git.ipfire.org Git - thirdparty/dnspython.git/commit

]> git.ipfire.org Git - thirdparty/dnspython.git/commit

projects / thirdparty / dnspython.git / commit

author	Brian Wellington <bwelling@xbill.org>
	Sat, 6 May 2023 14:15:32 +0000 (07:15 -0700)
committer	GitHub <noreply@github.com>
	Sat, 6 May 2023 14:15:32 +0000 (07:15 -0700)
commit	bf8deda6da437ec5fdaaf5261b8674deb8e6d31c
tree	6f8e7f770179aeaa8abb8d2cb700b3f9e982536b	tree \| snapshot
parent	b7211a26bdefa7d655a71392bd126f3745f8b862	commit \| diff

Fix NSEC3 base32 processing. (#929)

The NSEC3 next name field is defined as base32 with no padding, but the
code was doing base32 decoding with padding. This wouldn't have any
effect in the normal case, since the only defined NSEC3 hashing
algorithm is SHA1, and that generates a 160 bit hash that doesn't
require padding when encoded in base32.

This change removes generated padding after encode, rejects padded input
on decode, and adds necessary padding for decode.

dns/rdtypes/ANY/NSEC3.py		diff \| blob \| blame \| history
tests/example		diff \| blob \| blame \| history
tests/example1.good		diff \| blob \| blame \| history
tests/example2.good		diff \| blob \| blame \| history
tests/example3.good		diff \| blob \| blame \| history
tests/example4.good		diff \| blob \| blame \| history

Mirror of https://github.com/rthalley/dnspython.git

RSS Atom