File: NEWS

package info (click to toggle)
rbldnsd 0.998b~pre1-1
  • links: PTS, VCS
  • area: main
  • in suites: buster, stretch
  • size: 744 kB
  • ctags: 1,132
  • sloc: ansic: 8,212; python: 549; sh: 502; makefile: 249; awk: 33
file content (792 lines) | stat: -rw-r--r-- 30,780 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
This file describes user-visible changes in rbldnsd.
Newer news is at the top.

0.998b
 - Fix for memory errors on very large datasets.
   Patch by Andrew Clayton

0.998a (06 Sep 2016)
 - Minor fixes in copyright and documentation
 - bugfix: minor fix to prevent errors on newer compilers
 - Moving debian/ old directory under contrib/debian/

0.998 (05 Dec 2015)

 - bugfix: correctly handle V4MAPPED (v4 in v6) addresses, the
   original v6 prefix was wrong.  Thanks to Alex Lasoriti for
   finding the issue
 - bugfix: sometimes IP4-based datasets gave false positives when
   an IP6 dataset were present, and it was also possible to have
   false positive in IP6 datasets.  Both has been fixed.

0.997a (23 Jul 2013)

 - minor fixes/changes in packaging, no code changes.
   In particular, fixes a build failure on *BSD introduced in 0.997

0.997 (29 Jun 2013)

 - main feature of this version is ipv6 support.  Many thanks to
   Geoffrey T. Dairiki for the implementation of btrie (btrie.c) which
   is far superior to old ip4trie code and handles both v4 and v6

 - feature: ip6trie - new dataset supports listing of arbitrary length
   ip6 CIDRs, along with individual A/TXT values for each prefix

 - feature: ip6tset - new dataset supports listing of ip6 /64 subnets
   and the exclusion of /128 subnets; only supports a single A/TXT value
   for the entire dataset

 - optimization: ip4trie - using new trie implementation (developed for
   the ip6trie dataset) decreases memory consumption by roughly a factor
   of three

 - feature: acl dataset - ip6 addresses are now supported in ACLs

 - feature: added --enable-asserts configure option to enable
   compilation of debugging assertions; assertion checking is
   disabled by default

 - featurette: zero-length "wildcard" IP4 CIDR prefixes are now
   allowed in ip4trie and acl datasets.

0.996b (29 Mar 2008)

 - most stuff is very minor, while preparing for larger changes
   for 0.997 and 1.0.

 - several (mostly minor) bug and portability fixes.

 - feature: ability to specify "base template" for a dataset, using $=
   variable.  See manpage for details, "Resulting A values and TXT templates"
   section.

 - incompat: due to the above change ($= base template), in TXT entries which
   starts with equal sign (=), the first character (which is `=', obviously)
   is removed.  $= is now treated specially too.

 - feature: (experimental) support for dynamically-loaded extensions (DSOs),
   in place of (previously unfinished) compile-time "hooks" support.
   New options -x/-X, to load an extension and to specify argument for it.
   Usage document has to be written still.

0.996a (27 Jul 2006) (The "34-Birthday Release")

 - -a/-A (-A is new, currently a noop) option clarification/addition.
   Don't mark -a as experimental anymore, and note that -a mode
   ("lazy", minimal-answers, w/o AUTH section in every reply) will
   be the default in future versions.  -A tells rbldnsd to go to
   "non-lazy" mode.  Document options in the manpage.

 - bugfix: fix configure script breakages:
   portability: for f; do => for f in "$@"; do
   fix broken GNU C (mis)detection

 - bugfix: fix dataset "un-expiration". Previously, once a dataset has expired,
   it never "un-expires" again even if new expire time is in future.  Due to
   missing reset of a dataset structure field.

 - portability: apparently at least one (broken) linux distribution includes
   kernel modification which leads to losing SIGALRM interrupts at times.
   So use setitimer() instead of alarm(), if available.

 - minor code cleanups here and there (fixing (real) GCC-4.1 warnings).

 - Debian-specific: adopt to more recent Debian packaging requiriments,
   and ensure that Debian package builds with zlib support

0.996 (19 Feb 2006)

 - experimental feature: data expiration support, in form
    $TIMESTAMP created expires
   see manpage for details.

 - feature: recognize new 'pass' entry in ACL "dataset", to allow
   whitelisting of a particular network/host covered by another
   ACL entry.

 - bugfix (sort of): deal with possible null-pointer dereferences on some
   systems such as FreeBSD where realloc(smaller_amount) may actually
   return NULL.  Note that this particular malloc implementation (where
   realloc() may return NULL if requested to reallocate to a smaller
   amount of memory) perform very badly with rbldnsd in the first place:
   rbldnsd tries to free some unused memory at the end of data load
   process, and realloc() forces a copy so there will be extra copy of
   a huge data and bad memory fragmentation, so on next reload rbldnsd
   will most likely just run out of memory.  I think it's best to experiment
   with alternative malloc implementation on such systems, eg dmalloc.

 - feature: rbldnsd is now able to read gzip-compressed data files, doing
   transparent on-the-fly decompression, if built with zlib support
   (if built w/o zlib support, it still checks whenever datafile is
   compressed and refuses to load it if it is).  Use -C option to turn
   this feature off.

 - due to zlib support, this version introduces rewritten data-reading
   loop (previously with fgets()) - on some systems this results in
   noticeable (re)load speed improvement on large datasets.

 - number of max nameservers (MAX_NS in rbldnsd.h) increased from 20 to 32,
   per request from Spamhaus.

 - feature: configure script now accepts command-line options (--enable-xx
   and --disable-xx) to turn optional features on/off (including stats,
   ipv6, master-dump and zlib), and saves such options into config.status
   so that automatic re-making will pick up the right options again.

0.995 (28 Apr 2005)

 - feature: allow glue records for nameservers (IPv4 only for now,
   as there's no AAAA record support yet).  Generic dataset it the
   most appropriate place to specify actual A records for the NSes.

 - when replying to NS or ANY query to the base zone, rbldnsd now
   returns set of nameservers in both ANSWER and AUTHORITY section.

 - feature: (initial, experimental) ACL support.  It is possble to force
   certain kinds of replies to be sent to certain clients (based on the
   client IP address), regardless of the query the client performs.
   Read rbldnsd(8) manpage for the details.
   This feature is experimental.  Basic idea will remain but details are
   likely to change in the future, as requiriments will be understood
   better.

 - feature: ENDS0 support for UDPsize, allowing replies larger than 512
   bytes for clients claiming EDNS0 support (appropriate OPT record in
   additional section in query).  Not really user-visible change per se,
   but may be quite visible for clients especially when our replies are large.

0.994b (16 Apr 2005)

 - bugfix: use of uninitialized pointer in ip4set and ip4trie
   datasets when input data file (A+TXT template for a given
   entry) is invalid, instead of rejecting the line.  This can
   lead to "random" crashes.

0.994a (10 Mar 2005)

 - bugfix: for queries for base subzone in combined dataset,
   rbldnsd improperly returned NXDOMAIN instead of NODATA -- eg
   a query for sub.bl.example.com where sub is a subzone of
   a combined dataset "rooted" at bl.example.com resulted in
   NXDOMAIN while the name obviously does exists.  Fixed (one-liner).

0.994 (18 Dec 2004)

 - bugfix: fix a memory leak when $n-style substitutions
   are being used: each $n definition resulted in a leak
   of the substitution text on every reload (used estrdup()
   but should be using mp_strdup())
 - feature, sort of: allow to omit support for -d option,
   thus eliminating some bloat: DEFS = -DNO_MASTER_DUMP
 - bugfix: fixed master-format dump (-d) for ip4trie - some
   ranges weren't expanding properly, resulting in missing entries
 - bugfix: fixed master-format dump (-d) for ip4set: when
   we have two entries in input:
     127.0.0.0/8 a
     127.0.0.2   b
   for master-format dump there should be 4 lines, not 2 as
   before:
     2.0.0.127  b  (was ok before)
     *.0.0.127  a  (was missing)
       *.0.127  a  (was missing)
         *.127  a  (was ok before)
   Without the two intermediate lines, named returns NXDOMAIN
   for eg 3.0.0.127 or x.1.0.127.  Quite an.. interesting case...

0.993.1 (29 Jul 2004)

 - only minor, mostly (Debian) package-specific, stuff
   (see debian/changes for details)

0.993 (01 Jul 2004)

 - bugfix: fix 0.0.0.0 A value being used instead
   of the specified real IP address in a case like
   ":127.0.0.2" (use specific A and default TXT)
   (noted by njabl)

 - feature: allow (optional) names for subdatasets
   in combined dataset, for better logging.  Specify
   :name after dataset type in $DATASET line, like
     $DATASET ip4set:http proxies @
     $DATASET ip4set:relays relays @

 - feature, safety: implement and enforce $MAXRANGE4
   special like this:
     $MAXRANGE /24
     $MAXRANGE 256
   the maximum "size" of a single entry, in number
   of IPv4 addresses it covers.  If an entry covers
   more addresses, it is ignored (and warning is
   logged).  The constraint may be decreased by the
   following $MAXRANGE special, but can not be
   increased.  Global per dataset.
 
 - feature, safety: ignore incomplete last lines
   (lines w/o end-of-line terminator) in data
   files (to prevent mis-interpreting of incomplete
   data)

 - feature, safety: check for data file changes during
   reloads (while reading data), and abort loading
   (and mark all zones to return SERVFAIL until next
   reload) if a change is detected.

 - safety: do not treat bare numbers as /8 ranges.
     10 -- wrong from now on
     10/8 -- ok
     10-11 -- ok

 - safety: require equal number of octets for x-y
   style ranges:
     1.2.3-2.3.4.5 -- wrong
     1.2.3.0-2.3.4.5 -- ok
     1.2.3.4-2.3.4 -- wrong
     1.2.3.4-2.3.4.5 -- ok
   and the "repeat-last-octet" variant is still
   ok too, obviously:
     1.2-3 -- ok
     1.2.3-4 -- ok
     1.2.3.4-5 -- ok

 - safety: only accept complete, 4-octet IPv4
   addresses in ip4tset, do not allow weird stuff
   like inet_aton() allows:
     10   = 0.0.0.10 -- wrong
     10.1 = 10.0.0.1 -- wrong

 - bugfix: several more small fixes for IP4 address
   parser

 - refine logging a bit, make it less verbose
   (esp. when logging problems)

 - bugfix: query logging (-l) with background
   reloading: the file was not flushed properly
   (resulted in double logging)

 - bugfix: dump (-d) of MX record (generic dataset)
   was incorrect

 - bugfix: wrong subzone in $ORIGIN when dumping (-d)
   combined dataset

 - bugfix: incorect (opposite) evaluation of maxttl

0.992 (07 Mar 2004)

 - feature: allow easy turning on/off individual NS
   records in $NS line, by prefixing unused nameservers
   with minus sign (-)

 - bugfix: fix -d (master-format dump) for generic dataset

 - bugfix: remove usage of NI_WITHSCOPEID (it was used for
   unknown reason anyway and broke on latest solaris)

 - #define _LARGEFILE64_SOURCE and use O_LARGEFILE if
   defined in rbldnsd.c to be able to write larger
   logfiles.  Dunno whenever it will actually help,
   but it at least works on linux.

 - old -s option (log reload times/memusage) is gone,
   it is now turned on all the time, but produces slightly
   less verbose output.

 - new -s option: write short statistic summaries into
   given file, to help obtaining data for tools like RRD.

 - format of statistic logging changed slightly, it is
   a bit less verbose now too (and less confusing)

 - feature: continue processing queries during reloads.
   For this, rbldnds forks off the child process that
   process queries while parent performs the reload.
   Requires 2x more memory (changed datasets will be
   doubled during reloads).  -f option (not enabled
   by default).

 - feature: new dataset, ip4tset, very simplified ip4set.
   Only accepts bare IP addresses, no netranges, no
   exceptions, but requires 2x less memory and is faster.
 
 - feature: extended -t option, allow minttl and maxttl
   to be specified (to set constraints for TTLs found
   in data files).  New syntax is -t defttl:minttl:maxttl,
   with everything optional (so -t defttl works too, as
   well as -t ::1d).

 - feature/expectation_fix: add an ability to specify A
   but inherit default TXT value for an entry:
    entry :addr:  - specific A, no TXT
    entry :addr   - specific A, default TXT

 - cleanup: remove redundrant CNAMEs from master-file dump
   in ip4set

0.991 (30 Nov 2003)

 - in order to be able to overrite both SOA and NS records
   in data downloaded from 3rd party blocklist to use in
   local environment, $NS record handling changed.  From
   now on, rbldnsd expects all nameservers to be specified
   on one single $NS line.  Compatibility with previous
   releases preserved for now, but will be removed in the
   future: if several domain names are specified in $NS
   line, all other $NS lines are ignored; but when only one
   nameserver is specified, rbldnsd still collects all such
   single-ns lines as in previous releases.

 - when the query matches several RRs with different TTLs
   (e.g. from different datasets), rbldnsd now sets smallest
   TTL in ALL RRs of this type.

 - when several RRs of the same type exists in generic dataset,
   we now trying to return them in "random" order.  The
   "randomization" is very dumb for now.

 - implemented master format dump for ip4trie dataset

0.99 (16 Sep 2003)

 - autoconf-style configuration.  Run ./configure before make.
   -DSTATS_LL gone; NOSTDINT_H, NOIPv6, NOMEMINFO, NOPOLL are
   set automatically (hopefully).  I dont use GNU autoconf just
   because it is too huge, but my own "mini-autoconf" may be not
   as portable/tested, obviously.  Great thanks to Christian Krackowizer
   (ckrackowiz at std.schuler-ag.com) for testing this stuff on
   numerous platforms.

 - remove EasynetDynablock and relays.osirusoft.com conversion scripts

 - bugfix: Fixed range parsing.  E.g., 24.217.64-191 did not work (and any
   range like this where last two bits where xored into 255).  Spotted by
   easynet.nl folks, thanks.  This bug occurs only when last 2 numbers,
   when xored together, gives 255, like 124-131, 120-135, 127-128, 65-190,
   64-191, ...  The listing will never be matched, so bug does no harm
   (i.e. no extra, incorrect listings).

 - feature: allow logging to standard output (-l - or -l +-).  See manpage
   for details.  Idea by Klaus Alexander Seistrup @magnetic-ink.dk.

0.98 (17 Aug 2003)

 - incompatible change: bind address (-b option) is now mandatory.
   Too many problems with INADDR_ANY, multihomed hosts and wrong
   source address on replies.

 - feature: allow listening on multiple addresses.  Needed e.g.
   on hosts where both IPv4 and IPv6 addresses are in use.  Having
   multiple listening addresses means rbldnsd now uses select/poll
   (but it works exactly as before if only one listening address
   specified).  If your system does not provide working poll()
   system call, specify -DNOPOLL at compile time.

 - feature: recognize host/port syntax in argument for -b option
   (bind address) to be able to bind to different ports.  -P option
   is gone again.  Note that delimiter is slash (/), not colon (:),
   to be able to work with IPv6 addresses correctly.

 - feature, and incompatibility change in dnset DN interpretation.
   *.example.com is now NOT the same as .example.com.  Specify
   *.example.com to include all subdomains of example.com, and
   specify .example.com to include all subdomains AND example.com
   itself - instead of specifying 2 lines, only one is now needed.

 - bugfix: memleak in combined dataset: NS and SOA caches was
   allocated for subzones of combined dataset (NS/SOA are never
   used here).

 - feature: respond to version.bind CH TXT requests (and version.server).
   Use -v to hide version info from reply, or two -v's to disable this
   feature completely.

 - reply with REFUSED instead of FORMERR for unknown query class

 - warn about truncated TXT records.  DNS spec allows TXT record to be
   more than 255 bytes long (by using a series of STRINGs in one RR,
   each 255 bytes max), but there's no point using TXTs longer than
   255 bytes for a DNSBL (think of SMTP rejection message)

 - feature: new dataset, ip4trie, to store IP4 CIDR ranges.  Unlike
   ip4set, ip4trie can only hold one value per CIDR range and returns
   only closest matching entry.  Experimental.

0.97b (6 Aug 2003)

 - bugfix: there was an error in per-zone statistics counting code
   introduced in 0.97.  This bug may be triggered remotely by *first*
   DNS query since rbldnsd startup, provided the query is against a
   zone for which rbldnsd is not authoritative.  If such out-of-zone
   query will be first, it will result in instant crash of a server.
   Subsequent out-of-zone queries will not result in a crash, just
   wrong counters (for previously queried zone) will be incremented.
   Impact of this bug is low, since it is difficult to trigger the
   bug and made rbldnsd crash.
   Thanks Marco D'Itri (md at linux.it) for pointing this out to me.

0.97a (1 Aug 2003)

 - bugfix: ip4parse_range(): invalid addresses was not marked as such,
   which may result in various crashes when parsing bogus datafiles.
   Note this is remotely exploitable bug: if you grab data from a remote
   system, invalid data may crash you server.  DNS operations (query
   handling etc) aren't affected by this bug, it is in dataset parsing
   code.
   Please note that this fix also restores previously non-working
   detection of non-zero host part in ranges like 1.2.3.4/24 (proper
   form is 1.2.3.0/24).  If you want to process such address ranges,
   specify -e command-line option.

 - feature: recognize and ignore "IN" classname in `generic' dataset,
   so it is now possible to have
     @ IN A 127.0.0.1

0.97 (13 Jul 2003)

 - feature: added per-basezone statistic counters

 - osirusoft2rbldnsd.pl: sample script to convert relays.osirusoft.com
   bind zone into rbldnsd `combined' dataset

 - bugfix: in some rare cases, dnset missed one RR for a
   DN with multiple RRs.  Spotted by Matthew Sullivan, SORBS.net

 - bugfix: rbldnsd didn't return NS records for base DN query
   if qtype=ANY.  Also, SOA now will be first in reply, not last.

 - optimization for `combined' dataset: try to not remove stats
   (possible collected by previous loads) for subzones on reloads
   (i.e. ip4set keeps approx. number of records in a set to avoid
   many malloc() calls)

 - new compile-time define: -DSTATS_LL, to keep statistic counters
   (if not disabled with -DNOSTATS) in variables of type `unsigned
   long long', not `unsigned long' - on 32-bit machines, this may
   be 64-bit integers.

0.96 (29 May 2003)

 - fixed alignment bug in mempool.c that caused allocation slip

 - pre-compress SOA and NS records for faster access

 - return NS records in AUTHORITY section of positive answers if
   available and there's a room for them.

 - restore broken MX record functionality.  Note that MX domain names
   aren't compressed anymore

 - do not lowercase domain names specified in NS, SOA and MX records

0.95 (27 May 2003)

 - new dataset: combined: a container for other datasets.
   See manpage for details.

 - reorder zones given in command line (and in combined dataset)
   to move superzone after all it's subzones.  The order is still
   important - place most commonly referenced zones first - but
   it's not a problem anymore to specify superzone first.

0.94 (26 May 2003)

 - implemented -d option (dump zone data in BIND format to stdout)
 - data loading warnings goes to stderr instead of stdout
 - Makefile portability tweaks for Solaris
 - recognize ';' as comment char in addition to '#'; also, officially
   recognize comments after an entry (IP address or domain name) in
   ip4set and dnset

0.93 (18 May 2003)

 - reverse change made in 0.91: SOA TTL, when SOA is in AUTHORITY
   section, should be from SOA's MINTTL (negative cache TTL).

0.92 (17 May 2003)

 - bugfix: fixed SOA screwup introduced in 0.91

0.91 (15 May 2003)

 - rotate nameserver records (simple cyclic rotation)
 
 - understand time units - 1w = 7d = 168h = 10080m = 604800s

 - allow compilation without IPv6 transport support (-DNOIPv6)

 - bugfix: fixed default A RR to be 127.0.0.2, not 2.0.0.127

 - added (preliminary) RPM .spec file (rpmbuild -tb to build from tarball)

0.90 (10 May 2003)

 - IPv6 transport support.  Specify -4 or -6 to use particular
   transport, default is to use first available.

 - -b (bindaddr) now does not accept port specification, only
   host address.  Use new option -P to specify listening port.

 - acl (-a) and log filter (-L) - per-IP filters - are gone
   for now, as I should figure out how to do that with IPv6.

0.89p4 (8 May 2003)

 - since bind9 returns NXDOMAIN for b.example.com even if a.b.example.com
   exists, all the NXDOMAIN elimination code has been removed.  So much
   useless work.  Now rbldnsd is small again.

0.89p3 (8 May 2003)

 Incompatible changes:

 - ip4vset and dnvset are gone.  A trivial idea allowed me to merge
   functionality into ip4set and dnset.
   This means, in particular, that default A/TXT values may be specified
   at any place in data files, and applies to all subsequent records up
   to end of file (defaults gets reset at file boundary), and negative
   (exclusion) entries works - all in uniform way.

