ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
19,571 Commits 589 Branches 805 Tags
v9.6-ESV-R7
Commit Graph

1490 Commits

Author SHA1 Message Date
Mark Andrews
fbc355b20c 3307. [bug] Add missing ISC_LANG_BEGINDECLS and ISC_LANG_ENDDECLS. 
[RT #28956]
 2012-04-13 08:46:00 +10:00
Tinderbox User
a3bf29d6c8 update copyright notice 2012-03-10 23:45:08 +00:00
Tinderbox User
d5c5ac0dbb regen v9_6 2012-03-07 01:45:20 +00:00
Evan Hunt
aea84bd0d8 remove cvsignore, add gitignore 2012-03-04 09:08:12 -08:00
Automatic Updater
83255fe881 update copyright notice 2012-01-27 23:45:34 +00:00
Mark Andrews
579f9be3f9 const origin 2012-01-27 12:39:33 +00:00
Mark Andrews
595f2934dc 3268. [bug] Convert RRSIG expiry times to 64 timestamps to work 
out the earliest expiry time. [RT #23311]
 2012-01-27 01:50:09 +00:00
Evan Hunt
e358b9159a 3204. [bug] When a master server that has been marked as 
unreachable but sends a NOTIFY, mark it reachable
			again. [RT #25960]
 2011-11-04 05:52:58 +00:00
Automatic Updater
4d5624b0b4 update copyright notice 2011-11-03 23:45:18 +00:00
Evan Hunt
c1b96d5375 3193. [cleanup] Changed MAXZONEKEYS to DNS_MAXZONEKEYS, moved to 
dnssec.h. [RT #26415]
 2011-11-03 02:58:57 +00:00
Automatic Updater
288d660942 update copyright notice 2011-09-08 23:45:16 +00:00
Evan Hunt
125383b7e3 3149. [tuning] Improve scalability by allocating one zone 
task per 100 zones at startup time.  (The
			BIND9_ZONE_TASKS_HINT environment variable
			which was established as a temporary measure
			in change #3132 is no longer needed or
			used.) [rt25541]
 2011-09-05 07:19:28 +00:00
Evan Hunt
d7eaf06b5a 3124. [bug] Use an rdataset attribute flag to indicate 
negative-cache records rather than using rrtype 0;
			this will prevent problems when that rrtype is
			used in actual DNS packets. [RT #24777]

3123.	[security]	Change #2912 exposed a latent flaw in
			dns_rdataset_totext() that could cause named to
			crash with an assertion failure. [RT #24777]
 2011-06-09 00:16:37 +00:00
Automatic Updater
6f06b66613 update copyright notice 2011-05-28 00:01:52 +00:00
Mark Andrews
4c94ae39a5 move dns_trust_totext from masterdump.c to rdataset.c so that exportlib will build 2011-05-27 05:04:17 +00:00
Automatic Updater
9ff8a0fdd7 update copyright notice 2011-03-03 23:46:02 +00:00
Evan Hunt
58a91f8111 3053. [bug] Under a sustained high query load with a finite 
max-cache-size, it was possible for cache memory
			to be exhausted and not recovered. [RT #23371]
 2011-03-03 04:45:59 +00:00
Automatic Updater
27ee4b8ca4 update copyright notice 2010-12-14 23:46:09 +00:00
Mark Andrews
8c5ba02091 2984. [bug] Don't run MX checks when the target of the MX record 
is ".".  [RT #22645]
 2010-12-14 00:48:23 +00:00
Mark Andrews
12fd7da162 2982. [bug] Reference count dst keys. dst_key_attach() can be used 
increment the reference count.

                        Note: dns_tsigkey_createfromkey() callers should now
                        always call dst_key_free() rather than setting it
                        to NULL on success. [RT #22672]
 2010-12-09 01:12:55 +00:00
Mark Andrews
4df431ecde 2976. [bug] named could die on exit after negotiating a GSS-TSIG 
key.  [RT #3415]
 2010-12-02 23:40:28 +00:00
Automatic Updater
c828f12404 update copyright notice 2010-09-24 08:30:28 +00:00
Mark Andrews
ff826c2844 2964. [bug] view->queryacl was being overloaded. Seperate the 
usage into view->queryacl, view->cacheacl and
                        view->queryonacl. [RT #22114]
 2010-09-24 08:09:08 +00:00
Automatic Updater
8f0cbae84a update copyright notice 2010-07-09 23:45:55 +00:00
Evan Hunt
c81b0a2f65 2929. [bug] Improved handling of GSS security contexts: 
- added LRU expiration for generated TSIGs
			 - added the ability to use a non-default realm
                         - added new "realm" keyword in nsupdate
			 - limited lifetime of generated keys to 1 hour
			   or the lifetime of the context (whichever is
			   smaller)
			[RT #19737]
 2010-07-09 05:15:06 +00:00
Automatic Updater
a55880fd78 update copyright notice 2010-06-04 23:48:25 +00:00
Mark Andrews
8925c70a54 remove trailing comma 2010-06-04 00:15:28 +00:00
Automatic Updater
01565f50ca update copyright notice 2010-05-14 23:47:50 +00:00
Mark Andrews
69ed70d223 2890. [bug] Handle the introduction of new trusted-keys and 
DS, DLV RRsets better. [RT #21097]
 2010-05-14 00:33:23 +00:00
Automatic Updater
3e1ba44c9c update copyright notice 2010-05-10 23:48:14 +00:00
Mark Andrews
2766e7b091 2881. [bug] Reduce the amount of time the rbtdb write lock 
is held when closing a version. [RT #21198]
 2010-05-10 01:42:36 +00:00
Automatic Updater
b67c0e9a49 update copyright notice 2010-02-25 10:56:41 +00:00
Mark Andrews
b8c2fd6c72 2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619] 2010-02-25 05:35:11 +00:00
Automatic Updater
9feb8eda57 update copyright notice 2010-01-15 23:47:34 +00:00
Evan Hunt
3f39cbcc76 2838. [func] Backport support for SHA-2 DNSSEC algorithms, 
RSASHA256 and RSASHA512, from BIND 9.7.  (This
			incorporates changes 2726 and 2738 from that
			release branch.) [RT #20871]
 2010-01-15 19:38:54 +00:00
Automatic Updater
ef413fafe5 update copyright notice 2009-12-30 23:47:31 +00:00
Tatuya JINMEI 神明達哉
450c3bb498 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:34:30 +00:00
Evan Hunt
c7c6605eb0 2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712] 2009-12-30 06:44:45 +00:00
Evan Hunt
65bbefae47 2819. [cleanup] Removed unnecessary DNS_POINTER_MAXHOPS define 
[RT #20771]
 2009-12-24 00:34:59 +00:00
Automatic Updater
0a9fcb1124 update copyright notice 2009-11-25 23:48:42 +00:00
Mark Andrews
eb5f89b06e 2786. [bug] Additional could be promoted to answer. [RT #20663] 2009-11-25 02:25:56 +00:00
Mark Andrews
e7f4d4e09d 2772. [security] When validating, track whether pending data was from 
the additional section or not and only return it if
                        validates as secure. [RT #20438]
 2009-11-18 00:15:38 +00:00
Automatic Updater
a1b08748d8 update copyright notice 2009-11-04 23:47:25 +00:00
Mark Andrews
5211674cef 2747. [bug] Journal roll forwards failed to set the re-signing 
time of RRSIGs correctly. [RT #20541]
 2009-11-04 01:35:07 +00:00
Mark Andrews
2a2e4dbefb 2722. [bug] Ensure that the memory associated with the name of 
a node in a rbt tree is not altered during the life
                        of the node. [RT #20431]
 2009-10-20 05:06:04 +00:00
Evan Hunt
a9775fe88d 2706. [bug] Loading a zone with a very large NSEC3 salt could 
trigger an assert. [RT #20368]
 2009-10-06 21:20:18 +00:00
Evan Hunt
c459aec591 2705. [bug] Reconcile the XML stats version number with a later 
BIND9 release, by adding a "name" attribute to
                        "cache" elements and increasing the version number
                        to 2.2.  (This is a minor version change, but may
                        affect XML parsers if they assume the cache element
                        doesn't take an attribute.)

2704.	[bug]		Serial of dynamic and stub zones could be inconsistent
			with their SOA serial.  [RT #19387]
 2009-10-05 21:57:00 +00:00
Mark Andrews
a416993543 2920. [bug] Delay thawing the zone until the reload of it has 
completed successfully.  [RT #19750]
 2009-07-11 04:23:54 +00:00
Automatic Updater
6e67205ba7 update copyright notice 2009-06-22 23:47:18 +00:00
Mark Andrews
e6be77a26c 2608. [func] Perform post signing verification checks in 
dnssec-signzone.  These can be disabled with -P.

                        The post sign verification test ensures that for each
                        algorithm in use there is at least one non revoked
                        self signed KSK key.  That all revoked KSK keys are
                        self signed.  That all records in the zone are signed
                        by the algorithm.  [RT #19653]
 2009-06-22 05:05:01 +00:00