mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 22:15:20 +00:00
Code Issues Releases Wiki Activity
36,640 Commits 660 Branches 820 Tags
c533e8bc5ba3278c8252b51c13f7b1489a828a56
Commit Graph

134 Commits

Author SHA1 Message Date
Evan Hunt
995c41e8f0 [master] further restrict update-policy local 
4762.	[func]		"update-policy local" is now restricted to updates
			from local addresses. (Previously, other addresses
			were allowed so long as updates were signed by the
			local session key.) [RT #45492]
 2017-10-06 15:43:31 -07:00
Evan Hunt
b103b0c011 [master] remap getaddrinfo() to irs_getgetaddrinfo() 
The libirs version of getaddrinfo() cannot be called from within BIND9.
 2017-09-11 15:03:57 -07:00
Evan Hunt
8eb88aafee [master] add libns and remove liblwres 
4708.   [cleanup]       Legacy Windows builds (i.e. for XP and earlier)
                        are no longer supported. [RT #45186]

4707.	[func]		The lightweight resolver daemon and library (lwresd
			and liblwres) have been removed. [RT #45186]

4706.	[func]		Code implementing name server query processing has
			been moved from bin/named to a new library "libns".
			Functions remaining in bin/named are now prefixed
			with "named_" rather than "ns_".  This will make it
			easier to write unit tests for name server code, or
			link name server functionality into new tools.
			[RT #45186]
 2017-09-08 13:47:34 -07:00
Michał Kępień
efe7977c4d [master] Add -4/-6 command line options to nsupdate and rndc 
4691.	[func]		Add -4/-6 command line options to nsupdate and rndc.
			[RT #45632]
 2017-08-29 10:21:54 +02:00
Michał Kępień
1aa583b5a5 [master] Prevent nsupdate from immediately exiting on invalid user input in interactive mode 
4683.	[bug]		Prevent nsupdate from immediately exiting on invalid
			user input in interactive mode. [RT #28194]
 2017-08-17 08:29:12 +02:00
Mark Andrews
cda91a09e4 4651. [bug] Nsupdate could attempt to use a zeroed address on 
server timeout. [RT #45417]

(cherry picked from commit dac36869f3)
 2017-07-19 15:36:41 +10:00
Mark Andrews
e51d62ecae 4629. [bug] dns_client_startupdate could not be called with a 
running client. [RT #45277]
 2017-05-30 09:47:41 +10:00
Evan Hunt
d39ab7440e [master] automatically tune max-journal-size 
4613.	[func]		By default, the maximum size of a zone journal file
			is now twice the size of the zone's contents (there
			is little benefit to a journal larger than this).
			This can be overridden by setting "max-journal-size"
			to "unlimited" or to an explicit value up to 2G.
			Thanks to Tony Finch. [RT #38324]
 2017-05-02 13:23:08 -07:00
Evan Hunt
6ce8a05f6c [master] update copyrights that had been missed recently 2017-04-23 17:06:00 -07:00
Mukund Sivaraman
dd7d1df874 Increase minimum RSA keygen size to 1024 bits (#36895) 2017-04-21 12:00:40 +05:30
Mark Andrews
8ca45ba01a 4533. [bug] dns_client_update should terminate on prerequiste 
failures (NXDOMAIN, YXDOMAIN, NXRRSET, YXRRSET)
                        and also on BADZONE.  [RT #43865]
 2016-12-13 15:47:03 +11:00
Curtis Blackburn
f621b255d9 corrected typo in nsupdate test (DIG-->$DIG) 2016-11-02 18:09:37 -07:00
Mark Andrews
5f8412a4cb 4504. [security] Allow the maximum number of records in a zone to 
be specified.  This provides a control for issues
                        raised in CVE-2016-6170. [RT #42143]
 2016-11-02 17:31:27 +11:00
Witold Krecicki
358dfaee18 4487. [test] Make system tests work on Windows. [RT #42931] 2016-10-19 17:18:42 +02:00
Mark Andrews
d811a7d9ef 4405. [bug] Change 4342 introduced a regression where you could 
not remove a delegation in a NSEC3 signed zone using
                        OPTOUT via nsupdate. [RT #42702]
 2016-07-06 10:13:15 +10:00
Mark Andrews
0c27b3fe77 4401. [misc] Change LICENSE to MPL 2.0. 2016-06-27 14:56:38 +10:00
Tinderbox User
dce54b9b5c update copyright notice / whitespace 2016-06-14 23:45:25 +00:00
Mark Andrews
3635d8f910 do not overflow exit status. [RT #42643] 2016-06-14 13:48:39 +10:00
Tinderbox User
a269ca51cc update copyright notice / whitespace 2015-04-14 23:45:21 +00:00
Mukund Sivaraman
ac31adc3b7 Add additional logging about xfrin transfer status (#39170) 2015-04-14 12:16:26 +05:30
Mark Andrews
ed1c845c1d 3964. [func] nsupdate now performs check-names processing. 
[RT #36266]
 2014-10-02 09:35:43 +10:00
Mark Andrews
5c420ccc29 drop 'I:send many simultaneous updates via a update forwarder' test until re-written using perl 2014-09-07 22:08:45 +10:00
Mark Andrews
76a17033db also fix the expected count 2014-09-07 20:24:59 +10:00
Mark Andrews
48179343c2 reduce number of nsupdates being simultaeously forked 2014-09-07 20:24:14 +10:00
Mark Andrews
74717eef53 3939. [func] Improve UPDATE forwarding performance by allowing TCP 
connections to be shared. [RT #37039]
 2014-09-04 10:37:45 +10:00
Mark Andrews
5b56f2e3cc zero pad date and month fields 2014-05-01 11:41:32 +10:00
Evan Hunt
7318bbc262 [master] serial-update-method date; 
3811.	[func]		"serial-update-method date;" sets serial number
			on dynamic update to today's date in YYYYMMDDNN
			format. (Thanks to Bradley Forschinger.) [RT #24903]
 2014-04-17 16:05:50 -07:00
Evan Hunt
35f6a21f5f [master] max-zone-ttl 
3746.	[func]		New "max-zone-ttl" option enforces maximum
			TTLs for zones. If loading a zone containing a
			higher TTL, the load fails. DDNS updates with
			higher TTLs are accepted but the TTL is truncated.
			(Note: Currently supported for master zones only;
			inline-signing slaves will be added.) [RT #38405]
 2014-02-18 23:26:50 -08:00
Tinderbox User
aa7b16ec2a update copyright notice 2014-01-21 23:46:16 +00:00
Evan Hunt
d58e33bfab [master] testcrypto.sh in system tests 
3714.	[test]		System tests that need to test for cryptography
			support before running can now use a common
			"testcrypto.sh" script to do so. [RT #35213]
 2014-01-20 16:08:09 -08:00
Mark Andrews
d6f99498d6 3639. [bug] Treat type 65533 (KEYDATA) as opaque except when used 
in a key zone. [RT #34238]
 2013-09-04 13:14:06 +10:00
Evan Hunt
2425d8bb7c [master] truncate logged rdata if too long 
3490.	[bug]		When logging RDATA during update, truncate if it's
                        too long. [RT #32365]

cherry picked from:
        commit 16ddb566e5a5b57bf925adef2b5543dddc1de49b
        commit cd97e0c23b09f38aac49aabab66ee13c68b7a3f3
        commit d087fa982649c081d58c5bb16e63da3428e2b89d
        commit d0795bdffef57612dd7654ffd09c9f4216eee2c8
 2013-02-20 13:54:52 -08:00
Evan Hunt
ffff5d6792 [master] fix dns_request_createvia assert 
3474.	[bug]		nsupdate could assert when the local and remote
			address families didn't match. [RT #22897]
 2013-01-23 15:39:05 -08:00
Tinderbox User
6fe42ff85c update copyright notice 2013-01-04 23:45:53 +00:00
Evan Hunt
222d38735f [master] allow-query-on works now 
3448.	[bug]		The allow-query-on ACL was not processed correctly.
			[RT #29486]
 2013-01-03 15:13:45 -08:00
Mark Andrews
6301757d64 don't wipe out named.run when restarting 2012-12-14 17:39:22 +11:00
Evan Hunt
de5890da9b [master] support all algorithms in ddns-confgen 
3431.	[bug]		ddns-confgen: Some valid key algorithms were
			not accepted. [RT #31927]
 2012-12-05 16:36:58 -08:00
Mark Andrews
d1f43359e4 3379. [bug] nsupdate terminated unexpectedly in interactive mode 
if built with readline support. [RT #29550]
 2012-08-22 13:38:51 +10:00
Mark Andrews
bf8267aa45 reverse bad copyright update 2012-06-29 11:39:47 +10:00
Tinderbox User
247bf37860 update copyright notice 2012-06-29 01:22:18 +00:00
Tinderbox User
5fa46bc916 update copyright notice 2012-03-10 23:45:53 +00:00
Mark Andrews
f5b7359c57 Allow nsupdate to report which types it knows the internal structure to. 2012-03-05 11:38:07 +11:00
Evan Hunt
1d32b1df37 3244. [func] Added readline support to nslookup and nsupdate. 
Also simplified nsupdate syntax to make "update"
			and "prereq" optional. [RT #24659]
 2011-12-16 23:01:17 +00:00
Mark Andrews
a69070d8fa 3130. [func] Support alternate methods for managing a dynamic 
zone's serial number.  Two methods are currently
                        defined using serial-update-method, "increment"
                        (default) and "unixtime".  [RT #23849]
 2011-07-01 02:25:48 +00:00
Evan Hunt
cba23be7ba Add the newly discovered PoD to the nsupdate test. (No CHANGES note.) 2011-06-21 22:15:05 +00:00
Evan Hunt
2a6d60615c Fixed an nsupdate test error 2011-06-09 00:15:05 +00:00
Evan Hunt
6de9744cf9 3124. [bug] Use an rdataset attribute flag to indicate 
negative-cache records rather than using rrtype 0;
			this will prevent problems when that rrtype is
			used in actual DNS packets. [RT #24777]

3123.	[security]	Change #2912 exposed a latent flaw in
			dns_rdataset_totext() that could cause named to
			crash with an assertion failure. [RT #24777]
 2011-06-08 22:13:51 +00:00
Evan Hunt
47e70d820e 3118. [bug] nsupdate could dump core on shutdown when using 
SIG(0) keys. [RT #24604]
 2011-05-23 22:25:32 +00:00
Evan Hunt
ac21f918f2 3109. [func] The also-notify option now uses the same syntax 
as a zone's masters clause.  This means it is
			now possible to specify a TSIG key to use when
			sending notifies to a given server, or to include
			an explicit named masters list in an also-notfiy
			statement.  [RT #23508]
 2011-05-06 21:23:51 +00:00
Evan Hunt
ea5334a36e fixed a missing / in /dev/null 2011-03-18 02:08:45 +00:00