From: Wouter Wijngaards Date: Tue, 4 Aug 2009 14:27:42 +0000 (+0000) Subject: 1.3.3 release. X-Git-Tag: release-1.3.4^0 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2f85c5817c7cf301292a8518e63731b59c3198b7;p=thirdparty%2Funbound.git 1.3.3 release. git-svn-id: file:///svn/unbound/tags/release-1.3.3@1744 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/doc/Changelog b/doc/Changelog index 06e4c7565..a6df0a4e1 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -1,3 +1,7 @@ +4 August 2009: Wouter + - Added test that the examples from draft rsasha256-14 verify. + - iana portlist updated. + 3 August 2009: Wouter - nicer warning when algorithm not supported, tells you to upgrade. - iana portlist updated. diff --git a/testcode/unitverify.c b/testcode/unitverify.c index 651e1d73c..fec56c982 100644 --- a/testcode/unitverify.c +++ b/testcode/unitverify.c @@ -477,11 +477,10 @@ verify_test() #if defined(HAVE_EVP_SHA256) && defined(USE_SHA2) verifytest_file("testdata/test_signatures.9", "20070829144150"); verifytest_file("testdata/test_signatures.11", "20070829144150"); + verifytest_file("testdata/test_signatures.14", "20090101000000"); #endif #if defined(HAVE_EVP_SHA512) && defined(USE_SHA2) - /* Skip test. Algorithm number uncertainty verifytest_file("testdata/test_signatures.10", "20070829144150"); - */ #endif verifytest_file("testdata/test_signatures.12", "20090107100022"); verifytest_file("testdata/test_signatures.13", "20080414005004"); diff --git a/testdata/test_signatures.10 b/testdata/test_signatures.10 index 4000bf580..08d5bcb26 100644 --- a/testdata/test_signatures.10 +++ b/testdata/test_signatures.10 @@ -3,24 +3,21 @@ ; first entry is a DNSKEY answer, with the DNSKEY rrset used for verification. ; later entries are verified with it. -; Test RSASHA512 signatures. +; Test RSASHA512 signatures from draft-ietf-dnsext-dnssec-rsasha256-14 -; RSA key from ldns tool ENTRY_BEGIN SECTION QUESTION -sub.example.com. IN DNSKEY +example.net. IN DNSKEY SECTION ANSWER -example.com. 3600 IN DNSKEY 256 3 9 AwEAAazmeO3BNv+xPYuFbQp8JN4XX+iKNuvJgD2QG5jRXI0IP5by+JGSob20OEmbPLqKcXWMRPICTyPBDaBh0tXA66DVlHV8rCtAT5Yqdrz2qw05SNYCGWJulscR6GM0e4gkO1FrBINr385IiMH3sJegBzm2HUbyb2I+xuFIfl7SgMuZ5fahHnhjDwsdgw+19OQlbYDRmNhMvtJemomIiGzPwrxEtKBlcUevcFPX7cPU7lpbcZwVP16xhLbtSNwMHvoCoRpJrAtdDGiSyAzTQef+jWuaUlFCPle6Qkghi51zmpBrPunqRCoYg7LIyJ9zS/KzPKX2zN2ASu9KJD3tDW9OSZM= ;{id = 48886 (zsk), size = 2048b} - +example.net. 3600 IN DNSKEY (256 3 10 AwEAAdHoNTOW+et86KuJOWRD p1pndvwb6Y83nSVXXyLA3DLroROUkN6X0O6pnWnjJQujX/AyhqFD xj13tOnD9u/1kTg7cV6rklMrZDtJCQ5PCl/D7QNPsgVsMu1J2Q8g pMpztNFLpPBz1bWXjDtaR7ZQBlZ3PFY12ZTSncorffcGmhOL);{id = 3740 (zsk), size = 1024b} ENTRY_END ; entry to test ENTRY_BEGIN SECTION QUESTION -www.example.com. IN A +www.example.net. IN A SECTION ANSWER -www.example.com. 3600 IN A 192.0.2.66 -www.example.com. 3600 IN RRSIG A 9 3 3600 20070926134150 20070829134150 48886 example.com. Ys6CGNAxJ+0lG/EoDJqZOoZTlX8Aa1k124VjnSE2A9NTecZUX44TiKtJQtUu7cnUcURuNsqX5rulr/70Vx+ANeUot/ewtY6fX6qaGZVgIaNyyDw0Gu7oiAsjOE0bt5RS4VGvDpLSdxDlPV0Kbbc4fYSTsqiSe2idMokfD2bgPcFrIx2TcX/sF8Jyhn2MGiQsWryMWyvhRTZ1+dwQcPhkeslGFLF/SQpGx5BbW/BYQG026xb6ckL/F/Pu4Jf5sQTimTZXHi9iASeRNO34DM9bS0yDgc+nm3bEg8/pEGCdFuCt6dVv7JTFgnR9fPTbEbBHIi4ORw1oef11G2sRV/Ubvw== ;{id = 48886} - +www.example.net. 3600 IN A 192.0.2.91 +www.example.net. 3600 IN RRSIG (A 10 3 3600 20300101000000 20000101000000 3740 example.net. tsb4wnjRUDnB1BUi+t 6TMTXThjVnG+eCkWqjvvjhzQL1d0YRoOe0CbxrVDYd0xDtsuJRa eUw1ep94PzEWzr0iGYgZBWm/zpq+9fOuagYJRfDqfReKBzMweOL DiNa8iP5g9vMhpuv6OPlvpXwm9Sa9ZXIbNl1MBGk0fthPgxdDLw =);{id = 3740} ENTRY_END diff --git a/testdata/test_signatures.14 b/testdata/test_signatures.14 new file mode 100644 index 000000000..94122e915 --- /dev/null +++ b/testdata/test_signatures.14 @@ -0,0 +1,23 @@ +; Signature test file + +; first entry is a DNSKEY answer, with the DNSKEY rrset used for verification. +; later entries are verified with it. + +; Test RSASHA256 signatures from draft-ietf-dnsext-dnssec-rsasha256-14 + +ENTRY_BEGIN +SECTION QUESTION +example.net. IN DNSKEY +SECTION ANSWER +example.net. 3600 IN DNSKEY (256 3 8 AwEAAcFcGsaxxdgiuuGmCkVI my4h99CqT7jwY3pexPGcnUFtR2Fh36BponcwtkZ4cAgtvd4Qs8P kxUdp6p/DlUmObdk= );{id = 9033 (zsk), size = 512b} +ENTRY_END + +; entry to test +ENTRY_BEGIN +SECTION QUESTION +www.example.net. IN A +SECTION ANSWER +www.example.net. 3600 IN A 192.0.2.91 +www.example.net. 3600 IN RRSIG (A 8 3 3600 20300101000000 20000101000000 9033 example.net. kRCOH6u7l0QGy9qpC9 l1sLncJcOKFLJ7GhiUOibu4teYp5VE9RncriShZNz85mwlMgNEa cFYK/lPtPiVYP4bwg== ;{id = 9033} +ENTRY_END + diff --git a/util/iana_ports.inc b/util/iana_ports.inc index 5414541ac..08c9612f7 100644 --- a/util/iana_ports.inc +++ b/util/iana_ports.inc @@ -4062,6 +4062,7 @@ 5102, 5111, 5112, +5113, 5116, 5133, 5137,