upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-16 15:44:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
24484 commits 18 branches 854 tags 440 MiB
Commit graph

10138 commits

Author SHA1 Message Date
Mukund Sivaraman
fb5c4bc94c Fix inconsistencies in inline signing time comparisons (#42112) 
(cherry picked from commit 4176d278e2)
(cherry picked from commit eeb16584fb)
 2017-04-21 16:46:13 +05:30
Mukund Sivaraman
4ab28446c1 Ignore SHA-1 DS digest type when SHA-384 DS digest type is present (#45017) 
(cherry picked from commit 5d01eab088)
(cherry picked from commit 9540b42695)
 2017-04-21 16:21:49 +05:30
Evan Hunt
70590c691b [v9_10] fix dispatch.c shutdown race 
4952.	[bug]		A race condition on shutdown could trigger an
			assertion failure in dispatch.c. [RT #43822]

(cherry picked from commit 019132b70c)
 2017-04-20 17:42:03 -07:00
Tinderbox User
24c84fa6aa update copyright notice / whitespace 2017-04-20 23:46:37 +00:00
Mark Andrews
0580a56901 4587. [bug] named-checkzone failed to handle occulted data below 
DNAMEs correctly. [RT #44877]

(cherry picked from commit 600b027731)
 2017-04-20 13:30:26 +10:00
Mark Andrews
28c8b282dd 4585. [port] win32: Set CompileAS value. [RT #42474] 
(cherry picked from commit 3742338a7b)
 2017-04-20 12:43:17 +10:00
Mark Andrews
fc945cbc44 4584. [bug] A number of memory usage statistics were not properly 
reported when they exceeded 4G.  [RT #44750]

(cherry picked from commit ddac00e3e0)
 2017-04-20 10:23:06 +10:00
Tinderbox User
2b0bef65b5 update copyright notice / whitespace 2017-04-17 23:46:36 +00:00
Evan Hunt
18b2c47d52 [v9_10] fix out of tree build error 
(cherry picked from commit 28cff4f924)
 2017-04-17 14:31:56 -07:00
Tinderbox User
960bf5835b update copyright notice / whitespace 2017-03-24 23:46:33 +00:00
Mark Andrews
a636604b20 4582. [security] 'rndc ""' could trigger a assertion failure in named. 
(CVE-2017-3138) [RT #44924]

(cherry picked from commit 8e8dfc5941)
 2017-03-25 02:05:09 +11:00
Mark Andrews
7ab9e8e007 4580. [bug] 4578 introduced a regression when handling CNAME to 
referral below the current domain. [RT #44850]

(cherry picked from commit 638c7c635d)
 2017-03-14 15:15:08 +11:00
Mark Andrews
6841d7b854 Reimplement: 
4578.   [security]      Some chaining (CNAME or DNAME) responses to upstream
                        queries could trigger assertion failures.
                        (CVE-2017-3137) [RT #44734]

(cherry picked from commit f240f4a5de)
 2017-03-01 12:02:45 +11:00
Evan Hunt
69fd759b4a [v9_10] remove unnecessary INSIST and prep 9.10.5rc2 
4578.	[security]	Some chaining (CNAME or DNAME) responses to upstream
			queries could trigger assertion failures.
			(CVE-2017-3137) [RT #44734]

(cherry picked from commit a1365a0042)
(cherry picked from commit 559cbe04e7)
 2017-02-23 15:01:30 -08:00
Mark Andrews
3c14e3c7b5 explicitly cast to (unsigned int) 2017-02-20 17:07:16 +11:00
Mark Andrews
9998a15284 explictly cast to isc_stdtime_t 2017-02-20 16:57:09 +11:00
Mark Andrews
2a32d6cce1 9.10.5; copyrights 2017-02-16 12:38:53 +11:00
Mark Andrews
a71d773a3d api numbers clashed between 9.10 and 9.11; record ranges; account for -P's 2017-02-16 11:52:20 +11:00
Evan Hunt
0f3d3f825f [v9_10] prep 9.10.5rc1 2017-02-04 22:33:09 -08:00
Tinderbox User
94f8e9b86a update copyright notice / whitespace 2017-02-03 23:46:25 +00:00
Evan Hunt
2653661530 [v9_10] silence "unused value" warning 
(cherry picked from commit f4d20b15a2)
 2017-02-03 11:27:12 -08:00
Mark Andrews
6d93a4e91a remove outdated cvs $Id strings 2017-02-03 18:41:40 +11:00
Mark Andrews
f2641a126c 4567. [port] Call getprotobyname and getservbyname prior to calling 
chroot so that shared libraries get loaded. [RT #44537]

(cherry picked from commit c550e75ade)
 2017-02-03 14:23:33 +11:00
Tinderbox User
91b32fb6d9 update copyright notice / whitespace 2017-02-02 23:47:12 +00:00
Mark Andrews
3f5f6afbd9 4563. [bug] Modified zones would occasionally fail to reload. 
[RT #39424]

(cherry picked from commit dfe3068ef3)
 2017-02-02 17:14:23 +11:00
Evan Hunt
fc5e144446 [v9_10] Squashed commit of the following: 
4561.	[port]		Silence a warning in strict C99 compilers. [RT #44414]

(cherry picked from commit 6cb5e36ca3)
 2017-02-01 17:31:29 -08:00
Tinderbox User
89abe04af5 update copyright notice / whitespace 2017-01-31 23:46:51 +00:00
Evan Hunt
5eca4fc646 [v9_10] address portability issues 
(cherry picked from commit a2bd99a959)
 2017-01-30 16:52:37 -08:00
Mark Andrews
6106ed6841 add a REQUIRE to catch the NULL pointer dereference that triggered CVE-2017-3135 
(cherry picked from commit 1d8995d226)
 2017-01-31 11:21:18 +11:00
Evan Hunt
a5a7e48035 [v9_10] change 4558 was incomplete 
(cherry picked from commit cd668ea57f)
 2017-01-30 14:11:25 -08:00
Tinderbox User
562244d395 update copyright notice / whitespace 2017-01-24 23:46:25 +00:00
Mark Andrews
f7903e4bcc 4560. [bug] mdig: add -m option to enable memory debugging rather 
than have in on all the time. [RT #44509]

4559.   [bug]           Openssl_link.c didn't compile if ISC_MEM_TRACKLINES
                        was turned off.  [RT #44509]

(cherry picked from commit 25da687db7)
 2017-01-24 17:50:06 +11:00
Mark Andrews
e63f8e9467 4558. [bug] Synthesised CNAME before matching DNAME was still 
being cached when it should have been.  [RT #44318]

(cherry picked from commit 9f4bf43b79)
 2017-01-24 17:41:22 +11:00
Tinderbox User
28f72096e7 update copyright notice / whitespace 2017-01-14 23:46:28 +00:00
Mark Andrews
80d5fed95a 4554. [bug] Remove double unlock in dns_dispatchmgr_setudp. 
[RT #44336]

(cherry picked from commit 5dfa5221d5)
 2017-01-14 13:14:35 +11:00
Tinderbox User
610b6f852e update copyright notice / whitespace 2017-01-13 23:46:31 +00:00
Mark Andrews
26907d031e make e's declaration unconditional. [RT #44324] 
(cherry picked from commit b8eee0f48d)
 2017-01-13 16:10:45 +11:00
Tinderbox User
ff7d77ce73 update copyright notice / whitespace 2017-01-12 23:46:57 +00:00
Mark Andrews
63fb01bb78 4553. [bug] Named could deadlock there were multiple changes to 
NSEC/NSEC3 parameters for a zone being processed at
                        the same time. [RT #42770]

(cherry picked from commit d2e1b47d4f)
 2017-01-12 14:26:11 +11:00
Mark Andrews
8b9cfa1b93 4552. [bug] Named could trigger a assertion when sending notify 
messages. [RT #44019]

(cherry picked from commit 7b9e28f1a5)
 2017-01-12 14:13:44 +11:00
Tinderbox User
0cc74d59ab update copyright notice / whitespace 2017-01-11 23:46:23 +00:00
Evan Hunt
7a326082ad [v9_10] expand the flags field in dns_master_style 
4550.	[cleanup]	Increased the number of available master file
			output style flags from 32 to 64. [RT #44043]
 2017-01-11 12:06:29 -08:00
Tinderbox User
b16ec7b570 update copyright notice / whitespace 2017-01-04 23:46:14 +00:00
Evan Hunt
44bbbfcca9 [v9_10] add support for native pkcs11 on keyper 
4547.	[port]		Add support for --enable-native-pkcs11 on the AEP
			Keyper HSM. [RT #42463]
 2017-01-03 16:41:58 -08:00
Mark Andrews
6960be7265 remove dnssec-keymgr.html 2016-12-29 19:57:47 +11:00
Evan Hunt
655092507c [v9_10] silence warning 
(cherry picked from commit b3aebb5890)
 2016-12-28 17:54:47 -08:00
Mark Andrews
f204635d42 9.10.5b1 2016-12-29 12:39:00 +11:00
Mark Andrews
1ec66e6a83 4510. [security] Named mishandled some responses where covering RRSIG 
records are returned without the requested data
                        resulting in a assertion failure. (CVE-2016-9147)
                        [RT #43548]

(cherry picked from commit 6adf421e7e)
 2016-12-29 11:52:46 +11:00
Mark Andrews
2cfd915235 4508. [security] Named incorrectly tried to cache TKEY records which 
could trigger a assertion failure when there was
                            a class mismatch. (CVE-2016-9131) [RT #43522]

(cherry picked from commit 2c1c4b99a1)
 2016-12-29 11:29:41 +11:00
Tinderbox User
ad4e4b05f2 update copyright notice / whitespace 2016-12-28 23:52:29 +00:00