upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-04 17:24:47 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
27394 commits 18 branches 854 tags 440 MiB
Commit graph

32 commits

Author SHA1 Message Date
Ondřej Surý
2b8fab6828 Remove genrandom command and all usage of specific random files throughout the system test suite 2018-05-16 09:54:35 +02:00
Michał Kępień
6acf326969 Apply raw zone deltas to yet unsigned secure zones 
When inline signing is enabled for a zone without creating signing keys
for it, changes subsequently applied to the raw zone will not be
reflected in the secure zone due to the dns_update_signaturesinc() call
inside receive_secure_serial() failing.  Given that an inline zone will
be served (without any signatures) even with no associated signing keys
being present, keep applying raw zone deltas to the secure zone until
keys become available in an attempt to follow the principle of least
astonishment.
 2018-04-25 12:00:31 -07:00
Ondřej Surý
843d389661 Update license headers to not include years in copyright in all applicable files 2018-02-23 10:12:02 +01:00
Evan Hunt
0c559199bf final cleanup 
- add CHANGES note
- update copyrights and license headers
- add -j to the make commands in .gitlab-ci.yml to take
  advantage of parallelization in the gitlab CI process
 2018-02-22 22:58:15 -08:00
Evan Hunt
c032c54dda parallelize most system tests 2018-02-22 15:29:02 -08:00
Mark Andrews
32d09cd7e0 4840. [test] Add tests to cover fallback to using ZSK on inactive 
KSK. [RT #46787]
 2017-12-06 20:26:43 +11:00
Mark Andrews
196e01da5f 4837. [bug] dns_update_signatures{inc} (add_sigs) was not 
properly determining if there were active KSK and
                        ZSK keys for a algorithm when update-check-ksk is
                        true (default) leaving records unsigned. [RT #46743]
 2017-12-04 10:03:51 +11:00
Michał Kępień
f665c724e4 [master] Prevent possible infinite signing loop after retransferring an inline-signed slave using NSEC3 
4727.	[bug]		Retransferring an inline-signed slave using NSEC3
			around the time its NSEC3 salt was changed could result
			in an infinite signing loop. [RT #45080]
 2017-09-18 09:18:45 +02:00
Evan Hunt
6ce8a05f6c [master] update copyrights that had been missed recently 2017-04-23 17:06:00 -07:00
Mukund Sivaraman
dd7d1df874 Increase minimum RSA keygen size to 1024 bits (#36895) 2017-04-21 12:00:40 +05:30
Mark Andrews
0c27b3fe77 4401. [misc] Change LICENSE to MPL 2.0. 2016-06-27 14:56:38 +10:00
Mark Andrews
1c5990c2f9 3958. [bug] Detect when writeable files have multiple references 
in named.conf. [RT #37172]
 2014-09-29 12:10:10 +10:00
Evan Hunt
60988462e5 [master] use posix-compatible shell in system tests 
3839.	[test]		Use only posix-compatible shell in system tests.
			[RT #35625]
 2014-05-06 22:06:04 -07:00
Evan Hunt
92fe6db3e4 [master] use test -r in system tests 
3806.	[test]		Improved system test portability. [RT #35625]
 2014-04-09 20:29:52 -07:00
Tinderbox User
aa7b16ec2a update copyright notice 2014-01-21 23:46:16 +00:00
Evan Hunt
d58e33bfab [master] testcrypto.sh in system tests 
3714.	[test]		System tests that need to test for cryptography
			support before running can now use a common
			"testcrypto.sh" script to do so. [RT #35213]
 2014-01-20 16:08:09 -08:00
Mark Andrews
0c91911b4d 3642. [func] Allow externally generated DNSKEY to be imported 
into the DNSKEY management framework.  A new tool
                        dnssec-importkey is used to this. [RT #34698]
 2013-09-04 13:53:02 +10:00
Tinderbox User
377b774598 update copyright notice 2013-08-15 23:46:17 +00:00
Mark Andrews
d1e22676de 3635. [bug] Signatures were not being removed from a zone with 
only KSK keys for a algorithm. [RT #24439]
 2013-08-15 13:37:07 +10:00
Mark Andrews
bf8267aa45 reverse bad copyright update 2012-06-29 11:39:47 +10:00
Tinderbox User
247bf37860 update copyright notice 2012-06-29 01:22:18 +00:00
Mark Andrews
1864400107 3289. [bug] 'rndc retransfer' failed for inline zones. [RT #28036] 2012-02-23 06:53:15 +00:00
Automatic Updater
edb4393ef5 update copyright notice 2012-01-10 23:46:58 +00:00
Evan Hunt
9a02019889 3264. [bug] Automatic regeneration of signatures in an 
inline-signing zone could stall when the server
			was restarted. [RT #27344]

3263.	[bug]		"rndc sync" did not affect the unsigned side of an
			inline-signing zone. [RT #27337]
 2012-01-10 18:13:37 +00:00
Evan Hunt
f30785f506 3252. [bug] When master zones using inline-signing were 
updated while the server was offline, the source
			zone could fall out of sync with the signed
			copy. They can now resynchronize. [RT #26676]
 2011-12-22 07:32:41 +00:00
Mark Andrews
e238ebd9b3 Backout accident commit to head 2011-12-09 22:09:26 +00:00
Mark Andrews
5ccf5eac0f ixfr-from-differences backup file 2011-12-09 13:32:42 +00:00
Mark Andrews
24ef32426d 3181. [func] Inline-signing is now supported for master zones. 
[RT #26224]
 2011-10-26 20:56:45 +00:00
Mark Andrews
b1c6de5456 3177. [func] 'rndc keydone', remove the indicator record that 
named has finished signing the zone with the
                        corresponding key.  [RT #26206]
 2011-10-25 01:54:22 +00:00
Mark Andrews
02286522fb 3166. [bug] Upgrading a zone to support inline-signing failed. [RT #26014] 2011-10-12 00:10:20 +00:00
Automatic Updater
4e68c7c87c update copyright notice 2011-08-30 23:46:53 +00:00
Mark Andrews
9198ab377b 3147. [func] Initial inline signing support. [RT #23657] 2011-08-30 05:16:15 +00:00