ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
23,355 Commits 589 Branches 805 Tags
3fe33590315cd5ab2af1f1b49e5ac36c9c195991
Commit Graph

50 Commits

Author SHA1 Message Date
Evan Hunt
1b8d070f9a [v9_9] simplify prereq checks by using feature-test.c 
4498.	[test]		Simplify prerequisite checks in system tests.
			[RT #43516]

(cherry picked from commit 5480a74b70)
(cherry picked from commit 45fd95544c)
(cherry picked from commit 6e09e18400)
 2016-11-01 13:10:07 -07:00
Mark Andrews
b283aa31fc do not overflow exit status. [RT #42643] 
(cherry picked from commit 3635d8f910)
 2016-06-14 14:51:25 +10:00
Tinderbox User
7b7d845166 update copyright notice / whitespace 2016-01-21 23:46:08 +00:00
Evan Hunt
4b8c357439 [v9_9] hold 2016-01-20 17:32:39 -08:00
Tinderbox User
4acf5216d7 update copyright notice / whitespace 2015-11-09 23:46:11 +00:00
Evan Hunt
7d984067ee [v9_9] fix python script versions 
4257.	[cleanup]	Python scripts reported incorrect version. [RT #41080]
 2015-11-08 21:41:04 -08:00
Mark Andrews
288be32d30 give the nameserver a little longer to response 
(cherry picked from commit 06e28e50bd)
 2014-09-18 10:10:05 +10:00
Mark Andrews
fb7f157cd8 3921. [bug] AD was inappopriately set on RPZ responses. [RT #36833] 
(cherry picked from commit cef76ee5bd)
(cherry picked from commit 0597c5fd5e)
 2014-08-22 15:46:54 +10:00
Mark Andrews
752a82533e adjust stats numbers 
(cherry picked from commit efab32b289)
 2014-07-31 14:45:36 +10:00
Mark Andrews
7af84ff577 update copyrights 2014-05-30 09:43:37 +10:00
Mark Andrews
c1c8bd9171 More changes for: 
3864.   [bug]           RPZ didn't work well when being used as forwarder.
                        [RT #36060]
 2014-05-30 08:53:42 +10:00
Mark Andrews
e10c6afa15 3864. [bug] RPZ didn't work well when being used as forwarder. 
[RT #36060]
 2014-05-29 17:35:14 +10:00
Evan Hunt
5409faef5e [v9_9] use posix-compatible shell in system tests 
3839.	[test]		Use only posix-compatible shell in system tests.
			[RT #35625]

(cherry picked from commit 60988462e5)
(cherry picked from commit 812cf443bb)
 2014-05-06 22:18:08 -07:00
Evan Hunt
8b5a1caae7 [v9_9] use test -r in system tests 
3806.	[test]		Improved system test portability. [RT #35625]

(cherry picked from commit 922959581bbdd70d5c9cae1cb107974c3d38ed08)
 2014-04-09 20:30:17 -07:00
Tinderbox User
de17f51528 update copyright notice 2014-02-20 23:45:53 +00:00
Mark Andrews
be2d413edf don't error on rpz percentage checks as they fail inconsistently on virtual machines 
(cherry picked from commit 86a85a3bbd)
 2014-02-20 12:23:01 +11:00
Evan Hunt
a9eb392c55 [v9_9] testcrypto.sh in system tests 
3714.  [test]          System tests that need to test for cryptography
                       support before running can now use a common
                       "testcrypto.sh" script to do so. [RT #35213]
 2014-02-06 16:10:03 -08:00
Mark Andrews
1550e4aa95 3674. [bug] RPZ zeroed ttls if the query type was '*'. [RT #35026] 
(cherry picked from commit 225146b2c8)
 2013-11-18 11:24:24 +11:00
Tinderbox User
229809a446 update copyright notice 2013-09-16 23:45:41 +00:00
Mark Andrews
dab73dfc86 3627. [bug] RPZ changes were not effective on slaves. [RT #34450] 
(cherry picked from commit 333f320a62d78e79fa54e7bcc389073a109618f7)
 2013-08-09 12:58:11 +10:00
Mark Andrews
a3864ce373 update copyrights 2013-02-27 12:35:09 +11:00
Mark Andrews
ab797f53c2 '!' is not portable. 2013-02-26 23:13:04 +11:00
Tinderbox User
2f7eb16bed update copyright notice 2013-02-25 23:45:44 +00:00
Evan Hunt
55bbac8bfe [v9_9] RPZ speed up (phase 1, single RPZ) 
3496.	[func]		Improvements to RPZ performance. The "response-policy"
			syntax now includes a "min-ns-dots" clause, with
			default 1, to exclude top-level domains from
			NSIP and NSDNAME checking. --enable-rpz-nsip and
                        --enable-rpz-nsdname are now the default. [RT #32251]

    Response policy (rpz) changes to
      - add zone statistics
      - speed up by adding min-ns-dots to the response-policy syntax
         with a default of 1
      - detect and reject policy zones with a database other than rbt
         only rbtdb has rpz hooks
      - allow empty response-policy{} statement
      - make --enable-rpz-nsip and --enable-rpz-nsdname the default
 2013-02-25 14:32:36 -08:00
Tinderbox User
03565e899d update copyright notice 2012-06-29 23:45:45 +00:00
Mark Andrews
cb421b69c3 reverse bad copyright update 2012-06-29 11:41:43 +10:00
Tinderbox User
cd24b114bf update copyright notice 2012-06-29 01:22:07 +00:00
Mark Andrews
640db2ed50 Don't restart ns5 after killing it 2012-06-07 14:42:18 +10:00
Mark Andrews
8bd9a9b2ad kill and restart the nameserver after running: perf 'without rpz' norpz 2012-06-04 16:36:30 +10:00
Tinderbox User
de16ff6d04 update copyright notice 2012-06-01 23:45:51 +00:00
Evan Hunt
63e1f1ecc6 fix solaris portability problem 2012-06-01 11:41:24 -07:00
Vernon Schryver
f05089ea5c For rt26172: 
Add
      - optional "recursive-only yes|no" to the response-policy statement
      - optional max-policy-ttl to limit the lies that "recursive-only no"
          can introduce into resolvers' caches
      - test that queries with RD=0 are not rewritten by default
      - performance smoke test

    Change encoding of PASSTHRU action to "rpz-passthru".
          (The old encoding is still accepted.)
    Fix rt26180  assert botch in zone_findrdataset() in this branch
         as well.

    Fix missing signatures on NOERROR results despite RPZ hits
        when there are signatures and the client asks for DNSSEC,
 2012-06-01 01:03:43 +00:00
Evan Hunt
c02c10261c fix .gitignore files 2012-04-23 08:56:12 -07:00
Evan Hunt
8047e7c06f re-remove cvsignore files 2012-03-05 08:29:31 -08:00
Evan Hunt
f94af76649 Revert "added gitignore, removed cvsignore" 
This reverts commit e8ae173655.
 2012-03-05 08:24:17 -08:00
Evan Hunt
e8ae173655 added gitignore, removed cvsignore 2012-03-03 23:24:11 -08:00
Automatic Updater
1b428fd3a7 update copyright notice 2012-01-07 23:46:53 +00:00
Evan Hunt
c19cfefe7e 3262. [bug] Signed responses were handled incorrectly by RPZ. 
[RT #27316]
 2012-01-07 00:19:59 +00:00
Evan Hunt
75c622f53b add regression test for rbtdb.c version-mismatch issue 2011-11-18 19:32:13 +00:00
Mark Andrews
7b4b6f361b 3186. [bug] Version/db mis-match in rpz code. [RT #26180] 2011-10-28 11:46:50 +00:00
Mark Andrews
88112d5fcb 'test -e' is not portable, use 'test -f' 2011-10-13 13:03:51 +00:00
Mark Andrews
abea1710a7 new 2011-10-13 04:53:07 +00:00
Vernon Schryver
9fee08f655 Commit rt25172 changes to HEAD including 
- fix precedence among competing rules
  - improve ARM text including documenting rule precedence
  - try to rewrite CNAME chains until first hit
  - new "rpz" logging channel
  - same fix for "NS ." as in RT 24985
 2011-10-13 01:32:34 +00:00
Mark Andrews
475b1ed9cc 3126. [security] Using DNAME record to generate replacements caused 
RPZ to exit with a assertion failure. [RT #23766]
 2011-06-09 03:10:17 +00:00
Mark Andrews
b64e3b8358 3125. [security] Using wildcard CNAME records as a replacement with 
RPZ caused named to exit with a assertion failure.
                        [RT #24715]
 2011-06-09 00:42:51 +00:00
Evan Hunt
76db58eb81 3100. [security] Certain response policy zone configurations could 
trigger an INSIST when receiving a query of type
			RRSIG. [RT #24280]
 2011-04-27 17:46:47 +00:00
Evan Hunt
439a6b2fbf created cvsignore 2011-02-01 20:12:16 +00:00
Evan Hunt
5645e0c82a Automatically-added copyright text was breaking the RPZ test. 2011-01-13 19:30:41 +00:00
Automatic Updater
9cee5bb028 update copyright notice 2011-01-13 04:59:26 +00:00
Mark Andrews
87708bde16 3008. [func] Response policy zones (RPZ) support. [RT #21726] 2011-01-13 01:59:28 +00:00