mirror of
https://github.com/isc-projects/bind9.git
synced 2026-03-09 09:40:45 -04:00
0af8bbd49b
The keyfromlabel system ECDSA tests sometimes fail. When this happens the ZSK and KSK key id values differ by 1, which is an indication that the same key is used for both DNSKEY records. When the private key is retrieved with 'ENGINE_load_private_key()', the public key is already set. But sometimes that key differs from the key which was retrieved with 'ENGINE_load_public_key()'. The libp11 source code uses id to find the key and without IDs all the keys are "equal", so it is returning the first key in the array of the enumerated keys instead of the matching key. In our test we didn't use '--id', just '--label'. With this change, the system test should no longer fail intermittently. Note this is only an issue for ECDSA keys, not RSA keys. |
||
|---|---|---|
| .. | ||
| clean.sh | ||
| prereq.sh | ||
| setup.sh | ||
| template.db.in | ||
| tests.sh | ||