BIND 10 #931: Implement signing part in b10-auth
BIND 10 Development
do-not-reply at isc.org
Wed May 18 21:52:06 UTC 2011
#931: Implement signing part in b10-auth
-------------------------------------+-------------------------------------
Reporter: | Owner: jinmei
vorner | Status: reviewing
Type: task | Milestone:
Priority: major | Sprint-20110531
Component: | Resolution:
Unclassified | Sensitive: 0
Keywords: | Sub-Project: DNS
Defect Severity: N/A | Estimated Difficulty: 0.0
Feature Depending on Ticket: tsig | Total Hours: 0
Add Hours to Ticket: 0 |
Internal?: 0 |
-------------------------------------+-------------------------------------
Changes (by vorner):
* owner: vorner => jinmei
* status: assigned => reviewing
Comment:
It is ready for review. I tested it with dig and it seems to work (I
didn't check the signature itself, but there's one).
There are few unrelated bug fixes, but it didn't work without them. Maybe
they could be done better or might need some tests for them (I tested it
when it stopped crashing, instead of writing tests first, it's faster when
trying to find the source of problem). Is it OK to do it in another
ticket?
The proposed changelog is:
{{{
Authoritative server can now sign the answers using TSIG (configured in
tsig_keys/keys,
list of strings like "name:c2VjcmV0Cg==:sha1-hmac"). It doesn't use them
for ACL yet,
only signs if the request is signed.
}}}
--
Ticket URL: <http://bind10.isc.org/ticket/931#comment:4>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list