ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
20,109 Commits 589 Branches 805 Tags
35849376489ddd0168e63822cd4f35ed60fbcf29
Commit Graph

20109 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Evan Hunt
3584937648 [v9_8] RPZ speed up (phase 1, single RPZ) 
3496.	[func]		Improvements to RPZ performance. The "response-policy"
			syntax now includes a "min-ns-dots" clause, with
			default 1, to exclude top-level domains from
			NSIP and NSDNAME checking. [RT #32251]

    Response policy (rpz) changes to
      - add zone statistics
      - speed up by adding min-ns-dots to the response-policy syntax
         with a default of 1
      - detect and reject policy zones with a database other than rbt
         only rbtdb has rpz hooks
      - allow empty response-policy{} statement
      - make --enable-rpz-nsip and --enable-rpz-nsdname the default
(cherry picked from commit 8159e80279408be50d31db5d853ae2736bd1934d)
 2013-02-25 14:32:00 -08:00
Tinderbox User
a5b936c321 update copyright notice 2013-02-18 23:45:27 +00:00
Tinderbox User
447a18b856 newcopyrights 2013-02-18 23:30:08 +00:00
Mark Andrews
501ee051fa dlzdb in 9.8 and earlier doesn't have a link element 2013-02-19 08:35:27 +11:00
Mark Andrews
ad76b3444d 3489. [bug] --enable-developer now turns on ISC_LIST_CHECKINIT. 
dns_dlzcreate() failed to properly initialize
                        dlzdb.link.  When cloning a rdataset do not copy
                        the link contents.  [RT #32651]

Squashed commit of the following:

commit c36c49cbdaeec8b2506dffadbffa543283702fa2
Author: Mark Andrews <marka@isc.org>
Date:   Mon Feb 18 23:24:57 2013 +1100

    don't copy the link when cloning a rdataset

commit 9fef5827edcc925075832dcce900eeca9057456d
Author: Mark Andrews <marka@isc.org>
Date:   Mon Feb 18 23:23:25 2013 +1100

    initialise the dlzdb link; don't return a stale pointer on error

commit a13c584732eae2dde48920a73886b54f1fe6b030
Author: Mark Andrews <marka@isc.org>
Date:   Mon Feb 18 23:21:59 2013 +1100

    turn on ISC_LIST_CHECKINIT

Conflicts:
	lib/dns/dlz.c
(cherry picked from commit c1402b00d3)
 2013-02-19 07:32:22 +11:00
Mark Andrews
195312bfd3 3488. [bug] Use after free error with DH generated keys. [RT #32649] 2013-02-18 20:24:24 +11:00
Tinderbox User
145eda42cb update copyright notice 2013-02-16 23:45:28 +00:00
Mark Andrews
94376ebfdc update 2013-02-16 11:22:27 +11:00
Mark Andrews
7502975522 3487. [bug] Change 3444 was not complete. There was a additional 
place where the NOQNAME proof needed to be saved.
                        [RT #32629]

Squashed commit of the following:

commit cdef844f57bd3eb30b1f77135b89b6f9360e8bee
Author: Mark Andrews <marka@isc.org>
Date:   Sat Feb 16 00:27:14 2013 +1100

    whitespace

commit 60eb7e3f6cdd102d6aaf0fb4ada8c552576e4502
Author: Mark Andrews <marka@isc.org>
Date:   Sat Feb 16 00:19:51 2013 +1100

    return noqname proof with +cd and dlv
 2013-02-16 07:47:11 +11:00
Evan Hunt
affd842860 [v9_8] address TKEY bugs 
3486.	[bug]		named could crash when using TKEY-negotiated keys
			that had been deleted and then recreated. [RT #32506]

(cherry picked from commit 0b8bd3a4ae)
 2013-02-15 10:22:19 -08:00
Mark Andrews
9d511baff3 silence compiler warning 
(cherry picked from commit 52946dc6c0)
 2013-02-15 17:42:41 +11:00
Tinderbox User
1b6469ae80 update copyright notice 2013-02-12 23:45:26 +00:00
Tinderbox User
5d295aceec newcopyrights 2013-02-12 23:30:05 +00:00
Mark Andrews
da15537943 3485. [cleanup] Only compile openssl_gostlink.c if we support GOST. 
(cherry picked from commit 7e9ccec638)
(cherry picked from commit 3e712bbd61)
 2013-02-12 13:06:24 +11:00
Tinderbox User
ff2ee54357 newcopyrights 2013-02-07 23:30:08 +00:00
Curtis Blackburn
a5f95782c4 [v9_8]3481. [cleanup] removed use of const const in atf 
(cherry picked from commit 0da7c95546)
 2013-02-06 17:50:51 -06:00
Tinderbox User
5ee8ec563c update copyright notice 2013-02-05 23:45:22 +00:00
Tinderbox User
e90bc134b1 newcopyrights 2013-02-05 23:30:08 +00:00
Mark Andrews
807aeb43e8 explict cast to (char *) from (void *) to silence compiler warning in %s checking 2013-02-05 14:25:40 +11:00
Tinderbox User
1043b48e2d update copyright notice 2013-01-25 23:45:26 +00:00
Tinderbox User
080d637dcd newcopyrights 2013-01-25 23:30:07 +00:00
Mark Andrews
e38500c43f 3479. [bug] Address potential memory leaks in gssapi support 
code. [RT #32405]
 2013-01-25 12:24:46 +11:00
Tinderbox User
b66835303e update copyright notice 2013-01-24 23:45:28 +00:00
Tinderbox User
0b760546c4 newcopyrights 2013-01-24 23:30:05 +00:00
Tinderbox User
9e82eb9b66 regenerate 2013-01-24 22:55:05 +00:00
Evan Hunt
9eb6e86f51 [v9_8] build failure in C99 
3478.	[port]		Fix a build failure in strict C99 environments
			[RT #32475]
(cherry picked from commit cd63e94310)
 2013-01-24 14:52:26 -08:00
Evan Hunt
1b7bba3645 Merge branch 'v9_8' of ssh://repo/proj/git/prod/bind9 into v9_8 2013-01-23 15:49:43 -08:00
Tinderbox User
1c7322992f update copyright notice 2013-01-23 23:45:26 +00:00
Evan Hunt
8d025e23e3 [v9_8] fix dns_request_createvia assert 
3474.	[bug]		nsupdate could assert when the local and remote
			address families didn't match. [RT #22897]
(cherry picked from commit ffff5d6792)
 2013-01-23 15:43:58 -08:00
Tinderbox User
df5c0e3426 newcopyrights 2013-01-23 23:30:06 +00:00
Tinderbox User
ae86a49431 regenerate 2013-01-23 23:09:16 +00:00
Evan Hunt
2829208aac [v9_8] fix enable-openssl-hash/with-atf combo 2013-01-23 15:06:14 -08:00
Evan Hunt
84b22f9e54 [v9_8] dump masterfile after successful xfrin 
3470.	[bug]		Slave zones could fail to dump when successfully
			refreshing after an initial failure. [RT #31276]
(cherry picked from commit 214836c184)
(cherry picked from commit ddfed3060a)
 2013-01-22 16:03:08 -08:00
Tinderbox User
7985856457 update copyright notice 2013-01-21 23:45:21 +00:00
Tinderbox User
74d2545f52 newcopyrights 2013-01-21 23:30:06 +00:00
Evan Hunt
862e51f42b [v9_8] prevent ixfr/ns1 being removed v9.8.5b1 2013-01-21 14:19:57 -08:00
Evan Hunt
5afb865287 [v9_8] add 10.53.0.8 address 2013-01-21 12:37:24 -08:00
Jeremy C. Reed
9f366c6b1a Mention latest CVE too. 2013-01-18 22:52:53 +00:00
Evan Hunt
3b65e1e173 Merge branch 'v9_8' of ssh://repo/proj/git/prod/bind9 into v9_8 2013-01-18 14:21:37 -08:00
Evan Hunt
3463fe9a4d [v9_8] add CVE, correct change 3388 
(cherry picked from commit 3806133da5)
 2013-01-18 14:20:13 -08:00
Tinderbox User
77b46e925e update copyright notice 2013-01-17 23:45:27 +00:00
Tinderbox User
eabe3c43ea newcopyrights 2013-01-17 23:30:06 +00:00
Evan Hunt
3fbc9b39a4 [v9_8] bump release 2013-01-17 11:25:29 -08:00
Evan Hunt
285bbf3685 [v9_8] fix DNS64 with RPZ-remapped A records 
3468.	[security]	RPZ rules to generate A records (but not AAAA records)
			could trigger an assertion failure when used in
			conjunction with DNS64. [RT #32141]
(cherry picked from commit 71f8edccba)
 2013-01-17 11:24:39 -08:00
Curtis Blackburn
98139af000 [v9_8][bug] Added checks in dnssec-keygen and dnssec-settime to check for 
delete date < inactive date. [RT #31719]
 2013-01-17 11:04:30 -06:00
Mark Andrews
1b786a12df add POST's 2013-01-17 23:26:13 +11:00
Mark Andrews
85f1b8ccfe s/head/tail/ 2013-01-17 21:46:00 +11:00
Mark Andrews
8ae4fbc535 Silence "Access to field 'refs' results in a dereference of a null pointer" by adding appropriate assertions. 2013-01-17 14:40:16 +11:00
Mark Andrews
14d0298b1c Silence "Use of memory after it is freed" by asserting the head and tail of list are not the element after it is unlinked from the list. 2013-01-17 14:22:39 +11:00
Tinderbox User
5508bb2b3c update copyright notice 2013-01-15 23:45:23 +00:00