--- /dev/null
+# ChangeLog for net-dns/djbdns
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-dns/djbdns/ChangeLog,v 1.120 2011/03/01 20:24:57 idl0r Exp $
+
+ 01 Mar 2011; Christian Ruppert <idl0r@gentoo.org> -files/fwdzone-fix.patch:
+ Remove unused patch
+
+ 29 Jan 2011; Thilo Bangert <bangert@gentoo.org> djbdns-1.05-r23.ebuild:
+ dep on virtual/daemontools
+
+ 20 Jul 2010; Michael Sterrett <mr_bones_@gentoo.org>
+ -djbdns-1.05-r17.ebuild, -djbdns-1.05-r19.ebuild, -djbdns-1.05-r21.ebuild,
+ -djbdns-1.05-r22.ebuild:
+ clean old cruft
+
+ 23 Mar 2009; Jeroen Roovers <jer@gentoo.org> djbdns-1.05-r23.ebuild:
+ Stable for HPPA (bug #260975).
+
+ 22 Mar 2009; Friedrich Oslage <bluebird@gentoo.org>
+ djbdns-1.05-r23.ebuild:
+ Stable on sparc, bug #260975
+
+ 22 Mar 2009; Tobias Klausmann <klausman@gentoo.org>
+ djbdns-1.05-r23.ebuild:
+ Stable on alpha, bug #260975
+
+ 20 Mar 2009; Markus Meier <maekke@gentoo.org> djbdns-1.05-r23.ebuild:
+ amd64/x86 stable, bug #260975
+
+ 20 Mar 2009; Brent Baude <ranger@gentoo.org> djbdns-1.05-r23.ebuild:
+ Marking djbdns-1.05-r23 ppc64 and ppc for bug 260975
+
+ 20 Mar 2009; Gordon Malm <gengor@gentoo.org> djbdns-1.05-r23.ebuild:
+ Avoid applying CVE2009-0858 patch twice.
+
+*djbdns-1.05-r23 (19 Mar 2009)
+
+ 19 Mar 2009; Gordon Malm <gengor@gentoo.org>
+ +files/CVE2009-0858_0001-check-response-domain-name-length.patch,
+ +files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6.patc
+ h, +files/CVE2008-4392_0002-dnscache-cache-soa-records-ipv6.patch,
+ +djbdns-1.05-r23.ebuild:
+ Fix bug #260975. Fix bug #260014 when USE="ipv6".
+
+ 18 Mar 2009; Brent Baude <ranger@gentoo.org> djbdns-1.05-r22.ebuild:
+ Marking djbdns-1.05-r22 ppc for bug 260014
+
+ 15 Mar 2009; Markus Meier <maekke@gentoo.org> djbdns-1.05-r22.ebuild:
+ amd64/x86 stable, bug #260014
+
+ 12 Mar 2009; Jeroen Roovers <jer@gentoo.org> djbdns-1.05-r22.ebuild:
+ Stable for HPPA (bug #260014). Fixed newbin djbdns-setup (bug #260014
+ comment #8).
+
+ 11 Mar 2009; Tobias Klausmann <klausman@gentoo.org>
+ djbdns-1.05-r22.ebuild:
+ Stable on alpha, bug #260014
+
+ 11 Mar 2009; Brent Baude <ranger@gentoo.org> djbdns-1.05-r22.ebuild:
+ Marking djbdns-1.05-r22 ppc64 for bug 260014
+
+ 08 Mar 2009; René Nussbaumer <killerfox@gentoo.org>
+ djbdns-1.05-r22.ebuild:
+ Fix patch order
+
+ 08 Mar 2009; Tobias Klausmann <klausman@gentoo.org>
+ djbdns-1.05-r22.ebuild:
+ Broken patch, going back to ~alpha.
+
+ 08 Mar 2009; Tobias Klausmann <klausman@gentoo.org>
+ djbdns-1.05-r22.ebuild:
+ Stable on alpha, bug #260014
+
+*djbdns-1.05-r22 (01 Mar 2009)
+
+ 01 Mar 2009; René Nussbaumer <killerfox@gentoo.org>
+ +files/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries.patch,
+ +files/CVE2008-4392_0002-dnscache-cache-soa-records.patch,
+ +djbdns-1.05-r22.ebuild:
+ Fix CVE2008-4392
+
+ 17 Nov 2008; Diego E. Pettenò <flameeyes@gentoo.org>
+ files/headtail.patch:
+ Fix patch with absolute paths.
+
+ 17 Aug 2008; Doug Goldstein <cardoe@gentoo.org> metadata.xml:
+ add GLEP 56 USE flag desc from use.local.desc
+
+ 13 May 2008; Jeroen Roovers <jer@gentoo.org> djbdns-1.05-r21.ebuild:
+ Stable for HPPA (LuckyLuke).
+
+ 29 Feb 2008; Raúl Porcel <armin76@gentoo.org> djbdns-1.05-r21.ebuild:
+ sparc stable
+
+ 31 Jan 2008; René Nussbaumer <killerfox@gentoo.org> metadata.xml:
+ Taking over maintainership
+
+ 31 Jan 2008; Michael Hanselmann <hansmi@gentoo.org> metadata.xml:
+ Remove myself as maintainer.
+
+ 04 Jan 2008; Hanno Boeck <hanno@gentoo.org> djbdns-1.05-r17.ebuild,
+ djbdns-1.05-r19.ebuild, djbdns-1.05-r21.ebuild:
+ Change license to public domain (http://cr.yp.to/distributors.html) and fix
+ some unquoted vars.
+
+ 15 Oct 2007; Markus Rothe <corsair@gentoo.org> djbdns-1.05-r21.ebuild:
+ Stable on ppc64
+
+ 13 Aug 2007; Tobias Scherbaum <dertobi123@gentoo.org>
+ djbdns-1.05-r21.ebuild:
+ ppc. stable
+
+ 26 Jul 2007; Raúl Porcel <armin76@gentoo.org> djbdns-1.05-r21.ebuild:
+ alpha/x86 stable
+
+ 06 May 2007; Marius Mauch <genone@gentoo.org> djbdns-1.05-r17.ebuild,
+ djbdns-1.05-r19.ebuild, djbdns-1.05-r21.ebuild:
+ Replacing einfo with elog
+
+ 28 Jan 2007; Michael Hanselmann <hansmi@gentoo.org>
+ djbdns-1.05-r21.ebuild:
+ Don't patch non-IPv6 version of unpacked source.
+
+*djbdns-1.05-r21 (23 Jan 2007)
+
+ 23 Jan 2007; Michael Hanselmann <hansmi@gentoo.org>
+ -djbdns-1.05-r20.ebuild, +djbdns-1.05-r21.ebuild:
+ Fix bug #163398.
+
+*djbdns-1.05-r20 (16 Jan 2007)
+
+ 16 Jan 2007; Michael Hanselmann <hansmi@gentoo.org>
+ +djbdns-1.05-r20.ebuild:
+ Drop several patches patches, DJBDNS_PATCH_DIR can be used instead. General
+ cleanup.
+
+ 03 Dec 2006; Markus Rothe <corsair@gentoo.org> djbdns-1.05-r19.ebuild:
+ Stable on ppc64
+
+ 19 Nov 2006; Michael Hanselmann <hansmi@gentoo.org>
+ djbdns-1.05-r19.ebuild:
+ Stable on hppa, ppc, sparc, x86.
+
+ 13 Oct 2006; Michael Hanselmann <hansmi@gentoo.org>
+ -djbdns-1.05-r18.ebuild:
+ Remove old ebuild
+
+*djbdns-1.05-r19 (30 Sep 2006)
+
+ 29 Sep 2006; Michael Hanselmann <hansmi@gentoo.org>
+ +djbdns-1.05-r19.ebuild:
+ Add fwdonly patch (bug 148326) and fix user creation (bug 148225).
+
+*djbdns-1.05-r18 (30 Aug 2006)
+
+ 30 Aug 2006; Michael Hanselmann <hansmi@gentoo.org>
+ +djbdns-1.05-r18.ebuild:
+ Add quoting to variables, add support for DJBDNS_PATCH_DIR.
+
+ 30 Jun 2006; Robin H. Johnson <robbat2@gentoo.org> djbdns-1.05-r17.ebuild:
+ Clean up unpack/patch process.
+
+ 30 Apr 2006; Michael Hanselmann <hansmi@gentoo.org>
+ -djbdns-1.05-r14.ebuild, -djbdns-1.05-r16.ebuild:
+ Removed old ebuilds.
+
+ 29 Apr 2006; <tcort@gentoo.org> djbdns-1.05-r17.ebuild:
+ Stable on alpha and amd64 wrt Bug #131487.
+
+ 29 Apr 2006; Michael Hanselmann <hansmi@gentoo.org>
+ djbdns-1.05-r17.ebuild:
+ Stable on mips.
+
+ 27 Apr 2006; Alec Warner <antarus@gentoo.org> Manifest:
+ Fixing SHA256 digest, pass four
+
+ 27 Apr 2006; Brent Baude <ranger@gentoo.org> djbdns-1.05-r17.ebuild:
+ Marking djbdns-1.05-r17 ppc64 stable per hansmi and bug 131487
+
+ 27 Apr 2006; Michael Hanselmann <hansmi@gentoo.org>
+ djbdns-1.05-r17.ebuild:
+ Stable on hppa, ppc, sparc, x86.
+
+ 26 Apr 2006; Michael Hanselmann <hansmi@gentoo.org>
+ +files/dnstracesort.patch, djbdns-1.05-r17.ebuild:
+ Minor patch to fix the call syntax of "sort", bug 131355.
+
+ 30 Mar 2006; Michael Hanselmann <hansmi@gentoo.org>
+ -djbdns-1.05-r15.ebuild:
+ Removed old ebuild.
+
+ 25 Mar 2006; Sven Wegener <swegener@gentoo.org> djbdns-1.05-r17.ebuild:
+ Don't modify MAKEOPTS, pass -j1 directly.
+
+ 12 Mar 2006; Michael Hanselmann <hansmi@gentoo.org>
+ djbdns-1.05-r17.ebuild:
+ Fixed LDFLAGS, gcc settings and more. See bug 125925.
+
+ 20 Feb 2006; Markus Rothe <corsair@gentoo.org> djbdns-1.05-r16.ebuild:
+ Stable on ppc64
+
+ 06 Feb 2006; Aron Griffis <agriffis@gentoo.org> djbdns-1.05-r16.ebuild:
+ Mark 1.05-r16 stable on alpha
+
+*djbdns-1.05-r17 (21 Jan 2006)
+
+ 21 Jan 2006; Michael Hanselmann <hansmi@gentoo.org>
+ +files/djbdns-setup-r17, metadata.xml, djbdns-1.05-r16.ebuild,
+ +djbdns-1.05-r17.ebuild:
+ Added patches for multiple data files (multidata, datadir), replaced useq
+ with use, updated djbdns-setup (bug 118371). Stable on hppa, mips, ppc,
+ sparc. Put myself as maintainer.
+
+ 31 Dec 2005; Diego Pettenò <flameeyes@gentoo.org> djbdns-1.05-r14.ebuild:
+ Change /bin/false to -1 in enewuser call.
+
+ 05 Nov 2005; Diego Pettenò <flameeyes@gentoo.org> metadata.xml:
+ Give up maintainership of this, I don't use it anymore.
+
+*djbdns-1.05-r16 (09 Sep 2005)
+
+ 09 Sep 2005; Diego Pettenò <flameeyes@gentoo.org>
+ +djbdns-1.05-r16.ebuild:
+ Updated ipv6 patch to test23.
+
+ 07 Aug 2005; Michael Hanselmann <hansmi@gentoo.org>
+ djbdns-1.05-r14.ebuild:
+ Stable on ppc.
+
+ 28 Jul 2005; Seemant Kulleen <seemant@gentoo.org> -djbdns-1.05-r3.ebuild,
+ -djbdns-1.05-r7.ebuild, -djbdns-1.05-r8.ebuild, -djbdns-1.05-r9.ebuild,
+ -djbdns-1.05-r10.ebuild, -djbdns-1.05-r11.ebuild, -djbdns-1.05-r12.ebuild,
+ -djbdns-1.05-r13.ebuild:
+ remove cruft ebuilds
+
+*djbdns-1.05-r15 (21 Jun 2005)
+
+ 21 Jun 2005; Diego Pettenò <flameeyes@gentoo.org> metadata.xml,
+ +djbdns-1.05-r15.ebuild:
+ Updated to patch test22 from fefe for IPv6 support, thanks to Kalin
+ Kozhuharov in bug #96660.
+
+ 18 Jun 2005; Jason Wever <weeve@gentoo.org> djbdns-1.05-r14.ebuild:
+ Stable on SPARC.
+
+ 17 May 2005; Jan Brinkmann <luckyduck@gentoo.org> djbdns-1.05-r14.ebuild:
+ stable on amd64
+
+ 13 May 2005; Bryan Østergaard <kloeri@gentoo.org> djbdns-1.05-r14.ebuild:
+ Stable on alpha.
+
+ 11 May 2005; Aaron Walker <ka0ttic@gentoo.org> djbdns-1.05-r14.ebuild:
+ Stable on x86 for bug 90782.
+
+ 06 May 2005; Michael Hanselmann <hansmi@gentoo.org>
+ djbdns-1.05-r14.ebuild:
+ Added to ~ppc.
+
+ 13 Apr 2005; Aaron Walker <ka0ttic@gentoo.org> djbdns-1.05-r14.ebuild:
+ Use enewuser instead of useradd. Thanks to Diego in bug 84689.
+
+ 20 Mar 2005; Michael Hanselmann <hansmi@gentoo.org>
+ djbdns-1.05-r14.ebuild:
+ Added to ~hppa.
+
+ 03 Mar 2005; Ciaran McCreesh <ciaranm@gentoo.org> djbdns-1.05-r14.ebuild:
+ Dependency update: sys-apps/daemontools -> sys-process/daemontools.
+
+ 03 Mar 2005; Ciaran McCreesh <ciaranm@gentoo.org> djbdns-1.05-r9.ebuild:
+ Dependency update: sys-apps/daemontools -> sys-process/daemontools.
+
+ 03 Mar 2005; Ciaran McCreesh <ciaranm@gentoo.org> djbdns-1.05-r11.ebuild:
+ Dependency update: sys-apps/daemontools -> sys-process/daemontools.
+
+ 03 Mar 2005; Ciaran McCreesh <ciaranm@gentoo.org> djbdns-1.05-r12.ebuild:
+ Dependency update: sys-apps/daemontools -> sys-process/daemontools.
+
+ 03 Mar 2005; Ciaran McCreesh <ciaranm@gentoo.org> djbdns-1.05-r13.ebuild:
+ Dependency update: sys-apps/daemontools -> sys-process/daemontools.
+
+ 03 Mar 2005; Ciaran McCreesh <ciaranm@gentoo.org> djbdns-1.05-r10.ebuild:
+ Dependency update: sys-apps/daemontools -> sys-process/daemontools.
+
+ 03 Mar 2005; Ciaran McCreesh <ciaranm@gentoo.org> djbdns-1.05-r8.ebuild:
+ Dependency update: sys-apps/daemontools -> sys-process/daemontools.
+
+ 03 Mar 2005; Ciaran McCreesh <ciaranm@gentoo.org> djbdns-1.05-r7.ebuild:
+ Dependency update: sys-apps/daemontools -> sys-process/daemontools.
+
+ 03 Mar 2005; Ciaran McCreesh <ciaranm@gentoo.org> djbdns-1.05-r3.ebuild:
+ Dependency update: sys-apps/daemontools -> sys-process/daemontools.
+
+ 06 Feb 2005; Joshua Kinard <kumba@gentoo.org> djbdns-1.05-r14.ebuild:
+ Marked stable on mips.
+
+ 26 Jan 2005; petre rodan <kaiowas@gentoo.org> djbdns-1.05-r10.ebuild,
+ djbdns-1.05-r11.ebuild, djbdns-1.05-r12.ebuild, djbdns-1.05-r13.ebuild,
+ djbdns-1.05-r14.ebuild, djbdns-1.05-r3.ebuild, djbdns-1.05-r7.ebuild,
+ djbdns-1.05-r8.ebuild, djbdns-1.05-r9.ebuild:
+ added selinux RDEPEND
+
+ 09 Jan 2005; Sven Wegener <swegener@gentoo.org> djbdns-1.05-r3.ebuild:
+ Added missing parentheses in SRC_URI/*DEPEND/LICENSE.
+
+ 24 Nov 2004; Sven Wegener <swegener@gentoo.org> :
+ Added a lot of missing digest entries.
+
+*djbdns-1.05-r14 (01 Nov 2004)
+
+ 01 Nov 2004; Bryan Østergaard <kloeri@gentoo.org> djbdns-1.05-r14.ebuild:
+ ~alpha keyword.
+
+ 07 Oct 2004; Jared Hudson <jhhudso@gentoo.org> : In reponse to bug #66645,
+ I have updated the patch for dnsroots to include the 2nd root server IP
+ change that ICANN has made since djbdns-1.05's original release.
+
+ 05 Oct 2004; Jason Wever <weeve@gentoo.org> djbdns-1.05-r13.ebuild:
+ Added ~sparc keyword.
+
+ 18 Sep 2004; Jason Wever <weeve@gentoo.org> djbdns-1.05-r12.ebuild:
+ Stable on sparc.
+
+ 04 Sep 2004; Michael Hanselmann <hansmi@gentoo.org> :
+ Fixed digests for 1.05-r12 and 1.05-r13.
+
+ 29 Aug 2004; Tom Gall <tgall@gentoo.org> djbdns-1.05-r13.ebuild:
+ stable on ppc64, bug #61744
+
+ 23 Aug 2003; Jared Hudson <jhhudso@gentoo.org> : Fixed adduser bug in
+ tinydns-setup (was adding dnscache user when it should have beeb adding
+ tinydns user) Thanks to Ng, Wey-Han <weyhann@yahoo.com> under bug #57214
+ for the tip.
+
+ 22 Aug 2004; Jason Wever <weeve@gentoo.org> djbdns-1.05-r12.ebuild:
+ Added ~sparc keyword.
+
+ 12 Aug 2004; Tom Martin <slarti@gentoo.org> djbdns-1.05-r13.ebuild:
+ Marked ~amd64, resolves bug 58273. Thanks to Rupert Eve
+ <rupert.a.eve@accenture.com> for reporting.
+
+ 01 Jul 2004; Jeremy Huddleston <eradicator@gentoo.org>
+ djbdns-1.05-r3.ebuild:
+ virtual/glibc -> virtual/libc
+
+*djbdns-1.05-r13 (23 Jun 2004)
+
+ 23 Jun 2004; Jared Hudson <jhhudso@gentoo.org> djbdns-1.05-r12.ebuild,
+ +djbdns-1.05-r13.ebuild:
+ Bumped ipv6 patch which now included ipv6arpa support. I also marked -r12 as
+ stable now. Thanks goes to Georgi Georgiev <chutz@gg3.net> under bug #53948
+ for the bump.
+
+ 09 Jun 2004; Aron Griffis <agriffis@gentoo.org> djbdns-1.05-r10.ebuild,
+ djbdns-1.05-r11.ebuild, djbdns-1.05-r3.ebuild, djbdns-1.05-r7.ebuild,
+ djbdns-1.05-r8.ebuild, djbdns-1.05-r9.ebuild:
+ Fix use invocation
+
+*djbdns-1.05-r12 (06 Jun 2004)
+
+ 06 Jun 2004; Danny van Dyk <kugelfang@gentoo.org> djbdns-1.05-r12.ebuild:
+ Marked ~amd64.
+
+*djbdns-1.05-12 (23 May 2004)
+
+ 23 May 2004; Jared Hudson <jhhudso@gentoo.org> : Added 4 new use flags: doc
+ (adds dependency for djbdns-man), aliaschain (enables a patch to change the
+ CNAME handling behavior of tinydns and axfrdns), semanticfix (enables a
+ patch to increase the semantic handling of tinydns-data), and cnamefix
+ (enables a patch to change the way dnscache handles CNAME records). For more
+ information on the latter 3 patches please visit:
+ http://homepages.tesco.net./~J.deBoynePollard/FGA/djbdns-problems.html
+ In addition, if you include ipv6 support via the ipv6 use flag dnstrace
+ will be compiled without ipv6 support now, since it was broken with it
+ before. Also, a new setup script has been added, called djbdns-setup. This
+ script can be used instead of dnscache-setup and tinydns-setup. This script
+ was added by Kalin KOZHUHAROV <kalin@ThinRope.net> under bug #50795.
+ Also, tinydns-setup is patched if the fwdzone useflag/patch is added
+ because this patch changes the behavior of tinydns and the old tinydns-setup
+ did not work properly with it. Other fixes and patch suggestions come from
+ bug #19375, 20880, 34446, and 49578. Thanks goes to Nick Palmer
+ <nicholas@slackers.net>, Thilo Bangert <fizzelpark-lists@gmx.net>,
+ Hannes Just <Hannes.Just@fh-stralsund.de>, and Georgi Georgiev
+ <chutz@gg3.net>
+
+*djbdns-1.05-r11 (02 May 2004)
+
+ 02 May 2004; Jared Hudson <jhhudso@gentoo.org> :
+ Added a patch and useflag to allow djbdns bind to multiple IPs per bug #48750
+ thanks to der Ritter <gentoo@candlefire.org>
+
+*djbdns-1.05-r10 (02 May 2004)
+
+ 02 May 2004; Jared Hudson <jhhudso@gentoo.org> :
+ Added ipv6arpa use flag and patch to enable ipv6 arpa support per bug
+ #49581 thanks to Georgi Georgiev <chutz@gg3.net>.
+
+*djbdns-1.05-r9 (09 Apr 2004)
+
+ 09 Apr 2004; Joshua Kinard <kumba@gentoo.org> djbdns-1.05-r9.ebuild:
+ Marked stable on mips.
+
+ 27 Mar 2004; Jared Hudson <jhhudso@gentoo.org> :
+ fwdzone and roundrobin local use flags added to enable their respective
+ patches. ipv6 will not work with roundrobin and fwdzone currently because the
+ only patch we have for that combines all three. The problem with this is that
+ fwdzone and roundrobin do not work together according to bug #31238. Due to this
+ we are now using the original ipv6 patch when applicable.
+
+ 16 Nov 2003; Markus Nigbur <pyrania@gentoo.org> djbdns-1.05-r8.ebuild,
+ files/headtail.patch:
+ Coreutils Fix. Thanks to Marc in #33625.
+
+ 07 Nov 2003; Ciaran McCreesh <ciaranm@gentoo.org> djbdns-1.05-r8.ebuild:
+ Moved to stable on sparc as -r3 has compile issues on sparc (thanks to
+ aCrackOtter in #gentoo-sparc)
+
+ 16 Aug 2003; Tavis Ormandy <taviso@gentoo.org> djbdns-1.05-r8.ebuild:
+ Stable on alpha
+
+ 24 May 2003; Jared Hudson <jhhudso@gentoo.org> : Added MAKEOPTS="-j1" to
+ all djbdns ebuilds due to SMP compile problems when -j set higher than 1
+ Bug ID: #18291
+
+*djbdns-1.05-r8 (9 May 2003)
+
+ 09 May 2003; Guy Martin <gmsoft@gentoo.org> :
+ Added installation of dnsip6 and dnsip6q. Fix #20690.
+
+*djbdns-1.05-r7 (26 Feb 2003)
+
+ 26 Feb 2003; Mike Frysinger <vapier@gentoo.org> :
+ errno fix for #16396 (#16267).
+
+*djbdns-1.05-r6 (12 Feb 2003)
+
+ 18 Feb 2003; <seemant@gentoo.org> djbdns-1.05-r6.ebuild files/digest-djbdns-1.05-r6 :
+ regenerated the ipv6 patch, thanks to Azarah in bug #15613
+
+ 13 Feb 2003; Seemant Kulleen <seemant@gentoo.org> djbdns-1.05-r6.ebuild files/digest-djbdns-1.05-r6 :
+ changed ipv6 patch to actually apply and also using eutils to perform the patch action
+
+ 12 Feb 2003; Arcady Genkin <agenkin@gentoo.org> :
+ Added the round-robin patch for dnscache.
+
+*djbdns-1.05-r5 (17 Nov 2002)
+
+ 04 Feb 2003; Joachim Blaabjerg <styx@gentoo.org> djbdns-1.05-r5.ebuild :
+
+ Bumped to stable x86, as it fixes ipv6. Fixes bug #8236 for stable users.
+
+ 02 Jan 2002; Martin Holzer <mholzer@gentoo.org> files/dnscache-setup :
+ Changed Line 130 FOWARDONLY into FORWARDONLY. Closes #13108.
+
+ 17 Nov 2002; Jared Hudson <jhhudso@gentoo.org> files/ipv6-fix.diff,
+ files/djbdns-1.05-fwd-ipv6.diff : Fixed Bug #8236 & 8236. Added static
+ keyword to ebuild and changed ipv6 patch to work with the forwarding patch
+ added in -r4.
+
+ 20 Oct 2002; Maik Schreiber <blizzy@gentoo.org> djbdns-1.05-r3.ebuild,
+ djbdns-1.05-r4.ebuild: Cleaned up ebuilds. Also removed removal of
+ djbdns users, since this can break your djbdns setup when updating.
+
+ 19 Oct 2002; Jared Hudson <jhhudso@gentoo.org> djbdns-1.05-r4.ebuild:
+ changed KEYWORDS to use ~arch for all supported architectures. This is to
+ last until after the freeze.
+
+*djbdns-1.05-r4 (18 Oct 2002)
+
+ 18 Oct 2002; Jared Hudson <jhhudso@gentoo.org>: Added a patch to enable
+ using dnscache to perform resolution or forwarding according to the query
+ zone. This was in response to bug #9154. Credit goes to Stefano Scipioni.
+
+ 10 Sep 2002; Daniel Robbins <drobbins@gentoo.org>: djbdns-1.05-r3: fixed unpack()
+ and made the ipv6 patch dependent upon the setting of the ipv6 USE variable. No
+ rev bump. This closes bug #7236.
+
+*djbdns-1.05-r3 (12 Jul 2002)
+
+ 12 Jul 2002; Grant Goodyear <g2boojum@gentoo.org> ChangeLog : Added ipv6
+ patch if ipv6 in USE; thanks to Sascha Silbe for pointing out this patch
+
+*djbdns-1.05-r2 (13 May 2002)
+
+ 12 May 2002; Thilo Bangert <bangert@gentoo.org> .ebuild :
+
+ added LICENSE, added setup scripts (by banger@gentoo.org and gontran@gontran.net)
+ removed old setup scripts
+
+ 7 May 2002; Thilo Bangert <bangert@gentoo.org> .ebuild :
+
+ added automatic creation of users
+
+
+*djbdns-1.05-r1 (1 Mar 2002)
+
+ 1 Mar 2002; Grant Goodyear <g2boojum@gentoo.org> ChangeLog :
+
+ Made ebuild a bit more modern and ditched init script since that's
+ what daemontools is for.
+
+*djbdns-1.05 (1 Feb 2002)
+
+ 1 Feb 2002; G.Bevin <gbevin@gentoo.org> ChangeLog :
+
+ Added initial ChangeLog which should be updated whenever the package is
+ updated in any way. This changelog is targetted to users. This means that the
+ comments should well explained and written in clean English. The details about
+ writing correct changelogs are explained in the skel.ChangeLog file which you
+ can find in the root directory of the portage repository.
