::arg().set("lua-prequery-script", "Lua script with prequery handler")="";
::arg().setSwitch("traceback-handler","Enable the traceback handler (Linux only)")="yes";
- ::arg().setSwitch("experimental-direct-dnskey","EXPERIMENTAL: fetch DNSKEY RRs from backend during DNSKEY synthesis")="no";
+ ::arg().setSwitch("direct-dnskey","Fetch DNSKEY RRs from backend during DNSKEY synthesis")="no";
::arg().setSwitch("add-superfluous-nsec3-for-old-bind","Add superfluous NSEC3 record to positive wildcard response")="yes";
::arg().set("default-ksk-algorithms","Default KSK algorithms")="rsasha256";
::arg().set("default-ksk-size","Default KSK size (0 means default)")="0";
haveOne=true;
}
- if(::arg().mustDo("experimental-direct-dnskey")) {
+ if(::arg().mustDo("direct-dnskey")) {
B.lookup(QType(QType::DNSKEY), p->qdomain, p, sd.domain_id);
while(B.get(rr)) {
rr.ttl=sd.default_ttl;
}
// fix direct DNSKEY ttl
- if(::arg().mustDo("experimental-direct-dnskey") && rr.qtype.getCode() == QType::DNSKEY) {
+ if(::arg().mustDo("direct-dnskey") && rr.qtype.getCode() == QType::DNSKEY) {
rr.ttl = sd.default_ttl;
}
#
# default-zsk-size=0
+#################################
+# direct-dnskey Fetch DNSKEY RRs from backend during DNSKEY synthesis
+#
+# direct-dnskey=no
+
#################################
# disable-axfr Disable zonetransfers but do allow TCP queries
#
#
# entropy-source=/dev/urandom
-#################################
-# experimental-direct-dnskey EXPERIMENTAL: fetch DNSKEY RRs from backend during DNSKEY synthesis
-#
-# experimental-direct-dnskey=no
-
#################################
# experimental-json-interface If the webserver should serve JSON data
#
::arg().set("module-dir","Default directory for modules")=LIBDIR;
::arg().set("entropy-source", "If set, read entropy from this file")="/dev/urandom";
- ::arg().setSwitch("experimental-direct-dnskey","EXPERIMENTAL: fetch DNSKEY RRs from backend during DNSKEY synthesis")="no";
+ ::arg().setSwitch("direct-dnskey","Fetch DNSKEY RRs from backend during DNSKEY synthesis")="no";
::arg().laxFile(configname.c_str());
BackendMakers().launch(::arg()["launch"]); // vrooooom!
if(!presigned && rr.qtype.getCode() == QType::DNSKEY)
{
- if(::arg().mustDo("experimental-direct-dnskey"))
+ if(::arg().mustDo("direct-dnskey"))
{
if(rr.ttl != sd.default_ttl)
{
algorithm2name(value.first.d_algorithm, algname);
cout<<"ID = "<<value.second.id<<" ("<<(value.second.keyOrZone ? "KSK" : "ZSK")<<"), tag = "<<value.first.getDNSKEY().getTag();
cout<<", algo = "<<(int)value.first.d_algorithm<<", bits = "<<value.first.getKey()->getBits()<<"\tActive: "<<value.second.active<< " ( " + algname + " ) "<<endl;
- if(value.second.keyOrZone || ::arg().mustDo("experimental-direct-dnskey"))
+ if(value.second.keyOrZone || ::arg().mustDo("direct-dnskey"))
cout<<(value.second.keyOrZone ? "KSK" : "ZSK")<<" DNSKEY = "<<zone<<" IN DNSKEY "<< value.first.getDNSKEY().getZoneRepresentation() << " ; ( " + algname + " )" << endl;
if(value.second.keyOrZone) {
cout<<"DS = "<<zone<<" IN DS "<<makeDSFromDNSKey(zone, value.first.getDNSKEY(), 1).getZoneRepresentation() << " ; ( SHA1 digest )" << endl;
return 0;
}
- if (!isPresigned && ((!::arg().mustDo("experimental-direct-dnskey") && rrType == QType::DNSKEY) || rrType == QType::RRSIG)) {
+ if (!isPresigned && ((!::arg().mustDo("direct-dnskey") && rrType == QType::DNSKEY) || rrType == QType::RRSIG)) {
L<<Logger::Warning<<msgPrefix<<"Trying to add/update/delete "<<rrLabel<<"|"<<rrType.getName()<<" in non-presigned zone, ignoring!"<<endl;
return 0;
}
csp.submit(rr);
}
- if(::arg().mustDo("experimental-direct-dnskey")) {
+ if(::arg().mustDo("direct-dnskey")) {
sd.db->lookup(QType(QType::DNSKEY), target, NULL, sd.domain_id);
while(sd.db->get(rr)) {
rr.ttl = sd.default_ttl;
// only skip the DNSKEY if direct-dnskey is enabled, to avoid changing behaviour
// when it is not enabled.
- if(::arg().mustDo("experimental-direct-dnskey") && rr.qtype.getCode() == QType::DNSKEY)
+ if(::arg().mustDo("direct-dnskey") && rr.qtype.getCode() == QType::DNSKEY)
continue;
records++;
--no-shuffle --launch=bind --bind-config=./named.conf \
--bind-dnssec-db=./dnssec.sqlite3 \
--send-root-referral \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --experimental-direct-dnskey=yes \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --direct-dnskey=yes \
--cache-ttl=$cachettl --no-config \
--bind-ignore-broken-records=yes $lua_prequery &
bindwait
$RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
--no-shuffle --launch=gmysql \
--master --send-root-referral \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --experimental-direct-dnskey=yes \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --direct-dnskey=yes \
--cache-ttl=$cachettl --no-config \
--gmysql-dbname="$GMYSQLDB" \
--gmysql-user="$GMYSQLUSER" \
$RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
--no-shuffle --launch --launch+=random --launch+=gmysql --launch+=random --gmysql-dnssec \
--send-root-referral \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --experimental-direct-dnskey=yes \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --direct-dnskey=yes \
--cache-ttl=$cachettl --no-config \
--gmysql-dbname="$GMYSQLDB" \
--gmysql-user="$GMYSQLUSER" \
projects / pdns / commitdiff