ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
20,516 Commits 589 Branches 805 Tags
c9c07bb5d67929cc59fd8081dbdb7ebfa0892ffa
Commit Graph

1643 Commits

Author SHA1 Message Date
Mark Andrews
1c29e9db2c update copyrights 2013-12-05 15:48:07 +11:00
Mark Andrews
7c0b7f6847 3681. [port] Update the Windows build system to support feature 
selection and WIN64 builds.  This is a work in
                        progress. [RT #34160]

(cherry picked from commit c3c8823fed)

Conflicts:
	CHANGES
	bin/check/win32/checktool.dsp.in
	bin/dnssec/win32/dnssectool.dsp.in
	bin/dnssec/win32/importkey.dsp.in
	bin/dnssec/win32/importkey.mak.in
	bin/named/geoip.c
	bin/named/include/named/geoip.h
	bin/tools/win32/rrchecker.dsp.in
	bin/tools/win32/rrchecker.mak.in
	config.h.win32
	lib/dns/geoip.c
	lib/dns/master.c
	lib/dns/win32/libdns.dsp.in
	lib/dns/win32/libdns.mak.in
	lib/isc/mem.c
	lib/isc/stats.c
	lib/isc/win32/file.c
	lib/isc/win32/libisc.def.in
	lib/isc/win32/libisc.mak.in
	lib/isc/win32/stdio.c
	lib/isccc/cc.c
	win32utils/BuildAll.bat
	win32utils/BuildSetup.bat
	win32utils/legacy/BINDBuild.dsw.in
	win32utils/makeversion.pl
	win32utils/setpk11provider.pl
	win32utils/updatelibxml2.pl
	win32utils/win32-build.txt

Conflicts:
	bin/dnssec/win32/verify.dsp.in
	bin/dnssec/win32/verify.mak.in
	bin/named/server.c
	bin/python/dnssec-checkds.py.in
	bin/python/dnssec-coverage.py.in
	lib/dns/nsec.c
	lib/dns/nsec3.c
	lib/dns/win32/libdns.mak.in
	lib/dns/zone.c
	lib/isc/win32/libisc.mak.in
	win32utils/BuildAll.bat
	win32utils/BuildSetup.bat
	win32utils/legacy/BINDBuild.dsw.in
	win32utils/updatelibxml2.pl
	win32utils/win32-build.txt
 2013-12-04 14:08:17 +11:00
Tinderbox User
c58c41faf1 update copyright notice 2013-09-23 23:45:29 +00:00
Mark Andrews
2dfbd9614c silence clang warning 
(cherry picked from commit 9084a3e58f)
 2013-09-23 13:27:02 +10:00
Mark Andrews
f68c1cf138 3644. [protocol] Check that EDNS subnet client options are well forme 
[RT #34718]

    (cherry picked from commit 3ad8f24ddd)
 2013-09-18 11:26:26 +10:00
Tinderbox User
c32a681ef2 update copyright notice 2013-09-17 23:45:29 +00:00
Mark Andrews
8231b780b2 3639. [bug] Treat type 65533 (KEYDATA) as opaque except when used 
in a key zone. [RT #34238]

(cherry picked from commit d6f99498d6)
 2013-09-17 11:05:44 +10:00
Tinderbox User
1f246d11eb update copyright notice 2013-08-15 23:45:27 +00:00
Mark Andrews
e0e235c5c4 3632. [bug] Signature from newly inactive keys were not being 
removed.  [RT #32178]

(cherry picked from commit 7ace327795)
 2013-08-15 11:45:42 +10:00
Mark Andrews
9583651d76 3627. [bug] RPZ changes were not effective on slaves. [RT #34450] 
(cherry picked from commit 333f320a62d78e79fa54e7bcc389073a109618f7)
(cherry picked from commit dab73dfc86)
 2013-08-09 12:59:45 +10:00
Mark Andrews
54e6ec8f49 3559. [func] Check that both forms of Sender Policy Framework 
records exist or do not exist. [RT #33355]
(cherry picked from commit 26bb3b7a67)
 2013-04-30 13:55:38 +10:00
Tinderbox User
b61feeae26 update copyright notice 2013-04-26 23:45:27 +00:00
Evan Hunt
b2d727cce0 [v9_8] address two more possible acache asserts 
3555.	[bug]		Address theoretical race conditions in acache.c
			(change #3553 was incomplete). [RT #33252]
(cherry picked from commit ff5ac6d421)
(cherry picked from commit 62ebf6bbef)
 2013-04-25 18:03:57 -07:00
Tinderbox User
a5e1b39205 update copyright notice 2013-04-09 23:45:24 +00:00
Mark Andrews
6227ab7137 3548. [bug] The NSID request code in resolver.c was broken 
resulting in invalid EDNS options being sent.
                        [RT #33153]
(cherry picked from commit 4adf97c32f)

Conflicts:
	lib/dns/include/dns/message.h
	lib/dns/message.c
 2013-04-08 16:45:14 +10:00
Mark Andrews
530249bc9e 3546. [func] Add EUI48 and EUI64 types. [RT #33082] 
(cherry picked from commit 3a6d62c59f)
 2013-04-05 09:09:04 +11:00
Mark Andrews
be7574a755 update copyrights 2013-02-27 12:38:27 +11:00
Tinderbox User
4977d4492b update copyright notice 2013-02-25 23:45:29 +00:00
Evan Hunt
3584937648 [v9_8] RPZ speed up (phase 1, single RPZ) 
3496.	[func]		Improvements to RPZ performance. The "response-policy"
			syntax now includes a "min-ns-dots" clause, with
			default 1, to exclude top-level domains from
			NSIP and NSDNAME checking. [RT #32251]

    Response policy (rpz) changes to
      - add zone statistics
      - speed up by adding min-ns-dots to the response-policy syntax
         with a default of 1
      - detect and reject policy zones with a database other than rbt
         only rbtdb has rpz hooks
      - allow empty response-policy{} statement
      - make --enable-rpz-nsip and --enable-rpz-nsdname the default
(cherry picked from commit 8159e80279408be50d31db5d853ae2736bd1934d)
 2013-02-25 14:32:00 -08:00
Tinderbox User
855dfec81c update copyright notice 2013-01-10 23:45:31 +00:00
Mark Andrews
9ad7445961 3461. [bug] Negative responses could incorrectly have AD=1 
set. [RT #32237]
 2013-01-10 22:17:59 +11:00
Tinderbox User
7d58f3ac85 update copyright notice 2013-01-04 23:45:25 +00:00
Mark Andrews
66e6de354c 3445. [bug] Warn about zone files with blank owner names 
immediately after $ORIGIN directives. [RT #31848]

Conflicts:
	lib/dns/tests/master_test.c
 2013-01-04 12:28:27 +11:00
Evan Hunt
cdea02bf60 [v9_8] reject $ORIGIN before inherited name 
3445.	[bug]		Reject zone files with blank owner names immediately
			after $ORIGIN directives. [RT #31848]
(cherry picked from commit 3ad3e9c948)
 2012-12-18 16:24:09 -08:00
Tinderbox User
1195f0f7da update copyright notice 2012-12-18 23:45:23 +00:00
Mark Andrews
db77850ece 3443. [bug] The NOQNAME proof was not being returned from cached 
insecure responses. [RT #21409]

Conflicts:
	bin/tests/system/conf.sh.in
	lib/dns/include/dns/nsec.h
 2012-12-19 10:15:14 +11:00
Mark Andrews
75b97fd979 3438. [bug] Don't accept unknown data escape in quotes. [RT #32031] 
Squashed commit of the following:

commit 7ad3daade513c94a1c92ee7c91c112f161d13ef4
Author: Mark Andrews <marka@isc.org>
Date:   Mon Dec 3 15:03:44 2012 +1100

    look at the second token to determine if a TXT record in of unknown format or not

commit 7df32138462646f6aee84ffa56d02ac24ec8d672
Author: Mark Andrews <marka@isc.org>
Date:   Mon Dec 3 12:42:18 2012 +1100

    '"\#"' was incorrectly being treated as a unknown data escape sequence.
 2012-12-08 14:13:26 +11:00
Evan Hunt
ab9d2ca4dd [v9_8] silence noisy OpenSSL logging 
3402.	[bug]		Correct interface numbers for IPv4 and IPv6 interfaces.
(cherry picked from commit 0e37e9e3d7)
(cherry picked from commit 152c393671)
 2012-10-24 13:00:30 -07:00
Tinderbox User
371adece68 update copyright notice 2012-10-06 23:45:40 +00:00
Mark Andrews
dc167ac7f3 3390. [bug] Silence clang compiler warnings. [RT #30417] 2012-10-06 12:39:55 +10:00
Mark Andrews
f6c1e4c75f 3364. [security] Named could die on specially crafted record. 
[RT #30416]
 2012-08-24 13:43:20 +10:00
Tinderbox User
140a9bdfd4 update copyright notice 2012-08-21 23:45:38 +00:00
Mark Andrews
d319c1ce2b 3368. [bug] <dns/iptable.h> and <dns/zone.h> where not C++ safe. 2012-08-21 16:45:59 +10:00
Tinderbox User
8b79e1aed5 update copyright notice 2012-07-25 23:45:36 +00:00
ckb
540b745122 3356. [bug] Cap the TTL of signed RRsets when RRSIGs are 
approaching their expiry, so they don't remain
			in caches after expiry. [RT #26429]
 2012-07-25 17:25:13 -05:00
Tinderbox User
6686ee02c3 update copyright notice 2012-07-23 23:45:40 +00:00
Mark Andrews
4e93d4a830 3354. [func] Improve OpenSSL error logging. [RT #29932] 2012-07-23 15:10:41 +10:00
Tinderbox User
599cf7175e update copyright notice 2012-06-29 23:45:32 +00:00
Mark Andrews
c0b8f1a675 reverse bad copyright update 2012-06-29 11:43:12 +10:00
Tinderbox User
4106b0caeb update copyright notice 2012-06-29 01:21:53 +00:00
Tinderbox User
f3c44ec867 update copyright notice 2012-05-31 23:45:36 +00:00
Vernon Schryver
07d51fa5ba Squashed commit of the following: 
commit 4d29cea2ea05491a7afebc343e41d9b6ad58f068
commit 3211da9716e5ecc0bb758666db70a667ca5a944e
commit 884b6f5d5e9b1f50757c606adafabe382b90c80b
commit 53f82565f72f091a46caed754db160e4a7a2d161
Merge: 8f73664 9698f42
commit 8f73664e7bdc04f766ddcccfb5fc5f857a22326a

for rt26172

Add
  - optional "recursive-only yes|no" to the response-policy statement
  - optional max-policy-ttl to limit the lies that "recursive-only no"
      can introduce into resolvers' caches
  - test that queries with RD=0 are not rewritten by default
  - performance smoke test

Change encoding of PASSTHRU action to "rpz-passthru".
      (The old encoding is still accepted.)
Fix rt26180  assert botch in zone_findrdataset() in this branch
     as well.

Fix missing signatures on NOERROR results despite RPZ hits
    when there are signatures and the client asks for DNSSEC,
 2012-05-31 01:47:47 +00:00
Tinderbox User
b008cf0a4d update copyright notice 2012-05-17 23:45:35 +00:00
Evan Hunt
9d1aaaaf3a add ECDSA support 
3317.	[protocol]	Add ECDSA support (RFC 6605). [RT #21918]
 2012-05-17 16:09:53 -07:00
Evan Hunt
58e0170e5e Handle RRSIG signer case consistently 
3329.	[bug]	Handle RRSIG signer-name case consistently: We
		generate RRSIG records with the signer-name in
		lower case.  We accept them with any case, but if
		they fail to validate, we try again in lower case.
		[RT #27451]
 2012-05-17 11:08:49 -07:00
Tinderbox User
d6b6ca9086 update copyright notice 2012-04-12 23:45:32 +00:00
Mark Andrews
c7ae37d1aa 3307. [bug] Add missing ISC_LANG_BEGINDECLS and ISC_LANG_ENDDECLS. 
[RT #28956]
 2012-04-13 08:39:23 +10:00
Mark Andrews
efd194bdb6 3307. [bug] Add missing ISC_LANG_ENDDECLS to <dns/tsec.h>. [RT #28956] 2012-04-12 19:17:29 +10:00
Tinderbox User
5771a59496 update copyright notice 2012-04-11 23:45:30 +00:00
Mark Andrews
f0c93bef30 3306. [bug] Improve DNS64 reverse zone performance. [RT #28563] 
3305.   [func]          Add wire format lookup method to sdb. [RT #28563]
 2012-04-11 12:33:08 +10:00