ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
25,681 Commits 589 Branches 805 Tags
7cb14b610e7e8f3d3aea79c826fb0488fa91cdcd
Commit Graph

10606 Commits

Author SHA1 Message Date
Mark Andrews
c85b467dc0 4747. [func] Synthesis of responses from DNSSEC-verified records. 
Stage 3 - synthesize NODATA responses. [RT #40138]
 2017-10-03 11:16:37 +11:00
Tinderbox User
791aa3e9be update copyright notice / whitespace 2017-09-28 23:45:49 +00:00
Evan Hunt
24172bd2ee [master] completed and corrected the crypto-random change 
4724.	[func]		By default, BIND now uses the random number
			functions provided by the crypto library (i.e.,
			OpenSSL or a PKCS#11 provider) as a source of
			randomness rather than /dev/random.  This is
			suitable for virtual machine environments
			which have limited entropy pools and lack
			hardware random number generators.

			This can be overridden by specifying another
			entropy source via the "random-device" option
			in named.conf, or via the -r command line option;
			however, for functions requiring full cryptographic
			strength, such as DNSSEC key generation, this
			cannot be overridden. In particular, the -r
			command line option no longer has any effect on
			dnssec-keygen.

			This can be disabled by building with
			"configure --disable-crypto-rand".
			[RT #31459] [RT #46047]
 2017-09-28 10:09:22 -07:00
Mark Andrews
768f6c995f add dns_name_istat to lib/dns/win32/libdns.def.in 2017-09-28 17:52:09 +10:00
Mark Andrews
f735293431 4743. [func] Exclude trust-anchor-telementry queries from 
synth-from-dnssec processing. [RT #46123]
 2017-09-28 16:40:45 +10:00
Mark Andrews
e00fdad191 4742. [func] Synthesis of responses from DNSSEC-verified records. 
Stage 2 - synthesis of records from wildcard data.
                        If the dns64 or filter-aaaa* is configured then the
                        involved lookups are currently excluded. [RT #40138]
 2017-09-28 15:16:26 +10:00
Tinderbox User
e880197f31 update copyright notice / whitespace 2017-09-27 23:45:52 +00:00
Mark Andrews
d386eb54c6 switch to using snprintf from sprintf 2017-09-28 07:15:46 +10:00
Mukund Sivaraman
abb8813a33 Make isc_refcount_current() atomically read the counter value (#46074) 2017-09-27 15:09:04 +05:30
Mark Andrews
2495de04a5 use %u and cast to unsigned int 2017-09-27 17:57:07 +10:00
Mark Andrews
42ee853c23 check for ISC_R_EOF 2017-09-27 16:19:07 +10:00
Mark Andrews
73074e954a 4740. [cleanup] Avoid triggering format-truncated warnings. [RT #46107] 2017-09-27 16:02:02 +10:00
Mark Andrews
b4c31c8795 tcp test got reversed 2017-09-27 15:19:34 +10:00
Mark Andrews
f9f3f20d2d 4739. [cleanup] Address clang static analysis warnings. [RT #45952] 2017-09-27 10:27:09 +10:00
Mark Andrews
08151d7fce 4737. [cleanup] Address Coverity warnings. [RT #46012] 2017-09-26 23:21:49 +10:00
Michał Kępień
acc3728c47 [master] Comment NSEC3-related code and fix a few minor issues 
4736.	[cleanup]	(a) Added comments to NSEC3-related functions in
			lib/dns/zone.c.  (b) Refactored NSEC3 salt formatting
			code.  (c) Minor tweaks to lock and result handling.
			[RT #46053]
 2017-09-26 11:28:28 +02:00
Mukund Sivaraman
fb9712f639 Use stdint.h only when stdatomic.h is in use (stdint.h isn't available everywhere) 2017-09-22 15:14:04 +05:30
Mark Andrews
6138c5a5e4 #include <isc/string.h> as it includes both <string.h> and <strings.h> if they both exist 2017-09-22 18:08:54 +10:00
Tinderbox User
8200eb4c60 update copyright notice / whitespace 2017-09-21 23:47:11 +00:00
Mark Andrews
af7ded82e0 alphabetise 2017-09-21 17:48:26 +10:00
Tinderbox User
243b3ec486 regen master 2017-09-21 07:23:48 +00:00
Mark Andrews
f8c82bbf39 #include <stdint.h> 2017-09-21 14:18:59 +10:00
Mark Andrews
e8703033c5 atomic_compare_exchange_strong_explicit's second argument should not be atomic_* 2017-09-21 13:41:22 +10:00
Mark Andrews
d17cf1cade explicitly list test programs 2017-09-21 12:56:33 +10:00
Evan Hunt
7a2112ff7d [master] fix memory growth problem 
4733.	[bug]		Change #4706 introduced a bug causing TCP clients
			not be reused correctly, leading to unconstrained
			memory growth. [RT #46029]
 2017-09-20 12:12:02 -07:00
Tinderbox User
ffbe6b9537 update copyright notice / whitespace 2017-09-19 23:46:23 +00:00
Mukund Sivaraman
32bcafc316 Change default minimal-responses setting to no-auth-recursive (#46016) 2017-09-19 19:49:02 +05:30
Mukund Sivaraman
98998f3ddd Fix out of bounds access in DHCID totext() method (#46001) 2017-09-19 19:30:28 +05:30
Mukund Sivaraman
d5707676e4 Don't use memset() to wipe memory (#45947) 2017-09-19 16:16:45 +05:30
Mukund Sivaraman
404c9b1c53 Use C11's stdatomic.h instead of isc_atomic where available 2017-09-19 15:43:45 +05:30
Tinderbox User
cb5bc50c91 update copyright notice / whitespace 2017-09-18 23:48:50 +00:00
Michał Kępień
f665c724e4 [master] Prevent possible infinite signing loop after retransferring an inline-signed slave using NSEC3 
4727.	[bug]		Retransferring an inline-signed slave using NSEC3
			around the time its NSEC3 salt was changed could result
			in an infinite signing loop. [RT #45080]
 2017-09-18 09:18:45 +02:00
Michał Kępień
c2179857de [master] Improve handling of TCP_FASTOPEN on FreeBSD 
4726.	[port]		Prevent setsockopt() errors related to TCP_FASTOPEN
			from being logged on FreeBSD if the kernel does not
			support it.  Notify the user when the kernel does
			support TCP_FASTOPEN, but it is disabled by sysctl.
			Add a new configure option, --disable-tcp-fastopen, to
			disable use of TCP_FASTOPEN altogether. [RT #44754]
 2017-09-18 08:34:41 +02:00
Francis Dupont
8a98277811 Made RAND_status check optional (broke --disable-crypto-rand) 2017-09-17 12:02:09 +02:00
Evan Hunt
6e5ae91479 [master] silence compiler warning 2017-09-16 21:01:06 -07:00
Tinderbox User
0b115f3b55 update copyright notice / whitespace 2017-09-16 23:46:04 +00:00
Francis Dupont
ad67f0bb42 Added isc_entropy_sethook in exported symbols 2017-09-16 15:57:06 +02:00
Francis Dupont
5fc7163211 Added isc_entropy_usehook in exported symbols 2017-09-16 15:56:13 +02:00
Francis Dupont
9c829f4f96 Merged rt31459d (openssl random) 2017-09-16 13:53:29 +02:00
Mark Andrews
dc71aa898a don't use strlcat with non NUL terminated strings rt45981_stage3 2017-09-15 13:14:16 +10:00
Tinderbox User
f54a365aeb update copyright notice / whitespace 2017-09-14 23:46:40 +00:00
Mark Andrews
c59bf663e8 silence warning 2017-09-14 19:02:27 +10:00
Mark Andrews
bace03316c #include <isc/string.h> 
(cherry picked from commit 7eb73f6288)
 2017-09-14 18:59:04 +10:00
Mark Andrews
5fb0c09a5e #include <isc/string.h> 2017-09-14 18:54:46 +10:00
Mark Andrews
cb629cdeda more str{n}{cat,cpy} corrections rt45981_stage2 2017-09-14 18:11:56 +10:00
Evan Hunt
077d9d2838 [master] cast char * 2017-09-13 22:03:56 -07:00
Evan Hunt
9b729a06b0 [master] clean up bufsize errors 2017-09-13 21:18:26 -07:00
Tinderbox User
33987cb5fd update copyright notice / whitespace 2017-09-13 23:48:32 +00:00
Evan Hunt
54c5723e31 [master] fix incorrect comment 2017-09-13 13:53:49 -07:00
Mukund Sivaraman
e5eca6eebb Fix output string size in GOST unittest 2017-09-14 01:36:08 +05:30