ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
14,799 Commits 589 Branches 805 Tags
01b2ff64ccdcc51caab40a1bbf4f3dbfdfd38281
Commit Graph

1836 Commits

Author SHA1 Message Date
Mark Andrews
86c4403666 2026. [bug] Rate limit the two recursive client exceeded messages. 
[RT #16044]
 2006-05-18 03:14:03 +00:00
Mark Andrews
72a28d8eba 2022. [bug] If dnssec validation is disabled only assert CD if 
CD was requested. [RT #16037]

2021.   [bug]           dnssec-enable no; triggered a REQUIRE. [RT #16037]
 2006-05-18 02:02:35 +00:00
Mark Andrews
a74224ad1e regen 2006-05-17 02:38:44 +00:00
Mark Andrews
bb663a73bd make query-source{-v6} clearer 2006-05-16 06:11:37 +00:00
Mark Andrews
974ea3c6f7 2017. [bug] allow-query default was net correct. [RT #15946] 2006-05-16 03:39:57 +00:00
Mark Andrews
bbbdc97ccf 2016. [bug] Return a partial answer if recursion is not 
allowed but requested and we had the answer
                        to the original qname. [RT #15945]
 2006-05-16 03:28:16 +00:00
Mark Andrews
317363c3d7 regen 2006-05-08 15:46:15 +00:00
Mark Andrews
b209b57067 2015. [cleanup] use-additional-cache is now acache-enable for 
consistancy.  Default acache-enable off in BIND 9.4
                        as it requires memory usage to be configured.
                        It may be enabled by default in BIND 9.5 once we
                        have more experience with it.
 2006-05-03 01:46:40 +00:00
Mark Andrews
3e6da549e0 regen 2006-04-23 10:12:43 +00:00
Mark Andrews
db8ac421d8 regen 2006-03-10 00:47:40 +00:00
Mark Andrews
a9c698bf3a update copyright notice 2006-03-10 00:23:20 +00:00
Mark Andrews
e9724570aa 2008. [func] It is now posssible to enable/disable DNSSEC 
validation from rndc.  This is useful for the
                        mobile hosts where the current connection point
                        breaks DNSSEC (firewall/proxy).  [RT #15592]

                                rndc validation newstate [view]
 2006-03-09 23:46:20 +00:00
Mark Andrews
f560a1877b 2007. [func] It is now possible to explicitly enable DNSSEC 
validation.  default dnssec-validation no; to
                        be changed to yes in 9.5.0.  [RT #15674]
 2006-03-09 23:38:21 +00:00
Mark Andrews
1ba9283d78 2006. [security] Allow-query-cache and allow-recursion now default 
to the builtin acls "localnets" and "localhost".

                        This is being done to make caching servers less
                        attractive as reflective amplifying targets for
                        spoofed traffic.  This still leave authoritative
                        servers exposed.

                        The best fix is for full BCP 38 deployment to
                        remove spoofed traffic.
 2006-03-09 03:40:33 +00:00
Mark Andrews
cdaad1be46 regen 2006-03-06 08:06:49 +00:00
Mark Andrews
cb6bc372d8 2001. [func] Check the KSK flag when updating a dynamic zone. 
New zone option "update-check-ksk yes;".  [RT #15817]
 2006-03-06 01:38:01 +00:00
Mark Andrews
69ed9fe33f update copyright notice 2006-03-05 23:58:51 +00:00
Mark Andrews
bf3bbdc9b6 1999. [func] Implement "rrset-order fixed". [RT #13662] 2006-03-03 00:56:53 +00:00
Mark Andrews
1f8449c606 update copyright notice 2006-03-02 00:37:22 +00:00
Mark Andrews
ea407e7082 1991. [cleanup] The configuration data, once read, should be treated 
as readonly.  Expand the use of const to enforce this
                        at compile time. [RT #15813]
 2006-02-28 03:10:49 +00:00
Mark Andrews
7af42116ba fix minor typos 2006-02-26 23:01:58 +00:00
Mark Andrews
77c5b1c067 1986. [func] Report when a zone is removed. [RT #15849] 2006-02-21 23:17:32 +00:00
Mark Andrews
8fc5e43bd9 1597. [func] Allow notify-source and query-source to be specified 
on a per server basis similar to transfer-source.
                        [RT #6496]
 2006-02-17 00:42:10 +00:00
Mark Andrews
dfb3eacdfb 1983. [func] Two new update policies. "selfsub" and "selfwild". 
[RT #12895]
 2006-02-16 01:38:49 +00:00
Mark Andrews
de6cb2108a update copyright notice 2006-02-03 23:51:38 +00:00
Mark Andrews
d4c7754f14 1979. [port] linux: allow named to drop core after changing 
user ids. [RT #15753]
 2006-02-02 23:37:59 +00:00
Mark Andrews
0c3fa5d938 1977. [bug] Silence noisy log message. [RT #15704] 2006-02-02 22:52:57 +00:00
Mark Andrews
deaa25fd63 update copyright notice 2006-01-27 23:57:45 +00:00
Mark Andrews
65fdd79a50 1973. [func] TSIG HMACSHA1, HMACSHA224, HMACSHA256, HMACSHA384 and 
HMACSHA512 support. [RT #13606]
 2006-01-27 02:50:51 +00:00
Mark Andrews
e9726c25ba regen 2006-01-18 04:59:11 +00:00
Mark Andrews
1d23449b0b update copyright notice 2006-01-17 23:49:31 +00:00
Mark Andrews
73e8579252 regen 2006-01-17 02:14:43 +00:00
Mark Andrews
f84d9b582b xref named.conf(5) 2006-01-16 23:59:51 +00:00
Mark Andrews
df6f75f878 regen 2006-01-06 01:48:04 +00:00
Mark Andrews
76f6d0382a 1964. [func] Seperate out MX and SRV to CNAME checks. [RT #15723] 2006-01-06 00:10:00 +00:00
Mark Andrews
586f82c999 update copyright notice 2006-01-06 00:01:43 +00:00
Mark Andrews
dbf2a22cda 1962. [bug] Named failed to clear old update-policy when it 
was removed. [RT #15491]
 2006-01-05 03:38:28 +00:00
Mark Andrews
d71329a7df 1960. [bug] Update code should set NSEC ttls from SOA MINIMUM. 
[RT #15465]
 2006-01-05 03:21:54 +00:00
Mark Andrews
ff3b707f8a 1959. [func] Control the zeroing of the negative response TTL to 
a soa query.  Defaults "zero-no-soa-ttl yes;" and
                        "zero-no-soa-ttl-cache no;". [RT #15460]
 2006-01-05 02:24:27 +00:00
Mark Andrews
84df135b2b fixed typos in error messages 2006-01-05 01:41:28 +00:00
Mark Andrews
48d9f5bdaa inclu1954. [func] Named now falls back to advertising EDNS with a 
512 byte receive buffer if the initial EDNS queries
                        fail.  [RT #14852]

1953.   [func]          The maximum EDNS UDP response named will send can
                        now be set in named.conf (max-udp-size).  This is
                        independent of the advertised receive buffer
                        (edns-udp-size). [RT #14852]
 2006-01-05 00:10:44 +00:00
Mark Andrews
e770e36d60 update copyright notice 2006-01-04 23:50:23 +00:00
Mark Andrews
821c84f2e0 1951. [security] Drop queries from particular well known ports. 
Don't return FORMERR to queries from particular
                        well known ports.  [RT #15636]
 2006-01-04 05:13:43 +00:00
Mark Andrews
9114d9ae77 1949. [func] Addition memory leakage checks. [RT #15544] 2006-01-04 03:20:27 +00:00
Mark Andrews
f53e702b25 1947. [func] It is now possible to configure named to accept 
expired RRSIGs.  Default "dnssec-accept-expired no;".
                        Setting "dnssec-accept-expired yes;" leaves named
                        vulnerable to replay attacks.  [RT #14685]
 2006-01-04 02:58:42 +00:00
Mark Andrews
3c8367a203 1940. [bug] Fixed a number of error conditions reported by 
Coverity.
 2005-11-30 03:44:39 +00:00
Mark Andrews
52fa04c198 1935. [bug] 'acache' was DO sensitive. [RT #15430] 
1934.   [func]          Validate pending NS RRsets, in the authority section,
                        prior to returning them if it can be done without
                        requiring DNSKEYs to be fetched.  [RT #15430]
 2005-11-02 01:37:35 +00:00
Mark Andrews
60d1171ac5 1931. [bug] Per-client mctx could require a huge amount of memory, 
particularly for a busy caching server. [RT #15519]
 2005-10-16 23:29:38 +00:00
Mark Andrews
4edafbbd51 1930. [port] HPUX: ia64 support. [RT #15473] 
1929.   [port]          FreeBSD: extend use of PTHREAD_SCOPE_SYSTEM.
 2005-10-14 01:28:24 +00:00
Mark Andrews
4361c20d0f regen 2005-10-13 02:53:16 +00:00