Tinderbox User
65d4abb881
update copyright notice / whitespace
2017-04-23 23:47:17 +00:00
Mukund Sivaraman
9af94db1da
Add missing types for non-threaded build
...
(cherry picked from commit b1568eeedc )
(cherry picked from commit 5fb7dd046e )
(cherry picked from commit cb0c1c0b04 )
2017-04-22 20:03:40 +05:30
Evan Hunt
7f0127c111
[v9_9] openssl backward compatibility fix
...
4604. [bug] Don't use ERR_load_crypto_strings() when building
with OpenSSL 1.1.0. [RT #45117 ]
(cherry picked from commit 4c31eda5e1 )
2017-04-21 18:56:37 -07:00
Evan Hunt
0f9808291c
[v9_9] fix portability issue
...
(cherry picked from commit 8ee6a6afd8 )
2017-04-21 18:16:30 -07:00
Evan Hunt
9ad188ccaf
[v9_9] give threads unique names to assist debugging
...
4602. [func] Threads are now set to human-readable
names to assist debugging, when supported by
the OS. [RT #43234 ]
(cherry picked from commit d26ae7fc08 )
(cherry picked from commit 8b9c4592ed )
2017-04-21 14:00:54 -07:00
Mukund Sivaraman
4cf12b3916
Reject incorrect RSA key lengths during key generation and and sign/verify context creation ( #45043 )
...
(cherry picked from commit 239e9dc81c )
(cherry picked from commit 264e17e739 )
(cherry picked from commit 2540059b7b )
2017-04-21 19:09:05 +05:30
Mukund Sivaraman
4973497287
Fix inconsistencies in inline signing time comparisons ( #42112 )
...
(cherry picked from commit 4176d278e2 )
(cherry picked from commit eeb16584fb )
(cherry picked from commit fb5c4bc94c )
2017-04-21 16:49:03 +05:30
Mukund Sivaraman
3664176a73
Ignore SHA-1 DS digest type when SHA-384 DS digest type is present ( #45017 )
...
(cherry picked from commit 5d01eab088 )
(cherry picked from commit 9540b42695 )
(cherry picked from commit 4ab28446c1 )
2017-04-21 16:24:23 +05:30
Evan Hunt
62fd7f8062
[v9_9] fix dispatch.c shutdown race
...
4952. [bug] A race condition on shutdown could trigger an
assertion failure in dispatch.c. [RT #43822 ]
(cherry picked from commit 019132b70c )
2017-04-20 17:42:09 -07:00
Mark Andrews
3d61a6c12d
4587. [bug] named-checkzone failed to handle occulted data below
...
DNAMEs correctly. [RT #44877 ]
(cherry picked from commit 600b027731 )
2017-04-20 13:30:57 +10:00
Mark Andrews
11a028ceb4
4585. [port] win32: Set CompileAS value. [RT #42474 ]
...
(cherry picked from commit 3742338a7b )
2017-04-20 13:01:35 +10:00
Tinderbox User
93830fbbf8
update copyright notice / whitespace
2017-04-17 23:47:45 +00:00
Evan Hunt
b70ae741bf
[v9_9] fix out of tree build error
...
(cherry picked from commit 28cff4f924 )
2017-04-17 14:32:13 -07:00
Tinderbox User
07967caf75
update copyright notice / whitespace
2017-03-24 23:47:23 +00:00
Mark Andrews
8c2d209f09
4582. [security] 'rndc ""' could trigger a assertion failure in named.
...
(CVE-2017-3138) [RT #44924 ]
(cherry picked from commit 8e8dfc5941 )
2017-03-25 02:08:26 +11:00
Mark Andrews
c43edd377b
4580. [bug] 4578 introduced a regression when handling CNAME to
...
referral below the current domain. [RT #44850 ]
(cherry picked from commit 638c7c635d )
2017-03-14 15:17:32 +11:00
Mark Andrews
b99d097cc4
Reimplement:
...
4578. [security] Some chaining (CNAME or DNAME) responses to upstream
queries could trigger assertion failures.
(CVE-2017-3137) [RT #44734 ]
(cherry picked from commit f240f4a5de )
2017-03-01 12:07:56 +11:00
Evan Hunt
fcf1874867
[v9_9] remove unnecessary INSIST and prep 9.11.1rc2
...
4578. [security] Some chaining (CNAME or DNAME) responses to upstream
queries could trigger assertion failures.
(CVE-2017-3137) [RT #44734 ]
(cherry picked from commit a1365a0042 )
(cherry picked from commit 559cbe04e7 )
2017-02-23 15:26:55 -08:00
Mark Andrews
039a1489c8
explicitly cast to (unsigned int)
2017-02-20 17:05:53 +11:00
Mark Andrews
31099ddd3c
explictly cast to isc_stdtime_t
...
(cherry picked from commit 9998a15284 )
2017-02-20 16:57:41 +11:00
Mark Andrews
14d680e3bc
9.9.10; copyrights
2017-02-16 12:41:30 +11:00
Mark Andrews
4ebbb52b1b
record ranges; account for -P's
2017-02-16 12:10:14 +11:00
Evan Hunt
b4a0711e17
[v9_9] prep 9.9.10rc1
2017-02-04 22:36:23 -08:00
Tinderbox User
84150b929e
update copyright notice / whitespace
2017-02-03 23:47:22 +00:00
Evan Hunt
1b3a9c2755
[v9_9] silence "unused value" warning
...
(cherry picked from commit f4d20b15a2 )
2017-02-03 11:27:19 -08:00
Mark Andrews
182d657891
remove outdated cvs $Id strings
2017-02-03 18:44:36 +11:00
Mark Andrews
3cf44b82b4
4567. [port] Call getprotobyname and getservbyname prior to calling
...
chroot so that shared libraries get loaded. [RT #44537 ]
(cherry picked from commit c550e75ade )
2017-02-03 14:23:45 +11:00
Tinderbox User
2444ab6b88
update copyright notice / whitespace
2017-02-02 23:48:58 +00:00
Evan Hunt
3e43702524
[v9_9] Squashed commit of the following:
...
4561. [port] Silence a warning in strict C99 compilers. [RT #44414 ]
(cherry picked from commit 6cb5e36ca3 )
2017-02-01 17:31:37 -08:00
Tinderbox User
485b9c96c2
update copyright notice / whitespace
2017-01-31 23:48:07 +00:00
Evan Hunt
ad1ebb5b28
[v9_9] address portability issues
...
(cherry picked from commit a2bd99a959 )
2017-01-30 16:52:42 -08:00
Mark Andrews
8da7fa7b52
add a REQUIRE to catch the NULL pointer dereference that triggered CVE-2017-3135
...
(cherry picked from commit 1d8995d226 )
2017-01-31 11:21:25 +11:00
Evan Hunt
a6bae6d52c
[v9_9] change 4558 was incomplete
...
(cherry picked from commit cd668ea57f )
2017-01-30 14:11:30 -08:00
Tinderbox User
9e04eb78f1
update copyright notice / whitespace
2017-01-24 23:47:30 +00:00
Mark Andrews
b15e927949
4560. [bug] mdig: add -m option to enable memory debugging rather
...
than have in on all the time. [RT #44509 ]
4559. [bug] Openssl_link.c didn't compile if ISC_MEM_TRACKLINES
was turned off. [RT #44509 ]
(cherry picked from commit 25da687db7 )
(cherry picked from commit f7903e4bcc )
2017-01-24 17:50:24 +11:00
Mark Andrews
0ce2803ae7
4558. [bug] Synthesised CNAME before matching DNAME was still
...
being cached when it should have been. [RT #44318 ]
(cherry picked from commit 9f4bf43b79 )
2017-01-24 17:41:27 +11:00
Tinderbox User
38e1c56c6d
update copyright notice / whitespace
2017-01-14 23:47:28 +00:00
Mark Andrews
830f1c2f03
4554. [bug] Remove double unlock in dns_dispatchmgr_setudp.
...
[RT #44336 ]
(cherry picked from commit 5dfa5221d5 )
2017-01-14 13:14:41 +11:00
Tinderbox User
eed41a2afc
update copyright notice / whitespace
2017-01-13 23:47:32 +00:00
Mark Andrews
f837844b4f
make e's declaration unconditional. [RT #44324 ]
...
(cherry picked from commit b8eee0f48d )
2017-01-13 16:10:50 +11:00
Tinderbox User
0ed649b6e5
update copyright notice / whitespace
2017-01-12 23:48:25 +00:00
Mark Andrews
ab9537f521
4553. [bug] Named could deadlock there were multiple changes to
...
NSEC/NSEC3 parameters for a zone being processed at
the same time. [RT #42770 ]
(cherry picked from commit d2e1b47d4f )
2017-01-12 14:26:17 +11:00
Mark Andrews
ff963a5d93
4552. [bug] Named could trigger a assertion when sending notify
...
messages. [RT #44019 ]
(cherry picked from commit 7b9e28f1a5 )
2017-01-12 14:14:05 +11:00
Tinderbox User
fd687693fd
update copyright notice / whitespace
2017-01-11 23:47:22 +00:00
Evan Hunt
7d73d9aafb
[v9_9] expand the flags field in dns_master_style
...
4550. [cleanup] Increased the number of available master file
output style flags from 32 to 64. [RT #44043 ]
2017-01-11 12:05:54 -08:00
Mark Andrews
b5c3b88f39
remove dnssec-keymgr.html
2016-12-29 19:53:24 +11:00
Mark Andrews
0faee78f98
9.9.10b1
2016-12-29 13:36:32 +11:00
Evan Hunt
3204e83716
[v9_9] silence warning
...
(cherry picked from commit b3aebb5890 )
2016-12-28 17:54:52 -08:00
Mark Andrews
a14b7f0187
4510. [security] Named mishandled some responses where covering RRSIG
...
records are returned without the requested data
resulting in a assertion failure. (CVE-2016-9147)
[RT #43548 ]
(cherry picked from commit 6adf421e7e )
2016-12-29 11:53:58 +11:00
Mark Andrews
d372472f60
4508. [security] Named incorrectly tried to cache TKEY records which
...
could trigger a assertion failure when there was
a class mismatch. (CVE-2016-9131) [RT #43522 ]
(cherry picked from commit 2c1c4b99a1 )
2016-12-29 11:35:54 +11:00