Malformed configuration when using multiple TSIG keys
Closed this issue · 0 comments
itbane commented
Hi there,
there's a small bug in the template auth_transfer.j2
, when configuring multiple TSIG keys in the variable bind_dns_keys
.
The produced output is not a valid bind configuration.
Smallest minimal variables needed for reproduction:
bind_listen_ipv4: ['any']
bind_allow_query: ['any']
bind_zone_master_server_ip: 192.168.111.222
bind_zone_domains:
- name: example.com
bind_dns_keys:
- name: key1
algorithm: hmac-md5
secret: foo
- name: key2
algorithm: hmac-md5
secret: bar
This will produce:
server 1.2.3.4 {
keys { key1; key2; };
};
key key1 {
algorithm hmac-md5;
secret "foo";
key key2 {
algorithm hmac-md5;
secret "bar";
};
It should however produce:
server 1.2.3.4 {
keys { key1; key2; };
};
key key1 {
algorithm hmac-md5;
secret "foo";
};
key key2 {
algorithm hmac-md5;
secret "bar";
};
I will reference a patch shortly.
KR, Jascha