Commit 342c2044 authored by JINMEI Tatuya's avatar JINMEI Tatuya
Browse files

initial implementation of the auth query class


git-svn-id: svn://bind10.isc.org/svn/bind10/branches/trac415@3653 e5f2f494-b856-4b98-b285-d166d9295462
parent 5f8501ff
......@@ -56,6 +56,7 @@ libasio_link_a_CPPFLAGS = $(AM_CPPFLAGS)
BUILT_SOURCES = spec_config.h
pkglibexec_PROGRAMS = b10-auth
b10_auth_SOURCES = auth_srv.cc auth_srv.h
b10_auth_SOURCES += query.cc query.h
b10_auth_SOURCES += change_user.cc change_user.h
b10_auth_SOURCES += common.h
b10_auth_SOURCES += main.cc
......
......@@ -199,6 +199,7 @@ public:
/// is shutdown.
///
void setXfrinSession(isc::cc::AbstractSession* xfrin_session);
private:
AuthSrvImpl* impl_;
};
......
// Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC")
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
// PERFORMANCE OF THIS SOFTWARE.
#include <dns/message.h>
#include <dns/rcode.h>
#include <datasrc/zonetable.h>
#include <auth/query.h>
using namespace isc::dns;
using namespace isc::datasrc;
namespace isc {
namespace auth {
void
Query::process() const {
const ZoneTable::FindResult result = zone_table_.find(qname_);
if (result.code != ZoneTable::SUCCESS &&
result.code != ZoneTable::PARTIALMATCH) {
response_.setRcode(Rcode::SERVFAIL());
return;
}
// Right now we have no code to search the zone, so we simply return
// NXDOMAIN for tests.
response_.setRcode(Rcode::NXDOMAIN());
}
}
}
/*
* Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC")
*
* Permission to use, copy, modify, and/or distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
* REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
* AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
* OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
*/
namespace isc {
namespace dns {
class Message;
class Name;
class RRType;
}
namespace datasrc {
class ZoneTable;
}
namespace auth {
/// The \c Query class represents a standard DNS query that encapsulates
/// processing logic to answer the query.
///
/// Many of the design details for this class are still in flux.
/// We'll revisit and update them as we add more functionality, for example:
/// - zone_table parameter of the constructor. This will eventually be
/// replaced with a generic DataSrc object, or perhaps a notion of "view".
/// - as a related point, we may have to pass the RR class of the query.
/// in the initial implementation the RR class is an attribute of zone
/// table and omitted. It's not clear if this assumption holds with
/// generic data sources. On the other hand, it will help keep
/// implementation simpler, and we might rather want to modify the design
/// of the data source on this point.
/// - return value of process(). rather than setting the Rcode, we might use
/// it as a return value of \c process().
/// - we'll have to be able to specify whether DNSSEC is requested.
/// It's an open question whether it should be in the constructor or via a
/// separate attribute setter.
/// - likewise, we'll eventually need to do per zone access control, for which
/// we need querier's information such as its IP address.
/// - zone_table (or DataSrc eventually) and response may better be parameters
/// to process() instead of the constructor.
class Query {
public:
/// Constructor from query parameters.
///
/// This constructor never throws an exception.
///
/// \param zone_table The zone table wherein the answer to the query is
/// to be found.
/// \param qname The query name
/// \param qtype The RR type of the query
/// \param response The response message to store the answer to the query.
Query(const isc::datasrc::ZoneTable& zone_table,
const isc::dns::Name& qname, const isc::dns::RRType& qtype,
isc::dns::Message& response) :
zone_table_(zone_table), qname_(qname), qtype_(qtype),
response_(response)
{}
/// Process the query.
///
/// This method first identifies the zone that best matches the query
/// name (and in some cases RR type when the search is dependent on the
/// type) and then searches the zone that best matches the query name.
/// It then updates the response message accordingly; for example, a
/// successful search would result in adding a corresponding RRset to
/// the answer section of the response.
///
/// If no matching zone is found in the zone table, the \c Rcode of
/// SERVFAIL will be set in the response.
///
/// Right now this method never throws an exception, but it may in a
/// future version.
void process() const;
private:
const isc::datasrc::ZoneTable& zone_table_;
const isc::dns::Name& qname_;
const isc::dns::RRType& qtype_;
isc::dns::Message& response_;
};
}
}
// Local Variables:
// mode: c++
// End:
......@@ -21,8 +21,10 @@ TESTS += run_unittests
run_unittests_SOURCES = $(top_srcdir)/src/lib/dns/tests/unittest_util.h
run_unittests_SOURCES += $(top_srcdir)/src/lib/dns/tests/unittest_util.cc
run_unittests_SOURCES += ../auth_srv.h ../auth_srv.cc
run_unittests_SOURCES += ../query.h ../query.cc
run_unittests_SOURCES += ../change_user.h ../change_user.cc
run_unittests_SOURCES += auth_srv_unittest.cc
run_unittests_SOURCES += query_unittest.cc
run_unittests_SOURCES += change_user_unittest.cc
run_unittests_SOURCES += asio_link_unittest.cc
run_unittests_SOURCES += run_unittests.cc
......
// Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC")
//
// Permission to use, copy, modify, and/or distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
// REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
// AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
// INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
// LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
// OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
// PERFORMANCE OF THIS SOFTWARE.
#include <dns/message.h>
#include <dns/name.h>
#include <dns/rcode.h>
#include <dns/rrtype.h>
#include <datasrc/zonetable.h>
#include <auth/query.h>
#include <gtest/gtest.h>
using namespace isc::dns;
using namespace isc::datasrc;
using namespace isc::auth;
namespace {
class QueryTest : public ::testing::Test {
protected:
QueryTest() :
qname(Name("www.example.com")), qclass(RRClass::IN()),
qtype(RRType::A()), response(Message::RENDER),
query(zone_table, qname, qtype, response)
{
response.setRcode(Rcode::NOERROR());
}
ZoneTable zone_table;
const Name qname;
const RRClass qclass;
const RRType qtype;
Message response;
Query query;
};
TEST_F(QueryTest, noZone) {
// There's no zone in the zone table. So the response should have
// SERVFAIL.
query.process();
EXPECT_EQ(Rcode::SERVFAIL(), response.getRcode());
}
TEST_F(QueryTest, matchZone) {
// add a matching zone. since the zone is empty right now, the response
// should have NXDOMAIN.
zone_table.add(ZonePtr(new Zone(qclass, Name("example.com"))));
query.process();
EXPECT_EQ(Rcode::NXDOMAIN(), response.getRcode());
}
TEST_F(QueryTest, noMatchZone) {
// there's a zone in the table but it doesn't match the qname. should
// result in SERVFAIL.
zone_table.add(ZonePtr(new Zone(qclass, Name("example.org"))));
query.process();
EXPECT_EQ(Rcode::SERVFAIL(), response.getRcode());
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment