mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-29 13:38:26 +00:00
Code Issues Releases Wiki Activity
36,567 Commits 657 Branches 820 Tags
Commit Graph

618 Commits

Author SHA1 Message Date
Mark Andrews
af850c4120 3168. [bug] Nxdomain redirection could trigger a assert with 
a ANY query. [RT #26017]
 2011-10-12 23:09:35 +00:00
Evan Hunt
793814f807 3164. [func] Enable DLZ modules to retrieve client information, 
so that responses can be changed depending on the
			source address of the query. [RT #25768]
 2011-10-11 00:09:03 +00:00
Evan Hunt
5a75f61dd4 3144. [bug] dns_dbiterator_seek() could trigger an assert when 
used with a nonexistent database node. [RT #25358]
 2011-08-23 00:59:23 +00:00
Evan Hunt
6de9744cf9 3124. [bug] Use an rdataset attribute flag to indicate 
negative-cache records rather than using rrtype 0;
			this will prevent problems when that rrtype is
			used in actual DNS packets. [RT #24777]

3123.	[security]	Change #2912 exposed a latent flaw in
			dns_rdataset_totext() that could cause named to
			crash with an assertion failure. [RT #24777]
 2011-06-08 22:13:51 +00:00
Mark Andrews
0874abad14 3069. [cleanup] Silence warnings messages from clang static analysis. 
[RT #20256]
 2011-03-11 06:11:27 +00:00
Evan Hunt
70c7f4fb4f 3053. [bug] Under a sustained high query load with a finite 
max-cache-size, it was possible for cache memory
			to be exhausted and not recovered. [RT #23371]
 2011-03-03 04:42:25 +00:00
Mark Andrews
c1ced49662 3051. [bug] NS records obsure DS records at the bottom of the 
zone if both are present. [RT #23035]
 2011-03-02 04:20:34 +00:00
Evan Hunt
b32e391602 3025. [bug] Fixed a possible deadlock due to zone resigning. 
[RT #22964]
 2011-02-18 23:26:44 +00:00
Mark Andrews
481ebd6977 rpz require -DBIND9 2011-01-13 09:53:04 +00:00
Automatic Updater
9cee5bb028 update copyright notice 2011-01-13 04:59:26 +00:00
Mark Andrews
87708bde16 3008. [func] Response policy zones (RPZ) support. [RT #21726] 2011-01-13 01:59:28 +00:00
Mark Andrews
97664670d0 2975. [bug] rbtdb.c:cleanup_dead_nodes_callback() aquired the 
wrong lock which could lead to server deadlock.
                        [RT #22614]
 2010-12-02 04:58:13 +00:00
Mark Andrews
d48730a446 2970. [security] Adding a NO DATA negative cache entry failed to clear 
any matching RRSIG records.  A subsequent lookup of
                        of NO DATA cache entry could trigger a INSIST when the
                        unexpected RRSIG was also returned with the NO DATA
                        cache entry.  [RT #22288]
 2010-11-16 06:46:44 +00:00
Mark Andrews
240a7dc59d 2951. [bug] named failed to generate a correct signed response 
in a optout, delegation only zone with no secure
                        delegations. [RT #22007]
 2010-09-07 00:58:36 +00:00
Automatic Updater
2b43d1d8c5 update copyright notice 2010-08-13 23:47:04 +00:00
Mark Andrews
c73d8c1b72 2938. [bug] When skipping NSEC3 records that don't match the 
current NSEC3PARAM record in use for zone named
                        could dereference a uninitialised pointer attempting
                        to obtain a lock. [RT# 21868]
 2010-08-13 06:46:25 +00:00
Tatuya JINMEI 神明達哉
27fe1966c9 2937. [bug] Worked around an apparent race condition in over 
memory conditions.  Without this fix a DNS cache DB or
			ADB could incorrectly stay in an over memory state,
			effectively refusing further caching, which
			subsequently made a BIND 9 caching server unworkable.
			This fix prevents this problem from happening by
			polling the state of the memory context, rather than
			making a copy of the state, which appeared to cause
			a race.  This is a "workaround" in that it doesn't
			solve the possible race per se, but several experiments
			proved this change solves the symptom.  Also, the
			polling overhead hasn't been reported to be an issue.
			This bug should only affect a caching server that
			specifies a finite max-cache-size.  It's also quite
			likely that the bug happens only when enabling threads,
			but it's not confirmed yet. [RT #21818]
 2010-08-11 22:54:58 +00:00
Mark Andrews
121f783b66 2881. [bug] Reduce the amount of time the rbtdb write lock 
is held when closing a version. [RT #21198]
 2010-05-10 01:39:03 +00:00
Mark Andrews
8b026a66fd grab a write lock before updating header->trust 2010-02-26 00:18:06 +00:00
Mark Andrews
0cae66577c 2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619] 2010-02-25 04:39:13 +00:00
Automatic Updater
842920c7db update copyright notice 2010-01-04 23:48:51 +00:00
Evan Hunt
845bb3195a 2829. [bug] Fixed potential node inconsistency in rbtdb.c. 
[RT #20808]
 2010-01-04 22:30:14 +00:00
Tatuya JINMEI 神明達哉
d8680445d6 2828. [security] Cached CNAME or DNAME RR could be returned to clients 
without DNSSEC validation. [RT #20737]

9.4-ESV, 9.5.3, 9.6.2, 9.7.0, 9.8.0(?)
 2009-12-30 08:02:23 +00:00
Mark Andrews
288486df9d 2823. [bug] rbtdb.c:getsigningtime() was missing locks. [RT #20781] 2009-12-29 22:04:16 +00:00
Mark Andrews
5773d3c007 2822. [bug] rbtdb.c:loadnode() could return the wrong result. 
[RT #20802]
 2009-12-29 08:53:33 +00:00
Evan Hunt
b09559fd36 2816. [bug] previous_closest_nsec() could fail to return 
data for NSEC3 nodes [RT #29730]
 2009-12-23 23:43:01 +00:00
Automatic Updater
3e920dd0c6 update copyright notice 2009-11-26 23:48:14 +00:00
Mark Andrews
66ecb6789b 2790. [bug] Handle DS queries to stub zones. 2009-11-26 03:28:19 +00:00
Mark Andrews
d0ca4e90e2 2786. [bug] Additional could be promoted to answer. [RT #20663] 2009-11-25 02:22:05 +00:00
Mark Andrews
c16d37d06e 2776. [bug] Change #2762 was not correct. [RT #20647] 2009-11-23 02:10:16 +00:00
Mark Andrews
a39a5f4d81 2772. [security] When validating, track whether pending data was from 
the additional section or not and only return it if
                        validates as secure. [RT #20438]
 2009-11-17 23:55:18 +00:00
Evan Hunt
0c3948e606 2761. [bug] DLV validation failed with a local slave DLV zone. 
[RT #20577]
 2009-11-12 02:59:20 +00:00
Evan Hunt
c1bfa5b0ad 2753. [bug] Removed an unnecessary warning that could appear when 
building an NSEC chain. [RT #20588]
 2009-11-06 03:26:59 +00:00
Automatic Updater
990dca4605 update copyright notice 2009-10-27 23:47:45 +00:00
Mark Andrews
63d5a6f680 2736. [func] Improve the performance of NSEC signed zones with 
more than a normal amount of glue below a delegation.
                        [RT #20191]
 2009-10-27 04:46:58 +00:00
Mark Andrews
2847930722 2708. [func] Insecure to secure and NSEC3 parameter changes via 
update are now fully supported and no longer require
                        defines to enable.  We now no longer overload the
                        NSEC3PARAM flag field, nor the NSEC OPT bit at the
                        apex.  Secure to insecure changes are controlled by
                        by the named.conf option 'secure-to-insecure'.

                        Warning: If you had previously enabled support by
                        adding defines at compile time to BIND 9.6 you should
                        ensure that all changes that are in progress have
                        completed prior to upgrading to BIND 9.7.  BIND 9.7
                        is not backwards compatible.
 2009-10-08 23:13:07 +00:00
Evan Hunt
246c504f90 2706. [bug] Loading a zone with a very large NSEC3 salt could 
trigger an assert. [RT #20368]
 2009-10-06 21:20:45 +00:00
Automatic Updater
4fa2649d57 update copyright notice 2009-10-03 23:48:10 +00:00
Evan Hunt
c36ba263d6 2699. [bug] Missing lock in rbtdb.c. [RT #20037] 2009-10-03 22:39:27 +00:00
Evan Hunt
1210799345 Add /* NOTREACHED */ comments 2009-10-03 18:03:54 +00:00
Tatuya JINMEI 神明達哉
307d208450 2660. [func] Add a new set of DNS libraries for non-BIND9 
applications.  See README.libdns. [RT #19369]
 2009-09-01 00:22:28 +00:00
Mark Andrews
5b7525f51f 2625. [bug] Missing UNLOCK in rbtdb.c. [RT #19865] 2009-07-13 07:03:47 +00:00
Tatuya JINMEI 神明達哉
5d7849ad7f 2596. [bug] Stale tree nodes of cache/dynamic rbtdb could stay 
long, leading to inefficient memory usage or rejecting
			newer cache entries in the worst case. [RT #19563]
 2009-05-06 22:53:54 +00:00
Tatuya JINMEI 神明達哉
3dc1cb7e96 wording fix for cpp error message (rt #19569) 2009-04-07 02:49:37 +00:00
Mark Andrews
e422b84c73 2573. [bug] Replacing a non-CNAME record with a CNAME record in a 
single transaction in a signed zone failed. [RT #19397]
 2009-03-05 04:54:33 +00:00
Tatuya JINMEI 神明達哉
c82bb6a709 2538. [bug] cache/ADB memory could grow over max-cache-size, 
especially with threads and smaller max-cache-size
			values. [RT #19240]
 2009-01-28 23:20:23 +00:00
Automatic Updater
d362465c77 update copyright notice 2009-01-17 23:47:43 +00:00
Francis Dupont
bdfaef63f5 spelling 2009-01-17 14:59:03 +00:00
Mark Andrews
2628c71479 silence compiler warning. [RT #18990] 2008-11-14 14:07:48 +00:00
Mark Andrews
76bd01263f remove debugging printf 2008-10-29 05:53:12 +00:00