with yes being the default. These control searching in the cache and
other zones we are authorative for. This is mostly for gdib, but
may be useful elsewhere.
The config changes are renaming from glue-from-* to additional-from-*,
since this also prevents DNAME, CNAME, NS, MX, etc. additional data
from being followed.
query still doesn't completely work, since the resolver needs to be modified
also. Basically, if data is in the cache and trust == pending, it will now
be returned when the cd bit is set.
DNS_R_DELEGATION, don't use the domain & ns set found by dns_db_find().
This means that a recursive server will not immediately ask the child zone
for a key set at the apex; the resolver will determine who to ask.
algorithm to more closely follow RFC1035, so that root servers will
provide a more complete set of name server glue addresses in ccTLD
referral responses.
For non-referral responses, the server no longer uses glue as
additional data.
For referral responses, the servers now looks for glue A/AAAA/A6 RRs
in the zone where the NS RRs reside, even in the case where this is
different from the zone where the A/AAAA/A6 RRs would have resided had
they been authoritative data.
A6 chains included as additional info may not yet fully follow these
rules.
cast to dns_rdatatype_t via macros of their same name
so that they are of the proper integral type wherever
a dns_rdatatype_t is needed.
(And a few prototypes that I recently bogusly changed to take "int" parameters
in place of "dns_rdatatype_t" to accomodate the type of an enum identifier
have been reverted to again properly take a dns_rdatatype_t.)
Mostly, several functions that take pointers as arguments, almost
always char * pointers, had those pointers qualified with "const".
Those that returned pointers to previously const-qualified arguments
had their return values qualified as const. Some structure members
were qualified as const to retain that attribute from the variables
from which they were assigned.
Minor other ISC style cleanups.
allow-query ACL, subsequent accesses to the same zone were denied because
dbversion->queryok was not being set. This caused mandatory glue to be
omitted from referral responses, ultimately causing lookups to fail if all
authoritative servers for the parent zone were running bind9.
Cleanup of redundant/useless header file inclusion.
ISC style lint, primarily for function declarations and standalone
comments -- ie, those that appear on a line without any code, which
should be written as follows:
/*
* This is a comment.
*/
Added:
isc_buffer_base(b) (pointer)
isc_buffer_current(b) (pointer)
isc_buffer_active(b) (pointer)
isc_buffer_used(b) (pointer)
isc_buffer_length(b) (int)
isc_buffer_usedlength(b) (int)
isc_buffer_consumedlength(b) (int)
isc_buffer_remaininglength(b) (int)
isc_buffer_activelength(b) (int)
isc_buffer_availablelength(b) (int)
Removed:
ISC_BUFFER_USEDCOUNT(b)
ISC_BUFFER_AVAILABLECOUNT(b)
isc_buffer_type(b)
Changed names:
isc_buffer_used(b, r) ->
isc_buffer_usedregion(b, r)
isc_buffer_available(b, r) ->
isc_buffer_available_region(b, r)
isc_buffer_consumed(b, r) ->
isc_buffer_consumedregion(b, r)
isc_buffer_active(b, r) ->
isc_buffer_activeregion(b, r)
isc_buffer_remaining(b, r) ->
isc_buffer_remainingregion(b, r)
Buffer types were removed, so the ISC_BUFFERTYPE_*
macros are no more, and the type argument to
isc_buffer_init and isc_buffer_allocate were removed.
isc_buffer_putstr is now void (instead of isc_result_t)
and requires that the caller ensure that there
is enough available buffer space for the string.
authoritative for both, the delegatee is nonsecure, and the query
name is at the top of the delegatee zone.
Apply allow-query ACL checks to all response data.
and moved it to bin/named/client.c to reflect the fact that it
implemented BIND ACL policy more than general-purpose library
functionality; resolve ACL defaults at configuration time
rather than when the ACL is evaluated
