Hi,
Am 22.12.2011 11:32, schrieb Matthijs Mekking:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
Could you provide the specific backup file?
I'm able to reproduce it with a small zonefile too (the valgrind with
the signerd on our productionszone is running for 4 hours and hasn't
finished yet ;-):
If you sign (NSEC3 with Opt-Out, I didn't check the other options) this
zonefile everything is fine:
at. 172800 IN SOA dns.nic.at. domain-admin.univie.ac.at. 2 10800
3600 604800 10800
at. 172800 IN NS r.nic.at.
at. 172800 IN NS j.nic.at.
domain10.at. 10800 IN NS ns1.domain10.at.
domain20.at. 10800 IN TXT "domain gesperrt"
domain30.at. 10800 IN NS ns1.domain10.at.
If you remove the TXT-Record for domain20.at and replace it with a NS
record like
domain20.at. 10800 IN NS ns1.domain10.at.
and resign it, ods-signerd crashes. If I do a "ods-signer clear at"
before the second run, everything is fine.
I tested it with OpenDNSSEC 1.3.4 on Debian using SoftHSM and a
Hardware-HSM. I can reproduce the error any time.
If you need any additional information, please let me know.
Best,
Michael
_______________________________________________
Opendnssec-user mailing list
[email protected]
https://lists.opendnssec.org/mailman/listinfo/opendnssec-user
