]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7a8eb8d) | patch
Remove checks when going to dnssec-policy none
authorMatthijs Mekking <matthijs@isc.org>
Tue, 11 Oct 2022 09:21:35 +0000 (11:21 +0200)
committerMatthijs Mekking <matthijs@isc.org>
Thu, 3 Nov 2022 10:43:02 +0000 (11:43 +0100)
commitbb1c40e0a33d4288a66fcad81a76a5bfc813848c
treeb6bd709b521a2508d0354b2e3d0ccf9808ad3363tree | snapshot
parent7a8eb8d035cbce1a897bc3865b7c6fb647f33bb2commit | diff
Remove checks when going to dnssec-policy none

The changes in the code have the side effect that the CDNSKEY and CDS
records in the secure version of the zone are not reusable and thus
are thrashed from the zone. Remove the apex checks for this use case.
We only care about that the zone is not immediately goes bogus, but
a user really should use the built-in "insecure" policy when unsigning
a zone.

(cherry picked from commit bc703a12e7adf83ac0cef3624fc846eb2c843dbb)
bin/tests/system/kasp/tests.sh diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git