Commit 05793b5a authored by JINMEI Tatuya's avatar JINMEI Tatuya
Browse files

[1579] suggested change: made findOnNameResult more DNSSEC agnostic

- renamed getNSECRRset to getDNSSECRRset to clarify it's for generic DNSSEC
  purpose, even though it's essentially NSEC specific.
- moved the 'isNSEC' check to the now-renamed getDNSSECRRset, thereby removing
  the need for checking that within findOnNameResult.
parent 186bacfc
......@@ -762,9 +762,13 @@ DatabaseClient::Finder::FindDNSSECContext::isNSEC() {
}
isc::dns::ConstRRsetPtr
DatabaseClient::Finder::FindDNSSECContext::getNSECRRset(
const FoundRRsets& found_set) const
DatabaseClient::Finder::FindDNSSECContext::getDNSSECRRset(
const FoundRRsets& found_set)
{
if (!isNSEC()) {
return (ConstRRsetPtr());
}
const FoundIterator nci = found_set.second.find(RRType::NSEC());
if (nci != found_set.second.end()) {
return (nci->second);
......@@ -774,8 +778,11 @@ DatabaseClient::Finder::FindDNSSECContext::getNSECRRset(
}
isc::dns::ConstRRsetPtr
DatabaseClient::Finder::FindDNSSECContext::getNSECRRset(const Name &name) const
{
DatabaseClient::Finder::FindDNSSECContext::getDNSSECRRset(const Name &name) {
if (!isNSEC()) {
return (ConstRRsetPtr());
}
const FoundRRsets wfound = finder_.getRRsets(name.toText(), NSEC_TYPES(),
true);
const FoundIterator nci = wfound.second.find(RRType::NSEC());
......@@ -892,19 +899,17 @@ DatabaseClient::Finder::findOnNameResult(const Name& name,
// provide the NSEC records. If it's for wildcard, we need to get the
// NSEC records in the name of the wildcard, not the substituted one,
// so we need to search the tree again.
ConstRRsetPtr nsec_rrset; // possibly used with DNSSEC, otherwise NULL
if (dnssec_ctx.isNSEC()) {
nsec_rrset = wild ? dnssec_ctx.getNSECRRset(Name(*wildname)) :
dnssec_ctx.getNSECRRset(found);
}
if (nsec_rrset) {
const ConstRRsetPtr dnssec_rrset =
wild ? dnssec_ctx.getDNSSECRRset(Name(*wildname)) :
dnssec_ctx.getDNSSECRRset(found);
if (dnssec_rrset) {
// This log message covers both normal and wildcard cases, so we pass
// NULL for 'wildname'.
return (logAndCreateResult(name, NULL, type, NXRRSET, nsec_rrset,
return (logAndCreateResult(name, NULL, type, NXRRSET, dnssec_rrset,
DATASRC_DATABASE_FOUND_NXRRSET_NSEC,
flags | RESULT_NSEC_SIGNED));
}
return (logAndCreateResult(name, wildname, type, NXRRSET, nsec_rrset,
return (logAndCreateResult(name, wildname, type, NXRRSET, dnssec_rrset,
wild ? DATASRC_DATABASE_WILDCARD_NXRRSET :
DATASRC_DATABASE_FOUND_NXRRSET,
flags | dnssec_ctx.getResultFlags()));
......
......@@ -883,8 +883,8 @@ public:
///
/// \param name The name which the NSEC RRset belong to.
/// \return the needed NSEC RRsets.
isc::dns::ConstRRsetPtr getNSECRRset(const isc::dns::Name&
name) const;
isc::dns::ConstRRsetPtr getDNSSECRRset(const isc::dns::Name&
name);
/// \brief Get the needed NSEC RRset.
///
......@@ -893,8 +893,8 @@ public:
/// \param found_set The RRset which contain the NSEC an other
/// type RRs.
/// \return the needed NSEC RRsets.
isc::dns::ConstRRsetPtr getNSECRRset(const FoundRRsets&
found_set) const;
isc::dns::ConstRRsetPtr getDNSSECRRset(const FoundRRsets&
found_set);
/// \brief Check whether the zone file is signed with NSECi3.
///
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment