ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
25,537 Commits 589 Branches 805 Tags
de1591889a29fb33b9872d201d554b3e91f61607
Commit Graph

10529 Commits

Author SHA1 Message Date
Evan Hunt
de1591889a [master] fix memory leak in notify test 2017-09-11 16:10:49 -07:00
Evan Hunt
7fb611d331 [master] fix prototypes 2017-09-11 15:48:20 -07:00
Evan Hunt
b103b0c011 [master] remap getaddrinfo() to irs_getgetaddrinfo() 
The libirs version of getaddrinfo() cannot be called from within BIND9.
 2017-09-11 15:03:57 -07:00
Evan Hunt
3363f3147a [master] DNS Response Policy Service API 
4713.	[func]		Added support for the DNS Response Policy Service
			(DNSRPS) API, which allows named to use an external
			response policy daemon when built with
			"configure --enable-dnsrps".  Thanks to Vernon
			Schryver and Farsight Security. [RT #43376]
 2017-09-11 11:57:43 -07:00
Evan Hunt
3e66721b35 [master] add missing rrtypes to genzones 
4711.	[test]		Some RR types were missing from genzones.sh.
			[RT #45782]
 2017-09-11 09:34:41 -07:00
Tinderbox User
672586440b update copyright notice / whitespace 2017-09-09 23:46:01 +00:00
Mark Andrews
fc39a3b9b9 add @ISC_OPENSSL_LIBS@ 2017-09-09 20:40:05 +10:00
Francis Dupont
90f6140832 Finished merge of rt45019 (openssl hash default) 2017-09-09 10:30:16 +02:00
Evan Hunt
f13385770e [master] change hash function for RRL 
4709.	[cleanup]	Use dns_name_fullhash() to hash names for RRL.
			[RT #45435]
 2017-09-08 15:46:15 -07:00
Evan Hunt
8eb88aafee [master] add libns and remove liblwres 
4708.   [cleanup]       Legacy Windows builds (i.e. for XP and earlier)
                        are no longer supported. [RT #45186]

4707.	[func]		The lightweight resolver daemon and library (lwresd
			and liblwres) have been removed. [RT #45186]

4706.	[func]		Code implementing name server query processing has
			been moved from bin/named to a new library "libns".
			Functions remaining in bin/named are now prefixed
			with "named_" rather than "ns_".  This will make it
			easier to write unit tests for name server code, or
			link name server functionality into new tools.
			[RT #45186]
 2017-09-08 13:47:34 -07:00
Evan Hunt
509ba96497 [rt45019] separate DNS_CRYPTO_LIBS from ISC_OPENSSL_LIBS and use both 2017-09-07 22:05:20 -07:00
Evan Hunt
60387eb495 [master] windows can't cope with #ifdef in a macro expansion 2017-09-07 21:02:17 -07:00
Mark Andrews
b6b33d0f48 ISCLIBS should be after DNSLIBS 2017-09-08 12:52:48 +10:00
Tinderbox User
7bd8900aa8 update copyright notice / whitespace 2017-09-07 23:46:43 +00:00
Mark Andrews
e01d88e885 don't disturb search->chain when calling find_coveringnsec 2017-09-08 06:48:41 +10:00
Evan Hunt
1fd1c0b027 [rt45019] fix some library ordering problems 2017-09-06 23:01:54 -07:00
Mark Andrews
6adc40b3ce 4704. [cleanup] Silence Visual Studio compiler warnings. [RT #45898] 2017-09-07 12:57:55 +10:00
Mark Andrews
d1f34ef400 4702. [func] Update function declarations to use 
dns_masterstyle_flags_t for style flags. [RT #45924]
 2017-09-07 12:48:16 +10:00
Tinderbox User
40780aa36f update copyright notice / whitespace 2017-09-06 23:46:23 +00:00
Mark Andrews
86c86693e3 move declaration to start of block 2017-09-07 06:39:24 +10:00
Evan Hunt
e90926bb9e [master] refactor tsig.c 
4701.	[cleanup]	Refactored lib/dns/tsig.c to reduce code
			duplication and simplify the disabling of MD5.
			[RT #45490]
 2017-09-06 10:57:40 -07:00
Mark Andrews
09ccb70e11 add missing defines 2017-09-06 11:17:46 +10:00
Mark Andrews
45df736f88 add missing functions 2017-09-06 10:39:53 +10:00
Mark Andrews
df50751585 4700. [func] Serving of stale answers is now supported. This 
allows named to provide stale cached answers when
                        the authoritative server is under attack.
                        See max-stale-ttl, stale-answer-enable,
                        stale-answer-ttl. [RT #44790]
 2017-09-06 09:58:29 +10:00
Mark Andrews
e2a737bcb8 4699. [func] Multiple cookie-secret clauses can now be specified. 
The first one specified is used to generate new
                        server cookies.  [RT #45672]
 2017-09-05 09:19:45 +10:00
Mark Andrews
a322a0f31c silence converity warning [RT #45891] 2017-09-05 07:38:13 +10:00
Mark Andrews
10076239f6 missing (const) 2017-09-04 18:22:52 +10:00
Mukund Sivaraman
cdabd36dc7 Tweak code (reviewed by Mark) 2017-09-01 12:41:13 +05:30
Mark Andrews
5c269d84c2 remove development logging 2017-09-01 14:45:26 +10:00
Mark Andrews
a8a20462b5 4697. [bug] Restore workaround for Microsoft Windows TSIG hash 
computation bug. [RT #45854]
 2017-09-01 11:17:59 +10:00
Mark Andrews
2e743d9bdc Squashed commit of the following: 
commit 2a0e5695da2e0f701191e2783209ac05c9d01e6c
Author: Mark Andrews <marka@isc.org>
Date:   Thu Aug 31 12:15:05 2017 +1000

