upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-27 12:53:25 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
bind9/lib/isc
History
Ondřej Surý 263d232c79 Replace isc_fsaccess API with more secure file creation 
The isc_fsaccess API was created to hide the implementation details
between POSIX and Windows APIs.  As we are not supporting the Windows
APIs anymore, it's better to drop this API used in the DST part.

Moreover, the isc_fsaccess was setting the permissions in an insecure
manner - it operated on the filename, and not on the file descriptor
which can lead to all kind of attacks if unpriviledged user has read (or
even worse write) access to key directory.

Replace the code that operates on the private keys with code that uses
mkstemp(), fchmod() and atomic rename() at the end, so at no time the
private key files have insecure permissions.
2023-03-31 12:52:59 +00:00
..
include Replace isc_fsaccess API with more secure file creation 2023-03-31 12:52:59 +00:00
netmgr Apply the semantic patch to remove isc_stdtime_get() 2023-03-31 13:32:56 +02:00
.gitignore [master] update gitignore files; use rev-parse to get srcid 2014-06-17 13:49:30 -07:00
aes.c Remove EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free() shims 2022-03-02 10:48:09 +00:00
ascii.c Consolidate some ASCII tables in isc/ascii and isc/hex 2022-09-12 12:18:57 +01:00
assertions.c Ad-hoc backtrace logging with isc_backtrace_log() 2023-03-29 10:47:53 +00:00
async.c Refactor isc_job_run to not-make any allocations 2023-03-30 16:00:52 +02:00
async_p.h Refactor isc_job_run to not-make any allocations 2023-03-30 16:00:52 +02:00
backtrace.c Ad-hoc backtrace logging with isc_backtrace_log() 2023-03-29 10:47:53 +00:00
base32.c Silence uninitialized value false positives 2023-03-08 22:40:03 +00:00
base64.c Remove use of the inline keyword used as suggestion to compiler 2022-03-25 08:33:43 +01:00
commandline.c Remove do-nothing header <isc/print.h> 2023-02-15 16:44:47 +00:00
condition.c De-duplicate some calls to strerror_r() 2022-10-17 11:58:26 +01:00
counter.c Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
crc64.c Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
dir.c Remove do-nothing header <isc/print.h> 2023-02-15 16:44:47 +00:00
entropy.c Switch the CSPRNG function from RAND_bytes() to uv_random() 2022-09-26 15:13:11 +02:00
errno.c Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
errno2result.c Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
errno2result.h Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
error.c Remove do-nothing header <isc/print.h> 2023-02-15 16:44:47 +00:00
file.c Remove do-nothing header <isc/print.h> 2023-02-15 16:44:47 +00:00
getaddresses.c Move bind9_getaddresses() to isc_getaddresses() 2023-02-21 13:12:26 +00:00
hash.c Improve reporting for pthread_once errors 2022-10-14 16:39:21 +02:00
hashmap.c Replace __attribute__((unused)) with ISC_ATTR_UNUSED attribute macro 2023-03-30 23:29:25 +02:00
heap.c Update sources to Clang 15 formatting 2022-11-29 08:54:34 +01:00
hex.c Consolidate some ASCII tables in isc/ascii and isc/hex 2022-09-12 12:18:57 +01:00
hmac.c Fix memory leak in isc_hmac_init 2023-02-26 22:56:07 +00:00
ht.c Update sources to Clang 15 formatting 2022-11-29 08:54:34 +01:00
httpd.c Remove do-nothing header <isc/print.h> 2023-02-15 16:44:47 +00:00
interfaceiter.c Remove do-nothing header <isc/print.h> 2023-02-15 16:44:47 +00:00
iterated_hash.c Require C11 thread_local keyword and <threads.h> header 2023-02-08 21:33:23 +01:00
jemalloc_shim.h Fix ISC_MEM_ZERO on allocators with malloc_usable_size() 2023-02-06 11:21:12 +00:00
job.c Refactor isc_job_run to not-make any allocations 2023-03-30 16:00:52 +02:00
job_p.h Refactor isc_job_run to not-make any allocations 2023-03-30 16:00:52 +02:00
lex.c Remove do-nothing header <isc/print.h> 2023-02-15 16:44:47 +00:00
lib.c remove isc_bind9 variable 2023-02-09 18:00:13 +00:00
log.c Remove do-nothing header <isc/stat.h> 2023-02-15 16:44:47 +00:00
loop.c Refactor isc_job_run to not-make any allocations 2023-03-30 16:00:52 +02:00
loop_p.h Fix a crash when dig or host receive a signal 2023-03-31 09:52:54 +00:00
Makefile.am Replace isc_fsaccess API with more secure file creation 2023-03-31 12:52:59 +00:00
managers.c remove isc_task completely 2023-02-16 18:35:32 +01:00
md.c Avoid implicit algorithm fetch for OpenSSL EVP_MD family 2023-01-18 18:32:57 +01:00
mem.c Remove do-nothing header <isc/print.h> 2023-02-15 16:44:47 +00:00
mem_p.h Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
meminfo.c Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
mutex.c Remove do-nothing header <isc/print.h> 2023-02-15 16:44:47 +00:00
mutex_p.h Use library constructor to create default mutex attr once 2022-07-13 13:19:32 +02:00
mutexblock.c Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
net.c Remove do-nothing header <isc/netdb.h> 2023-02-15 16:44:47 +00:00
netaddr.c Remove do-nothing header <isc/print.h> 2023-02-15 16:44:47 +00:00
netscope.c Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
nonce.c Switch the CSPRNG function from RAND_bytes() to uv_random() 2022-09-26 15:13:11 +02:00
openssl_shim.c Do not provide a shim for SSL_SESSION_is_resumable() 2022-05-23 18:25:18 +03:00
openssl_shim.h Do not provide a shim for SSL_SESSION_is_resumable() 2022-05-23 18:25:18 +03:00
os.c Add isc_os_umask() function to get current umask 2023-03-31 12:52:59 +00:00
os_p.h Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
parseint.c Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
picohttpparser.c Update sources to Clang 15 formatting 2022-11-29 08:54:34 +01:00
picohttpparser.h Add picohttpparser.{c.h} from https://github.com/h2o/picohttpparser 2022-10-14 11:26:54 +02:00
portset.c Use designated initializers instead of memset()/MEM_ZERO for structs 2022-10-05 16:44:05 +02:00
qsbr.c QSBR: safe memory reclamation for lock-free data structures 2023-02-23 15:57:53 +00:00
quota.c REQUIRE should not have side effects 2022-07-05 12:22:55 -07:00
radix.c Update sources to Clang 15 formatting 2022-11-29 08:54:34 +01:00
random.c Switch the CSPRNG function from RAND_bytes() to uv_random() 2022-09-26 15:13:11 +02:00
random_p.h Move random number re-seeding out of the hot path 2022-09-19 16:27:12 +02:00
ratelimiter.c remove isc_task completely 2023-02-16 18:35:32 +01:00
regex.c Remove do-nothing header <isc/print.h> 2023-02-15 16:44:47 +00:00
region.c Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
result.c Refactor isc_nm_xfr_allowed() 2023-01-19 10:24:08 +00:00
rwlock.c Add the reader-writer synchronization with modified C-RW-WP 2023-02-15 09:30:04 +01:00
safe.c Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
serial.c Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
signal.c Fix a crash when dig or host receive a signal 2023-03-31 09:52:54 +00:00
siphash.c Accept 'in=NULL' with 'inlen=0' in isc_{half}siphash24 2023-01-10 17:52:56 +11:00
sockaddr.c add ns_interface_create() 2023-03-28 12:38:28 -07:00
stats.c Remove do-nothing header <isc/print.h> 2023-02-15 16:44:47 +00:00
stdio.c Remove do-nothing header <isc/stat.h> 2023-02-15 16:44:47 +00:00
stdtime.c Provide isc_stdtime_now(void) that returns value 2023-03-31 13:16:28 +02:00
string.c Explain <isc/strerr.h> a little more 2023-02-15 16:44:09 +00:00
symtab.c Consolidate some ASCII tables in isc/ascii and isc/hex 2022-09-12 12:18:57 +01:00
syslog.c Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
tests Move all the unit tests to /tests/<libname>/ 2022-05-28 14:53:02 -07:00
thread.c Fix error reporting for POSIX Threads functions 2022-09-09 20:25:47 +02:00
tid.c Require C11 thread_local keyword and <threads.h> header 2023-02-08 21:33:23 +01:00
time.c Remove do-nothing header <isc/print.h> 2023-02-15 16:44:47 +00:00
timer.c remove isc_task completely 2023-02-16 18:35:32 +01:00
tls.c Add the reader-writer synchronization with modified C-RW-WP 2023-02-15 09:30:04 +01:00
tm.c Consolidate some ASCII tables in isc/ascii and isc/hex 2022-09-12 12:18:57 +01:00
trampoline.c Use thread_local EVP_MD_CTX in isc_iterated_hash() 2023-01-18 19:36:21 +01:00
trampoline_p.h Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
url.c Update sources to Clang 15 formatting 2022-11-29 08:54:34 +01:00
utf8.c Update sources to Clang 15 formatting 2022-11-29 08:54:34 +01:00
uv.c Add and use semantic patch to replace isc_mem_get/allocate+memset 2022-10-05 16:44:05 +02:00
work.c New event loop handling API 2022-08-25 12:24:29 +02:00
xml.c Add autoconf option to enable memory leak detection in libraries 2022-09-27 17:53:04 +02:00