From 10bc348aef3b1329e696483e7bd7170e3c4ec1d0 Mon Sep 17 00:00:00 2001 From: Yuri Schaeffer Date: Thu, 13 Aug 2015 15:11:50 +0200 Subject: [PATCH 1/3] ignore --- .gitignore | 251 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 251 insertions(+) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000000..f652688139 --- /dev/null +++ b/.gitignore @@ -0,0 +1,251 @@ +Doxyfile +Makefile +Makefile.in +aclocal.m4 +autom4te.cache/ +common/.deps/ +common/Makefile +common/Makefile.in +common/b64_ntop.o +common/b64_pton.o +common/config.h +common/config.h.in +common/config.h.in~ +common/libcompat.a +common/pselect.o +common/stamp-h1 +common/strlcat.o +common/strlcpy.o +compile +conf/Makefile +conf/Makefile.in +conf/addns.rng +conf/addns.xml +conf/conf.rng +conf/conf.xml +conf/enforcerstate.rng +conf/enforcerstate.xml +conf/kasp.rng +conf/kasp.xml +conf/signconf.rng +conf/signconf.xml +conf/zonelist.rng +conf/zonelist.xml +config.guess +config.log +config.status +config.sub +configure +cppcheck.output +depcomp +enforcer-ng/ +enforcer/Makefile +enforcer/Makefile.in +enforcer/common/.deps/ +enforcer/common/Makefile +enforcer/common/Makefile.in +enforcer/common/daemon.o +enforcer/common/daemon_util.o +enforcer/common/kaspaccess.o +enforcer/common/libenforcer.a +enforcer/common/privdrop.o +enforcer/enforcerd/.deps/ +enforcer/enforcerd/Makefile +enforcer/enforcerd/Makefile.in +enforcer/enforcerd/enforcer.o +enforcer/enforcerd/ods-enforcerd +enforcer/enforcerd/ods-enforcerd.8 +enforcer/ksm/.deps/ +enforcer/ksm/Makefile +enforcer/ksm/Makefile.in +enforcer/ksm/database_access_lite.o +enforcer/ksm/database_access_mysql.o +enforcer/ksm/database_connection_lite.o +enforcer/ksm/database_connection_mysql.o +enforcer/ksm/database_init_rundown.o +enforcer/ksm/database_support_lite.o +enforcer/ksm/database_support_mysql.o +enforcer/ksm/datetime.o +enforcer/ksm/dd_string.o +enforcer/ksm/debug.o +enforcer/ksm/di_string.o +enforcer/ksm/dq_string.o +enforcer/ksm/du_string.o +enforcer/ksm/include/Makefile +enforcer/ksm/include/Makefile.in +enforcer/ksm/include/ksm/Makefile +enforcer/ksm/include/ksm/Makefile.in +enforcer/ksm/include/ksm/dbsmsg.h +enforcer/ksm/include/ksm/kmemsg.h +enforcer/ksm/ksm_dnsseckeys.o +enforcer/ksm/ksm_import.o +enforcer/ksm/ksm_init_rundown.o +enforcer/ksm/ksm_key.o +enforcer/ksm/ksm_key_delete.o +enforcer/ksm/ksm_keyword.o +enforcer/ksm/ksm_list.o +enforcer/ksm/ksm_parameter.o +enforcer/ksm/ksm_parameter_value.o +enforcer/ksm/ksm_policy.o +enforcer/ksm/ksm_policy_value.o +enforcer/ksm/ksm_purge.o +enforcer/ksm/ksm_request.o +enforcer/ksm/ksm_time.o +enforcer/ksm/ksm_update.o +enforcer/ksm/ksm_version.o +enforcer/ksm/ksm_zone.o +enforcer/ksm/libksm.a +enforcer/ksm/memory.o +enforcer/ksm/message.o +enforcer/ksm/string_util.o +enforcer/ksm/string_util2.o +enforcer/test/Makefile +enforcer/test/Makefile.in +enforcer/test/cucumber/Makefile +enforcer/test/cucumber/Makefile.in +enforcer/test/cucumber/c_conf.xml +enforcer/test/cucumber/c_kasp.xml +enforcer/test/cucumber/c_zonelist.base.xml +enforcer/test/cunit/.deps/ +enforcer/test/cunit/Makefile +enforcer/test/cunit/Makefile.in +enforcer/test/cunit/database_setup_mysql.sh +enforcer/test/cunit/database_setup_sqlite3.sh +enforcer/utils/.deps/ +enforcer/utils/Makefile +enforcer/utils/Makefile.in +enforcer/utils/kaspcheck.o +enforcer/utils/kc_helper.o +enforcer/utils/ksmutil.o +enforcer/utils/ods-kaspcheck +enforcer/utils/ods-kaspcheck.1 +enforcer/utils/ods-ksmutil +enforcer/utils/ods-ksmutil.1 +install-sh +libhsm/Makefile +libhsm/Makefile.in +libhsm/checks/.deps/ +libhsm/checks/Makefile +libhsm/checks/Makefile.in +libhsm/checks/conf-aepkeyper.xml +libhsm/checks/conf-etoken.xml +libhsm/checks/conf-multi.xml +libhsm/checks/conf-ncipher.xml +libhsm/checks/conf-opensc.xml +libhsm/checks/conf-sca6000.xml +libhsm/checks/conf-softhsm.xml +libhsm/checks/hsmcheck +libhsm/checks/hsmcheck.o +libhsm/checks/othertoken.db +libhsm/checks/token.db +libhsm/src/Makefile +libhsm/src/Makefile.in +libhsm/src/bin/.deps/ +libhsm/src/bin/Makefile +libhsm/src/bin/Makefile.in +libhsm/src/bin/hsmspeed.o +libhsm/src/bin/hsmtest.o +libhsm/src/bin/hsmutil.o +libhsm/src/bin/ods-hsmspeed +libhsm/src/bin/ods-hsmspeed.1 +libhsm/src/bin/ods-hsmutil +libhsm/src/bin/ods-hsmutil.1 +libhsm/src/lib/.deps/ +libhsm/src/lib/Makefile +libhsm/src/lib/Makefile.in +libhsm/src/lib/libhsm.a +libhsm/src/lib/libhsm.o +libhsm/src/lib/pin.o +libtool +ltmain.sh +m4/libtool.m4 +m4/ltoptions.m4 +m4/ltsugar.m4 +m4/ltversion.m4 +m4/lt~obsolete.m4 +missing +mm/ +signer/Makefile +signer/Makefile.in +signer/man/Makefile +signer/man/Makefile.in +signer/man/ods-getconf.8 +signer/man/ods-signer.8 +signer/man/ods-signerd.8 +signer/src/.deps/ +signer/src/Makefile +signer/src/Makefile.in +signer/src/acl.o +signer/src/adapi.o +signer/src/adapter.o +signer/src/addns.o +signer/src/addnsparser.o +signer/src/adfile.o +signer/src/adutil.o +signer/src/allocator.o +signer/src/axfr.o +signer/src/backup.o +signer/src/buffer.o +signer/src/cfg.o +signer/src/cmdhandler.o +signer/src/confparser.o +signer/src/denial.o +signer/src/dnshandler.o +signer/src/domain.o +signer/src/duration.o +signer/src/edns.o +signer/src/engine.o +signer/src/fifoq.o +signer/src/file.o +signer/src/hsm.o +signer/src/ixfr.o +signer/src/keys.o +signer/src/listener.o +signer/src/locks.o +signer/src/log.o +signer/src/namedb.o +signer/src/netio.o +signer/src/notify.o +signer/src/nsec3params.o +signer/src/ods-getconf +signer/src/ods-getconf.o +signer/src/ods-signer +signer/src/ods-signer.o +signer/src/ods-signerd +signer/src/ods-signerd.o +signer/src/privdrop.o +signer/src/query.o +signer/src/rrset.o +signer/src/schedule.o +signer/src/signal.o +signer/src/signconf.o +signer/src/signconfparser.o +signer/src/sock.o +signer/src/stats.o +signer/src/status.o +signer/src/task.o +signer/src/tcpset.o +signer/src/tools.o +signer/src/tsig-openssl.o +signer/src/tsig.o +signer/src/util.o +signer/src/worker.o +signer/src/xfrd.o +signer/src/xfrhandler.o +signer/src/zone.o +signer/src/zonelist.o +signer/src/zonelistparser.o +tashq +test-driver +testing/test-cases.d/enforcer.keys.rollovers_many_timeshift_rfc5011/unsigned/ +tools/Makefile +tools/Makefile.in +tools/ods-control +tools/ods-control.8 +tools/ods-kasp2html +tools/ods-timing.5 +tools/opendnssec.7 +tools/solaris/Makefile +tools/solaris/Makefile.in +tools/solaris/ods-enforcerd.init +tools/solaris/ods-signerd.init From 73c3bbd58960fa61f92a688fde2f83bbccfe7f35 Mon Sep 17 00:00:00 2001 From: Yuri Schaeffer Date: Thu, 13 Aug 2015 15:12:02 +0200 Subject: [PATCH 2/3] Die on ctrl-c already --- signer/src/daemon/signal.c | 1 + 1 file changed, 1 insertion(+) diff --git a/signer/src/daemon/signal.c b/signer/src/daemon/signal.c index 5c3eb2a28d..a05a235f63 100644 --- a/signer/src/daemon/signal.c +++ b/signer/src/daemon/signal.c @@ -74,6 +74,7 @@ signal_handler(sig_atomic_t sig) lock_basic_unlock(&signal_engine->signal_lock); } break; + case SIGINT: case SIGTERM: ods_log_debug("[%s] SIGTERM received", signal_str); signal_term_recvd++; From 8d3a381dc181a40eb14924d6154c9ae310b1928a Mon Sep 17 00:00:00 2001 From: Yuri Schaeffer Date: Tue, 1 Sep 2015 15:21:39 +0200 Subject: [PATCH 3/3] Include revoke bit in keytag calculation enforcer --- enforcer/utils/ksmutil.c | 1 + 1 file changed, 1 insertion(+) diff --git a/enforcer/utils/ksmutil.c b/enforcer/utils/ksmutil.c index 9d7e4504c9..a87ed19e6c 100644 --- a/enforcer/utils/ksmutil.c +++ b/enforcer/utils/ksmutil.c @@ -7108,6 +7108,7 @@ int ListKeys(int zone_id) sign_params->flags = LDNS_KEY_ZONE_KEY; if (temp_type == KSM_TYPE_KSK) { sign_params->flags += LDNS_KEY_SEP_KEY; + if (temp_revoked) sign_params->flags |= 1<<7; } dnskey_rr = hsm_get_dnskey(NULL, key, sign_params); sign_params->keytag = ldns_calc_keytag(dnskey_rr);