ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
18,708 Commits 589 Branches 805 Tags
2a6d60615cf07b164533dbb6bb1dce84ed2d037d
Commit Graph

5519 Commits

Author SHA1 Message Date
Evan Hunt
2a6d60615c Fixed an nsupdate test error 2011-06-09 00:15:05 +00:00
Evan Hunt
6de9744cf9 3124. [bug] Use an rdataset attribute flag to indicate 
negative-cache records rather than using rrtype 0;
			this will prevent problems when that rrtype is
			used in actual DNS packets. [RT #24777]

3123.	[security]	Change #2912 exposed a latent flaw in
			dns_rdataset_totext() that could cause named to
			crash with an assertion failure. [RT #24777]
 2011-06-08 22:13:51 +00:00
Scott Mann
07797bfb1f fix RT 24561 2011-06-07 01:45:38 +00:00
Evan Hunt
6b95b91c61 3122. [cleanup] dnssec-settime: corrected usage message. [RT #24664] 2011-06-02 20:24:45 +00:00
Mark Andrews
ec564e401a add debugging output on test failure 2011-05-31 13:52:06 +00:00
Mark Andrews
ae0691566a date +%s is not portable, use perl -e 'print time();', Adjust messages 2011-05-30 22:32:06 +00:00
Scott Mann
5588b32695 This is a workaround fix for a problem in Solaris 10 (specifically on thing1) 
for which a root cause has not yet been found. RT #24561.
 2011-05-30 15:13:49 +00:00
Mark Andrews
fe8572e116 The old active key could be deleted before the "former standby key has now 
signed fully" ran causing it to fail.  Delay the deletion by 10 seconds.
 2011-05-30 07:25:19 +00:00
Automatic Updater
6406d6507a update copyright notice 2011-05-26 23:47:28 +00:00
Mark Andrews
ea82782532 3120. [bug] Named could fail to validate zones list in a DLV 
that validated insecure without using DLV and had
                        DS records in the parent zone. [RT #24631]
 2011-05-26 04:35:02 +00:00
Evan Hunt
0245f7725c 3118. [bug] When rolling to a new DNSSEC key, a private-type 
record could be created and never marked complete.
			[RT #23253]
 2011-05-26 04:25:47 +00:00
Automatic Updater
00678e367d update copyright notice 2011-05-25 23:47:16 +00:00
Mark Andrews
021bc5b3cc add DRUZ zone with DS records 2011-05-25 01:06:56 +00:00
Evan Hunt
47e70d820e 3118. [bug] nsupdate could dump core on shutdown when using 
SIG(0) keys. [RT #24604]
 2011-05-23 22:25:32 +00:00
Evan Hunt
bfe32d08c5 3116. [func] New 'dnssec-update-mode' option controls updates 
of DNSSEC records in signed dynamic zones.  Set to
			'no-resign' to disable automatic RRSIG regeneration
			while retaining the ability to sign new or changed
			data. [RT #24533]
 2011-05-23 20:10:03 +00:00
Evan Hunt
fc6364bf24 expiring.example.db.in was left out when committing rt23136 to HEAD 2011-05-21 15:07:10 +00:00
Mark Andrews
c0984ac8bd 3115. [bug] Named could fail to return requested data when 
following a CNAME that points into the same zone.
                        [RT #2445]
 2011-05-20 05:09:30 +00:00
Scott Mann
a50ce0f80b Fix for RT #23136 task 1. 2011-05-19 00:31:57 +00:00
Automatic Updater
d9c707589a regen HEAD 2011-05-09 01:14:47 +00:00
Mark Andrews
789875a1bd named.conf copyrights 2011-05-08 07:12:48 +00:00
Automatic Updater
25db028666 update copyright notice 2011-05-07 23:47:28 +00:00
Evan Hunt
de7df3e56f 3111. [bug] Improved consistency checks for dnssec-enable and 
dnssec-validation, added test cases to the
                        checkconf system test. [RT #24398]
 2011-05-07 05:55:17 +00:00
Evan Hunt
be84733145 3110. [bug] dnssec-signzone: Wrong error message could appear 
when attempting to sign with no KSK. [RT #24369]
 2011-05-07 00:31:13 +00:00
Automatic Updater
40717638fa update copyright notice 2011-05-06 23:47:29 +00:00
Evan Hunt
ac21f918f2 3109. [func] The also-notify option now uses the same syntax 
as a zone's masters clause.  This means it is
			now possible to specify a TSIG key to use when
			sending notifies to a given server, or to include
			an explicit named masters list in an also-notfiy
			statement.  [RT #23508]
 2011-05-06 21:23:51 +00:00
Evan Hunt
485522d7e1 3108. [cleanup] dnssec-signzone: Clarified some error and 
warning messages; removed #ifdef ALLOW_KSKLESS_ZONES
			code (use -P instead). [RT #20852]

3107.	[bug]		dnssec-signzone: Report the correct number of ZSKs
			when using -x. [RT #20852]
 2011-05-06 21:08:33 +00:00
Automatic Updater
a30e1b26b4 update copyright notice 2011-05-05 23:47:17 +00:00
Mark Andrews
fe646be4b7 set/reset client->signer. change 3106 used it before it was set 2011-05-05 23:44:52 +00:00
Scott Mann
b2b3209149 added g 2011-05-05 23:15:56 +00:00
Scott Mann
101e493844 remove trailing whitespace from pid (RT 24388) 2011-05-05 23:10:24 +00:00
Scott Mann
58d7c91b65 remove trailing newline from pid (RT #24388) 2011-05-05 22:56:55 +00:00
Evan Hunt
9eea4c5cbd 3106. [func] When logging client requests, include the name of 
the TSIG key if any. [RT #23619]
 2011-05-05 20:04:24 +00:00
Evan Hunt
d454a60f56 3103. [bug] Configuring 'dnssec-validation auto' in a view 
instead of in the options statement could trigger
			an assertion failure in named-checkconf. [RT #24382]
 2011-05-05 16:13:35 +00:00
Mark Andrews
83bf223210 explictly kill the process if the server fails to start, check for a non zero length pid file 2011-05-05 04:47:45 +00:00
Mark Andrews
46d3c6cf40 grep was not precise enough leading to test failure 2011-05-03 16:07:44 +00:00
Mark Andrews
f1d4986b83 treat asb(x) < 500ms as 0 2011-05-02 23:56:59 +00:00
Mark Andrews
65043f48f2 force numeric comparision 2011-05-02 05:05:05 +00:00
Mark Andrews
07907fa31a handle end of day 2011-05-02 01:35:04 +00:00
Mark Andrews
bbf46f1aa2 fix expression 2011-05-01 21:36:33 +00:00
Mark Andrews
f83682f368 awk -v is not portable, add floating point arithmetic effects 2011-05-01 11:29:20 +00:00
Automatic Updater
54968ae88e update copyright notice 2011-04-29 23:47:18 +00:00
Evan Hunt
39f2d1a96a 3102. [func] New 'dnssec-loadkeys-interval' option configures 
how often, in minutes, to check the key repository
			for updates when using automatic key maintenance.
			Default is every 60 minutes (formerly hard-coded
			to 12 hours). [RT #23744]

3101.	[bug]		Zones using automatic key maintenance could fail
			to check the key repository for updates. [RT #23744]
 2011-04-29 21:37:15 +00:00
Automatic Updater
46ce2f7b60 update copyright notice 2011-04-27 23:47:26 +00:00
Evan Hunt
76db58eb81 3100. [security] Certain response policy zone configurations could 
trigger an INSIST when receiving a query of type
			RRSIG. [RT #24280]
 2011-04-27 17:46:47 +00:00
Automatic Updater
7021f2faa0 update copyright notice 2011-04-19 23:47:52 +00:00
Evan Hunt
7a2173839c 3099. [test] "dlz" system test now runs but gives R:SKIPPED if 
not compiled with --with-dlz-filesystem.  [RT #24146]

3098.	[bug]		DLZ zones were answering without setting the AA bit.
			[RT #24146]
 2011-04-19 22:30:52 +00:00
Evan Hunt
c92122485d 3097. [test] Add a tool to test handling of malformed packets. 
[RT #24096]
 2011-04-15 01:02:08 +00:00
Scott Mann
c7e1812d02 a few more "--with-gssapi" as default fixes to correct problems on test 
systems
 2011-04-05 19:16:54 +00:00
Scott Mann
80593d9802 one character typo. 2011-04-05 16:10:39 +00:00
Evan Hunt
4e5fc672bc Corrected a bug in the dnssec test introduced in change #3046. 2011-03-31 15:58:51 +00:00