Commit 2e4c1b8b authored by Vladimír Čunát's avatar Vladimír Čunát Committed by Petr Špaček

trust_anchors: don't update unmanaged TAs from files

This also implies that non-verbose logs won't contain any lines about
the TAs if they are unmanaged (by default), but that seems OK.
parent 904942bc
...@@ -4,6 +4,8 @@ Knot Resolver 3.x.y (2019-0m-dd) ...@@ -4,6 +4,8 @@ Knot Resolver 3.x.y (2019-0m-dd)
Bugfixes Bugfixes
-------- --------
- predict module: load stats module if config didn't specify period (!755) - predict module: load stats module if config didn't specify period (!755)
- trust_anchors: don't do 5011-style updates on anchors from files
that were loaded as unmanaged trust anchors (!753)
Knot Resolver 3.2.1 (2019-01-10) Knot Resolver 3.2.1 (2019-01-10)
......
...@@ -546,14 +546,14 @@ local add_file = function (path, unmanaged) ...@@ -546,14 +546,14 @@ local add_file = function (path, unmanaged)
end end
trust_anchors.keysets[owner] = keyset trust_anchors.keysets[owner] = keyset
-- Parse new keys, refresh eventually -- Replace the TA store used for validation
if keyset_publish(keyset) ~= 0 and verbose() then if keyset_publish(keyset) ~= 0 and verbose() then
log('[ ta ] installed trust anchors for domain ' .. owner_str .. ' are:\n' log('[ ta ] installed trust anchors for domain ' .. owner_str .. ' are:\n'
.. trust_anchors.summary(owner)) .. trust_anchors.summary(owner))
end end
-- TODO: if failed and for root, try to rebootstrap? -- TODO: if failed and for root, try to rebootstrap?
refresh_plan(keyset, 10 * sec, false) if not unmanaged then refresh_plan(keyset, 10 * sec, false) end
end end
local function ta_str(owner) local function ta_str(owner)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment