0c27b3fe77ac1d5094ba3521e8142d9e7973133f |
|
27-Jun-2016 |
Mark Andrews <marka@isc.org> |
4401. [misc] Change LICENSE to MPL 2.0. |
19d80ce5844e00a021643759adcbe27c11b485a0 |
|
05-May-2016 |
Witold Krecicki <wpk@isc.org> |
4358. [test] Added American Fuzzy Lop harness that allows
feeding fuzzed packets into BIND.
[RT #41723] |
53ba272721898b15dc6abfa251cc648354303dda |
|
19-Feb-2016 |
Tinderbox User <tbox@isc.org> |
update copyright notice / whitespace |
a2b15b3305acd52179e6f3dc7d073b07fbc40b8e |
|
17-Feb-2016 |
Mark Andrews <marka@isc.org> |
4318. [security] Malformed control messages can trigger assertions
in named and rndc. (CVE-2016-1285) [RT #41666] |
58f7af60e79a5aaf58f6a8861c306d4c617fb1d1 |
|
11-Nov-2015 |
Mukund Sivaraman <muks@isc.org> |
Allow non-destructive control channel access using a "read-only" clause (#40498) |
9b17fd447c684a84b2f5fbfb04ad6e890ae2078c |
|
11-Nov-2015 |
Mukund Sivaraman <muks@isc.org> |
Limit rndc query message sizes to 32 KiB (#41073) |
012142bbe07a89506d30fef12d2a4736a511567d |
|
07-May-2015 |
Tinderbox User <tbox@isc.org> |
update copyright notice / whitespace |
9e804040a29b9c3066c8471b43835f30707039b7 |
|
06-May-2015 |
Evan Hunt <each@isc.org> |
[master] add "rndc -r" to print result code
4115. [func] "rndc -r" now prints the result code (e.g.,
ISC_R_SUCCESS, ISC_R_TIMEOUT, etc) after
running the requested command. [RT #38913] |
e32d354f754a5d7847a0862bcd6302827ea225bf |
|
15-Nov-2014 |
Evan Hunt <each@isc.org> |
[master] allow arbitrary-size rndc output
4005. [func] The buffer used for returning text from rndc
commands is now dynamically resizable, allowing
arbitrarily large amounts of text to be sent back
to the client. (Prior to this change, it was
possible for the output of "rndc tsig-list" to be
truncated.) [RT #37731] |
368aedf188d7c7782cae8a5ce2a978be47b5a764 |
|
28-Feb-2014 |
Evan Hunt <each@isc.org> |
[master] log when using rndc.key
3767. [func] Log explicitly when using rndc.key to configure
command channel. [RT #35316] |
431a83fb29482c5170b3e4026e59bb14849a6707 |
|
10-Jan-2014 |
Tinderbox User <tbox@isc.org> |
update copyright notice |
e851ea826066ac5a5b01c2c23218faa0273a12e8 |
|
09-Jan-2014 |
Evan Hunt <each@isc.org> |
[master] replace memcpy() with memmove().
3698. [cleanup] Replaced all uses of memcpy() with memmove().
[RT #35120] |
2c2be89824d3899591d34c26adb155da6a993ce3 |
|
03-Dec-2013 |
Evan Hunt <each@isc.org> |
[master] buffer could overflow in rndc zonestatus
3680. [bug] Ensure buffer space is available in "rndc zonestatus".
[RT #35084] |
4eb998928b9aef0ceda42d7529980d658138698a |
|
14-Mar-2013 |
Evan Hunt <each@isc.org> |
[master] algorithm flexibility for rndc
3525. [func] Support for additional signing algorithms in rndc:
hmac-sha1, -sha224, -sha256, -sha384, and -sha512.
The -A option to rndc-confgen can be used to
select the algorithm for the generated key.
(The default is still hmac-md5; this may
change in a future release.) [RT #20363] |
3a0da183bb40bd120698102b20b61ef12665c09b |
|
08-Mar-2013 |
Mark Andrews <marka@isc.org> |
3520. [bug] 'mctx' was not being referenced counted in some places
where it should have been. [RT #32794] |
fe43ef9e63e66ddd04267e8ad0b41c96991fe7cc |
|
08-Mar-2013 |
Tinderbox User <tbox@isc.org> |
update copyright notice |
c1e88f8d8679501def1896fb4c4af927a70813eb |
|
08-Mar-2013 |
Evan Hunt <each@isc.org> |
[master] fix rndc replay protection
3519. [func] Full replay protection via four-way handshake is
now mandatory for rndc clients. Very old versions
of rndc will no longer work. [RT #32798] |
c298583db573a329f37d43301d8c3c812500ac85 |
|
13-Jun-2012 |
Mark Andrews <marka@isc.org> |
3337. [bug] Change #3294 broke support for the multiple keys
in controls. [RT #29694] |
5fa46bc91672ef5737aee6f99763161511566c24 |
|
11-Mar-2012 |
Tinderbox User <tbox@isc.org> |
update copyright notice |
962bf88eec1ea34a451769ba82c9389db7f0bef0 |
|
08-Mar-2012 |
Mark Andrews <marka@isc.org> |
3294. [bug] isccc/cc.c:table_fromwire failed to free alist on
error. [RT #28265] |
328e0fee6b6c91c258e5ce36eb70f5e017a85af2 |
|
22-Dec-2011 |
Mark Andrews <marka@isc.org> |
3254. [bug] Set isc_socket_ipv6only() on the IPv6 control channels.
[RT #22249] |
c1aef54e14bb92518b1c062ba8c0292a7cb949cb |
|
12-Mar-2011 |
Automatic Updater <source@isc.org> |
update copyright notice |
0874abad14e3e9ecfc3dc1a1a2b9969f2f027724 |
|
11-Mar-2011 |
Mark Andrews <marka@isc.org> |
3069. [cleanup] Silence warnings messages from clang static analysis.
[RT #20256] |
240e53b13217af266abb3dae8ba103614daf2bf7 |
|
24-Jul-2008 |
Mark Andrews <marka@isc.org> |
2396. [bug] Don't set SO_REUSEADDR for randomized ports.
[RT #18336]
part 2 |
9de0f9b0aed432ee357dbba8d1d807525f4b6d4a |
|
22-Jul-2008 |
Mark Andrews <marka@isc.org> |
2396. [bug] Don't set SO_REUSEADDR for randomized ports.
[RT #18336] |
2f012d936b5ccdf6520c96a4de23721dc58a2221 |
|
19-Jan-2008 |
Automatic Updater <source@isc.org> |
update copyright notice |
2f99b54e8ec8e908ea894bc808d1c18a5f51a850 |
|
18-Jan-2008 |
Automatic Updater <source@isc.org> |
update copyright notice |
546c2bf791782df1077217bdaf1865235fa95a93 |
|
17-Jan-2008 |
Mark Andrews <marka@isc.org> |
2308. [cleanup] Silence Coverity warning in bin/named/controlconf.c.
[RT #17495] |
c7e266b7e5675e12d1ca3cc929f24b3e86d41f8e |
|
12-Sep-2007 |
Evan Hunt <each@isc.org> |
Add support for O(1) ACL processing, based on radix tree code originally
written by kevin brintnall. [RT #16288] |
ec5347e2c775f027573ce5648b910361aa926c01 |
|
19-Jun-2007 |
Automatic Updater <source@isc.org> |
update copyright notice |
cdce8b88c63f864cb5c91aa128c1cf4523638500 |
|
14-Feb-2007 |
Mark Andrews <marka@isc.org> |
update copyright notice |
96ea71632887c58a9d00f47eb318bf76b35903c3 |
|
13-Feb-2007 |
Mark Andrews <marka@isc.org> |
2134. [func] Additional statistics support. [RT #16666] |
cfcb0881d12db2b7cb33475b7d20ac6c9015203b |
|
07-Dec-2006 |
Mark Andrews <marka@isc.org> |
2111. [bug] Fix a number of errors reported by Coverity.
[RT #16507] |
45e1bd63587102c3bb361eaca42ee7b714fb3542 |
|
28-Feb-2006 |
Mark Andrews <marka@isc.org> |
1991. [cleanup] The configuration data, once read, should be treated
as readonly. Expand the use of const to enforce this
at compile time. [RT #15813] |
26e2a07a0b6a3b1eccef82ba31270d0c54ad4f06 |
|
28-Jan-2006 |
Mark Andrews <marka@isc.org> |
update copyright notice |
c6d4f781529d2f28693546b25b2967d44ec89e60 |
|
27-Jan-2006 |
Mark Andrews <marka@isc.org> |
1973. [func] TSIG HMACSHA1, HMACSHA224, HMACSHA256, HMACSHA384 and
HMACSHA512 support. [RT #13606] |
ade83e60fa640d495de7d46bed87114d6f9a740c |
|
30-Nov-2005 |
Mark Andrews <marka@isc.org> |
silence ambigious else |
2674e1a455d4f71de09b2b60e7a8304b9a305588 |
|
30-Nov-2005 |
Mark Andrews <marka@isc.org> |
1940. [bug] Fixed a number of error conditions reported by
Coverity. |
4e1d3e67cdc76609bad5f0310ac48de10b442b9f |
|
23-Aug-2005 |
Mark Andrews <marka@isc.org> |
1914. [bug] Strings returned from cfg_obj_asstring() should be
treated as read-only. The prototype for
cfg_obj_asstring() has been updated to reflect this.
[RT #15256] |
ab023a65562e62b85a824509d829b6fad87e00b1 |
|
27-Apr-2005 |
Rob Austein <sra@isc.org> |
1851. [doc] Doxygen comment markup. [RT #11398] |
4423c99613db1399dbb5c51e86ef0d351a1418c2 |
|
23-Feb-2005 |
Mark Andrews <marka@isc.org> |
1814. [func] UNIX domain controls are now supported. |
abeb45c7753db766ebe07c855632819271f6df9b |
|
12-Jan-2005 |
Mark Andrews <marka@isc.org> |
update copyrights |
ad5bc22a819190839bdcc4d102d023782dc23660 |
|
11-Jan-2005 |
Mark Andrews <marka@isc.org> |
1797. [func] named-checkconf now check acls to verify that they
only refer to existing acls. [RT #13101] |
dafcb997e390efa4423883dafd100c975c4095d6 |
|
05-Mar-2004 |
Mark Andrews <marka@isc.org> |
update copyright notice |
72ddc4cef9c6a6de53aae530dea1ddbb90631131 |
|
17-Jul-2003 |
Mark Andrews <marka@isc.org> |
1480. [bug] Provide replay protection for rndc commands. Full
replay protection requires both rndc and named to
be updated. Partial replay protection (limited
exposure after restart) is provided if just named
is updated. |
a7038d1a0513c8e804937ebc95fc9cb3a46c04f5 |
|
20-Feb-2002 |
Mark Andrews <marka@isc.org> |
copyrights |
669e9657c731176df235832367f61435f7b83ddf |
|
04-Jan-2002 |
Andreas Gustafsson <source@isc.org> |
Split off the named.conf grammar into a source module separate
from the configuration parser, to facilitate reuse of the latter for
parsing non-BIND configuration files |
b541c10d0442d9804d94567a97956cec3bd2912d |
|
27-Nov-2001 |
Brian Wellington <source@isc.org> |
1141. [bug] When named rejected a control message, it would
leak a file descriptor and memory. |
5cd7e9d4db393c314dd1a761c52d2cb3a4da9b72 |
|
31-Oct-2001 |
Andreas Gustafsson <source@isc.org> |
1083. [bug] The default control channel listened on the
wildcard adress, not the loopback as documented. |
32d248107a5bc92b4bf9fc77deaa55b3da969ba2 |
|
19-Oct-2001 |
Andreas Gustafsson <source@isc.org> |
1062. [bug] If the control channel listener socket was shut
down before server exit, the listener object could
be freed twice. [RT #1916] |
3b19037ccdd4082735f9a69df96bcb2a5a2caf85 |
|
19-Oct-2001 |
Andreas Gustafsson <source@isc.org> |
removed unnecessary includes |
9cc98b104e1a1d479a4cf9a47e2acccba927dbcd |
|
21-Sep-2001 |
Brian Wellington <source@isc.org> |
controls->shuttingdown should not be set on server reload. |
b32e75f3e1822f14681c538d7657bdbccd7fcd45 |
|
20-Sep-2001 |
Brian Wellington <source@isc.org> |
deuglify #1010 [RT #1766] |
640923da589bc5b8492ac407ef89ea1ee9a1c358 |
|
20-Sep-2001 |
Andreas Gustafsson <source@isc.org> |
1010. [bug] The server could attempt to execute a command channel
command after initiating server shutdown, causing
an assertion failure. [RT #1766] |
c2bc56dc65b4b103a5600565680eb5f33fa4c90b |
|
20-Sep-2001 |
Mark Andrews <marka@isc.org> |
Move configuration checking to libbind9. |
b199e25ab71bf7e212581e1c68b179b757418d1b |
|
06-Aug-2001 |
Andreas Gustafsson <source@isc.org> |
spacing |
8173a963d2f8c413e698bf48b8eebdd01f3bb877 |
|
06-Aug-2001 |
Mark Andrews <marka@isc.org> |
#if (result) should have been #if (result == ISC_R_SUCCESS) otherwise we
would fail to replace the keys if they changed.
Add the IPv4 any control before the IPv6 any control. |
ee8a5c01e20740f60be1a87123d6c81ec2c5f8b1 |
|
04-Aug-2001 |
Mark Andrews <marka@isc.org> |
only call get_key_info() in update_listener() if control != NULL. |
9bac746a3cdabdbb7b306875f101c03e637dc639 |
|
04-Aug-2001 |
Mark Andrews <marka@isc.org> |
keyless inet controls triggered assertion. [RT#1566] |
89209405b74f6eded5fa09f1b63a00818b09dcae |
|
03-Aug-2001 |
Andreas Gustafsson <source@isc.org> |
spacing |
b4b47bf1874a9dd19796d5593de47bd4c9d3d896 |
|
03-Aug-2001 |
Andreas Gustafsson <source@isc.org> |
simplified by using dns_acl_any() |
1bcdcce64b5b0f66a23fb784b442d38a134581c8 |
|
03-Aug-2001 |
Andreas Gustafsson <source@isc.org> |
simplified by using dns_acl_any() |
3dfc806ddf433d0569340d9c4ccc5af8ec41a27b |
|
03-Aug-2001 |
Brian Wellington <source@isc.org> |
fix key algorithm checks |
f8c304e5a5ed6c9a195ce03877381e5a77d439ee |
|
03-Aug-2001 |
Andreas Gustafsson <source@isc.org> |
removed comment stating that 'For this reason,
the automagic key is not regenerated on each reload', which is no longer
applicable since automagic keys are no longer regenerated
by the server at all |
7dac8d231c644c5d3339f48d8eaedcf498f9d153 |
|
03-Aug-2001 |
Andreas Gustafsson <source@isc.org> |
the server would catch an assertion failure if the key statement in rndc.key
was missing the algorithm or secret clause |
326bcfa0e2a6b924cb829a0bcc3bf9590ce21ad6 |
|
03-Aug-2001 |
Mark Andrews <marka@isc.org> |
rndc.key support |
a5b9c2b208b51b039c8f4006cddf3d37dd781561 |
|
23-Jul-2001 |
Brian Wellington <source@isc.org> |
943. [bug] The server could crash when receiving a command
via rndc if the configuration file listed only
nonexistent keys in the controls statement. [RT #1530] |
ed3418751ebdf7de397df76753dae97851d2bdf9 |
|
05-Jul-2001 |
Brian Wellington <source@isc.org> |
The 'stopping command channel on 127.0.0.1#953' message could be printed
multiple times on shutdown. |
8ee6b68d4f5b3b7b52abad668521a61d82f3f7ba |
|
05-Jul-2001 |
Andreas Gustafsson <source@isc.org> |
brace style |
c2da4f9d8a153ffeb2b659541130abef2d586789 |
|
04-Jul-2001 |
Brian Wellington <source@isc.org> |
The controls statement didn't support multiple keys (in 9.2). It does now,
although it's suboptimal - since the control message doesn't have a key
name, it just tries each key until it finds one that successfully decodes
the message. |
4a0b9bb051224b1b98667cbe586afa6d61918564 |
|
30-Jun-2001 |
Andreas Gustafsson <source@isc.org> |
signed/unsigned int pointer mismatch caused compiler warning on Tru64 |
0eace215bd758e347767c63c13504520e855b94a |
|
16-Jun-2001 |
Andreas Gustafsson <source@isc.org> |
"\0" is a rather strange way of representing the empty string |
1f7342e0989d9f9063b0e757cf7091668addfdb5 |
|
31-May-2001 |
David Lawrence <source@isc.org> |
In ns_controls_configure(), moved the ns_controls_shutdown() call that
removes no longer configured listeners into the block that actually
updates/add listeners, because when ns_controls_configure() recursively
calls itself to configure a 127.1 channel if there is no controls() statement,
the top level ns_controls_configure() was shutting down the channel that
the enclosing ns_controls_configure() just created. |
11c4f6b687564cdda8a0a38745e30a12e874084a |
|
31-May-2001 |
David Lawrence <source@isc.org> |
Reversed the sense of my earlier change to hmacmd5 key generation that
required good entropy only when 'param' (to dst_key_generate) was non-zero.
Since the default was always to require good entropy, that default behavior
has been restored and now a non-zero param means that pseudorandom is ok. |
7332e47e11ceb87928f801b925269aa6a91838b1 |
|
31-May-2001 |
David Lawrence <source@isc.org> |
Automatically generate a key for command channel use whenever either
no controls statement is present or when an inet statement is missing
a keys clause.
Dump an rndc.conf-style configuration into a file
(NS_LOCALSTATEDIR "named.key") with the key and suitable default-* values. |
3e9b51fc7b2d12c88298f5b777f9075feb52f071 |
|
14-May-2001 |
Bob Halley <source@isc.org> |
Replies to the reload command would sometimes contain invalid signatures
because the code was incorrectly referencing the secret from memory that
the reload frees. The code now makes a copy of the secret used to validate
the request, and uses that in the response. |
e4cd5a1e5d0358abeee7618b02b4592c055d957f |
|
08-May-2001 |
Brian Wellington <source@isc.org> |
Partial support for "rndc status". Not all of the fields are filled in yet. |
532989b206894bdaf6de6cb883d2e31169c4bfac |
|
08-May-2001 |
Andreas Gustafsson <source@isc.org> |
initate command channel shutdown from the server task, not the
main task, to avoid race conditions; eliminate global variables in
controlconf.c |
6e0e723b2554ba1c4af8b79733f54bf2692cdecf |
|
07-May-2001 |
Andreas Gustafsson <source@isc.org> |
quote key name in warning message; typos; plural |
02d8e643ea6679beff181a2b2b3946b8fe014fec |
|
07-May-2001 |
Andreas Gustafsson <source@isc.org> |
cut-and-paste-o caused memory leak |
d4ef65050feac78554addf6e16a06c6e2e0bd331 |
|
10-Apr-2001 |
Brian Wellington <source@isc.org> |
copyright updates
(note - this doesn't touch lib/bind at all. Mark, whenever you're done with
lib/bind, make sure to do the copyright magic) |
091329e690b20755aa80b86cc7389d25c5d32c9b |
|
31-Mar-2001 |
Brian Wellington <source@isc.org> |
allow multiple messages on the command channel socket |
1b4e6163bed546ca7f8ad186f3eabfebacc36bc1 |
|
27-Mar-2001 |
Brian Wellington <source@isc.org> |
oops, missed a few files. |