changes

早期freebsd实现

4.9.2 ------------------ BETA5 ----------------- Paul Vixie

52. A number of optimizations that fell out of negative caching and/or the
    validation code have been turned off in order to avoid confusing older
    nameservers and their unfortunate assumptions about co-invariants.
    Mark Andrews and Robert Elz were the principle debuggers and contributors
    to this part of the effort.

51. We're now much more portable to systems without Posix or BSD signals,
    thanks to Bill Wisner.

50. tools/host.c now has more reasonable error messages and can deal with
    negative caching servers.

49. Lots of Makefile gaffes are now fixed.

48. New "host" in contrib/host/, complements of Eric Wassenaar.

47. AFSDB support is now complete, thanks to Chris Everhart.

46. The bug whereby named would sporadically return NXDOMAIN when it should
    have sent back a referral has been fixed.

4.9.2 ------------------ BETA3, BETA4 ----------------- Paul Vixie

45. Robert Elz has provided updated LOCALDOMAIN environment variable 
    processing, making it more like resolv.conf's "search" than "domain".
    In the spirit of this I have added a RES_OPTIONS environment variable
    and a corresponding "options" keyword to resolv.conf.  All of this is
    documented in the man pages and in the BOG.  Robert has also contributed
    several bug fixes to the validation and negative caching code.

4.9.2 ------------------ ALPHA ----------------- Paul Vixie

44. BETA1, BETA2, and three patches to BETA2 have all come and gone without
    itemized descriptions in this file.  I'll provide the RCS history on the
    code to anyone who asks, but basically what's been happening is that some
    core dumps were fixed, others added, then those were fixed too.  Meanwhile
    RFC 1535 has been published, codifying CERT's concerns and our answer to
    them.  BIND is now RFC 1535 compatible.  RFC's 1535, 1536, and 1537 are
    now included in the doc/ directory.  Note that Mark Andrews supplied many
    of the fixes to the core dumps, some of which were introduced by me and
    some by ISI's negative caching and/or validation code.

43. patch05 to ALPHA2 (930908) released: this includes new DNSRCH logic to
    correct a serious problem that CERT called me with today.  the change is
    subtle and will have the effect that names which could match either as
    fully qualified names or partially qualified names using the local search
    list will be found as fully qualified.  previous releases would have found
    them first through the local search list.  local search lists are a bad
    idea in my opinion; see new SEARCH_DEFAULT option in OPTIONS file for more
    information.  also in this release: limited Solaris support, in the form
    of POSIX-style signal handling used on systems which support (or require)
    it.  as of this patch, 4.9.2 has a good chance of compiling out of the box
    on Solaris, modulo makefile edits.  dig and host should be more portable
    now, too.

42. patch04 to ALPHA2 (930908) released: this corrects several borderline
    syntax errors in various Makefiles (Sun and Ultrix makes complained);
    it corrects a coredump on Ultrix systems (which aren't really as POSIX
    as i thought they were); it lets dig and nslookup compile again on SunOS;
    and it cleans up some dirty junk in named-xfer.c.  this stuff is really
    really minor but i would like to see it tested on a Sun system before the
    beta.

41. patch03 to ALPHA2 (930908) released: this uses compat/include by default
    which is helpful on BSD/386 systems and shouldn't hurt any others except
    perhaps real 4.4BSD systems (and maybe not even those); it removes Bryan
    Beecher's SHUFFLE_ADDRS option since he and I agree that Marshall Rose's
    ROUND_ROBIN stuff is more general and cleaner; it includes various patches
    to the documentation sent in by several folks (please print the BOG and
    let me know if you find problems in it); it fixes "make depend" problem
    in "man/" subdirectory; it fixes several outright bugs in Gregory Shapiro's
    SECURE_ZONES code; it removes an obscure syslog() that should have been a
    dprintf() ("validate_count -> 0"); it fixes a bug in NCACHE whereby a T_ANY
    query for a name which was negatively cached but had children would return
    _answers_ with the T_ANY type for subsequent queries; several newer syslog
    messages were reworded to make them clearer; a portability bug in the
    SUNSECURITY logic was fixed; another in the RFC1101 logic was fixed;
    support for the PAGER environment variable was added to nslookup (sorry,
    i know we're in functional freeze but this will enable development in the
    next cycle and it was pretty simple) and only affects the "view" and "help"
    commands.

40. patch02 to ALPHA2 (930908) released; this includes more fixed from Mark
    Andrews, this time to Anant's NCACHE stuff (memory leak and functional
    bug).  Also included is a patch from Gregory Neil Shapiro to his SECURE_
    ZONES code, which I hadn't noticed since I don't run it here.

39. patch01 to ALPHA2 (930908) released; this includes some fixes from Mark
    Andrews to his "clev" and ADDAUTH stuff.  The "clev" patch fixes a problem
    on all servers; the ADDAUTH stuff is still experimental so most users will
    not be affected by it.  Dave Morrison also sent a patch for the USE_UTIME
    logic, which is important for ULTRIX systems.

38. 4.9.2-ALPHA2 released on 930908.

37. Mark Andrews sent an initial attempt at implementing ADDAUTH, which will
    eventually allow named to include authority and glue RR's with all 
    authoritative answers.  I am not sure that the design goal is right, and
    the implementation currently sends back glue RR's but no authority RR's,
    so I'm recommending against using this for now.  But since it changes some
    internal interfaces in a harmless enough way, I'm including the changes.

36. Marshall Rose's ROUND_ROBIN code snuck in at the last hour.  This is the
    best answer I've seen to the problems purported to be solved by SA RR's,
    and my wording in the OPTIONS file shows this.

35. These items from TODO is now done:

    [vixie@pa.dec.com 25apr93]: clean up debugging
	replace all "#ifdef DEBUG...fprintf(...)...#endif" with dprintf(...)
	which would be a macro that only expands to an fprintf() if DEBUG is
	set.  dprintf(x, (args)) with x as the log level.  perhaps change log
	levels to be symbolic, and perhaps make them a mask instead of a limit.

    [vixie@pa.dec.com 25apr93]: clean up #ifdef's and portability
	add and use function prototypes.  make everything static that can be.
	externs should only be in .h files (add more .h files, per module if
	needed, to cover these).  add "export" keyword (null define) to make
	it clear which names are exported and which are static.  all top-blevel
	names in a module must be "export" or "static".

    [gshapiro@wpi.wpi.edu and vixie@pa.dec.com 26apr93]: access control
	"xfrnets" is ok but what we really need is full access control per
	zone rather than a global list of acceptable client nets.  this is
	especially important if you send /etc/passwd via zone transfer.

    [postel@isi.edu anant@isi.edu jaffe@noc.rutgers.edu
     28apr93]: negative caching
	Paul:
	We'ed like to have included in 4.9.1
	our implemention for negative caching.
	--jon & Anant.

    [vixie@pa.dec.com 16may93]: inet_addr needs to die
	to be replaced by calls to inet_aton, which doesn't confuse the
	broadcast address with bad addresses.

    [Paul:  I know you said that you'd like to wait for the IETF DNS WG to
	"bless" an official load balancing scheme, but I'll be adding my
	shuffle A records to BIND 4.9 for use here at U-M anyhow.  The code
	mods to existing source files are minimal since the bulk of the work
	is done in a separate .c I added.  If you don't want SA records to
	move into 4.9.1 unless they become official, please just toss this
	first entry. --bryan@umich.edu]

    [bryan@umich.edu 25apr93]: add "shuffle A" records
	There are several schemes for adding some kind of load balancing
	capability to the DNS.  Our "Shuffle Address" (SA) records are one
	stab at this, and since they're in use at U-M, I need to add them
	so we can use BIND 4.9 here.

    [bryan@umich.edu 25apr93]: add AFSDB records
	AFSDB records were proposed in RFC xxxx.  We use them here at the
	University of Michigan, so I need to add them for our copy of
	BIND 4.9.

    [bryan@umich.edu 25apr93]: small fix to resolver's p_cdname()
	The current copy of p_cdname() in the resolver does not work
	for query responses larger than 512 bytes (which can happen when
	using TCP).  A very small modification changes the "sanity check"
	argument (the second one) to dn_expand() from "msg + 512" to
	"cp + MAXCDNAME".  (This showed up very recently.)

