Evan Hunt
fa43390ed9
[v9_9] prep 9.9.8rc1
2015-08-25 11:22:50 -07:00
Mark Andrews
6c09fd0e6b
4193. [bug] Handle broken servers that return BADVERS incorrectly.
...
[RT #40427 ]
2015-08-25 16:55:19 +10:00
Mark Andrews
7d0a5cd8c9
4192. [bug] The default rrset-order of random was not always being
...
applied. [RT #40456 ]
(cherry picked from commit 9b956d342e
2015-08-25 14:53:04 +10:00
Mark Andrews
79f23b271e
4191. [protocol] Accept DNS-SD non LDH PTR records in reverse zones
...
as per RFC 6763. [RT #37889 ]
(cherry picked from commit 5855fd79e3
2015-08-25 14:46:41 +10:00
Mark Andrews
fea8a9d56b
4190. [protocol] Accept Active Diretory gc._msdcs.<forest> name as
...
valid with check-names. <forest> still needs to be
LDH. [RT #40399 ]
(cherry picked from commit dc3912f3ca
2015-08-22 15:28:16 +10:00
Mark Andrews
d7ef667588
4189. [cleanup] Don't exit on overly long tokens in named.conf.
...
[RT #40418 ]
(cherry picked from commit 7d0dfa63cf
2015-08-22 15:08:56 +10:00
Mark Andrews
66882699d9
4188. [bug] Support HTTP/1.0 client properly on the statistics
...
channel. [RT #40261 ]
(cherry picked from commit 18ba804f3a
2015-08-20 09:56:10 +10:00
Tinderbox User
d901205191
update copyright notice / whitespace
2015-08-18 23:46:14 +00:00
Mark Andrews
2726af6715
#include <isc/safe.h>
2015-08-19 05:35:09 +10:00
Mukund Sivaraman
e37f7fb8ce
Use unknown format when totext() is not implemented for any RDATA ( #40317 )
...
(cherry picked from commit ec3dbae9ebff82214714
2015-08-18 20:17:44 +05:30
Mark Andrews
88045c98ea
Revert "#include <isc/safe.h>"
...
This reverts commit e901c42e9f
2015-08-18 21:23:22 +10:00
Mark Andrews
e901c42e9f
#include <isc/safe.h>
2015-08-18 19:43:19 +10:00
Mark Andrews
06642559b7
add isc_safe_memequal and isc_safe_memcompare; remove isc_safe_memcmp
...
(cherry picked from commit 47d459ef43
2015-08-18 12:25:43 +10:00
Evan Hunt
05d0d33cb8
[v9_9] timing safe memory comparisons
...
4183. [cleanup] Use timing-safe memory comparisons in cryptographic
code. Also, the timing-safe comparison functions have
been renamed to avoid possible confusion with
memcmp(). [RT #40148 ]
(cherry picked from commit 420a43c8d8
2015-08-17 18:31:11 -07:00
Tinderbox User
c4e27dcf82
update copyright notice / whitespace
2015-08-17 23:46:29 +00:00
Mukund Sivaraman
09796fdd84
Use mnemonics for RR class and type comparisons ( #40297 )
...
(cherry picked from commit b0ba1a605925747be3cb
2015-08-17 12:29:02 +05:30
Mark Andrews
5c0836a295
4181. [bug] Queued notify messages could be dequeued from the
...
wrong rate limiter queue. [RT #40350 ]
(cherry picked from commit 70862302f8
2015-08-17 10:38:40 +10:00
Tinderbox User
c8b1b9141e
update copyright notice / whitespace
2015-08-14 23:46:19 +00:00
Mukund Sivaraman
4abc820714
Fix double frees in getaddrinfo() in libirs ( #40209 )
...
(cherry picked from commit d7262e5c86cec7b98404
2015-08-14 14:10:14 +05:30
Mukund Sivaraman
0ada9e238a
Fix assertion failure in parsing UNSPEC(103) RR from text ( #40274 )
...
(cherry picked from commit 984d2bb9e59a88ab054b
2015-08-14 13:35:11 +05:30
Mukund Sivaraman
ee7ee1c4f7
Fix assertion failure in parsing NSAP records from text
...
(cherry picked from commit 474921d7339250173510
2015-08-14 13:15:25 +05:30
Mark Andrews
84cfddb9d3
4175. [bug] TKEY with GSS-API keys needed bigger buffers.
...
[RT #40333 ]
(cherry picked from commit 9dc5ef7f24
2015-08-14 08:25:59 +10:00
Tinderbox User
26846a23ab
update copyright notice / whitespace
2015-08-12 23:46:15 +00:00
Mark Andrews
d9ce8a0667
4172. [bug] Named / named-checkconf didn't handle a view of CLASS0.
...
[RT #40265 ]
(cherry picked from commit 151f1bcd5e
2015-08-12 19:06:41 +10:00
Evan Hunt
7d665f7666
[v9_9] fix tsig class checks
...
4171. [bug] Fixed incorrect class checks in TSIG RR
implementation. [RT #40287 ]
2015-08-11 22:17:24 -07:00
Evan Hunt
75f4d49205
[v9_9] fix length check in OPENPGPKEY
...
4170. [security] An incorrect boundary check in the OPENPGPKEY
rdatatype could trigger an assertion failure.
[RT #40286 ]
2015-08-11 20:02:45 -07:00
Tinderbox User
cd80053809
update copyright notice / whitespace
2015-08-07 23:46:19 +00:00
Evan Hunt
0d83784a75
[v9_9] address buffer accounting error
...
4168. [security] A buffer accounting error could trigger an
assertion failure when parsing certain malformed
DNSSEC keys. (CVE-2015-5722) [RT #40212 ]
(cherry picked from commit ce9f893e21
2015-08-07 13:22:40 -07:00
Mukund Sivaraman
4df82d6ab8
Remove missing symbols (Windows)
2015-07-31 20:33:06 +05:30
Mukund Sivaraman
5cfbc228ca
Bump api versions for 9.9.8b1
2015-07-31 19:42:23 +05:30
Mukund Sivaraman
d6ef589b99
Fix win32 build (UNUSED is present later)
...
(cherry picked from commit 63dcc28d3e
2015-07-31 15:01:20 +05:30
Mark Andrews
5dc3a1c3d3
4165. [bug] An failure to reset a value to NULL in tkey.c could
...
result in an assertion failure. (CVE-2015-5477)
[RT #40046 ]
(cherry picked from commit dbb064aa79
2015-07-14 14:49:21 +10:00
Tinderbox User
cc1a709402
update copyright notice / whitespace
2015-07-13 23:46:09 +00:00
Mark Andrews
82b6caf613
4164. [bug] Don't rename slave files and journals on out of memory.
...
[RT #40033 ]
4163. [bug] Address compiler warnings. [RT #40024 ]
(cherry picked from commit 3a49d0ff10
2015-07-13 09:49:09 +10:00
Mark Andrews
e0fd534cdd
4162. [bug] httpdmgr->flags was not being initialized. [RT #40017 ]
...
(cherry picked from commit 0bc743f9bc
2015-07-10 18:44:16 +10:00
Tinderbox User
835eaef8e3
update copyright notice / whitespace
2015-07-09 23:46:11 +00:00
Evan Hunt
400f206788
[v9_9] fix build error with ISC_MEM_TRACKLINES=0
2015-07-09 14:24:29 -07:00
Evan Hunt
c1009e506a
[v9_9] add missing functions
2015-07-09 00:04:25 -07:00
Evan Hunt
ea36796f82
[v9_9] DDoS mitigation features
...
3938. [func] Added quotas to be used in recursive resolvers
that are under high query load for names in zones
whose authoritative servers are nonresponsive or
are experiencing a denial of service attack.
- "fetches-per-server" limits the number of
simultaneous queries that can be sent to any
single authoritative server. The configured
value is a starting point; it is automatically
adjusted downward if the server is partially or
completely non-responsive. The algorithm used to
adjust the quota can be configured via the
"fetch-quota-params" option.
- "fetches-per-zone" limits the number of
simultaneous queries that can be sent for names
within a single domain. (Note: Unlike
"fetches-per-server", this value is not
self-tuning.)
- New stats counters have been added to count
queries spilled due to these quotas.
These options are not available by default;
use "configure --enable-fetchlimit" (or
--enable-developer) to include them in the build.
See the ARM for details of these options. [RT #37125 ]
2015-07-08 23:00:58 -07:00
Tinderbox User
d23960eb33
update copyright notice / whitespace
2015-07-07 23:46:10 +00:00
Mark Andrews
bb53e1de90
remove extranious )
2015-07-07 20:49:19 +10:00
Mark Andrews
8f40aae418
restore 9.9 style output
2015-07-07 18:09:06 +10:00
Mark Andrews
61299de7c3
unknown family is now a error
2015-07-07 17:55:15 +10:00
Mark Andrews
5e210b5fe5
4158. [protocol] Support the printing of EDNS COOKIE options.
...
[RT #39928 ]
2015-07-07 15:49:36 +10:00
Mark Andrews
f5386a21a8
4154. [bug] A OPT record should be included with the FORMERR
...
response when there is a malformed EDNS option.
[RT #39647 ]
4153. [bug] Check that non significant ECS bits are zero on
receipt. [RT #39647 ]
2015-07-06 16:34:48 +10:00
Tinderbox User
2043cb5835
update copyright notice / whitespace
2015-07-03 23:46:09 +00:00
Mark Andrews
83028bc232
4151. [bug] 'rndc flush' could cause a deadlock. [RT #39835 ]
2015-07-03 10:17:57 +10:00
Tinderbox User
c75c73b598
update copyright notice / whitespace
2015-07-01 23:46:06 +00:00
Mark Andrews
0a4dd766f6
4150. [bug] win32: listen-on-v6 { any; }; was not working. Apply
...
minimal fix. [RT #39667 ]
(cherry picked from commit 753b27a7d3
2015-07-01 11:52:17 +10:00
Mukund Sivaraman
fc0797977d
Fix a bug printing zone names with '/' character in XML and JSON stats ( #39873 )
...
(cherry picked from commit 08f0129732f69f188b90
2015-06-30 14:45:13 +05:30
