2017-01-07 22:41:59 +03:00
|
|
|
/*
|
|
|
|
* tsig.h -- TSIG definitions (RFC 2845).
|
|
|
|
*
|
|
|
|
* Copyright (c) 2001-2006, NLnet Labs. All rights reserved.
|
|
|
|
*
|
|
|
|
* See LICENSE for the license.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
Import 4.8.0 (previous was 4.6.0)
29 November 2023: Wouter
- Tag for 4.8.0rc1.
28 November 2023: Wouter
- Set up doc/RELNOTES for upcoming release.
- Fix unit test kill_from_pidfile function for nonexistent files
because the argument is evaluated before the test expression.
- Fix rr-test to also convert the contents of the just written output
file.
- Fix test set to remove -f nsd.db and rm nsd.db commands.
- Fix test set to remove difffile option.
27 November 2023: Jeroen
- Fix #14: Set timeout to 3s when servicing remaining TCP connections.
- Fix: Always instate write handler after reading queries from TCP.
- Answer first query on connections accepted just before reload.
27 November 2023: Wouter
- Merge #305: faster stats. Statistics can be gathered while a reload
is in progress.
27 November 2023: Willem
- Merge #302: Test package fixes. Correct Auxfiles, kill_from_pidfile
function and fix drop_updates, rr-test and xfr_update tests.
1 November 2023: Jeroen
- Remove on-disk database.
31 October 2023: Wouter
- Merge #301: improve the logging of ixfr fallbacks to axfr.
30 October 2023: Jeroen
- Fix processing of consolidated IXFRs.
30 October 2023: Wouter
- Fix for interprocess communication to set quit sync command from
main process explicitly.
3 October 2023: Wouter
- Merge #281: Proxy protocol. An implementation of PROXYv2 for NSD.
It can be configured with proxy-protocol-port: portnum with the
port number of the interface on which proxy traffic is handled.
The interface can support proxy traffic for UDP, TCP and TLS.
21 September 2023: Wouter
- Merge #295: Update e-mail addresses, add ref to support contracts
31 August 2023: Wouter
- Fix autoconf 2.69 warnings in configure.
14 July 2023: Wouter
- Merge #287: Update nsd.conf.5.in.
11 July 2023: Wouter
- Fix unused variable warning in unit test of udb.
22 June 2023: Wouter
- Fix #284: dnstap_collector.c: SOCK_NONBLOCK is not available on
Mac/Darwin.
7 June 2023: Wouter
- Merge #282: Improve nsd.conf man page.
- Fix unused but set variable warning.
- Fix #283: Compile failure in remote.c when --disable-bind8-stats
and --without-ssl are specified.
31 May 2023: Wouter
- Add missing items to doc/RELNOTES.
- Tag for 4.7.0rc1. It became release 4.7.0 on 7 june 2023. The code
repository continues with 4.7.1.
30 May 2023: Jeroen
- Fix #240: Prefix messages originating from verifier.
- Fix #275: Drop unnecessary root server checks.
30 May 2023: Wouter
- Next version is 4.7.0, instead of 4.6.2, because of the added
features, like TLS for DNSTAP.
- Fix unused variable warning in unit test, from clang compile.
24 May 2023: Wouter
- For #279: Note that autoreconf -fi creates the configure script
and also the needed auxiliary files, for autoconf 2.69 and 2.71.
4 May 2023: Wouter
- Fix to remove unused whitespace from acx_nlnetlabs.m4 and config.h.
1 May 2023: Wouter
- make depend.
- Fix for build to run flex and bison before compiling code that needs
the headers.
13 April 2023: Wouter
- Fix cirrus script for submit to coverity scan to libtoolize
the configure script components config.guess and config.sub.
- Fix readme status badge links.
28 March 2023: Wouter
- Fix #273: Large TXT record breaks AXFR.
- Fix ixfr create from adding too many record types.
16 March 2023: Wouter
- Fix include brackets for ssl.h include statements, instead of quotes.
- Fix static analyzer warning about nsd_event_method initialization.
15 March 2023: Wouter
- Dnstap tls code fixes.
14 March 2023: Wouter
- Fix dnstap to not check socket path when using IP address.
- dnstap over TLS, default enabled. Configured with the
options dnstap-tls, dnstap-tls-server-name, dnstap-tls-cert-bundle,
dnstap-tls-client-key-file and dnstap-tls-client-cert-file.
- Fix to compile without ssl with dnstap-tls code.
9 March 2023: Wouter
- Fix #271: DNSTAP over TCP, with dnstap-ip: "127.0.0.1@3333".
- Fix to clean more memory on exit of dnstap collector.
23 February 2023: Wouter
- Fix #270: reserved identifier violation.
20 February 2023: Wouter
- Merge #269 from Fale: Add systemd service unit.
16 February 2023: Wouter
- Fix #266: Fix build with --without-ssl.
- Fix #267: Allow unencrypted local operation of nsd-control.
- Fix for #267: neater variable definitions.
2 February 2023: Wouter
- Merge #265: Fix C99 compatibility issue.
30 January 2023: Wouter
- Merge #263: Add bash autocompletion script for nsd-control.
- Fix for #262: More error logging for SSL read failures for zone
transfers.
27 January 2023: Wouter
- Fix #262: Zone(s) not synchronizing properly via TLS.
- Fix ixfr_and_restart test to wait for processes to come to a stop.
26 January 2023: Wouter
- Fix configure for -Wstrict-prototypes.
10 November 2022: Wouter
- Tag for NSD 4.6.1, the repository continues with version 4.6.2.
- Fix #239: -Wincompatible-pointer-types warning in remote.c.
- Fix unit tests to succeed with --disable-bind8-stats.
1 November 2022: Wouter
- Fixup for non-trailing newline lexer change warnings.
- Update doc/RELNOTES for changes.
- Fix ixfr_gone unit test to not use system default zone list file.
- Fix credns tests for vm usage, and not use system default zone
list file.
- Fix verify tests to use more portable bash location in script.
- Fix verify_again test to use ipv4 address for test.
1 November 2022: Tom
- Add SVCB dohpath support
28 September 2022: Jeroen
- Set ALPN "dot" token during connection establishment as per RFC9103
section 7.1 (Thanks Cesar Kuroiwa).
21 September 2022: Tom
- Change zone parsing to accept non-trailing newline.
1 September 2022: Wouter
- Merge #231 from moritzbuhl: Fix checking if nonblocking sockets work
on OpenBSD.
19 August 2022: Wouter
- Update cirrus build script for newer Ubuntu image, and FreeBSD
build with libtoolize to install auxiliary files.
- Update to clang 14 in cirrus build test on Ubuntu Jammy 22.04.
7 July 2022: Tom
- Fix #212: Change commandline control actions to always log.
1 July 2022: Wouter
- Fix static analyzer reports, fix wrong log print when skipping xfr,
fix to print error on pipe read fail, and assert an xfr is in
progress during packet checks.
2024-02-17 20:31:21 +03:00
|
|
|
#ifndef TSIG_H
|
|
|
|
#define TSIG_H
|
2017-01-07 22:41:59 +03:00
|
|
|
|
|
|
|
#include <sys/types.h>
|
|
|
|
#include <sys/socket.h>
|
|
|
|
#include <netdb.h>
|
|
|
|
|
|
|
|
#include "buffer.h"
|
|
|
|
#include "dname.h"
|
|
|
|
|
|
|
|
#define TSIG_ERROR_NOERROR 0
|
|
|
|
#define TSIG_ERROR_BADSIG 16
|
|
|
|
#define TSIG_ERROR_BADKEY 17
|
|
|
|
#define TSIG_ERROR_BADTIME 18
|
|
|
|
|
|
|
|
typedef struct tsig_algorithm tsig_algorithm_type;
|
|
|
|
typedef struct tsig_key tsig_key_type;
|
|
|
|
typedef struct tsig_record tsig_record_type;
|
|
|
|
|
|
|
|
enum tsig_status
|
|
|
|
{
|
|
|
|
TSIG_NOT_PRESENT,
|
|
|
|
TSIG_OK,
|
|
|
|
TSIG_ERROR
|
|
|
|
};
|
|
|
|
typedef enum tsig_status tsig_status_type;
|
|
|
|
|
|
|
|
struct tsig_lookup_struct_table
|
|
|
|
{
|
|
|
|
uint8_t id;
|
|
|
|
const char* short_name;
|
|
|
|
};
|
|
|
|
typedef struct tsig_lookup_struct_table tsig_lookup_algorithm_table;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* A TSIG HMAC algorithm, such as hmac-md5.
