mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 06:25:31 +00:00
Code Issues Releases Wiki Activity

Merge branch '2668-handle-net-dns-versions-that-don-t-support-nsec3param' into 'main'

Browse Source 
Resolve "Handle Net::DNS versions that don't support NSEC3PARAM"

Closes #2668

See merge request isc-projects/bind9!4971
This commit is contained in:
Mark Andrews
2021-04-30 06:25:39 +00:00
parent 7b62af4e0e 044933756a
commit 1f4234ec89
2 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
bin/tests/system/nsupdate/tests.sh
View File

@@ -310,7 +310,10 @@ then
{
$PERL update_test.pl -s 10.53.0.1 -p ${PORT} update.nil. || ret=1
} | cat_i
grep "updating zone 'update.nil/IN': too many NSEC3 iterations (151)" ns1/named.run > /dev/null || ret=1
if $PERL -e 'use Net::DNS; die "Net::DNS too old ($Net::DNS::VERSION < 1.01)" if ($Net::DNS::VERSION < 1.01)' > /dev/null
then
grep "updating zone 'update.nil/IN': too many NSEC3 iterations (151)" ns1/named.run > /dev/null || ret=1
fi
[ $ret -eq 1 ] && { echo_i "failed"; status=1; }
else
echo_i "The second part of this test requires the Net::DNS library." >&2

10
bin/tests/system/nsupdate/update_test.pl
View File

@@ -410,9 +410,13 @@ test("NOERROR", ["update", rr_add("u.$zone 300 NS ns.u.$zone")]);
test("NOERROR", ["update", rr_del("u.$zone NS ns.u.$zone")]);
section("Excessive NSEC3PARAM iterations");
test("REFUSED", ["update", rr_add("$zone 300 NSEC3PARAM 1 0 151 -")]);
test("NOERROR", ["update", rr_add("$zone 300 NSEC3PARAM 1 0 150 -")]);
if ($Net::DNS::VERSION < 1.01) {
print "skipped Excessive NSEC3PARAM iterations; Net::DNS too old.\n";
} else {
section("Excessive NSEC3PARAM iterations");
test("REFUSED", ["update", rr_add("$zone 300 NSEC3PARAM 1 0 151 -")]);
test("NOERROR", ["update", rr_add("$zone 300 NSEC3PARAM 1 0 150 -")]);
}
if ($failures) {
print "$failures tests failed.\n";