Mark Andrews
856fb57ba8
Temporarially disable dnssec-lookaside-validation test for 9.3.0beta4
...
To be re-enabled post 9.3.0beta4.
2004-05-18 03:06:24 +00:00
Mark Andrews
44058ba2e1
1625. [bug] named failed to load/transfer RFC2535 signed zones
...
which contained CNAMES. [RT# 11237]
2004-05-05 01:32:17 +00:00
Mark Andrews
69b34284dc
1600. [bug] Duplicate zone pre-load checks were not case
...
insensitive.
1599. [bug] Fix memory leak on error path when checking named.conf.
1598. [func] Specify that certain parts of the namespace must
be secure (dnssec-must-be-secure).
2004-04-15 23:56:34 +00:00
Mark Andrews
5c798d7ba3
add
2004-03-15 02:56:04 +00:00
Mark Andrews
6790f1d962
1589. [func] DNSSEC lookaside validation.
...
enable-dnssec -> dnssec-enable
2004-03-10 02:55:59 +00:00
Mark Andrews
3ec98505e3
1584. [bug] "make test" failed with a readonly source tree.
...
[RT #10461 ]
2004-03-10 01:05:57 +00:00
Mark Andrews
c3138c6928
doc regen / copyrights
2004-03-08 04:04:47 +00:00
Mark Andrews
a821d5fa3d
DNSSEC bis merge from HEAD:
...
1581. [func] Disable DNSSEC support by default. To enable
DNSSEC specify "enable-dnssec yes;" in named.conf.
1565. [bug] CD flag should be copied to outgoing queries unless
the query is under a secure entry point in which case
CD should be set.
1558. [func] New DNSSEC 'disable-algorithms'. Support entry into
child zones for which we don't have a supported
algorithm. Such child zones are treated as unsigned.
1557. [func] Implement missing DNSSEC tests for
* NOQNAME proof with wildcard answers.
* NOWILDARD proof with NXDOMAIN.
Cache and return NOQNAME with wildcard answers.
1541. [func] NSEC now uses new bitmap format.
1519. [bug] dnssec-signzone:nsec_setbit() computed the wrong
length of the new bitmap.
1516. [func] Roll the DNSSEC types to RRSIG, NSEC and DNSKEY.
2004-03-08 02:08:05 +00:00
Mark Andrews
a09e55f624
update copyrights
2004-03-06 10:22:54 +00:00
cvs2git
a42d030f09
This commit was manufactured by cvs2git to create branch 'v9_3'.
2004-03-05 05:14:22 +00:00
Mark Andrews
dafcb997e3
update copyright notice
2004-03-05 05:14:21 +00:00
Mark Andrews
821644d49b
1574. [bug] Don't attempt to open the controls socket(s) when
...
running tests. [RT #9091 ]
2004-03-02 02:01:41 +00:00
Mark Andrews
6bd0e050ee
1574. [bug] Don't attempt to open the controls socket(s) when
...
running tests. [RT #9091 ]
2004-03-02 01:59:49 +00:00
Mark Andrews
89783da064
1581. [func] Disable DNSSEC support by default. To enable
...
DNSSEC specify "enable-dnssec yes;" in named.conf.
2004-02-17 03:40:23 +00:00
Mark Andrews
841ed46de5
1558. [func] New DNSSEC 'disable-algorithms'. Support entry into
...
child zones for which we don't have a supported
algorithm. Such child zones are treated as unsigned.
2004-01-15 04:09:17 +00:00
Mark Andrews
35541328a8
1558. [func] New DNSSEC 'disable-algorithms'. Support entry into
...
child zones for which we don't have a supported
algorithm. Such child zones are treated as unsigned.
1557. [func] Implement missing DNSSEC tests for
* NOQNAME proof with wildcard answers.
* NOWILDARD proof with NXDOMAIN.
Cache and return NOQNAME with wildcard answers.
2004-01-14 02:06:51 +00:00
Mark Andrews
b7e6fb4e84
whitespace
2003-10-26 21:33:47 +00:00
Mark Andrews
ee61dfc5ed
sync w/HEAD
2003-10-21 05:56:41 +00:00
Mark Andrews
93d6dfaf66
1516. [func] Roll the DNSSEC types to RRSIG, NSEC and DNSKEY.
2003-09-30 06:00:40 +00:00
Mark Andrews
60c8cebb10
pullup: misc cleanups
2003-08-13 04:55:28 +00:00
Mark Andrews
891c424e56
update_copyrights
2002-08-05 06:57:16 +00:00
Mark Andrews
0f042c7c44
- improves tests of negative insecurity proofs, including tests for the
...
SOA TTL 0 hack.
- adds +noauth to a few invocations of dig where the authority section is
not important.
- removes the bogus first half of the dynamic zone test, which didn't
do anything other than make the test suite fail if run twice.
- fixed the fact that the keyless.example zone wasn't being securely
delegated.
bwelling
2002-07-19 06:20:24 +00:00
Mark Andrews
b833082a39
reviewed: marka
...
1273. [bug] The dnssec system test failed to remove the correct
files.
2002-07-02 03:43:38 +00:00
Mark Andrews
0b09763c35
1328. [func] DS (delegation signer) support.
2002-06-17 04:01:37 +00:00
Mark Andrews
a04a323f9a
1273. [bug] The dnssec system test failed to remove the correct
...
files.
2002-04-24 00:46:25 +00:00
Mark Andrews
a7038d1a05
copyrights
2002-02-20 03:35:59 +00:00
Brian Wellington
4014b6a8ae
although a privately secure zone was signed, it was never tested.
2002-02-13 01:32:12 +00:00
Brian Wellington
64ea670052
the dynamic zone test wasn't working as expected since the child zone wasn't
...
securely delegated.
2002-02-06 03:28:59 +00:00
Brian Wellington
4ca54c8f3b
ns5 is the incorrectly configured server, not ns4.
2002-02-01 01:56:00 +00:00
Andreas Gustafsson
473ca0bf8c
Added RT #2399 regression test
2002-01-22 22:27:29 +00:00
Brian Wellington
78baa4ccb8
some files weren't being removed.
2001-11-06 19:32:54 +00:00
Andreas Gustafsson
e4b5f088ca
Added RT #1763 regression test
2001-09-19 21:19:52 +00:00
Andreas Gustafsson
1301637cc5
check that negative validation fails with a misconfigured trusted key
2001-09-19 20:47:02 +00:00
Brian Wellington
81b172466c
*** empty log message ***
2001-09-17 17:47:20 +00:00
Brian Wellington
206bced36f
order the parameters to dnssec-keygen consistently.
2001-09-17 17:42:04 +00:00
Andreas Gustafsson
25525110c1
fixed and simplified
2001-07-13 18:29:00 +00:00
Brian Wellington
f4d26dbdb6
fix redirection
2001-07-11 19:02:16 +00:00
Brian Wellington
1a8002871e
require a build with openssl to run dnssec & tkey tests
2001-07-10 21:41:14 +00:00
Brian Wellington
7a224ba59b
test that validation of an ANY query returning a DNAME works
2001-02-23 06:22:11 +00:00
Brian Wellington
529d1b9ada
test that validation of a query returning a DNAME works
2001-02-23 06:14:44 +00:00
Brian Wellington
4f91c46a42
Test that both normal and ANY queries that match a CNAME are properly
...
validated.
2001-02-21 06:47:45 +00:00
Brian Wellington
a41ab607a4
Test that validation of ANY queries works. Also add data to be used for
...
CNAME/DNAME tests, but not the tests yet since they fail.
2001-02-20 18:33:50 +00:00
Andreas Gustafsson
1988fd60fa
share the root.hint file among most of the system tests instead of having multiple identical copies
2001-01-11 20:44:21 +00:00
Brian Wellington
499b34cea0
copyright update
2001-01-09 22:01:04 +00:00
Brian Wellington
ec772e873b
651. [func] The AD bit in responses now has the meaning
...
specified in <draft-ietf-dnsext-ad-is-secure>.
2001-01-04 00:24:26 +00:00
Andreas Gustafsson
f333ea9bdd
added notify-source options
2000-11-28 19:07:00 +00:00
Brian Wellington
2c46670fb4
ignore stdout from the dnssec tools
2000-11-22 20:37:50 +00:00
Andreas Gustafsson
4f37905cc3
added 'transfer-source' directives to all system test named.conf
...
files, so that tests succeed while transfer-source is still being (ab)used as
the notify source address
2000-11-22 01:34:19 +00:00
Andreas Gustafsson
01da43e63a
pass the +dnssec flag to DIG
2000-11-22 01:26:24 +00:00
Andreas Gustafsson
5a77e9620a
make spacing in listen-on-v6 option consistent with other options
2000-11-21 23:50:10 +00:00