bind9

mirror of https://github.com/isc-projects/bind9.git synced 2026-03-15 15:12:56 -04:00

Author	SHA1	Message	Date
Tinderbox User	16201b15a6	update copyright notice / whitespace	2016-01-17 23:45:21 +00:00
Evan Hunt	b4ccec331d	[master] added sockaddr.h 4291. [cleanup] Added a required include to dns/forward.h. [RT #41474]	2016-01-14 10:27:09 -08:00
Francis Dupont	bdd9d37c96	Fixed small bugs in WIN32 legacy	2016-01-13 15:22:52 +01:00
Evan Hunt	bb5d14d724	[master] millisecond granularity for statschannel timers 4290. [func] The timers returned by the statistics channel (indicating current time, server boot time, and most recent reconfiguration time) are now reported with millisecond accuracy. [RT #40082]	2016-01-07 15:34:58 -08:00
Tinderbox User	feb1ccdaf1	update copyright notice / whitespace	2016-01-05 23:45:26 +00:00
Evan Hunt	0302fcbf7e	[master] check addrlen/scopelen fit within family address length	2016-01-05 13:39:44 -08:00
Evan Hunt	1330ae5fc2	[master] check ECS address length	2016-01-05 12:17:54 -08:00
Francis Dupont	f2453ece5b	Silent WIN64 warnings	2016-01-05 18:37:31 +01:00
Evan Hunt	c8b968f414	[master] fix use after free on xfr timeout 4289. [bug] The server could crash due to memory being used after it was freed if a zone transfer timed out. [RT #41297]	2016-01-04 22:05:23 -08:00
Evan Hunt	41494939b6	[master] fixed bogus server regression 4288. [bug] Fixed a regression in resolver.c:possibly_mark() which caused known-bogus servers to be queried anyway. [RT #41321]	2016-01-04 15:47:16 -08:00
Francis Dupont	7e9140c6b1	Updated copyrights (2)	2016-01-05 00:34:53 +01:00
Francis Dupont	343aeac717	Updated WIN32 files (rt40877)	2016-01-04 17:27:31 +01:00
Tinderbox User	0796eca5f7	update copyright notice / whitespace	2015-12-31 11:45:08 +00:00
Mark Andrews	292eb9c4e4	4286. [security] render_ecs errors were mishandled when printing out a OPT record resulting in a assertion failure. (CVE-2015-8705) [RT #41397] (cherry picked from commit `3e0c1603a8`)	2015-12-31 22:19:46 +11:00
Mark Andrews	1b3d211802	4285. [security] Specific APL data could trigger a INSIST. (CVE-2015-8704) [RT #41396]	2015-12-31 13:43:21 +11:00
Tinderbox User	7321d8df7b	update copyright notice / whitespace	2015-12-27 23:45:24 +00:00
Evan Hunt	fbed5f0f44	[master] fix geoip options 4284. [bug] Some GeoIP options were incorrectly documented using abbreviated forms which were not accepted by named. The code has been updated to allow both long and abbreviated forms. [RT #41381]	2015-12-26 10:50:32 -08:00
Mark Andrews	bed6e9d614	4383. [bug] OPENSSL_config is no longer re-callable. [RT #41348 ]	2015-12-24 10:31:07 +11:00
Mark Andrews	27deca2bf0	don't mix IPv4 and IPv6 capability bits	2015-12-17 08:17:00 +11:00
Curtis Blackburn	9effea437d	[rt41269] additional tests for dig and delv, fix for --disable-ipv6 on osx, fixes for tests with --disable-ipv6	2015-12-15 11:58:28 -08:00
Mark Andrews	f647c0df9f	4281. [bug] Teach dns_message_totext about BADCOOKIE. [RT #41257 ]	2015-12-15 19:49:40 +11:00
Mukund Sivaraman	ecc06cbc32	Use optimal message sizes to improve compression in AXFRs (#40996 )	2015-12-15 13:24:14 +05:30
Mark Andrews	94c7301f6f	4279. [test] Don't use fixed ports when unit testing. [RT #41194 ]	2015-12-15 12:50:32 +11:00
Tinderbox User	6d27aeb4e2	update copyright notice / whitespace	2015-12-11 23:45:22 +00:00
Mark Andrews	564968bc0a	whitespace	2015-12-11 14:29:18 +11:00
Tinderbox User	2a37470065	update copyright notice / whitespace	2015-12-09 23:45:23 +00:00
Evan Hunt	f21d2ee372	[master] comments	2015-12-09 08:54:04 -08:00
Mukund Sivaraman	22f379298c	Disable the RBT benchmark unittest	2015-12-09 19:15:46 +05:30
Mukund Sivaraman	5d79b60fc5	Improve performance of RBT (#41165 )	2015-12-09 19:10:55 +05:30
Tinderbox User	6c1f9f5c71	update copyright notice / whitespace	2015-12-07 23:45:25 +00:00
Mark Andrews	322e6b5be7	4276. [protocol] Add support for SMIMEA. [RT #40513 ]	2015-12-08 08:16:41 +11:00
Mukund Sivaraman	27bc16fcdc	Lazily initialize dns_compress->table only when compression is enabled (#41189 )	2015-12-07 12:48:57 +05:30
Mukund Sivaraman	5b13a593fe	Speed up typemap_fromtext() (#41196 )	2015-12-07 12:34:57 +05:30
Mark Andrews	95bef099e9	4273. [bug] Only call dns_test_begin() and dns_test_end() once each in nsec3_test as it fails with GOST if called multiple times.	2015-12-07 17:52:37 +11:00
Mark Andrews	a12a21a843	bracket mismatch; window openssl version check	2015-12-06 23:05:47 +11:00
Evan Hunt	226dd20bbd	[master] isc__taskmgr_pause() could deadlock 4271. [test] Unit tests could deadlock in isc__taskmgr_pause(). [RT #41235]	2015-12-03 20:49:28 -08:00
Evan Hunt	4071efbec0	[master] disallow map zones in response-policy 4269. [bug] Zones using "map" format master files currently don't work as policy zones. This limitation has now been documented; attempting to use such zones in "response-policy" statements is now a configuration error. [RT #38321]	2015-12-02 21:10:09 -08:00
Tinderbox User	f30a3f28db	update copyright notice / whitespace	2015-11-30 23:45:24 +00:00
Mark Andrews	8e73941f33	4265. [bug] Address unchecked isc_mem_get calls. [RT #41187 ]	2015-11-30 10:29:29 +11:00
Tinderbox User	af0bea7aa7	update copyright notice / whitespace	2015-11-20 23:45:23 +00:00
Mark Andrews	5b1c7ef35b	4264. [bug] Check const of strchr/strrchr assignments match argument's const status. [RT #41150]	2015-11-20 18:38:24 +11:00
李昶	65f6e2f909	Cleanup in journal_open() correctly (#41129 )	2015-11-19 11:20:59 +05:30
Mukund Sivaraman	7bc21557f3	Fix bug in epoll_ctl() usage causing blocked connections (#41067 )	2015-11-19 11:01:45 +05:30
Tinderbox User	69b10c86b9	update copyright notice / whitespace	2015-11-18 23:45:27 +00:00
Mark Andrews	c2955d0abd	win32: new -> newtable (cherry picked from commit 5060d8639e932680456ab07519687d68298be5e0)	2015-11-18 15:44:46 +11:00
Mark Andrews	268c4e79c4	4261. [maint] H.ROOT-SERVERS.NET is 198.97.190.53 and 2001:500:1::53. [RT #40556]	2015-11-17 13:16:44 +11:00
Mark Andrews	6b9f38958c	update 9.9.x range	2015-11-17 12:45:21 +11:00
Francis Dupont	dd784c18ef	Merged VS 2015 64 bit warnings (#40373 )	2015-11-16 17:47:10 +01:00
Mark Andrews	0d44dd6131	add dns_message_setclass	2015-11-16 14:27:08 +11:00
Mark Andrews	c8821d124c	4260. [security] Insufficient testing when parsing a message allowed records with an incorrect class to be be accepted, triggering a REQUIRE failure when those records were subsequently cached. (CVE-2015-8000) [RT #4098]	2015-11-16 13:12:20 +11:00
Mark Andrews	2df63247be	check dns_test_begin result	2015-11-11 22:38:39 +11:00
Mukund Sivaraman	58f7af60e7	Allow non-destructive control channel access using a "read-only" clause (#40498 )	2015-11-11 13:46:57 +05:30
Tinderbox User	3865e18d3d	update copyright notice / whitespace	2015-11-09 23:45:22 +00:00
Evan Hunt	e13d04fda9	[master] fix python script versions 4257. [cleanup] Python scripts reported incorrect version. [RT #41080]	2015-11-08 21:34:24 -08:00
Tinderbox User	4ba2689c1f	update copyright notice / whitespace	2015-11-05 23:45:25 +00:00
Mark Andrews	f4b1a7e063	add dns_compress_disable	2015-11-06 00:15:23 +11:00
Witold Krecicki	bfd4b9e11a	4255. [func] Add 'message-compression' option to disable DNS compression in responses. [RT #40726 ]	2015-11-05 12:19:04 +01:00
Mark Andrews	29868ebbe3	4254. [bug] Address missing lock when getting zone's serial. [RT #41072]	2015-11-05 17:43:30 +11:00
Mark Andrews	2f450fcd29	4253. [bug] Address fetch context reference count handling error on socket error. [RT#40945]	2015-11-05 17:10:10 +11:00
Mark Andrews	e939674d53	4252. [func] Add support for automating the generation CDS and CDNSKEY rrsets to named and dnssec-signzone. [RT #40424]	2015-11-05 12:09:48 +11:00
Evan Hunt	09f82f5079	[master] log TSIG key on xfrin 4250. [func] Log the TSIG key in use during inbound zone transfers. [RT #41075]	2015-11-02 20:13:13 -08:00
Tinderbox User	d4a69308f5	update copyright notice / whitespace	2015-10-29 23:45:34 +00:00
Evan Hunt	702e9f43bc	[master] typo	2015-10-29 15:50:36 -07:00
Mark Andrews	7c38fa994b	0xf5f5f5f5f5f5f5f5 is a LLU	2015-10-30 08:11:48 +11:00
Mark Andrews	8475bed9de	4249. [func] Improve error reporting of TSIG / SIG(0) records in the wrong location. [RT #40953]	2015-10-29 17:03:03 +11:00
Evan Hunt	821ff5e8fa	[master] isc_atomic_storeq()/stats improvements 4248. [func] Add an isc_atomic_storeq() function, use it in stats counters to improve performance. [RT #39972] [RT #39979]	2015-10-28 22:19:18 -07:00
Mark Andrews	72ac929f2b	4244. [bug] The parser was not reporting that use-ixfr is obsolete. [RT #41010]	2015-10-29 12:51:17 +11:00
Mark Andrews	a70fc47e9d	4243. [func] Improved stats reporting from Timothe Litt. [RT #38941 ]	2015-10-28 09:45:46 +11:00
Mark Andrews	c07c0517ca	remove trailing blank line	2015-10-22 16:37:12 +11:00
Mark Andrews	79f0eedd65	cleanup trailing whitespace	2015-10-22 16:24:03 +11:00
Mark Andrews	30eec077db	cleanup trailing white space in SGML like files	2015-10-22 16:09:46 +11:00
Mark Andrews	f824c65d1f	4340. [port] Fix LibreSSL compatibility. [RT #40977 ]	2015-10-19 10:43:58 +11:00
Mark Andrews	ffafab1328	remove redundant geoip.c in DNSSRCS	2015-10-16 23:21:20 +11:00
Mark Andrews	20ac20d6e8	remove INSIST and unconditionally call isc_stdio_close	2015-10-16 17:23:35 +11:00
Tinderbox User	43cc3edce9	update copyright notice / whitespace	2015-10-15 23:45:22 +00:00
Mark Andrews	6588a2b404	4238. [bug] Don't send to servers on net zero (0.0.0.0/8). [RT #40947]	2015-10-16 08:00:15 +11:00
Mark Andrews	567196d10a	INSIST(f != NULL) to silence coverity false positive	2015-10-16 07:17:25 +11:00
Evan Hunt	61d789916f	[master] silence coverity warnings	2015-10-08 09:56:48 -07:00
Evan Hunt	0110f71a78	[master] dyndb.h renamed	2015-10-08 09:26:20 -07:00
Evan Hunt	0316be2d77	[master] restore test for unknown meta types - this test was incorrectly removed from the 9.11 branch some time ago, but has remained in the maintenance branches	2015-10-07 00:28:17 -07:00
Tinderbox User	fd2597f756	regen master	2015-10-07 04:11:09 +00:00
Tinderbox User	010a51c427	regen master	2015-10-07 01:06:58 +00:00
Tinderbox User	19c7b1a029	update copyright notice / whitespace	2015-10-06 23:45:23 +00:00
Tinderbox User	2eeb74d1cf	regen master	2015-10-06 05:45:21 +00:00
Evan Hunt	14a656f94b	[master] upgrade doc toolchain 4237. [doc] Upgraded documentation toolchain to use DocBook 5 and dblatex. [RT #40766]	2015-10-05 21:59:35 -07:00
Mark Andrews	09e42eb9e9	add <stdlib.h> for exit(3)	2015-10-06 14:10:49 +11:00
Tinderbox User	244d11a227	update copyright notice / whitespace	2015-10-03 23:45:23 +00:00
Evan Hunt	4a84f8899b	[master] silence "missing initializer" warning	2015-10-02 18:47:33 -07:00
Tinderbox User	a625502bdd	update copyright notice / whitespace	2015-10-02 23:45:32 +00:00
Evan Hunt	48b2a92da2	[master] missing .def entries, print.h	2015-10-02 14:38:59 -07:00
Francis Dupont	9a94a77a62	Added dns_master_styleflags	2015-10-02 23:01:18 +02:00
Evan Hunt	b66b333f59	[master] dnstap 4235. [func] Added support in named for "dnstap", a fast method of capturing and logging DNS traffic, and a new command "dnstap-read" to read a dnstap log file. Use "configure --enable-dnstap" to enable this feature (note that this requires libprotobuf-c and libfstrm). See the ARM for configuration details. Thanks to Robert Edmonds of Farsight Security. [RT #40211]	2015-10-02 12:32:42 -07:00
Witold Krecicki	a239044323	4234. [func] Add deflate compression in statistics channel HTTP server. [RT #40861]	2015-10-02 10:45:10 +02:00
Mark Andrews	1b1f6d21c7	curr_srtt = curr->srtt	2015-10-02 07:45:45 +10:00
Mark Andrews	b959848051	compare curr_srtt and best_srtt	2015-10-01 22:12:56 +10:00
Mark Andrews	30f8d5e386	remove deadcode; move NULL assignment arlier	2015-10-01 22:12:02 +10:00
Tinderbox User	551e0d486d	update copyright notice / whitespace	2015-09-30 23:45:36 +00:00
Mark Andrews	24231afa05	4229. [bug] A variable could be used uninitalised in dns_update_signaturesinc. [RT #40784]	2015-09-30 15:28:57 +10:00
Mark Andrews	8a0b6b3901	4228. [bug] Address race condition in dns_client_destroyrestrans. [RT #40605]	2015-09-30 14:58:31 +10:00
Mark Andrews	2a12984ce6	4227. [bug] Silence static analysis warnings. [RT #40828	2015-09-30 14:14:47 +10:00
Tinderbox User	55cfbf322d	update copyright notice / whitespace	2015-09-29 23:45:32 +00:00
Evan Hunt	40c619daee	[master] fix theoretical shutdown race 4226. [bug] Address a theoretical shutdown race in zone.c:notify_send_queue(). [RT #38958]	2015-09-29 15:27:12 -07:00
Evan Hunt	a00f9e2f50	[master] merge dyndb 4224. [func] Added support for "dyndb", a new interface for loading zone data from an external database, developed by Red Hat for the FreeIPA project. DynDB drivers fully implement the BIND database API, and are capable of significantly better performance and functionality than DLZ drivers, while taking advantage of advanced database features not available in BIND such as multi-master replication. Thanks to Adam Tkac and Petr Spacek of Red Hat. [RT #35271]	2015-09-28 23:12:35 -07:00
Mark Andrews	7867d18ce0	Introduce end-of-line normalization	2015-09-29 08:25:35 +10:00
Mark Andrews	85e7a259a4	re-organise sort to use best_srtt and curr_srtt	2015-09-29 08:06:21 +10:00
Mark Andrews	d8e6cd0f8b	use HAVE_SYS_SYSCTL_H	2015-09-29 07:26:04 +10:00
Francis Dupont	1d96b1a5ad	Removed unused addrbuf	2015-09-28 17:32:40 +02:00
Francis Dupont	722ed14020	Fixed status vs statex	2015-09-28 17:30:07 +02:00
Francis Dupont	29d9a2927c	Fixed project files	2015-09-28 15:46:33 +02:00
Francis Dupont	6066985ca8	Fixed isc_meminfo_totalphys return cast (size_t is not 64 bit)	2015-09-28 15:34:24 +02:00
Francis Dupont	b39bbe3c95	Fixed missing #include "config.h"	2015-09-28 14:50:18 +02:00
Francis Dupont	c4baee15c8	Fixed missing from libisccfg.def	2015-09-28 14:47:20 +02:00
Witold Krecicki	e6d0a391f5	4223. [func] Add support for setting max-cache-size to percentage of available physical memory, set default to 90%. [RT #38442]	2015-09-28 11:08:50 +02:00
Mark Andrews	98a7f8c7ae	4222. [func] Bias IPv6 servers when selecting the next server to query. [RT #40836]	2015-09-28 18:57:19 +10:00
Mark Andrews	8d80b4939d	4221. [bug] Resource leak on DNS_R_NXDOMAIN in fctx_create. [RT #40583]	2015-09-25 09:18:43 +10:00
Mark Andrews	a21c415687	4219. [bug] Set event->result to ISC_R_WOULDBLOCK on EWOULDBLOCK, EGAIN when these soft error are not retried for isc_socket_send*().	2015-09-21 17:22:53 +10:00
Tinderbox User	9268c62bd0	update copyright notice / whitespace	2015-09-18 23:45:23 +00:00
Mark Andrews	4dd41c7d59	4218. [bug] Potential null pointer dereference on out of memory if mmap is not supported. [RT #40777 ]	2015-09-19 07:12:02 +10:00
Mark Andrews	f6e45a5c54	4217. [protocol] Add support for CSYNC. [RT #40532 ]	2015-09-18 23:45:12 +10:00
Mark Andrews	705d56b47a	4216. [cleanup] Silence static analysis warnings. [RT #40649 ]	2015-09-18 23:30:01 +10:00
Mark Andrews	2592ee16b5	document optional class	2015-09-18 13:25:31 +10:00
Mark Andrews	03fac9f931	document that the syslog facility is optional	2015-09-18 13:12:50 +10:00
Mark Andrews	e0a30050c8	4214. [protocol] Add support for TALINK. [RT #40544 ]	2015-09-18 07:43:43 +10:00
Mark Andrews	741b63c869	4212. [func] Re-query if we get a bad client cookie returned over UDP. [RT #40748]	2015-09-17 14:20:32 +10:00
Mark Andrews	f43e5c8ed2	4210. [cleanup] Silence use after free false positive. [RT #40743 ]	2015-09-17 14:05:19 +10:00
Mark Andrews	0f2ecf4b5c	4207. [bug] Handle class mismatches with raw zone files. [RT #40746]	2015-09-16 10:43:22 +10:00
Evan Hunt	226339ed43	[master] spurious spaces in named-checkconf -p 4205. [bug] 'named-checkconf -p' could include unwanted spaces when printing tuples with unset optional fields. [RT #40731]	2015-09-14 08:50:17 -07:00
Mark Andrews	5a49f61ca9	4199. [protocol] Add support for NINFO, RKEY, SINK, TA. [RT #40545] [RT #40547] [RT #40561] [RT #40563]	2015-09-11 17:35:01 +10:00
Evan Hunt	4523c3b371	[master] incorrect result code in isccc 4202. [bug] isccc_cc_fromwire() could return an incorrect result. [RT #40614]	2015-09-11 00:04:25 -07:00
Mark Andrews	3fa134363f	4200. [cleanup] win32: update BINDinstall to be BIND release independent. [RT #38915]	2015-09-11 12:25:39 +10:00
Tinderbox User	f28c6dc514	update copyright notice / whitespace	2015-09-10 23:46:28 +00:00
Mark Andrews	3dd63ba00f	4199. [protocol] Add support for NINFO, RKEY, TA. [RT #40545] [RT #40547] [RT #40563]	2015-09-10 17:58:29 +10:00
Mark Andrews	63874956de	4199. [protocol] Add support for NINFO, RKEY. [RT #40547 ] [RT #40563 ]	2015-09-10 17:07:05 +10:00
Mark Andrews	8b29fc0b7a	4199. [protocol] Add support for RKEY. [RT #40563 ]	2015-09-10 14:50:20 +10:00
Evan Hunt	d37f4738f4	[master] clean up dead code	2015-09-09 08:38:23 -07:00
Mark Andrews	4ca7391e64	4196. [doc] Improve how "enum + other" types are documented. [RT #40608] 4195. [bug] 'max-zone-ttl unlimited;' was broken. [RT #40608]	2015-09-09 17:02:11 +10:00
Mark Andrews	fbd9aaa58c	4194. [bug] named-checkconf -p failed to properly print a port range. [RT #40634]	2015-09-09 16:49:11 +10:00
Mark Andrews	3b83676e07	*.vcxproj.in should use CRLF as EOL	2015-08-27 21:57:18 +00:00
Evan Hunt	bcae9a15c1	[master] s/the the/the/	2015-08-27 14:11:27 -07:00
Mark Andrews	91f66e374b	eol -> crlf	2015-08-26 12:43:08 +10:00
Mark Andrews	7ec3c447fd	copy notes.pdf to Build\Releasei and link to it from index.html	2015-08-26 12:11:07 +10:00
Tinderbox User	0d5b7ed79d	update copyright notice / whitespace	2015-08-25 23:45:27 +00:00
Mark Andrews	02093e4c3b	4193. [bug] Handle broken servers that return BADVERS incorrectly. [RT #40427]	2015-08-25 16:52:43 +10:00
Mark Andrews	9b956d342e	4192. [bug] The default rrset-order of random was not always being applied. [RT #40456]	2015-08-25 14:52:27 +10:00
Mark Andrews	5855fd79e3	4191. [protocol] Accept DNS-SD non LDH PTR records in reverse zones as per RFC 6763. [RT #37889]	2015-08-25 14:46:06 +10:00
Mark Andrews	dc3912f3ca	4190. [protocol] Accept Active Diretory gc._msdcs.<forest> name as valid with check-names. <forest> still needs to be LDH. [RT #40399]	2015-08-22 15:27:33 +10:00
Mark Andrews	7d0dfa63cf	4189. [cleanup] Don't exit on overly long tokens in named.conf. [RT #40418]	2015-08-22 15:08:22 +10:00
Mark Andrews	18ba804f3a	4188. [bug] Support HTTP/1.0 client properly on the statistics channel. [RT #40261]	2015-08-20 09:55:28 +10:00
Tinderbox User	161b5249b9	update copyright notice / whitespace	2015-08-19 23:45:23 +00:00
Tinderbox User	0d63efe476	update copyright notice / whitespace	2015-08-18 23:45:26 +00:00
Mukund Sivaraman	ec3dbae9eb	Use unknown format when totext() is not implemented for any RDATA (#40317 )	2015-08-18 20:11:46 +05:30
Mukund Sivaraman	bf350c9f1a	Fix RPZ bugs related to wildcard triggers (#40357 )	2015-08-18 19:39:53 +05:30
Mark Andrews	b46fc43469	#include <isc/safe.h>	2015-08-18 21:22:48 +10:00
Evan Hunt	b750a49f3f	[master] fixed memory leak in dns_compress_add() 4184. [bug] Fixed a possible memory leak in name compression when rendering long messages. (Also, improved wire_test for testing such messages.) [RT #40375]	2015-08-17 22:41:44 -07:00
Mark Andrews	47d459ef43	add isc_safe_memequal and isc_safe_memcompare; remove isc_safe_memcmp	2015-08-18 12:25:22 +10:00
Evan Hunt	420a43c8d8	[master] timing safe memory comparisons 4183. [cleanup] Use timing-safe memory comparisons in cryptographic code. Also, the timing-safe comparison functions have been renamed to avoid possible confusion with memcmp(). [RT #40148]	2015-08-17 18:26:44 -07:00
Tinderbox User	503ffdad3b	update copyright notice / whitespace	2015-08-17 23:45:35 +00:00
Evan Hunt	b2f85a0c8e	[master] win32: vs2015 compliance; openssl dependency for check.c	2015-08-17 11:35:10 -07:00
Mukund Sivaraman	b0ba1a6059	Use mnemonics for RR class and type comparisons (#40297 )	2015-08-17 12:23:35 +05:30
Mark Andrews	70862302f8	4181. [bug] Queued notify messages could be dequeued from the wrong rate limiter queue. [RT #40350]	2015-08-17 10:37:06 +10:00
Tinderbox User	288c18263f	update copyright notice / whitespace	2015-08-14 23:45:27 +00:00
Mukund Sivaraman	d7262e5c86	Fix double frees in getaddrinfo() in libirs (#40209 )	2015-08-14 13:55:31 +05:30
Mukund Sivaraman	984d2bb9e5	Fix assertion failure in parsing UNSPEC(103) RR from text (#40274 )	2015-08-14 13:30:52 +05:30
Mukund Sivaraman	474921d733	Fix assertion failure in parsing NSAP records from text	2015-08-14 13:11:26 +05:30
Mark Andrews	9dc5ef7f24	4175. [bug] TKEY with GSS-API keys needed bigger buffers. [RT #40333]	2015-08-14 08:20:01 +10:00
Evan Hunt	45ad059c4a	[master] address VS2015 compiler warning	2015-08-13 14:58:28 -07:00
Tinderbox User	ed91aca9e6	update copyright notice / whitespace	2015-08-12 23:45:25 +00:00
Mark Andrews	c631ff56bf	Updated CHANGES note to include require-server-cookie: 4152. [func] Implement DNS COOKIE option. This replaces the experimental SIT option of BIND 9.10. The following named.conf directives are available: send-cookie, cookie-secret, cookie-algorithm, nocookie-udp-size and require-server-cookie. The following dig options are available: +[no]cookie[=value] and +[no]badcookie. [RT #39928]	2015-08-13 08:26:23 +10:00
Mark Andrews	151f1bcd5e	4172. [bug] Named / named-checkconf didn't handle a view of CLASS0. [RT #40265]	2015-08-12 19:06:00 +10:00
Evan Hunt	9b8f93083d	[master] fix tsig class checks 4171. [bug] Fixed incorrect class checks in TSIG RR implementation. [RT #40287]	2015-08-11 22:16:44 -07:00
Evan Hunt	c707e2b986	[master] fix length check in OPENPGPKEY 4170. [security] An incorrect boundary check in the OPENPGPKEY rdatatype could trigger an assertion failure. [RT #40286]	2015-08-11 20:01:44 -07:00
Tinderbox User	c4567d0675	update copyright notice / whitespace	2015-08-07 23:45:26 +00:00
Evan Hunt	ce9f893e21	[master] address buffer accounting error 4168. [security] A buffer accounting error could trigger an assertion failure when parsing certain malformed DNSSEC keys. (CVE-2015-5722) [RT #40212]	2015-08-07 13:16:10 -07:00
Mukund Sivaraman	991f97366b	Fix win32 build (UNUSED is present later) (cherry picked from commit `63dcc28d3e`)	2015-07-31 15:01:04 +05:30
Mark Andrews	46e7fc51b8	badcookie has a offical code point of 23	2015-07-27 15:22:09 +10:00
Mark Andrews	dbb064aa79	4165. [bug] An failure to reset a value to NULL in tkey.c could result in an assertion failure. (CVE-2015-5477) [RT #40046]	2015-07-14 14:48:42 +10:00
Tinderbox User	faa3b61828	update copyright notice / whitespace	2015-07-13 23:45:24 +00:00
Mark Andrews	3a49d0ff10	4164. [bug] Don't rename slave files and journals on out of memory. [RT #40033] 4163. [bug] Address compiler warnings. [RT #40024]	2015-07-13 09:46:59 +10:00
Mark Andrews	0bc743f9bc	4162. [bug] httpdmgr->flags was not being initialized. [RT #40017 ]	2015-07-10 18:42:20 +10:00
Tinderbox User	f16a6bfb6c	update copyright notice / whitespace	2015-07-09 23:45:22 +00:00
Evan Hunt	fc5f1971a1	[master] fix build error with ISC_MEM_TRACKLINES=0	2015-07-09 14:23:29 -07:00
Evan Hunt	1479200aa0	[master] DDoS mitigation features 3938. [func] Added quotas to be used in recursive resolvers that are under high query load for names in zones whose authoritative servers are nonresponsive or are experiencing a denial of service attack. - "fetches-per-server" limits the number of simultaneous queries that can be sent to any single authoritative server. The configured value is a starting point; it is automatically adjusted downward if the server is partially or completely non-responsive. The algorithm used to adjust the quota can be configured via the "fetch-quota-params" option. - "fetches-per-zone" limits the number of simultaneous queries that can be sent for names within a single domain. (Note: Unlike "fetches-per-server", this value is not self-tuning.) - New stats counters have been added to count queries spilled due to these quotas. See the ARM for details of these options. [RT #37125]	2015-07-08 22:53:39 -07:00
Mark Andrews	af63e286dd	set error code if aes selected and not implemented	2015-07-08 12:20:46 +10:00
Tinderbox User	9ab5a7d83c	update copyright notice / whitespace	2015-07-07 23:45:22 +00:00
Mark Andrews	bd08b82891	add warning not about handling malformed option content	2015-07-07 10:25:09 +10:00
Mark Andrews	46fc714aa0	dig +ednsopt=<invalid> could trigger a assertion failure [RT #39990 ]	2015-07-06 23:03:51 +10:00
Mukund Sivaraman	33ca26968b	Allow RPZ rewrite logging to be configured on a per-zone basis (#39754 )	2015-07-06 08:57:51 +05:30
Mark Andrews	3e33f4198d	4154. [bug] A OPT record should be included with the FORMERR response when there is a malformed EDNS option. [RT #39647] 4153. [bug] Dig should zero non significant +subnet bits. Check that non significant ECS bits are zero on receipt. [RT #39647]	2015-07-06 12:52:37 +10:00
Tinderbox User	8f0b326d9a	update copyright notice / whitespace	2015-07-05 23:45:22 +00:00
Mark Andrews	ce67023ae3	4152. [func] Implement DNS COOKIE option. This replaces the experimental SIT option of BIND 9.10. The following named.conf directives are avaliable: send-cookie, cookie-secret, cookie-algorithm and nocookie-udp-size. The following dig options are available: +[no]cookie[=value] and +[no]badcookie. [RT #39928]	2015-07-06 09:44:24 +10:00
Tinderbox User	85d23eaae8	update copyright notice / whitespace	2015-07-03 23:45:24 +00:00
Mark Andrews	307adf6792	4151. [bug] 'rndc flush' could cause a deadlock. [RT #39835 ]	2015-07-03 10:17:33 +10:00
Tinderbox User	2bd63eca27	update copyright notice / whitespace	2015-07-01 23:45:22 +00:00
Mark Andrews	753b27a7d3	4150. [bug] win32: listen-on-v6 { any; }; was not working. Apply minimal fix. [RT #39667]	2015-07-01 11:51:45 +10:00
Tinderbox User	337d408adb	update copyright notice / whitespace	2015-06-29 23:45:23 +00:00
Mukund Sivaraman	c44c77178e	Fix race in getaddrinfo() in libirs, which caused assertion failure in delv (#39873 )	2015-06-29 19:44:42 +05:30
Mukund Sivaraman	08f0129732	Fix a bug printing zone names with '/' character in XML and JSON stats (#39873 )	2015-06-29 18:33:18 +05:30
Mark Andrews	4a61eae651	4147. [bug] Filter-aaaa / filter-aaaa-on-v4 / filter-aaaa-on-v6 was returning referrals rather than nodata responses when the AAAA records were filtered. [RT #39843]	2015-06-29 15:48:41 +10:00
Mark Andrews	adbf81335b	4146. [bug] Address reference leak that could prevent a clean shutdown. [RT #37125]	2015-06-25 18:36:27 +10:00
Mark Andrews	2f66e2dd81	4145. [bug] Not all unassociated adb entries where being printed. [RT #37125]	2015-06-25 18:26:59 +10:00
Mukund Sivaraman	8aecc50f0d	Remove backwards compatibility grammar (#39845 ) This was not done in the previous merge commit, so that it could be merged cleanly into release branches.	2015-06-23 14:23:12 +05:30
Mukund Sivaraman	0439bfedd9	Fix parsing of NZFs saved by rndc addzone with view specified (#39845 )	2015-06-23 14:19:48 +05:30
Mark Andrews	d4422ec231	don't use C++ keyword new; use (const char ) for output of strchr((const char ), char)	2015-06-18 11:14:43 +10:00
Mark Andrews	a85c6b35af	4138. [bug] A uninitialized value in validator.c could result in a assertion failure. (CVE-2015-4620) [RT #39795]	2015-06-17 09:13:03 +10:00
Mark Andrews	a8cb6c6fbc	add #define check_stale_rdataset check_stale_rdataset64	2015-06-12 11:17:07 +10:00
Mark Andrews	c781d465b6	silence unused parameter warning	2015-06-11 14:03:19 +10:00
Mukund Sivaraman	59a9cb54c1	Propagate stale attribute when updating stats (#39141 ) Squashed commit of the following: commit 9b5b9fa30fbeba8ee1e95cb1028017230ed4db02 Author: Mukund Sivaraman <muks@isc.org> Date: Tue Apr 7 19:30:54 2015 +0530 Remove double function prototypes commit f3bb8cc60ae476eaa871ba10330b16425ced2d7c Author: Mukund Sivaraman <muks@isc.org> Date: Tue Apr 7 19:30:34 2015 +0530 Unify several copies of redundant code into a helper function commit 4899fb9b2f36fc5d159fa877c0780a442a7cbdb3 Author: Mukund Sivaraman <muks@isc.org> Date: Thu Apr 2 00:23:53 2015 +0530 Propagate stale attribute when updating stats	2015-06-10 14:04:30 +05:30
Witold Krecicki	f85deb5154	log expired NTA at startup	2015-06-08 13:57:24 +02:00
Tinderbox User	a03c39ef51	update copyright notice / whitespace	2015-06-05 23:45:26 +00:00
Witold Krecicki	8d21d93a6b	better logging of RPZ changes RT #39670	2015-06-05 12:24:11 +02:00
Mark Andrews	6c0c85563f	update comment as per rt39703	2015-06-05 11:09:35 +10:00
Mark Andrews	8a9bac8dec	4133. [port] Update how various json libraries are handled. [RT #39646]	2015-06-05 10:16:24 +10:00
Tinderbox User	e545fce91b	update copyright notice / whitespace	2015-06-04 23:45:25 +00:00
Evan Hunt	8c9fba44a4	[master] further RPZ fixes 4131. [bug] Addressed further problems with reloading RPZ zones. [RT #39649]	2015-06-03 18:18:55 -07:00
Mark Andrews	e0fea0bf85	silence coverity warnings	2015-05-30 17:44:52 +10:00
Mark Andrews	03089dd420	add INSIST to silence coverity	2015-05-30 17:37:14 +10:00
Mark Andrews	4e056cee66	unsigned constants	2015-05-29 11:26:13 +10:00
Tinderbox User	431e5c81db	update copyright notice / whitespace	2015-05-28 23:45:24 +00:00
Evan Hunt	2bb245e04a	[master] typo in comment	2015-05-28 15:04:40 -07:00
Mark Andrews	38c19e5779	4130. [bug] The compatability shim for *printf() misprinted some large numbers. [RT #39586]	2015-05-29 07:21:49 +10:00
Mark Andrews	8bb630c751	4129. [port] Address API changes in OpenSSL 1.1.0. [RT #39532 ]	2015-05-28 14:41:21 +10:00
Mark Andrews	e53e202ef3	4128. [bug] Address issues raised by Coverity 7.6. [RT #39537 ]	2015-05-28 13:17:07 +10:00
Tinderbox User	3813d22587	update copyright notice / whitespace	2015-05-27 23:45:25 +00:00
Mark Andrews	e7b7ede003	add dns_zone_cdscheck	2015-05-27 16:17:54 +10:00
Mark Andrews	598b502695	4127. [protocol] CDS and CDNSKEY need to be signed by the key signing key as per RFC 7344, Section 4.1. [RT #37215]	2015-05-27 15:25:45 +10:00
Evan Hunt	a32b6291aa	[master] address regression 4126. [bug] Addressed a regression introduced in change #4121. [RT #39611]	2015-05-26 19:11:08 -07:00
Mark Andrews	5af7557757	use unsigned constants	2015-05-24 12:51:55 +10:00
Tinderbox User	d70dac20d2	update copyright notice / whitespace	2015-05-23 23:45:25 +00:00
Mark Andrews	503f0b324a	#undef before #define	2015-05-24 06:04:09 +10:00
Francis Dupont	941b62c8cb	finished print.h stuff	2015-05-23 16:12:24 +02:00
Francis Dupont	3759f10fc5	added print.h includes, updated copyrights	2015-05-23 14:21:51 +02:00
Tinderbox User	46ee7c3260	update copyright notice / whitespace	2015-05-22 23:45:24 +00:00
Mark Andrews	9e5390f3f3	add cfg_parse_buffer2	2015-05-22 22:24:06 +10:00
Mark Andrews	7507c1826f	all of NEED*PRINT are needed if %z is not supported	2015-05-22 22:12:42 +10:00
Evan Hunt	c55a1da4fc	[master] log parsing errors from default config or addzone/modzone 4124. [func] Log errors or warnings encountered when parsing the internal default configuration. Clarify the logging of errors and warnings encountered in rndc addzone or modzone parameters. [RT #39440]	2015-05-21 23:04:29 -07:00
Mark Andrews	22909ca827	unconditionally include stdio.h	2015-05-22 10:08:43 +10:00
Tinderbox User	0dfc0745c4	update copyright notice / whitespace	2015-05-21 23:45:26 +00:00
Mark Andrews	9e69ff9ad0	exclude isc_print_printf and isc_print_fprintf	2015-05-22 08:22:19 +10:00
Evan Hunt	cadf8d687b	[master] add %z format options to printf 4123. [port] Added %z (size_t) format options to the portable internal printf/sprintf implementation. [RT #39586]	2015-05-21 14:55:15 -07:00
Mukund Sivaraman	705cea35a8	Fix RPZ radix tree search() for CLIENT-IP triggers (#39481 )	2015-05-21 11:10:49 +05:30
Evan Hunt	19365b43e9	[master] ensure rpz summary consistence during AXFR updates 4121. [bug] When updating a response-policy zone via AXFR, summary data about other policy zones could fall out of sync. Ultimately this could trigger an assertion failure in rpz.c. [RT #39567]	2015-05-20 15:00:50 -07:00
Evan Hunt	7e6cf6fc6e	[master] address a possible policy update race 4120. [bug] A bug in RPZ could cause the server to crash if policy zones were updated while recursion was pending for RPZ processing of an active query. [RT #39415]	2015-05-19 15:47:42 -07:00
Tinderbox User	f5280a1563	update copyright notice / whitespace	2015-05-11 23:45:22 +00:00
Mark Andrews	1acfed3dac	update variable name to better reflect reality (cherry picked from commit `51a82fe30d`)	2015-05-11 13:42:04 +10:00
Mark Andrews	844b568182	use dns_opcode_t	2015-05-11 12:16:44 +10:00
Mark Andrews	b4a6f7fff4	#include <string.h> for strcmp	2015-05-11 12:16:07 +10:00
Mukund Sivaraman	b947e1a521	Fix a bug in RPZ that could cause unwanted recursion (#39229 ) Conflicts: doc/arm/notes.xml	2015-05-07 08:29:36 +05:30
Tinderbox User	012142bbe0	update copyright notice / whitespace	2015-05-06 23:45:24 +00:00
Tinderbox User	4e92a74ec4	update copyright notice / whitespace	2015-05-05 23:45:24 +00:00
Evan Hunt	9e804040a2	[master] add "rndc -r" to print result code 4115. [func] "rndc -r" now prints the result code (e.g., ISC_R_SUCCESS, ISC_R_TIMEOUT, etc) after running the requested command. [RT #38913]	2015-05-05 16:39:09 -07:00
Mark Andrews	675900780a	150 ->160	2015-05-06 09:24:16 +10:00
Mark Andrews	5e73a8d791	set initial values for 9.11.x	2015-05-06 08:27:49 +10:00
Mukund Sivaraman	8f25faf972	Fix a regression in radix tree implementation introduced by ECS code (#38983 )	2015-05-05 13:11:23 +05:30
Tinderbox User	452a29e62c	update copyright notice / whitespace	2015-04-28 23:45:24 +00:00
Mark Andrews	b292230ab8	4110. [bug] Address memory leaks / null pointer dereferences on out of memory. [RT #39310]	2015-04-29 03:16:50 +10:00
Mark Andrews	e77e449549	4109. [port] linux: support reading the local port range from net.ipv4.ip_local_port_range. [RT # 39379]	2015-04-25 08:25:42 +10:00
Mark Andrews	c82b378115	4108. [func] A additional nxdomain redirect (nxdomain-redirect) method is now supported. [RT #37989]	2015-04-23 16:57:15 +10:00
Mark Andrews	ef0e674456	4107. [bug] Address potential deadlock when updating zone content. [RT #39269]	2015-04-18 13:45:03 +10:00
Tinderbox User	1413616670	update copyright notice / whitespace	2015-04-17 23:45:24 +00:00
Mark Andrews	def6608a44	don't set rdh_ttl in init_rdataset	2015-04-17 23:09:05 +10:00
Francis Dupont	ab973ec40c	misc x64 VS 2015 CTP fixes [#39308 ]	2015-04-17 11:39:26 +02:00
Mark Andrews	f1a261ba2d	4104. [bug] Address uninitialized elements. [RT #39252 ]	2015-04-17 14:04:47 +10:00
Francis Dupont	bcb68be0a8	misc fixes for VS 2015 CTP #39267	2015-04-17 02:57:02 +02:00
Tinderbox User	ace0b8d470	update copyright notice / whitespace	2015-04-15 23:45:22 +00:00
Evan Hunt	c03fe78ef5	[master] use after free in resquery_destroy() 4102. [bug] Fix a use after free bug introduced in change #4094. [RT #39281]	2015-04-15 15:38:14 -07:00
Mark Andrews	c855e7170a	4100. [bug] Inherited owernames on the line immediately following a $INCLUDE were not working. [RT #39268]	2015-04-15 12:47:57 +10:00
Tinderbox User	a269ca51cc	update copyright notice / whitespace	2015-04-14 23:45:21 +00:00
Mukund Sivaraman	ac31adc3b7	Add additional logging about xfrin transfer status (#39170 )	2015-04-14 12:16:26 +05:30
Mukund Sivaraman	2c4d5faf7f	Don't use query->sendevent after it's been destroyed (#39132 )	2015-04-13 15:04:41 +05:30
Mark Andrews	54fe1d05b6	4095. [bug] zone->options2 was not being properly initalized. [RT #39228]	2015-04-11 08:04:02 +10:00
Evan Hunt	d9b37259f3	[master] hold a reference on fetch context during query 4094. [bug] A race during shutdown or reconfiguration could cause an assertion in mem.c. [RT #38979]	2015-04-08 14:33:45 -07:00
Tinderbox User	6e61135f10	update copyright notice / whitespace	2015-03-27 23:45:21 +00:00
Mukund Sivaraman	fba894c98b	Some cleanups in isc mem code (#38896 )	2015-03-27 23:12:11 +05:30
Mukund Sivaraman	f9f81abff0	Fix a crash while parsing malformed CAA RRs in presentation format (#39003 )	2015-03-27 10:32:03 +05:30
Mukund Sivaraman	9a7532f836	Send notifies immediately for slave zones during startup (#38843 )	2015-03-25 10:55:55 +05:30
Tinderbox User	3e2bfb151a	update copyright notice / whitespace	2015-03-23 23:45:21 +00:00
Mark Andrews	cef65f9409	@ISC_OPENSSL_INC@ needs to not be by itself (cherry picked from commit a5885354413d503105521b7bf4cd603927f81814)	2015-03-24 07:54:51 +11:00
Evan Hunt	e89972afcb	[master] fixed build errors with libressl 4088. [port] Fixed errors when building with libressl. [RT #38899]	2015-03-23 13:34:56 -05:00
Mukund Sivaraman	ebeb4b3e09	Fix a crash due to use-after-free (#38495 )	2015-03-18 06:42:54 +05:30
Mukund Sivaraman	24f2cc7d06	Fix a possible race in updating stats counters (#38826 ) and do some other isc mem cleanups.	2015-03-09 10:30:47 +05:30
Mukund Sivaraman	f5a62d97e3	Fix -Wshadow warnings (#38762 ) These happen due to ntohs()/htons() macro expansion in glibc.	2015-03-09 09:23:46 +05:30
Evan Hunt	da4a7772eb	[master] improve thread support reporting 4083. [cleanup] Print of the number of CPUs and UDP listeners in the log and in "rndc status" output; indicate whether threads are supported in "named -V" output. [RT #38811]	2015-03-04 15:56:33 -08:00
Mark Andrews	f2f3880223	add missing defs	2015-03-05 10:48:04 +11:00
Tinderbox User	811acf52b8	update copyright notice / whitespace	2015-03-04 23:45:21 +00:00
Mark Andrews	1b05d22789	4082. [bug] Incrementally sign large inline zone deltas. [RT #37927]	2015-03-05 09:59:29 +11:00
Mark Andrews	29d52c001f	4081. [cleanup] Use dns_rdatalist_init consistently. [RT #38759 ]	2015-03-03 16:43:42 +11:00
Evan Hunt	7ae96d8823	[master] add "lock-file" and fix up singleton code 4080. [func] Completed change #4022, adding a "lock-file" option to named.conf to override the default lock file, in addition to the "named -X <filename>" command line option. Setting the lock file to "none" using either method disables the check completely. [RT #37908]	2015-03-02 19:27:54 -08:00
Tinderbox User	3d787a1213	update copyright notice / whitespace	2015-03-02 23:45:21 +00:00
Mukund Sivaraman	10dd5f62f2	Add support for Valgrind's helgrind tool (#38706 ) Also fix one locking issue that helgrind found: Maintain stats->lock while stats->reference is used.	2015-03-02 13:42:20 +05:30
Mukund Sivaraman	0ea9f8037d	Remove more wider memset() over control now that it's handled below (#38621 )	2015-03-02 12:52:41 +05:30
Tinderbox User	5e93bad21b	update copyright notice / whitespace	2015-03-01 23:45:20 +00:00
Evan Hunt	ed57645433	[master] add 64-bit symbols for ownercase functions	2015-02-27 17:36:29 -08:00
Tinderbox User	34eab435ac	update copyright notice / whitespace	2015-02-27 23:45:24 +00:00
Evan Hunt	2bbf69e1e2	[master] add missing externals	2015-02-26 21:58:19 -08:00
Mark Andrews	4677223a53	address -Wshadow warning	2015-02-27 16:46:54 +11:00
Mark Andrews	a8da00ef95	4079. [func] Preserve the case of the ownername of records to the RRset level. [RT #37442]	2015-02-27 15:08:38 +11:00
Mark Andrews	b5edc023a1	4078. [bug] Hand the case where CMSG_SPACE(sizeof(int)) != CMSG_SPACE(sizeof(int)). [RT #38621.	2015-02-27 14:52:26 +11:00
Mark Andrews	bb5df338d9	4076. [bug] Named could crash on shutdown with outstanding reload / reconfig events. [RT #38622]	2015-02-27 12:34:43 +11:00
Mark Andrews	42580072de	protect with #ifdef HAVE_PTHREAD_MUTEX_ADAPTIVE_NP	2015-02-27 11:37:35 +11:00
Mark Andrews	af669cb4fd	4074. [cleanup] Cleaned up more warnings from gcc -Wshadow. [RT #38708 ]	2015-02-27 10:55:55 +11:00
Tinderbox User	c10fda07d6	update copyright notice / whitespace	2015-02-26 23:45:22 +00:00
Mukund Sivaraman	1783676a64	Add a --enable-querytrace configure switch for very verbose query tracelogging (#37520 )	2015-02-26 16:51:07 +05:30
Mukund Sivaraman	ebeb668f86	Remove unused functions (#38547 )	2015-02-26 14:47:03 +05:30
Mukund Sivaraman	07dd40e8ee	Initialize pthread_mutexattrs just once (#38547 )	2015-02-26 14:43:45 +05:30
Mukund Sivaraman	db93c0def5	Fix a segfault when running nslookup (#38548 )	2015-02-26 14:03:35 +05:30
Tinderbox User	f159b7b5c7	update copyright notice / whitespace	2015-02-25 23:45:22 +00:00
Mukund Sivaraman	5a505fc4c2	Add facility to run system test nameds under Valgrind (#38546 )	2015-02-25 09:06:45 +05:30
Evan Hunt	bfc11b9c65	[master] additional mkeys tests 4065. [test] Additional RFC 5011 tests. [RT #38569]	2015-02-23 21:07:26 -08:00
Tinderbox User	c3854e9cd3	update copyright notice / whitespace	2015-02-23 23:45:20 +00:00
Evan Hunt	7acc2f2156	[master] fix LOADPENDING issues 4063. [bug] Asynchronous zone loads were not handled correctly when the zone load was already in progress; this could trigger a crash in zt.c. [RT #37573]	2015-02-22 20:43:39 -08:00
Evan Hunt	07229d51a6	[master] report library version numbers on win32	2015-02-20 23:23:59 -08:00
Mark Andrews	072ce62d23	used unsigned zero	2015-02-19 15:42:29 +11:00
Tinderbox User	a70b865da3	update copyright notice / whitespace	2015-02-18 23:45:23 +00:00
Mark Andrews	6a837e5121	address race condition with multiple isc_socket_connect calls in change 4041	2015-02-18 23:32:31 +11:00
Mukund Sivaraman	e58eb371a0	RPZ: Don't diff keys out of bounds, found via Valgrind (#38559 )	2015-02-18 12:49:56 +05:30
Tinderbox User	8f0427f11b	update copyright notice / whitespace	2015-02-17 23:45:20 +00:00
Evan Hunt	1f81c9e1e2	[master] silence warning	2015-02-17 11:37:26 -08:00
Tinderbox User	c8a55dfd0a	update copyright notice / whitespace	2015-02-12 23:45:23 +00:00
Mukund Sivaraman	ffc393dd18	Remove canary code from hash destroy function (#38602 ) This triggers a Valgrind out-of-bounds read report. It was introduced by commit `5d7849ad7f`. No CHANGES entry necessary as it doesn't have any user-visible or behavioral change. It removes an out-of-bounds read issue that went undetected when allocated through isc_mem as the memory was present. The memory read was compared to itself, so it has no behavioral change.	2015-02-12 18:14:34 +05:30
Mark Andrews	f4102ab13e	4060. [bug] dns_rdata_freestruct could be call on a uninitialised structure when handling a error. [RT #38568]	2015-02-11 16:50:11 +11:00
Evan Hunt	8fa6f39c85	[master] oops, win32 data exports work differently now	2015-02-10 17:26:09 -08:00
Evan Hunt	82a42fe81e	[master] export dns_zone_mkey_{month,day,hour}	2015-02-10 16:59:09 -08:00
Tinderbox User	f3affbe2ff	update copyright notice / whitespace	2015-02-10 23:45:23 +00:00
Evan Hunt	a98f70acc8	[master] address valgrind warnings 4059. [bug] Addressed valgrind warnings. [RT #38549]	2015-02-10 14:01:38 -08:00
Evan Hunt	2616cb6944	[master] fix PRNG selection in dispatch.c 4058. [bug] UDP dispatches could use the wrong psuedorandom number generator context. [RT #38578]	2015-02-10 13:54:48 -08:00
Tinderbox User	29756974c5	update copyright notice / whitespace	2015-02-06 23:45:21 +00:00
Evan Hunt	82843574c9	[master] fix keytable test	2015-02-06 14:08:28 -08:00
Mark Andrews	29fc1a4197	<isc/print.h>	2015-02-06 13:30:22 +11:00
Evan Hunt	591389c7d4	[master] 5011 tests and fixes 4056. [bug] Expanded automatic testing of trust anchor management and fixed several small bugs including a memory leak and a possible loss of key state information. [RT #38458] 4055. [func] "rndc managed-keys" can be used to check status of trust anchors or to force keys to be refreshed, Also, the managed keys data file has easier-to-read comments. [RT #38458]	2015-02-05 17:18:15 -08:00
Mark Andrews	d2a50c9ba8	cast to (unsigned long) to silence format warning	2015-02-05 07:50:24 +11:00
Francis Dupont	1059bc2e42	added mdig tool	2015-02-04 14:22:32 +01:00
Evan Hunt	801fb8b894	[master] avoid crash due to managed-key rollover 4053. [security] Revoking a managed trust anchor and supplying an untrusted replacement could cause named to crash with an assertion failure. (CVE-2015-1349) [RT #38344]	2015-02-03 18:25:28 -08:00
Tinderbox User	92059a966a	update copyright notice / whitespace	2015-02-03 23:46:29 +00:00
Mukund Sivaraman	2696ceb4d4	Fix a Valgrind warning about use of uninitialized memory (as part of #38454 )	2015-02-03 11:43:34 +05:30
Mukund Sivaraman	fe12a8f107	Fix a leak of pthread_mutexattr_t (#38454 ) 4051. [bug] Fix a leak of pthread_mutexattr_t. [RT #38454]	2015-02-03 11:42:06 +05:30
Tinderbox User	f72460c717	update copyright notice / whitespace	2015-01-30 23:45:24 +00:00
Mark Andrews	e77ef50a57	4049. [bug] CDS and CDNSKEY had the wrong attributes. [RT #38491 ]	2015-01-30 21:48:28 +11:00
Tinderbox User	59e7a41eaf	update copyright notice / whitespace	2015-01-29 23:45:24 +00:00
Mark Andrews	7865bb3549	copy COPYRIGHT and OpenSSL Licence to Build\Release	2015-01-29 14:36:09 +11:00
Mark Andrews	4b36b9c1ff	4048. [bug] adb hash table was not being grown. [RT #38470 ]	2015-01-29 11:50:30 +11:00
Tinderbox User	be755f4725	update copyright notice / whitespace	2015-01-22 23:45:26 +00:00
Evan Hunt	84ee90b52d	[master] fix 'total use' accounting 4046. [bug] Accounting of "total use" in memory context statistics was not correct. [RT #38370]	2015-01-22 09:44:24 -08:00
Evan Hunt	f885a6172e	[master] silence warning	2015-01-22 09:03:24 -08:00
Mark Andrews	875574f1e4	4045. [bug] Skip to next master on dns_request_createvia4 failure. [RT #25185]	2015-01-22 15:56:50 +11:00
Tinderbox User	39f68d7b64	update copyright notice / whitespace	2015-01-21 23:45:24 +00:00
Mark Andrews	17dc146c7c	4044. [bug] Change 3955 was not complete resulting is a assertion failure is the timing was just right. [RT #38352]	2015-01-22 10:38:40 +11:00
Evan Hunt	e91c70668e	[master] restored accidentally removed externals	2015-01-20 22:38:27 -08:00
Mark Andrews	22e3e00ac9	4042. [bug] zone.c:iszonesecure was being called too late. [RT #38371]	2015-01-21 13:18:30 +11:00
Mark Andrews	83b9e799df	#ifdef protect 'b'	2015-01-21 13:07:50 +11:00
Evan Hunt	ff62d4458a	[master] allow shared TCP sockets when connecting 4041. [func] TCP sockets can now be shared while connecting. (This will be used to enable client-side support of pipelined queries.) [RT #38231]	2015-01-20 17:22:31 -08:00
Evan Hunt	761d135ed6	[master] add TCP pipelining support 4040. [func] Added server-side support for pipelined TCP queries. TCP connections are no longer closed after the first query received from a client. (The new "keep-response-order" option allows clients to be specified for which the old behavior will still be used.) [RT #37821]	2015-01-20 16:14:09 -08:00
Evan Hunt	b77ae24e3e	[master] more windows VS14 compatibility work (completes change #3987)	2015-01-20 15:45:38 -08:00
Tinderbox User	c110d61b17	update copyright notice / whitespace	2015-01-20 23:45:26 +00:00
Evan Hunt	11463c0ac2	[master] clean up gcc -Wshadow warnings 4039. [cleanup] Cleaned up warnings from gcc -Wshadow. [RT #37381]	2015-01-20 13:29:18 -08:00
Mark Andrews	cc0a48a381	4038. [bug] Add 'rpz' flag to node and use it to determine whether to call dns_rpz_delete. This should prevent unbalanced add / delete calls. [RT #36888	2015-01-20 16:57:42 +11:00
Mark Andrews	f8eb4e5bfd	4037. [bug] also-notify was ignoring the tsig key when checking for duplicates resulting in some expected notify messages not being sent. [RT #38369]	2015-01-20 16:42:56 +11:00
Evan Hunt	59c489552d	[master] remove a potentially misleading log message	2015-01-19 20:15:01 -08:00
Tinderbox User	b624001e36	update copyright notice / whitespace	2015-01-16 23:45:22 +00:00
Mukund Sivaraman	b05a50c852	Make call to open a temporary file name safe during NZF creation (#38331 ) Based on a patch sent in by Tony Finch <dot@dotat.at>. Also fix win32 implementation of isc_file_openunique() to use a random filename instead of using the process id.	2015-01-16 18:29:23 +05:30
Tinderbox User	2dd6ffb5cb	update copyright notice / whitespace	2015-01-12 23:45:21 +00:00
Mukund Sivaraman	4716d844c4	Add missing symbols to libdns.def.in	2015-01-12 09:55:56 +05:30
Mukund Sivaraman	a6f0e9c985	Add NTA persistence (#37087 ) 4034. [func] When added, negative trust anchors (NTA) are now saved to files (viewname.nta), in order to persist across restarts of the named server. [RT #37087]	2015-01-12 09:07:48 +05:30
Tinderbox User	f0cbe180f0	update copyright notice / whitespace	2015-01-10 23:45:22 +00:00
Mark Andrews	f4dda9cf28	4033. [bug] Missing out of memory check in request.c:req_send. [RT #38311]	2015-01-11 09:24:33 +11:00
Evan Hunt	4b52ac401d	[master] remove unhelpful comment, revise change note 3973. [test] Added hooks for Google Performance Tools CPU profiler, including real-time/wall-clock profiling. [RT #37339]	2015-01-10 00:17:57 -08:00
Tinderbox User	63b0524b96	update copyright notice / whitespace	2015-01-08 23:45:22 +00:00
Mark Andrews	d1f1f13c7f	4031. [bug] named-checkconf -z failed to report a missing file with a hint zone. [RT #38294]	2015-01-08 19:19:12 +11:00
Tinderbox User	b129f72d95	update copyright notice / whitespace	2015-01-07 23:45:22 +00:00
Evan Hunt	f784ce7523	[master] add missing functions	2015-01-07 00:22:31 -08:00
Evan Hunt	74eb2f5cbc	[master] rndc showzone / rndc delzone of non-added zones 4030. [func] "rndc delzone" is now applicable to zones that were configured in named.conf, as well as zones that were added via "rndc addzone". (Note, however, that if named.conf is not also modified, the deleted zone will return when named is reloaded.) [RT #37887] 4029. [func] "rndc showzone" displays the current configuration of a specified zone. [RT #37887]	2015-01-06 22:57:57 -08:00
Tinderbox User	651c5a50f4	update copyright notice / whitespace	2015-01-06 23:45:23 +00:00
Mark Andrews	b0c18fffd3	4028. [bug] $GENERATE with a zero step was not being caught as a error. A $GENERATE with a / but no step was not being caught as a error. [RT #38262]	2015-01-06 11:31:34 +11:00
Tinderbox User	055f6517b4	update copyright notice / whitespace	2014-12-19 23:45:22 +00:00
Mark Andrews	d8f2dd46cb	4025. [port] bsdi: failed to build. [RT #38047 ]	2014-12-19 12:06:35 +11:00
Mark Andrews	1e0ed0c6f5	4024. [bug] dns_rdata_opt_first, dns_rdata_opt_next, dns_rdata_opt_current, dns_rdata_txt_first, dns_rdata_txt_next and dns_rdata_txt_current were documented but not implemented. These have now been implemented. dns_rdata_spf_first, dns_rdata_spf_next and dns_rdata_spf_current were document but not implemented. The prototypes for these functions have been removed. [RT #38068] 4023. [bug] win32: socket handling with explict ports and invoking named with -4 was broken for some configurations. [RT #38068]	2014-12-19 11:35:07 +11:00
Mukund Sivaraman	47d837a499	Make named a singleton process [RT#37908] Conflicts: bin/tests/system/conf.sh.in lib/dns/win32/libdns.def.in lib/isc/win32/file.c The merge also needed to update files in legacy and tcp system tests (newly introduced in master after branch was created) to introduce use of lockfile.	2014-12-18 12:31:25 +05:30
Evan Hunt	9fcbc46062	[master] more missing entry points	2014-12-16 14:40:33 -08:00
Evan Hunt	fc12d18471	[master] typos	2014-12-16 12:42:05 -08:00
Evan Hunt	25ee607cf5	[master] add more missing entry points	2014-12-16 12:09:09 -08:00
Mark Andrews	eb690e00e7	add missing entry points	2014-12-17 00:27:17 +11:00
Mark Andrews	2efb444806	add missing entry points	2014-12-16 23:46:15 +11:00
Mark Andrews	f5c22df82b	win32 build	2014-12-16 23:36:44 +11:00
Evan Hunt	be7fba8019	[master] adjust max-recursion-queries 4021. [bug] Adjust max-recursion-queries to accommodate the need for more queries when the cache is empty. [RT #38104]	2014-12-15 22:28:06 -08:00
Mark Andrews	132410d33f	add/sort	2014-12-16 14:49:17 +11:00
Mark Andrews	7799a5edea	add missing entries	2014-12-16 14:41:25 +11:00
Mark Andrews	2e98ab2c9d	remove non null check	2014-12-09 19:51:32 +11:00
Mark Andrews	017aa9aef6	4019. [func] If named is not configured to validate the answer then allow fallback to plain DNS on timeout even when we know the server supports EDNS. [RT #37978]	2014-12-05 17:47:26 +11:00
Mark Andrews	ea3aa401bc	4015. [bug] Nameservers that are skipped due to them being CNAMEs were not being logged. They are now logged to category 'cname' as per BIND 8. [RT #37935]	2014-12-03 11:34:07 +11:00
Mark Andrews	6444de08d1	4014. [bug] When including a master file origin_changed was not being properly set leading to a potentially spurious 'inherited owner' warning. [RT #37919]	2014-12-03 09:42:30 +11:00
Francis Dupont	5c5c6d289d	Add a TCP only option to server/peer	2014-12-02 14:17:59 +01:00
Francis Dupont	fc63119c8b	Hardened OpenSSL digest/HMAC calls [RT #37944 ]	2014-12-02 12:41:01 +01:00
Mark Andrews	401f7510d7	use the actual header	2014-11-28 19:17:26 +11:00
Mark Andrews	7554ff1619	add #define rdataset_clearprefetch rdataset_clearprefetch64	2014-11-25 12:06:23 +11:00
Tinderbox User	523ad879ce	update copyright notice / whitespace	2014-11-24 23:53:16 +00:00
Mark Andrews	092d3b76db	4010. [cleanup] Clear the prefetchable state when initiating a prefetch. [RT #37399]	2014-11-24 11:18:30 +11:00
Evan Hunt	92384667ff	[master] delv +tcp 4009. [func] delv: added a +tcp option. [RT #37855]	2014-11-21 09:42:04 -08:00
Mark Andrews	70bceacc80	silence signed/unsigned warning	2014-11-21 20:28:17 +11:00
Evan Hunt	3e5b4176d8	[master] win32 build fix	2014-11-20 15:55:43 -08:00
Evan Hunt	c6b699b58e	[master] remove inadvertently-retained content from quota.h	2014-11-20 12:55:01 -08:00
Evan Hunt	05e448935c	[master] refactor max-recursion-queries - the counters weren't set correctly when fetches timed out. instead we now pass down a counter object.	2014-11-19 18:21:02 -08:00
Evan Hunt	c4f54e5bd1	[master] add max-recursion-queries also fixes and documentation for max-recursion-depth	2014-11-18 22:02:02 -08:00
Evan Hunt	3230429e17	[master] limit recursion depth and iterative queries 4006. [security] A flaw in delegation handling could be exploited to put named into an infinite loop. This has been addressed by placing limits on the number of levels of recursion named will allow (default 7), and the number of iterative queries that it will send (default 50) before terminating a recursive query (CVE-2014-8500). The recursion depth limit is configured via the "max-recursion-depth" option. [RT #35780]	2014-11-17 23:24:44 -08:00
Evan Hunt	c325ff9c79	[master] complete coverity fixes	2014-11-17 17:39:00 -08:00
Mark Andrews	4ac862fa96	only execute additional tests if create call succeeds	2014-11-18 12:19:37 +11:00
Evan Hunt	a0b4f6d952	[master] geoip security fixes 4003. [security] When geoip-directory was reconfigured during named run-time, the previously loaded GeoIP data could remain, potentially causing wrong ACLs to be used or wrong results to be served based on geolocation. [RT #37720] 4002. [security] Lookups in GeoIP databases that were not loaded could cause an assertion failure. [RT #37679] 4001. [security] The caching of GeoIP lookups did not always handle address families correctly, potentially resulting in an assertion failure. [RT #37672]	2014-11-16 08:43:22 -08:00
Tinderbox User	aee6c351d3	update copyright notice	2014-11-15 23:45:22 +00:00
Evan Hunt	63fb92c1ba	[master] fix false positive compiler warning a "pointer always evaluates to true" warning was blocking compilation of the radix ATF test when using --enable-developer with gcc 4.8.2.	2014-11-15 00:56:30 -08:00
Evan Hunt	907e01d6f3	[master] buffer ATF test was failing	2014-11-15 00:56:17 -08:00
Evan Hunt	e32d354f75	[master] allow arbitrary-size rndc output 4005. [func] The buffer used for returning text from rndc commands is now dynamically resizable, allowing arbitrarily large amounts of text to be sent back to the client. (Prior to this change, it was possible for the output of "rndc tsig-list" to be truncated.) [RT #37731]	2014-11-14 15:58:54 -08:00
Evan Hunt	c4abb19716	[master] reference leak with AAAA glue but not A 4004. [bug] When delegations had AAAA glue but not A, a reference could be leaked causing an assertion failure on shutdown. [RT #37796]	2014-11-14 09:02:28 -08:00
Mukund Sivaraman	a3157f3c75	[master] close() fd when done (Coverity report)	2014-11-11 07:15:02 +05:30
Evan Hunt	fadf7291df	[master] check creat() return	2014-11-10 17:30:58 -08:00
Tinderbox User	6d0a639bd0	update copyright notice	2014-11-06 23:45:21 +00:00
Evan Hunt	067c0c38e7	[master] s/mempcy/memmove/	2014-11-06 13:01:59 -08:00
Mark Andrews	8f0cf84bb1	set working directory; #include <string.h>	2014-11-06 18:02:32 +11:00
Tinderbox User	d478dbae80	update copyright notice	2014-11-05 23:45:20 +00:00
Evan Hunt	ad9645512c	[master] add print.h	2014-11-04 20:43:41 -08:00
Evan Hunt	ce96d4326c	[master] new mkeys and nzf naming format 3999. [func] "mkeys" and "nzf" files are now named after their corresponding views, unless the view name contains characters that would be incompatible with use in a filename (i.e., slash, backslash, or capital letters). If a view name does contain these characters, the files will still be named using a cryptographic hash of the view name. Regardless of this, if a file using the old name format is found to exist, it will continue to be used. [RT #37704]	2014-11-04 19:43:27 -08:00
Tinderbox User	5781d00939	update copyright notice	2014-11-04 23:45:20 +00:00
Mark Andrews	a31d0513c3	add missing opening bracket	2014-11-04 17:02:32 +11:00
Mark Andrews	b976c39c07	3998. [bug] isc_radix_search was returning matches that were to precise. [RT #37680]	2014-11-04 12:34:12 +11:00
Mark Andrews	1feee79e1f	3997. [protocol] Add OPENGPGKEY record. [RT# 37671]	2014-11-04 12:24:39 +11:00
Tinderbox User	03fc2ff527	update copyright notice	2014-10-31 23:45:23 +00:00
Mark Andrews	c2f8108123	3996. [bug] Address use after free on out of memory error in keyring_add. [RT #37639]	2014-10-31 11:44:09 +11:00
Mark Andrews	4e59131f18	3995. [bug] receive_secure_serial holds the zone lock for too long. [RT #37626]	2014-10-31 11:38:14 +11:00
Mark Andrews	00fb0253c9	3991. [func] Add the ability to buffer logging output by specifying "buffered yes;" when defining a channel. [RT #26561]	2014-10-30 11:37:05 +11:00
Mark Andrews	eb5243365c	3989. [cleanup] Remove redundent dns_db_resigned calls. [RT #35748 ]	2014-10-30 10:53:12 +11:00
Mark Andrews	bad93fb90c	missing comma	2014-10-28 16:10:49 +11:00
Tinderbox User	6932de75ef	update copyright notice	2014-10-21 23:45:24 +00:00
Francis Dupont	4d6329c1b3	Handle VS14 incompatible changes [RT #37380 ]	2014-10-21 09:34:33 +02:00
Mark Andrews	4140a96f22	3987. [func] Allow the zone serial of a dynamically updatable zone to be updated via rndc. [RT #37404]	2014-10-21 18:15:42 +11:00
Francis Dupont	7fbfa379e2	Accept up to 256 byte PINs in native PKCS#11. [RT #37410 ]	2014-10-20 22:55:40 +02:00
Evan Hunt	498b061031	[master] allow 1-week nta-lifetime/nta-recheck 3983. [bug] Change #3940 was incomplete: negative trust anchors could be set to last up to a week, but the "nta-lifetime" and "nta-recheck" options were still limted to one day. [RT #37522]	2014-10-20 13:40:17 -07:00
Mark Andrews	72775a79fe	3981. [bug] Cache DS/NXDOMAIN independently of other query types. [RT #37467]	2014-10-18 13:09:09 +11:00
Mark Andrews	871f3c8bee	3980. [bug] Improve --with-tuning=large by self tuning of SO_RCVBUF size. [RT #37187]	2014-10-18 12:40:13 +11:00
Mark Andrews	48f97c23b7	3979. [bug] Negative trust anchor fetches where not properly managed. [RT #37488]	2014-10-18 10:07:24 +11:00
Evan Hunt	188690149b	[master] add diffie-hellman key unit test 3978. [test] Added a unit test for Diffie-Hellman key computation, completing change #3974. [RT #37477]	2014-10-17 15:55:37 -07:00
Evan Hunt	eb6d61d5e0	[master] correctly validate 5011 trust anchors 3976. [bug] When refreshing managed-key trust anchors, clear any cached trust so that they will always be revalidated with the current set of secure roots. [RT #37506]	2014-10-17 15:40:07 -07:00
Tinderbox User	28b2fddfd4	update copyright notice	2014-10-16 23:45:23 +00:00
Mark Andrews	ca77632f65	initialize rdataset->private7	2014-10-16 11:23:01 +11:00
Mark Andrews	58a1051e92	3974. [bug] handle DH_compute_key() failure correctly in openssldh_link.c. [RT #37477]	2014-10-13 23:41:36 +11:00
Evan Hunt	34cb27055a	[master] install badcache.h	2014-10-08 19:42:48 -07:00
Francis Dupont	1831311ac6	added hooks for gperftools CPU profiler [#37339 ]	2014-10-08 15:14:02 +02:00
Mark Andrews	bbec761a67	silence compiler warning	2014-10-08 17:47:46 +11:00
Tinderbox User	d1573beb05	update copyright notice	2014-10-04 23:45:22 +00:00
Mark Andrews	c81d56c03e	3971. [bug] Reduce the cascasding failures due to a bad $TTL line in named-checkconf / named-checkzone. [RT #37138]	2014-10-05 08:29:34 +11:00
Tinderbox User	7a3f584cfc	update copyright notice	2014-10-02 23:45:25 +00:00
Mark Andrews	9c0589bc8b	3966. [bug] Missing dns_db_closeversion call in receive_secure_db. [RT #35746]	2014-10-03 07:50:09 +10:00
Mark Andrews	dda69168ea	3965. [func] Log outgoing packets and improve packet logging to support logging the remote address. [RT #36624]	2014-10-02 09:40:11 +10:00
Mark Andrews	ed1c845c1d	3964. [func] nsupdate now performs check-names processing. [RT #36266]	2014-10-02 09:35:43 +10:00
Tinderbox User	be484acb22	update copyright notice	2014-09-30 23:45:22 +00:00
Mark Andrews	ffeaac1d82	3961. [bug] Forwarding of SIG(0) signed UPDATE messages failed with BADSIG. [RT #37216]	2014-10-01 07:24:16 +10:00
Mark Andrews	fa827173df	3959. [bug] Updates could be lost if they arrived immediately after a rndc thaw. [RT #37233]	2014-10-01 06:59:19 +10:00
Tinderbox User	2fb35a6d59	update copyright notice	2014-09-29 23:45:24 +00:00
Mark Andrews	1c5990c2f9	3958. [bug] Detect when writeable files have multiple references in named.conf. [RT #37172]	2014-09-29 12:10:10 +10:00
Mark Andrews	80169c379d	3957. [bug] "dnssec-keygen -S" failed for ECCGOST, ECDSAP256SHA256 and ECDSAP384SHA384. [RT #37183]	2014-09-29 10:18:54 +10:00
Mark Andrews	10c12aa549	3956. [func] Notify messages are now rate limited by notify-rate and startup-notify-rate instead of serial-query-rate. [RT #24454] 3955. [bug] Notify messages due to changes are no longer queued behind startup notify messages. [RT #24454]	2014-09-29 10:01:08 +10:00
Mark Andrews	4b92bc0022	don't redefine GEOIP_DATA	2014-09-29 09:33:24 +10:00
Tinderbox User	e64f32cd04	update copyright notice	2014-09-27 23:45:22 +00:00
Mark Andrews	9a36fb86f5	3953. [bug] Don't escape semi-colon in TXT fields. [RT #37159 ]	2014-09-27 12:14:20 +10:00
Mark Andrews	a266ab205b	3952. [bug] dns_name_fullcompare failed to set *nlabelsp when the two name pointers were the same. [RT #37176]	2014-09-27 11:41:44 +10:00
Evan Hunt	6896fdd3b2	[master] spelling	2014-09-15 18:18:12 -07:00
Mark Andrews	48b093c864	update named-checkzone manpage for SPF changes	2014-09-13 07:55:57 +10:00
Mark Andrews	1bf72e5325	silence compiler warning	2014-09-11 13:34:17 +10:00
Mark Andrews	947cf282a7	3949. [experimental] Experimental support for draft-andrews-edns1 by sending EDNS(1) queries (define DRAFT_ANDREWS_EDNS1 when building). Add support for limiting the EDNS version advertised to servers: server { edns-version 0; }; Log the EDNS version received in the query log. [RT #35864]	2014-09-10 15:31:40 +10:00
Mark Andrews	52131a8351	3948. [port] solaris: RCVBUFSIZE was too large on Solaris with --with-tuning=large. [RT #37059]	2014-09-09 09:41:55 +10:00
Mark Andrews	2b703026f3	check isc_mutext_init and destoy mutex when done	2014-09-07 08:24:36 +10:00
Mark Andrews	8aa098c633	update copyrights	2014-09-06 09:38:48 +10:00
Tinderbox User	5fa6a064b8	regen master	2014-09-05 19:26:47 +00:00
Evan Hunt	f687e639f0	[master] [rt36786] use INSTALL_PROGRAM for shared libs 3947. [cleanup] Set the executable bit on libraries when using libtool. [RT #36786]	2014-09-05 10:24:20 -07:00
Mark Andrews	2fa1fc5332	3945. [bug] Invalid wildcard expansions could be incorrectly accepted by the validator. [RT #37093]	2014-09-05 12:10:55 +10:00
Mark Andrews	06dbd20c66	move declaration to start of block	2014-09-05 11:39:42 +10:00
Tinderbox User	948c80ffa8	update copyright notice	2014-09-04 23:45:24 +00:00
Evan Hunt	a878301981	[master] servfail cache 3943. [func] SERVFAIL responses can now be cached for a limited time (configured by "servfail-ttl", default 10 seconds, limit 30). This can reduce the frequency of retries when an authoritative server is known to be failing, e.g., due to ongoing DNSSEC validation problems. [RT #21347]	2014-09-03 23:28:14 -07:00
Mark Andrews	3560b7d66c	move declaration to start of block	2014-09-04 14:20:25 +10:00
Mark Andrews	fec7998314	3942. [bug] Wildcard responses from a optout range should be marked as insecure. [RT #37072]	2014-09-04 13:57:50 +10:00
Mark Andrews	74717eef53	3939. [func] Improve UPDATE forwarding performance by allowing TCP connections to be shared. [RT #37039]	2014-09-04 10:37:45 +10:00
Mark Andrews	92a649d814	complete conversion to FCTXTRACE3	2014-08-30 20:37:20 +10:00
Mark Andrews	1a63fb1d14	update copyrights	2014-08-30 12:27:49 +10:00
Tinderbox User	3278ff814d	update copyright notice	2014-08-29 23:45:22 +00:00
Evan Hunt	f5c24a7f48	[master] add better servfail logging 3937. [func] Added some debug logging to better indicate the conditions causing SERVFAILs when resolving. [RT #35538]	2014-08-28 22:37:55 -07:00
Evan Hunt	d46855caed	[master] ECS authoritative support 3936. [func] Added authoritative support for the EDNS Client Subnet (ECS) option. ACLs can now include "ecs" elements which specify an address or network prefix; if an ECS option is included in a DNS query, then the address encoded in the option will be matched against "ecs" ACL elements. Also, if an ECS address is included in a query, then it will be used instead of the client source address when matching "geoip" ACL elements. This behavior can be overridden with "geoip-use-ecs no;". When "ecs" or "geoip" ACL elements are used to select a view for a query, the response will include an ECS option to indicate which client network the answer is valid for. (Thanks to Vincent Bernat.) [RT #36781]	2014-08-28 22:05:57 -07:00
Evan Hunt	180319f572	[master] fix geoip asnum matching 3935. [bug] "geoip asnum" ACL elements would not match unless the full organization name was specified. They can now match against the AS number alone (e.g., AS1234). [RT #36945]	2014-08-28 21:40:32 -07:00
Mark Andrews	7c73ac5e13	3934. [bug] Catch bad 'sit-secret' in named-checkconf. Improve sit-secrets documentation. [RT #36980]	2014-08-29 14:35:21 +10:00
Evan Hunt	0c2313eb36	[master] fixes to checkconf test, HIP casecompare 3933. [bug] Corrected the implementation of dns_rdata_casecompare() for the HIP rdata type. [RT #36911] 3932. [test] Improved named-checkconf tests. [RT #36911]	2014-08-27 21:36:13 -07:00
Mark Andrews	1164997311	3931. [cleanup] Cleanup how dlz grammer is defined. [RT #36879 ]	2014-08-26 15:01:29 +10:00
Mark Andrews	be5d42f255	dlz clauses are not inheritable	2014-08-25 14:52:01 +10:00
Evan Hunt	27d6642e8b	[master] complete change #3925 - don't use fwdname in dns_view_findzonecut()	2014-08-22 14:57:30 -07:00
Mark Andrews	840d6a4614	3925. [bug] DS lookup of RFC 1918 empty zones failed. [RT #36917	2014-08-22 16:32:19 +10:00
Tinderbox User	a24330c480	regen master	2014-08-16 01:06:20 +00:00
Mark Andrews	15a885dfc6	remove duplicate request-ixfr rt36878 (cherry picked from commit `0a484c39fc`)	2014-08-16 08:51:20 +10:00
Jeremy C. Reed	821350367e	fix typos or misspellings	2014-08-15 10:35:31 -05:00
Mark Andrews	291c0dfbc9	remove redundant isc_sockaddr_format call	2014-08-08 21:27:35 +10:00
Tinderbox User	cd14665cdf	update copyright notice	2014-08-07 23:45:19 +00:00
Evan Hunt	91e7faa874	[master] win32 sockets don't support dscp	2014-08-06 21:35:49 -07:00
Evan Hunt	89f3d83d7e	[master] files missing for win32 build	2014-08-06 20:51:04 -07:00
Evan Hunt	ef1ba8ffa7	[master] need local strlcpy() in VS2005	2014-08-06 19:57:04 -07:00
Tinderbox User	6cdcc9df5b	update copyright notice	2014-08-07 01:14:24 +00:00
Evan Hunt	cfe32752a6	[master] [36737] allow zero-length URI and CAA fields 3914. [bug] Allow the URI target and CAA value fields to be zero length. [RT #36737]	2014-08-06 17:40:42 -07:00
Tinderbox User	1e7501fe07	update copyright notice	2014-08-06 23:45:23 +00:00
Mark Andrews	493f3eb297	3913. [bug] Address race issue in dispatch. [RT #36731 ]	2014-08-06 18:49:53 +10:00
Evan Hunt	338a89339a	[master] install new include file	2014-08-05 22:11:17 -07:00
Evan Hunt	a6ad80dd08	[master] make lwres/stdlib.h and lwres/string.h instead of compat.h	2014-08-05 22:01:06 -07:00
Mark Andrews	c5734964e6	3912. [bug] Address some unrecoverable lookup failures. [RT #36330 ]	2014-08-06 14:18:04 +10:00
Mark Andrews	f38a398033	silence signed/unsigned comparision warning	2014-08-06 12:25:03 +10:00
Mark Andrews	b47839a675	alphabetize zone_clauses	2014-08-06 11:54:54 +10:00
Mark Andrews	43b9737b11	3911. [func] Implement EDNS EXPIRE option client side. [RT #35925 ]	2014-08-06 11:50:40 +10:00
Mukund Sivaraman	a338c2d947	[36720] Free event early (fixes race to free) Patch contributed by yhu2 <yadi.hu@windriver.com>.	2014-08-05 17:08:14 +05:30
Mark Andrews	3e90f6c373	3910. [bug] When computing the number of elements required for a acl count_acl_elements could have a short count leading to a assertion failure. Also zero out new acl elements in dns_acl_merge. [RT #36675]	2014-08-03 10:05:02 +10:00
Tinderbox User	79bb509936	update copyright notice	2014-08-02 23:45:21 +00:00
Mark Andrews	c38341ec43	3908. [bug] rndc now differentiates between a zone in multiple views and a zone that doesn't exist at all. [RT #36691]	2014-08-02 14:43:26 +10:00
Tinderbox User	25633bca23	update copyright notice	2014-07-31 23:45:21 +00:00
Evan Hunt	7712d1660a	[master] [rt36642] fix URI RR format 3906. [protocol] Update URI record format to comply with draft-faltstrom-uri-08. [RT #36642]	2014-07-30 20:41:59 -07:00
Mark Andrews	b04839cfe2	[rt36341] 3905. [bug] Address deadlock between view.c and adb.c. [RT #36341]	2014-07-31 11:38:11 +10:00
Mark Andrews	3a55d43527	3904. [func] Add the RPZ SOA to the additional section. [RT36507]	2014-07-31 10:51:48 +10:00
Mark Andrews	a04588e781	update copyrights	2014-07-31 09:47:00 +10:00
Mark Andrews	1e5fd07d16	#include print_p.h	2014-07-31 00:26:21 +10:00
Mark Andrews	70be388974	[rt36039] 3902. bug] liblwres wasn't handling link-local addresses in nameserver clauses in resolv.conf. [RT #36039]	2014-07-30 23:26:37 +10:00
Tinderbox User	d1b499c827	update copyright notice	2014-07-29 23:45:20 +00:00
Evan Hunt	c1e42fa06d	[master] use correct length	2014-07-29 15:24:39 -07:00
Evan Hunt	2383eb5272	[master] add CAA rdata support 3056. [protocol] Added support for CAA record type (RFC 6844). [RT #36625]	2014-07-29 08:40:35 -07:00
Mark Andrews	275a8affe7	3899. [bug] "request-ixfr" is only applicable to slave and redirect zones. [RT #36608]	2014-07-25 14:23:14 +10:00
Mark Andrews	bc4006c0d3	alphabetize optionstable	2014-07-22 14:14:55 +10:00
Mark Andrews	0e50e50206	alphabetize server_clauses	2014-07-22 14:00:27 +10:00
Mark Andrews	6a6838f973	3898. [bug] To small a buffer in tohexstr() calls in test code. [RT #36598]	2014-07-22 11:26:28 +10:00
Mark Andrews	ac5ed74860	3897. [bug] RPZ summary information was not properly being updated after a AXFR resulting in changes sometimes being ignored. [RT #35885]	2014-07-22 10:57:58 +10:00
Mark Andrews	a1dee90bfb	adjust INSIST now that dev->dscp is unsigned	2014-07-19 11:56:23 +10:00
Mark Andrews	044c780437	silence coverity, explicitly ignore dns_peer_gettransferdscp result	2014-07-18 12:55:04 +10:00
Mark Andrews	89cf81b462	3896. [bug] Address performance issues with DSCP code on some platforms. [RT #36534]	2014-07-18 11:40:44 +10:00
Mark Andrews	2e6d7a724a	silence "Value stored to 'length' is never read" by removing assignment	2014-07-17 09:44:57 +10:00
Tinderbox User	b6f7267093	update copyright notice	2014-07-15 23:45:19 +00:00
Mark Andrews	71ec6d0940	3894. [bug] Buffers in isc_print_vsnprintf were not properly initialized leading to potential overflows when printing out quad values. [RT #36505]	2014-07-15 22:53:07 +10:00
Mark Andrews	a920fb9dc2	3893. [bug] Peer DSCP values could be returned without being set. [RT #36538]	2014-07-15 22:40:39 +10:00
Tinderbox User	8a9485517e	update copyright notice	2014-07-10 23:45:19 +00:00
Mark Andrews	7eb82402e3	Revert "update description to match code; doxygen fixes" This reverts commit `1fc784da63`.	2014-07-10 10:37:10 +10:00
Mark Andrews	9862191c37	update description to match code; doxygen fixes	2014-07-10 10:36:33 +10:00
Mark Andrews	1fc784da63	update description to match code; doxygen fixes	2014-07-10 10:32:54 +10:00
Mark Andrews	dcc7a2738f	hold a nta reference while fetching	2014-07-10 10:24:47 +10:00
Mark Andrews	63e1ac1e09	3890. [bug] RRSIG sets that were not loaded in a single transaction at start up where not being correctly added to re-signing heaps. [RT #36302]	2014-07-07 12:05:01 +10:00
Mark Andrews	769224a8dc	state fw_copy is never used; n only needs to be set for fw_ordinary; (cherry picked from commit d956d9689c13b093fff5faf6b10f06338354dcfc)	2014-07-04 08:51:26 +10:00
Mark Andrews	e58154a6ec	silence coverity warnings	2014-07-02 15:28:02 +10:00
Mark Andrews	7dbd309799	be consistent about expire time	2014-07-02 14:12:46 +10:00
Mark Andrews	5d63868ad0	DNS_VALIDATOR_NONTA needs passed to sub validator	2014-07-02 14:12:15 +10:00
Mark Andrews	e31a37787b	silence coverity - reviewed by Evan over jabber	2014-07-01 09:52:02 +10:00
Mark Andrews	1a03e9eb52	rename closesocket to socketclose to avoid coverity model for window's closesocket	2014-06-26 10:47:48 +10:00
Mark Andrews	33399d6a14	3888. [func] 'rndc status' now reports the number of automatic zones. [RT #36015]	2014-06-25 13:17:03 +10:00
Mark Andrews	65eba0a5a8	add init_count	2014-06-25 12:40:28 +10:00
Mark Andrews	777ea03a92	move definition of FILE_VERSION to after #define of FILE_VERSION	2014-06-25 12:29:15 +10:00
Mark Andrews	c312172e13	more statics that were optimised out	2014-06-25 11:10:25 +10:00
Mark Andrews	c21e9f1a92	add and deserialize are structure element names	2014-06-25 09:45:53 +10:00
Mark Andrews	ef117da205	3887. [cleanup] Make all static symbols in rbtdb64 end in "64" so they are easier to use in a debugger. [RT #36373]	2014-06-25 08:33:37 +10:00
Mark Andrews	d2dc08308f	set now on all paths	2014-06-25 00:44:11 +10:00
Mark Andrews	6343df7150	silence signed vs unsigned	2014-06-25 00:19:17 +10:00
Mark Andrews	ba5c73b383	3886. [bug] rbtdb_write_header should use a once to initialize FILE_VERSION. [RT #36374]	2014-06-24 19:58:25 +10:00
Mark Andrews	a421f4458d	use isc_time_seconds rather than .seconds	2014-06-23 23:15:19 +10:00
Evan Hunt	4ef06963a4	[master] unresolved externals	2014-06-20 13:51:36 -07:00
Tinderbox User	5a31767b09	update copyright notice	2014-06-19 23:45:23 +00:00
Evan Hunt	cac2181160	[master] CDS/CDNSKEY rrtypes 3884. [protocol] Add CDS and CDNSKEY record types. [RT #36333]	2014-06-19 00:35:11 -07:00
Mark Andrews	bfbd478cdb	silence coverity	2014-06-19 11:33:22 +10:00
Evan Hunt	5e6cfc7c9a	[master] Merge branch 'master' of ssh://repo/proj/git/prod/bind9	2014-06-18 17:25:19 -07:00
Evan Hunt	f47ed4bb4d	[master] silence warning	2014-06-18 17:24:48 -07:00
Mark Andrews	3a37159a95	add #include <isc/print.h>	2014-06-19 10:20:34 +10:00
Evan Hunt	b8a9632333	[master] complete NTA work 3882. [func] By default, negative trust anchors will be tested periodically to see whether data below them can be validated, and if so, they will be allowed to expire early. The "rndc nta -force" option overrides this behvaior. The default NTA lifetime and the recheck frequency can be configured by the "nta-lifetime" and "nta-recheck" options. [RT #36146]	2014-06-18 16:50:38 -07:00
Mark Andrews	8eb2d262dc	silence coverity - add nul termination	2014-06-18 20:04:21 +10:00
Tinderbox User	636aadbfe4	update copyright notice	2014-06-17 23:45:20 +00:00
Evan Hunt	a4e76a630e	[master] update gitignore files; use rev-parse to get srcid	2014-06-17 13:49:30 -07:00
Mark Andrews	e177c7b814	add EAI_OVERFLOW to lwres	2014-06-17 10:20:24 +10:00
Tinderbox User	51437e2eea	update copyright notice	2014-06-16 23:45:20 +00:00
Evan Hunt	56510cd031	[master] null terminate strings for coverity	2014-06-16 15:30:11 -07:00
Tinderbox User	4ded8003e3	update copyright notice	2014-06-12 23:45:22 +00:00
Evan Hunt	06e0d6bb12	[master] address rpz bugs 3877. [bug] Inserting and deleting parent and child nodes in response policy zones could trigger an assertion failure. [RT #36272]	2014-06-11 20:00:19 -07:00
Mark Andrews	1208790272	make lhs unsigned	2014-06-12 11:12:22 +10:00
Mark Andrews	8a2ff13c3d	add INSISTs to silence tainted data false positive in Coverity	2014-06-12 10:42:39 +10:00
Tinderbox User	889eb2e055	update copyright notice	2014-06-11 23:45:23 +00:00
Mark Andrews	23fe5cbb07	pass rng to destroy	2014-06-11 22:57:46 +10:00
Mark Andrews	0c57bf16a5	fix unbalanced lock; test for non NULL before dereference;	2014-06-11 21:42:36 +10:00
Evan Hunt	8d8f9f7f86	[master] suppress unnecessary db lookups in DLZ redirect zones 3876. [bug] Improve efficiency of DLZ redirect zones by suppressing unnecessary database lookups. [RT #35835]	2014-06-10 16:25:26 -07:00
Evan Hunt	7c9d11b654	[master] add print.h, CHANGES note	2014-06-10 08:54:16 -07:00
Mukund Sivaraman	aa232396ee	[24702] Include key filename in logged message Squashed commit of the following: commit 593e6bc7e29938ff5c2f7508bde303fb069a97a9 Author: Mukund Sivaraman <muks@isc.org> Date: Tue Jun 10 19:17:40 2014 +0530 Increase size of filename buffers commit b8685678e026ba98b8833e26664193b6345eb00e Author: Evan Hunt <each@isc.org> Date: Wed Jun 4 18:57:44 2014 -0700 [rt24702] some tweaks during review commit adfbc8f808716c63e9e097d92beef104527e5c6f Author: Mukund Sivaraman <muks@isc.org> Date: Wed Jun 4 18:18:35 2014 +0530 [24702] Include key filename in logged message commit f1eff77e7e3704b145c3d65101a735467dd81dc3 Author: Mukund Sivaraman <muks@isc.org> Date: Wed Jun 4 18:12:43 2014 +0530 Add dst_key_getfilename()	2014-06-10 19:18:34 +05:30
Mark Andrews	5331f97edc	silence compiler warnings	2014-06-10 12:38:32 +10:00
Tinderbox User	1b2ae58ef1	update copyright notice	2014-06-09 23:45:20 +00:00
Mark Andrews	3b187cad7a	3873. [protocol] Only warn for SPF without TXT spf record. [RT #36210 ]	2014-06-10 09:32:43 +10:00
Mark Andrews	b16d99bac1	3872. [bug] Address issues found by static analysis. [RT #36209 ]	2014-06-10 09:17:15 +10:00
Mukund Sivaraman	5456bddd39	[27303] Supply format string as first arg to printf() No CHANGES entry for this as it isn't proved to cause an issue for anyone (isc_msgcat_get() has to return a format specifier) and isn't a user visible change. Squashed commit of the following: commit bcb15c9aa17b0b706aefd9efef5f7e0e951064a3 Author: Mukund Sivaraman <muks@isc.org> Date: Wed Jun 4 16:55:16 2014 +0530 [27303] Supply format string as first arg to printf() The old code only had a problem if isc_msgcat_get() returned a format specifier (%n).	2014-06-08 19:06:37 +05:30
Tinderbox User	780169512e	update copyright notice	2014-06-04 23:45:22 +00:00
Mukund Sivaraman	79d27f505a	[35063] Don't publish an activated key automatically before its publish time	2014-06-04 14:31:42 +05:30
Mukund Sivaraman	84dc4b3e7e	[35942] Update random number generator to ChaCha based (and add tests) Squashed commit of the following: commit 219a904fea95c74016229b6f4436d4f09de1bfd0 Author: Evan Hunt <each@isc.org> Date: Mon Jun 2 12:20:54 2014 -0700 [rt35942] style commit 90bc77185e9798af4595989abb8698efef8c70d7 Author: Mukund Sivaraman <muks@isc.org> Date: Mon Jun 2 18:01:30 2014 +0530 Return p-value=0 when prerequisite (monobit) fails commit 5594669728f1181a447616f60b835e4a043d1b21 Author: Mukund Sivaraman <muks@isc.org> Date: Mon Jun 2 17:44:25 2014 +0530 Print proportion of test sequences passing too commit 9e94b67a4114651224a8285f7c4a7fb03907f376 Author: Mukund Sivaraman <muks@isc.org> Date: Mon Jun 2 17:34:03 2014 +0530 Check uniform distribution of p-values commit acf911b32dd84ac1c30c57d8937cfeb6b3ff972f Author: Mukund Sivaraman <muks@isc.org> Date: Mon Jun 2 17:17:39 2014 +0530 Check proportion of sequences passing a test commit 7289eb441fc4ec623364ad882e22b240ba8da308 Author: Mukund Sivaraman <muks@isc.org> Date: Mon Jun 2 04:33:37 2014 +0530 Refactor common setup code into random_test() No behavioral change is made. commit 51feef3e08c233d34a6b8b9d25a72d43110b4eed Author: Mukund Sivaraman <muks@isc.org> Date: Sun Jun 1 17:31:57 2014 +0530 Fix binary rank computation commit 0ea3c03dea353f309d13c38e26aa0abbffdcff2b Author: Mukund Sivaraman <muks@isc.org> Date: Tue May 27 06:01:10 2014 +0530 Add binary matrix rank RNG test commit eb4e7c53540ac97436d94714d30084907eeff01a Author: Mukund Sivaraman <muks@isc.org> Date: Mon May 26 15:45:31 2014 +0530 Add function to find rank of a binary matrix commit 1292a06e0e09ebd37d4ecf5337814951dcacc4a4 Author: Evan Hunt <each@isc.org> Date: Thu May 29 16:21:51 2014 -0700 [rt35942] style; check whether we need libm for exp() commit c19788e5a89235e937a5aedf2ebea50f33406609 Author: Evan Hunt <each@isc.org> Date: Thu May 29 15:31:19 2014 -0700 [rt35942] incidental spelling error fixed commit c833326ad0df21e2a8b35958e85ccc0a692e38be Author: Mukund Sivaraman <muks@isc.org> Date: Thu May 29 11:34:37 2014 +0530 Revert "Add function to find rank of a binary matrix" This reverts commit 21b2f230e17f7fc638f81d9a34bcb148b0c4a6fb. This test will be added in RT#36125. commit cf786a533d34fdcd9e1c5650356e56d33e93a29f Author: Mukund Sivaraman <muks@isc.org> Date: Thu May 29 11:33:18 2014 +0530 Revert "Add binary matrix rank RNG test" This reverts commit dd843b9ca84fa9af80ec39631152f82778f0b97c. This test will be added in RT#36125. commit dd843b9ca84fa9af80ec39631152f82778f0b97c Author: Mukund Sivaraman <muks@isc.org> Date: Tue May 27 06:01:10 2014 +0530 Add binary matrix rank RNG test commit 21b2f230e17f7fc638f81d9a34bcb148b0c4a6fb Author: Mukund Sivaraman <muks@isc.org> Date: Mon May 26 15:45:31 2014 +0530 Add function to find rank of a binary matrix commit 313c30088d6ba933bde3abb920f2a6d16b9b77e1 Author: Mukund Sivaraman <muks@isc.org> Date: Mon May 26 13:38:44 2014 +0530 Add block frequency random test commit 0d279c60ed3eabe52cf3e1435bf14ec62752536f Author: Mukund Sivaraman <muks@isc.org> Date: Mon May 26 13:04:03 2014 +0530 Add preconditions from NIST spec commit 7a6c5f2ce5078814d5cf0fea30596e58171174c1 Author: Mukund Sivaraman <muks@isc.org> Date: Mon May 26 12:51:03 2014 +0530 Add functions to use in RNG tests commit 8c5cb5594f904f6669cdffaa364f799b4a2c6b58 Author: Mukund Sivaraman <muks@isc.org> Date: Thu May 22 00:26:10 2014 +0530 Add runs RNG test commit 4882f078cc2596c0911066ffb783e4dd145a63ec Author: Mukund Sivaraman <muks@isc.org> Date: Wed May 21 23:58:20 2014 +0530 Pre-compute bitcounts LUT commit 896db3809fba2d9884a4a3a2fa847a73e007ad7f Author: Mukund Sivaraman <muks@isc.org> Date: Wed May 21 23:30:23 2014 +0530 Fix the bit value being checked (this shouldn't affect the test) commit b932cbb5dae39eb819db29cf9490fb51d59b7c56 Author: Mukund Sivaraman <muks@isc.org> Date: Wed May 21 19:35:12 2014 +0530 Add monobits RNG test commit 7bef19fd8b095aa567a975ef5c97d5812162d92e Author: Mukund Sivaraman <muks@isc.org> Date: Wed May 21 16:53:02 2014 +0530 Add API documentation commit 54483f7feb64b5646dd1da45b1fd396e7d04b926 Author: Mukund Sivaraman <muks@isc.org> Date: Wed May 21 16:39:03 2014 +0530 Rename isc_rngctx_t to isc_rng_t commit 7c5031b53555137a82c6b6218cd4dd5e95acf94d Author: Evan Hunt <each@isc.org> Date: Tue May 20 23:29:53 2014 -0700 [rt35942] use attach/detach with isc_rngctx_t commit 8aabae5e09888e6af651ed27bd6b4e9f76334d55 Author: Mukund Sivaraman <muks@isc.org> Date: Tue May 20 18:32:42 2014 +0530 Move RNG from dispatch.c to libisc commit e6d4ad4f389998b91d46e95e258cf420cb21d977 Author: Mukund Sivaraman <muks@isc.org> Date: Mon May 12 19:16:27 2014 +0530 Replace old arc4random with new ChaCha implementation from OpenBSD	2014-06-04 13:44:10 +05:30
Mark Andrews	b925be3e54	attempt to silence leaked lock false positive	2014-06-04 14:07:16 +10:00
Mark Andrews	7cce33eb78	place a upper bound on rdcount	2014-06-04 13:20:42 +10:00
Mark Andrews	f4db7287da	bad size on isc_mem_put	2014-06-04 11:45:09 +10:00
Tinderbox User	6efae581d0	update copyright notice	2014-06-03 23:45:20 +00:00
Mark Andrews	6fc3efb93f	keytable depends on openssl/pkcs11	2014-06-03 15:15:19 +10:00
Mark Andrews	50a7454174	3868. [bug] isc_mem_setwater incorrectly cleared hi_called potentially leaving over memory cleaner running. [RT #35270]	2014-06-02 16:31:42 +10:00
Tinderbox User	803d842603	update copyright notice	2014-05-30 23:45:21 +00:00
Evan Hunt	0cfb247368	[master] rndc nta 3867. [func] "rndc nta" can now be used to set a temporary negative trust anchor, which disables DNSSEC validation below a specified name for a specified period of time (not exceeding 24 hours). This can be used when validation for a domain is known to be failing due to a configuration error on the part of the domain owner rather than a spoofing attack. [RT #29358]	2014-05-29 22:22:53 -07:00
Mark Andrews	536da846f6	update copyrights	2014-05-30 09:41:33 +10:00
Evan Hunt	caa252e5ad	[master] Fix bin/tests/rbt_test.c, use portable int types	2014-05-29 07:37:13 -07:00
Mukund Sivaraman	9ff0b976a1	Add missing include Reported by tinderbox. It is not required on this developer's machine, but would be required on platforms that don't supply snprintf().	2014-05-29 14:04:35 +05:30
Mukund Sivaraman	ce376a81fa	[35904] Add various RBT unit tests No CHANGES entry was added as this commit mainly adds tests related code. Squashed commit of the following: commit d3d44508daa128fb8b60f64b3a8c81f80602273d Author: Evan Hunt <each@isc.org> Date: Wed May 7 09:36:41 2014 -0700 [rt35904] remove private non-static names from .def file commit dbca45661c3939f21c3bb3f405d08cfe1b35d7aa Author: Mukund Sivaraman <muks@isc.org> Date: Wed May 7 21:39:32 2014 +0530 Remove test for shortcut findnode() The implementation was not included in this review branch, but the tests erroneously made it through. This functionality will be addressed in a different ticket (RT#35906). commit 94ff14576ab3407f2612d34727b7eacfefc3668c Author: Mukund Sivaraman <muks@isc.org> Date: Wed May 7 21:36:50 2014 +0530 Minor indent fix commit 50972f17697bb222996e433faa8224843366f9b2 Author: Evan Hunt <each@isc.org> Date: Tue May 6 20:05:21 2014 -0700 [rt35904] style commit 5c4d5d41fcc5bfecdeebc008896974385c841b8d Author: Mukund Sivaraman <muks@isc.org> Date: Sun May 4 19:19:36 2014 +0530 RBT related updates * Add various RBT unit tests * Add some helper methods useful in unit testing RBT code * General cleanup	2014-05-29 11:09:23 +05:30
Mark Andrews	57d5f5abe1	silence coverity warning	2014-05-28 10:43:19 +10:00
Mark Andrews	358cc47a25	address typo	2014-05-27 14:10:12 +10:00
Mark Andrews	586d94eb74	3861. [security] Missing isc_buffer_availablelength check results in a REQUIRE assertion when printing out a packet. [RT #36078]	2014-05-25 12:39:03 +10:00
Mark Andrews	4b22b8decb	fix typo == -> =	2014-05-24 23:24:19 +10:00
Mark Andrews	a569e1b321	3860. [bug] ioctl(DP_POLL) array size needs to be determined at run time as it is limited to {OPEN_MAX}. [RT #35878]	2014-05-23 13:05:23 +10:00
Mark Andrews	35711d3c73	correct EDNSOK sense	2014-05-22 22:02:09 +10:00
Mark Andrews	ba586e9568	3857. [bug] Make it harder for a incorrect NOEDNS classification to be made. [RT #36020]	2014-05-22 21:38:53 +10:00
Tinderbox User	9d9626fb77	update copyright notice	2014-05-21 23:45:21 +00:00
Mark Andrews	8d56a8531d	remove unused assignment	2014-05-22 00:58:43 +10:00
Mark Andrews	0fe0789181	3855. [bug] Limit smoothed round trip time aging to no more than once a second. [RT #32909]	2014-05-21 10:08:52 +10:00
Mark Andrews	27b09ceb12	3853. [cleanup] Refactor dns_rdataslab_fromrdataset to seperate out the handling of a rdataset with no records. [RT #35968]	2014-05-20 11:36:03 +10:00
Evan Hunt	896f49f8bd	[master] increase and allow configuration of lwresd tasks/clients 3852. [func] Increase the default number of clients available for servicing lightweight resolver queries, and make them configurable via the "lwres-tasks" and "lwres-clients" options. (Thanks to Tomas Hozza.) [RT #35857]	2014-05-15 22:01:19 -07:00
Mark Andrews	0e338b60cd	3843. [protocol] Check EDNS EXPIRE option in dns_rdata_fromwire. [RT #35969] Conflicts: CHANGES	2014-05-13 21:57:40 +10:00
Mark Andrews	e188b84bc4	suppress clang static analysis warning	2014-05-11 10:47:56 +10:00
Tinderbox User	c381ccf794	update copyright notice	2014-05-07 23:45:21 +00:00
Mark Andrews	faa01edd13	3841. [cleanup] Refactor zone.c:add_opt to use dns_message_buildopt. [RT #35924]	2014-05-08 09:38:05 +10:00
Evan Hunt	1ea6e09c37	[master] check for arc4random_addrandom() 3840. [port] Check for arc4random_addrandom() before using it; it's been removed from OpenBSD 5.5. [RT #35907]	2014-05-07 08:58:25 -07:00
Mark Andrews	cd07e4d038	3838. [protocol] EDNS EXPIRE as been assigned a code point of 9.	2014-05-05 16:40:45 +10:00
Mark Andrews	b36fc8294e	3837. [security] A NULL pointer is passed to query_prefetch resulting a REQUIRE assertion failure when a fetch is actually initiated. [ RT #35899] Squashed commit of the following: commit 7f4e1f3917d743089c42cc52ec2c0eea598d2c00 Author: Mukund Sivaraman <muks@isc.org> Date: Sun May 4 22:34:34 2014 +0530 Fix a comment commit 6a35a6a2346013fa8e3798b9b680d8a3031fcb03 Author: Mark Andrews <marka@isc.org> Date: Sun May 4 23:34:25 2014 +1000 pass the correct name to query_prefetch	2014-05-05 10:12:12 +10:00
Tinderbox User	abc71f216a	update copyright notice	2014-05-02 23:45:19 +00:00
Mark Andrews	dd820d8fd2	3836. [bug] Address C++ keyword usage in header file.	2014-05-02 11:34:32 +10:00
Mark Andrews	c25d9da3f1	add keyboard.h [RT #35887 ]	2014-05-02 10:19:10 +10:00
Mark Andrews	d26c36b1d9	silence clang compiler warnings	2014-05-02 10:02:27 +10:00
Mark Andrews	3b27d9a318	dec_adbstats should decrement rather than increment	2014-05-01 20:58:32 +10:00
Mark Andrews	c2638d3d5a	protect geoip_elem use with HAVE_GEOIP	2014-05-01 15:03:11 +10:00
Mark Andrews	ab02ecbb30	silence compiler warning	2014-05-01 14:55:04 +10:00
Mark Andrews	4442141672	silence NULL pointer dereference warning	2014-05-01 14:23:23 +10:00
Evan Hunt	c0c4512020	[master] fixed geoip elements in named ACLs 3835. [bug] Geoip ACL elements didn't work correctly when referenced via named or nested ACLs. [RT #35879]	2014-04-30 20:21:56 -07:00
Mark Andrews	c2abd6efeb	update copyrights	2014-05-01 10:00:00 +10:00
Mark Andrews	5d739300d1	3834. [bug] The re-signing heaps were not being updated soon enough leading to multiple re-generations of the same RRSIG when a zone transfer was in progress. [RT #35273]	2014-04-30 11:58:07 +10:00
Evan Hunt	2b78610512	[master] reduce EDNS logging noise 3831. [cleanup] Reduce logging noise when EDNS state changes occur. [RT #35843]	2014-04-29 17:06:19 -07:00
Evan Hunt	cd750f6e74	[master] dig +ttlunits 3829. [func] "dig +ttlunits" causes dig to print TTL values with time-unit suffixes: w, d, h, m, s for weeks, days, hours, minutes, and seconds. (Thanks to Tony Finch.) [RT #35823]	2014-04-29 16:58:36 -07:00
Tinderbox User	f6ea2b1d09	update copyright notice	2014-04-29 23:45:21 +00:00
Evan Hunt	b4ba66ba1e	[master] "dnssec-signzone -N date" 3827. [func] "dnssec-signzone -N date" updates serial number to the current date in YYYYMMDDNN format. [RT #35800]	2014-04-29 16:29:20 -07:00
Evan Hunt	3e5743068c	[master] use-after-free in isc_radix_remove() 3826. [bug] Corrected a use-after-free in isc_radix_remove(). (This function is not used in BIND, but could have caused problems in programs linking to libisc.) [RT #35870]	2014-04-29 15:21:46 -07:00
Mark Andrews	c11e46110b	3825. [bug] Address sign extension bug in isc_regex_validate. [RT #35758]	2014-04-29 14:33:21 +10:00
Evan Hunt	e01fbe2a45	[master] SIT/max-cache-size flag collision 3824. [bug] A collision between two flag values could cause problems with cache cleaning when SIT was enabled. [RT #35858]	2014-04-28 10:24:39 -07:00
Tinderbox User	06081a0d61	update copyright notice	2014-04-25 23:45:21 +00:00
Evan Hunt	aefb3e308b	[master] better DDNS in DLZ; mysqldyn 3821. [contrib] Added a new "mysqldyn" DLZ module with dynamic update and transaction support. Thanks to Marty Lee for the contribution. [RT #35656] 3820. [func] The DLZ API doesn't pass the database version to the lookup() function; this can cause DLZ modules that allow dynamic updates to mishandle prerequisite checks. This has been corrected by adding a 'dbversion' field to the dns_clientinfo_t structure. [RT #35656]	2014-04-25 13:06:30 -07:00
Mark Andrews	1deeb567fa	remove const	2014-04-25 14:26:41 +10:00
Mark Andrews	618053b8be	additional places: 3818. [bug] Stop lying to the optimizer that 'void *arg' is a constant in isc_event_allocate. (cherry picked from commit `39b5269577`)	2014-04-25 12:22:27 +10:00
Tinderbox User	37f7c4c673	update copyright notice	2014-04-24 23:45:21 +00:00
Mark Andrews	44c6deacdd	additional changes for: 3818. [bug] Stop lying to the optimizer that 'void *arg' is a constant in isc_event_allocate.	2014-04-24 18:59:01 +10:00
Mark Andrews	36e5ac0033	3819. [bug] NSEC3 hashes need to be able to be entered and displayed without padding. This is not a issue for currently defined algorithms but may be for future hash algorithms. [RT #27925]	2014-04-24 18:58:03 +10:00
Mark Andrews	e916c4f840	3818. [bug] Stop lying to the optimizer that 'void *arg' is a constant in isc_event_allocate.	2014-04-24 13:43:59 +10:00
Mark Andrews	974fb3a9c5	make days a const	2014-04-24 13:15:40 +10:00
Evan Hunt	2ae159b376	[master] globally rename "delve" to "delv" 3817. [func] The "delve" command is now spelled "delv" to avoid a namespace collision with the Xapian project. [RT #35801]	2014-04-23 11:14:12 -07:00
Tinderbox User	953189d30e	update copyright notice	2014-04-22 23:45:19 +00:00
Evan Hunt	ec3b216506	[master] masterfile-style 3814. [func] The "masterfile-style" zone option controls the formatting of dumped zone files. Options are "relative" (multiline format) and "full" (one record per line). The default is "relative". [RT #20798]	2014-04-17 17:10:29 -07:00
Evan Hunt	4e7973990c	[master] host recognizes /etc/resolv.conf options 3813. [func] "host" now recognizes the "timeout", "attempts" and "debug" options when set in /etc/resolv.conf. (Thanks to Adam Tkac at RedHat.) [RT #21885]	2014-04-17 17:04:51 -07:00
Evan Hunt	7318bbc262	[master] serial-update-method date; 3811. [func] "serial-update-method date;" sets serial number on dynamic update to today's date in YYYYMMDDNN format. (Thanks to Bradley Forschinger.) [RT #24903]	2014-04-17 16:05:50 -07:00
Evan Hunt	088b1abfd0	[master] prep 9.10.0 respin	2014-04-16 22:49:02 -07:00
Mark Andrews	469bbe0f97	3810. [bug] Work around broken nameservers that fail to ignore unknown EDNS options. [RT #35766]	2014-04-17 15:43:38 +10:00
Evan Hunt	2dc978b8a1	[master] fix "prefetch" doc 3808. [doc] Clean up "prefetch" documentation. [RT #35751]	2014-04-13 18:50:34 -07:00
Francis Dupont	c80fef792a	fix char sign extension [#35743 ]	2014-04-11 13:25:49 +02:00
Mark Andrews	51af0a72ad	sort	2014-04-08 10:43:43 +10:00
Mark Andrews	c7bd423cec	order.h	2014-04-08 10:37:21 +10:00
Mark Andrews	2d1c1ee28a	keyboard.h	2014-04-08 10:37:08 +10:00
Evan Hunt	38c3ed154a	[master] fix race 3804. [bug] Corrected a race condition in dispatch.c in which portentry could be reset leading to an assertion failure in socket_search(). (Change #3708 addressed the same issue but was incomplete.) [RT #35128]	2014-04-07 13:54:08 -07:00
Tinderbox User	1756e623f9	update copyright notice	2014-04-04 23:46:15 +00:00
Mark Andrews	866606b9c7	3802. [bug] Various header files were not being installed	2014-04-04 21:56:08 +11:00
Evan Hunt	4c4d6213e1	[master] prep 9.10.0rc1	2014-04-03 20:34:46 -07:00
Evan Hunt	f0e9d6e905	[master] fix gssapi probing on freebsd 3801. [port] Fix probing for gssapi support on FreeBSD. [RT #35615]	2014-04-03 19:52:03 -07:00
Mukund Sivaraman	ef9334d745	3795. [bug] Make named-checkconf detect raw masterfiles for hint zones and reject them. [RT #35268] Squashed commit of the following: commit 5b0254711d6b77940d6217b9131b9d401df8a866 Author: Mukund Sivaraman <muks@isc.org> Date: Fri Mar 28 02:09:01 2014 +0530 Remove redundant helper function commit a4341c1a2ba830c8cee1def57a533f987f67c3dc Author: Mark Andrews <marka@isc.org> Date: Thu Jan 30 10:08:17 2014 +1100 error out if masterfile-format raw is specified for a hint zone.	2014-03-31 04:55:37 +05:30
Tinderbox User	657099c9bc	update copyright notice	2014-03-29 23:46:04 +00:00
Mark Andrews	6ffa8fcf76	3794. [maint] Added AAAA for C.ROOT-SERVERS.NET.	2014-03-29 10:30:40 +11:00
Tinderbox User	934b17be8d	update copyright notice	2014-03-27 23:46:09 +00:00
Mark Andrews	6d5740075b	fix typo in comment	2014-03-27 18:21:31 +11:00
Mark Andrews	1fa64087e7	sigprocmask sets errno on error	2014-03-27 12:33:40 +11:00
Evan Hunt	bbd5c0ab33	[master] fix possible assertion in save_nsec3param() 3793. [bug] zone.c:save_nsec3param() could assert when out of memory. [RT #35621]	2014-03-26 13:12:35 -07:00
Mark Andrews	c1f26bd63c	silence clang compiler warnings	2014-03-26 16:20:31 +11:00
Mark Andrews	b4a819a44f	othererror should not include badvers now that we have a badvers counter	2014-03-25 16:46:11 +11:00
Tinderbox User	9d7e943c3d	update copyright notice	2014-03-19 23:46:06 +00:00
Mark Andrews	a78ffa0cc8	only set FCTX_ADDRINFO_NOSIT if we don't have a existing sit	2014-03-20 07:17:00 +11:00
Mark Andrews	09ab38c151	3790. [bug] Handle broken nameservers that send BADVERS in response to unknown EDNS options. Maintain statistics on BADVERS responses.	2014-03-20 05:00:55 +11:00
Mark Andrews	adbb48b4a0	3789. [bug] Null pointer dereference on rbt creation failure.	2014-03-17 23:25:21 +11:00
Mark Andrews	61cfadb50e	3788. [bug] dns_peer_getrequestsit was returning request_nsid by mistake.	2014-03-16 03:31:40 +11:00
Mark Andrews	03296893bc	fix include path for out of source tree build	2014-03-15 13:25:27 +11:00
Mark Andrews	8058292627	install context.h dnsconf.h; resconf.h types.h were not being installed when cross compiling	2014-03-14 11:42:16 +11:00
Mark Andrews	b0e6f5dfd7	copy named-rrchecker.html	2014-03-14 11:16:13 +11:00
Tinderbox User	24a4fabc0b	update copyright notice	2014-03-13 23:53:24 +00:00
Tinderbox User	3c15417fc1	update copyright notice	2014-03-13 23:46:07 +00:00
Evan Hunt	9ff6800ed0	[master] fix merge error	2014-03-13 07:00:13 -07:00
Evan Hunt	e4d524bd91	[master] missing win32 include files	2014-03-13 06:33:32 -07:00
Evan Hunt	9896a01aeb	[master] prep 9.10.0b2	2014-03-12 21:57:11 -07:00
Evan Hunt	22e29471c7	[master] check allow-update in view/options 3787. [bug] The code that checks whether "auto-dnssec" is allowed was ignoring "allow-update" ACLs set at the options or view level. [RT #29536]	2014-03-12 21:36:01 -07:00
Evan Hunt	acbb301e64	[master] better error output when initializing pkcs11 3786. [func] Provide more detailed error codes when using native PKCS#11. "pkcs11-tokens" now fails robustly rather than asserting when run against an HSM with an incomplete PCKS#11 API implementation. [RT #35479]	2014-03-12 20:52:01 -07:00
Mark Andrews	3911e7610f	3785. [bug] Debugging code dumphex didn't accept arbitarily long input (only compiled with -DDEBUG). [RT #35544]	2014-03-13 12:37:07 +11:00
Evan Hunt	ffbd79e978	[master] fix possible uninitialized variable	2014-03-10 20:55:26 -07:00
Tinderbox User	7bd4556414	update copyright notice	2014-03-10 23:46:12 +00:00
Evan Hunt	8cbf3b6fc3	[master] use adaptive locks when available 3781. [tuning] Use adaptive mutex locks when available; this has been found to improve performance under load on many systems. "configure --with-locktype=standard" restores conventional mutex locks. [RT #32576]	2014-03-10 12:14:35 -07:00
Evan Hunt	7b46a4aa41	[master] fix negative numbers in $GENERATE 3780. [bug] $GENERATE handled negative numbers incorrectly. [RT #25528]	2014-03-10 11:55:32 -07:00
Francis Dupont	83bb42c635	fix opensslgost_link.c when OPENSSL is not defined	2014-03-08 19:32:34 +01:00
Evan Hunt	9ba2cef72d	[master] clarify error 3779. [cleanup] Clarify the error message when using an option that was not enabled at compile time. [RT #35504]	2014-03-07 15:59:55 -08:00
Tinderbox User	4b1a933811	update copyright notice	2014-03-07 23:47:09 +00:00
Evan Hunt	78f79084fc	[master] warn when wrong address family used in listen-on/-v6 3778. [bug] Log a warning when the wrong address family is used in "listen-on" or "listen-on-v6". [RT #17848]	2014-03-07 11:31:51 -08:00
Evan Hunt	e29c2b3903	[master] fix misuses of isc__buffer functions, update comment	2014-03-06 17:26:21 -08:00
Tinderbox User	cc2a515684	update copyright notice	2014-03-04 23:46:15 +00:00
Evan Hunt	b454c03196	[master] use ANSI prototypes, clean up some casts	2014-03-04 10:42:25 -08:00
Evan Hunt	f6d0284ec2	[master] fix memory leak	2014-03-04 08:56:09 -08:00
Evan Hunt	e69790ac00	[master] printable NSID logging 3774. [func] When using "request-nsid", log the NSID value in printable form as well as hex. [RT #20864]	2014-03-03 20:51:14 -08:00
Tinderbox User	794b79e6bb	regen master	2014-02-28 01:07:06 +00:00
Evan Hunt	e71905610c	[master] fixed out-of-tree build 3766. [cleanup] Fixed problems with building outside the source tree when using native PKCS#11. [RT #35459]	2014-02-27 16:49:35 -08:00
Evan Hunt	1aced7b870	[master] fix possible rndc secroots crash 3765. [bug] Fixed a bug in "rndc secroots" that could crash named when dumping an empty keynode. [RT #35469]	2014-02-27 16:42:35 -08:00
Tinderbox User	938440694b	update copyright notice	2014-02-27 23:46:22 +00:00
Evan Hunt	1753d3c4d7	[master] correct dates in man pages	2014-02-27 11:43:10 -08:00
Mark Andrews	7fbbc9bfd3	3762. [bug] Address build problems with --pkcs11-native + --with-openssl with ECDSA support. [RT #35467]	2014-02-27 18:29:52 +11:00
Mark Andrews	96c17c5ecb	3761. [bug] Address dangling reference bug in dns_keytable_add. [RT #35471]	2014-02-27 16:55:46 +11:00
Evan Hunt	98922b2b2b	[master] merge several interdependent fixes 3760. [bug] Improve SIT with native PKCS#11 and on Windows. [RT #35433] 3759. [port] Enable delve on Windows. [RT #35441] 3758. [port] Enable export library APIs on windows. [RT #35382]	2014-02-26 19:00:05 -08:00
Mark Andrews	86ec04712b	#include <inttypes.h>	2014-02-27 11:57:51 +11:00
Evan Hunt	3a01ded15d	[master] enable windows python tools 3757. [port] Enable Python tools (dnssec-coverage, dnssec-checkds) to run on Windows. [RT #34355]	2014-02-26 08:43:50 -08:00
Mark Andrews	b0d8002354	use cfg_type_sstring rather than cfg_type_qstring for sit-secret	2014-02-27 01:11:13 +11:00
Mark Andrews	79bd3cf027	we only use 32 octets	2014-02-26 15:54:23 +11:00
Mark Andrews	f4193c2021	update copyrights	2014-02-25 12:07:41 +11:00
Mark Andrews	53ebc0959b	#ifdef notyet error handling for bad sit	2014-02-24 23:49:21 +11:00
Mark Andrews	0072ae822d	3756. [bug] GSSAPI Kerberos realm checking was broken in check_config leading to spurious messages being logged. [RT #35443]	2014-02-24 12:15:37 +11:00
Mark Andrews	9e39bafd2e	adjust SIT computation	2014-02-24 09:29:49 +11:00
Francis Dupont	2ab466bf79	more missing WIN32 docs	2014-02-22 03:01:56 +01:00
Mark Andrews	5e45c8aabf	add CFG_CLAUSEFLAG_NOTCONFIGURED flag	2014-02-21 12:48:39 +11:00
Mark Andrews	edd82b2ce2	3753. [bug] allow-notify was ignoring keys. [RT #35425 ]	2014-02-21 00:09:28 +11:00
Mark Andrews	86856f4f30	3752. [bug] Address potential REQUIRE failure if DNS_STYLEFLAG_COMMENTDATA is set when printing out a rdataset.	2014-02-20 23:04:54 +11:00
Evan Hunt	4a0beb64be	[master] start prep for 9.10.0b1	2014-02-19 21:39:35 -08:00
Evan Hunt	9576baafc0	[master] assert if sitok/sitbad are insane	2014-02-19 21:26:31 -08:00
Mark Andrews	d17d32a7bf	set setok/sitbad	2014-02-20 16:16:53 +11:00
Mark Andrews	f0c00f10a0	report if sit is good/bad	2014-02-20 15:55:09 +11:00
Mark Andrews	51d6d7eea4	continue rather than break	2014-02-20 15:20:12 +11:00
Mark Andrews	45b8dc626a	add #ifdef notdef check of DNS_OPT_EXPIRE length	2014-02-20 15:06:49 +11:00
Evan Hunt	6cba0b8e61	[expireopt] format expire time	2014-02-20 14:57:47 +11:00
Mark Andrews	16134801ce	3750. [experimental] Partially implement EDNS EXPIRE option as described in draft-andrews-dnsext-expire-00. Retrivial of remaining time to expiry from slave zones is supported. EXPIRE uses an experimental option code (65002) and is subject to change. [RT #35416]	2014-02-20 14:56:20 +11:00
Mark Andrews	801b958a5c	s/DNS_EDNSOPTIONS/DNS_EDNSOPTIONS/	2014-02-20 14:00:54 +11:00
Mark Andrews	72ba6ba736	define DNS_OPT_EDNSOPTIONS	2014-02-20 13:55:21 +11:00
Mark Andrews	e676a59686	update copyrights	2014-02-20 10:53:11 +11:00
Evan Hunt	d7b9756a21	[master] ENDS client-subnet in dig 3749. [func] "dig +subnet" sends an EDNS client subnet option containing the specified address/prefix when querying. (Thanks to Wilmer van der Gaast.) [RT #35415]	2014-02-19 15:51:02 -08:00
Tinderbox User	1361e03890	update copyright notice	2014-02-19 23:46:31 +00:00
Francis Dupont	f1a6c8e78c	WIN32 master fixes	2014-02-19 23:17:52 +01:00
Evan Hunt	7f5bdf7f40	[master] fix dns_resolver_destroyfetch race 3747. [bug] A race condition could lead to a core dump when destroying a resolver fetch object. [RT #35385]	2014-02-18 23:32:02 -08:00
Evan Hunt	35f6a21f5f	[master] max-zone-ttl 3746. [func] New "max-zone-ttl" option enforces maximum TTLs for zones. If loading a zone containing a higher TTL, the load fails. DDNS updates with higher TTLs are accepted but the TTL is truncated. (Note: Currently supported for master zones only; inline-signing slaves will be added.) [RT #38405]	2014-02-18 23:26:50 -08:00
Evan Hunt	6a3fa181d1	[master] add "--with-tuning=large" option 3745. [func] "configure --with-tuning=large" adjusts various compiled-in constants and default settings to values suited to large servers with abundant memory. [RT #29538]	2014-02-18 22:36:14 -08:00
Mark Andrews	b5f6271f4d	3744. [experimental] SIT: send and process Source Identity Tokens (which are similar to DNS Cookies by Donald Eastlake) and are designed to help clients detect off path spoofed responses and for servers to detect legitimate clients. SIT use a experimental EDNS option code (65001). SIT can be enabled via --enable-developer or --enable-sit. It is on by default in Windows. RRL processing as been updated to know about SIT with legitimate clients not being rate limited. [RT #35389]	2014-02-19 12:53:42 +11:00
Mark Andrews	38eabfcee7	3743. [bug] delegation-only flag wasn't working in forward zone declarations despite being documented. This is needed to support turning off forwarding and turning on delegation only at the same name. [RT #35392]	2014-02-18 10:09:07 +11:00
Mark Andrews	823eadf26d	#include <isc/string.h>	2014-02-17 12:22:42 +11:00
Tinderbox User	72141595cf	update copyright notice	2014-02-16 23:46:32 +00:00
Evan Hunt	1d761cb453	[master] delve 3741. [func] "delve" (domain entity lookup and validation engine): A new tool with dig-like semantics for performing DNS lookups, with internal DNSSEC validation, using the same resolver and validator logic as named. This allows easy validation of DNSSEC data in environments with untrustworthy resolvers, and assists with troubleshooting of DNSSEC problems. (Note: not yet available on win32.) [RT #32406]	2014-02-16 13:03:17 -08:00
Evan Hunt	31f6244cc2	[master] tcp and udp stats counters 3739. [func] Added per-zone stats counters to track TCP and UDP queries. [RT #35375]	2014-02-15 20:57:00 -08:00
Tinderbox User	56af756b6c	update copyright notice	2014-02-14 23:46:27 +00:00
Evan Hunt	f2ea8c2f96	[master] updated published drafts	2014-02-14 08:53:06 -08:00
Mark Andrews	2729aea3c1	3738. [bug] --enable-openssl-hash failed to build. [RT #35343 ]	2014-02-13 15:09:08 +11:00
Tinderbox User	1124950b35	update copyright notice	2014-02-12 23:46:27 +00:00
Mark Andrews	a1271e2404	3737. [bug] 'rndc retransfer' could trigger a assertion failure with inline zones. [RT #35353] (cherry picked from commit `8e30a7e9fd`)	2014-02-13 08:55:09 +11:00
Mark Andrews	afdcff15c0	#ifdef PF_ROUTE use	2014-02-13 01:13:05 +11:00
Evan Hunt	842a3e6d0e	[master] try multiple addresses per server name in nsupdate 3736. [bug] nsupdate: When specifying a server by name, fall back to alternate addresses if the first address for that name is not reachable. [RT #25784]	2014-02-11 21:29:10 -08:00
Evan Hunt	dbb012765c	[master] merge libiscpk11 to libisc 3735. [cleanup] Merged the libiscpk11 library into libisc to simplify dependencies. [RT #35205]	2014-02-11 21:20:28 -08:00
Mark Andrews	850b5e8093	Add Linux support to: 3733. [func] Improve interface scanning support. Interface information will be automatically updated if the OS supports routing sockets (MacOS, *BSD, Linux). Use "automatic-interface-scan no;" to disable. Add "rndc scan" to trigger a scan. [RT #23027]	2014-02-10 09:46:54 +11:00
Tinderbox User	81f58902eb	update copyright notice	2014-02-07 23:46:39 +00:00
Mark Andrews	d896314990	remove dns_pkcs11.h	2014-02-07 23:19:08 +11:00
Mark Andrews	6a47daef7e	#ifdef PF_ROUTE	2014-02-07 20:36:48 +11:00
Mark Andrews	62ec9fd168	3733. [func] Improve interface scanning support. Interface information will be automatically updated if the OS supports routing sockets. Use "automatic-interface-scan no;" to disable. Add "rndc scan" to trigger a scan. [RT #23027]	2014-02-07 17:16:37 +11:00
Evan Hunt	166341d554	[master] add no-case-compress 3731. [func] Added a "no-case-compress" ACL, which causes named to use case-insensitive compression (disabling change #3645) for specified clients. (This is useful when dealing with broken client implementations that use case-sensitive name comparisons, rejecting responses that fail to match the capitalization of the query that was sent.) [RT #35300]	2014-02-06 19:37:26 -08:00
Evan Hunt	dd19c1a352	[master] report T_SKIPPED from t_dst	2014-02-06 16:21:38 -08:00
Evan Hunt	e5f9fa7e18	[master] deprecate isc_bitsrting 3727. [func] The isc_bitstring API is no longer used and has been removed from libisc. [RT #35284]	2014-02-06 15:36:13 -08:00
Evan Hunt	a8cdf2a2e7	[master] fixed win32 dig problem 3724. [bug] win32: Fixed a bug that prevented dig and host from exiting properly after completing a UDP query. [RT #35288]	2014-02-04 12:01:20 -08:00
Tinderbox User	0666e6db54	update copyright notice	2014-01-31 23:46:22 +00:00
Evan Hunt	48def18179	[master] silence coverity warnings - remove dead code in server.c - initialize a struct tm.c	2014-01-31 09:34:37 -08:00
Mark Andrews	bc021b8ef5	#include <inttypes.h>	2014-01-31 22:38:26 +11:00
Evan Hunt	4e182f01a1	[master] add stdint.h	2014-01-31 00:05:30 -08:00
Evan Hunt	0a35160f4e	[master] prep 9.10.0a2	2014-01-30 18:02:26 -08:00
Evan Hunt	3249da26fc	[master] rationalize external key handling 3723. [cleanup] Imported keys are now handled the same way regardless of DNSSEC algorithm. [RT #35215]	2014-01-30 17:49:32 -08:00
Evan Hunt	d0803df331	[master] fixed geoip in blackhole ACLs 3722. [bug] Using geoip ACLs in a blackhole statement could cause a segfault. [RT #35272]	2014-01-30 17:03:32 -08:00
Tinderbox User	4734976943	update copyright notice	2014-01-30 23:46:20 +00:00
Tinderbox User	04b5785fde	update copyright notice	2014-01-29 23:46:19 +00:00
Mark Andrews	63add83a26	3720. [bug] Address compiler warnings. [RT #35261 ]	2014-01-30 10:33:28 +11:00
Mark Andrews	75d747e1c5	3719. [bug] Address memory leak in in peer.c. [RT #35255 ]	2014-01-30 07:54:52 +11:00
Mark Andrews	fbc0e37e0c	3718. [bug] A missing ISC_LINK_INIT in log.c. [RT #35260 ]	2014-01-30 07:44:02 +11:00
Tinderbox User	0ff8ed750e	update copyright notice	2014-01-27 23:46:24 +00:00
Mark Andrews	ffa83ffb22	doxygen markup (cherry picked from commit bc28371004d70b17f0ca872da8bd84e70591eaf4)	2014-01-28 09:12:58 +11:00
Mark Andrews	b8cf73a3b3	3717. [port] hpux: Treat EOPNOTSUPP as a expected error code when probing to see if it is possible to set dscp values on a per packet basis. [RT #35252] 3716. [bug] The dns_request code was setting dcsp values when not requested. [RT #35252]	2014-01-28 08:25:28 +11:00
Tinderbox User	85167bb10f	update copyright notice	2014-01-24 23:46:22 +00:00
Evan Hunt	bff64bf12b	[master] correct copyrights and attributions see RT #35423 for details; highlights: - remove license clauses 3 and 4 from NetBSD code - remove advertising clause from historical BSD code - add openssl advertising attributions	2014-01-24 09:46:00 -08:00
Tinderbox User	fbe600459d	update copyright notice	2014-01-23 23:46:17 +00:00
Evan Hunt	83f69fcd6e	[master] fix a problem with libgeoip 1.5 and higher 3715. [bug] The region and city databases could fail to initialize when using some versions of libGeoIP, causing assertion failures when named was configured to use them. [RT #35427]	2014-01-23 12:46:02 -08:00
Mark Andrews	db519a99ce	remove src files not available for 'make depend'	2014-01-22 10:49:18 +11:00
Tinderbox User	aa7b16ec2a	update copyright notice	2014-01-21 23:46:16 +00:00
Mark Andrews	395a4c7f6f	s/gai_sterror.c/gai_strerror.c/	2014-01-22 10:10:47 +11:00
Mark Andrews	8fbf08d961	silence compiler warning	2014-01-22 10:01:01 +11:00
Evan Hunt	5c6f38b19b	[master] silence compiler warning	2014-01-21 11:21:29 -08:00
Evan Hunt	1b255a0c4e	[master] overlooked some memcpy->memmove changes with pkcs11 merge	2014-01-21 10:08:01 -08:00
Evan Hunt	a40b8e025a	[master] remove unnecessary test in name.c	2014-01-20 17:58:47 -08:00
Evan Hunt	d58e33bfab	[master] testcrypto.sh in system tests 3714. [test] System tests that need to test for cryptography support before running can now use a common "testcrypto.sh" script to do so. [RT #35213]	2014-01-20 16:08:09 -08:00
Evan Hunt	e45d0508c3	[master] skip unnecesary also-notify data 3713. [bug] Save memory by not storing "also-notify" addresses in zone objects that are configured not to send notify requests. [RT #35195]	2014-01-20 15:53:51 -08:00
Evan Hunt	12bf5d4796	[master] address several issues with native pkcs11	2014-01-18 11:51:07 -08:00
Francis Dupont	6972eaffdb	fix external key handling	2014-01-17 17:12:20 +01:00
Francis Dupont	1893156781	fix GSSAPI with native PKCS#11 typo [#35207 ]	2014-01-17 14:32:12 +01:00
Mark Andrews	e20788e121	update copyrights	2014-01-16 15:19:24 +11:00
Mark Andrews	64819a98a9	cast to unsigned char	2014-01-16 11:46:28 +11:00
Tinderbox User	b269de36be	update copyright notice	2014-01-15 23:46:24 +00:00
Mark Andrews	636c2f488c	initalize ret	2014-01-16 09:23:12 +11:00
Evan Hunt	90b513b2a0	[master] another build fix for pkcs11+atf+libtool	2014-01-15 12:07:04 -08:00
Evan Hunt	0a3fafde84	[master] try again, ensuring atf tests build...	2014-01-15 11:46:17 -08:00
Evan Hunt	e4f484b7b7	[master] address compiler warnings	2014-01-15 09:35:44 -08:00
Evan Hunt	d868cce6eb	[master] correct library build order	2014-01-15 09:20:09 -08:00
Mark Andrews	1b5dcef875	include <isc/tm.h>, <isc/lang.h> and <isc/types.h>	2014-01-15 20:42:22 +11:00
Evan Hunt	a147de10fe	[master] portable strptime/timegm 3709. [port] Use built-in versions of strptime() and timegm() on all platforms to avoid portability issues. [RT #35183]	2014-01-14 23:17:47 -08:00
Mark Andrews	702958d202	3708. [bug] Address a portentry locking issue in dispatch.c. [RT #35128]	2014-01-15 15:55:35 +11:00
Mark Andrews	cd7f8d18f8	3707. [bug] irs_resconf_load now returns ISC_R_FILENOTFOUND on a missing resolv.conf file and initializes the structure as if it had been configured with: nameserver ::1 nameserver 127.0.0.1 Note: Callers will need to be updated to treat ISC_R_FILENOTFOUND as a qualified success or else they will leak memory. The following code fragment will work with both only and new versions without changing the behaviour of the existing code. resconf = NULL; result = irs_resconf_load(mctx, "/etc/resolv.conf", &resconf); if (result != ISC_SUCCESS) { if (resconf != NULL) irs_resconf_destroy(&resconf); .... } [RT #35194]	2014-01-15 15:22:55 +11:00
Mark Andrews	d8b83f0e2b	silence compiler warning	2014-01-15 12:40:09 +11:00
Tinderbox User	bf0266f286	update copyright notice	2014-01-14 23:46:22 +00:00
Evan Hunt	ba751492fc	[master] native PKCS#11 support 3705. [func] "configure --enable-native-pkcs11" enables BIND to use the PKCS#11 API for all cryptographic functions, so that it can drive a hardware service module directly without the need to use a modified OpenSSL as intermediary (so long as the HSM's vendor provides a complete-enough implementation of the PKCS#11 interface). This has been tested successfully with the Thales nShield HSM and with SoftHSMv2 from the OpenDNSSEC project. [RT #29031]	2014-01-14 15:40:56 -08:00
Mark Andrews	07fb9b8330	3704. [protocol] Accept integer timestamps in RRSIG records. [RT #35185 ]	2014-01-14 16:12:30 +11:00
Tinderbox User	2cf1d5b098	update copyright notice	2014-01-12 23:46:23 +00:00
Mark Andrews	c24b6b4a40	fix for pre C99 compiler	2014-01-13 09:29:25 +11:00
Mark Andrews	fb756ba304	3703. [func] Prefetch about to expire records if they are queried for, see prefetch option for details. [RT #35041]	2014-01-12 21:29:15 +11:00
Evan Hunt	dc1cfff92a	[master] fix win32 isc_time_set()	2014-01-11 22:01:40 -08:00
Evan Hunt	6736c84f11	[master] missing prototype in time.h	2014-01-10 20:19:17 -08:00
Evan Hunt	903247531a	[master] portable replacement for timegm()	2014-01-10 19:22:02 -08:00
Mark Andrews	a7c412f37c	update copyrights	2014-01-11 07:07:56 +11:00
Evan Hunt	f459b70c8e	[master] one more win32 build error	2014-01-10 11:20:46 -08:00
Evan Hunt	480172bf6a	[master] missing prototypes	2014-01-10 11:17:12 -08:00
Evan Hunt	1bb2f53b9f	[master] fix win32 build problems	2014-01-10 10:58:06 -08:00
Mark Andrews	fd0f3e7cd8	add unit test for isc_time_parsehttptimestamp	2014-01-11 00:30:41 +11:00
Mark Andrews	52e6d8a36d	add ISC_PLATFORM_NEEDSTRCASESTR	2014-01-10 23:53:41 +11:00
Mark Andrews	429ab67296	strptime returns time in the local time zone so use mktime	2014-01-10 23:44:59 +11:00
Evan Hunt	0cd166e0a9	[master] Merge branch 'master' of ssh://repo/proj/git/prod/bind9	2014-01-09 22:04:29 -08:00
Evan Hunt	60fb67079e	[master] add isc_string_strcasestr for portability	2014-01-09 22:04:03 -08:00
Mark Andrews	ff6de396a9	3701. [func] named-checkconf can now suppress the printing of shared secrets by specifying '-x'. [RT #34465]	2014-01-10 16:56:36 +11:00
Evan Hunt	57a46f4b19	[master] Merge branch 'master' of ssh://repo/proj/git/prod/bind9	2014-01-09 19:05:46 -08:00
Evan Hunt	789252d55f	[master] stats improvements 3700. [func] Allow access to subgroups of XML statistics via special URLs http://<server>:<port>/xml/v3/server, /zones, /net, /tasks, /mem, and /status. [RT #35115] 3699. [bug] Improvements to statistics channel XSL stylesheet: the stylesheet can now be cached by the browser; section headers are omitted from the stats display when there is no data in those sections to be displayed; counters are now right-justified for easier readability. [RT #35117]	2014-01-09 18:46:25 -08:00
Tinderbox User	431a83fb29	update copyright notice	2014-01-09 23:46:35 +00:00
Mark Andrews	109f477ed7	silence compiler warning	2014-01-09 15:57:59 +11:00
Evan Hunt	e851ea8260	[master] replace memcpy() with memmove(). 3698. [cleanup] Replaced all uses of memcpy() with memmove(). [RT #35120]	2014-01-08 16:39:05 -08:00
Tinderbox User	ca8ad4871e	update copyright notice	2014-01-06 23:46:06 +00:00
Jeremy C. Reed	c55b7dce48	See ticket 35140 for details. Install some include files: dns/client.h dns/tsec.h irs/resconf.h irs/types.h (I noticed these when building DHCP using installed BIND9.) This was okayed during the 2014-01-02 BIND9 phone meeting.	2014-01-06 14:20:31 -06:00
Evan Hunt	2b258a1f5b	[master] dispatch.c race 3695. [bug] Address a possible race in dispatch.c. [RT #35107]	2013-12-23 09:50:18 -08:00
Evan Hunt	c14ba71070	[master] warn if key-directory doesn't exist 3694. [bug] Warn when a key-directory is configured for a zone, but does not exist or is not a directory. [RT #35109]	2013-12-20 14:57:03 -08:00
Tinderbox User	1baa4729ce	update copyright notice	2013-12-16 23:46:18 +00:00
Mark Andrews	a2ca594252	sort and one file per line	2013-12-17 10:35:45 +11:00
Mark Andrews	161e803a56	3692. [bug] Two calls to dns_db_getoriginnode were fatal if there was no data at the node. [RT #35080]	2013-12-17 09:08:59 +11:00
Evan Hunt	0606c47750	[master] correct dispatch address/port check 3690. [bug] Iterative responses could be missed when the source port for an upstream query was the same as the listener port (53). [RT #34925]	2013-12-12 22:39:12 -08:00
Evan Hunt	9b895f30f1	[master] fix insecure delegation across static-stub zones 3689. [bug] Fixed a bug causing an insecure delegation from one static-stub zone to another to fail with a broken trust chain. [RT #35081]	2013-12-12 22:19:33 -08:00
Mark Andrews	1bdc17e54e	remove from load_rpzs	2013-12-12 13:53:10 +11:00
Mark Andrews	e4d0018d4c	3688. [bug] loadnode could return a freed node on out of memory. [RT #35106]	2013-12-12 12:49:44 +11:00
Tinderbox User	de77dcc2c1	update copyright notice	2013-12-11 23:47:38 +00:00
Mark Andrews	00112618bc	3687. [bug] Address null pointer dereference in zone_xfrdone. [RT #35042]	2013-12-12 10:38:35 +11:00
Evan Hunt	0bbe3273a2	[master] dnssec-signzone -Q 3686. [func] "dnssec-signzone -Q" drops signatures from keys that are still published but no longer active. [RT #34990]	2013-12-11 13:25:21 -08:00
Mark Andrews	8539d19c04	handle underflow now that n is unsigned (cherry picked from commit `536ac53126`)	2013-12-10 07:24:44 +11:00
Mark Andrews	131333682c	silence compiler warning (cherry picked from commit `b14c6a1caf`)	2013-12-10 07:24:44 +11:00
Mark Andrews	7d65cbaca0	3684. [bug] The list of included files would grow on reload. [RT 35090]	2013-12-07 09:44:45 +11:00
Mark Andrews	53f70575bd	silence compiler warnings	2013-12-06 17:38:25 +11:00
Mark Andrews	2bdfb330af	update copyrights	2013-12-05 15:04:53 +11:00
Tinderbox User	5465b124f1	update copyright notice	2013-12-04 23:46:51 +00:00
Curtis Blackburn	8009525601	3682. [bug] Correct the behavior of rndc retransfer to allow inline-signing slave zones to retain NSEC3 parameters instead of reverting to NSEC [RT #34745]	2013-12-04 12:26:20 -06:00
Mark Andrews	c3c8823fed	3681. [port] Update the Windows build system to support feature selection and WIN64 builds. This is a work in progress. [RT #34160]	2013-12-04 12:47:23 +11:00
Evan Hunt	43bbab6d0b	[master] typo	2013-11-18 15:26:50 -08:00
Tinderbox User	432d8fa3b4	update copyright notice	2013-11-14 23:46:24 +00:00
Evan Hunt	434bfc3dfa	[master] "in-view" zone option 3673. [func] New "in-view" zone option allows direct sharing of zones between views. [RT #32968]	2013-11-13 20:35:40 -08:00
Mark Andrews	6a671a840d	add missing break;	2013-11-14 12:26:57 +11:00
Tinderbox User	c0de084bbd	update copyright notice	2013-11-13 23:46:31 +00:00
Evan Hunt	0618287859	[master] allow setting local addr in dns_client 3672. [func] Local address can now be specified when using dns_client API. [RT #34811]	2013-11-13 10:52:22 -08:00
Mark Andrews	7c19754bac	add partial legend for Address database dump	2013-11-13 12:10:43 +11:00
Tinderbox User	a4fa22bf14	update copyright notice	2013-11-11 23:46:29 +00:00
Mark Andrews	0a47bc90af	3668. [bug] Fix cast in lex.c which could see 0xff treated as eof. [RT #34993]	2013-11-11 10:49:28 +11:00
Mark Andrews	37bd255fd4	3665. [bug] Failure to release lock on error in receive_secure_db. [RT #34944]	2013-10-31 22:15:12 +11:00
Mark Andrews	2502a568e7	use smaller buffers	2013-10-26 20:36:17 +11:00
Tinderbox User	3a34908497	update copyright notice	2013-10-25 23:46:32 +00:00
Mark Andrews	938aea1dc4	address memory leak in change #3662 , force format matching, attempt to address coverity false positives	2013-10-26 10:04:36 +11:00
Mark Andrews	34416a7954	3663. [bug] Address bugs in dns_rdata_fromstruct and dns_rdata_tostruct for WKS and ISDN types. [RT #34910]	2013-10-25 13:06:09 +11:00
Mark Andrews	6100b17699	3662. [bug] 'host' could die if a UPD query timed out. [RT #34870 ]	2013-10-25 10:09:33 +11:00
Mark Andrews	0bfc15fe59	missing FCTXTRACE2 macro RT#34914	2013-10-21 15:51:43 +11:00
Tinderbox User	bfc4a951c5	update copyright notice	2013-10-08 23:46:23 +00:00
Mark Andrews	03a9daede1	be consistent in how ISC_PLATFORM_USETHREADS is defined and used	2013-10-08 16:47:57 +11:00
Tinderbox User	4e3e8cbea0	update copyright notice	2013-10-08 04:13:49 +00:00
Mark Andrews	c6e6cac4ea	call isc_mutex_trylock rather than pthread_mutex_trylock	2013-10-08 12:11:09 +11:00
Mark Andrews	03152360db	3661. [bug] Address lock order reversal deadlock with inline zones. [RT #34856]	2013-10-08 11:43:08 +11:00
Mark Andrews	368c4556c8	remove redudant #ifdef; address imprecise #ifdef usage	2013-10-02 11:59:39 +10:00
Mark Andrews	fb623f9a07	3655. [cleanup] Simplify TCP message processing when requesting a zone transfer. [RT #34825]	2013-09-25 09:57:34 +10:00
Mark Andrews	5116f25421	3654. [bug] Address race condition with manual notify requests. [RT #34806]	2013-09-25 09:47:31 +10:00
Tinderbox User	0e17b4207e	update copyright notice	2013-09-23 23:46:20 +00:00
Mark Andrews	9084a3e58f	silence clang warning	2013-09-23 13:26:33 +10:00
Mark Andrews	97a2a26cd9	3651. [tuning] Adjust when a master server is deemed unreachable. [RT #27075]	2013-09-21 17:12:39 +10:00
Mark Andrews	c1b8fa6160	3650. [tuning] Use separate rate limiting queues for refresh and notify requests. [RT #30589]	2013-09-21 16:29:58 +10:00
Mark Andrews	6c57978413	refresh_callback needs to check if the zone is exiting (cherry picked from commit 2e314abcf0a47acfbab55e5ef0463c04c08476be)	2013-09-18 14:52:38 +10:00
Mark Andrews	7667dd1a03	call zone_settimer; sub test failure was not being detected (cherry picked from commit `ebd7900670`)	2013-09-18 12:57:46 +10:00
Evan Hunt	213c41c9f7	[master] fix to change #3647	2013-09-13 09:52:15 -07:00
Mark Andrews	76df835d59	3647. [bug] Address a race condition when shutting down a zone. [RT #34750]	2013-09-12 13:37:43 +10:00
Evan Hunt	18df9e628e	[master] strdup journal filename 3646. [bug] Journal filename string could be set incorrectly, causing garbage in log messages. [RT #34738]	2013-09-09 22:12:47 -07:00
Evan Hunt	78f20eda3c	[master] clean up tests, update .gitignore	2013-09-09 19:37:17 -07:00
Evan Hunt	41dabe089f	[master] remove namespace.h from installed files	2013-09-09 09:22:37 -07:00
Tinderbox User	63737247d1	update copyright notice	2013-09-05 23:46:16 +00:00
Mark Andrews	0327c6de3e	remove accidentally added line	2013-09-05 16:23:12 +10:00
Evan Hunt	012648ce19	[master] missed an external	2013-09-04 19:45:30 -07:00
Evan Hunt	eb8fae696c	[master] remove rollforward2 from libdns.def	2013-09-04 19:36:12 -07:00
Tinderbox User	473d3168f0	update copyright notice	2013-09-04 23:46:16 +00:00
Evan Hunt	8e3b246dc8	[master] remove "resign" member from dns_diff struct no longer needed since change #3641	2013-09-04 16:35:11 -07:00
Evan Hunt	79e6f6e519	[master] deprecate dns_journal_rollforward2 no longer needed since change #3641	2013-09-04 16:19:52 -07:00
Mark Andrews	3ad8f24ddd	3644. [protocol] Check that EDNS subnet client options are well formed. [RT #34718]	2013-09-05 09:18:59 +10:00
Evan Hunt	8e1655931b	[master] add missing externals	2013-09-04 15:52:10 -07:00
Evan Hunt	09755f7270	[master] prep 9.10.0a1 release	2013-09-04 15:41:50 -07:00
Mark Andrews	e9921500e1	remove unused variable	2013-09-04 22:34:44 +10:00
Mark Andrews	0c91911b4d	3642. [func] Allow externally generated DNSKEY to be imported into the DNSKEY management framework. A new tool dnssec-importkey is used to this. [RT #34698]	2013-09-04 13:53:02 +10:00
Mark Andrews	b5f4cc132e	3641. [bug] Handle changes to sig-validity-interval settings better. [RT #34625]	2013-09-04 13:45:00 +10:00
Mark Andrews	d6f99498d6	3639. [bug] Treat type 65533 (KEYDATA) as opaque except when used in a key zone. [RT #34238]	2013-09-04 13:14:06 +10:00
Curtis Blackburn	c4348cb50f	3638. [cleanup] Add the ability to handle ENOPROTOOPT in case it is encountered. [RT #34668]	2013-08-28 15:56:49 -05:00
Tinderbox User	377b774598	update copyright notice	2013-08-15 23:46:17 +00:00
Mark Andrews	d1e22676de	3635. [bug] Signatures were not being removed from a zone with only KSK keys for a algorithm. [RT #24439]	2013-08-15 13:37:07 +10:00
Mark Andrews	7ace327795	3632. [bug] Signature from newly inactive keys were not being removed. [RT #32178]	2013-08-15 10:48:05 +10:00
Evan Hunt	5f630b9417	[master] change 3630 incomplete--needed to check fromtext too	2013-08-14 17:23:41 -07:00
Tinderbox User	3c04ca47c6	update copyright notice	2013-08-13 23:46:14 +00:00
Evan Hunt	5d4343a998	[master] fix md5 key id computation 3630. [bug] Ensure correct ID computation for MD5 keys. [RT #33033]	2013-08-13 16:03:42 -07:00
Tinderbox User	21c8938824	update copyright notice	2013-08-12 23:46:05 +00:00
Mark Andrews	75ae74f8fd	3629. [func] Allow the printing of cryptographic fields in DNSSEC records by dig to be suppressed (dig +nocrypto). [RT #34534]	2013-08-12 15:37:51 +10:00
Mark Andrews	16bd30ae69	3628. [func] Report DNSKEY key id's when dumping the cache. [RT #34533]	2013-08-12 14:38:26 +10:00
Mark Andrews	df0892aea6	3627. [bug] RPZ changes were not effective on slaves. [RT #34450 ]	2013-08-09 13:23:01 +10:00
Evan Hunt	7ade93c328	[master] fix build error when IP_TOS is undefined	2013-08-08 19:15:11 -07:00
Evan Hunt	a499dddb4b	[master] easier to read NSID output 3626. [func] dig: NSID output now easier to read. [RT #21160]	2013-08-08 16:50:34 -07:00
Mark Andrews	e543b4e5db	remove redundent 'request-ixfr'	2013-08-01 14:38:27 +10:00
Mark Andrews	f45818b82a	add comment	2013-07-26 10:25:45 +10:00
Evan Hunt	d640b4a0ab	[master] perf: eliminate cache stats attach/detach 3622. [tuning] Eliminate an unnecessary lock when incrementing cache statistics. [RT #34339]	2013-07-25 10:51:31 -07:00
Tinderbox User	345a210f51	update copyright notice	2013-07-16 23:46:10 +00:00
Mark Andrews	fdb4ae8f6c	3621. [security] Incorrect bounds checking on private type 'keydata' can lead to a remotely triggerable REQUIRE failure (CVE-2013-4854). [RT #34238]	2013-07-17 08:03:50 +10:00
Mark Andrews	975172e3dc	remove unused variable	2013-07-16 10:18:54 +10:00
Mark Andrews	6142269dcc	remove unused assignment	2013-07-15 13:09:27 +10:00
Mark Andrews	7236e1bd00	remove dead code	2013-07-15 09:30:53 +10:00
Tinderbox User	44c016134f	update copyright notice	2013-07-13 23:46:06 +00:00
Mark Andrews	09fec18669	fix unchecked null; value not read	2013-07-14 00:26:23 +10:00
Francis Dupont	41a6b3031e	spelling	2013-07-13 01:39:41 +02:00
Evan Hunt	421d4a0647	[master] rpz work 3620. [func] Added "rpz-client-ip" policy triggers, enabling RPZ responses to be configured on the basis of the client IP address; this can be used, for example, to blacklist misbehaving recursive or stub resolvers. [RT #33605] 3619. [bug] Fixed a bug in RPZ with "recursive-only no;" [RT #33776]	2013-07-12 14:46:47 -07:00
Tinderbox User	dbd8673fa0	update copyright notice	2013-07-11 23:46:13 +00:00
Evan Hunt	0949306cb9	[master] check include file mtimes 3618. [func] "rndc reload" now checks modification times of include files as well as master files to determine whether to skip reloading a zone. [RT #33936]	2013-07-11 16:32:36 -07:00
Evan Hunt	cf0a69e999	[master] address zone->db races 3616. [bug] Change #3613 was incomplete. [RT #34177]	2013-07-11 09:51:47 -07:00
Evan Hunt	f4e309b177	[master] silence warning	2013-07-10 09:15:51 -07:00
Francis Dupont	a96e5ffbe0	spelling	2013-07-10 10:56:18 +02:00
Evan Hunt	927e4c9fec	[master] address race conditions with removing inline zones 3513. [bug] named could crash when deleting inline-signing zones with "rndc delzone". [RT #34066]	2013-07-09 17:39:21 -07:00
Tinderbox User	ca48f47d88	update copyright notice	2013-07-09 23:46:11 +00:00
Evan Hunt	4b13ea47db	[master] check for -ljson-c as well as -ljson 3512. [port] Check whether to use -ljson or -ljson-c. [RT #34115]	2013-07-09 16:43:59 -07:00
Evan Hunt	5b7abbef51	[master] added isc_safe_memcmp() 3611. [bug] Improved resistance to a theoretical authentication attack based on differential timing. [RT #33939]	2013-07-09 11:47:16 -07:00
Evan Hunt	eb4458b478	[master] prevent exportlib deadlock 3609. [bug] Corrected a possible deadlock in applications using the export version of the isc_app API. [RT #33967]	2013-07-06 18:23:41 -07:00
Francis Dupont	c46fb8092d	remove dns_adb_flushmatch from libdns.def	2013-07-04 10:56:18 +02:00
Evan Hunt	5bcbfa2da0	[master] add missing symbols	2013-07-01 10:44:16 -07:00
Evan Hunt	9d4ec6d2c5	[master] "flushtree -all" no longer optional Updated CHANGES note: 3606. [func] "rndc flushtree" now flushes matching records in the address database and bad cache as well as the DNS cache. (Previously only the DNS cache was flushed.) [RT #33970]	2013-06-30 18:53:48 -07:00
Tinderbox User	9c5faa2ba8	update copyright notice	2013-06-26 23:46:14 +00:00
Evan Hunt	9fa5a723e1	[master] "rndc flushtree -all <name>" 3606. [func] "rndc flushtree -all" flushes matching records in the ADB and bad cache as well as the DNS cache. (Without the "-all" option, flushtree will still only flush records from the DNS cache.) [RT #33970]	2013-06-26 14:59:32 -07:00
Evan Hunt	c5a53e9ab5	[master] fix WIN32 nmake crc64 - trivial typo in CRC-64 windows build	2013-06-26 14:49:01 -07:00
Evan Hunt	f42c0dcca8	[master] win32 fixes 3605. [port] win32: Addressed several compatibility issues with newer versions of Visual Studio. [RT #33916] Squashed commit of the following: commit 4127af15f85da90cf2bd3a0c5a558daae89e833a Author: Francis Dupont <fdupont@isc.org> Date: Tue Jun 25 22:41:53 2013 +0200 make the last change to be text commit 21ef4891b9ee3e3aefb45d4c80d5cb7ec78f264f Author: Curtis Blackburn <ckb@isc.org> Date: Tue Jun 25 12:35:08 2013 -0500 [rt33916] re-worded for easier reading commit 83828e47e62fea4070441e645ba8fed338255ceb Author: Francis Dupont <fdupont@isc.org> Date: Mon Jun 24 16:08:11 2013 +0200 introduce a VCRedistPath env var commit 0337f2554f168993a65945e78c2879e9bfca5293 Author: Francis Dupont <fdupont@isc.org> Date: Sun Jun 23 01:23:26 2013 +0200 _adjust_fdiv for VS < 2010 commit 375fdd5c06be276b0ff0ad589c0e22b809339fe9 Author: Francis Dupont <fdupont@isc.org> Date: Thu Jun 20 16:27:04 2013 +0200 move to MSVC v1600 as it still breaks on VS 2010 commit bfcaf72071e9d8df1d0ce0c5f05b69acd51bf698 Author: Francis Dupont <fdupont@isc.org> Date: Thu Jun 20 15:57:35 2013 +0200 WIN32: avoid addrinfo redef commit 18504c3e50b11e66a0b573c7cb3d61094bfa5b52 Author: Francis Dupont <fdupont@isc.org> Date: Thu Jun 20 15:54:38 2013 +0200 WIN32: fseek/ftell commit f9a4fdccc5ab1c74c64412fb76da7dfd161787b2 Author: Francis Dupont <fdupont@isc.org> Date: Thu Jun 20 15:13:01 2013 +0200 fix WIN32 error redefs in net.h (isc ad lwres libs)	2013-06-26 14:38:35 -07:00
Evan Hunt	7aba1a9660	[master] fix compile bug with json but no xml 3604. [bug] Fixed a compile-time error when building with JSON but not XML. [RT #33959]	2013-06-26 14:12:27 -07:00
Tinderbox User	ca283f2ecb	update copyright notice	2013-06-25 23:48:02 +00:00
Mark Andrews	682a574e67	3603. [bug] Install <isc/stat.h>. [RT #33956 ]	2013-06-25 23:56:45 +10:00
Evan Hunt	c3b5542144	[master] check for physical equivalence in names 3599. [tuning] Check for pointer equivalence in name comparisons. [RT #18125]	2013-06-18 18:14:28 -07:00
Mark Andrews	77fa1a27dd	pass correct type off_t	2013-06-19 07:00:07 +10:00
Mark Andrews	e457f75632	handle file offsets bigger that memory offsets	2013-06-19 01:25:35 +10:00
Tinderbox User	2777329775	update copyright notice	2013-06-17 23:46:12 +00:00
Evan Hunt	31707708c5	[master] portability fixes for map files 3598. [cleanup] Improved portability of map file code. [RT #33820]	2013-06-17 09:09:43 -07:00
Evan Hunt	b7e40659ef	[master] rebuild resigning heaps when loading map files 3597. [bug] Ensure automatic-resigning heaps are reconstructed when loading zones in map format. [RT #33381]	2013-06-14 10:16:10 -07:00

... 17 18 19 20 21 ...

10900 commits