ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
22,845 Commits 589 Branches 805 Tags
8a64e078d10cc2c10fe075026482a04afeb8e9bf
Commit Graph

9556 Commits

Author SHA1 Message Date
Evan Hunt
8a64e078d1 [v9_10] prep 9.10.2b1 2014-12-18 13:51:12 -08:00
Evan Hunt
af5527c87b [v9_10] more missing entry points 2014-12-16 14:41:16 -08:00
Evan Hunt
6ac1d854a4 [v9_10] add more missing entry points 2014-12-16 12:41:20 -08:00
Mark Andrews
e948a249e2 add missing entry points 
(cherry picked from commit eb690e00e7)
 2014-12-17 00:29:46 +11:00
Mark Andrews
699dd64fa7 add missing entry points 2014-12-16 23:47:35 +11:00
Evan Hunt
b0e9108311 [v9_10] adjust max-recursion-queries 
4021.	[bug]		Adjust max-recursion-queries to accommodate
			the need for more queries when the cache is
			empty. [RT #38104]

(cherry picked from commit be7fba8019)
 2014-12-15 22:28:26 -08:00
Mark Andrews
f3f4a77108 add/sort 2014-12-16 14:49:10 +11:00
Mark Andrews
70759e6c14 add missing entries 
(cherry picked from commit 7799a5edea)
 2014-12-16 14:41:44 +11:00
Mark Andrews
cbc8dc8d7a remove non null check 
(cherry picked from commit 2e98ab2c9d)
 2014-12-09 19:51:56 +11:00
Mark Andrews
ac9781c7cd 4019. [func] If named is not configured to validate the answer 
then allow fallback to plain DNS on timeout even
                        when we know the server supports EDNS. [RT #37978]
 2014-12-05 18:04:26 +11:00
Mark Andrews
b99cdea866 4015. [bug] Nameservers that are skipped due to them being 
CNAMEs were not being logged. They are now logged
                        to category 'cname' as per BIND 8. [RT #37935]

(cherry picked from commit ea3aa401bc)
 2014-12-03 11:42:16 +11:00
Mark Andrews
d821a83c51 4014. [bug] When including a master file origin_changed was 
not being properly set leading to a potentially
                        spurious 'inherited owner' warning. [RT #37919]

(cherry picked from commit 6444de08d1)
 2014-12-03 09:45:06 +11:00
Francis Dupont
d8ee3303a9 Hardened OpenSSL digest/HMAC calls [RT #37944] 2014-12-02 12:42:49 +01:00
Mark Andrews
2d4d5c4cac use the actual header 2014-11-28 19:19:16 +11:00
Mark Andrews
6370a41ab5 add #define rdataset_clearprefetch rdataset_clearprefetch64 
(cherry picked from commit 7554ff1619)
 2014-11-25 12:06:43 +11:00
Tinderbox User
59aa4616e2 update copyright notice / whitespace 2014-11-24 23:53:24 +00:00
Mark Andrews
dc6882addd 4010. [cleanup] Clear the prefetchable state when initiating a prefetch. 
[RT #37399]

(cherry picked from commit 092d3b76db)
 2014-11-24 11:20:20 +11:00
Evan Hunt
1d50ae782a [v9_10] win32 build fix 2014-11-20 15:56:16 -08:00
Evan Hunt
c58e4a4503 [v9_10] remove inadvertently-retained content from quota.h 2014-11-20 12:55:25 -08:00
Evan Hunt
6c049c57d9 [v9_10] refactor max-recursion-queries 
- the counters weren't set correctly when fetches timed out.
  instead we now pass down a counter object.

(cherry picked from commit 05e448935c)
 2014-11-19 18:26:46 -08:00
Evan Hunt
b3aa528d7e [v9_10] add max-recursion-queries 
also fixes and documentation for max-recursion-depth

(cherry picked from commit c4f54e5bd1)
 2014-11-18 22:13:13 -08:00
Evan Hunt
6fd51d5088 [v9_10] limit recursion depth and iterative queries 
4006.	[security]	A flaw in delegation handling could be exploited
			to put named into an infinite loop.  This has
			been addressed by placing limits on the number
			of levels of recursion named will allow (default 7),
			and the number of iterative queries that it will
			send (default 50) before terminating a recursive
			query (CVE-2014-8500).

			The recursion depth limit is configured via the
			"max-recursion-depth" option.  [RT #35780]
 2014-11-17 23:48:20 -08:00
Evan Hunt
8b7a37a594 [v9_10] geoip security fixes 
4003.	[security]	When geoip-directory was reconfigured during
			named run-time, the previously loaded GeoIP
			data could remain, potentially causing wrong
			ACLs to be used or wrong results to be served
			based on geolocation. [RT #37720]

4002.	[security]	Lookups in GeoIP databases that were not
			loaded could cause an assertion failure.
			[RT #37679]

4001.	[security]	The caching of GeoIP lookups did not always
			handle address families correctly, potentially
			resulting in an assertion failure. [RT #37672]
 2014-11-16 08:39:47 -08:00
Evan Hunt
53b733da7f [v9_10] fix false positive compiler warning 
a "pointer always evaluates to true" warning was blocking
compilation of the radix ATF test when using --enable-developer
with gcc 4.8.2.
 2014-11-15 00:55:06 -08:00
Evan Hunt
96b6923a25 [v9_10] reference leak with AAAA glue but not A 
4004.	[bug]		When delegations had AAAA glue but not A, a
			reference could be leaked causing an assertion
			failure on shutdown. [RT #37796]

(cherry picked from commit c4abb19716)
 2014-11-14 09:04:44 -08:00
Tinderbox User
8836da6a4d update copyright notice 2014-11-04 23:45:46 +00:00
Mark Andrews
ebdf2334f5 add missing opening bracket 
(cherry picked from commit a31d0513c3)
 2014-11-04 17:12:20 +11:00
Mark Andrews
b2b3882c5c 3998. [bug] isc_radix_search was returning matches that were 
to precise. [RT #37680]

(cherry picked from commit b976c39c07)
 2014-11-04 12:40:41 +11:00
Mark Andrews
73b7afc3b6 3997. [protocol] Add OPENGPGKEY record. [RT# 37671] 2014-11-04 12:24:56 +11:00
Tinderbox User
53b878cd1c update copyright notice 2014-10-31 23:45:48 +00:00
Mark Andrews
5ccdac854e 3996. [bug] Address use after free on out of memory error in 
keyring_add. [RT #37639]

(cherry picked from commit c2f8108123)
 2014-10-31 11:44:53 +11:00
Mark Andrews
1083f358ae 3995. [bug] receive_secure_serial holds the zone lock for too 
long. [RT #37626]

(cherry picked from commit 4e59131f18)
 2014-10-31 11:39:45 +11:00
Mark Andrews
ab7a781bc3 3989. [cleanup] Remove redundent dns_db_resigned calls. [RT #35748] 
(cherry picked from commit eb5243365c)
 2014-10-30 10:54:26 +11:00
Tinderbox User
bdab9fe78f update copyright notice 2014-10-21 23:45:51 +00:00
Francis Dupont
463a8fcc6b Handle VS14 incompatible changes [RT #37380] 2014-10-21 09:35:28 +02:00
Francis Dupont
fc9ddebdf5 Accept up to 256 byte PINs in native PKCS#11. [RT #37410] 2014-10-20 22:57:43 +02:00
Mark Andrews
9efce3c577 3981. [bug] Cache DS/NXDOMAIN independently of other query types. 
[RT #37467]

(cherry picked from commit 72775a79fe)
 2014-10-18 13:09:40 +11:00
Mark Andrews
fd3a59740b 3980. [bug] Improve --with-tuning=large by self tuning of SO_RCVBUF 
size. [RT #37187]

(cherry picked from commit 871f3c8bee)
 2014-10-18 12:41:29 +11:00
Evan Hunt
bc59dcd76e [v9_10] add diffie-hellman key unit test 
3978.	[test]		Added a unit test for Diffie-Hellman key
			computation, completing change #3974. [RT #37477]

(cherry picked from commit 188690149b)
 2014-10-17 15:57:49 -07:00
Evan Hunt
5c409ba290 [v9_10] correctly validate 5011 trust anchors 
3976.	[bug]		When refreshing managed-key trust anchors, clear
			any cached trust so that they will always be
			revalidated with the current set of secure
			roots. [RT #37506]

(cherry picked from commit eb6d61d5e0)
 2014-10-17 15:41:55 -07:00
Tinderbox User
b1514e0bf0 update copyright notice 2014-10-16 23:45:46 +00:00
Mark Andrews
47ff3b8567 initialize rdataset->private7 
(cherry picked from commit ca77632f65)
 2014-10-16 11:24:37 +11:00
Mark Andrews
dfb6462891 3974. [bug] handle DH_compute_key() failure correctly in 
openssldh_link.c. [RT #37477]

(cherry picked from commit 58a1051e92)
 2014-10-13 23:42:22 +11:00
Mark Andrews
1330879d70 silence compiler warning 
(cherry picked from commit bbec761a67)
 2014-10-08 17:48:06 +11:00
Tinderbox User
eb4bed2370 update copyright notice 2014-10-04 23:45:45 +00:00
Mark Andrews
74741bc952 3971. [bug] Reduce the cascasding failures due to a bad $TTL line 
in named-checkconf / named-checkzone. [RT #37138]

(cherry picked from commit c81d56c03e)
 2014-10-05 08:30:29 +11:00
Mark Andrews
9fe54596cc 3966. [bug] Missing dns_db_closeversion call in receive_secure_db. 
[RT #35746]

(cherry picked from commit 9c0589bc8b)
 2014-10-03 07:51:45 +10:00
Tinderbox User
d5a5ca7225 update copyright notice 2014-09-30 23:46:53 +00:00
Mark Andrews
a6869655d6 3961. [bug] Forwarding of SIG(0) signed UPDATE messages failed with 
BADSIG.  [RT #37216]
 2014-10-01 07:37:27 +10:00
Mark Andrews
520fddb75b 3959. [bug] Updates could be lost if they arrived immediately 
after a rndc thaw. [RT #37233]

(cherry picked from commit fa827173df)
 2014-10-01 06:59:55 +10:00