mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-09-02 15:45:25 +00:00
Code Issues Releases Wiki Activity

[master] fix keymgr with low prepublication interval

Browse Source 
4417.	[bug]		dnssec-keymgr could fail to create successor keys
			if the prepublication interval was set to a value
			smaller than the default. [RT #42820]

Patch submitted by Nis Wechselberg (enbewe@enbewe.de).
This commit is contained in:
Evan Hunt
2016-07-20 15:12:56 -07:00
parent a870e4e773
commit f7b5487474
8 changed files with 55 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
bin/python/isc/dnskey.py.in
View File

@@ -205,7 +205,7 @@ class dnskey:
except Exception as e:
raise Exception('unable to parse generated key: %s' % str(e))
def generate_successor(self, keygen_bin, randomdev, **kwargs):
def generate_successor(self, keygen_bin, randomdev, prepublish, **kwargs):
quiet = kwargs.get('quiet', False)
if not self.inactive():
@@ -219,6 +219,9 @@ class dnskey:
if randomdev:
keygen_cmd += ["-r", randomdev]
if prepublish:
keygen_cmd += ["-i", str(prepublish)]
if not quiet:
print('# ' + ' '.join(keygen_cmd))

2
bin/python/isc/keyseries.py.in
View File

@@ -123,7 +123,7 @@ class keyseries:
prev.commit(self._context['settime_path'], **kwargs)
key = prev.generate_successor(self._context['keygen_path'],
self._context['randomdev'],
**kwargs)
prepub, **kwargs)
key.setinactive(key.activate() + rp, **kwargs)
key.setdelete(key.inactive() + postpub, **kwargs)