[dnssec-tools/f18] new patch
Wes Hardaker
hardaker at fedoraproject.org
Thu Apr 18 19:44:18 UTC 2013
commit 9c83d49793deedaf1b7de5fea2afa2771f8d767b
Author: Wes Hardaker <opensource at hardakers.net>
Date: Thu Apr 18 12:27:28 2013 -0700
new patch
dnssec-tools-zonefile-fast-nsec3-1.20.patch | 206 +++++++++++++++++++++++++++
1 files changed, 206 insertions(+), 0 deletions(-)
---
diff --git a/dnssec-tools-zonefile-fast-nsec3-1.20.patch b/dnssec-tools-zonefile-fast-nsec3-1.20.patch
new file mode 100644
index 0000000..9a2f8cb
--- /dev/null
+++ b/dnssec-tools-zonefile-fast-nsec3-1.20.patch
@@ -0,0 +1,206 @@
+diff --git a/dnssec-tools/tools/modules/ZoneFile-Fast/Fast.pm b/dnssec-tools/tools/modules/ZoneFile-Fast/Fast.pm
+index 268538c..0c931a2 100644
+--- a/dnssec-tools/tools/modules/ZoneFile-Fast/Fast.pm
++++ b/dnssec-tools/tools/modules/ZoneFile-Fast/Fast.pm
+@@ -32,6 +32,35 @@
+ # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++# ----------------------------------------------------------------------------
++# Copyright (c) 2013-2013 PARSONS, Inc.
++# All rights reserved.
++#
++# Redistribution and use in source and binary forms, with or without
++# modification, are permitted provided that the following conditions are met:
++#
++# * Redistributions of source code must retain the above copyright notice,
++# this list of conditions and the following disclaimer.
++#
++# * Redistributions in binary form must reproduce the above copyright
++# notice, this list of conditions and the following disclaimer in the
++# documentation and/or other materials provided with the distribution.
++#
++# * Neither the name of SPARTA, Inc nor the names of its contributors may
++# be used to endorse or promote products derived from this software
++# without specific prior written permission.
++#
++# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS
++# IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
++# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
++# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR
++# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
++# EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
++# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
++# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
++# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
++# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
++# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ #
+ # $Id$
+ #
+@@ -46,7 +75,7 @@ use Net::DNS;
+ use Net::DNS::RR;
+ use MIME::Base64;
+
+-$VERSION = '1.19';
++$VERSION = '1.20';
+
+ my $MAXIMUM_TTL = 0x7fffffff;
+
+@@ -78,6 +107,7 @@ my $sshfp;
+ my $key;
+ my $dnskey;
+ my $ds;
++my $nsec3;
+ my $tlsa;
+ my $on_error;
+ my $quiet;
+@@ -953,14 +983,38 @@ sub parse_line
+ } elsif (/\G(nsec3)[ \t]+/igc) {
+ error ("You are missing required modules for NSEC3 support")
+ if (!$nsec3capable);
+- if (/\G\s*(\d+)\s+(\d+)\s+(\d+)\s+([-0-9A-Fa-f]+)\s+($pat_maybefullname)\s+(.*?)$pat_skip$/gc) {
++ if (/\G\s*(\d+)\s+(\d+)\s+(\d+)\s+([-0-9A-Fa-f]+)\s+($pat_maybefullname)\s+(.*?)$pat_skip$/gc) {
++ # XXX: set the typebm field ourselves?
++ my ($alg, $flags, $iters, $salt, $nxthash, $typelist) =
++ ($1, $2, $3, $4, $5, $6);
++ $typelist = join(" ",sort split(/\s+/,$typelist));
++ my $binhash = MIME::Base32::decode(uc($nxthash));
++ push @zone,
++ {
++ Line => $ln,
++ name => $domain,
++ class => "IN",
++ ttl => $ttl,
++ type => "NSEC3",
++ hashalgo => $alg,
++ flags => $flags,
++ iterations => $iters,
++ hnxtname => $nxthash,
++ hnxtnamebin => $binhash,
++ hashlength => length($binhash),
++ salt => $salt,
++ saltbin => pack("H*",$salt),
++ saltlength => int(length($salt)/2),
++ typelist => $typelist,
++ typebm =>
++ Net::DNS::RR::NSEC::_typearray2typebm(split(/\s+/,$typelist)),
++ };
++# multi-line
++ } elsif (/\G\s*(\d+)\s+(\d+)\s+(\d+)\s+([-0-9A-Fa-f]+)\s+\(/gc) {
+ # XXX: set the typebm field ourselves?
+- my ($alg, $flags, $iters, $salt, $nxthash, $typelist) =
+- ($1, $2, $3, $4, $5, $6);
+- $typelist = join(" ",sort split(/\s+/,$typelist));
+- my $binhash = MIME::Base32::decode(uc($nxthash));
+- push @zone,
+- {
++ my ($alg, $flags, $iters, $salt) =
++ ($1, $2, $3, $4);
++ $nsec3 = {
+ Line => $ln,
+ name => $domain,
+ class => "IN",
+@@ -969,16 +1023,11 @@ sub parse_line
+ hashalgo => $alg,
+ flags => $flags,
+ iterations => $iters,
+- hnxtname => $nxthash,
+- hnxtnamebin => $binhash,
+- hashlength => length($binhash),
+ salt => $salt,
+ saltbin => pack("H*",$salt),
+ saltlength => int(length($salt)/2),
+- typelist => $typelist,
+- typebm =>
+- Net::DNS::RR::NSEC::_typearray2typebm(split(/\s+/,$typelist)),
+- };
++ };
++ $parse = \&parse_nsec3;
+ } else {
+ error("bad NSEC data");
+ }
+@@ -1283,6 +1332,31 @@ sub parse_tlsa
+ }
+ }
+
++sub parse_nsec3
++ {
++ #got more data
++ if ( /\G\s*((\w+\s+)+)\)\s*$/) {
++ my $typelist = $1;
++ $typelist = join(" ",sort split(/\s+/,$typelist));
++ $nsec3->{ 'typelist' } = $typelist;
++ $nsec3->{ 'typebm' } =
++ Net::DNS::RR::NSEC::_typearray2typebm(split(/\s+/,$typelist));
++ push @zone, $nsec3;
++ # we're done
++ $parse = \&parse_line;
++ $nsec3 = undef;
++ } elsif ( /\G\s*([A-Z0-9]{32})\s*$/gc) {
++ my $nxthash = $1;
++ my $binhash = MIME::Base32::decode(uc($nxthash));
++ $nsec3->{ 'hnxtname' } = $nxthash;
++ $nsec3->{ 'hnxtnamebin' } = $binhash;
++ $nsec3->{ 'hashlength' } = length( $binhash );
++ } elsif ( /\G\s+$/gc ) { # Empty line
++ } else {
++ error( "bad NSEC3 continuation lines ($_)" );
++ }
++ }
++
+ sub parse_soa_number
+ {
+ error("parse_soa_number: internal error, no \$soa") unless $soa;
+@@ -1582,7 +1656,36 @@ Copyright 2003 by Anton Berezin and catpipe Systems ApS
+
+ Anton Berezin
+
+-Copyright (c) 2004-2013 SPARTA, Inc.
++Copyright (c) 2004-2011 SPARTA, Inc.
++ All rights reserved.
++
++ Redistribution and use in source and binary forms, with or without
++ modification, are permitted provided that the following conditions are met:
++
++ * Redistributions of source code must retain the above copyright notice,
++ this list of conditions and the following disclaimer.
++
++ * Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++
++ * Neither the name of SPARTA, Inc nor the names of its contributors may
++ be used to endorse or promote products derived from this software
++ without specific prior written permission.
++
++ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS
++ IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
++ THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
++ PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR
++ CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
++ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
++ PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
++ OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
++ WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
++ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
++ ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++Copyright (c) 2013-2013 PARSONS, Inc.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+diff --git a/dnssec-tools/tools/modules/ZoneFile-Fast/t/rr-dnssec.t b/dnssec-tools/tools/modules/ZoneFile-Fast/t/rr-dnssec.t
+index 8bbe036..ef050de 100644
+--- a/dnssec-tools/tools/modules/ZoneFile-Fast/t/rr-dnssec.t
++++ b/dnssec-tools/tools/modules/ZoneFile-Fast/t/rr-dnssec.t
+@@ -31,6 +31,9 @@ BEGIN {
+ q{nospace.dnssec-tools.org. 86400 RRSIG SOA 5 2 86400 20060429134027 20060330134027 42869 dnssec-tools.org. QZzAz5sVC5+n7vJhkXfFaN/sdjKXVpT/nv22 NJI+sDde180Sj1pDXW6mFt+Efg4uUAuyLQup jLv20EVM8/oBPA7DjNu2CZHGe8UDeuAoqIth Q/79Ltw4NtP7W1zWAs/ms/oSKiKYrAUHqt0U UskiXkCA1GKn6RNqVT4+IuSUgALLYSMLjlaA 2kE/KaffqeGnynIO2AC5BMFzUlxCSMDSxus3 bJm2xAIxMiUYomw9XfbGfrkCtfIrH+H/LVG/ X2K/kKxjcFcQhkukMUxjzzmAP3xJHq6vgwVM tpm/qaR0g5jH5B46iJefGYzwcMAyexbLOQEW uv1Xs6i/lBwQo9T7xw= },
+ q{dnssec-tools.org. 10800 NSEC cvs.dnssec-tools.org A DNSKEY MX NS NSEC RRSIG SOA TXT},
+ q{THA2IPMDLT9RU307BO9LQ6MF5K565A6M.example.com. 10800 IN NSEC3 1 0 100 610b88f0d9f42c74 QIVB7DNNE2T5J9HLI4FRE9PN61F754CK A RRSIG},
++ q{THA2IPMDLT9RU307BO9LQ6MF5K565A6M.example.com. 10800 IN NSEC3 1 0 100 610b88f0d9f42c74 (
++ QIVB7DNNE2T5J9HLI4FRE9PN61F754CK
++ A RRSIG )},
+
+ q{example.com 0 NSEC3PARAM 1 0 100 610b88f0d9f42c74},
+
More information about the scm-commits
mailing list