Commit 2e9fe863 authored by Brian Wellington's avatar Brian Wellington
Browse files

Print a warning if we see a wildcard in a zone we're signing.

parent 6c4d03a6
......@@ -577,7 +577,15 @@ signname(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node,
dns_rdataset_t rdataset, nsset;
dns_rdatasetiter_t *rdsiter;
isc_boolean_t isdelegation = ISC_FALSE;
static int warnwild = 0;
if (dns_name_iswildcard(name)) {
fprintf(stderr, "Warning: wildcard name seen: %s\n",
nametostr(name));
if (warnwild++ == 0)
fprintf(stderr, "\tBIND 9 doesn't completely handle "
"wildcards in secure zones\n");
}
if (!atorigin) {
dns_rdataset_init(&nsset);
result = dns_db_findrdataset(db, node, version,
......
......@@ -577,7 +577,15 @@ signname(dns_db_t *db, dns_dbversion_t *version, dns_dbnode_t *node,
dns_rdataset_t rdataset, nsset;
dns_rdatasetiter_t *rdsiter;
isc_boolean_t isdelegation = ISC_FALSE;
static int warnwild = 0;
if (dns_name_iswildcard(name)) {
fprintf(stderr, "Warning: wildcard name seen: %s\n",
nametostr(name));
if (warnwild++ == 0)
fprintf(stderr, "\tBIND 9 doesn't completely handle "
"wildcards in secure zones\n");
}
if (!atorigin) {
dns_rdataset_init(&nsset);
result = dns_db_findrdataset(db, node, version,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment