mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-28 13:08:06 +00:00
Code Issues Releases Wiki Activity
13,672 Commits 660 Branches 820 Tags
Commit Graph

280 Commits

Author SHA1 Message Date
Mark Andrews
c2b2bd69fa 1977. [bug] Silence noisy log message. [RT #15704] 2006-02-02 22:48:58 +00:00
Mark Andrews
a1bc941093 1959. [func] Control the zeroing of the negative response TTL to 
a soa query.  Defaults "zero-no-soa-ttl yes;" and
                        "zero-no-soa-ttl-cache no;". [RT #15460]
 2006-01-05 02:19:02 +00:00
Mark Andrews
acb4f52369 update copyright notice 2006-01-04 23:50:24 +00:00
Mark Andrews
fabf2ee6b0 1947. [func] It is now possible to configure named to accept 
expired RRSIGs.  Default "dnssec-accept-expired no;".
                        Setting "dnssec-accept-expired yes;" leaves named
                        vulnerable to replay attacks.  [RT #14685]
 2006-01-04 02:35:49 +00:00
Mark Andrews
2674e1a455 1940. [bug] Fixed a number of error conditions reported by 
Coverity.
 2005-11-30 03:33:49 +00:00
Mark Andrews
faa4af28cf 1935. [bug] 'acache' was DO sensitive. [RT #15430] 
1934.   [func]          Validate pending NS RRsets, in the authority section,
                        prior to returning them if it can be done without
                        requiring DNSKEYs to be fetched.  [RT #15430]
 2005-11-02 01:28:45 +00:00
Mark Andrews
982e072a50 1927. [bug] Access to soanode or nsnode in rbtdb violated the 
lock order rule and could cause a dead lock.
                        [RT# 15518]
 2005-10-13 01:58:32 +00:00
Mark Andrews
03e200df5d 1913. [func] Integrate contibuted DLZ code into named. [RT #11382] 2005-09-05 00:12:29 +00:00
Mark Andrews
6b79e960e6 1913. [func] Automatic empty zone creation for D.F.IP6.ARPA and 
friends.  Note: RFC 1918 zones are not yet covered by
                        this but are likely to be in a future release.

                        New options: empty-server, empty-contact,
                        empty-zones-enable and disable-empty-zone.
 2005-08-18 00:57:31 +00:00
Mark Andrews
7c678cfe0b 1910. [cleanup] Don't add DNSKEY records to the additional section. 2005-08-11 04:45:38 +00:00
Mark Andrews
7a80d6d5ba result was not being assigned. 2005-07-28 05:46:12 +00:00
Mark Andrews
8abe06b25d 1905. [bug] Recursive clients soft quota support wasn't working 
as expected. [RT #15103]
 2005-07-27 02:29:01 +00:00
Mark Andrews
fd780f3d47 1891. [func] Limit the number of recursive clients that can be 
waiting for a single query (<qname,qtype,qclass>) to
                        resolve.  New options clients-per-query and
                        max-clients-per-query.
 2005-06-27 00:15:45 +00:00
Mark Andrews
9b80f3a7c7 1887. [func] Detect duplicates of UDP queries we are recursing on 
and drop them.  New stats category "duplicates".
                        [RT #14892]
 2005-06-17 01:58:23 +00:00
Mark Andrews
361a71b7e6 typo in comment 2005-05-16 05:33:42 +00:00
Rob Austein
ab023a6556 1851. [doc] Doxygen comment markup. [RT #11398] 2005-04-27 04:57:32 +00:00
Mark Andrews
b7b6b01a0d update copyright 2005-03-16 00:55:19 +00:00
Mark Andrews
e50b75e36c 1804. [bug] Ensure that if we are queried for glue that it fits 
in the additional section or TC is set to tell the
                        client to retry using TCP. [RT #10114]
 2005-03-15 01:29:10 +00:00
Tatuya JINMEI 神明達哉
d0eb2cc33c 1526. [func] Implemented "additional section caching (or acache)", 
an internal cache framework for additional section
			content to improve response performance.  Several
			configuration options were provided to control the
			behavior.
 2004-12-21 10:45:20 +00:00
Mark Andrews
85609ef4d7 order should be signed. 2004-06-30 14:16:06 +00:00
Mark Andrews
5b4a9ac6bf 1675. [bug] named would sometimes add extra NSEC records to 
the authority section.
 2004-06-29 00:51:50 +00:00
Mark Andrews
4499c6cd5e 1635. [bug] Memory leak on error in query_addds(). 2004-05-14 00:10:52 +00:00
Mark Andrews
42b48d11ca hide ((isc_event_t **) (void *)) cast using a macro, ISC_EVENT_PTR. 2004-04-15 01:58:25 +00:00
Mark Andrews
50105afc55 1589. [func] DNSSEC lookaside validation. 
enable-dnssec -> dnssec-enable
 2004-03-10 02:19:58 +00:00
Mark Andrews
dafcb997e3 update copyright notice 2004-03-05 05:14:21 +00:00
Mark Andrews
2047977ce2 1586. [func] "check-names" is now implemented. 2004-02-27 20:41:51 +00:00
Mark Andrews
89783da064 1581. [func] Disable DNSSEC support by default. To enable 
DNSSEC specify "enable-dnssec yes;" in named.conf.
 2004-02-17 03:40:23 +00:00
Mark Andrews
daa73eae70 silence punned messages 2004-02-03 00:59:05 +00:00
Mark Andrews
73f5c1ff00 stop listening to AD 2004-01-27 05:01:12 +00:00
Mark Andrews
2f35edba9c AD is independent of DO/AD 2004-01-21 15:47:22 +00:00
Mark Andrews
9cf0970f43 1561. [bug] It was possible to release the same name twice if 
named ran out of memory. [RT #10197]
 2004-01-21 15:44:24 +00:00
Mark Andrews
35541328a8 1558. [func] New DNSSEC 'disable-algorithms'. Support entry into 
child zones for which we don't have a supported
                        algorithm.  Such child zones are treated as unsigned.

1557.   [func]          Implement missing DNSSEC tests for
                        * NOQNAME proof with wildcard answers.
                        * NOWILDARD proof with NXDOMAIN.
                        Cache and return NOQNAME with wildcard answers.
 2004-01-14 02:06:51 +00:00
Tatuya JINMEI 神明達哉
e407562a75 1528. [cleanup] Simplify some dns_name_ functions based on the 
deprecation of bitstring labels.
 2003-10-25 00:31:12 +00:00
Mark Andrews
93d6dfaf66 1516. [func] Roll the DNSSEC types to RRSIG, NSEC and DNSKEY. 2003-09-30 06:00:40 +00:00
Tatuya JINMEI 神明達哉
1e271ac738 typo: s/baliwick/bailiwick/ 
(I hope it is okay to commit this since it is so trivial)
 2003-07-29 22:05:01 +00:00
Mark Andrews
b0c2141b23 1464. [bug] Preserve "out of zone" data for outgoing zone 
transfers. [RT #5192]
 2003-04-17 05:40:45 +00:00
Mark Andrews
0c2509b0b9 1449. [bug] query_addbestns() didn't handle running out of memory 
gracefully.
developer: marka
reviewer: explorer
 2003-02-27 02:11:16 +00:00
Mark Andrews
8b5de97014 1448. [bug] Handle empty wildcards labels. 
developer: marka
reviewer: explorer
 2003-02-27 00:19:04 +00:00
Mark Andrews
308094e467 arguements reversed 2003-01-31 12:07:56 +00:00
Mark Andrews
838d608e6f 1422. [func] Log name/type/class when denying a query. [RT #4663] 2003-01-21 06:11:46 +00:00
Mark Andrews
421e4cf66e 1416. [bug] Empty node should return NOERROR NODATA, not NXDOMAIN. 
[RT #4715]
developer: marka
reviewer: explorer
 2003-01-18 03:18:31 +00:00
Mark Andrews
c86eed4bde 1410. [func] handle records that live in the parent zone, e.g. DS. 
developer: marka
reviewer: explorer
 2003-01-14 00:28:50 +00:00
Mark Andrews
49a940dc68 1402. [cleanup] A6 has been moved to experimental and is no longer 
fully supported.
developer: jinmei
reviewer: marka
 2002-11-27 09:52:58 +00:00
Mark Andrews
02b772da47 developer: bwelling 
reviewed: marka
Generating a response when the qname matches a wildcard and the type
doesn't exist didn't work; the NXT name was improperly expanded and the
wildcard proof was omitted.
 2002-09-11 06:36:17 +00:00
Michael Graff
ab7ce5eb6e detach from quota in an error case. I don't know if this is strictly needed, 
but it makes sense.  It is probably done later as well, but all places
check for the pointer != NULL, so we'll be ok.
 2002-09-08 18:40:58 +00:00
Mark Andrews
9130ab90fe developer: bwelling 
reviewer: marka
DNSSEC wildcard negative proof responses were longer than necessary in
some cases; the existence of a node for which the qname is a subdomain
obscures all shallower wildcards.

That is, query for y.x.foo.com.  If the response contains an NXT
at x.foo.com, it's not necessary to prove that there's no wildcard at
*.foo.com, since it wouldn't be matched anyway.
 2002-09-06 03:47:56 +00:00
Mark Andrews
b6309ed962 developer: jinmei 
reviewer: marka
1368.   [func]          remove support for bitstring labels.
 2002-08-27 04:53:43 +00:00
Mark Andrews
a2239239cf reviewed: marka 
developer: bwelling
don't attempt to generate a wildcard proof unless the zone is secure.
 2002-08-19 21:32:56 +00:00
Mark Andrews
95d24aa0d0 prevent assertion failure 2002-08-07 02:03:49 +00:00
Mark Andrews
4c342614f8 1354. [bug] Fix DNSSEC wildcard proof for CNAME/DNAME. 2002-08-06 01:50:28 +00:00