mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 05:57:52 +00:00
Code Issues Releases Wiki Activity

Added the DNS_DBFIND_FORCENXT flag to dns_db_find, which causes the lookup

Browse Source 
to search for NXT records, even if the zone is not marked as secure.
This commit is contained in:
Brian Wellington 2001-12-08 00:37:07 +00:00
parent 192cd0c440
commit 708f3fd049
2 changed files with 39 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lib/dns/include/dns/db.h
View File

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: db.h,v 1.67 2001/08/28 03:58:13 marka Exp $ */
/* $Id: db.h,v 1.68 2001/12/08 00:37:07 bwelling Exp $ */
#ifndef DNS_DB_H
#define DNS_DB_H 1
@ -186,6 +186,7 @@ struct dns_db {
#define DNS_DBFIND_NOWILD 0x04
#define DNS_DBFIND_PENDINGOK 0x08
#define DNS_DBFIND_NOEXACT 0x10
#define DNS_DBFIND_FORCENXT 0x20
/*
* Options that can be specified for dns_db_addrdataset().
@ -641,6 +642,11 @@ dns_db_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
* If the DNS_DBFIND_NOWILD option is set, then wildcard matching will
* be disabled. This option is only meaningful for zone databases.
*
* If the DNS_DBFIND_FORCENXT option is set, the database is assumed to
* have NXT records, and these will be returned when appropriate. This
* is only necessary when querying a database that was not secure
* when created.
*
* To respond to a query for SIG records, the caller should create a
* rdataset iterator and extract the signatures from each rdataset.
*

43
lib/dns/rbtdb.c
View File

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: rbtdb.c,v 1.173 2001/11/16 00:17:07 gson Exp $ */
/* $Id: rbtdb.c,v 1.174 2001/12/08 00:37:05 bwelling Exp $ */
/*
* Principal Author: Bob Halley
@ -1576,7 +1576,7 @@ find_wildcard(rbtdb_search_t *search, dns_rbtnode_t **nodep) {
static inline isc_result_t
find_closest_nxt(rbtdb_search_t *search, dns_dbnode_t **nodep,
dns_name_t *foundname, dns_rdataset_t *rdataset,
dns_rdataset_t *sigrdataset)
dns_rdataset_t *sigrdataset, isc_boolean_t need_sig)
{
dns_rbtnode_t *node;
rdatasetheader_t *header, *header_next, *found, *foundsig;
@ -1639,7 +1639,9 @@ find_closest_nxt(rbtdb_search_t *search, dns_dbnode_t **nodep,
}
}
if (!empty_node) {
if (found != NULL && foundsig != NULL) {
if (found != NULL &&
(foundsig != NULL || !need_sig))
{
/*
* We've found the right NXT record.
*
@ -1660,9 +1662,12 @@ find_closest_nxt(rbtdb_search_t *search, dns_dbnode_t **nodep,
bind_rdataset(search->rbtdb, node,
found, search->now,
rdataset);
bind_rdataset(search->rbtdb, node,
foundsig, search->now,
sigrdataset);
if (foundsig != NULL)
bind_rdataset(search->rbtdb,
node,
foundsig,
search->now,
sigrdataset);
}
} else if (found == NULL && foundsig == NULL) {
/*
@ -1801,9 +1806,12 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
* If we're here, then the name does not exist, is not
* beneath a zonecut, and there's no matching wildcard.
*/
if (search.rbtdb->secure) {
if (search.rbtdb->secure ||
(search.options & DNS_DBFIND_FORCENXT) != 0)
{
result = find_closest_nxt(&search, nodep, foundname,
rdataset, sigrdataset);
rdataset, sigrdataset,
search.rbtdb->secure);
if (result == ISC_R_SUCCESS)
result = DNS_R_NXDOMAIN;
} else
@ -2029,15 +2037,28 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
result = DNS_R_BADDB;
goto node_exit;
}
if ((search.options & DNS_DBFIND_FORCENXT) != 0 &&
nxtheader == NULL)
{
/*
* There's no NXT record, and we were told
* to find one.
*/
result = DNS_R_BADDB;
goto node_exit;
}
if (nodep != NULL) {
new_reference(search.rbtdb, node);
*nodep = node;
}
if (search.rbtdb->secure) {
if (search.rbtdb->secure ||
(search.options & DNS_DBFIND_FORCENXT) != 0)
{
bind_rdataset(search.rbtdb, node, nxtheader,
0, rdataset);
bind_rdataset(search.rbtdb, node, nxtsig,
0, sigrdataset);
if (nxtsig != NULL)
bind_rdataset(search.rbtdb, node,
nxtsig, 0, sigrdataset);
}
}
goto node_exit;