<div dir="ltr"><div>$self->{signame}->canonical is not the solution (not in Net::DNS pre-0.73).<br><br></div>Please can you raise a bug report in CPAN RT, citing RFC4034 (6.2)<br><div class="gmail_extra"><br clear="all"><div><div dir="ltr">Dick<br><span><font color="#888888">________________________<br>
</font></span><br></div></div>
<br><div class="gmail_quote">On 30 September 2014 23:25, Wessels, Duane <span dir="ltr"><<a href="mailto:dwessels@verisign.com" target="_blank">dwessels@verisign.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Maybe this is it?<br>
<span><br>
Index: RR/RRSIG.pm<br>
===================================================================<br>
--- RR/RRSIG.pm (revision 1267)<br>
+++ RR/RRSIG.pm (working copy)<br>
</span>@@ -516,7 +516,7 @@<br>
$self->{typecovered} = 0 unless ref($rawdata); # SIG0<br>
<br>
my @field = qw(typecovered algorithm labels orgttl sigexpiration siginception keytag);<br>
- my $sigdata = pack 'n C2 N3 n a*', @{$self}{@field}, $self->{signame}->encode;<br>
+ my $sigdata = pack 'n C2 N3 n a*', @{$self}{@field}, $self->{signame}->canonical;<br>
print "preamble:\t", unpack( 'H*', $sigdata ) if $debug;<br>
<br>
unless ( ref($rawdata) ) { # SIG0 case<br>
<div><div><br>
<br>
<br>
On Sep 30, 2014, at 3:14 PM, Duane Wessels <<a href="mailto:dwessels@verisign.com" target="_blank">dwessels@verisign.com</a>> wrote:<br>
<br>
> Whoops, that patch is not the solution for this bug. However, I'm<br>
> pretty sure it has something to do with upper/lower case!<br>
><br>
> DW<br>
><br>
><br>
> On Sep 30, 2014, at 3:06 PM, Duane Wessels <<a href="mailto:dwessels@verisign.com" target="_blank">dwessels@verisign.com</a>> wrote:<br>
><br>
>> Today I found one of my DNSSEC tools utilizing Net::DNS::SEC was reporting<br>
>> mysterious validation failures. Tracked it to an RRSIG record with an<br>
>> uppercase Signer's Name field (see 'dig us RRSIG').<br>
>><br>
>> I believe this may be the fix:<br>
>><br>
>><br>
>> Index: RR/RRSIG.pm<br>
>> ===================================================================<br>
>> --- RR/RRSIG.pm (revision 1267)<br>
>> +++ RR/RRSIG.pm (working copy)<br>
>> @@ -262,7 +262,7 @@<br>
>> sigexpiration => $args{sigex} || 0,<br>
>> algorithm => $private->algorithm,<br>
>> keytag => $private->keytag,<br>
>> - signame => $private->signame,<br>
>> + signame => lc($private->signame),<br>
>> );<br>
>><br>
>> $args{sigval} ||= 30 unless $self->{sigexpiration};<br>
>><br>
><br>
<br>
</div></div><br>_______________________________________________<br>
net-dns-users mailing list<br>
<a href="mailto:net-dns-users@nlnetlabs.nl" target="_blank">net-dns-users@nlnetlabs.nl</a><br>
<a href="https://www.nlnetlabs.nl/mailman/listinfo/net-dns-users" target="_blank">https://www.nlnetlabs.nl/mailman/listinfo/net-dns-users</a><br></blockquote></div><br></div></div>