Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
BIND
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Packages & Registries
Packages & Registries
Container Registry
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Joey Salazar
BIND
Commits
586e65ea
Commit
586e65ea
authored
Sep 12, 2017
by
Evan Hunt
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[rt31459d] rebased rt31459c
parent
30973087
Changes
34
Hide whitespace changes
Inline
Side-by-side
Showing
34 changed files
with
660 additions
and
115 deletions
+660
-115
bin/confgen/keygen.c
bin/confgen/keygen.c
+7
-0
bin/dnssec/dnssec-dsfromkey.c
bin/dnssec/dnssec-dsfromkey.c
+4
-4
bin/dnssec/dnssec-importkey.c
bin/dnssec/dnssec-importkey.c
+4
-4
bin/dnssec/dnssec-revoke.c
bin/dnssec/dnssec-revoke.c
+4
-4
bin/dnssec/dnssec-settime.c
bin/dnssec/dnssec-settime.c
+4
-4
bin/dnssec/dnssec-signzone.c
bin/dnssec/dnssec-signzone.c
+6
-5
bin/dnssec/dnssec-verify.c
bin/dnssec/dnssec-verify.c
+4
-4
bin/dnssec/dnssectool.c
bin/dnssec/dnssectool.c
+10
-1
bin/named/server.c
bin/named/server.c
+6
-0
bin/nsupdate/nsupdate.c
bin/nsupdate/nsupdate.c
+15
-3
bin/tests/system/pipelined/pipequeries.c
bin/tests/system/pipelined/pipequeries.c
+20
-6
bin/tests/system/pipelined/tests.sh
bin/tests/system/pipelined/tests.sh
+2
-2
bin/tests/system/rsabigexponent/bigkey.c
bin/tests/system/rsabigexponent/bigkey.c
+4
-0
bin/tests/system/tkey/keycreate.c
bin/tests/system/tkey/keycreate.c
+23
-3
bin/tests/system/tkey/keydelete.c
bin/tests/system/tkey/keydelete.c
+23
-3
bin/tests/system/tkey/tests.sh
bin/tests/system/tkey/tests.sh
+4
-4
configure
configure
+109
-43
configure.in
configure.in
+69
-4
lib/dns/dst_api.c
lib/dns/dst_api.c
+20
-1
lib/dns/include/dst/dst.h
lib/dns/include/dst/dst.h
+8
-0
lib/dns/openssl_link.c
lib/dns/openssl_link.c
+66
-6
lib/dns/pkcs11.c
lib/dns/pkcs11.c
+39
-1
lib/dns/tests/Makefile.in
lib/dns/tests/Makefile.in
+7
-0
lib/dns/tests/dnstest.c
lib/dns/tests/dnstest.c
+7
-7
lib/dns/tests/dstrandom_test.c
lib/dns/tests/dstrandom_test.c
+105
-0
lib/dns/tests/testdata/dstrandom/random.data
lib/dns/tests/testdata/dstrandom/random.data
+0
-0
lib/dns/win32/libdns.def.in
lib/dns/win32/libdns.def.in
+7
-0
lib/isc/entropy.c
lib/isc/entropy.c
+24
-0
lib/isc/include/isc/entropy.h
lib/isc/include/isc/entropy.h
+12
-0
lib/isc/include/isc/platform.h.in
lib/isc/include/isc/platform.h.in
+5
-0
lib/isc/include/isc/types.h
lib/isc/include/isc/types.h
+2
-0
lib/isc/pk11.c
lib/isc/pk11.c
+7
-5
lib/isc/win32/include/isc/platform.h.in
lib/isc/win32/include/isc/platform.h.in
+5
-0
win32utils/Configure
win32utils/Configure
+28
-1
No files found.
bin/confgen/keygen.c
View file @
586e65ea
...
...
@@ -155,6 +155,13 @@ generate_key(isc_mem_t *mctx, const char *randomfile, dns_secalg_t alg,
randomfile
=
NULL
;
open_keyboard
=
ISC_ENTROPY_KEYBOARDYES
;
}
#ifdef ISC_PLATFORM_CRYPTORANDOM
if
(
randomfile
!=
NULL
&&
strcmp
(
randomfile
,
ISC_PLATFORM_CRYPTORANDOM
)
==
0
)
{
randomfile
=
NULL
;
isc_entropy_usehook
(
ectx
,
ISC_TRUE
);
}
#endif
DO
(
"start entropy source"
,
isc_entropy_usebestsource
(
ectx
,
&
entropy_source
,
randomfile
,
...
...
bin/dnssec/dnssec-dsfromkey.c
View file @
586e65ea
...
...
@@ -494,14 +494,14 @@ main(int argc, char **argv) {
if
(
ectx
==
NULL
)
setup_entropy
(
mctx
,
NULL
,
&
ectx
);
result
=
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"could not initialize hash"
);
result
=
dst_lib_init
(
mctx
,
ectx
,
ISC_ENTROPY_BLOCKING
|
ISC_ENTROPY_GOODONLY
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"could not initialize dst: %s"
,
isc_result_totext
(
result
));
result
=
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"could not initialize hash"
);
isc_entropy_stopcallbacksources
(
ectx
);
setup_logging
(
mctx
,
&
log
);
...
...
@@ -563,8 +563,8 @@ main(int argc, char **argv) {
if
(
dns_rdataset_isassociated
(
&
rdataset
))
dns_rdataset_disassociate
(
&
rdataset
);
cleanup_logging
(
&
log
);
dst_lib_destroy
();
isc_hash_destroy
();
dst_lib_destroy
();
cleanup_entropy
(
&
ectx
);
dns_name_destroy
();
if
(
verbose
>
10
)
...
...
bin/dnssec/dnssec-importkey.c
View file @
586e65ea
...
...
@@ -405,14 +405,14 @@ main(int argc, char **argv) {
if
(
ectx
==
NULL
)
setup_entropy
(
mctx
,
NULL
,
&
ectx
);
result
=
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"could not initialize hash"
);
result
=
dst_lib_init
(
mctx
,
ectx
,
ISC_ENTROPY_BLOCKING
|
ISC_ENTROPY_GOODONLY
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"could not initialize dst: %s"
,
isc_result_totext
(
result
));
result
=
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"could not initialize hash"
);
isc_entropy_stopcallbacksources
(
ectx
);
setup_logging
(
mctx
,
&
log
);
...
...
@@ -456,8 +456,8 @@ main(int argc, char **argv) {
if
(
dns_rdataset_isassociated
(
&
rdataset
))
dns_rdataset_disassociate
(
&
rdataset
);
cleanup_logging
(
&
log
);
dst_lib_destroy
();
isc_hash_destroy
();
dst_lib_destroy
();
cleanup_entropy
(
&
ectx
);
dns_name_destroy
();
if
(
verbose
>
10
)
...
...
bin/dnssec/dnssec-revoke.c
View file @
586e65ea
...
...
@@ -179,14 +179,14 @@ main(int argc, char **argv) {
if
(
ectx
==
NULL
)
setup_entropy
(
mctx
,
NULL
,
&
ectx
);
result
=
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"Could not initialize hash"
);
result
=
dst_lib_init2
(
mctx
,
ectx
,
engine
,
ISC_ENTROPY_BLOCKING
|
ISC_ENTROPY_GOODONLY
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"Could not initialize dst: %s"
,
isc_result_totext
(
result
));
result
=
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"Could not initialize hash"
);
isc_entropy_stopcallbacksources
(
ectx
);
result
=
dst_key_fromnamedfile
(
filename
,
dir
,
...
...
@@ -268,8 +268,8 @@ main(int argc, char **argv) {
cleanup:
dst_key_free
(
&
key
);
dst_lib_destroy
();
isc_hash_destroy
();
dst_lib_destroy
();
cleanup_entropy
(
&
ectx
);
if
(
verbose
>
10
)
isc_mem_stats
(
mctx
,
stdout
);
...
...
bin/dnssec/dnssec-settime.c
View file @
586e65ea
...
...
@@ -377,14 +377,14 @@ main(int argc, char **argv) {
if
(
ectx
==
NULL
)
setup_entropy
(
mctx
,
NULL
,
&
ectx
);
result
=
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"Could not initialize hash"
);
result
=
dst_lib_init2
(
mctx
,
ectx
,
engine
,
ISC_ENTROPY_BLOCKING
|
ISC_ENTROPY_GOODONLY
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"Could not initialize dst: %s"
,
isc_result_totext
(
result
));
result
=
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"Could not initialize hash"
);
isc_entropy_stopcallbacksources
(
ectx
);
if
(
predecessor
!=
NULL
)
{
...
...
@@ -669,8 +669,8 @@ main(int argc, char **argv) {
if
(
prevkey
!=
NULL
)
dst_key_free
(
&
prevkey
);
dst_key_free
(
&
key
);
dst_lib_destroy
();
isc_hash_destroy
();
dst_lib_destroy
();
cleanup_entropy
(
&
ectx
);
if
(
verbose
>
10
)
isc_mem_stats
(
mctx
,
stdout
);
...
...
bin/dnssec/dnssec-signzone.c
View file @
586e65ea
...
...
@@ -3431,14 +3431,15 @@ main(int argc, char *argv[]) {
if
(
!
pseudorandom
)
eflags
|=
ISC_ENTROPY_GOODONLY
;
result
=
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"could not create hash context"
);
result
=
dst_lib_init2
(
mctx
,
ectx
,
engine
,
eflags
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"could not initialize dst: %s"
,
isc_result_totext
(
result
));
result
=
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"could not create hash context"
);
isc_stdtime_get
(
&
now
);
if
(
startstr
!=
NULL
)
{
...
...
@@ -3845,8 +3846,8 @@ main(int argc, char *argv[]) {
dns_master_styledestroy
(
&
dsstyle
,
mctx
);
cleanup_logging
(
&
log
);
dst_lib_destroy
();
isc_hash_destroy
();
dst_lib_destroy
();
cleanup_entropy
(
&
ectx
);
dns_name_destroy
();
if
(
verbose
>
10
)
...
...
bin/dnssec/dnssec-verify.c
View file @
586e65ea
...
...
@@ -278,15 +278,15 @@ main(int argc, char *argv[]) {
if
(
ectx
==
NULL
)
setup_entropy
(
mctx
,
NULL
,
&
ectx
);
result
=
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"could not create hash context"
);
result
=
dst_lib_init2
(
mctx
,
ectx
,
engine
,
ISC_ENTROPY_BLOCKING
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"could not initialize dst: %s"
,
isc_result_totext
(
result
));
result
=
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"could not create hash context"
);
isc_stdtime_get
(
&
now
);
rdclass
=
strtoclass
(
classname
);
...
...
bin/dnssec/dnssectool.c
View file @
586e65ea
...
...
@@ -29,6 +29,7 @@
#include <isc/heap.h>
#include <isc/list.h>
#include <isc/mem.h>
#include <isc/platform.h>
#include <isc/print.h>
#include <isc/string.h>
#include <isc/time.h>
...
...
@@ -228,7 +229,8 @@ setup_entropy(isc_mem_t *mctx, const char *randomfile, isc_entropy_t **ectx) {
if
(
*
ectx
==
NULL
)
{
result
=
isc_entropy_create
(
mctx
,
ectx
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"could not create entropy object"
);
fatal
(
"could not create entropy object: %s"
,
isc_result_totext
(
result
));
ISC_LIST_INIT
(
sources
);
}
...
...
@@ -237,6 +239,13 @@ setup_entropy(isc_mem_t *mctx, const char *randomfile, isc_entropy_t **ectx) {
randomfile
=
NULL
;
}
#ifdef ISC_PLATFORM_CRYPTORANDOM
if
(
randomfile
!=
NULL
&&
strcmp
(
randomfile
,
ISC_PLATFORM_CRYPTORANDOM
)
==
0
)
{
randomfile
=
NULL
;
isc_entropy_usehook
(
*
ectx
,
ISC_TRUE
);
}
#endif
result
=
isc_entropy_usebestsource
(
*
ectx
,
&
source
,
randomfile
,
usekeyboard
);
...
...
bin/named/server.c
View file @
586e65ea
...
...
@@ -31,6 +31,7 @@
#include <isc/lex.h>
#include <isc/meminfo.h>
#include <isc/parseint.h>
#include <isc/platform.h>
#include <isc/portset.h>
#include <isc/print.h>
#include <isc/random.h>
...
...
@@ -8293,6 +8294,10 @@ load_configuration(const char *filename, named_server_t *server,
"no source of entropy found");
} else {
const char *randomdev = cfg_obj_asstring(obj);
#ifdef ISC_PLATFORM_CRYPTORANDOM
if (strcmp(randomdev, ISC_PLATFORM_CRYPTORANDOM) == 0)
isc_entropy_usehook(ns_g_entropy, ISC_TRUE);
#else
int level = ISC_LOG_ERROR;
result = isc_entropy_createfilesource(named_g_entropy,
randomdev);
...
...
@@ -8326,6 +8331,7 @@ load_configuration(const char *filename, named_server_t *server,
}
isc_entropy_detach(&named_g_fallbackentropy);
}
#endif
#endif
}
}
...
...
bin/nsupdate/nsupdate.c
View file @
586e65ea
...
...
@@ -29,6 +29,7 @@
#include <isc/mem.h>
#include <isc/parseint.h>
#include <isc/print.h>
#include <isc/platform.h>
#include <isc/random.h>
#include <isc/region.h>
#include <isc/sockaddr.h>
...
...
@@ -261,7 +262,8 @@ setup_entropy(isc_mem_t *mctx, const char *randomfile, isc_entropy_t **ectx) {
if
(
*
ectx
==
NULL
)
{
result
=
isc_entropy_create
(
mctx
,
ectx
);
if
(
result
!=
ISC_R_SUCCESS
)
fatal
(
"could not create entropy object"
);
fatal
(
"could not create entropy object: %s"
,
isc_result_totext
(
result
));
ISC_LIST_INIT
(
sources
);
}
...
...
@@ -270,6 +272,13 @@ setup_entropy(isc_mem_t *mctx, const char *randomfile, isc_entropy_t **ectx) {
randomfile
=
NULL
;
}
#ifdef ISC_PLATFORM_CRYPTORANDOM
if
(
randomfile
!=
NULL
&&
strcmp
(
randomfile
,
ISC_PLATFORM_CRYPTORANDOM
)
==
0
)
{
randomfile
=
NULL
;
isc_entropy_usehook
(
*
ectx
,
ISC_TRUE
);
}
#endif
result
=
isc_entropy_usebestsource
(
*
ectx
,
&
source
,
randomfile
,
usekeyboard
);
...
...
@@ -955,11 +964,11 @@ setup_system(void) {
irs_resconf_destroy
(
&
resconf
);
setup_entropy
(
gmctx
,
NULL
,
&
entropy
);
if
(
entropy
==
NULL
)
setup_entropy
(
gmctx
,
NULL
,
&
entropy
);
result
=
isc_hash_create
(
gmctx
,
entropy
,
DNS_NAME_MAXWIRE
);
check_result
(
result
,
"isc_hash_create"
);
isc_hash_init
();
result
=
dns_dispatchmgr_create
(
gmctx
,
entropy
,
&
dispatchmgr
);
check_result
(
result
,
"dns_dispatchmgr_create"
);
...
...
