upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-04-28 01:28:05 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
26645 commits 18 branches 854 tags 440 MiB
Commit graph

81 commits

Author SHA1 Message Date
Ondřej Surý
843d389661 Update license headers to not include years in copyright in all applicable files 2018-02-23 10:12:02 +01:00
Evan Hunt
0c559199bf final cleanup 
- add CHANGES note
- update copyrights and license headers
- add -j to the make commands in .gitlab-ci.yml to take
  advantage of parallelization in the gitlab CI process
 2018-02-22 22:58:15 -08:00
Evan Hunt
c032c54dda parallelize most system tests 2018-02-22 15:29:02 -08:00
Evan Hunt
6ce8a05f6c [master] update copyrights that had been missed recently 2017-04-23 17:06:00 -07:00
Mukund Sivaraman
dd7d1df874 Increase minimum RSA keygen size to 1024 bits (#36895) 2017-04-21 12:00:40 +05:30
Witold Krecicki
358dfaee18 4487. [test] Make system tests work on Windows. [RT #42931] 2016-10-19 17:18:42 +02:00
Mark Andrews
f20179857a 4424. [experimental] Named now sends _ta-XXXX.<trust-anchor>/NULL queries 
to provide feedback to the trust-anchor administrators
                        about how key rollovers are progressing as per
                        draft-ietf-dnsop-edns-key-tag-02.  This can be
                        disabled using 'trust-anchor-telemetry no;'.
                        [RT #40583]
 2016-07-22 20:02:17 +10:00
Mark Andrews
0c27b3fe77 4401. [misc] Change LICENSE to MPL 2.0. 2016-06-27 14:56:38 +10:00
Tinderbox User
fea81a5e0e update copyright notice 2014-08-22 23:45:27 +00:00
Mark Andrews
840d6a4614 3925. [bug] DS lookup of RFC 1918 empty zones failed. [RT #36917 2014-08-22 16:32:19 +10:00
Mark Andrews
63e1ac1e09 3890. [bug] RRSIG sets that were not loaded in a single transaction 
at start up where not being correctly added to
                        re-signing heaps.  [RT #36302]
 2014-07-07 12:05:01 +10:00
Evan Hunt
60988462e5 [master] use posix-compatible shell in system tests 
3839.	[test]		Use only posix-compatible shell in system tests.
			[RT #35625]
 2014-05-06 22:06:04 -07:00
Mark Andrews
7e2e41df67 3748. [func] Use delve to test dns_client interfaces. [RT #35383] 2014-02-19 19:33:21 +11:00
Evan Hunt
72fd845d5a [master] remove accidentally committed changes 2014-02-16 13:59:19 -08:00
Evan Hunt
792915beb0 [master] fix accidental dig breakage 2014-02-16 13:42:42 -08:00
Tinderbox User
aa7b16ec2a update copyright notice 2014-01-21 23:46:16 +00:00
Evan Hunt
d58e33bfab [master] testcrypto.sh in system tests 
3714.	[test]		System tests that need to test for cryptography
			support before running can now use a common
			"testcrypto.sh" script to do so. [RT #35213]
 2014-01-20 16:08:09 -08:00
Evan Hunt
b99bfa184b [master] unify internal and export libraries 
3550.	[func]		Unified the internal and export versions of the
			BIND libraries, allowing external clients to use
			the same libraries as BIND. [RT #33131]
 2013-04-10 13:49:57 -07:00
Mark Andrews
8013077aa7 3541. [bug] The parts if libdns was not being properly initialized 
in when built in libexport mode. [RT #33028]
 2013-04-03 17:27:40 +11:00
Tinderbox User
5c6b95ba1b update copyright notice 2013-01-10 23:46:00 +00:00
Mark Andrews
4801931443 3461. [bug] Negative responses could incorrectly have AD=1 
set. [RT #32237]
 2013-01-10 23:09:08 +11:00
Tinderbox User
a3128c1995 update copyright notice 2012-06-29 23:45:57 +00:00
Mark Andrews
bf8267aa45 reverse bad copyright update 2012-06-29 11:39:47 +10:00
Tinderbox User
247bf37860 update copyright notice 2012-06-29 01:22:18 +00:00
Evan Hunt
e41d5a00bc added gitignore, removed cvsignore 2012-03-03 23:10:05 -08:00
Mark Andrews
46d3c6cf40 grep was not precise enough leading to test failure 2011-05-03 16:07:44 +00:00
Automatic Updater
1da9dbcf48 update copyright notice 2011-01-04 23:47:14 +00:00
Evan Hunt
79bf7c874b 3001. [func] Added a default trust anchor for the root zone, which 
can be switched on by setting "dnssec-validation auto;"
			in the named.conf options. [RT #21727]
 2011-01-03 23:45:08 +00:00
Automatic Updater
33cc94f04c update copyright notice 2010-11-17 23:47:09 +00:00
Mark Andrews
a27b3757fd 2968. [security] Named could fail to prove a data set was insecure 
before marking it as insecure.  One set of conditions
                        that can trigger this occurs naturally when rolling
                        DNSKEY algorithms.  [RT #22309]
 2010-11-16 01:14:51 +00:00
Automatic Updater
cf309ffeee update copyright notice 2010-06-25 23:46:51 +00:00
Mark Andrews
f35a87f58f remove leading zeros on keyid 
account for trusted keys not applying to _bind anymore
 2010-06-25 07:28:46 +00:00
Mark Andrews
bf13e709db 2924. [func] 'rndc secroots' dump a combined summary of the 
current managed keys combined with trusted keys.
                        [RT #20904]
 2010-06-25 03:24:05 +00:00
Mark Andrews
c6d2578fd6 2741. [func] Allow the dnssec-keygen progress messages to be 
suppressed (dnssec-keygen -q).  Automatically
                        suppress the progress messages when stdin is not
                        a tty. [RT #20474]
 2009-10-28 00:27:10 +00:00
Mark Andrews
e09cdbac08 2738. [func] Add RSASHA256 and RSASHA512 tests to the dnssec system 
test. [RT #20453]
 2009-10-27 22:25:37 +00:00
Evan Hunt
553ead32ff 2636. [func] Simplify zone signing and key maintenance with the 
dnssec-* tools.  Major changes:
			- all dnssec-* tools now take a -K option to
			  specify a directory in which key files will be
			  stored
			- DNSSEC can now store metadata indicating when
			  they are scheduled to be published, acttivated,
			  revoked or removed; these values can be set by
			  dnssec-keygen or overwritten by the new
			  dnssec-settime command
			- dnssec-signzone -S (for "smart") option reads key
			  metadata and uses it to determine automatically
			  which keys to publish to the zone, use for
			  signing, revoke, or remove from the zone
			[RT #19816]
 2009-07-19 04:18:05 +00:00
Automatic Updater
39844d4710 update copyright notice 2009-06-04 02:56:47 +00:00
Mark Andrews
2534a73a59 2608. [func] Perform post signing verification checks in 
dnssec-signzone.  These can be disabled with -P.

                        The post sign verification test ensures that for each
                        algorithm in use there is at least one non revoked
                        self signed KSK key.  That all revoked KSK keys are
                        self signed.  That all records in the zone are signed
                        by the algorithm.  [RT #19653]
 2009-06-04 02:13:37 +00:00
Automatic Updater
3398334b3a update copyright notice 2008-09-25 04:02:39 +00:00
Mark Andrews
6098d364b6 2448. [func] Add NSEC3 support. [RT #15452] 2008-09-24 02:46:23 +00:00
Automatic Updater
70e5a7403f update copyright notice 2007-06-19 23:47:24 +00:00
Automatic Updater
ec5347e2c7 update copyright notice 2007-06-18 23:47:57 +00:00
Mark Andrews
d6b5e0b0e8 update copyright notice 2006-03-10 00:23:21 +00:00
Mark Andrews
cfe92110ce 2007. [func] It is now possible to explicitly enable DNSSEC 
validation.  default dnssec-validation no; to
                        be changed to yes in 9.5.0.  [RT #15674]
 2006-03-09 23:21:54 +00:00
Mark Andrews
35da39a7f1 update copyright notice 2006-01-04 00:37:24 +00:00
Mark Andrews
2a90390dee 1945. [cleanup] dnssec-keygen: RSA (RSAMD5) is nolonger recommended. 
To generate a RSAMD5 key you must explictly request
                        RSAMD5. [RT #13780]
 2006-01-03 06:06:04 +00:00
Mark Andrews
50105afc55 1589. [func] DNSSEC lookaside validation. 
enable-dnssec -> dnssec-enable
 2004-03-10 02:19:58 +00:00
Mark Andrews
dafcb997e3 update copyright notice 2004-03-05 05:14:21 +00:00
Mark Andrews
821644d49b 1574. [bug] Don't attempt to open the controls socket(s) when 
running tests. [RT #9091]
 2004-03-02 02:01:41 +00:00
Mark Andrews
89783da064 1581. [func] Disable DNSSEC support by default. To enable 
DNSSEC specify "enable-dnssec yes;" in named.conf.
 2004-02-17 03:40:23 +00:00