mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-29 05:28:00 +00:00
Code Issues Releases Wiki Activity
26,145 Commits 656 Branches 820 Tags
Commit Graph

6818 Commits

Author SHA1 Message Date
Tinderbox User
38a9d9ba76 update copyright notice / whitespace 2018-01-21 23:45:57 +00:00
Mark Andrews
fdd8838bf9 4869. [bug] Address some cases where NULL with zero length could 
be passed to memmove which is undefined behaviour and
                        can lead to bad optimisation. [RT #46888]
 2018-01-22 09:36:12 +11:00
Tinderbox User
8b8c2990d6 update copyright notice / whitespace 2018-01-17 23:45:56 +00:00
Francis Dupont
614d838acf Merged rt46864 (check MD5 amd SHA1 support) 2018-01-17 14:33:21 +01:00
Tinderbox User
3d2a6c9949 update copyright notice / whitespace 2018-01-16 23:45:57 +00:00
Michał Kępień
73819362d8 [master] Simplify handling isc_socket_sendto2() return values when flags == 0 
4865.	[cleanup]	Simplify handling isc_socket_sendto2() return values.
			[RT #46986]
 2018-01-16 08:33:30 +01:00
Tinderbox User
ed9fea3a6e update copyright notice / whitespace 2018-01-15 23:46:16 +00:00
Michał Kępień
ae51a676c9 [master] Ensure all master definitions in a catalog zone contain an IP address 
4864.	[bug]		named acting as a slave for a catalog zone crashed if
			the latter contained a master definition without an IP
			address. [RT #45999]
 2018-01-15 20:50:09 +01:00
Tinderbox User
5ce167be2e update copyright notice / whitespace 2018-01-12 23:45:54 +00:00
Mukund Sivaraman
f96133826e Fix various bugs reported by valgrind --tool=memcheck (#46978) 2018-01-13 00:33:35 +05:30
Tinderbox User
4b48e307e0 update copyright notice / whitespace 2018-01-10 23:46:37 +00:00
Mark Andrews
7befb67af4 4862. [bug] The rdata flags for RRSIG was not being properly set 
when constructing a rdataslab. [RT #46978]
 2018-01-11 09:51:52 +11:00
Tinderbox User
10e49fc83b update copyright notice / whitespace 2018-01-04 23:45:32 +00:00
Evan Hunt
053b51c4db [master] block validator deadlock and prevent use-after-free 
4859.	[bug]		A loop was possible when attempting to validate
			unsigned CNAME responses from secure zones;
			this caused a delay in returning SERVFAIL and
			also increased the chances of encountering
			CVE-2017-3145. [RT #46839]

4858.	[security]	Addresses could be referenced after being freed
			in resolver.c, causing an assertion failure.
			(CVE-2017-3145) [RT #46839]
 2018-01-03 19:11:18 -08:00
Tinderbox User
a280a7871d update copyright notice / whitespace 2018-01-03 23:45:29 +00:00
Mark Andrews
7258b852cf missing newline in comment 2018-01-03 17:11:12 +11:00
Tinderbox User
903662d5c3 regen master 2017-12-29 01:44:18 +00:00
Tinderbox User
015c017dfa regen master 2017-12-29 01:04:39 +00:00
Mark Andrews
9f61f6b46b initalize sigsize to zero; ATF_CHECK_EQ(sigsize, tsig.siglen); 2017-12-22 08:58:20 +11:00
Mark Andrews
4d1bbe308d 4847. [bug] dnssec-dnskey-kskonly was not being honoured for 
CDS and CDNSKEY. [RT #46755]
 2017-12-13 12:40:36 +11:00
Mark Andrews
cb8650d875 don't attempt to call isc_buffer_free(&buf) twice; don't attempt to call dns_message_destroy(&msg) twice; don't test for key != NULL 2017-12-12 13:20:56 +11:00
Mark Andrews
63459cdc05 4842. [bug] Conditionally compile opensslecdsa_link.c to avoid 
warnings about unused function. [RT #46790]
 2017-12-07 13:26:21 +11:00
Mark Andrews
9d5a0abe81 4841. [bug] Address -fsanitize=undefined warnings. [RT #46786] 2017-12-06 21:00:14 +11:00
Mark Andrews
00f5ea91cf 4839. [bug] zone.c:zone_sign was not properly determining 
if there were active KSK and ZSK keys for
                        a algorithm when update-check-ksk is true
                        (default) leaving records unsigned with one or
                        more DNSKEY algorithms. [RT #46774]
 2017-12-05 16:09:47 +11:00
Mark Andrews
6fa2a0691e 4838. [bug] zone.c:add_sigs was not properly determining 
if there were active KSK and ZSK keys for
                        a algorithm when update-check-ksk is true
                        (default) leaving records unsigned with one or
                        more DNSKEY algorithms. [RT #46754]
 2017-12-05 09:25:09 +11:00
Mark Andrews
196e01da5f 4837. [bug] dns_update_signatures{inc} (add_sigs) was not 
properly determining if there were active KSK and
                        ZSK keys for a algorithm when update-check-ksk is
                        true (default) leaving records unsigned. [RT #46743]
 2017-12-04 10:03:51 +11:00
Evan Hunt
2f855055ed [master] prep 9.12.0rc1 2017-11-30 14:39:16 -08:00
Evan Hunt
49a8cd6c01 [master] silence compiler warning 2017-11-30 13:55:34 -08:00
Ondřej Surý
a4a148cf9a [master] Type the shifted values to isc_uint32_t so the top bit is unsigned (found by UBSAN) [RT #46740] 2017-11-30 18:23:35 +01:00
Michał Kępień
2c20fc0d13 [master] Fix LMDB support on OpenBSD; clean up and refactor LMDB-related code 
4835.	[cleanup]	Clean up and refactor LMDB-related code. [RT #46718]

4834.	[port]		Fix LMDB support on OpenBSD. [RT #46718]
 2017-11-30 14:34:04 +01:00
Tinderbox User
dc66c4a49c update copyright notice / whitespace 2017-11-29 23:45:31 +00:00
Mark Andrews
9ddf7d6c4c 4833. [bug] isc_event_free should check that the event is not 
linked when called. [RT #46725]

4832.   [bug]           Events were not being removed from zone->rss_events.
                        [RT #46725]
 2017-11-30 10:31:44 +11:00
Mark Andrews
0579a11658 4831. [bug] Convert the RRSIG expirytime to 64 bits for 
comparisions in diff.c:resign. [RT #46710]
 2017-11-29 15:20:23 +11:00
Mark Andrews
a8c1bfd673 map more entry points to <name>64 2017-11-28 14:08:14 +11:00
Mark Andrews
18c7fa2f93 #define update_recordsandbytes update_recordsandbytes64 2017-11-28 13:58:49 +11:00
Tinderbox User
393135d693 update copyright notice / whitespace 2017-11-27 23:46:24 +00:00
Mark Andrews
c22b540e4c restore setting header->heap_index to zero in setsigningtime 2017-11-28 06:46:33 +11:00
Michał Kępień
40a90fbf89 [master] Do not use thread-local storage for storing LMDB reader locktable slots 
4828.	[bug]		Do not use thread-local storage for storing LMDB reader
			locktable slots. [RT #46556]
 2017-11-27 09:48:10 +01:00
Mark Andrews
19f6a63184 More: 
4819.   [bug]           Fully backout the transaction when adding a RRset
                        to the resigning / removal heaps fails. [RT #46473]
 2017-11-27 15:15:41 +11:00
Mark Andrews
14e9925868 add missing entries to .def files [RT #46215] 2017-11-27 13:49:39 +11:00
Mark Andrews
1dc8208a89 silence %lu vs size_t warning by casting to (unsigned long) 2017-11-24 10:25:37 +11:00
Mark Andrews
6ead410268 in rdbdb.c:setsigningtime stop breaking heap invariant property unless we are going to restore the invariant property 2017-11-24 08:47:52 +11:00
Michał Kępień
165df18f75 [master] Prevent bogus warning from being logged 
4825.	[bug]		Prevent a bogus "error during managed-keys processing
			(no more)" warning from being logged. [RT #46645]
 2017-11-23 09:36:04 +01:00
Mark Andrews
2f4e0e5a81 initalise serve_stale_ttl 2017-11-23 16:11:49 +11:00
Mark Andrews
78e1d7cdde style 2017-11-23 16:09:27 +11:00
Michał Kępień
6035d557c4 [master] Refactor reclimit system test 
4823.	[test]		Refactor reclimit system test to improve its
			reliability and speed. [RT #46632]
 2017-11-21 10:32:45 +01:00
Mark Andrews
900215654b #include <isc/util.h> [RT #46626] 2017-11-18 11:22:44 +11:00
Tinderbox User
445cabb392 update copyright notice / whitespace 2017-11-17 23:45:28 +00:00
Mark Andrews
a197094d76 remove out of date comment 2017-11-18 08:50:58 +11:00
Mark Andrews
656eed7c9b 4821. [bug] When resigning ensure that the SOA's expire time is 
always later that the resigning time of other records.
                        [RT #46473]

4820.   [bug]           dns_db_subtractrdataset should transfer the resigning
                        information to the new header. [RT #46473]

4819.   [bug]           Fully backout the transaction when adding a RRset
                        to the resigning / removal heaps fail. [RT #46473]
 2017-11-18 07:11:12 +11:00