Evan Hunt
c31d32434d
ensure we try to validate glue records so RRSIG TTLs will be capped
2018-06-08 11:43:20 -07:00
Mukund Sivaraman and Evan Hunt
6cd4cb3d2a
Don't validate non-pending glue when adding to the additional section
...
(cherry picked from commit 31bd3147d1 )
2018-06-08 11:05:19 -07:00
Mark Andrews and Evan Hunt
9aba5ca84b
add system test for root-key-sentinel
...
(cherry picked from commit a23b305e6b )
(cherry picked from commit b9e6b124aa )
(cherry picked from commit 9448c4fd21 )
(cherry picked from commit 8f139956ba )
2018-06-04 21:38:04 -07:00
Mark Andrews and Evan Hunt
3890b5d7ba
add named.conf option root-key-sentinel
...
(cherry picked from commit 68e9315c7d )
(cherry picked from commit ee763ef281 )
(cherry picked from commit 9a5f308287 )
(cherry picked from commit 468a3bcdac )
2018-06-04 21:30:33 -07:00
Mark Andrews and Evan Hunt
2f20e10942
detect and process root-key-sentinel labels.
...
(cherry picked from commit 8fc9f64df9 )
(cherry picked from commit 7111eff80c )
(cherry picked from commit afa97c6552 )
(cherry picked from commit a624e884d4 )
2018-06-04 20:06:20 -07:00
Evan Hunt
5a21193fdd
update file headers
2018-03-15 11:30:37 -07:00
Ondřej Surý
f1736dd4bc
Use /* FALLTHROUGH */ comment instead of __attribute__ ((fallthrough)) for consistency
2018-03-15 11:38:32 +01:00
Ondřej Surý
a5ea870265
Add __attribute__ ((fallthrough)); in place of implicit fallthrough to satisfy gcc 7 -Wextra
2018-03-15 09:30:18 +01:00
Ondřej Surý
9f830be501
update file headers to remove copyright years
2018-03-15 09:09:15 +01:00
Mark Andrews
79dc8a0013
test devent->sigrdataset rather than devent->rdataset before calling query_putrdataset
...
(cherry picked from commit e08a31e317 )
2018-01-05 12:41:51 +11:00
Tinderbox User
f3e5a44f00
update copyright notice / whitespace
2018-01-04 23:47:43 +00:00
Mark Andrews
385d0b66e0
4857. [bug] Maintain attach/detach semantics for event->db,
...
event->node, event->rdataset and event->sigrdataset
in query.c. [RT #46891 ]
(cherry picked from commit cad79077bd )
2018-01-04 13:20:34 +11:00
Evan Hunt
3dbc4979c6
[v9_9] fix merge error; missing hunk from change 4780
...
(cherry picked from commit 4d39bffd95 )
2017-10-24 10:10:04 -07:00
Evan Hunt
0a5b0a447e
[v9_9] omit NS from authority section if it was in answer
...
4780. [bug] When answering ANY queries, don't include the NS
RRset in the authority section if it was already
in the answer section. [RT #44543 ]
(cherry picked from commit b7b76d6b85 )
(cherry picked from commit 13435af49a )
2017-10-23 19:38:29 -07:00
Mark Andrews
80dd4971d9
4739. [cleanup] Address clang static analysis warnings. [RT #45952 ]
...
(cherry picked from commit f9f3f20d2d )
2017-09-27 13:19:37 +10:00
Evan Hunt
d2516c6507
[v9_9] turn on minimal responses for CDS/CDNSKEY
...
4678. [cleanup] Turn on minimal responses for CDNSKEY and CDS in
addition to DNSKEY and DS. Thanks to Tony Finch.
[RT #45690 ]
(cherry picked from commit 391a3a2f20 )
2017-08-25 13:32:39 -07:00
Mark Andrews
282980e448
4640. [bug] If query_findversion failed in query_getdb due to
...
memory failure the error status was incorrectly
discarded. [RT #45331 ]
(cherry picked from commit b551ee14bd )
(cherry picked from commit 18bb24bc37 )
2017-06-23 17:19:15 +10:00
Evan Hunt
10f80ef83a
[v9_9] fix rpz formerr loop
...
4531. [security] Some RPZ configurations could go into an infinite
query loop when encountering responses with TTL=0.
(CVE-2017-3140) [RT #45181 ]
(cherry picked from commit 3440cf9c60 )
(cherry picked from commit a57b289ed0 )
2017-05-30 12:43:57 -07:00
Evan Hunt
7334fbc55c
[v9_9] Add DLZ db version to activeversions
...
4628. [bug] Fixed a potential reference leak in query_getdb().
[RT #45247 ]
(cherry picked from commit 594eadcc34 )
2017-05-28 14:34:14 -07:00
Mark Andrews
673dd20a78
remove unused assignments [RT #45147 ]
...
(cherry picked from commit 78551a3f2c )
2017-05-03 07:46:34 +10:00
Mukund Sivaraman
e315a20bd4
Validate glue before adding it to the additional section ( #45062 )
...
