2012-04-23 Paul A. Rombouts * src/dns_query.c Refine the return values of p_dns_cached_resolve(), p_dns_resolve() and p_recursive_query() so that they distinguish between answers found in the cache and replies obtained by querying other servers. This, among other things, can be used to prevent data that was recently obtained from the cache needlessly being added back to the cache. 2012-04-22 Paul A. Rombouts * configure.in On the Linux platform, check if we can compile and link with the -pthread flag instead of linking with -lpthread. 2012-04-21 Paul A. Rombouts * src/dns_query.c When following the delegation chain trying to get an authoritative answer, pdnsd would answer with SERVFAIL if it failed to get a reply from the last server in the chain. Instead pdnsd will now use the last reply in the chain with RCode=0 that raised the AA or RA flag, if there is one. 2012-04-19 Paul A. Rombouts * src/cache.c In report_cache_stat(), make copies of volatile data to get a consistent data set before making calculations with cache size and entry numbers. 2012-04-16 Paul A. Rombouts * src/netdev.c If we can't open /proc/net/if_inet6 in is_local_addr() log a warning message. 2012-04-15 Paul A. Rombouts * src/dns_query.c The code checking for duplicate IP addresses obtained from NS records in auth_ok() has been slightly optimized. 2012-04-12 Paul A. Rombouts * src/dns_query.c When resolving nameservers obtained from NS records, allow pdnsd to use more than one IP address per nameserver. In rare cases, using just one IP address for each nameserver will cause unnecessary resolve failures if the address chosen for each nameserver happens to be unreachable while the other addresses would lead to successful resolution, as demonstrated by Yuri Vorobyev. 2012-03-16 Paul A. Rombouts * src/cache.c When adding RR records one by one to a cache entry using add_cent_rr(), use the smallest ttl value in case of conflicting ttls. Code for local/nonlocal conflict resolution has been taken out of add_cent_rr_int() and put into add_cent_rr() and cr_check_add() which should be slightly more efficient. 2012-03-15 Paul A. Rombouts * src/dns_query.c Enforcing strict RFC 2181 compliance by rejecting all the answers with inconsistent ttl timestamps can cause undesirable resolve failures. I have tried to implement a more compromising solution, whereby inconsistent answers that should be normally rejected are still never cached, but are nevertheless used as intermediary or temporary results if all else fails. 2012-03-13 Paul A. Rombouts * src/dns_query.c Fixed a typo in rr_to_cache() that caused pdnsd to fail to compile when configured with the --enable-strict-rfc2181 option. Thanks to Gonzalo L. R. for reporting this problem. Also changed the return value of rr_to_cache() from a simple boolean to an RC code in order to properly distinguish between memory allocation errors and time-stamp inconsistencies. 2012-02-21 Paul A. Rombouts * src/dns_query.c If we have used EDNS in a query and the remote server answered with rcode "format error", try again with the OPT pseudo-record removed from the additional section of the query. Also fixed a bug in p_exec_query() that caused pdnsd to behave as if every reply with a non-empty additional section contained an OPT record. 2012-02-15 Paul A. Rombouts * src/dns_answer.c,src/helpers.c,src/helpers.h,src/icmp.c, src/ipvers.h,src/main.c,src/netdev.c Introduced a new macro SEL_IPVER() to reduce some of the clutter in the code caused by having to support both IPv4 and IPv6. 2012-01-31 Paul A. Rombouts * configure.in Add AM_PROG_CC_C_O line to configure.in to prevent automake warning. 2012-01-29 Paul A. Rombouts * src/cache.c In report_cache_stat(), add the average number of bytes used per cache entry when reporting the cache status, as suggested by M. Galabant. 2012-01-28 Paul A. Rombouts * src/dns_answer.c,src/dns_query.c Cleaned up the code a bit to avoid warning messages when compiling with '-Wall -Winline' flags. 2012-01-18 Paul A. Rombouts * src/conff.c Set the default of the edns_query option to false. 2011-07-31 Paul Rombouts * src/cache.c Use a slightly more sophisticated merge-sort algorithm in sort_rrl(). 2011-05-09 Paul Rombouts * src/dns_answer.c In compose_answer(), also add an OPT pseudo-RR to the additional section of a NXDOMAIN reply when appropriate. 2011-05-08 Paul Rombouts * src/cache.c,src/cache.h,src/dns_query.c,src/status.c Make the dns_cent_t struct more compact by putting the fields that are only used for either non-existent or existent domains, but not both, into a union so that these fields can share memory. When saving the cache to file, only write the TTL and time-stamp for a whole domain when it is negatively cached. 2011-05-06 Paul Rombouts * src/cache.c,src/cache.h,src/dns_query.c At the request of Andrei Caraman, the TTL of a negatively cached domain is now adjusted in accordance with the min_ttl and max_ttl options, just as it is done for (negatively) cached records. Additional change to the TTL policy is that for negative records (and negative domains) the neg_ttl setting overrides min_ttl if neg_ttl < min_ttl. 2011-04-26 Paul Rombouts * src/conf-parser.c Fixed memory leak that can occur when the configuration file is reloaded and an error is encountered while parsing the definition of a TXT record. 2011-03-21 Paul Rombouts * src/make_rr_types_h.pl,src/cache.h,src/cache.c,src/dns_answer.c Introduced arrays rrmuiterlist and rrcachiterlist to make iterating over all possible RR types in a cache entry in strict ascending order a little more efficient. 2011-03-09 Paul Rombouts * src/dns_query.c,src/conf-parser.c,src/conf-keywords.h Implemented a new config option "outgoing_ip", which makes it possible to bind outgoing connections to a specific interface. 2011-02-21 Paul Rombouts * src/netdev.c Fixed UDP socket descriptors leak in the implementation of is_local_addr() for the FreeBSD platform. Thanks to Ashish Shukla for reporting this bug. 2011-02-14 Paul Rombouts * src/cache.c In purge_all_rrsets(), also free the rrext array if it has become empty after purging all the RR sets. 2011-02-04 Paul Rombouts * src/conff.c,src/conff.h,src/conf-parser.c,src/conf-keywords.h, src/dns_query.c,src/dns_query.h,src/servers.c Changed "edns_query" from a "global" option to a "server" configuration option. 2011-02-04 Paul Rombouts * src/conff.c,src/conff.h,src/dns_query.c,src/dns_query.h,src/servers.c, src/conf-parser.c The query uptest sometimes fails because some DNS servers are configured to ignore empty queries. The new config option "query_test_name" makes it possible to query for a specific name instead. 2011-02-01 Paul Rombouts * src/dns_query.c When processing a reply from a remote name server which seems to delegate to other name servers, check if the names for which NS records have been supplied have locally defined NS records. If so, the local records will now override those supplied by the remote server. 2011-01-31 Paul Rombouts * src/conf-parser.c Added support for defining TXT records in the configuration file. 2011-01-30 Paul Rombouts * src/dns_query.c Do not cache additional records from a response that is rejected because it contains IP addresses in the reject list, even when the reply is processed as a NXDOMAIN reply. 2011-01-25 Paul Rombouts * src/conf-parser.c Modified the function scan_string() to allow back-slashed escape sequences in strings. 2011-01-21 Paul Rombouts * src/dns_answer.c,src/dns_query.c,src/conff.h,src/conff.c, src/conf-parser.c Added support for EDNS (Extension mechanisms for DNS). Currently this is only useful for allowing UDP message sizes to be larger than 512 bytes. 2011-01-20 Paul Rombouts * src/dns_answer.c To avoid frequent reallocs when composing a DNS reply message, grow the message buffer in multiples of a certain minimum chunk size. 2011-01-19 Paul Rombouts * src/dns.c,src/dns.h,src/dns_answer.c Extended debugging info with DNS-message lengths and flags of incoming messages. 2011-01-17 Paul Rombouts * src/conff.c,src/conff.h,src/conf-parser.c,src/dns_answer.c Made "ignore_cd" option obsolete. It is now effectively always on. 2010-12-27 Paul Rombouts * src/cache.c,src/cache.h,src/dns_answer.c,src/dns_query.c, src/make_rr_types.pl,src/rr_types.in,src/rr_types.c The array of pointers to rr_set_t structs in the dns_cent_t struct contains mostly null pointers in practice, so is somewhat inefficient in storage usage. This problem is exacerbated if we add support for caching more RR-types. To ameliorate to the problem I have decided to split the array in two, with one part fixed in the dns_cent_t struct as before, and an extension part that will be separately allocated, if necessary. If the extension part is used only for very rarely cached types, in most cases the extension array will not need to be allocated thus hopefully saving memory overall. The lookup tables which are necessary to support the new cache entry structure are cumbersome to write by hand, so I have written a perl script to do this automatically. As an additional benefit, which RR types are cache-able is now configurable for each type separately via rr_types.in. 2010-03-14 Paul Rombouts * src/dns_query.c Using randomized source ports for outgoing queries in IPv6 mode failed with the warning "Out of ports in the range 1024-65535, dropping query!", because the pdnsd tried to bind to the fixed port for incoming queries, instead of the dynamically chosen port. This is a very old bug, but it has only become apparent since source port randomization has become the default. Thanks to Philip-André Fillion, Phil Sutter, Radoslaw Szkodzinski and others for reporting this bug and sending patches. 2009-12-25 Paul Rombouts * src/status.c,src/status.h,src/pdnsd-ctl/pdnsd-ctl.c Add a magic number to pdnsd-ctl command codes to guard against possible incompatibility between the pdnsd-ctl utility and the pdnsd server. 2009-10-18 Paul Rombouts * src/dns_query.c Make root-server discovery a little more fault tolerant, i.e. if some of the root-server names don't resolve don't necessarily reject the whole result. 2009-10-17 Paul Rombouts * src/servers.c,src/dns_query.c,src/dns_query.h Implemented automatic root-server discovery, which can now be configured by setting "root_server=discover". 2009-06-14 Paul Rombouts * src/dns_query.c,src/consts.c,src/consts.h,src/conf-parser.c Changed the default behaviour of the "neg_rrs_pol" option. The default used to be to only cache records negatively in case the AA (authoritive answer) bit in the reply was set. The new default is to also allow negative caching in case the reply has the RA (recursion available) bit set and the query had the RD (recursion desired) bit set. This gives the behaviour that is usually wanted in case "proxy_only=on" is set without having to set "neg_rrs_pol=on", which can be more problematic. The new default can be explicitly set using "neg_rrs_pol=default". The values "on","off" and "auth" are also still available. 2009-06-13 Paul Rombouts * src/conff.c,src/conff.h,src/dns_answer.c,src/conf-parser.c,src/conf-keywords.h Included a patch contributed by Andreas Steinmetz that implements a new global configuration option "ignore_cd". pdnsd used to check that the CD bit in the DNS header of queries is zero and return the error code "format error" if it is not. However, considering the meaning of this bit today it appears to be harmless to ignore it, so the new "ignore_cd" is on by default. Setting "ignore_cd=off" gives the earlier strict behavior. Also renamed the the Z1, AU, Z2 bits to correspond with their modern names CD, AD, Z. 2008-12-19 Paul Rombouts * pdnsd-1.2.7/src/dns_query.c If pdnsd receives a SERVFAIL response with a non-empty answer section, use the information tentatively if no better response is available. The previous behaviour was to discard the reply completely, which could cause failure to resolve some names. Thanks to Rafal Wijata for providing an example involving PowerDNS servers replying with CNAME records. 2008-09-01 Paul Rombouts * src/dns_query.c In p_dns_resolve(), try to reduce the burden on root servers further for names ending in "arpa". 2008-08-31 Paul Rombouts * src/dns_query.c In p_exec_query(), if the reply from a remote name server is negative (either because the rcode is NXDOMAIN or because the answer section contains no records for the queried name), ignore the remaining records in the answer section (in particular do not add them to the cache). 2008-07-29 Paul Rombouts * src/conff.c,src/dns_query.c Made the default of the configuration option query_port_start equal to 1024. Also improved the algorithm used by pdnsd to select random source ports to ensure that each (free) port gets an equal chance of being selected. This should guarantee random source ports in the range 1024-65535, making pdnsd less vulnerable to some of the issues described in CERT VU#800113. The old situation, where pdnsd lets the kernel select the source ports, is still available by specifying query_port_start=none. 2008-07-25 Paul Rombouts * src/dns_query.c Fixed a dangling pointer bug in p_exec_query(), which could cause pdnsd to crash when processing a long reply with many entries in the answer section. 2008-05-12 Paul Rombouts * src/conf-parser.c,src/conff.c Added a recursive-depth counter to the read_config_file() and confparse() functions to prevent the possibility of infinite recursion when processing include files. In confparse(), warn when in a server section the root_server option is set in combination with policy=simple_only or policy=fqdn_only. 2008-05-10 Paul Rombouts * src/ipvers.h Included a patch contributed by Georg Schwarz which selectively undoes a Debian patch contributed by Juliusz Chroboczek on platforms for which the IPV6_RECVPKTINFO macro is not defined (e.g. MacOS X). 2008-05-08 Paul Rombouts * src/status.c,src/pdnsd-ctl/pdnsd-ctl.c The pdnsd-ctl add command can now also be used to define NS records. A wildcard record defined with this command now behaves the same way as one defined in the config file. 2008-05-07 Paul Rombouts * src/conf-parser.c,src/conf-keywords.h,src/conff.c Added the ability to process "include" sections in the configuration file. This makes it possible to place local definitions in separate files and include them from the main configuration file. 2008-05-05 Paul Rombouts * src/conff.c,src/conf-parser.c,src/status.c,src/pdnsd-ctl/pdnsd-ctl.c Implemented two new pdnsd-ctl commands, which make it easier to add definitions to the pdnsd cache at run time. "pdnsd-ctl include" is similar to "pdnsd-ctl config" but only processes configuration sections that effect the cache and disallows global and server sections. "pdnsd-ctl eval" directly parses its string arguments as if they were part of a configuration (include) file. 2007-09-15 Paul Rombouts * src/dns.h,src/dns_answer.c,src/dns_query.c Changed the declarations of various packed structs, by moving the __attribute__((packed)) specifiers from the field level to the struct level. This was necessary to get the correct value for sizeof(rr_hdr_t) when compiling with gcc for the ARM architecture. Thanks to Dirk Armbrust for reporting the problem and supplying the solution. 2007-08-10 Paul Rombouts * src/dns_answer.c Applied a Debian patch contributed by Juliusz Chroboczek which reportedly fixes a problem with pdnsd running in IPv6 mode (IPV6_RECVPKTINFO instead of IPV6_PKTINFO). 2007-08-04 Paul Rombouts * src/dns_query.c When resolving a name recursively, pdnsd would stop querying further name servers as soon as it received a reply with the authority (aa) flag set. Unfortunately, it appears this flag is sometimes raised erroneously in replies. I have implemented a work-around that ignores the aa flag when there appears to be a clear delegation to a sub-domain. Thanks to Nico Erfurth for reporting this problem. It appears that pdnsd would also fail to consult servers in the authority section when configured with neg_rrs_pol=on. This has been fixed. 2007-08-01 Paul Rombouts * src/pdnsd-ctl/pdnsd-ctl.c Made the matching of pdnsd-ctl command names and most of the arguments case-insensitive. 2007-07-22 Paul Rombouts * src/dns_answer.c Instead of sharing the responsibility for freeing the answer buffer in case of an error amongst different functions, only free it in compose_answer(). * configure.in, src/Makefile.am, src/test/Makefile.am Merged patch contributed by Pierre Habouzit to deal with CFLAGS the automake way (allowing packagers to override CFLAGS properly). 2007-07-21 Paul Rombouts * src/dns_answer.c For each target name in a SRV record in the answer section, add addresses to the additional section of the response, as is recommended by the RFCs. 2007-07-14 Paul Rombouts * src/list.c,src/list.h Made modifications to the implementation of dynamic arrays, which should ensure proper alignment on all supported architectures. 2007-07-10 Paul Rombouts * Upgraded pdnsd's license to GPL version 3. 2007-07-08 Paul Rombouts * src/cache.h,src/dns_query.c The data field of the rr_bucket_t struct is now aligned such that it possible to use straightforward assignment to copy IP addresses, making memcpy unnecessary for this purpose. 2007-07-07 Paul Rombouts * src/dns_query.c If pdnsd fails to connect to a name server using a IPv6 address, it will now retry the connection using a IPv4 address, if available. This allows pdnsd to recover from situations where IPv6 connectivity is temporarily unavailable, but IPv4 connectivity still functions. Thanks to Andreas Ferber for reporting this problem. 2007-07-04 Paul Rombouts * src/dns_answer.c I have reordered the arguments of the add_rr() and related functions to make them more consistent with each other. 2007-07-03 Paul Rombouts * src/cache.c,src/hash.c pdnsd will no longer immediately abort in add_dns_hash() if it fails to allocate memory for a new hash entry. 2007-07-01 Paul Rombouts * src/conff.c,src/conff.h,src/consts.c,src/consts.h, src/conf-parser.c,src/conf-keywords.h,src/dns_query.c Implemented the new "reject", "reject_policy" and "reject_recursively" options for the server section of the configuration file. * src/ipvers.h,src/conf-parser.c,src/dns.c,src/status.c, src/pdnsd-ctl/pdnsd-ctl.c Allow local AAAA records to be defined even if pdnsd is compiled without --enable-ipv6, provided there is sufficient support in the C libraries and --disable-new-rrs was not used. 2007-06-30 Paul Rombouts * src/dns_answer.c Previously, when the answer buffer was realloced in add_rr(), an extra 2 bytes used to be reserved, which are unnecessary, as far as I can tell. I have decided to do without these extra 2 bytes, which originate from Thomas Moestl's code. As compensation, I have added extra PDNSD_ASSERT() statements to check that the answer buffer does not overflow. 2007-06-27 Paul Rombouts * src/status.c, src/pdnsd-ctl/pdnsd-ctl.c Extended the pdnsd-ctl 'add a' and 'add aaaa' commands to allow multiple IP addresses to be specified. 2007-06-25 Paul Rombouts * src/conff.c,src/conff.h,src/conf-parser.c,src/conf-keywords.h, src/dns_query.c Implemented a new option for the server section of the configuration file: randomize_servers. * src/servers.c Improved the debug messages in uptest(). 2007-01-30 Paul Rombouts * src/icmp.c Fixed up the code implementing the ping test in icmp.c, which was broken for 64-bit systems. Thanks to Michael Uleysky for reporting this bug. 2007-01-09 Paul Rombouts * src/dns_query.c auth_ok() now returns 1 if the cache entry has the DF_NEGATIVE flag set, without providing a list of authoritative servers to continue querying. Otherwise if we receive a non-authoritative NXDOMAIN reply and pdnsd is configured with neg_domain_pol=on, pdnsd will continue to try to get an authoritative answer. The intention is that pdnsd stops querying as soon as it gets an "unknown domain" answer. 2006-04-29 Paul Rombouts * src/main.c pdnsd would segfault if it tried to call log_message() (via the log_warn() and log_error() macros) before the FILE pointer to the debug output stream was properly initialized. Thanks to Thomas Cort for discovering this problem and suggesting a fix. 2006-04-09 Paul Rombouts * src/conf-parser.c,src/helpers.c,src/conff.h,src/conff.c I have included a patch contributed by Jan-Marek Glogowski, that implements the configuration option "use_nss". With use_nss=off pdnsd will avoid system functions that may use NSS (i.e. initgroups()), which may need DNS for LDAP lookups, which can lead to long timeouts and stalls if pdnsd itself is used for the DNS lookup. 2006-03-26 Paul Rombouts * src/dns_query.c Negative caching of RR sets is now also supported with lean_query=off. 2006-03-25 Paul Rombouts * src/dns_query.c,src/conf-parser.c,src/main.c I have implemented a new query method: udp_tcp. With this method a UDP query is tried first and, if the UDP answer is truncated, the query is repeated using TCP. This is the behaviour that seems to be recommended by the DNS standards. However, pdnsd wil not discard the truncated answer if the TCP requery fails. 2006-03-24 Paul Rombouts * src/dns_answer.c Previously, pdnsd would add at most one additional A (and AAA) record for each record in the answer and authority sections. At the request of Angel Marin, pdnsd will now add all A and AAA records it can find in the cache for each name that produces additional records. 2006-01-02 Paul Rombouts * src/dns_answer.c compose_answer() would leak memory if the query contained an unsupported QTYPE or QCLASS. This has now been fixed. 2005-12-27 Paul Rombouts * configure.in TCP-query support is now compiled in by default. It can still be disabled using the configure option --disable-tcp-queries. 2005-12-23 Paul Rombouts * src/dns_answer.c Queries received from clients with non-empty answer, authority or additional sections are now treated as malformed and rejected with rcode 1 (format error). 2005-11-06 Paul Rombouts * src/conf-parser.c Time intervals in the configuration files can now be expressed in seconds, minutes, hours, days and weeks, using the suffixes s,m,h,d,and w. 2005-10-14 Paul Rombouts * src/consts.c In the pdnsd configuration file, true/false and yes/no are now accepted as synonyms for the constants on/off. 2005-08-24 Paul Rombouts * src/helpers.c I have fixed a potential buffer overflow problem that could occur with the 'pdnsd-ctl dump' command. In case of the root domain, the function rhn2str() would write 2 bytes to the output buffer even if size==1. Theoretically (under pathological circumstances) this could have allowed the dbuf buffer in the function dump_cent() to overflow by one byte. 2005-08-21 Paul Rombouts * acconfig.h,src/cache.c,src/conff.c,src/conf-parser.c,src/dns.c, src/dns_answer.c,src/dns_query.c,src/error.h,src/helpers.c,src/main.c, status.c It appears the newer versions of gcc won't convert a pointer to char into a pointer to unsigned char and vice versa without complaining. The changes I have made should get rid of these distracting warning messages. Unfortunately I had to introduce casts in some cases, which reduces type safety :-(. 2005-08-16 Paul Rombouts * src/dns.h Some changes were made to the endianess detection code to address problems on Mac OS X v10.4 Tiger. 2005-08-15 Paul Rombouts * configure.in Some changes where made to address the reported problems with the configure script on Mac OS X v10.4 Tiger. 2005-08-05 Paul Rombouts * src/status.c,src/dns_answer.c The output of the 'pdnsd-ctl status' command now includes some statistics on the number of query threads. 2005-07-29 Paul Rombouts * src/main.c It appears that sigwait() can return EINTR under certain conditions. This explains the problems reported by Sanjoy Mahajan with strace and ACPI S3 sleep, which both caused pdnsd to exit prematurely. The return value of sigwait() is now checked and sigwait() is retried if the return value is EINTR. 2005-07-04 Paul Rombouts * src/dns_query.c It appears that some servers that do not support recursive queries answer with "query refused" instead of "not supported". The p_exec_query() function now takes that possibility into account. 2005-07-01 Paul Rombouts * src/dns_query.c In the processing of queries, I will make a distinction between recoverable errors and non-recoverable ones (typically caused by out of memory conditions). In the case of non-recoverable errors, no attempt to query alternative name servers is made. 2005-06-26 Paul Rombouts * src/dns_query.c In p_recursive_query(), as soon as one of the servers in the q list replied "no error" or "name error", only this reply was examined and the other servers in the q list were ignored. Joshua Coombs has brought to my attention that this strategy sometimes fails when this reply is not authoritative and doesn't contain any usable references to name servers in the authority section. I have modified p_recursive_query() to allow pdnsd to continue querying the remaining servers in the q list as long as we haven't received an authoritative answer or usable authority information. This will allow pdnsd to arrive at the correct answer in some cases where it would formerly fail. 2005-06-25 Paul Rombouts * src/status.c The "pdnsd dump" command may now also be given an argument consisting of a name beginning with a dot. This will dump information about all names in the cache ending in the given name. An argument consisting of a name without a leading dot will only give information about the exact name, as it did before. 2005-06-24 Paul Rombouts * src/servers.c,src/status.c All uptests are now conducted by the server status thread. If a retest is requested via a "pdnsd-ctl server", an existing server status thread is signaled or a new server status thread is spawned if the old one has exited. This has the effect that a "pdnsd-ctl server label retest" command will now return immediately without waiting for the tests to finish. 2005-06-20 Paul Rombouts * src/conf-parser.c,src/servers.c,src/servers.h At the request of Al-Junaid Walker I have added a new configuration option for the uptest interval. With "interval=ontimeout" the server is not tested at startup/reconfig, or at regular intervals, but only after a DNS query to a server times out. However, once a server is declared dead it is never considered again unless it is revived using a "pdnsd-ctl config" or "pdnsd-ctl server" command. 2005-06-19 Paul Rombouts * src/servers.c,src/dns_query.c,src/icmp.c During an uptest the server configuration data is locked. Especially with ping or query uptests of unresponsive servers this means that the execution of "pdnsd-ctl config" or "pdnsd-ctl server" commands can be delayed for a long time (or even time out). I have made modifications that allow a "pdnsd-ctl config" or "pdnsd-ctl server" commands to interrupt pending uptests to allow these commands to proceed without delay in most cases. * src/thread.h Use the POSIX sigaction() instead of signal() to install signal handlers. 2005-06-08 Paul Rombouts * src/dns_answer.c,src/dns_query.c I have defined a struct dns_msg_t that includes a message length field. In the case of sending a DNS message over TCP, we no longer need a separate write() call to send the message length. This prevents possible packet fragmentation. 2005-06-07 Paul Rombouts * src/dns_query.c The query_method=tcp_udp option only used to work with cooperative name servers, i.e. servers that either send back a TCP reply or explicitly refuse the TCP connection request. This wasn't sufficiently satisfactory in practice, because some name servers are completely unresponsive to TCP connection requests. I have made modifications to allow pdnsd to try UDP queries in case TCP connections time out. When a short server timeout is combined with a global timeout that is at least twice as long, this may allow a query to a name server that only responds to UDP queries to succeed with query_method=tcp_udp. 2005-04-20 Paul Rombouts * src/cache.c,src/hash.c,src/conff.c,src/status.c,src/pdnsd-ctl/pdnsd-ctl.c The "pdnsd-ctl empty-cache" command now accepts additional arguments; these are interpreted as include/exclude names. During execution of the command the name of each cache entry is matched against the names in the include/exclude list. If the name ends in a name to be included, the cache entry is deleted, otherwise not. This feature was added at the request of Joshua Coombs. 2005-04-19 Paul Rombouts * src/cache.c, src/hash.c pdnsd will now (temporarily) unlock the cache between emptying hash buckets, this should allow pdnsd to remain responsive while executing the "pdnsd-ctl empty-cache" command. However, this only applies to DNS queries; pdnsd will not accept any new pdnsd-ctl commands while a pdnsd-ctl command is still running. 2005-03-29 Paul Rombouts * configure.in, src/hash.h I have added a new configure option --with-hash-buckets=... This makes it possible to specify a different number of hash buckets without editing the source files. 2005-03-17 Paul Rombouts * src/error.c When running in both daemon and debug mode, print warning and error messages to debug file as well as the syslog. 2005-03-15 Paul Rombouts * src/dns_answer.c Only call pthread_setspecific() in debug mode, because pthread_getspecific() is also only used in debug mode. If pthread_setspecific() fails, treat this as a non-fatal error. 2005-03-10 Paul Rombouts * configure.in On Linux systems the configure script will now try to detect automatically whether the system implements the Native POSIX Thread Library, but the method is not necessarily foolproof. * src/dns.c Local PTR records generated for resolving numeric IPv6 addresses back into names, are now based on ip6.arpa instead of ip6.int, because the latter domain will be phased out eventually. 2005-03-06 Paul Rombouts * Makefile.am,src/cache.c Create an empty cache-file at install time and don't complain about empty cache files at start up. 2005-02-20 Paul Rombouts * acconfig.h,configure.in,src/conf-parser.c,src/conff.h,src/dns.h, src/dns_answer.c,src/dns_query.c,src/error.h,src/helpers.h,src/icmp.c, src/ipvers.h I have applied some changes to the code proposed by Rodney Brown to improve portability. In particular, pdnsd should now compile on the Darwin platform (Apple Mac OS X). To support some of these changes, the source package is now built with a slightly more modern version of autoconf (2.57) and automake (1.6.3). 2005-01-29 Paul Rombouts * src/dns.c,src/dns_answer.c,src/dns_query.c I have added some extra debug code to make it easier to discover the reason that pdnsd considers a query or reply malformed (format error). 2005-01-12 Paul Rombouts * src/dns.c,src/dns_answer.c,src/dns_query.c I have extended some debug code contributed by Kiyo Kelvin Lee to dump the data received by pdnsd in debug mode (queries from clients, replies from name servers). Because this will give very verbose debug output, I've arranged it so that this data dump only occurs if pdnsd has been configured and compiled with --with-debug=9 and pdnsd has been called with -v9. Additionally, in the case that pdnsd rejects a reply from a name server because it is not well formed, I have refined the debug messages to distinguish between format errors due to unexpected truncation and others kinds of format errors. 2004-10-30 Paul Rombouts * src/rr_types.c I have included some changes proposed by Joseph Pecquet to address the compilation problems reported by FreeBSD users. 2004-10-18 Paul Rombouts * acconfig.h,configure.in,src/helpers.c,src/helpers.h,src/dns.h I have merged a patch for CYGWIN support by Kiyo Kelvin Lee into my version of the code. 2004-10-15 Paul Rombouts * src/cache.c Invalidating local records with the pdnsd-ctl did not work the way the documentation described. An invalidated local record would be always be purged at the next lookup, thus invalidation would practically have the same effect as deletion. An invalidated local record is of no use at all and would occupy space until it is purged during a lookup (but not by purge_cache). The function invalidate_record() now behaves as the documentation describes, i.e. invalidation of local records has no effect. 2004-09-27 Paul Rombouts * doc/pdnsd.conf.5.in A new man page describing the format of the pdnsd config file has been added to the pdnsd package. I've used a customized Perl script to generate one automatically from the html documentation. 2004-09-14 Paul Rombouts * src/hash.c The cache entries in a hash chain are now stored in order of increasing long hash value. The advantage is that if an name is looked up that is not present in the cache, this can be done by comparing with only half (on average) of the number of entries in the hash chain. Not a huge speed up, but still worth while, I think. Additionally, the number of hash computations for each add_cache() call has been halved. 2004-09-11 Paul Rombouts * src/cache.c insert_rrl() will no longer add local records to the rr_l list, because purge_cache() ignores them anyway. 2004-09-08 Paul Rombouts * src/dns.h,src/cache.c,src/dns_query.c,src/dns_answer.c,src/conf-parser.c I've started using GETINT16,GETINT32,PUTINT16,PUTINT32 macros, which are based on the NS_GET/NS_PUT macros that can be found in the BIND source, instead of memcpy for fetching and storing non-aligned integer data. 2004-09-08 Paul Rombouts * src/cache.c,src/status.c,src/pdnsd-ctl/pdnsd-ctl.c New pdnsd-ctl command: "pdnsd-ctl dump" will print information about all the entries contained in the cache. "pdnsd-ctl dump " will only print entries belonging to . The data fields of the more common rr-types will be printed in human readable form, the remaining ones in a hexadecimal representation. With thanks to Dan Jacobson for suggesting this feature. 2004-08-31 Paul Rombouts * src/conf-parser.c At the suggestion of Dan Tihelka, I have expanded to the server_ip= option to allow the name of an interface to be specified instead of an IP address. pdnsd will not bind to the interface name, but will lookup the address the interface has at start up, and listen on that address. If the address of the interface changes while pdnsd is running, pdnsd will not notice that. 2004-08-30 Paul Rombouts * src/cache.h,src/cache.c I've reversed the meaning of the CF_NOAUTH and renamed it CF_AUTH. I've also added a domain level flag DF_AUTH, which is used to mark cache entries obtained from authoritave replies in response to a query of type * (all).. 2004-08-30 Paul Rombouts * src/cache.c I've changed the format of the cache file. A typical cache entry has empty sets for most RR types (even more if DNS_NEW_RRS is defined). In the old format, each empty RR set was represented by a zero byte. In the new format only non-empty sets are respresented, leading to a (modest) reduction is size. 2004-08-28 Paul Rombouts * src/conf-parser.c New option for "rr" sections in the config file: reverse=on/off. If you want a locally defined name to resolve to a numeric address and vice versa, you can now achieve this by setting reverse=on before defining the A record, making it unnecessary to define a seperate PTR record for the reverse resolving. 2004-08-20 Paul Rombouts * src/cache.h,src/cache.c,src/conf-parser.c,src/dns_query.c At the request of Daniel Black, I have added support for defining local wildcard records in pdnsd. The only type supported presently is records beginning with '*.'. 2004-08-10 Paul Rombouts * src/hash.c,src/cache.c,src/dns_query.c,src/dns_answer.c Sampo Lehtinen has remarked that pdnsd sometimes failed to resolve classless reversed-delegated IP addresses, and that this has something to do with the fact that pdnsd did not accept '/' characters in domain names. After reading Sampo's and Thomas' remarks, and also rfc2317 and some of the rfc's referenced in rfc2317, I decided pdnsd should place no restrictions at all on the types of characters it allows in domain names, only on the lengths of the byte sequences. This led me to make some quite extensive internal changes to pdnsd. Among other things domain names are now stored in transport format (sequences of bytes preceded by length bytes) instead of C strings. This is also more efficient because there is no need any more to convert from one representation to the other, except when reading the config file, interacting with pdnsd-ctl or running in debug mode. Conversion between the two representations isn't always possible, though. For example, domain names in transport format might contain non-printable characters. These are now printed as escape sequences (three octal digits preceded by a back slash). Presently there are still restrictions on the characters in the domain names that can be defined in local records. I doubt this will ever be considered a problem. 2004-08-02 Paul Rombouts * src/dns_query.c The code for handling NXT records was flawed. A response from a remote server containing NXT records (even well-formed ones) could cause pdnsd to crash. The code for handling NAPTR records contained incorrect PDNSD_ASSERT statements, which could cause pdnsd to abort unnecessarily. 2004-07-25 Paul A. Rombouts * src/list.h,src/list.c,src/dns.c,src/dns_query,src/dns_answer.c I've noticed that some of the (dynamic) arrays that pdnsd uses are quite sparse. Instead of using an array structure with elements that are large enough to contain the largest possible domain name, I've implemented a "list" data structure that is more compact. The elements of a list can only be accessed sequentially from beginning to end, but it allows more efficient memory use in case the names are significantly shorter that the maximum. 2004-07-22 Paul Rombouts * src/conf-parser.c I've expanded pdnsd's configuration options by adding support in pdnsd for reading /etc/resolv.conf style files. Instead of specifying IP addresses in a server section, the option "file=" can be used. The IP addresses in the lines beginning with "nameserver" will be added to the list of address for that section, the remaining lines will be ignored. To avoid the possibility that pdnsd will query itself, local addresses are skipped (unless pdnsd is configured to listen on a different port number). 2004-07-21 Paul Rombouts * src/cache.h,src/cache.c,src/dns_query.c,src/conf-parser.c New option for "server" sections in the config file: root_server=on/off. In case a server section contains only addresses of root servers, which usually only give the nameservers of top level domains in their reply, setting root_server=on will enable certain optimizations. This involves using cached information to reduce queries to the root servers, thus speeding up the resolving of new names. This option is also necessary to make the delegation_only option work in combination with root servers. 2004-07-16 Paul Rombouts * src/cache.c,src/status.c,src/pdnsd-ctl/pdnsd-ctl.c New pdnsd-ctl command: "pdnsd-ctl empty-cache" will make pdnsd delete its entire cache, freeing all entries. This is useful for debugging purposes, or in situations where you suspect that stale cache entries are causing you problems, but you are not sure which ones. 2004-07-11 Paul Rombouts * src/cache.c,src/dns_query.c I've removed the use of the function add_cache_rr_add(), which was used to add additional RR records to the cache one at a time. I've changed the code in dns_query.c such that additional (or off-topic) records are first collected in arrays of dns_cent_t structures, and then added to the cache using add_cache(). With this approach only one function, viz. add_cache(), is used for adding new entries to the cache, which I believe leads to a cleaner programming interface. Added benefit is that query serial numbers are no longer necessary. 2004-07-10 Paul Rombouts * src/cache.h,src/cache.c,src/dns_query.c,src/dns_answer.c I've added two new field to the dns_cent_t struct, namely c_ns and c_soa. These will be used to remember references to NS and SOA records in the authority sections of replies from remote name servers. This information can be used by pdnsd to fill in the authority section of its own reply. 2004-06-25 Paul Rombouts * src/dns_query.c,src/servers.c,src/consts.c I've added an new server availability test which can be selected with "uptest=query". This can be useful as an alternative to "uptest=ping" in case the remote server does not respond to ICMP_ECHO requests at all, which unfortunately is quite common these days. "uptest=query" causes pdnsd to send an empty query to remote nameservers. Any well-formed response (apart from SERVFAIL) within the timeout period will be interpreted as a sign that the server is "up". In a sense this new availability test can actually be considered more reliable than the other ones that pdnsd supports. With thanks to Juliusz Chroboczek for suggesting this feature. 2004-06-24 Paul Rombouts * src/helpers.c Don't use getpwnam() while we are multi-threaded, because it returns a pointer to a statically allocated structure. I will use getpwnam_r() instead, which is thread safe. Unfortunately there seem to be some portability problems with getpwnam_r(). For those platforms that lack getpwnam_r(), I will keep the old code with getpwnam() as an alternative. 2004-06-23 Paul Rombouts * src/servers.c Check that the number of IP addresses in a server section is nonzero before testing servers for availability. Otherwise pdnsd could crash in debug mode. 2004-06-21 Paul Rombouts * src/conff.c,src/conf-parser.c,src/status.c,src/pdnsd-ctl/pdnsd-ctl.c New pdnsd-ctl command: "pdnsd-ctl config" will make pdnsd re-load its configuration file. In most cases (but there are still some exceptions) this is preferable to restarting pdnsd after making changes to the configuration file. An important advantage is that there should be no perceptible interruption in the dns service when using the reload command. An alternative config file can be specified with "pdnsd-ctl config ". 2004-05-31 Paul Rombouts * src/dns_answer.c,src/dns_query.c,src/dns_query.h I've made an adjustment to p_recursive_query() and related functions, so that when pdnsd chases name servers in pursuit of authoritative records, it avoids all the name servers already queried for the same name in the recursive calling chain, not just the servers most recently used. Although the hops counter will already break any possible cycles, this will allow pdnsd to detect pathological cycles earlier and waste less resources. * src/cache.c In add_cache(), don't add empty entries to the cache. Empty cache entries waste memory and are more persistent than non-empty ones, because purge_cache() cannot get rid of them. 2004-05-30 Paul Rombouts * src/dns_answer.c,src/dns_query.c,src/icmp.c,src/netdev.c I've removed the calls to getprotobyname() and used the constants IPPROTO_TCP and IPPROTO_UDP instead. First of all, it doesn't seem very efficient to call a function repeatedly to look up the same well-known protocol numbers. More importantly, getprotobyname() stores its results in a statically-allocated structure and thus cannot be considered thread safe. (getprotobyname_r() is thread safe, but is not portable.) 2004-05-27 Paul Rombouts * src/dns_answer.c I've noticed that when pdnsd is restarted shortly after it has answered a TCP query, it is often not able to bind to the TCP socket again, resulting in a disabled TCP server thread. The solution appears to be to set the SO_REUSEADDR socket option before binding the socket. This allows you to use the same port even if it is busy (in the TIME_WAIT state). I found the code for this in a patch file from an old Debian package. 2004-05-20 Paul Rombouts * src/dns_query.c Joseph Pecquet has reported that version 1.1.11 does not compile under FreeBSD v4.x because the macro ENONET is undefined. I've bypassed the problem by surrounding the case line using this value with conditional preprocessor directives. 2004-05-08 Paul Rombouts * src/rc/Slackware/rc.pdnsd I've included a Slackware start-up script contributed by Nikola Kotur. 2004-05-05 Paul Rombouts * doc/pdnsd.8 I'm very grateful to Mahesh T. Pai for contributing a pdnsd man page, which was still missing up till now. 2004-04-30 Paul Rombouts * src/servers.c,src/dns_query.c After considering some suggestions made by Juliusz Chroboczek I have made the following changes: - After receiving a reply from a remote server mark the server up and update the timestamp so that pdnsd doesn't bother testing this server for availability for a while. - After detecting an error with an send/recv call that indicates a server is unavailable, mark a server down so that pdnsd doesn't bother testing this server for a while. - After server timeouts, uptests are never performed by a query/answer thread, because this may delay the sending of an answer to the client. Instead the timestamp of a server that needs to be tested for availability is set to zero and a condition signal is sent to alert the server status thread, which will carry out the test. Unresponsive servers with uptest=ping will not be marked down immediately any more, but only after the ping test has definitely failed. * src/error.c,src/error.h I've moved most of the code previously contained in the DEBUG_MSG macro to a new function debug_msg(). The DEBUG_MSG macro now simply expands to "if(debug_p) debug_msg();". This should make the executable a little smaller, and be just as fast when debugging is off. The DEBUG_MSG macro still expands to nothing if pdnsd is built without debugging support. 2004-04-28 Paul Rombouts * src/dns_query.h,src/dns_query.c I've tried to simplify the finite state machine used for processing parallel queries, by merging the "state" and "nstate" variables used by p_exec_query() and p_query_sm() resp. into one "state" variable. By introducing an extra field "iolen" to keep track of the number of bytes read from or written to a socket, I could also reduce the number of states for TCP queries. The new code has the additional advantage that it can handle situations that require multiple read() calls to receive a response. 2004-04-14 Paul Rombouts * src/dns_query.c I've added an extra check comparing the number if poll/select events actually handled to the return value of poll/select. This should reduce the chance that pdnsd will get caught in a busy spin due to unknown remaining bugs. An error message is logged and an error code is returned when this comparison fails. 2004-04-13 Paul Rombouts * src/dns_query.h,src/dns_query.c I got rid of the event field in the query_stat_t struct. I think it is redundant, because its value can be quite simply derived from the nstate field. 