Re: DNSSEC vs netbsd-8/sparc?

To: jdbaker%consolidated.net@localhost
Subject: Re: DNSSEC vs netbsd-8/sparc?
From: Havard Eidnes <he%NetBSD.org@localhost>
Date: Sun, 19 Apr 2020 20:21:07 +0200 (CEST)

>> Just in case there was something botched in my local builds, I updated
>> the sparc system from the latest nightly builds of netbsd-7 and netbsd-8.
>>
>> The behavior is the same.  Both netbsd-[78]/sparc produce a bad DNSSEC DS
>> hash (the first line):
>>
>> . IN DS 20326 8 1 42CAD163F25D96B28A8413628A2EBEBC8341B1CD
>> . IN DS 20326 8 2 E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D
>
> I see the same on one of my 8.1/sparc64 hosts.  However, "openssl dgst
> -sha1" returns sane (identical to amd64) results on this system, so I
> wonder where the root of that problem actually lies, since as far as I
> know, the digest computing the first DS record above is sha-1.

I now have BIND 9.14.8 built from pkgsrc, built with the in-tree
"cc" on a the same 8.1/sparc64 host mentioned above, and it does
it correctly:

castor# dig . dnskey | /usr/pkg/sbin/dnssec-dsfromkey -f - .
. IN DS 20326 8 1 AE1EA5B974D4C858B740BD03E3CED7EBFCBD1724
. IN DS 20326 8 2 E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D
castor# 

Regards,

- Håvard

Follow-Ups:
- Re: DNSSEC vs netbsd-8/sparc?
  - From: Havard Eidnes

References:
- Re: DNSSEC vs netbsd-8/sparc?
  - From: John D. Baker
- Re: DNSSEC vs netbsd-8/sparc?
  - From: John D. Baker
- Re: DNSSEC vs netbsd-8/sparc?
  - From: Havard Eidnes

Prev by Date: Re: NetBSD 9.0 Huge Memory Usage
Next by Date: Question about resize_ffs or resize_root=YES
Previous by Thread: Re: DNSSEC vs netbsd-8/sparc?
Next by Thread: Re: DNSSEC vs netbsd-8/sparc?
Indexes:

Home | Main Index | Thread Index | Old Index