mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-28 13:08:06 +00:00
Code Issues Releases Wiki Activity
26,614 Commits 660 Branches 820 Tags
Commit Graph

66 Commits

Author SHA1 Message Date
Evan Hunt
0fabe0da83 update file headers 2018-03-15 18:33:13 -07:00
Ondřej Surý
843d389661 Update license headers to not include years in copyright in all applicable files 2018-02-23 10:12:02 +01:00
Evan Hunt
24172bd2ee [master] completed and corrected the crypto-random change 
4724.	[func]		By default, BIND now uses the random number
			functions provided by the crypto library (i.e.,
			OpenSSL or a PKCS#11 provider) as a source of
			randomness rather than /dev/random.  This is
			suitable for virtual machine environments
			which have limited entropy pools and lack
			hardware random number generators.

			This can be overridden by specifying another
			entropy source via the "random-device" option
			in named.conf, or via the -r command line option;
			however, for functions requiring full cryptographic
			strength, such as DNSSEC key generation, this
			cannot be overridden. In particular, the -r
			command line option no longer has any effect on
			dnssec-keygen.

			This can be disabled by building with
			"configure --disable-crypto-rand".
			[RT #31459] [RT #46047]
 2017-09-28 10:09:22 -07:00
Francis Dupont
8a98277811 Made RAND_status check optional (broke --disable-crypto-rand) 2017-09-17 12:02:09 +02:00
Evan Hunt
cc24a8725f [rt31459d] update the newer tools 2017-09-12 22:49:35 -07:00
Evan Hunt
586e65ea5c [rt31459d] rebased rt31459c 2017-09-12 19:05:46 -07:00
Mark Andrews
c26370fc69 4692. [bug] Fix build failures with libressl introduced in 4676. 
[RT #45879]
 2017-08-30 17:11:20 +10:00
Mark Andrews
5e9d9aa9d0 use isc_thread_self instead of pthread_self 2017-08-14 13:51:20 +10:00
Mark Andrews
cbc80a42d3 4676. [cleanup] Allow BIND to be built using OpenSSL 1.0.X with 
deprecated functions removed. [RT #45706]
 2017-08-10 10:16:26 +10:00
Evan Hunt
4c31eda5e1 [master] openssl backward compatibility fix 
4604.	[bug]		Don't use ERR_load_crypto_strings() when building
			with OpenSSL 1.1.0. [RT #45117]
 2017-04-21 18:56:00 -07:00
Tinderbox User
b5808abc69 update copyright notice / whitespace 2017-01-24 23:45:30 +00:00
Mark Andrews
25da687db7 4560. [bug] mdig: add -m option to enable memory debugging rather 
than have in on all the time. [RT #44509]

