mirror of
https://github.com/isc-projects/bind9.git
synced 2026-04-15 22:09:31 -04:00
4637 broke old style command line with a salt of '-' [RT #45388]
This commit is contained in:
Mark Andrews
parent
d6b626e9a7
commit
94eff196e4
2 changed files with 84 additions and 44 deletions
|
|
@ -11,32 +11,12 @@ SYSTEMTESTTOP=..
|
|||
|
||||
status=0
|
||||
|
||||
checkhash() {
|
||||
name=$1
|
||||
hash=$2
|
||||
echo "I:checking nsec3hash $name"
|
||||
out=`$NSEC3HASH $salt $algo $iters $1`
|
||||
checkout() {
|
||||
case $? in
|
||||
0) : ok ;;
|
||||
*) echo "I:failed $cmd"
|
||||
*) echo "I:failed"
|
||||
status=`expr $status + 1`
|
||||
continue ;;
|
||||
esac
|
||||
case $out in
|
||||
*$hash*) : ok ;;
|
||||
*) echo "I:expect $hash"
|
||||
echo "I:output $out"
|
||||
echo "I:failed"
|
||||
status=`expr $status + 1` ;;
|
||||
esac
|
||||
|
||||
echo "I:checking nsec3hash -r $name"
|
||||
out=`$NSEC3HASH -r $algo $flags $iters $salt $name`
|
||||
case $? in
|
||||
0) : ok ;;
|
||||
*) echo "I:failed $cmd"
|
||||
status=`expr $status + 1`
|
||||
continue ;;
|
||||
return 1 ;;
|
||||
esac
|
||||
case $out in
|
||||
*$hash*) : ok ;;
|
||||
|
|
@ -49,21 +29,72 @@ checkhash() {
|
|||
|
||||
# test cases taken from RFC 5155 appendix A
|
||||
algo=1 flags=0 iters=12 salt="aabbccdd"
|
||||
for testcase in \
|
||||
"*.w.example R53BQ7CC2UVMUBFU5OCMM6PERS9TK9EN" \
|
||||
"2t7b4g4vsa5smi47k61mv5bv1a22bojr.example KOHAR7MBB8DC2CE8A9QVL8HON4K53UHI" \
|
||||
"a.example 35MTHGPGCU1QG68FAB165KLNSNK3DPVL" \
|
||||
"ai.example GJEQE526PLBF1G8MKLP59ENFD789NJGI" \
|
||||
"example 0P9MHAVEQVM6T7VBL5LOP2U3T2RP3TOM" \
|
||||
"ns1.example 2T7B4G4VSA5SMI47K61MV5BV1A22BOJR" \
|
||||
"ns2.example Q04JKCEVQVMU85R014C7DKBA38O0JI5R" \
|
||||
"w.example K8UDEMVP1J2F7EG6JEBPS17VP3N8I58H" \
|
||||
"x.w.example B4UM86EGHHDS6NEA196SMVMLO4ORS995" \
|
||||
"x.y.w.example 2VPTU5TIMAMQTTGL4LUU9KG21E0AOR3S" \
|
||||
"xx.example T644EBQK9BIBCNA874GIVR6JOJ62MLHV" \
|
||||
"y.w.example JI6NEOAEPV8B5O6K4EV33ABHA8HT9FGC"; do
|
||||
checkhash $testcase
|
||||
done
|
||||
while read name hash
|
||||
do
|
||||
echo "I:checking $NSEC3HASH $name"
|
||||
out=`$NSEC3HASH $salt $algo $iters $name`
|
||||
checkout
|
||||
|
||||
echo "I:checking $NSEC3HASH -r $name"
|
||||
out=`$NSEC3HASH -r $algo $flags $iters $salt $name`
|
||||
checkout
|
||||
|
||||
done <<EOF
|
||||
*.w.example R53BQ7CC2UVMUBFU5OCMM6PERS9TK9EN
|
||||
2t7b4g4vsa5smi47k61mv5bv1a22bojr.example KOHAR7MBB8DC2CE8A9QVL8HON4K53UHI
|
||||
a.example 35MTHGPGCU1QG68FAB165KLNSNK3DPVL
|
||||
ai.example GJEQE526PLBF1G8MKLP59ENFD789NJGI
|
||||
example 0P9MHAVEQVM6T7VBL5LOP2U3T2RP3TOM
|
||||
ns1.example 2T7B4G4VSA5SMI47K61MV5BV1A22BOJR
|
||||
ns2.example Q04JKCEVQVMU85R014C7DKBA38O0JI5R
|
||||
w.example K8UDEMVP1J2F7EG6JEBPS17VP3N8I58H
|
||||
x.w.example B4UM86EGHHDS6NEA196SMVMLO4ORS995
|
||||
x.y.w.example 2VPTU5TIMAMQTTGL4LUU9KG21E0AOR3S
|
||||
xx.example T644EBQK9BIBCNA874GIVR6JOJ62MLHV
|
||||
y.w.example JI6NEOAEPV8B5O6K4EV33ABHA8HT9FGC
|
||||
EOF
|
||||
|
||||
# test empty salt
|
||||
checkempty() {
|
||||
hash=CK0POJMG874LJREF7EFN8430QVIT8BSM checkout &&
|
||||
hash=- checkout
|
||||
}
|
||||
name=com algo=1 flags=1 iters=0
|
||||
echo "I:checking $NSEC3HASH '' $name"
|
||||
out=`$NSEC3HASH '' $algo $iters $name`
|
||||
checkempty
|
||||
echo "I:checking $NSEC3HASH - $name"
|
||||
out=`$NSEC3HASH - $algo $iters $name`
|
||||
checkempty
|
||||
echo "I:checking $NSEC3HASH -- '' $name"
|
||||
out=`$NSEC3HASH -- '' $algo $iters $name`
|
||||
checkempty
|
||||
echo "I:checking $NSEC3HASH -- - $name"
|
||||
out=`$NSEC3HASH -- - $algo $iters $name`
|
||||
checkempty
|
||||
echo "I:checking $NSEC3HASH -r '' $name"
|
||||
out=`$NSEC3HASH -r $algo $flags $iters '' $name`
|
||||
