ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
23,365 Commits 589 Branches 805 Tags
c653fb616ddbdb5ba05355bbaa5abb0c9baca585
Commit Graph

9758 Commits

Author SHA1 Message Date
Mark Andrews
daec213a5c 4190. [protocol] Accept Active Diretory gc._msdcs.<forest> name as 
valid with check-names.  <forest> still needs to be
                        LDH. [RT #40399]

(cherry picked from commit dc3912f3ca)
 2015-08-22 15:28:09 +10:00
Mark Andrews
4bf90d3566 4189. [cleanup] Don't exit on overly long tokens in named.conf. 
[RT #40418]

(cherry picked from commit 7d0dfa63cf)
 2015-08-22 15:08:48 +10:00
Mark Andrews
afd71aeaf7 4188. [bug] Support HTTP/1.0 client properly on the statistics 
channel. [RT #40261]

(cherry picked from commit 18ba804f3a)
 2015-08-20 09:56:03 +10:00
Tinderbox User
f21b6da8ff update copyright notice / whitespace 2015-08-19 23:45:50 +00:00
Tinderbox User
e347eab9af update copyright notice / whitespace 2015-08-18 23:45:54 +00:00
Mark Andrews
0b30f1a160 #include <isc/safe.h> 2015-08-19 05:33:18 +10:00
Mukund Sivaraman
ff82214714 Use unknown format when totext() is not implemented for any RDATA (#40317) 
(cherry picked from commit ec3dbae9eb)
 2015-08-18 20:13:55 +05:30
Mukund Sivaraman
92260722dc Fix RPZ bugs related to wildcard triggers (#40357) 
(cherry picked from commit bf350c9f1a)

Conflicts:
	CHANGES
	bin/tests/system/rpzrecurse/tests.sh
 2015-08-18 19:48:42 +05:30
Mark Andrews
621bf85906 add isc_safe_memequal and isc_safe_memcompare; remove isc_safe_memcmp 
(cherry picked from commit 47d459ef43)
 2015-08-18 12:25:37 +10:00
Evan Hunt
cd6122b164 [v9_10] timing safe memory comparisons 
4183.	[cleanup]	Use timing-safe memory comparisons in cryptographic
			code. Also, the timing-safe comparison functions have
			been renamed to avoid possible confusion with
			memcmp(). [RT #40148]

(cherry picked from commit 420a43c8d8)
 2015-08-17 18:28:27 -07:00
Tinderbox User
b177b5fed7 update copyright notice / whitespace 2015-08-17 23:46:10 +00:00
Mukund Sivaraman
25747be3cb Use mnemonics for RR class and type comparisons (#40297) 
(cherry picked from commit b0ba1a6059)
 2015-08-17 12:25:46 +05:30
Mark Andrews
8cbf220a1e 4181. [bug] Queued notify messages could be dequeued from the 
wrong rate limiter queue. [RT #40350]

(cherry picked from commit 70862302f8)
 2015-08-17 10:38:17 +10:00
Tinderbox User
becbacfb68 update copyright notice / whitespace 2015-08-14 23:45:57 +00:00
Mukund Sivaraman
cec7b98404 Fix double frees in getaddrinfo() in libirs (#40209) 
(cherry picked from commit d7262e5c86)
 2015-08-14 14:08:15 +05:30
Mukund Sivaraman
9a88ab054b Fix assertion failure in parsing UNSPEC(103) RR from text (#40274) 
(cherry picked from commit 984d2bb9e5)
 2015-08-14 13:31:43 +05:30
Mukund Sivaraman
9250173510 Fix assertion failure in parsing NSAP records from text 
(cherry picked from commit 474921d733)
 2015-08-14 13:12:04 +05:30
Mark Andrews
9a44ac1838 4175. [bug] TKEY with GSS-API keys needed bigger buffers. 
[RT #40333]

(cherry picked from commit 9dc5ef7f24)
 2015-08-14 08:20:26 +10:00
Evan Hunt
1ca1a3f4df [v9_10] address VS2015 compiler warning 2015-08-13 14:58:50 -07:00
Tinderbox User
73b5671cdf update copyright notice / whitespace 2015-08-12 23:45:54 +00:00
Mark Andrews
c911ee6769 4172. [bug] Named / named-checkconf didn't handle a view of CLASS0. 
[RT #40265]

(cherry picked from commit 151f1bcd5e)
 2015-08-12 19:06:31 +10:00
Evan Hunt
1d18ee80ea [v9_10] fix tsig class checks 
4171.	[bug]		Fixed incorrect class checks in TSIG RR
			implementation. [RT #40287]
 2015-08-11 22:17:00 -07:00
Evan Hunt
a51bed6650 [v9_10] fix length check in OPENPGPKEY 
4170.	[security]	An incorrect boundary check in the OPENPGPKEY
			rdatatype could trigger an assertion failure.
			[RT #40286]
 2015-08-11 20:02:39 -07:00
Tinderbox User
979d849b60 update copyright notice / whitespace 2015-08-07 23:45:57 +00:00
Evan Hunt
7163ce122d [v9_10] address buffer accounting error 
4168.	[security]	A buffer accounting error could trigger an
			assertion failure when parsing certain malformed
			DNSSEC keys. (CVE-2015-5722) [RT #40212]

(cherry picked from commit ce9f893e21)
 2015-08-07 13:23:03 -07:00
Mukund Sivaraman
63dcc28d3e Fix win32 build (UNUSED is present later) 2015-07-31 14:32:47 +05:30
Mukund Sivaraman
8ddb21cd82 Bump api versions 2015-07-31 12:33:36 +05:30
Mark Andrews
38df037565 badcookie has a offical code point of 23 
(cherry picked from commit 46e7fc51b8)
 2015-07-27 15:22:42 +10:00
Mark Andrews
0b08938f80 4165. [bug] An failure to reset a value to NULL in tkey.c could 
result in an assertion failure. (CVE-2015-5477)
                        [RT #40046]

(cherry picked from commit dbb064aa79)
 2015-07-14 14:49:15 +10:00
Tinderbox User
dae3e8def6 update copyright notice / whitespace 2015-07-13 23:45:49 +00:00
Mark Andrews
d03dbac02e 4164. [bug] Don't rename slave files and journals on out of memory. 
[RT #40033]

4163.   [bug]           Address compiler warnings. [RT #40024]

(cherry picked from commit 3a49d0ff10)
 2015-07-13 09:48:42 +10:00
Mark Andrews
33076e7331 4162. [bug] httpdmgr->flags was not being initialized. [RT #40017] 
(cherry picked from commit 0bc743f9bc)
 2015-07-10 18:43:17 +10:00
Tinderbox User
a704920204 update copyright notice / whitespace 2015-07-09 23:45:51 +00:00
Evan Hunt
d52e7431b0 [v9_10] fix build error with ISC_MEM_TRACKLINES=0 2015-07-09 14:23:50 -07:00
Evan Hunt
83d0b1ab69 [v9_10] DDoS mitigation features 
3938.	[func]		Added quotas to be used in recursive resolvers
			that are under high query load for names in zones
			whose authoritative servers are nonresponsive or
			are experiencing a denial of service attack.

			- "fetches-per-server" limits the number of
			  simultaneous queries that can be sent to any
			  single authoritative server.  The configured
			  value is a starting point; it is automatically
			  adjusted downward if the server is partially or
			  completely non-responsive. The algorithm used to
			  adjust the quota can be configured via the
			  "fetch-quota-params" option.
			- "fetches-per-zone" limits the number of
			  simultaneous queries that can be sent for names
			  within a single domain.  (Note: Unlike
			  "fetches-per-server", this value is not
			  self-tuning.)
			- New stats counters have been added to count
			  queries spilled due to these quotas.

			These options are not available by default;
			use "configure --enable-fetchlimit" (or
			--enable-developer) to include them in the build.

			See the ARM for details of these options. [RT #37125]
 2015-07-08 22:55:31 -07:00
Tinderbox User
fc5aaa5e11 update copyright notice / whitespace 2015-07-07 23:45:48 +00:00
Mark Andrews
bb7971417a 4157. [protocol] Update experimental SIT code to use the EDNS COOKIE 
option code point (10).  This is the minimal change
                        required to use the new code point. [RT #39928]
 2015-07-07 15:43:04 +10:00
Mark Andrews
6eb68161a9 add warning not about handling malformed option content 
(cherry picked from commit bd08b82891)
 2015-07-07 10:25:30 +10:00
Tinderbox User
932ce73955 update copyright notice / whitespace 2015-07-06 23:45:49 +00:00
Mark Andrews
28d2815802 dig +ednsopt=<invalid> could trigger a assertion failure [RT #39990] 
(cherry picked from commit 46fc714aa0)
 2015-07-06 23:04:18 +10:00
Mark Andrews
d83bdd0e70 DNS_R_FORMERR -> DNS_R_OPTERR 2015-07-06 17:05:47 +10:00
Mark Andrews
a9557c404e 4154. [bug] A OPT record should be included with the FORMERR 
response when there is a malformed EDNS option.
                        [RT #39647]

4153.   [bug]           Dig should zero non significant +subnet bits.  Check
                        that non significant ECS bits are zero on receipt.
                        [RT #39647]

(cherry picked from commit 3e33f4198d)
 2015-07-06 13:47:17 +10:00
Tinderbox User
af9a2450cf update copyright notice / whitespace 2015-07-03 23:45:50 +00:00
Mark Andrews
7ae1d55020 4151. [bug] 'rndc flush' could cause a deadlock. [RT #39835] 2015-07-03 10:17:49 +10:00
Tinderbox User
4ec5967eeb update copyright notice / whitespace 2015-07-01 23:45:48 +00:00
Mark Andrews
124356c435 4150. [bug] win32: listen-on-v6 { any; }; was not working. Apply 
minimal fix.  [RT #39667]

(cherry picked from commit 753b27a7d3)
 2015-07-01 11:52:10 +10:00
Tinderbox User
c838ed659d update copyright notice / whitespace 2015-06-29 23:45:48 +00:00
Mukund Sivaraman
6141f501d9 Fix race in getaddrinfo() in libirs, which caused assertion failure in delv (#39873) 
(cherry picked from commit c44c77178e)
 2015-06-29 19:48:19 +05:30
Mukund Sivaraman
f69f188b90 Fix a bug printing zone names with '/' character in XML and JSON stats (#39873) 
(cherry picked from commit 08f0129732)

Conflicts:
	bin/tests/system/statistics/clean.sh
 2015-06-29 18:46:36 +05:30
Mark Andrews
a6f608404f 4147. [bug] Filter-aaaa / filter-aaaa-on-v4 / filter-aaaa-on-v6 
was returning referrals rather than nodata responses
                        when the AAAA records were filtered.  [RT #39843]

(cherry picked from commit 4a61eae651)
 2015-06-29 15:49:12 +10:00