[Opendnssec-user] Different TTL used in full and partial audit.
AlexD at nominet.org.uk
Wed Jan 11 12:12:24 UTC 2012
On 11 Jan 2012, at 09:52, Göran Bengtson wrote:
> The call to key_tracker.process_key_data have different parameters
> in auditor.rb and partial_auditor.rb. If I remember correct, there was
> a bug-fix that corrected the TTL used to verify key usage/state-
> transitions. Howver, I don't think the fix made it info the partial
> In the 1.3-branch:
> fgrep process_key_data auditor/lib/kasp_auditor/*auditor.rb
> auditor/lib/kasp_auditor/auditor.rb: @key_tracker.process_key_data(@keys, @keys_used, @soa.serial, @config.keys.ttl)
> auditor/lib/kasp_auditor/partial_auditor.rb: @key_tracker.process_key_data(@keys, @keys_used, @soa.serial, @config.soa.ttl)
> The partial auditor still use the SOA TTL, not the DNSKEY TTL.
Thanks very much for pointing this out! This has now been fixed in svn r6053, which will make it into the 1.3.5 release.
More information about the Opendnssec-user