(cherry picked from commit b0dbcba2d2 )
(cherry picked from commit fec9247b8f )
(cherry picked from commit b958488b2e )
2017-04-21 16:03:28 +05:30
Mark Andrews
35ca802c7b
4575. [security] Dns64 with break-dnssec yes; can result in a
...
assertion failure. (CVE-2017-3136) [RT #44653 ]
(cherry picked from commit 3bce12e4b6 )
2017-02-15 12:24:33 +11:00
Mark Andrews
eaa394fcfa
address rpz version issue
2017-01-24 11:21:55 +11:00
Mark Andrews
4b843e0cc8
4556. [security] Combining dns64 and rpz can result in dereferencing
...
a NULL pointer (read). (CVE-2017-3135) [RT#44434]
(cherry picked from commit 5abe80ef13 )
2017-01-24 09:56:20 +11:00
Tinderbox User
3d51a06d9d
update copyright notice / whitespace
2017-01-19 23:47:43 +00:00
Mark Andrews
3f4d134e72
use TCP macro
...
(cherry picked from commit 2fa1676380 )
2017-01-19 13:14:11 +11:00
Mark Andrews
3a125854c9
4472. [bug] Named could fail to find the correct NSEC3 records when
...
a zone was update between looking for the answer and
looking for the NSEC3 records proving non-existance
of the answer. [RT #43247 ]
2016-10-05 10:41:05 +11:00
Mark Andrews
0ba8ac54c7
also cleanup node
2016-06-03 18:35:07 +10:00
Mark Andrews
e4ae68f50c
detach before restore
2016-06-03 18:34:59 +10:00
Mark Andrews
944b398582
reset zversion on restart
...
(cherry picked from commit b4750b5991 )
2016-06-03 14:33:52 +10:00
Mark Andrews
cb735b3f90
fix merge error
2016-05-27 18:39:33 +10:00
Mark Andrews
dfdf6773a6
REDIRECT macro is 9.11.0+
2016-05-27 10:06:42 +10:00
Mark Andrews
c3fbf330bc
4377. [bug] Don't reuse zero TTL responses beyond the current
...
client set (excludes ANY/SIG/RRSIG queries).
[RT #42142 ]
(cherry picked from commit aabcb1fde0 )
2016-05-27 10:05:52 +10:00
Tinderbox User
addd839e4a
update copyright notice / whitespace
2016-05-26 23:46:02 +00:00
Mark Andrews
900a63cb04
4374. [bug] Use SAVE/RESTORE macros in query.c to reduce the
...
probability of reference counting errors as seen
in 4365. [RT #42405 ]
(cherry picked from commit ac11084829 )
2016-05-26 13:37:43 +10:00
Mukund Sivaraman
65f562e5e4
Code cleanups ( #41656 )
...
(cherry picked from commit 9da98335c1 )
(cherry picked from commit b15dde2889 )
2016-03-04 13:00:43 +05:30
Mark Andrews
87c8fae1dc
add missing line break
...
(cherry picked from commit 68ecf1c9a5 )
2016-02-04 11:52:24 +11:00
Mark Andrews
04e34494ea
4313. [bug] Handle ns_client_replace failures in test mode.
...
[RT #41190 ]
(cherry picked from commit d88ba93712 )
2016-02-03 15:04:06 +11:00
Evan Hunt
70280057b4
[v9_9] expanded query trace logging
...
4300. [cleanup] Added new querytrace logging. [RT #41155 ]
2016-01-22 14:33:50 -08:00
Tinderbox User
7b7d845166
update copyright notice / whitespace
2016-01-21 23:46:08 +00:00
Evan Hunt
4b8c357439
[v9_9] hold
2016-01-20 17:32:39 -08:00
Mark Andrews
b1fd8ee3ad
4281. [bug] Teach dns_message_totext about BADCOOKIE. [RT #41257 ]
...
(cherry picked from commit f647c0df9f )
Conflicts:
CHANGES
bin/named/query.c
bin/tests/system/sit/tests.sh
lib/dns/message.c
(cherry picked from commit d090709551 )
Conflicts:
CHANGES
2015-12-15 20:10:37 +11:00
Mark Andrews
3b8f8695af
4227. [bug] Silence static analysis warnings. [RT #40828
...
(cherry picked from commit 2a12984ce6 )
2015-09-30 14:35:42 +10:00
Mark Andrews
17747a8059
make macro name match category name
...
(cherry picked from commit 4d085258cc )
2015-09-29 15:05:53 +10:00
Mark Andrews
1c33552240
4081. [cleanup] Use dns_rdatalist_init consistently. [RT #38759 ]
...
(cherry picked from commit 29d52c001f )
(cherry picked from commit a55c3151b2 )
2015-03-03 16:52:02 +11:00
Mukund Sivaraman
e62afa3177
Add a --enable-querytrace configure switch for very verbose query tracelogging ( #37520 )
...
(cherry picked from commit 1783676a64 )
(cherry picked from commit b83c20df65 )
Conflicts:
CHANGES
config.h.in
configure
configure.in
2015-02-26 17:04:18 +05:30
Evan Hunt
ec856a0ed6
[v9_9] add better servfail logging
...
3937. [func] Added some debug logging to better indicate the
conditions causing SERVFAILs when resolving.
[RT #35538 ]
(cherry picked from commit f5c24a7f48 )
(cherry picked from commit 09a87d841f )
2015-02-25 16:05:45 -08:00
Evan Hunt
adf9e1c676
[v9_9] silence RPZ log messages
...
4050. [cleanup] Silence occasional spurious "duplicate query" log
messages from RPZ. [RT #38510 ]
2015-02-10 15:03:05 -08:00
Mukund Sivaraman
015371d584
Fix a leak of query fetchlock ( #38454 )
...
4052. [bug] Fix a leak of query fetchlock. [RT #38454 ]
Conflicts:
CHANGES
2015-02-03 11:54:16 +05:30
Tinderbox User
9cbd625449
update copyright notice / whitespace
2015-01-20 23:47:26 +00:00