ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
24,128 Commits 589 Branches 805 Tags
df9a49ee07f7629ec6abd2e3bd0dee600d7e2ab4
Commit Graph

309 Commits

Author SHA1 Message Date
Tinderbox User
b7f3400f3b update copyright notice / whitespace 2016-01-28 23:45:29 +00:00
Mark Andrews
832ab79d1f 4305. [bug] dnssec-signzone was not removing unnecessary rrsigs 
from the zone's apex. [RT #41483]
 2016-01-28 15:42:34 +11:00
Evan Hunt
6b8519147a [master] NTAs did not survive reoad/reconfig 
4251.	[bug]		NTAs were deleted when the server was reconfigured
			or reloaded. [RT #41058]
 2015-11-04 10:34:28 -08:00
Witold Krecicki
f85deb5154 log expired NTA at startup 2015-06-08 13:57:24 +02:00
Tinderbox User
431e5c81db update copyright notice / whitespace 2015-05-28 23:45:24 +00:00
Mark Andrews
598b502695 4127. [protocol] CDS and CDNSKEY need to be signed by the key signing 
key as per RFC 7344, Section 4.1. [RT #37215]
 2015-05-27 15:25:45 +10:00
Tinderbox User
4e92a74ec4 update copyright notice / whitespace 2015-05-05 23:45:24 +00:00
Evan Hunt
d4ed608e0c [master] Allow some tests to run partially if Net::DNS is unavailable 2015-05-05 08:33:09 -07:00
Mark Andrews
2e0d8d74d7 handle daylight savings changes 2015-03-04 15:51:31 +11:00
Mark Andrews
2b4860c4dc rt38571: handle Time::Piece not being supported by perl 2015-02-18 23:49:33 +11:00
Tinderbox User
d481ce8bba update copyright notice / whitespace 2015-02-09 23:45:20 +00:00
Mark Andrews
dd06dbd512 add named.conf 2015-02-08 23:12:44 +11:00
Tinderbox User
29756974c5 update copyright notice / whitespace 2015-02-06 23:45:21 +00:00
Evan Hunt
29beab1340 [master] fix "initialize with revoked key" test, add missing newline 2015-02-05 23:53:36 -08:00
Mark Andrews
b1de3a999c use $PERL 2015-02-06 16:58:39 +11:00
Evan Hunt
591389c7d4 [master] 5011 tests and fixes 
4056.	[bug]		Expanded automatic testing of trust anchor
			management and fixed several small bugs including
			a memory leak and a possible loss of key state
			information. [RT #38458]

4055.	[func]		"rndc managed-keys" can be used to check status
			of trust anchors or to force keys to be refreshed,
			Also, the managed keys data file has easier-to-read
			comments.  [RT #38458]
 2015-02-05 17:18:15 -08:00
Tinderbox User
2dd6ffb5cb update copyright notice / whitespace 2015-01-12 23:45:21 +00:00
Mukund Sivaraman
a6f0e9c985 Add NTA persistence (#37087) 
4034.   [func]          When added, negative trust anchors (NTA) are now
                        saved to files (viewname.nta), in order to
                        persist across restarts of the named server.
                        [RT #37087]
 2015-01-12 09:07:48 +05:30
Mukund Sivaraman
47d837a499 Make named a singleton process [RT#37908] 
Conflicts:
	bin/tests/system/conf.sh.in
	lib/dns/win32/libdns.def.in
	lib/isc/win32/file.c

The merge also needed to update files in legacy and tcp system tests
(newly introduced in master after branch was created) to introduce use
of lockfile.
 2014-12-18 12:31:25 +05:30
Mark Andrews
a5c7cfbac4 3990. [testing] Add tests for unknown DNSSEC algorithm handling. 
[RT #37541]
 2014-10-30 11:05:26 +11:00
Evan Hunt
7cf2122e0d [master] change 3977 altered expected linecount from secroots 2014-10-18 16:50:32 -07:00
Mark Andrews
44ef2206d7 allow for the set of ttls to be empty 2014-10-16 14:46:44 +11:00
Mark Andrews
d9aaf7acce make test more robust in the face of server failures 2014-10-16 12:34:12 +11:00
Tinderbox User
be484acb22 update copyright notice 2014-09-30 23:45:22 +00:00
Mark Andrews
c83b91fb63 3960. [bug] 'dig +sigchase' could loop forever. [RT #37220] 2014-10-01 07:06:20 +10:00
Mark Andrews
4bc581ca31 use RANDFILE rather than /dev/urandom 2014-09-29 23:39:07 +10:00
Mark Andrews
80169c379d 3957. [bug] "dnssec-keygen -S" failed for ECCGOST, ECDSAP256SHA256 
and ECDSAP384SHA384. [RT #37183]
 2014-09-29 10:18:54 +10:00
Mark Andrews
fec7998314 3942. [bug] Wildcard responses from a optout range should be 
marked as insecure. [RT #37072]
 2014-09-04 13:57:50 +10:00
Evan Hunt
c3d0221104 [master] oops, nta lifetime change broke dnssec test 2014-09-03 20:51:32 -07:00
Evan Hunt
74745c760c [master] "rndc nta -r" could hang 
3930.	[bug]		"rndc nta -r" could cause a server hang if the
			NTA was not found. [RT #36909]
 2014-08-25 18:01:26 -07:00
Tinderbox User
fea81a5e0e update copyright notice 2014-08-22 23:45:27 +00:00
Mark Andrews
840d6a4614 3925. [bug] DS lookup of RFC 1918 empty zones failed. [RT #36917 2014-08-22 16:32:19 +10:00
Mark Andrews
39cad8fb7d update copyrights 2014-07-08 12:40:40 +10:00
Mark Andrews
fce704e751 rename dnssec/ns7/split-rrsig.in 2014-07-08 11:12:32 +10:00
Mark Andrews
63e1ac1e09 3890. [bug] RRSIG sets that were not loaded in a single transaction 
at start up where not being correctly added to
                        re-signing heaps.  [RT #36302]
 2014-07-07 12:05:01 +10:00
Mark Andrews
6f6b7781d5 save the output of rndc nta so that it can be analysed if there is a failure; more cleanups 2014-06-30 11:41:09 +10:00
Mark Andrews
b05ef7092f update nta failure messages 2014-06-27 11:53:39 +10:00
Mark Andrews
284f6435c2 adjust NTA test timing windows to support slower machines; self tune sleeps bases of actual elapsed time; 2014-06-26 13:37:50 +10:00
Mark Andrews
1c95f67232 use $PERL 2014-06-24 13:50:14 +10:00
Tinderbox User
5a31767b09 update copyright notice 2014-06-19 23:45:23 +00:00
Evan Hunt
b8a9632333 [master] complete NTA work 
3882.	[func]		By default, negative trust anchors will be tested
			periodically to see whether data below them can be
			validated, and if so, they will be allowed to
			expire early. The "rndc nta -force" option
			overrides this behvaior.  The default NTA lifetime
			and the recheck frequency can be configured by the
			"nta-lifetime" and "nta-recheck" options. [RT #36146]
 2014-06-18 16:50:38 -07:00
Mark Andrews
a0d411c05f 3880. [test] Update ans.pl to work with new TSIG support in 
Net::DNS; add additional Net::DNS version prerequisite
                        checks. [RT #36327]
 2014-06-17 10:35:46 +10:00
Evan Hunt
0cfb247368 [master] rndc nta 
3867.	[func]		"rndc nta" can now be used to set a temporary
			negative trust anchor, which disables DNSSEC
			validation below a specified name for a specified
			period of time (not exceeding 24 hours).  This
			can be used when validation for a domain is known
			to be failing due to a configuration error on
			the part of the domain owner rather than a
			spoofing attack. [RT #29358]
 2014-05-29 22:22:53 -07:00
Evan Hunt
60988462e5 [master] use posix-compatible shell in system tests 
3839.	[test]		Use only posix-compatible shell in system tests.
			[RT #35625]
 2014-05-06 22:06:04 -07:00
Mark Andrews
5b56f2e3cc zero pad date and month fields 2014-05-01 11:41:32 +10:00
Mark Andrews
0172c9fc2c use +nottlid 2014-04-30 15:53:37 +10:00
Evan Hunt
b4ba66ba1e [master] "dnssec-signzone -N date" 
3827.	[func]		"dnssec-signzone -N date" updates serial number
			to the current date in YYYYMMDDNN format.
			[RT #35800]
 2014-04-29 16:29:20 -07:00
Evan Hunt
2ae159b376 [master] globally rename "delve" to "delv" 
3817.	[func]		The "delve" command is now spelled "delv" to avoid
			a namespace collision with the Xapian project.
			[RT #35801]
 2014-04-23 11:14:12 -07:00
Evan Hunt
92fe6db3e4 [master] use test -r in system tests 
3806.	[test]		Improved system test portability. [RT #35625]
 2014-04-09 20:29:52 -07:00
Mark Andrews
5b60bde47b use perl 2014-04-07 21:53:47 +10:00