upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-04-29 18:09:11 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
25576 commits 18 branches 854 tags 440 MiB
Commit graph

3149 commits

Author SHA1 Message Date
Evan Hunt
114f95089c [master] cleanup strcat/strcpy 
4722.	[cleanup]	Clean up uses of strcpy() and strcat() in favor of
			strlcpy() and strlcat() for safety. [RT #45981]
 2017-09-13 00:14:37 -07:00
Evan Hunt
30973087a0 [master] add prefetch stat counter 
4720.	[func]		Added a statistics counter to track prefetch
			queries. [RT #45847]
 2017-09-12 18:41:47 -07:00
Evan Hunt
f3ce87e1a1 [master] copyrights 2017-09-11 17:01:09 -07:00
Evan Hunt
3363f3147a [master] DNS Response Policy Service API 
4713.	[func]		Added support for the DNS Response Policy Service
			(DNSRPS) API, which allows named to use an external
			response policy daemon when built with
			"configure --enable-dnsrps".  Thanks to Vernon
			Schryver and Farsight Security. [RT #43376]
 2017-09-11 11:57:43 -07:00
Tinderbox User
8334115783 regen master 2017-09-10 01:10:23 +00:00
Francis Dupont
90f6140832 Finished merge of rt45019 (openssl hash default) 2017-09-09 10:30:16 +02:00
Evan Hunt
8eb88aafee [master] add libns and remove liblwres 
4708.   [cleanup]       Legacy Windows builds (i.e. for XP and earlier)
                        are no longer supported. [RT #45186]

4707.	[func]		The lightweight resolver daemon and library (lwresd
			and liblwres) have been removed. [RT #45186]

4706.	[func]		Code implementing name server query processing has
			been moved from bin/named to a new library "libns".
			Functions remaining in bin/named are now prefixed
			with "named_" rather than "ns_".  This will make it
			easier to write unit tests for name server code, or
			link name server functionality into new tools.
			[RT #45186]
 2017-09-08 13:47:34 -07:00
Mark Andrews
164616cb9c don't attempt to link -lcrypto multiple times 2017-09-08 16:15:37 +10:00
Evan Hunt
509ba96497 [rt45019] separate DNS_CRYPTO_LIBS from ISC_OPENSSL_LIBS and use both 2017-09-07 22:05:20 -07:00
Mark Andrews
b56021f0be silence 'staleanswersok' may be used uninitialized in this function warning. [RT #14147 2017-09-06 12:16:10 +10:00
Mark Andrews
d1cd273b7b fix merge error 2017-09-06 10:04:17 +10:00
Mark Andrews
df50751585 4700. [func] Serving of stale answers is now supported. This 
allows named to provide stale cached answers when
                        the authoritative server is under attack.
                        See max-stale-ttl, stale-answer-enable,
                        stale-answer-ttl. [RT #44790]
 2017-09-06 09:58:29 +10:00
Tinderbox User
421f833b67 update copyright notice / whitespace 2017-09-04 23:46:16 +00:00
Mark Andrews
e2a737bcb8 4699. [func] Multiple cookie-secret clauses can now be specified. 
The first one specified is used to generate new
                        server cookies.  [RT #45672]
 2017-09-05 09:19:45 +10:00
Evan Hunt
5999f1ebd6 [master] initialize result and rdataset variables 2017-08-31 14:20:00 -07:00
Tinderbox User
2bfc294f0a regen master 2017-08-31 01:11:54 +00:00
Tinderbox User
587f005032 update copyright notice / whitespace 2017-08-30 23:46:18 +00:00
Mark Andrews
0aed466565 4693. [func] Synthesis of responses from DNSSEC-verified records. 
Stage 1 covers NXDOMAIN synthesis from NSEC records.
                        This is controlled by synth-from-dnssec and is enabled
                        by default. [RT #40138]
 2017-08-31 07:57:50 +10:00
Tinderbox User
a5d6b4c4c8 regen master 2017-08-30 01:12:14 +00:00
Tinderbox User
731ec8ce9b update copyright notice / whitespace 2017-08-29 23:46:16 +00:00
Michał Kępień
d6814700de [master] Ensure consistent handling of -4/-6 command line options in all tools 
4690.	[bug]		Command line options -4/-6 were handled inconsistently
			between tools. [RT #45632]
 2017-08-29 10:19:38 +02:00
Evan Hunt
391a3a2f20 [master] turn on minimal responses for CDS/CDNSKEY 
4678.	[cleanup]	Turn on minimal responses for CDNSKEY and CDS in
			addition to DNSKEY and DS. Thanks to Tony Finch.
			[RT #45690]
 2017-08-25 13:31:53 -07:00
Mukund Sivaraman
b9532d9cf3 Turn on glue-cache by default 
- We decided to do this on the weekly BIND dev meeting
- Mark reviewed patch on Jabber
 2017-08-10 09:06:54 +05:30
Tinderbox User
f4eb664ce3 update copyright notice / whitespace 2017-08-09 23:47:50 +00:00
Mark Andrews
ff8d856db0 4675. [cleanup] Don't use C++ keyword class. [RT #45726] 2017-08-10 08:42:04 +10:00
Evan Hunt
cdacec1dcb [master] silence gcc 7 warnings 
4673.	[port]		Silence GCC 7 warnings. [RT #45592]
 2017-08-09 00:17:44 -07:00
Evan Hunt
0ad72b96d2 [master] ensure verified_sig 
4670.	[cleanup]	Ensure that a request MAC is never sent back
			in an XFR response unless the signature was
                        verified. [RT #45494]
 2017-08-07 18:54:05 -07:00
Evan Hunt
61367c604c [master] refactor resquery_response() and related functions 
4669.	[func]		Iterative query logic in resolver.c has been
			refactored into smaller functions and commented,
			for improved readability, maintainability and
			testability. [RT #45362]
 2017-08-04 16:08:11 -07:00
Evan Hunt
268cea9c12 [master] glue-cache option 
4664.	[func]		Add a "glue-cache" option to enable or disable the
			glue cache. The default is "no" to reduce memory
			usage, but enabling this option will improve
			performance in delegation-heavy zones. [RT #45125]
 2017-07-28 12:57:50 -07:00
Mark Andrews
71cd6910ba 4659. [bug] Remove spurious log message about lmdb-mapsize 
not being supported when parsing builtin
                        configuration file. [RT #45618]
 2017-07-28 16:02:52 +10:00
Mark Andrews
4bf32aa587 4654. [cleanup] Don't use C++ keywords delete, new and namespace. 
[RT #45538]
 2017-07-21 11:52:24 +10:00
Mark Andrews
1e9b39fe26 4648. [bug] "rndc reconfig" on a slave no longer causes all member 
zones of configured catalog zones to be removed from
                        configuration. [RT #45310]
 2017-07-10 09:06:13 +10:00
Mark Andrews
b551ee14bd 4640. [bug] If query_findversion failed in query_getdb due to 
memory failure the error status was incorrectly
                        discarded. [RT #45331]
 2017-06-23 17:17:28 +10:00
Tinderbox User
a00838da96 update copyright notice / whitespace 2017-06-13 23:45:34 +00:00
Evan Hunt
19a72397da [master] put in a missing #ifdef section 2017-06-13 14:50:49 -07:00
Evan Hunt
bf05e66bb3 [master] prevent reload failure due to LMDB database perms 
4638.	[bug]		Reloading or reconfiguring named could fail on
			some platforms when LMDB was in use. [RT #45203]
 2017-06-13 10:15:34 -07:00
Mukund Sivaraman
2c11da8441 Don't log NSDNAME failures as NSIP (#45052) 2017-06-12 14:04:15 +05:30
Evan Hunt
2648c49be7 [master] fix rpz formerr loop 
4531.	[security]	Some RPZ configurations could go into an infinite
			query loop when encountering responses with TTL=0.
			(CVE-2017-3140) [RT #45181]
 2017-05-30 12:30:28 -07:00
Mark Andrews
aa3a8979bc 4530. [bug] "dyndb" is dependent on dlopen existing / being 
enabled. [RT #45291]
 2017-05-30 11:34:37 +10:00
Evan Hunt
594eadcc34 [master] Add DLZ db version to activeversions 
4628.	[bug]		Fixed a potential reference leak in query_getdb().
			[RT #45247]
 2017-05-28 14:26:54 -07:00
Evan Hunt
03a7a952c0 [master] don't keep an LMDB transaction open across an exclusive section 
4625.	[bug]		Running "rndc addzone" and "rndc delzone" at close
			to the same time could trigger a deadlock if using
			LMDB. [RT #45209]
 2017-05-16 08:47:20 -07:00
Mark Andrews
0c18eb4783 4619. [bug] Call isc_mem_put instead of isc_mem_free in 
bin/named/server.c:setup_newzones. [RT #45202]
 2017-05-10 11:10:43 +10:00
Evan Hunt
3a554a444c [master] fix lmdb delzone 
4616.	[bug]		When using LMDB, zones deleted using "rndc delzone"
			were not correctly removed from the new-zone
			database. [RT #45185]
 2017-05-04 12:32:32 -07:00
Tinderbox User
b168f3f805 update copyright notice / whitespace 2017-05-02 23:45:36 +00:00
Mark Andrews
78551a3f2c remove unused assignments [RT #45147] 2017-05-03 07:45:18 +10:00
Evan Hunt
d39ab7440e [master] automatically tune max-journal-size 
4613.	[func]		By default, the maximum size of a zone journal file
			is now twice the size of the zone's contents (there
			is little benefit to a journal larger than this).
			This can be overridden by setting "max-journal-size"
			to "unlimited" or to an explicit value up to 2G.
			Thanks to Tony Finch. [RT #38324]
 2017-05-02 13:23:08 -07:00
Tinderbox User
57994a07f7 regen master 2017-04-27 00:43:03 +00:00
Tinderbox User
08e0f8fcfa update copyright notice / whitespace 2017-04-26 23:45:32 +00:00
Mukund Sivaraman
241b49e611 Set a LMDB mapsize and also provide a config option to control it (#44954) 2017-04-26 23:51:26 +05:30
Evan Hunt
2dfb992349 [master] new-zones-directory option 
4610.	[func]		The "new-zones-directory" option specifies the
			location of NZF or NZD files for storing
			configuration of zones added by "rndc addzone".
			Thanks to Petr Menšík. [RT #44853]
 2017-04-23 23:16:53 -07:00