bind9

Author	SHA1	Message	Date
Automatic Updater	510032fdf4	update copyright notice	2009-10-22 23:48:07 +00:00
Evan Hunt	f10a8fa034	2727. [func] The 'key-directory' option can now specify a relative path. [RT #20154]	2009-10-22 03:43:16 +00:00
Evan Hunt	cc6cddfd94	2726. [func] Added support for SHA-2 DNSSEC algorithms, RSASHA256 and RSASHA512. [RT #20023]	2009-10-22 02:21:31 +00:00
Mark Andrews	d2a8d00228	2724. [bug] Updates to a existing node in secure zone using NSEC were failing. [RT #20448]	2009-10-22 01:55:55 +00:00
Mark Andrews	859cfb24bf	silence compiler warnings. [RT #20412 ]	2009-10-20 03:30:07 +00:00
Mark Andrews	06e7340198	2719. [func] Skip trusted/managed keys for unsupported algorithms. [RT #20392]	2009-10-20 03:15:06 +00:00
Mark Andrews	4b30598fb9	2716. [bug] nslookup debug mode didn't return the ttl. [RT #20414 ]	2009-10-20 01:04:03 +00:00
Automatic Updater	5a24d24c8f	regen	2009-10-17 01:14:35 +00:00
Jeremy Reed	eec29cfd40	Fix typo as reported by SUN Guonian <sun@cnnic.cn>. This was seen in 9.7.0a3. No CHANGES entry as is too minor.	2009-10-16 15:37:01 +00:00
Automatic Updater	d060d8669f	regen	2009-10-16 04:20:49 +00:00
Evan Hunt	8f7de3db7e	Respinning to fix memory leak in dnssec-signzone. (Also adopting doc changes.)	2009-10-16 02:59:41 +00:00
Mark Andrews	1ed01b3390	silence compiler warning	2009-10-14 22:07:13 +00:00
Automatic Updater	ef9ee92543	update copyright notice	2009-10-13 23:48:12 +00:00
Evan Hunt	5c0fd37335	changes needed for win32 build	2009-10-13 02:39:38 +00:00
Evan Hunt	19ac4707ee	changes needed for win32 build	2009-10-13 00:55:51 +00:00
Automatic Updater	97639003b0	update copyright notice	2009-10-12 23:48:02 +00:00
Automatic Updater	3b2c6af63e	regen	2009-10-12 23:16:15 +00:00
Evan Hunt	c00929ed9f	additional doc improvement	2009-10-12 23:02:32 +00:00
Evan Hunt	77b8f88f14	2712. [func] New 'auto-dnssec' zone option allows zone signing to be fully automated in zones configured for dynamic DNS. 'auto-dnssec allow;' permits a zone to be signed by creating keys for it in the key-directory and using 'rndc sign <zone>'. 'auto-dnssec maintain;' allows that too, plus it also keeps the zone's DNSSEC keys up to date according to their timing metadata. [RT #19943]	2009-10-12 20:48:12 +00:00
Automatic Updater	8de0d8a690	regen	2009-10-11 01:14:49 +00:00
Automatic Updater	8667770ad2	update copyright notice	2009-10-10 23:47:58 +00:00
Evan Hunt	3727725bb7	2710. [func] New 'dnssec-signzone -x' flag and 'dnskey-ksk-only' zone option cause a zone to be signed with only KSKs signing the DNSKEY RRset, not ZSKs. This reduces the size of a DNSKEY answer. [RT #20340]	2009-10-10 01:48:00 +00:00
Evan Hunt	315a1514a5	2709. [func] Added some data fields, currently unused, to the private key file format, to allow implementation of explicit key rollover in a future release without impairing backward or forward compatibility. [RT #20310]	2009-10-09 06:09:21 +00:00
Automatic Updater	b05106c7e6	regen	2009-10-09 01:14:47 +00:00
Automatic Updater	15bbb8a129	update copyright notice	2009-10-08 23:48:10 +00:00
Mark Andrews	2847930722	2708. [func] Insecure to secure and NSEC3 parameter changes via update are now fully supported and no longer require defines to enable. We now no longer overload the NSEC3PARAM flag field, nor the NSEC OPT bit at the apex. Secure to insecure changes are controlled by by the named.conf option 'secure-to-insecure'. Warning: If you had previously enabled support by adding defines at compile time to BIND 9.6 you should ensure that all changes that are in progress have completed prior to upgrading to BIND 9.7. BIND 9.7 is not backwards compatible.	2009-10-08 23:13:07 +00:00
Automatic Updater	2a6d4c9948	regen	2009-10-07 01:14:42 +00:00
Evan Hunt	22b23fb59d	tbox wants an #include <isc/print.h>...	2009-10-06 23:22:51 +00:00
Evan Hunt	d1f39121a6	2707. [func] dnssec-keyfromlabel no longer require engine name to be specified in the label if there is a default engine or the -E option has been used. Also, it now uses default algorithms as dnssec-keygen does (i.e., RSASHA1, or NSEC3RSASHA1 if -3 is used). [RT #20371]	2009-10-06 22:58:45 +00:00
Evan Hunt	ca60f7ba75	Add pkcs11 tools to standard windows BIND 9 build.	2009-10-06 22:14:13 +00:00
Evan Hunt	246c504f90	2706. [bug] Loading a zone with a very large NSEC3 salt could trigger an assert. [RT #20368]	2009-10-06 21:20:45 +00:00
Evan Hunt	95b41985f7	- build pkcs11 tools when compiling --with-pkcs11=yes - add PKCS11_PROVIDER environment variable as a method for specifying the provider.	2009-10-06 20:27:55 +00:00
Automatic Updater	e74245134d	update copyright notice	2009-10-06 04:40:14 +00:00
Automatic Updater	8ec3c08523	regen	2009-10-06 01:14:42 +00:00
Evan Hunt	3ff75c89eb	2704. [bug] Serial of dynamic and stub zones could be inconsistent with their SOA serial. [RT #19387]	2009-10-05 19:39:20 +00:00
Francis Dupont	8b78c993cb	explicit engine rt20230a	2009-10-05 17:30:49 +00:00
Francis Dupont	e853728477	update OpenSSL PKCS#11 patch (rt19910)	2009-10-05 13:20:06 +00:00
Francis Dupont	d220cab39d	pkcs11 rt20229	2009-10-05 13:02:31 +00:00
Francis Dupont	247806c820	regen	2009-10-05 12:25:29 +00:00
Francis Dupont	f89a9bcf1c	pkcs11 rt20236	2009-10-05 12:23:11 +00:00
Francis Dupont	b091b4bb80	regen	2009-10-05 12:13:15 +00:00
Francis Dupont	a631b30b1d	pkcs11 rt20225	2009-10-05 12:07:08 +00:00
Francis Dupont	78e0199a39	update OpenSSL PKCS#11 patch (19143)	2009-10-05 11:12:45 +00:00
Evan Hunt	1210799345	Add /* NOTREACHED */ comments	2009-10-03 18:03:54 +00:00
Automatic Updater	66fec05962	regen	2009-09-30 01:14:47 +00:00
Automatic Updater	61dd99bfae	update copyright notice	2009-09-29 23:48:04 +00:00
Evan Hunt	a93a66f618	2794. [bug] Reduce default NSEC3 iterations from 100 to 10. [RT #19970]	2009-09-29 22:17:34 +00:00
Francis Dupont	debd489a44	noreturn RT #20257	2009-09-29 15:06:07 +00:00
Mark Andrews	1e733ffc11	2792. [port] win32: 32/64 bit cleanups. [RT #128244 ]	2009-09-29 04:38:23 +00:00
Automatic Updater	f3d1a0ba52	regen	2009-09-26 01:14:51 +00:00

1 2 3 4 5 ...

5016 Commits