ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
27,425 Commits 589 Branches 805 Tags
5dd1beec8eb73690ade0da70144e1d64693aac18
Commit Graph

3207 Commits

Author SHA1 Message Date
Mark Andrews
5dd1beec8e mempool didn't work for sizes less than sizeof(void*) 2018-08-14 03:47:14 -04:00
Ondřej Surý
ebf3083e08 Make ENOBUFS a soft error 2018-08-13 18:51:10 +02:00
Mathieu Arnold
4c06eb20cc Don't try to install removed int.h and boolean.h headers 2018-08-13 15:30:36 +02:00
Ondřej Surý
c5040e5c9e Add @OPENSSL_LIB@ to Windows project files as needed 2018-08-10 16:45:00 +02:00
Ondřej Surý
7351c505a0 Remove duplicate config.h 2018-08-08 09:37:30 +02:00
Ondřej Surý
994e656977 Replace custom isc_boolean_t with C standard bool type 2018-08-08 09:37:30 +02:00
Ondřej Surý
cb6a185c69 Replace custom isc_u?intNN_t types with C99 u?intNN_t types 2018-08-08 09:37:28 +02:00
Ondřej Surý
055278c936 Get rid of extra UINT64_MAX definition in lib/isc/win32/time.c 2018-08-08 09:36:44 +02:00
Ondřej Surý
64fe6bbaf2 Replace ISC_PRINT_QUADFORMAT with inttypes.h format constants 2018-08-08 09:36:44 +02:00
Mark Andrews
83a1e87dd2 remove dead code 2018-08-02 18:57:30 -04:00
Ondřej Surý
20faf4652a Change isc_buffer_reallocate() into a static functions as it is not used outside of isc_buffer_reserve() 2018-07-31 22:00:30 +02:00
Ondřej Surý
7785f644c3 Remove illogical condition from isc_buffer_reallocate that would return ISC_R_NOSPACE when requested size is less than available size 2018-07-31 22:00:30 +02:00
Ondřej Surý
519bfe4c97 Forbid isc_buffer_printf from growing the buffer unless auto reallocation is enabled 2018-07-31 22:00:30 +02:00
Mark Andrews
7671aba67d look for LIBRESSL_VERSION_NUMBER as well 2018-07-24 18:22:29 +10:00
Ondřej Surý
71877806e8 Fix ax_check_openssl to accept yes and improve it to modern autotools standard 2018-07-23 22:10:52 +02:00
Ondřej Surý
083461d332 Fix the isc_safe_memwipe() usage with (NULL, >0) 2018-07-20 10:08:24 -04:00
Ondřej Surý
b105ccee68 Remove isc_safe_memcompare, it's not needed anywhere and can't be replaced with CRYPTO_memcmp() 2018-07-20 10:06:14 -04:00
Ondřej Surý
66ba2fdad5 Replace isc_safe routines with their OpenSSL counter parts 2018-07-20 00:34:26 -04:00
Mark Andrews
4c3386ad95 remove lib/isc/print.c and lib/isc/tests/print_test.c 2018-07-19 23:24:28 -04:00
Ondřej Surý
83cde08522 Introduce USE_OPENSSL define to Windows build, remove CRYPTO and AES conditions. 2018-07-19 16:54:53 -04:00
Ondřej Surý
08974f39f1 Fix the Windows build 2018-07-19 14:00:40 -04:00
Ondřej Surý
fc496b2b5d Fix DH and ECDSA algorithms in PKCS#11 build 2018-07-19 14:00:40 -04:00
Ondřej Surý
c3b8130fe8 Make OpenSSL mandatory 2018-07-19 12:47:03 -04:00
Tinderbox User
b65d19f9fd prep 9.13.2 2018-07-03 07:40:29 +00:00
Witold Kręcicki
49f90025a0 Use completely static-sized buffers 2018-06-26 17:41:18 +02:00
Witold Kręcicki
d79be7dd5e Fix socket cmsg buffer usage 2018-06-26 17:41:18 +02:00
Evan Hunt
ad94787cca prepare 9.13.1 release 2018-06-21 12:31:33 +02:00
Ondřej Surý
45bee4d3c3 Cleanup cmocka related whitespace 2018-06-21 12:20:07 +02:00
Ondřej Surý
52731c000d Add support for cmocka assert testing by overriding REQUIRE/INSIST/... macros when UNIT_TESTING is defined 2018-06-20 06:30:07 -04:00
Ondřej Surý
07910f0153 Integrate cmocka unit testing framework to kyua 2018-06-20 06:30:07 -04:00
Ondřej Surý
8ee23a47e8 Add better EMPTY_TRANSLATION_UNIT to isc/util.h 2018-06-14 17:58:03 -04:00
Ondřej Surý
38060959c7 Put proper guards in openssl_shim.{c,h} when compiling with PKCS#11 2018-06-14 17:58:03 -04:00
Ondřej Surý
de23b20ccf Update copyrights and whitespace 2018-06-13 14:19:07 +02:00
Ondřej Surý
302c6cbe7f Add thin openssl shim for OpenSSL 1.1.x and LibreSSL compatibility functions 2018-06-13 14:19:07 +02:00
Ondřej Surý
013a49474c fix whitespaces 2018-06-06 14:37:22 +02:00
Ondřej Surý
b4aa7a9d7e Remove entropy.h from Makefile.in 2018-06-06 14:36:33 +02:00
Ondřej Surý
edcdfe9619 Disable the random_test from the regular kyua run, we are either using cryptolib PRNG or non-CS PRNG 2018-06-05 22:49:14 +02:00
Ondřej Surý
27593e65dc Remove support for obsoleted ECC-GOST (GOST R 34.11-94) algorithm 2018-06-05 09:14:14 +02:00
Ondřej Surý
4f6d6919ab Remove thread_local macro from win32 platform.h 2018-05-30 23:03:22 +02:00
Ondřej Surý
29be9cddaf Uninline isc_nonce_buf 2018-05-30 22:43:39 +02:00
Ondřej Surý
e50210c695 Add isc_entropy_get to libisc.def.in 2018-05-30 22:34:57 +02:00
Ondřej Surý
ed3389a72c Remove return from void function 2018-05-30 22:14:38 +02:00
Ondřej Surý
eb242959cb Add nonce.{c,h} and entropy.c to libisc.vcxproj.* 2018-05-30 22:07:51 +02:00
Ondřej Surý
05d7aa5734 Fix various build failures on Windows (Courtesy of rockerinthelocker) 2018-05-30 15:09:55 +02:00
Ondřej Surý
430e8d6858 Change the _LOCK macro on Windows and the variable initialization to be more VC compatible 2018-05-30 07:28:19 +02:00
Ondřej Surý
12bdee3aa7 Turn the _LOCK/_UNLOCK in xoshiro128** to no-op for non-threaded builds 2018-05-30 06:37:51 +02:00
Ondřej Surý
28e0b2c4c4 Use isc int types to be able to build with old VS 2018-05-30 06:26:05 +02:00
Evan Hunt
3abb2db9e8 fix missing config.h and win32 symbols 2018-05-29 18:39:56 -07:00
Ondřej Surý
ce71d94434 Make the xoshiro128plusplus thread-safe 2018-05-29 22:58:49 +02:00
Ondřej Surý
99ba29bc52 Change isc_random() to be just PRNG, and add isc_nonce_buf() that uses CSPRNG 
This commit reverts the previous change to use system provided
entropy, as (SYS_)getrandom is very slow on Linux because it is
a syscall.

The change introduced in this commit adds a new call isc_nonce_buf
that uses CSPRNG from cryptographic library provider to generate
secure data that can be and must be used for generating nonces.
Example usage would be DNS cookies.

The isc_random() API has been changed to use fast PRNG that is not
cryptographically secure, but runs entirely in user space.  Two
contestants have been considered xoroshiro family of the functions
by Villa&Blackman and PCG by O'Neill.  After a consideration the
xoshiro128starstar function has been used as uint32_t random number
provider because it is very fast and has good enough properties
for our usage pattern.

The other change introduced in the commit is the more extensive usage
of isc_random_uniform in places where the usage pattern was
isc_random() % n to prevent modulo bias.  For usage patterns where
only 16 or 8 bits are needed (DNS Message ID), the isc_random()
functions has been renamed to isc_random32(), and isc_random16() and
isc_random8() functions have been introduced by &-ing the
isc_random32() output with 0xffff and 0xff.  Please note that the
functions that uses stripped down bit count doesn't pass our
NIST SP 800-22 based random test.
 2018-05-29 22:58:21 +02:00