return this->toString().length();
}
+/**
+ * Get the length of the DNSName on the wire
+ *
+ * @return the total wirelength of the DNSName
+ */
+size_t DNSName::wirelength() const {
+ return d_storage.length() + 1;
+}
+
// are WE part of parent
bool DNSName::isPartOf(const DNSName& parent) const
{
bool isWildcard() const;
unsigned int countLabels() const;
size_t length() const; // FIXME400 remove me?
+ size_t wirelength() const; //!< Number of total bytes in the name
bool empty() const { return d_empty; }
bool isRoot() const { return !d_empty && d_storage.empty(); }
void clear() { d_storage.clear(); d_empty=true; }
DNSResourceRecord rr;
uint64_t numrecords=0, numerrors=0, numwarnings=0;
+ if (haveNSEC3 && isSecure && zone.wirelength() > 222) {
+ numerrors++;
+ cerr<<"[Error] zone '" << zone.toStringNoDot() << "' has NSEC3 semantics but is too long to have the hash prepended. Zone name is " << zone.wirelength() << " bytes long, whereas the maximum is 222 bytes." << endl;
+ }
// Check for delegation in parent zone
DNSName parent(zone);
NSEC3PARAMRecordContent ns3pr(nsec3params);
DNSName zone(cmds[1]);
+ if (zone.wirelength() > 222) {
+ cerr<<"Cannot enable NSEC3 for " << zone.toString() << " as it is too long (" << zone.wirelength() << " bytes, maximum is 222 bytes)"<<endl;
+ return 1;
+ }
if (! dk.setNSEC3PARAM(zone, ns3pr, narrow)) {
cerr<<"Cannot set NSEC3 param for " << zone.toString() << endl;
return 1;
projects / pdns / commitdiff