Commit 05793b5a authored by JINMEI Tatuya's avatar JINMEI Tatuya
Browse files

[1579] suggested change: made findOnNameResult more DNSSEC agnostic

- renamed getNSECRRset to getDNSSECRRset to clarify it's for generic DNSSEC
  purpose, even though it's essentially NSEC specific.
- moved the 'isNSEC' check to the now-renamed getDNSSECRRset, thereby removing
  the need for checking that within findOnNameResult.
parent 186bacfc
...@@ -762,9 +762,13 @@ DatabaseClient::Finder::FindDNSSECContext::isNSEC() { ...@@ -762,9 +762,13 @@ DatabaseClient::Finder::FindDNSSECContext::isNSEC() {
} }
isc::dns::ConstRRsetPtr isc::dns::ConstRRsetPtr
DatabaseClient::Finder::FindDNSSECContext::getNSECRRset( DatabaseClient::Finder::FindDNSSECContext::getDNSSECRRset(
const FoundRRsets& found_set) const const FoundRRsets& found_set)
{ {
if (!isNSEC()) {
return (ConstRRsetPtr());
}
const FoundIterator nci = found_set.second.find(RRType::NSEC()); const FoundIterator nci = found_set.second.find(RRType::NSEC());
if (nci != found_set.second.end()) { if (nci != found_set.second.end()) {
return (nci->second); return (nci->second);
...@@ -774,8 +778,11 @@ DatabaseClient::Finder::FindDNSSECContext::getNSECRRset( ...@@ -774,8 +778,11 @@ DatabaseClient::Finder::FindDNSSECContext::getNSECRRset(
} }
isc::dns::ConstRRsetPtr isc::dns::ConstRRsetPtr
DatabaseClient::Finder::FindDNSSECContext::getNSECRRset(const Name &name) const DatabaseClient::Finder::FindDNSSECContext::getDNSSECRRset(const Name &name) {
{ if (!isNSEC()) {
return (ConstRRsetPtr());
}
const FoundRRsets wfound = finder_.getRRsets(name.toText(), NSEC_TYPES(), const FoundRRsets wfound = finder_.getRRsets(name.toText(), NSEC_TYPES(),
true); true);
const FoundIterator nci = wfound.second.find(RRType::NSEC()); const FoundIterator nci = wfound.second.find(RRType::NSEC());
...@@ -892,19 +899,17 @@ DatabaseClient::Finder::findOnNameResult(const Name& name, ...@@ -892,19 +899,17 @@ DatabaseClient::Finder::findOnNameResult(const Name& name,
// provide the NSEC records. If it's for wildcard, we need to get the // provide the NSEC records. If it's for wildcard, we need to get the
// NSEC records in the name of the wildcard, not the substituted one, // NSEC records in the name of the wildcard, not the substituted one,
// so we need to search the tree again. // so we need to search the tree again.
ConstRRsetPtr nsec_rrset; // possibly used with DNSSEC, otherwise NULL const ConstRRsetPtr dnssec_rrset =
if (dnssec_ctx.isNSEC()) { wild ? dnssec_ctx.getDNSSECRRset(Name(*wildname)) :
nsec_rrset = wild ? dnssec_ctx.getNSECRRset(Name(*wildname)) : dnssec_ctx.getDNSSECRRset(found);
dnssec_ctx.getNSECRRset(found); if (dnssec_rrset) {
}
if (nsec_rrset) {
// This log message covers both normal and wildcard cases, so we pass // This log message covers both normal and wildcard cases, so we pass
// NULL for 'wildname'. // NULL for 'wildname'.
return (logAndCreateResult(name, NULL, type, NXRRSET, nsec_rrset, return (logAndCreateResult(name, NULL, type, NXRRSET, dnssec_rrset,
DATASRC_DATABASE_FOUND_NXRRSET_NSEC, DATASRC_DATABASE_FOUND_NXRRSET_NSEC,
flags | RESULT_NSEC_SIGNED)); flags | RESULT_NSEC_SIGNED));
} }
return (logAndCreateResult(name, wildname, type, NXRRSET, nsec_rrset, return (logAndCreateResult(name, wildname, type, NXRRSET, dnssec_rrset,
wild ? DATASRC_DATABASE_WILDCARD_NXRRSET : wild ? DATASRC_DATABASE_WILDCARD_NXRRSET :
DATASRC_DATABASE_FOUND_NXRRSET, DATASRC_DATABASE_FOUND_NXRRSET,
flags | dnssec_ctx.getResultFlags())); flags | dnssec_ctx.getResultFlags()));
......
...@@ -883,8 +883,8 @@ public: ...@@ -883,8 +883,8 @@ public:
/// ///
/// \param name The name which the NSEC RRset belong to. /// \param name The name which the NSEC RRset belong to.
/// \return the needed NSEC RRsets. /// \return the needed NSEC RRsets.
isc::dns::ConstRRsetPtr getNSECRRset(const isc::dns::Name& isc::dns::ConstRRsetPtr getDNSSECRRset(const isc::dns::Name&
name) const; name);
/// \brief Get the needed NSEC RRset. /// \brief Get the needed NSEC RRset.
/// ///
...@@ -893,8 +893,8 @@ public: ...@@ -893,8 +893,8 @@ public:
/// \param found_set The RRset which contain the NSEC an other /// \param found_set The RRset which contain the NSEC an other
/// type RRs. /// type RRs.
/// \return the needed NSEC RRsets. /// \return the needed NSEC RRsets.
isc::dns::ConstRRsetPtr getNSECRRset(const FoundRRsets& isc::dns::ConstRRsetPtr getDNSSECRRset(const FoundRRsets&
found_set) const; found_set);
/// \brief Check whether the zone file is signed with NSECi3. /// \brief Check whether the zone file is signed with NSECi3.
/// ///
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment