upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-25 10:59:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
25079 commits 18 branches 854 tags 440 MiB
Commit graph

2008 commits

Author SHA1 Message Date
Mark Andrews
08e36aa5a5 4356. [func] Add the ability to specify whether to wait for 
nameserver addresses to be looked up or not to
                        rpz with a new modifying directive 'nsip-wait-recurse'.                         [RT #35009]
 2016-05-05 16:29:05 +10:00
Tinderbox User
99bbb58ce7 update copyright notice / whitespace 2016-05-04 23:45:36 +00:00
Evan Hunt
66074f152f [master] log message when using ISC DLV 
4352.	[cleanup]	The ISC DNSSEC Lookaside Validation (DLV) service
			is scheduled to be disabled in 2017.  A warning is
			now logged when named is configured to use it,
			either explicitly or via "dnssec-lookaside auto;"
			[RT #42207]
 2016-05-04 14:37:25 -07:00
Tinderbox User
9e6e0881fa update copyright notice / whitespace 2016-04-30 23:45:50 +00:00
Mark Andrews
cbad856135 support truncated hashes longer that 7 
(cherry picked from commit 5b291f619e312689e25de8fd5662b0b9d4a62679)
 2016-05-01 07:48:40 +10:00
Evan Hunt
a27dc50157 [master] copyrights 2016-04-28 22:30:53 -07:00
Evan Hunt
f6096b958c [master] dnssec-keymgr 
4349.   [contrib]       kasp2policy: A python script to create a DNSSEC
                        policy file from an OpenDNSSEC KASP XML file.

4348.	[func]		dnssec-keymgr: A new python-based DNSSEC key
			management utility, which reads a policy definition
			file and can create or update DNSSEC keys as needed
			to ensure that a zone's keys match policy, roll over
			correctly on schedule, etc.  Thanks to Sebastian
			Castro for assistance in development. [RT #39211]
 2016-04-28 00:16:01 -07:00
Evan Hunt
5ecfee97ba [master] copyrights 2016-04-14 19:12:13 -07:00
Evan Hunt
3cd204c4a4 [master] fixed revoked key regression 
4436.	[bug]		Fixed a regression introduced in change #4337 which
			caused signed domains with revoked KSKs to fail
			validation. [RT #42147]
 2016-04-14 18:52:52 -07:00
Mark Andrews
7f79448198 remove unnecessary return 2016-04-08 04:24:47 +10:00
Tinderbox User
c19f42a378 update copyright notice / whitespace 2016-03-24 23:45:21 +00:00
Mark Andrews
6214c3c93a 4341. [bug] 'rndc flushtree' could fail to clean the tree if there 
wasn't a node at the specified name. [RT #41846]
 2016-03-24 11:31:25 +11:00
Tinderbox User
a63461cc4b update copyright notice / whitespace 2016-03-23 23:45:22 +00:00
Evan Hunt
7fa4c18451 [master] ECS family 0 handling was still broken 2016-03-23 15:00:30 -07:00
Evan Hunt
ddf3342cca [master] test pipelining with mdig 
4339.	[test]		Use "mdig" to test pipelined queries. [RT #41929]
 2016-03-22 17:26:38 -07:00
Evan Hunt
132a571179 [master] fix mkeys TTL 0 issue 
4337.	[bug]		The previous change exposed a latent flaw in
			key refresh queries for managed-keys when
			a cached DNSKEY had TTL 0. [RT #41986]
 2016-03-22 12:12:32 -07:00
Tinderbox User
27def92931 update copyright notice / whitespace 2016-03-21 23:45:22 +00:00
Mark Andrews
0993cd5f22 4336. [bug] Don't emit records with zero ttl unless the records 
were learnt with a zero ttl. [RT #41687]
 2016-03-21 13:22:21 +11:00
Tinderbox User
b1aac28027 update copyright notice / whitespace 2016-03-16 23:45:17 +00:00
Jeremy C. Reed
e12c78ebf6 add comments about why the configuration is bad 
I didn't get review. This is trivial.
 2016-03-16 15:42:56 -04:00
Jeremy C. Reed
81780ffd74 use -r $RANDFILE for test using keygen 
stops hang
this is for ticket #41898
 2016-03-11 09:27:15 -05:00
Tinderbox User
4a7004f3ce update copyright notice / whitespace 2016-03-10 23:45:16 +00:00
Mark Andrews
7c52595464 4331. [func] When loading managed signed zones detect if the 
RRSIG's inception time is in the future and regenerate
                        the RRSIG immediately. [RT #41808]
 2016-03-10 17:01:08 +11:00
Mark Andrews
93ca5ee4c4 update copyrights 2016-03-08 16:21:19 +11:00
Mark Andrews
d6357f09aa 4329. [func] Warn about a common misconfiguration when forwarding 
RFC 1918 zones. [RT #41441]
 2016-03-08 10:11:23 +11:00
Tinderbox User
220ba6da87 update copyright notice / whitespace 2016-03-04 23:45:23 +00:00
Mark Andrews
8398f00156 4326. [protocol] Add support for AVC. [RT #41819 2016-03-04 18:11:41 +11:00
Evan Hunt
023ba1e6ef [master] add OS details to rndc status 
4325.	[func]		Add a line to "rndc status" indicating the
			hostname and operating system details. [RT #41610]
 2016-03-03 22:02:52 -08:00
Tinderbox User
f254ab049e update copyright notice / whitespace 2016-03-02 23:45:17 +00:00
Mark Andrews
ce7216c40a 4223. [bug] Improve HTTP header processing on statschannel. 
[RT #41674]
 2016-03-02 11:04:59 +11:00
Mark Andrews
7f514657e2 update copyrights 2016-02-25 10:55:40 +11:00
Mark Andrews
f9da4a8e54 4321. [bug] Zones using mapped files containing out-of-zone data 
could return SERVFAIL instead of the expected NODATA
                        or NXDOMAIN results. [RT #41596]
 2016-02-24 11:13:24 +11:00
Tinderbox User
62735fcde3 update copyright notice / whitespace 2016-02-23 23:45:35 +00:00
Mukund Sivaraman
293a9e9978 Fix allocation for "none" ACL that caused assertion failure (#41745) 2016-02-23 12:51:34 +05:30
Tinderbox User
27424c351d update copyright notice / whitespace 2016-02-20 23:45:16 +00:00
Mark Andrews
c968a257c1 fix subnet prefix 2016-02-20 12:01:30 +11:00
Tinderbox User
53ba272721 update copyright notice / whitespace 2016-02-18 23:45:32 +00:00
Mark Andrews
37176663e0 don't used class in grep e.g. [:space:] 2016-02-17 13:17:40 +11:00
Evan Hunt
93c211afc9 [master] fixed a regression in dyndb due to change #4277 2016-02-12 00:22:45 -08:00
Mark Andrews
b91d11bfcc copyrights / whitespace 2016-02-11 10:44:21 +11:00
Mukund Sivaraman
79a55d4f4d Add option to tools to print RRs in unknown presentation format (#41595) 2016-02-09 15:39:02 +05:30
Mukund Sivaraman
0c29904b27 Check that configured view class isn't a meta class (#41572) 2016-02-08 13:58:01 +05:30
Mark Andrews
08913705e9 specify what to copy 
(cherry picked from commit 88624c9c32)
 2016-02-05 13:54:47 +11:00
Tinderbox User
d83a9a980a update copyright notice / whitespace 2016-02-02 23:45:23 +00:00
Mukund Sivaraman
f9b167290a Remove 45 second sleeps from notify system test (#41248) 
No CHANGES entry required.
 2016-02-02 09:46:57 +05:30
Mark Andrews
8d00c5ab2c 4312. [bug] dig's unknown dns and edns flags (MBZ value) logging 
was not consistent. [RT #41600]
 2016-02-02 14:19:22 +11:00
Mark Andrews
e370cdf4ba capture rndc output 
(cherry picked from commit 2d58f4aee2)
 2016-02-02 12:26:23 +11:00
Tinderbox User
8b074bef0c update copyright notice / whitespace 2016-02-01 23:45:25 +00:00
Evan Hunt
ec450fde7c [master] disallow delzone on policiy zones 
4311.	[bug]		Prevent "rndc delzone" from being used on
			response-policy zones. [RT #41593]
 2016-02-01 09:49:49 -08:00
Evan Hunt
df9a49ee07 [master] dig/mdig could send misformatted ECS options 
4307.	[bug]		"dig +subnet" and "mdig +subnet" could send
			incorrectly-formatted Client Subnet options
			if the prefix length was not divisble by 8.
			Also fixed a memory leak in "mdig". [RT #45178]
 2016-01-29 17:41:29 -08:00
Tinderbox User
b7f3400f3b update copyright notice / whitespace 2016-01-28 23:45:29 +00:00
Mark Andrews
832ab79d1f 4305. [bug] dnssec-signzone was not removing unnecessary rrsigs 
from the zone's apex. [RT #41483]
 2016-01-28 15:42:34 +11:00
Mark Andrews
9d85a77382 4304. [port] xfer system test failed as 'tail -n +value' is not 
portable. [RT #41315]
 2016-01-28 15:38:06 +11:00
Evan Hunt
8ede7a974b [master] fix dig=+subnet zero-length prefix 
4303.	[bug]		"dig +subnet" was unable to send a prefix length of
			zero, as it was incorrectly changed to 32 for v4
			prefixes or 128 for v6 prefixes. In addition to
			fixing this, "dig +subnet=0" has been added as a
			short form for 0.0.0.0/0. The same changes have
			also been made in "mdig". [RT #41553]
 2016-01-27 19:03:54 -08:00
Tinderbox User
4df65ccfec update copyright notice / whitespace 2016-01-25 23:45:24 +00:00
Mark Andrews
9478de25bb 4301. [bug] dnssec-settime -p [DP]sync was not working. [RT #41534] 2016-01-26 00:27:44 +11:00
Tinderbox User
7d4f45f6bd update copyright notice / whitespace 2016-01-21 23:45:23 +00:00
Evan Hunt
9b789c54f8 [master] add regression test for RT #41518 
4297.	[test]		Ensure delegations in RPZ zones fail robustly.
			[RT #41518]
 2016-01-20 17:44:11 -08:00
Evan Hunt
d40154cab7 [master] cacluate TCP packet sizes correctly 
4296.	[bug]		TCP packet sizes were calculated incorrectly in the
			stats channel; they could be counted in the wrong
			histogram bucket. [RT #40587]
 2016-01-20 17:30:27 -08:00
Tinderbox User
16201b15a6 update copyright notice / whitespace 2016-01-17 23:45:21 +00:00
Curtis Blackburn
3948d9c7c6 rrl test was failing on some systems because not all versions of perl understand '-E'. changed to '-e' 2016-01-15 14:35:12 -08:00
Curtis Blackburn
a66619fe32 [rt39196] Added a new nameserver to test rrl "log-only yes". 
Added test for RT #39197. Made the rrl test more
              tolerant of minor differences in results due to
              timing. Removed the failure override for the rrl
              test.

commit 01a15bc80ef4c20171ddfe9b5ceb2ebe008c8e0d
Author: Curtis Blackburn <ckb@isc.org>
Date:   Tue Dec 15 15:08:03 2015 -0800

    added a new nameserver to the rrl test
 2016-01-11 19:37:17 -08:00
Tinderbox User
7321d8df7b update copyright notice / whitespace 2015-12-27 23:45:24 +00:00
Evan Hunt
fbed5f0f44 [master] fix geoip options 
4284.	[bug]		Some GeoIP options were incorrectly documented
			using abbreviated forms which were not accepted by
			named.  The code has been updated to allow both
			long and abbreviated forms. [RT #41381]
 2015-12-26 10:50:32 -08:00
Curtis Blackburn
df59681bd2 [rt40109] added a test for +dscp to the digdelv tests 2015-12-21 14:13:03 -08:00
Mark Andrews
49762dffc4 4282. [func] 'dig +[no]mapped' determine whether the use of mapped 
IPv4 addresses over IPv6 is permitted or not.  The
                        default is +mapped.  [RT #41307]
 2015-12-19 09:47:11 +11:00
Tinderbox User
4688741c5c update copyright notice / whitespace 2015-12-16 23:45:26 +00:00
Mark Andrews
f1fcadccc4 remove named.conf 2015-12-16 21:37:21 +11:00
Mark Andrews
1583a214cd check for non removed files 2015-12-16 21:25:04 +11:00
Mark Andrews
ecfedec0e0 perform a more complete cleanup after running system tests [rt41255] 2015-12-16 11:29:18 +11:00
Tinderbox User
ea2ea0914c update copyright notice / whitespace 2015-12-15 23:45:23 +00:00
Evan Hunt
0321aa184e [master] reclimit test was broken with v6 2015-12-15 15:01:58 -08:00
Curtis Blackburn
9effea437d [rt41269] additional tests for dig and delv, 
fix for --disable-ipv6 on osx,
              fixes for tests with --disable-ipv6
 2015-12-15 11:58:28 -08:00
Mark Andrews
f647c0df9f 4281. [bug] Teach dns_message_totext about BADCOOKIE. [RT #41257] 2015-12-15 19:49:40 +11:00
Mukund Sivaraman
ecc06cbc32 Use optimal message sizes to improve compression in AXFRs (#40996) 2015-12-15 13:24:14 +05:30
Evan Hunt
b96366252b [master] add +nocookie and use perl for query burst 2015-12-14 21:27:49 -08:00
Evan Hunt
362d2d46aa [master] fixed an incorrect test case in rpzrecurse 2015-12-13 14:15:47 -08:00
Curtis Blackburn
21c6e49a77 [rt40106] add tests for dig +[no]ttlunits 2015-12-10 12:08:57 -08:00
Mark Andrews
505d311709 4278. [bug] 'delv +short +[no]split[=##]' didn't work as expected. 
[RT #41238]
 2015-12-10 12:43:50 +11:00
Curtis Blackburn
6fe5cc5aea [rt41263] add a system test for dig +qr +ednsopt<invalid> 2015-12-09 16:21:02 -08:00
Tinderbox User
2a37470065 update copyright notice / whitespace 2015-12-09 23:45:23 +00:00
Mukund Sivaraman
5d79b60fc5 Improve performance of RBT (#41165) 2015-12-09 19:10:55 +05:30
Curtis Blackburn
aeb7b6e145 [rt40105] add a system test for dig +zflag 2015-12-08 16:06:39 -08:00
Curtis Blackburn
ce0d8b1c0e [rt40104] changed one occurrence of +noednsneg to +noednsnegotiation 2015-12-08 16:03:01 -08:00
Curtis Blackburn
4d1ea2336c [rt40107] add system tests for dig +header-only 2015-12-08 15:57:53 -08:00
Curtis Blackburn
ab94dd50e8 [rt40181] added tests for dig +short +nosplit/+rrcomments (see rt39291) 2015-12-08 15:13:52 -08:00
Mark Andrews
322e6b5be7 4276. [protocol] Add support for SMIMEA. [RT #40513] 2015-12-08 08:16:41 +11:00
Evan Hunt
464c2c673b [master] fix dig +norrcomments 
4272.	[bug]		dig: the +norrcomments option didn't work with +multi.
			[RT #41234]
 2015-12-04 16:16:59 -08:00
Tinderbox User
8c20f8635a update copyright notice / whitespace 2015-12-03 23:45:24 +00:00
Mark Andrews
26177be294 4267. [test] Check sdlz error handling. [RT #41142] 2015-12-02 13:00:42 +11:00
Mark Andrews
c8821d124c 4260. [security] Insufficient testing when parsing a message allowed 
records with an incorrect class to be be accepted,
                        triggering a REQUIRE failure when those records
                        were subsequently cached. (CVE-2015-8000) [RT #4098]
 2015-11-16 13:12:20 +11:00
Tinderbox User
3ebda3f46b update copyright notice / whitespace 2015-11-12 23:45:23 +00:00
Mark Andrews
d0afc2d1c4 use a test key 2015-11-12 10:54:59 +11:00
Tinderbox User
4949f39716 update copyright notice / whitespace 2015-11-11 23:45:23 +00:00
Mukund Sivaraman
53cf70ef7d Cleanup *.nta files after rndc system test 2015-11-11 13:49:21 +05:30
Mukund Sivaraman
58f7af60e7 Allow non-destructive control channel access using a "read-only" clause (#40498) 2015-11-11 13:46:57 +05:30
Tinderbox User
3865e18d3d update copyright notice / whitespace 2015-11-09 23:45:22 +00:00
Evan Hunt
e13d04fda9 [master] fix python script versions 
4257.	[cleanup]	Python scripts reported incorrect version. [RT #41080]
 2015-11-08 21:34:24 -08:00
Tinderbox User
dae43e88b7 update copyright notice / whitespace 2015-11-06 23:45:24 +00:00
Evan Hunt
b513918481 [master] allow spaces in rndc arguments 
4256.	[bug]		Allow rndc command arguments to be quoted so as
			to allow spaces. [RT #36665]
 2015-11-05 19:51:54 -08:00
Tinderbox User
4ba2689c1f update copyright notice / whitespace 2015-11-05 23:45:25 +00:00
Witold Krecicki
bfd4b9e11a 4255. [func] Add 'message-compression' option to disable DNS compression in responses. [RT #40726] 2015-11-05 12:19:04 +01:00
Mark Andrews
e939674d53 4252. [func] Add support for automating the generation CDS and 
CDNSKEY rrsets to named and dnssec-signzone.
