New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rec: Fix going Insecure on NSEC3 hashes with too many iterations #5912

merged 1 commit into from Nov 7, 2017


None yet
2 participants

rgacogne commented Nov 6, 2017

Short description

We could have gone Bogus on a positive answer synthetized from a wildcard if the corresponding NSEC3 had more iterations that we were willing to accept, while the correct result is Insecure.


I have:

  • read the document
  • compiled and tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added or modified regression test(s)
  • added or modified unit test(s)

@rgacogne rgacogne added this to the rec-4.1.0 milestone Nov 6, 2017

@pieterlexis pieterlexis merged commit 3f3ece8 into PowerDNS:master Nov 7, 2017

1 check passed

continuous-integration/travis-ci/pr The Travis CI build passed

@rgacogne rgacogne deleted the rgacogne:rec-too-many-nsec3-iterations branch Nov 7, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment