Send Netdot-devel mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://osl.uoregon.edu/mailman/listinfo/netdot-devel
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Netdot-devel digest..."
Today's Topics:
1. Re: [Netdot - Bug #1777] (New) DS records for DNSSEC
(Anton Berezin)
2. [Netdot - Bug #1777] (In Progress) DS records for DNSSEC
([email protected])
3. Re: [Netdot - Bug #1777] (New) DS records for DNSSEC (Andy Linton)
4. Re: [Netdot - Bug #1777] (New) DS records for DNSSEC (Andy Linton)
5. [SCM] Netdot branch netdot-1.0 updated.
netdot-1.0.4-96-gb41c636 ([email protected])
6. [SCM] Netdot branch master updated. netdot-1.0.4-96-gb41c636
([email protected])
7. [Netdot - Bug #1777] (Resolved) DS records for DNSSEC
([email protected])
8. Re: [Netdot - Support #1769] (New) Error when running make
installdb with PostgresQL 9.2 (Jordan Desroches)
----------------------------------------------------------------------
Message: 1
Date: Mon, 30 Sep 2013 21:44:54 +0200
From: Anton Berezin <[email protected]>
Subject: Re: [Netdot-devel] [Netdot - Bug #1777] (New) DS records for
DNSSEC
To: [email protected]
Cc: [email protected]
Message-ID: <[email protected]>
Content-Type: text/plain; charset="us-ascii"
On Wed, Sep 25, 2013 at 02:32:56PM -0700, [email protected] wrote:
>
> Issue #1777 has been reported by Andy Linton.
>
> ----------------------------------------
> Bug #1777: DS records for DNSSEC
> https://osl.uoregon.edu/redmine/issues/1777
>
> Author: Andy Linton
> Status: New
> Priority: Normal
> Assignee:
> Category: DNS
> Target version:
> Resolution:
>
>
> I want to add DS records for a subdomain in a DNSSEC domain I manage using
> Netdot. There appears to be support for DS records so that's good but when I
> try to add a record I have two problems:
>
> 1) I add a DS record with the values:
>
> Key Tag: 34294
> Algorithm: 5
> Digest Type: 1
> Digest: 18fafa1592ac30d743ffff98c82cec8f75e8e6c6
> TTL: 7200
>
> When I try to export the relevant zone file this record is not included.
A patch is attached.
> 2) When I try to add a second DS record using the values:
>
> Key Tag: 34294
> Algorithm: 5
> Digest Type: 2
> Digest:
> e41ed9134f5f9e211c7dd880e4dd22c2936f29d9255465852cb14f88fb6033d8
> TTL: 7200
>
> Then I can't do it as there's an Index in the rrds table called rrds1 that
> enforces the rule that the rr,key-tag tuple should be unique. I think this is
> wrong. You need to be able to have at least two DS records with the same
> key-tag and a different digest/digest-type. See the output of 'dig ds org'
>
> ; ANSWER SECTION:
> org. 7416 IN DS 21366 7 2
> 96EEB2FFD9B00CD4694E78278B5EFDAB0A80446567B69F634DA078F0 D90F01BA
> org. 7416 IN DS 21366 7 1
> E6C1716CFB6BDC84E84CE1AB5510DAC69173B5B2
>
> This second problem can be fixed by altering the rrds1 Index definition.
You are absolutely correct. How did you alter the rrds1 index by the way?
I would either fully remove the uniqueness requirement for (rr, key_tag), or
else use the uniqueness requirement for (rr, key_tag, algorithm, digest_type) -
but that seems to be a bit of an overkill.
\Anton.
--
Our society can survive even a large amount of irrational regulation.
-- John McCarthy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ds.patch
Type: text/x-diff
Size: 1113 bytes
Desc: not available
Url :
http://osl.uoregon.edu/pipermail/netdot-devel/attachments/20130930/de9ae050/attachment-0001.bin
------------------------------
Message: 2
Date: Mon, 30 Sep 2013 12:52:49 -0700
From: [email protected]
Subject: [Netdot-devel] [Netdot - Bug #1777] (In Progress) DS records
for DNSSEC
To: [email protected], [email protected]
Message-ID: <[email protected]>
Content-Type: text/plain; charset=utf-8
Issue #1777 has been updated by Anton Berezin.
File ds.patch added
Status changed from New to In Progress
Hmm, I thought directly replying to the mail would record the patch in
redmine... Looks like I was wrong - so attaching the patch here.
----------------------------------------
Bug #1777: DS records for DNSSEC
https://osl.uoregon.edu/redmine/issues/1777#change-3116
Author: Andy Linton
Status: In Progress
Priority: Normal
Assignee:
Category: DNS
Target version:
Resolution:
I want to add DS records for a subdomain in a DNSSEC domain I manage using
Netdot. There appears to be support for DS records so that's good but when I
try to add a record I have two problems:
1) I add a DS record with the values:
Key Tag: 34294
Algorithm: 5
Digest Type: 1
Digest: 18fafa1592ac30d743ffff98c82cec8f75e8e6c6
TTL: 7200
When I try to export the relevant zone file this record is not included.
2) When I try to add a second DS record using the values:
Key Tag: 34294
Algorithm: 5
Digest Type: 2
Digest: e41ed9134f5f9e211c7dd880e4dd22c2936f29d9255465852cb14f88fb6033d8
TTL: 7200
Then I can't do it as there's an Index in the rrds table called rrds1 that
enforces the rule that the rr,key-tag tuple should be unique. I think this is
wrong. You need to be able to have at least two DS records with the same
key-tag and a different digest/digest-type. See the output of 'dig ds org'
; ANSWER SECTION:
org. 7416 IN DS 21366 7 2
96EEB2FFD9B00CD4694E78278B5EFDAB0A80446567B69F634DA078F0 D90F01BA
org. 7416 IN DS 21366 7 1
E6C1716CFB6BDC84E84CE1AB5510DAC69173B5B2
This second problem can be fixed by altering the rrds1 Index definition.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://osl.uoregon.edu/redmine/my/account
------------------------------
Message: 3
Date: Tue, 1 Oct 2013 16:17:16 +1300
From: Andy Linton <[email protected]>
Subject: Re: [Netdot-devel] [Netdot - Bug #1777] (New) DS records for
DNSSEC
To: Anton Berezin <[email protected]>
Cc: [email protected], [email protected]
Message-ID:
<cals-_oohxghdgcw2kfan8vdxuzn8jwp2vda5vypeqklv_c7...@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
On Tue, Oct 1, 2013 at 8:44 AM, Anton Berezin <[email protected]> wrote:
>
> A patch is attached.
I'll give it a go an report back.
>
>> 2) When I try to add a second DS record using the values:
>>
>> Key Tag: 34294
]
> You are absolutely correct. How did you alter the rrds1 index by the way?
> I would either fully remove the uniqueness requirement for (rr, key_tag), or
> else use the uniqueness requirement for (rr, key_tag, algorithm, digest_type)
> -
> but that seems to be a bit of an overkill.
I'm still using mysql for this: I used (rr, digest_type, digest) but
what you suggest (rr, key_tag, algorithm, digest_type) is probably
better.
------------------------------
Message: 4
Date: Tue, 1 Oct 2013 16:37:47 +1300
From: Andy Linton <[email protected]>
Subject: Re: [Netdot-devel] [Netdot - Bug #1777] (New) DS records for
DNSSEC
To: Anton Berezin <[email protected]>
Cc: [email protected], [email protected]
Message-ID:
<cals-_oo8tltxyk6ns7zwui-xppmxwjdvwgxv+gamnjgkz4f...@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
On Tue, Oct 1, 2013 at 4:17 PM, Andy Linton <[email protected]> wrote:
> On Tue, Oct 1, 2013 at 8:44 AM, Anton Berezin <[email protected]> wrote:
>
>>
>> A patch is attached.
>
>
> I'll give it a go an report back.
Looks good!
------------------------------
Message: 5
Date: Tue, 1 Oct 2013 09:03:57 -0700
From: [email protected]
Subject: [Netdot-devel] [SCM] Netdot branch netdot-1.0 updated.
netdot-1.0.4-96-gb41c636
To: [email protected]
Message-ID: <[email protected]>
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Netdot".
The branch, netdot-1.0 has been updated
via b41c636d7adaccd7a10769104fdcee85ab5648f4 (commit)
from 3c1285c9e64df79a2e6749e5d46fde094916e0c6 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b41c636d7adaccd7a10769104fdcee85ab5648f4
Author: Carlos Vicente <[email protected]>
Date: Tue Oct 1 11:47:44 2013 -0400
Fix for #1777
diff --git a/etc/netdot.meta b/etc/netdot.meta
index d05a74c..2739172 100644
--- a/etc/netdot.meta
+++ b/etc/netdot.meta
@@ -6419,12 +6419,7 @@ $meta = {
'key_tag',
],
primary_key => 'id',
- unique => [
- [
- 'rr',
- 'key_tag'
- ]
- ],
+ unique => [[ 'rr', 'key_tag', 'algorithm', 'digest_type' ]],
views => {
all => [
'rr',
diff --git a/lib/Netdot/Exporter/BIND.pm b/lib/Netdot/Exporter/BIND.pm
index 1d630ab..f58e7e3 100644
--- a/lib/Netdot/Exporter/BIND.pm
+++ b/lib/Netdot/Exporter/BIND.pm
@@ -162,7 +162,7 @@ sub print_zone_to_file {
print $fh $zone->soa_string . "\n";
foreach my $name ( sort { $rec->{$a}->{order} <=> $rec->{$b}->{order} }
keys %$rec ){
- foreach my $type ( qw/A AAAA TXT HINFO NS MX CNAME PTR NAPTR SRV LOC/ ){
+ foreach my $type ( qw/A AAAA TXT HINFO NS DS MX CNAME PTR NAPTR SRV
LOC/ ){
if ( defined $rec->{$name}->{$type} ){
# Special cases. These are relatively rare and harder to print.
if ( $type =~ /^(LOC|SRV|NAPTR)$/ ){
diff --git a/lib/Netdot/Model/Zone.pm b/lib/Netdot/Model/Zone.pm
index 1141038..c3f6842 100644
--- a/lib/Netdot/Model/Zone.pm
+++ b/lib/Netdot/Model/Zone.pm
@@ -542,7 +542,7 @@ sub get_all_records {
}
}
$rec{$name}{NS}{"$nsdname"} = $rrnsttl if ($nsdname);
- $rec{$name}{DS}{"$dskeytag $dsalgorithm $dsdigesttype $dsdigest."}
+ $rec{$name}{DS}{"$dskeytag $dsalgorithm $dsdigesttype $dsdigest"}
= $rrdsttl if ($dskeytag &&
$dsalgorithm &&
$dsdigesttype
&& $dsdigest);
$rec{$name}{MX}{"$mxpref $exchange"} = $rrmxttl if
(defined($mxpref) && $exchange);
diff --git a/upgrade/updatedb b/upgrade/updatedb
index f5b1a55..f3f0636 100644
--- a/upgrade/updatedb
+++ b/upgrade/updatedb
@@ -222,6 +222,10 @@ sub upg_104_105 {
push @statements, "ALTER TABLE bgppeering DROP INDEX monitorstatus;";
push @statements, "ALTER TABLE bgppeering DROP COLUMN monitorstatus;";
+ push @statements, "ALTER TABLE rrds DROP FOREIGN KEY `fk_rr_2`;";
+ push @statements, "ALTER TABLE rrds DROP INDEX `rrds1`;";
+ push @statements, "CREATE UNIQUE INDEX rrds1 ON rrds (rr, key_tag,
algorithm, digest_type);";
+ push @statements, "ALTER TABLE rrds ADD CONSTRAINT `fk_rr_2` FOREIGN
KEY (`rr`) REFERENCES `rr` (`id`);";
}elsif ( $dbms eq 'Pg' ){
@@ -269,6 +273,9 @@ sub upg_104_105 {
push @statements, "ALTER TABLE bgppeering ADD COLUMN state character
varying(255);";
push @statements, "ALTER TABLE bgppeering DROP COLUMN monitorstatus;";
+ push @statements, 'DROP CONSTRAINT "rrds1";';
+ push @statements, 'ALTER TABLE bgppeering ADD CONSTRAINT "rrds1" UNIQUE
("rr", "key_tag", "algorithm", "digest_type");';
+
}
push @statements, "UPDATE schemainfo SET version='1.0.5' WHERE id=1;";
-----------------------------------------------------------------------
Summary of changes:
etc/netdot.meta | 7 +------
lib/Netdot/Exporter/BIND.pm | 2 +-
lib/Netdot/Model/Zone.pm | 2 +-
upgrade/updatedb | 7 +++++++
4 files changed, 10 insertions(+), 8 deletions(-)
hooks/post-receive
--
Netdot
------------------------------
Message: 6
Date: Tue, 1 Oct 2013 09:04:26 -0700
From: [email protected]
Subject: [Netdot-devel] [SCM] Netdot branch master updated.
netdot-1.0.4-96-gb41c636
To: [email protected]
Message-ID: <[email protected]>
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Netdot".
The branch, master has been updated
via b41c636d7adaccd7a10769104fdcee85ab5648f4 (commit)
from 3c1285c9e64df79a2e6749e5d46fde094916e0c6 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
etc/netdot.meta | 7 +------
lib/Netdot/Exporter/BIND.pm | 2 +-
lib/Netdot/Model/Zone.pm | 2 +-
upgrade/updatedb | 7 +++++++
4 files changed, 10 insertions(+), 8 deletions(-)
hooks/post-receive
--
Netdot
------------------------------
Message: 7
Date: Tue, 1 Oct 2013 09:06:54 -0700
From: [email protected]
Subject: [Netdot-devel] [Netdot - Bug #1777] (Resolved) DS records for
DNSSEC
To: [email protected], [email protected]
Message-ID: <[email protected]>
Content-Type: text/plain; charset=utf-8
Issue #1777 has been updated by Carlos Vicente.
Status changed from In Progress to Resolved
Assignee set to Carlos Vicente
Target version set to 1.0.5
Resolution set to fixed
Thank you both! I have committed the changes here:
https://osl.uoregon.edu/redmine/projects/netdot/repository/revisions/b41c636d7adaccd7a10769104fdcee85ab5648f4
Best regards,
cv
----------------------------------------
Bug #1777: DS records for DNSSEC
https://osl.uoregon.edu/redmine/issues/1777#change-3117
Author: Andy Linton
Status: Resolved
Priority: Normal
Assignee: Carlos Vicente
Category: DNS
Target version: 1.0.5
Resolution: fixed
I want to add DS records for a subdomain in a DNSSEC domain I manage using
Netdot. There appears to be support for DS records so that's good but when I
try to add a record I have two problems:
1) I add a DS record with the values:
Key Tag: 34294
Algorithm: 5
Digest Type: 1
Digest: 18fafa1592ac30d743ffff98c82cec8f75e8e6c6
TTL: 7200
When I try to export the relevant zone file this record is not included.
2) When I try to add a second DS record using the values:
Key Tag: 34294
Algorithm: 5
Digest Type: 2
Digest: e41ed9134f5f9e211c7dd880e4dd22c2936f29d9255465852cb14f88fb6033d8
TTL: 7200
Then I can't do it as there's an Index in the rrds table called rrds1 that
enforces the rule that the rr,key-tag tuple should be unique. I think this is
wrong. You need to be able to have at least two DS records with the same
key-tag and a different digest/digest-type. See the output of 'dig ds org'
; ANSWER SECTION:
org. 7416 IN DS 21366 7 2
96EEB2FFD9B00CD4694E78278B5EFDAB0A80446567B69F634DA078F0 D90F01BA
org. 7416 IN DS 21366 7 1
E6C1716CFB6BDC84E84CE1AB5510DAC69173B5B2
This second problem can be fixed by altering the rrds1 Index definition.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://osl.uoregon.edu/redmine/my/account
------------------------------
Message: 8
Date: Tue, 23 Jul 2013 20:22:21 -0400
From: Jordan Desroches <[email protected]>
Subject: Re: [Netdot-devel] [Netdot - Support #1769] (New) Error when
running make installdb with PostgresQL 9.2
To: Anton Berezin <[email protected]>
Cc: [email protected], [email protected]
Message-ID:
<CAK9rQCu-BnPrPFvma1LU4aC9k7Yt5qN9ps4LLj-YUH7wi=q...@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
[jd@vimes ~]$ perl -MSQL::Translator
-MSQL::Translator::Producer::PostgreSQL -le 'print
$SQL::Translator::VERSION; print
$SQL::Translator::Producer::PostgreSQL::VERSION'
0.11016
1.59
On Tue, Jul 23, 2013 at 5:18 PM, Anton Berezin <[email protected]> wrote:
> On Mon, Jul 22, 2013 at 11:46:23AM -0700, [email protected] wrote:
> > ----------------------------------------
> > Support #1769: Error when running make installdb with PostgresQL 9.2
> >
> > When running make installdb on a 64 bit CentOS 6 machine with PG 9.2 and
> Netdot 1.0.4, I run into this error:
> >
> > Creating Pg database netdot.
> > translate: Error with producer 'SQL::Translator::Producer::PostgreSQL':
> Can't use an undefined value as an ARRAY reference at
> /usr/local/share/perl5/SQL/Translator/Producer/PostgreSQL.pm line 340.
> > at ../lib/DBUTIL.pm line 267.
>
> What is the version of SQL::Translator?
>
> $ perl -MSQL::Translator -MSQL::Translator::Producer::PostgreSQL -le
> 'print $SQL::Translator::VERSION; print
> $SQL::Translator::Producer::PostgreSQL::VERSION'
>
> \Anton.
> --
> Our society can survive even a large amount of irrational regulation.
> -- John McCarthy
>
--
Jordan Desroches
Adimab LLC
e-mail: [email protected]
Tel: 603-653-5783
http://www.adimab.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://osl.uoregon.edu/pipermail/netdot-devel/attachments/20130723/6d7b3df7/attachment.html
------------------------------
_______________________________________________
Netdot-devel mailing list
[email protected]
https://osl.uoregon.edu/mailman/listinfo/netdot-devel
End of Netdot-devel Digest, Vol 79, Issue 1
*******************************************
