BIND 10 trac553, updated. d619eab67a0c2255f249dfabd7c9db0e5d14b833 [trac553] Cancel wildcard on existing subdomain

BIND 10 source code commits bind10-changes at lists.isc.org
Fri Feb 11 17:03:36 UTC 2011 

The branch, trac553 has been updated
       via  d619eab67a0c2255f249dfabd7c9db0e5d14b833 (commit)
       via  6fbb0f720f6e6a5d58c0dfc6710f0e26e79816c4 (commit)
      from  76e1d3b208772073e664437788865a5e3d067a68 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit d619eab67a0c2255f249dfabd7c9db0e5d14b833
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date:   Fri Feb 11 18:02:03 2011 +0100

    [trac553] Cancel wildcard on existing subdomain

commit 6fbb0f720f6e6a5d58c0dfc6710f0e26e79816c4
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date:   Fri Feb 11 17:47:45 2011 +0100

    [trac553] Cancel wildcard at empty existing domain
    
    We check to see if there's an empty non-terminal domain before check for
    wildcard. If it is detected, there exists a subdomain and therefore we
    should not do a wildcard check.

-----------------------------------------------------------------------

Summary of changes:
 src/lib/datasrc/memory_datasrc.cc |   49 +++++++++++++++++++++++++++++++------
 1 files changed, 41 insertions(+), 8 deletions(-)

-----------------------------------------------------------------------
diff --git a/src/lib/datasrc/memory_datasrc.cc b/src/lib/datasrc/memory_datasrc.cc
index 63d8aa4..20b60be 100644
--- a/src/lib/datasrc/memory_datasrc.cc
+++ b/src/lib/datasrc/memory_datasrc.cc
@@ -416,10 +416,51 @@ struct MemoryZone::MemoryZoneImpl {
                     return (FindResult(DELEGATION, prepareRRset(name,
                         state.rrset_, rename)));
                 }
+
+                // If the RBTree search stopped at a node for a super domain
+                // of the search name, it means the search name exists in
+                // the zone but is empty.  Treat it as NXRRSET.
+                if (node_path.getLastComparisonResult().getRelation() ==
+                    NameComparisonResult::SUPERDOMAIN) {
+                    return (FindResult(NXRRSET, ConstRRsetPtr()));
+                }
+
                 /*
                  * No redirection anywhere. Let's try if it is a wildcard.
+                 *
+                 * The wildcard is checked after the empty non-terminal domain
+                 * case above, because if that one triggers, it means we should
+                 * not match according to 4.3.3 of RFC 1034 (the query name
+                 * is known to exist).
                  */
                 if (node->getFlag(DOMAINFLAG_WILD)) {
+                    /* Should we cancel this match?
+                     *
+                     * If we compare with some node and get a common ancestor,
+                     * it might mean we are comparing with a non-wildcard node.
+                     * In that case, we check which part is common. If we have
+                     * something in common that lives below the node we got
+                     * (the one above *), then we should cancel the match
+                     * according to section 4.3.3 of RFC 1034 (as the name
+                     * between the wildcard domain and the query name is known
+                     * to exist).
+                     *
+                     * Because the way the tree stores relative names, we will
+                     * have exactly one common label (the ".") in case we have
+                     * nothing common under the node we got and we will get
+                     * more common labels otherwise (yes, this relies on the
+                     * internal RBTree structure, which leaks out trough this
+                     * little bit).
+                     *
+                     * If the empty non-terminal node actually exists in the
+                     * tree, then this cancellation is not needed, because we
+                     * will not get here at all.
+                     */
+                    if (node_path.getLastComparisonResult().getRelation() ==
+                        NameComparisonResult::COMMONANCESTOR && node_path.
+                        getLastComparisonResult().getCommonLabels() > 1) {
+                        return (FindResult(NXDOMAIN, ConstRRsetPtr()));
+                    }
                     Name wildcard(Name("*").concatenate(
                         node_path.getAbsoluteName()));
                     DomainTree::Result result(domains_.find(wildcard, &node));
@@ -438,14 +479,6 @@ struct MemoryZone::MemoryZoneImpl {
                     break;
                 }
 
-                // If the RBTree search stopped at a node for a super domain
-                // of the search name, it means the search name exists in
-                // the zone but is empty.  Treat it as NXRRSET.
-                if (node_path.getLastComparisonResult().getRelation() ==
-                    NameComparisonResult::SUPERDOMAIN) {
-                    return (FindResult(NXRRSET, ConstRRsetPtr()));
-                }
-
                 // fall through
             case DomainTree::NOTFOUND:
                 return (FindResult(NXDOMAIN, ConstRRsetPtr()));

More information about the bind10-changes mailing list