Mark Andrews
04934b28ea
4815. [bug] rbt_test.c:insert_and_delete needed to call
...
dns_rbt_addnode instead of dns_rbt_addname. [RT #46553 ]
2017-11-13 15:26:35 +11:00
Mark Andrews
6bbbf12936
4814. [cleanup] Use AS_HELP_STRING for consistent help text. [RT #46521 ]
2017-11-13 11:36:45 +11:00
Mark Andrews
c0e3e1fe44
4813. [bug] Address potential read after free errors from
...
query_synthnodata, query_synthwildcard and
query_synthnxdomain. [RT #46547 ]
2017-11-10 13:33:18 +11:00
Michał Kępień
312c84c73a
[master] Minor improvements to code handling managed keys
...
4812. [bug] Minor improvements to stability and consistency of code
handling managed keys. [RT #46468 ]
2017-11-09 15:18:39 +01:00
Mark Andrews
a1a5145867
4811. [bug] Revert api changes to use <isc/buffer.h> inline
...
macros. Provide a alternative mechanism to turn
on the use of inline macros when building BIND.
[RT #46520 ]
2017-11-08 23:28:10 +11:00
Mark Andrews
c652213857
4810. [test] The chain system test failed if the IPv6 interfaces
...
were not configured. [RT #46508 ]
2017-11-08 10:17:03 +11:00
Evan Hunt
f13c1c09e9
[master] move release tag
2017-11-07 13:33:24 -08:00
Evan Hunt
e3d9aafff0
[master] Check if -latomic is needed to handle 64-bit stdatomic.h types
...
4809. [port] Check at configure time whether -latomic is needed
for stdatomic.h. [RT #46324 ]
2017-11-07 13:27:14 -08:00
Mark Andrews
b819a478b7
4808. [bug] Properly test for zlib.h. [RT #46504 ]
2017-11-07 10:11:55 +11:00
Mukund Sivaraman
7e1df5182c
[master] isc_rng_randombytes()
...
4807. [cleanup] isc_rng_randombytes() returns a specified number of
bytes from the PRNG; this is now used instead of
calling isc_rng_random() multiple times. [RT #46230 ]
2017-11-06 10:44:37 -08:00
Evan Hunt
8d23105547
[master] prep 9.12.0b2
2017-11-02 11:50:07 -07:00
Evan Hunt
9bb007fd2d
[master] "zoneload" logging category
...
4806. [func] Log messages related to loading of zones are now
directed to the "zoneload" logging category.
[RT #41640 ]
2017-11-01 22:48:12 -07:00
Mark Andrews
92bbc9914c
4805. [bug] TCP4Active and TCP6Active weren't being updated
...
correctly. [RT #46454 ]
2017-11-02 10:42:42 +11:00
Mark Andrews
ff30290b48
4804. [port] win32: access() does not work on directories as
...
required by POSIX. Supply a alternative in
isc_file_isdirwritable. [RT #46394 ]
2017-11-01 09:29:24 +11:00
Michał Kępień
dd61c4ad3e
[master] Add placeholder
2017-10-31 07:54:56 +01:00
Michał Kępień
facf811847
[master] Refactor mkeys system test
...
4802. [test] Refactor mkeys system test to make it quicker and more
reliable. [RT #45293 ]
2017-10-30 09:41:24 +01:00
Mark Andrews
f5e1b555c5
4801. [func] 'dnssec-lookaside auto;' and 'dnssec-lookaside .
...
trust-anchor dlv.isc.org;' now elicit warnings rather
than being fatal configuration errors. [RT #46410 ]
2017-10-30 07:40:59 +11:00
Mukund Sivaraman
625f656aa8
When processing delzone, write one zone config per line to the NZF ( #46323 )
2017-10-29 07:40:20 +05:30
Michał Kępień
c6c1193e39
[master] Improve clarity of keytable unit tests
...
