TrueCloudLab/coredns
16
0
Fork 2
Code Issues Pull requests 4 Projects Releases Packages Wiki Activity Actions
coredns/plugin/file/tree
History
Miek Gieben a53321d9d6
plugin/sign: fix signing of authoritative data (#3479) 
Don't sign data we are not authoritative for. This adds an AuthWalk
which skips names we should not authoritative for. Adds a few tests to
check this is the case. Generates zones have been compared to
dnssec-signzone.

A number of changes have been made:

* don't add DS records to the apex
* NSEC TTL is the SOA's minttl value (copying bind9)
* Various cleanups
* signer struct was cleaned up: doesn't need ttl, nor expiration or
  inception.
* plugin/sign: remove apex stuff from names()
  This is never used because we will always have other types in the
  apex, because we *ADD* them ourselves, before we sign (DNSKEY, CDS and
  CDNSKEY).

Signed-off-by: Miek Gieben <miek@miek.nl>
Co-Authored-By: Chris O'Haver <cohaver@infoblox.com>
2019-12-06 19:54:31 +00:00
..
all.go plugin/file: Rename do to walk and cleanup and document (#2987) 2019-07-18 17:44:47 +00:00
auth_walk.go plugin/sign: fix signing of authoritative data (#3479) 2019-12-06 19:54:31 +00:00
elem.go plugin/file: Rename do to walk and cleanup and document (#2987) 2019-07-18 17:44:47 +00:00
glue.go plugin/file: simplify locking (#3024) 2019-07-23 18:32:44 +00:00
less.go Replacing 'HTTP' by 'HTTPS' for securing links (#2591) 2019-02-21 07:21:25 +00:00
less_test.go Stop importing testing in the main binary (#2479) 2019-01-19 11:23:13 +00:00
print.go Remove the word middleware (#1067) 2017-09-14 09:36:06 +01:00
tree.go cleanup: remove redundant return statement (#3297) 2019-09-23 14:40:14 +01:00
walk.go plugin/sign: fix signing of authoritative data (#3479) 2019-12-06 19:54:31 +00:00