ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
16,154 Commits 589 Branches 805 Tags
2bee3c2e705cdcc969cfcf5e9fda817563c19449
Commit Graph

4699 Commits

Author SHA1 Message Date
Mark Andrews
97a2451eea 2653. [bug] Treat ENGINE_load_private_key() failures as key 
not found rather than out of memory.  [RT #18033]
 2009-08-18 07:45:14 +00:00
Evan Hunt
ddc225b15d 2651. [bug] Dates could print incorrectly in K*.key files on 
64-bit systems. [RT #20076]
 2009-08-14 06:28:40 +00:00
Automatic Updater
1f5dc0fc22 update copyright notice 2009-08-13 07:14:05 +00:00
Mark Andrews
bcd0cbfdae 2649. [bug] Set the domain for forward only zones. [RT #19944] 2009-08-13 04:33:51 +00:00
Mark Andrews
8cff1a894f 2647. [bug] Remove unnecessary SOA updates when a new KSK is 
added. [RT #19913]
 2009-08-13 02:53:01 +00:00
Evan Hunt
a3288b425a 2642. [bug] nsupdate could dump core on solaris when reading 
improperly formatted key files.  [RT #20015]
 2009-07-29 23:45:24 +00:00
Mark Andrews
6a1a8186af 2638. [bug] Silence compiler warnings in gssapi code. [RT #19954] 2009-07-21 06:53:09 +00:00
Mark Andrews
f1de96a386 char mechbuf[17] -> unsigned char mechbuf[17] 2009-07-20 01:55:37 +00:00
Automatic Updater
26d8ffe715 update copyright notice 2009-07-19 23:47:55 +00:00
Evan Hunt
b1fa84a099 win32 build fixes 2009-07-19 04:50:15 +00:00
Evan Hunt
553ead32ff 2636. [func] Simplify zone signing and key maintenance with the 
dnssec-* tools.  Major changes:
			- all dnssec-* tools now take a -K option to
			  specify a directory in which key files will be
			  stored
			- DNSSEC can now store metadata indicating when
			  they are scheduled to be published, acttivated,
			  revoked or removed; these values can be set by
			  dnssec-keygen or overwritten by the new
			  dnssec-settime command
			- dnssec-signzone -S (for "smart") option reads key
			  metadata and uses it to determine automatically
			  which keys to publish to the zone, use for
			  signing, revoke, or remove from the zone
			[RT #19816]
 2009-07-19 04:18:05 +00:00
Automatic Updater
4a979d3577 update copyright notice 2009-07-17 23:47:41 +00:00
Evan Hunt
aeff7de836 2634. [port] win32: Add support for libxml2, enable 
statschannel. [RT #19773]
 2009-07-17 06:25:45 +00:00
Automatic Updater
fd4dcaddae update copyright notice 2009-07-13 23:47:42 +00:00
Evan Hunt
943cbe8ae5 2627. [bug] Named aborted if the same key was included in 
trusted-keys more than once. [RT #19918]
 2009-07-13 21:53:03 +00:00
Evan Hunt
ef370118d5 2626. [bug] Multiple trusted-keys could trigger an assertion 
failure. [RT #19914]
 2009-07-13 21:49:57 +00:00
Mark Andrews
5b7525f51f 2625. [bug] Missing UNLOCK in rbtdb.c. [RT #19865] 2009-07-13 07:03:47 +00:00
Mark Andrews
6d5852f318 2623. [bug] Named started seaches for DS non-optimally. [RT #19915] 2009-07-13 06:24:27 +00:00
Automatic Updater
c8da39c6c7 update copyright notice 2009-07-02 23:47:26 +00:00
Mark Andrews
109580e7e5 2920. [bug] Delay thawing the zone until the reload of it has 
completed successfully.  [RT #19750]
 2009-07-02 07:39:03 +00:00
Automatic Updater
c6fb85f950 update copyright notice 2009-07-01 23:47:36 +00:00
Automatic Updater
f66c8eed51 update copyright notice 2009-06-30 23:48:01 +00:00
Evan Hunt
cfb1587eb9 2619. [func] Add support for RFC 5011, automatic trust anchor 
maintenance.  The new "managed-keys" statement can
			be used in place of "trusted-keys" for zones which
			support this protocol.  (Note: this syntax is
			expected to change prior to 9.7.0 final.) [RT #19248]
 2009-06-30 02:53:46 +00:00
Mark Andrews
01dbc4fc00 2618. [bug] The sdb and sdlz db_interator_seek() methods could 
loop infinitely. [RT #19847]
 2009-06-26 06:21:03 +00:00
Evan Hunt
b272d38cc5 2612. [func] Add default values for the arguments to 
dnssec-keygen.  Without arguments, it will now
			generate a 1024-bit RSASHA1 zone-signing key,
			or with the -f KSK option, a 2048-bit RSASHA1
			key-signing key. [RT #19300]

2611.	[func]		Add -l option to dnssec-dsfromkey to generate
			DLV records instead of DS records. [RT #19300]
 2009-06-17 06:51:44 +00:00
Mark Andrews
b577875266 missing line breaks 2009-06-17 04:29:43 +00:00
Automatic Updater
754cb8a2b3 update copyright notice 2009-06-11 23:47:56 +00:00
Evan Hunt
18ad4708eb commit windows build changes needed for DDNS patch 2009-06-10 23:36:57 +00:00
Evan Hunt
351b62535d 2609. [func] Simplify the configuration of dynamic zones: 
- add ddns-confgen command to generate
			  configuration text for named.conf
			- add zone option "ddns-autoconf yes;", which
			  causes named to generate a TSIG session key
			  and allow updates to the zone using that key
			- add '-l' (localhost) option to nsupdate, which
			  causes nsupdate to connect to a locally-running
			  named process using the session key generated
			  by named
			[RT #19284]
 2009-06-10 00:27:22 +00:00
Mark Andrews
afbe695de3 "got insecure response; parent indicates it should be secure" wrongly emitted [RT #19800] 2009-06-09 22:57:09 +00:00
Mark Andrews
3d785d7666 dns_dnssec_selfsigns 2009-06-04 04:58:10 +00:00
Automatic Updater
39844d4710 update copyright notice 2009-06-04 02:56:47 +00:00
Mark Andrews
2534a73a59 2608. [func] Perform post signing verification checks in 
dnssec-signzone.  These can be disabled with -P.

                        The post sign verification test ensures that for each
                        algorithm in use there is at least one non revoked
                        self signed KSK key.  That all revoked KSK keys are
                        self signed.  That all records in the zone are signed
                        by the algorithm.  [RT #19653]
 2009-06-04 02:13:37 +00:00
Mark Andrews
f05a6b110f 2607. [bug] named could incorrectly delete NSEC3 records for 
empty nodes when processing a update request.
                        [RT #19749]
 2009-06-04 01:43:41 +00:00
Automatic Updater
dc0c165ce3 update copyright notice 2009-06-02 23:47:50 +00:00
Mark Andrews
5422cf284f 2605. [bug] Accept DS responses from delegation only zones. 
[RT # 19296]
 2009-06-02 05:51:44 +00:00
Automatic Updater
e6ada020f5 update copyright notice 2009-05-29 23:47:49 +00:00
Tatuya JINMEI 神明達哉
40d0f115a6 2604. [func] Add support for DNS rebinding attack prevention through 
new options, deny-answer-addresses and
			deny-answer-aliases.  Based on contributed code from
			JD Nurmi, Google. [RT #18192]
 2009-05-29 22:22:37 +00:00
Automatic Updater
cc5f9fe224 update copyright notice 2009-05-11 02:38:35 +00:00
Mark Andrews
8a805c9f41 spelling 2009-05-11 02:30:07 +00:00
Mark Andrews
4c2ed3d141 2599. [bug] Address rapid memory growth when validation fails. 
[RT #19654]
 2009-05-11 02:22:03 +00:00
Automatic Updater
54cdd2b307 update copyright notice 2009-05-07 23:47:44 +00:00
Francis Dupont
ff380b05fe comment fixes (rt19624) 2009-05-07 09:41:23 +00:00
Mark Andrews
e7eede965d 2597. [bug] Handle a validation failure with a insecure delegation 
from a NSEC3 signed master/slave zone.  [RT #19464]
 2009-05-07 02:34:19 +00:00
Automatic Updater
7a272c6b0d update copyright notice 2009-05-06 23:47:50 +00:00
Tatuya JINMEI 神明達哉
5d7849ad7f 2596. [bug] Stale tree nodes of cache/dynamic rbtdb could stay 
long, leading to inefficient memory usage or rejecting
			newer cache entries in the worst case. [RT #19563]
 2009-05-06 22:53:54 +00:00
Mark Andrews
d2c115f913 2590. [func] Report zone/class of "diff with no effect". [RT #19542] 2009-04-30 06:53:10 +00:00
Automatic Updater
542b74bec7 update copyright notice 2009-04-29 23:48:02 +00:00
Mark Andrews
f030c71500 2589. [bug] dns_db_unregister() failed to clear '*dbimp'. 
[RT #19626]
 2009-04-29 22:11:34 +00:00
Automatic Updater
d76bbb6c40 update copyright notice 2009-04-28 23:48:01 +00:00