From owner-p4-projects@FreeBSD.ORG  Fri Jul 27 21:35:42 2007
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id C9F3716A420; Fri, 27 Jul 2007 21:35:41 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 93A2016A418
	for <perforce@freebsd.org>; Fri, 27 Jul 2007 21:35:41 +0000 (UTC)
	(envelope-from peter@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 7577413C442
	for <perforce@freebsd.org>; Fri, 27 Jul 2007 21:35:41 +0000 (UTC)
	(envelope-from peter@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id l6RLZfOm077197
	for <perforce@freebsd.org>; Fri, 27 Jul 2007 21:35:41 GMT
	(envelope-from peter@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.1/8.14.1/Submit) id l6RLZajd077193
	for perforce@freebsd.org; Fri, 27 Jul 2007 21:35:36 GMT
	(envelope-from peter@freebsd.org)
Date: Fri, 27 Jul 2007 21:35:36 GMT
Message-Id: <200707272135.l6RLZajd077193@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	peter@freebsd.org using -f
From: Peter Wemm <peter@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 124217 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Jul 2007 21:35:42 -0000

http://perforce.freebsd.org/chv.cgi?CH=124217

Change 124217 by peter@peter_overcee on 2007/07/27 21:35:15

	IFC @@124213

Affected files ...

.. //depot/projects/hammer/contrib/bind9/CHANGES#8 integrate
.. //depot/projects/hammer/contrib/bind9/README#7 integrate
.. //depot/projects/hammer/contrib/bind9/bin/named/client.c#6 integrate
.. //depot/projects/hammer/contrib/bind9/bin/named/server.c#6 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM-book.xml#6 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch01.html#5 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch02.html#5 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch03.html#6 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch04.html#6 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch05.html#6 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch06.html#6 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch07.html#6 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch08.html#6 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch09.html#6 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch10.html#2 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.html#6 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.pdf#4 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/man.dig.html#2 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/man.dnssec-keygen.html#2 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/man.dnssec-signzone.html#2 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/man.host.html#2 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/man.named-checkconf.html#2 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/man.named-checkzone.html#2 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/man.named.html#2 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/man.rndc-confgen.html#2 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/man.rndc.conf.html#2 integrate
.. //depot/projects/hammer/contrib/bind9/doc/arm/man.rndc.html#2 integrate
.. //depot/projects/hammer/contrib/bind9/lib/dns/dispatch.c#4 integrate
.. //depot/projects/hammer/contrib/bind9/lib/dns/include/dns/dispatch.h#3 integrate
.. //depot/projects/hammer/contrib/bind9/version#8 integrate
.. //depot/projects/hammer/contrib/openbsm/HISTORY#5 integrate
.. //depot/projects/hammer/contrib/openbsm/README#5 integrate
.. //depot/projects/hammer/contrib/openbsm/VERSION#5 integrate
.. //depot/projects/hammer/contrib/openbsm/bin/audit/audit.8#3 integrate
.. //depot/projects/hammer/contrib/openbsm/bin/audit/audit.c#3 integrate
.. //depot/projects/hammer/contrib/openbsm/bin/auditd/audit_warn.c#3 integrate
.. //depot/projects/hammer/contrib/openbsm/bin/auditd/auditd.8#4 integrate
.. //depot/projects/hammer/contrib/openbsm/bin/auditd/auditd.c#5 integrate
.. //depot/projects/hammer/contrib/openbsm/bin/auditd/auditd.h#3 integrate
.. //depot/projects/hammer/contrib/openbsm/bin/auditreduce/auditreduce.c#4 integrate
.. //depot/projects/hammer/contrib/openbsm/config/config.h#5 integrate
.. //depot/projects/hammer/contrib/openbsm/configure#5 integrate
.. //depot/projects/hammer/contrib/openbsm/configure.ac#5 integrate
.. //depot/projects/hammer/contrib/openbsm/etc/audit_event#6 integrate
.. //depot/projects/hammer/contrib/openbsm/libbsm/au_control.3#4 integrate
.. //depot/projects/hammer/contrib/openbsm/libbsm/au_event.3#3 integrate
.. //depot/projects/hammer/contrib/openbsm/libbsm/audit_submit.3#3 integrate
.. //depot/projects/hammer/contrib/openbsm/libbsm/bsm_io.c#5 integrate
.. //depot/projects/hammer/contrib/openbsm/libbsm/bsm_token.c#5 integrate
.. //depot/projects/hammer/etc/mtree/BSD.usr.dist#39 integrate
.. //depot/projects/hammer/etc/rc.d/netif#20 integrate
.. //depot/projects/hammer/lib/libc/net/sctp_sys_calls.c#9 integrate
.. //depot/projects/hammer/lib/libc/stdlib/getenv.c#5 integrate
.. //depot/projects/hammer/lib/libc/yp/yplib.c#8 integrate
.. //depot/projects/hammer/lib/libpam/modules/pam_lastlog/pam_lastlog.c#7 integrate
.. //depot/projects/hammer/lib/ncurses/config.mk#3 integrate
.. //depot/projects/hammer/lib/ncurses/ncurses/Makefile#6 integrate
.. //depot/projects/hammer/libexec/getty/ttys.5#5 integrate
.. //depot/projects/hammer/release/doc/en_US.ISO8859-1/relnotes/article.sgml#13 integrate
.. //depot/projects/hammer/sbin/Makefile#46 integrate
.. //depot/projects/hammer/sbin/iscontrol/Makefile#1 branch
.. //depot/projects/hammer/sbin/iscontrol/auth_subr.c#1 branch
.. //depot/projects/hammer/sbin/iscontrol/config.c#1 branch
.. //depot/projects/hammer/sbin/iscontrol/fsm.c#1 branch
.. //depot/projects/hammer/sbin/iscontrol/iscontrol.8#1 branch
.. //depot/projects/hammer/sbin/iscontrol/iscontrol.c#1 branch
.. //depot/projects/hammer/sbin/iscontrol/iscontrol.h#1 branch
.. //depot/projects/hammer/sbin/iscontrol/iscsi.conf.5#1 branch
.. //depot/projects/hammer/sbin/iscontrol/login.c#1 branch
.. //depot/projects/hammer/sbin/iscontrol/misc.c#1 branch
.. //depot/projects/hammer/sbin/iscontrol/pdu.c#1 branch
.. //depot/projects/hammer/sbin/iscontrol/pdu.h#1 branch
.. //depot/projects/hammer/share/examples/kld/syscall/module/syscall.c#3 integrate
.. //depot/projects/hammer/share/man/man4/Makefile#93 integrate
.. //depot/projects/hammer/share/man/man4/iscsi_initiator.4#1 branch
.. //depot/projects/hammer/share/man/man4/udav.4#7 integrate
.. //depot/projects/hammer/share/man/man4/usb.4#12 integrate
.. //depot/projects/hammer/share/man/man7/ports.7#19 integrate
.. //depot/projects/hammer/share/man/man8/rc.8#11 integrate
.. //depot/projects/hammer/share/man/man9/sysctl_ctx_init.9#5 integrate
.. //depot/projects/hammer/share/mk/version_gen.awk#3 integrate
.. //depot/projects/hammer/sys/amd64/amd64/trap.c#98 integrate
.. //depot/projects/hammer/sys/amd64/isa/clock.c#63 integrate
.. //depot/projects/hammer/sys/arm/arm/busdma_machdep.c#24 integrate
.. //depot/projects/hammer/sys/arm/arm/cpufunc.c#12 integrate
.. //depot/projects/hammer/sys/arm/arm/cpufunc_asm_xscale_c3.S#1 branch
.. //depot/projects/hammer/sys/arm/arm/elf_trampoline.c#9 integrate
.. //depot/projects/hammer/sys/arm/arm/identcpu.c#9 integrate
.. //depot/projects/hammer/sys/arm/arm/intr.c#16 integrate
.. //depot/projects/hammer/sys/arm/arm/pmap.c#40 integrate
.. //depot/projects/hammer/sys/arm/arm/vm_machdep.c#26 integrate
.. //depot/projects/hammer/sys/arm/conf/CRB#1 branch
.. //depot/projects/hammer/sys/arm/include/armreg.h#5 integrate
.. //depot/projects/hammer/sys/arm/include/cpufunc.h#11 integrate
.. //depot/projects/hammer/sys/arm/include/pmap.h#22 integrate
.. //depot/projects/hammer/sys/arm/include/pte.h#5 integrate
.. //depot/projects/hammer/sys/arm/xscale/i80321/i80321_pci.c#10 integrate
.. //depot/projects/hammer/sys/arm/xscale/i80321/i80321_timer.c#12 integrate
.. //depot/projects/hammer/sys/arm/xscale/i80321/i80321_wdog.c#4 integrate
.. //depot/projects/hammer/sys/arm/xscale/i80321/i80321var.h#5 integrate
.. //depot/projects/hammer/sys/arm/xscale/i80321/obio.c#5 integrate
.. //depot/projects/hammer/sys/arm/xscale/i8134x/crb_machdep.c#1 branch
.. //depot/projects/hammer/sys/arm/xscale/i8134x/files.crb#1 branch
.. //depot/projects/hammer/sys/arm/xscale/i8134x/files.i81342#1 branch
.. //depot/projects/hammer/sys/arm/xscale/i8134x/i81342.c#1 branch
.. //depot/projects/hammer/sys/arm/xscale/i8134x/i81342_mcu.c#1 branch
.. //depot/projects/hammer/sys/arm/xscale/i8134x/i81342_pci.c#1 branch
.. //depot/projects/hammer/sys/arm/xscale/i8134x/i81342_space.c#1 branch
.. //depot/projects/hammer/sys/arm/xscale/i8134x/i81342reg.h#1 branch
.. //depot/projects/hammer/sys/arm/xscale/i8134x/i81342var.h#1 branch
.. //depot/projects/hammer/sys/arm/xscale/i8134x/obio.c#1 branch
.. //depot/projects/hammer/sys/arm/xscale/i8134x/obio_space.c#1 branch
.. //depot/projects/hammer/sys/arm/xscale/i8134x/obiovar.h#1 branch
.. //depot/projects/hammer/sys/arm/xscale/i8134x/std.crb#1 branch
.. //depot/projects/hammer/sys/arm/xscale/i8134x/std.i81342#1 branch
.. //depot/projects/hammer/sys/arm/xscale/i8134x/uart_bus_i81342.c#1 branch
.. //depot/projects/hammer/sys/arm/xscale/i8134x/uart_cpu_i81342.c#1 branch
.. //depot/projects/hammer/sys/bsm/audit.h#8 integrate
.. //depot/projects/hammer/sys/bsm/audit_internal.h#5 integrate
.. //depot/projects/hammer/sys/bsm/audit_kevents.h#9 integrate
.. //depot/projects/hammer/sys/bsm/audit_record.h#6 integrate
.. //depot/projects/hammer/sys/cam/scsi/scsi_cd.c#26 integrate
.. //depot/projects/hammer/sys/compat/ndis/subr_ntoskrnl.c#44 integrate
.. //depot/projects/hammer/sys/conf/Makefile.arm#23 integrate
.. //depot/projects/hammer/sys/conf/NOTES#124 integrate
.. //depot/projects/hammer/sys/conf/files#157 integrate
.. //depot/projects/hammer/sys/conf/options#112 integrate
.. //depot/projects/hammer/sys/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c#5 integrate
.. //depot/projects/hammer/sys/dev/acpica/acpi_hpet.c#7 integrate
.. //depot/projects/hammer/sys/dev/ath/ath_rate/amrr/amrr.c#12 integrate
.. //depot/projects/hammer/sys/dev/ath/ath_rate/onoe/onoe.c#14 integrate
.. //depot/projects/hammer/sys/dev/ce/if_ce.c#6 integrate
.. //depot/projects/hammer/sys/dev/cp/if_cp.c#25 integrate
.. //depot/projects/hammer/sys/dev/ctau/if_ct.c#27 integrate
.. //depot/projects/hammer/sys/dev/cx/if_cx.c#35 integrate
.. //depot/projects/hammer/sys/dev/em/if_em.c#67 integrate
.. //depot/projects/hammer/sys/dev/if_ndis/if_ndis.c#53 integrate
.. //depot/projects/hammer/sys/dev/iscsi/initiator/isc_cam.c#1 branch
.. //depot/projects/hammer/sys/dev/iscsi/initiator/isc_sm.c#1 branch
.. //depot/projects/hammer/sys/dev/iscsi/initiator/isc_soc.c#1 branch
.. //depot/projects/hammer/sys/dev/iscsi/initiator/isc_subr.c#1 branch
.. //depot/projects/hammer/sys/dev/iscsi/initiator/iscsi.c#1 branch
.. //depot/projects/hammer/sys/dev/iscsi/initiator/iscsi.h#1 branch
.. //depot/projects/hammer/sys/dev/iscsi/initiator/iscsi_subr.c#1 branch
.. //depot/projects/hammer/sys/dev/iscsi/initiator/iscsivar.h#1 branch
.. //depot/projects/hammer/sys/dev/nfe/if_nfe.c#5 integrate
.. //depot/projects/hammer/sys/dev/nfe/if_nfevar.h#4 integrate
.. //depot/projects/hammer/sys/dev/ral/rt2560.c#9 integrate
.. //depot/projects/hammer/sys/dev/ral/rt2661.c#8 integrate
.. //depot/projects/hammer/sys/dev/re/if_re.c#49 integrate
.. //depot/projects/hammer/sys/dev/sym/sym_hipd.c#26 integrate
.. //depot/projects/hammer/sys/dev/usb/if_udav.c#21 integrate
.. //depot/projects/hammer/sys/dev/usb/ufoma.c#5 integrate
.. //depot/projects/hammer/sys/dev/usb/ukbd.c#19 integrate
.. //depot/projects/hammer/sys/dev/usb/ums.c#23 integrate
.. //depot/projects/hammer/sys/dev/usb/usb_quirks.c#20 integrate
.. //depot/projects/hammer/sys/dev/usb/usbdevs#84 integrate
.. //depot/projects/hammer/sys/fs/devfs/devfs_vnops.c#52 integrate
.. //depot/projects/hammer/sys/fs/fifofs/fifo_vnops.c#39 integrate
.. //depot/projects/hammer/sys/fs/msdosfs/msdosfs_vfsops.c#44 integrate
.. //depot/projects/hammer/sys/fs/tmpfs/tmpfs_vfsops.c#5 integrate
.. //depot/projects/hammer/sys/i386/i386/trap.c#55 integrate
.. //depot/projects/hammer/sys/i386/isa/clock.c#38 integrate
.. //depot/projects/hammer/sys/ia64/ia64/clock.c#12 integrate
.. //depot/projects/hammer/sys/kern/kern_kse.c#36 integrate
.. //depot/projects/hammer/sys/kern/kern_thread.c#96 integrate
.. //depot/projects/hammer/sys/kern/subr_bus.c#54 integrate
.. //depot/projects/hammer/sys/kern/subr_clock.c#8 integrate
.. //depot/projects/hammer/sys/kern/uipc_domain.c#19 integrate
.. //depot/projects/hammer/sys/kern/uipc_usrreq.c#51 integrate
.. //depot/projects/hammer/sys/kern/vfs_mount.c#79 integrate
.. //depot/projects/hammer/sys/kern/vfs_vnops.c#48 integrate
.. //depot/projects/hammer/sys/modules/Makefile#111 integrate
.. //depot/projects/hammer/sys/modules/iscsi/Makefile#1 branch
.. //depot/projects/hammer/sys/modules/iscsi/initiator/Makefile#1 branch
.. //depot/projects/hammer/sys/net/if.c#70 integrate
.. //depot/projects/hammer/sys/net/if_bridge.c#33 integrate
.. //depot/projects/hammer/sys/net/if_bridgevar.h#11 integrate
.. //depot/projects/hammer/sys/net/if_ethersubr.c#65 integrate
.. //depot/projects/hammer/sys/net/if_lagg.c#5 integrate
.. //depot/projects/hammer/sys/net/netisr.c#14 integrate
.. //depot/projects/hammer/sys/netgraph/ng_bpf.c#6 integrate
.. //depot/projects/hammer/sys/netgraph/ng_eiface.c#26 integrate
.. //depot/projects/hammer/sys/netinet/sctp_asconf.c#10 integrate
.. //depot/projects/hammer/sys/netinet/sctp_asconf.h#6 integrate
.. //depot/projects/hammer/sys/netinet/sctp_indata.c#12 integrate
.. //depot/projects/hammer/sys/netinet/sctp_input.c#11 integrate
.. //depot/projects/hammer/sys/netinet/sctp_os_bsd.h#11 integrate
.. //depot/projects/hammer/sys/netinet/sctp_output.c#11 integrate
.. //depot/projects/hammer/sys/netinet/sctp_pcb.c#11 integrate
.. //depot/projects/hammer/sys/netinet/sctp_pcb.h#9 integrate
.. //depot/projects/hammer/sys/netinet/sctp_structs.h#10 integrate
.. //depot/projects/hammer/sys/netinet/sctp_timer.c#10 integrate
.. //depot/projects/hammer/sys/netinet/sctp_usrreq.c#11 integrate
.. //depot/projects/hammer/sys/netinet/sctputil.c#13 integrate
.. //depot/projects/hammer/sys/netinet/sctputil.h#9 integrate
.. //depot/projects/hammer/sys/netinet/tcp_input.c#76 integrate
.. //depot/projects/hammer/sys/netinet/tcp_subr.c#68 integrate
.. //depot/projects/hammer/sys/netinet/tcp_syncache.c#45 integrate
.. //depot/projects/hammer/sys/netinet/tcp_syncache.h#1 branch
.. //depot/projects/hammer/sys/netinet/tcp_var.h#45 integrate
.. //depot/projects/hammer/sys/netinet6/sctp6_usrreq.c#12 integrate
.. //depot/projects/hammer/sys/netinet6/udp6_output.c#19 delete
.. //depot/projects/hammer/sys/netinet6/udp6_usrreq.c#30 integrate
.. //depot/projects/hammer/sys/netinet6/udp6_var.h#5 integrate
.. //depot/projects/hammer/sys/nfsserver/nfs_srvsubs.c#26 integrate
.. //depot/projects/hammer/sys/nfsserver/nfs_syscalls.c#22 integrate
.. //depot/projects/hammer/sys/pc98/cbus/clock.c#10 integrate
.. //depot/projects/hammer/sys/pci/if_rl.c#57 integrate
.. //depot/projects/hammer/sys/pci/if_rlreg.h#27 integrate
.. //depot/projects/hammer/sys/security/mac_mls/mac_mls.c#39 integrate
.. //depot/projects/hammer/sys/sparc64/sparc64/eeprom.c#11 integrate
.. //depot/projects/hammer/sys/sparc64/sparc64/rtc.c#7 integrate
.. //depot/projects/hammer/sys/sys/kernel.h#21 integrate
.. //depot/projects/hammer/sys/sys/mutex.h#31 integrate
.. //depot/projects/hammer/sys/sys/proc.h#106 integrate
.. //depot/projects/hammer/sys/sys/vmmeter.h#8 integrate
.. //depot/projects/hammer/sys/vm/vm_meter.c#23 integrate
.. //depot/projects/hammer/sys/vm/vm_page.c#60 integrate
.. //depot/projects/hammer/sys/vm/vnode_pager.c#40 integrate
.. //depot/projects/hammer/tools/regression/environ/envctl.c#2 integrate
.. //depot/projects/hammer/tools/regression/environ/envtest.t#2 integrate
.. //depot/projects/hammer/tools/regression/environ/timings.c#2 integrate
.. //depot/projects/hammer/usr.bin/calendar/calendars/calendar.holiday#12 integrate
.. //depot/projects/hammer/usr.bin/su/su.1#12 integrate
.. //depot/projects/hammer/usr.bin/vmstat/vmstat.c#25 integrate
.. //depot/projects/hammer/usr.sbin/periodic/periodic.8#4 integrate

Differences ...

==== //depot/projects/hammer/contrib/bind9/CHANGES#8 (text+ko) ====

@@ -1,4 +1,34 @@
 
+	--- 9.4.1-P1 released ---
+
+2206.	[security]	"allow-query-cache" and "allow-recursion" now
+			cross inherit from each other.
+
+			If allow-query-cache is not set in named.conf then
+			allow-recursion is used if set, otherwise allow-query
+			is used if set, otherwise the default (localnets;
+			localhost;) is used.
+
+			If allow-recursion is not set in named.conf then
+			allow-query-cache is used if set, otherwise allow-query
+			is used if set, otherwise the default (localnets;
+			localhost;) is used.
+
+			[RT #16987]
+	
+2203.	[security]	Query id generation was cryptographically weak.
+			[RT # 16915]
+
+2202.	[security]	The default acls for allow-query-cache and 
+			allow-recursion were not being applied. [RT #16960]
+
+2193.	[port]		win32: BINDInstall.exe is now linked statically.
+			[RT #16906]
+
+2192.	[port]		win32: use vcredist_x86.exe to install Visual
+			Studio's redistributable dlls if building with
+			Visual Stdio 2005 or later.
+
 	--- 9.4.1 released ---
 
 2172.	[bug]		query_addsoa() was being called with a non zone db.

==== //depot/projects/hammer/contrib/bind9/README#7 (text+ko) ====

@@ -43,6 +43,11 @@
 		Nominum, Inc.
 
 
+BIND 9.4.1-P1
+
+	BIND 9.4.1-P1 is a security release, containing a fixes for a
+	security bugs in BIND 9.4.1.
+
 BIND 9.4.1
 
 	BIND 9.4.1 is a security release, containing a fix for a

==== //depot/projects/hammer/contrib/bind9/bin/named/client.c#6 (text+ko) ====

@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: client.c,v 1.219.18.20 2006/07/22 01:02:36 marka Exp $ */
+/* $Id: client.c,v 1.219.18.20.14.1 2007/06/26 02:58:54 marka Exp $ */
 
 #include <config.h>
 
@@ -1440,6 +1440,14 @@
 	}
 
 	/*
+	 * Hash the incoming request here as it is after
+	 * dns_dispatch_importrecv().
+	 */
+	dns_dispatch_hash(&client->now, sizeof(client->now));
+	dns_dispatch_hash(isc_buffer_base(buffer),
+			  isc_buffer_usedlength(buffer));
+
+	/*
 	 * It's a request.  Parse it.
 	 */
 	result = dns_message_parse(client->message, buffer, 0);

==== //depot/projects/hammer/contrib/bind9/bin/named/server.c#6 (text+ko) ====

@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: server.c,v 1.419.18.49 2006/12/07 05:24:19 marka Exp $ */
+/* $Id: server.c,v 1.419.18.49.12.2 2007/07/09 02:23:16 marka Exp $ */
 
 /*! \file */
 
@@ -1435,12 +1435,12 @@
 		view->additionalfromcache = ISC_TRUE;
 	}
 
+	/*
+	 * Set "allow-query-cache" and "allow-recursion" acls if
+	 * configured in named.conf.
+	 */
 	CHECK(configure_view_acl(vconfig, config, "allow-query-cache",
 				 actx, ns_g_mctx, &view->queryacl));
-	if (view->queryacl == NULL)
-		CHECK(configure_view_acl(NULL, ns_g_defaults,
-					 "allow-query-cache", actx,
-					 ns_g_mctx, &view->queryacl));
 
 	if (strcmp(view->name, "_bind") != 0)
 		CHECK(configure_view_acl(vconfig, config, "allow-recursion",
@@ -1460,11 +1460,29 @@
 			      "active%s%s", forview, viewname);
 
 	/*
-	 * Set default "allow-recursion" acl.
+	 * "allow-query-cache" inherits from "allow-recursion" if set,
+	 * otherwise from "allow-query" if set.
+	 * "allow-recursion" inherits from "allow-query-cache" if set,
+	 * otherwise from "allow-query" if set.
+	 */
+	if (view->queryacl == NULL && view->recursionacl != NULL)
+		dns_acl_attach(view->recursionacl, &view->queryacl);
+	if (view->queryacl == NULL)
+		CHECK(configure_view_acl(vconfig, config, "allow-query",
+					 actx, ns_g_mctx, &view->queryacl));
+	if (view->recursionacl == NULL && view->queryacl != NULL)
+		dns_acl_attach(view->queryacl, &view->recursionacl);
+
+	/*
+	 * Set default "allow-recursion" and "allow-query-cache" acls.
 	 */
 	if (view->recursionacl == NULL && view->recursion)
-		CHECK(configure_view_acl(NULL, ns_g_defaults, "allow-recursion",
+		CHECK(configure_view_acl(NULL, ns_g_config, "allow-recursion",
 					 actx, ns_g_mctx, &view->recursionacl));
+	if (view->queryacl == NULL)
+		CHECK(configure_view_acl(NULL, ns_g_config,
+					 "allow-query-cache", actx,
+					 ns_g_mctx, &view->queryacl));
 
 	CHECK(configure_view_acl(vconfig, config, "sortlist",
 				 actx, ns_g_mctx, &view->sortlist));

==== //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM-book.xml#6 (text+ko) ====

@@ -18,7 +18,7 @@
  - PERFORMANCE OF THIS SOFTWARE.
 -->
 
-<!-- File: $Id: Bv9ARM-book.xml,v 1.241.18.66 2007/01/29 23:57:20 marka Exp $ -->
+<!-- File: $Id: Bv9ARM-book.xml,v 1.241.18.66.10.1 2007/07/09 02:23:16 marka Exp $ -->
 <book xmlns:xi="http://www.w3.org/2001/XInclude">
   <title>BIND 9 Administrator Reference Manual</title>
 
@@ -5827,32 +5827,29 @@
 	      <listitem>
 		<para>
 		  Specifies which hosts are allowed to get answers
-		  from the cache. The default is the builtin acls
-		  <command>localnets</command> and
-		  <command>localhost</command>.
+		  from the cache.  If <command>allow-query-cache</command>
+		  is not set then <command>allow-recursion</command>
+		  is used if set, otherwise <command>allow-query</command>
+		  is used if set, otherwise the default
+		  (<command>localnets;</command>
+		  <command>localhost;</command>) is used.
 		</para>
-		<para>
-		  The way to set query access to the cache is now
-		  via <command>allow-query-cache</command>.
-		  This differs from earlier versions which used
-		  <command>allow-query</command>.
-		</para>
 	      </listitem>
 	    </varlistentry>
 
             <varlistentry>
               <term><command>allow-recursion</command></term>
               <listitem>
-                <para>
+		<para>
 		  Specifies which hosts are allowed to make recursive
-		  queries through this server. If not specified,
-		  the default is to allow recursive queries from
-		  the builtin acls <command>localnets</command> and
-		  <command>localhost</command>.
-		  Note that disallowing recursive queries for a
-		  host does not prevent the host from retrieving
-		  data that is already in the server's cache.
-                </para>
+		  queries through this server. If
+		  <command>allow-recursion</command> is not set
+		  then <command>allow-query-cache</command> is
+		  used if set, otherwise <command>allow-query</command>
+		  is used if set, otherwise the default
+		  (<command>localnets;</command>
+		  <command>localhost;</command>) is used.
+		</para>
               </listitem>
             </varlistentry>
 

==== //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch01.html#5 (text+ko) ====

@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: Bv9ARM.ch01.html,v 1.16.18.19 2007/01/30 00:23:45 marka Exp $ -->
+<!-- $Id: Bv9ARM.ch01.html,v 1.16.18.19.10.1 2007/07/09 02:25:50 marka Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -47,15 +47,15 @@
 <dl>
 <dt><span class="sect1"><a href="Bv9ARM.ch01.html#id2564115">Scope of Document</a></span></dt>
 <dt><span class="sect1"><a href="Bv9ARM.ch01.html#id2564138">Organization of This Document</a></span></dt>
-<dt><span class="sect1"><a href="Bv9ARM.ch01.html#id2563473">Conventions Used in This Document</a></span></dt>
-<dt><span class="sect1"><a href="Bv9ARM.ch01.html#id2564746">The Domain Name System (<acronym class="acronym">DNS</acronym>)</a></span></dt>
+<dt><span class="sect1"><a href="Bv9ARM.ch01.html#id2563472">Conventions Used in This Document</a></span></dt>
+<dt><span class="sect1"><a href="Bv9ARM.ch01.html#id2564813">The Domain Name System (<acronym class="acronym">DNS</acronym>)</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2564768">DNS Fundamentals</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2564802">Domains and Domain Names</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2564886">Zones</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2567284">Authoritative Name Servers</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2567525">Caching Name Servers</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2567587">Name Servers in Multiple Roles</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2564835">DNS Fundamentals</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2564869">Domains and Domain Names</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2564953">Zones</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2567283">Authoritative Name Servers</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2567524">Caching Name Servers</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch01.html#id2567586">Name Servers in Multiple Roles</a></span></dt>
 </dl></dd>
 </dl>
 </div>
@@ -116,7 +116,7 @@
 </div>
 <div class="sect1" lang="en">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id2563473"></a>Conventions Used in This Document</h2></div></div></div>
+<a name="id2563472"></a>Conventions Used in This Document</h2></div></div></div>
 <p>
         In this document, we use the following general typographic
         conventions:
@@ -243,7 +243,7 @@
 </div>
 <div class="sect1" lang="en">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id2564746"></a>The Domain Name System (<acronym class="acronym">DNS</acronym>)</h2></div></div></div>
+<a name="id2564813"></a>The Domain Name System (<acronym class="acronym">DNS</acronym>)</h2></div></div></div>
 <p>
         The purpose of this document is to explain the installation
         and upkeep of the <acronym class="acronym">BIND</acronym> software
@@ -253,7 +253,7 @@
       </p>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2564768"></a>DNS Fundamentals</h3></div></div></div>
+<a name="id2564835"></a>DNS Fundamentals</h3></div></div></div>
 <p>
           The Domain Name System (DNS) is a hierarchical, distributed
           database.  It stores information for mapping Internet host names to
@@ -273,7 +273,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2564802"></a>Domains and Domain Names</h3></div></div></div>
+<a name="id2564869"></a>Domains and Domain Names</h3></div></div></div>
 <p>
           The data stored in the DNS is identified by <span class="emphasis"><em>domain names</em></span> that are organized as a tree according to
           organizational or administrative boundaries. Each node of the tree,
@@ -319,7 +319,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2564886"></a>Zones</h3></div></div></div>
+<a name="id2564953"></a>Zones</h3></div></div></div>
 <p>
           To properly operate a name server, it is important to understand
           the difference between a <span class="emphasis"><em>zone</em></span>
@@ -372,7 +372,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2567284"></a>Authoritative Name Servers</h3></div></div></div>
+<a name="id2567283"></a>Authoritative Name Servers</h3></div></div></div>
 <p>
           Each zone is served by at least
           one <span class="emphasis"><em>authoritative name server</em></span>,
@@ -389,7 +389,7 @@
         </p>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2567307"></a>The Primary Master</h4></div></div></div>
+<a name="id2567306"></a>The Primary Master</h4></div></div></div>
 <p>
             The authoritative server where the master copy of the zone
             data is maintained is called the
@@ -409,7 +409,7 @@
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2567337"></a>Slave Servers</h4></div></div></div>
+<a name="id2567336"></a>Slave Servers</h4></div></div></div>
 <p>
             The other authoritative servers, the <span class="emphasis"><em>slave</em></span>
             servers (also known as <span class="emphasis"><em>secondary</em></span> servers)
@@ -425,7 +425,7 @@
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2567358"></a>Stealth Servers</h4></div></div></div>
+<a name="id2567357"></a>Stealth Servers</h4></div></div></div>
 <p>
             Usually all of the zone's authoritative servers are listed in
             NS records in the parent zone.  These NS records constitute
@@ -460,7 +460,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2567525"></a>Caching Name Servers</h3></div></div></div>
+<a name="id2567524"></a>Caching Name Servers</h3></div></div></div>
 <p>
           The resolver libraries provided by most operating systems are
           <span class="emphasis"><em>stub resolvers</em></span>, meaning that they are not
@@ -487,7 +487,7 @@
         </p>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2567560"></a>Forwarding</h4></div></div></div>
+<a name="id2567559"></a>Forwarding</h4></div></div></div>
 <p>
             Even a caching name server does not necessarily perform
             the complete recursive lookup itself.  Instead, it can
@@ -514,7 +514,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2567587"></a>Name Servers in Multiple Roles</h3></div></div></div>
+<a name="id2567586"></a>Name Servers in Multiple Roles</h3></div></div></div>
 <p>
           The <acronym class="acronym">BIND</acronym> name server can
           simultaneously act as

==== //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch02.html#5 (text+ko) ====

@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: Bv9ARM.ch02.html,v 1.13.18.18 2007/01/30 00:23:45 marka Exp $ -->
+<!-- $Id: Bv9ARM.ch02.html,v 1.13.18.18.10.1 2007/07/09 02:25:50 marka Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -45,16 +45,16 @@
 <div class="toc">
 <p><b>Table of Contents</b></p>
 <dl>
-<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2567621">Hardware requirements</a></span></dt>
-<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2567648">CPU Requirements</a></span></dt>
-<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2567660">Memory Requirements</a></span></dt>
-<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2567687">Name Server Intensive Environment Issues</a></span></dt>
-<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2567698">Supported Operating Systems</a></span></dt>
+<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2567620">Hardware requirements</a></span></dt>
+<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2567646">CPU Requirements</a></span></dt>
+<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2567659">Memory Requirements</a></span></dt>
+<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2567686">Name Server Intensive Environment Issues</a></span></dt>
+<dt><span class="sect1"><a href="Bv9ARM.ch02.html#id2567697">Supported Operating Systems</a></span></dt>
 </dl>
 </div>
 <div class="sect1" lang="en">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id2567621"></a>Hardware requirements</h2></div></div></div>
+<a name="id2567620"></a>Hardware requirements</h2></div></div></div>
 <p>
         <acronym class="acronym">DNS</acronym> hardware requirements have
         traditionally been quite modest.
@@ -73,7 +73,7 @@
 </div>
 <div class="sect1" lang="en">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id2567648"></a>CPU Requirements</h2></div></div></div>
+<a name="id2567646"></a>CPU Requirements</h2></div></div></div>
 <p>
         CPU requirements for <acronym class="acronym">BIND</acronym> 9 range from
         i486-class machines
@@ -84,7 +84,7 @@
 </div>
 <div class="sect1" lang="en">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id2567660"></a>Memory Requirements</h2></div></div></div>
+<a name="id2567659"></a>Memory Requirements</h2></div></div></div>
 <p>
         The memory of the server has to be large enough to fit the
         cache and zones loaded off disk.  The <span><strong class="command">max-cache-size</strong></span>
@@ -107,7 +107,7 @@
 </div>
 <div class="sect1" lang="en">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id2567687"></a>Name Server Intensive Environment Issues</h2></div></div></div>
+<a name="id2567686"></a>Name Server Intensive Environment Issues</h2></div></div></div>
 <p>
         For name server intensive environments, there are two alternative
         configurations that may be used. The first is where clients and
@@ -124,7 +124,7 @@
 </div>
 <div class="sect1" lang="en">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id2567698"></a>Supported Operating Systems</h2></div></div></div>
+<a name="id2567697"></a>Supported Operating Systems</h2></div></div></div>
 <p>
         ISC <acronym class="acronym">BIND</acronym> 9 compiles and runs on a large
         number

==== //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch03.html#6 (text+ko) ====

@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: Bv9ARM.ch03.html,v 1.35.18.26 2007/01/30 00:23:45 marka Exp $ -->
+<!-- $Id: Bv9ARM.ch03.html,v 1.35.18.26.10.1 2007/07/09 02:25:50 marka Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -47,14 +47,14 @@
 <dl>
 <dt><span class="sect1"><a href="Bv9ARM.ch03.html#sample_configuration">Sample Configurations</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2568003">A Caching-only Name Server</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2568019">An Authoritative-only Name Server</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2568002">A Caching-only Name Server</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2568018">An Authoritative-only Name Server</a></span></dt>
 </dl></dd>
-<dt><span class="sect1"><a href="Bv9ARM.ch03.html#id2568041">Load Balancing</a></span></dt>
-<dt><span class="sect1"><a href="Bv9ARM.ch03.html#id2568465">Name Server Operations</a></span></dt>
+<dt><span class="sect1"><a href="Bv9ARM.ch03.html#id2568040">Load Balancing</a></span></dt>
+<dt><span class="sect1"><a href="Bv9ARM.ch03.html#id2568464">Name Server Operations</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2568470">Tools for Use With the Name Server Daemon</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2569972">Signals</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2568469">Tools for Use With the Name Server Daemon</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch03.html#id2570039">Signals</a></span></dt>
 </dl></dd>
 </dl>
 </div>
@@ -68,7 +68,7 @@
 <a name="sample_configuration"></a>Sample Configurations</h2></div></div></div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2568003"></a>A Caching-only Name Server</h3></div></div></div>
+<a name="id2568002"></a>A Caching-only Name Server</h3></div></div></div>
 <p>
           The following sample configuration is appropriate for a caching-only
           name server for use by clients internal to a corporation.  All
@@ -95,7 +95,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2568019"></a>An Authoritative-only Name Server</h3></div></div></div>
+<a name="id2568018"></a>An Authoritative-only Name Server</h3></div></div></div>
 <p>
           This sample configuration is for an authoritative-only server
           that is the master server for "<code class="filename">example.com</code>"
@@ -137,7 +137,7 @@
 </div>
 <div class="sect1" lang="en">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id2568041"></a>Load Balancing</h2></div></div></div>
+<a name="id2568040"></a>Load Balancing</h2></div></div></div>
 <p>
         A primitive form of load balancing can be achieved in
         the <acronym class="acronym">DNS</acronym> by using multiple A records for
@@ -280,10 +280,10 @@
 </div>
 <div class="sect1" lang="en">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id2568465"></a>Name Server Operations</h2></div></div></div>
+<a name="id2568464"></a>Name Server Operations</h2></div></div></div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2568470"></a>Tools for Use With the Name Server Daemon</h3></div></div></div>
+<a name="id2568469"></a>Tools for Use With the Name Server Daemon</h3></div></div></div>
 <p>
           This section describes several indispensable diagnostic,
           administrative and monitoring tools available to the system
@@ -741,7 +741,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2569972"></a>Signals</h3></div></div></div>
+<a name="id2570039"></a>Signals</h3></div></div></div>
 <p>
           Certain UNIX signals cause the name server to take specific
           actions, as described in the following table.  These signals can

