]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0411142) | patch
Use signer name when disabling DNSSEC algorithms
authorMark Andrews <marka@isc.org>
Thu, 7 Aug 2025 04:37:33 +0000 (14:37 +1000)
committerMark Andrews <marka@isc.org>
Thu, 25 Sep 2025 01:14:27 +0000 (11:14 +1000)
commita0945f6337fb4a27fb7104838ee51d3722e1e9a0
treee8d1902409c0c6dfb990c6565ddbda063a371b25tree | snapshot
parent0411142f8267c12c5691c0358f316a9e66ebae49commit | diff
Use signer name when disabling DNSSEC algorithms

When disabling algorithms, use the signer name to determine if the
algorithm is disabled or not.  This allows for algorithms to be
cleanly disabled on a zone level basis.  Previously, just using the
records owner name, "disable-algorithms" could impact resolution of
names that where not disabled.  This does now mean that
"disable-algorithms" can not be used to disable part of a zone anymore.
bin/tests/system/dnssec/ns3/badalg.secure.example.db.in [new file with mode: 0644] blob
bin/tests/system/dnssec/ns3/named.conf.j2 diff | blob | blame | history
bin/tests/system/dnssec/ns3/secure.example.db.in diff | blob | blame | history
bin/tests/system/dnssec/ns3/sign.sh diff | blob | blame | history
bin/tests/system/dnssec/tests_validation.py diff | blob | blame | history
lib/dns/validator.c diff | blob | blame | history
lib/ns/query.c diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git