Commit 575c53af authored by Evan Hunt's avatar Evan Hunt
Browse files

- add NSEC3 loadzone test data

- fixed several bugs in NSEC3 logic


git-svn-id: svn://bind10.isc.org/svn/bind10/trunk@1155 e5f2f494-b856-4b98-b285-d166d9295462
parent 833d7f65
; This is a key-signing key, keyid 38482, for sql2.example.com.
; Created: Fri Mar 5 19:12:28 2010
; Publish: Fri Mar 5 19:12:28 2010
; Activate: Fri Mar 5 19:12:28 2010
sql2.example.com. IN DNSKEY 257 3 5 AwEAAdNHTu+NmN/07XFztWhlyIybbPvq8FERTASCrfmthpbsFPyQy0Gl F1PnEWasfpM0H5KE4aEmPlvcDD6cpg+Tz+2aXQa9cPe3C4Vy+a0O4bp0 +LDG7TZmsQxqSuQen9YsSqIDclz+ajC0L8WUt6/kjv7TEtqwMLqkuViT jHef1dq3vqPNn3ZlD+uh9sOn0q+B2r9mkPXtcOQKvi8bZyRW+RaBDHy5 XjlUocjXtS3aCjh8S+vqJdyhuepXdhvh+owUQy6h+HxkVX/6jx+8wc/E JXYbCc+ZO9+hO4L7Wu8I89qJY2/xQ6SpDVHCoAj6kf3FO/7YAwy60bef 5HaUN7d/SY8=
Private-key-format: v1.3
Algorithm: 5 (RSASHA1)
Modulus: 00dO742Y3/TtcXO1aGXIjJts++rwURFMBIKt+a2GluwU/JDLQaUXU+cRZqx+kzQfkoThoSY+W9wMPpymD5PP7ZpdBr1w97cLhXL5rQ7hunT4sMbtNmaxDGpK5B6f1ixKogNyXP5qMLQvxZS3r+SO/tMS2rAwuqS5WJOMd5/V2re+o82fdmUP66H2w6fSr4Hav2aQ9e1w5Aq+LxtnJFb5FoEMfLleOVShyNe1LdoKOHxL6+ol3KG56ld2G+H6jBRDLqH4fGRVf/qPH7zBz8QldhsJz5k736E7gvta7wjz2oljb/FDpKkNUcKgCPqR/cU7/tgDDLrRt5/kdpQ3t39Jjw==
PublicExponent: AQAB
PrivateExponent: yYu+uzrCWPJXB+EvbpWaCLfD8VUfRtZPRAY9XG6yc4pmQsEFhGuuozVMHjvyyw3wCF+Gtam71vlFHP1mVHnW4nxcva898rDE5trVXsdRggNPsaMyarDvuD41jwO/yhmaYI8VK6zvM+LPp5XE3KAV4PUNiVyGP6YfwWWPnBX3dZoRcpOWAiqwkArTOWTHs42qH3vZMzZbPx3pLEarpsMLTkSnSO7kGKWeKUMyl6fEi90zzJl8oSKf5B8L/Rhwf+biNMvHmA/4W3D15XjEk/5wj100A3XhMsiDVytNH+6rlX65hVF++VBGBDMySGuhYZu/J7awoalLmYmDKqXIPIM84Q==
Prime1: /dR4ayw12nGodQaQFFbNLiNRjUUbasALGoVpXYlv33p4MeFcnm8P6f2k8wWAnOitpYAIA6aCLFwM+UaWDOm0BcQJ4z4Y3Bxo25Yq01A0MGySQeqhu6tx7IHBvgMBoZ/NbIq+opAT+J/oR5tzA0bE7lfhMX7AdnvZPko3WM06N4c=
Prime2: 1RW12yNrg7FW0Hssn2WAJbBX55Ra4yxKOrhUu7UhnWAejNTgn20xv1dK++Y3bDty5QxlIU7Z0F8+7n0LE35cRHonihG4a1RptLC67cQrxWHtEuBEMa/h4AMKX7lTzmZsuboIwR+G27FhkiAc+nHLSeU22AGwkAMoC67o83IBz7k=
Exponent1: 2CEhQ8hKNq1Ojg6/gcIDRUTnfM2aMcRB8BwnAnEzI+vJClflIDZbK5dA63kE8RYiPWiN6mXOM21R0rNqsqYQFlS9QpQuYMWD922fG30QYycfRic9/WlXQNWfnWY77l3+cWyWNB9QEgQ+qTJQtTp+FqAXbKiLwpdj/Gj/RYrCBmM=
Exponent2: G+jkEPfqtS0dOeFoTth0mHsoiGSeIvNCJb7PGmb3KC3W0otvgHJE+dLtN2FIER0YR3gAJwS08t4G2CX4tWzvmOiHFUaM6UH9NnWPhmUTdp8E9lv5kqh+5WCAk1kq6PXxd8IuM111xIDPTtx17zfIcL1dGZ3fCn3fWOhoCrr8EcE=
Coefficient: +BcTI4d+zxlNZ+ihinMxuo9hpn0OEQk0w7bUB1PdC4z8/YPMjnuANNgRtG6iPe0dl4IS9wbwVUugROdv4lQBVkPLXuZ/C+TQMxwjY2qGrVH92NARjKpmw+Qp9kVx37/C6qr6e7Gbr5RiBdInCt+7HyqVBsXAlsn7gFxOYnUd1Eg=
Created: 20100306031228
Publish: 20100306031228
Activate: 20100306031228
; This is a zone-signing key, keyid 63192, for sql2.example.com.
; Created: Fri Mar 5 19:12:22 2010
; Publish: Fri Mar 5 19:12:22 2010
; Activate: Fri Mar 5 19:12:22 2010
sql2.example.com. IN DNSKEY 256 3 5 AwEAAdKcbdCUqIv7gGzBFnmNaZjSY9uLXlYDmMC9XOYN79SIEdIYwvsi iygvURBxutSclG9RYDDDigb5gOfvgFVyf0IV3qe0rySIOZL6xTq425Ma cI8KEYUu6F4DesyejPJz+G7PZAYnsufV3NBccTFTC2bSsyM/5ZDbNyF/ /+ZV3lpH
Private-key-format: v1.3
Algorithm: 5 (RSASHA1)
Modulus: 0pxt0JSoi/uAbMEWeY1pmNJj24teVgOYwL1c5g3v1IgR0hjC+yKLKC9REHG61JyUb1FgMMOKBvmA5++AVXJ/QhXep7SvJIg5kvrFOrjbkxpwjwoRhS7oXgN6zJ6M8nP4bs9kBiey59Xc0FxxMVMLZtKzIz/lkNs3IX//5lXeWkc=
PublicExponent: AQAB
PrivateExponent: VwjUDM1SNb7yXH8S1ZqN19yh7ZlTm8ISvxvCJ0P9J1wv2R3ofbXRwgKDwoLtTW2DndkIIj68bJNxJOgBpc4SLjGsX7Si98Oray3G54UBgHx8iRgFrK7FrKGSNsHute7ZKCo2yRjLSCpYnb+F+sllSYOI00dNdyLR/9jW2svW1Gk=
Prime1: +2SHh7lI+ndcT62+kXxTSy1wAUqJvkoNDuju8yh7lphENZLPpG0kKsKExHrOR/uuCu/wGoQZOsi0VGtbM4/UvQ==
Prime2: 1niP/P4O/OEuXgQRH/YO2woqNhNSn/ZVWTE7DHIMePFbAz2XbEpDmdqmtrHh2nc+38S5MIvlI8fs1hEmFyp1Uw==
Exponent1: cYH/q+meKPEx7gweCqSfG0el1f9o2FGpOb00/vedbe7MhYAHX0+kT+ZKekiU0W2zNN8Hg4F3vtIWkjNzF4Hu5Q==
Exponent2: U59kfP9ONrlSC+RIDQ8ykaMv/C+iiq5QbttsK5kYVdu9YdEVBmsaWpXPZPKMnlLaWANrNYuGR2I/bOP41xV98w==
Coefficient: e3egNWExAEVssl2T38/ZZPAf7jpbw2TH3Te1TohzOpj+S+V8O72h+kXFbBS/foiv7ulgAeo7Ex/3OwOOmSFylA==
Created: 20100306031222
Publish: 20100306031222
Activate: 20100306031222
......@@ -21,6 +21,11 @@ ns2.subzone A 192.168.3.2
dname DNAME sql1.example.com.
$ORIGIN sql1.example.com.
sql1.example.com. NS dns01.example.com.
NS dns02.example.com.
NS dns03.example.com.
sql1.example.com. NS dns01.example.com.
NS dns02.example.com.
NS dns03.example.com.
$ORIGIN sql2.example.com.
sql2.example.com. NS dns01.example.com.
NS dns02.example.com.
NS dns03.example.com.
$ORIGIN sql2.example.com.
$TTL 3600
@ SOA master.example.com. admin.example.com. 678 3600 1800 2419200 7200
NS dns01.example.com.
NS dns02.example.com.
NS dns03.example.com.
a 3600 IN A 192.168.2.1
b 3600 IN A 192.168.2.2
c 3600 IN A 192.168.2.3
d 3600 IN A 192.168.2.4
www 3600 IN A 192.168.2.5
; File written on Fri Mar 5 19:18:38 2010
; dnssec_signzone version 9.7.0
sql2.example.com. 3600 IN SOA master.example.com. admin.example.com. (
678 ; serial
3600 ; refresh (1 hour)
1800 ; retry (30 minutes)
2419200 ; expire (4 weeks)
7200 ; minimum (2 hours)
)
3600 RRSIG SOA 5 3 3600 20100405021838 (
20100306021838 63192 sql2.example.com.
GHZ2Emfin4Fj4sKSAfhoDuHYo1omaAHFXdW3
bn8NjR+DXxKlhwCtZnnatWFcvrAxkkOipcLw
DGViJdrRvkKXShnZewapuYwUmX7RK1nbqJPo
Xvzs6QyhkaEcunNjf7qr8bbgAgV1z66dpzYL
tBSukPE4lgDHxT+BPE7TgB9Jvdc= )
3600 NS dns01.example.com.
3600 NS dns02.example.com.
3600 NS dns03.example.com.
3600 RRSIG NS 5 3 3600 20100405021838 (
20100306021838 63192 sql2.example.com.
K/C9TBGNjaf9jwPAxNQlfN4qpTr07kYMmPyI
B3ScvmgVONa7+4LI86bSBDYC0qXhVo+oGkJc
u7DhcZ5YyaypafuoZTu4/Cbwqthwel69pw9Q
xi0kMWHv9/ijYTxplzG0oQZeZjgJ04hWukR8
L8FgtTwwL6IHI8llZqXBiAihsrQ= )
3600 DNSKEY 256 3 5 (
AwEAAdKcbdCUqIv7gGzBFnmNaZjSY9uLXlYD
mMC9XOYN79SIEdIYwvsiiygvURBxutSclG9R
YDDDigb5gOfvgFVyf0IV3qe0rySIOZL6xTq4
25MacI8KEYUu6F4DesyejPJz+G7PZAYnsufV
3NBccTFTC2bSsyM/5ZDbNyF//+ZV3lpH
) ; key id = 63192
3600 DNSKEY 257 3 5 (
AwEAAdNHTu+NmN/07XFztWhlyIybbPvq8FER
TASCrfmthpbsFPyQy0GlF1PnEWasfpM0H5KE
4aEmPlvcDD6cpg+Tz+2aXQa9cPe3C4Vy+a0O
4bp0+LDG7TZmsQxqSuQen9YsSqIDclz+ajC0
L8WUt6/kjv7TEtqwMLqkuViTjHef1dq3vqPN
n3ZlD+uh9sOn0q+B2r9mkPXtcOQKvi8bZyRW
+RaBDHy5XjlUocjXtS3aCjh8S+vqJdyhuepX
dhvh+owUQy6h+HxkVX/6jx+8wc/EJXYbCc+Z
O9+hO4L7Wu8I89qJY2/xQ6SpDVHCoAj6kf3F
O/7YAwy60bef5HaUN7d/SY8=
) ; key id = 38482
3600 RRSIG DNSKEY 5 3 3600 20100405021838 (
20100306021838 38482 sql2.example.com.
yzX77VLc88eiigZECMPwR11vtVhoSAUL0Ado
us91613C9mskvBu2ThYalkwAQiQHJa3fOal+
a3DBzaGOI2n8FkynP/t2BjeSwNUR+k4Ts+kb
UBDIKA3f08bpXjWMRvRP+sLXZ98DiqU/7AkO
farImxOwVTrbvt14IjVCcQlal77pnWKNSWPE
0aDAtkqQNE5yDDik5Aj2aTtoSUKBvthBBH9+
zkNUmvUDSF0Ulywv3xUOpOldqoG9eWThogRg
zpRXYw4mrCBKrCTlbpQtrfn2o+GbTScMxAYk
cgqnfN8LkpzSYtK8HlGwhLHigSl3uB+M1F5n
WxD+6iKvsWMnnycdHA== )
3600 RRSIG DNSKEY 5 3 3600 20100405021838 (
20100306021838 63192 sql2.example.com.
V84sEJFayUmg2mAvCJpirRy15dgRMQUJnqkX
xG8wO3vd8nNoQBZMoBJOFcDrEKvd81Vo/zoG
Namrhzx8MMtRxXzt0Q++mN0i376rTfNoTs1o
iJJ6x5V1o3X+Dt62F9aBRS7nqWRwAum7Eh1V
ViFKiSoLFiW+n+u1zwXYNx77lag= )
0 NSEC3PARAM 1 0 10 ADDFEE
0 RRSIG NSEC3PARAM 5 3 0 20100405021838 (
20100306021838 63192 sql2.example.com.
KlhkWFiZuMp45BiugsAVV1RfiokV0mqLYibu
XGZttNfk2N1mDiGVLUyc2Y4Rdp4Xvma3lpGB
XZPCrdvky4eI+KwBi8dM7+pi1YPcQcEKyLYP
FN2I5GAehN5l0p/mEDJhxRym4Z+KaP4piHYI
Qlwdg/mLlPaAatG3TzMknNyjrVA= )
a.sql2.example.com. 3600 IN A 192.168.2.1
3600 RRSIG A 5 4 3600 20100405021838 (
20100306021838 63192 sql2.example.com.
ci3CrRml5ml74tNrEy/Bgy/CWaXP1sNoSTVi
0jgdzKGXg3xiOmbENEGr+mkbqH4hMVHzn3OO
ovqui7mL55C40fMPZb9rwSe9G7XvivBRlJY+
4JFdOWZNc1TBmjukDyR/MVpNz8wdtgeNbqPD
LsnRejxgvWXZMbjGk7sn7JglE5M= )
b.sql2.example.com. 3600 IN A 192.168.2.2
3600 RRSIG A 5 4 3600 20100405021838 (
20100306021838 63192 sql2.example.com.
jG7Hlyg/M2SmPKG65jjzBsmwboWY7fpzSXm/
3h8luq/rvIlxU65XO6nAjweQOj4vJRsx3DxD
+sTcAsBbyAjsyfe1lDWlyIWB7xXCSdafNNWX
0GWV1+/v8cOLd1xwZhx7vIA8TkcWUvw6BNkX
896bCfew9yw2Z/GsSdTWlwdybBE= )
c.sql2.example.com. 3600 IN A 192.168.2.3
3600 RRSIG A 5 4 3600 20100405021838 (
20100306021838 63192 sql2.example.com.
k9s9zNDcO0BR+Gy+2zeFq1O/KNtq0y609Rwy
AsGpNjiF08rPWVpEUXDJDsO7gx03ES4gnbou
LYwtBrzlekjofSga8FtkWkcLaxCZ6+X1kuJJ
rBIaiq3AJkzIE4RvdqymOWMgGSb9W9szcbnd
h1OOHdoyW53z8O3EAEUFS16OAGs= )
d.sql2.example.com. 3600 IN A 192.168.2.4
3600 RRSIG A 5 4 3600 20100405021838 (
20100306021838 63192 sql2.example.com.
NeXmw3JQHJnfkvO/TeyNgtCYVMqNB24xB+gA
sMTbmsOp6AeYHCLe23yej3OiSFZE2ZDcGl7u
nAACdOtGhuLTXWgFIkAArK2uJEEzLcbxeYKG
XigvbKSGLayFiCWFKUrkCY45LSx8BFm8T1lL
gqqaEOoLsyXIMsaXZr+lxVKvloo= )
www.sql2.example.com. 3600 IN A 192.168.2.5
3600 RRSIG A 5 4 3600 20100405021838 (
20100306021838 63192 sql2.example.com.
lU5C4PWsIGRpr9J+L9/4/qa0DtSI8UqKsifT
sR6PvqCaQ1ckrBo7ydUMhvAFgaxMGellPx3L
bCiXg6lTmmYhu8OjD+MP75O0Wf0eHiLFc30O
ff+vxHXnr8nD3NaipNS2tknoJLTnN20B2IEe
si8jhHmKzDVQWiHDcWbk1mjXolI= )
2BGB4LBTNVHRI9AK6UAJHH2OJT502O0N.sql2.example.com. 7200 IN NSEC3 1 0 10 ADDFEE GL4QIPNRBF61DU386BB2KR5421KMG027 A RRSIG
7200 RRSIG NSEC3 5 4 7200 20100405021838 (
20100306021838 63192 sql2.example.com.
dkKEl+NpM93LpRGbz2kQqLvxOfzepLwTeM9/
jmU61386kWjhgMMBtw1BUBgukid3frGR6nvV
nJZxfFGUlLPI8xYHZ3jd4tvmVihCJLqgrYKq
kn1RS8iDWzJTcnCnoh/tk56WKRBbmSCRwa06
N4kzs7xDwZza/llhwKO0wtISEXk= )
GL4QIPNRBF61DU386BB2KR5421KMG027.sql2.example.com. 7200 IN NSEC3 1 0 10 ADDFEE HTD0INO9630H7MCGPOEB6MF9SPVCA3R0 A RRSIG
7200 RRSIG NSEC3 5 4 7200 20100405021838 (
20100306021838 63192 sql2.example.com.
xtklCx/faeEek/n0jipi+vOE+4wPqEDslD9t
iH/8XjR++2mVyYDqdttt4iVAnr66hFQ31ftJ
aLzFM951s2b7nyfHupJgRudyA9Y6uX2lFIjl
zrzRgZwMXwg7Ob0zX3M+09KccTt95wYO8/i4
hvRRerk/0XCpkfU0OE7aF5VBuos= )
HTD0INO9630H7MCGPOEB6MF9SPVCA3R0.sql2.example.com. 7200 IN NSEC3 1 0 10 ADDFEE MKI8J0I7MHI2U4K0L3V0VLIRI3RCAD7R A RRSIG
7200 RRSIG NSEC3 5 4 7200 20100405021838 (
20100306021838 63192 sql2.example.com.
DKv1FkZRyhNQxia2+hxtcQsOaA60gC0xPujv
vm3omETNxll7PwO69b9Nmh5/nv8CbxDrl+fQ
AbzBPP6FZdbQfR6yjLt+Xef1YG79qK6EEJpM
ylneYdx54cxTUo3WcviuBKygFc/clrr6Hea7
EC2YHjVfCniiqS3d9KrULV6KpL0= )
MKI8J0I7MHI2U4K0L3V0VLIRI3RCAD7R.sql2.example.com. 7200 IN NSEC3 1 0 10 ADDFEE OQRIGUURA2EA10PTM2S3E8FF152OLJFM A RRSIG
7200 RRSIG NSEC3 5 4 7200 20100405021838 (
20100306021838 63192 sql2.example.com.
Hk1MQB/K/xVocCITenl81R2SJlVklk9D0rUO
VHnaL35hO3pCznZQ3A8KzLjE0Zy8m1Yh7Pkb
w+KmjwpxTsj9cDFeUO050bwbM7cdesnRUBUR
0rLAQfZBI6UALTCkTj6sBbpOXYZHToeBr7ac
ZidcGHEkDMRonYePH+QD845fJSk= )
OQRIGUURA2EA10PTM2S3E8FF152OLJFM.sql2.example.com. 7200 IN NSEC3 1 0 10 ADDFEE OU39TUD6NV4L80BF15H6TJ6DVNOERDP0 NS SOA RRSIG DNSKEY NSEC3PARAM
7200 RRSIG NSEC3 5 4 7200 20100405021838 (
20100306021838 63192 sql2.example.com.
QZrp4Vqz2Muvrc2duM1sxgDFZBEJNOyaZTMx
F6OaVKOFZhcZQBzKJZkANDarJmKlwsSW9BAD
JvP5RpGzHAtL8zVSWJgeEkL47ldHdejyHhCQ
6Z8F3ip7lonIx9J3HoSQz3OSJS9chX63eAS9
2XegwKglK0aGl4UE5qxIURQj4TA= )
OU39TUD6NV4L80BF15H6TJ6DVNOERDP0.sql2.example.com. 7200 IN NSEC3 1 0 10 ADDFEE 2BGB4LBTNVHRI9AK6UAJHH2OJT502O0N A RRSIG
7200 RRSIG NSEC3 5 4 7200 20100405021838 (
20100306021838 63192 sql2.example.com.
qhn5WW5nC9neuarr1947bUW6rS4X0P8vU/L7
KlyzrbhPVDK/3Ko+S02nIonZ2Q7WMW2twb2A
N03SoLrwPPkTEK5BqTArbZha6R1a2HU1SNja
qtVgHqVKFz2DXY1jcewQ/cE0XwgeMn7Xunvz
E9Tk0jcWsfCJhs7E6TQ8IkeDvoM= )
- change filenames so we don't have everything starting with "data_source_"?
- clean up SQL data source code
- store rdata in the database as binary blobs instead of text
- correct NSEC3 logic
......@@ -15,6 +15,7 @@
// $Id$
#include <cassert>
#include <iomanip>
#include <iostream>
#include <vector>
......@@ -345,7 +346,10 @@ proveNX(Query& q, QueryTaskPtr task, const DataSrc* ds, const Name& zonename)
if (nsec3) {
string node = nsec3->getHash(task->qname);
string apex = nsec3->getHash(zonename);
string wild = nsec3->getHash(Name("*").concatenate(zonename));
string wild("");
if ((task->flags & DataSrc::NAME_NOT_FOUND) != 0) {
wild = nsec3->getHash(Name("*").concatenate(zonename));
}
delete nsec3;
result = addNSEC3(node, q, ds, zonename);
......@@ -360,7 +364,7 @@ proveNX(Query& q, QueryTaskPtr task, const DataSrc* ds, const Name& zonename)
}
}
if ((task->flags & DataSrc::NAME_NOT_FOUND) != 0 && node != wild) {
if (wild.length() != 0 && node != wild) {
result = addNSEC3(wild, q, ds, zonename);
if (result != DataSrc::SUCCESS) {
return (result);
......@@ -811,7 +815,7 @@ NameMatch::update(const DataSrc& new_source, const Name& container)
Nsec3Param::Nsec3Param(uint8_t a, uint8_t f, uint16_t i,
const std::vector<uint8_t>& s) :
algorithm(a), flags(f), iterations(i), salt(s)
algorithm_(a), flags_(f), iterations_(i), salt_(s)
{}
string
......@@ -819,7 +823,7 @@ Nsec3Param::getHash(const Name& name) const {
OutputBuffer buf(0);
name.toWire(buf);
buf.writeData(&salt[0], salt.size());
buf.writeData(&salt_[0], salt_.size());
uint8_t* in = (uint8_t*) buf.getData();
size_t inlength = buf.getLength();
uint8_t digest[SHA1_HASHSIZE];
......@@ -832,7 +836,7 @@ Nsec3Param::getHash(const Name& name) const {
SHA1Result(&sha, digest);
in = digest;
inlength = SHA1_HASHSIZE;
} while (n++ < iterations);
} while (n++ < iterations_);
vector<uint8_t> result;
for (int i = 0; i < SHA1_HASHSIZE; ++i) {
......
......@@ -325,10 +325,10 @@ class Nsec3Param {
public:
Nsec3Param(uint8_t a, uint8_t f, uint16_t i, const std::vector<uint8_t>& s);
const uint8_t algorithm;
const uint8_t flags;
const uint16_t iterations;
const std::vector<uint8_t>& salt;
const uint8_t algorithm_;
const uint8_t flags_;
const uint16_t iterations_;
const std::vector<uint8_t> salt_;
std::string getHash(const isc::dns::Name& name) const;
};
......
......@@ -373,7 +373,7 @@ Sqlite3DataSrc::setupPreparedStatements(void) {
}
const char* q_nsec3_str = "SELECT rdtype, ttl, rdata FROM nsec3 "
"WHERE zone_id=?1 AND hash == $2";
"WHERE zone_id = ?1 AND hash = $2";
try {
q_nsec3 = prepare(q_nsec3_str);
} catch (const char* e) {
......@@ -382,10 +382,9 @@ Sqlite3DataSrc::setupPreparedStatements(void) {
throw(e);
}
#ifdef notyet
const char* q_prevnsec3_str = "SELECT rdtype, ttl, rdata FROM nsec3 "
"WHERE zone_id=?1 AND hash <= $2 "
"ORDER BY rhash DESC LIMIT 1";
const char* q_prevnsec3_str = "SELECT hash FROM nsec3 "
"WHERE zone_id = ?1 AND hash <= $2 "
"ORDER BY hash DESC LIMIT 1";
try {
q_prevnsec3 = prepare(q_prevnsec3_str);
} catch (const char* e) {
......@@ -393,7 +392,6 @@ Sqlite3DataSrc::setupPreparedStatements(void) {
cout << sqlite3_errmsg(db) << endl;
throw(e);
}
#endif
}
void
......@@ -593,16 +591,20 @@ Sqlite3DataSrc::findCoveringNSEC3(const Query& q,
int target_ttl = -1;
int sig_ttl = -1;
const Name& name(Name(hash).concatenate(zonename));
RRsetPtr rrset(new RRset(name, RRClass::IN(), RRType::NSEC3(), RRTTL(0)));
if (!target[RRType::NSEC3()]) {
RRsetPtr rrset = target[RRType::NSEC3()];
if (!rrset) {
rrset = RRsetPtr(new RRset(name, RRClass::IN(), RRType::NSEC3(),
RRTTL(0)));
rrset->addRRsig(RRsetPtr(new RRset(name, RRClass::IN(),
RRType::RRSIG(), RRTTL(0))));
target.addRRset(rrset);
}
rc = sqlite3_step(q_nsec3);
while (rc == SQLITE_ROW) {
RRType type((const char*)sqlite3_column_text(q_nsec3, 1));
int ttl = sqlite3_column_int(q_nsec3, 2);
const char* rdata = (const char*)sqlite3_column_text(q_nsec3, 3);
RRType type((const char*)sqlite3_column_text(q_nsec3, 0));
int ttl = sqlite3_column_int(q_nsec3, 1);
const char* rdata = (const char*)sqlite3_column_text(q_nsec3, 2);
if (type == RRType::NSEC3()) {
rrset->addRdata(createRdata(type, RRClass::IN(), rdata));
......
......@@ -38,14 +38,14 @@ using namespace std;
struct NSEC3PARAMImpl {
// straightforward representation of NSEC3PARAM RDATA fields
NSEC3PARAMImpl(uint8_t hashalg, uint8_t flags, uint16_t iterations,
vector<uint8_t>salt) :
const vector<uint8_t>& salt) :
hashalg_(hashalg), flags_(flags), iterations_(iterations), salt_(salt)
{}
uint8_t hashalg_;
uint8_t flags_;
uint16_t iterations_;
vector<uint8_t> salt_;
const vector<uint8_t> salt_;
};
NSEC3PARAM::NSEC3PARAM(const string& nsec3param_str) :
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment