Fold in conflict related changes after beta26 merge.

Also, update the man pages - they were very old and out of date.

14 files changed, 248 insertions, 259 deletions

diff --git a/usr.sbin/named/Makefile b/usr.sbin/named/Makefile
index a9bf04f..b21c4ab 100644
--- a/usr.sbin/named/Makefile
+++ b/usr.sbin/named/Makefile
@@ -67,7 +67,7 @@ OBJS+=	version.o
 CLEANFILES+=version.c version.o
 SUBDIR=	tools xfer
 
-VER	= LOCAL-`date +%y%m%d.%H%M%S`
+VER	= 4.9.3-BETA26-LOCAL
 
 version.c: ${.CURDIR}/Version.c ${.CURDIR}/Makefile ${SRCS}
 	(LANG=; LC_TIME=; u=$${USER-root} d=`pwd |sed -e 's|/obj/|/src/|'` \
diff --git a/usr.sbin/named/db_glue.c b/usr.sbin/named/db_glue.c
index 17d6085..3321c96 100644
--- a/usr.sbin/named/db_glue.c
+++ b/usr.sbin/named/db_glue.c
@@ -1,6 +1,6 @@
 #if !defined(lint) && !defined(SABER)
 static char sccsid[] = "@(#)db_glue.c	4.4 (Berkeley) 6/1/90";
-static char rcsid[] = "$Id: db_glue.c,v 1.2 1995/05/30 03:48:39 rgrimes Exp $";
+static char rcsid[] = "$Id: db_glue.c,v 1.3 1995/08/20 21:18:19 peter Exp $";
 #endif /* not lint */
 
 /*
@@ -1179,14 +1179,17 @@ ctimel(l)
 
 /*
  * This is nec'y for systems that croak when deref'ing unaligned pointers.
- * SPARC is an example.
+ * SPARC is an example.  Note that in_addr.s_addr needn't be a 32-bit int,
+ * so we want to avoid bcopy and let the compiler do the casting for us.
  */
 struct in_addr
 data_inaddr(data)
 	const u_char *data;
 {
 	struct in_addr ret;
+	u_int32_t tmp;
 
-	bcopy((char *)data, (char *)&ret, INADDRSZ);
+	bcopy((char *)data, (char *)&tmp, INADDRSZ);
+	ret.s_addr = tmp;
 	return (ret);
 }
diff --git a/usr.sbin/named/named.8 b/usr.sbin/named/named.8
index 583a403..bd9628c 100644
--- a/usr.sbin/named/named.8
+++ b/usr.sbin/named/named.8
@@ -53,7 +53,7 @@
 .\"
 .\"	@(#)named.8	6.6 (Berkeley) 2/14/89
 .\"
-.TH NAMED 8 "April 17, 1993"
+.TH NAMED 8 "June 20, 1995"
 .UC 4
 .SH NAME
 named \- Internet domain name server
@@ -64,7 +64,7 @@ named \- Internet domain name server
 .I debuglevel
 ] [
 .B \-p
-.I port#
+.IR port# [\fB/\fP\fIlocalport#\fP]
 ] [{\-b}
 .I bootfile
 ] [
@@ -90,8 +90,13 @@ A number after the ``d'' determines the level of
 messages printed.
 .TP
 .B \-p
-Use a different port number.  The default is the standard port number
+Use nonstandard port numbers.  The default is the standard port number
 as returned by getservbyname(3) for service ``domain''.
+The argument can specify two port numbers separated by a slash (``\fB/\fP'')
+in which case the first port is that used when contacting remote servers,
+and the second one is the service port bound by the local instance of
+.IR named .
+This is used mostly for debugging purposes.
 .TP
 .B \-b
 Use an alternate boot file.  This is optional and allows you to
@@ -99,11 +104,14 @@ specify a file with a leading dash.
 .TP
 .B \-q
 Trace all incoming queries if \fInamed\fP has been compiled with
-\fIQRYLOG\fP defined.
+\fIQRYLOG\fP defined.  \fINOTE:\fP this option is deprecated in favour
+of the boot file directive ``options query-log''.
 .TP
 .B \-r
 Turns recursion off in the server.  Answers can come only from local
 (primary or secondary) zones.  This can be used on root servers.
+\fINOTE:\fP this option is deprecated in favour
+of the boot file directive ``options no-recursion''.
 .PP
 Any additional argument is taken as the name of the boot file.
 If multiple boot files are specified, only the last is used.
@@ -123,14 +131,16 @@ directory	/usr/local/adm/named
 .ta \w'forwarders\ 'u +\w'6.32.128.IN-ADDR.ARPA\ 'u +\w'128.32.137.8 128.32.137.3\ 'u
 ; type	domain	source host/file				backup file
 
-cache	.							named.root
+cache	.							root.cache
 primary	Berkeley.EDU	berkeley.edu.zone
 primary	32.128.IN-ADDR.ARPA	ucbhosts.rev
 secondary	CC.Berkeley.EDU	128.32.137.8 128.32.137.3	cc.zone.bak
 secondary	6.32.128.IN-ADDR.ARPA	128.32.137.8 128.32.137.3	cc.rev.bak
 primary	0.0.127.IN-ADDR.ARPA					localhost.rev
 forwarders	10.0.0.78 10.2.0.78
-; slave
+limit	max-xfers 10
+limit	datasize 64M
+options	forward-only query-log fake-iquery
 
 .DT
 .fi
@@ -139,19 +149,19 @@ The ``directory'' line causes the server to change its working directory to
 the directory specified.  This can be important for the correct processing
 of \s-1$INCLUDE\s+1 files in primary zone files.
 .LP
-The ``cache'' line specifies that data in ``named.root'' is to be placed in
+The ``cache'' line specifies that data in ``root.cache'' is to be placed in
 the backup cache.  Its main use is to specify data such as locations of root
 domain servers.  This cache is not used during normal operation, but is used
-as ``hints'' to find the current root servers.  The file ``named.root'' is
+as ``hints'' to find the current root servers.  The file ``root.cache'' is
 in the same format as ``berkeley.edu.zone''.  There can be more than one
-``cache'' file specified.  The ``named.root'' file should be retrieved
+``cache'' file specified.  The ``root.cache'' file should be retrieved
 periodically from \s-1FTP.RS.INTERNIC.NET\s+1 since it contains a list of
 root servers, and this list changes periodically.
 .LP
 The first example ``primary'' line states that the file
 ``berkeley.edu.zone'' contains authoritative data for the ``Berkeley.EDU''
 zone.  The file ``berkeley.edu.zone'' contains data in the master file
-format described in RFC883.  All domain names are relative to the origin, in
+format described in RFC 883.  All domain names are relative to the origin, in
 this case, ``Berkeley.EDU'' (see below for a more detailed description).
 The second ``primary'' line states that the file ``ucbhosts.rev'' contains
 authoritative data for the domain ``32.128.IN-ADDR.ARPA,'' which is used to
@@ -180,29 +190,26 @@ specifies one or more forwarders, then the server will send all queries for
 data not in the cache to the forwarders first.  Each forwarder will be asked
 in turn until an answer is returned or the list is exhausted.  If no answer
 is forthcoming from a forwarder, the server will continue as it would have
-without the forwarders line unless it is in ``slave'' mode.  The forwarding
-facility is useful to cause a large sitewide cache to be generated on a
-master, and to reduce traffic over links to outside servers.  It can also be
-used to allow servers to run that do not have access directly to the
-Internet, but wish to act as though they do.
+without the forwarders line unless it is in ``forward-only'' mode.  The
+forwarding facility is useful to cause a large sitewide cache to be
+generated on a master, and to reduce traffic over links to outside servers.
+It can also be used to allow servers to run that do not have direct access
+to the Internet, but wish to look up exterior names anyway.
 .LP
-The ``slave'' line (shown commented out) is used to put the server in slave
-mode.  In this mode, the server will only make queries to forwarders.  This
-option is normally used on machine that wish to run a server but for
-physical or administrative reasons cannot be given access to the Internet,
-but have access to a host that does have access.
+The ``slave'' line (deprecated) is allowed for backward compatibility.  Its
+meaning is identical to ``options forward-only''.
 .LP
 The ``sortlist'' line can be used to indicate networks that are to be
-preferred over other networks Queries for host addresses from hosts on the
+preferred over other networks.  Queries for host addresses from hosts on the
 same network as the server will receive responses with local network
 addresses listed first, then addresses on the sort list, then other
 addresses.
 .LP
-The ``xfrnets'' directive (not shown) can be used to implement primative
+The ``xfrnets'' directive (not shown) can be used to implement primitive
 access control.  If this directive is given, then your name server will
 only answer zone transfer requests from hosts which are on networks listed
 in your ``xfrnets'' directives.  This directive may also be given as
-``tcplist'' for compatibility with older, interrim servers.
+``tcplist'' for compatibility with older, interim servers.
 .LP
 The ``include'' directive (not shown) can be used to process the contents
 of some other file as though they appeared in place of the ``include''
@@ -218,9 +225,38 @@ as dotted quads, not as domain names).  This is useful when you know that
 some popular server has bad data in a zone or cache, and you want to avoid
 contamination while the problem is being fixed.
 .LP
-The ``max-fetch'' directive (not shown) can be used to override the default
-limit (which is 10) to the number of named-xfer subprocesses which \s-1BIND\s+1
-can spawn at any one time.
+The ``limit'' directive can be used to change \s-1BIND\s+1's internal limits,
+some of which (\fBdatasize\fP, for example) are implemented by the system and
+others (like \fBtransfers-in\fP) by \s-1BIND\s+1 itself.  The number following
+the limit name can be scaled by postfixing a ``k,'' ``m,'' or ``g'' for
+kilobytes, megabytes, and gigabytes respectively.
+\fBdatasize\fP's argument sets the process data size enforced by the kernel.
+\fINote:\fP not all systems provide a call to implement this -- on such
+systems, the use of the \fBdatasize\fP parameter of ``limit'' will result in
+a warning message.
+\fBtransfers-in\fP's argument is the number of \fInamed-xfer\fP subprocesses
+which \s-1BIND\s+1 will spawn at any one time.
+\fBtransfers-per-ns\fP's argument is the maximum number of zone transfers to
+be simultaneously initiated to any given remote name server.
+.LP
+The ``options'' directive introduces a boolean specifier that changes the
+behaviour of \s-1BIND\s+1.  More than one option can be specified in a single
+directive.  The currently defined options are as follows:
+\fBno-recursion\fP, which will cause \s-1BIND\s+1 to answer with a referral
+rather than actual data whenever it receives a query for a name it is not
+authoritative for -- don't set this on a server that is listed in any host's
+\fIresolv.conf\fP file;
+\fBquery-log\fP, which causes all queries to be logged via
+syslog(8) -- this is a lot of data, don't turn it on lightly;
+\fBforward-only\fP, which causes the server to query only its forwarders --
+this option is normally used on machine that wishes to run a server but for
+physical or administrative reasons cannot be given access to the Internet;
+and \fBfake-iquery\fP, which tells \s-1BIND\s+1 to send back a useless and
+bogus reply to ``inverse queries'' rather than responding with an error --
+this is helpful if you have a lot of microcomputers or SunOS hosts or both.
+.LP
+The ``max-fetch'' directive (not shown) is allowed for backward compatibility;
+its meaning is identical to ``limit transfers-in''.
 .PP
 The master file consists of control information and a list of resource
 records for objects in the zone of the forms:
@@ -278,7 +314,7 @@ the canonical name for an alias (domain)
 .IP SOA
 marks the start of a zone of authority (domain of originating host,
 domain address of maintainer, a serial number and the following
-parameters in seconds: refresh, retry, expire and minimum TTL (see RFC883)).
+parameters in seconds: refresh, retry, expire and minimum TTL (see RFC 883)).
 .IP NULL
 a null resource record (no format or data)
 .IP RP
@@ -337,15 +373,16 @@ server process using the
 .IR kill (1)
 command.
 .IP SIGHUP
-Causes server to read named.boot and reload database.  If the server
+Causes server to read named.boot and reload the database.  If the server
 is built with the FORCED_RELOAD compile-time option, then SIGHUP will
 also cause the server to check the serial number on all secondary zones.
 Normally the serial numbers are only checked at the SOA-specified intervals.
 .IP SIGINT
-Dumps current data base and cache to /var/tmp/named_dump.db
+Dumps the current data base and cache to /var/tmp/named_dump.db
 .IP SIGIOT
 Dumps statistics data into /var/tmp/named.stats if the server is
-compiled -DSTATS.  Statistics data is appended to the file.
+compiled with -DSTATS.  Statistics data is appended to the file.  Some
+systems use SIGABRT rather than SIGIOT for this.
 .IP SIGSYS
 Dumps the profiling data in /var/tmp if the server is compiled
 with profiling (server forks, chdirs and exits).
@@ -360,7 +397,7 @@ Turns on debugging; each SIGUSR1 increments debug level.
 Turns off debugging completely.
 (SIGFPE on older systems without SIGUSR2)
 .IP SIGWINCH
-Toggles logging of all incoming queries via syslog(3)
+Toggles logging of all incoming queries via syslog(8)
 (requires server to have been built with the QRYLOG option).
 .SH FILES
 .nf
@@ -372,7 +409,7 @@ Toggles logging of all incoming queries via syslog(3)
 /var/tmp/named.stats	nameserver statistics data
 .fi
 .SH "SEE ALSO"
-kill(1), gethostbyname(3), signal(3), 
+kill(1), gethostbyname(3), signal(2), 
 resolver(3), resolver(5), hostname(7),
 RFC 882, RFC 883, RFC 973, RFC 974, RFC 1033, RFC 1034, RFC 1035, RFC 1123,
 \fIName Server Operations Guide for \s-1BIND\s+1\fR
diff --git a/usr.sbin/named/ns_forw.c b/usr.sbin/named/ns_forw.c
index 1d4ffbb..68d0dbe 100644
--- a/usr.sbin/named/ns_forw.c
+++ b/usr.sbin/named/ns_forw.c
@@ -1,6 +1,6 @@
 #if !defined(lint) && !defined(SABER)
 static char sccsid[] = "@(#)ns_forw.c	4.32 (Berkeley) 3/3/91";
-static char rcsid[] = "$Id: ns_forw.c,v 1.2 1995/05/30 03:48:49 rgrimes Exp $";
+static char rcsid[] = "$Id: ns_forw.c,v 1.3 1995/08/20 21:18:36 peter Exp $";
 #endif /* not lint */
 
 /*
@@ -374,6 +374,29 @@ nslookup(nsp, qp, syslogdname, sysloginfo)
 				       dname);
 				continue;
 			}
+#ifdef INADDR_LOOPBACK
+			if (ntohl(data_inaddr(dp->d_data).s_addr) ==
+					INADDR_LOOPBACK) {
+				syslog(LOG_INFO, "Bogus LOOPBACK A RR for %s",
+				       dname);
+				continue;
+			}
+#endif
+#ifdef INADDR_BROADCAST
+			if (ntohl(data_inaddr(dp->d_data).s_addr) == 
+					INADDR_BROADCAST) {
+				syslog(LOG_INFO, "Bogus BROADCAST A RR for %s",
+				       dname);
+				continue;
+			}
+#endif
+#ifdef IN_MULTICAST
+			if (IN_MULTICAST(ntohl(data_inaddr(dp->d_data).s_addr))) {
+				syslog(LOG_INFO, "Bogus MULTICAST A RR for %s",
+				       dname);
+				continue;
+			}
+#endif
 			/*
 			 * Don't use records that may become invalid to
 			 * reference later when we do the rtt computation.
diff --git a/usr.sbin/named/ns_glob.h b/usr.sbin/named/ns_glob.h
index d229c95..db21a78 100644
--- a/usr.sbin/named/ns_glob.h
+++ b/usr.sbin/named/ns_glob.h
@@ -1,6 +1,6 @@
 /*
  *	from ns.h	4.33 (Berkeley) 8/23/90
- *	$Id: ns_glob.h,v 1.2 1995/05/30 03:48:50 rgrimes Exp $
+ *	$Id: ns_glob.h,v 1.3 1995/08/20 21:18:41 peter Exp $
  */
 
 /*
@@ -177,9 +177,6 @@ DECL	u_int16_t		ns_port;
 	/* Source addr of last packet */
 DECL	struct sockaddr_in	from_addr;
 
-	/* Source addr size of last packet */
-DECL	int			from_len;
-
 	/* Used by ns_stats */
 DECL	time_t			boottime,
 				resettime;
diff --git a/usr.sbin/named/ns_init.c b/usr.sbin/named/ns_init.c
index b546e9f..aabcf53 100644
--- a/usr.sbin/named/ns_init.c
+++ b/usr.sbin/named/ns_init.c
@@ -1,6 +1,6 @@
 #if !defined(lint) && !defined(SABER)
 static char sccsid[] = "@(#)ns_init.c	4.38 (Berkeley) 3/21/91";
-static char rcsid[] = "$Id: ns_init.c,v 1.1.1.2 1995/08/18 21:16:00 peter Exp $";
+static char rcsid[] = "$Id: ns_init.c,v 1.3 1995/08/20 21:18:44 peter Exp $";
 #endif /* not lint */
 
