ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
25,303 Commits 589 Branches 805 Tags
cb4e0ef4e2c8a942f99af6ecc6aa564c903b00a0
Commit Graph

800 Commits

Author SHA1 Message Date
Mark Andrews
ad127d839d 3341. [func] New "dnssec-verify" command checks a signed zone 
to ensure correctness of signatures and of NSEC/NSEC3
                        chains. [RT #23673]
 2012-06-25 13:57:32 +10:00
Tinderbox User
dba3c818ae regen master 2012-06-23 01:04:31 +00:00
Tinderbox User
3b398443f0 update copyright notice 2012-06-21 23:46:36 +00:00
Evan Hunt
6844e3f010 Add documentation for 'fast' format 2012-06-21 15:39:56 -07:00
ckb
7829fad409 merging fast format zone files 
Conflicts:
	.gitignore
	bin/named/zoneconf.c
	bin/tests/.gitignore
	bin/tests/system/autosign/tests.sh
	bin/tests/system/masterformat/clean.sh
	bin/tests/system/masterformat/ns1/compile.sh
	bin/tests/system/masterformat/tests.sh
	configure
	lib/dns/db.c
	lib/dns/include/dns/db.h
	lib/dns/include/dns/types.h
	lib/dns/master.c
	lib/dns/masterdump.c
	lib/dns/rbt.c
	lib/dns/rbtdb.c
	lib/dns/sdb.c
	lib/dns/sdlz.c
	lib/dns/tests/.cvsignore
	lib/dns/tests/Makefile.in
	lib/dns/win32/libdns.def
	lib/dns/xfrin.c
	lib/dns/zone.c
	lib/export/dns/Makefile.in
	lib/isc/include/isc/file.h
	lib/isc/unix/file.c
	lib/isc/win32/file.c
	lib/isccfg/namedconf.c
 2012-06-20 14:13:12 -05:00
Mark Andrews
7865ea9545 3339. [func] Allow the maximum supported rsa exponent size to be specified: "max-rsa-exponent-size <value>;" [RT #29228] 2012-06-14 15:44:20 +10:00
Tinderbox User
cd791043c8 regen master 2012-05-03 01:04:16 +00:00
Tinderbox User
99d8f5a704 update copyright notice 2012-05-02 23:45:44 +00:00
Mark Andrews
aaaf8d4f48 3317. [func] Add ECDSA support (RFC 6605). [RT #21918] 2012-05-02 23:20:17 +10:00
Tinderbox User
ea94d37012 regen master 2012-03-07 01:41:11 +00:00
Evan Hunt
e41d5a00bc added gitignore, removed cvsignore 2012-03-03 23:10:05 -08:00
Automatic Updater
97e74139b1 regen HEAD 2011-12-22 18:10:11 +00:00
Evan Hunt
f30785f506 3252. [bug] When master zones using inline-signing were 
updated while the server was offline, the source
			zone could fall out of sync with the signed
			copy. They can now resynchronize. [RT #26676]
 2011-12-22 07:32:41 +00:00
Automatic Updater
72938578c9 regen HEAD 2011-12-10 01:14:53 +00:00
Mark Andrews
b11fd36119 move declaration to start of block 2011-12-08 23:45:02 +00:00
Evan Hunt
b4d8192d21 3241. [func] Extended the header of raw-format master files to 
include the serial number of the zone from which
			they were generated, if different (as in the case
			of inline-signing zones).  This is to be used in
			inline-signing zones, to track changes between the
			unsigned and signed versions of the zone, which may
			have different serial numbers.

