1. 28 Apr, 2015 1 commit
  2. 23 Apr, 2015 1 commit
  3. 17 Apr, 2015 1 commit
  4. 03 Mar, 2015 1 commit
    • Evan Hunt's avatar
      [master] add "lock-file" and fix up singleton code · 7ae96d88
      Evan Hunt authored
      4080.	[func]		Completed change #4022, adding a "lock-file" option
      			to named.conf to override the default lock file,
      			in addition to the "named -X <filename>" command
      			line option.  Setting the lock file to "none"
      			using either method disables the check completely.
      			[RT #37908]
      7ae96d88
  5. 21 Jan, 2015 2 commits
    • Evan Hunt's avatar
      [master] allow shared TCP sockets when connecting · ff62d445
      Evan Hunt authored
      4041.	[func]		TCP sockets can now be shared while connecting.
      			(This will be used to enable client-side support
      			of pipelined queries.) [RT #38231]
      ff62d445
    • Evan Hunt's avatar
      [master] add TCP pipelining support · 761d135e
      Evan Hunt authored
      4040.	[func]		Added server-side support for pipelined TCP
      			queries. TCP connections are no longer closed after
      			the first query received from a client. (The new
      			"keep-response-order" option allows clients to be
      			specified for which the old behavior will still be
      			used.) [RT #37821]
      761d135e
  6. 20 Jan, 2015 1 commit
  7. 07 Jan, 2015 3 commits
  8. 16 Dec, 2014 1 commit
  9. 02 Dec, 2014 1 commit
  10. 19 Nov, 2014 1 commit
  11. 18 Nov, 2014 1 commit
    • Evan Hunt's avatar
      [master] limit recursion depth and iterative queries · 3230429e
      Evan Hunt authored
      4006.	[security]	A flaw in delegation handling could be exploited
      			to put named into an infinite loop.  This has
      			been addressed by placing limits on the number
      			of levels of recursion named will allow (default 7),
      			and the number of iterative queries that it will
      			send (default 50) before terminating a recursive
      			query (CVE-2014-8500).
      
      			The recursion depth limit is configured via the
      			"max-recursion-depth" option.  [RT #35780]
      3230429e
  12. 30 Oct, 2014 1 commit
  13. 29 Sep, 2014 1 commit
  14. 10 Sep, 2014 1 commit
  15. 05 Sep, 2014 2 commits
  16. 04 Sep, 2014 1 commit
    • Evan Hunt's avatar
      [master] servfail cache · a8783019
      Evan Hunt authored
      3943.	[func]		SERVFAIL responses can now be cached for a
      			limited time (configured by "servfail-ttl",
      			default 10 seconds, limit 30). This can reduce
      			the frequency of retries when an authoritative
      			server is known to be failing, e.g., due to
      			ongoing DNSSEC validation problems. [RT #21347]
      a8783019
  17. 30 Aug, 2014 1 commit
  18. 29 Aug, 2014 2 commits
    • Evan Hunt's avatar
      [master] ECS authoritative support · d46855ca
      Evan Hunt authored
      3936.	[func]		Added authoritative support for the EDNS Client
      			Subnet (ECS) option.
      
      			ACLs can now include "ecs" elements which specify
      			an address or network prefix; if an ECS option is
      			included in a DNS query, then the address encoded
      			in the option will be matched against "ecs" ACL
      			elements.
      
      			Also, if an ECS address is included in a query,
      			then it will be used instead of the client source
      			address when matching "geoip" ACL elements.  This
      			behavior can be overridden with "geoip-use-ecs no;".
      
      			When "ecs" or "geoip" ACL elements are used to
      			select a view for a query, the response will include
      			an ECS option to indicate which client network the
      			answer is valid for.
      
      			(Thanks to Vincent Bernat.) [RT #36781]
      d46855ca
    • Evan Hunt's avatar
      [master] fix geoip asnum matching · 180319f5
      Evan Hunt authored
      3935.	[bug]		"geoip asnum" ACL elements would not match unless
      			the full organization name was specified.  They
      			can now match against the AS number alone (e.g.,
      			AS1234). [RT #36945]
      180319f5
  19. 26 Aug, 2014 1 commit
  20. 25 Aug, 2014 1 commit
  21. 15 Aug, 2014 1 commit
  22. 06 Aug, 2014 2 commits
  23. 03 Aug, 2014 1 commit
  24. 22 Jul, 2014 1 commit
  25. 18 Jun, 2014 1 commit
    • Evan Hunt's avatar
      [master] complete NTA work · b8a96323
      Evan Hunt authored
      3882.	[func]		By default, negative trust anchors will be tested
      			periodically to see whether data below them can be
      			validated, and if so, they will be allowed to
      			expire early. The "rndc nta -force" option
      			overrides this behvaior.  The default NTA lifetime
      			and the recheck frequency can be configured by the
      			"nta-lifetime" and "nta-recheck" options. [RT #36146]
      b8a96323
  26. 16 May, 2014 1 commit
  27. 01 May, 2014 1 commit
  28. 18 Apr, 2014 1 commit
    • Evan Hunt's avatar
      [master] masterfile-style · ec3b2165
      Evan Hunt authored
      3814.	[func]		The "masterfile-style" zone option controls the
      			formatting of dumped zone files. Options are
      			"relative" (multiline format) and "full" (one
      			record per line). The default is "relative".
      			[RT #20798]
      ec3b2165
  29. 17 Apr, 2014 1 commit
    • Evan Hunt's avatar
      [master] serial-update-method date; · 7318bbc2
      Evan Hunt authored
      3811.	[func]		"serial-update-method date;" sets serial number
      			on dynamic update to today's date in YYYYMMDDNN
      			format. (Thanks to Bradley Forschinger.) [RT #24903]
      7318bbc2
  30. 04 Apr, 2014 2 commits
  31. 13 Mar, 2014 1 commit
  32. 07 Mar, 2014 2 commits