Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • BIND BIND
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 525
    • Issues 525
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 95
    • Merge requests 95
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • ISC Open Source Projects
  • BINDBIND
  • Issues
  • #922
Closed
Open
Created Mar 05, 2019 by Ghost User@ghost

Doc out of date for dnssec-keygen (max rsa length)

Summary

The documentation for dnssec-keygen is not up to date for rsa key max length

BIND version used

err, named -V does not return anything. is it supposed to work ? no matter. FTR, it's named 9.11.3+dfsg-1ubuntu1 from UBUNTU 18.04 LTS but I don't think it matters since git cloning the code today shows that this issue still exists

Steps to reproduce

man dnssec-keygen

What is the current bug behavior?

displays: -b keysize Specifies the number of bits in the key. The choice of key size depends on the algorithm used. RSA keys must be between 512 and 2048 bits

What is the expected correct behavior?

-b keysize Specifies the number of bits in the key. The choice of key size depends on the algorithm used. RSA keys must be between 512 and 4096 bits

see bin/dnssec/dnssec-keygen.c:#define MAX_RSA 4096 /* should be long enough... */

indeed using -b 4096 is accepted and it works.

html documentation has the same problem

Assignee
Assign to
Time tracking