NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: DNSSEC vs netbsd-8/sparc?



>> Just in case there was something botched in my local builds, I updated
>> the sparc system from the latest nightly builds of netbsd-7 and netbsd-8.
>>
>> The behavior is the same.  Both netbsd-[78]/sparc produce a bad DNSSEC DS
>> hash (the first line):
>>
>> . IN DS 20326 8 1 42CAD163F25D96B28A8413628A2EBEBC8341B1CD
>> . IN DS 20326 8 2 E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D
>
> I see the same on one of my 8.1/sparc64 hosts.  However, "openssl dgst
> -sha1" returns sane (identical to amd64) results on this system, so I
> wonder where the root of that problem actually lies, since as far as I
> know, the digest computing the first DS record above is sha-1.

I now have BIND 9.14.8 built from pkgsrc, built with the in-tree
"cc" on a the same 8.1/sparc64 host mentioned above, and it does
it correctly:

castor# dig . dnskey | /usr/pkg/sbin/dnssec-dsfromkey -f - .
. IN DS 20326 8 1 AE1EA5B974D4C858B740BD03E3CED7EBFCBD1724
. IN DS 20326 8 2 E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D
castor# 

Regards,

- Håvard


Home | Main Index | Thread Index | Old Index