ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
16,021 Commits 589 Branches 805 Tags
d173a072dd2e85c136da80ace892ffec7930dd97
Commit Graph

312 Commits

Author SHA1 Message Date
Evan Hunt
cfb1587eb9 2619. [func] Add support for RFC 5011, automatic trust anchor 
maintenance.  The new "managed-keys" statement can
			be used in place of "trusted-keys" for zones which
			support this protocol.  (Note: this syntax is
			expected to change prior to 9.7.0 final.) [RT #19248]
 2009-06-30 02:53:46 +00:00
Mark Andrews
86739ab72c Editorial nits. [RT #19815] 2009-06-25 05:28:34 +00:00
Automatic Updater
754cb8a2b3 update copyright notice 2009-06-11 23:47:56 +00:00
Automatic Updater
b6306ef56e update copyright notice 2009-06-10 23:47:47 +00:00
Evan Hunt
351b62535d 2609. [func] Simplify the configuration of dynamic zones: 
- add ddns-confgen command to generate
			  configuration text for named.conf
			- add zone option "ddns-autoconf yes;", which
			  causes named to generate a TSIG session key
			  and allow updates to the zone using that key
			- add '-l' (localhost) option to nsupdate, which
			  causes nsupdate to connect to a locally-running
			  named process using the session key generated
			  by named
			[RT #19284]
 2009-06-10 00:27:22 +00:00
Tatuya JINMEI 神明達哉
40d0f115a6 2604. [func] Add support for DNS rebinding attack prevention through 
new options, deny-answer-addresses and
			deny-answer-aliases.  Based on contributed code from
			JD Nurmi, Google. [RT #18192]
 2009-05-29 22:22:37 +00:00
Mark Andrews
7be6336565 2602. [port] win32: fix debugging command line build of libisccfg. 
[RT #19767]
 2009-05-29 01:16:31 +00:00
Automatic Updater
2464bd58eb update copyright notice 2009-03-05 23:47:36 +00:00
Evan Hunt
3a30493983 2572. [func] Simplify DLV configuration, with a new option 
"dnssec-lookaside auto;"  This is the equivalent
			of "dnssec-lookaside . trust-anchor dlv.isc.org;"
			plus setting a trusted-key for dlv.isc.org.

			Note: The trusted key is hard-coded into named,
			but is also stored in (and can be overridden
			by) $sysconfdir/bind.keys.  As the ISC DLV key
			rolls over it can be kept up to date by replacing
			the bind.keys file with a key downloaded from
			https://www.isc.org/solutions/dlv. [RT #18685]
 2009-03-04 02:42:31 +00:00
Automatic Updater
9a14f870dd update copyright notice 2009-01-18 23:48:14 +00:00
Francis Dupont
9b899a5758 spelling 2009-01-18 18:02:14 +00:00
Automatic Updater
9e0d0a279b update copyright notice 2009-01-09 23:47:46 +00:00
Tatuya JINMEI 神明達哉
7781f25078 2526. [func] New named option "attach-cache" that allows multiple 
views to share a single cache to save memory and
			improve lookup efficiency. [RT 18905]
 2009-01-09 22:24:37 +00:00
Evan Hunt
06a230fe9f 2474. [bug] ACL structures could be allocated with insufficient 
space, causing an array overrun. [RT #18765]
 2008-10-24 02:28:55 +00:00
Tatuya JINMEI 神明達哉
2be6798f93 2457. [tuning] max-cache-size is reverted to 0, the previous 
default.  It should be safe because expired cache
			entries are also purged.
 2008-09-27 23:35:31 +00:00
Mark Andrews
86e0a671ed 9.6.0a1 2008-09-25 04:39:58 +00:00
Automatic Updater
3398334b3a update copyright notice 2008-09-25 04:02:39 +00:00
Mark Andrews
6098d364b6 2448. [func] Add NSEC3 support. [RT #15452] 2008-09-24 02:46:23 +00:00
Mark Andrews
0eeaaaf0ae 2398. [bug] Improve file descriptor management. New, 
temporary, named.conf option reserved-sockets,
                        default 512. [RT #18344]
 2008-09-04 05:56:43 +00:00
Mark Andrews
470212919f 2431. [bug] Acl processing could leak memory. [RT #18323] 2008-09-01 05:36:00 +00:00
Evan Hunt
2ca30c1774 Nested acls containing keys could trigger an assertion in acl.c. [rt18166] 2008-07-19 00:09:44 +00:00
Automatic Updater
2cf81a3d8a update copyright notice 2008-06-23 23:47:11 +00:00
Tatuya JINMEI 神明達哉
386d3a99c1 2375. [security] Fully randomize UDP query ports to improve 
forgery resilience. [RT #17949, #18098]
 2008-06-23 19:41:20 +00:00
Automatic Updater
11156f82ba update copyright notice 2008-05-21 23:47:01 +00:00
Evan Hunt
5a17fe2916 Default values of zone ACLs were re-parsed each time a new zone was 
configured, causing an overconsumption of memory. [rt18092]
 2008-05-21 23:17:21 +00:00
Mark Andrews
db30f4bdcb 2353. [func] Add support for Name Server ID (RFC 5001). 
'dig +nsid' requests NSID from server.
                        'request-nsid yes;' causes recursive server to send
                        NSID requests to upstream servers.  Server responds
                        to NSID requests with the string configured by
                        'server-id' option.  [RT #17091]
 2008-04-03 02:01:08 +00:00
Mark Andrews
3f42cf2f3e 2349. [func] Provide incremental re-signing support for secure 
dynamic zones. [RT #1091]

back out incorrect branch rt1091 and apply correct branch rt1091a.
 2008-04-02 02:37:42 +00:00
Mark Andrews
7e26a2a646 2344. [bug] Improve "logging{ file ...; };" documentation. 
[RT #17888]
 2008-03-27 03:30:53 +00:00
Tatuya JINMEI 神明達哉
95c5f1d17b noticed the default max-cache-size [RT #17515] 2008-01-22 00:29:03 +00:00
Automatic Updater
2f012d936b update copyright notice 2008-01-18 23:46:58 +00:00
Mark Andrews
b0b4ba7533 Fix documentation for: 
2294.   [func]          Allow the experimental statistics channels to have
                        multiple connections and ACL.
 2008-01-17 21:38:24 +00:00
Tatuya JINMEI 神明達哉
bfcc5ae79a 2294. [func] Allow the experimental statistics channels to have 
multiple connections and ACL.
			Note: the stats-server and stats-server-v6 options
			available in the previous beta releases are replaced
			with the generic statistics-channels statment.
 2008-01-17 00:15:14 +00:00
Automatic Updater
1da14e066c update copyright notice 2008-01-02 23:47:02 +00:00
Mark Andrews
92f60809e8 2286. [func] Allow a TCP connection to be used as a weak 
authentication method for reverse zones.
                        New update-policy methods tcp-self and 6to4-self.
                        [RT #17378]
 2008-01-02 05:13:42 +00:00
Mark Andrews
114c14f8ad 2282. [bug] Acl code fixups. [RT #17346] [RT #17374] 2007-12-21 06:46:47 +00:00
Mark Andrews
3d78993c6d 2281. [bug] Attempts to use undefined acls were not being logged. 
[RT #17307]
 2007-12-18 01:53:26 +00:00
Evan Hunt
b6d496d538 Fix memory leak with "any" and "none" ACLs [RT #17272] 2007-11-19 23:13:28 +00:00
Evan Hunt
9578f883b7 Additional fix for 
2252.   [bug]           Fixed errors in sortlist code [RT #17216]

... making sure negation is passed down correctly from a parent ACL
into a nested ACL.
 2007-10-19 00:28:20 +00:00
Mark Andrews
a6237c895b Additional changes for: 
2252.   [bug]           Fixed errors in sortlist code [RT #17216]
 2007-10-18 05:42:03 +00:00
Evan Hunt
dabe7f50bb Fixed some memory management problems in sortlist code [rt17216] 2007-10-12 04:17:18 +00:00
Mark Andrews
a1e2170ad5 2250. [func] New flag 'memstatistics' to state whether the 
memory statistics file should be written or not.
                        Additionally named's -m option will cause the
                        statistics file to be written. [RT #17113]
 2007-09-26 03:22:45 +00:00
Mark Andrews
ca84283333 2244. [func] Allow the check of nameserver names against the 
SOA MNAME field to be disabled by specifying
                        'notify-to-soa yes;'.  [RT #17073]
 2007-09-18 00:22:31 +00:00
Mark Andrews
12e0477d4e Part 2 of: 
2233.   [func]          Add support for O(1) ACL processing, based on
                        radix tree code originally written by kevin
                        brintnall. [RT #16288]
 2007-09-14 01:46:06 +00:00
Evan Hunt
c7e266b7e5 Add support for O(1) ACL processing, based on radix tree code originally 
written by kevin brintnall. [RT #16288]
 2007-09-12 01:09:08 +00:00
Automatic Updater
70e5a7403f update copyright notice 2007-06-19 23:47:24 +00:00
Automatic Updater
ec5347e2c7 update copyright notice 2007-06-18 23:47:57 +00:00
Mark Andrews
47ee25b1f5 2199. [bug] win32: don't call WSAStartup() while loading dlls. 
[RT #16911]
 2007-06-18 03:36:51 +00:00
Mark Andrews
819b98479e 2165. [func] Allow the destination address of a query to determine 
if we will answer the query or recurse.
                        allow-query-on, allow-recursion-on and
                        allow-query-cache-on. [RT #16291]
 2007-03-29 06:36:31 +00:00
Mark Andrews
0b174d1243 update copyright notice 2007-02-06 00:01:23 +00:00
Mark Andrews
281bab0f36 2129. [func] Provide a pool of UDP sockets for queries to be 
made over. See use-queryport-pool, queryport-pool-ports
                        and queryport-pool-updateinterval.  [RT #16415]
 2007-02-02 02:18:06 +00:00