Tinderbox User
cd80053809
update copyright notice / whitespace
2015-08-07 23:46:19 +00:00
Evan Hunt
0d83784a75
[v9_9] address buffer accounting error
...
4168. [security] A buffer accounting error could trigger an
assertion failure when parsing certain malformed
DNSSEC keys. (CVE-2015-5722) [RT #40212 ]
(cherry picked from commit ce9f893e21
2015-08-07 13:22:40 -07:00
Mukund Sivaraman
4df82d6ab8
Remove missing symbols (Windows)
2015-07-31 20:33:06 +05:30
Mukund Sivaraman
5cfbc228ca
Bump api versions for 9.9.8b1
2015-07-31 19:42:23 +05:30
Mukund Sivaraman
d6ef589b99
Fix win32 build (UNUSED is present later)
...
(cherry picked from commit 63dcc28d3e
2015-07-31 15:01:20 +05:30
Mark Andrews
5dc3a1c3d3
4165. [bug] An failure to reset a value to NULL in tkey.c could
...
result in an assertion failure. (CVE-2015-5477)
[RT #40046 ]
(cherry picked from commit dbb064aa79
2015-07-14 14:49:21 +10:00
Tinderbox User
cc1a709402
update copyright notice / whitespace
2015-07-13 23:46:09 +00:00
Mark Andrews
82b6caf613
4164. [bug] Don't rename slave files and journals on out of memory.
...
[RT #40033 ]
4163. [bug] Address compiler warnings. [RT #40024 ]
(cherry picked from commit 3a49d0ff10
2015-07-13 09:49:09 +10:00
Mark Andrews
e0fd534cdd
4162. [bug] httpdmgr->flags was not being initialized. [RT #40017 ]
...
(cherry picked from commit 0bc743f9bc
2015-07-10 18:44:16 +10:00
Tinderbox User
835eaef8e3
update copyright notice / whitespace
2015-07-09 23:46:11 +00:00
Evan Hunt
400f206788
[v9_9] fix build error with ISC_MEM_TRACKLINES=0
2015-07-09 14:24:29 -07:00
Evan Hunt
c1009e506a
[v9_9] add missing functions
2015-07-09 00:04:25 -07:00
Evan Hunt
ea36796f82
[v9_9] DDoS mitigation features
...
3938. [func] Added quotas to be used in recursive resolvers
that are under high query load for names in zones
whose authoritative servers are nonresponsive or
are experiencing a denial of service attack.
- "fetches-per-server" limits the number of
simultaneous queries that can be sent to any
single authoritative server. The configured
value is a starting point; it is automatically
adjusted downward if the server is partially or
completely non-responsive. The algorithm used to
adjust the quota can be configured via the
"fetch-quota-params" option.
- "fetches-per-zone" limits the number of
simultaneous queries that can be sent for names
within a single domain. (Note: Unlike
"fetches-per-server", this value is not
self-tuning.)
- New stats counters have been added to count
queries spilled due to these quotas.
These options are not available by default;
use "configure --enable-fetchlimit" (or
--enable-developer) to include them in the build.
See the ARM for details of these options. [RT #37125 ]
2015-07-08 23:00:58 -07:00
Tinderbox User
d23960eb33
update copyright notice / whitespace
2015-07-07 23:46:10 +00:00
Mark Andrews
bb53e1de90
remove extranious )
2015-07-07 20:49:19 +10:00
Mark Andrews
8f40aae418
restore 9.9 style output
2015-07-07 18:09:06 +10:00
Mark Andrews
61299de7c3
unknown family is now a error
2015-07-07 17:55:15 +10:00
Mark Andrews
5e210b5fe5
4158. [protocol] Support the printing of EDNS COOKIE options.
...
[RT #39928 ]
2015-07-07 15:49:36 +10:00
Mark Andrews
f5386a21a8
4154. [bug] A OPT record should be included with the FORMERR
...
response when there is a malformed EDNS option.
[RT #39647 ]
4153. [bug] Check that non significant ECS bits are zero on
receipt. [RT #39647 ]
2015-07-06 16:34:48 +10:00
Tinderbox User
2043cb5835
update copyright notice / whitespace
2015-07-03 23:46:09 +00:00
Mark Andrews
83028bc232
4151. [bug] 'rndc flush' could cause a deadlock. [RT #39835 ]
2015-07-03 10:17:57 +10:00
Tinderbox User
c75c73b598
update copyright notice / whitespace
2015-07-01 23:46:06 +00:00
Mark Andrews
0a4dd766f6
4150. [bug] win32: listen-on-v6 { any; }; was not working. Apply
...
minimal fix. [RT #39667 ]
(cherry picked from commit 753b27a7d3
2015-07-01 11:52:17 +10:00
Mukund Sivaraman
fc0797977d
Fix a bug printing zone names with '/' character in XML and JSON stats ( #39873 )
...
(cherry picked from commit 08f0129732f69f188b90
2015-06-30 14:45:13 +05:30
Tinderbox User
8780da5841
update copyright notice / whitespace
2015-06-29 23:46:07 +00:00
Mukund Sivaraman
ad0a9403c3
Fix race in getaddrinfo() in libirs ( #39873 )
...
(cherry picked from commit c44c77178e6141f501d9
2015-06-29 19:51:23 +05:30
Mark Andrews
6f02a4e2a6
4147. [bug] Filter-aaaa / filter-aaaa-on-v4 / filter-aaaa-on-v6
...
was returning referrals rather than nodata responses
when the AAAA records were filtered. [RT #39843 ]
(cherry picked from commit 4a61eae651
2015-06-29 15:49:19 +10:00
Mark Andrews
1ef6de05cd
4146. [bug] Address reference leak that could prevent a clean
...
shutdown. [RT #37125 ]
(cherry picked from commit adbf81335b
2015-06-25 18:36:58 +10:00
Mark Andrews
f02f4ce874
4145. [bug] Not all unassociated adb entries where being printed.
...
[RT #37125 ]
(cherry picked from commit 2f66e2dd81
2015-06-25 18:28:14 +10:00
Mark Andrews
07ab217f7f
4143. [bug] serial-query-rate was not effective for notify.
...
[RT #39858 ]
(cherry picked from commit be4b9178f0
2015-06-24 20:55:30 +10:00
Mukund Sivaraman
22f467116c
Fix parsing of NZFs saved by rndc addzone with view specified ( #39845 )
...
(cherry picked from commit 0439bfedd98134e7662e
2015-06-23 15:01:26 +05:30
Mark Andrews
cef5a9fe72
don't use C++ keyword new; use (const char *) for output of strchr((const char *), char)
...
(cherry picked from commit d4422ec231
2015-06-18 11:16:20 +10:00
Mark Andrews
60c101120e
4138. [bug] A uninitialized value in validator.c could result
...
in a assertion failure. (CVE-2015-4620) [RT #39795 ]
(cherry picked from commit a85c6b35aff7d53a6f3b
2015-06-17 09:18:27 +10:00
Mark Andrews
18dd646c3e
update comment as per rt39703
2015-06-05 11:08:27 +10:00
Mark Andrews
a72248d413
silence coverity warnings
...
(cherry picked from commit e0fea0bf85
2015-05-30 17:45:18 +10:00
Mark Andrews
c303b3a033
add INSIST to silence coverity
...
(cherry picked from commit 03089dd420
2015-05-30 17:37:42 +10:00
Tinderbox User
2a71b08491
update copyright notice / whitespace
2015-05-28 23:46:13 +00:00
Mark Andrews
263cbd6fa1
4130. [bug] The compatability shim for *printf() misprinted some
...
large numbers. [RT #39586 ]
(cherry picked from commit 38c19e5779
2015-05-29 07:25:31 +10:00
Mark Andrews
f86443709f
fix typo
2015-05-28 18:35:01 +10:00
Mark Andrews
03d6a43845
fix merge error
2015-05-28 16:31:35 +10:00
Mark Andrews
4adbc24505
4129. [port] Address API changes in OpenSSL 1.1.0. [RT #39532 ]
...
(cherry picked from commit 8bb630c751
2015-05-28 14:41:59 +10:00
Mark Andrews
8167dedf5e
Handle git commit -mifdef BIND9 case
2015-05-28 14:07:56 +10:00
Mark Andrews
64b34aee39
4128. [bug] Address issues raised by Coverity 7.6. [RT #39537 ]
...
(cherry picked from commit e53e202ef3
2015-05-28 13:26:19 +10:00
Tinderbox User
118ba5c7f3
update copyright notice / whitespace
2015-05-27 23:46:14 +00:00
Mark Andrews
f302a82da9
add dns_zone_cdscheck
...
(cherry picked from commit e7b7ede003
2015-05-27 16:18:44 +10:00
Mark Andrews
f381cb86da
4127. [protocol] CDS and CDNSKEY need to be signed by the key signing
...
key as per RFC 7344, Section 4.1. [RT #37215 ]
(cherry picked from commit 598b502695
2015-05-27 15:45:46 +10:00
Mark Andrews
a5df8b2945
use unsigned constants
...
(cherry picked from commit 5af7557757
2015-05-24 12:54:40 +10:00
Tinderbox User
a644e40d6c
update copyright notice / whitespace
2015-05-23 23:47:21 +00:00
Mark Andrews
50a4326d7b
#undef before #define
...
(cherry picked from commit 503f0b324a
2015-05-24 06:05:26 +10:00
Francis Dupont
c97747f92b
finished print.h stuff
2015-05-23 16:29:54 +02:00
