summaryrefslogtreecommitdiff
path: root/usr.sbin/bind
AgeCommit message (Collapse)Author
2013-09-12Misc time_t tweaks. %ld / (long)tv_sec -> %lld / (long long)tv_sec.Kenneth R Westerback
Eliminate unneeded casts. suggestions from & ok millert@ guenther@
2013-09-02There is no need to call arc4random_addrandom() and feed it someTheo de Raadt
stupid seed that bind has decided on..
2013-01-08add other root servers from named.root that were missed in previous updatesStuart Henderson
2013-01-08new IPv4 address for D.ROOT-SERVERS.NETJakob Schlyter
2012-06-06Add a fix for CVE-2012-1667, backported from ISC BIND. ok millert@Stuart Henderson
http://www.isc.org/software/bind/advisories/cve-2012-1667 Distinguish rdata removed by BIND due to duplication, from zero-length rdata received from a server. Otherwise a server supplying zero-length rdata sections can trigger crashes or possible memory disclosure to the client. Primarily affects recursive servers.
2011-11-17Apply the patches from BIND upstream to mitigate cve-2011-4313 (crashesStuart Henderson
with INSIST(! dns_rdataset_isassociated(sigrdataset))). ok jakob@
2011-09-21fix an |= that should have been !=Jonathan Gray
this could cause a log message to trigger when it shouldn't have reported to isc (RT #24053) and now included in current bind releases
2011-07-05fix some memset sizeofs, found by jsg. ok deraadt krwTed Unangst
2011-07-05correct memsets of key contexts which were shorter than they needed to beTheo de Raadt
due to sizeof pointer instead of sizeof of type with tedu; some quibbles spotted by miod, ok tedu miod jsg jakob -- please push this upstream
2010-12-31Add missing #includes instead of assuming that some system header pulls inPhilip Guenthe
the needed bits ok deraadt@, millert@
2010-05-02Initialise the port in nslookup.c correctly. It was initialisedStefan Sperling
to zero in interactive mode, should be 53. Second half of patch submission by Nathan Rickerby (pr 6322). ok krw
2010-04-24Fix breakage of dig's -p option introduced when support forStefan Sperling
parsing the [host]:port syntax in resolv.conf was added. Patch by Nathan Rickerby <rickerby () gmail ! com>. Prodded by jmc, OK djm krw
2010-02-20Add line breaks to the source to render an .RS display that got skipped;Ingo Schwarze
found by and unbreaking the build with mandoc(1). I will also send this patch upstream. ok jmc@
2009-08-16parse "nameserver [host]:port" syntax in /etc/resolv.confStefan Sperling
ok deraadt@
2009-07-29apply patch for https://www.isc.org/node/474 since jakob does notTheo de Raadt
appear to be around.
2009-07-27seperation -> separation; from Amarendra GodboleJason McIntyre
2009-01-14fix CVE-2009-0025: incorrect check of DSA DNSSEC signature verificationDamien Miller
"please commit" miod@
2008-11-10#if 0 a function which we have we do not use, and where the call to it is in ↵Theo de Raadt
#if 0 as well
2008-08-04Update to BIND 9.4.2-P2 and adapt our dynamic select changes. OK deraadt@Todd C. Miller
2008-08-03Don't print a warning when the random device cannot be opened ifTodd C. Miller
we have a pre-chroot random device. OK deraadt@ kettenis@
2008-08-01This log message is an excruiciating pain in the ass when it repeats 4000 ↵Bob Beck
times a second on a machine you need debug log on, and is actually used as a cacheing nameserver. remove just this one line of debug log to save people's sanity ok djm@
2008-07-16Dynamically allocate fd_sets so we are not limited to FD_SETSIZETodd C. Miller
connections. With help from djm@. OK djm@
2008-07-10retry port allocation on all errors, not just EADDRINUSE; ok jakob@Damien Miller
2008-07-09let the kernel choose the random port. code from djm@. ok markus@.Jakob Schlyter
2008-07-09reintroduce our own shuffle ID generator. ok djm@ millert@Jakob Schlyter
2008-07-09merge and resolve conflicts introduced by 9.4.2-P1Jakob Schlyter
2008-07-09remove an unused variable that is a leftover from the old alg.Reyk Floeter
ok deraadt@
2008-06-09simplify math for arc4random_uniform() suggested byDamien Miller
Jinmei_Tatuya AT isc.org via jakob@ empirically verified for entire domain of upper_bound
2008-06-04fix math screwup that reintroduced a bias for upper_bounds in rangeDamien Miller
(2^30,2^31). Nothing in the tree yet requests random numbers bounded by this range. report jakob!deraadt; ok deraadt@
2008-03-24msg_controllen has to be CMSG_SPACE so that the kernel can account forTheo de Raadt
each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len). This works now that kernel fd passing has been fixed to accept a bit of sloppiness because of this ABI repair. lots of discussion with kettenis
2008-03-19CMSG_LEN and CMSG_SPACE are not neccessarily the same size. So if youTheo de Raadt
are going to allocate/free a block of memory for the message contents, you have to calculate and track the sizes seperately. This change is just like all the other CMSG changes...
2008-03-15Repair the simple cases for msg_controllen where it should just beTheo de Raadt
CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because of alignment; ok kettenis hshoexer
2008-03-15Because the shuffle code initialisation is a specific case of shufflingDamien Miller
a set of incrementing integers (and not an arbitrary set of values) it is possible to populate the array as we shuffle it in a single forward pass. Clever optimisation from didickman AT gmail.com; ok deraadt@ mcbride@ (same change as netinet/ip_id.c)
2008-03-13Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due toTheo de Raadt
an extensive discussion with otto, kettenis, millert, and hshoexer
2008-03-02introduce a isc_random_uniform() function to return a uniformly distributedDamien Miller
number 0 < x <= upper_bound and use it to correct the last tiny bias in the shuffle initialisation feedback & ok deraadt@
2008-02-29replacement algorithm. initialize a 64K-short buffer using DurstenfeldTheo de Raadt
shuffle. Upon allocation, swap-permute the new value to a random slot in the 0..32K-1 th entry of the buffer as we move forward, ensuring randomness but also satisfying the non-repeating property we need. Inspired by Dillon's implementation for ip id. We believe this is easier to read though, initializes with less bias and wins speed tests. Thanks a lot to mcbride and djm for doing a bunch of statistical and speed analysis, and comments from nordin ok jakob djm mcbride
2008-02-24taht -> thatMarc Balmer
2008-02-24fix a type, taht -> that.Marc Balmer
2008-02-07add IPv6 root serversJakob Schlyter
2007-12-19regenJakob Schlyter
2007-12-19ref rndc-confgen(8); from Jean RabyJakob Schlyter
2007-12-13more str fixes; from chl@Jakob Schlyter
2007-12-13str fixes; from chl@Jakob Schlyter
2007-12-13str fixes; from chl@Jakob Schlyter
2007-12-09nslookup(8) moved to nslookup(1)Jakob Schlyter
2007-12-09regen from named.docbookJakob Schlyter
2007-12-09merge our command line changes to docbookJakob Schlyter
2007-12-09more strcpy fixesJakob Schlyter
2007-12-09resolve conflictsJakob Schlyter
2007-12-09regen using autoconf 2.61Jakob Schlyter