ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
18,026 Commits 589 Branches 805 Tags
231b76cdd4e80af90ac5804a3ddf7aaa5940903c
Commit Graph

1761 Commits

Author SHA1 Message Date
Automatic Updater
3da57cdb40 update copyright notice 2010-11-17 23:46:16 +00:00
Mark Andrews
7aa6ebb714 convert to 9.6 syntax 2010-11-17 10:45:39 +00:00
Mark Andrews
cd833194c6 covert to 9.6 syntax 2010-11-17 10:33:23 +00:00
Mark Andrews
f815515b20 2969. [security] Fix acl type processing so that allow-query works 
in options and view statements.  Also add a new
                        set of tests to verify proper functioning.
                        [RT #22418]
 2010-11-16 22:42:09 +00:00
Mark Andrews
5e0523fc23 2970. [security] Adding a NO DATA negative cache entry failed to clear 
any matching RRSIG records.  A subsequent lookup of
                        of NO DATA cache entry could trigger a INSIST when the
                        unexpected RRSIG was also returned with the NO DATA
                        cache entry.  [RT #22288]
 2010-11-16 07:46:23 +00:00
Mark Andrews
795f1f2db0 2968. [security] Named could fail to prove a data set was insecure 
before marking it as insecure.  One set of conditions
                        that can trigger this occurs naturally when rolling
                        DNSKEY algorithms.  [RT #22309]
 2010-11-16 01:48:32 +00:00
Mark Andrews
687f3d28c2 dnssec-keygen doesn't support -q in 9.6.x 2010-09-07 02:06:00 +00:00
Mark Andrews
279fa6e621 2951. [bug] named failed to generate a correct signed response 
in a optout, delegation only zone with no secure
                        delegations. [RT #22007]
 2010-09-07 01:15:55 +00:00
Automatic Updater
3c55d1319d update copyright notice 2010-09-06 23:46:30 +00:00
Mark Andrews
2fc748be4d test that all 7 interfaces are up 2010-09-06 02:05:02 +00:00
Automatic Updater
5cab9cc0ce update copyright notice 2010-08-13 23:46:11 +00:00
Mark Andrews
c44bb94bc8 2940. [func] Check that named successfully skips NSEC3 records 
that fail to match the NSEC3PARAM record currently
                        in use. [RT# 21868]
 2010-08-13 07:25:22 +00:00
Mark Andrews
cdb5f33baf check that we have non-cachable answers to test against 
match the dig.out.ns#.$n to the nameserver
 2010-06-28 01:43:01 +00:00
Automatic Updater
e0d80dbc1d update copyright notice 2010-06-26 23:46:15 +00:00
Mark Andrews
7a2f2d9ba0 cvs rdiff -r1.2931.2.271 -r1.2931.2.272 bind9/CHANGES 
cvs rdiff -r1.166.34.3 -r1.166.34.4 bind9/bin/named/main.c
cvs rdiff -r1.313.20.18 -r1.313.20.19 bind9/bin/named/query.c
cvs rdiff -r1.80 -r1.80.12.1 bind9/bin/named/include/named/globals.h
cvs rdiff -r1.13 -r1.13.176.1 bind9/bin/tests/system/start.pl
cvs rdiff -r1.53.48.7 -r1.53.48.8 bind9/bin/tests/system/dnssec/tests.sh
cvs rdiff -r1.13 -r1.13.48.1 \
    bind9/bin/tests/system/dnssec/ns3/secure.example.db.in
cvs rdiff -r1.3 -r1.3.48.1 bind9/bin/tests/system/dnssec/ns7/named.conf
cvs rdiff -r0 -r1.2.4.2 bind9/bin/tests/system/dnssec/ns7/named.nosoa \
    bind9/bin/tests/system/dnssec/ns7/nosoa.secure.example.db
cvs rdiff -r1.164.12.21 -r1.164.12.22 bind9/lib/dns/validator.c
 2010-06-26 00:02:45 +00:00
Automatic Updater
90de0c8201 update copyright notice 2010-05-19 09:32:03 +00:00
Mark Andrews
b24553b060 2900. [bug] The placeholder negative caching element was not 
properly constructed triggering a INSIST in
                        dns_ncache_towire(). [RT #21346]
 2010-05-19 06:56:01 +00:00
Automatic Updater
9feb8eda57 update copyright notice 2010-01-15 23:47:34 +00:00
Evan Hunt
cab45cd588 missed adding these files in earlier commit 2010-01-15 21:17:41 +00:00
Evan Hunt
3f39cbcc76 2838. [func] Backport support for SHA-2 DNSSEC algorithms, 
RSASHA256 and RSASHA512, from BIND 9.7.  (This
			incorporates changes 2726 and 2738 from that
			release branch.) [RT #20871]
 2010-01-15 19:38:54 +00:00
Automatic Updater
d889e9701a update copyright notice 2010-01-11 23:47:22 +00:00
Francis Dupont
6720b9fe94 Prevent Linux spurious warnings about fwrite(). [RT #20812] 2010-01-11 11:02:32 +00:00
Automatic Updater
c91b60a119 update copyright notice 2010-01-07 23:47:36 +00:00
Evan Hunt
0f83518a99 2831. [security] Do not attempt to validate or cache 
out-of-bailiwick data returned with a secure
			answer; it must be re-fetched from its original
			source and validated in that context. [RT #20819]
 2010-01-07 17:49:01 +00:00
cvs2git
8fd7205f18 This commit was manufactured by cvs2git to create branch 'v9_6'. 2010-01-07 16:48:28 +00:00
Evan Hunt
597642c0ba 2831. [security] Do not attempt to validate or cache 
out-of-bailiwick data returned with a secure
			answer; it must be re-fetched from its original
			source and validated in that context. [RT #20819]
 2010-01-07 16:48:23 +00:00
Automatic Updater
ef413fafe5 update copyright notice 2009-12-30 23:47:31 +00:00
Tatuya JINMEI 神明達哉
450c3bb498 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:34:30 +00:00
cvs2git
9b4b69eac1 This commit was manufactured by cvs2git to create branch 'v9_6'. 2009-12-30 08:02:37 +00:00
Tatuya JINMEI 神明達哉
d8680445d6 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:02:23 +00:00
Evan Hunt
f766024a27 change all keys from rsasha1 to nsec3rsasha1 so that the nsec->nsec3 
transitions work correctly.  (they worked before, but weren't supposed
to; when that bug was fixed, the test broke.)
 2009-12-19 17:30:31 +00:00
Automatic Updater
8b82c01d74 update copyright notice 2009-12-06 23:48:29 +00:00
Evan Hunt
0d796b1aaa improve cleanup and add named.run to .cvsignore files 2009-12-06 03:04:39 +00:00
Evan Hunt
12178c8652 2805. [bug] Fixed namespace problems encountered when building 
external programs using non-exported BIND9 libraries
			(i.e., built without --enable-exportlib). [RT #20679]
 2009-12-05 23:31:41 +00:00
Automatic Updater
4b6dc226f7 update copyright notice 2009-12-04 22:06:37 +00:00
Mark Andrews
5d850024cb 2800. [func] Reject zones which have NS records which refer to 
CNAMEs, DNAMEs or don't have address record (class IN
                        only).  Reject UPDATEs which would cause the zone
                        to fail the above checks if committed. [RT #20678]
 2009-12-04 03:33:15 +00:00
Mark Andrews
b695e0159a add copyright 2009-12-03 04:52:37 +00:00
Mark Andrews
ecbbb29519 add copyright 2009-12-03 04:51:41 +00:00
Evan Hunt
6a4d6e3379 adapted to the special needs of solaris's really old awk 2009-12-02 17:54:45 +00:00
Evan Hunt
095810f8cb fixed autosign/metadata brokenness on solaris [rt20685] 2009-12-02 05:42:15 +00:00
Automatic Updater
ffd297db79 update copyright notice 2009-11-30 23:48:02 +00:00
Evan Hunt
7511904837 add cvsignore files 2009-11-30 21:03:17 +00:00
Evan Hunt
75b8de8787 Create automatic tests "autosign" and "metadata". [rt19946] 2009-11-30 21:00:48 +00:00
Mark Andrews
702ca0b0a8 remove 'set -x' 2009-11-25 20:51:05 +00:00
Mark Andrews
78b3284647 adjust dnssec-keygen command line to that supported before 9.7 2009-11-25 20:50:25 +00:00
Mark Andrews
e1fc4161d1 fix genrandom location 2009-11-25 13:41:19 +00:00
Automatic Updater
fe2b9bf570 update copyright notice 2009-11-18 23:48:07 +00:00
Automatic Updater
8b39e41b24 update copyright notice 2009-11-18 23:47:24 +00:00
Mark Andrews
e7f4d4e09d 2772. [security] When validating, track whether pending data was from 
the additional section or not and only return it if
                        validates as secure. [RT #20438]
 2009-11-18 00:15:38 +00:00
cvs2git
38637a6e1d This commit was manufactured by cvs2git to create branch 'v9_6'. 2009-11-17 23:55:20 +00:00