2004-04-12 Paul Rombouts * src/dns_query.c I appears there was flaw in the code for handling a "Not Implemented" response from a remote server with the RA (recursion available) bit equal to zero. This could cause pdnsd to get into a busy spin. I traced the flaw back to Thomas Moestl's code, so it must be in all the versions of pdnsd I know of. In previous versions of pdnsd the busy spin would eventually time out. Due to some recent changes the loop would no longer time out, making the bug more noticeable. With thanks to Nicolas George for reporting the bug. I also discovered a closely related flaw that would cause pdnsd to poll() closed file descriptors. It usually works out OK in practice, but it is definitively not the correct way to do it. Additionally, I discovered some opportunities to save memory, e.g. by replacing the nsname buffer in the query_stat_t struct by a pointer to an already existing copy of a name. 2004-04-10 Paul Rombouts * src/cache.c Nicolas George remarked that he thought it was strange that subdomains of domains negated with "neg" sections in the config file were not also negated. I thought that he had a point, and I've implemented a change so that negating example.com will now also negate www.example.com, xxx.adserver.example.com, etc. 2004-04-09 Paul Rombouts * src/error.c,src/error.h I noticed that the code for the log_warn() and log_error() functions was almost identical, even to the point that log_warn() called syslog() with LOG_ERR priority. I've merged these two functions into one log_message() function. 2004-04-08 Paul Rombouts * src/main.c,src/conf-parser.c The -4 and -6 command-line options should now work as advertised. This wasn't entirely trivial. The rule is that options on the command line override those in the configuration file. The easiest way to implement this is to process the command-line options after reading the configuration file. But this doesn't work for the -4 and -6 options, because the run_ipv4 flag determines how IP addresses in the config file are parsed. I've inserted some extra tests and warning messages that will hopefully make this setting nearly foolproof. I've added two new command-line options, "-a" and "-i ". With the -a flag pdnsd will try to detect automatically if IPv6 support is available on a system, and fall back to IPv4 if not. The -a flag can be used instead of -4 or -6. In IPv6 mode, pdnsd will now automatically convert IPv4 addresses to IPv6-mapped addresses. The -i option can be used to specify a prefix for this mapping. The default is ::ffff.0.0.0.0 There is also a corresponding ipv4_6_prefix= option for the config file. In IPv4 mode, if IPv6 support is compiled in, pdnsd will now skip IPv6 addresses in the config file (except for the server_ip and ping_ip options) with a warning message. This allows you to have mixed sets of IPv4 and IPv6 address in the same config file, although in IPv4 mode some server sections may become inactive. With thanks to Juliusz Chroboczek for suggesting these changes. 2004-04-07 Paul Rombouts * src/cache.c I've changed some of the cache-flag definitions to make debugging a little simpler. Unfortunately, this makes the cache files of previous pdnsd versions incompatible with the new one. I've introduced a cache version identifier to be added at the beginning of each cache file. This enables pdnsd to recognize and discard incompatible cache files. 2004-04-05 Paul Rombouts * src/cache.h,src/cache.c I've changed the way CACHE_LAT (cache latency, normally 120 secs) is used to determine whether a cache entry has timed out. Instead of simply adding it to the ttl (time to live), I use CACHE_LAT if the ttl is less then CACHE_LAT, else the ttl itself, making CACHE_LAT the minimum ammount of time a cache entry stays in the cache. 2004-04-02 Paul Rombouts * src/dns_query.c I've introduced a global timeout parameter. This is the minimum period of time pdnsd will wait after sending the first query to a remote server before giving up without having received a reply. The timeout options in the configuration file are now only minimum timeout intervals. Setting the global timeout option makes it possible to specify quite short timeout intervals in the server sections. This will have the effect that pdnsd will start querying additional servers fairly quickly if the first servers are slow to respond (but will still continue to listen for responses from the first ones). This may allow pdnsd to get an answer more quickly in certain situations. * src/dns_query.c When receiving a NXDOMAIN (unknown domain) response from a remote name server, I think it is still useful to process the authority and additional sections, so that pdnsd can possibly add a SOA record to its own response. 2004-04-01 Paul Rombouts * src/dns_query.c In p_recursive_query(), I've slightly changed the way pdnsd does parallel queries. Active queries or not canceled until we have received a useful response from a remote name server, or all the queries have failed or timed out. Thus the par_queries parameter is no longer the maximum number of parallel queries, but rather the increment with which the number of parallel queries is increased when the previous set has timed out. In the worst case all the servers in the list of available servers will be queried simultaneously. We may be wasting more system resources this way, but the advantage is that we have a greater chance of catching a reply. After all, if we wait longer anyway, why not for more servers. 2004-03-31 Paul Rombouts * src/dns_answer.c I've noticed that in compose_answer() that while adding the name in the query section it was not passed through compress_name(). While it is true that the first name occurrence cannot be compressed, it is still sensible to process the query name with compress_name() so that the offset can be stored and provide additional opportunities for future compressions. I've tested this with dig and the responses of pdnsd are now usually a little smaller in size or can hold more information within the 512 byte limit. 2004-03-30 Paul Rombouts * src/cache.c I've noticed that pdnsd stored rr records (of the same type) in reverse order in the cache. Although I don't see anything inherently wrong with that, I think it's neater to store them in the order they are processed. 2004-03-29 Paul Rombouts * src/cache.c I've rearranged the order of the arguments of some of the functions in cache.c to obtain a more consistent calling interface. * src/dns_answer.c I've noticed that pdnsd would only add NS records to an authority section if it could find such records matching the queried name (or the last CNAME in the answer) exactly. However, I understand that a server should try to give NS records as close as possible to the target name in the naming hierarchy. I also understand that if a domain name is reported as nonexisting, or no record of the requested type exists, it is customary to provide a SOA record, searching up the name hierarchy if necessary. I've tried to implement this in compose_answer(), although with some limitations. I only look in the cache, I don't search more then three levels up, and stop before the top level. 2004-03-28 Paul Rombouts * src/cache.c,src/dns_answer.c There were some issues with add_cache_rr_add(). First of all, the way it was used in rr_to_cache() (or rather not used) meant that if an "off topic" record was added for a name that lacked an entry in the cache, the rr set would be created with an incorrect serial number (namely zero). I've rewritten add_cache_rr_add so that it can create new cache entries if necessary. This simplifies the code in rr_to_cache() and ensures correct serial numbers. Secondly, in add_cache_rr_add() the ttl was compared with that of an existing rrset without adjusting for the min_ttl and max_ttl options. This could lead to all the previous records being deleted, retaining only the last one. 2004-03-27 Paul Rombouts * src/dns_answer.c In compose_answer(), if the rd (recursion desired) bit is set in the query and the response contains a CNAME record (while a different type of record was requested), always do a recursive query on the CNAME, even if we have already added a record of the requested type to the response. Failing to honor the rd bit will cause some resolver libraries to complain, even if the answer contains a record of the requested type. I've slightly changed the calling interfaces of add_to_response() and add_rrset() to make them more consistent and efficient. In add_rrset() I've fixed a memory leak on one of the error paths. In add_additional_rr(), the return value of add_rr() was not checked. If add_rr() fails, it will free *ans, and functions higher up the calling chain could be referencing freed memory. I've fixed a potential referencing of freed memory or double freeing in add_additional_a(). If a call of add_additional_rr() fails, it will free *ans. Previously, add_additional_rr() could be called a second time, in which case the second call would be referencing freed memory or freeing it a second time.. 2004-03-23 Paul Rombouts * configure.in, src/Makefile.in,src/pdnsd-ctl/Makefile.in,src/test/Makefile.in Frédéric L. W. Meunier has reported that configure --srcdir option (for building in directory separate from the source directory) was broken. Should be fixed now. 2004-03-20 Paul Rombouts * src/dns_answer.c,src/dns_query.c,src/helpers.c,src/icmp.c,src/main.c,src/netdev.c,src/ipvers.h,src/test/if_up.c,src/test/is_local_addr.c,src/test/tping.c,src/test/random.c,src/conf-parser.c I've eliminated the global variable run_ipv6 from the code. Enabling both the IPv4 and IPv6 protocols at the same time is not supported in pdnsd, so the value of run_ipv6 (if it is defined) is simply !run_ipv4. * src/dns.c,src/test/is_local_addr.c,src/test/tping.c It appears the option to compile pdnsd without IPv4 support (i.e. only IPv6 support) was broken. Should be fixed now. 2004-03-19 Paul Rombouts * src/cache.c I've discovered an incorrect use of cache locks in lookup_cache(). We only read locks in place, it is possible for purge_cent() to delete a cache entry while another thread is trying to read it at the same time, which could lead to trouble. I've rewritten purge_cent() so that it can be used to test whether something needs to be purged without actually deleting anything. If something needs to be deleted, purge_cent() will be called again with the proper read/write locks in place, excluding access to the cache for all other threads. 2004-03-18 Paul Rombouts * src/cache.c I've added a new function sort_rrl() for sorting the rr_l list using a merge-sort algorithm. Usually the insertion sort used by insert_rrl() is good enough, because new entries belong near the end most of the time. Reading entries from disk forms an exception, though, because the rrsets in the file are completely out of order w.r.t. timestamps, leading to quadratic time complexity of the insertion sort method. In that case it should be faster to simply append items at the end of the rr_l list and sort using a more efficient algorithm afterwords. pdnsd now seems to start up noticeably faster when reading large cache files. I've also considered using a more sophisticated data structure than a doubly linked list, but this will add considerable complexity to the code and use more memory. 2004-03-13 Paul Rombouts * src/dns_answer.c Changed a declaration in udp_answer_thread() so that the buffer used for passing control messages on to sendmsg() is exactly the right size, instead of an arbitrary 512 bytes. Also initialized the msg_flags of the struct msghdr passed on to sendmsg() to zero, to keep Valgrind from complaining about uninitialized bytes. 2004-03-12 Paul Rombouts * src/icmp.c Fixed an incorrect call to select() in ping4(). A file descriptor set for detecting exceptions was initialized but not passed on to select(). This would lead subsequent code always to behave as if an IO exception had occurred. Valgrind seems to indicate that when a poll() call times out and returns 0, the revents field of the struct pollfd is not necessarily set. I've changed the code to check that the return value is > 0 before examining the revents field. 2004-02-06 Paul Rombouts * src/conf-parser.c,src/conf-parser.h,src/conf-keywords.h I've rewritten the parser for the configuration file in C from scratch. (f)lex and yacc/bison are no longer needed to build pdnsd. 2004-01-16 Paul Rombouts * src/main.c Load the cache from disk without locking cache access because pdnsd is still single-threaded at that point. 2004-01-15 Paul Rombouts * src/cache.c,src/hash.c Moved the responsibility for freeing the cache entries referred by the hash buckets from destroy_cache() to free_dns_hash() (which is called by destroy_cache()). Previously, the cache and hash tables were already completely destroyed by the time free_dns_hash() was called, and there was nothing left for free_dns_hash() to free. 2004-01-14 Paul Rombouts * src/hash.c,src/make_hashconvtable.c The hash conversion table is now generated at build time instead of at run time when pdnsd is started up. 2004-01-13 Paul Rombouts * src/dns.c In add_host() fixed incorrect generation of IPV6 type of name for PTR record due to use of && instead of & as masking operator. 2004-01-13 Paul Rombouts * src/icmp.c, src/dns_answer.c Use unsigned long instead of int error counters to reduce the danger of wraparound. 2004-01-06 Paul Rombouts * src/main.c,src/thread.c,src/thread.h,src/server.c,src/status.c,src/dns_answer.c Initialize a global thread attribute object in main.c and use it to create all the detached threads, instead of initializing a separate attribute object for each new thread. 2004-01-06 Paul Rombouts * src/dns_answer.c Check the return value of pthread_create() in udp_server_thread() and tcp_server_thread() to ensure that a new answer thread has actually been created and free resources if not. 2004-01-04 Paul Rombouts * src/helpers.c,src/cache.c,src/conff.c,src/status.c Stop writing to control socket after an error has been detected. 2004-01-03 Paul Rombouts * src/pdnsd-ctl/pdnsd-ctl.c Tried to make the error messages of pdnsd-ctl more helpful. The complete usage description is now only printed if the 'help' command is used. For problems with other commands a much shorter message is generated specific for that command. 2004-01-02 Paul Rombouts * src/helpers.h Changed the definition of rhnlen(). For valid data this will make no difference, but it may change the behaviour of pdnsd in certain error situations. 2004-01-02 Paul Rombouts * src/dns.c Optimized compress_name() some more. 2004-01-02 Paul Rombouts * src/dns_answer.c Additional code cleanup in compose_answer(). 2004-01-01 Paul Rombouts * doc/pdnsd-ctl.8 Updated the pdnsd-ctl man page. 2003-12-31 Paul Rombouts * src/pdnsd-ctl/pdnsd-ctl.c Cleaned up some code. 2003-12-31 Paul Rombouts * src/status.c,src/conff.h,src/conff.c Some further code cleanup in status.c. Labels for server sections are no longer limited to 32 chars, but can have arbitrary length. The string that is used to specify new DNS-addresses with the "pdnsd-ctl server" command can now also have arbitrary length. 2003-12-30 Paul Rombouts * doc/html/doc.html Added information about CNAME and MX resource records, that were previously undocumented. 2003-12-26 Paul Rombouts * src/dns_query.c Removed the function p_dns_resolve_from(). This function was essentially a call to p_recursive_query() with a dummy nocache argument. p_recursive_query() can now be called with nocache=NULL instead. 2003-12-26 Paul Rombouts * src/dns_query.c Using a variable length array instead of an malloced buffer to hold the struct pollfd array in p_recursive_query(). This has the potential for causing portability problems, but I think that's unlikely because almost all the major C compilers I work with support variable length arrays nowadays. 2003-10-18 Paul Rombouts * src/helpers.h,src/helpers.c Fixed a mistake that caused a compile error when using the --with-random-device configuration option. Thanks to Daniel Black for reporting this bug. 2003-10-02 Paul Rombouts * conf-lex.l.in,src/conf-parse.y,src/conff.h,src/conff.c,src/dns_query.c Made the "delegation_only" feature configurable. 