[svn] commit: r1496 - in /trunk/src/lib/auth: data_source.cc tests/datasrc_unittest.cc tests/test_datasrc.cc tests/testdata/q_wild2_aaaa tests/testdata/q_wild3_a
BIND 10 source code commits
bind10-changes at lists.isc.org
Wed Mar 17 23:00:17 UTC 2010
Author: each
Date: Wed Mar 17 23:00:17 2010
New Revision: 1496
Log:
- only add NSEC/NSEC3 when DNSSEC was requested
- add unit test for wildcard->CNAME->NXRRSET
- add unit test for wildcard->CNAME->NXDOMAIN
Added:
trunk/src/lib/auth/tests/testdata/q_wild2_aaaa
trunk/src/lib/auth/tests/testdata/q_wild3_a
Modified:
trunk/src/lib/auth/data_source.cc
trunk/src/lib/auth/tests/datasrc_unittest.cc
trunk/src/lib/auth/tests/test_datasrc.cc
Modified: trunk/src/lib/auth/data_source.cc
==============================================================================
--- trunk/src/lib/auth/data_source.cc (original)
+++ trunk/src/lib/auth/data_source.cc Wed Mar 17 23:00:17 2010
@@ -475,10 +475,12 @@
// A wildcard was found.
if (found) {
// Prove the nonexistence of the name we were looking for
- result = proveNX(q, task, ds, *zonename, true);
- if (result != DataSrc::SUCCESS) {
- m.setRcode(Rcode::SERVFAIL());
- return (DataSrc::ERROR);
+ if (q.wantDnssec()) {
+ result = proveNX(q, task, ds, *zonename, true);
+ if (result != DataSrc::SUCCESS) {
+ m.setRcode(Rcode::SERVFAIL());
+ return (DataSrc::ERROR);
+ }
}
// Add the data to the answer section (but with the name changed to
Modified: trunk/src/lib/auth/tests/datasrc_unittest.cc
==============================================================================
--- trunk/src/lib/auth/tests/datasrc_unittest.cc (original)
+++ trunk/src/lib/auth/tests/datasrc_unittest.cc Wed Mar 17 23:00:17 2010
@@ -377,6 +377,75 @@
EXPECT_TRUE(it->isLast());
}
+TEST_F(DataSrcTest, WildcardCnameNodata) {
+ // A wildcard containing a CNAME whose target does not include
+ // data of this type.
+ readAndProcessQuery("testdata/q_wild2_aaaa");
+ headerCheck(msg, Rcode::NOERROR(), true, true, true, 2, 4, 0);
+
+ RRsetIterator rit = msg.beginSection(Section::ANSWER());
+ RRsetPtr rrset = *rit;
+ EXPECT_EQ(Name("www.wild2.example.com"), rrset->getName());
+ EXPECT_EQ(RRType::CNAME(), rrset->getType());
+ EXPECT_EQ(RRClass::IN(), rrset->getClass());
+
+ RdataIteratorPtr it = rrset->getRdataIterator();
+ it->first();
+ EXPECT_EQ("www.example.com.", it->getCurrent().toText());
+ it->next();
+ EXPECT_TRUE(it->isLast());
+
+ rit = msg.beginSection(Section::AUTHORITY());
+ rrset = *rit;
+ EXPECT_EQ(Name("*.wild2.example.com"), rrset->getName());
+ EXPECT_EQ(RRType::NSEC(), rrset->getType());
+ EXPECT_EQ(RRClass::IN(), rrset->getClass());
+ ++rit;
+ ++rit;
+
+ rrset = *rit;
