|
|
|
@ -1,4 +1,4 @@
|
|
|
|
|
From 63d1fe9e1ac0db37f89cf31b40c35d6d22578ded Mon Sep 17 00:00:00 2001
|
|
|
|
|
From 346683631ae0f83ad4f09a69cfa5e5c6ea49e5d9 Mon Sep 17 00:00:00 2001
|
|
|
|
|
From: Evan Hunt <each@isc.org>
|
|
|
|
|
Date: Tue, 12 Sep 2017 19:05:46 -0700
|
|
|
|
|
Subject: [PATCH] rebased rt31459c
|
|
|
|
@ -199,10 +199,10 @@ index f017895..2c568fc 100644
|
|
|
|
|
if (verbose > 10)
|
|
|
|
|
isc_mem_stats(mctx, stdout);
|
|
|
|
|
diff --git a/bin/dnssec/dnssec-signzone.c b/bin/dnssec/dnssec-signzone.c
|
|
|
|
|
index dde1b2f..7308fc6 100644
|
|
|
|
|
index a097ac8..6567421 100644
|
|
|
|
|
--- a/bin/dnssec/dnssec-signzone.c
|
|
|
|
|
+++ b/bin/dnssec/dnssec-signzone.c
|
|
|
|
|
@@ -3465,14 +3465,15 @@ main(int argc, char *argv[]) {
|
|
|
|
|
@@ -3472,14 +3472,15 @@ main(int argc, char *argv[]) {
|
|
|
|
|
if (!pseudorandom)
|
|
|
|
|
eflags |= ISC_ENTROPY_GOODONLY;
|
|
|
|
|
|
|
|
|
@ -222,7 +222,7 @@ index dde1b2f..7308fc6 100644
|
|
|
|
|
isc_stdtime_get(&now);
|
|
|
|
|
|
|
|
|
|
if (startstr != NULL) {
|
|
|
|
|
@@ -3884,8 +3885,8 @@ main(int argc, char *argv[]) {
|
|
|
|
|
@@ -3896,8 +3897,8 @@ main(int argc, char *argv[]) {
|
|
|
|
|
dns_master_styledestroy(&dsstyle, mctx);
|
|
|
|
|
|
|
|
|
|
cleanup_logging(&log);
|
|
|
|
@ -293,7 +293,7 @@ index 7f045e8..2a0f9c6 100644
|
|
|
|
|
usekeyboard);
|
|
|
|
|
|
|
|
|
|
diff --git a/bin/named/server.c b/bin/named/server.c
|
|
|
|
|
index 30d38be..b2ae57c 100644
|
|
|
|
|
index 9826588..b3e3fc3 100644
|
|
|
|
|
--- a/bin/named/server.c
|
|
|
|
|
+++ b/bin/named/server.c
|
|
|
|
|
@@ -36,6 +36,7 @@
|
|
|
|
@ -304,7 +304,7 @@ index 30d38be..b2ae57c 100644
|
|
|
|
|
#include <isc/portset.h>
|
|
|
|
|
#include <isc/print.h>
|
|
|
|
|
#include <isc/random.h>
|
|
|
|
|
@@ -8286,6 +8287,10 @@ load_configuration(const char *filename, ns_server_t *server,
|
|
|
|
|
@@ -8291,6 +8292,10 @@ load_configuration(const char *filename, ns_server_t *server,
|
|
|
|
|
"no source of entropy found");
|
|
|
|
|
} else {
|
|
|
|
|
const char *randomdev = cfg_obj_asstring(obj);
|
|
|
|
@ -315,7 +315,7 @@ index 30d38be..b2ae57c 100644
|
|
|
|
|
int level = ISC_LOG_ERROR;
|
|
|
|
|
result = isc_entropy_createfilesource(ns_g_entropy,
|
|
|
|
|
randomdev);
|
|
|
|
|
@@ -8320,6 +8325,7 @@ load_configuration(const char *filename, ns_server_t *server,
|
|
|
|
|
@@ -8325,6 +8330,7 @@ load_configuration(const char *filename, ns_server_t *server,
|
|
|
|
|
}
|
|
|
|
|
isc_entropy_detach(&ns_g_fallbackentropy);
|
|
|
|
|
}
|
|
|
|
@ -324,10 +324,10 @@ index 30d38be..b2ae57c 100644
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
diff --git a/bin/nsupdate/nsupdate.c b/bin/nsupdate/nsupdate.c
|
|
|
|
|
index 5a2c660..7f15cbc 100644
|
|
|
|
|
index 52b0274..23b69c9 100644
|
|
|
|
|
--- a/bin/nsupdate/nsupdate.c
|
|
|
|
|
+++ b/bin/nsupdate/nsupdate.c
|
|
|
|
|
@@ -278,7 +278,8 @@ setup_entropy(isc_mem_t *mctx, const char *randomfile, isc_entropy_t **ectx) {
|
|
|
|
|
@@ -279,7 +279,8 @@ setup_entropy(isc_mem_t *mctx, const char *randomfile, isc_entropy_t **ectx) {
|
|
|
|
|
if (*ectx == NULL) {
|
|
|
|
|
result = isc_entropy_create(mctx, ectx);
|
|
|
|
|
if (result != ISC_R_SUCCESS)
|
|
|
|
@ -337,7 +337,7 @@ index 5a2c660..7f15cbc 100644
|
|
|
|
|
ISC_LIST_INIT(sources);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@@ -287,6 +288,13 @@ setup_entropy(isc_mem_t *mctx, const char *randomfile, isc_entropy_t **ectx) {
|
|
|
|
|
@@ -288,6 +289,13 @@ setup_entropy(isc_mem_t *mctx, const char *randomfile, isc_entropy_t **ectx) {
|
|
|
|
|
randomfile = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -351,7 +351,7 @@ index 5a2c660..7f15cbc 100644
|
|
|
|
|
result = isc_entropy_usebestsource(*ectx, &source, randomfile,
|
|
|
|
|
usekeyboard);
|
|
|
|
|
|
|
|
|
|
@@ -989,11 +997,11 @@ setup_system(void) {
|
|
|
|
|
@@ -990,11 +998,11 @@ setup_system(void) {
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -561,10 +561,10 @@ index 34360aa..3236968 100644
|
|
|
|
|
|
|
|
|
|
isc_mem_destroy(&mctx);
|
|
|
|
|
diff --git a/bin/tests/system/tkey/keydelete.c b/bin/tests/system/tkey/keydelete.c
|
|
|
|
|
index 4b5b901..43fb6b0 100644
|
|
|
|
|
index a3dd450..350723f 100644
|
|
|
|
|
--- a/bin/tests/system/tkey/keydelete.c
|
|
|
|
|
+++ b/bin/tests/system/tkey/keydelete.c
|
|
|
|
|
@@ -136,6 +136,7 @@ sendquery(isc_task_t *task, isc_event_t *event) {
|
|
|
|
|
@@ -137,6 +137,7 @@ sendquery(isc_task_t *task, isc_event_t *event) {
|
|
|
|
|
int
|
|
|
|
|
main(int argc, char **argv) {
|
|
|
|
|
char *keyname;
|
|
|
|
@ -572,7 +572,7 @@ index 4b5b901..43fb6b0 100644
|
|
|
|
|
isc_taskmgr_t *taskmgr;
|
|
|
|
|
isc_timermgr_t *timermgr;
|
|
|
|
|
isc_socketmgr_t *socketmgr;
|
|
|
|
|
@@ -156,10 +157,21 @@ main(int argc, char **argv) {
|
|
|
|
|
@@ -157,10 +158,21 @@ main(int argc, char **argv) {
|
|
|
|
|
|
|
|
|
|
RUNCHECK(isc_app_start());
|
|
|
|
|
|
|
|
|
@ -594,7 +594,7 @@ index 4b5b901..43fb6b0 100644
|
|
|
|
|
keyname = argv[1];
|
|
|
|
|
|
|
|
|
|
dns_result_register();
|
|
|
|
|
@@ -169,14 +181,22 @@ main(int argc, char **argv) {
|
|
|
|
|
@@ -170,14 +182,22 @@ main(int argc, char **argv) {
|
|
|
|
|
|
|
|
|
|
ectx = NULL;
|
|
|
|
|
RUNCHECK(isc_entropy_create(mctx, &ectx));
|
|
|
|
@ -619,7 +619,7 @@ index 4b5b901..43fb6b0 100644
|
|
|
|
|
|
|
|
|
|
taskmgr = NULL;
|
|
|
|
|
RUNCHECK(isc_taskmgr_create(mctx, 1, 0, &taskmgr));
|
|
|
|
|
@@ -264,8 +284,8 @@ main(int argc, char **argv) {
|
|
|
|
|
@@ -265,8 +285,8 @@ main(int argc, char **argv) {
|
|
|
|
|
|
|
|
|
|
isc_log_destroy(&log);
|
|
|
|
|
|
|
|
|
@ -688,7 +688,7 @@ index 26fa609..fb34aa0 100644
|
|
|
|
|
parse_args(false, argc, argv);
|
|
|
|
|
if (server == NULL)
|
|
|
|
|
diff --git a/configure b/configure
|
|
|
|
|
index 0faca65..d5ffc87 100755
|
|
|
|
|
index 368112f..e060e9d 100755
|
|
|
|
|
--- a/configure
|
|
|
|
|
+++ b/configure
|
|
|
|
|
@@ -640,6 +640,7 @@ ac_includes_default="\
|
|
|
|
@ -699,7 +699,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
BUILD_LIBS
|
|
|
|
|
BUILD_LDFLAGS
|
|
|
|
|
BUILD_CPPFLAGS
|
|
|
|
|
@@ -823,6 +824,7 @@ LIBXML2_CFLAGS
|
|
|
|
|
@@ -822,6 +823,7 @@ LIBXML2_CFLAGS
|
|
|
|
|
NZDTARGETS
|
|
|
|
|
NZDSRCS
|
|
|
|
|
NZD_TOOLS
|
|
|
|
@ -707,7 +707,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
PKCS11_TEST
|
|
|
|
|
PKCS11_ED25519
|
|
|
|
|
PKCS11_GOST
|
|
|
|
|
@@ -1047,6 +1049,7 @@ with_eddsa
|
|
|
|
|
@@ -1046,6 +1048,7 @@ with_eddsa
|
|
|
|
|
with_aes
|
|
|
|
|
enable_openssl_hash
|
|
|
|
|
with_cc_alg
|
|
|
|
@ -715,7 +715,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
with_lmdb
|
|
|
|
|
with_libxml2
|
|
|
|
|
with_libjson
|
|
|
|
|
@@ -1749,6 +1752,7 @@ Optional Features:
|
|
|
|
|
@@ -1747,6 +1750,7 @@ Optional Features:
|
|
|
|
|
--enable-threads enable multithreading
|
|
|
|
|
--enable-native-pkcs11 use native PKCS11 for all crypto [default=no]
|
|
|
|
|
--enable-openssl-hash use OpenSSL for hash functions [default=no]
|
|
|
|
@ -723,7 +723,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
--enable-largefile 64-bit file support
|
|
|
|
|
--enable-backtrace log stack backtrace on abort [default=yes]
|
|
|
|
|
--enable-symtable use internal symbol table for backtrace
|
|
|
|
|
@@ -17205,6 +17209,7 @@ case "$use_openssl" in
|
|
|
|
|
@@ -17204,6 +17208,7 @@ case "$use_openssl" in
|
|
|
|
|
$as_echo "disabled because of native PKCS11" >&6; }
|
|
|
|
|
DST_OPENSSL_INC=""
|
|
|
|
|
CRYPTO="-DPKCS11CRYPTO"
|
|
|
|
@ -731,7 +731,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
OPENSSLECDSALINKOBJS=""
|
|
|
|
|
OPENSSLECDSALINKSRCS=""
|
|
|
|
|
OPENSSLEDDSALINKOBJS=""
|
|
|
|
|
@@ -17219,6 +17224,7 @@ $as_echo "disabled because of native PKCS11" >&6; }
|
|
|
|
|
@@ -17218,6 +17223,7 @@ $as_echo "disabled because of native PKCS11" >&6; }
|
|
|
|
|
$as_echo "no" >&6; }
|
|
|
|
|
DST_OPENSSL_INC=""
|
|
|
|
|
CRYPTO=""
|
|
|
|
@ -739,7 +739,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
OPENSSLECDSALINKOBJS=""
|
|
|
|
|
OPENSSLECDSALINKSRCS=""
|
|
|
|
|
OPENSSLEDDSALINKOBJS=""
|
|
|
|
|
@@ -17231,6 +17237,7 @@ $as_echo "no" >&6; }
|
|
|
|
|
@@ -17230,6 +17236,7 @@ $as_echo "no" >&6; }
|
|
|
|
|
auto)
|
|
|
|
|
DST_OPENSSL_INC=""
|
|
|
|
|
CRYPTO=""
|
|
|
|
@ -747,7 +747,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
OPENSSLECDSALINKOBJS=""
|
|
|
|
|
OPENSSLECDSALINKSRCS=""
|
|
|
|
|
OPENSSLEDDSALINKOBJS=""
|
|
|
|
|
@@ -17240,7 +17247,7 @@ $as_echo "no" >&6; }
|
|
|
|
|
@@ -17239,7 +17246,7 @@ $as_echo "no" >&6; }
|
|
|
|
|
OPENSSLLINKOBJS=""
|
|
|
|
|
OPENSSLLINKSRCS=""
|
|
|
|
|
as_fn_error $? "OpenSSL was not found in any of $openssldirs; use --with-openssl=/path
|
|
|
|
@ -756,7 +756,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
;;
|
|
|
|
|
*)
|
|
|
|
|
if test "yes" = "$want_native_pkcs11"
|
|
|
|
|
@@ -17271,6 +17278,7 @@ $as_echo "not found" >&6; }
|
|
|
|
|
@@ -17270,6 +17277,7 @@ $as_echo "not found" >&6; }
|
|
|
|
|
as_fn_error $? "\"$use_openssl/include/openssl/opensslv.h\" not found" "$LINENO" 5
|
|
|
|
|
fi
|
|
|
|
|
CRYPTO='-DOPENSSL'
|
|
|
|
@ -764,7 +764,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
if test "/usr" = "$use_openssl"
|
|
|
|
|
then
|
|
|
|
|
DST_OPENSSL_INC=""
|
|
|
|
|
@@ -17897,8 +17905,6 @@ fi
|
|
|
|
|
@@ -17904,8 +17912,6 @@ fi
|
|
|
|
|
# Use OpenSSL for hash functions
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
@ -773,7 +773,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
ISC_PLATFORM_OPENSSLHASH="#undef ISC_PLATFORM_OPENSSLHASH"
|
|
|
|
|
case $want_openssl_hash in
|
|
|
|
|
yes)
|
|
|
|
|
@@ -18273,6 +18279,86 @@ if test "rt" = "$have_clock_gt"; then
|
|
|
|
|
@@ -18280,6 +18286,86 @@ if test "rt" = "$have_clock_gt"; then
|
|
|
|
|
LIBS="-lrt $LIBS"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
@ -860,7 +860,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
#
|
|
|
|
|
# was --with-lmdb specified?
|
|
|
|
|
#
|
|
|
|
|
@@ -20549,9 +20635,12 @@ _ACEOF
|
|
|
|
|
@@ -20556,9 +20642,12 @@ _ACEOF
|
|
|
|
|
if ac_fn_c_try_compile "$LINENO"; then :
|
|
|
|
|
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: size_t for buflen; int for flags" >&5
|
|
|
|
|
$as_echo "size_t for buflen; int for flags" >&6; }
|
|
|
|
@ -875,7 +875,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
|
|
|
|
|
$as_echo "#define IRS_GETNAMEINFO_FLAGS_T int" >>confdefs.h
|
|
|
|
|
|
|
|
|
|
@@ -21877,12 +21966,7 @@ ISC_PLATFORM_USEGCCASM="#undef ISC_PLATFORM_USEGCCASM"
|
|
|
|
|
@@ -21856,12 +21945,7 @@ ISC_PLATFORM_USEGCCASM="#undef ISC_PLATFORM_USEGCCASM"
|
|
|
|
|
ISC_PLATFORM_USESTDASM="#undef ISC_PLATFORM_USESTDASM"
|
|
|
|
|
ISC_PLATFORM_USEMACASM="#undef ISC_PLATFORM_USEMACASM"
|
|
|
|
|
if test "yes" = "$use_atomic"; then
|
|
|
|
@ -889,7 +889,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
|
|
|
|
|
# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
|
|
|
|
|
# This bug is HP SR number 8606223364.
|
|
|
|
|
@@ -21915,6 +21999,11 @@ cat >>confdefs.h <<_ACEOF
|
|
|
|
|
@@ -21894,6 +21978,11 @@ cat >>confdefs.h <<_ACEOF
|
|
|
|
|
_ACEOF
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -901,7 +901,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
if test $ac_cv_sizeof_void_p = 8; then
|
|
|
|
|
arch=x86_64
|
|
|
|
|
have_xaddq=yes
|
|
|
|
|
@@ -21923,39 +22012,6 @@ _ACEOF
|
|
|
|
|
@@ -21902,39 +21991,6 @@ _ACEOF
|
|
|
|
|
fi
|
|
|
|
|
;;
|
|
|
|
|
x86_64-*|amd64-*)
|
|
|
|
@ -941,7 +941,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
if test $ac_cv_sizeof_void_p = 8; then
|
|
|
|
|
arch=x86_64
|
|
|
|
|
have_xaddq=yes
|
|
|
|
|
@@ -21986,6 +22042,10 @@ $as_echo_n "checking architecture type for atomic operations... " >&6; }
|
|
|
|
|
@@ -21965,6 +22021,10 @@ $as_echo_n "checking architecture type for atomic operations... " >&6; }
|
|
|
|
|
$as_echo "$arch" >&6; }
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
@ -952,7 +952,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
if test "yes" = "$have_atomic"; then
|
|
|
|
|
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking compiler support for inline assembly code" >&5
|
|
|
|
|
$as_echo_n "checking compiler support for inline assembly code... " >&6; }
|
|
|
|
|
@@ -24567,6 +24627,30 @@ CFLAGS="$CFLAGS $SO_CFLAGS"
|
|
|
|
|
@@ -24547,6 +24607,30 @@ CFLAGS="$CFLAGS $SO_CFLAGS"
|
|
|
|
|
#
|
|
|
|
|
dlzdir='${DLZ_DRIVER_DIR}'
|
|
|
|
|
|
|
|
|
@ -983,7 +983,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
#
|
|
|
|
|
# Private autoconf macro to simplify configuring drivers:
|
|
|
|
|
#
|
|
|
|
|
@@ -24897,11 +24981,11 @@ $as_echo "no" >&6; }
|
|
|
|
|
@@ -24877,11 +24961,11 @@ $as_echo "no" >&6; }
|
|
|
|
|
$as_echo "using mysql with libs ${mysql_lib} and includes ${mysql_include}" >&6; }
|
|
|
|
|
;;
|
|
|
|
|
*)
|
|
|
|
@ -998,7 +998,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
CONTRIB_DLZ="$CONTRIB_DLZ -DDLZ_MYSQL"
|
|
|
|
|
@@ -24986,7 +25070,7 @@ $as_echo "" >&6; }
|
|
|
|
|
@@ -24966,7 +25050,7 @@ $as_echo "" >&6; }
|
|
|
|
|
# Check other locations for includes.
|
|
|
|
|
# Order is important (sigh).
|
|
|
|
|
|
|
|
|
@ -1007,7 +1007,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
# include a blank element first
|
|
|
|
|
for d in "" $bdb_incdirs
|
|
|
|
|
do
|
|
|
|
|
@@ -25011,57 +25095,9 @@ $as_echo "" >&6; }
|
|
|
|
|
@@ -24991,57 +25075,9 @@ $as_echo "" >&6; }
|
|
|
|
|
bdb_libnames="db53 db-5.3 db51 db-5.1 db48 db-4.8 db47 db-4.7 db46 db-4.6 db45 db-4.5 db44 db-4.4 db43 db-4.3 db42 db-4.2 db41 db-4.1 db"
|
|
|
|
|
for d in $bdb_libnames
|
|
|
|
|
do
|
|
|
|
@ -1067,7 +1067,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
break
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
@@ -25220,10 +25256,10 @@ $as_echo "no" >&6; }
|
|
|
|
|
@@ -25200,10 +25236,10 @@ $as_echo "no" >&6; }
|
|
|
|
|
DLZ_DRIVER_INCLUDES="$DLZ_DRIVER_INCLUDES -I$use_dlz_ldap/include"
|
|
|
|
|
DLZ_DRIVER_LDAP_INCLUDES="-I$use_dlz_ldap/include"
|
|
|
|
|
fi
|
|
|
|
@ -1081,7 +1081,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@@ -25309,11 +25345,11 @@ fi
|
|
|
|
|
@@ -25289,11 +25325,11 @@ fi
|
|
|
|
|
odbcdirs="/usr /usr/local /usr/pkg"
|
|
|
|
|
for d in $odbcdirs
|
|
|
|
|
do
|
|
|
|
@ -1095,7 +1095,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
break
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
@@ -25588,6 +25624,8 @@ DNS_CRYPTO_LIBS="$NEWFLAGS"
|
|
|
|
|
@@ -25568,6 +25604,8 @@ DNS_CRYPTO_LIBS="$NEWFLAGS"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -1104,7 +1104,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
#
|
|
|
|
|
# Commands to run at the end of config.status.
|
|
|
|
|
# Don't just put these into configure, it won't work right if somebody
|
|
|
|
|
@@ -27966,6 +28004,8 @@ report() {
|
|
|
|
|
@@ -27946,6 +27984,8 @@ report() {
|
|
|
|
|
echo " IPv6 support (--enable-ipv6)"
|
|
|
|
|
test "X$CRYPTO" = "X" -o "yes" = "$want_native_pkcs11" || \
|
|
|
|
|
echo " OpenSSL cryptography/DNSSEC (--with-openssl)"
|
|
|
|
@ -1113,7 +1113,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
test "X$PYTHON" = "X" || echo " Python tools (--with-python)"
|
|
|
|
|
test "X$XMLSTATS" = "X" || echo " XML statistics (--with-libxml2)"
|
|
|
|
|
test "X$JSONSTATS" = "X" || echo " JSON statistics (--with-libjson)"
|
|
|
|
|
@@ -28006,6 +28046,8 @@ report() {
|
|
|
|
|
@@ -27986,6 +28026,8 @@ report() {
|
|
|
|
|
echo " Very verbose query trace logging (--enable-querytrace)"
|
|
|
|
|
test "no" = "$with_cmocka" || echo " CMocka Unit Testing Framework (--with-cmocka)"
|
|
|
|
|
|
|
|
|
@ -1122,7 +1122,7 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
echo " Dynamically loadable zone (DLZ) drivers:"
|
|
|
|
|
test "no" = "$use_dlz_bdb" || \
|
|
|
|
|
echo " Berkeley DB (--with-dlz-bdb)"
|
|
|
|
|
@@ -28053,6 +28095,8 @@ report() {
|
|
|
|
|
@@ -28033,6 +28075,8 @@ report() {
|
|
|
|
|
echo " ECDSA algorithm support (--with-ecdsa)"
|
|
|
|
|
test "X$CRYPTO" = "X" -o "yes" = "$OPENSSL_ED25519" -o "yes" = "$PKCS11_ED25519" || \
|
|
|
|
|
echo " EDDSA algorithm support (--with-eddsa)"
|
|
|
|
@ -1132,10 +1132,10 @@ index 0faca65..d5ffc87 100755
|
|
|
|
|
test "yes" = "$enable_seccomp" || \
|
|
|
|
|
echo " Use libseccomp system call filtering (--enable-seccomp)"
|
|
|
|
|
diff --git a/configure.ac b/configure.ac
|
|
|
|
|
index 78535bd..faef2e8 100644
|
|
|
|
|
index 11f41e8..fdcfc62 100644
|
|
|
|
|
--- a/configure.ac
|
|
|
|
|
+++ b/configure.ac
|
|
|
|
|
@@ -1598,6 +1598,7 @@ case "$use_openssl" in
|
|
|
|
|
@@ -1600,6 +1600,7 @@ case "$use_openssl" in
|
|
|
|
|
AC_MSG_RESULT(disabled because of native PKCS11)
|
|
|
|
|
DST_OPENSSL_INC=""
|
|
|
|
|
CRYPTO="-DPKCS11CRYPTO"
|
|
|
|
@ -1143,7 +1143,7 @@ index 78535bd..faef2e8 100644
|
|
|
|
|
OPENSSLECDSALINKOBJS=""
|
|
|
|
|
OPENSSLECDSALINKSRCS=""
|
|
|
|
|
OPENSSLEDDSALINKOBJS=""
|
|
|
|
|
@@ -1611,6 +1612,7 @@ case "$use_openssl" in
|
|
|
|
|
@@ -1613,6 +1614,7 @@ case "$use_openssl" in
|
|
|
|
|
AC_MSG_RESULT(no)
|
|
|
|
|
DST_OPENSSL_INC=""
|
|
|
|
|
CRYPTO=""
|
|
|
|
@ -1151,7 +1151,7 @@ index 78535bd..faef2e8 100644
|
|
|
|
|
OPENSSLECDSALINKOBJS=""
|
|
|
|
|
OPENSSLECDSALINKSRCS=""
|
|
|
|
|
OPENSSLEDDSALINKOBJS=""
|
|
|
|
|
@@ -1623,6 +1625,7 @@ case "$use_openssl" in
|
|
|
|
|
@@ -1625,6 +1627,7 @@ case "$use_openssl" in
|
|
|
|
|
auto)
|
|
|
|
|
DST_OPENSSL_INC=""
|
|
|
|
|
CRYPTO=""
|
|
|
|
@ -1159,7 +1159,7 @@ index 78535bd..faef2e8 100644
|
|
|
|
|
OPENSSLECDSALINKOBJS=""
|
|
|
|
|
OPENSSLECDSALINKSRCS=""
|
|
|
|
|
OPENSSLEDDSALINKOBJS=""
|
|
|
|
|
@@ -1633,7 +1636,7 @@ case "$use_openssl" in
|
|
|
|
|
@@ -1635,7 +1638,7 @@ case "$use_openssl" in
|
|
|
|
|
OPENSSLLINKSRCS=""
|
|
|
|
|
AC_MSG_ERROR(
|
|
|
|
|
[OpenSSL was not found in any of $openssldirs; use --with-openssl=/path
|
|
|
|
@ -1168,7 +1168,7 @@ index 78535bd..faef2e8 100644
|
|
|
|
|
;;
|
|
|
|
|
*)
|
|
|
|
|
if test "yes" = "$want_native_pkcs11"
|
|
|
|
|
@@ -1663,6 +1666,7 @@ If you don't want OpenSSL, use --without-openssl])
|
|
|
|
|
@@ -1665,6 +1668,7 @@ If you don't want OpenSSL, use --without-openssl])
|
|
|
|
|
AC_MSG_ERROR(["$use_openssl/include/openssl/opensslv.h" not found])
|
|
|
|
|
fi
|
|
|
|
|
CRYPTO='-DOPENSSL'
|
|
|
|
@ -1176,7 +1176,7 @@ index 78535bd..faef2e8 100644
|
|
|
|
|
if test "/usr" = "$use_openssl"
|
|
|
|
|
then
|
|
|
|
|
DST_OPENSSL_INC=""
|
|
|
|
|
@@ -2099,7 +2103,6 @@ fi
|
|
|
|
|
@@ -2109,7 +2113,6 @@ fi
|
|
|
|
|
# Use OpenSSL for hash functions
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
@ -1184,7 +1184,7 @@ index 78535bd..faef2e8 100644
|
|
|
|
|
ISC_PLATFORM_OPENSSLHASH="#undef ISC_PLATFORM_OPENSSLHASH"
|
|
|
|
|
case $want_openssl_hash in
|
|
|
|
|
yes)
|
|
|
|
|
@@ -2371,6 +2374,67 @@ if test "rt" = "$have_clock_gt"; then
|
|
|
|
|
@@ -2381,6 +2384,67 @@ if test "rt" = "$have_clock_gt"; then
|
|
|
|
|
LIBS="-lrt $LIBS"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
@ -1252,7 +1252,7 @@ index 78535bd..faef2e8 100644
|
|
|
|
|
#
|
|
|
|
|
# was --with-lmdb specified?
|
|
|
|
|
#
|
|
|
|
|
@@ -4188,12 +4252,12 @@ ISC_PLATFORM_USEGCCASM="#undef ISC_PLATFORM_USEGCCASM"
|
|
|
|
|
@@ -4174,12 +4238,12 @@ ISC_PLATFORM_USEGCCASM="#undef ISC_PLATFORM_USEGCCASM"
|
|
|
|
|
ISC_PLATFORM_USESTDASM="#undef ISC_PLATFORM_USESTDASM"
|
|
|
|
|
ISC_PLATFORM_USEMACASM="#undef ISC_PLATFORM_USEMACASM"
|
|
|
|
|
if test "yes" = "$use_atomic"; then
|
|
|
|
@ -1266,7 +1266,7 @@ index 78535bd..faef2e8 100644
|
|
|
|
|
if test $ac_cv_sizeof_void_p = 8; then
|
|
|
|
|
arch=x86_64
|
|
|
|
|
have_xaddq=yes
|
|
|
|
|
@@ -4202,7 +4266,6 @@ if test "yes" = "$use_atomic"; then
|
|
|
|
|
@@ -4188,7 +4252,6 @@ if test "yes" = "$use_atomic"; then
|
|
|
|
|
fi
|
|
|
|
|
;;
|
|
|
|
|
x86_64-*|amd64-*)
|
|
|
|
@ -1274,7 +1274,7 @@ index 78535bd..faef2e8 100644
|
|
|
|
|
if test $ac_cv_sizeof_void_p = 8; then
|
|
|
|
|
arch=x86_64
|
|
|
|
|
have_xaddq=yes
|
|
|
|
|
@@ -5635,6 +5698,8 @@ report() {
|
|
|
|
|
@@ -5622,6 +5685,8 @@ report() {
|
|
|
|
|
echo " IPv6 support (--enable-ipv6)"
|
|
|
|
|
test "X$CRYPTO" = "X" -o "yes" = "$want_native_pkcs11" || \
|
|
|
|
|
echo " OpenSSL cryptography/DNSSEC (--with-openssl)"
|
|
|
|
@ -1283,7 +1283,7 @@ index 78535bd..faef2e8 100644
|
|
|
|
|
test "X$PYTHON" = "X" || echo " Python tools (--with-python)"
|
|
|
|
|
test "X$XMLSTATS" = "X" || echo " XML statistics (--with-libxml2)"
|
|
|
|
|
test "X$JSONSTATS" = "X" || echo " JSON statistics (--with-libjson)"
|
|
|
|
|
@@ -5675,6 +5740,8 @@ report() {
|
|
|
|
|
@@ -5662,6 +5727,8 @@ report() {
|
|
|
|
|
echo " Very verbose query trace logging (--enable-querytrace)"
|
|
|
|
|
test "no" = "$with_cmocka" || echo " CMocka Unit Testing Framework (--with-cmocka)"
|
|
|
|
|
|
|
|
|
@ -1292,7 +1292,7 @@ index 78535bd..faef2e8 100644
|
|
|
|
|
echo " Dynamically loadable zone (DLZ) drivers:"
|
|
|
|
|
test "no" = "$use_dlz_bdb" || \
|
|
|
|
|
echo " Berkeley DB (--with-dlz-bdb)"
|
|
|
|
|
@@ -5722,6 +5789,8 @@ report() {
|
|
|
|
|
@@ -5709,6 +5776,8 @@ report() {
|
|
|
|
|
echo " ECDSA algorithm support (--with-ecdsa)"
|
|
|
|
|
test "X$CRYPTO" = "X" -o "yes" = "$OPENSSL_ED25519" -o "yes" = "$PKCS11_ED25519" || \
|
|
|
|
|
echo " EDDSA algorithm support (--with-eddsa)"
|
|
|
|
@ -2015,7 +2015,7 @@ index 1f785e0..f9051c3 100644
|
|
|
|
|
* Define if the hash functions must be provided by OpenSSL.
|
|
|
|
|
*/
|
|
|
|
|
diff --git a/win32utils/Configure b/win32utils/Configure
|
|
|
|
|
index 5f66a82..ff39910 100644
|
|
|
|
|
index 7ac30fb..55b6c23 100644
|
|
|
|
|
--- a/win32utils/Configure
|
|
|
|
|
+++ b/win32utils/Configure
|
|
|
|
|
@@ -382,6 +382,7 @@ my @substdefh = ("ALLOW_FILTER_AAAA",
|
|
|
|
@ -2026,7 +2026,7 @@ index 5f66a82..ff39910 100644
|
|
|
|
|
"ISC_PLATFORM_HAVEATOMICSTORE",
|
|
|
|
|
"ISC_PLATFORM_HAVEATOMICSTOREQ",
|
|
|
|
|
"ISC_PLATFORM_HAVECMPXCHG",
|
|
|
|
|
@@ -517,7 +518,8 @@ my @allcond = (@substcond, "NOTYET", "NOLONGER");
|
|
|
|
|
@@ -516,7 +517,8 @@ my @allcond = (@substcond, "NOTYET", "NOLONGER");
|
|
|
|
|
|
|
|
|
|
# enable-xxx/disable-xxx
|
|
|
|
|
|
|
|
|
@ -2035,16 +2035,16 @@ index 5f66a82..ff39910 100644
|
|
|
|
|
+ "developer",
|
|
|
|
|
"fixed-rrset",
|
|
|
|
|
"intrinsics",
|
|
|
|
|
"isc-spnego",
|
|
|
|
|
@@ -580,6 +582,7 @@ my @help = (
|
|
|
|
|
"native-pkcs11",
|
|
|
|
|
@@ -578,6 +580,7 @@ my @help = (
|
|
|
|
|
"\nOptional Features:\n",
|
|
|
|
|
" enable-intrinsics enable intrinsic/atomic functions [default=yes]\n",
|
|
|
|
|
" enable-native-pkcs11 use native PKCS#11 for all crypto [default=no]\n",
|
|
|
|
|
+" enable-crypto-rand use crypto provider for random [default=yes]\n",
|
|
|
|
|
" enable-openssl-hash use OpenSSL for hash functions [default=yes]\n",
|
|
|
|
|
" enable-isc-spnego use SPNEGO from lib/dns [default=yes]\n",
|
|
|
|
|
" enable-filter-aaaa enable filtering of AAAA records [default=yes]\n",
|
|
|
|
|
@@ -628,7 +631,9 @@ my $want_clean = "no";
|
|
|
|
|
" enable-fixed-rrset enable fixed rrset ordering [default=no]\n",
|
|
|
|
|
@@ -625,7 +628,9 @@ my $want_clean = "no";
|
|
|
|
|
my $want_unknown = "no";
|
|
|
|
|
my $unknown_value;
|
|
|
|
|
my $enable_intrinsics = "yes";
|
|
|
|
@ -2053,8 +2053,8 @@ index 5f66a82..ff39910 100644
|
|
|
|
|
+my $enable_crypto_rand = "yes";
|
|
|
|
|
my $enable_openssl_hash = "auto";
|
|
|
|
|
my $enable_filter_aaaa = "yes";
|
|
|
|
|
my $enable_isc_spnego = "yes";
|
|
|
|
|
@@ -848,6 +853,10 @@ sub myenable {
|
|
|
|
|
my $enable_fixed_rrset = "no";
|
|
|
|
|
@@ -844,6 +849,10 @@ sub myenable {
|
|
|
|
|
if ($val =~ /^yes$/i) {
|
|
|
|
|
$enable_native_pkcs11 = "yes";
|
|
|
|
|
}
|
|
|
|
@ -2065,7 +2065,7 @@ index 5f66a82..ff39910 100644
|
|
|
|
|
} elsif ($key =~ /^openssl-hash$/i) {
|
|
|
|
|
if ($val =~ /^yes$/i) {
|
|
|
|
|
$enable_openssl_hash = "yes";
|
|
|
|
|
@@ -1154,6 +1163,11 @@ if ($verbose) {
|
|
|
|
|
@@ -1146,6 +1155,11 @@ if ($verbose) {
|
|
|
|
|
} else {
|
|
|
|
|
print "native-pkcs11: disabled\n";
|
|
|
|
|
}
|
|
|
|
@ -2077,7 +2077,7 @@ index 5f66a82..ff39910 100644
|
|
|
|
|
if ($enable_openssl_hash eq "yes") {
|
|
|
|
|
print "openssl-hash: enabled\n";
|
|
|
|
|
} else {
|
|
|
|
|
@@ -1511,6 +1525,7 @@ if ($enable_intrinsics eq "yes") {
|
|
|
|
|
@@ -1498,6 +1512,7 @@ if ($enable_intrinsics eq "yes") {
|
|
|
|
|
|
|
|
|
|
# enable-native-pkcs11
|
|
|
|
|
if ($enable_native_pkcs11 eq "yes") {
|
|
|
|
@ -2085,15 +2085,15 @@ index 5f66a82..ff39910 100644
|
|
|
|
|
if ($use_openssl eq "auto") {
|
|
|
|
|
$use_openssl = "no";
|
|
|
|
|
}
|
|
|
|
|
@@ -1720,6 +1735,7 @@ if ($use_openssl eq "yes") {
|
|
|
|
|
@@ -1707,6 +1722,7 @@ if ($use_openssl eq "yes") {
|
|
|
|
|
$openssl_dll = File::Spec->catdir($openssl_path, "@dirlist[0]");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
+ $cryptolib = "openssl";
|
|
|
|
|
$configcond{"OPENSSL"} = 1;
|
|
|
|
|
$configdefd{"CRYPTO"} = "OPENSSL";
|
|
|
|
|
$configvar{"OPENSSL_PATH"} = "$openssl_path";
|
|
|
|
|
@@ -2291,6 +2307,15 @@ if ($use_aes eq "yes") {
|
|
|
|
|
@@ -2278,6 +2294,15 @@ if ($use_aes eq "yes") {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -2109,7 +2109,7 @@ index 5f66a82..ff39910 100644
|
|
|
|
|
# enable-openssl-hash
|
|
|
|
|
if ($enable_openssl_hash eq "yes") {
|
|
|
|
|
if ($use_openssl eq "no") {
|
|
|
|
|
@@ -3673,6 +3698,7 @@ exit 0;
|
|
|
|
|
@@ -3650,6 +3675,7 @@ exit 0;
|
|
|
|
|
# --enable-developer partially supported
|
|
|
|
|
# --enable-newstats (9.9/9.9sub only)
|
|
|
|
|
# --enable-native-pkcs11 supported
|
|
|
|
@ -2118,5 +2118,5 @@ index 5f66a82..ff39910 100644
|
|
|
|
|
# --enable-openssl-hash supported
|
|
|
|
|
# --enable-threads included without a way to disable it
|
|
|
|
|
--
|
|
|
|
|
2.26.2
|
|
|
|
|
2.31.1
|
|
|
|
|
|
|
|
|
|