upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-28 04:21:07 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
18788 commits 18 branches 854 tags 440 MiB
Commit graph

8362 commits

Author SHA1 Message Date
Automatic Updater
de6d0a4a36 update copyright notice 2011-07-08 23:47:54 +00:00
Evan Hunt
b47c020d5c 3133. [bug] Change #3114 was incomplete. [RT #24577] 2011-07-08 01:43:26 +00:00
Automatic Updater
2a36d8ca40 update copyright notice 2011-07-07 23:47:50 +00:00
Evan Hunt
67be612120 *** empty log message *** 2011-07-06 18:13:22 +00:00
Evan Hunt
29f6e3e4f9 update cvsignore 2011-07-06 18:12:25 +00:00
Evan Hunt
2a749b3535 oops, missed updating the signature of dns_test_begin() when I merged 
update_test.c
 2011-07-06 18:11:35 +00:00
Evan Hunt
c46ce2d79b 3131. [func] Improve scalability by allocating one zone task 
per 100 zones at startup time, rather than using a
			fixed-size task table. [RT #24406]
 2011-07-06 05:05:52 +00:00
Evan Hunt
42cf2ff7ba 3131. [func] Improve scalability by allocating one zone task 
per 100 zones at startup time, rather than using a
			fixed-size task table. [RT #24406]
 2011-07-06 01:36:32 +00:00
Automatic Updater
122230159d update copyright notice 2011-07-01 23:47:44 +00:00
Evan Hunt
d3b9eefd1c 3130. [func] Support alternate methods for managing a dynamic 
zone's serial number. Two methods are currently
			defined using serial-update-method, "increment"
			(default) and "unixtime". [RT #23849]
 2011-07-01 07:15:19 +00:00
Mark Andrews
a69070d8fa 3130. [func] Support alternate methods for managing a dynamic 
zone's serial number.  Two methods are currently
                        defined using serial-update-method, "increment"
                        (default) and "unixtime".  [RT #23849]
 2011-07-01 02:25:48 +00:00
Automatic Updater
313b4dc3b2 update copyright notice 2011-06-17 23:47:49 +00:00
Mark Andrews
b4eaa17e82 update for api changes 2011-06-17 07:28:33 +00:00
Evan Hunt
e7220c9b84 3129. [bug] Named could crash on 'rndc reconfig' when 
allow-new-zones was set to yes and named ACLs
			were used, [RT #22739]
 2011-06-17 07:05:02 +00:00
Automatic Updater
0f467ed4d4 update copyright notice 2011-06-10 23:47:32 +00:00
Evan Hunt
79ce3a9e82 3128. [func] Inserting an NSEC3PARAM via dynamic update in an 
auto-dnssec zone that has not been signed yet
			will cause it to be signed with the specified NSEC3
			parameters when keys are activated.  The
			NSEC3PARAM record will not appear in the zone until
			it is signed, but the parameters will be stored.
			[RT #23684]
 2011-06-10 01:51:09 +00:00
Evan Hunt
5e3affc6a0 3127. [bug] 'rndc thaw' will now remove a zone's journal file 
if the zone serial number has been changed and
			ixfr-from-differences is not in use.  [RT #24687]
 2011-06-10 01:32:38 +00:00
Evan Hunt
6de9744cf9 3124. [bug] Use an rdataset attribute flag to indicate 
negative-cache records rather than using rrtype 0;
			this will prevent problems when that rrtype is
			used in actual DNS packets. [RT #24777]

3123.	[security]	Change #2912 exposed a latent flaw in
			dns_rdataset_totext() that could cause named to
			crash with an assertion failure. [RT #24777]
 2011-06-08 22:13:51 +00:00
Automatic Updater
6406d6507a update copyright notice 2011-05-26 23:47:28 +00:00
Evan Hunt
fbe2cff19f 3121. [security] An authoritative name server sending a negative 
response containing a very large RRset could
                        trigger an off-by-one error in the ncache code
                        and crash named. [RT #24650]
 2011-05-26 23:11:15 +00:00
Mark Andrews
4100ae5109 move dns_trust_totext from masterdump.c to rdataset.c so that exportlib will build 2011-05-26 07:56:39 +00:00
Mark Andrews
ea82782532 3120. [bug] Named could fail to validate zones list in a DLV 
that validated insecure without using DLV and had
                        DS records in the parent zone. [RT #24631]
 2011-05-26 04:35:02 +00:00
Evan Hunt
0245f7725c 3118. [bug] When rolling to a new DNSSEC key, a private-type 
record could be created and never marked complete.
			[RT #23253]
 2011-05-26 04:25:47 +00:00
Evan Hunt
bfe32d08c5 3116. [func] New 'dnssec-update-mode' option controls updates 
of DNSSEC records in signed dynamic zones.  Set to
			'no-resign' to disable automatic RRSIG regeneration
			while retaining the ability to sign new or changed
			data. [RT #24533]
 2011-05-23 20:10:03 +00:00
Automatic Updater
b1b37b61da update copyright notice 2011-05-19 23:47:17 +00:00
Evan Hunt
ff330a6273 another post-commit fix for change 3114: call dns_db_resigned()/ 
dns_db_setsigningtime() only when incrementally resigning, not other
times.
 2011-05-19 21:29:07 +00:00
Evan Hunt
276f9fac3e another post-commit bugfix for change 3114: need to take rndc freeze into 
account in determining whether zone is dynamic
 2011-05-19 04:44:58 +00:00
Evan Hunt
d9343d917a minor code simplification 2011-05-19 04:33:17 +00:00
Evan Hunt
2a4f494565 Change 3114 wasn't complete--needed to remove another call to 
dns_db_resigned().
 2011-05-19 04:28:33 +00:00
Scott Mann
a50ce0f80b Fix for RT #23136 task 1. 2011-05-19 00:31:57 +00:00
Evan Hunt
ab77e813ea add dns_dnssec_signs 2011-05-17 01:48:24 +00:00
Automatic Updater
687d47f6c9 update copyright notice 2011-05-16 23:47:41 +00:00
Evan Hunt
5c8ec4d5ea "make install" was failing when building with both exportlibs and libtool. 
(trivial makefile fix, no CHANGES note.) [RT #24425]
 2011-05-16 22:58:05 +00:00
Evan Hunt
de7df3e56f 3111. [bug] Improved consistency checks for dnssec-enable and 
dnssec-validation, added test cases to the
                        checkconf system test. [RT #24398]
 2011-05-07 05:55:17 +00:00
Automatic Updater
40717638fa update copyright notice 2011-05-06 23:47:29 +00:00
Evan Hunt
ac21f918f2 3109. [func] The also-notify option now uses the same syntax 
as a zone's masters clause.  This means it is
			now possible to specify a TSIG key to use when
			sending notifies to a given server, or to include
			an explicit named masters list in an also-notfiy
			statement.  [RT #23508]
 2011-05-06 21:23:51 +00:00
Evan Hunt
485522d7e1 3108. [cleanup] dnssec-signzone: Clarified some error and 
warning messages; removed #ifdef ALLOW_KSKLESS_ZONES
			code (use -P instead). [RT #20852]

3107.	[bug]		dnssec-signzone: Report the correct number of ZSKs
			when using -x. [RT #20852]
 2011-05-06 21:08:33 +00:00
Evan Hunt
989fb50178 fixed an error in prior commit 2011-05-05 18:04:01 +00:00
Evan Hunt
d454a60f56 3103. [bug] Configuring 'dnssec-validation auto' in a view 
instead of in the options statement could trigger
			an assertion failure in named-checkconf. [RT #24382]
 2011-05-05 16:13:35 +00:00
Automatic Updater
54968ae88e update copyright notice 2011-04-29 23:47:18 +00:00
Evan Hunt
39f2d1a96a 3102. [func] New 'dnssec-loadkeys-interval' option configures 
how often, in minutes, to check the key repository
			for updates when using automatic key maintenance.
			Default is every 60 minutes (formerly hard-coded
			to 12 hours). [RT #23744]

3101.	[bug]		Zones using automatic key maintenance could fail
			to check the key repository for updates. [RT #23744]
 2011-04-29 21:37:15 +00:00
Mark Andrews
1b9a5fa77f isc_file_isplainfile 2011-04-08 05:36:15 +00:00
Mark Andrews
53c1e5f991 dns_cache_create3 2011-04-08 04:45:03 +00:00
Mark Andrews
2b3bcbce23 3096. [bug] Set KRB5_KTNAME before calling log_cred() in 
dst_gssapi_acceptctx(). [RT #24004]
 2011-04-07 23:03:22 +00:00
Mark Andrews
9cf04a12ec 3095. [bug] Handle isolated reserved ports in the port range. 
[RT #23957]
 2011-04-06 10:27:16 +00:00
Mark Andrews
6b89a2c905 format portability: cast socklen_t -> long and use %ld 2011-04-05 06:33:50 +00:00
Mark Andrews
60821a4c33 1 -> 1U 2011-04-04 11:09:11 +00:00
Mark Andrews
64abedd85a unsigned constants 2011-03-28 05:32:16 +00:00
Mark Andrews
fade3b5f91 unsigned constants 2011-03-28 05:20:08 +00:00
Mark Andrews
d97637ce11 unsigned constants 2011-03-28 03:41:55 +00:00