BIND 10 trac2157_2, updated. 1e68893cbfb6d4742e1d9def9ca2960935c7e2b9 [2157] remove SIG(0) from MessageAttributes
BIND 10 source code commits
bind10-changes at lists.isc.org
Wed Nov 28 11:16:02 UTC 2012
The branch, trac2157_2 has been updated
via 1e68893cbfb6d4742e1d9def9ca2960935c7e2b9 (commit)
from 74a034d57525026cb30591f3e89c49be2f2787ec (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 1e68893cbfb6d4742e1d9def9ca2960935c7e2b9
Author: Yoshitaka Aharen <aharen at jprs.co.jp>
Date: Wed Nov 28 20:04:03 2012 +0900
[2157] remove SIG(0) from MessageAttributes
-----------------------------------------------------------------------
Summary of changes:
src/bin/auth/auth_srv.cc | 2 +-
src/bin/auth/statistics.cc.pre | 3 ---
src/bin/auth/statistics.h | 18 +++-----------
src/bin/auth/tests/statistics_unittest.cc.pre | 33 ++++++++++---------------
4 files changed, 17 insertions(+), 39 deletions(-)
-----------------------------------------------------------------------
diff --git a/src/bin/auth/auth_srv.cc b/src/bin/auth/auth_srv.cc
index 62626ec..a9ea5ac 100644
--- a/src/bin/auth/auth_srv.cc
+++ b/src/bin/auth/auth_srv.cc
@@ -553,7 +553,7 @@ AuthSrv::processMessage(const IOMessage& io_message, Message& message,
**impl_->keyring_));
tsig_error = tsig_context->verify(tsig_record, io_message.getData(),
io_message.getDataSize());
- impl_->stats_attrs_.setRequestSig(true, false,
+ impl_->stats_attrs_.setRequestSig(true,
tsig_error != TSIGError::NOERROR());
}
diff --git a/src/bin/auth/statistics.cc.pre b/src/bin/auth/statistics.cc.pre
index 584cf4e..2eb9bd2 100644
--- a/src/bin/auth/statistics.cc.pre
+++ b/src/bin/auth/statistics.cc.pre
@@ -147,9 +147,6 @@ Counters::incRequest(const MessageAttributes& msgattrs) {
if (msgattrs.getRequestSigTSIG()) {
server_msg_counter_.inc(MSG_REQUEST_TSIG);
}
- if (msgattrs.getRequestSigSIG0()) {
- server_msg_counter_.inc(MSG_REQUEST_SIG0);
- }
if (msgattrs.getRequestSigBadSig()) {
server_msg_counter_.inc(MSG_REQUEST_BADSIG);
// If signature validation is failed, no other query attributes are
diff --git a/src/bin/auth/statistics.h b/src/bin/auth/statistics.h
index b807a26..929b2d2 100644
--- a/src/bin/auth/statistics.h
+++ b/src/bin/auth/statistics.h
@@ -48,8 +48,7 @@ private:
REQ_IS_EDNS_0, // EDNS ver.0
REQ_IS_DNSSEC_OK, // DNSSEC OK (DO) bit is set
REQ_IS_TSIG, // signed with valid TSIG
- REQ_IS_SIG0, // signed with valid SIG(0)
- REQ_IS_BADSIG, // signed but bad signature,
+ REQ_IS_BADSIG, // signed but bad signature
RES_IS_TRUNCATED, // DNS message is truncated
BIT_ATTRIBUTES_TYPES
};
@@ -139,13 +138,6 @@ public:
return (bit_attributes_[REQ_IS_TSIG]);
}
- /// \brief Get request SIG(0) signed.
- /// \return true if request is SIG(0) signed
- /// \throw None
- bool getRequestSigSIG0() const {
- return (bit_attributes_[REQ_IS_SIG0]);
- }
-
/// \brief Get request signature is bad.
/// \return true if request signature is bad
/// \throw None
@@ -155,15 +147,11 @@ public:
/// \brief Set request TSIG attributes.
/// \param is_tsig true if request is TSIG signed
- /// \param is_sig0 true if request is SIG(0) signed
/// \param is_badsig true if request signature is bad
/// \throw None
- void setRequestSig(const bool is_tsig, const bool is_sig0,
- const bool is_badsig)
- {
- assert(!(is_tsig && is_sig0));
+ void setRequestSig(const bool is_tsig, const bool is_badsig) {
+ assert(!(!is_tsig && is_badsig));
bit_attributes_[REQ_IS_TSIG] = is_tsig;
- bit_attributes_[REQ_IS_SIG0] = is_sig0;
bit_attributes_[REQ_IS_BADSIG] = is_badsig;
}
diff --git a/src/bin/auth/tests/statistics_unittest.cc.pre b/src/bin/auth/tests/statistics_unittest.cc.pre
index d930c09..49b3679 100644
--- a/src/bin/auth/tests/statistics_unittest.cc.pre
+++ b/src/bin/auth/tests/statistics_unittest.cc.pre
@@ -302,22 +302,18 @@ TEST_F(CountersTest, incrementTSIG) {
// (none) false
// TSIG false
// TSIG true
- // SIG(0) false
- // SIG(0) true
//
// badsig can't be true if the message does not have signature.
- int count_req_tsig = 0, count_res_tsig = 0, count_req_sig0 = 0,
- count_badsig = 0;
- for (int i = 0; i < 5; ++i) {
- const bool is_tsig = (i == 0 ? i : i+1) & 2;
- const bool is_sig0 = (i == 0 ? i : i+1) & 4;
- const bool is_badsig = (i == 0 ? i : i+1) & 1;
+ int count_req_tsig = 0, count_res_tsig = 0, count_badsig = 0;
+ for (int i = 0; i < 3; ++i) {
+ const bool is_tsig = (i == 2) ? true : i & 1;
+ const bool is_badsig = i & 2;
msgattrs.setRequestIPVersion(AF_INET);
msgattrs.setRequestTransportProtocol(IPPROTO_UDP);
msgattrs.setRequestOpCode(Opcode::QUERY());
msgattrs.setRequestEDNS0(true);
msgattrs.setRequestDO(true);
- msgattrs.setRequestSig(is_tsig, is_sig0, is_badsig);
+ msgattrs.setRequestSig(is_tsig, is_badsig);
response.setRcode(Rcode::REFUSED());
response.addQuestion(Question(Name("example.com"),
@@ -333,9 +329,6 @@ TEST_F(CountersTest, incrementTSIG) {
++count_res_tsig;
}
}
- if (is_sig0) {
- ++count_req_sig0;
- }
if (is_badsig) {
++count_badsig;
}
@@ -349,7 +342,7 @@ TEST_F(CountersTest, incrementTSIG) {
expect["request.dnssec_ok"] = i+1 - count_badsig;
expect["request.tsig"] = count_req_tsig;
expect["response.tsig"] = count_res_tsig;
- expect["request.sig0"] = count_req_sig0;
+ expect["request.sig0"] = 0;
expect["request.badsig"] = count_badsig;
expect["responses"] = i+1 - count_badsig;
expect["qrynoauthans"] = i+1 - count_badsig;
@@ -376,7 +369,7 @@ TEST_F(CountersTest, incrementOpcode) {
msgattrs.setRequestOpCode(Opcode(i));
msgattrs.setRequestEDNS0(true);
msgattrs.setRequestDO(true);
- msgattrs.setRequestSig(false, false, false);
+ msgattrs.setRequestSig(false, false);
response.setRcode(Rcode::REFUSED());
response.addQuestion(Question(Name("example.com"),
@@ -434,7 +427,7 @@ TEST_F(CountersTest, incrementRcode) {
msgattrs.setRequestOpCode(Opcode::IQUERY());
msgattrs.setRequestEDNS0(true);
msgattrs.setRequestDO(true);
- msgattrs.setRequestSig(false, false, false);
+ msgattrs.setRequestSig(false, false);
response.setRcode(Rcode(i));
response.addQuestion(Question(Name("example.com"),
@@ -497,7 +490,7 @@ TEST_F(CountersTest, incrementTruncated) {
msgattrs.setRequestOpCode(Opcode::IQUERY());
msgattrs.setRequestEDNS0(true);
msgattrs.setRequestDO(true);
- msgattrs.setRequestSig(false, false, false);
+ msgattrs.setRequestSig(false, false);
msgattrs.setResponseTruncated(is_truncated);
response.setRcode(Rcode::SERVFAIL());
@@ -543,7 +536,7 @@ TEST_F(CountersTest, incrementQryAuthAnsAndNoAuthAns) {
msgattrs.setRequestOpCode(Opcode::QUERY());
msgattrs.setRequestEDNS0(true);
msgattrs.setRequestDO(true);
- msgattrs.setRequestSig(false, false, false);
+ msgattrs.setRequestSig(false, false);
response.setRcode(Rcode::SERVFAIL());
response.addQuestion(Question(Name("example.com"),
@@ -583,7 +576,7 @@ TEST_F(CountersTest, incrementQrySuccess) {
msgattrs.setRequestOpCode(Opcode::QUERY());
msgattrs.setRequestEDNS0(true);
msgattrs.setRequestDO(true);
- msgattrs.setRequestSig(false, false, false);
+ msgattrs.setRequestSig(false, false);
response.setRcode(Rcode::NOERROR());
response.addQuestion(Question(Name("example.com"),
@@ -632,7 +625,7 @@ TEST_F(CountersTest, incrementQryReferralAndNxrrset) {
msgattrs.setRequestOpCode(Opcode::QUERY());
msgattrs.setRequestEDNS0(true);
msgattrs.setRequestDO(true);
- msgattrs.setRequestSig(false, false, false);
+ msgattrs.setRequestSig(false, false);
response.setRcode(Rcode::NOERROR());
response.addQuestion(Question(Name("example.com"),
@@ -675,7 +668,7 @@ TEST_F(CountersTest, incrementAuthQryRej) {
msgattrs.setRequestOpCode(Opcode::QUERY());
msgattrs.setRequestEDNS0(true);
msgattrs.setRequestDO(true);
- msgattrs.setRequestSig(false, false, false);
+ msgattrs.setRequestSig(false, false);
response.setRcode(Rcode::REFUSED());
response.addQuestion(Question(Name("example.com"),
More information about the bind10-changes
mailing list