mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 06:25:31 +00:00
Code Issues Releases Wiki Activity

keygen -k: allow to set times, not genonly

Browse Source 
For testing purposes mainly, we want to allow set keytimings on
generated keys, such that we don't have to "keygen/settime" which
can result in one second off times.
This commit is contained in:
Matthijs Mekking
2020-04-28 14:32:57 +02:00
parent 31fa72ec2e
commit 1c21631730
2 changed files with 2 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
bin/dnssec/dnssec-keygen.c
View File

@@ -1223,18 +1223,7 @@ main(int argc, char **argv) {
fatal("-k and -3 cannot be used together");
}
if (ctx.setpub || ctx.setact || ctx.setrev || ctx.setinact ||
ctx.setdel || ctx.unsetpub || ctx.unsetact ||
ctx.unsetrev || ctx.unsetinact || ctx.unsetdel ||
ctx.setsyncadd || ctx.setsyncdel)
{
fatal("cannot use -k together with "
"-P, -A, -R, -I, or -D options "
"(use dnssec-settime on keys afterwards)");
}
ctx.options |= DST_TYPE_STATE;
ctx.genonly = true;
if (strcmp(ctx.policy, "default") == 0) {
ctx.use_nsec3 = false;

4
bin/tests/system/kasp/ns3/setup.sh
View File

@@ -71,8 +71,8 @@ $KEYGEN -a RSASHA1 -b 2000 -L 1234 $zone > keygen.out.$zone.1 2>&1
$KEYGEN -a RSASHA1 -f KSK -L 1234 $zone > keygen.out.$zone.2 2>&1
zone="pregenerated.kasp"
$KEYGEN -k rsasha1 -l policies/kasp.conf $zone > keygen.out.$zone.1 2>&1
$KEYGEN -k rsasha1 -l policies/kasp.conf $zone > keygen.out.$zone.2 2>&1
$KEYGEN -G -k rsasha1 -l policies/kasp.conf $zone > keygen.out.$zone.1 2>&1
$KEYGEN -G -k rsasha1 -l policies/kasp.conf $zone > keygen.out.$zone.2 2>&1
zone="rumoured.kasp"
Tpub="now"