ISC Releases the First Look At BIND 10 172
Ethanol writes "Internet Systems Consortium, producers of BIND 9 (the most popular DNS implementation on the internet), have spent the past year working on a successor, BIND 10. It's entirely new code, redesigned and rewritten from the ground up, and now the first glimpse of what it will eventually look like has been released. 'This code is not intended for general use, and is known to be inefficient, difficult to work with, and riddled with bugs. These problems will all be fixed over the next couple of years, as functionality is added and refined, and the software matures. However, the codebase has a good framework for moving forward, and the software is capable of serving as a DNS server with significant functionality.' (Full disclosure: I work for ISC and I'm one of the engineers on the project.)"
DJB might agree (Score:5, Insightful)
Re: (Score:3, Informative)
Right, much better to write code under some bizarre license, ignore it for years forcing people to distribute patches unto patches, then 6 years later finally realize you're not maintaining the code and never will and finally release it under a sane persons license.
Bizzarro world of DJB haters (Score:3, Interesting)
Enforcing your copyright over original content is a bizarre license scheme? Patching considered bad? Actually doing something you promised is wrong? Public Domain is a license?
Wow, you really have drunk the DJB haters kool-aid.
Re: (Score:2)
Enforcing your copyright over original content is a bizarre license scheme?
Releasing source code, but refusing to allow anyone to modify it and not maintaining it yourself is rather bizarre, yes.
Patching considered bad?
Yes. Forcing people that actually DO want to maintain your code to do so by collecting together a series of patches and apply them to your original code is rather poor software distribution and maintenance.
Actually doing something you promised is wrong?
I never said what he did was "wrong", b
Re: (Score:3, Informative)
(huh? Please describe)
He distributed source code, but didn't allow anyone to modify it. Thus why people distributed a series of patches to the software. People have some strange hero worship of Bernstein, but don't understand that an author who abandons his code but doesn't allow anyone else to modify it isn't deserving of much respect.
(Oh, and there are other free, open source alternatives to BIND, so saying both programs suck in different ways and better alternatives exist is perfectly valid)
Re: (Score:2)
Have you found a DNS program that works faster and is more stable and secure than the current version of tinydns yet? Just curious.
Dan's very possessive of his software, like most people who write 99% of their own code, and doesn't believe in modern Copyright (thus the unofficial open source status of his software), but he does write very good code, and its in use by a lot of people for that reason.
Re: (Score:2)
Could apply to any version of BIND.
That was my first thought, having given up on BIND years ago in favor of the vastly more efficient, user-friendly, and -- most importantly -- bug free djbdns.
After all this time, the best they can do is something they themselves admit is crap, and they plan to take years to make it less crappy? That's really stunning, and not in a good way. We are, after all, talking about a key/value store. Thank goodness they didn't try something that wasn't appallingly well-understood already.
Re: (Score:2)
What definition of "bug free" are you using there? Is it the one where DJB pretends bugs don't exist for years by handwaving them as user error? And how is a piece of software user-friendly or efficient when you have to install the author's NIH-syndrome init and xinetd replacements just to use it?
Re: (Score:2)
I'm sorry, which version of xinetd and init tracks both the daemon and its logger daemon as a unit and ensures they are always piped together?
Re: (Score:2)
Do you have a citation for that?
I know of exactly one DJBDNS bug:
djbdns<=1.05 lets AXFRed subdomains overwrite domains [gmane.org]
Afaik that bug was acknowledged (and paid for) rather quickly.
As a happy djbdns user I'd be curious to learn about other bugs that I've missed?
how many times are they going to rewrite it? (Score:2)
Re: (Score:2)
I thought bind 9 was a rewrite from scratch? They did such a crappy job, they have to do it again for 10?
Yes.
Next question?
djbdns users register here (Score:2)
Yes, yes, we realize djbdns is far more secure. And that DJB is ornery.
Instead of peppering the whole forum with "djbdns is great", just respond to this thread.
Frist!
Re: (Score:2)
I was thinking "::crickets chirping::", but ... your version is a bit more, uh, colorful.
What's the point of a rewrite... (Score:2)
...if you're doing it to end up with new code that is "inefficient, difficult to work with, and riddled with bugs"?
Was the original code too efficient, well-commented and well-tested and they couldn't live with that?
Re: (Score:3, Funny)
Why, backwards-compatibility with BIND 8 and 9, of course!
A Monument to "Software Engineering" (Score:2)
BIND is thirty years old and a core piece of Internet infrastructure. That a completely new design and re-write of such a fundamentally important piece of software is "inefficient, difficult to work with, and riddled with bugs" highlights the continuing immaturity of the computer software industry.
This should be an embarrassment to every software designer, Google, IBM, and Microsoft should be screaming out how this is making the entire industry look bad.
Wouldn't this be an ideal target for test driven deve
Re:A Monument to "Software Engineering" (Score:5, Insightful)
BIND is thirty years old and a core piece of Internet infrastructure.
Actually, BIND 9 -- "the most popular DNS implementation on the Internet," according to the submitter -- is merely 10 years old, and was itself a major rewrite of BIND 8. BIND 8 was only declared "end of life" in 2007.
That a completely new design and re-write of such a fundamentally important piece of software is "inefficient, difficult to work with, and riddled with bugs" highlights the continuing immaturity of the computer software industry.
Really. So the fact that a software developer plans to take "the next couple of years" (again, re: the submitter) to complete a software project is symptomatic of the total failure of an entire industry. Interesting perspective. Thanks for that.
Re: (Score:2)
Re: (Score:2)
Really. So the fact that a software developer plans to take "the next couple of years" (again, re: the submitter) to complete a software project is symptomatic of the total failure of an entire industry. Interesting perspective. Thanks for that.
Are you really defending the current development shortcomings of BIND 10 with the article author's inability to elucidate software engineering? Not at all continuing another symptomatic issue of the software industry.
Re: (Score:2)
Wouldn't this be an ideal target for test driven development
Depends on the difficulty of running meaningful tests. Moreover, testing an application architecture is rather more difficult than testing individual units that plug into such an architecture. (One of the goals of an architecture ought to be that it allows the testing of modules plugged into it without doing a full run of the whole mess, i.e., that it enables TDD. Getting to that stage isn't trivial; if you think it is, that's probably because you've never tried writing one for real, and have just been leve
Does not look great, honestly. (Score:2)
So instead of 1 daemon I'll now get 3-4 running daemons interacting in strange ways? Thanks, that's exactly what I need.
How about scriptability and/or custom resolvers? Nope, none of this.
Oh well, probably I should switch to DJBDns. It also uses a ton of daemons, but at least it's architectured properly.
That's "designed" (Score:2)
"Architecture" is a noun. "Design" is a verb (or a noun). There's no "architectured".
Re: (Score:2)
We've just witnessed the birth of a new buzz word.
Re: (Score:2)
The OED begs to differ. It has an entry for "architecture" as a verb, and quotes some major English writers as sources.
Re: (Score:2)
"Architecture" is a noun. "Design" is a verb (or a noun). There's no "architectured".
I thought any noun could be verbed.
What's so hard about this? (Score:2)
Most of the trouble with BIND stems from the fact that it's a database app with its own database implementation. BIND10 uses SQLite, which already works. That ought to simplify the thing enormously.
Building in a web server for BIND administration is probably the source of much of the complexity.
Re: (Score:2)
Re: (Score:2)
Why should everything use the same database? A file system is a type of database. SQL is another. Each has it's own purpose. SQLite is contained in a file anyways. A separate database server wouldn't have to be setup for this.
Generic back-end (Score:2)
The design for BIND 10 allows for generic back-ends. We implemented SQLite as the first one, simply because it was the easiest. One of our early goals for the second year of development is to support additional database back-ends (we call them "data sources"), including MySQL, PostgreSQL, and an in-memory 'database' (for performance-critical environments).
In the end we'll also support more exotic back-ends, like BDB, LDAP, directories, and possibly even the tinydns data format.
[ disclaimer - I am the BIND 1
Re: (Score:2)
First of all I agree, building a webserver for something as critically important as a DNS resolver is completely asshat if that is what they are doing.
But I disagree with you. Any dns resolver should be as complete an island as possible, depending on as little as possible, the fewer other subsystems it has to rely on the less points of failure there are.
This should be a very straight forward hash table, loaded from into ram, all entries mapped to either upper or lower case and then the queries hashed and t
Re: (Score:2)
BIND isn't a DNS resolver.
Re: (Score:2)
Ummm...this "database" isn't relational, there's no inner joins or anything like that (at least there shouldn't be), it's a one-to-one lookup (text string to IP address).
It's not the sort of thing which takes ten revisions just to get to a state where it's "inefficient, difficult to work with, and riddled with bugs".
Re: (Score:2)
DNS is not naturally a data structure suitable for relational databases. Any SQL is a bad choice because SQL is a bad choice. Something like Berkeley DB might have been better, or perhaps some of these [wikipedia.org].
Re: (Score:2)
They could've learned from how fast one of their detractors' systems work -- tinydns uses a BDB-like database system for storage as well, and is extremely fast. I think there are even more problems with how BIND handles memory management and historically doesn't understand that resolving and serving are completely different concepts.
Years? (Score:2)
These problems will all be fixed over the next couple of years
I admit complete ignorance in this area, so please educate me if this sounds stupid -- but surely writing a DNS server can't be that hard?
Re: (Score:2)
Are you kidding? It is software written by committee which always sucks. What other examples, try http, css, xhtml, xml, etc. etc. the list is endless.
Additionally the entire DNS system is one pile of legacy crap with a on of kludges to support this or that interest group.
Just be glad there are alternatives.
And you are correct, it should just be a database that responds to a very simple query, here is the domain name, here is the record type, return the IP address.
But it is far more then that. Depending
Re: (Score:2)
surely writing a DNS server can't be that hard?
Try it some time! It's fun! I can even refer you to an ongoing open-source project that you can contribute to, if you like! :)
To give a rough idea of scale, BIND 9 has about half a million lines of C code, and the first release took a couple of years to write.
(BIND 10, in its current minimal and unfinished state, is about 40,000 lines of C++, and 10,000 lines of python.)
Re: (Score:2)
Re: (Score:2)
Ok, if you want it to simply carry out lookups and return answers then fair enough.
If how ever you want to do more a quick set of things to consider (this is purely off the top of my head)
0. Security
1. Validation of the various record types
2. Caching of lookups
3. Proper use of the dns heirarchy
4. Security
5. Should be easy to manage
6. Zone transfers
7. Speed... slow dns will be no use to man nor beast
8. Security
9. Compliant to the relevant RFC's
10. Dynamic DNS support
Ok, I've put security in a few times but i
What is being thrown out? (Score:2)
Which major features in bind9 are going to be thrown out (and stay out even beyond beta) for bind10?
Yet again (Score:2)
Seriously? The idea is to go for yet another rewrite? And it sounds like it's going to be a half-assed database backing (SQLite? Is this right?)? Why not just move to an abstracted storage backend, and let the admin pick what works for him (or write his own backend plugin)? You know, like PowerDNS has been doing for awhile now. Seriously, guys, let's just stop using BIND and move to a better nameserver; it really seems like ISC is going to be rewriting BIND until the heat death of the universe.
Re: (Score:2)
http://tech.slashdot.org/comments.pl?sid=1589160&cid=31548122 [slashdot.org]
riddled with bugs (Score:2)
'This code is not intended for general use, and is known to be inefficient, difficult to work with, and riddled with bugs.'
If this is indeed a true statement this code is doomed and should be thrown away right now.
If they don't do it right from the start they will spend the rest of forever turd-polishing.
But what about the bloat? (Score:2)
There's no mention of the bloat of BIND9. Will it be carried into BIND10? Are they reimplementing all the bloat from the ground up?
I'll stick with NSD [nlnetlabs.nl] and Unbound [unbound.net].
Re: (Score:2)
Well they're probably not going to cull features and probably going to design more efficiently, but it raises the question - what's better about this rewrite than, say, unbound, with several years' head-start in the rewrite race?
Bind? (Score:2)
Is there still a lot of Bind users out there?
NSD and Unbound are way better, but they aren't the only worthy alternatives.
Future direction? (Score:2)
DNS for IPv6 will have to know a whole lot more about which address to dish out 1st than current versions of BIND and I'm not sure how long it will take to get a good handle on that problem.
I'm old school so I like dedicated hardware for my DNS servers. I run bsd jails that don't have anything but bind running. I used to run solaris servers that had init running named running off a read only scsi disk that was shared with another server. Init ran another program that would mount the file system read only,
Re: (Score:2)
The reason why anyone would need to do all that was both BIND4 and BIND8 were pieces of crap. BIND9 was a bit better but still...
Anyway, if it's a different team doing BIND10, maybe they might produce something better.
Re:Great. Just what the DNS infrastructure needs (Score:5, Insightful)
Yes. As opposed to hacking any new functionality that's needed into all that existing cruft and introducing subtle, hard-to-understand bugs and security vulnerabilities. Which is the trade-off, after all.
(We don't have to stop all development on anything new in the future ever just because we have one mature codebase. It's not like we're all deploying the stuff tomorrow.)
Re: (Score:2)
In my opinion, if you're going to start over, you start a new project. You start small, and you build a solid base of code. You don't get something that the authors admit is "riddled with bugs"
BIND 10 committee metings (Score:3, Informative)
There is no "BIND 10 committee", but we do have weekly conference calls. Minutes from these are published on our Trac site:
https://bind10.isc.org/wiki/WeeklyConferenceCalls [isc.org]
[ disclaimer: I am the BIND 10 project manager ]
Re: (Score:2)
That still doesn't answer the question, "Why the heck wasn't BIND fixed a long time ago? You've had TWENTY FIVE YEARS!!!!!"
Re: (Score:2, Flamebait)
Seriously. "Riddled with bugs"? The implication is that nobody at ISC knows how to write good software. Not really surprising. Bind 4 was a mess. Bind 8 was a mess. Bind 9 was a mess.
"Insanity: doing the same thing over and over again and expecting different results." (Einstein)
They need to start over using sane software design methodology. That probably means hiring competent software engineers.
Re: (Score:2)
Re:Great. Just what the DNS infrastructure needs (Score:5, Insightful)
Tests are great for finding bug/problems you have already thought about. They are great for making sure that you don't make the same mistake again. However they don't reliably cover things you have not yet thought about. It is also really hard to write tests that cover complicated network interaction... and that is percicely what Bind must do.
Re: (Score:2, Insightful)
Re: (Score:2)
hiring people isn't a solution to anything.
That's like asking someone to figure out how to prevent a situation that has never occurred.
you can plan and plan and plan, but you're not going to have a fallback for everything that can possibly happen.
Re: (Score:2)
It responds with an IP address given a name.
How exactly is that "complicated network interaction"?
Yes, yes.. i know, we have Dynamic updates, DNSSec, etc.. now.. but come on, how hard is it to get the basics solid, then move on to the rest?
Re: (Score:2)
That's arguably why DJB wrote tinydns -- do the simple things well and correctly.
The caching resolver portion however is what allows for cache poisoning attacks and some other interesting Internet security holes in the last decade.
Re:Great. Just what the DNS infrastructure needs (Score:5, Informative)
We wrote lots of tests. (How else would we know it has bugs in it?) This is a somewhat fair criticism of BIND 9, but read the link before you assume we didn't learn any lessons from the past. The unit tests are included in the tarball and coverage results are viewable online [isc.org].
Re: (Score:2)
Dude, you have fucking got to be joking!
155 // should we refactor this code using, e.g, the state pattern? Probably // not at this point, as this is based on proved code (derived from BIND9) // and it's less likely that we'll have more variations in the domain name // syntax. If this ever happens next time, we should consider refactor // the code, rather than adding more states and cases below.
156
157
158
159
160 while (ndata.size() 161 unsigned char c = *s++;
162
163 switch (state)
Re: (Score:2)
Using "s" to refer to a string and "c" to refer to successive characters in it is a common C idiom, and will be immediately understood by any competent C programmer.
Re: (Score:2)
I'm assuming s and c are part of the idiom in this code. And it's good practice to declare variables in the smallest possible scope, and init them at the same time. It sounds like you think it's inefficient, but any decent compiler will optimize away 'c'; it's only there for readabi
Re: (Score:2)
Re: (Score:2)
Yes using i is a common idiom in C when using a throw away integer for loop control, its intent is clear,
In this code ( please go read the rest of it ) the variable c referes to s all over the place and these is nothing really explaining it. While being terse does have its merits as the example you showed indicates ( the scope is limited to a simple 5 line function, that kind of terseness does not belong spread over 50 lines of code.
As an initializer you really have no idea what you are initializing with u
Re: (Score:2)
I'm going to say that s and c are a string and a character, respectively, as s is being treated like a pointer to an array of characters. That being the case, these names are exactly as idiomatic as i.
People are really complaining too much about having a buggy BIND 10 implementation. This is alpha software, with a long life cycle. This software will be expected to last years, so taking a few to make sure all the bugs are ironed out properly is not a big deal. As far as I can tell the development team is app
Re: (Score:2)
Looking at the posted code, it's pretty obvious that s is the input string being parsed and c is the next character being read. I would expect the rest of this function to contain a switch statement providing cases for the next character.
The point of longer variable names is to make the code easier to read. If someone with C experience can look at the code and know what it's doing, then this goal is achieved already.
If I were writing this code, then I'd probably use a parser generator like LEMON rather
Re: (Score:2)
If everyone subscribed to that logic, we would not have Postfix, Firefox, lighttpd, or any other number of important open source Internet software projects.
Re: (Score:2)
both Firefox and lighttpd started out as very small subsets of larger tools, focusing on small code and a lower number of features. From the sound of BIND 10, it sounds like they're shooting for the universe.
Also, Postfix wasn't a rewrite of existing code.
Re: (Score:2)
Re: (Score:2)
If you can't write a new program, practically free of buggy code, you certainly don't have the wherewithall to fix bugs in existing code...
Sendmail certainly came through it's rewrite vastly better than it was before. Other DNS programs, like MaraDNS, have come on the scene, and remain exploit-free for several years now.
Re: (Score:2)
Sure - new codebase, new bugs. A given. What isn't given is why the original developers thought this was a good idea? None of the answers to that question that I can think of are complimentary to what is now core infrastructure to the Internet. Was it not modularly written? Was it horribly insecure, and so badly so that it wasn't considered worth extending?
Bind is now in its tenth revision. You'd think by now that some sort of good, workable framework or design pattern would have evolved by now?
But clearly,
Why BIND 10 is a rewrite (Score:5, Informative)
Joel has a lot of followers, but you shouldn't take what he says as holy writ. In fact, this very article is all about how we should still be using the old Netscape browser and not have started this crazy Mozilla project... you know, the one that resulted in Firefox?
I view the BIND 10 project in some ways as the DNS version of the Mozilla project - it is an ambitious rewrite, and will take a while to reach maturity. Luckily BIND 9 is still an excellent piece of software, so we have the luxury of enough time to get there.
BIND 9 is 10 years old, and was designed and implemented when the computing and Internet worlds were different than they are today. The architecture of BIND 9 - a monolithic, multithreaded program - does not lend itself well to today's DNS needs. So a new architecture is needed.
Originally we had planned on reusing a lot of the BIND 9 code. After all, like Joel says, it has been field-tested and is known to be high-quality in handling real-world DNS needs. However, the BIND 9 code has very, very high coupling. In order to make a small change or use an excerpt of code, you need to use the BIND 9 memory management system, and the BIND 9 task model, and the BIND 9 socket library, and so on. One of the reasons that BIND 9 needs to be rewritten is to make it possible to use the parts of the software you need to solve your problems without having to understand the entire system.
My theory is that the architectural problems would have been resolved over the decade of active use for BIND 9, as users submitted their patches and the developers periodically refactored the code. Unfortunately the BIND 9 project does not have an active community, either as developers or users. There are lots of people using BIND 9 (surveys put BIND 9 at about 80% of DNS servers on the Internet), but they have no group identity as BIND 9 users, and the direction and development of the software comes almost entirely from within ISC. This means it is an open source project that has resources limited in ways similar to proprietary software. If there was a BIND 9 community, then I think the software would have evolved with the times and a rewrite would not have been necessary.
