ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Check that named rejects excessive iterations via UPDATE

Browse Source
This commit is contained in:
Mark Andrews
2021-04-23 10:28:06 +10:00
parent 3fe75d9809
commit 4ce8437a6e
2 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
bin/tests/system/nsupdate/tests.sh
View File

@@ -310,6 +310,7 @@ then
{
$PERL update_test.pl -s 10.53.0.1 -p ${PORT} update.nil. || ret=1
} | cat_i
grep "updating zone 'update.nil/IN': too many NSEC3 iterations (151)" ns1/named.run > /dev/null || ret=1
[ $ret -eq 1 ] && { echo_i "failed"; status=1; }
else
echo_i "The second part of this test requires the Net::DNS library." >&2
@@ -1219,7 +1220,7 @@ server 10.53.0.3 ${PORT}
zone example
update add example 0 in NSEC3PARAM 1 0 151 -
END
grep "NSEC3PARAM has excessive iterations (> 150)" nsupdate.out-$n || ret=1
grep "NSEC3PARAM has excessive iterations (> 150)" nsupdate.out-$n >/dev/null || ret=1
[ $ret = 0 ] || { echo_i "failed"; status=1; }
if ! $FEATURETEST --gssapi ; then