summaryrefslogtreecommitdiffstats
path: root/bin/tests/system/checkconf/kasp-bad-signatures-refresh.conf
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 15:59:48 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 15:59:48 +0000
commit3b9b6d0b8e7f798023c9d109c490449d528fde80 (patch)
tree2e1c188dd7b8d7475cd163de9ae02c428343669b /bin/tests/system/checkconf/kasp-bad-signatures-refresh.conf
parentInitial commit. (diff)
downloadbind9-3b9b6d0b8e7f798023c9d109c490449d528fde80.tar.xz
bind9-3b9b6d0b8e7f798023c9d109c490449d528fde80.zip
Adding upstream version 1:9.18.19.upstream/1%9.18.19upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'bin/tests/system/checkconf/kasp-bad-signatures-refresh.conf')
-rw-r--r--bin/tests/system/checkconf/kasp-bad-signatures-refresh.conf46
1 files changed, 46 insertions, 0 deletions
diff --git a/bin/tests/system/checkconf/kasp-bad-signatures-refresh.conf b/bin/tests/system/checkconf/kasp-bad-signatures-refresh.conf
new file mode 100644
index 0000000..197ff17
--- /dev/null
+++ b/bin/tests/system/checkconf/kasp-bad-signatures-refresh.conf
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+dnssec-policy "bad-sigrefresh" {
+ keys {
+ csk lifetime unlimited algorithm 13;
+ };
+
+ signatures-validity P10D;
+ signatures-validity-dnskey P20D;
+ signatures-refresh P9DT1S;
+};
+
+dnssec-policy "bad-sigrefresh-dnskey" {
+ keys {
+ csk lifetime unlimited algorithm 13;
+ };
+
+ signatures-validity P20D;
+ signatures-validity-dnskey P10D;
+ signatures-refresh P9DT1S;
+};
+
+zone "sigrefresh.example.net" {
+ type primary;
+ file "sigrefresh.example.db";
+ inline-signing yes;
+ dnssec-policy "bad-sigrefresh";
+};
+
+zone "dnskey.example.net" {
+ type primary;
+ file "dnskey.example.db";
+ inline-signing yes;
+ dnssec-policy "bad-sigrefresh-dnskey";
+};