ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
18,637 Commits 589 Branches 805 Tags
a0218dd024ee2f659331c37fa641d64f4ef5ca06
Commit Graph

1473 Commits

Author SHA1 Message Date
Automatic Updater
27ee4b8ca4 update copyright notice 2010-12-14 23:46:09 +00:00
Mark Andrews
8c5ba02091 2984. [bug] Don't run MX checks when the target of the MX record 
is ".".  [RT #22645]
 2010-12-14 00:48:23 +00:00
Mark Andrews
12fd7da162 2982. [bug] Reference count dst keys. dst_key_attach() can be used 
increment the reference count.

                        Note: dns_tsigkey_createfromkey() callers should now
                        always call dst_key_free() rather than setting it
                        to NULL on success. [RT #22672]
 2010-12-09 01:12:55 +00:00
Mark Andrews
4df431ecde 2976. [bug] named could die on exit after negotiating a GSS-TSIG 
key.  [RT #3415]
 2010-12-02 23:40:28 +00:00
Automatic Updater
c828f12404 update copyright notice 2010-09-24 08:30:28 +00:00
Mark Andrews
ff826c2844 2964. [bug] view->queryacl was being overloaded. Seperate the 
usage into view->queryacl, view->cacheacl and
                        view->queryonacl. [RT #22114]
 2010-09-24 08:09:08 +00:00
Automatic Updater
8f0cbae84a update copyright notice 2010-07-09 23:45:55 +00:00
Evan Hunt
c81b0a2f65 2929. [bug] Improved handling of GSS security contexts: 
- added LRU expiration for generated TSIGs
			 - added the ability to use a non-default realm
                         - added new "realm" keyword in nsupdate
			 - limited lifetime of generated keys to 1 hour
			   or the lifetime of the context (whichever is
			   smaller)
			[RT #19737]
 2010-07-09 05:15:06 +00:00
Automatic Updater
a55880fd78 update copyright notice 2010-06-04 23:48:25 +00:00
Mark Andrews
8925c70a54 remove trailing comma 2010-06-04 00:15:28 +00:00
Automatic Updater
01565f50ca update copyright notice 2010-05-14 23:47:50 +00:00
Mark Andrews
69ed70d223 2890. [bug] Handle the introduction of new trusted-keys and 
DS, DLV RRsets better. [RT #21097]
 2010-05-14 00:33:23 +00:00
Automatic Updater
3e1ba44c9c update copyright notice 2010-05-10 23:48:14 +00:00
Mark Andrews
2766e7b091 2881. [bug] Reduce the amount of time the rbtdb write lock 
is held when closing a version. [RT #21198]
 2010-05-10 01:42:36 +00:00
Automatic Updater
b67c0e9a49 update copyright notice 2010-02-25 10:56:41 +00:00
Mark Andrews
b8c2fd6c72 2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619] 2010-02-25 05:35:11 +00:00
Automatic Updater
9feb8eda57 update copyright notice 2010-01-15 23:47:34 +00:00
Evan Hunt
3f39cbcc76 2838. [func] Backport support for SHA-2 DNSSEC algorithms, 
RSASHA256 and RSASHA512, from BIND 9.7.  (This
			incorporates changes 2726 and 2738 from that
			release branch.) [RT #20871]
 2010-01-15 19:38:54 +00:00
Automatic Updater
ef413fafe5 update copyright notice 2009-12-30 23:47:31 +00:00
Tatuya JINMEI 神明達哉
450c3bb498 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:34:30 +00:00
Evan Hunt
c7c6605eb0 2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712] 2009-12-30 06:44:45 +00:00
Evan Hunt
65bbefae47 2819. [cleanup] Removed unnecessary DNS_POINTER_MAXHOPS define 
[RT #20771]
 2009-12-24 00:34:59 +00:00
Automatic Updater
0a9fcb1124 update copyright notice 2009-11-25 23:48:42 +00:00
Mark Andrews
eb5f89b06e 2786. [bug] Additional could be promoted to answer. [RT #20663] 2009-11-25 02:25:56 +00:00
Mark Andrews
e7f4d4e09d 2772. [security] When validating, track whether pending data was from 
the additional section or not and only return it if
                        validates as secure. [RT #20438]
 2009-11-18 00:15:38 +00:00
Automatic Updater
a1b08748d8 update copyright notice 2009-11-04 23:47:25 +00:00
Mark Andrews
5211674cef 2747. [bug] Journal roll forwards failed to set the re-signing 
time of RRSIGs correctly. [RT #20541]
 2009-11-04 01:35:07 +00:00
Mark Andrews
2a2e4dbefb 2722. [bug] Ensure that the memory associated with the name of 
a node in a rbt tree is not altered during the life
                        of the node. [RT #20431]
 2009-10-20 05:06:04 +00:00
Evan Hunt
a9775fe88d 2706. [bug] Loading a zone with a very large NSEC3 salt could 
trigger an assert. [RT #20368]
 2009-10-06 21:20:18 +00:00
Evan Hunt
c459aec591 2705. [bug] Reconcile the XML stats version number with a later 
BIND9 release, by adding a "name" attribute to
                        "cache" elements and increasing the version number
                        to 2.2.  (This is a minor version change, but may
                        affect XML parsers if they assume the cache element
                        doesn't take an attribute.)

