]> git.ipfire.org Git - thirdparty/bind9.git/commit
projects / thirdparty / bind9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b6cf883) | patch
Check nsec3param configuration values
authorMatthijs Mekking <matthijs@isc.org>
Tue, 13 Oct 2020 15:48:22 +0000 (17:48 +0200)
committerMatthijs Mekking <matthijs@isc.org>
Thu, 26 Nov 2020 14:15:03 +0000 (14:15 +0000)
commit2a1793a2be45b75a77057b2d3b17b570f033ec65
treecf228b44da8c6993f48e9aeb2117696fd2f7db70tree | snapshot
parentb6cf88333a67b262d5019a08f82cfec27ceb1b3acommit | diff
Check nsec3param configuration values

Check 'nsec3param' configuration for the number of iterations.  The
maximum number of iterations that are allowed are based on the key
size (see https://tools.ietf.org/html/rfc5155#section-10.3).

Check 'nsec3param' configuration for correct salt. If the string is
not "-" or hex-based, this is a bad salt.

(cherry picked from commit 7039c5f80529f06a0fb53d40a25cdd49e61a63af)
bin/tests/system/checkconf/kasp-bad-keylen.conf [new file with mode: 0644] blob
bin/tests/system/checkconf/kasp-bad-nsec3-iter.conf [new file with mode: 0644] blob
bin/tests/system/checkconf/kasp-bad-nsec3-salt.conf [new file with mode: 0644] blob
bin/tests/system/checkconf/tests.sh diff | blob | blame | history
lib/dns/include/dns/result.h diff | blob | blame | history
lib/dns/result.c diff | blob | blame | history
lib/isccfg/kaspconf.c diff | blob | blame | history
Mirror of https://gitlab.isc.org/isc-projects/bind9.git