certbot icon indicating copy to clipboard operation
certbot copied to clipboard

Published 20 hours ago verified publisher icon certbot

TSIG SOA query fix

Open frillip opened this issue 3 years ago • 0 comments

Previously the DNS RFC2136 module only used the TSIG key to update BIND9 zone, but did not use the key when querying for an authoritative SOA record. This caused problems when using the key as a component of an ACL to determine which view to use for a client.

By using the use_tsig() function on the SOA request, the use of the TSIG key is now consistent between these two steps, allowing the use of keys in ACLs.

Pull Request Checklist

  • [x] The Certbot team has recently expressed interest in reviewing a PR for this. If not, this PR may be closed due our limited resources and need to prioritize how we spend them.
  • [x] If the change being made is to a distributed component, edit the master section of certbot/CHANGELOG.md to include a description of the change being made.
  • [x] Add or update any documentation as needed to support the changes in this PR.
  • [x] Include your name in AUTHORS.md if you like.

frillip avatar Sep 17 '22 21:09 frillip