Skip to content

Don't trust a placeholder KEYDATA record

When named starts it creates an empty KEYDATA record in the managed-keys zone as a placeholder, then schedules a key refresh. If key refresh fails for some reason (e.g. connectivity problems), named will load the placeholder key into secroots as a trusted key during the next startup, which will break the chain of trust, and named will never recover from that state until managed-keys.bind and managed-keys.bind.jnl files are manually deleted before (re)starting named.

Before calling load_secroots(), check that we are not dealing with a placeholder.

Closes #2895 (closed)

Edited by Arаm Sаrgsyаn

Merge request reports