salt.
+30 September 2024: Wouter
+ - Fix negative cache NSEC3 parameter compares for zero length NSEC3
+ salt.
+
25 September 2024: Wouter
- Fix #1144: [FR] log timestamps in ISO8601 format with timezone.
This adds the option `log-time-iso: yes` that logs in ISO8601
it <= neg->nsec3_max_iter &&
(h != zone->nsec3_hash || it != zone->nsec3_iter ||
slen != zone->nsec3_saltlen ||
- memcmp(zone->nsec3_salt, s, slen) != 0)) {
+ (slen != 0 && zone->nsec3_salt && s
+ && memcmp(zone->nsec3_salt, s, slen) != 0))) {
if(slen > 0) {
uint8_t* sa = memdup(s, slen);
return 0;
return (h == zone->nsec3_hash && it == zone->nsec3_iter &&
slen == zone->nsec3_saltlen &&
- memcmp(zone->nsec3_salt, s, slen) == 0);
+ (slen != 0 && zone->nsec3_salt && s
+ && memcmp(zone->nsec3_salt, s, slen) == 0));
}
/** get next closer for nsec3 proof */
sldns_buffer_clear(buf);
sldns_buffer_write(buf, nm, nmlen);
query_dname_tolower(sldns_buffer_begin(buf));
- sldns_buffer_write(buf, salt, saltlen);
+ if(saltlen != 0)
+ sldns_buffer_write(buf, salt, saltlen);
sldns_buffer_flip(buf);
hash_len = nsec3_hash_algo_size_supported(algo);
if(hash_len == 0) {
for(i=0; i<iter; i++) {
sldns_buffer_clear(buf);
sldns_buffer_write(buf, res, hash_len);
- sldns_buffer_write(buf, salt, saltlen);
+ if(saltlen != 0)
+ sldns_buffer_write(buf, salt, saltlen);
sldns_buffer_flip(buf);
if(!secalgo_nsec3_hash(algo,
(unsigned char*)sldns_buffer_begin(buf),
projects / thirdparty / unbound.git / commitdiff