    remove 'on' from error message

commit f18a8d699b69be35b938cfe2b30ebb30cd78e814
Author: Mark Andrews <marka@isc.org>
Date:   Thu Aug 31 11:58:41 2017 +1000

    add more cookie-secret named-checkconf tests

commit ca8f5f5f57ccbeb970310866523a909eb411a554
Author: Mark Andrews <marka@isc.org>
Date:   Thu Aug 31 11:31:57 2017 +1000

    properly check algorithm names
 2017-08-31 12:19:37 +10:00
Evan Hunt
5c8de9e2ae [master] fix uninitialized memory in mem_test.c 2017-08-30 19:02:52 -07:00
Evan Hunt
45afdb2672 [master] remove default algorithm in dnssec-keygen 
4594.	[func]		dnssec-keygen no longer uses RSASHA1 by default;
			the signing algorithm must be specified on
			the command line with the "-a" option.  Signing
			scripts that rely on the existing default behavior
			will break; use "dnssec-keygen -a RSASHA1" to
			repair them. (The goal of this change is to make
			it easier to find scripts using RSASHA1 so they
			can be changed in the event of that algorithm
			being deprecated in the future.) [RT #44755]
 2017-08-30 18:51:11 -07:00
Tinderbox User
587f005032 update copyright notice / whitespace 2017-08-30 23:46:18 +00:00
Mark Andrews
89d841c16f sort view_clauses 2017-08-31 08:40:33 +10:00
Mark Andrews
0aed466565 4693. [func] Synthesis of responses from DNSSEC-verified records. 
Stage 1 covers NXDOMAIN synthesis from NSEC records.
                        This is controlled by synth-from-dnssec and is enabled
                        by default. [RT #40138]
 2017-08-31 07:57:50 +10:00
Mark Andrews
c26370fc69 4692. [bug] Fix build failures with libressl introduced in 4676. 
[RT #45879]
 2017-08-30 17:11:20 +10:00
Tinderbox User
f562de3f71 update copyright notice / whitespace 2017-08-24 23:47:03 +00:00
Mark Andrews
07741d43c8 4688. [protocol] Check and display EDNS KEY TAG options (RFC 8145) in 
messages. [RT #44804]
 2017-08-25 08:38:19 +10:00
Mukund Sivaraman
af4b4bef7a Refactor tracklines code (#45126) 2017-08-24 10:58:55 +05:30
Mark Andrews
615b961e02 4682. [bug] Don't report errors on records below a DNAME. 
[RT #44880]
 2017-08-17 15:49:59 +10:00
Mark Andrews
52fd57c989 4681. [bug] Log messages from the validator now include the 
associated view unless the view is "_default/IN"
                        or "_dnsclient/IN". [RT #45770]
 2017-08-16 09:29:20 +10:00
Mark Andrews
bf1ab06a48 request-nsid/request-sit out of order 2017-08-14 23:47:30 +10:00
Mark Andrews
60fd71ec66 alphabetize options_clauses 2017-08-14 07:22:20 +00:00
Mark Andrews
9697129ae2 tcp-only and tcp-keepalive where out of alphabetical order 2017-08-14 07:00:02 +00:00
Mark Andrews
fa7bacca7d sit-secret was out of alphabetical order 2017-08-14 06:50:24 +00:00
Mark Andrews
cc88df4f01 4678. [bug] geoip-use-ecs has the wrong type when geoip support 
is disabled at configure time. [RT #45763]
 2017-08-14 06:18:26 +00:00
Mark Andrews
5e9d9aa9d0 use isc_thread_self instead of pthread_self 2017-08-14 13:51:20 +10:00
Mark Andrews
cbc80a42d3 4676. [cleanup] Allow BIND to be built using OpenSSL 1.0.X with 
deprecated functions removed. [RT #45706]
 2017-08-10 10:16:26 +10:00
Tinderbox User
f4eb664ce3 update copyright notice / whitespace 2017-08-09 23:47:50 +00:00