[Freeipa-devel] [PATCH 0244-0245] Add basic support for inline-signingSeparate raw and secure zones in Zone Register
Petr Spacek
pspacek at redhat.com
Mon Nov 3 12:20:35 UTC 2014
On 7.5.2014 15:24, Petr Spacek wrote:
> On 18.4.2014 17:10, Petr Spacek wrote:
>> Hello,
>>
>> Add basic support for inline-signing.
>>
>> Inline-signing is enabled for zones with idnsSecInlineSigning attribute = TRUE.
>>
>> Limitations:
>> - Signing configuration is hardcoded in create_zone() as magic constants
>> - idnsSecInlineSigning attribute cannot be changed at run-time
>> - DNS updates are not supported
>> - Signing keys have to be pre-generated and stored in
>> <dyndb-ldap working directory>/<ldap intance name>/<zone name>/keys
>> directory before named is started
>>
>> https://fedorahosted.org/bind-dyndb-ldap/ticket/56
>
> Patch 244 v2 fixes incorrect ATTR_NONNULLS usage which causes segfaults when
> compiled with -O0.
>
> Patch 244 v2 obsoletes patch 253.
This is delayed push notice:
63c66344c576a965d5fe65c6275c105a1b86ad93
03ac7114e55435bc07515ee4ed9759481d315619
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list