-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 28 Apr 2005 23:57:32 +0400
Source: rbldnsd
Binary: rbldnsd
Architecture: source i386
Version: 0.995
Distribution: unstable
Urgency: low
Maintainer: Santiago Vila <sanvila@debian.org>
Changed-By: Michael Tokarev <mjt@corpit.ru>
Description:
rbldnsd - small nameserver daemon designed for DNSBLs
Changes:
rbldnsd (0.995) unstable; urgency=low
.
* released 0.995
.
* ensure we do not return more than 255 answers (which can happen when
EDNS0 size extensions are enabled), as the code isn't prepared to handle
2-byte numanswers field in DNS packet header.
.
rbldnsd (0.994.94) unstable; urgency=low
.
* fixed EDNS0 (it now really works)
.
* fixed NS+glue records - if there's no room for glue but auth section
can be added, add auth w/o glue
.
* remove p_..cnt #defines (to be p_..cnt2), as they're confusing
.
rbldnsd (0.994.93) unstable; urgency=low
.
* glue records for NSes, finally.
.
* when queried for NS or ANY to the base zone, return NS recs in
both answer and authority sections.
.
* in acl "dataset", default action is now "ignore", not "always-listed"
.
rbldnsd (0.994.92) unstable; urgency=low
.
* finally: EDNS0 support. Patch was here for a long time, now applied.
.
* ACL (initial, experimental) support, with quite some changes all over
to make it possible/easier:
- add peer address info pointers to struct dnspacket
(and made both struct packet and peer sockaddr to be static
in rbldnsd.c); remove peer address parameters from
logreply().
- add DSTF_SPECIAL flag, to indicate this dataset type can't be nested;
modify rbldnsd_combined.c accordingly
- remove (unused) DSTF_ZERODN flag
- define two new helper macros, dstype(name) and isdstype(dst,name),
to refer to types of datasets, and use the macros in the code
- add ACL-specific RR info into struct dnspacket
- dataset query types now return bitflags, not true/false:
NSQUERY_FOUND (1) - found a matching record
NSQUERY_ADDPEER (2) - for "always listed" acl, we should add
the "always listed" ACL RR into the reply packet.
return NSQUERY_FOUND instead of generic `1' in all dataset->queryfns.
- extend qi_tflag to also include ACL-specific flags:
NSQUERY_IGNORE, NSQUERY_REFUSE, NSQUERY_EMPTY, NSQUERY_ALWAYS
- add check_query_overwrites() macro to test the above flags and
return NSQUERY_ADDPEER or other bits in dataset->queryfn routines,
and use this macro in all non-metadata datasets
- when constructing reply, collect flags from queryfns, not boolean.
- add g_dsacl and zone->z_dsacl pointers (global and zone-specific
datasets)
- modify rbldnsd_zones.c:addzone() to recognize ACLs and to disallow
empty base zone domain name.
- disallow $NS and $SOA for ACL-type datasets in ds_special()
- new dataset file: rbldnsd_acl.c. Add acl dataset into global
dataset type list.
- actually call ACL-specific routine -- ds_acl_query() -- when
constructing reply to a query
- when at the end of constructing answer section of the reply
we notice "always-listed" ACL has been triggered, add
ACL-specific A+TXT records into the reply
Files:
1e1aee9ce323d09c9e5a555d4c5071fb 535 net optional rbldnsd_0.995.dsc
888a61e9a296a1b76db0c94ca44c612a 102700 net optional rbldnsd_0.995.tar.gz
00e23c03a81c532001d7cb399a2faa5e 81684 net optional rbldnsd_0.995_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFCfQPkd9Uuvj7yPNYRArxTAKDAbEs1tZyOmuxcGS1HfOGh+xW6EgCglSfH
9eiEZv65ok9xjy05+jCTUAY=
=97+J
-----END PGP SIGNATURE-----
Accepted:
rbldnsd_0.995.dsc
to pool/main/r/rbldnsd/rbldnsd_0.995.dsc
rbldnsd_0.995.tar.gz
to pool/main/r/rbldnsd/rbldnsd_0.995.tar.gz
rbldnsd_0.995_i386.deb
to pool/main/r/rbldnsd/rbldnsd_0.995_i386.deb
--
To UNSUBSCRIBE, email to debian-devel-changes-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
