From pzbowen at gmail.com  Tue Jan  3 18:11:16 2017
From: pzbowen at gmail.com (Peter Bowen)
Date: Tue, 3 Jan 2017 10:11:16 -0800
Subject: [ldns-users] Infinite loop?
Message-ID: <CAK6vND8poq6wC_8Xm9r2Ou2RqkW8_e1Utp1pRJy1BF8aFUZ5vg@mail.gmail.com>

I've run into some sort of bug in ldns-walk (from 1.6.17) several
times recently.  The symptom is that the ldns-walk process prints
"Error trying to resolve: <somename>\000" then starts consuming 100%
of CPU.

Looking at the code, this message comes from
http://git.nlnetlabs.nl/ldns/tree/examples/ldns-walk.c#n510.  I've not
been running with verbosity >= 3, so I'm not sure where the code
spinning.

Has anyone else seen this?

Thanks,
Peter


From sca at andreasschulze.de  Wed Jan  4 09:35:22 2017
From: sca at andreasschulze.de (A. Schulze)
Date: Wed, 04 Jan 2017 10:35:22 +0100
Subject: [ldns-users] Infinite loop?
In-Reply-To: <CAK6vND8poq6wC_8Xm9r2Ou2RqkW8_e1Utp1pRJy1BF8aFUZ5vg@mail.gmail.com>
Message-ID: <20170104103522.Horde.3PGPEbaqAWd9SvUVrwfHBEK@andreasschulze.de>


Peter Bowen:

> I've run into some sort of bug in ldns-walk (from 1.6.17) several
> times recently.  The symptom is that the ldns-walk process prints
> "Error trying to resolve: <somename>\000" then starts consuming 100%
> of CPU.
>
> Looking at the code, this message comes from
> http://git.nlnetlabs.nl/ldns/tree/examples/ldns-walk.c#n510.  I've not
> been running with verbosity >= 3, so I'm not sure where the code
> spinning.
>
> Has anyone else seen this?

Peter,

which domain you try to walk through?
"ldns-walk br." from ldns-1.7.0 run without any error here ...

Andreas




From anandb at ripe.net  Sun Jan 22 10:27:51 2017
From: anandb at ripe.net (Anand Buddhdev)
Date: Sun, 22 Jan 2017 11:27:51 +0100
Subject: [ldns-users] ldns-notify only supports hmac-md5
Message-ID: <14760796-1b2d-977f-7648-f73925eebc31@ripe.net>

Hello ldns users and developers,

I've just joined ldns-users. First of all, I'd like to point out that
the list's administrative interface still says it's run by
matthijs at nlnetlabs.nl. Perhaps someone should change that :)

My question is about ldns-notify. I wanted to use it to send a
TSIG-signed notify to a server. Sadly, I found out that it only handles
keys with the hmac-md5 hash algorithm, whereas all my keys use
hmac-sha256. Willem is there any chance you could patch it to allow
specifying another algorithm, and possibly also make hmac-sha256 the
default (md5 has been deprecated for a very long time)?

Regards,
Anand


From willem at nlnetlabs.nl  Mon Jan 23 11:38:50 2017
From: willem at nlnetlabs.nl (Willem Toorop)
Date: Mon, 23 Jan 2017 12:38:50 +0100
Subject: [ldns-users] ldns-notify only supports hmac-md5
In-Reply-To: <14760796-1b2d-977f-7648-f73925eebc31@ripe.net>
References: <14760796-1b2d-977f-7648-f73925eebc31@ripe.net>
Message-ID: <ca9e6a75-4d99-81a9-b8ae-f2a8da3351fe@nlnetlabs.nl>

Certainly Anand,

Find attached the patch.

Cheers,
-- Willem


Op 22-01-17 om 11:27 schreef Anand Buddhdev:
> Hello ldns users and developers,
> 
> I've just joined ldns-users. First of all, I'd like to point out that
> the list's administrative interface still says it's run by
> matthijs at nlnetlabs.nl. Perhaps someone should change that :)
> 
> My question is about ldns-notify. I wanted to use it to send a
> TSIG-signed notify to a server. Sadly, I found out that it only handles
> keys with the hmac-md5 hash algorithm, whereas all my keys use
> hmac-sha256. Willem is there any chance you could patch it to allow
> specifying another algorithm, and possibly also make hmac-sha256 the
> default (md5 has been deprecated for a very long time)?
> 
> Regards,
> Anand
> _______________________________________________
> ldns-users mailing list
> ldns-users at open.nlnetlabs.nl
> https://open.nlnetlabs.nl/mailman/listinfo/ldns-users
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-ldns-notify-can-use-all-supported-hash-algorithms.patch
Type: text/x-diff
Size: 4291 bytes
Desc: not available
URL: <http://lists.nlnetlabs.nl/pipermail/ldns-users/attachments/20170123/6f354aad/attachment.bin>

From willem at nlnetlabs.nl  Mon Jan 23 22:37:01 2017
From: willem at nlnetlabs.nl (Willem Toorop)
Date: Mon, 23 Jan 2017 23:37:01 +0100
Subject: [ldns-users] List-Id changed
In-Reply-To: <ca9e6a75-4d99-81a9-b8ae-f2a8da3351fe@nlnetlabs.nl>
References: <14760796-1b2d-977f-7648-f73925eebc31@ripe.net>
 <ca9e6a75-4d99-81a9-b8ae-f2a8da3351fe@nlnetlabs.nl>
Message-ID: <5e0ea1bc-dcb0-ce15-ac08-6a165c98a02e@nlnetlabs.nl>

FYI

When I changed the admin e-mail of this mailing list, I also took the
opportunity to change the domain name for this list from
open.nlnetlabs.nl into nlnetlabs.nl.  This however also changed the
List-Id: in the header (thanks Andreas for noting and reporting), so if
you are filtering on that header, you might want to check if it still works.

-- Willem


Op 23-01-17 om 12:38 schreef Willem Toorop:
> Certainly Anand,
> 
> Find attached the patch.
> 
> Cheers,
> -- Willem
> 
> 
> Op 22-01-17 om 11:27 schreef Anand Buddhdev:
>> Hello ldns users and developers,
>>
>> I've just joined ldns-users. First of all, I'd like to point out that
>> the list's administrative interface still says it's run by
>> matthijs at nlnetlabs.nl. Perhaps someone should change that :)
>>
>> My question is about ldns-notify. I wanted to use it to send a
>> TSIG-signed notify to a server. Sadly, I found out that it only handles
>> keys with the hmac-md5 hash algorithm, whereas all my keys use
>> hmac-sha256. Willem is there any chance you could patch it to allow
>> specifying another algorithm, and possibly also make hmac-sha256 the
>> default (md5 has been deprecated for a very long time)?
>>
>> Regards,
>> Anand
>> _______________________________________________
>> ldns-users mailing list
>> ldns-users at open.nlnetlabs.nl
>> https://open.nlnetlabs.nl/mailman/listinfo/ldns-users
>>
> 
> 
> 
> _______________________________________________
> ldns-users mailing list
> ldns-users at nlnetlabs.nl
> https://open.nlnetlabs.nl/mailman/listinfo/ldns-users
> 



From anandb at ripe.net  Thu Jan 26 09:28:56 2017
From: anandb at ripe.net (Anand Buddhdev)
Date: Thu, 26 Jan 2017 10:28:56 +0100
Subject: [ldns-users] ldns-notify only supports hmac-md5
In-Reply-To: <ca9e6a75-4d99-81a9-b8ae-f2a8da3351fe@nlnetlabs.nl>
References: <14760796-1b2d-977f-7648-f73925eebc31@ripe.net>
 <ca9e6a75-4d99-81a9-b8ae-f2a8da3351fe@nlnetlabs.nl>
Message-ID: <fd408ac3-6b8f-643e-a5b7-19211fda74f9@ripe.net>

On 23/01/2017 12:38, Willem Toorop wrote:

Hi Willem,

Thank you for this patch. I've applied it and tested, and it works as I
expected it to. Please fold it in for the next release.

Regards,
Anand

> Certainly Anand,
> 
> Find attached the patch.


From anandb at ripe.net  Thu Jan 26 09:32:15 2017
From: anandb at ripe.net (Anand Buddhdev)
Date: Thu, 26 Jan 2017 10:32:15 +0100
Subject: [ldns-users] ldns 1.7 in Homebrew
Message-ID: <12325b2f-3e35-d896-4c99-9406d3359641@ripe.net>

I updated the ldns formula in Homebrew for version 1.7. This also
involved adding a dependency on openssl 1.1, which is not yet the
default in Homebrew. As a result of this, some other packages that
depended on ldns, and which don't compile against openssl 1.1, have
dropped support for ldns.

Anyway, the good news is that Homebrew users can now "brew update; brew
upgrade ldns" and enjoy all the latest features of the library and tools.

Regards,
Anand