bind9

mirror of https://github.com/isc-projects/bind9.git synced 2026-03-15 07:02:40 -04:00

Author	SHA1	Message	Date
Mark Andrews	9f5443280f	4397. [bug] Update Windows python support. [RT #42538 ]	2016-06-24 16:04:10 +10:00
Mark Andrews	c49e944317	add dns_dt_reopen	2016-06-24 11:20:10 +10:00
Mark Andrews	7d262a3647	4394. [func] Add rndc command "dnstap-reopen" to close and reopen dnstap output filed. [RT #41803]	2016-06-24 09:37:04 +10:00
Mark Andrews	5ba7394a4f	complete the NULL pointer fixes	2016-06-23 12:50:47 +10:00
Mark Andrews	96d49a84ff	4493. [bug] Address potential NULL pointer dereferences in dnstap code.	2016-06-23 12:18:03 +10:00
Tinderbox User	601645a1e8	update copyright notice / whitespace	2016-06-22 23:45:21 +00:00
Mark Andrews	10966da999	4402. [func] Collect statistics for RSSAC02v3 traffic-volume, traffic-sizes and rcode-volume reporting. [RT #41475]	2016-06-23 08:44:54 +10:00
Francis Dupont	393c978065	Added missing catz/ipkeylist symbols to libdns.def.in	2016-06-22 16:31:14 +02:00
Witold Krecicki	4681ab1fc2	4387. [test] Rewritten test suite for catalog zones. [RT #42676 ] 4386. [func] Support for master entries with TSIG keys in catalog zones. [RT #42577]	2016-06-22 10:50:09 +02:00
Mark Andrews	b56bd9b59f	4387. [bug] Change 4336 was not complete leading to SERVFAIL being return as NS records expired. [RT #42683]	2016-06-22 15:26:38 +10:00
Mark Andrews	a3a12fa575	seed is not always used rt42703	2016-06-22 11:12:15 +10:00
Tinderbox User	9f76893bbc	update copyright notice / whitespace	2016-06-20 23:45:20 +00:00
Mark Andrews	2a26c17af9	add isc_buffer_dup and isc_buffer_putdecint	2016-06-21 00:28:25 +10:00
Mark Andrews	278f78a45b	use ISC_PRINT_QUADFORMAT	2016-06-21 00:25:52 +10:00
Witold Krecicki	3f06b888ae	4385. [func] Add support for allow-query and allow-transfer ACLs to catalog zones. [RT #42578]	2016-06-20 13:39:44 +02:00
Mark Andrews	4c3be616f9	Revert "4384. [bug] isc_buffer_reallocate returns wrong result when passed" This reverts commit `01a0206c40`.	2016-06-16 21:15:56 +10:00
Mark Andrews	01a0206c40	4384. [bug] isc_buffer_reallocate returns wrong result when passed a smaller length than what is already allocated. [RT #42612]	2016-06-16 11:37:43 +10:00
Francis Dupont	e211ffb1f1	Check isc_timer_reset return	2016-06-04 09:08:48 +02:00
Francis Dupont	aee6412db2	Address CID 1362495: tbuf covered by an INSIST so never NULL	2016-06-04 08:49:10 +02:00
Evan Hunt	8a5140ab3f	[master] type mismatch	2016-06-02 10:24:39 -07:00
Tinderbox User	1c6d1ca335	update copyright notice / whitespace	2016-06-01 23:45:30 +00:00
Evan Hunt	1a7fb9fb50	[master] ipkeylist.h was in the wrong makefile	2016-06-01 16:12:11 -07:00
Witold Krecicki	ce2dc26bc5	[master] disable isc_ht_32 unit test as it doesn't make sense	2016-06-01 15:19:35 +02:00
Francis Dupont	3933e5c763	Merged rt42563 (ht.c fixes)	2016-06-01 14:49:01 +02:00
Francis Dupont	2020043d8c	Index must be a size_t vs 32 bits	2016-06-01 12:01:06 +02:00
Francis Dupont	2a8aa10492	Merged rt42505 (misc DNSSEC bugs)	2016-06-01 09:18:49 +02:00
Mark Andrews	b621958613	cast to size_t [RT #42537 ]	2016-06-01 13:54:09 +10:00
Evan Hunt	314cb50d1a	[master] add header files to Makefile	2016-05-31 19:01:29 -07:00
Evan Hunt	68b22fa9d7	[master] remove isc_ht_walk from libisc.def	2016-05-31 18:54:22 -07:00
Tinderbox User	7336a12983	update copyright notice / whitespace	2016-05-31 23:45:29 +00:00
Witold Krecicki	e5e402efa7	Merge branch 'master' of repo.isc.org:/proj/git/prod/bind9	2016-06-01 00:30:32 +02:00
Witold Krecicki	b9a56a7f10	[master] update API	2016-06-01 00:29:48 +02:00
Mark Andrews	bba8eb9426	add isc_ht_iter_currentkey and isc_ht_iter_delcurrent_next	2016-06-01 08:28:00 +10:00
Witold Krecicki	1c1ab955ed	Catalog zones: use iterators instead of isc_ht_walk [RT #42529 ]	2016-05-31 23:01:53 +02:00
Evan Hunt	3d0b7d5cc3	[master] zone-directory option for catalog zones 4380. [experimental] Added a "zone-directory" option to "catalog-zones" syntax, allowing local masterfiles for slaves that are provisioned by catalog zones to be stored in a directory other than the server's working directory. [RT #42527]	2016-05-31 10:36:27 -07:00
Mark Andrews	3d1b4bf278	add isc_sha224_data, isc_sha224_end, v isc_sha384_end, isc_sha512_data and isc_sha512_end	2016-05-31 14:29:55 +10:00
Tinderbox User	106368eb50	update copyright notice / whitespace	2016-05-30 23:45:27 +00:00
Mark Andrews	d4609e9eea	Address errors found by Coverity in catalog zones implementation. [RT #42532 ]	2016-05-31 08:12:51 +10:00
Francis Dupont	affa9c9825	Fixed WIN32 (VS 2010 32 bits) compiling problems	2016-05-30 17:10:08 +02:00
Tinderbox User	262bebd081	update copyright notice / whitespace	2016-05-27 23:45:23 +00:00
Witold Krecicki	57651e2c85	[master] fixed bug in isc_ht_iter_next	2016-05-27 19:57:27 +02:00
Mark Andrews	9268297baa	4379. [bug] An INSIST could be triggered if a zone contains RRSIG records with expiry fields that loop using serial number arithmetic. [RT #40571]	2016-05-27 15:24:30 +10:00
Evan Hunt	531074d11a	[master] fixed some test failures	2016-05-26 21:29:54 -07:00
Evan Hunt	7dbcb6fb90	[master] #include <string.h>	2016-05-26 19:21:28 -07:00
Evan Hunt	6c2a76b3e2	[master] copyrights, win32 definitions	2016-05-26 12:36:17 -07:00
Witold Krecicki	7a00d69909	4376. [experimental] Added support for Catalog Zones, a new method for provisioning secondary servers in which a list of zones to be served is stored in a DNS zone and can be propagated to slaves via AXFR/IXFR. [RT #41581] 4375. [func] Add support for automatic reallocation of isc_buffer to isc_buffer_put* functions. [RT #42394]	2016-05-26 21:23:19 +02:00
Mark Andrews	ede52ba98d	4373. [bug] Address undefined behaviour in getaddrinfo. [RT #42479 ]	2016-05-26 12:05:37 +10:00
Mark Andrews	a0f5a5e3c5	4372. [bug] Address undefined behaviour in libt_api. [RT #42480 ]	2016-05-26 11:57:16 +10:00
Evan Hunt	0cbe448914	[master] minimal-any 4371. [func] New "minimal-any" option reduces the size of UDP responses for qtype ANY by returning a single arbitrarily selected RRset instead of all RRsets. Thanks to Tony Finch. [RT #41615]	2016-05-25 13:54:34 -07:00
Mukund Sivaraman	7472cd350f	Don't use %z format specifier that caused crash with rndc stats on some Visual Studio builds	2016-05-19 19:17:47 +05:30
Mark Andrews	049a49c295	4367. [bug] Remove unnecessary assignment of loadtime in zone_touched. [RT #42440]	2016-05-18 12:39:50 +10:00
Mark Andrews	26f652d387	simplify	2016-05-18 10:40:20 +10:00
Mark Andrews	75167fb746	silence compiler warning	2016-05-17 17:33:59 +10:00
Mark Andrews	4ba89a0cfb	9.11.0a2	2016-05-17 13:33:55 +10:00
Mark Andrews	e2047969de	4366. [bug] Address race condition when updating rbtnode bit fields. [RT #42379]	2016-05-17 13:13:45 +10:00
Tinderbox User	05cf9e3285	update copyright notice / whitespace	2016-05-11 23:45:23 +00:00
Mark Andrews	f9ce106cd4	add timestamp target	2016-05-12 09:19:34 +10:00
Tinderbox User	f89adb2c2a	update copyright notice / whitespace	2016-05-05 23:45:48 +00:00
Evan Hunt	28053af04c	[master] nanosecond-accurate file modification times 4361. [cleanup] Where supported, file modification times returned by isc_file_getmodtime() are now accurate to the nanosecond. [RT #41968]	2016-05-05 12:22:26 -07:00
Mark Andrews	5ac427050f	4360. [bug] Silence spurious 'bad key type' message when there is a existing TSIG key. [RT #42195]	2016-05-05 22:27:08 +10:00
Mark Andrews	594d15df25	4359. [bug] Inherited 'also-notify' lists were not being checked by named-checkconf. [RT #42174]	2016-05-05 21:59:09 +10:00
Mark Andrews	374dacca76	add isc_httpd_setfinishhook	2016-05-05 20:51:44 +10:00
Witold Krecicki	19d80ce584	4358. [test] Added American Fuzzy Lop harness that allows feeding fuzzed packets into BIND. [RT #41723]	2016-05-05 11:49:38 +02:00
Mark Andrews	08e36aa5a5	4356. [func] Add the ability to specify whether to wait for nameserver addresses to be looked up or not to rpz with a new modifying directive 'nsip-wait-recurse'. [RT #35009]	2016-05-05 16:29:05 +10:00
Mark Andrews	402c63495c	4354. [bug] Check that the received HMAC length matches the expected length prior to check the contents on the control channel. This prevents a OOB read error. [RT #42215]	2016-05-05 14:19:37 +10:00
Evan Hunt	699f790c49	[master] update pkcs11 headers 4353. [cleanup] Update PKCS#11 header files. [RT #42175]	2016-05-04 15:55:03 -07:00
Tinderbox User	adb31d0b10	update copyright notice / whitespace	2016-04-15 04:53:03 +00:00
Evan Hunt	91499fdb48	[master] fix build error on x86_64 solaris	2016-04-14 19:23:23 -07:00
Evan Hunt	3cd204c4a4	[master] fixed revoked key regression 4436. [bug] Fixed a regression introduced in change #4337 which caused signed domains with revoked KSKs to fail validation. [RT #42147]	2016-04-14 18:52:52 -07:00
Tinderbox User	6ad05c5f46	update copyright notice / whitespace	2016-04-13 23:45:17 +00:00
Evan Hunt	5fdf476b32	[master] fix dns_dtmsg_t type redefinition	2016-04-13 10:12:21 -07:00
Tinderbox User	854a865e16	update copyright notice / whitespace	2016-04-05 23:45:16 +00:00
Mark Andrews	7660b370c3	4344. [port] Address openssl version differences. [RT #42059 ]	2016-04-06 04:31:06 +10:00
Mark Andrews	651be63a11	4343. [bug] dns_dnssec_syncupdate misdeclared in <dns/dnssec.h>. [RT #42090]	2016-04-06 03:31:49 +10:00
Mark Andrews	dd185fb371	attempt to create a node at the flushtree name	2016-03-27 08:25:44 +11:00
Tinderbox User	c19f42a378	update copyright notice / whitespace	2016-03-24 23:45:21 +00:00
Evan Hunt	cb05fb63be	[master] windows: copy missing HTML man pages into zips	2016-03-24 12:26:40 -07:00
Mark Andrews	f442a31fb3	add meminfo.h to list of header files to install	2016-03-24 15:12:14 +11:00
Mark Andrews	ba343be1a1	add nta.h to list of header files to install	2016-03-24 15:10:45 +11:00
Mark Andrews	6214c3c93a	4341. [bug] 'rndc flushtree' could fail to clean the tree if there wasn't a node at the specified name. [RT #41846]	2016-03-24 11:31:25 +11:00
Tinderbox User	a63461cc4b	update copyright notice / whitespace	2016-03-23 23:45:22 +00:00
Evan Hunt	bca79675ee	[master] fix x64 NOP, silence set but not used warning	2016-03-23 12:34:56 -07:00
Evan Hunt	05b7b63f17	[master] more ECS handling fixes	2016-03-23 09:59:42 -07:00
Evan Hunt	395e6865d5	[master] fix ECS with family==0 4341. [bug] Correct the handling of ECS options with address family 0. [RT #41377]	2016-03-23 08:54:46 -07:00
Evan Hunt	11a3f0a049	[master] disallow out-of-range descriptors in isc_socket_fdwatchcreate()	2016-03-22 18:05:32 -07:00
Evan Hunt	cf24cbd837	[master] adaptive RW locks 3440. [performance] Implement adaptive read-write locks, reducing the overhead of locks that are only held briefly. [RT #37329]	2016-03-22 17:59:21 -07:00
Evan Hunt	741cf3d24e	[master] remove obsolete unit test	2016-03-22 17:45:58 -07:00
Tinderbox User	2b9cf58c57	update copyright notice / whitespace	2016-03-22 23:45:15 +00:00
Mark Andrews	558278974e	4338. [bug] Reimplement change 4324 as it wasn't properly doing all the required book keeping. [RT #41941]	2016-03-23 10:38:05 +11:00
Evan Hunt	132a571179	[master] fix mkeys TTL 0 issue 4337. [bug] The previous change exposed a latent flaw in key refresh queries for managed-keys when a cached DNSKEY had TTL 0. [RT #41986]	2016-03-22 12:12:32 -07:00
Tinderbox User	27def92931	update copyright notice / whitespace	2016-03-21 23:45:22 +00:00
Mark Andrews	0993cd5f22	4336. [bug] Don't emit records with zero ttl unless the records were learnt with a zero ttl. [RT #41687]	2016-03-21 13:22:21 +11:00
Mark Andrews	b8dcc13bc5	4335. [bug] zone->view could be detached too early. [RT #41942 ]	2016-03-21 12:02:00 +11:00
Tinderbox User	8e4d56d45d	update copyright notice / whitespace	2016-03-11 23:45:20 +00:00
Mark Andrews	1add4a7939	4333. [maint] L.ROOT-SERVERS.NET is now 199.7.83.42 and 2001:500:9f::42.	2016-03-11 20:36:48 +11:00
Tinderbox User	4a7004f3ce	update copyright notice / whitespace	2016-03-10 23:45:16 +00:00
Mark Andrews	7c52595464	4331. [func] When loading managed signed zones detect if the RRSIG's inception time is in the future and regenerate the RRSIG immediately. [RT #41808]	2016-03-10 17:01:08 +11:00
Mark Andrews	33a4294f44	4330. [protocol] Identify the PAD option as "PAD" when printing out a message.	2016-03-10 16:53:06 +11:00
Tinderbox User	b3fb6947aa	update copyright notice / whitespace	2016-03-09 23:45:20 +00:00
Mark Andrews	31a1cbf101	silence compiler false positive	2016-03-10 08:43:28 +11:00
Mark Andrews	0c7a7793a5	silence compiler warning (cherry picked from commit fa8b66c5f4e6589c6574be0d42b94fbd3084326e)	2016-03-09 15:02:43 +11:00
Mark Andrews	f5e7794860	silence compiler warning (cherry picked from commit `37a931d774`)	2016-03-09 14:43:47 +11:00
Mark Andrews	0e5c8a65a2	silence compiler warning	2016-03-09 12:37:49 +11:00
Mark Andrews	93ca5ee4c4	update copyrights	2016-03-08 16:21:19 +11:00
Mark Andrews	56d1de40e4	add dns_name_isrfc1918 and dns_name_isula	2016-03-08 12:00:27 +11:00
Tinderbox User	0a3a65e3cc	update copyright notice / whitespace	2016-03-07 23:45:22 +00:00
Mark Andrews	d6357f09aa	4329. [func] Warn about a common misconfiguration when forwarding RFC 1918 zones. [RT #41441]	2016-03-08 10:11:23 +11:00
Mukund Sivaraman	8dbf9ceb8c	Repack dns_rbtnode struct to gain some space (reduce packing holes) (#41854 )	2016-03-07 16:11:37 +05:30
Evan Hunt	868b3166b8	[master] silence coverity warning	2016-03-05 19:50:42 -08:00
Mukund Sivaraman	f5cb0dd58b	Fix rbt_remove_empty unittest (reviewed by Evan on Jabber)	2016-03-05 13:53:56 +05:30
Tinderbox User	220ba6da87	update copyright notice / whitespace	2016-03-04 23:45:23 +00:00
Mukund Sivaraman	080b51f164	Revert DEFAULT_NODE_LOCK_COUNT back to 7 (#40997 )	2016-03-04 16:28:22 +05:30
Mukund Sivaraman	2457a4b245	Check if threads support is available	2016-03-04 14:05:22 +05:30
Mukund Sivaraman	051197362b	Use libisc thread functions	2016-03-04 13:58:39 +05:30
Mukund Sivaraman	59328c7674	Add dns_name_fromwire() benchmark	2016-03-04 13:43:45 +05:30
Mukund Sivaraman	275265ab27	Log query and depth counters during fetches when querytrace is enabled (#41787 )	2016-03-04 13:25:37 +05:30
Evan Hunt	d4ed29b019	[rt41656] line length (cherry picked from commit 6957e9451cc7bf89d44716dfe4266281867e00e5)	2016-03-04 13:01:54 +05:30
Mark Andrews	8398f00156	4326. [protocol] Add support for AVC. [RT #41819	2016-03-04 18:11:41 +11:00
Mukund Sivaraman	9da98335c1	Code cleanups (#41656 )	2016-03-04 12:18:17 +05:30
Evan Hunt	44c86318ed	[master] recursively clean empty interior nodes when deleting database records 4324. [bug] When deleting records from a zone database, interior nodes could be left empty but not deleted, damaging search performance afterward. [RT #40997]	2016-03-03 21:13:42 -08:00
Tinderbox User	f254ab049e	update copyright notice / whitespace	2016-03-02 23:45:17 +00:00
Mark Andrews	ce7216c40a	4223. [bug] Improve HTTP header processing on statschannel. [RT #41674]	2016-03-02 11:04:59 +11:00
Mark Andrews	c7aae79b62	silence may be used when unset false positive	2016-02-29 11:24:15 +11:00
Mark Andrews	2de89ee9de	Part 2 of: 4319. [security] Fix resolver assertion failure due to improper DNAME handling when parsing fetch reply messages. (CVE-2016-1286) [RT #41753]	2016-02-29 07:16:48 +11:00
Mark Andrews	455c0848f8	4322. [security] Duplicate EDNS COOKIE options in a response could trigger an assertion failure. (CVE-2016-2088) [RT #41809]	2016-02-27 11:23:50 +11:00
Mark Andrews	f9da4a8e54	4321. [bug] Zones using mapped files containing out-of-zone data could return SERVFAIL instead of the expected NODATA or NXDOMAIN results. [RT #41596]	2016-02-24 11:13:24 +11:00
Tinderbox User	62735fcde3	update copyright notice / whitespace	2016-02-23 23:45:35 +00:00
Mukund Sivaraman	293a9e9978	Fix allocation for "none" ACL that caused assertion failure (#41745 )	2016-02-23 12:51:34 +05:30
Mukund Sivaraman	5995fec51c	Fix resolver assertion failure due to improper DNAME handling (CVE-2016-1286) (#41753 )	2016-02-22 12:22:43 +05:30
Tinderbox User	53ba272721	update copyright notice / whitespace	2016-02-18 23:45:32 +00:00
Mark Andrews	a2b15b3305	4318. [security] Malformed control messages can trigger assertions in named and rndc. (CVE-2016-1285) [RT #41666]	2016-02-18 12:11:27 +11:00
Mukund Sivaraman	5ac25749e7	Add missing win32 defs	2016-02-12 14:54:52 +05:30
Evan Hunt	93c211afc9	[master] fixed a regression in dyndb due to change #4277	2016-02-12 00:22:45 -08:00
Mark Andrews	d372f426ca	4317. [bug] Age all unused servers on fetch timeout. [RT #41597 ]	2016-02-12 12:32:58 +11:00
Mark Andrews	b91d11bfcc	copyrights / whitespace	2016-02-11 10:44:21 +11:00
Mukund Sivaraman	79a55d4f4d	Add option to tools to print RRs in unknown presentation format (#41595 )	2016-02-09 15:39:02 +05:30
Mukund Sivaraman	9267cc8e83	Remove nodechain from dns_rbt_addnode() (#41246 )	2016-02-08 15:10:50 +05:30
Mukund Sivaraman	614ce1b65f	Add tests for hash function, and comment dns_rbt_addnode() (#41179 ) No CHANGES entry necessary.	2016-02-08 14:52:08 +05:30
Mark Andrews	8d00c5ab2c	4312. [bug] dig's unknown dns and edns flags (MBZ value) logging was not consistent. [RT #41600]	2016-02-02 14:19:22 +11:00
Tinderbox User	8b074bef0c	update copyright notice / whitespace	2016-02-01 23:45:25 +00:00
Mukund Sivaraman	d1dbf6b20f	Use __built_expect() where available (#41411 )	2016-02-01 08:59:49 +05:30
Tinderbox User	3947e3625a	update copyright notice / whitespace	2016-01-31 23:45:23 +00:00
Evan Hunt	3fe17d62e3	[master] remove "none" from log messages when parsing global config 4309. [cleanup] Remove the spurious "none" filename from log messages when processing built-in configuration. [RT #41594]	2016-01-31 10:17:13 -08:00
Evan Hunt	30370d905e	[master] removed /Gy- from VS project files 4302. [port] win32: fixed a build error in VS 2015. [RT #41426]	2016-01-27 15:27:57 -08:00
Evan Hunt	7f7eb969f5	[master] print syncpublish and syncdelete in key file comments	2016-01-25 08:03:07 -08:00
Tinderbox User	7d4f45f6bd	update copyright notice / whitespace	2016-01-21 23:45:23 +00:00
Mark Andrews	1d383fd4b2	4299. [bug] Check that exactly totallen bytes are read when reading a RRset from raw files in both single read and incremental modes. [RT #41402]	2016-01-21 15:33:08 +11:00
Mark Andrews	3ecc17d551	4298. [bug] dns_rpz_add errors in loadzone were not being propogated up the call stack. [RT #41425]	2016-01-21 14:43:04 +11:00
Evan Hunt	2879ee2c72	[master] fix unchecked result 4295. [bug] An unchecked result in dns_message_pseudosectiontotext() could allow incorrect text formatting of EDNS EXPIRE options. [RT #41437]	2016-01-20 17:19:19 -08:00
Mark Andrews	73fbd4c9d3	4293. [bug] Address memory leak on priming query creation failure. [RT #41512]	2016-01-20 16:38:11 +11:00
Tinderbox User	16201b15a6	update copyright notice / whitespace	2016-01-17 23:45:21 +00:00
Evan Hunt	b4ccec331d	[master] added sockaddr.h 4291. [cleanup] Added a required include to dns/forward.h. [RT #41474]	2016-01-14 10:27:09 -08:00
Francis Dupont	bdd9d37c96	Fixed small bugs in WIN32 legacy	2016-01-13 15:22:52 +01:00
Evan Hunt	bb5d14d724	[master] millisecond granularity for statschannel timers 4290. [func] The timers returned by the statistics channel (indicating current time, server boot time, and most recent reconfiguration time) are now reported with millisecond accuracy. [RT #40082]	2016-01-07 15:34:58 -08:00
Tinderbox User	feb1ccdaf1	update copyright notice / whitespace	2016-01-05 23:45:26 +00:00
Evan Hunt	0302fcbf7e	[master] check addrlen/scopelen fit within family address length	2016-01-05 13:39:44 -08:00
Evan Hunt	1330ae5fc2	[master] check ECS address length	2016-01-05 12:17:54 -08:00
Francis Dupont	f2453ece5b	Silent WIN64 warnings	2016-01-05 18:37:31 +01:00
Evan Hunt	c8b968f414	[master] fix use after free on xfr timeout 4289. [bug] The server could crash due to memory being used after it was freed if a zone transfer timed out. [RT #41297]	2016-01-04 22:05:23 -08:00
Evan Hunt	41494939b6	[master] fixed bogus server regression 4288. [bug] Fixed a regression in resolver.c:possibly_mark() which caused known-bogus servers to be queried anyway. [RT #41321]	2016-01-04 15:47:16 -08:00
Francis Dupont	7e9140c6b1	Updated copyrights (2)	2016-01-05 00:34:53 +01:00
Francis Dupont	343aeac717	Updated WIN32 files (rt40877)	2016-01-04 17:27:31 +01:00
Tinderbox User	0796eca5f7	update copyright notice / whitespace	2015-12-31 11:45:08 +00:00
Mark Andrews	292eb9c4e4	4286. [security] render_ecs errors were mishandled when printing out a OPT record resulting in a assertion failure. (CVE-2015-8705) [RT #41397] (cherry picked from commit `3e0c1603a8`)	2015-12-31 22:19:46 +11:00
Mark Andrews	1b3d211802	4285. [security] Specific APL data could trigger a INSIST. (CVE-2015-8704) [RT #41396]	2015-12-31 13:43:21 +11:00
Tinderbox User	7321d8df7b	update copyright notice / whitespace	2015-12-27 23:45:24 +00:00
Evan Hunt	fbed5f0f44	[master] fix geoip options 4284. [bug] Some GeoIP options were incorrectly documented using abbreviated forms which were not accepted by named. The code has been updated to allow both long and abbreviated forms. [RT #41381]	2015-12-26 10:50:32 -08:00
Mark Andrews	bed6e9d614	4383. [bug] OPENSSL_config is no longer re-callable. [RT #41348 ]	2015-12-24 10:31:07 +11:00
Mark Andrews	27deca2bf0	don't mix IPv4 and IPv6 capability bits	2015-12-17 08:17:00 +11:00
Curtis Blackburn	9effea437d	[rt41269] additional tests for dig and delv, fix for --disable-ipv6 on osx, fixes for tests with --disable-ipv6	2015-12-15 11:58:28 -08:00
Mark Andrews	f647c0df9f	4281. [bug] Teach dns_message_totext about BADCOOKIE. [RT #41257 ]	2015-12-15 19:49:40 +11:00
Mukund Sivaraman	ecc06cbc32	Use optimal message sizes to improve compression in AXFRs (#40996 )	2015-12-15 13:24:14 +05:30
Mark Andrews	94c7301f6f	4279. [test] Don't use fixed ports when unit testing. [RT #41194 ]	2015-12-15 12:50:32 +11:00
Tinderbox User	6d27aeb4e2	update copyright notice / whitespace	2015-12-11 23:45:22 +00:00
Mark Andrews	564968bc0a	whitespace	2015-12-11 14:29:18 +11:00
Tinderbox User	2a37470065	update copyright notice / whitespace	2015-12-09 23:45:23 +00:00
Evan Hunt	f21d2ee372	[master] comments	2015-12-09 08:54:04 -08:00
Mukund Sivaraman	22f379298c	Disable the RBT benchmark unittest	2015-12-09 19:15:46 +05:30
Mukund Sivaraman	5d79b60fc5	Improve performance of RBT (#41165 )	2015-12-09 19:10:55 +05:30
Tinderbox User	6c1f9f5c71	update copyright notice / whitespace	2015-12-07 23:45:25 +00:00
Mark Andrews	322e6b5be7	4276. [protocol] Add support for SMIMEA. [RT #40513 ]	2015-12-08 08:16:41 +11:00
Mukund Sivaraman	27bc16fcdc	Lazily initialize dns_compress->table only when compression is enabled (#41189 )	2015-12-07 12:48:57 +05:30
Mukund Sivaraman	5b13a593fe	Speed up typemap_fromtext() (#41196 )	2015-12-07 12:34:57 +05:30
Mark Andrews	95bef099e9	4273. [bug] Only call dns_test_begin() and dns_test_end() once each in nsec3_test as it fails with GOST if called multiple times.	2015-12-07 17:52:37 +11:00
Mark Andrews	a12a21a843	bracket mismatch; window openssl version check	2015-12-06 23:05:47 +11:00
Evan Hunt	226dd20bbd	[master] isc__taskmgr_pause() could deadlock 4271. [test] Unit tests could deadlock in isc__taskmgr_pause(). [RT #41235]	2015-12-03 20:49:28 -08:00
Evan Hunt	4071efbec0	[master] disallow map zones in response-policy 4269. [bug] Zones using "map" format master files currently don't work as policy zones. This limitation has now been documented; attempting to use such zones in "response-policy" statements is now a configuration error. [RT #38321]	2015-12-02 21:10:09 -08:00
Tinderbox User	f30a3f28db	update copyright notice / whitespace	2015-11-30 23:45:24 +00:00
Mark Andrews	8e73941f33	4265. [bug] Address unchecked isc_mem_get calls. [RT #41187 ]	2015-11-30 10:29:29 +11:00
Tinderbox User	af0bea7aa7	update copyright notice / whitespace	2015-11-20 23:45:23 +00:00
Mark Andrews	5b1c7ef35b	4264. [bug] Check const of strchr/strrchr assignments match argument's const status. [RT #41150]	2015-11-20 18:38:24 +11:00
李昶	65f6e2f909	Cleanup in journal_open() correctly (#41129 )	2015-11-19 11:20:59 +05:30
Mukund Sivaraman	7bc21557f3	Fix bug in epoll_ctl() usage causing blocked connections (#41067 )	2015-11-19 11:01:45 +05:30
Tinderbox User	69b10c86b9	update copyright notice / whitespace	2015-11-18 23:45:27 +00:00
Mark Andrews	c2955d0abd	win32: new -> newtable (cherry picked from commit 5060d8639e932680456ab07519687d68298be5e0)	2015-11-18 15:44:46 +11:00
Mark Andrews	268c4e79c4	4261. [maint] H.ROOT-SERVERS.NET is 198.97.190.53 and 2001:500:1::53. [RT #40556]	2015-11-17 13:16:44 +11:00
Mark Andrews	6b9f38958c	update 9.9.x range	2015-11-17 12:45:21 +11:00
Francis Dupont	dd784c18ef	Merged VS 2015 64 bit warnings (#40373 )	2015-11-16 17:47:10 +01:00
Mark Andrews	0d44dd6131	add dns_message_setclass	2015-11-16 14:27:08 +11:00
Mark Andrews	c8821d124c	4260. [security] Insufficient testing when parsing a message allowed records with an incorrect class to be be accepted, triggering a REQUIRE failure when those records were subsequently cached. (CVE-2015-8000) [RT #4098]	2015-11-16 13:12:20 +11:00
Mark Andrews	2df63247be	check dns_test_begin result	2015-11-11 22:38:39 +11:00
Mukund Sivaraman	58f7af60e7	Allow non-destructive control channel access using a "read-only" clause (#40498 )	2015-11-11 13:46:57 +05:30
Tinderbox User	3865e18d3d	update copyright notice / whitespace	2015-11-09 23:45:22 +00:00
Evan Hunt	e13d04fda9	[master] fix python script versions 4257. [cleanup] Python scripts reported incorrect version. [RT #41080]	2015-11-08 21:34:24 -08:00
Tinderbox User	4ba2689c1f	update copyright notice / whitespace	2015-11-05 23:45:25 +00:00
Mark Andrews	f4b1a7e063	add dns_compress_disable	2015-11-06 00:15:23 +11:00
Witold Krecicki	bfd4b9e11a	4255. [func] Add 'message-compression' option to disable DNS compression in responses. [RT #40726 ]	2015-11-05 12:19:04 +01:00
Mark Andrews	29868ebbe3	4254. [bug] Address missing lock when getting zone's serial. [RT #41072]	2015-11-05 17:43:30 +11:00
Mark Andrews	2f450fcd29	4253. [bug] Address fetch context reference count handling error on socket error. [RT#40945]	2015-11-05 17:10:10 +11:00
Mark Andrews	e939674d53	4252. [func] Add support for automating the generation CDS and CDNSKEY rrsets to named and dnssec-signzone. [RT #40424]	2015-11-05 12:09:48 +11:00
Evan Hunt	09f82f5079	[master] log TSIG key on xfrin 4250. [func] Log the TSIG key in use during inbound zone transfers. [RT #41075]	2015-11-02 20:13:13 -08:00
Tinderbox User	d4a69308f5	update copyright notice / whitespace	2015-10-29 23:45:34 +00:00
Evan Hunt	702e9f43bc	[master] typo	2015-10-29 15:50:36 -07:00
Mark Andrews	7c38fa994b	0xf5f5f5f5f5f5f5f5 is a LLU	2015-10-30 08:11:48 +11:00
Mark Andrews	8475bed9de	4249. [func] Improve error reporting of TSIG / SIG(0) records in the wrong location. [RT #40953]	2015-10-29 17:03:03 +11:00
Evan Hunt	821ff5e8fa	[master] isc_atomic_storeq()/stats improvements 4248. [func] Add an isc_atomic_storeq() function, use it in stats counters to improve performance. [RT #39972] [RT #39979]	2015-10-28 22:19:18 -07:00
Mark Andrews	72ac929f2b	4244. [bug] The parser was not reporting that use-ixfr is obsolete. [RT #41010]	2015-10-29 12:51:17 +11:00
Mark Andrews	a70fc47e9d	4243. [func] Improved stats reporting from Timothe Litt. [RT #38941 ]	2015-10-28 09:45:46 +11:00
Mark Andrews	c07c0517ca	remove trailing blank line	2015-10-22 16:37:12 +11:00
Mark Andrews	79f0eedd65	cleanup trailing whitespace	2015-10-22 16:24:03 +11:00
Mark Andrews	30eec077db	cleanup trailing white space in SGML like files	2015-10-22 16:09:46 +11:00
Mark Andrews	f824c65d1f	4340. [port] Fix LibreSSL compatibility. [RT #40977 ]	2015-10-19 10:43:58 +11:00
Mark Andrews	ffafab1328	remove redundant geoip.c in DNSSRCS	2015-10-16 23:21:20 +11:00
Mark Andrews	20ac20d6e8	remove INSIST and unconditionally call isc_stdio_close	2015-10-16 17:23:35 +11:00
Tinderbox User	43cc3edce9	update copyright notice / whitespace	2015-10-15 23:45:22 +00:00
Mark Andrews	6588a2b404	4238. [bug] Don't send to servers on net zero (0.0.0.0/8). [RT #40947]	2015-10-16 08:00:15 +11:00
Mark Andrews	567196d10a	INSIST(f != NULL) to silence coverity false positive	2015-10-16 07:17:25 +11:00
Evan Hunt	61d789916f	[master] silence coverity warnings	2015-10-08 09:56:48 -07:00
Evan Hunt	0110f71a78	[master] dyndb.h renamed	2015-10-08 09:26:20 -07:00
Evan Hunt	0316be2d77	[master] restore test for unknown meta types - this test was incorrectly removed from the 9.11 branch some time ago, but has remained in the maintenance branches	2015-10-07 00:28:17 -07:00
Tinderbox User	fd2597f756	regen master	2015-10-07 04:11:09 +00:00
Tinderbox User	010a51c427	regen master	2015-10-07 01:06:58 +00:00
Tinderbox User	19c7b1a029	update copyright notice / whitespace	2015-10-06 23:45:23 +00:00
Tinderbox User	2eeb74d1cf	regen master	2015-10-06 05:45:21 +00:00
Evan Hunt	14a656f94b	[master] upgrade doc toolchain 4237. [doc] Upgraded documentation toolchain to use DocBook 5 and dblatex. [RT #40766]	2015-10-05 21:59:35 -07:00
Mark Andrews	09e42eb9e9	add <stdlib.h> for exit(3)	2015-10-06 14:10:49 +11:00
Tinderbox User	244d11a227	update copyright notice / whitespace	2015-10-03 23:45:23 +00:00
Evan Hunt	4a84f8899b	[master] silence "missing initializer" warning	2015-10-02 18:47:33 -07:00
Tinderbox User	a625502bdd	update copyright notice / whitespace	2015-10-02 23:45:32 +00:00
Evan Hunt	48b2a92da2	[master] missing .def entries, print.h	2015-10-02 14:38:59 -07:00
Francis Dupont	9a94a77a62	Added dns_master_styleflags	2015-10-02 23:01:18 +02:00
Evan Hunt	b66b333f59	[master] dnstap 4235. [func] Added support in named for "dnstap", a fast method of capturing and logging DNS traffic, and a new command "dnstap-read" to read a dnstap log file. Use "configure --enable-dnstap" to enable this feature (note that this requires libprotobuf-c and libfstrm). See the ARM for configuration details. Thanks to Robert Edmonds of Farsight Security. [RT #40211]	2015-10-02 12:32:42 -07:00
Witold Krecicki	a239044323	4234. [func] Add deflate compression in statistics channel HTTP server. [RT #40861]	2015-10-02 10:45:10 +02:00
Mark Andrews	1b1f6d21c7	curr_srtt = curr->srtt	2015-10-02 07:45:45 +10:00
Mark Andrews	b959848051	compare curr_srtt and best_srtt	2015-10-01 22:12:56 +10:00
Mark Andrews	30f8d5e386	remove deadcode; move NULL assignment arlier	2015-10-01 22:12:02 +10:00
Tinderbox User	551e0d486d	update copyright notice / whitespace	2015-09-30 23:45:36 +00:00
Mark Andrews	24231afa05	4229. [bug] A variable could be used uninitalised in dns_update_signaturesinc. [RT #40784]	2015-09-30 15:28:57 +10:00
Mark Andrews	8a0b6b3901	4228. [bug] Address race condition in dns_client_destroyrestrans. [RT #40605]	2015-09-30 14:58:31 +10:00
Mark Andrews	2a12984ce6	4227. [bug] Silence static analysis warnings. [RT #40828	2015-09-30 14:14:47 +10:00
Tinderbox User	55cfbf322d	update copyright notice / whitespace	2015-09-29 23:45:32 +00:00
Evan Hunt	40c619daee	[master] fix theoretical shutdown race 4226. [bug] Address a theoretical shutdown race in zone.c:notify_send_queue(). [RT #38958]	2015-09-29 15:27:12 -07:00
Evan Hunt	a00f9e2f50	[master] merge dyndb 4224. [func] Added support for "dyndb", a new interface for loading zone data from an external database, developed by Red Hat for the FreeIPA project. DynDB drivers fully implement the BIND database API, and are capable of significantly better performance and functionality than DLZ drivers, while taking advantage of advanced database features not available in BIND such as multi-master replication. Thanks to Adam Tkac and Petr Spacek of Red Hat. [RT #35271]	2015-09-28 23:12:35 -07:00
Mark Andrews	7867d18ce0	Introduce end-of-line normalization	2015-09-29 08:25:35 +10:00
Mark Andrews	85e7a259a4	re-organise sort to use best_srtt and curr_srtt	2015-09-29 08:06:21 +10:00
Mark Andrews	d8e6cd0f8b	use HAVE_SYS_SYSCTL_H	2015-09-29 07:26:04 +10:00
Francis Dupont	1d96b1a5ad	Removed unused addrbuf	2015-09-28 17:32:40 +02:00
Francis Dupont	722ed14020	Fixed status vs statex	2015-09-28 17:30:07 +02:00
Francis Dupont	29d9a2927c	Fixed project files	2015-09-28 15:46:33 +02:00
Francis Dupont	6066985ca8	Fixed isc_meminfo_totalphys return cast (size_t is not 64 bit)	2015-09-28 15:34:24 +02:00
Francis Dupont	b39bbe3c95	Fixed missing #include "config.h"	2015-09-28 14:50:18 +02:00
Francis Dupont	c4baee15c8	Fixed missing from libisccfg.def	2015-09-28 14:47:20 +02:00
Witold Krecicki	e6d0a391f5	4223. [func] Add support for setting max-cache-size to percentage of available physical memory, set default to 90%. [RT #38442]	2015-09-28 11:08:50 +02:00
Mark Andrews	98a7f8c7ae	4222. [func] Bias IPv6 servers when selecting the next server to query. [RT #40836]	2015-09-28 18:57:19 +10:00
Mark Andrews	8d80b4939d	4221. [bug] Resource leak on DNS_R_NXDOMAIN in fctx_create. [RT #40583]	2015-09-25 09:18:43 +10:00
Mark Andrews	a21c415687	4219. [bug] Set event->result to ISC_R_WOULDBLOCK on EWOULDBLOCK, EGAIN when these soft error are not retried for isc_socket_send*().	2015-09-21 17:22:53 +10:00
Tinderbox User	9268c62bd0	update copyright notice / whitespace	2015-09-18 23:45:23 +00:00
Mark Andrews	4dd41c7d59	4218. [bug] Potential null pointer dereference on out of memory if mmap is not supported. [RT #40777 ]	2015-09-19 07:12:02 +10:00
Mark Andrews	f6e45a5c54	4217. [protocol] Add support for CSYNC. [RT #40532 ]	2015-09-18 23:45:12 +10:00
Mark Andrews	705d56b47a	4216. [cleanup] Silence static analysis warnings. [RT #40649 ]	2015-09-18 23:30:01 +10:00
Mark Andrews	2592ee16b5	document optional class	2015-09-18 13:25:31 +10:00
Mark Andrews	03fac9f931	document that the syslog facility is optional	2015-09-18 13:12:50 +10:00
Mark Andrews	e0a30050c8	4214. [protocol] Add support for TALINK. [RT #40544 ]	2015-09-18 07:43:43 +10:00
Mark Andrews	741b63c869	4212. [func] Re-query if we get a bad client cookie returned over UDP. [RT #40748]	2015-09-17 14:20:32 +10:00
Mark Andrews	f43e5c8ed2	4210. [cleanup] Silence use after free false positive. [RT #40743 ]	2015-09-17 14:05:19 +10:00
Mark Andrews	0f2ecf4b5c	4207. [bug] Handle class mismatches with raw zone files. [RT #40746]	2015-09-16 10:43:22 +10:00
Evan Hunt	226339ed43	[master] spurious spaces in named-checkconf -p 4205. [bug] 'named-checkconf -p' could include unwanted spaces when printing tuples with unset optional fields. [RT #40731]	2015-09-14 08:50:17 -07:00
Mark Andrews	5a49f61ca9	4199. [protocol] Add support for NINFO, RKEY, SINK, TA. [RT #40545] [RT #40547] [RT #40561] [RT #40563]	2015-09-11 17:35:01 +10:00
Evan Hunt	4523c3b371	[master] incorrect result code in isccc 4202. [bug] isccc_cc_fromwire() could return an incorrect result. [RT #40614]	2015-09-11 00:04:25 -07:00
Mark Andrews	3fa134363f	4200. [cleanup] win32: update BINDinstall to be BIND release independent. [RT #38915]	2015-09-11 12:25:39 +10:00
Tinderbox User	f28c6dc514	update copyright notice / whitespace	2015-09-10 23:46:28 +00:00
Mark Andrews	3dd63ba00f	4199. [protocol] Add support for NINFO, RKEY, TA. [RT #40545] [RT #40547] [RT #40563]	2015-09-10 17:58:29 +10:00
Mark Andrews	63874956de	4199. [protocol] Add support for NINFO, RKEY. [RT #40547 ] [RT #40563 ]	2015-09-10 17:07:05 +10:00
Mark Andrews	8b29fc0b7a	4199. [protocol] Add support for RKEY. [RT #40563 ]	2015-09-10 14:50:20 +10:00
Evan Hunt	d37f4738f4	[master] clean up dead code	2015-09-09 08:38:23 -07:00
Mark Andrews	4ca7391e64	4196. [doc] Improve how "enum + other" types are documented. [RT #40608] 4195. [bug] 'max-zone-ttl unlimited;' was broken. [RT #40608]	2015-09-09 17:02:11 +10:00
Mark Andrews	fbd9aaa58c	4194. [bug] named-checkconf -p failed to properly print a port range. [RT #40634]	2015-09-09 16:49:11 +10:00
Mark Andrews	3b83676e07	*.vcxproj.in should use CRLF as EOL	2015-08-27 21:57:18 +00:00
Evan Hunt	bcae9a15c1	[master] s/the the/the/	2015-08-27 14:11:27 -07:00
Mark Andrews	91f66e374b	eol -> crlf	2015-08-26 12:43:08 +10:00
Mark Andrews	7ec3c447fd	copy notes.pdf to Build\Releasei and link to it from index.html	2015-08-26 12:11:07 +10:00
Tinderbox User	0d5b7ed79d	update copyright notice / whitespace	2015-08-25 23:45:27 +00:00
Mark Andrews	02093e4c3b	4193. [bug] Handle broken servers that return BADVERS incorrectly. [RT #40427]	2015-08-25 16:52:43 +10:00
Mark Andrews	9b956d342e	4192. [bug] The default rrset-order of random was not always being applied. [RT #40456]	2015-08-25 14:52:27 +10:00
Mark Andrews	5855fd79e3	4191. [protocol] Accept DNS-SD non LDH PTR records in reverse zones as per RFC 6763. [RT #37889]	2015-08-25 14:46:06 +10:00
Mark Andrews	dc3912f3ca	4190. [protocol] Accept Active Diretory gc._msdcs.<forest> name as valid with check-names. <forest> still needs to be LDH. [RT #40399]	2015-08-22 15:27:33 +10:00
Mark Andrews	7d0dfa63cf	4189. [cleanup] Don't exit on overly long tokens in named.conf. [RT #40418]	2015-08-22 15:08:22 +10:00
Mark Andrews	18ba804f3a	4188. [bug] Support HTTP/1.0 client properly on the statistics channel. [RT #40261]	2015-08-20 09:55:28 +10:00
Tinderbox User	161b5249b9	update copyright notice / whitespace	2015-08-19 23:45:23 +00:00
Tinderbox User	0d63efe476	update copyright notice / whitespace	2015-08-18 23:45:26 +00:00
Mukund Sivaraman	ec3dbae9eb	Use unknown format when totext() is not implemented for any RDATA (#40317 )	2015-08-18 20:11:46 +05:30
Mukund Sivaraman	bf350c9f1a	Fix RPZ bugs related to wildcard triggers (#40357 )	2015-08-18 19:39:53 +05:30
Mark Andrews	b46fc43469	#include <isc/safe.h>	2015-08-18 21:22:48 +10:00
Evan Hunt	b750a49f3f	[master] fixed memory leak in dns_compress_add() 4184. [bug] Fixed a possible memory leak in name compression when rendering long messages. (Also, improved wire_test for testing such messages.) [RT #40375]	2015-08-17 22:41:44 -07:00
Mark Andrews	47d459ef43	add isc_safe_memequal and isc_safe_memcompare; remove isc_safe_memcmp	2015-08-18 12:25:22 +10:00
Evan Hunt	420a43c8d8	[master] timing safe memory comparisons 4183. [cleanup] Use timing-safe memory comparisons in cryptographic code. Also, the timing-safe comparison functions have been renamed to avoid possible confusion with memcmp(). [RT #40148]	2015-08-17 18:26:44 -07:00
Tinderbox User	503ffdad3b	update copyright notice / whitespace	2015-08-17 23:45:35 +00:00
Evan Hunt	b2f85a0c8e	[master] win32: vs2015 compliance; openssl dependency for check.c	2015-08-17 11:35:10 -07:00
Mukund Sivaraman	b0ba1a6059	Use mnemonics for RR class and type comparisons (#40297 )	2015-08-17 12:23:35 +05:30
Mark Andrews	70862302f8	4181. [bug] Queued notify messages could be dequeued from the wrong rate limiter queue. [RT #40350]	2015-08-17 10:37:06 +10:00
Tinderbox User	288c18263f	update copyright notice / whitespace	2015-08-14 23:45:27 +00:00
Mukund Sivaraman	d7262e5c86	Fix double frees in getaddrinfo() in libirs (#40209 )	2015-08-14 13:55:31 +05:30
Mukund Sivaraman	984d2bb9e5	Fix assertion failure in parsing UNSPEC(103) RR from text (#40274 )	2015-08-14 13:30:52 +05:30
Mukund Sivaraman	474921d733	Fix assertion failure in parsing NSAP records from text	2015-08-14 13:11:26 +05:30
Mark Andrews	9dc5ef7f24	4175. [bug] TKEY with GSS-API keys needed bigger buffers. [RT #40333]	2015-08-14 08:20:01 +10:00
Evan Hunt	45ad059c4a	[master] address VS2015 compiler warning	2015-08-13 14:58:28 -07:00
Tinderbox User	ed91aca9e6	update copyright notice / whitespace	2015-08-12 23:45:25 +00:00
Mark Andrews	c631ff56bf	Updated CHANGES note to include require-server-cookie: 4152. [func] Implement DNS COOKIE option. This replaces the experimental SIT option of BIND 9.10. The following named.conf directives are available: send-cookie, cookie-secret, cookie-algorithm, nocookie-udp-size and require-server-cookie. The following dig options are available: +[no]cookie[=value] and +[no]badcookie. [RT #39928]	2015-08-13 08:26:23 +10:00
Mark Andrews	151f1bcd5e	4172. [bug] Named / named-checkconf didn't handle a view of CLASS0. [RT #40265]	2015-08-12 19:06:00 +10:00
Evan Hunt	9b8f93083d	[master] fix tsig class checks 4171. [bug] Fixed incorrect class checks in TSIG RR implementation. [RT #40287]	2015-08-11 22:16:44 -07:00
Evan Hunt	c707e2b986	[master] fix length check in OPENPGPKEY 4170. [security] An incorrect boundary check in the OPENPGPKEY rdatatype could trigger an assertion failure. [RT #40286]	2015-08-11 20:01:44 -07:00
Tinderbox User	c4567d0675	update copyright notice / whitespace	2015-08-07 23:45:26 +00:00
Evan Hunt	ce9f893e21	[master] address buffer accounting error 4168. [security] A buffer accounting error could trigger an assertion failure when parsing certain malformed DNSSEC keys. (CVE-2015-5722) [RT #40212]	2015-08-07 13:16:10 -07:00
Mukund Sivaraman	991f97366b	Fix win32 build (UNUSED is present later) (cherry picked from commit `63dcc28d3e`)	2015-07-31 15:01:04 +05:30
Mark Andrews	46e7fc51b8	badcookie has a offical code point of 23	2015-07-27 15:22:09 +10:00
Mark Andrews	dbb064aa79	4165. [bug] An failure to reset a value to NULL in tkey.c could result in an assertion failure. (CVE-2015-5477) [RT #40046]	2015-07-14 14:48:42 +10:00
Tinderbox User	faa3b61828	update copyright notice / whitespace	2015-07-13 23:45:24 +00:00
Mark Andrews	3a49d0ff10	4164. [bug] Don't rename slave files and journals on out of memory. [RT #40033] 4163. [bug] Address compiler warnings. [RT #40024]	2015-07-13 09:46:59 +10:00
Mark Andrews	0bc743f9bc	4162. [bug] httpdmgr->flags was not being initialized. [RT #40017 ]	2015-07-10 18:42:20 +10:00
Tinderbox User	f16a6bfb6c	update copyright notice / whitespace	2015-07-09 23:45:22 +00:00
Evan Hunt	fc5f1971a1	[master] fix build error with ISC_MEM_TRACKLINES=0	2015-07-09 14:23:29 -07:00
Evan Hunt	1479200aa0	[master] DDoS mitigation features 3938. [func] Added quotas to be used in recursive resolvers that are under high query load for names in zones whose authoritative servers are nonresponsive or are experiencing a denial of service attack. - "fetches-per-server" limits the number of simultaneous queries that can be sent to any single authoritative server. The configured value is a starting point; it is automatically adjusted downward if the server is partially or completely non-responsive. The algorithm used to adjust the quota can be configured via the "fetch-quota-params" option. - "fetches-per-zone" limits the number of simultaneous queries that can be sent for names within a single domain. (Note: Unlike "fetches-per-server", this value is not self-tuning.) - New stats counters have been added to count queries spilled due to these quotas. See the ARM for details of these options. [RT #37125]	2015-07-08 22:53:39 -07:00
Mark Andrews	af63e286dd	set error code if aes selected and not implemented	2015-07-08 12:20:46 +10:00
Tinderbox User	9ab5a7d83c	update copyright notice / whitespace	2015-07-07 23:45:22 +00:00
Mark Andrews	bd08b82891	add warning not about handling malformed option content	2015-07-07 10:25:09 +10:00
Mark Andrews	46fc714aa0	dig +ednsopt=<invalid> could trigger a assertion failure [RT #39990 ]	2015-07-06 23:03:51 +10:00
Mukund Sivaraman	33ca26968b	Allow RPZ rewrite logging to be configured on a per-zone basis (#39754 )	2015-07-06 08:57:51 +05:30
Mark Andrews	3e33f4198d	4154. [bug] A OPT record should be included with the FORMERR response when there is a malformed EDNS option. [RT #39647] 4153. [bug] Dig should zero non significant +subnet bits. Check that non significant ECS bits are zero on receipt. [RT #39647]	2015-07-06 12:52:37 +10:00
Tinderbox User	8f0b326d9a	update copyright notice / whitespace	2015-07-05 23:45:22 +00:00
Mark Andrews	ce67023ae3	4152. [func] Implement DNS COOKIE option. This replaces the experimental SIT option of BIND 9.10. The following named.conf directives are avaliable: send-cookie, cookie-secret, cookie-algorithm and nocookie-udp-size. The following dig options are available: +[no]cookie[=value] and +[no]badcookie. [RT #39928]	2015-07-06 09:44:24 +10:00
Tinderbox User	85d23eaae8	update copyright notice / whitespace	2015-07-03 23:45:24 +00:00
Mark Andrews	307adf6792	4151. [bug] 'rndc flush' could cause a deadlock. [RT #39835 ]	2015-07-03 10:17:33 +10:00
Tinderbox User	2bd63eca27	update copyright notice / whitespace	2015-07-01 23:45:22 +00:00
Mark Andrews	753b27a7d3	4150. [bug] win32: listen-on-v6 { any; }; was not working. Apply minimal fix. [RT #39667]	2015-07-01 11:51:45 +10:00
Tinderbox User	337d408adb	update copyright notice / whitespace	2015-06-29 23:45:23 +00:00
Mukund Sivaraman	c44c77178e	Fix race in getaddrinfo() in libirs, which caused assertion failure in delv (#39873 )	2015-06-29 19:44:42 +05:30
Mukund Sivaraman	08f0129732	Fix a bug printing zone names with '/' character in XML and JSON stats (#39873 )	2015-06-29 18:33:18 +05:30
Mark Andrews	4a61eae651	4147. [bug] Filter-aaaa / filter-aaaa-on-v4 / filter-aaaa-on-v6 was returning referrals rather than nodata responses when the AAAA records were filtered. [RT #39843]	2015-06-29 15:48:41 +10:00
Mark Andrews	adbf81335b	4146. [bug] Address reference leak that could prevent a clean shutdown. [RT #37125]	2015-06-25 18:36:27 +10:00
Mark Andrews	2f66e2dd81	4145. [bug] Not all unassociated adb entries where being printed. [RT #37125]	2015-06-25 18:26:59 +10:00
Mukund Sivaraman	8aecc50f0d	Remove backwards compatibility grammar (#39845 ) This was not done in the previous merge commit, so that it could be merged cleanly into release branches.	2015-06-23 14:23:12 +05:30
Mukund Sivaraman	0439bfedd9	Fix parsing of NZFs saved by rndc addzone with view specified (#39845 )	2015-06-23 14:19:48 +05:30
Mark Andrews	d4422ec231	don't use C++ keyword new; use (const char ) for output of strchr((const char ), char)	2015-06-18 11:14:43 +10:00
Mark Andrews	a85c6b35af	4138. [bug] A uninitialized value in validator.c could result in a assertion failure. (CVE-2015-4620) [RT #39795]	2015-06-17 09:13:03 +10:00
Mark Andrews	a8cb6c6fbc	add #define check_stale_rdataset check_stale_rdataset64	2015-06-12 11:17:07 +10:00
Mark Andrews	c781d465b6	silence unused parameter warning	2015-06-11 14:03:19 +10:00
Mukund Sivaraman	59a9cb54c1	Propagate stale attribute when updating stats (#39141 ) Squashed commit of the following: commit 9b5b9fa30fbeba8ee1e95cb1028017230ed4db02 Author: Mukund Sivaraman <muks@isc.org> Date: Tue Apr 7 19:30:54 2015 +0530 Remove double function prototypes commit f3bb8cc60ae476eaa871ba10330b16425ced2d7c Author: Mukund Sivaraman <muks@isc.org> Date: Tue Apr 7 19:30:34 2015 +0530 Unify several copies of redundant code into a helper function commit 4899fb9b2f36fc5d159fa877c0780a442a7cbdb3 Author: Mukund Sivaraman <muks@isc.org> Date: Thu Apr 2 00:23:53 2015 +0530 Propagate stale attribute when updating stats	2015-06-10 14:04:30 +05:30
Witold Krecicki	f85deb5154	log expired NTA at startup	2015-06-08 13:57:24 +02:00
Tinderbox User	a03c39ef51	update copyright notice / whitespace	2015-06-05 23:45:26 +00:00
Witold Krecicki	8d21d93a6b	better logging of RPZ changes RT #39670	2015-06-05 12:24:11 +02:00
Mark Andrews	6c0c85563f	update comment as per rt39703	2015-06-05 11:09:35 +10:00
Mark Andrews	8a9bac8dec	4133. [port] Update how various json libraries are handled. [RT #39646]	2015-06-05 10:16:24 +10:00
Tinderbox User	e545fce91b	update copyright notice / whitespace	2015-06-04 23:45:25 +00:00
Evan Hunt	8c9fba44a4	[master] further RPZ fixes 4131. [bug] Addressed further problems with reloading RPZ zones. [RT #39649]	2015-06-03 18:18:55 -07:00
Mark Andrews	e0fea0bf85	silence coverity warnings	2015-05-30 17:44:52 +10:00
Mark Andrews	03089dd420	add INSIST to silence coverity	2015-05-30 17:37:14 +10:00
Mark Andrews	4e056cee66	unsigned constants	2015-05-29 11:26:13 +10:00
Tinderbox User	431e5c81db	update copyright notice / whitespace	2015-05-28 23:45:24 +00:00
Evan Hunt	2bb245e04a	[master] typo in comment	2015-05-28 15:04:40 -07:00
Mark Andrews	38c19e5779	4130. [bug] The compatability shim for *printf() misprinted some large numbers. [RT #39586]	2015-05-29 07:21:49 +10:00
Mark Andrews	8bb630c751	4129. [port] Address API changes in OpenSSL 1.1.0. [RT #39532 ]	2015-05-28 14:41:21 +10:00
Mark Andrews	e53e202ef3	4128. [bug] Address issues raised by Coverity 7.6. [RT #39537 ]	2015-05-28 13:17:07 +10:00
Tinderbox User	3813d22587	update copyright notice / whitespace	2015-05-27 23:45:25 +00:00
Mark Andrews	e7b7ede003	add dns_zone_cdscheck	2015-05-27 16:17:54 +10:00
Mark Andrews	598b502695	4127. [protocol] CDS and CDNSKEY need to be signed by the key signing key as per RFC 7344, Section 4.1. [RT #37215]	2015-05-27 15:25:45 +10:00
Evan Hunt	a32b6291aa	[master] address regression 4126. [bug] Addressed a regression introduced in change #4121. [RT #39611]	2015-05-26 19:11:08 -07:00
Mark Andrews	5af7557757	use unsigned constants	2015-05-24 12:51:55 +10:00
Tinderbox User	d70dac20d2	update copyright notice / whitespace	2015-05-23 23:45:25 +00:00
Mark Andrews	503f0b324a	#undef before #define	2015-05-24 06:04:09 +10:00
Francis Dupont	941b62c8cb	finished print.h stuff	2015-05-23 16:12:24 +02:00
Francis Dupont	3759f10fc5	added print.h includes, updated copyrights	2015-05-23 14:21:51 +02:00
Tinderbox User	46ee7c3260	update copyright notice / whitespace	2015-05-22 23:45:24 +00:00
Mark Andrews	9e5390f3f3	add cfg_parse_buffer2	2015-05-22 22:24:06 +10:00
Mark Andrews	7507c1826f	all of NEED*PRINT are needed if %z is not supported	2015-05-22 22:12:42 +10:00
Evan Hunt	c55a1da4fc	[master] log parsing errors from default config or addzone/modzone 4124. [func] Log errors or warnings encountered when parsing the internal default configuration. Clarify the logging of errors and warnings encountered in rndc addzone or modzone parameters. [RT #39440]	2015-05-21 23:04:29 -07:00
Mark Andrews	22909ca827	unconditionally include stdio.h	2015-05-22 10:08:43 +10:00
Tinderbox User	0dfc0745c4	update copyright notice / whitespace	2015-05-21 23:45:26 +00:00
Mark Andrews	9e69ff9ad0	exclude isc_print_printf and isc_print_fprintf	2015-05-22 08:22:19 +10:00
Evan Hunt	cadf8d687b	[master] add %z format options to printf 4123. [port] Added %z (size_t) format options to the portable internal printf/sprintf implementation. [RT #39586]	2015-05-21 14:55:15 -07:00
Mukund Sivaraman	705cea35a8	Fix RPZ radix tree search() for CLIENT-IP triggers (#39481 )	2015-05-21 11:10:49 +05:30
Evan Hunt	19365b43e9	[master] ensure rpz summary consistence during AXFR updates 4121. [bug] When updating a response-policy zone via AXFR, summary data about other policy zones could fall out of sync. Ultimately this could trigger an assertion failure in rpz.c. [RT #39567]	2015-05-20 15:00:50 -07:00
Evan Hunt	7e6cf6fc6e	[master] address a possible policy update race 4120. [bug] A bug in RPZ could cause the server to crash if policy zones were updated while recursion was pending for RPZ processing of an active query. [RT #39415]	2015-05-19 15:47:42 -07:00
Tinderbox User	f5280a1563	update copyright notice / whitespace	2015-05-11 23:45:22 +00:00
Mark Andrews	1acfed3dac	update variable name to better reflect reality (cherry picked from commit `51a82fe30d`)	2015-05-11 13:42:04 +10:00
Mark Andrews	844b568182	use dns_opcode_t	2015-05-11 12:16:44 +10:00
Mark Andrews	b4a6f7fff4	#include <string.h> for strcmp	2015-05-11 12:16:07 +10:00
Mukund Sivaraman	b947e1a521	Fix a bug in RPZ that could cause unwanted recursion (#39229 ) Conflicts: doc/arm/notes.xml	2015-05-07 08:29:36 +05:30
Tinderbox User	012142bbe0	update copyright notice / whitespace	2015-05-06 23:45:24 +00:00
Tinderbox User	4e92a74ec4	update copyright notice / whitespace	2015-05-05 23:45:24 +00:00
Evan Hunt	9e804040a2	[master] add "rndc -r" to print result code 4115. [func] "rndc -r" now prints the result code (e.g., ISC_R_SUCCESS, ISC_R_TIMEOUT, etc) after running the requested command. [RT #38913]	2015-05-05 16:39:09 -07:00
Mark Andrews	675900780a	150 ->160	2015-05-06 09:24:16 +10:00
Mark Andrews	5e73a8d791	set initial values for 9.11.x	2015-05-06 08:27:49 +10:00
Mukund Sivaraman	8f25faf972	Fix a regression in radix tree implementation introduced by ECS code (#38983 )	2015-05-05 13:11:23 +05:30
Tinderbox User	452a29e62c	update copyright notice / whitespace	2015-04-28 23:45:24 +00:00
Mark Andrews	b292230ab8	4110. [bug] Address memory leaks / null pointer dereferences on out of memory. [RT #39310]	2015-04-29 03:16:50 +10:00
Mark Andrews	e77e449549	4109. [port] linux: support reading the local port range from net.ipv4.ip_local_port_range. [RT # 39379]	2015-04-25 08:25:42 +10:00
Mark Andrews	c82b378115	4108. [func] A additional nxdomain redirect (nxdomain-redirect) method is now supported. [RT #37989]	2015-04-23 16:57:15 +10:00
Mark Andrews	ef0e674456	4107. [bug] Address potential deadlock when updating zone content. [RT #39269]	2015-04-18 13:45:03 +10:00
Tinderbox User	1413616670	update copyright notice / whitespace	2015-04-17 23:45:24 +00:00
Mark Andrews	def6608a44	don't set rdh_ttl in init_rdataset	2015-04-17 23:09:05 +10:00
Francis Dupont	ab973ec40c	misc x64 VS 2015 CTP fixes [#39308 ]	2015-04-17 11:39:26 +02:00
Mark Andrews	f1a261ba2d	4104. [bug] Address uninitialized elements. [RT #39252 ]	2015-04-17 14:04:47 +10:00
Francis Dupont	bcb68be0a8	misc fixes for VS 2015 CTP #39267	2015-04-17 02:57:02 +02:00
Tinderbox User	ace0b8d470	update copyright notice / whitespace	2015-04-15 23:45:22 +00:00
Evan Hunt	c03fe78ef5	[master] use after free in resquery_destroy() 4102. [bug] Fix a use after free bug introduced in change #4094. [RT #39281]	2015-04-15 15:38:14 -07:00
Mark Andrews	c855e7170a	4100. [bug] Inherited owernames on the line immediately following a $INCLUDE were not working. [RT #39268]	2015-04-15 12:47:57 +10:00
Tinderbox User	a269ca51cc	update copyright notice / whitespace	2015-04-14 23:45:21 +00:00
Mukund Sivaraman	ac31adc3b7	Add additional logging about xfrin transfer status (#39170 )	2015-04-14 12:16:26 +05:30
Mukund Sivaraman	2c4d5faf7f	Don't use query->sendevent after it's been destroyed (#39132 )	2015-04-13 15:04:41 +05:30
Mark Andrews	54fe1d05b6	4095. [bug] zone->options2 was not being properly initalized. [RT #39228]	2015-04-11 08:04:02 +10:00
Evan Hunt	d9b37259f3	[master] hold a reference on fetch context during query 4094. [bug] A race during shutdown or reconfiguration could cause an assertion in mem.c. [RT #38979]	2015-04-08 14:33:45 -07:00
Tinderbox User	6e61135f10	update copyright notice / whitespace	2015-03-27 23:45:21 +00:00
Mukund Sivaraman	fba894c98b	Some cleanups in isc mem code (#38896 )	2015-03-27 23:12:11 +05:30
Mukund Sivaraman	f9f81abff0	Fix a crash while parsing malformed CAA RRs in presentation format (#39003 )	2015-03-27 10:32:03 +05:30
Mukund Sivaraman	9a7532f836	Send notifies immediately for slave zones during startup (#38843 )	2015-03-25 10:55:55 +05:30
Tinderbox User	3e2bfb151a	update copyright notice / whitespace	2015-03-23 23:45:21 +00:00
Mark Andrews	cef65f9409	@ISC_OPENSSL_INC@ needs to not be by itself (cherry picked from commit a5885354413d503105521b7bf4cd603927f81814)	2015-03-24 07:54:51 +11:00
Evan Hunt	e89972afcb	[master] fixed build errors with libressl 4088. [port] Fixed errors when building with libressl. [RT #38899]	2015-03-23 13:34:56 -05:00
Mukund Sivaraman	ebeb4b3e09	Fix a crash due to use-after-free (#38495 )	2015-03-18 06:42:54 +05:30
Mukund Sivaraman	24f2cc7d06	Fix a possible race in updating stats counters (#38826 ) and do some other isc mem cleanups.	2015-03-09 10:30:47 +05:30
Mukund Sivaraman	f5a62d97e3	Fix -Wshadow warnings (#38762 ) These happen due to ntohs()/htons() macro expansion in glibc.	2015-03-09 09:23:46 +05:30
Evan Hunt	da4a7772eb	[master] improve thread support reporting 4083. [cleanup] Print of the number of CPUs and UDP listeners in the log and in "rndc status" output; indicate whether threads are supported in "named -V" output. [RT #38811]	2015-03-04 15:56:33 -08:00
Mark Andrews	f2f3880223	add missing defs	2015-03-05 10:48:04 +11:00
Tinderbox User	811acf52b8	update copyright notice / whitespace	2015-03-04 23:45:21 +00:00
Mark Andrews	1b05d22789	4082. [bug] Incrementally sign large inline zone deltas. [RT #37927]	2015-03-05 09:59:29 +11:00
Mark Andrews	29d52c001f	4081. [cleanup] Use dns_rdatalist_init consistently. [RT #38759 ]	2015-03-03 16:43:42 +11:00
Evan Hunt	7ae96d8823	[master] add "lock-file" and fix up singleton code 4080. [func] Completed change #4022, adding a "lock-file" option to named.conf to override the default lock file, in addition to the "named -X <filename>" command line option. Setting the lock file to "none" using either method disables the check completely. [RT #37908]	2015-03-02 19:27:54 -08:00
Tinderbox User	3d787a1213	update copyright notice / whitespace	2015-03-02 23:45:21 +00:00
Mukund Sivaraman	10dd5f62f2	Add support for Valgrind's helgrind tool (#38706 ) Also fix one locking issue that helgrind found: Maintain stats->lock while stats->reference is used.	2015-03-02 13:42:20 +05:30
Mukund Sivaraman	0ea9f8037d	Remove more wider memset() over control now that it's handled below (#38621 )	2015-03-02 12:52:41 +05:30
Tinderbox User	5e93bad21b	update copyright notice / whitespace	2015-03-01 23:45:20 +00:00
Evan Hunt	ed57645433	[master] add 64-bit symbols for ownercase functions	2015-02-27 17:36:29 -08:00
Tinderbox User	34eab435ac	update copyright notice / whitespace	2015-02-27 23:45:24 +00:00
Evan Hunt	2bbf69e1e2	[master] add missing externals	2015-02-26 21:58:19 -08:00
Mark Andrews	4677223a53	address -Wshadow warning	2015-02-27 16:46:54 +11:00
Mark Andrews	a8da00ef95	4079. [func] Preserve the case of the ownername of records to the RRset level. [RT #37442]	2015-02-27 15:08:38 +11:00
Mark Andrews	b5edc023a1	4078. [bug] Hand the case where CMSG_SPACE(sizeof(int)) != CMSG_SPACE(sizeof(int)). [RT #38621.	2015-02-27 14:52:26 +11:00
Mark Andrews	bb5df338d9	4076. [bug] Named could crash on shutdown with outstanding reload / reconfig events. [RT #38622]	2015-02-27 12:34:43 +11:00
Mark Andrews	42580072de	protect with #ifdef HAVE_PTHREAD_MUTEX_ADAPTIVE_NP	2015-02-27 11:37:35 +11:00
Mark Andrews	af669cb4fd	4074. [cleanup] Cleaned up more warnings from gcc -Wshadow. [RT #38708 ]	2015-02-27 10:55:55 +11:00
Tinderbox User	c10fda07d6	update copyright notice / whitespace	2015-02-26 23:45:22 +00:00
Mukund Sivaraman	1783676a64	Add a --enable-querytrace configure switch for very verbose query tracelogging (#37520 )	2015-02-26 16:51:07 +05:30
Mukund Sivaraman	ebeb668f86	Remove unused functions (#38547 )	2015-02-26 14:47:03 +05:30
Mukund Sivaraman	07dd40e8ee	Initialize pthread_mutexattrs just once (#38547 )	2015-02-26 14:43:45 +05:30
Mukund Sivaraman	db93c0def5	Fix a segfault when running nslookup (#38548 )	2015-02-26 14:03:35 +05:30
Tinderbox User	f159b7b5c7	update copyright notice / whitespace	2015-02-25 23:45:22 +00:00
Mukund Sivaraman	5a505fc4c2	Add facility to run system test nameds under Valgrind (#38546 )	2015-02-25 09:06:45 +05:30
Evan Hunt	bfc11b9c65	[master] additional mkeys tests 4065. [test] Additional RFC 5011 tests. [RT #38569]	2015-02-23 21:07:26 -08:00
Tinderbox User	c3854e9cd3	update copyright notice / whitespace	2015-02-23 23:45:20 +00:00
Evan Hunt	7acc2f2156	[master] fix LOADPENDING issues 4063. [bug] Asynchronous zone loads were not handled correctly when the zone load was already in progress; this could trigger a crash in zt.c. [RT #37573]	2015-02-22 20:43:39 -08:00
Evan Hunt	07229d51a6	[master] report library version numbers on win32	2015-02-20 23:23:59 -08:00
Mark Andrews	072ce62d23	used unsigned zero	2015-02-19 15:42:29 +11:00
Tinderbox User	a70b865da3	update copyright notice / whitespace	2015-02-18 23:45:23 +00:00
Mark Andrews	6a837e5121	address race condition with multiple isc_socket_connect calls in change 4041	2015-02-18 23:32:31 +11:00
Mukund Sivaraman	e58eb371a0	RPZ: Don't diff keys out of bounds, found via Valgrind (#38559 )	2015-02-18 12:49:56 +05:30
Tinderbox User	8f0427f11b	update copyright notice / whitespace	2015-02-17 23:45:20 +00:00
Evan Hunt	1f81c9e1e2	[master] silence warning	2015-02-17 11:37:26 -08:00
Tinderbox User	c8a55dfd0a	update copyright notice / whitespace	2015-02-12 23:45:23 +00:00
Mukund Sivaraman	ffc393dd18	Remove canary code from hash destroy function (#38602 ) This triggers a Valgrind out-of-bounds read report. It was introduced by commit `5d7849ad7f`. No CHANGES entry necessary as it doesn't have any user-visible or behavioral change. It removes an out-of-bounds read issue that went undetected when allocated through isc_mem as the memory was present. The memory read was compared to itself, so it has no behavioral change.	2015-02-12 18:14:34 +05:30
Mark Andrews	f4102ab13e	4060. [bug] dns_rdata_freestruct could be call on a uninitialised structure when handling a error. [RT #38568]	2015-02-11 16:50:11 +11:00
Evan Hunt	8fa6f39c85	[master] oops, win32 data exports work differently now	2015-02-10 17:26:09 -08:00
Evan Hunt	82a42fe81e	[master] export dns_zone_mkey_{month,day,hour}	2015-02-10 16:59:09 -08:00
Tinderbox User	f3affbe2ff	update copyright notice / whitespace	2015-02-10 23:45:23 +00:00
Evan Hunt	a98f70acc8	[master] address valgrind warnings 4059. [bug] Addressed valgrind warnings. [RT #38549]	2015-02-10 14:01:38 -08:00
Evan Hunt	2616cb6944	[master] fix PRNG selection in dispatch.c 4058. [bug] UDP dispatches could use the wrong psuedorandom number generator context. [RT #38578]	2015-02-10 13:54:48 -08:00
Tinderbox User	29756974c5	update copyright notice / whitespace	2015-02-06 23:45:21 +00:00
Evan Hunt	82843574c9	[master] fix keytable test	2015-02-06 14:08:28 -08:00
Mark Andrews	29fc1a4197	<isc/print.h>	2015-02-06 13:30:22 +11:00
Evan Hunt	591389c7d4	[master] 5011 tests and fixes 4056. [bug] Expanded automatic testing of trust anchor management and fixed several small bugs including a memory leak and a possible loss of key state information. [RT #38458] 4055. [func] "rndc managed-keys" can be used to check status of trust anchors or to force keys to be refreshed, Also, the managed keys data file has easier-to-read comments. [RT #38458]	2015-02-05 17:18:15 -08:00
Mark Andrews	d2a50c9ba8	cast to (unsigned long) to silence format warning	2015-02-05 07:50:24 +11:00
Francis Dupont	1059bc2e42	added mdig tool	2015-02-04 14:22:32 +01:00
Evan Hunt	801fb8b894	[master] avoid crash due to managed-key rollover 4053. [security] Revoking a managed trust anchor and supplying an untrusted replacement could cause named to crash with an assertion failure. (CVE-2015-1349) [RT #38344]	2015-02-03 18:25:28 -08:00
Tinderbox User	92059a966a	update copyright notice / whitespace	2015-02-03 23:46:29 +00:00
Mukund Sivaraman	2696ceb4d4	Fix a Valgrind warning about use of uninitialized memory (as part of #38454 )	2015-02-03 11:43:34 +05:30
Mukund Sivaraman	fe12a8f107	Fix a leak of pthread_mutexattr_t (#38454 ) 4051. [bug] Fix a leak of pthread_mutexattr_t. [RT #38454]	2015-02-03 11:42:06 +05:30
Tinderbox User	f72460c717	update copyright notice / whitespace	2015-01-30 23:45:24 +00:00
Mark Andrews	e77ef50a57	4049. [bug] CDS and CDNSKEY had the wrong attributes. [RT #38491 ]	2015-01-30 21:48:28 +11:00
Tinderbox User	59e7a41eaf	update copyright notice / whitespace	2015-01-29 23:45:24 +00:00
Mark Andrews	7865bb3549	copy COPYRIGHT and OpenSSL Licence to Build\Release	2015-01-29 14:36:09 +11:00
Mark Andrews	4b36b9c1ff	4048. [bug] adb hash table was not being grown. [RT #38470 ]	2015-01-29 11:50:30 +11:00
Tinderbox User	be755f4725	update copyright notice / whitespace	2015-01-22 23:45:26 +00:00
Evan Hunt	84ee90b52d	[master] fix 'total use' accounting 4046. [bug] Accounting of "total use" in memory context statistics was not correct. [RT #38370]	2015-01-22 09:44:24 -08:00
Evan Hunt	f885a6172e	[master] silence warning	2015-01-22 09:03:24 -08:00
Mark Andrews	875574f1e4	4045. [bug] Skip to next master on dns_request_createvia4 failure. [RT #25185]	2015-01-22 15:56:50 +11:00
Tinderbox User	39f68d7b64	update copyright notice / whitespace	2015-01-21 23:45:24 +00:00
Mark Andrews	17dc146c7c	4044. [bug] Change 3955 was not complete resulting is a assertion failure is the timing was just right. [RT #38352]	2015-01-22 10:38:40 +11:00
Evan Hunt	e91c70668e	[master] restored accidentally removed externals	2015-01-20 22:38:27 -08:00
Mark Andrews	22e3e00ac9	4042. [bug] zone.c:iszonesecure was being called too late. [RT #38371]	2015-01-21 13:18:30 +11:00
Mark Andrews	83b9e799df	#ifdef protect 'b'	2015-01-21 13:07:50 +11:00
Evan Hunt	ff62d4458a	[master] allow shared TCP sockets when connecting 4041. [func] TCP sockets can now be shared while connecting. (This will be used to enable client-side support of pipelined queries.) [RT #38231]	2015-01-20 17:22:31 -08:00
Evan Hunt	761d135ed6	[master] add TCP pipelining support 4040. [func] Added server-side support for pipelined TCP queries. TCP connections are no longer closed after the first query received from a client. (The new "keep-response-order" option allows clients to be specified for which the old behavior will still be used.) [RT #37821]	2015-01-20 16:14:09 -08:00
Evan Hunt	b77ae24e3e	[master] more windows VS14 compatibility work (completes change #3987)	2015-01-20 15:45:38 -08:00
Tinderbox User	c110d61b17	update copyright notice / whitespace	2015-01-20 23:45:26 +00:00
Evan Hunt	11463c0ac2	[master] clean up gcc -Wshadow warnings 4039. [cleanup] Cleaned up warnings from gcc -Wshadow. [RT #37381]	2015-01-20 13:29:18 -08:00
Mark Andrews	cc0a48a381	4038. [bug] Add 'rpz' flag to node and use it to determine whether to call dns_rpz_delete. This should prevent unbalanced add / delete calls. [RT #36888	2015-01-20 16:57:42 +11:00
Mark Andrews	f8eb4e5bfd	4037. [bug] also-notify was ignoring the tsig key when checking for duplicates resulting in some expected notify messages not being sent. [RT #38369]	2015-01-20 16:42:56 +11:00
Evan Hunt	59c489552d	[master] remove a potentially misleading log message	2015-01-19 20:15:01 -08:00
Tinderbox User	b624001e36	update copyright notice / whitespace	2015-01-16 23:45:22 +00:00
Mukund Sivaraman	b05a50c852	Make call to open a temporary file name safe during NZF creation (#38331 ) Based on a patch sent in by Tony Finch <dot@dotat.at>. Also fix win32 implementation of isc_file_openunique() to use a random filename instead of using the process id.	2015-01-16 18:29:23 +05:30
Tinderbox User	2dd6ffb5cb	update copyright notice / whitespace	2015-01-12 23:45:21 +00:00
Mukund Sivaraman	4716d844c4	Add missing symbols to libdns.def.in	2015-01-12 09:55:56 +05:30
Mukund Sivaraman	a6f0e9c985	Add NTA persistence (#37087 ) 4034. [func] When added, negative trust anchors (NTA) are now saved to files (viewname.nta), in order to persist across restarts of the named server. [RT #37087]	2015-01-12 09:07:48 +05:30
Tinderbox User	f0cbe180f0	update copyright notice / whitespace	2015-01-10 23:45:22 +00:00
Mark Andrews	f4dda9cf28	4033. [bug] Missing out of memory check in request.c:req_send. [RT #38311]	2015-01-11 09:24:33 +11:00
Evan Hunt	4b52ac401d	[master] remove unhelpful comment, revise change note 3973. [test] Added hooks for Google Performance Tools CPU profiler, including real-time/wall-clock profiling. [RT #37339]	2015-01-10 00:17:57 -08:00
Tinderbox User	63b0524b96	update copyright notice / whitespace	2015-01-08 23:45:22 +00:00
Mark Andrews	d1f1f13c7f	4031. [bug] named-checkconf -z failed to report a missing file with a hint zone. [RT #38294]	2015-01-08 19:19:12 +11:00
Tinderbox User	b129f72d95	update copyright notice / whitespace	2015-01-07 23:45:22 +00:00
Evan Hunt	f784ce7523	[master] add missing functions	2015-01-07 00:22:31 -08:00
Evan Hunt	74eb2f5cbc	[master] rndc showzone / rndc delzone of non-added zones 4030. [func] "rndc delzone" is now applicable to zones that were configured in named.conf, as well as zones that were added via "rndc addzone". (Note, however, that if named.conf is not also modified, the deleted zone will return when named is reloaded.) [RT #37887] 4029. [func] "rndc showzone" displays the current configuration of a specified zone. [RT #37887]	2015-01-06 22:57:57 -08:00
Tinderbox User	651c5a50f4	update copyright notice / whitespace	2015-01-06 23:45:23 +00:00
Mark Andrews	b0c18fffd3	4028. [bug] $GENERATE with a zero step was not being caught as a error. A $GENERATE with a / but no step was not being caught as a error. [RT #38262]	2015-01-06 11:31:34 +11:00
Tinderbox User	055f6517b4	update copyright notice / whitespace	2014-12-19 23:45:22 +00:00
Mark Andrews	d8f2dd46cb	4025. [port] bsdi: failed to build. [RT #38047 ]	2014-12-19 12:06:35 +11:00
Mark Andrews	1e0ed0c6f5	4024. [bug] dns_rdata_opt_first, dns_rdata_opt_next, dns_rdata_opt_current, dns_rdata_txt_first, dns_rdata_txt_next and dns_rdata_txt_current were documented but not implemented. These have now been implemented. dns_rdata_spf_first, dns_rdata_spf_next and dns_rdata_spf_current were document but not implemented. The prototypes for these functions have been removed. [RT #38068] 4023. [bug] win32: socket handling with explict ports and invoking named with -4 was broken for some configurations. [RT #38068]	2014-12-19 11:35:07 +11:00
Mukund Sivaraman	47d837a499	Make named a singleton process [RT#37908] Conflicts: bin/tests/system/conf.sh.in lib/dns/win32/libdns.def.in lib/isc/win32/file.c The merge also needed to update files in legacy and tcp system tests (newly introduced in master after branch was created) to introduce use of lockfile.	2014-12-18 12:31:25 +05:30
Evan Hunt	9fcbc46062	[master] more missing entry points	2014-12-16 14:40:33 -08:00
Evan Hunt	fc12d18471	[master] typos	2014-12-16 12:42:05 -08:00
Evan Hunt	25ee607cf5	[master] add more missing entry points	2014-12-16 12:09:09 -08:00
Mark Andrews	eb690e00e7	add missing entry points	2014-12-17 00:27:17 +11:00
Mark Andrews	2efb444806	add missing entry points	2014-12-16 23:46:15 +11:00
Mark Andrews	f5c22df82b	win32 build	2014-12-16 23:36:44 +11:00
Evan Hunt	be7fba8019	[master] adjust max-recursion-queries 4021. [bug] Adjust max-recursion-queries to accommodate the need for more queries when the cache is empty. [RT #38104]	2014-12-15 22:28:06 -08:00
Mark Andrews	132410d33f	add/sort	2014-12-16 14:49:17 +11:00
Mark Andrews	7799a5edea	add missing entries	2014-12-16 14:41:25 +11:00
Mark Andrews	2e98ab2c9d	remove non null check	2014-12-09 19:51:32 +11:00
Mark Andrews	017aa9aef6	4019. [func] If named is not configured to validate the answer then allow fallback to plain DNS on timeout even when we know the server supports EDNS. [RT #37978]	2014-12-05 17:47:26 +11:00
Mark Andrews	ea3aa401bc	4015. [bug] Nameservers that are skipped due to them being CNAMEs were not being logged. They are now logged to category 'cname' as per BIND 8. [RT #37935]	2014-12-03 11:34:07 +11:00
Mark Andrews	6444de08d1	4014. [bug] When including a master file origin_changed was not being properly set leading to a potentially spurious 'inherited owner' warning. [RT #37919]	2014-12-03 09:42:30 +11:00
Francis Dupont	5c5c6d289d	Add a TCP only option to server/peer	2014-12-02 14:17:59 +01:00
Francis Dupont	fc63119c8b	Hardened OpenSSL digest/HMAC calls [RT #37944 ]	2014-12-02 12:41:01 +01:00
Mark Andrews	401f7510d7	use the actual header	2014-11-28 19:17:26 +11:00
Mark Andrews	7554ff1619	add #define rdataset_clearprefetch rdataset_clearprefetch64	2014-11-25 12:06:23 +11:00
Tinderbox User	523ad879ce	update copyright notice / whitespace	2014-11-24 23:53:16 +00:00
Mark Andrews	092d3b76db	4010. [cleanup] Clear the prefetchable state when initiating a prefetch. [RT #37399]	2014-11-24 11:18:30 +11:00
Evan Hunt	92384667ff	[master] delv +tcp 4009. [func] delv: added a +tcp option. [RT #37855]	2014-11-21 09:42:04 -08:00
Mark Andrews	70bceacc80	silence signed/unsigned warning	2014-11-21 20:28:17 +11:00
Evan Hunt	3e5b4176d8	[master] win32 build fix	2014-11-20 15:55:43 -08:00
Evan Hunt	c6b699b58e	[master] remove inadvertently-retained content from quota.h	2014-11-20 12:55:01 -08:00
Evan Hunt	05e448935c	[master] refactor max-recursion-queries - the counters weren't set correctly when fetches timed out. instead we now pass down a counter object.	2014-11-19 18:21:02 -08:00
Evan Hunt	c4f54e5bd1	[master] add max-recursion-queries also fixes and documentation for max-recursion-depth	2014-11-18 22:02:02 -08:00
Evan Hunt	3230429e17	[master] limit recursion depth and iterative queries 4006. [security] A flaw in delegation handling could be exploited to put named into an infinite loop. This has been addressed by placing limits on the number of levels of recursion named will allow (default 7), and the number of iterative queries that it will send (default 50) before terminating a recursive query (CVE-2014-8500). The recursion depth limit is configured via the "max-recursion-depth" option. [RT #35780]	2014-11-17 23:24:44 -08:00
Evan Hunt	c325ff9c79	[master] complete coverity fixes	2014-11-17 17:39:00 -08:00
Mark Andrews	4ac862fa96	only execute additional tests if create call succeeds	2014-11-18 12:19:37 +11:00
Evan Hunt	a0b4f6d952	[master] geoip security fixes 4003. [security] When geoip-directory was reconfigured during named run-time, the previously loaded GeoIP data could remain, potentially causing wrong ACLs to be used or wrong results to be served based on geolocation. [RT #37720] 4002. [security] Lookups in GeoIP databases that were not loaded could cause an assertion failure. [RT #37679] 4001. [security] The caching of GeoIP lookups did not always handle address families correctly, potentially resulting in an assertion failure. [RT #37672]	2014-11-16 08:43:22 -08:00
Tinderbox User	aee6c351d3	update copyright notice	2014-11-15 23:45:22 +00:00
Evan Hunt	63fb92c1ba	[master] fix false positive compiler warning a "pointer always evaluates to true" warning was blocking compilation of the radix ATF test when using --enable-developer with gcc 4.8.2.	2014-11-15 00:56:30 -08:00
Evan Hunt	907e01d6f3	[master] buffer ATF test was failing	2014-11-15 00:56:17 -08:00
Evan Hunt	e32d354f75	[master] allow arbitrary-size rndc output 4005. [func] The buffer used for returning text from rndc commands is now dynamically resizable, allowing arbitrarily large amounts of text to be sent back to the client. (Prior to this change, it was possible for the output of "rndc tsig-list" to be truncated.) [RT #37731]	2014-11-14 15:58:54 -08:00
Evan Hunt	c4abb19716	[master] reference leak with AAAA glue but not A 4004. [bug] When delegations had AAAA glue but not A, a reference could be leaked causing an assertion failure on shutdown. [RT #37796]	2014-11-14 09:02:28 -08:00
Mukund Sivaraman	a3157f3c75	[master] close() fd when done (Coverity report)	2014-11-11 07:15:02 +05:30
Evan Hunt	fadf7291df	[master] check creat() return	2014-11-10 17:30:58 -08:00
Tinderbox User	6d0a639bd0	update copyright notice	2014-11-06 23:45:21 +00:00
Evan Hunt	067c0c38e7	[master] s/mempcy/memmove/	2014-11-06 13:01:59 -08:00
Mark Andrews	8f0cf84bb1	set working directory; #include <string.h>	2014-11-06 18:02:32 +11:00
Tinderbox User	d478dbae80	update copyright notice	2014-11-05 23:45:20 +00:00
Evan Hunt	ad9645512c	[master] add print.h	2014-11-04 20:43:41 -08:00
Evan Hunt	ce96d4326c	[master] new mkeys and nzf naming format 3999. [func] "mkeys" and "nzf" files are now named after their corresponding views, unless the view name contains characters that would be incompatible with use in a filename (i.e., slash, backslash, or capital letters). If a view name does contain these characters, the files will still be named using a cryptographic hash of the view name. Regardless of this, if a file using the old name format is found to exist, it will continue to be used. [RT #37704]	2014-11-04 19:43:27 -08:00
Tinderbox User	5781d00939	update copyright notice	2014-11-04 23:45:20 +00:00
Mark Andrews	a31d0513c3	add missing opening bracket	2014-11-04 17:02:32 +11:00
Mark Andrews	b976c39c07	3998. [bug] isc_radix_search was returning matches that were to precise. [RT #37680]	2014-11-04 12:34:12 +11:00
Mark Andrews	1feee79e1f	3997. [protocol] Add OPENGPGKEY record. [RT# 37671]	2014-11-04 12:24:39 +11:00
Tinderbox User	03fc2ff527	update copyright notice	2014-10-31 23:45:23 +00:00
Mark Andrews	c2f8108123	3996. [bug] Address use after free on out of memory error in keyring_add. [RT #37639]	2014-10-31 11:44:09 +11:00
Mark Andrews	4e59131f18	3995. [bug] receive_secure_serial holds the zone lock for too long. [RT #37626]	2014-10-31 11:38:14 +11:00
Mark Andrews	00fb0253c9	3991. [func] Add the ability to buffer logging output by specifying "buffered yes;" when defining a channel. [RT #26561]	2014-10-30 11:37:05 +11:00
Mark Andrews	eb5243365c	3989. [cleanup] Remove redundent dns_db_resigned calls. [RT #35748 ]	2014-10-30 10:53:12 +11:00
Mark Andrews	bad93fb90c	missing comma	2014-10-28 16:10:49 +11:00
Tinderbox User	6932de75ef	update copyright notice	2014-10-21 23:45:24 +00:00
Francis Dupont	4d6329c1b3	Handle VS14 incompatible changes [RT #37380 ]	2014-10-21 09:34:33 +02:00
Mark Andrews	4140a96f22	3987. [func] Allow the zone serial of a dynamically updatable zone to be updated via rndc. [RT #37404]	2014-10-21 18:15:42 +11:00
Francis Dupont	7fbfa379e2	Accept up to 256 byte PINs in native PKCS#11. [RT #37410 ]	2014-10-20 22:55:40 +02:00
Evan Hunt	498b061031	[master] allow 1-week nta-lifetime/nta-recheck 3983. [bug] Change #3940 was incomplete: negative trust anchors could be set to last up to a week, but the "nta-lifetime" and "nta-recheck" options were still limted to one day. [RT #37522]	2014-10-20 13:40:17 -07:00
Mark Andrews	72775a79fe	3981. [bug] Cache DS/NXDOMAIN independently of other query types. [RT #37467]	2014-10-18 13:09:09 +11:00
Mark Andrews	871f3c8bee	3980. [bug] Improve --with-tuning=large by self tuning of SO_RCVBUF size. [RT #37187]	2014-10-18 12:40:13 +11:00
Mark Andrews	48f97c23b7	3979. [bug] Negative trust anchor fetches where not properly managed. [RT #37488]	2014-10-18 10:07:24 +11:00
Evan Hunt	188690149b	[master] add diffie-hellman key unit test 3978. [test] Added a unit test for Diffie-Hellman key computation, completing change #3974. [RT #37477]	2014-10-17 15:55:37 -07:00
Evan Hunt	eb6d61d5e0	[master] correctly validate 5011 trust anchors 3976. [bug] When refreshing managed-key trust anchors, clear any cached trust so that they will always be revalidated with the current set of secure roots. [RT #37506]	2014-10-17 15:40:07 -07:00
Tinderbox User	28b2fddfd4	update copyright notice	2014-10-16 23:45:23 +00:00
Mark Andrews	ca77632f65	initialize rdataset->private7	2014-10-16 11:23:01 +11:00
Mark Andrews	58a1051e92	3974. [bug] handle DH_compute_key() failure correctly in openssldh_link.c. [RT #37477]	2014-10-13 23:41:36 +11:00
Evan Hunt	34cb27055a	[master] install badcache.h	2014-10-08 19:42:48 -07:00
Francis Dupont	1831311ac6	added hooks for gperftools CPU profiler [#37339 ]	2014-10-08 15:14:02 +02:00
Mark Andrews	bbec761a67	silence compiler warning	2014-10-08 17:47:46 +11:00
Tinderbox User	d1573beb05	update copyright notice	2014-10-04 23:45:22 +00:00
Mark Andrews	c81d56c03e	3971. [bug] Reduce the cascasding failures due to a bad $TTL line in named-checkconf / named-checkzone. [RT #37138]	2014-10-05 08:29:34 +11:00
Tinderbox User	7a3f584cfc	update copyright notice	2014-10-02 23:45:25 +00:00
Mark Andrews	9c0589bc8b	3966. [bug] Missing dns_db_closeversion call in receive_secure_db. [RT #35746]	2014-10-03 07:50:09 +10:00
Mark Andrews	dda69168ea	3965. [func] Log outgoing packets and improve packet logging to support logging the remote address. [RT #36624]	2014-10-02 09:40:11 +10:00
Mark Andrews	ed1c845c1d	3964. [func] nsupdate now performs check-names processing. [RT #36266]	2014-10-02 09:35:43 +10:00
Tinderbox User	be484acb22	update copyright notice	2014-09-30 23:45:22 +00:00
Mark Andrews	ffeaac1d82	3961. [bug] Forwarding of SIG(0) signed UPDATE messages failed with BADSIG. [RT #37216]	2014-10-01 07:24:16 +10:00
Mark Andrews	fa827173df	3959. [bug] Updates could be lost if they arrived immediately after a rndc thaw. [RT #37233]	2014-10-01 06:59:19 +10:00
Tinderbox User	2fb35a6d59	update copyright notice	2014-09-29 23:45:24 +00:00
Mark Andrews	1c5990c2f9	3958. [bug] Detect when writeable files have multiple references in named.conf. [RT #37172]	2014-09-29 12:10:10 +10:00
Mark Andrews	80169c379d	3957. [bug] "dnssec-keygen -S" failed for ECCGOST, ECDSAP256SHA256 and ECDSAP384SHA384. [RT #37183]	2014-09-29 10:18:54 +10:00
Mark Andrews	10c12aa549	3956. [func] Notify messages are now rate limited by notify-rate and startup-notify-rate instead of serial-query-rate. [RT #24454] 3955. [bug] Notify messages due to changes are no longer queued behind startup notify messages. [RT #24454]	2014-09-29 10:01:08 +10:00
Mark Andrews	4b92bc0022	don't redefine GEOIP_DATA	2014-09-29 09:33:24 +10:00
Tinderbox User	e64f32cd04	update copyright notice	2014-09-27 23:45:22 +00:00
Mark Andrews	9a36fb86f5	3953. [bug] Don't escape semi-colon in TXT fields. [RT #37159 ]	2014-09-27 12:14:20 +10:00
Mark Andrews	a266ab205b	3952. [bug] dns_name_fullcompare failed to set *nlabelsp when the two name pointers were the same. [RT #37176]	2014-09-27 11:41:44 +10:00
Evan Hunt	6896fdd3b2	[master] spelling	2014-09-15 18:18:12 -07:00
Mark Andrews	48b093c864	update named-checkzone manpage for SPF changes	2014-09-13 07:55:57 +10:00
Mark Andrews	1bf72e5325	silence compiler warning	2014-09-11 13:34:17 +10:00
Mark Andrews	947cf282a7	3949. [experimental] Experimental support for draft-andrews-edns1 by sending EDNS(1) queries (define DRAFT_ANDREWS_EDNS1 when building). Add support for limiting the EDNS version advertised to servers: server { edns-version 0; }; Log the EDNS version received in the query log. [RT #35864]	2014-09-10 15:31:40 +10:00
Mark Andrews	52131a8351	3948. [port] solaris: RCVBUFSIZE was too large on Solaris with --with-tuning=large. [RT #37059]	2014-09-09 09:41:55 +10:00
Mark Andrews	2b703026f3	check isc_mutext_init and destoy mutex when done	2014-09-07 08:24:36 +10:00
Mark Andrews	8aa098c633	update copyrights	2014-09-06 09:38:48 +10:00
Tinderbox User	5fa6a064b8	regen master	2014-09-05 19:26:47 +00:00
Evan Hunt	f687e639f0	[master] [rt36786] use INSTALL_PROGRAM for shared libs 3947. [cleanup] Set the executable bit on libraries when using libtool. [RT #36786]	2014-09-05 10:24:20 -07:00
Mark Andrews	2fa1fc5332	3945. [bug] Invalid wildcard expansions could be incorrectly accepted by the validator. [RT #37093]	2014-09-05 12:10:55 +10:00
Mark Andrews	06dbd20c66	move declaration to start of block	2014-09-05 11:39:42 +10:00
Tinderbox User	948c80ffa8	update copyright notice	2014-09-04 23:45:24 +00:00
Evan Hunt	a878301981	[master] servfail cache 3943. [func] SERVFAIL responses can now be cached for a limited time (configured by "servfail-ttl", default 10 seconds, limit 30). This can reduce the frequency of retries when an authoritative server is known to be failing, e.g., due to ongoing DNSSEC validation problems. [RT #21347]	2014-09-03 23:28:14 -07:00
Mark Andrews	3560b7d66c	move declaration to start of block	2014-09-04 14:20:25 +10:00
Mark Andrews	fec7998314	3942. [bug] Wildcard responses from a optout range should be marked as insecure. [RT #37072]	2014-09-04 13:57:50 +10:00
Mark Andrews	74717eef53	3939. [func] Improve UPDATE forwarding performance by allowing TCP connections to be shared. [RT #37039]	2014-09-04 10:37:45 +10:00
Mark Andrews	92a649d814	complete conversion to FCTXTRACE3	2014-08-30 20:37:20 +10:00
Mark Andrews	1a63fb1d14	update copyrights	2014-08-30 12:27:49 +10:00
Tinderbox User	3278ff814d	update copyright notice	2014-08-29 23:45:22 +00:00
Evan Hunt	f5c24a7f48	[master] add better servfail logging 3937. [func] Added some debug logging to better indicate the conditions causing SERVFAILs when resolving. [RT #35538]	2014-08-28 22:37:55 -07:00
Evan Hunt	d46855caed	[master] ECS authoritative support 3936. [func] Added authoritative support for the EDNS Client Subnet (ECS) option. ACLs can now include "ecs" elements which specify an address or network prefix; if an ECS option is included in a DNS query, then the address encoded in the option will be matched against "ecs" ACL elements. Also, if an ECS address is included in a query, then it will be used instead of the client source address when matching "geoip" ACL elements. This behavior can be overridden with "geoip-use-ecs no;". When "ecs" or "geoip" ACL elements are used to select a view for a query, the response will include an ECS option to indicate which client network the answer is valid for. (Thanks to Vincent Bernat.) [RT #36781]	2014-08-28 22:05:57 -07:00
Evan Hunt	180319f572	[master] fix geoip asnum matching 3935. [bug] "geoip asnum" ACL elements would not match unless the full organization name was specified. They can now match against the AS number alone (e.g., AS1234). [RT #36945]	2014-08-28 21:40:32 -07:00
Mark Andrews	7c73ac5e13	3934. [bug] Catch bad 'sit-secret' in named-checkconf. Improve sit-secrets documentation. [RT #36980]	2014-08-29 14:35:21 +10:00
Evan Hunt	0c2313eb36	[master] fixes to checkconf test, HIP casecompare 3933. [bug] Corrected the implementation of dns_rdata_casecompare() for the HIP rdata type. [RT #36911] 3932. [test] Improved named-checkconf tests. [RT #36911]	2014-08-27 21:36:13 -07:00
Mark Andrews	1164997311	3931. [cleanup] Cleanup how dlz grammer is defined. [RT #36879 ]	2014-08-26 15:01:29 +10:00
Mark Andrews	be5d42f255	dlz clauses are not inheritable	2014-08-25 14:52:01 +10:00
Evan Hunt	27d6642e8b	[master] complete change #3925 - don't use fwdname in dns_view_findzonecut()	2014-08-22 14:57:30 -07:00
Mark Andrews	840d6a4614	3925. [bug] DS lookup of RFC 1918 empty zones failed. [RT #36917	2014-08-22 16:32:19 +10:00
Tinderbox User	a24330c480	regen master	2014-08-16 01:06:20 +00:00
Mark Andrews	15a885dfc6	remove duplicate request-ixfr rt36878 (cherry picked from commit `0a484c39fc`)	2014-08-16 08:51:20 +10:00
Jeremy C. Reed	821350367e	fix typos or misspellings	2014-08-15 10:35:31 -05:00
Mark Andrews	291c0dfbc9	remove redundant isc_sockaddr_format call	2014-08-08 21:27:35 +10:00
Tinderbox User	cd14665cdf	update copyright notice	2014-08-07 23:45:19 +00:00
Evan Hunt	91e7faa874	[master] win32 sockets don't support dscp	2014-08-06 21:35:49 -07:00
Evan Hunt	89f3d83d7e	[master] files missing for win32 build	2014-08-06 20:51:04 -07:00
Evan Hunt	ef1ba8ffa7	[master] need local strlcpy() in VS2005	2014-08-06 19:57:04 -07:00
Tinderbox User	6cdcc9df5b	update copyright notice	2014-08-07 01:14:24 +00:00
Evan Hunt	cfe32752a6	[master] [36737] allow zero-length URI and CAA fields 3914. [bug] Allow the URI target and CAA value fields to be zero length. [RT #36737]	2014-08-06 17:40:42 -07:00
Tinderbox User	1e7501fe07	update copyright notice	2014-08-06 23:45:23 +00:00
Mark Andrews	493f3eb297	3913. [bug] Address race issue in dispatch. [RT #36731 ]	2014-08-06 18:49:53 +10:00
Evan Hunt	338a89339a	[master] install new include file	2014-08-05 22:11:17 -07:00
Evan Hunt	a6ad80dd08	[master] make lwres/stdlib.h and lwres/string.h instead of compat.h	2014-08-05 22:01:06 -07:00
Mark Andrews	c5734964e6	3912. [bug] Address some unrecoverable lookup failures. [RT #36330 ]	2014-08-06 14:18:04 +10:00
Mark Andrews	f38a398033	silence signed/unsigned comparision warning	2014-08-06 12:25:03 +10:00
Mark Andrews	b47839a675	alphabetize zone_clauses	2014-08-06 11:54:54 +10:00
Mark Andrews	43b9737b11	3911. [func] Implement EDNS EXPIRE option client side. [RT #35925 ]	2014-08-06 11:50:40 +10:00
Mukund Sivaraman	a338c2d947	[36720] Free event early (fixes race to free) Patch contributed by yhu2 <yadi.hu@windriver.com>.	2014-08-05 17:08:14 +05:30
Mark Andrews	3e90f6c373	3910. [bug] When computing the number of elements required for a acl count_acl_elements could have a short count leading to a assertion failure. Also zero out new acl elements in dns_acl_merge. [RT #36675]	2014-08-03 10:05:02 +10:00
Tinderbox User	79bb509936	update copyright notice	2014-08-02 23:45:21 +00:00
Mark Andrews	c38341ec43	3908. [bug] rndc now differentiates between a zone in multiple views and a zone that doesn't exist at all. [RT #36691]	2014-08-02 14:43:26 +10:00
Tinderbox User	25633bca23	update copyright notice	2014-07-31 23:45:21 +00:00
Evan Hunt	7712d1660a	[master] [rt36642] fix URI RR format 3906. [protocol] Update URI record format to comply with draft-faltstrom-uri-08. [RT #36642]	2014-07-30 20:41:59 -07:00
Mark Andrews	b04839cfe2	[rt36341] 3905. [bug] Address deadlock between view.c and adb.c. [RT #36341]	2014-07-31 11:38:11 +10:00
Mark Andrews	3a55d43527	3904. [func] Add the RPZ SOA to the additional section. [RT36507]	2014-07-31 10:51:48 +10:00
Mark Andrews	a04588e781	update copyrights	2014-07-31 09:47:00 +10:00
Mark Andrews	1e5fd07d16	#include print_p.h	2014-07-31 00:26:21 +10:00
Mark Andrews	70be388974	[rt36039] 3902. bug] liblwres wasn't handling link-local addresses in nameserver clauses in resolv.conf. [RT #36039]	2014-07-30 23:26:37 +10:00
Tinderbox User	d1b499c827	update copyright notice	2014-07-29 23:45:20 +00:00
Evan Hunt	c1e42fa06d	[master] use correct length	2014-07-29 15:24:39 -07:00
Evan Hunt	2383eb5272	[master] add CAA rdata support 3056. [protocol] Added support for CAA record type (RFC 6844). [RT #36625]	2014-07-29 08:40:35 -07:00
Mark Andrews	275a8affe7	3899. [bug] "request-ixfr" is only applicable to slave and redirect zones. [RT #36608]	2014-07-25 14:23:14 +10:00
Mark Andrews	bc4006c0d3	alphabetize optionstable	2014-07-22 14:14:55 +10:00
Mark Andrews	0e50e50206	alphabetize server_clauses	2014-07-22 14:00:27 +10:00
Mark Andrews	6a6838f973	3898. [bug] To small a buffer in tohexstr() calls in test code. [RT #36598]	2014-07-22 11:26:28 +10:00
Mark Andrews	ac5ed74860	3897. [bug] RPZ summary information was not properly being updated after a AXFR resulting in changes sometimes being ignored. [RT #35885]	2014-07-22 10:57:58 +10:00
Mark Andrews	a1dee90bfb	adjust INSIST now that dev->dscp is unsigned	2014-07-19 11:56:23 +10:00
Mark Andrews	044c780437	silence coverity, explicitly ignore dns_peer_gettransferdscp result	2014-07-18 12:55:04 +10:00
Mark Andrews	89cf81b462	3896. [bug] Address performance issues with DSCP code on some platforms. [RT #36534]	2014-07-18 11:40:44 +10:00
Mark Andrews	2e6d7a724a	silence "Value stored to 'length' is never read" by removing assignment	2014-07-17 09:44:57 +10:00
Tinderbox User	b6f7267093	update copyright notice	2014-07-15 23:45:19 +00:00
Mark Andrews	71ec6d0940	3894. [bug] Buffers in isc_print_vsnprintf were not properly initialized leading to potential overflows when printing out quad values. [RT #36505]	2014-07-15 22:53:07 +10:00
Mark Andrews	a920fb9dc2	3893. [bug] Peer DSCP values could be returned without being set. [RT #36538]	2014-07-15 22:40:39 +10:00
Tinderbox User	8a9485517e	update copyright notice	2014-07-10 23:45:19 +00:00
Mark Andrews	7eb82402e3	Revert "update description to match code; doxygen fixes" This reverts commit `1fc784da63`.	2014-07-10 10:37:10 +10:00
Mark Andrews	9862191c37	update description to match code; doxygen fixes	2014-07-10 10:36:33 +10:00
Mark Andrews	1fc784da63	update description to match code; doxygen fixes	2014-07-10 10:32:54 +10:00
Mark Andrews	dcc7a2738f	hold a nta reference while fetching	2014-07-10 10:24:47 +10:00
Mark Andrews	63e1ac1e09	3890. [bug] RRSIG sets that were not loaded in a single transaction at start up where not being correctly added to re-signing heaps. [RT #36302]	2014-07-07 12:05:01 +10:00
Mark Andrews	769224a8dc	state fw_copy is never used; n only needs to be set for fw_ordinary; (cherry picked from commit d956d9689c13b093fff5faf6b10f06338354dcfc)	2014-07-04 08:51:26 +10:00
Mark Andrews	e58154a6ec	silence coverity warnings	2014-07-02 15:28:02 +10:00
Mark Andrews	7dbd309799	be consistent about expire time	2014-07-02 14:12:46 +10:00
Mark Andrews	5d63868ad0	DNS_VALIDATOR_NONTA needs passed to sub validator	2014-07-02 14:12:15 +10:00
Mark Andrews	e31a37787b	silence coverity - reviewed by Evan over jabber	2014-07-01 09:52:02 +10:00
Mark Andrews	1a03e9eb52	rename closesocket to socketclose to avoid coverity model for window's closesocket	2014-06-26 10:47:48 +10:00
Mark Andrews	33399d6a14	3888. [func] 'rndc status' now reports the number of automatic zones. [RT #36015]	2014-06-25 13:17:03 +10:00
Mark Andrews	65eba0a5a8	add init_count	2014-06-25 12:40:28 +10:00
Mark Andrews	777ea03a92	move definition of FILE_VERSION to after #define of FILE_VERSION	2014-06-25 12:29:15 +10:00
Mark Andrews	c312172e13	more statics that were optimised out	2014-06-25 11:10:25 +10:00
Mark Andrews	c21e9f1a92	add and deserialize are structure element names	2014-06-25 09:45:53 +10:00
Mark Andrews	ef117da205	3887. [cleanup] Make all static symbols in rbtdb64 end in "64" so they are easier to use in a debugger. [RT #36373]	2014-06-25 08:33:37 +10:00
Mark Andrews	d2dc08308f	set now on all paths	2014-06-25 00:44:11 +10:00
Mark Andrews	6343df7150	silence signed vs unsigned	2014-06-25 00:19:17 +10:00
Mark Andrews	ba5c73b383	3886. [bug] rbtdb_write_header should use a once to initialize FILE_VERSION. [RT #36374]	2014-06-24 19:58:25 +10:00
Mark Andrews	a421f4458d	use isc_time_seconds rather than .seconds	2014-06-23 23:15:19 +10:00
Evan Hunt	4ef06963a4	[master] unresolved externals	2014-06-20 13:51:36 -07:00
Tinderbox User	5a31767b09	update copyright notice	2014-06-19 23:45:23 +00:00
Evan Hunt	cac2181160	[master] CDS/CDNSKEY rrtypes 3884. [protocol] Add CDS and CDNSKEY record types. [RT #36333]	2014-06-19 00:35:11 -07:00
Mark Andrews	bfbd478cdb	silence coverity	2014-06-19 11:33:22 +10:00
Evan Hunt	5e6cfc7c9a	[master] Merge branch 'master' of ssh://repo/proj/git/prod/bind9	2014-06-18 17:25:19 -07:00
Evan Hunt	f47ed4bb4d	[master] silence warning	2014-06-18 17:24:48 -07:00
Mark Andrews	3a37159a95	add #include <isc/print.h>	2014-06-19 10:20:34 +10:00
Evan Hunt	b8a9632333	[master] complete NTA work 3882. [func] By default, negative trust anchors will be tested periodically to see whether data below them can be validated, and if so, they will be allowed to expire early. The "rndc nta -force" option overrides this behvaior. The default NTA lifetime and the recheck frequency can be configured by the "nta-lifetime" and "nta-recheck" options. [RT #36146]	2014-06-18 16:50:38 -07:00
Mark Andrews	8eb2d262dc	silence coverity - add nul termination	2014-06-18 20:04:21 +10:00
Tinderbox User	636aadbfe4	update copyright notice	2014-06-17 23:45:20 +00:00
Evan Hunt	a4e76a630e	[master] update gitignore files; use rev-parse to get srcid	2014-06-17 13:49:30 -07:00
Mark Andrews	e177c7b814	add EAI_OVERFLOW to lwres	2014-06-17 10:20:24 +10:00
Tinderbox User	51437e2eea	update copyright notice	2014-06-16 23:45:20 +00:00
Evan Hunt	56510cd031	[master] null terminate strings for coverity	2014-06-16 15:30:11 -07:00
Tinderbox User	4ded8003e3	update copyright notice	2014-06-12 23:45:22 +00:00
Evan Hunt	06e0d6bb12	[master] address rpz bugs 3877. [bug] Inserting and deleting parent and child nodes in response policy zones could trigger an assertion failure. [RT #36272]	2014-06-11 20:00:19 -07:00
Mark Andrews	1208790272	make lhs unsigned	2014-06-12 11:12:22 +10:00
Mark Andrews	8a2ff13c3d	add INSISTs to silence tainted data false positive in Coverity	2014-06-12 10:42:39 +10:00
Tinderbox User	889eb2e055	update copyright notice	2014-06-11 23:45:23 +00:00
Mark Andrews	23fe5cbb07	pass rng to destroy	2014-06-11 22:57:46 +10:00
Mark Andrews	0c57bf16a5	fix unbalanced lock; test for non NULL before dereference;	2014-06-11 21:42:36 +10:00
Evan Hunt	8d8f9f7f86	[master] suppress unnecessary db lookups in DLZ redirect zones 3876. [bug] Improve efficiency of DLZ redirect zones by suppressing unnecessary database lookups. [RT #35835]	2014-06-10 16:25:26 -07:00
Evan Hunt	7c9d11b654	[master] add print.h, CHANGES note	2014-06-10 08:54:16 -07:00
Mukund Sivaraman	aa232396ee	[24702] Include key filename in logged message Squashed commit of the following: commit 593e6bc7e29938ff5c2f7508bde303fb069a97a9 Author: Mukund Sivaraman <muks@isc.org> Date: Tue Jun 10 19:17:40 2014 +0530 Increase size of filename buffers commit b8685678e026ba98b8833e26664193b6345eb00e Author: Evan Hunt <each@isc.org> Date: Wed Jun 4 18:57:44 2014 -0700 [rt24702] some tweaks during review commit adfbc8f808716c63e9e097d92beef104527e5c6f Author: Mukund Sivaraman <muks@isc.org> Date: Wed Jun 4 18:18:35 2014 +0530 [24702] Include key filename in logged message commit f1eff77e7e3704b145c3d65101a735467dd81dc3 Author: Mukund Sivaraman <muks@isc.org> Date: Wed Jun 4 18:12:43 2014 +0530 Add dst_key_getfilename()	2014-06-10 19:18:34 +05:30
Mark Andrews	5331f97edc	silence compiler warnings	2014-06-10 12:38:32 +10:00
Tinderbox User	1b2ae58ef1	update copyright notice	2014-06-09 23:45:20 +00:00
Mark Andrews	3b187cad7a	3873. [protocol] Only warn for SPF without TXT spf record. [RT #36210 ]	2014-06-10 09:32:43 +10:00
Mark Andrews	b16d99bac1	3872. [bug] Address issues found by static analysis. [RT #36209 ]	2014-06-10 09:17:15 +10:00
Mukund Sivaraman	5456bddd39	[27303] Supply format string as first arg to printf() No CHANGES entry for this as it isn't proved to cause an issue for anyone (isc_msgcat_get() has to return a format specifier) and isn't a user visible change. Squashed commit of the following: commit bcb15c9aa17b0b706aefd9efef5f7e0e951064a3 Author: Mukund Sivaraman <muks@isc.org> Date: Wed Jun 4 16:55:16 2014 +0530 [27303] Supply format string as first arg to printf() The old code only had a problem if isc_msgcat_get() returned a format specifier (%n).	2014-06-08 19:06:37 +05:30
Tinderbox User	780169512e	update copyright notice	2014-06-04 23:45:22 +00:00
Mukund Sivaraman	79d27f505a	[35063] Don't publish an activated key automatically before its publish time	2014-06-04 14:31:42 +05:30
Mukund Sivaraman	84dc4b3e7e	[35942] Update random number generator to ChaCha based (and add tests) Squashed commit of the following: commit 219a904fea95c74016229b6f4436d4f09de1bfd0 Author: Evan Hunt <each@isc.org> Date: Mon Jun 2 12:20:54 2014 -0700 [rt35942] style commit 90bc77185e9798af4595989abb8698efef8c70d7 Author: Mukund Sivaraman <muks@isc.org> Date: Mon Jun 2 18:01:30 2014 +0530 Return p-value=0 when prerequisite (monobit) fails commit 5594669728f1181a447616f60b835e4a043d1b21 Author: Mukund Sivaraman <muks@isc.org> Date: Mon Jun 2 17:44:25 2014 +0530 Print proportion of test sequences passing too commit 9e94b67a4114651224a8285f7c4a7fb03907f376 Author: Mukund Sivaraman <muks@isc.org> Date: Mon Jun 2 17:34:03 2014 +0530 Check uniform distribution of p-values commit acf911b32dd84ac1c30c57d8937cfeb6b3ff972f Author: Mukund Sivaraman <muks@isc.org> Date: Mon Jun 2 17:17:39 2014 +0530 Check proportion of sequences passing a test commit 7289eb441fc4ec623364ad882e22b240ba8da308 Author: Mukund Sivaraman <muks@isc.org> Date: Mon Jun 2 04:33:37 2014 +0530 Refactor common setup code into random_test() No behavioral change is made. commit 51feef3e08c233d34a6b8b9d25a72d43110b4eed Author: Mukund Sivaraman <muks@isc.org> Date: Sun Jun 1 17:31:57 2014 +0530 Fix binary rank computation commit 0ea3c03dea353f309d13c38e26aa0abbffdcff2b Author: Mukund Sivaraman <muks@isc.org> Date: Tue May 27 06:01:10 2014 +0530 Add binary matrix rank RNG test commit eb4e7c53540ac97436d94714d30084907eeff01a Author: Mukund Sivaraman <muks@isc.org> Date: Mon May 26 15:45:31 2014 +0530 Add function to find rank of a binary matrix commit 1292a06e0e09ebd37d4ecf5337814951dcacc4a4 Author: Evan Hunt <each@isc.org> Date: Thu May 29 16:21:51 2014 -0700 [rt35942] style; check whether we need libm for exp() commit c19788e5a89235e937a5aedf2ebea50f33406609 Author: Evan Hunt <each@isc.org> Date: Thu May 29 15:31:19 2014 -0700 [rt35942] incidental spelling error fixed commit c833326ad0df21e2a8b35958e85ccc0a692e38be Author: Mukund Sivaraman <muks@isc.org> Date: Thu May 29 11:34:37 2014 +0530 Revert "Add function to find rank of a binary matrix" This reverts commit 21b2f230e17f7fc638f81d9a34bcb148b0c4a6fb. This test will be added in RT#36125. commit cf786a533d34fdcd9e1c5650356e56d33e93a29f Author: Mukund Sivaraman <muks@isc.org> Date: Thu May 29 11:33:18 2014 +0530 Revert "Add binary matrix rank RNG test" This reverts commit dd843b9ca84fa9af80ec39631152f82778f0b97c. This test will be added in RT#36125. commit dd843b9ca84fa9af80ec39631152f82778f0b97c Author: Mukund Sivaraman <muks@isc.org> Date: Tue May 27 06:01:10 2014 +0530 Add binary matrix rank RNG test commit 21b2f230e17f7fc638f81d9a34bcb148b0c4a6fb Author: Mukund Sivaraman <muks@isc.org> Date: Mon May 26 15:45:31 2014 +0530 Add function to find rank of a binary matrix commit 313c30088d6ba933bde3abb920f2a6d16b9b77e1 Author: Mukund Sivaraman <muks@isc.org> Date: Mon May 26 13:38:44 2014 +0530 Add block frequency random test commit 0d279c60ed3eabe52cf3e1435bf14ec62752536f Author: Mukund Sivaraman <muks@isc.org> Date: Mon May 26 13:04:03 2014 +0530 Add preconditions from NIST spec commit 7a6c5f2ce5078814d5cf0fea30596e58171174c1 Author: Mukund Sivaraman <muks@isc.org> Date: Mon May 26 12:51:03 2014 +0530 Add functions to use in RNG tests commit 8c5cb5594f904f6669cdffaa364f799b4a2c6b58 Author: Mukund Sivaraman <muks@isc.org> Date: Thu May 22 00:26:10 2014 +0530 Add runs RNG test commit 4882f078cc2596c0911066ffb783e4dd145a63ec Author: Mukund Sivaraman <muks@isc.org> Date: Wed May 21 23:58:20 2014 +0530 Pre-compute bitcounts LUT commit 896db3809fba2d9884a4a3a2fa847a73e007ad7f Author: Mukund Sivaraman <muks@isc.org> Date: Wed May 21 23:30:23 2014 +0530 Fix the bit value being checked (this shouldn't affect the test) commit b932cbb5dae39eb819db29cf9490fb51d59b7c56 Author: Mukund Sivaraman <muks@isc.org> Date: Wed May 21 19:35:12 2014 +0530 Add monobits RNG test commit 7bef19fd8b095aa567a975ef5c97d5812162d92e Author: Mukund Sivaraman <muks@isc.org> Date: Wed May 21 16:53:02 2014 +0530 Add API documentation commit 54483f7feb64b5646dd1da45b1fd396e7d04b926 Author: Mukund Sivaraman <muks@isc.org> Date: Wed May 21 16:39:03 2014 +0530 Rename isc_rngctx_t to isc_rng_t commit 7c5031b53555137a82c6b6218cd4dd5e95acf94d Author: Evan Hunt <each@isc.org> Date: Tue May 20 23:29:53 2014 -0700 [rt35942] use attach/detach with isc_rngctx_t commit 8aabae5e09888e6af651ed27bd6b4e9f76334d55 Author: Mukund Sivaraman <muks@isc.org> Date: Tue May 20 18:32:42 2014 +0530 Move RNG from dispatch.c to libisc commit e6d4ad4f389998b91d46e95e258cf420cb21d977 Author: Mukund Sivaraman <muks@isc.org> Date: Mon May 12 19:16:27 2014 +0530 Replace old arc4random with new ChaCha implementation from OpenBSD	2014-06-04 13:44:10 +05:30
Mark Andrews	b925be3e54	attempt to silence leaked lock false positive	2014-06-04 14:07:16 +10:00
Mark Andrews	7cce33eb78	place a upper bound on rdcount	2014-06-04 13:20:42 +10:00
Mark Andrews	f4db7287da	bad size on isc_mem_put	2014-06-04 11:45:09 +10:00
Tinderbox User	6efae581d0	update copyright notice	2014-06-03 23:45:20 +00:00
Mark Andrews	6fc3efb93f	keytable depends on openssl/pkcs11	2014-06-03 15:15:19 +10:00
Mark Andrews	50a7454174	3868. [bug] isc_mem_setwater incorrectly cleared hi_called potentially leaving over memory cleaner running. [RT #35270]	2014-06-02 16:31:42 +10:00
Tinderbox User	803d842603	update copyright notice	2014-05-30 23:45:21 +00:00
Evan Hunt	0cfb247368	[master] rndc nta 3867. [func] "rndc nta" can now be used to set a temporary negative trust anchor, which disables DNSSEC validation below a specified name for a specified period of time (not exceeding 24 hours). This can be used when validation for a domain is known to be failing due to a configuration error on the part of the domain owner rather than a spoofing attack. [RT #29358]	2014-05-29 22:22:53 -07:00
Mark Andrews	536da846f6	update copyrights	2014-05-30 09:41:33 +10:00
Evan Hunt	caa252e5ad	[master] Fix bin/tests/rbt_test.c, use portable int types	2014-05-29 07:37:13 -07:00
Mukund Sivaraman	9ff0b976a1	Add missing include Reported by tinderbox. It is not required on this developer's machine, but would be required on platforms that don't supply snprintf().	2014-05-29 14:04:35 +05:30
Mukund Sivaraman	ce376a81fa	[35904] Add various RBT unit tests No CHANGES entry was added as this commit mainly adds tests related code. Squashed commit of the following: commit d3d44508daa128fb8b60f64b3a8c81f80602273d Author: Evan Hunt <each@isc.org> Date: Wed May 7 09:36:41 2014 -0700 [rt35904] remove private non-static names from .def file commit dbca45661c3939f21c3bb3f405d08cfe1b35d7aa Author: Mukund Sivaraman <muks@isc.org> Date: Wed May 7 21:39:32 2014 +0530 Remove test for shortcut findnode() The implementation was not included in this review branch, but the tests erroneously made it through. This functionality will be addressed in a different ticket (RT#35906). commit 94ff14576ab3407f2612d34727b7eacfefc3668c Author: Mukund Sivaraman <muks@isc.org> Date: Wed May 7 21:36:50 2014 +0530 Minor indent fix commit 50972f17697bb222996e433faa8224843366f9b2 Author: Evan Hunt <each@isc.org> Date: Tue May 6 20:05:21 2014 -0700 [rt35904] style commit 5c4d5d41fcc5bfecdeebc008896974385c841b8d Author: Mukund Sivaraman <muks@isc.org> Date: Sun May 4 19:19:36 2014 +0530 RBT related updates * Add various RBT unit tests * Add some helper methods useful in unit testing RBT code * General cleanup	2014-05-29 11:09:23 +05:30
Mark Andrews	57d5f5abe1	silence coverity warning	2014-05-28 10:43:19 +10:00
Mark Andrews	358cc47a25	address typo	2014-05-27 14:10:12 +10:00
Mark Andrews	586d94eb74	3861. [security] Missing isc_buffer_availablelength check results in a REQUIRE assertion when printing out a packet. [RT #36078]	2014-05-25 12:39:03 +10:00
Mark Andrews	4b22b8decb	fix typo == -> =	2014-05-24 23:24:19 +10:00
Mark Andrews	a569e1b321	3860. [bug] ioctl(DP_POLL) array size needs to be determined at run time as it is limited to {OPEN_MAX}. [RT #35878]	2014-05-23 13:05:23 +10:00
Mark Andrews	35711d3c73	correct EDNSOK sense	2014-05-22 22:02:09 +10:00
Mark Andrews	ba586e9568	3857. [bug] Make it harder for a incorrect NOEDNS classification to be made. [RT #36020]	2014-05-22 21:38:53 +10:00
Tinderbox User	9d9626fb77	update copyright notice	2014-05-21 23:45:21 +00:00
Mark Andrews	8d56a8531d	remove unused assignment	2014-05-22 00:58:43 +10:00
Mark Andrews	0fe0789181	3855. [bug] Limit smoothed round trip time aging to no more than once a second. [RT #32909]	2014-05-21 10:08:52 +10:00
Mark Andrews	27b09ceb12	3853. [cleanup] Refactor dns_rdataslab_fromrdataset to seperate out the handling of a rdataset with no records. [RT #35968]	2014-05-20 11:36:03 +10:00
Evan Hunt	896f49f8bd	[master] increase and allow configuration of lwresd tasks/clients 3852. [func] Increase the default number of clients available for servicing lightweight resolver queries, and make them configurable via the "lwres-tasks" and "lwres-clients" options. (Thanks to Tomas Hozza.) [RT #35857]	2014-05-15 22:01:19 -07:00
Mark Andrews	0e338b60cd	3843. [protocol] Check EDNS EXPIRE option in dns_rdata_fromwire. [RT #35969] Conflicts: CHANGES	2014-05-13 21:57:40 +10:00
Mark Andrews	e188b84bc4	suppress clang static analysis warning	2014-05-11 10:47:56 +10:00
Tinderbox User	c381ccf794	update copyright notice	2014-05-07 23:45:21 +00:00
Mark Andrews	faa01edd13	3841. [cleanup] Refactor zone.c:add_opt to use dns_message_buildopt. [RT #35924]	2014-05-08 09:38:05 +10:00
Evan Hunt	1ea6e09c37	[master] check for arc4random_addrandom() 3840. [port] Check for arc4random_addrandom() before using it; it's been removed from OpenBSD 5.5. [RT #35907]	2014-05-07 08:58:25 -07:00
Mark Andrews	cd07e4d038	3838. [protocol] EDNS EXPIRE as been assigned a code point of 9.	2014-05-05 16:40:45 +10:00
Mark Andrews	b36fc8294e	3837. [security] A NULL pointer is passed to query_prefetch resulting a REQUIRE assertion failure when a fetch is actually initiated. [ RT #35899] Squashed commit of the following: commit 7f4e1f3917d743089c42cc52ec2c0eea598d2c00 Author: Mukund Sivaraman <muks@isc.org> Date: Sun May 4 22:34:34 2014 +0530 Fix a comment commit 6a35a6a2346013fa8e3798b9b680d8a3031fcb03 Author: Mark Andrews <marka@isc.org> Date: Sun May 4 23:34:25 2014 +1000 pass the correct name to query_prefetch	2014-05-05 10:12:12 +10:00
Tinderbox User	abc71f216a	update copyright notice	2014-05-02 23:45:19 +00:00
Mark Andrews	dd820d8fd2	3836. [bug] Address C++ keyword usage in header file.	2014-05-02 11:34:32 +10:00
Mark Andrews	c25d9da3f1	add keyboard.h [RT #35887 ]	2014-05-02 10:19:10 +10:00
Mark Andrews	d26c36b1d9	silence clang compiler warnings	2014-05-02 10:02:27 +10:00
Mark Andrews	3b27d9a318	dec_adbstats should decrement rather than increment	2014-05-01 20:58:32 +10:00
Mark Andrews	c2638d3d5a	protect geoip_elem use with HAVE_GEOIP	2014-05-01 15:03:11 +10:00
Mark Andrews	ab02ecbb30	silence compiler warning	2014-05-01 14:55:04 +10:00
Mark Andrews	4442141672	silence NULL pointer dereference warning	2014-05-01 14:23:23 +10:00
Evan Hunt	c0c4512020	[master] fixed geoip elements in named ACLs 3835. [bug] Geoip ACL elements didn't work correctly when referenced via named or nested ACLs. [RT #35879]	2014-04-30 20:21:56 -07:00
Mark Andrews	c2abd6efeb	update copyrights	2014-05-01 10:00:00 +10:00
Mark Andrews	5d739300d1	3834. [bug] The re-signing heaps were not being updated soon enough leading to multiple re-generations of the same RRSIG when a zone transfer was in progress. [RT #35273]	2014-04-30 11:58:07 +10:00
Evan Hunt	2b78610512	[master] reduce EDNS logging noise 3831. [cleanup] Reduce logging noise when EDNS state changes occur. [RT #35843]	2014-04-29 17:06:19 -07:00
Evan Hunt	cd750f6e74	[master] dig +ttlunits 3829. [func] "dig +ttlunits" causes dig to print TTL values with time-unit suffixes: w, d, h, m, s for weeks, days, hours, minutes, and seconds. (Thanks to Tony Finch.) [RT #35823]	2014-04-29 16:58:36 -07:00
Tinderbox User	f6ea2b1d09	update copyright notice	2014-04-29 23:45:21 +00:00
Evan Hunt	b4ba66ba1e	[master] "dnssec-signzone -N date" 3827. [func] "dnssec-signzone -N date" updates serial number to the current date in YYYYMMDDNN format. [RT #35800]	2014-04-29 16:29:20 -07:00
Evan Hunt	3e5743068c	[master] use-after-free in isc_radix_remove() 3826. [bug] Corrected a use-after-free in isc_radix_remove(). (This function is not used in BIND, but could have caused problems in programs linking to libisc.) [RT #35870]	2014-04-29 15:21:46 -07:00
Mark Andrews	c11e46110b	3825. [bug] Address sign extension bug in isc_regex_validate. [RT #35758]	2014-04-29 14:33:21 +10:00
Evan Hunt	e01fbe2a45	[master] SIT/max-cache-size flag collision 3824. [bug] A collision between two flag values could cause problems with cache cleaning when SIT was enabled. [RT #35858]	2014-04-28 10:24:39 -07:00
Tinderbox User	06081a0d61	update copyright notice	2014-04-25 23:45:21 +00:00
Evan Hunt	aefb3e308b	[master] better DDNS in DLZ; mysqldyn 3821. [contrib] Added a new "mysqldyn" DLZ module with dynamic update and transaction support. Thanks to Marty Lee for the contribution. [RT #35656] 3820. [func] The DLZ API doesn't pass the database version to the lookup() function; this can cause DLZ modules that allow dynamic updates to mishandle prerequisite checks. This has been corrected by adding a 'dbversion' field to the dns_clientinfo_t structure. [RT #35656]	2014-04-25 13:06:30 -07:00
Mark Andrews	1deeb567fa	remove const	2014-04-25 14:26:41 +10:00
Mark Andrews	618053b8be	additional places: 3818. [bug] Stop lying to the optimizer that 'void *arg' is a constant in isc_event_allocate. (cherry picked from commit `39b5269577`)	2014-04-25 12:22:27 +10:00
Tinderbox User	37f7c4c673	update copyright notice	2014-04-24 23:45:21 +00:00
Mark Andrews	44c6deacdd	additional changes for: 3818. [bug] Stop lying to the optimizer that 'void *arg' is a constant in isc_event_allocate.	2014-04-24 18:59:01 +10:00
Mark Andrews	36e5ac0033	3819. [bug] NSEC3 hashes need to be able to be entered and displayed without padding. This is not a issue for currently defined algorithms but may be for future hash algorithms. [RT #27925]	2014-04-24 18:58:03 +10:00
Mark Andrews	e916c4f840	3818. [bug] Stop lying to the optimizer that 'void *arg' is a constant in isc_event_allocate.	2014-04-24 13:43:59 +10:00
Mark Andrews	974fb3a9c5	make days a const	2014-04-24 13:15:40 +10:00
Evan Hunt	2ae159b376	[master] globally rename "delve" to "delv" 3817. [func] The "delve" command is now spelled "delv" to avoid a namespace collision with the Xapian project. [RT #35801]	2014-04-23 11:14:12 -07:00
Tinderbox User	953189d30e	update copyright notice	2014-04-22 23:45:19 +00:00
Evan Hunt	ec3b216506	[master] masterfile-style 3814. [func] The "masterfile-style" zone option controls the formatting of dumped zone files. Options are "relative" (multiline format) and "full" (one record per line). The default is "relative". [RT #20798]	2014-04-17 17:10:29 -07:00
Evan Hunt	4e7973990c	[master] host recognizes /etc/resolv.conf options 3813. [func] "host" now recognizes the "timeout", "attempts" and "debug" options when set in /etc/resolv.conf. (Thanks to Adam Tkac at RedHat.) [RT #21885]	2014-04-17 17:04:51 -07:00
Evan Hunt	7318bbc262	[master] serial-update-method date; 3811. [func] "serial-update-method date;" sets serial number on dynamic update to today's date in YYYYMMDDNN format. (Thanks to Bradley Forschinger.) [RT #24903]	2014-04-17 16:05:50 -07:00

... 14 15 16 17 18 ...

10900 commits