5e1ca7a326741a8f74e6f2b907c7e1fbf428bf80 |
|
25-Oct-2017 |
Michał Kępień <m <michal@isc.org> |
[v9_11] Rename nsec3param_salt_totext() to dns_nsec3param_salttotext(), make it public, add unit tests
4786. [cleanup] Turn nsec3param_salt_totext() into a public function,
dns_nsec3param_salttotext(), and add unit tests for it.
[RT #46289]
(cherry picked from commit 910a01550a95bd0b40a778f759534991c92257d4) |
6fb9b25791778f69002eb72be6235e20d98ec452 |
|
22-Jul-2017 |
Tinderbox User <tbox@isc.org> |
update copyright notice / whitespace |
bfde61d5194a534d800f3b90008d1f52261922c5 |
|
20-Jul-2017 |
Mark Andrews <marka@isc.org> |
4654. [cleanup] Don't use C++ keywords delete, new and namespace.
[RT #45538]
(cherry picked from commit 4bf32aa58774452b05433716f8fa298257dd7fda) |
8d9a134fe75c57052094b30ad43a20582ad71ebf |
|
06-Jul-2016 |
Mark Andrews <marka@isc.org> |
4405. [bug] Change 4342 introduced a regression where you could
not remove a delegation in a NSEC3 signed zone using
OPTOUT via nsupdate. [RT #42702]
(cherry picked from commit d811a7d9ef26169be8f60a2149c632ca9e9d49fb) |
0c27b3fe77ac1d5094ba3521e8142d9e7973133f |
|
27-Jun-2016 |
Mark Andrews <marka@isc.org> |
4401. [misc] Change LICENSE to MPL 2.0. |
420a43c8d8028992a4e9c170022f97bfac689025 |
|
18-Aug-2015 |
Evan Hunt <each@isc.org> |
[master] timing safe memory comparisons
4183. [cleanup] Use timing-safe memory comparisons in cryptographic
code. Also, the timing-safe comparison functions have
been renamed to avoid possible confusion with
memcmp(). [RT #40148] |
c110d61b173a68420d19858abb80285be0dc1120 |
|
21-Jan-2015 |
Tinderbox User <tbox@isc.org> |
update copyright notice / whitespace |
11463c0ac24692e229ec87f307f5e7df3c0a7e10 |
|
20-Jan-2015 |
Evan Hunt <each@isc.org> |
[master] clean up gcc -Wshadow warnings
4039. [cleanup] Cleaned up warnings from gcc -Wshadow. [RT #37381] |
fec7998314cbdaf1dc89513ffff5b45fc8ed73fd |
|
04-Sep-2014 |
Mark Andrews <marka@isc.org> |
3942. [bug] Wildcard responses from a optout range should be
marked as insecure. [RT #37072] |
e58154a6ec0a8a0bde32bb1e39ad2f1fbc3d2ef2 |
|
02-Jul-2014 |
Mark Andrews <marka@isc.org> |
silence coverity warnings |
b16d99bac1d100735224ab3eaa84632537ff21b5 |
|
10-Jun-2014 |
Mark Andrews <marka@isc.org> |
3872. [bug] Address issues found by static analysis. [RT #36209] |
36e5ac00333d89001f0c518a7d381d16c38d0402 |
|
24-Apr-2014 |
Mark Andrews <marka@isc.org> |
3819. [bug] NSEC3 hashes need to be able to be entered and
displayed without padding. This is not a issue for
currently defined algorithms but may be for future
hash algorithms. [RT #27925] |
431a83fb29482c5170b3e4026e59bb14849a6707 |
|
10-Jan-2014 |
Tinderbox User <tbox@isc.org> |
update copyright notice |
e851ea826066ac5a5b01c2c23218faa0273a12e8 |
|
09-Jan-2014 |
Evan Hunt <each@isc.org> |
[master] replace memcpy() with memmove().
3698. [cleanup] Replaced all uses of memcpy() with memmove().
[RT #35120] |
c3c8823fed039b3a2b8e5ca8bc2f3301d1dd840e |
|
03-Dec-2013 |
Mark Andrews <marka@isc.org> |
3681. [port] Update the Windows build system to support feature
selection and WIN64 builds. This is a work in
progress. [RT #34160] |
b5f4cc132e91afb1217f4aa79424793c0e11c09a |
|
04-Sep-2013 |
Mark Andrews <marka@isc.org> |
3641. [bug] Handle changes to sig-validity-interval settings
better. [RT #34625] |
12253af3465f150a3b2f2cdaf15f396a5c060c21 |
|
11-Apr-2013 |
Tinderbox User <tbox@isc.org> |
update copyright notice |
b99bfa184bc9375421b5df915eea7dfac6a68a99 |
|
10-Apr-2013 |
Evan Hunt <each@isc.org> |
[master] unify internal and export libraries
3550. [func] Unified the internal and export versions of the
BIND libraries, allowing external clients to use
the same libraries as BIND. [RT #33131] |
8462dfb880040cde3a60f047ec18808737fd7e85 |
|
18-Dec-2012 |
Mark Andrews <marka@isc.org> |
3443. [bug] The NOQNAME proof was not being returned from cached
insecure responses. [RT #21409] |
463f4ad70bed35fdc48d5afd312f1e098af34a29 |
|
09-Dec-2012 |
Mark Andrews <marka@isc.org> |
silence clang --analyzer warnin by checking rdata.length |
6d5f928b26f51e51817248f7b28472eb6973a710 |
|
26-Jun-2012 |
Tinderbox User <tbox@isc.org> |
update copyright notice |
ad127d839d2e7aa542939a8a336691407e23397e |
|
25-Jun-2012 |
Mark Andrews <marka@isc.org> |
3341. [func] New "dnssec-verify" command checks a signed zone
to ensure correctness of signatures and of NSEC/NSEC3
chains. [RT #23673] |
28a8f5b0de57d269cf2845c69cb6abe18cbd3b3a |
|
07-Mar-2012 |
Mark Andrews <marka@isc.org> |
set $Id$ |
80c70837963eb58bd41a4d53367bfd4b1c04439e |
|
28-Jan-2012 |
Automatic Updater <source@isc.org> |
update copyright notice |
ef9f4d097794609e018963087fab10a8b51d8ad1 |
|
27-Jan-2012 |
Mark Andrews <marka@isc.org> |
3266. [bug] The maximum number of NSEC3 iterations for a
DNSKEY RRset was not being properly computed.
[RT #26543] |
9c03f13e18c1b0c32f62391a17300378605bbc7b |
|
28-Oct-2011 |
Evan Hunt <each@isc.org> |
3185. [func] New 'rndc signing' option for auto-dnssec zones:
- 'rndc signing -list' displays the current
state of signing operations
- 'rndc signing -clear' clears the signing state
records for keys that have fully signed the zone
- 'rndc signing -nsec3param' sets the NSEC3
parameters for the zone
The 'rndc keydone' syntax is removed. [RT #23729] |
79ce3a9e82384cc31fd6b86be8f3d1474fcfd9f4 |
|
10-Jun-2011 |
Evan Hunt <each@isc.org> |
3128. [func] Inserting an NSEC3PARAM via dynamic update in an
auto-dnssec zone that has not been signed yet
will cause it to be signed with the specified NSEC3
parameters when keys are activated. The
NSEC3PARAM record will not appear in the zone until
it is signed, but the parameters will be stored.
[RT #23684] |
6de9744cf9c64be2145f663e4051196a4eaa9d45 |
|
09-Jun-2011 |
Evan Hunt <each@isc.org> |
3124. [bug] Use an rdataset attribute flag to indicate
negative-cache records rather than using rrtype 0;
this will prevent problems when that rrtype is
used in actual DNS packets. [RT #24777]
3123. [security] Change #2912 exposed a latent flaw in
dns_rdataset_totext() that could cause named to
crash with an assertion failure. [RT #24777] |
c1aef54e14bb92518b1c062ba8c0292a7cb949cb |
|
12-Mar-2011 |
Automatic Updater <source@isc.org> |
update copyright notice |
0874abad14e3e9ecfc3dc1a1a2b9969f2f027724 |
|
11-Mar-2011 |
Mark Andrews <marka@isc.org> |
3069. [cleanup] Silence warnings messages from clang static analysis.
[RT #20256] |
8aee18709f238406719768b8a6b843a15c5075f8 |
|
07-Dec-2010 |
Mark Andrews <marka@isc.org> |
2980. [bug] named didn't properly handle UPDATES that changed the
TTL of the NSEC3PARAM RRset. [RT #22363] |
b00de53de2e37154d9046d481734cfb9a8573204 |
|
02-Jun-2010 |
Mark Andrews <marka@isc.org> |
2907. [bug] The export version of libdns had undefined references.
[RT #21444] |
4dd3ec797da19f21c6ab34b5f194601852f90f87 |
|
18-May-2010 |
Automatic Updater <source@isc.org> |
update copyright notice |
8d31dd9ab62d91b5f23ac687657c966d44074a3f |
|
18-May-2010 |
Mark Andrews <marka@isc.org> |
2897. [bug] NSEC3 chains could be left behind when transitioning
to insecure. [RT #21040] |
842920c7db2db1de1a0f9571f77aee5ea92ae5bb |
|
05-Jan-2010 |
Automatic Updater <source@isc.org> |
update copyright notice |
d3a6cd7c7e13707d0c26e1af0e026dd6c22c5e99 |
|
04-Jan-2010 |
Evan Hunt <each@isc.org> |
2830. [bug] Changing the OPTOUT setting could take multiple
passes. [RT #20813] |
d524a81532c87c7fa8d0ce0261645fb18276b1ee |
|
01-Dec-2009 |
Mark Andrews <marka@isc.org> |
2796. [bug] Missing dns_rdataset_disassociate() call in
dns_nsec3_delnsec3sx(). [RT #20681] |
126dce8ebf94ba4084befd82dd75e19b0c1d3f69 |
|
04-Nov-2009 |
Automatic Updater <source@isc.org> |
update copyright notice |
554d22d2deb8889bb16434176b5716ab79d15c50 |
|
03-Nov-2009 |
Mark Andrews <marka@isc.org> |
2743. [bug] RRSIG could be incorrectly sent in the NSEC3 record
for a insecure delegation. |
15bbb8a1298a61e401ba16c944dc06049abb81bf |
|
09-Oct-2009 |
Automatic Updater <source@isc.org> |
update copyright notice |
28479307225582ad0b2e11441d85fcf5169551d0 |
|
09-Oct-2009 |
Mark Andrews <marka@isc.org> |
2708. [func] Insecure to secure and NSEC3 parameter changes via
update are now fully supported and no longer require
defines to enable. We now no longer overload the
NSEC3PARAM flag field, nor the NSEC OPT bit at the
apex. Secure to insecure changes are controlled by
by the named.conf option 'secure-to-insecure'.
Warning: If you had previously enabled support by
adding defines at compile time to BIND 9.6 you should
ensure that all changes that are in progress have
completed prior to upgrading to BIND 9.7. BIND 9.7
is not backwards compatible. |
39844d471080b2de4f8bb9d81f7e136ef80f0ae2 |
|
04-Jun-2009 |
Automatic Updater <source@isc.org> |
update copyright notice |
f05a6b110fc93d9b04743ffc957242fa7f53de02 |
|
04-Jun-2009 |
Mark Andrews <marka@isc.org> |
2607. [bug] named could incorrectly delete NSEC3 records for
empty nodes when processing a update request.
[RT #19749] |
e7ba4d8dc4559ff47f7f8298dad1469275ed0f1e |
|
18-Nov-2008 |
Mark Andrews <marka@isc.org> |
2497. [bug] Don't add RRSIG bit to NSEC3 bit map for insecure
delegation. |
dd14c953a8a42b60ea86a2a630529014fc3d14dd |
|
26-Sep-2008 |
Mark Andrews <marka@isc.org> |
unsigned constants |
3398334b3acda24b086957286288ca9852662b12 |
|
25-Sep-2008 |
Automatic Updater <source@isc.org> |
update copyright notice |
f66ac0c85848ebc77148e06f42dc4e1796bf86cb |
|
24-Sep-2008 |
Evan Hunt <each@isc.org> |
silence compiler warnings |
6098d364b690cb9dabf96e9664c4689c8559bd2e |
|
24-Sep-2008 |
Mark Andrews <marka@isc.org> |
2448. [func] Add NSEC3 support. [RT #15452] |