Commit 3543ee9a authored by Libor Peltan's avatar Libor Peltan Committed by Daniel Salzman

dnssec/zone_update: zone sign bumps SOA serial only if not updated yet

this bug bahaves like this: if you configure:
    dnssec-signing: on
    zonefile-load: difference
it will, upon changing zonefile, make inconsistencies in journal
leading in broken IXFR

the reason is that by calling set_new_soa over existing SOA in
changeset (probably because of zone_update_from_differences)
it updates the changeset's soa_from to incorrect value
parent 05b7848c
......@@ -201,7 +201,7 @@ int knot_dnssec_zone_sign(zone_update_t *update,
goto done;
}
if (!(flags & ZONE_SIGN_KEEP_SERIAL)) {
if (!(flags & ZONE_SIGN_KEEP_SERIAL) && zone_update_to(update) == NULL) {
result = zone_update_increment_soa(update, conf());
if (result == KNOT_EOK) {
result = knot_zone_sign_soa(update, &keyset, &ctx);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment