diff --git a/CHANGES b/CHANGES index ba8eeab789..2c5e8a32d8 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +3424. [func] dnssec-dsfromkey now emits the hash without spaces. + [RT #31951] + 3423. [bug] "rndc signing -nsec3param" didn't accept the full range of possible values. Address portability issues. [RT #31938] diff --git a/bin/dnssec/dnssec-dsfromkey.c b/bin/dnssec/dnssec-dsfromkey.c index b7a867558b..bfedae830b 100644 --- a/bin/dnssec/dnssec-dsfromkey.c +++ b/bin/dnssec/dnssec-dsfromkey.c @@ -284,7 +284,9 @@ emit(unsigned int dtype, isc_boolean_t showall, char *lookaside, } } - result = dns_rdata_totext(&ds, (dns_name_t *) NULL, &textb); + result = dns_rdata_tofmttext(&ds, (dns_name_t *) NULL, 0, 0, 0, "", + &textb); + if (result != ISC_R_SUCCESS) fatal("can't print rdata"); diff --git a/bin/tests/system/dnssec/clean.sh b/bin/tests/system/dnssec/clean.sh index c7ae92b639..c4f0c08600 100644 --- a/bin/tests/system/dnssec/clean.sh +++ b/bin/tests/system/dnssec/clean.sh @@ -65,4 +65,4 @@ rm -f ns3/inline.example.db.signed rm -f ns3/lower.example.db ns3/upper.example.db ns3/upper.example.db.lower rm -f nosign.before rm -f signing.out* - +rm -f canonical?.* diff --git a/bin/tests/system/dnssec/tests.sh b/bin/tests/system/dnssec/tests.sh index c83b785929..6307d73fd8 100644 --- a/bin/tests/system/dnssec/tests.sh +++ b/bin/tests/system/dnssec/tests.sh @@ -1703,7 +1703,20 @@ echo "I:check dnssec-dsfromkey from stdin ($n)" ret=0 $DIG $DIGOPTS dnskey algroll. @10.53.0.2 | \ $DSFROMKEY -f - algroll. > dig.out.ns2.test$n || ret=1 -diff -b dig.out.ns2.test$n ns1/dsset-algroll. > /dev/null 2>&1 || ret=1 +NF=`awk '{print NF}' dig.out.ns2.test$n | sort -u` +[ "${NF}" = 7 ] || ret=1 +# make canonical +awk '{ + for (i=1;i<7;i++) printf("%s ", $i); + for (i=7;i<=NF;i++) printf("%s", $i); + printf("\n"); +}' < dig.out.ns2.test$n > canonical1.$n || ret=1 +awk '{ + for (i=1;i<7;i++) printf("%s ", $i); + for (i=7;i<=NF;i++) printf("%s", $i); + printf("\n"); +}' < ns1/dsset-algroll. > canonical2.$n || ret=1 +diff -b canonical1.$n canonical2.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret`