[Opendnssec-commits] matthijs r7140 - branches/OpenDNSSEC-1.4/signer/src/signer

commits at svn.opendnssec.org commits at svn.opendnssec.org
Thu Jun 6 10:24:25 CEST 2013


Author: matthijs
Date: Thu Jun  6 10:24:25 2013
New Revision: 7140
URL: http://fisheye.opendnssec.org/changelog/opendnssec?cs=7140

Log:
assertion was hit if NSEC3 hash algo is bogus: Fix signconf check, replace assertion with if-error construction

Modified:
   branches/OpenDNSSEC-1.4/signer/src/signer/namedb.c
   branches/OpenDNSSEC-1.4/signer/src/signer/signconf.c

Modified: branches/OpenDNSSEC-1.4/signer/src/signer/namedb.c
==============================================================================
--- branches/OpenDNSSEC-1.4/signer/src/signer/namedb.c	Thu Jun  6 10:21:27 2013	(r7139)
+++ branches/OpenDNSSEC-1.4/signer/src/signer/namedb.c	Thu Jun  6 10:24:25 2013	(r7140)
@@ -714,7 +714,11 @@
     } else {
         owner = ldns_rdf_clone(dname);
     }
-    ods_log_assert(owner);
+    if (!owner) {
+        ods_log_error("[%s] unable to add denial: create owner failed",
+            db_str);
+        return NULL;
+    }
     denial = denial_create(db->zone, owner);
     if (!denial) {
         ods_log_error("[%s] unable to add denial: denial_create() failed",

Modified: branches/OpenDNSSEC-1.4/signer/src/signer/signconf.c
==============================================================================
--- branches/OpenDNSSEC-1.4/signer/src/signer/signconf.c	Thu Jun  6 10:21:27 2013	(r7139)
+++ branches/OpenDNSSEC-1.4/signer/src/signer/signconf.c	Thu Jun  6 10:24:25 2013	(r7140)
@@ -314,8 +314,8 @@
         status = ODS_STATUS_CFG_ERR;
     }
     if (sc->nsec_type == LDNS_RR_TYPE_NSEC3) {
-        if (sc->nsec3_algo == 0) {
-            ods_log_error("[%s] check failed: no nsec3 algorithm found",
+        if (sc->nsec3_algo != LDNS_SHA1) {
+            ods_log_error("[%s] check failed: invalid nsec3 algorithm",
                 sc_str);
             status = ODS_STATUS_CFG_ERR;
         }



More information about the Opendnssec-commits mailing list