BIND 10 master, updated. 3a3c7f52a1da822814cbd742a565ac4ed9c801d9 [master] Merge branch 'trac2586'
BIND 10 source code commits
bind10-changes at lists.isc.org
Tue Feb 12 18:13:43 UTC 2013
The branch, master has been updated
via 3a3c7f52a1da822814cbd742a565ac4ed9c801d9 (commit)
via 8d1f4d45b8998de8ca478a1bb600b8cbb88e4a31 (commit)
via 9a9b17823a2c57e3013f4f6da055f2a7cc48c289 (commit)
from 24b3e0cb75ea0a1f6b22fc91d679313ed7a6468f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3a3c7f52a1da822814cbd742a565ac4ed9c801d9
Merge: 24b3e0c 8d1f4d4
Author: JINMEI Tatuya <jinmei at isc.org>
Date: Tue Feb 12 10:12:43 2013 -0800
[master] Merge branch 'trac2586'
-----------------------------------------------------------------------
Summary of changes:
src/bin/auth/tests/query_unittest.cc | 21 ++++-----------------
src/bin/auth/tests/testdata/example-base-inc.zone | 14 +++++++-------
2 files changed, 11 insertions(+), 24 deletions(-)
-----------------------------------------------------------------------
diff --git a/src/bin/auth/tests/query_unittest.cc b/src/bin/auth/tests/query_unittest.cc
index 69d6dd4..b017e70 100644
--- a/src/bin/auth/tests/query_unittest.cc
+++ b/src/bin/auth/tests/query_unittest.cc
@@ -1372,17 +1372,11 @@ TEST_P(QueryTest, nxdomainWithNSEC) {
}
TEST_P(QueryTest, nxdomainWithNSEC2) {
- // there seems to be a bug in the SQLite3 (or database in general) data
- // source and this doesn't work (Trac #2586).
- if (GetParam() == SQLITE3) {
- return;
- }
-
// See comments about no_txt. In this case the best possible wildcard
// is derived from the next domain of the NSEC that proves NXDOMAIN, and
// the NSEC to provide the non existence of wildcard is different from
// the first NSEC.
- query.process(*list_, Name("(.no.example.com"), qtype, response,
+ query.process(*list_, Name("!.no.example.com"), qtype, response,
true);
responseCheck(response, Rcode::NXDOMAIN(), AA_FLAG, 0, 6, 0,
NULL, (string(soa_minttl_txt) +
@@ -1392,19 +1386,12 @@ TEST_P(QueryTest, nxdomainWithNSEC2) {
string("mx.example.com. 3600 IN RRSIG ") +
getCommonRRSIGText("NSEC") + "\n" +
string(nsec_no_txt) + "\n" +
- string(").no.example.com. 3600 IN RRSIG ") +
+ string("&.no.example.com. 3600 IN RRSIG ") +
getCommonRRSIGText("NSEC")).c_str(),
NULL, mock_finder->getOrigin());
}
TEST_P(QueryTest, nxdomainWithNSECDuplicate) {
- // there seems to be a bug in the SQLite3 (or database in general) data
- // source and this doesn't work. This is probably the same type of bug
- // as nxdomainWithNSEC2 (Trac #2586).
- if (GetParam() == SQLITE3) {
- return;
- }
-
// See comments about nz_txt. In this case we only need one NSEC,
// which proves both NXDOMAIN and the non existence of wildcard.
query.process(*list_, Name("nx.no.example.com"), qtype, response,
@@ -1414,7 +1401,7 @@ TEST_P(QueryTest, nxdomainWithNSECDuplicate) {
string("example.com. 0 IN RRSIG ") +
getCommonRRSIGText("SOA") + "\n" +
string(nsec_no_txt) + "\n" +
- string(").no.example.com. 3600 IN RRSIG ") +
+ string("&.no.example.com. 3600 IN RRSIG ") +
getCommonRRSIGText("NSEC")).c_str(),
NULL, mock_finder->getOrigin());
}
@@ -1528,7 +1515,7 @@ TEST_P(QueryTest, nxrrsetWithNSEC) {
TEST_P(QueryTest, emptyNameWithNSEC) {
// Empty non terminal with DNSSEC proof. This is one of the cases of
// Section 3.1.3.2 of RFC4035.
- // mx.example.com. NSEC ).no.example.com. proves no.example.com. is a
+ // mx.example.com. NSEC &.no.example.com. proves no.example.com. is a
// non empty terminal node. Note that it also implicitly proves there
// should be no closer wildcard match (because the empty name is an
// exact match), so we only need one NSEC.
diff --git a/src/bin/auth/tests/testdata/example-base-inc.zone b/src/bin/auth/tests/testdata/example-base-inc.zone
index 8b76132..08fbf86 100644
--- a/src/bin/auth/tests/testdata/example-base-inc.zone
+++ b/src/bin/auth/tests/testdata/example-base-inc.zone
@@ -150,32 +150,32 @@ t.example.com. 3600 IN RRSIG NSEC 5 3 3600 20000101000000 20000201000000 12345 e
;; the best possible wildcard is below the "next domain" of the NSEC RR that
;; proves the NXDOMAIN, i.e.,
;; mx.example.com. (exist)
-;; (.no.example.com. (qname, NXDOMAIN)
-;; ).no.example.com. (exist)
+;; !.no.example.com. (qname, NXDOMAIN)
+;; &.no.example.com. (exist)
;; *.no.example.com. (best possible wildcard, not exist)
;var=no_txt
-\).no.example.com. 3600 IN AAAA 2001:db8::53
+&.no.example.com. 3600 IN AAAA 2001:db8::53
;; NSEC records.
;var=nsec_apex_txt
example.com. 3600 IN NSEC cname.example.com. NS SOA NSEC RRSIG
;var=
example.com. 3600 IN RRSIG NSEC 5 3 3600 20000101000000 20000201000000 12345 example.com. FAKEFAKEFAKE
;var=nsec_mx_txt
-mx.example.com. 3600 IN NSEC \).no.example.com. MX NSEC RRSIG
+mx.example.com. 3600 IN NSEC &.no.example.com. MX NSEC RRSIG
;var=
mx.example.com. 3600 IN RRSIG NSEC 5 3 3600 20000101000000 20000201000000 12345 example.com. FAKEFAKEFAKE
;var=nsec_no_txt
-\).no.example.com. 3600 IN NSEC nz.no.example.com. AAAA NSEC RRSIG
+&.no.example.com. 3600 IN NSEC nz.no.example.com. AAAA NSEC RRSIG
;var=
-\).no.example.com. 3600 IN RRSIG NSEC 5 3 3600 20000101000000 20000201000000 12345 example.com. FAKEFAKEFAKE
+&.no.example.com. 3600 IN RRSIG NSEC 5 3 3600 20000101000000 20000201000000 12345 example.com. FAKEFAKEFAKE
;; We'll also test the case where a single NSEC proves both NXDOMAIN and the
;; non existence of wildcard. The following records will be used for that
;; test.
-;; ).no.example.com. (exist, whose NSEC proves everything)
+;; &.no.example.com. (exist, whose NSEC proves everything)
;; *.no.example.com. (best possible wildcard, not exist)
;; nx.no.example.com. (NXDOMAIN)
;; nz.no.example.com. (exist)
More information about the bind10-changes
mailing list