mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-31 14:35:26 +00:00
Code Issues Releases Wiki Activity

1696. [bug] dnssec-signzone failed to clean out nodes that

Browse Source 
consisted of only NSEC and RRSIG records.
                        [RT #12154]
This commit is contained in:
Mark Andrews
2004-08-11 08:55:47 +00:00
parent ecef5a3d5f
commit 5e4346a4f9
2 changed files with 33 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@@ -1,3 +1,7 @@
1696. [bug] dnssec-signzone failed to clean out nodes that
consisted of only NSEC and RRSIG records.
[RT #12154]
1695. [bug] DS records when forwarding require special handling.
[RT #12133]

34
bin/dnssec/dnssec-signzone.c
View File

@@ -16,7 +16,7 @@
* IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: dnssec-signzone.c,v 1.179 2004/06/11 01:12:40 marka Exp $ */
/* $Id: dnssec-signzone.c,v 1.180 2004/08/11 08:55:47 marka Exp $ */
#include <config.h>
@@ -914,7 +914,8 @@ active_node(dns_dbnode_t *node) {
result = dns_rdatasetiter_first(rdsiter);
while (result == ISC_R_SUCCESS) {
dns_rdatasetiter_current(rdsiter, &rdataset);
if (rdataset.type != dns_rdatatype_nsec)
if (rdataset.type != dns_rdatatype_nsec &&
rdataset.type != dns_rdatatype_rrsig)
active = ISC_TRUE;
dns_rdataset_disassociate(&rdataset);
if (!active)
@@ -925,18 +926,41 @@ active_node(dns_dbnode_t *node) {
if (result != ISC_R_NOMORE)
fatal("rdataset iteration failed: %s",
isc_result_totext(result));
dns_rdatasetiter_destroy(&rdsiter);
if (!active) {
/*
* Make sure there is no NSEC record for this node.
* Make sure there is no NSEC / RRSIG records for
* this node.
*/
result = dns_db_deleterdataset(gdb, node, gversion,
dns_rdatatype_nsec, 0);
if (result == DNS_R_UNCHANGED)
result = ISC_R_SUCCESS;
check_result(result, "dns_db_deleterdataset");
check_result(result, "dns_db_deleterdataset(nsec)");
result = dns_rdatasetiter_first(rdsiter);
for (result = dns_rdatasetiter_first(rdsiter);
result == ISC_R_SUCCESS;
result = dns_rdatasetiter_next(rdsiter)) {
dns_rdatasetiter_current(rdsiter, &rdataset);
if (rdataset.type == dns_rdatatype_rrsig) {
dns_rdatatype_t type = rdataset.type;
dns_rdatatype_t covers = rdataset.covers;
result = dns_db_deleterdataset(gdb, node,
gversion, type,
covers);
if (result == DNS_R_UNCHANGED)
result = ISC_R_SUCCESS;
check_result(result,
"dns_db_deleterdataset(rrsig)");
}
dns_rdataset_disassociate(&rdataset);
}
if (result != ISC_R_NOMORE)
fatal("rdataset iteration failed: %s",
isc_result_totext(result));
}
dns_rdatasetiter_destroy(&rdsiter);
return (active);
}