upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-10 21:20:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
20121 commits 18 branches 886 tags 467 MiB
Commit graph

5825 commits

Author SHA1 Message Date
Automatic Updater
4e68c7c87c update copyright notice 2011-08-30 23:46:53 +00:00
Mark Andrews
74f4130f41 report the result of dns_adb_createfind 2011-08-30 21:51:34 +00:00
Mark Andrews
837633db56 report the result of dns_adb_createfind 2011-08-30 21:50:34 +00:00
Mark Andrews
29f4de85ed remove unused variables 2011-08-30 12:45:43 +00:00
Mark Andrews
9198ab377b 3147. [func] Initial inline signing support. [RT #23657] 2011-08-30 05:16:15 +00:00
Automatic Updater
d0dce4d839 update copyright notice 2011-08-29 23:46:44 +00:00
Mark Andrews
90306774dc query could be tested uninitialised, check the result of dns_message_create 2011-08-29 23:21:48 +00:00
Mark Andrews
31ad3f3aa4 split out subtests of 'another leaf node, with both positive and negative cache entries' 2011-08-29 03:31:29 +00:00
Mark Andrews
787b0c87b7 add POST, len is not needed 2011-08-28 23:53:59 +00:00
Mark Andrews
281c57e2c1 add POST 2011-08-28 23:46:51 +00:00
Automatic Updater
b5217f1647 update copyright notice 2011-08-28 23:46:41 +00:00
Mark Andrews
9a770b4476 add missing check_result 2011-08-28 23:35:57 +00:00
Mark Andrews
a15f930626 silence 'never read' warning 2011-08-28 09:22:45 +00:00
Mark Andrews
f6b0ccf76a report if dns_rdata{class,type}_totext failed 2011-08-28 09:10:41 +00:00
Mark Andrews
9cbad6c4c0 t3 is not used 2011-08-28 08:10:13 +00:00
Automatic Updater
6e3afdcced update copyright notice 2011-08-25 23:46:42 +00:00
Mark Andrews
db2a90f6ea simplify flag printing, protect first with #ifdef USEINITALWS 2011-08-25 13:28:00 +00:00
Evan Hunt
5a75f61dd4 3144. [bug] dns_dbiterator_seek() could trigger an assert when 
used with a nonexistent database node. [RT #25358]
 2011-08-23 00:59:23 +00:00
Mark Andrews
3a63259484 3143. [bug] Silence clang compiler warnings. [RT #25174] 2011-08-18 04:52:35 +00:00
Mark Andrews
ab8d150e91 3142. [bug] NAPTR is class agnostic. [RT #25429] 2011-08-16 03:00:02 +00:00
Automatic Updater
17d33346d7 update copyright notice 2011-08-09 04:12:25 +00:00
Mark Andrews
772dfb90be 3141. [bug] Silence spurious "zone serial (0) unchanged" messages 
associated with empty zones. [RT #25079]
 2011-08-09 02:24:28 +00:00
Automatic Updater
cb3c295308 regen HEAD 2011-08-09 01:14:54 +00:00
Automatic Updater
4fc2b43e69 update copyright notice 2011-08-08 23:46:41 +00:00
Mark Andrews
f81e8340fc rt25400 s/domainname/filename/ 2011-08-08 03:28:15 +00:00
Automatic Updater
44931133ff update copyright notice 2011-08-03 23:47:48 +00:00
Evan Hunt
64c66c801f Missed an added file when merging rt19770. 2011-08-03 05:37:59 +00:00
Automatic Updater
adbc177194 update copyright notice 2011-08-02 23:47:52 +00:00
Evan Hunt
0127993480 3140. [func] New command "rndc flushtree <name>" clears the 
specified name from the server cache along with
			all names under it. [RT #19970]
 2011-08-02 20:36:13 +00:00
Automatic Updater
2f17ad4545 update copyright notice 2011-07-28 23:47:59 +00:00
Mark Andrews
16f3aeab3c move declaration to start of function 2011-07-28 11:16:04 +00:00
Mark Andrews
31f46f1869 3138. [bug] Address memory leaks and out-of-order operations when 
shutting named down. [RT #25210]
 2011-07-28 04:27:27 +00:00
Evan Hunt
f07b2fccaf 3137. [func] Improve hardware scalability by allowing multiple 
worker threads to process incoming UDP packets.
			This can significantly increase query throughput
			on some systems.  [RT #22992]
 2011-07-28 04:04:37 +00:00
Mark Andrews
011080d64a add ${ISC_INCLUDES} 2011-07-28 03:20:45 +00:00
Evan Hunt
cf63d32d55 3136. [func] Add RFC 1918 reverse zones to the list of built-in 
empty zones switched on by the 'empty-zones-enable'
			option. [RT #24990]
 2011-07-28 03:18:17 +00:00
Mark Andrews
062ddb1981 use UNUSED() 2011-07-27 23:38:21 +00:00
Mark Andrews
8bd2b6923c silence 'expression result unused' from clang 2011-07-27 07:45:55 +00:00
Mark Andrews
56e85a97bb use UNUSED(x) not 'x = x' 2011-07-27 07:02:21 +00:00
Mark Andrews
f96ba7c746 remove check for oldid as named may have already deleted it 2011-07-26 04:42:20 +00:00
Mark Andrews
acf34e66a8 id was not being properly set 2011-07-26 04:28:35 +00:00
Automatic Updater
3d73f493d0 update copyright notice 2011-07-19 23:47:48 +00:00
Mark Andrews
96ade2bc52 3134. [bug] Improve the accuracy of dnssec-signzone's signing 
statistics. [RT #16030]
 2011-07-19 04:09:27 +00:00
Evan Hunt
b47c020d5c 3133. [bug] Change #3114 was incomplete. [RT #24577] 2011-07-08 01:43:26 +00:00
Automatic Updater
2a36d8ca40 update copyright notice 2011-07-07 23:47:50 +00:00
Automatic Updater
69f5c36b39 update copyright notice 2011-07-06 23:47:43 +00:00
Evan Hunt
c46ce2d79b 3131. [func] Improve scalability by allocating one zone task 
per 100 zones at startup time, rather than using a
			fixed-size task table. [RT #24406]
 2011-07-06 05:05:52 +00:00
Evan Hunt
42cf2ff7ba 3131. [func] Improve scalability by allocating one zone task 
per 100 zones at startup time, rather than using a
			fixed-size task table. [RT #24406]
 2011-07-06 01:36:32 +00:00
Mark Andrews
a69070d8fa 3130. [func] Support alternate methods for managing a dynamic 
zone's serial number.  Two methods are currently
                        defined using serial-update-method, "increment"
                        (default) and "unixtime".  [RT #23849]
 2011-07-01 02:25:48 +00:00
Evan Hunt
cba23be7ba Add the newly discovered PoD to the nsupdate test. (No CHANGES note.) 2011-06-21 22:15:05 +00:00
Automatic Updater
313b4dc3b2 update copyright notice 2011-06-17 23:47:49 +00:00
Evan Hunt
e7220c9b84 3129. [bug] Named could crash on 'rndc reconfig' when 
allow-new-zones was set to yes and named ACLs
			were used, [RT #22739]
 2011-06-17 07:05:02 +00:00
Automatic Updater
0f467ed4d4 update copyright notice 2011-06-10 23:47:32 +00:00
Evan Hunt
79ce3a9e82 3128. [func] Inserting an NSEC3PARAM via dynamic update in an 
auto-dnssec zone that has not been signed yet
			will cause it to be signed with the specified NSEC3
			parameters when keys are activated.  The
			NSEC3PARAM record will not appear in the zone until
			it is signed, but the parameters will be stored.
			[RT #23684]
 2011-06-10 01:51:09 +00:00
Evan Hunt
5e3affc6a0 3127. [bug] 'rndc thaw' will now remove a zone's journal file 
if the zone serial number has been changed and
			ixfr-from-differences is not in use.  [RT #24687]
 2011-06-10 01:32:38 +00:00
Mark Andrews
475b1ed9cc 3126. [security] Using DNAME record to generate replacements caused 
RPZ to exit with a assertion failure. [RT #23766]
 2011-06-09 03:10:17 +00:00
Mark Andrews
b64e3b8358 3125. [security] Using wildcard CNAME records as a replacement with 
RPZ caused named to exit with a assertion failure.
                        [RT #24715]
 2011-06-09 00:42:51 +00:00
Evan Hunt
2a6d60615c Fixed an nsupdate test error 2011-06-09 00:15:05 +00:00
Evan Hunt
6de9744cf9 3124. [bug] Use an rdataset attribute flag to indicate 
negative-cache records rather than using rrtype 0;
			this will prevent problems when that rrtype is
			used in actual DNS packets. [RT #24777]

3123.	[security]	Change #2912 exposed a latent flaw in
			dns_rdataset_totext() that could cause named to
			crash with an assertion failure. [RT #24777]
 2011-06-08 22:13:51 +00:00
Scott Mann
07797bfb1f fix RT 24561 2011-06-07 01:45:38 +00:00
Evan Hunt
6b95b91c61 3122. [cleanup] dnssec-settime: corrected usage message. [RT #24664] 2011-06-02 20:24:45 +00:00
Mark Andrews
ec564e401a add debugging output on test failure 2011-05-31 13:52:06 +00:00
Mark Andrews
ae0691566a date +%s is not portable, use perl -e 'print time();', Adjust messages 2011-05-30 22:32:06 +00:00
Scott Mann
5588b32695 This is a workaround fix for a problem in Solaris 10 (specifically on thing1) 
for which a root cause has not yet been found. RT #24561.
 2011-05-30 15:13:49 +00:00
Mark Andrews
fe8572e116 The old active key could be deleted before the "former standby key has now 
signed fully" ran causing it to fail.  Delay the deletion by 10 seconds.
 2011-05-30 07:25:19 +00:00
Automatic Updater
6406d6507a update copyright notice 2011-05-26 23:47:28 +00:00
Mark Andrews
ea82782532 3120. [bug] Named could fail to validate zones list in a DLV 
that validated insecure without using DLV and had
                        DS records in the parent zone. [RT #24631]
 2011-05-26 04:35:02 +00:00
Evan Hunt
0245f7725c 3118. [bug] When rolling to a new DNSSEC key, a private-type 
record could be created and never marked complete.
			[RT #23253]
 2011-05-26 04:25:47 +00:00
Automatic Updater
00678e367d update copyright notice 2011-05-25 23:47:16 +00:00
Mark Andrews
021bc5b3cc add DRUZ zone with DS records 2011-05-25 01:06:56 +00:00
Evan Hunt
47e70d820e 3118. [bug] nsupdate could dump core on shutdown when using 
SIG(0) keys. [RT #24604]
 2011-05-23 22:25:32 +00:00
Evan Hunt
bfe32d08c5 3116. [func] New 'dnssec-update-mode' option controls updates 
of DNSSEC records in signed dynamic zones.  Set to
			'no-resign' to disable automatic RRSIG regeneration
			while retaining the ability to sign new or changed
			data. [RT #24533]
 2011-05-23 20:10:03 +00:00
Evan Hunt
fc6364bf24 expiring.example.db.in was left out when committing rt23136 to HEAD 2011-05-21 15:07:10 +00:00
Mark Andrews
c0984ac8bd 3115. [bug] Named could fail to return requested data when 
following a CNAME that points into the same zone.
                        [RT #2445]
 2011-05-20 05:09:30 +00:00
Scott Mann
a50ce0f80b Fix for RT #23136 task 1. 2011-05-19 00:31:57 +00:00
Automatic Updater
d9c707589a regen HEAD 2011-05-09 01:14:47 +00:00
Mark Andrews
789875a1bd named.conf copyrights 2011-05-08 07:12:48 +00:00
Automatic Updater
25db028666 update copyright notice 2011-05-07 23:47:28 +00:00
Evan Hunt
de7df3e56f 3111. [bug] Improved consistency checks for dnssec-enable and 
dnssec-validation, added test cases to the
                        checkconf system test. [RT #24398]
 2011-05-07 05:55:17 +00:00
Evan Hunt
be84733145 3110. [bug] dnssec-signzone: Wrong error message could appear 
when attempting to sign with no KSK. [RT #24369]
 2011-05-07 00:31:13 +00:00
Automatic Updater
40717638fa update copyright notice 2011-05-06 23:47:29 +00:00
Evan Hunt
ac21f918f2 3109. [func] The also-notify option now uses the same syntax 
as a zone's masters clause.  This means it is
			now possible to specify a TSIG key to use when
			sending notifies to a given server, or to include
			an explicit named masters list in an also-notfiy
			statement.  [RT #23508]
 2011-05-06 21:23:51 +00:00
Evan Hunt
485522d7e1 3108. [cleanup] dnssec-signzone: Clarified some error and 
warning messages; removed #ifdef ALLOW_KSKLESS_ZONES
			code (use -P instead). [RT #20852]

3107.	[bug]		dnssec-signzone: Report the correct number of ZSKs
			when using -x. [RT #20852]
 2011-05-06 21:08:33 +00:00
Automatic Updater
a30e1b26b4 update copyright notice 2011-05-05 23:47:17 +00:00
Mark Andrews
fe646be4b7 set/reset client->signer. change 3106 used it before it was set 2011-05-05 23:44:52 +00:00
Scott Mann
b2b3209149 added g 2011-05-05 23:15:56 +00:00
Scott Mann
101e493844 remove trailing whitespace from pid (RT 24388) 2011-05-05 23:10:24 +00:00
Scott Mann
58d7c91b65 remove trailing newline from pid (RT #24388) 2011-05-05 22:56:55 +00:00
Evan Hunt
9eea4c5cbd 3106. [func] When logging client requests, include the name of 
the TSIG key if any. [RT #23619]
 2011-05-05 20:04:24 +00:00
Evan Hunt
d454a60f56 3103. [bug] Configuring 'dnssec-validation auto' in a view 
instead of in the options statement could trigger
			an assertion failure in named-checkconf. [RT #24382]
 2011-05-05 16:13:35 +00:00
Mark Andrews
83bf223210 explictly kill the process if the server fails to start, check for a non zero length pid file 2011-05-05 04:47:45 +00:00
Mark Andrews
46d3c6cf40 grep was not precise enough leading to test failure 2011-05-03 16:07:44 +00:00
Mark Andrews
f1d4986b83 treat asb(x) < 500ms as 0 2011-05-02 23:56:59 +00:00
Mark Andrews
65043f48f2 force numeric comparision 2011-05-02 05:05:05 +00:00
Mark Andrews
07907fa31a handle end of day 2011-05-02 01:35:04 +00:00
Mark Andrews
bbf46f1aa2 fix expression 2011-05-01 21:36:33 +00:00
Mark Andrews
f83682f368 awk -v is not portable, add floating point arithmetic effects 2011-05-01 11:29:20 +00:00
Automatic Updater
54968ae88e update copyright notice 2011-04-29 23:47:18 +00:00
Evan Hunt
39f2d1a96a 3102. [func] New 'dnssec-loadkeys-interval' option configures 
how often, in minutes, to check the key repository
			for updates when using automatic key maintenance.
			Default is every 60 minutes (formerly hard-coded
			to 12 hours). [RT #23744]

3101.	[bug]		Zones using automatic key maintenance could fail
			to check the key repository for updates. [RT #23744]
 2011-04-29 21:37:15 +00:00
Automatic Updater
46ce2f7b60 update copyright notice 2011-04-27 23:47:26 +00:00
Evan Hunt
76db58eb81 3100. [security] Certain response policy zone configurations could 
trigger an INSIST when receiving a query of type
			RRSIG. [RT #24280]
 2011-04-27 17:46:47 +00:00
Automatic Updater
7021f2faa0 update copyright notice 2011-04-19 23:47:52 +00:00
Evan Hunt
7a2173839c 3099. [test] "dlz" system test now runs but gives R:SKIPPED if 
not compiled with --with-dlz-filesystem.  [RT #24146]

3098.	[bug]		DLZ zones were answering without setting the AA bit.
			[RT #24146]
 2011-04-19 22:30:52 +00:00
Evan Hunt
c92122485d 3097. [test] Add a tool to test handling of malformed packets. 
[RT #24096]
 2011-04-15 01:02:08 +00:00
Scott Mann
c7e1812d02 a few more "--with-gssapi" as default fixes to correct problems on test 
systems
 2011-04-05 19:16:54 +00:00
Scott Mann
80593d9802 one character typo. 2011-04-05 16:10:39 +00:00
Evan Hunt
4e5fc672bc Corrected a bug in the dnssec test introduced in change #3046. 2011-03-31 15:58:51 +00:00
Automatic Updater
e2d4cd0ae4 update copyright notice 2011-03-30 23:47:12 +00:00
Scott Mann
761fa7d770 Fixes for various OS/environs for RT #23836 (--with-gssapi as default). 2011-03-30 15:48:41 +00:00
Mark Andrews
779c84fb32 style 2011-03-28 05:14:51 +00:00
Mark Andrews
4768c1d9a4 while (1) -> for (;;) 2011-03-28 05:11:43 +00:00
Automatic Updater
795a316ec5 regen HEAD 2011-03-28 01:14:35 +00:00
Mark Andrews
2ae23f7fc6 </para> -> <para> 2011-03-27 06:39:59 +00:00
Evan Hunt
eb08f01b96 Forgot to add a data file for the autosign test. 2011-03-26 01:19:03 +00:00
Evan Hunt
319b8a1488 3092. [bug] Signatures for records at the zone apex could go 
stale due to an incorrect timer setting. [RT #23769]

3091.	[bug]		Fixed a bug in which zone keys that were published
			and then subsequently activated could fail to trigger
			automatic signing. [RT #22991]
 2011-03-25 23:53:02 +00:00
Mark Andrews
fdc2d31c00 </para>-><para> 2011-03-25 03:08:44 +00:00
Automatic Updater
06140f733a update copyright notice 2011-03-24 23:47:48 +00:00
Mark Andrews
0a82492610 3089. [func] dnssec-dsfromkey now supports reading keys from 
standard input "dnssec-dsfromkey -f -". [RT# 20662]
 2011-03-24 02:10:23 +00:00
Automatic Updater
4f06155c8f update copyright notice 2011-03-22 23:47:30 +00:00
Scott Mann
1760d5e5f2 For some reason, this didn't get removed before (RT #23687) 2011-03-22 17:20:03 +00:00
Scott Mann
95759de490 Remove bin/tests/system/logfileconfig/ns1/named.conf and add setup.sh 
in order to resolve changing named.conf issue.  [RT #23687]
 2011-03-22 16:51:50 +00:00
Evan Hunt
c2255e8614 Fixed a bug that was exposed by change #3085. 2011-03-22 03:19:38 +00:00
Automatic Updater
7717ec7a6a regen HEAD 2011-03-22 01:14:27 +00:00
Mark Andrews
e706901292 add test numbers 2011-03-22 00:41:53 +00:00
Automatic Updater
6333ba02a5 update copyright notice 2011-03-21 23:47:21 +00:00
Mark Andrews
c2265bd341 adjust rt23702 test to take less time 2011-03-21 20:31:22 +00:00
Evan Hunt
0994d3a21b 3087. [bug] DDNS updates using SIG(0) with update-policy match 
type "external" could cause a crash. [RT #23735]
 2011-03-21 19:54:03 +00:00
Evan Hunt
1063914c30 Fixed some problems from change #3084 that turned up after committing it; 
"freeze" and "thaw" weren't working quite right when used without a
specific zone name.
 2011-03-21 18:38:40 +00:00
Evan Hunt
cf0d508b1e Forgot to add rndc test dir when committing "rndc sync" change to HEAD 2011-03-21 18:06:07 +00:00
Evan Hunt
36b2d5f93c use "rndc sync" instead of freeze/thaw cycle to dump zones, now that it's 
available.
 2011-03-21 16:53:44 +00:00
Evan Hunt
dff7e38491 initialize delset 2011-03-21 16:17:57 +00:00
Evan Hunt
10a759cee6 3086. [bug] Running dnssec-settime -f on an old-style key will 
now force an update to the new key format even if no
			other change has been specified, using "-P now -A now"
			as default values.  [RT #22474]
 2011-03-21 15:56:35 +00:00
Evan Hunt
d965c91f95 clarify "rndc sync" logging, add it to "rndc -h" output, per francis 
review comments in rt22473.
 2011-03-21 15:39:05 +00:00
Evan Hunt
35f1a4fc93 3085. [func] New '-R' option in dnssec-signzone forces removal 
of signatures which have not yet expired but
			were generated by a key that no longer exists.
			[RT #22471]
 2011-03-21 07:26:47 +00:00
Evan Hunt
7cb226ec34 3084. [func] A new command "rndc sync" dumps pending changes in 
a dynamic zone to disk; "rndc sync -clean" also
			removes the journal file after syncing.  Also,
			"rndc freeze" no longer removes journal files.
			[RT #22473]
 2011-03-21 07:22:14 +00:00
Mark Andrews
5f49da42fe wait longer for the nsec3chain generation to complete 2011-03-21 03:30:48 +00:00
Mark Andrews
5095e72ac3 3083. [bug] NOTIFY messages were not being sent when generating 
a NSEC3 chain incrementally. [RT #23702]
 2011-03-21 01:02:39 +00:00
Mark Andrews
653cad790b 3082. [port] strtok_r is threads only. [RT #23747] 2011-03-21 00:30:18 +00:00
Mark Andrews
7dc5273a3e skip not untested 2011-03-20 09:03:47 +00:00
Automatic Updater
7885190562 update copyright notice 2011-03-18 23:47:36 +00:00
Francis Dupont
f3bb08a519 add 23591 no-regression 2011-03-18 21:14:20 +00:00
Francis Dupont
a8e6a8cd6c fix too long with dname error 2011-03-18 21:12:19 +00:00
Mark Andrews
cbf59e5887 3079. [bug] Handle isc_event_allocate failures in t_tasks. 
[RT #23572]
 2011-03-18 07:40:25 +00:00
Evan Hunt
1853c5eaf7 ignore SIGPIPE in ans.pl; this is needed for debian. 2011-03-18 04:41:15 +00:00
Mark Andrews
f79a36eeed silence: 'ttl' might be used uninitialized 2011-03-18 02:16:43 +00:00
Evan Hunt
ea5334a36e fixed a missing / in /dev/null 2011-03-18 02:08:45 +00:00
Automatic Updater
a3f8c8e207 regen HEAD 2011-03-18 01:14:34 +00:00
Automatic Updater
207cee019e update copyright notice 2011-03-17 23:47:30 +00:00
Francis Dupont
50f64cf0e5 silent compiler warnings for DLZ exernal driver support and example 2011-03-17 09:25:54 +00:00
Evan Hunt
61bcc23203 3076. [func] New '-L' option in dnssec-keygen, dnsset-settime, and 
dnssec-keyfromlabel sets the default TTL of the
			key.  When possible, automatic signing will use that
			TTL when the key is published.  [RT #23304]
 2011-03-17 01:40:40 +00:00
Francis Dupont
92f2688155 silent clang analyzer 2011-03-14 14:13:10 +00:00
Automatic Updater
71d0d898fb update copyright notice 2011-03-13 23:47:36 +00:00
Mark Andrews
26b49e8459 3074. [bug] Make the adb cache read through for zone data and 
glue learn for zone named is authoritative for.
