Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unexpected error in DNSSEC10 when disabling either IP protocol #1414

Open
tgreenx opened this issue Dec 10, 2024 · 2 comments · May be fixed by #1415
Open

Unexpected error in DNSSEC10 when disabling either IP protocol #1414

tgreenx opened this issue Dec 10, 2024 · 2 comments · May be fixed by #1415
Assignees
@tgreenx
Labels
T-Bug Type: Bug in software or error in test case description
Milestone
v2024.2.1

Comments

@tgreenx
Copy link
Contributor

tgreenx commented Dec 10, 2024
edited
Loading

On version v2024.2, when running DNSSEC10, message tag DS10_EXPECTED_NSEC_NSEC3_MISSING is outputted when any IP protocol is disabled (either explicitly, or when the host does not have connectivity for that protocol).

$ zonemaster-cli --version
Zonemaster-CLI version v7.1.0
Zonemaster-Engine version v7.0.0
Zonemaster-LDNS version 4.1.0
NL NetLabs LDNS version 1.8.3

$ zonemaster-cli --show-testcase --level info --test dnssec10 afnic.fr --raw
   0.00 INFO     Unspecified    GLOBAL_VERSION  version=v7.0.0
   8.26 INFO     DNSSEC10       DS10_HAS_NSEC3  ns_list=g.ext.nic.fr/194.0.36.1;g.ext.nic.fr/2001:678:4c::1;ns1.nic.fr/192.134.4.1;ns1.nic.fr/2001:67c:2218:2::4:1;ns2.nic.fr/192.93.0.4;ns2.nic.fr/2001:660:3005:1::1:2;ns3.nic.fr/192.134.0.49;ns3.nic.fr/2001:660:3006:1::1:1

$ zonemaster-cli --show-testcase --level info --test dnssec10 afnic.fr --raw --no-ipv6
   0.00 INFO     Unspecified    GLOBAL_VERSION  version=v7.0.0
   4.03 INFO     DNSSEC10       DS10_HAS_NSEC3  ns_list=g.ext.nic.fr/194.0.36.1;ns1.nic.fr/192.134.4.1;ns2.nic.fr/192.93.0.4;ns3.nic.fr/192.134.0.49
   4.03 ERROR    DNSSEC10       DS10_EXPECTED_NSEC_NSEC3_MISSING  ns_list=g.ext.nic.fr/2001:678:4c::1;ns1.nic.fr/2001:67c:2218:2::4:1;ns2.nic.fr/2001:660:3005:1::1:2;ns3.nic.fr/2001:660:3006:1::1:1

$ zonemaster-cli --show-testcase --level info --test dnssec10 afnic.fr --raw --no-ipv4
   0.00 INFO     Unspecified    GLOBAL_VERSION  version=v7.0.0
   4.57 INFO     DNSSEC10       DS10_HAS_NSEC3  ns_list=g.ext.nic.fr/2001:678:4c::1;ns1.nic.fr/2001:67c:2218:2::4:1;ns2.nic.fr/2001:660:3005:1::1:2;ns3.nic.fr/2001:660:3006:1::1:1
   4.58 ERROR    DNSSEC10       DS10_EXPECTED_NSEC_NSEC3_MISSING  ns_list=g.ext.nic.fr/194.0.36.1;ns1.nic.fr/192.134.4.1;ns2.nic.fr/192.93.0.4;ns3.nic.fr/192.134.0.49
@tgreenx tgreenx added the T-Bug Type: Bug in software or error in test case description label Dec 10, 2024
@tgreenx tgreenx added this to the v2024.2.1 milestone Dec 10, 2024
@matsduf
Copy link
Contributor

matsduf commented Dec 11, 2024
edited
Loading

Shouldn't @nss in https://github.com/zonemaster/zonemaster-engine/blob/master/lib/Zonemaster/Engine/Test/DNSSEC.pm#L3789 be replaced by an array where the excluded addresses (IPv4 or IPv6) are excluded?

@tgreenx
Copy link
Contributor Author

tgreenx commented Dec 11, 2024
edited
Loading

Shouldn't @nss in https://github.com/zonemaster/zonemaster-engine/blob/master/lib/Zonemaster/Engine/Test/DNSSEC.pm#L3789 be replaced by an array where the excluded addresses (IPv4 or IPv6) are excluded?

Yes that sounds right, thanks for investigating. I'll create a fix.

@tgreenx tgreenx self-assigned this Dec 11, 2024
@tgreenx tgreenx linked a pull request Dec 11, 2024 that will close this issue
Open
@tgreenx tgreenx linked a pull request Dec 11, 2024 that will close this issue
Fix in DNSSEC10 #1415
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tgreenx tgreenx

Labels
T-Bug Type: Bug in software or error in test case description
Projects
None yet
Milestone
v2024.2.1
Development

Successfully merging a pull request may close this issue.

Fix in DNSSEC10 tgreenx/zonemaster-engine
2 participants
@matsduf @tgreenx