mir/bind - bind - Mike's Git repositories

mir/bind

mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-22 01:59:26 +00:00

Author	SHA1	Message	Date
Evan Hunt	ba0313e649	fix spelling errors reported by Fossies.	2020-02-21 15:05:08 +11:00
Evan Hunt	2df13f79ef	update copyright year to 2020	2020-01-02 21:45:30 -08:00
Evan Hunt	f9c07c78bc	remove DLV support from dnssec-signzone	2019-08-09 09:18:02 -07:00
Evan Hunt	022649abc3	document `-q` option in dnssec-signzone and dnssec-verify man pages	2019-07-31 10:05:52 +02:00
Mark Andrews	dc64b70616	update copyrights	2019-01-02 10:20:43 +11:00
Matthijs Mekking	0737079824	Replace some more DSA examples with ECDSAP256SHA256 (cherry picked from commit 5f27dc35df7651be8bfd24138c2ccd6fd28806af)	2018-12-06 14:47:05 +01:00
Ondřej Surý	2b8fab6828	Remove genrandom command and all usage of specific random files throughout the system test suite	2018-05-16 09:54:35 +02:00
Ondřej Surý	843d389661	Update license headers to not include years in copyright in all applicable files	2018-02-23 10:12:02 +01:00
Evan Hunt	30419509dd	[master] README and relnote fixes	2017-10-17 13:47:33 -07:00
Evan Hunt	20502f35dd	[master] allow CDS/CDNSKEY records to be signed with only KSK 4721. [func] 'dnssec-signzone -x' and 'dnssec-dnskey-kskonly' options now apply to CDNSKEY and DS records as well as DNSKEY. Thanks to Tony Finch. [RT #45689]	2017-09-12 23:09:48 -07:00
Tinderbox User	b4099ed035	update copyright notice / whitespace	2017-04-11 23:45:37 +00:00
Evan Hunt	a477a025d5	[master] correct -M in synopsis	2017-04-11 12:24:10 -07:00
Mark Andrews	1b8ce3b330	4527. [doc] Support DocBook XSL Stylesheets v1.79.1. [RT #43831 ]	2016-12-07 10:49:55 +11:00
Mark Andrews	30e4fbdfb5	consolidate copyrights	2016-07-21 17:24:07 +10:00
Tinderbox User	6807a2dc3c	regen master	2016-07-21 07:11:01 +00:00
Mark Andrews	813e9f7ee2	copyright	2016-07-21 17:00:44 +10:00
Mark Andrews	0c27b3fe77	4401. [misc] Change LICENSE to MPL 2.0.	2016-06-27 14:56:38 +10:00
Mark Andrews	30eec077db	cleanup trailing white space in SGML like files	2015-10-22 16:09:46 +11:00
Tinderbox User	19c7b1a029	update copyright notice / whitespace	2015-10-06 23:45:23 +00:00
Tinderbox User	2eeb74d1cf	regen master	2015-10-06 05:45:21 +00:00
Evan Hunt	14a656f94b	[master] upgrade doc toolchain 4237. [doc] Upgraded documentation toolchain to use DocBook 5 and dblatex. [RT #40766]	2015-10-05 21:59:35 -07:00
Jeremy C. Reed	f3150c99d7	add missing -Q from synopsis	2014-08-22 08:22:17 -05:00
Mukund Sivaraman	4278293107	[10686] Add version printing option to various BIND utilites Squashed commit of the following: commit 95effe9b2582a7eb878ccb8cb9ef51dfc5bbfde7 Author: Evan Hunt <each@isc.org> Date: Tue Jun 10 16:52:45 2014 -0700 [rt10686] move version() to dnssectool.c commit df205b541d1572ea5306a5f671af8b54b9c5c770 Author: Mukund Sivaraman <muks@isc.org> Date: Tue Jun 10 21:38:31 2014 +0530 Rearrange order of cases commit cfd30893f2540bf9d607e1fd37545ea7b441e0d0 Author: Mukund Sivaraman <muks@isc.org> Date: Tue Jun 10 21:38:08 2014 +0530 Add version printer to dnssec-verify commit a625ea338c74ab5e21634033ef87f170ba37fdbe Author: Mukund Sivaraman <muks@isc.org> Date: Tue Jun 10 21:32:19 2014 +0530 Add version printer to dnssec-signzone commit d91e1c0f0697b3304ffa46fccc66af65591040d9 Author: Mukund Sivaraman <muks@isc.org> Date: Tue Jun 10 21:26:01 2014 +0530 Add version printer to dnssec-settime commit 46fc8775da3e13725c31d13e090b406d69b8694f Author: Mukund Sivaraman <muks@isc.org> Date: Tue Jun 10 21:25:48 2014 +0530 Fix docbook commit 8123d2efbd84cdfcbc70403aa9bb27b96921bab2 Author: Mukund Sivaraman <muks@isc.org> Date: Tue Jun 10 21:20:17 2014 +0530 Add version printer to dnssec-revoke commit d0916420317d3e8c69cf1b37d2209ea2d072b913 Author: Mukund Sivaraman <muks@isc.org> Date: Tue Jun 10 21:17:54 2014 +0530 Add version printer to dnssec-keygen commit 93b0bd5ebc043298dc7d8f446ea543cb40eaecf8 Author: Mukund Sivaraman <muks@isc.org> Date: Tue Jun 10 21:14:11 2014 +0530 Add version printer to dnssec-keyfromlabel commit 07001bcd9ae2d7b09dd9e243b0ab35307290d05d Author: Mukund Sivaraman <muks@isc.org> Date: Tue Jun 10 21:13:39 2014 +0530 Update usage help output, docbook commit 85cdd702f41c96fbc767fc689d1ed97fe1f3a926 Author: Mukund Sivaraman <muks@isc.org> Date: Tue Jun 10 21:07:18 2014 +0530 Add version printer to dnssec-importkey commit 9274fc61e38205aad561edf445940b4e73d788dc Author: Mukund Sivaraman <muks@isc.org> Date: Tue Jun 10 21:01:53 2014 +0530 Add version printer to dnssec-dsfromkey commit bf4605ea2d7282e751fd73489627cc8a99f45a90 Author: Mukund Sivaraman <muks@isc.org> Date: Tue Jun 10 20:49:22 2014 +0530 Add -V to nsupdate usage output	2014-06-16 12:10:38 +05:30
Evan Hunt	b4ba66ba1e	[master] "dnssec-signzone -N date" 3827. [func] "dnssec-signzone -N date" updates serial number to the current date in YYYYMMDDNN format. [RT #35800]	2014-04-29 16:29:20 -07:00
Evan Hunt	1753d3c4d7	[master] correct dates in man pages	2014-02-27 11:43:10 -08:00
Evan Hunt	35f6a21f5f	[master] max-zone-ttl 3746. [func] New "max-zone-ttl" option enforces maximum TTLs for zones. If loading a zone containing a higher TTL, the load fails. DDNS updates with higher TTLs are accepted but the TTL is truncated. (Note: Currently supported for master zones only; inline-signing slaves will be added.) [RT #38405]	2014-02-18 23:26:50 -08:00
Tinderbox User	6ea2385360	regen master	2014-01-16 01:05:38 +00:00
Evan Hunt	ba751492fc	[master] native PKCS#11 support 3705. [func] "configure --enable-native-pkcs11" enables BIND to use the PKCS#11 API for all cryptographic functions, so that it can drive a hardware service module directly without the need to use a modified OpenSSL as intermediary (so long as the HSM's vendor provides a complete-enough implementation of the PKCS#11 interface). This has been tested successfully with the Thales nShield HSM and with SoftHSMv2 from the OpenDNSSEC project. [RT #29031]	2014-01-14 15:40:56 -08:00
Evan Hunt	0bbe3273a2	[master] dnssec-signzone -Q 3686. [func] "dnssec-signzone -Q" drops signatures from keys that are still published but no longer active. [RT #34990]	2013-12-11 13:25:21 -08:00
Mark Andrews	cbadc440b9	typos	2013-10-13 11:12:43 +11:00
Tinderbox User	43b9448395	regen master	2013-01-25 01:04:51 +00:00
Evan Hunt	c9611b4573	[master] change "fast" to "map" 3475. [cleanup] Changed name of 'map' zone file format (previously 'fast'). [RT #32458]	2013-01-24 14:20:48 -08:00
Tinderbox User	3b398443f0	update copyright notice	2012-06-21 23:46:36 +00:00
Evan Hunt	6844e3f010	Add documentation for 'fast' format	2012-06-21 15:39:56 -07:00
Evan Hunt	f30785f506	3252. [bug] When master zones using inline-signing were updated while the server was offline, the source zone could fall out of sync with the signed copy. They can now resynchronize. [RT #26676]	2011-12-22 07:32:41 +00:00
Evan Hunt	b4d8192d21	3241. [func] Extended the header of raw-format master files to include the serial number of the zone from which they were generated, if different (as in the case of inline-signing zones). This is to be used in inline-signing zones, to track changes between the unsigned and signed versions of the zone, which may have different serial numbers. (Note: raw zonefiles generated by this version of BIND are no longer compatble with prior versions. To generate a backward-compatible raw zonefile using dnssec-signzone or named-compilezone, specify output format "raw=0" instead of simply "raw".) [RT #26587]	2011-12-08 16:07:22 +00:00
Evan Hunt	d9eebc0849	3211. [func] dnssec-signzone: "-f -" prints to stdout; "-O full" option prints in single-line-per-record format. [RT #20287]	2011-11-07 23:16:31 +00:00
Evan Hunt	35f1a4fc93	3085. [func] New '-R' option in dnssec-signzone forces removal of signatures which have not yet expired but were generated by a key that no longer exists. [RT #22471]	2011-03-21 07:26:47 +00:00
Evan Hunt	61bcc23203	3076. [func] New '-L' option in dnssec-keygen, dnsset-settime, and dnssec-keyfromlabel sets the default TTL of the key. When possible, automatic signing will use that TTL when the key is published. [RT #23304]	2011-03-17 01:40:40 +00:00
Automatic Updater	0e27506ce3	update copyright notice	2011-03-05 23:52:31 +00:00
Mark Andrews	eff7f78bc6	3061. [func] New option "dnssec-signzone -D", only write out generated DNSSEC records. [RT #22896]	2011-03-05 06:35:41 +00:00
Evan Hunt	61271cdee6	3060. [func] New option "dnssec-signzone -X <date>" allows specification of a separate expiration date for DNSKEY RRSIGs and other RRSIGs. [RT #22141]	2011-03-04 22:20:21 +00:00
Evan Hunt	8e4f3f1cbc	2799. [cleanup] Changed the "secure-to-insecure" option to "dnssec-secure-to-insecure", and "dnskey-ksk-only" to "dnssec-dnskey-kskonly", for clarity. [RT #20586]	2009-12-03 23:18:17 +00:00
Evan Hunt	f80b665135	fix typo: s/pcks11/pkcs11/	2009-11-03 21:44:46 +00:00
Evan Hunt	c00929ed9f	additional doc improvement	2009-10-12 23:02:32 +00:00
Evan Hunt	77b8f88f14	2712. [func] New 'auto-dnssec' zone option allows zone signing to be fully automated in zones configured for dynamic DNS. 'auto-dnssec allow;' permits a zone to be signed by creating keys for it in the key-directory and using 'rndc sign <zone>'. 'auto-dnssec maintain;' allows that too, plus it also keeps the zone's DNSSEC keys up to date according to their timing metadata. [RT #19943]	2009-10-12 20:48:12 +00:00
Evan Hunt	3727725bb7	2710. [func] New 'dnssec-signzone -x' flag and 'dnskey-ksk-only' zone option cause a zone to be signed with only KSKs signing the DNSKEY RRset, not ZSKs. This reduces the size of a DNSKEY answer. [RT #20340]	2009-10-10 01:48:00 +00:00
Francis Dupont	8b78c993cb	explicit engine rt20230a	2009-10-05 17:30:49 +00:00
Evan Hunt	a93a66f618	2794. [bug] Reduce default NSEC3 iterations from 100 to 10. [RT #19970]	2009-09-29 22:17:34 +00:00
Evan Hunt	fb596cc9af	2691. [func] dnssec-signzone: retain the existing NSEC or NSEC3 chain when re-signing a previously-signed zone. Use -u to modify NSEC3 parameters or switch between NSEC and NSEC3. [RT #20304]	2009-09-25 06:47:50 +00:00

1 2

86 Commits