ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
18,002 Commits 589 Branches 805 Tags
046bc782ab34c4eaff459d5a0d407a3c19e23ee5
Commit Graph

576 Commits

Author SHA1 Message Date
Automatic Updater
4a885f26a0 update copyright notice 2010-06-03 23:49:23 +00:00
Mark Andrews
b42093b971 2911. [bug] dnssec-signzone didn't handle out of zone records well. 
[RT #21367]
 2010-06-03 03:32:25 +00:00
Automatic Updater
7fad6b61d2 regen v9_7 2010-05-18 04:04:36 +00:00
Automatic Updater
435add4fdd update copyright notice 2010-05-06 23:49:37 +00:00
Mark Andrews
1c21efedfe 2880. [cleanup] Make the output of dnssec-keygen and dnssec-revoke 
consistent. [RT #21078]
 2010-05-06 05:32:56 +00:00
Automatic Updater
7b2366db70 regen v9_7 2010-03-10 02:41:46 +00:00
Mark Andrews
261995c57e 2861. [doc] dnssec-settime man pages didn't correctly document the 
inactivation time. [RT #21039]

2860.   [bug]           named-checkconf's usage was out of date. [RT #21039]
 2010-03-09 03:40:01 +00:00
Automatic Updater
6a2827695a regen 2010-02-04 02:08:20 +00:00
Automatic Updater
91bb55c45d update copyright notice 2010-02-03 23:48:29 +00:00
Automatic Updater
85166e0140 regen 2010-02-03 02:08:11 +00:00
Evan Hunt
46b40010ae 2847. [cleanup] Corrected usage message in dnssec-settime. [RT #20921] 2010-02-03 01:02:17 +00:00
Automatic Updater
451cd3395a regen 2010-01-20 02:08:51 +00:00
Automatic Updater
3c7ee580d8 update copyright notice 2010-01-19 23:48:13 +00:00
Evan Hunt
5cd5eceba0 2842. [func] Prevent dnssec-keygen and dnssec-keyfromlabel from 
creating key files if there is a chance that the new
			key ID will collide with an existing one after
			either of the keys has been revoked.  (To override
			this in the case of dnssec-keyfromlabel, use the -y
			option.  dnssec-keygen will simply create a
			different, noncolliding key, so an override is
			not necessary.) [RT #20838]
 2010-01-19 20:25:49 +00:00
Evan Hunt
96c51eadc9 Commit to v9_7 some changes that had been left out: 
2838.	[bug]		A KSK revoked by named could not be deleted.
			[RT #20881]

2837.	[port]		Prevent Linux spurious warnings about fwrite().
			[RT #20812]
 2010-01-13 19:31:53 +00:00
Automatic Updater
ed0fd28aff update copyright notice 2010-01-07 23:48:16 +00:00
Evan Hunt
b916fd3d7f 2833. [cleanup] Fix usage messages in dnssec-keygen and dnssec-settime. 
[RT #20851]
 2010-01-07 19:16:30 +00:00
Automatic Updater
f9d193397a update copyright notice 2010-01-06 23:48:07 +00:00
Evan Hunt
5337c00cbb fix spacing 2010-01-06 00:53:56 +00:00
Automatic Updater
0d12fdeb7c update copyright notice 2010-01-05 23:47:58 +00:00
Evan Hunt
bd41f944d4 missing newline in dnssec-signzone usage 2010-01-05 15:32:15 +00:00
Automatic Updater
5470afd66b update copyright notice 2009-12-18 23:48:18 +00:00
Evan Hunt
d1ebdb2de9 2809. [cleanup] Restored accidentally-deleted text in usage output 
in dnssec-settime and dnssec-revoke [RT #20739]
 2009-12-18 07:48:37 +00:00
Evan Hunt
12178c8652 2805. [bug] Fixed namespace problems encountered when building 
external programs using non-exported BIND9 libraries
			(i.e., built without --enable-exportlib). [RT #20679]
 2009-12-05 23:31:41 +00:00
Automatic Updater
4b6dc226f7 update copyright notice 2009-12-04 22:06:37 +00:00
Mark Andrews
3d17a3ba61 2801. [func] Detect and report records that are different according 
to DNSSEC but are sematically equal according to plain
                        DNS.  Apply plain DNS comparisons rather than DNSSEC
                        comparisons when processing UPDATE requests.
                        dnssec-signzone now removes such semantically duplicate
                        records prior to signing the RRset.

                        named-checkzone -r {ignore|warn|fail} (default warn)
                        named-compilezone -r {ignore|warn|fail} (default warn)

                        named.conf: check-dup-records {ignore|warn|fail};
 2009-12-04 21:09:34 +00:00
Automatic Updater
089c63b69c regen 2009-12-04 01:13:45 +00:00
Evan Hunt
8e4f3f1cbc 2799. [cleanup] Changed the "secure-to-insecure" option to 
"dnssec-secure-to-insecure", and "dnskey-ksk-only"
			to "dnssec-dnskey-kskonly", for clarity. [RT #20586]
 2009-12-03 23:18:17 +00:00
Mark Andrews
4bf4beede2 silence compiler warnings 2009-11-25 23:00:32 +00:00
Evan Hunt
ce3b2c5189 2788. [bug] dnssec-signzone could sign with keys that were 
not requested [RT #20625]
 2009-11-25 03:17:11 +00:00
Evan Hunt
d312bc5d81 2785. [bug] Revoked keys could fail to self-sign [RT #20652] 2009-11-24 03:42:32 +00:00
Evan Hunt
cef109efa7 2780. [bug] dnssec-keygen -A none didn't properly unset the 
activation date in all cases. [RT #20648]

2779.	[bug]		Dynamic key revokation could fail. [RT #20644]

2778.	[bug]		dnssec-signzone could fail when a key was revoked
			without deleting the unrevoked version. [RT #20638]
 2009-11-23 02:55:41 +00:00
Francis Dupont
1cd538c051 20643: RSASHA2 NSEC3 compatible in dnssec-keyfromlabel 2009-11-21 17:54:09 +00:00
Evan Hunt
00295e0650 2768. [bug] dnssec-signzone: -S no longer implies -g [RT #20568] 2009-11-16 04:27:44 +00:00
Evan Hunt
6f6f08b7a4 2751. [bug] Fixed a memory leak in dnssec-keyfromlabel. [RT #20588] 2009-11-06 01:06:38 +00:00
Automatic Updater
64affc54f9 regen 2009-11-03 21:59:04 +00:00
Evan Hunt
f80b665135 fix typo: s/pcks11/pkcs11/ 2009-11-03 21:44:46 +00:00
Mark Andrews
2162c1ed3d add missing period 2009-11-03 01:31:17 +00:00
Automatic Updater
575e15fed9 regen 2009-10-28 01:14:38 +00:00
Mark Andrews
c6d2578fd6 2741. [func] Allow the dnssec-keygen progress messages to be 
suppressed (dnssec-keygen -q).  Automatically
                        suppress the progress messages when stdin is not
                        a tty. [RT #20474]
 2009-10-28 00:27:10 +00:00
Evan Hunt
e3b59e4af7 Minor cleanup in dnssec-* tools 2009-10-27 18:56:49 +00:00
Mark Andrews
63d5a6f680 2736. [func] Improve the performance of NSEC signed zones with 
more than a normal amount of glue below a delegation.
                        [RT #20191]
 2009-10-27 04:46:58 +00:00
Evan Hunt
e8831e51c1 2735. [bug] dnssec-signzone could fail to read keys 
that were specified on the command line with
			full paths, but weren't in the current
			directory. [RT #20421]
 2009-10-27 03:59:45 +00:00
Automatic Updater
5f744ebbdc update copyright notice 2009-10-26 23:47:35 +00:00
Evan Hunt
c021499604 2731. [func] Additional work on change 2709. The key parser 
will now ignore unrecognized fields when the
			minor version number of the private key format
			has been increased.  It will reject any key with
			the major version number increased. [RT #20310]
 2009-10-26 21:18:24 +00:00
Francis Dupont
775a8d86d9 keygen progress indication [RT #20284] 2009-10-24 09:46:19 +00:00
Evan Hunt
8f0502e922 2728. [bug] dnssec-keygen, dnssec-keyfromlabel and 
dnssec-signzone now warn immediately if asked to
			write into a nonexistent directory. [RT #20278]
 2009-10-24 00:00:06 +00:00
Automatic Updater
8e821eea5f regen 2009-10-23 01:14:48 +00:00
Evan Hunt
cc6cddfd94 2726. [func] Added support for SHA-2 DNSSEC algorithms, 
RSASHA256 and RSASHA512. [RT #20023]
 2009-10-22 02:21:31 +00:00
Automatic Updater
5a24d24c8f regen 2009-10-17 01:14:35 +00:00