ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
21,149 Commits 589 Branches 805 Tags
v9.9.4
Commit Graph

671 Commits

Author SHA1 Message Date
Mark Andrews
e549f72c5a don't print out result as it is not meaningful here 2013-08-16 09:45:08 +10:00
Mark Andrews
cbc2132d2a 3632. [bug] Signature from newly inactive keys were not being 
removed.  [RT #32178]

(cherry picked from commit 7ace327795)
 2013-08-15 11:20:18 +10:00
Mark Andrews
451ab598e2 3607. [bug] dnssec-keygen had broken 'Invalid keyfile' error 
message. [RT #34045]
 2013-07-03 15:42:39 +10:00
Evan Hunt
971e81834e [v9_9] updated win32 build 
3596.	[port]		Updated win32 build documentation, added
                        dnssec-verify. [RT #22067]
(cherry picked from commit 6a4f3d3765e3af82f48a153a0ceb5d40a549b603)
 2013-06-13 17:31:17 -07:00
Evan Hunt
d07ede4cd6 [v9_9] silence ccc-analyzer 
3567.	[bug]		Silence clang static analyzer warnings. [RT #33365]
 2013-05-03 14:35:55 -07:00
Tinderbox User
c3e768f1fb update copyright notice 2013-01-23 23:45:39 +00:00
Evan Hunt
bf9d2fd260 [v9_9] fix incorrect nsec3 check 
- check for NSEC3 in empty nodes when not due to optout delegations
    - fixed typo in output ("Bad record NSEC record")
    - incidentally fixed an error in signzone that caused an
      incorrect warning about missing DNSKEYs when using -S
      and -3 together

3473.	[bug]		dnssec-signzone/verify could incorrectly report
			an error condition due to an empty node above an
			opt-out delegation lacking an NSEC3. [RT #32072]
(cherry picked from commit 9a0dd99a75)
 2013-01-23 14:57:18 -08:00
Tinderbox User
c4873082b8 update copyright notice 2013-01-17 23:45:58 +00:00
Curtis Blackburn
70924c54fa [v9_9][bug] Added checks in dnssec-keygen and dnssec-settime to check for 
delete date < inactive date. [RT #31719]
 2013-01-17 11:02:48 -06:00
Mark Andrews
09b906e5d1 throw fatal error on realloc failure 2012-12-10 10:17:14 +11:00
Tinderbox User
4c3f5e0ee3 regen v9_9 2012-11-29 01:15:55 +00:00
Tinderbox User
24c4fca4f4 update copyright notice 2012-11-28 23:45:31 +00:00
Evan Hunt
d61af338f3 [v9_9] remove libgen.h from dnssec tools 
we no longer use basename() or dirname()
 2012-11-27 19:49:29 -08:00
Mark Andrews
3882eec38e 3424. [func] dnssec-dsfromkey now emits the hash without spaces. 
[RT #31951]

Squashed commit of the following:

commit 7369da0369e1de1fe6c5b5f84df8848b9a0984eb
Author: Mark Andrews <marka@isc.org>
Date:   Fri Nov 23 17:24:04 2012 +1100

    dupped/created reversed in log message

commit 0cef5faaf3ac22b00ed0f95b6bb7a146cf4cac15
Author: Mark Andrews <marka@isc.org>
Date:   Fri Nov 23 13:40:14 2012 +1100

    remove space from DS hash
 2012-11-27 14:23:03 +11:00
Evan Hunt
d8861c4350 [v9_9] remove spurious signatures from glue 
3404.	[bug]		dnssec-signzone: When re-signing a zone, remove
			RRSIG and NSEC records from nodes that used to be
			in-zone but are now below a zone cut. [RT #31556]
(cherry picked from commit 4b3d727d96)
 2012-10-24 15:47:51 -07:00
Mark Andrews
bf6acccf9d 3390. [bug] Silence clang compiler warnings. [RT #30417] 2012-10-06 13:21:18 +10:00
Evan Hunt
8c18302d8b fix coverity issues 
3388.	[bug]		Fixed several Coverity warnings. [RT #30996]
 2012-10-02 23:46:15 -07:00
Mark Andrews
5ffdd53520 use binary mode for raw/fast 2012-09-12 17:25:22 +10:00
Evan Hunt
b5bfcabdc0 warn when changing mode on .private files 
3347.	[bug]		dnssec-settime: Issue a warning when writing a new
			private key file would cause a change in the
			permissions of the existing file. [RT #27724]
 2012-07-05 18:03:57 -07:00
Mark Andrews
cb421b69c3 reverse bad copyright update 2012-06-29 11:41:43 +10:00
Tinderbox User
cd24b114bf update copyright notice 2012-06-29 01:22:07 +00:00
Tinderbox User
9418237f65 update copyright notice 2012-06-26 23:45:42 +00:00
Mark Andrews
7c25aaf620 3341. [func] New "dnssec-verify" command checks a signed zone 
to ensure correctness of signatures and of NSEC/NSEC3
                        chains. [RT #23673]
 2012-06-25 14:57:32 +10:00
Mark Andrews
acebc2457c 3339. [func] Allow the maximum supported rsa exponent size to be 
specified: "max-rsa-exponent-size <value>;" [RT #29228]
 2012-06-20 21:34:24 +10:00
Tinderbox User
36556c1406 regen v9_9 2012-05-31 01:17:36 +00:00
Tinderbox User
a2093c07a5 update copyright notice 2012-05-17 23:45:48 +00:00
Evan Hunt
8b1b819ae4 add ECDSA support 
3317.	[protocol]	Add ECDSA support (RFC 6605). [RT #21918]
 2012-05-17 15:52:07 -07:00
Tinderbox User
c201888c2a regen v9_9 2012-03-07 01:59:30 +00:00
Evan Hunt
8047e7c06f re-remove cvsignore files 2012-03-05 08:29:31 -08:00
Evan Hunt
f94af76649 Revert "added gitignore, removed cvsignore" 
This reverts commit e8ae173655.
 2012-03-05 08:24:17 -08:00
Evan Hunt
6aa2d721fc created 2012-03-03 23:25:21 -08:00
Evan Hunt
e8ae173655 added gitignore, removed cvsignore 2012-03-03 23:24:11 -08:00
Automatic Updater
97e74139b1 regen HEAD 2011-12-22 18:10:11 +00:00
Evan Hunt
f30785f506 3252. [bug] When master zones using inline-signing were 
updated while the server was offline, the source
			zone could fall out of sync with the signed
			copy. They can now resynchronize. [RT #26676]
 2011-12-22 07:32:41 +00:00
Automatic Updater
72938578c9 regen HEAD 2011-12-10 01:14:53 +00:00
Mark Andrews
b11fd36119 move declaration to start of block 2011-12-08 23:45:02 +00:00
Evan Hunt
b4d8192d21 3241. [func] Extended the header of raw-format master files to 
include the serial number of the zone from which
			they were generated, if different (as in the case
			of inline-signing zones).  This is to be used in
			inline-signing zones, to track changes between the
			unsigned and signed versions of the zone, which may
			have different serial numbers.

			(Note: raw zonefiles generated by this version of
			BIND are no longer compatble with prior versions.
			To generate a backward-compatible raw zonefile
			using dnssec-signzone or named-compilezone, specify
			output format "raw=0" instead of simply "raw".)
			[RT #26587]
 2011-12-08 16:07:22 +00:00
Mark Andrews
411d2914ad 3226. [bug] Address minor resource leakages. [RT #26624] 2011-11-30 00:48:51 +00:00
Automatic Updater
2628293c6e regen HEAD 2011-11-08 01:14:50 +00:00
Automatic Updater
0237221b8a update copyright notice 2011-11-07 23:46:50 +00:00
Evan Hunt
d9eebc0849 3211. [func] dnssec-signzone: "-f -" prints to stdout; "-O full" 
option prints in single-line-per-record format.
			[RT #20287]
 2011-11-07 23:16:31 +00:00
Automatic Updater
77dccf2a5d regen HEAD 2011-11-05 01:14:51 +00:00
Evan Hunt
d7be2b79ed 3198. [doc] Clarified that dnssec-settime can alter keyfile 
permissions. [RT #24866]
 2011-11-03 20:21:37 +00:00
Automatic Updater
e839bf134f regen HEAD 2011-10-26 01:14:53 +00:00
Mark Andrews
b1c6de5456 3177. [func] 'rndc keydone', remove the indicator record that 
named has finished signing the zone with the
                        corresponding key.  [RT #26206]
 2011-10-25 01:54:22 +00:00
Mark Andrews
f49d12edf8 remove redundant assignment and variable 2011-10-21 03:55:33 +00:00
Automatic Updater
12bfbed87c regen HEAD 2011-10-21 01:14:51 +00:00
Automatic Updater
dfc015bc7e update copyright notice 2011-10-20 23:46:51 +00:00
Mark Andrews
1946c596b4 3174. [bug] Always compute to revoked key tag from scratch. 
[RT #24711]
 2011-10-20 21:20:02 +00:00
Evan Hunt
653a78de95 3165. [bug] dnssec-signzone could generate new signatures when 
resigning, even when valid signatures were already
			present. [RT #26025]
 2011-10-11 19:26:06 +00:00