upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-03 14:00:47 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
27029 commits 18 branches 854 tags 440 MiB
Commit graph

2084 commits

Author SHA1 Message Date
Michał Kępień
bb2dfb3f49 Add dns_zone_logv() 
Add a new libdns function, dns_zone_logv(), which takes a single va_list
argument rather than a variable number of arguments and can be used as a
base for implementing more specific zone logging functions.
 2018-06-11 12:49:06 +02:00
Ondřej Surý
27593e65dc Remove support for obsoleted ECC-GOST (GOST R 34.11-94) algorithm 2018-06-05 09:14:14 +02:00
Tony Finch
abfbedc0b1 Move NSID logging to its own category 
It is very verbose, so it is useful to be able to filter it out.
 2018-06-05 12:10:37 +10:00
Evan Hunt
7fbffa6c44 remove #ifndef DNS_RBT_USEHASH from rbtdb.c 
- this was a compile time option to disable the use of a hash table in
  the RBTDB. the code path without the hash table was buggy and
  untested, and unlikely to be needed by anyone anyway.
 2018-05-25 09:12:17 -07:00
Evan Hunt
e324449349 remove the experimental authoritative ECS support from named 
- mark the 'geoip-use-ecs' option obsolete; warn when it is used
  in named.conf
- prohibit 'ecs' ACL tags in named.conf; note that this is a fatal error
  since simply ignoring the tags could make ACLs behave unpredictably
- re-simplify the radix and iptable code
- clean up dns_acl_match(), dns_aclelement_match(), dns_acl_allowed()
  and dns_geoip_match() so they no longer take ecs options
- remove the ECS-specific unit and system test cases
- remove references to ECS from the ARM
 2018-05-25 08:21:25 -07:00
Mukund Sivaraman
975afc508d Fix ARM about min-update-interval default for RPZ zones 
Also, use variable names consistent with catz for rpz configuration functions
 2018-05-17 19:02:51 -07:00
Ondřej Surý
3a4f820d62 Replace all random functions with isc_random, isc_random_buf and isc_random_uniform API. 
The three functions has been modeled after the arc4random family of
functions, and they will always return random bytes.

The isc_random family of functions internally use these CSPRNG (if available):

1. getrandom() libc call (might be available on Linux and Solaris)
2. SYS_getrandom syscall (might be available on Linux, detected at runtime)
3. arc4random(), arc4random_buf() and arc4random_uniform() (available on BSDs and Mac OS X)
4. crypto library function:
4a. RAND_bytes in case OpenSSL
4b. pkcs_C_GenerateRandom() in case PKCS#11 library
 2018-05-16 09:54:35 +02:00
Ondřej Surý
55a10b7acd Remove $Id markers, Principal Author and Reviewed tags from the full source tree 2018-05-11 13:17:46 +02:00
Evan Hunt
0795dceda7 remove dangling references to --enable-crypto-rand in doc and comments 2018-05-03 15:03:46 +02:00
Evan Hunt
4247477b61 add header guards in files that were missing them 2018-04-20 19:51:00 -04:00
Evan Hunt
784087390a remove the rbtdb64 database implementation 2018-04-20 16:14:51 -07:00
Evan Hunt
c592655c0f new option "dnskey-sig-validity" 
- overrides "sig-validity-interval" for DNSKEY, CDNSKEY and CDS RRSIGs
 2018-04-20 12:12:08 -07:00
Mark Andrews
68e9315c7d add named.conf option root-key-sentinel 2018-04-18 08:49:55 -07:00
Mukund Sivaraman
0d2a03c290 Add a dns_fixedname_initname() helper function 
This also turns the dns_fixedname macros into functions.
 2018-04-09 12:14:16 +02:00
Witold Kręcicki
102a397e39 libdns refactoring: get rid of multiple versions of dns_keytable_add, dns_iptable_addprefix and dns_iptable_addprefix 2018-04-06 08:04:41 +02:00
Witold Kręcicki
c8aa1ee9e6 libdns refactoring: get rid of multiple versions of dns_dt_create, dns_view_setcache, dns_zt_apply, dns_message_logfmtpacket, dns_message_logpacket, dns_ssutable_checkrules and dns_ttl_totext 2018-04-06 08:04:41 +02:00
Witold Kręcicki
d54d482af0 libdns refactoring: get rid of multiple versions of dns_view_find, dns_view_findzonecut and dns_view_flushcache 2018-04-06 08:04:41 +02:00
Witold Kręcicki
702c022016 libdns refactoring: get rid of multiple versions of dns_xfrin_create, dst_key_generate, dst_lib_init and dst_context_create 2018-04-06 08:04:41 +02:00
Witold Kręcicki
ef0e68bfc3 libdns refactoring: integrate zone->options and zone->options2 into one enum, removing unnecessary flags. 2018-04-06 08:04:41 +02:00
Witold Kręcicki
7dbc6768d6 libdns refactoring: get rid of multiple versions of dns_zone_setfile, dns_zone_notifyreceive, dns_zone_dumptostream, dns_zone_getserial 2018-04-06 08:04:41 +02:00
Witold Kręcicki
42ee8c853a libdns refactoring: get rid of 3 versions of dns_resolver_createfetch 2018-04-06 08:04:41 +02:00
Witold Kręcicki
25cd3168a7 libdns refactoring: get rid of multiple versions of dns_dnssec_findmatchingkeys and dns_dnssec_findzonekeys 2018-04-06 08:04:41 +02:00
Witold Kręcicki
8c12e488f7 libdns refactoring: get rid of multiple versions of dns_request_createraw and dns_request_createvia 2018-04-06 08:04:41 +02:00
Witold Kręcicki
e2a06db7f3 libdns refactoring: get rid of multiple versions of dns_master_loadfile, dns_master_loadfileinc, dns_master_dump, dns_master_dumpinc, dns_master_dumptostream, dns_master_stylecreate 2018-04-06 08:04:41 +02:00
Witold Kręcicki
e20b702418 libdns refactoring: get rid of multiple versions of dns_dispatch_createtcp and dns_dispatch_addresponse, unify dns_dispatch_gettcp and dns_dispatch_gettcp2 2018-04-06 08:04:41 +02:00
Witold Kręcicki
275a6a3bec libdns refactoring: get rid of unnecessary dns_db_dump2 and 3 versions of dns_db_load 2018-04-06 08:04:41 +02:00
Witold Kręcicki
76e17b54ea libdns refactoring: get rid of two versions of dns_client_createx 2018-04-06 08:04:41 +02:00
Witold Kręcicki
d39b3209fb libdns refactoring: get rid of 3 versions of dns_cache_create 2018-04-06 08:04:41 +02:00
Witold Kręcicki
d76ed0da1c libdns refactoring: get rid of two versions of dns_byaddr_createptrname 2018-04-06 08:04:41 +02:00
Witold Kręcicki
f0a07b7546 libdns refactoring: get rid of two versions of dns_adb_createfind and dns_adb_probesize 2018-04-06 08:04:41 +02:00
Witold Kręcicki
3687648384 libdns refactoring: get rid of two versions of dns_acl_match and dns_aclelement_match 2018-04-06 08:04:40 +02:00
Ondřej Surý
b097be17ef Remove unused obsolete isc_hash_* function, and just keep the FNV-1a version 2018-04-04 23:12:14 +02:00
Mukund Sivaraman
d637c9cc03 Fix length of integer that's shifted by DNS_RPZ_ZMASK() 2018-03-19 08:49:41 -04:00
Mukund Sivaraman
0e8907be4d Support 64 RPZ zones by default from 9.13 onwards 2018-03-18 10:07:48 +00:00
Evan Hunt
0fabe0da83 update file headers 2018-03-15 18:33:13 -07:00
Ondřej Surý
843d389661 Update license headers to not include years in copyright in all applicable files 2018-02-23 10:12:02 +01:00
Tinderbox User
72326f7701 update copyright notice / whitespace 2018-02-18 23:47:45 +00:00
Michał Kępień
8e3c16175a Make dns_dt_reopen() request task-exclusive mode on its own 
Instead of relying on the caller to set up task-exclusive mode, make
dns_dt_reopen() enforce task-exclusive mode itself, using the task
specified at dnstap environment creation time.
 2018-02-16 09:39:24 +01:00
Michał Kępień
f199a5a9ae Add dns_dt_create2() 
Implement a new variant of dns_dt_create() to enable a dnstap
environment structure to hold the task in the context of which
dns_dt_reopen() will be executed.
 2018-02-16 09:39:24 +01:00
Evan Hunt
883a9485e9 [master] copyrights 2018-02-15 11:56:13 -08:00
Ondřej Surý
4ff2d36adc Remove whole unused ondestroy callback mechanism 2018-02-12 14:49:32 +01:00
Tinderbox User
2fac9b0be6 update copyright notice / whitespace 2018-02-07 23:45:53 +00:00
Mark Andrews
ec771bbdc8 4885. [security] update-policy rules that otherwise ignore the name 
field now require that it be set to "." to ensure
                        that any type list present is properly interpreted.
                        [RT #47126]
 2018-02-07 13:34:02 +11:00
Tinderbox User
5ce167be2e update copyright notice / whitespace 2018-01-12 23:45:54 +00:00
Mukund Sivaraman
f96133826e Fix various bugs reported by valgrind --tool=memcheck (#46978) 2018-01-13 00:33:35 +05:30
Michał Kępień
2c20fc0d13 [master] Fix LMDB support on OpenBSD; clean up and refactor LMDB-related code 
4835.	[cleanup]	Clean up and refactor LMDB-related code. [RT #46718]

4834.	[port]		Fix LMDB support on OpenBSD. [RT #46718]
 2017-11-30 14:34:04 +01:00
Mark Andrews
3d905e0533 4817. [cleanup] Use DNS_NAME_INITABSOLUTE and DNS_NAME_INITNONABSOLUTE. 
[RT #45433]
 2017-11-13 16:58:12 +11:00
Evan Hunt
9bb007fd2d [master] "zoneload" logging category 
4806.	[func]		Log messages related to loading of zones are now
			directed to the "zoneload" logging category.
			[RT #41640]
 2017-11-01 22:48:12 -07:00
Evan Hunt
c9f8165a06 [master] tag initializing keys 
4798.	[func]		Keys specified in "managed-keys" statements
			are tagged as "initializing" until they have been
			updated by a key refresh query. If initialization
			fails it will be visible from "rndc secroots".
			[RT #46267]
 2017-10-27 15:49:44 -07:00
Evan Hunt
06049b1c6c [master] stats counter for priming queries 
4795.	[func]		A new statistics counter has been added to track
			priming queries. [RT #46313]
 2017-10-26 21:38:43 -07:00