mirror of
https://github.com/isc-projects/bind9.git
synced 2026-02-25 02:42:33 -05:00
6ad794a8cd
Include MD5 feature detection in featuretest tool and use it in some places. When RHEL distribution or Fedora ELN is in FIPS mode, then MD5 algorithm is unavailable completely and even hmac-md5 algorithm usage will always fail. Work that around by checking MD5 works and if not, skipping its usage. Those changes were dragged as downstream patch bind-9.11-fips-tests.patch in Fedora and RHEL.
34 lines
808 B
Bash
34 lines
808 B
Bash
#!/bin/sh
|
|
|
|
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
|
#
|
|
# SPDX-License-Identifier: MPL-2.0
|
|
#
|
|
# This Source Code Form is subject to the terms of the Mozilla Public
|
|
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
# file, you can obtain one at https://mozilla.org/MPL/2.0/.
|
|
#
|
|
# See the COPYRIGHT file distributed with this work for additional
|
|
# information regarding copyright ownership.
|
|
|
|
. ../conf.sh
|
|
|
|
$SHELL clean.sh
|
|
|
|
copy_setports ns1/named.conf.in ns1/named.conf
|
|
|
|
if $FEATURETEST --md5
|
|
then
|
|
cat >> ns1/named.conf << EOF
|
|
# Conditionally included when support for MD5 is available
|
|
key "md5" {
|
|
secret "97rnFx24Tfna4mHPfgnerA==";
|
|
algorithm hmac-md5;
|
|
};
|
|
|
|
key "md5-trunc" {
|
|
secret "97rnFx24Tfna4mHPfgnerA==";
|
|
algorithm hmac-md5-80;
|
|
};
|
|
EOF
|
|
fi
|