ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
Files
0ae3ffdc1c1eb7dfe53ac42fafe4664581be2a05
bind9/lib/dns
History
Matthijs Mekking 0ae3ffdc1c Fix NSEC3 resalting upon restart 
When named restarts, it will examine signed zones and checks if the
current denial of existence strategy matches the dnssec-policy. If not,
it will schedule to create a new NSEC(3) chain.

However, on startup the zone database may not be read yet, fooling
BIND that the denial of existence chain needs to be created. This
results in a replacement of the previous NSEC(3) chain.

Change the code such that if the NSEC3PARAM lookup failed (the result
did not return in ISC_R_SUCCESS or ISC_R_NOTFOUND), we will try
again later. The nsec3param structure has additional variables to
signal if the lookup is postponed. We also need to save the signal
if an explicit resalt was requested.

In addition to the two added boolean variables, we add a variable to
store the NSEC3PARAM rdata. This may have a yet to be determined salt
value. We can't create the private data yet because there may be a
mismatch in salt length and the NULL salt value.
2021-06-09 09:14:09 +02:00
..
include
Refactor zone dumping code to use netmgr async threadpools
2021-05-31 14:52:05 +02:00
rdata
Use isdigit instead of checking character range
2021-05-05 19:15:33 +02:00
tests
Adjust returned method from dns_updatemethod_date
2021-05-18 12:30:22 +00:00
win32
Refactor zone dumping code to use netmgr async threadpools
2021-05-31 14:52:05 +02:00
.gitignore
acl.c
Reduce the number of clientmgr objects created
2021-05-24 20:44:54 +02:00
adb.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
badcache.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
byaddr.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
cache.c
Remove the option 'cleaning-interval'
2021-01-19 10:12:40 +01:00
callbacks.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
catz.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
client.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
clientinfo.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
compress.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
db.c
Cleanup redundant isc_rwlock_init() result checks
2021-02-03 12:22:33 +11:00
dbiterator.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
diff.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
dispatch.c
Silence cppcheck 2.2 false positive in udp_recv()
2020-11-25 12:45:47 +01:00
dlz.c
Cleanup redundant isc_rwlock_init() result checks
2021-02-03 12:22:33 +11:00
dns64.c
add dns_dns64_findprefix
2020-11-25 08:25:29 +11:00
dnsrps.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
dnssec.c
Use isdigit instead of checking character range
2021-05-05 19:15:33 +02:00
dnstap.c
Address theoretical resource leak in dns_dt_open()
2021-02-22 12:22:31 +11:00
dnstap.proto
ds.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
dst_api.c
Address potential resource leak in dst_key_fromnamedfile
2021-05-18 10:33:43 +10:00
dst_internal.h
Move most of the OpenSSL initialization to isc_tls
2021-02-18 19:33:54 +01:00
dst_openssl.h
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
dst_parse.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
dst_parse.h
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
dst_pkcs11.h
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
dst_result.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
dyndb.c
Use libuv's shared library handling capabilities
2020-10-28 15:48:58 +01:00
ecs.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
fixedname.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
forward.c
Cleanup redundant isc_rwlock_init() result checks
2021-02-03 12:22:33 +11:00
gen-unix.h
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
gen-win32.h
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
gen.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
geoip2.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
gssapi_link.c
Stop including gssapi.h from dst/gssapi.h header
2021-02-16 01:04:46 +00:00
gssapictx.c
Free resources when gss_accept_sec_context() fails
2021-04-08 10:33:44 +02:00
hmac_link.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
ipkeylist.c
implement xfrin via XoT
2021-01-29 12:07:38 +01:00
iptable.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
journal.c
Consolidate xhdr fixups
2021-05-26 08:16:35 +10:00
kasp.c
Add purge-keys config option
2021-02-23 09:16:48 +01:00
key.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
keydata.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
keymgr.c
Fix coverity issue 331478
2021-05-19 00:45:54 +00:00
keytable.c
Cleanup redundant isc_rwlock_init() result checks
2021-02-03 12:22:33 +11:00
lib.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
log.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
lookup.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
Makefile.am
remove lib/dns/gen when running 'make clean'
2021-04-07 08:06:49 +10:00
master.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
masterdump.c
Pause the dbiterator when dumping the zone to the disk
2021-06-04 08:25:05 +00:00
message.c
Adjust the fillcount and freemax for dns_message mempools
2021-05-24 20:44:58 +02:00
name.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
ncache.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
nsec3.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
nsec.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
nta.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
openssl_link.c
Use library constructor/destructor to initialize OpenSSL
2021-02-18 19:33:54 +01:00
openssldh_link.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
opensslecdsa_link.c
Make opensslecdsa_parse use fromlabel
2021-01-26 15:01:26 +01:00
openssleddsa_link.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
opensslrsa_link.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
order.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
peer.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
pkcs11.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
pkcs11ecdsa_link.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
pkcs11eddsa_link.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
pkcs11rsa_link.c
Fix misplaced declaration
2020-12-01 10:46:58 +11:00
private.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
rbt.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
rbtdb.c
Reuse rdatset->ttl when dumping ancient RRsets
2021-05-30 11:48:36 -07:00
rbtdb.h
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
rcode.c
Use isdigit instead of checking character range
2021-05-05 19:15:33 +02:00
rdata.c
Make calling generic rdata methods consistent
2021-03-26 22:04:42 +00:00
rdatalist_p.h
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
rdatalist.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
rdataset.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
rdatasetiter.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
rdataslab.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
request.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
resolver.c
Don't set memory context name in resolver.c
2021-05-25 07:25:44 +02:00
result.c
Add NSEC3PARAM unit test, refactor zone.c
2020-11-26 10:43:59 +01:00
rootns.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
rpz.c
Cleanup redundant isc_rwlock_init() result checks
2021-02-03 12:22:33 +11:00
rriterator.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
rrl.c
Reduce the number of clientmgr objects created
2021-05-24 20:44:54 +02:00
sdb.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
sdlz.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
soa.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
ssu_external.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
ssu.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
stats.c
Update comments to have binary notation
2020-09-29 10:36:07 +10:00
tcpmsg.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
time.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
timer.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
tkey.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
transport.c
refactor outgoing HTTP connection support
2021-03-05 13:29:26 +02:00
tsec.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
tsig_p.h
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
tsig.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
ttl.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
update.c
Lock kasp when looking for zone keys
2021-05-20 09:15:43 +02:00
validator.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
view.c
Reduce the number of clientmgr objects created
2021-05-24 20:44:54 +02:00
xfrin.c
Add missing initialisations
2021-05-26 08:15:08 +00:00
zone_p.h
Add NSEC3PARAM unit test, refactor zone.c
2020-11-26 10:43:59 +01:00
zone.c
Fix NSEC3 resalting upon restart
2021-06-09 09:14:09 +02:00
zonekey.c
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
zoneverify.c
rename dns_name_copynf() to dns_name_copy()
2021-05-22 00:37:27 -07:00
zt.c
Cleanup redundant isc_rwlock_init() result checks
2021-02-03 12:22:33 +11:00