[svn] commit: r1145 - in /trunk/src/lib: auth/ dns/rdata/generic/
BIND 10 source code commits
bind10-changes at lists.isc.org
Sat Mar 6 02:51:22 UTC 2010
Author: each
Date: Sat Mar 6 02:51:21 2010
New Revision: 1145
Log:
checkpoint:
- refactored NSEC support
- fixed bug in which NSEC records could be duplicated
- added NSEC3 code -- please note NSEC3 is COMPLETELY untested
Modified:
trunk/src/lib/auth/data_source.cc
trunk/src/lib/auth/data_source.h
trunk/src/lib/auth/data_source_sqlite3.cc
trunk/src/lib/auth/data_source_sqlite3.h
trunk/src/lib/auth/data_source_static.cc
trunk/src/lib/auth/data_source_static.h
trunk/src/lib/auth/datasrc_unittest.cc
trunk/src/lib/auth/query.cc
trunk/src/lib/auth/query.h
trunk/src/lib/auth/unittest_ds.cc
trunk/src/lib/auth/unittest_ds.h
trunk/src/lib/dns/rdata/generic/nsec3_50.cc
trunk/src/lib/dns/rdata/generic/nsec3_50.h
trunk/src/lib/dns/rdata/generic/nsec3param_51.cc
trunk/src/lib/dns/rdata/generic/nsec3param_51.h
Modified: trunk/src/lib/auth/data_source.cc
==============================================================================
--- trunk/src/lib/auth/data_source.cc (original)
+++ trunk/src/lib/auth/data_source.cc Sat Mar 6 02:51:21 2010
@@ -249,6 +249,149 @@
return (false);
}
+static inline DataSrc::Result
+addSOA(Query& q, const Name* zonename, const DataSrc* ds) {
+ Message& m = q.message();
+ DataSrc::Result result;
+ RRsetList soa;
+
+ QueryTask newtask(*zonename, q.qclass(), RRType::SOA(),
+ QueryTask::SIMPLE_QUERY);
+ result = doQueryTask(ds, zonename, q, newtask, soa);
+ if (result != DataSrc::SUCCESS || newtask.flags != 0) {
+ return (DataSrc::ERROR);
+ }
+
+ m.addRRset(Section::AUTHORITY(), soa[RRType::SOA()], q.wantDnssec());
+ return (DataSrc::SUCCESS);
+}
+
+static inline DataSrc::Result
+addNSEC(Query& q, const QueryTaskPtr task, const Name& name,
+ const Name& zonename, const DataSrc* ds)
+{
+ RRsetList nsec;
+ Message& m = q.message();
+ DataSrc::Result result;
+
+ QueryTask newtask(name, task->qclass, RRType::NSEC(),
+ QueryTask::SIMPLE_QUERY);
+ result = doQueryTask(ds, &zonename, q, newtask, nsec);
+ if (result != DataSrc::SUCCESS) {
+ return (DataSrc::ERROR);
+ }
+
+ if (newtask.flags == 0) {
+ m.addRRset(Section::AUTHORITY(), nsec[RRType::NSEC()], true);
+ }
+
+ return (DataSrc::SUCCESS);
+}
+
+static inline DataSrc::Result
+addNSEC3(const string& hash, Query& q, const DataSrc* ds, const Name& zonename)
+{
+ RRsetList nsec3;
+ Message& m = q.message();
+ DataSrc::Result result;
+
+ result = ds->findCoveringNSEC3(q, hash, zonename, nsec3);
+ if (result != DataSrc::SUCCESS) {
+ return (DataSrc::ERROR);
+ }
+
+ m.addRRset(Section::AUTHORITY(), nsec3[RRType::NSEC3()], true);
+ return (DataSrc::SUCCESS);
+}
+
+static Nsec3Param*
+getNsec3Param(Query& q, const DataSrc* ds, const Name& zonename)
+{
+ DataSrc::Result result;
+ RRsetList nsec3param;
+
+ QueryTask newtask(zonename, q.qclass(), RRType::NSEC3PARAM(),
+ QueryTask::SIMPLE_QUERY);
+ result = doQueryTask(ds, &zonename, q, newtask, nsec3param);
+ newtask.flags &= ~DataSrc::REFERRAL;
+ if (result != DataSrc::SUCCESS || newtask.flags != 0) {
+ return (NULL);
+ }
+
+ RRsetPtr rrset = nsec3param[RRType::NSEC3PARAM()];
+ if (!rrset) {
+ return (NULL);
+ }
+
+ // XXX: currently only one NSEC3 chain per zone is supported;
+ // we will need to revisit this.
+ RdataIteratorPtr it = rrset->getRdataIterator();
+ it->first();
+ if (it->isLast()) {
+ return (NULL);
+ }
+
+ const generic::NSEC3PARAM& np =
+ dynamic_cast<const generic::NSEC3PARAM&>(it->getCurrent());
+ return (new Nsec3Param(np.getHashalg(), np.getFlags(),
+ np.getIterations(), np.getSalt()));
+}
+
+static inline DataSrc::Result
+proveNX(Query& q, QueryTaskPtr task, const DataSrc* ds, const Name& zonename)
+{
+ DataSrc::Result result;
+ Nsec3Param* nsec3 = getNsec3Param(q, ds, zonename);
+ if (nsec3) {
+ string node = nsec3->getHash(task->qname);
+ string apex = nsec3->getHash(zonename);
+ string wild = nsec3->getHash(Name("*").concatenate(zonename));
+ delete nsec3;
+
+ result = addNSEC3(node, q, ds, zonename);
+ if (result != DataSrc::SUCCESS) {
+ return (result);
+ }
+
+ if (node != apex) {
+ result = addNSEC3(apex, q, ds, zonename);
+ if (result != DataSrc::SUCCESS) {
+ return (result);
+ }
+ }
+
+ if ((task->flags & DataSrc::NAME_NOT_FOUND) != 0 && node != wild) {
+ result = addNSEC3(wild, q, ds, zonename);
+ if (result != DataSrc::SUCCESS) {
+ return (result);
+ }
+ }
+ } else {
+ Name nsecname(task->qname);
+ if ((task->flags & DataSrc::NAME_NOT_FOUND) != 0) {
+ ds->findPreviousName(q, task->qname, nsecname, &zonename);
+ }
+
+ result = addNSEC(q, task, nsecname, zonename, ds);
+ if (result != DataSrc::SUCCESS) {
+ return (result);
+ }
+
+ if ((task->flags & DataSrc::TYPE_NOT_FOUND) != 0 ||
+ nsecname == zonename)
+ {
+ return (DataSrc::SUCCESS);
+ }
+
+ result = addNSEC(q, task, zonename, zonename, ds);
+ if (result != DataSrc::SUCCESS) {
+ return (result);
+ }
+ }
+
+ return (DataSrc::SUCCESS);
+}
+
// Attempt a wildcard lookup
static inline DataSrc::Result
tryWildcard(Query& q, QueryTaskPtr task, const DataSrc* ds,
@@ -311,19 +454,6 @@
}
copyAuth(q, auth);
- }
- } else if (q.wantDnssec()) {
- // No wildcard found; add an NSEC to prove it
- RRsetList nsec;
- QueryTask newtask(*zonename, task->qclass, RRType::NSEC(),
- QueryTask::SIMPLE_QUERY);
- result = doQueryTask(ds, zonename, q, newtask, nsec);
- if (result != DataSrc::SUCCESS) {
- return (DataSrc::ERROR);
- }
-
- if (newtask.flags == 0) {
- m.addRRset(Section::AUTHORITY(), nsec[RRType::NSEC()], true);
}
}
@@ -510,43 +640,29 @@
// NXDOMAIN, and also add the previous NSEC to the authority
// section. For TYPE_NOT_FOUND, do not set an error rcode,
// and send the current NSEC in the authority section.
+ if (task->state == QueryTask::GETANSWER) {
+ if ((task->flags & NAME_NOT_FOUND) != 0) {
+ m.setRcode(Rcode::NXDOMAIN());
+ }
+
+ result = addSOA(q, zonename, datasource);
+ if (result != SUCCESS) {
+ m.setRcode(Rcode::SERVFAIL());
+ return;
+ }
+ }
+
Name nsecname(task->qname);
if ((task->flags & NAME_NOT_FOUND) != 0) {
datasource->findPreviousName(q, task->qname, nsecname,
zonename);
}
- if (task->state == QueryTask::GETANSWER) {
- if ((task->flags & NAME_NOT_FOUND) != 0) {
- m.setRcode(Rcode::NXDOMAIN());
- }
-
- RRsetList soa;
- QueryTask newtask(*zonename, task->qclass, RRType::SOA(),
- QueryTask::SIMPLE_QUERY);
- result = doQueryTask(datasource, zonename, q, newtask, soa);
- if (result != SUCCESS || newtask.flags != 0) {
+ if (q.wantDnssec()) {
+ result = proveNX(q, task, datasource, *zonename);
+ if (result != DataSrc::SUCCESS) {
m.setRcode(Rcode::SERVFAIL());
return;
- }
-
- m.addRRset(Section::AUTHORITY(), soa[RRType::SOA()],
- q.wantDnssec());
- }
-
- if (q.wantDnssec()) {
- RRsetList nsec;
- QueryTask newtask(nsecname, task->qclass,
- RRType::NSEC(), QueryTask::SIMPLE_QUERY);
- result = doQueryTask(datasource, zonename, q, newtask, nsec);
- if (result != SUCCESS) {
- m.setRcode(Rcode::SERVFAIL());
- return;
- }
-
- if (newtask.flags == 0) {
- m.addRRset(Section::AUTHORITY(), nsec[RRType::NSEC()],
- true);
}
}
@@ -694,7 +810,7 @@
}
Nsec3Param::Nsec3Param(uint8_t a, uint8_t f, uint16_t i,
- std::vector<uint8_t>& s) :
+ const std::vector<uint8_t>& s) :
algorithm(a), flags(f), iterations(i), salt(s)
{}
Modified: trunk/src/lib/auth/data_source.h
==============================================================================
--- trunk/src/lib/auth/data_source.h (original)
+++ trunk/src/lib/auth/data_source.h Sat Mar 6 02:51:21 2010
@@ -145,8 +145,7 @@
// This MUST be implemented by concrete data sources which support
// NSEC3, but is optional for others
virtual Result findCoveringNSEC3(const Query& q,
- const Nsec3Param& param,
- const isc::dns::Name& qname,
+ const std::string& hash,
const isc::dns::Name& zonename,
isc::dns::RRsetList& target) const = 0;
};
@@ -215,8 +214,7 @@
const isc::dns::Name* zonename) const = 0;
virtual Result findCoveringNSEC3(const Query& q,
- const Nsec3Param& param,
- const isc::dns::Name& qname,
+ const std::string& hash,
const isc::dns::Name& zonename,
isc::dns::RRsetList& target) const = 0;
@@ -294,8 +292,7 @@
}
virtual Result findCoveringNSEC3(const Query& q,
- const Nsec3Param& param,
- const isc::dns::Name& qname,
+ const std::string& qname,
const isc::dns::Name& zonename,
isc::dns::RRsetList& target) const
{
@@ -326,7 +323,7 @@
class Nsec3Param {
public:
- Nsec3Param(uint8_t a, uint8_t f, uint16_t i, std::vector<uint8_t>& s);
+ Nsec3Param(uint8_t a, uint8_t f, uint16_t i, const std::vector<uint8_t>& s);
const uint8_t algorithm;
const uint8_t flags;
Modified: trunk/src/lib/auth/data_source_sqlite3.cc
==============================================================================
--- trunk/src/lib/auth/data_source_sqlite3.cc (original)
+++ trunk/src/lib/auth/data_source_sqlite3.cc Sat Mar 6 02:51:21 2010
@@ -370,7 +370,6 @@
throw(e);
}
-#if 0 // XXX
const char* q_nsec3_str = "SELECT rdtype, ttl, rdata FROM nsec3 "
"WHERE zone_id=?1 AND hash == $2";
try {
@@ -391,7 +390,6 @@
cout << sqlite3_errmsg(db) << endl;
throw(e);
}
-#endif
}
void
@@ -525,8 +523,7 @@
DataSrc::Result
Sqlite3DataSrc::findCoveringNSEC3(const Query& q,
- const Nsec3Param& nsec3param,
- const Name& qname,
+ const string& hashstr,
const Name& zonename,
RRsetList& target) const
{
@@ -534,8 +531,6 @@
if (zone_id < 0) {
return (ERROR);
}
-
- string hashstr = nsec3param.getHash(qname);
sqlite3_reset(q_prevnsec3);
sqlite3_clear_bindings(q_prevnsec3);
@@ -558,9 +553,9 @@
// We need to find the final NSEC3 in the chain.
