ns3p->d_iterations = maxNSEC3Iterations;
L<<Logger::Error<<"Number of NSEC3 iterations for zone '"<<name.toString()<<"' is above 'max-nsec3-iterations'. Value adjsted to: "<<maxNSEC3Iterations<<endl;
}
+
+ if (ns3p->d_algorithm != 1) {
+ L<<Logger::Error<<"Invalid hash algorithm for NSEC3: '"<<std::to_string(ns3p->d_algorithm)<<"', setting to 1 for zone '"<<name<<"'."<<endl;
+ ns3p->d_algorithm = 1;
+ }
}
return true;
ns3p->d_iterations = maxNSEC3Iterations;
L<<Logger::Error<<"Number of NSEC3 iterations for zone '"<<zname<<"' is above 'max-nsec3-iterations'. Value adjusted to: "<<maxNSEC3Iterations<<endl;
}
+ if (ns3p->d_algorithm != 1) {
+ L<<Logger::Error<<"Invalid hash algorithm for NSEC3: '"<<std::to_string(ns3p->d_algorithm)<<"', setting to 1 for zone '"<<zname<<"'."<<endl;
+ ns3p->d_algorithm = 1;
+ }
}
if(narrow) {
getFromMeta(zname, "NSEC3NARROW", value);
if (ns3p.d_iterations > maxNSEC3Iterations)
throw runtime_error("Can't set NSEC3PARAM for zone '"+zname.toString()+"': number of NSEC3 iterations is above 'max-nsec3-iterations'");
+ if (ns3p.d_algorithm != 1)
+ throw runtime_error("Invalid hash algorithm for NSEC3: '"+std::to_string(ns3p.d_algorithm)+"' for zone '"+zname.toString()+"'. The only valid value is '1'");
+
clearCaches(zname);
string descr = ns3p.getZoneRepresentation();
vector<string> meta;
projects / thirdparty / pdns.git / commitdiff
