diff options
| author | Lennart Poettering <lennart@poettering.net> | 2017-02-14 17:54:30 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2017-02-17 10:25:15 +0100 |
| commit | 97c2ea26456f21334ac164f330426dd518067f08 (patch) | |
| tree | c05033074c13f36be9c7e53d8f39f18d2785b9c6 /src/basic/parse-util.c | |
| parent | c775838ad7a1f33dcd2f1fac01d1a805bb96bc1f (diff) | |
resolved: fix NSEC proofs for missing TLDs
For the wildcard NSEC check we need to generate an "asterisk" domain, by
prepend the common ancestor with "*.". So far we did that with a simple
strappenda() which is fine for most domains, but doesn't work if the
common ancestor is the root domain as we usually write that as "." in
normalized form, and "*." joined with "." is "*.." and not "*." as it
should be.
Hence, use the clean way out, let's just use dns_name_concat() which
only exists precisely for this reason, to properly concatenate labels.
There's a good chance this actually fixes #5029, as this NSEC proof is
triggered by lookups in the TLD "example", which doesn't exist in the
Internet.
Diffstat (limited to 'src/basic/parse-util.c')
0 files changed, 0 insertions, 0 deletions