From: Matthijs Mekking <matthijs@isc.org>
Date: Thu, 7 Jan 2021 16:41:38 +0000 (+0100)
Subject: Fix signatures-validity config option
X-Git-Tag: v9.17.10~36^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ad63e9e4f84a126fb076fdc16aff7ebf7f21db44;p=thirdparty%2Fbind9.git

Fix signatures-validity config option

KASP was using 'signatures-validity-dnskey' instead of
'signatures-validity'.
---

diff --git a/CHANGES b/CHANGES
index 97ebc9f6c87..d5603fca4d0 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+5561.	[bug]		KASP incorrectly set signature validity to the value
+			of the DNSKEY signature validity. This is now fixed.
+			[GL #2383]
+
 5560.	[func]		The default value of "max-stale-ttl" has been changed
 			from 12 hours to 1 day and the default value of
 			"stale-answer-ttl" has been changed from 1 second to
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst
index 60cd4d2ed5b..eec08c3a79c 100644
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -65,3 +65,6 @@ Bug Fixes
 
 - Prevent rbtdb instances being destroyed by multiple threads at the same
   time. This can trigger assertion failures. [GL #2355]
+
+- KASP incorrectly set signature validity to the value of the DNSKEY signature
+  validity. This is now fixed. [GL #2383]
diff --git a/lib/dns/kasp.c b/lib/dns/kasp.c
index fc98a6c7cd8..5a0cd302868 100644
--- a/lib/dns/kasp.c
+++ b/lib/dns/kasp.c
@@ -184,7 +184,7 @@ dns_kasp_setsigvalidity_dnskey(dns_kasp_t *kasp, uint32_t value) {
 	REQUIRE(DNS_KASP_VALID(kasp));
 	REQUIRE(!kasp->frozen);
 
-	kasp->signatures_validity = value;
+	kasp->signatures_validity_dnskey = value;
 }
 
 dns_ttl_t