mirror of
https://github.com/isc-projects/bind9.git
synced 2026-06-13 19:40:00 -04:00
Merge branch '656-add-support-for-utimaco-hsm-v9_11' into 'v9_11'
Resolve "Add support for Utimaco HSM" See merge request isc-projects/bind9!972
This commit is contained in:
Ondřej Surý
commit
ecc40b18e6
5 changed files with 21 additions and 1 deletions
4
CHANGES
4
CHANGES
|
|
@ -1,3 +1,7 @@
|
|||
5084. [func] Add configure time detection of Utimaco HSM
|
||||
and disable runtime md5/sha1 detection when it
|
||||
compiled with it. [GL #656]
|
||||
|
||||
5079. [func] Disable IDN processing in dig and nslookup
|
||||
when not on a tty. [GL #653]
|
||||
|
||||
|
|
|
|||
6
configure
vendored
6
configure
vendored
|
|
@ -17626,6 +17626,12 @@ $as_echo "AEP Keyper" >&6; }
|
|||
pk11_flavor="PK11_AEP_FLAVOR"
|
||||
set_pk11_flavor="yes"
|
||||
;;
|
||||
*libcs*)
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: Utimaco HSM" >&5
|
||||
$as_echo "Utimaco HSM" >&6; }
|
||||
pk11_flavor="PK11_UTIMACO_FLAVOR"
|
||||
set_pk11_flavor="yes"
|
||||
;;
|
||||
undefined)
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: undefined provider?" >&5
|
||||
$as_echo "undefined provider?" >&6; }
|
||||
|
|
|
|||
|
|
@ -2293,6 +2293,11 @@ case "$want_native_pkcs11" in
|
|||
pk11_flavor="PK11_AEP_FLAVOR"
|
||||
set_pk11_flavor="yes"
|
||||
;;
|
||||
*libcs*)
|
||||
AC_MSG_RESULT(Utimaco HSM)
|
||||
pk11_flavor="PK11_UTIMACO_FLAVOR"
|
||||
set_pk11_flavor="yes"
|
||||
;;
|
||||
undefined)
|
||||
AC_MSG_RESULT(undefined provider?)
|
||||
;;
|
||||
|
|
|
|||
|
|
@ -355,12 +355,13 @@ dst__hmacmd5_init(dst_func_t **funcp) {
|
|||
}
|
||||
#endif
|
||||
|
||||
#if PK11_FLAVOR != PK11_UTIMACO_FLAVOR
|
||||
/*
|
||||
* Prevent use of incorrect crypto
|
||||
*/
|
||||
|
||||
RUNTIME_CHECK(isc_md5_check(false));
|
||||
RUNTIME_CHECK(isc_hmacmd5_check(0));
|
||||
#endif
|
||||
|
||||
REQUIRE(funcp != NULL);
|
||||
if (*funcp == NULL)
|
||||
|
|
@ -648,11 +649,13 @@ static dst_func_t hmacsha1_functions = {
|
|||
|
||||
isc_result_t
|
||||
dst__hmacsha1_init(dst_func_t **funcp) {
|
||||
#if PK11_FLAVOR != PK11_UTIMACO_FLAVOR
|
||||
/*
|
||||
* Prevent use of incorrect crypto
|
||||
*/
|
||||
RUNTIME_CHECK(isc_sha1_check(false));
|
||||
RUNTIME_CHECK(isc_hmacsha1_check(0));
|
||||
#endif
|
||||
|
||||
REQUIRE(funcp != NULL);
|
||||
if (*funcp == NULL)
|
||||
|
|
|
|||
|
|
@ -60,6 +60,8 @@ PK11_PAD_HMAC_KEYS
|
|||
#define PK11_CRYPTECH_FLAVOR 3
|
||||
/* AEP Keyper */
|
||||
#define PK11_AEP_FLAVOR 4
|
||||
/* Utimaco HSM */
|
||||
#define PK11_UTIMACO_FLAVOR 5
|
||||
|
||||
/* Default is for Thales nCipher */
|
||||
#ifndef PK11_FLAVOR
|
||||
|
|
|
|||
Loading…
Reference in a new issue