[Opendnssec-develop] [OpenDNSSEC] #257: Error in ods-signerd

OpenDNSSEC owner-dnssec-trac at kirei.se
Fri Jul 29 17:52:12 UTC 2011 

#257: Error in ods-signerd
--------------------------------+-------------------------------------------
Reporter:  staffordp1@…         |       Owner:  matthijs                         
    Type:  defect               |      Status:  new                              
Priority:  minor                |   Component:  Signer                           
 Version:  1.3.0                |    Keywords:  nsec3params zone.c nsec3params_rr
--------------------------------+-------------------------------------------
 Just an FYI:

 found bug  /usr/local/src/opendnssec-1.3.0rc3/signer/src/signer/zone.c

 details:
 Imported keys, using your softHSM, but I mistakenly left the version as
 "Algorithm: 7 (?)".  The ods-signerd didn't like it and dumped (no core)
 memory without exiting...<strange>.  After that ods-signer didn't repsond,
 neither did ods-signerd.

 I found an issue within zone.c:

   This function was not getting executed within the long if statement::
      dns_rr_new_frm_fp(&nsec3params_rr, fd, NULL, NULL, NULL)

    ... hence nsec3params_rr doesn't get initialized, so i moved it out of
 the if statement and it didn't error out.  But now I wonder how the code
 handled the version "?" since it didn't give me any errors after I changed
 the code without fixing the keys.

 (after my change)
 {{{
   860         /* nsec3params part */
   861         if (zone->signconf->nsec_type == LDNS_RR_TYPE_NSEC3) {
   862
   863              if (!backup_read_check_str(fd, ";;Nsec3parameters:") ||
   864                  !backup_read_check_str(fd, "salt") ||
   865                  !backup_read_str(fd, &salt) ||
   866                  !backup_read_check_str(fd, "algorithm") ||
   867                  !backup_read_uint32_t(fd,
 &zone->signconf->nsec3_algo) ||
   868                  !backup_read_check_str(fd, "optout") ||
   869                  !backup_read_int(fd, &zone->signconf->nsec3_optout)
 ||
   870                  !backup_read_check_str(fd, "iterations") ||
   871                  !backup_read_uint32_t(fd,
 &zone->signconf->nsec3_iterations) ||
   872                  !backup_read_check_str(fd, ";;Nsec3done") ||
   873                  !backup_read_check_str(fd, ";;"))
   874             {
   875                  goto recover_error;
   876             }
   877
   878             if(ldns_rr_new_frm_fp(&nsec3params_rr, fd, NULL, NULL,
 NULL) != LDNS_STATUS_OK) {
   879                  fprintf(stdout, "Failed to define
 nsec3params_rr\n"); fflush(stdout);
   880                  goto recover_error;
   881             }
   882         }
 }}}

-- 
Ticket URL: <http://trac.opendnssec.org/ticket/257>
OpenDNSSEC <http://www.opendnssec.org/>
OpenDNSSEC

More information about the Opendnssec-develop mailing list