mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-29 05:28:00 +00:00
Code Issues Releases Wiki Activity
16,778 Commits 656 Branches 820 Tags
Commit Graph

4843 Commits

Author SHA1 Message Date
Evan Hunt
4e55893d30 2813. [bug] Better handling of unreadable DNSSEC key files. 
[RT #20710]

2812.	[bug]		Make sure updates can't result in a zone with
			NSEC-only keys and NSEC3 records. [RT 20748]
 2009-12-18 22:16:49 +00:00
Evan Hunt
bc04d6ec15 2807. [bug] Fixed a possible ASSERT when reconfiguring zone 
keys. [RT #20720]
 2009-12-11 01:06:03 +00:00
Evan Hunt
b8b602f89b 2806. [bug] "rdnc sign" could delay re-signing the DNSKEY 
when it had changed. [RT #20703]
 2009-12-07 20:51:12 +00:00
Evan Hunt
daa4933c4d prep for 9.7.0rc1 2009-12-06 02:54:26 +00:00
Evan Hunt
c7611c7dd2 prep for 9.7.0rc1 release 2009-12-06 02:31:42 +00:00
Evan Hunt
12178c8652 2805. [bug] Fixed namespace problems encountered when building 
external programs using non-exported BIND9 libraries
			(i.e., built without --enable-exportlib). [RT #20679]
 2009-12-05 23:31:41 +00:00
Evan Hunt
c2f095969c oops: missed a declaration, and forgot to lock the zone before clearing 
the flag.  (and accidentally ran make tests in the wrong tree, misleading
myself into thinking it was fine.)
 2009-12-05 01:25:43 +00:00
Evan Hunt
d601ef9e89 2804. [bug] Send notifies when a zone is signed with "rndc sign" 
or as a result of a scheduled key change. [RT #20700]
 2009-12-04 22:45:11 +00:00
Automatic Updater
4b6dc226f7 update copyright notice 2009-12-04 22:06:37 +00:00
Mark Andrews
3d17a3ba61 2801. [func] Detect and report records that are different according 
to DNSSEC but are sematically equal according to plain
                        DNS.  Apply plain DNS comparisons rather than DNSSEC
                        comparisons when processing UPDATE requests.
                        dnssec-signzone now removes such semantically duplicate
                        records prior to signing the RRset.

                        named-checkzone -r {ignore|warn|fail} (default warn)
                        named-compilezone -r {ignore|warn|fail} (default warn)

                        named.conf: check-dup-records {ignore|warn|fail};
 2009-12-04 21:09:34 +00:00
Mark Andrews
5d850024cb 2800. [func] Reject zones which have NS records which refer to 
CNAMEs, DNAMEs or don't have address record (class IN
                        only).  Reject UPDATEs which would cause the zone
                        to fail the above checks if committed. [RT #20678]
 2009-12-04 03:33:15 +00:00
Evan Hunt
8e4f3f1cbc 2799. [cleanup] Changed the "secure-to-insecure" option to 
"dnssec-secure-to-insecure", and "dnskey-ksk-only"
			to "dnssec-dnskey-kskonly", for clarity. [RT #20586]
 2009-12-03 23:18:17 +00:00
Evan Hunt
22304041d1 typo caused a missing semicolon 2009-12-03 16:49:09 +00:00
Evan Hunt
e6dda86e8b 2798. [bug] Addressed bugs in managed-keys initialization 
and rollover. [RT #20683]
 2009-12-03 15:40:03 +00:00
Mark Andrews
2a0d4c4d6b 2797. [bug] Don't decrement the dispatch manager's maxbuffers. 
[RT #20613]
 2009-12-02 23:15:14 +00:00
Mark Andrews
d524a81532 2796. [bug] Missing dns_rdataset_disassociate() call in 
dns_nsec3_delnsec3sx(). [RT #20681]
 2009-12-01 05:28:40 +00:00
Evan Hunt
feeca57f18 2795. [cleanup] Add text to differentiate "update with no effect" 
log messages. [RT #18889]
 2009-12-01 00:47:09 +00:00
Vernon Schryver
5d9922e86f Allow the optional filter-aaaa-on-v4 option in view statements to close #20635 2009-11-28 15:57:37 +00:00
Automatic Updater
3e920dd0c6 update copyright notice 2009-11-26 23:48:14 +00:00
Mark Andrews
66ecb6789b 2790. [bug] Handle DS queries to stub zones. 2009-11-26 03:28:19 +00:00
Automatic Updater
2b2fc9b4df update copyright notice 2009-11-25 23:49:22 +00:00
Mark Andrews
536e36ac8d declarations before statements 2009-11-25 13:17:59 +00:00
Evan Hunt
cfc22e53a8 2789. [bug] Fixed an INSIST in dispatch.c [RT #20576] 2009-11-25 05:55:32 +00:00
Evan Hunt
fc1fb1a469 2786. [bug] Spurious log message when zone keys were 
dynamically reconfigured. [RT #20659]
 2009-11-25 02:30:54 +00:00
Mark Andrews
d0ca4e90e2 2786. [bug] Additional could be promoted to answer. [RT #20663] 2009-11-25 02:22:05 +00:00
Automatic Updater
b314ea10b4 update copyright notice 2009-11-24 23:48:12 +00:00
Evan Hunt
d312bc5d81 2785. [bug] Revoked keys could fail to self-sign [RT #20652] 2009-11-24 03:42:32 +00:00
Mark Andrews
9dd2ee95f1 2784. [bug] TC was not always being set when required glue was 
dropped. [RT #234186]
 2009-11-24 03:20:02 +00:00
Automatic Updater
94e3a63110 update copyright notice 2009-11-23 23:48:16 +00:00
Evan Hunt
5985af3f5c 2781. [bug] Inactive keys could be used for signing. [RT #20649] 2009-11-23 15:18:07 +00:00
Evan Hunt
cef109efa7 2780. [bug] dnssec-keygen -A none didn't properly unset the 
activation date in all cases. [RT #20648]

2779.	[bug]		Dynamic key revokation could fail. [RT #20644]

2778.	[bug]		dnssec-signzone could fail when a key was revoked
			without deleting the unrevoked version. [RT #20638]
 2009-11-23 02:55:41 +00:00
Mark Andrews
c16d37d06e 2776. [bug] Change #2762 was not correct. [RT #20647] 2009-11-23 02:10:16 +00:00
Automatic Updater
fe2b9bf570 update copyright notice 2009-11-18 23:48:07 +00:00
Evan Hunt
b08325a7f3 2773. [bug] In autosigned zones, the SOA could be signed 
with the KSK. [RT #20628]
 2009-11-18 21:22:31 +00:00
Evan Hunt
2ad776a5c4 changed age to 0 2009-11-18 16:46:10 +00:00
Evan Hunt
af52d6ddd7 prep for release of 9.7.0b3 2009-11-18 00:30:37 +00:00
Mark Andrews
a39a5f4d81 2772. [security] When validating, track whether pending data was from 
the additional section or not and only return it if
                        validates as secure. [RT #20438]
 2009-11-17 23:55:18 +00:00
Automatic Updater
e34e9a8d68 update copyright notice 2009-11-17 23:48:13 +00:00
Evan Hunt
7ee4b13ded 2771. [bug] dnssec-signzone: DNSKEY records could be 
corrupted when importing from key files [RT #20624]
 2009-11-17 05:46:53 +00:00
Evan Hunt
44a3999cf4 2770. [cleanup] Add log messages to resolver.c to indicate events 
causing FORMERR responses. [RT #20526]
 2009-11-17 02:23:15 +00:00
Evan Hunt
7048af0a55 2769. [cleanup] Change #2742 was incomplete. [RT #19589] 2009-11-16 07:56:06 +00:00
Evan Hunt
e856482b1f 2767. [bug] named could crash on startup if a zone was 
configured with auto-dnssec and there was no
			key-directory. [RT #20615]
 2009-11-16 01:44:33 +00:00
Automatic Updater
53d502202a update copyright notice 2009-11-12 23:47:59 +00:00
Evan Hunt
86132f0ef5 eliminate warning when building without -DBIND9 2009-11-12 23:43:02 +00:00
Mark Andrews
1d0ebb4cf2 2765. [bug] Skip masters for which the TSIG key cannot be found. 
[RT #20595]
 2009-11-12 23:30:36 +00:00
Evan Hunt
e9dff04d3b 2763. [bug] "rndc sign" didn't create an NSEC chain. [RT #20591] 2009-11-12 03:03:36 +00:00
Evan Hunt
0c3948e606 2761. [bug] DLV validation failed with a local slave DLV zone. 
[RT #20577]
 2009-11-12 02:59:20 +00:00
Evan Hunt
5c6c5669ec #include <time.h> for the ctime() prototype. 2009-11-07 03:36:58 +00:00
Mark Andrews
df1599d0e1 address initialization type mismatch warning 2009-11-06 04:19:28 +00:00
Mark Andrews
7963a67df0 address statement not reached warning 2009-11-06 04:12:15 +00:00