]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d2f5511) | patch
Use signer name when disabling DNSSEC algorithms
authorMark Andrews <marka@isc.org>
Thu, 7 Aug 2025 04:37:33 +0000 (14:37 +1000)
committerMark Andrews <marka@isc.org>
Mon, 29 Sep 2025 01:16:24 +0000 (11:16 +1000)
commit2554a724d4e3435491bf797fd25dbdfe83a82665
tree59c664d0abf882e565d9d6e5379a14eae14096c5tree | snapshot
parentd2f551140cd008129f3a95e0f27d7e34f6aaa913commit | diff
Use signer name when disabling DNSSEC algorithms

When disabling algorithms, use the signer name to determine if the
algorithm is disabled or not.  This allows for algorithms to be
cleanly disabled on a zone level basis.  Previously, just using the
records owner name, "disable-algorithms" could impact resolution of
names that where not disabled.  This does now mean that
"disable-algorithms" can not be used to disable part of a zone anymore.

(cherry picked from commit a0945f6337fb4a27fb7104838ee51d3722e1e9a0)
bin/tests/system/dnssec/ns3/badalg.secure.example.db.in [new file with mode: 0644] blob
bin/tests/system/dnssec/ns3/named.conf.in diff | blob | blame | history
bin/tests/system/dnssec/ns3/secure.example.db.in diff | blob | blame | history
bin/tests/system/dnssec/ns3/sign.sh diff | blob | blame | history
bin/tests/system/dnssec/tests.sh diff | blob | blame | history
bin/tests/system/dnssec/tests_sh_dnssec.py diff | blob | blame | history
lib/dns/validator.c diff | blob | blame | history
lib/ns/query.c diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git