mir/kea
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/kea synced 2025-08-31 22:15:23 +00:00
Code Issues Releases Wiki Activity

[master] Merge branch 'trac1244'

Browse Source
This commit is contained in:
JINMEI Tatuya
2011-12-06 13:38:32 -08:00
parent 862b0e3804 1d5d7d8ea8
commit d408808ea8
2 changed files with 3 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/bin/auth/query.cc
View File

@@ -117,7 +117,6 @@ void
Query::addNXDOMAINProof(ZoneFinder& finder, ConstRRsetPtr nsec) { Query::addNXDOMAINProof(ZoneFinder& finder, ConstRRsetPtr nsec) {
if (nsec->getRdataCount() == 0) { if (nsec->getRdataCount() == 0) {
isc_throw(BadNSEC, "NSEC for NXDOMAIN is empty"); isc_throw(BadNSEC, "NSEC for NXDOMAIN is empty");
return;
} }
// Add the NSEC proving NXDOMAIN to the authority section. // Add the NSEC proving NXDOMAIN to the authority section.
@@ -152,7 +151,6 @@ Query::addNXDOMAINProof(ZoneFinder& finder, ConstRRsetPtr nsec) {
if (fresult.code != ZoneFinder::NXDOMAIN || !fresult.rrset || if (fresult.code != ZoneFinder::NXDOMAIN || !fresult.rrset ||
fresult.rrset->getRdataCount() == 0) { fresult.rrset->getRdataCount() == 0) {
isc_throw(BadNSEC, "Unexpected result for wildcard NXDOMAIN proof"); isc_throw(BadNSEC, "Unexpected result for wildcard NXDOMAIN proof");
return;
} }
// Add the (no-) wildcard proof only when it's different from the NSEC // Add the (no-) wildcard proof only when it's different from the NSEC
@@ -178,7 +176,6 @@ Query::addWildcardProof(ZoneFinder& finder) {
if (fresult.code != ZoneFinder::NXDOMAIN || !fresult.rrset || if (fresult.code != ZoneFinder::NXDOMAIN || !fresult.rrset ||
fresult.rrset->getRdataCount() == 0) { fresult.rrset->getRdataCount() == 0) {
isc_throw(BadNSEC, "Unexpected result for wildcard proof"); isc_throw(BadNSEC, "Unexpected result for wildcard proof");
return;
} }
response_.addRRset(Message::SECTION_AUTHORITY, response_.addRRset(Message::SECTION_AUTHORITY,
boost::const_pointer_cast<RRset>(fresult.rrset), boost::const_pointer_cast<RRset>(fresult.rrset),
@@ -186,12 +183,11 @@ Query::addWildcardProof(ZoneFinder& finder) {
} }
void void
Query::addWildcardNxrrsetProof(ZoneFinder& finder, ConstRRsetPtr nsec) { Query::addWildcardNXRRSETProof(ZoneFinder& finder, ConstRRsetPtr nsec) {
// There should be one NSEC RR which was found in the zone to prove // There should be one NSEC RR which was found in the zone to prove
// that there is not matched <QNAME,QTYPE> via wildcard expansion. // that there is not matched <QNAME,QTYPE> via wildcard expansion.
if (nsec->getRdataCount() == 0) { if (nsec->getRdataCount() == 0) {
isc_throw(BadNSEC, "NSEC for WILDCARD_NXRRSET is empty"); isc_throw(BadNSEC, "NSEC for WILDCARD_NXRRSET is empty");
return;
} }
// Add this NSEC RR to authority section. // Add this NSEC RR to authority section.
response_.addRRset(Message::SECTION_AUTHORITY, response_.addRRset(Message::SECTION_AUTHORITY,
@@ -203,7 +199,6 @@ Query::addWildcardNxrrsetProof(ZoneFinder& finder, ConstRRsetPtr nsec) {
if (fresult.code != ZoneFinder::NXDOMAIN || !fresult.rrset || if (fresult.code != ZoneFinder::NXDOMAIN || !fresult.rrset ||
fresult.rrset->getRdataCount() == 0) { fresult.rrset->getRdataCount() == 0) {
isc_throw(BadNSEC, "Unexpected result for no match QNAME proof"); isc_throw(BadNSEC, "Unexpected result for no match QNAME proof");
return;
} }
if (nsec->getName() != fresult.rrset->getName()) { if (nsec->getName() != fresult.rrset->getName()) {
@@ -387,7 +382,7 @@ Query::process() {
case ZoneFinder::WILDCARD_NXRRSET: case ZoneFinder::WILDCARD_NXRRSET:
addSOA(*result.zone_finder); addSOA(*result.zone_finder);
if (dnssec_ && db_result.rrset) { if (dnssec_ && db_result.rrset) {
addWildcardNxrrsetProof(zfinder,db_result.rrset); addWildcardNXRRSETProof(zfinder, db_result.rrset);
} }
break; break;
default: default:

2
src/bin/auth/query.h
View File

@@ -91,7 +91,7 @@ private:
/// query is to be found. /// query is to be found.
/// \param nsec The RRset (NSEC RR) which proved that there is no matched /// \param nsec The RRset (NSEC RR) which proved that there is no matched
/// <QNAME,QTTYPE>. /// <QNAME,QTTYPE>.
void addWildcardNxrrsetProof(isc::datasrc::ZoneFinder& finder, void addWildcardNXRRSETProof(isc::datasrc::ZoneFinder& finder,
isc::dns::ConstRRsetPtr nsec); isc::dns::ConstRRsetPtr nsec);
/// \brief Look up additional data (i.e., address records for the names /// \brief Look up additional data (i.e., address records for the names