upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-20 01:27:20 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
bind9/lib
History
Mark Andrews f3a0dac057 Check that we can verify a signature at initialisation time 
Fedora 33 doesn't support RSASHA1 in future mode.  There is no easy
check for this other than by attempting to perform a verification
using known good signatures.  We don't attempt to sign with RSASHA1
as that would not work in FIPS mode.  RSASHA1 is verify only.

The test vectors were generated using OpenSSL 3.0 and
util/gen-rsa-sha-vectors.c.  Rerunning will generate a new set of
test vectors as the private key is not preserved.

e.g.
	cc util/gen-rsa-sha-vectors.c -I /opt/local/include \
		-L /opt/local/lib -lcrypto

(cherry picked from commit cd3f00874f63a50954cebb78edac8f580a27c0de)
2022-07-25 10:59:38 -04:00
..
bind9 warn about zones with both dnssec-policy and max-zone-ttl 2022-07-22 13:13:24 -07:00
dns Check that we can verify a signature at initialisation time 2022-07-25 10:59:38 -04:00
irs Move all the unit tests to /tests/<libname>/ 2022-05-31 12:06:00 +02:00
isc Cleanup the STATID_CONNECT and STATID_CONNECTFAIL stat counters 2022-07-14 21:48:44 +02:00
isccc Update clang to version 14 2022-06-16 18:09:33 +02:00
isccfg Add isccfg duration utility functions 2022-06-28 14:37:26 +02:00
ns Increase the BUFSIZ-long buffers 2022-07-15 21:16:51 +02:00
.gitignore The isc/platform.h header has been completely removed 2021-07-06 05:33:48 +00:00
Makefile.am move samples/resolve.c to bin/tests/system 2021-04-16 14:29:43 +02:00