Permalink
Browse files

make sure our NSEC(3)s for names with spaces in them are correct. Rep…

…orted by Jimmy Bergman. Includes test. Needs additional recursor verification.
  • Loading branch information...
1 parent 51332c0 commit 27ff60a38195e69b544ad8be23c7f96f7ea2b971 @Habbie Habbie committed Apr 29, 2013
View
@@ -502,8 +502,13 @@ void PacketReader::xfrHexBlob(string& blob, bool keepReading)
xfrBlob(blob);
}
-string simpleCompress(const string& label, const string& root)
+string simpleCompress(const string& elabel, const string& root)
{
+ string label=elabel;
+ // FIXME: this relies on the semi-canonical escaped output from getLabelFromContent
+ boost::replace_all(label, "\\.", ".");
+ boost::replace_all(label, "\\032", " ");
+ boost::replace_all(label, "\\\\", "\\");
typedef vector<pair<unsigned int, unsigned int> > parts_t;
parts_t parts;
vstringtok(parts, label, ".");
View
@@ -237,6 +237,7 @@ void DNSPacketWriter::xfrLabel(const string& Label, bool compress)
if(unescaped) {
string part(label.c_str() + i -> first, i->second - i->first);
+ // FIXME: this relies on the semi-canonical escaped output from getLabelFromContent
boost::replace_all(part, "\\.", ".");
boost::replace_all(part, "\\032", " ");
boost::replace_all(part, "\\\\", "\\");
@@ -0,0 +1,2 @@
+#!/bin/sh
+cleandig 'space name'.example.com A dnssec
@@ -0,0 +1,2 @@
+Make sure we answer queries with spaces in the name correctly, including the
+right NSEC(3) records.
@@ -0,0 +1,11 @@
+1 9fag9508oqu3m22qac0u5eqgg45v8cf0.example.com. IN NSEC3 86400 1 1 1 abcd 9FAG9508OQU3M22QAC0U5EQGG45V8CF2
+1 9fag9508oqu3m22qac0u5eqgg45v8cf0.example.com. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] example.com. ...
+1 example.com. IN RRSIG 86400 SOA 8 2 100000 [expiry] [inception] [keytag] example.com. ...
+1 example.com. IN SOA 86400 ns1.example.com. ahu.example.com. 2000081501 28800 7200 604800 86400
+1 gl4qf9db2fkivonidgs9954bhkhpvviq.example.com. IN NSEC3 86400 1 1 1 abcd GL4QF9DB2FKIVONIDGS9954BHKHPVVIS
+1 gl4qf9db2fkivonidgs9954bhkhpvviq.example.com. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] example.com. ...
+1 vtnq6ocn2vkuiv3nju14oqtaen2mt5sk.example.com. IN NSEC3 86400 1 1 1 abcd VTNQ6OCN2VKUIV3NJU14OQTAEN2MT5SL NS SOA MX RRSIG DNSKEY NSEC3PARAM
+1 vtnq6ocn2vkuiv3nju14oqtaen2mt5sk.example.com. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] example.com. ...
+2 . IN OPT 32768
+Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='space\032name.example.com.', qtype=A
@@ -0,0 +1,11 @@
+1 9f8hti7cc7oqnqjv84klnp89glqrss3r.example.com. IN NSEC3 86400 1 1 1 abcd 9FDAOFPLLN0FQFU9DP274GOU59QFHSLD A RRSIG
+1 9f8hti7cc7oqnqjv84klnp89glqrss3r.example.com. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] example.com. ...
+1 example.com. IN RRSIG 86400 SOA 8 2 100000 [expiry] [inception] [keytag] example.com. ...
+1 example.com. IN SOA 86400 ns1.example.com. ahu.example.com. 2000081501 28800 7200 604800 86400
+1 gl3vilecelbsri6t44urj9lp6m5853mq.example.com. IN NSEC3 86400 1 1 1 abcd GL5I9VH027O95O1M3UTE1A8KR1TJ253D A RRSIG
+1 gl3vilecelbsri6t44urj9lp6m5853mq.example.com. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] example.com. ...
+1 vtnq6ocn2vkuiv3nju14oqtaen2mt5sk.example.com. IN NSEC3 86400 1 1 1 abcd VTP9NUQBEH436S7J0K8TI2A32MMKCUUL NS SOA MX RRSIG DNSKEY NSEC3PARAM
+1 vtnq6ocn2vkuiv3nju14oqtaen2mt5sk.example.com. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] example.com. ...
+2 . IN OPT 32768
+Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='space\032name.example.com.', qtype=A

0 comments on commit 27ff60a

Please sign in to comment.