+ EXPECT_EQ(Name("www.example.com"), rrset->getName());
+ EXPECT_EQ(RRType::NSEC(), rrset->getType());
+ EXPECT_EQ(RRClass::IN(), rrset->getClass());
+}
+
+TEST_F(DataSrcTest, WildcardCnameNxdomain) {
+ // A wildcard containing a CNAME whose target does not exist
+ readAndProcessQuery("testdata/q_wild3_a");
+ headerCheck(msg, Rcode::NOERROR(), true, true, true, 2, 6, 0);
+
+ RRsetIterator rit = msg.beginSection(Section::ANSWER());
+ RRsetPtr rrset = *rit;
+ EXPECT_EQ(Name("www.wild3.example.com"), rrset->getName());
+ EXPECT_EQ(RRType::CNAME(), rrset->getType());
+ EXPECT_EQ(RRClass::IN(), rrset->getClass());
+
+ RdataIteratorPtr it = rrset->getRdataIterator();
+ it->first();
+ EXPECT_EQ("spork.example.com.", it->getCurrent().toText());
+ it->next();
+ EXPECT_TRUE(it->isLast());
+
+ rit = msg.beginSection(Section::AUTHORITY());
+ rrset = *rit;
+ EXPECT_EQ(Name("*.wild3.example.com"), rrset->getName());
+ EXPECT_EQ(RRType::NSEC(), rrset->getType());
+ EXPECT_EQ(RRClass::IN(), rrset->getClass());
+ ++rit;
+ ++rit;
+
+ rrset = *rit;
+ EXPECT_EQ(Name("foo.example.com"), rrset->getName());
+ EXPECT_EQ(RRType::NSEC(), rrset->getType());
+ EXPECT_EQ(RRClass::IN(), rrset->getClass());
+ ++rit;
+ ++rit;
+
+ rrset = *rit;
+ EXPECT_EQ(Name("example.com"), rrset->getName());
+ EXPECT_EQ(RRType::NSEC(), rrset->getType());
+ EXPECT_EQ(RRClass::IN(), rrset->getClass());
+}
TEST_F(DataSrcTest, AuthDelegation) {
readAndProcessQuery("testdata/q_sql1");
Modified: trunk/src/lib/auth/tests/test_datasrc.cc
==============================================================================
--- trunk/src/lib/auth/tests/test_datasrc.cc (original)
+++ trunk/src/lib/auth/tests/test_datasrc.cc Wed Mar 17 23:00:17 2010
@@ -58,6 +58,7 @@
const Name dname("dname.example.com");
const Name wild("*.wild.example.com");
const Name wild2("*.wild2.example.com");
+const Name wild3("*.wild3.example.com");
const Name subzone("subzone.example.com");
const Name loop1("loop1.example.com");
const Name loop2("loop2.example.com");
@@ -83,6 +84,8 @@
RRsetPtr wild_nsec;
RRsetPtr wild2_cname;
RRsetPtr wild2_nsec;
+RRsetPtr wild3_cname;
+RRsetPtr wild3_nsec;
RRsetPtr dname_dname;
RRsetPtr dname_nsec;
RRsetPtr sql1_ns;
@@ -306,7 +309,7 @@
rrsig->addRdata(generic::RRSIG("NSEC 5 3 7200 20100322084538 20100220084538 33495 example.com. OoGYslRj4xjZnBuzgOqsrvkDAHWycmQzbUxCRmgWnCbXiobJK7/ynONH3jm8G3vGlU0lwpHkhNs6cUK+6Nu8W49X3MT0Xksl/brroLcXYLi3vfxnYUNMMpXdeFl6WNNfoJRo90F/f/TWXAClRrDS29qiG3G1PEJZikIxZsZ0tyM="));
wild_nsec->addRRsig(rrsig);
- // *.wild2.example.com HERE
+ // *.wild2.example.com
wild2_cname = RRsetPtr(new RRset(wild2, RRClass::IN(), RRType::CNAME(),
RRTTL(3600)));
wild2_cname->addRdata(generic::CNAME("www.example.com"));
@@ -318,13 +321,33 @@
wild2_nsec = RRsetPtr(new RRset(wild2, RRClass::IN(),
RRType::NSEC(), RRTTL(3600)));
- wild2_nsec->addRdata(generic::NSEC("www.example.com. CNAME RRSIG NSEC"));
+ wild2_nsec->addRdata(generic::NSEC("*.wild3.example.com. CNAME RRSIG NSEC"));
rrsig = RRsetPtr(new RRset(wild2, RRClass::IN(), RRType::RRSIG(),
RRTTL(3600)));
rrsig->addRdata(generic::RRSIG("NSEC 5 3 7200 20100410212307 20100311212307 33495 example.com. EuSzh6or8mbvwru2H7fyYeMpW6J8YZ528rabU38V/lMN0TdamghIuCneAvSNaZgwk2MSN1bWpZqB2kAipaM/ZI9/piLlTvVjjOQ8pjk0auwCEqT7Z7Qng3E92O9yVzO+WHT9QZn/fR6t60392In4IvcBGjZyjzQk8njIwbui xGA="));
wild2_nsec->addRRsig(rrsig);
+
+ // *.wild3.example.com -- a wildcard record with a lame CNAME
+ wild3_cname = RRsetPtr(new RRset(wild3, RRClass::IN(), RRType::CNAME(),
+ RRTTL(3600)));
+ wild3_cname->addRdata(generic::CNAME("spork.example.com"));
+
+ rrsig = RRsetPtr(new RRset(wild3, RRClass::IN(), RRType::RRSIG(),
+ RRTTL(3600)));
+ rrsig->addRdata(generic::RRSIG("CNAME 5 3 3600 20100410212307 20100311212307 33495 example.com. pGHtGdRBi4GKFSKszi6SsKvuBLDX8dFhZubU0tMojQ9SJuiFNF+WtxvdAYuUaoWP/9VLUaYmiw5u7JnzmR84DiXZPEs6DtD+UJdOZhaS7V7RTpE+tMOfVQBLpUnRWYtlTTmiBpFquzf3DdIxgUFhEPEuJJyp3LFRxJObCaq9 nvI="));
+ wild3_cname->addRRsig(rrsig);
+
+ wild3_nsec = RRsetPtr(new RRset(wild3, RRClass::IN(),
+ RRType::NSEC(), RRTTL(3600)));
+ wild3_nsec->addRdata(generic::NSEC("www.example.com. CNAME RRSIG NSEC"));
+
+ rrsig = RRsetPtr(new RRset(wild3, RRClass::IN(), RRType::RRSIG(),
+ RRTTL(3600)));
+
+ rrsig->addRdata(generic::RRSIG("NSEC 5 3 7200 20100410212307 20100311212307 33495 example.com. EuSzh6or8mbvwru2H7fyYeMpW6J8YZ528rabU38V/lMN0TdamghIuCneAvSNaZgwk2MSN1bWpZqB2kAipaM/ZI9/piLlTvVjjOQ8pjk0auwCEqT7Z7Qng3E92O9yVzO+WHT9QZn/fR6t60392In4IvcBGjZyjzQk8njIwbui xGA="));
+ wild3_nsec->addRRsig(rrsig);
// foo.example.com
foo_cname = RRsetPtr(new RRset(foo, RRClass::IN(), RRType::CNAME(),
@@ -627,6 +650,18 @@
target.addRRset(wild2_nsec);
} else {
target.addRRset(wild2_cname);
+ if (rdtype != RRType::CNAME()) {
+ flags |= CNAME_FOUND;
+ }
+ }
+ } else if (name == wild3) {
+ if (any) {
+ target.addRRset(wild3_cname);
+ target.addRRset(wild3_nsec);
+ } else if (rdtype == RRType::NSEC()) {
+ target.addRRset(wild3_nsec);
+ } else {
+ target.addRRset(wild3_cname);
if (rdtype != RRType::CNAME()) {
flags |= CNAME_FOUND;
}
@@ -803,8 +838,10 @@
target = subzone;
} else if (qname < wild2) {
target = wild;
+ } else if (qname < wild3) {
+ target = wild2;
} else if (qname < www) {
- target = wild2;
+ target = wild3;
} else {
target = www;
}
More information about the bind10-changes
mailing list