ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
21,816 Commits 589 Branches 805 Tags
dedefc0bdbb4e6e39eeb98aa2fc6883efec2ddb0
Commit Graph

4288 Commits

Author SHA1 Message Date
Evan Hunt
a147de10fe [master] portable strptime/timegm 
3709.	[port]		Use built-in versions of strptime() and timegm()
			on all platforms to avoid portability issues.
			[RT #35183]
 2014-01-14 23:17:47 -08:00
Evan Hunt
4882e183ca [master] typo 2014-01-14 21:10:23 -08:00
Mark Andrews
702958d202 3708. [bug] Address a portentry locking issue in dispatch.c. 
[RT #35128]
 2014-01-15 15:55:35 +11:00
Mark Andrews
cd7f8d18f8 3707. [bug] irs_resconf_load now returns ISC_R_FILENOTFOUND 
on a missing resolv.conf file and initializes the
                        structure as if it had been configured with:

                                nameserver ::1
                                nameserver 127.0.0.1

                        Note: Callers will need to be updated to treat
                        ISC_R_FILENOTFOUND as a qualified success or else
                        they will leak memory. The following code fragment
                        will work with both only and new versions without
                        changing the behaviour of the existing code.

                        resconf = NULL;
                        result = irs_resconf_load(mctx, "/etc/resolv.conf",
                                                  &resconf);
                        if (result != ISC_SUCCESS) {
                                if (resconf != NULL)
                                        irs_resconf_destroy(&resconf);
                                ....
                        }

                        [RT #35194]
 2014-01-15 15:22:55 +11:00
Evan Hunt
a18fc12ba3 [master] fix queryperf integer overflow 
3706.	[contrib]	queryperf: Fixed a possible integer overflow when
			printing results. [RT #35182]
 2014-01-14 16:56:23 -08:00
Evan Hunt
ba751492fc [master] native PKCS#11 support 
3705.	[func]		"configure --enable-native-pkcs11" enables BIND
			to use the PKCS#11 API for all cryptographic
			functions, so that it can drive a hardware service
			module directly without the need to use a modified
			OpenSSL as intermediary (so long as the HSM's vendor
			provides a complete-enough implementation of the
			PKCS#11 interface). This has been tested successfully
			with the Thales nShield HSM and with SoftHSMv2 from
			the OpenDNSSEC project. [RT #29031]
 2014-01-14 15:40:56 -08:00
Mark Andrews
07fb9b8330 3704. [protocol] Accept integer timestamps in RRSIG records. [RT #35185] 2014-01-14 16:12:30 +11:00
Evan Hunt
b751788932 [master] improve prefetch doc 2014-01-13 21:08:20 -08:00
Evan Hunt
33a296aa3a [master] add CVE details; marked 3656 as [security] 2014-01-13 14:54:12 -08:00
Mark Andrews
fb756ba304 3703. [func] Prefetch about to expire records if they are queried 
for, see prefetch option for details. [RT #35041]
 2014-01-12 21:29:15 +11:00
Evan Hunt
7d2b185f16 [master] new dnssec-coverage options 
3702.	[func]		'dnssec-coverage -l' option specifies a length
			of time to check for coverage; events further into
			the future are ignored.  'dnssec-coverage -z'
			checks only ZSK events, and 'dnssec-coverage -k'
			checks only KSK events.  (Thanks to Peter Palfrader.)
			[RT #35168]
 2014-01-10 17:53:21 -08:00
Mark Andrews
a7c412f37c update copyrights 2014-01-11 07:07:56 +11:00
Mark Andrews
39c30670e8 change description 2014-01-10 16:57:58 +11:00
Mark Andrews
ff6de396a9 3701. [func] named-checkconf can now suppress the printing of 
shared secrets by specifying '-x'. [RT #34465]
 2014-01-10 16:56:36 +11:00
Evan Hunt
789252d55f [master] stats improvements 
3700.	[func]		Allow access to subgroups of XML statistics via
			special URLs http://<server>:<port>/xml/v3/server,
			/zones, /net, /tasks, /mem, and /status.  [RT #35115]

3699.	[bug]		Improvements to statistics channel XSL stylesheet:
			the stylesheet can now be cached by the browser;
			section headers are omitted from the stats display
			when there is no data in those sections to be
			displayed; counters are now right-justified for
			easier readability. [RT #35117]
 2014-01-09 18:46:25 -08:00
Evan Hunt
e851ea8260 [master] replace memcpy() with memmove(). 
3698.	[cleanup]	Replaced all uses of memcpy() with memmove().
			[RT #35120]
 2014-01-08 16:39:05 -08:00
Mark Andrews
d0e3216c21 3697. [bug] Handle "." as a search list element when IDN support 
is enabled. [RT #35133]
 2014-01-06 12:34:28 +11:00
Mark Andrews
e9649ece3b 3696. [bug] dig failed to handle AXFR style IXFR responses which 
span multiple messages. [RT #35137]
 2014-01-06 06:22:30 +11:00
Evan Hunt
2b258a1f5b [master] dispatch.c race 
3695.	[bug]		Address a possible race in dispatch.c. [RT #35107]
 2013-12-23 09:50:18 -08:00
Evan Hunt
3f4a0e80fa typo 2013-12-20 17:12:28 -08:00
Evan Hunt
c14ba71070 [master] warn if key-directory doesn't exist 
3694.	[bug]		Warn when a key-directory is configured for a zone,
			but does not exist or is not a directory. [RT #35109]
 2013-12-20 14:57:03 -08:00
Mark Andrews
fa467e60c5 3693. [security] memcpy was incorrectly called with overlapping 
ranges resulting in malformed names being generated
                        on some platforms.  This could cause INSIST failures
                        when serving NSEC3 signed zones.  [RT #35120]
 2013-12-20 10:58:32 +11:00
Mark Andrews
b93ef543ab 3693. [security] memcpy was incorrectly called with overlapping 
ranges resulting a malformed names being generated
                        on some platforms.  This was subsequently detected
                        resulting in INSIST failures when serving NSEC3
                        signed zones.  [RT #35120]
 2013-12-20 10:24:55 +11:00
Mark Andrews
161e803a56 3692. [bug] Two calls to dns_db_getoriginnode were fatal if there 
was no data at the node. [RT #35080]
 2013-12-17 09:08:59 +11:00
Evan Hunt
5f8d6cec48 [master] fix null deref in some DLZ modules 
3691.	[contrib]	Address null pointer dereference in LDAP and
			MySQL DLZ modules.
 2013-12-14 11:05:58 -08:00
Evan Hunt
0606c47750 [master] correct dispatch address/port check 
3690.	[bug]		Iterative responses could be missed when the source
			port for an upstream query was the same as the
			listener port (53). [RT #34925]
 2013-12-12 22:39:12 -08:00
Evan Hunt
9b895f30f1 [master] fix insecure delegation across static-stub zones 
3689.	[bug]		Fixed a bug causing an insecure delegation from one
			static-stub zone to another to fail with a broken
			trust chain. [RT #35081]
 2013-12-12 22:19:33 -08:00
Mark Andrews
e4d0018d4c 3688. [bug] loadnode could return a freed node on out of memory. 
[RT #35106]
 2013-12-12 12:49:44 +11:00
Mark Andrews
00112618bc 3687. [bug] Address null pointer dereference in zone_xfrdone. 
[RT #35042]
 2013-12-12 10:38:35 +11:00
Evan Hunt
0bbe3273a2 [master] dnssec-signzone -Q 
3686.	[func]		"dnssec-signzone -Q" drops signatures from keys
			that are still published but no longer active.
			[RT #34990]
 2013-12-11 13:25:21 -08:00
Evan Hunt
445a354e63 [master] fix 'rndc refresh' in inline-signing zones 
3685.	[bug]		"rndc refresh" didn't work correctly with slave
			zones using inline-signing. [RT #35105]
 2013-12-11 12:59:04 -08:00
Mark Andrews
7d65cbaca0 3684. [bug] The list of included files would grow on reload. 
[RT 35090]
 2013-12-07 09:44:45 +11:00
Tinderbox User
5465b124f1 update copyright notice 2013-12-04 23:46:51 +00:00
Evan Hunt
bee9a28af0 [master] clearer "not found" message for rndc commands 
3683.	[cleanup]	Add a more detailed "not found" message to rndc
			commands which specify a zone name. [RT #35059]
 2013-12-04 12:47:56 -08:00
Curtis Blackburn
8009525601 3682. [bug] Correct the behavior of rndc retransfer to allow 
inline-signing slave zones to retain NSEC3 parameters instead of
			reverting to NSEC [RT #34745]
 2013-12-04 12:26:20 -06:00
Mark Andrews
c3c8823fed 3681. [port] Update the Windows build system to support feature 
selection and WIN64 builds.  This is a work in
                        progress. [RT #34160]
 2013-12-04 12:47:23 +11:00
Evan Hunt
2c2be89824 [master] buffer could overflow in rndc zonestatus 
3680.	[bug]		Ensure buffer space is available in "rndc zonestatus".
			[RT #35084]
 2013-12-02 15:38:24 -08:00
Evan Hunt
fb507315d4 [master] dig could miss tcp connections when cleaning up 
3679.	[bug]		dig could fail to clean up TCP sockets still
			waiting on connect(). [RT #35074]
 2013-12-02 13:34:23 -08:00
Mark Andrews
ae871ebb28 3678. [port] Update config.guess and config.sub. [RT #35060] 2013-12-02 10:55:24 +11:00
Mark Andrews
49ae04f6ee 3677. [bug] 'nsupdate' leaked memory if 'realm' was used multiple 
times.  [RT #35073]
 2013-11-28 06:45:30 +11:00
Evan Hunt
d999ca28d4 [master] check hint files in named-checkconf -z 
3676.	[bug]		"named-checkconf -z" now checks zones of type
			hint and redirect as well as master. [RT #35046]
 2013-11-25 12:26:53 -08:00
Mark Andrews
fd63f3110f 3675. [misc] Provide a place for third parties to add version 
information for their extensions in the version
                        file by setting the EXTENSIONS variable.
 2013-11-22 13:26:31 +11:00
Evan Hunt
15eb0cb8e1 [master] bump release tag 2013-11-18 16:03:50 -08:00
Jeremy C. Reed
70b1afa593 fix typos or use common spelling 2013-11-18 13:14:01 -06:00
Mark Andrews
225146b2c8 3674. [bug] RPZ zeroed ttls if the query type was '*'. [RT #35026] 2013-11-18 11:22:59 +11:00
Evan Hunt
434bfc3dfa [master] "in-view" zone option 
3673.	[func]		New "in-view" zone option allows direct sharing
			of zones between views. [RT #32968]
 2013-11-13 20:35:40 -08:00
Evan Hunt
0618287859 [master] allow setting local addr in dns_client 
3672.	[func]		Local address can now be specified when using
			dns_client API. [RT #34811]
 2013-11-13 10:52:22 -08:00
Mark Andrews
6b0434299b 3671. [bug] Don't allow dnssec-importkey overwrite a existing 
non-imported private key.
 2013-11-13 12:01:09 +11:00
Mark Andrews
c41afaf716 func -> test 2013-11-13 11:14:11 +11:00
Mark Andrews
eb5e0b8dec 3670. [bug] Address read after free in server side of 
lwres_getrrsetbyname. [RT #29075]
 2013-11-12 15:00:03 +11:00