upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-19 02:28:27 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
26619 commits 18 branches 854 tags 440 MiB
Commit graph

10915 commits

Author SHA1 Message Date
Ondřej Surý
311fbf3f5b Use standard OPENSSL_NO_ENGINE instead of custom USE_ENGINE define 
(cherry picked from commit 8d648e7a8a)
 2018-05-03 21:36:46 +02:00
Ondřej Surý
5af60f69fd Use BN_hex2bn instead of custom BN_fromhex function 
(cherry picked from commit 8bf192b4d1)
 2018-05-03 21:35:21 +02:00
Mark Andrews
9b20819dd6 simplify mask construction 
(cherry picked from commit 22fab3199f)
 2018-05-03 17:13:42 +02:00
Ondřej Surý
36efa304e6 Also test the higher part of the confidence interval 
(cherry picked from commit 8d3220643c)
 2018-05-03 15:04:15 +02:00
Ondřej Surý
e3a318e8d3 Workaround LibreSSL 2.7.0-2.7.2 quirk in DH_set0_key 
(cherry picked from commit 6b9e3b7b06)
 2018-05-03 14:26:40 +02:00
Ondřej Surý
1e64b869b5 Add support for LibreSSL 2.7 
(cherry picked from commit 29ff62a149)
 2018-05-03 14:26:40 +02:00
Michał Kępień
8a58a60772 Apply raw zone deltas to yet unsigned secure zones 
When inline signing is enabled for a zone without creating signing keys
for it, changes subsequently applied to the raw zone will not be
reflected in the secure zone due to the dns_update_signaturesinc() call
inside receive_secure_serial() failing.  Given that an inline zone will
be served (without any signatures) even with no associated signing keys
being present, keep applying raw zone deltas to the secure zone until
keys become available in an attempt to follow the principle of least
astonishment.

(cherry picked from commit 6acf326969)
 2018-04-25 12:09:04 -07:00
Michał Kępień
cdc7ab42b1 Only log bumped signed serial after a successful secure zone update 
If a raw zone is modified, but the dns_update_signaturesinc() call in
receive_secure_serial() fails, the corresponding secure zone's database
will not be modified, even though by that time a message containing the
bumped signed serial will already have been logged.  This creates
confusion, because a different secure zone version will be served than
the one announced in the logs.  Move the relevant dns_zone_log() call so
that it is only performed if the secure zone's database is modified.

(cherry picked from commit cfbc8e264d)
 2018-04-25 12:09:03 -07:00
Evan Hunt
493a8b53ed remove unnecessary comparison 
(cherry picked from commit 8b1baa10ee)
 2018-04-22 12:57:52 -07:00
Evan Hunt
fe27dfa9fd silence warnings about unnecessary comparisons 
- these are cases where result has been explicitly set, so
  if (result != ISC_R_SUCCESS) is unnecessary

(cherry picked from commit e00eb55cd2)
 2018-04-22 12:57:52 -07:00
Evan Hunt
19be8866d8 add header guards in files that were missing them 
(cherry picked from commit 4247477b61)
 2018-04-22 12:57:52 -07:00
Evan Hunt
97cbc27ed7 fix shadowed global variables 
(cherry picked from commit 9ca3ab1168)
 2018-04-22 12:57:52 -07:00
Evan Hunt
62c64cfe85 fix duplicate include guard in dnsconf.h 
- IMHO we should consider removing dnsconf.c and deprecating the
  /etc/dns.conf file, though, as I don't think it's likely anyone
  is using it

(cherry picked from commit a08ba418ef)
 2018-04-22 12:57:52 -07:00
Mark Andrews
ee763ef281 add named.conf option root-key-sentinel 
(cherry picked from commit 68e9315c7d)
 2018-04-22 12:46:03 -07:00
Mark Andrews
7111eff80c detect and processes root-key-sentinel labels. 
(cherry picked from commit 8fc9f64df9)
 2018-04-22 12:46:03 -07:00
Mark Andrews
77643775c5 remove exit calls after FATAL_ERROR 
(cherry picked from commit f8d2a46daa)
 2018-04-20 15:13:12 -07:00
Mark Andrews
ba238ab374 use %u instead of %d for unsigned int arguments 
(cherry picked from commit 49f8e9571c)
 2018-04-20 15:13:12 -07:00
Ondřej Surý
6171037403 Sync isc_file_template functions between unix and win32, so they are same 
(cherry picked from commit 8c99d104e3)
 2018-04-12 08:47:11 +02:00
Mukund Sivaraman
c932fd2d49 Fix TSIG dump keyfile name buffer size issues 
(cherry picked from commit 44b84cb5a6)
 2018-04-11 14:37:46 +02:00
Ondřej Surý
e052e7f427 Define PATH_MAX on Windows as _MAX_PATH, so we can use it everywhere 
(cherry picked from commit 7467735258)
 2018-04-11 14:37:46 +02:00
Tony Finch
58aac41b7e dnstap: log actual local IPv6 address, not :: listening address 
(cherry picked from commit ccff953c25)
 2018-04-10 17:21:08 -07:00
Michał Kępień
0041aeb751 Use dns_fixedname_initname() where possible 
Replace dns_fixedname_init() calls followed by dns_fixedname_name()
calls with calls to dns_fixedname_initname() where it is possible
without affecting current behavior and/or performance.

This patch was mostly prepared using Coccinelle and the following
semantic patch:

    @@
    expression fixedname, name;
    @@
    -	dns_fixedname_init(&fixedname);
    	...
    -	name = dns_fixedname_name(&fixedname);
    +	name = dns_fixedname_initname(&fixedname);

The resulting set of changes was then manually reviewed to exclude false
positives and apply minor tweaks.

It is likely that more occurrences of this pattern can be refactored in
an identical way.  This commit only takes care of the low-hanging fruit.

(cherry picked from commit 4df4a8e731)
 2018-04-10 13:09:24 -07:00
Mukund Sivaraman
cee4fef7c5 Add a dns_fixedname_initname() helper function 
This also turns the dns_fixedname macros into functions.

(cherry picked from commit 0d2a03c290)
 2018-04-10 13:06:43 -07:00
Ondřej Surý
cd6d3fbf07 A couple of more cleanups after free in opensslrsa_generate() 
(cherry picked from commit d2b3188c61)
 2018-04-06 14:21:11 +10:00
Petr Mensik
d27c7940d9 Do not assign NULL conditionally in OpenSSL < 1.1, make it always explicit. 
(cherry picked from commit edaafacf36)
 2018-04-06 14:21:11 +10:00
Petr Mensik
587452f830 Fix double free on RSA_generate_key_ex failure 
(cherry picked from commit 01cc622e7b)
 2018-04-06 14:21:11 +10:00
Mukund Sivaraman
d2dea05356 Check return value of isc_mem_get() 
(cherry picked from commit de3a4af1bf)
 2018-03-20 09:54:08 +11:00
Evan Hunt
19b5249028 update file headers 2018-03-15 18:40:21 -07:00
Evan Hunt
a61afa750f add an 'untested' case when none of the atomic operations are available 
- this fixes a build failure introduced in change 4913 when
  compiling with ATF and --disable-atomic

(cherry picked from commit 1b3eac926e)
 2018-03-15 12:09:33 -07:00
Ondřej Surý
661364c8cf Fix whitespace 2018-03-15 00:14:23 +01:00
Michał Kępień
f2838e68e8 Fix a zone database reference counting bug in dump_done() 
A typo in commit d39ab7440e introduced a bug in zone database reference
counting which leads to a crash if dumping one version of a slave zone
is not finished by the time transferring a newer version from a master
completes.  Correct the typo to fix reference counting, thus preventing
crashes.

(cherry picked from commit fbd5658db7)
 2018-03-13 10:52:01 -07:00
Evan Hunt
09fade72a0 Fix compiler warnings and test failures when building without threads 
(cherry picked from commit 56353aaf42)
 2018-03-10 10:37:12 -08:00
Evan Hunt
07e2e20868 add missing includes 
(cherry picked from commit a173c9c18f)
 2018-03-09 16:55:56 -08:00
Evan Hunt
7bc7557df9 Merge branch 'clean-bin-tests-v9_12' into 'v9_12' 
clean up bin/tests, convert unit tests to ATF

Closes #115

See merge request isc-projects/bind9!93
 2018-03-09 14:40:12 -08:00
Evan Hunt
80834b5b90 final cleanup 
- update Kyuafiles to match Atffiles
- copyrights
- CHANGES note

(cherry picked from commit 86e00cbb71)
 2018-03-09 14:40:12 -08:00
Evan Hunt
d35f62434a remove lib/tests as nothing uses it anymore 
(cherry picked from commit d132f73497)
 2018-03-09 14:39:57 -08:00
Evan Hunt
289836a066 shorten ht_test and random_test 
(cherry picked from commit 9b753aa154)
 2018-03-09 14:39:56 -08:00
Evan Hunt
4439c471d1 migrate t_dst signature test to lib/dns/tests/dst_test 
(cherry picked from commit a4ebe83cdb)
 2018-03-09 14:39:56 -08:00
Evan Hunt
56da937399 migrate t_db to lib/dns/tests/db_test 
(cherry picked from commit f58ac8ada3)
 2018-03-09 14:39:56 -08:00
Evan Hunt
aefad99e1e migrate t_names to lib/dns/tests/name_test 
(cherry picked from commit 8ecf69ef7b)
 2018-03-09 14:39:56 -08:00
Evan Hunt
c505afd183 migrate t_rbt to lib/dns/tests/rbt_test 
(cherry picked from commit 109546cbda)
 2018-03-09 14:39:56 -08:00
Evan Hunt
88bfe56876 migrate t_tasks to lib/isc/tests/task_test 
(cherry picked from commit c6c1e99252)
 2018-03-09 14:39:56 -08:00
Evan Hunt
30e157f6e4 migrate t_resolver to lib/dns/tests/resolver_test 
(cherry picked from commit d80825c40b)
 2018-03-09 14:39:56 -08:00
Evan Hunt
efccdad0ea migrate t_timers to lib/isc/tests/timer_test 
(cherry picked from commit e2b8699df9)
 2018-03-09 14:39:56 -08:00
Evan Hunt
c7fa56e8db migrate t_atomic to lib/isc/tests/atomic_test 
(cherry picked from commit 874e2fc70c)
 2018-03-09 14:39:55 -08:00
Evan Hunt
af48544b75 migrate t_mem to lib/isc/tests/mem_test 
(cherry picked from commit 979f054702)
 2018-03-09 14:39:55 -08:00
Evan Hunt
af0c9b2cee migrate t_net to lib/isc/tests 
(cherry picked from commit 05b7251d51)
 2018-03-09 14:39:55 -08:00
Evan Hunt
fadb93cf43 migrate t_sockaddr to lib/isc/tests 
(cherry picked from commit 62f650078a)
 2018-03-09 14:39:55 -08:00
Evan Hunt
787c5d1394 allow ATF tests to run in parallel 
(cherry picked from commit ef0b4c91bc)
 2018-03-09 14:36:06 -08:00
Evan Hunt
c54e379267 Merge branch 'v9_12_1_patch' into v9_12 2018-03-08 14:26:15 -08:00