3445. [bug] Reject zone files with blank owner names immediately
after $ORIGIN directives. [RT #31848]
(cherry picked from commit 3ad3e9c948)
(cherry picked from commit cdea02bf60)
Squashed commit of the following:
commit 7ad3daade513c94a1c92ee7c91c112f161d13ef4
Author: Mark Andrews <marka@isc.org>
Date: Mon Dec 3 15:03:44 2012 +1100
look at the second token to determine if a TXT record in of unknown format or not
commit 7df32138462646f6aee84ffa56d02ac24ec8d672
Author: Mark Andrews <marka@isc.org>
Date: Mon Dec 3 12:42:18 2012 +1100
'"\#"' was incorrectly being treated as a unknown data escape sequence.
3402. [bug] Correct interface numbers for IPv4 and IPv6 interfaces.
(cherry picked from commit 0e37e9e3d7)
(cherry picked from commit 152c393671)
(cherry picked from commit ab9d2ca4dd)
3329. [bug] Handle RRSIG signer-name case consistently: We
generate RRSIG records with the signer-name in
lower case. We accept them with any case, but if
they fail to validate, we try again in lower case.
[RT #27451]
task per 100 zones at startup time. (The
BIND9_ZONE_TASKS_HINT environment variable
which was established as a temporary measure
in change #3132 is no longer needed or
used.) [rt25541]
negative-cache records rather than using rrtype 0;
this will prevent problems when that rrtype is
used in actual DNS packets. [RT #24777]
3123. [security] Change #2912 exposed a latent flaw in
dns_rdataset_totext() that could cause named to
crash with an assertion failure. [RT #24777]
increment the reference count.
Note: dns_tsigkey_createfromkey() callers should now
always call dst_key_free() rather than setting it
to NULL on success. [RT #22672]
- added LRU expiration for generated TSIGs
- added the ability to use a non-default realm
- added new "realm" keyword in nsupdate
- limited lifetime of generated keys to 1 hour
or the lifetime of the context (whichever is
smaller)
[RT #19737]
