upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-04-24 15:47:18 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
23691 commits 18 branches 854 tags 440 MiB
Commit graph

9863 commits

Author SHA1 Message Date
Mark Andrews
3b83676e07 *.vcxproj.in should use CRLF as EOL 2015-08-27 21:57:18 +00:00
Evan Hunt
bcae9a15c1 [master] s/the the/the/ 2015-08-27 14:11:27 -07:00
Mark Andrews
91f66e374b eol -> crlf 2015-08-26 12:43:08 +10:00
Mark Andrews
7ec3c447fd copy notes.pdf to Build\Releasei and link to it from index.html 2015-08-26 12:11:07 +10:00
Tinderbox User
0d5b7ed79d update copyright notice / whitespace 2015-08-25 23:45:27 +00:00
Mark Andrews
02093e4c3b 4193. [bug] Handle broken servers that return BADVERS incorrectly. 
[RT #40427]
 2015-08-25 16:52:43 +10:00
Mark Andrews
9b956d342e 4192. [bug] The default rrset-order of random was not always being 
applied. [RT #40456]
 2015-08-25 14:52:27 +10:00
Mark Andrews
5855fd79e3 4191. [protocol] Accept DNS-SD non LDH PTR records in reverse zones 
as per RFC 6763. [RT #37889]
 2015-08-25 14:46:06 +10:00
Mark Andrews
dc3912f3ca 4190. [protocol] Accept Active Diretory gc._msdcs.<forest> name as 
valid with check-names.  <forest> still needs to be
                        LDH. [RT #40399]
 2015-08-22 15:27:33 +10:00
Mark Andrews
7d0dfa63cf 4189. [cleanup] Don't exit on overly long tokens in named.conf. 
[RT #40418]
 2015-08-22 15:08:22 +10:00
Mark Andrews
18ba804f3a 4188. [bug] Support HTTP/1.0 client properly on the statistics 
channel. [RT #40261]
 2015-08-20 09:55:28 +10:00
Tinderbox User
161b5249b9 update copyright notice / whitespace 2015-08-19 23:45:23 +00:00
Tinderbox User
0d63efe476 update copyright notice / whitespace 2015-08-18 23:45:26 +00:00
Mukund Sivaraman
ec3dbae9eb Use unknown format when totext() is not implemented for any RDATA (#40317) 2015-08-18 20:11:46 +05:30
Mukund Sivaraman
bf350c9f1a Fix RPZ bugs related to wildcard triggers (#40357) 2015-08-18 19:39:53 +05:30
Mark Andrews
b46fc43469 #include <isc/safe.h> 2015-08-18 21:22:48 +10:00
Evan Hunt
b750a49f3f [master] fixed memory leak in dns_compress_add() 
4184.	[bug]		Fixed a possible memory leak in name compression
			when rendering long messages. (Also, improved
			wire_test for testing such messages.) [RT #40375]
 2015-08-17 22:41:44 -07:00
Mark Andrews
47d459ef43 add isc_safe_memequal and isc_safe_memcompare; remove isc_safe_memcmp 2015-08-18 12:25:22 +10:00
Evan Hunt
420a43c8d8 [master] timing safe memory comparisons 
4183.	[cleanup]	Use timing-safe memory comparisons in cryptographic
			code. Also, the timing-safe comparison functions have
			been renamed to avoid possible confusion with
			memcmp(). [RT #40148]
 2015-08-17 18:26:44 -07:00
Tinderbox User
503ffdad3b update copyright notice / whitespace 2015-08-17 23:45:35 +00:00
Evan Hunt
b2f85a0c8e [master] win32: vs2015 compliance; openssl dependency for check.c 2015-08-17 11:35:10 -07:00
Mukund Sivaraman
b0ba1a6059 Use mnemonics for RR class and type comparisons (#40297) 2015-08-17 12:23:35 +05:30
Mark Andrews
70862302f8 4181. [bug] Queued notify messages could be dequeued from the 
wrong rate limiter queue. [RT #40350]
 2015-08-17 10:37:06 +10:00
Tinderbox User
288c18263f update copyright notice / whitespace 2015-08-14 23:45:27 +00:00
Mukund Sivaraman
d7262e5c86 Fix double frees in getaddrinfo() in libirs (#40209) 2015-08-14 13:55:31 +05:30
Mukund Sivaraman
984d2bb9e5 Fix assertion failure in parsing UNSPEC(103) RR from text (#40274) 2015-08-14 13:30:52 +05:30
Mukund Sivaraman
474921d733 Fix assertion failure in parsing NSAP records from text 2015-08-14 13:11:26 +05:30
Mark Andrews
9dc5ef7f24 4175. [bug] TKEY with GSS-API keys needed bigger buffers. 
[RT #40333]
 2015-08-14 08:20:01 +10:00
Evan Hunt
45ad059c4a [master] address VS2015 compiler warning 2015-08-13 14:58:28 -07:00
Tinderbox User
ed91aca9e6 update copyright notice / whitespace 2015-08-12 23:45:25 +00:00
Mark Andrews
c631ff56bf Updated CHANGES note to include require-server-cookie: 
4152.   [func]          Implement DNS COOKIE option.  This replaces the
                        experimental SIT option of BIND 9.10.  The following
                        named.conf directives are available: send-cookie,
                        cookie-secret, cookie-algorithm, nocookie-udp-size
                        and require-server-cookie.  The following dig options
                        are available: +[no]cookie[=value] and +[no]badcookie.
                        [RT #39928]
 2015-08-13 08:26:23 +10:00
Mark Andrews
151f1bcd5e 4172. [bug] Named / named-checkconf didn't handle a view of CLASS0. 
[RT #40265]
 2015-08-12 19:06:00 +10:00
Evan Hunt
9b8f93083d [master] fix tsig class checks 
4171.	[bug]		Fixed incorrect class checks in TSIG RR
			implementation. [RT #40287]
 2015-08-11 22:16:44 -07:00
Evan Hunt
c707e2b986 [master] fix length check in OPENPGPKEY 
4170.	[security]	An incorrect boundary check in the OPENPGPKEY
			rdatatype could trigger an assertion failure.
			[RT #40286]
 2015-08-11 20:01:44 -07:00
Tinderbox User
c4567d0675 update copyright notice / whitespace 2015-08-07 23:45:26 +00:00
Evan Hunt
ce9f893e21 [master] address buffer accounting error 
4168.	[security]	A buffer accounting error could trigger an
			assertion failure when parsing certain malformed
			DNSSEC keys. (CVE-2015-5722) [RT #40212]
 2015-08-07 13:16:10 -07:00
Mukund Sivaraman
991f97366b Fix win32 build (UNUSED is present later) 
(cherry picked from commit 63dcc28d3e)
 2015-07-31 15:01:04 +05:30
Mark Andrews
46e7fc51b8 badcookie has a offical code point of 23 2015-07-27 15:22:09 +10:00
Mark Andrews
dbb064aa79 4165. [bug] An failure to reset a value to NULL in tkey.c could 
result in an assertion failure. (CVE-2015-5477)
                        [RT #40046]
 2015-07-14 14:48:42 +10:00
Tinderbox User
faa3b61828 update copyright notice / whitespace 2015-07-13 23:45:24 +00:00
Mark Andrews
3a49d0ff10 4164. [bug] Don't rename slave files and journals on out of memory. 
[RT #40033]

4163.   [bug]           Address compiler warnings. [RT #40024]
 2015-07-13 09:46:59 +10:00
Mark Andrews
0bc743f9bc 4162. [bug] httpdmgr->flags was not being initialized. [RT #40017] 2015-07-10 18:42:20 +10:00
Tinderbox User
f16a6bfb6c update copyright notice / whitespace 2015-07-09 23:45:22 +00:00
Evan Hunt
fc5f1971a1 [master] fix build error with ISC_MEM_TRACKLINES=0 2015-07-09 14:23:29 -07:00
Evan Hunt
1479200aa0 [master] DDoS mitigation features 
3938.	[func]		Added quotas to be used in recursive resolvers
			that are under high query load for names in zones
			whose authoritative servers are nonresponsive or
			are experiencing a denial of service attack.

			- "fetches-per-server" limits the number of
			  simultaneous queries that can be sent to any
			  single authoritative server.  The configured
			  value is a starting point; it is automatically
			  adjusted downward if the server is partially or
			  completely non-responsive. The algorithm used to
			  adjust the quota can be configured via the
			  "fetch-quota-params" option.
			- "fetches-per-zone" limits the number of
			  simultaneous queries that can be sent for names
			  within a single domain.  (Note: Unlike
			  "fetches-per-server", this value is not
			  self-tuning.)
			- New stats counters have been added to count
			  queries spilled due to these quotas.

			See the ARM for details of these options. [RT #37125]
 2015-07-08 22:53:39 -07:00
Mark Andrews
af63e286dd set error code if aes selected and not implemented 2015-07-08 12:20:46 +10:00
Tinderbox User
9ab5a7d83c update copyright notice / whitespace 2015-07-07 23:45:22 +00:00
Mark Andrews
bd08b82891 add warning not about handling malformed option content 2015-07-07 10:25:09 +10:00
Mark Andrews
46fc714aa0 dig +ednsopt=<invalid> could trigger a assertion failure [RT #39990] 2015-07-06 23:03:51 +10:00
Mukund Sivaraman
33ca26968b Allow RPZ rewrite logging to be configured on a per-zone basis (#39754) 2015-07-06 08:57:51 +05:30