==== //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch04.html#6 (text+ko) ====

@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: Bv9ARM.ch04.html,v 1.40.18.34 2007/01/30 00:23:45 marka Exp $ -->
+<!-- $Id: Bv9ARM.ch04.html,v 1.40.18.34.10.1 2007/07/09 02:25:50 marka Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -49,28 +49,28 @@
 <dt><span class="sect1"><a href="Bv9ARM.ch04.html#dynamic_update">Dynamic Update</a></span></dt>
 <dd><dl><dt><span class="sect2"><a href="Bv9ARM.ch04.html#journal">The journal file</a></span></dt></dl></dd>
 <dt><span class="sect1"><a href="Bv9ARM.ch04.html#incremental_zone_transfers">Incremental Zone Transfers (IXFR)</a></span></dt>
-<dt><span class="sect1"><a href="Bv9ARM.ch04.html#id2570429">Split DNS</a></span></dt>
+<dt><span class="sect1"><a href="Bv9ARM.ch04.html#id2570428">Split DNS</a></span></dt>
 <dt><span class="sect1"><a href="Bv9ARM.ch04.html#tsig">TSIG</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2570949">Generate Shared Keys for Each Pair of Hosts</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571022">Copying the Shared Secret to Both Machines</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571033">Informing the Servers of the Key's Existence</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571141">Instructing the Server to Use the Key</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571198">TSIG Key Based Access Control</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571243">Errors</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2570948">Generate Shared Keys for Each Pair of Hosts</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571021">Copying the Shared Secret to Both Machines</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571032">Informing the Servers of the Key's Existence</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571140">Instructing the Server to Use the Key</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571197">TSIG Key Based Access Control</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571242">Errors</a></span></dt>
 </dl></dd>
-<dt><span class="sect1"><a href="Bv9ARM.ch04.html#id2571257">TKEY</a></span></dt>
-<dt><span class="sect1"><a href="Bv9ARM.ch04.html#id2571306">SIG(0)</a></span></dt>
+<dt><span class="sect1"><a href="Bv9ARM.ch04.html#id2571256">TKEY</a></span></dt>
+<dt><span class="sect1"><a href="Bv9ARM.ch04.html#id2571305">SIG(0)</a></span></dt>
 <dt><span class="sect1"><a href="Bv9ARM.ch04.html#DNSSEC">DNSSEC</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571579">Generating Keys</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571649">Signing the Zone</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571728">Configuring Servers</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571578">Generating Keys</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571648">Signing the Zone</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2571726">Configuring Servers</a></span></dt>
 </dl></dd>
-<dt><span class="sect1"><a href="Bv9ARM.ch04.html#id2571802">IPv6 Support in <acronym class="acronym">BIND</acronym> 9</a></span></dt>
+<dt><span class="sect1"><a href="Bv9ARM.ch04.html#id2571801">IPv6 Support in <acronym class="acronym">BIND</acronym> 9</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2572001">Address Lookups Using AAAA Records</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2572022">Address to Name Lookups Using Nibble Format</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2572000">Address Lookups Using AAAA Records</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch04.html#id2572021">Address to Name Lookups Using Nibble Format</a></span></dt>
 </dl></dd>
 </dl>
 </div>
@@ -204,7 +204,7 @@
 </div>
 <div class="sect1" lang="en">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id2570429"></a>Split DNS</h2></div></div></div>
+<a name="id2570428"></a>Split DNS</h2></div></div></div>
 <p>
         Setting up different views, or visibility, of the DNS space to
         internal and external resolvers is usually referred to as a
@@ -479,7 +479,7 @@
       </p>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2570949"></a>Generate Shared Keys for Each Pair of Hosts</h3></div></div></div>
+<a name="id2570948"></a>Generate Shared Keys for Each Pair of Hosts</h3></div></div></div>
 <p>
           A shared secret is generated to be shared between <span class="emphasis"><em>host1</em></span> and <span class="emphasis"><em>host2</em></span>.
           An arbitrary key name is chosen: "host1-host2.". The key name must
@@ -487,7 +487,7 @@
         </p>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2570966"></a>Automatic Generation</h4></div></div></div>
+<a name="id2570965"></a>Automatic Generation</h4></div></div></div>
 <p>
             The following command will generate a 128-bit (16 byte) HMAC-MD5
             key as described above. Longer keys are better, but shorter keys
@@ -512,7 +512,7 @@
 </div>
 <div class="sect3" lang="en">
 <div class="titlepage"><div><div><h4 class="title">
-<a name="id2571004"></a>Manual Generation</h4></div></div></div>
+<a name="id2571003"></a>Manual Generation</h4></div></div></div>
 <p>
             The shared secret is simply a random sequence of bits, encoded
             in base-64. Most ASCII strings are valid base-64 strings (assuming
@@ -527,7 +527,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2571022"></a>Copying the Shared Secret to Both Machines</h3></div></div></div>
+<a name="id2571021"></a>Copying the Shared Secret to Both Machines</h3></div></div></div>
 <p>
           This is beyond the scope of DNS. A secure transport mechanism
           should be used. This could be secure FTP, ssh, telephone, etc.
@@ -535,7 +535,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2571033"></a>Informing the Servers of the Key's Existence</h3></div></div></div>
+<a name="id2571032"></a>Informing the Servers of the Key's Existence</h3></div></div></div>
 <p>
           Imagine <span class="emphasis"><em>host1</em></span> and <span class="emphasis"><em>host 2</em></span>
           are
@@ -564,7 +564,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2571141"></a>Instructing the Server to Use the Key</h3></div></div></div>
+<a name="id2571140"></a>Instructing the Server to Use the Key</h3></div></div></div>
 <p>
           Since keys are shared between two hosts only, the server must
           be told when keys are to be used. The following is added to the <code class="filename">named.conf</code> file
@@ -596,7 +596,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2571198"></a>TSIG Key Based Access Control</h3></div></div></div>
+<a name="id2571197"></a>TSIG Key Based Access Control</h3></div></div></div>
 <p>
           <acronym class="acronym">BIND</acronym> allows IP addresses and ranges
           to be specified in ACL
@@ -624,7 +624,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2571243"></a>Errors</h3></div></div></div>
+<a name="id2571242"></a>Errors</h3></div></div></div>
 <p>
           The processing of TSIG signed messages can result in
           several errors. If a signed message is sent to a non-TSIG aware
@@ -650,7 +650,7 @@
 </div>
 <div class="sect1" lang="en">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id2571257"></a>TKEY</h2></div></div></div>
+<a name="id2571256"></a>TKEY</h2></div></div></div>
 <p><span><strong class="command">TKEY</strong></span>
         is a mechanism for automatically generating a shared secret
         between two hosts.  There are several "modes" of
@@ -686,7 +686,7 @@
 </div>
 <div class="sect1" lang="en">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id2571306"></a>SIG(0)</h2></div></div></div>
+<a name="id2571305"></a>SIG(0)</h2></div></div></div>
 <p>
         <acronym class="acronym">BIND</acronym> 9 partially supports DNSSEC SIG(0)
             transaction signatures as specified in RFC 2535 and RFC2931.
@@ -747,7 +747,7 @@
       </p>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2571579"></a>Generating Keys</h3></div></div></div>
+<a name="id2571578"></a>Generating Keys</h3></div></div></div>
 <p>
           The <span><strong class="command">dnssec-keygen</strong></span> program is used to
           generate keys.
@@ -798,7 +798,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2571649"></a>Signing the Zone</h3></div></div></div>
+<a name="id2571648"></a>Signing the Zone</h3></div></div></div>
 <p>
           The <span><strong class="command">dnssec-signzone</strong></span> program is used
           to
@@ -842,7 +842,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2571728"></a>Configuring Servers</h3></div></div></div>
+<a name="id2571726"></a>Configuring Servers</h3></div></div></div>
 <p>
           To enable <span><strong class="command">named</strong></span> to respond appropriately
           to DNS requests from DNSSEC aware clients,
@@ -930,7 +930,7 @@
 </div>
 <div class="sect1" lang="en">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id2571802"></a>IPv6 Support in <acronym class="acronym">BIND</acronym> 9</h2></div></div></div>
+<a name="id2571801"></a>IPv6 Support in <acronym class="acronym">BIND</acronym> 9</h2></div></div></div>
 <p>
         <acronym class="acronym">BIND</acronym> 9 fully supports all currently
         defined forms of IPv6
@@ -969,7 +969,7 @@
       </p>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2572001"></a>Address Lookups Using AAAA Records</h3></div></div></div>
+<a name="id2572000"></a>Address Lookups Using AAAA Records</h3></div></div></div>
 <p>
           The IPv6 AAAA record is a parallel to the IPv4 A record,
           and, unlike the deprecated A6 record, specifies the entire
@@ -988,7 +988,7 @@
 </div>
 <div class="sect2" lang="en">
 <div class="titlepage"><div><div><h3 class="title">
-<a name="id2572022"></a>Address to Name Lookups Using Nibble Format</h3></div></div></div>
+<a name="id2572021"></a>Address to Name Lookups Using Nibble Format</h3></div></div></div>
 <p>
           When looking up an address in nibble format, the address
           components are simply reversed, just as in IPv4, and

