]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
projects / thirdparty / bind9.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 31fa72e)
keygen -k: allow to set times, not genonly
authorMatthijs Mekking <matthijs@isc.org>
Tue, 28 Apr 2020 12:32:57 +0000 (14:32 +0200)
committerMatthijs Mekking <matthijs@isc.org>
Tue, 2 Jun 2020 07:12:38 +0000 (09:12 +0200)
For testing purposes mainly, we want to allow set keytimings on
generated keys, such that we don't have to "keygen/settime" which
can result in one second off times.

bin/dnssec/dnssec-keygen.c patch | blob | blame | history
bin/tests/system/kasp/ns3/setup.sh patch | blob | blame | history

diff --git a/bin/dnssec/dnssec-keygen.c b/bin/dnssec/dnssec-keygen.c
index 65823b1cd3b36198ce0a86822c2161d81bfdcb17..996b3ac6a62af49045730db95003518c0a9da556 100644 (file)
--- a/bin/dnssec/dnssec-keygen.c
+++ b/bin/dnssec/dnssec-keygen.c
@@ -1223,18 +1223,7 @@ main(int argc, char **argv) {
                        fatal("-k and -3 cannot be used together");
                }
 
-               if (ctx.setpub || ctx.setact || ctx.setrev || ctx.setinact ||
-                   ctx.setdel || ctx.unsetpub || ctx.unsetact ||
-                   ctx.unsetrev || ctx.unsetinact || ctx.unsetdel ||
-                   ctx.setsyncadd || ctx.setsyncdel)
-               {
-                       fatal("cannot use -k together with "
-                             "-P, -A, -R, -I, or -D options "
-                             "(use dnssec-settime on keys afterwards)");
-               }
-
                ctx.options |= DST_TYPE_STATE;
-               ctx.genonly = true;
 
                if (strcmp(ctx.policy, "default") == 0) {
                        ctx.use_nsec3 = false;
diff --git a/bin/tests/system/kasp/ns3/setup.sh b/bin/tests/system/kasp/ns3/setup.sh
index 354993364289b69040957dca42d2f7f9e6d4f386..6fc5c07a17e25f304c49607bc4c9cb2dce994dbb 100644 (file)
--- a/bin/tests/system/kasp/ns3/setup.sh
+++ b/bin/tests/system/kasp/ns3/setup.sh
@@ -71,8 +71,8 @@ $KEYGEN -a RSASHA1 -b 2000 -L 1234 $zone > keygen.out.$zone.1 2>&1
 $KEYGEN -a RSASHA1 -f KSK  -L 1234 $zone > keygen.out.$zone.2 2>&1
 
 zone="pregenerated.kasp"
-$KEYGEN -k rsasha1 -l policies/kasp.conf $zone > keygen.out.$zone.1 2>&1
-$KEYGEN -k rsasha1 -l policies/kasp.conf $zone > keygen.out.$zone.2 2>&1
+$KEYGEN -G -k rsasha1 -l policies/kasp.conf $zone > keygen.out.$zone.1 2>&1
+$KEYGEN -G -k rsasha1 -l policies/kasp.conf $zone > keygen.out.$zone.2 2>&1
 
 zone="rumoured.kasp"
 Tpub="now"
Mirror of https://gitlab.isc.org/isc-projects/bind9.git