 /*
@@ -65,7 +65,6 @@ static char rcsid[] = "$Id: ns_init.c,v 1.1.1.2 1995/08/18 21:16:00 peter Exp $"
 #include <arpa/nameser.h>
 #include <arpa/inet.h>
 #include <syslog.h>
-#include <signal.h>
 #include <resolv.h>
 #include <stdio.h>
 #include <errno.h>
@@ -80,7 +79,7 @@ enum limit { Datasize };
 
 static void		zoneinit __P((struct zoneinfo *)),
 			get_forwarders __P((FILE *)),
-			boot_read __P((char *)),
+			boot_read __P((const char *filename, int includefile)),
 #ifdef DEBUG
 			content_zone __P((int)),
 #endif
@@ -175,7 +174,7 @@ ns_init(bootfile)
         	content_zone(nzones - 1);
         }
 #endif
-	boot_read(bootfile);
+	boot_read(bootfile, 0);
 
         /* erase all old zones that were not found */
         for (zp = &zones[1]; zp < &zones[nzones]; zp++) {
@@ -217,8 +216,9 @@ ns_init(bootfile)
  * Set up to recurse.
  */
 static void
-boot_read(bootfile)
-	char *bootfile;
+boot_read(filename, includefile)
+	const char *filename;
+	int includefile;
 {
 	register struct zoneinfo *zp;
 	char buf[BUFSIZ], obuf[BUFSIZ], *source;
@@ -236,8 +236,8 @@ boot_read(bootfile)
 	int slineno;			/* Saved global line number. */
 	int i;
 
-	if ((fp = fopen(bootfile, "r")) == NULL) {
-		syslog(LOG_ERR, "%s: %m", bootfile);
+	if ((fp = fopen(filename, "r")) == NULL) {
+		syslog(LOG_ERR, "%s: %m", filename);
 		exit(1);
 	}
 
@@ -265,11 +265,11 @@ boot_read(bootfile)
 			get_netlist(fp, enettab, ALLOW_NETS, buf);
 			continue;
 		} else if (strcasecmp(buf, "max-fetch") == 0) {
-			max_xfers_running = getnum(fp, bootfile, GETNUM_NONE);
+			max_xfers_running = getnum(fp, filename, GETNUM_NONE);
 			continue;
 		} else if (strcasecmp(buf, "limit") == 0) {
 			(void) getword(buf, sizeof(buf), fp);
-			ns_limit(buf, getnum(fp, bootfile, GETNUM_SCALED));
+			ns_limit(buf, getnum(fp, filename, GETNUM_SCALED));
 			continue;
 		} else if (strcasecmp(buf, "options") == 0) {
 			while (getword(buf, sizeof(buf), fp))
@@ -300,7 +300,7 @@ boot_read(bootfile)
 #endif
 		} else if (strcasecmp(buf, "include") == 0) {
 			if (getword(buf, sizeof(buf), fp))
-				boot_read(buf);
+				boot_read(buf, 1);
 			continue;
 		} else if (strncasecmp(buf, "cache", 5) == 0) {
 			type = Z_CACHE;
@@ -343,7 +343,7 @@ boot_read(bootfile)
 		} else {
 			syslog(LOG_NOTICE,
 			       "%s: line %d: unknown directive '%s'\n",
-			       bootfile, lineno, buf);
+			       filename, lineno, buf);
 			endline(fp);
 			continue;
 		}
@@ -353,14 +353,14 @@ boot_read(bootfile)
 		 */
 		if (!getword(obuf, sizeof(obuf), fp)) {
 			syslog(LOG_NOTICE, "%s: line %d: missing origin\n",
-			    bootfile, lineno);
+			    filename, lineno);
 			continue;
 		}
 		i = strlen(obuf);
 		if ((obuf[i-1] == '.') && (i != 1))
 			syslog(LOG_INFO,
 			       "%s: line %d: zone \"%s\" has trailing dot\n",
-			       bootfile, lineno, obuf);
+			       filename, lineno, obuf);
 		while ((--i >= 0) && (obuf[i] == '.'))
 			obuf[i] = '\0';
 		dprintf(1, (ddt, "zone origin %s", obuf[0]?obuf:"."));
@@ -369,7 +369,7 @@ boot_read(bootfile)
 		 */
 		if (!getword(buf, sizeof(buf), fp)) {
 			syslog(LOG_NOTICE, "%s: line %d: missing %s\n",
-				bootfile, lineno,
+				filename, lineno, 
 #ifdef STUBS
 			   (type == Z_SECONDARY || type == Z_STUB)
 #else
@@ -437,14 +437,14 @@ boot_read(bootfile)
 				if (zp->z_refresh <= 0) {
 					syslog(LOG_NOTICE,
 				"%s: line %d: bad refresh time '%s', ignored\n",
-						bootfile, lineno, buf);
+						filename, lineno, buf);
 					zp->z_refresh = 0;
 				} else if (cache_file == NULL)
 					cache_file = source;
 #else
 				syslog(LOG_NOTICE,
 				       "%s: line %d: cache refresh ignored\n",
-				       bootfile, lineno);
+				       filename, lineno);
 #endif
 				endline(fp);
 			}
@@ -495,7 +495,7 @@ boot_read(bootfile)
 				    else {
 					syslog(LOG_NOTICE,
 					       "%s: line %d: bad flag '%s'\n",
-					       bootfile, lineno, flag);
+					       filename, lineno, flag);
 				    }
 				    flag = cp;
 				}
@@ -571,7 +571,7 @@ boot_read(bootfile)
 				 * We will always transfer this zone again
 				 * after a reload.
 				 */
-				sprintf(buf, "/%s/NsTmp%ld.%d", _PATH_TMPDIR,
+				sprintf(buf, "%s/NsTmp%ld.%d", _PATH_TMPDIR,
 					(long)getpid(), tmpnum++);
 				source = savestr(buf);
 				zp->z_flags |= Z_TMP_FILE;
@@ -930,8 +930,10 @@ ns_option(name)
 {
 	if (!strcasecmp(name, "no-recursion")) {
 		NoRecurse = 1;
+#ifdef QRYLOG
 	} else if (!strcasecmp(name, "query-log")) {
 		qrylog = 1;
+#endif
 	} else if (!strcasecmp(name, "forward-only")) {
 		forward_only = 1;
 #ifndef INVQ
diff --git a/usr.sbin/named/ns_main.c b/usr.sbin/named/ns_main.c
index f1b974f..b2a7849 100644
--- a/usr.sbin/named/ns_main.c
+++ b/usr.sbin/named/ns_main.c
@@ -1,6 +1,6 @@
 #if !defined(lint) && !defined(SABER)
 static char sccsid[] = "@(#)ns_main.c	4.55 (Berkeley) 7/1/91";
-static char rcsid[] = "$Id: ns_main.c,v 1.2 1995/05/30 03:48:52 rgrimes Exp $";
+static char rcsid[] = "$Id: ns_main.c,v 1.3 1995/08/20 21:18:46 peter Exp $";
 #endif /* not lint */
 
 /*
@@ -169,8 +169,7 @@ main(argc, argv, envp)
 	struct qstream *nextsp;
 	int nfds;
 	const int on = 1;
-	int len;
-	int rfd, size;
+	int rfd, size, len;
 	time_t lasttime, maxctime;
 	u_char buf[BUFSIZ];
 #ifdef POSIX_SIGNALS
@@ -180,6 +179,9 @@ main(argc, argv, envp)
 	struct sigvec vec;
 #endif
 #endif
+#ifdef NeXT
+	int old_sigmask;
+#endif
 	fd_set tmpmask;
 	struct timeval t, *tp;
 	struct qstream *candidate = QSTREAM_NULL;
@@ -374,10 +376,10 @@ main(argc, argv, envp)
 			}
 #endif /*WANT_PIDFILE && PID_FIX*/
 			exit(1);
-		} else {	/* Retry opening the socket a few times */
-			my_close(vs);
-			sleep(1);
 		}
+		/* Retry opening the socket a few times */
+		my_close(vs);
+		sleep(3);
 	}
 	if (listen(vs, 5) != 0) {
 		syslog(LOG_ERR, "listen(vs, 5): %m");
@@ -385,7 +387,7 @@ main(argc, argv, envp)
 	}
 
   	/*
-	 * named would be terminated if one of these is sent and no handler
+	 * named would be terminated if one of these is sent and no handler.
 	 */
 	(void) signal(SIGINT, setdumpflg);
 	(void) signal(SIGQUIT, setchkptflg);
@@ -405,6 +407,8 @@ main(argc, argv, envp)
 	/*
 	 * Get list of local addresses and set up datagram sockets.
 	 */
+	FD_ZERO(&mask);
+	FD_SET(vs, &mask);
 	getnetconf();
 
 	/*
@@ -572,10 +576,9 @@ main(argc, argv, envp)
 		nfds = FD_SETSIZE;	/* Bulletproofing */
 		syslog(LOG_NOTICE, "Return from getdtablesize() > FD_SETSIZE");
 	}
-	FD_ZERO(&mask);
-	FD_SET(vs, &mask);
-	for (dqp = datagramq; dqp != QDATAGRAM_NULL; dqp = dqp->dq_next)
-		FD_SET(dqp->dq_dfd, &mask);
+#ifdef NeXT
+	old_sigmask = sigblock(sigmask(SIGCHLD));
+#endif
 	for (;;) {
 #ifdef DEBUG
 		if (ddt && debug == 0) {
@@ -648,7 +651,13 @@ main(argc, argv, envp)
 		} else
 			tp = NULL;
 		tmpmask = mask;
+#ifdef NeXT
+		sigsetmask(old_sigmask);	/* Let queued signals run. */
+#endif
 		n = select(nfds, &tmpmask, (fd_set *)NULL, (fd_set *)NULL, tp);
+#ifdef NeXT
+		old_sigmask = sigblock(sigmask(SIGCHLD));
+#endif
 		if (n < 0 && errno != EINTR) {
 			syslog(LOG_ERR, "select: %m");
 			sleep(60);
@@ -661,7 +670,8 @@ main(argc, argv, envp)
 		     dqp = dqp->dq_next) {
 		    if (FD_ISSET(dqp->dq_dfd, &tmpmask))
 		        for (udpcnt = 0; udpcnt < 42; udpcnt++) {  /*XXX*/
-			    from_len = sizeof(from_addr);
+			    int from_len = sizeof(from_addr);
+
 			    if ((n = recvfrom(dqp->dq_dfd, (char *)buf, sizeof(buf), 0,
 				(struct sockaddr *)&from_addr, &from_len)) < 0)
 			    {
@@ -702,7 +712,8 @@ main(argc, argv, envp)
 		** which, if our accept() failed, will bring us back here.
 		*/
 		if (FD_ISSET(vs, &tmpmask)) {
-			from_len = sizeof(from_addr);
+			int from_len = sizeof(from_addr);
+
 			rfd = accept(vs,
 				     (struct sockaddr *)&from_addr,
 				     &from_len);
@@ -1173,7 +1184,7 @@ static void
 opensocket(dqp)
 	register struct qdatagram *dqp;
 {
-	int n, m;
+	int m, n;
 	int on = 1;
 
 	/*
@@ -1223,6 +1234,7 @@ opensocket(dqp)
 		exit(1);
 #endif
 	}
+	FD_SET(dqp->dq_dfd, &mask);
 }
 
 /*
@@ -1527,34 +1539,38 @@ sqflush(allbut)
 /* void
  * dqflush(gen)
  *	close/deallocate all the udp sockets, unless `gen' != (time_t)0
- *	in which case all those not matching this generation will
- *	be deleted except the 0.0.0.0 element, and syslog() will
- *	be called whenever something is deleted.
+ *	in which case all those not from this generation (except 0.0.0.0)
+ *	will be deleted, and syslog() will be called.
+ * known bugs:
+ *	the above text is impenetrable.
  * side effects:
- *	global list `datagramq' is modified
+ *	global list `datagramq' is modified.
  */
 void
 dqflush(gen)
 	register time_t gen;
 {
-	register struct qdatagram *dqp, *pqp, *nqp;
+	register struct qdatagram *this, *prev, *next;
 
-	for (pqp = NULL, dqp = datagramq;
-	     dqp != NULL;
-	     pqp = dqp, dqp = nqp) {
-		nqp = dqp->dq_next;
+	prev = NULL;
+	for (this = datagramq; this != NULL; this = next) {
+		next = this->dq_next;
 		if (gen != (time_t)0) {
-			if (dqp->dq_addr.s_addr == INADDR_ANY ||
-			    dqp->dq_gen == gen)
+			if (this->dq_addr.s_addr == INADDR_ANY ||
+			    this->dq_gen == gen) {
+				prev = this;
 				continue;
+			}
 			syslog(LOG_NOTICE, "interface [%s] missing; deleting",
-			       inet_ntoa(dqp->dq_addr));
+			       inet_ntoa(this->dq_addr));
 		}
-		if (pqp != NULL)
-			pqp->dq_next = dqp->dq_next;
+		FD_CLR(this->dq_dfd, &mask);
+		my_close(this->dq_dfd);
+		free(this);
+		if (prev == NULL)
+			datagramq = next;
 		else
-			datagramq = dqp->dq_next;
-		free(dqp);
+			prev->dq_next = next;
 	}
 }
 
diff --git a/usr.sbin/named/ns_maint.c b/usr.sbin/named/ns_maint.c
index 03cbf99..111ac82 100644
--- a/usr.sbin/named/ns_maint.c
+++ b/usr.sbin/named/ns_maint.c
@@ -1,6 +1,6 @@
 #if !defined(lint) && !defined(SABER)
 static char sccsid[] = "@(#)ns_maint.c	4.39 (Berkeley) 3/2/91";
-static char rcsid[] = "$Id: ns_maint.c,v 1.2 1995/05/30 03:48:53 rgrimes Exp $";
+static char rcsid[] = "$Id: ns_maint.c,v 1.3 1995/08/20 21:18:49 peter Exp $";
 #endif /* not lint */
 
 /*
@@ -362,6 +362,9 @@ startxfer(zp)
 #ifdef GEN_AXFR
 	char class_str[10];
 #endif
+#ifdef POSIX_SIGNALS
+      sigset_t sset;
+#endif
 
 	dprintf(1, (ddt, "startxfer() %s\n", zp->z_origin));
 
@@ -441,13 +444,23 @@ startxfer(zp)
 
 	gettime(&tt);
 #ifndef SYSV
+#if defined(POSIX_SIGNALS)
+      sigemptyset(&sset);
+      sigaddset(&sset,SIGCHLD);
+      sigprocmask(SIG_BLOCK,&sset,NULL);
+#else
 	omask = sigblock(sigmask(SIGCHLD));
 #endif
+#endif
 	if ((pid = vfork()) == -1) {
 		syslog(LOG_ERR, "xfer vfork: %m");
 #ifndef SYSV
+#if defined(POSIX_SIGNALS)
+              sigprocmask(SIG_UNBLOCK,&sset,NULL);
+#else
 		(void) sigsetmask(omask);
 #endif
+#endif
 		zp->z_time = tt.tv_sec + 10;
 		return;
 	}
@@ -466,8 +479,12 @@ startxfer(zp)
 	xfers_running++;
 	zp->z_time = tt.tv_sec + MAX_XFER_TIME;
 #ifndef SYSV
+#if defined(POSIX_SIGNALS)
+      sigprocmask(SIG_UNBLOCK,&sset,NULL);
+#else
 	(void) sigsetmask(omask);
 #endif
+#endif
 }
 
 const char *
diff --git a/usr.sbin/named/ns_req.c b/usr.sbin/named/ns_req.c
index 94d765b..aca6187 100644
--- a/usr.sbin/named/ns_req.c
+++ b/usr.sbin/named/ns_req.c
@@ -1,6 +1,6 @@
 #if !defined(lint) && !defined(SABER)
 static char sccsid[] = "@(#)ns_req.c	4.47 (Berkeley) 7/1/91";
-static char rcsid[] = "$Id: ns_req.c,v 1.2 1995/05/30 03:48:55 rgrimes Exp $";
+static char rcsid[] = "$Id: ns_req.c,v 1.3 1995/08/20 21:18:54 peter Exp $";
 #endif /* not lint */
 
 /*
@@ -922,10 +922,32 @@ fetchns:
 			 */
 			delete_all(np, class, T_NS);
 #endif
+			for (dp = np->n_data; dp ; dp = dp->d_next)
+				if (dp->d_zone && match(dp, class, T_NS))
+					break;
+			if (dp) {
+				/*
+				 * we know the child zone exists but are
+				 * missing glue.
+				 *
+				 * nslookup has called sysquery() to get the
+				 * missing glue.
+				 *
+				 * for UDP, drop the response and let the
+				 * client retry.  for TCP, we should probably
+				 * (XXX) hold open the TCP connection for a
+				 * while in case the sysquery() comes back
+				 * soon.  meanwhile we SERVFAIL.
+				 */
+				if (qsp)
+					goto do_servfail;
+				break;
+			}
 			np = np->n_parent;
 		}
 		goto fetchns;	/* Try again. */
 	case FW_SERVFAIL:
+ do_servfail:
 		hp->rcode = SERVFAIL;
 #ifdef DATUMREFCNT
 		free_nsp(nsp);
diff --git a/usr.sbin/named/ns_resp.c b/usr.sbin/named/ns_resp.c
index fde341c..b65502c 100644
--- a/usr.sbin/named/ns_resp.c
+++ b/usr.sbin/named/ns_resp.c
@@ -1,6 +1,6 @@
 #if !defined(lint) && !defined(SABER)
 static char sccsid[] = "@(#)ns_resp.c	4.65 (Berkeley) 3/3/91";
-static char rcsid[] = "$Id: ns_resp.c,v 1.2 1995/05/30 03:48:56 rgrimes Exp $";
+static char rcsid[] = "$Id: ns_resp.c,v 1.3 1995/08/20 21:18:58 peter Exp $";
 #endif /* not lint */
 
