git.ipfire.org Git - thirdparty/bind9.git/commit

author	Matthijs Mekking <matthijs@isc.org>
	Tue, 21 Jun 2022 10:40:12 +0000 (12:40 +0200)
committer	Matthijs Mekking <matthijs@isc.org>
	Tue, 28 Jun 2022 09:56:31 +0000 (11:56 +0200)
commit	20acb8d3a385f62fcabcc8b0279ca74ba05e3e1d
tree	529086b58a673a67a476008120a9ea1597eaaa8f	tree \| snapshot
parent	5ff414e986fad453b0fd65c7ee14af277b1b73c2	commit \| diff

When loading dnssec-policies, inherit from default

Most of the settings (durations) are already inheriting from the default
because they use the constants from lib/dns/kasp.h. We need them as
constants so we can use them in named-checkconf to verify the policy
parameters.

The NSEC(3) parameters and keys should come from the actual default
policy. Change the call to cfg_kasp_fromconfig() to include the default
kasp. We also no longer need to corner case where config is NULL we load
the built-in policy: the built-in policies are now loaded when config is
set to named_g_config.

Finally, add a debug log (it is useful to see which policies are being
loaded).

bin/named/server.c		diff \| blob \| blame \| history
lib/isccfg/include/isccfg/kaspconf.h		diff \| blob \| blame \| history
lib/isccfg/kaspconf.c		diff \| blob \| blame \| history