ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
25,079 Commits 589 Branches 805 Tags
66317da170ed35b08f5847db2d48b225826327cb
Commit Graph

63 Commits

Author SHA1 Message Date
Evan Hunt
801707fe19 [v9_11] store "addzone" zone config in a NZD database 
4421.	[func]		When built with LMDB (Lightning Memory-mapped
			Database), named will now use a database to store
			the configuration for zones added by "rndc addzone"
			instead of using a flat NZF file. This improves
			performance of "rndc delzone" and "rndc modzone"
			significantly. Existing NZF files will
			automatically by converted to NZD databases.
			To view the contents of an NZD or to roll back to
			NZF format, use "named-nzd2nzf". To disable
                        this feature, use "configure --without-lmdb".
                        [RT #39837]
 2016-07-21 11:14:16 -07:00
Mark Andrews
0c27b3fe77 4401. [misc] Change LICENSE to MPL 2.0. 2016-06-27 14:56:38 +10:00
Mark Andrews
3635d8f910 do not overflow exit status. [RT #42643] 2016-06-14 13:48:39 +10:00
Tinderbox User
4df65ccfec update copyright notice / whitespace 2016-01-25 23:45:24 +00:00
Mark Andrews
9478de25bb 4301. [bug] dnssec-settime -p [DP]sync was not working. [RT #41534] 2016-01-26 00:27:44 +11:00
Tinderbox User
4ba2689c1f update copyright notice / whitespace 2015-11-05 23:45:25 +00:00
Mark Andrews
e939674d53 4252. [func] Add support for automating the generation CDS and 
CDNSKEY rrsets to named and dnssec-signzone.
                        [RT #40424]
 2015-11-05 12:09:48 +11:00
Mark Andrews
1c95f67232 use $PERL 2014-06-24 13:50:14 +10:00
Mukund Sivaraman
79d27f505a [35063] Don't publish an activated key automatically before its publish time 2014-06-04 14:31:42 +05:30
Tinderbox User
aa7b16ec2a update copyright notice 2014-01-21 23:46:16 +00:00
Evan Hunt
d58e33bfab [master] testcrypto.sh in system tests 
3714.	[test]		System tests that need to test for cryptography
			support before running can now use a common
			"testcrypto.sh" script to do so. [RT #35213]
 2014-01-20 16:08:09 -08:00
Tinderbox User
377b774598 update copyright notice 2013-08-15 23:46:17 +00:00
Mark Andrews
d1e22676de 3635. [bug] Signatures were not being removed from a zone with 
only KSK keys for a algorithm. [RT #24439]
 2013-08-15 13:37:07 +10:00
Mark Andrews
3ff483ed84 loop 'I:checking expired signatures were updated' test 2012-12-03 09:30:38 +11:00
Mark Andrews
bf8267aa45 reverse bad copyright update 2012-06-29 11:39:47 +10:00
Tinderbox User
247bf37860 update copyright notice 2012-06-29 01:22:18 +00:00
ckb
7829fad409 merging fast format zone files 
Conflicts:
	.gitignore
	bin/named/zoneconf.c
	bin/tests/.gitignore
	bin/tests/system/autosign/tests.sh
	bin/tests/system/masterformat/clean.sh
	bin/tests/system/masterformat/ns1/compile.sh
	bin/tests/system/masterformat/tests.sh
	configure
	lib/dns/db.c
	lib/dns/include/dns/db.h
	lib/dns/include/dns/types.h
	lib/dns/master.c
	lib/dns/masterdump.c
	lib/dns/rbt.c
	lib/dns/rbtdb.c
	lib/dns/sdb.c
	lib/dns/sdlz.c
	lib/dns/tests/.cvsignore
	lib/dns/tests/Makefile.in
	lib/dns/win32/libdns.def
	lib/dns/xfrin.c
	lib/dns/zone.c
	lib/export/dns/Makefile.in
	lib/isc/include/isc/file.h
	lib/isc/unix/file.c
	lib/isc/win32/file.c
	lib/isccfg/namedconf.c
 2012-06-20 14:13:12 -05:00
Francis Dupont
6a2ebd69b5 fix key name variable in autosign 2012-05-12 07:54:45 +02:00
Evan Hunt
f4bd753e0b fixed a test error that caused autosign to fail on freebsd 2012-02-07 00:33:19 +00:00
Evan Hunt
99f6179191 3277. [bug] Make sure automatic key maintenance is started 
when "auto-dnssec maintain" is turned on during
			"rndc reconfig". [RT #26805]
 2012-02-06 21:33:50 +00:00
Automatic Updater
c2f843fc2b update copyright notice 2012-02-02 23:47:33 +00:00
Mark Andrews
92a83eeb2d portable code, ok'd bu Evan 2012-02-02 03:47:39 +00:00
Mark Andrews
9892bae7b7 forcing full sign with unreadable keys 2011-12-22 11:57:30 +00:00
Mark Andrews
281a31ad37 +/- 500ms was too small a fudge factor (-582ms seen in testing), raise to +/- 1000ms 2011-12-22 02:15:24 +00:00
Mark Andrews
91013b0e19 join line for old awk 2011-12-12 12:08:09 +00:00
Mark Andrews
6c1a778723 chech that the final time is within 10 seconds but no greater than the expected interval 2011-12-12 06:51:12 +00:00
Mark Andrews
374b677c50 make grep more precise 2011-11-27 12:04:27 +00:00
Evan Hunt
9c03f13e18 3185. [func] New 'rndc signing' option for auto-dnssec zones: 
- 'rndc signing -list' displays the current
			   state of signing operations
			 - 'rndc signing -clear' clears the signing state
		  	   records for keys that have fully signed the zone
			 - 'rndc signing -nsec3param' sets the NSEC3
			   parameters for the zone
			The 'rndc keydone' syntax is removed. [RT #23729]
 2011-10-28 06:20:07 +00:00
Mark Andrews
1946c596b4 3174. [bug] Always compute to revoked key tag from scratch. 
[RT #24711]
 2011-10-20 21:20:02 +00:00
Mark Andrews
020c4484fe 3173. [port] Correctly validate root DS responses. [RT #25726] 2011-10-15 05:00:15 +00:00
Mark Andrews
f96ba7c746 remove check for oldid as named may have already deleted it 2011-07-26 04:42:20 +00:00
Mark Andrews
acf34e66a8 id was not being properly set 2011-07-26 04:28:35 +00:00
Evan Hunt
b47c020d5c 3133. [bug] Change #3114 was incomplete. [RT #24577] 2011-07-08 01:43:26 +00:00
Evan Hunt
79ce3a9e82 3128. [func] Inserting an NSEC3PARAM via dynamic update in an 
auto-dnssec zone that has not been signed yet
			will cause it to be signed with the specified NSEC3
			parameters when keys are activated.  The
			NSEC3PARAM record will not appear in the zone until
			it is signed, but the parameters will be stored.
			[RT #23684]
 2011-06-10 01:51:09 +00:00
Evan Hunt
5e3affc6a0 3127. [bug] 'rndc thaw' will now remove a zone's journal file 
if the zone serial number has been changed and
			ixfr-from-differences is not in use.  [RT #24687]
 2011-06-10 01:32:38 +00:00
Mark Andrews
ae0691566a date +%s is not portable, use perl -e 'print time();', Adjust messages 2011-05-30 22:32:06 +00:00
Mark Andrews
fe8572e116 The old active key could be deleted before the "former standby key has now 
signed fully" ran causing it to fail.  Delay the deletion by 10 seconds.
 2011-05-30 07:25:19 +00:00
Evan Hunt
0245f7725c 3118. [bug] When rolling to a new DNSSEC key, a private-type 
record could be created and never marked complete.
			[RT #23253]
 2011-05-26 04:25:47 +00:00
Mark Andrews
f1d4986b83 treat asb(x) < 500ms as 0 2011-05-02 23:56:59 +00:00
Mark Andrews
65043f48f2 force numeric comparision 2011-05-02 05:05:05 +00:00
Mark Andrews
07907fa31a handle end of day 2011-05-02 01:35:04 +00:00
Mark Andrews
bbf46f1aa2 fix expression 2011-05-01 21:36:33 +00:00
Mark Andrews
f83682f368 awk -v is not portable, add floating point arithmetic effects 2011-05-01 11:29:20 +00:00
Evan Hunt
39f2d1a96a 3102. [func] New 'dnssec-loadkeys-interval' option configures 
how often, in minutes, to check the key repository
			for updates when using automatic key maintenance.
			Default is every 60 minutes (formerly hard-coded
			to 12 hours). [RT #23744]

