ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
26,645 Commits 589 Branches 805 Tags
dd5dff30961b85e30461da170c4b8d8529ac317e
Commit Graph

56 Commits

Author SHA1 Message Date
Ondřej Surý
843d389661 Update license headers to not include years in copyright in all applicable files 2018-02-23 10:12:02 +01:00
Evan Hunt
0c559199bf final cleanup 
- add CHANGES note
- update copyrights and license headers
- add -j to the make commands in .gitlab-ci.yml to take
  advantage of parallelization in the gitlab CI process
 2018-02-22 22:58:15 -08:00
Evan Hunt
c032c54dda parallelize most system tests 2018-02-22 15:29:02 -08:00
Mark Andrews
b98a92071d perform rpz testing with a loop rather that recursion 2018-02-22 14:01:42 +11:00
Mark Andrews
05f9deba0b use symbolic test modes native/dnsrps 2018-02-22 14:01:42 +11:00
Mark Andrews
034450ba02 add test numbers as use them in file names 2018-02-22 14:01:42 +11:00
Evan Hunt
3363f3147a [master] DNS Response Policy Service API 
4713.	[func]		Added support for the DNS Response Policy Service
			(DNSRPS) API, which allows named to use an external
			response policy daemon when built with
			"configure --enable-dnsrps".  Thanks to Vernon
			Schryver and Farsight Security. [RT #43376]
 2017-09-11 11:57:43 -07:00
Mark Andrews
9301c35ae6 adjust range 2017-03-02 12:32:04 +11:00
Tinderbox User
1baa50950b update copyright notice / whitespace 2017-03-01 01:52:56 +00:00
Mark Andrews
f240f4a5de Reimplement: 
4578.   [security]      Some chaining (CNAME or DNAME) responses to upstream
                        queries could trigger assertion failures.
                        (CVE-2017-3137) [RT #44734]
 2017-03-01 12:01:16 +11:00
Evan Hunt
5480a74b70 [master] simplify prereq checks by using feature-test.c 
4498.	[test]		Simplify prerequisite checks in system tests.
			[RT #43516]
 2016-10-31 16:53:37 -07:00
Witold Krecicki
358dfaee18 4487. [test] Make system tests work on Windows. [RT #42931] 2016-10-19 17:18:42 +02:00
Mark Andrews
0c27b3fe77 4401. [misc] Change LICENSE to MPL 2.0. 2016-06-27 14:56:38 +10:00
Mark Andrews
3635d8f910 do not overflow exit status. [RT #42643] 2016-06-14 13:48:39 +10:00
Tinderbox User
7d4f45f6bd update copyright notice / whitespace 2016-01-21 23:45:23 +00:00
Evan Hunt
9b789c54f8 [master] add regression test for RT #41518 
4297.	[test]		Ensure delegations in RPZ zones fail robustly.
			[RT #41518]
 2016-01-20 17:44:11 -08:00
Tinderbox User
9ae1588020 update copyright notice / whitespace 2015-05-08 23:45:24 +00:00
Mukund Sivaraman
b947e1a521 Fix a bug in RPZ that could cause unwanted recursion (#39229) 
Conflicts:
	doc/arm/notes.xml
 2015-05-07 08:29:36 +05:30
Mark Andrews
7301df07cf extend the permissible number of queries to 25 from 24 2014-11-24 10:20:39 +11:00
Mark Andrews
06e28e50bd give the nameserver a little longer to response 2014-09-18 10:06:48 +10:00
Mark Andrews
cef76ee5bd 3921. [bug] AD was inappopriately set on RPZ responses. [RT #36833] 2014-08-22 15:45:40 +10:00
Mark Andrews
f2a91da02e adjust range 2014-07-31 20:32:50 +10:00
Mark Andrews
ac5ed74860 3897. [bug] RPZ summary information was not properly being updated 
after a AXFR resulting in changes sometimes being
                        ignored.  [RT #35885]
 2014-07-22 10:57:58 +10:00
Mark Andrews
48789995c1 use $NSUPDATE 2014-06-15 18:35:19 +10:00
Evan Hunt
06e0d6bb12 [master] address rpz bugs 
3877.	[bug]		Inserting and deleting parent and child nodes
			in response policy zones could trigger an assertion
			failure. [RT #36272]
 2014-06-11 20:00:19 -07:00
Mark Andrews
5360986092 set max 2014-06-02 13:42:58 +10:00
Mark Andrews
3a26e75e3c accept a range of stats values 2014-06-02 08:15:47 +10:00
Mark Andrews
44b0e0b1d5 More changes for: 
3864.   [bug]           RPZ didn't work well when being used as forwarder.
                        [RT #36060]
 2014-05-30 08:41:27 +10:00
Mark Andrews
3d75189141 3864. [bug] RPZ didn't work well when being used as forwarder. 
[RT #36060]
 2014-05-29 17:02:10 +10:00
Tinderbox User
20a96edbf9 update copyright notice 2014-02-20 23:46:35 +00:00
Mark Andrews
86a85a3bbd don't error on rpz percentage checks as they fail inconsistently on virtual machines 2014-02-20 12:22:14 +11:00
Mark Andrews
225146b2c8 3674. [bug] RPZ zeroed ttls if the query type was '*'. [RT #35026] 2013-11-18 11:22:59 +11:00
Mark Andrews
9fa2a0deed 3652. [bug] Address bug with rpz-drop policy. [RT #34816] 2013-09-21 17:27:43 +10:00
Mark Andrews
df0892aea6 3627. [bug] RPZ changes were not effective on slaves. [RT #34450] 2013-08-09 13:23:01 +10:00
Evan Hunt
421d4a0647 [master] rpz work 
3620.	[func]		Added "rpz-client-ip" policy triggers, enabling
			RPZ responses to be configured on the basis of
			the client IP address; this can be used, for
			example, to blacklist misbehaving recursive
			or stub resolvers. [RT #33605]

3619.	[bug]		Fixed a bug in RPZ with "recursive-only no;"
			[RT #33776]
 2013-07-12 14:46:47 -07:00
Mark Andrews
609b8d0817 update copyrights 2013-02-27 12:27:58 +11:00
Mark Andrews
30314ce9c5 '!' is not portable. 2013-02-26 23:11:43 +11:00
Tinderbox User
f97d56e757 update copyright notice 2013-02-25 23:46:03 +00:00
Evan Hunt
94315060c2 [master] RPZ speedup (phase 2, multiple RPZ's) 
3495.	[func]		Support multiple response-policy zones, while
			improving RPZ performance. [RT #32476]
 2013-02-25 12:46:51 -08:00
Mark Andrews
bf8267aa45 reverse bad copyright update 2012-06-29 11:39:47 +10:00
Tinderbox User
247bf37860 update copyright notice 2012-06-29 01:22:18 +00:00
Mark Andrews
1ff22ac042 Don't restart ns5 after killing it 2012-06-07 14:37:58 +10:00
Mark Andrews
ba16ade5f8 kill and restart the nameserver after running: perf 'without rpz' norpz 2012-06-04 16:25:25 +10:00
Evan Hunt
3787f2ec8a fix solaris portability problem 2012-06-01 11:40:52 -07:00
Vernon Schryver
afaa290bb6 Squashed commit of the following: 
commit aea73609ac5d41ed091360e94370798965f28f05
commit eef7f44c57a060b24a426eb8888e16176a0a69b1
commit a88a26d864ad399fa2d40e3b9659b4d26f454ca1
commit 1b90d59568e7e3b65690c6bd075cf4d60b03e454
Merge: 74d8f73 cd02924
commit 74d8f73ed553bb64a305e284905762f7ff0029aa
commit 9a59ef6bbd4befe91e5691e8b85afe1cb7ab0706
commit c63606a53b4f1bb7066b37d3cfe588e9dc21a119
commit 2c392a840c8838455d144ce163bd873bee400c97
commit 0241f53563e6e7bed462a883d98a8931f01e0980
commit 79fe22b5d6f04bdaa3073cf54d41952194e879e1
commit 351b3049625f2edd39729dd85413e961b97d4b3b
commit 7207674fc77c9a10d84c0cb94e36d1c09bb31459
commit 543ad34cf08f901c20b438c9d2f45482cff13d5e
commit fc45b99ce4438627fdcbeb4365695ba0065fa46f
commit c425207f57e0a5157372aa7edbb79b13170563e5
commit ef8c5e23ca284e0ea02f69ce1f356d537c19d93b
commit ba0d4e3aa51efe412cfa1d031651f949442d1802
commit 41c7969c7cb6884b93011f7ace3fd9522efc021e
  and more from CVS

for rt26172

Add
  - optional "recursive-only yes|no" to the response-policy statement
  - optional max-policy-ttl to limit the lies that "recursive-only no"
      can introduce into resolvers' caches
  - test that queries with RD=0 are not rewritten by default
  - performance smoke test

Change encoding of PASSTHRU action to "rpz-passthru".
      (The old encoding is still accepted.)
Fix rt26180  assert botch in zone_findrdataset() in this branch
     as well.

Fix missing signatures on NOERROR results despite RPZ hits
    when there are signatures and the client asks for DNSSEC,
 2012-05-31 02:03:34 +00:00
Automatic Updater
1b428fd3a7 update copyright notice 2012-01-07 23:46:53 +00:00
Evan Hunt
c19cfefe7e 3262. [bug] Signed responses were handled incorrectly by RPZ. 
[RT #27316]
 2012-01-07 00:19:59 +00:00
Evan Hunt
75c622f53b add regression test for rbtdb.c version-mismatch issue 2011-11-18 19:32:13 +00:00
Mark Andrews
7b4b6f361b 3186. [bug] Version/db mis-match in rpz code. [RT #26180] 2011-10-28 11:46:50 +00:00
Mark Andrews
88112d5fcb 'test -e' is not portable, use 'test -f' 2011-10-13 13:03:51 +00:00