Ondřej Surý
12a266211e
Turn (int & flag) into (int & flag) != 0 when implicitly typed to bool
...
(cherry picked from commit b2b43fd235 )
(cherry picked from commit fcd1569e2b )
2018-11-08 22:02:58 +07:00
Mark Andrews
36a0bf14e9
free key on error
...
(cherry picked from commit 607c2d7441 )
2018-10-24 11:57:57 +11:00
Ondřej Surý
1084b40b44
Replace custom isc_boolean_t with C standard bool type
...
(cherry picked from commit 994e656977 )
(cherry picked from commit 884929400c )
2018-08-10 15:20:57 +02:00
Ondřej Surý
aaa76dc654
Replace custom isc_u?intNN_t types with C99 u?intNN_t types
...
(cherry picked from commit cb6a185c69 )
(cherry picked from commit d61e6a3111 )
2018-08-10 15:20:57 +02:00
Ondřej Surý
188526f41c
Remove $Id markers, Principal Author and Reviewed tags from the full source tree
...
(cherry picked from commit 55a10b7acd )
2018-05-11 14:25:15 +02:00
Evan Hunt
09cf48603a
update file headers
2018-03-15 18:38:48 -07:00
Evan Hunt
8b205089b7
update file headers to remove copyright years
2018-03-14 16:40:20 -07:00
Mark Andrews
ca60688cb1
use %u instead of %d
2018-02-16 14:29:27 +11:00
Mark Andrews
ad1317338a
4748. [cleanup] Sprintf to snprintf coversions. [RT #46132 ]
...
(cherry picked from commit a009d03a1a )
2017-10-03 14:55:33 +11:00
Mukund Sivaraman
b5252fcde5
Don't use memset() to wipe memory ( #45947 )
...
(cherry picked from commit d5707676e4 )
2017-09-19 17:00:37 +05:30
Tinderbox User
bc6f4c1c4c
update copyright notice / whitespace
2017-08-01 23:47:30 +00:00
Francis Dupont
78608b0a45
Added Ed25519 support ( #44696 )
2017-07-31 15:45:32 +02:00
Mark Andrews
e51ba26500
4461. [bug] win32: not all external data was properly marked
...
as external data for windows dll. [RT #43161 ]
(cherry picked from commit 8eceb0bffe )
2016-09-07 14:14:40 +10:00
Mark Andrews
c40906dfad
4450. [port] Provide more nuanced HSM support which better matches
...
the specific PKCS11 providers capabilities. [RT #42458 ]
(cherry picked from commit 8ee6f289d8 )
2016-08-19 08:05:47 +10:00
Mark Andrews
0c27b3fe77
4401. [misc] Change LICENSE to MPL 2.0.
2016-06-27 14:56:38 +10:00
Francis Dupont
2a8aa10492
Merged rt42505 (misc DNSSEC bugs)
2016-06-01 09:18:49 +02:00
Evan Hunt
7f7eb969f5
[master] print syncpublish and syncdelete in key file comments
2016-01-25 08:03:07 -08:00
Tinderbox User
feb1ccdaf1
update copyright notice / whitespace
2016-01-05 23:45:26 +00:00
Evan Hunt
c8b968f414
[master] fix use after free on xfr timeout
...
4289. [bug] The server could crash due to memory being used
after it was freed if a zone transfer timed out.
[RT #41297 ]
2016-01-04 22:05:23 -08:00
Tinderbox User
431e5c81db
update copyright notice / whitespace
2015-05-28 23:45:24 +00:00
Mark Andrews
e53e202ef3
4128. [bug] Address issues raised by Coverity 7.6. [RT #39537 ]
2015-05-28 13:17:07 +10:00
Mukund Sivaraman
aa232396ee
[24702] Include key filename in logged message
...
Squashed commit of the following:
commit 593e6bc7e29938ff5c2f7508bde303fb069a97a9
Author: Mukund Sivaraman <muks@isc.org >
Date: Tue Jun 10 19:17:40 2014 +0530
Increase size of filename buffers
commit b8685678e026ba98b8833e26664193b6345eb00e
Author: Evan Hunt <each@isc.org >
Date: Wed Jun 4 18:57:44 2014 -0700
[rt24702] some tweaks during review
commit adfbc8f808716c63e9e097d92beef104527e5c6f
Author: Mukund Sivaraman <muks@isc.org >
Date: Wed Jun 4 18:18:35 2014 +0530
[24702] Include key filename in logged message
commit f1eff77e7e3704b145c3d65101a735467dd81dc3
Author: Mukund Sivaraman <muks@isc.org >
Date: Wed Jun 4 18:12:43 2014 +0530
Add dst_key_getfilename()
2014-06-10 19:18:34 +05:30
Evan Hunt
0cfb247368
[master] rndc nta
...
3867. [func] "rndc nta" can now be used to set a temporary
negative trust anchor, which disables DNSSEC
validation below a specified name for a specified
period of time (not exceeding 24 hours). This
can be used when validation for a domain is known
to be failing due to a configuration error on
the part of the domain owner rather than a
spoofing attack. [RT #29358 ]
2014-05-29 22:22:53 -07:00
Evan Hunt
acbb301e64
[master] better error output when initializing pkcs11
...
3786. [func] Provide more detailed error codes when using
native PKCS#11. "pkcs11-tokens" now fails robustly
rather than asserting when run against an HSM with
an incomplete PCKS#11 API implementation. [RT #35479 ]
2014-03-12 20:52:01 -07:00
Francis Dupont
1893156781
fix GSSAPI with native PKCS#11 typo [ #35207 ]
2014-01-17 14:32:12 +01:00
Mark Andrews
e20788e121
update copyrights
2014-01-16 15:19:24 +11:00
Evan Hunt
ba751492fc
[master] native PKCS#11 support
...
3705. [func] "configure --enable-native-pkcs11" enables BIND
to use the PKCS#11 API for all cryptographic
functions, so that it can drive a hardware service
module directly without the need to use a modified
OpenSSL as intermediary (so long as the HSM's vendor
provides a complete-enough implementation of the
PKCS#11 interface). This has been tested successfully
with the Thales nShield HSM and with SoftHSMv2 from
the OpenDNSSEC project. [RT #29031 ]
2014-01-14 15:40:56 -08:00
Mark Andrews
0c91911b4d
3642. [func] Allow externally generated DNSKEY to be imported
...
into the DNSKEY management framework. A new tool
dnssec-importkey is used to this. [RT #34698 ]
2013-09-04 13:53:02 +10:00
Mark Andrews
7ace327795
3632. [bug] Signature from newly inactive keys were not being
...
removed. [RT #32178 ]
2013-08-15 10:48:05 +10:00
Evan Hunt
b99bfa184b
[master] unify internal and export libraries
...
3550. [func] Unified the internal and export versions of the
BIND libraries, allowing external clients to use
the same libraries as BIND. [RT #33131 ]
2013-04-10 13:49:57 -07:00
Evan Hunt
df925e6c66
[master] add zone memory context pools
...
3492. [bug] Fixed a regression in zone loading performance
due to lock contention. [RT #30399 ]
2013-02-20 21:39:05 -08:00
Tinderbox User
32dc577940
update copyright notice
2013-02-16 23:46:02 +00:00
Evan Hunt
0b8bd3a4ae
[master] address TKEY bugs
...
3486. [bug] named could crash when using TKEY-negotiated keys
that had been deleted and then recreated. [RT #32506 ]
commit 6a48b9999766d26cddc7cef275cd984b7d53c014
Author: Evan Hunt <each@isc.org >
Date: Tue Jan 29 14:59:46 2013 -0800
[rt32506] don't dump key if dump is unimplemented
commit d0ae0f44b460bab2e8bb24bba683d3ef69ec1765
Author: Evan Hunt <each@isc.org >
Date: Tue Jan 29 14:42:25 2013 -0800
[rt32506] make sure LRU needs adjusting before adjusting it
commit 0437f8f06b1cb72a6d5e3c30f27febca23846d95
Author: Evan Hunt <each@isc.org >
Date: Tue Jan 29 12:28:28 2013 -0800
[rt32506] demonstrate bugs in tkey test
2013-02-15 10:19:50 -08:00
Mark Andrews
fcc04c160f
3440. [bug] Reorder get_key_struct to not trigger a assertion when
...
cleaning up due to out of memory error. [RT #32131 ]
2012-12-13 11:18:01 +11:00
Evan Hunt
0e37e9e3d7
[master] silence noisy OpenSSL logging
...
3402. [bug] Correct interface numbers for IPv4 and IPv6 interfaces.
2012-10-24 12:58:16 -07:00
Evan Hunt
47c5b8af92
[master] silence coverity warnings
...
3401. [bug] Addressed Coverity warnings. [RT #31484 ]
2012-10-23 22:04:06 -07:00
Mark Andrews
058e44186b
3387. [func] Support for a DS digest can be disabled at
...
runtime with disable-ds-digests. [RT #21581 ]
2012-10-03 12:38:43 +10:00
ckb
c514f38c80
Conflicts:
...
lib/dns/dst_parse.c
lib/isc/win32/file.c
2012-07-05 16:07:31 -05:00
Mark Andrews
7865ea9545
3339. [func] Allow the maximum supported rsa exponent size to be specified: "max-rsa-exponent-size <value>;" [RT #29228 ]
2012-06-14 15:44:20 +10:00
Tinderbox User
99d8f5a704
update copyright notice
2012-05-02 23:45:44 +00:00
Mark Andrews
89bbdd1f69
Use '==' not '=' in conditional test when not using openssl.
2012-05-03 09:29:32 +10:00
Mark Andrews
aaaf8d4f48
3317. [func] Add ECDSA support (RFC 6605). [RT #21918 ]
2012-05-02 23:20:17 +10:00
Mark Andrews
1946c596b4
3174. [bug] Always compute to revoked key tag from scratch.
...
[RT #24711 ]
2011-10-20 21:20:02 +00:00
Evan Hunt
76a7d4e152
3152. [cleanup] Some versions of gcc and clang failed due to
...
incorrect use of __builtin_expect. [RT #25183 ]
2011-09-05 18:00:22 +00:00
Automatic Updater
d5c0739351
update copyright notice
2011-08-18 23:46:35 +00:00
Mark Andrews
0226bd69cd
cast to unsigned
2011-08-18 17:41:54 +00:00
Mark Andrews
ecf809f959
3143. [bug] Silence clang compiler warnings. [RT #25174 ]
2011-08-18 06:00:07 +00:00
Mark Andrews
3a63259484
3143. [bug] Silence clang compiler warnings. [RT #25174 ]
2011-08-18 04:52:35 +00:00
Evan Hunt
0994d3a21b
3087. [bug] DDNS updates using SIG(0) with update-policy match
...
type "external" could cause a crash. [RT #23735 ]
2011-03-21 19:54:03 +00:00
Evan Hunt
61bcc23203
3076. [func] New '-L' option in dnssec-keygen, dnsset-settime, and
...
dnssec-keyfromlabel sets the default TTL of the
key. When possible, automatic signing will use that
TTL when the key is published. [RT #23304 ]
2011-03-17 01:40:40 +00:00