upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-11 10:50:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
23542 commits 18 branches 886 tags 467 MiB
Commit graph

7154 commits

Author SHA1 Message Date
Mark Andrews
3a49d0ff10 4164. [bug] Don't rename slave files and journals on out of memory. 
[RT #40033]

4163.   [bug]           Address compiler warnings. [RT #40024]
 2015-07-13 09:46:59 +10:00
Tinderbox User
b3338fc248 regen master 2015-07-11 01:05:48 +00:00
Tinderbox User
35af5049f8 update copyright notice / whitespace 2015-07-10 23:45:23 +00:00
Evan Hunt
629a015940 [master] correct the maximum NTA lifetime in rndc's help output 2015-07-10 09:07:23 -07:00
Mark Andrews
539c3f73b7 zone is not optional for zonestatus [RT #40012] 2015-07-10 15:28:11 +10:00
Evan Hunt
b716b9cddc [master] add JSON and more XML tests 
4161.	[test]		Add JSON test for traffic size stats; also test
			for consistency between "rndc stats" and the XML
			and JSON statistics channel contents. [RT #38700]
 2015-07-09 21:18:42 -07:00
Tinderbox User
c0cbdeedb5 regen master 2015-07-10 01:05:03 +00:00
Tinderbox User
f16a6bfb6c update copyright notice / whitespace 2015-07-09 23:45:22 +00:00
Evan Hunt
e38a7d749b [master] Merge branch 'master' of ssh://repo/proj/git/prod/bind9 2015-07-08 22:56:32 -07:00
Evan Hunt
1479200aa0 [master] DDoS mitigation features 
3938.	[func]		Added quotas to be used in recursive resolvers
			that are under high query load for names in zones
			whose authoritative servers are nonresponsive or
			are experiencing a denial of service attack.

			- "fetches-per-server" limits the number of
			  simultaneous queries that can be sent to any
			  single authoritative server.  The configured
			  value is a starting point; it is automatically
			  adjusted downward if the server is partially or
			  completely non-responsive. The algorithm used to
			  adjust the quota can be configured via the
			  "fetch-quota-params" option.
			- "fetches-per-zone" limits the number of
			  simultaneous queries that can be sent for names
			  within a single domain.  (Note: Unlike
			  "fetches-per-server", this value is not
			  self-tuning.)
			- New stats counters have been added to count
			  queries spilled due to these quotas.

			See the ARM for details of these options. [RT #37125]
 2015-07-08 22:53:39 -07:00
Mark Andrews
2561b2dd84 add comment about +trace and @server 2015-07-09 12:11:46 +10:00
Tinderbox User
f66d0e646f regen 2015-07-08 23:30:01 +00:00
Mark Andrews
e8f98ec8d4 future cookie code 2015-07-08 12:57:29 +10:00
Mark Andrews
4968e1de7e allow named to build w/o openssl 2015-07-08 11:54:25 +10:00
Tinderbox User
9ab5a7d83c update copyright notice / whitespace 2015-07-07 23:45:22 +00:00
Mark Andrews
6e7f5e8ad5 4159. [cleanup] Alphabetize dig's help output. [RT #39966] 2015-07-08 09:20:49 +10:00
Mark Andrews
b399f4e568 4159. [cleanup] Alphabetize dig's help output. [RT #39966] 2015-07-08 08:49:24 +10:00
Evan Hunt
70d987def5 [master] traffic size stats 
4156.	[func]		Added statistics counters to track the sizes
			of incoming queries and outgoing responses in
			histogram buckets, as specified in RSSAC002.
			[RT #39049]
 2015-07-06 22:29:06 -07:00
Mukund Sivaraman
33ca26968b Allow RPZ rewrite logging to be configured on a per-zone basis (#39754) 2015-07-06 08:57:51 +05:30
Mark Andrews
3e33f4198d 4154. [bug] A OPT record should be included with the FORMERR 
response when there is a malformed EDNS option.
                        [RT #39647]

4153.   [bug]           Dig should zero non significant +subnet bits.  Check
                        that non significant ECS bits are zero on receipt.
                        [RT #39647]
 2015-07-06 12:52:37 +10:00
Tinderbox User
1879ff4932 regen master 2015-07-06 01:04:49 +00:00
Tinderbox User
8f0b326d9a update copyright notice / whitespace 2015-07-05 23:45:22 +00:00
Mark Andrews
ce67023ae3 4152. [func] Implement DNS COOKIE option. This replaces the 
experimental SIT option of BIND 9.10.  The following
                        named.conf directives are avaliable: send-cookie,
                        cookie-secret, cookie-algorithm and nocookie-udp-size.
                        The following dig options are available:
                        +[no]cookie[=value] and +[no]badcookie.  [RT #39928]
 2015-07-06 09:44:24 +10:00
Tinderbox User
d6b82bc2ae update copyright notice / whitespace 2015-06-30 23:45:23 +00:00
Tinderbox User
6cd01c0a96 regen master 2015-06-30 01:04:57 +00:00
Tinderbox User
337d408adb update copyright notice / whitespace 2015-06-29 23:45:23 +00:00
Jeremy C. Reed
001b06f0ab remove some duplicate "the" words. 2015-06-29 13:40:06 -04:00
Mukund Sivaraman
08f0129732 Fix a bug printing zone names with '/' character in XML and JSON stats (#39873) 2015-06-29 18:33:18 +05:30
Mark Andrews
4a61eae651 4147. [bug] Filter-aaaa / filter-aaaa-on-v4 / filter-aaaa-on-v6 
was returning referrals rather than nodata responses
                        when the AAAA records were filtered.  [RT #39843]
 2015-06-29 15:48:41 +10:00
Tinderbox User
8e50c69783 update copyright notice / whitespace 2015-06-25 23:45:22 +00:00
Witold Krecicki
f10a67dad2 Add statistics counters for nxdomain redirections. [RT #39790] 2015-06-25 09:21:50 +02:00
Tinderbox User
e0ba64bdd2 update copyright notice / whitespace 2015-06-23 23:45:21 +00:00
Mukund Sivaraman
0439bfedd9 Fix parsing of NZFs saved by rndc addzone with view specified (#39845) 2015-06-23 14:19:48 +05:30
Mukund Sivaraman
b4e114e3cd Print unsigned values for serial, etc. in rndc zonestatus output (#39854) 2015-06-23 13:57:33 +05:30
Mukund Sivaraman
d14c268362 Remove redundant nzf_remove() call during delzone (#39844) 2015-06-23 13:41:08 +05:30
Witold Krecicki
af3770ed93 rndc reconfig reports configuration errors the same way rndc reload does [RT #39635] 2015-06-12 10:19:29 +02:00
Evan Hunt
27970e78c6 [master] log outdated rpz settings regardless of enable-querytrace 2015-06-10 10:22:59 -07:00
Evan Hunt
215049febb [master] rpz_ver check was ineffective 2015-06-09 15:05:43 -07:00
Witold Krecicki
f85deb5154 log expired NTA at startup 2015-06-08 13:57:24 +02:00
Tinderbox User
335c82aebd regen master 2015-06-05 01:05:03 +00:00
Mark Andrews
8a9bac8dec 4133. [port] Update how various json libraries are handled. 
[RT #39646]
 2015-06-05 10:16:24 +10:00
Evan Hunt
eb447eca88 [master] dig option cleanups 
4132.	[cleanup]	dig: added +rd as a synonym for +recurse,
			added +class as an unabbreviated alternative
			to +cl. [RT #39686]
 2015-06-04 08:55:32 -07:00
Evan Hunt
8c9fba44a4 [master] further RPZ fixes 
4131.	[bug]		Addressed further problems with reloading RPZ
			zones. [RT #39649]
 2015-06-03 18:18:55 -07:00
Mark Andrews
b704d25ff3 unlock T4_mx 2015-05-30 17:54:33 +10:00
Mark Andrews
8c74b6a9a1 use sed as tail -n +# is not portable 2015-05-30 11:05:57 +10:00
Tinderbox User
22be030b50 regen master 2015-05-29 01:04:57 +00:00
Tinderbox User
431e5c81db update copyright notice / whitespace 2015-05-28 23:45:24 +00:00
Mark Andrews
e53e202ef3 4128. [bug] Address issues raised by Coverity 7.6. [RT #39537] 2015-05-28 13:17:07 +10:00
Mark Andrews
52a487f71a link against ISC_OPENSSL_LIBS 2015-05-28 11:06:39 +10:00
Tinderbox User
481870b95f regen master 2015-05-28 01:04:54 +00:00