mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-28 13:08:06 +00:00
Code Issues Releases Wiki Activity
23,469 Commits 660 Branches 820 Tags
Commit Graph

228 Commits

Author SHA1 Message Date
Mark Andrews
481ebd6977 rpz require -DBIND9 2011-01-13 09:53:04 +00:00
Mark Andrews
87708bde16 3008. [func] Response policy zones (RPZ) support. [RT #21726] 2011-01-13 01:59:28 +00:00
Automatic Updater
135bcc2e42 update copyright notice 2011-01-11 23:47:14 +00:00
Mark Andrews
433e06a25c 3006. [func] Allow dynamically generated TSIG keys to be preserved 
across restarts of named.  Initially this is for
                        TSIG keys generated using GSSAPI. [RT #22639]
 2011-01-10 05:32:04 +00:00
Mark Andrews
6dcb804dc6 UNUSED(use_static_stub); 2010-12-18 11:47:13 +00:00
Tatuya JINMEI 神明達哉
743bbdc18f 2947. [func] Add new zone type "static-stub". It's like a stub 
zone, but the nameserver names and/or their IP
			addresses are statically configured. [RT #21474]

(for 9.8.0)
 2010-12-16 09:51:30 +00:00
Mark Andrews
987f2097a6 dns64 is BIND9 only 2010-12-09 04:53:48 +00:00
Mark Andrews
e334405421 2981. [func] Partial DNS64 support (AAAA synthesis). [RT #21991] 2010-12-08 02:46:17 +00:00
Mark Andrews
ed83fa75f5 2963. [security] The allow-query acl was being applied instead of the 
allow-query-cache acl to cache lookups. [RT #22114]
 2010-09-24 05:09:03 +00:00
Mark Andrews
02a211f4c4 2949. [bug] dns_view_setnewzones() contained a memory leak if 
it was called multiple times. [RT #21942]
 2010-09-06 04:31:11 +00:00
Evan Hunt
9b7efe7aca Removed a leftover UNUSED statement referencing a parameter that doesn't 
exist anymore.
 2010-08-12 04:04:14 +00:00
Evan Hunt
cfd262045c 2936. [func] Improved configuration syntax and multiple-view 
support for addzone/delzone feature (see change
			#2930).  Removed "new-zone-file" option, replaced
			with "allow-new-zones (yes|no)".  The new-zone-file
			for each view is now created automatically, with
			a filename generated from a hash of the view name.
			It is no longer necessary to "include" the
			new-zone-file in named.conf; this happens
			automatically.  Zones that were not added via
			"rndc addzone" can no longer be removed with
			"rndc delzone". [RT #19447]
 2010-08-11 18:14:20 +00:00
Evan Hunt
86dcc40058 2930. [experimental] New "rndc addzone" and "rndc delzone" commads 
allow dynamic addition and deletion of zones.
			To enable this feature, specify a "new-zone-file"
			option at the view or options level in named.conf.
			Zone configuration information for the new zones
			will be written into that file.  To make the new
			zones persist after a restart, "include" the file
			into named.conf in the appropriate view.  (Note:
			This feature is not yet documented, and its syntax
			is expected to change.) [RT #19447]
 2010-07-11 00:12:57 +00:00
Mark Andrews
48dfee7150 2920. [func] Allow 'filter-aaaa-on-v4' to be applied selectively 
to IPv4 clients.  New acl 'filter-aaaa' (default any).
 2010-06-22 04:03:38 +00:00
Mark Andrews
b00de53de2 2907. [bug] The export version of libdns had undefined references. 
[RT #21444]
 2010-06-02 00:38:29 +00:00
Mark Andrews
778a01b1aa 2893. [bug] Improve managed keys support. New named.conf option 
managed-keys-directory. [RT #20924]
 2010-05-14 04:48:28 +00:00
Mark Andrews
44f175a90a 2892. [bug] Handle REVOKED keys better. [RT #20961] 2010-05-14 04:38:52 +00:00
Automatic Updater
bd2b08d5a3 update copyright notice 2010-02-25 05:08:01 +00:00
Mark Andrews
0cae66577c 2852. [bug] Handle broken DNSSEC trust chains better. [RT #15619] 2010-02-25 04:39:13 +00:00
Vernon Schryver
5d9922e86f Allow the optional filter-aaaa-on-v4 option in view statements to close #20635 2009-11-28 15:57:37 +00:00
Mark Andrews
1d0ebb4cf2 2765. [bug] Skip masters for which the TSIG key cannot be found. 
[RT #20595]
 2009-11-12 23:30:36 +00:00
Evan Hunt
95f2377b4f 2739. [cleanup] Clean up API for initializing and clearing trust 
anchors for a view. [RT #20211]
 2009-10-27 22:46:13 +00:00
Tatuya JINMEI 神明達哉
307d208450 2660. [func] Add a new set of DNS libraries for non-BIND9 
applications.  See README.libdns. [RT #19369]
 2009-09-01 00:22:28 +00:00
Evan Hunt
cfb1587eb9 2619. [func] Add support for RFC 5011, automatic trust anchor 
maintenance.  The new "managed-keys" statement can
			be used in place of "trusted-keys" for zones which
			support this protocol.  (Note: this syntax is
			expected to change prior to 9.7.0 final.) [RT #19248]
 2009-06-30 02:53:46 +00:00
Tatuya JINMEI 神明達哉
40d0f115a6 2604. [func] Add support for DNS rebinding attack prevention through 
new options, deny-answer-addresses and
			deny-answer-aliases.  Based on contributed code from
			JD Nurmi, Google. [RT #18192]
 2009-05-29 22:22:37 +00:00
Tatuya JINMEI 神明達哉
d9059b0c38 2537. [func] Added more statistics counters including those on socket 
I/O events and query RTT histograms.  [RT #18802]
 2009-01-27 22:30:00 +00:00
Automatic Updater
9e0d0a279b update copyright notice 2009-01-09 23:47:46 +00:00
Tatuya JINMEI 神明達哉
7781f25078 2526. [func] New named option "attach-cache" that allows multiple 
views to share a single cache to save memory and
			improve lookup efficiency. [RT 18905]
 2009-01-09 22:24:37 +00:00
Mark Andrews
538a0a40a2 2380. [bug] dns_view_find() was not returning NXDOMAIN/NXRRSET 
proofs which, in turn, caused validation failures
                        for insecure zones immediately below a secure zone
                        the server was authoritative for. [RT #18112]
 2008-06-17 03:14:20 +00:00
Evan Hunt
5a17fe2916 Default values of zone ACLs were re-parsed each time a new zone was 
configured, causing an overconsumption of memory. [rt18092]
 2008-05-21 23:17:21 +00:00
Automatic Updater
59b6d8259a update copyright notice 2008-05-13 23:47:01 +00:00
Evan Hunt
c72279e756 "rndc freeze" could trigger an assertion in named when called on a 
nonexistent zone. [rt18050]
 2008-05-13 01:20:24 +00:00
Mark Andrews
8907d8fa04 2355. [func] Extend the number statistics counters available. 
[RT #17590]
 2008-04-03 05:55:52 +00:00
Automatic Updater
e672951ed2 update copyright notice 2008-04-01 23:47:10 +00:00
Mark Andrews
cffe96e267 2346. [func] Memory statistics now cover all active memory contexts 
in increased detail. [RT #17580]
 2008-03-31 05:00:30 +00:00
Automatic Updater
ec5347e2c7 update copyright notice 2007-06-18 23:47:57 +00:00
Mark Andrews
40aadb6a14 2179. [func] 'rndc command zone' will now find 'zone' if it is 
unique to all the views. [RT #16821]
 2007-05-15 02:38:34 +00:00
Mark Andrews
819b98479e 2165. [func] Allow the destination address of a query to determine 
if we will answer the query or recurse.
                        allow-query-on, allow-recursion-on and
                        allow-query-cache-on. [RT #16291]
 2007-03-29 06:36:31 +00:00
Automatic Updater
1b5a345334 update copyright notice 2007-03-06 02:12:39 +00:00
Mark Andrews
a56f5ada43 2157. [func] dns_db_transfernode() created. [RT #16685] 
2156.   [bug]           Fix node reference leaks in lookup.c:lookup_find(),
                        resolver.c:validated() and resolver.c:cache_name().
                        Fix a memory leak in rbtdb.c:free_noqname().
                        Make lookup.c:lookup_find() robust against
                        event leaks. [RT #16685]
 2007-03-06 00:38:58 +00:00
Mark Andrews
186e7f37c9 2122. [func] Experimental http server and statistics support 
for named via xml.
 2006-12-21 06:03:37 +00:00
Mark Andrews
cfe92110ce 2007. [func] It is now possible to explicitly enable DNSSEC 
validation.  default dnssec-validation no; to
                        be changed to yes in 9.5.0.  [RT #15674]
 2006-03-09 23:21:54 +00:00
Mark Andrews
08c9026166 1953. [func] Named now falls back to advertising EDNS with a 
512 byte receive buffer if the initial EDNS queries
                        fail.  [RT #14852]

1952.   [func]          The maximum EDNS UDP response named will send can
                        now be set in named.conf (max-udp-size).  This is
                        independent of the advertised receive buffer
                        (edns-udp-size). [RT #14852]
 2006-01-05 00:01:46 +00:00
Mark Andrews
acb4f52369 update copyright notice 2006-01-04 23:50:24 +00:00
Mark Andrews
fabf2ee6b0 1947. [func] It is now possible to configure named to accept 
expired RRSIGs.  Default "dnssec-accept-expired no;".
                        Setting "dnssec-accept-expired yes;" leaves named
                        vulnerable to replay attacks.  [RT #14685]
 2006-01-04 02:35:49 +00:00
Mark Andrews
03e200df5d 1913. [func] Integrate contibuted DLZ code into named. [RT #11382] 2005-09-05 00:12:29 +00:00
Mark Andrews
18d0b5e54b 1900. [port] freebsd: pthread_mutex_init can fail if it runs out 
of memory. [RT #14995]
 2005-07-12 01:00:20 +00:00
Rob Austein
ab023a6556 1851. [doc] Doxygen comment markup. [RT #11398] 2005-04-27 04:57:32 +00:00
Mark Andrews
e89e09eda8 update copyrights 2005-01-17 04:11:34 +00:00
Mark Andrews
7502c66006 1796. [func] "rndc freeze/thaw" now freezes/thaws all zones. 2005-01-14 03:28:09 +00:00