 - $NS special in every dataset instead of NS record in generic dataset.
   Up to 20 per zone may be specified.  Rbldnsd still does not add NS RRs
   into normal answers, and perhaps will never do; also it never fills up
   ADDITIONAL section (e.g. with NS A RRs).

 - rbldnsd will now refuse ANY, SOA and NS queries for zone's base DN if
   SOA and/or NS records (as specials) aren't specified.

 - Support for NS and SOA record types removed from generic dataset.  Use
   dataset specials ($SOA and $NS) for this.

 - $SOA and $NS specials requires TTL as a first word, so SOA become
   8-field instead of 7-field, and NS become 2-field instead of one-field.

 Changes:

 - Allow to specify TTL per dataset (as $TTL special), and for every record
   in generic dataset (optional field before record type)

 - substitution variables $0,$1,$2...$9 implemented for TXT templates,
   so it is now possible to use less space and less typing.  I don't know
   whenever this is useful or not.

0.89p2 (6 May 2003)

 Incompatible changes:

 - rbldnsd now substitutes listed DN in TXT template, instead of query DN,
   e.g. if some.spammer.example.com is queried, and *.spammer.example.com
   listed, `spammer.example.com' will be used for $ substitution.  For
   domain-based lists (dn[v]set) only, IP-based always substitutes an IP.

 - for name-based lists, empty domain names disallowed.

 Changes:

 - completed NXDOMAIN vs subdomains handling for domain-based lists
   (generic, dn[v]set).  Rbldnsd now very close to BIND behaviour with
   all it's dataset types.

 - correctly handle zero bytes in DN names ewerywhere.  Before, rbldnsd
   was incorrect in this area.

 - allow logging to be done to FIFO (ignore SIGPIPE and open with NODELAY)

 - control whenever logging is buffered or not (place `+' in front of
   logfile (-l option) to make it non-buffered)

 - log (-l) creation errors are now logged to syslog as warnings

 - -q option - quick/quiet start, load zones after backgrounding
   (so load errors are not fatal)

 - as usual, some more code cleanups etc all over the place.

0.89p1 (4 May 2003)

 many changes.  "Expirience" release...

 Incompatible changes:

 - generic zone does not understand SOA records anymore - SOA now may be
   specified in every zone data file as $SOA.

 - rbldnsd now matches BIND's runtime behaviour as close as possible.  In
   particular, rbldnsd now replies to any query type (except of AXFR and
   the like), giving positive reply if requested name exists.  Also, it now
   will reply to queries like 0.0.127.bl.example.com (note partial IP)
   positively with zero answers (certainly, such domain does exists if
   e.g. 127.0.0.2 is listed).  Additionally, rbldnsd now inserts SOA
   record (if available) to every answer that contains no answer section
   (this way, it is possible to specify negative caching ttl for example).

 - order of zones in command line is now important again.  Rbldnsd will
   stop searching at first matching zone found, so if a superzone specified
   before some of it's subzone, subzone will never be consulted.  This may
   change again in the future.

 Changes:

 - much improved manual page, including new "bugs" section and usage of
   proper (I hope) terms (in particular, "zone" changed to "dataset" where
   appropriate)

 - default values for ip4vset and dnvset may be specified in any line of
   data file, and applies to all subsequent entries
 
 - major code cleanups and some redesigns, to follow BIND's behaviour

 - generic dataset may now handle MX records too.

 - proper domain name compression implemented (SOA, NS, MX values)

 - SOA serial value may be set to be dataset's modification timestamp
   (just specify serial to be 0 and rbldnsd will set it automatically)

0.84 (not released):

 - return positive result with zero records to AAAA, PTR and CNAME
   queries.  Hack for now, but this way rbldnsd may finally be used
   together with sendmail and bind...

 - rewrote query parsing routine to be much more accurate and a bit faster.

0.83 (released 2003-04-19)

 - critical security fix in query parsing code - that check was
   here initially, in version 0.1, but was removed when I optimized
   that code.  Ugh!..

 - portability: 4.4 FreeBSD does not have mallinfo() and stdint.h
   (use appropriate -Ddefines, Makefile)

 - access control and filtering logging by IP

 - inlined qsort routine, speed up loading significantly.

 - removed some cruft from the code

0.82 (released 2003-04-05)

 - recognize another variation of IP address range, for easy use:

     127.0.0.1-2 is now treated as 127.0.0.1-127.0.0.2
     127.0-200   is now treated as 127.0.0.0-127.200.255.255

 - debianized

0.81 (released 2003-04-03)

 - rbldnsd now recognizes IP address ranges in additional to
   IP prefixes and CIDR ranges, e.g. 127.0.0.2-127.0.1.5 now
   works with ip4[v]set zonetypes (range is inclusive).  May
   be disabled at compile time by adding -DNOIP4RANGES to
   $(DEFS).
 
 - new option, -e, to enable usage of "non-conforming" CIDR
   ranges, where prefix does not fit within given netmask.

 - -v option is gone, new option -l to specify a logfile
   (it was a bad idea to log every request via syslog).

 - when constructing a dataset from several files, A and
   TXT records are now taken from _first_ file for ip4set
   and dnset (ignoring those in other files), and for
   ip4vset and dnvset, defaults are in effect for a single
   file only.

 - implemented removal of duplicate entries on zone data
   reloads.  May be disabled at compile time by adding
   -DNOREMOVEDUPS to $(DEFS).

 - various code cleanups

0.80 (released 2003-04-02)

 Incompatible changes:

 - command-line zone syntax has changed.  Consult the manpage
   for examples.  Basically, instead of

      type:file-zone-name

   rbldnsd now expects

      zone-name:type:file-name

   thus eliminating requiriment that zone name should be in
   file named after zone.  Also, a LIST (comma-separated) of
   filenames may be specified instead of a single file.  Note
   that all 3 fields are required.  Resulting command line
   may look somewhat ugly (and it may be long), but the effect
   is much improved flexibility.

 - logging has changed.  Data set may be reused for several
   zones, so "zone xxx loaded" message is now replaced by
   "dataset loaded", without any reference to zone(s) which
   uses that data set.

 - rbldnsd will abort it's startup if it will encounter any
   error during initial zone loading (missing file, out of
   memory etc).  After initialization, all errors are not
   fatal, but partially loaded zones will NOT be serviced
   (rbldnsd will return REFUSED in this case, as if it does
   not service this zone at all).  If, on subsequent reload,
   problematic zone will be back available, it will be included
   in servicing list automatically.

 Other changes:

 - rbldnsd now recognizes and answers to NS and SOA records.
   For this to work, one need to specify such records, and
   for this, new data type was introduced, named `generic'
   (simplified bind-style format, see manpage for more info).
   If no `generic' type dataset is specified for a domain,
   rbldnsd will refuse NS and SOA queries as before.

 - due to changed command line format, it is now possible to
   construct one zone from several data sets (by repeating
   the same zone name with different data sets), and to
   construct one data set from several files (of the same
   type).  Either way and any combinations works (see NOTES
   section in the manpage for examples).

 - logging of queries is implemented.  Give -v option to turn
   it on, but expect large amount of data to be logged on a
   busy site (every query will be logged via syslog).  This
   feature is mainly for debugging purposes, and later may
   be replaced with more advanced logging to a file.

0.74 (newer released)

 Incompatible changes over 0.73:

 - In ip4vset and most notable in dnvset types, it is now possible
   to specify exclusion of an entry (useful to specify large block
   and exclude a single entry from it).  This is done by prefixing
   an entry with an exclamation sign (!).  So, exclamation sign at
   start of line is now treated specially (it wasn't valid for
   ip4vset, but it was treated as a part of domain name in dnvset).

 - If no TXT record is available for an entry, rbldnsd will now not
   return NXDOMAIN but will return zero-entry successeful answer.
   This is how BIND works.  Something like "valid name but now data
   of requested type".

 Other changes in 0.74:

 - reorganized storage for TXT records, to speed up loading of zones
   with non-repeatable TXT values.  With this change, relays.osirusoft
   zones now requires somewhat more memory (since no hard work for TXT
   duplication elimination is now taking place), but overall case (where
   TXTs aren't repeated frequently) is now much faster, in particular,
   Wirehub's permblockIP.txt now loads in an acceptable time.  Rbldnsd
   still recognizes and packs adjanced duplicates.  Worst case will be
   with randomized osirusoft data (it has very many dups, but most are
   adjanced to each other).

 - reviewed logging, should be ok for buffer-overflow things.
   Also, prevent log flooding in case input file contains many
   errors (only first 5 is logged)