For BIND 10, we want it to be an actual open source project, not just open source software. We have tried hard to be open and transparent about how BIND 10 is developed, and are trying to make it easy to participate in BIND 10. Hopefully this will be the last time a major rewrite is necessary, and the code base can evolve in any direction it needs to in the future, by maintaining a good connection with the people who actually use it.
[ disclaimer - I am the BIND 10 project manager ]
Re: (Score:3, Informative)
Joel has a lot of followers, but you shouldn't take what he says as holy writ. In fact, this very article is all about how we should still be using the old Netscape browser and not have started this crazy Mozilla project... you know, the one that resulted in Firefox?
Yes, but where is Netscape today? Rwriting your code from scratch and fading into oblivion is hardly good business. Eventually the code came good but it was too late to save the company.
Re: (Score:2)
My theory is that the architectural problems would have been resolved over the decade of active use for BIND 9, as users submitted their patches and the developers periodically refactored the code.
I doubt that. Having seen open source communities in action, it is very rare that architectural problems get fixed by communities. This is because architecture-by-committee doesn't work. For sanity, you need one person to hold the core architecture in their head and describe it to everyone else. Once things get complicated enough, it is just about impossible for anyone to be that person and it is easier to throw it all away and start over. That's a shame, but how it goes.
Communities tend to build on top of
Re: (Score:2)
You mean like Windows ME? ^^
Re: (Score:2)
Actually I'm pretty sure BIND 9 was advertised as a near-complete rewrite too.
That said, I'm not touching either version ever again after using http://cr.yp.to/djbdns.html [cr.yp.to]
Re:Excellent (Score:4, Insightful)
nope, Microsoft has the audacity to claim their bloated buggy crap is suitable for general use.
Re: (Score:3, Funny)
You appear to be confused. DNS stands for Domain Name System, not Does Nothing Satisfactorily.
Re: (Score:2)
worst piece of widely-used network software ever made
uhh, sendmail?
Re: (Score:2)
Re: (Score:2)
I'm having trouble finding recent numbers, but Sendmail was at 42% and falling in 2001, and possibly at 27% in 2008. BIND had around 70% in 2004. So, yeah, BIND is used way more than Sendmail.
Re: (Score:3, Informative)
Why would they even release it if their ground-up rewrite is so pathetic?
'Cause it's open source software, emphasis on "open". It won't be done for another couple of years, but you can look at the work in progress. You can even help write it if you want.
Re: (Score:2)
Basically, someone once wrote a convincing text which says: Release Early, Release Often [catb.org].
It's a release in the sense that we wanted to make it widely available for people to see what ideas we are playing with, and to get feedback and participation.
[ disclaimer - I am the BIND 10 project manager ]
Re:Difficult to work with? (Score:5, Informative)
But what do you mean when you say "difficult to work with"? A code that is difficult to understand/maintain/evolve?
I sure hope not, as those are all specific design goals for the project (and they're among the failings of BIND 9 that made us want to redesign it in the first place). I meant "difficult to use" -- the user interface basically doesn't exist yet.
Re: (Score:2)
What is wrong with the BIND user interface?
You edit a few simple test based config files, is that really so hard?
Re: (Score:2)
The existing BIND 9 mechanism are not hard for your small domains that change rarely, but they don't work if you have tens or hundreds of thousands of domains that you manage, which change on a frequent basis. While this may not be interesting for you, there are many organizations for who this is a daily reality, and BIND 9 doesn't work well for them.
There are also organizations that have existing provisioning systems for large deployments, and would like their DNS to be better integrated... something today
Re: (Score:2)
Only problematic if you are doing it with AXFR. Nobody in their right mind uses AXFR, right?
So you're planning to design a piece of internet backbone s
Re: (Score:2)
I meant "difficult to use" -- the user interface basically doesn't exist yet.
You mean it doesn’t offer you a retarded point-and-click interface?
That’s not a bug. It’s a feature. So people like you don’t touch it.
BIND has a pleasing interface based on text files. Just like any other professional server software.
It doesn't look very understandable to me (Score:5, Interesting)
Well, I took a look at the code, and it's a typical "modern" C++ design. There's a gazillion classes in an "everything-is-an-object" hierarchy, using the latest and greatest "patterns" in superfluously complex ways. Doesn't anybody care about simplicity in design any more? Granted, BIND9 code was a mess, but this IMO is not much of an improvement. Ugly C++ is just as bad as ugly C. For example, why, for the love of God, would you replace a simple enum with a class with a member variable set to a constant value, and with each instance of the class created by a named constructor with a hardcoded constant in it? In src/lib/dns/message.h there are four of these. And what's with all the wrappers? I suppose it's their definition of "extensibility" -- a framework where everything is accessed through wrapped pimpls, so that anybody could change the implementation without changing binary compatibility with... oh, wait, it's an executable, so WTF? When you change something, you have to rebuild it anyway. So all you really get is ugly wrappers over ugly wrappers over actual code. Why do you need these wrappers anyway? What's wrong with boost's base64_encoder, for instance, that you need to wrap it with an encodeBase64 function, which instantiates a 20 line local BinaryNormalizer class in an anonymous namespace, the purpose of which, as far as I can see, is to pad the binary input with zeroes in case some evil application decides to read past the end of the vector. Oh, wait, this is only called from encodeBase64, and the read-past-the-end thing never happens. So WTF?
That's just four files I looked at, and already it's WTF piled on WTF. Maybe I ought to submit it to thedailywtf.com and see if it's accepted...
Re: (Score:3, Informative)
Thank you very much for looking at the code. If you could send critiques like that to the developer list instead of posting them to slashdot, it'd have a better chance of getting attention from the other developers.
I suppose it's their definition of "extensibility" -- a framework where everything is accessed through wrapped pimpls, so that anybody could change the implementation without changing binary compatibility with... oh, wait, it's an executable, so WTF?
Actually the bit you're looking at is libdns, which we're trying to design in such a way that it can be used by other DNS-aware applications, not just BIND. (I happen to agree with several of your other points, though, and there are places outside libdns where the pimpl thing was used and maybe
Re: (Score:3, Interesting)
> If you could send critiques like that to the developer list instead of posting them to slashdot,
> it'd have a better chance of getting attention from the other developers
The problem is that I simply don't see what sort of "attention" I would want in such a situation. Yes, I could write up a mile-long list of complaints about the code, but it would not do any good because they would all add up to: "your code sucks; throw it all out and start over". It's not just one little thing or two little things,
Re:How (Score:5, Funny)
Is that pronounced? Does it rhyme with sinned or blind ?
Wined and dined.
Re: (Score:2)
Does it rhyme with sinned or blind ?
Wined and dined.
You winned!
+1 insightful (Score:2)
If they didn't get it right after nine versions then it's probably time to move on.
"...is known to be inefficient, difficult to work with, and riddled with bugs"
Make that "definitely".
And another +1 insightful (Score:2)
I mean for chrissake, how hard can it be to take a domain name and return an IP, and vice versa? It's a database with a coupla queries. Sheesh. And why churn out code that is full of security vulnerabilities? A security vulnerability is a shitty piece of code. Plain and simple.
Re:The unit tests are a bad joke - age and sex (Score:5, Informative)
One of the ideas of BIND 10 is to allow modules to be added to an already running system. Also, we want administrator tools to be able to ask the modules themselves what functionality is available. This allows relatively simple administrative tools to work with changing systems.
In order to do this, we need to have a mechanism for modules to report their capabilities. So, for example "I have a command called 'notify' which can be used to send a notify to my secondary servers, and it takes the parameter 'domain' which specifies the domain to send it from, and an optional parameter 'secondaries' which you can use to limit to a set of secondary servers".
The test code here exercises this generic capability.
[ disclaimer - I am the BIND 10 project manager ]
Re: (Score:2)
Does this mean you are attempting to create a smaller core and then make everything else a module? Something similar to the architecture of Apache HTTPD?
Re: (Score:2)
lmao, and the cause of most of the Internet's DNS issues in the last 10 years. Most of which were predicted and warned about by the very same DJB. This is software -- doing it right is valuable. Doing it wrong when you're shown how to do it right is stupid.