ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
19,854 Commits 589 Branches 805 Tags
v9.4-ESV-R3
Commit Graph

730 Commits

Author SHA1 Message Date
Automatic Updater
17a382ffd1 update copyright notice 2010-08-17 23:45:18 +00:00
Mark Andrews
776eb07d6c update default id range to match that used (1..6) 2010-08-17 04:12:05 +00:00
Automatic Updater
6c82c34716 update copyright notice 2010-06-04 23:46:02 +00:00
Automatic Updater
bda132bcaf update copyright notice 2010-06-03 23:46:10 +00:00
Mark Andrews
1a677bc3f7 2904. [bug] When using DLV, sub-zones of the zones in the DLV, 
could be incorrectly marked as insecure instead of
                        secure leading to negative proofs failing.  This was
                        a unintended outcome from change 2890. [RT# 21392]
 2010-06-03 00:36:02 +00:00
Mark Andrews
eb12f97615 2900. [bug] The placeholder negative caching element was not 
properly constructed triggering a INSIST in
                        dns_ncache_towire(). [RT #21346]
 2010-06-03 00:21:52 +00:00
cvs2git
7d36018674 This commit was manufactured by cvs2git to create branch 'v9_4'. 2010-05-27 23:51:09 +00:00
Automatic Updater
248b9ab0b0 update copyright notice 2010-05-27 23:51:08 +00:00
Automatic Updater
051dec6fb7 update copyright notice 2010-05-26 23:50:47 +00:00
Mark Andrews
b4c6ce22d0 call sign.sh robustly 2010-05-26 07:00:37 +00:00
Mark Andrews
e27d55e3ee 2904. [bug] When using DLV, sub-zones of the zones in the DLV, 
could be incorrectly marked as insecure instead of
                        secure leading to negative proofs failing.  This was
                        a unintended outcome from change 2890. [RT# 21392]
 2010-05-26 06:28:00 +00:00
Automatic Updater
15c961a1dd update copyright notice 2010-05-19 09:33:50 +00:00
Mark Andrews
5ae2eac4c1 2902. [func] Add regression test for change 2897. [RT #21040] 2010-05-19 07:45:38 +00:00
Mark Andrews
b667946fa5 2900. [bug] The placeholder negative caching element was not 
properly constructed triggering a INSIST in
                        dns_ncache_towire(). [RT #21346]
 2010-05-19 06:39:50 +00:00
Mark Andrews
44f175a90a 2892. [bug] Handle REVOKED keys better. [RT #20961] 2010-05-14 04:38:52 +00:00
Mark Andrews
f2ae969065 handle revoke changes 2010-05-06 11:28:20 +00:00
Automatic Updater
4d42b714be update copyright notice 2010-03-04 23:50:34 +00:00
Mark Andrews
56c2c3835f 10.53.0.1 through 10.53.0.5 -> 10.53.0.1 through 10.53.0.7 2010-03-04 20:34:16 +00:00
Evan Hunt
ecde9a1cd5 smartsign fails on slow machines. delay the timing-sensitive 
dnssec-settime call as long as possible.
 2010-01-19 15:54:45 +00:00
Automatic Updater
6bb1560124 update copyright notice 2010-01-18 23:48:40 +00:00
Evan Hunt
e11a0c114c 2841. [func] Added "smartsign" and improved "autosign" and 
"dnssec" regression tests. [RT #20865]
 2010-01-18 19:19:31 +00:00
Automatic Updater
a30c7003af update copyright notice 2010-01-07 23:48:54 +00:00
Automatic Updater
8f7aff9340 update copyright notice 2010-01-07 23:46:07 +00:00
Evan Hunt
e4cb322618 2831. [security] Do not attempt to validate or cache 
out-of-bailiwick data returned with a secure
			answer; it must be re-fetched from its original
			source and validated in that context. [RT #20819]
 2010-01-07 17:49:50 +00:00
cvs2git
9300b13653 This commit was manufactured by cvs2git to create branch 'v9_4'. 2010-01-07 16:48:24 +00:00
Evan Hunt
597642c0ba 2831. [security] Do not attempt to validate or cache 
out-of-bailiwick data returned with a secure
			answer; it must be re-fetched from its original
			source and validated in that context. [RT #20819]
 2010-01-07 16:48:23 +00:00
Automatic Updater
51ae9cb9f8 update copyright notice 2009-12-30 23:46:04 +00:00
Tatuya JINMEI 神明達哉
59721b321d 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)

Additional notes specific to 9.4-ESV:
- I needed to explicitly enable dnssec-validation in "pending" system tests
  because it's disabled by default for 9.4.  This is not a problem of this
  patch - the test was broken for 9.4 when it was first introduced.  Another
  reason why we need more detailed tests.
- I modified the test case for 9.4 so that it allows pending-additional-to-answer
   promotion as 9.4 doesn't include this bug fix.
 2009-12-30 08:55:48 +00:00
cvs2git
5a435720cd This commit was manufactured by cvs2git to create branch 'v9_4'. 2009-12-30 08:02:24 +00:00
Tatuya JINMEI 神明達哉
d8680445d6 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:02:23 +00:00
Evan Hunt
f766024a27 change all keys from rsasha1 to nsec3rsasha1 so that the nsec->nsec3 
transitions work correctly.  (they worked before, but weren't supposed
to; when that bug was fixed, the test broke.)
 2009-12-19 17:30:31 +00:00
Automatic Updater
8b82c01d74 update copyright notice 2009-12-06 23:48:29 +00:00
Evan Hunt
0d796b1aaa improve cleanup and add named.run to .cvsignore files 2009-12-06 03:04:39 +00:00
Evan Hunt
12178c8652 2805. [bug] Fixed namespace problems encountered when building 
external programs using non-exported BIND9 libraries
			(i.e., built without --enable-exportlib). [RT #20679]
 2009-12-05 23:31:41 +00:00
Automatic Updater
4b6dc226f7 update copyright notice 2009-12-04 22:06:37 +00:00
Mark Andrews
5d850024cb 2800. [func] Reject zones which have NS records which refer to 
CNAMEs, DNAMEs or don't have address record (class IN
                        only).  Reject UPDATEs which would cause the zone
                        to fail the above checks if committed. [RT #20678]
 2009-12-04 03:33:15 +00:00
Mark Andrews
2fbc6a0f23 add copyright 2009-12-03 04:53:09 +00:00
Mark Andrews
ecbbb29519 add copyright 2009-12-03 04:51:41 +00:00
Evan Hunt
6a4d6e3379 adapted to the special needs of solaris's really old awk 2009-12-02 17:54:45 +00:00
Evan Hunt
095810f8cb fixed autosign/metadata brokenness on solaris [rt20685] 2009-12-02 05:42:15 +00:00
Automatic Updater
ffd297db79 update copyright notice 2009-11-30 23:48:02 +00:00
Evan Hunt
7511904837 add cvsignore files 2009-11-30 21:03:17 +00:00
Evan Hunt
75b8de8787 Create automatic tests "autosign" and "metadata". [rt19946] 2009-11-30 21:00:48 +00:00
Automatic Updater
521de9e5dd update copyright notice 2009-11-25 23:46:52 +00:00
Mark Andrews
29b3b31c0a adjust dnssec-keygen command line to that supported before 9.7 2009-11-25 20:56:08 +00:00
Mark Andrews
6e849b28b0 fix genrandom location 2009-11-25 13:38:53 +00:00
Mark Andrews
b4bd8d0662 772. [security] When validating, track whether pending data was from 
the additional section or not and only return it if
                        validates as secure. [RT #20438]
 2009-11-25 04:50:25 +00:00
cvs2git
0e3b4ffe86 This commit was manufactured by cvs2git to create branch 'v9_4'. 2009-11-18 23:48:08 +00:00
Automatic Updater
fe2b9bf570 update copyright notice 2009-11-18 23:48:07 +00:00
Mark Andrews
a39a5f4d81 2772. [security] When validating, track whether pending data was from 
the additional section or not and only return it if
                        validates as secure. [RT #20438]
 2009-11-17 23:55:18 +00:00