Bug #46053 for bind9-public: Comment zone functions related to NSEC3 processing

Wed, 20 Sep 2017 06:46:48 -0400 Michał Kępień <michal@isc.org> - Ticket created

Subject:	Comment zone functions related to NSEC3 processing
From:	michal@isc.org
To:	bind9-public@isc.org
Date:	Wed, 20 Sep 2017 12:46:47 +0200

lib/dns/zone.c contains multiple functions related to NSEC3 processing: - dns_zone_addnsec3chain() - dns_zone_setnsec3param() - fixup_nsec3param() - resume_addnsec3chain() - setnsec3param() - zone_addnsec3chain() - zone_nsec3chain() The purpose of each of these functions and the relations between them are far from obvious for an untrained eye and thus they could use some comments.

Wed, 20 Sep 2017 06:49:34 -0400 Michał Kępień <michal@isc.org> - Correspondence added

Branch rt46053 adds comments to these functions and also contains a few minor tweaks which should not affect named's behavior. Please review. Feel free to tweak comments if you find them inaccurate.

Wed, 20 Sep 2017 06:49:35 -0400 Michał Kępień <michal@isc.org> - Status changed from 'open' to 'review'

Wed, 20 Sep 2017 06:49:35 -0400 Michał Kępień <michal@isc.org> - Untaken

Wed, 20 Sep 2017 21:56:07 -0400 Mark Andrews <marka@isc.org> - Correspondence added

On Wed Sep 20 00:49:34 2017, michal wrote: > Branch rt46053 adds comments to these functions and also contains a few > minor tweaks which should not affect named's behavior. Please review. > Feel free to tweak comments if you find them inaccurate. signatures should have been decremented in the while loop when the NSEC chain was being generated. I would revert the hex changes but if they stay the sprintf should be a snprintf + strlcat to silence stupid linker warnings about using sprintf and to take advantage of the buffer size protections. I've also add a INSIST(LOCKED_ZONE(zone)). Other than possibly reverting the hex changes it looks good to go.

Wed, 20 Sep 2017 21:56:47 -0400 Mark Andrews <marka@isc.org> - Given to Michał Kępień <michal@isc.org>

Thu, 21 Sep 2017 03:33:50 -0400 Michał Kępień <michal@isc.org> - Correspondence added

To avoid code duplication, I extracted the hex-formatting code into a separate function. Please review.

Thu, 21 Sep 2017 03:33:51 -0400 Michał Kępień <michal@isc.org> - Untaken

Thu, 21 Sep 2017 22:32:05 -0400 Mark Andrews <marka@isc.org> - Correspondence added

From:	"Mark Andrews" <marka@isc.org>
To:	bind9-public@isc.org
Subject:	Re: [ISC-Bugs #46053] Comment zone functions related to NSEC3 processing
Date:	Fri, 22 Sep 2017 12:31:25 +1000

In message <rt-4.4.1-49211-1505979230-542.46053-4-0@isc.org>, "=?UTF-8?B?TWljaGHFgiBLxJlwaWXFhA==?= via RT" writes: > To avoid code duplication, I extracted the hex-formatting code into a > separate function. Please review. cherry-picked atomic fixes so I could build it. Pushed a fix for completeness. Looks good to go. > -- > Ticket History: https://bugs.isc.org/Ticket/Display.html?id=46053 -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org

Thu, 21 Sep 2017 22:35:29 -0400 Mark Andrews <marka@isc.org> - Given to Michał Kępień <michal@isc.org>

Tue, 26 Sep 2017 05:34:37 -0400 Michał Kępień <michal@isc.org> - Correspondence added

4736. [cleanup] (a) Added comments to NSEC3-related functions in lib/dns/zone.c. (b) Refactored NSEC3 salt formatting code. (c) Minor tweaks to lock and result handling. [RT #46053] 9.9.12, 9.10.7, 9.11.3, 9.12.0

Tue, 26 Sep 2017 05:34:37 -0400 Michał Kępień <michal@isc.org> - Status changed from 'review' to 'resolved'

Tue, 26 Sep 2017 05:34:38 -0400 Michał Kępień <michal@isc.org> - Version Fixed 9.9.12, 9.10.7, 9.11.3, 9.12.0 added

Created:	Wed, 20 Sep 2017 06:46:48 -0400
Updated:	Tue, 26 Sep 2017 05:34:38 -0400
Closed:	Tue, 26 Sep 2017 05:34:37 -0400

Bug #46053 for bind9-public: Comment zone functions related to NSEC3 processing

This bug tracker is no longer active.