]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ef1cb99) | patch
Remove checks when going to dnssec-policy none
authorMatthijs Mekking <matthijs@isc.org>
Tue, 11 Oct 2022 09:21:35 +0000 (11:21 +0200)
committerMatthijs Mekking <matthijs@isc.org>
Thu, 3 Nov 2022 09:20:05 +0000 (10:20 +0100)
commitbc703a12e7adf83ac0cef3624fc846eb2c843dbb
tree0e32176762062a920c23dcef52014b68d8b1a376tree | snapshot
parentef1cb9935c579d090ad2ee70376563464e39de6fcommit | diff
Remove checks when going to dnssec-policy none

The changes in the code have the side effect that the CDNSKEY and CDS
records in the secure version of the zone are not reusable and thus
are thrashed from the zone. Remove the apex checks for this use case.
We only care about that the zone is not immediately goes bogus, but
a user really should use the built-in "insecure" policy when unsigning
a zone.
bin/tests/system/kasp/tests.sh diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git