1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
INSTALLATION INSTRUCTIONS for GNU ADNS
1. Read the security note below.
2. Standard GNU package build process:
$ ./configure [--disable-dynamic] [--prefix=... ...]
$ make
# make install
Unfortunately, there is no comprehensive documentation yet. For now,
use the comments in the public header file adns.h, and for the C
programs their usage messages. If you find this information
ambiguous, incomplete or wrong, please report it as a bug.
TESTED PLATFORMS
The following platforms have been tested at at least some point and
should work - please report if they don't:
adns version OS
1.0 Linux glibc 2.1 (actually tested on Debian 2.2)
1.0 Solaris 2.6, 2.7, 2.8 [3]
1.0 FreeBSD 3.2, 4.0 (no poll(2), so no adnsresfilter)
The following work, but only with --disable-dynamic:
1.0 IRIX 6.5 *not* with GCC [1], [2]
1.0 AIX 4.1.5
1.0 HP-UX 10.20, 11.00
1.1 Darwin (kernel 7.5.1)
Later versions of the same OS should work too. Usually entries in
this table mean adns passes its own regression test, when compiled
with GCC, and appears to install and run correctly. If you have more
information for this table please let me know.
Notes/known problems:
[1] IRIX 6.5 inet_ntoa seems to break with GCC.
[2] The SGI IRIX compiler produces many spurious warnings.
[3] Dynamically linked, needs some help to find libadns.so.1.0.
The following platforms are known to be deficient and will not work:
Solaris 2.5 Lacks vsnprintf - install glibc ?
TruUnix64 (DEC UNIX 4.0f) Lacks vsnprintf - install glibc ?
Please don't report these problems unless you have a nice,
straightforward solution or workaround for them. (I don't consider
including a `vsnprintf' implementation nice, so don't send me one.)
PORTABILITY INFORMATION
You will find that adns requires a reasonably standard and up to date
system. Systems which are neither GNU nor UNIX are not supported.
The build system assumes by default that you have ELF shared
libraries, and that the directory in which libadns.so.1 will be
installed is on your dynamic library search path. If your system
doesn't have ELF shared libraries then dynamic linking is not
supported by adns. Use the --disable-shared configure option.
Please don't send me patches to use libtool (which I dislike).
Compilers other than GNU C should work, but are not well-tested. Feel
free to send me patches to improve the situation. However, the
Makefiles only know how to use GCC to make dynamic libraries.
The adnsresfilter utility uses `tsearch' from the C library (a la SVID
and X/Open). If you don't have tsearch configure will arrange for
adnsresfilter not to be built. To fix this, install a C library
containing tsearch, such as the GNU C library. It is best if tsearch
uses an automatically-balancing tree algorithm, like the glibc version
does. Simple binary trees may perform badly.
If you change the m4 input files in regress/ you may need GNU m4.
You will probably find that GNU Make is required.
Please do not report this as a bug; install GNU Make instead.
SECURITY AND PERFORMANCE - AN IMPORTANT NOTE
adns is not a `full-service resolver': it does no caching of responses
at all, and has no defence against bad nameservers or fake packets
which appear to come from your real nameservers. It relies on the
full-service resolvers listed in resolv.conf to handle these tasks.
For secure and reasonable operation you MUST run a full-service
nameserver on the same system as your adns applications, or on the
same local, fully trusted network. You MUST only list such
nameservers in the adns configuration (eg resolv.conf).
You MUST use a firewall or other means to block packets which appear
to come from these nameservers, but which were actually sent by other,
untrusted, entities.
Furthermore, adns is not DNSSEC-aware in this version; it doesn't
understand even how to ask a DNSSEC-aware nameserver to perform the
DNSSEC cryptographic signature checking.
COPYRIGHT
This file, INSTALL, contains installation instructions and other
details for adns. It is
Copyright (C) 1997-2000 Ian Jackson <ijackson@chiark.greenend.org.uk>
adns is
Copyright (C) 1997-2000,2003,2006,2014 Ian Jackson
Copyright (C) 2014 Mark Wooding
Copyright (C) 1999-2000,2003,2006 Tony Finch <dot@dotat.at> [1]
Copyright (C) 1991 Massachusetts Institute of Technology [2]
adns is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free
Software Foundation; either version 3 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with adns as the file COPYING; if not, email me at the address
above or write to the Free Software Foundation.
[1] Tony Finch holds the original copyright on client/adnslogres.c,
client/adnsheloex.c and client/fanftest.c, and some modifications
to those files.
[2] MIT hold the original copyright on the included install-sh,
which came via GNU autoconf.
# Local variables:
# mode: text
# End:
|