3101.	[bug]		Zones using automatic key maintenance could fail
			to check the key repository for updates. [RT #23744]
 2011-04-29 21:37:15 +00:00
Evan Hunt
319b8a1488 3092. [bug] Signatures for records at the zone apex could go 
stale due to an incorrect timer setting. [RT #23769]

3091.	[bug]		Fixed a bug in which zone keys that were published
			and then subsequently activated could fail to trigger
			automatic signing. [RT #22991]
 2011-03-25 23:53:02 +00:00
Evan Hunt
36b2d5f93c use "rndc sync" instead of freeze/thaw cycle to dump zones, now that it's 
available.
 2011-03-21 16:53:44 +00:00
Evan Hunt
61bcc23203 3076. [func] New '-L' option in dnssec-keygen, dnsset-settime, and 
dnssec-keyfromlabel sets the default TTL of the
			key.  When possible, automatic signing will use that
			TTL when the key is published.  [RT #23304]
 2011-03-17 01:40:40 +00:00
Francis Dupont
624664e504 Fixed last autosign test report [RT #23256] 2011-03-02 09:03:45 +00:00
Mark Andrews
be789bc7eb 3045. [removed] Replaced by change #3050. 2011-03-02 04:52:25 +00:00
Mark Andrews
ba88bcf08b 3050. [bug] The autosign system test was timing dependent. 
Wait for the initial autosigning to complete
                        before running the rest of the test. [RT #23035]
 2011-03-02 04:08:58 +00:00