1. 29 Jul, 2020 1 commit
    • Michal Nowak's avatar
      Drop $SYSTEMTESTTOP from bin/tests/system/ · 688c3505
      Michal Nowak authored
      The $SYSTEMTESTTOP shell variable if often set to .. in various shell
      scripts inside bin/tests/system/, but most of the time it is only
      used one line later, while sourcing conf.sh. This hardly improves
      code readability.
      
      $SYSTEMTESTTOP is also used for the purpose of referencing
      scripts/files living in bin/tests/system/, but given that the
      variable is always set to a short, relative path, we can drop it and
      replace all of its occurrences with the relative path without adversely
      affecting code readability.
      688c3505
  2. 21 Apr, 2020 1 commit
    • Ondřej Surý's avatar
      Complete rewrite the BIND 9 build system · 978c7b2e
      Ondřej Surý authored
      The rewrite of BIND 9 build system is a large work and cannot be reasonable
      split into separate merge requests.  Addition of the automake has a positive
      effect on the readability and maintainability of the build system as it is more
      declarative, it allows conditional and we are able to drop all of the custom
      make code that BIND 9 developed over the years to overcome the deficiencies of
      autoconf + custom Makefile.in files.
      
      This squashed commit contains following changes:
      
      - conversion (or rather fresh rewrite) of all Makefile.in files to Makefile.am
        by using automake
      
      - the libtool is now properly integrated with automake (the way we used it
        was rather hackish as the only official way how to use libtool is via
        automake
      
      - the dynamic module loading was rewritten from a custom patchwork to libtool's
        libltdl (which includes the patchwork to support module loading on different
        systems internally)
      
      - conversion of the unit test executor from kyua to automake parallel driver
      
      - conversion of the system test executor from custom make/shell to automake
        parallel driver
      
      - The GSSAPI has been refactored, the custom SPNEGO on the basis that
        all major KRB5/GSSAPI (mit-krb5, heimdal and Windows) implementations
        support SPNEGO mechanism.
      
      - The various defunct tests from bin/tests have been removed:
        bin/tests/optional and bin/tests/pkcs11
      
      - The text files generated from the MD files have been removed, the
        MarkDown has been designed to be readable by both humans and computers
      
      - The xsl header is now generated by a simple sed command instead of
        perl helper
      
      - The <irs/platform.h> header has been removed
      
      - cleanups of configure.ac script to make it more simpler, addition of multiple
        macros (there's still work to be done though)
      
      - the tarball can now be prepared with `make dist`
      
      - the system tests are partially able to run in oot build
      
      Here's a list of unfinished work that needs to be completed in subsequent merge
      requests:
      
      - `make distcheck` doesn't yet work (because of system tests oot run is not yet
        finished)
      
      - documentation is not yet built, there's a different merge request with docbook
        to sphinx-build rst conversion that needs to be rebased and adapted on top of
        the automake
      
      - msvc build is non functional yet and we need to decide whether we will just
        cross-compile bind9 using mingw-w64 or fix the msvc build
      
      - contributed dlz modules are not included neither in the autoconf nor automake
      978c7b2e
  3. 15 Nov, 2019 1 commit
    • Evan Hunt's avatar
      use DS style trust anchors in all system tests · 54a682ea
      Evan Hunt authored
      this adds functions in conf.sh.common to create DS-style trust anchor
      files. those functions are then used to create nearly all of the trust
      anchors in the system tests.
      
      there are a few exceptions:
       - some tests in dnssec and mkeys rely on detection of unsupported
         algorithms, which only works with key-style trust anchors, so those
         are used for those tests in particular.
       - the mirror test had a problem with the use of a CSK without a
         SEP bit, which still needs addressing
      
      in the future, some of these tests should be changed back to using
      traditional trust anchors, so that both types will be exercised going
      forward.
      54a682ea
  4. 05 Jun, 2019 1 commit
  5. 13 Jun, 2018 1 commit
  6. 16 May, 2018 1 commit
  7. 23 Feb, 2018 1 commit
  8. 01 Sep, 2017 1 commit
  9. 31 Aug, 2017 1 commit
    • Evan Hunt's avatar
      [master] remove default algorithm in dnssec-keygen · 45afdb26
      Evan Hunt authored
      4594.	[func]		dnssec-keygen no longer uses RSASHA1 by default;
      			the signing algorithm must be specified on
      			the command line with the "-a" option.  Signing
      			scripts that rely on the existing default behavior
      			will break; use "dnssec-keygen -a RSASHA1" to
      			repair them. (The goal of this change is to make
      			it easier to find scripts using RSASHA1 so they
      			can be changed in the event of that algorithm
      			being deprecated in the future.) [RT #44755]
      45afdb26
  10. 19 Oct, 2016 1 commit
  11. 27 Jun, 2016 1 commit
  12. 04 Jun, 2014 1 commit
  13. 07 May, 2014 1 commit
  14. 21 Jan, 2014 2 commits
  15. 29 Jun, 2012 3 commits
  16. 20 Oct, 2011 2 commits
  17. 18 Jan, 2010 2 commits
  18. 19 Dec, 2009 1 commit
  19. 30 Nov, 2009 2 commits
  20. 28 Oct, 2009 1 commit
  21. 27 Oct, 2009 1 commit
  22. 19 Jul, 2009 1 commit
    • Evan Hunt's avatar
      2636. [func] Simplify zone signing and key maintenance with the · 553ead32
      Evan Hunt authored
      			dnssec-* tools.  Major changes:
      			- all dnssec-* tools now take a -K option to
      			  specify a directory in which key files will be
      			  stored
      			- DNSSEC can now store metadata indicating when
      			  they are scheduled to be published, acttivated,
      			  revoked or removed; these values can be set by
      			  dnssec-keygen or overwritten by the new
      			  dnssec-settime command
      			- dnssec-signzone -S (for "smart") option reads key
      			  metadata and uses it to determine automatically
      			  which keys to publish to the zone, use for
      			  signing, revoke, or remove from the zone
      			[RT #19816]
      553ead32
  23. 04 Jun, 2009 2 commits
  24. 25 Sep, 2008 1 commit
  25. 24 Sep, 2008 1 commit
  26. 19 Jun, 2007 1 commit
  27. 18 Jun, 2007 1 commit
  28. 04 Jan, 2006 1 commit
  29. 03 Jan, 2006 1 commit
  30. 10 Mar, 2004 1 commit
  31. 05 Mar, 2004 1 commit
  32. 14 Jan, 2004 1 commit
    • Mark Andrews's avatar
      1558. [func] New DNSSEC 'disable-algorithms'. Support entry into · 35541328
      Mark Andrews authored
                              child zones for which we don't have a supported
                              algorithm.  Such child zones are treated as unsigned.
      
      1557.   [func]          Implement missing DNSSEC tests for
                              * NOQNAME proof with wildcard answers.
                              * NOWILDARD proof with NXDOMAIN.
                              Cache and return NOQNAME with wildcard answers.
      35541328
  33. 26 Oct, 2003 1 commit