[Opendnssec-user] signer doesn't like DNAMES?

Matthijs Mekking matthijs at NLnetLabs.nl
Thu Aug 26 14:31:40 UTC 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Sebastian,

Yes, it already goes wrong at the SOA record: It does not like that
there is an immediate linebreak after the refresh (300) and concatenates
it to the expire (604800).

It should be fixed in trunk r3809.

Thanks for catching this bug in OpenDNSSEC and LDNS!

Matthijs

On 08/26/2010 04:51 AM, Sebastian Castro wrote:
> Hi:
> 
> I updated my OpenDNSSEC testbed to the latest trunk version yesterday
> and it seems the signer doesn't like DNAME records and the handling of
> records in multiple lines is too strict.
> 
> It's now spitting out this messages:
> 
> Aug 26 14:17:48 srsov-sebastian1 opendnssec: read zone nz from file
> nz.unsorted
> Aug 26 14:17:48 srsov-sebastian1 opendnssec: open file: dir (null) file
> nz.unsorted for reading
> Aug 26 14:17:48 srsov-sebastian1 opendnssec: error parsing RR at line 3
> (Syntax error, value expected): @   IN SOA   loopback.dns.net.nz.
> soa.nzrs.net.nz. 2010070600 900 300604800 3600
> Aug 26 14:17:48 srsov-sebastian1 opendnssec: error reading RR at line
> 134 (Syntax error, value expected): xn--mori-qsa.nz. 86400 IN DNAME
> maori.nz.
> Aug 26 14:17:48 srsov-sebastian1 opendnssec: error reading zone nz from
> file nz.unsorted
> Aug 26 14:17:48 srsov-sebastian1 opendnssec: task [read zone nz] failed
> 
> The SOA record looks like
> 
> @   IN SOA loopback.dns.net.nz. soa.nzrs.net.nz. ( 2010070600 900 300
> 604800 3600 )
> 
> You can tell from the log message above the parser fails to separate in
> this case the refresh (300) from the expire (604800) because there is a
> newline in the middle, finally aborting the parsing of the record.
> 
> The DNAME record looks just like in the logline and the previous version
> of OpenDNSSEC signed it happily.
> 
> 
> Should I file these as bugs?
> 
> 
> cheers,
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJMdnrLAAoJEA8yVCPsQCW545YH/2UIr8gWole6dTrmXpVIO+3W
6Kv6v40nI6z014A/ayIZr1uYA3aK+95IB2b2fVPgakUNl9wbf069/YGe0v8G5Cy9
by/k/UrEBmQ81v9XkRVSLiPJy+6zbfWa3ZqtrX5k6kuv6Sc6qewOM3ZffkK+n6jk
hcqdb2FV7sb4npbSuVrT0m2XqRTC7LrtTGABSc7fl2BLxrMS4vYP1NLdaEwXiPyG
ZhkvmMeGgQhwluJK94ioji6Gu54CGF9+bVEvAl8GgCTHLv/SJb22K4kEForPQv17
pRqycnDkrRtzfi6Htexh+dJzwZRT2hf+O+eUT2QEOJ1hfwsu8rRfCT7pvbj6V9s=
=BTAu
-----END PGP SIGNATURE-----

More information about the Opendnssec-user mailing list