==== //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch05.html#6 (text+ko) ====

@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: Bv9ARM.ch05.html,v 1.33.18.28 2007/01/30 00:23:45 marka Exp $ -->
+<!-- $Id: Bv9ARM.ch05.html,v 1.33.18.28.10.1 2007/07/09 02:25:50 marka Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -45,13 +45,13 @@
 <div class="toc">
 <p><b>Table of Contents</b></p>
 <dl>
-<dt><span class="sect1"><a href="Bv9ARM.ch05.html#id2572055">The Lightweight Resolver Library</a></span></dt>
+<dt><span class="sect1"><a href="Bv9ARM.ch05.html#id2572054">The Lightweight Resolver Library</a></span></dt>
 <dt><span class="sect1"><a href="Bv9ARM.ch05.html#lwresd">Running a Resolver Daemon</a></span></dt>
 </dl>
 </div>
 <div class="sect1" lang="en">
 <div class="titlepage"><div><div><h2 class="title" style="clear: both">
-<a name="id2572055"></a>The Lightweight Resolver Library</h2></div></div></div>
+<a name="id2572054"></a>The Lightweight Resolver Library</h2></div></div></div>
 <p>
         Traditionally applications have been linked with a stub resolver
         library that sends recursive DNS queries to a local caching name

==== //depot/projects/hammer/contrib/bind9/doc/arm/Bv9ARM.ch06.html#6 (text+ko) ====

@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: Bv9ARM.ch06.html,v 1.82.18.63 2007/01/30 00:23:45 marka Exp $ -->
+<!-- $Id: Bv9ARM.ch06.html,v 1.82.18.63.10.1 2007/07/09 02:25:50 marka Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -48,52 +48,52 @@
 <dt><span class="sect1"><a href="Bv9ARM.ch06.html#configuration_file_elements">Configuration File Elements</a></span></dt>
 <dd><dl>
 <dt><span class="sect2"><a href="Bv9ARM.ch06.html#address_match_lists">Address Match Lists</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2573470">Comment Syntax</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2573333">Comment Syntax</a></span></dt>
 </dl></dd>
 <dt><span class="sect1"><a href="Bv9ARM.ch06.html#Configuration_File_Grammar">Configuration File Grammar</a></span></dt>
 <dd><dl>
-<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2574151"><span><strong class="command">acl</strong></span> Statement Grammar</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2574013"><span><strong class="command">acl</strong></span> Statement Grammar</a></span></dt>
 <dt><span class="sect2"><a href="Bv9ARM.ch06.html#acl"><span><strong class="command">acl</strong></span> Statement Definition and
           Usage</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2574341"><span><strong class="command">controls</strong></span> Statement Grammar</a></span></dt>
+<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2574203"><span><strong class="command">controls</strong></span> Statement Grammar</a></span></dt>
 <dt><span class="sect2"><a href="Bv9ARM.ch06.html#controls_statement_definition_and_usage"><span><strong class="command">controls</strong></span> Statement Definition and
           Usage</a></span></dt>
-<dt><span class="sect2"><a href="Bv9ARM.ch06.html#id2574770"><span><strong class="command">include</strong></span> Statement Grammar</a></span></dt>

>>> TRUNCATED FOR MAIL (1000 lines) <<<