ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
23,745 Commits 589 Branches 805 Tags
dfa27e44f4cfd8d0de4e76ec2ed92d1cd39bc3d7
Commit Graph

798 Commits

Author SHA1 Message Date
Evan Hunt
c66805df00 [v9_10] disallow delzone on policiy zones 
4311.	[bug]		Prevent "rndc delzone" from being used on
			response-policy zones. [RT #41593]
 2016-02-01 09:49:18 -08:00
Tinderbox User
752c7096b3 update copyright notice / whitespace 2016-01-25 23:45:53 +00:00
Mark Andrews
4eb865b8e0 use 0 not ISC_FALSE for dns_name_fromtext 2016-01-25 16:57:13 +11:00
Mark Andrews
401567a6a9 check ptr is not NULL 
(cherry picked from commit 946e2cd351)
 2015-11-11 22:34:33 +11:00
Evan Hunt
d1ce32ad70 [v9_10] allow spaces in rndc arguments 
4256.	[bug]		Allow rndc command arguments to be quoted so as
			to allow spaces. [RT #36665]

(cherry picked from commit b513918481)
 2015-11-05 21:11:17 -08:00
Mark Andrews
5c86b9d97e 4213. [bug] Don't reuse a cache across multiple classes. 
[RT #40205]

(cherry picked from commit dd1bcab25c)
 2015-09-17 14:52:15 +10:00
Tinderbox User
a704920204 update copyright notice / whitespace 2015-07-09 23:45:51 +00:00
Evan Hunt
83d0b1ab69 [v9_10] DDoS mitigation features 
3938.	[func]		Added quotas to be used in recursive resolvers
			that are under high query load for names in zones
			whose authoritative servers are nonresponsive or
			are experiencing a denial of service attack.

			- "fetches-per-server" limits the number of
			  simultaneous queries that can be sent to any
			  single authoritative server.  The configured
			  value is a starting point; it is automatically
			  adjusted downward if the server is partially or
			  completely non-responsive. The algorithm used to
			  adjust the quota can be configured via the
			  "fetch-quota-params" option.
			- "fetches-per-zone" limits the number of
			  simultaneous queries that can be sent for names
			  within a single domain.  (Note: Unlike
			  "fetches-per-server", this value is not
			  self-tuning.)
			- New stats counters have been added to count
			  queries spilled due to these quotas.

			These options are not available by default;
			use "configure --enable-fetchlimit" (or
			--enable-developer) to include them in the build.

			See the ARM for details of these options. [RT #37125]
 2015-07-08 22:55:31 -07:00
Mukund Sivaraman
17bb17af46 Print unsigned values for serial, etc. in rndc zonestatus output (#39854) 
(cherry picked from commit b4e114e3cd)

Conflicts:
	CHANGES
	bin/named/server.c
 2015-06-23 14:09:47 +05:30
Witold Krecicki
e71cc07e40 rndc reconfig reports configuration errors the same way rndc reload does [RT #39635] 2015-06-12 11:08:21 +02:00
Evan Hunt
34d5a93026 [v9_10] rpz_ver check was ineffective 2015-06-09 15:06:00 -07:00
Evan Hunt
04defaf799 [v9_10] address a possible policy update race 
4120.	[bug]		A bug in RPZ could cause the server to crash if
			policy zones were updated while recursion was
			pending for RPZ processing of an active query.
			[RT #39415]

(cherry picked from commit 7e6cf6fc6e)
 2015-05-19 15:56:40 -07:00
Mark Andrews
617a2024bd 4117. [protocol] Add EMPTY.AS112.ARPA as per RFC 7534. 
(cherry picked from commit 8f20f6c9d7)
 2015-05-15 08:23:20 +10:00
Evan Hunt
e6e24d37ea [v9_10] fix root-delegation-only without exclude 
4112.	[bug]		Named failed to load when "root-delegation-only"
			was used without a list of domains to exclude.
			[RT #39380]
 2015-05-04 12:45:33 -07:00
Mark Andrews
3dbd0b7da5 4092. [bug] 'in-view' didn't work for zones beneath a empty zone. 
[RT #39173]

(cherry picked from commit febb020dce)
 2015-04-07 13:22:20 +10:00
Mark Andrews
a55c3151b2 4081. [cleanup] Use dns_rdatalist_init consistently. [RT #38759] 
(cherry picked from commit 29d52c001f)
 2015-03-03 16:49:37 +11:00
Mark Andrews
b7d7ce54e7 4076. [bug] Named could crash on shutdown with outstanding 
reload / reconfig events. [RT #38622]

(cherry picked from commit bb5df338d9)
 2015-02-27 12:35:23 +11:00
Evan Hunt
8262b7708d [v9_10] version cleanup 
4073.	[cleanup]	Add libjson-c version number reporting to
			"named -V"; normalize version number formatting.
			[RT #38056]
 2015-02-26 12:16:15 -08:00
Evan Hunt
eb36da19e7 [v9_10] address valgrind warnings 
4059.	[bug]		Addressed valgrind warnings. [RT #38549]
 2015-02-10 14:03:27 -08:00
Evan Hunt
1ef4faabd5 [v9_10] clean up gcc -Wshadow warnings 
4039.	[cleanup]	Cleaned up warnings from gcc -Wshadow. [RT #37381]
 2015-01-20 13:43:35 -08:00
Mukund Sivaraman
1721fb782c Close FILEs before overwriting NZF file (#38332) 
Based on a patch sent in by Tony Finch <dot@dotat.at>.
 2015-01-16 15:37:09 +05:30
Mark Andrews
41460026bc 4032. [bug] Built-in "empty" zones did not correctly inherit the 
"allow-transfer" ACL from the options or view.
                        [RT #38310]

(cherry picked from commit 7952156995)
 2015-01-10 22:03:57 +11:00
Tinderbox User
167beb6aa5 update copyright notice / whitespace 2015-01-08 23:45:50 +00:00
Mark Andrews
b1e4b4c0c8 4031. [bug] named-checkconf -z failed to report a missing file 
with a hint zone. [RT #38294]

(cherry picked from commit d1f1f13c7f)
 2015-01-08 19:20:04 +11:00
Mark Andrews
a06d773309 unchecked putnull 2014-11-25 15:24:38 +11:00
Evan Hunt
b3aa528d7e [v9_10] add max-recursion-queries 
also fixes and documentation for max-recursion-depth

(cherry picked from commit c4f54e5bd1)
 2014-11-18 22:13:13 -08:00
Evan Hunt
6fd51d5088 [v9_10] limit recursion depth and iterative queries 
4006.	[security]	A flaw in delegation handling could be exploited
			to put named into an infinite loop.  This has
			been addressed by placing limits on the number
			of levels of recursion named will allow (default 7),
			and the number of iterative queries that it will
			send (default 50) before terminating a recursive
			query (CVE-2014-8500).

			The recursion depth limit is configured via the
			"max-recursion-depth" option.  [RT #35780]
 2014-11-17 23:48:20 -08:00
Mark Andrews
45174975bc check returns from putstr and putnull 
(cherry picked from commit 18fa89b01e)
 2014-11-18 13:00:55 +11:00
Evan Hunt
5ffe6452e1 [v9_10] s/memcpy/memmove/ 2014-11-06 13:02:40 -08:00
Mark Andrews
b7103cc603 3968. [bug] Silence spurious log messages when using 'named -[46]'. 
[RT #37308]

(cherry picked from commit 6979ebf549)
 2014-10-03 08:06:25 +10:00
Mark Andrews
9fe54596cc 3966. [bug] Missing dns_db_closeversion call in receive_secure_db. 
[RT #35746]

(cherry picked from commit 9c0589bc8b)
 2014-10-03 07:51:45 +10:00
Mark Andrews
5859a1e047 3931. [cleanup] Cleanup how dlz grammer is defined. [RT #36879] 
(cherry picked from commit 1164997311)
 2014-08-26 15:02:13 +10:00
Evan Hunt
cc908c1912 [v9_10] silence coverity 
(cherry picked from commit e7bc3d7d0815f795aef734ff6fe38cbf6d1ae4bf)
 2014-08-22 18:18:37 -07:00
Mark Andrews
32935449c8 3924. [bug] Improve 'rndc addzone' error reporting. RT #35187 
(cherry picked from commit d4859b0b2a)
 2014-08-22 16:19:07 +10:00
Mark Andrews
5f0d37cc28 3915 [bug] Address a assertion if a route event arrived while 
shutting down. [RT #36887]
 2014-08-18 13:16:28 +10:00
Mark Andrews
140ebff1cf 3908. [bug] rndc now differentiates between a zone in multiple 
views and a zone that doesn't exist at all. [RT #36691]

(cherry picked from commit c38341ec43)
 2014-08-02 14:43:57 +10:00
Mark Andrews
b6bcb386dc 3866. [bug] Named could die on disk full in generate_session_key. 
[RT #36119]

(cherry picked from commit fa6308bd57)
 2014-05-30 14:39:05 +10:00
Mark Andrews
0fe09c71ab 3849. [bug] Disabling forwarding could trigger a REQUIRE assertion. 
[RT #35979]

(cherry picked from commit 01f881c1c5)
 2014-05-15 16:55:55 +10:00
Evan Hunt
00e9952c41 [v9_10] log static-stub correctly when removing 
3822.	[bug]		Log the correct type of static-stub zones when
			removing them. [RT #35842]

(cherry picked from commit eb1a7730f0)
 2014-04-26 10:19:20 -07:00
Mark Andrews
0dfd942409 3798. [bug] 'rndc zonestatus' was reporting the wrong re-signing 
time. [RT #35659]
 2014-04-04 11:33:49 +11:00
Evan Hunt
a7742a8885 [master] silence win64 build warning 2014-03-13 13:30:26 -07:00
Evan Hunt
89740699cd [master] fixed 'fixed' 
3784.	[bug]		Using "rrset-order fixed" when it had not been
			enabled at compile time caused inconsistent
			results. It now works as documented, defaulting
			to cyclic mode. [RT #28104]
 2014-03-12 08:45:44 -07:00
Mark Andrews
ca7aeeab71 make constant unsigned 2014-03-12 14:04:29 +11:00
Mark Andrews
f5375b1b8e check isc_hex_totext result 2014-03-12 12:58:09 +11:00
Evan Hunt
62258ada48 [master] auto-generate salt 
3781.	[func]		Specifying "auto" as the salt when using
			"rndc signing -nsec3param" causes named to
			generate a 64-bit salt at random. [RT #35322]
 2014-03-11 08:46:58 -07:00
Evan Hunt
78f79084fc [master] warn when wrong address family used in listen-on/-v6 
3778.	[bug]		Log a warning when the wrong address family is
			used in "listen-on" or "listen-on-v6". [RT #17848]
 2014-03-07 11:31:51 -08:00
Evan Hunt
262fea6637 [master] fix log level for built in keys 
3771.	[cleanup]	Adjusted log level for "using built-in key"
			messages. [RT #24383]
 2014-03-01 15:51:21 -08:00
Mark Andrews
ed70f92dd0 use ISC_PLATFORM_USESIT 2014-02-24 09:54:04 +11:00
Francis Dupont
35bcef6631 fixed ENABLE_LTR typos 2014-02-23 09:37:32 +01:00
Evan Hunt
6a3fa181d1 [master] add "--with-tuning=large" option 
3745.	[func]		"configure --with-tuning=large" adjusts various
			compiled-in constants and default settings to
			values suited to large servers with abundant
			memory. [RT #29538]
 2014-02-18 22:36:14 -08:00