mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-28 04:58:04 +00:00
Code Issues Releases Wiki Activity
23,469 Commits 656 Branches 820 Tags
Commit Graph

9 Commits

Author SHA1 Message Date
Mark Andrews
80169c379d 3957. [bug] "dnssec-keygen -S" failed for ECCGOST, ECDSAP256SHA256 
and ECDSAP384SHA384. [RT #37183]
 2014-09-29 10:18:54 +10:00
Evan Hunt
acbb301e64 [master] better error output when initializing pkcs11 
3786.	[func]		Provide more detailed error codes when using
			native PKCS#11. "pkcs11-tokens" now fails robustly
			rather than asserting when run against an HSM with
			an incomplete PCKS#11 API implementation. [RT #35479]
 2014-03-12 20:52:01 -07:00
Evan Hunt
dbb012765c [master] merge libiscpk11 to libisc 
3735.	[cleanup]	Merged the libiscpk11 library into libisc
			to simplify dependencies. [RT #35205]
 2014-02-11 21:20:28 -08:00
Evan Hunt
3249da26fc [master] rationalize external key handling 
3723.	[cleanup]	Imported keys are now handled the same way
			regardless of DNSSEC algorithm. [RT #35215]
 2014-01-30 17:49:32 -08:00
Evan Hunt
1b255a0c4e [master] overlooked some memcpy->memmove changes with pkcs11 merge 2014-01-21 10:08:01 -08:00
Evan Hunt
12bf5d4796 [master] address several issues with native pkcs11 2014-01-18 11:51:07 -08:00
Francis Dupont
6972eaffdb fix external key handling 2014-01-17 17:12:20 +01:00
Mark Andrews
e20788e121 update copyrights 2014-01-16 15:19:24 +11:00
Evan Hunt
ba751492fc [master] native PKCS#11 support 
3705.	[func]		"configure --enable-native-pkcs11" enables BIND
			to use the PKCS#11 API for all cryptographic
			functions, so that it can drive a hardware service
			module directly without the need to use a modified
			OpenSSL as intermediary (so long as the HSM's vendor
			provides a complete-enough implementation of the
			PKCS#11 interface). This has been tested successfully
			with the Thales nShield HSM and with SoftHSMv2 from
			the OpenDNSSEC project. [RT #29031]
 2014-01-14 15:40:56 -08:00