ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
23,355 Commits 589 Branches 805 Tags
3fe33590315cd5ab2af1f1b49e5ac36c9c195991
Commit Graph

41 Commits

Author SHA1 Message Date
Mark Andrews
0e44069212 number all resolver tests 
(cherry picked from commit 4914e3ddc6)
 2016-12-13 15:14:26 +11:00
Mark Andrews
b283aa31fc do not overflow exit status. [RT #42643] 
(cherry picked from commit 3635d8f910)
 2016-06-14 14:51:25 +10:00
Tinderbox User
1ae5ce7da8 update copyright notice / whitespace 2016-03-21 23:46:02 +00:00
Mark Andrews
0f8b11d8cd 4336. [bug] Don't emit records with zero ttl unless the records 
were learnt with a zero ttl. [RT #41687]

(cherry picked from commit 0993cd5f22)
 2016-03-21 14:34:30 +11:00
Mark Andrews
5c6e1683d1 4232. [test] Add tests for CDS and CDNSKEY with delegation-only. 
[RT #40597]

(cherry picked from commit 65d59a4307)
 2015-09-30 16:01:12 +10:00
Tinderbox User
835eaef8e3 update copyright notice / whitespace 2015-07-09 23:46:11 +00:00
Evan Hunt
ea36796f82 [v9_9] DDoS mitigation features 
3938.	[func]		Added quotas to be used in recursive resolvers
			that are under high query load for names in zones
			whose authoritative servers are nonresponsive or
			are experiencing a denial of service attack.

			- "fetches-per-server" limits the number of
			  simultaneous queries that can be sent to any
			  single authoritative server.  The configured
			  value is a starting point; it is automatically
			  adjusted downward if the server is partially or
			  completely non-responsive. The algorithm used to
			  adjust the quota can be configured via the
			  "fetch-quota-params" option.
			- "fetches-per-zone" limits the number of
			  simultaneous queries that can be sent for names
			  within a single domain.  (Note: Unlike
			  "fetches-per-server", this value is not
			  self-tuning.)
			- New stats counters have been added to count
			  queries spilled due to these quotas.

			These options are not available by default;
			use "configure --enable-fetchlimit" (or
			--enable-developer) to include them in the build.

			See the ARM for details of these options. [RT #37125]
 2015-07-08 23:00:58 -07:00
Mark Andrews
bbc8cca27d 4015. [bug] Nameservers that are skipped due to them being 
CNAMEs were not being logged. They are now logged
                        to category 'cname' as per BIND 8. [RT #37935]

(cherry picked from commit ea3aa401bc)
 2014-12-03 11:47:10 +11:00
Mark Andrews
e9ddca0df0 update copyrights 2014-07-08 12:42:19 +10:00
Mark Andrews
1df30622d6 3892. [bug] Setting '-t aaaa' in .digrc had unintended side 
effects. [RT #36452]
 2014-07-08 02:01:44 +10:00
Evan Hunt
06614edc44 [v9_9] correct dispatch address/port check 
3690.	[bug]		Iterative responses could be missed when the source
			port for an upstream query was the same as the
			listener port (53). [RT #34925]
 2013-12-12 22:46:21 -08:00
Evan Hunt
2e8c4177b7 [v9_9] remove test code accidentally merged 2013-11-13 11:04:35 -08:00
Evan Hunt
eaa4ead2bd [v9_9] allow setting local addr in dns_client 
3672.	[func]		Local address can now be specified when using
			dns_client API. [RT #34811]

(cherry picked from commit 0618287859)
 2013-11-13 10:57:50 -08:00
Tinderbox User
d760368395 update copyright notice 2013-04-03 23:45:38 +00:00
Mark Andrews
c51fe7894a 3541. [bug] The parts if libdns was not being properly initialized 
in when built in libexport mode. [RT #33028]
 2013-04-03 17:28:22 +11:00
ckb
1e8bf19d9a 3422. [bug] Added a clear error message for when the SOA does not 
match the referral. [RT #31281]
 2012-11-21 16:50:38 -06:00
Tinderbox User
c201888c2a regen v9_9 2012-03-07 01:59:30 +00:00
Evan Hunt
f94af76649 Revert "added gitignore, removed cvsignore" 
This reverts commit e8ae173655.
 2012-03-05 08:24:17 -08:00
Evan Hunt
e8ae173655 added gitignore, removed cvsignore 2012-03-03 23:24:11 -08:00
Automatic Updater
d72ed5a8e7 update copyright notice 2012-02-09 23:46:51 +00:00
Mark Andrews
44bb0c393a 3282. [bug] Restrict the TTL of NS RRset to no more than that 
of the old NS RRset when replacing it. [RT #27792]
 2012-02-09 20:59:42 +00:00
Evan Hunt
cf63d32d55 3136. [func] Add RFC 1918 reverse zones to the list of built-in 
empty zones switched on by the 'empty-zones-enable'
			option. [RT #24990]
 2011-07-28 03:18:17 +00:00
Automatic Updater
71d0d898fb update copyright notice 2011-03-13 23:47:36 +00:00
Mark Andrews
26b49e8459 3074. [bug] Make the adb cache read through for zone data and 
glue learn for zone named is authoritative for.
                        [RT #22842]
 2011-03-13 02:49:28 +00:00
Mark Andrews
d48730a446 2970. [security] Adding a NO DATA negative cache entry failed to clear 
any matching RRSIG records.  A subsequent lookup of
                        of NO DATA cache entry could trigger a INSIST when the
                        unexpected RRSIG was also returned with the NO DATA
                        cache entry.  [RT #22288]
 2010-11-16 06:46:44 +00:00
Mark Andrews
165501a801 simplify grep 2010-09-15 23:22:02 +00:00
Evan Hunt
cff5da57d6 The "resolver" test was failing on systems with old versions of "grep". 2010-09-15 15:45:07 +00:00
Mark Andrews
082f42dcf2 2960. [func] Check that named accepts non-authoritative answers. 
[RT #21594]
 2010-09-15 12:07:56 +00:00
Automatic Updater
15c961a1dd update copyright notice 2010-05-19 09:33:50 +00:00
Mark Andrews
b667946fa5 2900. [bug] The placeholder negative caching element was not 
properly constructed triggering a INSIST in
                        dns_ncache_towire(). [RT #21346]
 2010-05-19 06:39:50 +00:00
Automatic Updater
e6ada020f5 update copyright notice 2009-05-29 23:47:49 +00:00
Tatuya JINMEI 神明達哉
40d0f115a6 2604. [func] Add support for DNS rebinding attack prevention through 
new options, deny-answer-addresses and
			deny-answer-aliases.  Based on contributed code from
			JD Nurmi, Google. [RT #18192]
 2009-05-29 22:22:37 +00:00
Automatic Updater
70e5a7403f update copyright notice 2007-06-19 23:47:24 +00:00
Automatic Updater
ec5347e2c7 update copyright notice 2007-06-18 23:47:57 +00:00
Mark Andrews
dafcb997e3 update copyright notice 2004-03-05 05:14:21 +00:00
Brian Wellington
499b34cea0 copyright update 2001-01-09 22:01:04 +00:00
David Lawrence
40f53fa8d9 Trailing whitespace trimmed. Perhaps running "perl util/spacewhack.pl in your 
own CVS tree will help minimize CVS conflicts.  Maybe not.
Blame Graff for getting me to trim all trailing whitespace.
 2000-08-01 01:33:37 +00:00
Andreas Gustafsson
e0f23ee828 check that the server copes with responses containing a CNAME 
and other data
 2000-07-28 22:42:42 +00:00
David Lawrence
15a4474541 word wrap copyright notice at column 70 2000-07-27 09:55:03 +00:00
Andreas Gustafsson
e54e6744d6 do two queries; added comments 2000-07-18 17:13:40 +00:00
Andreas Gustafsson
f2c814353b added resolver/ test directory, with a single regression 
test for the INSIST(!external) bug
 2000-07-14 23:38:14 +00:00