]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 596f1ad) | patch
Update optout test to reconfig to NSEC
authorMatthijs Mekking <matthijs@isc.org>
Tue, 9 Dec 2025 13:12:08 +0000 (14:12 +0100)
committerMark Andrews <marka@isc.org>
Mon, 22 Dec 2025 04:31:42 +0000 (15:31 +1100)
commit95187ee3deb9f260fc1498e1e0cfbca1c8b74da6
treedd29e0ce50fb1cd6dc634dec41967726b329de10tree | snapshot
parent596f1adbb4ae7a8286f37377c61ad63e0b5654e5commit | diff
Update optout test to reconfig to NSEC

If we change from NSEC3 to NSEC we should not produce a zone with
missing NSEC records.

The code only considered having seen a record if there was previously
a signature present at the owner name. However with opt-out, insecure
delegations don't have a RRSIG record. Reconfiguring to NSEC causes
all insecure delegations to have a missing NSEC record.

Add a DNAME record to the test zone to also cover DNAME delegations.

(cherry picked from commit 3679bd48885273819c02341ff0392c7a54c4b668)
bin/tests/system/optout/ns2/named.conf.j2 diff | blob | blame | history
bin/tests/system/optout/ns2/small.test.db [new file with mode: 0644] blob
bin/tests/system/optout/ns2/test.db diff | blob | blame | history
bin/tests/system/optout/setup.sh [deleted file] blob | blame | history
bin/tests/system/optout/tests_optout.py diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git