Matthijs Mekking 2f5c670ce9 Add new test cases with DNSSEC signing ... kasp-max-types-per-name (named2.conf.in): An unsigned zone with RR type count on a name right below the configured limit. Then sign the zone using KASP. Adding a RRSIG would push it over the RR type limit per name. Signing should fail, but the server should not crash, nor end up in infinite resign-attempt loop. kasp-max-records-per-type-dnskey (named1.conf.in): Test with low max-record-per-rrset limit and a DNSSEC policy requiring more than the limit. Signing should fail. kasp-max-types-per-name (named1.conf.in): Each RRSIG(covered type) is counted as an individual RR type. Test the corner case where a signed zone, which is just below the limit-1, adds a new type - doing so would trigger signing for the new type and thus increase the number of "types" by 2, pushing it over the limit again. (cherry picked from commit 14e5230f897a178221b606c242b8fbcb357704aa)		2024-06-10 18:51:27 +02:00
..
check	deprecate delegation-only and root-delegation only	2023-03-23 14:09:53 -07:00
confgen	Put reference to RFC 2845 in tsig-keygen man page	2024-02-01 12:03:42 +01:00
delv	Update sources to Clang 15 formatting	2022-11-29 09:14:07 +01:00
dig	Re-enable EDNS if an EDNS flag gets set to 1 by +ednsflags	2024-03-17 13:11:51 +10:00
dnssec	Fail if there are non apex DNSKEYs	2024-05-16 12:09:57 +10:00
named	Add a limit to the number of RR types for single name	2024-06-10 18:50:06 +02:00
nsupdate	NetBSD has added 'hmac' to libc so rename our uses of hmac	2023-12-14 11:14:04 +11:00
plugins	Remove 'inst != NULL' from cleanup check in plugin_register	2023-04-05 10:27:52 +10:00
rndc	Document that reloading happens asynchronously	2023-09-26 14:11:30 +10:00
tests	Add new test cases with DNSSEC signing	2024-06-10 18:51:27 +02:00
tools	Re-enable EDNS if an EDNS flag gets set to 1 by +ednsflags	2024-03-17 13:11:51 +10:00
Makefile.am	Remove native PKCS#11 support	2021-09-09 15:35:39 +02:00