34. While waiting for some last minute changes from volunteers, I looked
    at my work queue and saw that asp@uunet.uu.net had asked a while ago
    that named not fork/exec a named-xfer unless it had already determined
    that the serial number was out of date.  This is important to sites like
    UUNET and DECWRL, which have thousands of "secondary" lines in their
    named.boot and can take hours to check all the serial numbers at boot
    time if named forks/execs named-xfer and lets named-xfer compare the
    serial numbers, rather than comparing them in named and only fork/exec'ing
    a named-xfer if it's actually neccessary to do a transfer.  In spite of
    C's lack of threads, this only took a few hours to do.  So it's in.

33. Gregory Shapiro's "secure_zone" changes are in.  See the BOG.

32. Internals changes: STATS is no longer optional; ns_req() has been split
    into three functions for readability.  Convex systems are now supported.
    You can now define LOG_FAC in conf/options.h if you want to syslog as
    LOG_LOCAL1 or some other non-LOG_DAEMON value.  The mkstemp() problem on
    ULTRIX has been fixed.  More dead code has been eliminated.

31. Large TCP queries are now printable in debug mode (which is used by
    "dig" and "nslookup"), thanks to a patch and a lot of patient explain-
    ations from Bryan Beecher.

30. Data from subdomains ("deeper zones") is now considered more credible
    than data from parent zones, if both are authoritative.  This permits
    a subdomain's data to differ from its parents delegation information
    and have the most-local information supercede the least-local.  Mark
    Andrews <marka@syd.dms.csiro.au> sent this in, and it is nonoptional.

29. rossc@ucc.su.oz.au's SUNSECURITY patch is now included, along with
    marka@syd.dms.csiro.au's performance improvement to it.  Note that
    I am violating my own policies by including this, since it came
    without a corresponding patch to OPTIONS, conf/options.h, and the BOG.

28. Interfaces with multiple addresses were not being handled properly.
    This is an issue for 4.3-Reno and later BSD systems, including BNR2
    ("Net-2") and 4.4BSD.  Multiple addresses are not properly handled
    as if they were all aliases for the localhost.

27. Jukka Ukkonen <ukkonen@csc.fi> sent me some patches for the Convex,
    which I've put it but cannot test.

26. sob@tmc.edu (Stan Barber) sent me new versions of contrib/host/host.c
    and contrib/host/send.c, which I have installed but not tested.  I am
    still waiting for someone to update the version in tools/host.c, which
    is going to be a lot more work.  Contact me via e-mail if you want to
    help.

25. My credibility stuff from the original 4.9 (and before that, KJB)
    was operating under a ``scorched earth'' policy due to a brain fault
    on my part when I wrote the code originally.  Tim.Goodwin@pipex.net
    discovered this and sent in a patch.  Note that throwing out glue is
    generally OK since glue is generally NOT OK, but disposing of it after
    ~20 references is a lot better than disposing of it after 1 reference.

24. NS RR sorting on forwarded and system queries was not happening
    unless more than 1024 milliseconds of RTT variance existed among
    the servers.  This was a good value for development and testing
    but not for production use.  The value is now 128 milliseconds.
    No, this should not be a configurable in the boot file.

23. I am including a file doc/FAQ which was posted to usenet as:
	From: craig@ecel.uwa.edu.au (Craig Richmond - division)
	Newsgroups: comp.protocols.tcp-ip.domains
	Subject: FAQ: Setting up a basic DNS server for a domain
	Date: 3 Aug 1993 10:53:51 GMT
	Organization: The University of Western Australia
	Lines: 1088
	Message-ID: <23lg3v$1go@uniwa.uwa.edu.au>
	Summary: Step by Step implementation of a DNS server
	Keywords: FAQ DNS setup

22. named-xfer now syslogs if the remote server's serial number is _lower_
    than ours, which does seem like a bad thing.  per@erix.ericsson.se
    (Per Hedeland) sent this in.

21. man/resolver.3 had a typo on the exp_dn argument to dn_expand.  fixed.
    (Steve Alexander <stevea@lachman.com> sent this in.)

20. include/sys/cdefs.h moved to compat/include/sys/cdefs.h since some
    systems have their own which must be used.  the top-level makefile
    must be edited if you are on one of these systems, since the default
    CFLAGS includes this new directory as a -I directive.  sys/bitypes.h
    has also moved.

19. A neccessary bug fix for ISI's VALIDATE/NCACHE code has been incorporated.
    If you had to rebuild without these turned on in options.h to get your
    CNAME lookups to work again in an earlier 4.9.2 ALPHA, you can turn them
    on again now.