1. 08 Aug, 2018 1 commit
  2. 02 Aug, 2018 1 commit
  3. 01 Aug, 2018 1 commit
  4. 23 Jul, 2018 1 commit
  5. 19 Jul, 2018 1 commit
  6. 22 May, 2018 1 commit
    • Ondřej Surý's avatar
      address win32 build issues · 7ee8a7e6
      Ondřej Surý authored
      - Replace external -DOPENSSL/-DPKCS11CRYPTO with properly AC_DEFINEd
        HAVE_OPENSSL/HAVE_PKCS11
      - Don't enforce the crypto provider from platform.h, just from dst_api.c
        and configure scripts
      7ee8a7e6
  7. 21 May, 2018 1 commit
  8. 16 May, 2018 2 commits
  9. 14 May, 2018 1 commit
  10. 11 May, 2018 1 commit
  11. 03 May, 2018 1 commit
  12. 06 Apr, 2018 1 commit
  13. 23 Feb, 2018 1 commit
  14. 23 Nov, 2017 1 commit
  15. 28 Oct, 2017 1 commit
  16. 27 Oct, 2017 1 commit
    • Evan Hunt's avatar
      [master] change rndc-confgen default algorithm · 1d57d460
      Evan Hunt authored
      this completes change 4785. the CHANGES note has been revised:
      
      4785.	[func]		The hmac-md5 algorithm is no longer recommended for
      			use with RNDC keys.  The default in rndc-confgen
      			is now hmac-sha256. [RT #42272]
      1d57d460
  17. 25 Oct, 2017 1 commit
  18. 24 Oct, 2017 3 commits
    • Tinderbox User's avatar
      update copyright notice / whitespace · ea055a82
      Tinderbox User authored
      ea055a82
    • Mark Andrews's avatar
      add missing semicolon · 79e78994
      Mark Andrews authored
      79e78994
    • Evan Hunt's avatar
      [master] deprecate HMAC in dnssec-keygen, MD5 in rndc-confgen · 21761bfe
      Evan Hunt authored
      4785.	[func]		The hmac-md5 algorithm is no longer recommended for
      			use with RNDC keys. For compatibility reasons, it
      			it is still the default algorithm in rndc-confgen,
      			but this will be changed to hmac-sha256 in a future
      			release. [RT #42272]
      
      4784.	[func]		The use of dnssec-keygen to generate HMAC keys is
      			deprecated in favor of tsig-keygen.  dnssec-keygen
      			will print a warning when used for this purpose.
      			All HMAC algorithms will be removed from
      			dnssec-keygen in a future release. [RT #42272]
      21761bfe
  19. 28 Sep, 2017 1 commit
    • Evan Hunt's avatar
      [master] completed and corrected the crypto-random change · 24172bd2
      Evan Hunt authored
      4724.	[func]		By default, BIND now uses the random number
      			functions provided by the crypto library (i.e.,
      			OpenSSL or a PKCS#11 provider) as a source of
      			randomness rather than /dev/random.  This is
      			suitable for virtual machine environments
      			which have limited entropy pools and lack
      			hardware random number generators.
      
      			This can be overridden by specifying another
      			entropy source via the "random-device" option
      			in named.conf, or via the -r command line option;
      			however, for functions requiring full cryptographic
      			strength, such as DNSSEC key generation, this
      			cannot be overridden. In particular, the -r
      			command line option no longer has any effect on
      			dnssec-keygen.
      
      			This can be disabled by building with
      			"configure --disable-crypto-rand".
      			[RT #31459] [RT #46047]
      24172bd2
  20. 18 Sep, 2017 1 commit
  21. 13 Sep, 2017 1 commit
  22. 09 Sep, 2017 1 commit
  23. 08 Sep, 2017 3 commits
  24. 20 Apr, 2017 1 commit
  25. 07 Dec, 2016 1 commit
  26. 06 Dec, 2016 1 commit
  27. 02 Nov, 2016 1 commit
    • Evan Hunt's avatar
      [master] make uninstall · 6087f87a
      Evan Hunt authored
      4503.	[cleanup]	"make uninstall" now removes file installed by
      			BIND. (This currently excludes Python files
      			due to lack of support in setup.py.) [RT #42912]
      6087f87a
  28. 26 Aug, 2016 1 commit
  29. 19 Aug, 2016 1 commit
  30. 18 Aug, 2016 1 commit
  31. 21 Jul, 2016 3 commits
  32. 27 Jun, 2016 2 commits