]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8b50d63) | patch
add DNSSEC EDE test for unsupported digest and alg
authorColin Vidal <colin@isc.org>
Mon, 20 Jan 2025 19:59:23 +0000 (20:59 +0100)
committerColin Vidal <colin@isc.org>
Fri, 24 Jan 2025 12:26:30 +0000 (12:26 +0000)
commit244923b9dc841bbfb8d9e0758733d991df4658b1
treea5dd11cb16836651b4fb2b6876960153e4aeb9c3tree | snapshot
parent8b50d63fe195ccefa3821b45d1449b9f5019c296commit | diff
add DNSSEC EDE test for unsupported digest and alg

A DNSSEC validation can fail in the case where multiple DNSKEY are
available for a zone and none of them are supported, but for different
reasons: one has a DS record in the parent zone using an unsupported
digest while the other one uses an unsupported encryption algorithm.

Add a specific test case covering this flow and making sure that two
extended DNS error are provided: code 1 and 2, each of them highlighting
unsupported algorithm and digest.
bin/tests/system/dnssec/ns2/example.db.in diff | blob | blame | history
bin/tests/system/dnssec/ns2/sign.sh diff | blob | blame | history
bin/tests/system/dnssec/ns3/digest-alg-unsupported.example.db.in [new file with mode: 0644] blob
bin/tests/system/dnssec/ns3/named.conf.in diff | blob | blame | history
bin/tests/system/dnssec/ns3/sign.sh diff | blob | blame | history
bin/tests/system/dnssec/ns4/named1.conf.in diff | blob | blame | history
bin/tests/system/dnssec/ns4/named2.conf.in diff | blob | blame | history
bin/tests/system/dnssec/ns4/named3.conf.in diff | blob | blame | history
bin/tests/system/dnssec/ns4/named4.conf.in diff | blob | blame | history
bin/tests/system/dnssec/tests.sh diff | blob | blame | history
bin/tests/system/dnssec/tests_sh_dnssec.py diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git