|
|
|
|
*/
|
|
|
|
struct tsig_algorithm
|
|
|
|
{
|
|
|
|
/*
|
|
|
|
* Short name of the algorithm, such as "hmac-md5".
|
|
|
|
*/
|
|
|
|
const char *short_name;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Full wireformat name of the algorithm, such as
|
|
|
|
* "hmac-md5.sig-alg.reg.int."
|
|
|
|
*/
|
|
|
|
const dname_type *wireformat_name;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The maximum size of a digest generated by this algorithm.
|
|
|
|
*/
|
|
|
|
size_t maximum_digest_size;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Algorithm implementation specific data.
|
|
|
|
*/
|
|
|
|
const void *data;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Create a new HMAC context.
|
|
|
|
*/
|
|
|
|
void *(*hmac_create_context)(region_type *region);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Initialize an HMAC context with the specified algorithm and
|
|
|
|
* key.
|
|
|
|
*/
|
|
|
|
void (*hmac_init_context)(void *context,
|
|
|
|
tsig_algorithm_type *algorithm,
|
|
|
|
tsig_key_type *key);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Update the HMAC context with the specified data.
|
|
|
|
*/
|
|
|
|
void (*hmac_update)(void *context, const void *data, size_t size);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Generate the final digest. DIGEST points to a buffer of at
|
|
|
|
* least maximum_digest_size bytes.
|
|
|
|
*/
|
|
|
|
void (*hmac_final)(void *context, uint8_t *digest, size_t *size);
|
|
|
|
};
|
|
|
|
|
|
|
|
/*
|
|
|
|
* A TSIG key used to sign and verify packets.
|
|
|
|
*/
|
|
|
|
struct tsig_key
|
|
|
|
{
|
|
|
|
const dname_type *name;
|
|
|
|
size_t size;
|
|
|
|
uint8_t *data;
|
|
|
|
};
|
|
|
|
|
|
|
|
struct tsig_record
|
|
|
|
{
|
|
|
|
tsig_status_type status;
|
|
|
|
size_t position;
|
|
|
|
size_t response_count;
|
|
|
|
size_t updates_since_last_prepare;
|
|
|
|
void *context;
|
|
|
|
tsig_algorithm_type *algorithm;
|
|
|
|
tsig_key_type *key;
|
|
|
|
size_t prior_mac_size;
|
|
|
|
uint8_t *prior_mac_data;
|
|
|
|
|
|
|
|
/* TSIG RR data is allocated in the rr_region. */
|
|
|
|
region_type *rr_region;
|
|
|
|
region_type *context_region;
|
|
|
|
const dname_type *key_name;
|
|
|
|
const dname_type *algorithm_name;
|
|
|
|
uint16_t signed_time_high;
|
|
|
|
uint32_t signed_time_low;
|
|
|
|
uint16_t signed_time_fudge;
|
|
|
|
uint16_t mac_size;
|
|
|
|
uint8_t *mac_data;
|
|
|
|
uint16_t original_query_id;
|
|
|
|
uint16_t error_code;
|
|
|
|
uint16_t other_size;
|
|
|
|
uint8_t *other_data;
|
|
|
|
};
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Initialize the TSIG module (including TSIG implementation modules
|
|
|
|
* such as tsig-openssl).
|
|
|
|
*/
|
|
|
|
int tsig_init(region_type *region);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Add the specified key to the TSIG key table.
|
|
|
|
*/
|
|
|
|
void tsig_add_key(tsig_key_type *key);
|
|
|
|
void tsig_del_key(tsig_key_type *key);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Add the specified algorithm to the TSIG algorithm table.
|
|
|
|
*/
|
|
|
|
void tsig_add_algorithm(tsig_algorithm_type *algorithm);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find an HMAC algorithm based on its short name.
|
|
|
|
*/
|
|
|
|
tsig_algorithm_type *tsig_get_algorithm_by_name(const char *name);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Return a descriptive error message based on the TSIG error code.
|
|
|
|
*/
|
|
|
|
const char *tsig_error(int error_code);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Create the tsig record internal structure. Allocs it.
|
|
|
|
* Call init_record afterwards before doing more with it.
|
|
|
|
*
|
|
|
|
* The region is used to attach a cleanup function that destroys the tsig.
|
|
|
|
*/
|
|
|
|
void tsig_create_record(tsig_record_type* tsig,
|
|
|
|
region_type* region);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Like tsig_create_record, with custom region settings.
|
|
|
|
* The size params are used to customise the rr_region and context_region.
|
|
|
|
* If region is NULL, no cleanup is attached to it.
|
|
|
|
*/
|
|
|
|
void tsig_create_record_custom(tsig_record_type* tsig,
|
|
|
|
region_type* region,
|
|
|
|
size_t chunk_size,
|
|
|
|
size_t large_object_size,
|
|
|
|
size_t initial_cleanup_size);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Destroy tsig record internals (the main ptr is user alloced).
|
|
|
|
* if region is nonNULL, removes cleanup.
|
|
|
|
*/
|
|
|
|
void tsig_delete_record(tsig_record_type* tsig, region_type* region);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Call this before starting to analyze or signing a sequence of
|
|
|
|
* packets.
|
|
|
|
*
|
|
|
|
* ALGORITHM and KEY are optional and are only needed if you want to
|
|
|
|
* sign the initial query. Otherwise the key and algorithm are looked
|
|
|
|
* up in the algorithm and key table when a received TSIG RR is
|
|
|
|
* processed.
|
|
|
|
*/
|
|
|
|
void tsig_init_record(tsig_record_type *data,
|
|
|
|
tsig_algorithm_type *algorithm,
|
|
|
|
tsig_key_type *key);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Validate the TSIG RR key and algorithm from the TSIG RR. Otherwise
|
|
|
|
* update the TSIG error code. The MAC itself is not validated.
|
|
|
|
*
|
|
|
|
* Returns non-zero if the key and algorithm could be validated.
|
|
|
|
*/
|
|
|
|
int tsig_from_query(tsig_record_type *tsig);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Prepare TSIG for signing of a query. This initializes TSIG with
|
|
|
|
* the algorithm and key stored in the TSIG record.
|
|
|
|
*/
|
|
|
|
void tsig_init_query(tsig_record_type *tsig, uint16_t original_query_id);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Prepare TSIG for performing an HMAC calculation. If the TSIG
|
|
|
|
* contains a prior HMAC it is inserted first into the hash
|
|
|
|
* calculation.
|
|
|
|
*/
|
|
|
|
void tsig_prepare(tsig_record_type *tsig);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Add the first LENGTH octets of PACKET to the TSIG hash, replacing
|
|
|
|
* the PACKET's id with the original query id from TSIG. If the query
|
|
|
|
* is a response the TSIG response count is incremented.
|
|
|
|
*/
|
|
|
|
void tsig_update(tsig_record_type *tsig, buffer_type *packet, size_t length);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Finalize the TSIG record by hashing the TSIG data. If the TSIG
|
|
|
|
* response count is greater than 1 only the timers are hashed.
|
|
|
|
* Signed time is set to the current time. The TSIG record can be
|
|
|
|
* added to a packet using tsig_append_rr().
|
|
|
|
*
|
|
|
|
* The calculated MAC is also stored as the prior MAC, so it can be
|
|
|
|
* used as a running MAC.
|
|
|
|
*/
|
|
|
|
void tsig_sign(tsig_record_type *tsig);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Verify the calculated MAC against the MAC in the TSIG RR.
|
|
|
|
*
|
|
|
|
* The calculated MAC is also stored as the prior MAC, so it can be
|
|
|
|
* used as a running MAC.
|
|
|
|
*/
|
|
|
|
int tsig_verify(tsig_record_type *tsig);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Find the TSIG RR in QUERY and parse it if present. Store the
|
|
|
|
* parsed results in TSIG.
|
|
|
|
*
|
|
|
|
* Returns non-zero if no parsing error occurred, use the tsig->status
|
|
|
|
* field to find out if the TSIG record was present.
|
|
|
|
*/
|
|
|
|
int tsig_find_rr(tsig_record_type *tsig, buffer_type *packet);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Call this to analyze the TSIG RR starting at the current location
|
|
|
|
* of PACKET. On success true is returned and the results are stored
|
|
|
|
* in TSIG.
|
|
|
|
*
|
|
|
|
* Returns non-zero if no parsing error occurred, use the tsig->status
|
|
|
|
* field to find out if the TSIG record was present.
|
|
|
|
*/
|
|
|
|
int tsig_parse_rr(tsig_record_type *tsig, buffer_type *packet);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Append the TSIG record to the response PACKET.
|
|
|
|
*/
|
|
|
|
void tsig_append_rr(tsig_record_type *tsig, buffer_type *packet);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The amount of space to reserve in the response for the TSIG data
|
|
|
|
* (if required).
|
|
|
|
*/
|
|
|
|
size_t tsig_reserved_space(tsig_record_type *tsig);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* status or error_code must already be in error.
|
|
|
|
* prepares content for error packet.
|
|
|
|
*/
|
|
|
|
void tsig_error_reply(tsig_record_type *tsig);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* compare tsig algorithm names case insensitive.
|
|
|
|
*/
|
|
|
|
int tsig_strlowercmp(const char* str1, const char* str2);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* cleanup tsig openssl stuff.
|
|
|
|
*/
|
|
|
|
void tsig_finalize(void);
|
|
|
|
|
Import 4.8.0 (previous was 4.6.0)
29 November 2023: Wouter
- Tag for 4.8.0rc1.
28 November 2023: Wouter
- Set up doc/RELNOTES for upcoming release.
- Fix unit test kill_from_pidfile function for nonexistent files
because the argument is evaluated before the test expression.
- Fix rr-test to also convert the contents of the just written output
file.
- Fix test set to remove -f nsd.db and rm nsd.db commands.
- Fix test set to remove difffile option.
27 November 2023: Jeroen
- Fix #14: Set timeout to 3s when servicing remaining TCP connections.
- Fix: Always instate write handler after reading queries from TCP.
- Answer first query on connections accepted just before reload.
27 November 2023: Wouter
- Merge #305: faster stats. Statistics can be gathered while a reload
is in progress.
27 November 2023: Willem
- Merge #302: Test package fixes. Correct Auxfiles, kill_from_pidfile
function and fix drop_updates, rr-test and xfr_update tests.
1 November 2023: Jeroen
- Remove on-disk database.
31 October 2023: Wouter
- Merge #301: improve the logging of ixfr fallbacks to axfr.
30 October 2023: Jeroen
- Fix processing of consolidated IXFRs.
30 October 2023: Wouter
- Fix for interprocess communication to set quit sync command from
main process explicitly.
3 October 2023: Wouter
- Merge #281: Proxy protocol. An implementation of PROXYv2 for NSD.
It can be configured with proxy-protocol-port: portnum with the
port number of the interface on which proxy traffic is handled.
The interface can support proxy traffic for UDP, TCP and TLS.
21 September 2023: Wouter
- Merge #295: Update e-mail addresses, add ref to support contracts
31 August 2023: Wouter
- Fix autoconf 2.69 warnings in configure.
14 July 2023: Wouter
- Merge #287: Update nsd.conf.5.in.
11 July 2023: Wouter
- Fix unused variable warning in unit test of udb.
22 June 2023: Wouter
- Fix #284: dnstap_collector.c: SOCK_NONBLOCK is not available on
Mac/Darwin.
7 June 2023: Wouter
- Merge #282: Improve nsd.conf man page.
- Fix unused but set variable warning.
- Fix #283: Compile failure in remote.c when --disable-bind8-stats
and --without-ssl are specified.
31 May 2023: Wouter
- Add missing items to doc/RELNOTES.
- Tag for 4.7.0rc1. It became release 4.7.0 on 7 june 2023. The code
repository continues with 4.7.1.
30 May 2023: Jeroen
- Fix #240: Prefix messages originating from verifier.
- Fix #275: Drop unnecessary root server checks.
30 May 2023: Wouter
- Next version is 4.7.0, instead of 4.6.2, because of the added
features, like TLS for DNSTAP.
- Fix unused variable warning in unit test, from clang compile.
24 May 2023: Wouter
- For #279: Note that autoreconf -fi creates the configure script
and also the needed auxiliary files, for autoconf 2.69 and 2.71.
4 May 2023: Wouter
- Fix to remove unused whitespace from acx_nlnetlabs.m4 and config.h.
1 May 2023: Wouter
- make depend.
- Fix for build to run flex and bison before compiling code that needs
the headers.
13 April 2023: Wouter
- Fix cirrus script for submit to coverity scan to libtoolize
the configure script components config.guess and config.sub.
- Fix readme status badge links.
28 March 2023: Wouter
- Fix #273: Large TXT record breaks AXFR.
- Fix ixfr create from adding too many record types.
16 March 2023: Wouter
- Fix include brackets for ssl.h include statements, instead of quotes.
- Fix static analyzer warning about nsd_event_method initialization.
15 March 2023: Wouter
- Dnstap tls code fixes.
14 March 2023: Wouter
- Fix dnstap to not check socket path when using IP address.
- dnstap over TLS, default enabled. Configured with the
options dnstap-tls, dnstap-tls-server-name, dnstap-tls-cert-bundle,
dnstap-tls-client-key-file and dnstap-tls-client-cert-file.
- Fix to compile without ssl with dnstap-tls code.
9 March 2023: Wouter
- Fix #271: DNSTAP over TCP, with dnstap-ip: "127.0.0.1@3333".
- Fix to clean more memory on exit of dnstap collector.
23 February 2023: Wouter
- Fix #270: reserved identifier violation.
20 February 2023: Wouter
- Merge #269 from Fale: Add systemd service unit.
16 February 2023: Wouter
- Fix #266: Fix build with --without-ssl.
- Fix #267: Allow unencrypted local operation of nsd-control.
- Fix for #267: neater variable definitions.
2 February 2023: Wouter
- Merge #265: Fix C99 compatibility issue.
30 January 2023: Wouter
- Merge #263: Add bash autocompletion script for nsd-control.
- Fix for #262: More error logging for SSL read failures for zone
transfers.
27 January 2023: Wouter
- Fix #262: Zone(s) not synchronizing properly via TLS.
- Fix ixfr_and_restart test to wait for processes to come to a stop.
26 January 2023: Wouter
- Fix configure for -Wstrict-prototypes.
10 November 2022: Wouter
- Tag for NSD 4.6.1, the repository continues with version 4.6.2.
- Fix #239: -Wincompatible-pointer-types warning in remote.c.
- Fix unit tests to succeed with --disable-bind8-stats.
1 November 2022: Wouter
- Fixup for non-trailing newline lexer change warnings.
- Update doc/RELNOTES for changes.
- Fix ixfr_gone unit test to not use system default zone list file.
- Fix credns tests for vm usage, and not use system default zone
list file.
- Fix verify tests to use more portable bash location in script.
- Fix verify_again test to use ipv4 address for test.
1 November 2022: Tom
- Add SVCB dohpath support
28 September 2022: Jeroen
- Set ALPN "dot" token during connection establishment as per RFC9103
section 7.1 (Thanks Cesar Kuroiwa).
21 September 2022: Tom
- Change zone parsing to accept non-trailing newline.
1 September 2022: Wouter
- Merge #231 from moritzbuhl: Fix checking if nonblocking sockets work
on OpenBSD.
19 August 2022: Wouter
- Update cirrus build script for newer Ubuntu image, and FreeBSD
build with libtoolize to install auxiliary files.
- Update to clang 14 in cirrus build test on Ubuntu Jammy 22.04.
7 July 2022: Tom
- Fix #212: Change commandline control actions to always log.
1 July 2022: Wouter
- Fix static analyzer reports, fix wrong log print when skipping xfr,
fix to print error on pipe read fail, and assert an xfr is in
progress during packet checks.
2024-02-17 20:31:21 +03:00
|
|
|
#endif /* TSIG_H */
|