1. 25 Oct, 2018 2 commits
  2. 24 Oct, 2018 1 commit
  3. 18 Oct, 2018 1 commit
    • Evan Hunt's avatar
      retain a minimal "methods" struct in the mctx · 09f58ab6
      Evan Hunt authored
      - this enables memory to be allocated and freed in dyndb modules
        when named is linked statically. when we standardize on libtool,
        this should become unnecessary.
      - also, simplified the isc_mem_create/createx API by removing
        extra compatibility functions
      09f58ab6
  4. 05 Oct, 2018 1 commit
  5. 28 Aug, 2018 4 commits
  6. 16 Aug, 2018 1 commit
  7. 08 Aug, 2018 2 commits
  8. 19 Jul, 2018 3 commits
  9. 05 Jun, 2018 1 commit
  10. 23 May, 2018 1 commit
  11. 22 May, 2018 1 commit
    • Ondřej Surý's avatar
      address win32 build issues · 7ee8a7e6
      Ondřej Surý authored
      - Replace external -DOPENSSL/-DPKCS11CRYPTO with properly AC_DEFINEd
        HAVE_OPENSSL/HAVE_PKCS11
      - Don't enforce the crypto provider from platform.h, just from dst_api.c
        and configure scripts
      7ee8a7e6
  12. 16 May, 2018 1 commit
    • Ondřej Surý's avatar
      Replace all random functions with isc_random, isc_random_buf and isc_random_uniform API. · 3a4f820d
      Ondřej Surý authored
      The three functions has been modeled after the arc4random family of
      functions, and they will always return random bytes.
      
      The isc_random family of functions internally use these CSPRNG (if available):
      
      1. getrandom() libc call (might be available on Linux and Solaris)
      2. SYS_getrandom syscall (might be available on Linux, detected at runtime)
      3. arc4random(), arc4random_buf() and arc4random_uniform() (available on BSDs and Mac OS X)
      4. crypto library function:
      4a. RAND_bytes in case OpenSSL
      4b. pkcs_C_GenerateRandom() in case PKCS#11 library
      3a4f820d
  13. 11 May, 2018 1 commit
  14. 03 May, 2018 1 commit
  15. 06 Apr, 2018 1 commit
  16. 16 Mar, 2018 1 commit
  17. 23 Feb, 2018 1 commit
  18. 15 Feb, 2018 1 commit
  19. 09 Oct, 2017 2 commits
  20. 03 Oct, 2017 1 commit
  21. 28 Sep, 2017 1 commit
    • Evan Hunt's avatar
      [master] completed and corrected the crypto-random change · 24172bd2
      Evan Hunt authored
      4724.	[func]		By default, BIND now uses the random number
      			functions provided by the crypto library (i.e.,
      			OpenSSL or a PKCS#11 provider) as a source of
      			randomness rather than /dev/random.  This is
      			suitable for virtual machine environments
      			which have limited entropy pools and lack
      			hardware random number generators.
      
      			This can be overridden by specifying another
      			entropy source via the "random-device" option
      			in named.conf, or via the -r command line option;
      			however, for functions requiring full cryptographic
      			strength, such as DNSSEC key generation, this
      			cannot be overridden. In particular, the -r
      			command line option no longer has any effect on
      			dnssec-keygen.
      
      			This can be disabled by building with
      			"configure --disable-crypto-rand".
      			[RT #31459] [RT #46047]
      24172bd2
  22. 19 Sep, 2017 1 commit
  23. 13 Sep, 2017 1 commit
  24. 01 Aug, 2017 1 commit
  25. 31 Jul, 2017 1 commit
  26. 30 Dec, 2016 1 commit
  27. 07 Sep, 2016 1 commit
  28. 18 Aug, 2016 1 commit
  29. 27 Jun, 2016 1 commit
  30. 01 Jun, 2016 1 commit
  31. 25 Jan, 2016 1 commit
  32. 05 Jan, 2016 1 commit