ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
23,654 Commits 589 Branches 805 Tags
33c548251110c6991d017a1e071959972b6664d1
Commit Graph

92 Commits

Author SHA1 Message Date
Mark Andrews
a3b1ba34fb don't mix IPv4 and IPv6 capability bits 
(cherry picked from commit 27deca2bf0)
 2015-12-17 08:27:34 +11:00
Curtis Blackburn
30ef44bbfb [rt41269] additional tests for dig and delv, 
fix for --disable-ipv6 on osx,
              fixes for tests with --disable-ipv6
 2015-12-15 15:18:49 -08:00
Mark Andrews
af503b42d4 4279. [test] Don't use fixed ports when unit testing. [RT #41194] 
(cherry picked from commit 94c7301f6f)
 2015-12-15 12:51:29 +11:00
Evan Hunt
fbf5b36b69 [v9_10] fix python script versions 
4257.	[cleanup]	Python scripts reported incorrect version. [RT #41080]
 2015-11-08 21:36:27 -08:00
Mark Andrews
a1503a1461 0xf5f5f5f5f5f5f5f5 is a LLU 
(cherry picked from commit 7c38fa994b)
 2015-10-30 08:13:42 +11:00
Evan Hunt
db67a07ab8 [v9_10] isc_atomic_storeq()/stats improvements 
4248.	[func]		Add an isc_atomic_storeq() function, use it in
			stats counters to improve performance.
			[RT #39972] [RT #39979]
 2015-10-28 22:19:58 -07:00
Tinderbox User
a793df69e9 update copyright notice / whitespace 2015-10-15 23:45:49 +00:00
Mark Andrews
1237d81417 4238. [bug] Don't send to servers on net zero (0.0.0.0/8). 
[RT #40947]

(cherry picked from commit 6588a2b404)
 2015-10-16 08:07:35 +11:00
Evan Hunt
4d7926b1f3 [v9_10] s/the the/the/ 2015-08-27 14:12:02 -07:00
Tinderbox User
f21b6da8ff update copyright notice / whitespace 2015-08-19 23:45:50 +00:00
Evan Hunt
cd6122b164 [v9_10] timing safe memory comparisons 
4183.	[cleanup]	Use timing-safe memory comparisons in cryptographic
			code. Also, the timing-safe comparison functions have
			been renamed to avoid possible confusion with
			memcmp(). [RT #40148]

(cherry picked from commit 420a43c8d8)
 2015-08-17 18:28:27 -07:00
Mark Andrews
90e4700853 4130. [bug] The compatability shim for *printf() misprinted some 
large numbers. [RT #39586]

(cherry picked from commit 38c19e5779)
 2015-05-29 07:23:50 +10:00
Francis Dupont
1db36edf82 added print.h includes 2015-05-23 14:46:47 +02:00
Tinderbox User
3f319600ef update copyright notice / whitespace 2015-05-22 23:45:52 +00:00
Evan Hunt
54b00a777b [v9_10] add %z format options to printf 
4123.	[port]		Added %z (size_t) format options to the portable
			internal printf/sprintf implementation. [RT #39586]

(cherry picked from commit cadf8d687b)
 2015-05-21 14:55:38 -07:00
Evan Hunt
582bd9d5a4 [v9_10] fixed build errors with libressl 
4088.	[port]		Fixed errors when building with libressl. [RT #38899]
 2015-03-23 13:35:26 -05:00
Tinderbox User
d5bad8c9b9 update copyright notice / whitespace 2015-02-10 23:45:50 +00:00
Evan Hunt
f87d4ca084 [v9_10] 5011 fixes 
4056.	[bug]		Fixed several small bugs in automatic trust anchor
			management, including a memory leak and a possible
			loss of key state information. [RT #38458]
 2015-02-10 12:59:38 -08:00
Mark Andrews
f4889a7491 cast to (unsigned long) to silence format warning 
(cherry picked from commit d2a50c9ba8)
 2015-02-05 07:50:44 +11:00
Tinderbox User
1bf1157d72 update copyright notice / whitespace 2015-01-22 23:45:54 +00:00
Evan Hunt
865621b742 [v9_10] fix 'total use' accounting 
4046.   [bug]           Accounting of "total use" in memory context
                        statistics was not correct. [RT #38370]
 2015-01-22 09:46:28 -08:00
Tinderbox User
3817256ab9 update copyright notice / whitespace 2015-01-20 23:47:01 +00:00
Evan Hunt
1ef4faabd5 [v9_10] clean up gcc -Wshadow warnings 
4039.	[cleanup]	Cleaned up warnings from gcc -Wshadow. [RT #37381]
 2015-01-20 13:43:35 -08:00
Evan Hunt
6c049c57d9 [v9_10] refactor max-recursion-queries 
- the counters weren't set correctly when fetches timed out.
  instead we now pass down a counter object.

(cherry picked from commit 05e448935c)
 2014-11-19 18:26:46 -08:00
Mark Andrews
b2b3882c5c 3998. [bug] isc_radix_search was returning matches that were 
to precise. [RT #37680]

(cherry picked from commit b976c39c07)
 2014-11-04 12:40:41 +11:00
Mark Andrews
4394594398 3898. [bug] To small a buffer in tohexstr() calls in test code. 
[RT #36598]

(cherry picked from commit 6a6838f973)
 2014-07-22 11:26:50 +10:00
Tinderbox User
d47d4e9acf update copyright notice 2014-07-15 23:45:43 +00:00
Mark Andrews
e1bbda10c5 3894. [bug] Buffers in isc_print_vsnprintf were not properly 
initialized leading to potential overflows when
                        printing out quad values. [RT #36505]

(cherry picked from commit 71ec6d0940)
 2014-07-15 22:54:15 +10:00
Tinderbox User
cc2a515684 update copyright notice 2014-03-04 23:46:15 +00:00
Evan Hunt
b454c03196 [master] use ANSI prototypes, clean up some casts 2014-03-04 10:42:25 -08:00
Evan Hunt
98922b2b2b [master] merge several interdependent fixes 
3760.   [bug]           Improve SIT with native PKCS#11 and on Windows.
			[RT #35433]

3759.   [port]          Enable delve on Windows. [RT #35441]

3758.   [port]          Enable export library APIs on windows. [RT #35382]
 2014-02-26 19:00:05 -08:00
Mark Andrews
e676a59686 update copyrights 2014-02-20 10:53:11 +11:00
Mark Andrews
b5f6271f4d 3744. [experimental] SIT: send and process Source Identity Tokens 
(which are similar to DNS Cookies by Donald Eastlake)
                        and are designed to help clients detect off path
                        spoofed responses and for servers to detect legitimate
                        clients.

                        SIT use a experimental EDNS option code (65001).

                        SIT can be enabled via --enable-developer or
                        --enable-sit.  It is on by default in Windows.

                        RRL processing as been updated to know about SIT with
                        legitimate clients not being rate limited. [RT #35389]
 2014-02-19 12:53:42 +11:00
Evan Hunt
dbb012765c [master] merge libiscpk11 to libisc 
3735.	[cleanup]	Merged the libiscpk11 library into libisc
			to simplify dependencies. [RT #35205]
 2014-02-11 21:20:28 -08:00
Evan Hunt
90b513b2a0 [master] another build fix for pkcs11+atf+libtool 2014-01-15 12:07:04 -08:00
Evan Hunt
ba751492fc [master] native PKCS#11 support 
3705.	[func]		"configure --enable-native-pkcs11" enables BIND
			to use the PKCS#11 API for all cryptographic
			functions, so that it can drive a hardware service
			module directly without the need to use a modified
			OpenSSL as intermediary (so long as the HSM's vendor
			provides a complete-enough implementation of the
			PKCS#11 interface). This has been tested successfully
			with the Thales nShield HSM and with SoftHSMv2 from
			the OpenDNSSEC project. [RT #29031]
 2014-01-14 15:40:56 -08:00
Evan Hunt
903247531a [master] portable replacement for timegm() 2014-01-10 19:22:02 -08:00
Mark Andrews
a7c412f37c update copyrights 2014-01-11 07:07:56 +11:00
Mark Andrews
fd0f3e7cd8 add unit test for isc_time_parsehttptimestamp 2014-01-11 00:30:41 +11:00
Tinderbox User
431a83fb29 update copyright notice 2014-01-09 23:46:35 +00:00
Evan Hunt
e851ea8260 [master] replace memcpy() with memmove(). 
3698.	[cleanup]	Replaced all uses of memcpy() with memmove().
			[RT #35120]
 2014-01-08 16:39:05 -08:00
Mark Andrews
0a47bc90af 3668. [bug] Fix cast in lex.c which could see 0xff treated as eof. 
[RT #34993]
 2013-11-11 10:49:28 +11:00
Evan Hunt
5b7abbef51 [master] added isc_safe_memcmp() 
3611.	[bug]		Improved resistance to a theoretical authentication
			attack based on differential timing.  [RT #33939]
 2013-07-09 11:47:16 -07:00
Tinderbox User
5924e4ace0 update copyright notice 2013-06-10 23:46:19 +00:00
Evan Hunt
e59937c728 [rt33746] use CRC64 for map file error detection 
3591.	[func]		Use CRC-64 to detect map file corruption at load
			time. [RT #33746]
 2013-06-10 14:19:22 -07:00
Mark Andrews
45b727f651 silence coverity warnings 2013-04-11 17:07:50 +10:00
Mark Andrews
22b5363195 printf -> fprintf 2013-03-26 16:40:14 +11:00
Tinderbox User
313b0ea9f2 update copyright notice 2013-03-23 23:46:06 +00:00
Evan Hunt
cd594861c2 [master] add missing include 2013-03-22 14:50:22 -07:00
Evan Hunt
67adc03ef8 [master] add DSCP support 
3535.	[func]		Add support for setting Differentiated Services Code
			Point (DSCP) values in named.  Most configuration
			options which take a "port" option (e.g.,
			listen-on, forwarders, also-notify, masters,
			notify-source, etc) can now also take a "dscp"
			option specifying a code point for use with
			outgoing traffic, if supported by the underlying
			OS. [RT #27596]
 2013-03-22 14:05:33 -07:00