Evan Hunt
9d07b052b0
[v9_10] prep 9.10.7rc2
2018-02-15 11:17:40 -08:00
Evan Hunt
77c274b680
[rt43670] more emphatic warning
2018-02-09 12:29:21 +11:00
Mark Andrews
1c36fb5d41
4889. [func] Warn about the use of old root keys without the new
...
root key being present. Warn about dlv.isc.org's
key being present. Warn about both managed and
trusted root keys being present. [RT #43670 ]
(cherry picked from commit baef0ca988
2018-02-09 12:13:52 +11:00
Tinderbox User
5a60dabcd6
update copyright notice / whitespace
2018-02-08 23:51:13 +00:00
Mark Andrews
9ccc205645
[v9_10] fix nsupdate test on windows
...
4888. [test] Initialize sockets correctly in sample-update so
that nsupdate system test will will run on Windows.
[RT #47097 ]
(cherry picked from commit 6757dc6488701a93f5a5
2018-02-08 13:36:01 -08:00
Tinderbox User
8ac81d900f
update copyright notice / whitespace
2018-02-07 23:50:55 +00:00
Mark Andrews
c02650fe38
4885. [security] update-policy rules that otherwise ignore the name
...
field now require that it be set to "." to ensure
that any type list present is properly interpreted.
[RT #47126 ]
(cherry picked from commit ec771bbdc8
2018-02-07 13:50:31 +11:00
Tinderbox User
0a7392a315
update copyright notice / whitespace
2018-01-30 23:48:58 +00:00
Mark Andrews
6e33ad1e79
4882. [bug] Address potential memory leak in
...
dns_update_signaturesinc. [RT #47084 ]
(cherry picked from commit 7817caa3c7
2018-01-30 15:29:08 +11:00
Mark Andrews
a28be980de
4881. [bug] Only include dst_openssl.h when OpenSSL is required.
...
[RT #47068 ]
(cherry picked from commit a64503c736
2018-01-30 15:22:18 +11:00
Mark Andrews
39bc3aa5fd
4879. [bug] dns_rdata_caa:value_len is was small. [RT #47086 ]
...
(cherry picked from commit 3ae586b857
2018-01-30 11:00:51 +11:00
Tinderbox User
ad49d79d2b
update copyright notice / whitespace
2018-01-24 23:48:07 +00:00
Evan Hunt
d557a034dc
[v9_10] change uint to isc_uint
2018-01-24 11:02:07 -08:00
Evan Hunt
b058c0fefb
[v9_10] update 9.11 api range
2018-01-24 10:24:34 -08:00
Evan Hunt
9109dccd02
[v9_10] prep 9.10.7b1
2018-01-24 10:15:05 -08:00
Evan Hunt
98c2b09c48
[v9_10] copyrights
2018-01-24 09:52:07 -08:00
Mark Andrews
e0689ce4fd
4876. [bug] Address deadlock with accessing a keytable. [RT #47000 ]
...
(cherry picked from commit b575c4ec42
2018-01-24 18:57:09 +11:00
Mark Andrews
3dc09775f4
4874. [bug] Wrong time display when reporting new keywarntime.
...
[RT #47042 ]
(cherry picked from commit 83d005de61
2018-01-24 08:00:58 +11:00
Tinderbox User
d35a3eab4a
update copyright notice / whitespace
2018-01-22 23:48:04 +00:00
Mukund Sivaraman
96456c0834
Don't permit loading meta RR types such as TKEY from master files ( #47009 )
...
(cherry picked from commit 8a4ce20172c8eb7260466fb3db01ac
2018-01-22 14:39:57 +05:30
Tinderbox User
1a64974c47
update copyright notice / whitespace
2018-01-21 23:48:08 +00:00
Mark Andrews
bce96b1f70
4869. [bug] Address some cases where NULL with zero length could
...
be passed to memmove which is undefined behaviour and
can lead to bad optimisation. [RT #46888 ]
(cherry picked from commit fdd8838bf9
2018-01-22 09:42:01 +11:00
Tinderbox User
1e10f17589
update copyright notice / whitespace
2018-01-17 23:47:52 +00:00
Francis Dupont
a279dace6b
bcmp -> memcmp
2018-01-17 15:33:11 +01:00
Francis Dupont
3c8b6e234c
Merged rt46864 (check MD5 amd SHA1 support)
2018-01-17 14:48:01 +01:00
Tinderbox User
b5c5aed2e1
update copyright notice / whitespace
2018-01-13 23:48:59 +00:00
Mukund Sivaraman
d072be0691
Fix various bugs reported by valgrind --tool=memcheck ( #46978 )
...
(cherry picked from commit f96133826e0374e1c3fd929329d2d6
2018-01-13 11:52:17 +05:30
Tinderbox User
666c04ebc2
update copyright notice / whitespace
2018-01-10 23:53:01 +00:00
Mark Andrews
9758be3259
4862. [bug] The rdata flags for RRSIG was not being properly set
...
when constructing a rdataslab. [RT #46978 ]
(cherry picked from commit 7befb67af4
2018-01-11 09:54:29 +11:00
Tinderbox User
65eb1cc79f
update copyright notice / whitespace
2018-01-09 23:48:12 +00:00
Mark Andrews
7255d990c0
4861. [bug] The isc_crc64 unit test was not endian independent.
...
[RT #46973 ]
(cherry picked from commit 0ce212b9f5
2018-01-10 09:47:03 +11:00
Mark Andrews
c58a814940
4860. [bug] isc_int8_t should be signed char. [RT #46973 ]
...
(cherry picked from commit 21f708c88c
2018-01-10 08:42:33 +11:00
Tinderbox User
0df4e44735
update copyright notice / whitespace
2018-01-04 23:46:47 +00:00
Mark Andrews
9e9bdd1e4a
unconditionally typedef summarystat_t for coverity
...
(cherry picked from commit a0e66ef6dd
2018-01-05 10:11:27 +11:00
Evan Hunt
9b4c653770
[v9_10] block validator deadlock and prevent use-after-free
...
4859. [bug] A loop was possible when attempting to validate
unsigned CNAME responses from secure zones;
this caused a delay in returning SERVFAIL and
also increased the chances of encountering
CVE-2017-3145. [RT #46839 ]
4858. [security] Addresses could be referenced after being freed
in resolver.c, causing an assertion failure.
(CVE-2017-3145) [RT #46839 ]
2018-01-03 19:19:53 -08:00
Tinderbox User
808bb5a170
update copyright notice / whitespace
2018-01-03 23:46:39 +00:00
Mark Andrews
cf0eda222d
missing newline in comment
...
(cherry picked from commit 7258b852cf
2018-01-03 17:11:59 +11:00
Tinderbox User
478c771590
update copyright notice / whitespace
2018-01-02 23:46:49 +00:00
Mark Andrews
743bb3b02b
4852. [bug] Add REQUIRE's and INSIST's to isc_time_formattimestamp,
...
isc_time_formathttptimestamp, isc_time_formatISO8601.
[RT #46892 ]
2018-01-02 10:49:09 +11:00
Tinderbox User
fc5764662b
regen v9_10
2017-12-29 02:29:40 +00:00
Mark Andrews
30a04f1808
initalize sigsize to zero; ATF_CHECK_EQ(sigsize, tsig.siglen);
...
(cherry picked from commit 9f61f6b46b
2017-12-22 08:59:09 +11:00
Mark Andrews
6f19384682
don't attempt to call isc_buffer_free(&buf) twice; don't attempt to call dns_message_destroy(&msg) twice; don't test for key != NULL
...
(cherry picked from commit cb8650d875
2017-12-12 13:25:06 +11:00
Mark Andrews
728cc3be42
4842. [bug] Conditionally compile opensslecdsa_link.c to avoid
...
warnings about unused function. [RT #46790 ]
(cherry picked from commit 63459cdc052d82ed9456
2017-12-07 13:32:40 +11:00
Tinderbox User
4724ccdf11
update copyright notice / whitespace
2017-12-06 23:46:58 +00:00
Mark Andrews
58c86991ee
4841. [bug] Address -fsanitize=undefined warnings. [RT #46786 ]
...
(cherry picked from commit 9d5a0abe81
2017-12-06 21:05:18 +11:00
Mark Andrews
0ebc93648f
4839. [bug] zone.c:zone_sign was not properly determining
...
if there were active KSK and ZSK keys for
a algorithm when update-check-ksk is true
(default) leaving records unsigned with one or
more DNSKEY algorithms. [RT #46774 ]
(cherry picked from commit 00f5ea91cf
2017-12-05 16:12:00 +11:00
Mark Andrews
376a8e1fbc
4838. [bug] zone.c:add_sigs was not properly determining
...
if there were active KSK and ZSK keys for
a algorithm when update-check-ksk is true
(default) leaving records unsigned with one or
more DNSKEY algorithms. [RT #46754 ]
(cherry picked from commit 6fa2a0691e677f507de7
2017-12-05 09:39:36 +11:00
Mark Andrews
5623f65cc4
4837. [bug] dns_update_signatures{inc} (add_sigs) was not
...
properly determining if there were active KSK and
ZSK keys for a algorithm when update-check-ksk is
true (default) leaving records unsigned. [RT #46743 ]
(cherry picked from commit 196e01da5fbf459d24a1
2017-12-04 10:09:29 +11:00
Tinderbox User
3beaa67016
update copyright notice / whitespace
2017-11-30 23:48:18 +00:00
Tinderbox User
5ad36b898d
update copyright notice / whitespace
2017-11-29 23:46:59 +00:00
