Aydın Mercan a531f00a75 wipe hmac keys correctly pre-3.0 libcrypto ... A lingering `sizeof` from the prototype era of !11094 caused the key-wipe in `isc_hmac_key_destroy` to use `sizeof(key->len)` instead of `key->len` for the length argument of `isc_safe_memwipe`. This results in a buffer overflow of zero bytes in HMAC keys that are less than 4 bytes. As such, the overflow can only be visibile in keys that are less than 32-bits, which is beyond broken and creating such keys are only possible in testing. Therefore, this change is *not* a security fix since the conditions are never reachable in any imaginable deployment scenario. Builds that use OpenSSL >=3.0 are unaffected as the `sizeof` was only remaining in pre-3.0 builds.		2026-02-06 14:14:43 +03:00
..
dns	don't transform errors in hmac_sign	2026-02-02 11:50:14 +03:00
isc	wipe hmac keys correctly pre-3.0 libcrypto	2026-02-06 14:14:43 +03:00
isccc	switch isc_md_type_t to a proper enum	2026-02-02 11:12:55 +03:00
isccfg	small refactor for max-query-restart in check.c	2026-01-07 07:01:59 +00:00
ns	Remove rrset-order cyclic from the default config, with shim	2026-01-08 14:43:04 +01:00
.gitignore	The isc/platform.h header has been completely removed	2021-07-06 05:33:48 +00:00
meson.build	replace the build system with meson	2025-06-11 10:30:12 +03:00