 /*
@@ -270,10 +270,10 @@ ns_resp(msg, msglen)
 	 *  Here we handle bad responses from servers.
 	 *  Several possibilities come to mind:
 	 *	The server is sick and returns SERVFAIL
-	 *	The server returns some garbage opcode (its sick)
+	 *	The server returns some garbage opcode (it's sick)
 	 *	The server can't understand our query and return FORMERR
-	 *  In all these cases, we simply drop the packet and force
-	 *  a retry.  This will make him look bad due to unresponsiveness.
+	 *  In all these cases, we drop the packet, disable retries on
+	 *  this server and immediately force a retry.
 	 */
 	if ((hp->rcode != NOERROR && hp->rcode != NXDOMAIN)
 #ifndef NCACHE
@@ -299,6 +299,19 @@ ns_resp(msg, msglen)
 			nameserIncr(from_addr.sin_addr, nssRcvdErr);
 			break;
 		}
+		/* mark server as bad */
+		if (!qp->q_fwd)
+		    for (i = 0; i < (int)qp->q_naddr; i++)
+			if (qp->q_addr[i].ns_addr.sin_addr.s_addr
+			    == from_addr.sin_addr.s_addr)
+				qp->q_addr[i].nretry = MAXRETRY;
+		/* XXX - doesn't handle responses sent from the wrong
+		 * interface on a multihomed server
+		 */
+		if (qp->q_fwd ||
+		    qp->q_addr[qp->q_curaddr].ns_addr.sin_addr.s_addr
+		    == from_addr.sin_addr.s_addr)
+			retry(qp);
 		return;
 	}
 
@@ -357,9 +370,15 @@ ns_resp(msg, msglen)
 
 		if (type == T_NS && samedomain(qp->q_domain, name)) {
 			nameserIncr(from_addr.sin_addr, nssRcvdLDel);
+			/* mark server as bad */
+			if (!qp->q_fwd)
+			    for (i = 0; i < (int)qp->q_naddr; i++)
+				if (qp->q_addr[i].ns_addr.sin_addr.s_addr
+				    == from_addr.sin_addr.s_addr)
+					qp->q_addr[i].nretry = MAXRETRY;
 #ifdef LAME_LOGGING
 			if (class == C_IN &&
-			    !haveComplained((char*)nhash(name),
+			    !haveComplained((char*)nhash(inet_etoa(&from_addr)),
 					    (char*)nhash(qp->q_domain)))
 				syslog(LAME_LOGGING,
 				"Lame server on '%s' (in '%s'?): %s%s\n",
@@ -369,6 +388,13 @@ ns_resp(msg, msglen)
 					);
 
 #endif /* LAME_LOGGING */
+			/* XXX - doesn't handle responses sent from the wrong
+			 * interface on a multihomed server
+			 */
+			if (qp->q_fwd ||
+			    qp->q_addr[qp->q_curaddr].ns_addr.sin_addr.s_addr
+			    == from_addr.sin_addr.s_addr)
+				retry(qp);
 			return;
 		}
 	}
@@ -1002,16 +1028,16 @@ ns_resp(msg, msglen)
 		const char *result;
 
 		if (qp->q_addr[i].ns != NULL) {
+			dprintf(1, (ddt, "ns_resp: ns %s rcnt %d (%s)\n",
+				    qp->q_addr[i].ns->d_data,
+				    qp->q_addr[i].ns->d_rcnt,
+				    result));
 			if ((--(qp->q_addr[i].ns->d_rcnt)))
 				result = busy;
 			else {
 				free((char*)qp->q_addr[i].ns);
 				result = freed;
 			}
-			dprintf(1, (ddt, "ns_resp: ns %s rcnt %d (%s)\n",
-				    qp->q_addr[i].ns->d_data,
-				    qp->q_addr[i].ns->d_rcnt,
-				    result));
 		}
 		if (qp->q_addr[i].nsdata != NULL) {
 			if ((--(qp->q_addr[i].nsdata->d_rcnt)))
diff --git a/usr.sbin/named/tools/named.restart/named.restart.8 b/usr.sbin/named/tools/named.restart/named.restart.8
index 2e66615..7670dd1 100644
--- a/usr.sbin/named/tools/named.restart/named.restart.8
+++ b/usr.sbin/named/tools/named.restart/named.restart.8
@@ -51,10 +51,10 @@
 .\" -
 .\" --Copyright--
 .\"
+.\"	$Id: named.restart.8,v 1.3 1995/05/03 03:26:56 rgrimes Exp $
 .\"	from hostname.7	6.4 (Berkeley) 1/16/90
-.\"	$Id$
 .\"
-.TH NAMED.RESTART 8 "May 2, 1995"
+.TH NAMED.RESTART 8 "June 26, 1993"
 .UC 5
 .SH NAME
 named.restart \- stop and restart the name server
diff --git a/usr.sbin/named/tree.c b/usr.sbin/named/tree.c
index a54329e..4bad68c 100644
--- a/usr.sbin/named/tree.c
+++ b/usr.sbin/named/tree.c
@@ -33,7 +33,7 @@ static char RCSid[] = "$Id:";
 #ifndef _PATH_XFER
 # include <stdlib.h>
 #else
-# include "../conf/portability.h"
+# include "portability.h"
 #endif
 #include "tree.h"
 
diff --git a/usr.sbin/named/tree.man3 b/usr.sbin/named/tree.man3
deleted file mode 100644
index 5be48783..0000000
--- a/usr.sbin/named/tree.man3
+++ /dev/null
@@ -1,154 +0,0 @@
-.TH TREE 3 "5 April 1994"
-.\" from .TH TREE 3 "22 Jan 1993"
-.\" from .TH TREE 2 "23 June 1986"
-.UC 4
-.SH NAME
-tree_init, tree_mung, tree_srch, tree_add, tree_delete, tree_trav
-\- balanced binary tree routines
-.SH SYNOPSIS
-.nf
-.B void
-.B tree_init(tree)
-.B void **tree;
-.PP
-.B void *
-.B tree_srch(tree, compare, data)
-.B void **tree;
-.B int (*compare)();
-.B void *data;
-.PP
-.B void
-.B tree_add(tree, compare, data, del_uar)
-.B void **tree;
-.B int (*compare)();
-.B void *data;
-.B void (*del_uar)();
-.PP
-.B int
-.B tree_delete(tree, compare, data, del_uar)
-.B void **tree;
-.B int (*compare)();
-.B void *data;
-.B void (*del_uar)();
-.PP
-.B int
-.B tree_trav(tree, trav_uar)
-.B void **tree;
-.B int (*trav_uar)();
-.PP
-.B void
-.B tree_mung(tree, del_uar)
-.B void **tree;
-.B void (*del_uar)();
-.fi
-.SH DESCRIPTION
-These functions create and manipulate a balanced binary (AVL) tree.  Each node
-of the tree contains the expected left & right subtree pointers, a short int
-balance indicator, and a pointer to the user data.  On a 32 bit system, this
-means an overhead of 4+4+2+4 bytes per node (or, on a RISC or otherwise
-alignment constrained system with implied padding, 4+4+4+4 bytes per node).
-There is no key data type enforced by this package; a caller supplied
-compare routine is used to compare user data blocks.
-.PP
-Balanced binary trees are very fast on searches and replacements, but have a
-moderately high cost for additions and deletions.  If your application does a
-lot more searches and replacements than it does additions and deletions, the
-balanced (AVL) binary tree is a good choice for a data structure.
-.PP
-.I Tree_init
-creates an empty tree and binds it to
-.I tree
-(which for this and all other routines in this package should be declared as
-a pointer to void or int, and passed by reference), which can then be used by
-other routines in this package.  Note that more than one
-.I tree
-variable can exist at once; thus multiple trees can be manipulated
-simultaneously.
-.PP
-.I Tree_srch
-searches a tree for a specific node and returns either
-.I NULL
-if no node was found, or the value of the user data pointer if the node
-was found.
-.I compare
-is the address of a function to compare two user data blocks.  This routine
-should work much the way 
-.IR strcmp (3)
-does; in fact,
-.I strcmp
-could be used if the user data was a \s-2NUL\s+2 terminated string.
-.I data
-is the address of a user data block to be used by
-.I compare
-as the search criteria.  The tree is searched for a node where
-.I compare
-returns 0.
-.PP
-.I Tree_add
-inserts or replaces a node in the specified tree.  The tree specified by
-.I tree
-is searched as in
-.I tree_srch,
-and if a node is found to match
-.I data,
-then the
-.I del_uar
-function, if non\-\s-2NULL\s+2, is called with the address of the user data
-block for the node (this routine should deallocate any dynamic memory which
-is referenced exclusively by the node); the user data pointer for the node
-is then replaced by the value of
-.I data.
-If no node is found to match, a new node is added (which may or may not
-cause a transparent rebalance operation), with a user data pointer equal to
-.I data.
-A rebalance may or may not occur, depending on where the node is added
-and what the rest of the tree looks like.
-.I Tree_add
-will return the
-.I data
-pointer unless catastrophe occurs in which case it will return \s-2NULL\s+2.
-.PP
-.I Tree_delete
-deletes a node from
-.I tree.
-A rebalance may or may not occur, depending on where the node is removed from
-and what the rest of the tree looks like.
-.I Tree_delete
-returns TRUE if a node was deleted, FALSE otherwise.
-.PP
-.I Tree_trav
-traverses all of
-.I tree,
-calling
-.I trav_uar
-with the address of each user data block.  If
-.I trav_uar
-returns FALSE at any time,
-.I tree_trav
-will immediately return FALSE to its caller.  Otherwise all nodes will be 
-reached and
-.I tree_trav
-will return TRUE.
-.PP
-.I Tree_mung
-deletes every node in
-.I tree,
-calling
-.I del_uar
-(if it is not \s-2NULL\s+2) with the user data address from each node (see
-.I tree_add
-and
-.I tree_delete
-above).  The tree is left in the same state that
-.I tree_init
-leaves it in \- i.e., empty.
-.SH BUGS
-Should have a way for the caller to specify application specific
-.I malloc
-and
-.I free
-functions to be used internally when allocating meta data.
-.SH AUTHOR
-Paul Vixie, converted and augumented from Modula\-2 examples in
-.I Algorithms & Data Structures,
-Niklaus Wirth, Prentice\-Hall, ISBN 0\-13\-022005\-1.
diff --git a/usr.sbin/named/xfer/Makefile b/usr.sbin/named/xfer/Makefile
index e55307e..ad55d38 100644
--- a/usr.sbin/named/xfer/Makefile
+++ b/usr.sbin/named/xfer/Makefile
@@ -10,7 +10,7 @@ BINDIR=	/usr/libexec
 MAN8= named-xfer.8
 
 
-VER	= LOCAL-`date +%y%m%d.%H%M%S`
+VER	= 4.9.3-BETA26-LOCAL
 
 version.c: ${.CURDIR}/../Version.c ${.CURDIR}/Makefile ${SRCS}
 	(LANG=; LC_TIME=; u=$${USER-root} d=`pwd |sed -e 's|/obj/|/src/|'` \