ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
19,558 Commits 589 Branches 805 Tags
f4dd256ddebc5e615e004b94de3f036eda07ed67
Commit Graph

5635 Commits

Author SHA1 Message Date
Francis Dupont
775a8d86d9 keygen progress indication [RT #20284] 2009-10-24 09:46:19 +00:00
Mark Andrews
c07236a635 2729. [func] When constructing a CNAME from a DNAME use the DNAME 
TTL. [RT #20451]
 2009-10-24 04:38:19 +00:00
Evan Hunt
8f0502e922 2728. [bug] dnssec-keygen, dnssec-keyfromlabel and 
dnssec-signzone now warn immediately if asked to
			write into a nonexistent directory. [RT #20278]
 2009-10-24 00:00:06 +00:00
Automatic Updater
8e821eea5f regen 2009-10-23 01:14:48 +00:00
Automatic Updater
510032fdf4 update copyright notice 2009-10-22 23:48:07 +00:00
Evan Hunt
f10a8fa034 2727. [func] The 'key-directory' option can now specify a relative 
path. [RT #20154]
 2009-10-22 03:43:16 +00:00
Evan Hunt
cc6cddfd94 2726. [func] Added support for SHA-2 DNSSEC algorithms, 
RSASHA256 and RSASHA512. [RT #20023]
 2009-10-22 02:21:31 +00:00
Mark Andrews
d2a8d00228 2724. [bug] Updates to a existing node in secure zone using NSEC 
were failing. [RT #20448]
 2009-10-22 01:55:55 +00:00
Mark Andrews
ab23f14a30 silence compiler warnings. [RT #20412] 2009-10-20 03:31:06 +00:00
Mark Andrews
859cfb24bf silence compiler warnings. [RT #20412] 2009-10-20 03:30:07 +00:00
Mark Andrews
06e7340198 2719. [func] Skip trusted/managed keys for unsupported algorithms. 
[RT #20392]
 2009-10-20 03:15:06 +00:00
Mark Andrews
e5ad562a79 2716. [bug] nslookup debug mode didn't return the ttl. [RT #20414] 2009-10-20 01:11:22 +00:00
Mark Andrews
4b30598fb9 2716. [bug] nslookup debug mode didn't return the ttl. [RT #20414] 2009-10-20 01:04:03 +00:00
Automatic Updater
5a24d24c8f regen 2009-10-17 01:14:35 +00:00
Jeremy Reed
eec29cfd40 Fix typo as reported by SUN Guonian <sun@cnnic.cn>. 
This was seen in 9.7.0a3.
No CHANGES entry as is too minor.
 2009-10-16 15:37:01 +00:00
Automatic Updater
d060d8669f regen 2009-10-16 04:20:49 +00:00
Evan Hunt
8f7de3db7e Respinning to fix memory leak in dnssec-signzone. (Also adopting doc changes.) 2009-10-16 02:59:41 +00:00
Mark Andrews
1ed01b3390 silence compiler warning 2009-10-14 22:07:13 +00:00
Automatic Updater
ef9ee92543 update copyright notice 2009-10-13 23:48:12 +00:00
Evan Hunt
5c0fd37335 changes needed for win32 build 2009-10-13 02:39:38 +00:00
Evan Hunt
19ac4707ee changes needed for win32 build 2009-10-13 00:55:51 +00:00
Automatic Updater
97639003b0 update copyright notice 2009-10-12 23:48:02 +00:00
Automatic Updater
3b2c6af63e regen 2009-10-12 23:16:15 +00:00
Evan Hunt
c00929ed9f additional doc improvement 2009-10-12 23:02:32 +00:00
Evan Hunt
77b8f88f14 2712. [func] New 'auto-dnssec' zone option allows zone signing 
to be fully automated in zones configured for
			dynamic DNS.  'auto-dnssec allow;' permits a zone
			to be signed by creating keys for it in the
			key-directory and using 'rndc sign <zone>'.
			'auto-dnssec maintain;' allows that too, plus it
			also keeps the zone's DNSSEC keys up to date
			according to their timing metadata. [RT #19943]
 2009-10-12 20:48:12 +00:00
Automatic Updater
8de0d8a690 regen 2009-10-11 01:14:49 +00:00
Automatic Updater
8667770ad2 update copyright notice 2009-10-10 23:47:58 +00:00
Evan Hunt
3727725bb7 2710. [func] New 'dnssec-signzone -x' flag and 'dnskey-ksk-only' 
zone option cause a zone to be signed with only KSKs
			signing the DNSKEY RRset, not ZSKs.  This reduces
			the size of a DNSKEY answer.  [RT #20340]
 2009-10-10 01:48:00 +00:00
Evan Hunt
315a1514a5 2709. [func] Added some data fields, currently unused, to the 
private key file format, to allow implementation
			of explicit key rollover in a future release
			without impairing backward or forward compatibility.
			[RT #20310]
 2009-10-09 06:09:21 +00:00
Automatic Updater
b05106c7e6 regen 2009-10-09 01:14:47 +00:00
Automatic Updater
15bbb8a129 update copyright notice 2009-10-08 23:48:10 +00:00
Mark Andrews
2847930722 2708. [func] Insecure to secure and NSEC3 parameter changes via 
update are now fully supported and no longer require
                        defines to enable.  We now no longer overload the
                        NSEC3PARAM flag field, nor the NSEC OPT bit at the
                        apex.  Secure to insecure changes are controlled by
                        by the named.conf option 'secure-to-insecure'.

                        Warning: If you had previously enabled support by
                        adding defines at compile time to BIND 9.6 you should
                        ensure that all changes that are in progress have
                        completed prior to upgrading to BIND 9.7.  BIND 9.7
                        is not backwards compatible.
 2009-10-08 23:13:07 +00:00
Automatic Updater
2a6d4c9948 regen 2009-10-07 01:14:42 +00:00
Automatic Updater
587355bb62 update copyright notice 2009-10-06 23:47:22 +00:00
Evan Hunt
22b23fb59d tbox wants an #include <isc/print.h>... 2009-10-06 23:22:51 +00:00
Evan Hunt
d1f39121a6 2707. [func] dnssec-keyfromlabel no longer require engine name 
to be specified in the label if there is a default
			engine or the -E option has been used.  Also, it
			now uses default algorithms as dnssec-keygen does
			(i.e., RSASHA1, or NSEC3RSASHA1 if -3 is used).
			[RT #20371]
 2009-10-06 22:58:45 +00:00
Evan Hunt
ca60f7ba75 Add pkcs11 tools to standard windows BIND 9 build. 2009-10-06 22:14:13 +00:00
Evan Hunt
246c504f90 2706. [bug] Loading a zone with a very large NSEC3 salt could 
trigger an assert. [RT #20368]
 2009-10-06 21:20:45 +00:00
Evan Hunt
a9775fe88d 2706. [bug] Loading a zone with a very large NSEC3 salt could 
trigger an assert. [RT #20368]
 2009-10-06 21:20:18 +00:00
Evan Hunt
95b41985f7 - build pkcs11 tools when compiling --with-pkcs11=yes 
- add PKCS11_PROVIDER environment variable as a method for specifying
  the provider.
 2009-10-06 20:27:55 +00:00
Automatic Updater
e74245134d update copyright notice 2009-10-06 04:40:14 +00:00
Automatic Updater
8ec3c08523 regen 2009-10-06 01:14:42 +00:00
Automatic Updater
b91b3c4f09 update copyright notice 2009-10-05 23:47:50 +00:00
Evan Hunt
c459aec591 2705. [bug] Reconcile the XML stats version number with a later 
BIND9 release, by adding a "name" attribute to
                        "cache" elements and increasing the version number
                        to 2.2.  (This is a minor version change, but may
                        affect XML parsers if they assume the cache element
                        doesn't take an attribute.)

2704.	[bug]		Serial of dynamic and stub zones could be inconsistent
			with their SOA serial.  [RT #19387]
 2009-10-05 21:57:00 +00:00
Evan Hunt
3ff75c89eb 2704. [bug] Serial of dynamic and stub zones could be inconsistent 
with their SOA serial.  [RT #19387]
 2009-10-05 19:39:20 +00:00
Francis Dupont
8b78c993cb explicit engine rt20230a 2009-10-05 17:30:49 +00:00
Francis Dupont
e853728477 update OpenSSL PKCS#11 patch (rt19910) 2009-10-05 13:20:06 +00:00
Francis Dupont
d220cab39d pkcs11 rt20229 2009-10-05 13:02:31 +00:00
Francis Dupont
247806c820 regen 2009-10-05 12:25:29 +00:00
Francis Dupont
f89a9bcf1c pkcs11 rt20236 2009-10-05 12:23:11 +00:00