Matthijs Mekking 0ae3ffdc1c Fix NSEC3 resalting upon restart ... When named restarts, it will examine signed zones and checks if the current denial of existence strategy matches the dnssec-policy. If not, it will schedule to create a new NSEC(3) chain. However, on startup the zone database may not be read yet, fooling BIND that the denial of existence chain needs to be created. This results in a replacement of the previous NSEC(3) chain. Change the code such that if the NSEC3PARAM lookup failed (the result did not return in ISC_R_SUCCESS or ISC_R_NOTFOUND), we will try again later. The nsec3param structure has additional variables to signal if the lookup is postponed. We also need to save the signal if an explicit resalt was requested. In addition to the two added boolean variables, we add a variable to store the NSEC3PARAM rdata. This may have a yet to be determined salt value. We can't create the private data yet because there may be a mismatch in salt length and the NULL salt value.		2021-06-09 09:14:09 +02:00
..
bind9	Check key-directory duplicates for kasp zones	2021-05-18 15:47:02 +02:00
dns	Fix NSEC3 resalting upon restart	2021-06-09 09:14:09 +02:00
irs	Record skipped unit test as skipped in Automake framework	2021-02-15 11:18:03 +01:00
isc	Report which assertion failed when calling set_global_error	2021-06-03 11:55:31 +10:00
isccc	Record skipped unit test as skipped in Automake framework	2021-02-15 11:18:03 +01:00
isccfg	Add configuration option to set send/recv buffers on the nm sockets	2021-05-17 08:47:09 +02:00
ns	Several serve-stale improvements	2021-05-30 11:45:35 -07:00
win32/bindevt	update all copyright headers to eliminate the typo	2020-09-14 16:20:40 -07:00
.gitignore	Provide unit test driver	2020-05-21 12:13:01 +02:00
Makefile.am	move samples/resolve.c to bin/tests/system	2021-04-16 14:29:43 +02:00
unit-test-driver.sh.in	Enforce a run time limit on unit test binaries	2021-04-07 11:41:45 +02:00