upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-26 03:11:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
16154 commits 18 branches 854 tags 440 MiB
Commit graph

1453 commits

Author SHA1 Message Date
Automatic Updater
26d8ffe715 update copyright notice 2009-07-19 23:47:55 +00:00
Evan Hunt
553ead32ff 2636. [func] Simplify zone signing and key maintenance with the 
dnssec-* tools.  Major changes:
			- all dnssec-* tools now take a -K option to
			  specify a directory in which key files will be
			  stored
			- DNSSEC can now store metadata indicating when
			  they are scheduled to be published, acttivated,
			  revoked or removed; these values can be set by
			  dnssec-keygen or overwritten by the new
			  dnssec-settime command
			- dnssec-signzone -S (for "smart") option reads key
			  metadata and uses it to determine automatically
			  which keys to publish to the zone, use for
			  signing, revoke, or remove from the zone
			[RT #19816]
 2009-07-19 04:18:05 +00:00
Mark Andrews
109580e7e5 2920. [bug] Delay thawing the zone until the reload of it has 
completed successfully.  [RT #19750]
 2009-07-02 07:39:03 +00:00
Automatic Updater
c6fb85f950 update copyright notice 2009-07-01 23:47:36 +00:00
Evan Hunt
cfb1587eb9 2619. [func] Add support for RFC 5011, automatic trust anchor 
maintenance.  The new "managed-keys" statement can
			be used in place of "trusted-keys" for zones which
			support this protocol.  (Note: this syntax is
			expected to change prior to 9.7.0 final.) [RT #19248]
 2009-06-30 02:53:46 +00:00
Automatic Updater
754cb8a2b3 update copyright notice 2009-06-11 23:47:56 +00:00
Evan Hunt
351b62535d 2609. [func] Simplify the configuration of dynamic zones: 
- add ddns-confgen command to generate
			  configuration text for named.conf
			- add zone option "ddns-autoconf yes;", which
			  causes named to generate a TSIG session key
			  and allow updates to the zone using that key
			- add '-l' (localhost) option to nsupdate, which
			  causes nsupdate to connect to a locally-running
			  named process using the session key generated
			  by named
			[RT #19284]
 2009-06-10 00:27:22 +00:00
Automatic Updater
39844d4710 update copyright notice 2009-06-04 02:56:47 +00:00
Mark Andrews
2534a73a59 2608. [func] Perform post signing verification checks in 
dnssec-signzone.  These can be disabled with -P.

                        The post sign verification test ensures that for each
                        algorithm in use there is at least one non revoked
                        self signed KSK key.  That all revoked KSK keys are
                        self signed.  That all records in the zone are signed
                        by the algorithm.  [RT #19653]
 2009-06-04 02:13:37 +00:00
Tatuya JINMEI 神明達哉
40d0f115a6 2604. [func] Add support for DNS rebinding attack prevention through 
new options, deny-answer-addresses and
			deny-answer-aliases.  Based on contributed code from
			JD Nurmi, Google. [RT #18192]
 2009-05-29 22:22:37 +00:00
Francis Dupont
ff380b05fe comment fixes (rt19624) 2009-05-07 09:41:23 +00:00
Automatic Updater
7a272c6b0d update copyright notice 2009-05-06 23:47:50 +00:00
Tatuya JINMEI 神明達哉
5d7849ad7f 2596. [bug] Stale tree nodes of cache/dynamic rbtdb could stay 
long, leading to inefficient memory usage or rejecting
			newer cache entries in the worst case. [RT #19563]
 2009-05-06 22:53:54 +00:00
Evan Hunt
3f8be559f0 2575. [func] New functions dns_name_fromstring() and 
dns_name_tostring(), to simplify conversion
			of a string to a dns_name structure and vice
			versa. [RT #19451]
 2009-03-11 07:02:34 +00:00
Automatic Updater
39a8abdb83 update copyright notice 2009-01-27 23:47:54 +00:00
Tatuya JINMEI 神明達哉
d9059b0c38 2537. [func] Added more statistics counters including those on socket 
I/O events and query RTT histograms.  [RT #18802]
 2009-01-27 22:30:00 +00:00
Automatic Updater
d362465c77 update copyright notice 2009-01-17 23:47:43 +00:00
Francis Dupont
08d44d4510 spelling 2009-01-17 13:33:29 +00:00
Francis Dupont
7d6d9c2240 spelling 2009-01-17 13:25:11 +00:00
Francis Dupont
45b4efd07f spelling 2009-01-17 12:56:23 +00:00
Francis Dupont
3678015d3f spelling 2009-01-17 11:57:25 +00:00
Automatic Updater
9e0d0a279b update copyright notice 2009-01-09 23:47:46 +00:00
Tatuya JINMEI 神明達哉
7781f25078 2526. [func] New named option "attach-cache" that allows multiple 
views to share a single cache to save memory and
			improve lookup efficiency. [RT 18905]
 2009-01-09 22:24:37 +00:00
Automatic Updater
d7845fc5ba update copyright notice 2009-01-07 23:47:47 +00:00
Tatuya JINMEI 神明達哉
609f86163a 2525. [func] New logging category "query-errors" to provide detailed 
internal information about query failures, especially
			about server failures. [RT #19027]
 2009-01-07 01:46:40 +00:00
Automatic Updater
5569e7de51 update copyright notice 2009-01-05 23:47:54 +00:00
Tatuya JINMEI 神明達哉
3fb1637c92 trivial comment cleanups (RT#19118) 2009-01-05 23:20:22 +00:00
Mark Andrews
a5746c4ec1 2511. [cleanup] dns_rdata_tofmttext() add const to linebreak. 
[RT #18885]
 2008-12-12 04:37:24 +00:00
Automatic Updater
49960a74b5 update copyright notice 2008-11-14 23:47:33 +00:00
Mark Andrews
da2d57c8cf 2493. [bug] The linux capabilites code was not correctly cleaning 
up after itself. [RT #18767]
 2008-11-14 05:24:11 +00:00
Automatic Updater
3398334b3a update copyright notice 2008-09-25 04:02:39 +00:00
Automatic Updater
6e2871232f update copyright notice 2008-09-24 03:16:58 +00:00
Mark Andrews
6098d364b6 2448. [func] Add NSEC3 support. [RT #15452] 2008-09-24 02:46:23 +00:00
Mark Andrews
739240a9d1 remove dns_stats_copy dns_stats_create dns_stats_destroy dns_stats_incrementcounter dns_zone_getstats 2008-09-08 05:59:11 +00:00
Mark Andrews
7e52028a83 remove dns_resolver_createdispatchpool 2008-09-08 05:41:22 +00:00
Automatic Updater
2cf81a3d8a update copyright notice 2008-06-23 23:47:11 +00:00
Tatuya JINMEI 神明達哉
386d3a99c1 2375. [security] Fully randomize UDP query ports to improve 
forgery resilience. [RT #17949, #18098]
 2008-06-23 19:41:20 +00:00
Evan Hunt
5a17fe2916 Default values of zone ACLs were re-parsed each time a new zone was 
configured, causing an overconsumption of memory. [rt18092]
 2008-05-21 23:17:21 +00:00
Automatic Updater
f052a01ff2 update copyright notice 2008-04-04 23:47:01 +00:00
Mark Andrews
77abeb5330 rebase NSEC3 code 2008-04-04 05:34:07 +00:00
Automatic Updater
ddad355529 update copyright notice 2008-04-03 06:09:05 +00:00
Mark Andrews
8907d8fa04 2355. [func] Extend the number statistics counters available. 
[RT #17590]
 2008-04-03 05:55:52 +00:00
Mark Andrews
db30f4bdcb 2353. [func] Add support for Name Server ID (RFC 5001). 
'dig +nsid' requests NSID from server.
                        'request-nsid yes;' causes recursive server to send
                        NSID requests to upstream servers.  Server responds
                        to NSID requests with the string configured by
                        'server-id' option.  [RT #17091]
 2008-04-03 02:01:08 +00:00
Mark Andrews
3f42cf2f3e 2349. [func] Provide incremental re-signing support for secure 
dynamic zones. [RT #1091]

back out incorrect branch rt1091 and apply correct branch rt1091a.
 2008-04-02 02:37:42 +00:00
Mark Andrews
a0735eeac5 unit16_t -> isc_uint16_t 2008-04-02 01:48:32 +00:00
Automatic Updater
e672951ed2 update copyright notice 2008-04-01 23:47:10 +00:00
Mark Andrews
a76b380643 2349. [func] Provide incremental re-signing support for secure 
dynamic zones. [RT #1091]
 2008-04-01 01:37:25 +00:00
Francis Dupont
2a31bd5310 add EVP and PKCS11 2008-03-31 14:42:51 +00:00
Automatic Updater
cbf0854acc update copyright notice 2008-01-24 23:47:00 +00:00
Tatuya JINMEI 神明達哉
1c3ed2a83d 2320. [func] Make statistics couters thread-safe for platforms 
that support certain atomic operations. [RT #17466]
 2008-01-24 02:00:44 +00:00