ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
16,736 Commits 589 Branches 805 Tags
c2f095969cc595a4c5b72c2406e0cf56038f08f3
Commit Graph

7954 Commits

Author SHA1 Message Date
Evan Hunt
c2f095969c oops: missed a declaration, and forgot to lock the zone before clearing 
the flag.  (and accidentally ran make tests in the wrong tree, misleading
myself into thinking it was fine.)
 2009-12-05 01:25:43 +00:00
Evan Hunt
d601ef9e89 2804. [bug] Send notifies when a zone is signed with "rndc sign" 
or as a result of a scheduled key change. [RT #20700]
 2009-12-04 22:45:11 +00:00
Automatic Updater
4b6dc226f7 update copyright notice 2009-12-04 22:06:37 +00:00
Mark Andrews
3d17a3ba61 2801. [func] Detect and report records that are different according 
to DNSSEC but are sematically equal according to plain
                        DNS.  Apply plain DNS comparisons rather than DNSSEC
                        comparisons when processing UPDATE requests.
                        dnssec-signzone now removes such semantically duplicate
                        records prior to signing the RRset.

                        named-checkzone -r {ignore|warn|fail} (default warn)
                        named-compilezone -r {ignore|warn|fail} (default warn)

                        named.conf: check-dup-records {ignore|warn|fail};
 2009-12-04 21:09:34 +00:00
Mark Andrews
5d850024cb 2800. [func] Reject zones which have NS records which refer to 
CNAMEs, DNAMEs or don't have address record (class IN
                        only).  Reject UPDATEs which would cause the zone
                        to fail the above checks if committed. [RT #20678]
 2009-12-04 03:33:15 +00:00
Evan Hunt
8e4f3f1cbc 2799. [cleanup] Changed the "secure-to-insecure" option to 
"dnssec-secure-to-insecure", and "dnskey-ksk-only"
			to "dnssec-dnskey-kskonly", for clarity. [RT #20586]
 2009-12-03 23:18:17 +00:00
Evan Hunt
22304041d1 typo caused a missing semicolon 2009-12-03 16:49:09 +00:00
Evan Hunt
e6dda86e8b 2798. [bug] Addressed bugs in managed-keys initialization 
and rollover. [RT #20683]
 2009-12-03 15:40:03 +00:00
Mark Andrews
2a0d4c4d6b 2797. [bug] Don't decrement the dispatch manager's maxbuffers. 
[RT #20613]
 2009-12-02 23:15:14 +00:00
Mark Andrews
d524a81532 2796. [bug] Missing dns_rdataset_disassociate() call in 
dns_nsec3_delnsec3sx(). [RT #20681]
 2009-12-01 05:28:40 +00:00
Evan Hunt
feeca57f18 2795. [cleanup] Add text to differentiate "update with no effect" 
log messages. [RT #18889]
 2009-12-01 00:47:09 +00:00
Mark Andrews
8b37c0dd6e 2794. [bug] Install <isc/namespace.h>. [RT #20677] 2009-11-30 21:34:57 +00:00
Vernon Schryver
5d9922e86f Allow the optional filter-aaaa-on-v4 option in view statements to close #20635 2009-11-28 15:57:37 +00:00
Automatic Updater
3e920dd0c6 update copyright notice 2009-11-26 23:48:14 +00:00
Mark Andrews
66ecb6789b 2790. [bug] Handle DS queries to stub zones. 2009-11-26 03:28:19 +00:00
Automatic Updater
2b2fc9b4df update copyright notice 2009-11-25 23:49:22 +00:00
Mark Andrews
536e36ac8d declarations before statements 2009-11-25 13:17:59 +00:00
Evan Hunt
cfc22e53a8 2789. [bug] Fixed an INSIST in dispatch.c [RT #20576] 2009-11-25 05:55:32 +00:00
Evan Hunt
fc1fb1a469 2786. [bug] Spurious log message when zone keys were 
dynamically reconfigured. [RT #20659]
 2009-11-25 02:30:54 +00:00
Mark Andrews
d0ca4e90e2 2786. [bug] Additional could be promoted to answer. [RT #20663] 2009-11-25 02:22:05 +00:00
Automatic Updater
b314ea10b4 update copyright notice 2009-11-24 23:48:12 +00:00
Evan Hunt
d312bc5d81 2785. [bug] Revoked keys could fail to self-sign [RT #20652] 2009-11-24 03:42:32 +00:00
Mark Andrews
9dd2ee95f1 2784. [bug] TC was not always being set when required glue was 
dropped. [RT #234186]
 2009-11-24 03:20:02 +00:00
Automatic Updater
94e3a63110 update copyright notice 2009-11-23 23:48:16 +00:00
Evan Hunt
5985af3f5c 2781. [bug] Inactive keys could be used for signing. [RT #20649] 2009-11-23 15:18:07 +00:00
Evan Hunt
cef109efa7 2780. [bug] dnssec-keygen -A none didn't properly unset the 
activation date in all cases. [RT #20648]

2779.	[bug]		Dynamic key revokation could fail. [RT #20644]

2778.	[bug]		dnssec-signzone could fail when a key was revoked
			without deleting the unrevoked version. [RT #20638]
 2009-11-23 02:55:41 +00:00
Mark Andrews
c16d37d06e 2776. [bug] Change #2762 was not correct. [RT #20647] 2009-11-23 02:10:16 +00:00
Automatic Updater
fe2b9bf570 update copyright notice 2009-11-18 23:48:07 +00:00
Evan Hunt
b08325a7f3 2773. [bug] In autosigned zones, the SOA could be signed 
with the KSK. [RT #20628]
 2009-11-18 21:22:31 +00:00
Evan Hunt
2ad776a5c4 changed age to 0 2009-11-18 16:46:10 +00:00
Evan Hunt
af52d6ddd7 prep for release of 9.7.0b3 2009-11-18 00:30:37 +00:00
Mark Andrews
a39a5f4d81 2772. [security] When validating, track whether pending data was from 
the additional section or not and only return it if
                        validates as secure. [RT #20438]
 2009-11-17 23:55:18 +00:00
Automatic Updater
e34e9a8d68 update copyright notice 2009-11-17 23:48:13 +00:00
Evan Hunt
7ee4b13ded 2771. [bug] dnssec-signzone: DNSKEY records could be 
corrupted when importing from key files [RT #20624]
 2009-11-17 05:46:53 +00:00
Evan Hunt
44a3999cf4 2770. [cleanup] Add log messages to resolver.c to indicate events 
causing FORMERR responses. [RT #20526]
 2009-11-17 02:23:15 +00:00
Evan Hunt
7048af0a55 2769. [cleanup] Change #2742 was incomplete. [RT #19589] 2009-11-16 07:56:06 +00:00
Evan Hunt
e856482b1f 2767. [bug] named could crash on startup if a zone was 
configured with auto-dnssec and there was no
			key-directory. [RT #20615]
 2009-11-16 01:44:33 +00:00
Evan Hunt
37a34ab54f 2766. [bug] isc_socket_fdwatchpoke() should only update the 
socketmgr state if the socket is not pending on a
			read or write.  [RT #20603]
 2009-11-13 00:41:58 +00:00
Automatic Updater
53d502202a update copyright notice 2009-11-12 23:47:59 +00:00
Evan Hunt
86132f0ef5 eliminate warning when building without -DBIND9 2009-11-12 23:43:02 +00:00
Mark Andrews
1d0ebb4cf2 2765. [bug] Skip masters for which the TSIG key cannot be found. 
[RT #20595]
 2009-11-12 23:30:36 +00:00
Evan Hunt
e9dff04d3b 2763. [bug] "rndc sign" didn't create an NSEC chain. [RT #20591] 2009-11-12 03:03:36 +00:00
Evan Hunt
0c3948e606 2761. [bug] DLV validation failed with a local slave DLV zone. 
[RT #20577]
 2009-11-12 02:59:20 +00:00
Evan Hunt
5857247dbb 2758. [bug] win32: Added a workaround for a windows 2008 bug 
that could cause the UDP client handler to shut
			down. [RT #19176]
 2009-11-10 18:31:47 +00:00
Evan Hunt
5c6c5669ec #include <time.h> for the ctime() prototype. 2009-11-07 03:36:58 +00:00
Mark Andrews
df1599d0e1 address initialization type mismatch warning 2009-11-06 04:19:28 +00:00
Mark Andrews
7963a67df0 address statement not reached warning 2009-11-06 04:12:15 +00:00
Evan Hunt
c1bfa5b0ad 2753. [bug] Removed an unnecessary warning that could appear when 
building an NSEC chain. [RT #20588]
 2009-11-06 03:26:59 +00:00
Evan Hunt
aa2f010f13 Switch from OpenSSL 0.9.8k to 0.9.8l 2009-11-06 03:14:10 +00:00
Mark Andrews
302ed789bd 2752. [bug] Locking violation. [RT #20587] 2009-11-06 01:30:06 +00:00