ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
16,881 Commits 589 Branches 805 Tags
e1585bf0f0aafe47637d14cec5e72ecffdbd12ba
Commit Graph

5118 Commits

Author SHA1 Message Date
Tatuya JINMEI 神明達哉
6ca6cc975f 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:33:41 +00:00
cvs2git
dc978e394a This commit was manufactured by cvs2git to create branch 'v9_7'. 2009-12-30 08:02:40 +00:00
Tatuya JINMEI 神明達哉
d8680445d6 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:02:23 +00:00
Mark Andrews
831bfda9d2 2825. [bug] Changing the setting of OPTOUT in a NSEC3 chain that 
was in the process of being created was not properly
                        recorded in the zone. [RT #20786]
 2009-12-30 03:55:03 +00:00
Mark Andrews
57fb4f7bbe 2825. [bug] Changing the setting of OPTOUT in a NSEC3 chain that 
was in the process of being created was not properly
                        recorded in the zone. [RT #20786]
 2009-12-30 02:43:09 +00:00
Mark Andrews
2b662f27f6 2824. [bug] "rndc sign" was not being run by the correct task. 
[RT #20759]
 2009-12-29 22:23:01 +00:00
Mark Andrews
5b77627c09 2824. [bug] "rndc sign" was not being run by the correct task. 
[RT #20759]
 2009-12-29 22:20:33 +00:00
Automatic Updater
8bcd348638 regen 2009-12-29 02:09:40 +00:00
Automatic Updater
d856585f5f regen 2009-12-29 01:14:03 +00:00
Evan Hunt
3bccb39bb9 2821. [doc] Add note that named-checkconf doesn't automatically 
read rndc.key and bind.keys [RT #20758]
 2009-12-28 23:21:44 +00:00
Evan Hunt
85c5ed3577 2821. [doc] Add note that named-checkconf doesn't automatically 
read rndc.key and bind.keys [RT #20758]
 2009-12-28 23:21:16 +00:00
Francis Dupont
0faf1492c7 non-readable openssl.cnf [20668] 2009-12-24 17:49:39 +00:00
Evan Hunt
b4df2f48c7 2818. [cleanup] rndc could return an incorrect error code 
when a zone was not found. [RT #20767]
 2009-12-24 00:16:08 +00:00
Evan Hunt
1361014b02 2818. [cleanup] rndc could return an incorrect error code 
when a zone was not found. [RT #20767]
 2009-12-24 00:14:20 +00:00
Evan Hunt
84c9c592f8 2817. [cleanup] Removed unnecessary isc_tasc_endexclusive() calls. 
[RT #20768]
 2009-12-24 00:00:13 +00:00
Evan Hunt
40ad4ed01b 2817. [cleanup] Removed unnecessary isc_tasc_endexclusive() calls. 
[RT #20768]
 2009-12-23 23:59:42 +00:00
Evan Hunt
5a33ab5d65 2815. [bug] Exclusively lock the task when freezing a zone. 
[RT #19838]
 2009-12-23 23:33:53 +00:00
Evan Hunt
aa3415ba49 2815. [bug] Exclusively lock the task when freezing a zone. 
[RT #19838]
 2009-12-23 23:33:09 +00:00
Evan Hunt
f766024a27 change all keys from rsasha1 to nsec3rsasha1 so that the nsec->nsec3 
transitions work correctly.  (they worked before, but weren't supposed
to; when that bug was fixed, the test broke.)
 2009-12-19 17:30:31 +00:00
Evan Hunt
929667cf18 change all keys from rsasha1 to nsec3rsasha1 so that the nsec->nsec3 
transitions work correctly.  (they worked before, but weren't supposed
to; when that bug was fixed, the test broke.)
 2009-12-19 17:30:07 +00:00
Automatic Updater
928e12ccdc update copyright notice 2009-12-18 23:49:03 +00:00
Automatic Updater
5470afd66b update copyright notice 2009-12-18 23:48:18 +00:00
Evan Hunt
4e55893d30 2813. [bug] Better handling of unreadable DNSSEC key files. 
[RT #20710]

2812.	[bug]		Make sure updates can't result in a zone with
			NSEC-only keys and NSEC3 records. [RT 20748]
 2009-12-18 22:16:49 +00:00
Evan Hunt
7290687619 2813. [bug] Better handling of unreadable DNSSEC key files. 
[RT #20710]

2812.	[bug]		Make sure updates can't result in a zone with
			NSEC-only keys and NSEC3 records. [RT 20748]
 2009-12-18 22:13:54 +00:00
Evan Hunt
0da859c5a7 2811. [cleanup] Add "rndc sign" to list of commands in rndc usage 
output. [RT #20733]
 2009-12-18 07:59:43 +00:00
Evan Hunt
8d002e0930 2811. [cleanup] Add "rndc sign" to list of commands in rndc usage 
output. [RT #20733]
 2009-12-18 07:59:09 +00:00
Evan Hunt
9de98fbbbe 2809. [cleanup] Restored accidentally-deleted text in usage output 
in dnssec-settime and dnssec-revoke [RT #20739]
 2009-12-18 07:49:42 +00:00
Evan Hunt
d1ebdb2de9 2809. [cleanup] Restored accidentally-deleted text in usage output 
in dnssec-settime and dnssec-revoke [RT #20739]
 2009-12-18 07:48:37 +00:00
Automatic Updater
42f75ef047 regen 2009-12-17 02:57:07 +00:00
Automatic Updater
90c38ab4e6 regen 2009-12-17 01:13:46 +00:00
Evan Hunt
535bc8112a s/ddns.key/session.key/ 2009-12-16 07:13:02 +00:00
Evan Hunt
c33415db62 s/ddns.key/session.key/ 2009-12-16 07:12:49 +00:00
Automatic Updater
8b82c01d74 update copyright notice 2009-12-06 23:48:29 +00:00
Evan Hunt
3cd574df2f s/journalprint/named-journalprint/ 2009-12-06 03:06:16 +00:00
Evan Hunt
0d796b1aaa improve cleanup and add named.run to .cvsignore files 2009-12-06 03:04:39 +00:00
Evan Hunt
12178c8652 2805. [bug] Fixed namespace problems encountered when building 
external programs using non-exported BIND9 libraries
			(i.e., built without --enable-exportlib). [RT #20679]
 2009-12-05 23:31:41 +00:00
Evan Hunt
d4d836350f add .cvsignore files 2009-12-05 05:36:03 +00:00
Automatic Updater
e2e4d32199 regen 2009-12-04 22:22:27 +00:00
Automatic Updater
4b6dc226f7 update copyright notice 2009-12-04 22:06:37 +00:00
Mark Andrews
71ba75c604 2803. [port] win32: Install named-journalprint, nsec3hash, arpaname 
and genrandom under windows. [RT #20670]

2802.   [cleanup]       Rename journalprint to named-journalprint. [RT #20670]
 2009-12-04 21:59:24 +00:00
Mark Andrews
3d17a3ba61 2801. [func] Detect and report records that are different according 
to DNSSEC but are sematically equal according to plain
                        DNS.  Apply plain DNS comparisons rather than DNSSEC
                        comparisons when processing UPDATE requests.
                        dnssec-signzone now removes such semantically duplicate
                        records prior to signing the RRset.

                        named-checkzone -r {ignore|warn|fail} (default warn)
                        named-compilezone -r {ignore|warn|fail} (default warn)

                        named.conf: check-dup-records {ignore|warn|fail};
 2009-12-04 21:09:34 +00:00
Evan Hunt
e438e29354 claried log message when no active private keys are found to use for 
signing. [rt20690]
 2009-12-04 20:32:07 +00:00
Mark Andrews
5d850024cb 2800. [func] Reject zones which have NS records which refer to 
CNAMEs, DNAMEs or don't have address record (class IN
                        only).  Reject UPDATEs which would cause the zone
                        to fail the above checks if committed. [RT #20678]
 2009-12-04 03:33:15 +00:00
Automatic Updater
089c63b69c regen 2009-12-04 01:13:45 +00:00
Automatic Updater
63aeaafd97 update copyright notice 2009-12-03 23:48:22 +00:00
Evan Hunt
8e4f3f1cbc 2799. [cleanup] Changed the "secure-to-insecure" option to 
"dnssec-secure-to-insecure", and "dnskey-ksk-only"
			to "dnssec-dnskey-kskonly", for clarity. [RT #20586]
 2009-12-03 23:18:17 +00:00
Mark Andrews
ecbbb29519 add copyright 2009-12-03 04:51:41 +00:00
Evan Hunt
6a4d6e3379 adapted to the special needs of solaris's really old awk 2009-12-02 17:54:45 +00:00
Evan Hunt
095810f8cb fixed autosign/metadata brokenness on solaris [rt20685] 2009-12-02 05:42:15 +00:00
Automatic Updater
ffd297db79 update copyright notice 2009-11-30 23:48:02 +00:00