ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
17,030 Commits 589 Branches 805 Tags
cf4e5a73a536f6ba5ca02859da34b69b3fa1a0cf
Commit Graph

7988 Commits

Author SHA1 Message Date
Evan Hunt
e2366995bf 2840. [bug] Change 2836 was not complete. [RT #20883] 2010-01-14 23:49:45 +00:00
Automatic Updater
74f601e769 update copyright notice 2010-01-13 23:48:20 +00:00
Evan Hunt
96c51eadc9 Commit to v9_7 some changes that had been left out: 
2838.	[bug]		A KSK revoked by named could not be deleted.
			[RT #20881]

2837.	[port]		Prevent Linux spurious warnings about fwrite().
			[RT #20812]
 2010-01-13 19:31:53 +00:00
Automatic Updater
2462656853 update copyright notice 2010-01-09 23:47:55 +00:00
Evan Hunt
5a51487062 2836. [bug] Keys that were scheduled to become active could 
be delayed. [RT #20874]
 2010-01-09 17:07:16 +00:00
Automatic Updater
3f818a717b update copyright notice 2010-01-08 23:50:05 +00:00
Evan Hunt
d01d2952a0 change "Unpublish" to "Inactive" in dst_parse.c (this was missed out of 
change 2677).
 2010-01-08 16:57:18 +00:00
Automatic Updater
ed0fd28aff update copyright notice 2010-01-07 23:48:16 +00:00
Evan Hunt
592adf7dc2 2834. [bug] HMAC-SHA* keys that were longer than the algorithm 
digest length were used incorrectly, leading to
			interoperability problems with other DNS
			implementations.  This has been corrected.
			(Note: If an oversize key is in use, and
			compatibility is needed with an older release of
			BIND, the new tool "isc-hmac-fixup" can convert
			the key secret to a form that will work with all
			versions.) [RT #20751]
 2010-01-07 21:53:05 +00:00
Shawn Routhier
49dd142346 Modify "struct stat" in lib/export/samples/nsprobe.c to avoid redefinition 
in some OSes - rt20831
 2010-01-07 18:37:02 +00:00
Evan Hunt
cf00dcb23a 2831. [security] Do not attempt to validate or cache 
out-of-bailiwick data returned with a secure
			answer; it must be re-fetched from its original
			source and validated in that context. [RT #20819]
 2010-01-07 16:49:12 +00:00
Automatic Updater
cd389dbb98 update copyright notice 2010-01-04 23:48:10 +00:00
Evan Hunt
e1585bf0f0 2830. [bug] Changing the OPTOUT setting could take multiple 
passes. [RT #20813]
 2010-01-04 22:47:17 +00:00
Evan Hunt
0b06e0cc38 2829. [bug] Fixed potential node inconsistency in rbtdb.c. 
[RT #20808]
 2010-01-04 22:29:42 +00:00
Automatic Updater
8bd217efdb update copyright notice 2009-12-30 23:48:30 +00:00
Tatuya JINMEI 神明達哉
6ca6cc975f 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:33:41 +00:00
Evan Hunt
a2ba550880 2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712] 2009-12-30 06:46:36 +00:00
Evan Hunt
ab70e4fd6d 2826. [bug] NSEC3->NSEC transitions could fail due to a lock not 
being released.  [RT #20740]
 2009-12-30 03:37:55 +00:00
Mark Andrews
724411ac1c more for: 
2824.   [bug]           "rndc sign" was not being run by the correct task.
                        [RT #20759]
 2009-12-30 02:28:13 +00:00
Mark Andrews
2b662f27f6 2824. [bug] "rndc sign" was not being run by the correct task. 
[RT #20759]
 2009-12-29 22:23:01 +00:00
Mark Andrews
9301f52243 2823. [bug] rbtdb.c:getsigningtime() was missing locks. [RT #20781] 2009-12-29 22:11:05 +00:00
Mark Andrews
c99979af3d 2822. [bug] rbtdb.c:loadnode() could return the wrong result. 
[RT #20802]
 2009-12-29 08:58:32 +00:00
Evan Hunt
5f7159f897 2819. [cleanup] Removed unnecessary DNS_POINTER_MAXHOPS define 
[RT #20771]
 2009-12-24 00:35:21 +00:00
Evan Hunt
4f3cf2cfb8 2816. [bug] previous_closest_nsec() could fail to return 
data for NSEC3 nodes [RT #29730]
 2009-12-23 23:43:37 +00:00
Mark Andrews
50c4837d55 2814. [func] Provide a definitive error message when a master 
zone is not loaded. [RT #20757]
 2009-12-21 04:30:50 +00:00
Automatic Updater
5470afd66b update copyright notice 2009-12-18 23:48:18 +00:00
Evan Hunt
7290687619 2813. [bug] Better handling of unreadable DNSSEC key files. 
[RT #20710]

2812.	[bug]		Make sure updates can't result in a zone with
			NSEC-only keys and NSEC3 records. [RT 20748]
 2009-12-18 22:13:54 +00:00
Mark Andrews
7994d42e88 2808. [bug] Remove the attempt to install atomic.h from lib/isc. 
atomic.h is correctly installed by the architecture
                        specific subdirectories.  [RT #20722]
 2009-12-18 04:09:55 +00:00
Evan Hunt
5f7cebc478 2807. [bug] Fixed a possible ASSERT when reconfiguring zone 
keys. [RT #20720]
 2009-12-11 01:06:12 +00:00
Evan Hunt
b8b602f89b 2806. [bug] "rdnc sign" could delay re-signing the DNSKEY 
when it had changed. [RT #20703]
 2009-12-07 20:51:12 +00:00
Evan Hunt
daa4933c4d prep for 9.7.0rc1 2009-12-06 02:54:26 +00:00
Evan Hunt
c7611c7dd2 prep for 9.7.0rc1 release 2009-12-06 02:31:42 +00:00
Evan Hunt
12178c8652 2805. [bug] Fixed namespace problems encountered when building 
external programs using non-exported BIND9 libraries
			(i.e., built without --enable-exportlib). [RT #20679]
 2009-12-05 23:31:41 +00:00
Evan Hunt
d4d836350f add .cvsignore files 2009-12-05 05:36:03 +00:00
Evan Hunt
c2f095969c oops: missed a declaration, and forgot to lock the zone before clearing 
the flag.  (and accidentally ran make tests in the wrong tree, misleading
myself into thinking it was fine.)
 2009-12-05 01:25:43 +00:00
Evan Hunt
d601ef9e89 2804. [bug] Send notifies when a zone is signed with "rndc sign" 
or as a result of a scheduled key change. [RT #20700]
 2009-12-04 22:45:11 +00:00
Automatic Updater
4b6dc226f7 update copyright notice 2009-12-04 22:06:37 +00:00
Mark Andrews
3d17a3ba61 2801. [func] Detect and report records that are different according 
to DNSSEC but are sematically equal according to plain
                        DNS.  Apply plain DNS comparisons rather than DNSSEC
                        comparisons when processing UPDATE requests.
                        dnssec-signzone now removes such semantically duplicate
                        records prior to signing the RRset.

                        named-checkzone -r {ignore|warn|fail} (default warn)
                        named-compilezone -r {ignore|warn|fail} (default warn)

                        named.conf: check-dup-records {ignore|warn|fail};
 2009-12-04 21:09:34 +00:00
Mark Andrews
5d850024cb 2800. [func] Reject zones which have NS records which refer to 
CNAMEs, DNAMEs or don't have address record (class IN
                        only).  Reject UPDATEs which would cause the zone
                        to fail the above checks if committed. [RT #20678]
 2009-12-04 03:33:15 +00:00
Evan Hunt
8e4f3f1cbc 2799. [cleanup] Changed the "secure-to-insecure" option to 
"dnssec-secure-to-insecure", and "dnskey-ksk-only"
			to "dnssec-dnskey-kskonly", for clarity. [RT #20586]
 2009-12-03 23:18:17 +00:00
Evan Hunt
22304041d1 typo caused a missing semicolon 2009-12-03 16:49:09 +00:00
Evan Hunt
e6dda86e8b 2798. [bug] Addressed bugs in managed-keys initialization 
and rollover. [RT #20683]
 2009-12-03 15:40:03 +00:00
Mark Andrews
2a0d4c4d6b 2797. [bug] Don't decrement the dispatch manager's maxbuffers. 
[RT #20613]
 2009-12-02 23:15:14 +00:00
Mark Andrews
d524a81532 2796. [bug] Missing dns_rdataset_disassociate() call in 
dns_nsec3_delnsec3sx(). [RT #20681]
 2009-12-01 05:28:40 +00:00
Evan Hunt
feeca57f18 2795. [cleanup] Add text to differentiate "update with no effect" 
log messages. [RT #18889]
 2009-12-01 00:47:09 +00:00
Mark Andrews
8b37c0dd6e 2794. [bug] Install <isc/namespace.h>. [RT #20677] 2009-11-30 21:34:57 +00:00
Vernon Schryver
5d9922e86f Allow the optional filter-aaaa-on-v4 option in view statements to close #20635 2009-11-28 15:57:37 +00:00
Automatic Updater
3e920dd0c6 update copyright notice 2009-11-26 23:48:14 +00:00
Mark Andrews
66ecb6789b 2790. [bug] Handle DS queries to stub zones. 2009-11-26 03:28:19 +00:00
Automatic Updater
2b2fc9b4df update copyright notice 2009-11-25 23:49:22 +00:00