]> git.ipfire.org Git - thirdparty/pdns.git/commitdiff
projects / thirdparty / pdns.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: af28b7b)
auth: added a new config for direct queries of dnskey signature
authord-wibowo <d.wibowo@samsung.com>
Fri, 23 Aug 2024 06:30:23 +0000 (13:30 +0700)
committerd-wibowo <d.wibowo@samsung.com>
Fri, 23 Aug 2024 06:30:23 +0000 (13:30 +0700)
pdns/auth-main.cc patch | blob | blame | history
pdns/dnssecsigner.cc patch | blob | blame | history

diff --git a/pdns/auth-main.cc b/pdns/auth-main.cc
index 691242143f2ea41804c49dd17cac2f892b8571c8..722ae7e86051a2c16a639ab2c445c3ac0d7eaf65 100644 (file)
--- a/pdns/auth-main.cc
+++ b/pdns/auth-main.cc
@@ -295,6 +295,7 @@ static void declareArguments()
 
   ::arg().setSwitch("traceback-handler", "Enable the traceback handler (Linux only)") = "yes";
   ::arg().setSwitch("direct-dnskey", "Fetch DNSKEY, CDS and CDNSKEY RRs from backend during DNSKEY or CDS/CDNSKEY synthesis") = "no";
+  ::arg().setSwitch("direct-dnskey-signature", "Fetch signature of DNSKEY RRs from backend directly") = "no";
   ::arg().set("default-ksk-algorithm", "Default KSK algorithm") = "ecdsa256";
   ::arg().set("default-ksk-size", "Default KSK size (0 means default)") = "0";
   ::arg().set("default-zsk-algorithm", "Default ZSK algorithm") = "";
diff --git a/pdns/dnssecsigner.cc b/pdns/dnssecsigner.cc
index 0e122c11a3192d3ba534119b7693ff007743895b..041a642a503bf78549552781cdc9504a79fe3a5b 100644 (file)
--- a/pdns/dnssecsigner.cc
+++ b/pdns/dnssecsigner.cc
@@ -151,7 +151,7 @@ static void addSignature(DNSSECKeeper& dk, UeberBackend& db, const DNSName& sign
   if(toSign.empty())
     return;
   vector<RRSIGRecordContent> rrcs;
-  if(dk.isPresigned(signer)) {
+  if(dk.isPresigned(signer) || (::arg().mustDo("direct-dnskey-signature") && signQType == QType::DNSKEY)) {
     //cerr<<"Doing presignatures"<<endl;
     dk.getPreRRSIGs(db, outsigned, origTTL, packet); // does it all
   }
Unnamed repository; edit this file 'description' to name the repository.