Split off the named.conf grammar into a source module separate
from the configuration parser, to facilitate reuse of the latter for
parsing non-BIND configuration files
Check return values or cast them to (void), as required by the coding
standards; add exceptions to the coding standards for cases where this is
not desirable
@Add bind9_getaddresses(), a consistent version of the get_address function
from dig/host/nslookup, nsupdate, and rndc. This should make it
easier to have the various programs support multiple addresses for a hostname.
replay protection requires both rndc and named to
be updated. Partial replay protection (limited
exposure after restart) is provided if just named
is updated.
[RT #1709]
Change isc_entropy_usebestsource() to have saner semantics:
- If an invalid file is specified, an error will be returned instead of the
keyboard being used.
- If no file is specified but a random device is present, the keyboard will
be used if there is an error opening the random device.
- ISC_ENTROPY_KEYBOARDYES indicates that the keyboard should be the
only device used. Otherwise, passing '-r keyboard' is meaningless
on a machine with a random device, since the keyboard will not be used.
Change the callers in the dnssec tools and rndc-confgen to check for the
special file "keyboard" and call isc_entropy_usebestsource() with the right set
of parameters.
1) rndc would crash if rndc.conf could not be read
2) rndc running in named.key mode required a working
DNS to resolve the default server name "localhost",
causing a chicken-and-egg problem when using rndc
to fix a broken DNS. Fixed by changing the default
to 127.0.0.1. This will probably offend some IPv6
people.
