diff --git a/src/bin/dbutil/dbutil.py.in b/src/bin/dbutil/dbutil.py.in index f91c2768b7..a84448457f 100755 --- a/src/bin/dbutil/dbutil.py.in +++ b/src/bin/dbutil/dbutil.py.in @@ -197,10 +197,8 @@ UPGRADES = [ {'from': (2, 0), 'to': (2, 1), 'statements': [ - # Enforce that only one NSEC3 RR exists for an owner name in - # the zone. - "CREATE UNIQUE INDEX nsec3_by_zoneid_and_owner ON nsec3 " + - "(zone_id, owner)" + "CREATE INDEX nsec3_byhash_and_rdtype ON nsec3 " + + "(hash, rdtype)" ] } diff --git a/src/bin/dbutil/tests/testdata/v2_1.sqlite3 b/src/bin/dbutil/tests/testdata/v2_1.sqlite3 index 9eea287452..ca2dee92b7 100644 Binary files a/src/bin/dbutil/tests/testdata/v2_1.sqlite3 and b/src/bin/dbutil/tests/testdata/v2_1.sqlite3 differ diff --git a/src/lib/datasrc/sqlite3_accessor.cc b/src/lib/datasrc/sqlite3_accessor.cc index b89b2bc49a..68d655477a 100644 --- a/src/lib/datasrc/sqlite3_accessor.cc +++ b/src/lib/datasrc/sqlite3_accessor.cc @@ -111,11 +111,9 @@ const char* const text_statements[NUM_STATEMENTS] = { // ITERATE_NSEC3: // The following iterates the whole zone in the nsec3 table. As the - // RRSIGs are for NSEC3s, we can hardcode the sigtype. As there is - // only one RR per-owner per-zone, there's no need to order these - // for the sake of any post-processing. + // RRSIGs are for NSEC3s, we can hardcode the sigtype. "SELECT rdtype, ttl, \"NSEC3\", rdata, owner FROM nsec3 " - "WHERE zone_id = ?1", + "WHERE zone_id = ?1 ORDER BY hash, rdtype", /* * This one looks for previous name with NSEC record. It is done by * using the reversed name. The NSEC is checked because we need to @@ -359,8 +357,7 @@ const char* const SCHEMA_LIST[] = { "ttl INTEGER NOT NULL, rdtype TEXT NOT NULL COLLATE NOCASE, " "rdata TEXT NOT NULL)", "CREATE INDEX nsec3_byhash ON nsec3 (hash)", - // Enforce that only one NSEC3 RR exists for an owner name in the zone. - "CREATE UNIQUE INDEX nsec3_by_zoneid_and_owner ON nsec3 (zone_id, owner)", + "CREATE INDEX nsec3_byhash_and_rdtype ON nsec3 (hash, rdtype)", "CREATE TABLE diffs (id INTEGER PRIMARY KEY, " "zone_id INTEGER NOT NULL, " "version INTEGER NOT NULL, " diff --git a/src/lib/datasrc/tests/sqlite3_accessor_unittest.cc b/src/lib/datasrc/tests/sqlite3_accessor_unittest.cc index 37c587414a..100a0ddc60 100644 --- a/src/lib/datasrc/tests/sqlite3_accessor_unittest.cc +++ b/src/lib/datasrc/tests/sqlite3_accessor_unittest.cc @@ -193,6 +193,9 @@ TEST_F(SQLite3AccessorTest, iterator) { checkRR(context, "www.example.org.", "3600", "A", "192.0.2.1"); checkRR(context, "ns3.example.org.", "3600", "NSEC3", "1 1 12 aabbccdd 2T7B4G4VSA5SMI47K61MV5BV1A22BOJR A RRSIG"); + checkRR(context, "ns3.example.org.", "3600", "RRSIG", + "NSEC3 5 3 3600 20000101000000 20000201000000 " + "12345 ns3.example.org. FAKEFAKEFAKE"); // Check there's no other EXPECT_FALSE(context->getNext(data)); diff --git a/src/lib/datasrc/tests/testdata/example.org.sqlite3 b/src/lib/datasrc/tests/testdata/example.org.sqlite3 index 939e5e4c85..c799d2ef5a 100644 Binary files a/src/lib/datasrc/tests/testdata/example.org.sqlite3 and b/src/lib/datasrc/tests/testdata/example.org.sqlite3 differ diff --git a/src/lib/python/isc/datasrc/sqlite3_ds.py b/src/lib/python/isc/datasrc/sqlite3_ds.py index ef1245a303..dc80afdfbf 100644 --- a/src/lib/python/isc/datasrc/sqlite3_ds.py +++ b/src/lib/python/isc/datasrc/sqlite3_ds.py @@ -81,9 +81,7 @@ def create(cur): rdtype TEXT NOT NULL COLLATE NOCASE, rdata TEXT NOT NULL)""") cur.execute("CREATE INDEX nsec3_byhash ON nsec3 (hash)") - # Enforce that only one NSEC3 RR exists for an owner name in the zone. - cur.execute("""CREATE UNIQUE INDEX nsec3_by_zoneid_and_owner ON nsec3 - (zone_id, owner)"""); + cur.execute("CREATE INDEX nsec3_byhash_and_rdtype ON nsec3 (hash, rdtype)") cur.execute("""CREATE TABLE diffs (id INTEGER PRIMARY KEY, zone_id INTEGER NOT NULL, version INTEGER NOT NULL,