Commit 694ee392 authored by JINMEI Tatuya's avatar JINMEI Tatuya
Browse files

[1584review] added a test for a run time collision case for wildcard + NSEC3.

main code was simplified; we let Message::addRRset() catch the error and throw.
parent 863e56e6
...@@ -195,10 +195,9 @@ Query::addWildcardProof(ZoneFinder& finder, ...@@ -195,10 +195,9 @@ Query::addWildcardProof(ZoneFinder& finder,
// met the zone is broken anyway). // met the zone is broken anyway).
const ZoneFinder::FindNSEC3Result NSEC3Result( const ZoneFinder::FindNSEC3Result NSEC3Result(
finder.findNSEC3(qname_, true)); finder.findNSEC3(qname_, true));
if (NULL == NSEC3Result.next_proof) { // Note that at this point next_proof must not be NULL unless it's
isc_throw(BadNSEC3, "Unexpected NSEC3 " // a run time collision (or zone/findNSEC3() is broken). The
"result for wildcard proof"); // unexpected case will be caught in addRRset() and result in SERVFAIL.
}
response_.addRRset(Message::SECTION_AUTHORITY, response_.addRRset(Message::SECTION_AUTHORITY,
boost::const_pointer_cast<AbstractRRset>( boost::const_pointer_cast<AbstractRRset>(
NSEC3Result.next_proof), dnssec_); NSEC3Result.next_proof), dnssec_);
......
...@@ -1415,6 +1415,20 @@ TEST_F(QueryTest, CNAMEwildNSEC3) { ...@@ -1415,6 +1415,20 @@ TEST_F(QueryTest, CNAMEwildNSEC3) {
mock_finder->getOrigin()); mock_finder->getOrigin());
} }
TEST_F(QueryTest, badWildcardNSEC3) {
// Similar to wildcardNSEC3, but emulating run time collision by
// returning NULL in the next closer proof for the closest encloser
// proof.
mock_finder->setNSEC3Flag(true);
ZoneFinder::FindNSEC3Result nsec3(true, 0, textToRRset(nsec3_apex_txt),
ConstRRsetPtr());
mock_finder->setNSEC3Result(&nsec3);
EXPECT_THROW(Query(memory_client, Name("www.wild.example.com"),
RRType::A(), response, true).process(),
isc::InvalidParameter);
}
TEST_F(QueryTest, badWildcardProof1) { TEST_F(QueryTest, badWildcardProof1) {
// Unexpected case in wildcard proof: ZoneFinder::find() returns SUCCESS // Unexpected case in wildcard proof: ZoneFinder::find() returns SUCCESS
// when NXDOMAIN is expected. // when NXDOMAIN is expected.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment