upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-28 20:41:18 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
13551 commits 18 branches 854 tags 440 MiB
Commit graph

102 commits

Author SHA1 Message Date
Mark Andrews
35da39a7f1 update copyright notice 2006-01-04 00:37:24 +00:00
Mark Andrews
2a90390dee 1945. [cleanup] dnssec-keygen: RSA (RSAMD5) is nolonger recommended. 
To generate a RSAMD5 key you must explictly request
                        RSAMD5. [RT #13780]
 2006-01-03 06:06:04 +00:00
Mark Andrews
675d696977 update copyright notice 2005-09-06 03:51:37 +00:00
Mark Andrews
5be3685b0e 1919. [bug] dig's +sigchase code overhauled. [RT #14933] 
1918.   [bug]           The DLV code has been re-worked to make no longer
                        query order sensitive. [RT #14933]
 2005-08-25 00:56:08 +00:00
Mark Andrews
3002b5952d cleanup a couple more files 2004-12-14 01:02:50 +00:00
Mark Andrews
a36db48f57 1789. [bug] Prerequisite test for tkey and dnssec could fail 
with "configure --with-libtool".
 2004-12-08 06:10:49 +00:00
Mark Andrews
756f078904 clean up */dsset-*, */dlvset-* and ns2/dlv.db 2004-09-07 04:14:44 +00:00
Mark Andrews
d7a8ba373d copyright 2004-08-19 04:44:08 +00:00
Mark Andrews
c315e5cfea 1648. [func] Update dnssec-lookaside named.conf syntax to support 
multiple dnssec-lookaside namespaces (not yet
                        implemented).
 2004-06-04 02:31:43 +00:00
Mark Andrews
38e8022ace 1625. [bug] named failed to load/transfer RFC2535 signed zones 
which contained CNAMES. [RT# 11237]
 2004-05-05 01:32:58 +00:00
Mark Andrews
8d414d1559 1600. [bug] Duplicate zone pre-load checks were not case 
insensitive.

1599.   [bug]           Fix memory leak on error path when checking named.conf.

1598.   [func]          Specify that certain parts of the namespace must
                        be secure (dnssec-must-be-secure).
 2004-04-15 23:40:27 +00:00
Mark Andrews
28b863e609 pullup fixed from 9.3 2004-03-16 05:52:24 +00:00
Mark Andrews
50105afc55 1589. [func] DNSSEC lookaside validation. 
enable-dnssec -> dnssec-enable
 2004-03-10 02:19:58 +00:00
Mark Andrews
fa7ee558e0 1584. [bug] "make test" failed with a readonly source tree. 
[RT #10461]
 2004-03-10 01:06:06 +00:00
Mark Andrews
dafcb997e3 update copyright notice 2004-03-05 05:14:21 +00:00
Mark Andrews
821644d49b 1574. [bug] Don't attempt to open the controls socket(s) when 
running tests. [RT #9091]
 2004-03-02 02:01:41 +00:00
Mark Andrews
89783da064 1581. [func] Disable DNSSEC support by default. To enable 
DNSSEC specify "enable-dnssec yes;" in named.conf.
 2004-02-17 03:40:23 +00:00
Mark Andrews
841ed46de5 1558. [func] New DNSSEC 'disable-algorithms'. Support entry into 
child zones for which we don't have a supported
                        algorithm.  Such child zones are treated as unsigned.
 2004-01-15 04:09:17 +00:00
Mark Andrews
35541328a8 1558. [func] New DNSSEC 'disable-algorithms'. Support entry into 
child zones for which we don't have a supported
                        algorithm.  Such child zones are treated as unsigned.

1557.   [func]          Implement missing DNSSEC tests for
                        * NOQNAME proof with wildcard answers.
                        * NOWILDARD proof with NXDOMAIN.
                        Cache and return NOQNAME with wildcard answers.
 2004-01-14 02:06:51 +00:00
Mark Andrews
b7e6fb4e84 whitespace 2003-10-26 21:33:47 +00:00
Mark Andrews
93d6dfaf66 1516. [func] Roll the DNSSEC types to RRSIG, NSEC and DNSKEY. 2003-09-30 06:00:40 +00:00
Mark Andrews
0f042c7c44 - improves tests of negative insecurity proofs, including tests for the 
SOA TTL 0 hack.
- adds +noauth to a few invocations of dig where the authority section is
  not important.
- removes the bogus first half of the dynamic zone test, which didn't
  do anything other than make the test suite fail if run twice.
- fixed the fact that the keyless.example zone wasn't being securely
  delegated.
bwelling
 2002-07-19 06:20:24 +00:00
Mark Andrews
0b09763c35 1328. [func] DS (delegation signer) support. 2002-06-17 04:01:37 +00:00
Mark Andrews
a04a323f9a 1273. [bug] The dnssec system test failed to remove the correct 
files.
 2002-04-24 00:46:25 +00:00
Mark Andrews
a7038d1a05 copyrights 2002-02-20 03:35:59 +00:00
Brian Wellington
4014b6a8ae although a privately secure zone was signed, it was never tested. 2002-02-13 01:32:12 +00:00
Brian Wellington
64ea670052 the dynamic zone test wasn't working as expected since the child zone wasn't 
securely delegated.
 2002-02-06 03:28:59 +00:00
Brian Wellington
4ca54c8f3b ns5 is the incorrectly configured server, not ns4. 2002-02-01 01:56:00 +00:00
Andreas Gustafsson
473ca0bf8c Added RT #2399 regression test 2002-01-22 22:27:29 +00:00
Brian Wellington
78baa4ccb8 some files weren't being removed. 2001-11-06 19:32:54 +00:00
Andreas Gustafsson
e4b5f088ca Added RT #1763 regression test 2001-09-19 21:19:52 +00:00
Andreas Gustafsson
1301637cc5 check that negative validation fails with a misconfigured trusted key 2001-09-19 20:47:02 +00:00
Brian Wellington
81b172466c *** empty log message *** 2001-09-17 17:47:20 +00:00
Brian Wellington
206bced36f order the parameters to dnssec-keygen consistently. 2001-09-17 17:42:04 +00:00
Andreas Gustafsson
25525110c1 fixed and simplified 2001-07-13 18:29:00 +00:00
Brian Wellington
f4d26dbdb6 fix redirection 2001-07-11 19:02:16 +00:00
Brian Wellington
1a8002871e require a build with openssl to run dnssec & tkey tests 2001-07-10 21:41:14 +00:00
Brian Wellington
7a224ba59b test that validation of an ANY query returning a DNAME works 2001-02-23 06:22:11 +00:00
Brian Wellington
529d1b9ada test that validation of a query returning a DNAME works 2001-02-23 06:14:44 +00:00
Brian Wellington
4f91c46a42 Test that both normal and ANY queries that match a CNAME are properly 
validated.
 2001-02-21 06:47:45 +00:00
Brian Wellington
a41ab607a4 Test that validation of ANY queries works. Also add data to be used for 
CNAME/DNAME tests, but not the tests yet since they fail.
 2001-02-20 18:33:50 +00:00
Andreas Gustafsson
1988fd60fa share the root.hint file among most of the system tests instead of having multiple identical copies 2001-01-11 20:44:21 +00:00
Brian Wellington
499b34cea0 copyright update 2001-01-09 22:01:04 +00:00
Brian Wellington
ec772e873b 651. [func] The AD bit in responses now has the meaning 
specified in <draft-ietf-dnsext-ad-is-secure>.
 2001-01-04 00:24:26 +00:00
Andreas Gustafsson
f333ea9bdd added notify-source options 2000-11-28 19:07:00 +00:00
Brian Wellington
2c46670fb4 ignore stdout from the dnssec tools 2000-11-22 20:37:50 +00:00
Andreas Gustafsson
4f37905cc3 added 'transfer-source' directives to all system test named.conf 
files, so that tests succeed while transfer-source is still being (ab)used as
the notify source address
 2000-11-22 01:34:19 +00:00
Andreas Gustafsson
01da43e63a pass the +dnssec flag to DIG 2000-11-22 01:26:24 +00:00
Andreas Gustafsson
5a77e9620a make spacing in listen-on-v6 option consistent with other options 2000-11-21 23:50:10 +00:00
Andreas Gustafsson
bca6ff69a7 removed redundant comment 2000-11-20 17:53:41 +00:00