upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-31 23:06:35 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
13451 commits 18 branches 854 tags 440 MiB
Commit graph

303 commits

Author SHA1 Message Date
Mark Andrews
347c832469 update copyrights 2004-03-08 09:05:15 +00:00
Mark Andrews
a821d5fa3d DNSSEC bis merge from HEAD: 
1581.  [func]          Disable DNSSEC support by default.  To enable
                       DNSSEC specify "enable-dnssec yes;" in named.conf.

1565.  [bug]           CD flag should be copied to outgoing queries unless
                       the query is under a secure entry point in which case
                       CD should be set.

1558.  [func]          New DNSSEC 'disable-algorithms'.  Support entry into
                       child zones for which we don't have a supported
                       algorithm.  Such child zones are treated as unsigned.

1557.  [func]          Implement missing DNSSEC tests for
                       * NOQNAME proof with wildcard answers.
                       * NOWILDARD proof with NXDOMAIN.
                       Cache and return NOQNAME with wildcard answers.

1541.  [func]          NSEC now uses new bitmap format.

1519.  [bug]           dnssec-signzone:nsec_setbit() computed the wrong
                       length of the new bitmap.

1516.  [func]          Roll the DNSSEC types to RRSIG, NSEC and DNSKEY.
 2004-03-08 02:08:05 +00:00
Mark Andrews
cbdd3a318b update lib copyrights 2004-03-06 08:15:48 +00:00
Mark Andrews
550d413f44 cvs rdiff -r1.212 -r1.213 bind9/lib/dns/adb.c 
cvs rdiff -r1.109 -r1.110 bind9/lib/dns/sec/dst/dst_api.c
cvs rdiff -r1.37 -r1.38 bind9/lib/dns/sec/dst/dst_parse.c
 2004-02-02 04:54:15 +00:00
Mark Andrews
69acffbb19 sync with HEAD 2003-10-14 03:48:11 +00:00
Mark Andrews
459df98366 CRYPTO_LOCK_ENGINE -> USE_ENGINE 2003-10-09 04:51:03 +00:00
Mark Andrews
388732593d cleanup spaces before semicolons. 2003-09-24 03:47:21 +00:00
Mark Andrews
9ea4e48caf pullup: 
engine pointer not set to NULL on free.
 2003-08-26 05:38:47 +00:00
Mark Andrews
719e3ac95f pullup: 
merge rt3598 (code by marka, pullup by me)
 2003-08-25 01:44:12 +00:00
Mark Andrews
7509a66b8e 1235. [func] Report 'out of memory' errors from openssl. 2003-08-14 04:08:24 +00:00
Mark Andrews
ab148ab902 pullup: 
Clean up the implementation cleanup mechanism.  Also remove ->issymmetric,
since it's easier to just do it in dst_api.c.
Move the memory allocation wrappers into openssl_link.c, since they're
openssl specific.
add dst_key_privatefrombuffer(), which coverts a public key into a private
key.
 2003-08-13 06:51:34 +00:00
Mark Andrews
193fd4f417 pullup: 
Use as_textregion.base not as_pointer.  [RT #2385]
 2003-08-13 00:36:56 +00:00
Mark Andrews
9052beb238 pullup 
Check return values or cast them to (void), as required by the coding
standards; add exceptions to the coding standards for cases where this is
not desirable
 2003-08-11 05:28:23 +00:00
Mark Andrews
2b6b5bc00c 1143. [bug] When a trusted-keys statement was present and named 
was built without crypto support, it would leak memory.
 2003-08-08 06:07:52 +00:00
Mark Andrews
ff77225512 pullup: 
Move configuration checking to libbind9.
 2003-08-04 04:23:56 +00:00
Mark Andrews
3b89807475 997. [func] Add support for RSA-SHA1 keys (RFC3110). 2003-08-04 01:04:44 +00:00
cvs2git
fb4531edb3 This commit was manufactured by cvs2git to create branch 'v9_3'. 2003-07-30 02:00:55 +00:00
cvs2git
63727e9a3b This commit was manufactured by cvs2git to create branch 'v9_3'. 2003-07-30 01:04:16 +00:00
Mark Andrews
5eb91bd90e silence compiler warnings (HPUX/11i) 2003-07-25 00:01:16 +00:00
Mark Andrews
f2d11f4c11 1494. [security] Turn on RSA BLINDING as a precaution. 2003-07-24 06:18:42 +00:00
Mark Andrews
cc6271e46c 1494. [security] Turn on RSA BLINDING as a precaution. 2003-07-24 06:08:20 +00:00
Mark Andrews
c1df871a18 silence compiler warnings (HPUX/11i) 2003-07-23 06:57:59 +00:00
Mark Andrews
f4d86cfcea update_copyrights 2003-07-22 04:03:54 +00:00
Mark Andrews
a7efbe70e7 merge 9.2.2 back into v9_2 2003-03-06 04:38:29 +00:00
Mark Andrews
a9bdaa1772 engine pointer not set to NULL on free. 2003-02-18 06:25:11 +00:00
Mark Andrews
81aea2f2d3 undo wrong branch 2002-12-13 02:51:41 +00:00
Mark Andrews
0020640ff6 checkpoint 2002-12-13 02:37:35 +00:00
Michael Graff
972cbaa79e merge rt3598 (code by marka, pullup by me) 2002-11-12 22:22:32 +00:00
Mark Andrews
2ffb3eb384 1395. [port] OpenSSL 0.9.7 defines CRYPTO_LOCK_ENGINE but doesn't 
have a working implementation.  [RT #4079]
 2002-10-31 04:35:02 +00:00
Mark Andrews
891c424e56 update_copyrights 2002-08-05 06:57:16 +00:00
Mark Andrews
380a309889 reviewed: bwelling 
1318.   [bug]           The CINCLUDES macro in lib/dns/sec/dst/Makefile
                        could be left with a trailing "\" after configure
                        has been run.
 2002-07-11 03:47:17 +00:00
Mark Andrews
9b7c023fe6 1218. [bug] The CINCLUDES macro in lib/dns/sec/dst/Makefile 
could be left with a trailing "\" after configure
                        has been run.
 2002-06-05 22:34:57 +00:00
Mark Andrews
f76c4ebaf5 1235. [func] Report 'out of memory' errors from openssl. 2002-03-19 04:30:57 +00:00
Brian Wellington
9e6286de2a add dst_key_privatefrombuffer(), which coverts a public key into a private 
key.
 2002-02-27 22:12:06 +00:00
Mark Andrews
a7038d1a05 copyrights 2002-02-20 03:35:59 +00:00
Mark Andrews
c46f10e4a1 Use as_textregion.base not as_pointer. [RT #2385] 2002-01-21 01:07:32 +00:00
Brian Wellington
3a8d4a316e openssl 0.9.6a and higher don't have the RSA locking bug that earlier versions 
did, so don't disable precomputation.  Note that while this was fixed for
RSA, other algorithms still don't do locking when performing precomputation,
and thus we still disable it.
 2002-01-15 22:09:45 +00:00
Mark Andrews
4099c201ff whitespace cleanup 2001-12-19 01:29:35 +00:00
Mark Andrews
6cb12c44a3 pullup: 
fix large DH key generation, hopefully for the last time.
 2001-12-19 01:09:58 +00:00
Brian Wellington
0118965e19 fix large DH key generation, hopefully for the last time. 2001-12-18 06:05:41 +00:00
Brian Wellington
1898837a5e Add the well-known 1536 bit prime from draft-ietf-dnsext-rfc2539bis-dhk-01.txt 2001-12-12 17:18:52 +00:00
Brian Wellington
9af8851b85 whitespace style 2001-12-12 17:09:39 +00:00
Mark Andrews
6124a262fa pullup: 
1160.   [bug]           Generating Diffie-Hellman keys longer than 1024
                        bits could fail. [RT #2241]
 2001-12-12 17:05:20 +00:00
Brian Wellington
0cb27602e5 1160. [bug] Generating Diffie-Hellman keys longer than 1024 
bits could fail. [RT #2241]
 2001-12-12 16:43:24 +00:00
Brian Wellington
b7415ddd79 let isc_lex_destroy() close sources. 2001-11-30 18:26:46 +00:00
Brian Wellington
2e4bec457d Before signing with a key, make sure that it's not the public-only part. 
A sane crypto toolkit would catch this and return an error, but openssl
unceremoniously seg faults.
 2001-11-30 02:11:04 +00:00
Andreas Gustafsson
1f1d36a87b Check return values or cast them to (void), as required by the coding 
standards; add exceptions to the coding standards for cases where this is
not desirable
 2001-11-30 01:59:49 +00:00
Brian Wellington
3638017bd3 1143. [bug] When a trusted-keys statement was present and named 
was built without crypto support, it would leak memory.
 2001-11-28 02:35:02 +00:00
Andreas Gustafsson
91cd0f93ad sizeof style 2001-11-27 01:56:32 +00:00
Andreas Gustafsson
4f30395c97 Suppress compiler warnings about empty translation units 2001-11-20 21:28:41 +00:00