+2576. [bug] NSEC record were not being correctly signed when
+ a zone transitions from insecure to secure.
+ Handle such incorrectly signed zones. [RT #19114]
+
2574. [doc] Document nsupdate -g and -o. [RT #19351]
2573. [bug] Replacing a non-CNAME record with a CNAME record in a
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: query.c,v 1.313.20.6 2009/02/15 23:07:33 marka Exp $ */
+/* $Id: query.c,v 1.313.20.7 2009/03/13 01:38:51 marka Exp $ */
/*! \file */
goto cleanup;
fname = query_newname(client, dbuf, &b);
dns_fixedname_init(&fixed);
+ if (dns_rdataset_isassociated(rdataset))
+ dns_rdataset_disassociate(rdataset);
+ if (dns_rdataset_isassociated(sigrdataset))
+ dns_rdataset_disassociate(sigrdataset);
query_findclosestnsec3(name, db, version, client, rdataset,
sigrdataset, fname, ISC_TRUE,
dns_fixedname_name(&fixed));
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: zone.c,v 1.483.36.4 2009/02/16 02:04:05 marka Exp $ */
+/* $Id: zone.c,v 1.483.36.5 2009/03/13 01:38:51 marka Exp $ */
/*! \file */
goto next_rdataset;
if (is_ksk && rdataset.type != dns_rdatatype_dnskey)
goto next_rdataset;
- if (*delegation && !dns_rdatatype_atparent(rdataset.type))
+ if (*delegation &&
+ rdataset.type != dns_rdatatype_ds &&
+ rdataset.type != dns_rdatatype_nsec)
goto next_rdataset;
if (signed_with_key(db, node, version, rdataset.type, key))
goto next_rdataset;
projects / thirdparty / bind9.git / commitdiff