@@ -983,6 +992,9 @@ setup_system(void) {
check_result
(
result
,
"dst_lib_init"
);
is_dst_up
=
ISC_TRUE
;
/* moved after dst_lib_init() */
isc_hash_init
();
attrmask
=
DNS_DISPATCHATTR_UDP
|
DNS_DISPATCHATTR_TCP
;
attrmask
|=
DNS_DISPATCHATTR_IPV4
|
DNS_DISPATCHATTR_IPV6
;
...
...
bin/tests/system/pipelined/pipequeries.c
View file @
586e65ea
...
...
@@ -19,6 +19,7 @@
#include <isc/log.h>
#include <isc/mem.h>
#include <isc/net.h>
#include <isc/platform.h>
#include <isc/print.h>
#include <isc/sockaddr.h>
#include <isc/socket.h>
...
...
@@ -196,6 +197,7 @@ sendqueries(isc_task_t *task, isc_event_t *event) {
int
main
(
int
argc
,
char
*
argv
[])
{
char
*
randomfile
=
NULL
;
isc_sockaddr_t
bind_any
;
struct
in_addr
inaddr
;
isc_result_t
result
;
...
...
@@ -211,12 +213,16 @@ main(int argc, char *argv[]) {
dns_dispatch_t
*
dispatchv4
;
dns_view_t
*
view
;
UNUSED
(
argv
);
RUNCHECK
(
isc_app_start
()
);
if
(
argc
>
1
)
if
(
(
argc
==
2
)
||
(
argc
==
4
)
)
have_src
=
ISC_TRUE
;
RUNCHECK
(
isc_app_start
());
if
((
argc
>
2
)
&&
(
strcmp
(
argv
[
1
],
"-r"
)
==
0
))
{
randomfile
=
argv
[
2
];
argv
+=
2
;
argc
-=
2
;
}
dns_result_register
();
...
...
@@ -241,10 +247,18 @@ main(int argc, char *argv[]) {
ectx
=
NULL
;
RUNCHECK
(
isc_entropy_create
(
mctx
,
&
ectx
));
RUNCHECK
(
isc_entropy_createfilesource
(
ectx
,
"../random.data"
));
RUNCHECK
(
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
));
#ifdef ISC_PLATFORM_CRYPTORANDOM
if
(
randomfile
!=
NULL
&&
strcmp
(
randomfile
,
ISC_PLATFORM_CRYPTORANDOM
)
==
0
)
{
randomfile
=
NULL
;
isc_entropy_usehook
(
ectx
,
ISC_TRUE
);
}
#endif
if
(
randomfile
!=
NULL
)
RUNCHECK
(
isc_entropy_createfilesource
(
ectx
,
randomfile
));
RUNCHECK
(
dst_lib_init
(
mctx
,
ectx
,
ISC_ENTROPY_GOODONLY
));
RUNCHECK
(
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
));
taskmgr
=
NULL
;
RUNCHECK
(
isc_taskmgr_create
(
mctx
,
1
,
0
,
&
taskmgr
));
...
...
@@ -297,8 +311,8 @@ main(int argc, char *argv[]) {
isc_task_detach
(
&
task
);
isc_taskmgr_destroy
(
&
taskmgr
);
dst_lib_destroy
();
isc_hash_destroy
();
dst_lib_destroy
();
isc_entropy_detach
(
&
ectx
);
isc_log_destroy
(
&
lctx
);
...
...
bin/tests/system/pipelined/tests.sh
View file @
586e65ea
...
...
@@ -13,7 +13,7 @@ status=0
echo
"I:check pipelined TCP queries"
ret
=
0
$PIPEQUERIES
< input
>
raw
||
ret
=
1
$PIPEQUERIES
-r
$RANDFILE
< input
>
raw
||
ret
=
1
awk
'{ print $1 " " $5 }'
< raw
>
output
sort
< output
>
output-sorted
diff ref output-sorted
||
{
ret
=
1
;
echo
"I: diff sorted failed"
;
}
...
...
@@ -37,7 +37,7 @@ status=`expr $status + $ret`
echo
"I:check keep-response-order"
ret
=
0
$PIPEQUERIES
++ < inputb
>
rawb
||
ret
=
1
$PIPEQUERIES
-r
$RANDFILE
++ < inputb
>
rawb
||
ret
=
1
awk
'{ print $1 " " $5 }'
< rawb
>
outputb
diff refb outputb
||
ret
=
1
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
bin/tests/system/rsabigexponent/bigkey.c
View file @
586e65ea
...
...
@@ -18,6 +18,7 @@
#include <isc/buffer.h>
#include <isc/entropy.h>
#include <isc/mem.h>
#include <isc/platform.h>
#include <isc/print.h>
#include <isc/region.h>
#include <isc/stdio.h>
...
...
@@ -181,6 +182,9 @@ main(int argc, char **argv) {
CHECK
(
isc_mem_create
(
0
,
0
,
&
mctx
),
"isc_mem_create()"
);
CHECK
(
isc_entropy_create
(
mctx
,
&
ectx
),
"isc_entropy_create()"
);
#ifdef ISC_PLATFORM_CRYPTORANDOM
isc_entropy_usehook
(
ectx
,
ISC_TRUE
);
#endif
CHECK
(
isc_entropy_usebestsource
(
ectx
,
&
source
,
"../random.data"
,
ISC_ENTROPY_KEYBOARDNO
),
...
...
bin/tests/system/tkey/keycreate.c
View file @
586e65ea
...
...
@@ -201,6 +201,7 @@ sendquery(isc_task_t *task, isc_event_t *event) {
int
main
(
int
argc
,
char
*
argv
[])
{
char
*
ourkeyname
;
char
*
randomfile
;
isc_taskmgr_t
*
taskmgr
;
isc_timermgr_t
*
timermgr
;
isc_socketmgr_t
*
socketmgr
;
...
...
@@ -220,10 +221,21 @@ main(int argc, char *argv[]) {
RUNCHECK
(
isc_app_start
());
randomfile
=
NULL
;
if
(
argc
<
2
)
{
fprintf
(
stderr
,
"I:no DH key provided
\n
"
);
exit
(
-
1
);
}
if
(
strcmp
(
argv
[
1
],
"-r"
)
==
0
)
{
if
(
argc
<
4
)
{
fprintf
(
stderr
,
"I:no DH key provided
\n
"
);
exit
(
-
1
);
}
randomfile
=
argv
[
2
];
argv
+=
2
;
argc
-=
2
;
}
ourkeyname
=
argv
[
1
];
if
(
argc
>=
3
)
...
...
@@ -237,14 +249,22 @@ main(int argc, char *argv[]) {
ectx
=
NULL
;
RUNCHECK
(
isc_entropy_create
(
mctx
,
&
ectx
));
RUNCHECK
(
isc_entropy_createfilesource
(
ectx
,
"../random.data"
));
RUNCHECK
(
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
));
#ifdef ISC_PLATFORM_CRYPTORANDOM
if
(
randomfile
!=
NULL
&&
strcmp
(
randomfile
,
ISC_PLATFORM_CRYPTORANDOM
)
==
0
)
{
randomfile
=
NULL
;
isc_entropy_usehook
(
ectx
,
ISC_TRUE
);
}
#endif
if
(
randomfile
!=
NULL
)
RUNCHECK
(
isc_entropy_createfilesource
(
ectx
,
randomfile
));
log
=
NULL
;
logconfig
=
NULL
;
RUNCHECK
(
isc_log_create
(
mctx
,
&
log
,
&
logconfig
));
RUNCHECK
(
dst_lib_init
(
mctx
,
ectx
,
ISC_ENTROPY_GOODONLY
));
RUNCHECK
(
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
));
taskmgr
=
NULL
;
RUNCHECK
(
isc_taskmgr_create
(
mctx
,
1
,
0
,
&
taskmgr
));
...
...
@@ -323,8 +343,8 @@ main(int argc, char *argv[]) {
isc_log_destroy
(
&
log
);
dst_lib_destroy
();
isc_hash_destroy
();
dst_lib_destroy
();
isc_entropy_detach
(
&
ectx
);
isc_mem_destroy
(
&
mctx
);
...
...
bin/tests/system/tkey/keydelete.c
View file @
586e65ea
...
...
@@ -134,6 +134,7 @@ sendquery(isc_task_t *task, isc_event_t *event) {
int
main
(
int
argc
,
char
**
argv
)
{
char
*
keyname
;
char
*
randomfile
;
isc_taskmgr_t
*
taskmgr
;
isc_timermgr_t
*
timermgr
;
isc_socketmgr_t
*
socketmgr
;
...
...
@@ -154,10 +155,21 @@ main(int argc, char **argv) {
RUNCHECK
(
isc_app_start
());
randomfile
=
NULL
;
if
(
argc
<
2
)
{
fprintf
(
stderr
,
"I:no key to delete
\n
"
);
exit
(
-
1
);
}
if
(
strcmp
(
argv
[
1
],
"-r"
)
==
0
)
{
if
(
argc
<
4
)
{
fprintf
(
stderr
,
"I:no DH key provided
\n
"
);
exit
(
-
1
);
}
randomfile
=
argv
[
2
];
argv
+=
2
;
argc
-=
2
;
}
keyname
=
argv
[
1
];
dns_result_register
();
...
...
@@ -167,14 +179,22 @@ main(int argc, char **argv) {
ectx
=
NULL
;
RUNCHECK
(
isc_entropy_create
(
mctx
,
&
ectx
));
RUNCHECK
(
isc_entropy_createfilesource
(
ectx
,
"../random.data"
));
RUNCHECK
(
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
));
#ifdef ISC_PLATFORM_CRYPTORANDOM
if
(
randomfile
!=
NULL
&&
strcmp
(
randomfile
,
ISC_PLATFORM_CRYPTORANDOM
)
==
0
)
{
randomfile
=
NULL
;
isc_entropy_usehook
(
ectx
,
ISC_TRUE
);
}
#endif
if
(
randomfile
!=
NULL
)
RUNCHECK
(
isc_entropy_createfilesource
(
ectx
,
randomfile
));
log
=
NULL
;
logconfig
=
NULL
;
RUNCHECK
(
isc_log_create
(
mctx
,
&
log
,
&
logconfig
));
RUNCHECK
(
dst_lib_init
(
mctx
,
ectx
,
ISC_ENTROPY_GOODONLY
));
RUNCHECK
(
isc_hash_create
(
mctx
,
ectx
,
DNS_NAME_MAXWIRE
));
taskmgr
=
NULL
;
RUNCHECK
(
isc_taskmgr_create
(
mctx
,
1
,
0
,
&
taskmgr
));
...
...
@@ -257,8 +277,8 @@ main(int argc, char **argv) {
isc_log_destroy
(
&
log
);
dst_lib_destroy
();
isc_hash_destroy
();
dst_lib_destroy
();
isc_entropy_detach
(
&
ectx
);
isc_mem_destroy
(
&
mctx
);
...
...
bin/tests/system/tkey/tests.sh
View file @
586e65ea
...
...
@@ -28,7 +28,7 @@ for owner in . foo.example.
do
echo
"I:creating new key using owner name
\"
$owner
\"
"
ret
=
0
keyname
=
`
$KEYCREATE
$dhkeyname
$owner
`
||
ret
=
1
keyname
=
`
$KEYCREATE
-r
$RANDFILE
$dhkeyname
$owner
`
||
ret
=
1
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
status
=
`
expr
$status
+
$ret
`
...
...
@@ -50,7 +50,7 @@ do
echo
"I:deleting new key"
ret
=
0
$KEYDELETE
$keyname
||
ret
=
1
$KEYDELETE
-r
$RANDFILE
$keyname
||
ret
=
1
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
fi
...
...
@@ -70,7 +70,7 @@ done
echo
"I:creating new key using owner name bar.example."
ret
=
0
keyname
=
`
$KEYCREATE
$dhkeyname
bar.example.
`
||
ret
=
1
keyname
=
`
$KEYCREATE
-r
$RANDFILE
$dhkeyname
bar.example.
`
||
ret
=
1
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
status
=
`
expr
$status
+
$ret
`
...
...
@@ -111,7 +111,7 @@ status=`expr $status + $ret`
echo
"I:recreating the bar.example. key"
ret
=
0
keyname
=
`
$KEYCREATE
$dhkeyname
bar.example.
`
||
ret
=
1
keyname
=
`
$KEYCREATE
-r
$RANDFILE
$dhkeyname
bar.example.
`
||
ret
=
1
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
status
=
`
expr
$status
+
$ret
`
...
...
configure
View file @
586e65ea
...
...
@@ -794,6 +794,7 @@ XMLSTATS
NZDTARGETS
NZDSRCS
NZD_TOOLS
ISC_PLATFORM_CRYPTORANDOM
PKCS11_TEST
PKCS11_ED25519
PKCS11_GOST
...
...
@@ -935,6 +936,7 @@ infodir
docdir
oldincludedir
includedir
runstatedir
localstatedir
sharedstatedir
sysconfdir
...
...
@@ -1001,6 +1003,7 @@ with_aes
enable_openssl_hash
with_cc_alg
enable_openssl_version_check
enable_crypto_rand
with_lmdb
with_libxml2
with_libjson
...
...
@@ -1096,6 +1099,7 @@ datadir='${datarootdir}'
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
oldincludedir='/usr/include'
docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
...
...
@@ -1348,6 +1352,15 @@ do
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
-runstatedir | --runstatedir | --runstatedi | --runstated \
| --runstate | --runstat | --runsta | --runst | --runs \
| --run | --ru | --r)
ac_prev=runstatedir ;;
-runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
| --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
| --run=* | --ru=* | --r=*)
runstatedir=$ac_optarg ;;
-sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
ac_prev=sbindir ;;
-sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
...
...
@@ -1485,7 +1498,7 @@ fi
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
libdir localedir mandir
libdir localedir mandir
runstatedir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
...
...
@@ -1638,6 +1651,7 @@ Fine tuning of the installation directories:
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
--runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
...
...
@@ -1694,6 +1708,7 @@ Optional Features:
--enable-openssl-hash use OpenSSL for hash functions [default=yes]
--enable-openssl-version-check
check OpenSSL version [default=yes]
--enable-crypto-rand use the crypto provider for random [default=yes]
--enable-largefile 64-bit file support
--enable-backtrace log stack backtrace on abort [default=yes]
--enable-symtable use internal symbol table for backtrace
...
...
@@ -15936,6 +15951,7 @@ case "$use_openssl" in
$as_echo "disabled because of native PKCS11" >&6; }
DST_OPENSSL_INC=""
CRYPTO="-DPKCS11CRYPTO"
CRYPTOLIB="pkcs11"
OPENSSLEDDSALINKOBJS=""
OPENSSLEDDSALINKSRS=""
OPENSSLGOSTLINKOBJS=""
...
...
@@ -15948,6 +15964,7 @@ $as_echo "disabled because of native PKCS11" >&6; }
$as_echo "no" >&6; }
DST_OPENSSL_INC=""
CRYPTO=""
CRYPTOLIB=""
OPENSSLEDDSALINKOBJS=""
OPENSSLEDDSALINKSRS=""
OPENSSLGOSTLINKOBJS=""
...
...
@@ -15958,6 +15975,7 @@ $as_echo "no" >&6; }
auto)
DST_OPENSSL_INC=""
CRYPTO=""
CRYPTOLIB=""
OPENSSLEDDSALINKOBJS=""