ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
23,355 Commits 589 Branches 805 Tags
3fe33590315cd5ab2af1f1b49e5ac36c9c195991
Commit Graph

44 Commits

Author SHA1 Message Date
Tinderbox User
434ff87fcb update copyright notice / whitespace 2016-07-06 23:49:15 +00:00
Mark Andrews
d9cc1ed8ea 4405. [bug] Change 4342 introduced a regression where you could 
not remove a delegation in a NSEC3 signed zone using
                        OPTOUT via nsupdate. [RT #42702]

(cherry picked from commit d811a7d9ef)
 2016-07-06 10:26:02 +10:00
Evan Hunt
05d0d33cb8 [v9_9] timing safe memory comparisons 
4183.	[cleanup]	Use timing-safe memory comparisons in cryptographic
			code. Also, the timing-safe comparison functions have
			been renamed to avoid possible confusion with
			memcmp(). [RT #40148]

(cherry picked from commit 420a43c8d8)
 2015-08-17 18:31:11 -07:00
Tinderbox User
9cbd625449 update copyright notice / whitespace 2015-01-20 23:47:26 +00:00
Evan Hunt
57f015bd2a [v9_9] clean up gcc -Wshadow warnings 
4039.	[cleanup]	Cleaned up warnings from gcc -Wshadow. [RT #37381]
 2015-01-20 14:55:41 -08:00
Mark Andrews
d2ac59302c 3942. [bug] Wildcard responses from a optout range should be 
marked as insecure. [RT #37072]
 2014-09-04 13:59:50 +10:00
Mark Andrews
1d828183c8 silence coverity warnings 
(cherry picked from commit e58154a6ec)
 2014-07-02 15:28:29 +10:00
Mark Andrews
b41598a203 3872. [bug] Address issues found by static analysis. [RT #36209] 
(cherry picked from commit b16d99bac1)
 2014-06-10 09:23:12 +10:00
Mark Andrews
c10c7ddb6e 3819. [bug] NSEC3 hashes need to be able to be entered and 
displayed without padding.  This is not a issue for
                        currently defined algorithms but may be for future
                        hash algorithms. [RT #27925]

(cherry picked from commit 36e5ac0033)
 2014-04-24 19:12:08 +10:00
Tinderbox User
864ca7ce33 update copyright notice 2014-01-09 23:45:53 +00:00
Evan Hunt
8c7ce6d3e6 [v9_9] replace memcpy() with memmove(). 
3698.	[cleanup]	Replaced all uses of memcpy() with memmove().
			[RT #35120]

(cherry picked from commit ebe54c7d2221c6a0a4b3d96bcae3280c823a45e6)
 2014-01-08 16:38:56 -08:00
Mark Andrews
3b38a23089 3681. [port] Update the Windows build system to support feature 
selection and WIN64 builds.  This is a work in
                        progress. [RT #34160]

(cherry picked from commit c3c8823fed)

Conflicts:
	CHANGES
	bin/check/win32/checktool.dsp.in
	bin/dnssec/win32/dnssectool.dsp.in
	bin/dnssec/win32/importkey.dsp.in
	bin/dnssec/win32/importkey.mak.in
	bin/named/geoip.c
	bin/named/include/named/geoip.h
	bin/tools/win32/rrchecker.dsp.in
	bin/tools/win32/rrchecker.mak.in
	config.h.win32
	lib/dns/geoip.c
	lib/dns/master.c
	lib/dns/win32/libdns.dsp.in
	lib/dns/win32/libdns.mak.in
	lib/isc/mem.c
	lib/isc/stats.c
	lib/isc/win32/file.c
	lib/isc/win32/libisc.def.in
	lib/isc/win32/libisc.mak.in
	lib/isc/win32/stdio.c
	lib/isccc/cc.c
	win32utils/BuildAll.bat
	win32utils/BuildSetup.bat
	win32utils/legacy/BINDBuild.dsw.in
	win32utils/makeversion.pl
	win32utils/setpk11provider.pl
	win32utils/updatelibxml2.pl
	win32utils/win32-build.txt
 2013-12-04 13:48:45 +11:00
Tinderbox User
e7953a5eff update copyright notice 2013-09-17 23:45:47 +00:00
Mark Andrews
e5c276b36b 3641. [bug] Handle changes to sig-validity-interval settings 
better. [RT #34625]

(cherry picked from commit b5f4cc132e)
 2013-09-17 12:59:11 +10:00
Mark Andrews
48f72b811d 3443. [bug] The NOQNAME proof was not being returned from cached 
insecure responses. [RT #21409]

Conflicts:
	bin/tests/system/conf.sh.in
	lib/dns/include/dns/types.h
 2012-12-19 10:06:24 +11:00
Mark Andrews
8cbf15838e silence clang --analyzer warnin by checking rdata.length 2012-12-10 08:23:47 +11:00
Tinderbox User
d3bb7b6b7b update copyright notice 2012-06-25 23:45:45 +00:00
Mark Andrews
7c25aaf620 3341. [func] New "dnssec-verify" command checks a signed zone 
to ensure correctness of signatures and of NSEC/NSEC3
                        chains. [RT #23673]
 2012-06-25 14:57:32 +10:00
Evan Hunt
c9481a4625 set $Id$ 2012-03-07 08:18:58 -08:00
Automatic Updater
80c7083796 update copyright notice 2012-01-27 23:46:59 +00:00
Mark Andrews
ef9f4d0977 3266. [bug] The maximum number of NSEC3 iterations for a 
DNSKEY RRset was not being properly computed.
                        [RT #26543]
 2012-01-27 00:49:42 +00:00
Evan Hunt
9c03f13e18 3185. [func] New 'rndc signing' option for auto-dnssec zones: 
- 'rndc signing -list' displays the current
			   state of signing operations
			 - 'rndc signing -clear' clears the signing state
		  	   records for keys that have fully signed the zone
			 - 'rndc signing -nsec3param' sets the NSEC3
			   parameters for the zone
			The 'rndc keydone' syntax is removed. [RT #23729]
 2011-10-28 06:20:07 +00:00
Evan Hunt
79ce3a9e82 3128. [func] Inserting an NSEC3PARAM via dynamic update in an 
auto-dnssec zone that has not been signed yet
			will cause it to be signed with the specified NSEC3
			parameters when keys are activated.  The
			NSEC3PARAM record will not appear in the zone until
			it is signed, but the parameters will be stored.
			[RT #23684]
 2011-06-10 01:51:09 +00:00
Evan Hunt
6de9744cf9 3124. [bug] Use an rdataset attribute flag to indicate 
negative-cache records rather than using rrtype 0;
			this will prevent problems when that rrtype is
			used in actual DNS packets. [RT #24777]

3123.	[security]	Change #2912 exposed a latent flaw in
			dns_rdataset_totext() that could cause named to
			crash with an assertion failure. [RT #24777]
 2011-06-08 22:13:51 +00:00
Automatic Updater
c1aef54e14 update copyright notice 2011-03-12 04:59:49 +00:00
Mark Andrews
0874abad14 3069. [cleanup] Silence warnings messages from clang static analysis. 
[RT #20256]
 2011-03-11 06:11:27 +00:00
Mark Andrews
8aee18709f 2980. [bug] named didn't properly handle UPDATES that changed the 
TTL of the NSEC3PARAM RRset. [RT #22363]
 2010-12-07 02:53:34 +00:00
Mark Andrews
b00de53de2 2907. [bug] The export version of libdns had undefined references. 
[RT #21444]
 2010-06-02 00:38:29 +00:00
Automatic Updater
4dd3ec797d update copyright notice 2010-05-18 02:38:10 +00:00
Mark Andrews
8d31dd9ab6 2897. [bug] NSEC3 chains could be left behind when transitioning 
to insecure. [RT #21040]
 2010-05-18 01:39:41 +00:00
Automatic Updater
842920c7db update copyright notice 2010-01-04 23:48:51 +00:00
Evan Hunt
d3a6cd7c7e 2830. [bug] Changing the OPTOUT setting could take multiple 
passes. [RT #20813]
 2010-01-04 22:47:58 +00:00
Mark Andrews
d524a81532 2796. [bug] Missing dns_rdataset_disassociate() call in 
dns_nsec3_delnsec3sx(). [RT #20681]
 2009-12-01 05:28:40 +00:00
Automatic Updater
126dce8ebf update copyright notice 2009-11-03 23:48:23 +00:00
Mark Andrews
554d22d2de 2743. [bug] RRSIG could be incorrectly sent in the NSEC3 record 
for a insecure delegation.
 2009-11-03 01:07:48 +00:00
Automatic Updater
15bbb8a129 update copyright notice 2009-10-08 23:48:10 +00:00
Mark Andrews
2847930722 2708. [func] Insecure to secure and NSEC3 parameter changes via 
update are now fully supported and no longer require
                        defines to enable.  We now no longer overload the
                        NSEC3PARAM flag field, nor the NSEC OPT bit at the
                        apex.  Secure to insecure changes are controlled by
                        by the named.conf option 'secure-to-insecure'.

                        Warning: If you had previously enabled support by
                        adding defines at compile time to BIND 9.6 you should
                        ensure that all changes that are in progress have
                        completed prior to upgrading to BIND 9.7.  BIND 9.7
                        is not backwards compatible.
 2009-10-08 23:13:07 +00:00
Automatic Updater
39844d4710 update copyright notice 2009-06-04 02:56:47 +00:00
Mark Andrews
f05a6b110f 2607. [bug] named could incorrectly delete NSEC3 records for 
empty nodes when processing a update request.
                        [RT #19749]
 2009-06-04 01:43:41 +00:00
Mark Andrews
e7ba4d8dc4 2497. [bug] Don't add RRSIG bit to NSEC3 bit map for insecure 
delegation.
 2008-11-17 23:46:42 +00:00
Mark Andrews
dd14c953a8 unsigned constants 2008-09-26 01:27:08 +00:00
Automatic Updater
3398334b3a update copyright notice 2008-09-25 04:02:39 +00:00
Evan Hunt
f66ac0c858 silence compiler warnings 2008-09-24 16:33:27 +00:00
Mark Andrews
6098d364b6 2448. [func] Add NSEC3 support. [RT #15452] 2008-09-24 02:46:23 +00:00