ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
19,558 Commits 589 Branches 805 Tags
f4dd256ddebc5e615e004b94de3f036eda07ed67
Commit Graph

176 Commits

Author SHA1 Message Date
Tinderbox User
a3bf29d6c8 update copyright notice 2012-03-10 23:45:08 +00:00
Evan Hunt
66fb5237d3 set $Id$ 2012-03-07 08:19:59 -08:00
Evan Hunt
aea84bd0d8 remove cvsignore, add gitignore 2012-03-04 09:08:12 -08:00
Evan Hunt
c78a1d96de 3203. [bug] Increase log level to 'info' for validation failures 
from expired or not-yet-valid RRSIGs. [RT #21796]
 2011-11-04 05:33:27 +00:00
Mark Andrews
964917093b spin waiting for zone transfer to complete 2011-10-26 05:35:19 +00:00
Mark Andrews
48e7804399 3175. [bug] Fix how DNSSEC positive wildcard responses from a 
NSEC3 signed zone are validated.  Stop sending a
                        unnecessary NSEC3 record when generating such
                        responses. [RT #26200]
 2011-10-20 21:47:47 +00:00
Mark Andrews
af524126b2 3173. [port] Correctly validate root DS responses. [RT #25726] 2011-10-15 05:13:39 +00:00
Evan Hunt
62da6b0e7e 3151. [bug] Queries for type RRSIG or SIG could be handled 
incorrectly.  [RT #21050]
 2011-09-02 21:53:54 +00:00
Automatic Updater
a26c7f6b89 update copyright notice 2011-05-03 23:46:21 +00:00
Mark Andrews
805c71c811 grep was not precise enough leading to test failure 2011-05-03 16:10:06 +00:00
Automatic Updater
b82a8a428c update copyright notice 2011-02-28 01:18:47 +00:00
Mark Andrews
635f8fa82e 3041. [bug] dnssec-signzone failed to generate new signatures on 
ttl changes. [RT #23330]
 2011-02-24 03:35:39 +00:00
Mark Andrews
21deff3df5 3040. [bug] Named failed to validate insecure zones where a node 
with a CNAME existed between the trust anchor and the
                        top of the zone. [RT #23338]
 2011-02-23 12:48:21 +00:00
Automatic Updater
d04f3c269e update copyright notice 2011-02-15 23:46:15 +00:00
Mark Andrews
3a09adda9e 3019. [func] Test: check apex NSEC3 records after adding DNSKEY 
record via UPDATE. [RT #23229]
 2011-02-15 00:16:39 +00:00
Automatic Updater
58ba1ed262 update copyright notice 2011-02-08 23:08:41 +00:00
Mark Andrews
96ad5aff12 Regression test for: 
3018.   [bug]           Named failed to check for the "none;" acl when deciding
                        if a zone may need to be re-signed. [RT #23120]
 2011-02-08 05:23:53 +00:00
Evan Hunt
995d8d0bcc Added files to clean.sh scripts that have been left around after tests run. 
Skipping the ticket/review steps because the change is trivial.
 2010-12-18 02:23:31 +00:00
Automatic Updater
fff1bf76bd update copyright notice 2010-11-17 23:45:46 +00:00
Mark Andrews
981fd91347 convert to 9.6 syntax 2010-11-17 10:43:14 +00:00
Mark Andrews
c1e4f06f90 2968. [security] Named could fail to prove a data set was insecure 
before marking it as insecure.  One set of conditions
                        that can trigger this occurs naturally when rolling
                        DNSKEY algorithms.  [RT #22309]
 2010-11-16 02:23:44 +00:00
Mark Andrews
79575d8694 dnssec-keygen doesn't support -q in 9.6.x 2010-09-07 02:04:44 +00:00
Mark Andrews
5122ec7d9e 2951. [bug] named failed to generate a correct signed response 
in a optout, delegation only zone with no secure
                        delegations. [RT #22007]
 2010-09-07 01:12:24 +00:00
Automatic Updater
a5c217ded6 update copyright notice 2010-08-13 23:45:52 +00:00
Mark Andrews
3a3a245419 2940. [func] Check that named successfully skips NSEC3 records 
that fail to match the NSEC3PARAM record currently
                        in use. [RT# 21868]
 2010-08-13 07:21:39 +00:00
Evan Hunt
54b4dd1a76 2932. [cleanup] Corrected a numbering error in the "dnssec" test. 
[RT #21597]
 2010-08-09 22:35:18 +00:00
Tatuya JINMEI 神明達哉
e9f69b0324 2931. [bug] Temporarily and partially disable change 2864 
because it would cause inifinite attempts of RRSIG
			queries.  This is an urgent care fix; we'll
			revisit the issue and complete the fix later.
			[RT #21710]
 2010-07-15 01:30:33 +00:00
Mark Andrews
040a2526e7 check that we have non-cachable answers to test against 
match the dig.out.ns#.$n to the nameserver
 2010-06-28 01:38:44 +00:00
Automatic Updater
a4d4e19af8 update copyright notice 2010-06-26 23:45:54 +00:00
Mark Andrews
bc3343cc10 2925. [bug] Named failed to accept uncachable negative responses 
from insecure zones. [RT# 21555]
 2010-06-25 23:57:04 +00:00
Mark Andrews
cc8df25ebb iterations is -H 2010-06-04 00:03:12 +00:00
Mark Andrews
81d22a38f0 specify NSEC3 iterations 2010-06-03 21:45:31 +00:00
Mark Andrews
777b9cd0b7 2911. [bug] dnssec-signzone didn't handle out of zone records well. 
[RT #21367]
 2010-06-03 06:32:19 +00:00
cvs2git
8dea42c089 This commit was manufactured by cvs2git to create branch 'v9_6'. 2010-06-03 06:29:05 +00:00
Mark Andrews
10acc63770 2911. [bug] dnssec-signzone didn't handle out of zone records well. 
[RT #21367]
 2010-06-03 06:29:03 +00:00
Mark Andrews
463e599d1e 2911. [bug] dnssec-signzone didn't handle out of zone records well. 
[RT #21367]
 2010-06-03 03:38:53 +00:00
Mark Andrews
675cc80975 2911. [bug] dnssec-signzone didn't handle out of zone records well. 
[RT #21367]
 2010-06-03 03:13:32 +00:00
Automatic Updater
6bb1560124 update copyright notice 2010-01-18 23:48:40 +00:00
Evan Hunt
e11a0c114c 2841. [func] Added "smartsign" and improved "autosign" and 
"dnssec" regression tests. [RT #20865]
 2010-01-18 19:19:31 +00:00
Automatic Updater
9feb8eda57 update copyright notice 2010-01-15 23:47:34 +00:00
Evan Hunt
cab45cd588 missed adding these files in earlier commit 2010-01-15 21:17:41 +00:00
Evan Hunt
3f39cbcc76 2838. [func] Backport support for SHA-2 DNSSEC algorithms, 
RSASHA256 and RSASHA512, from BIND 9.7.  (This
			incorporates changes 2726 and 2738 from that
			release branch.) [RT #20871]
 2010-01-15 19:38:54 +00:00
Automatic Updater
ef413fafe5 update copyright notice 2009-12-30 23:47:31 +00:00
Tatuya JINMEI 神明達哉
450c3bb498 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:34:30 +00:00
Tatuya JINMEI 神明達哉
d8680445d6 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:02:23 +00:00
Evan Hunt
0d796b1aaa improve cleanup and add named.run to .cvsignore files 2009-12-06 03:04:39 +00:00
cvs2git
8371f50c6e This commit was manufactured by cvs2git to create branch 'v9_6'. 2009-10-28 00:56:22 +00:00
Mark Andrews
c6d2578fd6 2741. [func] Allow the dnssec-keygen progress messages to be 
suppressed (dnssec-keygen -q).  Automatically
                        suppress the progress messages when stdin is not
                        a tty. [RT #20474]
 2009-10-28 00:27:10 +00:00
Automatic Updater
990dca4605 update copyright notice 2009-10-27 23:47:45 +00:00
Mark Andrews
e09cdbac08 2738. [func] Add RSASHA256 and RSASHA512 tests to the dnssec system 
test. [RT #20453]
 2009-10-27 22:25:37 +00:00