BIND 10 master, updated. 0fac71e31d16f1cfe127d8d0341842aad762a642 Changelog
BIND 10 source code commits
bind10-changes at lists.isc.org
Thu Feb 17 20:15:36 UTC 2011
The branch, master has been updated
via 0fac71e31d16f1cfe127d8d0341842aad762a642 (commit)
via 6f031a09a248e7684723c000f3e8cc981dcdb349 (commit)
via 500a785136096ec3a7c5259ec348a80256aed494 (commit)
via ce7bc899e76309c63b1ad270b9474fdc1407cf5e (commit)
via e26d533eb62f553fcbae616d82e84e3784f750c6 (commit)
via d619eab67a0c2255f249dfabd7c9db0e5d14b833 (commit)
via 6fbb0f720f6e6a5d58c0dfc6710f0e26e79816c4 (commit)
via 76e1d3b208772073e664437788865a5e3d067a68 (commit)
via d9fda268d2fcecbb69f06f3480bc9dcd058c582e (commit)
via 17f874bb877356f0eb3c777282e1a21172a241c9 (commit)
from b3d03749ba27521a93188402c18600360e44c497 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 0fac71e31d16f1cfe127d8d0341842aad762a642
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Thu Feb 17 21:09:48 2011 +0100
Changelog
commit 6f031a09a248e7684723c000f3e8cc981dcdb349
Merge: b3d03749ba27521a93188402c18600360e44c497 500a785136096ec3a7c5259ec348a80256aed494
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Thu Feb 17 21:08:05 2011 +0100
Merge branch 'work/wildcard/cancel'
Conflicts:
src/lib/datasrc/tests/memory_datasrc_unittest.cc
commit 500a785136096ec3a7c5259ec348a80256aed494
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Thu Feb 17 20:40:38 2011 +0100
[trac553] Typos, spelling corrections, comments
commit ce7bc899e76309c63b1ad270b9474fdc1407cf5e
Author: JINMEI Tatuya <jinmei at isc.org>
Date: Thu Feb 17 11:13:38 2011 -0800
[trac553] minor style fixes: position of '*', avoid implicit conversion to bool.
commit e26d533eb62f553fcbae616d82e84e3784f750c6
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Fri Feb 11 19:07:11 2011 +0100
[trac553] Test with the foo.wild.. in the tree
If there are two entries under the foo.wild.example.org, the
foo.wild.example.org exists in the tree and while the results should be
the same, the way it is handled internally is different (the
cancellation happens as a sideeffect). Therefore we test this situation
as well.
commit d619eab67a0c2255f249dfabd7c9db0e5d14b833
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Fri Feb 11 18:02:03 2011 +0100
[trac553] Cancel wildcard on existing subdomain
commit 6fbb0f720f6e6a5d58c0dfc6710f0e26e79816c4
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Fri Feb 11 17:47:45 2011 +0100
[trac553] Cancel wildcard at empty existing domain
We check to see if there's an empty non-terminal domain before check for
wildcard. If it is detected, there exists a subdomain and therefore we
should not do a wildcard check.
commit 76e1d3b208772073e664437788865a5e3d067a68
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Fri Feb 11 13:58:58 2011 +0100
[trac553] Tests for cancellation of wildcard
commit d9fda268d2fcecbb69f06f3480bc9dcd058c582e
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Fri Feb 11 13:56:18 2011 +0100
[trac553] Fix the wildcard check routine
It crashed when the checked code didn't provide any answer.
commit 17f874bb877356f0eb3c777282e1a21172a241c9
Merge: deedd6f7ff3339f822f9ed8de77a5a7164bda9a1 f364f8feb190aa09fd0a65b35bdf05a3c7fe0932
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date: Fri Feb 11 12:37:32 2011 +0100
Merge branch 'master' into work/wildcard/cancel
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 7 ++
src/lib/datasrc/memory_datasrc.cc | 49 ++++++++++--
src/lib/datasrc/tests/memory_datasrc_unittest.cc | 87 ++++++++++++++++++++++
3 files changed, 135 insertions(+), 8 deletions(-)
-----------------------------------------------------------------------
diff --git a/ChangeLog b/ChangeLog
index 921986f..8db71f7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+ 171. [func] feng, jerry, jinmei, vorner
+ b10-auth, src/lib/datasrc: in memory data source now works as a
+ complete data source for authoritative DNS servers and b10-auth
+ uses it. It still misses major features, however, including
+ DNSSEC support and zone transfer.
+ (Last trac #552, but many more,
+ git 6f031a09a248e7684723c000f3e8cc981dcdb349)
170. [bug] jinmei
Tightened validity checks in the NSEC3 constructors, both "from
"text" and "from wire". Specifically, wire data containing
diff --git a/src/lib/datasrc/memory_datasrc.cc b/src/lib/datasrc/memory_datasrc.cc
index f28df0d..bbc5166 100644
--- a/src/lib/datasrc/memory_datasrc.cc
+++ b/src/lib/datasrc/memory_datasrc.cc
@@ -420,10 +420,51 @@ struct MemoryZone::MemoryZoneImpl {
return (FindResult(DELEGATION, prepareRRset(name,
state.rrset_, rename)));
}
+
+ // If the RBTree search stopped at a node for a super domain
+ // of the search name, it means the search name exists in
+ // the zone but is empty. Treat it as NXRRSET.
+ if (node_path.getLastComparisonResult().getRelation() ==
+ NameComparisonResult::SUPERDOMAIN) {
+ return (FindResult(NXRRSET, ConstRRsetPtr()));
+ }
+
/*
* No redirection anywhere. Let's try if it is a wildcard.
+ *
+ * The wildcard is checked after the empty non-terminal domain
+ * case above, because if that one triggers, it means we should
+ * not match according to 4.3.3 of RFC 1034 (the query name
+ * is known to exist).
*/
if (node->getFlag(DOMAINFLAG_WILD)) {
+ /* Should we cancel this match?
+ *
+ * If we compare with some node and get a common ancestor,
+ * it might mean we are comparing with a non-wildcard node.
+ * In that case, we check which part is common. If we have
+ * something in common that lives below the node we got
+ * (the one above *), then we should cancel the match
+ * according to section 4.3.3 of RFC 1034 (as the name
+ * between the wildcard domain and the query name is known
+ * to exist).
+ *
+ * Because the way the tree stores relative names, we will
+ * have exactly one common label (the ".") in case we have
+ * nothing common under the node we got and we will get
+ * more common labels otherwise (yes, this relies on the
+ * internal RBTree structure, which leaks out through this
+ * little bit).
+ *
+ * If the empty non-terminal node actually exists in the
+ * tree, then this cancellation is not needed, because we
+ * will not get here at all.
+ */
+ if (node_path.getLastComparisonResult().getRelation() ==
+ NameComparisonResult::COMMONANCESTOR && node_path.
+ getLastComparisonResult().getCommonLabels() > 1) {
+ return (FindResult(NXDOMAIN, ConstRRsetPtr()));
+ }
Name wildcard(Name("*").concatenate(
node_path.getAbsoluteName()));
DomainTree::Result result(domains_.find(wildcard, &node));
@@ -442,14 +483,6 @@ struct MemoryZone::MemoryZoneImpl {
break;
}
- // If the RBTree search stopped at a node for a super domain
- // of the search name, it means the search name exists in
- // the zone but is empty. Treat it as NXRRSET.
- if (node_path.getLastComparisonResult().getRelation() ==
- NameComparisonResult::SUPERDOMAIN) {
- return (FindResult(NXRRSET, ConstRRsetPtr()));
- }
-
// fall through
case DomainTree::NOTFOUND:
return (FindResult(NXDOMAIN, ConstRRsetPtr()));
diff --git a/src/lib/datasrc/tests/memory_datasrc_unittest.cc b/src/lib/datasrc/tests/memory_datasrc_unittest.cc
index a5bfc6f..16d749c 100644
--- a/src/lib/datasrc/tests/memory_datasrc_unittest.cc
+++ b/src/lib/datasrc/tests/memory_datasrc_unittest.cc
@@ -205,6 +205,9 @@ public:
{"*.dnamewild.example.org. 300 IN DNAME dnamewild.example.",
&rr_dnamewild_},
{"*.child.example.org. 300 IN A 192.0.2.1", &rr_child_wild_},
+ {"bar.foo.wild.example.org. 300 IN A 192.0.2.2", &rr_not_wild_},
+ {"baz.foo.wild.example.org. 300 IN A 192.0.2.3",
+ &rr_not_wild_another_},
{NULL, NULL}
};
@@ -256,6 +259,8 @@ public:
RRsetPtr rr_nswild_, rr_dnamewild_;
RRsetPtr rr_child_wild_;
RRsetPtr rr_under_wild_;
+ RRsetPtr rr_not_wild_;
+ RRsetPtr rr_not_wild_another_;
/**
* \brief Test one find query to the zone.
@@ -298,6 +303,11 @@ public:
if (check_answer) {
EXPECT_EQ(answer, find_result.rrset);
} else if (check_wild_answer) {
+ ASSERT_NE(ConstRRsetPtr(), answer) <<
+ "Wrong test, don't check for wild names if you expect "
+ "empty answer";
+ ASSERT_NE(ConstRRsetPtr(), find_result.rrset) <<
+ "No answer found";
RdataIteratorPtr expectedIt(answer->getRdataIterator());
RdataIteratorPtr actualIt(
find_result.rrset->getRdataIterator());
@@ -323,6 +333,8 @@ public:
}
});
}
+ // Internal part of the cancelWildcard test that is multiple times
+ void doCancelWildcardTest();
};
/**
@@ -885,6 +897,81 @@ TEST_F(MemoryZoneTest, nestedEmptyWildcard) {
}
}
+// We run this part twice from the below test, in two slightly different
+// situations
+void
+MemoryZoneTest::doCancelWildcardTest() {
+ // These should be canceled
+ {
+ SCOPED_TRACE("Canceled under foo.wild.example.org");
+ findTest(Name("aaa.foo.wild.example.org"), RRType::A(),
+ Zone::NXDOMAIN);
+ findTest(Name("zzz.foo.wild.example.org"), RRType::A(),
+ Zone::NXDOMAIN);
+ }
+
+ // This is existing, non-wildcard domain, shouldn't wildcard at all
+ {
+ SCOPED_TRACE("Existing domain under foo.wild.example.org");
+ findTest(Name("bar.foo.wild.example.org"), RRType::A(), Zone::SUCCESS,
+ true, rr_not_wild_);
+ }
+
+ // These should be caught by the wildcard
+ {
+ SCOPED_TRACE("Neighbor wildcards to foo.wild.example.org");
+
+ const char* names[] = {
+ "aaa.bbb.wild.example.org",
+ "aaa.zzz.wild.example.org",
+ "zzz.wild.example.org",
+ NULL
+ };
+
+ for (const char** name(names); *name != NULL; ++ name) {
+ SCOPED_TRACE(string("Node ") + *name);
+
+ findTest(Name(*name), RRType::A(), Zone::SUCCESS, false, rr_wild_,
+ NULL, NULL, Zone::FIND_DEFAULT, true);
+ }
+ }
+
+ // This shouldn't be wildcarded, it's an existing domain
+ {
+ SCOPED_TRACE("The foo.wild.example.org itself");
+ findTest(Name("foo.wild.example.org"), RRType::A(), Zone::NXRRSET);
+ }
+}
+
+/*
+ * This tests that if there's a name between the wildcard domain and the
+ * searched one, it will not trigger wildcard, for example, if we have
+ * *.wild.example.org and bar.foo.wild.example.org, then we know
+ * foo.wild.example.org exists and is not wildcard. Therefore, search for
+ * aaa.foo.wild.example.org should return NXDOMAIN.
+ *
+ * Tests few cases "around" the canceled wildcard match, to see something that
+ * shouldn't be canceled isn't.
+ */
+TEST_F(MemoryZoneTest, cancelWildcard) {
+ EXPECT_EQ(SUCCESS, zone_.add(rr_wild_));
+ EXPECT_EQ(SUCCESS, zone_.add(rr_not_wild_));
+
+ {
+ SCOPED_TRACE("Runnig with single entry under foo.wild.example.org");
+ doCancelWildcardTest();
+ }
+
+ // Try putting another one under foo.wild....
+ // The result should be the same but it will be done in another way in the
+ // code, because the foo.wild.example.org will exist in the tree.
+ EXPECT_EQ(SUCCESS, zone_.add(rr_not_wild_another_));
+ {
+ SCOPED_TRACE("Runnig with two entries under foo.wild.example.org");
+ doCancelWildcardTest();
+ }
+}
+
TEST_F(MemoryZoneTest, loadBadWildcard) {
// We reject loading the zone if it contains a wildcard name for
// NS or DNAME.
More information about the bind10-changes
mailing list