ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
17,229 Commits 589 Branches 805 Tags
8a980234142dd6701df4f685d546c93bc6d6b0d9
Commit Graph

5156 Commits

Author SHA1 Message Date
Mark Andrews
8a98023414 2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619] 2010-02-25 05:05:09 +00:00
Automatic Updater
aef8f792fb regen v9_7 2010-02-23 02:09:20 +00:00
Automatic Updater
77c3728447 update copyright notice 2010-02-22 23:48:29 +00:00
Mark Andrews
9a27cf1e9d 2851. [doc] nslookup.1, removed <informalexample> from the docbook 
source as it produced bad nroff.  [RT #21007]
 2010-02-22 21:28:07 +00:00
Automatic Updater
55690c7b8d update copyright notice 2010-02-04 23:48:30 +00:00
Automatic Updater
6a2827695a regen 2010-02-04 02:08:20 +00:00
Mark Andrews
7d47e3d387 2849. [bug] Don't treat errors from the xml2 library as fatal. 
[RT #20945]
 2010-02-04 01:07:32 +00:00
Automatic Updater
91bb55c45d update copyright notice 2010-02-03 23:48:29 +00:00
Automatic Updater
85166e0140 regen 2010-02-03 02:08:11 +00:00
Evan Hunt
46b40010ae 2847. [cleanup] Corrected usage message in dnssec-settime. [RT #20921] 2010-02-03 01:02:17 +00:00
Evan Hunt
70a4034545 rename "ischmacfix" files to "ischmacfixup" so win32 build will work 2010-01-22 00:54:20 +00:00
Automatic Updater
451cd3395a regen 2010-01-20 02:08:51 +00:00
Automatic Updater
3c7ee580d8 update copyright notice 2010-01-19 23:48:13 +00:00
Evan Hunt
5cd5eceba0 2842. [func] Prevent dnssec-keygen and dnssec-keyfromlabel from 
creating key files if there is a chance that the new
			key ID will collide with an existing one after
			either of the keys has been revoked.  (To override
			this in the case of dnssec-keyfromlabel, use the -y
			option.  dnssec-keygen will simply create a
			different, noncolliding key, so an override is
			not necessary.) [RT #20838]
 2010-01-19 20:25:49 +00:00
Evan Hunt
76c48ffb86 smartsign fails on slow machines. delay the timing-sensitive 
dnssec-settime call as long as possible.
 2010-01-19 15:55:44 +00:00
Automatic Updater
d1a69b8e99 update copyright notice 2010-01-18 23:48:01 +00:00
Evan Hunt
7c6fa1d589 2841. [func] Added "smartsign" and improved "autosign" and 
"dnssec" regression tests. [RT #20865]
 2010-01-18 19:18:35 +00:00
Automatic Updater
74f601e769 update copyright notice 2010-01-13 23:48:20 +00:00
Francis Dupont
29ea3caf10 Temporary fixed pkcs11-destroy usage check. [RT #20760] 2010-01-13 21:21:33 +00:00
Evan Hunt
96c51eadc9 Commit to v9_7 some changes that had been left out: 
2838.	[bug]		A KSK revoked by named could not be deleted.
			[RT #20881]

2837.	[port]		Prevent Linux spurious warnings about fwrite().
			[RT #20812]
 2010-01-13 19:31:53 +00:00
Automatic Updater
1773c53c87 regen 2010-01-08 02:08:26 +00:00
Automatic Updater
ed0fd28aff update copyright notice 2010-01-07 23:48:16 +00:00
Evan Hunt
592adf7dc2 2834. [bug] HMAC-SHA* keys that were longer than the algorithm 
digest length were used incorrectly, leading to
			interoperability problems with other DNS
			implementations.  This has been corrected.
			(Note: If an oversize key is in use, and
			compatibility is needed with an older release of
			BIND, the new tool "isc-hmac-fixup" can convert
			the key secret to a form that will work with all
			versions.) [RT #20751]
 2010-01-07 21:53:05 +00:00
cvs2git
946191fb80 This commit was manufactured by cvs2git to create branch 'v9_7'. 2010-01-07 21:52:15 +00:00
Evan Hunt
0f66aced26 2834. [bug] HMAC-SHA* keys that were longer than the algorithm 
digest length were used incorrectly, leading to
			interoperability problems with other DNS
			implementations.  This has been corrected.
			(Note: If an oversize key is in use, and
			compatibility is needed with an older release of
			BIND, the new tool "isc-hmac-fixup" can convert
			the key secret to a form that will work with all
			versions.) [RT #20751]
 2010-01-07 21:52:12 +00:00
Evan Hunt
b916fd3d7f 2833. [cleanup] Fix usage messages in dnssec-keygen and dnssec-settime. 
[RT #20851]
 2010-01-07 19:16:30 +00:00
Evan Hunt
8ebf67b7f0 2833. [cleanup] Fix usage messages in dnssec-keygen and dnssec-settime. 
[RT #20851]
 2010-01-07 19:13:59 +00:00
Evan Hunt
cf00dcb23a 2831. [security] Do not attempt to validate or cache 
out-of-bailiwick data returned with a secure
			answer; it must be re-fetched from its original
			source and validated in that context. [RT #20819]
 2010-01-07 16:49:12 +00:00
cvs2git
51833b980c This commit was manufactured by cvs2git to create branch 'v9_7'. 2010-01-07 16:48:30 +00:00
Evan Hunt
597642c0ba 2831. [security] Do not attempt to validate or cache 
out-of-bailiwick data returned with a secure
			answer; it must be re-fetched from its original
			source and validated in that context. [RT #20819]
 2010-01-07 16:48:23 +00:00
Automatic Updater
247f299fb0 update copyright notice 2010-01-06 23:48:47 +00:00
Automatic Updater
f9d193397a update copyright notice 2010-01-06 23:48:07 +00:00
Evan Hunt
5337c00cbb fix spacing 2010-01-06 00:53:56 +00:00
Evan Hunt
b1fbf2a4db fix spacing 2010-01-06 00:53:45 +00:00
Automatic Updater
3ee1371212 update copyright notice 2010-01-05 23:48:37 +00:00
Automatic Updater
0d12fdeb7c update copyright notice 2010-01-05 23:47:58 +00:00
Evan Hunt
bd41f944d4 missing newline in dnssec-signzone usage 2010-01-05 15:32:15 +00:00
Evan Hunt
564d687132 missing newline in dnssec-signzone usage 2010-01-05 15:31:58 +00:00
Tatuya JINMEI 神明達哉
6ca6cc975f 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:33:41 +00:00
cvs2git
dc978e394a This commit was manufactured by cvs2git to create branch 'v9_7'. 2009-12-30 08:02:40 +00:00
Tatuya JINMEI 神明達哉
d8680445d6 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:02:23 +00:00
Mark Andrews
831bfda9d2 2825. [bug] Changing the setting of OPTOUT in a NSEC3 chain that 
was in the process of being created was not properly
                        recorded in the zone. [RT #20786]
 2009-12-30 03:55:03 +00:00
Mark Andrews
57fb4f7bbe 2825. [bug] Changing the setting of OPTOUT in a NSEC3 chain that 
was in the process of being created was not properly
                        recorded in the zone. [RT #20786]
 2009-12-30 02:43:09 +00:00
Mark Andrews
2b662f27f6 2824. [bug] "rndc sign" was not being run by the correct task. 
[RT #20759]
 2009-12-29 22:23:01 +00:00
Mark Andrews
5b77627c09 2824. [bug] "rndc sign" was not being run by the correct task. 
[RT #20759]
 2009-12-29 22:20:33 +00:00
Automatic Updater
8bcd348638 regen 2009-12-29 02:09:40 +00:00
Automatic Updater
d856585f5f regen 2009-12-29 01:14:03 +00:00
Evan Hunt
3bccb39bb9 2821. [doc] Add note that named-checkconf doesn't automatically 
read rndc.key and bind.keys [RT #20758]
 2009-12-28 23:21:44 +00:00
Evan Hunt
85c5ed3577 2821. [doc] Add note that named-checkconf doesn't automatically 
read rndc.key and bind.keys [RT #20758]
 2009-12-28 23:21:16 +00:00
Francis Dupont
0faf1492c7 non-readable openssl.cnf [20668] 2009-12-24 17:49:39 +00:00