Commit b3daacd1 authored by JINMEI Tatuya's avatar JINMEI Tatuya
Browse files

[1307] documentation/comment update

parent 499668ed
......@@ -124,6 +124,15 @@ Query::addNXDOMAINProof(ZoneFinder& finder, ConstRRsetPtr nsec) {
response_.addRRset( Message::SECTION_AUTHORITY,
boost::const_pointer_cast<RRset>(nsec), dnssec_);
// Next, identify the best possible wildcard name that would match
// the query name. It's the longer common suffix with the qname
// between the owner or the next domain of the NSEC that proves NXDOMAIN,
// prefixed by the wildcard label, "*". For example, for query name
//, if the NXDOMAIN NSEC is
// NSEC, the longer suffix is,
// and the best possible wildcard is * If the NXDOMAIN
// NSEC is NSEC, the longer suffix
// is the next domain of the NSEC, and we get the same wildcard name.
const int qlabels = qname_.getLabelCount();
const int olabels =>getName()).getCommonLabels();
const int nlabels =
......@@ -133,6 +142,10 @@ Query::addNXDOMAINProof(ZoneFinder& finder, ConstRRsetPtr nsec) {
const int common_labels = std::max(olabels, nlabels);
const Name wildname(Name("*").concatenate(qname_.split(qlabels -
// Confirm the wildcard doesn't exist (this should result in NXDOMAIN;
// otherwise we shouldn't have got NXDOMAIN for the original query in
// the first place).
const ZoneFinder::FindResult fresult = finder.find(wildname,
......@@ -71,7 +71,9 @@ private:
void putSOA(isc::datasrc::ZoneFinder& zone);
/// TBD
/// Add NSEC RRs that prove an NXDOMAIN result.
/// This corresponds to Section of RFC 4035.
void addNXDOMAINProof(isc::datasrc::ZoneFinder& finder,
isc::dns::ConstRRsetPtr nsec);
......@@ -214,8 +216,11 @@ public:
/// TBD
/// An invalid result is given when a valid NSEC is expected
// This can only happen when the underlying data source implementation or
/// the zone is broken. By throwing an exception we treat such cases
/// as SERVFAIL.
struct BadNSEC : public BadZone {
BadNSEC(const char* file, size_t line, const char* what) :
BadZone(file, line, what)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment