ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
31,395 Commits 589 Branches 805 Tags
c015ae234103f4f17e9b30f4e2cbaccbd15e7d08
Commit Graph

31395 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ondřej Surý
c015ae2341 Merge branch '1648-native-pkcs11-eddsa-v9_16' into 'v9_16' 
Resolve "Fix PKCS#11-based EdDSA support"

See merge request isc-projects/bind9!3472
 2020-05-01 08:32:45 +00:00
Ondřej Surý
e4a7cf0624 Make the cleanpkcs11.sh more universal across branches 2020-05-01 09:02:54 +02:00
Ondřej Surý
7b5cc16bad Fix another the start_fail -> start_servers_failed typo 2020-05-01 08:06:07 +02:00
Ondřej Surý
795cfad2d3 Fixup the start_fail -> start_servers_failed typo 
(cherry picked from commit 0313d2950a)
 2020-05-01 08:03:08 +02:00
Ondřej Surý
73868ba80b Add release notes 
(cherry picked from commit e69d34a454)
 2020-05-01 08:03:08 +02:00
Ondřej Surý
492703d1a8 Add CHANGES 
(cherry picked from commit 84fffbdb4c)
 2020-05-01 08:03:03 +02:00
Ondřej Surý
09535ac6d6 Fix the check for non-operational algs 15 and 16 in PKCS#11 
(cherry picked from commit 57c39ddbe3)
 2020-05-01 08:02:09 +02:00
Ondřej Surý
f35b8cee47 Fail running run.sh when clean.sh or setup.sh fails 
(cherry picked from commit 101672f664)
 2020-05-01 08:02:05 +02:00
Ondřej Surý
4cc5b572bd Refactor the pkcs11 to test for individual algorithms 
(cherry picked from commit a6bdb9639a)
 2020-05-01 08:00:52 +02:00
Aaron Thompson
c0e1dc33d5 Update EdDSA implementation to PKCS#11 v3.0. 
Per Current Mechanisms 2.3.5, the curve name is DER-encoded in the
EC_PARAMS attribute, and the public key value is DER-encoded in the
EC_POINT attribute.

(cherry picked from commit 2e6b7a56cc)
 2020-05-01 08:00:52 +02:00
Aaron Thompson
2401952bbb Fix EdDSA key sizes (key_size is in bits). 
(cherry picked from commit 9b87fe1051)
 2020-05-01 08:00:52 +02:00
Aaron Thompson
4ba7a0ec2d Add EdDSA algorithms back to dnssec-keyfromlabel help text. 
Regressed in 45afdb2672.

(cherry picked from commit 4969577189)
 2020-05-01 08:00:52 +02:00
Ondřej Surý
a39348336e Merge branch '1763-pkcs11-code-cleanups-v9_16' into 'v9_16' 
Resolve "Implement and improve the PKCS#11 code"

See merge request isc-projects/bind9!3471
 2020-05-01 05:57:17 +00:00
Ondřej Surý
fb8f428f07 Add CHANGES 
(cherry picked from commit 48473d464f)
 2020-05-01 06:54:27 +02:00
Ondřej Surý
358affe585 Use switch instead of if when evaluating curves 
Previously, the code would do:

    REQUIRE(alg == CURVE1 || alg == CURVE2);

    [...]

    if (alg == CURVE1) { /* code for CURVE1 */ }
    else { /* code for CURVE2 */ }

This approach is less extensible and also more prone to errors in case
the initial REQUIRE() is forgotten.  The code has been refactored to
use:

    REQUIRE(alg == CURVE1 || alg == CURVE2);

    [...]

    switch (alg) {
    case CURVE1: /* code for CURVE1 */; break;
    case CURVE2: /* code for CURVE2 */; break;
    default: INSIST(0);
    }

(cherry picked from commit cf30e7d0d1)
 2020-05-01 06:54:27 +02:00
Ondřej Surý
4e1c7e1c01 Refactor the code using the pk11 ECC constants. 
The pk11/constants.h header contained static CK_BYTE arrays and
we had to use #defines to pull only those we need.  This commit
changes the constants to only define byte arrays with the content
and either use them directly or define the CK_BYTE arrays locally
where used.

