ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
12,227 Commits 589 Branches 805 Tags
3ad4e307b64bcf8baa984e10a4e7549dbeaea31d
Commit Graph

225 Commits

Author SHA1 Message Date
Mark Andrews
beb5c413b5 Replace sparse switch with if-else 
Style
Add warning comments on known sparce switches.
 2004-02-01 23:56:19 +00:00
Mark Andrews
9e09ddba95 add sig0 comment 2003-09-30 06:18:11 +00:00
Mark Andrews
93d6dfaf66 1516. [func] Roll the DNSSEC types to RRSIG, NSEC and DNSKEY. 2003-09-30 06:00:40 +00:00
Mark Andrews
5eb91bd90e silence compiler warnings (HPUX/11i) 2003-07-25 00:01:16 +00:00
Mark Andrews
cc6271e46c 1494. [security] Turn on RSA BLINDING as a precaution. 2003-07-24 06:08:20 +00:00
Mark Andrews
a9bdaa1772 engine pointer not set to NULL on free. 2003-02-18 06:25:11 +00:00
Mark Andrews
81aea2f2d3 undo wrong branch 2002-12-13 02:51:41 +00:00
Mark Andrews
0020640ff6 checkpoint 2002-12-13 02:37:35 +00:00
Michael Graff
972cbaa79e merge rt3598 (code by marka, pullup by me) 2002-11-12 22:22:32 +00:00
Mark Andrews
2ffb3eb384 1395. [port] OpenSSL 0.9.7 defines CRYPTO_LOCK_ENGINE but doesn't 
have a working implementation.  [RT #4079]
 2002-10-31 04:35:02 +00:00
Mark Andrews
9b7c023fe6 1218. [bug] The CINCLUDES macro in lib/dns/sec/dst/Makefile 
could be left with a trailing "\" after configure
                        has been run.
 2002-06-05 22:34:57 +00:00
Mark Andrews
f76c4ebaf5 1235. [func] Report 'out of memory' errors from openssl. 2002-03-19 04:30:57 +00:00
Brian Wellington
9e6286de2a add dst_key_privatefrombuffer(), which coverts a public key into a private 
key.
 2002-02-27 22:12:06 +00:00
Mark Andrews
a7038d1a05 copyrights 2002-02-20 03:35:59 +00:00
Mark Andrews
c46f10e4a1 Use as_textregion.base not as_pointer. [RT #2385] 2002-01-21 01:07:32 +00:00
Brian Wellington
3a8d4a316e openssl 0.9.6a and higher don't have the RSA locking bug that earlier versions 
did, so don't disable precomputation.  Note that while this was fixed for
RSA, other algorithms still don't do locking when performing precomputation,
and thus we still disable it.
 2002-01-15 22:09:45 +00:00
Brian Wellington
0118965e19 fix large DH key generation, hopefully for the last time. 2001-12-18 06:05:41 +00:00
Brian Wellington
1898837a5e Add the well-known 1536 bit prime from draft-ietf-dnsext-rfc2539bis-dhk-01.txt 2001-12-12 17:18:52 +00:00
Brian Wellington
9af8851b85 whitespace style 2001-12-12 17:09:39 +00:00
Brian Wellington
0cb27602e5 1160. [bug] Generating Diffie-Hellman keys longer than 1024 
bits could fail. [RT #2241]
 2001-12-12 16:43:24 +00:00
Brian Wellington
b7415ddd79 let isc_lex_destroy() close sources. 2001-11-30 18:26:46 +00:00
Brian Wellington
2e4bec457d Before signing with a key, make sure that it's not the public-only part. 
A sane crypto toolkit would catch this and return an error, but openssl
unceremoniously seg faults.
 2001-11-30 02:11:04 +00:00
Andreas Gustafsson
1f1d36a87b Check return values or cast them to (void), as required by the coding 
standards; add exceptions to the coding standards for cases where this is
not desirable
 2001-11-30 01:59:49 +00:00
Brian Wellington
3638017bd3 1143. [bug] When a trusted-keys statement was present and named 
was built without crypto support, it would leak memory.
 2001-11-28 02:35:02 +00:00
Andreas Gustafsson
91cd0f93ad sizeof style 2001-11-27 01:56:32 +00:00
Andreas Gustafsson
4f30395c97 Suppress compiler warnings about empty translation units 2001-11-20 21:28:41 +00:00
Danny Mayer
e61793f086 Added LIB*_EXTERNAL_DATA Macros necessary to make lib extern variables globally visible in Win32 2001-11-19 03:08:44 +00:00
Brian Wellington
bcf53cf8d0 Move the memory allocation wrappers into openssl_link.c, since they're 
openssl specific.
 2001-11-07 23:03:54 +00:00
Brian Wellington
51e66e5dee missing static 2001-11-06 23:10:34 +00:00
Brian Wellington
88d64279bb if the function table entry already exists when _init() is called, don't 
overwrite it.
 2001-11-06 22:51:00 +00:00
Brian Wellington
f368466f81 Creating a NULL KEY shouldn't trigger a "no crypto" error. 2001-11-06 22:27:52 +00:00
Brian Wellington
ba45e16a66 Clean up the implementation cleanup mechanism. Also remove ->issymmetric, 
since it's easier to just do it in dst_api.c.
 2001-11-06 20:47:59 +00:00
Brian Wellington
2f93757751 Rework the "no crypto support" test. Rather than explicitly checking whether 
built without openssl, instead return NOCRYPTO if the algorithm is not
supported but known.
 2001-11-06 18:08:07 +00:00
Brian Wellington
3bc4de1f1b memory leaks on errors 2001-11-06 17:59:50 +00:00
Brian Wellington
7b5bf4bea4 a key could be freed twice in an unlikely error case. 2001-11-06 03:02:48 +00:00
Mark Andrews
c2bc56dc65 Move configuration checking to libbind9. 2001-09-20 15:17:07 +00:00
Brian Wellington
4fb42a8382 unused #defines 2001-09-15 00:27:26 +00:00
Brian Wellington
36e37042c6 997. [func] Add support for RSA-SHA1 keys. 2001-09-15 00:01:58 +00:00
Mark Andrews
28fc90e6c8 #857 was incomplete, ISC_MAGIC was not being used everwhere it should have been. 
'magic' was not being declared consistantly.
some #include <isc/magic.h> were missing from other include files.
NS_SERVER_VALID was not using ISC_MAGIC_VALID.
 2001-08-28 03:58:29 +00:00
Mark Andrews
43e2ec89d8 redundate #include 2001-07-31 03:45:04 +00:00
Brian Wellington
3fcf6b956f 925. [cleanup] Remove openssl from the distribution; require that 
--with-openssl be specified if DNSSEC is needed.
 2001-07-10 21:40:10 +00:00
Brian Wellington
6614bac268 oops, don't return an isc_boolean_t as an isc_result_t. 2001-07-10 21:27:59 +00:00
Brian Wellington
5939aa7265 wording 2001-07-10 19:08:28 +00:00
Brian Wellington
3b31ce9da9 functions can now return DST_R_NOCRYPTO 2001-07-10 19:05:53 +00:00
Brian Wellington
28e2058c5f macro style 2001-07-10 05:12:43 +00:00
Brian Wellington
9622173ccb only create a memory pool if OPENSSL is defined. 2001-07-10 05:00:42 +00:00
Brian Wellington
4f0187f10c DST_R_NOCRYPTO 2001-07-10 04:34:36 +00:00
Brian Wellington
024550401d #if defined(OPENSSL) ==> #ifdef OPENSSL 
remove unused #include <openssl/rand.h>
 2001-07-10 04:01:19 +00:00
Brian Wellington
f215881bb0 removed unnecessary const [RT #1440] 2001-06-27 04:21:18 +00:00
David Lawrence
11c4f6b687 Reversed the sense of my earlier change to hmacmd5 key generation that 
required good entropy only when 'param' (to dst_key_generate) was non-zero.
Since the default was always to require good entropy, that default behavior
has been restored and now a non-zero param means that pseudorandom is ok.
 2001-05-31 18:34:51 +00:00