ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
19,967 Commits 589 Branches 805 Tags
d0cc47cef94de7931a492e32ec3b25145560d16b
Commit Graph

1890 Commits

Author SHA1 Message Date
Automatic Updater
864efed762 update copyright notice 2011-03-05 23:47:52 +00:00
Scott Mann
c335ad72b8 Ensure that log files are plain files. (RT #22771) 2011-03-04 17:12:20 +00:00
Automatic Updater
6c4933f959 update copyright notice 2011-03-02 23:45:32 +00:00
Mark Andrews
b1be6b9273 3051. [bug] NS records obsure DS records at the bottom of the 
zone if both are present. [RT #23035]
 2011-03-02 04:41:36 +00:00
Automatic Updater
11b8a4afdf update copyright notice 2011-02-27 23:45:16 +00:00
Mark Andrews
901427ae62 3041. [bug] dnssec-signzone failed to generate new signatures on 
ttl changes. [RT #23330]
 2011-02-24 04:06:39 +00:00
Mark Andrews
920650f048 3040. [bug] Named failed to validate insecure zones where a node 
with a CNAME existed between the trust anchor and the
                        top of the zone. [RT #23338]
 2011-02-23 13:15:39 +00:00
Automatic Updater
b90ed94672 update copyright notice 2011-02-03 12:15:51 +00:00
Mark Andrews
a8fdb85512 3014. [bug] Fix the zonechecks system test to match expected 
behaviour for 9.4 and to fail on error. [RT #22905]
 2011-02-03 07:56:33 +00:00
Automatic Updater
136ee1782b update copyright notice 2011-01-14 00:49:54 +00:00
Mark Andrews
8691060ac8 silence: warning: format not a string literal and no format arguments 2011-01-14 00:45:40 +00:00
Mark Andrews
d5e5c8d8f7 convert to 9.4 syntax and algorithms 2010-11-17 10:11:43 +00:00
Mark Andrews
5d51096644 initalise n 2010-11-17 10:10:55 +00:00
Mark Andrews
f067658513 genrandom is not in tools in 9.4 2010-11-17 09:12:52 +00:00
Automatic Updater
09065d8286 update copyright notice 2010-11-16 23:45:24 +00:00
Mark Andrews
b78658f143 2970. [security] Adding a NO DATA negative cache entry failed to clear 
any matching RRSIG records.  A subsequent lookup of
                        of NO DATA cache entry could trigger a INSIST when the
                        unexpected RRSIG was also returned with the NO DATA
                        cache entry.  [RT #22288]
 2010-11-16 08:01:09 +00:00
Mark Andrews
a407ead333 2968. [security] Named could fail to prove a data set was insecure 
before marking it as insecure.  One set of conditions
                        that can trigger this occurs naturally when rolling
                        DNSKEY algorithms.  [RT #22309]

