ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
18,002 Commits 589 Branches 805 Tags
046bc782ab34c4eaff459d5a0d407a3c19e23ee5
Commit Graph

2144 Commits

Author SHA1 Message Date
Evan Hunt
92f39ccb5b 2930. [experimental] New "rndc addzone" and "rndc delzone" commads 
allow dynamic addition and deletion of zones.
			To enable this feature, specify a "new-zone-file"
			option at the view or options level in named.conf.
			Zone configuration information for the new zones
			will be written into that file.  To make the new
			zones persist after a restart, "include" the file
			into named.conf in the appropriate view.  (Note:
			This feature is not yet documented, and its syntax
			is expected to change.) [RT #19447]
 2010-07-11 00:12:19 +00:00
Automatic Updater
4fe6e5b494 update copyright notice 2010-06-26 23:46:27 +00:00
Mark Andrews
a386cb22a0 add /* NOT DOCUMENTED */ 2010-06-26 00:20:04 +00:00
Mark Andrews
5a7f05ee3c 2925. [bug] Named failed to accept uncachable negative responses 
from insecure zones. [RT# 21555]
 2010-06-25 23:52:09 +00:00
Automatic Updater
c65ab74d31 update copyright notice 2010-06-25 23:46:33 +00:00
Mark Andrews
9777316c64 2924. [func] 'rndc secroots' dump a combined summary of the 
current managed keys combined with trusted keys.
                        [RT #20904]
 2010-06-25 03:51:07 +00:00
Automatic Updater
275c562ce7 update copyright notice 2010-06-22 23:46:34 +00:00
Mark Andrews
13ce1be5d3 2920. [func] Allow 'filter-aaaa-on-v4' to be applied selectively 
to IPv4 clients.  New acl 'filter-aaaa' (default any).
 2010-06-22 04:04:22 +00:00
Automatic Updater
5a74ff52c2 regen 2010-06-21 23:30:24 +00:00
Automatic Updater
c0e2300901 update copyright notice 2010-06-20 23:46:24 +00:00
Automatic Updater
92a43c0ead regen 2010-06-20 23:30:23 +00:00
Mark Andrews
a7b7c601a5 report bind.keys and bindkeys.pl versions in output 2010-06-20 07:36:02 +00:00
Mark Andrews
6cac6ea83b add bind.keys.h dependancy on ${srcdir}/bindkeys.pl 2010-06-20 07:34:54 +00:00
Automatic Updater
0329504246 update copyright notice 2010-05-27 23:49:55 +00:00
Mark Andrews
5cb766e596 line length 2010-05-27 03:27:35 +00:00
Mark Andrews
0517d21ebd 2897. [bug] NSEC3 chains could be left behind when transitioning 
to insecure. [RT #21040]
 2010-05-18 01:40:35 +00:00
Mark Andrews
777d3c3963 silence compiler warning 2010-05-18 00:29:31 +00:00
Automatic Updater
fa3174b8f1 regen v9_7 2010-05-15 02:42:00 +00:00
Automatic Updater
71324ae046 update copyright notice 2010-05-14 23:49:21 +00:00
Mark Andrews
812b6d8d11 2893. [bug] Improve managed keys support. New named.conf option 
managed-keys-directory. [RT #20924]
 2010-05-14 04:49:40 +00:00
Mark Andrews
b756b7d22f 2891. [maint] Update empty-zones list to match 
draft-ietf-dnsop-default-local-zones-13. [RT# 21099]
 2010-05-14 03:32:11 +00:00
Automatic Updater
3fe2c091cc update copyright notice 2010-03-12 23:49:56 +00:00
Mark Andrews
02d3754d1e 2864. [bug] Direct SIG/RRSIG queries were not handled correctly. 
[RT #21050]
 2010-03-12 02:00:58 +00:00
Mark Andrews
2473968416 2956. [bug] named-checkconf did not fail on a bad trusted key. 
[RT #20705]
 2010-03-04 06:19:33 +00:00
Automatic Updater
b1416abab6 update copyright notice 2010-02-26 23:49:47 +00:00
Mark Andrews
46ef4ef03a 2853. [bug] add_sigs() could run out of scratch space. [RT #21015] 2010-02-26 01:50:39 +00:00
Mark Andrews
8a98023414 2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619] 2010-02-25 05:05:09 +00:00
Automatic Updater
55690c7b8d update copyright notice 2010-02-04 23:48:30 +00:00
Mark Andrews
7d47e3d387 2849. [bug] Don't treat errors from the xml2 library as fatal. 
[RT #20945]
 2010-02-04 01:07:32 +00:00
Automatic Updater
74f601e769 update copyright notice 2010-01-13 23:48:20 +00:00
Evan Hunt
96c51eadc9 Commit to v9_7 some changes that had been left out: 
2838.	[bug]		A KSK revoked by named could not be deleted.
			[RT #20881]

2837.	[port]		Prevent Linux spurious warnings about fwrite().
			[RT #20812]
 2010-01-13 19:31:53 +00:00
Tatuya JINMEI 神明達哉
6ca6cc975f 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:33:41 +00:00
Mark Andrews
831bfda9d2 2825. [bug] Changing the setting of OPTOUT in a NSEC3 chain that 
was in the process of being created was not properly
                        recorded in the zone. [RT #20786]
 2009-12-30 03:55:03 +00:00
Mark Andrews
2b662f27f6 2824. [bug] "rndc sign" was not being run by the correct task. 
[RT #20759]
 2009-12-29 22:23:01 +00:00
Evan Hunt
b4df2f48c7 2818. [cleanup] rndc could return an incorrect error code 
when a zone was not found. [RT #20767]
 2009-12-24 00:16:08 +00:00
Evan Hunt
84c9c592f8 2817. [cleanup] Removed unnecessary isc_tasc_endexclusive() calls. 
[RT #20768]
 2009-12-24 00:00:13 +00:00
Evan Hunt
5a33ab5d65 2815. [bug] Exclusively lock the task when freezing a zone. 
[RT #19838]
 2009-12-23 23:33:53 +00:00
Automatic Updater
5470afd66b update copyright notice 2009-12-18 23:48:18 +00:00
Evan Hunt
7290687619 2813. [bug] Better handling of unreadable DNSSEC key files. 
[RT #20710]

2812.	[bug]		Make sure updates can't result in a zone with
			NSEC-only keys and NSEC3 records. [RT 20748]
 2009-12-18 22:13:54 +00:00
Evan Hunt
12178c8652 2805. [bug] Fixed namespace problems encountered when building 
external programs using non-exported BIND9 libraries
			(i.e., built without --enable-exportlib). [RT #20679]
 2009-12-05 23:31:41 +00:00
Mark Andrews
3d17a3ba61 2801. [func] Detect and report records that are different according 
to DNSSEC but are sematically equal according to plain
                        DNS.  Apply plain DNS comparisons rather than DNSSEC
                        comparisons when processing UPDATE requests.
                        dnssec-signzone now removes such semantically duplicate
                        records prior to signing the RRset.

                        named-checkzone -r {ignore|warn|fail} (default warn)
                        named-compilezone -r {ignore|warn|fail} (default warn)

                        named.conf: check-dup-records {ignore|warn|fail};
 2009-12-04 21:09:34 +00:00
Evan Hunt
e438e29354 claried log message when no active private keys are found to use for 
signing. [rt20690]
 2009-12-04 20:32:07 +00:00
Mark Andrews
5d850024cb 2800. [func] Reject zones which have NS records which refer to 
CNAMEs, DNAMEs or don't have address record (class IN
                        only).  Reject UPDATEs which would cause the zone
                        to fail the above checks if committed. [RT #20678]
 2009-12-04 03:33:15 +00:00
Automatic Updater
089c63b69c regen 2009-12-04 01:13:45 +00:00
Automatic Updater
63aeaafd97 update copyright notice 2009-12-03 23:48:22 +00:00
Evan Hunt
8e4f3f1cbc 2799. [cleanup] Changed the "secure-to-insecure" option to 
"dnssec-secure-to-insecure", and "dnskey-ksk-only"
			to "dnssec-dnskey-kskonly", for clarity. [RT #20586]
 2009-12-03 23:18:17 +00:00
Vernon Schryver
5d9922e86f Allow the optional filter-aaaa-on-v4 option in view statements to close #20635 2009-11-28 15:57:37 +00:00
Mark Andrews
d0ca4e90e2 2786. [bug] Additional could be promoted to answer. [RT #20663] 2009-11-25 02:22:05 +00:00
Evan Hunt
d312bc5d81 2785. [bug] Revoked keys could fail to self-sign [RT #20652] 2009-11-24 03:42:32 +00:00
Mark Andrews
dc92707066 2783. [func] Return minimal responses to EDNS/UDP queries with a UDP 
buffer size of 512 or less.  [RT #20654]
 2009-11-24 03:09:57 +00:00