From 37e9932d6e129e6793e4acab1fd0b6e000290d26 Mon Sep 17 00:00:00 2001 From: David Blacka Date: Fri, 24 Apr 2015 21:24:29 -0400 Subject: [PATCH] Fix NullPointerException that would occur when getting a non-dnssec referral from the server. --- README | 27 +++++++++++-------- VERSION | 2 +- .../verisign/tat/dnssec/CaptiveValidator.java | 2 +- 3 files changed, 18 insertions(+), 13 deletions(-) diff --git a/README b/README index 31f5453..2fca46d 100644 --- a/README +++ b/README @@ -73,18 +73,18 @@ only: while (<>) { # parse domain table lines /^i A / && do { - @fields = split(); - $dn = $fields[3]; - ($dom, $tld) = split(/\./, $dn, 2); - next if $tld ne "EDU"; - print "$dn. A\n"; - print "${dom}_.$tld. A\n"; + @fields = split(); + $dn = $fields[3]; + ($dom, $tld) = split(/\./, $dn, 2); + next if $tld ne "EDU"; + print "$dn. A\n"; + print "${dom}_.$tld. A\n"; }; # parse nameserver table lines /^i B / && do { - @fields = split(); - $ns = $fields[3]; - print "$ns. A\n"; + @fields = split(); + $ns = $fields[3]; + print "$ns. A\n"; }; } @@ -98,7 +98,7 @@ Examples java -jar dnssecvaltool.jar server=a.edu-servers.net \ dnskey_query=edu \ query_file=queries.txt \ - error_file=dnssecvaltool_errors.log + error_file=dnssecvaltool_errors.log 2. Query localhost with a single query for edu/soa, using stored keys in the file 'keys'. Validation failures will be logged to stdout. @@ -107,4 +107,9 @@ java -jar dnssecvaltool.jar server=127.0.0.1 \ dnskey_file=keys \ query="edu soa" - +3. Query "a.gov-servers.net", fetching the .gov keys directly from + that server, then query for nasa.gov/A. + +java -jar dnssecvaltool.jar server=a.gov-servers.net \ + dnskey_query=gov \ + query="nasa.gov a" diff --git a/VERSION b/VERSION index 325db2c..f7b14fb 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -version=1.0.2 +version=1.0.3 diff --git a/src/com/verisign/tat/dnssec/CaptiveValidator.java b/src/com/verisign/tat/dnssec/CaptiveValidator.java index b481e5d..c4ce498 100644 --- a/src/com/verisign/tat/dnssec/CaptiveValidator.java +++ b/src/com/verisign/tat/dnssec/CaptiveValidator.java @@ -579,7 +579,7 @@ public class CaptiveValidator { return; } - if (nsec3s.size() > 0) { + if (nsec3s != null && nsec3s.size() > 0) { byte status = NSEC3ValUtils.proveNoDS(nsec3s, delegation, nsec3zone, mErrorList); if (status != SecurityStatus.SECURE) {