2
0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-29 21:47:59 +00:00

1497 Commits

Author SHA1 Message Date
Mark Andrews
e916c4f840 3818. [bug] Stop lying to the optimizer that 'void *arg' is a
constant in isc_event_allocate.
2014-04-24 13:43:59 +10:00
Mark Andrews
2d1c1ee28a keyboard.h 2014-04-08 10:37:08 +10:00
Mark Andrews
866606b9c7 3802. [bug] Various header files were not being installed 2014-04-04 21:56:08 +11:00
Tinderbox User
24a4fabc0b update copyright notice 2014-03-13 23:53:24 +00:00
Evan Hunt
acbb301e64 [master] better error output when initializing pkcs11
3786.	[func]		Provide more detailed error codes when using
			native PKCS#11. "pkcs11-tokens" now fails robustly
			rather than asserting when run against an HSM with
			an incomplete PCKS#11 API implementation. [RT #35479]
2014-03-12 20:52:01 -07:00
Evan Hunt
e29c2b3903 [master] fix misuses of isc__buffer functions, update comment 2014-03-06 17:26:21 -08:00
Tinderbox User
938440694b update copyright notice 2014-02-27 23:46:22 +00:00
Evan Hunt
98922b2b2b [master] merge several interdependent fixes
3760.   [bug]           Improve SIT with native PKCS#11 and on Windows.
			[RT #35433]

3759.   [port]          Enable delve on Windows. [RT #35441]

3758.   [port]          Enable export library APIs on windows. [RT #35382]
2014-02-26 19:00:05 -08:00
Mark Andrews
e676a59686 update copyrights 2014-02-20 10:53:11 +11:00
Mark Andrews
b5f6271f4d 3744. [experimental] SIT: send and process Source Identity Tokens
(which are similar to DNS Cookies by Donald Eastlake)
                        and are designed to help clients detect off path
                        spoofed responses and for servers to detect legitimate
                        clients.

                        SIT use a experimental EDNS option code (65001).

                        SIT can be enabled via --enable-developer or
                        --enable-sit.  It is on by default in Windows.

                        RRL processing as been updated to know about SIT with
                        legitimate clients not being rate limited. [RT #35389]
2014-02-19 12:53:42 +11:00
Tinderbox User
72141595cf update copyright notice 2014-02-16 23:46:32 +00:00
Evan Hunt
1d761cb453 [master] delve
3741.	[func]		"delve" (domain entity lookup and validation engine):
			A new tool with dig-like semantics for performing DNS
			lookups, with internal DNSSEC validation, using the
			same resolver and validator logic as named. This
			allows easy validation of DNSSEC data in environments
			with untrustworthy resolvers, and assists with
			troubleshooting of DNSSEC problems. (Note: not yet
			available on win32.) [RT #32406]
2014-02-16 13:03:17 -08:00
Tinderbox User
1124950b35 update copyright notice 2014-02-12 23:46:27 +00:00
Evan Hunt
dbb012765c [master] merge libiscpk11 to libisc
3735.	[cleanup]	Merged the libiscpk11 library into libisc
			to simplify dependencies. [RT #35205]
2014-02-11 21:20:28 -08:00
Tinderbox User
81f58902eb update copyright notice 2014-02-07 23:46:39 +00:00
Mark Andrews
62ec9fd168 3733. [func] Improve interface scanning support. Interface
information will be automatically updated if the
                        OS supports routing sockets.  Use
                        "automatic-interface-scan no;" to disable.

                        Add "rndc scan" to trigger a scan. [RT #23027]
2014-02-07 17:16:37 +11:00
Evan Hunt
e5f9fa7e18 [master] deprecate isc_bitsrting
3727.	[func]		The isc_bitstring API is no longer used and
			has been removed from libisc. [RT #35284]
2014-02-06 15:36:13 -08:00
Mark Andrews
e20788e121 update copyrights 2014-01-16 15:19:24 +11:00
Mark Andrews
1b5dcef875 include <isc/tm.h>, <isc/lang.h> and <isc/types.h> 2014-01-15 20:42:22 +11:00
Evan Hunt
a147de10fe [master] portable strptime/timegm
3709.	[port]		Use built-in versions of strptime() and timegm()
			on all platforms to avoid portability issues.
			[RT #35183]
2014-01-14 23:17:47 -08:00
Evan Hunt
ba751492fc [master] native PKCS#11 support
3705.	[func]		"configure --enable-native-pkcs11" enables BIND
			to use the PKCS#11 API for all cryptographic
			functions, so that it can drive a hardware service
			module directly without the need to use a modified
			OpenSSL as intermediary (so long as the HSM's vendor
			provides a complete-enough implementation of the
			PKCS#11 interface). This has been tested successfully
			with the Thales nShield HSM and with SoftHSMv2 from
			the OpenDNSSEC project. [RT #29031]
2014-01-14 15:40:56 -08:00
Mark Andrews
a7c412f37c update copyrights 2014-01-11 07:07:56 +11:00
Evan Hunt
1bb2f53b9f [master] fix win32 build problems 2014-01-10 10:58:06 -08:00
Mark Andrews
52e6d8a36d add ISC_PLATFORM_NEEDSTRCASESTR 2014-01-10 23:53:41 +11:00
Evan Hunt
60fb67079e [master] add isc_string_strcasestr for portability 2014-01-09 22:04:03 -08:00
Evan Hunt
57a46f4b19 [master] Merge branch 'master' of ssh://repo/proj/git/prod/bind9 2014-01-09 19:05:46 -08:00
Evan Hunt
789252d55f [master] stats improvements
3700.	[func]		Allow access to subgroups of XML statistics via
			special URLs http://<server>:<port>/xml/v3/server,
			/zones, /net, /tasks, /mem, and /status.  [RT #35115]

3699.	[bug]		Improvements to statistics channel XSL stylesheet:
			the stylesheet can now be cached by the browser;
			section headers are omitted from the stats display
			when there is no data in those sections to be
			displayed; counters are now right-justified for
			easier readability. [RT #35117]
2014-01-09 18:46:25 -08:00
Tinderbox User
431a83fb29 update copyright notice 2014-01-09 23:46:35 +00:00
Evan Hunt
e851ea8260 [master] replace memcpy() with memmove().
3698.	[cleanup]	Replaced all uses of memcpy() with memmove().
			[RT #35120]
2014-01-08 16:39:05 -08:00
Mark Andrews
2bdfb330af update copyrights 2013-12-05 15:04:53 +11:00
Mark Andrews
c3c8823fed 3681. [port] Update the Windows build system to support feature
selection and WIN64 builds.  This is a work in
                        progress. [RT #34160]
2013-12-04 12:47:23 +11:00
Evan Hunt
434bfc3dfa [master] "in-view" zone option
3673.	[func]		New "in-view" zone option allows direct sharing
			of zones between views. [RT #32968]
2013-11-13 20:35:40 -08:00
Mark Andrews
6100b17699 3662. [bug] 'host' could die if a UPD query timed out. [RT #34870] 2013-10-25 10:09:33 +11:00
Evan Hunt
41dabe089f [master] remove namespace.h from installed files 2013-09-09 09:22:37 -07:00
Francis Dupont
a96e5ffbe0 spelling 2013-07-10 10:56:18 +02:00
Evan Hunt
4b13ea47db [master] check for -ljson-c as well as -ljson
3512.	[port]		Check whether to use -ljson or -ljson-c. [RT #34115]
2013-07-09 16:43:59 -07:00
Evan Hunt
5b7abbef51 [master] added isc_safe_memcmp()
3611.	[bug]		Improved resistance to a theoretical authentication
			attack based on differential timing.  [RT #33939]
2013-07-09 11:47:16 -07:00
Tinderbox User
2777329775 update copyright notice 2013-06-17 23:46:12 +00:00
Evan Hunt
31707708c5 [master] portability fixes for map files
3598.	[cleanup]	Improved portability of map file code. [RT #33820]
2013-06-17 09:09:43 -07:00
Evan Hunt
166c4c6c5b [master] fix win32 build
3595.	[port]		win32: Fix build problems introduced by change #3550.
			[RT #33807]
2013-06-13 12:36:39 -07:00
Mark Andrews
8dda0f671d remove unnecessary DE_CONST; pass in as (const void *) 2013-06-11 12:25:43 +10:00
Evan Hunt
e59937c728 [rt33746] use CRC64 for map file error detection
3591.	[func]		Use CRC-64 to detect map file corruption at load
			time. [RT #33746]
2013-06-10 14:19:22 -07:00
Mark Andrews
62f016d5d3 3571. [bug] Address race condition in dns_client_startresolve().
[RT #33234]

Squashed commit of the following:

commit ebfb9f3e783531cc1369bf519eb1c33437ec6f1a
Author: Evan Hunt <each@isc.org>
Date:   Wed May 8 11:47:52 2013 -0700

    [rt33234] style

commit 0a915af759670aadb2455711997d9f29e5c3f794
Author: Mark Andrews <marka@isc.org>
Date:   Wed May 8 18:23:57 2013 +1000

    handle dns_client race
2013-05-09 08:41:24 +10:00
Tinderbox User
12253af346 update copyright notice 2013-04-10 23:46:01 +00:00
Evan Hunt
b99bfa184b [master] unify internal and export libraries
3550.	[func]		Unified the internal and export versions of the
			BIND libraries, allowing external clients to use
			the same libraries as BIND. [RT #33131]
2013-04-10 13:49:57 -07:00
Tinderbox User
313b0ea9f2 update copyright notice 2013-03-23 23:46:06 +00:00
Evan Hunt
67adc03ef8 [master] add DSCP support
3535.	[func]		Add support for setting Differentiated Services Code
			Point (DSCP) values in named.  Most configuration
			options which take a "port" option (e.g.,
			listen-on, forwarders, also-notify, masters,
			notify-source, etc) can now also take a "dscp"
			option specifying a code point for use with
			outgoing traffic, if supported by the underlying
			OS. [RT #27596]
2013-03-22 14:05:33 -07:00
Mark Andrews
73273ce28f add json.h 2013-03-15 09:11:13 +11:00
Tinderbox User
22dd28c5bc update copyright notice 2013-03-13 23:46:08 +00:00
Evan Hunt
feb067b25a [master] add JSON statistics channel
3524.	[func]		Added an alternate statistics channel in JSON format,
			when the server is built with the json-c library:
			http://[address]:[port]/json.  [RT #32630]
2013-03-13 14:24:50 -07:00