ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
23,301 Commits 589 Branches 805 Tags
d99c65fb286d35d25ead03bbccec41bc02e19aed
Commit Graph

9735 Commits

Author SHA1 Message Date
Tinderbox User
979d849b60 update copyright notice / whitespace 2015-08-07 23:45:57 +00:00
Evan Hunt
7163ce122d [v9_10] address buffer accounting error 
4168.	[security]	A buffer accounting error could trigger an
			assertion failure when parsing certain malformed
			DNSSEC keys. (CVE-2015-5722) [RT #40212]

(cherry picked from commit ce9f893e21)
 2015-08-07 13:23:03 -07:00
Mukund Sivaraman
63dcc28d3e Fix win32 build (UNUSED is present later) 2015-07-31 14:32:47 +05:30
Mukund Sivaraman
8ddb21cd82 Bump api versions 2015-07-31 12:33:36 +05:30
Mark Andrews
38df037565 badcookie has a offical code point of 23 
(cherry picked from commit 46e7fc51b8)
 2015-07-27 15:22:42 +10:00
Mark Andrews
0b08938f80 4165. [bug] An failure to reset a value to NULL in tkey.c could 
result in an assertion failure. (CVE-2015-5477)
                        [RT #40046]

(cherry picked from commit dbb064aa79)
 2015-07-14 14:49:15 +10:00
Tinderbox User
dae3e8def6 update copyright notice / whitespace 2015-07-13 23:45:49 +00:00
Mark Andrews
d03dbac02e 4164. [bug] Don't rename slave files and journals on out of memory. 
[RT #40033]

4163.   [bug]           Address compiler warnings. [RT #40024]

(cherry picked from commit 3a49d0ff10)
 2015-07-13 09:48:42 +10:00
Mark Andrews
33076e7331 4162. [bug] httpdmgr->flags was not being initialized. [RT #40017] 
(cherry picked from commit 0bc743f9bc)
 2015-07-10 18:43:17 +10:00
Tinderbox User
a704920204 update copyright notice / whitespace 2015-07-09 23:45:51 +00:00
Evan Hunt
d52e7431b0 [v9_10] fix build error with ISC_MEM_TRACKLINES=0 2015-07-09 14:23:50 -07:00
Evan Hunt
83d0b1ab69 [v9_10] DDoS mitigation features 
3938.	[func]		Added quotas to be used in recursive resolvers
			that are under high query load for names in zones
			whose authoritative servers are nonresponsive or
			are experiencing a denial of service attack.

			- "fetches-per-server" limits the number of
			  simultaneous queries that can be sent to any
			  single authoritative server.  The configured
			  value is a starting point; it is automatically
			  adjusted downward if the server is partially or
			  completely non-responsive. The algorithm used to
			  adjust the quota can be configured via the
			  "fetch-quota-params" option.
			- "fetches-per-zone" limits the number of
			  simultaneous queries that can be sent for names
			  within a single domain.  (Note: Unlike
			  "fetches-per-server", this value is not
			  self-tuning.)
			- New stats counters have been added to count
			  queries spilled due to these quotas.

			These options are not available by default;
			use "configure --enable-fetchlimit" (or
			--enable-developer) to include them in the build.

			See the ARM for details of these options. [RT #37125]
 2015-07-08 22:55:31 -07:00
Tinderbox User
fc5aaa5e11 update copyright notice / whitespace 2015-07-07 23:45:48 +00:00
Mark Andrews
bb7971417a 4157. [protocol] Update experimental SIT code to use the EDNS COOKIE 
option code point (10).  This is the minimal change
                        required to use the new code point. [RT #39928]
 2015-07-07 15:43:04 +10:00
Mark Andrews
6eb68161a9 add warning not about handling malformed option content 
(cherry picked from commit bd08b82891)
 2015-07-07 10:25:30 +10:00
Tinderbox User
932ce73955 update copyright notice / whitespace 2015-07-06 23:45:49 +00:00
Mark Andrews
28d2815802 dig +ednsopt=<invalid> could trigger a assertion failure [RT #39990] 
(cherry picked from commit 46fc714aa0)
 2015-07-06 23:04:18 +10:00
Mark Andrews
d83bdd0e70 DNS_R_FORMERR -> DNS_R_OPTERR 2015-07-06 17:05:47 +10:00
Mark Andrews
a9557c404e 4154. [bug] A OPT record should be included with the FORMERR 
response when there is a malformed EDNS option.
                        [RT #39647]

4153.   [bug]           Dig should zero non significant +subnet bits.  Check
                        that non significant ECS bits are zero on receipt.
                        [RT #39647]

(cherry picked from commit 3e33f4198d)
 2015-07-06 13:47:17 +10:00
Tinderbox User
af9a2450cf update copyright notice / whitespace 2015-07-03 23:45:50 +00:00
Mark Andrews
7ae1d55020 4151. [bug] 'rndc flush' could cause a deadlock. [RT #39835] 2015-07-03 10:17:49 +10:00
Tinderbox User
4ec5967eeb update copyright notice / whitespace 2015-07-01 23:45:48 +00:00
Mark Andrews
124356c435 4150. [bug] win32: listen-on-v6 { any; }; was not working. Apply 
minimal fix.  [RT #39667]

(cherry picked from commit 753b27a7d3)
 2015-07-01 11:52:10 +10:00
Tinderbox User
c838ed659d update copyright notice / whitespace 2015-06-29 23:45:48 +00:00
Mukund Sivaraman
6141f501d9 Fix race in getaddrinfo() in libirs, which caused assertion failure in delv (#39873) 
(cherry picked from commit c44c77178e)
 2015-06-29 19:48:19 +05:30
Mukund Sivaraman
f69f188b90 Fix a bug printing zone names with '/' character in XML and JSON stats (#39873) 
(cherry picked from commit 08f0129732)

Conflicts:
	bin/tests/system/statistics/clean.sh
 2015-06-29 18:46:36 +05:30
Mark Andrews
a6f608404f 4147. [bug] Filter-aaaa / filter-aaaa-on-v4 / filter-aaaa-on-v6 
was returning referrals rather than nodata responses
                        when the AAAA records were filtered.  [RT #39843]

(cherry picked from commit 4a61eae651)
 2015-06-29 15:49:12 +10:00
Mark Andrews
cd09591680 4146. [bug] Address reference leak that could prevent a clean 
shutdown. [RT #37125]

(cherry picked from commit adbf81335b)
 2015-06-25 18:36:53 +10:00
Mark Andrews
fd007b4e59 4145. [bug] Not all unassociated adb entries where being printed. 
[RT #37125]

(cherry picked from commit 2f66e2dd81)
 2015-06-25 18:27:53 +10:00
Mark Andrews
be4b9178f0 4143. [bug] serial-query-rate was not effective for notify. 
[RT #39858]
 2015-06-24 20:54:56 +10:00
Mukund Sivaraman
8134e7662e Fix parsing of NZFs saved by rndc addzone with view specified (#39845) 
(cherry picked from commit 0439bfedd9)

Conflicts:
	bin/named/server.c
	bin/tests/system/addzone/tests.sh
 2015-06-23 14:57:20 +05:30
Mark Andrews
19818edc45 don't use C++ keyword new; use (const char *) for output of strchr((const char *), char) 
(cherry picked from commit d4422ec231)
 2015-06-18 11:15:15 +10:00
Mark Andrews
f7d53a6f3b 4138. [bug] A uninitialized value in validator.c could result 
in a assertion failure. (CVE-2015-4620) [RT #39795]

(cherry picked from commit a85c6b35af)
 2015-06-17 09:14:19 +10:00
Mark Andrews
6348a4fb9f add #define check_stale_rdataset check_stale_rdataset64 
(cherry picked from commit a8cb6c6fbc)
 2015-06-12 11:17:28 +10:00
Mark Andrews
cfcc0e5d88 silence unused parameter warning 
(cherry picked from commit c781d465b6)
 2015-06-11 14:04:17 +10:00
Mukund Sivaraman
9f1888805b Propagate stale attribute when updating stats (#39141) 
Squashed commit of the following:

commit 9b5b9fa30fbeba8ee1e95cb1028017230ed4db02
Author: Mukund Sivaraman <muks@isc.org>
Date:   Tue Apr 7 19:30:54 2015 +0530

    Remove double function prototypes

commit f3bb8cc60ae476eaa871ba10330b16425ced2d7c
Author: Mukund Sivaraman <muks@isc.org>
Date:   Tue Apr 7 19:30:34 2015 +0530

    Unify several copies of redundant code into a helper function

commit 4899fb9b2f36fc5d159fa877c0780a442a7cbdb3
Author: Mukund Sivaraman <muks@isc.org>
Date:   Thu Apr 2 00:23:53 2015 +0530

    Propagate stale attribute when updating stats

(cherry picked from commit 59a9cb54c1)

Conflicts:
	CHANGES
 2015-06-10 16:10:44 +05:30
Tinderbox User
b08498ecf9 update copyright notice / whitespace 2015-06-05 23:45:53 +00:00
Witold Krecicki
6fa116f6d2 better logging of RPZ changes RT #39670 2015-06-05 12:26:07 +02:00
Mark Andrews
1e0d972fcd update comment as per rt39703 
(cherry picked from commit bc6ed947572243587dec59918fdff382b2b4229c)
 2015-06-05 11:07:59 +10:00
Mark Andrews
9cc1d6b878 4133. [port] Update how various json libraries are handled. 
[RT #39646]

(cherry picked from commit 8a9bac8dec)
 2015-06-05 10:17:10 +10:00
Tinderbox User
93dfacd77f update copyright notice / whitespace 2015-06-04 23:45:51 +00:00
Evan Hunt
f89d03dc9e [v9_10] further RPZ fixes 
4131.	[bug]		Addressed further problems with reloading RPZ
			zones. [RT #39649]
 2015-06-03 18:19:19 -07:00
Mark Andrews
c9cb7502ec silence coverity warnings 
(cherry picked from commit e0fea0bf85)
 2015-05-30 17:45:12 +10:00
Mark Andrews
63af3e1af1 add INSIST to silence coverity 
(cherry picked from commit 03089dd420)
 2015-05-30 17:37:34 +10:00
Mark Andrews
72dda1b374 unsigned constants 
(cherry picked from commit 4e056cee66)
 2015-05-29 11:26:46 +10:00
Tinderbox User
b3623d80ab update copyright notice / whitespace 2015-05-28 23:45:50 +00:00
Evan Hunt
03f4807662 [v9_10] typo in comment 2015-05-28 15:05:00 -07:00
Mark Andrews
90e4700853 4130. [bug] The compatability shim for *printf() misprinted some 
large numbers. [RT #39586]

(cherry picked from commit 38c19e5779)
 2015-05-29 07:23:50 +10:00
Mark Andrews
234af55779 4129. [port] Address API changes in OpenSSL 1.1.0. [RT #39532] 
(cherry picked from commit 8bb630c751)
 2015-05-28 14:42:13 +10:00
Mark Andrews
c9ca5e3c87 4128. [bug] Address issues raised by Coverity 7.6. [RT #39537] 
(cherry picked from commit e53e202ef3)
 2015-05-28 13:17:24 +10:00