ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
19,558 Commits 589 Branches 805 Tags
f4dd256ddebc5e615e004b94de3f036eda07ed67
Commit Graph

72 Commits

Author SHA1 Message Date
Tinderbox User
a3bf29d6c8 update copyright notice 2012-03-10 23:45:08 +00:00
Evan Hunt
66fb5237d3 set $Id$ 2012-03-07 08:19:59 -08:00
Evan Hunt
aea84bd0d8 remove cvsignore, add gitignore 2012-03-04 09:08:12 -08:00
Automatic Updater
b82a8a428c update copyright notice 2011-02-28 01:18:47 +00:00
Mark Andrews
21deff3df5 3040. [bug] Named failed to validate insecure zones where a node 
with a CNAME existed between the trust anchor and the
                        top of the zone. [RT #23338]
 2011-02-23 12:48:21 +00:00
Mark Andrews
3a09adda9e 3019. [func] Test: check apex NSEC3 records after adding DNSKEY 
record via UPDATE. [RT #23229]
 2011-02-15 00:16:39 +00:00
Automatic Updater
58ba1ed262 update copyright notice 2011-02-08 23:08:41 +00:00
Mark Andrews
96ad5aff12 Regression test for: 
3018.   [bug]           Named failed to check for the "none;" acl when deciding
                        if a zone may need to be re-signed. [RT #23120]
 2011-02-08 05:23:53 +00:00
Tatuya JINMEI 神明達哉
e9f69b0324 2931. [bug] Temporarily and partially disable change 2864 
because it would cause inifinite attempts of RRSIG
			queries.  This is an urgent care fix; we'll
			revisit the issue and complete the fix later.
			[RT #21710]
 2010-07-15 01:30:33 +00:00
Automatic Updater
a4d4e19af8 update copyright notice 2010-06-26 23:45:54 +00:00
Mark Andrews
bc3343cc10 2925. [bug] Named failed to accept uncachable negative responses 
from insecure zones. [RT# 21555]
 2010-06-25 23:57:04 +00:00
Automatic Updater
9feb8eda57 update copyright notice 2010-01-15 23:47:34 +00:00
Evan Hunt
cab45cd588 missed adding these files in earlier commit 2010-01-15 21:17:41 +00:00
Evan Hunt
3f39cbcc76 2838. [func] Backport support for SHA-2 DNSSEC algorithms, 
RSASHA256 and RSASHA512, from BIND 9.7.  (This
			incorporates changes 2726 and 2738 from that
			release branch.) [RT #20871]
 2010-01-15 19:38:54 +00:00
cvs2git
8371f50c6e This commit was manufactured by cvs2git to create branch 'v9_6'. 2009-10-28 00:56:22 +00:00
Mark Andrews
c6d2578fd6 2741. [func] Allow the dnssec-keygen progress messages to be 
suppressed (dnssec-keygen -q).  Automatically
                        suppress the progress messages when stdin is not
                        a tty. [RT #20474]
 2009-10-28 00:27:10 +00:00
Automatic Updater
990dca4605 update copyright notice 2009-10-27 23:47:45 +00:00
Mark Andrews
e09cdbac08 2738. [func] Add RSASHA256 and RSASHA512 tests to the dnssec system 
test. [RT #20453]
 2009-10-27 22:25:37 +00:00
Evan Hunt
fb596cc9af 2691. [func] dnssec-signzone: retain the existing NSEC or NSEC3 
chain when re-signing a previously-signed zone.
			Use -u to modify NSEC3 parameters or switch
			between NSEC and NSEC3. [RT #20304]
 2009-09-25 06:47:50 +00:00
Mark Andrews
e6be77a26c 2608. [func] Perform post signing verification checks in 
dnssec-signzone.  These can be disabled with -P.

                        The post sign verification test ensures that for each
                        algorithm in use there is at least one non revoked
                        self signed KSK key.  That all revoked KSK keys are
                        self signed.  That all records in the zone are signed
                        by the algorithm.  [RT #19653]
 2009-06-22 05:05:01 +00:00
Automatic Updater
4b24acd9f1 update copyright notice 2009-06-08 23:47:00 +00:00
Evan Hunt
4d6469ffd8 Back out dnssec-signzone fix for 9.6.1 2009-06-08 22:23:07 +00:00
Automatic Updater
39844d4710 update copyright notice 2009-06-04 02:56:47 +00:00
Automatic Updater
c441671e8f update copyright notice 2009-06-04 02:56:14 +00:00
Mark Andrews
5fa0c17a78 2608. [func] Perform post signing verification checks in 
dnssec-signzone.  These can be disabled with -P.

                        The post sign verification test ensures that for each
                        algorithm in use there is at least one non revoked
                        self signed KSK key.  That all revoked KSK keys are
                        self signed.  That all records in the zone are signed
                        by the algorithm.  [RT #19653]
 2009-06-04 02:41:54 +00:00
Mark Andrews
2534a73a59 2608. [func] Perform post signing verification checks in 
dnssec-signzone.  These can be disabled with -P.

                        The post sign verification test ensures that for each
                        algorithm in use there is at least one non revoked
                        self signed KSK key.  That all revoked KSK keys are
                        self signed.  That all records in the zone are signed
                        by the algorithm.  [RT #19653]
 2009-06-04 02:13:37 +00:00
Automatic Updater
3398334b3a update copyright notice 2008-09-25 04:02:39 +00:00
Mark Andrews
6098d364b6 2448. [func] Add NSEC3 support. [RT #15452] 2008-09-24 02:46:23 +00:00
Automatic Updater
70e5a7403f update copyright notice 2007-06-19 23:47:24 +00:00
Automatic Updater
ec5347e2c7 update copyright notice 2007-06-18 23:47:57 +00:00
Mark Andrews
d6b5e0b0e8 update copyright notice 2006-03-10 00:23:21 +00:00
Mark Andrews
cfe92110ce 2007. [func] It is now possible to explicitly enable DNSSEC 
validation.  default dnssec-validation no; to
                        be changed to yes in 9.5.0.  [RT #15674]
 2006-03-09 23:21:54 +00:00
Mark Andrews
59d84d1b07 2001. [func] Check the KSK flag when updating a secure dynamic zone. 
New zone option "update-check-ksk yes;".  [RT #15817]
 2006-03-06 01:27:52 +00:00
Mark Andrews
35da39a7f1 update copyright notice 2006-01-04 00:37:24 +00:00
Mark Andrews
2a90390dee 1945. [cleanup] dnssec-keygen: RSA (RSAMD5) is nolonger recommended. 
To generate a RSAMD5 key you must explictly request
                        RSAMD5. [RT #13780]
 2006-01-03 06:06:04 +00:00
Mark Andrews
38e8022ace 1625. [bug] named failed to load/transfer RFC2535 signed zones 
which contained CNAMES. [RT# 11237]
 2004-05-05 01:32:58 +00:00
Mark Andrews
8d414d1559 1600. [bug] Duplicate zone pre-load checks were not case 
insensitive.

1599.   [bug]           Fix memory leak on error path when checking named.conf.

1598.   [func]          Specify that certain parts of the namespace must
                        be secure (dnssec-must-be-secure).
 2004-04-15 23:40:27 +00:00
Mark Andrews
50105afc55 1589. [func] DNSSEC lookaside validation. 
enable-dnssec -> dnssec-enable
 2004-03-10 02:19:58 +00:00
Mark Andrews
dafcb997e3 update copyright notice 2004-03-05 05:14:21 +00:00
Mark Andrews
821644d49b 1574. [bug] Don't attempt to open the controls socket(s) when 
running tests. [RT #9091]
 2004-03-02 02:01:41 +00:00
Mark Andrews
89783da064 1581. [func] Disable DNSSEC support by default. To enable 
DNSSEC specify "enable-dnssec yes;" in named.conf.
 2004-02-17 03:40:23 +00:00
Mark Andrews
0b09763c35 1328. [func] DS (delegation signer) support. 2002-06-17 04:01:37 +00:00
Mark Andrews
a7038d1a05 copyrights 2002-02-20 03:35:59 +00:00
Andreas Gustafsson
473ca0bf8c Added RT #2399 regression test 2002-01-22 22:27:29 +00:00
Andreas Gustafsson
e4b5f088ca Added RT #1763 regression test 2001-09-19 21:19:52 +00:00
Brian Wellington
81b172466c *** empty log message *** 2001-09-17 17:47:20 +00:00
Andreas Gustafsson
1988fd60fa share the root.hint file among most of the system tests instead of having multiple identical copies 2001-01-11 20:44:21 +00:00
Brian Wellington
499b34cea0 copyright update 2001-01-09 22:01:04 +00:00
Andreas Gustafsson
f333ea9bdd added notify-source options 2000-11-28 19:07:00 +00:00
Brian Wellington
2c46670fb4 ignore stdout from the dnssec tools 2000-11-22 20:37:50 +00:00