ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
25,303 Commits 589 Branches 805 Tags
cb4e0ef4e2c8a942f99af6ecc6aa564c903b00a0
Commit Graph

800 Commits

Author SHA1 Message Date
Evan Hunt
a165a17a81 [master] dnssec-keygen fixes 
3730.	[cleanup]	Added "never" as a synonym for "none" when
			configuring key event dates in the dnssec tools.
			[RT #35277]

3729.	[bug]		dnssec-kegeyn could set the publication date
			incorrectly when only the activation date was
			specified on the command line. [RT #35278]
 2014-02-06 15:59:14 -08:00
Evan Hunt
08c67b5b7a [master] improved native-pkcs11 doc 
3728.	[doc]		Expanded native-PKCS#11 documentation,
			specifically pkcs11: URI labels. [RT #35287]
 2014-02-06 15:40:00 -08:00
Evan Hunt
12bf5d4796 [master] address several issues with native pkcs11 2014-01-18 11:51:07 -08:00
Tinderbox User
dd1ce8b524 regen master 2014-01-17 01:05:10 +00:00
Mark Andrews
e20788e121 update copyrights 2014-01-16 15:19:24 +11:00
Tinderbox User
6ea2385360 regen master 2014-01-16 01:05:38 +00:00
Evan Hunt
ba751492fc [master] native PKCS#11 support 
3705.	[func]		"configure --enable-native-pkcs11" enables BIND
			to use the PKCS#11 API for all cryptographic
			functions, so that it can drive a hardware service
			module directly without the need to use a modified
			OpenSSL as intermediary (so long as the HSM's vendor
			provides a complete-enough implementation of the
			PKCS#11 interface). This has been tested successfully
			with the Thales nShield HSM and with SoftHSMv2 from
			the OpenDNSSEC project. [RT #29031]
 2014-01-14 15:40:56 -08:00
Tinderbox User
431a83fb29 update copyright notice 2014-01-09 23:46:35 +00:00
Evan Hunt
e851ea8260 [master] replace memcpy() with memmove(). 
3698.	[cleanup]	Replaced all uses of memcpy() with memmove().
			[RT #35120]
 2014-01-08 16:39:05 -08:00
Tinderbox User
3f9791eac4 regen master 2013-12-12 01:05:00 +00:00
Tinderbox User
de77dcc2c1 update copyright notice 2013-12-11 23:47:38 +00:00
Evan Hunt
0bbe3273a2 [master] dnssec-signzone -Q 
3686.	[func]		"dnssec-signzone -Q" drops signatures from keys
			that are still published but no longer active.
			[RT #34990]
 2013-12-11 13:25:21 -08:00
Mark Andrews
53f70575bd silence compiler warnings 2013-12-06 17:38:25 +11:00
Mark Andrews
c3c8823fed 3681. [port] Update the Windows build system to support feature 
selection and WIN64 builds.  This is a work in
                        progress. [RT #34160]
 2013-12-04 12:47:23 +11:00
Mark Andrews
6b0434299b 3671. [bug] Don't allow dnssec-importkey overwrite a existing 
non-imported private key.
 2013-11-13 12:01:09 +11:00
Tinderbox User
77b7c54f1a regen master 2013-10-13 01:04:48 +00:00
Mark Andrews
cbadc440b9 typos 2013-10-13 11:12:43 +11:00
Tinderbox User
63737247d1 update copyright notice 2013-09-05 23:46:16 +00:00
Evan Hunt
690bd6bf5d [master] fix inline test, add importkey to win32 build 2013-09-04 18:56:50 -07:00
Tinderbox User
d2bdd5b314 regen master 2013-09-05 01:04:31 +00:00
Mark Andrews
0c91911b4d 3642. [func] Allow externally generated DNSKEY to be imported 
into the DNSKEY management framework.  A new tool
                        dnssec-importkey is used to this. [RT #34698]
 2013-09-04 13:53:02 +10:00
Mark Andrews
b5f4cc132e 3641. [bug] Handle changes to sig-validity-interval settings 
better. [RT #34625]
 2013-09-04 13:45:00 +10:00
Mark Andrews
7cd9d53c8c don't print out result as it is not meaningful here 2013-08-16 09:44:30 +10:00
Mark Andrews
7ace327795 3632. [bug] Signature from newly inactive keys were not being 
removed.  [RT #32178]
 2013-08-15 10:48:05 +10:00
Mark Andrews
9d69017bc6 3607. [bug] dnssec-keygen had broken 'Invalid keyfile' error 
message. [RT #34045]
 2013-07-03 15:41:48 +10:00
Evan Hunt
b7e40659ef [master] rebuild resigning heaps when loading map files 
3597.	[bug]		Ensure automatic-resigning heaps are reconstructed
			when loading zones in map format. [RT #33381]
 2013-06-14 10:16:10 -07:00
Evan Hunt
8f1e278931 [master] updated win32 build 
3596.	[port]		Updated win32 build documentation, added
                        dnssec-verify. [RT #22067]
 2013-06-13 17:31:41 -07:00
Evan Hunt
e47208b6fb [master] silence ccc-analyzer 
3567.	[bug]		Silence clang static analyzer warnings. [RT #33365]
 2013-05-03 14:31:27 -07:00
Evan Hunt
96139421d6 [master] win32 portability fixes 2013-03-26 23:01:13 -07:00
Tinderbox User
8bbfb495a2 regen master 2013-01-26 01:04:30 +00:00
Tinderbox User
43b9448395 regen master 2013-01-25 01:04:51 +00:00
Evan Hunt
c9611b4573 [master] change "fast" to "map" 
3475.	[cleanup]	Changed name of 'map' zone file format (previously
			'fast'). [RT #32458]
 2013-01-24 14:20:48 -08:00
Tinderbox User
3aaa526a94 update copyright notice 2013-01-23 23:45:55 +00:00
Evan Hunt
9a0dd99a75 [master] fix incorrect nsec3 check 
- check for NSEC3 in empty nodes when not due to optout delegations
    - fixed typo in output ("Bad record NSEC record")
    - incidentally fixed an error in signzone that caused an
      incorrect warning about missing DNSKEYs when using -S
      and -3 together

3473.	[bug]		dnssec-signzone/verify could incorrectly report
			an error condition due to an empty node above an
			opt-out delegation lacking an NSEC3. [RT #32072]
 2013-01-23 14:56:00 -08:00
Tinderbox User
5ac5300fdf update copyright notice 2013-01-17 23:46:25 +00:00
Curtis Blackburn
c8803902d6 [bug] Added checks in dnssec-keygen and dnssec-settime to check for 
delete date < inactive date. [RT #31719]
 2013-01-17 10:59:16 -06:00
Mark Andrews
040dc29236 throw fatal error on realloc failure 2012-12-10 10:16:28 +11:00
Tinderbox User
d9eb3dcfa1 update copyright notice 2012-11-28 23:45:44 +00:00
Evan Hunt
a1dbf90381 [master] remove libgen.h from dnssec tools 
we no longer use basename() or dirname()
 2012-11-27 19:45:51 -08:00
Mark Andrews
b13b452020 3424. [func] dnssec-dsfromkey now emits the hash without spaces. 
[RT #31951]

Squashed commit of the following:

commit 7369da0369e1de1fe6c5b5f84df8848b9a0984eb
Author: Mark Andrews <marka@isc.org>
Date:   Fri Nov 23 17:24:04 2012 +1100

    dupped/created reversed in log message

commit 0cef5faaf3ac22b00ed0f95b6bb7a146cf4cac15
Author: Mark Andrews <marka@isc.org>
Date:   Fri Nov 23 13:40:14 2012 +1100

    remove space from DS hash
 2012-11-27 14:22:28 +11:00
Evan Hunt
4b3d727d96 [master] remove spurious signatures from glue 
3404.	[bug]		dnssec-signzone: When re-signing a zone, remove
			RRSIG and NSEC records from nodes that used to be
			in-zone but are now below a zone cut. [RT #31556]
 2012-10-24 15:46:59 -07:00
Mark Andrews
611dc88768 3390. [bug] Silence clang compiler warnings. [RT #30417] 2012-10-06 14:20:45 +10:00
Evan Hunt
41bbb34bc2 fix coverity issues 
3388.	[bug]		Fixed several Coverity warnings. [RT #30996]
 2012-10-02 23:44:03 -07:00
Mark Andrews
82f37b2665 use binary mode for raw/fast 2012-09-12 17:24:45 +10:00
Tinderbox User
9b20c5d7ff regen master 2012-08-24 01:06:01 +00:00
Tinderbox User
291a670d12 update copyright notice 2012-07-05 23:45:48 +00:00
ckb
c514f38c80 Conflicts: 
lib/dns/dst_parse.c
	lib/isc/win32/file.c
 2012-07-05 16:07:31 -05:00
Mark Andrews
bf8267aa45 reverse bad copyright update 2012-06-29 11:39:47 +10:00
Tinderbox User
247bf37860 update copyright notice 2012-06-29 01:22:18 +00:00
Tinderbox User
da5d53fb14 update copyright notice 2012-06-26 23:45:56 +00:00