Thanks Jan-Piet Mens.
* bugfix #708: warnings and errors with xcode 6.1/7.0
* bugfix #754: Memory leak in ldns_str2rdf_ipseckey
Thanks Xiali Yan
+ * bugfix #661: Fail NSEC3 signing when NSEC domainname length
+ would overflow. Thanks Jan-Piet Mens.
1.6.17 2014-01-10
* Fix ldns_dnssec_zone_new_frm_fp_l to allow the last parsed line of a
nsec_ttl = LDNS_DEFAULT_TTL;
}
+ if (ldns_rdf_size(zone->soa->name) > 222) {
+ return LDNS_STATUS_NSEC3_DOMAINNAME_OVERFLOW;
+ }
+
if (zone->hashed_names) {
ldns_traverse_postorder(zone->hashed_names,
ldns_hashed_names_node_free, NULL);
{ LDNS_STATUS_RDATA_OVERFLOW, "Rdata size overflow" },
{ LDNS_STATUS_SYNTAX_SUPERFLUOUS_TEXT_ERR,
"Syntax error, superfluous text present" },
+ { LDNS_STATUS_NSEC3_DOMAINNAME_OVERFLOW,
+ "The NSEC3 domainname length overflow" },
{ 0, NULL }
};
LDNS_STATUS_TYPE_NOT_IN_BITMAP,
LDNS_STATUS_INVALID_RDF_TYPE,
LDNS_STATUS_RDATA_OVERFLOW,
- LDNS_STATUS_SYNTAX_SUPERFLUOUS_TEXT_ERR
+ LDNS_STATUS_SYNTAX_SUPERFLUOUS_TEXT_ERR,
+ LDNS_STATUS_NSEC3_DOMAINNAME_OVERFLOW
};
typedef enum ldns_enum_status ldns_status;
projects / thirdparty / ldns.git / commitdiff
