[Freeipa-devel] [PATCH 0244-0245] Add basic support for inline-signingSeparate raw and secure zones in Zone Register
Petr Spacek
pspacek at redhat.com
Wed May 7 13:24:22 UTC 2014
On 18.4.2014 17:10, Petr Spacek wrote:
> Hello,
>
> Add basic support for inline-signing.
>
> Inline-signing is enabled for zones with idnsSecInlineSigning attribute = TRUE.
>
> Limitations:
> - Signing configuration is hardcoded in create_zone() as magic constants
> - idnsSecInlineSigning attribute cannot be changed at run-time
> - DNS updates are not supported
> - Signing keys have to be pre-generated and stored in
> <dyndb-ldap working directory>/<ldap intance name>/<zone name>/keys
> directory before named is started
>
> https://fedorahosted.org/bind-dyndb-ldap/ticket/56
Patch 244 v2 fixes incorrect ATTR_NONNULLS usage which causes segfaults when
compiled with -O0.
Patch 244 v2 obsoletes patch 253.
--
Petr^2 Spacek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: bind-dyndb-ldap-pspacek-0244-2-Separate-raw-and-secure-zones-in-Zone-Register.patch
Type: text/x-patch
Size: 13738 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140507/63ca09a1/attachment.bin>
More information about the Freeipa-devel
mailing list