Report information
The Basics
Id:
36980
Status:
resolved
Priority:
Medium/Medium
Queue:
bind9-public
People
Owner:
Nobody in particular
Requestors:
<jreed@isc.org>
Cc:
AdminCc:
BugTracker
Version Fixed:
9.10.1, 9.11.0
Version Found:
(no value)
Versions Affected:
(no value)
Versions Planned:
(no value)
Priority:
(no value)
Severity:
S2 Normal
CVSS Score:
(no value)
CVE ID:
(no value)
Component:
(no value)
Area:
test
Dates
Created:Tue, 26 Aug 2014 17:03:39 -0400
Updated:Thu, 03 Aug 2017 21:48:11 -0400
Closed:Wed, 22 Oct 2014 01:51:54 -0400

This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

History
  Tue, 26 Aug 2014 17:03:39 -0400 <jreed@isc.org> - Ticket created
Subject: sit-secret type and configuration checking
Date: Tue, 26 Aug 2014 16:03:36 -0500 (CDT)
To: bind9-bugs@isc.org
From: "Jeremy C. Reed" <jreed@isc.org>

named-checkconf doesn't complain about sit-secret "zyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcbazyxwvutsrqponmlkjihgfedcba"; But named will fail to start after does all configurations and after the "command channel listening". It fails with: 26-Aug-2014 13:45:04.123 load_configuration: bad hex encoding 26-Aug-2014 13:45:04.123 loading configuration: bad hex encoding 26-Aug-2014 13:45:04.123 exiting (due to fatal error) The ARM grammar says "secret_string" but that is not defined book-wide, but for key it is a base-64 encoded string. For this ticket: - document what it is restricted too. - have parser fail about it earlier and specifically say is about sit-secret (and so named-checkconf should complain too) - add test cases for sit-secret (I saw it wasn't tested so that is what I started to do but then noticed other issues)
Tue, 26 Aug 2014 17:58:08 -0400 Mark Andrews <marka@isc.org> - Taken
Tue, 26 Aug 2014 20:15:10 -0400 Mark Andrews <marka@isc.org> - Queue changed from #6 to #7
Tue, 26 Aug 2014 20:15:14 -0400 Mark Andrews <marka@isc.org> - Given to Nobody in particular
Thu, 28 Aug 2014 20:31:51 -0400 Mark Andrews <marka@isc.org> - Status changed from 'new' to 'open'
Fri, 29 Aug 2014 00:20:53 -0400 Evan Hunt <Evan_Hunt@isc.org> - Given to Mark Andrews <marka@isc.org>
Fri, 29 Aug 2014 00:39:06 -0400 Mark Andrews <marka@isc.org> - Version Fixed 9.10.1,9.11.0 added
Fri, 29 Aug 2014 00:39:07 -0400 Mark Andrews <marka@isc.org> - Queue changed from #7 to #30
Fri, 29 Aug 2014 00:39:07 -0400 Mark Andrews <marka@isc.org> - Given to Nobody in particular
Wed, 22 Oct 2014 01:51:54 -0400 Evan Hunt <Evan_Hunt@isc.org> - Status changed from 'open' to 'resolved'
Tue, 02 Aug 2016 17:47:10 -0400 Vicky Risk <vicky@isc.org> - Severity S2 Normal added
Tue, 02 Aug 2016 17:47:10 -0400 Vicky Risk <vicky@isc.org> - Area test added
Wed, 21 Jun 2017 14:36:04 -0400 Brian Conry <bconry@isc.org> - Queue changed from #30 to #6
Mon, 26 Jun 2017 17:11:30 -0400 Vicky Risk <vicky@isc.org> - Queue changed from #6 to bind9-public
Thu, 03 Aug 2017 21:48:11 -0400 Mark Andrews <marka@isc.org> - Version Fixed 9.10.1,9.11.0 changed to 9.10.1, 9.11.0