+2773. [bug] In autosigned zones, the SOA could be signed
+ with the KSK. [RT #20628]
+
--- 9.7.0b3 released ---
2772. [security] When validating, track whether pending data was from
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: update.c,v 1.168 2009/11/09 01:28:32 each Exp $ */
+/* $Id: update.c,v 1.169 2009/11/18 21:22:31 each Exp $ */
#include <config.h>
if (type == dns_rdatatype_dnskey) {
if (!KSK(keys[i]) && keyset_kskonly)
continue;
- } else if (!KSK(keys[i]))
+ } else if (KSK(keys[i]))
continue;
} else if (REVOKE(keys[i]) && type != dns_rdatatype_dnskey)
continue;
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: zone.c,v 1.529 2009/11/12 23:47:59 tbox Exp $ */
+/* $Id: zone.c,v 1.530 2009/11/18 21:22:31 each Exp $ */
/*! \file */
if (type == dns_rdatatype_dnskey) {
if (!KSK(keys[i]) && keyset_kskonly)
continue;
- } else if (!KSK(keys[i]))
+ } else if (KSK(keys[i]))
continue;
} else if (REVOKE(keys[i]) && type != dns_rdatatype_dnskey)
continue;
projects / thirdparty / bind9.git / commitdiff
