Mark Andrews
baef0ca988
4889. [func] Warn about the use of old root keys without the new
...
root key being present. Warn about dlv.isc.org's
key being present. Warn about both managed and
trusted root keys being present. [RT #43670 ]
2018-02-09 12:04:45 +11:00
Tinderbox User
02ce048c91
update copyright notice / whitespace
2018-02-08 23:46:17 +00:00
Mark Andrews
ecf6dcc5c6
[master] fix rpzrecurse test on windows
...
4887. [test] Enable the rpzrecurse test to run on Windows.
[RT #47093 ]
2018-02-08 13:28:40 -08:00
Tinderbox User
2fac9b0be6
update copyright notice / whitespace
2018-02-07 23:45:53 +00:00
Mark Andrews
ec771bbdc8
4885. [security] update-policy rules that otherwise ignore the name
...
field now require that it be set to "." to ensure
that any type list present is properly interpreted.
[RT #47126 ]
2018-02-07 13:34:02 +11:00
Michał Kępień
af1937c35a
[master] Prevent crashing due to a race during server shutdown
...
4884. [bug] named could crash on shutdown due to a race between
shutdown_server() and ns__client_request(). [RT #47120 ]
2018-02-05 20:24:14 +01:00
Tinderbox User
6b83f7aa82
regen master
2018-01-23 00:38:08 +00:00
Tinderbox User
3fda67b596
update copyright notice / whitespace
2018-01-22 23:46:02 +00:00
Evan Hunt
129c4414cb
[master] automatically generate named.conf grammars for the ARM
...
4873. [doc] Grammars for named.conf included in the ARM are now
automatically generated by the configuration parser
itself. As a side effect of the work needed to
separate zone type grammars from each other, this
also makes checking of zone statements in
named-checkconf more correct and consistent.
[RT #36957 ]
2018-01-22 11:06:32 -08:00
Evan Hunt
cf8f4241e7
[master] normalize rndc on/off commands
...
4867. [cleanup] Normalize rndc on/off commands (validation,
querylog, serve-stale) so they all accept the
same synonyms for on/off (yes/no, true/false,
enable/disable). Thanks to Tony Finch. [RT #47022 ]
2018-01-18 10:50:13 -08:00
Michał Kępień
ae51a676c9
[master] Ensure all master definitions in a catalog zone contain an IP address
...
4864. [bug] named acting as a slave for a catalog zone crashed if
the latter contained a master definition without an IP
address. [RT #45999 ]
2018-01-15 20:50:09 +01:00
Tinderbox User
a280a7871d
update copyright notice / whitespace
2018-01-03 23:45:29 +00:00
Mark Andrews
0b27aa0712
4856. [bug] 'rndc zonestatus' reported the wrong underlying type
...
for a inline slave zone. [RT #46875 ]
2018-01-04 10:10:05 +11:00
Mark Andrews
9bec7facfb
4850. [bug] Named failed to restart with multiple added zones in
...
lmdb database. [RT #46889 ]
2017-12-27 16:24:33 +11:00
Mark Andrews
2d7f89b9c7
4849. [bug] Duplicate zones could appear in the .nzf file if
...
addzone failed. [RT #46435 ]
2017-12-20 17:13:58 +11:00
Evan Hunt
6b2e5cd28c
[master] fixed ixfr-from-difference error in previous commit
2017-12-15 10:01:07 -08:00
Evan Hunt
79c2400d91
[master] allow primary/secondary as synonyms for master/slave
...
4848. [func] Zone types "primary" and "secondary" can now be used
as synonyms for "master" and "slave" in named.conf.
[RT #46713 ]
2017-12-15 01:47:05 -08:00
Evan Hunt
f29ca5db28
[master] fix incorrect comment
2017-11-30 13:35:20 -08:00
Evan Hunt
e197a2bd15
[master] fix "allow-transfer" inheritance and clean up ACL configuration
...
4836. [bug] Zones created using "rndc addzone" could
temporarily fail to inherit an "allow-transfer"
ACL that had been configured in the options
statement. [RT #46603 ]
2017-11-30 12:37:08 -08:00
Michał Kępień
2c20fc0d13
[master] Fix LMDB support on OpenBSD; clean up and refactor LMDB-related code
...
4835. [cleanup] Clean up and refactor LMDB-related code. [RT #46718 ]
4834. [port] Fix LMDB support on OpenBSD. [RT #46718 ]
2017-11-30 14:34:04 +01:00
Michał Kępień
40a90fbf89
[master] Do not use thread-local storage for storing LMDB reader locktable slots
...
4828. [bug] Do not use thread-local storage for storing LMDB reader
locktable slots. [RT #46556 ]
2017-11-27 09:48:10 +01:00
Michał Kępień
a573b93b46
[master] Disable parallel make inside bin/confgen/ and bin/named/
...
4826. [cleanup] Prevent potential build failures in bin/confgen/ and
bin/named/ when using parallel make. [RT #46648 ]
2017-11-23 11:44:33 +01:00
Mark Andrews
78e1d7cdde
style
2017-11-23 16:09:27 +11:00
Michał Kępień
7a0188774f
[master] Stabilize logfileconfig system test
...
4818. [test] The logfileconfig system test could intermittently
report false negatives on some platforms. [RT #46615 ]
2017-11-16 08:06:57 +01:00
Michał Kępień
312c84c73a
[master] Minor improvements to code handling managed keys
...
4812. [bug] Minor improvements to stability and consistency of code
handling managed keys. [RT #46468 ]
2017-11-09 15:18:39 +01:00
Mukund Sivaraman
7e1df5182c
[master] isc_rng_randombytes()
...
4807. [cleanup] isc_rng_randombytes() returns a specified number of
bytes from the PRNG; this is now used instead of
calling isc_rng_random() multiple times. [RT #46230 ]
2017-11-06 10:44:37 -08:00
Evan Hunt
9bb007fd2d
[master] "zoneload" logging category
...
4806. [func] Log messages related to loading of zones are now
directed to the "zoneload" logging category.
[RT #41640 ]
2017-11-01 22:48:12 -07:00
Mark Andrews
ff30290b48
4804. [port] win32: access() does not work on directories as
...
required by POSIX. Supply a alternative in
isc_file_isdirwritable. [RT #46394 ]
2017-11-01 09:29:24 +11:00
Mark Andrews
f5e1b555c5
4801. [func] 'dnssec-lookaside auto;' and 'dnssec-lookaside .
...
trust-anchor dlv.isc.org;' now elicit warnings rather
than being fatal configuration errors. [RT #46410 ]
2017-10-30 07:40:59 +11:00
Mukund Sivaraman
625f656aa8
When processing delzone, write one zone config per line to the NZF ( #46323 )
2017-10-29 07:40:20 +05:30
Evan Hunt
8f532a13cb
[master] update xsl version number
2017-10-27 19:19:04 -07:00
Evan Hunt
c9f8165a06
[master] tag initializing keys
...
4798. [func] Keys specified in "managed-keys" statements
are tagged as "initializing" until they have been
updated by a key refresh query. If initialization
fails it will be visible from "rndc secroots".
[RT #46267 ]
2017-10-27 15:49:44 -07:00
Brian Conry
864bc6b56e
[master] Increase the maximum TCP keepalive timeout to 65535
...
4796. [bug] Increase the maximum configurable TCP keepalive
timeout to 65535. [RT #44710 ]
2017-10-27 14:58:48 +02:00
Evan Hunt
06049b1c6c
[master] stats counter for priming queries
...
4795. [func] A new statistics counter has been added to track
priming queries. [RT #46313 ]
2017-10-26 21:38:43 -07:00
Evan Hunt
eb2ef7b53e
[master] check new-zones-directory
...
4789. [cleanup] Check writability of new-zones-directory. [RT #46308 ]
2017-10-25 01:19:46 -07:00
Evan Hunt
65314b0fd8
[master] "enable-filter-aaaa" no longer optional
...
4786. [func] The "filter-aaaa-on-v4" and "filter-aaaa-on-v6"
options are no longer conditionally compiled.
[RT #46340 ]
2017-10-25 00:33:51 -07:00
Evan Hunt
89636d8f30
[master] clean up a redundancy
...
4777. [cleanup] Removed a redundant call to configure_view_acl().
[RT #46369 ]
2017-10-23 11:11:19 -07:00
Mark Andrews
fe79e2efbf
4774. [bug] <isc/util.h> was incorrectly included in several
...
header files. [RT #46311 ]
2017-10-19 12:26:32 +11:00
Evan Hunt
3abcd7cd8a
[master] Revert "[master] tag initializing keys so they can't be used for normal validation"
...
This reverts commit 560d8b833e
2017-10-12 10:53:35 -07:00
Evan Hunt
560d8b833e
[master] tag initializing keys so they can't be used for normal validation
...
4773. [bug] Keys specified in "managed-keys" statements
can now only be used when validating key refresh
queries during initialization of RFC 5011 key
maintenance. If initialization fails, DNSSEC
validation of normal queries will also fail.
Previously, validation of normal queries could
succeed using the initializing key, potentially
masking problems with managed-keys. [RT #46077 ]
2017-10-11 21:01:13 -07:00
Evan Hunt
9f1e715a64
[master] X_OK bit not supported on windows
2017-10-11 17:43:16 -07:00
Evan Hunt
94f022ec02
[master] fix AFL compile error
2017-10-11 15:26:35 -07:00
Ondřej Surý
1ca7e01aa7
[master] make writable directory and managed-keys directory mandatory - check in load_configuration (cherry-picked from rt46077b)
2017-10-11 08:44:26 +02:00
Evan Hunt
16d6fab2e5
[master] make writable directory and managed-keys directory mandatory
...
4769. [bug] The working directory and managed-keys directory has
to be writeable (and seekable). [RT #46077 ]
2017-10-11 08:21:23 +02:00
Mark Andrews
23a4f70be0
remove unused variable
2017-10-10 20:02:35 +11:00
Tinderbox User
005bdf067b
regen master
2017-10-10 01:08:02 +00:00
Evan Hunt
c89f1bf1b6
[master] turn off memory fill by default
...
4768. [func] By default, memory is no longer filled with tag values
when it is allocated or freed; this improves
performance but makes debugging of certain memory
issues more difficult. "named -M fill" turns memory
filling back on. (Building "configure
--enable-developer", turns memory fill on by
default again; it can then be disabled with
"named -M nofill".) [RT #45123 ]
2017-10-09 09:55:37 -07:00
Michał Kępień
077f9626c2
[master] Add isc_buffer_printf()
...
4767. [func] Add a new function, isc_buffer_printf(), which can be
used to append a formatted string to the used region of
a buffer. [RT #46201 ]
2017-10-09 11:43:07 +02:00
Evan Hunt
995c41e8f0
[master] further restrict update-policy local
...
4762. [func] "update-policy local" is now restricted to updates
from local addresses. (Previously, other addresses
were allowed so long as updates were signed by the
local session key.) [RT #45492 ]
2017-10-06 15:43:31 -07:00
Mukund Sivaraman
a0c408c90d
Add statistics for glue cache usage ( #46028 )
2017-10-06 15:44:37 +05:30
