ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
22,890 Commits 589 Branches 805 Tags
d478dbae80bd215df3fef6cfc207b078ea285b8d
Commit Graph

2734 Commits

Author SHA1 Message Date
Evan Hunt
3cc8c7d630 [master] fix nxrrset in nxdomain redirection 
4000.	[bug]		NXDOMAIN redirection incorrectly handled NXRRSET
			from the redirect zone. [RT #37722]
 2014-11-04 23:49:56 -08:00
Evan Hunt
ce96d4326c [master] new mkeys and nzf naming format 
3999.	[func]		"mkeys" and "nzf" files are now named after
			their corresponding views, unless the view name
			contains characters that would be incompatible
			with use in a filename (i.e., slash, backslash,
			or capital letters). If a view name does contain
			these characters, the files will still be named
			using a cryptographic hash of the view name.
			Regardless of this, if a file using the old name
			format is found to exist, it will continue to be
			used. [RT #37704]
 2014-11-04 19:43:27 -08:00
Mark Andrews
1feee79e1f 3997. [protocol] Add OPENGPGKEY record. [RT# 37671] 2014-11-04 12:24:39 +11:00
Tinderbox User
12b386e1a6 update copyright notice 2014-10-30 23:45:21 +00:00
Mark Andrews
0f5144163c 3993. [func] Dig now supports EDNS negotiation by default. 
(dig +[no]ednsnegotiation). [RT #37604]
 2014-10-30 23:13:12 +11:00
Mark Andrews
00fb0253c9 3991. [func] Add the ability to buffer logging output by specifying 
"buffered yes;" when defining a channel. [RT #26561]
 2014-10-30 11:37:05 +11:00
Mark Andrews
a5c7cfbac4 3990. [testing] Add tests for unknown DNSSEC algorithm handling. 
[RT #37541]
 2014-10-30 11:05:26 +11:00
Tinderbox User
6932de75ef update copyright notice 2014-10-21 23:45:24 +00:00
Mark Andrews
4140a96f22 3987. [func] Allow the zone serial of a dynamically updatable 
zone to be updated via rndc. [RT #37404]
 2014-10-21 18:15:42 +11:00
Evan Hunt
498b061031 [master] allow 1-week nta-lifetime/nta-recheck 
3983.	[bug]		Change #3940 was incomplete: negative trust anchors
			could be set to last up to a week, but the
			"nta-lifetime" and "nta-recheck" options were
			still limted to one day. [RT #37522]
 2014-10-20 13:40:17 -07:00
Evan Hunt
7cf2122e0d [master] change 3977 altered expected linecount from secroots 2014-10-18 16:50:32 -07:00
Mark Andrews
72775a79fe 3981. [bug] Cache DS/NXDOMAIN independently of other query types. 
[RT #37467]
 2014-10-18 13:09:09 +11:00
Mark Andrews
44ef2206d7 allow for the set of ttls to be empty 2014-10-16 14:46:44 +11:00
Mark Andrews
d9aaf7acce make test more robust in the face of server failures 2014-10-16 12:34:12 +11:00
Evan Hunt
1cbc394e7c [master] add redirect zone to checkconf -z test 2014-10-09 18:30:34 -07:00
Evan Hunt
ca0ee90361 [master] turn off servfail cache in masterformat test 2014-10-09 09:30:46 -07:00
Mark Andrews
c81d56c03e 3971. [bug] Reduce the cascasding failures due to a bad $TTL line 
in named-checkconf / named-checkzone. [RT #37138]
 2014-10-05 08:29:34 +11:00
Mark Andrews
39fb5f2a5d verifying inline zones work with views requires crypto to be configured 2014-10-04 18:06:04 +10:00
Evan Hunt
12002ea49e [master] add delv system test 
3969.	[test]		Added 'delv' system test. [RT #36901]
 2014-10-02 22:37:20 -07:00
Tinderbox User
7a3f584cfc update copyright notice 2014-10-02 23:45:25 +00:00
Mark Andrews
b24061719c 3967. [test] Add test for inlined signed zone in multiple views 
with different DNSKEY sets. [RT #35759]
 2014-10-03 07:59:44 +10:00
Mark Andrews
a837c939c4 SIG(0) update forwarding testing requires crypto be configured 2014-10-02 11:07:01 +10:00
Mark Andrews
ed1c845c1d 3964. [func] nsupdate now performs check-names processing. 
[RT #36266]
 2014-10-02 09:35:43 +10:00
Evan Hunt
7b04216015 [master] improve dlzexternal test 
3963.	[test]		Added NXRRSET test cases to the "dlzexternal"
			system test. [RT #37344]
 2014-09-30 17:08:12 -07:00
Tinderbox User
be484acb22 update copyright notice 2014-09-30 23:45:22 +00:00
Mark Andrews
ffeaac1d82 3961. [bug] Forwarding of SIG(0) signed UPDATE messages failed with 
BADSIG.  [RT #37216]
 2014-10-01 07:24:16 +10:00
Mark Andrews
c83b91fb63 3960. [bug] 'dig +sigchase' could loop forever. [RT #37220] 2014-10-01 07:06:20 +10:00
Tinderbox User
2fb35a6d59 update copyright notice 2014-09-29 23:45:24 +00:00
Mark Andrews
4bc581ca31 use RANDFILE rather than /dev/urandom 2014-09-29 23:39:07 +10:00
Mark Andrews
1c5990c2f9 3958. [bug] Detect when writeable files have multiple references 
in named.conf. [RT #37172]
 2014-09-29 12:10:10 +10:00
Mark Andrews
80169c379d 3957. [bug] "dnssec-keygen -S" failed for ECCGOST, ECDSAP256SHA256 
and ECDSAP384SHA384. [RT #37183]
 2014-09-29 10:18:54 +10:00
Mark Andrews
10c12aa549 3956. [func] Notify messages are now rate limited by notify-rate and 
startup-notify-rate instead of serial-query-rate.
                        [RT #24454]

3955.   [bug]           Notify messages due to changes are no longer queued
                        behind startup notify messages. [RT #24454]
 2014-09-29 10:01:08 +10:00
Mark Andrews
9a36fb86f5 3953. [bug] Don't escape semi-colon in TXT fields. [RT #37159] 2014-09-27 12:14:20 +10:00
Mark Andrews
27cd03a21c use more portable awk 2014-09-19 15:00:18 +10:00
Mark Andrews
06e28e50bd give the nameserver a little longer to response 2014-09-18 10:06:48 +10:00
Mark Andrews
1a5f84d56a UNTESTED -> SKIPPED 2014-09-16 23:49:52 +10:00
Mark Andrews
3867312e4c 3951. [func] Add the ability to set yet-to-be-defined EDNS flags 
to dig (+ednsflags=#). [RT #37142]
 2014-09-13 19:13:59 +10:00
Tinderbox User
2c69f767d6 update copyright notice 2014-09-10 23:45:21 +00:00
Mark Andrews
947cf282a7 3949. [experimental] Experimental support for draft-andrews-edns1 by sending 
EDNS(1) queries (define DRAFT_ANDREWS_EDNS1 when
                        building).  Add support for limiting the EDNS version
                        advertised to servers: server { edns-version 0; };
                        Log the EDNS version received in the query log.
                        [RT #35864]
 2014-09-10 15:31:40 +10:00
Mark Andrews
5c420ccc29 drop 'I:send many simultaneous updates via a update forwarder' test until re-written using perl 2014-09-07 22:08:45 +10:00
Mark Andrews
76a17033db also fix the expected count 2014-09-07 20:24:59 +10:00
Mark Andrews
48179343c2 reduce number of nsupdates being simultaeously forked 2014-09-07 20:24:14 +10:00
Mark Andrews
8aa098c633 update copyrights 2014-09-06 09:38:48 +10:00
Evan Hunt
c9e976dc43 [master] [rt37057] server-id tests 
3944.	[test]		Added a regression test for "server-id". [RT #37057]
 2014-09-04 18:18:36 -07:00
Tinderbox User
948c80ffa8 update copyright notice 2014-09-04 23:45:24 +00:00
Evan Hunt
a878301981 [master] servfail cache 
3943.	[func]		SERVFAIL responses can now be cached for a
			limited time (configured by "servfail-ttl",
			default 10 seconds, limit 30). This can reduce
			the frequency of retries when an authoritative
			server is known to be failing, e.g., due to
			ongoing DNSSEC validation problems. [RT #21347]
 2014-09-03 23:28:14 -07:00
Mark Andrews
fec7998314 3942. [bug] Wildcard responses from a optout range should be 
marked as insecure. [RT #37072]
 2014-09-04 13:57:50 +10:00
Evan Hunt
c3d0221104 [master] oops, nta lifetime change broke dnssec test 2014-09-03 20:51:32 -07:00
Evan Hunt
3d066288ad [master] [rt37069] update NTA limit to a week 
3940.	[func]		"rndc nta" now allows negative trust anchors to be
			set for up to one week. [RT #37069]
 2014-09-03 19:00:03 -07:00
Mark Andrews
74717eef53 3939. [func] Improve UPDATE forwarding performance by allowing TCP 
connections to be shared. [RT #37039]
 2014-09-04 10:37:45 +10:00