mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 22:15:20 +00:00
Code Issues Releases Wiki Activity

Added the DNS_DBFIND_FORCENXT flag to dns_db_find, which causes the lookup

Browse Source 
to search for NXT records, even if the zone is not marked as secure.
This commit is contained in:
Brian Wellington
2001-12-08 00:37:07 +00:00
parent 192cd0c440
commit 708f3fd049
2 changed files with 39 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/dns/include/dns/db.h
View File

@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/ */
/* $Id: db.h,v 1.67 2001/08/28 03:58:13 marka Exp $ */ /* $Id: db.h,v 1.68 2001/12/08 00:37:07 bwelling Exp $ */
#ifndef DNS_DB_H #ifndef DNS_DB_H
#define DNS_DB_H 1 #define DNS_DB_H 1
@@ -186,6 +186,7 @@ struct dns_db {
#define DNS_DBFIND_NOWILD 0x04 #define DNS_DBFIND_NOWILD 0x04
#define DNS_DBFIND_PENDINGOK 0x08 #define DNS_DBFIND_PENDINGOK 0x08
#define DNS_DBFIND_NOEXACT 0x10 #define DNS_DBFIND_NOEXACT 0x10
#define DNS_DBFIND_FORCENXT 0x20
/* /*
* Options that can be specified for dns_db_addrdataset(). * Options that can be specified for dns_db_addrdataset().
@@ -641,6 +642,11 @@ dns_db_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
* If the DNS_DBFIND_NOWILD option is set, then wildcard matching will * If the DNS_DBFIND_NOWILD option is set, then wildcard matching will
* be disabled. This option is only meaningful for zone databases. * be disabled. This option is only meaningful for zone databases.
* *
* If the DNS_DBFIND_FORCENXT option is set, the database is assumed to
* have NXT records, and these will be returned when appropriate. This
* is only necessary when querying a database that was not secure
* when created.
*
* To respond to a query for SIG records, the caller should create a * To respond to a query for SIG records, the caller should create a
* rdataset iterator and extract the signatures from each rdataset. * rdataset iterator and extract the signatures from each rdataset.
* *

43
lib/dns/rbtdb.c
View File

@@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/ */
/* $Id: rbtdb.c,v 1.173 2001/11/16 00:17:07 gson Exp $ */ /* $Id: rbtdb.c,v 1.174 2001/12/08 00:37:05 bwelling Exp $ */
/* /*
* Principal Author: Bob Halley * Principal Author: Bob Halley
@@ -1576,7 +1576,7 @@ find_wildcard(rbtdb_search_t *search, dns_rbtnode_t **nodep) {
static inline isc_result_t static inline isc_result_t
find_closest_nxt(rbtdb_search_t *search, dns_dbnode_t **nodep, find_closest_nxt(rbtdb_search_t *search, dns_dbnode_t **nodep,
dns_name_t *foundname, dns_rdataset_t *rdataset, dns_name_t *foundname, dns_rdataset_t *rdataset,
dns_rdataset_t *sigrdataset) dns_rdataset_t *sigrdataset, isc_boolean_t need_sig)
{ {
dns_rbtnode_t *node; dns_rbtnode_t *node;
rdatasetheader_t *header, *header_next, *found, *foundsig; rdatasetheader_t *header, *header_next, *found, *foundsig;
@@ -1639,7 +1639,9 @@ find_closest_nxt(rbtdb_search_t *search, dns_dbnode_t **nodep,
} }
} }
if (!empty_node) { if (!empty_node) {
if (found != NULL && foundsig != NULL) { if (found != NULL &&
(foundsig != NULL || !need_sig))
{
/* /*
* We've found the right NXT record. * We've found the right NXT record.
* *
@@ -1660,9 +1662,12 @@ find_closest_nxt(rbtdb_search_t *search, dns_dbnode_t **nodep,
bind_rdataset(search->rbtdb, node, bind_rdataset(search->rbtdb, node,
found, search->now, found, search->now,
rdataset); rdataset);
bind_rdataset(search->rbtdb, node, if (foundsig != NULL)
foundsig, search->now, bind_rdataset(search->rbtdb,
sigrdataset); node,
foundsig,
search->now,
sigrdataset);
} }
} else if (found == NULL && foundsig == NULL) { } else if (found == NULL && foundsig == NULL) {
/* /*
@@ -1801,9 +1806,12 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
* If we're here, then the name does not exist, is not * If we're here, then the name does not exist, is not
* beneath a zonecut, and there's no matching wildcard. * beneath a zonecut, and there's no matching wildcard.
*/ */
if (search.rbtdb->secure) { if (search.rbtdb->secure ||
(search.options & DNS_DBFIND_FORCENXT) != 0)
{
result = find_closest_nxt(&search, nodep, foundname, result = find_closest_nxt(&search, nodep, foundname,
rdataset, sigrdataset); rdataset, sigrdataset,
search.rbtdb->secure);
if (result == ISC_R_SUCCESS) if (result == ISC_R_SUCCESS)
result = DNS_R_NXDOMAIN; result = DNS_R_NXDOMAIN;
} else } else
@@ -2029,15 +2037,28 @@ zone_find(dns_db_t *db, dns_name_t *name, dns_dbversion_t *version,
result = DNS_R_BADDB; result = DNS_R_BADDB;
goto node_exit; goto node_exit;
} }
if ((search.options & DNS_DBFIND_FORCENXT) != 0 &&
nxtheader == NULL)
{
/*
* There's no NXT record, and we were told
* to find one.
*/
result = DNS_R_BADDB;
goto node_exit;
}
if (nodep != NULL) { if (nodep != NULL) {
new_reference(search.rbtdb, node); new_reference(search.rbtdb, node);
*nodep = node; *nodep = node;
} }
if (search.rbtdb->secure) { if (search.rbtdb->secure ||
(search.options & DNS_DBFIND_FORCENXT) != 0)
{
bind_rdataset(search.rbtdb, node, nxtheader, bind_rdataset(search.rbtdb, node, nxtheader,
0, rdataset); 0, rdataset);
bind_rdataset(search.rbtdb, node, nxtsig, if (nxtsig != NULL)
0, sigrdataset); bind_rdataset(search.rbtdb, node,
nxtsig, 0, sigrdataset);
} }
} }
goto node_exit; goto node_exit;