Mark Andrews
93b433d299
2982. [bug] Reference count dst keys. dst_key_attach() can be used
...
increment the reference count.
Note: dns_tsigkey_createfromkey() callers should now
always call dst_key_free() rather than setting it
to NULL on success. [RT #22672 ]
2010-12-09 01:05:29 +00:00
Automatic Updater
39ba8c7737
update copyright notice
2010-12-07 23:46:26 +00:00
Mark Andrews
e69bed0b94
2980. [bug] named didn't properly handle UPDATES that changed the
...
TTL of the NSEC3PARAM RRset. [RT #22363 ]
2010-12-07 03:01:40 +00:00
Mark Andrews
a4aef00d65
2977. [bug] 'nsupdate -l' report if the session key is missing.
...
[RT #21670 ]
2010-12-03 00:39:46 +00:00
Automatic Updater
1517558cd3
update copyright notice
2010-12-02 23:46:30 +00:00
Mark Andrews
e7ca8c91ec
2976. [bug] named die on exit after negotiating a GSS-TSIG key.
...
[RT #3415 ]
2010-12-02 23:26:58 +00:00
Automatic Updater
14f8d8220c
update copyright notice
2010-11-30 23:46:15 +00:00
Evan Hunt
f72883c6ae
2974. [bug] Some vaild UPDATE requests could fail due to a
...
consistency check examining the existing version
of the zone rather than the new version resulting
from the UPDATE. [RT #22413 ]
2010-11-30 02:27:38 +00:00
Automatic Updater
97c708294d
update copyright notice
2010-11-17 23:46:32 +00:00
Mark Andrews
8f110ca521
2970. [security] Adding a NO DATA negative cache entry failed to clear
...
any matching RRSIG records. A subsequent lookup of
of NO DATA cache entry could trigger a INSIST when the
unexpected RRSIG was also returned with the NO DATA
cache entry. [RT #22288 ]
2010-11-16 07:28:37 +00:00
Shawn Routhier
75636f9b01
Fix acl type processing so that allow-query works in options and view
...
statements. Also add a new set of tests to verify proper functioning.
[RT #22418 ]
2010-11-16 02:11:53 +00:00
Mark Andrews
8bdc865433
2968. [security] Named could fail to prove a data set was insecure
...
before marking it as insecure. One set of conditions
that can trigger this occurs naturally when rolling
DNSKEY algorithms. [RT #22309 ]
2010-11-16 01:21:49 +00:00
Mark Andrews
0a2897853b
2963. [security] The allow-query acl was being applied instead of the
...
allow-query-cache acl to cache lookups. [RT #22114 ]
2010-09-24 05:54:06 +00:00
Mark Andrews
9960be0a54
simplify grep
2010-09-15 23:23:22 +00:00
Evan Hunt
b1a6907e81
The "resolver" test was failing on systems with old versions of "grep".
2010-09-15 15:45:16 +00:00
Automatic Updater
6d7a4c30a2
update copyright notice
2010-09-15 12:38:04 +00:00
Mark Andrews
3f9371b30c
2960. [func] Check that named accepts non-authoritative answers.
...
[RT #21594 ]
2010-09-15 12:10:54 +00:00
Mark Andrews
311f97e2d4
2959. [func] Check that named starts with a missing masterfile.
...
[RT #22076 ]
2958. [bug] named failed to start with a missing master file.
[RT #22076 ]
2010-09-15 03:36:41 +00:00
Mark Andrews
1cbe92ed8c
2951. [bug] named failed to generate a correct signed response
...
in a optout, delegation only zone with no secure
delegations. [RT #22007 ]
2010-09-07 01:05:59 +00:00
Automatic Updater
63b93f0682
update copyright notice
2010-08-17 23:46:28 +00:00
Mark Andrews
82580033db
update default id range to match that used (1..7)
2010-08-17 04:08:07 +00:00
Mark Andrews
30579c29be
2943. [func] Add support to load new keys into managed zones
...
without signing immediately with "rndc loadkeys".
Add support to link keys with "dnssec-keygen -S"
and "dnssec-settime -S". [RT #21351 ]
2010-08-16 22:27:18 +00:00
Mark Andrews
ff2047b685
2941. [bug] sdb and sdlz (dlz's zone database) failed to support
...
DNAME at the zone apex. [RT #21610 ]
2010-08-16 05:14:58 +00:00
Automatic Updater
770279e013
update copyright notice
2010-08-13 23:46:29 +00:00
Mark Andrews
71e5c19636
2938. [bug] When generating signed responses, from a signed zone
...
that uses NSEC3, named would use a uninitialised
pointer if it needed to skip a NSEC3 record because
it didn't match the selected NSEC3PARAM record for
zone. [RT# 21868]
2010-08-13 07:00:40 +00:00
Mark Andrews
ed4eee1e51
.orig -> .in as .orig is used by patch
2010-08-12 01:32:46 +00:00
Evan Hunt
0658d99891
2936. [func] Improved configuration syntax and multiple-view
...
support for addzone/delzone feature (see change
#2930 ). Removed "new-zone-file" option, replaced
with "allow-new-zones (yes|no)". The new-zone-file
for each view is now created automatically, with
a filename generated from a hash of the view name.
It is no longer necessary to "include" the
new-zone-file in named.conf; this happens
automatically. Zones that were not added via
"rndc addzone" can no longer be removed with
"rndc delzone". [RT #19447 ]
2010-08-11 18:19:59 +00:00
Evan Hunt
ead09b5724
2932. [cleanup] Corrected a numbering error in the "dnssec" test.
...
[RT #21597 ]
2010-08-09 22:35:06 +00:00
Tatuya JINMEI 神明達哉
9891a60571
2931. [bug] Temporarily and partially disable change 2864
...
because it would cause inifinite attempts of RRSIG
queries. This is an urgent care fix; we'll
revisit the issue and complete the fix later.
[RT #21710 ]
2010-07-15 01:26:10 +00:00
Evan Hunt
542d079eb1
dnssec and dlv tests included master zones whose master files were missing.
...
this was a bug that hadn't been noticed before, but 19447 added a test for
that condition and it caused test failures.
2010-07-11 01:18:17 +00:00
Mark Andrews
5a21c108fe
check that we have non-cachable answers to test against
...
match the dig.out.ns#.$n to the nameserver
2010-06-28 01:37:20 +00:00
Automatic Updater
4fe6e5b494
update copyright notice
2010-06-26 23:46:27 +00:00
Mark Andrews
5a7f05ee3c
2925. [bug] Named failed to accept uncachable negative responses
...
from insecure zones. [RT# 21555]
2010-06-25 23:52:09 +00:00
Automatic Updater
c65ab74d31
update copyright notice
2010-06-25 23:46:33 +00:00
Mark Andrews
653b008950
remove leading zeros on keyid
...
account for trusted keys not applying to _bind anymore
2010-06-25 07:27:20 +00:00
Mark Andrews
9777316c64
2924. [func] 'rndc secroots' dump a combined summary of the
...
current managed keys combined with trusted keys.
[RT #20904 ]
2010-06-25 03:51:07 +00:00
Automatic Updater
5b17e46285
update copyright notice
2010-06-23 23:46:36 +00:00
Automatic Updater
275c562ce7
update copyright notice
2010-06-22 23:46:34 +00:00
Mark Andrews
13ce1be5d3
2920. [func] Allow 'filter-aaaa-on-v4' to be applied selectively
...
to IPv4 clients. New acl 'filter-aaaa' (default any).
2010-06-22 04:04:22 +00:00
Automatic Updater
a6cde7c0f6
update copyright notice
2010-06-11 23:46:18 +00:00
Mark Andrews
a3d418e155
restore export of PERL PK11GEN PK11LIST PK11DEL
2010-06-11 01:59:22 +00:00
Mark Andrews
24b4cd45a2
2916. [func] Add framework to use IPv6 in tests.
...
fd92:7065:b8e:ffff::1 ... fd92:7065:b8e:ffff::7
2010-06-10 06:20:47 +00:00
cvs2git
7c5699736b
This commit was manufactured by cvs2git to create branch 'v9_7'.
2010-06-10 06:19:55 +00:00
Mark Andrews
9a56f03c4c
2916. [func] Add framework to use IPv6 in tests.
...
fd92:7065:b8e:ffff::1 ... fd92:7065:b8e:ffff::7
2010-06-10 06:19:52 +00:00
Automatic Updater
ad0471f93b
update copyright notice
2010-06-08 23:50:24 +00:00
Automatic Updater
4cff55249c
update copyright notice
2010-06-08 23:49:12 +00:00
Mark Andrews
55fe737bf7
2914. [bug] Make the "autosign" system test more portable.
...
[RT #20997 ]
2010-06-07 04:47:26 +00:00
cvs2git
11d477b0ce
This commit was manufactured by cvs2git to create branch 'v9_7'.
2010-06-07 04:45:44 +00:00
Mark Andrews
e24ccb512c
2914. [bug] Make the "autosign" system test more portable.
...
[RT #20997 ]
2010-06-07 04:45:43 +00:00
Mark Andrews
1cc4291e10
2913. [func] Add pkcs#11 system tests. [RT #20784 ]
2010-06-07 03:45:36 +00:00