From c976764604c31b7ff86914f97ec8a04f56bb6e1a Mon Sep 17 00:00:00 2001 From: Kees Monshouwer Date: Mon, 8 Nov 2021 11:54:53 +0100 Subject: [PATCH] auth: api, remove CDS and CDNSKEY for now, in favor of https://www.ietf.org/archive/id/draft-thomassen-dnsop-dnssec-bootstrapping-02.html --- pdns/ws-auth.cc | 2 +- regression-tests.api/test_Zones.py | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/pdns/ws-auth.cc b/pdns/ws-auth.cc index c63b0cf8b6..5c062b63a5 100644 --- a/pdns/ws-auth.cc +++ b/pdns/ws-auth.cc @@ -59,7 +59,7 @@ static const std::set onlyOneEntryTypes = { QType::CNAME, QType::DNAME // QTypes that MUST NOT be used with any other QType on the same name. static const std::set exclusiveEntryTypes = { QType::CNAME }; // QTypes that MUST be at apex. -static const std::set atApexTypes = {QType::SOA, QType::DNSKEY, QType::CDNSKEY, QType::CDS}; +static const std::set atApexTypes = {QType::SOA, QType::DNSKEY}; // QTypes that are NOT allowed at apex. static const std::set nonApexTypes = {QType::DS}; diff --git a/regression-tests.api/test_Zones.py b/regression-tests.api/test_Zones.py index d163185f83..bd12e81bc8 100644 --- a/regression-tests.api/test_Zones.py +++ b/regression-tests.api/test_Zones.py @@ -1471,8 +1471,6 @@ $ORIGIN %NAME% @parameterized.expand([ ('SOA', 'ns1.example.org. test@example.org. 10 10800 3600 604800 1800'), ('DNSKEY', '257 3 8 AwEAAb/+pXOZWYQ8mv9WM5dFva8WU9jcIUdDuEjldbyfnkQ/xlrJC5zAEfhYhrea3SmIPmMTDimLqbh3/4SMTNPTUF+9+U1vpNfIRTFadqsmuU9Fddz3JqCcYwEpWbReg6DJOeyu+9oBoIQkPxFyLtIXEPGlQzrynKubn04Cx83I6NfzDTraJT3jLHKeW5PVc1ifqKzHz5TXdHHTA7NkJAa0sPcZCoNE1LpnJI/wcUpRUiuQhoLFeT1E432GuPuZ7y+agElGj0NnBxEgnHrhrnZWUbULpRa/il+Cr5Taj988HqX9Xdm6FjcP4Lbuds/44U7U8du224Q8jTrZ57Yvj4VDQKc='), - ('CDNSKEY', '0 3 0 AA=='), - ('CDS', '0 0 0 00'), ]) def test_only_at_apex(self, qtype, content): name, payload, zone = self.create_zone(soa_edit_api='') -- 2.47.2