(cherry picked from commit da38bd0e1d)
 2020-05-01 06:54:27 +02:00
Ondřej Surý
dc51f720b9 Only print warning when PKCS#11 dnssec-keygen fails from Edwards curves 
(cherry picked from commit 9d979d7cd6)
 2020-05-01 06:54:26 +02:00
Aaron Thompson
fb21f7d0e6 Fix a segfault when a PKCS#11 token is not found. 
(cherry picked from commit 541d7bafe6)
 2020-05-01 06:54:26 +02:00
Aaron Thompson
0777eb04bf Fix bad syntax in pkcs11eddsa_link.c. 
Introduced in 994e656977.

(cherry picked from commit 46cae09023)
 2020-05-01 06:54:26 +02:00
Aaron Thompson
8607580599 Update to PKCS#11 v3.0 EdDSA macros. 
(cherry picked from commit 3e685fe01a)
 2020-05-01 06:54:26 +02:00
Aaron Thompson
b5f2e93339 Fix compiler warnings about unused pk11 constants. 
(cherry picked from commit 2ef379d911)
 2020-05-01 06:54:26 +02:00
Aaron Thompson
61853130c9 Remove remaining PKCS#11 DH references. 
Missed in 0a73c9f137 and 8efd394c80.

(cherry picked from commit d28c7dadbb)
 2020-05-01 06:54:26 +02:00
Aaron Thompson
f89a566b26 Remove unnecessary forward declarations. 
(cherry picked from commit 6a6485a531)
 2020-05-01 06:54:26 +02:00
Aaron Thompson
690eb14078 Finish refactoring pkcs11eddsa_link.c after isc_buffer_allocate change. 
Left over after c73e5866c4.

(cherry picked from commit 7744aece03)
 2020-05-01 06:54:26 +02:00
Aaron Thompson
c8b85a191e Remove unreachable label in pkcs11eddsa_link.c. 
Missed in ae83801e2b.

(cherry picked from commit b4a7bfd55e)
 2020-05-01 06:54:26 +02:00
Aaron Thompson
f534519af5 Finish refactoring after the removal of --with-ecdsa and --with-eddsa. 
Missed in c3b8130fe8.

(cherry picked from commit 7fc4f926fb)
 2020-05-01 06:54:26 +02:00
Aaron Thompson
78e4cc96d7 Remove old comment. 
Missed in 6aae193ded.

(cherry picked from commit 48e0c0bc4a)
 2020-05-01 06:54:26 +02:00
Aaron Thompson
e1d846124c Finish replacing OP_EC with OP_ECDSA/OP_EDDSA. 
Missed in c3b8130fe8.

(cherry picked from commit bb158e8a4c)
 2020-05-01 06:54:26 +02:00
Aaron Thompson
866e5d05f2 Fix incorrect PKCS11 macro in dnssec-revoke. 
Missed in c3b8130fe8.

(cherry picked from commit b217052081)
 2020-05-01 06:54:26 +02:00
Mark Andrews
fa56081e47 Merge branch '1695-addzone-system-tests-failing-in-mac-os-x-v9_16' into 'v9_16' 
Resolve "addzone system tests failing in Mac OS X"

See merge request isc-projects/bind9!3469
 2020-04-30 23:56:09 +00:00
Mark Andrews
5813998c69 Add CHANGES entry 
(cherry picked from commit d63479a48d)
 2020-05-01 09:14:36 +10:00
Mark Andrews
dafabb6d13 Mimic nzf_append from bin/named/server.c 
nzf_append is conditionally compiled and this is intended to
catch error introduced by changes to the called functions on all
systems before the changes are run through the CI.

(cherry picked from commit a66c6fc883)
 2020-05-01 09:14:02 +10:00
Mark Andrews
ce7e96f26f Add jobs for 'configure --with{out}-lmdb' to the GitLab CI 
We missed a case where LMDB was not installed/used in the build
and that broke system tests on such systems.

(cherry picked from commit 060b56dc70)
 2020-05-01 09:14:02 +10:00
Mark Andrews
f78f58312c Add more special zones to addzone restart test. 
Test zones with various escape sequences and filesystem seperator
characters.
* escaped double quote (\")
* escaped escape (\\)
* escaped decimal byte value (\032)
* slash seperator (/)

(cherry picked from commit 5ab9b5b1e6)
 2020-05-01 09:13:59 +10:00
Mark Andrews
59c135ca4d Escape double quote when printing quoted string. 
When we were printing quoted string, the double quotes where unescaped
leading to prematurely ending the quoted string.

(cherry picked from commit b02081d423)
 2020-05-01 09:12:05 +10:00
Mark Andrews
d8078d4e95 Merge branch '1806-system-and-unit-clang-asan-have-incorrect-needs-v9_16' into 'v9_16' 
Incorrect job in needs, gcc:asan -> clang:asan

See merge request isc-projects/bind9!3462
 2020-04-30 08:50:31 +00:00
Mark Andrews
a8d0f49420 Incorrect job in needs, gcc:asan -> clang:asan 
(cherry picked from commit 0adf9562fb)
 2020-04-30 18:48:46 +10:00
Mark Andrews
5d978fded4 Merge branch '1804-util-parse_tsan-py-is-not-pylint-clean-v9_16' into 'v9_16' 
pylint cleanups

See merge request isc-projects/bind9!3459
 2020-04-30 08:43:58 +00:00
Mark Andrews
8578ea9c8a pylint cleanups 
(cherry picked from commit d7618f6954)
 2020-04-30 17:33:38 +10:00
Ondřej Surý
042f0e0d9b Merge branch '1783-ax_check_compile_flag-fno-delete-null-pointer-checks-does-not-fail-for-clang-v9_16' into 'v9_16' 
Force test for -fno-delete-null-pointer-checks to fail

See merge request isc-projects/bind9!3453
 2020-04-29 16:33:31 +00:00
Mark Andrews
363ac686fd Force test for -fno-delete-null-pointer-checks to fail 
(cherry picked from commit 82ab846f13)
 2020-04-29 18:25:26 +02:00
Ondřej Surý
56997fe9da Merge branch 'ondrej/fix-asan-symbolizer-v9_16' into 'v9_16' 
Fix the ASAN symbolizer

See merge request isc-projects/bind9!3451
 2020-04-29 15:29:29 +00:00
Ondřej Surý
141598f3d3 Fix the ASAN symbolizer 
(cherry picked from commit 96805e8c91)
 2020-04-29 17:02:33 +02:00
Mark Andrews
d449ccc796 Merge branch '1764-build-9-16-2-release-make-depend-fatal-error-lib-dns-dnstap-pb-c-h-no-such-file-or-directory' into 'v9_16' 
'make depend' failed

See merge request isc-projects/bind9!3398
 2020-04-29 14:10:29 +00:00
Mark Andrews
72143febe7 check that 'make depend' does not fail 2020-04-30 00:09:48 +10:00
Mark Andrews
06fa0d7b4e address 'make depend' issues 2020-04-30 00:09:48 +10:00
Ondřej Surý
c0ae965c91 Merge branch '725-prepare-system-tests-for-pytest-v9_16' into 'v9_16' 
Add a pytest runner to run.sh

See merge request isc-projects/bind9!3447
 2020-04-29 12:40:40 +00:00
Ondřej Surý
f783e41af7 Silence the invalid-name errors from pylint 2020-04-29 12:19:40 +02:00
Ondřej Surý
a4f0281962 Add a pytest runner to run.sh 
The system tests currently uses patchwork of shell scripts which doesn't
offer proper error handling.

This commit introduced option to write new tests in pytest framework
that also allows easier manipulation of DNS traffic (using dnspython),
native XML and JSON manipulation and proper error reporting.

(cherry picked from commit cf5105939c)
 2020-04-29 12:00:15 +02:00
Ondřej Surý
56e1e6bc4c Merge branch '1090-fix-unable-to-set-effective-uid-to-0-v9_16' into 'v9_16' 
Resolve "BIND 9.14: unable to set effective uid to 0"

See merge request isc-projects/bind9!3440
 2020-04-28 16:40:13 +00:00