[svn] commit: r858 - in /branches/each-ds/src/lib: auth/cpp/TODO auth/cpp/data_source.cc dns/cpp/message.cc dns/cpp/message.h dns/cpp/rrset.cc dns/cpp/rrset.h
BIND 10 source code commits
bind10-changes at lists.isc.org
Thu Feb 18 01:36:11 UTC 2010
Author: each
Date: Thu Feb 18 01:36:11 2010
New Revision: 858
Log:
- added the ability to attach RRSIGs to answers (for testing purposes
this option is currently always turned on; we don't parse the DO
bit, so can't easily set the option on a per-query basis)
Modified:
branches/each-ds/src/lib/auth/cpp/TODO
branches/each-ds/src/lib/auth/cpp/data_source.cc
branches/each-ds/src/lib/dns/cpp/message.cc
branches/each-ds/src/lib/dns/cpp/message.h
branches/each-ds/src/lib/dns/cpp/rrset.cc
branches/each-ds/src/lib/dns/cpp/rrset.h
Modified: branches/each-ds/src/lib/auth/cpp/TODO
==============================================================================
--- branches/each-ds/src/lib/auth/cpp/TODO (original)
+++ branches/each-ds/src/lib/auth/cpp/TODO Thu Feb 18 01:36:11 2010
@@ -1,28 +1,25 @@
Data source:
-- add support for type-ANY queries
-- consider altering the "task queue" design (at this point it's relatively
- rare for it to have more than one item).
-- check want_additional before adding additional data
-- make sure glue is not returned in additional section except for NS
+- should check want_additional before adding additional data (except for
+ referrals)
+- make sure glue is not returned in additional section except for NS.
+ we need a way to indicate "glue OK" in calls to findExactRRset().
+
DNSSEC:
- add at least minimal EDNS0 support sufficient to recognize the DO bit
-- change RRset API to include a pointer to signatures (BasicRRset will
- remain for the cases when we want to deal with an RRset that isn't
- signed).
-- wherever RRsets are being added to a section of the reply, if DNSSEC
- is wanted and signatures are availale, add them as well
-- add NSEC/NSEC3 to authority section in negative answers
-- add DS to authority in referrals
+- implement NSEC rdata type; add NSEC/NSEC3 to authority section in
+ negative answers (including positive wildcard answers)
+- implement DS rdata type; add DS to authority in referrals
+- implement DNSKEY rdata type
+- instead of adding additional data directly to the reply message,
+ add it to a temporary storage space, then copy it to the reply
+ afterward, so that A records can be included and RRSIGs omitted if
+ necessary
SQL data source optimization and cleanup:
-- findRecords() should know if it's being called for an exact match, and
- not bother checking for CNAME data or node existence if the exact
- name/type doesn't match.
- we need to use the name-reversal trick so we can use an index on the
- reverse name during lookups (probably best done with a Name API change)
-- findRecords() should handle the Name-to-c_str conversion, not the caller
-
-Other changes:
-- add Name method reverse() to reverse labels (might return a Name, or
- maybe just a string).
+ reverse name during lookups -- need a new Name method or a helper
+ function to do the label reversal.
+- should implement findAddrs() and findReferral() directly instead of
+ using the implementation in DataSrc.
+- need ANY queries
Modified: branches/each-ds/src/lib/auth/cpp/data_source.cc
==============================================================================
--- branches/each-ds/src/lib/auth/cpp/data_source.cc (original)
+++ branches/each-ds/src/lib/auth/cpp/data_source.cc Thu Feb 18 01:36:11 2010
@@ -121,6 +121,10 @@
DataSrc::doQuery(Query q) {
Result result;
Message& m = q.message();
+
+ // XXX: this is for testing purposes; it should be done when
+ // parsing the message for EDNS0 options
+ q.setWantDnssec(true);
m.clearHeaderFlag(MessageFlag::AA());
while (!q.tasks().empty()) {
@@ -171,17 +175,20 @@
if (found) {
if (RRsetPtr r = ref[RRType::DNAME()]) {
RRsetList syn;
- m.addRRset(Section::ANSWER(), r);
+ m.addRRset(Section::ANSWER(), r,
+ q.wantDnssec());
synthesizeCname(q, task, r, syn);
if (syn.size() == 1) {
- m.addRRset(Section::ANSWER(), syn[0]);
+ m.addRRset(Section::ANSWER(), syn[0],
+ q.wantDnssec());
chaseCname(q, task, syn[0]);
continue;
}
}
BOOST_FOREACH (RRsetPtr r, ref) {
if (r->getType() != RRType::DNAME()) {
- m.addRRset(Section::AUTHORITY(), r);
+ m.addRRset(Section::AUTHORITY(), r,
+ q.wantDnssec());
getAdditional(q, r);
}
}
@@ -212,7 +219,7 @@
case QueryTask::GETANSWER:
case QueryTask::FOLLOWCNAME:
BOOST_FOREACH(RRsetPtr rrset, data) {
- m.addRRset(task.section, rrset);
+ m.addRRset(task.section, rrset, q.wantDnssec());
getAdditional(q, rrset);
if (rrset->getType() == RRType::NS()) {
have_ns = true;
@@ -237,7 +244,8 @@
if (rrset->getType() == RRType::DNAME()) {
continue;
}
- m.addRRset(Section::AUTHORITY(), rrset);
+ m.addRRset(Section::AUTHORITY(), rrset,
+ q.wantDnssec());
getAdditional(q, rrset);
}
}
@@ -251,7 +259,7 @@
rrset->getType() == q.qtype()) {
continue;
}
- m.addRRset(task.section, rrset);
+ m.addRRset(task.section, rrset, q.wantDnssec());
}
if (q.tasks().empty()) {
q.setStatus(Query::SUCCESS);
@@ -270,7 +278,7 @@
// The qname node contains a CNAME. Add a new task to the
// queue to look up its target.
if (RRsetPtr rrset = data[RRType::CNAME()]) {
- m.addRRset(task.section, rrset);
+ m.addRRset(task.section, rrset, q.wantDnssec());
chaseCname(q, task, rrset);
}
continue;
@@ -289,7 +297,7 @@
if (rrset->getType() == RRType::DNAME()) {
continue;
}
- m.addRRset(Section::AUTHORITY(), rrset);
+ m.addRRset(Section::AUTHORITY(), rrset, q.wantDnssec());
getAdditional(q, rrset);
}
}
@@ -346,13 +354,15 @@
if (rflags & CNAME_FOUND) {
if (RRsetPtr rrset = wild[RRType::CNAME()]) {
rrset->setName(task.qname);
- m.addRRset(Section::ANSWER(), rrset);
+ m.addRRset(Section::ANSWER(), rrset,
+ q.wantDnssec());
chaseCname(q, task, rrset);
}
} else {
BOOST_FOREACH (RRsetPtr rrset, wild) {
rrset->setName(task.qname);
- m.addRRset(Section::ANSWER(), rrset);
+ m.addRRset(Section::ANSWER(), rrset,
+ q.wantDnssec());
}
RRsetList auth;
@@ -368,7 +378,8 @@
if (rrset->getType() == RRType::DNAME()) {
continue;
}
- m.addRRset(Section::AUTHORITY(), rrset);
+ m.addRRset(Section::AUTHORITY(), rrset,
+ q.wantDnssec());
getAdditional(q, rrset);
}
}
@@ -395,7 +406,7 @@
return;
}
- m.addRRset(Section::AUTHORITY(), soa[0]);
+ m.addRRset(Section::AUTHORITY(), soa[0], q.wantDnssec());
q.setStatus(Query::FAILURE);
return;
}
Modified: branches/each-ds/src/lib/dns/cpp/message.cc
==============================================================================
--- branches/each-ds/src/lib/dns/cpp/message.cc (original)
+++ branches/each-ds/src/lib/dns/cpp/message.cc Thu Feb 18 01:36:11 2010
@@ -265,11 +265,18 @@
}
void
-Message::addRRset(const Section& section, RRsetPtr rrset)
+Message::addRRset(const Section& section, RRsetPtr rrset, bool sign)
{
// Note: should check duplicate (TBD)
impl_->rrsets_[sectionCodeToId(section)].push_back(rrset);
impl_->counts_[section.getCode()] += rrset->getRdataCount();
+
+ BasicRRsetPtr sp = rrset->getRRsig();
+ if (sign && sp) {
+ RRset* sigs = new RRset(*sp);
+ impl_->rrsets_[sectionCodeToId(section)].push_back(RRsetPtr(sigs));
+ impl_->counts_[section.getCode()] += sp->getRdataCount();
+ }
}
void
Modified: branches/each-ds/src/lib/dns/cpp/message.h
==============================================================================
--- branches/each-ds/src/lib/dns/cpp/message.h (original)
+++ branches/each-ds/src/lib/dns/cpp/message.h Thu Feb 18 01:36:11 2010
@@ -503,7 +503,7 @@
void addQuestion(QuestionPtr question);
void addQuestion(const Question& question);
void removeQuestion(QuestionPtr question);
- void addRRset(const Section& section, RRsetPtr rrset);
+ void addRRset(const Section& section, RRsetPtr rrset, bool sign = false);
void removeRRset(const Section& section, RRsetPtr rrset);
// notyet:
//void addRR(const Section& section, const RR& rr);
Modified: branches/each-ds/src/lib/dns/cpp/rrset.cc
==============================================================================
--- branches/each-ds/src/lib/dns/cpp/rrset.cc (original)
+++ branches/each-ds/src/lib/dns/cpp/rrset.cc Thu Feb 18 01:36:11 2010
@@ -112,6 +112,13 @@
RRTTL ttl_;
vector<RdataPtr> rdatalist_;
};
+
+BasicRRset::BasicRRset(const BasicRRset& source)
+{
+ impl_ = new BasicRRsetImpl(source.impl_->name_, source.impl_->rrclass_,
+ source.impl_->rrtype_, source.impl_->ttl_);
+ impl_->rdatalist_ = source.impl_->rdatalist_;
+}
BasicRRset::BasicRRset(const Name& name, const RRClass& rrclass,
const RRType& rrtype, const RRTTL& ttl)
Modified: branches/each-ds/src/lib/dns/cpp/rrset.h
==============================================================================
--- branches/each-ds/src/lib/dns/cpp/rrset.h (original)
+++ branches/each-ds/src/lib/dns/cpp/rrset.h Thu Feb 18 01:36:11 2010
@@ -136,11 +136,10 @@
/// concern for this class.
class BasicRRset : public AbstractRRset {
private:
- BasicRRset(const BasicRRset& source);
- void operator=(const BasicRRset& source);
-public:
+public:
+ BasicRRset(BasicRRset const& source);
explicit BasicRRset(const Name& name, const RRClass& rrclass,
- const RRType& rrtype, const RRTTL& ttl);
+ const RRType& rrtype, const RRTTL& ttl);
virtual ~BasicRRset();
///
/// See the note for the base class version.
@@ -176,12 +175,13 @@
private:
typedef boost::shared_ptr<BasicRRset> BasicRRsetPtr;
public:
- RRset(const Name& name, const RRClass& rrclass,
+ RRset(const BasicRRset& source) : BasicRRset(source) {};
+ explicit RRset(const Name& name, const RRClass& rrclass,
const RRType& rrtype, const RRTTL& ttl);
virtual ~RRset();
- virtual void addRRsig(AbstractRRset& sigs) {
+ void addRRsig(AbstractRRset& sigs) {
RdataIteratorPtr it = sigs.getRdataIterator();
rrsig_ = BasicRRsetPtr(new BasicRRset(this->getName(), this->getClass(),
@@ -191,17 +191,9 @@
}
}
- virtual void addRRsig(RRsetPtr sigs) {
- addRRsig(*sigs);
- }
-
- virtual void removeRRsig() {
- rrsig_ = BasicRRsetPtr();
- }
-
- virtual BasicRRsetPtr getRRsig() {
- return (rrsig_);
- }
+ void addRRsig(RRsetPtr sigs) { addRRsig(*sigs); }
+ void removeRRsig() { rrsig_ = BasicRRsetPtr(); }
+ BasicRRsetPtr getRRsig() { return (rrsig_); }
private:
BasicRRsetPtr rrsig_;
};
More information about the bind10-changes
mailing list