Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Published CSYNC RR isn't signed. #47

Open
johanix opened this issue Aug 13, 2024 · 1 comment
Open

Published CSYNC RR isn't signed. #47

johanix opened this issue Aug 13, 2024 · 1 comment
Labels
bug Something isn't working priority This is important to get fixed

Comments

@johanix
Copy link
Owner

johanix commented Aug 13, 2024

No description provided.

@johanix johanix added bug Something isn't working priority This is important to get fixed labels Aug 14, 2024
@johanix
Copy link
Owner Author

johanix commented Aug 19, 2024

I think that all code that adds (or modifies) zonedata and then (for signed zones) also resigns parts should be restructured. Right now we add zone data in lots of places: adding KEY, adding CSYNC, adding CDS, adding DNSKEY, modifying SOA, adding DSYNC, adding DSYNC targets, etc, etc. Lots of locking and unlocking of the zonedata struct.

If we instead just created the RRset that should be added and then sent it to the DbUpdater() for publication and perhaps signing. Then the code in the sending end would be cleaned up and also the publication decision would be in a single place. For the agent case where we don't publish, there's a single place that can store away the RRset to be used to inform the operator that stuff needs publication.

In all a much cleaner alternative.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working priority This is important to get fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@johanix