mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 05:57:52 +00:00
Code Issues Releases Wiki Activity
41,385 Commits 657 Branches 820 Tags
Commit Graph

1503 Commits

Author SHA1 Message Date
Evan Hunt
c8aa7ce70d 2732. [func] Add optional filter-aaaa-on-v4 option, available 
if built with './configure --enable-filter-aaaa'.
			Filters out AAAA answers to clients connecting
			via IPv4.  (This is NOT recommended for general
			use.) [RT #20339]
 2009-10-26 23:14:54 +00:00
Mark Andrews
06e7340198 2719. [func] Skip trusted/managed keys for unsupported algorithms. 
[RT #20392]
 2009-10-20 03:15:06 +00:00
Evan Hunt
77b8f88f14 2712. [func] New 'auto-dnssec' zone option allows zone signing 
to be fully automated in zones configured for
			dynamic DNS.  'auto-dnssec allow;' permits a zone
			to be signed by creating keys for it in the
			key-directory and using 'rndc sign <zone>'.
			'auto-dnssec maintain;' allows that too, plus it
			also keeps the zone's DNSSEC keys up to date
			according to their timing metadata. [RT #19943]
 2009-10-12 20:48:12 +00:00
Francis Dupont
8b78c993cb explicit engine rt20230a 2009-10-05 17:30:49 +00:00
Francis Dupont
debd489a44 noreturn RT #20257 2009-09-29 15:06:07 +00:00
Evan Hunt
a457576b58 "dnssec-lookaside auto" crashed if named was built without openssl [rt20231] 2009-09-10 01:49:29 +00:00
Mark Andrews
2d13af354a isc_resourcevalue_t is unsigned. use %ISC_PRINT_QUADFORMATu 2009-09-04 00:49:50 +00:00
Automatic Updater
823ca3c14f update copyright notice 2009-09-01 23:47:45 +00:00
Tatuya JINMEI 神明達哉
44de0b1f7d 2666. [func] Added an 'options' argument to dns_name_fromstring() 
(API change from 9.7.0a2). [RT #20196]
 2009-09-01 17:36:51 +00:00
Evan Hunt
85be60e3c8 2665. [func] Clarify syntax for managed-keys {} statement, add 
ARM documentation about RFC 5011 support. [RT #19874]
 2009-09-01 07:14:26 +00:00
Tatuya JINMEI 神明達哉
307d208450 2660. [func] Add a new set of DNS libraries for non-BIND9 
applications.  See README.libdns. [RT #19369]
 2009-09-01 00:22:28 +00:00
Automatic Updater
da035d9f44 update copyright notice 2009-08-25 23:47:51 +00:00
Mark Andrews
18114698b4 2654. [bug] Improve error reporting on duplicated names for 
deny-answer-xxx. [RT #20164]
 2009-08-25 02:42:46 +00:00
Evan Hunt
3a87540047 2644. [bug] Change #2628 caused a regression on some systems; 
named was unable to write the PID file and would
                        fail on startup. [RT #20001]
 2009-08-05 17:35:33 +00:00
Automatic Updater
3e12c54de2 update copyright notice 2009-07-14 23:47:54 +00:00
Evan Hunt
08f860f800 2630. [func] Improved syntax for DDNS autoconfiguration: use 
"update-policy local;" to switch on local DDNS in a
			zone.  [RT #19875]
 2009-07-14 22:54:57 +00:00
Mark Andrews
109580e7e5 2920. [bug] Delay thawing the zone until the reload of it has 
completed successfully.  [RT #19750]
 2009-07-02 07:39:03 +00:00
Automatic Updater
f66c8eed51 update copyright notice 2009-06-30 23:48:01 +00:00
Evan Hunt
cfb1587eb9 2619. [func] Add support for RFC 5011, automatic trust anchor 
maintenance.  The new "managed-keys" statement can
			be used in place of "trusted-keys" for zones which
			support this protocol.  (Note: this syntax is
			expected to change prior to 9.7.0 final.) [RT #19248]
 2009-06-30 02:53:46 +00:00
Automatic Updater
b6306ef56e update copyright notice 2009-06-10 23:47:47 +00:00
Evan Hunt
351b62535d 2609. [func] Simplify the configuration of dynamic zones: 
- add ddns-confgen command to generate
			  configuration text for named.conf
			- add zone option "ddns-autoconf yes;", which
			  causes named to generate a TSIG session key
			  and allow updates to the zone using that key
			- add '-l' (localhost) option to nsupdate, which
			  causes nsupdate to connect to a locally-running
			  named process using the session key generated
			  by named
			[RT #19284]
 2009-06-10 00:27:22 +00:00
Automatic Updater
e6ada020f5 update copyright notice 2009-05-29 23:47:49 +00:00
Tatuya JINMEI 神明達哉
40d0f115a6 2604. [func] Add support for DNS rebinding attack prevention through 
new options, deny-answer-addresses and
			deny-answer-aliases.  Based on contributed code from
			JD Nurmi, Google. [RT #18192]
 2009-05-29 22:22:37 +00:00
Automatic Updater
e61db954bf update copyright notice 2009-03-04 23:48:02 +00:00
Evan Hunt
3a30493983 2572. [func] Simplify DLV configuration, with a new option 
"dnssec-lookaside auto;"  This is the equivalent
			of "dnssec-lookaside . trust-anchor dlv.isc.org;"
			plus setting a trusted-key for dlv.isc.org.

			Note: The trusted key is hard-coded into named,
			but is also stored in (and can be overridden
			by) $sysconfdir/bind.keys.  As the ISC DLV key
			rolls over it can be kept up to date by replacing
			the bind.keys file with a key downloaded from
			https://www.isc.org/solutions/dlv. [RT #18685]
 2009-03-04 02:42:31 +00:00
Mark Andrews
8f196ee82b 2558. [func] Set the ownership of missing directories created 
for pid-file if -u has been specified on the command
                        line. [RT #19328]
 2009-02-16 05:08:43 +00:00
Mark Andrews
e80b693272 2539. [security] Update the interaction between recursion, allow-query, 
allow-query-cache and allow-recursion.  [RT #19198]
 2009-01-30 03:48:54 +00:00
Tatuya JINMEI 神明達哉
d9059b0c38 2537. [func] Added more statistics counters including those on socket 
I/O events and query RTT histograms.  [RT #18802]
 2009-01-27 22:30:00 +00:00
Francis Dupont
7f1785d0de spelling 2009-01-17 11:23:46 +00:00
Automatic Updater
9e0d0a279b update copyright notice 2009-01-09 23:47:46 +00:00
Tatuya JINMEI 神明達哉
7781f25078 2526. [func] New named option "attach-cache" that allows multiple 
views to share a single cache to save memory and
			improve lookup efficiency. [RT 18905]
 2009-01-09 22:24:37 +00:00
Tatuya JINMEI 神明達哉
726d737626 removed a duplicate line 2008-12-25 02:02:39 +00:00
Tatuya JINMEI 神明達哉
d7e2f1d572 comment update 2008-12-25 02:00:49 +00:00
Automatic Updater
49960a74b5 update copyright notice 2008-11-14 23:47:33 +00:00
Mark Andrews
7d89c53f6e 2492. [func] Rndc status new reports the number of cpus discovered 
and the number of worker threads when running
                        multi-threaded. [RT #18273]
 2008-11-14 04:57:04 +00:00
Mark Andrews
9d02618ca6 2478. [bug] 'addresses' could be used uninitalized in 
configure_forward(). [RT 18800]
 2008-10-28 05:17:40 +00:00
Tatuya JINMEI 神明達哉
2be6798f93 2457. [tuning] max-cache-size is reverted to 0, the previous 
default.  It should be safe because expired cache
			entries are also purged.
 2008-09-27 23:35:31 +00:00
Automatic Updater
8306e43fcb update copyright notice 2008-09-04 23:47:13 +00:00
Mark Andrews
ed1251fa35 include order 2008-09-04 07:45:15 +00:00
Mark Andrews
0eeaaaf0ae 2398. [bug] Improve file descriptor management. New, 
temporary, named.conf option reserved-sockets,
                        default 512. [RT #18344]
 2008-09-04 05:56:43 +00:00
Mark Andrews
efe34b8ddb 2389 [bug] Move the working directory writable to after the 
ns_os_changeuser() call. [RT #18326]
 2008-07-18 01:26:20 +00:00
Tatuya JINMEI 神明達哉
fa77ca1069 removed redundant parenthesis (I don't know why it was included in the 
previous commit..)
 2008-07-12 05:58:08 +00:00
Tatuya JINMEI 神明達哉
158f256a14 2386. [bug] Add warning about too small 'open files' limit 
[RT #18269].
 2008-07-11 23:05:46 +00:00
Tatuya JINMEI 神明達哉
015fea0a27 removed a redundant tab 2008-06-23 23:15:59 +00:00
Tatuya JINMEI 神明達哉
386d3a99c1 2375. [security] Fully randomize UDP query ports to improve 
forgery resilience. [RT #17949, #18098]
 2008-06-23 19:41:20 +00:00
Automatic Updater
11156f82ba update copyright notice 2008-05-21 23:47:01 +00:00
Evan Hunt
5a17fe2916 Default values of zone ACLs were re-parsed each time a new zone was 
configured, causing an overconsumption of memory. [rt18092]
 2008-05-21 23:17:21 +00:00
Automatic Updater
ddad355529 update copyright notice 2008-04-03 06:09:05 +00:00
Mark Andrews
8907d8fa04 2355. [func] Extend the number statistics counters available. 
[RT #17590]
 2008-04-03 05:55:52 +00:00
Mark Andrews
db30f4bdcb 2353. [func] Add support for Name Server ID (RFC 5001). 
'dig +nsid' requests NSID from server.
                        'request-nsid yes;' causes recursive server to send
                        NSID requests to upstream servers.  Server responds
                        to NSID requests with the string configured by
                        'server-id' option.  [RT #17091]
 2008-04-03 02:01:08 +00:00