[nsd-users] nsd v4.3.5 treats long used DKIM line as syntax error
stu at spacehopper.org
Tue Mar 9 08:31:44 UTC 2021
On 2021/03/09 08:24, Stuart Henderson wrote:
> On 2021/03/08 12:37, N.J. Thomas via nsd-users wrote:
> > When I upgraded from nsd v4.3.4 to v4.3.5, nsd-checkzone(8) started
> > flagging errors in my zone files for DKIM lines that had been there for
> > many years.
> > Here's roughly what the line looks like:
> > example._domainkey IN TXT ( "v=DKIM1; k=rsa; " "p=ZvtSzN0TPFdTFVo3QDRONDHNN4TANQPOvDXOtDDAqEOEObihifWVD095LxDXbSYILzbHBWCPuPzhzzxlS+tnLcTe+VcpZrh4TkFxym+++nZ8tBL1aR1agdd27lmo2GmRc84gXJUIlqu4Ml0TL/Ifxsuc4pJxD9sOO4FotjBnyTUI8wn3rWD5bVBjWzzLDr0ioP8W67TSxGblDmjhA//9WidNDNO")
> > (Values have been changed to protect the innocent.)
> > Is there some syntax error in the above line, or is this a bug?
> > FWIW, I'm running on FreeBSD 12.2, and here's the output from nsd:
> > $ nsd-checkzone example.org example.org.m4
> > [2021-03-08 12:13:18.298] nsd-checkzone: error: example.org.m4:124: syntax error
> > zone example.org file example.org.m4 has 1 errors
Oh, and you can workaround by removing the parens (you don't need them
if the multiple parts of the record are on a single line in the zone file).
btw, OpenBSD has avoided updating to NSD 4.3.5 in base because of this.
More information about the nsd-users