Received: from mx.ams1.isc.org (mx.ams1.isc.org [199.6.1.65]) by bugs.isc.org (Postfix) with ESMTP id 8832D2D2004F for ; Tue, 26 Aug 2014 21:03:38 +0000 (UTC) Received: from c-0500.emailmediator.com (c-0500.emailmediator.com [64.85.162.118]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx.ams1.isc.org (Postfix) with ESMTPS id 88E731FCBC6 for ; Tue, 26 Aug 2014 21:03:36 +0000 (UTC) Received: from pool-71-170-88-63.dllstx.fios.verizon.net ([71.170.88.63] helo=reedmedia.net) by c-0500.emailmediator.com with esmtpa (Exim 4.69) (envelope-from ) id 1XMNtx-00022k-Bh for bind9-bugs@isc.org; Tue, 26 Aug 2014 17:03:37 -0400 Received: from reed@reedmedia.net by reedmedia.net with local (mailout 0.17) id 4538-1409087016; Tue, 26 Aug 2014 16:03:37 -0500 Delivered-To: bind9-bugs@bugs.isc.org MIME-Version: 1.0 User-Agent: Alpine 2.02 (NEB 1266 2009-07-14) Subject: sit-secret type and configuration checking X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS autolearn=ham autolearn_force=no version=3.4.0 Return-Path: X-Original-To: bind9-bugs@bugs.isc.org Date: Tue, 26 Aug 2014 16:03:36 -0500 (CDT) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mx.ams1.isc.org content-type: TEXT/PLAIN; charset="utf-8" Message-ID: To: bind9-bugs@isc.org X-X-Sender: reed@t1.m.reedmedia.net From: "Jeremy C. Reed" X-RT-Original-Encoding: US-ASCII Content-Length: 1047 named-checkconf doesn't complain about sit-secret "zyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcba"; But named will fail to start after does all configurations and after the "command channel listening". It fails with: 26-Aug-2014 13:45:04.123 load_configuration: bad hex encoding 26-Aug-2014 13:45:04.123 loading configuration: bad hex encoding 26-Aug-2014 13:45:04.123 exiting (due to fatal error) The ARM grammar says "secret_string" but that is not defined book-wide, but for key it is a base-64 encoded string. For this ticket: - document what it is restricted too. - have parser fail about it earlier and specifically say is about sit-secret (and so named-checkconf should complain too) - add test cases for sit-secret (I saw it wasn't tested so that is what I started to do but then noticed other issues)