upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-14 22:53:34 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
26645 commits 18 branches 854 tags 440 MiB
Commit graph

10900 commits

Author SHA1 Message Date
Tinderbox User
e880197f31 update copyright notice / whitespace 2017-09-27 23:45:52 +00:00
Mark Andrews
d386eb54c6 switch to using snprintf from sprintf 2017-09-28 07:15:46 +10:00
Mukund Sivaraman
abb8813a33 Make isc_refcount_current() atomically read the counter value (#46074) 2017-09-27 15:09:04 +05:30
Mark Andrews
2495de04a5 use %u and cast to unsigned int 2017-09-27 17:57:07 +10:00
Mark Andrews
42ee853c23 check for ISC_R_EOF 2017-09-27 16:19:07 +10:00
Mark Andrews
73074e954a 4740. [cleanup] Avoid triggering format-truncated warnings. [RT #46107] 2017-09-27 16:02:02 +10:00
Mark Andrews
b4c31c8795 tcp test got reversed 2017-09-27 15:19:34 +10:00
Mark Andrews
f9f3f20d2d 4739. [cleanup] Address clang static analysis warnings. [RT #45952] 2017-09-27 10:27:09 +10:00
Mark Andrews
08151d7fce 4737. [cleanup] Address Coverity warnings. [RT #46012] 2017-09-26 23:21:49 +10:00
Michał Kępień
acc3728c47 [master] Comment NSEC3-related code and fix a few minor issues 
4736.	[cleanup]	(a) Added comments to NSEC3-related functions in
			lib/dns/zone.c.  (b) Refactored NSEC3 salt formatting
			code.  (c) Minor tweaks to lock and result handling.
			[RT #46053]
 2017-09-26 11:28:28 +02:00
Mukund Sivaraman
fb9712f639 Use stdint.h only when stdatomic.h is in use (stdint.h isn't available everywhere) 2017-09-22 15:14:04 +05:30
Mark Andrews
6138c5a5e4 #include <isc/string.h> as it includes both <string.h> and <strings.h> if they both exist 2017-09-22 18:08:54 +10:00
Tinderbox User
8200eb4c60 update copyright notice / whitespace 2017-09-21 23:47:11 +00:00
Mark Andrews
af7ded82e0 alphabetise 2017-09-21 17:48:26 +10:00
Tinderbox User
243b3ec486 regen master 2017-09-21 07:23:48 +00:00
Mark Andrews
f8c82bbf39 #include <stdint.h> 2017-09-21 14:18:59 +10:00
Mark Andrews
e8703033c5 atomic_compare_exchange_strong_explicit's second argument should not be atomic_* 2017-09-21 13:41:22 +10:00
Mark Andrews
d17cf1cade explicitly list test programs 2017-09-21 12:56:33 +10:00
Evan Hunt
7a2112ff7d [master] fix memory growth problem 
4733.	[bug]		Change #4706 introduced a bug causing TCP clients
			not be reused correctly, leading to unconstrained
			memory growth. [RT #46029]
 2017-09-20 12:12:02 -07:00
Tinderbox User
ffbe6b9537 update copyright notice / whitespace 2017-09-19 23:46:23 +00:00
Mukund Sivaraman
32bcafc316 Change default minimal-responses setting to no-auth-recursive (#46016) 2017-09-19 19:49:02 +05:30
Mukund Sivaraman
98998f3ddd Fix out of bounds access in DHCID totext() method (#46001) 2017-09-19 19:30:28 +05:30
Mukund Sivaraman
d5707676e4 Don't use memset() to wipe memory (#45947) 2017-09-19 16:16:45 +05:30
Mukund Sivaraman
404c9b1c53 Use C11's stdatomic.h instead of isc_atomic where available 2017-09-19 15:43:45 +05:30
Tinderbox User
cb5bc50c91 update copyright notice / whitespace 2017-09-18 23:48:50 +00:00
Michał Kępień
f665c724e4 [master] Prevent possible infinite signing loop after retransferring an inline-signed slave using NSEC3 
4727.	[bug]		Retransferring an inline-signed slave using NSEC3
			around the time its NSEC3 salt was changed could result
			in an infinite signing loop. [RT #45080]
 2017-09-18 09:18:45 +02:00
Michał Kępień
c2179857de [master] Improve handling of TCP_FASTOPEN on FreeBSD 
4726.	[port]		Prevent setsockopt() errors related to TCP_FASTOPEN
			from being logged on FreeBSD if the kernel does not
			support it.  Notify the user when the kernel does
			support TCP_FASTOPEN, but it is disabled by sysctl.
			Add a new configure option, --disable-tcp-fastopen, to
			disable use of TCP_FASTOPEN altogether. [RT #44754]
 2017-09-18 08:34:41 +02:00
Francis Dupont
8a98277811 Made RAND_status check optional (broke --disable-crypto-rand) 2017-09-17 12:02:09 +02:00
Evan Hunt
6e5ae91479 [master] silence compiler warning 2017-09-16 21:01:06 -07:00
Tinderbox User
0b115f3b55 update copyright notice / whitespace 2017-09-16 23:46:04 +00:00
Francis Dupont
ad67f0bb42 Added isc_entropy_sethook in exported symbols 2017-09-16 15:57:06 +02:00
Francis Dupont
5fc7163211 Added isc_entropy_usehook in exported symbols 2017-09-16 15:56:13 +02:00
Francis Dupont
9c829f4f96 Merged rt31459d (openssl random) 2017-09-16 13:53:29 +02:00
Mark Andrews
dc71aa898a don't use strlcat with non NUL terminated strings rt45981_stage3 2017-09-15 13:14:16 +10:00
Tinderbox User
f54a365aeb update copyright notice / whitespace 2017-09-14 23:46:40 +00:00
Mark Andrews
c59bf663e8 silence warning 2017-09-14 19:02:27 +10:00
Mark Andrews
bace03316c #include <isc/string.h> 
(cherry picked from commit 7eb73f6288)
 2017-09-14 18:59:04 +10:00
Mark Andrews
5fb0c09a5e #include <isc/string.h> 2017-09-14 18:54:46 +10:00
Mark Andrews
cb629cdeda more str{n}{cat,cpy} corrections rt45981_stage2 2017-09-14 18:11:56 +10:00
Evan Hunt
077d9d2838 [master] cast char * 2017-09-13 22:03:56 -07:00
Evan Hunt
9b729a06b0 [master] clean up bufsize errors 2017-09-13 21:18:26 -07:00
Tinderbox User
33987cb5fd update copyright notice / whitespace 2017-09-13 23:48:32 +00:00
Evan Hunt
54c5723e31 [master] fix incorrect comment 2017-09-13 13:53:49 -07:00
Mukund Sivaraman
e5eca6eebb Fix output string size in GOST unittest 2017-09-14 01:36:08 +05:30
Mukund Sivaraman
93f7384928 Fix gost unittest failure 2017-09-14 00:29:04 +05:30
Mukund Sivaraman
188fa6ea68 Add missing <isc/print.h> 2017-09-13 19:44:47 +05:30
Mukund Sivaraman
8997fc0a3f Tweak hash_test.c further, passing sizeof(str) 2017-09-13 19:30:03 +05:30
Mukund Sivaraman
a2873eabf6 Tweak 2017-09-13 19:22:03 +05:30
Mukund Sivaraman
bc5e0a6868 Fix size of output string in hash tests 2017-09-13 19:21:08 +05:30
Mark Andrews
4c9ba9ded8 add #include <isc/string.h> 2017-09-13 23:43:43 +10:00
Evan Hunt
114f95089c [master] cleanup strcat/strcpy 
4722.	[cleanup]	Clean up uses of strcpy() and strcat() in favor of
			strlcpy() and strlcat() for safety. [RT #45981]
 2017-09-13 00:14:37 -07:00
Evan Hunt
e0fc12185d [rt31459d] silence compiler warning 2017-09-13 00:02:53 -07:00
Evan Hunt
20502f35dd [master] allow CDS/CDNSKEY records to be signed with only KSK 
4721.	[func]		'dnssec-signzone -x' and 'dnssec-dnskey-kskonly'
			options now apply to CDNSKEY and DS records as well
			as DNSKEY. Thanks to Tony Finch. [RT #45689]
 2017-09-12 23:09:48 -07:00
Evan Hunt
dcbe6a66d7 [rt31459d] setup entropy in dns_lib_init() 2017-09-12 23:03:49 -07:00
Evan Hunt
cc24a8725f [rt31459d] update the newer tools 2017-09-12 22:49:35 -07:00
Mark Andrews
84feab03a9 add dns_name_towire2 to lib/dns/win32/libdns.def.in 2017-09-13 12:10:24 +10:00
Evan Hunt
586e65ea5c [rt31459d] rebased rt31459c 2017-09-12 19:05:46 -07:00
Evan Hunt
30973087a0 [master] add prefetch stat counter 
4720.	[func]		Added a statistics counter to track prefetch
			queries. [RT #45847]
 2017-09-12 18:41:47 -07:00
Mark Andrews
34130ee25a 4719. [bug] Address PVS static analyzer warnings. [RT #45946] 2017-09-13 09:50:51 +10:00
Tinderbox User
1e33899f86 update copyright notice / whitespace 2017-09-12 23:46:14 +00:00
Mark Andrews
4a258c3c42 4718. [func] Avoid seaching for a owner name compression pointer 
more than once when writing out a RRset. [RT #45802]
 2017-09-13 09:24:34 +10:00
Evan Hunt
25b33bede4 [master] improve handling of qcount=0 replies 
4717.	[bug]		Treat replies with QCOUNT=0 as truncated if TC=1,
			FORMERR if TC=0, and log the error correctly.
			[RT #45836]
 2017-09-12 15:26:30 -07:00
Evan Hunt
d2d9f1e31e [master] move timermgr shutdown to prevent test crashes 2017-09-12 12:56:00 -07:00
Evan Hunt
7ffd6934ba [master] install include files 2017-09-12 10:38:22 -07:00
Evan Hunt
a9dfb7ef6e [master] update copyrights, bump release tag 2017-09-11 22:06:05 -07:00
Mark Andrews
0a1359034d 4715. [bug] TreeMemMax was mis-identified as a second HeapMemMax 
in the Json cache statistics. [RT #45980]
 2017-09-12 14:55:03 +10:00
Mark Andrews
c75e9c7630 4714. [port] openbsd/libressl: add support for building with 
--enable-openssl-hash. [RT #45982]
 2017-09-12 14:19:10 +10:00
Evan Hunt
fddd82bdb1 [master] add crypto libs 2017-09-11 17:49:58 -07:00
Evan Hunt
534c43860e [master] update copyrights 2017-09-11 17:47:12 -07:00
Evan Hunt
0c9683cff8 [master] prep 9.12.0a1 2017-09-11 17:30:39 -07:00
Tinderbox User
0d9572e437 update copyright notice / whitespace 2017-09-11 23:46:33 +00:00
Evan Hunt
de1591889a [master] fix memory leak in notify test 2017-09-11 16:10:49 -07:00
Evan Hunt
7fb611d331 [master] fix prototypes 2017-09-11 15:48:20 -07:00
Evan Hunt
b103b0c011 [master] remap getaddrinfo() to irs_getgetaddrinfo() 
The libirs version of getaddrinfo() cannot be called from within BIND9.
 2017-09-11 15:03:57 -07:00
Evan Hunt
3363f3147a [master] DNS Response Policy Service API 
4713.	[func]		Added support for the DNS Response Policy Service
			(DNSRPS) API, which allows named to use an external
			response policy daemon when built with
			"configure --enable-dnsrps".  Thanks to Vernon
			Schryver and Farsight Security. [RT #43376]
 2017-09-11 11:57:43 -07:00
Evan Hunt
3e66721b35 [master] add missing rrtypes to genzones 
4711.	[test]		Some RR types were missing from genzones.sh.
			[RT #45782]
 2017-09-11 09:34:41 -07:00
Tinderbox User
672586440b update copyright notice / whitespace 2017-09-09 23:46:01 +00:00
Mark Andrews
fc39a3b9b9 add @ISC_OPENSSL_LIBS@ 2017-09-09 20:40:05 +10:00
Francis Dupont
90f6140832 Finished merge of rt45019 (openssl hash default) 2017-09-09 10:30:16 +02:00
Evan Hunt
f13385770e [master] change hash function for RRL 
4709.	[cleanup]	Use dns_name_fullhash() to hash names for RRL.
			[RT #45435]
 2017-09-08 15:46:15 -07:00
Evan Hunt
8eb88aafee [master] add libns and remove liblwres 
4708.   [cleanup]       Legacy Windows builds (i.e. for XP and earlier)
                        are no longer supported. [RT #45186]

4707.	[func]		The lightweight resolver daemon and library (lwresd
			and liblwres) have been removed. [RT #45186]

4706.	[func]		Code implementing name server query processing has
			been moved from bin/named to a new library "libns".
			Functions remaining in bin/named are now prefixed
			with "named_" rather than "ns_".  This will make it
			easier to write unit tests for name server code, or
			link name server functionality into new tools.
			[RT #45186]
 2017-09-08 13:47:34 -07:00
Evan Hunt
509ba96497 [rt45019] separate DNS_CRYPTO_LIBS from ISC_OPENSSL_LIBS and use both 2017-09-07 22:05:20 -07:00
Evan Hunt
60387eb495 [master] windows can't cope with #ifdef in a macro expansion 2017-09-07 21:02:17 -07:00
Mark Andrews
b6b33d0f48 ISCLIBS should be after DNSLIBS 2017-09-08 12:52:48 +10:00
Tinderbox User
7bd8900aa8 update copyright notice / whitespace 2017-09-07 23:46:43 +00:00
Mark Andrews
e01d88e885 don't disturb search->chain when calling find_coveringnsec 2017-09-08 06:48:41 +10:00
Evan Hunt
1fd1c0b027 [rt45019] fix some library ordering problems 2017-09-06 23:01:54 -07:00
Mark Andrews
6adc40b3ce 4704. [cleanup] Silence Visual Studio compiler warnings. [RT #45898] 2017-09-07 12:57:55 +10:00
Mark Andrews
d1f34ef400 4702. [func] Update function declarations to use 
dns_masterstyle_flags_t for style flags. [RT #45924]
 2017-09-07 12:48:16 +10:00
Tinderbox User
40780aa36f update copyright notice / whitespace 2017-09-06 23:46:23 +00:00
Mark Andrews
86c86693e3 move declaration to start of block 2017-09-07 06:39:24 +10:00
Evan Hunt
e90926bb9e [master] refactor tsig.c 
4701.	[cleanup]	Refactored lib/dns/tsig.c to reduce code
			duplication and simplify the disabling of MD5.
			[RT #45490]
 2017-09-06 10:57:40 -07:00
Mark Andrews
09ccb70e11 add missing defines 2017-09-06 11:17:46 +10:00
Mark Andrews
45df736f88 add missing functions 2017-09-06 10:39:53 +10:00
Mark Andrews
df50751585 4700. [func] Serving of stale answers is now supported. This 
allows named to provide stale cached answers when
                        the authoritative server is under attack.
                        See max-stale-ttl, stale-answer-enable,
                        stale-answer-ttl. [RT #44790]
 2017-09-06 09:58:29 +10:00
Mark Andrews
e2a737bcb8 4699. [func] Multiple cookie-secret clauses can now be specified. 
The first one specified is used to generate new
                        server cookies.  [RT #45672]
 2017-09-05 09:19:45 +10:00
Mark Andrews
a322a0f31c silence converity warning [RT #45891] 2017-09-05 07:38:13 +10:00
Mark Andrews
10076239f6 missing (const) 2017-09-04 18:22:52 +10:00
Mukund Sivaraman
cdabd36dc7 Tweak code (reviewed by Mark) 2017-09-01 12:41:13 +05:30
Mark Andrews
5c269d84c2 remove development logging 2017-09-01 14:45:26 +10:00
Mark Andrews
a8a20462b5 4697. [bug] Restore workaround for Microsoft Windows TSIG hash 
computation bug. [RT #45854]
 2017-09-01 11:17:59 +10:00
Mark Andrews
2e743d9bdc Squashed commit of the following: 
commit 2a0e5695da2e0f701191e2783209ac05c9d01e6c
Author: Mark Andrews <marka@isc.org>
Date:   Thu Aug 31 12:15:05 2017 +1000

    remove 'on' from error message

commit f18a8d699b69be35b938cfe2b30ebb30cd78e814
Author: Mark Andrews <marka@isc.org>
Date:   Thu Aug 31 11:58:41 2017 +1000

    add more cookie-secret named-checkconf tests

commit ca8f5f5f57ccbeb970310866523a909eb411a554
Author: Mark Andrews <marka@isc.org>
Date:   Thu Aug 31 11:31:57 2017 +1000

    properly check algorithm names
 2017-08-31 12:19:37 +10:00
Evan Hunt
5c8de9e2ae [master] fix uninitialized memory in mem_test.c 2017-08-30 19:02:52 -07:00
Evan Hunt
45afdb2672 [master] remove default algorithm in dnssec-keygen 
4594.	[func]		dnssec-keygen no longer uses RSASHA1 by default;
			the signing algorithm must be specified on
			the command line with the "-a" option.  Signing
			scripts that rely on the existing default behavior
			will break; use "dnssec-keygen -a RSASHA1" to
			repair them. (The goal of this change is to make
			it easier to find scripts using RSASHA1 so they
			can be changed in the event of that algorithm
			being deprecated in the future.) [RT #44755]
 2017-08-30 18:51:11 -07:00
Tinderbox User
587f005032 update copyright notice / whitespace 2017-08-30 23:46:18 +00:00
Mark Andrews
89d841c16f sort view_clauses 2017-08-31 08:40:33 +10:00
Mark Andrews
0aed466565 4693. [func] Synthesis of responses from DNSSEC-verified records. 
Stage 1 covers NXDOMAIN synthesis from NSEC records.
                        This is controlled by synth-from-dnssec and is enabled
                        by default. [RT #40138]
 2017-08-31 07:57:50 +10:00
Mark Andrews
c26370fc69 4692. [bug] Fix build failures with libressl introduced in 4676. 
[RT #45879]
 2017-08-30 17:11:20 +10:00
Tinderbox User
f562de3f71 update copyright notice / whitespace 2017-08-24 23:47:03 +00:00
Mark Andrews
07741d43c8 4688. [protocol] Check and display EDNS KEY TAG options (RFC 8145) in 
messages. [RT #44804]
 2017-08-25 08:38:19 +10:00
Mukund Sivaraman
af4b4bef7a Refactor tracklines code (#45126) 2017-08-24 10:58:55 +05:30
Mark Andrews
615b961e02 4682. [bug] Don't report errors on records below a DNAME. 
[RT #44880]
 2017-08-17 15:49:59 +10:00
Mark Andrews
52fd57c989 4681. [bug] Log messages from the validator now include the 
associated view unless the view is "_default/IN"
                        or "_dnsclient/IN". [RT #45770]
 2017-08-16 09:29:20 +10:00
Mark Andrews
bf1ab06a48 request-nsid/request-sit out of order 2017-08-14 23:47:30 +10:00
Mark Andrews
60fd71ec66 alphabetize options_clauses 2017-08-14 07:22:20 +00:00
Mark Andrews
9697129ae2 tcp-only and tcp-keepalive where out of alphabetical order 2017-08-14 07:00:02 +00:00
Mark Andrews
fa7bacca7d sit-secret was out of alphabetical order 2017-08-14 06:50:24 +00:00
Mark Andrews
cc88df4f01 4678. [bug] geoip-use-ecs has the wrong type when geoip support 
is disabled at configure time. [RT #45763]
 2017-08-14 06:18:26 +00:00
Mark Andrews
5e9d9aa9d0 use isc_thread_self instead of pthread_self 2017-08-14 13:51:20 +10:00
Mark Andrews
cbc80a42d3 4676. [cleanup] Allow BIND to be built using OpenSSL 1.0.X with 
deprecated functions removed. [RT #45706]
 2017-08-10 10:16:26 +10:00
Tinderbox User
f4eb664ce3 update copyright notice / whitespace 2017-08-09 23:47:50 +00:00
Mark Andrews
ff8d856db0 4675. [cleanup] Don't use C++ keyword class. [RT #45726] 2017-08-10 08:42:04 +10:00
Evan Hunt
cdacec1dcb [master] silence gcc 7 warnings 
4673.	[port]		Silence GCC 7 warnings. [RT #45592]
 2017-08-09 00:17:44 -07:00
Mark Andrews
31605091b4 add comment 2017-08-09 08:42:10 +05:30
Evan Hunt
6bba066302 style 2017-08-09 08:41:51 +05:30
Mark Andrews
bcb2df226f style changes from [RT #45321] 2017-08-09 07:48:57 +10:00
Evan Hunt
2013c9751d [master] address coverity warning about uninitialized variable 2017-08-08 10:46:49 -07:00
Mukund Sivaraman
f2b6eef899 Fix tsig_test.c unittest (OK'd by Mark on Jabber) 2017-08-08 19:45:07 +05:30
Mukund Sivaraman
c88efb83b3 Fix a race in resume_dslookup() (#45168) 2017-08-08 12:20:48 +05:30
Evan Hunt
0ad72b96d2 [master] ensure verified_sig 
4670.	[cleanup]	Ensure that a request MAC is never sent back
			in an XFR response unless the signature was
                        verified. [RT #45494]
 2017-08-07 18:54:05 -07:00
Mark Andrews
d5cb164074 conditionally declare fctx 2017-08-08 00:51:37 +10:00
Mark Andrews
73cc289e79 remove unused variable 'fctx' from rctx_next 2017-08-05 12:31:45 +10:00
Evan Hunt
61367c604c [master] refactor resquery_response() and related functions 
4669.	[func]		Iterative query logic in resolver.c has been
			refactored into smaller functions and commented,
			for improved readability, maintainability and
			testability. [RT #45362]
 2017-08-04 16:08:11 -07:00
Tinderbox User
be33f4ead1 update copyright notice / whitespace 2017-08-03 23:46:14 +00:00
Mark Andrews
2019cf29e2 4668. [bug] Use localtime_r and gmtime_r for thread safety. 
[RT #45664]
 2017-08-03 08:42:27 +10:00
Tinderbox User
b74e1c3b50 update copyright notice / whitespace 2017-08-01 23:46:29 +00:00
Michał Kępień
712825d755 [master] Refactor RDATA unit tests 
4667.	[cleanup]	Refactor RDATA unit tests. [RT #45610]
 2017-08-01 12:15:21 +02:00
Francis Dupont
9b9182fe00 Added Ed25519 support (#44696) 2017-07-31 15:26:00 +02:00
Evan Hunt
268cea9c12 [master] glue-cache option 
4664.	[func]		Add a "glue-cache" option to enable or disable the
			glue cache. The default is "no" to reduce memory
			usage, but enabling this option will improve
			performance in delegation-heavy zones. [RT #45125]
 2017-07-28 12:57:50 -07:00
Evan Hunt
e924155211 [master] Maintain ZEROTTL cache entries at the tail of the LRU lists 
4662.	[performance]	Improve cache memory cleanup of zero TTL records
			by putting them at the tail of LRU header lists.
			[RT #45274]
 2017-07-28 00:13:05 -07:00
Evan Hunt
036305f00d [master] race condition when reloading while resigning 
4661.	[bug]		A race condition could occur if a zone was reloaded
			while resigning, triggering a crash in
			rbtdb.c:closeversion(). [RT #45276]
 2017-07-28 00:02:17 -07:00
Mark Andrews
5140501a0b 4660. [bug] Remove spurious "peer" from Windows socket log 
messages. [RT #45617]
 2017-07-28 16:06:51 +10:00
Tinderbox User
c03e9eb43d update copyright notice / whitespace 2017-07-27 23:48:36 +00:00
Evan Hunt
7ff9d3a962 [master] fix typo in BADCDS 2017-07-27 15:41:58 -07:00
Evan Hunt
bd5b0b39e6 [master] add print.h 2017-07-26 01:24:25 -07:00
Michał Kępień
383240d572 [master] Process "port" and "dscp" for "default-masters" 
4656.	[bug]		Apply "port" and "dscp" values specified in catalog
			zone's "default-masters" option to the generated
			configuration of its member zones. [RT #45545]
 2017-07-26 09:28:28 +02:00
Tinderbox User
9ab5ec1d72 update copyright notice / whitespace 2017-07-21 23:46:06 +00:00
Mark Andrews
4bf32aa587 4654. [cleanup] Don't use C++ keywords delete, new and namespace. 
[RT #45538]
 2017-07-21 11:52:24 +10:00
Tinderbox User
0297ebcc89 update copyright notice / whitespace 2017-07-20 23:45:27 +00:00
Mark Andrews
124712666e 4653. [bug] Reorder includes to move @DST_OPENSSL_INC@ and 
@ISC_OPENSSL_INC@ after shipped include directories.
                        [RT #45581]
 2017-07-20 11:52:03 +10:00
Mark Andrews
c0ac259940 4650. [test] Silence coverity warnings in tsig_test.c. [RT #45528] 2017-07-19 14:34:15 +10:00
Evan Hunt
4aafa833ec [master] update api ranges 2017-07-16 13:56:30 -07:00
Mark Andrews
df1297cd0c sort *_test@EXEEXT@ rule sets 2017-07-11 12:12:12 +10:00
Mark Andrews
abe5cf42b3 4649. [bug] The wrong zone was logged when a catalog zone is added. 
[RT #45520]
 2017-07-10 10:36:56 +10:00
Tinderbox User
7c655c5b24 update copyright notice / whitespace 2017-07-09 23:45:34 +00:00
Mark Andrews
1e9b39fe26 4648. [bug] "rndc reconfig" on a slave no longer causes all member 
zones of configured catalog zones to be removed from
                        configuration. [RT #45310]
 2017-07-10 09:06:13 +10:00
Tinderbox User
63582913c9 update copyright notice / whitespace 2017-07-07 23:45:38 +00:00
Mark Andrews
00a235c8e6 add #include <isc/print.h> 2017-07-08 00:47:59 +10:00
Mark Andrews
58f0fb325b 4647. [bug] Change 4643 broke verification of TSIG signed TCP 
message sequences where not all the messages contain
                        TSIG records.  These may be used in AXFR and IXFR
                        responses.  [RT #45509]
 2017-07-07 23:19:05 +10:00
Tinderbox User
67fa096a59 update copyright notice / whitespace 2017-06-30 23:45:35 +00:00
Evan Hunt
b05b3fab3c [master] fix RSA parsing when md5 disabled 
4645.	[bug]		Fix PKCS#11 RSA parsing when MD5 is disabled.
			[RT #45300]
 2017-06-29 15:53:35 -07:00
Evan Hunt
b2018b7cff [master] complete change #4643 2017-06-28 09:11:49 -07:00
Tinderbox User
b6a4f7937e update copyright notice / whitespace 2017-06-27 23:45:38 +00:00
Evan Hunt
2fe77b611a [master] fix API ranges (170-179 was used for two branches) 2017-06-27 12:18:33 -07:00
Evan Hunt
581c1526ab [master] address TSIG bypass/forgery vulnerabilities 
4643.	[security]	An error in TSIG handling could permit unauthorized
			zone transfers or zone updates. (CVE-2017-3142)
			(CVE-2017-3143) [RT #45383]
 2017-06-27 11:39:19 -07:00
Evan Hunt
0d90835d2a [master] enhanced rfc 5011 logging 
4642.	[cleanup]	Add more logging of RFC 5011 events affecting the
			status of managed keys: newly observed keys,
			deletion of revoked keys, etc. [RT #45354]
 2017-06-27 10:49:43 -07:00
Mark Andrews
eb346d7098 'name' should be on isc_thread_setname argument not isc_thread_create 
(cherry picked from commit 15471a63a2)
 2017-06-26 12:21:33 +10:00
Tinderbox User
f62eb5f112 update copyright notice / whitespace 2017-06-20 23:45:25 +00:00
Mark Andrews
da0df9367d fix attribute name in DNS_NAME_INITABSOLUTE [RT #45409] 2017-06-20 12:37:58 +10:00
Evan Hunt
bf05e66bb3 [master] prevent reload failure due to LMDB database perms 
4638.	[bug]		Reloading or reconfiguring named could fail on
			some platforms when LMDB was in use. [RT #45203]
 2017-06-13 10:15:34 -07:00
Mark Andrews
e85e95c19e 4636. [bug] Normalize rpz policy zone names when checking for 
existence. [RT #45358]
 2017-06-13 13:06:47 +10:00
Tinderbox User
8bd6a7a1a3 update copyright notice / whitespace 2017-06-02 23:45:20 +00:00
Mark Andrews
9c179a5607 4633. [maint] Updated AAAA (2001:500:200::b) for B.ROOT-SERVERS.NET. 2017-06-02 11:46:38 +10:00
Tinderbox User
bb01fced12 update copyright notice / whitespace 2017-05-30 23:45:32 +00:00
Mark Andrews
aa3a8979bc 4530. [bug] "dyndb" is dependent on dlopen existing / being 
enabled. [RT #45291]
 2017-05-30 11:34:37 +10:00
Mark Andrews
ae903759c2 4530. [bug] "dyndb" is dependent on dlopen existing / being 
enabled. [RT #45291]
 2017-05-30 11:31:34 +10:00
Mark Andrews
e51d62ecae 4629. [bug] dns_client_startupdate could not be called with a 
running client. [RT #45277]
 2017-05-30 09:47:41 +10:00
Tinderbox User
243cfadf06 update copyright notice / whitespace 2017-05-21 23:45:29 +00:00
Evan Hunt
9e44639ae0 [master] corrected a possible crash in isc_test_end() 2017-05-21 15:43:44 -07:00
Tinderbox User
dde6dc06b0 update copyright notice / whitespace 2017-05-11 23:45:33 +00:00
Mark Andrews
1611ceb8b2 4622. [bug] Remove unnecessary escaping of semicolon in CAA and 
URI records. [RT #45216]
 2017-05-11 10:54:52 +10:00
Tinderbox User
6c5c871053 update copyright notice / whitespace 2017-05-10 23:45:32 +00:00
Mark Andrews
2fb1a0bdef 4621. [port] Force alignment of oid arrays to silence loader 
warnings. [RT #45131]
 2017-05-11 09:24:36 +10:00
Mark Andrews
d352a9db95 4620. [port] Handle EPFNOSUPPORT being returned when probing 
to see if a socket type is supported. [RT #45214]
 2017-05-11 07:58:13 +10:00
Mark Andrews
d242bf393c 4618. [bug] Check isc_mem_strdup results in dns_view_setnewzones. 
Add logging for lmdb call failures. [RT #45204]
 2017-05-10 10:50:42 +10:00
Evan Hunt
9612549071 [master] change index to idx to avoid shadowed-variable warning 2017-05-04 09:34:10 -07:00
Evan Hunt
8b8c2650b8 [master] change 'index' to avoid shadowed variable warning 2017-05-03 12:36:54 -07:00
Tinderbox User
b168f3f805 update copyright notice / whitespace 2017-05-02 23:45:36 +00:00
Mark Andrews
33e94f501f 4615. [bug] AD could be set on truncated answer with no records 
present in the answer and authority sections.
                        [RT #45140]
 2017-05-03 07:51:41 +10:00
Evan Hunt
d73c32c17f [master] error in sockaddr unit test 
4614.	[test]		Fixed an error in the sockaddr unit test. [RT #45146]
 2017-05-02 13:40:49 -07:00
Evan Hunt
d39ab7440e [master] automatically tune max-journal-size 
4613.	[func]		By default, the maximum size of a zone journal file
			is now twice the size of the zone's contents (there
			is little benefit to a journal larger than this).
			This can be overridden by setting "max-journal-size"
			to "unlimited" or to an explicit value up to 2G.
			Thanks to Tony Finch. [RT #38324]
 2017-05-02 13:23:08 -07:00
Evan Hunt
4c97cb13bd [master] fix win32 build errors 2017-05-02 10:58:41 -07:00
Tinderbox User
1f1c7c3b0a update copyright notice / whitespace 2017-05-01 23:45:34 +00:00
Mark Andrews
b09eb48f8a 4612. [bug] Silence 'may be use uninitalised' warning and simplify 
the code in lwres/getaddinfo:process_answer.
                        [RT #45158]
 2017-05-02 09:23:49 +10:00
Evan Hunt
532a001001 [master] add util.h 2017-05-01 13:28:24 -07:00
Mark Andrews
d1554926d0 silence 'may be used uninitialized' warning. [RT #45139] 2017-04-28 11:01:23 +10:00
Mark Andrews
2e65a1905b add mark_stale_header and rbtdb_zero_header defines 2017-04-27 12:47:08 +10:00
Mark Andrews
cc3ebbfd91 silence unused-parameter warning 2017-04-27 09:48:29 +10:00
Tinderbox User
08e0f8fcfa update copyright notice / whitespace 2017-04-26 23:45:32 +00:00
Mukund Sivaraman
241b49e611 Set a LMDB mapsize and also provide a config option to control it (#44954) 2017-04-26 23:51:26 +05:30
Tinderbox User
18b7760b29 update copyright notice / whitespace 2017-04-24 23:45:33 +00:00
Mark Andrews
8296b23426 add dns_view_getnewzonedir, dns_view_setnewzonedir 2017-04-24 17:26:47 +10:00
Evan Hunt
2dfb992349 [master] new-zones-directory option 
4610.	[func]		The "new-zones-directory" option specifies the
			location of NZF or NZD files for storing
			configuration of zones added by "rndc addzone".
			Thanks to Petr Menšík. [RT #44853]
 2017-04-23 23:16:53 -07:00
Evan Hunt
67e1f8fa4e [master] allow parralel make 
4609.	[cleanup]	Rearrange makefiles to enable parallel execution
			(i.e. "make -j"). [RT #45078]
 2017-04-23 23:04:25 -07:00
Mark Andrews
8c6ed0fe5f 4607. [bug] The memory context's malloced and maxmalloced counters 
were being updated without the appropriate lock being
                        held.  [RT #44869]
 2017-04-24 11:33:30 +10:00
Evan Hunt
6ce8a05f6c [master] update copyrights that had been missed recently 2017-04-23 17:06:00 -07:00
Evan Hunt
5490188e22 [master] add allocate_version64 definition 2017-04-22 23:16:23 -07:00
Tinderbox User
1f6505a424 update copyright notice / whitespace 2017-04-22 23:45:41 +00:00
Mukund Sivaraman
b1568eeedc Add missing types for non-threaded build 2017-04-22 19:58:51 +05:30
Mukund Sivaraman
03be5a6b4e Improve performance for delegation heavy answers and also general query performance (#44029) 2017-04-22 09:22:44 +05:30
Evan Hunt
4c31eda5e1 [master] openssl backward compatibility fix 
4604.	[bug]		Don't use ERR_load_crypto_strings() when building
			with OpenSSL 1.1.0. [RT #45117]
 2017-04-21 18:56:00 -07:00
Evan Hunt
8ee6a6afd8 [master] fix portability issue 2017-04-21 18:16:00 -07:00
Tinderbox User
3618b965d1 update copyright notice / whitespace 2017-04-21 23:45:41 +00:00
Evan Hunt
d26ae7fc08 [master] give threads unique names to assist debugging 
4602.	[func]		Threads are now set to human-readable
			names to assist debugging, when supported by
			the OS. [RT #43234]
 2017-04-21 13:59:40 -07:00
Mukund Sivaraman
239e9dc81c Reject incorrect RSA key lengths during key generation and and sign/verify context creation (#45043) 2017-04-21 17:31:59 +05:30
Mukund Sivaraman
f23c10f925 Adjust RPZ trigger counts only when the entry being deleted exists (#43386) 2017-04-21 17:06:22 +05:30
Mukund Sivaraman
4176d278e2 Fix inconsistencies in inline signing time comparisons (#42112) 2017-04-21 16:43:58 +05:30
Mukund Sivaraman
5d01eab088 Ignore SHA-1 DS digest type when SHA-384 DS digest type is present (#45017) 2017-04-21 16:19:38 +05:30
Evan Hunt
019132b70c [master] fix dispatch.c shutdown race 
4952.	[bug]		A race condition on shutdown could trigger an
			assertion failure in dispatch.c. [RT #43822]
 2017-04-20 17:41:37 -07:00
Tinderbox User
3b443e87a0 update copyright notice / whitespace 2017-04-20 23:45:39 +00:00
Mark Andrews
600b027731 4587. [bug] named-checkzone failed to handle occulted data below 
DNAMEs correctly. [RT #44877]
 2017-04-20 13:28:48 +10:00
Mark Andrews
3742338a7b 4585. [port] win32: Set CompileAS value. [RT #42474] 2017-04-20 12:41:40 +10:00
Mark Andrews
ddac00e3e0 4584. [bug] A number of memory usage statistics were not properly 
reported when they exceeded 4G.  [RT #44750]
 2017-04-20 10:21:00 +10:00
Tinderbox User
a1d1a967da update copyright notice / whitespace 2017-04-17 23:45:35 +00:00
Evan Hunt
28cff4f924 [master] fix out of tree build error 2017-04-17 14:31:44 -07:00
Tinderbox User
5ea0584a94 update copyright notice / whitespace 2017-03-24 23:45:35 +00:00
Mark Andrews
8e8dfc5941 4582. [security] 'rndc ""' could trigger a assertion failure in named. 
(CVE-2017-3138) [RT #44924]
 2017-03-25 02:00:17 +11:00
Mark Andrews
638c7c635d 4580. [bug] 4578 introduced a regression when handling CNAME to 
referral below the current domain. [RT #44850]
 2017-03-14 15:07:00 +11:00
Tinderbox User
db1010fe82 update copyright notice / whitespace 2017-03-10 23:46:18 +00:00
Evan Hunt
ff711c866c [master] change strtoll() to isc_string_touint64() for portability 2017-03-09 15:17:10 -08:00
Evan Hunt
612b2e2c0d [master] timestamp suffixes for log files 
4579.	[func]		Logging channels and dnstap output files can now
			be configured with a "suffix" option, set to
			either "increment" or "timestamp", indicating
			whether to use incrementing numbers or timestamps
			as the file suffix when rolling over a log file.
			[RT #42838]
 2017-03-08 23:20:40 -08:00
Mark Andrews
f240f4a5de Reimplement: 
4578.   [security]      Some chaining (CNAME or DNAME) responses to upstream
                        queries could trigger assertion failures.
                        (CVE-2017-3137) [RT #44734]
 2017-03-01 12:01:16 +11:00
Evan Hunt
a1365a0042 [master] remove unnecessary INSIST 
4578.	[security]	Some chaining (CNAME or DNAME) responses to upstream
			queries could trigger assertion failures.
			(CVE-2017-3137) [RT #44734]
 2017-02-23 14:34:33 -08:00
Evan Hunt
18d49392fb [master] use isc_uint32_t instead of uint32_t 2017-02-21 10:45:02 -08:00
Witold Krecicki
0790f8a361 4577. [func] Make qtype of resolver fuzzing packet configurable via command line. [RT #43540] 2017-02-21 03:49:55 -08:00
Tinderbox User
e66aaccfd8 update copyright notice / whitespace 2017-02-20 23:45:32 +00:00
Witold Krecicki
fa9b4de716 4576. [func] The RPZ implementation has been substantially refactored for improved performance and reliability. [RT #43449] 2017-02-20 11:57:28 +01:00
Mark Andrews
87ff6241e4 dns_master_styleflags returns dns_masterstyle_flags_t 2017-02-20 17:39:20 +11:00
Mark Andrews
bd75947af7 reserve block for 9.12 2017-02-15 14:29:33 +11:00
Tinderbox User
f929677ed8 update copyright notice / whitespace 2017-02-08 23:45:32 +00:00
wpk
96912e44b0 4573. [func] Query logic has been substantially refactored (e.g. query_find function has been split into smaller functions) for improved readability, maintainability 2017-02-08 22:15:01 +01:00
Evan Hunt
d8339932af [master] fix memory leak from dnstap-output parsing 2017-02-06 22:13:51 -08:00
Mark Andrews
63f8c891d8 add dns_dt_setupfile 2017-02-07 13:21:20 +11:00
Evan Hunt
c4e4bd6a09 [master] dnstap size and versions options 
4572.	[func]		The "dnstap-output" option can now take "size" and
			"versions" parameters to indicate the maximum size
			a dnstap log file can grow before rolling to a new
			file, and how many old files to retain. [RT #44502]
 2017-02-06 16:34:58 -08:00
Evan Hunt
56cccde22b [master] fix build errors from inline macros (change 4565) 2017-02-06 10:41:45 -08:00
Tinderbox User
61f11922d3 update copyright notice / whitespace 2017-02-04 23:45:35 +00:00
Evan Hunt
650b5e7592 [master] store local and remote addresses in dnstap 
4569.	[func]		Store both local and remote addresses in dnstap
			logging, and modify dnstap-read output format to
			print them. [RT #43595]
 2017-02-03 17:05:58 -08:00
Tinderbox User
39f68aa480 update copyright notice / whitespace 2017-02-03 23:45:33 +00:00
Evan Hunt
f4d20b15a2 [master] silence "unused value" warning 2017-02-03 11:26:37 -08:00
Mark Andrews
c550e75ade 4567. [port] Call getprotobyname and getservbyname prior to calling 
chroot so that shared libraries get loaded. [RT #44537]
 2017-02-03 14:22:03 +11:00
Mark Andrews
4a85cab586 mem_put/mem_get were inconsistent in updating ctx->malloced if ISC_MEM_CHECKOVERRUN was defined 2017-02-03 12:39:35 +11:00
Tinderbox User
194f07c628 update copyright notice / whitespace 2017-02-02 23:45:47 +00:00
Evan Hunt
aace5d0fb3 [master] include ECS in query logging 
4566.	[func]		Query logging now includes the ECS option if one
			was included in the query. [RT #44476]
 2017-02-02 11:54:28 -08:00
Evan Hunt
7769c92946 [master] support autore in inline macro buffer functions 
4565.	[cleanup]	The inline macro versions of isc_buffer_put*()
			did not implement automatic buffer reallocation.
			[RT #44216]
 2017-02-02 11:32:39 -08:00
Mark Andrews
2f5444972a perform more testing on rndc <op> -redirect 2017-02-02 17:25:54 +11:00
Mark Andrews
dfe3068ef3 4563. [bug] Modified zones would occasionally fail to reload. 
[RT #39424]
 2017-02-02 17:11:15 +11:00
Mark Andrews
f783c2d579 4562. [func] Add additional memory statistics currently malloced 
and maxmalloced per memory context. [RT #43593]
 2017-02-02 15:36:38 +11:00
Evan Hunt
6cb5e36ca3 [master] Squashed commit of the following: 
4561.	[port]		Silence a warning in strict C99 compilers. [RT #44414]
 2017-02-01 17:31:11 -08:00
Tinderbox User
ed1f93cc24 update copyright notice / whitespace 2017-01-31 23:45:34 +00:00
Evan Hunt
a2bd99a959 [master] address portability issues 2017-01-30 16:52:18 -08:00
Mark Andrews
1d8995d226 add a REQUIRE to catch the NULL pointer dereference that triggered CVE-2017-3135 2017-01-31 11:20:03 +11:00
Evan Hunt
cd668ea57f [master] change 4558 was incomplete 2017-01-30 14:10:30 -08:00
Tinderbox User
b5808abc69 update copyright notice / whitespace 2017-01-24 23:45:30 +00:00
Mark Andrews
3e9f874e1f win32: add consts 2017-01-24 22:44:25 +11:00
Mark Andrews
25da687db7 4560. [bug] mdig: add -m option to enable memory debugging rather 
than have in on all the time. [RT #44509]

4559.   [bug]           Openssl_link.c didn't compile if ISC_MEM_TRACKLINES
                        was turned off.  [RT #44509]
 2017-01-24 17:48:31 +11:00
Mark Andrews
9f4bf43b79 4558. [bug] Synthesised CNAME before matching DNAME was still 
being cached when it should have been.  [RT #44318]
 2017-01-24 17:40:12 +11:00
Evan Hunt
4f744a027f [master] fix dig +ednsopt padding error 
4556.	[bug]		Sending an EDNS Padding option using "dig
			+ednsopt" could cause a crash in dig. [RT #44462]
 2017-01-19 23:52:41 -08:00
Tinderbox User
6084b738bc update copyright notice / whitespace 2017-01-14 23:45:36 +00:00
Mark Andrews
5dfa5221d5 4554. [bug] Remove double unlock in dns_dispatchmgr_setudp. 
[RT #44336]
 2017-01-14 13:12:00 +11:00
Tinderbox User
7b665158e9 update copyright notice / whitespace 2017-01-13 23:45:35 +00:00
Mark Andrews
b8eee0f48d make e's declaration unconditional. [RT #44324] 2017-01-13 16:10:25 +11:00
Tinderbox User
a9e8198788 update copyright notice / whitespace 2017-01-12 23:45:41 +00:00
Evan Hunt
364f064837 [master] fix function/prototype mismatch in dns_dt_send() 2017-01-12 09:22:53 -08:00
Mark Andrews
d2e1b47d4f 4553. [bug] Named could deadlock there were multiple changes to 
NSEC/NSEC3 parameters for a zone being processed at
                        the same time. [RT #42770]
 2017-01-12 14:25:45 +11:00
Mark Andrews
7b9e28f1a5 4552. [bug] Named could trigger a assertion when sending notify 
messages. [RT #44019]
 2017-01-12 14:12:05 +11:00
Tinderbox User
052551c423 update copyright notice / whitespace 2017-01-10 23:45:34 +00:00
Evan Hunt
2e703d7b61 [master] expand the flags field in dns_master_style 
4550.	[cleanup]	Increased the number of available master file
			output style flags from 32 to 64. [RT #44043]
 2017-01-10 10:40:47 -08:00
Tinderbox User
9748633ce6 update copyright notice / whitespace 2017-01-06 23:45:26 +00:00
Mark Andrews
ea7d5332a6 address memory leak [RT #44072] 2017-01-06 18:48:37 +11:00
Tinderbox User
f557aeef7c update copyright notice / whitespace 2017-01-05 23:45:24 +00:00
Evan Hunt
6d25cd0502 [master] remove inline variable declaration (broke win32) 2017-01-04 11:17:06 -08:00
Evan Hunt
8dd5224034 [master] update libdns.def 2017-01-04 10:46:33 -08:00
Evan Hunt
5804332588 [master] EDNS padding and keepalive support 
4549.	[func]		Added support for the EDNS TCP Keepalive option
			(RFC 7828). [RT #42126]

4548.	[func]		Added support for the EDNS Padding option (RFC 7830).
			[RT #42094]
 2017-01-04 09:16:30 -08:00
Evan Hunt
185d680e1a [master] add support for native pkcs11 on keyper 
4547.	[port]		Add support for --enable-native-pkcs11 on the AEP
			Keyper HSM. [RT #42463]
 2017-01-03 16:42:18 -08:00
Tinderbox User
ed07d7a8f5 update copyright notice / whitespace 2016-12-30 23:46:36 +00:00
Mark Andrews
52e2aab392 4546. [func] Extend the use of const declarations. [RT #43379] 2016-12-30 15:45:08 +11:00
Evan Hunt
b3aebb5890 [master] silence warning 2016-12-28 17:54:16 -08:00
Mark Andrews
6adf421e7e 4510. [security] Named mishandled some responses where covering RRSIG 
records are returned without the requested data
                        resulting in a assertion failure. (CVE-2016-9147)
                        [RT #43548]
 2016-12-29 11:47:19 +11:00
Mark Andrews
2c1c4b99a1 4508. [security] Named incorrectly tried to cache TKEY records which 
could trigger a assertion failure when there was
                            a class mismatch. (CVE-2016-9131) [RT #43522]
 2016-12-29 11:07:40 +11:00
Tinderbox User
4ef83f4333 update copyright notice / whitespace 2016-12-28 23:48:39 +00:00
Mark Andrews
f3bf3905c3 4517. [security] Named could mishandle authority sections that were 
missing RRSIGs triggering an assertion failure.
                        (CVE-2016-9444) [RT # 43632]

(cherry picked from commit 1df30cfd27c5a3c57fce357c54aaf6c702227d51)
 2016-12-29 10:39:51 +11:00
wpk
c4ecf87d21 [master] Remove spurious entry in lib/dns/win32/libdns.def.in 2016-12-28 19:21:36 +01:00
wpk
e910d18007 4545. [func] Make dnstap-read output more functionally usable. 
[RT #43642]

4544.	[func]		Add message/payload size to dnstap-read YAML output.
			[RT #43622]
 2016-12-28 11:57:28 +01:00
Mark Andrews
6f94747270 4543. [bug] dns_client_startupdate now delays sending the update 
request until isc_app_ctxrun has been called.
                        [RT #43976]
 2016-12-28 15:50:22 +11:00
Tinderbox User
c43f150d0a update copyright notice / whitespace 2016-12-26 23:46:20 +00:00
Mark Andrews
8e333f42ef 4540. [bug] Correctly handle ecs entries in dns_acl_isinsecure. 
[RT #43601]
 2016-12-27 09:49:02 +11:00
Mark Andrews
762c4fc5a8 4539. [bug] Referencing a nonexistant zone with rpz could lead 
to a assertion failure when configuring. [RT #43787]
 2016-12-27 08:59:07 +11:00
Mark Andrews
aceabacdb8 4538. [bug] Call dns_client_startresolve from client->task. 
[RT #43896]
 2016-12-27 07:02:33 +11:00
Mark Andrews
e17d2f98be if gen fails remove the file [RT #43949] 2016-12-23 09:19:31 +11:00
Mark Andrews
c1870d0e44 freeaddrinfo is called too early. 2016-12-15 09:38:12 +11:00
Tinderbox User
29916e6d7c update copyright notice / whitespace 2016-12-13 23:46:28 +00:00
Mark Andrews
37a8db0ba4 4535. [bug] Address race condition in setting / testing of 
DNS_REQUEST_F_SENDING. [RT #43889]
 2016-12-14 10:31:26 +11:00
Mark Andrews
def6b33bad 4534. [bug] Only set RD, RA and CD in QUERY responses. [RT #43879] 2016-12-13 16:27:18 +11:00
Mark Andrews
8ca45ba01a 4533. [bug] dns_client_update should terminate on prerequiste 
failures (NXDOMAIN, YXDOMAIN, NXRRSET, YXRRSET)
                        and also on BADZONE.  [RT #43865]
 2016-12-13 15:47:03 +11:00
Mark Andrews
60cb462c56 4530. [bug] Change 4489 broke the handling of CNAME -> DNAME 
in responses resulting in SERVFAIL being returned.
                        [RT #43779]
 2016-12-09 12:50:18 +11:00
Evan Hunt
f2c7ae114a [master] silence DSCP probing error 
4529.	[cleanup]	Silence noisy log warning when DSCP probe fails
			due to firewall rules. [RT #43847]
 2016-12-08 08:44:20 -08:00
Mark Andrews
c1619b8420 4528. [bug] Only set the flag bits for the i/o we are waiting 
for on EPOLLERR or EPOLLHUP. [RT #43617]
 2016-12-08 16:59:46 +11:00
Tinderbox User
16fde7f0b3 regen master 2016-12-07 01:05:34 +00:00
Mark Andrews
1b8ce3b330 4527. [doc] Support DocBook XSL Stylesheets v1.79.1. [RT #43831] 2016-12-07 10:49:55 +11:00
Tinderbox User
8b22817d17 update copyright notice / whitespace 2016-12-05 23:46:20 +00:00
Mark Andrews
df372d967e 4524. [bug] The net zero test was broken causing IPv4 servers 
with addresses ending in .0 to be rejected. [RT #43776]
 2016-12-05 10:46:43 +11:00
Evan Hunt
b4d70a933c [master] expanded time unit test 2016-12-02 12:32:34 -08:00
Mukund Sivaraman
5c843b384d Add doc function for cfg_type_querysource4 and cfg_type_querysource6 (#43768) 2016-12-02 11:16:08 +05:30
Mark Andrews
cab871f1bc 4522. [bug] Handle big gaps in log file version numbers better. 
[RT #38688]
 2016-11-30 10:55:21 +11:00
Tinderbox User
1d7d7cdcda update copyright notice / whitespace 2016-11-29 23:46:09 +00:00
Mark Andrews
4352551d23 4520. [cleanup] Alphabetise more of the grammar when printing it 
out. Fix unbalanced indenting. [RT #43755]
 2016-11-29 15:28:28 +11:00
Mark Andrews
a611e44f9a 4519. [port] win32: handle ERROR_MORE_DATA. [RT #43534] 2016-11-29 11:28:26 +11:00
Tinderbox User
ee47b6607a update copyright notice / whitespace 2016-11-23 23:46:11 +00:00
Evan Hunt
62c85a4a52 [master] allow different time formats: local, iso8601, iso8601-utc 
4518.	[func]		The "print-time" option in the logging configuration
			can now take arguments "local", "iso8601" or
			"iso8601-utc" to indicate the format in which the
			date and time should be logged. For backward
			compatibility, "yes" is a synonym for "local".
			[RT #42585]
 2016-11-22 23:34:47 -08:00
Mark Andrews
358c6ecd26 4516. [bug] isc_socketmgr_renderjson was missing from the 
windows build. [RT #43602]
 2016-11-22 12:07:42 +11:00
Mark Andrews
02c341f282 fix ISC_FORMAT_PRINTF paramaters for socket_log 2016-11-12 02:54:51 +11:00
Mark Andrews
e49d93c22d locks are only need in OpenSSL < 1.1 2016-11-09 10:05:50 +11:00
Mark Andrews
56c6fc0dac only call dns_test_begin once 
(cherry picked from commit f13c7b01746a07bef87a386ceff93ccb2a7488a9)
 2016-11-09 10:03:21 +11:00
Mark Andrews
fed2f7e4c1 remove spurious newline [RT #43585] 2016-11-09 08:26:39 +11:00
Evan Hunt
3ac0165723 [master] typo in comment 2016-11-08 09:06:23 -08:00
Mark Andrews
aa44b4682a copyrights/whitespace 2016-11-03 12:41:00 +11:00
Tinderbox User
e37bc34b31 update copyright notice / whitespace 2016-11-02 23:46:39 +00:00
Evan Hunt
c23255316e [master] typo 2016-11-02 09:43:11 -07:00
Francis Dupont
1c5861fa7b Fixed IP_PMTUDISC_OMIT typos 2016-11-02 09:18:14 +01:00
Mark Andrews
aee76db9e3 add dns_db_getsize, dns_rdataslab_count, dns_zone_getmaxrecords, dns_zone_setmaxrecords 2016-11-02 18:49:02 +11:00
Mark Andrews
a0caf66c97 remove review fprintf 2016-11-02 18:03:33 +11:00
Mark Andrews
2b2b85c897 4507. [bug] Name could incorrectly log 'allows updates by IP 
address, which is insecure' [RT #43432]
 2016-11-02 17:53:19 +11:00
Mark Andrews
a61f252391 4505. [port] Use IP_PMTUDISC_OMIT if available. [RT #35494] 2016-11-02 17:39:52 +11:00
Mark Andrews
5f8412a4cb 4504. [security] Allow the maximum number of records in a zone to 
be specified.  This provides a control for issues
                        raised in CVE-2016-6170. [RT #42143]
 2016-11-02 17:31:27 +11:00
Evan Hunt
1b2e798976 [master] restore dropped #else block 2016-11-01 22:34:33 -07:00
Evan Hunt
6087f87afb [master] make uninstall 
4503.	[cleanup]	"make uninstall" now removes file installed by
			BIND. (This currently excludes Python files
			due to lack of support in setup.py.) [RT #42912]
 2016-11-01 19:17:07 -07:00
Mark Andrews
89286906dc 4502. [func] Report multiple and experimental options when printing 
grammar. [RT #43134]
 2016-11-02 10:04:57 +11:00
Mark Andrews
e200da5044 4500. [bug] Support modifier I64 in isc__print_printf. [RT #43526] 2016-11-02 08:46:02 +11:00
Evan Hunt
3fb62a5a4e [master] use arc4random_stir() when available 
4499.	[port]		MacOSX: silence deprecated function warning
			by using arc4random_stir() when available
			instead of arc4random_addrandom(). [RT #43503]
 2016-11-01 14:00:46 -07:00
Mark Andrews
429b543086 add more LIBRESSL_VERSION_NUMBER checks 2016-11-01 12:36:38 +11:00
Mark Andrews
3d38cfaf8a add more LIBRESSL_VERSION_NUMBER checks 2016-11-01 12:24:22 +11:00
Mark Andrews
ace79092b3 update spelling in comment 2016-11-01 10:50:58 +11:00
Tinderbox User
3bd20c8dd4 update copyright notice / whitespace 2016-10-30 23:46:10 +00:00
Mark Andrews
1fce0951ed 4497. [port] Add support for OpenSSL 1.1.0. [RT #41284] 2016-10-31 10:04:37 +11:00
Mark Andrews
42470b0b87 4496. [func] dig: add +idnout to control whether labels are 
display in punycode or not.  Requires idn support
                        to be enabled at compile time. [RT #43398]
 2016-10-28 12:05:19 +11:00
Mark Andrews
49e94dc8d4 update copyrights 2016-10-28 11:27:49 +11:00
Mark Andrews
f21645e137 4495. [bug] A isc_mutex_init call was it being checked. [RT #43391] 2016-10-28 11:14:38 +11:00
Francis Dupont
13c1dd922d Merged rt43345 libisccfg spuriously depended on libisccc 2016-10-27 14:05:54 +02:00
Mark Andrews
55b78fff62 4492. [bug] irs_resconf_load failed to initialise sortlistnxt 
causing bad writes if resolv.conf contained a
                        sortlist directive. [RT #43459]
 2016-10-27 13:17:58 +11:00
Mark Andrews
8eaf918adf 4491. [bug] Improve message emitted when testing whether sendmsg 
works with TOS/TCLASS fails. [RT #43483]
 2016-10-27 09:02:06 +11:00