Commit Graph

301 Commits

Author SHA1 Message Date
Evan Hunt
5a21193fdd update file headers 2018-03-15 11:30:37 -07:00
Ondřej Surý
9f830be501 update file headers to remove copyright years 2018-03-15 09:09:15 +01:00
Evan Hunt
7677cb277a final cleanup
- add CHANGES note
- update copyrights and license headers
2018-02-25 13:13:26 -08:00
Mark Andrews
6cc168d6d4 cast to unsigned 2018-02-16 18:17:59 +11:00
Mark Andrews
7b34ba54c9 4841. [bug] Address -fsanitize=undefined warnings. [RT #46786]
(cherry picked from commit 9d5a0abe81)
(cherry picked from commit 58c86991ee)
2017-12-06 21:05:34 +11:00
Mark Andrews
6f799a2e5a 4688. [protocol] Check and display EDNS KEY TAG options (RFC 8145) in
messages. [RT #44804]

(cherry picked from commit 07741d43c8)
2017-08-25 08:53:05 +10:00
Evan Hunt
a3f30d1aac [v9_9] address TSIG bypass/forgery vulnerabilities
4643.	[security]	An error in TSIG handling could permit unauthorized
			zone transfers or zone updates. (CVE-2017-3142)
			(CVE-2017-3143) [RT #45383]

(cherry picked from commit 581c1526ab)
(cherry picked from commit a03f4b1ea4)
2017-06-27 11:41:31 -07:00
Tinderbox User
8ebfb6cc9a update copyright notice / whitespace 2017-05-02 23:48:00 +00:00
Mark Andrews
d7d9376e61 4615. [bug] AD could be set on truncated answer with no records
present in the answer and authority sections.
                        [RT #45140]

(cherry picked from commit 33e94f501f)
2017-05-03 08:09:05 +10:00
Evan Hunt
3204e83716 [v9_9] silence warning
(cherry picked from commit b3aebb5890)
2016-12-28 17:54:52 -08:00
Tinderbox User
c38b1c7115 update copyright notice / whitespace 2016-12-28 23:58:02 +00:00
Mark Andrews
69cb8ebf15 4517. [security] Named could mishandle authority sections that were
missing RRSIGs triggering an assertion failure.
                        (CVE-2016-9444) [RT # 43632]

(cherry picked from commit 1df30cfd27c5a3c57fce357c54aaf6c702227d51)
2016-12-29 10:46:44 +11:00
Mark Andrews
bcdf316ca5 4534. [bug] Only set RD, RA and CD in QUERY responses. [RT #43879]
(cherry picked from commit def6b33bad)
2016-12-13 16:38:50 +11:00
Mark Andrews
51bcc28543 4467. [security] It was possible to trigger a assertion when rendering
a message. [RT #43139]

(cherry picked from commit 2bd0922cf9)
2016-09-09 11:32:22 +10:00
Mark Andrews
927e9d8bbc 4330. [protocol] Identify the PAD option as "PAD" when printing out
a message.

(cherry picked from commit 33a4294f44)
2016-03-10 16:54:51 +11:00
Mukund Sivaraman
65f562e5e4 Code cleanups (#41656)
(cherry picked from commit 9da98335c1)
(cherry picked from commit b15dde2889)
2016-03-04 13:00:43 +05:30
Mark Andrews
6442633cc2 4312. [bug] dig's unknown dns and edns flags (MBZ value) logging
was not consistent. [RT #41600]

(cherry picked from commit 8d00c5ab2c)
2016-02-02 14:22:46 +11:00
Tinderbox User
7b7d845166 update copyright notice / whitespace 2016-01-21 23:46:08 +00:00
Evan Hunt
b6d7675298 [v9_9] fix unchecked result
4295.	[bug]		An unchecked result in dns_message_pseudosectiontotext()
			could allow incorrect text formatting of EDNS EXPIRE
			options. [RT #41437]
2016-01-20 17:19:57 -08:00
Mark Andrews
b1fd8ee3ad 4281. [bug] Teach dns_message_totext about BADCOOKIE. [RT #41257]
(cherry picked from commit f647c0df9f)

Conflicts:
	CHANGES
	bin/named/query.c
	bin/tests/system/sit/tests.sh
	lib/dns/message.c

(cherry picked from commit d090709551)

Conflicts:
	CHANGES
2015-12-15 20:10:37 +11:00
Mark Andrews
9631d0769e 4260. [security] Insufficient testing when parsing a message allowed
records with an incorrect class to be be accepted,
                        triggering a REQUIRE failure when those records
                        were subsequently cached. (CVE-2015-8000) [RT #4098]

(cherry picked from commit c8821d124c)
2015-11-16 13:28:28 +11:00
Mark Andrews
b50e4fe492 4210. [cleanup] Silence use after free false positive. [RT #40743]
(cherry picked from commit f43e5c8ed2)
2015-09-17 14:07:06 +10:00
Mark Andrews
bb53e1de90 remove extranious ) 2015-07-07 20:49:19 +10:00
Mark Andrews
8f40aae418 restore 9.9 style output 2015-07-07 18:09:06 +10:00
Mark Andrews
5e210b5fe5 4158. [protocol] Support the printing of EDNS COOKIE options.
[RT #39928]
2015-07-07 15:49:36 +10:00
Mark Andrews
6f02a4e2a6 4147. [bug] Filter-aaaa / filter-aaaa-on-v4 / filter-aaaa-on-v6
was returning referrals rather than nodata responses
                        when the AAAA records were filtered.  [RT #39843]

(cherry picked from commit 4a61eae651)
2015-06-29 15:49:19 +10:00
Mark Andrews
51a82fe30d update variable name to better reflect reality 2015-05-11 13:41:13 +10:00
Mark Andrews
1c33552240 4081. [cleanup] Use dns_rdatalist_init consistently. [RT #38759]
(cherry picked from commit 29d52c001f)
(cherry picked from commit a55c3151b2)
2015-03-03 16:52:02 +11:00
Tinderbox User
9cbd625449 update copyright notice / whitespace 2015-01-20 23:47:26 +00:00
Evan Hunt
57f015bd2a [v9_9] clean up gcc -Wshadow warnings
4039.	[cleanup]	Cleaned up warnings from gcc -Wshadow. [RT #37381]
2015-01-20 14:55:41 -08:00
Mark Andrews
1e0e2198be 3861. [security] Missing isc_buffer_availablelength check results
in a REQUIRE assertion when printing out a packet.
                        [RT #36078]
2014-05-25 12:50:36 +10:00
Mark Andrews
c10c7ddb6e 3819. [bug] NSEC3 hashes need to be able to be entered and
displayed without padding.  This is not a issue for
                        currently defined algorithms but may be for future
                        hash algorithms. [RT #27925]

(cherry picked from commit 36e5ac0033)
2014-04-24 19:12:08 +10:00
Tinderbox User
864ca7ce33 update copyright notice 2014-01-09 23:45:53 +00:00
Evan Hunt
8c7ce6d3e6 [v9_9] replace memcpy() with memmove().
3698.	[cleanup]	Replaced all uses of memcpy() with memmove().
			[RT #35120]

(cherry picked from commit ebe54c7d2221c6a0a4b3d96bcae3280c823a45e6)
2014-01-08 16:38:56 -08:00
Mark Andrews
3b38a23089 3681. [port] Update the Windows build system to support feature
selection and WIN64 builds.  This is a work in
                        progress. [RT #34160]

(cherry picked from commit c3c8823fed)

Conflicts:
	CHANGES
	bin/check/win32/checktool.dsp.in
	bin/dnssec/win32/dnssectool.dsp.in
	bin/dnssec/win32/importkey.dsp.in
	bin/dnssec/win32/importkey.mak.in
	bin/named/geoip.c
	bin/named/include/named/geoip.h
	bin/tools/win32/rrchecker.dsp.in
	bin/tools/win32/rrchecker.mak.in
	config.h.win32
	lib/dns/geoip.c
	lib/dns/master.c
	lib/dns/win32/libdns.dsp.in
	lib/dns/win32/libdns.mak.in
	lib/isc/mem.c
	lib/isc/stats.c
	lib/isc/win32/file.c
	lib/isc/win32/libisc.def.in
	lib/isc/win32/libisc.mak.in
	lib/isc/win32/stdio.c
	lib/isccc/cc.c
	win32utils/BuildAll.bat
	win32utils/BuildSetup.bat
	win32utils/legacy/BINDBuild.dsw.in
	win32utils/makeversion.pl
	win32utils/setpk11provider.pl
	win32utils/updatelibxml2.pl
	win32utils/win32-build.txt
2013-12-04 13:48:45 +11:00
Mark Andrews
99d0a87115 silence signed/unsigned compare warning 2013-04-09 06:31:32 +10:00
Mark Andrews
f28461b6f5 3548. [bug] The NSID request code in resolver.c was broken
resulting in invalid EDNS options being sent.
                        [RT #33153]
(cherry picked from commit 4adf97c32f)

Conflicts:
	lib/dns/include/dns/message.h
	lib/dns/message.c
(cherry picked from commit 6227ab7137)
2013-04-08 16:48:36 +10:00
Evan Hunt
1d737374e4 [v9_9] add zone memory context pools
3492.	[bug]		Fixed a regression in zone loading performance
			due to lock contention. [RT #30399]
(cherry picked from commit df925e6c66)
2013-02-20 21:40:25 -08:00
Tinderbox User
a16c3b9fe9 update copyright notice 2013-01-08 23:45:37 +00:00
Mark Andrews
b97bb4b2b3 3452. [bug] Accept duplicate singlton records. [RT #32329] 2013-01-08 10:59:13 +11:00
Tinderbox User
9791c6c91a update copyright notice 2012-10-18 23:45:54 +00:00
Mark Andrews
1a8c058882 3396. [bug] OPT records were incorrectly removed from signed,
truncated responses. [RT #31439]
2012-10-18 13:26:55 +11:00
Tinderbox User
5abefae88a update copyright notice 2012-03-10 23:45:42 +00:00
Tinderbox User
c201888c2a regen v9_9 2012-03-07 01:59:30 +00:00
Evan Hunt
6de9744cf9 3124. [bug] Use an rdataset attribute flag to indicate
negative-cache records rather than using rrtype 0;
			this will prevent problems when that rrtype is
			used in actual DNS packets. [RT #24777]

3123.	[security]	Change #2912 exposed a latent flaw in
			dns_rdataset_totext() that could cause named to
			crash with an assertion failure. [RT #24777]
2011-06-08 22:13:51 +00:00
Automatic Updater
c1aef54e14 update copyright notice 2011-03-12 04:59:49 +00:00
Mark Andrews
0874abad14 3069. [cleanup] Silence warnings messages from clang static analysis.
[RT #20256]
2011-03-11 06:11:27 +00:00
Mark Andrews
b7bc86a4d3 2912. [func] Windows clients don't like UPDATE responses that clear
the zone section. [RT #20986]
2010-06-03 05:23:27 +00:00
Mark Andrews
e18c62b1da 2888. [bug] Only the first EDNS option was displayed. [RT #21273] 2010-05-13 00:40:46 +00:00
Mark Andrews
c19f322914 2866. [bug] Windows does not like the TSIG name being compressed.
[RT #20986]
2010-03-12 03:34:56 +00:00