ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
23,255 Commits 589 Branches 805 Tags
1abf2013437460b50a94dcbafb97d214bf07cfd8
Commit Graph

6945 Commits

Author SHA1 Message Date
Tinderbox User
1abf201343 regen v9_10 2015-07-10 01:08:50 +00:00
Tinderbox User
a704920204 update copyright notice / whitespace 2015-07-09 23:45:51 +00:00
Evan Hunt
46d8fe1bb5 [v9_10] Merge branch 'v9_10' of ssh://repo/proj/git/prod/bind9 into v9_10 2015-07-08 22:56:22 -07:00
Evan Hunt
83d0b1ab69 [v9_10] DDoS mitigation features 
3938.	[func]		Added quotas to be used in recursive resolvers
			that are under high query load for names in zones
			whose authoritative servers are nonresponsive or
			are experiencing a denial of service attack.

			- "fetches-per-server" limits the number of
			  simultaneous queries that can be sent to any
			  single authoritative server.  The configured
			  value is a starting point; it is automatically
			  adjusted downward if the server is partially or
			  completely non-responsive. The algorithm used to
			  adjust the quota can be configured via the
			  "fetch-quota-params" option.
			- "fetches-per-zone" limits the number of
			  simultaneous queries that can be sent for names
			  within a single domain.  (Note: Unlike
			  "fetches-per-server", this value is not
			  self-tuning.)
			- New stats counters have been added to count
			  queries spilled due to these quotas.

			These options are not available by default;
			use "configure --enable-fetchlimit" (or
			--enable-developer) to include them in the build.

			See the ARM for details of these options. [RT #37125]
 2015-07-08 22:55:31 -07:00
Mark Andrews
3794ab5cd0 add comment about +trace and @server 
(cherry picked from commit 2561b2dd84)
 2015-07-09 12:12:30 +10:00
Mark Andrews
15a8195c7a 4159. [cleanup] Alphabetize dig's help output. [RT #39966] 2015-07-08 09:35:28 +10:00
Mark Andrews
2addc50960 4159. [cleanup] Alphabetize dig's help output. [RT #39966] 2015-07-08 09:14:01 +10:00
Mark Andrews
bb7971417a 4157. [protocol] Update experimental SIT code to use the EDNS COOKIE 
option code point (10).  This is the minimal change
                        required to use the new code point. [RT #39928]
 2015-07-07 15:43:04 +10:00
Mark Andrews
a9557c404e 4154. [bug] A OPT record should be included with the FORMERR 
response when there is a malformed EDNS option.
                        [RT #39647]

4153.   [bug]           Dig should zero non significant +subnet bits.  Check
                        that non significant ECS bits are zero on receipt.
                        [RT #39647]

(cherry picked from commit 3e33f4198d)
 2015-07-06 13:47:17 +10:00
Tinderbox User
c838ed659d update copyright notice / whitespace 2015-06-29 23:45:48 +00:00
Mukund Sivaraman
f69f188b90 Fix a bug printing zone names with '/' character in XML and JSON stats (#39873) 
(cherry picked from commit 08f0129732)

Conflicts:
	bin/tests/system/statistics/clean.sh
 2015-06-29 18:46:36 +05:30
Mark Andrews
a6f608404f 4147. [bug] Filter-aaaa / filter-aaaa-on-v4 / filter-aaaa-on-v6 
was returning referrals rather than nodata responses
                        when the AAAA records were filtered.  [RT #39843]

(cherry picked from commit 4a61eae651)
 2015-06-29 15:49:12 +10:00
Tinderbox User
c53e425c7a update copyright notice / whitespace 2015-06-23 23:45:47 +00:00
Mukund Sivaraman
8134e7662e Fix parsing of NZFs saved by rndc addzone with view specified (#39845) 
(cherry picked from commit 0439bfedd9)

Conflicts:
	bin/named/server.c
	bin/tests/system/addzone/tests.sh
 2015-06-23 14:57:20 +05:30
Mukund Sivaraman
17bb17af46 Print unsigned values for serial, etc. in rndc zonestatus output (#39854) 
(cherry picked from commit b4e114e3cd)

Conflicts:
	CHANGES
	bin/named/server.c
 2015-06-23 14:09:47 +05:30
Tinderbox User
102554f26f update copyright notice / whitespace 2015-06-12 23:45:59 +00:00
Witold Krecicki
e71cc07e40 rndc reconfig reports configuration errors the same way rndc reload does [RT #39635] 2015-06-12 11:08:21 +02:00
Evan Hunt
2e398e72f0 [v9_10] log outdated rpz settings regardless of enable-querytrace 2015-06-10 10:23:32 -07:00
Evan Hunt
34d5a93026 [v9_10] rpz_ver check was ineffective 2015-06-09 15:06:00 -07:00
Tinderbox User
3851d4137f regen v9_10 2015-06-05 01:08:54 +00:00
Mark Andrews
9cc1d6b878 4133. [port] Update how various json libraries are handled. 
[RT #39646]

(cherry picked from commit 8a9bac8dec)
 2015-06-05 10:17:10 +10:00
Evan Hunt
7438bd16de [v9_10] dig option cleanups 
4132.	[cleanup]	dig: added +rd as a synonym for +recurse,
			added +class as an unabbreviated alternative
			to +cl. [RT #39686]
 2015-06-04 08:55:50 -07:00
Evan Hunt
f89d03dc9e [v9_10] further RPZ fixes 
4131.	[bug]		Addressed further problems with reloading RPZ
			zones. [RT #39649]
 2015-06-03 18:19:19 -07:00
Mark Andrews
858eccb37e unlock T4_mx 
(cherry picked from commit b704d25ff3)
 2015-05-30 17:54:52 +10:00
Mark Andrews
a17d59f11e use sed as tail -n +# is not portable 
(cherry picked from commit 8c74b6a9a1)
 2015-05-30 11:06:12 +10:00
Tinderbox User
2ce9b9310a regen v9_10 2015-05-29 01:08:42 +00:00
Tinderbox User
b3623d80ab update copyright notice / whitespace 2015-05-28 23:45:50 +00:00
Mark Andrews
c9ca5e3c87 4128. [bug] Address issues raised by Coverity 7.6. [RT #39537] 
(cherry picked from commit e53e202ef3)
 2015-05-28 13:17:24 +10:00
Mark Andrews
ff3e305deb link against ISC_OPENSSL_LIBS 
(cherry picked from commit 52a487f71a)
 2015-05-28 11:10:45 +10:00
Tinderbox User
1d6dbadbc4 regen v9_10 2015-05-28 01:08:38 +00:00
Tinderbox User
41cb49b786 update copyright notice / whitespace 2015-05-27 23:45:52 +00:00
Mark Andrews
d8161b8756 4127. [protocol] CDS and CDNSKEY need to be signed by the key signing 
key as per RFC 7344, Section 4.1. [RT #37215]

(cherry picked from commit 598b502695)
 2015-05-27 15:36:55 +10:00
Evan Hunt
a6a15bb069 [v9_10] address regression 
4126.	[bug]		Addressed a regression introduced in change #4121.
			[RT #39611]
 2015-05-26 19:11:54 -07:00
Mark Andrews
82d3668faa add -P and -T to help 
(cherry picked from commit 91d3c63ca7)
 2015-05-27 10:57:27 +10:00
Tinderbox User
ecd3e9bc2b update copyright notice / whitespace 2015-05-24 23:45:47 +00:00
Evan Hunt
07858b945b [v9_10] +ednsneg needs to be specified in 9.10 2015-05-23 23:39:10 -07:00
Mark Andrews
bacb1197f5 don't include <isc/print.h> 
(cherry picked from commit cb9b145f39)
 2015-05-24 13:02:19 +10:00
Tinderbox User
83a64013b1 update copyright notice / whitespace 2015-05-23 23:46:59 +00:00
Mark Andrews
8b7a1fe06c specfiy where libisc is 
(cherry picked from commit c907e7b512e88b641595d514790e2b41575f149e)
 2015-05-24 06:02:59 +10:00
Mark Andrews
66a3ccec36 link against ISCLIBS 
(cherry picked from commit e6e7de5cda)
 2015-05-24 05:43:03 +10:00
Francis Dupont
1db36edf82 added print.h includes 2015-05-23 14:46:47 +02:00
Tinderbox User
5fd8115e3f regen v9_10 2015-05-23 01:09:48 +00:00
Tinderbox User
3f319600ef update copyright notice / whitespace 2015-05-22 23:45:52 +00:00
Evan Hunt
b24278173d [v9_10] fix tags 2015-05-21 18:28:38 -07:00
Tinderbox User
1b9f989cae update copyright notice / whitespace 2015-05-21 23:45:59 +00:00
Mukund Sivaraman
765bcb44ac Fix RPZ radix tree search() for CLIENT-IP triggers (#39481) 
(cherry picked from commit 705cea35a8)
 2015-05-21 11:17:58 +05:30
Mark Andrews
70f9dd4bec disable edns negotiation in dig for BIND 9.10 2015-05-21 12:23:04 +10:00
Mark Andrews
105720bad6 3993. [func] Dig now supports EDNS negotiation by default. 
(dig +[no]ednsnegotiation). [RT #37604]

(cherry picked from commit 0f5144163c)
 2015-05-21 11:45:56 +10:00
Mark Andrews
449b5bdc99 3951. [func] Add the ability to set yet-to-be-defined EDNS flags 
to dig (+ednsflags=#). [RT #37142]

(cherry picked from commit 3867312e4c)
 2015-05-21 11:22:36 +10:00
Mark Andrews
8a089c3007 add +ednsopt to -h output 
(cherry picked from commit ccaee7760f)
 2015-05-21 11:12:39 +10:00