When calling n3map with an input file of previously obtained NSEC RR of a zone, where one entry contains a next owner field denoting a wildcard, this record is marked as invalid. To reproduce you can enumerate the zones audio. and auto. which contain such offending NSEC RR:
$ n3map -v -p -f4 -c reproducer.zone auto.
n3map 0.7.0: starting mapping of auto.
looking up nameservers for zone auto.
using nameserver: 185.24.64.131 (b.nic.auto.)
using nameserver: 194.169.218.131 (a.nic.auto.)
using nameserver: 212.18.248.131 (c.nic.auto.)
using nameserver: 212.18.249.131 (d.nic.auto.)
checking SOA...
checking DNSKEY...
detecting zone type...
zone uses NSEC records
zone file reproducer.zone does not exist yet, creating it
starting enumeration in mixed query mode...
…
Interrupt somewhere in the middle, after the offending NSEC RR was recorded …
…
$ n3map -v -p -f4 -c reproducer.zone auto.
n3map 0.7.0: starting mapping of auto.
looking up nameservers for zone auto.
using nameserver: 212.18.249.131 (d.nic.auto.)
using nameserver: 194.169.218.131 (a.nic.auto.)
using nameserver: 212.18.248.131 (c.nic.auto.)
using nameserver: 185.24.64.131 (b.nic.auto.)
checking SOA...
checking DNSKEY...
detecting zone type...
zone uses NSEC records
reading NSEC RRs from reproducer.zone
n3map: fatal: unable to parse input file:
reproducer.zone:314: invalid file format
$ grep -n \*\. reproducer.zone
314:nic.auto. 3600 IN NSEC *.nic.auto. A NS SOA MX TXT RRSIG NSEC DNSKEY
Expected behavior would be to just import this record as normal or ignore it and carry on, where a previous run had left off
anonion0
commented
1 year ago
When calling
n3mapwith an input file of previously obtained NSEC RR of a zone, where one entry contains a next owner field denoting a wildcard, this record is marked as invalid. To reproduce you can enumerate the zonesaudio.andauto.which contain such offending NSEC RR:Expected behavior would be to just import this record as normal or ignore it and carry on, where a previous run had left off