Newer Older
Evan Hunt's avatar
Evan Hunt committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186
BIND Source Access and Contributor Guidelines

Feb 22, 2018


 1. Access to source code
 2. Reporting bugs
 3. Contributing code


Thank you for using BIND!

BIND is open source software that implements the Domain Name System (DNS)
protocols for the Internet. It is a reference implementation of those
protocols, but it is also production-grade software, suitable for use in
high-volume and high-reliability applications. It is by far the most
widely used DNS software, providing a robust and stable platform on top of
which organizations can build distributed computing systems with the
knowledge that those systems are fully compliant with published DNS

BIND is and will always remain free and openly available. It can be used
and modified in any way by anyone.

BIND is maintained by the Internet Systems Consortium, a public-benefit
501(c)(3) nonprofit, using a "managed open source" approach: anyone can
see the source, but only ISC employees have commit access. Until recently,
the source could only be seen once ISC had published a release: read
access to the source repository was restricted just as commit access was.
That's now changing, with the opening of a public git mirror to the BIND
source tree (see below).

Access to source code

Public BIND releases are always available from the ISC FTP site.

A public-access GIT repository is also available at
. This repository is a mirror, updated several times per day, of the
source repository maintained by ISC. It contains all the public release
branches; upcoming releases can be viewed in their current state at any
time. It does not contain development branches or unreviewed work in
progress. Commits which address security vulnerablilities are withheld
until after public disclosure.

You can browse the source online via

To clone the repository, use:

      $ git clone

Release branch names are of the form v9_X, where X represents the second
number in the BIND 9 version number. So, to check out the BIND 9.12
branch, use:

      $ git checkout v9_12

Whenever a branch is ready for publication, a tag will be placed of the
form v9_X_Y. The 9.12.0 release, for instance, is tagged as v9_12_0.

The branch in which the next major release is being developed is called

Reporting bugs

Reports of flaws in the BIND package, including software bugs, errors in
the documentation, missing files in the tarball, suggested changes or
requests for new features, etc, can be filed using

Due to a large ticket backlog, we are sometimes slow to respond,
especially if a bug is cosmetic or if a feature request is vague or low in
priority, but we will try at least to acknowledge legitimate bug reports
within a week.

ISC's ticketing system is publicly readable; however, you must have an
account to file a new issue. You can either register locally or use
credentials from an existing account at GitHub, GitLab, Google, Twitter,
or Facebook.

Reporting possible security issues

If you think you may be seeing a potential security vulnerability in BIND
(for example, a crash with REQUIRE, INSIST, or ASSERT failure), please
report it immediately by emailing to Plain-text
e-mail is not a secure choice for communications concerning undisclosed
security issues so please encrypt your communications to us if possible,
using the ISC Security Officer public key.

Do not discuss undisclosed security vulnerabilites on any public mailing
list. ISC has a long history of handling reported vulnerabilities promptly
and effectively and we respect and acknowledge responsible reporters.

ISC's Security Vulnerability Disclosure Policy is documented at https://

If you have a crash, you may want to consult ?What to do if your BIND or
DHCP server has crashed.?

Contributing code

BIND is licensed under the Mozilla Public License 2.0. Earier versions
(BIND 9.10 and earlier) were licensed under the ISC License

ISC does not require an explicit copyright assignment for patch
contributions. However, by submitting a patch to ISC, you implicitly
certify that you are the author of the code, that you intend to reliquish
exclusive copyright, and that you grant permission to publish your work
under the open source license used for the BIND version(s) to which your
patch will be applied.

BIND code

Patches for BIND may be submitted directly via merge requests in ISC's
Gitlab source repository for BIND.

Patches can also be submitted as diffs against a specific version of BIND
-- preferably the current top of the master branch. Diffs may be generated
using either git format-patch or git diff.

Those wanting to write code for BIND may be interested in the developer
information page, which includes information about BIND design and coding
practices, including discussion of internal APIs and overall system
architecture. (This is a work in progress, and still quite preliminary.)

Every patch submitted will be reviewed by ISC engineers following our code
review process before it is merged.

It may take considerable time to review patch submissions, especially if
they don't meet ISC style and quality guidelines. If a patch is a good
idea, we can and will do additional work to bring it up to par, but if
we're busy with other work, it may take us a long time to get to it.

To ensure your patch is acted on as promptly as possible, please:

  * Try to adhere to the BIND 9 coding style.
  * Run make check to ensure your change hasn't caused any functional
  * Document your work, both in the patch itself and in the accompanying
  * In patches that make non-trivial functional changes, include system
    tests if possible; when introducing or substantially altering a
    library API, include unit tests. See Testing for more information.

Changes to configure

If you need to make changes to configure, you should not edit it directly;
instead, edit, then run autoconf. Similarly, instead of
editing directly, edit and run autoheader.

When submitting a patch as a diff, it's fine to omit the configure diffs
to save space. Just send the diffs and we'll generate the new
configure during the review process.


All functional changes should be documented. There are three types of
documentation in the BIND source tree:

  * Man pages are kept alongside the source code for the commands they
    document, in files ending in .docbook; for example, the named man page
    is bin/named/named.docbook.
  * The BIND 9 Administrator Reference Manual is mostly in doc/arm/
    Bv9ARM-book.xml, plus a few other XML files that are included in it.
  * API documentation is in the header file describing the API, in
    Doxygen-formatted comments.

It is not necessary to edit any documentation files other than these; all
PDF, HTML, and nroff-format man page files will be updated automatically
from the docbook and XML files after merging.

Patches to improve existing documentation are also very welcome!


BIND is a large and complex project. We rely heavily on continuous
automated testing and cannot merge new code without adequate test
coverage. Please see the 'Testing' section of doc/dev/ for more


Thank you for your interest in contributing to the ongoing development of