Permalink
Browse files

fix NSEC for asterisk ents and add test

  • Loading branch information...
1 parent cd30e94 commit 74baf86b92c2bdd4342711c50b0e3e500754aad0 @mind04 mind04 committed with mind04 Aug 31, 2013
@@ -20017,7 +20017,7 @@ Cexternal.example.com:somewhere.else.net.:120
+host-9998.example.com:192.168.1.14:120
+host-9999.example.com:192.168.1.15:120
:hwinfo.example.com:13:\003abc\003def:120
-3ipv6.example.com:200106a80000000102104bfffe4b4c61:120
+:ipv6.example.com:28:\040\001\006\250\000\000\000\001\002\020K\377\376KLa:120
&italy.example.com::italy-ns1.example.com.:120
&italy.example.com::italy-ns2.example.com.:120
+italy-ns1.example.com:192.168.5.1:120
@@ -20047,6 +20047,7 @@ Cstart1.example.com:start2.example.com.:120
Cstart2.example.com:start3.example.com.:120
Cstart3.example.com:start4.example.com.:120
+start4.example.com:192.168.2.2:120
++host.\052.sub.example.com:192.168.6.1:120
:text.example.com:16:\025Hi\054\040this\040is\040some\040text:120
:text0.example.com:16:\014k\075rsa\073\040p\075one:120
:text1.example.com:16:\014k\075rsa\073\040p\075one:120
Binary file not shown.
@@ -671,7 +671,7 @@ void PacketHandler::addNSEC(DNSPacket *p, DNSPacket *r, const string& target, co
if (mode == 2) {
// wildcard NO-DATA
- before='.';
+ before.clear();
sd.db->getBeforeAndAfterNames(sd.domain_id, auth, wildcard, before, after);
emitNSEC(before, after, target, sd, r, mode);
}
@@ -1,4 +1,4 @@
-f1eebfc1577c3dcf26b4390fbc7bb0b2 ../regression-tests/example.com
+4bc48a8d9b8d04b553be67639e5656e8 ../regression-tests/example.com
a2dd754820cb88fdd3d80b54a212a270 ../regression-tests/test.com
21213b4e8cd56e4184696a1bafd987d7 ../regression-tests/wtest.com
6e4ac6e3a6cd717df107a7bc2e466ac7 ../regression-tests/dnssec-parent.com
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+cleandig sub.host.sub.example.com a dnssec
@@ -0,0 +1 @@
+Check if asterisk empty non-terminal is interpreted as wildcard wihout type
@@ -0,0 +1,4 @@
+1 example.com. IN SOA 86400 ns1.example.com. ahu.example.com. 2000081501 28800 7200 604800 86400
+2 . IN OPT 32768
+Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='sub.host.sub.example.com.', qtype=A
@@ -0,0 +1,10 @@
+1 example.com. IN RRSIG 86400 SOA 8 2 100000 [expiry] [inception] [keytag] example.com. ...
+1 example.com. IN SOA 86400 ns1.example.com. ahu.example.com. 2000081501 28800 7200 604800 86400
+1 host.*.sub.example.com. IN NSEC 86400 text.example.com. A RRSIG NSEC
+1 host.*.sub.example.com. IN RRSIG 86400 NSEC 8 5 86400 [expiry] [inception] [keytag] example.com. ...
+1 start4.example.com. IN NSEC 86400 host.*.sub.example.com. A RRSIG NSEC
+1 start4.example.com. IN RRSIG 86400 NSEC 8 3 86400 [expiry] [inception] [keytag] example.com. ...
+2 . IN OPT 32768
+Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='sub.host.sub.example.com.', qtype=A
+./ent-asterisk/unbound-host.out:sub.host.sub.example.com has no address (BOGUS (security failure))
@@ -0,0 +1,11 @@
+1 5ui8h56r4776maicvhpdegs6chr19i99.example.com. IN NSEC3 86400 1 [flags] 1 abcd 5UI8H56R4776MAICVHPDEGS6CHR19I9A
+1 5ui8h56r4776maicvhpdegs6chr19i99.example.com. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] example.com. ...
+1 example.com. IN RRSIG 86400 SOA 8 2 100000 [expiry] [inception] [keytag] example.com. ...
+1 example.com. IN SOA 86400 ns1.example.com. ahu.example.com. 2000081501 28800 7200 604800 86400
+1 hhrsadparthvtuou67trentjstdodla0.example.com. IN NSEC3 86400 1 [flags] 1 abcd HHRSADPARTHVTUOU67TRENTJSTDODLA1
+1 hhrsadparthvtuou67trentjstdodla0.example.com. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] example.com. ...
+1 pbl3rtqv3mt7eb29gqp0a17o0h42nj76.example.com. IN NSEC3 86400 1 [flags] 1 abcd PBL3RTQV3MT7EB29GQP0A17O0H42NJ78
+1 pbl3rtqv3mt7eb29gqp0a17o0h42nj76.example.com. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] example.com. ...
+2 . IN OPT 32768
+Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='sub.host.sub.example.com.', qtype=A
@@ -0,0 +1,11 @@
+1 5ui8h56r4776maicvhpdegs6chr19i99.example.com. IN NSEC3 86400 1 [flags] 1 abcd 5UMB87SUFNRRMLILGL48A5GUUHG7RI58
+1 5ui8h56r4776maicvhpdegs6chr19i99.example.com. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] example.com. ...
+1 example.com. IN RRSIG 86400 SOA 8 2 100000 [expiry] [inception] [keytag] example.com. ...
+1 example.com. IN SOA 86400 ns1.example.com. ahu.example.com. 2000081501 28800 7200 604800 86400
+1 hhrsadparthvtuou67trentjstdodla0.example.com. IN NSEC3 86400 1 [flags] 1 abcd HHTKKD5HB125SGANBTKMQK84LULH60LH
+1 hhrsadparthvtuou67trentjstdodla0.example.com. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] example.com. ...
+1 pbkjnd53pnsru5jmaqnk3k936pv2pq5j.example.com. IN NSEC3 86400 1 [flags] 1 abcd PBL4SE96F8T4H4Q24UQMRQ4KS96AHPV3 A RRSIG
+1 pbkjnd53pnsru5jmaqnk3k936pv2pq5j.example.com. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] example.com. ...
+2 . IN OPT 32768
+Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='sub.host.sub.example.com.', qtype=A
@@ -93,7 +93,8 @@ text0 IN TXT "k=rsa; p=one"
text1 IN TXT "k=rsa\; p=one"
text2 IN TXT "k=rsa\\; p=one"
text3 IN TXT "k=rsa\\\; p=one"
-
+;
+host.*.sub IN A 192.168.6.1
;
ipv6 IN AAAA 2001:6A8:0:1:210:4BFF:FE4B:4C61
;

0 comments on commit 74baf86

Please sign in to comment.