From owner-freebsd-net Fri Nov 12 6:49:12 1999 Delivered-To: freebsd-net@freebsd.org Received: from overcee.netplex.com.au (overcee.netplex.com.au [202.12.86.7]) by hub.freebsd.org (Postfix) with ESMTP id ACE7614EB3 for ; Fri, 12 Nov 1999 06:48:49 -0800 (PST) (envelope-from peter@netplex.com.au) Received: from netplex.com.au (localhost [127.0.0.1]) by overcee.netplex.com.au (Postfix) with ESMTP id CF6271C6D; Fri, 12 Nov 1999 22:48:47 +0800 (WST) (envelope-from peter@netplex.com.au) X-Mailer: exmh version 2.0.2 2/24/98 To: Robert Watson Cc: G Muthukumar , freebsd-net@freebsd.org Subject: Re: BIND 8.2.x - IRS, newer resolver functions In-reply-to: Your message of "Wed, 10 Nov 1999 16:14:10 EST." Date: Fri, 12 Nov 1999 22:48:47 +0800 From: Peter Wemm Message-Id: <19991112144847.CF6271C6D@overcee.netplex.com.au> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Robert Watson wrote: > > We should wait for BIND9, which will have quite a big change in resolver > interface (asynchronous support, threading, DNSsec, etc). Jan 31 is the > date for the beta release. I'm really frightened by 8.2.2.x - the inbuilt crypto used by res_*() in libc, the root exploit rate, etc don't exactly give me the warm fuzzies. 8.1.2 has known DoS's, but that's not as bad as known root exploits. I've attempted to do an update to 8.2.2 a few times and run into trouble with the crypto code and libc. How would people react to libc supporting *only* "files" and "irpd" (ie: no dns or yp). The IRP lookup method asks a local parallel caching daemon to do the lookups on it's behalf, be they DNS, NIS, NISPLUS, etc. It also means we could confine the crypto to userland programs and get a fair amount of stuff out of libc. It also means we can do resolver plugins (irpd is dynamic) even in static binaries (since they don't use dlopen). Don't panic, I'm just asking aloud to get some feel for what folks want. > On Wed, 10 Nov 1999, G Muthukumar wrote: > > > Hi all, > > > > With the availability of BIND 8.2.x, is there any plan of integrating > > the newer resolver functions (e.g.: res_nquery as against the deprecated > > res_query) & name resolution through IRS (instead of/in addition to > > /etc/host.conf) into the standard library? > > > > If this is not considered due to some valid reasons, would it be > > possible for me to get those reasons? Any pointers are also welcome. > > > > Thanks, > > Muthu > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-net" in the body of the message > > > > > Robert N M Watson Cheers, -Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message