BIND 10 trac1177, updated. 2a5c5383e3df0e625367bf85b740f62bf777b211 [1177] Document why we need reversed name

BIND 10 source code commits bind10-changes at lists.isc.org
Tue Sep 20 14:57:58 UTC 2011 

The branch, trac1177 has been updated
       via  2a5c5383e3df0e625367bf85b740f62bf777b211 (commit)
       via  f16de89251e4607eb413df666a64022c50478a4c (commit)
       via  4e93ba217318854742144bf0b8e30f4c3614db92 (commit)
      from  38d80ef7186ac2b18ed234a825894f5f78fc90b1 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 2a5c5383e3df0e625367bf85b740f62bf777b211
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date:   Tue Sep 20 16:57:46 2011 +0200

    [1177] Document why we need reversed name

commit f16de89251e4607eb413df666a64022c50478a4c
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date:   Tue Sep 20 16:46:37 2011 +0200

    [1177] Little bit more tests

commit 4e93ba217318854742144bf0b8e30f4c3614db92
Author: Michal 'vorner' Vaner <michal.vaner at nic.cz>
Date:   Tue Sep 20 15:14:03 2011 +0200

    [1177] Comment update
    
    DNSSEC/NSEC order looks awkward.

-----------------------------------------------------------------------

Summary of changes:
 src/lib/datasrc/database.h                 |    6 +++-
 src/lib/datasrc/tests/database_unittest.cc |   42 ++++++++++++++++++++++++++++
 src/lib/datasrc/zone.h                     |    2 +-
 3 files changed, 48 insertions(+), 2 deletions(-)

-----------------------------------------------------------------------
diff --git a/src/lib/datasrc/database.h b/src/lib/datasrc/database.h
index 7d36508..c269e87 100644
--- a/src/lib/datasrc/database.h
+++ b/src/lib/datasrc/database.h
@@ -476,12 +476,16 @@ public:
     virtual const std::string& getDBName() const = 0;
 
     /**
-     * \brief It returns the previous name in DNSSEC/NSEC order.
+     * \brief It returns the previous name in DNSSEC order.
      *
      * This is used in DatabaseClient::findPreviousName and does more
      * or less the real work, except for working on strings.
      *
      * \param rname The name to ask for previous of, in reversed form.
+     *     We use the reversed form (see isc::dns::Name::reverse),
+     *     because then the case insensitive order of string representation
+     *     and the DNSSEC order correspond (eg. org.example.a is followed
+     *     by org.example.a.b which is followed by org.example.b, etc).
      * \param zone_id The zone to look through.
      * \return The previous name.
      *
diff --git a/src/lib/datasrc/tests/database_unittest.cc b/src/lib/datasrc/tests/database_unittest.cc
index 4a8309c..36099ec 100644
--- a/src/lib/datasrc/tests/database_unittest.cc
+++ b/src/lib/datasrc/tests/database_unittest.cc
@@ -127,6 +127,7 @@ const char* const TEST_RECORDS[][5] = {
     {"delegation.example.org.", "NS", "3600", "", "ns.example.com."},
     {"delegation.example.org.", "NS", "3600", "",
      "ns.delegation.example.org."},
+    {"delegation.example.org.", "DS", "3600", "", "1 RSAMD5 2 abcd"},
     {"delegation.example.org.", "RRSIG", "3600", "", "NS 5 3 3600 "
      "20000101000000 20000201000000 12345 example.org. FAKEFAKEFAKE"},
     {"ns.delegation.example.org.", "A", "3600", "", "192.0.2.1"},
@@ -171,11 +172,17 @@ const char* const TEST_RECORDS[][5] = {
     {"*.delegatedwild.example.org.", "A", "3600", "", "192.0.2.5"},
     {"wild.*.foo.example.org.", "A", "3600", "", "192.0.2.5"},
     {"wild.*.foo.*.bar.example.org.", "A", "3600", "", "192.0.2.5"},
+    {"*.cnamewild.example.org.", "CNAME", "3600", "", "www.example.org."},
+    {"*.nswild.example.org.", "NS", "3600", "", "ns.example.com."},
     // For finding previous, this one is the last one in the zone
     {"zzz.example.org.", "NSEC", "3600", "", "example.org NSEC"},
     // For NSEC empty non-terminal
     {"l.example.org.", "NSEC", "3600", "", "empty.nonterminal.example.org. NSEC"},
     {"empty.nonterminal.example.org.", "A", "3600", "", "192.0.2.1"},
+    // Invalid rdata
+    {"invalidrdata.example.org.", "A", "3600", "", "Bunch of nonsense"},
+    {"invalidrdata2.example.org.", "A", "3600", "", "192.0.2.1"},
+    {"invalidrdata2.example.org.", "RRSIG", "3600", "", "Nonsense"},
 
     {NULL, NULL, NULL, NULL, NULL},
 };
@@ -557,6 +564,8 @@ public:
             } else if (rname == "org.example.www2." ||
                        rname == "org.example.www1.") {
                 return ("www.example.org.");
+            } else if (rname == "org.example.badnsec2.") {
+                return ("badnsec1.example.org.");
             } else if (rname == "org.example.notimplnsec." ||
                        rname == "org.example.wild.here.") {
                 isc_throw(isc::NotImplemented, "Not implemented in this test");
@@ -1578,6 +1587,22 @@ TYPED_TEST(DatabaseClientTest, wildcard) {
         // FIXME: What should be returned in this case? How does the
         // DNSSEC logic handle it?
     }
+
+    // Some strange things in the wild node
+    this->expected_rdatas_.clear();
+    this->expected_rdatas_.push_back("www.example.org.");
+    this->expected_sig_rdatas_.clear();
+    doFindTest(*finder, isc::dns::Name("a.cnamewild.example.org."),
+               isc::dns::RRType::TXT(), isc::dns::RRType::CNAME(),
+               this->rrttl_, ZoneFinder::CNAME,
+               this->expected_rdatas_, this->expected_sig_rdatas_);
+
+    this->expected_rdatas_.clear();
+    this->expected_rdatas_.push_back("ns.example.com.");
+    doFindTest(*finder, isc::dns::Name("a.nswild.example.org."),
+               isc::dns::RRType::TXT(), isc::dns::RRType::NS(),
+               this->rrttl_, ZoneFinder::DELEGATION,
+               this->expected_rdatas_, this->expected_sig_rdatas_);
 }
 
 TYPED_TEST(DatabaseClientTest, NXRRSET_NSEC) {
@@ -2305,4 +2330,21 @@ TYPED_TEST(DatabaseClientTest, previous) {
     }
 }
 
+TYPED_TEST(DatabaseClientTest, invalidRdata) {
+    shared_ptr<DatabaseClient::Finder> finder(this->getFinder());
+
+    EXPECT_THROW(finder->find(Name("invalidrdata.example.org."), RRType::A()),
+                 DataSourceError);
+    EXPECT_THROW(finder->find(Name("invalidrdata2.example.org."), RRType::A()),
+                 DataSourceError);
+}
+
+TEST_F(MockDatabaseClientTest, missingNSEC) {
+    shared_ptr<DatabaseClient::Finder> finder(this->getFinder());
+
+    EXPECT_THROW(finder->find(Name("badnsec2.example.org."), RRType::A(), NULL,
+                              ZoneFinder::FIND_DNSSEC),
+                 DataSourceError);
+}
+
 }
diff --git a/src/lib/datasrc/zone.h b/src/lib/datasrc/zone.h
index 14bf295..794e46d 100644
--- a/src/lib/datasrc/zone.h
+++ b/src/lib/datasrc/zone.h
@@ -211,7 +211,7 @@ public:
 
     /// \brief Get previous name in the zone
     ///
-    /// Gets the previous name in the DNSSEC/NSEC order. This can be used
+    /// Gets the previous name in the DNSSEC order. This can be used
     /// to find the correct NSEC records for proving nonexistence
     /// of domains.
     ///

More information about the bind10-changes mailing list