Fix NullPointerException that would occur when getting a non-dnssec referral from the server.

This commit is contained in:
David Blacka 2015-04-24 21:24:29 -04:00
parent c95cd7e0e9
commit 37e9932d6e
3 changed files with 18 additions and 13 deletions

27
README
View File

@ -73,18 +73,18 @@ only:
while (<>) { while (<>) {
# parse domain table lines # parse domain table lines
/^i A / && do { /^i A / && do {
@fields = split(); @fields = split();
$dn = $fields[3]; $dn = $fields[3];
($dom, $tld) = split(/\./, $dn, 2); ($dom, $tld) = split(/\./, $dn, 2);
next if $tld ne "EDU"; next if $tld ne "EDU";
print "$dn. A\n"; print "$dn. A\n";
print "${dom}_.$tld. A\n"; print "${dom}_.$tld. A\n";
}; };
# parse nameserver table lines # parse nameserver table lines
/^i B / && do { /^i B / && do {
@fields = split(); @fields = split();
$ns = $fields[3]; $ns = $fields[3];
print "$ns. A\n"; print "$ns. A\n";
}; };
} }
@ -98,7 +98,7 @@ Examples
java -jar dnssecvaltool.jar server=a.edu-servers.net \ java -jar dnssecvaltool.jar server=a.edu-servers.net \
dnskey_query=edu \ dnskey_query=edu \
query_file=queries.txt \ query_file=queries.txt \
error_file=dnssecvaltool_errors.log error_file=dnssecvaltool_errors.log
2. Query localhost with a single query for edu/soa, using stored keys 2. Query localhost with a single query for edu/soa, using stored keys
in the file 'keys'. Validation failures will be logged to stdout. in the file 'keys'. Validation failures will be logged to stdout.
@ -107,4 +107,9 @@ java -jar dnssecvaltool.jar server=127.0.0.1 \
dnskey_file=keys \ dnskey_file=keys \
query="edu soa" query="edu soa"
3. Query "a.gov-servers.net", fetching the .gov keys directly from
that server, then query for nasa.gov/A.
java -jar dnssecvaltool.jar server=a.gov-servers.net \
dnskey_query=gov \
query="nasa.gov a"

View File

@ -1 +1 @@
version=1.0.2 version=1.0.3

View File

@ -579,7 +579,7 @@ public class CaptiveValidator {
return; return;
} }
if (nsec3s.size() > 0) { if (nsec3s != null && nsec3s.size() > 0) {
byte status = NSEC3ValUtils.proveNoDS(nsec3s, delegation, nsec3zone, mErrorList); byte status = NSEC3ValUtils.proveNoDS(nsec3s, delegation, nsec3zone, mErrorList);
if (status != SecurityStatus.SECURE) { if (status != SecurityStatus.SECURE) {