bind9

Author	SHA1	Message	Date
Michał Kępień	c2179857de	[master] Improve handling of TCP_FASTOPEN on FreeBSD 4726. [port] Prevent setsockopt() errors related to TCP_FASTOPEN from being logged on FreeBSD if the kernel does not support it. Notify the user when the kernel does support TCP_FASTOPEN, but it is disabled by sysctl. Add a new configure option, --disable-tcp-fastopen, to disable use of TCP_FASTOPEN altogether. [RT #44754]	2017-09-18 08:34:41 +02:00
Mark Andrews	0bcb8b0b7c	4725. [bug] Nsupdate: "recvsoa" was incorrectly reported for failures in sending the update message. The correct location to be reported is "update_completed". [RT #46014]	2017-09-18 14:28:39 +10:00
Evan Hunt	61996344fe	[master] clarify CHANGES, add relnote	2017-09-16 12:06:54 -07:00
Francis Dupont	06a8051d24	Finished merge of rt31459d (openssl random)	2017-09-16 14:06:06 +02:00
Tinderbox User	c0cc899496	update copyright notice / whitespace	2017-09-15 23:46:07 +00:00
Mark Andrews	3128cd21e3	4723. [bug] Statistics counter DNSTAPdropped was misidentified as DNSSECdropped. [RT #46002]	2017-09-14 23:51:19 +00:00
Evan Hunt	114f95089c	[master] cleanup strcat/strcpy 4722. [cleanup] Clean up uses of strcpy() and strcat() in favor of strlcpy() and strlcat() for safety. [RT #45981]	2017-09-13 00:14:37 -07:00
Evan Hunt	20502f35dd	[master] allow CDS/CDNSKEY records to be signed with only KSK 4721. [func] 'dnssec-signzone -x' and 'dnssec-dnskey-kskonly' options now apply to CDNSKEY and DS records as well as DNSKEY. Thanks to Tony Finch. [RT #45689]	2017-09-12 23:09:48 -07:00
Evan Hunt	30973087a0	[master] add prefetch stat counter 4720. [func] Added a statistics counter to track prefetch queries. [RT #45847]	2017-09-12 18:41:47 -07:00
Mark Andrews	34130ee25a	4719. [bug] Address PVS static analyzer warnings. [RT #45946 ]	2017-09-13 09:50:51 +10:00
Mark Andrews	4a258c3c42	4718. [func] Avoid seaching for a owner name compression pointer more than once when writing out a RRset. [RT #45802]	2017-09-13 09:24:34 +10:00
Evan Hunt	25b33bede4	[master] improve handling of qcount=0 replies 4717. [bug] Treat replies with QCOUNT=0 as truncated if TC=1, FORMERR if TC=0, and log the error correctly. [RT #45836]	2017-09-12 15:26:30 -07:00
Mark Andrews	88d3c4a228	add placeholder	2017-09-13 06:36:10 +10:00
Evan Hunt	a9dfb7ef6e	[master] update copyrights, bump release tag	2017-09-11 22:06:05 -07:00
Mark Andrews	0a1359034d	4715. [bug] TreeMemMax was mis-identified as a second HeapMemMax in the Json cache statistics. [RT #45980]	2017-09-12 14:55:03 +10:00
Mark Andrews	c75e9c7630	4714. [port] openbsd/libressl: add support for building with --enable-openssl-hash. [RT #45982]	2017-09-12 14:19:10 +10:00
Evan Hunt	0c9683cff8	[master] prep 9.12.0a1	2017-09-11 17:30:39 -07:00
Evan Hunt	a507cc4892	[master] whitespace	2017-09-11 13:30:40 -07:00
Evan Hunt	3363f3147a	[master] DNS Response Policy Service API 4713. [func] Added support for the DNS Response Policy Service (DNSRPS) API, which allows named to use an external response policy daemon when built with "configure --enable-dnsrps". Thanks to Vernon Schryver and Farsight Security. [RT #43376]	2017-09-11 11:57:43 -07:00
Evan Hunt	8e014c45ae	[master] dig: retain domain when retrying with tcp 4712. [bug] "dig +domain" and "dig +search" didn't retain the search domain when retrying with TCP. [RT #45547]	2017-09-11 10:10:16 -07:00
Evan Hunt	3e66721b35	[master] add missing rrtypes to genzones 4711. [test] Some RR types were missing from genzones.sh. [RT #45782]	2017-09-11 09:34:41 -07:00
Francis Dupont	90f6140832	Finished merge of rt45019 (openssl hash default)	2017-09-09 10:30:16 +02:00
Tinderbox User	24926303e4	update copyright notice / whitespace	2017-09-08 23:46:05 +00:00
Evan Hunt	f13385770e	[master] change hash function for RRL 4709. [cleanup] Use dns_name_fullhash() to hash names for RRL. [RT #45435]	2017-09-08 15:46:15 -07:00
Evan Hunt	8eb88aafee	[master] add libns and remove liblwres 4708. [cleanup] Legacy Windows builds (i.e. for XP and earlier) are no longer supported. [RT #45186] 4707. [func] The lightweight resolver daemon and library (lwresd and liblwres) have been removed. [RT #45186] 4706. [func] Code implementing name server query processing has been moved from bin/named to a new library "libns". Functions remaining in bin/named are now prefixed with "named_" rather than "ns_". This will make it easier to write unit tests for name server code, or link name server functionality into new tools. [RT #45186]	2017-09-08 13:47:34 -07:00
Mark Andrews	5bbf111a03	placeholder	2017-09-07 13:11:59 +10:00
Mark Andrews	6adc40b3ce	4704. [cleanup] Silence Visual Studio compiler warnings. [RT #45898 ]	2017-09-07 12:57:55 +10:00
Mark Andrews	7e40d6274e	4703. [bug] BINDInstall.exe was missing some buffer length checks. [RT #45898]	2017-09-07 12:56:16 +10:00
Mark Andrews	d1f34ef400	4702. [func] Update function declarations to use dns_masterstyle_flags_t for style flags. [RT #45924]	2017-09-07 12:48:16 +10:00
Evan Hunt	e90926bb9e	[master] refactor tsig.c 4701. [cleanup] Refactored lib/dns/tsig.c to reduce code duplication and simplify the disabling of MD5. [RT #45490]	2017-09-06 10:57:40 -07:00
Mark Andrews	df50751585	4700. [func] Serving of stale answers is now supported. This allows named to provide stale cached answers when the authoritative server is under attack. See max-stale-ttl, stale-answer-enable, stale-answer-ttl. [RT #44790]	2017-09-06 09:58:29 +10:00
Mark Andrews	e2a737bcb8	4699. [func] Multiple cookie-secret clauses can now be specified. The first one specified is used to generate new server cookies. [RT #45672]	2017-09-05 09:19:45 +10:00
Michał Kępień	a5dc1bc395	[master] Add --with-python-install-dir configure option 4698. [port] Add --with-python-install-dir configure option to allow specifying a nonstandard installation directory for Python modules. [RT #45407]	2017-09-04 08:40:23 +02:00
Mark Andrews	a8a20462b5	4697. [bug] Restore workaround for Microsoft Windows TSIG hash computation bug. [RT #45854]	2017-09-01 11:17:59 +10:00
Mark Andrews	b4eb8b9656	4696. [port] Enable filter-aaaa support by default on Windows builds. [RT #45883]	2017-08-31 13:37:36 +10:00
Mark Andrews	2e743d9bdc	Squashed commit of the following: commit 2a0e5695da2e0f701191e2783209ac05c9d01e6c Author: Mark Andrews <marka@isc.org> Date: Thu Aug 31 12:15:05 2017 +1000 remove 'on' from error message commit f18a8d699b69be35b938cfe2b30ebb30cd78e814 Author: Mark Andrews <marka@isc.org> Date: Thu Aug 31 11:58:41 2017 +1000 add more cookie-secret named-checkconf tests commit ca8f5f5f57ccbeb970310866523a909eb411a554 Author: Mark Andrews <marka@isc.org> Date: Thu Aug 31 11:31:57 2017 +1000 properly check algorithm names	2017-08-31 12:19:37 +10:00
Evan Hunt	45afdb2672	[master] remove default algorithm in dnssec-keygen 4594. [func] dnssec-keygen no longer uses RSASHA1 by default; the signing algorithm must be specified on the command line with the "-a" option. Signing scripts that rely on the existing default behavior will break; use "dnssec-keygen -a RSASHA1" to repair them. (The goal of this change is to make it easier to find scripts using RSASHA1 so they can be changed in the event of that algorithm being deprecated in the future.) [RT #44755]	2017-08-30 18:51:11 -07:00
Mark Andrews	0aed466565	4693. [func] Synthesis of responses from DNSSEC-verified records. Stage 1 covers NXDOMAIN synthesis from NSEC records. This is controlled by synth-from-dnssec and is enabled by default. [RT #40138]	2017-08-31 07:57:50 +10:00
Mark Andrews	c26370fc69	4692. [bug] Fix build failures with libressl introduced in 4676. [RT #45879]	2017-08-30 17:11:20 +10:00
Michał Kępień	efe7977c4d	[master] Add -4/-6 command line options to nsupdate and rndc 4691. [func] Add -4/-6 command line options to nsupdate and rndc. [RT #45632]	2017-08-29 10:21:54 +02:00
Michał Kępień	d6814700de	[master] Ensure consistent handling of -4/-6 command line options in all tools 4690. [bug] Command line options -4/-6 were handled inconsistently between tools. [RT #45632]	2017-08-29 10:19:38 +02:00
Mark Andrews	503223b800	fix changes number	2017-08-26 13:25:56 +10:00
Evan Hunt	391a3a2f20	[master] turn on minimal responses for CDS/CDNSKEY 4678. [cleanup] Turn on minimal responses for CDNSKEY and CDS in addition to DNSKEY and DS. Thanks to Tony Finch. [RT #45690]	2017-08-25 13:31:53 -07:00
Mark Andrews	07741d43c8	4688. [protocol] Check and display EDNS KEY TAG options (RFC 8145) in messages. [RT #44804]	2017-08-25 08:38:19 +10:00
Mukund Sivaraman	af4b4bef7a	Refactor tracklines code (#45126 )	2017-08-24 10:58:55 +05:30
Michał Kępień	330365566d	[master] Prevent dnssec-settime from printing a bogus warning 4686. [bug] dnssec-settime -p could print a bogus warning about key deletion scheduled before its inactivation when a key had an inactivation date set but no deletion date set. [RT #45807]	2017-08-21 10:20:10 +02:00
Michał Kępień	5201b96d03	[master] Fix calculation of dates for a successor key 4685. [bug] dnssec-settime incorrectly calculated publication and activation dates for a successor key. [RT #45806]	2017-08-21 09:55:36 +02:00
Michał Kępień	367fcd7454	[master] Prevent delv from sending bogus queries for provided server address 4684. [bug] delv could send bogus DNS queries when an explicit server address was specified on the command line along with -4/-6. [RT #45804]	2017-08-21 09:18:13 +02:00
Michał Kępień	1aa583b5a5	[master] Prevent nsupdate from immediately exiting on invalid user input in interactive mode 4683. [bug] Prevent nsupdate from immediately exiting on invalid user input in interactive mode. [RT #28194]	2017-08-17 08:29:12 +02:00
Mark Andrews	615b961e02	4682. [bug] Don't report errors on records below a DNAME. [RT #44880]	2017-08-17 15:49:59 +10:00

1 2 3 4 5 ...

5615 Commits