BIND 10 #1808: support NSEC for normal NXRRSET in in-memory

BIND 10 Development do-not-reply at isc.org
Thu May 10 01:10:58 UTC 2012 

#1808: support NSEC for normal NXRRSET in in-memory
-------------------------------------+-------------------------------------
                   Reporter:         |                 Owner:  kevin_tes
  jinmei                             |                Status:  reviewing
                       Type:  task   |             Milestone:
                   Priority:         |  Sprint-20120515
  medium                             |            Resolution:
                  Component:  data   |             Sensitive:  0
  source                             |           Sub-Project:  DNS
                   Keywords:         |  Estimated Difficulty:  3
            Defect Severity:  N/A    |           Total Hours:  0
Feature Depending on Ticket:  in-    |
  memory NSEC                        |
        Add Hours to Ticket:  0      |
                  Internal?:  0      |
-------------------------------------+-------------------------------------

Comment (by kevin_tes):

 Replying to [comment:8 jinmei]:
 > - I made some editorial fixes to the branch.  I think I've pointed out
 >   these things several times.  Things like redundant white space or
 >   space after comma should be avoidable using some tool.  If you
 >   cannot avoid introducing these in editing, please seriously consider
 >   using some tool before asking for review.  Discussing such primitive
 >   things in review cycles is not a very efficient way of using our
 >   time.
 sorry,I have already set my vim editor in the .vimrc file:
 {{{
 highlight WhitespaceEOL ctermbg=red guibg=red
 match WhitespaceEOL /\s\+$/
 }}}
 But it seems not work.I'll try other tool before asking for review.
 >
 > - about the main change: unlike the comment it doesn't seem to check
 >   whether DNSSEC are requested.  Also there's no test for that case to
 >   confirm or deny the suspicion.
 >
 > - DATASRC_MEM_NXRRSET is used in two different places.  We must not do
 >   it for our logging policy.
 >
 > - I'd combine the with-or-without NSEC case using a small helper
 >   function.  See, e.g., trac1805 and how getClosestNSEC() is used in
 >   the NXDOMAIN case.  This would also solve the duplicated log ID
 >   issue.
 >
 > - As noted above, we need to test the case when DNSSEC records are not
 >   requested but the zone is NSEC signed.
 >
 thanks,changed will be made,based on these.
 > - Why did you remove the findNSECSigned test?  Due to that some test
 >   cases were lost.
 >
 Here,i do think it does not need this test anymore, if NXRRSET case
 completed.

 > - This comment doesn't seem to be very helpful.  In some sense, it's
 >   too trivial; on the other hand, it's too blunt and not clear what it
 >   tries to comment.
 > {{{#!cpp
 > // Test if NSEC works
 > }}}
 thanks,changed will be made,based on these.

-- 
Ticket URL: <http://bind10.isc.org/ticket/1808#comment:10>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development

More information about the bind10-tickets mailing list