ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
24,602 Commits 589 Branches 805 Tags
2c00a11db3e577fefce3c5d384db99a924bf518b
Commit Graph

6417 Commits

Author SHA1 Message Date
Evan Hunt
f9d1853c6b [v9_10] complete change #4643 2017-06-28 09:12:09 -07:00
Tinderbox User
f1862f0c15 update copyright notice / whitespace 2017-06-27 23:46:46 +00:00
Evan Hunt
2437eaa744 [v9_10] fix API ranges (170-179 was used for two branches) 2017-06-27 12:22:11 -07:00
Evan Hunt
88dc9d367d [v9_10] address TSIG bypass/forgery vulnerabilities 
4643.	[security]	An error in TSIG handling could permit unauthorized
			zone transfers or zone updates. (CVE-2017-3142)
			(CVE-2017-3143) [RT #45383]

(cherry picked from commit 581c1526ab)
(cherry picked from commit a03f4b1ea4)
 2017-06-27 11:40:31 -07:00
Evan Hunt
a71114e8bd [v9_10] enhanced rfc 5011 logging 
4642.	[cleanup]	Add more logging of RFC 5011 events affecting the
			status of managed keys: newly observed keys,
			deletion of revoked keys, etc. [RT #45354]

(cherry picked from commit 0d90835d2a)
 2017-06-27 10:50:54 -07:00
Mark Andrews
6ff47b9e98 update api for 9.10.6b1 2017-06-26 12:56:10 +10:00
Tinderbox User
0e24f61207 update copyright notice / whitespace 2017-06-02 23:45:59 +00:00
Mark Andrews
3f4dafe57d 4633. [maint] Updated AAAA (2001:500:200::b) for B.ROOT-SERVERS.NET. 
(cherry picked from commit 9c179a5607)
 2017-06-02 11:49:01 +10:00
Tinderbox User
8c2c69a9df update copyright notice / whitespace 2017-05-30 23:46:35 +00:00
Mark Andrews
b9892c25c9 4629. [bug] dns_client_startupdate could not be called with a 
running client. [RT #45277]

(cherry picked from commit e51d62ecae)
 2017-05-30 09:51:34 +10:00
Tinderbox User
3911051cf3 update copyright notice / whitespace 2017-05-11 23:46:25 +00:00
Mark Andrews
5049d09bca 4624. [bug] Check isc_mem_strdup results in dns_view_setnewzones. 
[RT #45210]
 2017-05-11 20:31:03 +10:00
Mark Andrews
1afc9714cc 4622. [bug] Remove unnecessary escaping of semicolon in CAA and 
URI records. [RT #45216]

(cherry picked from commit 1611ceb8b2)
 2017-05-11 10:58:10 +10:00
Tinderbox User
765287a19c update copyright notice / whitespace 2017-05-10 23:46:25 +00:00
Mark Andrews
81d4efc918 4621. [port] Force alignment of oid arrays to silence loader 
warnings. [RT #45131]

(cherry picked from commit 2fb1a0bdef)
 2017-05-11 09:25:07 +10:00
Tinderbox User
e0615b47c2 update copyright notice / whitespace 2017-05-02 23:46:45 +00:00
Mark Andrews
ad32220fa8 4615. [bug] AD could be set on truncated answer with no records 
present in the answer and authority sections.
                        [RT #45140]

(cherry picked from commit 33e94f501f)
 2017-05-03 07:52:08 +10:00
Tinderbox User
67e24d0890 update copyright notice / whitespace 2017-04-28 23:46:21 +00:00
Mark Andrews
ba75c654a0 silence 'may be used uninitialized' warning. [RT #45139] 
(cherry picked from commit d1554926d0)
 2017-04-28 11:02:19 +10:00
Mark Andrews
fbb9d55479 add mark_stale_header and rbtdb_zero_header defines 2017-04-27 12:53:20 +10:00
Tinderbox User
06391274be update copyright notice / whitespace 2017-04-24 23:46:31 +00:00
Evan Hunt
7e5ab67300 [v9_10] allow parallel make 
4609.	[cleanup]	Rearrange makefiles to enable parallel execution
			(i.e. "make -j"). [RT #45078]
 2017-04-23 23:04:46 -07:00
Tinderbox User
4ea8c7b6f4 update copyright notice / whitespace 2017-04-23 23:46:24 +00:00
Evan Hunt
e27dfe5a6c [v9_10] openssl backward compatibility fix 
4604.	[bug]		Don't use ERR_load_crypto_strings() when building
			with OpenSSL 1.1.0. [RT #45117]

(cherry picked from commit 4c31eda5e1)
 2017-04-21 18:56:33 -07:00
Mukund Sivaraman
2540059b7b Reject incorrect RSA key lengths during key generation and and sign/verify context creation (#45043) 
(cherry picked from commit 239e9dc81c)
(cherry picked from commit 264e17e739)
 2017-04-21 19:06:04 +05:30
Mukund Sivaraman
3f8245a08f Adjust RPZ trigger counts only when the entry being deleted exists (#43386) 
(cherry picked from commit f23c10f925)
(cherry picked from commit 9a8b2b3ab3)
 2017-04-21 17:18:35 +05:30
Mukund Sivaraman
fb5c4bc94c Fix inconsistencies in inline signing time comparisons (#42112) 
(cherry picked from commit 4176d278e2)
(cherry picked from commit eeb16584fb)
 2017-04-21 16:46:13 +05:30
Mukund Sivaraman
4ab28446c1 Ignore SHA-1 DS digest type when SHA-384 DS digest type is present (#45017) 
(cherry picked from commit 5d01eab088)
(cherry picked from commit 9540b42695)
 2017-04-21 16:21:49 +05:30
Evan Hunt
70590c691b [v9_10] fix dispatch.c shutdown race 
4952.	[bug]		A race condition on shutdown could trigger an
			assertion failure in dispatch.c. [RT #43822]

(cherry picked from commit 019132b70c)
 2017-04-20 17:42:03 -07:00
Tinderbox User
24c84fa6aa update copyright notice / whitespace 2017-04-20 23:46:37 +00:00
Mark Andrews
0580a56901 4587. [bug] named-checkzone failed to handle occulted data below 
DNAMEs correctly. [RT #44877]

(cherry picked from commit 600b027731)
 2017-04-20 13:30:26 +10:00
Mark Andrews
28c8b282dd 4585. [port] win32: Set CompileAS value. [RT #42474] 
(cherry picked from commit 3742338a7b)
 2017-04-20 12:43:17 +10:00
Mark Andrews
fc945cbc44 4584. [bug] A number of memory usage statistics were not properly 
reported when they exceeded 4G.  [RT #44750]

(cherry picked from commit ddac00e3e0)
 2017-04-20 10:23:06 +10:00
Mark Andrews
7ab9e8e007 4580. [bug] 4578 introduced a regression when handling CNAME to 
referral below the current domain. [RT #44850]

(cherry picked from commit 638c7c635d)
 2017-03-14 15:15:08 +11:00
Mark Andrews
6841d7b854 Reimplement: 
4578.   [security]      Some chaining (CNAME or DNAME) responses to upstream
                        queries could trigger assertion failures.
                        (CVE-2017-3137) [RT #44734]

(cherry picked from commit f240f4a5de)
 2017-03-01 12:02:45 +11:00
Evan Hunt
69fd759b4a [v9_10] remove unnecessary INSIST and prep 9.10.5rc2 
4578.	[security]	Some chaining (CNAME or DNAME) responses to upstream
			queries could trigger assertion failures.
			(CVE-2017-3137) [RT #44734]

(cherry picked from commit a1365a0042)
(cherry picked from commit 559cbe04e7)
 2017-02-23 15:01:30 -08:00
Mark Andrews
3c14e3c7b5 explicitly cast to (unsigned int) 2017-02-20 17:07:16 +11:00
Mark Andrews
9998a15284 explictly cast to isc_stdtime_t 2017-02-20 16:57:09 +11:00
Mark Andrews
a71d773a3d api numbers clashed between 9.10 and 9.11; record ranges; account for -P's 2017-02-16 11:52:20 +11:00
Evan Hunt
0f3d3f825f [v9_10] prep 9.10.5rc1 2017-02-04 22:33:09 -08:00
Mark Andrews
6d93a4e91a remove outdated cvs $Id strings 2017-02-03 18:41:40 +11:00
Tinderbox User
91b32fb6d9 update copyright notice / whitespace 2017-02-02 23:47:12 +00:00
Mark Andrews
3f5f6afbd9 4563. [bug] Modified zones would occasionally fail to reload. 
[RT #39424]

(cherry picked from commit dfe3068ef3)
 2017-02-02 17:14:23 +11:00
Evan Hunt
fc5e144446 [v9_10] Squashed commit of the following: 
4561.	[port]		Silence a warning in strict C99 compilers. [RT #44414]

(cherry picked from commit 6cb5e36ca3)
 2017-02-01 17:31:29 -08:00
Tinderbox User
89abe04af5 update copyright notice / whitespace 2017-01-31 23:46:51 +00:00
Evan Hunt
5eca4fc646 [v9_10] address portability issues 
(cherry picked from commit a2bd99a959)
 2017-01-30 16:52:37 -08:00
Mark Andrews
6106ed6841 add a REQUIRE to catch the NULL pointer dereference that triggered CVE-2017-3135 
(cherry picked from commit 1d8995d226)
 2017-01-31 11:21:18 +11:00
Evan Hunt
a5a7e48035 [v9_10] change 4558 was incomplete 
(cherry picked from commit cd668ea57f)
 2017-01-30 14:11:25 -08:00
Tinderbox User
562244d395 update copyright notice / whitespace 2017-01-24 23:46:25 +00:00
Mark Andrews
f7903e4bcc 4560. [bug] mdig: add -m option to enable memory debugging rather 
than have in on all the time. [RT #44509]

4559.   [bug]           Openssl_link.c didn't compile if ISC_MEM_TRACKLINES
                        was turned off.  [RT #44509]

(cherry picked from commit 25da687db7)
 2017-01-24 17:50:06 +11:00