2003-09-25 Paul Rombouts * src/helpers.c,src/helpers.h Added alternative implementations of strdup, strndup, stpcpy, getline and asprintf in an effort to make the code more portable. 2003-09-22 Paul Rombouts * src/helpers.c,src/conf-parse.y Made some changes to the parser of the configuration file so that domain names missing a dot at the end will be tolerated. 2003-09-21 Paul Rombouts * src/dns_query.c Implemented a first version of the "delegation-only" feature. It has been "hard-coded" to work for "com" and "net" zones, and is not yet configurable. 2003-09-21 Paul Rombouts * src/dns.c Rewrote domain_match(). Also changed the way it is used. I believe it has a cleaner semantics now. 2003-09-21 Paul Rombouts * src/dns_query.c Changed the order of the arguments of p_exec_query() and p_recursive_query() to make it more consistent with the other functions. 2003-09-18 Paul Rombouts * src/dns_answer.c Reordered the code in process_query() so that a buffer for an error response is allocated only when it is actually needed. 2003-09-17 Paul Rombouts * src/cache.c Added parentheses to correct mistaken operator precedence assumption in cache.c. !cent->flags&DF_NEGATIVE is parsed as (!(cent->flags))&DF_NEGATIVE but I think what Thomas Moestl must have intended was !((cent->flags)&DF_NEGATIVE). 2003-09-12 Paul Rombouts * src/dns_query.c Fixed a mistake which caused the effect of the proxy_only option to be reversed. Thanks to Andrew M. Bishop for reporting this bug. 2003-09-11 Paul Rombouts * src/helpers.c Rewrote str2rhn() and rhn2str(). 2003-09-10 Paul Rombouts * src/dns.c Rewrote read_hosts(), the function that reads /etc/hosts-style input. I believe the parsing algorithm is more robust now. 2003-09-09 Paul Rombouts * src/status.c,src/pdnsd-ctl/pdnsd-ctl.c Fixed a bug (my fault) that caused improper passing on of flags for the pdnsd-ctl source command. Also reordered some of the code, so that data is validated after all of it has been read from the control socket. This should prevent a "broken pipe" error message if data validation fails. Also fixed the reporting of success or failure of the pdnsd-ctl "neg" command. 2003-09-08 Paul Rombouts * src/list.c Rewrote da_grow1() and da_resize() so that they automatically allocate an array if given a NULL argument. This makes the use of da_create() redundant in most cases. 2003-09-08 Paul Rombouts * src/conf-parse.y,src/servers.c At the suggestion of Greg Norris, I changed the code to allow server sections in the configuration file that don't specify any IP addresses. Such a section will remain inactive until one or more IP addresses are assigned with the control utility pdnsd-ctl. 2003-09-04 Paul Rombouts * src/dns_answer.c,src/dns_query.c Oops: in my zeal to declare variables in the smallest possible scope, I ended up using a pointer to a struct that was out of scope. My understanding of compilers tells me it should work out OK in practice, but it is definitely a no-no. Used a union declared in a larger scope instead (which is ugly in another way, but equally efficient). Also removed a section of redundant code in udp_server_thread(). 2003-09-01 Paul Rombouts * src/dns_query.c Corrected the iteration range of a for loop in p_dns_cached_resolve(), which would otherwise cause an array to be indexed out of bounds in the function set_flags_ttl(). 2003-08-31 Paul Rombouts * src/dns_answer.c Added cleanup handlers for freeing the resources passed on to udp_answer_thread() and tcp_answer_thread(). This should ensure the resources are freed even if the threads get canceled. 2003-08-30 Paul Rombouts * src/cache.c Revised large portions of code in src/cache.c, used for adding and deleting entries in the cache. In particular, I rewrote purge_cache(), which I believe was incorrect. I wouldn't be surprised if this was the cause of the crashed (defunct) threads that some people were reporting. Also fixed some memory leaks. 2003-08-28 Paul Rombouts * src/cache.c Eliminated the overhead of allocation debugging in the case that ALLOC_DEBUG is not defined. 2003-08-24 Paul Rombouts * src/conf-parse.y No longer allow certain settings of the query_method option in the configuration file if pdnsd is not compiled with the necessary support. Thanks to Nikolaus Rath for reporting the bug. 2003-08-23 Paul Rombouts * src/netdev.c Fixed a bug in is_local_addr() where the result of fgetc(f) is restricted to type char before being compared to EOF, which can result in the comparison always being false. Thanks to Gerhard Tonn for reporting the bug. 2003-07-28 Paul Rombouts * doc/html/index.html,doc/html/doc.html,doc/html/dl.html,doc/pdnsd-ctl.8,contrib/README Revised the documentation. 2003-07-21 Paul Rombouts * src/main.c,src/status.c,src/icmp.c Setting stat_pipe=0 after opening or binding the control socket fails. This should prevent further use of the control socket if a problem with it has been detected previously. Also properly initialized the global variable int ping_isocket in src/icmp.c 2003-07-13 Paul Rombouts * src/main.c Polished the code in main(). 2003-07-04 Paul Rombouts * src/helpers.c,src/dns_answer.c,src/dns_query.c Eliminated the use of inet_ntoa() in favor of the more modern inet_ntop(). inet_ntop() makes more sense in threaded code and is also recommended in the glibc info pages. 2003-07-03 Paul Rombouts * src/dns_query.c Fixed an allocation size error (not mine) in p_exec_query(). The erroneous size is almost always larger than necessary, so in practice this bug just wastes memory. But there is also a possibility that the allocated buffer is too small, which would mean trouble. Also fixed two memory leaks on some of the error paths in p_exec_query(). 2003-06-28 Paul Rombouts * acconfig.h,configure.in,src/thread.h Extended the configuration option --with-thread-lib. Configuring with --with-thread-lib=linuxthreads2 will cause the alternative definition of THREAD_SIGINIT suggested by Thomas Moestl to be used. 2003-06-27 Paul Rombouts * src/consts.h,src/consts.c,src/conff.c,src/conf-parse.y,src/dns_answer.c Added two new configuration options for policies of inclusion/exclusion lists. The new policies options are "simple_only" and "fqdn_only". This allows me to control to which name servers pdnsd will direct queries for simple host names. I also polished the code a bit in report_conf_stat(), used for reporting the current configuration. 2003-06-20 Paul Rombouts * acconfig.h,configure.in,src/thread.h,src/thread.c Added a configuration option --with-thread-lib=nptl. This causes the macro THREAD_SIGINIT to be defined as empty in src/thread.h, and thread_sig() in src/thread.c is never used. 2003-06-11 Paul Rombouts * src/thread.h Undid the change to the definition of THREAD_SIGINIT suggested to me by Thomas Moestl, after receiving a report of a problem with this change from someone running SuSE 7.0. 2003-06-06 Paul Rombouts * src/dns_query.c: Discovered that I failed to preserve the semantics of Thomas Moestl's code when I rewrote a section of code in use_server(). Fixed. 2003-05-19 Paul Rombouts * src/cache.c,src/conf-lex.l.in,src/conf-parse.y,src/conff.h,src/dns_answer.c,src/dns_query.c,src/servers.c: Merged fixes contained in patch file sent to me by Thomas Moestl with my own version. Changing the version to 1.1.8b1 as suggested by the patch file. 2003-02-26 Paul Rombouts * pdnsd-1.1.7a-par.diff: Made one big patch file from all the changes I made up till now. Wrote a description of the changes in a file README.par Posted patch file on the web so others can use it. 2003-02-24 Paul Rombouts * src/cache.c Changed the code that writes the cache to disk. Data is now written strictly sequentially, eliminating the need for fseek(). This seems to have successfully solved the problem I had with corrupt cache files. 2002-05-27 Paul Rombouts * ChangeLog: Started experimenting with the source code. Made many changes between 2002-05-27 and 2002-07-13. Too lazy to maintain the ChangeLog. 2002-01-06 Thomas Moestl * version: Call it 1.1.7. 2002-01-04 Thomas Moestl * src/dns_answer.c, src/dns_query.c: Comment and debug message fixes, more assertions. 2002-01-03 Thomas Moestl * src/dns.c, src/dns_answer.c, src/dns_query.c: More harmless fixes, correct some comments and debug messages, add more assertions. * NEWS, version: 1.1.7p2, correct NEWS entry. * src/helpers.c: Make sure the calling thread of pdnsd_exit() terminates immediately. 2002-01-02 Thomas Moestl * src/dns_answer.c, src/helpers.c, src/icmp.c: Fix a few more harmless bugs, more paranoia. * src/status.c: Fix yet more, probably harmless, problems. 2002-01-01 Thomas Moestl * src/dns.h, src/dns_answer.c, src/dns_query.c: Fix a few more possible buffer size problems, and add a bunch of assertions as last lines of defence. 2001-12-30 Thomas Moestl * src/dns.c: Build fix (include error.h). * NEWS, version: Call it 1.1.7p1, and add a NEWS entry. * TODO: Reduce TODO to what actually is still needed. * src/dns.c, src/error.h, src/helpers.c: Add a bunch of robustness PDNSD_ASSERT()'s. * src/dns_query.c: Fix a bug which may possibly be remotely exploitable to gain access as the user pdnsd runs as. This was caused by a dumb single-character mistake :( * doc/Makefile.am, configure.in: Avoid confusing automake 1.5 by not putting a comment into a make rule. Fix CONFDIR passing. Submitted by: GoTaR * src/pdnsd-ctl/pdnsd-ctl.c: Avoid crashing when the buffer contents received using the status command are not terminated. 2001-10-14 Thomas Moestl * src/rc/SuSE/pdnsd.in, THANKS: Fix the stop case for the SuSE rc script: killproc requires the full path of the binary as argument (reported by Bernhard Pelz). 2001-09-23 Thomas Moestl * configure.in: Revamp the OS autodetect test. OpenBSD and (hopefully) NetBSD are no longer unsupported. * src/helpers.c, THANKS: Do not try to use arc4random when compiling for NetBSD (submitted by Thomas Stromberg). 2001-09-10 Thomas Moestl * COPYING.BSD: s/REGENTS/AUTHOR/ in one place. * src/cache.c: It is possible no record of the requested type is present after calling cr_add_cent_rr_int() (when the record was marked as being local), so check before dereferencing the pointer to the respective rrset. Leave the record unmodified when cr_check_add() returns 0.x 2001-07-26 Thomas Moestl * src/rc/RedHat/pdnsd.in: Add a workaround for @sysconfdir@ substitutions containing ${prefix}. Spotted by Robert Linden. 2001-07-04 Thomas Moestl * src/rc/RedHat/pdnsd.in: Add a condrestart handler to the Red Hat rc script, and do some general cleanup. Contributed by Christian Engstler. 2001-07-02 Thomas Moestl * src/error.h: Attempt to detect a gcc that cannot yet handle ANSI variadic macros, and work around this by using the old GCC-style variant. * src/conff.c: Remove a + at the start of a line that got in when merging a diff by hand. * src/servers.c: waitpid() returns a pid_t. * src/dns.c: It's sizeof, not sizof. This should unbreak the IPv6 build. Also silence some warnings with appropriate casts. * NEWS, version: Call it 1.1.6, and add a NEWS entry. 2001-07-01 Thomas Moestl * src/conf-lex.l.in, src/conf-parse.y, src/conff.c, src/conff.h, src/dns_query.c, THANKS, version, AUTHORS: Added a modified version of Andreas Steinmetz's code for query_port_start and query_port_range, and added him to AUTHORS and THANKS. 2001-06-23 Thomas Moestl * src/cache.c: Fix a bogon: deleted would not be reset correctly in the first purge_cache loop, which could cause pdnsd to loop forever when a negative record was after a deleted rr. 2001-06-21 Thomas Moestl * src/list.h: Add (currently unused) list macros that are going to be used in future code. * src/cache.c: Fix a bogon in the rw lock code: we need to wake up a writer if there are no readers. The old code was a leftover from a time when SUSP_THRESH was just r_pend * x. Fix a typo. 2001-06-13 Thomas Moestl * AUTHORS: Add mention of FreeBSD code to AUTHORS. * src/netdev.c: Add SIZEOF_ADDR_IFREQ (taken from FreeBSD: _SIZEOF_ADDR_IFREQ, net/if.h rev. 1.58.2.1) and add an appropriate copyright notice. The reason for this is that other BSDs don't have it, and we are not supposed to use underscored macros in portable software. 2001-06-12 Thomas Moestl * src/icmp.c: Fix double #inclusion of . Noticed by Sebastian Stark. 2001-06-08 Thomas Moestl * src/dns_query.c, THANKS: Allow underscores in the query names reported back, as the comment next to the decompress_name call already indicated (but the call gave NULL as the uscore parameter, which disables underscores normally). Add Michael Ströder, who spotted this, to THANKS. 2001-06-06 Thomas Moestl * src/servers.c, THANKS: Fix a bug discovered by Stefan Erhardt (and add him to THANKS): the return value of waitpid was misinterpreted. 2001-06-04 Thomas Moestl * Makefile.am, file-list.base.in, version: Bump version to 1.1.6p1; wire up COPYING.BSD so that it gets included in RPM's and tarballs. * COPYING.BSD: Add the BSD-Style copyright notice so that it can be included in binary distributions. 2001-06-03 Thomas Moestl * src/dns.c, src/dns_answer.c, src/dns_query.c, src/helpers.c, src/status.c, NEWS, version: Bump version to 1.1.5, and add a NEWS entry for this release. Miscellaneous cleanups, mainly in the status.c code; fix a bug that could cause heap corruption (rhncpy always clobbered the whole buffer, but only the needed space was reserved in add_rr). This should solve the crashes some people were seeing (this bug is not an exploitable security hole as far as I know; the respective buffer is on the heap, as mentioned). * src/error.c: Paranoia: do not use the argument to crash_msg as a format string (crash_msg is only used with constant strings, though). 2001-06-02 Thomas Moestl * src/dns.c, src/dns.h, src/dns_answer.c, src/dns_query.c, src/error.h, src/hash.c, src/helpers.c: Correct underscore handling for SRV records, and a few comment fixes. * src/cache.c, src/conff.c, src/dns_query.c, src/error.h, src/helpers.h, src/status.c: Numerous non-critical argument fixes for printf-like functions. * src/dns.c: Remove superfluous \n's. * src/conf-parse.y, src/dns_answer.c, src/status.c: Correct some DEBUG_MSG nits, and fix two format string bugs. One of them could allow users that are allowed to use pdnsd-ctl with the server (when the status socket is enabled) to gain the privileges of the user that runs (the run_as user or the user that started pdnsd on Linux when strict_setuid is set to off) pdnsd. The status socket is disabled by default, and if it is enabled, it's default permissions are quite restrictive, so this isn't a problem for most. 2001-05-30 Thomas Moestl * src/status.c: Make the status permissions actually work (missed last time). * src/dns_answer.c, src/main.c, src/status.c, src/status.h: Move the status socket initialization to a place where it gets executed before any threads are started; this way, we can use umask to set the permissions, and avoid a (in this case harmless, but anyway) race condition. While being there, remove obsoleted comments and places referring to the now-socket as fifo. 2001-05-29 Thomas Moestl * src/cache.c: Replace a misuse of CF_LOCAL with DF_LOCAL. This had no effect, because the values are the same. 2001-05-22 Thomas Moestl * src/hash.c, src/helpers.c, THANKS, acconfig.h, configure.in: Add an option for allowing underscores (_) in domain names. This violates the RFC's if enabled (which it isn't by default). Thanks to Eelco Vriezekolk for an initial patch. While being there, clean up configure.in and acconfig.c a bit. * src/helpers.c, src/status.c: Add a few comments about security implications. * src/cache.c, src/dns_answer.c, src/dns_query.c, src/helpers.c: Change some occurences of strcpy to strncpy. Again, no risk here, the buffer lentgh was carefully chosen, and while the data was partially of remote origin, it was carefully validated before entering the cache (and thus having a chance of being used by us). 3 occurences remain: 2 in cache.c, where we allocate a sufficient amount of memory before (mimicking the non-portable strdup) and one where we copy a constant and which is obviously correct. * src/dns.c: Change two occurences of strcat to strncat. Again, no risk here, the buffer lentgh was carefully chosen, the data was validated and supplied by the starting user. * src/dns.c: Change a sprintf to a snprintf and enlarge a buffer a bit. This is pure paranoia (alrhough makes code review easier for others), because a.) the lengths were carefully chosen so that no overrun could occur and b.) this was locally supplied data. 2001-05-21 Thomas Moestl * src/rc/RedHat/Makefile.am: Add a missing semicolon in the RedHat rc Makefile.am (discovered by Christian Engstler). 2001-05-19 Thomas Moestl * HACKING: Remove the mostly outdated HACKING file. * src/debug.c: Catch a corner case in the allocation debug helpers: realloc() with a size of 0 is effectively a free operation. To my knowledge, this is not done in the pdnsd sources, however. * src/test/test.sh: Use the correct error function, forgotten in last commit. * src/test/clnt-test.sh, src/test/srv-test.sh, src/test/test.sh: Misc small improvements in the regression test scripts, mostly adding configuration variables and common error handlers. Comment a little on the tests that are done in clnt-test.sh * src/rr_types.c: Fix a typo in a comment. * src/cache.c, src/debug.c, src/dns_answer.c, src/dns_query.c, src/error.h, src/hash.c, src/list.c, src/main.c, src/status.c, src/thread.c, src/thread.h: New ANSI variadic debug macros (finally), which print a timestamp and a thread ID now for easier debugging with many parallel queries. It should be considered to make those inline functions instead. However, we have the advantage that we use printf in place here and benefit from parameter checking without specifying obscure function attributes. * src/rc/SuSE/.cvsignore, src/test/.cvsignore, src/rc/.cvsignore, src/rc/Debian/.cvsignore, src/rc/RedHat/.cvsignore, contrib/.cvsignore, doc/.cvsignore, src/.cvsignore, src/pdnsd-ctl/.cvsignore, .cvsignore: Brush up the rotten (pre-autoconf!) .cvsignore files and add some where necessary. 2001-05-17 Thomas Moestl * src/rc/RedHat/Makefile.am, src/rc/RedHat/pdnsd.in, configure.in, pdnsd.spec.in: Red Hat rc script and RPM improvements by Christian Engstler. 2001-05-12 Thomas Moestl * src/pdnsd-ctl/pdnsd-ctl.c: Fix a place missed when converting rr_info. * version: It's 1.1.4, finally. * src/rr_types.c, version: Change some class values in the rr type structure to better values. Bump beta version. 2001-05-10 Thomas Moestl * src/cache.c, src/dns_answer.c, src/dns_query.c: Fix a signedness bug that could cause erraneous 0 ttls to be returned. Add some debug messages, and do some minor fixups. 2001-05-09 Thomas Moestl * src/cache.c, src/rr_types.c: Fix some bugs in the new conflict resolution code and make it more complete. * src/cache.c, version: Add conflict resolution code. This needs a bit more checking, and the tables might still need to be tweaked. Bump version. * src/pdnsd-ctl/pdnsd-ctl.c, src/Makefile.am, src/cache.c, src/cache.h, src/conf-lex.l.in, src/conf-parse.y, src/conff.c, src/conff.h, src/consts.c, src/consts.h, src/debug.c, src/dns.c, src/dns_answer.c, src/dns_answer.h, src/dns_query.c, src/dns_query.h, src/error.c, src/error.h, src/hash.c, src/hash.h, src/helpers.c, src/helpers.h, src/icmp.c, src/icmp.h, src/list.c, src/main.c, src/netdev.c, src/netdev.h, src/rr_types.c, src/rr_types.h, src/servers.c, src/servers.h, src/status.c, src/status.h, src/thread.c, src/thread.h, configure.in, version: Remove the old infrastructure that theoretically could have allowed for multiple cache subsystems. This ability was never used, and if it should, the caching should probably be split into two layers, a higher level common one and the actual caching backends. src/cacheing/cache.c and src/cacheing/native/*.[ch] were repo-copied to src/. Substitute "conf.h" with for includes. Purge records a little more often (when adding records, and when retrieving from the cache). Handle cache_size properly when using purge_cent. Introduce some infrastructure in rr_types.[ch] for a record conflict checker which is to be introduced shortly to enforce cache consistency even in the purge_cache=off case. 2001-05-04 Thomas Moestl * src/rc/RedHat/pdnsd.in, src/rc/SuSE/pdnsd.in, src/rc/Debian/pdnsd.in: Revert the last commit. It breaks the rc scripts by spamming them with make style variable expansions. * src/rc/SuSE/pdnsd.in, src/rc/RedHat/pdnsd.in, src/rc/Debian/pdnsd.in, AUTHORS, THANKS: Fix a rc script bug spotted by Frank Elsner, and add him to AUTHORS and THANKS. 2001-05-01 Thomas Moestl * version: Bump version to 1.1.4p2. * src/pdnsd-ctl/pdnsd-ctl.c, src/status.c: Fix some bogons and remove some unneeded code in the pdnsd-ctl interface. Fix spelling and line length bugs. 2001-04-30 Thomas Moestl * src/pdnsd-ctl/pdnsd-ctl.c, src/conf-parse.y, src/status.c: Some corrections for the authrec config file and the pdnsd-ctl noauth support. * src/pdnsd-ctl/pdnsd-ctl.c: Fix wrong argv index (using getopt changed the indices). * src/pdnsd-ctl/pdnsd-ctl.c, src/conf-lex.l.in, src/conf-parse.y, src/conff.c, src/conff.h, src/dns.c, src/dns.h, src/dns_query.c, src/status.c, THANKS, version, AUTHORS: Accumulated changes that should go in before 1.1.4: - merge Andrew M. Bishop's patch that adds a server label option - make local records authoritative for the domain by default, and add the authrec option to change this - add the auth keyword to the pdnsd-ctl source option to support that - fix a bug in the conf-parse.y grammar causing a shift/reduce conflict - sync up AUTHORS and THANKS: add Andrew M. Bishop, Kevin A. Burton and Michael Steinl - bump version to 1.1.4p1 * src/conff.c, src/main.c: Fix two small bugs: the wrong element of argv was used for the pidfile option, which could cause pdnsd to segfault, and C_INCLUDED was always used in slist_add, regardless of the tp parameter. * src/helpers.c: Fix a bogon discovered by Michael Steiner: the fread() return value was tested against bytes, not the number of items. * src/hash.c, src/hash.h, src/cache.c: purge_cache used to walk over the cache quite inefficiently when it was called from add_cache. Add a lazy mode for purge_cache which uses the rrset_l to be efficient in this special case. Add some #ifdef'ed-out-by-default code to debug the hash function. 2001-04-12 Thomas Moestl * NEWS: Add NEWS entry for 1.1.3. * src/dns.c, src/helpers.c, src/icmp.c, contrib/Makefile.am, contrib/README, version: IPv6, ICMP and build fixes. It's 1.1.3 now! * src/debug.c, src/debug.h: Add the new debug support files. * src/test/clnt-test.sh, src/cache.c, src/cache.h, src/error.h, src/list.c, src/list.h, src/main.c, src/status.c, src/status.h, src/Makefile.am, src/conf-parse.y, src/conff.h, src/dns.c, src/dns_answer.c, src/dns_query.c: Add allocation debug support. Some small cleanups before the upcoming 1.1.3 release. * src/dns_query.h, src/helpers.c, src/list.c, src/conff.c, src/dns.c, src/dns_answer.c, src/dns_query.c: Lots of small bugfixes, cleanups, style and spelling fixes. * src/test/clnt-test.sh: Fix nc arguments. * src/test/clnt-test.sh, src/test/srv-test.sh, src/test/test.sh: Add regression test scripts. 2001-04-11 Thomas Moestl * src/pdnsd-ctl/pdnsd-ctl.c, src/cache.c, src/servers.c, src/dns_answer.c, src/helpers.c, src/helpers.h, src/icmp.c, src/main.c: Further cleanups and bug, style and spelling fixes. * configure.in: Use -g again in the CFLAGS for a while. * version: Beta version bump. * src/rc/SuSE/pdnsd.in: killproc does not seem to take the full path, but only the process name (which is what one would expect). * src/hash.c, src/netdev.c, src/rr_types.c, src/status.c, src/conf-parse.y, src/conff.c, src/helpers.c: Misc. smaller fixes, and fixes on the new features. Also clean up style and spelling in some places. * src/dns_answer.c: Bring the glibc pthread_cleanup_push/pthread_cleanup_pop return bug workaround into the main tree. Without this, a return between those two macros would cause pdnsd to crash on system using a glibc between 2.1.2 and 2.2.2 (and possibly others). This could e.g. be cause by a TCP connect() port scan. 2001-04-10 Thomas Moestl * src/pdnsd-ctl/pdnsd-ctl.c: Minor fixes, direct error messages to stderr. * src/list.c, src/list.h: Add the new list implementations. * src/cache.c, src/cache.h, src/conf-parse.y, src/dns.c, src/dns_answer.c, src/dns_query.c, src/helpers.c, src/helpers.h, src/conf-lex.l.in: Introduce rhnlen and rhncpy and make use of it instead of kluged-up strcpy/strlen in the appropriate places. Check that incoming names contain only legal characters in decompress_name, return RC_FORMAT otherwise (this would result in wrong handling only, but not in a security hole). Reorganzie compose_answer and make it more correct for multiple questions. Get rid of the algorithm that tries to add a higher level name server; this might be readded in another place somewhen. Use some more da_* instead of hand-built lists. Some style cleanups. * src/rc/RedHat/Makefile.am: Add K45pdnsd links for rc6.d (reboot) and rc0.d (halt) following a suggestion by Stas Sergeev. 2001-04-06 Thomas Moestl * src/pdnsd-ctl/pdnsd-ctl.c, src/cache.h, src/error.h, src/helpers.c, src/helpers.h, src/main.c, src/servers.c, src/status.c, src/conf-parse.y, src/conff.c, src/conff.h, src/dns.c, src/dns.h, src/dns_answer.c, src/dns_query.c, src/Makefile.am, version: Bump alpha version; introduce a generic dynamic array type and make use of it to ged rid of some ugly casts and redundant code. Minor fixes. * src/icmp.h, src/ipvers.h, src/conff.h, src/consts.h, src/dns.h, src/dns_answer.h, src/dns_query.h, src/helpers.h: Use macros without an underscore as first character to protect the headers. Underscores are reserved and should not be used in the application name space. * src/error.h: Add PDNSD_ASSERT, change style a little. 2001-04-03 Thomas Moestl * src/hash.c, src/netdev.c, src/servers.c, src/helpers.c, src/icmp.c, src/main.c: Another slew of small bugfixes, minor updates and small fixes. * src/rr_types.c, src/consts.c: Update rr_types.c copyright date, consts.c should have a rcsid string. * src/rr_types.c: cvs add rr_types.c. * src/dns.h, src/helpers.h, src/ipvers.h, src/rr_types.h, src/status.h, src/conf-parse.y, src/conff.h: cvs add rr_types.h that got missed before, update copyright dates, remove some old config cruft, some minor fixups. * src/conff.c, src/consts.c, src/dns_answer.c, src/error.c, src/conf-lex.l.in, src/conf-parse.y: Update copyright dates, fix some minor bugs. Update copyright dates. cvs add missed consts.c. 2001-03-28 Thomas Moestl * src/cache.c, src/hash.c, src/error.c, src/servers.c, src/dns_answer.c, version: Bump version to 1.1.3p4 Fix some non-critical locking issues (none of them could be fatal). Adjust copyright dates. * src/hash.c: Make the hash compare case insensitive. 2001-03-25 Thomas Moestl * contrib/Makefile.am: Add Id tag to Makefile.am * src/cache.c, src/dns_answer.c, src/icmp.c: Some more type fixes overlooked in last commit. * src/conf-parse.y, src/conff.h, src/dns.h, src/dns_answer.c, src/dns_query.c, src/icmp.c: More type cleanups. Use time_t for time specifications throughout, and make lengths singed longs. Cast cleanup in icmp.c to fix alpha unalinged access faults. * contrib/dhcp2pdnsd, contrib/pdnsd_dhcp.pl, contrib/save_ram.pl, contrib/Makefile.am, contrib/README, configure.in, version, Makefile.am: It's 1.1.3p3 now. Change the contrib infrastructure: there is a Makfile.am in contrib/ now. Rename Marko Stolle's pdnsd_update.pl to pdnsd_dhcp.pl and bring it up to date (adding the rc script and save_ram.pl). * src/helpers.c, src/dns.c, src/dns_query.c, AUTHORS, THANKS: Bring in Bjoern Fischer's changes to make pdnsd conserve the case of cached names, and add him to AUTHORS and THANKS. * configure.in: The gdbm backend is discontinued. * src/cache.c, src/hash.c: Cleanup and small bugfixes of the cache code (esp. locking). * AUTHORS, THANKS, file-list.base.in, pdnsd.spec.in: SuSE fixes by Christian Engstler. Add him to AUTHORS, THANKS. 2001-03-14 Thomas Moestl * src/dns_query.c: Fix a bug that could cause servers that were not used in the first parallel query not to be used at all (failure would be returned instead). 2001-03-13 Thomas Moestl * src/icmp.c: Add define for ip_p equivalent on Linux. * src/pdnsd-ctl/pdnsd-ctl.c, src/cache.c, src/dns_query.c, src/icmp.c, src/status.c, src/conf-parse.y, src/dns_answer.c, version: Bump alpha version, more alignment fixes. All casts should be correct now. 2001-03-12 Thomas Moestl * src/dns_answer.c, src/dns_query.c, AUTHORS, THANKS: Add the alpha fixes by P.J. Bostley, and add him to THANKS and AUTHORS. 2001-03-10 Thomas Moestl * src/dns.h, src/helpers.h: Remove prototype for removed function strtolower. Use unit16_t and uint32_t instead of unsinged short/long for dns protocol structures. 2001-02-25 Thomas Moestl * src/pdnsd-ctl/pdnsd-ctl.c, src/status.c, src/conf-lex.l.in, src/conf-parse.y, AUTHORS, Makefile.am, version: Add MX and CNAME for rr sections in the config file and MX setting for pdnsd-ctl. Typo fixes. * src/netdev.c: Two more fixes. * src/pdnsd-ctl/pdnsd-ctl.c, src/cache.c, src/dns.c, src/main.c: More small robustness fixes. * src/pdnsd-ctl/pdnsd-ctl.c, src/netdev.c, src/status.c, src/status.h, src/conf-parse.y, src/helpers.c, src/main.c, configure.in, version, Makefile.am, NEWS: A batch of robustness fixes. Move the status socket to the cache directory. Various cleanups. It's 1.3 now (hopefully to be released soon). 2001-02-21 Thomas Moestl * src/main.c, src/conf-lex.l.in: Fix breakage of the -mtu option and the query_method option (the parser would not recognize constants that contained underscores). 2001-02-20 Thomas Moestl * contrib/README, contrib/pdnsd_dhcp.pl, AUTHORS, Makefile.am, THANKS, file-list.base.in: Add Marko Stolle's pdnsd_update.pl DHCP update script, add him to THANKS, and bring a contrib/ directory in place. 2001-02-15 Thomas Moestl * src/dns_answer.c, configure.in, version: Some minor build & misc fixes. Bump version to 1.1.2a and release a version with the spec file fixes to get proper Red Hat RPM's. 2001-02-09 Thomas Moestl * NEWS: Bring NEWS up to date. * src/icmp.c: Do not close the socket on error. * pdnsd.spec.in: Add spec file fixes for man pages by Sourav K. Mandal 2001-02-07 Thomas Moestl * version: It is now 1.1.2. * src/dns_query.c, src/main.c, Makefile.am, THANKS: Fix a too strict length checking that could cause SERVFAIL to be returned when the server returned NXDOMAIN. Add Markus Storm to THANKS (he has reported this bug and supplied helpful information). Minor tweaking in main.c. Remove emptying of GZIP_ENV in Makefile.am (this normally contains --best). 2001-01-27 Thomas Moestl * AUTHORS, THANKS: Add Michael Wiedmann to AUTHORS and THANKS for his pdnsd-ctl.8 man page. * doc/Makefile.am, doc/pdnsd-ctl.8, configure.in, Makefile.am: Add the pdnsd-ctl man page contributed by Michael Wiedmann. For this to build in a correct way, add doc/Makefile.am and move all doc and pdnsd.conf.sample related stuff in there. 