Replace dns_fixedname_init() calls followed by dns_fixedname_name()
calls with calls to dns_fixedname_initname() where it is possible
without affecting current behavior and/or performance.
This patch was mostly prepared using Coccinelle and the following
semantic patch:
@@
expression fixedname, name;
@@
- dns_fixedname_init(&fixedname);
...
- name = dns_fixedname_name(&fixedname);
+ name = dns_fixedname_initname(&fixedname);
The resulting set of changes was then manually reviewed to exclude false
positives and apply minor tweaks.
It is likely that more occurrences of this pattern can be refactored in
an identical way. This commit only takes care of the low-hanging fruit.
3705. [func] "configure --enable-native-pkcs11" enables BIND
to use the PKCS#11 API for all cryptographic
functions, so that it can drive a hardware service
module directly without the need to use a modified
OpenSSL as intermediary (so long as the HSM's vendor
provides a complete-enough implementation of the
PKCS#11 interface). This has been tested successfully
with the Thales nShield HSM and with SoftHSMv2 from
the OpenDNSSEC project. [RT #29031]
3486. [bug] named could crash when using TKEY-negotiated keys
that had been deleted and then recreated. [RT #32506]
commit 6a48b9999766d26cddc7cef275cd984b7d53c014
Author: Evan Hunt <each@isc.org>
Date: Tue Jan 29 14:59:46 2013 -0800
[rt32506] don't dump key if dump is unimplemented
commit d0ae0f44b460bab2e8bb24bba683d3ef69ec1765
Author: Evan Hunt <each@isc.org>
Date: Tue Jan 29 14:42:25 2013 -0800
[rt32506] make sure LRU needs adjusting before adjusting it
commit 0437f8f06b1cb72a6d5e3c30f27febca23846d95
Author: Evan Hunt <each@isc.org>
Date: Tue Jan 29 12:28:28 2013 -0800
[rt32506] demonstrate bugs in tkey test
- nsupdate can now get the default realm from
the user's Kerberos principal
- corrected gsstest compilation flags
- improved documentation
- fixed some NULL dereferences
[RT #22795]
increment the reference count.
Note: dns_tsigkey_createfromkey() callers should now
always call dst_key_free() rather than setting it
to NULL on success. [RT #22672]
- added LRU expiration for generated TSIGs
- added the ability to use a non-default realm
- added new "realm" keyword in nsupdate
- limited lifetime of generated keys to 1 hour
or the lifetime of the context (whichever is
smaller)
[RT #19737]
