rm -f dig.out*
rm -f journalprint.out.*
rm -f ns1/managed-keys.bind
+rm -f ns2/managed-keys.bind
rm -f tmp.jnl
--- /dev/null
+$ORIGIN .
+$TTL 0 ; 0 seconds
+@ IN SOA . . (
+ 29 ; serial
+ 0 ; refresh (0 seconds)
+ 0 ; retry (0 seconds)
+ 0 ; expire (0 seconds)
+ 0 ; minimum (0 seconds)
+ )
+ KEYDATA 20210611104535 19700101000000 19700101000000 0 0 0 (
+
+ ) ; ZSK; alg = 0; key id = 0
+ ; next refresh: Fri, 11 Jun 2021 10:45:35 GMT
+ ; no trust
--- /dev/null
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+options {
+ query-source address 10.53.0.2;
+ notify-source 10.53.0.2;
+ transfer-source 10.53.0.2;
+ port @PORT@;
+ session-keyfile "session.key";
+ pid-file "named.pid";
+ listen-on { 10.53.0.2; };
+ listen-on-v6 { none; };
+ dnssec-validation yes;
+ minimal-responses no;
+ recursion no;
+ notify yes;
+};
+
+key rndc_key {
+ secret "1234abcd8765";
+ algorithm hmac-sha256;
+};
+
+controls {
+ inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
cp ns1/managed-keys.bind.in ns1/managed-keys.bind
$PERL ../fromhex.pl < ns1/managed-keys.bind.jnl.in > ns1/managed-keys.bind.jnl
+
+copy_setports ns2/named.conf.in ns2/named.conf
+cp ns2/managed-keys.bind.in ns2/managed-keys.bind
+cp ns2/managed-keys.bind.jnl.in ns2/managed-keys.bind.jnl
[ $ret -eq 0 ] || echo_i "failed"
status=`expr $status + $ret`
+n=`expr $n + 1`
+echo_i "check that journal is applied to zone with keydata placeholder record"
+ret=0
+grep 'managed-keys-zone: journal rollforward completed successfully: up to date' ns2/named.run > /dev/null 2>&1 || ret=1
+[ $ret -eq 0 ] || echo_i "failed"
+
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
RETTOK(dns_secalg_fromtext(&alg, &token.value.as_textregion));
RETERR(mem_tobuffer(target, &alg, 1));
+ /* Do we have a placeholder KEYDATA record? */
+ if (flags == 0 && proto == 0 && alg == 0) {
+ return (ISC_R_SUCCESS);
+ }
+
/* No Key? */
if ((flags & 0xc000) == 0xc000) {
return (ISC_R_SUCCESS);
isc_region_t sr;
char buf[sizeof("64000")];
unsigned int flags;
- unsigned char algorithm;
+ unsigned char proto, algorithm;
unsigned long refresh, add, deltime;
char algbuf[DNS_NAME_FORMATSIZE];
const char *keyinfo;
}
/* protocol */
- snprintf(buf, sizeof(buf), "%u", sr.base[0]);
+ proto = sr.base[0];
+ snprintf(buf, sizeof(buf), "%u", proto);
isc_region_consume(&sr, 1);
RETERR(str_totext(buf, target));
RETERR(str_totext(" ", target));
isc_region_consume(&sr, 1);
RETERR(str_totext(buf, target));
+ /* Do we have a placeholder KEYDATA record? */
+ if (flags == 0 && proto == 0 && algorithm == 0) {
+ if ((tctx->flags & DNS_STYLEFLAG_RRCOMMENT) != 0) {
+ RETERR(str_totext(" ; placeholder", target));
+ }
+ return (ISC_R_SUCCESS);
+ }
+
/* No Key? */
if ((flags & 0xc000) == 0xc000) {
return (ISC_R_SUCCESS);
projects / thirdparty / bind9.git / commitdiff
