upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-26 11:32:01 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
26645 commits 18 branches 854 tags 440 MiB
Commit graph

57 commits

Author SHA1 Message Date
Ondřej Surý
843d389661 Update license headers to not include years in copyright in all applicable files 2018-02-23 10:12:02 +01:00
Evan Hunt
c032c54dda parallelize most system tests 2018-02-22 15:29:02 -08:00
Mark Andrews
faba523a40 check warning text 
(cherry picked from commit c6cd108838)
 2018-02-09 14:05:28 +11:00
Mark Andrews
ae09500989 get the correct test file 2018-02-09 13:57:10 +11:00
Evan Hunt
79a2e86827 [master] fix test error 2018-02-08 18:45:46 -08:00
Mark Andrews
baef0ca988 4889. [func] Warn about the use of old root keys without the new 
root key being present.  Warn about dlv.isc.org's
                        key being present. Warn about both managed and
                        trusted root keys being present. [RT #43670]
 2018-02-09 12:04:45 +11:00
Tinderbox User
2fac9b0be6 update copyright notice / whitespace 2018-02-07 23:45:53 +00:00
Mark Andrews
ec771bbdc8 4885. [security] update-policy rules that otherwise ignore the name 
field now require that it be set to "." to ensure
                        that any type list present is properly interpreted.
                        [RT #47126]
 2018-02-07 13:34:02 +11:00
Tinderbox User
2658ebbcba update copyright notice / whitespace 2017-10-29 23:45:51 +00:00
Mark Andrews
40e1e659b6 add missing test number increment 2017-10-30 08:50:00 +11:00
Mark Andrews
f5e1b555c5 4801. [func] 'dnssec-lookaside auto;' and 'dnssec-lookaside . 
trust-anchor dlv.isc.org;' now elicit warnings rather
                        than being fatal configuration errors. [RT #46410]
 2017-10-30 07:40:59 +11:00
Mark Andrews
762c4fc5a8 4539. [bug] Referencing a nonexistant zone with rpz could lead 
to a assertion failure when configuring. [RT #43787]
 2016-12-27 08:59:07 +11:00
Mark Andrews
61747916ed 4506. [func] 'named-checkconf -l' will now list the zones found in 
named.conf. [RT #43154]
 2016-11-02 17:47:51 +11:00
Mark Andrews
0c27b3fe77 4401. [misc] Change LICENSE to MPL 2.0. 2016-06-27 14:56:38 +10:00
Mark Andrews
3635d8f910 do not overflow exit status. [RT #42643] 2016-06-14 13:48:39 +10:00
Mark Andrews
b91d11bfcc copyrights / whitespace 2016-02-11 10:44:21 +11:00
Mukund Sivaraman
0c29904b27 Check that configured view class isn't a meta class (#41572) 2016-02-08 13:58:01 +05:30
Witold Krecicki
e6d0a391f5 4223. [func] Add support for setting max-cache-size to percentage 
of available physical memory, set default to 90%.
			[RT #38442]
 2015-09-28 11:08:50 +02:00
Mark Andrews
075a3d60c2 4197. [bug] 'named-checkconf -z' didn't handle 'in-view' clauses. 
[RT #40603]
 2015-09-09 17:56:23 +10:00
Mark Andrews
fbd9aaa58c 4194. [bug] named-checkconf -p failed to properly print a port 
range.  [RT #40634]
 2015-09-09 16:49:11 +10:00
Mukund Sivaraman
8f25faf972 Fix a regression in radix tree implementation introduced by ECS code (#38983) 2015-05-05 13:11:23 +05:30
Tinderbox User
63b0524b96 update copyright notice / whitespace 2015-01-08 23:45:22 +00:00
Mark Andrews
d1f1f13c7f 4031. [bug] named-checkconf -z failed to report a missing file 
with a hint zone. [RT #38294]
 2015-01-08 19:19:12 +11:00
Evan Hunt
498b061031 [master] allow 1-week nta-lifetime/nta-recheck 
3983.	[bug]		Change #3940 was incomplete: negative trust anchors
			could be set to last up to a week, but the
			"nta-lifetime" and "nta-recheck" options were
			still limted to one day. [RT #37522]
 2014-10-20 13:40:17 -07:00
Evan Hunt
0c2313eb36 [master] fixes to checkconf test, HIP casecompare 
3933.	[bug]		Corrected the implementation of dns_rdata_casecompare()
			for the HIP rdata type.  [RT #36911]

3932.	[test]		Improved named-checkconf tests. [RT #36911]
 2014-08-27 21:36:13 -07:00
Evan Hunt
baad8d9fd8 [master] allow null "file" for DLZ or alternate db zones 
3803.	[bug]		"named-checkconf -z" incorrectly rejected zones
			using alternate data sources for not having a "file"
			option. [RT #35685]
 2014-04-07 13:29:56 -07:00
Evan Hunt
35f6a21f5f [master] max-zone-ttl 
3746.	[func]		New "max-zone-ttl" option enforces maximum
			TTLs for zones. If loading a zone containing a
			higher TTL, the load fails. DDNS updates with
			higher TTLs are accepted but the TTL is truncated.
			(Note: Currently supported for master zones only;
			inline-signing slaves will be added.) [RT #38405]
 2014-02-18 23:26:50 -08:00
Evan Hunt
e45d0508c3 [master] skip unnecesary also-notify data 
3713.	[bug]		Save memory by not storing "also-notify" addresses
			in zone objects that are configured not to send
			notify requests. [RT #35195]
 2014-01-20 15:53:51 -08:00
Mark Andrews
a7c412f37c update copyrights 2014-01-11 07:07:56 +11:00
Mark Andrews
ff6de396a9 3701. [func] named-checkconf can now suppress the printing of 
shared secrets by specifying '-x'. [RT #34465]
 2014-01-10 16:56:36 +11:00
Evan Hunt
c14ba71070 [master] warn if key-directory doesn't exist 
3694.	[bug]		Warn when a key-directory is configured for a zone,
			but does not exist or is not a directory. [RT #35109]
 2013-12-20 14:57:03 -08:00
Evan Hunt
d999ca28d4 [master] check hint files in named-checkconf -z 
3676.	[bug]		"named-checkconf -z" now checks zones of type
			hint and redirect as well as master. [RT #35046]
 2013-11-25 12:26:53 -08:00
Mark Andrews
1e34fe9044 3582. [bug] Silence false positive warning regarding missing file 
directive for inline slave zones.  [RT #33662]
 2013-06-04 11:34:03 +10:00
Tinderbox User
313b0ea9f2 update copyright notice 2013-03-23 23:46:06 +00:00
Evan Hunt
67adc03ef8 [master] add DSCP support 
3535.	[func]		Add support for setting Differentiated Services Code
			Point (DSCP) values in named.  Most configuration
			options which take a "port" option (e.g.,
			listen-on, forwarders, also-notify, masters,
			notify-source, etc) can now also take a "dscp"
			option specifying a code point for use with
			outgoing traffic, if supported by the underlying
			OS. [RT #27596]
 2013-03-22 14:05:33 -07:00
Evan Hunt
2b8bed6681 [master] multiple-dlz/dlz-nxdomain 
3432.	[func]		Multiple DLZ databases can now be configured.
			DLZ databases are searched in the order configured,
			unless set to "search no", in which case a
			zone can be configured to be retrieved from a
			particular DLZ database by using a "dlz <name>"
			option in the zone statement.  DLZ databases can
			support type "master" and "redirect" zones.
			[RT #27597]
 2012-12-06 12:39:52 -08:00
Evan Hunt
f46168b879 [master] allow dnssec options in inline-signing slaves 
3408.	[bug]		Some DNSSEC-related options (update-check-ksk,
			dnssec-loadkeys-interval, dnssec-dnskey-kskonly)
			are now legal in slave zones as long as
			inline-signing is in use. [RT #31078]
 2012-10-26 16:14:59 -07:00
Mark Andrews
aa49af836c 3385. [bug] named-checkconf didn't detect missing master lists 
in also-notify clauses. [RT #30810]
 2012-10-02 13:06:02 +10:00
Mark Andrews
076bda8c2e we didn't catch a zero option at the global level when views are active 2012-08-17 13:40:17 +10:00
Evan Hunt
820fdd61dd properly range-check fields that do not allow 0 
3362.	[bug]		Setting some option values to 0 in named.conf
			could trigger an assertion failure on startup.
			[RT #27730]
 2012-08-13 22:39:42 -07:00
Evan Hunt
3f755529ee address memory leak with bad tsig secret 
3359.	[bug]		An improperly-formed TSIG secret could cause a
                        memory leak. [RT #30607]
 2012-08-10 20:15:59 -07:00
Mark Andrews
bf8267aa45 reverse bad copyright update 2012-06-29 11:39:47 +10:00
Tinderbox User
247bf37860 update copyright notice 2012-06-29 01:22:18 +00:00
Tinderbox User
5fa46bc916 update copyright notice 2012-03-10 23:45:53 +00:00
Evan Hunt
207845805e set $Id$ 2012-03-07 08:18:20 -08:00
Evan Hunt
2d7f41d66c Revert "Re-created rt27597a for ongoing DLZ work" 
This reverts commit d731ee9121.
 2012-03-05 15:42:52 -08:00
Evan Hunt
d731ee9121 Re-created rt27597a for ongoing DLZ work 2012-03-05 14:45:30 -08:00
Evan Hunt
632c0f1e91 Revert accidental merge of unfinished DLZ work 2012-03-05 14:44:21 -08:00
Evan Hunt
954501715d checkpoint: multiple-DLZ functionality 
- multiple DLZ's can be specified, including multiple DLZ's using
   the same driver; e.g., two different back-ends both loaded by the
   dlopen driver
 - new "search" option can be specified in a DLZ indicating whether
   this DLZ database should be searched for unknown zones.  The
   default is "yes".  If "no", then the zone can only be found by
   named if it's registered in the zone table, which happens if the
   zone is configured for dynamic updates, or if "dlz <dlzname>" is
   specified in the zone statement. (The latter functionality is
   incomplete in this commit).
 2012-03-03 22:43:38 -08:00
Mark Andrews
ac43690858 3209. [func] Add "dnssec-lookaside 'off'". [RT #24858] 2011-11-07 00:14:11 +00:00