mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-28 04:58:04 +00:00
Code Issues Releases Wiki Activity

Set AD.

Browse Source
This commit is contained in:
Bob Halley 1999-10-19 20:22:38 +00:00
parent 3f6714ce54
commit d38a7a518f
1 changed files with 20 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
bin/named/query.c
View File

@ -892,7 +892,9 @@ query_addadditional(void *arg, dns_name_t *name, dns_rdatatype_t type) {
* RFC 2535 section 3.5 says that when A or AAAA records are * RFC 2535 section 3.5 says that when A or AAAA records are
* retrieved as additional data, any KEY RRs for the owner name * retrieved as additional data, any KEY RRs for the owner name
* should be added to the additional data section. Note: we * should be added to the additional data section. Note: we
* do NOT include A6 in the list of types with such treatment. * do NOT include A6 in the list of types with such treatment
* in additional data because we'd have to do it for each A6
* in the A6 chain.
* *
* XXXRTH We should lower the priority here. Alternatively, * XXXRTH We should lower the priority here. Alternatively,
* we could raise the priority of glue records. * we could raise the priority of glue records.
@ -1040,8 +1042,7 @@ query_addrdataset(ns_client_t *client, dns_name_t *fname,
/* /*
* RFC 2535 section 3.5 says that when NS, SOA, A, or AAAA records * RFC 2535 section 3.5 says that when NS, SOA, A, or AAAA records
* are retrieved, any KEY RRs for the owner name should be added * are retrieved, any KEY RRs for the owner name should be added
* to the additional data section. Note: we do NOT include A6 in the * to the additional data section. We treat A6 records the same way.
* list of types with such treatment.
* *
* We don't care if query_additional() fails. * We don't care if query_additional() fails.
*/ */
@ -1061,8 +1062,7 @@ query_addrdataset(ns_client_t *client, dns_name_t *fname,
static inline void static inline void
query_addrrset(ns_client_t *client, dns_name_t **namep, query_addrrset(ns_client_t *client, dns_name_t **namep,
dns_rdataset_t **rdatasetp, dns_rdataset_t **sigrdatasetp, dns_rdataset_t **rdatasetp, dns_rdataset_t **sigrdatasetp,
isc_buffer_t *dbuf, dns_section_t section, isc_buffer_t *dbuf, dns_section_t section)
isc_boolean_t check_ad)
{ {
dns_name_t *name, *mname; dns_name_t *name, *mname;
dns_rdataset_t *rdataset, *mrdataset, *sigrdataset; dns_rdataset_t *rdataset, *mrdataset, *sigrdataset;
@ -1110,13 +1110,6 @@ query_addrrset(ns_client_t *client, dns_name_t **namep,
*/ */
ISC_LIST_APPEND(mname->list, sigrdataset, link); ISC_LIST_APPEND(mname->list, sigrdataset, link);
*sigrdatasetp = NULL; *sigrdatasetp = NULL;
} else if (check_ad && (section == DNS_SECTION_ANSWER ||
section == DNS_SECTION_AUTHORITY)) {
/*
* We just added nonauthenticated data to the answer
* section.
*/
client->message->flags &= ~DNS_MESSAGEFLAG_AD;
} }
} }
@ -1166,7 +1159,7 @@ query_addsoa(ns_client_t *client, dns_db_t *db) {
eresult = DNS_R_SERVFAIL; eresult = DNS_R_SERVFAIL;
} else { } else {
query_addrrset(client, &name, &rdataset, &sigrdataset, NULL, query_addrrset(client, &name, &rdataset, &sigrdataset, NULL,
DNS_SECTION_AUTHORITY, ISC_TRUE); DNS_SECTION_AUTHORITY);
} }
cleanup: cleanup:
@ -1226,7 +1219,7 @@ query_addns(ns_client_t *client, dns_db_t *db) {
eresult = DNS_R_SERVFAIL; eresult = DNS_R_SERVFAIL;
} else { } else {
query_addrrset(client, &name, &rdataset, &sigrdataset, NULL, query_addrrset(client, &name, &rdataset, &sigrdataset, NULL,
DNS_SECTION_AUTHORITY, ISC_TRUE); DNS_SECTION_AUTHORITY);
} }
cleanup: cleanup:
@ -1625,8 +1618,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
client->query.gluedb = db; client->query.gluedb = db;
query_addrrset(client, &fname, &rdataset, query_addrrset(client, &fname, &rdataset,
&sigrdataset, dbuf, &sigrdataset, dbuf,
DNS_SECTION_AUTHORITY, DNS_SECTION_AUTHORITY);
ISC_TRUE);
client->query.gluedb = NULL; client->query.gluedb = NULL;
} else { } else {
/* /*
@ -1699,8 +1691,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
client->query.gluedb = zdb; client->query.gluedb = zdb;
query_addrrset(client, &fname, query_addrrset(client, &fname,
&rdataset, &sigrdataset, &rdataset, &sigrdataset,
dbuf, DNS_SECTION_AUTHORITY, dbuf, DNS_SECTION_AUTHORITY);
ISC_TRUE);
client->query.gluedb = NULL; client->query.gluedb = NULL;
} }
} }
@ -1741,7 +1732,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
*/ */
if (dns_rdataset_isassociated(rdataset)) if (dns_rdataset_isassociated(rdataset))
query_addrrset(client, &tname, &rdataset, &sigrdataset, query_addrrset(client, &tname, &rdataset, &sigrdataset,
NULL, DNS_SECTION_AUTHORITY, ISC_TRUE); NULL, DNS_SECTION_AUTHORITY);
goto cleanup; goto cleanup;
case DNS_R_NXDOMAIN: case DNS_R_NXDOMAIN:
INSIST(is_zone); INSIST(is_zone);
@ -1785,7 +1776,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
*/ */
if (dns_rdataset_isassociated(rdataset)) if (dns_rdataset_isassociated(rdataset))
query_addrrset(client, &tname, &rdataset, &sigrdataset, query_addrrset(client, &tname, &rdataset, &sigrdataset,
NULL, DNS_SECTION_AUTHORITY, ISC_TRUE); NULL, DNS_SECTION_AUTHORITY);
/* /*
* Set message rcode. * Set message rcode.
*/ */
@ -1825,7 +1816,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
* Add the CNAME to the answer section. * Add the CNAME to the answer section.
*/ */
query_addrrset(client, &fname, &rdataset, &sigrdataset, dbuf, query_addrrset(client, &fname, &rdataset, &sigrdataset, dbuf,
DNS_SECTION_ANSWER, ISC_TRUE); DNS_SECTION_ANSWER);
/* /*
* We set the PARTIALANSWER attribute so that if anything goes * We set the PARTIALANSWER attribute so that if anything goes
* wrong later on, we'll return what we've got so far. * wrong later on, we'll return what we've got so far.
@ -1870,7 +1861,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
* Add the DNAME to the answer section. * Add the DNAME to the answer section.
*/ */
query_addrrset(client, &fname, &rdataset, &sigrdataset, dbuf, query_addrrset(client, &fname, &rdataset, &sigrdataset, dbuf,
DNS_SECTION_ANSWER, ISC_TRUE); DNS_SECTION_ANSWER);
/* /*
* We set the PARTIALANSWER attribute so that if anything goes * We set the PARTIALANSWER attribute so that if anything goes
* wrong later on, we'll return what we've got so far. * wrong later on, we'll return what we've got so far.
@ -1952,13 +1943,9 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
dns_rdatasetiter_current(rdsiter, rdataset); dns_rdatasetiter_current(rdsiter, rdataset);
if ((qtype == dns_rdatatype_any || if ((qtype == dns_rdatatype_any ||
rdataset->type == qtype) && rdataset->type != 0) { rdataset->type == qtype) && rdataset->type != 0) {
/*
* XXXRTH AD bit checking.
*/
tname = fname; tname = fname;
query_addrrset(client, &tname, &rdataset, NULL, query_addrrset(client, &tname, &rdataset, NULL,
dbuf, DNS_SECTION_ANSWER, dbuf, DNS_SECTION_ANSWER);
ISC_FALSE);
n++; n++;
if (tname == NULL) { if (tname == NULL) {
clear_fname = ISC_TRUE; clear_fname = ISC_TRUE;
@ -2034,7 +2021,7 @@ query_find(ns_client_t *client, dns_fetchevent_t *event) {
*/ */
tname = fname; tname = fname;
query_addrrset(client, &tname, &rdataset, &sigrdataset, dbuf, query_addrrset(client, &tname, &rdataset, &sigrdataset, dbuf,
DNS_SECTION_ANSWER, ISC_TRUE); DNS_SECTION_ANSWER);
if (tname == NULL) if (tname == NULL)
clear_fname = ISC_TRUE; clear_fname = ISC_TRUE;
@ -2263,13 +2250,14 @@ ns_query_start(ns_client_t *client) {
*/ */
message->flags |= DNS_MESSAGEFLAG_AA; message->flags |= DNS_MESSAGEFLAG_AA;
#ifdef notyet
/* /*
* Assume authenticated response until it is known to be * Set AD. We need only clear it if we add "pending" data to
* otherwise. * a response.
*
* Note: as currently written, the server does not return "pending"
* data even if a client says it's OK to do so.
*/ */
message->flags |= DNS_MESSAGEFLAG_AD; message->flags |= DNS_MESSAGEFLAG_AD;
#endif
query_find(client, NULL); query_find(client, NULL);
} }