ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
18,788 Commits 589 Branches 805 Tags
c59de0f52fe93aba0bbbf5cedca9fcbb7f492563
Commit Graph

1966 Commits

Author SHA1 Message Date
Evan Hunt
b47c020d5c 3133. [bug] Change #3114 was incomplete. [RT #24577] 2011-07-08 01:43:26 +00:00
Automatic Updater
2a36d8ca40 update copyright notice 2011-07-07 23:47:50 +00:00
Evan Hunt
c46ce2d79b 3131. [func] Improve scalability by allocating one zone task 
per 100 zones at startup time, rather than using a
			fixed-size task table. [RT #24406]
 2011-07-06 05:05:52 +00:00
Mark Andrews
a69070d8fa 3130. [func] Support alternate methods for managing a dynamic 
zone's serial number.  Two methods are currently
                        defined using serial-update-method, "increment"
                        (default) and "unixtime".  [RT #23849]
 2011-07-01 02:25:48 +00:00
Evan Hunt
cba23be7ba Add the newly discovered PoD to the nsupdate test. (No CHANGES note.) 2011-06-21 22:15:05 +00:00
Automatic Updater
313b4dc3b2 update copyright notice 2011-06-17 23:47:49 +00:00
Evan Hunt
e7220c9b84 3129. [bug] Named could crash on 'rndc reconfig' when 
allow-new-zones was set to yes and named ACLs
			were used, [RT #22739]
 2011-06-17 07:05:02 +00:00
Automatic Updater
0f467ed4d4 update copyright notice 2011-06-10 23:47:32 +00:00
Evan Hunt
79ce3a9e82 3128. [func] Inserting an NSEC3PARAM via dynamic update in an 
auto-dnssec zone that has not been signed yet
			will cause it to be signed with the specified NSEC3
			parameters when keys are activated.  The
			NSEC3PARAM record will not appear in the zone until
			it is signed, but the parameters will be stored.
			[RT #23684]
 2011-06-10 01:51:09 +00:00
Evan Hunt
5e3affc6a0 3127. [bug] 'rndc thaw' will now remove a zone's journal file 
if the zone serial number has been changed and
			ixfr-from-differences is not in use.  [RT #24687]
 2011-06-10 01:32:38 +00:00
Mark Andrews
475b1ed9cc 3126. [security] Using DNAME record to generate replacements caused 
RPZ to exit with a assertion failure. [RT #23766]
 2011-06-09 03:10:17 +00:00
Mark Andrews
b64e3b8358 3125. [security] Using wildcard CNAME records as a replacement with 
RPZ caused named to exit with a assertion failure.
                        [RT #24715]
 2011-06-09 00:42:51 +00:00
Evan Hunt
2a6d60615c Fixed an nsupdate test error 2011-06-09 00:15:05 +00:00
Evan Hunt
6de9744cf9 3124. [bug] Use an rdataset attribute flag to indicate 
negative-cache records rather than using rrtype 0;
			this will prevent problems when that rrtype is
			used in actual DNS packets. [RT #24777]

3123.	[security]	Change #2912 exposed a latent flaw in
			dns_rdataset_totext() that could cause named to
			crash with an assertion failure. [RT #24777]
 2011-06-08 22:13:51 +00:00
Scott Mann
07797bfb1f fix RT 24561 2011-06-07 01:45:38 +00:00
Mark Andrews
ec564e401a add debugging output on test failure 2011-05-31 13:52:06 +00:00
Mark Andrews
ae0691566a date +%s is not portable, use perl -e 'print time();', Adjust messages 2011-05-30 22:32:06 +00:00
Scott Mann
5588b32695 This is a workaround fix for a problem in Solaris 10 (specifically on thing1) 
for which a root cause has not yet been found. RT #24561.
 2011-05-30 15:13:49 +00:00
Mark Andrews
fe8572e116 The old active key could be deleted before the "former standby key has now 
signed fully" ran causing it to fail.  Delay the deletion by 10 seconds.
 2011-05-30 07:25:19 +00:00
Automatic Updater
6406d6507a update copyright notice 2011-05-26 23:47:28 +00:00
Mark Andrews
ea82782532 3120. [bug] Named could fail to validate zones list in a DLV 
that validated insecure without using DLV and had
                        DS records in the parent zone. [RT #24631]
 2011-05-26 04:35:02 +00:00
Evan Hunt
0245f7725c 3118. [bug] When rolling to a new DNSSEC key, a private-type 
record could be created and never marked complete.
			[RT #23253]
 2011-05-26 04:25:47 +00:00
Automatic Updater
00678e367d update copyright notice 2011-05-25 23:47:16 +00:00
Mark Andrews
021bc5b3cc add DRUZ zone with DS records 2011-05-25 01:06:56 +00:00
Evan Hunt
47e70d820e 3118. [bug] nsupdate could dump core on shutdown when using 
SIG(0) keys. [RT #24604]
 2011-05-23 22:25:32 +00:00
Evan Hunt
bfe32d08c5 3116. [func] New 'dnssec-update-mode' option controls updates 
of DNSSEC records in signed dynamic zones.  Set to
			'no-resign' to disable automatic RRSIG regeneration
			while retaining the ability to sign new or changed
			data. [RT #24533]
 2011-05-23 20:10:03 +00:00
Evan Hunt
fc6364bf24 expiring.example.db.in was left out when committing rt23136 to HEAD 2011-05-21 15:07:10 +00:00
Scott Mann
a50ce0f80b Fix for RT #23136 task 1. 2011-05-19 00:31:57 +00:00
Mark Andrews
789875a1bd named.conf copyrights 2011-05-08 07:12:48 +00:00
Automatic Updater
25db028666 update copyright notice 2011-05-07 23:47:28 +00:00
Evan Hunt
de7df3e56f 3111. [bug] Improved consistency checks for dnssec-enable and 
dnssec-validation, added test cases to the
                        checkconf system test. [RT #24398]
 2011-05-07 05:55:17 +00:00
Automatic Updater
40717638fa update copyright notice 2011-05-06 23:47:29 +00:00
Evan Hunt
ac21f918f2 3109. [func] The also-notify option now uses the same syntax 
as a zone's masters clause.  This means it is
			now possible to specify a TSIG key to use when
			sending notifies to a given server, or to include
			an explicit named masters list in an also-notfiy
			statement.  [RT #23508]
 2011-05-06 21:23:51 +00:00
Evan Hunt
485522d7e1 3108. [cleanup] dnssec-signzone: Clarified some error and 
warning messages; removed #ifdef ALLOW_KSKLESS_ZONES
			code (use -P instead). [RT #20852]

3107.	[bug]		dnssec-signzone: Report the correct number of ZSKs
			when using -x. [RT #20852]
 2011-05-06 21:08:33 +00:00
Automatic Updater
a30e1b26b4 update copyright notice 2011-05-05 23:47:17 +00:00
Scott Mann
b2b3209149 added g 2011-05-05 23:15:56 +00:00
Scott Mann
101e493844 remove trailing whitespace from pid (RT 24388) 2011-05-05 23:10:24 +00:00
Scott Mann
58d7c91b65 remove trailing newline from pid (RT #24388) 2011-05-05 22:56:55 +00:00
Evan Hunt
d454a60f56 3103. [bug] Configuring 'dnssec-validation auto' in a view 
instead of in the options statement could trigger
			an assertion failure in named-checkconf. [RT #24382]
 2011-05-05 16:13:35 +00:00
Mark Andrews
83bf223210 explictly kill the process if the server fails to start, check for a non zero length pid file 2011-05-05 04:47:45 +00:00
Mark Andrews
46d3c6cf40 grep was not precise enough leading to test failure 2011-05-03 16:07:44 +00:00
Mark Andrews
f1d4986b83 treat asb(x) < 500ms as 0 2011-05-02 23:56:59 +00:00
Mark Andrews
65043f48f2 force numeric comparision 2011-05-02 05:05:05 +00:00
Mark Andrews
07907fa31a handle end of day 2011-05-02 01:35:04 +00:00
Mark Andrews
bbf46f1aa2 fix expression 2011-05-01 21:36:33 +00:00
Mark Andrews
f83682f368 awk -v is not portable, add floating point arithmetic effects 2011-05-01 11:29:20 +00:00
Automatic Updater
54968ae88e update copyright notice 2011-04-29 23:47:18 +00:00
Evan Hunt
39f2d1a96a 3102. [func] New 'dnssec-loadkeys-interval' option configures 
how often, in minutes, to check the key repository
			for updates when using automatic key maintenance.
			Default is every 60 minutes (formerly hard-coded
			to 12 hours). [RT #23744]

3101.	[bug]		Zones using automatic key maintenance could fail
			to check the key repository for updates. [RT #23744]
 2011-04-29 21:37:15 +00:00
Evan Hunt
76db58eb81 3100. [security] Certain response policy zone configurations could 
trigger an INSIST when receiving a query of type
			RRSIG. [RT #24280]
 2011-04-27 17:46:47 +00:00
Automatic Updater
7021f2faa0 update copyright notice 2011-04-19 23:47:52 +00:00