checkempty
|
||||
echo "I:checking $NSEC3HASH -r - $name"
|
||||
out=`$NSEC3HASH -r $algo $flags $iters - $name`
|
||||
checkempty
|
||||
|
||||
checkfail() {
|
||||
case $? in
|
||||
0) echo "I:failed to fail"
|
||||
status=`expr $status + 1`
|
||||
return 1 ;;
|
||||
esac
|
||||
}
|
||||
echo "I:checking $NSEC3HASH missing args"
|
||||
out=`$NSEC3HASH 00 1 0 2>&1`
|
||||
checkfail
|
||||
echo "I:checking $NSEC3HASH extra args"
|
||||
out=`$NSEC3HASH 00 1 0 two names 2>&1`
|
||||
checkfail
|
||||
echo "I:checking $NSEC3HASH bad option"
|
||||
out=`$NSEC3HASH -? 2>&1`
|
||||
checkfail
|
||||
|
||||
echo "I:exit status: $status"
|
||||
[ $status -eq 0 ] || exit 1
|
||||
|
|
|
|||
|
|
@ -61,11 +61,12 @@ usage() {
|
|||
}
|
||||
|
||||
typedef void nsec3printer(unsigned algo, unsigned flags, unsigned iters,
|
||||
char *saltstr, char *domain, char *digest);
|
||||
const char *saltstr, const char *domain,
|
||||
const char *digest);
|
||||
|
||||
static void
|
||||
nsec3hash(nsec3printer *nsec3print, char *algostr, char *flagstr,
|
||||
char *iterstr, char *saltstr, char *domain)
|
||||
const char *iterstr, const char *saltstr, const char *domain)
|
||||
{
|
||||
dns_fixedname_t fixed;
|
||||
dns_name_t *name;
|
||||
|
|
@ -80,6 +81,7 @@ nsec3hash(nsec3printer *nsec3print, char *algostr, char *flagstr,
|
|||
unsigned int length;
|
||||
unsigned int iterations;
|
||||
unsigned int salt_length;
|
||||
const char dash[] = "-";
|
||||
|
||||
if (strcmp(saltstr, "-") == 0) {
|
||||
salt_length = 0;
|
||||
|
|
@ -91,6 +93,8 @@ nsec3hash(nsec3printer *nsec3print, char *algostr, char *flagstr,
|
|||
salt_length = isc_buffer_usedlength(&buffer);
|
||||
if (salt_length > DNS_NSEC3_SALTSIZE)
|
||||
fatal("salt too long");
|
||||
if (salt_length == 0)
|
||||
saltstr = dash;
|
||||
}
|
||||
hash_alg = atoi(algostr);
|
||||
if (hash_alg > 255U)
|
||||
|
|
@ -104,7 +108,7 @@ nsec3hash(nsec3printer *nsec3print, char *algostr, char *flagstr,
|
|||
|
||||
dns_fixedname_init(&fixed);
|
||||
name = dns_fixedname_name(&fixed);
|
||||
isc_buffer_init(&buffer, domain, strlen(domain));
|
||||
isc_buffer_constinit(&buffer, domain, strlen(domain));
|
||||
isc_buffer_add(&buffer, strlen(domain));
|
||||
result = dns_name_fromtext(name, &buffer, dns_rootname, 0, NULL);
|
||||
check_result(result, "dns_name_fromtext() failed");
|
||||
|
|
@ -125,7 +129,7 @@ nsec3hash(nsec3printer *nsec3print, char *algostr, char *flagstr,
|
|||
|
||||
static void
|
||||
nsec3hash_print(unsigned algo, unsigned flags, unsigned iters,
|
||||
char *saltstr, char *domain, char *digest)
|
||||
const char *saltstr, const char *domain, const char *digest)
|
||||
{
|
||||
UNUSED(flags);
|
||||
UNUSED(domain);
|
||||
|
|
@ -136,7 +140,8 @@ nsec3hash_print(unsigned algo, unsigned flags, unsigned iters,
|
|||
|
||||
static void
|
||||
nsec3hash_rdata_print(unsigned algo, unsigned flags, unsigned iters,
|
||||
char *saltstr, char *domain, char *digest)
|
||||
const char *saltstr, const char *domain,
|
||||
const char *digest)
|
||||
{
|
||||
fprintf(stdout, "%s NSEC3 %u %u %u %s %s\n",
|
||||
domain, algo, flags, iters, saltstr, digest);
|
||||
|
|
@ -147,16 +152,20 @@ main(int argc, char *argv[]) {
|
|||
isc_boolean_t rdata_format = ISC_FALSE;
|
||||
int ch;
|
||||
|
||||
while ((ch = isc_commandline_parse(argc, argv, "r")) != -1) {
|
||||
while ((ch = isc_commandline_parse(argc, argv, "-r")) != -1) {
|
||||
switch (ch) {
|
||||
case 'r':
|
||||
rdata_format = ISC_TRUE;
|
||||
break;
|
||||
case '-':
|
||||
isc_commandline_index -= 1;
|
||||
goto skip;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
skip:
|
||||
argc -= isc_commandline_index;
|
||||
argv += isc_commandline_index;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue