1. 11 Aug, 2010 1 commit
    • Evan Hunt's avatar
      2936. [func] Improved configuration syntax and multiple-view · cfd26204
      Evan Hunt authored
      			support for addzone/delzone feature (see change
      			#2930).  Removed "new-zone-file" option, replaced
      			with "allow-new-zones (yes|no)".  The new-zone-file
      			for each view is now created automatically, with
      			a filename generated from a hash of the view name.
      			It is no longer necessary to "include" the
      			new-zone-file in named.conf; this happens
      			automatically.  Zones that were not added via
      			"rndc addzone" can no longer be removed with
      			"rndc delzone". [RT #19447]
      cfd26204
  2. 09 Jul, 2010 1 commit
    • Evan Hunt's avatar
      2929. [bug] Improved handling of GSS security contexts: · bf9b852c
      Evan Hunt authored
      			 - added LRU expiration for generated TSIGs
      			 - added the ability to use a non-default realm
                               - added new "realm" keyword in nsupdate
      			 - limited lifetime of generated keys to 1 hour
      			   or the lifetime of the context (whichever is
      			   smaller)
      			[RT #19737]
      bf9b852c
  3. 25 Jun, 2010 1 commit
  4. 22 Jun, 2010 1 commit
  5. 14 May, 2010 1 commit
  6. 25 Feb, 2010 1 commit
  7. 03 Feb, 2010 1 commit
  8. 23 Jan, 2010 1 commit
  9. 07 Jan, 2010 2 commits
  10. 18 Dec, 2009 1 commit
  11. 04 Dec, 2009 2 commits
  12. 03 Dec, 2009 1 commit
  13. 28 Nov, 2009 1 commit
  14. 26 Nov, 2009 1 commit
  15. 10 Nov, 2009 1 commit
  16. 06 Nov, 2009 1 commit
  17. 05 Nov, 2009 1 commit
  18. 04 Nov, 2009 1 commit
  19. 03 Nov, 2009 1 commit
  20. 26 Oct, 2009 1 commit
  21. 22 Oct, 2009 2 commits
  22. 16 Oct, 2009 1 commit
  23. 14 Oct, 2009 1 commit
  24. 12 Oct, 2009 3 commits
  25. 10 Oct, 2009 1 commit
  26. 08 Oct, 2009 1 commit
    • Mark Andrews's avatar
      2708. [func] Insecure to secure and NSEC3 parameter changes via · 28479307
      Mark Andrews authored
                              update are now fully supported and no longer require
                              defines to enable.  We now no longer overload the
                              NSEC3PARAM flag field, nor the NSEC OPT bit at the
                              apex.  Secure to insecure changes are controlled by
                              by the named.conf option 'secure-to-insecure'.
      
                              Warning: If you had previously enabled support by
                              adding defines at compile time to BIND 9.6 you should
                              ensure that all changes that are in progress have
                              completed prior to upgrading to BIND 9.7.  BIND 9.7
                              is not backwards compatible.
      28479307
  27. 05 Oct, 2009 1 commit
  28. 03 Oct, 2009 1 commit
  29. 02 Sep, 2009 2 commits
  30. 01 Sep, 2009 1 commit
  31. 25 Aug, 2009 1 commit
  32. 27 Jul, 2009 1 commit
  33. 19 Jul, 2009 1 commit
    • Evan Hunt's avatar
      2636. [func] Simplify zone signing and key maintenance with the · 553ead32
      Evan Hunt authored
      			dnssec-* tools.  Major changes:
      			- all dnssec-* tools now take a -K option to
      			  specify a directory in which key files will be
      			  stored
      			- DNSSEC can now store metadata indicating when
      			  they are scheduled to be published, acttivated,
      			  revoked or removed; these values can be set by
      			  dnssec-keygen or overwritten by the new
      			  dnssec-settime command
      			- dnssec-signzone -S (for "smart") option reads key
      			  metadata and uses it to determine automatically
      			  which keys to publish to the zone, use for
      			  signing, revoke, or remove from the zone
      			[RT #19816]
      553ead32
  34. 14 Jul, 2009 1 commit