upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-21 01:15:23 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
bind9/lib/dns
History
Matthijs Mekking c125b721ef Adjust signing code to use kasp 
Update the signing code in lib/dns/zone.c and lib/dns/update.c to
use kasp logic if a dnssec-policy is enabled.

This means zones with dnssec-policy should no longer follow
'update-check-ksk' and 'dnssec-dnskey-kskonly' logic, instead the
KASP keys configured dictate which RRset gets signed with what key.

Also use the next rekey event from the key manager rather than
setting it to one hour.

Mark the zone dynamic, as otherwise a zone with dnssec-policy is
not eligble for automatic DNSSEC maintenance.
2019-11-06 22:36:21 +01:00
..
include DNSSEC hints use dst_key functions and key states 2019-11-06 22:36:21 +01:00
rdata lib/dns/rdata/*/*.c: Silence false positive nullPointerRedundantCheck warning from Cppcheck 2019-10-03 09:04:26 +02:00
tests libdns: add missing checks for return values in dnstap unit test 2019-11-04 16:15:22 +01:00
win32 DNSSEC hints use dst_key functions and key states 2019-11-06 22:36:21 +01:00
.gitignore 4394. [func] Add rndc command "dnstap-reopen" to close and 2016-06-24 09:37:04 +10:00
acl.c Constify dns_name_t *signer argument to dns_acl_allowed() 2019-10-03 09:04:26 +02:00
adb.c Describe the polynomial backoff curve used in the quota adjustment 2019-11-05 09:48:15 +01:00
api prep 9.15.5 2019-10-02 06:08:59 +00:00
badcache.c Remove blocks checking whether isc_mem_get() failed using the coccinelle 2019-07-23 15:32:35 -04:00
byaddr.c Remove blocks checking whether isc_mem_get() failed using the coccinelle 2019-07-23 15:32:35 -04:00
cache.c Convert cache->live_tasks to reference counter. 2019-09-13 12:45:06 +10:00
callbacks.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
catz.c Remove blocks checking whether isc_mem_get() failed using the coccinelle 2019-07-23 15:32:35 -04:00
client.c libdns: Remove useless checks for ISC_R_MEMORY, which cannot happen now 2019-11-04 16:15:22 +01:00
clientinfo.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
compress.c Remove blocks checking whether isc_mem_get() failed using the coccinelle 2019-07-23 15:32:35 -04:00
db.c Replace usage of isc_mem_put+isc_mem_detach with isc_mem_putanddetach 2019-07-31 10:26:40 +02:00
dbiterator.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
dbtable.c Remove blocks checking whether isc_mem_get() failed using the coccinelle 2019-07-23 15:32:35 -04:00
diff.c Use coccinelle to cleanup the failure handling blocks from isc_mem_allocate 2019-07-23 15:32:35 -04:00
dispatch.c isc_event_allocate() cannot fail, remove the fail handling blocks 2019-08-30 08:55:34 +02:00
dlz.c Replace usage of isc_mem_put+isc_mem_detach with isc_mem_putanddetach 2019-07-31 10:26:40 +02:00
dns64.c Remove blocks checking whether isc_mem_get() failed using the coccinelle 2019-07-23 15:32:35 -04:00
dnsrps.c Various little fixes found by coccinelle 2019-10-01 16:48:55 +02:00
dnssec.c DNSSEC hints use dst_key functions and key states 2019-11-06 22:36:21 +01:00
dnstap.c Various little fixes found by coccinelle 2019-10-01 16:48:55 +02:00
dnstap.proto extend DNSTAP to record UPDATE requests and responses as a separate type 2018-10-03 01:03:56 -07:00
ds.c Various little fixes found by coccinelle 2019-10-01 16:48:55 +02:00
dst_api.c Useful dst_key functions 2019-11-06 22:36:21 +01:00
dst_internal.h dnssec-settime: Allow manipulating state files 2019-11-06 22:31:45 +01:00
dst_openssl.h Use standard OPENSSL_NO_ENGINE instead of custom USE_ENGINE define 2018-05-03 15:32:43 +02:00
dst_parse.c dnssec-settime: Allow manipulating state files 2019-11-06 22:31:45 +01:00
dst_parse.h Remove RSAMD5 support 2018-12-11 11:32:24 +01:00
dst_pkcs11.h Update license headers to not include years in copyright in all applicable files 2018-02-23 10:12:02 +01:00
dst_result.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
dyndb.c Use coccinelle to cleanup the failure handling blocks from isc_mem_strdup 2019-07-23 15:32:36 -04:00
ecdb.c Remove randomly scattered additional style check suppressions that caused unmatchedSuppression 2019-10-03 09:04:27 +02:00
ecs.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
fixedname.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
forward.c Replace usage of isc_mem_put+isc_mem_detach with isc_mem_putanddetach 2019-07-31 10:26:40 +02:00
gen-unix.h Exit the ./gen program on failed readdir() call 2019-05-27 16:13:16 +02:00
gen-win32.h Replace custom isc_boolean_t with C standard bool type 2018-08-08 09:37:30 +02:00
gen.c define ULLONG_MAX if not already defined 2019-06-25 09:47:24 +10:00
geoip2.c Fix passing NULL after the last typed argument to a variadic function leads to undefined behaviour. 2019-10-03 09:04:26 +02:00
gssapi_link.c lib/dns/gssapi_link.c: Fix %d -> %u formatting when printing unsigned integers 2019-10-03 09:04:26 +02:00
gssapictx.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
hmac_link.c Remove blocks checking whether isc_mem_get() failed using the coccinelle 2019-07-23 15:32:35 -04:00
ipkeylist.c Remove blocks checking whether isc_mem_get() failed using the coccinelle 2019-07-23 15:32:35 -04:00
iptable.c Remove blocks checking whether isc_mem_get() failed using the coccinelle 2019-07-23 15:32:35 -04:00
journal.c Replace RUNTIME_CHECK(dns_name_copy(..., NULL)) with dns_name_copynf() 2019-10-01 10:43:26 +10:00
kasp.c kasp: Expose more key timings 2019-11-06 22:36:21 +01:00
key.c Revert "Merge branch '996-wrong-key-id-is-displayed-for-rsamd5-keys' into 'master'" 2019-05-29 15:34:08 +02:00
keydata.c Use coccinelle to cleanup the failure handling blocks from isc_mem_allocate 2019-07-23 15:32:35 -04:00
keymgr.c Introduce keymgr in named 2019-11-06 22:36:21 +01:00
keytable.c simplify dns_rbtnodechain_init() by removing unnecessary 'mctx' parameter 2019-08-29 10:03:36 -07:00
Kyuafile regen master 2017-12-29 01:44:18 +00:00
lib.c Use the semantic patch to change the usage isc_mem_create() to new API 2019-09-12 09:26:09 +02:00
log.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
lookup.c Replace RUNTIME_CHECK(dns_name_copy(..., NULL)) with dns_name_copynf() 2019-10-01 10:43:26 +10:00
Makefile.in Introduce keymgr in named 2019-11-06 22:36:21 +01:00
mapapi begin preparation for 9.13.0 2018-05-21 11:50:38 -07:00
master.c isc_event_allocate() cannot fail, remove the fail handling blocks 2019-08-30 08:55:34 +02:00
masterdump.c Replace RUNTIME_CHECK(dns_name_copy(..., NULL)) with dns_name_copynf() 2019-10-01 10:43:26 +10:00
message.c TCP KEEPALIVE was missing from yaml output 2019-10-03 22:52:16 -07:00
name.c lib/dns/name.c: Fix dereference before DbC check reported by Cppcheck 2019-10-03 09:04:26 +02:00
ncache.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
nsec.c address or suppress cppcheck warnings 2019-09-12 17:59:28 +10:00
nsec3.c Replace RUNTIME_CHECK(dns_name_copy(..., NULL)) with dns_name_copynf() 2019-10-01 10:43:26 +10:00
nta.c Replace RUNTIME_CHECK(dns_name_copy(..., NULL)) with dns_name_copynf() 2019-10-01 10:43:26 +10:00
openssl_link.c Use coccinelle to cleanup the failure handling blocks from isc_mem_allocate 2019-07-23 15:32:35 -04:00
openssldh_link.c Remove randomly scattered additional style check suppressions that caused unmatchedSuppression 2019-10-03 09:04:27 +02:00
opensslecdsa_link.c Various little fixes found by coccinelle 2019-10-01 16:48:55 +02:00
openssleddsa_link.c Various little fixes found by coccinelle 2019-10-01 16:48:55 +02:00
opensslrsa_link.c Remove randomly scattered additional style check suppressions that caused unmatchedSuppression 2019-10-03 09:04:27 +02:00
order.c Replace RUNTIME_CHECK(dns_name_copy(..., NULL)) with dns_name_copynf() 2019-10-01 10:43:26 +10:00
peer.c Remove blocks checking whether isc_mem_get() failed using the coccinelle 2019-07-23 15:32:35 -04:00
pkcs11.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
pkcs11ecdsa_link.c Cleanup stray goto labels from removing isc_mem_allocate/strdup checking blocks 2019-07-23 15:32:36 -04:00
pkcs11eddsa_link.c Use coccinelle to cleanup the failure handling blocks from isc_mem_strdup 2019-07-23 15:32:36 -04:00
pkcs11rsa_link.c Cleanup stray goto labels from removing isc_mem_allocate/strdup checking blocks 2019-07-23 15:32:36 -04:00
portlist.c Remove blocks checking whether isc_mem_get() failed using the coccinelle 2019-07-23 15:32:35 -04:00
private.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
rbt.c lib/dns/rbt.c: Suppress nullPointerRedundantCheck warnings from Cppcheck 2019-10-03 09:04:26 +02:00
rbtdb.c lib/dns/rbtdb.c: Add DbC check to safely dereference rbtdb in rbt_datafixer() 2019-10-03 09:04:26 +02:00
rbtdb.h Remove $Id markers, Principal Author and Reviewed tags from the full source tree 2018-05-11 13:17:46 +02:00
rcode.c cleanup: more consistent abbreviated DS digest type mnemonics 2019-10-10 12:31:39 -04:00
rdata.c lib/dns/rdata.c: Silence false positive nullPointerRedundantCheck warning from Cppcheck 2019-10-03 09:04:26 +02:00
rdatalist.c lib/dns/rdatalist.c: Fix dereference before DbC check 2019-10-03 09:04:26 +02:00
rdatalist_p.h Remove $Id markers, Principal Author and Reviewed tags from the full source tree 2018-05-11 13:17:46 +02:00
rdataset.c Replace RUNTIME_CHECK(dns_name_copy(..., NULL)) with dns_name_copynf() 2019-10-01 10:43:26 +10:00
rdatasetiter.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
rdataslab.c Remove blocks checking whether isc_mem_get() failed using the coccinelle 2019-07-23 15:32:35 -04:00
request.c isc_event_allocate() cannot fail, remove the fail handling blocks 2019-08-30 08:55:34 +02:00
resolver.c Prevent TCP failures from affecting EDNS stats 2019-10-31 09:54:05 +01:00
result.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
rootns.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
rpz.c Unify how we use isc_refcount_decrement() to destroy object 2019-09-13 12:44:49 +10:00
rriterator.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
rrl.c Replace RUNTIME_CHECK(dns_name_copy(..., NULL)) with dns_name_copynf() 2019-10-01 10:43:26 +10:00
sdb.c Replace RUNTIME_CHECK(dns_name_copy(..., NULL)) with dns_name_copynf() 2019-10-01 10:43:26 +10:00
sdlz.c Replace RUNTIME_CHECK(dns_name_copy(..., NULL)) with dns_name_copynf() 2019-10-01 10:43:26 +10:00
soa.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
spnego.asn1 Remove $Id markers, Principal Author and Reviewed tags from the full source tree 2018-05-11 13:17:46 +02:00
spnego.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
spnego.h Remove $Id markers, Principal Author and Reviewed tags from the full source tree 2018-05-11 13:17:46 +02:00
spnego_asn1.c Suppress cppcheck 1.89 false positive 2019-10-16 22:23:41 +02:00
spnego_asn1.pl Remove $Id markers, Principal Author and Reviewed tags from the full source tree 2018-05-11 13:17:46 +02:00
ssu.c Remove blocks checking whether isc_mem_get() failed using the coccinelle 2019-07-23 15:32:35 -04:00
ssu_external.c lib/dns/ssu_external.c: Use %zu for formatting sizeof() output 2019-10-01 16:24:29 +02:00
stats.c Move dnssec_keyid_max out rrsettype counters enum 2019-08-12 10:16:08 +02:00
tcpmsg.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
time.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
timer.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
tkey.c Fix the constification of the dns_name_t * result variable for dns_tsig_identity() 2019-10-03 09:04:26 +02:00
tsec.c Remove blocks checking whether isc_mem_get() failed using the coccinelle 2019-07-23 15:32:35 -04:00
tsig.c lib/dns/tsig.c: Suppress Cppcheck false positive error uninitStructMember 2019-10-03 09:04:27 +02:00
tsig_p.h Replace custom isc_boolean_t with C standard bool type 2018-08-08 09:37:30 +02:00
ttl.c Remove randomly scattered additional style check suppressions that caused unmatchedSuppression 2019-10-03 09:04:27 +02:00
update.c Adjust signing code to use kasp 2019-11-06 22:36:21 +01:00
validator.c Replace RUNTIME_CHECK(dns_name_copy(..., NULL)) with dns_name_copynf() 2019-10-01 10:43:26 +10:00
version.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
view.c Convert struct dns_view->attributes to atomic_uint to prevent some locking 2019-10-09 08:09:44 +02:00
xfrin.c Remove blocks checking whether isc_mem_get() failed using the coccinelle 2019-07-23 15:32:35 -04:00
zone.c Adjust signing code to use kasp 2019-11-06 22:36:21 +01:00
zone_p.h Replace custom isc_boolean_t with C standard bool type 2018-08-08 09:37:30 +02:00
zonekey.c Use coccinelle to remove explicit '#include <config.h>' from the source files 2019-03-08 15:15:05 +01:00
zoneverify.c libdns: Change check_dnskey_sigs() return type to void to match the reality how the function is used 2019-11-04 16:15:22 +01:00
zt.c simplify dns_rbtnodechain_init() by removing unnecessary 'mctx' parameter 2019-08-29 10:03:36 -07:00