From 708f3fd049d6f60e436f12b6907d0954dbc49b94 Mon Sep 17 00:00:00 2001 From: Brian Wellington Date: Sat, 8 Dec 2001 00:37:07 +0000 Subject: [PATCH] Added the DNS_DBFIND_FORCENXT flag to dns_db_find, which causes the lookup to search for NXT records, even if the zone is not marked as secure. --- lib/dns/include/dns/db.h | 8 +++++++- lib/dns/rbtdb.c | 43 ++++++++++++++++++++++++++++++---------- 2 files changed, 39 insertions(+), 12 deletions(-) diff --git a/lib/dns/include/dns/db.h b/lib/dns/include/dns/db.h index 7b26afcf83..f70a317f9d 100644 --- a/lib/dns/include/dns/db.h +++ b/lib/dns/include/dns/db.h @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: db.h,v 1.67 2001/08/28 03:58:13 marka Exp $ */ +/* $Id: db.h,v 1.68 2001/12/08 00:37:07 bwelling Exp $ */ #ifndef DNS_DB_H #define DNS_DB_H 1 @@ -186,6 +186,7 @@ struct dns_db { #define DNS_DBFIND_NOWILD 0x04 #define DNS_DBFIND_PENDINGOK 0x08 #define DNS_DBFIND_NOEXACT 0x10 +#define DNS_DBFIND_FORCENXT 0x20 /* * Options that can be specified for dns_db_addrdataset(). @@ -641,6 +642,11 @@ dns_db_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, * If the DNS_DBFIND_NOWILD option is set, then wildcard matching will * be disabled. This option is only meaningful for zone databases. * + * If the DNS_DBFIND_FORCENXT option is set, the database is assumed to + * have NXT records, and these will be returned when appropriate. This + * is only necessary when querying a database that was not secure + * when created. + * * To respond to a query for SIG records, the caller should create a * rdataset iterator and extract the signatures from each rdataset. * diff --git a/lib/dns/rbtdb.c b/lib/dns/rbtdb.c index 54ee6fd51e..40808b6706 100644 --- a/lib/dns/rbtdb.c +++ b/lib/dns/rbtdb.c @@ -15,7 +15,7 @@ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rbtdb.c,v 1.173 2001/11/16 00:17:07 gson Exp $ */ +/* $Id: rbtdb.c,v 1.174 2001/12/08 00:37:05 bwelling Exp $ */ /* * Principal Author: Bob Halley @@ -1576,7 +1576,7 @@ find_wildcard(rbtdb_search_t *search, dns_rbtnode_t **nodep) { static inline isc_result_t find_closest_nxt(rbtdb_search_t *search, dns_dbnode_t **nodep, dns_name_t *foundname, dns_rdataset_t *rdataset, - dns_rdataset_t *sigrdataset) + dns_rdataset_t *sigrdataset, isc_boolean_t need_sig) { dns_rbtnode_t *node; rdatasetheader_t *header, *header_next, *found, *foundsig; @@ -1639,7 +1639,9 @@ find_closest_nxt(rbtdb_search_t *search, dns_dbnode_t **nodep, } } if (!empty_node) { - if (found != NULL && foundsig != NULL) { + if (found != NULL && + (foundsig != NULL || !need_sig)) + { /* * We've found the right NXT record. * @@ -1660,9 +1662,12 @@ find_closest_nxt(rbtdb_search_t *search, dns_dbnode_t **nodep, bind_rdataset(search->rbtdb, node, found, search->now, rdataset); - bind_rdataset(search->rbtdb, node, - foundsig, search->now, - sigrdataset); + if (foundsig != NULL) + bind_rdataset(search->rbtdb, + node, + foundsig, + search->now, + sigrdataset); } } else if (found == NULL && foundsig == NULL) { /* @@ -1801,9 +1806,12 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, * If we're here, then the name does not exist, is not * beneath a zonecut, and there's no matching wildcard. */ - if (search.rbtdb->secure) { + if (search.rbtdb->secure || + (search.options & DNS_DBFIND_FORCENXT) != 0) + { result = find_closest_nxt(&search, nodep, foundname, - rdataset, sigrdataset); + rdataset, sigrdataset, + search.rbtdb->secure); if (result == ISC_R_SUCCESS) result = DNS_R_NXDOMAIN; } else @@ -2029,15 +2037,28 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version, result = DNS_R_BADDB; goto node_exit; } + if ((search.options & DNS_DBFIND_FORCENXT) != 0 && + nxtheader == NULL) + { + /* + * There's no NXT record, and we were told + * to find one. + */ + result = DNS_R_BADDB; + goto node_exit; + } if (nodep != NULL) { new_reference(search.rbtdb, node); *nodep = node; } - if (search.rbtdb->secure) { + if (search.rbtdb->secure || + (search.options & DNS_DBFIND_FORCENXT) != 0) + { bind_rdataset(search.rbtdb, node, nxtheader, 0, rdataset); - bind_rdataset(search.rbtdb, node, nxtsig, - 0, sigrdataset); + if (nxtsig != NULL) + bind_rdataset(search.rbtdb, node, + nxtsig, 0, sigrdataset); } } goto node_exit;