Bug 1195 - NSD accepts non-compliant values for Serial
NSD accepts non-compliant values for Serial
Status: RESOLVED FIXED
Product: NSD
Classification: Unclassified
Component: NSD Code
4.1.x
All All
: P5 minor
Assigned To: NSD team
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-01-03 16:45 CET by Nikolai Lifanov
Modified: 2017-01-03 17:28 CET (History)
1 user (show)

See Also:


Attachments
sample zone (349 bytes, application/octet-stream)
2017-01-03 16:45 CET, Nikolai Lifanov
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Nikolai Lifanov 2017-01-03 16:45:17 CET
Created attachment 372 [details]
sample zone

$ nsd-checkzone example.net /tmp/example.net.db 
zone example.net is ok
$ named-checkzone example.net /tmp/example.net.db
dns_rdata_fromtext: /tmp/example.net.db:2: near '201612300739': out of range
zone example.net/IN: loading from master file /tmp/example.net.db failed: out of range
zone example.net/IN: not loaded due to errors.

NSD loads and serves the zone, while BIND does not.
According to this, BIND is right: https://tools.ietf.org/html/rfc1035#page-19
This breaks interop with other servers.
Comment 1 Wouter Wijngaards 2017-01-03 16:57:02 CET
Hi Nikolai,

Fixed this, if the number overflows the 32bit counter, it'll print something like this:
nsd-checkzone[13677]: error: test.zone:9: serial is expected

Thank you for the report!

Best regards, Wouter
Comment 2 Nikolai Lifanov 2017-01-03 17:28:23 CET
Great, thank you!