// A valid NSEC3 hash is in base32, which contains no
// letters higher than V, so a search for the previous
- // NSEC3 from "W" will always find it.
+ // NSEC3 from "w" will always find it.
sqlite3_reset(q_prevnsec3);
- rc = sqlite3_bind_text(q_prevnsec3, 2, "W", -1, SQLITE_STATIC);
+ rc = sqlite3_bind_text(q_prevnsec3, 2, "w", -1, SQLITE_STATIC);
if (rc != SQLITE_OK) {
throw ("Could not bind 2 (last NSEC3)");
}
Modified: trunk/src/lib/auth/data_source_sqlite3.h
==============================================================================
--- trunk/src/lib/auth/data_source_sqlite3.h (original)
+++ trunk/src/lib/auth/data_source_sqlite3.h Sat Mar 6 02:51:21 2010
@@ -90,8 +90,7 @@
const isc::dns::Name* zonename) const;
Result findCoveringNSEC3(const Query& q,
- const Nsec3Param& param,
- const isc::dns::Name& qname,
+ const std::string& hash,
const isc::dns::Name& zonename,
isc::dns::RRsetList& target) const;
Modified: trunk/src/lib/auth/data_source_static.cc
==============================================================================
--- trunk/src/lib/auth/data_source_static.cc (original)
+++ trunk/src/lib/auth/data_source_static.cc Sat Mar 6 02:51:21 2010
@@ -175,9 +175,8 @@
}
DataSrc::Result
-StaticDataSrc::findCoveringNSEC3(const Query& q, const Nsec3Param& param,
- const Name& qname, const Name& zonename,
- RRsetList& target) const
+StaticDataSrc::findCoveringNSEC3(const Query& q, const string& hash,
+ const Name& zonename, RRsetList& target) const
{
return (NOT_IMPLEMENTED);
}
Modified: trunk/src/lib/auth/data_source_static.h
==============================================================================
--- trunk/src/lib/auth/data_source_static.h (original)
+++ trunk/src/lib/auth/data_source_static.h Sat Mar 6 02:51:21 2010
@@ -82,8 +82,7 @@
const isc::dns::Name* zonename) const;
Result findCoveringNSEC3(const Query& q,
- const Nsec3Param& param,
- const isc::dns::Name& qname,
+ const std::string& hash,
const isc::dns::Name& zonename,
isc::dns::RRsetList& target) const;
Modified: trunk/src/lib/auth/datasrc_unittest.cc
==============================================================================
--- trunk/src/lib/auth/datasrc_unittest.cc (original)
+++ trunk/src/lib/auth/datasrc_unittest.cc Sat Mar 6 02:51:21 2010
@@ -189,7 +189,7 @@
RRsetIterator rit = msg.beginSection(Section::AUTHORITY());
RRsetPtr rrset = *rit;
EXPECT_EQ(Name("example.com"), rrset->getName());
- EXPECT_EQ(RRType::NSEC(), rrset->getType());
+ EXPECT_EQ(RRType::SOA(), rrset->getType());
EXPECT_EQ(RRClass::IN(), rrset->getClass());
// XXX: check for other authority section answers
}
Modified: trunk/src/lib/auth/query.cc
==============================================================================
--- trunk/src/lib/auth/query.cc (original)
+++ trunk/src/lib/auth/query.cc Sat Mar 6 02:51:21 2010
@@ -27,10 +27,6 @@
namespace isc {
namespace auth {
-
-// Destructors defined here to avoid confusing the linker
-Query::~Query() {}
-QueryTask::~QueryTask() {}
QueryTask::QueryTask(const isc::dns::Name& n, const isc::dns::RRClass& c,
const isc::dns::RRType& t, const isc::dns::Section& sect) :
@@ -90,6 +86,8 @@
}
}
+QueryTask::~QueryTask() {}
+
Query::Query(Message& m, bool dnssec) :
status_(PENDING), qname_(NULL), qclass_(NULL), qtype_(NULL),
message_(&m), want_additional_(true), want_dnssec_(dnssec)
@@ -109,5 +107,7 @@
Section::ANSWER())));
}
+Query::~Query() {}
+
}
}
Modified: trunk/src/lib/auth/query.h
==============================================================================
--- trunk/src/lib/auth/query.h (original)
+++ trunk/src/lib/auth/query.h Sat Mar 6 02:51:21 2010
@@ -221,6 +221,7 @@
}
}
+
#endif
// Local Variables:
Modified: trunk/src/lib/auth/unittest_ds.cc
==============================================================================
--- trunk/src/lib/auth/unittest_ds.cc (original)
+++ trunk/src/lib/auth/unittest_ds.cc Sat Mar 6 02:51:21 2010
@@ -738,7 +738,7 @@
assert(zonename != NULL);
if (*zonename == example) {
- if (qname >= example || qname < cnameext) {
+ if (qname >= example && qname < cnameext) {
target = example;
} else if (qname < cnameint) {
target = cnameext;
@@ -775,8 +775,7 @@
DataSrc::Result
TestDataSrc::findCoveringNSEC3(const Query& q,
- const Nsec3Param& param,
- const Name& qname,
+ const string& hash,
const Name& zonename,
RRsetList& target) const
{
Modified: trunk/src/lib/auth/unittest_ds.h
==============================================================================
--- trunk/src/lib/auth/unittest_ds.h (original)
+++ trunk/src/lib/auth/unittest_ds.h Sat Mar 6 02:51:21 2010
@@ -86,8 +86,7 @@
const isc::dns::Name* zonename) const;
Result findCoveringNSEC3(const Query& q,
- const Nsec3Param& param,
- const isc::dns::Name& qname,
+ const std::string& hash,
const isc::dns::Name& zonename,
isc::dns::RRsetList& target) const;
Modified: trunk/src/lib/dns/rdata/generic/nsec3_50.cc
==============================================================================
--- trunk/src/lib/dns/rdata/generic/nsec3_50.cc (original)
+++ trunk/src/lib/dns/rdata/generic/nsec3_50.cc Sat Mar 6 02:51:21 2010
@@ -41,14 +41,14 @@
struct NSEC3Impl {
// straightforward representation of NSEC3 RDATA fields
- NSEC3Impl(uint8_t hash, uint8_t flags, uint16_t iterations,
+ NSEC3Impl(uint8_t hashalg, uint8_t flags, uint16_t iterations,
vector<uint8_t>salt, vector<uint8_t>next,
vector<uint8_t> typebits) :
- hash_(hash), flags_(flags), iterations_(iterations),
+ hashalg_(hashalg), flags_(flags), iterations_(iterations),
salt_(salt), next_(next), typebits_(typebits)
{}
- uint8_t hash_;
+ uint8_t hashalg_;
uint8_t flags_;
uint16_t iterations_;
vector<uint8_t> salt_;
@@ -60,15 +60,15 @@
impl_(NULL)
{
istringstream iss(nsec3_str);
- unsigned int hash, flags, iterations;
+ unsigned int hashalg, flags, iterations;
string salthex;
- iss >> hash >> flags >> iterations >> salthex;
+ iss >> hashalg >> flags >> iterations >> salthex;
if (iss.bad() || iss.fail()) {
dns_throw(InvalidRdataText, "Invalid NSEC3 text");
}
- if (hash > 0xf) {
- dns_throw(InvalidRdataText, "NSEC3 hash out of range");
+ if (hashalg > 0xf) {
+ dns_throw(InvalidRdataText, "NSEC3 hash algorithm out of range");
}
if (flags > 0xff) {
dns_throw(InvalidRdataText, "NSEC3 flags out of range");
@@ -84,7 +84,7 @@
iss >> setw(32) >> nextstr;
vector<uint8_t> next;
if (iss.bad() || iss.fail()) {
- dns_throw(InvalidRdataText, "Invalid NSEC3 hash");
+ dns_throw(InvalidRdataText, "Invalid NSEC3 hash algorithm");
}
decodeBase32(nextstr, next);
@@ -116,7 +116,7 @@
}
}
- impl_ = new NSEC3Impl(hash, flags, iterations, salt, next, typebits);
+ impl_ = new NSEC3Impl(hashalg, flags, iterations, salt, next, typebits);
}
NSEC3::NSEC3(InputBuffer& buffer, size_t rdata_len)
@@ -125,7 +125,7 @@
dns_throw(InvalidRdataLength, "NSEC3 too short");
}
- uint8_t hash = buffer.readUint8();
+ uint8_t hashalg = buffer.readUint8();
uint8_t flags = buffer.readUint8();
uint16_t iterations = buffer.readUint16();
rdata_len -= 4;
@@ -161,7 +161,7 @@
vector<uint8_t> typebits(rdata_len);
buffer.readData(&typebits[0], rdata_len);
- impl_ = new NSEC3Impl(hash, flags, iterations, salt, next, typebits);
+ impl_ = new NSEC3Impl(hashalg, flags, iterations, salt, next, typebits);
}
NSEC3::NSEC3(const NSEC3& source) :
@@ -213,7 +213,7 @@
}
using namespace boost;
- return (lexical_cast<string>(static_cast<int>(impl_->hash_)) +
+ return (lexical_cast<string>(static_cast<int>(impl_->hashalg_)) +
" " + lexical_cast<string>(static_cast<int>(impl_->flags_)) +
" " + lexical_cast<string>(static_cast<int>(impl_->iterations_)) +
" " + encodeHex(impl_->salt_) +
@@ -223,7 +223,7 @@
void
NSEC3::toWire(OutputBuffer& buffer) const
{
- buffer.writeUint8(impl_->hash_);
+ buffer.writeUint8(impl_->hashalg_);
buffer.writeUint8(impl_->flags_);
buffer.writeUint16(impl_->iterations_);
buffer.writeUint8(impl_->salt_.size());
@@ -236,7 +236,7 @@
void
NSEC3::toWire(MessageRenderer& renderer) const
{
- renderer.writeUint8(impl_->hash_);
+ renderer.writeUint8(impl_->hashalg_);
renderer.writeUint8(impl_->flags_);
renderer.writeUint16(impl_->iterations_);
renderer.writeUint8(impl_->salt_.size());
@@ -251,8 +251,8 @@
{
const NSEC3& other_nsec3 = dynamic_cast<const NSEC3&>(other);
- if (impl_->hash_ != other_nsec3.impl_->hash_) {
- return (impl_->hash_ < other_nsec3.impl_->hash_ ? -1 : 1);
+ if (impl_->hashalg_ != other_nsec3.impl_->hashalg_) {
+ return (impl_->hashalg_ < other_nsec3.impl_->hashalg_ ? -1 : 1);
}
if (impl_->flags_ != other_nsec3.impl_->flags_) {
return (impl_->flags_ < other_nsec3.impl_->flags_ ? -1 : 1);
@@ -302,8 +302,8 @@
}
uint8_t
-NSEC3::getHash() const {
- return impl_->hash_;
+NSEC3::getHashalg() const {
+ return impl_->hashalg_;
}
uint8_t
@@ -316,7 +316,7 @@
return impl_->iterations_;
}
-vector<uint8_t>
+vector<uint8_t>&
NSEC3::getSalt() const {
return impl_->salt_;
}
Modified: trunk/src/lib/dns/rdata/generic/nsec3_50.h
==============================================================================
--- trunk/src/lib/dns/rdata/generic/nsec3_50.h (original)
+++ trunk/src/lib/dns/rdata/generic/nsec3_50.h Sat Mar 6 02:51:21 2010
@@ -42,10 +42,10 @@
NSEC3& operator=(const NSEC3& source);
~NSEC3();
- uint8_t getHash() const;
+ uint8_t getHashalg() const;
uint8_t getFlags() const;
uint16_t getIterations() const;
- std::vector<uint8_t> getSalt() const;
+ std::vector<uint8_t>& getSalt() const;
private:
NSEC3Impl* impl_;
Modified: trunk/src/lib/dns/rdata/generic/nsec3param_51.cc
==============================================================================
--- trunk/src/lib/dns/rdata/generic/nsec3param_51.cc (original)
+++ trunk/src/lib/dns/rdata/generic/nsec3param_51.cc Sat Mar 6 02:51:21 2010
@@ -37,30 +37,30 @@
struct NSEC3PARAMImpl {
// straightforward representation of NSEC3PARAM RDATA fields
- NSEC3PARAMImpl(uint8_t hash, uint8_t flags, uint16_t iterations,
+ NSEC3PARAMImpl(uint8_t hashalg, uint8_t flags, uint16_t iterations,
vector<uint8_t>salt) :
- hash_(hash), flags_(flags), iterations_(iterations), salt_(salt)
+ hashalg_(hashalg), flags_(flags), iterations_(iterations), salt_(salt)
{}
- uint8_t hash_;
+ uint8_t hashalg_;
uint8_t flags_;
uint16_t iterations_;
- const vector<uint8_t> salt_;
+ const vector<uint8_t>& salt_;
};
NSEC3PARAM::NSEC3PARAM(const string& nsec3param_str) :
impl_(NULL)
{
istringstream iss(nsec3param_str);
- uint16_t hash, flags, iterations;
+ uint16_t hashalg, flags, iterations;
stringbuf saltbuf;
- iss >> hash >> flags >> iterations >> &saltbuf;
+ iss >> hashalg >> flags >> iterations >> &saltbuf;
if (iss.bad() || iss.fail()) {
dns_throw(InvalidRdataText, "Invalid NSEC3PARAM text");
}
- if (hash > 0xf) {
- dns_throw(InvalidRdataText, "NSEC3PARAM hash out of range");
+ if (hashalg > 0xf) {
+ dns_throw(InvalidRdataText, "NSEC3PARAM hash algorithm out of range");
}
if (flags > 0xff) {
dns_throw(InvalidRdataText, "NSEC3PARAM flags out of range");
@@ -69,7 +69,7 @@
vector<uint8_t> salt;
decodeHex(saltbuf.str(), salt);
- impl_ = new NSEC3PARAMImpl(hash, flags, iterations, salt);
+ impl_ = new NSEC3PARAMImpl(hashalg, flags, iterations, salt);
}
NSEC3PARAM::NSEC3PARAM(InputBuffer& buffer, size_t rdata_len)
@@ -78,7 +78,7 @@
dns_throw(InvalidRdataLength, "NSEC3PARAM too short");
}
- uint8_t hash = buffer.readUint8();
+ uint8_t hashalg = buffer.readUint8();
uint8_t flags = buffer.readUint8();
uint16_t iterations = buffer.readUint16();
rdata_len -= 4;
@@ -93,7 +93,7 @@
vector<uint8_t> salt(saltlen);
buffer.readData(&salt[0], saltlen);
- impl_ = new NSEC3PARAMImpl(hash, flags, iterations, salt);
+ impl_ = new NSEC3PARAMImpl(hashalg, flags, iterations, salt);
}
NSEC3PARAM::NSEC3PARAM(const NSEC3PARAM& source) :
@@ -123,7 +123,7 @@
NSEC3PARAM::toText() const
{
using namespace boost;
- return (lexical_cast<string>(static_cast<int>(impl_->hash_)) +
+ return (lexical_cast<string>(static_cast<int>(impl_->hashalg_)) +
" " + lexical_cast<string>(static_cast<int>(impl_->flags_)) +
" " + lexical_cast<string>(static_cast<int>(impl_->iterations_)) +
" " + encodeHex(impl_->salt_));
@@ -132,7 +132,7 @@
void
NSEC3PARAM::toWire(OutputBuffer& buffer) const
{
- buffer.writeUint8(impl_->hash_);
+ buffer.writeUint8(impl_->hashalg_);
buffer.writeUint8(impl_->flags_);
buffer.writeUint16(impl_->iterations_);
buffer.writeUint8(impl_->salt_.size());
@@ -142,7 +142,7 @@
void
NSEC3PARAM::toWire(MessageRenderer& renderer) const
{
- renderer.writeUint8(impl_->hash_);
+ renderer.writeUint8(impl_->hashalg_);
renderer.writeUint8(impl_->flags_);
renderer.writeUint16(impl_->iterations_);
renderer.writeUint8(impl_->salt_.size());
@@ -154,8 +154,8 @@
{
const NSEC3PARAM& other_param = dynamic_cast<const NSEC3PARAM&>(other);
- if (impl_->hash_ != other_param.impl_->hash_) {
- return (impl_->hash_ < other_param.impl_->hash_ ? -1 : 1);
+ if (impl_->hashalg_ != other_param.impl_->hashalg_) {
+ return (impl_->hashalg_ < other_param.impl_->hashalg_ ? -1 : 1);
}
if (impl_->flags_ != other_param.impl_->flags_) {
return (impl_->flags_ < other_param.impl_->flags_ ? -1 : 1);
@@ -177,24 +177,25 @@
}
uint8_t
-NSEC3PARAM::getHash() const {
- return impl_->hash_;
+NSEC3PARAM::getHashalg() const {
+ return (impl_->hashalg_);
}
uint8_t
NSEC3PARAM::getFlags() const {
- return impl_->flags_;
+ return (impl_->flags_);
}
uint16_t
NSEC3PARAM::getIterations() const {
- return impl_->iterations_;
-}
-
-vector<uint8_t>
+ return (impl_->iterations_);
+}
+
+const vector<uint8_t>&
NSEC3PARAM::getSalt() const {
- return impl_->salt_;
-}
+ return (impl_->salt_);
+}
+
// END_RDATA_NAMESPACE
// END_ISC_NAMESPACE
Modified: trunk/src/lib/dns/rdata/generic/nsec3param_51.h
==============================================================================
--- trunk/src/lib/dns/rdata/generic/nsec3param_51.h (original)
+++ trunk/src/lib/dns/rdata/generic/nsec3param_51.h Sat Mar 6 02:51:21 2010
@@ -45,10 +45,10 @@
///
/// Specialized methods
///
- uint8_t getHash() const;
+ uint8_t getHashalg() const;
uint8_t getFlags() const;
uint16_t getIterations() const;
- std::vector<uint8_t> getSalt() const;
+ const std::vector<uint8_t>& getSalt() const;
private:
NSEC3PARAMImpl* impl_;
};
More information about the bind10-changes
mailing list