mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 22:15:20 +00:00
Code Issues Releases Wiki Activity

Various rndc dnssec -checkds fixes

Browse Source 
While working on 'rndc dnssec -rollover' I noticed the following
(small) issues:

- The key files where updated with hints set to "-when" and that
  should always be "now.
- The kasp system test did not properly update the test number when
  calling 'rndc dnssec -checkds' (and ensuring that works).
- There was a missing ']' in the rndc.c help output.
This commit is contained in:
Matthijs Mekking
2020-08-24 10:05:28 +02:00
parent fcd34abb9e
commit edc53fc416
4 changed files with 34 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
lib/dns/keymgr.c
View File

@@ -1864,8 +1864,9 @@ failure:
static isc_result_t
keymgr_checkds(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring,
const char *directory, isc_stdtime_t now, bool dspublish,
dns_keytag_t id, unsigned int alg, bool check_id) {
const char *directory, isc_stdtime_t now, isc_stdtime_t when,
bool dspublish, dns_keytag_t id, unsigned int alg,
bool check_id) {
int options = (DST_TYPE_PRIVATE | DST_TYPE_PUBLIC | DST_TYPE_STATE);
isc_dir_t dir;
isc_result_t result;
@@ -1905,9 +1906,9 @@ keymgr_checkds(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring,
}
if (dspublish) {
dst_key_settime(ksk_key->key, DST_TIME_DSPUBLISH, now);
dst_key_settime(ksk_key->key, DST_TIME_DSPUBLISH, when);
} else {
dst_key_settime(ksk_key->key, DST_TIME_DSDELETE, now);
dst_key_settime(ksk_key->key, DST_TIME_DSDELETE, when);
}
/* Store key state and update hints. */
@@ -1929,17 +1930,19 @@ keymgr_checkds(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring,
isc_result_t
dns_keymgr_checkds(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring,
const char *directory, isc_stdtime_t now, bool dspublish) {
return (keymgr_checkds(kasp, keyring, directory, now, dspublish, 0, 0,
false));
const char *directory, isc_stdtime_t now, isc_stdtime_t when,
bool dspublish) {
return (keymgr_checkds(kasp, keyring, directory, now, when, dspublish,
0, 0, false));
}
isc_result_t
dns_keymgr_checkds_id(dns_kasp_t *kasp, dns_dnsseckeylist_t *keyring,
const char *directory, isc_stdtime_t now, bool dspublish,
dns_keytag_t id, unsigned int alg) {
return (keymgr_checkds(kasp, keyring, directory, now, dspublish, id,
alg, true));
const char *directory, isc_stdtime_t now,
isc_stdtime_t when, bool dspublish, dns_keytag_t id,
unsigned int alg) {
return (keymgr_checkds(kasp, keyring, directory, now, when, dspublish,
id, alg, true));
}
static void