Had to adjust the test to use RSAMD5 -> RSASH1 as we need to use algorithms
supported by 9.4.
 2010-11-16 04:17:44 +00:00
Automatic Updater
17a382ffd1 update copyright notice 2010-08-17 23:45:18 +00:00
Mark Andrews
776eb07d6c update default id range to match that used (1..6) 2010-08-17 04:12:05 +00:00
Automatic Updater
6c82c34716 update copyright notice 2010-06-04 23:46:02 +00:00
Automatic Updater
bda132bcaf update copyright notice 2010-06-03 23:46:10 +00:00
Mark Andrews
1a677bc3f7 2904. [bug] When using DLV, sub-zones of the zones in the DLV, 
could be incorrectly marked as insecure instead of
                        secure leading to negative proofs failing.  This was
                        a unintended outcome from change 2890. [RT# 21392]
 2010-06-03 00:36:02 +00:00
Mark Andrews
eb12f97615 2900. [bug] The placeholder negative caching element was not 
properly constructed triggering a INSIST in
                        dns_ncache_towire(). [RT #21346]
 2010-06-03 00:21:52 +00:00
cvs2git
7d36018674 This commit was manufactured by cvs2git to create branch 'v9_4'. 2010-05-27 23:51:09 +00:00
Automatic Updater
248b9ab0b0 update copyright notice 2010-05-27 23:51:08 +00:00
Automatic Updater
051dec6fb7 update copyright notice 2010-05-26 23:50:47 +00:00
Mark Andrews
b4c6ce22d0 call sign.sh robustly 2010-05-26 07:00:37 +00:00
Mark Andrews
e27d55e3ee 2904. [bug] When using DLV, sub-zones of the zones in the DLV, 
could be incorrectly marked as insecure instead of
                        secure leading to negative proofs failing.  This was
                        a unintended outcome from change 2890. [RT# 21392]
 2010-05-26 06:28:00 +00:00
Automatic Updater
15c961a1dd update copyright notice 2010-05-19 09:33:50 +00:00
Mark Andrews
5ae2eac4c1 2902. [func] Add regression test for change 2897. [RT #21040] 2010-05-19 07:45:38 +00:00
Mark Andrews
b667946fa5 2900. [bug] The placeholder negative caching element was not 
properly constructed triggering a INSIST in
                        dns_ncache_towire(). [RT #21346]
 2010-05-19 06:39:50 +00:00
Mark Andrews
44f175a90a 2892. [bug] Handle REVOKED keys better. [RT #20961] 2010-05-14 04:38:52 +00:00
Mark Andrews
f2ae969065 handle revoke changes 2010-05-06 11:28:20 +00:00
Automatic Updater
4d42b714be update copyright notice 2010-03-04 23:50:34 +00:00
Mark Andrews
56c2c3835f 10.53.0.1 through 10.53.0.5 -> 10.53.0.1 through 10.53.0.7 2010-03-04 20:34:16 +00:00
Evan Hunt
ecde9a1cd5 smartsign fails on slow machines. delay the timing-sensitive 
dnssec-settime call as long as possible.
 2010-01-19 15:54:45 +00:00
Automatic Updater
6bb1560124 update copyright notice 2010-01-18 23:48:40 +00:00
Evan Hunt
e11a0c114c 2841. [func] Added "smartsign" and improved "autosign" and 
"dnssec" regression tests. [RT #20865]
 2010-01-18 19:19:31 +00:00
Automatic Updater
5bdf8cd3c2 update copyright notice 2010-01-13 23:48:59 +00:00
Evan Hunt
20624f43c3 removed lines inadvertently committed 2010-01-13 19:29:38 +00:00
Automatic Updater
65d1486535 update copyright notice 2010-01-11 23:48:37 +00:00
Francis Dupont
a91029a00e Prevent Linux spurious warnings about fwrite(). [RT #20812] 2010-01-11 10:49:14 +00:00
Automatic Updater
a30c7003af update copyright notice 2010-01-07 23:48:54 +00:00
Automatic Updater
8f7aff9340 update copyright notice 2010-01-07 23:46:07 +00:00
Evan Hunt
e4cb322618 2831. [security] Do not attempt to validate or cache 
out-of-bailiwick data returned with a secure
			answer; it must be re-fetched from its original
			source and validated in that context. [RT #20819]
 2010-01-07 17:49:50 +00:00
cvs2git
9300b13653 This commit was manufactured by cvs2git to create branch 'v9_4'. 2010-01-07 16:48:24 +00:00
Evan Hunt
597642c0ba 2831. [security] Do not attempt to validate or cache 
out-of-bailiwick data returned with a secure
			answer; it must be re-fetched from its original
			source and validated in that context. [RT #20819]
 2010-01-07 16:48:23 +00:00
Automatic Updater
51ae9cb9f8 update copyright notice 2009-12-30 23:46:04 +00:00
Tatuya JINMEI 神明達哉
59721b321d 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)

Additional notes specific to 9.4-ESV:
- I needed to explicitly enable dnssec-validation in "pending" system tests
  because it's disabled by default for 9.4.  This is not a problem of this
  patch - the test was broken for 9.4 when it was first introduced.  Another
  reason why we need more detailed tests.
- I modified the test case for 9.4 so that it allows pending-additional-to-answer
   promotion as 9.4 doesn't include this bug fix.
 2009-12-30 08:55:48 +00:00
cvs2git
5a435720cd This commit was manufactured by cvs2git to create branch 'v9_4'. 2009-12-30 08:02:24 +00:00