From: Jan Lentfer <lentferj@monster.lan.net>
Date: Thu, 21 Jan 2010 16:11:19 +0000 (+0100)
Subject: BIND: update vendor tree to 9.5.2-P2
X-Git-Tag: v2.7.1~229^2~68^2~1
X-Git-Url: https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff_plain/111837c479bfe8b7f0c04d50830860981c0f9b05

BIND: update vendor tree to 9.5.2-P2

	* This includes fixes for VU#418861 & VU#360341
---

diff --git a/contrib/bind/CHANGES b/contrib/bind/CHANGES
index 43e1648bdc..f89ca86c86 100644
--- a/contrib/bind/CHANGES
+++ b/contrib/bind/CHANGES
@@ -1,3 +1,15 @@
+	--- 9.5.2-P2 released ---
+
+2831.	[security]	Do not attempt to validate or cache
+			out-of-bailiwick data returned with a secure
+			answer; it must be re-fetched from its original
+			source and validated in that context. [RT #20819]
+
+2828.	[security]	Cached CNAME or DNAME RR could be returned to clients
+			without DNSSEC validation. [RT #20737]
+
+2827.	[security]	Bogus NXDOMAIN could be cached as if valid. [RT #20712]
+
 	--- 9.5.2-P1 released ---
 
 2772.	[security]	When validating, track whether pending data was from
diff --git a/contrib/bind/FAQ b/contrib/bind/FAQ
index 4df1d764ce..b256ed8b10 100644
--- a/contrib/bind/FAQ
+++ b/contrib/bind/FAQ
@@ -153,8 +153,8 @@ A: BIND 9.3 and later: Use TSIG to select the appropriate view.
 
    Master 10.0.1.1:
            key "external" {
-                   algorithm hmac-md5;
-                   secret "xxxxxxxx";
+                   algorithm hmac-sha256;
+                   secret "xxxxxxxxxxxxxxxxxxxxxxxx";
            };
            view "internal" {
                    match-clients { !key external; // reject message ment for the
@@ -174,8 +174,8 @@ A: BIND 9.3 and later: Use TSIG to select the appropriate view.
 
    Slave 10.0.1.2:
            key "external" {
-                   algorithm hmac-md5;
-                   secret "xxxxxxxx";
+                   algorithm hmac-sha256;
+                   secret "xxxxxxxxxxxxxxxxxxxxxxxx";
            };
            view "internal" {
                    match-clients { !key external; 10.0.1/24; };
@@ -225,13 +225,13 @@ A: You choose one view to be master and the second a slave and transfer
 
    Master 10.0.1.1:
            key "external" {
-                   algorithm hmac-md5;
-                   secret "xxxxxxxx";
+                   algorithm hmac-sha256;
+                   secret "xxxxxxxxxxxxxxxxxxxxxxxx";
            };
 
            key "mykey" {
-                   algorithm hmac-md5;
-                   secret "yyyyyyyy";
+                   algorithm hmac-sha256;
+                   secret "yyyyyyyyyyyyyyyyyyyyyyyy";
            };
 
            view "internal" {
@@ -244,7 +244,7 @@ A: You choose one view to be master and the second a slave and transfer
                            type master;
                            file "internal/example.db";
                            allow-update { key mykey; };
-                           notify-also { 10.0.1.1; };
+                           also-notify { 10.0.1.1; };
                    };
            };
 
@@ -254,7 +254,7 @@ A: You choose one view to be master and the second a slave and transfer
                            type slave;
                            file "external/example.db";
                            masters { 10.0.1.1; };
-                           transfer-source { 10.0.1.1; };
+                           transfer-source 10.0.1.1;
                            // allow-update-forwarding { any; };
                            // allow-notify { ... };
                    };
diff --git a/contrib/bind/README.DRAGONFLY b/contrib/bind/README.DRAGONFLY
index 8b4718e75f..78e1c95f0e 100644
--- a/contrib/bind/README.DRAGONFLY
+++ b/contrib/bind/README.DRAGONFLY
@@ -9,8 +9,8 @@
 
 	https://www.isc.org/downloadables/11
 
-    MD5  (bind-9.5.2-P1.tar.gz) = e3c691aa8d6b1a7ad4691fbb49f3cc58
-    SHA1 (bind-9.5.2-P1.tar.gz) = 532d448554601cec13a645df812638d46fd41743
+    MD5  (bind-9.5.2-P2.tar.gz) = 67f228a9083de7509dacd87256060afb
+    SHA1 (bind-9.5.2-P2.tar.gz) = ffa6df6752976e6bdd05508c5cc5131ef9a097f1
 
     DO NOT CREATE ANY FILES IN THIS DIRECTORY HIERARCHY!  THIS HIERARCHY
     REPRESENTS AN EXACT COPY, MINUS UNNEEDED OF THE ORIGINAL ARCHIVE.
diff --git a/contrib/bind/bin/named/query.c b/contrib/bind/bin/named/query.c
index 9565eb6a0a..ebba4d4e5b 100644
--- a/contrib/bind/bin/named/query.c
+++ b/contrib/bind/bin/named/query.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: query.c,v 1.298.48.15.2.1 2009/11/18 23:41:17 marka Exp $ */
+/* $Id: query.c,v 1.298.48.15.2.4 2009/12/31 22:52:47 each Exp $ */
 
 /*! \file */
 
@@ -1143,7 +1143,8 @@ query_addadditional(void *arg, dns_name_t *name, dns_rdatatype_t qtype) {
 			goto cleanup;
 	}
 	result = dns_db_find(db, name, version, type,
-			     client->query.dboptions | DNS_DBFIND_GLUEOK,
+			     client->query.dboptions |
+			     DNS_DBFIND_GLUEOK | DNS_DBFIND_ADDITIONALOK,
 			     client->now, &node, fname, rdataset,
 			     sigrdataset);
 	if (result == DNS_R_GLUE &&
@@ -1628,7 +1629,8 @@ query_addadditional2(void *arg, dns_name_t *name, dns_rdatatype_t qtype) {
 		goto try_glue;
 
 	result = dns_db_find(db, name, version, type,
-			     client->query.dboptions | DNS_DBFIND_GLUEOK,
+			     client->query.dboptions |
+			     DNS_DBFIND_GLUEOK | DNS_DBFIND_ADDITIONALOK,
 			     client->now, &node, fname, NULL, NULL);
 	if (result == ISC_R_SUCCESS)
 		goto found;
@@ -3389,8 +3391,6 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
 	dns_rdataset_t *noqname;
 	isc_boolean_t resuming;
 	int line = -1;
-	dns_rdataset_t tmprdataset;
-	unsigned int dboptions;
 
 	CTRACE("query_find");
 
@@ -3607,49 +3607,9 @@ query_find(ns_client_t *client, dns_fetchevent_t *event, dns_rdatatype_t qtype)
 	/*
 	 * Now look for an answer in the database.
 	 */
-	dboptions = client->query.dboptions;
-	if (sigrdataset == NULL && client->view->enablednssec) {
-		/*
-		 * If the client doesn't want DNSSEC we still want to
-		 * look for any data pending validation to save a remote
-		 * lookup if possible.
-		 */
-		dns_rdataset_init(&tmprdataset);
-		sigrdataset = &tmprdataset;
-		dboptions |= DNS_DBFIND_PENDINGOK;
-	}
- refind:
 	result = dns_db_find(db, client->query.qname, version, type,
-			     dboptions, client->now, &node, fname,
-			     rdataset, sigrdataset);
-	/*
-	 * If we have found pending data try to validate it.
-	 * If the data does not validate as secure and we can't
-	 * use the unvalidated data requery the database with
-	 * pending disabled to prevent infinite looping.
-	 */
-	if (result != ISC_R_SUCCESS || !DNS_TRUST_PENDING(rdataset->trust))
-		goto validation_done;
-	if (validate(client, db, fname, rdataset, sigrdataset))
-		goto validation_done;
-	if (rdataset->trust != dns_trust_pending_answer ||
-	    !PENDINGOK(client->query.dboptions)) {
-		dns_rdataset_disassociate(rdataset);
-		if (sigrdataset != NULL &&
-		    dns_rdataset_isassociated(sigrdataset))
-			dns_rdataset_disassociate(sigrdataset);
-		if (sigrdataset == &tmprdataset)
-			sigrdataset = NULL;
-		dns_db_detachnode(db, &node);
-		dboptions &= ~DNS_DBFIND_PENDINGOK;
-		goto refind;
-	}
- validation_done:
-	if (sigrdataset == &tmprdataset) {
-		if (dns_rdataset_isassociated(sigrdataset))
-			dns_rdataset_disassociate(sigrdataset);
-		sigrdataset = NULL;
-	}
+			     client->query.dboptions, client->now,
+			     &node, fname, rdataset, sigrdataset);
 
  resume:
 	CTRACE("query_find: resume");
diff --git a/contrib/bind/lib/dns/include/dns/db.h b/contrib/bind/lib/dns/include/dns/db.h
index 32fa836b5f..72322bb25d 100644
--- a/contrib/bind/lib/dns/include/dns/db.h
+++ b/contrib/bind/lib/dns/include/dns/db.h
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: db.h,v 1.89.128.5 2009/01/19 00:01:11 marka Exp $ */
+/* $Id: db.h,v 1.89.128.5.2.1 2009/12/31 21:45:53 each Exp $ */
 
 #ifndef DNS_DB_H
 #define DNS_DB_H 1
@@ -187,13 +187,14 @@ struct dns_db {
 /*%
  * Options that can be specified for dns_db_find().
  */
-#define DNS_DBFIND_GLUEOK		0x01
-#define DNS_DBFIND_VALIDATEGLUE		0x02
-#define DNS_DBFIND_NOWILD		0x04
-#define DNS_DBFIND_PENDINGOK		0x08
-#define DNS_DBFIND_NOEXACT		0x10
-#define DNS_DBFIND_FORCENSEC		0x20
-#define DNS_DBFIND_COVERINGNSEC		0x40
+#define DNS_DBFIND_GLUEOK		0x0001
+#define DNS_DBFIND_VALIDATEGLUE		0x0002
+#define DNS_DBFIND_NOWILD		0x0004
+#define DNS_DBFIND_PENDINGOK		0x0008
+#define DNS_DBFIND_NOEXACT		0x0010
+#define DNS_DBFIND_FORCENSEC		0x0020
+#define DNS_DBFIND_COVERINGNSEC		0x0040
+#define DNS_DBFIND_ADDITIONALOK		0x0100
 /*@}*/
 
 /*@{*/
diff --git a/contrib/bind/lib/dns/include/dns/types.h b/contrib/bind/lib/dns/include/dns/types.h
index 4d873e48d4..d2c530c449 100644
--- a/contrib/bind/lib/dns/include/dns/types.h
+++ b/contrib/bind/lib/dns/include/dns/types.h
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: types.h,v 1.126.62.6.2.1 2009/11/18 23:41:18 marka Exp $ */
+/* $Id: types.h,v 1.126.62.6.2.2 2009/12/31 21:02:45 each Exp $ */
 
 #ifndef DNS_TYPES_H
 #define DNS_TYPES_H 1
@@ -296,6 +296,8 @@ enum {
 
 #define DNS_TRUST_PENDING(x)		((x) == dns_trust_pending_answer || \
 					 (x) == dns_trust_pending_additional)
+#define DNS_TRUST_ADDITIONAL(x)		((x) == dns_trust_additional || \
+					 (x) == dns_trust_pending_additional)
 #define DNS_TRUST_GLUE(x)		((x) == dns_trust_glue)
 
 
diff --git a/contrib/bind/lib/dns/rbtdb.c b/contrib/bind/lib/dns/rbtdb.c
index 293288636c..91ced3ec81 100644
--- a/contrib/bind/lib/dns/rbtdb.c
+++ b/contrib/bind/lib/dns/rbtdb.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: rbtdb.c,v 1.248.12.18.2.1 2009/11/18 23:41:18 marka Exp $ */
+/* $Id: rbtdb.c,v 1.248.12.18.2.2 2009/12/31 21:45:53 each Exp $ */
 
 /*! \file */
 
@@ -4106,6 +4106,8 @@ cache_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
 	 * If we didn't find what we were looking for...
 	 */
 	if (found == NULL ||
+	    (DNS_TRUST_ADDITIONAL(found->trust) &&
+	     ((options & DNS_DBFIND_ADDITIONALOK) == 0)) ||
 	    (found->trust == dns_trust_glue &&
 	     ((options & DNS_DBFIND_GLUEOK) == 0)) ||
 	    (DNS_TRUST_PENDING(found->trust) &&
diff --git a/contrib/bind/lib/dns/resolver.c b/contrib/bind/lib/dns/resolver.c
index 22142f0a2b..82fbafb281 100644
--- a/contrib/bind/lib/dns/resolver.c
+++ b/contrib/bind/lib/dns/resolver.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: resolver.c,v 1.355.12.44.2.1 2009/11/18 23:41:18 marka Exp $ */
+/* $Id: resolver.c,v 1.355.12.44.2.2 2010/01/07 17:19:22 each Exp $ */
 
 /*! \file */
 
@@ -4239,11 +4239,19 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_adbaddrinfo_t *addrinfo,
 			rdataset->ttl = res->view->maxcachettl;
 
 		/*
-		 * If this rrset is in a secure domain, do DNSSEC validation
-		 * for it, unless it is glue.
+		 * If this RRset is in a secure domain, is in bailiwick,
+		 * and is not glue, attempt DNSSEC validation.	(We do not
+		 * attempt to validate glue or out-of-bailiwick data--even
+		 * though there might be some performance benefit to doing
+		 * so--because it makes it simpler and safer to ensure that
+		 * records from a secure domain are only cached if validated
+		 * within the context of a query to the domain that owns
+		 * them.)
 		 */
-		if (secure_domain && rdataset->trust != dns_trust_glue) {
+		if (secure_domain && rdataset->trust != dns_trust_glue &&
+		    !EXTERNAL(rdataset)) {
 			dns_trust_t trust;
+
 			/*
 			 * RRSIGs are validated as part of validating the
 			 * type they cover.
@@ -4280,22 +4288,6 @@ cache_name(fetchctx_t *fctx, dns_name_t *name, dns_adbaddrinfo_t *addrinfo,
 			}
 
 			/*
-			 * Reject out of bailiwick additional records
-			 * without RRSIGs as they can't possibly validate
-			 * as "secure" and as we will never never want to
-			 * store these as "answers" after validation.
-			 */
-			if (rdataset->trust == dns_trust_additional &&
-			    sigrdataset == NULL && EXTERNAL(rdataset))
-				continue;
-				
-			/*
-                         * XXXMPA: If we store as "answer" after validating
-                         * then we need to do bailiwick processing and
-                         * also need to track whether RRsets are in or
-                         * out of bailiwick.  This will require a another 
-                         * pending trust level.
-                         *
 			 * Cache this rdataset/sigrdataset pair as
 			 * pending data.  Track whether it was additional
 			 * or not.
@@ -5404,9 +5396,7 @@ answer_response(fetchctx_t *fctx) {
 						/*
 						 * This data is outside of
 						 * our query domain, and
-						 * may only be cached if it
-						 * comes from a secure zone
-						 * and validates.
+						 * may not be cached.
 						 */
 						rdataset->attributes |=
 						    DNS_RDATASETATTR_EXTERNAL;
diff --git a/contrib/bind/lib/dns/validator.c b/contrib/bind/lib/dns/validator.c
index a0b66bea6e..937da6688f 100644
--- a/contrib/bind/lib/dns/validator.c
+++ b/contrib/bind/lib/dns/validator.c
@@ -15,7 +15,7 @@
  * PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $Id: validator.c,v 1.155.52.14.2.1 2009/11/18 23:41:18 marka Exp $ */
+/* $Id: validator.c,v 1.155.52.14.2.2 2009/12/31 21:02:44 each Exp $ */
 
 #include <config.h>
 
@@ -2597,20 +2597,20 @@ proveunsecure(dns_validator_t *val, isc_boolean_t have_ds, isc_boolean_t resume)
 	if (val->havedlvsep)
 		dns_name_copy(dns_fixedname_name(&val->dlvsep), secroot, NULL);
 	else {
+		unsigned int labels;
 		dns_name_copy(val->event->name, secroot, NULL);
 		/*
 		 * If this is a response to a DS query, we need to look in
 		 * the parent zone for the trust anchor.
 		 */
-		if (val->event->type == dns_rdatatype_ds &&
-		    dns_name_countlabels(secroot) > 1U)
-			dns_name_split(secroot, 1, NULL, secroot);
+
+		labels = dns_name_countlabels(secroot);
+		if (val->event->type == dns_rdatatype_ds && labels > 1U)
+			dns_name_getlabelsequence(secroot, 1, labels - 1,
+						  secroot);
 		result = dns_keytable_finddeepestmatch(val->keytable,
 						       secroot, secroot);
-
 		if (result == ISC_R_NOTFOUND) {
-			validator_log(val, ISC_LOG_DEBUG(3),
-				      "not beneath secure root");
 			if (val->mustbesecure) {
 				validator_log(val, ISC_LOG_WARNING,
 					      "must be secure failure");
diff --git a/contrib/bind/lib/lwres/man/lwres.html b/contrib/bind/lib/lwres/man/lwres.html
index ddad8611fd..a0dbd4df9e 100644
--- a/contrib/bind/lib/lwres/man/lwres.html
+++ b/contrib/bind/lib/lwres/man/lwres.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres.html,v 1.23.214.1 2009/07/11 01:43:30 tbox Exp $ -->
+<!-- $Id: lwres.html,v 1.23.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres &#8212; introduction to the lightweight resolver library</p>
@@ -32,7 +32,7 @@
 <div class="funcsynopsis"><pre class="funcsynopsisinfo">#include &lt;lwres/lwres.h&gt;</pre></div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543348"></a><h2>DESCRIPTION</h2>
+<a name="id2543346"></a><h2>DESCRIPTION</h2>
 <p>
       The BIND 9 lightweight resolver library is a simple, name service
       independent stub resolver library.  It provides hostname-to-address
@@ -47,7 +47,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543361"></a><h2>OVERVIEW</h2>
+<a name="id2543358"></a><h2>OVERVIEW</h2>
 <p>
       The lwresd library implements multiple name service APIs.
       The standard
@@ -101,7 +101,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543425"></a><h2>CLIENT-SIDE LOW-LEVEL API CALL FLOW</h2>
+<a name="id2543422"></a><h2>CLIENT-SIDE LOW-LEVEL API CALL FLOW</h2>
 <p>
       When a client program wishes to make an lwres request using the
       native low-level API, it typically performs the following
@@ -149,7 +149,7 @@
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543573"></a><h2>SERVER-SIDE LOW-LEVEL API CALL FLOW</h2>
+<a name="id2543571"></a><h2>SERVER-SIDE LOW-LEVEL API CALL FLOW</h2>
 <p>
       When implementing the server side of the lightweight resolver
       protocol using the lwres library, a sequence of actions like the
@@ -191,7 +191,7 @@
 <p></p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543656"></a><h2>SEE ALSO</h2>
+<a name="id2543654"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">lwres_gethostent</span>(3)</span>,
 
       <span class="citerefentry"><span class="refentrytitle">lwres_getipnode</span>(3)</span>,
diff --git a/contrib/bind/lib/lwres/man/lwres_buffer.html b/contrib/bind/lib/lwres/man/lwres_buffer.html
index 8cf21d7cb3..e3ba368de2 100644
--- a/contrib/bind/lib/lwres/man/lwres_buffer.html
+++ b/contrib/bind/lib/lwres/man/lwres_buffer.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_buffer.html,v 1.21.214.1 2009/07/11 01:43:31 tbox Exp $ -->
+<!-- $Id: lwres_buffer.html,v 1.21.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_buffer_init, lwres_buffer_invalidate, lwres_buffer_add, lwres_buffer_subtract, lwres_buffer_clear, lwres_buffer_first, lwres_buffer_forward, lwres_buffer_back, lwres_buffer_getuint8, lwres_buffer_putuint8, lwres_buffer_getuint16, lwres_buffer_putuint16, lwres_buffer_getuint32, lwres_buffer_putuint32, lwres_buffer_putmem, lwres_buffer_getmem &#8212; lightweight resolver buffer management</p>
@@ -262,7 +262,7 @@ void
 </div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543892"></a><h2>DESCRIPTION</h2>
+<a name="id2543890"></a><h2>DESCRIPTION</h2>
 <p>
       These functions provide bounds checked access to a region of memory
       where data is being read or written.
diff --git a/contrib/bind/lib/lwres/man/lwres_config.html b/contrib/bind/lib/lwres/man/lwres_config.html
index 26c2ead52e..7227e520a7 100644
--- a/contrib/bind/lib/lwres/man/lwres_config.html
+++ b/contrib/bind/lib/lwres/man/lwres_config.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_config.html,v 1.22.214.1 2009/07/11 01:43:31 tbox Exp $ -->
+<!-- $Id: lwres_config.html,v 1.22.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_conf_init, lwres_conf_clear, lwres_conf_parse, lwres_conf_print, lwres_conf_get &#8212; lightweight resolver configuration</p>
@@ -90,7 +90,7 @@ lwres_conf_t *
 </div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543441"></a><h2>DESCRIPTION</h2>
+<a name="id2543438"></a><h2>DESCRIPTION</h2>
 <p><code class="function">lwres_conf_init()</code>
       creates an empty
       <span class="type">lwres_conf_t</span>
@@ -123,7 +123,7 @@ lwres_conf_t *
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543508"></a><h2>RETURN VALUES</h2>
+<a name="id2543506"></a><h2>RETURN VALUES</h2>
 <p><code class="function">lwres_conf_parse()</code>
       returns <span class="errorcode">LWRES_R_SUCCESS</span>
       if it successfully read and parsed
@@ -142,13 +142,13 @@ lwres_conf_t *
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543545"></a><h2>SEE ALSO</h2>
+<a name="id2543543"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">stdio</span>(3)</span>,
       <span class="citerefentry"><span class="refentrytitle">resolver</span>(5)</span>.
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543571"></a><h2>FILES</h2>
+<a name="id2543569"></a><h2>FILES</h2>
 <p><code class="filename">/etc/resolv.conf</code>
     </p>
 </div>
diff --git a/contrib/bind/lib/lwres/man/lwres_context.html b/contrib/bind/lib/lwres/man/lwres_context.html
index 0797e817da..56de874132 100644
--- a/contrib/bind/lib/lwres/man/lwres_context.html
+++ b/contrib/bind/lib/lwres/man/lwres_context.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_context.html,v 1.23.214.1 2009/07/11 01:43:31 tbox Exp $ -->
+<!-- $Id: lwres_context.html,v 1.23.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_context_create, lwres_context_destroy, lwres_context_nextserial, lwres_context_initserial, lwres_context_freemem, lwres_context_allocmem, lwres_context_sendrecv &#8212; lightweight resolver context management</p>
@@ -172,7 +172,7 @@ void *
 </div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543531"></a><h2>DESCRIPTION</h2>
+<a name="id2543529"></a><h2>DESCRIPTION</h2>
 <p><code class="function">lwres_context_create()</code>
       creates a <span class="type">lwres_context_t</span> structure for use in
       lightweight resolver operations.  It holds a socket and other
@@ -258,7 +258,7 @@ void *
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543719"></a><h2>RETURN VALUES</h2>
+<a name="id2543717"></a><h2>RETURN VALUES</h2>
 <p><code class="function">lwres_context_create()</code>
       returns <span class="errorcode">LWRES_R_NOMEMORY</span> if memory for
       the <span class="type">struct lwres_context</span> could not be allocated,
@@ -283,7 +283,7 @@ void *
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543769"></a><h2>SEE ALSO</h2>
+<a name="id2543767"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">lwres_conf_init</span>(3)</span>,
 
       <span class="citerefentry"><span class="refentrytitle">malloc</span>(3)</span>,
diff --git a/contrib/bind/lib/lwres/man/lwres_gabn.html b/contrib/bind/lib/lwres/man/lwres_gabn.html
index b12e6de943..e51230c6ed 100644
--- a/contrib/bind/lib/lwres/man/lwres_gabn.html
+++ b/contrib/bind/lib/lwres/man/lwres_gabn.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_gabn.html,v 1.24.214.1 2009/07/11 01:43:31 tbox Exp $ -->
+<!-- $Id: lwres_gabn.html,v 1.24.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_gabnrequest_render, lwres_gabnresponse_render, lwres_gabnrequest_parse, lwres_gabnresponse_parse, lwres_gabnresponse_free, lwres_gabnrequest_free &#8212; lightweight resolver getaddrbyname message handling</p>
@@ -178,7 +178,7 @@ void
 </div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543522"></a><h2>DESCRIPTION</h2>
+<a name="id2543520"></a><h2>DESCRIPTION</h2>
 <p>
       These are low-level routines for creating and parsing
       lightweight resolver name-to-address lookup request and
@@ -278,7 +278,7 @@ typedef struct {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543667"></a><h2>RETURN VALUES</h2>
+<a name="id2543665"></a><h2>RETURN VALUES</h2>
 <p>
       The getaddrbyname opcode functions
       <code class="function">lwres_gabnrequest_render()</code>,
@@ -316,7 +316,7 @@ typedef struct {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543733"></a><h2>SEE ALSO</h2>
+<a name="id2543731"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span>
     </p>
 </div>
diff --git a/contrib/bind/lib/lwres/man/lwres_gai_strerror.html b/contrib/bind/lib/lwres/man/lwres_gai_strerror.html
index 2370962418..530208cd33 100644
--- a/contrib/bind/lib/lwres/man/lwres_gai_strerror.html
+++ b/contrib/bind/lib/lwres/man/lwres_gai_strerror.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_gai_strerror.html,v 1.24.214.1 2009/07/11 01:43:31 tbox Exp $ -->
+<!-- $Id: lwres_gai_strerror.html,v 1.24.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_gai_strerror &#8212; print suitable error string</p>
@@ -42,7 +42,7 @@ char *
 </div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543361"></a><h2>DESCRIPTION</h2>
+<a name="id2543358"></a><h2>DESCRIPTION</h2>
 <p><code class="function">lwres_gai_strerror()</code>
       returns an error message corresponding to an error code returned by
       <code class="function">getaddrinfo()</code>.
@@ -110,7 +110,7 @@ char *
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543576"></a><h2>SEE ALSO</h2>
+<a name="id2543574"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">strerror</span>(3)</span>,
 
       <span class="citerefentry"><span class="refentrytitle">lwres_getaddrinfo</span>(3)</span>,
diff --git a/contrib/bind/lib/lwres/man/lwres_getaddrinfo.html b/contrib/bind/lib/lwres/man/lwres_getaddrinfo.html
index 652bc6b7ad..cc57aa726e 100644
--- a/contrib/bind/lib/lwres/man/lwres_getaddrinfo.html
+++ b/contrib/bind/lib/lwres/man/lwres_getaddrinfo.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_getaddrinfo.html,v 1.27.214.1 2009/07/11 01:43:31 tbox Exp $ -->
+<!-- $Id: lwres_getaddrinfo.html,v 1.27.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_getaddrinfo, lwres_freeaddrinfo &#8212; socket address structure to host and service name</p>
@@ -89,7 +89,7 @@ struct  addrinfo {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543412"></a><h2>DESCRIPTION</h2>
+<a name="id2543410"></a><h2>DESCRIPTION</h2>
 <p><code class="function">lwres_getaddrinfo()</code>
       is used to get a list of IP addresses and port numbers for host
       <em class="parameter"><code>hostname</code></em> and service
@@ -283,7 +283,7 @@ struct  addrinfo {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543789"></a><h2>RETURN VALUES</h2>
+<a name="id2543787"></a><h2>RETURN VALUES</h2>
 <p><code class="function">lwres_getaddrinfo()</code>
       returns zero on success or one of the error codes listed in
       <span class="citerefentry"><span class="refentrytitle">gai_strerror</span>(3)</span>
@@ -294,7 +294,7 @@ struct  addrinfo {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543827"></a><h2>SEE ALSO</h2>
+<a name="id2542118"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
 
       <span class="citerefentry"><span class="refentrytitle">lwres_getaddrinfo</span>(3)</span>,
diff --git a/contrib/bind/lib/lwres/man/lwres_gethostent.html b/contrib/bind/lib/lwres/man/lwres_gethostent.html
index ff600f4c34..6997221ebb 100644
--- a/contrib/bind/lib/lwres/man/lwres_gethostent.html
+++ b/contrib/bind/lib/lwres/man/lwres_gethostent.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_gethostent.html,v 1.24.214.1 2009/07/11 01:43:34 tbox Exp $ -->
+<!-- $Id: lwres_gethostent.html,v 1.24.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_gethostbyname, lwres_gethostbyname2, lwres_gethostbyaddr, lwres_gethostent, lwres_sethostent, lwres_endhostent, lwres_gethostbyname_r, lwres_gethostbyaddr_r, lwres_gethostent_r, lwres_sethostent_r, lwres_endhostent_r &#8212; lightweight resolver get network host entry</p>
@@ -228,7 +228,7 @@ void
 </div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543608"></a><h2>DESCRIPTION</h2>
+<a name="id2543606"></a><h2>DESCRIPTION</h2>
 <p>
       These functions provide hostname-to-address and
       address-to-hostname lookups by means of the lightweight resolver.
@@ -366,7 +366,7 @@ struct  hostent {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543959"></a><h2>RETURN VALUES</h2>
+<a name="id2543957"></a><h2>RETURN VALUES</h2>
 <p>
       The functions
       <code class="function">lwres_gethostbyname()</code>,
@@ -430,7 +430,7 @@ struct  hostent {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2544193"></a><h2>SEE ALSO</h2>
+<a name="id2544190"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">gethostent</span>(3)</span>,
 
       <span class="citerefentry"><span class="refentrytitle">lwres_getipnode</span>(3)</span>,
@@ -439,7 +439,7 @@ struct  hostent {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2544227"></a><h2>BUGS</h2>
+<a name="id2544225"></a><h2>BUGS</h2>
 <p><code class="function">lwres_gethostbyname()</code>,
       <code class="function">lwres_gethostbyname2()</code>,
       <code class="function">lwres_gethostbyaddr()</code>
diff --git a/contrib/bind/lib/lwres/man/lwres_getipnode.html b/contrib/bind/lib/lwres/man/lwres_getipnode.html
index b042795cec..1a4bae1a1a 100644
--- a/contrib/bind/lib/lwres/man/lwres_getipnode.html
+++ b/contrib/bind/lib/lwres/man/lwres_getipnode.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_getipnode.html,v 1.25.214.1 2009/07/11 01:43:34 tbox Exp $ -->
+<!-- $Id: lwres_getipnode.html,v 1.25.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_getipnodebyname, lwres_getipnodebyaddr, lwres_freehostent &#8212; lightweight resolver nodename / address translation API</p>
@@ -98,7 +98,7 @@ void
 </div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543431"></a><h2>DESCRIPTION</h2>
+<a name="id2543429"></a><h2>DESCRIPTION</h2>
 <p>
       These functions perform thread safe, protocol independent
       nodename-to-address and address-to-nodename
@@ -217,7 +217,7 @@ struct  hostent {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543689"></a><h2>RETURN VALUES</h2>
+<a name="id2543687"></a><h2>RETURN VALUES</h2>
 <p>
       If an error occurs,
       <code class="function">lwres_getipnodebyname()</code>
@@ -261,7 +261,7 @@ struct  hostent {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543786"></a><h2>SEE ALSO</h2>
+<a name="id2543784"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">RFC2553</span></span>,
 
       <span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
diff --git a/contrib/bind/lib/lwres/man/lwres_getnameinfo.html b/contrib/bind/lib/lwres/man/lwres_getnameinfo.html
index a564721086..a35f070651 100644
--- a/contrib/bind/lib/lwres/man/lwres_getnameinfo.html
+++ b/contrib/bind/lib/lwres/man/lwres_getnameinfo.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_getnameinfo.html,v 1.23.214.1 2009/07/11 01:43:34 tbox Exp $ -->
+<!-- $Id: lwres_getnameinfo.html,v 1.23.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_getnameinfo &#8212; lightweight resolver socket address structure to hostname and
@@ -82,7 +82,7 @@ int
 </div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543393"></a><h2>DESCRIPTION</h2>
+<a name="id2543390"></a><h2>DESCRIPTION</h2>
 <p>
        This function is equivalent to the
       <span class="citerefentry"><span class="refentrytitle">getnameinfo</span>(3)</span> function defined in RFC2133.
@@ -149,13 +149,13 @@ int
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543534"></a><h2>RETURN VALUES</h2>
+<a name="id2543532"></a><h2>RETURN VALUES</h2>
 <p><code class="function">lwres_getnameinfo()</code>
       returns 0 on success or a non-zero error code if an error occurs.
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543546"></a><h2>SEE ALSO</h2>
+<a name="id2543544"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">RFC2133</span></span>,
       <span class="citerefentry"><span class="refentrytitle">getservbyport</span>(3)</span>,
       <span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>,
@@ -165,7 +165,7 @@ int
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543604"></a><h2>BUGS</h2>
+<a name="id2543602"></a><h2>BUGS</h2>
 <p>
       RFC2133 fails to define what the nonzero return values of
       <span class="citerefentry"><span class="refentrytitle">getnameinfo</span>(3)</span>
diff --git a/contrib/bind/lib/lwres/man/lwres_getrrsetbyname.html b/contrib/bind/lib/lwres/man/lwres_getrrsetbyname.html
index 21f6634ac1..80ef4ce3d7 100644
--- a/contrib/bind/lib/lwres/man/lwres_getrrsetbyname.html
+++ b/contrib/bind/lib/lwres/man/lwres_getrrsetbyname.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_getrrsetbyname.html,v 1.23.214.1 2009/07/11 01:43:34 tbox Exp $ -->
+<!-- $Id: lwres_getrrsetbyname.html,v 1.23.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_getrrsetbyname, lwres_freerrset &#8212; retrieve DNS records</p>
@@ -102,7 +102,7 @@ struct  rrsetinfo {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543414"></a><h2>DESCRIPTION</h2>
+<a name="id2543412"></a><h2>DESCRIPTION</h2>
 <p><code class="function">lwres_getrrsetbyname()</code>
       gets a set of resource records associated with a
       <em class="parameter"><code>hostname</code></em>, <em class="parameter"><code>class</code></em>,
@@ -150,7 +150,7 @@ struct  rrsetinfo {
 <p></p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543526"></a><h2>RETURN VALUES</h2>
+<a name="id2543524"></a><h2>RETURN VALUES</h2>
 <p><code class="function">lwres_getrrsetbyname()</code>
       returns zero on success, and one of the following error codes if
       an error occurred:
@@ -184,7 +184,7 @@ struct  rrsetinfo {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543626"></a><h2>SEE ALSO</h2>
+<a name="id2543624"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">lwres</span>(3)</span>.
     </p>
 </div>
diff --git a/contrib/bind/lib/lwres/man/lwres_gnba.html b/contrib/bind/lib/lwres/man/lwres_gnba.html
index 45e5ac31c3..ca72249ced 100644
--- a/contrib/bind/lib/lwres/man/lwres_gnba.html
+++ b/contrib/bind/lib/lwres/man/lwres_gnba.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_gnba.html,v 1.24.214.1 2009/07/11 01:43:34 tbox Exp $ -->
+<!-- $Id: lwres_gnba.html,v 1.24.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_gnbarequest_render, lwres_gnbaresponse_render, lwres_gnbarequest_parse, lwres_gnbaresponse_parse, lwres_gnbaresponse_free, lwres_gnbarequest_free &#8212; lightweight resolver getnamebyaddress message handling</p>
@@ -183,7 +183,7 @@ void
 </div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543525"></a><h2>DESCRIPTION</h2>
+<a name="id2543523"></a><h2>DESCRIPTION</h2>
 <p>
       These are low-level routines for creating and parsing
       lightweight resolver address-to-name lookup request and
@@ -270,7 +270,7 @@ typedef struct {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543665"></a><h2>RETURN VALUES</h2>
+<a name="id2543662"></a><h2>RETURN VALUES</h2>
 <p>
       The getnamebyaddr opcode functions
       <code class="function">lwres_gnbarequest_render()</code>,
@@ -308,7 +308,7 @@ typedef struct {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543731"></a><h2>SEE ALSO</h2>
+<a name="id2543729"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span>.
     </p>
 </div>
diff --git a/contrib/bind/lib/lwres/man/lwres_hstrerror.html b/contrib/bind/lib/lwres/man/lwres_hstrerror.html
index 54ac6cc034..17c5cb5bd2 100644
--- a/contrib/bind/lib/lwres/man/lwres_hstrerror.html
+++ b/contrib/bind/lib/lwres/man/lwres_hstrerror.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_hstrerror.html,v 1.23.214.1 2009/07/11 01:43:34 tbox Exp $ -->
+<!-- $Id: lwres_hstrerror.html,v 1.23.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_herror, lwres_hstrerror &#8212; lightweight resolver error message generation</p>
@@ -50,7 +50,7 @@ const char *
 </div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543379"></a><h2>DESCRIPTION</h2>
+<a name="id2543377"></a><h2>DESCRIPTION</h2>
 <p><code class="function">lwres_herror()</code>
       prints the string <em class="parameter"><code>s</code></em> on
       <span class="type">stderr</span> followed by the string generated by
@@ -84,7 +84,7 @@ const char *
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543497"></a><h2>RETURN VALUES</h2>
+<a name="id2543495"></a><h2>RETURN VALUES</h2>
 <p>
       The string <span class="errorname">Unknown resolver error</span> is returned by
       <code class="function">lwres_hstrerror()</code>
@@ -94,7 +94,7 @@ const char *
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543517"></a><h2>SEE ALSO</h2>
+<a name="id2543515"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">herror</span>(3)</span>,
 
       <span class="citerefentry"><span class="refentrytitle">lwres_hstrerror</span>(3)</span>.
diff --git a/contrib/bind/lib/lwres/man/lwres_inetntop.html b/contrib/bind/lib/lwres/man/lwres_inetntop.html
index 307093bd9b..53e70f4fe1 100644
--- a/contrib/bind/lib/lwres/man/lwres_inetntop.html
+++ b/contrib/bind/lib/lwres/man/lwres_inetntop.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_inetntop.html,v 1.23.214.1 2009/07/11 01:43:34 tbox Exp $ -->
+<!-- $Id: lwres_inetntop.html,v 1.23.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_net_ntop &#8212; lightweight resolver IP address presentation</p>
@@ -62,7 +62,7 @@ const char *
 </div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543379"></a><h2>DESCRIPTION</h2>
+<a name="id2543377"></a><h2>DESCRIPTION</h2>
 <p><code class="function">lwres_net_ntop()</code>
       converts an IP address of protocol family
       <em class="parameter"><code>af</code></em> &#8212; IPv4 or IPv6 &#8212; at
@@ -80,7 +80,7 @@ const char *
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543411"></a><h2>RETURN VALUES</h2>
+<a name="id2543409"></a><h2>RETURN VALUES</h2>
 <p>
       If successful, the function returns <em class="parameter"><code>dst</code></em>:
       a pointer to a string containing the presentation format of the
@@ -93,7 +93,7 @@ const char *
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543444"></a><h2>SEE ALSO</h2>
+<a name="id2543442"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">RFC1884</span></span>,
       <span class="citerefentry"><span class="refentrytitle">inet_ntop</span>(3)</span>,
       <span class="citerefentry"><span class="refentrytitle">errno</span>(3)</span>.
diff --git a/contrib/bind/lib/lwres/man/lwres_noop.html b/contrib/bind/lib/lwres/man/lwres_noop.html
index 53ccdf8ebf..a658a1ab28 100644
--- a/contrib/bind/lib/lwres/man/lwres_noop.html
+++ b/contrib/bind/lib/lwres/man/lwres_noop.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_noop.html,v 1.25.214.1 2009/07/11 01:43:34 tbox Exp $ -->
+<!-- $Id: lwres_noop.html,v 1.25.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_nooprequest_render, lwres_noopresponse_render, lwres_nooprequest_parse, lwres_noopresponse_parse, lwres_noopresponse_free, lwres_nooprequest_free &#8212; lightweight resolver no-op message handling</p>
@@ -179,7 +179,7 @@ void
 </div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543522"></a><h2>DESCRIPTION</h2>
+<a name="id2543520"></a><h2>DESCRIPTION</h2>
 <p>
       These are low-level routines for creating and parsing
       lightweight resolver no-op request and response messages.
@@ -270,7 +270,7 @@ typedef struct {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543672"></a><h2>RETURN VALUES</h2>
+<a name="id2543670"></a><h2>RETURN VALUES</h2>
 <p>
       The no-op opcode functions
       <code class="function">lwres_nooprequest_render()</code>,
@@ -309,7 +309,7 @@ typedef struct {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543738"></a><h2>SEE ALSO</h2>
+<a name="id2543736"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">lwres_packet</span>(3)</span>
     </p>
 </div>
diff --git a/contrib/bind/lib/lwres/man/lwres_packet.html b/contrib/bind/lib/lwres/man/lwres_packet.html
index ed5ff818a9..a3ce334240 100644
--- a/contrib/bind/lib/lwres/man/lwres_packet.html
+++ b/contrib/bind/lib/lwres/man/lwres_packet.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_packet.html,v 1.26.214.1 2009/07/11 01:43:31 tbox Exp $ -->
+<!-- $Id: lwres_packet.html,v 1.26.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_lwpacket_renderheader, lwres_lwpacket_parseheader &#8212; lightweight resolver packet handling functions</p>
@@ -66,7 +66,7 @@ lwres_result_t
 </div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543389"></a><h2>DESCRIPTION</h2>
+<a name="id2543387"></a><h2>DESCRIPTION</h2>
 <p>
       These functions rely on a
       <span class="type">struct lwres_lwpacket</span>
@@ -219,7 +219,7 @@ struct lwres_lwpacket {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543706"></a><h2>RETURN VALUES</h2>
+<a name="id2543704"></a><h2>RETURN VALUES</h2>
 <p>
       Successful calls to
       <code class="function">lwres_lwpacket_renderheader()</code> and
diff --git a/contrib/bind/lib/lwres/man/lwres_resutil.html b/contrib/bind/lib/lwres/man/lwres_resutil.html
index df58af7d5b..dbc2301cb6 100644
--- a/contrib/bind/lib/lwres/man/lwres_resutil.html
+++ b/contrib/bind/lib/lwres/man/lwres_resutil.html
@@ -14,7 +14,7 @@
  - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  - PERFORMANCE OF THIS SOFTWARE.
 -->
-<!-- $Id: lwres_resutil.html,v 1.25.214.1 2009/07/11 01:43:31 tbox Exp $ -->
+<!-- $Id: lwres_resutil.html,v 1.25.214.1.2.1 2009/12/31 23:47:14 tbox Exp $ -->
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
@@ -22,7 +22,7 @@
 <meta name="generator" content="DocBook XSL Stylesheets V1.71.1">
 </head>
 <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en">
-<a name="id2476275"></a><div class="titlepage"></div>
+<a name="id2476267"></a><div class="titlepage"></div>
 <div class="refnamediv">
 <h2>Name</h2>
 <p>lwres_string_parse, lwres_addr_parse, lwres_getaddrsbyname, lwres_getnamebyaddr &#8212; lightweight resolver utility functions</p>
@@ -134,7 +134,7 @@ lwres_result_t
 </div>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543466"></a><h2>DESCRIPTION</h2>
+<a name="id2543464"></a><h2>DESCRIPTION</h2>
 <p><code class="function">lwres_string_parse()</code>
       retrieves a DNS-encoded string starting the current pointer of
       lightweight resolver buffer <em class="parameter"><code>b</code></em>: i.e.
@@ -210,7 +210,7 @@ typedef struct {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543605"></a><h2>RETURN VALUES</h2>
+<a name="id2543603"></a><h2>RETURN VALUES</h2>
 <p>
       Successful calls to
       <code class="function">lwres_string_parse()</code>
@@ -248,7 +248,7 @@ typedef struct {
     </p>
 </div>
 <div class="refsect1" lang="en">
-<a name="id2543676"></a><h2>SEE ALSO</h2>
+<a name="id2543674"></a><h2>SEE ALSO</h2>
 <p><span class="citerefentry"><span class="refentrytitle">lwres_buffer</span>(3)</span>,
 
       <span class="citerefentry"><span class="refentrytitle">lwres_gabn</span>(3)</span>.
diff --git a/contrib/bind/version b/contrib/bind/version
index d92600865d..dadbc08b08 100644
--- a/contrib/bind/version
+++ b/contrib/bind/version
@@ -1,4 +1,4 @@
-# $Id: version,v 1.39.18.13.2.1 2009/11/18 23:41:17 marka Exp $
+# $Id: version,v 1.39.18.13.2.2 2009/12/31 21:02:44 each Exp $
 # 
 # This file must follow /bin/sh rules.  It is imported directly via
 # configure.
@@ -7,4 +7,4 @@ MAJORVER=9
 MINORVER=5
 PATCHVER=2
 RELEASETYPE=-P
-RELEASEVER=1
+RELEASEVER=2