upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-01 21:10:55 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
17032 commits 18 branches 854 tags 440 MiB
Commit graph

5141 commits

Author SHA1 Message Date
Mark Andrews
92348098eb 2956. [bug] named-checkconf did not fail on a bad trusted key. 
[RT #20705]
 2010-03-04 06:17:01 +00:00
Mark Andrews
2e20dea9fc 2854. [func] nsupdate will now preserve the entered case of domain 
names in update requests it sends. [RT #20928]
 2010-03-04 05:24:56 +00:00
Mark Andrews
13396661f4 2854. [func] dig: allow the final soa record in a axfr response to 
be suppressed, dig +onesoa. [RT #20929]
 2010-03-04 05:18:04 +00:00
Automatic Updater
cc9ed75dd9 update copyright notice 2010-02-26 23:50:59 +00:00
Mark Andrews
64f8608ed6 2853. [bug] add_sigs() could run out of scratch space. [RT #21015] 2010-02-26 01:39:49 +00:00
Mark Andrews
0cae66577c 2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619] 2010-02-25 04:39:13 +00:00
Automatic Updater
680033ce4d regen HEAD 2010-02-23 01:14:31 +00:00
Automatic Updater
8077efca7d update copyright notice 2010-02-22 23:49:11 +00:00
Mark Andrews
d3cbd6b05c 2851. [doc] nslookup.1, removed <informalexample> from the docbook 
source as it produced bad nroff.  [RT #21007]
 2010-02-22 20:48:56 +00:00
Automatic Updater
6f1b350c3a update copyright notice 2010-02-04 23:49:13 +00:00
Automatic Updater
44d0f0256f regen 2010-02-04 01:14:17 +00:00
Mark Andrews
8ac908b38a 2849. [bug] Don't treat errors from the xml2 library as fatal. 
[RT #20945]
 2010-02-04 00:57:25 +00:00
Automatic Updater
f1c89cb4f5 update copyright notice 2010-02-03 23:49:07 +00:00
Evan Hunt
dcfca6f18d 2847. [cleanup] Corrected usage message in dnssec-settime. [RT #20921] 2010-02-03 01:02:37 +00:00
Evan Hunt
6bb16fca28 rename "ischmacfix" files to "ischmacfixup" so win32 build will work 2010-01-22 00:55:46 +00:00
Automatic Updater
a3416b0a1b regen 2010-01-20 01:14:19 +00:00
Automatic Updater
ca4e44ebe8 update copyright notice 2010-01-19 23:48:56 +00:00
Evan Hunt
8a198fa776 2842. [func] Prevent dnssec-keygen and dnssec-keyfromlabel from 
creating key files if there is a chance that the new
			key ID will collide with an existing one after
			either of the keys has been revoked.  (To override
			this in the case of dnssec-keyfromlabel, use the -y
			option.  dnssec-keygen will simply create a
			different, noncolliding key, so an override is
			not necessary.) [RT #20838]
 2010-01-19 20:26:07 +00:00
Evan Hunt
ecde9a1cd5 smartsign fails on slow machines. delay the timing-sensitive 
dnssec-settime call as long as possible.
 2010-01-19 15:54:45 +00:00
Automatic Updater
6bb1560124 update copyright notice 2010-01-18 23:48:40 +00:00
Evan Hunt
e11a0c114c 2841. [func] Added "smartsign" and improved "autosign" and 
"dnssec" regression tests. [RT #20865]
 2010-01-18 19:19:31 +00:00
Automatic Updater
4dea9e5971 regen 2010-01-17 01:14:02 +00:00
Automatic Updater
20f2d1d74b update copyright notice 2010-01-16 23:48:15 +00:00
Francis Dupont
4025076ca2 move -o in synopsis to the right place 2010-01-16 14:04:47 +00:00
Automatic Updater
5bdf8cd3c2 update copyright notice 2010-01-13 23:48:59 +00:00
Francis Dupont
6ff7cd9fa5 Temporary fixed pkcs11-destroy usage check. [RT #20760] 2010-01-13 21:19:52 +00:00
Evan Hunt
20624f43c3 removed lines inadvertently committed 2010-01-13 19:29:38 +00:00
Francis Dupont
b3990d04da fix built-in view comment 2010-01-13 08:29:11 +00:00
Automatic Updater
65d1486535 update copyright notice 2010-01-11 23:48:37 +00:00
Francis Dupont
a91029a00e Prevent Linux spurious warnings about fwrite(). [RT #20812] 2010-01-11 10:49:14 +00:00
Automatic Updater
fdd80e9a55 regen 2010-01-08 01:14:09 +00:00
Automatic Updater
a30c7003af update copyright notice 2010-01-07 23:48:54 +00:00
Evan Hunt
0f66aced26 2834. [bug] HMAC-SHA* keys that were longer than the algorithm 
digest length were used incorrectly, leading to
			interoperability problems with other DNS
			implementations.  This has been corrected.
			(Note: If an oversize key is in use, and
			compatibility is needed with an older release of
			BIND, the new tool "isc-hmac-fixup" can convert
			the key secret to a form that will work with all
			versions.) [RT #20751]
 2010-01-07 21:52:12 +00:00
Evan Hunt
8ebf67b7f0 2833. [cleanup] Fix usage messages in dnssec-keygen and dnssec-settime. 
[RT #20851]
 2010-01-07 19:13:59 +00:00
Evan Hunt
597642c0ba 2831. [security] Do not attempt to validate or cache 
out-of-bailiwick data returned with a secure
			answer; it must be re-fetched from its original
			source and validated in that context. [RT #20819]
 2010-01-07 16:48:23 +00:00
Automatic Updater
247f299fb0 update copyright notice 2010-01-06 23:48:47 +00:00
Evan Hunt
b1fbf2a4db fix spacing 2010-01-06 00:53:45 +00:00
Automatic Updater
3ee1371212 update copyright notice 2010-01-05 23:48:37 +00:00
Evan Hunt
564d687132 missing newline in dnssec-signzone usage 2010-01-05 15:31:58 +00:00
Tatuya JINMEI 神明達哉
d8680445d6 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:02:23 +00:00
Mark Andrews
57fb4f7bbe 2825. [bug] Changing the setting of OPTOUT in a NSEC3 chain that 
was in the process of being created was not properly
                        recorded in the zone. [RT #20786]
 2009-12-30 02:43:09 +00:00
Mark Andrews
5b77627c09 2824. [bug] "rndc sign" was not being run by the correct task. 
[RT #20759]
 2009-12-29 22:20:33 +00:00
Automatic Updater
d856585f5f regen 2009-12-29 01:14:03 +00:00
Evan Hunt
85c5ed3577 2821. [doc] Add note that named-checkconf doesn't automatically 
read rndc.key and bind.keys [RT #20758]
 2009-12-28 23:21:16 +00:00
Francis Dupont
0faf1492c7 non-readable openssl.cnf [20668] 2009-12-24 17:49:39 +00:00
Evan Hunt
1361014b02 2818. [cleanup] rndc could return an incorrect error code 
when a zone was not found. [RT #20767]
 2009-12-24 00:14:20 +00:00
Evan Hunt
40ad4ed01b 2817. [cleanup] Removed unnecessary isc_tasc_endexclusive() calls. 
[RT #20768]
 2009-12-23 23:59:42 +00:00
Evan Hunt
aa3415ba49 2815. [bug] Exclusively lock the task when freezing a zone. 
[RT #19838]
 2009-12-23 23:33:09 +00:00
Evan Hunt
f766024a27 change all keys from rsasha1 to nsec3rsasha1 so that the nsec->nsec3 
transitions work correctly.  (they worked before, but weren't supposed
to; when that bug was fixed, the test broke.)
 2009-12-19 17:30:31 +00:00
Automatic Updater
928e12ccdc update copyright notice 2009-12-18 23:49:03 +00:00