upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-26 03:11:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
26645 commits 18 branches 854 tags 440 MiB
Commit graph

355 commits

Author SHA1 Message Date
Evan Hunt
0fabe0da83 update file headers 2018-03-15 18:33:13 -07:00
Evan Hunt
ccfe778c01 migrate tests from bin/tests/dnssec-signzone to bin/tests/system/dnssec 
- added tests to the dnssec system test that duplicate the ones
  from bin/tests/dnssec-signzone
- changed cleanall.sh so it doesn't automatically remove all
  key files, because there are now some of those that are part of the
  distribution
 2018-03-09 14:12:48 -08:00
Evan Hunt
0e52fbd0b3 clean up test output 
- removed a few remaing places where output wasn't being passed
  through echo_i or cat_i
- added a "digcomp" function to conf.sh.in to send digcomp.pl output
  through cat_i and return the correct exit value
- set SYSTESTDIR when calling echo_i from nsX directories, so that
  the test name will always be printed correctly
- fixed a test name typo in conf.sh.in
 2018-02-26 23:37:05 -08:00
Ondřej Surý
843d389661 Update license headers to not include years in copyright in all applicable files 2018-02-23 10:12:02 +01:00
Evan Hunt
0c559199bf final cleanup 
- add CHANGES note
- update copyrights and license headers
- add -j to the make commands in .gitlab-ci.yml to take
  advantage of parallelization in the gitlab CI process
 2018-02-22 22:58:15 -08:00
Evan Hunt
c032c54dda parallelize most system tests 2018-02-22 15:29:02 -08:00
Tinderbox User
a6e307c5f1 update copyright notice / whitespace 2017-12-13 23:45:37 +00:00
Mark Andrews
4d1bbe308d 4847. [bug] dnssec-dnskey-kskonly was not being honoured for 
CDS and CDNSKEY. [RT #46755]
 2017-12-13 12:40:36 +11:00
Mark Andrews
80739779fc read dig.out.ns3.test$n rather than dig.out.ns2.test$n 2017-10-25 15:02:36 +11:00
Mark Andrews
969d923536 4783. [test] dnssec: 'check that NOTIFY is sent at the end of 
NSEC3 chain generation failed' required more time
                        on some machines for the IXFR to complete. [RT #46388]
 2017-10-25 09:21:14 +11:00
Mark Andrews
6b8e4d6e69 4782. [test] dnssec: 'checking positive and negative validation 
with negative trust anchors' required more time to
                        complete on some machines. [RT #46386]
 2017-10-25 09:13:05 +11:00
Mark Andrews
b41c1aacbc 4759. [func] Add logging channel "trust-anchor-telementry" to 
record trust-anchor-telementry in incoming requests.
                        Both _ta-XXXX.<anchor>/NULL and EDNS KEY-TAG options
                        are logged.  [RT #46124]
 2017-10-06 13:01:14 +11:00
Evan Hunt
20502f35dd [master] allow CDS/CDNSKEY records to be signed with only KSK 
4721.	[func]		'dnssec-signzone -x' and 'dnssec-dnskey-kskonly'
			options now apply to CDNSKEY and DS records as well
			as DNSKEY. Thanks to Tony Finch. [RT #45689]
 2017-09-12 23:09:48 -07:00
Tinderbox User
24036b61f6 update copyright notice / whitespace 2017-09-01 23:45:56 +00:00
Mark Andrews
0f1fc8f421 specify algorithm; remove partial duplicate test; add missing test numbers 2017-09-01 14:52:26 +10:00
Evan Hunt
45afdb2672 [master] remove default algorithm in dnssec-keygen 
4594.	[func]		dnssec-keygen no longer uses RSASHA1 by default;
			the signing algorithm must be specified on
			the command line with the "-a" option.  Signing
			scripts that rely on the existing default behavior
			will break; use "dnssec-keygen -a RSASHA1" to
			repair them. (The goal of this change is to make
			it easier to find scripts using RSASHA1 so they
			can be changed in the event of that algorithm
			being deprecated in the future.) [RT #44755]
 2017-08-30 18:51:11 -07:00
Mark Andrews
0aed466565 4693. [func] Synthesis of responses from DNSSEC-verified records. 
Stage 1 covers NXDOMAIN synthesis from NSEC records.
                        This is controlled by synth-from-dnssec and is enabled
                        by default. [RT #40138]
 2017-08-31 07:57:50 +10:00
Mark Andrews
52fd57c989 4681. [bug] Log messages from the validator now include the 
associated view unless the view is "_default/IN"
                        or "_dnsclient/IN". [RT #45770]
 2017-08-16 09:29:20 +10:00
Evan Hunt
c8b76b0168 [master] remove sigchase reference in system test 2017-08-09 13:25:15 -07:00
Tinderbox User
12ed5d34b9 update copyright notice / whitespace 2017-08-04 23:46:19 +00:00
Evan Hunt
61367c604c [master] refactor resquery_response() and related functions 
4669.	[func]		Iterative query logic in resolver.c has been
			refactored into smaller functions and commented,
			for improved readability, maintainability and
			testability. [RT #45362]
 2017-08-04 16:08:11 -07:00
Tinderbox User
9edeb0f922 update copyright notice / whitespace 2017-07-28 23:46:10 +00:00
Michał Kępień
c150f68609 [master] Clarify error message printed by dnssec-dsfromkey 
4663.	[cleanup]	Clarify error message printed by dnssec-dsfromkey.
			[RT #21731]
 2017-07-28 10:29:22 +02:00
Mark Andrews
f7a22ae512 loop waiting for ns4/managed-keys.bind to be written 2017-07-04 15:53:12 +10:00
Evan Hunt
6ce8a05f6c [master] update copyrights that had been missed recently 2017-04-23 17:06:00 -07:00
Tinderbox User
1f6505a424 update copyright notice / whitespace 2017-04-22 23:45:41 +00:00
Mukund Sivaraman
03be5a6b4e Improve performance for delegation heavy answers and also general query performance (#44029) 2017-04-22 09:22:44 +05:30
Tinderbox User
3618b965d1 update copyright notice / whitespace 2017-04-21 23:45:41 +00:00
Mukund Sivaraman
b0dbcba2d2 Validate glue before adding it to the additional section (#45062) 2017-04-21 14:51:24 +05:30
Mukund Sivaraman
dd7d1df874 Increase minimum RSA keygen size to 1024 bits (#36895) 2017-04-21 12:00:40 +05:30
Tinderbox User
a9e8198788 update copyright notice / whitespace 2017-01-12 23:45:41 +00:00
Mark Andrews
0c43d50368 remove false positives due to bad grep [RT #44178] 2017-01-12 13:59:10 +11:00
Witold Krecicki
358dfaee18 4487. [test] Make system tests work on Windows. [RT #42931] 2016-10-19 17:18:42 +02:00
Evan Hunt
af05768c0e [master] reset ret between NTA tests 2016-10-05 21:06:54 -07:00
Mark Andrews
f20179857a 4424. [experimental] Named now sends _ta-XXXX.<trust-anchor>/NULL queries 
to provide feedback to the trust-anchor administrators
                        about how key rollovers are progressing as per
                        draft-ietf-dnsop-edns-key-tag-02.  This can be
                        disabled using 'trust-anchor-telemetry no;'.
                        [RT #40583]
 2016-07-22 20:02:17 +10:00
Mark Andrews
0c27b3fe77 4401. [misc] Change LICENSE to MPL 2.0. 2016-06-27 14:56:38 +10:00
Mark Andrews
c1bf332c7c silence rm error message 2016-06-20 14:33:33 +10:00
Mark Andrews
eff62988e6 checking that default nta's were lifted due to lifetime were not robust 2016-06-20 14:29:11 +10:00
Mark Andrews
3f0de196f7 report subtest number 2016-06-17 10:50:33 +10:00
Mark Andrews
3635d8f910 do not overflow exit status. [RT #42643] 2016-06-14 13:48:39 +10:00
Evan Hunt
5ecfee97ba [master] copyrights 2016-04-14 19:12:13 -07:00
Evan Hunt
3cd204c4a4 [master] fixed revoked key regression 
4436.	[bug]		Fixed a regression introduced in change #4337 which
			caused signed domains with revoked KSKs to fail
			validation. [RT #42147]
 2016-04-14 18:52:52 -07:00
Jeremy C. Reed
81780ffd74 use -r $RANDFILE for test using keygen 
stops hang
this is for ticket #41898
 2016-03-11 09:27:15 -05:00
Tinderbox User
4a7004f3ce update copyright notice / whitespace 2016-03-10 23:45:16 +00:00
Mark Andrews
7c52595464 4331. [func] When loading managed signed zones detect if the 
RRSIG's inception time is in the future and regenerate
                        the RRSIG immediately. [RT #41808]
 2016-03-10 17:01:08 +11:00
Mark Andrews
08913705e9 specify what to copy 
(cherry picked from commit 88624c9c32)
 2016-02-05 13:54:47 +11:00
Tinderbox User
b7f3400f3b update copyright notice / whitespace 2016-01-28 23:45:29 +00:00
Mark Andrews
832ab79d1f 4305. [bug] dnssec-signzone was not removing unnecessary rrsigs 
from the zone's apex. [RT #41483]
 2016-01-28 15:42:34 +11:00
Evan Hunt
6b8519147a [master] NTAs did not survive reoad/reconfig 
4251.	[bug]		NTAs were deleted when the server was reconfigured
			or reloaded. [RT #41058]
 2015-11-04 10:34:28 -08:00
Witold Krecicki
f85deb5154 log expired NTA at startup 2015-06-08 13:57:24 +02:00