--- /dev/null
+AUX 1.05-errno.patch 238 RMD160 b479d8c16dd8fe7206cba19125dd8866c2584301 SHA1 f23206f3ffc1a8aa6768fdb2ef588012c17eaa79 SHA256 40e01efac08e95bf87b46e2d86378b0a60c234c64080b7f42039178ac6de61af
+AUX CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6.patch 10049 RMD160 9154f495cfc5eebcb6617b8fa65ee0bea0cbbf80 SHA1 0461b199c048c6b94b659280d04a4f537cdb9c04 SHA256 56c7db6c5bed3200e1f6e4995018c96158085f2f7169c7b148c7c034ddff8111
+AUX CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries.patch 9914 RMD160 c416dd6575819cfd40ef0d306ccb14d34a5afc90 SHA1 8dd3ce7758d3a97cafbe6a60ea83f48e916f496d SHA256 b5e030e96ed98d96d36c39e3466e04d98d39c5f1c7e94254ea3da5e99381eed6
+AUX CVE2008-4392_0002-dnscache-cache-soa-records-ipv6.patch 3043 RMD160 71ec5a52edc8ba574214f1b05b38d8b9ee313b98 SHA1 c0190b0696f655822e46162489714e9b09b9e831 SHA256 0e6312ab8408d98bc3e6d1b1cddc36f51a5cd092db14bd3f84a8f47d08070c27
+AUX CVE2008-4392_0002-dnscache-cache-soa-records.patch 2944 RMD160 0b58e57bc11b36113c5fef73a64c869895f83889 SHA1 ac9b6a62c62588205cc4dc71da4e0ad6630f9635 SHA256 1cd7b848305646d3015d8f2817acdced65894b8ab6e9dacb02077acebc50841b
+AUX CVE2009-0858_0001-check-response-domain-name-length.patch 366 RMD160 c9a7ca8ab3e0359cd55caa0fd14ce3878d98c26c SHA1 c64bd006d5ff7ea416d6baeff062b94eebcb8c8d SHA256 8ca8bd81fa6fb17576f11de9e97a582f0c30d7f5c6e797defa41a98d33770e33
+AUX djbdns-setup 11152 RMD160 6de107a57748468996c2d7b5ed00641abf51d67e SHA1 dc9b478709699ce66b64f82f0f1fd1749af2f58a SHA256 f9cac2b3050ce0869afdb1f27af9690fd5fb4817acad1144d8b879233d979713
+AUX djbdns-setup-r17 10881 RMD160 eabdbfd226d6ee4172e55a62beed77bb68aa222c SHA1 f056a51a5f511c54b98536c238eff8c1fecb5755 SHA256 33c64d8341ea868e124e7fe0da6a8f9ba6fc799a79584e002a82c572921ed5e4
+AUX dnscache-setup 6007 RMD160 d5a29943ac29d84a8c83308a497721010ab017bc SHA1 764e3dbecca295c307589c3141fc24c3ff0bc5a5 SHA256 5a69f71468172e9e9636f1cb22e08718a084daa0f31953aae604539d66a2603e
+AUX dnsroots.patch 349 RMD160 c3be22070645e27a8c16e9f1dd268963b749c5f7 SHA1 f09404a752062956319b4ebb6d381588df467eba SHA256 99e8ef90a20f66fedf903aa13e3f5360010cf11c27c59dc53b967f02ffe06114
+AUX dnstracesort.patch 327 RMD160 aaa564aa9cb0dcad4ebb64121c82bf50fda64254 SHA1 cf8b7825d826bfd3f3314c848a8843c2a5a70ae3 SHA256 f1d83e1365f68571fa4e007d5219720f8d65eb3730040a087fceb0ce2d8806bf
+AUX headtail.patch 1780 RMD160 332af6647e08f3b792bd1b7821974f15041a6b58 SHA1 1b996c6cbe5df1c981f998d004d066ae344bfba8 SHA256 28ebe521132fe35559273b6542505ab4f0bb7b7ccb88585522e4cc2fe8376dd4
+AUX tinydns-setup 3206 RMD160 16679596e3902c8eda4c9605b0fef6e778cdee63 SHA1 e222c22f924882a3b2d496f7d8fbdf61eb4eb0e8 SHA256 73c0610f15e9bbec1998d10eafe4222277eb8cbaf0c58e802f998e9f7b25bbea
+DIST djbdns-1.05-test23.diff.bz2 18480 RMD160 33037f2a41abb49c305f3efec4402c6965c8b8b8 SHA1 34251597d211ff00791cb6546e8ef60d75ce5477 SHA256 e702f47b4a4c77fe5cec474a8219a072cfaaee07282650b7e0dd322ed82e8f33
+DIST djbdns-1.05.tar.gz 85648 RMD160 a832cbfd93e4ccec6a565492a4ee0b3c1b4b68ed SHA1 2efdb3a039d0c548f40936aa9cb30829e0ce8c3d SHA256 3ccd826a02f3cde39be088e1fc6aed9fd57756b8f970de5dc99fcd2d92536b48
+EBUILD djbdns-1.05-r23.ebuild 3684 RMD160 74a29155bc31f39a9b16d39c6711b585bef06601 SHA1 f5b2e17144d3c03a2845c9bc69eb6c1e5b8f830d SHA256 fe946870ccc68646c51783d040f5f985660764b53f71ab320df46f12a5c48cae
+MISC ChangeLog 19007 RMD160 b7c920db6183b8ccfc4682e63b8de6dff63a1516 SHA1 707954ec763701361798825514a098015d83e2a1 SHA256 36df2a604799554de616aa70b1e9a9e730f024b2b3681813836d21bc387d03be
+MISC metadata.xml 232 RMD160 854b06094287201d0b98f2b21d36054db25d81cd SHA1 cc4f98e9ee0102aea687d71cf3af924cf156edbb SHA256 21382e863647add08888c924279a4b931b2b90ccd0cf5e526ee74a3d5e1fd0df
--- /dev/null
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-dns/djbdns/djbdns-1.05-r23.ebuild,v 1.8 2011/01/29 23:36:52 bangert Exp $
+
+IUSE="doc ipv6 selinux static"
+
+inherit eutils flag-o-matic toolchain-funcs
+
+DESCRIPTION="Excellent high-performance DNS services"
+HOMEPAGE="http://cr.yp.to/djbdns.html"
+IPV6_PATCH="test23"
+
+SRC_URI="
+ http://cr.yp.to/djbdns/${P}.tar.gz
+ ipv6? ( http://www.fefe.de/dns/${P}-${IPV6_PATCH}.diff.bz2 )
+"
+
+SLOT="0"
+LICENSE="public-domain"
+KEYWORDS="alpha amd64 hppa ~mips ppc ppc64 sparc x86"
+
+RDEPEND="
+ virtual/daemontools
+ sys-apps/ucspi-tcp
+ doc? ( app-doc/djbdns-man )
+ selinux? ( sec-policy/selinux-djbdns )
+"
+
+src_unpack() {
+ unpack "${P}.tar.gz"
+ cd "${S}"
+
+ echo
+ elog 'Several patches have been dropped from this djbdns ebuild revision.'
+ elog 'Please use the DJBDNS_PATCH_DIR variable to specify a directory'
+ elog 'of custom patches.'
+ elog
+ elog 'Some of them can be found at http://tinydns.org/ or'
+ elog 'http://homepages.tesco.net/J.deBoynePollard/Softwares/djbdns/'
+ elog
+
+ epatch \
+ "${FILESDIR}/headtail.patch" \
+ "${FILESDIR}/dnsroots.patch" \
+ "${FILESDIR}/dnstracesort.patch"
+
+ # Fix CVE2009-0858
+ epatch "${FILESDIR}/CVE2009-0858_0001-check-response-domain-name-length.patch"
+
+ if use ipv6; then
+ elog "At present dnstrace does NOT support IPv6. It will"\
+ "be compiled without IPv6 support."
+ cp -pR "${S}" "${S}-noipv6"
+ # Careful -- >=test21 of the IPv6 patch includes the errno patch
+ epatch "${DISTDIR}/${P}-${IPV6_PATCH}.diff.bz2"
+
+ # Fix CVE2008-4392
+ epatch \
+ "${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries-ipv6.patch" \
+ "${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records-ipv6.patch"
+
+ cd "${S}-noipv6"
+ fi
+
+ # Fix CVE2008-4392
+ epatch \
+ "${FILESDIR}/CVE2008-4392_0001-dnscache-merge-similar-outgoing-queries.patch" \
+ "${FILESDIR}/CVE2008-4392_0002-dnscache-cache-soa-records.patch"
+
+ epatch "${FILESDIR}/${PV}-errno.patch"
+
+ if [[ -n "${DJBDNS_PATCH_DIR}" && -d "${DJBDNS_PATCH_DIR}" ]]
+ then
+ echo
+ ewarn "You enabled custom patches from ${DJBDNS_PATCH_DIR}."
+ ewarn "Be warned that you won't get any support when using "
+ ewarn "this feature. You're on your own from now!"
+ echo
+ ebeep
+ cd "${S}" && epatch "${DJBDNS_PATCH_DIR}/"*
+ fi
+}
+
+src_compile() {
+ use static && append-ldflags -static
+ echo "$(tc-getCC) ${CFLAGS}" > conf-cc
+ echo "$(tc-getCC) ${LDFLAGS}" > conf-ld
+ echo "/usr" > conf-home
+ emake -j1 || die "emake failed"
+
+ # If djbdns is compiled with IPv6 support, it breaks dnstrace.
+ # Therefore we must compile dnstrace separately without IPv6
+ # support.
+ if use ipv6; then
+ elog "Compiling dnstrace without ipv6 support"
+ cd "${S}-noipv6"
+ echo "$(tc-getCC) ${CFLAGS}" > conf-cc
+ echo "$(tc-getCC) ${LDFLAGS}" > conf-ld
+ echo "/usr" > conf-home
+ emake -j1 dnstrace || die "emake failed"
+ fi
+}
+
+src_install() {
+ insinto /etc
+ doins dnsroots.global
+
+ into /usr
+ dobin *-conf dnscache tinydns walldns rbldns pickdns axfrdns \
+ *-get *-data *-edit dnsip dnsipq dnsname dnstxt dnsmx \
+ dnsfilter random-ip dnsqr dnsq dnstrace dnstracesort
+
+ use ipv6 && dobin dnsip6 dnsip6q "${S}-noipv6/dnstrace"
+
+ dodoc CHANGES FILES README SYSDEPS TARGETS TODO VERSION
+
+ dobin "${FILESDIR}/dnscache-setup"
+ dobin "${FILESDIR}/tinydns-setup"
+ newbin "${FILESDIR}/djbdns-setup-r17" djbdns-setup
+}
+
+pkg_setup() {
+ # The nofiles group is provided by baselayout
+ enewuser dnscache -1 -1 -1 nofiles
+ enewuser dnslog -1 -1 -1 nofiles
+ enewuser tinydns -1 -1 -1 nofiles
+}
+
+pkg_postinst() {
+ elog "Use dnscache-setup & tinydns-setup or djbdns-setup to configure djbdns."
+}
--- /dev/null
+--- error.h 2001-02-11 15:11:45.000000000 -0600
++++ error.h 2003-02-26 02:10:21.000000000 -0600
+@@ -1,7 +1,7 @@
+ #ifndef ERROR_H
+ #define ERROR_H
+
+-extern int errno;
++#include <errno.h>
+
+ extern int error_intr;
+ extern int error_nomem;
--- /dev/null
+diff -urNp a/Makefile b/Makefile
+--- a/Makefile 2009-03-19 11:01:40.782348427 -0700
++++ b/Makefile 2009-03-19 11:05:27.659346849 -0700
+@@ -342,11 +342,11 @@ stralloc.h iopause.h taia.h tai.h uint64
+ ./compile dns_txt.c
+
+ dnscache: \
+-load dnscache.o droproot.o okclient.o log.o cache.o query.o \
++load dnscache.o droproot.o okclient.o log.o cache.o query.o qmerge.o \
+ response.o dd.o roots.o iopause.o prot.o dns.a env.a alloc.a buffer.a \
+ libtai.a unix.a byte.a socket.lib
+ ./load dnscache droproot.o okclient.o log.o cache.o \
+- query.o response.o dd.o roots.o iopause.o prot.o dns.a \
++ query.o qmerge.o response.o dd.o roots.o iopause.o prot.o dns.a \
+ env.a alloc.a buffer.a libtai.a unix.a byte.a `cat \
+ socket.lib`
+
+@@ -367,7 +367,7 @@ compile dnscache.c env.h exit.h scan.h s
+ uint16.h uint64.h socket.h uint16.h dns.h stralloc.h gen_alloc.h \
+ iopause.h taia.h tai.h uint64.h taia.h taia.h byte.h roots.h fmt.h \
+ iopause.h query.h dns.h uint32.h alloc.h response.h uint32.h cache.h \
+-uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h
++uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h maxclient.h
+ ./compile dnscache.c
+
+ dnsfilter: \
+@@ -745,11 +745,16 @@ qlog.o: \
+ compile qlog.c buffer.h qlog.h uint16.h
+ ./compile qlog.c
+
++qmerge.o: \
++compile qmerge.c qmerge.h dns.h stralloc.h gen_alloc.h iopause.h \
++taia.h tai.h uint64.h log.h maxclient.h
++ ./compile qmerge.c
++
+ query.o: \
+ compile query.c error.h roots.h log.h uint64.h case.h cache.h \
+ uint32.h uint64.h byte.h dns.h stralloc.h gen_alloc.h iopause.h \
+ taia.h tai.h uint64.h taia.h uint64.h uint32.h uint16.h dd.h alloc.h \
+-response.h uint32.h query.h dns.h uint32.h
++response.h uint32.h query.h dns.h uint32.h qmerge.h
+ ./compile query.c
+
+ random-ip: \
+diff -urNp a/dnscache.c b/dnscache.c
+--- a/dnscache.c 2009-03-19 11:01:40.786597556 -0700
++++ b/dnscache.c 2009-03-19 11:05:27.675225701 -0700
+@@ -23,6 +23,7 @@
+ #include "log.h"
+ #include "okclient.h"
+ #include "droproot.h"
++#include "maxclient.h"
+
+ long interface;
+
+@@ -59,7 +60,6 @@ uint64 numqueries = 0;
+
+ static int udp53;
+
+-#define MAXUDP 200
+ static struct udpclient {
+ struct query q;
+ struct taia start;
+@@ -136,7 +136,6 @@ void u_new(void)
+
+ static int tcp53;
+
+-#define MAXTCP 20
+ struct tcpclient {
+ struct query q;
+ struct taia start;
+diff -urNp a/log.c b/log.c
+--- a/log.c 2009-03-19 11:01:40.791597427 -0700
++++ b/log.c 2009-03-19 11:05:27.676224153 -0700
+@@ -149,6 +149,13 @@ void log_tx(const char *q,const char qty
+ line();
+ }
+
++void log_tx_piggyback(const char *q, const char qtype[2], const char *control)
++{
++ string("txpb ");
++ logtype(qtype); space(); name(q); space(); name(control);
++ line();
++}
++
+ void log_cachedanswer(const char *q,const char type[2])
+ {
+ string("cached "); logtype(type); space();
+diff -urNp a/log.h b/log.h
+--- a/log.h 2001-02-11 13:11:45.000000000 -0800
++++ b/log.h 2009-03-19 11:05:27.676224153 -0700
+@@ -18,6 +18,7 @@ extern void log_cachednxdomain(const cha
+ extern void log_cachedns(const char *,const char *);
+
+ extern void log_tx(const char *,const char *,const char *,const char *,unsigned int);
++extern void log_tx_piggyback(const char *,const char *,const char *);
+
+ extern void log_nxdomain(const char *,const char *,unsigned int);
+ extern void log_nodata(const char *,const char *,const char *,unsigned int);
+diff -urNp a/maxclient.h b/maxclient.h
+--- a/maxclient.h 1969-12-31 16:00:00.000000000 -0800
++++ b/maxclient.h 2009-03-19 11:05:27.676224153 -0700
+@@ -0,0 +1,7 @@
++#ifndef MAXCLIENT_H
++#define MAXCLIENT_H
++
++#define MAXUDP 200
++#define MAXTCP 20
++
++#endif /* MAXCLIENT_H */
+diff -urNp a/qmerge.c b/qmerge.c
+--- a/qmerge.c 1969-12-31 16:00:00.000000000 -0800
++++ b/qmerge.c 2009-03-19 11:05:27.677221627 -0700
+@@ -0,0 +1,115 @@
++#include "qmerge.h"
++#include "byte.h"
++#include "log.h"
++#include "maxclient.h"
++
++#define QMERGE_MAX (MAXUDP+MAXTCP)
++struct qmerge inprogress[QMERGE_MAX];
++
++static
++int qmerge_key_init(struct qmerge_key *qmk, const char *q, const char qtype[2],
++ const char *control)
++{
++ if (!dns_domain_copy(&qmk->q, q)) return 0;
++ byte_copy(qmk->qtype, 2, qtype);
++ if (!dns_domain_copy(&qmk->control, control)) return 0;
++ return 1;
++}
++
++static
++int qmerge_key_equal(struct qmerge_key *a, struct qmerge_key *b)
++{
++ return
++ byte_equal(a->qtype, 2, b->qtype) &&
++ dns_domain_equal(a->q, b->q) &&
++ dns_domain_equal(a->control, b->control);
++}
++
++static
++void qmerge_key_free(struct qmerge_key *qmk)
++{
++ dns_domain_free(&qmk->q);
++ dns_domain_free(&qmk->control);
++}
++
++void qmerge_free(struct qmerge **x)
++{
++ struct qmerge *qm;
++
++ qm = *x;
++ *x = 0;
++ if (!qm || !qm->active) return;
++
++ qm->active--;
++ if (!qm->active) {
++ qmerge_key_free(&qm->key);
++ dns_transmit_free(&qm->dt);
++ }
++}
++
++int qmerge_start(struct qmerge **qm, const char servers[64], int flagrecursive,
++ const char *q, const char qtype[2], const char localip[4],
++ const char *control)
++{
++ struct qmerge_key k;
++ int i;
++ int r;
++
++ qmerge_free(qm);
++
++ byte_zero(&k, sizeof k);
++ if (!qmerge_key_init(&k, q, qtype, control)) return -1;
++ for (i = 0; i < QMERGE_MAX; i++) {
++ if (!inprogress[i].active) continue;
++ if (!qmerge_key_equal(&k, &inprogress[i].key)) continue;
++ log_tx_piggyback(q, qtype, control);
++ inprogress[i].active++;
++ *qm = &inprogress[i];
++ qmerge_key_free(&k);
++ return 0;
++ }
++
++ for (i = 0; i < QMERGE_MAX; i++)
++ if (!inprogress[i].active)
++ break;
++ if (i == QMERGE_MAX) return -1;
++
++ log_tx(q, qtype, control, servers, 0);
++ r = dns_transmit_start(&inprogress[i].dt, servers, flagrecursive, q, qtype, localip);
++ if (r == -1) { qmerge_key_free(&k); return -1; }
++ inprogress[i].active++;
++ inprogress[i].state = 0;
++ qmerge_key_free(&inprogress[i].key);
++ byte_copy(&inprogress[i].key, sizeof k, &k);
++ *qm = &inprogress[i];
++ return 0;
++}
++
++void qmerge_io(struct qmerge *qm, iopause_fd *io, struct taia *deadline)
++{
++ if (qm->state == 0) {
++ dns_transmit_io(&qm->dt, io, deadline);
++ qm->state = 1;
++ }
++ else {
++ io->fd = -1;
++ io->events = 0;
++ }
++}
++
++int qmerge_get(struct qmerge **x, const iopause_fd *io, const struct taia *when)
++{
++ int r;
++ struct qmerge *qm;
++
++ qm = *x;
++ if (qm->state == -1) return -1; /* previous error */
++ if (qm->state == 0) return 0; /* no packet */
++ if (qm->state == 2) return 1; /* already got packet */
++
++ r = dns_transmit_get(&qm->dt, io, when);
++ if (r == -1) { qm->state = -1; return -1; } /* error */
++ if (r == 0) { qm->state = 0; return 0; } /* must wait for i/o */
++ if (r == 1) { qm->state = 2; return 1; } /* got packet */
++ return -1; /* bug */
++}
+diff -urNp a/qmerge.h b/qmerge.h
+--- a/qmerge.h 1969-12-31 16:00:00.000000000 -0800
++++ b/qmerge.h 2009-03-19 11:05:27.678227481 -0700
+@@ -0,0 +1,24 @@
++#ifndef QMERGE_H
++#define QMERGE_H
++
++#include "dns.h"
++
++struct qmerge_key {
++ char *q;
++ char qtype[2];
++ char *control;
++};
++
++struct qmerge {
++ int active;
++ struct qmerge_key key;
++ struct dns_transmit dt;
++ int state; /* -1 = error, 0 = need io, 1 = need get, 2 = got packet */
++};
++
++extern int qmerge_start(struct qmerge **,const char *,int,const char *,const char *,const char *,const char *);
++extern void qmerge_io(struct qmerge *,iopause_fd *,struct taia *);
++extern int qmerge_get(struct qmerge **,const iopause_fd *,const struct taia *);
++extern void qmerge_free(struct qmerge **);
++
++#endif /* QMERGE_H */
+diff -urNp a/query.c b/query.c
+--- a/query.c 2009-03-19 11:01:40.792597346 -0700
++++ b/query.c 2009-03-19 11:24:43.152221609 -0700
+@@ -84,7 +84,7 @@ static void cleanup(struct query *z)
+ int j;
+ int k;
+
+- dns_transmit_free(&z->dt);
++ qmerge_free(&z->qm);
+ for (j = 0;j < QUERY_MAXALIAS;++j)
+ dns_domain_free(&z->alias[j]);
+ for (j = 0;j < QUERY_MAXLEVEL;++j) {
+@@ -619,14 +619,8 @@ static int doit(struct query *z,int stat
+ if (j == 256) goto SERVFAIL;
+
+ dns_sortip6(z->servers[z->level],256);
+- if (z->level) {
+- log_tx(z->name[z->level],DNS_T_A,z->control[z->level],z->servers[z->level],z->level);
+- if (dns_transmit_start(&z->dt,z->servers[z->level],flagforwardonly,z->name[z->level],DNS_T_A,z->localip) == -1) goto DIE;
+- }
+- else {
+- log_tx(z->name[0],z->type,z->control[0],z->servers[0],0);
+- if (dns_transmit_start(&z->dt,z->servers[0],flagforwardonly,z->name[0],z->type,z->localip) == -1) goto DIE;
+- }
++ dtype = z->level ? DNS_T_A : z->type;
++ if (qmerge_start(&z->qm,z->servers[z->level],flagforwardonly,z->name[z->level],dtype,z->localip,z->control[z->level]) == -1) goto DIE;
+ return 0;
+
+
+@@ -640,10 +634,10 @@ static int doit(struct query *z,int stat
+
+ HAVEPACKET:
+ if (++z->loop == 100) goto DIE;
+- buf = z->dt.packet;
+- len = z->dt.packetlen;
++ buf = z->qm->dt.packet;
++ len = z->qm->dt.packetlen;
+
+- whichserver = z->dt.servers + 16 * z->dt.curserver;
++ whichserver = z->qm->dt.servers + 16 * z->qm->dt.curserver;
+ control = z->control[z->level];
+ d = z->name[z->level];
+ dtype = z->level ? DNS_T_A : z->type;
+@@ -1050,7 +1044,7 @@ int query_start(struct query *z,char *dn
+
+ int query_get(struct query *z,iopause_fd *x,struct taia *stamp)
+ {
+- switch(dns_transmit_get(&z->dt,x,stamp)) {
++ switch(qmerge_get(&z->qm,x,stamp)) {
+ case 1:
+ return doit(z,1);
+ case -1:
+@@ -1061,5 +1055,5 @@ int query_get(struct query *z,iopause_fd
+
+ void query_io(struct query *z,iopause_fd *x,struct taia *deadline)
+ {
+- dns_transmit_io(&z->dt,x,deadline);
++ qmerge_io(z->qm,x,deadline);
+ }
+diff -urNp a/query.h b/query.h
+--- a/query.h 2009-03-19 11:01:40.793597403 -0700
++++ b/query.h 2009-03-19 11:05:27.681222487 -0700
+@@ -1,7 +1,7 @@
+ #ifndef QUERY_H
+ #define QUERY_H
+
+-#include "dns.h"
++#include "qmerge.h"
+ #include "uint32.h"
+
+ #define QUERY_MAXLEVEL 5
+@@ -21,7 +21,7 @@ struct query {
+ uint32 scope_id;
+ char type[2];
+ char class[2];
+- struct dns_transmit dt;
++ struct qmerge *qm;
+ } ;
+
+ extern int query_start(struct query *,char *,char *,char *,char *,unsigned int);
--- /dev/null
+diff --git a/Makefile b/Makefile
+index 1429643..bc047c0 100644
+--- a/Makefile
++++ b/Makefile
+@@ -318,11 +318,11 @@ stralloc.h iopause.h taia.h tai.h uint64.h taia.h
+ ./compile dns_txt.c
+
+ dnscache: \
+-load dnscache.o droproot.o okclient.o log.o cache.o query.o \
++load dnscache.o droproot.o okclient.o log.o cache.o query.o qmerge.o \
+ response.o dd.o roots.o iopause.o prot.o dns.a env.a alloc.a buffer.a \
+ libtai.a unix.a byte.a socket.lib
+ ./load dnscache droproot.o okclient.o log.o cache.o \
+- query.o response.o dd.o roots.o iopause.o prot.o dns.a \
++ query.o qmerge.o response.o dd.o roots.o iopause.o prot.o dns.a \
+ env.a alloc.a buffer.a libtai.a unix.a byte.a `cat \
+ socket.lib`
+
+@@ -343,7 +343,7 @@ compile dnscache.c env.h exit.h scan.h strerr.h error.h ip4.h \
+ uint16.h uint64.h socket.h uint16.h dns.h stralloc.h gen_alloc.h \
+ iopause.h taia.h tai.h uint64.h taia.h taia.h byte.h roots.h fmt.h \
+ iopause.h query.h dns.h uint32.h alloc.h response.h uint32.h cache.h \
+-uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h
++uint32.h uint64.h ndelay.h log.h uint64.h okclient.h droproot.h maxclient.h
+ ./compile dnscache.c
+
+ dnsfilter: \
+@@ -687,11 +687,16 @@ qlog.o: \
+ compile qlog.c buffer.h qlog.h uint16.h
+ ./compile qlog.c
+
++qmerge.o: \
++compile qmerge.c qmerge.h dns.h stralloc.h gen_alloc.h iopause.h \
++taia.h tai.h uint64.h log.h maxclient.h
++ ./compile qmerge.c
++
+ query.o: \
+ compile query.c error.h roots.h log.h uint64.h case.h cache.h \
+ uint32.h uint64.h byte.h dns.h stralloc.h gen_alloc.h iopause.h \
+ taia.h tai.h uint64.h taia.h uint64.h uint32.h uint16.h dd.h alloc.h \
+-response.h uint32.h query.h dns.h uint32.h
++response.h uint32.h query.h dns.h uint32.h qmerge.h
+ ./compile query.c
+
+ random-ip: \
+diff --git a/dnscache.c b/dnscache.c
+index 8c899a3..5ccb16a 100644
+--- a/dnscache.c
++++ b/dnscache.c
+@@ -22,6 +22,7 @@
+ #include "log.h"
+ #include "okclient.h"
+ #include "droproot.h"
++#include "maxclient.h"
+
+ static int packetquery(char *buf,unsigned int len,char **q,char qtype[2],char qclass[2],char id[2])
+ {
+@@ -54,7 +55,6 @@ uint64 numqueries = 0;
+
+ static int udp53;
+
+-#define MAXUDP 200
+ static struct udpclient {
+ struct query q;
+ struct taia start;
+@@ -131,7 +131,6 @@ void u_new(void)
+
+ static int tcp53;
+
+-#define MAXTCP 20
+ struct tcpclient {
+ struct query q;
+ struct taia start;
+diff --git a/log.c b/log.c
+index c43e8b0..b8cd7ce 100644
+--- a/log.c
++++ b/log.c
+@@ -150,6 +150,13 @@ void log_tx(const char *q,const char qtype[2],const char *control,const char ser
+ line();
+ }
+
++void log_tx_piggyback(const char *q, const char qtype[2], const char *control)
++{
++ string("txpb ");
++ logtype(qtype); space(); name(q); space(); name(control);
++ line();
++}
++
+ void log_cachedanswer(const char *q,const char type[2])
+ {
+ string("cached "); logtype(type); space();
+diff --git a/log.h b/log.h
+index fe62fa3..d9a829b 100644
+--- a/log.h
++++ b/log.h
+@@ -18,6 +18,7 @@ extern void log_cachednxdomain(const char *);
+ extern void log_cachedns(const char *,const char *);
+
+ extern void log_tx(const char *,const char *,const char *,const char *,unsigned int);
++extern void log_tx_piggyback(const char *,const char *,const char *);
+
+ extern void log_nxdomain(const char *,const char *,unsigned int);
+ extern void log_nodata(const char *,const char *,const char *,unsigned int);
+diff --git a/maxclient.h b/maxclient.h
+new file mode 100644
+index 0000000..e52fcd1
+--- /dev/null
++++ b/maxclient.h
+@@ -0,0 +1,7 @@
++#ifndef MAXCLIENT_H
++#define MAXCLIENT_H
++
++#define MAXUDP 200
++#define MAXTCP 20
++
++#endif /* MAXCLIENT_H */
+diff --git a/qmerge.c b/qmerge.c
+new file mode 100644
+index 0000000..7c92299
+--- /dev/null
++++ b/qmerge.c
+@@ -0,0 +1,115 @@
++#include "qmerge.h"
++#include "byte.h"
++#include "log.h"
++#include "maxclient.h"
++
++#define QMERGE_MAX (MAXUDP+MAXTCP)
++struct qmerge inprogress[QMERGE_MAX];
++
++static
++int qmerge_key_init(struct qmerge_key *qmk, const char *q, const char qtype[2],
++ const char *control)
++{
++ if (!dns_domain_copy(&qmk->q, q)) return 0;
++ byte_copy(qmk->qtype, 2, qtype);
++ if (!dns_domain_copy(&qmk->control, control)) return 0;
++ return 1;
++}
++
++static
++int qmerge_key_equal(struct qmerge_key *a, struct qmerge_key *b)
++{
++ return
++ byte_equal(a->qtype, 2, b->qtype) &&
++ dns_domain_equal(a->q, b->q) &&
++ dns_domain_equal(a->control, b->control);
++}
++
++static
++void qmerge_key_free(struct qmerge_key *qmk)
++{
++ dns_domain_free(&qmk->q);
++ dns_domain_free(&qmk->control);
++}
++
++void qmerge_free(struct qmerge **x)
++{
++ struct qmerge *qm;
++
++ qm = *x;
++ *x = 0;
++ if (!qm || !qm->active) return;
++
++ qm->active--;
++ if (!qm->active) {
++ qmerge_key_free(&qm->key);
++ dns_transmit_free(&qm->dt);
++ }
++}
++
++int qmerge_start(struct qmerge **qm, const char servers[64], int flagrecursive,
++ const char *q, const char qtype[2], const char localip[4],
++ const char *control)
++{
++ struct qmerge_key k;
++ int i;
++ int r;
++
++ qmerge_free(qm);
++
++ byte_zero(&k, sizeof k);
++ if (!qmerge_key_init(&k, q, qtype, control)) return -1;
++ for (i = 0; i < QMERGE_MAX; i++) {
++ if (!inprogress[i].active) continue;
++ if (!qmerge_key_equal(&k, &inprogress[i].key)) continue;
++ log_tx_piggyback(q, qtype, control);
++ inprogress[i].active++;
++ *qm = &inprogress[i];
++ qmerge_key_free(&k);
++ return 0;
++ }
++
++ for (i = 0; i < QMERGE_MAX; i++)
++ if (!inprogress[i].active)
++ break;
++ if (i == QMERGE_MAX) return -1;
++
++ log_tx(q, qtype, control, servers, 0);
++ r = dns_transmit_start(&inprogress[i].dt, servers, flagrecursive, q, qtype, localip);
++ if (r == -1) { qmerge_key_free(&k); return -1; }
++ inprogress[i].active++;
++ inprogress[i].state = 0;
++ qmerge_key_free(&inprogress[i].key);
++ byte_copy(&inprogress[i].key, sizeof k, &k);
++ *qm = &inprogress[i];
++ return 0;
++}
++
++void qmerge_io(struct qmerge *qm, iopause_fd *io, struct taia *deadline)
++{
++ if (qm->state == 0) {
++ dns_transmit_io(&qm->dt, io, deadline);
++ qm->state = 1;
++ }
++ else {
++ io->fd = -1;
++ io->events = 0;
++ }
++}
++
++int qmerge_get(struct qmerge **x, const iopause_fd *io, const struct taia *when)
++{
++ int r;
++ struct qmerge *qm;
++
++ qm = *x;
++ if (qm->state == -1) return -1; /* previous error */
++ if (qm->state == 0) return 0; /* no packet */
++ if (qm->state == 2) return 1; /* already got packet */
++
++ r = dns_transmit_get(&qm->dt, io, when);
++ if (r == -1) { qm->state = -1; return -1; } /* error */
++ if (r == 0) { qm->state = 0; return 0; } /* must wait for i/o */
++ if (r == 1) { qm->state = 2; return 1; } /* got packet */
++ return -1; /* bug */
++}
+diff --git a/qmerge.h b/qmerge.h
+new file mode 100644
+index 0000000..9a58157
+--- /dev/null
++++ b/qmerge.h
+@@ -0,0 +1,24 @@
++#ifndef QMERGE_H
++#define QMERGE_H
++
++#include "dns.h"
++
++struct qmerge_key {
++ char *q;
++ char qtype[2];
++ char *control;
++};
++
++struct qmerge {
++ int active;
++ struct qmerge_key key;
++ struct dns_transmit dt;
++ int state; /* -1 = error, 0 = need io, 1 = need get, 2 = got packet */
++};
++
++extern int qmerge_start(struct qmerge **,const char *,int,const char *,const char *,const char *,const char *);
++extern void qmerge_io(struct qmerge *,iopause_fd *,struct taia *);
++extern int qmerge_get(struct qmerge **,const iopause_fd *,const struct taia *);
++extern void qmerge_free(struct qmerge **);
++
++#endif /* QMERGE_H */
+diff --git a/query.c b/query.c
+index 46cdc00..f091fdd 100644
+--- a/query.c
++++ b/query.c
+@@ -81,7 +81,7 @@ static void cleanup(struct query *z)
+ int j;
+ int k;
+
+- dns_transmit_free(&z->dt);
++ qmerge_free(&z->qm);
+ for (j = 0;j < QUERY_MAXALIAS;++j)
+ dns_domain_free(&z->alias[j]);
+ for (j = 0;j < QUERY_MAXLEVEL;++j) {
+@@ -429,14 +429,8 @@ static int doit(struct query *z,int state)
+ if (j == 64) goto SERVFAIL;
+
+ dns_sortip(z->servers[z->level],64);
+- if (z->level) {
+- log_tx(z->name[z->level],DNS_T_A,z->control[z->level],z->servers[z->level],z->level);
+- if (dns_transmit_start(&z->dt,z->servers[z->level],flagforwardonly,z->name[z->level],DNS_T_A,z->localip) == -1) goto DIE;
+- }
+- else {
+- log_tx(z->name[0],z->type,z->control[0],z->servers[0],0);
+- if (dns_transmit_start(&z->dt,z->servers[0],flagforwardonly,z->name[0],z->type,z->localip) == -1) goto DIE;
+- }
++ dtype = z->level ? DNS_T_A : z->type;
++ if (qmerge_start(&z->qm,z->servers[z->level],flagforwardonly,z->name[z->level],dtype,z->localip,z->control[z->level]) == -1) goto DIE;
+ return 0;
+
+
+@@ -450,10 +444,10 @@ static int doit(struct query *z,int state)
+
+ HAVEPACKET:
+ if (++z->loop == 100) goto DIE;
+- buf = z->dt.packet;
+- len = z->dt.packetlen;
++ buf = z->qm->dt.packet;
++ len = z->qm->dt.packetlen;
+
+- whichserver = z->dt.servers + 4 * z->dt.curserver;
++ whichserver = z->qm->dt.servers + 4 * z->qm->dt.curserver;
+ control = z->control[z->level];
+ d = z->name[z->level];
+ dtype = z->level ? DNS_T_A : z->type;
+@@ -836,7 +830,7 @@ int query_start(struct query *z,char *dn,char type[2],char class[2],char localip
+
+ int query_get(struct query *z,iopause_fd *x,struct taia *stamp)
+ {
+- switch(dns_transmit_get(&z->dt,x,stamp)) {
++ switch(qmerge_get(&z->qm,x,stamp)) {
+ case 1:
+ return doit(z,1);
+ case -1:
+@@ -847,5 +841,5 @@ int query_get(struct query *z,iopause_fd *x,struct taia *stamp)
+
+ void query_io(struct query *z,iopause_fd *x,struct taia *deadline)
+ {
+- dns_transmit_io(&z->dt,x,deadline);
++ qmerge_io(z->qm,x,deadline);
+ }
+diff --git a/query.h b/query.h
+index eff68b2..06feab4 100644
+--- a/query.h
++++ b/query.h
+@@ -1,7 +1,7 @@
+ #ifndef QUERY_H
+ #define QUERY_H
+
+-#include "dns.h"
++#include "qmerge.h"
+ #include "uint32.h"
+
+ #define QUERY_MAXLEVEL 5
+@@ -20,7 +20,7 @@ struct query {
+ char localip[4];
+ char type[2];
+ char class[2];
+- struct dns_transmit dt;
++ struct qmerge *qm;
+ } ;
+
+ extern int query_start(struct query *,char *,char *,char *,char *);
--- /dev/null
+diff -urNp a/query.c b/query.c
+--- a/query.c 2009-03-19 11:35:28.452472164 -0700
++++ b/query.c 2009-03-19 11:59:19.798221593 -0700
+@@ -476,6 +476,29 @@ static int doit(struct query *z,int stat
+ }
+ }
+
++ if (typematch(DNS_T_SOA,dtype)) {
++ byte_copy(key,2,DNS_T_SOA);
++ cached = cache_get(key,dlen + 2,&cachedlen,&ttl);
++ if (cached && (cachedlen || byte_diff(dtype,2,DNS_T_ANY))) {
++ log_cachedanswer(d,DNS_T_SOA);
++ if (!rqa(z)) goto DIE;
++ pos = 0;
++ while (pos = dns_packet_copy(cached,cachedlen,pos,misc,20)) {
++ pos = dns_packet_getname(cached,cachedlen,pos,&t2);
++ if (!pos) break;
++ pos = dns_packet_getname(cached,cachedlen,pos,&t3);
++ if (!pos) break;
++ if (!response_rstart(d,DNS_T_SOA,ttl)) goto DIE;
++ if (!response_addname(t2)) goto DIE;
++ if (!response_addname(t3)) goto DIE;
++ if (!response_addbytes(misc,20)) goto DIE;
++ response_rfinish(RESPONSE_ANSWER);
++ }
++ cleanup(z);
++ return 1;
++ }
++ }
++
+ if (typematch(DNS_T_A,dtype)) {
+ byte_copy(key,2,DNS_T_A);
+ cached = cache_get(key,dlen + 2,&cachedlen,&ttl);
+@@ -541,7 +564,7 @@ static int doit(struct query *z,int stat
+ }
+ }
+
+- if (!typematch(DNS_T_ANY,dtype) && !typematch(DNS_T_AXFR,dtype) && !typematch(DNS_T_CNAME,dtype) && !typematch(DNS_T_NS,dtype) && !typematch(DNS_T_PTR,dtype) && !typematch(DNS_T_A,dtype) && !typematch(DNS_T_MX,dtype) && !typematch(DNS_T_AAAA,dtype)) {
++ if (!typematch(DNS_T_ANY,dtype) && !typematch(DNS_T_AXFR,dtype) && !typematch(DNS_T_CNAME,dtype) && !typematch(DNS_T_NS,dtype) && !typematch(DNS_T_PTR,dtype) && !typematch(DNS_T_A,dtype) && !typematch(DNS_T_MX,dtype) && !typematch(DNS_T_SOA,dtype) && !typematch(DNS_T_AAAA,dtype)) {
+ byte_copy(key,2,dtype);
+ cached = cache_get(key,dlen + 2,&cachedlen,&ttl);
+ if (cached && (cachedlen || byte_diff(dtype,2,DNS_T_ANY))) {
+@@ -769,15 +792,24 @@ static int doit(struct query *z,int stat
+ else if (byte_equal(type,2,DNS_T_AXFR))
+ ;
+ else if (byte_equal(type,2,DNS_T_SOA)) {
++ int non_authority = 0;
++ save_start();
+ while (i < j) {
+ pos = dns_packet_skipname(buf,len,records[i]); if (!pos) goto DIE;
+ pos = dns_packet_getname(buf,len,pos + 10,&t2); if (!pos) goto DIE;
+ pos = dns_packet_getname(buf,len,pos,&t3); if (!pos) goto DIE;
+ pos = dns_packet_copy(buf,len,pos,misc,20); if (!pos) goto DIE;
+- if (records[i] < posauthority)
++ if (records[i] < posauthority) {
+ log_rrsoa(whichserver,t1,t2,t3,misc,ttl);
++ save_data(misc,20);
++ save_data(t2,dns_domain_length(t2));
++ save_data(t3,dns_domain_length(t3));
++ non_authority++;
++ }
+ ++i;
+ }
++ if (non_authority)
++ save_finish(DNS_T_SOA,t1,ttl);
+ }
+ else if (byte_equal(type,2,DNS_T_CNAME)) {
+ pos = dns_packet_skipname(buf,len,records[j - 1]); if (!pos) goto DIE;
--- /dev/null
+diff --git a/query.c b/query.c
+index 46cdc00..4574e97 100644
+--- a/query.c
++++ b/query.c
+@@ -319,6 +319,29 @@ static int doit(struct query *z,int state)
+ }
+ }
+
++ if (typematch(DNS_T_SOA,dtype)) {
++ byte_copy(key,2,DNS_T_SOA);
++ cached = cache_get(key,dlen + 2,&cachedlen,&ttl);
++ if (cached && (cachedlen || byte_diff(dtype,2,DNS_T_ANY))) {
++ log_cachedanswer(d,DNS_T_SOA);
++ if (!rqa(z)) goto DIE;
++ pos = 0;
++ while (pos = dns_packet_copy(cached,cachedlen,pos,misc,20)) {
++ pos = dns_packet_getname(cached,cachedlen,pos,&t2);
++ if (!pos) break;
++ pos = dns_packet_getname(cached,cachedlen,pos,&t3);
++ if (!pos) break;
++ if (!response_rstart(d,DNS_T_SOA,ttl)) goto DIE;
++ if (!response_addname(t2)) goto DIE;
++ if (!response_addname(t3)) goto DIE;
++ if (!response_addbytes(misc,20)) goto DIE;
++ response_rfinish(RESPONSE_ANSWER);
++ }
++ cleanup(z);
++ return 1;
++ }
++ }
++
+ if (typematch(DNS_T_A,dtype)) {
+ byte_copy(key,2,DNS_T_A);
+ cached = cache_get(key,dlen + 2,&cachedlen,&ttl);
+@@ -351,7 +374,7 @@ static int doit(struct query *z,int state)
+ }
+ }
+
+- if (!typematch(DNS_T_ANY,dtype) && !typematch(DNS_T_AXFR,dtype) && !typematch(DNS_T_CNAME,dtype) && !typematch(DNS_T_NS,dtype) && !typematch(DNS_T_PTR,dtype) && !typematch(DNS_T_A,dtype) && !typematch(DNS_T_MX,dtype)) {
++ if (!typematch(DNS_T_ANY,dtype) && !typematch(DNS_T_AXFR,dtype) && !typematch(DNS_T_CNAME,dtype) && !typematch(DNS_T_NS,dtype) && !typematch(DNS_T_PTR,dtype) && !typematch(DNS_T_A,dtype) && !typematch(DNS_T_MX,dtype) && !typematch(DNS_T_SOA,dtype)) {
+ byte_copy(key,2,dtype);
+ cached = cache_get(key,dlen + 2,&cachedlen,&ttl);
+ if (cached && (cachedlen || byte_diff(dtype,2,DNS_T_ANY))) {
+@@ -585,15 +608,24 @@ static int doit(struct query *z,int state)
+ else if (byte_equal(type,2,DNS_T_AXFR))
+ ;
+ else if (byte_equal(type,2,DNS_T_SOA)) {
++ int non_authority = 0;
++ save_start();
+ while (i < j) {
+ pos = dns_packet_skipname(buf,len,records[i]); if (!pos) goto DIE;
+ pos = dns_packet_getname(buf,len,pos + 10,&t2); if (!pos) goto DIE;
+ pos = dns_packet_getname(buf,len,pos,&t3); if (!pos) goto DIE;
+ pos = dns_packet_copy(buf,len,pos,misc,20); if (!pos) goto DIE;
+- if (records[i] < posauthority)
++ if (records[i] < posauthority) {
+ log_rrsoa(whichserver,t1,t2,t3,misc,ttl);
++ save_data(misc,20);
++ save_data(t2,dns_domain_length(t2));
++ save_data(t3,dns_domain_length(t3));
++ non_authority++;
++ }
+ ++i;
+ }
++ if (non_authority)
++ save_finish(DNS_T_SOA,t1,ttl);
+ }
+ else if (byte_equal(type,2,DNS_T_CNAME)) {
+ pos = dns_packet_skipname(buf,len,records[j - 1]); if (!pos) goto DIE;
+
--- /dev/null
+--- a/response.c
++++ b/response.c
+@@ -34,7 +34,7 @@ int response_addname(const char *d)
+ uint16_pack_big(buf,49152 + name_ptr[i]);
+ return response_addbytes(buf,2);
+ }
+- if (dlen <= 128)
++ if ((dlen <= 128) && (response_len < 16384))
+ if (name_num < NAMES) {
+ byte_copy(name[name_num],dlen,d);
+ name_ptr[name_num] = response_len;
--- /dev/null
+#!/bin/bash
+#
+# djbdns-setup
+#
+# Copyright (C) 2004 Kalin Kozhuharov <kalin@ThinRope.net>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+# http://www.gnu.org/copyleft/gpl.html
+#
+
+. /sbin/functions.sh
+# void ewarn(char* message)
+#
+# show a warning message and do NOT log it
+ewarn() {
+ if [ "${RC_QUIET_STDOUT}" = "yes" ]
+ then
+ echo " ${*}"
+ else
+ echo -e " ${WARN}*${NORMAL} ${*}"
+ fi
+
+ return 0
+}
+
+S_SEPARATOR="--------------------------------------------------------------------------------"
+D_SEPARATOR="================================================================================"
+
+REQ_GROUP="nofiles"
+REQ_USERS="tinydns dnscache dnslog"
+
+IPs[0]=""
+IPs[1]=""
+IPs[2]=""
+dnscache=0
+tinydns=1
+axfrdns=2
+
+check_group_users()
+{
+ echo ": Checking for required group (${REQ_GROUP}) :"
+ grep ${REQ_GROUP} /etc/group &> /dev/null
+ if [ $? -ne 0 ]
+ then
+ ebegin "Adding group ${REQ_GROUP}"
+ /usr/sbin/groupadd ${REQ_GROUP} &>/dev/null && eend 0 || eend 1
+ fi
+
+ echo ": Checking for required users (${REQ_USERS}) :"
+ for user in ${REQ_USERS};
+ do
+ grep ${user} /etc/passwd &> /dev/null
+ if [ $? -ne 0 ]
+ then
+ ebegin "Adding user ${user}"
+ /usr/sbin/useradd -d /dev/null -s /bin/false -g ${REQ_GROUP} ${user} &>/dev/null && eend 0 || eend 1
+ fi
+ done
+ return 0
+}
+
+start_services()
+{
+ local services="$1"
+
+ echo "${SEPARATOR}"
+ echo ": Start services :"
+ echo
+ echo " Your services (${services// /, }) are ready for startup!"
+ echo
+ ewarn " The following requires daemontools to be running!"
+ local answer=""
+ read -p " Would you like ${services// /, } to be started and supervised by daemontools now? [Y|n]> " answer
+ if [ "${answer}" == "Y" ] || [ "${answer}" == "" ]
+ then
+
+ ebegin "Checking if daemontools are running"
+ ps -A |grep svscanboot &>/dev/null && eend 0 || eend 1
+
+ ebegin "Linking services in /service"
+ # Don't make symbolic links to / !
+ # use ../ instead as it gives trouble in chrooted environments
+ local fixedroot_path=`echo ${mypath} | sed -e 's#^/#../#'`
+ for service in ${services};
+ do
+ for ip in ${IPs[${service}]};
+ do
+ ln -sf ${fixedroot_path}/${service}/${ip} /service/${service}_${ip}
+ done
+ done
+
+ eend 0
+
+ echo
+ ls -l --color=auto /service/
+ echo
+ ebegin "Waiting 5 seconds for services to start"
+ sleep 5 && eend 0
+
+ echo "${SEPARATOR}"
+ echo ": Check services status :"
+ echo
+ for service in ${services};
+ do
+ for ip in ${IPs[${service}]};
+ do
+ svstat /service/${service}_${ip} /service/${service}_${ip}/log
+ done
+ done
+ fi
+ return 0
+}
+
+tinydns_setup()
+{
+ return 0
+}
+
+axfrdns_setup()
+{
+ echo "${S_SEPARATOR}"
+ echo ": Grant access to axfrdns :"
+ echo
+ TCPRULES_DIR="${mypath}/axfrdns/${myip}/control"
+ echo " axfrdns is accessed by your secondary servers and when response cannot fit UDP packet"
+ echo " You have to specify their which IP addresses are allowed to access it"
+ echo " in ${TCPRULES_DIR}/tcp.axfrdns"
+ echo
+ echo " Example:"
+ echo " 1.2.3.4 would allow the host 1.2.3.4"
+ echo " 1.2.3. would allow ALL hosts 1.2.3.x (like 1.2.3.4, 1.2.3.100, etc.)"
+ ewarn "Do NOT forget the trailing dot!"
+ echo
+ echo " Press Enter if you do not want to allow any access now."
+ echo
+
+ sed -i -e "s#-x tcp.cdb#-x control/tcp.axfrdns.cdb#g" ${mypath}/axfrdns/${myip}/run
+ if [ -e ${TCPRULES_DIR}/tcp.axfrdns ]
+ then
+ ewarn "${TCPRULES_DIR}/tcp.axfrdns exists."
+ read -p " Do you want it cleared? [Y|n]: " answer
+ if [ "${answer}" == "Y" ] || [ "${answer}" == "" ]
+ then
+ echo '# sample line: 1.2.3.4:allow,AXFR="heaven.af.mil/3.2.1.in-addr.arpa"' > ${TCPRULES_DIR}/tcp.axfrdns
+ fi
+ fi
+
+ read -p " IP to allow (press Enter to end)> " ipallow
+
+ while [ "$ipallow" != "" ]
+ do
+ echo "${ipallow}:allow" >> ${TCPRULES_DIR}/tcp.axfrdns
+ read -p " IP to allow (press Enter to end)> " ipallow
+ done
+ echo ":deny" >> ${TCPRULES_DIR}/tcp.axfrdns
+
+ echo " Here is the tcprules file created so far:"
+ echo
+ cat ${TCPRULES_DIR}/tcp.axfrdns
+ echo
+ local answer=""
+ read -p " Would you like ${TCPRULES_DIR}/tcp.axfrdns.cdb updated? [Y|n]: " answer
+ if [ "${answer}" == "Y" ] || [ "${answer}" == "" ]
+ then
+ ebegin "Updating ${TCPRULES_DIR}/tcp.axfrdns.cdb"
+ bash -c "cd ${TCPRULES_DIR} && make" && eend 0 || eend 1
+ fi
+ return 0
+}
+
+dnscache_setup()
+{
+ echo ": Configure forwarding :"
+ echo
+ echo " dnscache can be configured to forward queries to another DNS cache"
+ echo " (such as the one your ISP provides) rather than perform the lookups itself."
+ echo
+ echo " To enable this forwarding-only mode (a good idea most of the time),"
+ echo " provide the IPs of the caches to forward to."
+ echo " To have dnscache perform the lookups itself, just press Enter."
+ echo
+ read -p " forward-to IP> " myforward
+ echo
+ if [ "$myforward" != "" ]
+ then
+ echo $myforward > ${mypath}/dnscache/${myip}/root/servers/\@
+ echo -n "1" > ${mypath}/dnscache/${myip}/env/FORWARDONLY
+
+ read -p " forward-to IP (press Enter to end)> " myforward
+ while [ "$myforward" != "" ]
+ do
+ echo $myforward >> ${mypath}/dnscache/${myip}/root/servers/\@
+ read -p " forward-to IP (press Enter to end)> " myforward
+ done
+
+ echo
+ echo " Currently all queries will be forwarded to:"
+ echo
+ cat ${mypath}/dnscache/${myip}/root/servers/\@
+ echo
+ fi
+
+ echo "${SEPARATOR}"
+ echo ": Configuring clients :"
+ echo
+ echo " By default dnscache allows only localhost (127.0.0.1) to access it."
+ echo " You have to specify the IP addresses of the clients that shall be allowed to use it."
+ echo
+ echo " Example:"
+ echo " 1.2.3.4 would allow only the host 1.2.3.4"
+ echo " 1.2.3 would allow all hosts 1.2.3.x (like 1.2.3.4, 1.2.3.100, etc.)"
+ echo
+ echo " Press Enter if you do not want to allow external clients!"
+ echo
+
+ read -p " Allowed IP> " myclientip
+
+ while [ "$myclientip" != "" ]
+ do
+ touch ${mypath}/dnscache/${myip}/root/ip/${myclientip}
+ read -p " Allowed IP (press Enter to end)> " myclientip
+ done
+
+ echo
+ echo " All queries from the hosts below will be answered:"
+ echo
+ ls -1 ${mypath}/dnscache/${myip}/root/ip
+ echo
+
+ #TODO
+ #configure cachsize - $mypath/env/CACHESIZE
+
+ #TODO
+ #configure datalimit - $mypath/env/DATALIMIT
+ return 0
+}
+
+common_setup()
+{
+ local service_human="$1"
+ local service_machine="$2"
+ local services="$3"
+
+ echo ": ${service_human} setup :"
+ echo
+
+ for service in ${services};
+ do
+ if [ ! -e ${mypath}/${service} ]
+ then
+ ebegin "Creating ${mypath}/${service}"
+ mkdir -p $mypath/${service} && eend 0 || eend 1
+ fi
+ done
+
+ echo "${SEPARATOR}"
+ echo ": IP address to bind to :"
+ echo
+ echo " Specify an address to which the ${service_human} should bind."
+ echo " Currently accessible IPs:"
+ local addrs=`ifconfig -a | grep "inet addr" | cut -f2 -d":" | cut -f1 -d" "`
+ echo " "$addrs
+ echo
+
+ while [ "${myip}" == "" ]
+ do
+ read -p " IP to bind to> " myip
+ done
+ echo
+
+ for service in ${services};
+ do
+ IPs[${service}]="${IPs[${service}]} ${myip}"
+ done
+
+ local dnscache_INSTALL="/usr/bin/dnscache-conf dnscache dnslog ${mypath}/dnscache/${myip} $myip"
+ local tinydns_INSTALL="/usr/bin/tinydns-conf tinydns dnslog ${mypath}/tinydns/${myip} $myip"
+ local axfrdns_INSTALL="\
+ /usr/bin/axfrdns-conf tinydns dnslog ${mypath}/axfrdns/${myip} ${mypath}/tinydns/${myip} $myip &&\
+ mkdir -p ${mypath}/axfrdns/${myip}/control &&\
+ echo -e \"tcp.axfrdns.cdb:\ttcp.axfrdns\n\ttcprules tcp.axfrdns.cdb .tcp.axfrdns.cdb.tmp < tcp.axfrdns\" > ${mypath}/axfrdns/${myip}/control/Makefile &&\
+ rm -f ${mypath}/axfrdns/${myip}/tcp ${mypath}/axfrdns/${myip}/Makefile"
+
+ for service in ${services};
+ do
+ if [ ! -e ${mypath}/${service}/${myip} ]
+ then
+ ebegin "Setting up ${service} in ${mypath}/${service}/${myip}"
+ eval command=\$${service}_INSTALL
+ /bin/bash -c "${command}" && eend 0 || eend 1
+ else
+ ewarn "${service} directory ${mypath}/${service}/${myip} exists, nothing done."
+ fi
+ done
+
+}
+
+
+
+
+
+
+if [ `id -u` -ne 0 ]
+then
+ eerror "${0}: You must be root."
+ exit 1
+else
+
+ echo "${D_SEPARATOR}"
+ echo ": DJB DNS setup :"
+ echo
+ echo " This script will help you setup the following:"
+ echo
+ echo " DNS server(s): to publish addresses of Internet hosts"
+ echo
+ echo " DNS cache(s) : to find addresses of Internet hosts"
+ echo
+ echo " For further information see:"
+ echo " http://cr.yp.to/djbdns/blurb/overview.html"
+ echo
+ ewarn "If you have already setup your services,"
+ ewarn "either exit now, or setup in different directories."
+ echo
+
+ answer=""
+ read -p " Would you like to continue with setup? [Y|n]> " answer
+ if [ "${answer}" == "n" ] || [ "${answer}" == "N" ]
+ then
+ ewarn "Aborting setup"
+ exit 1
+ fi
+
+ echo "${D_SEPARATOR}"
+ echo ": Choose install location :"
+ echo
+ default_path="/var"
+ echo " The default (${default_path}) will install them"
+ echo " in ${default_path}/\${service}/\${IP_ADDRESS}"
+ echo
+ echo " For example:"
+ echo " /var/tinydns /1.2.3.4"
+ echo " /192.168.33.1"
+ echo " /axfrdns /1.2.3.4"
+ echo " /192.168.33.1"
+ echo " /dnscache/127.0.0.1"
+ echo
+ ewarn "Do NOT enter trailing slash"
+ echo " Where do you want services installed?"
+ read -p "[${default_path}] > " mypath
+ echo
+
+ if [ "${mypath}" == "" ]
+ then
+ mypath=${default_path}
+ fi
+
+ echo "${D_SEPARATOR}"
+ check_group_users
+
+ answer=""
+ another=""
+ until [ "$answer" == "n" ]
+ do
+ echo "${D_SEPARATOR}"
+ answer=""
+ read -p " Would you like to setup ${another}dnscache? [Y|n]> " answer
+ if [ "${answer}" == "Y" ] || [ "${answer}" == "" ]
+ then
+ myip=""
+ echo "${S_SEPARATOR}"
+ common_setup "DNS cache" "dnscache" "dnscache"
+ if [ $? == 0 ]
+ then
+ dnscache_setup
+ else
+ ewarn "Skipping dnscache specific setup."
+ fi
+ fi
+ another="another "
+ done
+
+ answer=""
+ another=""
+ until [ "$answer" == "n" ]
+ do
+ echo "${D_SEPARATOR}"
+ answer=""
+ read -p " Would you like to setup ${another}DNS server? [Y|n]> " answer
+ if [ "${answer}" == "Y" ] || [ "${answer}" == "" ]
+ then
+ myip=""
+ echo "${S_SEPARATOR}"
+ common_setup "DNS server" "{tinydns,afxrdns}" "tinydns axfrdns"
+ if [ $? == 0 ]
+ then
+ tinydns_setup
+ axfrdns_setup
+ else
+ ewarn "Skipping tinydns and axfrdns specific setup."
+ fi
+ fi
+ another="another "
+ done
+
+ echo "${D_SEPARATOR}"
+
+ start_services "tinydns axfrdns dnscache"
+
+ echo "${D_SEPARATOR}"
+fi
--- /dev/null
+#!/bin/bash
+#
+# djbdns-setup
+#
+# Copyright (C) 2004-2006 Kalin KOZHUHAROV <kalin@thinrope.net>
+# The latest version of this script can be accessed at:
+# rsync://rsync.tar.bz/gentoo-portage-pkalin/net-dns/djbdns/files/djbdns-setup
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+# http://www.gnu.org/copyleft/gpl.html
+#
+
+# {{{ Rip off the ewarn code from /sbin/functions.sh
+WARN=$'\e[33;01m'
+NORMAL=$'\e[0m'
+ewarn() {
+ echo -e " ${WARN}*${NORMAL} $*"
+ return 0
+}
+# }}}
+
+# {{{ global vars
+S_SEPARATOR="--------------------------------------------------------------------------------"
+D_SEPARATOR="================================================================================"
+
+REQ_GROUP="nofiles"
+REQ_USERS="tinydns dnscache dnslog"
+
+IPs[0]=""
+IPs[1]=""
+IPs[2]=""
+dnscache=0
+tinydns=1
+axfrdns=2
+
+# global vars }}}
+
+# {{{ functions
+check_group_users()
+{
+ echo ": Checking for required group (${REQ_GROUP}) :"
+ grep ${REQ_GROUP} /etc/group &> /dev/null
+ if [ $? -ne 0 ]
+ then
+ ebegin "Adding group ${REQ_GROUP}"
+ /usr/sbin/groupadd ${REQ_GROUP} &>/dev/null && eend 0 || eend 1
+ fi
+
+ echo ": Checking for required users (${REQ_USERS}) :"
+ for user in ${REQ_USERS};
+ do
+ grep ${user} /etc/passwd &> /dev/null
+ if [ $? -ne 0 ]
+ then
+ ebegin "Adding user ${user}"
+ /usr/sbin/useradd -d /dev/null -s /bin/false -g ${REQ_GROUP} ${user} &>/dev/null && eend 0 || eend 1
+ fi
+ done
+ return 0
+}
+
+start_services()
+{
+ local services="$1"
+
+ echo "${SEPARATOR}"
+ echo ": Start services :"
+ echo
+ echo " Your services (${services// /, }) are ready for startup!"
+ echo
+ ewarn " The following requires daemontools to be running!"
+ local answer=""
+ read -p " Would you like ${services// /, } to be started and supervised by daemontools now? [Y|n]> " answer
+ if [ "${answer}" == "Y" ] || [ "${answer}" == "" ]
+ then
+
+ ebegin "Checking if daemontools are running"
+ ps -A |grep svscanboot &>/dev/null && eend 0 || eend 1
+
+ ebegin "Linking services in /service"
+ # Don't make symbolic links to / !
+ # use ../ instead as it gives trouble in chrooted environments
+ local fixedroot_path=`echo ${mypath} | sed -e 's#^/#../#'`
+ for service in ${services};
+ do
+ for ip in ${IPs[${service}]};
+ do
+ ln -sf ${fixedroot_path}/${service}/${ip} /service/${service}_${ip}
+ done
+ done
+
+ eend 0
+
+ echo
+ ls -l --color=auto /service/
+ echo
+ ebegin "Waiting 5 seconds for services to start"
+ sleep 5 && eend 0
+
+ echo "${SEPARATOR}"
+ echo ": Check services status :"
+ echo
+ for service in ${services};
+ do
+ for ip in ${IPs[${service}]};
+ do
+ svstat /service/${service}_${ip} /service/${service}_${ip}/log
+ done
+ done
+ fi
+ return 0
+}
+
+tinydns_setup()
+{
+ return 0
+}
+
+axfrdns_setup()
+{
+ echo "${S_SEPARATOR}"
+ echo ": Grant access to axfrdns :"
+ echo
+ TCPRULES_DIR="${mypath}/axfrdns/${myip}/control"
+ echo " axfrdns is accessed by your secondary servers and when response cannot fit UDP packet"
+ echo " You have to specify which IP addresses are allowed to access it"
+ echo " in ${TCPRULES_DIR}/tcp.axfrdns"
+ echo
+ echo " Example:"
+ echo " 1.2.3.4 would allow the host 1.2.3.4"
+ echo " 1.2.3. would allow ALL hosts 1.2.3.x (like 1.2.3.4, 1.2.3.100, etc.)"
+ ewarn "Do NOT forget the trailing dot!"
+ echo
+ echo " Press Enter if you do not want to allow any access now."
+ echo
+
+ sed -i -e "s#-x tcp.cdb#-x control/tcp.axfrdns.cdb#g" ${mypath}/axfrdns/${myip}/run
+ if [ -e ${TCPRULES_DIR}/tcp.axfrdns ]
+ then
+ ewarn "${TCPRULES_DIR}/tcp.axfrdns exists."
+ read -p " Do you want it cleared? [y|N]: " answer
+ if [ "${answer}" == "y" ]
+ then
+ echo '# sample line: 1.2.3.4:allow,AXFR="heaven.af.mil/3.2.1.in-addr.arpa"' > ${TCPRULES_DIR}/tcp.axfrdns
+ fi
+ fi
+
+ read -p " IP to allow (press Enter to end)> " ipallow
+
+ while [ "$ipallow" != "" ]
+ do
+ echo "${ipallow}:allow" >> ${TCPRULES_DIR}/tcp.axfrdns
+ read -p " IP to allow (press Enter to end)> " ipallow
+ done
+ echo ":deny" >> ${TCPRULES_DIR}/tcp.axfrdns
+
+ echo " Here are the tcprules created so far:"
+ echo
+ cat ${TCPRULES_DIR}/tcp.axfrdns
+ echo
+ local answer=""
+ read -p " Would you like ${TCPRULES_DIR}/tcp.axfrdns.cdb updated? [Y|n]: " answer
+ if [ "${answer}" == "Y" ] || [ "${answer}" == "" ]
+ then
+ ebegin "Updating ${TCPRULES_DIR}/tcp.axfrdns.cdb"
+ bash -c "cd ${TCPRULES_DIR} && make" && eend 0 || eend 1
+ fi
+ return 0
+}
+
+dnscache_setup()
+{
+ echo ": Configure forwarding :"
+ echo
+ echo " dnscache can be configured to forward queries to another"
+ echo " DNS cache (such as the one your ISP provides) rather than"
+ echo " performing the lookups itself."
+ echo
+ echo " To enable this forwarding-only mode (usually a good idea),"
+ echo " provide the IPs of the caches to forward to."
+ echo " To have dnscache perform the lookups itself, just press Enter."
+ echo
+ read -p " forward-to IP> " myforward
+ echo
+ if [ "$myforward" != "" ]
+ then
+ echo $myforward > ${mypath}/dnscache/${myip}/root/servers/\@
+ echo -n "1" > ${mypath}/dnscache/${myip}/env/FORWARDONLY
+
+ read -p " forward-to IP (press Enter to end)> " myforward
+ while [ "$myforward" != "" ]
+ do
+ echo $myforward >> ${mypath}/dnscache/${myip}/root/servers/\@
+ read -p " forward-to IP (press Enter to end)> " myforward
+ done
+
+ echo
+ echo " Currently all queries will be forwarded to:"
+ echo
+ cat ${mypath}/dnscache/${myip}/root/servers/\@
+ echo
+ fi
+
+ echo "${SEPARATOR}"
+ echo ": Configuring clients :"
+ echo
+ echo " By default dnscache allows only localhost (127.0.0.1) to"
+ echo " access it. You have to specify the IP addresses of the"
+ echo " clients that shall be allowed to use it."
+ echo
+ echo " Example:"
+ echo " 1.2.3.4 would allow only one host: 1.2.3.4"
+ echo " 1.2.3 would allow all hosts 1.2.3.0/24 (e.g. 1.2.3.4, 1.2.3.100, etc.)"
+ echo
+ echo " Press Enter if you do NOT want to allow external clients!"
+ echo
+
+ read -p " Allowed IP> " myclientip
+
+ while [ "$myclientip" != "" ]
+ do
+ touch ${mypath}/dnscache/${myip}/root/ip/${myclientip}
+ read -p " Allowed IP (press Enter to end)> " myclientip
+ done
+
+ echo
+ echo " All queries from the hosts below will be answered:"
+ echo
+ ls -1 ${mypath}/dnscache/${myip}/root/ip
+ echo
+
+ #TODO
+ #configure cachsize - $mypath/env/CACHESIZE
+
+ #TODO
+ #configure datalimit - $mypath/env/DATALIMIT
+ return 0
+}
+
+common_setup()
+{
+ local service_human="$1"
+ local service_machine="$2"
+ local services="$3"
+
+ echo ": ${service_human} setup :"
+ echo
+
+ for service in ${services};
+ do
+ if [ ! -e ${mypath}/${service} ]
+ then
+ ebegin "Creating ${mypath}/${service}"
+ mkdir -p $mypath/${service} && eend 0 || eend 1
+ fi
+ done
+
+ echo "${SEPARATOR}"
+ echo ": IP address to bind to :"
+ echo
+ echo " Specify an address to which the ${service_human} should bind."
+ echo " Currently accessible IPs:"
+ local addrs=`ifconfig -a | grep "inet addr" | cut -f2 -d":" | cut -f1 -d" "`
+ echo " "$addrs
+ echo
+
+ while [ "${myip}" == "" ]
+ do
+ read -p " IP to bind to> " myip
+ done
+ echo
+
+ for service in ${services};
+ do
+ IPs[${service}]="${IPs[${service}]} ${myip}"
+ done
+
+ local dnscache_INSTALL="/usr/bin/dnscache-conf dnscache dnslog ${mypath}/dnscache/${myip} $myip"
+ local tinydns_INSTALL="/usr/bin/tinydns-conf tinydns dnslog ${mypath}/tinydns/${myip} $myip"
+ local axfrdns_INSTALL="\
+ /usr/bin/axfrdns-conf tinydns dnslog ${mypath}/axfrdns/${myip} ${mypath}/tinydns/${myip} $myip &&\
+ mkdir -p ${mypath}/axfrdns/${myip}/control &&\
+ echo -e \"tcp.axfrdns.cdb:\ttcp.axfrdns\n\ttcprules tcp.axfrdns.cdb .tcp.axfrdns.cdb.tmp < tcp.axfrdns\" > ${mypath}/axfrdns/${myip}/control/Makefile &&\
+ rm -f ${mypath}/axfrdns/${myip}/tcp ${mypath}/axfrdns/${myip}/Makefile"
+
+ for service in ${services};
+ do
+ if [ ! -e ${mypath}/${service}/${myip} ]
+ then
+ ebegin "Setting up ${service} in ${mypath}/${service}/${myip}"
+ eval command=\$${service}_INSTALL
+ /bin/bash -c "${command}" && eend 0 || eend 1
+ else
+ ewarn "${service} directory ${mypath}/${service}/${myip} exists, nothing done."
+ fi
+ done
+
+}
+
+# functions }}}
+
+# {{{ main script
+
+if [ `id -u` -ne 0 ]
+then
+ ewarn "You must be root to run this script, sorry."
+ exit 1
+else
+
+ echo "${D_SEPARATOR}"
+ echo ": DJB DNS setup :"
+ echo
+ echo " This script will help you setup the following:"
+ echo
+ echo " DNS server(s): to publish addresses of Internet hosts"
+ echo
+ echo " DNS cache(s) : to find addresses of Internet hosts"
+ echo
+ echo " For further information see:"
+ echo " http://cr.yp.to/djbdns/blurb/overview.html"
+ echo
+ ewarn "If you have already setup your services,"
+ ewarn "either exit now, or setup in different directories."
+ echo
+
+ answer=""
+ read -p " Would you like to continue with setup? [Y|n]> " answer
+ if [ "${answer}" == "n" ] || [ "${answer}" == "N" ]
+ then
+ ewarn "Aborting setup"
+ exit 1
+ fi
+
+ echo "${D_SEPARATOR}"
+ echo ": Choose install location :"
+ echo
+ default_path="/var"
+ echo " The default (${default_path}) will install them"
+ echo " in ${default_path}/\${service}/\${IP_ADDRESS}"
+ echo
+ echo " For example:"
+ echo " /var/tinydns /1.2.3.4"
+ echo " /192.168.33.1"
+ echo " /axfrdns /1.2.3.4"
+ echo " /192.168.33.1"
+ echo " /dnscache/127.0.0.1"
+ echo
+ ewarn "Do NOT enter trailing slash"
+ echo " Where do you want services installed?"
+ read -p "[${default_path}] > " mypath
+ echo
+
+ if [ "${mypath}" == "" ]
+ then
+ mypath=${default_path}
+ fi
+
+ echo "${D_SEPARATOR}"
+ check_group_users
+
+ answer=""
+ another=""
+ until [ "$answer" == "n" ]
+ do
+ echo "${D_SEPARATOR}"
+ answer=""
+ read -p " Would you like to setup ${another}dnscache? [Y|n]> " answer
+ if [ "${answer}" == "Y" ] || [ "${answer}" == "" ]
+ then
+ myip=""
+ echo "${S_SEPARATOR}"
+ common_setup "DNS cache" "dnscache" "dnscache"
+ if [ $? == 0 ]
+ then
+ dnscache_setup
+ else
+ ewarn "Skipping dnscache specific setup."
+ fi
+ fi
+ another="another "
+ done
+
+ answer=""
+ another=""
+ until [ "$answer" == "n" ]
+ do
+ echo "${D_SEPARATOR}"
+ answer=""
+ read -p " Would you like to setup ${another}DNS server? [Y|n]> " answer
+ if [ "${answer}" == "Y" ] || [ "${answer}" == "" ]
+ then
+ myip=""
+ echo "${S_SEPARATOR}"
+ common_setup "DNS server" "{tinydns,afxrdns}" "tinydns axfrdns"
+ if [ $? == 0 ]
+ then
+ tinydns_setup
+ axfrdns_setup
+ else
+ ewarn "Skipping tinydns and axfrdns specific setup."
+ fi
+ fi
+ another="another "
+ done
+
+ echo "${D_SEPARATOR}"
+
+ start_services "tinydns axfrdns dnscache"
+
+ echo "${D_SEPARATOR}"
+fi
+# main script }}}
+# vim: set ts=4 fenc=utf-8 foldmethod=marker:
--- /dev/null
+#!/bin/bash
+
+#for einfo, ewarn etc..
+. /sbin/functions.sh
+
+setup() {
+ echo
+ echo
+ einfo "Dnscache Setup"
+ echo
+ echo
+ echo ">>> More information on this package can be found at"
+ echo ">>> http://cr.yp.to/djbdns.html and http://djbdns.org"
+ echo
+ echo "After this script completes, dnscache will be configured."
+ echo "Your /etc/resolv.conf will be updated so that all DNS"
+ echo "lookups will be directed to dnscache."
+ echo
+ echo "Your original /etc/resolv.conf will be backed up to "
+ echo "/etc/resolv.conf.orig."
+ echo
+ echo "If you have previously setup dnscache, those directories will"
+ echo "not be overwritten. To redo setup, delete your dnscache"
+ echo "dirs first or choose a different install location."
+ echo
+ echo '(press enter to begin setup, or press control-C to abort)'
+ echo
+ read
+
+ echo
+ einfo "Install location"
+ echo
+ echo "Where do you want dnscache installed?"
+ echo "Ex. Default (/var) will install dnscache in /var/dnscache,"
+ echo "or an external cache in /var/dnscachex."
+ echo "!!No trailing slash!!"
+ echo
+ read -p "[/var]> " mypath
+ echo
+
+ if [ "$mypath" == "" ]
+ then
+ mypath="/var"
+ fi
+
+ if [ ! -e ${mypath} ]
+ then
+ echo ">>> Creating ${mypath}..."
+ mkdir $mypath
+ fi
+
+ echo
+ echo
+ einfo "Internal or external cache?"
+ echo
+ echo "Specify an address to which dnscache should bind."
+ echo "If this is the only machine accessing dnscache,"
+ echo "127.0.0.1 is a good start."
