upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-04-24 23:57:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
24356 commits 18 branches 854 tags 440 MiB
Commit graph

10100 commits

Author SHA1 Message Date
Mark Andrews
63fb01bb78 4553. [bug] Named could deadlock there were multiple changes to 
NSEC/NSEC3 parameters for a zone being processed at
                        the same time. [RT #42770]

(cherry picked from commit d2e1b47d4f)
 2017-01-12 14:26:11 +11:00
Mark Andrews
8b9cfa1b93 4552. [bug] Named could trigger a assertion when sending notify 
messages. [RT #44019]

(cherry picked from commit 7b9e28f1a5)
 2017-01-12 14:13:44 +11:00
Tinderbox User
0cc74d59ab update copyright notice / whitespace 2017-01-11 23:46:23 +00:00
Evan Hunt
7a326082ad [v9_10] expand the flags field in dns_master_style 
4550.	[cleanup]	Increased the number of available master file
			output style flags from 32 to 64. [RT #44043]
 2017-01-11 12:06:29 -08:00
Tinderbox User
b16ec7b570 update copyright notice / whitespace 2017-01-04 23:46:14 +00:00
Evan Hunt
44bbbfcca9 [v9_10] add support for native pkcs11 on keyper 
4547.	[port]		Add support for --enable-native-pkcs11 on the AEP
			Keyper HSM. [RT #42463]
 2017-01-03 16:41:58 -08:00
Mark Andrews
6960be7265 remove dnssec-keymgr.html 2016-12-29 19:57:47 +11:00
Evan Hunt
655092507c [v9_10] silence warning 
(cherry picked from commit b3aebb5890)
 2016-12-28 17:54:47 -08:00
Mark Andrews
f204635d42 9.10.5b1 2016-12-29 12:39:00 +11:00
Mark Andrews
1ec66e6a83 4510. [security] Named mishandled some responses where covering RRSIG 
records are returned without the requested data
                        resulting in a assertion failure. (CVE-2016-9147)
                        [RT #43548]

(cherry picked from commit 6adf421e7e)
 2016-12-29 11:52:46 +11:00
Mark Andrews
2cfd915235 4508. [security] Named incorrectly tried to cache TKEY records which 
could trigger a assertion failure when there was
                            a class mismatch. (CVE-2016-9131) [RT #43522]

(cherry picked from commit 2c1c4b99a1)
 2016-12-29 11:29:41 +11:00
Tinderbox User
ad4e4b05f2 update copyright notice / whitespace 2016-12-28 23:52:29 +00:00
Mark Andrews
6bed6ea11b fix back port issue 2016-12-29 10:48:46 +11:00
Mark Andrews
04c7ee66b1 4517. [security] Named could mishandle authority sections that were 
missing RRSIGs triggering an assertion failure.
                        (CVE-2016-9444) [RT # 43632]

(cherry picked from commit 1df30cfd27c5a3c57fce357c54aaf6c702227d51)
 2016-12-29 10:41:19 +11:00
Mark Andrews
3c3cba0a63 4543. [bug] dns_client_startupdate now delays sending the update 
request until isc_app_ctxrun has been called.
                        [RT #43976]

(cherry picked from commit 6f94747270)
 2016-12-28 15:55:47 +11:00
Tinderbox User
a263f19bff update copyright notice / whitespace 2016-12-26 23:48:48 +00:00
Mark Andrews
b4fe043277 remove references to catalog-zones 2016-12-27 09:43:08 +11:00
Mark Andrews
a1f98389a3 4539. [bug] Referencing a nonexistant zone with rpz could lead 
to a assertion failure when configuring. [RT #43787]

(cherry picked from commit 762c4fc5a8)
 2016-12-27 09:29:32 +11:00
Mark Andrews
74685182f7 4538. [bug] Call dns_client_startresolve from client->task. 
[RT #43896]

(cherry picked from commit aceabacdb8)
 2016-12-27 07:14:56 +11:00
Mark Andrews
e9b393d2f2 if gen fails remove the file [RT #43949] 
(cherry picked from commit e17d2f98be)
 2016-12-23 09:21:17 +11:00
Mark Andrews
875f3c3cdb freeaddrinfo is called too early. 
(cherry picked from commit c1870d0e44)
 2016-12-15 09:39:58 +11:00
Tinderbox User
b3ff1f2182 update copyright notice / whitespace 2016-12-13 23:48:55 +00:00
Mark Andrews
4043669112 4535. [bug] Address race condition in setting / testing of 
DNS_REQUEST_F_SENDING. [RT #43889]

(cherry picked from commit 37a8db0ba4)
 2016-12-14 10:33:13 +11:00
Mark Andrews
83139f2a21 4534. [bug] Only set RD, RA and CD in QUERY responses. [RT #43879] 
(cherry picked from commit def6b33bad)
 2016-12-13 16:37:47 +11:00
Mark Andrews
42c58e5580 4533. [bug] dns_client_update should terminate on prerequiste 
failures (NXDOMAIN, YXDOMAIN, NXRRSET, YXRRSET)
                        and also on BADZONE.  [RT #43865]

(cherry picked from commit 8ca45ba01a)
 2016-12-13 15:53:49 +11:00
Mark Andrews
df9832fd9e 4530. [bug] Change 4489 broke the handling of CNAME -> DNAME 
in responses resulting in SERVFAIL being returned.
                        [RT #43779]

(cherry picked from commit 60cb462c56)
 2016-12-09 12:51:16 +11:00
Evan Hunt
345dfb282e [v9_10] silence DSCP probing error 
4529.	[cleanup]	Silence noisy log warning when DSCP probe fails
			due to firewall rules. [RT #43847]

(cherry picked from commit f2c7ae114a)
 2016-12-08 08:44:52 -08:00
Mark Andrews
1dc4d731a1 4528. [bug] Only set the flag bits for the i/o we are waiting 
for on EPOLLERR or EPOLLHUP. [RT #43617]

(cherry picked from commit c1619b8420)
 2016-12-08 17:00:46 +11:00
Tinderbox User
37a5b3cfee regen v9_10 2016-12-08 01:14:21 +00:00
Tinderbox User
917aac759b update copyright notice / whitespace 2016-12-07 23:48:27 +00:00
Tinderbox User
43e5a815ba regen v9_10 2016-12-07 01:13:35 +00:00
Mark Andrews
e49bb92384 4527. [doc] Support DocBook XSL Stylesheets v1.79.1. [RT #43831] 
(cherry picked from commit 1b8ce3b330)
 2016-12-07 10:56:40 +11:00
Tinderbox User
3be5d95e3c update copyright notice / whitespace 2016-12-05 23:48:54 +00:00
Mark Andrews
f32a24a236 4524. [bug] The net zero test was broken causing IPv4 servers 
with addresses ending in .0 to be rejected. [RT #43776]

(cherry picked from commit df372d967e)
 2016-12-05 10:49:08 +11:00
Mukund Sivaraman
150ff959d1 Add doc function for cfg_type_querysource4 and cfg_type_querysource6 (#43768) 
(cherry picked from commit 5c843b384d)
(cherry picked from commit 6ae22c4119)
 2016-12-02 11:24:06 +05:30
Mark Andrews
caac0a6e8b 4522. [bug] Handle big gaps in log file version numbers better. 
[RT #38688]

(cherry picked from commit cab871f1bc)
 2016-11-30 11:27:43 +11:00
Mark Andrews
ccfd8ebb9f 4520. [cleanup] Alphabetise more of the grammar when printing it 
out. Fix unbalanced indenting. [RT #43755]

(cherry picked from commit 4352551d23)
 2016-11-29 15:42:09 +11:00
Mark Andrews
cd62059c76 4519. [port] win32: handle ERROR_MORE_DATA. [RT #43534] 
(cherry picked from commit a611e44f9a)
 2016-11-29 11:29:42 +11:00
Mark Andrews
373d3907ac 4516. [bug] isc_socketmgr_renderjson was missing from the 
windows build. [RT #43602]

(cherry picked from commit 358c6ecd26)
 2016-11-22 12:08:37 +11:00
Tinderbox User
9423b4f701 update copyright notice / whitespace 2016-11-08 23:51:48 +00:00
Mark Andrews
a22b4b9ed9 locks are only need in OpenSSL < 1.1 2016-11-09 10:06:39 +11:00
Mark Andrews
8cb6771585 only call dns_test_begin once 
(cherry picked from commit f13c7b01746a07bef87a386ceff93ccb2a7488a9)
(cherry picked from commit 56c6fc0dac)
 2016-11-09 10:03:53 +11:00
Mark Andrews
11088c8f65 remove spurious newline [RT #43585] 
(cherry picked from commit fed2f7e4c1)
 2016-11-09 08:27:32 +11:00
Evan Hunt
174f4cb0ab [v9_10] typo in comment 2016-11-08 09:06:35 -08:00
Mark Andrews
a873ad10bd copyrights/whitespace 2016-11-03 12:47:03 +11:00
Tinderbox User
4282468058 update copyright notice / whitespace 2016-11-02 23:49:23 +00:00
Mark Andrews
0fab2ebfb8 add dns_db_getsize, dns_rdataslab_count, dns_zone_getmaxrecords, dns_zone_setmaxrecords 
(cherry picked from commit aee76db9e3)
 2016-11-03 10:02:18 +11:00
Mark Andrews
1bbcfe2fc8 4504. [security] Allow the maximum number of records in a zone to 
be specified.  This provides a control for issues
                        raised in CVE-2016-6170. [RT #42143]

(cherry picked from commit 5f8412a4cb)
 2016-11-03 10:01:52 +11:00
Evan Hunt
0f254a61f9 [v9_10] typo 2016-11-02 09:43:16 -07:00
Francis Dupont
4dbaeedf93 Fixed IP_PMTUDISC_OMIT typos 2016-11-02 09:21:15 +01:00