4559.   [bug]           Openssl_link.c didn't compile if ISC_MEM_TRACKLINES
                        was turned off.  [RT #44509]
 2017-01-24 17:48:31 +11:00
Mark Andrews
e49d93c22d locks are only need in OpenSSL < 1.1 2016-11-09 10:05:50 +11:00
Mark Andrews
3d38cfaf8a add more LIBRESSL_VERSION_NUMBER checks 2016-11-01 12:24:22 +11:00
Tinderbox User
3bd20c8dd4 update copyright notice / whitespace 2016-10-30 23:46:10 +00:00
Mark Andrews
1fce0951ed 4497. [port] Add support for OpenSSL 1.1.0. [RT #41284] 2016-10-31 10:04:37 +11:00
Mark Andrews
0c27b3fe77 4401. [misc] Change LICENSE to MPL 2.0. 2016-06-27 14:56:38 +10:00
Tinderbox User
854a865e16 update copyright notice / whitespace 2016-04-05 23:45:16 +00:00
Mark Andrews
7660b370c3 4344. [port] Address openssl version differences. [RT #42059] 2016-04-06 04:31:06 +10:00
Mark Andrews
bed6e9d614 4383. [bug] OPENSSL_config is no longer re-callable. [RT #41348] 2015-12-24 10:31:07 +11:00
Mark Andrews
f824c65d1f 4340. [port] Fix LibreSSL compatibility. [RT #40977] 2015-10-19 10:43:58 +11:00
Tinderbox User
431e5c81db update copyright notice / whitespace 2015-05-28 23:45:24 +00:00
Mark Andrews
8bb630c751 4129. [port] Address API changes in OpenSSL 1.1.0. [RT #39532] 2015-05-28 14:41:21 +10:00
Tinderbox User
cc2a515684 update copyright notice 2014-03-04 23:46:15 +00:00
Evan Hunt
b454c03196 [master] use ANSI prototypes, clean up some casts 2014-03-04 10:42:25 -08:00
Evan Hunt
c241017dcd [master] fix fedora 17 ecdsa compilation problem 2012-10-24 13:56:41 -07:00
Evan Hunt
0e37e9e3d7 [master] silence noisy OpenSSL logging 
3402.	[bug]		Correct interface numbers for IPv4 and IPv6 interfaces.
 2012-10-24 12:58:16 -07:00
Mark Andrews
9432ef6cdb remove redundent call 2012-10-12 21:57:22 +11:00
Evan Hunt
31c6f9cc85 silence warning 2012-09-28 18:47:05 -07:00
Tinderbox User
0fc76b64fb update copyright notice 2012-09-28 23:46:10 +00:00
Evan Hunt
d1ac7adb3e improve logging of ecdsa errors 
3384.	[bug]		Improved logging of crypto errors. [RT #30963]
 2012-09-28 13:46:47 -07:00
Mark Andrews
4e8090f1c1 test against unsigned zero 2012-08-14 14:31:51 +10:00
Mark Andrews
6eb6af6732 3354. [func] Improve OpenSSL error logging. [RT #29932] 2012-07-23 15:08:21 +10:00
Tinderbox User
5fa46bc916 update copyright notice 2012-03-10 23:45:53 +00:00
Mark Andrews
28a8f5b0de set $Id$ 2012-03-08 00:21:15 +11:00
Automatic Updater
c1aef54e14 update copyright notice 2011-03-12 04:59:49 +00:00
Mark Andrews
19f4b069dc 3068. [bug] Named failed to build with a OpenSSL without engine 
support. [RT #23473]
 2011-03-11 01:11:54 +00:00
Automatic Updater
3255640981 update copyright notice 2010-09-15 12:38:36 +00:00
Mark Andrews
70ba55161b 2957. [bug] entropy_get() and entropy_getpseudo() failed to match 
the API for RAND_bytes() and RAND_pseudo_bytes()
                        respectively. [RT #21962]
 2010-09-15 03:06:15 +00:00
Francis Dupont
8b78c993cb explicit engine rt20230a 2009-10-05 17:30:49 +00:00
Mark Andrews
bbc204a237 2669. [func] Update PKCS#11 support to support Keyper HSM. 
Update PKCS#11 patch to be against openssl-0.9.8i.
 2009-09-03 04:09:58 +00:00
Tatuya JINMEI 神明達哉
77d90dc2b5 2547. [bug] openssl_link.c:mem_realloc() could reference an 
out-of-range area of the source buffer.  New public
			function isc_mem_reallocate() was introduced to address
			this bug. [RT #19313]
 2009-02-11 03:04:18 +00:00
Automatic Updater
d362465c77 update copyright notice 2009-01-17 23:47:43 +00:00
Francis Dupont
47b7dfffe5 spelling 2009-01-17 14:45:17 +00:00
Automatic Updater
705671ffd3 update copyright notice 2008-04-05 23:47:11 +00:00
Mark Andrews
a77b091952 2357. [port] Don't use OpenSSL's engine support in versions before 
OpenSSL 0.9.7f. [RT #17922]
 2008-04-05 02:35:24 +00:00
Mark Andrews
0f4a4d46ab 2357. [port] Don't use OpenSSL's engine support in versions before 
OpenSSL 0.9.7f. [RT #17922]
 2008-04-04 22:10:49 +00:00
Automatic Updater
a687db7ce8 update copyright notice 2008-04-02 23:46:58 +00:00
Automatic Updater
e672951ed2 update copyright notice 2008-04-01 23:47:10 +00:00
Francis Dupont
2a31bd5310 add EVP and PKCS11 2008-03-31 14:42:51 +00:00