mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-29 05:28:00 +00:00
Code Issues Releases Wiki Activity
22,173 Commits 656 Branches 820 Tags
Commit Graph

21 Commits

Author SHA1 Message Date
Evan Hunt
acbb301e64 [master] better error output when initializing pkcs11 
3786.	[func]		Provide more detailed error codes when using
			native PKCS#11. "pkcs11-tokens" now fails robustly
			rather than asserting when run against an HSM with
			an incomplete PCKS#11 API implementation. [RT #35479]
 2014-03-12 20:52:01 -07:00
Evan Hunt
dbb012765c [master] merge libiscpk11 to libisc 
3735.	[cleanup]	Merged the libiscpk11 library into libisc
			to simplify dependencies. [RT #35205]
 2014-02-11 21:20:28 -08:00
Evan Hunt
1b255a0c4e [master] overlooked some memcpy->memmove changes with pkcs11 merge 2014-01-21 10:08:01 -08:00
Evan Hunt
ba751492fc [master] native PKCS#11 support 
3705.	[func]		"configure --enable-native-pkcs11" enables BIND
			to use the PKCS#11 API for all cryptographic
			functions, so that it can drive a hardware service
			module directly without the need to use a modified
			OpenSSL as intermediary (so long as the HSM's vendor
			provides a complete-enough implementation of the
			PKCS#11 interface). This has been tested successfully
			with the Thales nShield HSM and with SoftHSMv2 from
			the OpenDNSSEC project. [RT #29031]
 2014-01-14 15:40:56 -08:00
Tinderbox User
431a83fb29 update copyright notice 2014-01-09 23:46:35 +00:00
Evan Hunt
e851ea8260 [master] replace memcpy() with memmove(). 
3698.	[cleanup]	Replaced all uses of memcpy() with memmove().
			[RT #35120]
 2014-01-08 16:39:05 -08:00
Tinderbox User
ca48f47d88 update copyright notice 2013-07-09 23:46:11 +00:00
Evan Hunt
5b7abbef51 [master] added isc_safe_memcmp() 
3611.	[bug]		Improved resistance to a theoretical authentication
			attack based on differential timing.  [RT #33939]
 2013-07-09 11:47:16 -07:00
Tinderbox User
5fa46bc916 update copyright notice 2012-03-10 23:45:53 +00:00
Mark Andrews
28a8f5b0de set $Id$ 2012-03-08 00:21:15 +11:00
Automatic Updater
64691d525b update copyright notice 2011-10-24 23:46:14 +00:00
Michael Graff
522222cf93 Correctly invalidate the sha2/hmac2 contexts. This was already done in practice, but this makes it zero out the whole structure rather than just the first 4 bytes + the key. sha2.c did not always zero out the full sha2 state in invalidate, but will now. 2011-10-24 22:51:29 +00:00
Automatic Updater
53f0234c3e update copyright notice 2009-02-06 23:47:42 +00:00
Francis Dupont
c1d7e0562f OpenSSL hashes 2009-02-06 12:26:23 +00:00
Mark Andrews
c60eaaf9b3 2215. [bug] Bad REQUIRE check isc_hmacsha1_verify(). [RT #17094] 2007-08-27 03:27:53 +00:00
Automatic Updater
70e5a7403f update copyright notice 2007-06-19 23:47:24 +00:00
Automatic Updater
ec5347e2c7 update copyright notice 2007-06-18 23:47:57 +00:00
Mark Andrews
02ced31b6a 2072. [bug] We were not generating valid HMAC SHA digests. 
[RT #16320]
 2006-08-16 03:15:09 +00:00
Mark Andrews
fc7685a7f1 silence compiler warnings 2006-01-31 00:35:21 +00:00
Mark Andrews
26e2a07a0b update copyright notice 2006-01-27 23:57:46 +00:00
Mark Andrews
c6d4f78152 1973. [func] TSIG HMACSHA1, HMACSHA224, HMACSHA256, HMACSHA384 and 
HMACSHA512 support. [RT #13606]
 2006-01-27 02:35:15 +00:00