Hi Rao, I noticed a few issues which in part seem to be a confusion or contamination from PSARC 2009/308 <http://sac.eng.sun.com/PSARC/2009/308> See in-line comments for details..
I'm looking forward to seeing this work completed. Regards, Stacey On 25/06/2009 23:01, Rao Shoaib wrote: > I am submitting this one pager on behalf of Ed Posnak > (ed.posnak at gmail.com) as Ed does not have SWAN access and could not > submit it. > > Rao. > ------------------------------------------------------------------------ > > Template Version: @(#)onepager.txt 1.31 07/08/08 SMI > > This information is Copyright 2009 Sun Microsystems > > 1. Introduction > 1.1. Project/Component Working Name: > BIND Update to ISC libbind-6.0 > Should be "Update libresolv to ISC libbind-6.0" > 1.2. Name of Document Author/Supplier: > Ed Posnak > > 1.3. Date of This Document: > 6/25/2009 > > 1.4. Name of Major Document Customer(s)/Consumer(s): > 1.4.1. The Community you expect to review your project: > Solaris PAC > > 1.4.2. The ARC(s) you expect to review your project: > PSARC > > 1.4.3. The Director/VP who is "Sponsoring" this project: > greg.lavender at sun.com > > 1.4.4. The name of your business unit: > Solaris Networking > > 1.5. Email Aliases: > 1.5.1. Responsible Manager: Victor.Nelson at sun.com > 1.5.2. Responsible Engineer: ed.posnak at gmail.com > 1.5.3. Marketing Manager: Jeff.McMeekin at Sun.COM > 1.5.4. Interest List: bind-iteam-ext at sun.com > > 2. Project Summary > 2.1. Project Description: > > Provide latest and most up-to-date version of Internet Systems > Consortium (ISC) BIND in Solaris Operating Environment. > > Customer requirements and bug reports have driven the need for an > updated > version of BIND. The above two paragraphs are not accurate, what this project does is: > The resolver library, libresolv2, is currently based on > a mixture of ISC versions from around 2001 and it is desired to upgrade > them to version 6.0, which was released in 2009. > > Sun has made several changes to the ISC code, many of which are not > incorporated into the latest ISC release, and thus must be applied to > the > new code. In the previous port, source code changes were liberally > applied and documentation was not kept up to date, making the task of > upgrading to a new ISC release unnecessarily complicated. > I don't believe the above paragraph is quite right. As I recall much of the Sun changes were incorporated by ISC while some have not. For example see 6485024 "Solaris res_ninit() undocumented short-circuit trips up other applications" > A goal of this project is to minimize the amount of effort required in > future upgrades by (1) getting the Solaris code as close to the ISC > code > as possible and (2) fully and accurately documenting the set of changes > that will need to be carried forward into future upgrades. This > involves > eliminating source code changes that are unncessary and finding ways to > accomplish the original goal without modifying the source code. > Documenting Sun's changes involves first enumerating all changes that > were made to ISC source code, then determining which changes have > already > been incorporated into ISC's code base, and of those that haven't, > identifying the ones that need to be applied and carried forward. We > will > continue to submit our changes to ISC so that they may be incorporated > into a future ISC release; others will need to be applied in future > ports. We are striving to make this set of changes as small as possible > and to document it well. > > Whereas it is a goal of this project to make the libresolv2 source tree > more closely resemble the ISC source tree, it is a requirement for the > new libresolv.so.2 to be binary compatible with the previous version. > Thus we will do as much as possible within the limits of binary > compatibility to minimize changes to the ISC code. > > The primary deliverables are: > 1. Source code that matches ISC code more closely and > 2. A complete, up-to-date list of changes that Sun must retain going > forward > > Other deliverables include: > 1. Strategy and assumptions documents > 2. Suite of unit tests targeting Sun's changes and general > functionality > 3. Test plan and test results documents > > 2.2. Risks and Assumptions: > > The risk of introducing defect is high because the changes that we are > applying were originally made to code that has evolved significantly > over > the course of several years. This risk is further increased by > workarounds that are necessary to meet the requirement for binary > compatibility. Moreover, we do not have any unit tests for libresolv2. > > To mitigate the risk of introducing defects we are developing a suite > of > unit tests consisting of two types: tests for each of the > Solaris-specific changes and general tests of the public interface. The > Solaris-specific tests will give us confidence that our changes work as > advertised, and the general tests will give us confidence that our > changes did not break anything in the ISC code. > > (For details see our Strategy and assumptions documents: > http://opensolaris.org/os/project/bind/BINDPortingStrategy-v0.5.doc > > http://opensolaris.org/os/project/bind/BINDPortingAssumptions-v0.3.doc ) > > > 2.3. Release Binding > > The Required release binding is Patch. Revenue Product Engineering > will > back-port to Solaris 10 and possibly older sustained gates if security > issues necessitate. > *"will"* might be a bit strong for libresolv, a *"may"* would be more accurate. > 3. Business Summary > 3.1. Problem Area: > Solaris includes libresolv2 for DNS services, and it's broadly used > across many customer types. > > The current libresolv2 is based on source code that is 8-9 years old. > > > Advancements in the DNSSEC protocol have provided new Resource Record > NSEC3 [RFC 5155] and associated protocol which unlike its predecessor > NSEC can not be used to effectivly discover the whole domain. > The above paragraph is not suited for this one-pager as libbind does not provide DNSSEC functionality. > 3.2. Market/Requester: > > Solaris customers broadly > > 3.3. Business Justification: > > The current version of libresolv2 in Solaris is woefully outdated and > is in-fact now deemed EOL by ISC. > > By being up-to-date with the ISC version Sun is better able to provide > ISC security fixes swiftly. Newer versions also contain other bug fixes > and enhancements that many customers value. > > 3.4. Competitive Analysis: > Most OS's are shipping latest ISC code. > > > 3.5. Opportunity Window/Exposure: > N/A. > > 3.6. How will you know when you are done?: > > The updated libresolv2 library has been code reviewed, any comments > have > been incorporated, and the updated version passes all unit tests. > > 4. Technical Description: > 4.1. Details: > > The first phase of this project will involve identifying the set of > existing changes to ISC code that were made by Sun. By comparing > libresolv to the ISC source code on which it was based, a list of > existing changes will be created and documented. Changes will be > categorized as to whether they are already implemented in ISC libbind, > not implemented, obsolete, or not wanted and whether they are inherent > to > Solaris or could be submitted to ISC for inclusion in a future release. > > (See http://opensolaris.org/os/project/bind/ > BINDExistingChangesLists-libresolv2-v0.4.doc) > > In the second phase, all changes in the "not implemented" category will > be applied to the new ISC libbind source code. If the change is not > inherent to Solaris it will be submitted to ISC for inclusion in a > future > release. Other changes may be necessary to accommodate the evolution in > the ISC code over several years. An up-to-date list of changes > implemented will be maintained. > > (See: > > http://opensolaris.org/os/project/bind/BINDInterfaceChangesImplemented.doc > http://cr.opensolaris.org/~posnake/libresolv2-v0.5/ > http://cr.opensolaris.org/~posnake/public-headers-v0.4/ ) > > The third phase involves development and running of unit tests. A > specific unit test will be developed for each change that Sun makes to > the ISC source code. Moreover, unit tests will be developed to test the > public interface of libresolv2. > > (See http://opensolaris.org/os/project/bind/ > stcnv-libresolv2-src-2009-06-25.tar.bz2 ) > > > 4.2. Bug/RFE Number(s): > > - 6811100 Provide BIND 9.6.0 > CR 6811100 is being used to update BIND in the SFW gate. The CR that this ARC request is for is: 6289479 libresolv2 should be cleaned up Some other open CR's may also be addressed. > 4.3. In Scope: > > Updating the libresolv2 library to the latest version of ISC > libbind. > > 4.4. Out of Scope: > > - 6626959 DNS resolver specifies EDNS0 UDP payload size of zero > 6626959 is a BIND issue, not libresolv. > - 6541618 nscd coredumps in libresolv.so.2`__ns_samename > - 6289479 libresolv2 should be cleaned up > - 6485024 Solaris res_ninit() undocumented short-circuit > trips up other applications > 6541618 and 6485024 would most likely be addressed by this project. > - 6790669 BIND should ship example configuration and zone > files. > ok. > - 6686630 nslookup dumps core under certain conditions: > mem.c:877: INSIST(ctx->stats[i].gets == 0U) failed. > - 6680248 nslookup causes DNS request flood with certain > /etc/resolv.conf > - 6635218 S10 nslookup set debug does not show the search > list in resolv.conf > - 4636386 nslookup return same code if site is found/not found > - 6218253 SUNWbindr's upgrade attempt fails > - 6822736 Provide BIND 9 Sun Cryptographic Accelerator support > - 6710052 Bind should be delivering also sun4v optimized > version by default > - 4761436 Customer requests in.named to be installed to > run as non-root user. > Some of the above *may* be addressed by PSARC 2009/308 <http://sac.eng.sun.com/PSARC/2009/308> > Integrate BIND 9 test suite into STC2. > Presume that should read "Integrate *libresolv* test suite into STC2". > 4.5. Interfaces: > > The API/ABI of libresolv2 will not be changed in an incompatible way. > > Additions will be made to the following public header files: > /usr/include/netdb.h > /usr/include/resolv.h > /usr/include/arpa/inet.h > /usr/include/arpa/nameser.h > > See http://cr.opensolaris.org/~posnake/public-headers-v0.4/ > > 4.6. Doc Impact: > > RESOLVER(3RESOLV) and its aliases: > res_ninit > res_ourserver_p > fp_resstat > res_hostalias > res_pquery > res_nquery > res_nsearch > res_nquerydomain > res_nmkquery > res_nsend > res_nupdate > res_nmkupdate > res_nclose > res_nsendsigned > res_findzonecut > res_getservers > res_setservers > res_ndestroy > dn_comp > dn_expand > hstrerror > res_init > res_isourserver > fp_nquery > p_query > fp_query > hostalias > res_query > res_search > res_querydomain > res_mkquery > res_send > res_update > res_close > herror > > TSIG(3RESOLV) and its aliases: > ns_sign > ns_sign_tcp > ns_sign_tcp_init > ns_verify > ns_verify_tcp > ns_verify_tcp_init > ns_find_tsig > > INET_CIDR(3RESOLV) and its aliases: > inet_cidr_ntop > inet_cidr_pton > > 4.7. Admin/Config Impact: None. > > 4.8. HA Impact: > None. > 4.9. I18N/L10N Impact: > None. > > 4.10. Packaging & Delivery: > The updated SUNWcslr package will be delivered to ON > > 4.11. Security Impact: > > NSEC3 supported. > None. > 4.12. Dependencies: > None. > > 5. Reference Documents: > http://opensolaris.org/os/project/bind/BINDPortingStrategy-v0.5.doc > http://opensolaris.org/os/project/bind/BINDPortingAssumptions-v0.3.doc > > http://opensolaris.org/os/project/bind/BINDExistingChangesLists-libresolv2-v0.4.doc > http://opensolaris.org/os/project/bind/BINDInterfaceChangesImplemented.doc > http://cr.opensolaris.org/~posnake/libresolv2-v0.5/ > http://cr.opensolaris.org/~posnake/public-headers-v0.4/ > > http://opensolaris.org/os/project/bind/stcnv-libresolv2-src-2009-06-25.tar.bz2 > > 6. Resources and Schedule: > 6.1. Projected Availability: > > July 2009 > > 6.2. Cost of Effort: > 6 weeks, one person engineering, including unit test development, > QA process and documentation. > > 6.4. Product Approval Committee requested information: > 6.4.1. Consolidation or Component Name: > ON > 6.4.7. Target RTI Date/Release: > July 2009 > 6.4.8. Target Code Design Review Date: > July 2009 > 6.5. ARC review type: FastTrack > > 6.6. ARC Exposure: open > 6.6.1. Rationale: Part of OpenSolaris > > 7. Prototype Availability: > 7.1. Prototype Availability: > N/A > 7.2. Prototype Cost: > N/A > >
