]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1a2e46d) | patch
Test zone with truncated revoked DNSKEY
authorNicki Křížek <nicki@isc.org>
Mon, 13 Oct 2025 16:35:33 +0000 (18:35 +0200)
committerNicki Křížek <nicki@isc.org>
Mon, 5 Jan 2026 13:04:58 +0000 (14:04 +0100)
commit0ddfa108a730f38c8f23430506ac5398a08112ca
treeec63ed11ce41f29d4b0fa2dab95ff28928e06304tree | snapshot
parent1a2e46d364c8f706c02f3a3681195b03680419e8commit | diff
Test zone with truncated revoked DNSKEY

Ensure that named can handle a situation where the zone is signed with a
truncated, self-signed revoked DNSKEY. The signatures are inevitably
bogus and a SERVFAIL is expected. However, prior to CVE-2025-8677 fix,
this could trigger an assertion failure.
bin/tests/system/dnssec-malformed-dnskey/ns2/named.conf.j2 diff | blob | blame | history
bin/tests/system/dnssec-malformed-dnskey/ns2/truncated.selfsigned.db.signed [new file with mode: 0644] blob
bin/tests/system/dnssec-malformed-dnskey/ns2/trusted.conf.j2 diff | blob | blame | history
bin/tests/system/dnssec-malformed-dnskey/ns3/named.conf.j2 diff | blob | blame | history
bin/tests/system/dnssec-malformed-dnskey/tests_malformed_dnskey.py diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git