::arg().set("lua-prequery-script", "Lua script with prequery handler")="";
::arg().setSwitch("traceback-handler","Enable the traceback handler (Linux only)")="yes";
- ::arg().setSwitch("experimental-direct-dnskey","EXPERIMENTAL: fetch DNSKEY RRs from backend during DNSKEY synthesis")="no";
+ ::arg().setSwitch("direct-dnskey","Fetch DNSKEY RRs from backend during DNSKEY synthesis")="no";
::arg().setSwitch("add-superfluous-nsec3-for-old-bind","Add superfluous NSEC3 record to positive wildcard response")="yes";
::arg().set("default-ksk-algorithms","Default KSK algorithms")="rsasha256";
::arg().set("default-ksk-size","Default KSK size (0 means default)")="0";
haveOne=true;
}
- if(::arg().mustDo("experimental-direct-dnskey")) {
+ if(::arg().mustDo("direct-dnskey")) {
B.lookup(QType(QType::DNSKEY), p->qdomain, p, sd.domain_id);
while(B.get(rr)) {
rr.ttl=sd.default_ttl;
}
// fix direct DNSKEY ttl
- if(::arg().mustDo("experimental-direct-dnskey") && rr.qtype.getCode() == QType::DNSKEY) {
+ if(::arg().mustDo("direct-dnskey") && rr.qtype.getCode() == QType::DNSKEY) {
rr.ttl = sd.default_ttl;
}
#
# default-zsk-size=0
+#################################
+# direct-dnskey Fetch DNSKEY RRs from backend during DNSKEY synthesis
+#
+# direct-dnskey=no
+
#################################
# disable-axfr Disable zonetransfers but do allow TCP queries
#
#
# entropy-source=/dev/urandom
-#################################
-# experimental-direct-dnskey EXPERIMENTAL: fetch DNSKEY RRs from backend during DNSKEY synthesis
-#
-# experimental-direct-dnskey=no
-
#################################
# experimental-json-interface If the webserver should serve JSON data
#
::arg().set("max-ent-entries", "Maximum number of empty non-terminals in a zone")="100000";
::arg().set("module-dir","Default directory for modules")=LIBDIR;
- ::arg().setSwitch("experimental-direct-dnskey","EXPERIMENTAL: fetch DNSKEY RRs from backend during DNSKEY synthesis")="no";
+ ::arg().setSwitch("direct-dnskey","Fetch DNSKEY RRs from backend during DNSKEY synthesis")="no";
::arg().laxFile(configname.c_str());
BackendMakers().launch(::arg()["launch"]); // vrooooom!
if(!presigned && rr.qtype.getCode() == QType::DNSKEY)
{
- if(::arg().mustDo("experimental-direct-dnskey"))
+ if(::arg().mustDo("direct-dnskey"))
{
if(rr.ttl != sd.default_ttl)
{
algorithm2name(value.first.d_algorithm, algname);
cout<<"ID = "<<value.second.id<<" ("<<(value.second.keyOrZone ? "KSK" : "ZSK")<<"), tag = "<<value.first.getDNSKEY().getTag();
cout<<", algo = "<<(int)value.first.d_algorithm<<", bits = "<<value.first.getKey()->getBits()<<"\tActive: "<<value.second.active<< " ( " + algname + " ) "<<endl;
- if(value.second.keyOrZone || ::arg().mustDo("experimental-direct-dnskey"))
+ if(value.second.keyOrZone || ::arg().mustDo("direct-dnskey"))
cout<<(value.second.keyOrZone ? "KSK" : "ZSK")<<" DNSKEY = "<<zone<<" IN DNSKEY "<< value.first.getDNSKEY().getZoneRepresentation() << " ; ( " + algname + " )" << endl;
if(value.second.keyOrZone) {
cout<<"DS = "<<zone<<" IN DS "<<makeDSFromDNSKey(zone, value.first.getDNSKEY(), 1).getZoneRepresentation() << " ; ( SHA1 digest )" << endl;
csp.submit(rr);
}
- if(::arg().mustDo("experimental-direct-dnskey")) {
+ if(::arg().mustDo("direct-dnskey")) {
sd.db->lookup(QType(QType::DNSKEY), target, NULL, sd.domain_id);
while(sd.db->get(rr)) {
rr.ttl = sd.default_ttl;
// only skip the DNSKEY if direct-dnskey is enabled, to avoid changing behaviour
// when it is not enabled.
- if(::arg().mustDo("experimental-direct-dnskey") && rr.qtype.getCode() == QType::DNSKEY)
+ if(::arg().mustDo("direct-dnskey") && rr.qtype.getCode() == QType::DNSKEY)
continue;
records++;
projects / pdns / commitdiff