Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Stop setting auth=1 on NS records of secure delegations. Spotted by G…
…eorge Notaras, patch by Kees Monshouwer. Fixes #605 git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2831 d19b8d6e-7fed-0310-83ef-9ca221ded41b
- Loading branch information
Peter van Dijk
committed
Oct 29, 2012
1 parent
9af87ad
commit c2df797
Showing
26 changed files
with
110 additions
and
44 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
#!/bin/sh | ||
cleandig dsdelegation.example.com DS dnssec |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
This test tries to resolve a DS question at a secure delegation. | ||
It was written specifically to verify that we do not sign NS records | ||
at secure delegations. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
0 dsdelegation.example.com. IN DS 120 28129 8 1 caf1eaaecdabe7616670788f9022454bf5fd9fda | ||
2 . IN OPT 32768 | ||
Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 | ||
Reply to question for qname='dsdelegation.example.com.', qtype=DS |
5 changes: 5 additions & 0 deletions
5
regression-tests/ds-at-secure-delegation/expected_result.dnssec
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
0 dsdelegation.example.com. IN DS 120 28129 8 1 caf1eaaecdabe7616670788f9022454bf5fd9fda | ||
0 dsdelegation.example.com. IN RRSIG 120 DS 8 3 120 [expiry] [inception] [keytag] example.com. ... | ||
2 . IN OPT 32768 | ||
Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 | ||
Reply to question for qname='dsdelegation.example.com.', qtype=DS |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
regression-tests/nxdomain-below-nonempty-terminal/expected_result
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
#!/bin/sh | ||
cleandig www.dsdelegation.example.com A dnssec |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
This test checks the DS/NS response for a secure referral. | ||
It was written specifically to verify that we do not sign NS records | ||
at secure delegations. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
1 dsdelegation.example.com. IN NS 120 ns.example.com. | ||
2 . IN OPT 32768 | ||
Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 0, opcode: 0 | ||
Reply to question for qname='www.dsdelegation.example.com.', qtype=A |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
1 dsdelegation.example.com. IN DS 120 28129 8 1 caf1eaaecdabe7616670788f9022454bf5fd9fda | ||
1 dsdelegation.example.com. IN NS 120 ns.example.com. | ||
1 dsdelegation.example.com. IN RRSIG 120 DS 8 3 120 [expiry] [inception] [keytag] example.com. ... | ||
2 . IN OPT 32768 | ||
Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 0, opcode: 0 | ||
Reply to question for qname='www.dsdelegation.example.com.', qtype=A |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters