bind9

mirror of https://github.com/isc-projects/bind9.git synced 2026-02-28 12:31:29 -05:00

Author	SHA1	Message	Date
Automatic Updater	207cee019e	update copyright notice	2011-03-17 23:47:30 +00:00
Francis Dupont	50f64cf0e5	silent compiler warnings for DLZ exernal driver support and example	2011-03-17 09:25:54 +00:00
Evan Hunt	61bcc23203	3076. [func] New '-L' option in dnssec-keygen, dnsset-settime, and dnssec-keyfromlabel sets the default TTL of the key. When possible, automatic signing will use that TTL when the key is published. [RT #23304]	2011-03-17 01:40:40 +00:00
Automatic Updater	0e27506ce3	update copyright notice	2011-03-05 23:52:31 +00:00
Evan Hunt	9a859983d7	3062. [func] Made several changes to enhance human readability of DNSSEC data in dig output and in generated zone files: - DNSKEY record comments are more verbose, no longer used in multiline mode only - multiline RRSIG records reformatted - multiline output mode for NSEC3PARAM records - "dig +norrcomments" suppresses DNSKEY comments - "dig +split=X" breaks hex/base64 records into fields of width X; "dig +nosplit" disables this. [RT #22820]	2011-03-05 19:39:07 +00:00
Automatic Updater	7d9d170dbb	update copyright notice	2011-03-03 23:47:32 +00:00
Evan Hunt	70c7f4fb4f	3053. [bug] Under a sustained high query load with a finite max-cache-size, it was possible for cache memory to be exhausted and not recovered. [RT #23371]	2011-03-03 04:42:25 +00:00
Automatic Updater	c8175ece69	update copyright notice	2011-03-01 23:48:07 +00:00
Mark Andrews	0e507dbb81	2039. [func] Redirect on NXDOMAIN support. [RT #23146 ]	2011-02-23 03:08:11 +00:00
Mark Andrews	fd5d7b4b1c	2038. [bug] Install <dns/rpz.h>. [RT #23342 ]	2011-02-22 11:48:02 +00:00
Automatic Updater	784a904bd0	update copyright notice	2011-02-03 12:18:12 +00:00
Mark Andrews	000a8970f8	3011. [func] Change the default query timeout from 30 seconds to 10. Allow setting this in named.conf using the new 'resolver-query-timeout' option, which specifies a max time in seconds. 0 means 'default' and anything longer than 30 will be silently set to 30. [RT #22852]	2011-02-03 05:41:55 +00:00
Automatic Updater	2352050890	update copyright notice	2011-01-13 08:50:29 +00:00
Mark Andrews	68f6e45d28	uint8_t -> unsigned char	2011-01-13 06:41:05 +00:00
Mark Andrews	119f627c82	uint32_t -> isc_uint32_t	2011-01-13 06:29:16 +00:00
Automatic Updater	9cee5bb028	update copyright notice	2011-01-13 04:59:26 +00:00
Mark Andrews	87708bde16	3008. [func] Response policy zones (RPZ) support. [RT #21726 ]	2011-01-13 01:59:28 +00:00
Automatic Updater	135bcc2e42	update copyright notice	2011-01-11 23:47:14 +00:00
Mark Andrews	433e06a25c	3006. [func] Allow dynamically generated TSIG keys to be preserved across restarts of named. Initially this is for TSIG keys generated using GSSAPI. [RT #22639]	2011-01-10 05:32:04 +00:00
Automatic Updater	0e0be796a7	update copyright notice	2011-01-08 23:47:01 +00:00
Evan Hunt	8a743600dd	3005. [port] Solaris: Work around the lack of gsskrb5_register_acceptor_identity() by setting the KRB5_KTNAME environment variable to the contents of tkey-gssapi-keytab. Also fixed test errors on MacOSX. [RT #22853]	2011-01-08 00:33:12 +00:00
Automatic Updater	db69d5d53c	update copyright notice	2011-01-06 23:47:00 +00:00
Evan Hunt	3916872f37	3003. [experimental] Added update-policy match type "external", enabliing named to defer the decision of whether to allow a dynamic update to an external daemon. (Contributed by Andrew Tridgell.) [RT #22758]	2011-01-06 23:24:39 +00:00
Automatic Updater	a094c46640	update copyright notice	2010-12-23 23:47:08 +00:00
Mark Andrews	37dee1ff94	2999. [func] Add GOST support (RFC 5933). [RT #20639 ]	2010-12-23 04:08:00 +00:00
Mark Andrews	82f77687ab	2993. [func] Dynamically grow adb hash tables. [RT #21186 ]	2010-12-21 03:11:42 +00:00
Automatic Updater	ca103999e6	update copyright notice	2010-12-20 23:47:21 +00:00
Evan Hunt	c445b2f648	Add #ifdef BIND9 to some of the new DLZ code to fix link errors when building with --enable-exportlibs	2010-12-19 02:51:41 +00:00
Mark Andrews	c880d51849	gsskrb5_register_acceptor_identity is not available on all platforms	2010-12-18 14:46:21 +00:00
Evan Hunt	71bd858d8e	2989. [func] Added support for writable DLZ zones. (Contributed by Andrew Tridgell of the Samba project.) [RT #22629] 2988. [experimental] Added a "dlopen" DLZ driver, allowing the creation of external DLZ drivers that can be loaded as shared objects at runtime rather than linked with named. Currently this is switched on via a compile-time option, "configure --with-dlz-dlopen". Note: the syntax for configuring DLZ zones is likely to be refined in future releases. (Contributed by Andrew Tridgell of the Samba project.) [RT #22629] 2987. [func] Improve ease of configuring TKEY/GSS updates by adding a "tkey-gssapi-keytab" option. If set, updates will be allowed with any key matching a principal in the specified keytab file. "tkey-gssapi-credential" is no longer required and is expected to be deprecated. (Contributed by Andrew Tridgell of the Samba project.) [RT #22629]	2010-12-18 01:56:23 +00:00
Automatic Updater	0ccd663a83	update copyright notice	2010-12-16 23:47:08 +00:00
Tatuya JINMEI 神明達哉	743bbdc18f	2947. [func] Add new zone type "static-stub". It's like a stub zone, but the nameserver names and/or their IP addresses are statically configured. [RT #21474] (for 9.8.0)	2010-12-16 09:51:30 +00:00
Mark Andrews	8d8f0b4659	2984. [bug] Don't run MX checks when the target of the MX record is ".". [RT #22645 ]	2010-12-14 00:39:59 +00:00
Automatic Updater	fd6a9d688c	update copyright notice	2010-12-09 04:31:57 +00:00
Mark Andrews	9f9b7f0e8d	2982. [bug] Reference count dst keys. dst_key_attach() can be used increment the reference count. Note: dns_tsigkey_createfromkey() callers should now always call dst_key_free() rather than setting it to NULL on success. [RT #22672]	2010-12-09 00:54:34 +00:00
Automatic Updater	b8a9a7bef2	update copyright notice	2010-12-08 23:51:56 +00:00
Mark Andrews	e334405421	2981. [func] Partial DNS64 support (AAAA synthesis). [RT #21991 ]	2010-12-08 02:46:17 +00:00
Automatic Updater	326a702a35	update copyright notice	2010-12-02 23:46:56 +00:00
Mark Andrews	c87f15dac8	2976. [bug] named die on exit after negotiating a GSS-TSIG key. [RT #3415 ]	2010-12-02 23:22:42 +00:00
Mark Andrews	ed83fa75f5	2963. [security] The allow-query acl was being applied instead of the allow-query-cache acl to cache lookups. [RT #22114]	2010-09-24 05:09:03 +00:00
Mark Andrews	c6f4972c74	2943. [func] Add support to load new keys into managed zones without signing immediately with "rndc loadkeys". Add support to link keys with "dnssec-keygen -S" and "dnssec-settime -S". [RT #21351]	2010-08-16 22:21:07 +00:00
Automatic Updater	2b43d1d8c5	update copyright notice	2010-08-13 23:47:04 +00:00
Evan Hunt	cfd262045c	2936. [func] Improved configuration syntax and multiple-view support for addzone/delzone feature (see change #2930). Removed "new-zone-file" option, replaced with "allow-new-zones (yes\|no)". The new-zone-file for each view is now created automatically, with a filename generated from a hash of the view name. It is no longer necessary to "include" the new-zone-file in named.conf; this happens automatically. Zones that were not added via "rndc addzone" can no longer be removed with "rndc delzone". [RT #19447]	2010-08-11 18:14:20 +00:00
Evan Hunt	86dcc40058	2930. [experimental] New "rndc addzone" and "rndc delzone" commads allow dynamic addition and deletion of zones. To enable this feature, specify a "new-zone-file" option at the view or options level in named.conf. Zone configuration information for the new zones will be written into that file. To make the new zones persist after a restart, "include" the file into named.conf in the appropriate view. (Note: This feature is not yet documented, and its syntax is expected to change.) [RT #19447]	2010-07-11 00:12:57 +00:00
Automatic Updater	1b892cf691	update copyright notice	2010-07-09 23:46:51 +00:00
Evan Hunt	bf9b852c3e	2929. [bug] Improved handling of GSS security contexts: - added LRU expiration for generated TSIGs - added the ability to use a non-default realm - added new "realm" keyword in nsupdate - limited lifetime of generated keys to 1 hour or the lifetime of the context (whichever is smaller) [RT #19737]	2010-07-09 05:13:15 +00:00
Mark Andrews	bf13e709db	2924. [func] 'rndc secroots' dump a combined summary of the current managed keys combined with trusted keys. [RT #20904]	2010-06-25 03:24:05 +00:00
Mark Andrews	48dfee7150	2920. [func] Allow 'filter-aaaa-on-v4' to be applied selectively to IPv4 clients. New acl 'filter-aaaa' (default any).	2010-06-22 04:03:38 +00:00
Automatic Updater	3f2280d2fc	update copyright notice	2010-06-04 23:51:14 +00:00
Mark Andrews	ec58c4ca54	remove trailing comma	2010-06-04 00:12:54 +00:00
Automatic Updater	4dd3ec797d	update copyright notice	2010-05-18 02:38:10 +00:00
Mark Andrews	8d31dd9ab6	2897. [bug] NSEC3 chains could be left behind when transitioning to insecure. [RT #21040]	2010-05-18 01:39:41 +00:00
Automatic Updater	515c7f3c43	update copyright notice	2010-05-14 23:50:40 +00:00
Mark Andrews	778a01b1aa	2893. [bug] Improve managed keys support. New named.conf option managed-keys-directory. [RT #20924]	2010-05-14 04:48:28 +00:00
Mark Andrews	44f175a90a	2892. [bug] Handle REVOKED keys better. [RT #20961 ]	2010-05-14 04:38:52 +00:00
Mark Andrews	b335299322	2890. [bug] Handle the introduction of new trusted-keys and DS, DLV RRsets better. [RT #21097]	2010-05-14 00:13:43 +00:00
Automatic Updater	a955420bed	update copyright notice	2010-05-10 23:50:55 +00:00
Mark Andrews	121f783b66	2881. [bug] Reduce the amount of time the rbtdb write lock is held when closing a version. [RT #21198]	2010-05-10 01:39:03 +00:00
Automatic Updater	4d42b714be	update copyright notice	2010-03-04 23:50:34 +00:00
Mark Andrews	2e20dea9fc	2854. [func] nsupdate will now preserve the entered case of domain names in update requests it sends. [RT #20928]	2010-03-04 05:24:56 +00:00
Mark Andrews	13396661f4	2854. [func] dig: allow the final soa record in a axfr response to be suppressed, dig +onesoa. [RT #20929]	2010-03-04 05:18:04 +00:00
Automatic Updater	bd2b08d5a3	update copyright notice	2010-02-25 05:08:01 +00:00
Mark Andrews	0cae66577c	2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619 ]	2010-02-25 04:39:13 +00:00
Automatic Updater	8576a40424	update copyright notice	2010-01-12 23:48:57 +00:00
Francis Dupont	d481cfdab5	fix spelling in comment	2010-01-12 23:23:21 +00:00
Automatic Updater	b871a3e0cd	update copyright notice	2010-01-09 23:48:45 +00:00
Francis Dupont	a26d73a734	fix trivial typo in comment	2010-01-09 15:21:10 +00:00
Automatic Updater	400615c294	update copyright notice	2009-12-30 23:49:14 +00:00
Tatuya JINMEI 神明達哉	d8680445d6	2828. [security] Cached CNAME or DNAME RR could be returned to clients without DNSSEC validation. [RT #20737] 9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)	2009-12-30 08:02:23 +00:00
Evan Hunt	9ead684875	2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712 ]	2009-12-30 06:46:58 +00:00
Mark Andrews	5b77627c09	2824. [bug] "rndc sign" was not being run by the correct task. [RT #20759]	2009-12-29 22:20:33 +00:00
Evan Hunt	bd31f734ee	2819. [cleanup] Removed unnecessary DNS_POINTER_MAXHOPS define [RT #20771]	2009-12-24 00:35:46 +00:00
Evan Hunt	4e55893d30	2813. [bug] Better handling of unreadable DNSSEC key files. [RT #20710] 2812. [bug] Make sure updates can't result in a zone with NSEC-only keys and NSEC3 records. [RT 20748]	2009-12-18 22:16:49 +00:00
Automatic Updater	4b6dc226f7	update copyright notice	2009-12-04 22:06:37 +00:00
Mark Andrews	3d17a3ba61	2801. [func] Detect and report records that are different according to DNSSEC but are sematically equal according to plain DNS. Apply plain DNS comparisons rather than DNSSEC comparisons when processing UPDATE requests. dnssec-signzone now removes such semantically duplicate records prior to signing the RRset. named-checkzone -r {ignore\|warn\|fail} (default warn) named-compilezone -r {ignore\|warn\|fail} (default warn) named.conf: check-dup-records {ignore\|warn\|fail};	2009-12-04 21:09:34 +00:00
Mark Andrews	5d850024cb	2800. [func] Reject zones which have NS records which refer to CNAMEs, DNAMEs or don't have address record (class IN only). Reject UPDATEs which would cause the zone to fail the above checks if committed. [RT #20678]	2009-12-04 03:33:15 +00:00
Evan Hunt	8e4f3f1cbc	2799. [cleanup] Changed the "secure-to-insecure" option to "dnssec-secure-to-insecure", and "dnskey-ksk-only" to "dnssec-dnskey-kskonly", for clarity. [RT #20586]	2009-12-03 23:18:17 +00:00
Evan Hunt	22304041d1	typo caused a missing semicolon	2009-12-03 16:49:09 +00:00
Evan Hunt	e6dda86e8b	2798. [bug] Addressed bugs in managed-keys initialization and rollover. [RT #20683]	2009-12-03 15:40:03 +00:00
Vernon Schryver	5d9922e86f	Allow the optional filter-aaaa-on-v4 option in view statements to close #20635	2009-11-28 15:57:37 +00:00
Automatic Updater	2b2fc9b4df	update copyright notice	2009-11-25 23:49:22 +00:00
Mark Andrews	d0ca4e90e2	2786. [bug] Additional could be promoted to answer. [RT #20663 ]	2009-11-25 02:22:05 +00:00
Evan Hunt	cef109efa7	2780. [bug] dnssec-keygen -A none didn't properly unset the activation date in all cases. [RT #20648] 2779. [bug] Dynamic key revokation could fail. [RT #20644] 2778. [bug] dnssec-signzone could fail when a key was revoked without deleting the unrevoked version. [RT #20638]	2009-11-23 02:55:41 +00:00
Mark Andrews	a39a5f4d81	2772. [security] When validating, track whether pending data was from the additional section or not and only return it if validates as secure. [RT #20438]	2009-11-17 23:55:18 +00:00
Automatic Updater	2d84cba8f4	update copyright notice	2009-11-04 23:48:18 +00:00
Mark Andrews	0181a0a92f	2747. [bug] Journal roll forwards failed to set the re-signing time of RRSIGs correctly. [RT #20541]	2009-11-04 01:25:55 +00:00
Mark Andrews	a3285e811d	2746. [port] hpux: address signed/unsigned expansion mismatch of dns_rbtnode_t.nsec. [RT #20542]	2009-11-04 01:18:19 +00:00
Evan Hunt	95f2377b4f	2739. [cleanup] Clean up API for initializing and clearing trust anchors for a view. [RT #20211]	2009-10-27 22:46:13 +00:00
Mark Andrews	63d5a6f680	2736. [func] Improve the performance of NSEC signed zones with more than a normal amount of glue below a delegation. [RT #20191]	2009-10-27 04:46:58 +00:00
Evan Hunt	e8831e51c1	2735. [bug] dnssec-signzone could fail to read keys that were specified on the command line with full paths, but weren't in the current directory. [RT #20421]	2009-10-27 03:59:45 +00:00
Automatic Updater	5f744ebbdc	update copyright notice	2009-10-26 23:47:35 +00:00
Evan Hunt	c8aa7ce70d	2732. [func] Add optional filter-aaaa-on-v4 option, available if built with './configure --enable-filter-aaaa'. Filters out AAAA answers to clients connecting via IPv4. (This is NOT recommended for general use.) [RT #20339]	2009-10-26 23:14:54 +00:00
Evan Hunt	c021499604	2731. [func] Additional work on change 2709. The key parser will now ignore unrecognized fields when the minor version number of the private key format has been increased. It will reject any key with the major version number increased. [RT #20310]	2009-10-26 21:18:24 +00:00
Francis Dupont	775a8d86d9	keygen progress indication [RT #20284 ]	2009-10-24 09:46:19 +00:00
Evan Hunt	cc6cddfd94	2726. [func] Added support for SHA-2 DNSSEC algorithms, RSASHA256 and RSASHA512. [RT #20023]	2009-10-22 02:21:31 +00:00
Mark Andrews	7704a47aec	2722. [bug] Ensure that the memory associated with the name of a node in a rbt tree is not altered during the life of the node. [RT #20431]	2009-10-20 04:57:57 +00:00
Automatic Updater	97639003b0	update copyright notice	2009-10-12 23:48:02 +00:00
Evan Hunt	77b8f88f14	2712. [func] New 'auto-dnssec' zone option allows zone signing to be fully automated in zones configured for dynamic DNS. 'auto-dnssec allow;' permits a zone to be signed by creating keys for it in the key-directory and using 'rndc sign <zone>'. 'auto-dnssec maintain;' allows that too, plus it also keeps the zone's DNSSEC keys up to date according to their timing metadata. [RT #19943]	2009-10-12 20:48:12 +00:00
Evan Hunt	3727725bb7	2710. [func] New 'dnssec-signzone -x' flag and 'dnskey-ksk-only' zone option cause a zone to be signed with only KSKs signing the DNSKEY RRset, not ZSKs. This reduces the size of a DNSKEY answer. [RT #20340]	2009-10-10 01:48:00 +00:00
Automatic Updater	8a07de2f03	update copyright notice	2009-10-09 23:48:09 +00:00
Evan Hunt	315a1514a5	2709. [func] Added some data fields, currently unused, to the private key file format, to allow implementation of explicit key rollover in a future release without impairing backward or forward compatibility. [RT #20310]	2009-10-09 06:09:21 +00:00
Mark Andrews	d1bcaec0d6	2708. [func] Insecure to secure and NSEC3 parameter changes via update are now fully supported and no longer require defines to enable. We now no longer overload the NSEC3PARAM flag field, nor the NSEC OPT bit at the apex. Secure to insecure changes are controlled by by the named.conf option 'secure-to-insecure'. Warning: If you had previously enabled support by adding defines at compile time to BIND 9.6 you should ensure that all changes that are in progress have completed prior to upgrading to BIND 9.7. BIND 9.7 is not backwards compatible.	2009-10-09 00:33:39 +00:00
Automatic Updater	15bbb8a129	update copyright notice	2009-10-08 23:48:10 +00:00
Mark Andrews	2847930722	2708. [func] Insecure to secure and NSEC3 parameter changes via update are now fully supported and no longer require defines to enable. We now no longer overload the NSEC3PARAM flag field, nor the NSEC OPT bit at the apex. Secure to insecure changes are controlled by by the named.conf option 'secure-to-insecure'. Warning: If you had previously enabled support by adding defines at compile time to BIND 9.6 you should ensure that all changes that are in progress have completed prior to upgrading to BIND 9.7. BIND 9.7 is not backwards compatible.	2009-10-08 23:13:07 +00:00
Evan Hunt	246c504f90	2706. [bug] Loading a zone with a very large NSEC3 salt could trigger an assert. [RT #20368]	2009-10-06 21:20:45 +00:00
Evan Hunt	3ff75c89eb	2704. [bug] Serial of dynamic and stub zones could be inconsistent with their SOA serial. [RT #19387]	2009-10-05 19:39:20 +00:00
Francis Dupont	8b78c993cb	explicit engine rt20230a	2009-10-05 17:30:49 +00:00
Francis Dupont	debd489a44	noreturn RT #20257	2009-09-29 15:06:07 +00:00
Evan Hunt	53c22b8e0d	2685. [bug] Fixed dnssec-signzone -S handling of revoked keys. Also, added warnings when revoking a ZSK, as this is not defined by protocol (but is legal). [RT #19943]	2009-09-23 16:01:57 +00:00
Evan Hunt	b843f577bb	2677. [func] Changes to key metadata behavior: - Keys without "publish" or "active" dates set will no longer be used for smart signing. However, those dates will be set to "now" by default when a key is created; to generate a key but not use it yet, use dnssec-keygen -G. - New "inactive" date (dnssec-keygen/settime -I) sets the time when a key is no longer used for signing but is still published. - The "unpublished" date (-U) is deprecated in favor of "deleted" (-D). [rt20247]	2009-09-14 18:45:45 +00:00
Evan Hunt	dbabab1f37	rt20045: - sync_keyzone() could leak ISC_R_NOMORE, causing zone_postload() to think it had failed - journal roll-forward on key zones complained about having the wrong number of SOA records - dns_soa_buildrdata() could return a pointer to memory allocated on the stack	2009-09-10 01:47:09 +00:00
Automatic Updater	d7201de09b	update copyright notice	2009-09-02 23:48:03 +00:00
Evan Hunt	eab9975bcf	2668. [func] Several improvements to dnssec-* tools, including: - dnssec-keygen and dnssec-settime can now set key metadata fields 0 (to unset a value, use "none") - dnssec-revoke sets the revocation date in addition to the revoke bit - dnssec-settime can now print individual metadata fields instead of always printing all of them, and can print them in unix epoch time format for use by scripts [RT #19942]	2009-09-02 06:29:01 +00:00
Tatuya JINMEI 神明達哉	44de0b1f7d	2666. [func] Added an 'options' argument to dns_name_fromstring() (API change from 9.7.0a2). [RT #20196]	2009-09-01 17:36:51 +00:00
Tatuya JINMEI 神明達哉	307d208450	2660. [func] Add a new set of DNS libraries for non-BIND9 applications. See README.libdns. [RT #19369]	2009-09-01 00:22:28 +00:00
Automatic Updater	26d8ffe715	update copyright notice	2009-07-19 23:47:55 +00:00
Evan Hunt	553ead32ff	2636. [func] Simplify zone signing and key maintenance with the dnssec-* tools. Major changes: - all dnssec-* tools now take a -K option to specify a directory in which key files will be stored - DNSSEC can now store metadata indicating when they are scheduled to be published, acttivated, revoked or removed; these values can be set by dnssec-keygen or overwritten by the new dnssec-settime command - dnssec-signzone -S (for "smart") option reads key metadata and uses it to determine automatically which keys to publish to the zone, use for signing, revoke, or remove from the zone [RT #19816]	2009-07-19 04:18:05 +00:00
Mark Andrews	109580e7e5	2920. [bug] Delay thawing the zone until the reload of it has completed successfully. [RT #19750]	2009-07-02 07:39:03 +00:00
Automatic Updater	c6fb85f950	update copyright notice	2009-07-01 23:47:36 +00:00
Evan Hunt	cfb1587eb9	2619. [func] Add support for RFC 5011, automatic trust anchor maintenance. The new "managed-keys" statement can be used in place of "trusted-keys" for zones which support this protocol. (Note: this syntax is expected to change prior to 9.7.0 final.) [RT #19248]	2009-06-30 02:53:46 +00:00
Automatic Updater	754cb8a2b3	update copyright notice	2009-06-11 23:47:56 +00:00
Evan Hunt	351b62535d	2609. [func] Simplify the configuration of dynamic zones: - add ddns-confgen command to generate configuration text for named.conf - add zone option "ddns-autoconf yes;", which causes named to generate a TSIG session key and allow updates to the zone using that key - add '-l' (localhost) option to nsupdate, which causes nsupdate to connect to a locally-running named process using the session key generated by named [RT #19284]	2009-06-10 00:27:22 +00:00
Automatic Updater	39844d4710	update copyright notice	2009-06-04 02:56:47 +00:00
Mark Andrews	2534a73a59	2608. [func] Perform post signing verification checks in dnssec-signzone. These can be disabled with -P. The post sign verification test ensures that for each algorithm in use there is at least one non revoked self signed KSK key. That all revoked KSK keys are self signed. That all records in the zone are signed by the algorithm. [RT #19653]	2009-06-04 02:13:37 +00:00
Tatuya JINMEI 神明達哉	40d0f115a6	2604. [func] Add support for DNS rebinding attack prevention through new options, deny-answer-addresses and deny-answer-aliases. Based on contributed code from JD Nurmi, Google. [RT #18192]	2009-05-29 22:22:37 +00:00
Francis Dupont	ff380b05fe	comment fixes (rt19624)	2009-05-07 09:41:23 +00:00
Automatic Updater	7a272c6b0d	update copyright notice	2009-05-06 23:47:50 +00:00
Tatuya JINMEI 神明達哉	5d7849ad7f	2596. [bug] Stale tree nodes of cache/dynamic rbtdb could stay long, leading to inefficient memory usage or rejecting newer cache entries in the worst case. [RT #19563]	2009-05-06 22:53:54 +00:00
Evan Hunt	3f8be559f0	2575. [func] New functions dns_name_fromstring() and dns_name_tostring(), to simplify conversion of a string to a dns_name structure and vice versa. [RT #19451]	2009-03-11 07:02:34 +00:00
Automatic Updater	39a8abdb83	update copyright notice	2009-01-27 23:47:54 +00:00
Tatuya JINMEI 神明達哉	d9059b0c38	2537. [func] Added more statistics counters including those on socket I/O events and query RTT histograms. [RT #18802]	2009-01-27 22:30:00 +00:00
Automatic Updater	d362465c77	update copyright notice	2009-01-17 23:47:43 +00:00
Francis Dupont	08d44d4510	spelling	2009-01-17 13:33:29 +00:00
Francis Dupont	7d6d9c2240	spelling	2009-01-17 13:25:11 +00:00
Francis Dupont	45b4efd07f	spelling	2009-01-17 12:56:23 +00:00
Francis Dupont	3678015d3f	spelling	2009-01-17 11:57:25 +00:00
Automatic Updater	9e0d0a279b	update copyright notice	2009-01-09 23:47:46 +00:00
Tatuya JINMEI 神明達哉	7781f25078	2526. [func] New named option "attach-cache" that allows multiple views to share a single cache to save memory and improve lookup efficiency. [RT 18905]	2009-01-09 22:24:37 +00:00
Automatic Updater	d7845fc5ba	update copyright notice	2009-01-07 23:47:47 +00:00
Tatuya JINMEI 神明達哉	609f86163a	2525. [func] New logging category "query-errors" to provide detailed internal information about query failures, especially about server failures. [RT #19027]	2009-01-07 01:46:40 +00:00
Automatic Updater	5569e7de51	update copyright notice	2009-01-05 23:47:54 +00:00
Tatuya JINMEI 神明達哉	3fb1637c92	trivial comment cleanups (RT#19118)	2009-01-05 23:20:22 +00:00
Mark Andrews	a5746c4ec1	2511. [cleanup] dns_rdata_tofmttext() add const to linebreak. [RT #18885]	2008-12-12 04:37:24 +00:00
Automatic Updater	49960a74b5	update copyright notice	2008-11-14 23:47:33 +00:00
Mark Andrews	da2d57c8cf	2493. [bug] The linux capabilites code was not correctly cleaning up after itself. [RT #18767]	2008-11-14 05:24:11 +00:00
Automatic Updater	3398334b3a	update copyright notice	2008-09-25 04:02:39 +00:00
Automatic Updater	6e2871232f	update copyright notice	2008-09-24 03:16:58 +00:00
Mark Andrews	6098d364b6	2448. [func] Add NSEC3 support. [RT #15452 ]	2008-09-24 02:46:23 +00:00
Mark Andrews	739240a9d1	remove dns_stats_copy dns_stats_create dns_stats_destroy dns_stats_incrementcounter dns_zone_getstats	2008-09-08 05:59:11 +00:00
Mark Andrews	7e52028a83	remove dns_resolver_createdispatchpool	2008-09-08 05:41:22 +00:00
Automatic Updater	2cf81a3d8a	update copyright notice	2008-06-23 23:47:11 +00:00
Tatuya JINMEI 神明達哉	386d3a99c1	2375. [security] Fully randomize UDP query ports to improve forgery resilience. [RT #17949, #18098]	2008-06-23 19:41:20 +00:00
Evan Hunt	5a17fe2916	Default values of zone ACLs were re-parsed each time a new zone was configured, causing an overconsumption of memory. [rt18092]	2008-05-21 23:17:21 +00:00
Automatic Updater	f052a01ff2	update copyright notice	2008-04-04 23:47:01 +00:00
Mark Andrews	77abeb5330	rebase NSEC3 code	2008-04-04 05:34:07 +00:00
Automatic Updater	ddad355529	update copyright notice	2008-04-03 06:09:05 +00:00
Mark Andrews	8907d8fa04	2355. [func] Extend the number statistics counters available. [RT #17590]	2008-04-03 05:55:52 +00:00
Mark Andrews	db30f4bdcb	2353. [func] Add support for Name Server ID (RFC 5001). 'dig +nsid' requests NSID from server. 'request-nsid yes;' causes recursive server to send NSID requests to upstream servers. Server responds to NSID requests with the string configured by 'server-id' option. [RT #17091]	2008-04-03 02:01:08 +00:00
Mark Andrews	3f42cf2f3e	2349. [func] Provide incremental re-signing support for secure dynamic zones. [RT #1091] back out incorrect branch rt1091 and apply correct branch rt1091a.	2008-04-02 02:37:42 +00:00
Mark Andrews	a0735eeac5	unit16_t -> isc_uint16_t	2008-04-02 01:48:32 +00:00
Automatic Updater	e672951ed2	update copyright notice	2008-04-01 23:47:10 +00:00
Mark Andrews	a76b380643	2349. [func] Provide incremental re-signing support for secure dynamic zones. [RT #1091]	2008-04-01 01:37:25 +00:00
Francis Dupont	2a31bd5310	add EVP and PKCS11	2008-03-31 14:42:51 +00:00
Automatic Updater	cbf0854acc	update copyright notice	2008-01-24 23:47:00 +00:00
Tatuya JINMEI 神明達哉	1c3ed2a83d	2320. [func] Make statistics couters thread-safe for platforms that support certain atomic operations. [RT #17466]	2008-01-24 02:00:44 +00:00
Automatic Updater	2f012d936b	update copyright notice	2008-01-18 23:46:58 +00:00
Automatic Updater	1da14e066c	update copyright notice	2008-01-02 23:47:02 +00:00
Mark Andrews	92f60809e8	2286. [func] Allow a TCP connection to be used as a weak authentication method for reverse zones. New update-policy methods tcp-self and 6to4-self. [RT #17378]	2008-01-02 05:13:42 +00:00
Mark Andrews	114c14f8ad	2282. [bug] Acl code fixups. [RT #17346 ] [RT #17374 ]	2007-12-21 06:46:47 +00:00
Mark Andrews	301f6ffbbe	2276. [bug] Install <dst/gssapi.h>. [RT# 17359]	2007-12-11 20:28:55 +00:00
Michael Graff	b239c8294a	commit lruttl to the mainline. A tag was set called skan_lruttl-mainline-base, and I will tag this as skan_lruttl-mainline-merge after this commit	2007-10-19 17:15:53 +00:00
Mark Andrews	8bedd9647f	2245. [bug] Validating lack of DS records at trust anchors wasn't working. [RT #17151]	2007-09-19 03:38:56 +00:00
Mark Andrews	ca84283333	2244. [func] Allow the check of nameserver names against the SOA MNAME field to be disabled by specifying 'notify-to-soa yes;'. [RT #17073]	2007-09-18 00:22:31 +00:00
Mark Andrews	12e0477d4e	Part 2 of: 2233. [func] Add support for O(1) ACL processing, based on radix tree code originally written by kevin brintnall. [RT #16288]	2007-09-14 01:46:06 +00:00
Automatic Updater	2c94a0e56d	update copyright notice	2007-09-12 23:46:47 +00:00
Evan Hunt	3181d0e359	Add support for O(1) ACL processing, based on radix tree code originally written by kevin brintnall. [RT #16288]	2007-09-12 01:46:28 +00:00
Evan Hunt	c7e266b7e5	Add support for O(1) ACL processing, based on radix tree code originally written by kevin brintnall. [RT #16288]	2007-09-12 01:09:08 +00:00
Mark Andrews	07072c9456	2203. [security] Query id generation was cryptographically weak. [RT # 16915]	2007-06-26 02:52:15 +00:00
Automatic Updater	70e5a7403f	update copyright notice	2007-06-19 23:47:24 +00:00
Automatic Updater	ec5347e2c7	update copyright notice	2007-06-18 23:47:57 +00:00
Automatic Updater	feac7b8b38	update copyright notice	2007-05-21 03:46:42 +00:00
Mark Andrews	bc6af069c8	2190. [func] Make fallback to plain DNS from EDNS due to timeouts more visible. New logging category "edns-disabled". [RT #16871]	2007-05-21 02:03:22 +00:00
Mark Andrews	40aadb6a14	2179. [func] 'rndc command zone' will now find 'zone' if it is unique to all the views. [RT #16821]	2007-05-15 02:38:34 +00:00
Automatic Updater	858ad8db23	update copyright notice	2007-03-29 23:47:04 +00:00
Mark Andrews	819b98479e	2165. [func] Allow the destination address of a query to determine if we will answer the query or recurse. allow-query-on, allow-recursion-on and allow-query-cache-on. [RT #16291]	2007-03-29 06:36:31 +00:00
Automatic Updater	1b5a345334	update copyright notice	2007-03-06 02:12:39 +00:00
Mark Andrews	a56f5ada43	2157. [func] dns_db_transfernode() created. [RT #16685 ] 2156. [bug] Fix node reference leaks in lookup.c:lookup_find(), resolver.c:validated() and resolver.c:cache_name(). Fix a memory leak in rbtdb.c:free_noqname(). Make lookup.c:lookup_find() robust against event leaks. [RT #16685]	2007-03-06 00:38:58 +00:00
Mark Andrews	0b174d1243	update copyright notice	2007-02-06 00:01:23 +00:00
Mark Andrews	281bab0f36	2129. [func] Provide a pool of UDP sockets for queries to be made over. See use-queryport-pool, queryport-pool-ports and queryport-pool-updateinterval. [RT #16415]	2007-02-02 02:18:06 +00:00
Mark Andrews	f36c85c3ce	update copyright notice	2007-01-08 02:45:04 +00:00
Mark Andrews	3052274767	2126. [bug] Serialise validation of type ANY responses. [RT #16555 ]	2007-01-08 01:13:38 +00:00
Mark Andrews	148f27aee6	update copyright notice	2006-12-22 01:59:44 +00:00
Mark Andrews	29747dfe5e	2123. [func] Use Doxygen to generate internal documention. [RT #11398]	2006-12-22 01:46:19 +00:00
Mark Andrews	186e7f37c9	2122. [func] Experimental http server and statistics support for named via xml.	2006-12-21 06:03:37 +00:00
Mark Andrews	1372e172d0	2121. [func] Add a 10 slot dead masters cache (LRU) with a 600 second timeout. [RT #16553]	2006-12-18 23:58:14 +00:00
Mark Andrews	21c7ecb9f0	better mcxt handling. remove buffer handling layer violation	2006-12-05 21:59:12 +00:00
Mark Andrews	377231eb95	update copyright notice	2006-12-05 00:13:48 +00:00
Mark Andrews	289ae548d5	2105. [func] GSS-TSIG support (RFC 3645).	2006-12-04 01:54:53 +00:00
Mark Andrews	8db2f89e23	spelling	2006-08-01 03:42:56 +00:00
Mark Andrews	cd7812e4b1	update copyright notice	2006-07-20 01:10:31 +00:00
Mark Andrews	799a39bc80	of -> or	2006-07-19 01:04:08 +00:00
Mark Andrews	2db8db6399	2049. [bug] Restore SOA before AXFR when falling back from a attempted IXFR when transfering in a zone. Allow a initial SOA query before attempting a AXFR to be requested. [RT #16156]	2006-07-19 00:53:42 +00:00
Mark Andrews	a45a6ea2b0	2035. [func] Make falling back to TCP on UDP refresh failure optional. Default "try-tcp-refresh yes;" for BIND 8 compatibility. [RT #16123]	2006-06-04 23:17:07 +00:00
Mark Andrews	5f7ca73d88	update copyright notice	2006-05-03 00:07:50 +00:00
Shane Kerr	0d8971a4b8	Stats for acache.	2006-05-02 13:04:54 +00:00
Mark Andrews	cfe92110ce	2007. [func] It is now possible to explicitly enable DNSSEC validation. default dnssec-validation no; to be changed to yes in 9.5.0. [RT #15674]	2006-03-09 23:21:54 +00:00
Mark Andrews	59d84d1b07	2001. [func] Check the KSK flag when updating a secure dynamic zone. New zone option "update-check-ksk yes;". [RT #15817]	2006-03-06 01:27:52 +00:00
Mark Andrews	d76ed813a5	1999. [func] Implement "rrset-order fixed". [RT #13662 ]	2006-03-03 00:43:35 +00:00
Mark Andrews	f27eae9cfe	1996. [bug] nsupdate: if a zone has been specified it should appear in the output of 'show'. [RT #15797]	2006-03-02 01:57:20 +00:00
Mark Andrews	641f68d427	update copyright notice	2006-03-02 00:37:23 +00:00
Mark Andrews	45e1bd6358	1991. [cleanup] The configuration data, once read, should be treated as readonly. Expand the use of const to enforce this at compile time. [RT #15813]	2006-02-28 02:39:52 +00:00
Mark Andrews	3432cd6979	update copyright notice	2006-02-22 23:50:10 +00:00
Mark Andrews	c5387e6942	1987. [func] DS/DLV SHA256 digest algorithm support. [RT #15608 ]	2006-02-21 23:49:51 +00:00
Mark Andrews	d00e58d481	1986. [func] Report when a zone is removed. [RT #15849 ]	2006-02-21 23:12:27 +00:00
Mark Andrews	7d4a465de0	1597. [func] Allow notify-source and query-source to be specified on a per server basis similar to transfer-source.	2006-02-17 00:24:21 +00:00
Mark Andrews	fd3cdd15de	update copyright notice	2006-02-16 23:51:33 +00:00
Mark Andrews	6e373c5025	1983. [func] Two new update policies. "selfsub" and "selfwild". [RT #12895]	2006-02-16 01:34:24 +00:00
Mark Andrews	b32bf402e0	comment typo	2006-02-01 22:38:56 +00:00
Mark Andrews	26e2a07a0b	update copyright notice	2006-01-27 23:57:46 +00:00
Mark Andrews	c6d4f78152	1973. [func] TSIG HMACSHA1, HMACSHA224, HMACSHA256, HMACSHA384 and HMACSHA512 support. [RT #13606]	2006-01-27 02:35:15 +00:00
Mark Andrews	1b06367c34	update copyright notice	2006-01-06 00:01:44 +00:00
Mark Andrews	dc6da18ccb	1964. [func] Seperate out MX and SRV to CNAME checks. [RT #15723 ]	2006-01-05 23:45:34 +00:00
Mark Andrews	a1bc941093	1959. [func] Control the zeroing of the negative response TTL to a soa query. Defaults "zero-no-soa-ttl yes;" and "zero-no-soa-ttl-cache no;". [RT #15460]	2006-01-05 02:19:02 +00:00
Mark Andrews	6657a9e2d8	1957. [bug] Dig mishandled responses to class ANY queries. [RT #15402]	2006-01-05 00:58:22 +00:00
Mark Andrews	08c9026166	1953. [func] Named now falls back to advertising EDNS with a 512 byte receive buffer if the initial EDNS queries fail. [RT #14852] 1952. [func] The maximum EDNS UDP response named will send can now be set in named.conf (max-udp-size). This is independent of the advertised receive buffer (edns-udp-size). [RT #14852]	2006-01-05 00:01:46 +00:00
Mark Andrews	acb4f52369	update copyright notice	2006-01-04 23:50:24 +00:00
Mark Andrews	fabf2ee6b0	1947. [func] It is now possible to configure named to accept expired RRSIGs. Default "dnssec-accept-expired no;". Setting "dnssec-accept-expired yes;" leaves named vulnerable to replay attacks. [RT #14685]	2006-01-04 02:35:49 +00:00
Mark Andrews	cf224bbf7b	1942. [bug] If the name of a DNSKEY match that of one in trusted-keys do not attempt to validate the DNSKEY using the parents DS RRset. [RT #15649]	2005-12-04 23:54:01 +00:00
Mark Andrews	60ab03125c	1939. [bug] The resolver could dereference a null pointer after validation if all the queries have timed out. [RT #15528] 1938. [bug] The validator was not correctly handling unsecure negative responses at or below a SEP. [RT #15528]	2005-11-03 00:51:55 +00:00
Mark Andrews	1425217e5c	spelling arguement vs arguments	2005-10-26 04:35:56 +00:00
Mark Andrews	982e072a50	1927. [bug] Access to soanode or nsnode in rbtdb violated the lock order rule and could cause a dead lock. [RT# 15518]	2005-10-13 01:58:32 +00:00
Mark Andrews	037b732f88	update 1920. [bug] The cache rbtdb lock array was too small to have the desired performance characteristics. [RT #15454]	2005-10-13 01:19:15 +00:00
Mark Andrews	4c1817c29c	damp interations adjustments [RT#15404	2005-09-20 04:22:46 +00:00
Mark Andrews	ed6ca94ad7	finetune isc_thread_key implementation [RT #15408 ]	2005-09-18 07:16:24 +00:00
Mark Andrews	6cf369f528	1916. [func] Integrate contibuted IDN code from JPNIC. [RT #15383 ]	2005-09-09 06:17:03 +00:00
Mark Andrews	675d696977	update copyright notice	2005-09-06 03:51:37 +00:00
Mark Andrews	03e200df5d	1913. [func] Integrate contibuted DLZ code into named. [RT #11382 ]	2005-09-05 00:12:29 +00:00
Mark Andrews	74f261bd2b	1920. [bug] Update windows socket code. [RT #14965 ]	2005-09-01 02:25:06 +00:00
Mark Andrews	5be3685b0e	1919. [bug] dig's +sigchase code overhauled. [RT #14933 ] 1918. [bug] The DLV code has been re-worked to make no longer query order sensitive. [RT #14933]	2005-08-25 00:56:08 +00:00
Mark Andrews	2c15fcdeac	seperate out sibling glue checks	2005-08-24 23:54:04 +00:00
Mark Andrews	4e1d3e67cd	1914. [bug] Strings returned from cfg_obj_asstring() should be treated as read-only. The prototype for cfg_obj_asstring() has been updated to reflect this. [RT #15256]	2005-08-23 02:36:11 +00:00
Mark Andrews	6b79e960e6	1913. [func] Automatic empty zone creation for D.F.IP6.ARPA and friends. Note: RFC 1918 zones are not yet covered by this but are likely to be in a future release. New options: empty-server, empty-contact, empty-zones-enable and disable-empty-zone.	2005-08-18 00:57:31 +00:00
Mark Andrews	261a6a1f7d	1911. [func] Attempt to make the amount of work performed in a iteration self tuning. The covers nodes clean from the cache per iteration, nodes written to disk when rewriting a master file and nodes destroyed per iteration when destroying a zone or a cache. [RT #14996]	2005-08-15 01:21:07 +00:00
Mark Andrews	fb827ed6df	9.4/HEAD sync	2005-07-18 06:03:01 +00:00
Mark Andrews	e174044290	1817. [func] Add support for additional zone file formats for improving loading performance. The masterfile-format option in named.conf can be used to specify a non-default format. A separate command named-compilezone was provided to generate zone files in the new format. Additionally, the -I and -O options for dnssec-signzone specify the input and output formats.	2005-06-28 02:55:09 +00:00
Mark Andrews	fd780f3d47	1891. [func] Limit the number of recursive clients that can be waiting for a single query (<qname,qtype,qclass>) to resolve. New options clients-per-query and max-clients-per-query.	2005-06-27 00:15:45 +00:00
Mark Andrews	bcf369e513	1889. [func] The lame cache is now done on a <qname,qclass,qtype> basis as some servers only appear to be lame for certain query types. [RT #14916]	2005-06-23 04:22:02 +00:00
Mark Andrews	a903095bf4	1817. [func] add support for additional zone file formats for improving loading performance. The masterfile-format option in named.conf can be used to specify a non-default format. A new separate command named-compilezone was provided to generate zone files in a new format.	2005-06-20 01:05:33 +00:00
Mark Andrews	9b80f3a7c7	1887. [func] Detect duplicates of UDP queries we are recursing on and drop them. New stats category "duplicates". [RT #14892]	2005-06-17 01:58:23 +00:00
Mark Andrews	1c153afce5	1868. [func] edns-udp-size can now be overridden on a per server basis. [RT #14851]	2005-06-07 00:27:34 +00:00
Mark Andrews	1fc4793844	1879. [func] Added framework for handling multiple EDNS versions. 1878. [func] dig can now specify the EDNS version when making a query.	2005-06-07 00:16:01 +00:00
Tatuya JINMEI 神明達哉	5597be9bb8	1813. [func] Restructured the data locking framework using architecture dependent atomic operations (when available), improving response performance on multi-processor machines significantly. x86, x86_64, alpha, and sparc64 are currently supported. (RT #13505)	2005-06-04 05:32:50 +00:00
Mark Andrews	c5223c9cb7	1862. [func] Add additional zone data constancy checks. named-checkzone has extended checking of NS, MX and SRV record and the hosts they reference. named has extended post zone load checks. New zone options: check-mx and integrity-check. [RT #4940]	2005-05-19 04:59:05 +00:00
Mark Andrews	69fe9aaafd	update copyright notice	2005-04-29 00:24:12 +00:00
Rob Austein	ab023a6556	1851. [doc] Doxygen comment markup. [RT #11398 ]	2005-04-27 04:57:32 +00:00
Mark Andrews	9f069b2771	update copyright notice	2005-03-17 03:56:12 +00:00
Mark Andrews	8a713ca49d	1807. [bug] When forwarding (forward only) set the active domain from the forward zone name. [RT #13526]	2005-03-16 03:50:47 +00:00
Mark Andrews	b7b6b01a0d	update copyright	2005-03-16 00:55:19 +00:00
Mark Andrews	e50b75e36c	1804. [bug] Ensure that if we are queried for glue that it fits in the additional section or TC is set to tell the client to retry using TCP. [RT #10114]	2005-03-15 01:29:10 +00:00
Mark Andrews	408767b505	update copyright notice	2005-03-06 15:30:37 +00:00
Mark Andrews	c941e32d22	1819. [bug] The validator needed to check both the algorithm and digest types of the DS to determine if it could be used to introduce a secure zone. [RT #13593]	2005-03-04 03:53:22 +00:00
Mark Andrews	39c7fc7e00	1811. [func] Preserve the case of domain names in rdata during zone transfers. [RT #13547]	2005-03-04 02:56:21 +00:00
Mark Andrews	4c0903254b	typo in comment	2005-02-17 05:49:01 +00:00
Mark Andrews	08097713a4	update copyright notice	2005-02-11 00:01:58 +00:00
Mark Andrews	3aca8e5bf3	1758. [func] Don't send notify messages to self. [RT #12933 ]	2005-02-10 05:53:43 +00:00
Mark Andrews	07b9b1c44e	update copyright notice	2005-02-07 23:57:02 +00:00
Mark Andrews	4296c5480d	1801. [func] Report differences between hints and real NS rrset and associated address records.	2005-02-07 00:53:29 +00:00
Mark Andrews	ebf264ea10	update copyright	2005-01-17 23:58:33 +00:00
Mark Andrews	e89e09eda8	update copyrights	2005-01-17 04:11:34 +00:00
Mark Andrews	4844ed026a	1798. [func] The server syntax has been extended to support a range of servers. [RT #11132]	2005-01-17 00:46:05 +00:00
Mark Andrews	7502c66006	1796. [func] "rndc freeze/thaw" now freezes/thaws all zones.	2005-01-14 03:28:09 +00:00
Mark Andrews	48f929d315	1792. [func] New zone option "notify-delay". Specify a minimum delay between sets of NOTIFY messages.	2005-01-11 23:10:06 +00:00
Mark Andrews	2f4ffd7f55	update copyrights	2005-01-10 23:43:27 +00:00
Mark Andrews	508f61f8d6	1794. [func] Named and named-checkzone can now both check for non-terminal wildcard records.	2005-01-09 23:40:04 +00:00
Mark Andrews	0c865fa57d	update copyright notice	2004-12-23 00:13:17 +00:00
Tatuya JINMEI 神明達哉	1ba466b68e	new copyright for new files	2004-12-21 10:54:12 +00:00
Tatuya JINMEI 神明達哉	d0eb2cc33c	1526. [func] Implemented "additional section caching (or acache)", an internal cache framework for additional section content to improve response performance. Several configuration options were provided to control the behavior.	2004-12-21 10:45:20 +00:00
Mark Andrews	494576ce20	1790. [cleanup] Move lib/dns/sec/dst up into lib/dns. This should allow parallel make to succeed.	2004-12-09 01:41:25 +00:00
Mark Andrews	e743a2b3b7	1753. [bug] Don't serve a slave zone which has no NS records. [RT #12894]	2004-10-26 02:01:19 +00:00
Mark Andrews	073bd4c4bc	1739. [bug] dns_rbt_deletetree() could incorrectly return ISC_R_QUOTA. [RT #12695] 1738. [bug] Enable overrun checking by default. [RT #12695]	2004-10-11 05:49:29 +00:00
Mark Andrews	a9977c0fda	bad descriptions s/dns_label_countlabels/dns_name_countlabels/	2004-09-08 00:26:14 +00:00
Mark Andrews	d6fe7ba949	1708. [cleanup] Replaced dns_fullname_hash() with dns_name_fullhash() for conformance to the name space convention. Binary backward compatibility to the old function name is provided. [RT #12376]	2004-09-01 05:13:06 +00:00
Mark Andrews	2597c68ffe	improve dns_name_getlabelsequence() description.	2004-08-10 00:35:01 +00:00
Mark Andrews	1a6204b6f2	1689. [bug] DNS_NAME_TOREGION() and DNS_NAME_SPLIT() macros contained gratuitous semicolons. [RT #11707]	2004-07-22 00:09:27 +00:00
Mark Andrews	6fac7ff1f9	1606. [bug] DVL insecurity proof was failing. 1605. [func] New dns_db_find() option DNS_DBFIND_COVERINGNSEC.	2004-05-14 04:45:58 +00:00
Mark Andrews	8d414d1559	1600. [bug] Duplicate zone pre-load checks were not case insensitive. 1599. [bug] Fix memory leak on error path when checking named.conf. 1598. [func] Specify that certain parts of the namespace must be secure (dnssec-must-be-secure).	2004-04-15 23:40:27 +00:00
Mark Andrews	3b1fce680f	1595. [func] New notify type 'master-only'. Enable notify for master zones only.	2004-03-30 02:13:45 +00:00
Mark Andrews	c5cde9d5a7	1593. [bug] rndc should return "unknown command" to unknown commands. [RT# 10642]	2004-03-22 01:46:01 +00:00
Mark Andrews	36fa8f333a	Update description: ISC_R_CONTINUE -> DNS_R_CONTINUE	2004-03-19 04:50:20 +00:00
Mark Andrews	1676408640	pullup silence compiler fixes ifconfig.sh for Solaris 9 README updates	2004-03-18 02:58:08 +00:00
Mark Andrews	50105afc55	1589. [func] DNSSEC lookaside validation. enable-dnssec -> dnssec-enable	2004-03-10 02:19:58 +00:00
Mark Andrews	dafcb997e3	update copyright notice	2004-03-05 05:14:21 +00:00
Mark Andrews	a03848252f	1580. [bug] Zone destuction on final detach takes a long time. [RT #3746] 1579. [bug] Multiple task managers could not be created.	2004-03-04 06:56:41 +00:00
Mark Andrews	d5ad558234	1540. [bug] "rndc reload <dynamiczone>" was silently accepted. [RT #8934]	2004-03-02 02:37:11 +00:00
Mark Andrews	2047977ce2	1586. [func] "check-names" is now implemented.	2004-02-27 20:41:51 +00:00
Mark Andrews	89783da064	1581. [func] Disable DNSSEC support by default. To enable DNSSEC specify "enable-dnssec yes;" in named.conf.	2004-02-17 03:40:23 +00:00
Mark Andrews	26cca757be	CD is state is returned to querier.	2004-01-21 14:13:51 +00:00
Mark Andrews	35541328a8	1558. [func] New DNSSEC 'disable-algorithms'. Support entry into child zones for which we don't have a supported algorithm. Such child zones are treated as unsigned. 1557. [func] Implement missing DNSSEC tests for * NOQNAME proof with wildcard answers. * NOWILDARD proof with NXDOMAIN. Cache and return NOQNAME with wildcard answers.	2004-01-14 02:06:51 +00:00
Mark Andrews	61fb42c4ef	1555. [func] 'rrset-order cyclic' now longer has a random starting point. [RT #7572]	2004-01-12 04:19:42 +00:00
Mark Andrews	d0aebc5a55	1549. [func] named-checkzone can now write out the zone contents in a easily parsable format (-D and -o).	2004-01-07 05:27:17 +00:00
Mark Andrews	185fd22738	1541. [func] NSEC now uses new bitmap format.	2003-12-13 04:20:44 +00:00
Tatuya JINMEI 神明達哉	e407562a75	1528. [cleanup] Simplify some dns_name_ functions based on the deprecation of bitstring labels.	2003-10-25 00:31:12 +00:00
Mark Andrews	fcb54ce0a4	whitespace / layout	2003-10-17 03:46:46 +00:00
Mark Andrews	8d42bb315c	1522. [bug] dns_db_findnode() relax the requirements on 'name'. [RT# 9286]	2003-10-03 03:12:35 +00:00
Mark Andrews	93d6dfaf66	1516. [func] Roll the DNSSEC types to RRSIG, NSEC and DNSKEY.	2003-09-30 06:00:40 +00:00
Tatuya JINMEI 神明達哉	600cbd1fce	1515. [func] Allow transfer source to be set in a server statement. [RT #6496] implemented by marka, reviewed and documented by jinmei. Notes: lib/dns/zone.c had to be modified manually. ARM html files were not regenerated (yet).	2003-09-25 18:16:50 +00:00
Mark Andrews	f4fb3dc516	remove extaneous semicolon	2003-09-19 14:35:03 +00:00
Mark Andrews	68a918e038	rootexlude -> rootexclude free and initialise rootdelonly & rootexclude buy -> by	2003-09-19 13:17:21 +00:00
Mark Andrews	0b1da8124c	1510. [func] New view option "root-delegation-only". Apply delegation-only check to all TLDs and root. Note there are some TLDs that are NOT delegation only (e.g. DE and MUSEUM) these can be excluded from the checks buy using exclude. root-delegation-only exclude { "DE"; "MUSEUM"; };	2003-09-19 12:39:49 +00:00
Mark Andrews	4607e7a9b8	1504. [func] New zone type "delegation-only".	2003-09-17 05:24:43 +00:00
Mark Andrews	57443f34ba	remove redundant check [RT #8539 ]	2003-07-30 00:54:27 +00:00
Mark Andrews	1e107b3d7b	1495. [cleanup] Replace hash functions with universal hash.	2003-07-25 02:22:26 +00:00
Mark Andrews	182a34004c	1463. [bug] dns_rdata_from{wire,struct}() failed to catch bad NXT bit maps. [RT #5577]	2003-04-17 03:43:35 +00:00
Mark Andrews	817314313f	missing #include's	2003-04-10 02:06:51 +00:00
Mark Andrews	8b5de97014	1448. [bug] Handle empty wildcards labels. developer: marka reviewer: explorer	2003-02-27 00:19:04 +00:00
Mark Andrews	80b782f356	1447. [bug] We were casting (unsigned int) to and from (void *). rdataset->private4 is now rdataset->privateuint4 to reflect a type change. developer: marka reviewer: explorer	2003-02-26 23:52:30 +00:00
Mark Andrews	476386968b	1446. [func] Implemented undocumented alternate transfer sources from BIND 8. See use-alt-transfer-source, alt-transfer-source-v4 and alt-transfer-source-v6. SECURITY: use-alt-transfer-source is ENABLED unless you are using views. This may caues a security risk resulting in accidental disclosure of wrong zone content if the master supplying different source content based on IP address. If you are not certian ISC recommends setting use-alt-transfer-source no; developer: marka reviewer: explorer	2003-02-26 23:29:00 +00:00
Mark Andrews	53cf671865	1445. [bug] DNS_ADBFIND_STARTATROOT broke stub zones. This has been replaced with DNS_ADBFIND_STARTATZONE which causes the search to start using the closest zone. 1444. [func] dns_view_findzonecut2() allows you to specify if the cache should be searched for zonecuts. developer: marka reviewer: explorer	2003-02-26 22:54:29 +00:00
Mark Andrews	b312748a11	1442. [func] New fuctions for manipulating port lists: dns_portlist_create(), dns_portlist_add(), dns_portlist_remove(), dns_portlist_match(), dns_portlist_attach() and dns_portlist_detach(). 1441. [func] It is now possible to tell dig to bind to a specific source port. 1440. [func] It is now possible to tell named to avoid using certian source ports (avoid-v4-udp-ports, avoid-v6-udp-ports). developer: marka reviewer: explorer	2003-02-26 05:05:16 +00:00
Mark Andrews	c3ea698877	1436. [func] dns_zonemgr_resumexfrs() can be used to restart stalled transfers. 1435. [bug] zmgr_resume_xfrs() was being called read locked rather than write locked. zmgr_resume_xfrs() was not being called if the zone was being shutdown. 1434. [bug] "rndc reconfig" failed to initiate the initial zone transfer of new slave zones. developer: marka reviewer: explorer	2003-02-26 03:45:59 +00:00
Mark Andrews	e2fb08b85d	1432. [func] The advertised EDNS UDP buffer size can now be set via named.conf (edns-udp-size). developer: marka reviewer: explorer	2003-02-26 02:04:00 +00:00
Mark Andrews	71dfe8bb7a	spelling	2003-02-26 01:21:09 +00:00
Mark Andrews	b587e1d83f	spelling	2003-02-07 01:13:13 +00:00
Mark Andrews	a1301ef891	undo (wrong branch)	2003-02-04 06:10:09 +00:00
Mark Andrews	ab4bec8504	checkpoint	2003-02-04 05:44:32 +00:00
Mark Andrews	421e4cf66e	1416. [bug] Empty node should return NOERROR NODATA, not NXDOMAIN. [RT #4715] developer: marka reviewer: explorer	2003-01-18 03:18:31 +00:00
Mark Andrews	b0c15bd979	1415. [func] DS TTL now derived from NS ttl. NXT TTL now derived from SOA MINIMUM. 1414. [func] Support for KSK flag.	2003-01-18 02:40:59 +00:00
Mark Andrews	0ffaee887f	1412. [func] You can now specify servers to be tried if a nameserver has IPv6 address and you only support IPv4 or the reverse. See dual-stack-servers.	2003-01-16 03:59:28 +00:00
Mark Andrews	c86eed4bde	1410. [func] handle records that live in the parent zone, e.g. DS. developer: marka reviewer: explorer	2003-01-14 00:28:50 +00:00
Mark Andrews	3c2127744f	update comment	2003-01-10 02:43:56 +00:00
Mark Andrews	6874dcf6a0	style	2002-12-31 05:40:15 +00:00
Mark Andrews	49a940dc68	1402. [cleanup] A6 has been moved to experimental and is no longer fully supported. developer: jinmei reviewer: marka	2002-11-27 09:52:58 +00:00
Michael Graff	e903df2f01	merge 4319	2002-11-12 23:58:14 +00:00
Michael Graff	6434457b0b	merge 4090	2002-11-12 23:24:45 +00:00
Mark Andrews	aa39170da8	1394. [func] It is now possible to check if a particular element is in a acl. Remove duplicate entries from the localnets acl. 1393. [port] Bind to individual IPv6 interfaces if IPV6_IPV6ONLY is not available in the kernel to prevent accidently listening on IPv4 interfaces. developer: jinmei reviewer: marka	2002-10-29 04:40:26 +00:00
Mark Andrews	75ace6601e	1379. [func] 'rndc stats' now reports tcp and recursion quota states. 1378. [func] Improved positive feedback for 'rndc {reload\|refresh}. 1377. [func] dns_zone_load{new}() now reports if the zone was loaded, queued for loading to up to date. 1376. [func] New function dns_zone_logc() to log to specified category.	2002-09-10 02:23:46 +00:00
Tatuya JINMEI 神明達哉	e992af4209	fixed a bug that named crashes with an assertion failure on exit when sharing the same port for listening and querying, and changing listening addresses several times. [RT# 3509] additionally, + limited the canceled socket tasks in dispatch.c + made dns_dispatch_changeattributes() care about the NOLISTEN mask + described side effects of dns_dispatch_changeattributes() in its description comment	2002-09-04 02:26:13 +00:00
Mark Andrews	b6309ed962	developer: jinmei reviewer: marka 1368. [func] remove support for bitstring labels.	2002-08-27 04:53:43 +00:00
Mark Andrews	5bd76af084	1358. [func] log the reason for rejecting a server when resolving queries.	2002-08-09 06:12:50 +00:00
Mark Andrews	4c342614f8	1354. [bug] Fix DNSSEC wildcard proof for CNAME/DNAME.	2002-08-06 01:50:28 +00:00
Mark Andrews	87f4715d6c	1344. [func] Log if the serial number on the master has gone backwards. If you have multiple machines specified in the masters clause you may want to set 'multi-master yes;' to suppress this warning.	2002-07-29 06:58:46 +00:00
Mark Andrews	f0471ca4b7	1336. [func] Nibble lookups under IP6.ARPA are now supported by dns_byaddr_create(). dns_byaddr_createptrname() is deprecated, use dns_byaddr_createptrname2() instead.	2002-07-24 06:42:32 +00:00
Mark Andrews	c54c1eaf26	1251. [func] Generate DNSSEC wildcard proofs.	2002-07-19 03:50:42 +00:00
Mark Andrews	ff30cdeb78	The validator didn't handle missing DS records correctly.	2002-07-19 03:29:15 +00:00
Mark Andrews	4d9f3f00d9	1249. [func] named-checkzone will now check if nameservers that appear to be IP addresses. Available modes "fail", "warn" (default) and "ignore" the results of the check.	2002-07-19 02:34:58 +00:00
Mark Andrews	d196b45738	1248. [bug] The validator could incorrectly verify an invalid negative proof.	2002-07-15 03:27:44 +00:00
Mark Andrews	de49761421	1330. [bug] 'rndc stop' failed to cause zones to be flushed sometimes. [RT #3157]	2002-06-19 07:14:48 +00:00
Mark Andrews	0b09763c35	1328. [func] DS (delegation signer) support.	2002-06-17 04:01:37 +00:00
Mark Andrews	7d389c324c	1324. [func] New function: dns_zone_name().	2002-06-13 07:05:47 +00:00
Mark Andrews	c8aa2c8311	1204. [bug] The RTT estimate on unused servers was not aged. [RT #2569]	2002-05-27 06:30:25 +00:00
Mark Andrews	b9efcf0a37	1297. [func] You can now create your own customised printing styles: dns_master_stylecreate() and dns_master_styledestroy().	2002-05-21 06:12:45 +00:00
Mark Andrews	c4a9ce445c	1274. [func] preferred-glue option from BIND 8.3.	2002-04-26 00:40:37 +00:00
Mark Andrews	7791dd06ea	1242. [bug] named-checkzone failed if a journal existed. [RT #2657 ]	2002-04-02 06:54:07 +00:00
Brian Wellington	4b171ebd70	1229. [bug] named would crash if it received a TSIG signed query as part of an AXFR response. [RT #2570]	2002-03-14 18:34:48 +00:00
Brian Wellington	6585d8782b	the region passed to dns_name_fromregion() can be const.	2002-03-14 00:36:07 +00:00
Mark Andrews	603d1d1e20	1225. [func] dns_message_setopt() no longer requires that dns_message_renderbegin() to have been called.	2002-03-11 01:59:16 +00:00
Brian Wellington	231ffa6c85	add a new result code so that parsing a bad KEY record doesn't result in "unknown class/type".	2002-03-08 01:38:57 +00:00
Mark Andrews	2dd99c098c	1234. [bug] 'rrset-order' and 'sortlist' should be additive not exclusive. 1223. [func] 'rrset-order' partially works 'cyclic' and 'random' are supported.	2002-03-07 13:46:41 +00:00
Brian Wellington	df5e0316a7	- add the missing typedef for dns_order_t - change the order of parameters to dns_order_create() for consistency - add multiple inclusion protection to order.h - fix a couple of typos	2002-03-07 07:48:48 +00:00
Mark Andrews	f4ea263511	rrset-order support.	2002-03-07 06:29:37 +00:00
Brian Wellington	011dc51eee	dns_master_loadlexer[inc], to load master files from existing lexers	2002-02-21 00:45:11 +00:00
Brian Wellington	8cf24d101a	add dns_rdataslab_tordataset()	2002-02-20 22:57:13 +00:00
Mark Andrews	a7038d1a05	copyrights	2002-02-20 03:35:59 +00:00
Andreas Gustafsson	6a8832f784	There are four "i":s in "initialize"	2002-02-20 01:45:15 +00:00
Brian Wellington	8d87d1d81c	DNS_R_NOMEM -> ISC_R_NOMEMORY	2002-02-19 23:46:32 +00:00
Andreas Gustafsson	2d6ff29a07	spelling	2002-02-19 22:58:29 +00:00
Mark Andrews	23cb957a81	1201. [bug] Require that if 'callbacks' is passed to dns_rdata_fromtext(), callbacks->error and callbacks->warn are initalised.	2002-02-12 03:45:54 +00:00
Mark Andrews	c73c1c33ec	1193. [bug] dig +besteffort parsing didn't handle packet truncation. dns_message_parse() has new flag DNS_MESSAGE_IGNORETRUNCATION.	2002-02-12 02:10:33 +00:00
Brian Wellington	b6279d0b4b	Don't freeze an already frozen zone.	2002-01-24 09:58:42 +00:00
Brian Wellington	b2ca6fd3a8	#1187 was both unclean and broken. Fix it and clean it up.	2002-01-23 08:46:40 +00:00
Mark Andrews	7e715a0fc5	alignment	2002-01-23 03:42:23 +00:00
Andreas Gustafsson	b6e20238b6	Fix RT #2309 differently, allowing rather than rejecting empty also-notify clauses	2002-01-23 02:03:05 +00:00
Brian Wellington	cde7dfea4c	1190. [func] Add the "rndc freeze" and"rndc unfreeze" commands. [RT #2394] Basically, "freeze" disables dynamic updates to a zone, syncs the journal file into the master file, and removes the journal. This allows manual edits of a dynamic zone file without stopping the server, since the zone is temporarily considered non-dynamic. "unfreeze" re-enables dynamic updates to a zone. So, instead of the old: rndc stop edit master file remove journal restart server you can now do: rndc freeze zone edit master file rndc reload zone rndc unfreeze zone which doesn't require stopping the server. About everyone here at the secure dynamic update workshop wanted this. It will be documented soon.	2002-01-22 22:05:59 +00:00
Andreas Gustafsson	915c16e8aa	typo in comment	2002-01-22 21:52:32 +00:00
Brian Wellington	84185d19c7	1187. [bug] named was incorrectly returning DNSSEC records in negative responses when the DO bit was not set.	2002-01-22 09:07:30 +00:00
Brian Wellington	a5c077e40c	1181. [func] Add the "key-directory" configuration statement, which allows the server to look for online signing keys in alternate directories.	2002-01-21 11:00:25 +00:00
Mark Andrews	e1c2a8b9c1	1178. [func] Follow and cache (if appropriate) A6 and other data chains to completion in the additional section.	2002-01-17 00:16:30 +00:00
Mark Andrews	5af6873693	tag slave zones when loading	2001-12-11 20:52:41 +00:00
Mark Andrews	ff1b064f5e	1159. [bug] MD and MF are not permitted to be loaded by RFC1123.	2001-12-11 20:37:16 +00:00
Brian Wellington	efc01ed4ad	fix comment	2001-12-08 02:14:46 +00:00
Brian Wellington	708f3fd049	Added the DNS_DBFIND_FORCENXT flag to dns_db_find, which causes the lookup to search for NXT records, even if the zone is not marked as secure.	2001-12-08 00:37:07 +00:00
Mark Andrews	880723fb13	1157. [func] match-clients and match-destinations now accept keys. [RT #2045]	2001-12-06 04:38:51 +00:00
Andreas Gustafsson	ee515ce130	commented	2001-12-05 03:05:30 +00:00
Brian Wellington	41e50ece38	add dns_name_hashbylabel() and make the rbt use it.	2001-12-04 01:32:44 +00:00
Andreas Gustafsson	1f1d36a87b	Check return values or cast them to (void), as required by the coding standards; add exceptions to the coding standards for cases where this is not desirable	2001-11-30 01:59:49 +00:00
Andreas Gustafsson	bfbea562e6	new function dns_diff_applysilently() [RT #2157 ]	2001-11-29 00:15:35 +00:00
Mark Andrews	60213f2815	1139. [func] It is now possible to flush a given name from the caches via 'rndc flushname name [view]'. [RT #2051]	2001-11-27 04:06:17 +00:00
Mark Andrews	6c8abf481d	1138. [func] It is now possible to flush given names from the cache dns_cache_flushname().	2001-11-27 03:10:32 +00:00
Mark Andrews	1e4bfff185	1137. [func] It is now possible to flush given names from the adb cache dns_adb_flushname().	2001-11-27 03:00:50 +00:00
Danny Mayer	e61793f086	Added LIB*_EXTERNAL_DATA Macros necessary to make lib extern variables globally visible in Win32	2001-11-19 03:08:44 +00:00
Andreas Gustafsson	307ba34fa0	1128. [func] sdb drivers can now provide RR data in either text or wire format, the latter using the new functions dns_sdb_putrdata() and dns_sdb_putnamedrdata(). (in preparation for sdb-izing the built-in CHAOS zones)	2001-11-15 20:32:05 +00:00
Andreas Gustafsson	c0bf2b179a	When DNS_RBT_USEMAGIC is defined as true, do magic number checking of RBT nodes	2001-11-10 01:37:44 +00:00
Brian Wellington	9fbcea8dba	install soa.h	2001-11-09 23:09:29 +00:00
Mark Andrews	3e42bdfdc9	1116. [bug] Setting transfers in a server clause, transfers-in, or transfers-per-ns to a value greater than 2147483647 disabled transfers. [RT #2002]	2001-11-09 04:21:58 +00:00
Mark Andrews	773e64ec15	try-edns is no more	2001-11-07 04:25:19 +00:00
Andreas Gustafsson	b352902413	1077. [func] Do not accept further recursive clients when the total number of of recursive lookups being processed exceeds max-recursive-clients, even if some of the lookups are internally generated. [RT #1915, #1938]	2001-10-29 19:02:48 +00:00
Mark Andrews	081cff0c33	1073. [bug] The adb cache should also be space driven, max-adb-size. [RT #1915, #1938]	2001-10-25 04:57:46 +00:00
Mark Andrews	a7cb695600	1070. [bug] Copy DNSSEC OK (DO) to response as specified by draft-ietf-dnsext-dnssec-okbit-03.txt.	2001-10-24 21:47:12 +00:00
Mark Andrews	cf70df7d0e	1059. [func] dns_request now support will now retry UDP queries, dns_request_createvia2() and dns_request_createraw2().	2001-10-18 06:09:39 +00:00
Andreas Gustafsson	dcfc52bbba	Added a version.h file for each library; made version variables const	2001-10-16 23:21:07 +00:00
Andreas Gustafsson	01818a424a	document return value of the sdb lookup function	2001-10-13 01:32:34 +00:00
Andreas Gustafsson	024face21c	1042. [bug] The "config" logging category did not work properly. [RT #1873]	2001-10-11 01:16:18 +00:00
Andreas Gustafsson	247b6de61b	Some comments referred to DNS_R_NOTVERIFIEDYET as DNS_R_SIGNOTVERIFIEDYET	2001-10-10 21:39:16 +00:00
Andreas Gustafsson	9066d09c3e	Removed all code within #ifdef DNS_OPT_NEWCODES*. It was the last thing being sanitized out of releases; removing it makes it possible to eliminate the sanitation process.	2001-10-01 18:54:05 +00:00
Mark Andrews	96ea98af24	1023. [func] Accept hints without TTLs.	2001-09-30 04:31:28 +00:00
Brian Wellington	c9b3f64262	fix comment	2001-09-25 22:45:02 +00:00
Mark Andrews	8296690f17	DNS_EVENT_QUERYABORTED is no longer gemerated.	2001-09-21 14:00:06 +00:00
Brian Wellington	8f674b13e8	dns_time_fromtext should take "const char "s, not "char *"s.	2001-09-21 00:11:30 +00:00
Andreas Gustafsson	01446841be	1006. [bug] If a KEY RR was found missing during DNSSEC validation, an assertion failure could subsequently be triggered in the resolver. [RT #1763]	2001-09-19 21:25:46 +00:00
Brian Wellington	21825a8d00	Sync up the dnssec key algorithms listed in include/dns/keyvalues.h and rdata.c.	2001-09-19 00:14:48 +00:00
Andreas Gustafsson	34aa790937	reverted 994.	2001-09-14 20:53:33 +00:00
Mark Andrews	56d69016f4	994. [bug] If the unsecure proof fails for unsigned NS records attempt a secure proof using the NS records found as glue to find the NS records from the zone's servers along with associated glue rather than from parent servers. [RT #1706]	2001-09-13 07:23:39 +00:00
Andreas Gustafsson	8cccaeaee1	New named.conf option "ixfr-from-differences" [RT #1727 ]	2001-09-08 00:21:49 +00:00
Mark Andrews	ed03e26c44	Add dns_dumpctx_db() and dns_dumpctx_version().	2001-09-05 10:28:55 +00:00
Mark Andrews	9aba20edee	979. [func] Incremental master file dumping. dns_master_dumpinc(), dns_master_dumptostreaminc(), dns_dumpctx_attach(), dns_dumpctx_detach() and dns_dumpctx_cancel().	2001-09-04 14:18:31 +00:00
Mark Andrews	bae5d9fcb4	977. [bug] Improve "not at top of zone" error message.	2001-09-04 00:35:19 +00:00
Mark Andrews	06a960c681	971. [func] 'try-edns' can be use to disable edns on all queries.	2001-08-30 05:52:18 +00:00
Mark Andrews	2c64908ae0	DNS_R_NOTAUTHORITATIVE	2001-08-30 05:10:55 +00:00
Mark Andrews	53e3724e23	dns_journal_compact()	2001-08-30 05:04:18 +00:00
Mark Andrews	28fc90e6c8	#857 was incomplete, ISC_MAGIC was not being used everwhere it should have been. 'magic' was not being declared consistantly. some #include <isc/magic.h> were missing from other include files. NS_SERVER_VALID was not using ISC_MAGIC_VALID.	2001-08-28 03:58:29 +00:00
Andreas Gustafsson	9c067741f1	don't #define DNS_STATS_NCOUNTERS in two different places [RT #1666 ]	2001-08-27 21:47:00 +00:00
Mark Andrews	73ac1894ea	964. [func] Warn if non root hints data is found in hints file.	2001-08-27 03:36:00 +00:00
Brian Wellington	ee3ab6063d	945. [func] Add the new view-specific options "match-destinations" and "match-recursive-only".	2001-07-26 20:42:46 +00:00
Andreas Gustafsson	831bbce008	commented trust levels	2001-07-23 17:55:37 +00:00
Danny Mayer	f621719829	Added support for Win32	2001-07-16 05:10:30 +00:00
Andreas Gustafsson	23ac0d8259	comments for dns_message_parse() referred to nonexistent arguments	2001-06-14 18:38:48 +00:00
Mark Andrews	03f91269f5	856. [func] Allow partial rdatasets to be returned in answer and authority sections to help non-TCP capable clients recover from truncation. [RT #1301]	2001-06-05 09:02:16 +00:00
Bob Halley	eba5c23154	undo 1.54, which was an accidental commit	2001-06-01 03:07:54 +00:00
Bob Halley	875542855a	update to 9.3.0, now that the 9.2 release branch has been created	2001-06-01 03:05:07 +00:00
Brian Wellington	59d5cc31e5	#include <dns/types.h>	2001-06-01 01:09:10 +00:00
Brian Wellington	1969ab5360	copyright updates	2001-05-30 20:31:08 +00:00
Andreas Gustafsson	e7a4f58d55	833. [cleanup] Moved dns_soa_*() from <dns/journal.h> to <dns/soa.h>, and extended them to support all the integer-valued fields of the SOA RR.	2001-05-21 23:56:34 +00:00
Bob Halley	4e9d4ceadf	Take two of new semantics for ANY queries at zone cut points. Now doing an ANY query at a zone cut point will return a delegation, except if DNS_DBFIND_GLUEOK is set, in which case DNS_R_ZONECUT will be returned as before. Someday it would probably be a good idea to get rid of DNS_R_ZONECUT entirely and just return DNS_R_GLUE in that case, but I was afraid to do that now since it might break things. These changes pass all system tests.	2001-05-15 05:35:27 +00:00
Bob Halley	751aa24c98	only return DNS_R_ZONECUT from secure zones	2001-05-14 19:25:59 +00:00
Brian Wellington	ecf4962155	more of 'rndc status'	2001-05-14 19:06:47 +00:00
Andreas Gustafsson	a9ef485446	If IXFR fails, fall back to AXFR	2001-05-10 17:51:49 +00:00
Brian Wellington	35582313f7	add dns_zt_zonecount(), which counts the number of zones in a zonetable.	2001-05-09 21:34:19 +00:00
Andreas Gustafsson	9dafd058e3	implemented 'rndc reconfig'	2001-05-07 23:34:24 +00:00
Andreas Gustafsson	bdb60248c3	oops, removed the wrong declaration	2001-05-04 23:57:22 +00:00
Andreas Gustafsson	2788f21727	don't install the now-nonexistent <dns/namedconf.h>	2001-05-04 17:08:43 +00:00
Andreas Gustafsson	af46049567	removed <dns/namedconf.h>, which pertained to the old configuration parser	2001-05-02 17:39:51 +00:00
Andreas Gustafsson	1dbec28030	removed declarations of nonexistent functions	2001-04-30 18:09:31 +00:00
Andreas Gustafsson	e482a1c91e	cache dumps now include trust levels and ncache entries	2001-04-26 21:17:56 +00:00
Brian Wellington	c20ffa38de	808. [func] Add 'rndc flush' to flush the server's cache.	2001-04-11 20:37:50 +00:00
Brian Wellington	668f8d91db	795. [func] Add the +multiline option to dig. (which requires dns_message_totext(), etc. to take a style parameter)	2001-03-28 02:42:56 +00:00
Andreas Gustafsson	bed7a35293	dns_master_questiontotext() needs a style argument after all	2001-03-28 00:58:15 +00:00
Andreas Gustafsson	531eafa302	use dns_master_rdatasettotext() &co; removed unused flag DNS_MESSAGETEXTFLAG_OMITDOT	2001-03-28 00:50:05 +00:00
Andreas Gustafsson	421551db8a	new functions dns_master_rdatasettotext() and dns_master_questiontotext(), replacing dns_rdataset_totext()	2001-03-28 00:22:16 +00:00
Brian Wellington	45e22378fc	dns_name_tofilenametext() now downcases the name, which means the callers don't need to.	2001-03-27 23:43:15 +00:00
Brian Wellington	7d7215baf8	Add dns_name_tofilenametext(), and use it in the dnssec tools.	2001-03-27 22:57:48 +00:00

... 7 8 9 10 11 ...

1968 commits