Commit Graph

299 Commits

Author SHA1 Message Date
Brian Wellington
f368466f81 Creating a NULL KEY shouldn't trigger a "no crypto" error. 2001-11-06 22:27:52 +00:00
Brian Wellington
ba45e16a66 Clean up the implementation cleanup mechanism. Also remove ->issymmetric,
since it's easier to just do it in dst_api.c.
2001-11-06 20:47:59 +00:00
Andreas Gustafsson
d8c1b06854 pullup:
memory leaks on errors
2001-11-06 20:44:26 +00:00
Andreas Gustafsson
fb17fdbd0e pullup:
cvs rdiff -r1.89 -r1.90 bind9/lib/dns/sec/dst/dst_api.c
2001-11-06 19:24:08 +00:00
Brian Wellington
2f93757751 Rework the "no crypto support" test. Rather than explicitly checking whether
built without openssl, instead return NOCRYPTO if the algorithm is not
supported but known.
2001-11-06 18:08:07 +00:00
Brian Wellington
3bc4de1f1b memory leaks on errors 2001-11-06 17:59:50 +00:00
Brian Wellington
7b5bf4bea4 a key could be freed twice in an unlikely error case. 2001-11-06 03:02:48 +00:00
Mark Andrews
c2bc56dc65 Move configuration checking to libbind9. 2001-09-20 15:17:07 +00:00
Andreas Gustafsson
b2eeaf6500 pull up part of 997.:
ISC_R_SUCCESS could be returned on failure
2001-09-15 00:37:18 +00:00
Brian Wellington
4fb42a8382 unused #defines 2001-09-15 00:27:26 +00:00
Brian Wellington
36e37042c6 997. [func] Add support for RSA-SHA1 keys. 2001-09-15 00:01:58 +00:00
cvs2git
92e662f530 This commit was manufactured by cvs2git to create branch 'v9_3'. 2001-08-30 04:33:22 +00:00
Mark Andrews
28fc90e6c8 #857 was incomplete, ISC_MAGIC was not being used everwhere it should have been.
'magic' was not being declared consistantly.
some #include <isc/magic.h> were missing from other include files.
NS_SERVER_VALID was not using ISC_MAGIC_VALID.
2001-08-28 03:58:29 +00:00
Mark Andrews
43e2ec89d8 redundate #include 2001-07-31 03:45:04 +00:00
Brian Wellington
3fcf6b956f 925. [cleanup] Remove openssl from the distribution; require that
--with-openssl be specified if DNSSEC is needed.
2001-07-10 21:40:10 +00:00
Brian Wellington
6614bac268 oops, don't return an isc_boolean_t as an isc_result_t. 2001-07-10 21:27:59 +00:00
Brian Wellington
5939aa7265 wording 2001-07-10 19:08:28 +00:00
Brian Wellington
3b31ce9da9 functions can now return DST_R_NOCRYPTO 2001-07-10 19:05:53 +00:00
Brian Wellington
28e2058c5f macro style 2001-07-10 05:12:43 +00:00
Brian Wellington
9622173ccb only create a memory pool if OPENSSL is defined. 2001-07-10 05:00:42 +00:00
Brian Wellington
4f0187f10c DST_R_NOCRYPTO 2001-07-10 04:34:36 +00:00
Brian Wellington
024550401d #if defined(OPENSSL) ==> #ifdef OPENSSL
remove unused #include <openssl/rand.h>
2001-07-10 04:01:19 +00:00
Brian Wellington
ed95ebaa42 remove references to vms_idhacks.h, since VMS doesn't seem to need it.
[RT #1432]
2001-07-05 19:06:07 +00:00
Brian Wellington
f215881bb0 removed unnecessary const [RT #1440] 2001-06-27 04:21:18 +00:00
David Lawrence
11c4f6b687 Reversed the sense of my earlier change to hmacmd5 key generation that
required good entropy only when 'param' (to dst_key_generate) was non-zero.
Since the default was always to require good entropy, that default behavior
has been restored and now a non-zero param means that pseudorandom is ok.
2001-05-31 18:34:51 +00:00
David Lawrence
719f0c0028 A trivial change (added a blank line) so I could add the comment I
*wanted* to add on the last check-in.

The second argument to hmacmd5_generate is no longer unused, it is a flag
to say whether good entropy is needed or not.  This change was approved
by Brian.  The control channel key generator needed it to be able to do
its job all on-the-fly.
2001-05-31 10:49:28 +00:00
David Lawrence
d744418e64 hmac_link.c 2001-05-31 10:47:17 +00:00
David Lawrence
25efbc557e set the permissions on a symmetric keyfile before anything is written to it,
rather than after it is closed
2001-05-31 10:45:32 +00:00
Brian Wellington
6d28d54e6f be more tolerant of blank lines 2001-05-31 00:38:07 +00:00
Brian Wellington
0716b32560 remove unnecessary const 2001-05-21 22:10:23 +00:00
Brian Wellington
177ede307a minor internal reorganization (yes, this will all become clear at some point) 2001-05-10 19:07:18 +00:00
Brian Wellington
4bd95a4965 fix a cut-and-paste-o and a warning 2001-05-10 04:50:28 +00:00
Brian Wellington
8e4da48fa7 consolidated duplicated code for filename mangling, removed sanity checks that
weren't.
2001-05-09 23:04:50 +00:00
Andreas Gustafsson
a08f7f4a6c frombuffer() was declared 'static' but defined
without 'static'
2001-05-04 17:57:33 +00:00
Brian Wellington
daad43e5a4 802. [bug] DNSSEC key tags were computed incorrectly in almost
all cases. [RT #1146]
2001-04-04 02:02:58 +00:00
Brian Wellington
45e22378fc dns_name_tofilenametext() now downcases the name, which means the callers
don't need to.
2001-03-27 23:43:15 +00:00
Brian Wellington
7d7215baf8 Add dns_name_tofilenametext(), and use it in the dnssec tools. 2001-03-27 22:57:48 +00:00
Brian Wellington
27422dd5db typo [RT #1094] 2001-03-21 20:45:55 +00:00
Brian Wellington
b3eac7c50c #include <config.h> 2001-03-04 18:38:13 +00:00
Brian Wellington
2cb74c5bc5 741. [port] Support openssl-engine. [RT #709] 2001-02-14 20:57:15 +00:00
Brian Wellington
3d60fe9baf 740. [port] Handle openssl library mismatches slightly better. 2001-02-14 20:26:48 +00:00
Brian Wellington
b3936096b8 fix get_key_struct() definition 2001-01-27 04:33:18 +00:00
Brian Wellington
46c3b3f6e1 isc_uint16_t -> dns_keytag_t in many places; dns_keytable_findkeynode
was casting incorrectly. [RT #664]
2001-01-24 02:23:02 +00:00
Brian Wellington
0f537d1c63 + 708. [bug] When building with --with-openssl, the openssl headers
+                       included should not be used. [RT #702]
+
2001-01-24 01:34:14 +00:00
Brian Wellington
6ec4990544 copyright update 2001-01-18 02:00:59 +00:00
Brian Wellington
5d0cca62ee Renamed keyid.c to key.c, and moved in a bunch of other functions that don't
depend on crypto.
2001-01-17 01:08:08 +00:00
Brian Wellington
d7483d67f7 Move dst_region_computeid into a new file dst/keyid.c, so that all of the
dnssec code doesn't need to be linked in by using rdata routines.
2001-01-17 00:33:37 +00:00
Brian Wellington
499b34cea0 copyright update 2001-01-09 22:01:04 +00:00
Brian Wellington
523dd6a979 669. [func] dnssec-keygen now makes the public key file
non-world-readable for symmetric keys. [RT #403]
2001-01-09 00:53:06 +00:00
Andreas Gustafsson
8998ed8481 added UNUSED() macro 2000-12-18 21:09:42 +00:00