mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 14:07:59 +00:00
Code Issues Releases Wiki Activity
34,182 Commits 659 Branches 820 Tags
Commit Graph

324 Commits

Author SHA1 Message Date
Evan Hunt
ab0fe63f07 minor cleanup and addressed a sprintf format warning 2018-02-24 17:56:17 -08:00
Mark Andrews
dcd309bea1 conditionally typedef fstrmtable 2018-02-24 17:49:49 -08:00
Ondřej Surý
843d389661 Update license headers to not include years in copyright in all applicable files 2018-02-23 10:12:02 +01:00
Evan Hunt
b252549e5a [rt43670] more emphatic warning 2018-02-09 12:28:49 +11:00
Mark Andrews
baef0ca988 4889. [func] Warn about the use of old root keys without the new 
root key being present.  Warn about dlv.isc.org's
                        key being present. Warn about both managed and
                        trusted root keys being present. [RT #43670]
 2018-02-09 12:04:45 +11:00
Mark Andrews
ec771bbdc8 4885. [security] update-policy rules that otherwise ignore the name 
field now require that it be set to "." to ensure
                        that any type list present is properly interpreted.
                        [RT #47126]
 2018-02-07 13:34:02 +11:00
Tinderbox User
3fda67b596 update copyright notice / whitespace 2018-01-22 23:46:02 +00:00
Evan Hunt
129c4414cb [master] automatically generate named.conf grammars for the ARM 
4873.	[doc]		Grammars for named.conf included in the ARM are now
			automatically generated by the configuration parser
			itself.  As a side effect of the work needed to
			separate zone type grammars from each other, this
			also makes checking of zone statements in
			named-checkconf more correct and consistent.
			[RT #36957]
 2018-01-22 11:06:32 -08:00
Evan Hunt
79c2400d91 [master] allow primary/secondary as synonyms for master/slave 
4848.	[func]		Zone types "primary" and "secondary" can now be used
			as synonyms for "master" and "slave" in named.conf.
			[RT #46713]
 2017-12-15 01:47:05 -08:00
Mark Andrews
3d905e0533 4817. [cleanup] Use DNS_NAME_INITABSOLUTE and DNS_NAME_INITNONABSOLUTE. 
[RT #45433]
 2017-11-13 16:58:12 +11:00
Mark Andrews
f5e1b555c5 4801. [func] 'dnssec-lookaside auto;' and 'dnssec-lookaside . 
trust-anchor dlv.isc.org;' now elicit warnings rather
                        than being fatal configuration errors. [RT #46410]
 2017-10-30 07:40:59 +11:00
Evan Hunt
f29359299a [master] de-DLV 
4749.	[func]		The ISC DLV service has been shut down, and all
			DLV records have been removed from dlv.isc.org.
			- Removed references to ISC DLV in documentation
			- Removed DLV key from bind.keys
			- No longer use ISC DLV by default in delv
			[RT #46155]
 2017-10-03 00:41:57 -07:00
Mark Andrews
df50751585 4700. [func] Serving of stale answers is now supported. This 
allows named to provide stale cached answers when
                        the authoritative server is under attack.
                        See max-stale-ttl, stale-answer-enable,
                        stale-answer-ttl. [RT #44790]
 2017-09-06 09:58:29 +10:00
Mark Andrews
e2a737bcb8 4699. [func] Multiple cookie-secret clauses can now be specified. 
The first one specified is used to generate new
                        server cookies.  [RT #45672]
 2017-09-05 09:19:45 +10:00
Mark Andrews
2e743d9bdc Squashed commit of the following: 
commit 2a0e5695da2e0f701191e2783209ac05c9d01e6c
Author: Mark Andrews <marka@isc.org>
Date:   Thu Aug 31 12:15:05 2017 +1000

    remove 'on' from error message

commit f18a8d699b69be35b938cfe2b30ebb30cd78e814
Author: Mark Andrews <marka@isc.org>
Date:   Thu Aug 31 11:58:41 2017 +1000

    add more cookie-secret named-checkconf tests

commit ca8f5f5f57ccbeb970310866523a909eb411a554
Author: Mark Andrews <marka@isc.org>
Date:   Thu Aug 31 11:31:57 2017 +1000

    properly check algorithm names
 2017-08-31 12:19:37 +10:00
Mark Andrews
4bf32aa587 4654. [cleanup] Don't use C++ keywords delete, new and namespace. 
[RT #45538]
 2017-07-21 11:52:24 +10:00
Mark Andrews
e85e95c19e 4636. [bug] Normalize rpz policy zone names when checking for 
existence. [RT #45358]
 2017-06-13 13:06:47 +10:00
Mark Andrews
aa3a8979bc 4530. [bug] "dyndb" is dependent on dlopen existing / being 
enabled. [RT #45291]
 2017-05-30 11:34:37 +10:00
Mukund Sivaraman
241b49e611 Set a LMDB mapsize and also provide a config option to control it (#44954) 2017-04-26 23:51:26 +05:30
Mukund Sivaraman
03be5a6b4e Improve performance for delegation heavy answers and also general query performance (#44029) 2017-04-22 09:22:44 +05:30
Evan Hunt
612b2e2c0d [master] timestamp suffixes for log files 
4579.	[func]		Logging channels and dnstap output files can now
			be configured with a "suffix" option, set to
			either "increment" or "timestamp", indicating
			whether to use incrementing numbers or timestamps
			as the file suffix when rolling over a log file.
			[RT #42838]
 2017-03-08 23:20:40 -08:00
Tinderbox User
f929677ed8 update copyright notice / whitespace 2017-02-08 23:45:32 +00:00
Evan Hunt
c4e4bd6a09 [master] dnstap size and versions options 
4572.	[func]		The "dnstap-output" option can now take "size" and
			"versions" parameters to indicate the maximum size
			a dnstap log file can grow before rolling to a new
			file, and how many old files to retain. [RT #44502]
 2017-02-06 16:34:58 -08:00
Mark Andrews
762c4fc5a8 4539. [bug] Referencing a nonexistant zone with rpz could lead 
to a assertion failure when configuring. [RT #43787]
 2016-12-27 08:59:07 +11:00
Tinderbox User
e37bc34b31 update copyright notice / whitespace 2016-11-02 23:46:39 +00:00
Mark Andrews
5f8412a4cb 4504. [security] Allow the maximum number of records in a zone to 
be specified.  This provides a control for issues
                        raised in CVE-2016-6170. [RT #42143]
 2016-11-02 17:31:27 +11:00
Mark Andrews
8ee6f289d8 4450. [port] Provide more nuanced HSM support which better matches 
the specific PKCS11 providers capabilities. [RT #42458]
 2016-08-19 08:02:51 +10:00
Mark Andrews
934837913f 4447. [tuning] Allow the fstrm_iothr_init() options to be set using 
named.conf to control how dnstap manages the data
                        flow. [RT #42974]
 2016-08-18 11:16:06 +10:00
Mark Andrews
632e67baa6 4431. [bug] named-checkconf now checks the rate-limit clause. 
[RT #42970]
 2016-08-08 23:52:40 +10:00
Mark Andrews
0c27b3fe77 4401. [misc] Change LICENSE to MPL 2.0. 2016-06-27 14:56:38 +10:00
Tinderbox User
f89adb2c2a update copyright notice / whitespace 2016-05-05 23:45:48 +00:00
Mark Andrews
594d15df25 4359. [bug] Inherited 'also-notify' lists were not being checked 
by named-checkconf. [RT #42174]
 2016-05-05 21:59:09 +10:00
Mark Andrews
93ca5ee4c4 update copyrights 2016-03-08 16:21:19 +11:00
Mark Andrews
d6357f09aa 4329. [func] Warn about a common misconfiguration when forwarding 
RFC 1918 zones. [RT #41441]
 2016-03-08 10:11:23 +11:00
Tinderbox User
ed91aca9e6 update copyright notice / whitespace 2015-08-12 23:45:25 +00:00
Mark Andrews
151f1bcd5e 4172. [bug] Named / named-checkconf didn't handle a view of CLASS0. 
[RT #40265]
 2015-08-12 19:06:00 +10:00
Mark Andrews
af63e286dd set error code if aes selected and not implemented 2015-07-08 12:20:46 +10:00
Tinderbox User
8f0b326d9a update copyright notice / whitespace 2015-07-05 23:45:22 +00:00
Mark Andrews
ce67023ae3 4152. [func] Implement DNS COOKIE option. This replaces the 
experimental SIT option of BIND 9.10.  The following
                        named.conf directives are avaliable: send-cookie,
                        cookie-secret, cookie-algorithm and nocookie-udp-size.
                        The following dig options are available:
                        +[no]cookie[=value] and +[no]badcookie.  [RT #39928]
 2015-07-06 09:44:24 +10:00
Mark Andrews
83b9e799df #ifdef protect 'b' 2015-01-21 13:07:50 +11:00
Evan Hunt
761d135ed6 [master] add TCP pipelining support 
4040.	[func]		Added server-side support for pipelined TCP
			queries. TCP connections are no longer closed after
			the first query received from a client. (The new
			"keep-response-order" option allows clients to be
			specified for which the old behavior will still be
			used.) [RT #37821]
 2015-01-20 16:14:09 -08:00
Tinderbox User
c110d61b17 update copyright notice / whitespace 2015-01-20 23:45:26 +00:00
Evan Hunt
11463c0ac2 [master] clean up gcc -Wshadow warnings 
4039.	[cleanup]	Cleaned up warnings from gcc -Wshadow. [RT #37381]
 2015-01-20 13:29:18 -08:00
Evan Hunt
498b061031 [master] allow 1-week nta-lifetime/nta-recheck 
3983.	[bug]		Change #3940 was incomplete: negative trust anchors
			could be set to last up to a week, but the
			"nta-lifetime" and "nta-recheck" options were
			still limted to one day. [RT #37522]
 2014-10-20 13:40:17 -07:00
Mark Andrews
1c5990c2f9 3958. [bug] Detect when writeable files have multiple references 
in named.conf. [RT #37172]
 2014-09-29 12:10:10 +10:00
Tinderbox User
3278ff814d update copyright notice 2014-08-29 23:45:22 +00:00
Mark Andrews
7c73ac5e13 3934. [bug] Catch bad 'sit-secret' in named-checkconf. Improve 
sit-secrets documentation. [RT #36980]
 2014-08-29 14:35:21 +10:00
Mark Andrews
43b9737b11 3911. [func] Implement EDNS EXPIRE option client side. [RT #35925] 2014-08-06 11:50:40 +10:00
Mark Andrews
275a8affe7 3899. [bug] "request-ixfr" is only applicable to slave and redirect 
zones. [RT #36608]
 2014-07-25 14:23:14 +10:00
Mark Andrews
bc4006c0d3 alphabetize optionstable 2014-07-22 14:14:55 +10:00