ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
16,944 Commits 589 Branches 805 Tags
9457b2ef4e602ccbc8a84cafb3a03831cbacb992
Commit Graph

5136 Commits

Author SHA1 Message Date
Automatic Updater
1773c53c87 regen 2010-01-08 02:08:26 +00:00
Automatic Updater
ed0fd28aff update copyright notice 2010-01-07 23:48:16 +00:00
Evan Hunt
592adf7dc2 2834. [bug] HMAC-SHA* keys that were longer than the algorithm 
digest length were used incorrectly, leading to
			interoperability problems with other DNS
			implementations.  This has been corrected.
			(Note: If an oversize key is in use, and
			compatibility is needed with an older release of
			BIND, the new tool "isc-hmac-fixup" can convert
			the key secret to a form that will work with all
			versions.) [RT #20751]
 2010-01-07 21:53:05 +00:00
cvs2git
946191fb80 This commit was manufactured by cvs2git to create branch 'v9_7'. 2010-01-07 21:52:15 +00:00
Evan Hunt
0f66aced26 2834. [bug] HMAC-SHA* keys that were longer than the algorithm 
digest length were used incorrectly, leading to
			interoperability problems with other DNS
			implementations.  This has been corrected.
			(Note: If an oversize key is in use, and
			compatibility is needed with an older release of
			BIND, the new tool "isc-hmac-fixup" can convert
			the key secret to a form that will work with all
			versions.) [RT #20751]
 2010-01-07 21:52:12 +00:00
Evan Hunt
b916fd3d7f 2833. [cleanup] Fix usage messages in dnssec-keygen and dnssec-settime. 
[RT #20851]
 2010-01-07 19:16:30 +00:00
Evan Hunt
8ebf67b7f0 2833. [cleanup] Fix usage messages in dnssec-keygen and dnssec-settime. 
[RT #20851]
 2010-01-07 19:13:59 +00:00
Evan Hunt
cf00dcb23a 2831. [security] Do not attempt to validate or cache 
out-of-bailiwick data returned with a secure
			answer; it must be re-fetched from its original
			source and validated in that context. [RT #20819]
 2010-01-07 16:49:12 +00:00
cvs2git
51833b980c This commit was manufactured by cvs2git to create branch 'v9_7'. 2010-01-07 16:48:30 +00:00
Evan Hunt
597642c0ba 2831. [security] Do not attempt to validate or cache 
out-of-bailiwick data returned with a secure
			answer; it must be re-fetched from its original
			source and validated in that context. [RT #20819]
 2010-01-07 16:48:23 +00:00
Automatic Updater
247f299fb0 update copyright notice 2010-01-06 23:48:47 +00:00
Automatic Updater
f9d193397a update copyright notice 2010-01-06 23:48:07 +00:00
Evan Hunt
5337c00cbb fix spacing 2010-01-06 00:53:56 +00:00
Evan Hunt
b1fbf2a4db fix spacing 2010-01-06 00:53:45 +00:00
Automatic Updater
3ee1371212 update copyright notice 2010-01-05 23:48:37 +00:00
Automatic Updater
0d12fdeb7c update copyright notice 2010-01-05 23:47:58 +00:00
Evan Hunt
bd41f944d4 missing newline in dnssec-signzone usage 2010-01-05 15:32:15 +00:00
Evan Hunt
564d687132 missing newline in dnssec-signzone usage 2010-01-05 15:31:58 +00:00
Tatuya JINMEI 神明達哉
6ca6cc975f 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:33:41 +00:00
cvs2git
dc978e394a This commit was manufactured by cvs2git to create branch 'v9_7'. 2009-12-30 08:02:40 +00:00
Tatuya JINMEI 神明達哉
d8680445d6 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:02:23 +00:00
Mark Andrews
831bfda9d2 2825. [bug] Changing the setting of OPTOUT in a NSEC3 chain that 
was in the process of being created was not properly
                        recorded in the zone. [RT #20786]
 2009-12-30 03:55:03 +00:00
Mark Andrews
57fb4f7bbe 2825. [bug] Changing the setting of OPTOUT in a NSEC3 chain that 
was in the process of being created was not properly
                        recorded in the zone. [RT #20786]
 2009-12-30 02:43:09 +00:00
Mark Andrews
2b662f27f6 2824. [bug] "rndc sign" was not being run by the correct task. 
[RT #20759]
 2009-12-29 22:23:01 +00:00
Mark Andrews
5b77627c09 2824. [bug] "rndc sign" was not being run by the correct task. 
[RT #20759]
 2009-12-29 22:20:33 +00:00
Automatic Updater
8bcd348638 regen 2009-12-29 02:09:40 +00:00
Automatic Updater
d856585f5f regen 2009-12-29 01:14:03 +00:00
Evan Hunt
3bccb39bb9 2821. [doc] Add note that named-checkconf doesn't automatically 
read rndc.key and bind.keys [RT #20758]
 2009-12-28 23:21:44 +00:00
Evan Hunt
85c5ed3577 2821. [doc] Add note that named-checkconf doesn't automatically 
read rndc.key and bind.keys [RT #20758]
 2009-12-28 23:21:16 +00:00
Francis Dupont
0faf1492c7 non-readable openssl.cnf [20668] 2009-12-24 17:49:39 +00:00
Evan Hunt
b4df2f48c7 2818. [cleanup] rndc could return an incorrect error code 
when a zone was not found. [RT #20767]
 2009-12-24 00:16:08 +00:00
Evan Hunt
1361014b02 2818. [cleanup] rndc could return an incorrect error code 
when a zone was not found. [RT #20767]
 2009-12-24 00:14:20 +00:00
Evan Hunt
84c9c592f8 2817. [cleanup] Removed unnecessary isc_tasc_endexclusive() calls. 
[RT #20768]
 2009-12-24 00:00:13 +00:00
Evan Hunt
40ad4ed01b 2817. [cleanup] Removed unnecessary isc_tasc_endexclusive() calls. 
[RT #20768]
 2009-12-23 23:59:42 +00:00
Evan Hunt
5a33ab5d65 2815. [bug] Exclusively lock the task when freezing a zone. 
[RT #19838]
 2009-12-23 23:33:53 +00:00
Evan Hunt
aa3415ba49 2815. [bug] Exclusively lock the task when freezing a zone. 
[RT #19838]
 2009-12-23 23:33:09 +00:00
Evan Hunt
f766024a27 change all keys from rsasha1 to nsec3rsasha1 so that the nsec->nsec3 
transitions work correctly.  (they worked before, but weren't supposed
to; when that bug was fixed, the test broke.)
 2009-12-19 17:30:31 +00:00
Evan Hunt
929667cf18 change all keys from rsasha1 to nsec3rsasha1 so that the nsec->nsec3 
transitions work correctly.  (they worked before, but weren't supposed
to; when that bug was fixed, the test broke.)
 2009-12-19 17:30:07 +00:00
Automatic Updater
928e12ccdc update copyright notice 2009-12-18 23:49:03 +00:00
Automatic Updater
5470afd66b update copyright notice 2009-12-18 23:48:18 +00:00
Evan Hunt
4e55893d30 2813. [bug] Better handling of unreadable DNSSEC key files. 
[RT #20710]