4799. [cleanup] Improve clarity of keytable unit tests. [RT #46407 ]
2017-10-28 19:59:40 +02:00
Evan Hunt
c9f8165a06
[master] tag initializing keys
...
4798. [func] Keys specified in "managed-keys" statements
are tagged as "initializing" until they have been
updated by a key refresh query. If initialization
fails it will be visible from "rndc secroots".
[RT #46267 ]
2017-10-27 15:49:44 -07:00
Evan Hunt
1d57d460d4
[master] change rndc-confgen default algorithm
...
this completes change 4785. the CHANGES note has been revised:
4785. [func] The hmac-md5 algorithm is no longer recommended for
use with RNDC keys. The default in rndc-confgen
is now hmac-sha256. [RT #42272 ]
2017-10-27 10:56:43 -07:00
Evan Hunt
959d294067
[master] remove isc-hmac-fixup
...
4797. [func] Removed "isc-hmac-fixup", as the versions of BIND that
had the bug it worked around are long past end of
life. [RT #46411 ]
2017-10-27 09:56:11 -07:00
Brian Conry
864bc6b56e
[master] Increase the maximum TCP keepalive timeout to 65535
...
4796. [bug] Increase the maximum configurable TCP keepalive
timeout to 65535. [RT #44710 ]
2017-10-27 14:58:48 +02:00
Evan Hunt
06049b1c6c
[master] stats counter for priming queries
...
4795. [func] A new statistics counter has been added to track
priming queries. [RT #46313 ]
2017-10-26 21:38:43 -07:00
Evan Hunt
3b4f23cdbf
[master] dnssec-checkds -s
...
4794. [func] "dnssec-checkds -s" specifies a file from which
to read a DS set rather than querying the parent.
[RT #44667 ]
2017-10-26 21:05:11 -07:00
Mark Andrews
87387d8a41
4793. [bug] nsupdate -[46] could overflow the array of server
...
addresses. [RT #46402 ]
2017-10-26 16:00:24 +11:00
Evan Hunt
5b69d3da83
[master] check file and tree headers when loading map files
...
4792. [bug] Fix map file header correctness check. [RT #38418 ]
2017-10-25 21:37:00 -07:00
Evan Hunt
6a59e53a69
[master] fixed libdns doc
...
4791. [doc] Fixed outdated documentation about export libraries.
[RT #46341 ]
2017-10-25 10:55:34 -07:00
Mark Andrews
2bbca9594f
4790. [bug] nsupdate could trigger a require when sending a
...
update to the second address of the server.
[RT #45731 ]
2017-10-26 00:29:52 +11:00
Evan Hunt
eb2ef7b53e
[master] check new-zones-directory
...
4789. [cleanup] Check writability of new-zones-directory. [RT #46308 ]
2017-10-25 01:19:46 -07:00
Evan Hunt
aebdc6cd7d
[master] log when update-policy local gets a key match from a remote host
...
4788. [cleanup] When using "update-policy local", log a warning
when an update matching the session key is received
from a remote host. [RT #46213 ]
- this completes change #4762 .
2017-10-25 00:58:11 -07:00
Michał Kępień
910a01550a
[master] Rename nsec3param_salt_totext() to dns_nsec3param_salttotext(), make it public, add unit tests
...
4786. [cleanup] Turn nsec3param_salt_totext() into a public function,
dns_nsec3param_salttotext(), and add unit tests for it.
[RT #46289 ]
2017-10-25 09:46:18 +02:00
Evan Hunt
65314b0fd8
[master] "enable-filter-aaaa" no longer optional
...
4786. [func] The "filter-aaaa-on-v4" and "filter-aaaa-on-v6"
options are no longer conditionally compiled.
[RT #46340 ]
2017-10-25 00:33:51 -07:00
Tinderbox User
ea055a82cd
update copyright notice / whitespace
2017-10-24 23:47:14 +00:00
Evan Hunt
21761bfe79
[master] deprecate HMAC in dnssec-keygen, MD5 in rndc-confgen
...
4785. [func] The hmac-md5 algorithm is no longer recommended for
use with RNDC keys. For compatibility reasons, it
it is still the default algorithm in rndc-confgen,
but this will be changed to hmac-sha256 in a future
release. [RT #42272 ]
4784. [func] The use of dnssec-keygen to generate HMAC keys is
deprecated in favor of tsig-keygen. dnssec-keygen
will print a warning when used for this purpose.
All HMAC algorithms will be removed from
dnssec-keygen in a future release. [RT #42272 ]
2017-10-24 15:35:13 -07:00
Mark Andrews
969d923536
4783. [test] dnssec: 'check that NOTIFY is sent at the end of
...
NSEC3 chain generation failed' required more time
on some machines for the IXFR to complete. [RT #46388 ]
2017-10-25 09:21:14 +11:00
Mark Andrews
6b8e4d6e69
4782. [test] dnssec: 'checking positive and negative validation
...
with negative trust anchors' required more time to
complete on some machines. [RT #46386 ]
2017-10-25 09:13:05 +11:00
Evan Hunt
7810817b71
[master] update B.ROOT-SERVERS.NET
2017-10-24 09:17:08 -07:00
Evan Hunt
0207f6ff9e
[master] omit NS from authority section if it was in answer
...
4780. [bug] When answering ANY queries, don't include the NS
RRset in the authority section if it was already
in the answer section. [RT #44543 ]
2017-10-23 19:16:27 -07:00
Mark Andrews
c9438ee2e0
4779. [bug] Expire NTA at the start of the second. Don't update
...
the expiry value if the record has already expired
after a successful check. [RT #46368 ]
2017-10-24 09:54:25 +11:00
Mark Andrews
a59d687db4
4778. [test] Improve synth-from-dnssec testing. [RT #46352 ]
2017-10-24 09:49:07 +11:00
Evan Hunt
89636d8f30
[master] clean up a redundancy
...
4777. [cleanup] Removed a redundant call to configure_view_acl().
[RT #46369 ]
2017-10-23 11:11:19 -07:00
Mark Andrews
66258ca349
4776. [bug] Improve portability of ht_test. [RT #46333 ]
2017-10-20 16:04:59 +11:00
Mark Andrews
583e355951
4775. [bug] Address Coverity warnings in ht_test.c and mem_test.c
...
[RT #46281 ]
2017-10-19 13:08:31 +11:00
Mark Andrews
fe79e2efbf
4774. [bug] <isc/util.h> was incorrectly included in several
...
header files. [RT #46311 ]
2017-10-19 12:26:32 +11:00
Michał Kępień
2361003a88
[master] Doxygen fixes and cleanups
...
4773. [doc] Fixed generating Doxygen documentation for functions
annotated using certain macros. Miscellaneous
Doxygen-related cleanups. [RT #46276 ]
2017-10-17 06:56:46 +02:00
Evan Hunt
3abcd7cd8a
[master] Revert "[master] tag initializing keys so they can't be used for normal validation"
...
This reverts commit 560d8b833e
2017-10-12 10:53:35 -07:00
Evan Hunt
99ab7127e1
[master] prep 9.12.0b1
2017-10-11 21:10:49 -07:00
Evan Hunt
560d8b833e
[master] tag initializing keys so they can't be used for normal validation
...
4773. [bug] Keys specified in "managed-keys" statements
can now only be used when validating key refresh
queries during initialization of RFC 5011 key
maintenance. If initialization fails, DNSSEC
validation of normal queries will also fail.
Previously, validation of normal queries could
succeed using the initializing key, potentially
masking problems with managed-keys. [RT #46077 ]
2017-10-11 21:01:13 -07:00
Michał Kępień
defa292088
[master] expanded libns unit tests
...
4772. [test] Expanded unit testing framework for libns, using
hooks to interrupt query flow and inspect state
at specified locations. [RT #46173 ]
2017-10-11 15:02:50 -07:00
