GitLab

To fix unittest from using wrong libdns++ version.

Error was:

terminate called after throwing an instance of 'isc::dns::EmptyLabel'
  what():  duplicate period

Also isc::dns::NameParserException was added.

Discussed some on jabber.

make sure use the correct version of libdatasrc.

Error was:
Undefined symbol "_ZN3isc7datasrc35DATASRC_SQLITE_INCOMPATIBLE_VERSIONE"

Discussed on jabber.

- consolidated test scenarios for NSEC and NSEC3 to avoid duplicates
- also tested the case for findAll()
- also tested when the zone only has NSEC3PARAM or unsigned

I also renamed init() to probe() as the latter seemed more appropriate
in terms of what it does.

these are short, and only used in FindDNSSECContext, so it'd make more sense
to enclose them there.
Other cleanups:
- also made FindDNSSECContext::isNSEC/isNSEC3 private as they now don't need
  to be called outside the class
- removed isInited(); simpy doesn't see the need for it as a separate method
- simplified the code logic of getResultFlag()

trivial / no review

the latter has been merged to getDNSSECRRset().  doxygen comments were
also merged.

trivial, not reviewed

same adjustment as the previous comment was made for tests.
also fixed a small bug in getDNSSECRRset(): I should have reversed the
logic for need_nscheck.

to make a related test pass, incorporated the NotImplemented exception
handling from findNSECCover to getDNSSECRRset.
note: in this commit I reversed the behavior when we encounter the situation
where NSEC is expected but cannot be found; it now returns a NULL pointer,
although the NSEC_SIGNED flag can be still set.

It's a quite broken case of zone config so it's probably up to the
implementation, and in that sense throwing an exception is not necessary
wrong.  But we may have such a situation in a valid scenario if and when we
support incremental zone signing.  Also, this behavior is consistent with
BIND 9.

The emptyNonterminalNSEC test case was adjusted accordingly.

to do this, I extended getDNSSECRRset(name) further: it now takes 'covering'
parameter, depending on whether the requested NSEC is for the exact name
or the covering ("previous") name.  In the latter case it does the same
thing as findNSECCover() (which will be merged to getDNSSECRRset later).

now FindDNSSECContext has sufficient information to choose the correct flag,
findOnNameResult() can simply call its getResultFlags().
as an additional bonus, we can constify 'flags'.

- renamed getNSECRRset to getDNSSECRRset to clarify it's for generic DNSSEC
  purpose, even though it's essentially NSEC specific.
- moved the 'isNSEC' check to the now-renamed getDNSSECRRset, thereby removing
  the need for checking that within findOnNameResult.

instead of a pointer.
IMO, finderp_ should better be a reference than a pointer if we'd
worry about the case where it's NULL later on, like getNSECRRset
does (which shouldn't never happen in our usage).
the NULL pointer check was therefore removed with this change.

removed origin_ or complete flags_ from the class members.  non DNSSEC-specific
processing was recovered from the original version.
also made FindDNSSECContext private inside ZoneFinder; it doesn't have to
be publicly usable.
also made indentation policy more consistent for the class.

in xfrin
- add note about lack of thread-safety
- add note about from-source temporariness
- add test for case-insensitive class strings
- directly replace _memory_zones

- indentation
- spelling: 'other else' should be 'otherwise'
- constify
- avoid using an unnecessary temporary variable

They are only used for FindDNSSECContext, which is part of ZoneFinder
and can refer to its private members.

- () for return
- indentation
- brace position
- and a few other small things

(the intent of the change should be obvious from the diff.)

move GTEST_LDADD to the end of the list, so that the source tree libs get linked instead of those installed in the same location as gtest
(reviewed on jabber by jinmei)

I assume the previous change was an accident.

deal with the flag.

All in xfrin memory zones handlers;
- normalize zone name and class
- provide strong exception guarantee in _set_memory_zones
- fix comment in _set_db_file
- make _auth_config_update 'protected'

And in the tests:
- extracted memory zones update tests to own class
- added tests for bad data
- added tests for normalization

added a test for that case to confirm the regression and the fix.
also introduced some more cleanups: removed rdata_txt_ so we simplify the
code further, made isSameType static class function (it doesn't refer to
any class attributes), constified separate_rrs_.

the revised comment didn't make sense in the generalized context of
test_client.  the updated comment clarifies that.

it didn't seem correct to say "it's not allowed on the wire".  this
restriction is more about the definition of the RRset concept, rather than
what we'd see in the wire.  also added a reference to the relevant RFC (2181).