2001-01-25 Thomas Moestl * src/main.c: Removed unneeded for the non-O_NOFOLLOW case. 2001-01-24 Thomas Moestl * src/main.c: Add a fchown and a fchmod to the new non-O_NOFOLLOW case (not yet used). * src/conf-parse.y, src/main.c, src/status.c: Misc small fixups. * version: It's called 1.1.1 now. * src/pdnsd-ctl/pdnsd-ctl.c, src/status.c, src/main.c: Fix command line parsing. Add code to securely create pid files under OSs that do not support the O_NOFOLLOW flag (those OSs are not supported yet, though). Fix a possible race condition in socket creation/chmod. We now create a directory in /tmp (or whatever TEMPDIR was set) to hold the socket. * src/dns.c, src/dns_answer.c, src/icmp.c, src/main.c, src/status.c: Another slew of copyright notice upgrades. * version, configure.in: Bump beta revision, fix typo (missing $) in configure.in * src/dns.c, src/dns_answer.c, src/status.c: Silence BSD compile time warnings. * configure.in: Cleanup, add autoconf code for building pdnsd on FreeBSD-CURRENT with the new additionally-linked libc_r. 2001-01-16 Thomas Moestl * src/dns_answer.c, src/icmp.c, version: Bump beta revision, fix a comment. Also, generate ping id's using pdnsd's random wrappers instead of using rand() for paranoia. 2001-01-15 Thomas Moestl * src/helpers.c, configure.in: Improve wording. * src/helpers.c: Update copyright year (forgotten in last commit). * src/dns_answer.c, src/helpers.c, src/main.c, acconfig.h, configure.in, version: Bump versions. Small fixes (move socket intitializations from udp_server_thread to init_udp_sockets to prevent warning when startup takes long. Make arc4random an option for a query id RNG and make it the default on FreeBSD. 2000-12-07 Thomas Moestl * src/conf-parse.y, src/main.c, version: We are at 1.1.1p1. Removed the exec-uptest security warning printef if no explicit user is given in the strict_setuid case (it is not needed there, and confuses users). 2000-11-28 Thomas Moestl * src/cache.c, src/helpers.c: Converted cache locks to use condition vars and have lock contention prevention. Added comments where not converted. 2000-11-25 Thomas Moestl * AUTHORS, THANKS, pdnsd.spec.in: Added spec file patches by Bernd Leibing and added him to AUTHORS and THANKS. 2000-11-21 Thomas Moestl * src/rc/SuSE/Makefile.am: Fixed a hopefully last SuSE rpm build bug. * src/rc/SuSE/Makefile.am: Another one: allow rc.conf manipulation to fail for a clean rpm build (SuSE only). * file-list.base.in: Last-minute fix: correct filelist for rpm build to reflect the new name for the sample configuration. * version: It's 1.1.0 now. 2000-11-18 Thomas Moestl * src/pdnsd-ctl/pdnsd-ctl.c, src/cache.c, src/dns_query.c, version: Fixed a condition where the cache code did not give up a lock. Made the udp code use connect(). Some small changes. 2000-11-16 Thomas Moestl * version: Calling it 1.1.0b3. 2000-11-15 Thomas Moestl * src/test/Makefile.am, src/pdnsd-ctl/Makefile.am, src/cache.c, src/Makefile.am, src/dns_answer.c, src/error.h, src/icmp.c, src/icmp.h, src/main.c, src/netdev.c, src/servers.c, src/thread.c, Makefile.am, configure.in, version: Enabled new rr support by default (some resolvers don't seem to like not supported answers - not our bug, but well). Made some globals volatile to avoid being bitten by optimisations. 2000-11-12 Thomas Moestl * TODO, version: Called it the first beta. 2000-11-11 Thomas Moestl * src/cache.c, src/conf-lex.l.in, src/conf-parse.y, doc/pdnsd.conf.in: renanmed rrneg to neg in the config file. Misc small fixes. pdnsd-ctl record xxx inval will now also invalidate local records. * src/conf-lex.l.in, src/conf-parse.y, src/dns_answer.c, src/status.c, pdnsd.spec.in: Added --sysconfdir=/etc as argument to configure in the spec file. Implemented the new rrneg config file section. * src/test/Makefile.am, src/pdnsd-ctl/Makefile.am, src/pdnsd-ctl/pdnsd-ctl.c, src/cache.c, src/cache.h, src/status.c, src/status.h, TODO: Added the neg option to pdnsd-ctl. * src/cache.c, src/Makefile.am, src/conf-lex.l.in, src/consts.h, src/dns.c, src/dns.h, src/dns_answer.c, src/dns_query.c, src/helpers.c, src/main.c, configure.in: Assorted fixes. The new features should be stabilized by now, will integrate the missing few features now. Also actived the tcp server by default. 2000-11-07 Thomas Moestl * src/dns_answer.c, src/dns_query.c, src/icmp.c, src/ipvers.h, THANKS, TODO: Fixed a possible memory and socket leak reported by Erich Reitz. Implemented udp source address discovery for FreeBSD. * src/dns_query.c: Part 2 of yesterdays fix. 2000-11-06 Thomas Moestl * src/dns_query.c, version: Fixed a bug reported by Erich Reitz: pdnsd could leak fd's and memory if queries timed out. * src/cache.c, src/cache.h, src/Makefile.am, src/dns_answer.c, src/dns_query.c, TODO, configure.in: Sorted out some bugs for the new neg cacheing. 2000-11-05 Thomas Moestl * src/cache.c, src/dns_query.c, TODO: Negative cacheing support is now present, but largely untested. * src/conff.c, TODO: The output of pdnsd-ctl status is now complete with all currently supported options. * src/conf-parse.y, src/conff.c, src/conff.h, src/consts.h, src/conf-lex.l.in: Added the config file options for the nefative cacheing support. 2000-11-04 Thomas Moestl * src/cache.c, src/cache.h, src/conf-parse.y, src/dns.c, src/dns_query.c, src/status.c, version: The new cache infrastructure for negative cacheing is in place. Using and testing it remains. * src/cache.c, src/cache.h: First changes to support negative cacheing. This should not break anything, but the cache file format will be incompatible. * src/main.c, src/dns_answer.c: init_udp_socket() and init_tcp_socket() are now called after daemonizing on FreeBSD, as bind wants to lock the fd which can cause later calls to fail after an exit. 2000-11-03 Thomas Moestl * src/dns_query.c, src/icmp.c, src/servers.c: Minor bugfixes and repository cleanup. 2000-11-02 Thomas Moestl * src/icmp.c, TODO, version: Called it 1.0.16p4. Fixed some compatability problems with the new code; the ipv4 implementation seems to be fairly stable, the ipv6 one needs some testing with dest unreach messages. * src/icmp.c, src/main.c: Rewrote large parts of the ping implementation to be more portable. 2000-11-01 Thomas Moestl * acconfig.h, configure.in, version: Some config fixes, version to 1.0.16p3. SOCKET_LOCKING should be off by default, as sendmsg can block. * src/pdnsd-ctl/pdnsd-ctl.c, src/error.h, configure.in: Removed -W* arguments from CFLAGS that were implied by -Wall. * src/thread.c, configure.in: Added some more safety tests to configure.in, and made it give an error on some conditions. Also made configure do poll and usleep detectione. * src/cache.h, src/test/Makefile.am, src/dns_answer.c, src/error.c, src/error.h, src/helpers.c, src/main.c, src/servers.c, src/status.c, src/thread.c, src/thread.h, src/Makefile.am: Code cleanup. Beautified some macros, and moved the thread specific things from error.[ch] over to the new thread.[ch]. Also introduced usleep_r which tries to be thread safe for different Unices. 2000-10-31 Thomas Moestl * src/pdnsd-ctl/pdnsd-ctl, src/pdnsd-ctl/pdnsd-ctl.c: The pdnsd-ctl binary got into cvs. Fixed that. * src/pdnsd-ctl/pdnsd-ctl, src/cache.c, src/cache.h, src/error.c, src/helpers.c, src/main.c, version: Another set of FreeBSD compatability patches. This seems to catch most of the problems, and pdnsd should be useable with libc_r now. 2000-10-30 Thomas Moestl * src/pdnsd-ctl/pdnsd-ctl, src/conff.c, src/dns_answer.c, src/dns_query.c, src/helpers.c, src/icmp.c, src/main.c, AUTHORS, Makefile.am, THANKS, configure.in, version: FreeBSD fixes, mostly contributed by Roman Shterenzon. 2000-10-25 Thomas Moestl * src/pdnsd-ctl/Makefile.am, src/pdnsd-ctl/pdnsd-ctl: pdnsd-ctl was not in cvs. * src/dns_query.c, src/error.h, configure.in: Some fixups for 1.0.15. 2000-10-23 Thomas Moestl * src/dns_answer.c, src/dns_query.c, configure.in: Several fixes for pdnsd to work better when it receives error replys. * src/dns.c, src/dns_answer.c: Fixed another memory leak on an error path in dns_answer.c and did a pointer signedness fixup in dns.c 2000-10-21 Thomas Moestl * src/dns_answer.c, AUTHORS: Applied a patch by Paul Wagland that fixes some spelling mistakes and some memory leaks on error paths. * src/dns_query.c, src/conf-lex.l.in, src/conf-parse.y, src/conff.c, src/conff.h, src/dns_answer.c, NEWS, version: Bug fixes. Added the randomize_recs option and turned it on by default. 2000-10-20 Thomas Moestl * src/helpers.c, src/dns.c, src/dns_query.c: Fixes for the paranoid option to work with root servers properly. * src/dns_query.c, src/dns.h, src/dns_answer.c, AUTHORS, THANKS: Applied a patch by Paul Wagland for bind9-compatability and added him to AUTHORS and THANKS. 2000-10-19 Thomas Moestl * src/dns_answer.c, NEWS, version: Another POLL_* fix. It is now called 1.0.14. * src/dns_answer.c, src/dns_query.c, src/icmp.c: BSD build fixes. * src/dns_query.c: Made p_recurdive_query return immediately if a query returns NXDOMAIN. * src/dns_query.c, Makefile.am: Some bugifixes. It is now called 1.0.13. Releasing. * src/cache.c, src/dns_query.c, AUTHORS, NEWS: Updated AUTHORS and NEWS. Made destroy_cache() lock the cache so that no thread can access the cache afterwards (could lead to crashes). * src/helpers.c, NEWS, THANKS: Integrated a security fix contributed by Olaf Kirch: when changing user IDs, pdnsd did not reinitialize the supplementary group list, meaning that the process still had the privileges of the supplementary groups the original user was member of. * src/conf-lex.l.in, src/conf-parse.y, Makefile.am, TODO, version: Introduced the par_queries option. * src/dns_answer.c, src/dns_query.c, TODO: Updated TODO, did some fixups for string handling. * HACKING: Added HACKING with some comments about coding style. 2000-10-18 Thomas Moestl * src/dns_answer.c, src/dns_query.c, src/error.h, src/main.c, TODO: Revieved and fixed the new dns_query.c-poll/select loops. * src/test/tping.c, src/dns_query.c, src/icmp.c: Fixed the new poll/select ping support. 2000-10-17 Thomas Moestl * src/dns_query.c, src/icmp.c, TODO: Got rid of the O_NONBLOCK loop in the icmp.c ping implementation. Beta tesing pending. * src/rc/Debian/Makefile.am, src/conff.c, src/conff.h, src/dns_query.c, src/dns_query.h, THANKS, TODO, acconfig.h, configure.in: Corrected the Debian rc script (bug reported by Michael Müller). Got rid of the nonblocking socket things in dns_query.c, and using poll/select now. Testing (esp. --no-poll) remains. * src/dns_answer.c: Got rid of O_NONBLOCK read loops in dns_answer.c, using poll/select now instead (after one issue about boundaries was cleared up). 2000-10-16 Thomas Moestl * src/rc/SuSE/Makefile.am, src/rc/RedHat/Makefile.am, src/rc/Debian/Makefile.am: The generated rc scripts do not need to be in the distribution. * src/conff.c, src/main.c: Fixed a server structure members in conff.c. Only delete the socket if we are in status pipe mode now. * src/conf-lex.l.in, src/conf-parse.y, src/conff.c, src/conff.h, src/dns_answer.c, src/dns_query.c, acconfig.h, configure.in: Added the --enable-tcp-subseq and --with-tcp-qtimeout configure options, added the tcp_qtimeout conf file option, tested things. 1.0.12 is ready for release. 2000-10-15 Thomas Moestl * src/dns_answer.c, TODO, acconfig.h: Added TCP timeouts to the answer code. Still need an option in the conf file and documentation for that (besides beta testing). * src/conf-lex.l.in, src/conf-parse.y, src/conff.c, src/conff.h, src/consts.h, src/dns_query.c, src/helpers.c, src/helpers.h, NEWS, TODO: Introduced domain inclusion/exclusion lists in the server section (new options include=, exclude=, policy=). 2000-10-14 Thomas Moestl * src/conf-lex.l.in, src/conf-parse.y, src/conff.c, src/conff.h, src/dns_answer.c, src/main.c, NEWS, TODO, version: Upped version, updated NEWS and TODO and implemented a process count limit. 2000-10-13 Thomas Moestl * src/rc/Debian/pdnsd.in, src/main.c: Added the --pdnsd-user option, and made the Debian rc script use it rather than trying to parse the config file itself. 2000-10-11 Thomas Moestl * src/rc/SuSE/pdnsd, src/rc/SuSE/pdnsd.in, src/rc/RedHat/pdnsd, src/rc/RedHat/pdnsd.in, src/rc/Debian/pdnsd, src/rc/Debian/pdnsd.in, AUTHORS, THANKS, configure.in: Added the 'configure'-able rc scripts contributed by Carsten Block and added him to THANKS and AUTHORS. * src/main.c: Added O_NOFOLLOW to the pidfile open() call (if it is defined) to prevent users creating files as the pdnsd user (using links) if the admin put the pidfile in a world-writeable directory against all good advice. This is not a bug fix! Admins were not, and are still not supposed to put the pidfile in a directory that is writeable for untrusted users! 2000-10-10 Thomas Moestl * THANKS: Added Milan P. Stanic to THANKS. * src/main.c: Fixed a missing O_WRONLY in the open() call for pidfile operation. 2000-10-08 Thomas Moestl * src/Makefile.am, src/dns.c, src/dns_answer.c, configure.in, version, acconfig.h: Released 1.0.11. Two security fixes in dns.c and dns_answer.c, and misc. smaller issues. * src/Makefile.am, src/conf-parse.y, src/dns_answer.c, src/dns_query.c, src/icmp.c, src/servers.c, AUTHORS, THANKS, TODO, acconfig.h, configure.in, version: 1.0.10 was released some time ago ;-) This had some IPv6 fixes. Also fixed minor bug when using SOCKET_LOCKING. 2000-08-28 Thomas Moestl * src/dns_answer.c: Fixed a parameter mismatch in getsockopt() * Makefile.am: Applied Sourav K. Mandal's rpm build patch to the toplevel Makefile.am 2000-08-27 Thomas Moestl * src/conf-lex.l.in, src/conf-parse.y, src/consts.h, src/servers.c, version: Added diald support. It's now called 1.0.9. * src/conf-parse.y, src/conff.c, src/netdev.c, pdnsd.spec.in: Fixed some ugly typos in conf-parse.y and netdev.c. Since I have no further bug reports and these bugs make some things inconvenient, I will release 1.0.9 immediately. 2000-08-26 Thomas Moestl * pdnsd.spec.in: small spec fix. * NEWS, configure.in: Last fixups for 1.0.8. Released it. * Makefile.am: Set mode and owner for cache file. * src/conf-parse.y, src/dns_answer.c, src/netdev.c, acconfig.h, configure.in, version: Misc fixes. Hopefully fixed the UDP socket problems under Linux SMP. 2000-08-20 Thomas Moestl * src/cache.c, src/dns_answer.c, AUTHORS, THANKS, configure.in, pdnsd.spec.in, version: Build fixes by Alexandre Nunes, spec fixes (does now set distro for configure), first attempt at an "error in udp send"-fix, and fix for a problem with having records for the root domain in the disk cache file. 2000-08-13 Thomas Moestl * src/netdev.h, src/servers.c, src/status.c, src/conf-lex.l.in, src/conf-parse.y, src/conff.c, src/conff.h, src/consts.h, src/dns.c, src/dns.h, src/main.c, src/netdev.c, AUTHORS, THANKS: Some minor fixes. Integrated the ppp device patch by Ron Yorston. 2000-08-12 Thomas Moestl * configure.in: configure.in was missing in repository. Also removed debugging flag for build. * src/main.c: Made the pid file handling safe for directories. * src/dns.c: Part II of the last fix. * src/dns.c: Fixed a nasty bug in decompress_name which would produce errors very rarely. That was a off-by-one bug, but on the safe side (no overflow, stopping one by too early). * src/main.c: Fixed several possible problems with strncat(). None of these was critical or involved remote data. 2000-08-08 Thomas Moestl * src/main.c: Changed FreeBSD signal latency to 250 ms. * src/main.c, acconfig.h: A set of last-minute FreeBSD fixes. pdnsd does now NEED linuxthreads on BSD. 2000-08-07 Thomas Moestl * version: It's now called 1.0.7. * src/main.c, doc/pdnsd.conf.in, Makefile.am: Misc build&BSD fixes. * src/conff.c, src/conf-parse.y, version: Version set to the hopefully last beta. Fixed the proxy_only option. 2000-08-05 Thomas Moestl * src/rc/SuSE/Makefile.am, src/rc/RedHat/Makefile.am, src/rc/Debian/Makefile.am, src/conf-lex.l.in, src/conf-parse.y, src/conff.c, src/conff.h, src/dns_query.c, src/status.c, doc/pdnsd.conf.in, Makefile.am, TODO: Added the proxy_only options. Some build fixups. 2000-07-30 Thomas Moestl * src/rc/SuSE/Makefile.am, src/rc/RedHat/Makefile.am, src/rc/Debian/Makefile.am, src/rc/Makefile.am, src/main.c, src/status.h, AUTHORS, INSTALL, Makefile.am, TODO, version: Many small fixups for 1.0.7. 2000-07-29 Thomas Moestl * src/rc/SuSE/Makefile.am, src/rc/RedHat/Makefile.am, src/rc/Debian/Makefile.am, src/rc/README, src/status.c, src/servers.c, Makefile.am, TODO, acconfig.h: Assorted fixes. * src/cache.c, src/hash.c, src/dns.h, src/dns_answer.c, src/dns_query.c, src/icmp.c, src/ipvers.h, src/servers.c, src/servers.h, src/status.c, src/status.h, src/Makefile.am, src/conf-lex.l.in, src/conf-parse.y, src/conff.c, src/conff.h, src/dns.c, AUTHORS, Makefile.am, THANKS: Big heap of updates and fixes. Incorporated build changes from Sourav K. Mandal and pcmcia SCHEME support by Stephan Boettcher. 2000-07-22 Thomas Moestl * src/rc/Debian/pdnsd: Applied a patch by Markus Mohr to his debian rc script, which I had broken in some way. 2000-07-21 Thomas Moestl * src/cache.c, src/main.c, src/status.c, src/status.h: Worked on the new status socket (pdnsd-ctl) option. * src/Makefile.am, version: Upped version, fixed Makefile.am * src/cache.c, src/hash.c, src/hash.h, src/cache.h, src/Makefile.am, src/conf-lex.l.in, src/conf-parse.y, src/conff.c, src/conff.h, src/dns.c, src/dns.h, src/dns_answer.c, src/dns_query.c, src/dns_query.h, src/helpers.c, src/helpers.h, src/ipvers.h, src/main.c, src/status.c, src/status.h, AUTHORS, Makefile.am, THANKS, acconfig.h: Updated AUTHORS and THANKS. Merged in patches by Sourav K. Mandal and Lyonel Vincent. 2000-07-20 Thomas Moestl * doc/pdnsd.conf: Added pdnsd.conf. Well... * src/dns_query.c, src/dns_query.h, doc/pdnsd.conf: Added some ommited files. * src/test/Makefile.am, src/test/if_up.c, src/test/is_local_addr.c, src/test/random.c, src/test/tping.c, src/rc/SuSE/Makefile.am, src/rc/SuSE/pdnsd, src/rc/RedHat/Makefile.am, src/rc/RedHat/pdnsd, src/rc/Debian/pdnsd, src/rc/Makefile.am, src/rc/README, src/Makefile.am, src/conf-lex.l.in, src/conf-parse.y, src/conff.c, src/conff.h, src/consts.h, src/dns.c, src/dns.h, src/dns_answer.c, src/dns_answer.h, src/error.c, src/error.h, src/helpers.c, src/helpers.h, src/icmp.c, src/icmp.h, src/ipvers.h, src/main.c, src/netdev.c, src/netdev.h, src/servers.c, src/servers.h, src/status.c, src/status.h, doc/pdnsd.conf.in, Makefile.am, acconfig.h, file-list.base.in, pdnsd.spec.in: Checked in the pdnsd files at their new locations. * doc/pdnsd.conf, Makefile, a-conf.sh, cache.c, cache.h, conf.l.templ, conf.y, conff.c, conff.h, config.h.templ, consts.h, dns.c, dns.h, dns_answer.c, dns_answer.h, dns_query.c, dns_query.h, error.c, error.h, exec-flex.sh, hash.c, hash.h, helpers.c, helpers.h, icmp.c, icmp.h, ipvers.h, main.c, netdev.c, netdev.h, pdnsd-redhat.spec.templ, pdnsd-suse.spec.templ, servers.c, servers.h, status.c, status.h, version: Removed the moved files. Will add the new ones soon. 2000-07-16 Thomas Moestl * TODO: New tasks in TODO. 2000-07-15 Thomas Moestl * TODO: Updated TODO: Autoconf support was contributed by Sourav K. Mandal * conff.h, dns_query.c, ipvers.h, cache.c: Fixed some minor bugs and a showstopper in cache.c that caused crashes in some situations. 2000-07-12 Thomas Moestl * dns_query.c, error.c, error.h, main.c: Made pdnsd ignore SIGPIPE, which seemed to be responsible for some crashes. Accept (grudgingly) SOA rr's where NS ones would be The Right Thing. 2000-07-10 Thomas Moestl * AUTHORS, THANKS, conff.c: Updated AUTHORS, THANKS, and the fprintfs for the status pipe in conff.c * TODO, config.h.templ, dns.h, dns_answer.c, dns_query.c, dns_query.h, main.c, version: Added UDP queries and gave the user the choice between TCP and UDP queries (UDP is the default now). Made the TCP server optional. Fixed a authoritative record handling bug. Added pidfile support. 2000-07-07 Thomas Moestl * doc/pdnsd.conf: Inserted run_as="nobody"; again, it is The Right Thing and people should use it. * Makefile: The pdnsd cache directory is now created as nobody, since the default run_as in the example pdnsd.conf is also nobody. * doc/pdnsd.conf: Commented the run_as option out (people may run into permission problems). * version: Upped version to 1.0.5 * AUTHORS, THANKS, conf.l.templ, conf.y, conff.c, conff.h, dns_answer.c, icmp.c, icmp.h, main.c, version: Folded in the server_ip option code as contributed by Wolfgang Ocker and extended it to IPv6. Fixed a bug in IPv4 ping in IPv6 mode. 2000-07-06 Thomas Moestl * cache.c, dns_query.c: Killed a bug which could cause crashes with more than 2 servers. * cache.c: Fixed a bug reported by Bert Frederiks that would break the serve_aliases option when only one character was between official name and alias in the /etc/hosts-style file. 2000-07-04 Thomas Moestl * pdnsd-suse.spec.templ: The SuSE spec now uses the new makefile rule. * Makefile, THANKS, dns_query.c, helpers.c, version: Added people to THANKS, fixed a bug that caused uppercase hosts/ rr-section entries to be ignored in the cache, fixed the SuSE makefile for pdnsd to run_as nobody, and other small fixups. 2000-07-03 Thomas Moestl * dns_answer.c: First change after release of 1.0.4: The questions received are now properly written into the debug file when starting with -g -d. * config.h.templ, dns_query.c: Fixed a possible way to get around paranoid restrictions. * version: Set version to 1.0.4 * doc/pdnsd.conf: Added an entry for the paranoid option. * cache.c, config.h.templ, dns_answer.c, dns_query.c, ipvers.h: Revisions and fixups. The complete code revision is now complete. 2000-06-29 Thomas Moestl * dns_query.c: Overhaul. * dns_answer.c, dns_query.c, config.h.templ: Code overhault continued. dns_answer.c is finished. 2000-06-27 Thomas Moestl * conff.c, dns_answer.c, icmp.c, netdev.c, servers.c, status.c: Continued code overhaul. Fixed several bugs, and simplified some code. * conf.l.templ, conf.y, conff.c, ipvers.h, version: Fixups. 2000-06-26 Thomas Moestl * hash.c: Revised; fixed a minor bug. * cache.c: Overhauled. * dns_query.c, error.c, helpers.c, helpers.h, ipvers.h, main.c, version, dns.c: Manual code overhaul. Numerous small patches, greatly simplified decompress_name(). 2000-06-25 Thomas Moestl * config.h.templ: Made the C random() RNG the default (using /dev/urandom, we suck up too much randomness on high load). * error.c, error.h, icmp.c, icmp.h, main.c: Small cleanups. Makes the testsuite compilation easier. * Makefile, config.h.templ: Preparing for release of 1.0.4. 2000-06-24 Thomas Moestl * Makefile, THANKS, a-conf.sh, dns_answer.c, dns_query.c, error.c, version: Fixed bugs with the paranoid option, connect() timeout handling, and a incompatability in response handling that caused the glibc resolver to misunderstand error messages pdnsd generated on unknown query types. This bug, that was reported by James MacLean, could for example cause ssh to hang some time. * Makefile, NEWS, conf.l.templ, conf.y, conff.c, conff.h, config.h.templ, dns.c, dns_query.c, dns_query.h, helpers.c, helpers.h, icmp.c, icmp.h, main.c: Added the paranoid option, and modified the ping uptest so that it works with strict_setuid. Also made strict_setuid=on the default. 1.0.4 should be out soon. 2000-06-23 Thomas Moestl * doc/pdnsd.conf: Added a run_as= line, which is sensible normally. * Makefile, conf.l.templ, conf.y, conff.c, conff.h, dns_answer.c, dns_answer.h, helpers.c, helpers.h, main.c, servers.c, status.c, version: Some fixups, added the run_as and strict_setuid security options. * THANKS: Updated. * AUTHORS, ipvers.h, main.c, netdev.c, version: Fixed some definitions for glibc2.0-users. Repaced the return at the end of main() with _exit(). Should not build and run OK on glibc 2.0 boxen. Fixed a typo in netdev.c * ipvers.h: Fixed a typo in ipvers.h to fix compile problems on systems without an IPv6-supporting C library, and possible IPv6 problems using the status pipe. * error.c, version: Fixed a bug that could cause signals to be delivered to the wrong process. 2000-06-22 Thomas Moestl * version: Set version to 1.0.1. * cache.c, dns_answer.c, error.c, error.h, main.c, pdnsd-suse.spec.templ: Fixed misc issues reported by Jonathan Hudson and Joachim Dorner, one of them a real showstopper in cache.c. * Makefile, NEWS, README, cache.h, config.h.templ, version: Updated things for 1.0.0 and released it finally. * AUTHORS, THANKS: Updated THANKS and AUTHORS * NEWS, a-conf.sh, cache.c, conf.l.templ, conf.y, conff.c, conff.h, dns_answer.c, dns_query.c, error.c, error.h, main.c, servers.c, status.c: Fixed a-conf.sh and cleaned up signal handling as far as it can be done ;-). Added the max_ttl option. 2000-06-21 Thomas Moestl * dns_answer.c, error.c, error.h, main.c, servers.c, status.c: More signal fixes. This is a real pain with LinuxThreads. * NEWS, cache.c, dns_answer.c, error.c, error.h, helpers.c, helpers.h, main.c, servers.c, status.c, version: Fixups for signal handling. This is more than only a little tricky using the linuxthreads library. This hopefully fixes the deadlocks we had on signals. 2000-06-13 Thomas Moestl * AUTHORS, THANKS: Updated credits. * a-conf.sh: A primitive configure-like script intended as drop-in replacement until autoconf support finally comes. * .cvsignore, Makefile, cache.c, dns_query.c, ipvers.h, servers.c, version: Added a primitive configuration script as drop-in. Killed some bugs and changed the recently added linkdown_kluge option following suggestions from Daniel Smolik. 2000-06-12 Thomas Moestl * dns_query.h, exec-flex.sh, Makefile, cache.c, conf.l.templ, conf.y, conff.c, conff.h, config.h.templ, dns_query.c: Numerous cleanups and fixes. Implemented the linkdown_kluge option as proposed by Daniel Smolik. Hope to get ready for 1.0.0 know. 2000-06-10 Thomas Moestl * Makefile, NEWS, TODO, dns_answer.c: Modified some stuff in dns_answer.c (if no nameserver for a knot in the dns namespace is found now, its predecessors are tried now in order to return accurate authority results). This will be paid with a little more beta time, so the Makefile has developer switches again. Corrected NEWS and TODO. * Makefile, config.h.templ, dns_answer.c, dns_query.c, dns_query.h, hash.h, helpers.c, version: Removed some dead code, fixed some really minor bugs. Version is up to 1.0.0p7, which is hopefully the last beta. * Makefile, config.h.templ: Fixed things up for the 1.0.0 distribution version 2000-06-06 Thomas Moestl * Makefile, config.h.templ, icmp.c, netdev.c: Some minor comment fixes. * Makefile, TODO, main.c, version: BSD fix in Makefile and help update. It is now called 1.0.0p6. TODO was updated to reflect the project status. * dns_answer.c: BSD & misc fixes. pdnsd runs now nicely on my FreeBSD 4.0 box. * dns_answer.c, ipvers.h: Fixed IPv6 UDP dest address recovery. Also fixed a real stupid bug in ipvers.h. * cache.h, dns_query.c, error.h: Added DEBUG_MSG6 macros. Cleaned up requery handling. * dns.c, dns_answer.c, dns_query.c, dns_query.h: Fixed another heap of bugs, introduced some sanity checks, no requery on answers that have ra not set now. 2000-06-05 Thomas Moestl * cache.c: Fixed write_disk_cache. * cache.c, cache.h: Fixes for rr handling. 2000-06-04 Thomas Moestl * cache.c, dns_answer.c, dns_query.c: Fixes again: some missing checks for rrset existence added. * cache.c, dns_answer.c, helpers.c, icmp.c: Fixes for the new/modified code and its side effects on old code ;-) * ChangeLog.old, NEWS, cache.c, conf.l.templ, conf.y, conff.c, config.h.templ, dns.c, dns_answer.c, dns_query.c, error.c, hash.c, helpers.c, icmp.c, main.c, netdev.c, servers.c, status.c: Folded the ChangeLog and NEWS of the 0.9.x tree back in and added NEWS for the upcoming 1.0.0 release. Some compile fixes. Reorganized config.h.templ. Made the inclusion of the rcsid strings into the executable optional. * cache.c, dns_answer.c: Pile of fixes on recently added/modified code. 2000-06-03 Thomas Moestl * .cvsignore, Makefile, lex.inc.h: lex.inc.h should not be in CVS (it is automatically generated by exec-flex.sh). It should also be deleted by 'make mclean'. * TODO, cache.c, dns_answer.c, dns_query.c, lex.inc.h: rfc2181 conformance should be reached by now. Updated TODO. Bugfixing remains. * doc/html/.cvsignore, doc/html/dl.html, doc/html/doc.html, doc/html/faq.html, doc/html/index.html: Removed the html documentation from CVS. It is maintained separately. * doc/pdnsd.conf: Added CVS/RCS $Id$ tag. * cache.h, conf.l.templ, conf.y, conff.c, conff.h, config.h.templ, consts.h, dns.c, dns.h, dns_answer.c, dns_answer.h, dns_query.c, dns_query.h, error.c, error.h, exec-flex.sh, hash.c, hash.h, helpers.c, helpers.h, icmp.c, icmp.h, ipvers.h, main.c, netdev.c, netdev.h, pdnsd-redhat.spec.templ, pdnsd-suse.spec.templ, servers.c, servers.h, status.c, status.h, version, AUTHORS, INSTALL, Makefile, NEWS, README, THANKS, TODO, cache.c: Added CVS/RCS $Id$ tags to most files, did some cleanups, introduced the new rrset granularity caching. The new code is still much of beta, use with care. 2000-06-01 Thomas Moestl * Makefile, cache.c, hash.c, helpers.c, icmp.c, netdev.c: Yet another set of BSD fixes (test programs do now work for me under FreeBSD). Some other minor fixes. * Makefile, error.c, error.h, helpers.c, helpers.h: Transplanted kill_pdnsd from error.c to helpers.c in order to get the tests compiled without the thread library. 2000-05-31 Thomas Moestl * pdnsd: Ooops, executable got in. * Makefile, pdnsd: Added test suite programs. * icmp.c, netdev.c: All basic BSD patches have been folded in. pdnsd will now compile on FreeBSD with (hopefully) all features. * dns_answer.c, Makefile: Disabled udp targed address discovery for BSD builds (this sadly ist OS specific at least for IPv4. Must be rewritten under BSD as it is an RFC compatability issue under some circumstances) * cache.c, cache.h, conf.y, conff.c, conff.h, config.h.templ, dns_answer.c, helpers.c, icmp.c, ipvers.h, netdev.c, Makefile: BSD include & misc build fixes. More to follow... * Makefile, cache.h: BSD Fixes: Makefile should work with BSD make, sed command line, sorted out naming clash in cache.h * .cvsignore: Added ChangeLog to .cvsignore * THANKS, conff.c: Fixed a bug reported by Jonathan Hudson and added him to THANKS * ChangeLog.old: Added the pre-CVS ChangeLog. * .cvsignore, AUTHORS, COPYING, INSTALL, Makefile, NEWS, README, THANKS, TODO, cache.c, cache.h, conf.l.templ, conf.y, conff.c, conff.h, config.h.templ, consts.h, dns.c, dns.h, dns_answer.c, dns_answer.h, dns_query.c, dns_query.h, doc/.cvsignore, doc/html/dl.html, doc/html/doc.html, doc/html/faq.html, doc/html/index.html, doc/pdnsd.conf, doc/txt/.cvsignore, error.c, error.h, exec-flex.sh, hash.c, hash.h, helpers.c, helpers.h, icmp.c, icmp.h, ipvers.h, lex.inc.h, main.c, netdev.c, netdev.h, pdnsd-redhat.spec.templ, pdnsd-suse.spec.templ, servers.c, servers.h, status.c, status.h, version: Initial import of pdnsd-1.0.0p3 source tree into CVS. * .cvsignore, AUTHORS, COPYING, INSTALL, Makefile, NEWS, README, THANKS, TODO, cache.c, cache.h, conf.l.templ, conf.y, conff.c, conff.h, config.h.templ, consts.h, dns.c, dns.h, dns_answer.c, dns_answer.h, dns_query.c, dns_query.h, doc/.cvsignore, doc/html/dl.html, doc/html/doc.html, doc/html/faq.html, doc/html/index.html, doc/pdnsd.conf, doc/txt/.cvsignore, error.c, error.h, exec-flex.sh, hash.c, hash.h, helpers.c, helpers.h, icmp.c, icmp.h, ipvers.h, lex.inc.h, main.c, netdev.c, netdev.h, pdnsd-redhat.spec.templ, pdnsd-suse.spec.templ, servers.c, servers.h, status.c, status.h, version: New file.