ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
22,866 Commits 589 Branches 805 Tags
f274cbeaed0e4c5fdbde9f5c30833d7f1da37cd3
Commit Graph

2729 Commits

Author SHA1 Message Date
Mark Andrews
00fb0253c9 3991. [func] Add the ability to buffer logging output by specifying 
"buffered yes;" when defining a channel. [RT #26561]
 2014-10-30 11:37:05 +11:00
Mark Andrews
a5c7cfbac4 3990. [testing] Add tests for unknown DNSSEC algorithm handling. 
[RT #37541]
 2014-10-30 11:05:26 +11:00
Tinderbox User
6932de75ef update copyright notice 2014-10-21 23:45:24 +00:00
Mark Andrews
4140a96f22 3987. [func] Allow the zone serial of a dynamically updatable 
zone to be updated via rndc. [RT #37404]
 2014-10-21 18:15:42 +11:00
Evan Hunt
498b061031 [master] allow 1-week nta-lifetime/nta-recheck 
3983.	[bug]		Change #3940 was incomplete: negative trust anchors
			could be set to last up to a week, but the
			"nta-lifetime" and "nta-recheck" options were
			still limted to one day. [RT #37522]
 2014-10-20 13:40:17 -07:00
Evan Hunt
7cf2122e0d [master] change 3977 altered expected linecount from secroots 2014-10-18 16:50:32 -07:00
Mark Andrews
72775a79fe 3981. [bug] Cache DS/NXDOMAIN independently of other query types. 
[RT #37467]
 2014-10-18 13:09:09 +11:00
Mark Andrews
44ef2206d7 allow for the set of ttls to be empty 2014-10-16 14:46:44 +11:00
Mark Andrews
d9aaf7acce make test more robust in the face of server failures 2014-10-16 12:34:12 +11:00
Evan Hunt
1cbc394e7c [master] add redirect zone to checkconf -z test 2014-10-09 18:30:34 -07:00
Evan Hunt
ca0ee90361 [master] turn off servfail cache in masterformat test 2014-10-09 09:30:46 -07:00
Mark Andrews
c81d56c03e 3971. [bug] Reduce the cascasding failures due to a bad $TTL line 
in named-checkconf / named-checkzone. [RT #37138]
 2014-10-05 08:29:34 +11:00
Mark Andrews
39fb5f2a5d verifying inline zones work with views requires crypto to be configured 2014-10-04 18:06:04 +10:00
Evan Hunt
12002ea49e [master] add delv system test 
3969.	[test]		Added 'delv' system test. [RT #36901]
 2014-10-02 22:37:20 -07:00
Tinderbox User
7a3f584cfc update copyright notice 2014-10-02 23:45:25 +00:00
Mark Andrews
b24061719c 3967. [test] Add test for inlined signed zone in multiple views 
with different DNSKEY sets. [RT #35759]
 2014-10-03 07:59:44 +10:00
Mark Andrews
a837c939c4 SIG(0) update forwarding testing requires crypto be configured 2014-10-02 11:07:01 +10:00
Mark Andrews
ed1c845c1d 3964. [func] nsupdate now performs check-names processing. 
[RT #36266]
 2014-10-02 09:35:43 +10:00
Evan Hunt
7b04216015 [master] improve dlzexternal test 
3963.	[test]		Added NXRRSET test cases to the "dlzexternal"
			system test. [RT #37344]
 2014-09-30 17:08:12 -07:00
Tinderbox User
be484acb22 update copyright notice 2014-09-30 23:45:22 +00:00
Mark Andrews
ffeaac1d82 3961. [bug] Forwarding of SIG(0) signed UPDATE messages failed with 
BADSIG.  [RT #37216]
 2014-10-01 07:24:16 +10:00
Mark Andrews
c83b91fb63 3960. [bug] 'dig +sigchase' could loop forever. [RT #37220] 2014-10-01 07:06:20 +10:00
Tinderbox User
2fb35a6d59 update copyright notice 2014-09-29 23:45:24 +00:00
Mark Andrews
4bc581ca31 use RANDFILE rather than /dev/urandom 2014-09-29 23:39:07 +10:00
Mark Andrews
1c5990c2f9 3958. [bug] Detect when writeable files have multiple references 
in named.conf. [RT #37172]
 2014-09-29 12:10:10 +10:00
Mark Andrews
80169c379d 3957. [bug] "dnssec-keygen -S" failed for ECCGOST, ECDSAP256SHA256 
and ECDSAP384SHA384. [RT #37183]
 2014-09-29 10:18:54 +10:00
Mark Andrews
10c12aa549 3956. [func] Notify messages are now rate limited by notify-rate and 
startup-notify-rate instead of serial-query-rate.
                        [RT #24454]

3955.   [bug]           Notify messages due to changes are no longer queued
                        behind startup notify messages. [RT #24454]
 2014-09-29 10:01:08 +10:00
Mark Andrews
9a36fb86f5 3953. [bug] Don't escape semi-colon in TXT fields. [RT #37159] 2014-09-27 12:14:20 +10:00
Mark Andrews
27cd03a21c use more portable awk 2014-09-19 15:00:18 +10:00
Mark Andrews
06e28e50bd give the nameserver a little longer to response 2014-09-18 10:06:48 +10:00
Mark Andrews
1a5f84d56a UNTESTED -> SKIPPED 2014-09-16 23:49:52 +10:00
Mark Andrews
3867312e4c 3951. [func] Add the ability to set yet-to-be-defined EDNS flags 
to dig (+ednsflags=#). [RT #37142]
 2014-09-13 19:13:59 +10:00
Tinderbox User
2c69f767d6 update copyright notice 2014-09-10 23:45:21 +00:00
Mark Andrews
947cf282a7 3949. [experimental] Experimental support for draft-andrews-edns1 by sending 
EDNS(1) queries (define DRAFT_ANDREWS_EDNS1 when
                        building).  Add support for limiting the EDNS version
                        advertised to servers: server { edns-version 0; };
                        Log the EDNS version received in the query log.
                        [RT #35864]
 2014-09-10 15:31:40 +10:00
Mark Andrews
5c420ccc29 drop 'I:send many simultaneous updates via a update forwarder' test until re-written using perl 2014-09-07 22:08:45 +10:00
Mark Andrews
76a17033db also fix the expected count 2014-09-07 20:24:59 +10:00
Mark Andrews
48179343c2 reduce number of nsupdates being simultaeously forked 2014-09-07 20:24:14 +10:00
Mark Andrews
8aa098c633 update copyrights 2014-09-06 09:38:48 +10:00
Evan Hunt
c9e976dc43 [master] [rt37057] server-id tests 
3944.	[test]		Added a regression test for "server-id". [RT #37057]
 2014-09-04 18:18:36 -07:00
Tinderbox User
948c80ffa8 update copyright notice 2014-09-04 23:45:24 +00:00
Evan Hunt
a878301981 [master] servfail cache 
3943.	[func]		SERVFAIL responses can now be cached for a
			limited time (configured by "servfail-ttl",
			default 10 seconds, limit 30). This can reduce
			the frequency of retries when an authoritative
			server is known to be failing, e.g., due to
			ongoing DNSSEC validation problems. [RT #21347]
 2014-09-03 23:28:14 -07:00
Mark Andrews
fec7998314 3942. [bug] Wildcard responses from a optout range should be 
marked as insecure. [RT #37072]
 2014-09-04 13:57:50 +10:00
Evan Hunt
c3d0221104 [master] oops, nta lifetime change broke dnssec test 2014-09-03 20:51:32 -07:00
Evan Hunt
3d066288ad [master] [rt37069] update NTA limit to a week 
3940.	[func]		"rndc nta" now allows negative trust anchors to be
			set for up to one week. [RT #37069]
 2014-09-03 19:00:03 -07:00
Mark Andrews
74717eef53 3939. [func] Improve UPDATE forwarding performance by allowing TCP 
connections to be shared. [RT #37039]
 2014-09-04 10:37:45 +10:00
Mark Andrews
1a63fb1d14 update copyrights 2014-08-30 12:27:49 +10:00
Tinderbox User
3278ff814d update copyright notice 2014-08-29 23:45:22 +00:00
Evan Hunt
d46855caed [master] ECS authoritative support 
3936.	[func]		Added authoritative support for the EDNS Client
			Subnet (ECS) option.

			ACLs can now include "ecs" elements which specify
			an address or network prefix; if an ECS option is
			included in a DNS query, then the address encoded
			in the option will be matched against "ecs" ACL
			elements.

			Also, if an ECS address is included in a query,
			then it will be used instead of the client source
			address when matching "geoip" ACL elements.  This
			behavior can be overridden with "geoip-use-ecs no;".

			When "ecs" or "geoip" ACL elements are used to
			select a view for a query, the response will include
			an ECS option to indicate which client network the
			answer is valid for.

			(Thanks to Vincent Bernat.) [RT #36781]
 2014-08-28 22:05:57 -07:00
Evan Hunt
180319f572 [master] fix geoip asnum matching 
3935.	[bug]		"geoip asnum" ACL elements would not match unless
			the full organization name was specified.  They
			can now match against the AS number alone (e.g.,
			AS1234). [RT #36945]
 2014-08-28 21:40:32 -07:00
Mark Andrews
7c73ac5e13 3934. [bug] Catch bad 'sit-secret' in named-checkconf. Improve 
sit-secrets documentation. [RT #36980]
 2014-08-29 14:35:21 +10:00