ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
25,924 Commits 589 Branches 805 Tags
v9.12.0b2
Commit Graph

2018 Commits

Author SHA1 Message Date
Tinderbox User
a41e41d6a4 regenerate 2017-11-07 21:48:23 +00:00
Tinderbox User
0e29543a3d regen master 2017-11-07 21:42:32 +00:00
Tinderbox User
72ddd51e74 regen master 2017-11-03 01:08:09 +00:00
Evan Hunt
c3d0ccdc8f [master] update logging categories in doc 2017-11-02 12:53:33 -07:00
Tinderbox User
f305a705c4 regenerate 2017-11-02 18:59:07 +00:00
Tinderbox User
490c321e25 regen master 2017-11-02 18:58:45 +00:00
Evan Hunt
e7b53943fe [master] copyrights 2017-11-02 11:50:43 -07:00
Evan Hunt
95dce4e68c [master] clarify doc on zone refresh and expiry 2017-11-01 23:06:20 -07:00
Evan Hunt
3b5718a8c9 [master] removed references to obsolete versions in documentation 2017-11-01 22:19:11 -07:00
Tinderbox User
40298d8bee regen master 2017-11-02 01:09:26 +00:00
Tinderbox User
9b3fc207df regen master 2017-11-01 01:09:07 +00:00
Tinderbox User
4ae8f28711 regen master 2017-10-30 01:08:21 +00:00
Mark Andrews
f5e1b555c5 4801. [func] 'dnssec-lookaside auto;' and 'dnssec-lookaside . 
trust-anchor dlv.isc.org;' now elicit warnings rather
                        than being fatal configuration errors. [RT #46410]
 2017-10-30 07:40:59 +11:00
Tinderbox User
497f3f913e regen master 2017-10-28 01:12:35 +00:00
Evan Hunt
c9f8165a06 [master] tag initializing keys 
4798.	[func]		Keys specified in "managed-keys" statements
			are tagged as "initializing" until they have been
			updated by a key refresh query. If initialization
			fails it will be visible from "rndc secroots".
			[RT #46267]
 2017-10-27 15:49:44 -07:00
Evan Hunt
1d57d460d4 [master] change rndc-confgen default algorithm 
this completes change 4785. the CHANGES note has been revised:

4785.	[func]		The hmac-md5 algorithm is no longer recommended for
			use with RNDC keys.  The default in rndc-confgen
			is now hmac-sha256. [RT #42272]
 2017-10-27 10:56:43 -07:00
Evan Hunt
959d294067 [master] remove isc-hmac-fixup 
4797.	[func]		Removed "isc-hmac-fixup", as the versions of BIND that
			had the bug it worked around are long past end of
			life. [RT #46411]
 2017-10-27 09:56:11 -07:00
Brian Conry
864bc6b56e [master] Increase the maximum TCP keepalive timeout to 65535 
4796.	[bug]		Increase the maximum configurable TCP keepalive
			timeout to 65535. [RT #44710]
 2017-10-27 14:58:48 +02:00
Evan Hunt
06049b1c6c [master] stats counter for priming queries 
4795.	[func]		A new statistics counter has been added to track
			priming queries. [RT #46313]
 2017-10-26 21:38:43 -07:00
Evan Hunt
3b4f23cdbf [master] dnssec-checkds -s 
4794.	[func]		"dnssec-checkds -s" specifies a file from which
			to read a DS set rather than querying the parent.
			[RT #44667]
 2017-10-26 21:05:11 -07:00
Tinderbox User
d3e8e9bdbb regen master 2017-10-26 01:09:30 +00:00
Evan Hunt
81570e84a2 [master] fix some documentation errors [RT #45527] 2017-10-25 11:02:26 -07:00
Evan Hunt
6a59e53a69 [master] fixed libdns doc 
4791.	[doc]		Fixed outdated documentation about export libraries.
			[RT #46341]
 2017-10-25 10:55:34 -07:00
Evan Hunt
eb2ef7b53e [master] check new-zones-directory 
4789.	[cleanup]	Check writability of new-zones-directory. [RT #46308]
 2017-10-25 01:19:46 -07:00
Evan Hunt
65314b0fd8 [master] "enable-filter-aaaa" no longer optional 
4786.	[func]		The "filter-aaaa-on-v4" and "filter-aaaa-on-v6"
			options are no longer conditionally compiled.
			[RT #46340]
 2017-10-25 00:33:51 -07:00
Tinderbox User
a53e03205a regen master 2017-10-25 01:08:58 +00:00
Evan Hunt
21761bfe79 [master] deprecate HMAC in dnssec-keygen, MD5 in rndc-confgen 
4785.	[func]		The hmac-md5 algorithm is no longer recommended for
			use with RNDC keys. For compatibility reasons, it
			it is still the default algorithm in rndc-confgen,
			but this will be changed to hmac-sha256 in a future
			release. [RT #42272]

4784.	[func]		The use of dnssec-keygen to generate HMAC keys is
			deprecated in favor of tsig-keygen.  dnssec-keygen
			will print a warning when used for this purpose.
			All HMAC algorithms will be removed from
			dnssec-keygen in a future release. [RT #42272]
 2017-10-24 15:35:13 -07:00
Evan Hunt
b1042e011c [master] zone "file" option was undocumented 2017-10-23 19:39:56 -07:00
Tinderbox User
2e662cf514 regen master 2017-10-22 01:10:28 +00:00
Evan Hunt
321b8429f5 [master] doc nit: Base64 is capitalized and not hyphenated 2017-10-21 13:28:38 -07:00
Tinderbox User
0fc861dea9 regen master 2017-10-21 01:13:05 +00:00
Mark Andrews
807ad469fe use correct tag 
(cherry picked from commit 317330c25a)
 2017-10-20 19:06:28 +11:00
Tinderbox User
2115e319ba regen master 2017-10-20 01:09:53 +00:00
Mark Andrews
d8442c1a15 s/made/may/ 2017-10-20 10:29:24 +11:00
Mark Andrews
9e5439a6d8 note removal of <isc/util.h> from other header files 2017-10-20 10:25:45 +11:00
Tinderbox User
b7b8e298f6 regen master 2017-10-19 01:09:18 +00:00
Evan Hunt
d99d5249b7 [master] clarify releates notes about deprecated/ineffective options 2017-10-18 12:41:25 -07:00
Tinderbox User
208abf3fc7 regen master 2017-10-18 01:10:52 +00:00
Evan Hunt
30419509dd [master] README and relnote fixes 2017-10-17 13:47:33 -07:00
Tinderbox User
94d96121b9 regen master 2017-10-17 01:08:55 +00:00
Evan Hunt
31275c3f39 [master] fixes to release notes 
- some typos
- call out removed features in a "Removed Features" section
- mention TAT logging
 2017-10-16 17:46:12 -07:00
Evan Hunt
d63943f063 [master] fixes to release notes 
- fixed some typos
- call out feature removals in a "Removed Features" section
- TAT logging
 2017-10-16 17:45:08 -07:00
Tinderbox User
4b1eb6a502 regenerate 2017-10-12 18:28:32 +00:00
Tinderbox User
29d9488d16 regen master 2017-10-12 18:23:36 +00:00
Evan Hunt
3abcd7cd8a [master] Revert "[master] tag initializing keys so they can't be used for normal validation" 
This reverts commit 560d8b833e.

This change created a potential race between key refresh queries and
root zone priming queries which could leave the root name servers in
the bad-server cache.
 2017-10-12 10:53:35 -07:00
Tinderbox User
2bd2487f51 regenerate 2017-10-12 04:21:52 +00:00
Tinderbox User
cac4114e9d regen master 2017-10-12 04:19:20 +00:00
Evan Hunt
560d8b833e [master] tag initializing keys so they can't be used for normal validation 
4773.	[bug]		Keys specified in "managed-keys" statements
			can now only be used when validating key refresh
			queries during initialization of RFC 5011 key
			maintenance. If initialization fails, DNSSEC
			validation of normal queries will also fail.
			Previously, validation of normal queries could
			succeed using the initializing key, potentially
			masking problems with managed-keys. [RT #46077]
 2017-10-11 21:01:13 -07:00
Tinderbox User
77c7d1c555 regen master 2017-10-12 01:08:20 +00:00
Evan Hunt
16d6fab2e5 [master] make writable directory and managed-keys directory mandatory 
4769.   [bug]           The working directory and managed-keys directory has
                        to be writeable (and seekable). [RT #46077]
 2017-10-11 08:21:23 +02:00