                        [RT #22842]
 2011-03-13 02:49:28 +00:00
Automatic Updater
8ac903147f update copyright notice 2011-03-12 23:47:42 +00:00
Mark Andrews
69e617cf88 test for Net::DNS 2011-03-12 21:24:52 +00:00
Automatic Updater
c1aef54e14 update copyright notice 2011-03-12 04:59:49 +00:00
Mark Andrews
4f587beb8e 3071. [bug] has_nsec could be used unintialised in 
update.c:next_active. [RT #20256]
 2011-03-11 12:51:40 +00:00
Mark Andrews
6494526350 3070. [bug] dnssec-signzone potential NULL pointer dereference. 
[RT #20256]
 2011-03-11 12:37:01 +00:00
Evan Hunt
4fbaf0202b link driver.so from the .o file instead of the .lo file when building 
with libtool.
 2011-03-11 07:11:07 +00:00
Mark Andrews
0874abad14 3069. [cleanup] Silence warnings messages from clang static analysis. 
[RT #20256]
 2011-03-11 06:11:27 +00:00
Mark Andrews
2d96b63d31 3067. [bug] ixfr-from-differences {master|slave}; failed to 
select the master/slave zones.  [RT #23580]
 2011-03-11 00:43:54 +00:00
Automatic Updater
cf786a52ce update copyright notice 2011-03-10 23:47:50 +00:00
Francis Dupont
cf39976b89 while(1) -> for(;;) (cf 23588) 2011-03-10 13:37:21 +00:00
Evan Hunt
422009fe5b 3066. [func] The DLZ "dlopen" driver is now built by default, 
no longer requiring a configure option.  To
			disable it, use "configure --without-dlopen".
                        Driver also supported on win32.  [RT #23467]
 2011-03-10 04:36:16 +00:00
Francis Dupont
228bddfc12 update do_authors_lookup() 2011-03-07 15:29:32 +00:00
Mark Andrews
198be130e2 remove exit 2011-03-07 14:03:49 +00:00
Automatic Updater
be6c1c5061 regen HEAD 2011-03-06 01:14:21 +00:00
Automatic Updater
0e27506ce3 update copyright notice 2011-03-05 23:52:31 +00:00
Evan Hunt
9a859983d7 3062. [func] Made several changes to enhance human readability 
of DNSSEC data in dig output and in generated
			zone files:
			 - DNSKEY record comments are more verbose, no
			   longer used in multiline mode only
			 - multiline RRSIG records reformatted
			 - multiline output mode for NSEC3PARAM records
			 - "dig +norrcomments" suppresses DNSKEY comments
			 - "dig +split=X" breaks hex/base64 records into
			   fields of width X; "dig +nosplit" disables this.
			[RT #22820]
 2011-03-05 19:39:07 +00:00
Mark Andrews
eff7f78bc6 3061. [func] New option "dnssec-signzone -D", only write out 
generated DNSSEC records. [RT #22896]
 2011-03-05 06:35:41 +00:00
Mark Andrews
7d09a0190b add #include <isc/file.h> 2011-03-05 03:03:57 +00:00
Automatic Updater
60a900e83b regen HEAD 2011-03-05 01:14:22 +00:00
Automatic Updater
26a7306397 update copyright notice 2011-03-04 23:47:47 +00:00
Evan Hunt
61271cdee6 3060. [func] New option "dnssec-signzone -X <date>" allows 
specification of a separate expiration date
			for DNSKEY RRSIGs and other RRSIGs. [RT #22141]
 2011-03-04 22:20:21 +00:00
Evan Hunt
c2f051aaaa 3059. [test] Added a regression test for change #3023. 2011-03-04 22:01:01 +00:00
Scott Mann
be59d1eb72 Adding missing files for RT22771. 2011-03-04 14:43:58 +00:00
Scott Mann
32babe43eb Ensure that log files are plain files. (RT #22771) 2011-03-04 14:07:03 +00:00
Automatic Updater
7d9d170dbb update copyright notice 2011-03-03 23:47:32 +00:00
Evan Hunt
f385bac3b9 3057. [bug] "rndc secroots" would abort after the first error 
and so could miss some views. [RT #23488]
 2011-03-03 16:16:47 +00:00
Francis Dupont
9fe8cca065 add URI support 2011-03-03 14:10:27 +00:00
Evan Hunt
70c7f4fb4f 3053. [bug] Under a sustained high query load with a finite 
max-cache-size, it was possible for cache memory
			to be exhausted and not recovered. [RT #23371]
 2011-03-03 04:42:25 +00:00
Francis Dupont
624664e504 Fixed last autosign test report [RT #23256] 2011-03-02 09:03:45 +00:00
Mark Andrews
be789bc7eb 3045. [removed] Replaced by change #3050. 2011-03-02 04:52:25 +00:00
Mark Andrews
d819823fee 3051. [bug] NS records obsure DS records at the bottom of the 
zone if both are present. [RT #23035]
 2011-03-02 04:49:05 +00:00
Mark Andrews
c1ced49662 3051. [bug] NS records obsure DS records at the bottom of the 
zone if both are present. [RT #23035]
 2011-03-02 04:20:34 +00:00
Mark Andrews
ba88bcf08b 3050. [bug] The autosign system test was timing dependent. 
Wait for the initial autosigning to complete
                        before running the rest of the test. [RT #23035]
 2011-03-02 04:08:58 +00:00
Mark Andrews
88c63fe9c7 3039. [bug] Save and restore the gid when creating creating 
named.pid at startup. [RT #23290]
 2011-03-02 00:02:54 +00:00
Automatic Updater
c8175ece69 update copyright notice 2011-03-01 23:48:07 +00:00
Mark Andrews
4c05f9a6a3 3048. [bug] Fully seperate view key mangement. [RT #23419] 2011-03-01 22:44:04 +00:00
Scott Mann
d31740ce28 Fixed DNSKEY NODATA responses not cached (RT #22908). 2011-03-01 14:40:39 +00:00
Automatic Updater
bc171df6ca update copyright notice 2011-02-28 23:47:39 +00:00
Automatic Updater
ddc163d532 regen 2011-02-28 23:31:05 +00:00
Francis Dupont
664917beda Use RRSIG original TTL in validated RRset TTL [RT #23332] 2011-02-28 14:21:35 +00:00
Francis Dupont
17bc56e321 ove the testsock.pl sleep to autosign test suite [RT #23400] 2011-02-28 14:08:36 +00:00
Automatic Updater
1c743aa176 regen 2011-02-27 23:30:42 +00:00
Evan Hunt
7cc5632595 3042. [bug] dig +trace could fail attempting to use IPv6 
addresses on systems with only IPv4 connectivity.
			[RT #23797]
 2011-02-25 23:11:13 +00:00
Mark Andrews
2f09e7c3fc 3041. [bug] dnssec-signzone failed to generate new signatures on 
ttl changes. [RT #23330]
 2011-02-24 03:04:43 +00:00
Automatic Updater
8a8d38eb8e regen HEAD 2011-02-24 01:14:22 +00:00
Automatic Updater
45caada8cb update copyright notice 2011-02-23 23:47:20 +00:00
Mark Andrews
4f07b2b00c 3040. [bug] Named failed to validate insecure zones where a node 
with a CNAME existed between the trust anchor and the
                        top of the zone. [RT #23338]
 2011-02-23 11:30:35 +00:00
Mark Andrews
0e507dbb81 2039. [func] Redirect on NXDOMAIN support. [RT #23146] 2011-02-23 03:08:11 +00:00
Scott Mann
3b46648b02 Revert the previous commit...made on wrong branch. 2011-02-22 22:57:23 +00:00
Scott Mann
44b49a34b1 Added some comments. 2011-02-22 22:50:45 +00:00
Mark Andrews
b795de862b 2036. [bug] Check built-in zone arguments to see if the zone 
is re-usable or not. [RT #21914]
 2011-02-22 04:14:30 +00:00
Automatic Updater
b01d422daf update copyright notice 2011-02-21 23:47:45 +00:00
Mark Andrews
c12904ec53 3035. [cleanup] Simplify by using strlcpy. [RT #22521] 2011-02-21 07:34:57 +00:00
Mark Andrews
0a92db42c6 3034. [cleanup] nslookup: use strlcpy instead of safecopy. [RT #22521] 2011-02-21 07:22:21 +00:00
Mark Andrews
a360461b34 check for snprintf failure 2011-02-21 07:14:43 +00:00
Scott Mann
57b403c1e9 Fix prz SERVFAILs after failed zone transfers (RT23246). 2011-02-18 15:18:30 +00:00
Evan Hunt
29bd52e4ee 3021. [bug] Change #3010 was incomplete. [RT #22296] 2011-02-16 19:48:12 +00:00
Automatic Updater
c41b2924a5 update copyright notice 2011-02-15 23:47:36 +00:00
Mark Andrews
b1b42b03b7 3020. [bug] auto-dnssec failed to correctly update the zone when changing the DNSKEY RRset. [RT #23232] 2011-02-15 22:02:36 +00:00
Francis Dupont
931814de4a typo in comment 2011-02-15 18:23:34 +00:00
Mark Andrews
c5fa370695 3019. [func] Test: check apex NSEC3 records after adding DNSKEY 
record via UPDATE. [RT #23229]
 2011-02-14 23:53:44 +00:00
Automatic Updater
56748bc3d1 update copyright notice 2011-02-08 23:10:07 +00:00
Mark Andrews
37b017f2ca Regression test for: 
3018.   [bug]           Named failed to check for the "none;" acl when deciding
                        if a zone may need to be re-signed. [RT #23120]
 2011-02-08 03:47:02 +00:00
Automatic Updater
79cf9524b1 regen HEAD 2011-02-04 01:14:16 +00:00
Automatic Updater
784a904bd0 update copyright notice 2011-02-03 12:18:12 +00:00
Mark Andrews
5cfe4bcb0a 3017. [doc] dnssec-keyfromlabel -I was not properly documented. 
[RT #22887]
 2011-02-03 12:01:44 +00:00
Mark Andrews
5b79d15401 3016. [bug] rndc usage missing '-b'. [RT #22937] 2011-02-03 11:46:17 +00:00
Mark Andrews
c1ee8bb4ba 3013. [bug] The DNS64 ttl was not always being set as expected. 
[RT #23034]
 2011-02-03 07:35:56 +00:00
Mark Andrews
16cc4a1f56 3012. [bug] Remove DNSKEY TTL change pairs before generating 
signing records for any remaing DNSKEY changes.
                        [RT #22590]
 2011-02-03 06:03:15 +00:00
Mark Andrews
000a8970f8 3011. [func] Change the default query timeout from 30 seconds 
to 10.  Allow setting this in named.conf using the new
                        'resolver-query-timeout' option, which specifies a max
                        time in seconds.  0 means 'default' and anything longer
                        than 30 will be silently set to 30. [RT #22852]
 2011-02-03 05:41:55 +00:00
Evan Hunt
903b3c84e2 3010. [bug] Fixed a bug where "rndc reconfig" stopped the timer 
for refreshing managed-keys. [RT #22296]
 2011-02-03 00:21:55 +00:00
Evan Hunt
439a6b2fbf created cvsignore 2011-02-01 20:12:16 +00:00
Automatic Updater
a09fff7051 update copyright notice 2011-01-14 00:51:43 +00:00
Mark Andrews
638614fe02 silence: warning: format not a string literal and no format arguments 2011-01-14 00:44:53 +00:00
Mark Andrews
cc5e0baaef arguements out of order 2011-01-13 23:16:06 +00:00
Evan Hunt
5645e0c82a Automatically-added copyright text was breaking the RPZ test. 2011-01-13 19:30:41 +00:00
Automatic Updater
2352050890 update copyright notice 2011-01-13 08:50:29 +00:00
Mark Andrews
16ae8f12c2 add -V to foreground flags 2011-01-13 08:46:34 +00:00
Mark Andrews
6767b5b544 openssl include path 2011-01-13 08:15:30 +00:00
Mark Andrews
0a24e3a8ae openssl include path 2011-01-13 07:51:06 +00:00
Mark Andrews
fd7b3477c3 openssl include path 2011-01-13 07:25:35 +00:00
Automatic Updater
9cee5bb028 update copyright notice 2011-01-13 04:59:26 +00:00
Mark Andrews
9d53927aa8 zone = NULL 2011-01-13 03:57:50 +00:00
Mark Andrews
87708bde16 3008. [func] Response policy zones (RPZ) support. [RT #21726] 2011-01-13 01:59:28 +00:00
Automatic Updater
135bcc2e42 update copyright notice 2011-01-11 23:47:14 +00:00
Michael Graff
59b600ae73 commit Makefile.in, not Makefile 2011-01-11 21:40:35 +00:00
Michael Graff
beb52a4b18 add tests for isc_atomic_xadd() and isc_atomic_xaddq() since there is some suspicion that they may not be working properly on all platforms. This is committed direclty to the mainline as it's only a test. I did not regenerate configure from configure.in, but just added the one Makefile line. Evan will take a quick look at this after it's committed. 2011-01-11 21:36:22 +00:00
Mark Andrews
b053854c20 call dns_tsigkeyring_detach(&ring) 2011-01-10 13:09:49 +00:00
Mark Andrews
433e06a25c 3006. [func] Allow dynamically generated TSIG keys to be preserved 
across restarts of named.  Initially this is for
                        TSIG keys generated using GSSAPI. [RT #22639]
 2011-01-10 05:32:04 +00:00
Mark Andrews
fc5e97963d Check that ::1 is configured 2011-01-10 05:08:49 +00:00
Automatic Updater
0e0be796a7 update copyright notice 2011-01-08 23:47:01 +00:00
Evan Hunt
b156001ec1 Oops, omitted some commits from change #3005. 2011-01-08 01:26:01 +00:00
Automatic Updater
65ad89971e regen HEAD 2011-01-08 01:15:44 +00:00
Evan Hunt
8a743600dd 3005. [port] Solaris: Work around the lack of 
gsskrb5_register_acceptor_identity() by setting
			the KRB5_KTNAME environment variable to the
			contents of tkey-gssapi-keytab.  Also fixed
			test errors on MacOSX.  [RT #22853]
 2011-01-08 00:33:12 +00:00
Automatic Updater
93235c1cba update copyright notice 2011-01-07 23:47:07 +00:00
Evan Hunt
a727690e8b HPUX: silence compiler warnings about signed/unsigned comparisons 2011-01-07 21:42:03 +00:00
Evan Hunt
f686c5d700 Added missing .cvsignore entries 2011-01-07 07:10:34 +00:00
Evan Hunt
c23a9eed3e - Missed out authsock.pl when committing 3003. 
- Remove auth.sock in clean.sh.
 2011-01-07 07:01:58 +00:00
Mark Andrews
dc4fa197dd 3004. [func] DNS64 reverse support. [RT #22769] 2011-01-07 04:31:39 +00:00
Evan Hunt
5a87f3439e Initialize a pointer to NULL in order to to silence a compiler warning. 
Committing without review because the change is trivial.
 2011-01-07 00:50:06 +00:00
Automatic Updater
db69d5d53c update copyright notice 2011-01-06 23:47:00 +00:00
Evan Hunt
3916872f37 3003. [experimental] Added update-policy match type "external", 
enabliing named to defer the decision of whether to
			allow a dynamic update to an external daemon.
			(Contributed by Andrew Tridgell.) [RT #22758]
 2011-01-06 23:24:39 +00:00
Automatic Updater
9412850a75 regen 2011-01-05 23:30:46 +00:00
Automatic Updater
1da9dbcf48 update copyright notice 2011-01-04 23:47:14 +00:00
Automatic Updater
a184761e52 regen 2011-01-04 23:30:37 +00:00
Evan Hunt
79bf7c874b 3001. [func] Added a default trust anchor for the root zone, which 
can be switched on by setting "dnssec-validation auto;"
			in the named.conf options. [RT #21727]
 2011-01-03 23:45:08 +00:00
Mark Andrews
ac78c47210 ! test -n -> test -z 2010-12-27 13:38:43 +00:00
Mark Andrews
c2f37a77cc #include ISC_PLATFORM_KRB5HEADER [RT #22798] 2010-12-26 23:24:18 +00:00
Automatic Updater
6764a1403a update copyright notice 2010-12-24 23:47:05 +00:00
Mark Andrews
cd86950664 exit 255 2010-12-24 07:27:15 +00:00
Evan Hunt
d9ad0a55bb 3000. [bug] More TKEY/GSS fixes: 
- nsupdate can now get the default realm from
			   the user's Kerberos principal
			 - corrected gsstest compilation flags
			 - improved documentation
			 - fixed some NULL dereferences
			[RT #22795]
 2010-12-24 02:20:47 +00:00
Automatic Updater
0e9e255d16 regen HEAD 2010-12-24 01:14:21 +00:00
Automatic Updater
a094c46640 update copyright notice 2010-12-23 23:47:08 +00:00
Mark Andrews
37dee1ff94 2999. [func] Add GOST support (RFC 5933). [RT #20639] 2010-12-23 04:08:00 +00:00
Mark Andrews
10e018f66d s/ISC_OPENSSL_INC/DST_OPENSSL_INC 2010-12-22 09:00:40 +00:00
Mark Andrews
643935ac11 2997. [func] named -V now reports the OpenSSL and libxml2 verions 
it was compiled against. [RT #22687]
 2010-12-22 03:59:02 +00:00
Automatic Updater
ca103999e6 update copyright notice 2010-12-20 23:47:21 +00:00
Evan Hunt
950aa1d752 When a prereq.sh file determines that a test can't run because the feature 
to be tested was not configured in at build time, it can now return 255,
and run.sh will print "R:SKIPPED" instead of "R:UNTESTED".  Robie will be
able to flag this as green rather than yellow.
 2010-12-20 21:35:45 +00:00
Evan Hunt
8fda09fc85 Changed $(command) to command in tests.sh for compatibility with 
older bourne shells.
 2010-12-20 18:37:07 +00:00
Mark Andrews
e11d10bbcc example.nil.zone -> example.nil.db 2010-12-19 23:39:28 +00:00
Evan Hunt
584ad7dedd 2990. [bug] 'dnssec-settime -S' no longer tests prepublication 
interval validity when the interval is set to 0.
			[RT #22761]
 2010-12-19 07:29:36 +00:00
Automatic Updater
517ae3de96 regen HEAD 2010-12-19 01:14:08 +00:00
Automatic Updater
941c0792f2 update copyright notice 2010-12-18 23:47:11 +00:00
Evan Hunt
6c3eff861d tsiggss test needed a prereq.sh file. (Committing without review because 
the script is simple, no one is available, and I want to shut robie up.)
 2010-12-18 16:48:41 +00:00
Mark Andrews
0faa11ab77 clean first 2010-12-18 11:45:01 +00:00
Evan Hunt
af903e5008 Added files to clean.sh scripts that have been left around after tests run. 
Skipping the ticket/review steps because the change is trivial.
 2010-12-18 02:12:44 +00:00
Evan Hunt
71bd858d8e 2989. [func] Added support for writable DLZ zones. (Contributed 
by Andrew Tridgell of the Samba project.) [RT #22629]

2988.	[experimental]	Added a "dlopen" DLZ driver, allowing the creation
			of external DLZ drivers that can be loaded as
			shared objects at runtime rather than linked with
			named.  Currently this is switched on via a
			compile-time option, "configure --with-dlz-dlopen".
			Note: the syntax for configuring DLZ zones
			is likely to be refined in future releases.
			(Contributed by Andrew Tridgell of the Samba
			project.) [RT #22629]

2987.	[func]		Improve ease of configuring TKEY/GSS updates by
			adding a "tkey-gssapi-keytab" option.  If set,
			updates will be allowed with any key matching
			a principal in the specified keytab file.
			"tkey-gssapi-credential" is no longer required
			and is expected to be deprecated.  (Contributed
			by Andrew Tridgell of the Samba project.)
			[RT #22629]
 2010-12-18 01:56:23 +00:00
Mark Andrews
273757406a .zone -> .db 2010-12-17 00:57:39 +00:00
Automatic Updater
0ccd663a83 update copyright notice 2010-12-16 23:47:08 +00:00
Tatuya JINMEI 神明達哉
743bbdc18f 2947. [func] Add new zone type "static-stub". It's like a stub 
zone, but the nameserver names and/or their IP
			addresses are statically configured. [RT #21474]

(for 9.8.0)
 2010-12-16 09:51:30 +00:00
Evan Hunt
bbedadf76a 2985. [bug] Add a regression test for change #2896. [RT #21324] 2010-12-15 18:44:37 +00:00
johnd
7659fdb3aa Include "loadkeys" in rndc help output. [RT #22493] 2010-12-10 19:20:47 +00:00
Mark Andrews
cf5770e7b1 remove semi-colon 2010-12-09 06:17:33 +00:00
Automatic Updater
fd6a9d688c update copyright notice 2010-12-09 04:31:57 +00:00
Mark Andrews
9f9b7f0e8d 2982. [bug] Reference count dst keys. dst_key_attach() can be used 
increment the reference count.

                        Note: dns_tsigkey_createfromkey() callers should now
                        always call dst_key_free() rather than setting it
                        to NULL on success. [RT #22672]
 2010-12-09 00:54:34 +00:00
Automatic Updater
b8a9a7bef2 update copyright notice 2010-12-08 23:51:56 +00:00
Mark Andrews
b9f2d007c5 2981. [func] Partial DNS64 support (AAAA synthesis). [RT #21991] 2010-12-08 05:01:00 +00:00
Mark Andrews
e334405421 2981. [func] Partial DNS64 support (AAAA synthesis). [RT #21991] 2010-12-08 02:46:17 +00:00
Automatic Updater
a4b8846651 update copyright notice 2010-12-07 23:47:02 +00:00
Mark Andrews
8aee18709f 2980. [bug] named didn't properly handle UPDATES that changed the 
TTL of the NSEC3PARAM RRset. [RT #22363]
 2010-12-07 02:53:34 +00:00
Evan Hunt
e78c2b856b 2979. [bug] named could deadlock during shutdown if two 
"rndc stop" commands were issued at the same
			time. [RT #22108]
 2010-12-03 22:05:19 +00:00
Mark Andrews
82f0630bae 2977. [bug] 'nsupdate -l' report if the session key is missing. 
[RT #21670]
 2010-12-03 00:37:33 +00:00
Automatic Updater
326a702a35 update copyright notice 2010-12-02 23:46:56 +00:00
Mark Andrews
c87f15dac8 2976. [bug] named die on exit after negotiating a GSS-TSIG key. [RT #3415] 2010-12-02 23:22:42 +00:00
Automatic Updater
e085624e0f update copyright notice 2010-11-30 23:46:55 +00:00
Evan Hunt
b5b934a0bb 2974. [bug] Some vaild UPDATE requests could fail due to a 
consistency check examining the existing version
			of the zone rather than the new version resulting
			from the UPDATE. [RT #22413]
 2010-11-30 02:27:08 +00:00
Mark Andrews
5af195d1db 2973. [bug] bind.keys.h was being removed by the "make clean" 
at the end of configure resulting in build failures
                        where there is very old version of perl installed.
                        Move it to "make maintainer-clean". [RT #22230]
 2010-11-18 23:20:15 +00:00
Automatic Updater
33cc94f04c update copyright notice 2010-11-17 23:47:09 +00:00