Commit 0d69a3dd authored by Mukund Sivaraman's avatar Mukund Sivaraman
Browse files

[2503] Insert the origin name into the NSEC3 tree by default

parent c5971460
......@@ -61,21 +61,28 @@ nullDeleter(RdataSet* rdataset_head) {
NSEC3Data*
NSEC3Data::create(util::MemorySegment& mem_sgmt,
const Name& zone_origin,
const generic::NSEC3PARAM& rdata)
{
return (NSEC3Data::create(mem_sgmt, rdata.getHashalg(), rdata.getFlags(),
return (NSEC3Data::create(mem_sgmt, zone_origin,
rdata.getHashalg(), rdata.getFlags(),
rdata.getIterations(), rdata.getSalt()));
}
NSEC3Data*
NSEC3Data::create(util::MemorySegment& mem_sgmt, const generic::NSEC3& rdata) {
return (NSEC3Data::create(mem_sgmt, rdata.getHashalg(), rdata.getFlags(),
NSEC3Data::create(util::MemorySegment& mem_sgmt,
const Name& zone_origin,
const generic::NSEC3& rdata)
{
return (NSEC3Data::create(mem_sgmt, zone_origin,
rdata.getHashalg(), rdata.getFlags(),
rdata.getIterations(), rdata.getSalt()));
}
NSEC3Data*
NSEC3Data::create(util::MemorySegment& mem_sgmt, uint8_t hashalg,
uint8_t flags, uint16_t iterations,
NSEC3Data::create(util::MemorySegment& mem_sgmt,
const Name& zone_origin,
uint8_t hashalg, uint8_t flags, uint16_t iterations,
const std::vector<uint8_t>& salt)
{
// NSEC3Data allocation can throw. To avoid leaking the tree, we manage
......@@ -87,6 +94,11 @@ NSEC3Data::create(util::MemorySegment& mem_sgmt, uint8_t hashalg,
mem_sgmt, ZoneTree::create(mem_sgmt, true),
boost::bind(nullDeleter, _1));
ZoneTree* tree = holder.get();
const ZoneTree::Result result =
tree->insert(mem_sgmt, zone_origin, NULL);
assert(result == ZoneTree::SUCCESS);
const size_t salt_len = salt.size();
void* p = mem_sgmt.allocate(sizeof(NSEC3Data) + 1 + salt_len);
......
......@@ -93,6 +93,7 @@ public:
/// \param rdata An NSEC3PARAM RDATA that specifies the NSEC3 parameters
/// to be stored.
static NSEC3Data* create(util::MemorySegment& mem_sgmt,
const dns::Name& zone_name,
const dns::rdata::generic::NSEC3PARAM& rdata);
/// \brief Allocate and construct \c NSEC3Data from NSEC3 Rdata.
......@@ -107,6 +108,7 @@ public:
/// \param rdata An NSEC3 RDATA that specifies the NSEC3 parameters
/// to be stored.
static NSEC3Data* create(util::MemorySegment& mem_sgmt,
const dns::Name& zone_name,
const dns::rdata::generic::NSEC3& rdata);
/// \brief Destruct and deallocate \c NSEC3Data.
......@@ -193,8 +195,10 @@ public:
private:
// Common subroutine for the public versions of create().
static NSEC3Data* create(util::MemorySegment& mem_sgmt, uint8_t hashalg,
uint8_t flags, uint16_t iterations,
static NSEC3Data* create(util::MemorySegment& mem_sgmt,
const dns::Name& zone_name,
uint8_t hashalg, uint8_t flags,
uint16_t iterations,
const std::vector<uint8_t>& salt);
/// \brief The constructor.
......
......@@ -233,7 +233,7 @@ ZoneDataUpdater::setupNSEC3(const ConstRRsetPtr rrset) {
NSEC3Data* nsec3_data = zone_data_.getNSEC3Data();
if (nsec3_data == NULL) {
nsec3_data = NSEC3Data::create(mem_sgmt_, nsec3_rdata);
nsec3_data = NSEC3Data::create(mem_sgmt_, zone_name_, nsec3_rdata);
zone_data_.setNSEC3Data(nsec3_data);
zone_data_.setSigned(true);
} else {
......
......@@ -85,11 +85,16 @@ protected:
// Shared by both test cases using NSEC3 and NSEC3PARAM Rdata
template <typename RdataType>
void
checkNSEC3Data(MemorySegmentTest& mem_sgmt, const RdataType& expect_rdata) {
NSEC3Data* nsec3_data = NSEC3Data::create(mem_sgmt, expect_rdata);
checkNSEC3Data(MemorySegmentTest& mem_sgmt,
const Name& zone_name,
const RdataType& expect_rdata)
{
NSEC3Data* nsec3_data = NSEC3Data::create(mem_sgmt, zone_name,
expect_rdata);
// Internal tree should be created and empty.
EXPECT_EQ(0, nsec3_data->getNSEC3Tree().getNodeCount());
// Internal tree should be created and must contain just the origin
// node.
EXPECT_EQ(1, nsec3_data->getNSEC3Tree().getNodeCount());
EXPECT_EQ(expect_rdata.getHashalg(), nsec3_data->hashalg);
EXPECT_EQ(expect_rdata.getFlags(), nsec3_data->flags);
......@@ -117,18 +122,18 @@ checkFindRdataSet(const ZoneTree& tree, const Name& name, RRType type,
TEST_F(ZoneDataTest, createNSEC3Data) {
// Create an NSEC3Data object from various types of RDATA (of NSEC3PARAM
// and of NSEC3), check if the resulting parameters match.
checkNSEC3Data(mem_sgmt_, param_rdata_); // one 'usual' form of params
checkNSEC3Data(mem_sgmt_, param_rdata_nosalt_); // empty salt
checkNSEC3Data(mem_sgmt_, param_rdata_largesalt_); // max-len salt
checkNSEC3Data(mem_sgmt_, zname_, param_rdata_); // one 'usual' form
checkNSEC3Data(mem_sgmt_, zname_, param_rdata_nosalt_); // empty salt
checkNSEC3Data(mem_sgmt_, zname_, param_rdata_largesalt_); // max-len salt
// Same concepts of the tests, using NSEC3 RDATA.
checkNSEC3Data(mem_sgmt_, nsec3_rdata_);
checkNSEC3Data(mem_sgmt_, nsec3_rdata_nosalt_);
checkNSEC3Data(mem_sgmt_, nsec3_rdata_largesalt_);
checkNSEC3Data(mem_sgmt_, zname_, nsec3_rdata_);
checkNSEC3Data(mem_sgmt_, zname_, nsec3_rdata_nosalt_);
checkNSEC3Data(mem_sgmt_, zname_, nsec3_rdata_largesalt_);
}
TEST_F(ZoneDataTest, addNSEC3) {
nsec3_data_ = NSEC3Data::create(mem_sgmt_, param_rdata_);
nsec3_data_ = NSEC3Data::create(mem_sgmt_, zname_, param_rdata_);
ZoneNode* node = NULL;
nsec3_data_->insertName(mem_sgmt_, nsec3_rrset_->getName(), &node);
......@@ -161,7 +166,8 @@ TEST_F(ZoneDataTest, exceptionSafetyOnCreate) {
// will fail due to bad_alloc. It shouldn't cause memory leak
// (that would be caught in TearDown()).
mem_sgmt_.setThrowCount(2);
EXPECT_THROW(NSEC3Data::create(mem_sgmt_, param_rdata_), std::bad_alloc);
EXPECT_THROW(NSEC3Data::create(mem_sgmt_, zname_, param_rdata_),
std::bad_alloc);
// allocate() will throw on the insertion of the origin node.
mem_sgmt_.setThrowCount(2);
......@@ -214,7 +220,7 @@ TEST_F(ZoneDataTest, getSetNSEC3Data) {
// Set a new one. The set method should return NULL. The get method
// should return the new one.
NSEC3Data* nsec3_data = NSEC3Data::create(mem_sgmt_, param_rdata_);
NSEC3Data* nsec3_data = NSEC3Data::create(mem_sgmt_, zname_, param_rdata_);
NSEC3Data* old_nsec3_data = zone_data_->setNSEC3Data(nsec3_data);
EXPECT_EQ(static_cast<NSEC3Data*>(NULL), old_nsec3_data);
EXPECT_EQ(nsec3_data, zone_data_->getNSEC3Data());
......@@ -222,7 +228,7 @@ TEST_F(ZoneDataTest, getSetNSEC3Data) {
// Replace an existing one with a yet another one.
// We're responsible for destroying the old one.
NSEC3Data* nsec3_data2 = NSEC3Data::create(mem_sgmt_, nsec3_rdata_);
NSEC3Data* nsec3_data2 = NSEC3Data::create(mem_sgmt_, zname_, nsec3_rdata_);
old_nsec3_data = zone_data_->setNSEC3Data(nsec3_data2);
EXPECT_EQ(nsec3_data, old_nsec3_data);
EXPECT_EQ(nsec3_data2, zone_data_->getNSEC3Data());
......
......@@ -1569,6 +1569,10 @@ TEST_F(InMemoryZoneFinderNSEC3Test, RRSIGOnly) {
// \brief testcase for #2503 (Problem in inmem NSEC3 denial of existence
// handling)
TEST_F(InMemoryZoneFinderNSEC3Test, findNSEC3MissingOrigin) {
// Set back the default hash calculator.
DefaultNSEC3HashCreator creator;
setNSEC3HashCreator(&creator);
shared_ptr<ZoneTableSegment> ztable_segment(
new ZoneTableSegmentTest(class_, mem_sgmt_));
InMemoryClient client(ztable_segment, class_);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment