ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
23,355 Commits 589 Branches 805 Tags
3fe33590315cd5ab2af1f1b49e5ac36c9c195991
Commit Graph

71 Commits

Author SHA1 Message Date
Mark Andrews
3cf6fa831e 4527. [doc] Support DocBook XSL Stylesheets v1.79.1. [RT #43831] 
(cherry picked from commit 1b8ce3b330)
 2016-12-07 11:00:40 +11:00
Mark Andrews
51fe40fd59 4504. [security] Allow the maximum number of records in a zone to 
be specified.  This provides a control for issues
                        raised in CVE-2016-6170. [RT #42143]

(cherry picked from commit 5f8412a4cb)
 2016-11-03 10:46:37 +11:00
Tinderbox User
6170b0861f update copyright notice / whitespace 2016-10-15 23:49:32 +00:00
Mark Andrews
971bd88807 add managed keys to view section 
(cherry picked from commit 7551ec1ebe)
 2016-10-16 08:16:22 +11:00
Mark Andrews
73cf46fdad 4244. [bug] The parser was not reporting that use-ixfr is obsolete. 
[RT #41010]
 2015-10-29 12:53:56 +11:00
Mark Andrews
abe4242926 cleanup trailing white space in SGML like files 2015-10-22 16:11:37 +11:00
Tinderbox User
bbed6bdd52 regen v9_9 2015-10-06 05:34:39 +00:00
Evan Hunt
d6e0d893be [v9_9] upgrade doc toolchain 
4237.	[doc]		Upgraded documentation toolchain to use DocBook 5
			and dblatex. [RT #40766]
 2015-10-05 22:01:25 -07:00
Tinderbox User
ad89136024 update copyright notice / whitespace 2015-09-22 23:46:07 +00:00
Evan Hunt
e30b7c5165 [v9_9] need id tag on refentry 2015-09-21 21:36:42 -07:00
Evan Hunt
18482891e3 [v9_9] correct dates in man pages 2014-02-27 11:45:43 -08:00
Tinderbox User
fcf3461d97 update copyright notice 2014-01-08 23:45:37 +00:00
Evan Hunt
5fccdc10de [v9_9] removed reference to "auto-dnssec create" 2014-01-08 11:34:33 -08:00
Mark Andrews
22bca01405 3574. [doc] The 'hostname' keyword was missing from server-id 
description in the named.conf man page. [RT #33476]
 2013-05-29 15:51:30 +10:00
Tinderbox User
616d285f99 update copyright notice 2013-05-15 23:45:40 +00:00
Evan Hunt
9cca234d2a [v9_9] fix typo 2013-05-14 19:42:32 -07:00
Evan Hunt
36a13a94c5 new "dnssec-lookaside" option is "no", not "off" 2011-11-07 00:25:53 +00:00
Mark Andrews
ac43690858 3209. [func] Add "dnssec-lookaside 'off'". [RT #24858] 2011-11-07 00:14:11 +00:00
Scott Mann
fad5116b3d Remove the ixfr-from-differences side-effect which causes an AXFR and extend 
request-ixfr to the zone level.
 2011-09-06 22:29:33 +00:00
Evan Hunt
ac21f918f2 3109. [func] The also-notify option now uses the same syntax 
as a zone's masters clause.  This means it is
			now possible to specify a TSIG key to use when
			sending notifies to a given server, or to include
			an explicit named masters list in an also-notfiy
			statement.  [RT #23508]
 2011-05-06 21:23:51 +00:00
Mark Andrews
0e507dbb81 2039. [func] Redirect on NXDOMAIN support. [RT #23146] 2011-02-23 03:08:11 +00:00
Mark Andrews
000a8970f8 3011. [func] Change the default query timeout from 30 seconds 
to 10.  Allow setting this in named.conf using the new
                        'resolver-query-timeout' option, which specifies a max
                        time in seconds.  0 means 'default' and anything longer
                        than 30 will be silently set to 30. [RT #22852]
 2011-02-03 05:41:55 +00:00
Automatic Updater
93235c1cba update copyright notice 2011-01-07 23:47:07 +00:00
Mark Andrews
dc4fa197dd 3004. [func] DNS64 reverse support. [RT #22769] 2011-01-07 04:31:39 +00:00
Evan Hunt
71bd858d8e 2989. [func] Added support for writable DLZ zones. (Contributed 
by Andrew Tridgell of the Samba project.) [RT #22629]

2988.	[experimental]	Added a "dlopen" DLZ driver, allowing the creation
			of external DLZ drivers that can be loaded as
			shared objects at runtime rather than linked with
			named.  Currently this is switched on via a
			compile-time option, "configure --with-dlz-dlopen".
			Note: the syntax for configuring DLZ zones
			is likely to be refined in future releases.
			(Contributed by Andrew Tridgell of the Samba
			project.) [RT #22629]

