ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
22,038 Commits 589 Branches 805 Tags
1d47cb124d4e32b0d40b95ba907590ae4e9ccba1
Commit Graph

1376 Commits

Author SHA1 Message Date
Evan Hunt
1d47cb124d [v9_9] refactor max-recursion-queries 
- the counters weren't set correctly when fetches timed out.
  instead we now pass down a counter object.

(cherry picked from commit 05e448935c)
(cherry picked from commit 6c049c57d9)
 2014-11-19 18:38:52 -08:00
Tinderbox User
e211a7b798 update copyright notice / whitespace 2014-11-19 23:46:07 +00:00
Evan Hunt
b6ab355aef [v9_9] fix reclimit test (remove servfail-ttl) 2014-11-19 00:15:22 -08:00
Evan Hunt
711e833921 [v9_9] add max-recursion-queries 
also fixes and documentation for max-recursion-depth

(cherry picked from commit c4f54e5bd1)
(cherry picked from commit b3aa528d7e)
 2014-11-18 22:14:55 -08:00
Tinderbox User
dd461ee35b update copyright notice / whitespace 2014-11-18 23:46:09 +00:00
Evan Hunt
603a0e2637 [v9_9] limit recursion depth and iterative queries 
4006.	[security]	A flaw in delegation handling could be exploited
			to put named into an infinite loop.  This has
			been addressed by placing limits on the number
			of levels of recursion named will allow (default 7),
			and the number of iterative queries that it will
			send (default 50) before terminating a recursive
			query (CVE-2014-8500).

			The recursion depth limit is configured via the
			"max-recursion-depth" option.  [RT #35780]
 2014-11-17 23:49:07 -08:00
Tinderbox User
8cf35615f6 update copyright notice 2014-11-05 23:46:03 +00:00
Evan Hunt
b2630b7363 [v9_9] fix nxrrset in nxdomain redirection 
4000.	[bug]		NXDOMAIN redirection incorrectly handled NXRRSET
			from the redirect zone. [RT #37722]

(cherry picked from commit 3cc8c7d630)
(cherry picked from commit 56293cd148)
 2014-11-04 23:54:25 -08:00
Mark Andrews
bb4ef32432 3997. [protocol] Add OPENGPGKEY record. [RT# 37671] 2014-11-04 12:25:38 +11:00
Mark Andrews
bfef33cbe3 3990. [testing] Add tests for unknown DNSSEC algorithm handling. 
[RT #37541]

(cherry picked from commit a5c7cfbac4)
 2014-10-30 11:22:17 +11:00
Tinderbox User
bf2b88607b update copyright notice 2014-10-20 23:46:18 +00:00
Mark Andrews
f2b44f6586 3981. [bug] Cache DS/NXDOMAIN independently of other query types. 
[RT #37467]

(cherry picked from commit 72775a79fe)
 2014-10-18 13:10:16 +11:00
Mark Andrews
8b5f53534c allow for the set of ttls to be empty 
(cherry picked from commit 44ef2206d7)
 2014-10-16 14:47:11 +11:00
Mark Andrews
7d00852591 make test more robust in the face of server failures 2014-10-16 12:34:36 +11:00
Mark Andrews
53373a6929 3971. [bug] Reduce the cascasding failures due to a bad $TTL line 
in named-checkconf / named-checkzone. [RT #37138]

(cherry picked from commit c81d56c03e)
 2014-10-05 08:30:37 +11:00
Mark Andrews
cbe35320bf verifying inline zones work with views requires crypto to be configured 2014-10-04 18:08:53 +10:00
Evan Hunt
d1beb33058 [v9_9] remove clone tests from the views system test: inapplicable in 9.9 2014-10-03 07:22:55 -07:00
Tinderbox User
3c516868aa update copyright notice 2014-10-02 23:46:10 +00:00
Mark Andrews
e232d15075 3967. [test] Add test for inlined signed zone in multiple views 
with different DNSKEY sets. [RT #35759]

(cherry picked from commit b24061719c)
 2014-10-03 08:01:54 +10:00
Mark Andrews
302455db78 SIG(0) update forwarding testing requires crypto be configured 
(cherry picked from commit a837c939c4)
 2014-10-02 11:08:02 +10:00
Tinderbox User
aaa24cf075 update copyright notice 2014-09-30 23:47:13 +00:00
Mark Andrews
650404030c 3961. [bug] Forwarding of SIG(0) signed UPDATE messages failed with 
BADSIG.  [RT #37216]

(cherry picked from commit a6869655d6)
 2014-10-01 07:43:17 +10:00
Mark Andrews
57acbfc9c7 3960. [bug] 'dig +sigchase' could loop forever. [RT #37220] 
(cherry picked from commit c83b91fb63)
 2014-10-01 07:18:49 +10:00
Tinderbox User
141adfd898 update copyright notice 2014-09-29 23:46:13 +00:00
Mark Andrews
8f050179ef use RANDFILE rather than /dev/urandom 
(cherry picked from commit 4bc581ca31)
 2014-09-29 23:39:30 +10:00
Mark Andrews
332652409f 3958. [bug] Detect when writeable files have multiple references 
in named.conf. [RT #37172]

(cherry picked from commit 386d6c08167bc048dfd20e3bba051a5f9d3cc545)
 2014-09-29 11:32:52 +10:00
Mark Andrews
0ae15932ae 3957. [bug] "dnssec-keygen -S" failed for ECCGOST, ECDSAP256SHA256 
and ECDSAP384SHA384. [RT #37183]

(cherry picked from commit 80169c379d)
 2014-09-29 10:27:24 +10:00
Mark Andrews
bb2451e0e1 3953. [bug] Don't escape semi-colon in TXT fields. [RT #37159] 
(cherry picked from commit 9a36fb86f5)
 2014-09-27 12:14:57 +10:00
Mark Andrews
288be32d30 give the nameserver a little longer to response 
(cherry picked from commit 06e28e50bd)
 2014-09-18 10:10:05 +10:00
Tinderbox User
e438b6de1e update copyright notice 2014-09-05 23:46:22 +00:00
Evan Hunt
039e58e905 [v9_9] [rt37057] server-id tests 
3944.	[test]		Added a regression test for "server-id". [RT #37057]

(cherry picked from commit c9e976dc43)
(cherry picked from commit 9f6a6d24dc)
 2014-09-05 10:12:28 -07:00
Mark Andrews
d2ac59302c 3942. [bug] Wildcard responses from a optout range should be 
marked as insecure. [RT #37072]
 2014-09-04 13:59:50 +10:00
Evan Hunt
17d84b0ec9 [v9_9] check correctly for duplicate zone error message 2014-09-03 12:58:43 -07:00
Mark Andrews
42b68f99bc update-copyrights 2014-08-29 10:18:38 +10:00
Evan Hunt
d5669ee77c [v9_9] fixes to checkconf test, HIP casecompare 
3933.	[bug]		Corrected the implementation of dns_rdata_casecompare()
			for the HIP rdata type.  [RT #36911]

3932.	[test]		Improved named-checkconf tests. [RT #36911]

(cherry picked from commit 0c2313eb36)
 2014-08-27 21:37:40 -07:00
Tinderbox User
d840bfefa8 update copyright notice 2014-08-23 23:46:05 +00:00
Tinderbox User
9b86fb9fda update copyright notice 2014-08-22 23:46:15 +00:00
Evan Hunt
2df405f519 [v9_9] add to rndc test 
3928.	[test]		Improve rndc system test. [RT #36898]

(cherry picked from commit 2401ee51d83a4cd9101398f30679fa4e6046c582)
(cherry picked from commit 06677f0b08e789ca91e59a5eed42605c16f28531)
 2014-08-22 16:40:59 -07:00
Mark Andrews
007ef6f18e 3925. [bug] DS lookup of RFC 1918 empty zones failed. [RT #36917 
(cherry picked from commit 840d6a4614)
 2014-08-22 16:33:11 +10:00
Mark Andrews
fb7f157cd8 3921. [bug] AD was inappopriately set on RPZ responses. [RT #36833] 
(cherry picked from commit cef76ee5bd)
(cherry picked from commit 0597c5fd5e)
 2014-08-22 15:46:54 +10:00
Tinderbox User
7c39d7ea4c update copyright notice 2014-08-21 23:46:04 +00:00
Mark Andrews
966b901a67 3917. [bug] dig, nslookup and host now continue on names that are 
too long after applying a search list elements.
                        [RT #36892]
 2014-08-21 18:09:27 +10:00
Tinderbox User
d0e76c0f42 update copyright notice 2014-08-07 23:46:01 +00:00
Evan Hunt
09c788d707 [v9_9] [36737] allow zero-length URI and CAA fields 
3914.	[bug]		Allow the URI target and CAA value fields to
			be zero length. [RT #36737]

(cherry picked from commit cfe32752a6)
(cherry picked from commit a766d4c1d2)
 2014-08-06 17:41:33 -07:00
Tinderbox User
e009a733fa update copyright notice 2014-08-02 23:46:02 +00:00
Mark Andrews
13ffd78910 3908. [bug] rndc now differentiates between a zone in multiple 
views and a zone that doesn't exist at all. [RT #36691]

(cherry picked from commit c38341ec43)
 2014-08-02 15:09:03 +10:00
Mark Andrews
752a82533e adjust stats numbers 
(cherry picked from commit efab32b289)
 2014-07-31 14:45:36 +10:00
Tinderbox User
ea2a029ec8 update copyright notice 2014-07-29 23:46:00 +00:00
Evan Hunt
001e08f10d [v9_9] add CAA rdata support 
3056.	[protocol]	Added support for CAA record type (RFC 6844).
			[RT #36625]

(cherry picked from commit eb898fa698)
 2014-07-29 08:41:23 -07:00
Mark Andrews
2e921e858e 3899. [bug] "request-ixfr" is only applicable to slave and redirect 
zones. [RT #36608]

(cherry picked from commit 275a8affe7)
 2014-07-25 14:25:46 +10:00