pool/bind
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/bind?expand=0&rev=1

Browse Source
This commit is contained in:
OBS User unknown 2006-12-18 23:15:14 +00:00 committed by Git OBS Bridge
commit 312459de0c
21 changed files with 3348 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.osc

49
Makefile.in.diff Normal file
View File

@ -0,0 +1,49 @@
--- bind-9.2.3/lib/bind/port/linux/include/Makefile.in
+++ bind-9.2.3/lib/bind/port/linux/include/Makefile.in 2003-03-03 16:35:43
@@ -17,7 +17,6 @@
srcdir = @srcdir@
VPATH = @srcdir@
-top_srcdir = @top_srcdir@
NHEADERS= net/route.h
SHEADERS= sys/mbuf.h
@@ -26,6 +25,8 @@
@BIND9_MAKE_RULES@
+top_srcdir = @top_srcdir@
+
installdirs:
$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${includedir}/net \
${DESTDIR}${includedir}/sys
--- bind-9.2.3/lib/bind/Makefile.in
+++ bind-9.2.3/lib/bind/Makefile.in 2003-03-03 17:04:15
@@ -17,7 +17,6 @@
srcdir = @srcdir@
VPATH = @srcdir@
-top_srcdir = @top_srcdir@
@LIBBIND_API@
@@ -94,6 +94,8 @@
@BIND9_MAKE_RULES@
+top_srcdir = @top_srcdir@
+
libbind.@SA@: ${OBJS}
${AR} ${ARFLAGS} $@ ${OBJS}
${RANLIB} $@
--- bind-9.3.1/bin/named/Makefile.in
+++ bind-9.3.1/bin/named/Makefile.in 2004-09-25 13:06:00
@@ -129,7 +129,4 @@
install:: named@EXEEXT@ lwresd@EXEEXT@ installdirs
${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named@EXEEXT@ ${DESTDIR}${sbindir}
(cd ${DESTDIR}${sbindir}; rm -f lwresd@EXEEXT@; @LN@ named@EXEEXT@ lwresd@EXEEXT@)
- ${INSTALL_DATA} ${srcdir}/named.8 ${DESTDIR}${mandir}/man8
- ${INSTALL_DATA} ${srcdir}/lwresd.8 ${DESTDIR}${mandir}/man8
- ${INSTALL_DATA} ${srcdir}/named.conf.5 ${DESTDIR}${mandir}/man5
-
+ for m in ${MANPAGES}; do ${INSTALL_DATA} ${srcdir}/$$m ${DESTDIR}${mandir}/man$${m##*.}; done

154
VU697164_VU915404.diff Normal file
View File

@ -0,0 +1,154 @@
Index: bin/named/query.c
===================================================================
RCS file: /proj/cvs/prod/bind9/bin/named/query.c,v
retrieving revision 1.198.2.13.4.36
diff -u -r1.198.2.13.4.36 query.c
--- bin/named/query.c 11 Aug 2005 05:25:20 -0000 1.198.2.13.4.36
+++ bin/named/query.c 28 Jul 2006 03:41:15 -0000
@@ -2393,7 +2393,7 @@
is_zone = ISC_FALSE;
qtype = event->qtype;
- if (qtype == dns_rdatatype_rrsig)
+ if (qtype == dns_rdatatype_rrsig || qtype == dns_rdatatype_sig)
type = dns_rdatatype_any;
else
type = qtype;
@@ -2434,7 +2434,7 @@
/*
* If it's a SIG query, we'll iterate the node.
*/
- if (qtype == dns_rdatatype_rrsig)
+ if (qtype == dns_rdatatype_rrsig || qtype == dns_rdatatype_sig)
type = dns_rdatatype_any;
else
type = qtype;
Index: lib/dns/resolver.c
===================================================================
RCS file: /proj/cvs/prod/bind9/lib/dns/resolver.c,v
retrieving revision 1.218.2.18.4.56
diff -u -r1.218.2.18.4.56 resolver.c
--- lib/dns/resolver.c 14 Oct 2005 01:38:48 -0000 1.218.2.18.4.56
+++ lib/dns/resolver.c 28 Jul 2006 03:41:25 -0000
@@ -762,7 +762,8 @@
INSIST(result != ISC_R_SUCCESS ||
dns_rdataset_isassociated(event->rdataset) ||
fctx->type == dns_rdatatype_any ||
- fctx->type == dns_rdatatype_rrsig);
+ fctx->type == dns_rdatatype_rrsig ||
+ fctx->type == dns_rdatatype_sig);
isc_task_sendanddetach(&task, ISC_EVENT_PTR(&event));
}
@@ -3188,7 +3189,8 @@
if (hevent != NULL) {
if (!negative && !chaining &&
(fctx->type == dns_rdatatype_any ||
- fctx->type == dns_rdatatype_rrsig)) {
+ fctx->type == dns_rdatatype_rrsig ||
+ fctx->type == dns_rdatatype_sig)) {
/*
* Don't bind rdatasets; the caller
* will iterate the node.
@@ -3306,7 +3308,8 @@
if (!ISC_LIST_EMPTY(fctx->validators)) {
INSIST(!negative);
INSIST(fctx->type == dns_rdatatype_any ||
- fctx->type == dns_rdatatype_rrsig);
+ fctx->type == dns_rdatatype_rrsig ||
+ fctx->type == dns_rdatatype_sig);
/*
* Don't send a response yet - we have
* more rdatasets that still need to
@@ -3455,14 +3458,15 @@
return (result);
anodep = &event->node;
/*
- * If this is an ANY or SIG query, we're not going
- * to return any rdatasets, unless we encountered
+ * If this is an ANY, SIG or RRSIG query, we're not
+ * going to return any rdatasets, unless we encountered
* a CNAME or DNAME as "the answer". In this case,
* we're going to return DNS_R_CNAME or DNS_R_DNAME
* and we must set up the rdatasets.
*/
if ((fctx->type != dns_rdatatype_any &&
- fctx->type != dns_rdatatype_rrsig) ||
+ fctx->type != dns_rdatatype_rrsig &&
+ fctx->type != dns_rdatatype_sig) ||
(name->attributes & DNS_NAMEATTR_CHAINING) != 0) {
ardataset = event->rdataset;
asigrdataset = event->sigrdataset;
@@ -3521,7 +3525,7 @@
*/
if (secure_domain && rdataset->trust != dns_trust_glue) {
/*
- * SIGs are validated as part of validating the
+ * RRSIGs are validated as part of validating the
* type they cover.
*/
if (rdataset->type == dns_rdatatype_rrsig)
@@ -3591,7 +3595,8 @@
if (ANSWER(rdataset) && need_validation) {
if (fctx->type != dns_rdatatype_any &&
- fctx->type != dns_rdatatype_rrsig) {
+ fctx->type != dns_rdatatype_rrsig &&
+ fctx->type != dns_rdatatype_sig) {
/*
* This is The Answer. We will
* validate it, but first we cache
@@ -3763,23 +3768,28 @@
isc_result_t *eresultp)
{
isc_result_t result;
+ dns_rdataset_t rdataset;
+
+ if (ardataset == NULL) {
+ dns_rdataset_init(&rdataset);
+ ardataset = &rdataset;
+ }
result = dns_ncache_add(message, cache, node, covers, now,
maxttl, ardataset);
- if (result == DNS_R_UNCHANGED) {
+ if (result == DNS_R_UNCHANGED || result == ISC_R_SUCCESS) {
/*
- * The data in the cache are better than the negative cache
- * entry we're trying to add.
+ * If the cache now contains a negative entry and we
+ * care about whether it is DNS_R_NCACHENXDOMAIN or
+ * DNS_R_NCACHENXRRSET then extract it.
*/
- if (ardataset != NULL && ardataset->type == 0) {
+ if (ardataset->type == 0) {
/*
- * The cache data is also a negative cache
- * entry.
+ * The cache data is a negative cache entry.
*/
if (NXDOMAIN(ardataset))
*eresultp = DNS_R_NCACHENXDOMAIN;
else
*eresultp = DNS_R_NCACHENXRRSET;
- result = ISC_R_SUCCESS;
} else {
/*
* Either we don't care about the nature of the
@@ -3791,14 +3801,11 @@
* XXXRTH There's a CNAME/DNAME problem here.
*/
*eresultp = ISC_R_SUCCESS;
- result = ISC_R_SUCCESS;
}
- } else if (result == ISC_R_SUCCESS) {
- if (NXDOMAIN(ardataset))
- *eresultp = DNS_R_NCACHENXDOMAIN;
- else
- *eresultp = DNS_R_NCACHENXRRSET;
+ result = ISC_R_SUCCESS;
}
+ if (ardataset == &rdataset && dns_rdataset_isassociated(ardataset))
+ dns_rdataset_disassociate(ardataset);
return (result);
}

3
bind-9.3.2.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4d4298abd85d06083a0643091dde05ffbe3db051439524dbe4a81c689735c694
size 5302112

78
bind-rsa.patch Normal file
View File

@ -0,0 +1,78 @@
Security Fixes (BIND 9.3.2-P2):
Change the default RSA exponent from 3 to 65537 which is
not vulnerable to the attacks described in CVE-2006-4339.
Index: lib/dns/opensslrsa_link.c
--- lib/dns/opensslrsa_link.c.orig 2004-12-09 05:07:18 +0100
+++ lib/dns/opensslrsa_link.c 2006-11-04 09:58:32 +0100
@@ -39,6 +39,9 @@
#include <openssl/err.h>
#include <openssl/objects.h>
#include <openssl/rsa.h>
+#if OPENSSL_VERSION_NUMBER > 0x00908000L
+#include <openssl/bn.h>
+#endif
/*
* XXXMPA Temporarially disable RSA_BLINDING as it requires
@@ -260,13 +263,47 @@
static isc_result_t
opensslrsa_generate(dst_key_t *key, int exp) {
+#if OPENSSL_VERSION_NUMBER > 0x00908000L
+ BN_GENCB cb;
+ RSA *rsa = RSA_new();
+ BIGNUM *e = BN_new();
+
+ if (rsa == NULL || e == NULL)
+ goto err;
+
+ if (exp == 0) {
+ /* RSA_F4 0x10001 */
+ BN_set_bit(e, 0);
+ BN_set_bit(e, 16);
+ } else {
+ /* F5 0x100000001 */
+ BN_set_bit(e, 0);
+ BN_set_bit(e, 32);
+ }
+
+ BN_GENCB_set_old(&cb, NULL, NULL);
+
+ if (RSA_generate_key_ex(rsa, key->key_size, e, &cb)) {
+ BN_free(e);
+ SET_FLAGS(rsa);
+ key->opaque = rsa;
+ return (ISC_R_SUCCESS);
+ }
+
+ err:
+ if (e != NULL)
+ BN_free(e);
+ if (rsa != NULL)
+ RSA_free(rsa);
+ return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+#else
RSA *rsa;
unsigned long e;
if (exp == 0)
- e = RSA_3;
- else
e = RSA_F4;
+ else
+ e = 0x40000003;
rsa = RSA_generate_key(key->key_size, e, NULL, NULL);
if (rsa == NULL)
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
@@ -274,6 +311,7 @@
key->opaque = rsa;
return (ISC_R_SUCCESS);
+#endif
}
static isc_boolean_t

3
bind-sdb-ldap-1.0-beta.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:40b014bb2109565caaad8cec4c91995c57a53d9a8ad17a7387425bd1f8e817b9
size 8262

763
bind.changes Normal file
View File

@ -0,0 +1,763 @@
-------------------------------------------------------------------
Fri Nov 10 12:07:56 CET 2006 - ug@suse.de
- security fix (#218303)
workarounds OpenSSL's recently
discovered RSA signature verification issue (CVE-2006-4339) by using
the exponent 65537 (0x10001) instead of the widely used 3.
-------------------------------------------------------------------
Tue Oct 17 20:39:31 CEST 2006 - poeml@suse.de
- there is no SuSEconfig.syslog script anymore, thus remove the
YaST hint from the sysconfig template
-------------------------------------------------------------------
Mon Oct 16 09:50:14 CEST 2006 - ug@suse.de
- typo in sysconfig file fixed (#212337)
-------------------------------------------------------------------
Fri Sep 1 14:58:28 CEST 2006 - ug@suse.de
- security fix
Bug #201424 VUL-0: bind: two denial-of-service attacks
VU#697164
BIND INSIST failure due to excessive recursive queries
VU#915404
BIND assertion failure during SIG query processing
-------------------------------------------------------------------
Tue Aug 15 14:28:09 CEST 2006 - ug@suse.de
- update messages removed
-------------------------------------------------------------------
Fri Aug 4 13:48:56 CEST 2006 - ug@suse.de
- moved the la files to bind-utils
(#182448)
-------------------------------------------------------------------
Thu Jul 6 12:11:11 CEST 2006 - ug@suse.de
- fix for the nsupdate man page (#92730)
thanx to Werner
-------------------------------------------------------------------
Wed May 17 13:00:02 CEST 2006 - ug@suse.de
- fix for ldapdump script (#175587)
-------------------------------------------------------------------
Mon Mar 13 16:57:01 CET 2006 - ug@suse.de
- typos fixed (#157611)
-------------------------------------------------------------------
Wed Feb 8 14:59:58 CET 2006 - ug@suse.de
- fixed #148527
a broken symlink in the chroot jail is in the way
-------------------------------------------------------------------
Fri Jan 27 00:49:18 CET 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
-------------------------------------------------------------------
Wed Jan 25 14:27:11 CET 2006 - ug@suse.de
- fixed #145169
(follow symlinks during chroot jail creation)
-------------------------------------------------------------------
Sat Jan 14 22:13:30 CET 2006 - schwab@suse.de
- Don't remove sources.
-------------------------------------------------------------------
Mon Jan 2 11:05:18 CET 2006 - ug@suse.de
- version update from 9.3.1 to 9.3.2
-------------------------------------------------------------------
Mon Nov 21 12:16:32 CET 2005 - ug@suse.de
- fixed an insecure tmp file bug in the
named-bootconf.sh contrib script
-------------------------------------------------------------------
Mon Sep 26 01:27:01 CEST 2005 - ro@suse.de
- added LDAP_DEPRECATED to CFLAGS
-------------------------------------------------------------------
Fri Jul 22 16:50:27 CEST 2005 - lmuelle@suse.de
- Copy the right default file if /etc/sysconfig/named is missing while
calling the lwresd init script; [#97187].
-------------------------------------------------------------------
Fri Jun 17 15:14:52 CEST 2005 - ug@suse.de
- compilation with -fpie and -pie now
which makes it harder to use
exploits with fixed memory addresses.
-------------------------------------------------------------------
Wed Apr 13 14:06:42 CEST 2005 - mls@suse.de
- fix SLP registration
-------------------------------------------------------------------
Fri Mar 25 18:29:09 CET 2005 - schwab@suse.de
- Fix leak in lwres library [#74529].
-------------------------------------------------------------------
Fri Mar 11 18:28:37 CET 2005 - ug@suse.de
- version update from 9.3.0 to 9.3.1
- fixed bug #72153
lwresd doesn't notice if name server is
unreachable and times out
-------------------------------------------------------------------
Fri Mar 11 16:41:26 CET 2005 - ug@suse.de
- rndc dropped from the lwresd init script
it conflicts with a running bind
-------------------------------------------------------------------
Mon Mar 7 14:34:28 CET 2005 - ug@suse.de
- lwresd init script "status" changed.
rndc is not used anymore
-------------------------------------------------------------------
Wed Feb 16 11:16:40 CET 2005 - ug@suse.de
- lwresd name string changed (just beautify)
-------------------------------------------------------------------
Fri Feb 4 11:23:14 CET 2005 - ug@suse.de
- changed the "insserv" behaviour on updates
- fixed empty lwresd.conf file in chroot env.
-------------------------------------------------------------------
Thu Feb 3 17:48:21 CET 2005 - ug@suse.de
- empty lwresd.conf file fix (Bug #49081)
- lwresd is on by default now during boot
-------------------------------------------------------------------
Fri Jan 21 14:46:24 CET 2005 - ug@suse.de
- sdb-ldap activated (ldapdb.c version from 16.01.2005)
- fixed security problem bug #49927 - remote denial-of-service
An incorrect assumption in the validator (authvalidated)
can result in a REQUIRE (internal consistancy) test failing
and named exiting.
-------------------------------------------------------------------
Tue Nov 30 11:39:04 CET 2004 - ug@suse.de
- fixed #48659
"rclwresd status" answered with OKAY even if only bind was running
"rcnamed status" answered with OKAY even if only lwresd was running
-------------------------------------------------------------------
Fri Nov 19 14:41:32 CET 2004 - ug@suse.de
- SLP support via /etc/slp.reg.d/bind.reg file added
-------------------------------------------------------------------
Thu Nov 4 14:52:17 CET 2004 - ug@suse.de
- version update to 9.3.0
- ldapdump script bug fixed (#44452)
- dnssec-makekeyset and dnssec-signkey activated
in Makefile of bin/dnssec/
-------------------------------------------------------------------
Wed Oct 13 14:30:07 CEST 2004 - lmuelle@suse.de
- Add condrestart to the named init script and use same code as in skeleton to
restart.
- Enhance check if named or lwresd are still running if the init script is
called with stop.
-------------------------------------------------------------------
Mon Sep 27 17:03:38 CEST 2004 - lmuelle@suse.de
- Update to version 9.2.4.
- Use defines for named user and group settings.
- Add PreReq groupadd and useradd to the chrootenv and lwresd package,
[#46050].
- Ensure to remove temp sysconfig file in %post.
- Remove warning from createNamedConfInclude script if a file is already
included in /etc/named.conf as we take care of such include statements in
the named init script anyway.
- Remove NAMED_CONF_INCLUDE_FILES fillup from include statements of
/etc/named.conf in the %post of the bind package by the same reason.
-------------------------------------------------------------------
Sat Sep 18 18:29:40 CEST 2004 - lmuelle@suse.de
- Add all filenames from include statements of named.conf to
NAMED_CONF_INCLUDE_FILES in the named init script, [#40610].
-------------------------------------------------------------------
Thu Sep 16 12:16:14 CEST 2004 - lmuelle@suse.de
- Add $remote_fs to Required-Start and Required-Stop of lwresd init script.
- Add Provides: dns_daemon to the lwresd package.
- Remove $time from Should-Start and Should-Stop, [#45433].
-------------------------------------------------------------------
Wed Sep 15 14:14:53 CEST 2004 - lmuelle@suse.de
- Remove conflicts from bind and bind-lwrewsd package, [#45335].
- Use rndc in lwresd init script if rndc is available.
-------------------------------------------------------------------
Thu Sep 9 17:02:25 CEST 2004 - lmuelle@suse.de
- Create /etc/rndc.key if bind-lwresd is installed and we install bind-utils
or if bind-utils is installed and we install bind-lwresd.
- Use 0644 instead of 0640 for the named.conf file.
- Split bind-doc from bind-utils.
- Use one sysconfig file for lwresd and named.
- Split common named and lwresd sysconfig settings from them unique to named.
- Rename lwres to bind-lwresd and lwres-devel to bind-libs.
- Ensure to create user and group 'named' in the %pre of bind-lwresd and
bind-chrootenv.
-------------------------------------------------------------------
Tue Sep 7 02:17:05 CEST 2004 - lmuelle@suse.de
- Remove %run_ldconfig from %post of the bind package.
- Move vendor files to an own tar ball.
- Create new sub packages lwres, lwres-devel, and bind-chrootenv, [#44711].
- Use new update message mechanism, [#44344].
-------------------------------------------------------------------
Sun Jun 20 10:21:37 CEST 2004 - lmuelle@suse.de
- Quote definition of NOM_PATH_FILE in configure.in.
-------------------------------------------------------------------
Mon May 31 15:47:51 CEST 2004 - lmuelle@suse.de
- Add BIND.desktop file for SuSEhelp.
-------------------------------------------------------------------
Wed May 19 14:30:07 CEST 2004 - lmuelle@suse.de
- Add -d, directroy option to genDDNSkey [#40786].
- Update ldapdump to version 1.1. This Version has better keyfile checks and
throws an error message if a keyfile can't be found, instead of just barfing
perl errors.
-------------------------------------------------------------------
Wed May 12 12:43:37 CEST 2004 - lmuelle@suse.de
- Update ldapdump; don't use .zone suffix for zone files.
-------------------------------------------------------------------
Wed Apr 28 15:18:40 CEST 2004 - lmuelle@suse.de
- Add /etc/openldap/schema/dnszone.schema to the bind-utils package.
- Add /usr/share/bind/ldapdump to the bind package.
- Add idnkit programs and libraries.
- Add idn patches for dig, host, and nslookup.
- Ensure to call functions initializeNamed, checkAndCopyConfigFiles, and
namedCheckConf in the named init script only one time.
Let namedCheckConf check the configuration inside the chroot.
- Check all configuration files in named init script while called with probe.
- Add NAMED_INITIALIZE_SCRIPTS to sysconfig.named. This allows to call
arbitrary scripts before named is started, restarted, or reloaded.
Therewith it's also possible to disable createNamedConfInclude entirely.
- createNamedConfInclude always overwrite .SuSEconfig file [#33768].
- Rename SuSEconfig.named to createNamedConfInclude and move it to
/usr/share/bind.
-------------------------------------------------------------------
Sat Mar 13 21:06:48 CET 2004 - schwab@suse.de
- Fix path to docs in sample named.conf.
-------------------------------------------------------------------
Tue Feb 24 18:47:38 CET 2004 - poeml@suse.de
- add genDDNSkey to bind-utils (formerly in dhcp-server package)
- allow --keyfile and --keyname to be used with genDDNSkey, and
allow using /dev/urandom to avoid blocking
- in the init script, use rndc (if possible) in order to shut down,
so named will flush pending changes to dynamical zones
- when restarting named, make sure it is stopped before trying to
start it again [#34937]
- update root zone (dated Jan 29, 2004)
-------------------------------------------------------------------
Thu Feb 12 09:32:30 CET 2004 - kukuk@suse.de
- Fix group of named.conf.include in filelist
- Build with -fno-strict-aliasing
-------------------------------------------------------------------
Wed Oct 15 15:32:00 CEST 2003 - lmuelle@suse.de
- update to version 9.2.3; includes the new zone type "delegation-only" to
foil Verisign's sitefinder games
- move root.hint to an extra source file, named.root
- use /etc/named.d and /var/lib/named/master directory in the example
configuration from the sample-config directory
- supress superfluous warning in SuSEconfig.named if /etc/named.conf.include
is empty
- create /etc/rndc.key in the init script if it's missing
- call namedCheckConf after checkAndCopyConfigFiles to allow us to start named
after checkAndCopyConfigFiles fixed a problem
- call SuSEconfig -module named not direct in the init script
- add norootforbuild to the spec file
- set owner of /etc/named.d and /etc/named.d/rndc-access.conf to root:
- add additional x while testing strings in the init script
- always include /etc/rndc.key in rndc-access.conf
- remove absolet stdtime.diff
- remove ip6rev.diff, as one part is included upstream and the other isn't
possible any longer
-------------------------------------------------------------------
Wed Oct 8 17:19:25 CEST 2003 - schwab@suse.de
- Fix typo in last change.
-------------------------------------------------------------------
Mon Sep 29 15:37:35 CEST 2003 - kukuk@suse.de
- Create named.conf.include if it does not exist [Bug #31683]
- Don't add rndc-access.conf at update [Bug #31696]
-------------------------------------------------------------------
Fri Sep 19 13:01:53 CEST 2003 - kukuk@suse.de
- Fix all useradd calls
-------------------------------------------------------------------
Mon Sep 15 08:35:06 CEST 2003 - kukuk@suse.de
- Fix Requires and Provides [Bug #30717]
-------------------------------------------------------------------
Fri Aug 29 12:29:03 CEST 2003 - kukuk@suse.de
- Call useradd with -r for system accounts [Bug #29611]
-------------------------------------------------------------------
Thu Aug 28 20:06:46 CEST 2003 - lmuelle@suse.de
- call sbin/SuSEconfig --module named and not directly the script in the %post
section
- check if rndc is accessible in the init script
-------------------------------------------------------------------
Tue Aug 26 17:35:10 CEST 2003 - lmuelle@suse.de
- add Config: syslog-ng to sysconfig.syslog-named
-------------------------------------------------------------------
Sat Aug 23 01:29:39 CEST 2003 - lmuelle@suse.de
- add NAMED_ARGS to sysconfig.named
- use -r /dev/urandom while calling rndc-confgen in the post section
-------------------------------------------------------------------
Thu Aug 21 16:46:12 CEST 2003 - lmuelle@suse.de
- rename package from bind9 to bind
- add stop_on_removal and restart_on_update macros to preun and postun section
fix bug #29048
- add default /etc/named.d/rndc-access.conf
- add SuSEconfig.named
- add all included files to NAMED_CONF_INCLUDE_FILES of /etc/sysconfig/named
while update if NAMED_CONF_INCLUDE_FILES is empty
- add additional sysconfig meta data
- remove -u from the copy in prepare_chroot() of the init script due to
the rist of a wrong system time
- unify init scripts; add one space at the end to all echos
- document new features in the README.{SuSE,UnitedLinux}
- fix bug #28585
-------------------------------------------------------------------
Fri Apr 11 15:01:00 CEST 2003 - mludvig@suse.cz
- Make nibble queries instead of bitstring ones for IPv6 addresses.
- Differentiate between 6bone (3ffe::/16, .ip6.int) and other
addresses (!3ffe::/16, ip6.arpa).
-------------------------------------------------------------------
Mon May 26 15:52:42 CEST 2003 - lmuelle@suse.de
- add -u to copy in prepare_chroot() of the init script, #25687
- fix output format in init script
-------------------------------------------------------------------
Wed Mar 12 13:58:35 CET 2003 - lmuelle@suse.de
- fix try-restart part of init skript
- set PATH to "/sbin:/usr/sbin:/bin:/usr/bin", #21295
-------------------------------------------------------------------
Mon Mar 10 18:40:40 CET 2003 - lmuelle@suse.de
- remove %ghost from /var/lib/named/var/log
-------------------------------------------------------------------
Mon Mar 10 18:03:36 CET 2003 - lmuelle@suse.de
- add null logging for lame-servers to logging example in named.conf
- fix file section
- change /var/run/named to a sym link pointing to /var/lib/named/var/run/named,
#24768
-------------------------------------------------------------------
Wed Mar 5 17:09:20 CET 2003 - lmuelle@suse.de
- remove empty.zone due to possibility of CIDR addressing
- remove rndc.conf; rndc also uses rndc.key, fix bug #17751
- create rndc.key with 512bit sized key in %post
- remove %pre of utils package
- create additional sub directories log, dyn and master in /var/lib/named
- add a non active logging example to named.conf
-------------------------------------------------------------------
Tue Mar 4 17:50:58 CET 2003 - lmuelle@suse.de
- update to version 9.2.2; maintenance/ bugfix release
-------------------------------------------------------------------
Sat Mar 1 17:41:47 CET 2003 - ro@suse.de
- also create named user/group in utils preinstall
-------------------------------------------------------------------
Thu Feb 27 23:53:01 CET 2003 - ro@suse.de
- create named user/group in preinstall and install
-------------------------------------------------------------------
Thu Feb 27 14:00:59 CET 2003 - lmuelle@suse.de
- set /etc/named.conf to root:named and 0640
- add an example to additional info mail for dynamic updates
- add more information to the README
- add sysconfig file for chroot jail; default is yes
- add chroot features to init script for start and reload
-------------------------------------------------------------------
Mon Feb 24 16:56:17 CET 2003 - lmuelle@suse.de
- add separate binaries to PreReq
- add --localstatedir=/var to configure call
- add and autocreate /etc/rndc.{conf,key}
- move rndc binaries and man pages to utils package
- fix %post in case of update
- set ownership of /var/lib/named to root:
- add a README
- fix init script to return correspondig message to checkproc return code
- remove umlauts from %post mail
- add additional info mail about ownership of /var/lib/named if journal files
are used
-------------------------------------------------------------------
Mon Feb 17 22:48:21 CET 2003 - lmuelle@suse.de
- update bind9 to version 9.2.1
- move /var/named to /var/lib/named
- remove obsolete patches (bison, ltconfig_ppc64, manpages, security)
-------------------------------------------------------------------
Wed Nov 13 01:43:18 CET 2002 - ro@suse.de
- fix build with current bison (end all rules with ";")
-------------------------------------------------------------------
Sat Sep 7 16:31:04 CEST 2002 - kukuk@suse.de
- Fix running bind9 as user named [Bug #18417]
-------------------------------------------------------------------
Mon Aug 19 15:22:43 CEST 2002 - ro@suse.de
- added prereqs (#17807)
-------------------------------------------------------------------
Mon Aug 19 12:50:37 CEST 2002 - okir@suse.de
- Added patch to make named run as non-root user
- added "-u named" option to init script invocation of named
-------------------------------------------------------------------
Sun Jul 28 13:38:54 CEST 2002 - kukuk@suse.de
- Remove yacc from neededforbuild
-------------------------------------------------------------------
Sat Jul 27 18:17:13 CEST 2002 - adrian@suse.de
- add %run_ldconfig
-------------------------------------------------------------------
Mon Jul 22 09:57:32 CEST 2002 - kukuk@suse.de
- Move .so symlinks to devel package
- Move liblwres shared library to utils package
- make lib64 clean
-------------------------------------------------------------------
Wed Jul 10 22:29:04 CEST 2002 - olh@suse.de
- hack ltconfig for ppc64 to build shared libs
-------------------------------------------------------------------
Wed Jul 10 16:36:30 MEST 2002 - draht@suse.de
- move /usr/bin/nsupdate to bindutil (#16944)
-------------------------------------------------------------------
Mon Jun 3 10:59:07 CEST 2002 - okir@suse.de
- Applied security fix for remote DoS (CERT VU#739123)
-------------------------------------------------------------------
Fri Dec 14 17:55:36 CET 2001 - ro@suse.de
- removed START_NAMED
-------------------------------------------------------------------
Wed Sep 5 20:32:15 CEST 2001 - pthomas@suse.de
- Fix incorrect .so references in lwres manpages.
-------------------------------------------------------------------
Sun Aug 12 15:04:44 CEST 2001 - kukuk@suse.de
- Fix path to perl interpreter
-------------------------------------------------------------------
Wed Jul 4 09:06:38 CEST 2001 - bodammer@suse.de
- Update to bind-9.1.3 (release)
- Config-files moved away from bind-9.1.3.dif
-------------------------------------------------------------------
Mon Jul 2 11:49:12 CEST 2001 - bodammer@suse.de
- update to bind-9.1.3rc3
- "Implicit declaration of function time" in context.c fixed
-------------------------------------------------------------------
Mon Jun 25 10:48:06 CEST 2001 - bodammer@suse.de
- update to bind-9.1.3rc2
-------------------------------------------------------------------
Tue May 29 11:09:59 CEST 2001 - bodammer@suse.de
- update to bind-9.1.3rc1
-------------------------------------------------------------------
Thu May 10 14:41:05 CEST 2001 - bodammer@suse.de
- initscript fix: don't start bind in runlevel 2 [bug #7956]
-------------------------------------------------------------------
Tue May 8 15:53:04 CEST 2001 - mfabian@suse.de
- bzip2 sources
-------------------------------------------------------------------
Tue May 8 10:03:00 CEST 2001 - bodammer@suse.de
- install a new named.conf with comments
-------------------------------------------------------------------
Mon May 7 13:38:25 CEST 2001 - bodammer@suse.de
- update to bind-9.1.2 (release)
-------------------------------------------------------------------
Tue Apr 24 12:18:01 CEST 2001 - bodammer@suse.de
- little modification to named.conf
-------------------------------------------------------------------
Thu Mar 29 13:21:29 CEST 2001 - bodammer@suse.de
- update to bind-9.1.1 (release)
-------------------------------------------------------------------
Tue Mar 27 10:50:55 CEST 2001 - bodammer@suse.de
- update to bind-9.1.1rc7
-------------------------------------------------------------------
Fri Mar 23 10:39:53 CET 2001 - bodammer@suse.de
- update to bind-9.1.1rc6
-------------------------------------------------------------------
Thu Mar 15 14:47:49 CET 2001 - bodammer@suse.de
- update to bind-9.1.1rc5
- new initscript more LSB conform
-------------------------------------------------------------------
Mon Mar 12 13:34:23 CET 2001 - bodammer@suse.de
- update to bind-9.1.1rc4
-------------------------------------------------------------------
Tue Feb 27 17:05:04 CET 2001 - bodammer@suse.de
- initscript fix: now checks for a running named
-------------------------------------------------------------------
Tue Feb 27 09:18:09 CET 2001 - bodammer@suse.de
- update to bind-9.1.1rc3
-------------------------------------------------------------------
Thu Feb 15 15:04:08 CET 2001 - sf@suse.de
- added suse_update_config
-------------------------------------------------------------------
Wed Feb 14 13:27:11 CET 2001 - bodammer@suse.de
- update to bind-9.1.1rc2
-------------------------------------------------------------------
Mon Feb 12 18:04:03 CET 2001 - bodammer@suse.de
- subpackages bind9-util and bind9-devel created
-------------------------------------------------------------------
Thu Feb 8 12:08:50 CET 2001 - bodammer@suse.de
- update to bind-9.1.1rc1
- missing headerfile included in stdtime.c
-------------------------------------------------------------------
Thu Jan 18 09:40:33 CET 2001 - bodammer@suse.de
- update to bind-9.1.0
-------------------------------------------------------------------
Tue Nov 28 19:01:37 CET 2000 - bodammer@suse.de
- Fix location of rcscript
-------------------------------------------------------------------
Thu Nov 23 23:46:02 CET 2000 - ro@suse.de
- added insserv calls
-------------------------------------------------------------------
Thu Nov 23 22:40:37 CET 2000 - bodammer@suse.de
- rcscript update
-------------------------------------------------------------------
Mon Nov 13 18:19:00 CET 2000 - bodammer@suse.de
- update to bind-9.0.1
-------------------------------------------------------------------
Fri Oct 6 18:09:53 CEST 2000 - kukuk@suse.de
- change group tag
-------------------------------------------------------------------
Mon Sep 18 11:07:47 CEST 2000 - bodammer@suse.de
- update to bind-9.0.0 ( first release version )
-------------------------------------------------------------------
Wed Aug 30 13:19:52 CEST 2000 - bodammer@suse.de
- update to bind-9.0.0rc5
-------------------------------------------------------------------
Wed Aug 16 09:30:11 CEST 2000 - bodammer@suse.de
- update to bind-9.0.0rc3
-------------------------------------------------------------------
Thu Aug 10 19:50:49 CEST 2000 - bodammer@suse.de
- update to bind-9.0.0rc2
- nslookup renamed to nslookup9
-------------------------------------------------------------------
Thu Jul 13 09:53:58 CEST 2000 - bodammer@suse.de
- update to bind-9.0.0rc1 (release candidate)
-------------------------------------------------------------------
Mon Jul 3 23:10:21 CEST 2000 - bodammer@suse.de
- update to bind-9.0.0b5
- host renamed to host9
-------------------------------------------------------------------
Fri Jun 16 10:55:41 CEST 2000 - bodammer@suse.de
- update to bind-9.0.0b4
-------------------------------------------------------------------
Thu May 25 18:19:21 CEST 2000 - bodammer@suse.de
- dig renamed to dig9 to avoid conflicts with dig from bindutil
- libtool-fix added
- option -f added to suse_update_config-macro
-------------------------------------------------------------------
Wed May 24 10:10:43 CEST 2000 - bodammer@suse.de
- update to bind-9.0.0b3
- configure option added to build shared libraries
-------------------------------------------------------------------
Mon May 15 15:49:35 CEST 2000 - schwab@suse.de
- Update config files.
- Fix 64-bit bug.
-------------------------------------------------------------------
Fri May 12 16:24:15 CEST 2000 - bodammer@suse.de
- update to bind9-snap-20000510
-------------------------------------------------------------------
Tue May 2 09:44:15 CEST 2000 - bodammer@suse.de
- update to bind9-snap-20000427a
-------------------------------------------------------------------
Wed Apr 19 10:27:15 CEST 2000 - bodammer@suse.de
- update to bind9-snap-20000414
-------------------------------------------------------------------
Tue Mar 28 19:03:17 CEST 2000 - bodammer@suse.de
- update to bind-9.0.0b2
-------------------------------------------------------------------
Mon Feb 7 21:26:09 CET 2000 - bodammer@suse.de
- first public beta version bind-9.0.0b1

1054
bind.spec Normal file
View File

File diff suppressed because it is too large Load Diff

31
configure.in.diff Normal file
View File

@ -0,0 +1,31 @@
--- bind-9.2.3/configure.in
+++ bind-9.2.3/configure.in 2004-06-20 08:17:09
@@ -24,7 +24,7 @@
AC_CANONICAL_HOST
AC_PROG_MAKE_SET
-AC_PROG_RANLIB
+AC_PROG_LIBTOOL
AC_PROG_INSTALL
AC_SUBST(STD_CINCLUDES)
@@ -1636,7 +1636,7 @@
# empty). The variable VARIABLE will be substituted into output files.
#
-AC_DEFUN(NOM_PATH_FILE, [
+AC_DEFUN([NOM_PATH_FILE], [
$1=""
AC_MSG_CHECKING(for $2)
for d in $3
--- bind-9.2.2rc1/lib/bind/configure.in
+++ bind-9.2.2rc1/lib/bind/configure.in 2003-01-31 11:18:00
@@ -23,7 +23,7 @@
AC_CANONICAL_HOST
AC_PROG_MAKE_SET
-AC_PROG_RANLIB
+AC_PROG_LIBTOOL
AC_PROG_INSTALL
AC_SUBST(STD_CINCLUDES)

124
dnszone-schema.txt Normal file
View File

@ -0,0 +1,124 @@
# A schema for storing DNS zones in LDAP
#
attributetype ( 1.3.6.1.4.1.2428.20.0.0 NAME 'dNSTTL'
DESC 'An integer denoting time to live'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
attributetype ( 1.3.6.1.4.1.2428.20.0.1 NAME 'dNSClass'
DESC 'The class of a resource record'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.0.2 NAME 'zoneName'
DESC 'The name of a zone, i.e. the name of the highest node in the zone'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.0.3 NAME 'relativeDomainName'
DESC 'The starting labels of a domain name'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.12 NAME 'pTRRecord'
DESC 'domain name pointer, RFC 1035'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.13 NAME 'hInfoRecord'
DESC 'host information, RFC 1035'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.14 NAME 'mInfoRecord'
DESC 'mailbox or mail list information, RFC 1035'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.16 NAME 'tXTRecord'
DESC 'text string, RFC 1035'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.24 NAME 'SigRecord'
DESC 'Signature, RFC 2535'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.25 NAME 'KeyRecord'
DESC 'Key, RFC 2535'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.28 NAME 'aAAARecord'
DESC 'IPv6 address, RFC 1886'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.29 NAME 'LocRecord'
DESC 'Location, RFC 1876'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.30 NAME 'nXTRecord'
DESC 'non-existant, RFC 2535'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.33 NAME 'sRVRecord'
DESC 'service location, RFC 2782'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.35 NAME 'nAPTRRecord'
DESC 'Naming Authority Pointer, RFC 2915'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.36 NAME 'kXRecord'
DESC 'Key Exchange Delegation, RFC 2230'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.37 NAME 'certRecord'
DESC 'certificate, RFC 2538'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.38 NAME 'a6Record'
DESC 'A6 Record Type, RFC 2874'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.2428.20.1.39 NAME 'dNameRecord'
DESC 'Non-Terminal DNS Name Redirection, RFC 2672'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
objectclass ( 1.3.6.1.4.1.2428.20.3 NAME 'dNSZone'
SUP top STRUCTURAL
MUST ( zoneName $ relativeDomainName )
MAY ( DNSTTL $ DNSClass $
ARecord $ MDRecord $ MXRecord $ NSRecord $
SOARecord $ CNAMERecord $ PTRRecord $ HINFORecord $
MINFORecord $ TXTRecord $ SIGRecord $ KEYRecord $
AAAARecord $ LOCRecord $ NXTRecord $ SRVRecord $
NAPTRRecord $ KXRecord $ CERTRecord $ A6Record $
DNAMERecord ) )

622
idnkit-1.0.diff Normal file
View File

@ -0,0 +1,622 @@
--- bind-9.2.3/bin/dig/dig.1
+++ bind-9.2.3/bin/dig/dig.1 Tue Jul 22 15:01:36 2003
@@ -354,4 +354,15 @@
will not print the initial query when it looks up the NS records for
isc.org.
+.SH "IDN SUPPORT"
+.PP
+If \fBdig\fR has been built with IDN (internationalized
+domain name) support, it can accept and display non-ASCII domain names.
+\fBdig\fR appropriately converts character encoding of
+domain name before sending a request to DNS server or displaying a
+reply from the server.
+If you'd like to turn off the IDN support for some reason, defines
+the \fBIDN_DISABLE\fR environment variable.
+The IDN support is disabled if the the variable is set when
+\fBdig\fR runs.
.SH "FILES"
.PP
--- bind-9.3.0/bin/dig/Makefile.in
+++ bind-9.3.0/bin/dig/Makefile.in 2004/11/03 16:31:56
@@ -45,7 +45,7 @@
${LWRESDEPLIBS}
LIBS = ${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} ${ISCLIBS} \
- ${ISCCFGLIBS} @LIBS@
+ ${ISCCFGLIBS} @IDNLIBS@ @LIBS@
SUBDIRS =
--- bind-9.2.3/bin/dig/dig.docbook
+++ bind-9.2.3/bin/dig/dig.docbook Tue Jul 22 15:01:36 2003
@@ -530,4 +530,19 @@
<refsect1>
+<title>IDN SUPPORT</title>
+<para>
+If <command>dig</command> has been built with IDN (internationalized
+domain name) support, it can accept and display non-ASCII domain names.
+<command>dig</command> appropriately converts character encoding of
+domain name before sending a request to DNS server or displaying a
+reply from the server.
+If you'd like to turn off the IDN support for some reason, defines
+the <envar>IDN_DISABLE</envar> environment variable.
+The IDN support is disabled if the the variable is set when
+<command>dig</command> runs.
+</para>
+</refsect1>
+
+<refsect1>
<title>FILES</title>
<para>
--- bind-9.2.3/bin/dig/dighost.c
+++ bind-9.2.3/bin/dig/dighost.c Tue Jul 22 15:01:36 2003
@@ -33,4 +33,15 @@
#include <limits.h>
+#ifdef HAVE_LOCALE_H
+#include <locale.h>
+#endif
+
+#ifdef WITH_IDN
+#include <idn/result.h>
+#include <idn/log.h>
+#include <idn/resconf.h>
+#include <idn/api.h>
+#endif
+
#include <dns/byaddr.h>
#include <dns/fixedname.h>
@@ -132,4 +143,16 @@
dig_lookup_t *current_lookup = NULL;
+#ifdef WITH_IDN
+static void initialize_idn(void);
+static isc_result_t output_filter(isc_buffer_t *buffer,
+ unsigned int used_org,
+ isc_boolean_t absolute);
+static idn_result_t append_textname(char *name, const char *origin,
+ size_t namesize);
+static void idn_check_result(idn_result_t r, const char *msg);
+
+#define MAXDLEN 256
+#endif
+
/*
* Apply and clear locks at the event level in global task.
@@ -683,4 +706,8 @@
}
+#ifdef WITH_IDN
+ initialize_idn();
+#endif
+
if (keyfile[0] != 0)
setup_file_key();
@@ -1203,4 +1230,12 @@
dns_compress_t cctx;
char store[MXNAME];
+#ifdef WITH_IDN
+ idn_result_t mr;
+ char utf8_textname[MXNAME], utf8_origin[MXNAME], idn_textname[MXNAME];
+#endif
+
+#ifdef WITH_IDN
+ dns_name_settotextfilter(output_filter);
+#endif
REQUIRE(lookup != NULL);
@@ -1231,4 +1266,15 @@
sizeof(lookup->onamespace));
+#ifdef WITH_IDN
+ /*
+ * We cannot convert `textname' and `origin' separately.
+ * `textname' doesn't contain TLD, but local mapping needs
+ * TLD.
+ */
+ mr = idn_encodename(IDN_LOCALCONV | IDN_DELIMMAP, lookup->textname,
+ utf8_textname, sizeof(utf8_textname));
+ idn_check_result(mr, "convert textname to UTF-8");
+#endif
+
/*
* If the name has too many dots, force the origin to be NULL
@@ -1239,4 +1285,11 @@
*/
/* XXX New search here? */
+#ifdef WITH_IDN
+ if ((count_dots(utf8_textname) >= ndots) || !usesearch)
+ lookup->origin = NULL; /* Force abs lookup */
+ else if (lookup->origin == NULL && lookup->new_search && usesearch) {
+ lookup->origin = ISC_LIST_HEAD(search_list);
+ }
+#else
if ((count_dots(lookup->textname) >= ndots) || !usesearch)
lookup->origin = NULL; /* Force abs lookup */
@@ -1244,5 +1297,27 @@
lookup->origin = ISC_LIST_HEAD(search_list);
}
+#endif
+
+#ifdef WITH_IDN
if (lookup->origin != NULL) {
+ mr = idn_encodename(IDN_LOCALCONV | IDN_DELIMMAP,
+ lookup->origin->origin, utf8_origin,
+ sizeof(utf8_origin));
+ idn_check_result(mr, "convert origin to UTF-8");
+ mr = append_textname(utf8_textname, utf8_origin,
+ sizeof(utf8_textname));
+ idn_check_result(mr, "append origin to textname");
+ }
+ mr = idn_encodename(IDN_LOCALMAP | IDN_NAMEPREP | IDN_ASCCHECK |
+ IDN_IDNCONV | IDN_LENCHECK, utf8_textname,
+ idn_textname, sizeof(idn_textname));
+ idn_check_result(mr, "convert UTF-8 textname to IDN encoding");
+#endif
+
+#ifdef WITH_IDN
+ if (0) {
+#else
+ if (lookup->origin != NULL) {
+#endif
debug("trying origin %s", lookup->origin->origin);
result = dns_message_gettempname(lookup->sendmsg,
@@ -1289,4 +1364,13 @@
dns_name_clone(dns_rootname, lookup->name);
else {
+#ifdef WITH_IDN
+ len = strlen(idn_textname);
+ isc_buffer_init(&b, idn_textname, len);
+ isc_buffer_add(&b, len);
+ result = dns_name_fromtext(lookup->name, &b,
+ dns_rootname,
+ ISC_FALSE,
+ &lookup->namebuf);
+#else
len = strlen(lookup->textname);
isc_buffer_init(&b, lookup->textname, len);
@@ -1296,4 +1380,5 @@
ISC_FALSE,
&lookup->namebuf);
+#endif
}
if (result != ISC_R_SUCCESS) {
@@ -2724,2 +2809,100 @@
isc_mem_destroy(&mctx);
}
+
+#ifdef WITH_IDN
+static void
+initialize_idn(void) {
+ idn_result_t r;
+
+#ifdef HAVE_SETLOCALE
+ /* Set locale */
+ (void)setlocale(LC_ALL, "");
+#endif
+ /* Create configuration context. */
+ r = idn_nameinit(1);
+ if (r != idn_success)
+ fatal("idn api initialization failed: %s",
+ idn_result_tostring(r));
+
+ /* Set domain name -> text post-conversion filter. */
+ dns_name_settotextfilter(output_filter);
+}
+
+static isc_result_t
+output_filter(isc_buffer_t *buffer, unsigned int used_org,
+ isc_boolean_t absolute)
+{
+ char tmp1[MAXDLEN], tmp2[MAXDLEN];
+ size_t fromlen, tolen;
+ isc_boolean_t end_with_dot;
+
+ /*
+ * Copy contents of 'buffer' to 'tmp1', supply trailing dot
+ * if 'absolute' is true, and terminate with NUL.
+ */
+ fromlen = isc_buffer_usedlength(buffer) - used_org;
+ if (fromlen >= MAXDLEN)
+ return (ISC_R_SUCCESS);
+ memcpy(tmp1, (char *)isc_buffer_base(buffer) + used_org, fromlen);
+ end_with_dot = (tmp1[fromlen - 1] == '.') ? ISC_TRUE : ISC_FALSE;
+ if (absolute && !end_with_dot) {
+ fromlen++;
+ if (fromlen >= MAXDLEN)
+ return (ISC_R_SUCCESS);
+ tmp1[fromlen - 1] = '.';
+ }
+ tmp1[fromlen] = '\0';
+
+ /*
+ * Convert contents of 'tmp1' to local encoding.
+ */
+ if (idn_decodename(IDN_DECODE_APP, tmp1, tmp2, MAXDLEN) != idn_success)
+ return (ISC_R_SUCCESS);
+ strcpy(tmp1, tmp2);
+
+ /*
+ * Copy the converted contents in 'tmp1' back to 'buffer'.
+ * If we have appended trailing dot, remove it.
+ */
+ tolen = strlen(tmp1);
+ if (absolute && !end_with_dot && tmp1[tolen - 1] == '.')
+ tolen--;
+
+ if (isc_buffer_length(buffer) < used_org + tolen)
+ return (ISC_R_NOSPACE);
+
+ isc_buffer_subtract(buffer, isc_buffer_usedlength(buffer) - used_org);
+ memcpy(isc_buffer_used(buffer), tmp1, tolen);
+ isc_buffer_add(buffer, tolen);
+
+ return (ISC_R_SUCCESS);
+}
+
+static idn_result_t
+append_textname(char *name, const char *origin, size_t namesize) {
+ size_t namelen = strlen(name);
+ size_t originlen = strlen(origin);
+
+ /* Already absolute? */
+ if (namelen > 0 && name[namelen - 1] == '.')
+ return idn_success;
+
+ /* Append dot and origin */
+
+ if (namelen + 1 + originlen >= namesize)
+ return idn_buffer_overflow;
+
+ name[namelen++] = '.';
+ (void)strcpy(name + namelen, origin);
+ return idn_success;
+}
+
+static void
+idn_check_result(idn_result_t r, const char *msg) {
+ if (r != idn_success) {
+ exitcode = 1;
+ fatal("%s: %s", msg, idn_result_tostring(r));
+ }
+}
+
+#endif /* WITH_IDN */
--- bind-9.2.3/bin/dig/host.1
+++ bind-9.2.3/bin/dig/host.1 Tue Jul 22 15:01:36 2003
@@ -121,4 +121,15 @@
will be set to the number of seconds given by the hardware's maximum
value for an integer quantity.
+.SH "IDN SUPPORT"
+.PP
+If \fBhost\fR has been built with IDN (internationalized
+domain name) support, it can accept and display non-ASCII domain names.
+\fBhost\fR appropriately converts character encoding of
+domain name before sending a request to DNS server or displaying a
+reply from the server.
+If you'd like to turn off the IDN support for some reason, defines
+the \fBIDN_DISABLE\fR environment variable.
+The IDN support is disabled if the the variable is set when
+\fBhost\fR runs.
.SH "FILES"
.PP
--- bind-9.2.3/bin/dig/host.docbook
+++ bind-9.2.3/bin/dig/host.docbook Tue Jul 22 15:01:36 2003
@@ -182,4 +182,19 @@
<refsect1>
+<title>IDN SUPPORT</title>
+<para>
+If <command>host</command> has been built with IDN (internationalized
+domain name) support, it can accept and display non-ASCII domain names.
+<command>host</command> appropriately converts character encoding of
+domain name before sending a request to DNS server or displaying a
+reply from the server.
+If you'd like to turn off the IDN support for some reason, defines
+the <envar>IDN_DISABLE</envar> environment variable.
+The IDN support is disabled if the the variable is set when
+<command>host</command> runs.
+</para>
+</refsect1>
+
+<refsect1>
<title>FILES</title>
<para>
--- bind-9.2.3/lib/dns/include/dns/name.h
+++ bind-9.2.3/lib/dns/include/dns/name.h Tue Jul 22 15:01:37 2003
@@ -220,4 +220,15 @@
#define DNS_NAME_MAXWIRE 255
+#ifdef WITH_IDN
+/*
+ * Text output filter procedure.
+ * 'target' is the buffer to be converted. The region to be converted
+ * is from 'buffer'->base + 'used_org' to the end of the used region.
+ */
+typedef isc_result_t (*dns_name_totextfilter_t)(isc_buffer_t *target,
+ unsigned int used_org,
+ isc_boolean_t absolute);
+#endif
+
/***
*** Initialization
@@ -1261,4 +1272,12 @@
*
*/
+
+#ifdef WITH_IDN
+void
+dns_name_settotextfilter(dns_name_totextfilter_t proc);
+/*
+ * Call 'proc' at the end of dns_name_totext.
+ */
+#endif /* WITH_IDN */
#define DNS_NAME_FORMATSIZE (DNS_NAME_MAXTEXT + 1)
--- bind-9.2.3/lib/dns/name.c
+++ bind-9.2.3/lib/dns/name.c Tue Jul 22 15:01:36 2003
@@ -196,4 +196,11 @@
dns_name_t *dns_wildcardname = &wild;
+#ifdef WITH_IDN
+/*
+ * dns_name_t to text post-conversion procedure.
+ */
+static dns_name_totextfilter_t totext_filter_proc = NULL;
+#endif
+
static void
set_offsets(const dns_name_t *name, unsigned char *offsets,
@@ -1700,4 +1707,7 @@
isc_boolean_t saw_root = ISC_FALSE;
char num[4];
+#ifdef WITH_IDN
+ unsigned int oused = target->used;
+#endif
/*
@@ -1877,4 +1887,8 @@
isc_buffer_add(target, tlen - trem);
+#ifdef WITH_IDN
+ if (totext_filter_proc != NULL)
+ return ((*totext_filter_proc)(target, oused, saw_root));
+#endif
return (ISC_R_SUCCESS);
}
@@ -3341,2 +3355,8 @@
}
+#ifdef WITH_IDN
+void
+dns_name_settotextfilter(dns_name_totextfilter_t proc) {
+ totext_filter_proc = proc;
+}
+#endif
--- bind-9.2.3/README.idnkit
+++ bind-9.2.3/README.idnkit Tue Jul 22 15:01:35 2003
@@ -0,0 +1,113 @@
+
+ BIND-9 IDN patch
+
+ Japan Network Information Center (JPNIC)
+
+
+* What is this patch for?
+
+This patch adds internationalized domain name (IDN) support to BIND-9.
+You'll get internationalized version of dig/host/nslookup commands.
+
+ + internationalized dig/host/nslookup
+ dig/host/nslookup accepts non-ASCII domain names in the local
+ codeset (such as Shift JIS, Big5 or ISO8859-1) determined by
+ the locale information. The domain names are normalized and
+ converted to the encoding on the DNS protocol, and sent to DNS
+ servers. The replies are converted back to the local codeset
+ and displayed.
+
+
+* Compilation & installation
+
+0. Prerequisite
+
+You have to build and install idnkit before building this patched version
+of bind-9.
+
+1. Running configure script
+
+Run `configure' in the top directory. See `README' for the
+configuration options.
+
+This patch adds the following 4 options to `configure'. You should
+at least specify `--with-idn' option to enable IDN support.
+
+ --with-idn[=IDN_PREFIX]
+ To enable IDN support, you have to specify `--with-idn' option.
+ The argument IDN_PREFIX is the install prefix of idnkit. If
+ IDN_PREFIX is omitted, PREFIX (derived from `--prefix=PREFIX')
+ is assumed.
+
+ --with-libiconv[=LIBICONV_PREFIX]
+ Specify this option if idnkit you have installed links GNU
+ libiconv. The argument LIBICONV_PREFIX is install prefix of
+ GNU libiconv. If the argument is omitted, PREFIX (derived
+ from `--prefix=PREFIX') is assumed.
+
+ `--with-libiconv' is shorthand option for GNU libiconv.
+
+ --with-libiconv=/usr/local
+
+ This is equivalent to:
+
+ --with-iconv='-L/usr/local/lib -R/usr/local/lib -liconv'
+
+ `--with-libiconv' assumes that your C compiler has `-R'
+ option, and that the option adds the specified run-time path
+ to an exacutable binary. If `-R' option of your compiler has
+ different meaning, or your compiler lacks the option, you
+ should use `--with-iconv' option instead. Binary command
+ without run-time path information might be unexecutable.
+ In that case, you would see an error message like:
+
+ error in loading shared libraries: libiconv.so.2: cannot
+ open shared object file
+
+ If both `--with-libiconv' and `--with-iconv' options are
+ specified, `--with-iconv' is prior to `--with-libiconv'.
+
+ --with-iconv=ICONV_LIBSPEC
+ If your libc doens't provide iconv(), you need to specify the
+ library containing iconv() with this option. `ICONV_LIBSPEC'
+ is the argument(s) to `cc' or `ld' to link the library, for
+ example, `--with-iconv="-L/usr/local/lib -liconv"'.
+ You don't need to specify the header file directory for "iconv.h"
+ to the compiler, as it isn't included directly by bind-9 with
+ this patch.
+
+ --with-idnlib=IDN_LIBSPEC
+ With this option, you can explicitly specify the argument(s)
+ to `cc' or `ld' to link the idnkit's library, `libidnkit'. If
+ this option is not specified, `-L${PREFIX}/lib -lidnkit' is
+ assumed, where ${PREFIX} is the installation prefix specified
+ with `--with-idn' option above. You may need to use this
+ option to specify extra argments, for example,
+ `--with-idnlib="-L/usr/local/lib -R/usr/local/lib -lidnkit"'.
+
+Please consult `README' for other configuration options.
+
+Note that if you want to specify some extra header file directories,
+you should use the environment variable STD_CINCLUDES instead of
+CFLAGS, as described in README.
+
+2. Compilation and installation
+
+After running "configure", just do
+
+ make
+ make install
+
+for compiling and installing.
+
+
+* Contact information
+
+Please see http//www.nic.ad.jp/en/idn/ for the latest news
+about idnkit and this patch.
+
+Bug reports and comments on this kit should be sent to
+mdnkit-bugs@nic.ad.jp and idn-cmt@nic.ad.jp, respectively.
+
+
+; $Id: bind-9.2.3rc1-patch,v 1.1.2.1 2003/07/22 06:02:05 marka Exp $
--- bind-9.2.3/config.h.in
+++ bind-9.2.3/config.h.in Tue Jul 22 15:05:37 2003
@@ -137,4 +137,7 @@
#undef HAVE_STRERROR
+/* Define if you have the setlocale function. */
+#undef HAVE_SETLOCALE
+
/* Define to 1 if you have the <dlfcn.h> header file. */
#undef HAVE_DLFCN_H
@@ -164,4 +167,7 @@
#undef HAVE_LINUX_CAPABILITY_H
+/* Define if you have the <locale.h> header file. */
+#undef HAVE_LOCALE_H
+
/* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H
@@ -183,4 +189,8 @@
/* Define to 1 if you have the <sys/select.h> header file. */
+
+/* define if idnkit support is to be included. */
+#undef WITH_IDN
+
#undef HAVE_SYS_SELECT_H
--- bind-9.2.3/configure.in
+++ bind-9.2.3/configure.in Tue Jul 22 15:01:35 2003
@@ -1696,4 +1696,80 @@
#
+# IDN support
+#
+AC_ARG_WITH(idn,
+ [ --with-idn[=MPREFIX] enable IDN support using idnkit [default PREFIX]],
+ use_idn="$withval", use_idn="no")
+case "$use_idn" in
+yes)
+ if test X$prefix = XNONE ; then
+ idn_path=/usr/local
+ else
+ idn_path=$prefix
+ fi
+ ;;
+no)
+ ;;
+*)
+ idn_path="$use_idn"
+ ;;
+esac
+
+iconvinc=
+iconvlib=
+AC_ARG_WITH(libiconv,
+ [ --with-libiconv[=IPREFIX] GNU libiconv are in IPREFIX [default PREFIX]],
+ use_libiconv="$withval", use_libiconv="no")
+case "$use_libiconv" in
+yes)
+ if test X$prefix = XNONE ; then
+ iconvlib="-L/usr/local/lib -R/usr/local/lib -liconv"
+ else
+ iconvlib="-L$prefix/lib -R$prefix/lib -liconv"
+ fi
+ ;;
+no)
+ iconvlib=
+ ;;
+*)
+ iconvlib="-L$use_libiconv/lib -R$use_libiconv/lib -liconv"
+ ;;
+esac
+
+AC_ARG_WITH(iconv,
+ [ --with-iconv[=LIBSPEC] specify iconv library [default -liconv]],
+ iconvlib="$withval")
+case "$iconvlib" in
+no)
+ iconvlib=
+ ;;
+yes)
+ iconvlib=-liconv
+ ;;
+esac
+
+AC_ARG_WITH(idnlib,
+ [ --with-idnlib=ARG specify libidnkit],
+ idnlib="$withval", idnlib="no")
+if test "$idnlib" = yes; then
+ AC_MSG_ERROR([You must specify ARG for --with-idnlib.])
+fi
+
+IDNLIBS=
+if test "$use_idn" != no; then
+ AC_DEFINE(WITH_IDN, 1, [define if idnkit support is to be included.])
+ STD_CINCLUDES="$STD_CINCLUDES -I$idn_path/include"
+ if test "$idnlib" != no; then
+ IDNLIBS="$idnlib $iconvlib"
+ else
+ IDNLIBS="-L$idn_path/lib -lidnkit $iconvlib"
+ fi
+fi
+AC_SUBST(IDNLIBS)
+
+AC_CHECK_HEADERS(locale.h)
+AC_CHECK_FUNCS(setlocale)
+
+#
# Substitutions
#

25
named-bootconf.diff Normal file
View File

@ -0,0 +1,25 @@
--- contrib/named-bootconf/named-bootconf.sh
+++ contrib/named-bootconf/named-bootconf.sh 2005/11/21 10:57:33
@@ -54,9 +54,10 @@
# POSSIBILITY OF SUCH DAMAGE.
if [ ${OPTIONFILE-X} = X ]; then
- OPTIONFILE=/tmp/.options.`date +%s`.$$
- ZONEFILE=/tmp/.zones.`date +%s`.$$
- COMMENTFILE=/tmp/.comments.`date +%s`.$$
+ TMPDIR=`mktemp -p /tmp/ -d named-bootconf.XXXXXXXXXX` || exit 1
+ OPTIONFILE=$TMPDIR/.options.`date +%s`.$$
+ ZONEFILE=$TMPDIR/.zones.`date +%s`.$$
+ COMMENTFILE=$TMPDIR/.comments.`date +%s`.$$
export OPTIONFILE ZONEFILE COMMENTFILE
touch $OPTIONFILE $ZONEFILE $COMMENTFILE
DUMP=1
@@ -302,7 +303,7 @@
echo "};"
cat $ZONEFILE $COMMENTFILE
- rm -f $OPTIONFILE $ZONEFILE $COMMENTFILE
+ rm -rf $TMPDIR
fi
exit 0

80
named.root Normal file
View File

@ -0,0 +1,80 @@
; This file holds the information on root name servers needed to
; initialize cache of Internet domain name servers
; (e.g. reference this file in the "cache . <file>"
; configuration file of BIND domain name servers).
;
; This file is made available by InterNIC
; under anonymous FTP as
; file /domain/named.root
; on server FTP.INTERNIC.NET
; -OR- RS.INTERNIC.NET
;
; last update: Jan 29, 2004
; related version of root zone: 2004012900
;
;
; formerly NS.INTERNIC.NET
;
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
;
; formerly NS1.ISI.EDU
;
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
;
; formerly C.PSI.NET
;
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
;
; formerly TERP.UMD.EDU
;
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
;
; formerly NS.NASA.GOV
;
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
;
; formerly NS.ISC.ORG
;
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
;
; formerly NS.NIC.DDN.MIL
;
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
;
; formerly AOS.ARL.ARMY.MIL
;
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
;
; formerly NIC.NORDU.NET
;
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
;
; operated by VeriSign, Inc.
;
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
;
; operated by RIPE NCC
;
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
;
; operated by ICANN
;
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 198.32.64.12
;
; operated by WIDE
;
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
; End of File

125
nsupdate.8.diff Normal file
View File

@ -0,0 +1,125 @@
--- bin/nsupdate//nsupdate.8 2006-07-06 11:17:01.000000000 +0200
+++ /usr/share/man/man8/nsupdate.8 2006-07-06 11:19:37.000000000 +0200
@@ -29,7 +29,6 @@
.SH "NAME"
nsupdate \- Dynamic DNS update utility
.SH "SYNOPSIS"
-.HP 9
\fBnsupdate\fR [\fB\-d\fR] [[\fB\-y\ \fR\fB\fIkeyname:secret\fR\fR] [\fB\-k\ \fR\fB\fIkeyfile\fR\fR]] [\fB\-t\ \fR\fB\fItimeout\fR\fR] [\fB\-u\ \fR\fB\fIudptimeout\fR\fR] [\fB\-r\ \fR\fB\fIudpretries\fR\fR] [\fB\-v\fR] [filename]
.SH "DESCRIPTION"
.PP
@@ -124,7 +123,7 @@
.PP
The command formats and their meaning are as follows:
.TP
-.HP 7 \fBserver\fR {servername} [port]
+\fBserver\fR {servername} [port]
Sends all dynamic update requests to the name server
\fIservername\fR. When no server statement is provided,
\fBnsupdate\fR
@@ -134,7 +133,7 @@
\fIservername\fR
where the dynamic update requests get sent. If no port number is specified, the default DNS port number of 53 is used.
.TP
-.HP 6 \fBlocal\fR {address} [port]
+\fBlocal\fR {address} [port]
Sends all dynamic update requests using the local
\fIaddress\fR. When no local statement is provided,
\fBnsupdate\fR
@@ -142,7 +141,7 @@
\fIport\fR
can additionally be used to make requests come from a specific port. If no port number is specified, the system will assign one.
.TP
-.HP 5 \fBzone\fR {zonename}
+\fBzone\fR {zonename}
Specifies that all updates are to be made to the zone
\fIzonename\fR. If no
\fIzone\fR
@@ -150,13 +149,13 @@
\fBnsupdate\fR
will attempt determine the correct zone to update based on the rest of the input.
.TP
-.HP 6 \fBclass\fR {classname}
+\fBclass\fR {classname}
Specify the default class. If no
\fIclass\fR
is specified the default class is
\fIIN\fR.
.TP
-.HP 4 \fBkey\fR {name} {secret}
+\fBkey\fR {name} {secret}
Specifies that all updates are to be TSIG signed using the
\fIkeyname\fR\fIkeysecret\fR
pair. The
@@ -166,16 +165,16 @@
or
\fB\-k\fR.
.TP
-.HP 16 \fBprereq nxdomain\fR {domain\-name}
+\fBprereq nxdomain\fR {domain\-name}
Requires that no resource record of any type exists with name
\fIdomain\-name\fR.
.TP
-.HP 16 \fBprereq yxdomain\fR {domain\-name}
+\fBprereq yxdomain\fR {domain\-name}
Requires that
\fIdomain\-name\fR
exists (has as at least one resource record, of any type).
.TP
-.HP 15 \fBprereq nxrrset\fR {domain\-name} [class] {type}
+\fBprereq nxrrset\fR {domain\-name} [class] {type}
Requires that no resource record exists of the specified
\fItype\fR,
\fIclass\fR
@@ -184,7 +183,7 @@
\fIclass\fR
is omitted, IN (internet) is assumed.
.TP
-.HP 15 \fBprereq yxrrset\fR {domain\-name} [class] {type}
+\fBprereq yxrrset\fR {domain\-name} [class] {type}
This requires that a resource record of the specified
\fItype\fR,
\fIclass\fR
@@ -194,7 +193,7 @@
\fIclass\fR
is omitted, IN (internet) is assumed.
.TP
-.HP 15 \fBprereq yxrrset\fR {domain\-name} [class] {type} {data...}
+\fBprereq yxrrset\fR {domain\-name} [class] {type} {data...}
The
\fIdata\fR
from each set of prerequisites of this form sharing a common
@@ -208,7 +207,7 @@
\fIdata\fR
are written in the standard text representation of the resource record's RDATA.
.TP
-.HP 14 \fBupdate delete\fR {domain\-name} [ttl] [class] [type\ [data...]]
+\fBupdate delete\fR {domain\-name} [ttl] [class] [type\ [data...]]
Deletes any resource records named
\fIdomain\-name\fR. If
\fItype\fR
@@ -220,20 +219,20 @@
\fIttl\fR
is ignored, and is only allowed for compatibility.
.TP
-.HP 11 \fBupdate add\fR {domain\-name} {ttl} [class] {type} {data...}
+\fBupdate add\fR {domain\-name} {ttl} [class] {type} {data...}
Adds a new resource record with the specified
\fIttl\fR,
\fIclass\fR
and
\fIdata\fR.
.TP
-.HP 5 \fBshow\fR
+\fBshow\fR
Displays the current message, containing all of the prerequisites and updates specified since the last send.
.TP
-.HP 5 \fBsend\fR
+\fBsend\fR
Sends the current message. This is equivalent to entering a blank line.
.TP
-.HP 7 \fBanswer\fR
+\fBanswer\fR
Displays the answer.
.PP
Lines beginning with a semicolon are comments and are ignored.

24
perl-path.diff Normal file
View File

@ -0,0 +1,24 @@
--- bind-9.2.3/bin/tests/t_api.pl
+++ bind-9.2.3/bin/tests/t_api.pl 2003-10-23 12:03:38
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl
+#!/usr/bin/perl
#
# Copyright (C) 1999-2001 Internet Software Consortium.
#
--- bind-9.2.3/contrib/idn/idnkit-1.0-src/util/generate_normalize_data.pl
+++ bind-9.2.3/contrib/idn/idnkit-1.0-src/util/generate_normalize_data.pl 2003-10-23 12:03:46
@@ -1,4 +1,4 @@
-#! /usr/local/bin/perl -w
+#! /usr/bin/perl -w
# $Id: generate_normalize_data.pl,v 1.1.1.1 2003/06/04 00:27:55 marka Exp $
#
# Copyright (c) 2000,2001 Japan Network Information Center.
--- bind-9.2.3/contrib/idn/idnkit-1.0-src/util/generate_nameprep_data.pl
+++ bind-9.2.3/contrib/idn/idnkit-1.0-src/util/generate_nameprep_data.pl 2003-10-23 13:03:54
@@ -1,4 +1,4 @@
-#! /usr/local/bin/perl -w
+#! /usr/bin/perl -w
# $Id: generate_nameprep_data.pl,v 1.1.1.1 2003/06/04 00:27:54 marka Exp $
#
# Copyright (c) 2001 Japan Network Information Center. All rights reserved.

25
pid-path.diff Normal file
View File

@ -0,0 +1,25 @@
--- bind-9.2.2rc1/bin/named/include/named/globals.h
+++ bind-9.2.2rc1/bin/named/include/named/globals.h 2003/01/12 18:15:26
@@ -102,9 +102,9 @@
EXTERN isc_boolean_t ns_g_logstderr INIT(ISC_FALSE);
EXTERN const char * ns_g_defaultpidfile INIT(NS_LOCALSTATEDIR
- "/run/named.pid");
+ "/run/named/named.pid");
EXTERN const char * lwresd_g_defaultpidfile INIT(NS_LOCALSTATEDIR
- "/run/lwresd.pid");
+ "/run/named/lwresd.pid");
EXTERN const char * ns_g_username INIT(NULL);
#undef EXTERN
--- bind-9.2.2rc1/contrib/nanny/nanny.pl
+++ bind-9.2.2rc1/contrib/nanny/nanny.pl 2003-02-19 18:44:10.000000000 +0100
@@ -19,7 +19,7 @@
# A simple nanny to make sure named stays running.
-$pid_file_location = '/var/run/named.pid';
+$pid_file_location = '/var/run/named/named.pid';
$nameserver_location = 'localhost';
$dig_program = 'dig';
$named_program = 'named';

119
pie_compile.diff Normal file
View File

@ -0,0 +1,119 @@
--- bin/check/Makefile.in
+++ bin/check/Makefile.in 2005/06/17 13:01:56
@@ -55,8 +55,12 @@
MANOBJS = ${MANPAGES} ${HTMLPAGES}
+EXT_CFLAGS = -fPIE
+
@BIND9_MAKE_RULES@
+LDFLAGS += -pie
+
named-checkconf.@O@: named-checkconf.c
${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \
-DVERSION=\"${VERSION}\" \
--- bin/dig/Makefile.in
+++ bin/dig/Makefile.in 2005/06/17 13:02:54
@@ -63,8 +63,12 @@
MANOBJS = ${MANPAGES} ${HTMLPAGES}
+EXT_CFLAGS = -fPIE
+
@BIND9_MAKE_RULES@
+LDFLAGS += -pie
+
dig@EXEEXT@: dig.@O@ dighost.@O@ ${UOBJS} ${DEPLIBS}
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \
dig.@O@ dighost.@O@ ${UOBJS} ${LIBS}
--- bin/dnssec/Makefile.in
+++ bin/dnssec/Makefile.in 2005/06/17 13:03:30
@@ -51,8 +51,12 @@
MANOBJS = ${MANPAGES} ${HTMLPAGES}
+EXT_CFLAGS = -fPIE
+
@BIND9_MAKE_RULES@
+LDFLAGS += -pie
+
dnssec-keygen@EXEEXT@: dnssec-keygen.@O@ ${OBJS} ${DEPLIBS}
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ \
dnssec-keygen.@O@ ${OBJS} ${LIBS}
--- bin/Makefile.in
+++ bin/Makefile.in 2005/06/17 12:52:58
@@ -22,4 +22,8 @@
SUBDIRS = named rndc dig dnssec tests nsupdate check
TARGETS =
+EXT_CFLAGS = -fPIE
+
@BIND9_MAKE_RULES@
+
+LDFLAGS += -pie
--- bin/named/Makefile.in
+++ bin/named/Makefile.in 2005/06/17 12:41:37
@@ -91,8 +91,12 @@
MANOBJS = ${MANPAGES} ${HTMLPAGES}
+EXT_CFLAGS = -fPIE
+
@BIND9_MAKE_RULES@
+LDFLAGS += -pie
+
main.@O@: main.c
${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \
-DVERSION=\"${VERSION}\" \
--- bin/named/unix/Makefile.in
+++ bin/named/unix/Makefile.in 2005/06/17 12:40:23
@@ -33,4 +33,6 @@
TARGETS = ${OBJS}
+EXT_CFLAGS = -fPIE
+
@BIND9_MAKE_RULES@
--- bin/nsupdate/Makefile.in
+++ bin/nsupdate/Makefile.in 2005/06/17 13:04:16
@@ -61,8 +61,12 @@
MANOBJS = ${MANPAGES} ${HTMLPAGES}
+EXT_CFLAGS = -fPIE
+
@BIND9_MAKE_RULES@
+LDFLAGS += -pie
+
nsupdate@EXEEXT@: nsupdate.@O@ ${UOBJS} ${DEPLIBS}
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ nsupdate.@O@ ${UOBJS} ${LIBS}
--- bin/rndc/Makefile.in
+++ bin/rndc/Makefile.in 2005/06/17 13:04:51
@@ -59,8 +59,12 @@
UOBJS = unix/os.@O@
+EXT_CFLAGS = -fPIE
+
@BIND9_MAKE_RULES@
+LDFLAGS += -pie
+
rndc.@O@: rndc.c
${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} \
-DVERSION=\"${VERSION}\" \
--- bin/rndc/unix/Makefile.in
+++ bin/rndc/unix/Makefile.in 2005/06/17 13:05:14
@@ -33,4 +33,6 @@
TARGETS = ${OBJS}
+EXT_CFLAGS = -fPIE
+
@BIND9_MAKE_RULES@

0
ready Normal file
View File

42
sdb_ldap.diff Normal file
View File

@ -0,0 +1,42 @@
--- bin/named/Makefile.in
+++ bin/named/Makefile.in 2004/11/26 09:41:06
@@ -26,10 +26,10 @@
#
# Add database drivers here.
#
-DBDRIVER_OBJS =
-DBDRIVER_SRCS =
+DBDRIVER_OBJS = ldapdb.@O@
+DBDRIVER_SRCS = ldapdb.c
DBDRIVER_INCLUDES =
-DBDRIVER_LIBS =
+DBDRIVER_LIBS = -lldap
CINCLUDES = -I${srcdir}/include -I${srcdir}/unix/include \
${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \
--- bin/named/main.c
+++ bin/named/main.c 2004/11/26 09:47:52
@@ -71,6 +71,7 @@
* Include header files for database drivers here.
*/
/* #include "xxdb.h" */
+#include <ldapdb.h>
static isc_boolean_t want_stats = ISC_FALSE;
static char program_name[ISC_DIR_NAMEMAX] = "named";
@@ -647,6 +648,7 @@
* Add calls to register sdb drivers here.
*/
/* xxdb_init(); */
+ ldapdb_init();
ns_server_create(ns_g_mctx, &ns_g_server);
}
@@ -663,6 +665,7 @@
* Add calls to unregister sdb drivers here.
*/
/* xxdb_clear(); */
+ ldapdb_clear();
isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
ISC_LOG_NOTICE, "exiting");

3
vendor-files.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c920d577ebbbfd13379674595c3e4bacdc69af2e0ba92715a96697fd01dc8343
size 19652