upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-27 04:43:08 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
27830 commits 18 branches 854 tags 440 MiB
Commit graph

8721 commits

Author SHA1 Message Date
Ondřej Surý
c4cee27f9b Add support for enabling and enforcing FIPS mode in OpenSSL: 
* Add configure option --enable-fips-mode that detects and enables FIPS mode
* Add a function to enable FIPS mode and call it on crypto init
* Log an OpenSSL error when FIPS_mode_set() fails and exit
* Report FIPS mode status in a separate log message from named
 2018-10-22 20:55:35 +02:00
Witold Kręcicki
38a127c35b Remove layering from isc_task, isc_app, isc_socket, isc_timer, isc_mem 2018-10-18 09:19:12 +00:00
Petr Menšík
ec1d9b80f5 Disable IDN from environment as documented 
Manual page of host contained instructions to disable IDN processing
when it was built with libidn2. When refactoring IDN support however,
support for disabling IDN in host and nslookup was lost. Use also
environment variable and document it for nslookup, host and dig.
 2018-10-05 05:58:33 -04:00
Ondřej Surý
f207e0b52e Restore the algorithm names mapping in bin/python/isc/dnskey.py.in for DSA, NSEC3DSA, and ECCGOST 2018-10-05 11:16:13 +02:00
Ondřej Surý
09fd5c442b Convert the system tests that were using DSA to use a default algorithm defined in conf.sh 2018-10-05 11:16:13 +02:00
Ondřej Surý
3994b1f9c2 Remove support for obsoleted and insecure DSA and DSA-NSEC3-SHA1 algorithms 2018-10-05 09:21:43 +02:00
Evan Hunt
2f0897caff add a test case 2018-10-04 23:33:18 -07:00
Evan Hunt
ff49dd3c21 clarify relationship between dnssec-enable and dnssec-validation 
- if dnssec-enable is no, then dnssec-validation now also defaults to
  no. if dnssec-enable is yes, dnssec-validation defaults to auto or yes
  depending on --disable-auto-validation.
- correct the doc
 2018-10-04 23:33:18 -07:00
Mark Andrews
a216135a15 reclimit: delegate to ans4 so that ans2 can behave like a real name server 2018-10-04 12:59:38 +10:00
Mark Andrews
848e42227e chain: change nameserver name so that the delegation matches 2018-10-04 12:26:28 +10:00
Mark Andrews
524c1317f7 chain: add 'start test' messages to named.run 2018-10-04 12:26:28 +10:00
Evan Hunt
ae8026171b update system test to add a check for UPDATE messages 2018-10-03 01:03:56 -07:00
Evan Hunt
6c31ba5c53 rebuild option grammar documentation 2018-10-03 01:03:56 -07:00
Evan Hunt
51c6f4b682 extend DNSTAP to record UPDATE requests and responses as a separate type 2018-10-03 01:03:56 -07:00
Mark Andrews
a6507af9e3 zero: send grep output to /dev/null; set ret=0 at start of 'check repeated recursive lookups of non recurring TTL=0 responses get new values' test so the failed subtest count is correct 2018-10-03 01:28:27 -04:00
Mark Andrews
0fc1b1bffa improve case presevation 2018-10-02 15:09:32 +10:00
Evan Hunt
b026663c62 use an example domain 2018-09-28 09:58:07 -07:00
Evan Hunt
b4dca44ad2 fix chaosnet address comparison 2018-09-28 00:42:03 -07:00
Evan Hunt
72b49ce869 tests for allow-recursion-on and allow-query-cache-on, default and inherited 2018-09-27 21:48:44 -07:00
Evan Hunt
5752645e60 allow-recursion-on and allow-query-cache-on should inherit from each other 2018-09-27 21:48:43 -07:00
Evan Hunt
6d05ec7dc1 fix problems running dnsrps tests in rpz and rpzrecurse 
- set up server correctly when running the second test pass
- reset stats counters before the second pass
- clean up test output
 2018-09-27 13:11:44 -07:00
Evan Hunt
e7c99e42f3 fix a typo in usage output 2018-09-24 15:21:47 -07:00
Mark Andrews
7effcffba2 mtype should be dns_ssumatchtype_t 2018-09-20 16:03:24 +10:00
Evan Hunt
bf9c60078a don't use $() in system tests 2018-09-11 14:02:25 -04:00
Evan Hunt
38cf56ac38 call named_os_changeuser() when setting minimal privileges on linux 2018-09-10 20:17:41 -07:00
Evan Hunt
cc0abf62a1 add -class option to rndc nta 2018-09-10 12:04:04 -07:00
Evan Hunt
83dc5a704a report when NTAs added to multiple views 
- the text returned by "rndc nta" when adding NTAs to multiple views
  was incorrectly terminated after the first line, so users only saw
  on NTA added unless they checked the logs.
 2018-09-10 12:02:49 -07:00
Mark Andrews
d1f8e116db add more missing name in update rule checks 2018-09-10 09:55:24 +10:00
Mark Andrews
54c4db569b add krb5-* tests to nsupdate system test. 2018-09-10 09:32:32 +10:00
Mark Andrews
5fb75a3d75 check that name field is not a valid type 2018-09-10 09:32:31 +10:00
Ondřej Surý
8ffd9a9b71 Remove PR_SET_DUMPABLE check as it is available since Linux 2.3.20 2018-09-07 12:48:49 +02:00
Ondřej Surý
8e4cc152f7 Remove HAVE_SYS_PRCTL_H check as the prctl() system call was introduced in Linux 2.1.57. 2018-09-07 12:43:43 +02:00
Ondřej Surý
2750799132 Assume socklen_t is always available on all supported platforms (except on Windows where it is typedefed to int32_t) 2018-09-07 12:17:40 +02:00
Ondřej Surý
7716bdd400 Remove dummy PATH_RANDOMDEV and CHECK_DSA defines 2018-09-07 12:17:40 +02:00
Ondřej Surý
c7b1e7fd08 Linux (glibc) has NPTL since LinuxThreads are no-more, so remove HAVE_LINUXTHREADS 2018-09-07 12:17:40 +02:00
Ondřej Surý
4014bc42dd According to POSIX.1-2001, POSIX.1-2008 #include <sys/select.h> is correct way to get fd_set 2018-09-07 12:17:30 +02:00
Evan Hunt
881a868dc0 the allow-query test was in conf.sh.win32 as allow_query, so was skipped 2018-09-05 18:02:40 -07:00
Evan Hunt
1aa3ba2bb1 add ws2_32.lib where missing 2018-09-05 16:54:47 -07:00
Evan Hunt
f8d9bd6178 move ws2_32.lib to the end of AdditionalDependencies 2018-09-05 14:25:38 -07:00
Evan Hunt
02041b94d9 remove startup log message indicating thread status 2018-09-04 11:58:26 -07:00
Tinderbox User
19ed6f8f5a prep 9.13.3 2018-09-04 06:11:38 +00:00
Ondřej Surý
25248eb097 Bail-out early in the for install loops instead of continuing because for masks the error in the middle 2018-09-03 12:05:45 +02:00
Ondřej Surý
eb9849daff Update documentation (ARM, READMEs and man pages) 2018-08-31 06:03:42 -04:00
Mark Andrews
05eb9fd338 simplify 2018-08-31 18:47:29 +10:00
Mark Andrews
feaf381adb use pack to construct the reply as Net::DNS just get it wrong 2018-08-31 03:47:56 -04:00
Mark Andrews
615ebc39e3 remove EDNS workarounds, update legacy test 2018-08-30 21:17:00 -07:00
Mark Andrews
e7e4603f9b bring up interfaces 9 and 10 2018-08-30 21:16:59 -07:00
Mark Andrews
c81c9660f5 add -T ednsformerr/ednsnotimp/ednsrefused 2018-08-30 21:16:59 -07:00
Mark Andrews
8e5abc6cdf report initial RRSIG expiry field values 2018-08-30 22:37:08 -04:00
Ondřej Surý
7f508ec229 Link arpaname and mdig with ws2_32.lib 2018-08-29 22:16:37 +02:00