Bug 200031 - [PATCH] dns/bind910 & dns/bind-tools - new GOST default incompatible
Summary: [PATCH] dns/bind910 & dns/bind-tools - new GOST default incompatible
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Mathieu Arnold
Keywords: patch
Depends on:
Reported: 2015-05-07 19:48 UTC by Leo Vandewoestijne
Modified: 2015-05-18 11:42 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (mat)

bind GOST compile options modify (2.17 KB, patch)
2015-05-07 19:48 UTC, Leo Vandewoestijne
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Leo Vandewoestijne 2015-05-07 19:48:31 UTC
Created attachment 156476 [details]
bind GOST compile options modify

The command dnssec-keygen to generate GOST keys is now -contrary to bind99- using raw keys by default. These keys are not accepted when using for example Knot's DNSSEC autosigning functionality.
ISC was aware that some people would prefer the old default; enclosed patch allows to compile that.

For the rest it doesn't change anything. But I also removed some superfluous repeated text at the GSSAPI options, just to keep it clean, and to be consequent with how the DLZ menu is.
Comment 1 commit-hook freebsd_committer 2015-05-18 11:41:48 UTC
A commit references this bug:

Author: mat
Date: Mon May 18 11:41:43 UTC 2015
New revision: 386672
URL: https://svnweb.freebsd.org/changeset/ports/386672

  Allow BIND 9.10 users to select the old key format when using GOST.[1]

  While there, reword the options a bit, and the pkg-help files.

  PR:		200031 [1]
  Submitted by:	 Leo Vandewoestijne [1]
  Sponsored by:	Absolight