1. 04 Nov, 2019 1 commit
    • Ondřej Surý's avatar
      named: remove named_g_defaultdnstap global variable · 6decd145
      Ondřej Surý authored
      The named_g_defaultdnstap was never used as the dnstap requires
      explicit configuration of the output file.
      
      Related scan-build report:
      
      ./server.c:3476:14: warning: Value stored to 'dpath' during its initialization is never read
              const char *dpath = named_g_defaultdnstap;
                          ^~~~~   ~~~~~~~~~~~~~~~~~~~~~
      1 warning generated.
      6decd145
  2. 04 Jul, 2019 1 commit
  3. 27 Jun, 2019 1 commit
  4. 06 Feb, 2019 2 commits
  5. 08 Aug, 2018 1 commit
  6. 19 Jul, 2018 1 commit
  7. 16 May, 2018 1 commit
    • Ondřej Surý's avatar
      Replace all random functions with isc_random, isc_random_buf and isc_random_uniform API. · 3a4f820d
      Ondřej Surý authored
      The three functions has been modeled after the arc4random family of
      functions, and they will always return random bytes.
      
      The isc_random family of functions internally use these CSPRNG (if available):
      
      1. getrandom() libc call (might be available on Linux and Solaris)
      2. SYS_getrandom syscall (might be available on Linux, detected at runtime)
      3. arc4random(), arc4random_buf() and arc4random_uniform() (available on BSDs and Mac OS X)
      4. crypto library function:
      4a. RAND_bytes in case OpenSSL
      4b. pkcs_C_GenerateRandom() in case PKCS#11 library
      3a4f820d
  8. 23 Feb, 2018 1 commit
  9. 08 Sep, 2017 1 commit
    • Evan Hunt's avatar
      [master] add libns and remove liblwres · 8eb88aaf
      Evan Hunt authored
      4708.   [cleanup]       Legacy Windows builds (i.e. for XP and earlier)
                              are no longer supported. [RT #45186]
      
      4707.	[func]		The lightweight resolver daemon and library (lwresd
      			and liblwres) have been removed. [RT #45186]
      
      4706.	[func]		Code implementing name server query processing has
      			been moved from bin/named to a new library "libns".
      			Functions remaining in bin/named are now prefixed
      			with "named_" rather than "ns_".  This will make it
      			easier to write unit tests for name server code, or
      			link name server functionality into new tools.
      			[RT #45186]
      8eb88aaf
  10. 05 Jan, 2017 1 commit
  11. 04 Jan, 2017 1 commit
    • Evan Hunt's avatar
      [master] EDNS padding and keepalive support · 58043325
      Evan Hunt authored
      4549.	[func]		Added support for the EDNS TCP Keepalive option
      			(RFC 7828). [RT #42126]
      
      4548.	[func]		Added support for the EDNS Padding option (RFC 7830).
      			[RT #42094]
      58043325
  12. 04 Dec, 2016 1 commit
  13. 22 Jul, 2016 1 commit
  14. 11 Jul, 2016 1 commit
  15. 27 Jun, 2016 1 commit
  16. 05 May, 2016 2 commits
  17. 02 Oct, 2015 1 commit
    • Evan Hunt's avatar
      [master] dnstap · b66b333f
      Evan Hunt authored
      4235.	[func]		Added support in named for "dnstap", a fast method of
      			capturing and logging DNS traffic, and a new command
      			"dnstap-read" to read a dnstap log file.  Use
      			"configure --enable-dnstap" to enable this
      			feature (note that this requires libprotobuf-c
      			and libfstrm). See the ARM for configuration details.
      
      			Thanks to Robert Edmonds of Farsight Security.
      			[RT #40211]
      b66b333f
  18. 03 Mar, 2015 1 commit
    • Evan Hunt's avatar
      [master] add "lock-file" and fix up singleton code · 7ae96d88
      Evan Hunt authored
      4080.	[func]		Completed change #4022, adding a "lock-file" option
      			to named.conf to override the default lock file,
      			in addition to the "named -X <filename>" command
      			line option.  Setting the lock file to "none"
      			using either method disables the check completely.
      			[RT #37908]
      7ae96d88
  19. 06 Feb, 2015 1 commit
    • Evan Hunt's avatar
      [master] 5011 tests and fixes · 591389c7
      Evan Hunt authored
      4056.	[bug]		Expanded automatic testing of trust anchor
      			management and fixed several small bugs including
      			a memory leak and a possible loss of key state
      			information. [RT #38458]
      
      4055.	[func]		"rndc managed-keys" can be used to check status
      			of trust anchors or to force keys to be refreshed,
      			Also, the managed keys data file has easier-to-read
      			comments.  [RT #38458]
      591389c7
  20. 07 Jan, 2015 2 commits
  21. 18 Dec, 2014 1 commit
    • Mukund Sivaraman's avatar
      Make named a singleton process [RT#37908] · 47d837a4
      Mukund Sivaraman authored
      Conflicts:
      	bin/tests/system/conf.sh.in
      	lib/dns/win32/libdns.def.in
      	lib/isc/win32/file.c
      
      The merge also needed to update files in legacy and tcp system tests
      (newly introduced in master after branch was created) to introduce use
      of lockfile.
      47d837a4
  22. 03 Dec, 2014 1 commit
  23. 02 Oct, 2014 1 commit
  24. 30 Apr, 2014 1 commit
    • Evan Hunt's avatar
      [master] named -L option for default logfile · 44613d4d
      Evan Hunt authored
      3832.	[func]		"named -L <filename>" causes named to send log
      			messages to the specified file by default instead
      			of to the system log. (Thanks to Tony Finch.)
      			[RT #35845]
      44613d4d
  25. 16 Jan, 2014 1 commit
  26. 14 Jan, 2014 1 commit
    • Evan Hunt's avatar
      [master] native PKCS#11 support · ba751492
      Evan Hunt authored
      3705.	[func]		"configure --enable-native-pkcs11" enables BIND
      			to use the PKCS#11 API for all cryptographic
      			functions, so that it can drive a hardware service
      			module directly without the need to use a modified
      			OpenSSL as intermediary (so long as the HSM's vendor
      			provides a complete-enough implementation of the
      			PKCS#11 interface). This has been tested successfully
      			with the Thales nShield HSM and with SoftHSMv2 from
      			the OpenDNSSEC project. [RT #29031]
      ba751492
  27. 04 Dec, 2013 1 commit
  28. 03 May, 2013 1 commit
  29. 22 Mar, 2013 1 commit
    • Evan Hunt's avatar
      [master] add DSCP support · 67adc03e
      Evan Hunt authored
      3535.	[func]		Add support for setting Differentiated Services Code
      			Point (DSCP) values in named.  Most configuration
      			options which take a "port" option (e.g.,
      			listen-on, forwarders, also-notify, masters,
      			notify-source, etc) can now also take a "dscp"
      			option specifying a code point for use with
      			outgoing traffic, if supported by the underlying
      			OS. [RT #27596]
      67adc03e
  30. 01 Mar, 2013 2 commits
  31. 28 Feb, 2013 1 commit
    • Evan Hunt's avatar
      [master] add geoip support · 501941f0
      Evan Hunt authored
      3504.	[func]		Add support for ACLs based on geographic location,
      			using MaxMind GeoIP databases. Based on code
      			contributed by Ken Brownfield <kb@slide.com>.
      			[RT #30681]
      501941f0
  32. 10 Jan, 2013 1 commit
  33. 05 Jan, 2013 2 commits
  34. 22 Oct, 2012 1 commit
  35. 15 Oct, 2012 1 commit