upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-27 03:51:16 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
25079 commits 18 branches 854 tags 440 MiB
Commit graph

10345 commits

Author SHA1 Message Date
Tinderbox User
b941edbeb5 update copyright notice 2013-01-09 23:45:53 +00:00
Mark Andrews
c07c2a862e 3458. [bug] Return FORMERR when presented with a overly long 
domain named in a request. [RT #29682]
 2013-01-10 10:30:15 +11:00
Mark Andrews
f1c1aab2c9 3457. [protocol] Add ILNP records (NID, LP, L32, L64). [RT #31836] 2013-01-10 08:26:31 +11:00
Mark Andrews
6018bd957d remove dead code 2013-01-09 21:50:20 +11:00
Mark Andrews
f622386388 use known length for known algorithns in fromtext_dlv cf fromtext_ds 2013-01-09 21:11:16 +11:00
Mark Andrews
513b5e8e51 3373. [bug] win32: open raw files in binary mode. [RT #30944] 
was not complete openfile_fast and openfile_raw should be using mode "rb"
rather than "r".
 2013-01-09 17:03:03 +11:00
Mark Andrews
aa24128022 3454. [port] sparc64: improve atomic support. [RT #25182] 2013-01-09 12:55:32 +11:00
Tinderbox User
afe7d4b934 update copyright notice 2013-01-08 23:45:50 +00:00
Mark Andrews
fc0bfa07c7 3453. [bug] 'rndc addzone' of a zone with 'inline-signing yes;' 
failed. [RT #31960]
 2013-01-09 07:40:27 +11:00
Mark Andrews
c9cecf7bb5 3452. [bug] Accept duplicate singlton records. [RT #32329] 2013-01-08 10:58:42 +11:00
Tinderbox User
e436a3d965 update copyright notice 2013-01-06 23:45:45 +00:00
Mark Andrews
c359f7b10f 3451. [port] Increase per thread stack size from 64K to 1M. 
[RT #32230]
 2013-01-07 09:52:16 +11:00
Mark Andrews
016eea4c62 remove dead code 2013-01-06 07:48:01 +11:00
Tinderbox User
6fe42ff85c update copyright notice 2013-01-04 23:45:53 +00:00
Mark Andrews
f7d6bc93d1 make static 2013-01-05 00:32:38 +11:00
Mark Andrews
cbb2a0ebea silence compiler warning 2013-01-04 15:57:38 +11:00
Evan Hunt
f0a3b10baa [master] add print.h 2013-01-03 18:22:52 -08:00
Mark Andrews
8bd5bcd2a7 3445. [bug] Warn about zone files with blank owner names 
immediately after $ORIGIN directives. [RT #31848]

Conflicts:
	lib/dns/tests/master_test.c
 2013-01-04 12:16:55 +11:00
Mark Andrews
e285c6ea84 3449. [bug] gen.c: use the pre-processor to construct format 
strings so that compiler can perform sanity checks;
                        check the snprintf results. [RT #17576]
 2013-01-04 11:07:58 +11:00
Tinderbox User
d91e5a75df update copyright notice 2013-01-02 23:45:51 +00:00
Tinderbox User
024cf50d12 update copyright notice 2013-01-01 23:45:47 +00:00
Tinderbox User
9191b6c9e8 update copyright notice 2012-12-20 23:45:48 +00:00
Evan Hunt
086cb64a78 [master] remove unnecessary memcpy 2012-12-20 10:33:47 -08:00
Mark Andrews
45d4341eed silence signed/unsigned warning; rename log -> fctx_log 2012-12-19 12:39:54 +11:00
Evan Hunt
3ad3e9c948 [master] reject $ORIGIN before inherited name 
3445.	[bug]		Reject zone files with blank owner names immediately
			after $ORIGIN directives. [RT #31848]
 2012-12-18 16:17:55 -08:00
Tinderbox User
b16174507d update copyright notice 2012-12-18 23:45:50 +00:00
Mark Andrews
8462dfb880 3443. [bug] The NOQNAME proof was not being returned from cached 
insecure responses. [RT #21409]
 2012-12-19 09:55:02 +11:00
Mark Andrews
9f6b57798d 3441. [maint] D.ROOT-SERVERS.NET is now 199.7.91.13. 2012-12-14 12:48:29 +11:00
Mark Andrews
fcc04c160f 3440. [bug] Reorder get_key_struct to not trigger a assertion when 
cleaning up due to out of memory error. [RT #32131]
 2012-12-13 11:18:01 +11:00
Mark Andrews
463f4ad70b silence clang --analyzer warnin by checking rdata.length 2012-12-10 08:24:17 +11:00
Tinderbox User
b8e2e5dd86 update copyright notice 2012-12-08 23:45:51 +00:00
Mark Andrews
50aaa90130 RETTOK -> RETERR 2012-12-09 07:45:51 +11:00
Mark Andrews
e85702ce5b 3438. [bug] Don't accept unknown data escape in quotes. [RT #32031] 
Squashed commit of the following:

commit 7ad3daade513c94a1c92ee7c91c112f161d13ef4
Author: Mark Andrews <marka@isc.org>
Date:   Mon Dec 3 15:03:44 2012 +1100

    look at the second token to determine if a TXT record in of unknown format or not

commit 7df32138462646f6aee84ffa56d02ac24ec8d672
Author: Mark Andrews <marka@isc.org>
Date:   Mon Dec 3 12:42:18 2012 +1100

    '"\#"' was incorrectly being treated as a unknown data escape sequence.
 2012-12-08 14:05:32 +11:00
Mark Andrews
6f7abb89ec 3437. [bug] isc_buffer_init -> isc_buffer_constinit to initialise 
buffers with constant data. [RT #32064]

Squashed commit of the following:

commit 3433b96bf11f8c90ccbe412f01d02a6d8bbc2d33
Author: Mark Andrews <marka@isc.org>
Date:   Sat Dec 8 12:41:16 2012 +1100

    isc_buffer_init -> isc_buffer_constinit

commit c22dbcc1122a0a44f7b46068e0ccbc25353a57d5
Author: Mark Andrews <marka@isc.org>
Date:   Sat Dec 8 12:38:39 2012 +1100

    isc_buffer_init -> isc_buffer_constinit

commit 900820416c45c1887d0d22d7a010df60a903bd56
Author: Mark Andrews <marka@isc.org>
Date:   Sat Dec 8 12:24:19 2012 +1100

    remove isc_buffer_reconstinit

commit f815711c17b05f9961786a90b9bae902d3c01494
Author: Mark Andrews <marka@isc.org>
Date:   Wed Dec 5 15:42:57 2012 +1100

    add isc_buffer_constinit
 2012-12-08 12:48:57 +11:00
Tinderbox User
aae306e914 update copyright notice 2012-12-07 23:45:48 +00:00
Evan Hunt
45f3693294 [master] check malloc/calloc return values 
3436.	[bug]		Check malloc/calloc return values. [RT #32088]
 2012-12-07 12:23:58 -08:00
Evan Hunt
abff0f462a [master] pass client info to DLZ findzone method 
3434.   [bug]           Pass client info to the DLZ findzone() entry
                        point in addition to lookup().  This makes it
                        possible for a database to answer differently
                        whether it's authoritative for a name depending
                        on the address of the client.  [RT #31775]
 2012-12-06 12:59:36 -08:00
Evan Hunt
177be355d4 [master] handle ISC_R_NOMORE correctly 
3433.	[bug]		dlz_findzone() did not correctly handle
			ISC_R_NOMORE. [RT #31172]
 2012-12-06 12:41:58 -08:00
Evan Hunt
2b8bed6681 [master] multiple-dlz/dlz-nxdomain 
3432.	[func]		Multiple DLZ databases can now be configured.
			DLZ databases are searched in the order configured,
			unless set to "search no", in which case a
			zone can be configured to be retrieved from a
			particular DLZ database by using a "dlz <name>"
			option in the zone statement.  DLZ databases can
			support type "master" and "redirect" zones.
			[RT #27597]
 2012-12-06 12:39:52 -08:00
Mark Andrews
8a6f41d86a 3430. [bug] win32: isc_time_formatISO8601 was missing the 
'T' between the date and time. [RT #32044]
 2012-12-04 14:59:56 +11:00
Mark Andrews
c6f03e7903 treat clang 3.x and 4.x as independent release streams 2012-12-03 09:10:43 +11:00
Mark Andrews
6ebf3dbb33 workaround only needed for clang 3.1 2012-12-03 07:58:01 +11:00
Mark Andrews
c6af776a7e silence compiler warnings 2012-12-01 21:32:31 +11:00
Mark Andrews
4151109b94 silence clang --analyze warnings 2012-11-30 18:50:38 +11:00
Mark Andrews
85a873f000 conditionally silence false positives from clang --analyze 2012-11-30 16:19:00 +11:00
Mark Andrews
538f4a22b1 3429. [bug] dns_zone_getserial2 could a return success without 
returning a valid serial. [RT #32007]

Squashed commit of the following:

commit 0057f4b6e843c3998b987dbc7f32ceeee8afc150
Author: Mark Andrews <marka@isc.org>
Date:   Fri Nov 30 08:13:15 2012 +1100

    zone_get_from_db could return success without setting return valuses; serial is only valid if soacount is none zero
 2012-11-30 11:39:37 +11:00
Mark Andrews
22f3afddd2 null pointer derefernce on out of memory 2012-11-30 00:58:56 +11:00
Mark Andrews
d4af2cc0db initialize the octet string to empty so that we don't free garbage on error 2012-11-29 18:11:05 +11:00
Mark Andrews
965605e238 link against @DNS_CRYPTO_LIBS@ 2012-11-29 07:27:11 +11:00
Mark Andrews
2e22f903da 3425. [bug] "acacheentry" reference counting was broken resulting 
in use after free. [RT #31908]
 2012-11-27 16:03:36 +11:00
Mark Andrews
c46aa71433 dupped/created reversed in log message 2012-11-23 17:28:16 +11:00
Tinderbox User
7e75b6266d update copyright notice 2012-11-21 23:45:45 +00:00
ckb
2786b6c53f 3422. [bug] Added a clear error message for when the SOA does not 
match the referral. [RT #31281]
 2012-11-21 16:44:34 -06:00
Mark Andrews
20b95f5ff6 3421. [bug] Named loops when re-signing if all keys are offline. 
[RT #31916]

Squashed commit of the following:

commit f47af0ca6793687b9c8d08fd44b0c091ba5a4f9a
Author: Mark Andrews <marka@isc.org>
Date:   Wed Nov 21 17:45:21 2012 +1100

    dns_dns_zonediff_t -> dns_zonediff_t, clarify comment

commit 344edefc3ee90856a7ff990abe7971925ba843b2
Author: Mark Andrews <marka@isc.org>
Date:   Tue Nov 20 13:12:26 2012 +1100

    commit the zone changes if a keep was marked as being offline

commit cad2c2446ebfc20b6d8c4f6dd0d6596d7106cc0f
Author: Mark Andrews <marka@isc.org>
Date:   Tue Nov 20 13:08:29 2012 +1100

    check for looping when re-signing expiring.example
 2012-11-21 17:48:57 +11:00
Mar Andrews
c3b9fad5e3 3420. [bug] Address VPATH compilation issues. [RT #31879] 2012-11-17 09:33:46 +00:00
Mark Andrews
39bfdc2ff9 3419. [bug] Memory leak on validation cancel. [RT #31869] 
Squashed commit of the following:

commit 452b07ec7cb31784d90d9c2e45ca708df306302e
Author: Mark Andrews <marka@isc.org>
Date:   Wed Nov 14 23:36:36 2012 +1100

    destroy fetch when canceling validator
 2012-11-15 11:16:28 +11:00
ckb
aecadaf3b1 3418. [func] New XML schema (version 3.0) for the statistics channel 
adds query type statistics at the zone level, and
			flattens the XML tree and uses compressed format to
			optimize parsing. Includes new XSL that permits
			charting via the Google Charts API on browsers that
			support javascript in XSL.  The old XML schema has been
			deprecated. [RT #30023]

3417.	[placeholder]
 2012-11-14 12:44:15 -06:00
Mark Andrews
d8fc410cf8 Redo 
3415.   [bug]           named could die with a REQUIRE failure if a valdation
                        was canceled. [RT #31804]
 2012-11-14 07:41:32 +11:00
Mark Andrews
1a09fefa59 3415. [bug] named could die with a REQUIRE failure id a valdation 
was canceled. [RT #31804]

Squashed commit of the following:

commit d414d3cb4244daeca4159ac1f8a82322e4a20e5a
Author: Mark Andrews <marka@isc.org>
Date:   Wed Nov 7 14:19:28 2012 +1100

    check that val->fetch != NULL before calling dns_resolver_destroyfetch
 2012-11-09 09:09:52 +11:00
Mark Andrews
07cab7ffa8 improve isc_mempool_put memory model 2012-11-02 16:02:15 +11:00
Mark Andrews
ffd17aca38 move memory accounting to before free of memory to avoid "using" a pointer after it is freed 2012-11-02 15:57:56 +11:00
Mark Andrews
6316438336 spelling 2012-11-02 11:19:02 +11:00
Mark Andrews
d9baadbb0c add coverity[+free : arg-1] directive 2012-11-02 11:16:32 +11:00
Mark Andrews
8f4572372c 3414. [bug] Address locking issues found by Coverity. [RT #31626] 2012-11-02 06:41:45 +11:00
Mark Andrews
18a148d998 sock is potentially unused in use_min_mtu 2012-11-01 15:28:36 +11:00
Mark Andrews
a004a82ee3 uninitalised use 2012-11-01 13:53:20 +11:00
Mark Andrews
4d30dd89f5 3412. [bug] Copy timeval structure from control message data. 
[RT #31548]
 2012-11-01 11:16:59 +11:00
Tinderbox User
fcd7c22fdf update copyright notice 2012-10-31 23:45:49 +00:00
Mark Andrews
bbf31e6b62 More coverity fixes: 
3410.   [bug]           Addressed Coverity warnings. [RT #31626]
Squashed commit of the following:

commit 6fec07bbb69ead784063052f2099674f8b52c6b3
Author: Mark Andrews <marka@isc.org>
Date:   Tue Oct 30 18:14:35 2012 +1100

    use strl{cat,cpy}

commit 19a5d3766f3dbc8a2944b21640a8226a89aae7ba
Author: Mark Andrews <marka@isc.org>
Date:   Tue Oct 30 14:38:55 2012 +1100

    address unchecked xmlTextWriter* calls
 2012-11-01 10:22:11 +11:00
Mark Andrews
c2e80cf47e 3411. [tuning] Use IPV6_USE_MIN_MTU or equivalent with TCP in addition to UDP. [RT #31690] 
Squashed commit of the following:

commit bcbe9ae7a99e1f7f4236a22739a793b51ace8684
Author: Mark Andrews <marka@isc.org>
Date:   Wed Oct 31 15:10:53 2012 +1100

    Use IPV6_USE_MIN_MTU for TCP as well as UDP
 2012-11-01 08:42:56 +11:00
Mark Andrews
16a2ddb2ce more: 3410. [bug] Addressed Coverity warnings. [RT #31626] 
move set_refreshkeytimer call within loop so that keydata is valid.
 2012-10-30 13:00:58 +11:00
Mark Andrews
15fdec98df check more dns_rdata_tostruct returns 2012-10-30 08:50:06 +11:00
Mark Andrews
f83542787f 3410. [bug] Addressed Coverity warnings. [RT #31626] 
Squashed commit of the following:

commit bce2efe66d69d60b746b85df49974ca341723169
Author: Mark Andrews <marka@isc.org>
Date:   Mon Oct 29 12:59:25 2012 +1100

    use 'static dns_rdata_xxxx_t xxxx'

commit 704d3c29acbf2dd350a26f2df82a57cb077ba72e
Author: Mark Andrews <marka@isc.org>
Date:   Mon Oct 29 12:35:16 2012 +1100

    return ISC_R_NOTFOUND if private record length does not make sense

commit 7596610c12c5685336fc0909860173d2fae359af
Author: Mark Andrews <marka@isc.org>
Date:   Sat Oct 27 21:41:17 2012 +1100

    check private->length == 5

commit 3836365a3e3e83b057bd940350f032279e080296
Author: Mark Andrews <marka@isc.org>
Date:   Sat Oct 27 21:40:50 2012 +1100

    properly set private->length

commit a295778ac53109d39ef3a8b233751100edae678b
Author: Mark Andrews <marka@isc.org>
Date:   Sat Oct 27 21:13:30 2012 +1100

    check dns_rdata_tostruct result

commit e33c37ca9112159e0b2363615bb018d27fa7d1a5
Author: Mark Andrews <marka@isc.org>
Date:   Sat Oct 27 21:10:43 2012 +1100

    check remove/fopen/chmod return values

commit 3a675e0666aae25d1c51f51ec7bd3fbe25545aae
Author: Mark Andrews <marka@isc.org>
Date:   Sat Oct 27 20:59:10 2012 +1100

    check isc_socket_accept result

commit 696923344f4b07ce0dba4cf2675b1cbb6eba7e8e
Author: Mark Andrews <marka@isc.org>
Date:   Sat Oct 27 20:55:40 2012 +1100

    change variable scopes

commit b9e9d9ad58270271003e463f10744e0ceaf9ad97
Author: Mark Andrews <marka@isc.org>
Date:   Sat Oct 27 20:53:19 2012 +1100

    check inet_pton return value

commit 70698e9589da77e3745efb6ea24b8830addd6ae4
Author: Mark Andrews <marka@isc.org>
Date:   Sat Oct 27 20:52:40 2012 +1100

    break -> /* NOTREACHED */

commit 88de9de2e8e201ab2fef16a868f241e8206ea826
Author: Mark Andrews <marka@isc.org>
Date:   Sat Oct 27 20:52:06 2012 +1100

    strcpy -> strlcpy

commit 6ba79c7cec0e48014cdfa76e8a9406b7a921556e
Author: Mark Andrews <marka@isc.org>
Date:   Sat Oct 27 20:51:26 2012 +1100

    check dns_rdata_tostruct return values
 2012-10-29 20:04:59 +11:00
Evan Hunt
f46168b879 [master] allow dnssec options in inline-signing slaves 
3408.	[bug]		Some DNSSEC-related options (update-check-ksk,
			dnssec-loadkeys-interval, dnssec-dnskey-kskonly)
			are now legal in slave zones as long as
			inline-signing is in use. [RT #31078]
 2012-10-26 16:14:59 -07:00
Evan Hunt
2f57f353e8 [master] address mem.c compilation problems 
3406.	[bug]		mem.c: Fix compilation errors when building with
			ISC_MEM_TRACKLINES or ISC_MEMPOOL_NAMES disabled.
                        Also, ISC_MEM_DEBUG is no longer optional. [RT #31559]
 2012-10-25 18:56:47 -07:00
Tinderbox User
814fc913e6 update copyright notice 2012-10-25 23:47:00 +00:00
Mark Andrews
f3e10cca1b 3405. [bug] Handle time going backwards in acache. [RT #31253] 
Squashed commit of the following:

commit fbf4c8fe2644c101bac870360d3f2c159a90f203
Author: Mark Andrews <marka@isc.org>
Date:   Wed Oct 24 14:43:14 2012 +1100

    remove INSIST and handle time going backwards
 2012-10-25 14:29:10 +11:00
Tinderbox User
a3fb84bd1b update copyright notice 2012-10-24 23:46:51 +00:00
Evan Hunt
9dca437081 [master] silence warning 2012-10-24 15:40:00 -07:00
Evan Hunt
98f9571bd9 [master] silence unused variable warning 2012-10-24 15:36:04 -07:00
Evan Hunt
c241017dcd [master] fix fedora 17 ecdsa compilation problem 2012-10-24 13:56:41 -07:00
Evan Hunt
0e37e9e3d7 [master] silence noisy OpenSSL logging 
3402.	[bug]		Correct interface numbers for IPv4 and IPv6 interfaces.
 2012-10-24 12:58:16 -07:00
Evan Hunt
47c5b8af92 [master] silence coverity warnings 
3401.	[bug]		Addressed Coverity warnings. [RT #31484]
 2012-10-23 22:04:06 -07:00
Mark Andrews
965371b8cf 3399. [port] netbsd: rename 'bool' parameter to avoid namespace 
clash.  [RT #31515]
 2012-10-22 11:42:23 +11:00
Tinderbox User
94f86d37b2 update copyright notice 2012-10-19 23:45:58 +00:00
Mark Andrews
3624e53916 remove redundant UNUSED(callbacks) 2012-10-19 16:28:57 +11:00
Tinderbox User
c37fbb91e3 update copyright notice 2012-10-18 23:46:07 +00:00
Mark Andrews
de0fd68097 3398. [bug] SOA parameters were not being updated with inline 
signed zones if the zone was modified while the
                        server was offline. [RT #29272]
 2012-10-19 10:25:06 +11:00
Mark Andrews
0fbd29837a 3396. [bug] OPT records were incorrectly removed from signed, 
truncated responses. [RT #31439]
 2012-10-18 13:25:06 +11:00
Mark Andrews
70bd5ae6fa missing space before other len after change #3389 2012-10-17 12:48:12 +11:00
Mark Andrews
47c6d89485 3394. [bug] Adjust 'sucessfully validated after lower casing 
signer' log level and category. [RT #31414]
 2012-10-16 11:56:05 +11:00
Tinderbox User
603a182e43 update copyright notice 2012-10-15 23:46:02 +00:00
Mark Andrews
4b17401c9c add test support for dropping edns messages (-T dropedns); ignoring edns in queries (-T noedns); variable max UDP (-T maxudp=value) 2012-10-16 10:23:08 +11:00
Mark Andrews
71dfdcbfae 3392. [func] Keep statistics on REFUSED responses. [RT #31412] 2012-10-16 10:21:22 +11:00
Mark Andrews
9432ef6cdb remove redundent call 2012-10-12 21:57:22 +11:00
Mark Andrews
6700284a4f fix typos in variable names 2012-10-10 13:10:07 +11:00
Mark Andrews
1559dfd341 silence compiler warning 2012-10-08 14:30:10 +11:00
Tinderbox User
15c7a1bf20 update copyright notice 2012-10-06 23:46:11 +00:00
Mark Andrews
dbf693fdfd 3391. [bug] DNSKEY that encountered a CNAME failed. [RT #31262] 2012-10-06 14:56:33 +10:00
Mark Andrews
611dc88768 3390. [bug] Silence clang compiler warnings. [RT #30417] 2012-10-06 14:20:45 +10:00
Mark Andrews
14889e7b17 add <dns/dsdigest.h> to the list of header files to be installed 2012-10-05 15:10:50 +10:00
Mark Andrews
2ec7373254 3389. [bug] Always return NOERROR (not 0) in TSIG. [RT #31275] 2012-10-05 06:57:05 +10:00
Tinderbox User
7ce7ecf6bc update copyright notice 2012-10-03 23:46:17 +00:00
Mark Andrews
e0ad27d822 Revert "include <isc/print.h> in gen.c" 
This reverts commit 3f6cec1a35.
 2012-10-04 08:11:21 +10:00
Evan Hunt
3f6cec1a35 include <isc/print.h> in gen.c 2012-10-03 07:59:57 -07:00
Evan Hunt
41bbb34bc2 fix coverity issues 
3388.	[bug]		Fixed several Coverity warnings. [RT #30996]
 2012-10-02 23:44:03 -07:00
Mark Andrews
02bbbc26be lib/dns/include/dns/dsdigest.h 2012-10-03 14:47:30 +10:00
Mark Andrews
058e44186b 3387. [func] Support for a DS digest can be disabled at 
runtime with disable-ds-digests. [RT #21581]
 2012-10-03 12:38:43 +10:00
Mark Andrews
f4f15cbf71 white space; move pause to before comment. 2012-10-03 10:11:07 +10:00
Mark Andrews
9e70b51d3b 3386. [bug] Address locking violation when generating new NSEC / 
NSEC3 chains. [RT #31224]
 2012-10-03 09:02:28 +10:00
Mark Andrews
37702cb83c reapply accidentally reversed change 2012-10-02 16:42:50 +10:00
Mark Andrews
aa49af836c 3385. [bug] named-checkconf didn't detect missing master lists 
in also-notify clauses. [RT #30810]
 2012-10-02 13:06:02 +10:00
Evan Hunt
31c6f9cc85 silence warning 2012-09-28 18:47:05 -07:00
Tinderbox User
0fc76b64fb update copyright notice 2012-09-28 23:46:10 +00:00
Evan Hunt
d1ac7adb3e improve logging of ecdsa errors 
3384.	[bug]		Improved logging of crypto errors. [RT #30963]
 2012-09-28 13:46:47 -07:00
Tinderbox User
04a9fcecf5 update copyright notice 2012-09-26 23:46:13 +00:00
Evan Hunt
da35568c71 use correct port range 
3382.	[bug]		SOA query from slave used use-v6-udp-ports range,
			if set, regardless of the address family in use.
			[RT #24173]
 2012-09-26 13:55:18 -07:00
Mark Andrews
27809a2ee5 3379. [bug] isc_interval_zero and isc_time_epoch should be 
"const (type)* const". [RT #31069]
 2012-09-26 14:58:53 +10:00
Evan Hunt
05284949f7 handle nonexistent managed-keys-directory 
3378.	[bug]		Handle missing 'managed-keys-directory' better.
			[RT #30625]
 2012-09-25 18:19:17 -07:00
Evan Hunt
664320a88f remove spurious newline 
3377.	[bug]		Removed spurious newline from NSEC3 multiline
			output. [RT #31044]
 2012-09-18 14:22:33 -07:00
Mark Andrews
96f1aa2458 add missing extern qualiers 2012-09-17 18:37:24 +10:00
Mark Andrews
eed495737b 3376. [bug] Lack of EDNS support was being recorded without a 
successful response. [RT #30811]
 2012-09-14 11:01:06 +10:00
Mark Andrews
5f26ffc2b4 3375. [bug] 'rndc dumpdb' failed on empty caches. [RT #30808] 2012-09-14 07:53:19 +10:00
Tinderbox User
14725aff16 update copyright notice 2012-09-12 23:46:13 +00:00
ckb
179d8f4cc8 3374. [bug] isc_parse_uint32 failed to return a range error on 
systems with 64 bit longs [RT #30232]
 2012-09-12 15:08:19 -05:00
Mark Andrews
0b9ea3fca6 O_BINARY -> _O_BINARY 2012-09-12 13:51:49 +10:00
Mark Andrews
7e9d637131 3373. [bug] win32: open raw files in binary mode. [RT #30944] 2012-09-12 11:44:24 +10:00
Mark Andrews
4c2168728c 3372. [bug] Silence spurious "deleted from unreachable cache" 
messages.  [RT #30501]
 2012-09-08 17:59:14 +10:00
Mark Andrews
d27343c554 make dns_rbt_zero_header static 2012-08-24 10:44:26 +10:00
Mark Andrews
68eb4dca5a unsigned constants 2012-08-24 08:45:56 +10:00
Mark Andrews
4738df0c5c v9_8_4rc2 2012-08-23 23:39:43 +10:00
Mark Andrews
8e0a15f42f 3370. [bug] Address use after free while shutting down. [RT #30241] 2012-08-22 19:19:30 +10:00
Tinderbox User
72de8965c8 update copyright notice 2012-08-21 23:46:02 +00:00
Mark Andrews
8f7e0e25a5 3368. [bug] <dns/iptable.h>, <dns/private.h> and <dns/zone.h> 
where not C++ safe.
 2012-08-21 16:42:19 +10:00
Mark Andrews
b29e848220 3367. [bug] dns_dnsseckey_create() result was not being checked. 
[RT #30685]
 2012-08-21 12:04:09 +10:00
Tinderbox User
0c156cfa39 update copyright notice 2012-08-17 23:46:06 +00:00
ckb
339f08ee1e 3366. [bug] Fixed Read-After-Write dependency violation for IA64 
atomic operations. [RT #25181]
 2012-08-17 13:02:50 -05:00
Mark Andrews
076bda8c2e we didn't catch a zero option at the global level when views are active 2012-08-17 13:40:17 +10:00
Evan Hunt
78ba74e63d remove spurious newlines in zone.c logging 
3365.	[bug]		Removed spurious newlines from log messages in
			zone.c [RT #30675]
 2012-08-16 10:41:09 -07:00
Mark Andrews
1bbd36c4db 3364. [security] Named could die on specially crafted record. 
[RT #30416]
 2012-08-16 09:42:14 +10:00
Evan Hunt
85705b4b5a allow "forward" and "forwarders" in static-stub 
3363.	[bug]		Need to allow "forward" and "fowarders" options
			in static-stub zones; this had been overlooked.
			[RT #30482]
 2012-08-15 13:08:15 -07:00
Tinderbox User
23554e8479 update copyright notice 2012-08-14 23:46:02 +00:00
Evan Hunt
820fdd61dd properly range-check fields that do not allow 0 
3362.	[bug]		Setting some option values to 0 in named.conf
			could trigger an assertion failure on startup.
			[RT #27730]
 2012-08-13 22:39:42 -07:00
Mark Andrews
4e8090f1c1 test against unsigned zero 2012-08-14 14:31:51 +10:00
Mark Andrews
f06dad6860 3360. [bug] 'host -w' could die. [RT #18723] 2012-08-14 11:05:29 +10:00
Evan Hunt
3f755529ee address memory leak with bad tsig secret 
3359.	[bug]		An improperly-formed TSIG secret could cause a
                        memory leak. [RT #30607]
 2012-08-10 20:15:59 -07:00
Tinderbox User
953692fa1e update copyright notice 2012-07-25 23:46:04 +00:00
ckb
e7857b5ee0 3356. [bug] Cap the TTL of signed RRsets when RRSIGs are 
approaching their expiry, so they don't remain
			in caches after expiry. [RT #26429]
 2012-07-25 17:06:34 -05:00
Mark Andrews
1495117889 cast mode to unsigned int for fprintf 2012-07-24 12:58:04 +10:00
Mark Andrews
2634750ce5 Merge branch 'master' of repo.isc.org:/proj/git/prod/bind9 2012-07-24 12:18:43 +10:00
Mark Andrews
1d2f282840 cleanup unused variables 2012-07-24 12:18:10 +10:00
Tinderbox User
0b637179cc update copyright notice 2012-07-23 23:46:06 +00:00
Mark Andrews
6eb6af6732 3354. [func] Improve OpenSSL error logging. [RT #29932] 2012-07-23 15:08:21 +10:00
Mark Andrews
13518a9636 windows fixes 2012-07-20 18:08:28 +10:00
Tinderbox User
c207dd8394 update copyright notice 2012-07-19 23:45:53 +00:00
Mark Andrews
c965b18690 3353. [bug] Use a single task for task exclusive operations. 
[RT #29872]
 2012-07-19 23:00:21 +10:00
Mark Andrews
ee2f98d5cf 3352. [bug] Ensure that learned server attributes timeout of the 
adb cache. [RT #29856]
 2012-07-18 14:16:37 +10:00
Mark Andrews
c963ca7542 3351. [bug] isc_mem_put and isc_mem_putanddetach didn't report 
caller if either ISC_MEM_DEBUGSIZE or ISC_MEM_DEBUGCTX
                        memory debugging flags are set. [RT #30243]
 2012-07-18 10:02:32 +10:00
Mark Andrews
d0d892f449 3350. [bug] Memory read overrun in isc___mem_reallocate if 
ISC_MEM_DEBUGCTX memory debugging flag is set.
                        [RT #30240]
 2012-07-18 09:50:52 +10:00
Mark Andrews
1a594d204a fix race in ISC_QUEUE_PUSH 2012-07-17 15:12:20 +10:00
ckb
ad7fdba1ed 3348. [security] prevent RRSIG data from being cached if a negative 
record matching the covering type exists at a higher
			trust level. Such data already can't be retrieved from
			the cache since change 3218 -- this prevents it
			being inserted into the cache as well.
 2012-07-09 12:51:11 -05:00
Evan Hunt
bb5c950e7c update .def file 2012-07-05 18:05:44 -07:00
Evan Hunt
4476b98f89 missed out a variable declaration 2012-07-05 17:18:22 -07:00
ckb
c514f38c80 Conflicts: 
lib/dns/dst_parse.c
	lib/isc/win32/file.c
 2012-07-05 16:07:31 -05:00
Evan Hunt
cdd271b14a fix bad-cache assert 
3346.	[security]	Bad-cache data could be used before it was
			initialized, causing an assert. [RT #30025]
 2012-07-02 10:01:48 -07:00
Evan Hunt
d64138e577 addressed possible race in ISC_QUEUE 
3345.	[bug]		Addressed race condition when removing the last item
			or inserting the first item in an ISC_QUEUE.
			[RT #29539]
 2012-07-02 09:37:17 -07:00
Tinderbox User
a3128c1995 update copyright notice 2012-06-29 23:45:57 +00:00
Mark Andrews
bf8267aa45 reverse bad copyright update 2012-06-29 11:39:47 +10:00
Tinderbox User
247bf37860 update copyright notice 2012-06-29 01:22:18 +00:00
Tinderbox User
da5d53fb14 update copyright notice 2012-06-26 23:45:56 +00:00
Mark Andrews
c41c261fc7 3342. [bug] Change #3314 broke saving of stub zones to disk 
resulting in excessive cpu usage in some cases.
                        [RT #29952]
 2012-06-27 09:21:09 +10:00
Tinderbox User
6d5f928b26 update copyright notice 2012-06-25 23:46:00 +00:00
Mark Andrews
ad127d839d 3341. [func] New "dnssec-verify" command checks a signed zone 
to ensure correctness of signatures and of NSEC/NSEC3
                        chains. [RT #23673]
 2012-06-25 13:57:32 +10:00
Mark Andrews
1a3894ca22 silence compiler warning by using offsetof to get structure elelment offsets 2012-06-25 11:57:10 +10:00
Mark Andrews
171d2c23f1 remove 'inline' on dns_rbt_serialize_align 2012-06-25 08:14:34 +10:00
Mark Andrews
abeb649619 check fwrite results 2012-06-23 18:21:52 +10:00
Mark Andrews
d70f7b9e46 change type of where to uintptr_t 2012-06-23 18:06:33 +10:00
Mark Andrews
aeed8b4d3b change offset type to long 2012-06-23 18:02:13 +10:00
Tinderbox User
3b398443f0 update copyright notice 2012-06-21 23:46:36 +00:00
Tinderbox User
620620df3a silence pointer/int conversion warnings using uintptr_t, since we are using stdio file offsets are longs 2012-06-22 07:37:09 +10:00
Evan Hunt
5506903c92 Merge rt28412b 
- check for mmap() in configure
- implement isc_file_mmap() and isc_file_munmap() to do
  malloc()/read() and free() when run on systems that do not
  support mmap().
 2012-06-21 12:58:46 -07:00
Mark Andrews
46e025d82e remove rundundent call 'result = isc_parse_uint8(&ui, r.base, 10);' 2012-06-21 14:28:32 +10:00
Tinderbox User
8e6b386ab7 update copyright notice 2012-06-20 23:46:40 +00:00
ckb
5f5f8b1dd4 removed .cvsignore files 2012-06-20 14:23:12 -05:00
ckb
7829fad409 merging fast format zone files 
Conflicts:
	.gitignore
	bin/named/zoneconf.c
	bin/tests/.gitignore
	bin/tests/system/autosign/tests.sh
	bin/tests/system/masterformat/clean.sh
	bin/tests/system/masterformat/ns1/compile.sh
	bin/tests/system/masterformat/tests.sh
	configure
	lib/dns/db.c
	lib/dns/include/dns/db.h
	lib/dns/include/dns/types.h
	lib/dns/master.c
	lib/dns/masterdump.c
	lib/dns/rbt.c
	lib/dns/rbtdb.c
	lib/dns/sdb.c
	lib/dns/sdlz.c
	lib/dns/tests/.cvsignore
	lib/dns/tests/Makefile.in
	lib/dns/win32/libdns.def
	lib/dns/xfrin.c
	lib/dns/zone.c
	lib/export/dns/Makefile.in
	lib/isc/include/isc/file.h
	lib/isc/unix/file.c
	lib/isc/win32/file.c
	lib/isccfg/namedconf.c
 2012-06-20 14:13:12 -05:00
Tinderbox User
ef1963d83d update copyright notice 2012-06-15 23:45:49 +00:00
Mark Andrews
ec048f4600 make maxbits signed as BN_num_bits is signed 2012-06-15 11:54:58 +10:00
Mark Andrews
7865ea9545 3339. [func] Allow the maximum supported rsa exponent size to be specified: "max-rsa-exponent-size <value>;" [RT #29228] 2012-06-14 15:44:20 +10:00
Mark Andrews
57f1d800f8 3338. [bug] Address race condition in units tests: asyncload_zone 
and asyncload_zt. [RT #26100]
 2012-06-14 15:13:44 +10:00
Mark Andrews
c298583db5 3337. [bug] Change #3294 broke support for the multiple keys 
in controls. [RT #29694]
 2012-06-13 16:25:42 +10:00
Tinderbox User
8ce1923429 update copyright notice 2012-06-08 23:45:57 +00:00
Mark Andrews
80fa3ef851 3336. [func] Maintain statistics for RRsets tagged as "stale". 
[RT #29514]
 2012-06-08 16:32:44 +10:00
Mark Andrews
109ebcc980 3334. [bug] Hold a zone table reference while performing a 
asyncronous load of a zone. [RT #28326]
 2012-06-08 13:52:13 +10:00
Mark Andrews
7310c0b1ee 3333. [bug] Setting resolver-query-timeout too low can cause 
named to not recover if it looses connectivity.
                        [RT #29623]
 2012-06-08 12:34:33 +10:00
Mark Andrews
a0c1fa2a8f 3332. [bug] Re-use cached DS rrsets if possible. [RT 29446] 2012-06-07 12:51:11 +10:00
Mark Andrews
735ca24fa6 3321. [security] dns_rdataslab_fromrdataset could produce bad 
rdataslabs. [RT #29644]
 2012-06-01 23:33:16 +10:00
Tinderbox User
7a440c4300 update copyright notice 2012-05-31 23:46:01 +00:00
Vernon Schryver
afaa290bb6 Squashed commit of the following: 
commit aea73609ac5d41ed091360e94370798965f28f05
commit eef7f44c57a060b24a426eb8888e16176a0a69b1
commit a88a26d864ad399fa2d40e3b9659b4d26f454ca1
commit 1b90d59568e7e3b65690c6bd075cf4d60b03e454
Merge: 74d8f73 cd02924
commit 74d8f73ed553bb64a305e284905762f7ff0029aa
commit 9a59ef6bbd4befe91e5691e8b85afe1cb7ab0706
commit c63606a53b4f1bb7066b37d3cfe588e9dc21a119
commit 2c392a840c8838455d144ce163bd873bee400c97
commit 0241f53563e6e7bed462a883d98a8931f01e0980
commit 79fe22b5d6f04bdaa3073cf54d41952194e879e1
commit 351b3049625f2edd39729dd85413e961b97d4b3b
commit 7207674fc77c9a10d84c0cb94e36d1c09bb31459
commit 543ad34cf08f901c20b438c9d2f45482cff13d5e
commit fc45b99ce4438627fdcbeb4365695ba0065fa46f
commit c425207f57e0a5157372aa7edbb79b13170563e5
commit ef8c5e23ca284e0ea02f69ce1f356d537c19d93b
commit ba0d4e3aa51efe412cfa1d031651f949442d1802
commit 41c7969c7cb6884b93011f7ace3fd9522efc021e
  and more from CVS

for rt26172

Add
  - optional "recursive-only yes|no" to the response-policy statement
  - optional max-policy-ttl to limit the lies that "recursive-only no"
      can introduce into resolvers' caches
  - test that queries with RD=0 are not rewritten by default
  - performance smoke test

Change encoding of PASSTHRU action to "rpz-passthru".
      (The old encoding is still accepted.)
Fix rt26180  assert botch in zone_findrdataset() in this branch
     as well.

Fix missing signatures on NOERROR results despite RPZ hits
    when there are signatures and the client asks for DNSSEC,
 2012-05-31 02:03:34 +00:00
Mark Andrews
e8e0a46925 silence warnings from clang 2012-05-30 11:52:02 +10:00
Mark Andrews
cf751b1c9b don't insist that rbtdb->cachestats exists. 2012-05-18 15:19:49 +10:00
Tinderbox User
a847a4bcd6 update copyright notice 2012-05-17 23:46:03 +00:00
Evan Hunt
26833735d3 Handle RRSIG signer case consistently 
3329.	[bug]		Handle RRSIG signer-name case consistently: We
			generate RRSIG records with the signer-name in
			lower case.  We accept them with any case, but if
			they fail to validate, we try again in lower case.
			[RT #27451]
 2012-05-17 10:44:16 -07:00
Evan Hunt
01695063c6 fix check_data() usage 
3328.   [bug]           Fixed inconsistent data checking in dst_parse.c.
                        [RT #29401]
 2012-05-16 23:12:57 -07:00
Tinderbox User
633c5dc507 update copyright notice 2012-05-14 23:45:48 +00:00
Evan Hunt
d81b6b94c4 cache stats were detached when flushing cache 2012-05-14 12:20:34 -07:00
Evan Hunt
d878b8d87c merged filter-aaaa-on-v6 (ATT SoW) 
3327.	[func]		Added 'filter-aaaa-on-v6' option; this is similar
			to 'filter-aaaa-on-v4' but applies to IPv6
			connections.  (Use "configure --enable-filter-aaaa"
			to enable this option.)  [RT #27308]
 2012-05-14 11:50:00 -07:00
Evan Hunt
dd2a0a6d2d Merge statistics code (ATT SoW, rt24117) 
This includes the following changes:

3326.	[func]		Added task list statistics: task model, worker
			threads, quantum, tasks running, tasks ready.
			[RT #27678]

3325.	[func]		Report cache statistics: memory use, number of
			nodes, number of hash buckets, hit and miss counts.
			[RT #27056]

3324.	[test]		Add better tests for ADB stats [RT #27057]

3323.	[func]		Report the number of buckets the resolver is using.
			[RT #27020]

3322.	[func]		Monitor the number of active TCP and UDP dispatches.
			[RT #27055]

3321.	[func]		Monitor the number of recursive fetches and the
			number of open sockets, and report these values in
			the statistics channel. [RT #27054]

3320.	[func]		Added support for monitoring of recursing client
			count. [RT #27009]

3319.	[func]		Added support for monitoring of ADB entry count and
			hash size. [RT #27057]
 2012-05-14 10:06:05 -07:00
Mark Andrews
c438f1beb9 3318. [tuning] Reduce the amount of work performed while holding a 
bucket lock when finshed with a fetch context.
                        [RT #29239]
 2012-05-10 08:28:32 +10:00
Mark Andrews
26ed6de665 add opensslecdsa_link 2012-05-09 13:51:29 +10:00
Evan Hunt
d560cb0fc3 Merge branch 'master' of ssh://repo/proj/git/prod/bind9 2012-05-03 14:01:41 -07:00
Evan Hunt
970aa7d783 missing braces; style glitch 2012-05-03 14:01:32 -07:00
Tinderbox User
99d8f5a704 update copyright notice 2012-05-02 23:45:44 +00:00
Mark Andrews
89bbdd1f69 Use '==' not '=' in conditional test when not using openssl. 2012-05-03 09:29:32 +10:00
Mark Andrews
aaaf8d4f48 3317. [func] Add ECDSA support (RFC 6605). [RT #21918] 2012-05-02 23:20:17 +10:00
Tinderbox User
ee980d3fc4 update copyright notice 2012-04-28 23:45:42 +00:00
Evan Hunt
54489ba167 Improve locking performance in dispatch.c 
3316.	[tuning]	Improved locking performance when recursing.
			[RT #28836]

   - Use one lock per memory pool instead of associating
     them all with a single 'pool_lock' in the dispatch manager.
   - Reduce the critical sections for qid->lock in get_dispsocket(),
     deref_portentry() and dns_dispatch_addresponse2().
   - Added a memory pool for socket events in dns_dispatch_t.
   - Add an isc_socketevent_t member in the resquery_t object, and use
     it with isc_socket_sendto2() instead of using isc_socket_sendto()
   - Tuned the memory pools in dispatch.c for better performance
     under load
 2012-04-28 14:52:28 -07:00
Evan Hunt
4e8fe357a6 create and use multiple fetch dispatches 
Added API to create a set of UDP dispatches which can be shared
round-robin style when making upstream queries for authoritative
data; this should reduce lock contention in the query source
dispatch.
 2012-04-27 16:11:30 -07:00
Mark Andrews
8e2c2ca0a0 TRUE -> ISC_TRUE 2012-04-26 18:19:48 +10:00
Mark Andrews
1a04af5311 3314. [bug] The masters list could be updated while refesh_callback 
and stub_callback were using it. [RT #26732]
 2012-04-26 12:58:39 +10:00
Mark Andrews
393fd55d91 3313. [protocol] Add TLSA record type. [RT #28989] 2012-04-26 12:22:49 +10:00
Mark Andrews
7e9d6c7075 3312. [bug] named-checkconf didn't detect a bad dns64 clients acl. 
[RT #27631]
 2012-04-26 11:42:39 +10:00
Mark Andrews
4c9c2a6a72 3311. [bug] Abort the zone dump if zone->db is NULL in 
zone.c:zone_gotwritehandle. [RT #29028]
 2012-04-26 11:23:43 +10:00
Tinderbox User
18cbe0a216 update copyright notice 2012-04-25 23:45:46 +00:00
Evan Hunt
bdf5cdc32c increase table size for mutex profiling 2012-04-24 16:52:12 -07:00
Evan Hunt
20d441892d fctx_finddone: call fctx_destroy within the bucket lock 2012-04-24 14:56:38 -07:00
Tinderbox User
776833c82e update copyright notice 2012-04-12 23:45:51 +00:00
Mark Andrews
4f3a3fc43c 3307. [bug] Add missing ISC_LANG_BEGINDECLS and ISC_LANG_ENDDECLS. 
[RT #28956]
 2012-04-13 08:32:37 +10:00
Mark Andrews
a280469e72 3307. [bug] Add missing ISC_LANG_ENDDECLS to <dns/tsec.h>. [RT #28956] 2012-04-12 19:11:50 +10:00
Tinderbox User
3fb95bfcb2 update copyright notice 2012-04-11 23:45:52 +00:00
Mark Andrews
75582adac7 3306. [bug] Improve DNS64 reverse zone performance. [RT #28563] 
3305.   [func]          Add wire format lookup method to sdb. [RT #28563]
 2012-04-11 12:17:57 +10:00
Mark Andrews
72bdc940a7 use hmctx, not mctx when freeing rbtdb->heaps 2012-04-11 10:26:42 +10:00
Mark Andrews
bf6651e27d 3303. [bug] named could die when reloading. [RT #28606] 2012-04-05 15:48:43 +10:00
Mark Andrews
840659f1d7 3302. [bug] dns_dnssec_findmatchingkeys could fail to find 
keys if the zone name contained character that
                        required special mappings. [RT #28600]
 2012-03-30 12:05:13 +11:00
Mark Andrews
56fdf1d401 3300. [bug] Named could die if gssapi was enabled in named.conf 
but was not compiled in. [RT #28338]
 2012-03-29 09:49:58 +11:00
Mark Andrews
85fcd0b9b2 3299. [bug] Make SDB handle errors from database drivers better. 
[RT #28534]
 2012-03-28 10:21:13 +11:00
Mark Andrews
2c642143d4 3298. [bug] Named could dereference a NULL pointer in 
zmgr_start_xfrin_ifquota if the zone was being removed.
                        [RT #28419]
 2012-03-22 12:19:46 +11:00
Mark Andrews
c51f2c9a52 3297. [bug] Named could die on a malformed master file. [RT #28467] 2012-03-15 12:07:49 +11:00
Tinderbox User
5fa46bc916 update copyright notice 2012-03-10 23:45:53 +00:00
Mark Andrews
269c07173e 3295. [bug] Adjust isc_time_secondsastimet range check to be more 
portable. [RT # 26542]
 2012-03-08 15:30:51 +11:00
Mark Andrews
962bf88eec 3294. [bug] isccc/cc.c:table_fromwire failed to free alist on 
error. [RT #28265]
 2012-03-08 14:28:26 +11:00
Evan Hunt
b48c55093b Merge branch 'master' of ssh://repo/proj/git/prod/bind9 2012-03-07 08:18:26 -08:00
Evan Hunt
207845805e set $Id$ 2012-03-07 08:18:20 -08:00
Mark Andrews
28a8f5b0de set $Id$ 2012-03-08 00:21:15 +11:00
Mark Andrews
4c1847ef47 set $Id$ 2012-03-07 22:17:19 +11:00
Mark Andrews
2669638693 set $Id$ 2012-03-07 22:13:11 +11:00
Tinderbox User
ea94d37012 regen master 2012-03-07 01:41:11 +00:00
Evan Hunt
2d7f41d66c Revert "Re-created rt27597a for ongoing DLZ work" 
This reverts commit d731ee9121.
 2012-03-05 15:42:52 -08:00
Evan Hunt
d731ee9121 Re-created rt27597a for ongoing DLZ work 2012-03-05 14:45:30 -08:00
Evan Hunt
632c0f1e91 Revert accidental merge of unfinished DLZ work 2012-03-05 14:44:21 -08:00
Mark Andrews
e214e8728a Merge branches 'rt28261' and 'rt27597' of repo.isc.org:/proj/git/prod/bind9 2012-03-06 00:16:04 +11:00
Mark Andrews
2eae3ad06e Merge remote-tracking branch 'origin/rt28040' 2012-03-05 12:49:28 +11:00
Evan Hunt
e41d5a00bc added gitignore, removed cvsignore 2012-03-03 23:10:05 -08:00
Evan Hunt
954501715d checkpoint: multiple-DLZ functionality 
- multiple DLZ's can be specified, including multiple DLZ's using
   the same driver; e.g., two different back-ends both loaded by the
   dlopen driver
 - new "search" option can be specified in a DLZ indicating whether
   this DLZ database should be searched for unknown zones.  The
   default is "yes".  If "no", then the zone can only be found by
   named if it's registered in the zone table, which happens if the
   zone is configured for dynamic updates, or if "dlz <dlzname>" is
   specified in the zone statement. (The latter functionality is
   incomplete in this commit).
 2012-03-03 22:43:38 -08:00
Automatic Updater
dc3d394636 update copyright notice 2012-02-29 23:47:21 +00:00
Evan Hunt
e5bf06eedc 3291. [port] Fixed a build error on systems without ENOTSUP. 
[RT #28200]
 2012-02-29 21:28:17 +00:00
Automatic Updater
2e00aaef3d update copyright notice 2012-02-28 23:46:59 +00:00
Mark Andrews
a7ab4ad2d4 3290. [bug] <isc/hmacsha.h> was not being installed. [RT #28169] 2012-02-28 21:32:36 +00:00
Mark Andrews
96de2db32a dns_zone_synckeyzone 2012-02-23 07:15:24 +00:00
Automatic Updater
3484552b1b update copyright notice 2012-02-23 07:09:29 +00:00
Mark Andrews
1864400107 3289. [bug] 'rndc retransfer' failed for inline zones. [RT #28036] 2012-02-23 06:53:15 +00:00
Mark Andrews
8a4689070a dns_message_logpacket 2012-02-22 05:03:39 +00:00
Evan Hunt
89069e6b3a 3286. [bug] Managed key maintenance timer could fail to start 
after 'rndc reconfig'. [RT #26786]
 2012-02-22 00:37:54 +00:00
Mark Andrews
ea79a9bd0e 2x POST(locktype); 2012-02-17 00:18:18 +00:00
Automatic Updater
5fec28507a update copyright notice 2012-02-15 21:19:59 +00:00
Mark Andrews
6d386978b3 3285. [bug] val-frdataset was incorrectly disassociated in 
proveunsecure after calling startfinddlvsep.
                        [RT #27928]
 2012-02-15 20:59:40 +00:00
Mark Andrews
5b57f580ce 3284. [bug] Address race conditions with the handling of 
rbtnode.deadlink. [RT #27738]
 2012-02-15 02:00:47 +00:00
Automatic Updater
d03bc586b9 update copyright notice 2012-02-14 23:47:15 +00:00
Mark Andrews
c478bb4c46 extend: 
3282.   [bug]           Restrict the TTL of NS RRset to no more than that
                        of the old NS RRset when replacing it.
                        [RT #27792] [RT #27884]
 2012-02-14 00:22:54 +00:00
Mark Andrews
4c34112a69 3283. [bug] Raw zones with with more than 512 records in a RRset 
failed to load. [RT #27863]
 2012-02-13 23:46:24 +00:00
Automatic Updater
09b46c3945 update copyright notice 2012-02-09 23:47:18 +00:00
Mark Andrews
fb604d1cee 3282. [bug] Restrict the TTL of NS RRset to no more than that 
of the old NS RRset when replacing it. [RT #27792]
 2012-02-09 20:54:46 +00:00
Automatic Updater
da5a7b29e9 update copyright notice 2012-02-07 23:47:24 +00:00
Mark Andrews
936036e823 3281. [bug] SOA refresh queries could be treated as cancelled 
despite succeeding over the loopback interface.
                        [RT #27782]
 2012-02-07 19:50:20 +00:00
Mark Andrews
fc3b3e1f7e 3278. [bug] Hold a internal reference to the zone while performing 
a asynchronous load.  Address potential memory leak
                        if the asynchronous is cancelled. [RT #27750]
 2012-02-07 00:47:21 +00:00
Automatic Updater
2f4561bc9c update copyright notice 2012-02-06 23:46:49 +00:00
Mark Andrews
77cb7130e7 3276. [bug] win32: isc_socket_dup is not implemented. [RT #27696] 
3276.   [bug]           win32: ns_os_openfile failed to return NULL on
                        safe_open failure. [RT #27696]
 2012-02-06 04:19:33 +00:00
Mark Andrews
fb63e9c020 missing return 2012-02-03 12:59:03 +00:00
Mark Andrews
1769b07530 fix memory overun in dns_zone_getincludes, allocated array too small (zero). 
fix possible memory overrun in dns_zone_getincludes
fix inconsistent mxtc use in ns_server_zonestatus
fix missing out of memory errors checks in zone_registerinclude
fix possible use after free issues zone_registerinclude/ns_server_zonestatus
 2012-02-01 21:28:39 +00:00
Mark Andrews
d98850b876 3275. [bug] "use out of scope" bug in unit test master_test. 
[RT# 27674]
 2012-02-01 00:20:09 +00:00
Automatic Updater
41f1164438 update copyright notice 2012-01-31 23:47:33 +00:00
Evan Hunt
2855e27723 3271. [func] New "rndc zonestatus" command prints information 
about the specified zone. [RT #21671]
 2012-01-31 03:35:41 +00:00
Evan Hunt
c54dadd853 3270. [bug] "rndc reload" didn't reuse existing zones correctly 
when inline-signing was in use. [RT #27650]
 2012-01-31 01:13:10 +00:00
Mark Andrews
a86310b25a Add comment describing LIBINTERFACE values per branch 2012-01-30 00:23:27 +00:00
Mark Andrews
63acb91046 make 'when' isc_stdtime_t in set_key_expiry_warning 2012-01-30 00:06:13 +00:00
Evan Hunt
f8ae0a35d0 fixed api typo 2012-01-29 06:05:10 +00:00
Evan Hunt
12c3204c46 prepare for 9.9.0 final 2012-01-29 05:14:07 +00:00
Automatic Updater
80c7083796 update copyright notice 2012-01-27 23:46:59 +00:00
Mark Andrews
bc298cd0f7 3268. [bug] Convert RRSIG expiry times to 64 timestamps to work 
out the earliest expiry time. [RT #23311]
 2012-01-27 01:43:53 +00:00
Mark Andrews
1bb3831e13 3267. [bug] Memory allocation failures could be mis-reported as 
unexpected error.  New ISC_R_UNSET result code.                        [RT #27336]
 2012-01-27 01:21:41 +00:00
Mark Andrews
ef9f4d0977 3266. [bug] The maximum number of NSEC3 iterations for a 
DNSKEY RRset was not being properly computed.
                        [RT #26543]
 2012-01-27 00:49:42 +00:00
Automatic Updater
ee2129ee66 update copyright notice 2012-01-25 23:46:49 +00:00
Mark Andrews
18d208a4a2 3265. [bug] Address lock order reversal with inline-signing 
support. [27557]
 2012-01-25 02:46:53 +00:00
Mark Andrews
639c1d5617 silence 'Assigned value is always the same as the existing value' warning 2012-01-22 04:56:41 +00:00
Evan Hunt
d47f51b6ac add .cvsignore 2012-01-16 23:17:32 +00:00
Automatic Updater
edb4393ef5 update copyright notice 2012-01-10 23:46:58 +00:00
Evan Hunt
9a02019889 3264. [bug] Automatic regeneration of signatures in an 
inline-signing zone could stall when the server
			was restarted. [RT #27344]

3263.	[bug]		"rndc sync" did not affect the unsigned side of an
			inline-signing zone. [RT #27337]
 2012-01-10 18:13:37 +00:00
Automatic Updater
f76bddd50b update copyright notice 2012-01-04 23:46:49 +00:00
Evan Hunt
56c9fcf075 3260. [bug] "rrset-order cyclic" could appear not to rotate 
for some query patterns.  [RT #27170/27185]
 2012-01-04 03:06:51 +00:00
Automatic Updater
a3c7d21f5c update copyright notice 2011-12-22 23:46:20 +00:00
Mark Andrews
41ca314cc2 3260. [bug] "rrset-order cyclic" could appears to not rotate 
for some query patterns.  [RT #27170]
 2011-12-22 23:43:52 +00:00
Evan Hunt
53e58ba9fa oops missed one. 2011-12-22 19:14:15 +00:00
Evan Hunt
891c6eb907 add missing symbols 2011-12-22 18:58:50 +00:00
Evan Hunt
949eefdda4 prep for 9.9.0rc1 release 2011-12-22 17:49:49 +00:00
Mark Andrews
9ddf371552 3257. [bug] Do not generate a error message when calling fsync() 
in a pipe or socket. [RT #27109]
 2011-12-22 08:49:01 +00:00
Mark Andrews
a5a30ae7c0 3253. [bug] Return DNS_R_SYNTAX when the input to a text field is 
too long. [RT #26956]
 2011-12-22 07:41:29 +00:00
Evan Hunt
f30785f506 3252. [bug] When master zones using inline-signing were 
updated while the server was offline, the source
			zone could fall out of sync with the signed
			copy. They can now resynchronize. [RT #26676]
 2011-12-22 07:32:41 +00:00
Mark Andrews
dd0d54ff01 3251. [bug] Enforce a upper bound (65535 bytes) on the amount of 
memory dns_sdlz_putrr() can allocate per record to
                        prevent run away memory consumption on ISC_R_NOSPACE.
                        [RT #26956]
 2011-12-22 07:15:05 +00:00
Automatic Updater
f63cb76be6 update copyright notice 2011-12-20 23:46:29 +00:00
Mark Andrews
e101ec1503 @srdir@ -> @srcdir@ 2011-12-20 05:04:44 +00:00
Mark Andrews
4a4066453f update slabbed data layout description 2011-12-20 00:55:01 +00:00
Mark Andrews
c31601ae9b add missing s 2011-12-20 00:26:52 +00:00
Mark Andrews
67dc2f0536 3249. [bug] Update log message when saving slave zones files for 
analysis after load failures. [RT #27087]

3248.   [bug]           Configure options --enable-fixed-rrset and
                        --enable-exportlib were incompatible with each
                        other. [RT #27087]

3247.   [bug]           'raw' format zones failed to preserve load order
                        breaking 'fixed' sort order. [RT #27087]

3246.   [bug]           Named failed to start with a empty also-notify list.
                        [RT #27087]
 2011-12-20 00:06:54 +00:00
Mark Andrews
b290d10fc4 3245. [bug] Don't report a error unchanged serials unless there 
were other changes when thawing a zone with
                        ixfr-fromdifferences. [RT #26845]
 2011-12-19 23:46:13 +00:00
Mark Andrews
97494b99f0 remove accidental commit to head 2011-12-10 22:09:41 +00:00
Automatic Updater
339d2a4d4b update copyright notice 2011-12-09 23:47:05 +00:00
Mark Andrews
e238ebd9b3 Backout accident commit to head 2011-12-09 22:09:26 +00:00
Mark Andrews
0b096436e9 flush both raw zone instance if it exists 2011-12-09 20:47:18 +00:00
Mark Andrews
5ccf5eac0f ixfr-from-differences backup file 2011-12-09 13:32:42 +00:00
Automatic Updater
b54ac42f19 update copyright notice 2011-12-08 23:46:49 +00:00
Evan Hunt
b4d8192d21 3241. [func] Extended the header of raw-format master files to 
include the serial number of the zone from which
			they were generated, if different (as in the case
			of inline-signing zones).  This is to be used in
			inline-signing zones, to track changes between the
			unsigned and signed versions of the zone, which may
			have different serial numbers.

			(Note: raw zonefiles generated by this version of
			BIND are no longer compatble with prior versions.
			To generate a backward-compatible raw zonefile
			using dnssec-signzone or named-compilezone, specify
			output format "raw=0" instead of simply "raw".)
			[RT #26587]
 2011-12-08 16:07:22 +00:00
Mark Andrews
e4aac0596c 3241. [bug] Address race conditions in the resolver code. 
[RT #26889]
 2011-12-07 23:08:42 +00:00
Mark Andrews
71e4c3ee74 3240. [bug] DNSKEY state change events could be missed. [RT #26874] 2011-12-07 22:48:22 +00:00
Mark Andrews
04281728d4 3239. [bug] dns_dnssec_findmatchingkeys needs to use a consistent 
timestamp. [RT #26883]
 2011-12-07 22:36:25 +00:00
Mark Andrews
9c832595d4 3238. [bug] keyrdata was not being reinitialize in 
lib/dns/rbtdb.c:iszonesecure. [RT#26913]
 2011-12-07 22:21:05 +00:00
Automatic Updater
c757fd2e17 update copyright notice 2011-12-06 23:46:32 +00:00
Automatic Updater
806956b43b update copyright notice 2011-12-05 23:46:35 +00:00
Mark Andrews
05556e6c82 #include <dns/db.h> 2011-12-05 20:51:41 +00:00
Evan Hunt
56d7492b2c missed a line 2011-12-05 17:27:16 +00:00
Evan Hunt
4122abdc3c Back out changes #3182 and #3202 2011-12-05 17:10:51 +00:00
Mark Andrews
2591f13dd3 3235. [func] dns_db_diffx, a extended dns_db_diff which returns 
the generated diff and optionally writes it to a
                        journal. [RT #26386]
 2011-12-05 06:10:07 +00:00
Mark Andrews
de52784e45 3235. [func] dns_db_diffx, a extended dns_db_diff which returns 
the generated diff and optionally writes it to a
                        journal. [RT #26386]
 2011-12-04 23:48:12 +00:00
Automatic Updater
a09e70c947 update copyright notice 2011-12-02 23:46:56 +00:00
Mark Andrews
2c25ca45a4 errno2result now reports caller when unable to convert errno 2011-12-02 07:15:17 +00:00
Mark Andrews
56dc4c6730 3233. [bug] 'rndc freeze/thaw' didn't work for inline zones. 
[RT #26632]
 2011-12-02 02:44:01 +00:00
Mark Andrews
db604cea5c fix all_events loop terminating condition to stop false positives 2011-12-01 22:30:37 +00:00
Scott Mann
d881a5ad06 Accept patch from RedHat (RT #26732). 2011-12-01 15:58:46 +00:00
Mark Andrews
38f6085062 silence Division by zero warning 2011-12-01 01:33:27 +00:00
Scott Mann
5927944728 Fix problem identified by CLANG: local variable not passed back to struct. 2011-12-01 00:14:11 +00:00
Automatic Updater
b9e911c71c update copyright notice 2011-11-30 23:46:25 +00:00
Evan Hunt
1a01def943 add print.h 2011-11-30 06:10:44 +00:00
Mark Andrews
ed74be8035 #include <isc/print.h> 2011-11-30 06:09:41 +00:00
Mark Andrews
5e3daa58f4 move declaration to start of block 2011-11-30 06:06:33 +00:00
Evan Hunt
0da3b4a9a7 3228. [tuning] Dynamically grow symbol table to improve zone 
loading performance. [RT #26523]
 2011-11-30 04:27:17 +00:00
Mark Andrews
cae06bceda 3227. [bug] Interim fix to make WKS's use of getprotobyname() 
and getservbyname() self thread safe. [RT #26232]
 2011-11-30 01:18:11 +00:00
Mark Andrews
23daf8948b 3225. [bug] Silence spurious "setsockopt(517, IPV6_V6ONLY) failed" 
messages. [RT #26507]
 2011-11-29 01:03:47 +00:00
Mark Andrews
03e2b1d18d 3223. [bug] 'task_test privilege_drop' generated false positives. 
[RT #26766]
 2011-11-29 00:41:28 +00:00
Mark Andrews
91ed1cc821 3222. [cleanup] Replace dns_journal_{get,set}_bitws with 
dns_journal_{get,set}_sourceserial. [RT #26634]
 2011-11-28 03:14:59 +00:00
Evan Hunt
69feafa0af 3221. [bug] Fixed a potential coredump on shutdown due to 
referencing fetch context after it's been freed.
			[RT #26720]
 2011-11-23 22:53:53 +00:00
Evan Hunt
08b512b6a0 3220. [bug] Change #3186 was incomplete; dns_db_rpz_findips() 
could fail to set the database version correctly,
                        causing an assertion failure. [RT #26180]
 2011-11-18 18:40:31 +00:00
Mark Andrews
2256c13194 --- 9.9.0b2 released --- 
3219.   [bug]           Disable NOEDNS caching following a timeout.
 2011-11-16 22:18:53 +00:00
Evan Hunt
7c6a1a11fa 3218. [security] Cache lookup could return RRSIG data associated with 
nonexistent records, leading to an assertion
			failure. [RT #26590]
 2011-11-16 09:44:32 +00:00
Evan Hunt
3ab9d6435a 3216. [bug] resolver.c:validated() was not thread-safe. [RT #26478] 2011-11-15 21:44:53 +00:00
Evan Hunt
c79bcf09bf Add clientinfo.h to HEADERS. [RT #26558] 
No CHANGES note.
 2011-11-14 18:32:34 +00:00
Mark Andrews
2a05d28eb1 3211. [bug] rbtdb.c: failed to remove a node from the deadnodes list 
prior to adding a reference to it leading a possible
                        assertion failure. [RT #23219]
 2011-11-08 20:49:11 +00:00
Evan Hunt
d9eebc0849 3211. [func] dnssec-signzone: "-f -" prints to stdout; "-O full" 
option prints in single-line-per-record format.
			[RT #20287]
 2011-11-07 23:16:31 +00:00
Mark Andrews
ac43690858 3209. [func] Add "dnssec-lookaside 'off'". [RT #24858] 2011-11-07 00:14:11 +00:00
Automatic Updater
af42579df6 update copyright notice 2011-11-04 23:46:15 +00:00
Evan Hunt
90a354ab36 3204. [bug] When a master server that has been marked as 
unreachable but sends a NOTIFY, mark it reachable
			again. [RT #25960]
 2011-11-04 05:51:02 +00:00
Evan Hunt
25845da41a 3203. [bug] Increase log level to 'info' for validation failures 
from expired or not-yet-valid RRSIGs. [RT #21796]
 2011-11-04 05:36:28 +00:00
Mark Andrews
a5166d5fce 3202. [bug] NOEDNS caching on timeout was too agressive. 
[RT #26416]
 2011-11-04 03:38:44 +00:00
Evan Hunt
1c1879b7ef 3197. [bug] Don't try to log the filename and line number when 
the config parser can't open a file. [RT #22263]
 2011-11-03 05:15:09 +00:00
Evan Hunt
77b8f02d19 3195. [cleanup] Silence "file not found" warnings when loading 
managed-keys zone. [RT #26340]
 2011-11-03 03:26:19 +00:00
Evan Hunt
8281fd83da 3193. [cleanup] Changed MAXZONEKEYS to DNS_MAXZONEKEYS, moved to 
dnssec.h. [RT #26415]
 2011-11-03 02:54:47 +00:00
Automatic Updater
1ab9944f6b update copyright notice 2011-11-02 23:46:24 +00:00
Mark Andrews
146057d7e7 3192. [bug] A query structure could be used after being freed. 
[RT #22208]
 2011-11-02 23:42:33 +00:00
Evan Hunt
7a30c8f783 edited a comment for clarity. 2011-11-02 19:41:02 +00:00
Mark Andrews
fe3472c80b 3191. [bug] Print NULL records using unknown format. [RT #26392] 2011-11-02 01:01:52 +00:00
Automatic Updater
89d1324270 update copyright notice 2011-11-01 23:47:00 +00:00
Mark Andrews
3975f627fe 3190. [bug] Underflow in error handling in isc_mutexblock_init. 
[RT #26397]
 2011-11-01 21:59:56 +00:00
Evan Hunt
5caf26b168 3188. [bug] zone.c:zone_refreshkeys() could fail to detach 
references correctly when errors occurred, causing
			a hang on shutdown. [RT #26372]
 2011-11-01 04:00:45 +00:00
Automatic Updater
53eae9bf3e update copyright notice 2011-10-31 23:46:56 +00:00
Mark Andrews
36e97eb661 3187. [port] win32: support for Visual Studio 2008. [RT #26356] 2011-10-30 23:39:39 +00:00
Evan Hunt
c5023889ac remove debugging printf that was left in by mistake 2011-10-29 00:15:56 +00:00
Mark Andrews
74d7615fc5 9.9.0b1 2011-10-28 13:25:44 +00:00
Mark Andrews
fbf6fa0e62 initialise result 2011-10-28 12:27:06 +00:00
Automatic Updater
98a7e53914 update copyright notice 2011-10-28 12:20:31 +00:00
Mark Andrews
7b4b6f361b 3186. [bug] Version/db mis-match in rpz code. [RT #26180] 2011-10-28 11:46:50 +00:00
Evan Hunt
9c03f13e18 3185. [func] New 'rndc signing' option for auto-dnssec zones: 
- 'rndc signing -list' displays the current
			   state of signing operations
			 - 'rndc signing -clear' clears the signing state
		  	   records for keys that have fully signed the zone
			 - 'rndc signing -nsec3param' sets the NSEC3
			   parameters for the zone
			The 'rndc keydone' syntax is removed. [RT #23729]
 2011-10-28 06:20:07 +00:00
Mark Andrews
f7dfd53301 style, remove redudant assignment 2011-10-28 04:57:34 +00:00
Mark Andrews
cd22c3e4e4 3184. [bug] named had cpu usage when a redirect zone was 
configured. [RT #26013]
 2011-10-28 00:36:54 +00:00
Automatic Updater
96f5a19c12 update copyright notice 2011-10-27 23:46:31 +00:00
Mark Andrews
2969f16b07 move declarations to start of block 2011-10-27 22:23:58 +00:00
Scott Mann
b91b288f92 fix edns0 retry issues (rt #23393/24964). 2011-10-27 20:18:42 +00:00
Automatic Updater
8826a72394 update copyright notice 2011-10-26 23:46:15 +00:00
Mark Andrews
24ef32426d 3181. [func] Inline-signing is now supported for master zones. 
[RT #26224]
 2011-10-26 20:56:45 +00:00
Automatic Updater
329eb05c12 update copyright notice 2011-10-25 23:46:58 +00:00
Mark Andrews
0f21945e27 remove unused variable 2011-10-25 04:38:14 +00:00
Mark Andrews
b1c6de5456 3177. [func] 'rndc keydone', remove the indicator record that 
named has finished signing the zone with the
                        corresponding key.  [RT #26206]
 2011-10-25 01:54:22 +00:00
Automatic Updater
64691d525b update copyright notice 2011-10-24 23:46:14 +00:00
Michael Graff
522222cf93 Correctly invalidate the sha2/hmac2 contexts. This was already done in practice, but this makes it zero out the whole structure rather than just the first 4 bytes + the key. sha2.c did not always zero out the full sha2 state in invalidate, but will now. 2011-10-24 22:51:29 +00:00
Automatic Updater
dfc015bc7e update copyright notice 2011-10-20 23:46:51 +00:00
Mark Andrews
ada40193c8 3175. [bug] Fix how DNSSEC positive wildcard responses from a 
NSEC3 signed zone are validated.  Stop sending a
                        unnecessary NSEC3 record when generating such
                        responses. [RT #26200]
 2011-10-20 21:42:11 +00:00
Mark Andrews
1946c596b4 3174. [bug] Always compute to revoked key tag from scratch. 
[RT #24711]
 2011-10-20 21:20:02 +00:00
Mark Andrews
37e6ff3f49 initalize set_lock 2011-10-18 02:00:56 +00:00
Mark Andrews
020c4484fe 3173. [port] Correctly validate root DS responses. [RT #25726] 2011-10-15 05:00:15 +00:00
Mark Andrews
3feb38c1f1 9.9.0a3 2011-10-14 01:12:28 +00:00
Automatic Updater
304a539c59 update copyright notice 2011-10-13 22:48:24 +00:00
Mark Andrews
63b6eac79c handle unchecked assignment 2011-10-13 13:13:52 +00:00
Mark Andrews
e236b52ce0 #include <stdlib.h> 2011-10-13 07:56:32 +00:00
Vernon Schryver
9fee08f655 Commit rt25172 changes to HEAD including 
- fix precedence among competing rules
  - improve ARM text including documenting rule precedence
  - try to rewrite CNAME chains until first hit
  - new "rpz" logging channel
  - same fix for "NS ." as in RT 24985
 2011-10-13 01:32:34 +00:00
Automatic Updater
ea68e8eba9 update copyright notice 2011-10-12 23:46:34 +00:00
Mark Andrews
af850c4120 3168. [bug] Nxdomain redirection could trigger a assert with 
a ANY query. [RT #26017]
 2011-10-12 23:09:35 +00:00
Mark Andrews
5258355c8d silence ccc-analyzer (clang) warnings 2011-10-12 02:17:53 +00:00
Mark Andrews
dc2e627239 3167. [bug] Negative answers from forwarders were not being 
correctly tagged making them appear to not be cached.
                        [RT #25380]
 2011-10-12 00:18:11 +00:00
Mark Andrews
02286522fb 3166. [bug] Upgrading a zone to support inline-signing failed. [RT #26014] 2011-10-12 00:10:20 +00:00
Automatic Updater
0e11ca0f0b update copyright notice 2011-10-11 23:46:45 +00:00
Mark Andrews
bdcd748874 add null methods 2011-10-11 13:33:45 +00:00
Mark Andrews
4f803dd91d add #include "config.h" 2011-10-11 00:25:12 +00:00
Evan Hunt
793814f807 3164. [func] Enable DLZ modules to retrieve client information, 
so that responses can be changed depending on the
			source address of the query. [RT #25768]
 2011-10-11 00:09:03 +00:00
Evan Hunt
b2086d798b 3163. [bug] Use finer-grained locking in client.c to address 
concurrency problems with large numbers of threads.
			[RT #26044]
 2011-10-10 22:57:14 +00:00
Mark Andrews
079e4a3d87 isc_app_start needs to be called earlier to ensure that signal handlers are setup before any threads are created 2011-10-10 02:46:16 +00:00
Mark Andrews
2cc56f582c 3161. [bug] zone.c:del_sigs failed to always reset rdata leading 
assertion failures. [RT #25880]
 2011-10-07 02:55:04 +00:00
Mark Andrews
fce049a50f CHANGES 2011-10-05 03:47:59 +00:00
Mark Andrews
56e465314e 9.9.0a2 2011-09-13 22:07:58 +00:00
Evan Hunt
84f0bd3bc7 3154. [bug] Attempting to print an empty rdataset could trigger 
an assert. [RT #25452]
 2011-09-07 19:11:14 +00:00
Mark Andrews
2dbe31b3fd data and function pointers are not interchangable 2011-09-07 00:50:06 +00:00
Scott Mann
fad5116b3d Remove the ixfr-from-differences side-effect which causes an AXFR and extend 
request-ixfr to the zone level.
 2011-09-06 22:29:33 +00:00
Evan Hunt
76a7d4e152 3152. [cleanup] Some versions of gcc and clang failed due to 
incorrect use of __builtin_expect. [RT #25183]
 2011-09-05 18:00:22 +00:00
Evan Hunt
32016d7a9e made doneloading() static, removed unnecessary startloading() prototype 2011-09-05 06:27:05 +00:00
Evan Hunt
cee9d6dc42 fixed a compiler warning due to prototype mismatch between doneloading() 
and dns_zt_zoneloaded_t
 2011-09-05 03:45:22 +00:00
Evan Hunt
a4668bac4e silence compiler warning 2011-09-03 19:53:15 +00:00
Evan Hunt
6e4fa2e24d include time.h to silence a compiler warning 2011-09-03 19:22:43 +00:00
Evan Hunt
fd6a83869a silence compiler warning 2011-09-03 16:27:51 +00:00
Evan Hunt
fa8427aa63 silence compiler warnings 2011-09-03 16:15:08 +00:00
Mark Andrews
15c8cf556d make push_readyq prototype and declaration consistant 2011-09-03 13:54:06 +00:00
Evan Hunt
98c79a7059 silence compiler warning 2011-09-03 06:13:30 +00:00
Evan Hunt
ac7109d68e oops, build was failing with threads disabled 2011-09-03 00:24:27 +00:00
Automatic Updater
ca894e53b5 update copyright notice 2011-09-02 23:46:33 +00:00
Evan Hunt
8a2ab2b920 3150. [func] Improved startup and reconfiguration time by 
enabling zones to load in multiple threads. [RT #25333]
 2011-09-02 21:15:39 +00:00
Mark Andrews
2c35c68236 3148. [bug] Processing of normal queries could be stalled when 
forwarding a UPDATE message. [RT #24711]
 2011-08-31 06:49:10 +00:00
Automatic Updater
4e68c7c87c update copyright notice 2011-08-30 23:46:53 +00:00
Mark Andrews
81bbd645c7 dns_view_issecuredomain: check that view->secroots_priv is non NULL before calling dns_keytable_issecuredomaiani otherwise return ISC_R_NOTFOUND 2011-08-30 21:14:50 +00:00
Mark Andrews
be239f6147 silence clang warnings 2011-08-30 14:01:53 +00:00
Mark Andrews
0075be5f32 remove unused variables 2011-08-30 13:45:16 +00:00
Mark Andrews
49f385a7ad include dns/diff.h 2011-08-30 13:02:39 +00:00
Mark Andrews
9198ab377b 3147. [func] Initial inline signing support. [RT #23657] 2011-08-30 05:16:15 +00:00
Mark Andrews
2ec0852e91 POST(port); POST(addr); 2011-08-30 00:18:43 +00:00
Automatic Updater
d0dce4d839 update copyright notice 2011-08-29 23:46:44 +00:00
Mark Andrews
d64e3b29bd check that the result of dns_dbiterator_current is ISC_R_SUCCESS or DNS_R_NEWORIGIN 2011-08-29 23:44:07 +00:00
Mark Andrews
6ba6ff39c0 check the results of dns_name_toprincipal calls, only use gnamebuf.value when valid 2011-08-29 06:33:25 +00:00
Mark Andrews
04ec1e31bf *++tp = 0; -> tp++; *tp = 0; 2011-08-29 05:58:31 +00:00
Mark Andrews
07a4f0eace POST(p); POST(len); 2011-08-29 04:15:50 +00:00
Mark Andrews
106561b398 INSIST(response); 2011-08-29 04:02:54 +00:00
Mark Andrews
069182809a remove unnecessary assignment to found_ttl 2011-08-26 05:29:48 +00:00
Mark Andrews
e1cf6fd20a DNS_R_NEWORIGIN could be accidently returned, clearnode's result was being ignored 2011-08-26 05:12:56 +00:00
Mark Andrews
e1d7ec063f mctx is nolonger required 2011-08-26 04:49:14 +00:00
Mark Andrews
4c11a79320 silence 'is never read' warnings 2011-08-26 04:42:24 +00:00
Mark Andrews
84e7c0efbf remove isc_os_minprivs call accidently committed 2011-08-25 11:37:13 +00:00
Mark Andrews
32f5f15b58 cltfd is only needed when select is being used 2011-08-25 08:17:54 +00:00
Mark Andrews
f4a4f6945e silence 'Dereference of undefined pointer value' by assigning to 'sorted' sequentially from zero 2011-08-25 06:28:11 +00:00
Mark Andrews
f67bcc9dc6 save the result of is_response(msg) so it can be treated as a invariant by clang 2011-08-25 06:20:07 +00:00
Mark Andrews
8f1c29d73f silence null pointer dereference warning by adding INSIST(sibling != NULL); 2011-08-25 05:56:50 +00:00
Mark Andrews
b62c2acf81 add method for isc_socket_getfd 2011-08-24 23:17:52 +00:00
Automatic Updater
5e965459a6 update copyright notice 2011-08-23 23:54:00 +00:00
Evan Hunt
6c18c134c8 add isc_socket_getfd() on win32 side 2011-08-23 18:24:33 +00:00
Evan Hunt
6986290f4e address win32 compile/link problems 2011-08-23 17:02:53 +00:00
Mark Andrews
e7008e7007 #include <stdlib.h> 2011-08-23 03:43:03 +00:00
Evan Hunt
e4c4cf5177 Prepare for release of 9.9.0a1 2011-08-23 02:06:46 +00:00
Evan Hunt
99cbc3d3a4 3145. [test] Capture output of ATF unit tests in "./atf.out" if 
there were any errors while running them. [RT #25527]
 2011-08-23 01:29:39 +00:00
Evan Hunt
5a75f61dd4 3144. [bug] dns_dbiterator_seek() could trigger an assert when 
used with a nonexistent database node. [RT #25358]
 2011-08-23 00:59:23 +00:00
Automatic Updater
d5c0739351 update copyright notice 2011-08-18 23:46:35 +00:00
Mark Andrews
0226bd69cd cast to unsigned 2011-08-18 17:41:54 +00:00
Mark Andrews
ecf809f959 3143. [bug] Silence clang compiler warnings. [RT #25174] 2011-08-18 06:00:07 +00:00
Mark Andrews
3a63259484 3143. [bug] Silence clang compiler warnings. [RT #25174] 2011-08-18 04:52:35 +00:00
Automatic Updater
4b21b35cff update copyright notice 2011-08-16 23:46:36 +00:00
Mark Andrews
0f97264419 3142. [bug] NAPTR is class agnostic. [RT #25429] 2011-08-16 00:02:38 +00:00
Automatic Updater
826f2233c9 update copyright notice 2011-08-09 23:46:39 +00:00
Francis Dupont
f558c8988e spelling 2011-08-09 10:29:23 +00:00
Mark Andrews
772dfb90be 3141. [bug] Silence spurious "zone serial (0) unchanged" messages 
associated with empty zones. [RT #25079]
 2011-08-09 02:24:28 +00:00
Automatic Updater
adbc177194 update copyright notice 2011-08-02 23:47:52 +00:00
Evan Hunt
0127993480 3140. [func] New command "rndc flushtree <name>" clears the 
specified name from the server cache along with
			all names under it. [RT #19970]
 2011-08-02 20:36:13 +00:00
Automatic Updater
f71ddcf65f update copyright notice 2011-07-29 23:47:52 +00:00
Automatic Updater
2f17ad4545 update copyright notice 2011-07-28 23:47:59 +00:00
Curtis Blackburn
b068144e89 Actually adding the hash_test.c file... oops 2011-07-28 23:40:09 +00:00
Curtis Blackburn
8787b357e6 3139.[test]added tests from RFC6234, RFC2202, and RFC1321 for the 2011-07-28 21:05:09 +00:00
Mark Andrews
ea30861fe5 turn isc_socket_dup into a method 2011-07-28 11:42:41 +00:00
Mark Andrews
31f46f1869 3138. [bug] Address memory leaks and out-of-order operations when 
shutting named down. [RT #25210]
 2011-07-28 04:27:27 +00:00
Evan Hunt
f07b2fccaf 3137. [func] Improve hardware scalability by allowing multiple 
worker threads to process incoming UDP packets.
			This can significantly increase query throughput
			on some systems.  [RT #22992]
 2011-07-28 04:04:37 +00:00
Automatic Updater
c33e22f65a update copyright notice 2011-07-21 23:47:53 +00:00
Mark Andrews
7a4d2ccb62 s/fallbackas/fallback as/ 2011-07-21 06:26:09 +00:00
Mark Andrews
6fab2f80c9 3135. [port] FreeBSD: workaround broken IPV6_USE_MIN_MTU processing. 
See http://www.freebsd.org/cgi/query-pr.cgi?pr=158307
                        [RT #24950]
 2011-07-21 01:40:50 +00:00
Curtis Blackburn
7439c4f402 removed #include <stdlib.h> from lib/dns/zone.c 2011-07-20 16:28:28 +00:00
Curtis Blackburn
6fc85cd749 added #include <stdlib.h> to lib/dns/zone.c 2011-07-20 14:28:24 +00:00
Automatic Updater
de6d0a4a36 update copyright notice 2011-07-08 23:47:54 +00:00
Evan Hunt
b47c020d5c 3133. [bug] Change #3114 was incomplete. [RT #24577] 2011-07-08 01:43:26 +00:00
Automatic Updater
2a36d8ca40 update copyright notice 2011-07-07 23:47:50 +00:00
Evan Hunt
67be612120 *** empty log message *** 2011-07-06 18:13:22 +00:00
Evan Hunt
29f6e3e4f9 update cvsignore 2011-07-06 18:12:25 +00:00
Evan Hunt
2a749b3535 oops, missed updating the signature of dns_test_begin() when I merged 
update_test.c
 2011-07-06 18:11:35 +00:00
Evan Hunt
c46ce2d79b 3131. [func] Improve scalability by allocating one zone task 
per 100 zones at startup time, rather than using a
			fixed-size task table. [RT #24406]
 2011-07-06 05:05:52 +00:00
Evan Hunt
42cf2ff7ba 3131. [func] Improve scalability by allocating one zone task 
per 100 zones at startup time, rather than using a
			fixed-size task table. [RT #24406]
 2011-07-06 01:36:32 +00:00
Automatic Updater
122230159d update copyright notice 2011-07-01 23:47:44 +00:00
Evan Hunt
d3b9eefd1c 3130. [func] Support alternate methods for managing a dynamic 
zone's serial number. Two methods are currently
			defined using serial-update-method, "increment"
			(default) and "unixtime". [RT #23849]
 2011-07-01 07:15:19 +00:00
Mark Andrews
a69070d8fa 3130. [func] Support alternate methods for managing a dynamic 
zone's serial number.  Two methods are currently
                        defined using serial-update-method, "increment"
                        (default) and "unixtime".  [RT #23849]
 2011-07-01 02:25:48 +00:00
Automatic Updater
313b4dc3b2 update copyright notice 2011-06-17 23:47:49 +00:00
Mark Andrews
b4eaa17e82 update for api changes 2011-06-17 07:28:33 +00:00
Evan Hunt
e7220c9b84 3129. [bug] Named could crash on 'rndc reconfig' when 
allow-new-zones was set to yes and named ACLs
			were used, [RT #22739]
 2011-06-17 07:05:02 +00:00
Automatic Updater
0f467ed4d4 update copyright notice 2011-06-10 23:47:32 +00:00
Evan Hunt
79ce3a9e82 3128. [func] Inserting an NSEC3PARAM via dynamic update in an 
auto-dnssec zone that has not been signed yet
			will cause it to be signed with the specified NSEC3
			parameters when keys are activated.  The
			NSEC3PARAM record will not appear in the zone until
			it is signed, but the parameters will be stored.
			[RT #23684]
 2011-06-10 01:51:09 +00:00
Evan Hunt
5e3affc6a0 3127. [bug] 'rndc thaw' will now remove a zone's journal file 
if the zone serial number has been changed and
			ixfr-from-differences is not in use.  [RT #24687]
 2011-06-10 01:32:38 +00:00
Evan Hunt
6de9744cf9 3124. [bug] Use an rdataset attribute flag to indicate 
negative-cache records rather than using rrtype 0;
			this will prevent problems when that rrtype is
			used in actual DNS packets. [RT #24777]

3123.	[security]	Change #2912 exposed a latent flaw in
			dns_rdataset_totext() that could cause named to
			crash with an assertion failure. [RT #24777]
 2011-06-08 22:13:51 +00:00
Automatic Updater
6406d6507a update copyright notice 2011-05-26 23:47:28 +00:00
Evan Hunt
fbe2cff19f 3121. [security] An authoritative name server sending a negative 
response containing a very large RRset could
                        trigger an off-by-one error in the ncache code
                        and crash named. [RT #24650]
 2011-05-26 23:11:15 +00:00
Mark Andrews
4100ae5109 move dns_trust_totext from masterdump.c to rdataset.c so that exportlib will build 2011-05-26 07:56:39 +00:00
Mark Andrews
ea82782532 3120. [bug] Named could fail to validate zones list in a DLV 
that validated insecure without using DLV and had
                        DS records in the parent zone. [RT #24631]
 2011-05-26 04:35:02 +00:00
Evan Hunt
0245f7725c 3118. [bug] When rolling to a new DNSSEC key, a private-type 
record could be created and never marked complete.
			[RT #23253]
 2011-05-26 04:25:47 +00:00
Evan Hunt
bfe32d08c5 3116. [func] New 'dnssec-update-mode' option controls updates 
of DNSSEC records in signed dynamic zones.  Set to
			'no-resign' to disable automatic RRSIG regeneration
			while retaining the ability to sign new or changed
			data. [RT #24533]
 2011-05-23 20:10:03 +00:00
Automatic Updater
b1b37b61da update copyright notice 2011-05-19 23:47:17 +00:00
Evan Hunt
ff330a6273 another post-commit fix for change 3114: call dns_db_resigned()/ 
dns_db_setsigningtime() only when incrementally resigning, not other
times.
 2011-05-19 21:29:07 +00:00
Evan Hunt
276f9fac3e another post-commit bugfix for change 3114: need to take rndc freeze into 
account in determining whether zone is dynamic
 2011-05-19 04:44:58 +00:00
Evan Hunt
d9343d917a minor code simplification 2011-05-19 04:33:17 +00:00
Evan Hunt
2a4f494565 Change 3114 wasn't complete--needed to remove another call to 
dns_db_resigned().
 2011-05-19 04:28:33 +00:00
Scott Mann
a50ce0f80b Fix for RT #23136 task 1. 2011-05-19 00:31:57 +00:00
Evan Hunt
ab77e813ea add dns_dnssec_signs 2011-05-17 01:48:24 +00:00
Automatic Updater
687d47f6c9 update copyright notice 2011-05-16 23:47:41 +00:00
Evan Hunt
5c8ec4d5ea "make install" was failing when building with both exportlibs and libtool. 
(trivial makefile fix, no CHANGES note.) [RT #24425]
 2011-05-16 22:58:05 +00:00
Evan Hunt
de7df3e56f 3111. [bug] Improved consistency checks for dnssec-enable and 
dnssec-validation, added test cases to the
                        checkconf system test. [RT #24398]
 2011-05-07 05:55:17 +00:00
Automatic Updater
40717638fa update copyright notice 2011-05-06 23:47:29 +00:00
Evan Hunt
ac21f918f2 3109. [func] The also-notify option now uses the same syntax 
as a zone's masters clause.  This means it is
			now possible to specify a TSIG key to use when
			sending notifies to a given server, or to include
			an explicit named masters list in an also-notfiy
			statement.  [RT #23508]
 2011-05-06 21:23:51 +00:00
Evan Hunt
485522d7e1 3108. [cleanup] dnssec-signzone: Clarified some error and 
warning messages; removed #ifdef ALLOW_KSKLESS_ZONES
			code (use -P instead). [RT #20852]

3107.	[bug]		dnssec-signzone: Report the correct number of ZSKs
			when using -x. [RT #20852]
 2011-05-06 21:08:33 +00:00
Evan Hunt
989fb50178 fixed an error in prior commit 2011-05-05 18:04:01 +00:00
Evan Hunt
d454a60f56 3103. [bug] Configuring 'dnssec-validation auto' in a view 
instead of in the options statement could trigger
			an assertion failure in named-checkconf. [RT #24382]
 2011-05-05 16:13:35 +00:00
Automatic Updater
54968ae88e update copyright notice 2011-04-29 23:47:18 +00:00
Evan Hunt
39f2d1a96a 3102. [func] New 'dnssec-loadkeys-interval' option configures 
how often, in minutes, to check the key repository
			for updates when using automatic key maintenance.
			Default is every 60 minutes (formerly hard-coded
			to 12 hours). [RT #23744]

3101.	[bug]		Zones using automatic key maintenance could fail
			to check the key repository for updates. [RT #23744]
 2011-04-29 21:37:15 +00:00
Mark Andrews
1b9a5fa77f isc_file_isplainfile 2011-04-08 05:36:15 +00:00
Mark Andrews
53c1e5f991 dns_cache_create3 2011-04-08 04:45:03 +00:00
Mark Andrews
2b3bcbce23 3096. [bug] Set KRB5_KTNAME before calling log_cred() in 
dst_gssapi_acceptctx(). [RT #24004]
 2011-04-07 23:03:22 +00:00
Mark Andrews
9cf04a12ec 3095. [bug] Handle isolated reserved ports in the port range. 
[RT #23957]
 2011-04-06 10:27:16 +00:00
Mark Andrews
6b89a2c905 format portability: cast socklen_t -> long and use %ld 2011-04-05 06:33:50 +00:00
Mark Andrews
60821a4c33 1 -> 1U 2011-04-04 11:09:11 +00:00
Mark Andrews
64abedd85a unsigned constants 2011-03-28 05:32:16 +00:00
Mark Andrews
fade3b5f91 unsigned constants 2011-03-28 05:20:08 +00:00
Mark Andrews
d97637ce11 unsigned constants 2011-03-28 03:41:55 +00:00
Evan Hunt
319b8a1488 3092. [bug] Signatures for records at the zone apex could go 
stale due to an incorrect timer setting. [RT #23769]

3091.	[bug]		Fixed a bug in which zone keys that were published
			and then subsequently activated could fail to trigger
			automatic signing. [RT #22991]
 2011-03-25 23:53:02 +00:00
Automatic Updater
6333ba02a5 update copyright notice 2011-03-21 23:47:21 +00:00
Evan Hunt
0994d3a21b 3087. [bug] DDNS updates using SIG(0) with update-policy match 
type "external" could cause a crash. [RT #23735]
 2011-03-21 19:54:03 +00:00
Evan Hunt
1063914c30 Fixed some problems from change #3084 that turned up after committing it; 
"freeze" and "thaw" weren't working quite right when used without a
specific zone name.
 2011-03-21 18:38:40 +00:00
Evan Hunt
7cb226ec34 3084. [func] A new command "rndc sync" dumps pending changes in 
a dynamic zone to disk; "rndc sync -clean" also
			removes the journal file after syncing.  Also,
			"rndc freeze" no longer removes journal files.
			[RT #22473]
 2011-03-21 07:22:14 +00:00
Mark Andrews
5095e72ac3 3083. [bug] NOTIFY messages were not being sent when generating 
a NSEC3 chain incrementally. [RT #23702]
 2011-03-21 01:02:39 +00:00
Mark Andrews
b76715a02f Use UINT_MAX to initialise split_width (unsigned int) instead of -1. 2011-03-20 02:31:54 +00:00
Automatic Updater
7885190562 update copyright notice 2011-03-18 23:47:36 +00:00
Francis Dupont
d99d0c19b2 introduce STDTIME_ON_32BITS 2011-03-18 09:00:45 +00:00
Automatic Updater
207cee019e update copyright notice 2011-03-17 23:47:30 +00:00
Francis Dupont
50f64cf0e5 silent compiler warnings for DLZ exernal driver support and example 2011-03-17 09:25:54 +00:00
Mark Andrews
ed53ec0b06 3077. [bug] zone.c:zone_refreshkeys() incorrectly called 
dns_zone_attach(), use zone->irefs instead. [RT #23303]
 2011-03-17 05:21:50 +00:00
Evan Hunt
61bcc23203 3076. [func] New '-L' option in dnssec-keygen, dnsset-settime, and 
dnssec-keyfromlabel sets the default TTL of the
			key.  When possible, automatic signing will use that
			TTL when the key is published.  [RT #23304]
 2011-03-17 01:40:40 +00:00
Mark Andrews
0e095727ff 3075. [bug] dns_dnssec_findzonekeys{2} used a inconsistant 
timestamp when determining which keys are active.
                        [RT #23642]
 2011-03-17 01:17:21 +00:00
Francis Dupont
0a25550b46 remove extra space 2011-03-14 13:40:52 +00:00
Francis Dupont
52c3f66536 isc_mutex_destroy() returns a value 2011-03-14 13:39:17 +00:00
Mark Andrews
26b49e8459 3074. [bug] Make the adb cache read through for zone data and 
glue learn for zone named is authoritative for.
                        [RT #22842]
 2011-03-13 02:49:28 +00:00
Automatic Updater
c1aef54e14 update copyright notice 2011-03-12 04:59:49 +00:00
Evan Hunt
f563fcf124 Forgot to initialize a fixedname, which made it a brokenname. 2011-03-11 17:19:05 +00:00
Mark Andrews
2415f36f79 3073. [bug] managed-keys changes were not properly being recorded. 
[RT #20256]
 2011-03-11 13:20:43 +00:00
Mark Andrews
cf4ceeee5f 3072. [bug] dns_dns64_aaaaok() potential NULL pointer dereference. 
[RT #20256]
 2011-03-11 13:02:33 +00:00
Mark Andrews
0874abad14 3069. [cleanup] Silence warnings messages from clang static analysis. 
[RT #20256]
 2011-03-11 06:11:27 +00:00
Mark Andrews
8473cd921e pkey is only used if USE_ENGINE is defined or USE_EVP is 1 2011-03-11 02:59:37 +00:00
Evan Hunt
a7acfb05df Reversing prior change, turns out not to be legal on all compilers. 2011-03-11 01:28:10 +00:00
Evan Hunt
f2f2d20990 Silence a compiler warning by using #if comparison instead of if. No 
CHANGES note because it's trivial. [RT #23587]
 2011-03-11 01:20:39 +00:00
Mark Andrews
19f4b069dc 3068. [bug] Named failed to build with a OpenSSL without engine 
support. [RT #23473]
 2011-03-11 01:11:54 +00:00
Evan Hunt
422009fe5b 3066. [func] The DLZ "dlopen" driver is now built by default, 
no longer requiring a configure option.  To
			disable it, use "configure --without-dlopen".
                        Driver also supported on win32.  [RT #23467]
 2011-03-10 04:36:16 +00:00
Automatic Updater
50d79c1309 update copyright notice 2011-03-09 23:47:17 +00:00
Mark Andrews
215ef83bbe 3065. [bug] RRSIG could have time stamps too far in the future. 
[RT #23356]
 2011-03-09 07:22:32 +00:00
Mark Andrews
345d37dbb6 add 'sync' to ISC_PLATFORM_USEMACASM build as well 2011-03-08 00:52:42 +00:00
Automatic Updater
5eee264bfa update copyright notice 2011-03-07 23:47:37 +00:00
Mark Andrews
4b583f0193 only reset first in multi-line mode 2011-03-07 13:42:11 +00:00
Mark Andrews
fea04b0ffe 3064. [bug] powerpc: add sync instructions to the end of atomic 
operations. [RT #23469]
 2011-03-07 00:17:08 +00:00
Automatic Updater
0e27506ce3 update copyright notice 2011-03-05 23:52:31 +00:00
Evan Hunt
9a859983d7 3062. [func] Made several changes to enhance human readability 
of DNSSEC data in dig output and in generated
			zone files:
			 - DNSKEY record comments are more verbose, no
			   longer used in multiline mode only
			 - multiline RRSIG records reformatted
			 - multiline output mode for NSEC3PARAM records
			 - "dig +norrcomments" suppresses DNSKEY comments
			 - "dig +split=X" breaks hex/base64 records into
			   fields of width X; "dig +nosplit" disables this.
			[RT #22820]
 2011-03-05 19:39:07 +00:00
Automatic Updater
26a7306397 update copyright notice 2011-03-04 23:47:47 +00:00
Francis Dupont
13d1b15b18 export dns_ncache_current and dns_resolver_settimeout 2011-03-04 21:36:51 +00:00
Scott Mann
32babe43eb Ensure that log files are plain files. (RT #22771) 2011-03-04 14:07:03 +00:00
Automatic Updater
7d9d170dbb update copyright notice 2011-03-03 23:47:32 +00:00
Francis Dupont
9fe8cca065 add URI support 2011-03-03 14:10:27 +00:00
Evan Hunt
70c7f4fb4f 3053. [bug] Under a sustained high query load with a finite 
max-cache-size, it was possible for cache memory
			to be exhausted and not recovered. [RT #23371]
 2011-03-03 04:42:25 +00:00
Mark Andrews
c1ced49662 3051. [bug] NS records obsure DS records at the bottom of the 
zone if both are present. [RT #23035]
 2011-03-02 04:20:34 +00:00
Automatic Updater
c8175ece69 update copyright notice 2011-03-01 23:48:07 +00:00
Mark Andrews
4c05f9a6a3 3048. [bug] Fully seperate view key mangement. [RT #23419] 2011-03-01 22:44:04 +00:00
Scott Mann
d31740ce28 Fixed DNSKEY NODATA responses not cached (RT #22908). 2011-03-01 14:40:39 +00:00
Francis Dupont
664917beda Use RRSIG original TTL in validated RRset TTL [RT #23332] 2011-02-28 14:21:35 +00:00
Mark Andrews
d3e3d7846d 3044. [bug] Hold the socket manager lock while freeing the socket. 
[RT #23333]
 2011-02-28 12:48:30 +00:00
Evan Hunt
ef421f66f4 3043. [test] Merged in the NetBSD ATF test framework (currently 
version 0.12) for development of future unit tests.
                        Use configure --with-atf to build ATF internally
                        or configure --with-atf=prefix to use an external
                        copy.  [RT #23209]
 2011-02-26 02:26:33 +00:00
Automatic Updater
45caada8cb update copyright notice 2011-02-23 23:47:20 +00:00
Mark Andrews
0e507dbb81 2039. [func] Redirect on NXDOMAIN support. [RT #23146] 2011-02-23 03:08:11 +00:00
Mark Andrews
fd5d7b4b1c 2038. [bug] Install <dns/rpz.h>. [RT #23342] 2011-02-22 11:48:02 +00:00
Mark Andrews
b795de862b 2036. [bug] Check built-in zone arguments to see if the zone 
is re-usable or not. [RT #21914]
 2011-02-22 04:14:30 +00:00
Automatic Updater
b01d422daf update copyright notice 2011-02-21 23:47:45 +00:00
Mark Andrews
4b45a8fc5a handle cname response 2011-02-21 23:37:31 +00:00
Mark Andrews
17c98e7add 3033. [cleanup] Add two INSIST(bucket != DNS_ADB_INVALIDBUCKET). 
[RT #22521]
 2011-02-21 07:08:33 +00:00
Mark Andrews
699e00089f 3032. [bug] rdatalist.c: add missing REQUIREs. [RT #22521] 2011-02-21 07:01:09 +00:00
Mark Andrews
6883a918f7 3031. [bug] dns_rdataclass_format() handle a zero sized buffer. 
[RT #22521]
 2011-02-21 06:50:42 +00:00
Mark Andrews
e01f55daa4 3030. [bug] dns_rdatatype_format() handle a zero sized buffer. 
[RT #22521]
 2011-02-21 06:41:07 +00:00
Mark Andrews
4c577cbd1e 3029. [bug] isc_netaddr_format() handle a zero sized buffer. 
[RT #22521]
 2011-02-21 06:30:06 +00:00
Mark Andrews
0b8c40c8d8 CHANGES 2011-02-21 06:18:03 +00:00
Mark Andrews
30aaec2122 3027. [bug] Add documented REQUIREs to cfg_obj_asnetprefix() to 
catch NULL pointer dereferences before they happen.
                        [RT #22521]
 2011-02-21 06:07:49 +00:00
Mark Andrews
17a0bbda33 3026. [bug] lib/isc/httpd.c: check that we have enough space 
after calling grow_headerspace() and if not
                        re-call grow_headerspace() until we do. [RT #22521]
 2011-02-21 05:55:09 +00:00
Automatic Updater
d5a3595af8 update copyright notice 2011-02-19 23:47:38 +00:00
Evan Hunt
b0c8948e37 Fixed incorrect library link order in libisccc and libisccfg 2011-02-19 01:30:52 +00:00
Evan Hunt
63b1c80af8 Fixed an error in change 3023, ensuring that journal file isn't 
removed after IXFR.  No CHANGES note.
 2011-02-19 01:24:46 +00:00
Automatic Updater
10aafc5aa3 update copyright notice 2011-02-18 23:47:25 +00:00
Michael Graff
b7f0ab323d catch two unused function params, followup to RT#23310 2011-02-18 23:39:55 +00:00
Evan Hunt
b32e391602 3025. [bug] Fixed a possible deadlock due to zone resigning. 
[RT #22964]
 2011-02-18 23:26:44 +00:00
Michael Graff
52d44117c8 Remove RTT banding [RT 23310] 2011-02-18 22:55:31 +00:00
Evan Hunt
1d5981dd3f 3023. [bug] Named could be left in an inconsistent state when 
receiving multiple AXFR response messages that were
			not all TSIG-signed. [RT #23254]
 2011-02-18 21:22:12 +00:00
Mark Andrews
9e4359b42e silence: warning: 'manager_log' defined but not used 2011-02-18 04:19:05 +00:00
Automatic Updater
6885ca3220 update copyright notice 2011-02-17 23:47:24 +00:00
Mark Andrews
293e500697 simplify zone_signwithkey call 2011-02-17 04:57:28 +00:00
Mark Andrews
19afa17960 ensure that the DNSKEY rrset get re-signed even if it hasn't been 
updated in sign_apex.
 2011-02-17 02:57:22 +00:00
Automatic Updater
c41b2924a5 update copyright notice 2011-02-15 23:47:36 +00:00
Mark Andrews
b1b42b03b7 3020. [bug] auto-dnssec failed to correctly update the zone when changing the DNSKEY RRset. [RT #23232] 2011-02-15 22:02:36 +00:00
Francis Dupont
931814de4a typo in comment 2011-02-15 18:23:34 +00:00
Mark Andrews
462a97981f CHANGES 2011-02-07 00:10:36 +00:00
Automatic Updater
784a904bd0 update copyright notice 2011-02-03 12:18:12 +00:00
Mark Andrews
a8e5a59183 3015. [port] win32: fix IN6_IS_ADDR_LINKLOCAL and 
IN6_IS_ADDR_SITELOCAL macros. [RT #22724]
 2011-02-03 08:13:51 +00:00
Mark Andrews
c1ee8bb4ba 3013. [bug] The DNS64 ttl was not always being set as expected. 
[RT #23034]
 2011-02-03 07:35:56 +00:00
Mark Andrews
000a8970f8 3011. [func] Change the default query timeout from 30 seconds 
to 10.  Allow setting this in named.conf using the new
                        'resolver-query-timeout' option, which specifies a max
                        time in seconds.  0 means 'default' and anything longer
                        than 30 will be silently set to 30. [RT #22852]
 2011-02-03 05:41:55 +00:00
Evan Hunt
903b3c84e2 3010. [bug] Fixed a bug where "rndc reconfig" stopped the timer 
for refreshing managed-keys. [RT #22296]
 2011-02-03 00:21:55 +00:00
Automatic Updater
b720af4cd4 update copyright notice 2011-01-27 23:47:21 +00:00
Mark Andrews
1fba20bd0b 3009. [bug] clients-per-query code didn't work as expected with 
particular query patterns. [RT #22972]
 2011-01-27 02:24:49 +00:00
Automatic Updater
c674aacfd6 update copyright notice 2011-01-19 23:47:12 +00:00
Mark Andrews
f862994cbd explicitly initialise dump and restore 2011-01-19 03:09:14 +00:00
Mark Andrews
ee931bc7a3 silence warning: integer overflow detected: op "<<" 2011-01-17 04:27:23 +00:00
Automatic Updater
a09fff7051 update copyright notice 2011-01-14 00:51:43 +00:00
Mark Andrews
2c18cb2e9a explicit initialisation 2011-01-14 00:33:32 +00:00
Mark Andrews
481ebd6977 rpz require -DBIND9 2011-01-13 09:53:04 +00:00
Mark Andrews
17acd2a230 remove -I "../..../lib/dns/sec/openssl/include" 2011-01-13 08:56:45 +00:00
Automatic Updater
2352050890 update copyright notice 2011-01-13 08:50:29 +00:00
Mark Andrews
50fd8587a7 extra external symbols 2011-01-13 08:29:08 +00:00
Mark Andrews
6767b5b544 openssl include path 2011-01-13 08:15:30 +00:00
Mark Andrews
0a24e3a8ae openssl include path 2011-01-13 07:51:06 +00:00
Mark Andrews
000439ae98 isc_netaddr_getzone 2011-01-13 07:20:14 +00:00
Mark Andrews
9e78a55d81 opensslgost_link.c 2011-01-13 07:12:14 +00:00
Mark Andrews
23784a729d dst_key_restory -> dst_key_restore 2011-01-13 07:06:50 +00:00
Mark Andrews
559b51e980 only look for sys/socket.h if we also have sys/un.h 2011-01-13 07:05:57 +00:00
Mark Andrews
93b81c6d0a explicit conversion from unsigned long to dns_rpz_cidr_bits_t 2011-01-13 06:48:14 +00:00
Mark Andrews
68f6e45d28 uint8_t -> unsigned char 2011-01-13 06:41:05 +00:00
Mark Andrews
c3e9221f3b prototype mismatch 2011-01-13 06:36:04 +00:00
Mark Andrews
119f627c82 uint32_t -> isc_uint32_t 2011-01-13 06:29:16 +00:00
Mark Andrews
98455e2090 missing semi-colon 2011-01-13 06:21:15 +00:00
Automatic Updater
9cee5bb028 update copyright notice 2011-01-13 04:59:26 +00:00
Mark Andrews
e02c1d738b 9.8.0b1 2011-01-13 04:45:17 +00:00
Mark Andrews
a3eb8b33ec unsigned constants 2011-01-13 04:20:03 +00:00
Mark Andrews
6eba31815a #include <isc/print.h> 2011-01-13 03:03:31 +00:00
Mark Andrews
87708bde16 3008. [func] Response policy zones (RPZ) support. [RT #21726] 2011-01-13 01:59:28 +00:00
Mark Andrews
38b84a1fcf 3007. [bug] Named failed to preserve the case of domain names in 
rdata which is no compressable when writing master
                        files.  [RT #22863]
 2011-01-13 00:55:49 +00:00
Automatic Updater
135bcc2e42 update copyright notice 2011-01-11 23:47:14 +00:00
Mark Andrews
adccda3b4c &dstkey -> dstkey 2011-01-10 07:38:22 +00:00
Mark Andrews
433e06a25c 3006. [func] Allow dynamically generated TSIG keys to be preserved 
across restarts of named.  Initially this is for
                        TSIG keys generated using GSSAPI. [RT #22639]
 2011-01-10 05:32:04 +00:00
Mark Andrews
1403f9aa2f don't free memory passed to putenv(), use malloc and check for malloc failures 2011-01-10 03:49:49 +00:00
Automatic Updater
0e0be796a7 update copyright notice 2011-01-08 23:47:01 +00:00
Evan Hunt
8a743600dd 3005. [port] Solaris: Work around the lack of 
gsskrb5_register_acceptor_identity() by setting
			the KRB5_KTNAME environment variable to the
			contents of tkey-gssapi-keytab.  Also fixed
			test errors on MacOSX.  [RT #22853]
 2011-01-08 00:33:12 +00:00
Automatic Updater
93235c1cba update copyright notice 2011-01-07 23:47:07 +00:00
Evan Hunt
a727690e8b HPUX: silence compiler warnings about signed/unsigned comparisons 2011-01-07 21:42:03 +00:00
Evan Hunt
3df7f5a9d6 add ssu_external.c to win32 definitions 2011-01-07 05:32:49 +00:00
Evan Hunt
4ac6a44512 Forgot to add ssu_external.c when committing change #3003. 2011-01-07 05:29:08 +00:00
Mark Andrews
dc4fa197dd 3004. [func] DNS64 reverse support. [RT #22769] 2011-01-07 04:31:39 +00:00
Automatic Updater
db69d5d53c update copyright notice 2011-01-06 23:47:00 +00:00
Evan Hunt
3916872f37 3003. [experimental] Added update-policy match type "external", 
enabliing named to defer the decision of whether to
			allow a dynamic update to an external daemon.
			(Contributed by Andrew Tridgell.) [RT #22758]
 2011-01-06 23:24:39 +00:00
Automatic Updater
1da9dbcf48 update copyright notice 2011-01-04 23:47:14 +00:00
Mark Andrews
161429fc05 3002. [bug] isc_mutex_init_errcheck() failed to destroy attr. 
[RT #22766]
 2011-01-04 04:32:13 +00:00
Evan Hunt
79bf7c874b 3001. [func] Added a default trust anchor for the root zone, which 
can be switched on by setting "dnssec-validation auto;"
			in the named.conf options. [RT #21727]
 2011-01-03 23:45:08 +00:00
Evan Hunt
d9ad0a55bb 3000. [bug] More TKEY/GSS fixes: 
- nsupdate can now get the default realm from
			   the user's Kerberos principal
			 - corrected gsstest compilation flags
			 - improved documentation
			 - fixed some NULL dereferences
			[RT #22795]
 2010-12-24 02:20:47 +00:00
Automatic Updater
a094c46640 update copyright notice 2010-12-23 23:47:08 +00:00
Mark Andrews
37dee1ff94 2999. [func] Add GOST support (RFC 5933). [RT #20639] 2010-12-23 04:08:00 +00:00
Automatic Updater
557919588b update copyright notice 2010-12-22 23:46:59 +00:00
Mark Andrews
777b848142 2998. [func] Add isc_task_beginexclusive and isc_task_endexclusive 
to the task api. [RT #22776]
 2010-12-22 13:05:20 +00:00
Mark Andrews
7a54dadeb5 2998. [func] Add isc_task_beginexclusive and isc_task_endexclusive 
to the task api. [RT #22776]
 2010-12-22 05:19:02 +00:00
Mark Andrews
79344b9710 2996. [security] Temporarily disable SO_ACCEPTFILTER support. 
[RT #22589]
 2010-12-22 03:08:36 +00:00
Mark Andrews
179e028b35 2995. [bug] The Kerberos realm was not being correctly extracted 
from the signer's identity. [RT #22770]
 2010-12-22 02:33:12 +00:00
Automatic Updater
8868ef9c64 update copyright notice 2010-12-21 23:47:08 +00:00
Mark Andrews
c2170a4bd0 2994. [port] NetBSD: use pthreads by default on NetBSD >= 5.0, and 
do not use threads on earlier versions.  Also kill
                        the unproven-pthreads, mit-pthreads, and ptl2 support.
 2010-12-21 04:20:23 +00:00
Mark Andrews
82f77687ab 2993. [func] Dynamically grow adb hash tables. [RT #21186] 2010-12-21 03:11:42 +00:00
Automatic Updater
ca103999e6 update copyright notice 2010-12-20 23:47:21 +00:00
Evan Hunt
db4c1bc48a Looks like "ifdef" should have been "ifndef". (Committing without review to 
silence robie.)
 2010-12-19 21:32:35 +00:00
Evan Hunt
c445b2f648 Add #ifdef BIND9 to some of the new DLZ code to fix link errors 
when building with --enable-exportlibs
 2010-12-19 02:51:41 +00:00
Evan Hunt
9f453d9342 removed unnecessary "done" log message from dns_sdlzcreate(); it used 
__FUNCTION__ which caused problems on some compilers.
 2010-12-19 02:37:08 +00:00
Automatic Updater
941c0792f2 update copyright notice 2010-12-18 23:47:11 +00:00
Mark Andrews
c880d51849 gsskrb5_register_acceptor_identity is not available on all platforms 2010-12-18 14:46:21 +00:00
Mark Andrews
6dcb804dc6 UNUSED(use_static_stub); 2010-12-18 11:47:13 +00:00
Evan Hunt
71bd858d8e 2989. [func] Added support for writable DLZ zones. (Contributed 
by Andrew Tridgell of the Samba project.) [RT #22629]

2988.	[experimental]	Added a "dlopen" DLZ driver, allowing the creation
			of external DLZ drivers that can be loaded as
			shared objects at runtime rather than linked with
			named.  Currently this is switched on via a
			compile-time option, "configure --with-dlz-dlopen".
			Note: the syntax for configuring DLZ zones
			is likely to be refined in future releases.
			(Contributed by Andrew Tridgell of the Samba
			project.) [RT #22629]

2987.	[func]		Improve ease of configuring TKEY/GSS updates by
			adding a "tkey-gssapi-keytab" option.  If set,
			updates will be allowed with any key matching
			a principal in the specified keytab file.
			"tkey-gssapi-credential" is no longer required
			and is expected to be deprecated.  (Contributed
			by Andrew Tridgell of the Samba project.)
			[RT #22629]
 2010-12-18 01:56:23 +00:00
Automatic Updater
0ccd663a83 update copyright notice 2010-12-16 23:47:08 +00:00
Tatuya JINMEI 神明達哉
743bbdc18f 2947. [func] Add new zone type "static-stub". It's like a stub 
zone, but the nameserver names and/or their IP
			addresses are statically configured. [RT #21474]

(for 9.8.0)
 2010-12-16 09:51:30 +00:00
Mark Andrews
8d8f0b4659 2984. [bug] Don't run MX checks when the target of the MX record is ".". [RT #22645] 2010-12-14 00:39:59 +00:00
Mark Andrews
a16d8521e4 re-base the api version for 9.8 2010-12-10 01:13:02 +00:00
Mark Andrews
391b2f42eb dns64 2010-12-09 06:12:43 +00:00
Mark Andrews
187d99dc53 s/dev/sdev/ 2010-12-09 06:08:05 +00:00
Mark Andrews
44c0cfd2be remove extraneos semicolon 2010-12-09 04:59:09 +00:00
Mark Andrews
987f2097a6 dns64 is BIND9 only 2010-12-09 04:53:48 +00:00
Mark Andrews
73dbd4e933 9.8.0a1 2010-12-09 04:39:10 +00:00
Automatic Updater
fd6a9d688c update copyright notice 2010-12-09 04:31:57 +00:00
Mark Andrews
b44bb86068 add comment 2010-12-09 04:17:15 +00:00
Mark Andrews
1e442d1994 zero bind 64 to 71 if prefix len is 64 2010-12-09 04:01:43 +00:00
Mark Andrews
9f9b7f0e8d 2982. [bug] Reference count dst keys. dst_key_attach() can be used 
increment the reference count.

                        Note: dns_tsigkey_createfromkey() callers should now
                        always call dst_key_free() rather than setting it
                        to NULL on success. [RT #22672]
 2010-12-09 00:54:34 +00:00
Automatic Updater
b8a9a7bef2 update copyright notice 2010-12-08 23:51:56 +00:00
Mark Andrews
e334405421 2981. [func] Partial DNS64 support (AAAA synthesis). [RT #21991] 2010-12-08 02:46:17 +00:00
Mark Andrews
8aee18709f 2980. [bug] named didn't properly handle UPDATES that changed the 
TTL of the NSEC3PARAM RRset. [RT #22363]
 2010-12-07 02:53:34 +00:00
Mark Andrews
ab39760512 silence warning. temporary 2010-12-04 22:27:29 +00:00
Mark Andrews
b286683ae8 temporally make isc__task_exiting become isc_task_exiting so that the 
export version of libisc has all the symbols to link.
 2010-12-04 13:25:59 +00:00
Automatic Updater
59b283de0a update copyright notice 2010-12-03 23:46:46 +00:00
Evan Hunt
e78c2b856b 2979. [bug] named could deadlock during shutdown if two 
"rndc stop" commands were issued at the same
			time. [RT #22108]
 2010-12-03 22:05:19 +00:00
Mark Andrews
310e10d536 pass the address of dstkey 2010-12-03 21:47:19 +00:00
Mark Andrews
cc83084441 s/dns_key_free/dst_key_free/ 2010-12-03 12:03:22 +00:00
Mark Andrews
c0a76b3c0b 2978. [port] hpux: look for <devpoll.h> [RT #21919] 2010-12-03 00:57:57 +00:00
Automatic Updater
326a702a35 update copyright notice 2010-12-02 23:46:56 +00:00
Mark Andrews
c87f15dac8 2976. [bug] named die on exit after negotiating a GSS-TSIG key. [RT #3415] 2010-12-02 23:22:42 +00:00
Mark Andrews
97664670d0 2975. [bug] rbtdb.c:cleanup_dead_nodes_callback() aquired the 
wrong lock which could lead to server deadlock.
                        [RT #22614]
 2010-12-02 04:58:13 +00:00
Automatic Updater
e085624e0f update copyright notice 2010-11-30 23:46:55 +00:00
Evan Hunt
b5b934a0bb 2974. [bug] Some vaild UPDATE requests could fail due to a 
consistency check examining the existing version
			of the zone rather than the new version resulting
			from the UPDATE. [RT #22413]
 2010-11-30 02:27:08 +00:00
Automatic Updater
bc7051ee3f update copyright notice 2010-11-18 00:59:43 +00:00
Mark Andrews
5a636f9951 2972. [bug] win32: address windows socket errors. [RT #21906] 2010-11-18 00:24:00 +00:00
Automatic Updater
33cc94f04c update copyright notice 2010-11-17 23:47:09 +00:00
Evan Hunt
8eb30f8dd3 2971. [bug] Fixed a bug that caused journal files not to be 
compacted on Windows systems as a result of
			non-POSIX-compliant rename() semantics. [RT #22434]
 2010-11-17 00:27:54 +00:00
Mark Andrews
d48730a446 2970. [security] Adding a NO DATA negative cache entry failed to clear 
any matching RRSIG records.  A subsequent lookup of
                        of NO DATA cache entry could trigger a INSIST when the
                        unexpected RRSIG was also returned with the NO DATA
                        cache entry.  [RT #22288]
 2010-11-16 06:46:44 +00:00
Mark Andrews
cd9d825a71 remove accidental commit 2010-11-16 05:38:31 +00:00
Mark Andrews
a27b3757fd 2968. [security] Named could fail to prove a data set was insecure 
before marking it as insecure.  One set of conditions
                        that can trigger this occurs naturally when rolling
                        DNSKEY algorithms.  [RT #22309]
 2010-11-16 01:14:51 +00:00
Mark Andrews
7965c00ca8 check for size equal zero in _format(), replace snprintf of a fixed string with strlcpy 2010-11-16 00:53:36 +00:00
Mark Andrews
432e1ce402 check that grow_headerspace added enough space or re-call it 2010-11-16 00:51:41 +00:00
Mark Andrews
c5a3400f23 REQUIRE that rataset/rdatalist be non NULL 2010-11-16 00:50:28 +00:00
Mark Andrews
a158495f84 INSIST that bucket in no longer ISC_ADB_INVALIDBUCKET after find_*_and_lock calls 2010-11-16 00:49:18 +00:00
Mark Andrews
c2f5ddeeec isc_netaddr_format() check for sies equal 0 2010-11-16 00:43:02 +00:00
Mark Andrews
baab444222 isc_sockaddr_format() check for sies equal 0 2010-11-16 00:42:35 +00:00
Mark Andrews
d775887f01 cfg_obj_asnetprefix() check that the destinations are non NULL before writing to them 2010-11-16 00:41:32 +00:00
Automatic Updater
b3ff8e5ae7 update copyright notice 2010-10-18 23:47:08 +00:00
Mark Andrews
7bce336186 2966. [bug] isc_print_vsnprintf() failed to check if there was 
space available in the buffer when adding a left
                        justified character with a non zero width,
                        (e.g. "%-1c"). [RT #22270]
 2010-10-18 03:59:05 +00:00
Mark Andrews
ed83fa75f5 2963. [security] The allow-query acl was being applied instead of the 
allow-query-cache acl to cache lookups. [RT #22114]
 2010-09-24 05:09:03 +00:00
Automatic Updater
3255640981 update copyright notice 2010-09-15 12:38:36 +00:00
Mark Andrews
506a2177bf 2961. [bug] Be still more selective about the non-authoritative 
answers we apply change 2748 to. [RT #22074]
 2010-09-15 12:21:27 +00:00
Mark Andrews
70ba55161b 2957. [bug] entropy_get() and entropy_getpseudo() failed to match 
the API for RAND_bytes() and RAND_pseudo_bytes()
                        respectively. [RT #21962]
 2010-09-15 03:06:15 +00:00
Mark Andrews
240a7dc59d 2951. [bug] named failed to generate a correct signed response 
in a optout, delegation only zone with no secure
                        delegations. [RT #22007]
 2010-09-07 00:58:36 +00:00
Mark Andrews
e588bfe689 2950. [bug] named failed to perform a SOA up to date check when 
falling back to TCP on UDP timeouts when
                        ixfr-from-differences was set. [RT #21595]
 2010-09-06 04:41:13 +00:00
Mark Andrews
02a211f4c4 2949. [bug] dns_view_setnewzones() contained a memory leak if 
it was called multiple times. [RT #21942]
 2010-09-06 04:31:11 +00:00
Francis Dupont
ec288f1a26 reindent 2010-09-05 12:14:26 +00:00
Automatic Updater
f428e385a4 update copyright notice 2010-08-16 23:46:52 +00:00
Mark Andrews
10f9e687f5 silence redefinition warnings MacOS 2010-08-16 22:41:16 +00:00
Mark Andrews
c6f4972c74 2943. [func] Add support to load new keys into managed zones 
without signing immediately with "rndc loadkeys".
                        Add support to link keys with "dnssec-keygen -S"
                        and "dnssec-settime -S".  [RT #21351]
 2010-08-16 22:21:07 +00:00
Mark Andrews
8bc194b266 2941. [bug] sdb and sdlz (dlz's zone database) failed to support 
DNAME at the zone apex.  [RT #21610]
 2010-08-16 04:49:14 +00:00
Automatic Updater
2b43d1d8c5 update copyright notice 2010-08-13 23:47:04 +00:00
Francis Dupont
7641867b4c fix win32 build 2010-08-13 14:33:31 +00:00
Francis Dupont
bcb444aed0 remove connection aborted error message 2010-08-13 10:45:32 +00:00
Mark Andrews
c73d8c1b72 2938. [bug] When skipping NSEC3 records that don't match the 
current NSEC3PARAM record in use for zone named
                        could dereference a uninitialised pointer attempting
                        to obtain a lock. [RT# 21868]
 2010-08-13 06:46:25 +00:00
Tatuya JINMEI 神明達哉
d0b75b9ff6 define the wrapper function for mem_isovermem(). 
(a regression in rt21818)
 2010-08-12 21:30:26 +00:00
Evan Hunt
9b7efe7aca Removed a leftover UNUSED statement referencing a parameter that doesn't 
exist anymore.
 2010-08-12 04:04:14 +00:00
Automatic Updater
cc4dd0d08d update copyright notice 2010-08-11 23:46:42 +00:00
Tatuya JINMEI 神明達哉
253ae50e09 required ctx is valid in mem_isovermem(). 2010-08-11 23:11:45 +00:00
Tatuya JINMEI 神明達哉
27fe1966c9 2937. [bug] Worked around an apparent race condition in over 
memory conditions.  Without this fix a DNS cache DB or
			ADB could incorrectly stay in an over memory state,
			effectively refusing further caching, which
			subsequently made a BIND 9 caching server unworkable.
			This fix prevents this problem from happening by
			polling the state of the memory context, rather than
			making a copy of the state, which appeared to cause
			a race.  This is a "workaround" in that it doesn't
			solve the possible race per se, but several experiments
			proved this change solves the symptom.  Also, the
			polling overhead hasn't been reported to be an issue.
			This bug should only affect a caching server that
			specifies a finite max-cache-size.  It's also quite
			likely that the bug happens only when enabling threads,
			but it's not confirmed yet. [RT #21818]
 2010-08-11 22:54:58 +00:00
Evan Hunt
cfd262045c 2936. [func] Improved configuration syntax and multiple-view 
support for addzone/delzone feature (see change
			#2930).  Removed "new-zone-file" option, replaced
			with "allow-new-zones (yes|no)".  The new-zone-file
			for each view is now created automatically, with
			a filename generated from a hash of the view name.
			It is no longer necessary to "include" the
			new-zone-file in named.conf; this happens
			automatically.  Zones that were not added via
			"rndc addzone" can no longer be removed with
			"rndc delzone". [RT #19447]
 2010-08-11 18:14:20 +00:00
Automatic Updater
548317f929 update copyright notice 2010-08-10 23:48:19 +00:00
Mark Andrews
712b976a06 2934. [bug] Use ANSI C compliant shift range in lib/isc/entropy.c. [RT #21871] 2010-08-10 09:32:06 +00:00
Automatic Updater
a90aca78aa update copyright notice 2010-07-11 23:46:54 +00:00
Evan Hunt
a207cfc5d1 Removed a duplicate entry in namedconf.c. 2010-07-11 05:44:15 +00:00
Evan Hunt
86dcc40058 2930. [experimental] New "rndc addzone" and "rndc delzone" commads 
allow dynamic addition and deletion of zones.
			To enable this feature, specify a "new-zone-file"
			option at the view or options level in named.conf.
			Zone configuration information for the new zones
			will be written into that file.  To make the new
			zones persist after a restart, "include" the file
			into named.conf in the appropriate view.  (Note:
			This feature is not yet documented, and its syntax
			is expected to change.) [RT #19447]
 2010-07-11 00:12:57 +00:00
Automatic Updater
1b892cf691 update copyright notice 2010-07-09 23:46:51 +00:00
Evan Hunt
bf9b852c3e 2929. [bug] Improved handling of GSS security contexts: 
- added LRU expiration for generated TSIGs
			 - added the ability to use a non-default realm
                         - added new "realm" keyword in nsupdate
			 - limited lifetime of generated keys to 1 hour
			   or the lifetime of the context (whichever is
			   smaller)
			[RT #19737]
 2010-07-09 05:13:15 +00:00
Mark Andrews
ff5864ef42 2928. [bug] Be more selective about the non-authoritative 
answer we apply change 2748 to. [RT #21594]
 2010-07-04 00:48:57 +00:00
Mark Andrews
2cf74a72fd isc_boolean_t -> dns_v4_aaaa_t 2010-06-26 05:30:30 +00:00
Mark Andrews
810656a187 2925. [bug] Named failed to accept uncachable negative responses 
from insecure zones. [RT# 21555]
 2010-06-25 23:50:13 +00:00
Automatic Updater
cf309ffeee update copyright notice 2010-06-25 23:46:51 +00:00
Mark Andrews
bf13e709db 2924. [func] 'rndc secroots' dump a combined summary of the 
current managed keys combined with trusted keys.
                        [RT #20904]
 2010-06-25 03:24:05 +00:00
Automatic Updater
b8d4e96e95 update copyright notice 2010-06-23 23:46:58 +00:00
Mark Andrews
4a8dc5f8ef 2921. [bug] The resolver could attempt to destroy a fetch context 
to soon.  [RT #19878]
 2010-06-23 01:31:43 +00:00
Automatic Updater
b61690dbad update copyright notice 2010-06-22 23:46:52 +00:00
Mark Andrews
48dfee7150 2920. [func] Allow 'filter-aaaa-on-v4' to be applied selectively 
to IPv4 clients.  New acl 'filter-aaaa' (default any).
 2010-06-22 04:03:38 +00:00
Mark Andrews
ae538374fe AAAA not A 2010-06-18 05:36:24 +00:00
Mark Andrews
081b36ff95 2918. [maint] Add AAAA address for I.ROOT-SERVERS.NET. 2010-06-18 02:11:44 +00:00
Automatic Updater
e40d5d6b71 update copyright notice 2010-06-09 23:50:58 +00:00
Automatic Updater
36961e2937 missing @ 2010-06-09 13:23:47 +00:00
Mark Andrews
cf56ac2b41 missing @ 2010-06-09 09:04:39 +00:00
Mark Andrews
76117ff568 CHANGES 2010-06-09 01:43:09 +00:00
Automatic Updater
ad0471f93b update copyright notice 2010-06-08 23:50:24 +00:00
Mark Andrews
63af1a646a 2913. [func] Add pkcs#11 system tests. [RT #20784] 2010-06-07 03:42:37 +00:00
Automatic Updater
3f2280d2fc update copyright notice 2010-06-04 23:51:14 +00:00
Mark Andrews
ec58c4ca54 remove trailing comma 2010-06-04 00:12:54 +00:00
Automatic Updater
6e13ffa218 update copyright notice 2010-06-03 23:51:05 +00:00
Mark Andrews
b7bc86a4d3 2912. [func] Windows clients don't like UPDATE responses that clear 
the zone section. [RT #20986]
 2010-06-03 05:23:27 +00:00
Mark Andrews
a20996ab6f 2910. [func] Sanity check Kerberos credentials. [RT #20986] 2010-06-03 02:29:58 +00:00
Mark Andrews
29f0da7fb8 2908. [bug] It was possible for re-signing to stop after removing 
a DNSKEY. [RT #21384]
 2010-06-02 00:58:54 +00:00
Mark Andrews
b00de53de2 2907. [bug] The export version of libdns had undefined references. 
[RT #21444]
 2010-06-02 00:38:29 +00:00
Mark Andrews
57b47bca26 checkpoint 2010-05-29 10:36:22 +00:00
Mark Andrews
ead77b9ad4 2906. [bug] Add RFC 5011 implementation issues. [RT #20903] 2010-05-28 03:15:48 +00:00
Mark Andrews
e27d55e3ee 2904. [bug] When using DLV, sub-zones of the zones in the DLV, 
could be incorrectly marked as insecure instead of
                        secure leading to negative proofs failing.  This was
                        a unintended outcome from change 2890. [RT# 21392]
 2010-05-26 06:28:00 +00:00
Mark Andrews
7d9be933d7 2903. [bug] managed-keys-directory missing from namedconf.c. 
[RT #21370]
 2010-05-21 14:10:32 +00:00
Mark Andrews
abb239e7fc silence compiler, explict coversion 2010-05-19 09:52:42 +00:00
Mark Andrews
5b02fc32d6 2901. [port] Use AC_C_FLEXIBLE_ARRAY_MEMBER. [RT #21316] 2010-05-19 07:13:15 +00:00
Mark Andrews
b667946fa5 2900. [bug] The placeholder negative caching element was not 
properly constructed triggering a INSIST in
                        dns_ncache_towire(). [RT #21346]
 2010-05-19 06:39:50 +00:00
Mark Andrews
32f985bcf4 silence compile warnings, explict conversio 2010-05-18 06:28:29 +00:00
Mark Andrews
ed30e0358b 9.7.1b1 2010-05-18 06:14:32 +00:00
Automatic Updater
4dd3ec797d update copyright notice 2010-05-18 02:38:10 +00:00
Mark Andrews
8d31dd9ab6 2897. [bug] NSEC3 chains could be left behind when transitioning 
to insecure. [RT #21040]
 2010-05-18 01:39:41 +00:00
Mark Andrews
6d58400178 2896. [bug] "rndc sign" failed to properly update the zone 
when adding a DNSKEY for publication only. [RT #21045]
 2010-05-18 01:03:26 +00:00
Automatic Updater
515c7f3c43 update copyright notice 2010-05-14 23:50:40 +00:00
Mark Andrews
778a01b1aa 2893. [bug] Improve managed keys support. New named.conf option 
managed-keys-directory. [RT #20924]
 2010-05-14 04:48:28 +00:00
Mark Andrews
44f175a90a 2892. [bug] Handle REVOKED keys better. [RT #20961] 2010-05-14 04:38:52 +00:00
Mark Andrews
b335299322 2890. [bug] Handle the introduction of new trusted-keys and 
DS, DLV RRsets better. [RT #21097]
 2010-05-14 00:13:43 +00:00
Automatic Updater
b7bcdb3eaa update copyright notice 2010-05-13 23:50:27 +00:00
Mark Andrews
e12030c433 2889. [bug] Element of the grammar where not properly reported. 
[RT #21046]
 2010-05-13 03:16:55 +00:00
Mark Andrews
49560ac770 typo in threaded build, silence compiler warning 2010-05-13 03:08:30 +00:00
Mark Andrews
e18c62b1da 2888. [bug] Only the first EDNS option was displayed. [RT #21273] 2010-05-13 00:40:46 +00:00
Automatic Updater
21d9ee0d73 update copyright notice 2010-05-12 23:51:13 +00:00
Mark Andrews
5c40acf215 2887. [bug] Report the keytag times in UTC in the .key file, 
local time is presented as a comment within the
                        comment.  [RT #21223]

2886.   [bug]           ctime() is not thread safe. [RT #21223]
 2010-05-12 23:49:40 +00:00
Mark Andrews
f083a44415 2884. [bug] Insufficient valadation in dns_name_getlabelsequence(). 
[RT #21283]
 2010-05-12 05:40:32 +00:00
Mark Andrews
2fca4a3321 2882. [bug] Remove memory context from list of active contexts 
before clearing 'magic'. [RT #21274]
 2010-05-12 00:46:55 +00:00
Automatic Updater
a955420bed update copyright notice 2010-05-10 23:50:55 +00:00
Mark Andrews
121f783b66 2881. [bug] Reduce the amount of time the rbtdb write lock 
is held when closing a version. [RT #21198]
 2010-05-10 01:39:03 +00:00
Automatic Updater
b98844704e update copyright notice 2010-04-28 23:50:51 +00:00
Mark Andrews
6ab18ae52c 2878. [func] Incrementally write the master file after performing 
a AXFR.  [RT #21010]
(part 2)
 2010-04-28 11:03:07 +00:00
Mark Andrews
1df2b7edfe 2878. [func] Incrementally write the master file after performing 
a AXFR.  [RT #21010]
 2010-04-27 03:24:52 +00:00
Automatic Updater
ed2fa6ce1b update copyright notice 2010-04-21 23:51:22 +00:00
Mark Andrews
fd95cc0da9 2877. [bug] The validator failed to skip obviously mismatching 
RRSIGs. [RT #21138]
 2010-04-21 05:45:47 +00:00
Mark Andrews
bb6d33103e 2876. [bug] Named could return SERVFAIL for negative responses 
from unsigned zones. [RT #21131]
 2010-04-21 04:16:49 +00:00
Mark Andrews
cc6d67469c 2875. [bug] dns_time64_fromtext() could accept non digits. 
[RT #21033]
 2010-04-21 02:21:31 +00:00
Automatic Updater
0a199807e7 update copyright notice 2010-04-20 23:51:12 +00:00
Mark Andrews
1e9848fb2b 2874. [bug] Cache lack of EDNS support only after the server 
successfully responds to the query using plain DNS.
                        [RT #20930]
 2010-04-20 07:28:52 +00:00
Tatuya JINMEI 神明達哉
c45d848e2a 2873. [bug] Canceling a dynamic update via the dns/client module 
could trigger an assertion failure. [RT #21133]
 2010-04-14 22:08:47 +00:00
Automatic Updater
0abd3cca60 update copyright notice 2010-04-13 23:50:58 +00:00
Shawn Routhier
7dc38ccd52 Modify dns/client.c:dns_client_createx() to only require one of IPv6 or 
IPv6 rather than both.  [RT #21122]
 2010-04-13 19:06:48 +00:00
Automatic Updater
127e1bde3a update copyright notice 2010-04-09 23:51:01 +00:00
Tatuya JINMEI 神明達哉
ce164dbd9c 2871. [bug] Type mismatch in mem_api.c between the definition and 
the header file, causing build failure with
			--enable-exportlib. [RT #21138]

9.8.0 and 9.7.1.
 2010-04-09 06:09:35 +00:00
Automatic Updater
f15cde2b63 update copyright notice 2010-04-07 23:51:06 +00:00
Mark Andrews
86077a2e87 2870. [maint] Add AAAA addresses for L.ROOT-SERVERS.NET. 2010-04-07 07:05:38 +00:00
Mark Andrews
b8d036c434 2869. [bug] Fix arguments to dns_keytable_findnextkeynode() call. 
[RT #20877]
 2010-03-26 17:12:48 +00:00
Automatic Updater
230987e819 update copyright notice 2010-03-12 23:51:11 +00:00
Mark Andrews
a80d26914a 2867. [bug] Don't set GSS_C_SEQUENCE_FLAG as Windows DNS servers 
don't like it.  [RT #20986]
 2010-03-12 03:47:08 +00:00
Mark Andrews
c19f322914 2866. [bug] Windows does not like the TSIG name being compressed. 
[RT #20986]
 2010-03-12 03:34:56 +00:00
Mark Andrews
ff9301990d 2865. [bug] memset to zero event.data. [RT #20986] 2010-03-12 03:22:57 +00:00
Mark Andrews
08fb52ec8c 2863. [port] linux: disable IPv6 PMTUD and use network minimum MTU. 
[RT #21056]
 2010-03-11 04:43:57 +00:00
Automatic Updater
4d42b714be update copyright notice 2010-03-04 23:50:34 +00:00
Mark Andrews
22c4126ba5 2958. [bug] When canceling validation it was possible to leak 
memory. [RT #20800]
 2010-03-04 22:25:31 +00:00
Mark Andrews
b1003ace6f 2957. [bug] RTT estimates were not being adjusted on ICMP errors. 
[RT #20772]
 2010-03-04 06:43:21 +00:00
Mark Andrews
92348098eb 2956. [bug] named-checkconf did not fail on a bad trusted key. 
[RT #20705]
 2010-03-04 06:17:01 +00:00
Mark Andrews
5388178e8a 2955. [bug] The size of a memory allocation was not always properly 
recorded. [RT #20927]
 2010-03-04 05:45:51 +00:00
Mark Andrews
d1a5fdc34a 2955. [bug] The size of a memory allocation was not always properly 
recorded. [RT #20927]
 2010-03-04 05:29:15 +00:00
Mark Andrews
2e20dea9fc 2854. [func] nsupdate will now preserve the entered case of domain 
names in update requests it sends. [RT #20928]
 2010-03-04 05:24:56 +00:00
Mark Andrews
13396661f4 2854. [func] dig: allow the final soa record in a axfr response to 
be suppressed, dig +onesoa. [RT #20929]
 2010-03-04 05:18:04 +00:00
Mark Andrews
6f8edd57ae dns_resolver_*badcache 2010-03-03 05:13:53 +00:00
Mark Andrews
c76ae1723f dns_rdataset_expire/dns_rdataset_settrust 2010-03-03 05:11:45 +00:00
Mark Andrews
64f8608ed6 2853. [bug] add_sigs() could run out of scratch space. [RT #21015] 2010-02-26 01:39:49 +00:00
Mark Andrews
8b026a66fd grab a write lock before updating header->trust 2010-02-26 00:18:06 +00:00
Automatic Updater
bd2b08d5a3 update copyright notice 2010-02-25 05:08:01 +00:00
Mark Andrews
0cae66577c 2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619] 2010-02-25 04:39:13 +00:00
Automatic Updater
8077efca7d update copyright notice 2010-02-22 23:49:11 +00:00
Mark Andrews
f56be26f60 .NOTPARALLEL/.NO_PARALLEL 2010-02-22 02:00:07 +00:00
Automatic Updater
6f1b350c3a update copyright notice 2010-02-04 23:49:13 +00:00
Tatuya JINMEI 神明達哉
139cedabf9 2850. [bug] If isc_heap_insert() failed due to memory shortage 
the heap would have corrupted entries.

9.8.0, 9.7.1(?), 9.6.2, 9.5.3
(what about 9.4-ESV?)
 2010-02-04 23:22:05 +00:00
Mark Andrews
8ac908b38a 2849. [bug] Don't treat errors from the xml2 library as fatal. 
[RT #20945]
 2010-02-04 00:57:25 +00:00
Automatic Updater
aad3d15976 update copyright notice 2010-01-31 23:49:09 +00:00
Mark Andrews
ebaf977ecf 2846. [bug] EOF on unix domain sockets was not being handled 
correctly. [RT #20731]
 2010-01-31 23:18:03 +00:00
Francis Dupont
19a62c240d RFC 5011 client can crash. [RT #20903] 2010-01-26 23:33:10 +00:00
Evan Hunt
c46b6864af fix typo 2010-01-22 01:46:20 +00:00
Evan Hunt
da4a8c89a8 remove reference to isc_time member "seconds", which doesn't exist in win32 2010-01-22 01:34:47 +00:00
Evan Hunt
b47d410f84 2840. [bug] Change 2836 was not complete. [RT #20883] 2010-01-14 23:27:38 +00:00
Automatic Updater
5bdf8cd3c2 update copyright notice 2010-01-13 23:48:59 +00:00
Francis Dupont
f77148e029 a KSK revoked by named could not be deleted. [RT #20881] 2010-01-13 08:35:24 +00:00
Francis Dupont
51512910da comment trivial update 2010-01-12 23:56:12 +00:00
Automatic Updater
8576a40424 update copyright notice 2010-01-12 23:48:57 +00:00
Francis Dupont
d481cfdab5 fix spelling in comment 2010-01-12 23:23:21 +00:00
Automatic Updater
65d1486535 update copyright notice 2010-01-11 23:48:37 +00:00
Francis Dupont
a91029a00e Prevent Linux spurious warnings about fwrite(). [RT #20812] 2010-01-11 10:49:14 +00:00
Francis Dupont
125da90ced trivial spelling error in comment 2010-01-11 01:14:08 +00:00
Automatic Updater
b871a3e0cd update copyright notice 2010-01-09 23:48:45 +00:00
Evan Hunt
05b1ab91a6 2836. [bug] Keys that were scheduled to become active could 
be delayed. [RT #20874]
 2010-01-09 17:09:00 +00:00
Francis Dupont
a26d73a734 fix trivial typo in comment 2010-01-09 15:21:10 +00:00
Automatic Updater
49644c0c8f update copyright notice 2010-01-08 23:51:44 +00:00
Evan Hunt
03e5afa4c0 2835. [bug] Key inactivity dates were inadvertently stored in 
the private key file with the outdated tag
			"Unpublish" rather than "Inactive".  This has been
			fixed; however, any existing keys that had Inactive
			dates set will now need to have them reset, using
			'dnssec-settime -I'. [RT #20868]
 2010-01-08 17:15:36 +00:00
Automatic Updater
a30c7003af update copyright notice 2010-01-07 23:48:54 +00:00
Evan Hunt
0f66aced26 2834. [bug] HMAC-SHA* keys that were longer than the algorithm 
digest length were used incorrectly, leading to
			interoperability problems with other DNS
			implementations.  This has been corrected.
			(Note: If an oversize key is in use, and
			compatibility is needed with an older release of
			BIND, the new tool "isc-hmac-fixup" can convert
			the key secret to a form that will work with all
			versions.) [RT #20751]
 2010-01-07 21:52:12 +00:00
Shawn Routhier
7c25b5f311 Modify "struct stat" in lib/export/samples/nsprobe.c to avoid redefinition in 
some OSes - rt20831
 2010-01-07 18:31:34 +00:00
Evan Hunt
597642c0ba 2831. [security] Do not attempt to validate or cache 
out-of-bailiwick data returned with a secure
			answer; it must be re-fetched from its original
			source and validated in that context. [RT #20819]
 2010-01-07 16:48:23 +00:00
Automatic Updater
842920c7db update copyright notice 2010-01-04 23:48:51 +00:00
Evan Hunt
d3a6cd7c7e 2830. [bug] Changing the OPTOUT setting could take multiple 
passes. [RT #20813]
 2010-01-04 22:47:58 +00:00
Evan Hunt
845bb3195a 2829. [bug] Fixed potential node inconsistency in rbtdb.c. 
[RT #20808]
 2010-01-04 22:30:14 +00:00
Automatic Updater
400615c294 update copyright notice 2009-12-30 23:49:14 +00:00
Tatuya JINMEI 神明達哉
d8680445d6 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:02:23 +00:00
Evan Hunt
9ead684875 2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712] 2009-12-30 06:46:58 +00:00
Evan Hunt
687b6322fb 2826. [bug] NSEC3->NSEC transitions could fail due to a lock not 
being released.  [RT #20740]
 2009-12-30 03:38:57 +00:00
Mark Andrews
7ddd859470 more for: 
2824.   [bug]           "rndc sign" was not being run by the correct task.
                        [RT #20759]
 2009-12-30 02:32:13 +00:00
Mark Andrews
502dc92f58 more for: 
2824.   [bug]           "rndc sign" was not being run by the correct task.
                        [RT #20759]
 2009-12-30 02:26:30 +00:00
Mark Andrews
5b77627c09 2824. [bug] "rndc sign" was not being run by the correct task. 
[RT #20759]
 2009-12-29 22:20:33 +00:00
Mark Andrews
288486df9d 2823. [bug] rbtdb.c:getsigningtime() was missing locks. [RT #20781] 2009-12-29 22:04:16 +00:00
Mark Andrews
5773d3c007 2822. [bug] rbtdb.c:loadnode() could return the wrong result. 
[RT #20802]
 2009-12-29 08:53:33 +00:00
Evan Hunt
bd31f734ee 2819. [cleanup] Removed unnecessary DNS_POINTER_MAXHOPS define 
[RT #20771]
 2009-12-24 00:35:46 +00:00
Evan Hunt
b09559fd36 2816. [bug] previous_closest_nsec() could fail to return 
data for NSEC3 nodes [RT #29730]
 2009-12-23 23:43:01 +00:00
Mark Andrews
c9630524c7 2814. [func] Provide a definitive error message when a master 
zone is not loaded. [RT #20757]
 2009-12-21 04:29:10 +00:00
Automatic Updater
928e12ccdc update copyright notice 2009-12-18 23:49:03 +00:00
Evan Hunt
4e55893d30 2813. [bug] Better handling of unreadable DNSSEC key files. 
[RT #20710]

2812.	[bug]		Make sure updates can't result in a zone with
			NSEC-only keys and NSEC3 records. [RT 20748]
 2009-12-18 22:16:49 +00:00
Mark Andrews
28f4cd0a45 2808. [bug] Remove the attempt to install atomic.h from lib/isc. 
atomic.h is correctly intalled by the architecture
                        specific subdirectories.  [RT #20722]
 2009-12-18 04:07:08 +00:00
Mark Andrews
485a435efe 2808. [bug] atomic.h was not being properly installed under all 
circumstances. [RT #20722]
 2009-12-18 03:05:37 +00:00
Evan Hunt
bc04d6ec15 2807. [bug] Fixed a possible ASSERT when reconfiguring zone 
keys. [RT #20720]
 2009-12-11 01:06:03 +00:00
Evan Hunt
b8b602f89b 2806. [bug] "rdnc sign" could delay re-signing the DNSKEY 
when it had changed. [RT #20703]
 2009-12-07 20:51:12 +00:00
Evan Hunt
daa4933c4d prep for 9.7.0rc1 2009-12-06 02:54:26 +00:00
Evan Hunt
c7611c7dd2 prep for 9.7.0rc1 release 2009-12-06 02:31:42 +00:00
Evan Hunt
12178c8652 2805. [bug] Fixed namespace problems encountered when building 
external programs using non-exported BIND9 libraries
			(i.e., built without --enable-exportlib). [RT #20679]
 2009-12-05 23:31:41 +00:00
Evan Hunt
d4d836350f add .cvsignore files 2009-12-05 05:36:03 +00:00
Evan Hunt
c2f095969c oops: missed a declaration, and forgot to lock the zone before clearing 
the flag.  (and accidentally ran make tests in the wrong tree, misleading
myself into thinking it was fine.)
 2009-12-05 01:25:43 +00:00
Evan Hunt
d601ef9e89 2804. [bug] Send notifies when a zone is signed with "rndc sign" 
or as a result of a scheduled key change. [RT #20700]
 2009-12-04 22:45:11 +00:00
Automatic Updater
4b6dc226f7 update copyright notice 2009-12-04 22:06:37 +00:00
Mark Andrews
3d17a3ba61 2801. [func] Detect and report records that are different according 
to DNSSEC but are sematically equal according to plain
                        DNS.  Apply plain DNS comparisons rather than DNSSEC
                        comparisons when processing UPDATE requests.
                        dnssec-signzone now removes such semantically duplicate
                        records prior to signing the RRset.

                        named-checkzone -r {ignore|warn|fail} (default warn)
                        named-compilezone -r {ignore|warn|fail} (default warn)

                        named.conf: check-dup-records {ignore|warn|fail};
 2009-12-04 21:09:34 +00:00
Mark Andrews
5d850024cb 2800. [func] Reject zones which have NS records which refer to 
CNAMEs, DNAMEs or don't have address record (class IN
                        only).  Reject UPDATEs which would cause the zone
                        to fail the above checks if committed. [RT #20678]
 2009-12-04 03:33:15 +00:00
Evan Hunt
8e4f3f1cbc 2799. [cleanup] Changed the "secure-to-insecure" option to 
"dnssec-secure-to-insecure", and "dnskey-ksk-only"
			to "dnssec-dnskey-kskonly", for clarity. [RT #20586]
 2009-12-03 23:18:17 +00:00
Evan Hunt
22304041d1 typo caused a missing semicolon 2009-12-03 16:49:09 +00:00
Evan Hunt
e6dda86e8b 2798. [bug] Addressed bugs in managed-keys initialization 
and rollover. [RT #20683]
 2009-12-03 15:40:03 +00:00
Mark Andrews
2a0d4c4d6b 2797. [bug] Don't decrement the dispatch manager's maxbuffers. 
[RT #20613]
 2009-12-02 23:15:14 +00:00
Mark Andrews
d524a81532 2796. [bug] Missing dns_rdataset_disassociate() call in 
dns_nsec3_delnsec3sx(). [RT #20681]
 2009-12-01 05:28:40 +00:00
Evan Hunt
feeca57f18 2795. [cleanup] Add text to differentiate "update with no effect" 
log messages. [RT #18889]
 2009-12-01 00:47:09 +00:00
Mark Andrews
8b37c0dd6e 2794. [bug] Install <isc/namespace.h>. [RT #20677] 2009-11-30 21:34:57 +00:00
Vernon Schryver
5d9922e86f Allow the optional filter-aaaa-on-v4 option in view statements to close #20635 2009-11-28 15:57:37 +00:00
Automatic Updater
3e920dd0c6 update copyright notice 2009-11-26 23:48:14 +00:00
Mark Andrews
66ecb6789b 2790. [bug] Handle DS queries to stub zones. 2009-11-26 03:28:19 +00:00
Automatic Updater
2b2fc9b4df update copyright notice 2009-11-25 23:49:22 +00:00
Mark Andrews
536e36ac8d declarations before statements 2009-11-25 13:17:59 +00:00
Evan Hunt
cfc22e53a8 2789. [bug] Fixed an INSIST in dispatch.c [RT #20576] 2009-11-25 05:55:32 +00:00
Evan Hunt
fc1fb1a469 2786. [bug] Spurious log message when zone keys were 
dynamically reconfigured. [RT #20659]
 2009-11-25 02:30:54 +00:00
Mark Andrews
d0ca4e90e2 2786. [bug] Additional could be promoted to answer. [RT #20663] 2009-11-25 02:22:05 +00:00
Automatic Updater
b314ea10b4 update copyright notice 2009-11-24 23:48:12 +00:00
Evan Hunt
d312bc5d81 2785. [bug] Revoked keys could fail to self-sign [RT #20652] 2009-11-24 03:42:32 +00:00
Mark Andrews
9dd2ee95f1 2784. [bug] TC was not always being set when required glue was 
dropped. [RT #234186]
 2009-11-24 03:20:02 +00:00
Automatic Updater
94e3a63110 update copyright notice 2009-11-23 23:48:16 +00:00
Evan Hunt
5985af3f5c 2781. [bug] Inactive keys could be used for signing. [RT #20649] 2009-11-23 15:18:07 +00:00
Evan Hunt
cef109efa7 2780. [bug] dnssec-keygen -A none didn't properly unset the 
activation date in all cases. [RT #20648]

2779.	[bug]		Dynamic key revokation could fail. [RT #20644]

2778.	[bug]		dnssec-signzone could fail when a key was revoked
			without deleting the unrevoked version. [RT #20638]
 2009-11-23 02:55:41 +00:00
Mark Andrews
c16d37d06e 2776. [bug] Change #2762 was not correct. [RT #20647] 2009-11-23 02:10:16 +00:00
Automatic Updater
fe2b9bf570 update copyright notice 2009-11-18 23:48:07 +00:00
Evan Hunt
b08325a7f3 2773. [bug] In autosigned zones, the SOA could be signed 
with the KSK. [RT #20628]
 2009-11-18 21:22:31 +00:00
Evan Hunt
2ad776a5c4 changed age to 0 2009-11-18 16:46:10 +00:00
Evan Hunt
af52d6ddd7 prep for release of 9.7.0b3 2009-11-18 00:30:37 +00:00
Mark Andrews
a39a5f4d81 2772. [security] When validating, track whether pending data was from 
the additional section or not and only return it if
                        validates as secure. [RT #20438]
 2009-11-17 23:55:18 +00:00
Automatic Updater
e34e9a8d68 update copyright notice 2009-11-17 23:48:13 +00:00
Evan Hunt
7ee4b13ded 2771. [bug] dnssec-signzone: DNSKEY records could be 
corrupted when importing from key files [RT #20624]
 2009-11-17 05:46:53 +00:00
Evan Hunt
44a3999cf4 2770. [cleanup] Add log messages to resolver.c to indicate events 
causing FORMERR responses. [RT #20526]
 2009-11-17 02:23:15 +00:00
Evan Hunt
7048af0a55 2769. [cleanup] Change #2742 was incomplete. [RT #19589] 2009-11-16 07:56:06 +00:00
Evan Hunt
e856482b1f 2767. [bug] named could crash on startup if a zone was 
configured with auto-dnssec and there was no
			key-directory. [RT #20615]
 2009-11-16 01:44:33 +00:00
Evan Hunt
37a34ab54f 2766. [bug] isc_socket_fdwatchpoke() should only update the 
socketmgr state if the socket is not pending on a
			read or write.  [RT #20603]
 2009-11-13 00:41:58 +00:00
Automatic Updater
53d502202a update copyright notice 2009-11-12 23:47:59 +00:00
Evan Hunt
86132f0ef5 eliminate warning when building without -DBIND9 2009-11-12 23:43:02 +00:00
Mark Andrews
1d0ebb4cf2 2765. [bug] Skip masters for which the TSIG key cannot be found. 
[RT #20595]
 2009-11-12 23:30:36 +00:00
Evan Hunt
e9dff04d3b 2763. [bug] "rndc sign" didn't create an NSEC chain. [RT #20591] 2009-11-12 03:03:36 +00:00
Evan Hunt
0c3948e606 2761. [bug] DLV validation failed with a local slave DLV zone. 
[RT #20577]
 2009-11-12 02:59:20 +00:00
Evan Hunt
5857247dbb 2758. [bug] win32: Added a workaround for a windows 2008 bug 
that could cause the UDP client handler to shut
			down. [RT #19176]
 2009-11-10 18:31:47 +00:00
Evan Hunt
5c6c5669ec #include <time.h> for the ctime() prototype. 2009-11-07 03:36:58 +00:00
Mark Andrews
df1599d0e1 address initialization type mismatch warning 2009-11-06 04:19:28 +00:00
Mark Andrews
7963a67df0 address statement not reached warning 2009-11-06 04:12:15 +00:00
Evan Hunt
c1bfa5b0ad 2753. [bug] Removed an unnecessary warning that could appear when 
building an NSEC chain. [RT #20588]
 2009-11-06 03:26:59 +00:00
Evan Hunt
aa2f010f13 Switch from OpenSSL 0.9.8k to 0.9.8l 2009-11-06 03:14:10 +00:00
Mark Andrews
302ed789bd 2752. [bug] Locking violation. [RT #20587] 2009-11-06 01:30:06 +00:00
Evan Hunt
ca97301c37 remove extra \n from a log message 2009-11-05 21:45:05 +00:00
Automatic Updater
2d84cba8f4 update copyright notice 2009-11-04 23:48:18 +00:00
Mark Andrews
7efc6d9cb8 cleanup [RT #20509] 2009-11-04 05:58:46 +00:00
Mark Andrews
2484c7db7a spelling 2009-11-04 04:22:16 +00:00
Mark Andrews
e94fe42a20 2749. [bug] ixfr-from-differences generated a non-minimal ixfr 
for NSEC3 signed zones. [RT #20452]
 2009-11-04 03:46:44 +00:00
Mark Andrews
0a30185f80 2748. [func] Identify bad answers from GTLD servers and treat them 
as referrals. [RT #18884]
 2009-11-04 02:15:30 +00:00
Mark Andrews
0181a0a92f 2747. [bug] Journal roll forwards failed to set the re-signing 
time of RRSIGs correctly. [RT #20541]
 2009-11-04 01:25:55 +00:00
Mark Andrews
a3285e811d 2746. [port] hpux: address signed/unsigned expansion mismatch of 
dns_rbtnode_t.nsec. [RT #20542]
 2009-11-04 01:18:19 +00:00
Automatic Updater
126dce8ebf update copyright notice 2009-11-03 23:48:23 +00:00
Mark Andrews
5ccd971c72 UNUSED(engine) if !defined(OPENSSL) 2009-11-03 19:43:54 +00:00
Mark Andrews
554d22d2de 2743. [bug] RRSIG could be incorrectly sent in the NSEC3 record 
for a insecure delegation.
 2009-11-03 01:07:48 +00:00
Mark Andrews
8a0943e125 silence compiler warnings. [RT #20472] 2009-10-30 05:08:23 +00:00
Mark Andrews
4c53f98dbd RFC5702 2009-10-28 21:08:18 +00:00
Evan Hunt
3684692720 update def file 2009-10-28 18:39:47 +00:00
Evan Hunt
5b72cda36b update API and def files for 9.7.0b2 release 2009-10-28 18:13:24 +00:00
Evan Hunt
5cb44a38d9 back out change 2740 2009-10-28 18:04:29 +00:00
Evan Hunt
be69d48443 2742. [cleanup] Clarify some DNSSEC-related log messages in 
validator.c. [RT #19589]
 2009-10-28 05:34:21 +00:00
Automatic Updater
990dca4605 update copyright notice 2009-10-27 23:47:45 +00:00
Mark Andrews
e9d45c0a04 2740. [func] Identify bad answers from GTLD servers and treat them 
as referrals. [RT #18884]
 2009-10-27 23:05:53 +00:00
Evan Hunt
95f2377b4f 2739. [cleanup] Clean up API for initializing and clearing trust 
anchors for a view. [RT #20211]
 2009-10-27 22:46:13 +00:00
Mark Andrews
e09cdbac08 2738. [func] Add RSASHA256 and RSASHA512 tests to the dnssec system 
test. [RT #20453]
 2009-10-27 22:25:37 +00:00
Mark Andrews
63d5a6f680 2736. [func] Improve the performance of NSEC signed zones with 
more than a normal amount of glue below a delegation.
                        [RT #20191]
 2009-10-27 04:46:58 +00:00
Evan Hunt
e8831e51c1 2735. [bug] dnssec-signzone could fail to read keys 
that were specified on the command line with
			full paths, but weren't in the current
			directory. [RT #20421]
 2009-10-27 03:59:45 +00:00
Automatic Updater
5f744ebbdc update copyright notice 2009-10-26 23:47:35 +00:00
Evan Hunt
c8aa7ce70d 2732. [func] Add optional filter-aaaa-on-v4 option, available 
if built with './configure --enable-filter-aaaa'.
			Filters out AAAA answers to clients connecting
			via IPv4.  (This is NOT recommended for general
			use.) [RT #20339]
 2009-10-26 23:14:54 +00:00
Evan Hunt
c021499604 2731. [func] Additional work on change 2709. The key parser 
will now ignore unrecognized fields when the
			minor version number of the private key format
			has been increased.  It will reject any key with
			the major version number increased. [RT #20310]
 2009-10-26 21:18:24 +00:00
Automatic Updater
0da9fafc18 update copyright notice 2009-10-24 23:47:36 +00:00
Francis Dupont
775a8d86d9 keygen progress indication [RT #20284] 2009-10-24 09:46:19 +00:00
Automatic Updater
510032fdf4 update copyright notice 2009-10-22 23:48:07 +00:00
Evan Hunt
cc6cddfd94 2726. [func] Added support for SHA-2 DNSSEC algorithms, 
RSASHA256 and RSASHA512. [RT #20023]
 2009-10-22 02:21:31 +00:00
Automatic Updater
3cae549ddb update copyright notice 2009-10-21 23:48:05 +00:00
Evan Hunt
8ec993c774 2723. [bug] isc_base32_totext(), isc_base32hex_totext(), and 
isc_base64_totext(), didn't always mark regions of
			memory as fully consumed after conversion.  [RT #20445]
 2009-10-21 01:22:29 +00:00
Automatic Updater
b15df8f9bc update copyright notice 2009-10-20 23:47:32 +00:00
Mark Andrews
7704a47aec 2722. [bug] Ensure that the memory associated with the name of 
a node in a rbt tree is not altered during the life
                        of the node. [RT #20431]
 2009-10-20 04:57:57 +00:00
Mark Andrews
a01095a487 2721. [port] Have dst__entropy_status() prime the random number 
generator. [RT #20369]
 2009-10-20 04:39:48 +00:00
Evan Hunt
bfbd69c43f 2720. [bug] RFC 5011 trust anchor updates could trigger an 
assert if the DNSKEY record was unsigned. [RT #20406]
 2009-10-20 04:13:38 +00:00
Mark Andrews
3c5e54941f 2718. [bug] The space calculations in opensslrsa_todns() were 
incorrect. [RT #20394]
 2009-10-20 02:59:19 +00:00
Mark Andrews
29dd4bdd14 2717. [bug] named failed to update the NSEC/NSEC3 record when 
the last private type record was removed as a result
                        of completing the signing the zone with a key.
                        [RT #20399]
 2009-10-20 02:45:06 +00:00
Mark Andrews
9ac35b4e4d grammar, line length 2009-10-19 02:37:08 +00:00
Automatic Updater
8ab6a775bb update copyright notice 2009-10-16 23:47:54 +00:00
Evan Hunt
8f7de3db7e Respinning to fix memory leak in dnssec-signzone. (Also adopting doc changes.) 2009-10-16 02:59:41 +00:00
Automatic Updater
f6cd5ef97a update copyright notice 2009-10-14 23:47:51 +00:00
Mark Andrews
cbee6197d1 2713. [bug] powerpc: atomic operations missing asm("ics") / 
__isync() calls.
 2009-10-14 03:54:23 +00:00
Evan Hunt
19ac4707ee changes needed for win32 build 2009-10-13 00:55:51 +00:00
Automatic Updater
97639003b0 update copyright notice 2009-10-12 23:48:02 +00:00
Evan Hunt
77b8f88f14 2712. [func] New 'auto-dnssec' zone option allows zone signing 
to be fully automated in zones configured for
			dynamic DNS.  'auto-dnssec allow;' permits a zone
			to be signed by creating keys for it in the
			key-directory and using 'rndc sign <zone>'.
			'auto-dnssec maintain;' allows that too, plus it
			also keeps the zone's DNSSEC keys up to date
			according to their timing metadata. [RT #19943]
 2009-10-12 20:48:12 +00:00
Mark Andrews
30bb4870da remove, not zero, extended flags 2009-10-12 09:03:06 +00:00
Mark Andrews
11804ca08f zero extended flags 2009-10-12 08:57:38 +00:00
Mark Andrews
515053881b remove extended flags before comparing if set 2009-10-12 06:05:29 +00:00
Mark Andrews
af20baa960 silence compiler warning/enforce const [RT #20390] 2009-10-12 05:50:52 +00:00
Automatic Updater
8667770ad2 update copyright notice 2009-10-10 23:47:58 +00:00
Evan Hunt
3727725bb7 2710. [func] New 'dnssec-signzone -x' flag and 'dnskey-ksk-only' 
zone option cause a zone to be signed with only KSKs
			signing the DNSKEY RRset, not ZSKs.  This reduces
			the size of a DNSKEY answer.  [RT #20340]
 2009-10-10 01:48:00 +00:00
Mark Andrews
0d9fb986c5 silence comiler warning 2009-10-10 01:13:39 +00:00
Automatic Updater
8a07de2f03 update copyright notice 2009-10-09 23:48:09 +00:00
Evan Hunt
315a1514a5 2709. [func] Added some data fields, currently unused, to the 
private key file format, to allow implementation
			of explicit key rollover in a future release
			without impairing backward or forward compatibility.
			[RT #20310]
 2009-10-09 06:09:21 +00:00
Mark Andrews
d1bcaec0d6 2708. [func] Insecure to secure and NSEC3 parameter changes via 
update are now fully supported and no longer require
                        defines to enable.  We now no longer overload the
                        NSEC3PARAM flag field, nor the NSEC OPT bit at the
                        apex.  Secure to insecure changes are controlled by
                        by the named.conf option 'secure-to-insecure'.

                        Warning: If you had previously enabled support by
                        adding defines at compile time to BIND 9.6 you should
                        ensure that all changes that are in progress have
                        completed prior to upgrading to BIND 9.7.  BIND 9.7
                        is not backwards compatible.
 2009-10-09 00:33:39 +00:00
Mark Andrews
bb4e0bd8e8 silence ininitialised 2009-10-08 23:58:14 +00:00
Mark Andrews
0838b3c02f Recompute check_ksk as it may have changed 2009-10-08 23:55:57 +00:00
Automatic Updater
15bbb8a129 update copyright notice 2009-10-08 23:48:10 +00:00
Mark Andrews
2847930722 2708. [func] Insecure to secure and NSEC3 parameter changes via 
update are now fully supported and no longer require
                        defines to enable.  We now no longer overload the
                        NSEC3PARAM flag field, nor the NSEC OPT bit at the
                        apex.  Secure to insecure changes are controlled by
                        by the named.conf option 'secure-to-insecure'.

                        Warning: If you had previously enabled support by
                        adding defines at compile time to BIND 9.6 you should
                        ensure that all changes that are in progress have
                        completed prior to upgrading to BIND 9.7.  BIND 9.7
                        is not backwards compatible.
 2009-10-08 23:13:07 +00:00
Evan Hunt
246c504f90 2706. [bug] Loading a zone with a very large NSEC3 salt could 
trigger an assert. [RT #20368]
 2009-10-06 21:20:45 +00:00
Automatic Updater
e74245134d update copyright notice 2009-10-06 04:40:14 +00:00
Automatic Updater
464f9144fe update copyright notice 2009-10-05 23:48:27 +00:00
Evan Hunt
ea845a6b72 Rebase all of the API files to interface=60, as this is the first 
beta of a new major release.
 2009-10-05 22:01:26 +00:00
Evan Hunt
3ff75c89eb 2704. [bug] Serial of dynamic and stub zones could be inconsistent 
with their SOA serial.  [RT #19387]
 2009-10-05 19:39:20 +00:00
Francis Dupont
3c52c4e44c 20230 update 2009-10-05 17:39:36 +00:00
Francis Dupont
8b78c993cb explicit engine rt20230a 2009-10-05 17:30:49 +00:00
Automatic Updater
4fa2649d57 update copyright notice 2009-10-03 23:48:10 +00:00
Evan Hunt
c36ba263d6 2699. [bug] Missing lock in rbtdb.c. [RT #20037] 2009-10-03 22:39:27 +00:00
Evan Hunt
1210799345 Add /* NOTREACHED */ comments 2009-10-03 18:03:54 +00:00
Automatic Updater
edb08fdf7b update copyright notice 2009-10-01 23:48:08 +00:00
Mark Andrews
cf7432f747 2697. [port] win32: ensure that S_IFMT, S_IFDIR, S_IFCHR and 
S_IFREG are defined after including <isc/stat.h>.
                        [RT #20309]
 2009-10-01 04:43:30 +00:00
Mark Andrews
eb95d2e917 2696. [bug] named failed to successfully process some valid 
acl constructs. [RT #20308]
 2009-10-01 04:06:37 +00:00
Shawn Routhier
bafa76b324 Updates to fdwatch code to support DHCP/DDNS code, ticket rt20253. 2009-10-01 01:30:01 +00:00
Automatic Updater
61dd99bfae update copyright notice 2009-09-29 23:48:04 +00:00
Francis Dupont
debd489a44 noreturn RT #20257 2009-09-29 15:06:07 +00:00
Mark Andrews
1e733ffc11 2792. [port] win32: 32/64 bit cleanups. [RT #128244] 2009-09-29 04:38:23 +00:00
Automatic Updater
627f3e0805 update copyright notice 2009-09-25 23:48:13 +00:00
Mark Andrews
ff850b81c8 2690. [bug] win32: fix isc_thread_key_getspecific() prototype. 
[RT #20315]
 2009-09-25 05:48:17 +00:00
Mark Andrews
ef830a7750 use (char *) for {get,set}sockopt argument 2009-09-25 02:44:06 +00:00
Mark Andrews
11144f86dc silence signed/unsigned comparision warning 2009-09-25 01:42:09 +00:00
Automatic Updater
b4336342d1 update copyright notice 2009-09-24 23:48:13 +00:00
Mark Andrews
0f869e8d52 2689. [bug] Correctly handle snprintf result. [RT #20306] 2009-09-24 22:19:08 +00:00
Francis Dupont
c59a7b0629 missing updates in recent changes 2009-09-24 14:39:17 +00:00
Mark Andrews
69338455d9 2688. [bug] Use INTERFACE_F_POINTTOPOINT, not IFF_POINTOPOINT, 
to decide to fetch the destination address. [RT #20305]
 2009-09-24 06:37:50 +00:00
Evan Hunt
53c22b8e0d 2685. [bug] Fixed dnssec-signzone -S handling of revoked keys. 
Also, added warnings when revoking a ZSK, as this is
			not defined by protocol (but is legal).  [RT #19943]
 2009-09-23 16:01:57 +00:00
Francis Dupont
6839f8b6df cleanup USE_EVP_RSA (RT #20044) 2009-09-23 11:16:50 +00:00
Francis Dupont
adb6972f01 minor fix, cf 20295 2009-09-22 08:38:14 +00:00
Tatuya JINMEI 神明達哉
790e471f6e 2681. [bug] IPSECKEY RR of gateway type 3 was not correctly 
decoded [RT #20269].

BIND 9.7.0, 9.6.2, 9.5.2, 9.4.4
 2009-09-18 21:55:21 +00:00
Tatuya JINMEI 神明達哉
148e9f3feb removed a non-existent .h. gmake (which is assumed to be used to build 
the exportlib) ignores it so it doesn't cause a trouble in practice, but
should still better be fixed.

(found by Shawn, I confirmed it.)
 2009-09-18 07:18:04 +00:00
Evan Hunt
b843f577bb 2677. [func] Changes to key metadata behavior: 
- Keys without "publish" or "active" dates set will
			  no longer be used for smart signing.  However,
			  those dates will be set to "now" by default when
			  a key is created; to generate a key but not use
			  it yet, use dnssec-keygen -G.
			- New "inactive" date (dnssec-keygen/settime -I)
			  sets the time when a key is no longer used for
			  signing but is still published.
			- The "unpublished" date (-U) is deprecated in
			  favor of "deleted" (-D).
			[rt20247]
 2009-09-14 18:45:45 +00:00
Automatic Updater
6d7e30b030 update copyright notice 2009-09-10 23:48:00 +00:00
Evan Hunt
f267b27f0e 2675. [bug] dnssec-signzone could crash if the key directory 
did not exist. [RT #20232]
 2009-09-10 05:09:31 +00:00
Evan Hunt
0e7cb68ea0 fix implicit memset() declaration 2009-09-10 02:18:40 +00:00
Evan Hunt
dbabab1f37 rt20045: 
- sync_keyzone() could leak ISC_R_NOMORE, causing zone_postload() to think
  it had failed
- journal roll-forward on key zones complained about having the wrong
  number of SOA records
- dns_soa_buildrdata() could return a pointer to memory allocated on the
  stack
 2009-09-10 01:47:09 +00:00
Automatic Updater
d8b801bd19 update copyright notice 2009-09-08 23:41:50 +00:00
Francis Dupont
e7de5dcef6 typo, cf RT20219 2009-09-08 13:04:29 +00:00
Francis Dupont
1f821c1058 merge rt19294 2009-09-07 12:58:33 +00:00
Mark Andrews
0b8385f5c5 2670. [bug] Unexpected connect failures failed to log enough 
information to be useful. [RT #20205]
 2009-09-07 02:08:51 +00:00
Tatuya JINMEI 神明達哉
457144a0c6 explained the portability workaround macro for isc__ vs isc___ 2009-09-04 18:51:37 +00:00
Tatuya JINMEI 神明達哉
2eb6a502bc added a missing .c file to SRC 2009-09-04 18:13:44 +00:00
Evan Hunt
82629edf81 jinmei's updated mem.h, which uses macros to generate function prototypes. 
this change was needed to support the bind9 build and export library build
on both *nix and win32.  cleanup from change 2660/rt19369.
 2009-09-04 17:47:26 +00:00
Automatic Updater
7b1894bec1 update copyright notice 2009-09-03 23:48:13 +00:00
Tatuya JINMEI 神明達哉
af55bddf26 cleanup: fixed incorrect ifdef [RT #20210] 2009-09-03 21:55:13 +00:00
Tatuya JINMEI 神明達哉
0984eeca5b added workaround for a recent change thatview->secroots is not created 
with view. [RT #20209]
 2009-09-03 21:45:46 +00:00
Evan Hunt
2e46523695 update cvsignore files 2009-09-03 20:28:46 +00:00
Mark Andrews
bbc204a237 2669. [func] Update PKCS#11 support to support Keyper HSM. 
Update PKCS#11 patch to be against openssl-0.9.8i.
 2009-09-03 04:09:58 +00:00
Evan Hunt
9f8d002a66 silence win32 compiler warnings 2009-09-03 00:12:23 +00:00
Evan Hunt
c164f233b4 s/isc__mem_reallocate/isc___mem_reallocate/ 2009-09-02 23:51:55 +00:00
Automatic Updater
d7201de09b update copyright notice 2009-09-02 23:48:03 +00:00
Evan Hunt
e7c38ca963 - define isc_mem_reallocate() in the abstract API for export lib [rt20208] 
- define BIND9 in config.h.win32
- fix problems in mem.h caused by the win32 preprocessor failing to
  expand macros used within macros
- silence a win32 compiler warning in hip_55.c
 2009-09-02 23:43:54 +00:00
Evan Hunt
fff4ec3629 add /D BIND9 for win32 build 2009-09-02 19:36:36 +00:00
Evan Hunt
41e251fad0 add backtrace.c, backtrace.h, backtrace-emptytbl.c, backtrace-emptytbl.h 
to win32 build
 2009-09-02 19:01:49 +00:00
Tatuya JINMEI 神明達哉
9dbca282e4 corrected trivial comment errors (reviewed by Evan in jabber) 2009-09-02 18:38:40 +00:00
Evan Hunt
f0eecd4d62 changes needed for win32 build 2009-09-02 18:32:25 +00:00
Evan Hunt
0c1326fa62 add /D "BIND9" for win32 builds 
(we'll probably need a different project file for creating an exportable DLL)
 2009-09-02 18:00:51 +00:00
Evan Hunt
e30d8c5a47 missing include needed for win32 build 2009-09-02 17:58:06 +00:00
Evan Hunt
a21cde0291 update win32 libisc.def 2009-09-02 17:23:45 +00:00
Evan Hunt
3a6b6f5b11 remove references to the "ddns-autoconf" option, which no longer exists 2009-09-02 16:10:03 +00:00
Evan Hunt
eab9975bcf 2668. [func] Several improvements to dnssec-* tools, including: 
- dnssec-keygen and dnssec-settime can now set key
			  metadata fields 0 (to unset a value, use "none")
			- dnssec-revoke sets the revocation date in
			  addition to the revoke bit
			- dnssec-settime can now print individual metadata
			  fields instead of always printing all of them,
			  and can print them in unix epoch time format for
			  use by scripts
			[RT #19942]
 2009-09-02 06:29:01 +00:00
Tatuya JINMEI 神明達哉
8fec8134ea suppress compiler warnings [RT #20203] 2009-09-02 04:25:19 +00:00
Automatic Updater
823ca3c14f update copyright notice 2009-09-01 23:47:45 +00:00
Tatuya JINMEI 神明達哉
ae16941d9f cleanup: removed a redundant semi-colon 2009-09-01 23:05:33 +00:00
Tatuya JINMEI 神明達哉
d364948549 treat FD_SIZE as int (which can be defined as unsigned on some platforms) 
to silence compiler
 2009-09-01 22:52:27 +00:00
Evan Hunt
93ebf0fc08 - add .cvsignore files 
- silence tinderbox warnings about missing config.h in a few files.
 2009-09-01 20:13:44 +00:00
Tatuya JINMEI 神明達哉
a27fe4c990 2667. [func] Add support for logging stack backtrace on assertion 
failure (not available for all platforms). [RT #19780]
9.7.0
 2009-09-01 18:40:25 +00:00
Tatuya JINMEI 神明達哉
588f79e557 fixed build error on hpux due to gai_strerror() prototype mismatch 
[RT #20194]
 2009-09-01 17:54:16 +00:00
Tatuya JINMEI 神明達哉
44de0b1f7d 2666. [func] Added an 'options' argument to dns_name_fromstring() 
(API change from 9.7.0a2). [RT #20196]
 2009-09-01 17:36:51 +00:00
Tatuya JINMEI 神明達哉
965b6e2a1b fixed trivial errors about the type of function return values 2009-09-01 08:12:33 +00:00
Evan Hunt
85be60e3c8 2665. [func] Clarify syntax for managed-keys {} statement, add 
ARM documentation about RFC 5011 support. [RT #19874]
 2009-09-01 07:14:26 +00:00
Evan Hunt
b1f3364f52 2664. [bug] create_keydata() and minimal_update() in zone.c 
didn't properly check return values for some
			functions.  [RT #19956]
 2009-09-01 07:04:12 +00:00
Evan Hunt
ef22fffeeb 2662. [bug] lwres_getipnodebyname() and lwres_getipnodebyaddr() 
returned a misleading error code when lwresd was
			down. [RT #20028]

2661.	[bug]		Check whether socket fd exceeds FD_SETSIZE when
			creating lwres context. [RT #20029]
 2009-09-01 05:50:18 +00:00
Tatuya JINMEI 神明達哉
9eae5f2a7a added include <config.h> 2009-09-01 03:43:27 +00:00
Mark Andrews
e2a61b7bb2 add #include <isc/print.h> 2009-09-01 02:54:26 +00:00
Tatuya JINMEI 神明達哉
307d208450 2660. [func] Add a new set of DNS libraries for non-BIND9 
applications.  See README.libdns. [RT #19369]
 2009-09-01 00:22:28 +00:00
Evan Hunt
747abb4993 2658. [bug] dnssec-settime and dnssec-revoke didn't process 
key file paths correctly. [RT #20078]
 2009-08-28 03:13:08 +00:00
Mark Andrews
11b4f17027 2657. [cleanup] Lower "journal file <path> does not exist, creating it" 
log level to debug 1. [RT #20058]
 2009-08-25 07:41:28 +00:00
Francis Dupont
995f3bc4c4 indent 2009-08-23 11:44:44 +00:00
Mark Andrews
97a2451eea 2653. [bug] Treat ENGINE_load_private_key() failures as key 
not found rather than out of memory.  [RT #18033]
 2009-08-18 07:45:14 +00:00
Automatic Updater
800fb35bf0 update copyright notice 2009-08-15 23:48:06 +00:00
Evan Hunt
181b990c21 Back out change #2652 2009-08-15 05:03:14 +00:00
Evan Hunt
38cd84d1b3 2652. [bug] lwres_getipnodebyname() and lwres_getipnodebyaddr() 
returned a misleading error code when lwresd was
			down. [RT #20028]
 2009-08-15 03:11:57 +00:00
Mark Andrews
ece6c39dd8 missing semicolon 2009-08-14 07:51:08 +00:00
Evan Hunt
ddc225b15d 2651. [bug] Dates could print incorrectly in K*.key files on 
64-bit systems. [RT #20076]
 2009-08-14 06:28:40 +00:00
Automatic Updater
1f5dc0fc22 update copyright notice 2009-08-13 07:14:05 +00:00
Mark Andrews
bcd0cbfdae 2649. [bug] Set the domain for forward only zones. [RT #19944] 2009-08-13 04:33:51 +00:00
Mark Andrews
1d9958c6cc 2648. [port] win32: isc_time_seconds() was broken. [RT #19900] 2009-08-13 03:34:10 +00:00
Mark Andrews
8cff1a894f 2647. [bug] Remove unnecessary SOA updates when a new KSK is 
added. [RT #19913]
 2009-08-13 02:53:01 +00:00
Mark Andrews
048690a34d 2646. [bug] Incorrect cleanup on error in socket.c. [RT #19987] 2009-08-13 02:11:20 +00:00
Evan Hunt
33a31c5cab fix a comment ("ddns.key" should have been changed to "session.key"). 2009-07-31 23:43:23 +00:00
Evan Hunt
a3288b425a 2642. [bug] nsupdate could dump core on solaris when reading 
improperly formatted key files.  [RT #20015]
 2009-07-29 23:45:24 +00:00
Evan Hunt
9069215eac 2641. [bug] Fixed an error in parsing update-policy syntax, 
added a regression test to check it. [RT #20007]
 2009-07-29 17:52:00 +00:00
Mark Andrews
6a1a8186af 2638. [bug] Silence compiler warnings in gssapi code. [RT #19954] 2009-07-21 06:53:09 +00:00
Mark Andrews
f1de96a386 char mechbuf[17] -> unsigned char mechbuf[17] 2009-07-20 01:55:37 +00:00
Automatic Updater
26d8ffe715 update copyright notice 2009-07-19 23:47:55 +00:00
Evan Hunt
9edd523c22 more win32 build fixes 2009-07-19 05:06:48 +00:00
Evan Hunt
b1fa84a099 win32 build fixes 2009-07-19 04:50:15 +00:00
Evan Hunt
553ead32ff 2636. [func] Simplify zone signing and key maintenance with the 
dnssec-* tools.  Major changes:
			- all dnssec-* tools now take a -K option to
			  specify a directory in which key files will be
			  stored
			- DNSSEC can now store metadata indicating when
			  they are scheduled to be published, acttivated,
			  revoked or removed; these values can be set by
			  dnssec-keygen or overwritten by the new
			  dnssec-settime command
			- dnssec-signzone -S (for "smart") option reads key
			  metadata and uses it to determine automatically
			  which keys to publish to the zone, use for
			  signing, revoke, or remove from the zone
			[RT #19816]
 2009-07-19 04:18:05 +00:00
Automatic Updater
4a979d3577 update copyright notice 2009-07-17 23:47:41 +00:00
Evan Hunt
3967528c77 2635. [bug] isc_inet_ntop() incorrectly handled 0.0/16 addresses. 
[RT #19716]
 2009-07-17 22:01:44 +00:00
Evan Hunt
aeff7de836 2634. [port] win32: Add support for libxml2, enable 
statschannel. [RT #19773]
 2009-07-17 06:25:45 +00:00
Mark Andrews
2792e226c7 2633. [bug] Handle 15 bit rand() functions. [RT #19783] 2009-07-16 05:52:46 +00:00
Automatic Updater
3e12c54de2 update copyright notice 2009-07-14 23:47:54 +00:00
Evan Hunt
08f860f800 2630. [func] Improved syntax for DDNS autoconfiguration: use 
"update-policy local;" to switch on local DDNS in a
			zone.  [RT #19875]
 2009-07-14 22:54:57 +00:00
Automatic Updater
fd4dcaddae update copyright notice 2009-07-13 23:47:42 +00:00
Evan Hunt
943cbe8ae5 2627. [bug] Named aborted if the same key was included in 
trusted-keys more than once. [RT #19918]
 2009-07-13 21:53:03 +00:00
Evan Hunt
ef370118d5 2626. [bug] Multiple trusted-keys could trigger an assertion 
failure. [RT #19914]
 2009-07-13 21:49:57 +00:00
Mark Andrews
5b7525f51f 2625. [bug] Missing UNLOCK in rbtdb.c. [RT #19865] 2009-07-13 07:03:47 +00:00
Mark Andrews
6d5852f318 2623. [bug] Named started seaches for DS non-optimally. [RT #19915] 2009-07-13 06:24:27 +00:00
Automatic Updater
4a14ce5ba0 regen 2009-07-11 01:12:47 +00:00
Automatic Updater
b655c721b6 update copyright notice 2009-07-10 23:47:58 +00:00
Mark Andrews
98e8948bd7 2622. [bug] Printing of named.conf grammar was broken. [RT #19919] 2009-07-10 07:33:21 +00:00
Automatic Updater
c8da39c6c7 update copyright notice 2009-07-02 23:47:26 +00:00
Mark Andrews
109580e7e5 2920. [bug] Delay thawing the zone until the reload of it has 
completed successfully.  [RT #19750]
 2009-07-02 07:39:03 +00:00
Automatic Updater
c6fb85f950 update copyright notice 2009-07-01 23:47:36 +00:00
Automatic Updater
f66c8eed51 update copyright notice 2009-06-30 23:48:01 +00:00
Evan Hunt
cfb1587eb9 2619. [func] Add support for RFC 5011, automatic trust anchor 
maintenance.  The new "managed-keys" statement can
			be used in place of "trusted-keys" for zones which
			support this protocol.  (Note: this syntax is
			expected to change prior to 9.7.0 final.) [RT #19248]
 2009-06-30 02:53:46 +00:00
Mark Andrews
01dbc4fc00 2618. [bug] The sdb and sdlz db_interator_seek() methods could 
loop infinitely. [RT #19847]
 2009-06-26 06:21:03 +00:00
Automatic Updater
eddfb6120c update copyright notice 2009-06-25 23:48:02 +00:00
Mark Andrews
86739ab72c Editorial nits. [RT #19815] 2009-06-25 05:28:34 +00:00
Mark Andrews
76110b31fe 2615. [bug] "__attribute__((unused))" was in the wrong place 
for ia64 gcc builds. [RT #19854]
 2009-06-24 02:22:50 +00:00
Evan Hunt
b272d38cc5 2612. [func] Add default values for the arguments to 
dnssec-keygen.  Without arguments, it will now
			generate a 1024-bit RSASHA1 zone-signing key,
			or with the -f KSK option, a 2048-bit RSASHA1
			key-signing key. [RT #19300]

2611.	[func]		Add -l option to dnssec-dsfromkey to generate
			DLV records instead of DS records. [RT #19300]
 2009-06-17 06:51:44 +00:00
Mark Andrews
b577875266 missing line breaks 2009-06-17 04:29:43 +00:00
Evan Hunt
76786c2904 - assorted changes needed for windows build 
- began versioning for 9.7.0a1
 2009-06-12 02:33:21 +00:00
Automatic Updater
754cb8a2b3 update copyright notice 2009-06-11 23:47:56 +00:00
Automatic Updater
b6306ef56e update copyright notice 2009-06-10 23:47:47 +00:00
Evan Hunt
18ad4708eb commit windows build changes needed for DDNS patch 2009-06-10 23:36:57 +00:00
Evan Hunt
351b62535d 2609. [func] Simplify the configuration of dynamic zones: 
- add ddns-confgen command to generate
			  configuration text for named.conf
			- add zone option "ddns-autoconf yes;", which
			  causes named to generate a TSIG session key
			  and allow updates to the zone using that key
			- add '-l' (localhost) option to nsupdate, which
			  causes nsupdate to connect to a locally-running
			  named process using the session key generated
			  by named
			[RT #19284]
 2009-06-10 00:27:22 +00:00
Mark Andrews
afbe695de3 "got insecure response; parent indicates it should be secure" wrongly emitted [RT #19800] 2009-06-09 22:57:09 +00:00
Mark Andrews
3d785d7666 dns_dnssec_selfsigns 2009-06-04 04:58:10 +00:00
Automatic Updater
39844d4710 update copyright notice 2009-06-04 02:56:47 +00:00
Mark Andrews
2534a73a59 2608. [func] Perform post signing verification checks in 
dnssec-signzone.  These can be disabled with -P.

                        The post sign verification test ensures that for each
                        algorithm in use there is at least one non revoked
                        self signed KSK key.  That all revoked KSK keys are
                        self signed.  That all records in the zone are signed
                        by the algorithm.  [RT #19653]
 2009-06-04 02:13:37 +00:00
Mark Andrews
f05a6b110f 2607. [bug] named could incorrectly delete NSEC3 records for 
empty nodes when processing a update request.
                        [RT #19749]
 2009-06-04 01:43:41 +00:00
Mark Andrews
0bc3af9834 2606. [bug] "delegation-only" was not being accepted in 
delegation-only type zones. [RT #19717]
 2009-06-03 00:04:38 +00:00
Automatic Updater
dc0c165ce3 update copyright notice 2009-06-02 23:47:50 +00:00
Mark Andrews
5422cf284f 2605. [bug] Accept DS responses from delegation only zones. 
[RT # 19296]
 2009-06-02 05:51:44 +00:00
Automatic Updater
e6ada020f5 update copyright notice 2009-05-29 23:47:49 +00:00
Tatuya JINMEI 神明達哉
40d0f115a6 2604. [func] Add support for DNS rebinding attack prevention through 
new options, deny-answer-addresses and
			deny-answer-aliases.  Based on contributed code from
			JD Nurmi, Google. [RT #18192]
 2009-05-29 22:22:37 +00:00
Mark Andrews
7be6336565 2602. [port] win32: fix debugging command line build of libisccfg. 
[RT #19767]
 2009-05-29 01:16:31 +00:00
Automatic Updater
cc5f9fe224 update copyright notice 2009-05-11 02:38:35 +00:00
Mark Andrews
8a805c9f41 spelling 2009-05-11 02:30:07 +00:00
Mark Andrews
4c2ed3d141 2599. [bug] Address rapid memory growth when validation fails. 
[RT #19654]
 2009-05-11 02:22:03 +00:00
Automatic Updater
54cdd2b307 update copyright notice 2009-05-07 23:47:44 +00:00
Francis Dupont
ff380b05fe comment fixes (rt19624) 2009-05-07 09:41:23 +00:00
Mark Andrews
e7eede965d 2597. [bug] Handle a validation failure with a insecure delegation 
from a NSEC3 signed master/slave zone.  [RT #19464]
 2009-05-07 02:34:19 +00:00
Automatic Updater
7a272c6b0d update copyright notice 2009-05-06 23:47:50 +00:00
Tatuya JINMEI 神明達哉
5d7849ad7f 2596. [bug] Stale tree nodes of cache/dynamic rbtdb could stay 
long, leading to inefficient memory usage or rejecting
			newer cache entries in the worst case. [RT #19563]
 2009-05-06 22:53:54 +00:00
Mark Andrews
d2c115f913 2590. [func] Report zone/class of "diff with no effect". [RT #19542] 2009-04-30 06:53:10 +00:00
Automatic Updater
542b74bec7 update copyright notice 2009-04-29 23:48:02 +00:00
Mark Andrews
f030c71500 2589. [bug] dns_db_unregister() failed to clear '*dbimp'. 
[RT #19626]
 2009-04-29 22:11:34 +00:00
Automatic Updater
d76bbb6c40 update copyright notice 2009-04-28 23:48:01 +00:00
Tatuya JINMEI 神明達哉
089f456eb3 2588. [bug] SO_REUSEADDR could be set unconditionally after failure 
of bind(2) call.  This should be rare and mostly
			harmless, but may cause interference with other
			processes that happen to use the same port. [RT #19642]
 2009-04-28 21:39:00 +00:00
Jeremy Reed
f20f19de19 2587. [func] Improve logging by reporting serial numbers for 
when zone serial has gone backwards or unchanged.
			[RT #19506]
 2009-04-28 12:48:35 +00:00
Automatic Updater
ab381c1e22 update copyright notice 2009-04-21 23:48:04 +00:00
Tatuya JINMEI 神明達哉
b1b0dca146 2586. [bug] Missing cleanup of SIG rdataset in searching a DLZ DB 
or SDB. [RT #19577]
 2009-04-21 00:41:02 +00:00
Tatuya JINMEI 神明達哉
cda7c783c3 2585. [bug] Uninitialized socket name could be referenced via a 
statistics channel, triggering an assertion failure in
			XML rendering. [RT #19427]
 2009-04-18 01:28:17 +00:00
Automatic Updater
cc0f37ba17 update copyright notice 2009-04-08 06:48:23 +00:00
Tatuya JINMEI 神明達哉
af2e2f5ed7 2584. [bug] alpha: gcc optimization could break atomic operations. 
[RT #19227]
 2009-04-08 05:46:22 +00:00
Tatuya JINMEI 神明達哉
3dc1cb7e96 wording fix for cpp error message (rt #19569) 2009-04-07 02:49:37 +00:00
Mark Andrews
64e161a7f7 2582. [bug] Don't emit warning log message when we attempt to 
remove non-existant journal. [RT #19516]
 2009-03-26 22:51:54 +00:00
Evan Hunt
6b9728dde7 ARM and log message changes to clarify "insecure response". [rt19400] 2009-03-23 22:30:57 +00:00
Automatic Updater
8e3d340655 update copyright notice 2009-03-17 23:48:02 +00:00
Mark Andrews
72dbc7216a 2579. [bug] DNSSEC lookaside validation failed to handle unknown 
algorithms. [RT #19479]
 2009-03-17 01:34:28 +00:00
Mark Andrews
56708c6fb4 2576. [bug] NSEC record were not being correctly signed when 
a zone transitions from insecure to secure.
                        Handle such incorrectly signed zones. [RET #19114]
 2009-03-13 01:35:18 +00:00
Automatic Updater
74f4bfde4a update copyright notice 2009-03-11 23:47:35 +00:00
Evan Hunt
3f8be559f0 2575. [func] New functions dns_name_fromstring() and 
dns_name_tostring(), to simplify conversion
			of a string to a dns_name structure and vice
			versa. [RT #19451]
 2009-03-11 07:02:34 +00:00
Automatic Updater
2464bd58eb update copyright notice 2009-03-05 23:47:36 +00:00
Mark Andrews
e422b84c73 2573. [bug] Replacing a non-CNAME record with a CNAME record in a 
single transaction in a signed zone failed. [RT #19397]
 2009-03-05 04:54:33 +00:00
Mark Andrews
f605647060 Undocumented firewall test hook. [RT #19398] 2009-03-05 03:13:55 +00:00
Automatic Updater
e61db954bf update copyright notice 2009-03-04 23:48:02 +00:00
Evan Hunt
3a30493983 2572. [func] Simplify DLV configuration, with a new option 
"dnssec-lookaside auto;"  This is the equivalent
			of "dnssec-lookaside . trust-anchor dlv.isc.org;"
			plus setting a trusted-key for dlv.isc.org.

			Note: The trusted key is hard-coded into named,
			but is also stored in (and can be overridden
			by) $sysconfdir/bind.keys.  As the ISC DLV key
			rolls over it can be kept up to date by replacing
			the bind.keys file with a key downloaded from
			https://www.isc.org/solutions/dlv. [RT #18685]
 2009-03-04 02:42:31 +00:00
Automatic Updater
4f91bcae43 update copyright notice 2009-03-02 23:47:43 +00:00
Mark Andrews
98b2be76fc 2567. [bug] dst__privstruct_writefile() could miss write errors. 
write_public_key() could miss write errors.
                        dnssec-dsfromkey could miss write errors.
                        [RT #19360]
 2009-03-02 03:01:04 +00:00
Mark Andrews
05c162292f 2567. [bug] dst__privstruct_writefile() could miss write errors. 
[RT #19360]
 2009-03-02 02:03:59 +00:00
Mark Andrews
d55bdffe2f report when chdir fails. [RT #19360] 2009-03-02 01:57:10 +00:00
Automatic Updater
3e63c43386 update copyright notice 2009-03-01 23:47:25 +00:00
Evan Hunt
bfe0517fdc Clarify logged message when an insecure DNSSEC response arrives from a zone 
thought to be secure: "insecurity proof failed" instead of "not insecure".
[RT #19400]
 2009-03-01 02:45:38 +00:00
Mark Andrews
549e34bbf4 2564. [bug] Only take EDNS fallback steps when processing timeouts. 
[RT #19405]
 2009-02-27 23:01:48 +00:00
Automatic Updater
92e4603c55 update copyright notice 2009-02-26 11:18:56 +00:00
Mark Andrews
e4c6491bbf 2565. [func] Add support for HIP record. Includes new functions 
dns_rdata_hip_first(), dns_rdata_hip_next()
                        and dns_rdata_hip_current().  [RT #19384]
 2009-02-26 06:09:19 +00:00
Mark Andrews
499fa72075 2564. [bug] 'named' was treating a TCP retry as a timeout when 
deciding whether to perform a EDNS fallback step.
                        [RT #19393]
 2009-02-25 22:46:05 +00:00
Automatic Updater
87a58323be update copyright notice 2009-02-18 23:47:48 +00:00
Mark Andrews
d53cade6ae add #include "config.h" 2009-02-18 06:44:58 +00:00
Mark Andrews
0f39e477c5 2660. [bug] Add #include <config.h> to iptable.c. [RET #18258] 2009-02-18 05:31:17 +00:00
Mark Andrews
803bf59371 silence 'Different types treated as unsigned for <=.' warning 2009-02-17 05:53:13 +00:00
Mark Andrews
eab2fb739e silence compiler warnings [RT #17079] 2009-02-17 03:40:28 +00:00
Automatic Updater
bf33eb0b52 update copyright notice 2009-02-16 23:48:04 +00:00
Mark Andrews
fd8c0286c1 silence 'Different types treated as unsigned for >.' warning 2009-02-16 03:19:40 +00:00
Mark Andrews
6fbeed7f8f silence 'Different types treated as unsigned for >=.' warning 2009-02-16 03:16:10 +00:00
Mark Andrews
e502b133d6 2556. [cleanup] PCI compliance: 
* new libisc log module file
                        * isc_dir_chroot() now also changes the working
                          directory to "/".
                        * additional INSISTs
                        * additional logging when files can't be removed.
 2009-02-16 02:01:16 +00:00
Mark Andrews
7d211b458f 2554. [bug] Validation of uppercase queries from NSEC3 zones could 
fail. [RT #19297]
 2009-02-15 23:46:23 +00:00
Mark Andrews
d2ef5b3c5c 2553. [bug] Reference leak on DNSSEC validation errors. [RT #19291] 2009-02-15 23:37:29 +00:00
Mark Andrews
45c3c12ed3 2552. [bug] zero-no-soa-ttl-cache was not being honoured. 
[RT #19340]
 2009-02-15 23:13:32 +00:00
Automatic Updater
bbdbde5fa0 update copyright notice 2009-02-13 23:48:14 +00:00
Mark Andrews
6cf047f100 2549. [port] linux: define NR_OPEN if not currently defined. 
[RT #19344]
 2009-02-13 09:15:18 +00:00
Automatic Updater
dd0adce112 update copyright notice 2009-02-12 23:47:56 +00:00
Mark Andrews
b663e99af6 2548. [bug] Install iterated_hash.h. [RT #19335] 2009-02-12 22:17:15 +00:00
Francis Dupont
b5297573c9 add 8 missing exports 2009-02-12 13:46:41 +00:00
Francis Dupont
d7d2a7fbad add isc__mem_reallocate() 2009-02-12 12:45:04 +00:00
Francis Dupont
ee620d5bd0 add stats 2009-02-12 11:32:57 +00:00
Tatuya JINMEI 神明達哉
77d90dc2b5 2547. [bug] openssl_link.c:mem_realloc() could reference an 
out-of-range area of the source buffer.  New public
			function isc_mem_reallocate() was introduced to address
			this bug. [RT #19313]
 2009-02-11 03:04:18 +00:00
Automatic Updater
53f0234c3e update copyright notice 2009-02-06 23:47:42 +00:00
Francis Dupont
c1d7e0562f OpenSSL hashes 2009-02-06 12:26:23 +00:00
Automatic Updater
c520b0f616 update copyright notice 2009-02-04 23:48:09 +00:00
Mark Andrews
ba576cf8e7 silence comiler warning. [RT #18630] 2009-02-04 04:43:42 +00:00
Tatuya JINMEI 神明達哉
5d0984f4fd 2544. [cleanup] Removed unused structure members in adb.c. [RT #19225] 2009-02-03 22:33:13 +00:00
Mark Andrews
870a748bae isc_statscounter_t 2009-01-31 00:37:04 +00:00
Mark Andrews
f19e6ef1eb 2541. [bug] Conditionally update dispatch manager statistics. 
[RT #19247]
 2009-01-31 00:10:24 +00:00
Mark Andrews
53cd44e716 2540. [func] Add a nibble mode to $GENERATE. [RT #1887] 2009-01-30 04:35:44 +00:00
Tatuya JINMEI 神明達哉
03ff5c04b8 missing 'ISC_LANG_BEGINDECLS' 2009-01-29 01:03:56 +00:00
Tatuya JINMEI 神明達哉
c82bb6a709 2538. [bug] cache/ADB memory could grow over max-cache-size, 
especially with threads and smaller max-cache-size
			values. [RT #19240]
 2009-01-28 23:20:23 +00:00
Automatic Updater
39a8abdb83 update copyright notice 2009-01-27 23:47:54 +00:00
Tatuya JINMEI 神明達哉
d9059b0c38 2537. [func] Added more statistics counters including those on socket 
I/O events and query RTT histograms.  [RT #18802]
 2009-01-27 22:30:00 +00:00
Automatic Updater
3bed8e9913 update copyright notice 2009-01-23 23:47:54 +00:00
Mark Andrews
0cee7fdce3 move formating out of msgcat 2009-01-23 01:27:12 +00:00
Mark Andrews
6bcb646fd1 undo one change from #2536 2009-01-23 01:15:41 +00:00
Automatic Updater
3319413a67 update copyright notice 2009-01-22 23:47:54 +00:00
Mark Andrews
f148f53794 2536. [cleanup] Silence some warnings when -Werror=format-security is 
specified. [RT #19083]
 2009-01-22 05:39:29 +00:00
Automatic Updater
83b86f3936 update copyright notice 2009-01-21 23:47:27 +00:00
Mark Andrews
31b7a2fed6 2534. [func] Check NAPTR records regular expressions and 
replacement strings to ensure they are syntaxically
                        valid and consistant. [RT #18168]
 2009-01-21 05:37:55 +00:00
Automatic Updater
9a14f870dd update copyright notice 2009-01-18 23:48:14 +00:00
Francis Dupont
98cc7e7c59 spelling 2009-01-18 18:08:22 +00:00
Francis Dupont
9b899a5758 spelling 2009-01-18 18:02:14 +00:00
Francis Dupont
a05abc1767 spelling 2009-01-18 00:50:21 +00:00
Francis Dupont
1016f2638f spelling 2009-01-18 00:34:19 +00:00
Francis Dupont
3b8b44559a spelling 2009-01-18 00:11:07 +00:00
Francis Dupont
23af793acb spelling 2009-01-18 00:06:06 +00:00
Automatic Updater
d362465c77 update copyright notice 2009-01-17 23:47:43 +00:00
Francis Dupont
0ef59d2288 spelling 2009-01-17 23:42:01 +00:00
Francis Dupont
b65746833b spelling 2009-01-17 23:13:19 +00:00
Francis Dupont
09eaa8e309 spelling 2009-01-17 15:18:15 +00:00
Francis Dupont
708383382f spelling 2009-01-17 15:12:26 +00:00
Francis Dupont
a344069fe8 spelling 2009-01-17 15:06:49 +00:00
Francis Dupont
bdfaef63f5 spelling 2009-01-17 14:59:03 +00:00
Francis Dupont
47b7dfffe5 spelling 2009-01-17 14:45:17 +00:00
Francis Dupont
584848087f spelling 2009-01-17 14:18:27 +00:00
Francis Dupont
340804cbdb spelling 2009-01-17 13:52:02 +00:00
Francis Dupont
a7e3a86619 spelling 2009-01-17 13:45:25 +00:00
Francis Dupont
08d44d4510 spelling 2009-01-17 13:33:29 +00:00
Francis Dupont
7d6d9c2240 spelling 2009-01-17 13:25:11 +00:00
Francis Dupont
45b4efd07f spelling 2009-01-17 12:56:23 +00:00
Francis Dupont
3678015d3f spelling 2009-01-17 11:57:25 +00:00
Automatic Updater
03faa7804e update copyright notice 2009-01-14 23:48:00 +00:00
Francis Dupont
fa7ef31685 integrate -P1 patch 2009-01-14 17:28:47 +00:00
Automatic Updater
9e0d0a279b update copyright notice 2009-01-09 23:47:46 +00:00
Tatuya JINMEI 神明達哉
7781f25078 2526. [func] New named option "attach-cache" that allows multiple 
views to share a single cache to save memory and
			improve lookup efficiency. [RT 18905]
 2009-01-09 22:24:37 +00:00
Automatic Updater
d7845fc5ba update copyright notice 2009-01-07 23:47:47 +00:00
Tatuya JINMEI 神明達哉
609f86163a 2525. [func] New logging category "query-errors" to provide detailed 
internal information about query failures, especially
			about server failures. [RT #19027]
 2009-01-07 01:46:40 +00:00
Automatic Updater
0cfbb9285a update copyright notice 2009-01-06 23:47:57 +00:00
Francis Dupont
b393e55a76 bug in dns_nsec_typepresent() - 19112 2009-01-06 09:06:02 +00:00
Automatic Updater
5569e7de51 update copyright notice 2009-01-05 23:47:54 +00:00
Tatuya JINMEI 神明達哉
3fb1637c92 trivial comment cleanups (RT#19118) 2009-01-05 23:20:22 +00:00
Automatic Updater
c6b65dff51 update copyright notice 2008-12-17 23:47:58 +00:00
Tatuya JINMEI 神明達哉
10a6f640ed 2519. [bug] dig/host with -4 or -6 didn't work if more than two 
nameserver addresses of the excluded address family
			preceded in resolv.conf. [RT #19081]
 2008-12-17 19:19:29 +00:00
Mark Andrews
1ee054ca44 2518. [func] Add support for the new CERT types from RFC 4398. 
[RT #19077]
 2008-12-16 05:04:47 +00:00
Mark Andrews
8bf0c05627 2515. [port] win32: build dnssec-dsfromkey and dnssec-keyfromlabel. 
[RT #19063]
 2008-12-14 21:14:54 +00:00
Mark Andrews
24450ad58d 2513 [bug] Fix windows cli build. [RT #19062] 2008-12-13 00:23:54 +00:00
Mark Andrews
47d89fcd4f 2512. [func] Print a summary of the cached records which make up 
the negative response.  [RT #18885]
 2008-12-12 04:41:25 +00:00
Mark Andrews
a5746c4ec1 2511. [cleanup] dns_rdata_tofmttext() add const to linebreak. 
[RT #18885]
 2008-12-12 04:37:24 +00:00
Automatic Updater
a8a8e73121 update copyright notice 2008-12-10 23:48:43 +00:00
Mark Andrews
92241b04f1 2509. [bug] Specifying a fixed query source port was broken. 
[RT #19051]
 2008-12-10 07:03:50 +00:00
Mark Andrews
3d4e5a200f remove XXXMPA 2008-12-03 02:11:32 +00:00
Mark Andrews
d8fc8514b1 2504. [bug] Address race condition in the socket code. [RT #18899] 2008-12-03 02:03:47 +00:00
Automatic Updater
f8f8a5b3a3 update copyright notice 2008-12-01 23:47:45 +00:00
Mark Andrews
04ec5b376d unsigned contants 2008-12-01 13:26:51 +00:00
Mark Andrews
36c12f1bb4 #undef inet_aton 2008-12-01 04:14:54 +00:00
Mark Andrews
9935447b51 2503. [port] linux: improve compatibility with Linux Standard 
Base. [RT #18793]
 2008-12-01 03:53:32 +00:00
Mark Andrews
ce1d07a80f out of memory condition could be missed. [RT #18970] 2008-12-01 00:15:37 +00:00
Mark Andrews
175a8bd2b7 2502. [cleanup] isc_radix: Improve compliance with coding style, 
document function in <isc/radix.h>. [RT #18534]
 2008-12-01 00:04:21 +00:00
Mark Andrews
46018d5d23 2501. [func] $GENERATE now supports all rdata types. Multi-field 
rdata types need to be quoted.  See the ARM for
                        details. [RT #18368]
 2008-11-30 23:49:21 +00:00
Automatic Updater
1f426f426e update copyright notice 2008-11-25 23:47:23 +00:00
Mark Andrews
9019569316 2499. [port] solaris: lib/lwres/getaddrinfo.c namespace clash. 
[RT #18837]
 2008-11-25 05:39:10 +00:00
Tatuya JINMEI 神明達哉
eb8265942b 2498. [bug] Removed a bogus function argument used with 
ISC_SOCKET_USE_POLLWATCH: it could cause compiler
			warning or crash named with the debug 1 level
			of logging. [RT #18917]

(Note that this entry is placed below the 9.6.0rc1 mark)
 2008-11-20 00:04:17 +00:00
Mark Andrews
9f41ec8010 1204 -> 1024U 2008-11-19 05:38:49 +00:00
Mark Andrews
e7ba4d8dc4 2497. [bug] Don't add RRSIG bit to NSEC3 bit map for insecure 
delegation.
 2008-11-17 23:46:42 +00:00
Mark Andrews
ac4b736ab2 9.6.0rc1 2008-11-16 21:21:42 +00:00
Mark Andrews
81e5de1741 2496. [bug] Add sanity length checks to NSID option. [RT #18813] 2008-11-16 20:57:55 +00:00
Automatic Updater
49960a74b5 update copyright notice 2008-11-14 23:47:33 +00:00
Mark Andrews
50df1ec60a 2495. [bug] Tighten RRSIG checks. [RT #18795] 2008-11-14 22:53:46 +00:00
Mark Andrews
2628c71479 silence compiler warning. [RT #18990] 2008-11-14 14:07:48 +00:00
Mark Andrews
da2d57c8cf 2493. [bug] The linux capabilites code was not correctly cleaning 
up after itself. [RT #18767]
 2008-11-14 05:24:11 +00:00
Automatic Updater
cfeaf83e2b update copyright notice 2008-11-12 23:47:17 +00:00
Mark Andrews
96b3cb85d3 2491. [func] Attempt to re-use a local port if we are already using 
the port. [RT #18548]
 2008-11-12 23:10:57 +00:00
Mark Andrews
dc143a8f5c 2490. [port] aix: work around a kernel bug where IPV6_RECVPKTINFO 
is cleared when IPV6_V6ONLY is set. [RT #18785]
 2008-11-12 03:52:32 +00:00
Mark Andrews
ac62b63619 add NULL gssapi fromlabel method. [RT #18877] 2008-11-11 03:55:01 +00:00
Tatuya JINMEI 神明達哉
f99fd90097 2489. [port] solaris: Workaround Solaris's kernel bug about 
/dev/poll:
			http://bugs.opensolaris.org/view_bug.do?bug_id=6724237
			Define ISC_SOCKET_USE_POLLWATCH at build time to enable
			this workaround. [RT #18870]
 2008-11-08 22:35:12 +00:00
Mark Andrews
09b45f7b58 2487. [bug] Give TCP connections longer to complete. [RT #18675] 2008-11-07 00:52:34 +00:00
Mark Andrews
2cada19312 align comment w/ code [RT #18833] 2008-11-06 02:20:14 +00:00
Mark Andrews
09416abf2d remove debugging log that was accidently left in 2008-11-04 21:23:14 +00:00
Automatic Updater
d9edfd5642 update copyright notice 2008-11-02 23:47:01 +00:00
Francis Dupont
7b1a7a098b no chroot() in Win32 API 2008-11-02 12:48:39 +00:00
Mark Andrews
76bd01263f remove debugging printf 2008-10-29 05:53:12 +00:00
Mark Andrews
736e6a6709 2481. [bug] rbtdb.c:matchparams() failed to handle NSEC3 chain 
collisions.  [RT #18812]

2480.   [bug]           named could fail to emit all the required NSEC3
                        records.  [RT #18812]
 2008-10-29 04:54:00 +00:00
Tatuya JINMEI 神明達哉
ff2c81060f added pre-initialization check on cachedb->node_lock_count. 2008-10-27 22:43:34 +00:00
Mark Andrews
86ee7433b3 2475. [bug] LRU cache cleanup under overmem condition could purge 
particular entries more aggresively. [RT #17628]
 2008-10-27 03:52:43 +00:00
Evan Hunt
06a230fe9f 2474. [bug] ACL structures could be allocated with insufficient 
space, causing an array overrun. [RT #18765]
 2008-10-24 02:28:55 +00:00
Mark Andrews
455ada05af 2471. [bug] named-checkzone was not reporting missing manditory 
glue when sibling checks were disabled. [RT #18768]
 2008-10-24 00:28:00 +00:00
Mark Andrews
4ac81dfb30 silence compiler warning. [RT #18766] 2008-10-24 00:11:17 +00:00
Mark Andrews
0d444dc136 2470. [bug] Elements of the isc_radix_node_t could be incorrectly 
overwritten.  [RE# 18719]
 2008-10-23 00:00:58 +00:00
Tatuya JINMEI 神明達哉
35378bcc6a 2468. [bug] Resolver could try unreachable servers multiple times. 
[RT #18739]
 2008-10-17 21:58:09 +00:00
Tatuya JINMEI 神明達哉
b05585dcfe 2467. [bug] Failure of fcntl(F_DUPFD) wasn't logged. [RT #18740] 2008-10-17 21:49:23 +00:00
Mark Andrews
698a4dcc8a 2465. [bug] Adb's handling of lame addresses was different 
for IPv4 and IPv6. [RT #18738]
 2008-10-17 03:23:13 +00:00
Automatic Updater
87ecfd734c update copyright notice 2008-10-15 23:47:31 +00:00
Mark Andrews
f2d09cd90d silence coverity false positive 2008-10-15 04:22:30 +00:00
Mark Andrews
394c1ac533 evloop prototype. [RT #18196] 2008-10-15 03:41:17 +00:00
Mark Andrews
4aee922977 coverity analysis support. [RT #18196] 2008-10-15 03:29:13 +00:00
Mark Andrews
b018450b0e sig is only used if threads are in use. [RT #18196] 2008-10-15 03:21:22 +00:00
Tatuya JINMEI 神明達哉
2be6798f93 2457. [tuning] max-cache-size is reverted to 0, the previous 
default.  It should be safe because expired cache
			entries are also purged.
 2008-09-27 23:35:31 +00:00
Automatic Updater
cdbb3d2774 update copyright notice 2008-09-26 23:47:06 +00:00
Evan Hunt
b0bf1ad5b0 2456. [bug] In ACLs, ::/0 and 0.0.0.0/0 would both match any 
address, regardless of family.  They now correctly
			distinguish IPv4 from IPv6.  [RT #18559]
 2008-09-26 21:12:02 +00:00
Evan Hunt
106360491a address review comment 2008-09-26 16:44:49 +00:00
Mark Andrews
dd14c953a8 unsigned constants 2008-09-26 01:27:08 +00:00
Mark Andrews
86e0a671ed 9.6.0a1 2008-09-25 04:39:58 +00:00
Mark Andrews
75a4ad0829 0 -> dns_rdatatype_none 2008-09-25 04:12:39 +00:00
Automatic Updater
3398334b3a update copyright notice 2008-09-25 04:02:39 +00:00
Mark Andrews
eab4a5c29d 2455. [bug] Stop metadata being transfered via axfr/ixfr. 
[RT #18639]
 2008-09-25 03:49:55 +00:00
Mark Andrews
5737b74d34 2453. [bug] Remove NULL pointer dereference in dns_journal_print(). 
[RT #18316]

2452.   [func]          Improve bin/test/journalprint. [RT #18316]
 2008-09-25 02:01:45 +00:00
Evan Hunt
f66ac0c858 silence compiler warnings 2008-09-24 16:33:27 +00:00
Automatic Updater
6e2871232f update copyright notice 2008-09-24 03:16:58 +00:00
Mark Andrews
6098d364b6 2448. [func] Add NSEC3 support. [RT #15452] 2008-09-24 02:46:23 +00:00
Mark Andrews
11dbf2fc38 2447. [cleanup] libbind has been split out as a seperate produce. 2008-09-24 02:13:12 +00:00
Mark Andrews
c6c09f77f8 2444. [port] Linux, FreeBSD, AIX: Turn of path mtu discovery 
(clear DF) for UDP responses and requests.
 2008-09-23 02:20:21 +00:00
Michael Graff
467e6fd167 make the same change to win32/socket.c here as was made on v9_5 to fix connected UDP sockets 2008-09-16 17:19:01 +00:00
Mark Andrews
896f88361e 2442. [bug] A lock could be destroyed twice. [RT# 18626] 2008-09-14 04:54:49 +00:00
Automatic Updater
6011ef0f4d update copyright notice 2008-09-12 23:47:25 +00:00
Evan Hunt
5ce9206eb9 2441. [bug] isc_radix_insert() could copy radix tree nodes 
incompletely. [RT #18573]

2440.   [bug]		named-checkconf used an incorrect test to determine
			if an ACL was set to none.
 2008-09-12 06:02:31 +00:00
Evan Hunt
e80f661db8 possible null dereference in dns_acl_isanyornone() [rt18559] 2008-09-12 04:54:39 +00:00
Mark Andrews
691f1f7731 2438. [bug] Timeouts could be logged incorrectly under win32. 
2436.   [security]      win32: UDP client handler can be shutdown. [RT #18576]

2434.   [bug]           Fixed a minor error-reporting bug in
                        lib/isc/win32/socket.c.

2432.   [bug]           More Windows socket handling improvements.  Stop
                        using I/O events and use IO Completion Ports
                        throughout.  Rewrite the receive path logic to make
                        it easier to support multiple simultaneous
                        requestrs in the future.  Add stricter consistency
                        checking as a compile-time option (define
                        ISC_SOCKET_CONSISTENCY_CHECKS; defaults to off).

2420.   [bug]           Windows socket handling cleanup.  Let the io
                        completion event send out cancelled read/write
                        done events, which keeps us from writing to memeory
                        we no longer have ownership of.  Add debugging
                        socket_log() function.  Rework TCP socket handling
                        to not leak sockets.
 2008-09-12 04:46:25 +00:00
Evan Hunt
aeadcd6319 pull up windows acl leak fix from 9.5.0-P2-W1 2008-09-10 21:52:49 +00:00
Automatic Updater
e2c97aef51 update copyright notice 2008-09-08 23:47:10 +00:00
Mark Andrews
ac3d398b56 update 2008-09-08 08:55:05 +00:00
Mark Andrews
24119ac6bd update 2008-09-08 08:52:18 +00:00
Mark Andrews
612045f8e1 update 2008-09-08 08:49:24 +00:00
Mark Andrews
62e67fd6c0 update 2008-09-08 08:42:07 +00:00
Mark Andrews
922cb29cfe isc_portset_isset 2008-09-08 08:33:41 +00:00
Mark Andrews
327070c7e5 stats 2008-09-08 08:30:04 +00:00
Mark Andrews
ed9ca23065 syntax error 2008-09-08 08:28:08 +00:00
Mark Andrews
12eb8057cb portset 2008-09-08 08:26:28 +00:00
Mark Andrews
ab834d21f1 exports 2008-09-08 08:23:58 +00:00
Mark Andrews
2f88444e9a add portset 2008-09-08 07:06:15 +00:00
Mark Andrews
8343d55b3d windows implementation of isc_time_set 2008-09-08 06:53:10 +00:00
Mark Andrews
66d720025d update isc_time_set's description 2008-09-08 06:51:10 +00:00
Mark Andrews
739240a9d1 remove dns_stats_copy dns_stats_create dns_stats_destroy dns_stats_incrementcounter dns_zone_getstats 2008-09-08 05:59:11 +00:00
Mark Andrews
7e52028a83 remove dns_resolver_createdispatchpool 2008-09-08 05:41:22 +00:00
Mark Andrews
efc8a6ba16 remove dns_dispatch_hash 2008-09-08 05:35:06 +00:00
Mark Andrews
1d77be00c4 default maxsockets to 0 2008-09-08 05:30:35 +00:00
Mark Andrews
d8aa1541f0 move prototype out of #ifdef/#endif 2008-09-04 07:46:02 +00:00
Mark Andrews
0eeaaaf0ae 2398. [bug] Improve file descriptor management. New, 
temporary, named.conf option reserved-sockets,
                        default 512. [RT #18344]
 2008-09-04 05:56:43 +00:00
Mark Andrews
f5662f41e7 2433. [tuning] Set initial timeout to 800ms. 2008-09-04 04:23:43 +00:00
Tatuya JINMEI 神明達哉
a4037b279b cleanup: unused function parameter [RT #18572] 2008-09-04 00:23:14 +00:00
Mark Andrews
470212919f 2431. [bug] Acl processing could leak memory. [RT #18323] 2008-09-01 05:36:00 +00:00
Automatic Updater
6ebd91a0c7 update copyright notice 2008-08-29 23:47:22 +00:00
Mark Andrews
e72c1e7e46 2430. [bug] win32: isc_interval_set() could round down to 
zero if the input was less than NS_INTERVAL
                        nanoseconds.  Round up instead. [RT #18549]
 2008-08-29 03:57:38 +00:00
Mark Andrews
c6a1797aff 2428. [bug] dns_iptable_merge() mishandled merges of negative 
tables. [RT #18409]
 2008-08-27 04:44:18 +00:00
Mark Andrews
abfc643b40 missing pair of '[]'. [RT#18422] 2008-08-26 14:55:37 +00:00
Mark Andrews
5e3f390f05 2426. [bug] libbind: inet_net_pton() can sometimes return the 
wrong value if excessively large netmasks are
                        supplied. [RT #18512]
 2008-08-26 03:53:04 +00:00
Tatuya JINMEI 神明達哉
ebacb7908a 2425. [bug] named didn't detect unavailable query source addresses 
at load time. [RT #18536]
 2008-08-26 02:04:20 +00:00
Automatic Updater
e6a6d0778c update copyright notice 2008-08-22 23:47:17 +00:00
Mark Andrews
a7485cd61d silence compiler warning 2008-08-22 05:57:53 +00:00
Mark Andrews
a0fb749d0b adjust log message added by change 2409. [RT #18497] 2008-08-22 05:00:29 +00:00
Evan Hunt
a45f57a2d5 RTT banding. [rt18441] 2008-08-22 04:16:17 +00:00
Mark Andrews
1bfe8851c0 2421. [bug] Handle the special return value of a empty node as 
if it was a NXRRSET in the validator. [RT #18447]
 2008-08-21 04:43:49 +00:00
Tatuya JINMEI 神明達哉
13d9b8ce94 2420. [func] Add new command line option '-S' for named to specify 
the max number of sockets. [RT #18493]
			Use caution: this option may not work for some
			operating systems without rebuilding named.
 2008-08-20 23:57:59 +00:00
Mark Andrews
2f420f33bb 2419. [cleanup] Document that isc_socket_create() and isc_socket_open() 
should not be used for isc_sockettype_fdwatch sockets.
                        [RT #18521]
 2008-08-20 06:16:07 +00:00
Tatuya JINMEI 神明達哉
57f8a60b21 canceled the privious commit (which was made by accident) 2008-08-15 17:52:53 +00:00
Tatuya JINMEI 神明達哉
b55dc7da2e typo: s/dns_displist_t/dispsocketlist_t/ 2008-08-15 17:47:18 +00:00
Tatuya JINMEI 神明達哉
e2fe1fda75 2417. [bug] Connecting UDP sockets for outgoing queries could 
unexpectedly fail with an 'address already in use'
			error. [RT #18411]
 2008-08-15 17:29:52 +00:00
Tatuya JINMEI 神明達哉
cf225ed6cd 2416. [func] Log file descriptors that cause exceeding the 
internal maximum. [RT #18460]
 2008-08-13 23:44:18 +00:00
Tatuya JINMEI 神明達哉
52d5489b95 2415. [bug] 'rndc dumpdb' could trigger various assertion failures 
in rbtdb.c. [RT #18455]
 2008-08-13 02:28:45 +00:00
Tatuya JINMEI 神明達哉
515ada69db 2414. [bug] A masterdump context held the database lock too long, 
causing various troubles such as dead lock and
			recursive lock acquisition. [RT #18311, #18456]
 2008-08-13 02:20:09 +00:00
Tatuya JINMEI 神明達哉
387bca7a55 2413. [bug] Fixed an unreachable code path in socket.c. [RT #18442] 2008-08-09 19:02:10 +00:00
Automatic Updater
cf5d7a5094 update copyright notice 2008-08-08 06:28:59 +00:00
Mark Andrews
dc842cdcb9 2412. [bug] win32: address a resourse leak. [RT #18374] 2008-08-08 05:06:49 +00:00
Automatic Updater
13caac5ff8 update copyright notice 2008-08-07 23:47:34 +00:00
Tatuya JINMEI 神明達哉
cd9bebfc4c 2411. [bug] Allow using a larger number of sockets than FD_SETSIZE 
for select().  To enable this, set ISC_SOCKET_MAXSOCKETS
			at compilation time.  [RT #18433]
 2008-08-07 21:28:13 +00:00
Mark Andrews
4db36a15c5 2409. [func] Only log that we disabled EDNS processing if we were 
subsequently successful.  [RT #18029]
 2008-08-06 06:11:15 +00:00
Tatuya JINMEI 神明達哉
a9579d3386 2408. [bug] A duplicate TCP dispatch event could be sent, which 
could then trigger an assertion failure in
			resquery_response().  [RT #18275]
 2008-08-05 19:18:02 +00:00
Mark Andrews
101a7960b7 2407. [port] hpux: test for sys/dyntune.h. [RT #18421] 2008-08-05 07:05:47 +00:00
Tatuya JINMEI 神明達哉
dbe9f900ec 2406. [bug] Sockets could be closed too early, leading to 
inconsistent states in the socket module. [RT #18298]
 2008-08-01 19:04:02 +00:00
Automatic Updater
9d9989f4cc update copyright notice 2008-07-28 23:47:22 +00:00
Mark Andrews
7999db4215 2404. [port] hpux: files unlimited support. 2008-07-28 22:36:36 +00:00
Mark Andrews
481e9b573b 2403. [bug] TSIG context leak. [RT #18341] 2008-07-28 08:39:52 +00:00
Francis Dupont
cbb8a1b7cb Support Solaris 2.11 and over. [RT #18362] 2008-07-25 20:40:07 +00:00
Francis Dupont
bd7e02a337 Expect to get E[MN]FILE errno internal_accept() [RT #18358] 2008-07-24 09:50:21 +00:00
Tatuya JINMEI 神明達哉
0cdb53f093 2400. [bug] Log if kqueue()/epoll_create()/opne(devpoll) fails. 
[RT #18297]
 2008-07-24 05:19:15 +00:00
Tatuya JINMEI 神明達哉
72e52e1a03 comment wording 2008-07-24 04:54:44 +00:00
Automatic Updater
7415772270 update copyright notice 2008-07-23 23:47:07 +00:00
Mark Andrews
240e53b132 2396. [bug] Don't set SO_REUSEADDR for randomized ports. 
[RT #18336]
part 2
 2008-07-23 23:27:54 +00:00
Mark Andrews
e8ebdf044d 2397. [bug] gssapi_functions had too many elements. [RT #18355] 2008-07-23 10:26:54 +00:00
Automatic Updater
1d16cf8bb8 update copyright notice 2008-07-22 23:47:04 +00:00
Mark Andrews
9de0f9b0ae 2396. [bug] Don't set SO_REUSEADDR for randomized ports. 
[RT #18336]
 2008-07-22 03:43:04 +00:00
Mark Andrews
ee6c0ce79e 2395. [port] Avoid warning and no effect from "files unlimited" 
on Linux when running as root. [RT #18335]
 2008-07-21 03:37:17 +00:00
Evan Hunt
2ca30c1774 Nested acls containing keys could trigger an assertion in acl.c. [rt18166] 2008-07-19 00:09:44 +00:00
Automatic Updater
321b1c0501 update copyright notice 2008-07-18 23:47:01 +00:00
Mark Andrews
61facaae4e change 2390 leaked memory 2008-07-18 06:09:39 +00:00
Mark Andrews
8afedf9ec0 #ifdef EPROTO/#endif 2008-07-18 03:45:55 +00:00
Tatuya JINMEI 神明達哉
3d8b9b9956 2400 [port] hpux: cover additional recvmsg() error codes. 
[RT #18301]
 2008-07-18 02:43:31 +00:00
Tatuya JINMEI 神明達哉
2f76108082 2390 [bug] dispatch.c could make a false warning on 'odd socket'. 
[RT #18301].
 2008-07-18 02:35:42 +00:00
Automatic Updater
b6ba2af51b update copyright notice 2008-07-15 23:47:21 +00:00
Mark Andrews
718106da14 update reference 2008-07-15 05:45:34 +00:00
Mark Andrews
d923262186 2387. [bug] Silence compiler warnings in lib/isc/radix.c. 
[RT #18147] [RT #18258]
 2008-07-15 00:21:16 +00:00
Automatic Updater
b0364f1f3c update copyright notice 2008-07-11 23:47:09 +00:00
Tatuya JINMEI 神明達哉
eeb3e1e133 added some missing definitions 2008-07-11 23:10:09 +00:00
Tatuya JINMEI 神明達哉
158f256a14 2386. [bug] Add warning about too small 'open files' limit 
[RT #18269].
 2008-07-11 23:05:46 +00:00
Evan Hunt
64ecc88345 Several BSD-related fixes for port range: 
- add param.h for NetBSD [rt18228]
 - use correct sysctl strings on NetBSD [rt18230]
 - use net.inet.ip.portrange.hiport/hilast instead of
   first/last on FreeBSD [rt18234]
 - define sysctl strings for DragonFly [rt18235]
 - use sysctl() on OpenBSD because it doesn't support
   sysctlbyname() [rt18231]
 2008-07-04 05:52:31 +00:00
Evan Hunt
34350037a8 re-merged rt18194 after fixing problems 2008-07-03 00:13:25 +00:00
Automatic Updater
935c5b4fa2 update copyright notice 2008-07-01 23:47:17 +00:00
Evan Hunt
f41bd47802 merge rt18194 to enable windows build 2008-07-01 03:55:10 +00:00
Tatuya JINMEI 神明達哉
2a03c0af76 prevent null socket dereference in IPv6 interface address adjustment 
[RT #18203]
 2008-06-26 22:15:40 +00:00
Tatuya JINMEI 神明達哉
4462803b0d minor resource leak in error handling of socket.c [RT #17968] 2008-06-25 23:13:51 +00:00
Tatuya JINMEI 神明達哉
7b0bb3bdc9 work around HP-UX UDP connect behavior [RT #18202] 2008-06-25 22:56:33 +00:00
Tatuya JINMEI 神明達哉
cc758fbc8f typo 2008-06-25 00:09:50 +00:00
Mark Andrews
0d5cc4c53a #include <config.h>, restore 'static inline' 2008-06-24 23:24:35 +00:00
Mark Andrews
391ac1cbfd static inline -> inline 2008-06-24 21:44:11 +00:00
Tatuya JINMEI 神明達哉
1ef53a4a91 newline 2008-06-24 01:58:16 +00:00
Tatuya JINMEI 神明達哉
78576fe0db include sys/sysctl.h only if HAVE_SYS_SYSCTL_H is defined 2008-06-24 01:40:25 +00:00
Automatic Updater
2cf81a3d8a update copyright notice 2008-06-23 23:47:11 +00:00
Tatuya JINMEI 神明達哉
386d3a99c1 2375. [security] Fully randomize UDP query ports to improve 
forgery resilience. [RT #17949, #18098]
 2008-06-23 19:41:20 +00:00
Tatuya JINMEI 神明達哉
0f39ff74a8 2383. [bug] named could double queries when they resulted in 
SERVFAIL due to overkilling EDNS0 failure detection.
 2008-06-17 22:35:08 +00:00
Mark Andrews
538a0a40a2 2380. [bug] dns_view_find() was not returning NXDOMAIN/NXRRSET 
proofs which, in turn, caused validation failures
                        for insecure zones immediately below a secure zone
                        the server was authoritative for. [RT #18112]
 2008-06-17 03:14:20 +00:00
Automatic Updater
97c432334e update copyright notice 2008-06-04 23:47:11 +00:00
Jeremy Reed
b09318463a Remove trailing (extra) comma in enum. 
Fixes "Unexpected" error with AIX cc (and probably other old compilers).
As reported on bind-users and confirmed by original poster.
This is for bugs ticket #18151.
 2008-06-04 22:32:53 +00:00
Tatuya JINMEI 神明達哉
99a87dacc3 cleanup (removed meaningless condition) [RT #18144] 2008-06-04 01:11:05 +00:00
Automatic Updater
022b5c5a36 update copyright notice 2008-05-30 23:47:01 +00:00
Tatuya JINMEI 神明達哉
5cb56973ea fixed a typo in comment [RT #18130] 2008-05-30 18:27:27 +00:00
Mark Andrews
58253bddc4 2375. [bug] Change #2144 was not complete. 2008-05-29 04:46:32 +00:00
Automatic Updater
11156f82ba update copyright notice 2008-05-21 23:47:01 +00:00
Evan Hunt
080a964a3f "blackhole" ACLs could cause named to segfault due to some 
uninitialized memory. [rt18095]
 2008-05-21 23:21:33 +00:00
Evan Hunt
5a17fe2916 Default values of zone ACLs were re-parsed each time a new zone was 
configured, causing an overconsumption of memory. [rt18092]
 2008-05-21 23:17:21 +00:00
Evan Hunt
d230b29aba fixed incorrect TAG_HMACSHA256_BITS value [rt18047] 2008-05-15 00:50:26 +00:00
Automatic Updater
59b6d8259a update copyright notice 2008-05-13 23:47:01 +00:00
Evan Hunt
c72279e756 "rndc freeze" could trigger an assertion in named when called on a 
nonexistent zone. [rt18050]
 2008-05-13 01:20:24 +00:00
Mark Andrews
e1aeb1569a 2369. [bug] libbind: Array bounds overrun on read in bitncmp(). 
[RT #18054]
 2008-05-12 00:17:27 +00:00
Evan Hunt
69ec1b7eb3 Improve counting of dns_resstatscounter_retry [rt18030] 2008-05-06 01:12:55 +00:00
Mark Andrews
0dba2713de add lock comment 2008-05-03 05:07:13 +00:00
Mark Andrews
816496b221 2366. [bug] Adb shutdown race. [RT #18021] 2008-05-02 04:40:12 +00:00
Tatuya JINMEI 神明達哉
5c024f7877 cleanups for LRU-caching code [RT #18018] 2008-05-01 18:23:07 +00:00
Evan Hunt
28ad0be64e Fix a bug causing dns_acl_isany() to return spurious results [rt18000] 2008-04-29 01:01:42 +00:00
Mark Andrews
8b56b8956f 2363. [port] sunos: pre-set "lt_cv_sys_max_cmd_len=4096;". 
[RT #17513]
 2008-04-28 23:43:24 +00:00
Evan Hunt
2284b84d74 Make "rrset-order fixed" a compile-time option. settable by 
"./configure --enable-fixed-rrset". Disabled by default. [rt17977]
 2008-04-23 21:32:57 +00:00
Evan Hunt
4fcd03af9f Missing type in internal_next6() function declaration 2008-04-18 19:47:48 +00:00
Mark Andrews
ba5af4569a fix bad NSID/EDNS interaction [RT #17952] 2008-04-10 07:20:11 +00:00
Michael Graff
d99f88add1 mirror change made on my zonemaint branch; detach iterator then close version 2008-04-09 21:39:46 +00:00
Mark Andrews
537266cadc comment out '#define inline' 2008-04-09 04:31:11 +00:00
Mark Andrews
fbfed7400f "while (1) {} -> do {} while (1);" to suppress a warning 2008-04-09 04:29:16 +00:00
Mark Andrews
375e2c913a 2359. [bug] Fix NSID bug. [RT #17942] 2008-04-07 05:32:52 +00:00
Automatic Updater
705671ffd3 update copyright notice 2008-04-05 23:47:11 +00:00
Mark Andrews
a77b091952 2357. [port] Don't use OpenSSL's engine support in versions before 
OpenSSL 0.9.7f. [RT #17922]
 2008-04-05 02:35:24 +00:00
Automatic Updater
f052a01ff2 update copyright notice 2008-04-04 23:47:01 +00:00
Mark Andrews
0f4a4d46ab 2357. [port] Don't use OpenSSL's engine support in versions before 
OpenSSL 0.9.7f. [RT #17922]
 2008-04-04 22:10:49 +00:00
Mark Andrews
9c89fcb69c remove: not yet 2008-04-04 10:02:21 +00:00
Mark Andrews
77abeb5330 rebase NSEC3 code 2008-04-04 05:34:07 +00:00
Tatuya JINMEI 神明達哉
c4fadc8861 2356. [bug] Builtin mutex profiler was not scalable enough. 
[RT #17436]

(I plan to merge this to 9.[345])
 2008-04-04 01:49:09 +00:00
Tatuya JINMEI 神明達哉
eeb8892daa Global memory context had the wrong name (RT #17932) 2008-04-03 23:14:52 +00:00
Mark Andrews
8f4e45ad7e isc_buffer_putmem->isc_buffer_putstr 2008-04-03 10:45:35 +00:00
Mark Andrews
5eb0f23677 silence signed/unsigned warning 2008-04-03 10:39:13 +00:00
Automatic Updater
ddad355529 update copyright notice 2008-04-03 06:09:05 +00:00
Mark Andrews
8907d8fa04 2355. [func] Extend the number statistics counters available. 
[RT #17590]
 2008-04-03 05:55:52 +00:00
Mark Andrews
d904beeb3b 2354. [bug] Failed to initialise sone rdatasetheader_t elements. 
[RT #17927]
 2008-04-03 04:00:38 +00:00
Mark Andrews
9a13b1536d bad pointer 2008-04-03 02:09:18 +00:00
Mark Andrews
db30f4bdcb 2353. [func] Add support for Name Server ID (RFC 5001). 
'dig +nsid' requests NSID from server.
                        'request-nsid yes;' causes recursive server to send
                        NSID requests to upstream servers.  Server responds
                        to NSID requests with the string configured by
                        'server-id' option.  [RT #17091]
 2008-04-03 02:01:08 +00:00
Mark Andrews
887ef2682c 2352. [bug] Various GSS_API fixups. [RT #17729] 2008-04-03 00:45:23 +00:00
Automatic Updater
a687db7ce8 update copyright notice 2008-04-02 23:46:58 +00:00
Mark Andrews
07555e64d9 2350. [port] win32: IPv6 support. [RT #17797] 2008-04-02 02:56:23 +00:00
Mark Andrews
3f42cf2f3e 2349. [func] Provide incremental re-signing support for secure 
dynamic zones. [RT #1091]

back out incorrect branch rt1091 and apply correct branch rt1091a.
 2008-04-02 02:37:42 +00:00
Mark Andrews
a0735eeac5 unit16_t -> isc_uint16_t 2008-04-02 01:48:32 +00:00
Automatic Updater
e672951ed2 update copyright notice 2008-04-01 23:47:10 +00:00
Mark Andrews
c6b3c1984c s/USE_ISC_SPNEG/USE_ISC_SPNEGO/ 2008-04-01 05:19:00 +00:00
Mark Andrews
2391def779 remove return 2008-04-01 03:02:20 +00:00
Mark Andrews
a76b380643 2349. [func] Provide incremental re-signing support for secure 
dynamic zones. [RT #1091]
 2008-04-01 01:37:25 +00:00
Mark Andrews
dec509888a don't use C99 declarations 2008-04-01 00:03:31 +00:00
Automatic Updater
db0008c448 update copyright notice 2008-03-31 23:47:11 +00:00
Mark Andrews
155a0ce6e3 rework USE_ISC_SPNEG so it works with all versions of make 2008-03-31 21:28:16 +00:00
Francis Dupont
2a31bd5310 add EVP and PKCS11 2008-03-31 14:42:51 +00:00
Francis Dupont
4a253e12fc commit rt17451 2008-03-31 13:11:32 +00:00
Mark Andrews
cffe96e267 2346. [func] Memory statistics now cover all active memory contexts 
in increased detail. [RT #17580]
 2008-03-31 05:00:30 +00:00
Automatic Updater
7405bdffd4 update copyright notice 2008-03-29 23:47:08 +00:00
Automatic Updater
ec6e40f040 update copyright notice 2008-03-28 23:47:02 +00:00
Tatuya JINMEI 神明達哉
e0258ba438 don't use separate memory contexts for res buckets without threads 
Download because it doesn't have any benefit and requires more memory.
(RT #17898)
 2008-03-28 17:19:11 +00:00
Mark Andrews
f703353673 2345. [bug] named-checkconf failed to detect when forwarders 
were set at both the options/view level and in
                        a root zone. [RT #17671]
 2008-03-28 03:26:39 +00:00
Automatic Updater
2b91038561 update copyright notice 2008-03-27 23:46:57 +00:00
Tatuya JINMEI 神明達哉
d8eb00152d always enable ISC_xxx_NAMES 2008-03-27 21:08:52 +00:00
Mark Andrews
7e26a2a646 2344. [bug] Improve "logging{ file ...; };" documentation. 
[RT #17888]
 2008-03-27 03:30:53 +00:00
Automatic Updater
0a7e6db2db update copyright notice 2008-03-20 23:47:00 +00:00
Tatuya JINMEI 神明達哉
a95a9de45c 2343. [bug] (Seemingly) duplicate IPv6 entries could be 
created in ADB. [RT #17837]

(plan to merge to 9.[345])
 2008-03-20 19:23:42 +00:00
Mark Andrews
ea8564f68a 2342. [func] Use getifaddrs() if available under Linux. [RT #17224] 2008-03-20 04:51:00 +00:00
Mark Andrews
55f580c7fc 2341. [bug] libbind: add missing -I../include for off source 
tree builds. [RT #17606]
 2008-03-20 04:02:14 +00:00
Mark Andrews
659e104902 platform.h 2008-03-07 01:43:42 +00:00
Mark Andrews
aa02826aac 2339. [port] tru64: support for libbind. [RT #17589] 2008-03-02 22:25:58 +00:00
Mark Andrews
cf50039c14 2339. [port] tru64: support for libbind. [RT #17589] 2008-02-28 05:36:11 +00:00
Mark Andrews
fff7eac50a 2339. [port] tru64: support for libbind. [RT #17589] 2008-02-28 05:36:10 +00:00
Automatic Updater
8665a8cb0f update copyright notice 2008-02-27 23:47:06 +00:00
Mark Andrews
4074b8e734 2339. [port] tru64: support for libbind. [RT #17589] 2008-02-26 23:58:51 +00:00
Evan Hunt
e4d304b70b Fix build error: parameter type was changed in the prototype but not in 
the function header.
 2008-02-19 17:07:55 +00:00
Automatic Updater
eb0e8ace24 update copyright notice 2008-02-18 23:46:59 +00:00
Mark Andrews
664e11f0b1 2238. [bug] check_ds() could be called with a non DS rdataset. 
[RT #17598]
 2008-02-18 23:06:54 +00:00
Mark Andrews
23d4dc13e1 2335. [port] sunos: libbind and *printf() support for long long. 
[RT #17513]
 2008-02-18 04:06:40 +00:00
Mark Andrews
0f3264c8d1 2335. [port] sunos: libbind and *printf() support for long long. 
[RT #17513]
 2008-02-18 03:50:46 +00:00
Automatic Updater
6475e22cc9 update copyright notice 2008-02-15 23:46:51 +00:00
Mark Andrews
0e30609d7b 2334. [bug] Bad REQUIRES in fromstruct_in_naptr(), off by one 
bug in fromstruct_txt(). [RT #17609]
 2008-02-15 03:28:49 +00:00
Mark Andrews
9e8947d9e6 2333. [bug] Fix off by one error in isc_time_nowplusinterval(). 
[RT #17608]
 2008-02-15 02:24:04 +00:00
Automatic Updater
f172f06ff2 update copyright notice 2008-02-07 23:46:54 +00:00
Mark Andrews
43581a71ab clean up example code 2008-02-07 02:45:49 +00:00
Mark Andrews
9a7d202077 2330. [bug] Remove potential race condition when handling 
over memory events. [RT #17572]

                        WARNING: API CHANGE: over memory callback
                        function now needs to call isc_mem_waterack().
                        See <isc/mem.h> for details.
 2008-02-07 02:41:26 +00:00
Automatic Updater
6b3c17b9b0 update copyright notice 2008-02-05 23:47:08 +00:00
Mark Andrews
f1d6c77ecc 2328. [bug] Add AAAA addresses for A.ROOT-SERVERS.NET, 
F.ROOT-SERVERS.NET, H.ROOT-SERVERS.NET,
                        J.ROOT-SERVERS.NET, K.ROOT-SERVERS.NET and
                        M.ROOT-SERVERS.NET.
 2008-02-05 03:21:20 +00:00
Automatic Updater
8b90c4fdad update copyright notice 2008-02-01 23:46:58 +00:00
Mark Andrews
9dcc44d7b3 2327. [bug] It was possible to dereference a NULL in rbtdb.c. 
Implement deadnode processing in zones as we do for
                        caches. [RT #17312]
 2008-02-01 04:31:04 +00:00
Automatic Updater
da1e0ac742 update copyright notice 2008-01-31 23:47:06 +00:00
Mark Andrews
5badfc7e00 2326. [bug] It was possible to trigger a INSIST in the acache 
processing.
 2008-01-31 05:28:46 +00:00
Evan Hunt
458298c4e5 Added unresolved externals for windows build 2008-01-29 00:07:24 +00:00
Automatic Updater
60d19b2f15 update copyright notice 2008-01-27 23:47:20 +00:00
Mark Andrews
1fa2ce7eae 2324. [bug] Fix IPv6 matching against "any;" [RT #17533] 2008-01-27 02:13:34 +00:00
Mark Andrews
7539c231d4 2323. [port] tru64: namespace clash. [RT #17547] 2008-01-27 01:58:19 +00:00
Tatuya JINMEI 神明達哉
29d019169b corrected type 2008-01-25 23:50:38 +00:00
Automatic Updater
4f640b0d8f update copyright notice 2008-01-25 23:46:48 +00:00
Tatuya JINMEI 神明達哉
7ae2fa27e9 2322. [port] MacOS: work around the limitation of setrlimit() 
for RLIMIT_NOFILE. [RT #17526]
 2008-01-25 19:31:29 +00:00
Automatic Updater
cbf0854acc update copyright notice 2008-01-24 23:47:00 +00:00
Tatuya JINMEI 神明達哉
1c3ed2a83d 2320. [func] Make statistics couters thread-safe for platforms 
that support certain atomic operations. [RT #17466]
 2008-01-24 02:00:44 +00:00
Automatic Updater
f148623ce2 update copyright notice 2008-01-23 03:22:43 +00:00
Mark Andrews
b356686ecb Fixes needed to compile on windows 2008-01-23 03:10:48 +00:00
Mark Andrews
57708b0d58 regen 2008-01-23 02:25:58 +00:00
Automatic Updater
af3250a9f8 update copyright notice 2008-01-23 02:15:56 +00:00
Mark Andrews
9a727082a0 2318. [port] sunos fixes for libbind. [RT #17514] 2008-01-23 02:06:41 +00:00
Automatic Updater
f731b5d665 update copyright notice 2008-01-22 23:28:04 +00:00
Mark Andrews
e951a79d90 2319. [bug] Silence Coverity warnings in 
lib/dns/rdata/in_1/apl_42.c. [RT #174]
 2008-01-22 23:17:31 +00:00
Mark Andrews
a59640bf27 2318. [port] ISC_PLATFORM_NEEDTIMESPEC missing from 
lib/bind/config.h.in. [RT #17514]
 2008-01-22 22:56:43 +00:00
Mark Andrews
9925249931 2316. [port] Missing #include <isc/print.h> in lib/dns/gssapictx.c. 
[RT #17513]
 2008-01-22 11:47:54 +00:00
Evan Hunt
fc7043d7d1 Used incorrect address family for mapped IPv4 addresses in acl.c. [RT #17519] 2008-01-22 05:37:49 +00:00
Mark Andrews
5497de6931 2313. [cleanup] Silence Coverity warnings. Handle private stacks. 
[RT #17447] [RT #17478]
 2008-01-22 01:34:15 +00:00
Mark Andrews
f86c5d30de 2312. [cleanup] Silence Coverity warning in lib/isc/unix/socket.c. 
[RT #17458]
 2008-01-22 01:06:33 +00:00
Tatuya JINMEI 神明達哉
95c5f1d17b noticed the default max-cache-size [RT #17515] 2008-01-22 00:29:03 +00:00
Automatic Updater
140a27777d update copyright notice 2008-01-21 23:46:56 +00:00
Evan Hunt
262c39b236 IPv6 addresses could match IPv4 ACL entries and vice versa. [RT #17462] 2008-01-21 20:38:54 +00:00
Automatic Updater
2f012d936b update copyright notice 2008-01-18 23:46:58 +00:00
Automatic Updater
2f99b54e8e update copyright notice 2008-01-17 23:47:00 +00:00
Mark Andrews
b0b4ba7533 Fix documentation for: 
2294.   [func]          Allow the experimental statistics channels to have
                        multiple connections and ACL.
 2008-01-17 21:38:24 +00:00
Evan Hunt
1aba9fe678 Fix coverity warnings in acl.c and iptable.c [rt17455] 2008-01-17 08:08:08 +00:00
Tatuya JINMEI 神明達哉
bfcc5ae79a 2294. [func] Allow the experimental statistics channels to have 
multiple connections and ACL.
			Note: the stats-server and stats-server-v6 options
			available in the previous beta releases are replaced
			with the generic statistics-channels statment.
 2008-01-17 00:15:14 +00:00
Automatic Updater
61a8e638bc update copyright notice 2008-01-16 23:46:50 +00:00
Mark Andrews
6c7f722d31 2307. [bug] Remove infinite loop from lib/dns/sdb.c. [RT #17496] 2008-01-16 21:44:41 +00:00
Automatic Updater
2b0addd3ca update copyright notice 2008-01-15 23:46:59 +00:00
Mark Andrews
fcc2a57e13 2306. [bug] Remove potential race from lib/dns/resolver.c. 
[RT #17470]
 2008-01-15 12:12:19 +00:00
Mark Andrews
fcdafc1e30 2305. [security] inet_network() buffer overflow. CVE-2008-0122. 2008-01-15 04:02:01 +00:00
Mark Andrews
938b1008d9 remove test "#define inline" 2008-01-15 01:47:17 +00:00
Automatic Updater
9d5ed744c4 update copyright notice 2008-01-14 23:46:56 +00:00
Mark Andrews
f1263d2aa4 2304. [bug] Check returns from all dns_rdata_tostruct() calls. 
[RT #17460]
 2008-01-14 23:24:24 +00:00
Mark Andrews
efb3fa669f 2302. [bug] Fix memset() calls in lib/tests/t_api.c. [RT #17472] 2008-01-14 12:43:35 +00:00
Automatic Updater
6f2e211d39 update copyright notice 2008-01-10 23:47:01 +00:00