+ echo "Currently running IP addresses:"
+ echo
+
+ # grab interfaces
+ addrs=`ifconfig -a | grep "inet addr" | cut -f2 -d":" | cut -f1 -d" "`
+
+ echo $addrs
+ echo
+ read -p "IP to bind cache to [127.0.0.1]> " myip
+ echo
+
+ if [ "$myip" == "" ]
+ then
+ myip="127.0.0.1"
+ mycachedir="dnscache"
+ else
+ mycachedir="dnscachex"
+ fi
+
+ # check for existance of users dnscache and dnslog:
+ echo
+ echo
+ einfo "Checking for dnscache and dnslog user accts ..."
+ echo
+ /usr/bin/grep nofiles /etc/group &> /dev/null
+ if [ $? -ne 0 ]
+ then
+ echo ">>> Adding group nofiles ..."
+ /usr/sbin/groupadd nofiles &> /dev/null
+ fi
+
+ /usr/bin/grep dnscache /etc/passwd &> /dev/null
+ if [ $? -ne 0 ]
+ then
+ echo ">>> Adding user dnscache ..."
+ /usr/sbin/useradd -d /dev/null -s /bin/false -g nofiles \
+ dnscache &> /dev/null
+ fi
+
+ /usr/bin/grep dnslog /etc/passwd &> /dev/null
+ if [ $? -ne 0 ]
+ then
+ echo ">>> Adding user dnslog ..."
+ /usr/sbin/useradd -d /dev/null -s /bin/false -g nofiles \
+ dnslog &> /dev/null
+ fi
+
+ if [ ! -e ${mypath}/${mycachedir} ]
+ then
+ /usr/bin/dnscache-conf dnscache dnslog \
+ ${mypath}/${mycachedir} ${myip}
+ else
+ ewarn "*** dnscache directory currently exists, nothing done."
+ fi
+
+ echo
+ echo
+ einfo "Configure a forward for dnscache?"
+ echo
+ echo "dnscache can be configured to forward queries to another"
+ echo "nameserver (such as the nameserver of your ISP) rather than "
+ echo "perform the lookups itself. If you would like to enable this "
+ echo "forwarding mode (a good idea most of the time), then enter the "
+ echo "IP's of your forwarding nameservers now,"
+ echo "otherwise just hit Enter."
+ echo
+ read -p "enter forward-to IP> " myforward
+ echo
+ if [ "$myforward" != "" ]
+ then
+ echo $myforward > ${mypath}/${mycachedir}/root/servers/\@
+ echo -n "1" > ${mypath}/${mycachedir}/env/FORWARDONLY
+
+ read -p "enter forward-to IP [hit Enter to stop]> " myforward
+ while [ "$myforward" != "" ]
+ do
+ echo $myforward >> ${mypath}/${mycachedir}/root/servers/\@
+ read -p "enter forward-to IP [hit Enter to stop]> " myforward
+ done
+ echo ">>> Setting up forwarding..."
+ fi
+
+ if [ "$myip" != "127.0.0.1" ]
+ then
+ echo
+ echo
+ einfo "Configuring clients"
+ echo
+ echo "dnscache by default only allows 127.0.0.1 to access it."
+ echo "You have to specify the IP addresses of the clients"
+ echo "that shall be allowed to use dnscache."
+ echo
+ echo "1.2.3.4 would allow host 1.2.3.4"
+ echo "1.2.3 would allow all hosts underneath 1.2.3.x"
+ echo
+ echo "Just hit Enter if you do not want to specify clients!"
+ echo
+
+ read -p "Enter IP> " myclientip
+
+ while [ "$myclientip" != "" ]
+ do
+ touch ${mypath}/${mycachedir}/root/ip/${myclientip}
+ read -p "Enter IP (hit Enter to stop)>" myclientip
+ done
+ fi
+
+ echo
+ echo
+ einfo "Misc"
+ echo
+ if [ ! -e /var/log/dnscache ]
+ then
+ echo ">>> linking /var/log/${mycachedir} to the $mycachedir log..."
+ ln -s ${mypath}/${mycachedir}/log/main /var/log/${mycachedir}
+ fi
+
+ if [ -e /etc/resolv.conf ]
+ then
+ /usr/bin/grep $myip /etc/resolv.conf &> /dev/null
+ if [ $? -ne 0 ]
+ then
+ echo ">>> Backing up /etc/resolv.conf to resolv.conf.orig..."
+ cp /etc/resolv.conf /etc/resolv.conf.orig
+ cat /etc/resolv.conf.orig | grep -v nameserver > /etc/resolv.conf
+ echo ">>> Removed nameserver entries from resolv.conf..."
+ echo nameserver $myip >> /etc/resolv.conf
+ echo
+ echo ">>> Added \"nameserver ${myip}\" to /etc/resolv.conf!"
+ else
+ echo ">>> ${myip} is already in /etc/resolv.conf - nothing done!"
+ fi
+ else
+ echo nameserver $myip >> /etc/resolv.conf
+ echo
+ echo ">>> Added \"nameserver ${myip}\" to /etc/resolv.conf!"
+ fi
+
+ #TODO
+ #configure cachsize - $mypath/env/CACHESIZE
+
+ #TODO
+ #configure datalimit - $mypath/env/DATALIMIT
+
+ echo
+ echo
+ einfo "Start service"
+ echo
+ echo "dnscache is ready for startup."
+ echo "Do you want dnscache to be started and"
+ echo "supervised by daemontools now?"
+
+ echo
+ echo "This requires svscan (daemontools) to be running currently and"
+ echo "monitoring /service !!"
+ echo
+ echo '(press control-C to abort)'
+ read
+
+ # check in /mnt/.init.d to find svscan link in running...
+ # if not running execute /etc/init.d/svscan start
+ # Don't make symbolic links to / !
+ # use ../ instead as it gives trouble in chrooted environments
+ # By Kalin KOZHUHAROV <kalin@ThinRope.net>
+ local fixedroot_path=`echo ${mypath} | sed -e 's#^/#../#'`
+ cd /service
+ ln -sf ${fixedroot_path}/${mycachedir} .
+
+ echo
+ echo
+ einfo "Installation successfull"
+ echo
+}
+
+# check for root user
+
+if [ `id -u` -ne 0 ]
+then
+ eerror "${0}: must be root."
+ exit 1
+fi
+
+
+# run setup
+setup
--- /dev/null
+--- djbdns-1.05.old/dnsroots.global.old Fri May 31 19:42:37 2002
++++ djbdns-1.05/dnsroots.global Thu Jan 29 21:41:56 2004
+@@ -1,5 +1,5 @@
+ 198.41.0.4
+-128.9.0.107
++192.228.79.201
+ 192.33.4.12
+ 128.8.10.90
+ 192.203.230.10
+@@ -7,7 +7,7 @@
+ 192.112.36.4
+ 128.63.2.53
+ 192.36.148.17
+-198.41.0.10
++192.58.128.30
+ 193.0.14.129
+ 198.32.64.12
+ 202.12.27.33
--- /dev/null
+--- djbdns-1.05/dnstracesort.sh.orig 2006-04-26 21:52:54.000000000 +0200
++++ djbdns-1.05/dnstracesort.sh 2006-04-26 21:53:02.000000000 +0200
+@@ -12,7 +12,7 @@
+ }
+ print
+ }
+-' | sort -t: +0 -2 +4 +3 -4 +2 -3 | uniq | awk -F: '
++' | sort -t: -k 1,3 -k 5 -k 4,5 -k 3,4 | uniq | awk -F: '
+ {
+ type = $1
+ q = $2
--- /dev/null
+diff -Naur /tmp/djbdns-1.05/Makefile djbdns-1.05/Makefile
+--- a/djbdns-1.05/Makefile 2003-11-16 20:33:41.000000000 +0100
++++ b/djbdns-1.05/Makefile 2003-11-16 20:35:15.000000000 +0100
+@@ -31,7 +31,7 @@
+
+ auto_home.c: \
+ auto-str conf-home
+- ./auto-str auto_home `head -1 conf-home` > auto_home.c
++ ./auto-str auto_home `head -n 1 conf-home` > auto_home.c
+
+ auto_home.o: \
+ compile auto_home.c
+@@ -205,14 +205,14 @@
+ choose: \
+ warn-auto.sh choose.sh conf-home
+ cat warn-auto.sh choose.sh \
+- | sed s}HOME}"`head -1 conf-home`"}g \
++ | sed s}HOME}"`head -n 1 conf-home`"}g \
+ > choose
+ chmod 755 choose
+
+ compile: \
+ warn-auto.sh conf-cc
+ ( cat warn-auto.sh; \
+- echo exec "`head -1 conf-cc`" '-c $${1+"$$@"}' \
++ echo exec "`head -n 1 conf-cc`" '-c $${1+"$$@"}' \
+ ) > compile
+ chmod 755 compile
+
+@@ -449,7 +449,7 @@
+ dnstracesort: \
+ warn-auto.sh dnstracesort.sh conf-home
+ cat warn-auto.sh dnstracesort.sh \
+- | sed s}HOME}"`head -1 conf-home`"}g \
++ | sed s}HOME}"`head -n 1 conf-home`"}g \
+ > dnstracesort
+ chmod 755 dnstracesort
+
+@@ -570,7 +570,7 @@
+ warn-auto.sh conf-ld
+ ( cat warn-auto.sh; \
+ echo 'main="$$1"; shift'; \
+- echo exec "`head -1 conf-ld`" \
++ echo exec "`head -n 1 conf-ld`" \
+ '-o "$$main" "$$main".o $${1+"$$@"}' \
+ ) > load
+ chmod 755 load
+@@ -758,7 +758,7 @@
+ rts: \
+ warn-auto.sh rts.sh conf-home
+ cat warn-auto.sh rts.sh \
+- | sed s}HOME}"`head -1 conf-home`"}g \
++ | sed s}HOME}"`head -n 1 conf-home`"}g \
+ > rts
+ chmod 755 rts
+
+@@ -901,8 +901,8 @@
+ systype: \
+ find-systype.sh conf-cc conf-ld trycpp.c x86cpuid.c
+ ( cat warn-auto.sh; \
+- echo CC=\'`head -1 conf-cc`\'; \
+- echo LD=\'`head -1 conf-ld`\'; \
++ echo CC=\'`head -n 1 conf-cc`\'; \
++ echo LD=\'`head -n 1 conf-ld`\'; \
+ cat find-systype.sh; \
+ ) | sh > systype
+
--- /dev/null
+#!/bin/bash
+
+#
+# source functions.sh for einfo, eerror and ewarn
+. /sbin/functions.sh
+
+setup() {
+ echo
+ echo
+ einfo "tinydns Setup"
+ echo
+ echo ">>> More information on this package can be found at"
+ echo ">>> http://cr.yp.to/djbdns/tinydns.html"
+ echo
+ echo "If you have previously setup tinydns, those directories will"
+ echo "not be overwritten. To redo setup, delete your"
+ echo "tinydns dir tree first."
+ echo
+ echo '(press enter to begin setup, or press control-C to abort)'
+ echo
+ read
+
+ echo
+ einfo "Install location"
+ echo
+ echo "Where do you want tinydns installed?"
+ echo "Ex. /var would install dnscache in /var/tinydns."
+ echo "!!No trailing slash!!"
+ echo
+ read -p "[/var]> " mypath
+ echo
+
+ if [ "$mypath" == "" ]
+ then
+ mypath="/var"
+ fi
+
+ if [ ! -e ${mypath} ]
+ then
+ echo ">>> Creating ${mypath}..."
+ mkdir $mypath
+ fi
+
+ # check for existance of users tinydns and dnslog:
+ echo
+ echo
+ einfo "Checking for tinydns and dnslog user accts ..."
+ echo
+ /usr/bin/grep nofiles /etc/group &> /dev/null
+ if [ $? -ne 0 ]
+ then
+ echo ">>> Adding group nofiles ..."
+ /usr/sbin/groupadd nofiles &> /dev/null
+ fi
+
+ /usr/bin/grep tinydns /etc/passwd &> /dev/null
+ if [ $? -ne 0 ]
+ then
+ echo ">>> Adding user tinydns ..."
+ /usr/sbin/useradd -d /dev/null -s /bin/false -g nofiles \
+ tinydns &> /dev/null
+ fi
+
+ /usr/bin/grep dnslog /etc/passwd &> /dev/null
+ if [ $? -ne 0 ]
+ then
+ echo ">>> Adding user dnslog ..."
+ /usr/sbin/useradd -d /dev/null -s /bin/false -g nofiles \
+ dnslog &> /dev/null
+ fi
+
+
+ # grab interfaces
+ addrs=`ifconfig -a | grep "inet addr" | cut -f2 -d":" | cut -f1 -d" "`
+
+ echo "Specify an address to which tinydns should bind."
+ echo "NOTICE: tinydns must be able to bind to port 53 on "
+ echo "choosen ip address! udp by tinydns - tcp by axfrdns"
+ echo "Usually this is NOT 127.0.0.1"
+ echo "Currently running IP addresses:"
+ echo
+ echo $addrs
+ echo
+
+ while [ "$myip" = "" ]
+ do
+ read -p "IP to bind nameserver to>" myip
+ done
+ echo
+
+ if [ ! -e ${mypath}/tinydns ]
+ then
+ einfo "Setting up tinydns..."
+ /usr/bin/tinydns-conf tinydns dnslog \
+ ${mypath}/tinydns $myip
+ else
+ ewarn "*** tinydns directory currently exists, nothing done."
+ fi
+
+ #add afxrdns
+ if [ ! -e ${mypath}/axfrdns ]
+ then
+ einfo "Setting up axfrdns..."
+ /usr/bin/axfrdns-conf tinydns dnslog \
+ ${mypath}/axfrdns ${mypath}/tinydns $myip
+ else
+ ewarn "*** axfrdns directory currently exists, nothing done."
+ fi
+
+ #grant access to axfrdns
+
+ echo
+ echo
+ einfo "Start service"
+ echo
+ echo "tinydns is ready for startup."
+ echo "Do you want dnscache to be started and"
+ echo "supervised by daemontools now?"
+
+ echo
+ echo "This requires daemontools to supervise"
+ echo "/service !!"
+ echo
+ echo '(press control-C to abort)'
+ read
+
+ # Don't make symbolic links to / !
+ # use ../ instead as it gives trouble in chrooted environments
+ # By Kalin KOZHUHAROV <kalin@ThinRope.net>
+ local fixedroot_path=`echo ${mypath} | sed -e 's#^/#../#'`
+ cd /service
+ ln -sf ${fixedroot_path}/tinydns .
+ ln -sf ${fixedroot_path}/axfrdns .
+
+ echo
+ echo
+ einfo "Installation successfull"
+ echo
+
+}
+
+# check for root user!
+if [ `id -u` -ne 0 ]
+then
+ eerror "${0}: must be root."
+ exit 1
+fi
+
+
+# run setup
+setup
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>no-herd</herd>
+<maintainer>
+ <email>maintainer-needed@gentoo.org</email>
+</maintainer>
+</pkgmetadata>