[rbldnsd] Announce: rbldnsd-0.99 released

[Michael Tokarev]

Version 0.99 of rbldnsd, a small auth-only DNS daemon for
DNS-based blocklists, has been released today.  It contains
important bugfix (see below), new autoconf-style configuration
system, and several small improvements.

Summary changes since 0.98:

  - bugfix: Fixed some IP address range parsing bug in ip4set.
    E.g., 24.217.64-191 did not work (and any range like this
    where last two bits where xored into 255).  Spotted by
    easynet.nl folks, thanks.  This bug occurs only when last 2
    numbers, when xored together, gives 255, like 124-131, 120-135,
    127-128, 65-190, 64-191, ...  The listing will never be matched,
    so bug does no harm (i.e. no extra, incorrect listings).
    There's a small perl script excerpts at the end of this email
    that contains workarounds for this problem.

  - autoconf-style configuration system.  Run `./configure'
    (without any options) before typing `make'.  Great thanks
    to Christian Krackowizer (ckrackowiz at std.schuler-ag.com)
    for testing this stuff on numerous platforms, and for his
    patience.  Please note this changes the build procedure
    (Debian and RPM packages has been updated).

  - feature: allow logging to standard output (-l - or -l +-).
    See manpage for details.  May be used when rbldnsd is running
    under DJB's supervise and multilog.  Idea by Klaus Alexander
    Seistrup @magnetic-ink.dk.

  - remove EasynetDynablock and relays.osirusoft.com conversion
    scripts: relays.osirusoft.com is gone, and Easynet now provides
    data in rbldnsd format.

Any feedback about new "autoconfiguration system" is more than
welcome.  I know it works perfectly on FreeBSD, Linux and Solaris
with GCC, and has been tested on several other platforms, mostly
with GCC too.

There's no need to upgrade from 0.98 unless you're using ip4set
with ranges like 1.2.3.4-5.  Easynet.nl data (dynablock.easynet.nl,
where the problem was first found) now has a workaround for the
parsing bug (see below), but this workaround may not be here
forever.

For all older versions (0.81 and up), here's a small patch to
correct the bug:

--- rbldnsd_ip4set.c    17 Aug 2003 12:29:25 -0000      1.31
+++ rbldnsd_ip4set.c    12 Sep 2003 23:58:11 -0000      1.32
@@ -121,7 +121,7 @@
   */
  #define ip4range_expand_octet(bits)                    \
    if ((a | 255u) >= b) {                               \
-    if ((a ^ b) == 255u)                               \
+    if (b - a == 255u)                                 \
        return fn((bits>>3)+1, a<<bits, 1);              \
      else                                               \
        return fn(bits>>3, a<<bits, b - a + 1);          \


This one-liner perl script will print all lines
encountered on input that may trigger the above bug,
together with a line number:

perl -e '
while(<>) {
   print "$. $_" if /^[0-9.!]+\.(\d+)-(\d+)\s/ && $1 && (($1+0)^($2+0))==255;
}
'

And here's how to convert data that may trigger the bug so it will be
parsed correctly by rbldnsd without the patch above:

perl -e '
while(<>) {
  if (/^([!0-9.]+\.)(\d+)-(\d+)(\s.*)/ && $2 && (($2+0)^($3+0))==255) {
    print "$1$2$4";
    print "$1".($2+1)."-$3$4";
  }
  else { print; }
}
'

The idea is to create two lines for "bad" ones, like:

80.2.120
80.2.121-135

for

80.2.120-135

/mjt