mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-28 13:08:06 +00:00
Code Issues Releases Wiki Activity
15,500 Commits 660 Branches 820 Tags
Commit Graph

92 Commits

Author SHA1 Message Date
Mark Andrews
50df1ec60a 2495. [bug] Tighten RRSIG checks. [RT #18795] 2008-11-14 22:53:46 +00:00
Mark Andrews
23450c23fd 2235. [bug] dnssec-signzone failed to preserve the case of 
of wildcard owner named. [RT #17085]
 2007-09-14 04:32:50 +00:00
Automatic Updater
ec5347e2c7 update copyright notice 2007-06-18 23:47:57 +00:00
Automatic Updater
1415fce15f update copyright notice 2007-05-18 23:46:58 +00:00
Mark Andrews
9860862ced 2183. [bug] dnssec-signzone didn't handle offline private keys 
well.  [RT #16832]
 2007-05-18 05:50:35 +00:00
Mark Andrews
e1fd585739 update copyright notice 2006-03-07 00:34:55 +00:00
Mark Andrews
59d84d1b07 2001. [func] Check the KSK flag when updating a secure dynamic zone. 
New zone option "update-check-ksk yes;".  [RT #15817]
 2006-03-06 01:27:52 +00:00
Mark Andrews
2674e1a455 1940. [bug] Fixed a number of error conditions reported by 
Coverity.
 2005-11-30 03:33:49 +00:00
Mark Andrews
69fe9aaafd update copyright notice 2005-04-29 00:24:12 +00:00
Rob Austein
ab023a6556 1851. [doc] Doxygen comment markup. [RT #11398] 2005-04-27 04:57:32 +00:00
Mark Andrews
23fdb6a5a3 1654. [bug] isc_result_totext() contained array bounds read 
error.

1653.   [func]          Add key type checking to dst_key_fromfilename(),
                        DST_TYPE_KEY should be used to read TSIG, TKEY and
                        SIG(0) keys.

1652.   [bug]           TKEY still uses KEY.
 2004-06-11 00:27:06 +00:00
Mark Andrews
dafcb997e3 update copyright notice 2004-03-05 05:14:21 +00:00
Mark Andrews
d249a25043 sig0 uses sig not rrsig 2004-03-04 02:44:54 +00:00
Mark Andrews
35541328a8 1558. [func] New DNSSEC 'disable-algorithms'. Support entry into 
child zones for which we don't have a supported
                        algorithm.  Such child zones are treated as unsigned.

1557.   [func]          Implement missing DNSSEC tests for
                        * NOQNAME proof with wildcard answers.
                        * NOWILDARD proof with NXDOMAIN.
                        Cache and return NOQNAME with wildcard answers.
 2004-01-14 02:06:51 +00:00
Tatuya JINMEI 神明達哉
e407562a75 1528. [cleanup] Simplify some dns_name_ functions based on the 
deprecation of bitstring labels.
 2003-10-25 00:31:12 +00:00
Mark Andrews
93d6dfaf66 1516. [func] Roll the DNSSEC types to RRSIG, NSEC and DNSKEY. 2003-09-30 06:00:40 +00:00
Mark Andrews
c972e36de6 reversed timestamp sanity test on SIG 2002-11-15 21:25:21 +00:00
Mark Andrews
90295f915c 1399. [bug] Use serial number arithmetic when testing SIG 
timestamps. [RT #4268]
developer: marka
reviewer: ogud
 2002-11-12 19:50:51 +00:00
Mark Andrews
9db3d9d14e 1254. [bug] When signing/verifying rdatasets, duplicate rdatas 
need to be suppressed.
 2002-07-22 02:49:14 +00:00
Mark Andrews
a7038d1a05 copyrights 2002-02-20 03:35:59 +00:00
Brian Wellington
2ca2e1a1ce 1188. [bug] Dynamic updates of a signed zone would fail if 
some of the zone private keys were unavailable.
 2002-01-22 13:04:45 +00:00
Brian Wellington
a5c077e40c 1181. [func] Add the "key-directory" configuration statement, 
which allows the server to look for online signing
			keys in alternate directories.
 2002-01-21 11:00:25 +00:00
Andreas Gustafsson
1f1d36a87b Check return values or cast them to (void), as required by the coding 
standards; add exceptions to the coding standards for cases where this is
not desirable
 2001-11-30 01:59:49 +00:00
Brian Wellington
ba9e9a88c8 The last change didn't compile due to faulty cut&paste. 2001-06-08 22:48:28 +00:00
Brian Wellington
3b6bcedffe 891. [bug] Return an error when a SIG(0) signed response to 
an unsigned query is seen.  This should actually
			do the verification, but it's not currently
			possible. [RT #1391]
 2001-06-08 19:37:29 +00:00
Brian Wellington
cbb781f277 uninitialized variable 2001-05-29 22:54:07 +00:00
Brian Wellington
a62b21afd3 DST_TYPE_PUBLIC|DST_TYPE_PRIVATE 2001-05-10 06:05:54 +00:00
Brian Wellington
3840dba289 Comment a particularly subtle bit of code. 2001-05-02 00:03:12 +00:00
Brian Wellington
05183bbc4f Signing with a large key didn't work since the static output buffer was too 
small; use a dynamic buffer instead.  Also, comment a section
 2001-05-02 00:02:28 +00:00
Brian Wellington
8c3989000a 810. [bug] The signer name in SIG records was not properly 
downcased when signing/verifying records. [RT #1186]
 2001-04-17 17:20:27 +00:00
Brian Wellington
b8a85202af 786. [bug] When signing/verifying data, names were not properly 
downcased.
 2001-03-23 03:51:04 +00:00
Brian Wellington
d03fd76636 add a cast [RT #1013] 2001-03-12 22:39:36 +00:00
Brian Wellington
18d110413c Move dns_dnssec_iszonekey to dns_zonekey_iszonekey, to make the rbtdb not 
require all of dst to be linked in.
 2001-01-17 01:22:20 +00:00
Brian Wellington
499b34cea0 copyright update 2001-01-09 22:01:04 +00:00
Brian Wellington
abfbf760f3 650. [bug] SIG(0) records were being generated and verified 
incorrectly. [RT #606]
 2001-01-04 00:10:13 +00:00
Brian Wellington
8d6fe3f388 Pointers to regions are silly. Use regions instead. This removes 1 small 
allocation per query.
 2001-01-03 20:42:10 +00:00
Brian Wellington
78838d3e0c 8 space -> tab conversion 2000-12-11 19:24:30 +00:00
Mark Andrews
368b37b616 dns_rdata_invalidate -> dns_rdata_reset 2000-10-31 03:22:05 +00:00
Mark Andrews
c03bb27f06 532. [func] Implement DNS UPDATE pseudo records using 
DNS_RDATA_UPDATE flag.

 531.   [func]          Rdata really should be initalized before being
                        assigned to (dns_rdata_fromwire(), dns_rdata_fromtext(),
                        dns_rdata_clone(), dns_rdata_fromregion()),
                        check that it is.
 2000-10-25 04:26:57 +00:00
Brian Wellington
d1cbf71409 clean up suspicious looking and incorrect uses of dns_name_fromregion 2000-10-07 00:09:28 +00:00
Brian Wellington
cc8a68d56f minor cleanup 2000-09-25 23:18:54 +00:00
Brian Wellington
5c29047792 minor dst api change 2000-09-12 09:59:28 +00:00
Andreas Gustafsson
70e2821036 additional consistency checking 2000-08-21 23:22:01 +00:00
Brian Wellington
16797b504e SIG(0) signing and verifying had an off by 2 error. 2000-08-21 17:48:46 +00:00
Brian Wellington
41654670e7 Added dns_dnssec_iszonekey() to determine if a KEY is a zone key without 
the overhead of converting it to a dst key.
 2000-08-10 02:00:35 +00:00
David Lawrence
40f53fa8d9 Trailing whitespace trimmed. Perhaps running "perl util/spacewhack.pl in your 
own CVS tree will help minimize CVS conflicts.  Maybe not.
Blame Graff for getting me to trim all trailing whitespace.
 2000-08-01 01:33:37 +00:00
David Lawrence
65260de947 needs <dns/fixedname.h> now that it rdatastruct.h does not provide it 2000-07-31 20:53:56 +00:00
David Lawrence
15a4474541 word wrap copyright notice at column 70 2000-07-27 09:55:03 +00:00
Brian Wellington
969f24b04c dns_dnssec_verifymessage should make sure that it's verifying with the right 
key (which should be the case anyway, but it never hurts to check).  Also
fix a memory leak and change a few _tostruct() calls to not allocate memory.
 2000-07-25 17:12:00 +00:00
Brian Wellington
b3ef06344a DST API updates 2000-06-06 22:01:49 +00:00