]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 72a640d) | patch
Implement named-checkconf -k (check keys)
authorMatthijs Mekking <matthijs@isc.org>
Thu, 28 Aug 2025 08:28:02 +0000 (10:28 +0200)
committerMatthijs Mekking <matthijs@isc.org>
Wed, 24 Sep 2025 15:03:06 +0000 (17:03 +0200)
commit9fe520ece9121a81dc3e77d11a9a93ae29468399
tree317e2fa485150ddb982431ee667e0422e59f0353tree | snapshot
parent72a640d8b1f5e7cc2c4f7c8432fbfaa2e69c4d75commit | diff
Implement named-checkconf -k (check keys)

With named-checkconf -k you can check your configuration including
checking the dnssec-policy keys against the configured keystores. If
there is a mismatch in the key files versus the policy, named-checkconf
will fail. This is useful for running before migrating to dnssec-policy.

For logging purposes, introduce a function that writes the identifying
information about a policy key into a string.

Allow a dnssec key to be initialized outside the keymgr code.

Add 'log_errors' to 'cfg_kasp_fromconfig' to avoid duplicate error
logs.
12 files changed:
bin/check/named-checkconf.c diff | blob | blame | history
bin/check/named-checkconf.rst diff | blob | blame | history
bin/dnssec/dnssectool.c diff | blob | blame | history
bin/named/server.c diff | blob | blame | history
lib/dns/include/dns/kasp.h diff | blob | blame | history
lib/dns/include/dns/keymgr.h diff | blob | blame | history
lib/dns/kasp.c diff | blob | blame | history
lib/dns/keymgr.c diff | blob | blame | history
lib/isccfg/check.c diff | blob | blame | history
lib/isccfg/include/isccfg/check.h diff | blob | blame | history
lib/isccfg/include/isccfg/kaspconf.h diff | blob | blame | history
lib/isccfg/kaspconf.c diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git