il y a 14 ans · 75cd27c3b2
--- a/src/lib/dns/rdata/generic/nsec3_50.cc
+++ b/src/lib/dns/rdata/generic/nsec3_50.cc
@@ -92,7 +92,9 @@ NSEC3::NSEC3(const string& nsec3_str) :
 
				     }
			
 
				 
			
 
				     vector<uint8_t> salt;
			
 
				-    decodeHex(salthex, salt);
			
 
				+    if (salthex != "-") {       // "-" means an 0-length salt
			
 
				+        decodeHex(salthex, salt);
			
 
				+    }
			
 
				 
			
 
				     vector<uint8_t> next;
			
 
				     decodeBase32Hex(nexthash, next);
			
@@ -154,8 +156,10 @@ NSEC3::NSEC3(InputBuffer& buffer, size_t rdata_len) {
 
				     }
			
 
				 
			
 
				     vector<uint8_t> salt(saltlen);
			
 
				-    buffer.readData(&salt[0], saltlen);
			
 
				-    rdata_len -= saltlen;
			
 
				+    if (saltlen > 0) {
			
 
				+        buffer.readData(&salt[0], saltlen);
			
 
				+        rdata_len -= saltlen;
			
 
				+    }
			
 
				 
			
 
				     const uint8_t nextlen = buffer.readUint8();
			
 
				     --rdata_len;
			
--- a/src/lib/dns/tests/rdata_nsec3_unittest.cc
+++ b/src/lib/dns/tests/rdata_nsec3_unittest.cc
@@ -56,6 +56,10 @@ TEST_F(Rdata_NSEC3_Test, fromText) {
 
				     EXPECT_NO_THROW(generic::NSEC3("255 255 65535 D399EAAB "
			
 
				                                    "H9RSFB7FPF2L8HG35CMPC765TDK23RP6 "
			
 
				                                    "NS SOA RRSIG DNSKEY NSEC3PARAM"));
			
 
				+
			
 
				+    // 0-length salt
			
 
				+    EXPECT_EQ(0, generic::NSEC3("1 1 1 - H9RSFB7FPF2L8HG35CMPC765TDK23RP6 "
			
 
				+                                "A").getSalt().size());
			
 
				 }
			
 
				 
			
 
				 TEST_F(Rdata_NSEC3_Test, toText) {
			
@@ -95,6 +99,7 @@ TEST_F(Rdata_NSEC3_Test, badText) {
 
				 }
			
 
				 
			
 
				 TEST_F(Rdata_NSEC3_Test, createFromWire) {
			
 
				+    // Normal case
			
 
				     const generic::NSEC3 rdata_nsec3(nsec3_txt);
			
 
				     EXPECT_EQ(0, rdata_nsec3.compare(
			
 
				                   *rdataFactoryFromFile(RRType::NSEC3(), RRClass::IN(),
			
@@ -137,6 +142,12 @@ TEST_F(Rdata_NSEC3_Test, createFromWire) {
 
				                                       "rdata_nsec3_fromWire11.wire"),
			
 
				                  DNSMessageFORMERR);
			
 
				 
			
 
				+    // empty salt.  unusual, but valid.
			
 
				+    ConstRdataPtr rdata =
			
 
				+        rdataFactoryFromFile(RRType::NSEC3(), RRClass::IN(),
			
 
				+                             "rdata_nsec3_fromWire13.wire");
			
 
				+    EXPECT_EQ(0, dynamic_cast<const generic::NSEC3&>(*rdata).getSalt().size());
			
 
				+
			
 
				     // hash length is too large
			
 
				     EXPECT_THROW(rdataFactoryFromFile(RRType::NSEC3(), RRClass::IN(),
			
 
				                                       "rdata_nsec3_fromWire12.wire"),
			
--- a/src/lib/dns/tests/testdata/Makefile.am
+++ b/src/lib/dns/tests/testdata/Makefile.am
@@ -13,7 +13,7 @@ BUILT_SOURCES += rdata_nsec3_fromWire4.wire rdata_nsec3_fromWire5.wire
 
				 BUILT_SOURCES += rdata_nsec3_fromWire6.wire rdata_nsec3_fromWire7.wire
			
 
				 BUILT_SOURCES += rdata_nsec3_fromWire8.wire rdata_nsec3_fromWire9.wire
			
 
				 BUILT_SOURCES += rdata_nsec3_fromWire10.wire rdata_nsec3_fromWire11.wire
			
 
				-BUILT_SOURCES += rdata_nsec3_fromWire12.wire
			
 
				+BUILT_SOURCES += rdata_nsec3_fromWire12.wire rdata_nsec3_fromWire13.wire
			
 
				 BUILT_SOURCES += rdata_rrsig_fromWire2.wire
			
 
				 BUILT_SOURCES += rdata_soa_toWireUncompressed.wire
			
 
				 BUILT_SOURCES += rdata_txt_fromWire2.wire rdata_txt_fromWire3.wire
			
@@ -61,7 +61,7 @@ EXTRA_DIST += rdata_nsec3_fromWire4.spec rdata_nsec3_fromWire5.spec
 
				 EXTRA_DIST += rdata_nsec3_fromWire6.spec rdata_nsec3_fromWire7.spec
			
 
				 EXTRA_DIST += rdata_nsec3_fromWire8.spec rdata_nsec3_fromWire9.spec
			
 
				 EXTRA_DIST += rdata_nsec3_fromWire10.spec rdata_nsec3_fromWire11.spec
			
 
				-EXTRA_DIST += rdata_nsec3_fromWire12.spec
			
 
				+EXTRA_DIST += rdata_nsec3_fromWire12.spec rdata_nsec3_fromWire13.spec
			
 
				 EXTRA_DIST += rdata_opt_fromWire rdata_rrsig_fromWire1
			
 
				 EXTRA_DIST += rdata_rrsig_fromWire2.spec
			
 
				 EXTRA_DIST += rdata_soa_fromWire rdata_soa_toWireUncompressed.spec
			
--- a/src/lib/dns/tests/testdata/gen-wiredata.py.in
+++ b/src/lib/dns/tests/testdata/gen-wiredata.py.in
@@ -357,7 +357,9 @@ class NSEC3(NSECBASE):
 
				         f.write('%02x %02x %04x\n' %
			
 
				                 (self.hashalg, (self.mbz << 1) | optout_val, self.iterations))
			
 
				         f.write("# Salt Len=%d, Salt='%s'\n" % (self.saltlen, self.salt))
			
 
				-        f.write('%02x %s\n' % (self.saltlen, encode_string(self.salt)))
			
 
				+        f.write('%02x%s%s\n' % (self.saltlen,
			
 
				+                                ' ' if len(self.salt) > 0 else '',
			
 
				+                                encode_string(self.salt)))
			
 
				         f.write("# Hash Len=%d, Hash='%s'\n" % (self.hashlen, self.hash))
			
 
				         f.write('%02x %s\n' % (self.hashlen, encode_string(self.hash)))
			
 
				 
			
--- a/src/lib/dns/tests/testdata/rdata_nsec3_fromWire13.spec
+++ b/src/lib/dns/tests/testdata/rdata_nsec3_fromWire13.spec
@@ -0,0 +1,9 @@
 
				+#
			
 
				+# A valid (but unusual) NSEC3 RDATA: salt is empty.
			
 
				+#
			
 
				+
			
 
				+[custom]
			
 
				+sections: nsec3
			
 
				+[nsec3]
			
 
				+saltlen: 0
			
 
				+salt: ''