ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
19,770 Commits 589 Branches 805 Tags
efd3c8da8d00de9012a606bafee27f262fc4eeaf
Commit Graph

1613 Commits

Author SHA1 Message Date
Mark Andrews
f6c1e4c75f 3364. [security] Named could die on specially crafted record. 
[RT #30416]
 2012-08-24 13:43:20 +10:00
Tinderbox User
140a9bdfd4 update copyright notice 2012-08-21 23:45:38 +00:00
Mark Andrews
d319c1ce2b 3368. [bug] <dns/iptable.h> and <dns/zone.h> where not C++ safe. 2012-08-21 16:45:59 +10:00
Tinderbox User
8b79e1aed5 update copyright notice 2012-07-25 23:45:36 +00:00
ckb
540b745122 3356. [bug] Cap the TTL of signed RRsets when RRSIGs are 
approaching their expiry, so they don't remain
			in caches after expiry. [RT #26429]
 2012-07-25 17:25:13 -05:00
Tinderbox User
6686ee02c3 update copyright notice 2012-07-23 23:45:40 +00:00
Mark Andrews
4e93d4a830 3354. [func] Improve OpenSSL error logging. [RT #29932] 2012-07-23 15:10:41 +10:00
Tinderbox User
599cf7175e update copyright notice 2012-06-29 23:45:32 +00:00
Mark Andrews
c0b8f1a675 reverse bad copyright update 2012-06-29 11:43:12 +10:00
Tinderbox User
4106b0caeb update copyright notice 2012-06-29 01:21:53 +00:00
Tinderbox User
f3c44ec867 update copyright notice 2012-05-31 23:45:36 +00:00
Vernon Schryver
07d51fa5ba Squashed commit of the following: 
commit 4d29cea2ea05491a7afebc343e41d9b6ad58f068
commit 3211da9716e5ecc0bb758666db70a667ca5a944e
commit 884b6f5d5e9b1f50757c606adafabe382b90c80b
commit 53f82565f72f091a46caed754db160e4a7a2d161
Merge: 8f73664 9698f42
commit 8f73664e7bdc04f766ddcccfb5fc5f857a22326a

for rt26172

Add
  - optional "recursive-only yes|no" to the response-policy statement
  - optional max-policy-ttl to limit the lies that "recursive-only no"
      can introduce into resolvers' caches
  - test that queries with RD=0 are not rewritten by default
  - performance smoke test

Change encoding of PASSTHRU action to "rpz-passthru".
      (The old encoding is still accepted.)
Fix rt26180  assert botch in zone_findrdataset() in this branch
     as well.

Fix missing signatures on NOERROR results despite RPZ hits
    when there are signatures and the client asks for DNSSEC,
 2012-05-31 01:47:47 +00:00
Tinderbox User
b008cf0a4d update copyright notice 2012-05-17 23:45:35 +00:00
Evan Hunt
9d1aaaaf3a add ECDSA support 
3317.	[protocol]	Add ECDSA support (RFC 6605). [RT #21918]
 2012-05-17 16:09:53 -07:00
Evan Hunt
58e0170e5e Handle RRSIG signer case consistently 
3329.	[bug]	Handle RRSIG signer-name case consistently: We
		generate RRSIG records with the signer-name in
		lower case.  We accept them with any case, but if
		they fail to validate, we try again in lower case.
		[RT #27451]
 2012-05-17 11:08:49 -07:00
Tinderbox User
d6b6ca9086 update copyright notice 2012-04-12 23:45:32 +00:00
Mark Andrews
c7ae37d1aa 3307. [bug] Add missing ISC_LANG_BEGINDECLS and ISC_LANG_ENDDECLS. 
[RT #28956]
 2012-04-13 08:39:23 +10:00
Mark Andrews
efd194bdb6 3307. [bug] Add missing ISC_LANG_ENDDECLS to <dns/tsec.h>. [RT #28956] 2012-04-12 19:17:29 +10:00
Tinderbox User
5771a59496 update copyright notice 2012-04-11 23:45:30 +00:00
Mark Andrews
f0c93bef30 3306. [bug] Improve DNS64 reverse zone performance. [RT #28563] 
3305.   [func]          Add wire format lookup method to sdb. [RT #28563]
 2012-04-11 12:33:08 +10:00
Tinderbox User
1ceec0a211 update copyright notice 2012-03-10 23:45:31 +00:00
Evan Hunt
c95beeb07f set $Id$ 2012-03-07 08:19:24 -08:00
Tinderbox User
91f0609aae regen v9_8 2012-03-07 01:54:34 +00:00
Evan Hunt
3997b6bcbf add gitignore, remove cvsignore 2012-03-03 23:33:18 -08:00
Automatic Updater
755858999f update copyright notice 2012-02-22 23:46:36 +00:00
Evan Hunt
15601edb93 3286. [bug] Managed key maintenance timer could fail to start 
after 'rndc reconfig'. [RT #26786]
 2012-02-22 00:33:33 +00:00
Automatic Updater
858d47a80c update copyright notice 2012-01-27 23:46:31 +00:00
Mark Andrews
05cf79065f 3268. [bug] Convert RRSIG expiry times to 64 timestamps to work 
out the earliest expiry time. [RT #23311]
 2012-01-27 01:47:30 +00:00
Evan Hunt
731e98287f Back out change #3182 and respin 2011-12-05 16:58:08 +00:00
Evan Hunt
b2d904b4bc 3204. [bug] When a master server that has been marked as 
unreachable but sends a NOTIFY, mark it reachable
			again. [RT #25960]
 2011-11-04 05:51:39 +00:00
Evan Hunt
318246dc18 3193. [cleanup] Changed MAXZONEKEYS to DNS_MAXZONEKEYS, moved to 
dnssec.h. [RT #26415]
 2011-11-03 02:55:35 +00:00
Automatic Updater
377fb6580d update copyright notice 2011-11-01 23:46:34 +00:00
Evan Hunt
01e40583e4 3188. [bug] zone.c:zone_refreshkeys() could fail to detach 
references correctly when errors occurred, causing
			a hang on shutdown. [RT #26372]
 2011-11-01 04:00:06 +00:00
Mark Andrews
2136c92599 3186. [bug] Version/db mis-match in rpz code. [RT #26180] 2011-10-31 02:55:07 +00:00
Automatic Updater
3f5b58b3fa update copyright notice 2011-10-27 23:45:57 +00:00
Scott Mann
a48afa63d7 fix edns0 retry issues (rt #23393/24964). 2011-10-27 20:26:12 +00:00
Mark Andrews
cb05b7128f 3174. [bug] Always compute to revoked key tag from scratch. 
[RT #24711]
 2011-10-20 21:23:51 +00:00
Automatic Updater
c43b3107b6 update copyright notice 2011-10-15 23:46:14 +00:00
Mark Andrews
89769cb5a5 3170. [func] RPZ update: 
- fix precedence among competing rules
                        - improve ARM text including documenting rule precedence
                        - try to rewrite CNAME chains until first hit
                        - new "rpz" logging channel
 2011-10-14 03:51:07 +00:00
Automatic Updater
677d6d88ec update copyright notice 2011-07-08 23:47:16 +00:00
Scott Mann
5ed57781a8 9.8.1b3 2011-07-08 22:57:26 +00:00
Automatic Updater
caf476f0e2 update copyright notice 2011-06-17 23:47:12 +00:00
Evan Hunt
8c22e52db1 3129. [bug] Named could crash on 'rndc reconfig' when 
allow-new-zones was set to yes and named ACLs
			were used, [RT #22739]
 2011-06-17 07:04:32 +00:00
Evan Hunt
5d0d5c6641 3124. [bug] Use an rdataset attribute flag to indicate 
negative-cache records rather than using rrtype 0;
			this will prevent problems when that rrtype is
			used in actual DNS packets. [RT #24777]

3123.	[security]	Change #2912 exposed a latent flaw in
			dns_rdataset_totext() that could cause named to
			crash with an assertion failure. [RT #24777]
 2011-06-08 23:02:43 +00:00
Automatic Updater
d089451dca update copyright notice 2011-05-28 00:27:48 +00:00
Mark Andrews
57f287577f move dns_trust_totext from masterdump.c to rdataset.c so that exportlib will build 2011-05-27 04:40:09 +00:00
Evan Hunt
b62b7fbe9e 3114. [bug] Retain expired RRSIGs in dynamic zones if key is 
inactive and there is no replacement key. [RT #23136]
 2011-05-19 04:42:51 +00:00
Automatic Updater
75569ec3ab update copyright notice 2011-05-06 23:47:05 +00:00
Evan Hunt
46994fc008 3107. [bug] dnssec-signzone: Report the correct number of ZSKs 
when using -x. [RT #20852]
 2011-05-06 21:07:50 +00:00
Evan Hunt
2cac211c0a 3087. [bug] DDNS updates using SIG(0) with update-policy match 
type "external" could cause a crash. [RT #23735]
 2011-03-21 19:53:35 +00:00