upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-13 14:18:48 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
6115 commits 18 branches 854 tags 440 MiB
Commit graph

756 commits

Author SHA1 Message Date
David Lawrence
15a4474541 word wrap copyright notice at column 70 2000-07-27 09:55:03 +00:00
Andreas Gustafsson
4d9b99ccb2 the client control event should be a server event, 
not a DNS library event
 2000-07-26 23:45:55 +00:00
Michael Sawyer
761a1c3761 Add sanitizer and hide per-master key code behind sanitizing #ifdefs 2000-07-26 18:47:43 +00:00
Andreas Gustafsson
a32738e3e4 352. [bug] Race condition in dns_client_t startup could cause 
an assertion failure.
 2000-07-26 17:39:12 +00:00
Brian Wellington
1702f1a0fe Add a 'fetchoptions' field to the query structure, which is currently 0 
unless the query has the cd bit set.
 2000-07-25 21:37:05 +00:00
Brian Wellington
7e0d7323d7 Detach from the iplist obtained from *_getalsonotify. 2000-07-25 20:26:11 +00:00
Brian Wellington
5d9e3392b2 Add support for the cd (checking disabled) bit. Setting the cd bit in a 
query still doesn't completely work, since the resolver needs to be modified
also.  Basically, if data is in the cache and trust == pending, it will now
be returned when the cd bit is set.
 2000-07-25 01:06:18 +00:00
Michael Graff
ef653fbdb1 implement 'notify [ yes | no | explicit ]' 2000-07-24 22:59:44 +00:00
Andreas Gustafsson
4abad71e79 bumped recursive client quota from 100 to 1000 2000-07-24 18:45:50 +00:00
Michael Sawyer
0371079513 Wire up key option in masters line. 2000-07-21 23:13:59 +00:00
Michael Sawyer
9b72c4648f Internal code for masters with key entries. Not wired into config yet. 2000-07-21 18:47:23 +00:00
Andreas Gustafsson
b0e67b3020 removed unnecessary call to isc_socket_cancel() 2000-07-19 20:34:14 +00:00
Brian Wellington
70c2802fd7 In query_addbestns, check that both the rdataset and sigrdataset are not 
pending before adding them.
 2000-07-18 22:24:45 +00:00
Brian Wellington
663841abe0 338. [bug] lwresd logged to syslog as named, not lwresd. 2000-07-18 17:50:02 +00:00
Brian Wellington
9df7d74e42 Use isc_base64_decodestring() instead of an explicit lexer. 2000-07-18 01:14:17 +00:00
Brian Wellington
7a184cd4e5 don't copy a name structure, copy a pointer. 2000-07-18 00:44:52 +00:00
Andreas Gustafsson
3668b37b8b cleaner, but more invasive, fix to 335. 2000-07-17 23:19:14 +00:00
Brian Wellington
178f73169a 335. [bug] named would occasionally attempt recursion when 
it was disallowed or undesired.
 2000-07-17 18:43:32 +00:00
Andreas Gustafsson
d987e0d8e8 reviewed and edited; removed lwres intro material 
that is better covered in lwres(3)
 2000-07-17 17:49:25 +00:00
David Lawrence
1867b6276e char secret[], for decoding the base64 string, should not have been const 2000-07-14 14:57:24 +00:00
Mark Andrews
8d51d9e67e 331. [bug] Only log "recursion denied" if RD is set. (RT #178) 2000-07-14 02:26:22 +00:00
Brian Wellington
720319de67 Call isc_log_wouldlog in ns_client_log 2000-07-13 00:21:27 +00:00
David Lawrence
3dae6c4675 minor cleanups from review 2000-07-12 19:39:49 +00:00
Brian Wellington
8d790f3e95 When lwresd is shutting down, don't explicitly send shutdown events to the 
clientmgr tasks, since the task manager already sends them.
 2000-07-12 19:03:08 +00:00
David Lawrence
e9729674d6 don't warn about missing keys{} clause or non-inet type, since the config 
parser will have already warned about that.
 2000-07-12 15:33:41 +00:00
Andreas Gustafsson
52eae74966 reviewed and edited 2000-07-12 02:07:32 +00:00
David Lawrence
eae2a15326 use ns_g_server->aclenv to match localhost and localnets in the allow{} clause 2000-07-11 23:02:32 +00:00
David Lawrence
ce2be9b721 329. [func] omapi_auth_register() now takes a size_t argument for 
the length of a key's secret data.  Previously
			OMAPI only stored secrets up to the first NUL byte.

This change was made to cope with decoded base64 secrets, so in this
revision omapiconf.c and rndc.c also decode the secret.
 2000-07-11 22:03:12 +00:00
David Lawrence
a9ec4f7ca5 confparser allows the keys clause to be missing from the controls statement, 
but it is really required.  warn when it is absent and skip the channel.
 2000-07-10 22:04:08 +00:00
David Lawrence
3a72577619 include named/omapi.h 2000-07-10 22:02:38 +00:00
David Lawrence
77e38fb51c the presence of a "unix" control channel type in named.conf caused all hell 
to break loose
 2000-07-10 21:49:00 +00:00
Andreas Gustafsson
04d58db327 321. [bug] When synthesizing a CNAME RR for a DNAME 
response, query_addcname() failed to intitialize
                        the type and class of the CNAME dns_rdata_t,
                        causing random failures.
 2000-07-10 18:33:25 +00:00
Andreas Gustafsson
880b031d5b use typedef to avoid multiple identical but incompatible 
struct definitions for ISC_LIST(ns_omapilistener_t), so that
ISC_LIST_APPENDLIST can be used
 2000-07-10 16:47:48 +00:00
David Lawrence
84f4e4a656 319. [func] The named.conf "controls" statement is now used 
to configure the OMAPI command channel.
[RT #145]
 2000-07-10 11:35:02 +00:00
Brian Wellington
71954c9571 I lied. This should be the last change to the setuid() code. Call 
initgroups() from ns_os_inituserinfo, and make sure that Linux initially has
the CAP_SETGID capability set so that it doesn't fail.
 2000-07-08 00:12:21 +00:00
Brian Wellington
c336121fb5 Hopefully the last change to the setuid code. Only call initgroups() 
if getuid() == 0.  Don't call ns_os_changeuser() more than once (it
could happen on Linux).

The code in its current form doesn't check for root before calling
setgid() or setuid(), since they'll fail and print reasonable error
messages (unless -u is supplied with the non-root user that ran named,
in which case it would succeed).  The call to initgroups() would fail for
non root, so it shouldn't be tried.

The previous (as of a few days ago) code just ignored the -u parameter
when named was run as non-root.  This was not good.
 2000-07-07 23:53:35 +00:00
Brian Wellington
4e5388b459 Clean up the uid switching code again so that setgid() is called in 
ns_os_changeuser().
 2000-07-07 22:10:54 +00:00
Brian Wellington
baeb4bcf32 In query_find(), if we're looking up a key and dns_db_find() returns 
DNS_R_DELEGATION, don't use the domain & ns set found by dns_db_find().
This means that a recursive server will not immediately ask the child zone
for a key set at the apex; the resolver will determine who to ask.
 2000-07-06 02:27:26 +00:00
Andreas Gustafsson
4defd73fca This is "the glue fix". It changes the additional data lookup 
algorithm to more closely follow RFC1035, so that root servers will
provide a more complete set of name server glue addresses in ccTLD
referral responses.

For non-referral responses, the server no longer uses glue as
additional data.

For referral responses, the servers now looks for glue A/AAAA/A6 RRs
in the zone where the NS RRs reside, even in the case where this is
different from the zone where the A/AAAA/A6 RRs would have resided had
they been authoritative data.

A6 chains included as additional info may not yet fully follow these
rules.
 2000-07-05 23:10:06 +00:00
Andreas Gustafsson
c6ab6ca3fd moved linux_keepcaps() call and check for Linux nonroot caps back 
to earlier locations; use a separate boolean flag for keeping track of whether a
UID switch was requested rather than overloading the UID value zero
 2000-07-05 22:03:42 +00:00
Andreas Gustafsson
a074e41b97 style and new comments; no functional change 2000-07-04 01:33:47 +00:00
Brian Wellington
1e105376dd linux_keepcaps() was called without checking the various defines that 
surrounded the function definition.
 2000-07-03 20:00:44 +00:00
Brian Wellington
79e873be59 The reordering of code in the last change broke linux, since the determination 
of whether we could call setuid() was moved after the check.
 2000-07-03 18:28:38 +00:00
David Lawrence
202991557a 299. [cleanup] Get the user and group information before changing the 
root directory, so the administrator does not need to
			keep a copy of the user and group databases in the
			chroot'ed environment.  Suggested by Hakan Olsson.
 2000-07-01 00:48:06 +00:00
Andreas Gustafsson
8f874cca90 removed unnecessary locking in ns_interface_shutdown() that 
caused the server to deadlock on shutdown on the Alphas.
 2000-06-30 02:48:06 +00:00
Michael Graff
15197aefa1 workaround for NetBSD - close FDs before dup2(). 2000-06-28 16:26:40 +00:00
David Lawrence
fb1086b1f4 rm -f lwresd before trying to link it to named in the install target. 2000-06-28 02:54:55 +00:00
Jim Reid
1b32c4783f minor corrections to -n option description as recommended by Brian 2000-06-28 02:51:46 +00:00
Brian Wellington
57506ed769 Fix memory context leak. 2000-06-28 00:06:25 +00:00
Brian Wellington
a1f8303b1b don't print the configuration to stderr by default 2000-06-27 22:50:43 +00:00