plugin/dnssec: Add support for KSK/ZSK split key setups (#2196)

* plugin/dnssec: Add support for KSK/ZSK split key setups * plugin/dnssec: Update README to document split ZSK/KSK operation
2025-10-27 16:24:19 -04:00 · 2018-10-20 17:35:59 +02:00
parent dbc2efc49a
commit cf04223718
8 changed files with 128 additions and 45 deletions
--- a/plugin/dnssec/cache_test.go
+++ b/plugin/dnssec/cache_test.go
@@ -24,7 +24,7 @@ func TestCacheSet(t *testing.T) {
 	m := testMsg()
 	state := request.Request{Req: m, Zone: "miek.nl."}
 	k := hash(m.Answer) // calculate *before* we add the sig
-	d := New([]string{"miek.nl."}, []*DNSKEY{dnskey}, nil, c)
+	d := New([]string{"miek.nl."}, []*DNSKEY{dnskey}, false, nil, c)
 	d.Sign(state, time.Now().UTC(), server)

 	_, ok := d.get(k, server)
@@ -48,7 +48,7 @@ func TestCacheNotValidExpired(t *testing.T) {
 	m := testMsg()
 	state := request.Request{Req: m, Zone: "miek.nl."}
 	k := hash(m.Answer) // calculate *before* we add the sig
-	d := New([]string{"miek.nl."}, []*DNSKEY{dnskey}, nil, c)
+	d := New([]string{"miek.nl."}, []*DNSKEY{dnskey}, false, nil, c)
 	d.Sign(state, time.Now().UTC().AddDate(0, 0, -9), server)

 	_, ok := d.get(k, server)
@@ -72,7 +72,7 @@ func TestCacheNotValidYet(t *testing.T) {
 	m := testMsg()
 	state := request.Request{Req: m, Zone: "miek.nl."}
 	k := hash(m.Answer) // calculate *before* we add the sig
-	d := New([]string{"miek.nl."}, []*DNSKEY{dnskey}, nil, c)
+	d := New([]string{"miek.nl."}, []*DNSKEY{dnskey}, false, nil, c)
 	d.Sign(state, time.Now().UTC().AddDate(0, 0, +9), server)

 	_, ok := d.get(k, server)