upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-23 01:40:23 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
15960 commits 18 branches 854 tags 440 MiB
Commit graph

7721 commits

Author SHA1 Message Date
Evan Hunt
76786c2904 - assorted changes needed for windows build 
- began versioning for 9.7.0a1
 2009-06-12 02:33:21 +00:00
Automatic Updater
754cb8a2b3 update copyright notice 2009-06-11 23:47:56 +00:00
Automatic Updater
b6306ef56e update copyright notice 2009-06-10 23:47:47 +00:00
Evan Hunt
18ad4708eb commit windows build changes needed for DDNS patch 2009-06-10 23:36:57 +00:00
Evan Hunt
351b62535d 2609. [func] Simplify the configuration of dynamic zones: 
- add ddns-confgen command to generate
			  configuration text for named.conf
			- add zone option "ddns-autoconf yes;", which
			  causes named to generate a TSIG session key
			  and allow updates to the zone using that key
			- add '-l' (localhost) option to nsupdate, which
			  causes nsupdate to connect to a locally-running
			  named process using the session key generated
			  by named
			[RT #19284]
 2009-06-10 00:27:22 +00:00
Mark Andrews
afbe695de3 "got insecure response; parent indicates it should be secure" wrongly emitted [RT #19800] 2009-06-09 22:57:09 +00:00
Mark Andrews
3d785d7666 dns_dnssec_selfsigns 2009-06-04 04:58:10 +00:00
Automatic Updater
39844d4710 update copyright notice 2009-06-04 02:56:47 +00:00
Mark Andrews
2534a73a59 2608. [func] Perform post signing verification checks in 
dnssec-signzone.  These can be disabled with -P.

                        The post sign verification test ensures that for each
                        algorithm in use there is at least one non revoked
                        self signed KSK key.  That all revoked KSK keys are
                        self signed.  That all records in the zone are signed
                        by the algorithm.  [RT #19653]
 2009-06-04 02:13:37 +00:00
Mark Andrews
f05a6b110f 2607. [bug] named could incorrectly delete NSEC3 records for 
empty nodes when processing a update request.
                        [RT #19749]
 2009-06-04 01:43:41 +00:00
Mark Andrews
0bc3af9834 2606. [bug] "delegation-only" was not being accepted in 
delegation-only type zones. [RT #19717]
 2009-06-03 00:04:38 +00:00
Automatic Updater
dc0c165ce3 update copyright notice 2009-06-02 23:47:50 +00:00
Mark Andrews
5422cf284f 2605. [bug] Accept DS responses from delegation only zones. 
[RT # 19296]
 2009-06-02 05:51:44 +00:00
Automatic Updater
e6ada020f5 update copyright notice 2009-05-29 23:47:49 +00:00
Tatuya JINMEI 神明達哉
40d0f115a6 2604. [func] Add support for DNS rebinding attack prevention through 
new options, deny-answer-addresses and
			deny-answer-aliases.  Based on contributed code from
			JD Nurmi, Google. [RT #18192]
 2009-05-29 22:22:37 +00:00
Mark Andrews
7be6336565 2602. [port] win32: fix debugging command line build of libisccfg. 
[RT #19767]
 2009-05-29 01:16:31 +00:00
Automatic Updater
cc5f9fe224 update copyright notice 2009-05-11 02:38:35 +00:00
Mark Andrews
8a805c9f41 spelling 2009-05-11 02:30:07 +00:00
Mark Andrews
4c2ed3d141 2599. [bug] Address rapid memory growth when validation fails. 
[RT #19654]
 2009-05-11 02:22:03 +00:00
Automatic Updater
54cdd2b307 update copyright notice 2009-05-07 23:47:44 +00:00
Francis Dupont
ff380b05fe comment fixes (rt19624) 2009-05-07 09:41:23 +00:00
Mark Andrews
e7eede965d 2597. [bug] Handle a validation failure with a insecure delegation 
from a NSEC3 signed master/slave zone.  [RT #19464]
 2009-05-07 02:34:19 +00:00
Automatic Updater
7a272c6b0d update copyright notice 2009-05-06 23:47:50 +00:00
Tatuya JINMEI 神明達哉
5d7849ad7f 2596. [bug] Stale tree nodes of cache/dynamic rbtdb could stay 
long, leading to inefficient memory usage or rejecting
			newer cache entries in the worst case. [RT #19563]
 2009-05-06 22:53:54 +00:00
Mark Andrews
d2c115f913 2590. [func] Report zone/class of "diff with no effect". [RT #19542] 2009-04-30 06:53:10 +00:00
Automatic Updater
542b74bec7 update copyright notice 2009-04-29 23:48:02 +00:00
Mark Andrews
f030c71500 2589. [bug] dns_db_unregister() failed to clear '*dbimp'. 
[RT #19626]
 2009-04-29 22:11:34 +00:00
Automatic Updater
d76bbb6c40 update copyright notice 2009-04-28 23:48:01 +00:00
Tatuya JINMEI 神明達哉
089f456eb3 2588. [bug] SO_REUSEADDR could be set unconditionally after failure 
of bind(2) call.  This should be rare and mostly
			harmless, but may cause interference with other
			processes that happen to use the same port. [RT #19642]
 2009-04-28 21:39:00 +00:00
Jeremy Reed
f20f19de19 2587. [func] Improve logging by reporting serial numbers for 
when zone serial has gone backwards or unchanged.
			[RT #19506]
 2009-04-28 12:48:35 +00:00
Automatic Updater
ab381c1e22 update copyright notice 2009-04-21 23:48:04 +00:00
Tatuya JINMEI 神明達哉
b1b0dca146 2586. [bug] Missing cleanup of SIG rdataset in searching a DLZ DB 
or SDB. [RT #19577]
 2009-04-21 00:41:02 +00:00
Tatuya JINMEI 神明達哉
cda7c783c3 2585. [bug] Uninitialized socket name could be referenced via a 
statistics channel, triggering an assertion failure in
			XML rendering. [RT #19427]
 2009-04-18 01:28:17 +00:00
Automatic Updater
cc0f37ba17 update copyright notice 2009-04-08 06:48:23 +00:00
Tatuya JINMEI 神明達哉
af2e2f5ed7 2584. [bug] alpha: gcc optimization could break atomic operations. 
[RT #19227]
 2009-04-08 05:46:22 +00:00
Tatuya JINMEI 神明達哉
3dc1cb7e96 wording fix for cpp error message (rt #19569) 2009-04-07 02:49:37 +00:00
Mark Andrews
64e161a7f7 2582. [bug] Don't emit warning log message when we attempt to 
remove non-existant journal. [RT #19516]
 2009-03-26 22:51:54 +00:00
Evan Hunt
6b9728dde7 ARM and log message changes to clarify "insecure response". [rt19400] 2009-03-23 22:30:57 +00:00
Automatic Updater
8e3d340655 update copyright notice 2009-03-17 23:48:02 +00:00
Mark Andrews
72dbc7216a 2579. [bug] DNSSEC lookaside validation failed to handle unknown 
algorithms. [RT #19479]
 2009-03-17 01:34:28 +00:00
Mark Andrews
56708c6fb4 2576. [bug] NSEC record were not being correctly signed when 
a zone transitions from insecure to secure.
                        Handle such incorrectly signed zones. [RET #19114]
 2009-03-13 01:35:18 +00:00
Automatic Updater
74f4bfde4a update copyright notice 2009-03-11 23:47:35 +00:00
Evan Hunt
3f8be559f0 2575. [func] New functions dns_name_fromstring() and 
dns_name_tostring(), to simplify conversion
			of a string to a dns_name structure and vice
			versa. [RT #19451]
 2009-03-11 07:02:34 +00:00
Automatic Updater
2464bd58eb update copyright notice 2009-03-05 23:47:36 +00:00
Mark Andrews
e422b84c73 2573. [bug] Replacing a non-CNAME record with a CNAME record in a 
single transaction in a signed zone failed. [RT #19397]
 2009-03-05 04:54:33 +00:00
Mark Andrews
f605647060 Undocumented firewall test hook. [RT #19398] 2009-03-05 03:13:55 +00:00
Automatic Updater
e61db954bf update copyright notice 2009-03-04 23:48:02 +00:00
Evan Hunt
3a30493983 2572. [func] Simplify DLV configuration, with a new option 
"dnssec-lookaside auto;"  This is the equivalent
			of "dnssec-lookaside . trust-anchor dlv.isc.org;"
			plus setting a trusted-key for dlv.isc.org.

			Note: The trusted key is hard-coded into named,
			but is also stored in (and can be overridden
			by) $sysconfdir/bind.keys.  As the ISC DLV key
			rolls over it can be kept up to date by replacing
			the bind.keys file with a key downloaded from
			https://www.isc.org/solutions/dlv. [RT #18685]
 2009-03-04 02:42:31 +00:00
Automatic Updater
4f91bcae43 update copyright notice 2009-03-02 23:47:43 +00:00
Mark Andrews
98b2be76fc 2567. [bug] dst__privstruct_writefile() could miss write errors. 
write_public_key() could miss write errors.
                        dnssec-dsfromkey could miss write errors.
                        [RT #19360]
 2009-03-02 03:01:04 +00:00