mirror of
https://github.com/isc-projects/bind9.git
synced 2026-06-11 03:29:59 -04:00
e69eb0528a
The RFC says There MUST NOT be more than one DSYNC record for each combination of RRtype and Scheme. If we encounter more we should drop the response, as the DSYNC RRset is invalid.
39 lines
994 B
Bash
39 lines
994 B
Bash
#!/bin/sh -e
|
|
|
|
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
#
|
|
# SPDX-License-Identifier: MPL-2.0
|
|
#
|
|
# This Source Code Form is subject to the terms of the Mozilla Public
|
|
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
# file, you can obtain one at https://mozilla.org/MPL/2.0/.
|
|
#
|
|
# See the COPYRIGHT file distributed with this work for additional
|
|
# information regarding copyright ownership.
|
|
|
|
# shellcheck source=conf.sh
|
|
. ../../conf.sh
|
|
|
|
echo_i "ns2/setup.sh"
|
|
|
|
setup() {
|
|
zone="$1"
|
|
echo_i "setting up zone: $zone"
|
|
infile="${zone}.db.in"
|
|
zonefile="${zone}.db"
|
|
|
|
cp ../ns3/dsset-ns3-model2.$zone. .
|
|
cp ../ns4/dsset-ns4-model2.$zone. .
|
|
|
|
KSK=$($KEYGEN -q -a $DEFAULT_ALGORITHM -L 3600 -f KSK $zone)
|
|
ZSK=$($KEYGEN -q -a $DEFAULT_ALGORITHM -L 3600 $zone)
|
|
$DSFROMKEY $KSK.key >dsset-ns2-${zone}.
|
|
|
|
cat $infile $KSK.key $ZSK.key >$zonefile
|
|
$SIGNER -g -o $zone $zonefile
|
|
# >/dev/null 2>&1
|
|
}
|
|
|
|
setup "multisigner"
|
|
setup "bad-dsync"
|
|
setup "secondary"
|