From b9950c9c361c06f69dc508999ea6de8436a783ea Mon Sep 17 00:00:00 2001
From: Packit Service <user-cont-team+packit-service@redhat.com>
Date: Jan 27 2021 00:17:08 +0000
Subject: Apply patch bind-9.10-sdb.patch


patch_name: bind-9.10-sdb.patch
present_in_specfile: true

---

diff --git a/bin/Makefile.in b/bin/Makefile.in
index 26a7e4e..a465e70 100644
--- a/bin/Makefile.in
+++ b/bin/Makefile.in
@@ -11,8 +11,8 @@ srcdir =	@srcdir@
 VPATH =		@srcdir@
 top_srcdir =	@top_srcdir@
 
-SUBDIRS =	named named-pkcs11 rndc dig delv dnssec dnssec-pkcs11 tools nsupdate \
-		check confgen @NZD_TOOLS@ @PYTHON_TOOLS@ @PKCS11_TOOLS@ tests
+SUBDIRS =	named named-sdb named-pkcs11 rndc dig delv dnssec dnssec-pkcs11 tools nsupdate \
+		check confgen @NZD_TOOLS@ @PYTHON_TOOLS@ @PKCS11_TOOLS@ sdb_tools tests
 TARGETS =
 
 @BIND9_MAKE_RULES@
diff --git a/bin/named-sdb/Makefile.in b/bin/named-sdb/Makefile.in
index 0e00885..9fa3dea 100644
--- a/bin/named-sdb/Makefile.in
+++ b/bin/named-sdb/Makefile.in
@@ -30,10 +30,10 @@ VERSION=@BIND9_VERSION@
 #
 # Add database drivers here.
 #
-DBDRIVER_OBJS =
-DBDRIVER_SRCS =
+DBDRIVER_OBJS =	ldapdb.@O@ pgsqldb.@O@ sqlitedb.@O@ dirdb.@O@
+DBDRIVER_SRCS =	ldapdb.c pgsqldb.c sqlitedb.c dirdb.c
 DBDRIVER_INCLUDES =
-DBDRIVER_LIBS =
+DBDRIVER_LIBS =	-lldap -llber -lsqlite3 -lpq
 
 DLZ_DRIVER_DIR =	${top_srcdir}/contrib/dlz/drivers
 
@@ -80,7 +80,7 @@ NOSYMLIBS =	${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} \
 
 SUBDIRS =	unix
 
-TARGETS =	named@EXEEXT@ lwresd@EXEEXT@
+TARGETS =	named-sdb@EXEEXT@
 
 GEOIPLINKOBJS = geoip.@O@
 GEOIP2LINKOBJS = geoip.@O@
@@ -154,7 +154,7 @@ server.@O@: server.c
 		-DPRODUCT=\"${PRODUCT}\" \
 		-DVERSION=\"${VERSION}\" -c ${srcdir}/server.c
 
-named@EXEEXT@: ${OBJS} ${DEPLIBS}
+named-sdb@EXEEXT@: ${OBJS} ${DEPLIBS}
 	export MAKE_SYMTABLE="yes"; \
 	export BASEOBJS="${OBJS} ${UOBJS}"; \
 	${FINALBUILDCMD}
@@ -181,8 +181,6 @@ statschannel.@O@: bind9.xsl.h
 
 installdirs:
 	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${sbindir}
-	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${mandir}/man5
-	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${mandir}/man8
 
 install-man5: named.conf.5
 	${INSTALL_DATA} $^ ${DESTDIR}${mandir}/man5
@@ -192,16 +190,11 @@ install-man8: named.8 lwresd.8
 
 install-man: install-man5 install-man8
 
-install:: named@EXEEXT@ lwresd@EXEEXT@ installdirs install-man
-	${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named@EXEEXT@ ${DESTDIR}${sbindir}
-	(cd ${DESTDIR}${sbindir}; rm -f lwresd@EXEEXT@; @LN@ named@EXEEXT@ lwresd@EXEEXT@)
+install:: ${TARGETS} installdirs
+	${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} named-sdb@EXEEXT@ ${DESTDIR}${sbindir}
 
 uninstall::
-	rm -f ${DESTDIR}${mandir}/man5/named.conf.5
-	rm -f ${DESTDIR}${mandir}/man8/lwresd.8
-	rm -f ${DESTDIR}${mandir}/man8/named.8
-	rm -f ${DESTDIR}${sbindir}/lwresd@EXEEXT@
-	${LIBTOOL_MODE_UNINSTALL} rm -f ${DESTDIR}${sbindir}/named@EXEEXT@
+	${LIBTOOL_MODE_UNINSTALL} rm -f ${DESTDIR}${sbindir}/named-sdb@EXEEXT@
 
 @DLZ_DRIVER_RULES@
 
diff --git a/bin/named-sdb/dirdb.c b/bin/named-sdb/dirdb.c
new file mode 100644
index 0000000..9a23e09
--- /dev/null
+++ b/bin/named-sdb/dirdb.c
@@ -0,0 +1,200 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+
+/*
+ * A simple database driver that returns basic information about
+ * files and directories in the Unix file system as DNS data.
+ */
+
+#include <config.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/stat.h>
+#include <sys/sysmacros.h>
+
+#include <isc/mem.h>
+#include <isc/print.h>
+#include <isc/result.h>
+#include <isc/util.h>
+
+#include <dns/sdb.h>
+
+#include <named/globals.h>
+
+#include "dirdb.h"
+
+static dns_sdbimplementation_t *dirdb = NULL;
+
+#define CHECK(op)						\
+	do { result = (op);					\
+		if (result != ISC_R_SUCCESS) return (result);	\
+	} while (0)
+
+#define CHECKN(op)						\
+	do { n = (op);						\
+		if (n < 0) return (ISC_R_FAILURE);		\
+	} while (0)
+
+
+/*
+ * This database operates on relative names.
+ *
+ * Any name will be interpreted as a pathname offset from the directory
+ * specified in the configuration file.
+ */
+#ifdef DNS_CLIENTINFO_VERSION
+static isc_result_t
+dirdb_lookup(const char *zone, const char *name, void *dbdata,
+	      dns_sdblookup_t *lookup, dns_clientinfomethods_t *methods,
+	      dns_clientinfo_t *clientinfo)
+#else
+static isc_result_t
+dirdb_lookup(const char *zone, const char *name, void *dbdata,
+	      dns_sdblookup_t *lookup)
+#endif /* DNS_CLIENTINFO_VERSION */
+{
+	char filename[255];
+	char filename2[255];
+	char buf[1024];
+	struct stat statbuf;
+	isc_result_t result;
+	int n;
+
+	UNUSED(zone);
+	UNUSED(dbdata);
+#ifdef DNS_CLIENTINFO_VERSION
+	UNUSED(methods);
+	UNUSED(clientinfo);
+#endif /* DNS_CLIENTINFO_VERSION */
+
+	if (strcmp(name, "@") == 0)
+		snprintf(filename, sizeof(filename), "%s", (char *)dbdata);
+	else
+		snprintf(filename, sizeof(filename), "%s/%s",
+			 (char *)dbdata, name);
+	CHECKN(lstat(filename, &statbuf));
+
+	if (S_ISDIR(statbuf.st_mode))
+		CHECK(dns_sdb_putrr(lookup, "txt", 3600, "dir"));
+	else if (S_ISCHR(statbuf.st_mode) || S_ISBLK(statbuf.st_mode)) {
+		CHECKN(snprintf(buf, sizeof(buf),
+				"\"%sdev\" \"major %d\" \"minor %d\"",
+				S_ISCHR(statbuf.st_mode) ? "chr" : "blk",
+				major(statbuf.st_rdev),
+				minor(statbuf.st_rdev)));
+		CHECK(dns_sdb_putrr(lookup, "txt", 3600, buf));
+	} else if (S_ISFIFO(statbuf.st_mode))
+		CHECK(dns_sdb_putrr(lookup, "txt", 3600, "pipe"));
+	else if (S_ISSOCK(statbuf.st_mode))
+		CHECK(dns_sdb_putrr(lookup, "txt", 3600, "socket"));
+	else if (S_ISLNK(statbuf.st_mode)) {
+		CHECKN(readlink(filename, filename2, sizeof(filename2) - 1));
+		buf[n] = 0;
+		CHECKN(snprintf(buf, sizeof(buf), "\"symlink\" \"%s\"",
+				filename2));
+		CHECK(dns_sdb_putrr(lookup, "txt", 3600, buf));
+	} else if (!S_ISREG(statbuf.st_mode))
+		CHECK(dns_sdb_putrr(lookup, "txt", 3600, "unknown"));
+	else {
+		CHECKN(snprintf(buf, sizeof(buf), "\"file\" \"size = %u\"",
+			 (unsigned int)statbuf.st_size));
+		CHECK(dns_sdb_putrr(lookup, "txt", 3600, buf));
+	}
+
+	return (ISC_R_SUCCESS);
+}
+
+/*
+ * lookup () does not return SOA or NS records, so authority() must be defined.
+ */
+static isc_result_t
+dirdb_authority(const char *zone, void *dbdata, dns_sdblookup_t *lookup) {
+	isc_result_t result;
+
+	UNUSED(zone);
+	UNUSED(dbdata);
+
+	result = dns_sdb_putsoa(lookup, "ns", "hostmaster", 0);
+	INSIST(result == ISC_R_SUCCESS);
+	result = dns_sdb_putrr(lookup, "ns", 86400, "ns1");
+	INSIST(result == ISC_R_SUCCESS);
+	result = dns_sdb_putrr(lookup, "ns", 86400, "ns2");
+	INSIST(result == ISC_R_SUCCESS);
+	return (ISC_R_SUCCESS);
+}
+
+/*
+ * Each database stores the top-level directory as the dbdata opaque
+ * object.  The create() function allocates it.  argv[0] holds the top
+ * level directory.
+ */
+static isc_result_t
+dirdb_create(const char *zone, int argc, char **argv,
+	     void *driverdata, void **dbdata)
+{
+	UNUSED(zone);
+	UNUSED(driverdata);
+
+	if (argc < 1)
+		return (ISC_R_FAILURE);
+	*dbdata = isc_mem_strdup((isc_mem_t *)driverdata, argv[0]);
+	if (*dbdata == NULL)
+		return (ISC_R_NOMEMORY);
+	return (ISC_R_SUCCESS);
+}
+
+/*
+ * The destroy() function frees the memory allocated by create().
+ */
+static void
+dirdb_destroy(const char *zone, void *driverdata, void **dbdata) {
+	UNUSED(zone);
+	UNUSED(driverdata);
+	isc_mem_free((isc_mem_t *)driverdata, *dbdata);
+}
+
+/*
+ * This zone does not support zone transfer, so allnodes() is NULL.
+ */
+static dns_sdbmethods_t dirdb_methods = {
+	dirdb_lookup,
+	dirdb_authority,
+	NULL, /* allnodes */
+	dirdb_create,
+	dirdb_destroy,
+	NULL /* lookup2 */
+};
+
+/*
+ * Wrapper around dns_sdb_register().  Note that the first ns_g_mctx is
+ * being passed as the "driverdata" parameter, so that will it will be
+ * passed to create() and destroy().
+ */
+isc_result_t
+dirdb_init(void) {
+	unsigned int flags;
+	flags = DNS_SDBFLAG_RELATIVEOWNER | DNS_SDBFLAG_RELATIVERDATA |
+		DNS_SDBFLAG_THREADSAFE;
+	return (dns_sdb_register("dir", &dirdb_methods, ns_g_mctx, flags,
+				 ns_g_mctx, &dirdb));
+}
+
+/*
+ * Wrapper around dns_sdb_unregister().
+ */
+void
+dirdb_clear(void) {
+	if (dirdb != NULL)
+		dns_sdb_unregister(&dirdb);
+}
diff --git a/bin/named-sdb/dirdb.h b/bin/named-sdb/dirdb.h
new file mode 100644
index 0000000..3f0421f
--- /dev/null
+++ b/bin/named-sdb/dirdb.h
@@ -0,0 +1,18 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+
+#include <isc/types.h>
+
+isc_result_t dirdb_init(void);
+
+void dirdb_clear(void);
+
diff --git a/bin/named-sdb/ldapdb.c b/bin/named-sdb/ldapdb.c
new file mode 100644
index 0000000..62d3fb4
--- /dev/null
+++ b/bin/named-sdb/ldapdb.c
@@ -0,0 +1,691 @@
+/*
+ * ldapdb.c version 1.0-beta
+ *
+ * Copyright (C) 2002, 2004 Stig Venaas
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * Contributors: Jeremy C. McDermond
+ */
+
+/*
+ * If you want to use TLS, uncomment the define below
+ */
+/* #define LDAPDB_TLS */
+
+/*
+ * If you are using an old LDAP API uncomment the define below. Only do this
+ * if you know what you're doing or get compilation errors on ldap_memfree().
+ * This also forces LDAPv2.
+ */
+/* #define LDAPDB_RFC1823API */
+
+/* Using LDAPv3 by default, change this if you want v2 */
+#ifndef LDAPDB_LDAP_VERSION
+#define LDAPDB_LDAP_VERSION 3
+#define LDAP_DEPRECATED 1
+#endif
+
+#include <config.h>
+
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <ctype.h>
+
+#include <isc/mem.h>
+#include <isc/print.h>
+#include <isc/result.h>
+#include <isc/util.h>
+#include <isc/thread.h>
+
+#include <dns/sdb.h>
+
+#include <named/globals.h>
+#include <named/log.h>
+
+#include <ldap.h>
+#include "ldapdb.h"
+
+/*
+ * A simple database driver for LDAP
+ */ 
+
+/* enough for name with 8 labels of max length */
+#define MAXNAMELEN 519
+
+static dns_sdbimplementation_t *ldapdb = NULL;
+
+struct ldapdb_data {
+	char *hostport;
+	char *hostname;
+	int portno;
+	char *base;
+	int defaultttl;
+	char *filterall;
+	int filteralllen;
+	char *filterone;
+	int filteronelen;
+	char *filtername;
+	char *bindname;
+	char *bindpw;
+#ifdef LDAPDB_TLS
+	int tls;
+#endif
+};
+
+/* used by ldapdb_getconn */
+
+struct ldapdb_entry {
+	void *index;
+	size_t size;
+	void *data;
+	struct ldapdb_entry *next;
+};
+
+static struct ldapdb_entry *ldapdb_find(struct ldapdb_entry *stack,
+					const void *index, size_t size) {
+	while (stack != NULL) {
+		if (stack->size == size && !memcmp(stack->index, index, size))
+			return stack;
+		stack = stack->next;
+	}
+	return NULL;
+}
+
+static void ldapdb_insert(struct ldapdb_entry **stack,
+			  struct ldapdb_entry *item) {
+	item->next = *stack;
+	*stack = item;
+}
+
+static void ldapdb_lock(int what) {
+	static isc_mutex_t lock;
+
+	switch (what) {
+	case 0:
+		isc_mutex_init(&lock);
+		break;
+	case 1:
+		LOCK(&lock);
+		break;
+	case -1:
+		UNLOCK(&lock);
+		break;
+	}
+}
+
+/* data == NULL means cleanup */
+static LDAP **
+ldapdb_getconn(struct ldapdb_data *data)
+{
+	static struct ldapdb_entry *allthreadsdata = NULL;
+	struct ldapdb_entry *threaddata, *conndata;
+	unsigned long threadid;
+
+	if (data == NULL) {
+		/* cleanup */
+		/* lock out other threads */
+		ldapdb_lock(1);
+		while (allthreadsdata != NULL) {
+			threaddata = allthreadsdata;
+			free(threaddata->index);
+			while (threaddata->data != NULL) {
+				conndata = threaddata->data;
+				if (conndata->data != NULL)
+					ldap_unbind((LDAP *)conndata->data);
+				threaddata->data = conndata->next;
+				free(conndata);
+			}
+			allthreadsdata = threaddata->next;
+			free(threaddata);
+		}
+		ldapdb_lock(-1);
+		return (NULL);
+	}
+
+	/* look for connection data for current thread */
+	threadid = isc_thread_self();
+	threaddata = ldapdb_find(allthreadsdata, &threadid, sizeof(threadid));
+	if (threaddata == NULL) {
+		/* no data for this thread, create empty connection list */
+		threaddata = malloc(sizeof(*threaddata));
+		if (threaddata == NULL)
+			return (NULL);
+		threaddata->index = malloc(sizeof(threadid));
+		if (threaddata->index == NULL) {
+			free(threaddata);
+			return (NULL);
+		}
+		*(unsigned long *)threaddata->index = threadid;
+		threaddata->size = sizeof(threadid);
+		threaddata->data = NULL;
+
+		/* need to lock out other threads here */
+		ldapdb_lock(1);
+		ldapdb_insert(&allthreadsdata, threaddata);
+		ldapdb_lock(-1);
+	}
+
+	/* threaddata points at the connection list for current thread */
+	/* look for existing connection to our server */
+	conndata = ldapdb_find((struct ldapdb_entry *)threaddata->data,
+			       data->hostport, strlen(data->hostport));
+	if (conndata == NULL) {
+		/* no connection data structure for this server, create one */
+		conndata = malloc(sizeof(*conndata));
+		if (conndata == NULL)
+			return (NULL);
+		conndata->index = data->hostport;
+		conndata->size = strlen(data->hostport);
+		conndata->data = NULL;
+		ldapdb_insert((struct ldapdb_entry **)&threaddata->data,
+			      conndata);
+	}
+
+	return (LDAP **)&conndata->data;
+}
+
+static void
+ldapdb_bind(struct ldapdb_data *data, LDAP **ldp)
+{
+#ifndef LDAPDB_RFC1823API
+	const int ver = LDAPDB_LDAP_VERSION;
+#endif
+
+	if (*ldp != NULL)
+		ldap_unbind(*ldp);
+	*ldp = ldap_open(data->hostname, data->portno);
+	if (*ldp == NULL)
+		return;
+
+#ifndef LDAPDB_RFC1823API
+	ldap_set_option(*ldp, LDAP_OPT_PROTOCOL_VERSION, &ver);
+#endif
+
+#ifdef LDAPDB_TLS
+	if (data->tls) {
+		ldap_start_tls_s(*ldp, NULL, NULL);
+	}
+#endif
+
+	if (ldap_simple_bind_s(*ldp, data->bindname, data->bindpw) != LDAP_SUCCESS) {
+		ldap_unbind(*ldp);
+		*ldp = NULL;
+	}
+}
+
+#ifdef DNS_CLIENTINFO_VERSION
+static isc_result_t
+ldapdb_search(const char *zone, const char *name, void *dbdata, void *retdata,
+	      dns_clientinfomethods_t *methods, dns_clientinfo_t *clientinfo)
+#else
+static isc_result_t
+ldapdb_search(const char *zone, const char *name, void *dbdata, void *retdata,
+	      void *methods, void *clientinfo)
+#endif /* DNS_CLIENTINFO_VERSION */
+{
+	struct ldapdb_data *data = dbdata;
+	isc_result_t result = ISC_R_NOTFOUND;
+	LDAP **ldp;
+	LDAPMessage *res, *e;
+	char *fltr, *a, **vals = NULL, **names = NULL;
+	char type[64];
+#ifdef LDAPDB_RFC1823API
+	void *ptr;
+#else
+	BerElement *ptr;
+#endif
+	int i, j, errno, msgid;
+
+	UNUSED(methods);
+	UNUSED(clientinfo);
+
+	ldp = ldapdb_getconn(data);
+	if (ldp == NULL)
+		return (ISC_R_FAILURE);
+	if (*ldp == NULL) {
+		ldapdb_bind(data, ldp);
+		if (*ldp == NULL) {
+			isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,	
+				      "LDAP sdb zone '%s': bind failed", zone);
+			return (ISC_R_FAILURE);
+		}
+	}
+
+	if (name == NULL) {
+		fltr = data->filterall;
+	} else {
+		if (strlen(name) > MAXNAMELEN) {
+			isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
+                                      "LDAP sdb zone '%s': name %s too long", zone, name);
+			return (ISC_R_FAILURE);
+		}
+		sprintf(data->filtername, "%s))", name);
+		fltr = data->filterone;
+	}
+
+	msgid = ldap_search(*ldp, data->base, LDAP_SCOPE_SUBTREE, fltr, NULL, 0);
+	if (msgid == -1) {
+		ldapdb_bind(data, ldp);
+		if (*ldp != NULL)
+			msgid = ldap_search(*ldp, data->base, LDAP_SCOPE_SUBTREE, fltr, NULL, 0);
+	}
+
+	if (*ldp == NULL || msgid == -1) {
+		isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,	
+			      "LDAP sdb zone '%s': search failed, filter %s", zone, fltr);
+		return (ISC_R_FAILURE);
+	}
+
+	/* Get the records one by one as they arrive and return them to bind */
+	while ((errno = ldap_result(*ldp, msgid, 0, NULL, &res)) != LDAP_RES_SEARCH_RESULT ) {
+		LDAP *ld = *ldp;
+		int ttl = data->defaultttl;
+
+		/* not supporting continuation references at present */
+		if (errno != LDAP_RES_SEARCH_ENTRY) {
+			isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,	
+				      "LDAP sdb zone '%s': ldap_result returned %d", zone, errno);
+			ldap_msgfree(res);
+			return (ISC_R_FAILURE);
+                }
+
+		/* only one entry per result message */
+		e = ldap_first_entry(ld, res);
+		if (e == NULL) {
+			ldap_msgfree(res);
+			isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,	
+				      "LDAP sdb zone '%s': ldap_first_entry failed", zone);
+			return (ISC_R_FAILURE);
+                }
+
+		if (name == NULL) {
+			names = ldap_get_values(ld, e, "relativeDomainName");
+			if (names == NULL)
+				continue;
+		}
+
+		vals = ldap_get_values(ld, e, "dNSTTL");
+		if (vals != NULL) {
+			ttl = atoi(vals[0]);
+			ldap_value_free(vals);
+		}
+
+		for (a = ldap_first_attribute(ld, e, &ptr); a != NULL; a = ldap_next_attribute(ld, e, ptr)) {
+			char *s;
+
+			for (s = a; *s; s++)
+				*s = toupper(*s);
+			s = strstr(a, "RECORD");
+			if ((s == NULL) || (s == a) || (s - a >= (signed int)sizeof(type))) {
+#ifndef LDAPDB_RFC1823API
+				ldap_memfree(a);
+#endif
+				continue;
+			}
+
+			strncpy(type, a, s - a);
+			type[s - a] = '\0';
+			vals = ldap_get_values(ld, e, a);
+			if (vals != NULL) {
+				for (i = 0; vals[i] != NULL; i++) {
+					if (name != NULL) {
+						result = dns_sdb_putrr(retdata, type, ttl, vals[i]);
+					} else {
+						for (j = 0; names[j] != NULL; j++) {
+							result = dns_sdb_putnamedrr(retdata, names[j], type, ttl, vals[i]);
+							if (result != ISC_R_SUCCESS)
+								break;
+						}
+					}
+;					if (result != ISC_R_SUCCESS) {
+						isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,	
+							      "LDAP sdb zone '%s': dns_sdb_put... failed for %s", zone, vals[i]);
+						ldap_value_free(vals);
+#ifndef LDAPDB_RFC1823API
+						ldap_memfree(a);
+						if (ptr != NULL)
+							ber_free(ptr, 0);
+#endif
+						if (name == NULL)
+							ldap_value_free(names);
+						ldap_msgfree(res);
+						return (ISC_R_FAILURE);
+					}
+				}
+				ldap_value_free(vals);
+			}
+#ifndef LDAPDB_RFC1823API
+			ldap_memfree(a);
+#endif
+		}
+#ifndef LDAPDB_RFC1823API
+		if (ptr != NULL)
+			ber_free(ptr, 0);
+#endif
+		if (name == NULL)
+			ldap_value_free(names);
+
+		/* free this result */
+		ldap_msgfree(res);
+	}
+
+	/* free final result */
+	ldap_msgfree(res);
+        return (result);
+}
+
+
+/* callback routines */
+#ifdef DNS_CLIENTINFO_VERSION
+static isc_result_t
+ldapdb_lookup(const char *zone, const char *name, void *dbdata,
+	      dns_sdblookup_t *lookup, dns_clientinfomethods_t *methods,
+	      dns_clientinfo_t *clientinfo)
+{
+	UNUSED(methods);
+	UNUSED(clientinfo);
+	return (ldapdb_search(zone, name, dbdata, lookup, NULL, NULL));
+}
+#else
+static isc_result_t
+ldapdb_lookup(const char *zone, const char *name, void *dbdata,
+	      dns_sdblookup_t *lookup)
+{
+	return (ldapdb_search(zone, name, dbdata, lookup, methods,
+			      clientinfo));
+}
+#endif /* DNS_CLIENTINFO_VERSION */
+
+static isc_result_t
+ldapdb_allnodes(const char *zone, void *dbdata,
+		dns_sdballnodes_t *allnodes)
+{
+	return (ldapdb_search(zone, NULL, dbdata, allnodes, NULL, NULL));
+}
+
+static char *
+unhex(char *in)
+{
+	static const char hexdigits[] = "0123456789abcdef";
+	char *p, *s = in;
+	int d1, d2;
+
+	while ((s = strchr(s, '%'))) {
+		if (!(s[1] && s[2]))
+			return NULL;
+		if ((p = strchr(hexdigits, tolower(s[1]))) == NULL)
+			return NULL;
+		d1 = p - hexdigits;
+		if ((p = strchr(hexdigits, tolower(s[2]))) == NULL)
+			return NULL;
+		d2 = p - hexdigits;
+		*s++ = d1 << 4 | d2;
+		memmove(s, s + 2, strlen(s) - 1);
+	}
+	return in;
+}
+
+/* returns 0 for ok, -1 for bad syntax, -2 for unknown critical extension */
+static int
+parseextensions(char *extensions, struct ldapdb_data *data)
+{
+	char *s, *next, *name, *value;
+	int critical;
+
+	while (extensions != NULL) {
+		s = strchr(extensions, ',');
+		if (s != NULL) {
+			*s++ = '\0';
+			next = s;
+		} else {
+			next = NULL;
+		}
+
+		if (*extensions != '\0') {
+			s = strchr(extensions, '=');
+			if (s != NULL) {
+				*s++ = '\0';
+				value = *s != '\0' ? s : NULL;
+			} else {
+				value = NULL;
+			}
+			name = extensions;
+
+			critical = *name == '!';
+			if (critical) {
+				name++;
+			}
+			if (*name == '\0') {
+				return -1;
+			}
+			
+			if (!strcasecmp(name, "bindname")) {
+				data->bindname = value;
+			} else if (!strcasecmp(name, "x-bindpw")) {
+				data->bindpw = value;
+#ifdef LDAPDB_TLS
+			} else if (!strcasecmp(name, "x-tls")) {
+				data->tls = value == NULL || !strcasecmp(value, "true");
+#endif
+			} else if (critical) {
+				return -2;
+			}
+		}
+		extensions = next;
+	}
+	return 0;
+}
+
+static void
+free_data(struct ldapdb_data *data)
+{
+	if (data->hostport != NULL)
+		isc_mem_free(ns_g_mctx, data->hostport);
+	if (data->hostname != NULL)
+		isc_mem_free(ns_g_mctx, data->hostname);
+	if (data->filterall != NULL)
+		isc_mem_put(ns_g_mctx, data->filterall, data->filteralllen);
+	if (data->filterone != NULL)
+		isc_mem_put(ns_g_mctx, data->filterone, data->filteronelen);
+        isc_mem_put(ns_g_mctx, data, sizeof(struct ldapdb_data));
+}
+
+
+static isc_result_t
+ldapdb_create(const char *zone, int argc, char **argv,
+	      void *driverdata, void **dbdata)
+{
+	struct ldapdb_data *data;
+	char *s, *filter = NULL, *extensions = NULL;
+	int defaultttl;
+
+	UNUSED(driverdata);
+
+	/* we assume that only one thread will call create at a time */
+	/* want to do this only once for all instances */
+
+	if ((argc < 2)
+	    || (argv[0] != strstr( argv[0], "ldap://"))
+	    || ((defaultttl = atoi(argv[1])) < 1))
+                return (ISC_R_FAILURE);
+        data = isc_mem_get(ns_g_mctx, sizeof(struct ldapdb_data));
+        if (data == NULL)
+                return (ISC_R_NOMEMORY);
+
+	memset(data, 0, sizeof(struct ldapdb_data));
+	data->hostport = isc_mem_strdup(ns_g_mctx, argv[0] + strlen("ldap://"));
+	if (data->hostport == NULL) {
+		free_data(data);
+		return (ISC_R_NOMEMORY);
+	}
+
+	data->defaultttl = defaultttl;
+
+	s = strchr(data->hostport, '/');
+	if (s != NULL) {
+		*s++ = '\0';
+		data->base = s;
+		/* attrs, scope, filter etc? */
+		s = strchr(s, '?');
+		if (s != NULL) {
+			*s++ = '\0';
+			/* ignore attributes */
+			s = strchr(s, '?');
+			if (s != NULL) {
+				*s++ = '\0';
+				/* ignore scope */
+				s = strchr(s, '?');
+				if (s != NULL) {
+					*s++ = '\0';
+					/* filter */
+					filter = s;
+					s = strchr(s, '?');
+					if (s != NULL) {
+						*s++ = '\0';
+						/* extensions */
+						extensions = s;
+						s = strchr(s, '?');
+						if (s != NULL) {
+							*s++ = '\0';
+						}
+						if (*extensions == '\0') {
+							extensions = NULL;
+						}
+					}
+					if (*filter == '\0') {
+						filter = NULL;
+					}
+				}
+			}
+		}
+		if (*data->base == '\0') {
+			data->base = NULL;
+		}
+	}
+
+	/* parse extensions */
+	if (extensions != NULL) {
+		int err;
+
+		err = parseextensions(extensions, data);
+		if (err < 0) {
+			/* err should be -1 or -2 */
+			free_data(data);
+			if (err == -1) {
+				isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
+					      "LDAP sdb zone '%s': URL: extension syntax error", zone);
+			} else if (err == -2) {
+				isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,
+					      "LDAP sdb zone '%s': URL: unknown critical extension", zone);
+			}
+			return (ISC_R_FAILURE);
+		}
+	}
+
+	if ((data->base != NULL && unhex(data->base) == NULL) ||
+	    (filter != NULL && unhex(filter) == NULL) ||
+	    (data->bindname != NULL && unhex(data->bindname) == NULL) ||
+	    (data->bindpw != NULL && unhex(data->bindpw) == NULL)) {
+		free_data(data);
+		isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_SERVER, ISC_LOG_ERROR,	
+			      "LDAP sdb zone '%s': URL: bad hex values", zone);
+		return (ISC_R_FAILURE);
+	}
+
+	/* compute filterall and filterone once and for all */
+	if (filter == NULL) {
+		data->filteralllen = strlen(zone) + strlen("(zoneName=)") + 1;
+		data->filteronelen = strlen(zone) + strlen("(&(zoneName=)(relativeDomainName=))") + MAXNAMELEN + 1;
+	} else {
+		data->filteralllen = strlen(filter) + strlen(zone) + strlen("(&(zoneName=))") + 1;
+		data->filteronelen = strlen(filter) + strlen(zone) + strlen("(&(zoneName=)(relativeDomainName=))") + MAXNAMELEN + 1;
+	}
+
+	data->filterall = isc_mem_get(ns_g_mctx, data->filteralllen);
+	if (data->filterall == NULL) {
+		free_data(data);
+		return (ISC_R_NOMEMORY);
+	}
+	data->filterone = isc_mem_get(ns_g_mctx, data->filteronelen);
+	if (data->filterone == NULL) {
+		free_data(data);
+		return (ISC_R_NOMEMORY);
+	}
+
+	if (filter == NULL) {
+		sprintf(data->filterall, "(zoneName=%s)", zone);
+		sprintf(data->filterone, "(&(zoneName=%s)(relativeDomainName=", zone); 
+	} else {
+		sprintf(data->filterall, "(&%s(zoneName=%s))", filter, zone);
+		sprintf(data->filterone, "(&%s(zoneName=%s)(relativeDomainName=", filter, zone);
+	}
+	data->filtername = data->filterone + strlen(data->filterone);
+
+	/* support URLs with literal IPv6 addresses */
+	data->hostname = isc_mem_strdup(ns_g_mctx, data->hostport + (*data->hostport == '[' ? 1 : 0));
+	if (data->hostname == NULL) {
+		free_data(data);
+		return (ISC_R_NOMEMORY);
+	}
+
+	if (*data->hostport == '[' &&
+	    (s = strchr(data->hostname, ']')) != NULL )
+		*s++ = '\0';
+	else
+		s = data->hostname;
+	s = strchr(s, ':');
+	if (s != NULL) {
+		*s++ = '\0';
+		data->portno = atoi(s);
+	} else
+		data->portno = LDAP_PORT;
+
+	*dbdata = data;
+	return (ISC_R_SUCCESS);
+}
+
+static void
+ldapdb_destroy(const char *zone, void *driverdata, void **dbdata) {
+	struct ldapdb_data *data = *dbdata;
+	
+        UNUSED(zone);
+        UNUSED(driverdata);
+
+	free_data(data);
+}
+
+static dns_sdbmethods_t ldapdb_methods = {
+	ldapdb_lookup,
+	NULL, /* authority */
+	ldapdb_allnodes,
+	ldapdb_create,
+	ldapdb_destroy,
+	NULL /* lookup2 */
+};
+
+/* Wrapper around dns_sdb_register() */
+isc_result_t
+ldapdb_init(void) {
+	unsigned int flags =
+		DNS_SDBFLAG_RELATIVEOWNER |
+		DNS_SDBFLAG_RELATIVERDATA |
+		DNS_SDBFLAG_THREADSAFE;
+
+	ldapdb_lock(0);
+	return (dns_sdb_register("ldap", &ldapdb_methods, NULL, flags,
+				 ns_g_mctx, &ldapdb));
+}
+
+/* Wrapper around dns_sdb_unregister() */
+void
+ldapdb_clear(void) {
+	if (ldapdb != NULL) {
+		/* clean up thread data */
+		ldapdb_getconn(NULL);
+		dns_sdb_unregister(&ldapdb);
+	}
+}
diff --git a/bin/named-sdb/ldapdb.h b/bin/named-sdb/ldapdb.h
new file mode 100644
index 0000000..a08eb20
--- /dev/null
+++ b/bin/named-sdb/ldapdb.h
@@ -0,0 +1,6 @@
+#include <isc/types.h>
+
+isc_result_t ldapdb_init(void);
+
+void ldapdb_clear(void);
+
diff --git a/bin/named-sdb/main.c b/bin/named-sdb/main.c
index d9127cd..28c50d3 100644
--- a/bin/named-sdb/main.c
+++ b/bin/named-sdb/main.c
@@ -97,6 +97,10 @@
  * Include header files for database drivers here.
  */
 /* #include "xxdb.h" */
+#include "ldapdb.h"
+#include "pgsqldb.h"
+#include "sqlitedb.h"
+#include "dirdb.h"
 
 #ifdef CONTRIB_DLZ
 /*
@@ -1134,6 +1138,11 @@ setup(void) {
 		ns_main_earlyfatal("isc_app_start() failed: %s",
 				   isc_result_totext(result));
 
+	ldapdb_clear();
+	pgsqldb_clear();
+	dirdb_clear();
+	sqlitedb_clear();
+
 	isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
 		      ISC_LOG_NOTICE, "starting %s %s%s%s <id:%s>",
 		      ns_g_product, ns_g_version,
@@ -1334,6 +1343,75 @@ setup(void) {
 				   isc_result_totext(result));
 #endif
 
+        result = ldapdb_init();
+        if (result != ISC_R_SUCCESS)
+        {
+            isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+                          ISC_LOG_ERROR, 
+                          "SDB ldap module initialisation failed: %s.",
+                          isc_result_totext(result)
+                );
+            isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+                          ISC_LOG_ERROR, 
+                          "SDB ldap zone database will be unavailable."
+                );
+        }else
+            isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+                          ISC_LOG_NOTICE, "SDB ldap zone database module loaded."
+                         );
+
+        result = pgsqldb_init();
+        if (result != ISC_R_SUCCESS)
+        {
+            isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+                          ISC_LOG_ERROR, 
+                          "SDB pgsql module initialisation failed: %s.",
+                          isc_result_totext(result)
+                );
+            isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+                          ISC_LOG_ERROR, 
+                          "SDB pgsql zone database will be unavailable."
+                );
+        }else
+            isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+                          ISC_LOG_NOTICE, "SDB postgreSQL DB zone database module loaded."
+                         );
+
+        result = sqlitedb_init();
+        if (result != ISC_R_SUCCESS)
+        {
+             isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+                          ISC_LOG_ERROR, 
+                          "SDB sqlite3 module initialisation failed: %s.",
+                          isc_result_totext(result)
+                );
+            isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+                          ISC_LOG_ERROR, 
+                          "SDB sqlite3 zone database will be unavailable."
+                );
+        }else
+            isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+                          ISC_LOG_NOTICE, "SDB sqlite3 DB zone database module loaded."
+                         );
+
+        result = dirdb_init();
+        if (result != ISC_R_SUCCESS)
+        {
+            isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+                          ISC_LOG_ERROR, 
+                          "SDB directory DB module initialisation failed: %s.",
+                          isc_result_totext(result)
+                );
+            isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+                          ISC_LOG_ERROR, 
+                          "SDB directory DB zone database will be unavailable."
+                );
+        }else
+            isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
+                          ISC_LOG_NOTICE, "SDB directory DB zone database module loaded."
+                         );
+
+
 	ns_server_create(ns_g_mctx, &ns_g_server);
 
 #ifdef HAVE_LIBSECCOMP
@@ -1376,6 +1454,11 @@ cleanup(void) {
 
 	dns_name_destroy();
 
+	ldapdb_clear();
+	pgsqldb_clear();
+	sqlitedb_clear();
+	dirdb_clear();
+
 	isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN,
 		      ISC_LOG_NOTICE, "exiting");
 	ns_log_shutdown();
diff --git a/bin/named-sdb/pgsqldb.c b/bin/named-sdb/pgsqldb.c
new file mode 100644
index 0000000..e276912
--- /dev/null
+++ b/bin/named-sdb/pgsqldb.c
@@ -0,0 +1,353 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+
+#include <config.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include <libpq-fe.h>
+
+#include <isc/mem.h>
+#include <isc/print.h>
+#include <isc/result.h>
+#include <isc/util.h>
+
+#include <dns/sdb.h>
+#include <dns/result.h>
+
+#include <named/globals.h>
+
+#include "pgsqldb.h"
+
+/*
+ * A simple database driver that interfaces to a PostgreSQL database.  This
+ * is not complete, and not designed for general use.  It opens one
+ * connection to the database per zone, which is inefficient.  It also may
+ * not handle quoting correctly.
+ *
+ * The table must contain the fields "name", "rdtype", and "rdata", and
+ * is expected to contain a properly constructed zone.  The program "zonetodb"
+ * creates such a table.
+ */
+
+static dns_sdbimplementation_t *pgsqldb = NULL;
+
+struct dbinfo {
+	PGconn *conn;
+	char *database;
+	char *table;
+	char *host;
+	char *user;
+	char *passwd;
+};
+
+static void
+pgsqldb_destroy(const char *zone, void *driverdata, void **dbdata);
+
+/*
+ * Canonicalize a string before writing it to the database.
+ * "dest" must be an array of at least size 2*strlen(source) + 1.
+ */
+static void
+quotestring(const char *source, char *dest) {
+	while (*source != 0) {
+		if (*source == '\'')
+			*dest++ = '\'';
+		/* SQL doesn't treat \ as special, but PostgreSQL does */
+		else if (*source == '\\')
+			*dest++ = '\\';
+		*dest++ = *source++;
+	}
+	*dest++ = 0;
+}
+
+/*
+ * Connect to the database.
+ */
+static isc_result_t
+db_connect(struct dbinfo *dbi) {
+	dbi->conn = PQsetdbLogin(dbi->host, NULL, NULL, NULL, dbi->database,
+				 dbi->user, dbi->passwd);
+
+	if (PQstatus(dbi->conn) == CONNECTION_OK)
+		return (ISC_R_SUCCESS);
+	else
+		return (ISC_R_FAILURE);
+}
+
+/*
+ * Check to see if the connection is still valid.  If not, attempt to
+ * reconnect.
+ */
+static isc_result_t
+maybe_reconnect(struct dbinfo *dbi) {
+	if (PQstatus(dbi->conn) == CONNECTION_OK)
+		return (ISC_R_SUCCESS);
+
+	return (db_connect(dbi));
+}
+
+/*
+ * This database operates on absolute names.
+ *
+ * Queries are converted into SQL queries and issued synchronously.  Errors
+ * are handled really badly.
+ */
+#ifdef DNS_CLIENTINFO_VERSION
+static isc_result_t
+pgsqldb_lookup(const char *zone, const char *name, void *dbdata,
+	       dns_sdblookup_t *lookup, dns_clientinfomethods_t *methods,
+	       dns_clientinfo_t *clientinfo)
+#else
+static isc_result_t
+pgsqldb_lookup(const char *zone, const char *name, void *dbdata,
+	       dns_sdblookup_t *lookup)
+#endif /* DNS_CLIENTINFO_VERSION */
+{
+	isc_result_t result;
+	struct dbinfo *dbi = dbdata;
+	PGresult *res;
+	char str[1500];
+	char *canonname;
+	int i;
+
+	UNUSED(zone);
+#ifdef DNS_CLIENTINFO_VERSION
+	UNUSED(methods);
+	UNUSED(clientinfo);
+#endif /* DNS_CLIENTINFO_VERSION */
+
+	canonname = isc_mem_get(ns_g_mctx, strlen(name) * 2 + 1);
+	if (canonname == NULL)
+		return (ISC_R_NOMEMORY);
+	quotestring(name, canonname);
+	snprintf(str, sizeof(str),
+		 "SELECT TTL,RDTYPE,RDATA FROM \"%s\" WHERE "
+		 "lower(NAME) = lower('%s')", dbi->table, canonname);
+	isc_mem_put(ns_g_mctx, canonname, strlen(name) * 2 + 1);
+
+	result = maybe_reconnect(dbi);
+	if (result != ISC_R_SUCCESS)
+		return (result);
+
+	res = PQexec(dbi->conn, str);
+	if (!res || PQresultStatus(res) != PGRES_TUPLES_OK) {
+		PQclear(res);
+		return (ISC_R_FAILURE);
+	}
+	if (PQntuples(res) == 0) {
+		PQclear(res);
+		return (ISC_R_NOTFOUND);
+	}
+
+	for (i = 0; i < PQntuples(res); i++) {
+		char *ttlstr = PQgetvalue(res, i, 0);
+		char *type = PQgetvalue(res, i, 1);
+		char *data = PQgetvalue(res, i, 2);
+		dns_ttl_t ttl;
+		char *endp;
+		ttl = strtol(ttlstr, &endp, 10);
+		if (*endp != '\0') {
+			PQclear(res);
+			return (DNS_R_BADTTL);
+		}
+		result = dns_sdb_putrr(lookup, type, ttl, data);
+		if (result != ISC_R_SUCCESS) {
+			PQclear(res);
+			return (ISC_R_FAILURE);
+		}
+	}
+
+	PQclear(res);
+	return (ISC_R_SUCCESS);
+}
+
+/*
+ * Issue an SQL query to return all nodes in the database and fill the
+ * allnodes structure.
+ */
+static isc_result_t
+pgsqldb_allnodes(const char *zone, void *dbdata, dns_sdballnodes_t *allnodes) {
+	struct dbinfo *dbi = dbdata;
+	PGresult *res;
+	isc_result_t result;
+	char str[1500];
+	int i;
+
+	UNUSED(zone);
+
+	snprintf(str, sizeof(str),
+		 "SELECT TTL,NAME,RDTYPE,RDATA FROM \"%s\" ORDER BY NAME",
+		 dbi->table);
+
+	result = maybe_reconnect(dbi);
+	if (result != ISC_R_SUCCESS)
+		return (result);
+
+	res = PQexec(dbi->conn, str);
+	if (!res || PQresultStatus(res) != PGRES_TUPLES_OK ) {
+		PQclear(res);
+		return (ISC_R_FAILURE);
+	}
+	if (PQntuples(res) == 0) {
+		PQclear(res);
+		return (ISC_R_NOTFOUND);
+	}
+
+	for (i = 0; i < PQntuples(res); i++) {
+		char *ttlstr = PQgetvalue(res, i, 0);
+		char *name = PQgetvalue(res, i, 1);
+		char *type = PQgetvalue(res, i, 2);
+		char *data = PQgetvalue(res, i, 3);
+		dns_ttl_t ttl;
+		char *endp;
+		ttl = strtol(ttlstr, &endp, 10);
+		if (*endp != '\0') {
+			PQclear(res);
+			return (DNS_R_BADTTL);
+		}
+		result = dns_sdb_putnamedrr(allnodes, name, type, ttl, data);
+		if (result != ISC_R_SUCCESS) {
+			PQclear(res);
+			return (ISC_R_FAILURE);
+		}
+	}
+
+	PQclear(res);
+	return (ISC_R_SUCCESS);
+}
+
+/*
+ * Create a connection to the database and save any necessary information
+ * in dbdata.
+ *
+ * argv[0] is the name of the database
+ * argv[1] is the name of the table
+ * argv[2] (if present) is the name of the host to connect to
+ * argv[3] (if present) is the name of the user to connect as
+ * argv[4] (if present) is the name of the password to connect with
+ */
+static isc_result_t
+pgsqldb_create(const char *zone, int argc, char **argv,
+	       void *driverdata, void **dbdata)
+{
+	struct dbinfo *dbi;
+	isc_result_t result;
+
+	UNUSED(zone);
+	UNUSED(driverdata);
+
+	if (argc < 2)
+		return (ISC_R_FAILURE);
+
+	dbi = isc_mem_get(ns_g_mctx, sizeof(struct dbinfo));
+	if (dbi == NULL)
+		return (ISC_R_NOMEMORY);
+	dbi->conn = NULL;
+	dbi->database = NULL;
+	dbi->table = NULL;
+	dbi->host = NULL;
+	dbi->user = NULL;
+	dbi->passwd = NULL;
+
+#define STRDUP_OR_FAIL(target, source)				\
+	do {							\
+		target = isc_mem_strdup(ns_g_mctx, source);	\
+		if (target == NULL) {				\
+			result = ISC_R_NOMEMORY;		\
+			goto cleanup;				\
+		}						\
+	} while (0);
+
+	STRDUP_OR_FAIL(dbi->database, argv[0]);
+	STRDUP_OR_FAIL(dbi->table, argv[1]);
+	if (argc > 2)
+		STRDUP_OR_FAIL(dbi->host, argv[2]);
+	if (argc > 3)
+		STRDUP_OR_FAIL(dbi->user, argv[3]);
+	if (argc > 4)
+		STRDUP_OR_FAIL(dbi->passwd, argv[4]);
+
+	result = db_connect(dbi);
+	if (result != ISC_R_SUCCESS)
+		goto cleanup;
+
+	*dbdata = dbi;
+	return (ISC_R_SUCCESS);
+
+ cleanup:
+	pgsqldb_destroy(zone, driverdata, (void **)&dbi);
+	return (result);
+}
+
+/*
+ * Close the connection to the database.
+ */
+static void
+pgsqldb_destroy(const char *zone, void *driverdata, void **dbdata) {
+	struct dbinfo *dbi = *dbdata;
+
+	UNUSED(zone);
+	UNUSED(driverdata);
+
+	if (dbi->conn != NULL)
+		PQfinish(dbi->conn);
+	if (dbi->database != NULL)
+		isc_mem_free(ns_g_mctx, dbi->database);
+	if (dbi->table != NULL)
+		isc_mem_free(ns_g_mctx, dbi->table);
+	if (dbi->host != NULL)
+		isc_mem_free(ns_g_mctx, dbi->host);
+	if (dbi->user != NULL)
+		isc_mem_free(ns_g_mctx, dbi->user);
+	if (dbi->passwd != NULL)
+		isc_mem_free(ns_g_mctx, dbi->passwd);
+	if (dbi->database != NULL)
+		isc_mem_free(ns_g_mctx, dbi->database);
+	isc_mem_put(ns_g_mctx, dbi, sizeof(struct dbinfo));
+}
+
+/*
+ * Since the SQL database corresponds to a zone, the authority data should
+ * be returned by the lookup() function.  Therefore the authority() function
+ * is NULL.
+ */
+static dns_sdbmethods_t pgsqldb_methods = {
+	pgsqldb_lookup,
+	NULL, /* authority */
+	pgsqldb_allnodes,
+	pgsqldb_create,
+	pgsqldb_destroy,
+	NULL /* lookup2 */
+};
+
+/*
+ * Wrapper around dns_sdb_register().
+ */
+isc_result_t
+pgsqldb_init(void) {
+	unsigned int flags;
+	flags = 0;
+	return (dns_sdb_register("pgsql", &pgsqldb_methods, NULL, flags,
+				 ns_g_mctx, &pgsqldb));
+}
+
+/*
+ * Wrapper around dns_sdb_unregister().
+ */
+void
+pgsqldb_clear(void) {
+	if (pgsqldb != NULL)
+		dns_sdb_unregister(&pgsqldb);
+}
diff --git a/bin/named-sdb/pgsqldb.h b/bin/named-sdb/pgsqldb.h
new file mode 100644
index 0000000..1916723
--- /dev/null
+++ b/bin/named-sdb/pgsqldb.h
@@ -0,0 +1,18 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+
+#include <isc/types.h>
+
+isc_result_t pgsqldb_init(void);
+
+void pgsqldb_clear(void);
+
diff --git a/bin/named-sdb/sqlitedb.c b/bin/named-sdb/sqlitedb.c
new file mode 100644
index 0000000..dc93db4
--- /dev/null
+++ b/bin/named-sdb/sqlitedb.c
@@ -0,0 +1,325 @@
+/*
+ * Copyright (C) 2007, 2016  Internet Systems Consortium, Inc. ("ISC")
+ * 
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+
+#include <config.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#include <sqlite3.h>
+
+#include <isc/mem.h>
+#include <isc/print.h>
+#include <isc/result.h>
+#include <isc/util.h>
+
+#include <dns/sdb.h>
+#include <dns/result.h>
+
+#include <named/globals.h>
+
+#include "sqlitedb.h"
+
+/*
+ * A simple database driver that interfaces to a SQLite database.
+ *
+ * The table must contain the fields "name", "rdtype", and "rdata", and 
+ * is expected to contain a properly constructed zone.  The program "zonetodb"
+ * creates such a table.
+ */
+
+static dns_sdbimplementation_t *sqlitedb = NULL;
+
+typedef struct _dbinfo {
+    sqlite3 *db;
+    char *filename;
+    char *table;
+} dbinfo_t;
+
+
+static isc_result_t
+db_connect(dbinfo_t *dbi)
+{
+    if (sqlite3_open(dbi->filename, &dbi->db) == SQLITE_OK) {
+	return (ISC_R_SUCCESS);
+    } else {
+	/* a connection is returned even if the open fails */
+	sqlite3_close(dbi->db);
+	dbi->db = NULL;
+	return (ISC_R_FAILURE);
+    }
+}
+
+
+typedef struct _lookup_parm_t {
+    int              i;
+    dns_sdblookup_t *lookup;
+    isc_result_t     result;
+} lookup_parm_t;
+
+
+static int
+sqlitedb_lookup_cb(void *p, int cc, char **cv, char **cn)
+{
+    lookup_parm_t *parm = p;
+    dns_ttl_t ttl;
+    char *endp;
+
+    /* FIXME - check these(num/names); I'm assuming a mapping for now */
+    char *ttlstr = cv[0];
+    char *type   = cv[1];
+    char *data   = cv[2];
+
+    UNUSED(cc);
+    UNUSED(cn);
+
+    ttl = strtol(ttlstr, &endp, 10);
+    if (*endp) {
+	parm->result = DNS_R_BADTTL;
+	return 1;
+    }
+
+    parm->result = dns_sdb_putrr(parm->lookup, type, ttl, data);
+
+    if (parm->result != ISC_R_SUCCESS)
+	return 1;
+
+    (parm->i)++;
+
+    return 0;
+}
+
+
+#ifdef DNS_CLIENTINFO_VERSION
+static isc_result_t
+sqlitedb_lookup(const char *zone, const char *name, void *dbdata,
+		dns_sdblookup_t *lookup, dns_clientinfomethods_t *methods,
+		dns_clientinfo_t *clientinfo)
+#else
+static isc_result_t
+sqlitedb_lookup(const char *zone, const char *name, void *dbdata,
+		dns_sdblookup_t *lookup)
+#endif /* DNS_CLIENTINFO_VERSION */
+/*
+ * synchronous absolute name lookup
+ */
+{
+    dbinfo_t *dbi = (dbinfo_t *) dbdata;
+    char *sql;
+    lookup_parm_t parm = { 0, lookup, ISC_R_SUCCESS };
+    char *errmsg = NULL;
+    int result;
+
+    UNUSED(zone);
+#ifdef DNS_CLIENTINFO_VERSION
+    UNUSED(methods);
+    UNUSED(clientinfo);
+#endif /* DNS_CLIENTINFO_VERSION */
+
+    sql = sqlite3_mprintf(
+	"SELECT TTL,RDTYPE,RDATA FROM \"%q\" WHERE "
+	"lower(NAME) = lower('%q')",
+	dbi->table, name);
+
+    result = sqlite3_exec(dbi->db, sql,
+			  &sqlitedb_lookup_cb, &parm,
+			  &errmsg);
+    sqlite3_free(sql);
+
+    if (result != SQLITE_OK)
+	return (ISC_R_FAILURE);
+    if (parm.i == 0)
+	return (ISC_R_NOTFOUND);
+
+    return (ISC_R_SUCCESS);
+}
+
+
+typedef struct _allnodes_parm_t {
+    int                i;
+    dns_sdballnodes_t *allnodes;
+    isc_result_t       result;
+} allnodes_parm_t;
+
+
+static int
+sqlitedb_allnodes_cb(void *p, int cc, char **cv, char **cn)
+{
+    allnodes_parm_t *parm = p;
+    dns_ttl_t ttl;
+    char *endp;
+
+    /* FIXME - check these(num/names); I'm assuming a mapping for now */
+    char *ttlstr = cv[0];
+    char *name   = cv[1];
+    char *type   = cv[2];
+    char *data   = cv[3];
+
+    UNUSED(cc);
+    UNUSED(cn);
+
+    ttl = strtol(ttlstr, &endp, 10);
+    if (*endp) {
+	parm->result = DNS_R_BADTTL;
+	return 1;
+    }
+
+    parm->result = dns_sdb_putnamedrr(parm->allnodes, name, type, ttl, data);
+
+    if (parm->result != ISC_R_SUCCESS)
+	return 1;
+
+    (parm->i)++;
+
+    return 0;
+}
+
+
+static isc_result_t
+sqlitedb_allnodes(const char *zone,
+		  void *dbdata,
+		  dns_sdballnodes_t *allnodes)
+{
+    dbinfo_t *dbi = (dbinfo_t *) dbdata;
+    char *sql;
+    allnodes_parm_t parm = { 0, allnodes, ISC_R_SUCCESS };
+    char *errmsg = NULL;
+    int result;
+
+    UNUSED(zone);
+
+    sql = sqlite3_mprintf(
+	"SELECT TTL,NAME,RDTYPE,RDATA FROM \"%q\" ORDER BY NAME",
+	dbi->table);
+
+    result = sqlite3_exec(dbi->db, sql,
+			  &sqlitedb_allnodes_cb, &parm,
+			  &errmsg);
+    sqlite3_free(sql);
+
+    if (result != SQLITE_OK)
+	return (ISC_R_FAILURE);
+    if (parm.i == 0)
+	return (ISC_R_NOTFOUND);
+
+    return (ISC_R_SUCCESS);
+}
+
+
+static void
+sqlitedb_destroy(const char *zone, void *driverdata, void **dbdata)
+{
+    dbinfo_t *dbi = *dbdata;
+
+    UNUSED(zone);
+    UNUSED(driverdata);
+
+    if (dbi->db != NULL)
+	sqlite3_close(dbi->db);
+    if (dbi->table != NULL)
+	isc_mem_free(ns_g_mctx, dbi->table);
+    if (dbi->filename != NULL)
+	isc_mem_free(ns_g_mctx, dbi->filename);
+
+    isc_mem_put(ns_g_mctx, dbi, sizeof(dbinfo_t));
+}
+
+
+#define STRDUP_OR_FAIL(target, source)				\
+	do {							\
+		target = isc_mem_strdup(ns_g_mctx, source);	\
+		if (target == NULL) {				\
+			result = ISC_R_NOMEMORY;		\
+			goto cleanup;				\
+		}						\
+	} while (0);
+
+/*
+ * Create a connection to the database and save any necessary information
+ * in dbdata.
+ *
+ * argv[0] is the name of the database file
+ * argv[1] is the name of the table
+ */
+static isc_result_t
+sqlitedb_create(const char *zone,
+		int argc, char **argv,
+		void *driverdata, void **dbdata)
+{
+    dbinfo_t *dbi;
+    isc_result_t result;
+
+    UNUSED(zone);
+    UNUSED(driverdata);
+
+    if (argc < 2)
+	return (ISC_R_FAILURE);
+
+    dbi = isc_mem_get(ns_g_mctx, sizeof(dbinfo_t));
+    if (dbi == NULL)
+	return (ISC_R_NOMEMORY);
+    dbi->db       = NULL;
+    dbi->filename = NULL;
+    dbi->table    = NULL;
+
+    STRDUP_OR_FAIL(dbi->filename, argv[0]);
+    STRDUP_OR_FAIL(dbi->table, argv[1]);
+
+    result = db_connect(dbi);
+    if (result != ISC_R_SUCCESS)
+	goto cleanup;
+
+    *dbdata = dbi;
+    return (ISC_R_SUCCESS);
+
+cleanup:
+    sqlitedb_destroy(zone, driverdata, (void **)&dbi);
+    return (result);
+}
+
+
+/*
+ * Since the SQL database corresponds to a zone, the authority data should
+ * be returned by the lookup() function.  Therefore the authority() function
+ * is NULL.
+ */
+static dns_sdbmethods_t sqlitedb_methods = {
+    sqlitedb_lookup,
+    NULL, /* authority */
+    sqlitedb_allnodes,
+    sqlitedb_create,
+    sqlitedb_destroy,
+    NULL /* lookup2 */
+};
+
+
+/*
+ * Wrapper around dns_sdb_register().
+ */
+isc_result_t
+sqlitedb_init(void)
+{
+    unsigned int flags;
+    flags = 0;
+    return (dns_sdb_register("sqlite", &sqlitedb_methods, NULL, flags,
+			     ns_g_mctx, &sqlitedb));
+}
+
+
+/*
+ * Wrapper around dns_sdb_unregister().
+ */
+void
+sqlitedb_clear(void)
+{
+    if (sqlitedb != NULL)
+	dns_sdb_unregister(&sqlitedb);
+}
diff --git a/bin/named-sdb/sqlitedb.h b/bin/named-sdb/sqlitedb.h
new file mode 100644
index 0000000..34f63dc
--- /dev/null
+++ b/bin/named-sdb/sqlitedb.h
@@ -0,0 +1,15 @@
+/*
+ * Copyright (C) 2000-2002, 2016  Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+
+#include <isc/types.h>
+
+isc_result_t sqlitedb_init(void);
+
+void sqlitedb_clear(void);
+
diff --git a/bin/named/Makefile.in b/bin/named/Makefile.in
index 0e00885..5b022f2 100644
--- a/bin/named/Makefile.in
+++ b/bin/named/Makefile.in
@@ -45,10 +45,10 @@ DLZDRIVER_LIBS =	@DLZ_DRIVER_LIBS@
 CINCLUDES =	-I${srcdir}/include -I${srcdir}/unix/include -I. \
 		${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \
 		${ISCCFG_INCLUDES} ${ISCCC_INCLUDES} ${ISC_INCLUDES} \
-		${DLZDRIVER_INCLUDES} ${DBDRIVER_INCLUDES} ${MAXMINDDB_CFLAGS} \
+		${MAXMINDDB_CFLAGS} \
 		@DST_OPENSSL_INC@
 
-CDEFINES =      @CONTRIB_DLZ@ @USE_GSSAPI@ @CRYPTO@
+CDEFINES =      @USE_GSSAPI@ @CRYPTO@
 
 CWARNINGS =
 
@@ -72,11 +72,11 @@ DEPLIBS =	${LWRESDEPLIBS} ${DNSDEPLIBS} ${BIND9DEPLIBS} \
 
 LIBS =		${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} \
 		${ISCCFGLIBS} ${ISCCCLIBS} ${ISCLIBS} \
-		${DLZDRIVER_LIBS} ${DBDRIVER_LIBS} @LIBS@
+		@LIBS@
 
 NOSYMLIBS =	${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} \
 		${ISCCFGLIBS} ${ISCCCLIBS} ${ISCNOSYMLIBS} \
-		${DLZDRIVER_LIBS} ${DBDRIVER_LIBS} @LIBS@
+		@LIBS@
 
 SUBDIRS =	unix
 
@@ -94,8 +94,7 @@ OBJS =		builtin.@O@ client.@O@ config.@O@ control.@O@ \
 		tkeyconf.@O@ tsigconf.@O@ update.@O@ xfrout.@O@ \
 		zoneconf.@O@ \
 		lwaddr.@O@ lwresd.@O@ lwdclient.@O@ lwderror.@O@ lwdgabn.@O@ \
-		lwdgnba.@O@ lwdgrbn.@O@ lwdnoop.@O@ lwsearch.@O@ \
-		${DLZDRIVER_OBJS} ${DBDRIVER_OBJS}
+		lwdgnba.@O@ lwdgrbn.@O@ lwdnoop.@O@ lwsearch.@O@
 
 UOBJS =		unix/os.@O@ unix/dlz_dlopen_driver.@O@
 
@@ -113,8 +112,7 @@ SRCS =		builtin.c client.c config.c control.c \
 		tkeyconf.c tsigconf.c update.c xfrout.c \
 		zoneconf.c \
 		lwaddr.c lwresd.c lwdclient.c lwderror.c lwdgabn.c \
-		lwdgnba.c lwdgrbn.c lwdnoop.c lwsearch.c \
-		${DLZDRIVER_SRCS} ${DBDRIVER_SRCS}
+		lwdgnba.c lwdgrbn.c lwdnoop.c lwsearch.c
 
 MANPAGES =	named.8 lwresd.8 named.conf.5
 
@@ -203,7 +201,5 @@ uninstall::
 	rm -f ${DESTDIR}${sbindir}/lwresd@EXEEXT@
 	${LIBTOOL_MODE_UNINSTALL} rm -f ${DESTDIR}${sbindir}/named@EXEEXT@
 
-@DLZ_DRIVER_RULES@
-
 named-symtbl.@O@: named-symtbl.c
 	${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} -c named-symtbl.c
diff --git a/bin/sdb_tools/Makefile.in b/bin/sdb_tools/Makefile.in
new file mode 100644
index 0000000..95ab742
--- /dev/null
+++ b/bin/sdb_tools/Makefile.in
@@ -0,0 +1,67 @@
+srcdir     =	@srcdir@
+VPATH      =	@srcdir@
+top_srcdir =	@top_srcdir@
+
+VERSION=@BIND9_VERSION@
+
+@BIND9_MAKE_INCLUDES@
+
+CINCLUDES =	-I${srcdir}/include -I${srcdir}/unix/include \
+		${LWRES_INCLUDES} ${DNS_INCLUDES} ${BIND9_INCLUDES} \
+		${ISCCFG_INCLUDES} ${ISCCC_INCLUDES} ${ISC_INCLUDES}
+
+CDEFINES =	-DBIND9
+
+DNSLIBS =	../../lib/dns/libdns.@A@ @DNS_CRYPTO_LIBS@
+ISCCFGLIBS =	../../lib/isccfg/libisccfg.@A@
+ISCCCLIBS =	../../lib/isccc/libisccc.@A@
+ISCLIBS =	../../lib/isc/libisc.@A@
+LWRESLIBS =	../../lib/lwres/liblwres.@A@
+BIND9LIBS =	../../lib/bind9/libbind9.@A@
+
+DNSDEPLIBS =	../../lib/dns/libdns.@A@
+ISCCFGDEPLIBS =	../../lib/isccfg/libisccfg.@A@
+ISCCCDEPLIBS =	../../lib/isccc/libisccc.@A@
+ISCDEPLIBS =	../../lib/isc/libisc.@A@
+LWRESDEPLIBS =	../../lib/lwres/liblwres.@A@
+BIND9DEPLIBS =	../../lib/bind9/libbind9.@A@
+
+DEPLIBS =	${LWRESDEPLIBS} ${DNSDEPLIBS} ${BIND9DEPLIBS} \
+		${ISCCFGDEPLIBS} ${ISCCCDEPLIBS} ${ISCDEPLIBS}
+
+LIBS =		${LWRESLIBS} ${DNSLIBS} ${BIND9LIBS} \
+		${ISCCFGLIBS} ${ISCCCLIBS} ${ISCLIBS} ${DBDRIVER_LIBS} @LIBS@
+
+TARGETS =	zone2ldap@EXEEXT@ zonetodb@EXEEXT@ zone2sqlite@EXEEXT@
+
+OBJS	=	zone2ldap.@O@ zonetodb.@O@ zone2sqlite.@O@
+
+SRCS    =       zone2ldap.c zonetodb.c zone2sqlite.c
+
+MANPAGES =      zone2ldap.1
+
+EXT_CFLAGS =
+
+@BIND9_MAKE_RULES@
+
+zone2ldap@EXEEXT@: zone2ldap.@O@ ${DEPLIBS}
+	${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ zone2ldap.@O@ -lldap -llber ${LIBS}
+
+zonetodb@EXEEXT@: zonetodb.@O@  ${DEPLIBS}
+	${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ zonetodb.@O@ -lpq ${LIBS}
+
+zone2sqlite@EXEEXT@: zone2sqlite.@O@  ${DEPLIBS}
+	${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${ALL_CFLAGS} ${LDFLAGS} -o $@ zone2sqlite.@O@ -lsqlite3 -lssl ${LIBS}
+
+clean distclean manclean maintainer-clean::
+	rm -f ${TARGETS} ${OBJS}
+
+installdirs:
+	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${sbindir}
+	$(SHELL) ${top_srcdir}/mkinstalldirs ${DESTDIR}${mandir}/man1
+
+install:: ${TARGETS} installdirs
+	${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} zone2ldap@EXEEXT@ ${DESTDIR}${sbindir}
+	${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} zonetodb@EXEEXT@  ${DESTDIR}${sbindir}
+	${LIBTOOL_MODE_INSTALL} ${INSTALL_PROGRAM} zone2sqlite@EXEEXT@ ${DESTDIR}${sbindir}
+	${INSTALL_DATA} ${srcdir}/zone2ldap.1 ${DESTDIR}${mandir}/man1/zone2ldap.1
diff --git a/bin/sdb_tools/ldap2zone.c b/bin/sdb_tools/ldap2zone.c
new file mode 100644
index 0000000..80e7919
--- /dev/null
+++ b/bin/sdb_tools/ldap2zone.c
@@ -0,0 +1,411 @@
+/*
+ * Copyright (C) 2004, 2005 Stig Venaas <venaas@uninett.no>
+ * $Id: ldap2zone.c,v 1.1 2007/07/24 15:18:00 atkac Exp $
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ */
+
+#define LDAP_DEPRECATED 1
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <ctype.h>
+
+#include <ldap.h>
+
+struct string {
+    void *data;
+    size_t len;
+};
+
+struct assstack_entry {
+    struct string key;
+    struct string val;
+    struct assstack_entry *next;
+};
+
+struct assstack_entry *assstack_find(struct assstack_entry *stack, struct string *key);
+void assstack_push(struct assstack_entry **stack, struct assstack_entry *item);
+void assstack_insertbottom(struct assstack_entry **stack, struct assstack_entry *item);
+void printsoa(struct string *soa);
+void printrrs(char *defaultttl, struct assstack_entry *item);
+void print_zone(char *defaultttl, struct assstack_entry *stack);
+void usage(char *name);
+void err(char *name, const char *msg);
+int putrr(struct assstack_entry **stack, struct berval *name, char *type, char *ttl, struct berval *val);
+
+struct assstack_entry *assstack_find(struct assstack_entry *stack, struct string *key) {
+    for (; stack; stack = stack->next)
+	if (stack->key.len == key->len && !memcmp(stack->key.data, key->data, key->len))
+	    return stack;
+    return NULL;
+}
+
+void assstack_push(struct assstack_entry **stack, struct assstack_entry *item) {
+    item->next = *stack;
+    *stack = item;
+}
+
+void assstack_insertbottom(struct assstack_entry **stack, struct assstack_entry *item) {
+    struct assstack_entry *p;
+    
+    item->next = NULL;
+    if (!*stack) {
+	*stack = item;
+	return;
+    }
+    /* find end, should keep track of end somewhere */
+    /* really a queue, not a stack */
+    p = *stack;
+    while (p->next)
+	p = p->next;
+    p->next = item;
+}
+
+void printsoa(struct string *soa) {
+    char *s;
+    size_t i;
+    
+    s = (char *)soa->data;
+    i = 0;
+    while (i < soa->len) {
+	putchar(s[i]);
+	if (s[i++] == ' ')
+	    break;
+    }
+    while (i < soa->len) {
+	putchar(s[i]);
+	if (s[i++] == ' ')
+	    break;
+    } 
+    printf("(\n\t\t\t\t");
+    while (i < soa->len) {
+	putchar(s[i]);
+	if (s[i++] == ' ')
+	    break;
+    }
+    printf("; Serialnumber\n\t\t\t\t");
+    while (i < soa->len) {
+	if (s[i] == ' ')
+	    break;
+	putchar(s[i++]);
+    }
+    i++;
+    printf("\t; Refresh\n\t\t\t\t");
+    while (i < soa->len) {
+	if (s[i] == ' ')
+	    break;
+	putchar(s[i++]);
+    }
+    i++;
+    printf("\t; Retry\n\t\t\t\t");
+    while (i < soa->len) {
+	if (s[i] == ' ')
+	    break;
+	putchar(s[i++]);
+    }
+    i++;
+    printf("\t; Expire\n\t\t\t\t");
+    while (i < soa->len) {
+	putchar(s[i++]);
+    }
+    printf(" )\t; Minimum TTL\n");
+}
+
+void printrrs(char *defaultttl, struct assstack_entry *item) {
+    struct assstack_entry *stack;
+    char *s;
+    int first;
+    size_t i;
+    char *ttl, *type;
+    int top;
+    
+    s = (char *)item->key.data;
+
+    if (item->key.len == 1 && *s == '@') {
+	top = 1;
+	printf("@\t");
+    } else {
+	top = 0;
+	for (i = 0; i < item->key.len; i++)
+	    putchar(s[i]);
+	if (item->key.len < 8)
+	    putchar('\t');
+	putchar('\t');
+    }
+    
+    first = 1;
+    for (stack = (struct assstack_entry *) item->val.data; stack; stack = stack->next) {
+	ttl = (char *)stack->key.data;
+	s = strchr(ttl, ' ');
+	*s++ = '\0';
+	type = s;
+	
+	if (first)
+	    first = 0;
+        else
+	    printf("\t\t");
+	    
+	if (strcmp(defaultttl, ttl))
+	    printf("%s", ttl);
+	putchar('\t');
+	
+	if (top) {
+	    top = 0;
+	    printf("IN\t%s\t", type);
+	    /* Should always be SOA here */
+	    if (!strcmp(type, "SOA")) {
+		printsoa(&stack->val);
+		continue;
+	    }
+	} else
+	    printf("%s\t", type);
+
+	s = (char *)stack->val.data;
+	for (i = 0; i < stack->val.len; i++)
+	    putchar(s[i]);
+	putchar('\n');
+    }
+}
+
+void print_zone(char *defaultttl, struct assstack_entry *stack) {
+    printf("$TTL %s\n", defaultttl);
+    for (; stack; stack = stack->next)
+	printrrs(defaultttl, stack);
+};
+
+void usage(char *name) {
+    fprintf(stderr, "Usage:%s zone-name LDAP-URL default-ttl [serial]\n", name);
+    exit(1);
+};
+
+void err(char *name, const char *msg) {
+    fprintf(stderr, "%s: %s\n", name, msg);
+    exit(1);
+};
+
+int putrr(struct assstack_entry **stack, struct berval *name, char *type, char *ttl, struct berval *val) {
+    struct string key;
+    struct assstack_entry *rr, *rrdata;
+    
+    /* Do nothing if name or value have 0 length */
+    if (!name->bv_len || !val->bv_len)
+	return 0;
+
+    /* see if already have an entry for this name */
+    key.len = name->bv_len;
+    key.data = name->bv_val;
+
+    rr = assstack_find(*stack, &key);
+    if (!rr) {
+	/* Not found, create and push new entry */
+	rr = (struct assstack_entry *) malloc(sizeof(struct assstack_entry));
+	if (!rr)
+	    return -1;
+	rr->key.len = name->bv_len;
+	rr->key.data = (void *) malloc(rr->key.len);
+	if (!rr->key.data) {
+	    free(rr);
+	    return -1;
+	}
+	memcpy(rr->key.data, name->bv_val, name->bv_len);
+	rr->val.len = sizeof(void *);
+	rr->val.data = NULL;
+	if (name->bv_len == 1 && *(char *)name->bv_val == '@')
+	    assstack_push(stack, rr);
+	else
+	    assstack_insertbottom(stack, rr);
+    }
+
+    rrdata = (struct assstack_entry *) malloc(sizeof(struct assstack_entry));
+    if (!rrdata) {
+	free(rr->key.data);
+	free(rr);
+	return -1;
+    }
+    rrdata->key.len = strlen(type) + strlen(ttl) + 1;
+    rrdata->key.data = (void *) malloc(rrdata->key.len);
+    if (!rrdata->key.data) {
+	free(rrdata);
+	free(rr->key.data);
+	free(rr);
+	return -1;
+    }
+    sprintf((char *)rrdata->key.data, "%s %s", ttl, type);
+	
+    rrdata->val.len = val->bv_len;
+    rrdata->val.data = (void *) malloc(val->bv_len);
+    if (!rrdata->val.data) {
+	free(rrdata->key.data);
+	free(rrdata);
+	free(rr->key.data);
+	free(rr);
+	return -1;
+    }
+    memcpy(rrdata->val.data, val->bv_val, val->bv_len);
+
+    if (!strcmp(type, "SOA"))
+	assstack_push((struct assstack_entry **) &(rr->val.data), rrdata);
+    else
+	assstack_insertbottom((struct assstack_entry **) &(rr->val.data), rrdata);
+    return 0;
+}
+
+int main(int argc, char **argv) {
+    char *s, *hostporturl, *base = NULL;
+    char *ttl, *defaultttl;
+    LDAP *ld;
+    char *fltr = NULL;
+    LDAPMessage *res, *e;
+    char *a, **ttlvals, **soavals, *serial;
+    struct berval **vals, **names;
+    char type[64];
+    BerElement *ptr;
+    int i, j, rc, msgid;
+    struct assstack_entry *zone = NULL;
+    
+    if (argc < 4 || argc > 5)
+        usage(argv[0]);
+
+    hostporturl = argv[2];
+
+    if (hostporturl != strstr( hostporturl, "ldap"))
+	err(argv[0], "Not an LDAP URL");
+
+    s = strchr(hostporturl, ':');
+
+    if (!s || strlen(s) < 3 || s[1] != '/' || s[2] != '/')
+	err(argv[0], "Not an LDAP URL");
+
+    s = strchr(s+3, '/');
+    if (s) {
+	*s++ = '\0';
+	base = s;
+	s = strchr(base, '?');
+	if (s)
+	    err(argv[0], "LDAP URL can only contain host, port and base");
+    }
+
+    defaultttl = argv[3];
+    
+    rc = ldap_initialize(&ld, hostporturl);
+    if (rc != LDAP_SUCCESS)
+	err(argv[0], "ldap_initialize() failed");
+
+    if (argc == 5) {
+	/* serial number specified, check if different from one in SOA */
+	fltr = (char *)malloc(strlen(argv[1]) + strlen("(&(relativeDomainName=@)(zoneName=))") + 1);
+	sprintf(fltr, "(&(relativeDomainName=@)(zoneName=%s))", argv[1]);
+	msgid = ldap_search(ld, base, LDAP_SCOPE_SUBTREE, fltr, NULL, 0);
+	if (msgid == -1)
+	    err(argv[0], "ldap_search() failed");
+
+	while ((rc = ldap_result(ld, msgid, 0, NULL, &res)) != LDAP_RES_SEARCH_RESULT ) {
+	    /* not supporting continuation references at present */
+	    if (rc != LDAP_RES_SEARCH_ENTRY)
+		err(argv[0], "ldap_result() returned cont.ref? Exiting");
+
+	    /* only one entry per result message */
+	    e = ldap_first_entry(ld, res);
+	    if (e == NULL) {
+		ldap_msgfree(res);
+		err(argv[0], "ldap_first_entry() failed");
+	    }
+	
+	    soavals = ldap_get_values(ld, e, "SOARecord");
+	    if (soavals)
+		break;
+	}
+
+	ldap_msgfree(res);
+	if (!soavals) {
+		err(argv[0], "No SOA Record found");
+	}
+	
+	/* We have a SOA, compare serial numbers */
+	/* Only checkinf first value, should be only one */
+	s = strchr(soavals[0], ' ');
+	s++;
+	s = strchr(s, ' ');
+	s++;
+	serial = s;
+	s = strchr(s, ' ');
+	*s = '\0';
+	if (!strcmp(serial, argv[4])) {
+	    ldap_value_free(soavals);
+	    err(argv[0], "serial numbers match");
+	}
+	ldap_value_free(soavals);
+    }
+
+    if (!fltr)
+	fltr = (char *)malloc(strlen(argv[1]) + strlen("(zoneName=)") + 1);
+    if (!fltr)
+	err(argv[0], "Malloc failed");
+    sprintf(fltr, "(zoneName=%s)", argv[1]);
+
+    msgid = ldap_search(ld, base, LDAP_SCOPE_SUBTREE, fltr, NULL, 0);
+    if (msgid == -1)
+	err(argv[0], "ldap_search() failed");
+
+    while ((rc = ldap_result(ld, msgid, 0, NULL, &res)) != LDAP_RES_SEARCH_RESULT ) {
+	/* not supporting continuation references at present */
+	if (rc != LDAP_RES_SEARCH_ENTRY)
+	    err(argv[0], "ldap_result() returned cont.ref? Exiting");
+
+	/* only one entry per result message */
+	e = ldap_first_entry(ld, res);
+	if (e == NULL) {
+	    ldap_msgfree(res);
+	    err(argv[0], "ldap_first_entry() failed");
+	}
+	
+	names = ldap_get_values_len(ld, e, "relativeDomainName");
+	if (!names)
+	    continue;
+	
+	ttlvals = ldap_get_values(ld, e, "dNSTTL");
+	ttl = ttlvals ? ttlvals[0] : defaultttl;
+
+	for (a = ldap_first_attribute(ld, e, &ptr); a != NULL; a = ldap_next_attribute(ld, e, ptr)) {
+	    char *s;
+
+	    for (s = a; *s; s++)
+		*s = toupper(*s);
+	    s = strstr(a, "RECORD");
+	    if ((s == NULL) || (s == a) || (s - a >= (signed int)sizeof(type))) {
+		ldap_memfree(a);
+		continue;
+	    }
+			
+	    strncpy(type, a, s - a);
+	    type[s - a] = '\0';
+	    vals = ldap_get_values_len(ld, e, a);
+	    if (vals) {
+		for (i = 0; vals[i]; i++)
+		    for (j = 0; names[j]; j++)
+			if (putrr(&zone, names[j], type, ttl, vals[i]))
+			    err(argv[0], "malloc failed");
+		ldap_value_free_len(vals);
+	    }
+	    ldap_memfree(a);
+	}
+
+	if (ptr)
+	    ber_free(ptr, 0);
+	if (ttlvals)
+	    ldap_value_free(ttlvals);
+	ldap_value_free_len(names);
+	/* free this result */
+	ldap_msgfree(res);
+    }
+
+    /* free final result */
+    ldap_msgfree(res);
+
+    print_zone(defaultttl, zone);
+    return 0;
+}
diff --git a/bin/sdb_tools/zone2ldap.1 b/bin/sdb_tools/zone2ldap.1
new file mode 100644
index 0000000..5b1fb24
--- /dev/null
+++ b/bin/sdb_tools/zone2ldap.1
@@ -0,0 +1,64 @@
+.TH zone2ldap 1 "8 March 2001"
+.SH NAME
+zone2ldap /- Load BIND 9 Zone files into LDAP Directory
+.SH SYNOPSIS
+zone2ldap  [-D Bind DN] [-w Bind Password] [-b Base DN] [-z Zone] [-f Zone File ] [-h Ldap Host] [-cd] [-v]
+.SH DESCRIPTION
+zone2ldap will parse a complete BIND 9 format DNS zone file, and load
+the contents into an LDAP directory, for use with the LDAP sdb back-end.
+
+If the zone already exists, zone2ldap will exit successfully. If the zone does not exists, or
+partially exists, zone2ldap will attempt to add all/missing zone data.
+
+.SS Options
+.TP
+-b 
+LDAP Base DN. LDAP systems require a "base dn", which is generally considered the LDAP Directory root.
+If the zone you are loading is different from the base, then you will need to tell zone2ldap what your LDAP
+base is. 
+.TP
+-v 
+Print version information, and immediately exit.
+.TP
+-f 
+Zone file.  Bind 9.1 compatible zone file, from which zone information will be read.
+.TP
+-d 
+Dump debug information to standard out. 
+.TP 
+-w 
+LDAP Bind password, corresponding the the value of "-b".
+.TP
+-h 
+LDAP Directory host. This is the hostname of the LDAP system you wish to store zone information on.
+An LDAP server should be listening on port 389 of the target system. This may be omitted, and will default
+to "localhost".
+.TP
+-c 
+This will create the zone portion of the DN you are importing. For instance, if you are creating a domain.com zone,
+zone2ldap should first create "dc=domain,dc=com".  This is useful if you are creating multiple domains.
+.TP
+-z 
+This is the name of the zone specified in the SOA record.
+.SH EXAMPLES
+Following are brief examples of how to import a zone file into your LDAP DIT.
+.SS Loading zone domain.com, with an LDAP Base DN of dc=domain,dc=com
+zone2ldap -D dc=root -w secret -h localhost -z domain.com -f domain.com.zone 
+
+This will add Resource Records into an ALREADY EXISTING dc=domain,dc=com. The final SOA DN in this case, will be 
+dc=@,dc=domain,dc=com
+
+.SS Loading customer.com, if your LDAP Base DN is dc=provider,dc=net.
+zone2ldap -D dc=root -w secret -h localhost -z customer.com -b dc=provider,dc=net -f customer.com.zone -c
+
+This will create dc=customer,dc=com under dc=provider,dc=net, and add all necessary Resource Records. The final
+root DN to the SOA will be dc=@,dc=customer,dc=com,dc=provider,dc=net.
+
+.SH "SEE ALSO"
+named(8) ldap(3) 
+http://www.venaas.no/ldap/bind-sdb/
+.SH "BUGS"
+Send all bug reports to Jeff McNeil <jeff@snapcase.g-rock.net>
+.SH AUTHOR
+Jeff McNeil <jeff@snapcase.g-rock.net>
+
diff --git a/bin/sdb_tools/zone2ldap.c b/bin/sdb_tools/zone2ldap.c
new file mode 100644
index 0000000..e0e9207
--- /dev/null
+++ b/bin/sdb_tools/zone2ldap.c
@@ -0,0 +1,780 @@
+/*
+ * Copyright (C) 2001 Jeff McNeil <jeff@snapcase.g-rock.net>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * Change Log
+ *
+ * Tue May  1 19:19:54 EDT 2001 - Jeff McNeil
+ * Update to objectClass code, and add_to_rr_list function
+ * (I need to rename that) to support the dNSZone schema,
+ * ditched dNSDomain2 schema support. Version 0.3-ALPHA
+ */
+
+#define LDAP_DEPRECATED 1
+
+#include <errno.h>
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <getopt.h>
+
+#include <isc/buffer.h>
+#include <isc/entropy.h>
+#include <isc/hash.h>
+#include <isc/mem.h>
+#include <isc/print.h>
+#include <isc/result.h>
+#include <isc/string.h>
+
+#include <dns/db.h>
+#include <dns/dbiterator.h>
+#include <dns/fixedname.h>
+#include <dns/name.h>
+#include <dns/rdata.h>
+#include <dns/rdataset.h>
+#include <dns/rdatasetiter.h>
+#include <dns/result.h>
+#include <dns/rdatatype.h>
+
+#define LDAP_DEPRECATED 1
+
+#include <ldap.h>
+
+#define DNS_OBJECT 6
+#define DNS_TOP	   2
+
+#define VERSION    "0.4-ALPHA"
+
+#define NO_SPEC 0
+#define WI_SPEC  1
+
+/* Global Zone Pointer */
+char *gbl_zone = NULL;
+
+typedef struct LDAP_INFO
+{
+  char *dn;
+  LDAPMod **attrs;
+  struct LDAP_INFO *next;
+  int attrcnt;
+}
+ldap_info;
+
+/* usage Info */
+void usage (void);
+
+/* Add to the ldap dit */
+void add_ldap_values (ldap_info * ldinfo);
+
+/* Init an ldap connection */
+void init_ldap_conn (void);
+
+/* Ldap error checking */
+void ldap_result_check (const char *msg, char *dn, int err);
+
+/* Put a hostname into a char ** array */
+char **hostname_to_dn_list (char *hostname, char *zone, unsigned int flags);
+
+/* Find out how many items are in a char ** array */
+int get_attr_list_size (char **tmp);
+
+/* Get a DN */
+char *build_dn_from_dc_list (char **dc_list, unsigned int ttl, int flag);
+
+/* Add to RR list */
+void add_to_rr_list (char *dn, char *name, char *type, char *data,
+		     unsigned int ttl, unsigned int flags);
+
+/* Error checking */
+void isc_result_check (isc_result_t res, const char *errorstr);
+
+/* Generate LDIF Format files */
+void generate_ldap (dns_name_t * dnsname, dns_rdata_t * rdata,
+		    unsigned int ttl);
+
+/* head pointer to the list */
+ldap_info *ldap_info_base = NULL;
+
+ldap_info *
+locate_by_dn (char *dn);
+void
+init_ldap_conn ();
+void usage();
+
+char *argzone, *ldapbase, *binddn, *bindpw = NULL;
+const char *ldapsystem = "localhost";
+static const char *objectClasses[] =
+  { "top", "dNSZone", NULL };
+static const char *topObjectClasses[] = { "top", NULL };
+LDAP *conn;
+unsigned int debug = 0;
+
+#ifdef DEBUG
+debug = 1;
+#endif
+
+static void
+fatal(const char *msg) {
+  perror(msg);
+  if (conn != NULL)
+    ldap_unbind_s(conn);
+  exit(1);
+}
+
+int
+main (int argc, char **argv)
+{
+  isc_mem_t *mctx = NULL;
+  isc_entropy_t *ectx = NULL;
+  isc_result_t result;
+  char *basedn;
+  ldap_info *tmp;
+  LDAPMod *base_attrs[2];
+  LDAPMod base;
+  isc_buffer_t buff;
+  char *zonefile=0L;
+  char fullbasedn[1024];
+  char *ctmp;
+  dns_fixedname_t fixedzone, fixedname;
+  dns_rdataset_t rdataset;
+  char **dc_list;
+  dns_rdata_t rdata = DNS_RDATA_INIT;
+  dns_rdatasetiter_t *riter;
+  dns_name_t *zone, *name;
+  dns_db_t *db = NULL;
+  dns_dbiterator_t *dbit = NULL;
+  dns_dbnode_t *node;
+  extern char *optarg;
+  extern int optind, opterr, optopt;
+  int create_base = 0;
+  int topt;
+
+  if (argc < 2)
+    {
+      usage ();
+      exit (-1);
+    }
+
+  while ((topt = getopt (argc, argv, "D:w:b:z:f:h:?dcv")) != -1)
+    {
+      switch (topt)
+	{
+	case 'v':
+		printf("%s\n", VERSION);
+		exit(0);
+	case 'c':
+	  create_base++;
+	  break;
+	case 'd':
+	  debug++;
+	  break;
+	case 'D':
+	  binddn = strdup (optarg);
+	  if (binddn == NULL)
+	    fatal("strdup");
+	  break;
+	case 'w':
+	  bindpw = strdup (optarg);
+	  if (bindpw == NULL)
+	    fatal("strdup");
+	  break;
+	case 'b':
+	  ldapbase = strdup (optarg);
+	  if (ldapbase == NULL)
+	    fatal("strdup");
+	  break;
+	case 'z':
+	  argzone = strdup (optarg);
+	  // We wipe argzone all to hell when we parse it for the DN */
+	  gbl_zone = strdup(argzone);
+	  if (argzone == NULL || gbl_zone == NULL)
+	    fatal("strdup");
+	  break;
+	case 'f':
+	  zonefile = strdup (optarg);
+	  if (zonefile == NULL)
+	    fatal("strdup");
+	  break;
+	case 'h':
+	  ldapsystem = strdup (optarg);
+	  if (ldapsystem == NULL)
+	    fatal("strdup");
+	  break;
+	case '?':
+	default:
+	  usage ();
+	  exit (0);
+	}
+    }
+
+  if ((argzone == NULL) || (zonefile == NULL))
+    {
+      usage ();
+      exit (-1);
+    }
+
+  if (debug)
+    printf ("Initializing ISC Routines, parsing zone file\n");
+
+  result = isc_mem_create (0, 0, &mctx);
+  isc_result_check (result, "isc_mem_create");
+
+  result = isc_entropy_create(mctx, &ectx);
+  isc_result_check (result, "isc_entropy_create");
+
+  result = isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE);
+  isc_result_check (result, "isc_hash_create");
+
+  isc_buffer_init (&buff, argzone, strlen (argzone));
+  isc_buffer_add (&buff, strlen (argzone));
+  zone = dns_fixedname_initname(&fixedzone);
+  result = dns_name_fromtext (zone, &buff, dns_rootname, 0, NULL);
+  isc_result_check (result, "dns_name_fromtext");
+
+  result = dns_db_create (mctx, "rbt", zone, dns_dbtype_zone,
+			  dns_rdataclass_in, 0, NULL, &db);
+  isc_result_check (result, "dns_db_create");
+
+  result = dns_db_load (db, zonefile);
+  isc_result_check (result, "Check Zone Syntax: dns_db_load");
+
+  result = dns_db_createiterator (db, 0, &dbit);
+  isc_result_check (result, "dns_db_createiterator");
+
+  result = dns_dbiterator_first (dbit);
+  isc_result_check (result, "dns_dbiterator_first");
+
+  name = dns_fixedname_initname(&fixedname);
+  dns_rdataset_init (&rdataset);
+  dns_rdata_init (&rdata);
+
+  while (result == ISC_R_SUCCESS)
+    {
+      node = NULL;
+      result = dns_dbiterator_current (dbit, &node, name);
+
+      if (result == ISC_R_NOMORE)
+	break;
+
+      isc_result_check (result, "dns_dbiterator_current");
+
+      riter = NULL;
+      result = dns_db_allrdatasets (db, node, NULL, 0, &riter);
+      isc_result_check (result, "dns_db_allrdatasets");
+
+      result = dns_rdatasetiter_first (riter);
+      //isc_result_check(result, "dns_rdatasetiter_first");
+
+      while (result == ISC_R_SUCCESS)
+	{
+	  dns_rdatasetiter_current (riter, &rdataset);
+	  result = dns_rdataset_first (&rdataset);
+	  isc_result_check (result, "dns_rdatasetiter_current");
+
+	  while (result == ISC_R_SUCCESS)
+	    {
+	      dns_rdataset_current (&rdataset, &rdata);
+	      generate_ldap (name, &rdata, rdataset.ttl);
+	      dns_rdata_reset (&rdata);
+	      result = dns_rdataset_next (&rdataset);
+	    }
+	  dns_rdataset_disassociate (&rdataset);
+	  result = dns_rdatasetiter_next (riter);
+
+	}
+      dns_rdatasetiter_destroy (&riter);
+      result = dns_dbiterator_next (dbit);
+
+    }
+
+  /* Initialize the LDAP Connection */
+  if (debug)
+    printf ("Initializing LDAP Connection to %s as %s\n", ldapsystem, binddn);
+
+  init_ldap_conn ();
+
+  if (create_base)
+    {
+      if (debug)
+	printf ("Creating base zone DN %s\n", argzone);
+
+      dc_list = hostname_to_dn_list (argzone, argzone, DNS_TOP);
+      basedn = build_dn_from_dc_list (dc_list, 0, NO_SPEC);
+
+      for (ctmp = &basedn[strlen (basedn)]; ctmp >= &basedn[0]; ctmp--)
+	{
+	  if ((*ctmp == ',') || (ctmp == &basedn[0]))
+	    {
+	      base.mod_op = LDAP_MOD_ADD;
+	      base.mod_type = (char*)"objectClass";
+	      base.mod_values = (char**)topObjectClasses;
+	      base_attrs[0] = (void*)&base;
+	      base_attrs[1] = NULL;
+
+	      if (ldapbase)
+		{
+		  if (ctmp != &basedn[0])
+		    sprintf (fullbasedn, "%s,%s", ctmp + 1, ldapbase);
+		  else
+		    sprintf (fullbasedn, "%s,%s", ctmp, ldapbase);
+
+		}
+	      else
+		{
+		  if (ctmp != &basedn[0])
+		    sprintf (fullbasedn, "%s", ctmp + 1);
+		  else
+		    sprintf (fullbasedn, "%s", ctmp);
+		}
+	      result = ldap_add_s (conn, fullbasedn, base_attrs);
+	      ldap_result_check ("initial ldap_add_s", fullbasedn, result);
+	    }
+
+	}
+    }
+  else
+    {
+      if (debug)
+	printf ("Skipping zone base dn creation for %s\n", argzone);
+    }
+
+  for (tmp = ldap_info_base; tmp != NULL; tmp = tmp->next)
+    {
+
+      if (debug)
+	printf ("Adding DN: %s\n", tmp->dn);
+
+      add_ldap_values (tmp);
+    }
+
+  if (debug)
+	printf("Operation Complete.\n");
+
+  /* Cleanup */
+  isc_hash_destroy();
+  isc_entropy_detach(&ectx);
+  isc_mem_destroy(&mctx);
+  if (zonefile)
+	free(zonefile);
+
+  return 0;
+}
+
+
+/* Check the status of an isc_result_t after any isc routines.
+ * I should probably rename this function, as not to cause any
+ * confusion with the isc* routines. Will exit on error. */
+void
+isc_result_check (isc_result_t res, const char *errorstr)
+{
+  if (res != ISC_R_SUCCESS)
+    {
+      fprintf (stderr, " %s: %s\n", errorstr, isc_result_totext (res));
+      exit (-1);
+    }
+}
+
+
+/* Takes DNS information, in bind data structure format, and adds textual
+ * zone information to the LDAP run queue. */
+void
+generate_ldap (dns_name_t * dnsname, dns_rdata_t * rdata, unsigned int ttl)
+{
+  char name[DNS_NAME_MAXTEXT + 1];
+  unsigned int len;
+  char type[20];
+  char data[2048];
+  char **dc_list;
+  char *dn;
+
+  isc_buffer_t buff;
+  isc_result_t result;
+
+  isc_buffer_init (&buff, name, sizeof (name));
+  result = dns_name_totext (dnsname, true, &buff);
+  isc_result_check (result, "dns_name_totext");
+  name[isc_buffer_usedlength (&buff)] = 0;
+
+  isc_buffer_init (&buff, type, sizeof (type));
+  result = dns_rdatatype_totext (rdata->type, &buff);
+  isc_result_check (result, "dns_rdatatype_totext");
+  type[isc_buffer_usedlength (&buff)] = 0;
+
+  isc_buffer_init (&buff, data, sizeof (data));
+  result = dns_rdata_totext (rdata, NULL, &buff);
+  isc_result_check (result, "dns_rdata_totext");
+  data[isc_buffer_usedlength (&buff)] = 0;
+
+  dc_list = hostname_to_dn_list (name, argzone, DNS_OBJECT);
+  len = (get_attr_list_size (dc_list) - 2);
+  dn = build_dn_from_dc_list (dc_list, ttl, WI_SPEC);
+
+  if (debug)
+    printf ("Adding %s (%s %s) to run queue list.\n", dn, type, data);
+
+  add_to_rr_list (dn, dc_list[len], type, data, ttl, DNS_OBJECT);
+}
+
+
+/* Locate an item in the Run queue linked list, by DN. Used by functions
+ * which add items to the run queue.
+ */
+ldap_info *
+locate_by_dn (char *dn)
+{
+  ldap_info *tmp;
+  for (tmp = ldap_info_base; tmp != (ldap_info *) NULL; tmp = tmp->next)
+    {
+      if (!strncmp (tmp->dn, dn, strlen (dn)))
+	return tmp;
+    }
+  return (ldap_info *) NULL;
+}
+
+
+
+/* Take textual zone data, and add to the LDAP Run queue. This works like so:
+ * If locate_by_dn does not return, alloc a new ldap_info structure, and then
+ * calloc a LDAPMod array, fill in the default "everyone needs this" information,
+ * including object classes and dc's. If it locate_by_dn does return, then we'll
+ * realloc for more LDAPMod structs, and append the new data.  If an LDAPMod exists
+ * for the parameter we're adding, then we'll realloc the mod_values array, and
+ * add the new value to the existing LDAPMod. Finnaly, it assures linkage exists
+ * within the Run queue linked ilst*/
+
+void
+add_to_rr_list (char *dn, char *name, char *type,
+		char *data, unsigned int ttl, unsigned int flags)
+{
+  int i;
+  int x;
+  ldap_info *tmp;
+  int attrlist;
+  char ldap_type_buffer[128];
+  char charttl[64];
+
+
+  if ((tmp = locate_by_dn (dn)) == NULL)
+    {
+
+      /* There wasn't one already there, so we need to allocate a new one,
+       * and stick it on the list */
+
+      tmp = (ldap_info *) malloc (sizeof (ldap_info));
+      if (tmp == (ldap_info *) NULL)
+	fatal("malloc");
+
+      tmp->dn = strdup (dn);
+      if (tmp->dn == NULL)
+	fatal("strdup");
+
+      tmp->attrs = (LDAPMod **) calloc (sizeof (LDAPMod *), flags);
+      if (tmp->attrs == (LDAPMod **) NULL)
+	fatal("calloc");
+
+      for (i = 0; i < (int)flags; i++)
+	{
+	  tmp->attrs[i] = (LDAPMod *) malloc (sizeof (LDAPMod));
+	  if (tmp->attrs[i] == (LDAPMod *) NULL)
+	    fatal("malloc");
+	}
+      tmp->attrs[0]->mod_op = LDAP_MOD_ADD;
+      tmp->attrs[0]->mod_type = (char*)"objectClass";
+
+      if (flags == DNS_OBJECT)
+	tmp->attrs[0]->mod_values = (char**)objectClasses;
+      else
+	{
+	  tmp->attrs[0]->mod_values = (char**)topObjectClasses;
+	  tmp->attrs[1] = NULL;
+	  tmp->attrcnt = 2;
+	  tmp->next = ldap_info_base;
+	  ldap_info_base = tmp;
+	  return;
+	}
+
+      tmp->attrs[1]->mod_op = LDAP_MOD_ADD;
+      tmp->attrs[1]->mod_type = (char*)"relativeDomainName";
+      tmp->attrs[1]->mod_values = (char **) calloc (sizeof (char *), 2);
+
+      if (tmp->attrs[1]->mod_values == (char **)NULL)
+	fatal("calloc");
+
+      tmp->attrs[1]->mod_values[0] = strdup (name);
+      tmp->attrs[1]->mod_values[2] = NULL;
+
+      if (tmp->attrs[1]->mod_values[0] == NULL)
+	fatal("strdup");
+
+      sprintf (ldap_type_buffer, "%sRecord", type);
+
+      tmp->attrs[2]->mod_op = LDAP_MOD_ADD;
+      tmp->attrs[2]->mod_type = strdup (ldap_type_buffer);
+      tmp->attrs[2]->mod_values = (char **) calloc (sizeof (char *), 2);
+
+      if (tmp->attrs[2]->mod_type == NULL ||
+	  tmp->attrs[2]->mod_values == (char **)NULL)
+	 fatal("strdup/calloc");
+
+      tmp->attrs[2]->mod_values[0] = strdup (data);
+      tmp->attrs[2]->mod_values[1] = NULL;
+
+      if (tmp->attrs[2]->mod_values[0] == NULL)
+	 fatal("strdup");
+
+      tmp->attrs[3]->mod_op = LDAP_MOD_ADD;
+      tmp->attrs[3]->mod_type = (char*)"dNSTTL";
+      tmp->attrs[3]->mod_values = (char **) calloc (sizeof (char *), 2);
+
+      if (tmp->attrs[3]->mod_values == (char **)NULL)
+	 fatal("calloc");
+
+      sprintf (charttl, "%u", ttl);
+      tmp->attrs[3]->mod_values[0] = strdup (charttl);
+      tmp->attrs[3]->mod_values[1] = NULL;
+
+      if (tmp->attrs[3]->mod_values[0] == NULL)
+	 fatal("strdup");
+
+      tmp->attrs[4]->mod_op = LDAP_MOD_ADD;
+      tmp->attrs[4]->mod_type = (char*)"zoneName";
+      tmp->attrs[4]->mod_values = (char **)calloc(sizeof(char *), 2);
+
+      if (tmp->attrs[4]->mod_values == (char **)NULL)
+	 fatal("calloc");
+
+      tmp->attrs[4]->mod_values[0] = gbl_zone;
+      tmp->attrs[4]->mod_values[1] = NULL;
+
+      tmp->attrs[5] = NULL;
+      tmp->attrcnt = flags;
+      tmp->next = ldap_info_base;
+      ldap_info_base = tmp;
+    }
+  else
+    {
+
+      for (i = 0; tmp->attrs[i] != NULL; i++)
+	{
+	  sprintf (ldap_type_buffer, "%sRecord", type);
+	  if (!strncmp
+	      (ldap_type_buffer, tmp->attrs[i]->mod_type,
+	       strlen (tmp->attrs[i]->mod_type)))
+	    {
+	      attrlist = get_attr_list_size (tmp->attrs[i]->mod_values);
+	      tmp->attrs[i]->mod_values =
+		(char **) realloc (tmp->attrs[i]->mod_values,
+				   sizeof (char *) * (attrlist + 1));
+
+	      if (tmp->attrs[i]->mod_values == (char **) NULL)
+		fatal("realloc");
+
+	      for (x = 0; tmp->attrs[i]->mod_values[x] != NULL; x++);
+
+	      tmp->attrs[i]->mod_values[x] = strdup (data);
+	      if (tmp->attrs[i]->mod_values[x] == NULL)
+		fatal("strdup");
+	      tmp->attrs[i]->mod_values[x + 1] = NULL;
+
+	      return;
+	    }
+	}
+      tmp->attrs =
+	(LDAPMod **) realloc (tmp->attrs,
+			      sizeof (LDAPMod) * ++(tmp->attrcnt));
+      if (tmp->attrs == NULL)
+	fatal("realloc");
+
+      for (x = 0; tmp->attrs[x] != NULL; x++);
+      tmp->attrs[x] = (LDAPMod *) malloc (sizeof (LDAPMod));
+      if (tmp->attrs[x] == NULL)
+	fatal("malloc");
+      tmp->attrs[x]->mod_op = LDAP_MOD_ADD;
+      tmp->attrs[x]->mod_type = strdup (ldap_type_buffer);
+      tmp->attrs[x]->mod_values = (char **) calloc (sizeof (char *), 2);
+
+      if (tmp->attrs[x]->mod_type == NULL ||
+	  tmp->attrs[x]->mod_values == (char **)NULL)
+	fatal("strdup/calloc");
+
+      tmp->attrs[x]->mod_values[0] = strdup (data);
+      if (tmp->attrs[x]->mod_values[0] == NULL)
+	fatal("strdup");
+      tmp->attrs[x]->mod_values[1] = NULL;
+      tmp->attrs[x + 1] = NULL;
+    }
+}
+
+/* Size of a mod_values list, plus the terminating NULL field. */
+int
+get_attr_list_size (char **tmp)
+{
+  int i = 0;
+  char **ftmp = tmp;
+  while (*ftmp != NULL)
+    {
+      i++;
+      ftmp++;
+    }
+  return ++i;
+}
+
+
+/* take a hostname, and split it into a char ** of the dc parts,
+ * example, we have www.domain.com, this function will return:
+ * array[0] = com, array[1] = domain, array[2] = www. */
+
+char **
+hostname_to_dn_list (char *hostname, char *zone, unsigned int flags)
+{
+  char *tmp;
+  static char *dn_buffer[64];
+  int i = 0;
+  char *zname;
+  char *hnamebuff;
+
+  zname = strdup (hostname);
+  if (zname == NULL)
+	fatal("strdup");
+
+  if (flags == DNS_OBJECT)
+    {
+
+      if (strlen (zname) != strlen (zone))
+	{
+	  tmp = &zname[strlen (zname) - strlen (zone)];
+	  *--tmp = '\0';
+	  hnamebuff = strdup (zname);
+	  if (hnamebuff == NULL)
+		fatal("strdup");
+	  zname = ++tmp;
+	}
+      else
+	hnamebuff = (char*)"@";
+    }
+  else
+    {
+      zname = zone;
+      hnamebuff = NULL;
+    }
+
+  for (tmp = strrchr (zname, '.'); tmp != (char *) 0;
+       tmp = strrchr (zname, '.'))
+    {
+      *tmp++ = '\0';
+      dn_buffer[i++] = tmp;
+    }
+  dn_buffer[i++] = zname;
+  dn_buffer[i++] = hnamebuff;
+  dn_buffer[i] = NULL;
+
+  return dn_buffer;
+}
+
+
+/* build an sdb compatible LDAP DN from a "dc_list" (char **).
+ * will append dNSTTL information to each RR Record, with the
+ * exception of "@"/SOA. */
+
+char *
+build_dn_from_dc_list (char **dc_list, unsigned int ttl, int flag)
+{
+  int size;
+  int x;
+  static char dn[1024];
+  char tmp[128];
+
+  bzero (tmp, sizeof (tmp));
+  bzero (dn, sizeof (dn));
+  size = get_attr_list_size (dc_list);
+  for (x = size - 2; x > 0; x--)
+    {
+    if (flag == WI_SPEC)
+    {
+      if (x == (size - 2) && (strncmp (dc_list[x], "@", 1) == 0) && (ttl))
+	sprintf (tmp, "relativeDomainName=%s + dNSTTL=%u,", dc_list[x], ttl);
+      else if (x == (size - 2))
+	      sprintf(tmp, "relativeDomainName=%s,",dc_list[x]);
+      else
+	      sprintf(tmp,"dc=%s,", dc_list[x]);
+    }
+    else
+    {
+	    sprintf(tmp, "dc=%s,", dc_list[x]);
+    }
+
+
+      strlcat (dn, tmp, sizeof (dn));
+    }
+
+  sprintf (tmp, "dc=%s", dc_list[0]);
+  strlcat (dn, tmp, sizeof (dn));
+
+	    fflush(NULL);
+  return dn;
+}
+
+
+/* Initialize LDAP Conn */
+void
+init_ldap_conn ()
+{
+  int result;
+  conn = ldap_open (ldapsystem, LDAP_PORT);
+  if (conn == NULL)
+    {
+      fprintf (stderr, "Error opening Ldap connection: %s\n",
+	       strerror (errno));
+      exit (-1);
+    }
+
+  result = ldap_simple_bind_s (conn, binddn, bindpw);
+  ldap_result_check ("ldap_simple_bind_s", (char*)"LDAP Bind", result);
+}
+
+/* Like isc_result_check, only for LDAP */
+void
+ldap_result_check (const char *msg, char *dn, int err)
+{
+  if ((err != LDAP_SUCCESS) && (err != LDAP_ALREADY_EXISTS))
+    {
+      fprintf(stderr, "Error while adding %s (%s):\n",
+		      dn, msg);
+      ldap_perror (conn, dn);
+      ldap_unbind_s (conn);
+      exit (-1);
+    }
+}
+
+
+
+/* For running the ldap_info run queue. */
+void
+add_ldap_values (ldap_info * ldinfo)
+{
+  int result;
+  char dnbuffer[1024];
+
+
+  if (ldapbase != NULL)
+    sprintf (dnbuffer, "%s,%s", ldinfo->dn, ldapbase);
+  else
+    sprintf (dnbuffer, "%s", ldinfo->dn);
+
+  result = ldap_add_s (conn, dnbuffer, ldinfo->attrs);
+  ldap_result_check ("ldap_add_s", dnbuffer, result);
+}
+
+
+
+
+/* name says it all */
+void
+usage ()
+{
+  fprintf (stderr,
+	   "zone2ldap -D [BIND DN] -w [BIND PASSWORD] -b [BASE DN] -z [ZONE] -f [ZONE FILE] -h [LDAP HOST] "
+	   "[-c Create LDAP Base structure][-d Debug Output (lots !)] \n ");}
diff --git a/bin/sdb_tools/zone2sqlite.c b/bin/sdb_tools/zone2sqlite.c
new file mode 100644
index 0000000..86d577e
--- /dev/null
+++ b/bin/sdb_tools/zone2sqlite.c
@@ -0,0 +1,296 @@
+/*
+ * Copyright (C) 2007, 2016  Internet Systems Consortium, Inc. ("ISC")
+ * 
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <isc/buffer.h>
+#include <isc/mem.h>
+#include <isc/print.h>
+#include <isc/result.h>
+
+#include <dns/db.h>
+#include <dns/dbiterator.h>
+#include <isc/entropy.h>
+#include <dns/fixedname.h>
+#include <isc/hash.h>
+#include <dns/name.h>
+#include <dns/rdata.h>
+#include <dns/rdataset.h>
+#include <dns/rdatasetiter.h>
+#include <dns/rdatatype.h>
+#include <dns/result.h>
+
+#include <sqlite3.h>
+
+#ifndef UNUSED
+#define UNUSED(x)  (x) = (x)
+#endif
+
+/*
+ * Generate an SQLite table from a zone.
+ */
+
+typedef struct _dbinfo {
+    sqlite3 *db;
+    char *filename;
+    char *table;
+} dbinfo_t;
+
+dbinfo_t dbi = { NULL, NULL, NULL };
+
+
+static void
+closeandexit(int status)
+{
+    if (dbi.db) {
+	sqlite3_close(dbi.db);
+	dbi.db = NULL;
+    }
+    exit(status);
+}
+
+static void
+check_result(isc_result_t result, const char *message)
+{
+    if (result != ISC_R_SUCCESS) {
+	fprintf(stderr, "%s: %s\n", message,
+		isc_result_totext(result));
+	closeandexit(1);
+    }
+}
+
+static isc_result_t
+db_connect(dbinfo_t *dbi)
+{
+    if (sqlite3_open(dbi->filename, &dbi->db) == SQLITE_OK) {
+	return (ISC_R_SUCCESS);
+    } else {
+	/* a connection is returned even if the open fails */
+	sqlite3_close(dbi->db);
+	dbi->db = NULL;
+	return (ISC_R_FAILURE);
+    }
+}
+
+static int
+add_rdata_cb(void *parm, int cc, char **cv, char **cn)
+{
+    UNUSED(parm);
+    UNUSED(cc);
+    UNUSED(cv);
+    UNUSED(cn);
+
+    return 0;
+}
+
+
+static void
+addrdata(dns_name_t *name, dns_ttl_t ttl, dns_rdata_t *rdata)
+{
+    unsigned char namearray[DNS_NAME_MAXTEXT + 1];
+    unsigned char typearray[20];
+    unsigned char dataarray[2048];
+    isc_buffer_t b;
+    isc_result_t result;
+    char *sql;
+    char *errmsg = NULL;
+    int res;
+    
+    isc_buffer_init(&b, namearray, sizeof(namearray) - 1);
+    result = dns_name_totext(name, true, &b);
+    check_result(result, "dns_name_totext");
+    namearray[isc_buffer_usedlength(&b)] = 0;
+    
+    isc_buffer_init(&b, typearray, sizeof(typearray) - 1);
+    result = dns_rdatatype_totext(rdata->type, &b);
+    check_result(result, "dns_rdatatype_totext");
+    typearray[isc_buffer_usedlength(&b)] = 0;
+    
+    isc_buffer_init(&b, dataarray, sizeof(dataarray) - 1);
+    result = dns_rdata_totext(rdata, NULL, &b);
+    check_result(result, "dns_rdata_totext");
+    dataarray[isc_buffer_usedlength(&b)] = 0;
+    
+    sql = sqlite3_mprintf(
+	"INSERT INTO %Q (NAME, TTL, RDTYPE, RDATA)"
+	" VALUES ('%q', %d, '%q', '%q') ",
+	dbi.table,
+	namearray, ttl, typearray, dataarray);
+    printf("%s\n", sql);
+    res = sqlite3_exec(dbi.db, sql, add_rdata_cb, NULL, &errmsg);
+    sqlite3_free(sql);
+
+    if (res != SQLITE_OK) {
+	fprintf(stderr, "INSERT failed: %s\n", errmsg);
+	closeandexit(1);
+    }
+}
+
+int
+main(int argc, char *argv[])
+{
+    char *sql;
+    int res;
+    char *errmsg = NULL;
+    char *porigin, *zonefile;
+    dns_fixedname_t forigin, fname;
+    dns_name_t *origin, *name;
+    dns_db_t *db = NULL;
+    dns_dbiterator_t *dbiter;
+    dns_dbnode_t *node;
+    dns_rdatasetiter_t *rdsiter;
+    dns_rdataset_t rdataset;
+    dns_rdata_t rdata = DNS_RDATA_INIT;
+    isc_mem_t *mctx = NULL;
+    isc_entropy_t *ectx = NULL;
+    isc_buffer_t b;
+    isc_result_t result;
+
+    if (argc != 5) {
+	printf("usage: %s <zone> <zonefile> <dbfile> <dbtable>\n", argv[0]);
+	exit(1);
+    }
+    
+    porigin  = argv[1];
+    zonefile = argv[2];
+
+    dbi.filename = argv[3];
+    dbi.table    = argv[4];
+    
+    dns_result_register();
+    
+    result = isc_mem_create(0, 0, &mctx);
+    check_result(result, "isc_mem_create");
+    result = isc_entropy_create(mctx, &ectx);
+    check_result(result, "isc_entropy_create");
+    result = isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE);
+    check_result(result, "isc_hash_create");
+    
+    isc_buffer_init(&b, porigin, strlen(porigin));
+    isc_buffer_add(&b, strlen(porigin));
+    origin = dns_fixedname_initname(&forigin);
+    result = dns_name_fromtext(origin, &b, dns_rootname, 0, NULL);
+    check_result(result, "dns_name_fromtext");
+    
+    db = NULL;
+    result = dns_db_create(mctx, "rbt", origin, dns_dbtype_zone,
+			   dns_rdataclass_in, 0, NULL, &db);
+    check_result(result, "dns_db_create");
+    
+    result = dns_db_load(db, zonefile);
+    if (result == DNS_R_SEENINCLUDE)
+	result = ISC_R_SUCCESS;
+    check_result(result, "dns_db_load");
+
+    printf("Connecting to '%s'\n", dbi.filename);
+    
+    if ((result = db_connect(&dbi)) != ISC_R_SUCCESS) {
+	fprintf(stderr, "Connection to database '%s' failed\n",
+		dbi.filename);
+	closeandexit(1);
+    }
+    
+    sql = sqlite3_mprintf("DROP TABLE %Q ", dbi.table);
+    printf("%s\n", sql);
+    res = sqlite3_exec(dbi.db, sql, NULL, NULL, &errmsg);
+    sqlite3_free(sql);
+#if 0
+    if (res != SQLITE_OK) {
+	fprintf(stderr, "DROP TABLE %s failed: %s\n",
+		dbi.table, errmsg);
+    }
+#endif
+
+#if 0    
+    sql = sqlite3_mprintf(sql, "BEGIN TRANSACTION");
+    printf("%s\n", sql);
+    res = sqlite3_exec(dbi.db, sql, NULL, NULL, &errmsg);
+    sqlite3_free(sql);
+    if (res != SQLITE_OK) {
+	fprintf(stderr, "BEGIN TRANSACTION failed: %s\n", errmsg);
+	closeandexit(1);
+    }
+#endif
+    
+    sql = sqlite3_mprintf(
+	"CREATE TABLE %Q "
+	"(NAME TEXT, TTL INTEGER, RDTYPE TEXT, RDATA TEXT) ",
+	dbi.table);
+    printf("%s\n", sql);
+    res = sqlite3_exec(dbi.db, sql, NULL, NULL, &errmsg);
+    sqlite3_free(sql);
+    if (res != SQLITE_OK) {
+	fprintf(stderr, "CREATE TABLE %s failed: %s\n",
+		dbi.table, errmsg);
+	closeandexit(1);
+    }
+    
+    dbiter = NULL;
+    result = dns_db_createiterator(db, 0, &dbiter);
+    check_result(result, "dns_db_createiterator()");
+    
+    result = dns_dbiterator_first(dbiter);
+    check_result(result, "dns_dbiterator_first");
+    
+    name = dns_fixedname_initname(&fname);
+    dns_rdataset_init(&rdataset);
+    dns_rdata_init(&rdata);
+    
+    while (result == ISC_R_SUCCESS) {
+	node = NULL;
+	result = dns_dbiterator_current(dbiter, &node, name);
+	if (result == ISC_R_NOMORE)
+	    break;
+	check_result(result, "dns_dbiterator_current");
+	
+	rdsiter = NULL;
+	result = dns_db_allrdatasets(db, node, NULL, 0, &rdsiter);
+	check_result(result, "dns_db_allrdatasets");
+
+	result = dns_rdatasetiter_first(rdsiter);
+
+	while (result == ISC_R_SUCCESS) {
+	    dns_rdatasetiter_current(rdsiter, &rdataset);
+	    result = dns_rdataset_first(&rdataset);
+	    check_result(result, "dns_rdataset_first");
+	    while (result == ISC_R_SUCCESS) {
+		dns_rdataset_current(&rdataset, &rdata);
+		addrdata(name, rdataset.ttl, &rdata);
+		dns_rdata_reset(&rdata);
+		result = dns_rdataset_next(&rdataset);
+	    }
+	    dns_rdataset_disassociate(&rdataset);
+	    result = dns_rdatasetiter_next(rdsiter);
+	}
+	dns_rdatasetiter_destroy(&rdsiter);
+	dns_db_detachnode(db, &node);
+	result = dns_dbiterator_next(dbiter);
+    }
+
+#if 0
+    sql = sqlite3_mprintf(sql, "COMMIT TRANSACTION ");
+    printf("%s\n", sql);
+    res = sqlite3_exec(dbi.db, sql, NULL, NULL, &errmsg);
+    sqlite3_free(sql);
+    if (res != SQLITE_OK) {
+	fprintf(stderr, "COMMIT TRANSACTION failed: %s\n", errmsg);
+	closeandexit(1);
+    }
+#endif
+    
+    dns_dbiterator_destroy(&dbiter);
+    dns_db_detach(&db);
+    isc_hash_destroy();
+    isc_entropy_detach(&ectx);
+    isc_mem_destroy(&mctx);
+
+    closeandexit(0);
+
+    exit(0);
+}
diff --git a/bin/sdb_tools/zonetodb.c b/bin/sdb_tools/zonetodb.c
new file mode 100644
index 0000000..7d8b8db
--- /dev/null
+++ b/bin/sdb_tools/zonetodb.c
@@ -0,0 +1,290 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <isc/buffer.h>
+#include <isc/entropy.h>
+#include <isc/hash.h>
+#include <isc/mem.h>
+#include <isc/print.h>
+#include <isc/result.h>
+
+#include <dns/db.h>
+#include <dns/dbiterator.h>
+#include <dns/fixedname.h>
+#include <dns/name.h>
+#include <dns/rdata.h>
+#include <dns/rdataset.h>
+#include <dns/rdatasetiter.h>
+#include <dns/rdatatype.h>
+#include <dns/result.h>
+
+#include <libpq-fe.h>
+
+/*
+ * Generate a PostgreSQL table from a zone.
+ *
+ * This is compiled this with something like the following (assuming bind9 has
+ * been installed):
+ *
+ * gcc -g `isc-config.sh --cflags isc dns` -c zonetodb.c
+ * gcc -g -o zonetodb zonetodb.o `isc-config.sh --libs isc dns` -lpq
+ */
+
+PGconn *conn = NULL;
+char *dbname, *dbtable;
+char str[10240];
+
+void
+closeandexit(int status);
+
+void
+closeandexit(int status) {
+	if (conn != NULL)
+		PQfinish(conn);
+	exit(status);
+}
+
+void
+check_result(isc_result_t result, const char *message);
+
+void
+check_result(isc_result_t result, const char *message) {
+	if (result != ISC_R_SUCCESS) {
+		fprintf(stderr, "%s: %s\n", message,
+			isc_result_totext(result));
+		closeandexit(1);
+	}
+}
+
+/*
+ * Canonicalize a string before writing it to the database.
+ * "dest" must be an array of at least size 2*strlen(source) + 1.
+ */
+static void
+quotestring(const unsigned char *source, unsigned char *dest) {
+	while (*source != 0) {
+		if (*source == '\'')
+			*dest++ = '\'';
+		else if (*source == '\\')
+			*dest++ = '\\';
+		*dest++ = *source++;
+	}
+	*dest++ = 0;
+}
+void
+addrdata(dns_name_t *name, dns_ttl_t ttl, dns_rdata_t *rdata);
+void
+addrdata(dns_name_t *name, dns_ttl_t ttl, dns_rdata_t *rdata) {
+	unsigned char namearray[DNS_NAME_MAXTEXT + 1];
+	unsigned char canonnamearray[2 * DNS_NAME_MAXTEXT + 1];
+	unsigned char typearray[20];
+	unsigned char canontypearray[40];
+	unsigned char dataarray[2048];
+	unsigned char canondataarray[4096];
+	isc_buffer_t b;
+	isc_result_t result;
+	PGresult *res;
+
+	isc_buffer_init(&b, namearray, sizeof(namearray) - 1);
+	result = dns_name_totext(name, true, &b);
+	check_result(result, "dns_name_totext");
+	namearray[isc_buffer_usedlength(&b)] = 0;
+	quotestring((const unsigned char *)namearray, canonnamearray);
+
+	isc_buffer_init(&b, typearray, sizeof(typearray) - 1);
+	result = dns_rdatatype_totext(rdata->type, &b);
+	check_result(result, "dns_rdatatype_totext");
+	typearray[isc_buffer_usedlength(&b)] = 0;
+	quotestring((const unsigned char *)typearray, canontypearray);
+
+	isc_buffer_init(&b, dataarray, sizeof(dataarray) - 1);
+	result = dns_rdata_totext(rdata, NULL, &b);
+	check_result(result, "dns_rdata_totext");
+	dataarray[isc_buffer_usedlength(&b)] = 0;
+	quotestring((const unsigned char *)dataarray, canondataarray);
+
+	snprintf(str, sizeof(str),
+		 "INSERT INTO %s (NAME, TTL, RDTYPE, RDATA)"
+		 " VALUES ('%s', %d, '%s', '%s')",
+		 dbtable, canonnamearray, ttl, canontypearray, canondataarray);
+	printf("%s\n", str);
+	res = PQexec(conn, str);
+	if (!res || PQresultStatus(res) != PGRES_COMMAND_OK) {
+		fprintf(stderr, "INSERT INTO command failed: %s\n",
+			PQresultErrorMessage(res));
+		PQclear(res);
+		closeandexit(1);
+	}
+	PQclear(res);
+}
+
+int
+main(int argc, char **argv) {
+	char *porigin, *zonefile;
+	dns_fixedname_t forigin, fname;
+	dns_name_t *origin, *name;
+	dns_db_t *db = NULL;
+	dns_dbiterator_t *dbiter;
+	dns_dbnode_t *node;
+	dns_rdatasetiter_t *rdsiter;
+	dns_rdataset_t rdataset;
+	dns_rdata_t rdata = DNS_RDATA_INIT;
+	isc_mem_t *mctx = NULL;
+	isc_entropy_t *ectx = NULL;
+	isc_buffer_t b;
+	isc_result_t result;
+	PGresult *res;
+
+	if (argc != 5) {
+		printf("usage: %s origin file dbname dbtable\n", argv[0]);
+		printf("Note that dbname must be an existing database.\n");
+		exit(1);
+	}
+
+	porigin = argv[1];
+	zonefile = argv[2];
+	dbname = argv[3];
+	dbtable = argv[4];
+
+	dns_result_register();
+
+	mctx = NULL;
+	result = isc_mem_create(0, 0, &mctx);
+	check_result(result, "isc_mem_create");
+
+	result = isc_entropy_create(mctx, &ectx);
+	check_result(result, "isc_entropy_create");
+
+	result = isc_hash_create(mctx, ectx, DNS_NAME_MAXWIRE);
+	check_result(result, "isc_hash_create");
+
+	isc_buffer_init(&b, porigin, strlen(porigin));
+	isc_buffer_add(&b, strlen(porigin));
+	origin = dns_fixedname_initname(&forigin);
+	result = dns_name_fromtext(origin, &b, dns_rootname, 0, NULL);
+	check_result(result, "dns_name_fromtext");
+
+	db = NULL;
+	result = dns_db_create(mctx, "rbt", origin, dns_dbtype_zone,
+			       dns_rdataclass_in, 0, NULL, &db);
+	check_result(result, "dns_db_create");
+
+	result = dns_db_load(db, zonefile);
+	if (result == DNS_R_SEENINCLUDE)
+		result = ISC_R_SUCCESS;
+	check_result(result, "dns_db_load");
+
+	printf("Connecting to '%s'\n", dbname);
+	conn = PQsetdb(NULL, NULL, NULL, NULL, dbname);
+	if (PQstatus(conn) == CONNECTION_BAD) {
+		fprintf(stderr, "Connection to database '%s' failed: %s\n",
+			dbname, PQerrorMessage(conn));
+		closeandexit(1);
+	}
+
+	snprintf(str, sizeof(str),
+		 "DROP TABLE %s", dbtable);
+	printf("%s\n", str);
+	res = PQexec(conn, str);
+	if (!res || PQresultStatus(res) != PGRES_COMMAND_OK)
+		fprintf(stderr, "DROP TABLE command failed: %s\n",
+			PQresultErrorMessage(res));
+	PQclear(res);
+
+	snprintf(str, sizeof(str), "BEGIN");
+	printf("%s\n", str);
+	res = PQexec(conn, str);
+	if (!res || PQresultStatus(res) != PGRES_COMMAND_OK) {
+		fprintf(stderr, "BEGIN command failed: %s\n",
+			PQresultErrorMessage(res));
+		PQclear(res);
+		closeandexit(1);
+	}
+	PQclear(res);
+
+	snprintf(str, sizeof(str),
+		 "CREATE TABLE %s "
+		 "(NAME TEXT, TTL INTEGER, RDTYPE TEXT, RDATA TEXT)",
+		 dbtable);
+	printf("%s\n", str);
+	res = PQexec(conn, str);
+	if (!res || PQresultStatus(res) != PGRES_COMMAND_OK) {
+		fprintf(stderr, "CREATE TABLE command failed: %s\n",
+			PQresultErrorMessage(res));
+		PQclear(res);
+		closeandexit(1);
+	}
+	PQclear(res);
+
+	dbiter = NULL;
+	result = dns_db_createiterator(db, 0, &dbiter);
+	check_result(result, "dns_db_createiterator()");
+
+	result = dns_dbiterator_first(dbiter);
+	check_result(result, "dns_dbiterator_first");
+
+	name = dns_fixedname_initname(&fname);
+	dns_rdataset_init(&rdataset);
+	dns_rdata_init(&rdata);
+
+	while (result == ISC_R_SUCCESS) {
+		node = NULL;
+		result = dns_dbiterator_current(dbiter, &node, name);
+		if (result == ISC_R_NOMORE)
+			break;
+		check_result(result, "dns_dbiterator_current");
+
+		rdsiter = NULL;
+		result = dns_db_allrdatasets(db, node, NULL, 0, &rdsiter);
+		check_result(result, "dns_db_allrdatasets");
+
+		result = dns_rdatasetiter_first(rdsiter);
+
+		while (result == ISC_R_SUCCESS) {
+			dns_rdatasetiter_current(rdsiter, &rdataset);
+			result = dns_rdataset_first(&rdataset);
+			check_result(result, "dns_rdataset_first");
+			while (result == ISC_R_SUCCESS) {
+				dns_rdataset_current(&rdataset, &rdata);
+				addrdata(name, rdataset.ttl, &rdata);
+				dns_rdata_reset(&rdata);
+				result = dns_rdataset_next(&rdataset);
+			}
+			dns_rdataset_disassociate(&rdataset);
+			result = dns_rdatasetiter_next(rdsiter);
+		}
+		dns_rdatasetiter_destroy(&rdsiter);
+		dns_db_detachnode(db, &node);
+		result = dns_dbiterator_next(dbiter);
+	}
+
+	snprintf(str, sizeof(str), "COMMIT TRANSACTION");
+	printf("%s\n", str);
+	res = PQexec(conn, str);
+	if (!res || PQresultStatus(res) != PGRES_COMMAND_OK) {
+		fprintf(stderr, "COMMIT command failed: %s\n",
+			PQresultErrorMessage(res));
+		PQclear(res);
+		closeandexit(1);
+	}
+	PQclear(res);
+	dns_dbiterator_destroy(&dbiter);
+	dns_db_detach(&db);
+	isc_hash_destroy();
+	isc_entropy_detach(&ectx);
+	isc_mem_destroy(&mctx);
+	closeandexit(0);
+	exit(0);
+}
diff --git a/configure.ac b/configure.ac
index 142bef2..72d5adc 100644
--- a/configure.ac
+++ b/configure.ac
@@ -5515,6 +5515,8 @@ AC_CONFIG_FILES([
 	bin/named/unix/Makefile
 	bin/named-pkcs11/Makefile
 	bin/named-pkcs11/unix/Makefile
+	bin/named-sdb/Makefile
+	bin/named-sdb/unix/Makefile
 	bin/nsupdate/Makefile
 	bin/pkcs11/Makefile
 	bin/python/Makefile
@@ -5539,6 +5541,7 @@ AC_CONFIG_FILES([
 	bin/python/isc/tests/policy_test.py
 	bin/python/isc/utils.py
 	bin/rndc/Makefile
+	bin/sdb_tools/Makefile
 	bin/tests/Makefile
 	bin/tests/headerdep_test.sh
 	bin/tests/optional/Makefile