2987.	[func]		Improve ease of configuring TKEY/GSS updates by
			adding a "tkey-gssapi-keytab" option.  If set,
			updates will be allowed with any key matching
			a principal in the specified keytab file.
			"tkey-gssapi-credential" is no longer required
			and is expected to be deprecated.  (Contributed
			by Andrew Tridgell of the Samba project.)
			[RT #22629]
 2010-12-18 01:56:23 +00:00
Automatic Updater
515c7f3c43 update copyright notice 2010-05-14 23:50:40 +00:00
Mark Andrews
778a01b1aa 2893. [bug] Improve managed keys support. New named.conf option 
managed-keys-directory. [RT #20924]
 2010-05-14 04:48:28 +00:00
Evan Hunt
8e4f3f1cbc 2799. [cleanup] Changed the "secure-to-insecure" option to 
"dnssec-secure-to-insecure", and "dnskey-ksk-only"
			to "dnssec-dnskey-kskonly", for clarity. [RT #20586]
 2009-12-03 23:18:17 +00:00
Evan Hunt
8f7de3db7e Respinning to fix memory leak in dnssec-signzone. (Also adopting doc changes.) 2009-10-16 02:59:41 +00:00
Evan Hunt
3727725bb7 2710. [func] New 'dnssec-signzone -x' flag and 'dnskey-ksk-only' 
zone option cause a zone to be signed with only KSKs
			signing the DNSKEY RRset, not ZSKs.  This reduces
			the size of a DNSKEY answer.  [RT #20340]
 2009-10-10 01:48:00 +00:00
Automatic Updater
15bbb8a129 update copyright notice 2009-10-08 23:48:10 +00:00
Mark Andrews
2847930722 2708. [func] Insecure to secure and NSEC3 parameter changes via 
update are now fully supported and no longer require
                        defines to enable.  We now no longer overload the
                        NSEC3PARAM flag field, nor the NSEC OPT bit at the
                        apex.  Secure to insecure changes are controlled by
                        by the named.conf option 'secure-to-insecure'.

                        Warning: If you had previously enabled support by
                        adding defines at compile time to BIND 9.6 you should
                        ensure that all changes that are in progress have
                        completed prior to upgrading to BIND 9.7.  BIND 9.7
                        is not backwards compatible.
 2009-10-08 23:13:07 +00:00
Mark Andrews
6098d364b6 2448. [func] Add NSEC3 support. [RT #15452] 2008-09-24 02:46:23 +00:00
Mark Andrews
0eeaaaf0ae 2398. [bug] Improve file descriptor management. New, 
temporary, named.conf option reserved-sockets,
                        default 512. [RT #18344]
 2008-09-04 05:56:43 +00:00
Mark Andrews
3f42cf2f3e 2349. [func] Provide incremental re-signing support for secure 
dynamic zones. [RT #1091]

back out incorrect branch rt1091 and apply correct branch rt1091a.
 2008-04-02 02:37:42 +00:00
Automatic Updater
1da14e066c update copyright notice 2008-01-02 23:47:02 +00:00
Mark Andrews
92f60809e8 2286. [func] Allow a TCP connection to be used as a weak 
authentication method for reverse zones.
                        New update-policy methods tcp-self and 6to4-self.
                        [RT #17378]
 2008-01-02 05:13:42 +00:00
Michael Graff
b239c8294a commit lruttl to the mainline. A tag was set called skan_lruttl-mainline-base, and I will tag this as skan_lruttl-mainline-merge after this commit 2007-10-19 17:15:53 +00:00
Mark Andrews
ca84283333 2244. [func] Allow the check of nameserver names against the 
SOA MNAME field to be disabled by specifying
                        'notify-to-soa yes;'.  [RT #17073]
 2007-09-18 00:22:31 +00:00
Mark Andrews
982b1c2bf5 add masterfile-format 2007-08-17 06:10:44 +00:00
Mark Andrews
6043e41fcf documentation updates from Jeremy 2007-06-19 06:58:04 +00:00
Automatic Updater
ec5347e2c7 update copyright notice 2007-06-18 23:47:57 +00:00
Mark Andrews
561a29af8c minor man page updated from Jeremy [RT #16859] 2007-05-09 01:32:09 +00:00
Mark Andrews
819b98479e 2165. [func] Allow the destination address of a query to determine 
if we will answer the query or recurse.
                        allow-query-on, allow-recursion-on and
                        allow-query-cache-on. [RT #16291]
 2007-03-29 06:36:31 +00:00
Mark Andrews
281bab0f36 2129. [func] Provide a pool of UDP sockets for queries to be 
made over. See use-queryport-pool, queryport-pool-ports
                        and queryport-pool-updateinterval.  [RT #16415]
 2007-02-02 02:18:06 +00:00
Mark Andrews
c1a883f2e0 update copyright notice 2007-01-29 23:57:22 +00:00
Rob Austein
5cd4555ad4 2128. [doc] xsltproc --nonet, update DTD versions. [RT #16635] 2007-01-29 22:16:02 +00:00
Mark Andrews
7c693bfdbe 2082. [doc] Document 'cache-file' as a test only option. 2006-09-13 00:18:27 +00:00
Mark Andrews
a45a6ea2b0 2035. [func] Make falling back to TCP on UDP refresh failure 
optional. Default "try-tcp-refresh yes;" for BIND 8
                        compatibility. [RT #16123]
 2006-06-04 23:17:07 +00:00
Mark Andrews
ffcc1bdb36 make query-source{-v6} clearer 2006-05-16 06:07:09 +00:00