upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-21 08:50:32 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
25576 commits 18 branches 854 tags 440 MiB
Commit graph

7993 commits

Author SHA1 Message Date
Mukund Sivaraman
188fa6ea68 Add missing <isc/print.h> 2017-09-13 19:44:47 +05:30
Francis Dupont
804ca1d926 Added isc/string.h to shutdown_test which got strlcpy 2017-09-13 14:34:54 +02:00
Evan Hunt
114f95089c [master] cleanup strcat/strcpy 
4722.	[cleanup]	Clean up uses of strcpy() and strcat() in favor of
			strlcpy() and strlcat() for safety. [RT #45981]
 2017-09-13 00:14:37 -07:00
Evan Hunt
20502f35dd [master] allow CDS/CDNSKEY records to be signed with only KSK 
4721.	[func]		'dnssec-signzone -x' and 'dnssec-dnskey-kskonly'
			options now apply to CDNSKEY and DS records as well
			as DNSKEY. Thanks to Tony Finch. [RT #45689]
 2017-09-12 23:09:48 -07:00
Mark Andrews
e930487ce7 give more time for the initial signing of bits in the inline signing test to complete 2017-09-13 12:18:59 +10:00
Mark Andrews
abda73147d fix first if test in setoption 2017-09-13 11:57:00 +10:00
Evan Hunt
30973087a0 [master] add prefetch stat counter 
4720.	[func]		Added a statistics counter to track prefetch
			queries. [RT #45847]
 2017-09-12 18:41:47 -07:00
Mark Andrews
34130ee25a 4719. [bug] Address PVS static analyzer warnings. [RT #45946] 2017-09-13 09:50:51 +10:00
Tinderbox User
1e33899f86 update copyright notice / whitespace 2017-09-12 23:46:14 +00:00
Evan Hunt
25b33bede4 [master] improve handling of qcount=0 replies 
4717.	[bug]		Treat replies with QCOUNT=0 as truncated if TC=1,
			FORMERR if TC=0, and log the error correctly.
			[RT #45836]
 2017-09-12 15:26:30 -07:00
Evan Hunt
534c43860e [master] update copyrights 2017-09-11 17:47:12 -07:00
Evan Hunt
f3ce87e1a1 [master] copyrights 2017-09-11 17:01:09 -07:00
Tinderbox User
0d9572e437 update copyright notice / whitespace 2017-09-11 23:46:33 +00:00
Evan Hunt
b103b0c011 [master] remap getaddrinfo() to irs_getgetaddrinfo() 
The libirs version of getaddrinfo() cannot be called from within BIND9.
 2017-09-11 15:03:57 -07:00
Evan Hunt
2e0493c046 [master] add print.h 2017-09-11 12:37:58 -07:00
Evan Hunt
3363f3147a [master] DNS Response Policy Service API 
4713.	[func]		Added support for the DNS Response Policy Service
			(DNSRPS) API, which allows named to use an external
			response policy daemon when built with
			"configure --enable-dnsrps".  Thanks to Vernon
			Schryver and Farsight Security. [RT #43376]
 2017-09-11 11:57:43 -07:00
Evan Hunt
8e014c45ae [master] dig: retain domain when retrying with tcp 
4712.	[bug]		"dig +domain" and "dig +search" didn't retain the
			search domain when retrying with TCP. [RT #45547]
 2017-09-11 10:10:16 -07:00
Evan Hunt
3e66721b35 [master] add missing rrtypes to genzones 
4711.	[test]		Some RR types were missing from genzones.sh.
			[RT #45782]
 2017-09-11 09:34:41 -07:00
Tinderbox User
8334115783 regen master 2017-09-10 01:10:23 +00:00
Tinderbox User
672586440b update copyright notice / whitespace 2017-09-09 23:46:01 +00:00
Evan Hunt
e06d728f13 [master] removed outdated library reference 2017-09-09 11:49:04 -07:00
Francis Dupont
90f6140832 Finished merge of rt45019 (openssl hash default) 2017-09-09 10:30:16 +02:00
Evan Hunt
bcb7c7fdad [master] fix tag 2017-09-08 18:22:12 -07:00
Evan Hunt
8eb88aafee [master] add libns and remove liblwres 
4708.   [cleanup]       Legacy Windows builds (i.e. for XP and earlier)
                        are no longer supported. [RT #45186]

4707.	[func]		The lightweight resolver daemon and library (lwresd
			and liblwres) have been removed. [RT #45186]

4706.	[func]		Code implementing name server query processing has
			been moved from bin/named to a new library "libns".
			Functions remaining in bin/named are now prefixed
			with "named_" rather than "ns_".  This will make it
			easier to write unit tests for name server code, or
			link name server functionality into new tools.
			[RT #45186]
 2017-09-08 13:47:34 -07:00
Mark Andrews
164616cb9c don't attempt to link -lcrypto multiple times 2017-09-08 16:15:37 +10:00
Evan Hunt
509ba96497 [rt45019] separate DNS_CRYPTO_LIBS from ISC_OPENSSL_LIBS and use both 2017-09-07 22:05:20 -07:00
Mark Andrews
b6b33d0f48 ISCLIBS should be after DNSLIBS 2017-09-08 12:52:48 +10:00
Tinderbox User
7bd8900aa8 update copyright notice / whitespace 2017-09-07 23:46:43 +00:00
Evan Hunt
1fd1c0b027 [rt45019] fix some library ordering problems 2017-09-06 23:01:54 -07:00
Mark Andrews
7e40d6274e 4703. [bug] BINDInstall.exe was missing some buffer length checks. 
[RT #45898]
 2017-09-07 12:56:16 +10:00
Tinderbox User
40780aa36f update copyright notice / whitespace 2017-09-06 23:46:23 +00:00
Mark Andrews
023ab19634 add quotes arount $send_response 2017-09-06 19:26:10 +10:00
Mark Andrews
b56021f0be silence 'staleanswersok' may be used uninitialized in this function warning. [RT #14147 2017-09-06 12:16:10 +10:00
Tinderbox User
95bbb75143 regen master 2017-09-06 01:11:43 +00:00
Mark Andrews
d1cd273b7b fix merge error 2017-09-06 10:04:17 +10:00
Mark Andrews
df50751585 4700. [func] Serving of stale answers is now supported. This 
allows named to provide stale cached answers when
                        the authoritative server is under attack.
                        See max-stale-ttl, stale-answer-enable,
                        stale-answer-ttl. [RT #44790]
 2017-09-06 09:58:29 +10:00
Tinderbox User
421f833b67 update copyright notice / whitespace 2017-09-04 23:46:16 +00:00
Mark Andrews
e2a737bcb8 4699. [func] Multiple cookie-secret clauses can now be specified. 
The first one specified is used to generate new
                        server cookies.  [RT #45672]
 2017-09-05 09:19:45 +10:00
Michał Kępień
a5dc1bc395 [master] Add --with-python-install-dir configure option 
4698.	[port]		Add --with-python-install-dir configure option to allow
			specifying a nonstandard installation directory for
			Python modules. [RT #45407]
 2017-09-04 08:40:23 +02:00
Mark Andrews
39a7292aab check for dnssec support 2017-09-04 10:23:03 +10:00
Tinderbox User
24036b61f6 update copyright notice / whitespace 2017-09-01 23:45:56 +00:00
Mark Andrews
eb7c571e93 specify algorithm 2017-09-01 15:34:38 +10:00
Mark Andrews
0f1fc8f421 specify algorithm; remove partial duplicate test; add missing test numbers 2017-09-01 14:52:26 +10:00
Tinderbox User
e640ea9343 regen master 2017-09-01 01:11:29 +00:00
Evan Hunt
5999f1ebd6 [master] initialize result and rdataset variables 2017-08-31 14:20:00 -07:00
Mark Andrews
2e743d9bdc Squashed commit of the following: 
commit 2a0e5695da2e0f701191e2783209ac05c9d01e6c
Author: Mark Andrews <marka@isc.org>
Date:   Thu Aug 31 12:15:05 2017 +1000

    remove 'on' from error message

commit f18a8d699b69be35b938cfe2b30ebb30cd78e814
Author: Mark Andrews <marka@isc.org>
Date:   Thu Aug 31 11:58:41 2017 +1000

    add more cookie-secret named-checkconf tests

commit ca8f5f5f57ccbeb970310866523a909eb411a554
Author: Mark Andrews <marka@isc.org>
Date:   Thu Aug 31 11:31:57 2017 +1000

    properly check algorithm names
 2017-08-31 12:19:37 +10:00
Evan Hunt
45afdb2672 [master] remove default algorithm in dnssec-keygen 
4594.	[func]		dnssec-keygen no longer uses RSASHA1 by default;
			the signing algorithm must be specified on
			the command line with the "-a" option.  Signing
			scripts that rely on the existing default behavior
			will break; use "dnssec-keygen -a RSASHA1" to
			repair them. (The goal of this change is to make
			it easier to find scripts using RSASHA1 so they
			can be changed in the event of that algorithm
			being deprecated in the future.) [RT #44755]
 2017-08-30 18:51:11 -07:00
Tinderbox User
2bfc294f0a regen master 2017-08-31 01:11:54 +00:00
Tinderbox User
587f005032 update copyright notice / whitespace 2017-08-30 23:46:18 +00:00
Mark Andrews
0aed466565 4693. [func] Synthesis of responses from DNSSEC-verified records. 
Stage 1 covers NXDOMAIN synthesis from NSEC records.
                        This is controlled by synth-from-dnssec and is enabled
                        by default. [RT #40138]
 2017-08-31 07:57:50 +10:00