Commit f7c0410f authored by Mukund Sivaraman's avatar Mukund Sivaraman Committed by JINMEI Tatuya
Browse files

[1899] Allow other RRtypes in nsec3 table (for RRSIGs)

* The unique constraint on NSEC3 owner per zone is now removed
* NSEC3 RRSIGs are now returned next to their RR set
* Test was adjusted to check for RRSIGs too
parent 13089ae1
......@@ -197,10 +197,8 @@ UPGRADES = [
{'from': (2, 0), 'to': (2, 1),
'statements': [
# Enforce that only one NSEC3 RR exists for an owner name in
# the zone.
"CREATE UNIQUE INDEX nsec3_by_zoneid_and_owner ON nsec3 " +
"(zone_id, owner)"
"CREATE INDEX nsec3_byhash_and_rdtype ON nsec3 " +
"(hash, rdtype)"
]
}
......
......@@ -111,11 +111,9 @@ const char* const text_statements[NUM_STATEMENTS] = {
// ITERATE_NSEC3:
// The following iterates the whole zone in the nsec3 table. As the
// RRSIGs are for NSEC3s, we can hardcode the sigtype. As there is
// only one RR per-owner per-zone, there's no need to order these
// for the sake of any post-processing.
// RRSIGs are for NSEC3s, we can hardcode the sigtype.
"SELECT rdtype, ttl, \"NSEC3\", rdata, owner FROM nsec3 "
"WHERE zone_id = ?1",
"WHERE zone_id = ?1 ORDER BY hash, rdtype",
/*
* This one looks for previous name with NSEC record. It is done by
* using the reversed name. The NSEC is checked because we need to
......@@ -359,8 +357,7 @@ const char* const SCHEMA_LIST[] = {
"ttl INTEGER NOT NULL, rdtype TEXT NOT NULL COLLATE NOCASE, "
"rdata TEXT NOT NULL)",
"CREATE INDEX nsec3_byhash ON nsec3 (hash)",
// Enforce that only one NSEC3 RR exists for an owner name in the zone.
"CREATE UNIQUE INDEX nsec3_by_zoneid_and_owner ON nsec3 (zone_id, owner)",
"CREATE INDEX nsec3_byhash_and_rdtype ON nsec3 (hash, rdtype)",
"CREATE TABLE diffs (id INTEGER PRIMARY KEY, "
"zone_id INTEGER NOT NULL, "
"version INTEGER NOT NULL, "
......
......@@ -193,6 +193,9 @@ TEST_F(SQLite3AccessorTest, iterator) {
checkRR(context, "www.example.org.", "3600", "A", "192.0.2.1");
checkRR(context, "ns3.example.org.", "3600", "NSEC3",
"1 1 12 aabbccdd 2T7B4G4VSA5SMI47K61MV5BV1A22BOJR A RRSIG");
checkRR(context, "ns3.example.org.", "3600", "RRSIG",
"NSEC3 5 3 3600 20000101000000 20000201000000 "
"12345 ns3.example.org. FAKEFAKEFAKE");
// Check there's no other
EXPECT_FALSE(context->getNext(data));
......
......@@ -81,9 +81,7 @@ def create(cur):
rdtype TEXT NOT NULL COLLATE NOCASE,
rdata TEXT NOT NULL)""")
cur.execute("CREATE INDEX nsec3_byhash ON nsec3 (hash)")
# Enforce that only one NSEC3 RR exists for an owner name in the zone.
cur.execute("""CREATE UNIQUE INDEX nsec3_by_zoneid_and_owner ON nsec3
(zone_id, owner)""");
cur.execute("CREATE INDEX nsec3_byhash_and_rdtype ON nsec3 (hash, rdtype)")
cur.execute("""CREATE TABLE diffs (id INTEGER PRIMARY KEY,
zone_id INTEGER NOT NULL,
version INTEGER NOT NULL,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment