[Opendnssec-user] signer doesn't like DNAMES?

Sebastian Castro sebastian at nzrs.net.nz
Thu Aug 26 02:51:11 UTC 2010


Hi:

I updated my OpenDNSSEC testbed to the latest trunk version yesterday
and it seems the signer doesn't like DNAME records and the handling of
records in multiple lines is too strict.

It's now spitting out this messages:

Aug 26 14:17:48 srsov-sebastian1 opendnssec: read zone nz from file
nz.unsorted
Aug 26 14:17:48 srsov-sebastian1 opendnssec: open file: dir (null) file
nz.unsorted for reading
Aug 26 14:17:48 srsov-sebastian1 opendnssec: error parsing RR at line 3
(Syntax error, value expected): @   IN SOA   loopback.dns.net.nz.
soa.nzrs.net.nz. 2010070600 900 300604800 3600
Aug 26 14:17:48 srsov-sebastian1 opendnssec: error reading RR at line
134 (Syntax error, value expected): xn--mori-qsa.nz. 86400 IN DNAME
maori.nz.
Aug 26 14:17:48 srsov-sebastian1 opendnssec: error reading zone nz from
file nz.unsorted
Aug 26 14:17:48 srsov-sebastian1 opendnssec: task [read zone nz] failed

The SOA record looks like

@   IN SOA loopback.dns.net.nz. soa.nzrs.net.nz. ( 2010070600 900 300
604800 3600 )

You can tell from the log message above the parser fails to separate in
this case the refresh (300) from the expire (604800) because there is a
newline in the middle, finally aborting the parsing of the record.

The DNAME record looks just like in the logline and the previous version
of OpenDNSSEC signed it happily.


Should I file these as bugs?


cheers,
-- 
Sebastian Castro
DNS Specialist
.nz Registry Services (New Zealand Domain Name Registry Limited)
desk: +64 4 495 2337
mobile: +64 21 400535



More information about the Opendnssec-user mailing list