BIND 10 #1573: auth::Query needs to return DS for secure delegation
BIND 10 Development
do-not-reply at isc.org
Thu Jan 26 18:43:53 UTC 2012
#1573: auth::Query needs to return DS for secure delegation
-------------------------------------+-------------------------------------
Reporter: | Owner: jinmei
jinmei | Status: reviewing
Type: task | Milestone:
Priority: | Sprint-20120207
critical | Resolution:
Component: | Sensitive: 0
b10-auth | Sub-Project: DNS
Keywords: | Estimated Difficulty: 5
Defect Severity: N/A | Total Hours: 4
Feature Depending on Ticket: |
Add Hours to Ticket: 0 |
Internal?: 0 |
-------------------------------------+-------------------------------------
Comment (by jinmei):
Replying to [comment:8 jelte]:
I made some other editorial fixes.
The revised code now looks mostly okay. I have a few minor points:
'''query.cc'''
- If we name addNXRRsetDenial with the postfix of "Denial", maybe we
should be consistent for addNXDOMAINProof, addWildcardProof, and
addWildcardNXRRSETProof?
'''query_unittest.cc'''
- I'd add one-line comment before this to explain what will follow.
{{{#!c++
const char* const signed_delegation_txt =
"signed-delegation.example.com. 3600 IN NS ns.example.net.\n";
}}}
> > maybe we need a changelog for this?
>
> Ack.
>
> [func] jelte
> The in-memory datasource now correctly includes DS records (or the
denial of its existence if NSEC is used) when returning a delegation from
a signed zone.
> (Trac 1573, git ###)
The auth::Query class is not intended to be in-memory only, so I'd say
something like
{{{
The new query handling module of b10-auth (currently only used with the
in-memory data source) now correctly...
}}}
Also, we might say this is a "bug" (fix), but I'd leave it to you.
--
Ticket URL: <http://bind10.isc.org/ticket/1573#comment:9>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list