Wouter Wijngaards
40f8fe2815
add and fix doxygen comments for doxygen-1.7.1. (which reports lots of
...
spurious items as well, by the way).
git-svn-id: file:///svn/unbound/trunk@2211 be551aaa-1e26-0410-a405-d3ace91eadb9
2010-08-13 08:41:49 +00:00
Wouter Wijngaards
ca36fd0110
please lint.
...
git-svn-id: file:///svn/unbound/trunk@2206 be551aaa-1e26-0410-a405-d3ace91eadb9
2010-08-04 08:43:38 +00:00
Wouter Wijngaards
4c4671a63f
- Fix validation in case a trust anchor enters into a zone with
...
unsupported algorithms.
git-svn-id: file:///svn/unbound/trunk@2205 be551aaa-1e26-0410-a405-d3ace91eadb9
2010-08-04 08:36:27 +00:00
Wouter Wijngaards
518504ff5c
Fix 4035 compliance for algorithms from the DS rrset that MUST sign the DNSKEY.
...
git-svn-id: file:///svn/unbound/trunk@2172 be551aaa-1e26-0410-a405-d3ace91eadb9
2010-07-01 12:08:48 +00:00
Wouter Wijngaards
b4b641807b
Fix various compiler warnings from the clang llvm compiler.
...
git-svn-id: file:///svn/unbound/trunk@2111 be551aaa-1e26-0410-a405-d3ace91eadb9
2010-05-18 12:37:04 +00:00
Wouter Wijngaards
77f49a5510
GOST support.
...
git-svn-id: file:///svn/unbound/trunk@2065 be551aaa-1e26-0410-a405-d3ace91eadb9
2010-04-06 12:15:19 +00:00
Wouter Wijngaards
147d47eee7
Move includes to code files.
...
git-svn-id: file:///svn/unbound/trunk@2035 be551aaa-1e26-0410-a405-d3ace91eadb9
2010-03-12 15:17:48 +00:00
Wouter Wijngaards
47e7b5fb51
Check rrsig expiration last in verify_rrsig
...
git-svn-id: file:///svn/unbound/trunk@1936 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-12-10 16:03:31 +00:00
Wouter Wijngaards
2c33330994
neater errors for algo and key failure.
...
git-svn-id: file:///svn/unbound/trunk@1872 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-10-08 08:02:00 +00:00
Wouter Wijngaards
ce45cbda6d
- moved version number to 1.4.0 because of 1.3.4 release with only
...
the NSEC3 patch.
- val-log-level: 2 shows extended error information for validation
failures, but still one (longish) line per failure. For example:
validation failure <example.com. DNSKEY IN>: signature expired from
192.0.2.4 for trust anchor example.com. while building chain of trust
validation failure <www.example.com. A IN>: no signatures from
192.0.2.6 for key example.com. while building chain of trust
git-svn-id: file:///svn/unbound/trunk@1868 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-10-07 16:45:47 +00:00
Wouter Wijngaards
5ecf670277
lint
...
git-svn-id: file:///svn/unbound/trunk@1757 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-08-11 14:25:34 +00:00
Wouter Wijngaards
538ca28828
OpenSSL config() and small memory leak. No more ENGINE_load_gost().
...
git-svn-id: file:///svn/unbound/trunk@1750 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-08-07 15:23:35 +00:00
Wouter Wijngaards
1f4222aa94
GOST support with --enable-gost.
...
git-svn-id: file:///svn/unbound/trunk@1747 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-08-06 13:38:55 +00:00
Wouter Wijngaards
6451748967
Remove REVOKE flag support.
...
git-svn-id: file:///svn/unbound/trunk@1639 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-06-08 08:29:17 +00:00
Wouter Wijngaards
38ec4f4777
Fixup bad free.
...
git-svn-id: file:///svn/unbound/trunk@1635 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-06-03 07:57:19 +00:00
Wouter Wijngaards
4b449309e5
rsasha256 and rsasha512 not enabled by default.
...
git-svn-id: file:///svn/unbound/trunk@1631 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-06-02 09:04:16 +00:00
Wouter Wijngaards
3b386055c7
RSASHA256 implicitly means NSEC3 support.
...
git-svn-id: file:///svn/unbound/trunk@1593 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-04-09 14:51:17 +00:00
Wouter Wijngaards
5a9dcd323d
remove empty line
...
git-svn-id: file:///svn/unbound/trunk@1592 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-04-07 15:02:57 +00:00
Wouter Wijngaards
1e1ac9900a
signature clock skew code.
...
git-svn-id: file:///svn/unbound/trunk@1590 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-04-06 14:09:33 +00:00
Wouter Wijngaards
b182b66e0e
Do not validate with revoked keys.
...
git-svn-id: file:///svn/unbound/trunk@1471 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-02-10 13:01:38 +00:00
Wouter Wijngaards
c1ae463da5
chrooted include file fix
...
git-svn-id: file:///svn/unbound/trunk@1411 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-01-06 15:47:15 +00:00
Wouter Wijngaards
865852d3f7
HINFO not downcased any more
...
git-svn-id: file:///svn/unbound/trunk@1410 be551aaa-1e26-0410-a405-d3ace91eadb9
2009-01-06 14:49:26 +00:00
Wouter Wijngaards
0d01be50bc
detection of sha256 and sha512 by testing if functionality was compiled
...
into openssl.
git-svn-id: file:///svn/unbound/trunk@1328 be551aaa-1e26-0410-a405-d3ace91eadb9
2008-11-03 16:06:12 +00:00
Wouter Wijngaards
8a32f9003b
- RSASHA256_NSEC3 and RSASHA512_NSEC3 algos are supported.
...
- updated ldns tarball (with those algos).
git-svn-id: file:///svn/unbound/trunk@1327 be551aaa-1e26-0410-a405-d3ace91eadb9
2008-11-03 15:42:07 +00:00
Wouter Wijngaards
1b1694a959
More verbose on signer name error.
...
git-svn-id: file:///svn/unbound/trunk@1322 be551aaa-1e26-0410-a405-d3ace91eadb9
2008-10-23 10:54:03 +00:00
Wouter Wijngaards
cb659ab13b
fixup SHA256 algorithm set routine
...
git-svn-id: file:///svn/unbound/trunk@1279 be551aaa-1e26-0410-a405-d3ace91eadb9
2008-10-02 09:05:20 +00:00
Wouter Wijngaards
5e1193f19d
SHA256 support.
...
git-svn-id: file:///svn/unbound/trunk@1275 be551aaa-1e26-0410-a405-d3ace91eadb9
2008-09-30 13:06:07 +00:00
Wouter Wijngaards
13a68aac89
Fix for SHA256 DS downgrade. And test of resistance.
...
git-svn-id: file:///svn/unbound/trunk@1273 be551aaa-1e26-0410-a405-d3ace91eadb9
2008-09-30 10:42:02 +00:00
Wouter Wijngaards
f9fd2676f9
DSA signature compatibility.
...
git-svn-id: file:///svn/unbound/trunk@1053 be551aaa-1e26-0410-a405-d3ace91eadb9
2008-04-15 19:51:28 +00:00
Wouter Wijngaards
c858743222
Fixup unbound. Now still a switch DSA(ldns) DSA(bind) ...
...
git-svn-id: file:///svn/unbound/trunk@1052 be551aaa-1e26-0410-a405-d3ace91eadb9
2008-04-15 18:01:14 +00:00
Wouter Wijngaards
9ab79dc0dc
DSA test
...
git-svn-id: file:///svn/unbound/trunk@1051 be551aaa-1e26-0410-a405-d3ace91eadb9
2008-04-15 15:19:25 +00:00
Wouter Wijngaards
3fced109b9
Check sig type for DSA.
...
git-svn-id: file:///svn/unbound/trunk@1043 be551aaa-1e26-0410-a405-d3ace91eadb9
2008-04-14 15:57:52 +00:00
Wouter Wijngaards
77e7e73a32
Jelte found DSA sig solution, copied from ldns to fit into unbound validator.
...
git-svn-id: file:///svn/unbound/trunk@1042 be551aaa-1e26-0410-a405-d3ace91eadb9
2008-04-14 15:34:09 +00:00
Wouter Wijngaards
b2710818d4
Faster due to time-sharing.
...
git-svn-id: file:///svn/unbound/trunk@966 be551aaa-1e26-0410-a405-d3ace91eadb9
2008-02-19 13:12:23 +00:00
Wouter Wijngaards
849026931b
move around debug levels.
...
git-svn-id: file:///svn/unbound/trunk@929 be551aaa-1e26-0410-a405-d3ace91eadb9
2008-02-07 09:46:49 +00:00
Wouter Wijngaards
99a9914605
No downcasing for NSEC and RRSIG
...
git-svn-id: file:///svn/unbound/trunk@754 be551aaa-1e26-0410-a405-d3ace91eadb9
2007-11-19 08:55:19 +00:00
Wouter Wijngaards
6f49c2fe55
regional nicer, remove region-allocator.
...
git-svn-id: file:///svn/unbound/trunk@697 be551aaa-1e26-0410-a405-d3ace91eadb9
2007-10-18 20:31:43 +00:00
Wouter Wijngaards
2a547a35a7
function pointer whitelists on data types.
...
git-svn-id: file:///svn/unbound/trunk@660 be551aaa-1e26-0410-a405-d3ace91eadb9
2007-10-05 11:41:12 +00:00
Wouter Wijngaards
8959cd47a8
NSEC rdata not lowercased.
...
git-svn-id: file:///svn/unbound/trunk@623 be551aaa-1e26-0410-a405-d3ace91eadb9
2007-09-19 12:34:42 +00:00
Wouter Wijngaards
08bf892be6
port.
...
git-svn-id: file:///svn/unbound/trunk@603 be551aaa-1e26-0410-a405-d3ace91eadb9
2007-09-06 09:14:13 +00:00
Wouter Wijngaards
de6d807e3d
no convert to der for DSA signatures
...
signature test.
git-svn-id: file:///svn/unbound/trunk@564 be551aaa-1e26-0410-a405-d3ace91eadb9
2007-08-29 14:27:04 +00:00
Wouter Wijngaards
824ceffedb
verbosity detail gives validation failures, but not boring algorithm logs.
...
git-svn-id: file:///svn/unbound/trunk@560 be551aaa-1e26-0410-a405-d3ace91eadb9
2007-08-28 15:07:52 +00:00
Wouter Wijngaards
3d832f5dca
Small speedup.
...
git-svn-id: file:///svn/unbound/trunk@558 be551aaa-1e26-0410-a405-d3ace91eadb9
2007-08-28 14:13:32 +00:00
Wouter Wijngaards
459039cf08
Faster verification.
...
git-svn-id: file:///svn/unbound/trunk@557 be551aaa-1e26-0410-a405-d3ace91eadb9
2007-08-28 13:54:55 +00:00
Wouter Wijngaards
c988905aa4
enforce signature TTLs
...
git-svn-id: file:///svn/unbound/trunk@555 be551aaa-1e26-0410-a405-d3ace91eadb9
2007-08-28 10:26:16 +00:00
Wouter Wijngaards
af2b300529
No offtree signing.
...
git-svn-id: file:///svn/unbound/trunk@554 be551aaa-1e26-0410-a405-d3ace91eadb9
2007-08-28 09:47:17 +00:00
Wouter Wijngaards
87fafec48a
DS and DNSKEY not from additional synthesis. Nicer signature expiration errors.
...
git-svn-id: file:///svn/unbound/trunk@546 be551aaa-1e26-0410-a405-d3ace91eadb9
2007-08-24 13:14:23 +00:00
Wouter Wijngaards
9ddbb430ef
findkey state.
...
git-svn-id: file:///svn/unbound/trunk@528 be551aaa-1e26-0410-a405-d3ace91eadb9
2007-08-16 15:06:40 +00:00
Wouter Wijngaards
24aad68487
fixup canon compare. Include full AXFR data in signature test.
...
git-svn-id: file:///svn/unbound/trunk@526 be551aaa-1e26-0410-a405-d3ace91eadb9
2007-08-16 10:05:52 +00:00
Wouter Wijngaards
e4aa70b4c5
key prime, DS test.
...
git-svn-id: file:///svn/unbound/trunk@525 be551aaa-1e26-0410-a405-d3ace91eadb9
2007-08-16 09:33:35 +00:00