			(Note: raw zonefiles generated by this version of
			BIND are no longer compatble with prior versions.
			To generate a backward-compatible raw zonefile
			using dnssec-signzone or named-compilezone, specify
			output format "raw=0" instead of simply "raw".)
			[RT #26587]
 2011-12-08 16:07:22 +00:00
Mark Andrews
411d2914ad 3226. [bug] Address minor resource leakages. [RT #26624] 2011-11-30 00:48:51 +00:00
Automatic Updater
2628293c6e regen HEAD 2011-11-08 01:14:50 +00:00
Automatic Updater
0237221b8a update copyright notice 2011-11-07 23:46:50 +00:00
Evan Hunt
d9eebc0849 3211. [func] dnssec-signzone: "-f -" prints to stdout; "-O full" 
option prints in single-line-per-record format.
			[RT #20287]
 2011-11-07 23:16:31 +00:00
Automatic Updater
77dccf2a5d regen HEAD 2011-11-05 01:14:51 +00:00
Evan Hunt
d7be2b79ed 3198. [doc] Clarified that dnssec-settime can alter keyfile 
permissions. [RT #24866]
 2011-11-03 20:21:37 +00:00
Automatic Updater
e839bf134f regen HEAD 2011-10-26 01:14:53 +00:00
Mark Andrews
b1c6de5456 3177. [func] 'rndc keydone', remove the indicator record that 
named has finished signing the zone with the
                        corresponding key.  [RT #26206]
 2011-10-25 01:54:22 +00:00
Mark Andrews
f49d12edf8 remove redundant assignment and variable 2011-10-21 03:55:33 +00:00
Automatic Updater
12bfbed87c regen HEAD 2011-10-21 01:14:51 +00:00
Automatic Updater
dfc015bc7e update copyright notice 2011-10-20 23:46:51 +00:00
Mark Andrews
1946c596b4 3174. [bug] Always compute to revoked key tag from scratch. 
[RT #24711]
 2011-10-20 21:20:02 +00:00
Evan Hunt
653a78de95 3165. [bug] dnssec-signzone could generate new signatures when 
resigning, even when valid signatures were already
			present. [RT #26025]
 2011-10-11 19:26:06 +00:00
Evan Hunt
ab6c20f978 fix whitespace 2011-09-03 05:51:29 +00:00
Mark Andrews
3a63259484 3143. [bug] Silence clang compiler warnings. [RT #25174] 2011-08-18 04:52:35 +00:00
Automatic Updater
3d73f493d0 update copyright notice 2011-07-19 23:47:48 +00:00
Mark Andrews
96ade2bc52 3134. [bug] Improve the accuracy of dnssec-signzone's signing 
statistics. [RT #16030]
 2011-07-19 04:09:27 +00:00
Evan Hunt
79ce3a9e82 3128. [func] Inserting an NSEC3PARAM via dynamic update in an 
auto-dnssec zone that has not been signed yet
			will cause it to be signed with the specified NSEC3
			parameters when keys are activated.  The
			NSEC3PARAM record will not appear in the zone until
			it is signed, but the parameters will be stored.
			[RT #23684]
 2011-06-10 01:51:09 +00:00
Evan Hunt
6b95b91c61 3122. [cleanup] dnssec-settime: corrected usage message. [RT #24664] 2011-06-02 20:24:45 +00:00
Evan Hunt
be84733145 3110. [bug] dnssec-signzone: Wrong error message could appear 
when attempting to sign with no KSK. [RT #24369]
 2011-05-07 00:31:13 +00:00
Evan Hunt
485522d7e1 3108. [cleanup] dnssec-signzone: Clarified some error and 
warning messages; removed #ifdef ALLOW_KSKLESS_ZONES
			code (use -P instead). [RT #20852]

3107.	[bug]		dnssec-signzone: Report the correct number of ZSKs
			when using -x. [RT #20852]
 2011-05-06 21:08:33 +00:00
Automatic Updater
795a316ec5 regen HEAD 2011-03-28 01:14:35 +00:00
Mark Andrews
2ae23f7fc6 </para> -> <para> 2011-03-27 06:39:59 +00:00
Mark Andrews
fdc2d31c00 </para>-><para> 2011-03-25 03:08:44 +00:00
Automatic Updater
06140f733a update copyright notice 2011-03-24 23:47:48 +00:00
Mark Andrews
0a82492610 3089. [func] dnssec-dsfromkey now supports reading keys from 
standard input "dnssec-dsfromkey -f -". [RT# 20662]
 2011-03-24 02:10:23 +00:00
Evan Hunt
c2255e8614 Fixed a bug that was exposed by change #3085. 2011-03-22 03:19:38 +00:00
Automatic Updater
7717ec7a6a regen HEAD 2011-03-22 01:14:27 +00:00
Evan Hunt
dff7e38491 initialize delset 2011-03-21 16:17:57 +00:00
Evan Hunt
10a759cee6 3086. [bug] Running dnssec-settime -f on an old-style key will 
now force an update to the new key format even if no
			other change has been specified, using "-P now -A now"
			as default values.  [RT #22474]
 2011-03-21 15:56:35 +00:00
Evan Hunt
35f1a4fc93 3085. [func] New '-R' option in dnssec-signzone forces removal 
of signatures which have not yet expired but
			were generated by a key that no longer exists.
			[RT #22471]
 2011-03-21 07:26:47 +00:00
Mark Andrews
f79a36eeed silence: 'ttl' might be used uninitialized 2011-03-18 02:16:43 +00:00
Automatic Updater
a3f8c8e207 regen HEAD 2011-03-18 01:14:34 +00:00
Automatic Updater
207cee019e update copyright notice 2011-03-17 23:47:30 +00:00