ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
19,870 Commits 589 Branches 805 Tags
4f9711d61edfa0d52b54c8a74fd080e2b65cb4e2
Commit Graph

8474 Commits

Author SHA1 Message Date
Mark Andrews
b78658f143 2970. [security] Adding a NO DATA negative cache entry failed to clear 
any matching RRSIG records.  A subsequent lookup of
                        of NO DATA cache entry could trigger a INSIST when the
                        unexpected RRSIG was also returned with the NO DATA
                        cache entry.  [RT #22288]
 2010-11-16 08:01:09 +00:00
Mark Andrews
a407ead333 2968. [security] Named could fail to prove a data set was insecure 
before marking it as insecure.  One set of conditions
                        that can trigger this occurs naturally when rolling
                        DNSKEY algorithms.  [RT #22309]

Had to adjust the test to use RSAMD5 -> RSASH1 as we need to use algorithms
supported by 9.4.
 2010-11-16 04:17:44 +00:00
Automatic Updater
98172e6c3f update copyright notice 2010-10-18 23:45:45 +00:00
Mark Andrews
b35d42c270 2966. [bug] isc_print_vsnprintf() failed to check if there was 
space available in the buffer when adding a left
                        justified character with a non zero width,
                        (e.g. "%-1c"). [RT #22270]
 2010-10-18 04:08:02 +00:00
Mark Andrews
e96e6e8077 9.4-ESV-R3 2010-09-02 07:27:40 +00:00
Mark Andrews
43a1ec8d9f 2869. [bug] Fix arguments to dns_keytable_findnextkeynode() call. 
[RT #20877]
 2010-09-02 07:21:53 +00:00
Mark Andrews
7b67408765 2925. [bug] Named failed to accept uncachable negative responses 
from insecure zones. [RT# 21555]
 2010-06-26 00:11:50 +00:00
Automatic Updater
b45951a046 update copyright notice 2010-06-23 23:45:21 +00:00
Mark Andrews
8310668e43 2921. [bug] The resolver could attempt to destroy a fetch context 
to soon.  [RT #19878]
 2010-06-23 01:48:55 +00:00
Automatic Updater
6c82c34716 update copyright notice 2010-06-04 23:46:02 +00:00
Automatic Updater
bda132bcaf update copyright notice 2010-06-03 23:46:10 +00:00
Mark Andrews
1a677bc3f7 2904. [bug] When using DLV, sub-zones of the zones in the DLV, 
could be incorrectly marked as insecure instead of
                        secure leading to negative proofs failing.  This was
                        a unintended outcome from change 2890. [RT# 21392]
 2010-06-03 00:36:02 +00:00
Mark Andrews
eb12f97615 2900. [bug] The placeholder negative caching element was not 
properly constructed triggering a INSIST in
                        dns_ncache_towire(). [RT #21346]
 2010-06-03 00:21:52 +00:00
Mark Andrews
0cd3b8cc3e 2890. [bug] Handle the introduction of new trusted-keys and 
DS, DLV RRsets better. [RT #21097]
 2010-06-03 00:07:59 +00:00
Mark Andrews
078580a74d 9.4-ESV-R2 2010-05-10 01:56:40 +00:00
Mark Andrews
af9bcac6c5 2876. [bug] Named could return SERVFAIL for negative responses 
from unsigned zones. [RT #21131]
 2010-04-21 04:23:47 +00:00
Mark Andrews
fe5f0e6d28 dns_rdataset_expire/dns_rdataset_settrust 2010-03-03 07:00:38 +00:00
Mark Andrews
31f3215162 dns_resolver_*badcache 2010-03-03 05:02:27 +00:00
Automatic Updater
e95ab03354 update copyright notice 2010-02-26 23:46:37 +00:00
Mark Andrews
b6a3b10da7 2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619] 2010-02-26 01:03:56 +00:00
Automatic Updater
8f7aff9340 update copyright notice 2010-01-07 23:46:07 +00:00
Evan Hunt
e4cb322618 2831. [security] Do not attempt to validate or cache 
out-of-bailiwick data returned with a secure
			answer; it must be re-fetched from its original
			source and validated in that context. [RT #20819]
 2010-01-07 17:49:50 +00:00
Evan Hunt
d7985983b0 2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712] 2009-12-30 06:44:05 +00:00
Mark Andrews
e312c286f8 9.4-ESVrc1 2009-12-11 00:39:13 +00:00
Mark Andrews
a5b9974f4a CHANGES 2009-12-02 23:36:35 +00:00
Automatic Updater
c5614de3f9 update copyright notice 2009-11-26 23:46:11 +00:00
Mark Andrews
54d83f4a68 2790. [bug] Handle DS queries to stub zones. 2009-11-26 03:45:43 +00:00
Automatic Updater
521de9e5dd update copyright notice 2009-11-25 23:46:52 +00:00
Mark Andrews
b4bd8d0662 772. [security] When validating, track whether pending data was from 
the additional section or not and only return it if
                        validates as secure. [RT #20438]
 2009-11-25 04:50:25 +00:00
Mark Andrews
9352b49a12 dns_resolver_logfetch 2009-10-13 02:45:22 +00:00
Automatic Updater
5879ebd03d update copyright notice 2009-10-01 23:46:07 +00:00
Mark Andrews
45f4234351 2697. [port] win32: ensure that S_IFMT, S_IFDIR, S_IFCHR and 
S_IFREG are defined after including <isc/stat.h>.
                        [RT #20309]
 2009-10-01 05:25:44 +00:00
Automatic Updater
0ece689740 update copyright notice 2009-09-25 23:46:13 +00:00
Mark Andrews
c6473dc038 2690. [bug] win32: fix isc_thread_key_getspecific() prototype. 
[RT #20315]
 2009-09-25 05:52:20 +00:00
Mark Andrews
76e450eb3c regen: use consistant versions of Autoconf 2009-09-25 04:47:46 +00:00
Mark Andrews
d268d780cc silence signed/unsigned comparision warning 2009-09-25 01:48:28 +00:00
Automatic Updater
1c52929b3c update copyright notice 2009-09-24 23:46:07 +00:00
Mark Andrews
ca202d441e 2689. [bug] Correctly handle snprintf result. [RT #20306] 2009-09-24 22:25:30 +00:00
Tatuya JINMEI 神明達哉
aaa2233e76 2525. [experimental] New logging category "query-errors" to provide detailed 
internal information about query failures, especially
			about server failures.  (backported as a special
			exception to the general policy) [RT #19027]
 2009-09-24 21:38:52 +00:00
Mark Andrews
2b4ed367f3 2688. [bug] Use INTERFACE_F_POINTTOPOINT, not IFF_POINTOPOINT, 
to decide to fetch the destination address. [RT #20305]
 2009-09-24 06:43:52 +00:00
Automatic Updater
0208177ad7 update copyright notice 2009-09-23 23:46:06 +00:00
Evan Hunt
2d073f29ce fix typo in net.c -- s/closeocket/closesocket/ 2009-09-23 00:47:30 +00:00
Tatuya JINMEI 神明達哉
8c8119ce24 2681. [bug] IPSECKEY RR of gateway type 3 was not correctly 
decoded [RT #20269].

BIND 9.7.0, 9.6.2, 9.5.2, 9.4.4
 2009-09-18 21:57:08 +00:00
Mark Andrews
9b2c4fd0ef 2670. [bug] Unexpected connect failures failed to log enough 
information to be useful. [RT #20205]
 2009-09-07 02:17:09 +00:00
Automatic Updater
dd0bd9bbc2 update copyright notice 2009-09-01 23:46:02 +00:00
Evan Hunt
db00fbebac back out changes 2661 & 2662 2009-09-01 07:18:54 +00:00
Evan Hunt
9a3ef95d13 2662. [bug] lwres_getipnodebyname() and lwres_getipnodebyaddr() 
returned a misleading error code when lwresd was
			down. [RT #20028]

2661.	[bug]		Check whether socket fd exceeds FD_SETSIZE when
			creating lwres context. [RT #20029]
 2009-09-01 06:55:10 +00:00
Mark Andrews
05254ef65d missing semicolon 2009-08-14 07:48:15 +00:00
Mark Andrews
b83cc64332 9.4.4b1 2009-08-13 07:39:19 +00:00
Automatic Updater
8769935911 update copyright notice 2009-08-13 07:12:22 +00:00