2812.	[bug]		Make sure updates can't result in a zone with
			NSEC-only keys and NSEC3 records. [RT 20748]
 2009-12-18 22:16:49 +00:00
Evan Hunt
7290687619 2813. [bug] Better handling of unreadable DNSSEC key files. 
[RT #20710]

2812.	[bug]		Make sure updates can't result in a zone with
			NSEC-only keys and NSEC3 records. [RT 20748]
 2009-12-18 22:13:54 +00:00
Evan Hunt
0da859c5a7 2811. [cleanup] Add "rndc sign" to list of commands in rndc usage 
output. [RT #20733]
 2009-12-18 07:59:43 +00:00
Evan Hunt
8d002e0930 2811. [cleanup] Add "rndc sign" to list of commands in rndc usage 
output. [RT #20733]
 2009-12-18 07:59:09 +00:00
Evan Hunt
9de98fbbbe 2809. [cleanup] Restored accidentally-deleted text in usage output 
in dnssec-settime and dnssec-revoke [RT #20739]
 2009-12-18 07:49:42 +00:00
Evan Hunt
d1ebdb2de9 2809. [cleanup] Restored accidentally-deleted text in usage output 
in dnssec-settime and dnssec-revoke [RT #20739]
 2009-12-18 07:48:37 +00:00
Automatic Updater
42f75ef047 regen 2009-12-17 02:57:07 +00:00
Automatic Updater
90c38ab4e6 regen 2009-12-17 01:13:46 +00:00
Evan Hunt
535bc8112a s/ddns.key/session.key/ 2009-12-16 07:13:02 +00:00
Evan Hunt
c33415db62 s/ddns.key/session.key/ 2009-12-16 07:12:49 +00:00