Tinderbox User
77dd47b406
update copyright notice / whitespace
2017-05-30 23:47:42 +00:00
Mark Andrews
fbfaa3e731
4629. [bug] dns_client_startupdate could not be called with a
...
running client. [RT #45277 ]
(cherry picked from commit e51d62ecae )
2017-05-30 10:07:15 +10:00
Tinderbox User
97c4ecec1b
update copyright notice / whitespace
2017-05-11 23:47:22 +00:00
Mark Andrews
bd84d0a47a
4624. [bug] Check isc_mem_strdup results in dns_view_setnewzones.
...
[RT #45210 ]
(cherry picked from commit 5049d09bca )
2017-05-11 20:38:22 +10:00
Tinderbox User
65d4abb881
update copyright notice / whitespace
2017-04-23 23:47:17 +00:00
Evan Hunt
62fd7f8062
[v9_9] fix dispatch.c shutdown race
...
4952. [bug] A race condition on shutdown could trigger an
assertion failure in dispatch.c. [RT #43822 ]
(cherry picked from commit 019132b70c )
2017-04-20 17:42:09 -07:00
Mark Andrews
182d657891
remove outdated cvs $Id strings
2017-02-03 18:44:36 +11:00
Tinderbox User
2444ab6b88
update copyright notice / whitespace
2017-02-02 23:48:58 +00:00
Evan Hunt
3e43702524
[v9_9] Squashed commit of the following:
...
4561. [port] Silence a warning in strict C99 compilers. [RT #44414 ]
(cherry picked from commit 6cb5e36ca3 )
2017-02-01 17:31:37 -08:00
Tinderbox User
fd687693fd
update copyright notice / whitespace
2017-01-11 23:47:22 +00:00
Evan Hunt
7d73d9aafb
[v9_9] expand the flags field in dns_master_style
...
4550. [cleanup] Increased the number of available master file
output style flags from 32 to 64. [RT #44043 ]
2017-01-11 12:05:54 -08:00
Mark Andrews
c161d54a65
4543. [bug] dns_client_startupdate now delays sending the update
...
request until isc_app_ctxrun has been called.
[RT #43976 ]
(cherry picked from commit 6f94747270 )
2016-12-28 15:56:30 +11:00
Tinderbox User
7429284419
update copyright notice / whitespace
2016-12-26 23:51:09 +00:00
Mark Andrews
2af18c1396
4538. [bug] Call dns_client_startresolve from client->task.
...
[RT #43896 ]
(cherry picked from commit aceabacdb8 )
2016-12-27 07:15:23 +11:00
Tinderbox User
ff69a0423e
update copyright notice / whitespace
2016-11-08 23:57:34 +00:00
Mark Andrews
964e19cea8
4497. [port] Add support for OpenSSL 1.1.0. [RT #41284 ]
2016-11-09 09:59:32 +11:00
Tinderbox User
fc6f778fd8
update copyright notice / whitespace
2016-11-03 23:51:28 +00:00
Tinderbox User
a06917d08f
update copyright notice / whitespace
2016-11-02 23:51:39 +00:00
Mark Andrews
51fe40fd59
4504. [security] Allow the maximum number of records in a zone to
...
be specified. This provides a control for issues
raised in CVE-2016-6170. [RT #42143 ]
(cherry picked from commit 5f8412a4cb )
2016-11-03 10:46:37 +11:00
Evan Hunt
60814deed8
[v9_9] make uninstall
...
4503. [cleanup] "make uninstall" now removes file installed by
BIND. (This currently excludes Python files
due to lack of support in setup.py.) [RT #42912 ]
(cherry picked from commit 6087f87afb )
(cherry picked from commit 398f8c32f3 )
2016-11-01 20:22:35 -07:00
Tinderbox User
e52e476295
update copyright notice / whitespace
2016-07-14 23:54:00 +00:00
Mark Andrews
456d497196
4413. [bug] GSSAPI negotiation could fail if GSS_S_CONTINUE_NEEDED
...
was returned. [RT #42733 ]
(cherry picked from commit 63e58ad048 )
2016-07-14 15:08:36 +10:00
Mukund Sivaraman
995cda9432
Some general cleanup ( #42827 )
...
(cherry picked from commit e65cd99461 )
(cherry picked from commit 47ed813864 )
(cherry picked from commit e7a3b8948f )
2016-07-13 15:00:36 +05:30
Tinderbox User
afb9f6c482
update copyright notice / whitespace
2016-06-16 23:46:03 +00:00
Mark Andrews
8ae151e5db
backport dns_name_t *name -> const dns_name_t *name
...
(cherry picked from commit ded95d497df16579852356fc5434671d24c7f00d)
2016-06-16 21:40:22 +10:00
Mark Andrews
2bf3a4d271
4366. [bug] Address race condition when updating rbtnode bit
...
fields. [RT #42379 ]
(cherry picked from commit e2047969de )
2016-05-17 13:16:41 +10:00
Evan Hunt
529734f9fc
[v9_9] prep 9.9.9b2
2016-03-24 12:42:54 -07:00
Mark Andrews
6aec5717c7
4341. [bug] 'rndc flushtree' could fail to clean the tree if there
...
wasn't a node at the specified name. [RT #41846 ]
(cherry picked from commit 6214c3c93a )
2016-03-24 11:38:17 +11:00
Tinderbox User
5cc724937d
update copyright notice / whitespace
2016-03-22 23:45:44 +00:00
Evan Hunt
0c3dc6f60f
[v9_9] fix mkeys TTL 0 issue
...
4337. [bug] The previous change exposed a latent flaw in
key refresh queries for managed-keys when
a cached DNSKEY had TTL 0. [RT #41986 ]
2016-03-22 12:13:39 -07:00
Tinderbox User
aad46e76a7
update copyright notice / whitespace
2016-03-10 23:45:46 +00:00
Mark Andrews
927e9d8bbc
4330. [protocol] Identify the PAD option as "PAD" when printing out
...
a message.
(cherry picked from commit 33a4294f44 )
2016-03-10 16:54:51 +11:00
Mark Andrews
757e02d75c
update copyrights
2016-03-08 16:19:15 +11:00
Mark Andrews
0649f3a0c0
4329. [func] Warn about a common misconfiguration when forwarding
...
RFC 1918 zones. [RT #41441 ]
2016-03-08 10:12:02 +11:00
Mukund Sivaraman
4bb2aa3e15
Repack dns_rbtnode struct to gain some space (reduce packing holes) ( #41854 )
...
(cherry picked from commit 8dbf9ceb8c )
(cherry picked from commit 2a461f1348 )
2016-03-07 16:18:02 +05:30
Tinderbox User
45449617be
update copyright notice / whitespace
2016-01-14 23:46:05 +00:00
Evan Hunt
6deb83615c
[v9_9] added sockaddr.h
...
4291. [cleanup] Added a required include to dns/forward.h. [RT #41474 ]
(cherry picked from commit b4ccec331d )
(cherry picked from commit 25da0107d1 )
2016-01-14 10:27:41 -08:00
Mukund Sivaraman
a28d8e8bf5
Improve performance of RBT ( #41165 )
...
(cherry picked from commit 5d79b60fc5 )
(cherry picked from commit 318158d66a )
2015-12-11 10:29:36 +05:30
Mark Andrews
9631d0769e
4260. [security] Insufficient testing when parsing a message allowed
...
records with an incorrect class to be be accepted,
triggering a REQUIRE failure when those records
were subsequently cached. (CVE-2015-8000) [RT #4098 ]
(cherry picked from commit c8821d124c )
2015-11-16 13:28:28 +11:00
Tinderbox User
4acf5216d7
update copyright notice / whitespace
2015-11-09 23:46:11 +00:00
Evan Hunt
7d984067ee
[v9_9] fix python script versions
...
4257. [cleanup] Python scripts reported incorrect version. [RT #41080 ]
2015-11-08 21:41:04 -08:00
Mark Andrews
79f23b271e
4191. [protocol] Accept DNS-SD non LDH PTR records in reverse zones
...
as per RFC 6763. [RT #37889 ]
(cherry picked from commit 5855fd79e3 )
2015-08-25 14:46:41 +10:00
Mark Andrews
fea8a9d56b
4190. [protocol] Accept Active Diretory gc._msdcs.<forest> name as
...
valid with check-names. <forest> still needs to be
LDH. [RT #40399 ]
(cherry picked from commit dc3912f3ca )
2015-08-22 15:28:16 +10:00
Tinderbox User
cd80053809
update copyright notice / whitespace
2015-08-07 23:46:19 +00:00
Evan Hunt
0d83784a75
[v9_9] address buffer accounting error
...
4168. [security] A buffer accounting error could trigger an
assertion failure when parsing certain malformed
DNSSEC keys. (CVE-2015-5722) [RT #40212 ]
(cherry picked from commit ce9f893e21 )
2015-08-07 13:22:40 -07:00
Tinderbox User
cc1a709402
update copyright notice / whitespace
2015-07-13 23:46:09 +00:00
Mark Andrews
82b6caf613
4164. [bug] Don't rename slave files and journals on out of memory.
...
[RT #40033 ]
4163. [bug] Address compiler warnings. [RT #40024 ]
(cherry picked from commit 3a49d0ff10 )
2015-07-13 09:49:09 +10:00
Tinderbox User
835eaef8e3
update copyright notice / whitespace
2015-07-09 23:46:11 +00:00
Evan Hunt
ea36796f82
[v9_9] DDoS mitigation features
...
3938. [func] Added quotas to be used in recursive resolvers
that are under high query load for names in zones
whose authoritative servers are nonresponsive or
are experiencing a denial of service attack.
- "fetches-per-server" limits the number of
simultaneous queries that can be sent to any
single authoritative server. The configured
value is a starting point; it is automatically
adjusted downward if the server is partially or
completely non-responsive. The algorithm used to
adjust the quota can be configured via the
"fetch-quota-params" option.
- "fetches-per-zone" limits the number of
simultaneous queries that can be sent for names
within a single domain. (Note: Unlike
"fetches-per-server", this value is not
self-tuning.)
- New stats counters have been added to count
queries spilled due to these quotas.
These options are not available by default;
use "configure --enable-fetchlimit" (or
--enable-developer) to include them in the build.
See the ARM for details of these options. [RT #37125 ]
2015-07-08 23:00:58 -07:00
Mark Andrews
5e210b5fe5
4158. [protocol] Support the printing of EDNS COOKIE options.
...
[RT #39928 ]
2015-07-07 15:49:36 +10:00