upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-21 17:41:35 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
20121 commits 18 branches 886 tags 464 MiB
Commit graph

5825 commits

Author SHA1 Message Date
Evan Hunt
59c79d8cc8 shorten an 81-char line in dig -h 2011-11-04 14:19:17 +00:00
Jeremy Reed
2de07361f3 Fix typo within XML tag. 2011-11-04 11:02:50 +00:00
Mark Andrews
3fb5bccf59 3205. [func] Upgrade dig's defaults to better reflect modern 
nameserver behaviour.  Enable "dig +adflag" and
                        "dig +edns=0" by default.  Enable "+dnssec" when
                        running "dig +trace". [RT #23497]
 2011-11-04 10:41:38 +00:00
Evan Hunt
25845da41a 3203. [bug] Increase log level to 'info' for validation failures 
from expired or not-yet-valid RRSIGs. [RT #21796]
 2011-11-04 05:36:28 +00:00
Automatic Updater
0b85ae70e9 update copyright notice 2011-11-03 23:46:26 +00:00
Evan Hunt
f550b4b104 3201. [func] 'rndc querylog' can now be given an on/off parameter 
instead of only being used as a toggle. [RT #18351]
 2011-11-03 23:05:31 +00:00
Evan Hunt
6150d3cb66 3200. [doc] Some rndc functions were undocumented or were 
missing from 'rndc -h' output. [RT #25555]
 2011-11-03 22:06:21 +00:00
Evan Hunt
fd0cb18761 3199. [func] When logging client information, include the name 
being queried. [RT #25944]
 2011-11-03 21:14:22 +00:00
Evan Hunt
d7be2b79ed 3198. [doc] Clarified that dnssec-settime can alter keyfile 
permissions. [RT #24866]
 2011-11-03 20:21:37 +00:00
Evan Hunt
7f2a245b96 3196. [bug] nsupdate: return nonzero exit code when target zone 
doesn't exist. [RT #25783]
 2011-11-03 04:29:28 +00:00
Automatic Updater
1ab9944f6b update copyright notice 2011-11-02 23:46:24 +00:00
Mark Andrews
46c7b71b4d improve error diagnostics 2011-11-02 13:59:07 +00:00
Mark Andrews
e223d4bb26 loop waiting for stub zone to transfer 2011-11-02 08:17:01 +00:00
Evan Hunt
103250dd47 fix usage message 2011-11-02 06:00:35 +00:00
Mark Andrews
fe3472c80b 3191. [bug] Print NULL records using unknown format. [RT #26392] 2011-11-02 01:01:52 +00:00
Automatic Updater
89d1324270 update copyright notice 2011-11-01 23:47:00 +00:00
Evan Hunt
e2271ee953 3189. [test] Added a summary report after system tests. [RT #25517] 2011-11-01 18:35:53 +00:00
Automatic Updater
f308b3c2e0 update copyright notice 2011-10-30 23:46:15 +00:00
Mark Andrews
36e97eb661 3187. [port] win32: support for Visual Studio 2008. [RT #26356] 2011-10-30 23:39:39 +00:00
Evan Hunt
695ccee03b added cvsignore files 2011-10-30 23:14:31 +00:00
Evan Hunt
81443179e5 missing files from clean.sh 2011-10-30 23:14:23 +00:00
Evan Hunt
74c46f605f file missing from clean.sh 2011-10-30 23:11:24 +00:00
Evan Hunt
094672b313 some files were missing from clean.sh 2011-10-30 23:05:13 +00:00
Evan Hunt
3718adf753 some files were missing from clean.sh 2011-10-30 22:59:45 +00:00
Evan Hunt
0422d7c531 Need to clear db-* files in clean.sh. 2011-10-30 22:55:12 +00:00
Mark Andrews
cd56981c8a remove unused parameter from next_origin 2011-10-29 22:26:21 +00:00
Mark Andrews
5b7e96d3a7 add if (list) 2011-10-29 06:22:51 +00:00
Automatic Updater
98a7e53914 update copyright notice 2011-10-28 12:20:31 +00:00
Automatic Updater
d68503046d update copyright notice 2011-10-28 12:08:04 +00:00
Mark Andrews
7b4b6f361b 3186. [bug] Version/db mis-match in rpz code. [RT #26180] 2011-10-28 11:46:50 +00:00
Evan Hunt
9c03f13e18 3185. [func] New 'rndc signing' option for auto-dnssec zones: 
- 'rndc signing -list' displays the current
			   state of signing operations
			 - 'rndc signing -clear' clears the signing state
		  	   records for keys that have fully signed the zone
			 - 'rndc signing -nsec3param' sets the NSEC3
			   parameters for the zone
			The 'rndc keydone' syntax is removed. [RT #23729]
 2011-10-28 06:20:07 +00:00
Mark Andrews
30574fa9ad exit 255 for SKIPPED 2011-10-28 03:15:05 +00:00
Scott Mann
376444d40b add test for recent Net::DNS module. 2011-10-28 02:18:56 +00:00
Automatic Updater
96f5a19c12 update copyright notice 2011-10-27 23:46:31 +00:00
Scott Mann
0148654d85 added RTLD_GLOBAL to dlopen call (RT #26301). 2011-10-27 23:01:59 +00:00
Scott Mann
b91b288f92 fix edns0 retry issues (rt #23393/24964). 2011-10-27 20:18:42 +00:00
Automatic Updater
8826a72394 update copyright notice 2011-10-26 23:46:15 +00:00
Mark Andrews
24ef32426d 3181. [func] Inline-signing is now supported for master zones. 
[RT #26224]
 2011-10-26 20:56:45 +00:00
Evan Hunt
9570ddcd41 3180. [func] Local copies of slave zones are now saved in raw 
format by default, to improve startup performance.
			'masterfile-format text;' can be used to override
			the default, if desired. [RT #25867]
 2011-10-26 15:23:37 +00:00
Mark Andrews
aa0777cfb6 spin waiting for zone transfer to complete 2011-10-26 05:32:56 +00:00
Automatic Updater
e839bf134f regen HEAD 2011-10-26 01:14:53 +00:00
Automatic Updater
329eb05c12 update copyright notice 2011-10-25 23:46:58 +00:00
Evan Hunt
f704fa0ca6 3178. [bug] A race condition introduced by change #3163 could 
cause an assertion failure on shutdown. [RT #26271]
 2011-10-25 16:21:21 +00:00
Mark Andrews
ad94465154 improve failure reports 2011-10-25 03:57:08 +00:00
Mark Andrews
b1c6de5456 3177. [func] 'rndc keydone', remove the indicator record that 
named has finished signing the zone with the
                        corresponding key.  [RT #26206]
 2011-10-25 01:54:22 +00:00
Mark Andrews
f49d12edf8 remove redundant assignment and variable 2011-10-21 03:55:33 +00:00
Automatic Updater
12bfbed87c regen HEAD 2011-10-21 01:14:51 +00:00
Automatic Updater
dfc015bc7e update copyright notice 2011-10-20 23:46:51 +00:00
Mark Andrews
ada40193c8 3175. [bug] Fix how DNSSEC positive wildcard responses from a 
NSEC3 signed zone are validated.  Stop sending a
                        unnecessary NSEC3 record when generating such
                        responses. [RT #26200]
 2011-10-20 21:42:11 +00:00
Mark Andrews
1946c596b4 3174. [bug] Always compute to revoked key tag from scratch. 
[RT #24711]
 2011-10-20 21:20:02 +00:00
Automatic Updater
e87f494810 update copyright notice 2011-10-17 23:46:33 +00:00
Mark Andrews
ca890c0aa8 sleep 1 # allow lwresd to finish starting. 2011-10-17 05:40:11 +00:00
Mark Andrews
2da036f231 The notify system test was using a dynamic zone for reload testing 
so it was just a plain fluke that it ever succeeded.
* use a normal (non-dynamic) zone.
* check that reloads of the master zone actually occur.
* remove example3 test from tests.sh as it wasn't testing notify.
* add a "sleep 1" so that the copied file will have a newer timestamp.
* improve system test logging.
* using seperate output files for each test so that it is possible
  to work out what went wrong if the system test fails.
 2011-10-17 01:33:28 +00:00
Mark Andrews
020c4484fe 3173. [port] Correctly validate root DS responses. [RT #25726] 2011-10-15 05:00:15 +00:00
Automatic Updater
2d45eb7acb update copyright notice 2011-10-14 23:46:34 +00:00
Mark Andrews
baabfdc0d9 wait for test zones to have loaded 2011-10-14 12:02:12 +00:00
Mark Andrews
0a1009ae64 3171. [bug] Exclusively lock the task when adding a zone using 
'rndc addzone'.  [RT #25600]
 2011-10-14 05:38:50 +00:00
Mark Andrews
298452f671 update for clientinfo support 2011-10-14 00:52:32 +00:00
Automatic Updater
304a539c59 update copyright notice 2011-10-13 22:48:24 +00:00
Mark Andrews
c28bc44028 waiting for servers to be ready for testing 2011-10-13 22:18:05 +00:00
Mark Andrews
88112d5fcb 'test -e' is not portable, use 'test -f' 2011-10-13 13:03:51 +00:00
Mark Andrews
abea1710a7 new 2011-10-13 04:53:07 +00:00
Mark Andrews
24ae404aca 'grep' -> 'grep -w' when checking for keyids 2011-10-13 03:55:01 +00:00
Mark Andrews
89d7808786 'grep' -> 'grep -w' when checking for keyids 2011-10-13 03:46:41 +00:00
Vernon Schryver
9fee08f655 Commit rt25172 changes to HEAD including 
- fix precedence among competing rules
  - improve ARM text including documenting rule precedence
  - try to rewrite CNAME chains until first hit
  - new "rpz" logging channel
  - same fix for "NS ." as in RT 24985
 2011-10-13 01:32:34 +00:00
Automatic Updater
ea68e8eba9 update copyright notice 2011-10-12 23:46:34 +00:00
Mark Andrews
af850c4120 3168. [bug] Nxdomain redirection could trigger a assert with 
a ANY query. [RT #26017]
 2011-10-12 23:09:35 +00:00
Mark Andrews
dc2e627239 3167. [bug] Negative answers from forwarders were not being 
correctly tagged making them appear to not be cached.
                        [RT #25380]
 2011-10-12 00:18:11 +00:00
Mark Andrews
02286522fb 3166. [bug] Upgrading a zone to support inline-signing failed. [RT #26014] 2011-10-12 00:10:20 +00:00
Automatic Updater
0e11ca0f0b update copyright notice 2011-10-11 23:46:45 +00:00
Evan Hunt
653a78de95 3165. [bug] dnssec-signzone could generate new signatures when 
resigning, even when valid signatures were already
			present. [RT #26025]
 2011-10-11 19:26:06 +00:00
Mark Andrews
25500a1d9f add missing break; 2011-10-11 13:36:12 +00:00
Mark Andrews
f730d7bdc2 fix builtin_lookup to match new prototype 2011-10-11 02:39:03 +00:00
Mark Andrews
be7772a59c #include <isc/print.h> 2011-10-11 00:53:15 +00:00
Evan Hunt
793814f807 3164. [func] Enable DLZ modules to retrieve client information, 
so that responses can be changed depending on the
			source address of the query. [RT #25768]
 2011-10-11 00:09:03 +00:00
Scott Mann
07dc62785b Change s/\R//g to chomp(). 2011-10-10 23:18:17 +00:00
Evan Hunt
b2086d798b 3163. [bug] Use finer-grained locking in client.c to address 
concurrency problems with large numbers of threads.
			[RT #26044]
 2011-10-10 22:57:14 +00:00
Scott Mann
db715e6d83 fix directory path for subdirs 2011-10-10 19:06:05 +00:00
Mark Andrews
d60fb3a58c use index rather than match as it is more portable 2011-10-10 00:34:57 +00:00
Scott Mann
aab0b9cd3b added ability to set named params through "named.args" file 2011-10-09 22:47:15 +00:00
Mark Andrews
17dfbab847 handle getline errors/eof 2011-10-07 21:32:35 +00:00
Mark Andrews
dc2cbfdafe handle multi-line NSEC3 record better 2011-10-06 22:11:39 +00:00
Evan Hunt
a6c74da2b0 3159. [bug] On some platforms, named could assert on startup 
when running in a chrooted environment without
			/proc. [RT #25863]

3158.	[bug]		Recursive servers would prefer a particular UDP
			socket instead of using all available sockets.
			[RT #26038]
 2011-10-04 16:04:22 +00:00
Evan Hunt
1219f8d194 3157. [tuning] Reduce the time spent in "rndc reconfig" by parsing 
the config file before pausing the server. [RT #21373]
 2011-09-23 18:08:01 +00:00
Automatic Updater
65df0ad698 update copyright notice 2011-09-07 23:46:28 +00:00
Mark Andrews
35540d8b32 add missing files from request-ixfr test 2011-09-07 01:30:13 +00:00
Automatic Updater
eea6be913f regen HEAD 2011-09-07 01:14:44 +00:00
Automatic Updater
cb3168cec7 update copyright notice 2011-09-06 23:46:27 +00:00
Scott Mann
fad5116b3d Remove the ixfr-from-differences side-effect which causes an AXFR and extend 
request-ixfr to the zone level.
 2011-09-06 22:29:33 +00:00
Automatic Updater
b3d6edf7cf update copyright notice 2011-09-05 23:46:54 +00:00
Evan Hunt
76a7d4e152 3152. [cleanup] Some versions of gcc and clang failed due to 
incorrect use of __builtin_expect. [RT #25183]
 2011-09-05 18:00:22 +00:00
Evan Hunt
6010c10f1f add time.h to silence compiler warning 2011-09-05 17:39:37 +00:00
Evan Hunt
ab6c20f978 fix whitespace 2011-09-03 05:51:29 +00:00
Automatic Updater
ca894e53b5 update copyright notice 2011-09-02 23:46:33 +00:00
Evan Hunt
9e4afc9b39 3151. [bug] Queries for type RRSIG or SIG could be handled 
incorrectly.  [RT #21050]
 2011-09-02 21:55:16 +00:00
Evan Hunt
8a2ab2b920 3150. [func] Improved startup and reconfiguration time by 
enabling zones to load in multiple threads. [RT #25333]
 2011-09-02 21:15:39 +00:00
Mark Andrews
56a520ef3a don't use a expired slave zone 2011-09-02 02:25:07 +00:00
Mark Andrews
cd49e1ec2f handle flushing of entries just before a second ticks over, speed up priming of the cache 2011-09-01 05:28:14 +00:00
Automatic Updater
a6ab2774bc update copyright notice 2011-08-31 23:46:44 +00:00
Mark Andrews
2c35c68236 3148. [bug] Processing of normal queries could be stalled when 
forwarding a UPDATE message. [RT #24711]
 2011-08-31 06:49:10 +00:00
Automatic Updater
4e68c7c87c update copyright notice 2011-08-30 23:46:53 +00:00
Mark Andrews
74f4130f41 report the result of dns_adb_createfind 2011-08-30 21:51:34 +00:00
Mark Andrews
837633db56 report the result of dns_adb_createfind 2011-08-30 21:50:34 +00:00
Mark Andrews
29f4de85ed remove unused variables 2011-08-30 12:45:43 +00:00
Mark Andrews
9198ab377b 3147. [func] Initial inline signing support. [RT #23657] 2011-08-30 05:16:15 +00:00
Automatic Updater
d0dce4d839 update copyright notice 2011-08-29 23:46:44 +00:00
Mark Andrews
90306774dc query could be tested uninitialised, check the result of dns_message_create 2011-08-29 23:21:48 +00:00
Mark Andrews
31ad3f3aa4 split out subtests of 'another leaf node, with both positive and negative cache entries' 2011-08-29 03:31:29 +00:00
Mark Andrews
787b0c87b7 add POST, len is not needed 2011-08-28 23:53:59 +00:00
Mark Andrews
281c57e2c1 add POST 2011-08-28 23:46:51 +00:00
Automatic Updater
b5217f1647 update copyright notice 2011-08-28 23:46:41 +00:00
Mark Andrews
9a770b4476 add missing check_result 2011-08-28 23:35:57 +00:00
Mark Andrews
a15f930626 silence 'never read' warning 2011-08-28 09:22:45 +00:00
Mark Andrews
f6b0ccf76a report if dns_rdata{class,type}_totext failed 2011-08-28 09:10:41 +00:00
Mark Andrews
9cbad6c4c0 t3 is not used 2011-08-28 08:10:13 +00:00
Automatic Updater
6e3afdcced update copyright notice 2011-08-25 23:46:42 +00:00
Mark Andrews
db2a90f6ea simplify flag printing, protect first with #ifdef USEINITALWS 2011-08-25 13:28:00 +00:00
Evan Hunt
5a75f61dd4 3144. [bug] dns_dbiterator_seek() could trigger an assert when 
used with a nonexistent database node. [RT #25358]
 2011-08-23 00:59:23 +00:00
Mark Andrews
3a63259484 3143. [bug] Silence clang compiler warnings. [RT #25174] 2011-08-18 04:52:35 +00:00
Mark Andrews
ab8d150e91 3142. [bug] NAPTR is class agnostic. [RT #25429] 2011-08-16 03:00:02 +00:00
Automatic Updater
17d33346d7 update copyright notice 2011-08-09 04:12:25 +00:00
Mark Andrews
772dfb90be 3141. [bug] Silence spurious "zone serial (0) unchanged" messages 
associated with empty zones. [RT #25079]
 2011-08-09 02:24:28 +00:00
Automatic Updater
cb3c295308 regen HEAD 2011-08-09 01:14:54 +00:00
Automatic Updater
4fc2b43e69 update copyright notice 2011-08-08 23:46:41 +00:00
Mark Andrews
f81e8340fc rt25400 s/domainname/filename/ 2011-08-08 03:28:15 +00:00
Automatic Updater
44931133ff update copyright notice 2011-08-03 23:47:48 +00:00
Evan Hunt
64c66c801f Missed an added file when merging rt19770. 2011-08-03 05:37:59 +00:00
Automatic Updater
adbc177194 update copyright notice 2011-08-02 23:47:52 +00:00
Evan Hunt
0127993480 3140. [func] New command "rndc flushtree <name>" clears the 
specified name from the server cache along with
			all names under it. [RT #19970]
 2011-08-02 20:36:13 +00:00
Automatic Updater
2f17ad4545 update copyright notice 2011-07-28 23:47:59 +00:00
Mark Andrews
16f3aeab3c move declaration to start of function 2011-07-28 11:16:04 +00:00
Mark Andrews
31f46f1869 3138. [bug] Address memory leaks and out-of-order operations when 
shutting named down. [RT #25210]
 2011-07-28 04:27:27 +00:00
Evan Hunt
f07b2fccaf 3137. [func] Improve hardware scalability by allowing multiple 
worker threads to process incoming UDP packets.
			This can significantly increase query throughput
			on some systems.  [RT #22992]
 2011-07-28 04:04:37 +00:00
Mark Andrews
011080d64a add ${ISC_INCLUDES} 2011-07-28 03:20:45 +00:00
Evan Hunt
cf63d32d55 3136. [func] Add RFC 1918 reverse zones to the list of built-in 
empty zones switched on by the 'empty-zones-enable'
			option. [RT #24990]
 2011-07-28 03:18:17 +00:00
Mark Andrews
062ddb1981 use UNUSED() 2011-07-27 23:38:21 +00:00
Mark Andrews
8bd2b6923c silence 'expression result unused' from clang 2011-07-27 07:45:55 +00:00
Mark Andrews
56e85a97bb use UNUSED(x) not 'x = x' 2011-07-27 07:02:21 +00:00
Mark Andrews
f96ba7c746 remove check for oldid as named may have already deleted it 2011-07-26 04:42:20 +00:00
Mark Andrews
acf34e66a8 id was not being properly set 2011-07-26 04:28:35 +00:00
Automatic Updater
3d73f493d0 update copyright notice 2011-07-19 23:47:48 +00:00
Mark Andrews
96ade2bc52 3134. [bug] Improve the accuracy of dnssec-signzone's signing 
statistics. [RT #16030]
 2011-07-19 04:09:27 +00:00
Evan Hunt
b47c020d5c 3133. [bug] Change #3114 was incomplete. [RT #24577] 2011-07-08 01:43:26 +00:00
Automatic Updater
2a36d8ca40 update copyright notice 2011-07-07 23:47:50 +00:00
Automatic Updater
69f5c36b39 update copyright notice 2011-07-06 23:47:43 +00:00
Evan Hunt
c46ce2d79b 3131. [func] Improve scalability by allocating one zone task 
per 100 zones at startup time, rather than using a
			fixed-size task table. [RT #24406]
 2011-07-06 05:05:52 +00:00
Evan Hunt
42cf2ff7ba 3131. [func] Improve scalability by allocating one zone task 
per 100 zones at startup time, rather than using a
			fixed-size task table. [RT #24406]
 2011-07-06 01:36:32 +00:00
Mark Andrews
a69070d8fa 3130. [func] Support alternate methods for managing a dynamic 
zone's serial number.  Two methods are currently
                        defined using serial-update-method, "increment"
                        (default) and "unixtime".  [RT #23849]
 2011-07-01 02:25:48 +00:00
Evan Hunt
cba23be7ba Add the newly discovered PoD to the nsupdate test. (No CHANGES note.) 2011-06-21 22:15:05 +00:00
Automatic Updater
313b4dc3b2 update copyright notice 2011-06-17 23:47:49 +00:00
Evan Hunt
e7220c9b84 3129. [bug] Named could crash on 'rndc reconfig' when 
allow-new-zones was set to yes and named ACLs
			were used, [RT #22739]
 2011-06-17 07:05:02 +00:00
Automatic Updater
0f467ed4d4 update copyright notice 2011-06-10 23:47:32 +00:00
Evan Hunt
79ce3a9e82 3128. [func] Inserting an NSEC3PARAM via dynamic update in an 
auto-dnssec zone that has not been signed yet
			will cause it to be signed with the specified NSEC3
			parameters when keys are activated.  The
			NSEC3PARAM record will not appear in the zone until
			it is signed, but the parameters will be stored.
			[RT #23684]
 2011-06-10 01:51:09 +00:00
Evan Hunt
5e3affc6a0 3127. [bug] 'rndc thaw' will now remove a zone's journal file 
if the zone serial number has been changed and
			ixfr-from-differences is not in use.  [RT #24687]
 2011-06-10 01:32:38 +00:00
Mark Andrews
475b1ed9cc 3126. [security] Using DNAME record to generate replacements caused 
RPZ to exit with a assertion failure. [RT #23766]
 2011-06-09 03:10:17 +00:00
Mark Andrews
b64e3b8358 3125. [security] Using wildcard CNAME records as a replacement with 
RPZ caused named to exit with a assertion failure.
                        [RT #24715]
 2011-06-09 00:42:51 +00:00
Evan Hunt
2a6d60615c Fixed an nsupdate test error 2011-06-09 00:15:05 +00:00
Evan Hunt
6de9744cf9 3124. [bug] Use an rdataset attribute flag to indicate 
negative-cache records rather than using rrtype 0;
			this will prevent problems when that rrtype is
			used in actual DNS packets. [RT #24777]

3123.	[security]	Change #2912 exposed a latent flaw in
			dns_rdataset_totext() that could cause named to
			crash with an assertion failure. [RT #24777]
 2011-06-08 22:13:51 +00:00
Scott Mann
07797bfb1f fix RT 24561 2011-06-07 01:45:38 +00:00
Evan Hunt
6b95b91c61 3122. [cleanup] dnssec-settime: corrected usage message. [RT #24664] 2011-06-02 20:24:45 +00:00
Mark Andrews
ec564e401a add debugging output on test failure 2011-05-31 13:52:06 +00:00
Mark Andrews
ae0691566a date +%s is not portable, use perl -e 'print time();', Adjust messages 2011-05-30 22:32:06 +00:00
Scott Mann
5588b32695 This is a workaround fix for a problem in Solaris 10 (specifically on thing1) 
for which a root cause has not yet been found. RT #24561.
 2011-05-30 15:13:49 +00:00
Mark Andrews
fe8572e116 The old active key could be deleted before the "former standby key has now 
signed fully" ran causing it to fail.  Delay the deletion by 10 seconds.
 2011-05-30 07:25:19 +00:00
Automatic Updater
6406d6507a update copyright notice 2011-05-26 23:47:28 +00:00
Mark Andrews
ea82782532 3120. [bug] Named could fail to validate zones list in a DLV 
that validated insecure without using DLV and had
                        DS records in the parent zone. [RT #24631]
 2011-05-26 04:35:02 +00:00
Evan Hunt
0245f7725c 3118. [bug] When rolling to a new DNSSEC key, a private-type 
record could be created and never marked complete.
			[RT #23253]
 2011-05-26 04:25:47 +00:00
Automatic Updater
00678e367d update copyright notice 2011-05-25 23:47:16 +00:00
Mark Andrews
021bc5b3cc add DRUZ zone with DS records 2011-05-25 01:06:56 +00:00
Evan Hunt
47e70d820e 3118. [bug] nsupdate could dump core on shutdown when using 
SIG(0) keys. [RT #24604]
 2011-05-23 22:25:32 +00:00
Evan Hunt
bfe32d08c5 3116. [func] New 'dnssec-update-mode' option controls updates 
of DNSSEC records in signed dynamic zones.  Set to
			'no-resign' to disable automatic RRSIG regeneration
			while retaining the ability to sign new or changed
			data. [RT #24533]
 2011-05-23 20:10:03 +00:00
Evan Hunt
fc6364bf24 expiring.example.db.in was left out when committing rt23136 to HEAD 2011-05-21 15:07:10 +00:00
Mark Andrews
c0984ac8bd 3115. [bug] Named could fail to return requested data when 
following a CNAME that points into the same zone.
                        [RT #2445]
 2011-05-20 05:09:30 +00:00
Scott Mann
a50ce0f80b Fix for RT #23136 task 1. 2011-05-19 00:31:57 +00:00
Automatic Updater
d9c707589a regen HEAD 2011-05-09 01:14:47 +00:00
Mark Andrews
789875a1bd named.conf copyrights 2011-05-08 07:12:48 +00:00
Automatic Updater
25db028666 update copyright notice 2011-05-07 23:47:28 +00:00
Evan Hunt
de7df3e56f 3111. [bug] Improved consistency checks for dnssec-enable and 
dnssec-validation, added test cases to the
                        checkconf system test. [RT #24398]
 2011-05-07 05:55:17 +00:00
Evan Hunt
be84733145 3110. [bug] dnssec-signzone: Wrong error message could appear 
when attempting to sign with no KSK. [RT #24369]
 2011-05-07 00:31:13 +00:00
Automatic Updater
40717638fa update copyright notice 2011-05-06 23:47:29 +00:00
Evan Hunt
ac21f918f2 3109. [func] The also-notify option now uses the same syntax 
as a zone's masters clause.  This means it is
			now possible to specify a TSIG key to use when
			sending notifies to a given server, or to include
			an explicit named masters list in an also-notfiy
			statement.  [RT #23508]
 2011-05-06 21:23:51 +00:00
Evan Hunt
485522d7e1 3108. [cleanup] dnssec-signzone: Clarified some error and 
warning messages; removed #ifdef ALLOW_KSKLESS_ZONES
			code (use -P instead). [RT #20852]

3107.	[bug]		dnssec-signzone: Report the correct number of ZSKs
			when using -x. [RT #20852]
 2011-05-06 21:08:33 +00:00
Automatic Updater
a30e1b26b4 update copyright notice 2011-05-05 23:47:17 +00:00
Mark Andrews
fe646be4b7 set/reset client->signer. change 3106 used it before it was set 2011-05-05 23:44:52 +00:00
Scott Mann
b2b3209149 added g 2011-05-05 23:15:56 +00:00
Scott Mann
101e493844 remove trailing whitespace from pid (RT 24388) 2011-05-05 23:10:24 +00:00
Scott Mann
58d7c91b65 remove trailing newline from pid (RT #24388) 2011-05-05 22:56:55 +00:00
Evan Hunt
9eea4c5cbd 3106. [func] When logging client requests, include the name of 
the TSIG key if any. [RT #23619]
 2011-05-05 20:04:24 +00:00
Evan Hunt
d454a60f56 3103. [bug] Configuring 'dnssec-validation auto' in a view 
instead of in the options statement could trigger
			an assertion failure in named-checkconf. [RT #24382]
 2011-05-05 16:13:35 +00:00
Mark Andrews
83bf223210 explictly kill the process if the server fails to start, check for a non zero length pid file 2011-05-05 04:47:45 +00:00
Mark Andrews
46d3c6cf40 grep was not precise enough leading to test failure 2011-05-03 16:07:44 +00:00
Mark Andrews
f1d4986b83 treat asb(x) < 500ms as 0 2011-05-02 23:56:59 +00:00
Mark Andrews
65043f48f2 force numeric comparision 2011-05-02 05:05:05 +00:00
Mark Andrews
07907fa31a handle end of day 2011-05-02 01:35:04 +00:00
Mark Andrews
bbf46f1aa2 fix expression 2011-05-01 21:36:33 +00:00
Mark Andrews
f83682f368 awk -v is not portable, add floating point arithmetic effects 2011-05-01 11:29:20 +00:00
Automatic Updater
54968ae88e update copyright notice 2011-04-29 23:47:18 +00:00
Evan Hunt
39f2d1a96a 3102. [func] New 'dnssec-loadkeys-interval' option configures 
how often, in minutes, to check the key repository
			for updates when using automatic key maintenance.
			Default is every 60 minutes (formerly hard-coded
			to 12 hours). [RT #23744]

3101.	[bug]		Zones using automatic key maintenance could fail
			to check the key repository for updates. [RT #23744]
 2011-04-29 21:37:15 +00:00
Automatic Updater
46ce2f7b60 update copyright notice 2011-04-27 23:47:26 +00:00
Evan Hunt
76db58eb81 3100. [security] Certain response policy zone configurations could 
trigger an INSIST when receiving a query of type
			RRSIG. [RT #24280]
 2011-04-27 17:46:47 +00:00