ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
25,303 Commits 589 Branches 805 Tags
cb4e0ef4e2c8a942f99af6ecc6aa564c903b00a0
Commit Graph

5405 Commits

Author SHA1 Message Date
Mark Andrews
cb4e0ef4e2 4659. [bug] Remove spurious log message about lmdb-mapsize 
not being supported when parsing builtin
                        configuration file. [RT #45618]

(cherry picked from commit 71cd6910ba)
 2017-07-28 16:03:24 +10:00
Mark Andrews
e3efc855f9 4658. [bug] Clean up build directory created by "setup.py install" 
immediately.  [RT #45628]

(cherry picked from commit e54f256bb4)
 2017-07-28 15:57:00 +10:00
Michał Kępień
e56c085458 [v9_11] Properly handle errors in rrchecker system test 
4657.	[bug]		rrchecker system test result could be improperly
			determined. [RT #45602]

(cherry picked from commit 984a28c771)
 2017-07-26 10:41:07 +02:00
Michał Kępień
6727802528 [v9_11] Process "port" and "dscp" for "default-masters" 
4656.	[bug]		Apply "port" and "dscp" values specified in catalog
			zone's "default-masters" option to the generated
			configuration of its member zones. [RT #45545]

(cherry picked from commit 383240d572)
 2017-07-26 09:29:38 +02:00
Mark Andrews
3d0f9f8cca fix RT number 
(cherry picked from commit cdc5e0cea0)
 2017-07-26 16:40:38 +10:00
Mark Andrews
72b322cde0 9.11.2 2017-07-24 17:26:26 +10:00
Mark Andrews
4d41be5f9e 4655. [bug] Lack of seccomp could be falsely reported. [RT #45599] 
(cherry picked from commit 4f4b94a042)
 2017-07-23 07:14:35 +10:00
Mark Andrews
bfde61d519 4654. [cleanup] Don't use C++ keywords delete, new and namespace. 
[RT #45538]

(cherry picked from commit 4bf32aa587)
 2017-07-21 12:28:58 +10:00
Mark Andrews
28ea558bc8 9.11.2rc2 2017-07-20 13:12:16 +10:00
Mark Andrews
8ed6c49f1a 4653. [bug] Reorder includes to move @DST_OPENSSL_INC@ and 
@ISC_OPENSSL_INC@ after shipped include directories.
                        [RT #45581]

(cherry picked from commit 124712666e)
 2017-07-20 11:52:29 +10:00
Mark Andrews
447dfe4f11 4653. [bug] Reorder includes in bin/nsupdate/Makefile.in. 
[RT #45581]

(cherry picked from commit a5a4cf96c6)
 2017-07-20 09:38:01 +10:00
Mark Andrews
42ae02626d correct for missing placeholder 2017-07-19 16:14:21 +10:00
Mark Andrews
6b56350522 4651. [bug] Nsupdate could attempt to use a zeroed address on 
server timeout. [RT #45417]

(cherry picked from commit 38edf586f9)
 2017-07-19 15:36:55 +10:00
Mark Andrews
41caed6e2d 4650. [test] Silence coverity warnings in tsig_test.c. [RT #45528] 
(cherry picked from commit c0ac259940)
 2017-07-19 14:35:51 +10:00
Evan Hunt
565535d182 [v9_11] prep 9.11.2 2017-07-16 13:44:23 -07:00
Mark Andrews
6045abbc9a update for 9.11.2rc1 2017-07-10 15:19:34 +10:00
Mark Andrews
f7d148398c 4649. [bug] The wrong zone was logged when a catalog zone is added. 
[RT #45520]

(cherry picked from commit abe5cf42b3)
 2017-07-10 10:37:25 +10:00
Mark Andrews
3a84275b10 4648. [bug] "rndc reconfig" on a slave no longer causes all member 
zones of configured catalog zones to be removed from
                        configuration. [RT #45310]

(cherry picked from commit 1e9b39fe26)
 2017-07-10 09:07:29 +10:00
Mark Andrews
398834f755 4647. [bug] Change 4643 broke verification of TSIG signed TCP 
message sequences where not all the messages contain
                        TSIG records.  These may be used in AXFR and IXFR
                        responses.  [RT #45509]
 2017-07-07 23:43:20 +10:00
Evan Hunt
28061f80b6 [v9_11] fix RSA parsing when md5 disabled 
4645.	[bug]		Fix PKCS#11 RSA parsing when MD5 is disabled.
			[RT #45300]

(cherry picked from commit b05b3fab3c)
 2017-06-29 15:54:35 -07:00
Evan Hunt
a03f4b1ea4 [v9_11] address TSIG bypass/forgery vulnerabilities 
4643.	[security]	An error in TSIG handling could permit unauthorized
			zone transfers or zone updates. (CVE-2017-3142)
			(CVE-2017-3143) [RT #45383]

(cherry picked from commit 581c1526ab)
 2017-06-27 11:39:33 -07:00
Evan Hunt
d315545e6d [v9_11] enhanced rfc 5011 logging 
4642.	[cleanup]	Add more logging of RFC 5011 events affecting the
			status of managed keys: newly observed keys,
			deletion of revoked keys, etc. [RT #45354]

(cherry picked from commit 0d90835d2a)
 2017-06-27 10:50:29 -07:00
Mark Andrews
a785bf2c39 add release marker 9.11.2b1 2017-06-26 11:48:13 +10:00
Mark Andrews
00f1312935 4641. [cleanup] Parallel builds (make -j) could fail with --with-atf / 
--enable-developer. [RT #45373]

(cherry picked from commit 1be7580be7)
 2017-06-26 10:01:52 +10:00
Mark Andrews
b2e7185306 4640. [bug] If query_findversion failed in query_getdb due to 
memory failure the error status was incorrectly
                        discarded. [RT #45331]

(cherry picked from commit b551ee14bd)
 2017-06-23 17:18:23 +10:00
Michał Kępień
42c1acfa47 4639. [bug] Fix a regression in --with-tuning reporting introduced 
by change 4488. [RT #45396]
 2017-06-23 08:18:20 +02:00
Evan Hunt
214b53880b [v9_11] prevent reload failure due to LMDB database perms 
4638.	[bug]		Reloading or reconfiguring named could fail on
			some platforms when LMDB was in use. [RT #45203]

(cherry picked from commit bf05e66bb3)
 2017-06-13 12:01:29 -07:00
Mark Andrews
dd5375de0a 4636. [bug] Normalize rpz policy zone names when checking for 
existence. [RT #45358]

(cherry picked from commit e85e95c19e)
 2017-06-13 13:07:23 +10:00
Mukund Sivaraman
3a58e1fefb Don't log NSDNAME failures as NSIP (#45052) 
(cherry picked from commit 2c11da8441)
 2017-06-12 14:11:32 +05:30
Mark Andrews
7c67b8c2b0 4634. [contrib] check5011.pl needs to handle optional space before 
semi-colon in +multi-line output. [RT #45352]

(cherry picked from commit ed2659c974)
 2017-06-11 22:05:13 +10:00
Mark Andrews
5aed5dc329 4633. [maint] Updated AAAA (2001:500:200::b) for B.ROOT-SERVERS.NET. 
(cherry picked from commit 9c179a5607)
 2017-06-02 11:48:54 +10:00
Mark Andrews
387f5e872d fix changes numbers 
(cherry picked from commit 5e1cedb130)
 2017-05-31 11:50:41 +10:00
Tinderbox User
8664a1bd40 update copyright notice / whitespace 2017-05-30 23:46:05 +00:00
Evan Hunt
c28e44f3f8 [v9_11] quote service registry paths 
4532.	[security]	The BIND installer on Windows used an unquoted
                        service path, which can enable privilege escalation.
			(CVE-2017-3141) [RT #45229]

(cherry picked from commit 967a3b9419)
 2017-05-30 13:38:22 -07:00
Evan Hunt
3440cf9c60 [v9_11] fix rpz formerr loop 
4531.	[security]	Some RPZ configurations could go into an infinite
			query loop when encountering responses with TTL=0.
			(CVE-2017-3140) [RT #45181]
 2017-05-30 12:35:06 -07:00
Mark Andrews
541ce84ff2 4530. [bug] "dyndb" is dependent on dlopen existing / being 
enabled. [RT #45291]

(cherry picked from commit ae903759c2)
 2017-05-30 11:32:06 +10:00
Mark Andrews
032d2134a4 4629. [bug] dns_client_startupdate could not be called with a 
running client. [RT #45277]

(cherry picked from commit e51d62ecae)
 2017-05-30 09:52:45 +10:00
Evan Hunt
fb9ef31fed [v9_11] Add DLZ db version to activeversions 
4628.	[bug]		Fixed a potential reference leak in query_getdb().
			[RT #45247]

(cherry picked from commit 594eadcc34)
 2017-05-28 14:29:58 -07:00
Evan Hunt
823ccd1f02 [v9_11] add chain ordering tests 
4626.	[test]		Added more tests for handling of different record
			ordering in CNAME and DNAME responses. [QA #430]
 2017-05-22 17:09:31 -07:00
Evan Hunt
403e7b4512 [v9_11] symbolic option names for dig +ednsopt 
4555.	[func]		dig +ednsopt: EDNS options can now be specified by
			name in addition to numeric value. [RT #44461]

(cherry picked from commit 25a9b90369)
 2017-05-16 10:08:17 -07:00
Evan Hunt
b6fa637fc8 [v9_11] don't keep an LMDB transaction open across an exclusive section 
4625.	[bug]		Running "rndc addzone" and "rndc delzone" at close
			to the same time could trigger a deadlock if using
			LMDB. [RT #45209]

(cherry picked from commit 03a7a952c0)
 2017-05-16 08:48:21 -07:00
Mark Andrews
ace5680c12 4623. [bug] Use --with-protobuf-c and --with-libfstrm to find 
protoc-c and fstrm_capture. [RT #45187]

(cherry picked from commit 366cff85a9)
 2017-05-11 18:30:41 +10:00
Mark Andrews
59d940391c 4622. [bug] Remove unnecessary escaping of semicolon in CAA and 
URI records. [RT #45216]

(cherry picked from commit 1611ceb8b2)
 2017-05-11 10:58:03 +10:00
Mark Andrews
6b432e1149 4621. [port] Force alignment of oid arrays to silence loader 
warnings. [RT #45131]

(cherry picked from commit 2fb1a0bdef)
 2017-05-11 09:25:00 +10:00
Mark Andrews
cb9345c996 4620. [port] Handle EPFNOSUPPORT being returned when probing 
to see if a socket type is supported. [RT #45214]

(cherry picked from commit d352a9db95)
 2017-05-11 07:58:44 +10:00
Mark Andrews
c935952ede 4619. [bug] Call isc_mem_put instead of isc_mem_free in 
bin/named/server.c:setup_newzones. [RT #45202]

(cherry picked from commit 0c18eb4783)
 2017-05-10 11:11:09 +10:00
Mark Andrews
9604a49da0 4618. [bug] Check isc_mem_strdup results in dns_view_setnewzones. 
Add logging for lmdb call failures. [RT #45204]

(cherry picked from commit d242bf393c)
 2017-05-10 10:51:48 +10:00
Mark Andrews
da5b569ddb 4617. [test] Update rndc system test to be more delay tolerant. 
[RT #45177]

(cherry picked from commit 31f4fb98e2)
 2017-05-09 04:10:49 +10:00
Evan Hunt
c83a306155 [v9_11] fix lmdb delzone 
4616.	[bug]		When using LMDB, zones deleted using "rndc delzone"
			were not correctly removed from the new-zone
			database. [RT #45185]

(cherry picked from commit 3a554a444c)
 2017-05-04 12:32:47 -07:00
Mark Andrews
ac9072210c 4615. [bug] AD could be set on truncated answer with no records 
present in the answer and authority sections.
                        [RT #45140]

(cherry picked from commit 33e94f501f)
 2017-05-03 07:52:02 +10:00