backends/gsql/gsqlbackend.cc \
backends/gsql/gsqlbackend.hh backends/gsql/ssql.hh zoneparser-tng.cc \
dynlistener.cc dns.cc randombackend.cc dnssecsigner.cc polarrsakeyinfra.cc md5.cc \
- signingpipe.cc dnslabeltext.cc ednssubnet.cc cachecleaner.hh
+ signingpipe.cc dnslabeltext.cc ednssubnet.cc cachecleaner.hh \
+ aes/aescpp.h \
+ aes/aescrypt.c aes/aes.h aes/aeskey.c aes/aes_modes.c aes/aesopt.h \
+ aes/aestab.c aes/aestab.h aes/brg_endian.h aes/brg_types.h aes/dns_random.cc
pdnssec_LDFLAGS=@moduleobjects@ @modulelibs@ @DYNLINKFLAGS@ @LIBDL@ @THREADFLAGS@ $(BOOST_PROGRAM_OPTIONS_LDFLAGS) $(BOOST_SERIALIZATION_LDFLAGS)
../../unix_utility.cc ../../qtype.cc ../../dns.cc \
../../zoneparser-tng.cc ../../dnsrecords.cc ../../sillyrecords.cc \
../../dnswriter.cc dnslabeltext.cc ../../rcpgenerator.cc ../../dnsparser.cc ../../base64.cc \
-../../nsecrecords.cc ../../dnssecinfra.cc ../../base32.cc ../../md5.cc # ../../dbdnsseckeeper.cc
+../../nsecrecords.cc ../../dnssecinfra.cc ../../base32.cc ../../md5.cc ../../aes/dns_random.cc \
+../../aes/aescpp.h ../../aes/aescrypt.c ../../aes/aes.h ../../aes/aeskey.c ../../aes/aes_modes.c ../../aes/aesopt.h \
+../../aes/aestab.c ../../aes/aestab.h ../../aes/brg_endian.h ../../aes/brg_types.h # ../../dbdnsseckeeper.cc
zone2ldap_SOURCES=bindparser.yy bindlexer.l bind-dnssec.schema.sqlite3.sql.h \
../../arguments.cc ../../logger.cc zone2ldap.cc ../../statbag.cc ../../misc.cc \
../../unix_utility.cc ../../qtype.cc ../../zoneparser-tng.cc ../../dnsrecords.cc \
../../dnswriter.cc dnslabeltext.cc ../../rcpgenerator.cc ../../dnsparser.cc ../../base64.cc ../../sillyrecords.cc \
-../../nsecrecords.cc ../../dnssecinfra.cc ../../base32.cc ../../md5.cc # ../../dbdnsseckeeper.cc
+../../nsecrecords.cc ../../dnssecinfra.cc ../../base32.cc ../../md5.cc ../../aes/dns_random.cc \
+../../aes/aescpp.h ../../aes/aescrypt.c ../../aes/aes.h ../../aes/aeskey.c ../../aes/aes_modes.c ../../aes/aesopt.h \
+../../aes/aestab.c ../../aes/aestab.h ../../aes/brg_endian.h ../../aes/brg_types.h # ../../dbdnsseckeeper.cc
zone2ldap_LDFLAGS=@THREADFLAGS@
if HAVE_LIBPOLARSSL
#include <boost/foreach.hpp>
#include "md5.hh"
#include "dnsseckeeper.hh"
+#include "dns_random.hh"
#include "lock.hh"
/* this is where the RRSIGs begin, keys are retrieved,
if(doCache) {
WriteLock l(&g_signatures_lock);
- unsigned int weekno = time(0) / (86400*7); // we just spent milliseconds doing a signature, microsecond more won't kill us
+ /* we add some jitter here so not all your slaves start pruning their caches at the very same millisecond */
+ unsigned int weekno = (time(0) - dns_random(3600)) / (86400*7); // we just spent milliseconds doing a signature, microsecond more won't kill us
- if(g_cacheweekno != weekno) { // blunt but effective (C) Habbie
+ if(g_cacheweekno < weekno) { // blunt but effective (C) Habbie
g_signatures.clear();
g_cacheweekno = weekno;
}
projects / pdns / commitdiff