TrueCloudLab/coredns
16
0
Fork 2
Code Issues Pull requests4 Projects Releases Packages Wiki Activity Actions
coredns/plugin/sign/testdata
History
Miek Gieben a53321d9d6
plugin/sign: fix signing of authoritative data () 
Don't sign data we are not authoritative for. This adds an AuthWalk
which skips names we should not authoritative for. Adds a few tests to
check this is the case. Generates zones have been compared to
dnssec-signzone.

A number of changes have been made:

* don't add DS records to the apex
* NSEC TTL is the SOA's minttl value (copying bind9)
* Various cleanups
* signer struct was cleaned up: doesn't need ttl, nor expiration or
  inception.
* plugin/sign: remove apex stuff from names()
  This is never used because we will always have other types in the
  apex, because we *ADD* them ourselves, before we sign (DNSKEY, CDS and
  CDNSKEY).

Signed-off-by: Miek Gieben <miek@miek.nl>
Co-Authored-By: Chris O'Haver <cohaver@infoblox.com>
2019-12-06 19:54:31 +00:00
..
db.miek.nl plugin/sign: a plugin that signs zone () 2019-08-29 15:41:59 +01:00
db.miek.nl_ns plugin/sign: fix signing of authoritative data () 2019-12-06 19:54:31 +00:00
Kmiek.nl.+013+59725.key plugin/sign: a plugin that signs zone () 2019-08-29 15:41:59 +01:00
Kmiek.nl.+013+59725.private plugin/sign: a plugin that signs zone () 2019-08-29 15:41:59 +01:00