git.ipfire.org Git - thirdparty/bind9.git/commit

author	Matthijs Mekking <matthijs@isc.org>
	Thu, 24 Jun 2021 15:01:42 +0000 (17:01 +0200)
committer	Matthijs Mekking <matthijs@isc.org>
	Wed, 30 Jun 2021 15:28:49 +0000 (17:28 +0200)
commit	f7872dbd206c0727e284780022bd356ca4ccdf0d
tree	90a7e1457677dceba2993ced9c29d899c04413ad	tree \| snapshot
parent	1a505549635444dfc3afed636803c7d7af05773e	commit \| diff

Add checkds code

Similar to notify, add code to send and keep track of checkds requests.

On every zone_rekey event, we will check the DS at parental agents
(but we will only actually query parental agents if theree is a DS
scheduled to be published/withdrawn).

On a zone_rekey event, we will first clear the ongoing checkds requests.
Reset the counter, to avoid continuing KSK rollover premature.

This has the risk that if zone_rekey events happen too soon after each
other, there are redundant DS queries to the parental agents. But
if TTLs and the configured durations in the dnssec-policy are sane (as
in not ridiculous short) the chance of this happening is low.

lib/dns/include/dns/events.h		diff \| blob \| blame \| history
lib/dns/zone.c		diff \| blob \| blame \| history