mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-28 21:17:54 +00:00
Code Issues Releases Wiki Activity
17,794 Commits 656 Branches 820 Tags
Commit Graph

142 Commits

Author SHA1 Message Date
Mark Andrews
c87f15dac8 2976. [bug] named die on exit after negotiating a GSS-TSIG key. [RT #3415] 2010-12-02 23:22:42 +00:00
Evan Hunt
bf9b852c3e 2929. [bug] Improved handling of GSS security contexts: 
- added LRU expiration for generated TSIGs
			 - added the ability to use a non-default realm
                         - added new "realm" keyword in nsupdate
			 - limited lifetime of generated keys to 1 hour
			   or the lifetime of the context (whichever is
			   smaller)
			[RT #19737]
 2010-07-09 05:13:15 +00:00
Automatic Updater
230987e819 update copyright notice 2010-03-12 23:51:11 +00:00
Mark Andrews
c19f322914 2866. [bug] Windows does not like the TSIG name being compressed. 
[RT #20986]
 2010-03-12 03:34:56 +00:00
Automatic Updater
754cb8a2b3 update copyright notice 2009-06-11 23:47:56 +00:00
Evan Hunt
351b62535d 2609. [func] Simplify the configuration of dynamic zones: 
- add ddns-confgen command to generate
			  configuration text for named.conf
			- add zone option "ddns-autoconf yes;", which
			  causes named to generate a TSIG session key
			  and allow updates to the zone using that key
			- add '-l' (localhost) option to nsupdate, which
			  causes nsupdate to connect to a locally-running
			  named process using the session key generated
			  by named
			[RT #19284]
 2009-06-10 00:27:22 +00:00
Mark Andrews
09416abf2d remove debugging log that was accidently left in 2008-11-04 21:23:14 +00:00
Mark Andrews
3f42cf2f3e 2349. [func] Provide incremental re-signing support for secure 
dynamic zones. [RT #1091]

back out incorrect branch rt1091 and apply correct branch rt1091a.
 2008-04-02 02:37:42 +00:00
Mark Andrews
a76b380643 2349. [func] Provide incremental re-signing support for secure 
dynamic zones. [RT #1091]
 2008-04-01 01:37:25 +00:00
Automatic Updater
2f012d936b update copyright notice 2008-01-18 23:46:58 +00:00
Automatic Updater
1da14e066c update copyright notice 2008-01-02 23:47:02 +00:00
Mark Andrews
dc19dcbc23 2283. [bug] TSIG keys were not attaching to the memory 
context.  TSIG keys should use the rings
                        memory context rather than the clients memory
                        context. [RT #17377]
 2008-01-02 04:24:59 +00:00
Evan Hunt
8327cdb88f Fixes for several errors found by Coverity. [rt17160] 2007-09-24 17:18:25 +00:00
Automatic Updater
70e5a7403f update copyright notice 2007-06-19 23:47:24 +00:00
Automatic Updater
ec5347e2c7 update copyright notice 2007-06-18 23:47:57 +00:00
Mark Andrews
289ae548d5 2105. [func] GSS-TSIG support (RFC 3645). 2006-12-04 01:54:53 +00:00
Mark Andrews
a8f950ff05 2013. [bug] Handle unexpected TSIGs on unsigned AXFR/IXFR 
responses more gracefully. [RT #15941]
 2006-05-02 04:07:36 +00:00
Mark Andrews
1412643ba5 2004. [bug] dns_tsig_sign() could pass a NULL pointer to 
dst_context_destroy() when cleaning up after a
                        error. [RT #15835]
 2006-03-08 03:51:01 +00:00
Mark Andrews
26e2a07a0b update copyright notice 2006-01-27 23:57:46 +00:00
Mark Andrews
c6d4f78152 1973. [func] TSIG HMACSHA1, HMACSHA224, HMACSHA256, HMACSHA384 and 
HMACSHA512 support. [RT #13606]
 2006-01-27 02:35:15 +00:00
Mark Andrews
2674e1a455 1940. [bug] Fixed a number of error conditions reported by 
Coverity.
 2005-11-30 03:33:49 +00:00
Mark Andrews
18d0b5e54b 1900. [port] freebsd: pthread_mutex_init can fail if it runs out 
of memory. [RT #14995]
 2005-07-12 01:00:20 +00:00
Rob Austein
ab023a6556 1851. [doc] Doxygen comment markup. [RT #11398] 2005-04-27 04:57:32 +00:00
Mark Andrews
9f069b2771 update copyright notice 2005-03-17 03:56:12 +00:00
Mark Andrews
713ad87a7f 1832. [bug] named fails to return BADKEY on unknown TSIG algorithm. 
[RT #13620]
 2005-03-16 01:47:16 +00:00
Mark Andrews
dafcb997e3 update copyright notice 2004-03-05 05:14:21 +00:00
Brian Wellington
4b171ebd70 1229. [bug] named would crash if it received a TSIG signed 
query as part of an AXFR response. [RT #2570]
 2002-03-14 18:34:48 +00:00
Andreas Gustafsson
1f1d36a87b Check return values or cast them to (void), as required by the coding 
standards; add exceptions to the coding standards for cases where this is
not desirable
 2001-11-30 01:59:49 +00:00
Danny Mayer
e61793f086 Added LIB*_EXTERNAL_DATA Macros necessary to make lib extern variables globally visible in Win32 2001-11-19 03:08:44 +00:00
Brian Wellington
ff7b9eede9 dns_tsigkey_createfromkey wasn't checking that the key algorithm matched the 
key name.
 2001-09-27 17:49:11 +00:00
Andreas Gustafsson
76c8294c81 format string bugs and improved format string checking [RT #1578] 2001-08-08 22:54:55 +00:00
Brian Wellington
26a5f97dd8 Don't refer to keys as "TSIG keys", since they might be used for rndc only, 
and this could be confusing.
 2001-07-26 20:54:35 +00:00
Brian Wellington
0a9a3d8c6d 904. [bug] The server would leak memory if attempting to use 
an expired TSIG key. [RT #1406]
 2001-06-15 02:24:02 +00:00
David Lawrence
92ef1a9b9d use ISC_MAGIC for all magic numbers, for our friends in EBCDIC land 2001-06-04 19:33:39 +00:00
Danny Mayer
db1bfc3151 htons needs cast for win32 2001-05-06 02:23:06 +00:00
Brian Wellington
5ea0d11ca4 771. [cleanup] TSIG errors related to unsynchronized clocks 
are logged better.
 2001-03-07 20:53:32 +00:00
Brian Wellington
100d0d2ec6 Use a refcount instead of an explicit mutex and integer. 2001-02-13 03:57:06 +00:00
Brian Wellington
9d967288c3 zero length keys from the config file were not being logged as too short to be 
secure.
 2001-01-22 20:27:04 +00:00
Brian Wellington
564c1b8f42 remove the use of abs(), which could have led to false positives because of 
64 to 32 bit truncation.
 2001-01-16 22:47:56 +00:00
Andreas Gustafsson
4755b174df simplified constant names, eliminating the dns_constname structs 2001-01-11 21:07:21 +00:00
Andreas Gustafsson
8c56932f9a yet another potential memory leak 2001-01-11 20:30:51 +00:00
Mark Andrews
19c7cce855 674. [func] Allow messages to be TSIG signed / verified using 
a offset from the current time.
 2001-01-09 23:35:33 +00:00
Brian Wellington
499b34cea0 copyright update 2001-01-09 22:01:04 +00:00
Mark Andrews
0c70ab3065 672. [bug] The wrong time was in the "time signed" field when 
replying with BADTIME error.
 2001-01-09 14:32:44 +00:00
Brian Wellington
6734ac097f #include <isc/print.h> 2000-12-08 03:10:32 +00:00
Brian Wellington
020ebf1190 log the reasons for various verify failures. 2000-12-07 20:13:29 +00:00
Andreas Gustafsson
7863e6bd43 provide a more detailed error message when configuring 
a TSIG key fails [RT #461]
 2000-11-15 00:52:04 +00:00
Mark Andrews
368b37b616 dns_rdata_invalidate -> dns_rdata_reset 2000-10-31 03:22:05 +00:00
Mark Andrews
c03bb27f06 532. [func] Implement DNS UPDATE pseudo records using 
DNS_RDATA_UPDATE flag.

 531.   [func]          Rdata really should be initalized before being
                        assigned to (dns_rdata_fromwire(), dns_rdata_fromtext(),
                        dns_rdata_clone(), dns_rdata_fromregion()),
                        check that it is.
 2000-10-25 04:26:57 +00:00
Brian Wellington
0e5d6900bd Various hacks to allow (at some point in the future) interoperability 
with Windows 2000's broken implementation of TKEY.
 2000-10-12 00:40:52 +00:00