git.ipfire.org Git - thirdparty/bind9.git/commit

]> git.ipfire.org Git - thirdparty/bind9.git/commit

projects / thirdparty / bind9.git / commit

author	Matthijs Mekking <matthijs@isc.org>
	Tue, 3 Mar 2020 05:58:45 +0000 (06:58 +0100)
committer	Matthijs Mekking <matthijs@isc.org>
	Mon, 9 Mar 2020 13:48:17 +0000 (14:48 +0100)
commit	e0bdff7ecd1040c5eb74fbfdd648c22e5902f297
tree	c89c6e1418e725fa4c797324551b24e46a4ae8c4	tree \| snapshot
parent	5979032512bf3bae209d979cdc0131f1aac549c1	commit \| diff

Fix race condition dnssec-policy with views

When configuring the same dnssec-policy for two zones with the same
name but in different views, there is a race condition for who will
run the keymgr first. If running sequential only one set of keys will
be created, if running parallel two set of keys will be created.

Lock the kasp when running looking for keys and running the key
manager. This way, for the same zone in different views only one
keyset will be created.

The dnssec-policy does not implement sharing keys between different
zones.

bin/tests/system/kasp/ns4/example1.db.in	[new file with mode: 0644]	blob
bin/tests/system/kasp/ns4/example2.db.in	[new file with mode: 0644]	blob
bin/tests/system/kasp/ns4/named.conf.in		diff \| blob \| blame \| history
bin/tests/system/kasp/ns4/setup.sh		diff \| blob \| blame \| history
bin/tests/system/kasp/tests.sh		diff \| blob \| blame \| history
lib/dns/kasp.c		diff \| blob \| blame \| history
lib/dns/zone.c		diff \| blob \| blame \| history

Mirror of https://gitlab.isc.org/isc-projects/bind9.git

RSS Atom