2
0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-29 21:47:59 +00:00

3298 Commits

Author SHA1 Message Date
Evan Hunt
3812202124 [master] add a "wire_test -d" option to read raw binary data
4169.	[test]		Added a 'wire_test -d' option to read input as
			raw binary data, for use as a fuzzing harness.
			[RT #40312]
2015-08-10 14:44:02 -07:00
Evan Hunt
05b1684791 [master] fix an awk portability issue 2015-08-03 14:21:16 -07:00
Tinderbox User
f3cbd0e029 update copyright notice / whitespace 2015-08-02 23:45:22 +00:00
Evan Hunt
68116c5a5f [master] add +nocookie options where needed 2015-08-02 11:18:12 -07:00
Evan Hunt
a3b21effd7 [master] missing 'use' caused test failure 2015-07-21 13:49:54 -07:00
Evan Hunt
a32ca13d12 [master] statschannel test failed when only JSON was available 2015-07-20 19:09:22 -07:00
Evan Hunt
9501aa9d5a [master] portability 2015-07-20 19:01:29 -07:00
Tinderbox User
35af5049f8 update copyright notice / whitespace 2015-07-10 23:45:23 +00:00
Evan Hunt
b716b9cddc [master] add JSON and more XML tests
4161.	[test]		Add JSON test for traffic size stats; also test
			for consistency between "rndc stats" and the XML
			and JSON statistics channel contents. [RT #38700]
2015-07-09 21:18:42 -07:00
Tinderbox User
f16a6bfb6c update copyright notice / whitespace 2015-07-09 23:45:22 +00:00
Evan Hunt
1479200aa0 [master] DDoS mitigation features
3938.	[func]		Added quotas to be used in recursive resolvers
			that are under high query load for names in zones
			whose authoritative servers are nonresponsive or
			are experiencing a denial of service attack.

			- "fetches-per-server" limits the number of
			  simultaneous queries that can be sent to any
			  single authoritative server.  The configured
			  value is a starting point; it is automatically
			  adjusted downward if the server is partially or
			  completely non-responsive. The algorithm used to
			  adjust the quota can be configured via the
			  "fetch-quota-params" option.
			- "fetches-per-zone" limits the number of
			  simultaneous queries that can be sent for names
			  within a single domain.  (Note: Unlike
			  "fetches-per-server", this value is not
			  self-tuning.)
			- New stats counters have been added to count
			  queries spilled due to these quotas.

			See the ARM for details of these options. [RT #37125]
2015-07-08 22:53:39 -07:00
Tinderbox User
9ab5a7d83c update copyright notice / whitespace 2015-07-07 23:45:22 +00:00
Evan Hunt
70d987def5 [master] traffic size stats
4156.	[func]		Added statistics counters to track the sizes
			of incoming queries and outgoing responses in
			histogram buckets, as specified in RSSAC002.
			[RT #39049]
2015-07-06 22:29:06 -07:00
Mukund Sivaraman
33ca26968b Allow RPZ rewrite logging to be configured on a per-zone basis (#39754) 2015-07-06 08:57:51 +05:30
Mark Andrews
3e33f4198d 4154. [bug] A OPT record should be included with the FORMERR
response when there is a malformed EDNS option.
                        [RT #39647]

4153.   [bug]           Dig should zero non significant +subnet bits.  Check
                        that non significant ECS bits are zero on receipt.
                        [RT #39647]
2015-07-06 12:52:37 +10:00
Mark Andrews
ce67023ae3 4152. [func] Implement DNS COOKIE option. This replaces the
experimental SIT option of BIND 9.10.  The following
                        named.conf directives are avaliable: send-cookie,
                        cookie-secret, cookie-algorithm and nocookie-udp-size.
                        The following dig options are available:
                        +[no]cookie[=value] and +[no]badcookie.  [RT #39928]
2015-07-06 09:44:24 +10:00
Tinderbox User
337d408adb update copyright notice / whitespace 2015-06-29 23:45:23 +00:00
Mukund Sivaraman
08f0129732 Fix a bug printing zone names with '/' character in XML and JSON stats (#39873) 2015-06-29 18:33:18 +05:30
Mark Andrews
4a61eae651 4147. [bug] Filter-aaaa / filter-aaaa-on-v4 / filter-aaaa-on-v6
was returning referrals rather than nodata responses
                        when the AAAA records were filtered.  [RT #39843]
2015-06-29 15:48:41 +10:00
Witold Krecicki
f10a67dad2 Add statistics counters for nxdomain redirections. [RT #39790] 2015-06-25 09:21:50 +02:00
Tinderbox User
e0ba64bdd2 update copyright notice / whitespace 2015-06-23 23:45:21 +00:00
Mukund Sivaraman
0439bfedd9 Fix parsing of NZFs saved by rndc addzone with view specified (#39845) 2015-06-23 14:19:48 +05:30
Mukund Sivaraman
b4e114e3cd Print unsigned values for serial, etc. in rndc zonestatus output (#39854) 2015-06-23 13:57:33 +05:30
Witold Krecicki
af3770ed93 rndc reconfig reports configuration errors the same way rndc reload does [RT #39635] 2015-06-12 10:19:29 +02:00
Witold Krecicki
f85deb5154 log expired NTA at startup 2015-06-08 13:57:24 +02:00
Mark Andrews
b704d25ff3 unlock T4_mx 2015-05-30 17:54:33 +10:00
Mark Andrews
8c74b6a9a1 use sed as tail -n +# is not portable 2015-05-30 11:05:57 +10:00
Tinderbox User
431e5c81db update copyright notice / whitespace 2015-05-28 23:45:24 +00:00
Mark Andrews
e53e202ef3 4128. [bug] Address issues raised by Coverity 7.6. [RT #39537] 2015-05-28 13:17:07 +10:00
Mark Andrews
52a487f71a link against ISC_OPENSSL_LIBS 2015-05-28 11:06:39 +10:00
Mark Andrews
598b502695 4127. [protocol] CDS and CDNSKEY need to be signed by the key signing
key as per RFC 7344, Section 4.1. [RT #37215]
2015-05-27 15:25:45 +10:00
Evan Hunt
a32b6291aa [master] address regression
4126.	[bug]		Addressed a regression introduced in change #4121.
			[RT #39611]
2015-05-26 19:11:08 -07:00
Tinderbox User
b7b835bfb0 update copyright notice / whitespace 2015-05-24 23:45:24 +00:00
Mark Andrews
83622f9a4c link against libisc 2015-05-24 12:50:56 +10:00
Mark Andrews
cb9b145f39 don't include <isc/print.h> 2015-05-24 12:50:20 +10:00
Mark Andrews
936adc1282 link against libisc 2015-05-24 11:58:15 +10:00
Tinderbox User
d70dac20d2 update copyright notice / whitespace 2015-05-23 23:45:25 +00:00
Mark Andrews
2ac85d943b specfiy where libisc is
(cherry picked from commit c907e7b512e88b641595d514790e2b41575f149e)
2015-05-24 06:03:08 +10:00
Mark Andrews
e6e7de5cda link against ISCLIBS 2015-05-24 05:42:44 +10:00
Francis Dupont
850cfa4e86 Added isc in includes (print.h requires it) 2015-05-23 15:51:34 +02:00
Francis Dupont
3759f10fc5 added print.h includes, updated copyrights 2015-05-23 14:21:51 +02:00
Tinderbox User
46ee7c3260 update copyright notice / whitespace 2015-05-22 23:45:24 +00:00
Curtis Blackburn
717c2b9655 4125. [test] Added tests for dig, renamed delv test to digdelv.
[RT #39490]
2015-05-22 11:47:17 -07:00
Evan Hunt
c55a1da4fc [master] log parsing errors from default config or addzone/modzone
4124.	[func]		Log errors or warnings encountered when parsing the
			internal default configuration.  Clarify the logging
			of errors and warnings encountered in rndc
			addzone or modzone parameters. [RT #39440]
2015-05-21 23:04:29 -07:00
Tinderbox User
0dfc0745c4 update copyright notice / whitespace 2015-05-21 23:45:26 +00:00
Mukund Sivaraman
705cea35a8 Fix RPZ radix tree search() for CLIENT-IP triggers (#39481) 2015-05-21 11:10:49 +05:30
Evan Hunt
7e6cf6fc6e [master] address a possible policy update race
4120.	[bug]		A bug in RPZ could cause the server to crash if
			policy zones were updated while recursion was
			pending for RPZ processing of an active query.
			[RT #39415]
2015-05-19 15:47:42 -07:00
Jeremy C. Reed
20914534e6 add a space after shell here-document name
<<END> foo.out
  to
<<END > foo.out

to be consistent with shell style

discussed via jabber in bind9 room
2015-05-19 13:22:36 -04:00
Mark Andrews
c7463967db 4119. [func] Allow dig to set the message opcode. [RT #39550] 2015-05-19 12:46:06 +10:00
Evan Hunt
d9aefcf5cb [master] there are now 98 automatic zones 2015-05-16 10:07:17 -07:00