mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-28 13:08:06 +00:00
Code Issues Releases Wiki Activity
23,431 Commits 660 Branches 820 Tags
Commit Graph

67 Commits

Author SHA1 Message Date
Tinderbox User
3278ff814d update copyright notice 2014-08-29 23:45:22 +00:00
Evan Hunt
d46855caed [master] ECS authoritative support 
3936.	[func]		Added authoritative support for the EDNS Client
			Subnet (ECS) option.

			ACLs can now include "ecs" elements which specify
			an address or network prefix; if an ECS option is
			included in a DNS query, then the address encoded
			in the option will be matched against "ecs" ACL
			elements.

			Also, if an ECS address is included in a query,
			then it will be used instead of the client source
			address when matching "geoip" ACL elements.  This
			behavior can be overridden with "geoip-use-ecs no;".

			When "ecs" or "geoip" ACL elements are used to
			select a view for a query, the response will include
			an ECS option to indicate which client network the
			answer is valid for.

			(Thanks to Vincent Bernat.) [RT #36781]
 2014-08-28 22:05:57 -07:00
Mark Andrews
3e90f6c373 3910. [bug] When computing the number of elements required for a 
acl count_acl_elements could have a short count leading
                        to a assertion failure.  Also zero out new acl elements
                        in dns_acl_merge.  [RT #36675]
 2014-08-03 10:05:02 +10:00
Mark Andrews
c2638d3d5a protect geoip_elem use with HAVE_GEOIP 2014-05-01 15:03:11 +10:00
Evan Hunt
c0c4512020 [master] fixed geoip elements in named ACLs 
3835.	[bug]		Geoip ACL elements didn't work correctly when
                        referenced via named or nested ACLs. [RT #35879]
 2014-04-30 20:21:56 -07:00
Tinderbox User
0666e6db54 update copyright notice 2014-01-31 23:46:22 +00:00
Evan Hunt
d0803df331 [master] fixed geoip in blackhole ACLs 
3722.	[bug]		Using geoip ACLs in a blackhole statement
			could cause a segfault. [RT #35272]
 2014-01-30 17:03:32 -08:00
Tinderbox User
431a83fb29 update copyright notice 2014-01-09 23:46:35 +00:00
Evan Hunt
e851ea8260 [master] replace memcpy() with memmove(). 
3698.	[cleanup]	Replaced all uses of memcpy() with memmove().
			[RT #35120]
 2014-01-08 16:39:05 -08:00
Evan Hunt
501941f0b6 [master] add geoip support 
3504.	[func]		Add support for ACLs based on geographic location,
			using MaxMind GeoIP databases. Based on code
			contributed by Ken Brownfield <kb@slide.com>.
			[RT #30681]
 2013-02-27 17:19:39 -08:00
Tinderbox User
573d78f3d5 update copyright notice 2013-02-21 23:45:56 +00:00
Evan Hunt
df925e6c66 [master] add zone memory context pools 
3492.	[bug]		Fixed a regression in zone loading performance
			due to lock contention. [RT #30399]
 2013-02-20 21:39:05 -08:00
Automatic Updater
313b4dc3b2 update copyright notice 2011-06-17 23:47:49 +00:00
Evan Hunt
e7220c9b84 3129. [bug] Named could crash on 'rndc reconfig' when 
allow-new-zones was set to yes and named ACLs
			were used, [RT #22739]
 2011-06-17 07:05:02 +00:00
Automatic Updater
d362465c77 update copyright notice 2009-01-17 23:47:43 +00:00
Francis Dupont
584848087f spelling 2009-01-17 14:18:27 +00:00
Mark Andrews
175a8bd2b7 2502. [cleanup] isc_radix: Improve compliance with coding style, 
document function in <isc/radix.h>. [RT #18534]
 2008-12-01 00:04:21 +00:00
Automatic Updater
cdbb3d2774 update copyright notice 2008-09-26 23:47:06 +00:00
Evan Hunt
b0bf1ad5b0 2456. [bug] In ACLs, ::/0 and 0.0.0.0/0 would both match any 
address, regardless of family.  They now correctly
			distinguish IPv4 from IPv6.  [RT #18559]
 2008-09-26 21:12:02 +00:00
Evan Hunt
106360491a address review comment 2008-09-26 16:44:49 +00:00
Evan Hunt
e80f661db8 possible null dereference in dns_acl_isanyornone() [rt18559] 2008-09-12 04:54:39 +00:00
Evan Hunt
aeadcd6319 pull up windows acl leak fix from 9.5.0-P2-W1 2008-09-10 21:52:49 +00:00
Evan Hunt
28ad0be64e Fix a bug causing dns_acl_isany() to return spurious results [rt18000] 2008-04-29 01:01:42 +00:00
Mark Andrews
1fa2ce7eae 2324. [bug] Fix IPv6 matching against "any;" [RT #17533] 2008-01-27 02:13:34 +00:00
Evan Hunt
fc7043d7d1 Used incorrect address family for mapped IPv4 addresses in acl.c. [RT #17519] 2008-01-22 05:37:49 +00:00
Automatic Updater
140a27777d update copyright notice 2008-01-21 23:46:56 +00:00
Evan Hunt
262c39b236 IPv6 addresses could match IPv4 ACL entries and vice versa. [RT #17462] 2008-01-21 20:38:54 +00:00
Automatic Updater
2f012d936b update copyright notice 2008-01-18 23:46:58 +00:00
Automatic Updater
2f99b54e8e update copyright notice 2008-01-17 23:47:00 +00:00
Evan Hunt
1aba9fe678 Fix coverity warnings in acl.c and iptable.c [rt17455] 2008-01-17 08:08:08 +00:00
Mark Andrews
114c14f8ad 2282. [bug] Acl code fixups. [RT #17346] [RT #17374] 2007-12-21 06:46:47 +00:00
Mark Andrews
604419a812 2282. [bug] Acl code fixups. [RT #17346] 2007-12-20 01:48:29 +00:00
Mark Andrews
69f3cb5abc Part 3 of: 
2233.   [func]          Add support for O(1) ACL processing, based on
                        radix tree code originally written by kevin
                        brintnall. [RT #16288]
 2007-09-19 03:03:29 +00:00
Mark Andrews
12e0477d4e Part 2 of: 
2233.   [func]          Add support for O(1) ACL processing, based on
                        radix tree code originally written by kevin
                        brintnall. [RT #16288]
 2007-09-14 01:46:06 +00:00
Evan Hunt
c7e266b7e5 Add support for O(1) ACL processing, based on radix tree code originally 
written by kevin brintnall. [RT #16288]
 2007-09-12 01:09:08 +00:00
Automatic Updater
70e5a7403f update copyright notice 2007-06-19 23:47:24 +00:00
Automatic Updater
ec5347e2c7 update copyright notice 2007-06-18 23:47:57 +00:00
Mark Andrews
641f68d427 update copyright notice 2006-03-02 00:37:23 +00:00
Mark Andrews
45e1bd6358 1991. [cleanup] The configuration data, once read, should be treated 
as readonly.  Expand the use of const to enforce this
                        at compile time. [RT #15813]
 2006-02-28 02:39:52 +00:00
Mark Andrews
18d0b5e54b 1900. [port] freebsd: pthread_mutex_init can fail if it runs out 
of memory. [RT #14995]
 2005-07-12 01:00:20 +00:00
Mark Andrews
69fe9aaafd update copyright notice 2005-04-29 00:24:12 +00:00
Rob Austein
ab023a6556 1851. [doc] Doxygen comment markup. [RT #11398] 2005-04-27 04:57:32 +00:00
Mark Andrews
dafcb997e3 update copyright notice 2004-03-05 05:14:21 +00:00
Mark Andrews
aa39170da8 1394. [func] It is now possible to check if a particular element is 
in a acl.  Remove duplicate entries from the localnets
                        acl.

1393.   [port]          Bind to individual IPv6 interfaces if IPV6_IPV6ONLY
                        is not available in the kernel to prevent accidently
                        listening on IPv4 interfaces.
developer: jinmei
reviewer: marka
 2002-10-29 04:40:26 +00:00
David Lawrence
fe2d25382f don't define INADDR_LOOPBACK; isc/net.h should be ensuring it exists 2001-05-31 10:43:37 +00:00
Brian Wellington
6eccf5bd07 788. [feature] Add the "match-mapped-addresses" options, which 
causes IPv6 v4mapped addresses to be treated as
			IPv4 addresses for the purpose of acl matching.
 2001-03-26 21:33:07 +00:00
Andreas Gustafsson
aa23a35d81 733. [bug] Reference counts of dns_acl_t objects need to be 
locked but were not. [RT #801]
 2001-02-08 23:30:32 +00:00
Andreas Gustafsson
8bb77cd31b fix RT #660 differently 2001-01-17 17:44:49 +00:00
Brian Wellington
39bb14491f Negating an unsigned int is a bad idea. Make it an int instead. [RT #660] 2001-01-17 02:58:28 +00:00
Brian Wellington
499b34cea0 copyright update 2001-01-09 22:01:04 +00:00