| Commit message (Collapse) | Author | Age |
| |
|
|
|
|
|
| |
This reverts commit 8d554356ee9f9770f9f4b220e9c6bb72132c89cb.
Debian Policy is at 4.6.2.
|
|
|
|
| |
Gbp-Dch: ignore
|
| |
|
|
|
|
| |
Gbp-Dch: Ignore
|
|\
| |
| |
| | |
Update to upstream version '3.0.0+ds'
with Debian dir 2b13be2d8f7da300e646c80cf679e938fb037f62
|
| |\ |
|
| | |\
| | | |
| | | | |
Merge develop into master (zonemaster-ldns)
|
| | | |\ |
|
| | | | |\
| | | | | |
| | | | | | |
Updates for release v2022.2 (Zonemaster-LDNS)
|
| | | | |/ |
|
| | | | |\
| | | | | |
| | | | | | |
use internal LDNS for docker image
|
| | | | |/ |
|
| | | | |\
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fix build
Discovered while building on CentOS 7.
|
| | | | |/ |
|
| | | | |\
| | | | | |
| | | | | | |
Corrects the license statement in LDNS.pm
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | |\ \
| | | | | |/
| | | | |/| |
Fix unsafe string manipulations in XS code
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Instantiation of a malformed CAA resource record is a guaranteed croak
if and only if the Perl in use is compiled with support for interpreter
threads (-DUSE_ITHREADS). If not, it won’t. So the unit test is modified
to try to convert the bad CAA record back to presentation form, so that
it does become a guaranteed croak.
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fix two instances of unsafe C string manipulations, vulnerable to null
pointer dereferences and out-of-bounds accesses in edge cases.
This was observed as segfaults in zonemaster-cli when attempting to
process the following malformed resource record:
bad-caa.example. IN CAA \# 4 C0000202
Zonemaster::LDNS::RR and Zonemaster::LDNS::Packet objects can be
converted to a string (i.e. presentation format) with the string()
method. Doing so triggers a call to the ldns_rr2str() and ldns_pkt2str()
C functions respectively.
However, when given some classes of malformed packets, ldns’s functions
fail by returning NULL instead of a valid C string. Normally, these
strings end with a newline, which is removed in the XS code before
returning the result. But the removal of that newline character is
attempted without checking for NULL pointers or empty strings.
With this commit, Zonemaster::LDNS::RR->new() will now croak when given
the aforementioned malformed resource record, and so will
Zonemaster::LDNS::Packet->string() if it contains such a resource
record.
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Add a unit test in packet.t and another one in rr.t to reproduce the
segfaults I observed.
See also issue #149.
|
| | | | |\ \
| | | | | | |
| | | | | | |
| | | | | | | |
Automatically reconfigure internal libldns on "ldns/Changelog" updates
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
The file would be installed, and ease libldns review.
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Use prerequisites to check for submodule existence and rebuild it on
change (based on Changelog file updates).
|
| | | | |\ \ \
| | | | | |/ /
| | | | |/| |
| | | | | | | |
Add support for NSID option + update internal LDNS to 1.8.3
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
* internal LDNS is 1.8.3 so it supports NSID
* external LDNS is unknown, a check is needed
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | | |
|
| | | | |\ \ \
| | | | | |/ /
| | | | |/| | |
Improve access to text data in TXT and SPF resource records
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
SPF resource records are, in essence, TXT resource records with a
different type identifier. The only real difference between SPF and TXT
resource records lies in their uses: TXT is more generic, where SPF was
meant for publishing Sender Policy Framework policies before being
deprecated.
The Zonemaster::LDNS::RR::SPF module suffered from the same problem as
its TXT counterpart, i.e. the spfdata() method only returns the first
string, in presentation format.
For parsing actual SPF policies, however, the behavior of the spfdata()
method is both not very useful as well as incorrect: RFC 7208 states
that the SPF policy is the concatenation of *all* strings in a single
TXT (or SPF) resource record.
So like with the txtdata() method in the TXT package, we entirely
replace the spfdata() method with a correct and pure-Perl
variant.
|
| | | | |/ /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
So far, there has been no real elegant way of accessing the data in DNS
TXT records.
The only existing method, txtdata(), is implemented in XS code and has
several issues. Firstly, it only returns the first string of the TXT
record. Secondly, it returns that string in presentation format, that
is, it returns a string which itself has surrounding quotes and
contains decimal escapes for non-printable characters.
This incorrect implementation is replaced with one in pure
Perl. Normally, the only correct abstraction for TXT resource records is
a list of strings. But for some use cases, such as SPF, DKIM and DMARC,
the TXT record data ought to be treated as a single long string, which
is the concatenation of all the strings in the TXT resource record data,
without adding any spaces between consecutive strings.
To my knowledge, there is no need to access the actual list of strings
in the resource record data. This function could easily be made
context-sensitive (e.g. by returning the list of strings in list
context) if need be.
This commit is also an excellent opportunity to rewrite the unit test
for TXT resource records. The previous version needed Internet
connectivity, but this new version can be run offline.
|
| | | | |\ \
| | | | | | |
| | | | | | |
| | | | | | | |
URL fragments referring to internal headings in lowercase
|
| | | |_|/ /
| | |/| | | |
|
| | | | |\ \
| | | | | |/
| | | | |/|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Options to build with Libidn and LDNS in uncommon locations
* `--debug`: more verbose output
* `--libidn-inc`, `--libidn-lib`: where to look for Libidn files
* `--ldns-inc`, `--ldns-lib`: where to look for LDNS files
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Allow passing distinct LDNS and Libidn paths for include and library
files when configuring Zonemaster-LDNS.
|
| | | | |/ |
|
| | | | |\
| | | |_|/
| | |/| | |
Merge master to develop (Zonemaster-LDNS)
|
| | |/ / |
|
| | | | |
|
| | | | |
|
| | | | |
|