upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-04-27 00:58:39 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
22724 commits 18 branches 854 tags 440 MiB
Commit graph

142 commits

Author SHA1 Message Date
Tinderbox User
803d842603 update copyright notice 2014-05-30 23:45:21 +00:00
Evan Hunt
0cfb247368 [master] rndc nta 
3867.	[func]		"rndc nta" can now be used to set a temporary
			negative trust anchor, which disables DNSSEC
			validation below a specified name for a specified
			period of time (not exceeding 24 hours).  This
			can be used when validation for a domain is known
			to be failing due to a configuration error on
			the part of the domain owner rather than a
			spoofing attack. [RT #29358]
 2014-05-29 22:22:53 -07:00
Mark Andrews
3a6d62c59f 3546. [func] Add EUI48 and EUI64 types. [RT #33082] 2013-04-05 09:07:28 +11:00
Mark Andrews
c07c2a862e 3458. [bug] Return FORMERR when presented with a overly long 
domain named in a request. [RT #29682]
 2013-01-10 10:30:15 +11:00
Tinderbox User
6fe42ff85c update copyright notice 2013-01-04 23:45:53 +00:00
Mark Andrews
8bd5bcd2a7 3445. [bug] Warn about zone files with blank owner names 
immediately after $ORIGIN directives. [RT #31848]

Conflicts:
	lib/dns/tests/master_test.c
 2013-01-04 12:16:55 +11:00
Evan Hunt
3ad3e9c948 [master] reject $ORIGIN before inherited name 
3445.	[bug]		Reject zone files with blank owner names immediately
			after $ORIGIN directives. [RT #31848]
 2012-12-18 16:17:55 -08:00
Tinderbox User
5fa46bc916 update copyright notice 2012-03-10 23:45:53 +00:00
Mark Andrews
28a8f5b0de set $Id$ 2012-03-08 00:21:15 +11:00
Evan Hunt
7cb226ec34 3084. [func] A new command "rndc sync" dumps pending changes in 
a dynamic zone to disk; "rndc sync -clean" also
			removes the journal file after syncing.  Also,
			"rndc freeze" no longer removes journal files.
			[RT #22473]
 2011-03-21 07:22:14 +00:00
Automatic Updater
135bcc2e42 update copyright notice 2011-01-11 23:47:14 +00:00
Mark Andrews
433e06a25c 3006. [func] Allow dynamically generated TSIG keys to be preserved 
across restarts of named.  Initially this is for
                        TSIG keys generated using GSSAPI. [RT #22639]
 2011-01-10 05:32:04 +00:00
Automatic Updater
bd2b08d5a3 update copyright notice 2010-02-25 05:08:01 +00:00
Mark Andrews
0cae66577c 2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619] 2010-02-25 04:39:13 +00:00
Evan Hunt
77b8f88f14 2712. [func] New 'auto-dnssec' zone option allows zone signing 
to be fully automated in zones configured for
			dynamic DNS.  'auto-dnssec allow;' permits a zone
			to be signed by creating keys for it in the
			key-directory and using 'rndc sign <zone>'.
			'auto-dnssec maintain;' allows that too, plus it
			also keeps the zone's DNSSEC keys up to date
			according to their timing metadata. [RT #19943]
 2009-10-12 20:48:12 +00:00
Automatic Updater
3e63c43386 update copyright notice 2009-03-01 23:47:25 +00:00
Evan Hunt
bfe0517fdc Clarify logged message when an insecure DNSSEC response arrives from a zone 
thought to be secure: "insecurity proof failed" instead of "not insecure".
[RT #19400]
 2009-03-01 02:45:38 +00:00
Automatic Updater
3398334b3a update copyright notice 2008-09-25 04:02:39 +00:00
Mark Andrews
6098d364b6 2448. [func] Add NSEC3 support. [RT #15452] 2008-09-24 02:46:23 +00:00
Automatic Updater
70e5a7403f update copyright notice 2007-06-19 23:47:24 +00:00
Automatic Updater
ec5347e2c7 update copyright notice 2007-06-18 23:47:57 +00:00
Mark Andrews
9b80f3a7c7 1887. [func] Detect duplicates of UDP queries we are recursing on 
and drop them.  New stats category "duplicates".
                        [RT #14892]
 2005-06-17 01:58:23 +00:00
Mark Andrews
c5223c9cb7 1862. [func] Add additional zone data constancy checks. 
named-checkzone has extended checking of NS, MX and
                        SRV record and the hosts they reference.
                        named has extended post zone load checks.
                        New zone options: check-mx and integrity-check.
                        [RT #4940]
 2005-05-19 04:59:05 +00:00
Mark Andrews
69fe9aaafd update copyright notice 2005-04-29 00:24:12 +00:00
Rob Austein
ab023a6556 1851. [doc] Doxygen comment markup. [RT #11398] 2005-04-27 04:57:32 +00:00
Mark Andrews
6fac7ff1f9 1606. [bug] DVL insecurity proof was failing. 
1605.   [func]          New dns_db_find() option DNS_DBFIND_COVERINGNSEC.
 2004-05-14 04:45:58 +00:00
Mark Andrews
8d414d1559 1600. [bug] Duplicate zone pre-load checks were not case 
insensitive.

1599.   [bug]           Fix memory leak on error path when checking named.conf.

1598.   [func]          Specify that certain parts of the namespace must
                        be secure (dnssec-must-be-secure).
 2004-04-15 23:40:27 +00:00
Mark Andrews
c5cde9d5a7 1593. [bug] rndc should return "unknown command" to unknown 
commands. [RT# 10642]
 2004-03-22 01:46:01 +00:00
Mark Andrews
dafcb997e3 update copyright notice 2004-03-05 05:14:21 +00:00
Mark Andrews
d5ad558234 1540. [bug] "rndc reload <dynamiczone>" was silently accepted. 
[RT #8934]
 2004-03-02 02:37:11 +00:00
Mark Andrews
2047977ce2 1586. [func] "check-names" is now implemented. 2004-02-27 20:41:51 +00:00
Mark Andrews
35541328a8 1558. [func] New DNSSEC 'disable-algorithms'. Support entry into 
child zones for which we don't have a supported
                        algorithm.  Such child zones are treated as unsigned.

1557.   [func]          Implement missing DNSSEC tests for
                        * NOQNAME proof with wildcard answers.
                        * NOWILDARD proof with NXDOMAIN.
                        Cache and return NOQNAME with wildcard answers.
 2004-01-14 02:06:51 +00:00
Mark Andrews
fcb54ce0a4 whitespace / layout 2003-10-17 03:46:46 +00:00
Mark Andrews
93d6dfaf66 1516. [func] Roll the DNSSEC types to RRSIG, NSEC and DNSKEY. 2003-09-30 06:00:40 +00:00
Mark Andrews
182a34004c 1463. [bug] dns_rdata_from{wire,struct}() failed to catch bad 
NXT bit maps. [RT #5577]
 2003-04-17 03:43:35 +00:00
Mark Andrews
8b5de97014 1448. [bug] Handle empty wildcards labels. 
developer: marka
reviewer: explorer
 2003-02-27 00:19:04 +00:00
Mark Andrews
421e4cf66e 1416. [bug] Empty node should return NOERROR NODATA, not NXDOMAIN. 
[RT #4715]
developer: marka
reviewer: explorer
 2003-01-18 03:18:31 +00:00
Mark Andrews
c86eed4bde 1410. [func] handle records that live in the parent zone, e.g. DS. 
developer: marka
reviewer: explorer
 2003-01-14 00:28:50 +00:00
Mark Andrews
b6309ed962 developer: jinmei 
reviewer: marka
1368.   [func]          remove support for bitstring labels.
 2002-08-27 04:53:43 +00:00
Mark Andrews
5bd76af084 1358. [func] log the reason for rejecting a server when resolving 
queries.
 2002-08-09 06:12:50 +00:00
Mark Andrews
4c342614f8 1354. [bug] Fix DNSSEC wildcard proof for CNAME/DNAME. 2002-08-06 01:50:28 +00:00
Mark Andrews
c54c1eaf26 1251. [func] Generate DNSSEC wildcard proofs. 2002-07-19 03:50:42 +00:00
Mark Andrews
4d9f3f00d9 1249. [func] named-checkzone will now check if nameservers that 
appear to be IP addresses.  Available modes "fail",
                        "warn" (default) and "ignore" the results of the
                        check.
 2002-07-19 02:34:58 +00:00
Mark Andrews
0b09763c35 1328. [func] DS (delegation signer) support. 2002-06-17 04:01:37 +00:00
Brian Wellington
4b171ebd70 1229. [bug] named would crash if it received a TSIG signed 
query as part of an AXFR response. [RT #2570]
 2002-03-14 18:34:48 +00:00
Brian Wellington
231ffa6c85 add a new result code so that parsing a bad KEY record doesn't result in 
"unknown class/type".
 2002-03-08 01:38:57 +00:00
Mark Andrews
95b604c5e9 1218. [bug] Named incorrectlty SERVFAIL rather than NOTAUTH on 
when there was a BADTIME error. [RT #2519]
 2002-03-05 00:06:02 +00:00
Mark Andrews
a7038d1a05 copyrights 2002-02-20 03:35:59 +00:00
Brian Wellington
b6279d0b4b Don't freeze an already frozen zone. 2002-01-24 09:58:42 +00:00
Mark Andrews
ff1b064f5e 1159. [bug] MD and MF are not permitted to be loaded by RFC1123. 2001-12-11 20:37:16 +00:00