bind9

Files

Matthijs Mekking 3609dce81d Don't allow DNSSEC records in the raw zone

There was an exception for dnssec-policy that allowed DNSSEC in the
unsigned version of the zone. This however causes a crash if the
zone switches from dynamic to inline-signing in the case of NSEC3,
because we are now trying to add an NSEC3 record to a non-NSEC3 node.
This is because BIND expects none of the records in the unsigned
version of the zone to be NSEC3.

Remove the exception for dnssec-policy when copying non DNSSEC
records, but do allow for DNSKEY as this may be a published DNSKEY
from a different provider.

(cherry picked from commit 332b98ae49)

2022-11-03 11:43:08 +01:00

include

Replace alg_totext with dst_hmac_algorithm_totext

2022-09-27 16:55:33 +02:00

rdata

Add support for 'dohpath' to SVCB (and HTTPS)

2022-10-04 15:32:22 +11:00

.gitignore

…

acl.c

Add isc_rwlock around dns_aclenv .localhost and .localnets member

2022-04-26 14:21:57 +02:00

adb.c

Lock the address entry bucket when dumping ADB namehook

2022-08-12 15:55:41 -07:00

badcache.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

byaddr.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

cache.c

De-duplicate __FILE__, __LINE__

2022-10-17 16:00:26 +01:00

callbacks.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

catz.c

Check that primary key names have not changed

2022-09-27 22:19:37 +10:00

client.c

Add synth-from-dnssec namespaces for keytable entries

2022-07-07 07:47:45 +10:00

clientinfo.c

allow dns_clientinfo to store client ECS data

2022-01-27 14:51:11 -08:00

compress.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

db.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

dbiterator.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

diff.c

De-duplicate __FILE__, __LINE__

2022-10-17 16:00:26 +01:00

dispatch.c

remove unnecessary assertion in dns_dispatch_connect()

2022-07-14 19:27:24 -07:00

dlz.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

dns64.c

Add isc_rwlock around dns_aclenv .localhost and .localnets member

2022-04-26 14:21:57 +02:00

dnsrps.c

Simplify way we tag unreachable code with only ISC_UNREACHABLE()

2022-03-25 08:42:16 +01:00

dnssec.c

Add the ability specify the signing / verification time

2022-09-26 16:30:36 +02:00

dnstap.c

dnstap query_message field was erroneously set with responses

2022-08-31 15:24:00 -07:00

dnstap.proto

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

ds.c

Simplify way we tag unreachable code with only ISC_UNREACHABLE()

2022-03-25 08:42:16 +01:00

dst_api.c

Replace alg_totext with dst_hmac_algorithm_totext

2022-09-27 16:55:33 +02:00

dst_internal.h

Check if key metadata is modified before writing

2022-05-16 10:37:23 +02:00

dst_openssl.h

Use autoconf check for BN_GENCB_new()

2022-03-02 10:49:47 +00:00

dst_parse.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

dst_parse.h

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

dyndb.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

ecs.c

Simplify way we tag unreachable code with only ISC_UNREACHABLE()

2022-03-25 08:42:16 +01:00

fixedname.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

forward.c

Cleanup dns_fwdtable_delete()

2022-06-09 10:52:04 +00:00

gen.c

Merge lib/dns/gen.h contents to lib/dns/gen.c

2022-03-08 09:55:28 +01:00

geoip2.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

gssapi_link.c

Remove a redundant variable-length array

2022-03-18 16:05:56 +00:00

gssapictx.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

hmac_link.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

ipkeylist.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

iptable.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

journal.c

De-duplicate __FILE__, __LINE__

2022-10-17 16:00:26 +01:00

kasp.c

Store built-in dnssec-policies in defaultconf

2022-06-28 14:36:38 +02:00

key.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

keydata.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

keymgr.c

Nit changes in keymgr and kasp

2022-06-28 14:36:53 +02:00

keytable.c

Add synth-from-dnssec namespaces for keytable entries

2022-07-07 07:47:45 +10:00

log.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

lookup.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

Makefile.am

Update libdns_la_LIBADD rather than libdns_la_LDFLAGS

2022-07-13 10:46:37 +10:00

master.c

De-duplicate __FILE__, __LINE__

2022-10-17 16:00:26 +01:00

masterdump.c

De-duplicate __FILE__, __LINE__

2022-10-17 16:00:26 +01:00

message.c

Stop passing mctx to dns_rdata_tostruct as it is unnecessary for SIG

2022-09-26 12:01:44 +02:00

name.c

De-duplicate __FILE__, __LINE__

2022-10-17 16:00:26 +01:00

ncache.c

Update the rdataset->trust field in ncache.c:rdataset_settrust

2022-04-19 09:44:09 +10:00

nsec3.c

nsec3.c: Add a missing dns_db_detachnode() call

2022-08-23 12:04:08 +02:00

nsec.c

Wait with NSEC3 during a DNSSEC policy change

2022-08-22 19:21:39 +02:00

nta.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

openssl_link.c

Add ENGINE_init and ENGINE_finish calls

2022-09-23 14:05:16 +10:00

openssl_shim.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

openssl_shim.h

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

openssldh_link.c

Do not use OSSL_PARAM when engine API is compiled

2022-09-23 14:07:14 +10:00

opensslecdsa_link.c

Remove engine related parts for OpenSSL 3.0

2022-09-23 14:07:21 +10:00

openssleddsa_link.c

Free ctx on invalid siglen

2022-09-08 11:55:29 +02:00

opensslrsa_link.c

Check BN_dup results in rsa_check

2022-09-28 09:49:04 +10:00

order.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

peer.c

Simplify way we tag unreachable code with only ISC_UNREACHABLE()

2022-03-25 08:42:16 +01:00

private.c

Increase the BUFSIZ-long buffers

2022-07-15 21:16:51 +02:00

rbt.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

rbtdb.c

De-duplicate __FILE__, __LINE__

2022-10-17 16:00:26 +01:00

rbtdb.h

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

rcode.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

rdata.c

Additional safety check for negative array index

2022-04-29 11:46:22 +10:00

rdatalist_p.h

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

rdatalist.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

rdataset.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

rdatasetiter.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

rdataslab.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

request.c

merge dns_request_createvia() into dns_request_create()

2022-09-15 16:49:04 -07:00

resolver.c

Match prefetch eligibility behavior with ARM

2022-10-21 10:22:29 +00:00

result.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

rootns.c

Add FALLTHROUGH macro for __attribute__((fallthrough))

2022-03-25 08:41:09 +01:00

rpz.c

De-duplicate __FILE__, __LINE__

2022-10-17 16:00:26 +01:00

rriterator.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

rrl.c

Fix RRL responses-per-second bypass using wildcard names

2022-09-08 09:36:50 +02:00

sdb.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

sdlz.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

soa.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

ssu_external.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

ssu.c

Add isc_rwlock around dns_aclenv .localhost and .localnets member

2022-04-26 14:21:57 +02:00

stats.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

tests

Move all the unit tests to /tests/<libname>/

2022-05-31 12:06:00 +02:00

time.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

tkey.c

Fix tkey.c:buildquery() function's error handling

2022-08-17 08:36:07 +00:00

transport.c

Rename "hostname" to "remote-hostname" within "tls"

2022-05-03 17:42:43 +03:00

tsec.c

Simplify way we tag unreachable code with only ISC_UNREACHABLE()

2022-03-25 08:42:16 +01:00

tsig_p.h

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

tsig.c

Add the ability specify the signing / verification time

2022-09-26 16:30:36 +02:00

ttl.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

update.c

Simplify way we tag unreachable code with only ISC_UNREACHABLE()

2022-03-25 08:42:16 +01:00

validator.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

view.c

De-duplicate __FILE__, __LINE__

2022-10-17 16:00:26 +01:00

xfrin.c

CID 352848: split xfrin_start() and remove dead code

2022-06-15 17:02:45 +03:00

zone_p.h

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

zone.c

Don't allow DNSSEC records in the raw zone

2022-11-03 11:43:08 +01:00

zonekey.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00

zoneverify.c

Remove use of the inline keyword used as suggestion to compiler

2022-03-25 08:42:18 +01:00

zt.c

Update the copyright information in all files in the repository

2022-01-11 09:05:02 +01:00