2704.	[bug]		Serial of dynamic and stub zones could be inconsistent
			with their SOA serial.  [RT #19387]
 2009-10-05 21:57:00 +00:00
Mark Andrews
a416993543 2920. [bug] Delay thawing the zone until the reload of it has 
completed successfully.  [RT #19750]
 2009-07-11 04:23:54 +00:00
Automatic Updater
6e67205ba7 update copyright notice 2009-06-22 23:47:18 +00:00
Mark Andrews
e6be77a26c 2608. [func] Perform post signing verification checks in 
dnssec-signzone.  These can be disabled with -P.

                        The post sign verification test ensures that for each
                        algorithm in use there is at least one non revoked
                        self signed KSK key.  That all revoked KSK keys are
                        self signed.  That all records in the zone are signed
                        by the algorithm.  [RT #19653]
 2009-06-22 05:05:01 +00:00
Automatic Updater
4b24acd9f1 update copyright notice 2009-06-08 23:47:00 +00:00
Evan Hunt
4d6469ffd8 Back out dnssec-signzone fix for 9.6.1 2009-06-08 22:23:07 +00:00
Automatic Updater
c441671e8f update copyright notice 2009-06-04 02:56:14 +00:00
Mark Andrews
5fa0c17a78 2608. [func] Perform post signing verification checks in 
dnssec-signzone.  These can be disabled with -P.

                        The post sign verification test ensures that for each
                        algorithm in use there is at least one non revoked
                        self signed KSK key.  That all revoked KSK keys are
                        self signed.  That all records in the zone are signed
                        by the algorithm.  [RT #19653]
 2009-06-04 02:41:54 +00:00
Automatic Updater
846e500945 update copyright notice 2009-05-07 23:47:12 +00:00
Tatuya JINMEI 神明達哉
0e8a52d67d 2596. [bug] Stale tree nodes of cache/dynamic rbtdb could stay 
long, leading to inefficient memory usage or rejecting
			newer cache entries in the worst case. [RT #19563]
 2009-05-06 23:34:30 +00:00
Mark Andrews
1f67b99159 2511. [cleanup] dns_rdata_tofmttext() add const to linebreak. 
[RT #18885]
 2009-02-16 00:29:27 +00:00
Automatic Updater
eba7320df5 update copyright notice 2009-01-29 23:47:44 +00:00
Tatuya JINMEI 神明達哉
809350646f 2537. [experimental] Added more statistics counters including those on socket 
I/O events and query RTT histograms. [RT #18802]
 2009-01-29 22:40:36 +00:00
Automatic Updater
99b63ca8e5 update copyright notice 2009-01-18 23:47:41 +00:00
Mark Andrews
d7900926bf spelling 2009-01-18 23:25:18 +00:00
Automatic Updater
eb38c046c2 update copyright notice 2009-01-07 23:47:16 +00:00
Tatuya JINMEI 神明達哉
8bdbeeb578 2525. [experimental] New logging category "query-errors" to provide detailed 
internal information about query failures, especially
			about server failures. [RT #19027]
 2009-01-07 01:50:15 +00:00
Automatic Updater
1ff98661fd update copyright notice 2009-01-05 23:47:23 +00:00
Tatuya JINMEI 神明達哉
3dd871586f trivial comment cleanups (RT#19118) 2009-01-05 23:20:58 +00:00
Automatic Updater
49960a74b5 update copyright notice 2008-11-14 23:47:33 +00:00
Mark Andrews
da2d57c8cf 2493. [bug] The linux capabilites code was not correctly cleaning 
up after itself. [RT #18767]
 2008-11-14 05:24:11 +00:00