Mark Andrews
c08e4c3636
silence may be used when unset false positive
...
(cherry picked from commit c7aae79b62
2016-02-29 11:25:08 +11:00
Mark Andrews
e87b18eb8f
more sit -> cookie cleanups
2016-02-29 11:15:44 +11:00
Mark Andrews
499952eb45
Part 2 of:
...
4319. [security] Fix resolver assertion failure due to improper
DNAME handling when parsing fetch reply messages.
(CVE-2016-1286) [RT #41753 ]
(cherry picked from commit 2de89ee9de
2016-02-29 07:17:31 +11:00
Mark Andrews
7cd300abd6
4322. [security] Duplicate EDNS COOKIE options in a response could
...
trigger an assertion failure. (CVE-2016-2088)
[RT #41809 ]
(cherry picked from commit 455c0848f8
2016-02-27 11:46:16 +11:00
Mark Andrews
f0eb27c402
4321. [bug] Zones using mapped files containing out-of-zone data
...
could return SERVFAIL instead of the expected NODATA
or NXDOMAIN results. [RT #41596 ]
(cherry picked from commit f9da4a8e54
2016-02-24 11:25:04 +11:00
Tinderbox User
c2d5cfa264
update copyright notice / whitespace
2016-02-23 23:46:00 +00:00
Mukund Sivaraman
c685f0d741
Fix allocation for "none" ACL that caused assertion failure ( #41745 )
...
(cherry picked from commit 293a9e9978
2016-02-23 12:57:08 +05:30
Mukund Sivaraman
456e1eadd2
Fix resolver assertion failure due to improper DNAME handling (CVE-2016-1286) ( #41753 )
...
(cherry picked from commit 5995fec51c
2016-02-22 12:24:15 +05:30
Tinderbox User
160c8ad89d
update copyright notice / whitespace
2016-02-18 23:45:59 +00:00
Mark Andrews
e7e15d1302
4318. [security] Malformed control messages can trigger assertions
...
in named and rndc. (CVE-2016-1285) [RT #41666 ]
(cherry picked from commit a2b15b3305
2016-02-18 12:12:02 +11:00
Mark Andrews
849e9d6dce
4317. [bug] Age all unused servers on fetch timeout. [RT #41597 ]
...
(cherry picked from commit d372f426ca
2016-02-12 12:34:49 +11:00
Mark Andrews
47eb670742
copyrights / whitespace
2016-02-11 10:45:43 +11:00
Mukund Sivaraman
6f3e21cd9b
Remove nodechain from dns_rbt_addnode() ( #41246 )
...
(cherry picked from commit 9267cc8e83
2016-02-08 15:40:20 +05:30
Mukund Sivaraman
400dd1020c
Add tests for hash function, and comment dns_rbt_addnode() ( #41179 )
...
No CHANGES entry necessary.
(cherry picked from commit 614ce1b65f
2016-02-08 14:53:24 +05:30
Mark Andrews
c0a2b2672f
4312. [bug] dig's unknown dns and edns flags (MBZ value) logging
...
was not consistent. [RT #41600 ]
(cherry picked from commit 8d00c5ab2c
2016-02-02 14:19:41 +11:00
Tinderbox User
724704f65b
update copyright notice / whitespace
2016-02-01 23:45:54 +00:00
Mukund Sivaraman
6e2e0f72b1
Use __built_expect() where available ( #41411 )
...
(cherry picked from commit d1dbf6b20f
2016-02-01 09:07:12 +05:30
Evan Hunt
83289a39b0
[v9_10] removed /Gy- from VS project files
...
4302. [port] win32: fixed a build error in VS 2015. [RT #41426 ]
2016-01-27 15:29:53 -08:00
Tinderbox User
ecad80c2c4
update copyright notice / whitespace
2016-01-21 23:45:50 +00:00
Mark Andrews
9fa2a6f92f
4299. [bug] Check that exactly totallen bytes are read when
...
reading a RRset from raw files in both single read
and incremental modes. [RT #41402 ]
(cherry picked from commit 1d383fd4b2
2016-01-21 15:33:41 +11:00
Mark Andrews
0be82a114d
4298. [bug] dns_rpz_add errors in loadzone were not being
...
propogated up the call stack. [RT #41425 ]
(cherry picked from commit 3ecc17d551
2016-01-21 14:43:30 +11:00
Evan Hunt
847eacdf56
[v9_10] fix unchecked result
...
4295. [bug] An unchecked result in dns_message_pseudosectiontotext()
could allow incorrect text formatting of EDNS EXPIRE
options. [RT #41437 ]
2016-01-20 17:19:47 -08:00
Mark Andrews
84fbd9a186
4293. [bug] Address memory leak on priming query creation failure.
...
[RT #41512 ]
(cherry picked from commit 73fbd4c9d3
2016-01-20 16:39:01 +11:00
Tinderbox User
b66f98643d
update copyright notice / whitespace
2016-01-14 23:45:45 +00:00
Evan Hunt
25da0107d1
[v9_10] added sockaddr.h
...
4291. [cleanup] Added a required include to dns/forward.h. [RT #41474 ]
(cherry picked from commit b4ccec331d
2016-01-14 10:27:35 -08:00
Francis Dupont
59765f985e
Fixed small bugs in WIN32 legacy
2016-01-13 15:24:11 +01:00
Tinderbox User
29846050bb
update copyright notice / whitespace
2016-01-05 23:45:56 +00:00
Evan Hunt
8dd83ecf37
[v9_10] check addrlen/scopelen fit within family address length
2016-01-05 13:40:06 -08:00
Evan Hunt
0bcdd1a803
[v9_10] check ECS address length
2016-01-05 12:28:22 -08:00
Francis Dupont
74ee48f067
Silent WIN64 warnings (alrady fixed in master)
2016-01-05 18:57:28 +01:00
Francis Dupont
7378c35a18
Silent WIN64 warnings
2016-01-05 18:39:22 +01:00
Evan Hunt
79e824b2eb
[v9_10] fix use after free on xfr timeout
...
4289. [bug] The server could crash due to memory being used
after it was freed if a zone transfer timed out.
[RT #41297 ]
2016-01-04 22:06:05 -08:00
Evan Hunt
b4cf962eef
[v9_10] fixed bogus server regression
...
4288. [bug] Fixed a regression in resolver.c:possibly_mark()
which caused known-bogus servers to be queried
anyway. [RT #41321 ]
2016-01-04 16:01:38 -08:00
Francis Dupont
def7e9796f
Updated WIN32 files (rt40877) bis
2016-01-04 18:55:57 +01:00
Francis Dupont
9c88ac2977
Updated WIN32 files (rt40877)
2016-01-04 18:31:53 +01:00
Tinderbox User
66035c86ad
update copyright notice / whitespace
2015-12-31 11:45:18 +00:00
Mark Andrews
a9eeaea7d6
4286. [security] render_ecs errors were mishandled when printing out
...
a OPT record resulting in a assertion failure.
(CVE-2015-8705) [RT #41397 ]
(cherry picked from commit 3e0c1603a8
2015-12-31 22:19:31 +11:00
Mark Andrews
8725470692
4285. [security] Specific APL data could trigger a INSIST.
...
(CVE-2015-8704) [RT #41396 ]
(cherry picked from commit 1b3d211802
2015-12-31 13:45:36 +11:00
Tinderbox User
c4558976df
update copyright notice / whitespace
2015-12-27 23:45:52 +00:00
Evan Hunt
a65eda95d0
[v9_10] fix geoip options
...
4284. [bug] Some GeoIP options were incorrectly documented
using abbreviated forms which were not accepted by
named. The code has been updated to allow both
long and abbreviated forms. [RT #41381 ]
2015-12-26 10:51:30 -08:00
Mark Andrews
2688aba48d
4383. [bug] OPENSSL_config is no longer re-callable. [RT #41348 ]
...
(cherry picked from commit bed6e9d614
2015-12-24 10:33:17 +11:00
Mark Andrews
a3b1ba34fb
don't mix IPv4 and IPv6 capability bits
...
(cherry picked from commit 27deca2bf0
2015-12-17 08:27:34 +11:00
Curtis Blackburn
30ef44bbfb
[rt41269] additional tests for dig and delv,
...
fix for --disable-ipv6 on osx,
fixes for tests with --disable-ipv6
2015-12-15 15:18:49 -08:00
Mark Andrews
d090709551
4281. [bug] Teach dns_message_totext about BADCOOKIE. [RT #41257 ]
...
(cherry picked from commit f647c0df9f
2015-12-15 20:02:37 +11:00
Mark Andrews
af503b42d4
4279. [test] Don't use fixed ports when unit testing. [RT #41194 ]
...
(cherry picked from commit 94c7301f6f
2015-12-15 12:51:29 +11:00
Tinderbox User
d82e5d1b64
update copyright notice / whitespace
2015-12-11 23:45:49 +00:00
Mark Andrews
8f63580655
whitespace
...
(cherry picked from commit 564968bc0a
2015-12-11 14:30:12 +11:00
Tinderbox User
c547a8836b
update copyright notice / whitespace
2015-12-10 23:46:42 +00:00
Evan Hunt
f5f9dc0d83
[master] comments
...
(cherry picked from commit f21d2ee372
2015-12-10 22:57:00 +05:30
Mukund Sivaraman
ff546376c4
Disable the RBT benchmark unittest
...
(cherry picked from commit 22f379298c
2015-12-10 22:56:46 +05:30
