Commit c790b4df authored by JINMEI Tatuya's avatar JINMEI Tatuya
Browse files

[1431] updated findNSEC3() and FindNSEC3Result to return #labels of closet encloser.

parent 93f4485d
......@@ -405,12 +405,14 @@ MockZoneFinder::findNSEC3(const Name& name, bool recursive) {
covering_proof = (--found_domain)->second[RRType::NSEC3()];
}
if (!recursive) { // in non recursive mode, we are done.
return (ZoneFinder::FindNSEC3Result(false, covering_proof,
return (ZoneFinder::FindNSEC3Result(false,
name.getLabelCount(),
covering_proof,
ConstRRsetPtr()));
}
} else { // exact match
return (ZoneFinder::FindNSEC3Result(
true,
true, name.getLabelCount() - i,
found_domain->second[RRType::NSEC3()],
covering_proof));
}
......@@ -1447,11 +1449,15 @@ TEST_F(QueryTest, MaxLenDNAME) {
// Test for this test module itself
void
nsec3Check(bool expected_matched, const string& expected_rrsets_txt,
nsec3Check(bool expected_matched, uint8_t expected_labels,
const string& expected_rrsets_txt,
const ZoneFinder::FindNSEC3Result& result)
{
vector<ConstRRsetPtr> actual_rrsets;
EXPECT_EQ(expected_matched, result.matched);
// Convert to int so the error messages would be more readable:
EXPECT_EQ(static_cast<int>(expected_labels),
static_cast<int>(result.closest_labels));
if (result.closest_proof) {
actual_rrsets.push_back(result.closest_proof);
}
......@@ -1463,33 +1469,42 @@ nsec3Check(bool expected_matched, const string& expected_rrsets_txt,
}
TEST_F(QueryTest, findNSEC3) {
// In all test cases in the recursive mode, the closest encloser is the
// apex, and result's closest_labels should be the number of apex labels.
// (In non recursive mode closest_labels should be the # labels of the
// query name)
const uint8_t expected_closest_labels =
Name("example.com").getLabelCount();
// Apex name. It should have a matching NSEC3
nsec3Check(true, nsec3_apex_txt,
nsec3Check(true, expected_closest_labels, nsec3_apex_txt,
mock_finder->findNSEC3(Name("example.com"), false));
// Recursive mode doesn't change the result in this case.
nsec3Check(true, nsec3_apex_txt,
nsec3Check(true, expected_closest_labels, nsec3_apex_txt,
mock_finder->findNSEC3(Name("example.com"), true));
// Non existent name. Disabling recursion, a covering NSEC3 should be
// returned.
nsec3Check(false, nsec3_www_txt,
nsec3Check(false, 4, nsec3_www_txt,
mock_finder->findNSEC3(Name("nxdomain.example.com"), false));
// Non existent name. The closest provable encloser is the apex,
// and next closer is the query name.
nsec3Check(true, string(nsec3_apex_txt) + string(nsec3_www_txt),
nsec3Check(true, expected_closest_labels,
string(nsec3_apex_txt) + string(nsec3_www_txt),
mock_finder->findNSEC3(Name("nxdomain.example.com"), true));
// Similar to the previous case, but next closer name is different
// (is the parent) of the non existent name.
nsec3Check(true, string(nsec3_apex_txt) + string(nsec3_www_txt),
nsec3Check(true, expected_closest_labels,
string(nsec3_apex_txt) + string(nsec3_www_txt),
mock_finder->findNSEC3(Name("nx.domain.example.com"), true));
// In the rest of test we check hash comparison for wrap around cases.
nsec3Check(false, nsec3_apex_txt,
nsec3Check(false, 4, nsec3_apex_txt,
mock_finder->findNSEC3(Name("nxdomain2.example.com"), false));
nsec3Check(false, nsec3_www_txt,
nsec3Check(false, 4, nsec3_www_txt,
mock_finder->findNSEC3(Name("nxdomain3.example.com"), false));
}
......
......@@ -370,16 +370,21 @@ public:
/// special interface and semantics, we use a different structure to
/// represent the result.
struct FindNSEC3Result {
FindNSEC3Result(bool param_matched,
FindNSEC3Result(bool param_matched, uint8_t param_closest_labels,
isc::dns::ConstRRsetPtr param_closest_proof,
isc::dns::ConstRRsetPtr param_next_proof) :
matched(param_matched), closest_proof(param_closest_proof),
matched(param_matched), closest_labels(param_closest_labels),
closest_proof(param_closest_proof),
next_proof(param_next_proof)
{}
/// true iff closest_proof is a matching NSEC3
const bool matched;
/// The number of labels of the identified closest encloser.
///
const uint8_t closest_labels;
/// Either the NSEC3 for the closest provable encloser of the given
/// name or NSEC3 that covers the name
const isc::dns::ConstRRsetPtr closest_proof;
......@@ -401,7 +406,8 @@ public:
/// found NSEC3 RR(set) will be returned in the closest_proof member of
/// \c FindNSEC3Result. \c matched is true or false depending on
/// the found NSEC3 is a matched one or covering one. \c next_proof
/// is always NULL.
/// is always NULL. closest_labels must be equal to the number of
/// labels of \c name (and therefore meaningless).
///
/// If \c recursive is true, it will continue the search toward the zone
/// apex (origin name) until it finds a provable encloser, that is,
......@@ -414,9 +420,13 @@ public:
/// closest encloser in \c closest_proof, and the NSEC3 for the next
/// closer name in \c next_proof of \c FindNSEC3Result. This set of
/// NSEC3 RRs provide the closest encloser proof as defined in RFC5155.
/// closest_labels will be set to the number of labels of the identified
/// closest encloser. This will be useful when the caller needs to
/// construct the closest encloser name from the original \c name.
/// If, on the other hand, the found closest name is equal to \c name,
/// this method simply returns it in \c closest_proof. \c next_proof
/// is set to NULL. In all cases \c matched is set to true.
/// closest_labels will be set to the number of labels of \c name.
///
/// When looking for NSEC3, this method retrieves NSEC3 parameters from
/// the corresponding zone to calculate hash values. Actual implementation
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment