git.ipfire.org Git - thirdparty/bind9.git/commit

]> git.ipfire.org Git - thirdparty/bind9.git/commit

projects / thirdparty / bind9.git / commit

author	Ondřej Surý <ondrej@isc.org>
	Fri, 20 Feb 2026 14:44:14 +0000 (15:44 +0100)
committer	Ondřej Surý <ondrej@isc.org>
	Tue, 24 Feb 2026 16:10:52 +0000 (17:10 +0100)
commit	6fb01d751d4b7374d2604ed11ea5589bae30fe21
tree	acaf7e3de1682a7bfcdfca7c069a174aa334b9a9	tree \| snapshot
parent	c88aa8a3808524f40f54cc9d398074cc24ea9150	commit \| diff

Add tests for NSEC3 invalid length

Adds a static system test that fails to load an NSEC3 record with an
invalid next part length. Additionally, introduces a dynamic test using
a crafted authoritative DNS proxy to inject invalid NSEC3 records on the
fly to test runtime behavior.

(cherry picked from commit 7b737bc1c412345c0164f49073253b89d35bee0a)

14 files changed:

bin/tests/system/checkzone/zones/bad-nsec3-length.db	[new file with mode: 0644]	blob
bin/tests/system/nsec3/ans7/ans.py	[new file with mode: 0644]	blob
bin/tests/system/nsec3/common.py		diff \| blob \| blame \| history
bin/tests/system/nsec3/ns5/named.conf.j2	[new file with mode: 0644]	blob
bin/tests/system/nsec3/ns6/Kevil.test.+013+10491.key	[new file with mode: 0644]	blob
bin/tests/system/nsec3/ns6/Kevil.test.+013+10491.private	[new file with mode: 0644]	blob
bin/tests/system/nsec3/ns6/Kevil.test.+013+12713.key	[new file with mode: 0644]	blob
bin/tests/system/nsec3/ns6/Kevil.test.+013+12713.private	[new file with mode: 0644]	blob
bin/tests/system/nsec3/ns6/evil.test.db	[new file with mode: 0644]	blob
bin/tests/system/nsec3/ns6/named.conf.j2	[new file with mode: 0644]	blob
bin/tests/system/nsec3/ns6/setup.sh	[new file with mode: 0644]	blob
bin/tests/system/nsec3/setup.sh		diff \| blob \| blame \| history
bin/tests/system/nsec3/tests_nsec3_initial.py		diff \| blob \| blame \| history
bin/tests/system/nsec3/tests_nsec3_length.py	[new file with mode: 0644]	blob

Mirror of https://gitlab.isc.org/isc-projects/bind9.git

RSS Atom