- consolidated test scenarios for NSEC and NSEC3 to avoid duplicates
- also tested the case for findAll()
- also tested when the zone only has NSEC3PARAM or unsigned
these are short, and only used in FindDNSSECContext, so it'd make more sense
to enclose them there.
Other cleanups:
- also made FindDNSSECContext::isNSEC/isNSEC3 private as they now don't need
to be called outside the class
- removed isInited(); simpy doesn't see the need for it as a separate method
- simplified the code logic of getResultFlag()
same adjustment as the previous comment was made for tests.
also fixed a small bug in getDNSSECRRset(): I should have reversed the
logic for need_nscheck.
to make a related test pass, incorporated the NotImplemented exception
handling from findNSECCover to getDNSSECRRset.
note: in this commit I reversed the behavior when we encounter the situation
where NSEC is expected but cannot be found; it now returns a NULL pointer,
although the NSEC_SIGNED flag can be still set.
It's a quite broken case of zone config so it's probably up to the
implementation, and in that sense throwing an exception is not necessary
wrong. But we may have such a situation in a valid scenario if and when we
support incremental zone signing. Also, this behavior is consistent with
BIND 9.
The emptyNonterminalNSEC test case was adjusted accordingly.
to do this, I extended getDNSSECRRset(name) further: it now takes 'covering'
parameter, depending on whether the requested NSEC is for the exact name
or the covering ("previous") name. In the latter case it does the same
thing as findNSECCover() (which will be merged to getDNSSECRRset later).
now FindDNSSECContext has sufficient information to choose the correct flag,
findOnNameResult() can simply call its getResultFlags().
as an additional bonus, we can constify 'flags'.
- renamed getNSECRRset to getDNSSECRRset to clarify it's for generic DNSSEC
purpose, even though it's essentially NSEC specific.
- moved the 'isNSEC' check to the now-renamed getDNSSECRRset, thereby removing
the need for checking that within findOnNameResult.
instead of a pointer.
IMO, finderp_ should better be a reference than a pointer if we'd
worry about the case where it's NULL later on, like getNSECRRset
does (which shouldn't never happen in our usage).
the NULL pointer check was therefore removed with this change.
removed origin_ or complete flags_ from the class members. non DNSSEC-specific
processing was recovered from the original version.
also made FindDNSSECContext private inside ZoneFinder; it doesn't have to
be publicly usable.
also made indentation policy more consistent for the class.
- use boolean as boolean: if (is_xx == true) => if (is_xx)
- spacing consistency if (X){ => if (X) { // (many of this in the branch)
- folded a long line
- s/NSEC3PARAMETER/NSEC3PARAM/
- "definitely" is too strong in this context
- add a space after a comma
- "zonefile" is awkward (there's no "zonefile" in this context)
- "NSEC3 method" is an awkward term
- "this zone signature" is also awkward
