BIND 10 trac1899_2, updated. f5bd1368b73131abd6e0562e57482310d26ff3eb [1899] Allow other RRtypes in nsec3 table (for RRSIGs)

BIND 10 source code commits bind10-changes at lists.isc.org
Mon Oct 8 07:07:51 UTC 2012 

The branch, trac1899_2 has been updated
       via  f5bd1368b73131abd6e0562e57482310d26ff3eb (commit)
      from  a38fe354acb2ba6e641d91bec364a22989f30b16 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit f5bd1368b73131abd6e0562e57482310d26ff3eb
Author: Mukund Sivaraman <muks at isc.org>
Date:   Mon Oct 8 12:36:20 2012 +0530

    [1899] Allow other RRtypes in nsec3 table (for RRSIGs)
    
    * The unique constraint on NSEC3 owner per zone is now removed
    * NSEC3 RRSIGs are now returned next to their RR set
    * Test was adjusted to check for RRSIGs too

-----------------------------------------------------------------------

Summary of changes:
 src/bin/dbutil/dbutil.py.in                        |    6 ++----
 src/bin/dbutil/tests/testdata/v2_1.sqlite3         |  Bin 15360 -> 15360 bytes
 src/lib/datasrc/sqlite3_accessor.cc                |    9 +++------
 src/lib/datasrc/tests/sqlite3_accessor_unittest.cc |    3 +++
 src/lib/datasrc/tests/testdata/example.org.sqlite3 |  Bin 15360 -> 15360 bytes
 src/lib/python/isc/datasrc/sqlite3_ds.py           |    4 +---
 6 files changed, 9 insertions(+), 13 deletions(-)

-----------------------------------------------------------------------
diff --git a/src/bin/dbutil/dbutil.py.in b/src/bin/dbutil/dbutil.py.in
index f91c276..a844484 100755
--- a/src/bin/dbutil/dbutil.py.in
+++ b/src/bin/dbutil/dbutil.py.in
@@ -197,10 +197,8 @@ UPGRADES = [
 
     {'from': (2, 0), 'to': (2, 1),
      'statements': [
-            # Enforce that only one NSEC3 RR exists for an owner name in
-            # the zone.
-            "CREATE UNIQUE INDEX nsec3_by_zoneid_and_owner ON nsec3 " +
-                "(zone_id, owner)"
+            "CREATE INDEX nsec3_byhash_and_rdtype ON nsec3 " +
+                "(hash, rdtype)"
         ]
     }
 
diff --git a/src/bin/dbutil/tests/testdata/v2_1.sqlite3 b/src/bin/dbutil/tests/testdata/v2_1.sqlite3
index 9eea287..ca2dee9 100644
Binary files a/src/bin/dbutil/tests/testdata/v2_1.sqlite3 and b/src/bin/dbutil/tests/testdata/v2_1.sqlite3 differ
diff --git a/src/lib/datasrc/sqlite3_accessor.cc b/src/lib/datasrc/sqlite3_accessor.cc
index 1b2ec8e..dc7c794 100644
--- a/src/lib/datasrc/sqlite3_accessor.cc
+++ b/src/lib/datasrc/sqlite3_accessor.cc
@@ -104,11 +104,9 @@ const char* const text_statements[NUM_STATEMENTS] = {
 
     // ITERATE_NSEC3:
     // The following iterates the whole zone in the nsec3 table. As the
-    // RRSIGs are for NSEC3s, we can hardcode the sigtype. As there is
-    // only one RR per-owner per-zone, there's no need to order these
-    // for the sake of any post-processing.
+    // RRSIGs are for NSEC3s, we can hardcode the sigtype.
     "SELECT rdtype, ttl, \"NSEC3\", rdata, owner FROM nsec3 "
-        "WHERE zone_id = ?1",
+        "WHERE zone_id = ?1 ORDER BY hash, rdtype",
     /*
      * This one looks for previous name with NSEC record. It is done by
      * using the reversed name. The NSEC is checked because we need to
@@ -352,8 +350,7 @@ const char* const SCHEMA_LIST[] = {
         "ttl INTEGER NOT NULL, rdtype TEXT NOT NULL COLLATE NOCASE, "
         "rdata TEXT NOT NULL)",
     "CREATE INDEX nsec3_byhash ON nsec3 (hash)",
-    // Enforce that only one NSEC3 RR exists for an owner name in the zone.
-    "CREATE UNIQUE INDEX nsec3_by_zoneid_and_owner ON nsec3 (zone_id, owner)",
+    "CREATE INDEX nsec3_byhash_and_rdtype ON nsec3 (hash, rdtype)",
     "CREATE TABLE diffs (id INTEGER PRIMARY KEY, "
         "zone_id INTEGER NOT NULL, "
         "version INTEGER NOT NULL, "
diff --git a/src/lib/datasrc/tests/sqlite3_accessor_unittest.cc b/src/lib/datasrc/tests/sqlite3_accessor_unittest.cc
index 48d1193..700d75d 100644
--- a/src/lib/datasrc/tests/sqlite3_accessor_unittest.cc
+++ b/src/lib/datasrc/tests/sqlite3_accessor_unittest.cc
@@ -193,6 +193,9 @@ TEST_F(SQLite3AccessorTest, iterator) {
     checkRR(context, "www.example.org.", "3600", "A", "192.0.2.1");
     checkRR(context, "ns3.example.org.", "3600", "NSEC3",
             "1 1 12 aabbccdd 2T7B4G4VSA5SMI47K61MV5BV1A22BOJR A RRSIG");
+    checkRR(context, "ns3.example.org.", "3600", "RRSIG",
+            "NSEC3 5 3 3600 20000101000000 20000201000000 "
+            "12345 ns3.example.org. FAKEFAKEFAKE");
 
     // Check there's no other
     EXPECT_FALSE(context->getNext(data));
diff --git a/src/lib/datasrc/tests/testdata/example.org.sqlite3 b/src/lib/datasrc/tests/testdata/example.org.sqlite3
index 939e5e4..c799d2e 100644
Binary files a/src/lib/datasrc/tests/testdata/example.org.sqlite3 and b/src/lib/datasrc/tests/testdata/example.org.sqlite3 differ
diff --git a/src/lib/python/isc/datasrc/sqlite3_ds.py b/src/lib/python/isc/datasrc/sqlite3_ds.py
index ef1245a..dc80afd 100644
--- a/src/lib/python/isc/datasrc/sqlite3_ds.py
+++ b/src/lib/python/isc/datasrc/sqlite3_ds.py
@@ -81,9 +81,7 @@ def create(cur):
                     rdtype TEXT NOT NULL COLLATE NOCASE,
                     rdata TEXT NOT NULL)""")
         cur.execute("CREATE INDEX nsec3_byhash ON nsec3 (hash)")
-        # Enforce that only one NSEC3 RR exists for an owner name in the zone.
-        cur.execute("""CREATE UNIQUE INDEX nsec3_by_zoneid_and_owner ON nsec3
-                        (zone_id, owner)""");
+        cur.execute("CREATE INDEX nsec3_byhash_and_rdtype ON nsec3 (hash, rdtype)")
         cur.execute("""CREATE TABLE diffs (id INTEGER PRIMARY KEY,
                     zone_id INTEGER NOT NULL,
                     version INTEGER NOT NULL,

More information about the bind10-changes mailing list