libisccfg - Win32 Release" : 
+   cd "..\..\..\lib\isccfg\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libisccfg.mak" CFG="libisccfg - Win32 Release" 
+   cd "..\..\..\bin\check\win32"
+
+"libisccfg - Win32 ReleaseCLEAN" : 
+   cd "..\..\..\lib\isccfg\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libisccfg.mak" CFG="libisccfg - Win32 Release" RECURSE=1 CLEAN 
+   cd "..\..\..\bin\check\win32"
+
+!ELSEIF  "$(CFG)" == "namedcheckconf - Win32 Debug"
+
+"libisccfg - Win32 Debug" : 
+   cd "..\..\..\lib\isccfg\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libisccfg.mak" CFG="libisccfg - Win32 Debug" 
+   cd "..\..\..\bin\check\win32"
+
+"libisccfg - Win32 DebugCLEAN" : 
+   cd "..\..\..\lib\isccfg\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libisccfg.mak" CFG="libisccfg - Win32 Debug" RECURSE=1 CLEAN 
+   cd "..\..\..\bin\check\win32"
+
+!ENDIF 
+
+!IF  "$(CFG)" == "namedcheckconf - Win32 Release"
+
+"libdns - Win32 Release" : 
+   cd "..\..\..\lib\dns\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libdns.mak" CFG="libdns - Win32 Release" 
+   cd "..\..\..\bin\check\win32"
+
+"libdns - Win32 ReleaseCLEAN" : 
+   cd "..\..\..\lib\dns\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libdns.mak" CFG="libdns - Win32 Release" RECURSE=1 CLEAN 
+   cd "..\..\..\bin\check\win32"
+
+!ELSEIF  "$(CFG)" == "namedcheckconf - Win32 Debug"
+
+"libdns - Win32 Debug" : 
+   cd "..\..\..\lib\dns\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libdns.mak" CFG="libdns - Win32 Debug" 
+   cd "..\..\..\bin\check\win32"
+
+"libdns - Win32 DebugCLEAN" : 
+   cd "..\..\..\lib\dns\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libdns.mak" CFG="libdns - Win32 Debug" RECURSE=1 CLEAN 
+   cd "..\..\..\bin\check\win32"
+
+!ENDIF 
+
+
+!ENDIF 
+
+####################################################
+# Commands to generate initial empty manifest file and the RC file
+# that references it, and for generating the .res file:
+
+$(_VC_MANIFEST_BASENAME).auto.res : $(_VC_MANIFEST_BASENAME).auto.rc
+
+$(_VC_MANIFEST_BASENAME).auto.rc : $(_VC_MANIFEST_BASENAME).auto.manifest
+    type <<$@
+#include <winuser.h>
+1RT_MANIFEST"$(_VC_MANIFEST_BASENAME).auto.manifest"
+<< KEEP
+
+$(_VC_MANIFEST_BASENAME).auto.manifest :
+    type <<$@
+<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
+<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
+</assembly>
+<< KEEP
+####################################################
+# Commands to generate initial empty manifest file and the RC file
+# that references it, and for generating the .res file:
+
+$(_VC_MANIFEST_BASENAME).auto.res : $(_VC_MANIFEST_BASENAME).auto.rc
+
+$(_VC_MANIFEST_BASENAME).auto.rc : $(_VC_MANIFEST_BASENAME).auto.manifest
+    type <<$@
+#include <winuser.h>
+1RT_MANIFEST"$(_VC_MANIFEST_BASENAME).auto.manifest"
+<< KEEP
+
+$(_VC_MANIFEST_BASENAME).auto.manifest :
+    type <<$@
+<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
+<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
+</assembly>
+<< KEEP

bin/check/win32/namedcheckzone.dsp

@@ -0,0 +1,108 @@
+# Microsoft Developer Studio Project File - Name="namedcheckzone" - Package Owner=<4>
+# Microsoft Developer Studio Generated Build File, Format Version 6.00
+# ** DO NOT EDIT **
+
+# TARGTYPE "Win32 (x86) Console Application" 0x0103
+
+CFG=namedcheckzone - Win32 Debug
+!MESSAGE This is not a valid makefile. To build this project using NMAKE,
+!MESSAGE use the Export Makefile command and run
+!MESSAGE 
+!MESSAGE NMAKE /f "namedcheckzone.mak".
+!MESSAGE 
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE 
+!MESSAGE NMAKE /f "namedcheckzone.mak" CFG="namedcheckzone - Win32 Debug"
+!MESSAGE 
+!MESSAGE Possible choices for configuration are:
+!MESSAGE 
+!MESSAGE "namedcheckzone - Win32 Release" (based on "Win32 (x86) Console Application")
+!MESSAGE "namedcheckzone - Win32 Debug" (based on "Win32 (x86) Console Application")
+!MESSAGE 
+
+# Begin Project
+# PROP AllowPerConfigDependencies 0
+# PROP Scc_ProjName ""
+# PROP Scc_LocalPath ""
+CPP=cl.exe
+RSC=rc.exe
+
+!IF  "$(CFG)" == "namedcheckzone - Win32 Release"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "Release"
+# PROP BASE Intermediate_Dir "Release"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "Release"
+# PROP Intermediate_Dir "Release"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD CPP /nologo /MD /W3 /GX /O2 /I "./" /I "../../../" /I "../../../lib/isc/win32" /I "../../../lib/isc/win32/include" /I "../../../lib/isc/include" /I "../../../lib/isc/noatomic/include" /I "../../../lib/dns/include" /I "../../../lib/isccfg/include" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "__STDC__" /YX /FD /c
+# SUBTRACT CPP /Fr
+# ADD BASE RSC /l 0x409 /d "NDEBUG"
+# ADD RSC /l 0x409 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
+# ADD LINK32 user32.lib advapi32.lib ws2_32.lib Release/checktool.lib ../../../lib/isc/win32/Release/libisc.lib ../../../lib/isccfg/win32/Release/libisccfg.lib ../../../lib/dns/win32/Release/libdns.lib /nologo /subsystem:console /machine:I386 /out:"../../../Build/Release/named-checkzone.exe"
+
+!ELSEIF  "$(CFG)" == "namedcheckzone - Win32 Debug"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "Debug"
+# PROP BASE Intermediate_Dir "Debug"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "Debug"
+# PROP Intermediate_Dir "Debug"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
+# ADD CPP /nologo /MDd /W3 /Gm /GX /ZI /Od /I "./" /I "../../../" /I "../../../lib/isc/win32" /I "../../../lib/isc/win32/include" /I "../../../lib/isc/include" /I "../../../lib/isc/noatomic/include" /I "../../../lib/dns/include" /I "../../../lib/isccfg/include" /D "_DEBUG" /D "__STDC__" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /FR /FD /GZ /c
+# SUBTRACT CPP /X /YX
+# ADD BASE RSC /l 0x409 /d "_DEBUG"
+# ADD RSC /l 0x409 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 user32.lib advapi32.lib ws2_32.lib Debug/checktool.lib ../../../lib/isc/win32/Debug/libisc.lib ../../../lib/isccfg/win32/Debug/libisccfg.lib ../../../lib/dns/win32/Debug/libdns.lib /nologo /subsystem:console /debug /machine:I386 /out:"../../../Build/Debug/named-checkzone.exe" /pdbtype:sept
+
+!ENDIF 
+
+# Begin Target
+
+# Name "namedcheckzone - Win32 Release"
+# Name "namedcheckzone - Win32 Debug"
+# Begin Group "Source Files"
+
+# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
+# Begin Source File
+
+SOURCE="..\named-checkzone.c"
+# End Source File
+# End Group
+# Begin Group "Header Files"
+
+# PROP Default_Filter "h;hpp;hxx;hm;inl"
+# Begin Source File
+
+SOURCE="..\check-tool.h"
+# End Source File
+# End Group
+# Begin Group "Resource Files"
+
+# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
+# End Group
+# End Target
+# End Project

bin/check/win32/namedcheckzone.dsw

@@ -0,0 +1,29 @@
+Microsoft Developer Studio Workspace File, Format Version 6.00
+# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE!
+
+###############################################################################
+
+Project: "namedcheckzone"=".\namedcheckzone.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+}}}
+
+###############################################################################
+
+Global:
+
+Package=<5>
+{{{
+}}}
+
+Package=<3>
+{{{
+}}}
+
+###############################################################################
+

bin/check/win32/namedcheckzone.mak

@@ -0,0 +1,404 @@
+# Microsoft Developer Studio Generated NMAKE File, Based on namedcheckzone.dsp
+!IF "$(CFG)" == ""
+CFG=namedcheckzone - Win32 Debug
+!MESSAGE No configuration specified. Defaulting to namedcheckzone - Win32 Debug.
+!ENDIF 
+
+!IF "$(CFG)" != "namedcheckzone - Win32 Release" && "$(CFG)" != "namedcheckzone - Win32 Debug"
+!MESSAGE Invalid configuration "$(CFG)" specified.
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE 
+!MESSAGE NMAKE /f "namedcheckzone.mak" CFG="namedcheckzone - Win32 Debug"
+!MESSAGE 
+!MESSAGE Possible choices for configuration are:
+!MESSAGE 
+!MESSAGE "namedcheckzone - Win32 Release" (based on "Win32 (x86) Console Application")
+!MESSAGE "namedcheckzone - Win32 Debug" (based on "Win32 (x86) Console Application")
+!MESSAGE 
+!ERROR An invalid configuration is specified.
+!ENDIF 
+
+!IF "$(OS)" == "Windows_NT"
+NULL=
+!ELSE 
+NULL=nul
+!ENDIF 
+
+!IF  "$(CFG)" == "namedcheckzone - Win32 Release"
+_VC_MANIFEST_INC=0
+_VC_MANIFEST_BASENAME=__VC80
+!ELSE
+_VC_MANIFEST_INC=1
+_VC_MANIFEST_BASENAME=__VC80.Debug
+!ENDIF
+
+####################################################
+# Specifying name of temporary resource file used only in incremental builds:
+
+!if "$(_VC_MANIFEST_INC)" == "1"
+_VC_MANIFEST_AUTO_RES=$(_VC_MANIFEST_BASENAME).auto.res
+!else
+_VC_MANIFEST_AUTO_RES=
+!endif
+
+####################################################
+# _VC_MANIFEST_EMBED_EXE - command to embed manifest in EXE:
+
+!if "$(_VC_MANIFEST_INC)" == "1"
+
+#MT_SPECIAL_RETURN=1090650113
+#MT_SPECIAL_SWITCH=-notify_resource_update
+MT_SPECIAL_RETURN=0
+MT_SPECIAL_SWITCH=
+_VC_MANIFEST_EMBED_EXE= \
+if exist $@.manifest mt.exe -manifest $@.manifest -out:$(_VC_MANIFEST_BASENAME).auto.manifest $(MT_SPECIAL_SWITCH) & \
+if "%ERRORLEVEL%" == "$(MT_SPECIAL_RETURN)" \
+rc /r $(_VC_MANIFEST_BASENAME).auto.rc & \
+link $** /out:$@ $(LFLAGS)
+
+!else
+
+_VC_MANIFEST_EMBED_EXE= \
+if exist $@.manifest mt.exe -manifest $@.manifest -outputresource:$@;1
+
+!endif
+
+####################################################
+# _VC_MANIFEST_EMBED_DLL - command to embed manifest in DLL:
+
+!if "$(_VC_MANIFEST_INC)" == "1"
+
+#MT_SPECIAL_RETURN=1090650113
+#MT_SPECIAL_SWITCH=-notify_resource_update
+MT_SPECIAL_RETURN=0
+MT_SPECIAL_SWITCH=
+_VC_MANIFEST_EMBED_EXE= \
+if exist $@.manifest mt.exe -manifest $@.manifest -out:$(_VC_MANIFEST_BASENAME).auto.manifest $(MT_SPECIAL_SWITCH) & \
+if "%ERRORLEVEL%" == "$(MT_SPECIAL_RETURN)" \
+rc /r $(_VC_MANIFEST_BASENAME).auto.rc & \
+link $** /out:$@ $(LFLAGS)
+
+!else
+
+_VC_MANIFEST_EMBED_EXE= \
+if exist $@.manifest mt.exe -manifest $@.manifest -outputresource:$@;2
+
+!endif
+####################################################
+# _VC_MANIFEST_CLEAN - command to clean resources files generated temporarily:
+
+!if "$(_VC_MANIFEST_INC)" == "1"
+
+_VC_MANIFEST_CLEAN=-del $(_VC_MANIFEST_BASENAME).auto.res \
+    $(_VC_MANIFEST_BASENAME).auto.rc \
+    $(_VC_MANIFEST_BASENAME).auto.manifest
+
+!else
+
+_VC_MANIFEST_CLEAN=
+
+!endif
+
+!IF  "$(CFG)" == "namedcheckzone - Win32 Release"
+
+OUTDIR=.\Release
+INTDIR=.\Release
+
+!IF "$(RECURSE)" == "0" 
+
+ALL : "..\..\..\Build\Release\named-checkzone.exe"
+
+!ELSE 
+
+ALL : "libisc - Win32 Release" "libdns - Win32 Release" "..\..\..\Build\Release\named-checkzone.exe"
+
+!ENDIF 
+
+!IF "$(RECURSE)" == "1" 
+CLEAN :"libdns - Win32 ReleaseCLEAN" "libisc - Win32 ReleaseCLEAN" 
+!ELSE 
+CLEAN :
+!ENDIF 
+	-@erase "$(INTDIR)\check-tool.obj"
+	-@erase "$(INTDIR)\named-checkzone.obj"
+	-@erase "$(INTDIR)\vc60.idb"
+	-@erase "..\..\..\Build\Release\named-checkzone.exe"
+	-@$(_VC_MANIFEST_CLEAN)
+
+"$(OUTDIR)" :
+    if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
+
+CPP=cl.exe
+CPP_PROJ=/nologo /MD /W3 /GX /O2 /I "./" /I "../../../" /I "../../../lib/isc/win32" /I "../../../lib/isc/win32/include" /I "../../../lib/isc/include" /I "../../../lib/isc/noatomic/include" /I "../../../lib/dns/include" /I "../../../lib/isccfg/include" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "__STDC__" /Fp"$(INTDIR)\namedcheckzone.pch" /YX /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /c 
+
+.c{$(INTDIR)}.obj::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cpp{$(INTDIR)}.obj::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cxx{$(INTDIR)}.obj::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.c{$(INTDIR)}.sbr::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cpp{$(INTDIR)}.sbr::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cxx{$(INTDIR)}.sbr::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+RSC=rc.exe
+BSC32=bscmake.exe
+BSC32_FLAGS=/nologo /o"$(OUTDIR)\namedcheckzone.bsc" 
+BSC32_SBRS= \
+	
+LINK32=link.exe
+LINK32_FLAGS=user32.lib advapi32.lib ws2_32.lib ../../../lib/isc/win32/Release/libisc.lib ../../../lib/isccfg/win32/Release/libisccfg.lib ../../../lib/dns/win32/Release/libdns.lib /nologo /subsystem:console /incremental:no /pdb:"$(OUTDIR)\named-checkzone.pdb" /machine:I386 /out:"../../../Build/Release/named-checkzone.exe" 
+LINK32_OBJS= \
+	"$(INTDIR)\check-tool.obj" \
+	"$(INTDIR)\named-checkzone.obj" \
+	"..\..\..\lib\dns\win32\Release\libdns.lib" \
+	"..\..\..\lib\isccfg\win32\Release\libisccfg.lib" \
+	"..\..\..\lib\isc\win32\Release\libisc.lib"
+
+"..\..\..\Build\Release\named-checkzone.exe" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
+    $(LINK32) @<<
+  $(LINK32_FLAGS) $(LINK32_OBJS)
+<<
+    $(_VC_MANIFEST_EMBED_EXE)
+
+!ELSEIF  "$(CFG)" == "namedcheckzone - Win32 Debug"
+
+OUTDIR=.\Debug
+INTDIR=.\Debug
+# Begin Custom Macros
+OutDir=.\Debug
+# End Custom Macros
+
+!IF "$(RECURSE)" == "0" 
+
+ALL : "..\..\..\Build\Debug\named-checkzone.exe" "$(OUTDIR)\namedcheckzone.bsc"
+
+!ELSE 
+
+ALL : "libisc - Win32 Debug" "libdns - Win32 Debug" "..\..\..\Build\Debug\named-checkzone.exe" "$(OUTDIR)\namedcheckzone.bsc"
+
+!ENDIF 
+
+!IF "$(RECURSE)" == "1" 
+CLEAN :"libdns - Win32 DebugCLEAN" "libisc - Win32 DebugCLEAN" 
+!ELSE 
+CLEAN :
+!ENDIF 
+	-@erase "$(INTDIR)\check-tool.obj"
+	-@erase "$(INTDIR)\check-tool.sbr"
+	-@erase "$(INTDIR)\named-checkzone.obj"
+	-@erase "$(INTDIR)\named-checkzone.sbr"
+	-@erase "$(INTDIR)\vc60.idb"
+	-@erase "$(INTDIR)\vc60.pdb"
+	-@erase "$(OUTDIR)\named-checkzone.pdb"
+	-@erase "$(OUTDIR)\namedcheckzone.bsc"
+	-@erase "..\..\..\Build\Debug\named-checkzone.exe"
+	-@erase "..\..\..\Build\Debug\named-checkzone.ilk"
+	-@$(_VC_MANIFEST_CLEAN)
+
+"$(OUTDIR)" :
+    if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)"
+
+CPP=cl.exe
+CPP_PROJ=/nologo /MDd /W3 /Gm /GX /ZI /Od /I "./" /I "../../../" /I "../../../lib/isc/win32" /I "../../../lib/isc/win32/include" /I "../../../lib/isc/include" /I "../../../lib/isc/noatomic/include" /I "../../../lib/dns/include" /I "../../../lib/isccfg/include" /D "_DEBUG" /D "__STDC__" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /FR"$(INTDIR)\\" /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\" /FD /GZ /c 
+
+.c{$(INTDIR)}.obj::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cpp{$(INTDIR)}.obj::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cxx{$(INTDIR)}.obj::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.c{$(INTDIR)}.sbr::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cpp{$(INTDIR)}.sbr::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+.cxx{$(INTDIR)}.sbr::
+   $(CPP) @<<
+   $(CPP_PROJ) $< 
+<<
+
+RSC=rc.exe
+BSC32=bscmake.exe
+BSC32_FLAGS=/nologo /o"$(OUTDIR)\namedcheckzone.bsc" 
+BSC32_SBRS= \
+	"$(INTDIR)\check-tool.sbr" \
+	"$(INTDIR)\named-checkzone.sbr"
+
+"$(OUTDIR)\namedcheckzone.bsc" : "$(OUTDIR)" $(BSC32_SBRS)
+    $(BSC32) @<<
+  $(BSC32_FLAGS) $(BSC32_SBRS)
+<<
+
+LINK32=link.exe
+LINK32_FLAGS=user32.lib advapi32.lib ws2_32.lib ../../../lib/isc/win32/Debug/libisc.lib ../../../lib/isccfg/win32/Debug/libisccfg.lib ../../../lib/dns/win32/Debug/libdns.lib /nologo /subsystem:console /incremental:yes /pdb:"$(OUTDIR)\named-checkzone.pdb" /debug /machine:I386 /out:"../../../Build/Debug/named-checkzone.exe" /pdbtype:sept 
+LINK32_OBJS= \
+	"$(INTDIR)\check-tool.obj" \
+	"$(INTDIR)\named-checkzone.obj" \
+	"..\..\..\lib\dns\win32\Debug\libdns.lib" \
+	"..\..\..\lib\isccfg\win32\Debug\libisccfg.lib" \
+	"..\..\..\lib\isc\win32\Debug\libisc.lib"
+
+"..\..\..\Build\Debug\named-checkzone.exe" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS)
+    $(LINK32) @<<
+  $(LINK32_FLAGS) $(LINK32_OBJS)
+<<
+    $(_VC_MANIFEST_EMBED_EXE)
+
+!ENDIF 
+
+
+!IF "$(NO_EXTERNAL_DEPS)" != "1"
+!IF EXISTS("namedcheckzone.dep")
+!INCLUDE "namedcheckzone.dep"
+!ELSE 
+!MESSAGE Warning: cannot find "namedcheckzone.dep"
+!ENDIF 
+!ENDIF 
+
+
+!IF "$(CFG)" == "namedcheckzone - Win32 Release" || "$(CFG)" == "namedcheckzone - Win32 Debug"
+SOURCE="..\check-tool.c"
+
+!IF  "$(CFG)" == "namedcheckzone - Win32 Release"
+
+
+"$(INTDIR)\check-tool.obj" : $(SOURCE) "$(INTDIR)"
+	$(CPP) $(CPP_PROJ) $(SOURCE)
+
+
+!ELSEIF  "$(CFG)" == "namedcheckzone - Win32 Debug"
+
+
+"$(INTDIR)\check-tool.obj"	"$(INTDIR)\check-tool.sbr" : $(SOURCE) "$(INTDIR)"
+	$(CPP) $(CPP_PROJ) $(SOURCE)
+
+
+!ENDIF 
+
+SOURCE="..\named-checkzone.c"
+
+!IF  "$(CFG)" == "namedcheckzone - Win32 Release"
+
+
+"$(INTDIR)\named-checkzone.obj" : $(SOURCE) "$(INTDIR)"
+	$(CPP) $(CPP_PROJ) $(SOURCE)
+
+
+!ELSEIF  "$(CFG)" == "namedcheckzone - Win32 Debug"
+
+
+"$(INTDIR)\named-checkzone.obj"	"$(INTDIR)\named-checkzone.sbr" : $(SOURCE) "$(INTDIR)"
+	$(CPP) $(CPP_PROJ) $(SOURCE)
+
+
+!ENDIF 
+
+!IF  "$(CFG)" == "namedcheckzone - Win32 Release"
+
+"libdns - Win32 Release" : 
+   cd "..\..\..\lib\dns\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libdns.mak" CFG="libdns - Win32 Release" 
+   cd "..\..\..\bin\check\win32"
+
+"libdns - Win32 ReleaseCLEAN" : 
+   cd "..\..\..\lib\dns\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libdns.mak" CFG="libdns - Win32 Release" RECURSE=1 CLEAN 
+   cd "..\..\..\bin\check\win32"
+
+!ELSEIF  "$(CFG)" == "namedcheckzone - Win32 Debug"
+
+"libdns - Win32 Debug" : 
+   cd "..\..\..\lib\dns\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libdns.mak" CFG="libdns - Win32 Debug" 
+   cd "..\..\..\bin\check\win32"
+
+"libdns - Win32 DebugCLEAN" : 
+   cd "..\..\..\lib\dns\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libdns.mak" CFG="libdns - Win32 Debug" RECURSE=1 CLEAN 
+   cd "..\..\..\bin\check\win32"
+
+!ENDIF 
+
+!IF  "$(CFG)" == "namedcheckzone - Win32 Release"
+
+"libisc - Win32 Release" : 
+   cd "..\..\..\lib\isc\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libisc.mak" CFG="libisc - Win32 Release" 
+   cd "..\..\..\bin\check\win32"
+
+"libisc - Win32 ReleaseCLEAN" : 
+   cd "..\..\..\lib\isc\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libisc.mak" CFG="libisc - Win32 Release" RECURSE=1 CLEAN 
+   cd "..\..\..\bin\check\win32"
+
+!ELSEIF  "$(CFG)" == "namedcheckzone - Win32 Debug"
+
+"libisc - Win32 Debug" : 
+   cd "..\..\..\lib\isc\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libisc.mak" CFG="libisc - Win32 Debug" 
+   cd "..\..\..\bin\check\win32"
+
+"libisc - Win32 DebugCLEAN" : 
+   cd "..\..\..\lib\isc\win32"
+   $(MAKE) /$(MAKEFLAGS) /F ".\libisc.mak" CFG="libisc - Win32 Debug" RECURSE=1 CLEAN 
+   cd "..\..\..\bin\check\win32"
+
+!ENDIF 
+
+
+!ENDIF 
+
+####################################################
+# Commands to generate initial empty manifest file and the RC file
+# that references it, and for generating the .res file:
+
+$(_VC_MANIFEST_BASENAME).auto.res : $(_VC_MANIFEST_BASENAME).auto.rc
+
+$(_VC_MANIFEST_BASENAME).auto.rc : $(_VC_MANIFEST_BASENAME).auto.manifest
+    type <<$@
+#include <winuser.h>
+1RT_MANIFEST"$(_VC_MANIFEST_BASENAME).auto.manifest"
+<< KEEP
+
+$(_VC_MANIFEST_BASENAME).auto.manifest :
+    type <<$@
+<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
+<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
+</assembly>
+<< KEEP

bin/confgen/.gitignore

@@ -1,3 +0,0 @@
-ddns-confgen
-rndc-confgen
-tsig-keygen

bin/confgen/Makefile.am

@@ -1,30 +0,0 @@
-include $(top_srcdir)/Makefile.top
-
-AM_CPPFLAGS +=			\
-	$(LIBISC_CFLAGS)	\
-	$(LIBDNS_CFLAGS)	\
-	-DRNDC_KEYFILE=\"${sysconfdir}/rndc.key\"
-
-LDADD =				\
-	libconfgen.la		\
-	$(LIBISC_LIBS)		\
-	$(LIBDNS_LIBS)
-
-noinst_LTLIBRARIES = libconfgen.la
-
-libconfgen_la_SOURCES =		\
-	include/confgen/os.h	\
-	keygen.h		\
-	keygen.c		\
-	util.h			\
-	util.c			\
-	unix/os.c
-
-sbin_PROGRAMS = tsig-keygen rndc-confgen
-
-install-exec-hook:
-	ln -f $(DESTDIR)$(sbindir)/tsig-keygen \
-	      $(DESTDIR)$(sbindir)/ddns-confgen
-
-uninstall-hook:
-	-rm -f $(DESTDIR)$(sbindir)/ddns-confgen

bin/confgen/include/.clang-format

@@ -1 +0,0 @@
-../../../.clang-format.headers

bin/confgen/include/confgen/os.h

@@ -1,34 +0,0 @@
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-/*! \file */
-
-#ifndef RNDC_OS_H
-#define RNDC_OS_H 1
-
-#include <stdio.h>
-
-#include <isc/lang.h>
-
-ISC_LANG_BEGINDECLS
-
-int
-set_user(FILE *fd, const char *user);
-/*%<
- * Set the owner of the file referenced by 'fd' to 'user'.
- * Returns:
- *   0 		success
- *   -1 	insufficient permissions, or 'user' does not exist.
- */
-
-ISC_LANG_ENDDECLS
-
-#endif /* ifndef RNDC_OS_H */

bin/confgen/keygen.c

@@ -1,201 +0,0 @@
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-/*! \file */
-
-#include "keygen.h"
-#include <stdarg.h>
-#include <stdlib.h>
-
-#include <isc/base64.h>
-#include <isc/buffer.h>
-#include <isc/file.h>
-#include <isc/mem.h>
-#include <isc/print.h>
-#include <isc/result.h>
-#include <isc/string.h>
-
-#include <pk11/site.h>
-
-#include <dns/keyvalues.h>
-#include <dns/name.h>
-
-#include <dst/dst.h>
-
-#include <confgen/os.h>
-
-#include "util.h"
-
-/*%
- * Convert algorithm type to string.
- */
-const char *
-alg_totext(dns_secalg_t alg) {
-	switch (alg) {
-	case DST_ALG_HMACMD5:
-		return ("hmac-md5");
-	case DST_ALG_HMACSHA1:
-		return ("hmac-sha1");
-	case DST_ALG_HMACSHA224:
-		return ("hmac-sha224");
-	case DST_ALG_HMACSHA256:
-		return ("hmac-sha256");
-	case DST_ALG_HMACSHA384:
-		return ("hmac-sha384");
-	case DST_ALG_HMACSHA512:
-		return ("hmac-sha512");
-	default:
-		return ("(unknown)");
-	}
-}
-
-/*%
- * Convert string to algorithm type.
- */
-dns_secalg_t
-alg_fromtext(const char *name) {
-	const char *p = name;
-	if (strncasecmp(p, "hmac-", 5) == 0) {
-		p = &name[5];
-	}
-
-	if (strcasecmp(p, "md5") == 0) {
-		return (DST_ALG_HMACMD5);
-	}
-	if (strcasecmp(p, "sha1") == 0) {
-		return (DST_ALG_HMACSHA1);
-	}
-	if (strcasecmp(p, "sha224") == 0) {
-		return (DST_ALG_HMACSHA224);
-	}
-	if (strcasecmp(p, "sha256") == 0) {
-		return (DST_ALG_HMACSHA256);
-	}
-	if (strcasecmp(p, "sha384") == 0) {
-		return (DST_ALG_HMACSHA384);
-	}
-	if (strcasecmp(p, "sha512") == 0) {
-		return (DST_ALG_HMACSHA512);
-	}
-	return (DST_ALG_UNKNOWN);
-}
-
-/*%
- * Return default keysize for a given algorithm type.
- */
-int
-alg_bits(dns_secalg_t alg) {
-	switch (alg) {
-	case DST_ALG_HMACMD5:
-		return (128);
-	case DST_ALG_HMACSHA1:
-		return (160);
-	case DST_ALG_HMACSHA224:
-		return (224);
-	case DST_ALG_HMACSHA256:
-		return (256);
-	case DST_ALG_HMACSHA384:
-		return (384);
-	case DST_ALG_HMACSHA512:
-		return (512);
-	default:
-		return (0);
-	}
-}
-
-/*%
- * Generate a key of size 'keysize' and place it in 'key_txtbuffer'
- */
-void
-generate_key(isc_mem_t *mctx, dns_secalg_t alg, int keysize,
-	     isc_buffer_t *key_txtbuffer) {
-	isc_result_t result = ISC_R_SUCCESS;
-	isc_buffer_t key_rawbuffer;
-	isc_region_t key_rawregion;
-	char key_rawsecret[64];
-	dst_key_t *key = NULL;
-
-	switch (alg) {
-	case DST_ALG_HMACMD5:
-	case DST_ALG_HMACSHA1:
-	case DST_ALG_HMACSHA224:
-	case DST_ALG_HMACSHA256:
-		if (keysize < 1 || keysize > 512) {
-			fatal("keysize %d out of range (must be 1-512)\n",
-			      keysize);
-		}
-		break;
-	case DST_ALG_HMACSHA384:
-	case DST_ALG_HMACSHA512:
-		if (keysize < 1 || keysize > 1024) {
-			fatal("keysize %d out of range (must be 1-1024)\n",
-			      keysize);
-		}
-		break;
-	default:
-		fatal("unsupported algorithm %d\n", alg);
-	}
-
-	DO("initialize dst library", dst_lib_init(mctx, NULL));
-
-	DO("generate key",
-	   dst_key_generate(dns_rootname, alg, keysize, 0, 0, DNS_KEYPROTO_ANY,
-			    dns_rdataclass_in, mctx, &key, NULL));
-
-	isc_buffer_init(&key_rawbuffer, &key_rawsecret, sizeof(key_rawsecret));
-
-	DO("dump key to buffer", dst_key_tobuffer(key, &key_rawbuffer));
-
-	isc_buffer_usedregion(&key_rawbuffer, &key_rawregion);
-
-	DO("bsse64 encode secret",
-	   isc_base64_totext(&key_rawregion, -1, "", key_txtbuffer));
-
-	if (key != NULL) {
-		dst_key_free(&key);
-	}
-
-	dst_lib_destroy();
-}
-
-/*%
- * Write a key file to 'keyfile'.  If 'user' is non-NULL,
- * make that user the owner of the file.  The key will have
- * the name 'keyname' and the secret in the buffer 'secret'.
- */
-void
-write_key_file(const char *keyfile, const char *user, const char *keyname,
-	       isc_buffer_t *secret, dns_secalg_t alg) {
-	isc_result_t result;
-	const char *algname = alg_totext(alg);
-	FILE *fd = NULL;
-
-	DO("create keyfile", isc_file_safecreate(keyfile, &fd));
-
-	if (user != NULL) {
-		if (set_user(fd, user) == -1) {
-			fatal("unable to set file owner\n");
-		}
-	}
-
-	fprintf(fd,
-		"key \"%s\" {\n\talgorithm %s;\n"
-		"\tsecret \"%.*s\";\n};\n",
-		keyname, algname, (int)isc_buffer_usedlength(secret),
-		(char *)isc_buffer_base(secret));
-	fflush(fd);
-	if (ferror(fd)) {
-		fatal("write to %s failed\n", keyfile);
-	}
-	if (fclose(fd)) {
-		fatal("fclose(%s) failed\n", keyfile);
-	}
-}

bin/confgen/keygen.h

@@ -1,42 +0,0 @@
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-#ifndef RNDC_KEYGEN_H
-#define RNDC_KEYGEN_H 1
-
-/*! \file */
-
-#include <isc/buffer.h>
-#include <isc/lang.h>
-#include <isc/mem.h>
-
-#include <dns/secalg.h>
-
-ISC_LANG_BEGINDECLS
-
-void
-generate_key(isc_mem_t *mctx, dns_secalg_t alg, int keysize,
-	     isc_buffer_t *key_txtbuffer);
-
-void
-write_key_file(const char *keyfile, const char *user, const char *keyname,
-	       isc_buffer_t *secret, dns_secalg_t alg);
-
-const char *
-alg_totext(dns_secalg_t alg);
-dns_secalg_t
-alg_fromtext(const char *name);
-int
-alg_bits(dns_secalg_t alg);
-
-ISC_LANG_ENDDECLS
-
-#endif /* RNDC_KEYGEN_H */

bin/confgen/rndc-confgen.c

@@ -1,294 +0,0 @@
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-/*! \file */
-
-/**
- * rndc-confgen generates configuration files for rndc. It can be used
- * as a convenient alternative to writing the rndc.conf file and the
- * corresponding controls and key statements in named.conf by hand.
- * Alternatively, it can be run with the -a option to set up a
- * rndc.key file and avoid the need for a rndc.conf file and a
- * controls statement altogether.
- */
-
-#include <stdarg.h>
-#include <stdbool.h>
-#include <stdlib.h>
-
-#include <isc/assertions.h>
-#include <isc/attributes.h>
-#include <isc/base64.h>
-#include <isc/buffer.h>
-#include <isc/commandline.h>
-#include <isc/file.h>
-#include <isc/mem.h>
-#include <isc/net.h>
-#include <isc/print.h>
-#include <isc/result.h>
-#include <isc/string.h>
-#include <isc/time.h>
-#include <isc/util.h>
-
-#include <pk11/site.h>
-
-#include <dns/keyvalues.h>
-#include <dns/name.h>
-
-#include <dst/dst.h>
-
-#include <confgen/os.h>
-
-#include "keygen.h"
-#include "util.h"
-
-#define DEFAULT_KEYNAME "rndc-key"
-#define DEFAULT_SERVER	"127.0.0.1"
-#define DEFAULT_PORT	953
-
-static char program[256];
-const char *progname;
-
-bool verbose = false;
-
-const char *keyfile, *keydef;
-
-ISC_NORETURN static void
-usage(int status);
-
-static void
-usage(int status) {
-	fprintf(stderr, "\
-Usage:\n\
- %s [-a] [-b bits] [-c keyfile] [-k keyname] [-p port] \
-[-s addr] [-t chrootdir] [-u user]\n\
-  -a:		 generate just the key clause and write it to keyfile (%s)\n\
-  -A alg:	 algorithm (default hmac-sha256)\n\
-  -b bits:	 from 1 through 512, default 256; total length of the secret\n\
-  -c keyfile:	 specify an alternate key file (requires -a)\n\
-  -k keyname:	 the name as it will be used  in named.conf and rndc.conf\n\
-  -p port:	 the port named will listen on and rndc will connect to\n\
-  -q:		 suppress printing written key path\n\
-  -s addr:	 the address to which rndc should connect\n\
-  -t chrootdir:	 write a keyfile in chrootdir as well (requires -a)\n\
-  -u user:	 set the keyfile owner to \"user\" (requires -a)\n",
-		progname, keydef);
-
-	exit(status);
-}
-
-int
-main(int argc, char **argv) {
-	bool show_final_mem = false;
-	isc_buffer_t key_txtbuffer;
-	char key_txtsecret[256];
-	isc_mem_t *mctx = NULL;
-	isc_result_t result = ISC_R_SUCCESS;
-	const char *keyname = NULL;
-	const char *serveraddr = NULL;
-	dns_secalg_t alg;
-	const char *algname;
-	char *p;
-	int ch;
-	int port;
-	int keysize = -1;
-	struct in_addr addr4_dummy;
-	struct in6_addr addr6_dummy;
-	char *chrootdir = NULL;
-	char *user = NULL;
-	bool keyonly = false;
-	bool quiet = false;
-	int len;
-
-	keydef = keyfile = RNDC_KEYFILE;
-
-	result = isc_file_progname(*argv, program, sizeof(program));
-	if (result != ISC_R_SUCCESS) {
-		memmove(program, "rndc-confgen", 13);
-	}
-	progname = program;
-
-	keyname = DEFAULT_KEYNAME;
-	alg = DST_ALG_HMACSHA256;
-	serveraddr = DEFAULT_SERVER;
-	port = DEFAULT_PORT;
-
-	isc_commandline_errprint = false;
-
-	while ((ch = isc_commandline_parse(argc, argv,
-					   "aA:b:c:hk:Mmp:r:s:t:u:Vy")) != -1)
-	{
-		switch (ch) {
-		case 'a':
-			keyonly = true;
-			break;
-		case 'A':
-			algname = isc_commandline_argument;
-			alg = alg_fromtext(algname);
-			if (alg == DST_ALG_UNKNOWN) {
-				fatal("Unsupported algorithm '%s'", algname);
-			}
-			break;
-		case 'b':
-			keysize = strtol(isc_commandline_argument, &p, 10);
-			if (*p != '\0' || keysize < 0) {
-				fatal("-b requires a non-negative number");
-			}
-			break;
-		case 'c':
-			keyfile = isc_commandline_argument;
-			break;
-		case 'h':
-			usage(0);
-		case 'k':
-		case 'y': /* Compatible with rndc -y. */
-			keyname = isc_commandline_argument;
-			break;
-		case 'M':
-			isc_mem_debugging = ISC_MEM_DEBUGTRACE;
-			break;
-
-		case 'm':
-			show_final_mem = true;
-			break;
-		case 'p':
-			port = strtol(isc_commandline_argument, &p, 10);
-			if (*p != '\0' || port < 0 || port > 65535) {
-				fatal("port '%s' out of range",
-				      isc_commandline_argument);
-			}
-			break;
-		case 'q':
-			quiet = true;
-			break;
-		case 'r':
-			fatal("The -r option has been deprecated.");
-			break;
-		case 's':
-			serveraddr = isc_commandline_argument;
-			if (inet_pton(AF_INET, serveraddr, &addr4_dummy) != 1 &&
-			    inet_pton(AF_INET6, serveraddr, &addr6_dummy) != 1)
-			{
-				fatal("-s should be an IPv4 or IPv6 address");
-			}
-			break;
-		case 't':
-			chrootdir = isc_commandline_argument;
-			break;
-		case 'u':
-			user = isc_commandline_argument;
-			break;
-		case 'V':
-			verbose = true;
-			break;
-		case '?':
-			if (isc_commandline_option != '?') {
-				fprintf(stderr, "%s: invalid argument -%c\n",
-					program, isc_commandline_option);
-				usage(1);
-			} else {
-				usage(0);
-			}
-			break;
-		default:
-			fprintf(stderr, "%s: unhandled option -%c\n", program,
-				isc_commandline_option);
-			exit(1);
-		}
-	}
-
-	argc -= isc_commandline_index;
-	argv += isc_commandline_index;
-	POST(argv);
-
-	if (argc > 0) {
-		usage(1);
-	}
-
-	if (alg == DST_ALG_HMACMD5) {
-		fprintf(stderr, "warning: use of hmac-md5 for RNDC keys "
-				"is deprecated; hmac-sha256 is now "
-				"recommended.\n");
-	}
-
-	if (keysize < 0) {
-		keysize = alg_bits(alg);
-	}
-	algname = alg_totext(alg);
-
-	isc_mem_create(&mctx);
-	isc_buffer_init(&key_txtbuffer, &key_txtsecret, sizeof(key_txtsecret));
-
-	generate_key(mctx, alg, keysize, &key_txtbuffer);
-
-	if (keyonly) {
-		write_key_file(keyfile, chrootdir == NULL ? user : NULL,
-			       keyname, &key_txtbuffer, alg);
-		if (!quiet) {
-			printf("wrote key file \"%s\"\n", keyfile);
-		}
-
-		if (chrootdir != NULL) {
-			char *buf;
-			len = strlen(chrootdir) + strlen(keyfile) + 2;
-			buf = isc_mem_get(mctx, len);
-			snprintf(buf, len, "%s%s%s", chrootdir,
-				 (*keyfile != '/') ? "/" : "", keyfile);
-
-			write_key_file(buf, user, keyname, &key_txtbuffer, alg);
-			if (!quiet) {
-				printf("wrote key file \"%s\"\n", buf);
-			}
-			isc_mem_put(mctx, buf, len);
-		}
-	} else {
-		printf("\
-# Start of rndc.conf\n\
-key \"%s\" {\n\
-	algorithm %s;\n\
-	secret \"%.*s\";\n\
-};\n\
-\n\
-options {\n\
-	default-key \"%s\";\n\
-	default-server %s;\n\
-	default-port %d;\n\
-};\n\
-# End of rndc.conf\n\
-\n\
-# Use with the following in named.conf, adjusting the allow list as needed:\n\
-# key \"%s\" {\n\
-# 	algorithm %s;\n\
-# 	secret \"%.*s\";\n\
-# };\n\
-# \n\
-# controls {\n\
-# 	inet %s port %d\n\
-# 		allow { %s; } keys { \"%s\"; };\n\
-# };\n\
-# End of named.conf\n",
-		       keyname, algname,
-		       (int)isc_buffer_usedlength(&key_txtbuffer),
-		       (char *)isc_buffer_base(&key_txtbuffer), keyname,
-		       serveraddr, port, keyname, algname,
-		       (int)isc_buffer_usedlength(&key_txtbuffer),
-		       (char *)isc_buffer_base(&key_txtbuffer), serveraddr,
-		       port, serveraddr, keyname);
-	}
-
-	if (show_final_mem) {
-		isc_mem_stats(mctx, stderr);
-	}
-
-	isc_mem_destroy(&mctx);
-
-	return (0);
-}

bin/confgen/rndc-confgen.rst

@@ -1,119 +0,0 @@
-.. 
-   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-   
-   This Source Code Form is subject to the terms of the Mozilla Public
-   License, v. 2.0. If a copy of the MPL was not distributed with this
-   file, You can obtain one at http://mozilla.org/MPL/2.0/.
-   
-   See the COPYRIGHT file distributed with this work for additional
-   information regarding copyright ownership.
-
-..
-   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-
-   This Source Code Form is subject to the terms of the Mozilla Public
-   License, v. 2.0. If a copy of the MPL was not distributed with this
-   file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
-   See the COPYRIGHT file distributed with this work for additional
-   information regarding copyright ownership.
-
-
-.. highlight: console
-
-.. _man_rndc-confgen:
-
-rndc-confgen - rndc key generation tool
----------------------------------------
-
-Synopsis
-~~~~~~~~
-
-:program:`rndc-confgen` [**-a**] [**-A** algorithm] [**-b** keysize] [**-c** keyfile] [**-h**] [**-k** keyname] [**-p** port] [**-s** address] [**-t** chrootdir] [**-u** user]
-
-Description
-~~~~~~~~~~~
-
-``rndc-confgen`` generates configuration files for ``rndc``. It can be
-used as a convenient alternative to writing the ``rndc.conf`` file and
-the corresponding ``controls`` and ``key`` statements in ``named.conf``
-by hand. Alternatively, it can be run with the ``-a`` option to set up a
-``rndc.key`` file and avoid the need for a ``rndc.conf`` file and a
-``controls`` statement altogether.
-
-Options
-~~~~~~~
-
-``-a``
-   This option sets automatic ``rndc`` configuration, which creates a file ``rndc.key``
-   in ``/etc`` (or a different ``sysconfdir`` specified when BIND
-   was built) that is read by both ``rndc`` and ``named`` on startup.
-   The ``rndc.key`` file defines a default command channel and
-   authentication key allowing ``rndc`` to communicate with ``named`` on
-   the local host with no further configuration.
-
-   If a more elaborate configuration than that generated by
-   ``rndc-confgen -a`` is required, for example if rndc is to be used
-   remotely, run ``rndc-confgen`` without the ``-a`` option
-   and set up ``rndc.conf`` and ``named.conf`` as directed.
-
-``-A algorithm``
-   This option specifies the algorithm to use for the TSIG key. Available choices
-   are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384, and
-   hmac-sha512. The default is hmac-sha256.
-
-``-b keysize``
-   This option specifies the size of the authentication key in bits. The size must be between
-   1 and 512 bits; the default is the hash size.
-
-``-c keyfile``
-   This option is used with the ``-a`` option to specify an alternate location for
-   ``rndc.key``.
-
-``-h``
-   This option prints a short summary of the options and arguments to
-   ``rndc-confgen``.
-
-``-k keyname``
-   This option specifies the key name of the ``rndc`` authentication key. This must be a
-   valid domain name. The default is ``rndc-key``.
-
-``-p port``
-   This option specifies the command channel port where ``named`` listens for
-   connections from ``rndc``. The default is 953.
-
-``-q``
-   This option prevets printing the written path in automatic configuration mode.
-
-``-s address``
-   This option specifies the IP address where ``named`` listens for command-channel
-   connections from ``rndc``. The default is the loopback address
-   127.0.0.1.
-
-``-t chrootdir``
-   This option is used with the ``-a`` option to specify a directory where ``named``
-   runs chrooted. An additional copy of the ``rndc.key`` is
-   written relative to this directory, so that it is found by the
-   chrooted ``named``.
-
-``-u user``
-   This option is used with the ``-a`` option to set the owner of the generated ``rndc.key`` file.
-   If ``-t`` is also specified, only the file in the chroot
-   area has its owner changed.
-
-Examples
-~~~~~~~~
-
-To allow ``rndc`` to be used with no manual configuration, run:
-
-``rndc-confgen -a``
-
-To print a sample ``rndc.conf`` file and the corresponding ``controls`` and
-``key`` statements to be manually inserted into ``named.conf``, run:
-
-``rndc-confgen``
-
-See Also
-~~~~~~~~
-
-:manpage:`rndc(8)`, :manpage:`rndc.conf(5)`, :manpage:`named(8)`, BIND 9 Administrator Reference Manual.

bin/confgen/tsig-keygen.c

@@ -1,309 +0,0 @@
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-/*! \file */
-
-/**
- * tsig-keygen generates TSIG keys that can be used in named configuration
- * files for dynamic DNS.
- */
-
-#include <stdarg.h>
-#include <stdbool.h>
-#include <stdlib.h>
-
-#include <isc/assertions.h>
-#include <isc/attributes.h>
-#include <isc/base64.h>
-#include <isc/buffer.h>
-#include <isc/commandline.h>
-#include <isc/file.h>
-#include <isc/mem.h>
-#include <isc/net.h>
-#include <isc/print.h>
-#include <isc/result.h>
-#include <isc/string.h>
-#include <isc/time.h>
-#include <isc/util.h>
-
-#if USE_PKCS11
-#include <pk11/result.h>
-#endif /* if USE_PKCS11 */
-
-#include <dns/keyvalues.h>
-#include <dns/name.h>
-#include <dns/result.h>
-
-#include <dst/dst.h>
-
-#include <confgen/os.h>
-
-#include "keygen.h"
-#include "util.h"
-
-#define KEYGEN_DEFAULT	"tsig-key"
-#define CONFGEN_DEFAULT "ddns-key"
-
-static char program[256];
-const char *progname;
-static enum { progmode_keygen, progmode_confgen } progmode;
-bool verbose = false; /* needed by util.c but not used here */
-
-ISC_NORETURN static void
-usage(int status);
-
-static void
-usage(int status) {
-	if (progmode == progmode_confgen) {
-		fprintf(stderr, "\
-Usage:\n\
- %s [-a alg] [-k keyname] [-q] [-s name | -z zone]\n\
-  -a alg:        algorithm (default hmac-sha256)\n\
-  -k keyname:    name of the key as it will be used in named.conf\n\
-  -s name:       domain name to be updated using the created key\n\
-  -z zone:       name of the zone as it will be used in named.conf\n\
-  -q:            quiet mode: print the key, with no explanatory text\n",
-			progname);
-	} else {
-		fprintf(stderr, "\
-Usage:\n\
- %s [-a alg] [keyname]\n\
-  -a alg:        algorithm (default hmac-sha256)\n\n",
-			progname);
-	}
-
-	exit(status);
-}
-
-int
-main(int argc, char **argv) {
-	isc_result_t result = ISC_R_SUCCESS;
-	bool show_final_mem = false;
-	bool quiet = false;
-	isc_buffer_t key_txtbuffer;
-	char key_txtsecret[256];
-	isc_mem_t *mctx = NULL;
-	const char *keyname = NULL;
-	const char *zone = NULL;
-	const char *self_domain = NULL;
-	char *keybuf = NULL;
-	dns_secalg_t alg = DST_ALG_HMACSHA256;
-	const char *algname;
-	int keysize = 256;
-	int len = 0;
-	int ch;
-
-#if USE_PKCS11
-	pk11_result_register();
-#endif /* if USE_PKCS11 */
-	dns_result_register();
-
-	result = isc_file_progname(*argv, program, sizeof(program));
-	if (result != ISC_R_SUCCESS) {
-		memmove(program, "tsig-keygen", 11);
-	}
-	progname = program;
-
-	/*
-	 * Libtool doesn't preserve the program name prior to final
-	 * installation.  Remove the libtool prefix ("lt-").
-	 */
-	if (strncmp(progname, "lt-", 3) == 0) {
-		progname += 3;
-	}
-
-#define PROGCMP(X) \
-	(strcasecmp(progname, X) == 0 || strcasecmp(progname, X ".exe") == 0)
-
-	if (PROGCMP("tsig-keygen")) {
-		progmode = progmode_keygen;
-		quiet = true;
-	} else if (PROGCMP("ddns-confgen")) {
-		progmode = progmode_confgen;
-	} else {
-		INSIST(0);
-		ISC_UNREACHABLE();
-	}
-
-	isc_commandline_errprint = false;
-
-	while ((ch = isc_commandline_parse(argc, argv, "a:hk:Mmr:qs:y:z:")) !=
-	       -1) {
-		switch (ch) {
-		case 'a':
-			algname = isc_commandline_argument;
-			alg = alg_fromtext(algname);
-			if (alg == DST_ALG_UNKNOWN) {
-				fatal("Unsupported algorithm '%s'", algname);
-			}
-			keysize = alg_bits(alg);
-			break;
-		case 'h':
-			usage(0);
-		case 'k':
-		case 'y':
-			if (progmode == progmode_confgen) {
-				keyname = isc_commandline_argument;
-			} else {
-				usage(1);
-			}
-			break;
-		case 'M':
-			isc_mem_debugging = ISC_MEM_DEBUGTRACE;
-			break;
-		case 'm':
-			show_final_mem = true;
-			break;
-		case 'q':
-			if (progmode == progmode_confgen) {
-				quiet = true;
-			} else {
-				usage(1);
-			}
-			break;
-		case 'r':
-			fatal("The -r option has been deprecated.");
-			break;
-		case 's':
-			if (progmode == progmode_confgen) {
-				self_domain = isc_commandline_argument;
-			} else {
-				usage(1);
-			}
-			break;
-		case 'z':
-			if (progmode == progmode_confgen) {
-				zone = isc_commandline_argument;
-			} else {
-				usage(1);
-			}
-			break;
-		case '?':
-			if (isc_commandline_option != '?') {
-				fprintf(stderr, "%s: invalid argument -%c\n",
-					program, isc_commandline_option);
-				usage(1);
-			} else {
-				usage(0);
-			}
-			break;
-		default:
-			fprintf(stderr, "%s: unhandled option -%c\n", program,
-				isc_commandline_option);
-			exit(1);
-		}
-	}
-
-	if (progmode == progmode_keygen) {
-		keyname = argv[isc_commandline_index++];
-	}
-
-	POST(argv);
-
-	if (self_domain != NULL && zone != NULL) {
-		usage(1); /* -s and -z cannot coexist */
-	}
-
-	if (argc > isc_commandline_index) {
-		usage(1);
-	}
-
-	/* Use canonical algorithm name */
-	algname = alg_totext(alg);
-
-	isc_mem_create(&mctx);
-
-	if (keyname == NULL) {
-		const char *suffix = NULL;
-
-		keyname = ((progmode == progmode_keygen) ? KEYGEN_DEFAULT
-							 : CONFGEN_DEFAULT);
-		if (self_domain != NULL) {
-			suffix = self_domain;
-		} else if (zone != NULL) {
-			suffix = zone;
-		}
-		if (suffix != NULL) {
-			len = strlen(keyname) + strlen(suffix) + 2;
-			keybuf = isc_mem_get(mctx, len);
-			snprintf(keybuf, len, "%s.%s", keyname, suffix);
-			keyname = (const char *)keybuf;
-		}
-	}
-
-	isc_buffer_init(&key_txtbuffer, &key_txtsecret, sizeof(key_txtsecret));
-
-	generate_key(mctx, alg, keysize, &key_txtbuffer);
-
-	if (!quiet) {
-		printf("\
-# To activate this key, place the following in named.conf, and\n\
-# in a separate keyfile on the system or systems from which nsupdate\n\
-# will be run:\n");
-	}
-
-	printf("\
-key \"%s\" {\n\
-	algorithm %s;\n\
-	secret \"%.*s\";\n\
-};\n",
-	       keyname, algname, (int)isc_buffer_usedlength(&key_txtbuffer),
-	       (char *)isc_buffer_base(&key_txtbuffer));
-
-	if (!quiet) {
-		if (self_domain != NULL) {
-			printf("\n\
-# Then, in the \"zone\" statement for the zone containing the\n\
-# name \"%s\", place an \"update-policy\" statement\n\
-# like this one, adjusted as needed for your preferred permissions:\n\
-update-policy {\n\
-	  grant %s name %s ANY;\n\
-};\n",
-			       self_domain, keyname, self_domain);
-		} else if (zone != NULL) {
-			printf("\n\
-# Then, in the \"zone\" definition statement for \"%s\",\n\
-# place an \"update-policy\" statement like this one, adjusted as \n\
-# needed for your preferred permissions:\n\
-update-policy {\n\
-	  grant %s zonesub ANY;\n\
-};\n",
-			       zone, keyname);
-		} else {
-			printf("\n\
-# Then, in the \"zone\" statement for each zone you wish to dynamically\n\
-# update, place an \"update-policy\" statement granting update permission\n\
-# to this key.  For example, the following statement grants this key\n\
-# permission to update any name within the zone:\n\
-update-policy {\n\
-	grant %s zonesub ANY;\n\
-};\n",
-			       keyname);
-		}
-
-		printf("\n\
-# After the keyfile has been placed, the following command will\n\
-# execute nsupdate using this key:\n\
-nsupdate -k <keyfile>\n");
-	}
-
-	if (keybuf != NULL) {
-		isc_mem_put(mctx, keybuf, len);
-	}
-
-	if (show_final_mem) {
-		isc_mem_stats(mctx, stderr);
-	}
-
-	isc_mem_destroy(&mctx);
-
-	return (0);
-}

bin/confgen/tsig-keygen.rst

@@ -1,103 +0,0 @@
-.. 
-   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-   
-   This Source Code Form is subject to the terms of the Mozilla Public
-   License, v. 2.0. If a copy of the MPL was not distributed with this
-   file, You can obtain one at http://mozilla.org/MPL/2.0/.
-   
-   See the COPYRIGHT file distributed with this work for additional
-   information regarding copyright ownership.
-
-..
-   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-
-   This Source Code Form is subject to the terms of the Mozilla Public
-   License, v. 2.0. If a copy of the MPL was not distributed with this
-   file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
-   See the COPYRIGHT file distributed with this work for additional
-   information regarding copyright ownership.
-
-
-.. highlight: console
-
-.. _man_tsig-keygen:
-
-tsig-keygen, ddns-confgen - TSIG key generation tool
-----------------------------------------------------
-
-Synopsis
-~~~~~~~~
-:program:`tsig-keygen` [**-a** algorithm] [**-h**] [**-r** randomfile] [**-s** name]
-
-:program:`ddns-confgen` [**-a** algorithm] [**-h**] [**-k** keyname] [**-q**] [**-r** randomfile] [**-s** name] [**-z** zone]
-
-Description
-~~~~~~~~~~~
-
-``tsig-keygen`` and ``ddns-confgen`` are invocation methods for a
-utility that generates keys for use in TSIG signing. The resulting keys
-can be used, for example, to secure dynamic DNS updates to a zone, or for
-the ``rndc`` command channel.
-
-When run as ``tsig-keygen``, a domain name can be specified on the
-command line to be used as the name of the generated key. If no
-name is specified, the default is ``tsig-key``.
-
-When run as ``ddns-confgen``, the key name can specified using ``-k``
-parameter and defaults to ``ddns-key``. The generated key is accompanied
-by configuration text and instructions that can be used with ``nsupdate``
-and ``named`` when setting up dynamic DNS, including an example
-``update-policy`` statement. (This usage is similar to the ``rndc-confgen``
-command for setting up command-channel security.)
-
-Note that ``named`` itself can configure a local DDNS key for use with
-``nsupdate -l``; it does this when a zone is configured with
-``update-policy local;``. ``ddns-confgen`` is only needed when a more
-elaborate configuration is required: for instance, if ``nsupdate`` is to
-be used from a remote system.
-
-Options
-~~~~~~~
-
-``-a algorithm``
-   This option specifies the algorithm to use for the TSIG key. Available
-   choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384,
-   and hmac-sha512. The default is hmac-sha256. Options are
-   case-insensitive, and the "hmac-" prefix may be omitted.
-
-``-h``
-   This option prints a short summary of options and arguments.
-
-``-k keyname``
-   This option specifies the key name of the DDNS authentication key. The
-   default is ``ddns-key`` when neither the ``-s`` nor ``-z`` option is
-   specified; otherwise, the default is ``ddns-key`` as a separate label
-   followed by the argument of the option, e.g., ``ddns-key.example.com.``
-   The key name must have the format of a valid domain name, consisting of
-   letters, digits, hyphens, and periods.
-
-``-q`` (``ddns-confgen`` only)
-   This option enables quiet mode, which prints only the key, with no
-   explanatory text or usage examples. This is essentially identical to
-   ``tsig-keygen``.
-
-``-s name`` (``ddns-confgen`` only)
-   This option generates a configuration example to allow dynamic updates
-   of a single hostname. The example ``named.conf`` text shows how to set
-   an update policy for the specified name using the "name" nametype. The
-   default key name is ``ddns-key.name``. Note that the "self" nametype
-   cannot be used, since the name to be updated may differ from the key
-   name. This option cannot be used with the ``-z`` option.
-
-``-z zone`` (``ddns-confgen`` only)
-   This option generates a configuration example to allow
-   dynamic updates of a zone. The example ``named.conf`` text shows how
-   to set an update policy for the specified zone using the "zonesub"
-   nametype, allowing updates to all subdomain names within that zone.
-   This option cannot be used with the ``-s`` option.
-
-See Also
-~~~~~~~~
-
-:manpage:`nsupdate(1)`, :manpage:`named.conf(5)`, :manpage:`named(8)`, BIND 9 Administrator Reference Manual.

bin/confgen/unix/os.c

@@ -1,34 +0,0 @@
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-/*! \file */
-
-#include <errno.h>
-#include <fcntl.h>
-#include <pwd.h>
-#include <stdio.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <unistd.h>
-
-#include <confgen/os.h>
-
-int
-set_user(FILE *fd, const char *user) {
-	struct passwd *pw;
-
-	pw = getpwnam(user);
-	if (pw == NULL) {
-		errno = EINVAL;
-		return (-1);
-	}
-	return (fchown(fileno(fd), pw->pw_uid, -1));
-}

bin/confgen/util.c

@@ -1,47 +0,0 @@
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-/*! \file */
-
-#include "util.h"
-#include <stdarg.h>
-#include <stdbool.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <isc/print.h>
-
-extern bool verbose;
-extern const char *progname;
-
-void
-notify(const char *fmt, ...) {
-	va_list ap;
-
-	if (verbose) {
-		va_start(ap, fmt);
-		vfprintf(stderr, fmt, ap);
-		va_end(ap);
-		fprintf(stderr, "\n");
-	}
-}
-
-void
-fatal(const char *format, ...) {
-	va_list args;
-
-	fprintf(stderr, "%s: ", progname);
-	va_start(args, format);
-	vfprintf(stderr, format, args);
-	va_end(args);
-	fprintf(stderr, "\n");
-	exit(1);
-}

bin/confgen/util.h

@@ -1,44 +0,0 @@
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-#ifndef RNDC_UTIL_H
-#define RNDC_UTIL_H 1
-
-/*! \file */
-
-#include <isc/attributes.h>
-#include <isc/formatcheck.h>
-#include <isc/lang.h>
-#include <isc/platform.h>
-
-#define NS_CONTROL_PORT 953
-
-#undef DO
-#define DO(name, function)                                                \
-	do {                                                              \
-		result = function;                                        \
-		if (result != ISC_R_SUCCESS)                              \
-			fatal("%s: %s", name, isc_result_totext(result)); \
-		else                                                      \
-			notify("%s", name);                               \
-	} while (0)
-
-ISC_LANG_BEGINDECLS
-
-void
-notify(const char *fmt, ...) ISC_FORMAT_PRINTF(1, 2);
-
-ISC_NORETURN void
-fatal(const char *format, ...) ISC_FORMAT_PRINTF(1, 2);
-
-ISC_LANG_ENDDECLS
-
-#endif /* RNDC_UTIL_H */

bin/confgen/win32/confgentool.vcxproj.filters.in

@@ -1,39 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <ItemGroup>
-    <Filter Include="Source Files">
-      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
-      <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
-    </Filter>
-    <Filter Include="Header Files">
-      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
-      <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
-    </Filter>
-    <Filter Include="Resource Files">
-      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
-      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
-    </Filter>
-  </ItemGroup>
-  <ItemGroup>
-    <ClInclude Include="..\keygen.h">
-      <Filter>Header Files</Filter>
-    </ClInclude>
-    <ClInclude Include="..\util.h">
-      <Filter>Header Files</Filter>
-    </ClInclude>
-    <ClInclude Include="..\include\confgen\os.h">
-      <Filter>Header Files</Filter>
-    </ClInclude>
-  </ItemGroup>
-  <ItemGroup>
-    <ClCompile Include="..\keygen.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="..\util.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-    <ClCompile Include="os.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-  </ItemGroup>
-</Project>

bin/confgen/win32/confgentool.vcxproj.in

@@ -1,128 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project DefaultTargets="Build" ToolsVersion="@TOOLS_VERSION@" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <ItemGroup Label="ProjectConfigurations">
-    <ProjectConfiguration Include="Debug|@PLATFORM@">
-      <Configuration>Debug</Configuration>
-      <Platform>@PLATFORM@</Platform>
-    </ProjectConfiguration>
-    <ProjectConfiguration Include="Release|@PLATFORM@">
-      <Configuration>Release</Configuration>
-      <Platform>@PLATFORM@</Platform>
-    </ProjectConfiguration>
-  </ItemGroup>
-  <PropertyGroup Label="Globals">
-    <ProjectGuid>{64964B03-4815-41F0-9057-E766A94AF197}</ProjectGuid>
-    <Keyword>Win32Proj</Keyword>
-    <RootNamespace>confgentool</RootNamespace>
-    @WINDOWS_TARGET_PLATFORM_VERSION@
-  </PropertyGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'" Label="Configuration">
-    <ConfigurationType>StaticLibrary</ConfigurationType>
-    <UseDebugLibraries>true</UseDebugLibraries>
-    <CharacterSet>MultiByte</CharacterSet>
-    @PLATFORM_TOOLSET@
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'" Label="Configuration">
-    <ConfigurationType>StaticLibrary</ConfigurationType>
-    <UseDebugLibraries>false</UseDebugLibraries>
-    <WholeProgramOptimization>true</WholeProgramOptimization>
-    <CharacterSet>MultiByte</CharacterSet>
-    @PLATFORM_TOOLSET@
-  </PropertyGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
-  <ImportGroup Label="ExtensionSettings">
-  </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <PropertyGroup Label="UserMacros" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <LinkIncremental>true</LinkIncremental>
-    <OutDir>.\$(Configuration)\</OutDir>
-    <IntDir>.\$(Configuration)\</IntDir>
-    <IntDirSharingDetected>None</IntDirSharingDetected>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <LinkIncremental>false</LinkIncremental>
-    <OutDir>.\$(Configuration)\</OutDir>
-    <IntDir>.\$(Configuration)\</IntDir>
-    <IntDirSharingDetected>None</IntDirSharingDetected>
-  </PropertyGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <ClCompile>
-      <PrecompiledHeader>
-      </PrecompiledHeader>
-      <WarningLevel>Level4</WarningLevel>
-      <TreatWarningAsError>false</TreatWarningAsError>
-      <Optimization>Disabled</Optimization>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <PrecompiledHeaderOutputFile>.\$(Configuration)\$(TargetName).pch</PrecompiledHeaderOutputFile>
-      <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
-      <ObjectFileName>.\$(Configuration)\</ObjectFileName>
-      <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
-      <BrowseInformation>true</BrowseInformation>
-      <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
-      <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@..\include;..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\dns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <CompileAs>CompileAsC</CompileAs>
-    </ClCompile>
-    <Link>
-      <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>true</GenerateDebugInformation>
-    </Link>
-  </ItemDefinitionGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <ClCompile>
-      <WarningLevel>Level1</WarningLevel>
-      <TreatWarningAsError>true</TreatWarningAsError>
-      <PrecompiledHeader>
-      </PrecompiledHeader>
-      <Optimization>MaxSpeed</Optimization>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <IntrinsicFunctions>@INTRINSIC@</IntrinsicFunctions>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
-      <WholeProgramOptimization>false</WholeProgramOptimization>
-      <StringPooling>true</StringPooling>
-      <PrecompiledHeaderOutputFile>.\$(Configuration)\$(TargetName).pch</PrecompiledHeaderOutputFile>
-      <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
-      <ObjectFileName>.\$(Configuration)\</ObjectFileName>
-      <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
-      <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
-      <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@..\include;..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\dns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <CompileAs>CompileAsC</CompileAs>
-    </ClCompile>
-    <Link>
-      <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>true</GenerateDebugInformation>
-      <EnableCOMDATFolding>true</EnableCOMDATFolding>
-      <OptimizeReferences>true</OptimizeReferences>
-      <LinkTimeCodeGeneration>false</LinkTimeCodeGeneration>
-    </Link>
-  </ItemDefinitionGroup>
-  <ItemGroup>
-    <ClInclude Include="..\include\confgen\os.h" />
-    <ClInclude Include="..\keygen.h" />
-    <ClInclude Include="..\util.h" />
-  </ItemGroup>
-  <ItemGroup>
-    <ClCompile Include="..\keygen.c" />
-    <ClCompile Include="..\util.c" />
-    <ClCompile Include="os.c" />
-  </ItemGroup>
-  <ItemGroup>
-    <ProjectReference Include="..\..\..\lib\isc\win32\libisc.vcxproj">
-      <Project>{3840E563-D180-4761-AA9C-E6155F02EAFF}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\lib\dns\win32\libdns.vcxproj">
-      <Project>{5FEBFD4E-CCB0-48B9-B733-E15EEB85C16A}</Project>
-    </ProjectReference>
-  </ItemGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
-  <ImportGroup Label="ExtensionTargets">
-  </ImportGroup>
-</Project>

bin/confgen/win32/confgentool.vcxproj.user

@@ -1,3 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-</Project>

bin/confgen/win32/os.c

@@ -1,25 +0,0 @@
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-#include <errno.h>
-#include <fcntl.h>
-#include <io.h>
-#include <stdio.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <unistd.h>
-
-#include <confgen/os.h>
-
-int
-set_user(FILE *fd, const char *user) {
-	return (0);
-}

bin/confgen/win32/rndcconfgen.vcxproj.filters.in

@@ -1,18 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <ItemGroup>
-    <Filter Include="Source Files">
-      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
-      <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
-    </Filter>
-    <Filter Include="Resource Files">
-      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
-      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
-    </Filter>
-  </ItemGroup>
-  <ItemGroup>
-    <ClCompile Include="..\rndc-confgen.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-  </ItemGroup>
-</Project>

bin/confgen/win32/rndcconfgen.vcxproj.in

@@ -1,132 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project DefaultTargets="Build" ToolsVersion="@TOOLS_VERSION@" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <ItemGroup Label="ProjectConfigurations">
-    <ProjectConfiguration Include="Debug|@PLATFORM@">
-      <Configuration>Debug</Configuration>
-      <Platform>@PLATFORM@</Platform>
-    </ProjectConfiguration>
-    <ProjectConfiguration Include="Release|@PLATFORM@">
-      <Configuration>Release</Configuration>
-      <Platform>@PLATFORM@</Platform>
-    </ProjectConfiguration>
-  </ItemGroup>
-  <PropertyGroup Label="Globals">
-    <ProjectGuid>{1E2C1635-3093-4D59-80E7-4743AC10F22F}</ProjectGuid>
-    <Keyword>Win32Proj</Keyword>
-    <RootNamespace>rndcconfgen</RootNamespace>
-    @WINDOWS_TARGET_PLATFORM_VERSION@
-  </PropertyGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'" Label="Configuration">
-    <ConfigurationType>Application</ConfigurationType>
-    <UseDebugLibraries>true</UseDebugLibraries>
-    <CharacterSet>MultiByte</CharacterSet>
-    @PLATFORM_TOOLSET@
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'" Label="Configuration">
-    <ConfigurationType>Application</ConfigurationType>
-    <UseDebugLibraries>false</UseDebugLibraries>
-    <WholeProgramOptimization>true</WholeProgramOptimization>
-    <CharacterSet>MultiByte</CharacterSet>
-    @PLATFORM_TOOLSET@
-  </PropertyGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
-  <ImportGroup Label="ExtensionSettings">
-  </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <PropertyGroup Label="UserMacros" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <LinkIncremental>true</LinkIncremental>
-    <OutDir>..\..\..\Build\$(Configuration)\</OutDir>
-    <IntDir>.\$(Configuration)\</IntDir>
-    <IntDirSharingDetected>None</IntDirSharingDetected>
-    <TargetName>rndc-confgen</TargetName>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <LinkIncremental>false</LinkIncremental>
-    <OutDir>..\..\..\Build\$(Configuration)\</OutDir>
-    <IntDir>.\$(Configuration)\</IntDir>
-    <IntDirSharingDetected>None</IntDirSharingDetected>
-    <TargetName>rndc-confgen</TargetName>
-  </PropertyGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <ClCompile>
-      <PrecompiledHeader>
-      </PrecompiledHeader>
-      <WarningLevel>Level4</WarningLevel>
-      <TreatWarningAsError>false</TreatWarningAsError>
-      <Optimization>Disabled</Optimization>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <PrecompiledHeaderOutputFile>.\$(Configuration)\$(ProjectName).pch</PrecompiledHeaderOutputFile>
-      <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
-      <ObjectFileName>.\$(Configuration)\</ObjectFileName>
-      <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
-      <BrowseInformation>true</BrowseInformation>
-      <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
-      <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@..\include;..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\dns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <CompileAs>CompileAsC</CompileAs>
-    </ClCompile>
-    <Link>
-      <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>true</GenerateDebugInformation>
-      <OutputFile>..\..\..\Build\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
-      <AdditionalLibraryDirectories>$(Configuration);..\..\..\lib\isc\win32\$(Configuration);..\..\..\lib\dns\win32\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
-      <AdditionalDependencies>@OPENSSL_LIB@confgentool.lib;libisc.lib;libdns.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
-    </Link>
-  </ItemDefinitionGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <ClCompile>
-      <WarningLevel>Level1</WarningLevel>
-      <TreatWarningAsError>true</TreatWarningAsError>
-      <PrecompiledHeader>
-      </PrecompiledHeader>
-      <Optimization>MaxSpeed</Optimization>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <IntrinsicFunctions>@INTRINSIC@</IntrinsicFunctions>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
-      <WholeProgramOptimization>false</WholeProgramOptimization>
-      <StringPooling>true</StringPooling>
-      <PrecompiledHeaderOutputFile>.\$(Configuration)\$(ProjectName).pch</PrecompiledHeaderOutputFile>
-      <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
-      <ObjectFileName>.\$(Configuration)\</ObjectFileName>
-      <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
-      <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
-      <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@..\include;..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\dns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <CompileAs>CompileAsC</CompileAs>
-    </ClCompile>
-    <Link>
-      <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>false</GenerateDebugInformation>
-      <EnableCOMDATFolding>true</EnableCOMDATFolding>
-      <OptimizeReferences>true</OptimizeReferences>
-      <OutputFile>..\..\..\Build\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
-      <LinkTimeCodeGeneration>Default</LinkTimeCodeGeneration>
-      <AdditionalLibraryDirectories>$(Configuration);..\..\..\lib\isc\win32\$(Configuration);..\..\..\lib\dns\win32\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
-      <AdditionalDependencies>@OPENSSL_LIB@confgentool.lib;libisc.lib;libdns.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
-    </Link>
-  </ItemDefinitionGroup>
-  <ItemGroup>
-    <ClCompile Include="..\rndc-confgen.c" />
-  </ItemGroup>
-  <ItemGroup>
-    <ProjectReference Include="..\..\..\lib\isc\win32\libisc.vcxproj">
-      <Project>{3840E563-D180-4761-AA9C-E6155F02EAFF}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\lib\dns\win32\libdns.vcxproj">
-      <Project>{5FEBFD4E-CCB0-48B9-B733-E15EEB85C16A}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\bin\confgen\win32\confgentool.vcxproj">
-      <Project>{64964B03-4815-41F0-9057-E766A94AF197}</Project>
-    </ProjectReference>
-  </ItemGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
-  <ImportGroup Label="ExtensionTargets">
-  </ImportGroup>
-</Project>

bin/confgen/win32/rndcconfgen.vcxproj.user

@@ -1,3 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-</Project>

bin/confgen/win32/tsigkeygen.vcxproj.filters.in

@@ -1,18 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <ItemGroup>
-    <Filter Include="Source Files">
-      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
-      <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
-    </Filter>
-    <Filter Include="Resource Files">
-      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
-      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
-    </Filter>
-  </ItemGroup>
-  <ItemGroup>
-    <ClCompile Include="..\tsig-keygen.c">
-      <Filter>Source Files</Filter>
-    </ClCompile>
-  </ItemGroup>
-</Project>

bin/confgen/win32/tsigkeygen.vcxproj.in

@@ -1,143 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project DefaultTargets="Build" ToolsVersion="@TOOLS_VERSION@" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <ItemGroup Label="ProjectConfigurations">
-    <ProjectConfiguration Include="Debug|@PLATFORM@">
-      <Configuration>Debug</Configuration>
-      <Platform>@PLATFORM@</Platform>
-    </ProjectConfiguration>
-    <ProjectConfiguration Include="Release|@PLATFORM@">
-      <Configuration>Release</Configuration>
-      <Platform>@PLATFORM@</Platform>
-    </ProjectConfiguration>
-  </ItemGroup>
-  <PropertyGroup Label="Globals">
-    <ProjectGuid>{1EA4FC64-F33B-4A50-970A-EA052BBE9CF1}</ProjectGuid>
-    <Keyword>Win32Proj</Keyword>
-    <RootNamespace>tsigkeygen</RootNamespace>
-    @WINDOWS_TARGET_PLATFORM_VERSION@
-  </PropertyGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'" Label="Configuration">
-    <ConfigurationType>Application</ConfigurationType>
-    <UseDebugLibraries>true</UseDebugLibraries>
-    <CharacterSet>MultiByte</CharacterSet>
-    @PLATFORM_TOOLSET@
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'" Label="Configuration">
-    <ConfigurationType>Application</ConfigurationType>
-    <UseDebugLibraries>false</UseDebugLibraries>
-    <WholeProgramOptimization>true</WholeProgramOptimization>
-    <CharacterSet>MultiByte</CharacterSet>
-    @PLATFORM_TOOLSET@
-  </PropertyGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
-  <ImportGroup Label="ExtensionSettings">
-  </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <PropertyGroup Label="UserMacros" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <LinkIncremental>true</LinkIncremental>
-    <OutDir>..\..\..\Build\$(Configuration)\</OutDir>
-    <IntDir>.\$(Configuration)\</IntDir>
-    <IntDirSharingDetected>None</IntDirSharingDetected>
-    <TargetName>tsig-keygen</TargetName>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <LinkIncremental>false</LinkIncremental>
-    <OutDir>..\..\..\Build\$(Configuration)\</OutDir>
-    <IntDir>.\$(Configuration)\</IntDir>
-    <IntDirSharingDetected>None</IntDirSharingDetected>
-    <TargetName>tsig-keygen</TargetName>
-  </PropertyGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|@PLATFORM@'">
-    <ClCompile>
-      <PrecompiledHeader>
-      </PrecompiledHeader>
-      <WarningLevel>Level4</WarningLevel>
-      <TreatWarningAsError>false</TreatWarningAsError>
-      <Optimization>Disabled</Optimization>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <PrecompiledHeaderOutputFile>.\$(Configuration)\$(ProjectName).pch</PrecompiledHeaderOutputFile>
-      <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
-      <ObjectFileName>.\$(Configuration)\</ObjectFileName>
-      <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
-      <BrowseInformation>true</BrowseInformation>
-      <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
-      <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@..\include;..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\dns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <CompileAs>CompileAsC</CompileAs>
-    </ClCompile>
-    <Link>
-      <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>true</GenerateDebugInformation>
-      <OutputFile>..\..\..\Build\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
-      <AdditionalLibraryDirectories>$(Configuration);..\..\..\lib\isc\win32\$(Configuration);..\..\..\lib\dns\win32\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
-      <AdditionalDependencies>@OPENSSL_LIB@confgentool.lib;libisc.lib;libdns.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
-    </Link>
-    <PostBuildEvent>
-      <Command>cd ..\..\..\Build\$(Configuration)
-copy /Y tsig-keygen.exe ddns-confgen.exe
-copy /Y tsig-keygen.ilk ddns-confgen.ilk
-</Command>
-    </PostBuildEvent>
-  </ItemDefinitionGroup>
-  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|@PLATFORM@'">
-    <ClCompile>
-      <WarningLevel>Level1</WarningLevel>
-      <TreatWarningAsError>true</TreatWarningAsError>
-      <PrecompiledHeader>
-      </PrecompiledHeader>
-      <Optimization>MaxSpeed</Optimization>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <IntrinsicFunctions>@INTRINSIC@</IntrinsicFunctions>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
-      <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
-      <WholeProgramOptimization>false</WholeProgramOptimization>
-      <StringPooling>true</StringPooling>
-      <PrecompiledHeaderOutputFile>.\$(Configuration)\$(ProjectName).pch</PrecompiledHeaderOutputFile>
-      <AssemblerListingLocation>.\$(Configuration)\</AssemblerListingLocation>
-      <ObjectFileName>.\$(Configuration)\</ObjectFileName>
-      <ProgramDataBaseFileName>$(OutDir)$(TargetName).pdb</ProgramDataBaseFileName>
-      <ForcedIncludeFiles>..\..\..\config.h</ForcedIncludeFiles>
-      <AdditionalIncludeDirectories>.\;..\..\..\;@LIBXML2_INC@..\include;..\..\..\lib\isc\win32;..\..\..\lib\isc\win32\include;..\..\..\lib\isc\include;..\..\..\lib\dns\include;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <CompileAs>CompileAsC</CompileAs>
-    </ClCompile>
-    <Link>
-      <SubSystem>Console</SubSystem>
-      <GenerateDebugInformation>false</GenerateDebugInformation>
-      <EnableCOMDATFolding>true</EnableCOMDATFolding>
-      <OptimizeReferences>true</OptimizeReferences>
-      <OutputFile>..\..\..\Build\$(Configuration)\$(TargetName)$(TargetExt)</OutputFile>
-      <LinkTimeCodeGeneration>Default</LinkTimeCodeGeneration>
-      <AdditionalLibraryDirectories>$(Configuration);..\..\..\lib\isc\win32\$(Configuration);..\..\..\lib\dns\win32\$(Configuration);%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
-      <AdditionalDependencies>@OPENSSL_LIB@confgentool.lib;libisc.lib;libdns.lib;ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
-    </Link>
-    <PostBuildEvent>
-      <Command>cd ..\..\..\Build\$(Configuration)
-copy /Y tsig-keygen.exe ddns-confgen.exe
-</Command>
-    </PostBuildEvent>
-  </ItemDefinitionGroup>
-  <ItemGroup>
-    <ClCompile Include="..\tsig-keygen.c" />
-  </ItemGroup>
-  <ItemGroup>
-    <ProjectReference Include="..\..\..\lib\isc\win32\libisc.vcxproj">
-      <Project>{3840E563-D180-4761-AA9C-E6155F02EAFF}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\lib\dns\win32\libdns.vcxproj">
-      <Project>{5FEBFD4E-CCB0-48B9-B733-E15EEB85C16A}</Project>
-    </ProjectReference>
-    <ProjectReference Include="..\..\..\bin\confgen\win32\confgentool.vcxproj">
-      <Project>{64964B03-4815-41F0-9057-E766A94AF197}</Project>
-    </ProjectReference>
-  </ItemGroup>
-  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
-  <ImportGroup Label="ExtensionTargets">
-  </ImportGroup>
-</Project>

bin/confgen/win32/tsigkeygen.vcxproj.user

@@ -1,3 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-</Project>

bin/delv/.gitignore

@@ -1 +0,0 @@
-/delv

bin/delv/Makefile.am

@@ -1,21 +0,0 @@
-include $(top_srcdir)/Makefile.top
-
-AM_CPPFLAGS +=				\
-	-I$(top_builddir)/include	\
-	$(LIBISC_CFLAGS)		\
-	$(LIBDNS_CFLAGS)		\
-	$(LIBISCCFG_CFLAGS)		\
-	$(LIBIRS_CFLAGS)
-
-AM_CPPFLAGS +=				\
-	-DSYSCONFDIR=\"${sysconfdir}\"
-
-bin_PROGRAMS = delv
-
-delv_SOURCES =				\
-	delv.c
-delv_LDADD =				\
-	$(LIBISC_LIBS)			\
-	$(LIBDNS_LIBS)			\
-	$(LIBISCCFG_LIBS)		\
-	$(LIBIRS_LIBS)

bin/delv/delv.rst

@@ -1,336 +0,0 @@
-.. 
-   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-   
-   This Source Code Form is subject to the terms of the Mozilla Public
-   License, v. 2.0. If a copy of the MPL was not distributed with this
-   file, You can obtain one at http://mozilla.org/MPL/2.0/.
-   
-   See the COPYRIGHT file distributed with this work for additional
-   information regarding copyright ownership.
-
-..
-   Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-
-   This Source Code Form is subject to the terms of the Mozilla Public
-   License, v. 2.0. If a copy of the MPL was not distributed with this
-   file, You can obtain one at http://mozilla.org/MPL/2.0/.
-
-   See the COPYRIGHT file distributed with this work for additional
-   information regarding copyright ownership.
-
-
-.. highlight: console
-
-.. _man_delv:
-
-delv - DNS lookup and validation utility
-----------------------------------------
-
-Synopsis
-~~~~~~~~
-
-:program:`delv` [@server] [ [**-4**] | [**-6**] ] [**-a** anchor-file] [**-b** address] [**-c** class] [**-d** level] [**-i**] [**-m**] [**-p** port#] [**-q** name] [**-t** type] [**-x** addr] [name] [type] [class] [queryopt...]
-
-:program:`delv` [**-h**]
-
-:program:`delv` [**-v**]
-
-:program:`delv` [queryopt...] [query...]
-
-Description
-~~~~~~~~~~~
-
-``delv`` is a tool for sending DNS queries and validating the results,
-using the same internal resolver and validator logic as ``named``.
-
-``delv`` sends to a specified name server all queries needed to
-fetch and validate the requested data; this includes the original
-requested query, subsequent queries to follow CNAME or DNAME chains,
-queries for DNSKEY, and DS records to establish a chain of trust for
-DNSSEC validation. It does not perform iterative resolution, but
-simulates the behavior of a name server configured for DNSSEC validating
-and forwarding.
-
-By default, responses are validated using the built-in DNSSEC trust anchor
-for the root zone ("."). Records returned by ``delv`` are either fully
-validated or were not signed. If validation fails, an explanation of the
-failure is included in the output; the validation process can be traced
-in detail. Because ``delv`` does not rely on an external server to carry
-out validation, it can be used to check the validity of DNS responses in
-environments where local name servers may not be trustworthy.
-
-Unless it is told to query a specific name server, ``delv`` tries
-each of the servers listed in ``/etc/resolv.conf``. If no usable server
-addresses are found, ``delv`` sends queries to the localhost
-addresses (127.0.0.1 for IPv4, ::1 for IPv6).
-
-When no command-line arguments or options are given, ``delv``
-performs an NS query for "." (the root zone).
-
-Simple Usage
-~~~~~~~~~~~~
-
-A typical invocation of ``delv`` looks like:
-
-::
-
-    delv @server name type
-
-where:
-
-``server``
-   is the name or IP address of the name server to query. This can be an
-   IPv4 address in dotted-decimal notation or an IPv6 address in
-   colon-delimited notation. When the supplied ``server`` argument is a
-   hostname, ``delv`` resolves that name before querying that name
-   server (note, however, that this initial lookup is *not* validated by
-   DNSSEC).
-
-   If no ``server`` argument is provided, ``delv`` consults
-   ``/etc/resolv.conf``; if an address is found there, it queries the
-   name server at that address. If either of the ``-4`` or ``-6``
-   options is in use, then only addresses for the corresponding
-   transport are tried. If no usable addresses are found, ``delv``
-   sends queries to the localhost addresses (127.0.0.1 for IPv4, ::1
-   for IPv6).
-
-``name``
-   is the domain name to be looked up.
-
-``type``
-   indicates what type of query is required - ANY, A, MX, etc.
-   ``type`` can be any valid query type. If no ``type`` argument is
-   supplied, ``delv`` performs a lookup for an A record.
-
-Options
-~~~~~~~
-
-``-a anchor-file``
-   This option specifies a file from which to read DNSSEC trust anchors. The default
-   is ``/etc/bind.keys``, which is included with BIND 9 and contains one
-   or more trust anchors for the root zone (".").
-
-   Keys that do not match the root zone name are ignored. An alternate
-   key name can be specified using the ``+root=NAME`` options.
-
-   Note: When reading the trust anchor file, ``delv`` treats ``trust-anchors``,
-   ``initial-key``, and ``static-key`` identically. That is, for a managed key,
-   it is the *initial* key that is trusted; :rfc:`5011` key management is not
-   supported. ``delv`` does not consult the managed-keys database maintained by
-   ``named``, which means that if either of the keys in ``/etc/bind.keys`` is
-   revoked and rolled over, ``/etc/bind.keys`` must be updated to
-   use DNSSEC validation in ``delv``.
-
-``-b address``
-   This option sets the source IP address of the query to ``address``. This must be
-   a valid address on one of the host's network interfaces, or ``0.0.0.0``,
-   or ``::``. An optional source port may be specified by appending
-   ``#<port>``
-
-``-c class``
-   This option sets the query class for the requested data. Currently, only class
-   "IN" is supported in ``delv`` and any other value is ignored.
-
-``-d level``
-   This option sets the systemwide debug level to ``level``. The allowed range is
-   from 0 to 99. The default is 0 (no debugging). Debugging traces from
-   ``delv`` become more verbose as the debug level increases. See the
-   ``+mtrace``, ``+rtrace``, and ``+vtrace`` options below for
-   additional debugging details.
-
-``-h``
-   This option displays the ``delv`` help usage output and exits.
-
-``-i``
-   This option sets insecure mode, which disables internal DNSSEC validation. (Note,
-   however, that this does not set the CD bit on upstream queries. If the
-   server being queried is performing DNSSEC validation, then it does
-   not return invalid data; this can cause ``delv`` to time out. When it
-   is necessary to examine invalid data to debug a DNSSEC problem, use
-   ``dig +cd``.)
-
-``-m``
-   This option enables memory usage debugging.
-
-``-p port#``
-   This option specifies a destination port to use for queries, instead of the
-   standard DNS port number 53. This option is used with a name
-   server that has been configured to listen for queries on a
-   non-standard port number.
-
-``-q name``
-   This option sets the query name to ``name``. While the query name can be
-   specified without using the ``-q`` option, it is sometimes necessary to
-   disambiguate names from types or classes (for example, when looking
-   up the name "ns", which could be misinterpreted as the type NS, or
-   "ch", which could be misinterpreted as class CH).
-
-``-t type``
-   This option sets the query type to ``type``, which can be any valid query type
-   supported in BIND 9 except for zone transfer types AXFR and IXFR. As
-   with ``-q``, this is useful to distinguish query-name types or classes
-   when they are ambiguous. It is sometimes necessary to disambiguate
-   names from types.
-
-   The default query type is "A", unless the ``-x`` option is supplied
-   to indicate a reverse lookup, in which case it is "PTR".
-
-``-v``
-   This option prints the ``delv`` version and exits.
-
-``-x addr``
-   This option performs a reverse lookup, mapping an address to a name. ``addr``
-   is an IPv4 address in dotted-decimal notation, or a colon-delimited
-   IPv6 address. When ``-x`` is used, there is no need to provide the
-   ``name`` or ``type`` arguments; ``delv`` automatically performs a
-   lookup for a name like ``11.12.13.10.in-addr.arpa`` and sets the
-   query type to PTR. IPv6 addresses are looked up using nibble format
-   under the IP6.ARPA domain.
-
-``-4``
-   This option forces ``delv`` to only use IPv4.
-
-``-6``
-   This option forces ``delv`` to only use IPv6.
-
-Query Options
-~~~~~~~~~~~~~
-
-``delv`` provides a number of query options which affect the way results
-are displayed, and in some cases the way lookups are performed.
-
-Each query option is identified by a keyword preceded by a plus sign
-(``+``). Some keywords set or reset an option. These may be preceded by
-the string ``no`` to negate the meaning of that keyword. Other keywords
-assign values to options like the timeout interval. They have the form
-``+keyword=value``. The query options are:
-
-``+[no]cdflag``
-   This option controls whether to set the CD (checking disabled) bit in queries
-   sent by ``delv``. This may be useful when troubleshooting DNSSEC
-   problems from behind a validating resolver. A validating resolver
-   blocks invalid responses, making it difficult to retrieve them
-   for analysis. Setting the CD flag on queries causes the resolver
-   to return invalid responses, which ``delv`` can then validate
-   internally and report the errors in detail.
-
-``+[no]class``
-   This option controls whether to display the CLASS when printing a record. The
-   default is to display the CLASS.
-
-``+[no]ttl``
-   This option controls whether to display the TTL when printing a record. The
-   default is to display the TTL.
-
-``+[no]rtrace``
-   This option toggles resolver fetch logging. This reports the name and type of each
-   query sent by ``delv`` in the process of carrying out the resolution
-   and validation process, including the original query
-   and all subsequent queries to follow CNAMEs and to establish a chain
-   of trust for DNSSEC validation.
-
-   This is equivalent to setting the debug level to 1 in the "resolver"
-   logging category. Setting the systemwide debug level to 1 using the
-   ``-d`` option produces the same output, but affects other
-   logging categories as well.
-
-``+[no]mtrace``
-   This option toggles message logging. This produces a detailed dump of the
-   responses received by ``delv`` in the process of carrying out the
-   resolution and validation process.
-
-   This is equivalent to setting the debug level to 10 for the "packets"
-   module of the "resolver" logging category. Setting the systemwide
-   debug level to 10 using the ``-d`` option produces the same
-   output, but affects other logging categories as well.
-
-``+[no]vtrace``
-   This option toggles validation logging. This shows the internal process of the
-   validator as it determines whether an answer is validly signed,
-   unsigned, or invalid.
-
-   This is equivalent to setting the debug level to 3 for the
-   "validator" module of the "dnssec" logging category. Setting the
-   systemwide debug level to 3 using the ``-d`` option produces the
-   same output, but affects other logging categories as well.
-
-``+[no]short``
-   This option toggles between verbose and terse answers. The default is to print the answer in a
-   verbose form.
-
-``+[no]comments``
-   This option toggles the display of comment lines in the output. The default is to
-   print comments.
-
-``+[no]rrcomments``
-   This option toggles the display of per-record comments in the output (for example,
-   human-readable key information about DNSKEY records). The default is
-   to print per-record comments.
-
-``+[no]crypto``
-   This option toggles the display of cryptographic fields in DNSSEC records. The
-   contents of these fields are unnecessary to debug most DNSSEC
-   validation failures and removing them makes it easier to see the
-   common failures. The default is to display the fields. When omitted,
-   they are replaced by the string ``[omitted]`` or, in the DNSKEY case, the
-   key ID is displayed as the replacement, e.g. ``[ key id = value ]``.
-
-``+[no]trust``
-   This option controls whether to display the trust level when printing a record.
-   The default is to display the trust level.
-
-``+[no]split[=W]``
-   This option splits long hex- or base64-formatted fields in resource records into
-   chunks of ``W`` characters (where ``W`` is rounded up to the nearest
-   multiple of 4). ``+nosplit`` or ``+split=0`` causes fields not to be
-   split at all. The default is 56 characters, or 44 characters when
-   multiline mode is active.
-
-``+[no]all``
-   This option sets or clears the display options ``+[no]comments``,
-   ``+[no]rrcomments``, and ``+[no]trust`` as a group.
-
-``+[no]multiline``
-   This option prints long records (such as RRSIG, DNSKEY, and SOA records) in a
-   verbose multi-line format with human-readable comments. The default
-   is to print each record on a single line, to facilitate machine
-   parsing of the ``delv`` output.
-
-``+[no]dnssec``
-   This option indicates whether to display RRSIG records in the ``delv`` output.
-   The default is to do so. Note that (unlike in ``dig``) this does
-   *not* control whether to request DNSSEC records or to
-   validate them. DNSSEC records are always requested, and validation
-   always occurs unless suppressed by the use of ``-i`` or
-   ``+noroot``.
-
-``+[no]root[=ROOT]``
-   This option indicates whether to perform conventional DNSSEC validation, and if so,
-   specifies the name of a trust anchor. The default is to validate using a
-   trust anchor of "." (the root zone), for which there is a built-in key. If
-   specifying a different trust anchor, then ``-a`` must be used to specify a
-   file containing the key.
-
-``+[no]tcp``
-   This option controls whether to use TCP when sending queries. The default is to
-   use UDP unless a truncated response has been received.
-
-``+[no]unknownformat``
-   This option prints all RDATA in unknown RR-type presentation format (:rfc:`3597`).
-   The default is to print RDATA for known types in the type's
-   presentation format.
-
-``+[no]yaml``
-   This option prints response data in YAML format.
-
-Files
-~~~~~
-
-``/etc/bind.keys``
-
-``/etc/resolv.conf``
-
-See Also
-~~~~~~~~
-
-:manpage:`dig(1)`, :manpage:`named(8)`, :rfc:`4034`, :rfc:`4035`, :rfc:`4431`, :rfc:`5074`, :rfc:`5155`.