summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPetr Menšík <pemensik@redhat.com>2017-10-31 17:37:27 +0100
committerPetr Menšík <pemensik@redhat.com>2017-10-31 17:37:27 +0100
commitf5cbbc1a87d188bfaf3b6b5c32a58241fc92db10 (patch)
tree8944bdd46c8e8bf1c0feca030a5f21deacd99ee4
parent4d8c7099754496dfb0ed8143d51cb819346a07b2 (diff)
downloadbind-f5cbbc1a87d188bfaf3b6b5c32a58241fc92db10.tar.gz
bind-f5cbbc1a87d188bfaf3b6b5c32a58241fc92db10.tar.xz
bind-f5cbbc1a87d188bfaf3b6b5c32a58241fc92db10.zip
Use hmac-sha256 for new RNDC keys (#1508003)
Signed-off-by: Petr Menšík <pemensik@redhat.com>
Diffstat
-rw-r--r--bind.spec5
-rwxr-xr-xgenerate-rndc-key.sh5
2 files changed, 6 insertions, 4 deletions
diff --git a/bind.spec b/bind.spec
index ecd14a9..3a9b750 100644
--- a/bind.spec
+++ b/bind.spec
@@ -1155,9 +1155,10 @@ rm -rf ${RPM_BUILD_ROOT}
%changelog
* Mon Oct 23 2017 Petr Menšík <pemensik@redhat.com> - 32:9.11.2-2
-- build against mariadb-connector-c-devel (#1493615)
-- include DNSKEY 20326 also in trusted-key.key (#1505476)
+- Build against mariadb-connector-c-devel (#1493615)
+- Include DNSKEY 20326 also in trusted-key.key (#1505476)
- Fix dynamic symbols conflict with ldap (#1205168)
+- Use hmac-sha256 for new RNDC keys (#1508003)
* Wed Aug 02 2017 Petr Menšík <pemensik@redhat.com> - 32:9.11.2-1
- Update to 9.11.2
diff --git a/generate-rndc-key.sh b/generate-rndc-key.sh
index 194e65b..dde7f70 100755
--- a/generate-rndc-key.sh
+++ b/generate-rndc-key.sh
@@ -6,9 +6,10 @@
if [ ! -s /etc/rndc.key -a ! -s /etc/rndc.conf ]; then
echo -n $"Generating /etc/rndc.key:"
- if /usr/sbin/rndc-confgen -a -r /dev/urandom > /dev/null 2>&1; then
+ if /usr/sbin/rndc-confgen -a -A hmac-sha256 -r /dev/urandom > /dev/null 2>&1
+ then
chmod 640 /etc/rndc.key
- chown root.named /etc/rndc.key
+ chown root:named /etc/rndc.key
[ -x /sbin/restorecon ] && /sbin/restorecon /etc/rndc.key
success $"/etc/rndc.key generation"
echo
generated by cgit (git 2.34.1) at 2024-04-20 01:14:13 +0000