                        [RT #40424]
 2015-11-05 12:09:48 +11:00
Evan Hunt
6b8519147a [master] NTAs did not survive reoad/reconfig 
4251.	[bug]		NTAs were deleted when the server was reconfigured
			or reloaded. [RT #41058]
 2015-11-04 10:34:28 -08:00
Evan Hunt
aa9b64060f [master] fix statschannel with no libjson 
4246.	[test]		Ensure the statschannel system test runs when BIND
			is not built with libjson. [RT #40944]
 2015-10-28 20:19:31 -07:00
Mark Andrews
a70fc47e9d 4243. [func] Improved stats reporting from Timothe Litt. [RT #38941] 2015-10-28 09:45:46 +11:00
Francis Dupont
638e82b134 spelling 2015-10-07 14:49:51 +02:00
Evan Hunt
b66b333f59 [master] dnstap 
4235.	[func]		Added support in named for "dnstap", a fast method of
			capturing and logging DNS traffic, and a new command
			"dnstap-read" to read a dnstap log file.  Use
			"configure --enable-dnstap" to enable this
			feature (note that this requires libprotobuf-c
			and libfstrm). See the ARM for configuration details.

			Thanks to Robert Edmonds of Farsight Security.
			[RT #40211]
 2015-10-02 12:32:42 -07:00
Witold Krecicki
a239044323 4234. [func] Add deflate compression in statistics channel HTTP 
server. [RT #40861]
 2015-10-02 10:45:10 +02:00
Tinderbox User
e13c3286a5 update copyright notice / whitespace 2015-10-01 23:45:31 +00:00
Mark Andrews
3ed714b961 emit "E:TESTNAME:DATE" when we can't start a server 2015-10-01 16:01:34 +10:00
Tinderbox User
551e0d486d update copyright notice / whitespace 2015-09-30 23:45:36 +00:00
Mark Andrews
65d59a4307 4232. [test] Add tests for CDS and CDNSKEY with delegation-only. 
[RT #40597]
 2015-09-30 15:55:14 +10:00
Mark Andrews
0d990f57ae silence compiler warnings 2015-09-30 14:04:28 +10:00
Mark Andrews
1a0e5b0504 address linking issues 2015-09-30 12:38:07 +10:00
Tinderbox User
55cfbf322d update copyright notice / whitespace 2015-09-29 23:45:32 +00:00
Mark Andrews
ab8b419a79 #include <isc/string.h> for memset 2015-09-30 00:46:33 +10:00
Mark Andrews
ac6bb3dd36 add missing libraries 2015-09-30 00:44:49 +10:00
Evan Hunt
a00f9e2f50 [master] merge dyndb 
4224.	[func]		Added support for "dyndb", a new interface for loading
			zone data from an external database, developed by
			Red Hat for the FreeIPA project.

			DynDB drivers fully implement the BIND database
			API, and are capable of significantly better
			performance and functionality than DLZ drivers,
			while taking advantage of advanced database
			features not available in BIND such as multi-master
			replication.

			Thanks to Adam Tkac and Petr Spacek of Red Hat.
			[RT #35271]
 2015-09-28 23:12:35 -07:00
Witold Krecicki
e6d0a391f5 4223. [func] Add support for setting max-cache-size to percentage 
of available physical memory, set default to 90%.
			[RT #38442]
 2015-09-28 11:08:50 +02:00
Mark Andrews
f6e45a5c54 4217. [protocol] Add support for CSYNC. [RT #40532] 2015-09-18 23:45:12 +10:00
Tinderbox User
7dbeeeaa1e update copyright notice / whitespace 2015-09-17 23:45:24 +00:00
Mark Andrews
e0a30050c8 4214. [protocol] Add support for TALINK. [RT #40544] 2015-09-18 07:43:43 +10:00
Mark Andrews
dd1bcab25c 4213. [bug] Don't reuse a cache across multiple classes. 
[RT #40205]
 2015-09-17 14:51:21 +10:00
Mark Andrews
1d5ebfc05f address race condition in ecdsa system test leading to differing authority sections. [RT #40283]; no CHANGES entry. 2015-09-17 14:23:44 +10:00
Mark Andrews
0f2ecf4b5c 4207. [bug] Handle class mismatches with raw zone files. 
[RT #40746]
 2015-09-16 10:43:22 +10:00
Evan Hunt
226339ed43 [master] spurious spaces in named-checkconf -p 
4205.	[bug]		'named-checkconf -p' could include unwanted spaces
			when printing tuples with unset optional fields.
			[RT #40731]
 2015-09-14 08:50:17 -07:00
Tinderbox User
96f6f5dfc2 update copyright notice / whitespace 2015-09-11 23:45:36 +00:00
Mark Andrews
5a49f61ca9 4199. [protocol] Add support for NINFO, RKEY, SINK, TA. 
[RT #40545] [RT #40547] [RT #40561] [RT #40563]
 2015-09-11 17:35:01 +10:00
Evan Hunt
aec8a3b7cf [master] improve rrchecker test 
4203.	[test]		The rrchecker system test now tests conversion
			to and from unkonwn-type format. [RT #40584]
 2015-09-11 00:24:47 -07:00
Tinderbox User
f28c6dc514 update copyright notice / whitespace 2015-09-10 23:46:28 +00:00
Mark Andrews
3dd63ba00f 4199. [protocol] Add support for NINFO, RKEY, TA. 
[RT #40545] [RT #40547] [RT #40563]
 2015-09-10 17:58:29 +10:00
Mark Andrews
63874956de 4199. [protocol] Add support for NINFO, RKEY. [RT #40547] [RT #40563] 2015-09-10 17:07:05 +10:00
Mark Andrews
8b29fc0b7a 4199. [protocol] Add support for RKEY. [RT #40563] 2015-09-10 14:50:20 +10:00
Mark Andrews
5be3128599 address race condition rt40242 2015-09-09 18:12:05 +10:00
Mark Andrews
075a3d60c2 4197. [bug] 'named-checkconf -z' didn't handle 'in-view' clauses. 
[RT #40603]
 2015-09-09 17:56:23 +10:00
Mark Andrews
4ca7391e64 4196. [doc] Improve how "enum + other" types are documented. 
[RT #40608]

4195.   [bug]           'max-zone-ttl unlimited;' was broken. [RT #40608]
 2015-09-09 17:02:11 +10:00
Mark Andrews
fbd9aaa58c 4194. [bug] named-checkconf -p failed to properly print a port 
range.  [RT #40634]
 2015-09-09 16:49:11 +10:00
Tinderbox User
0d5b7ed79d update copyright notice / whitespace 2015-08-25 23:45:27 +00:00
Mark Andrews
9b956d342e 4192. [bug] The default rrset-order of random was not always being 
applied. [RT #40456]
 2015-08-25 14:52:27 +10:00
Mark Andrews
5855fd79e3 4191. [protocol] Accept DNS-SD non LDH PTR records in reverse zones 
as per RFC 6763. [RT #37889]
 2015-08-25 14:46:06 +10:00
Tinderbox User
5d68969ab3 update copyright notice / whitespace 2015-08-22 23:45:23 +00:00
Mark Andrews
dc3912f3ca 4190. [protocol] Accept Active Diretory gc._msdcs.<forest> name as 
valid with check-names.  <forest> still needs to be
                        LDH. [RT #40399]
 2015-08-22 15:27:33 +10:00
Mark Andrews
416265e4d4 add / 
(cherry picked from commit 820a9517ad)
 2015-08-20 14:02:08 +10:00
Mark Andrews
b5caf98644 ignore xmlstats 2015-08-20 14:00:23 +10:00
Tinderbox User
161b5249b9 update copyright notice / whitespace 2015-08-19 23:45:23 +00:00
Mark Andrews
5c1c62cd8a awk on solaris doesn't like // as a pattern 2015-08-19 08:35:12 +10:00
Mukund Sivaraman
bf350c9f1a Fix RPZ bugs related to wildcard triggers (#40357) 2015-08-18 19:39:53 +05:30
Mark Andrews
1a38ba7b41 add statistics 2015-08-18 22:31:13 +10:00
Mark Andrews
d9aeaf35ea check for libxml2 2015-08-18 22:29:35 +10:00
Mark Andrews
486c763015 use grep rather than xmllint 2015-08-18 10:03:58 +10:00
Mark Andrews
bce42685ab add missing echo 2015-08-18 09:37:14 +10:00
Mark Andrews
55df11d4e1 use sed instead of count 2015-08-18 00:35:06 +10:00
Mark Andrews
5f7540f12f improve failure diagnostics 2015-08-17 17:42:58 +10:00
Mark Andrews
741c65c4d8 ignore leading zeros of revoked keyid 2015-08-17 17:10:46 +10:00
Mukund Sivaraman
984d2bb9e5 Fix assertion failure in parsing UNSPEC(103) RR from text (#40274) 2015-08-14 13:30:52 +05:30
Mukund Sivaraman
474921d733 Fix assertion failure in parsing NSAP records from text 2015-08-14 13:11:26 +05:30
Tinderbox User
ed91aca9e6 update copyright notice / whitespace 2015-08-12 23:45:25 +00:00
Mark Andrews
c631ff56bf Updated CHANGES note to include require-server-cookie: 
4152.   [func]          Implement DNS COOKIE option.  This replaces the
                        experimental SIT option of BIND 9.10.  The following
                        named.conf directives are available: send-cookie,
                        cookie-secret, cookie-algorithm, nocookie-udp-size
                        and require-server-cookie.  The following dig options
                        are available: +[no]cookie[=value] and +[no]badcookie.
                        [RT #39928]
 2015-08-13 08:26:23 +10:00
Mark Andrews
151f1bcd5e 4172. [bug] Named / named-checkconf didn't handle a view of CLASS0. 
[RT #40265]
 2015-08-12 19:06:00 +10:00
Evan Hunt
05b1684791 [master] fix an awk portability issue 2015-08-03 14:21:16 -07:00
Tinderbox User
f3cbd0e029 update copyright notice / whitespace 2015-08-02 23:45:22 +00:00
Evan Hunt
68116c5a5f [master] add +nocookie options where needed 2015-08-02 11:18:12 -07:00
Evan Hunt
a3b21effd7 [master] missing 'use' caused test failure 2015-07-21 13:49:54 -07:00
Evan Hunt
a32ca13d12 [master] statschannel test failed when only JSON was available 2015-07-20 19:09:22 -07:00
Evan Hunt
9501aa9d5a [master] portability 2015-07-20 19:01:29 -07:00
Tinderbox User
35af5049f8 update copyright notice / whitespace 2015-07-10 23:45:23 +00:00
Evan Hunt
b716b9cddc [master] add JSON and more XML tests 
4161.	[test]		Add JSON test for traffic size stats; also test
			for consistency between "rndc stats" and the XML
			and JSON statistics channel contents. [RT #38700]
 2015-07-09 21:18:42 -07:00
Tinderbox User
f16a6bfb6c update copyright notice / whitespace 2015-07-09 23:45:22 +00:00
Evan Hunt
1479200aa0 [master] DDoS mitigation features 
3938.	[func]		Added quotas to be used in recursive resolvers
			that are under high query load for names in zones
			whose authoritative servers are nonresponsive or
			are experiencing a denial of service attack.

			- "fetches-per-server" limits the number of
			  simultaneous queries that can be sent to any
			  single authoritative server.  The configured
			  value is a starting point; it is automatically
			  adjusted downward if the server is partially or
			  completely non-responsive. The algorithm used to
			  adjust the quota can be configured via the
			  "fetch-quota-params" option.
			- "fetches-per-zone" limits the number of
			  simultaneous queries that can be sent for names
			  within a single domain.  (Note: Unlike
			  "fetches-per-server", this value is not
			  self-tuning.)
			- New stats counters have been added to count
			  queries spilled due to these quotas.

			See the ARM for details of these options. [RT #37125]
 2015-07-08 22:53:39 -07:00
Tinderbox User
9ab5a7d83c update copyright notice / whitespace 2015-07-07 23:45:22 +00:00
Evan Hunt
70d987def5 [master] traffic size stats 
4156.	[func]		Added statistics counters to track the sizes
			of incoming queries and outgoing responses in
			histogram buckets, as specified in RSSAC002.
			[RT #39049]
 2015-07-06 22:29:06 -07:00
Mukund Sivaraman
33ca26968b Allow RPZ rewrite logging to be configured on a per-zone basis (#39754) 2015-07-06 08:57:51 +05:30
Mark Andrews
3e33f4198d 4154. [bug] A OPT record should be included with the FORMERR 
response when there is a malformed EDNS option.
                        [RT #39647]

4153.   [bug]           Dig should zero non significant +subnet bits.  Check
                        that non significant ECS bits are zero on receipt.
                        [RT #39647]
 2015-07-06 12:52:37 +10:00
Mark Andrews
ce67023ae3 4152. [func] Implement DNS COOKIE option. This replaces the 
experimental SIT option of BIND 9.10.  The following
                        named.conf directives are avaliable: send-cookie,
                        cookie-secret, cookie-algorithm and nocookie-udp-size.
                        The following dig options are available:
                        +[no]cookie[=value] and +[no]badcookie.  [RT #39928]
 2015-07-06 09:44:24 +10:00
Tinderbox User
337d408adb update copyright notice / whitespace 2015-06-29 23:45:23 +00:00
Mukund Sivaraman
08f0129732 Fix a bug printing zone names with '/' character in XML and JSON stats (#39873) 2015-06-29 18:33:18 +05:30
Mark Andrews
4a61eae651 4147. [bug] Filter-aaaa / filter-aaaa-on-v4 / filter-aaaa-on-v6 
was returning referrals rather than nodata responses
                        when the AAAA records were filtered.  [RT #39843]
 2015-06-29 15:48:41 +10:00
Witold Krecicki
f10a67dad2 Add statistics counters for nxdomain redirections. [RT #39790] 2015-06-25 09:21:50 +02:00
Tinderbox User
e0ba64bdd2 update copyright notice / whitespace 2015-06-23 23:45:21 +00:00
Mukund Sivaraman
0439bfedd9 Fix parsing of NZFs saved by rndc addzone with view specified (#39845) 2015-06-23 14:19:48 +05:30
Mukund Sivaraman
b4e114e3cd Print unsigned values for serial, etc. in rndc zonestatus output (#39854) 2015-06-23 13:57:33 +05:30
Witold Krecicki
af3770ed93 rndc reconfig reports configuration errors the same way rndc reload does [RT #39635] 2015-06-12 10:19:29 +02:00
Witold Krecicki
f85deb5154 log expired NTA at startup 2015-06-08 13:57:24 +02:00
Mark Andrews
8c74b6a9a1 use sed as tail -n +# is not portable 2015-05-30 11:05:57 +10:00
Tinderbox User
431e5c81db update copyright notice / whitespace 2015-05-28 23:45:24 +00:00
Mark Andrews
52a487f71a link against ISC_OPENSSL_LIBS 2015-05-28 11:06:39 +10:00
Mark Andrews
598b502695 4127. [protocol] CDS and CDNSKEY need to be signed by the key signing 
key as per RFC 7344, Section 4.1. [RT #37215]
 2015-05-27 15:25:45 +10:00
Evan Hunt
a32b6291aa [master] address regression 
4126.	[bug]		Addressed a regression introduced in change #4121.
			[RT #39611]
 2015-05-26 19:11:08 -07:00
Tinderbox User
b7b835bfb0 update copyright notice / whitespace 2015-05-24 23:45:24 +00:00
Mark Andrews
83622f9a4c link against libisc 2015-05-24 12:50:56 +10:00
Mark Andrews
cb9b145f39 don't include <isc/print.h> 2015-05-24 12:50:20 +10:00
Mark Andrews
936adc1282 link against libisc 2015-05-24 11:58:15 +10:00
Tinderbox User
d70dac20d2 update copyright notice / whitespace 2015-05-23 23:45:25 +00:00
Mark Andrews
2ac85d943b specfiy where libisc is 
(cherry picked from commit c907e7b512e88b641595d514790e2b41575f149e)
 2015-05-24 06:03:08 +10:00
Mark Andrews
e6e7de5cda link against ISCLIBS 2015-05-24 05:42:44 +10:00
Francis Dupont
850cfa4e86 Added isc in includes (print.h requires it) 2015-05-23 15:51:34 +02:00
Francis Dupont
3759f10fc5 added print.h includes, updated copyrights 2015-05-23 14:21:51 +02:00
Tinderbox User
46ee7c3260 update copyright notice / whitespace 2015-05-22 23:45:24 +00:00
Curtis Blackburn
717c2b9655 4125. [test] Added tests for dig, renamed delv test to digdelv. 
[RT #39490]
 2015-05-22 11:47:17 -07:00