[2157] remove SIG(0) from MessageAttributes

src/bin/auth/auth_srv.cc

@@ -553,7 +553,7 @@ AuthSrv::processMessage(const IOMessage& io_message, Message& message,
                                            **impl_->keyring_));
         tsig_error = tsig_context->verify(tsig_record, io_message.getData(),
                                           io_message.getDataSize());
-        impl_->stats_attrs_.setRequestSig(true, false,
+        impl_->stats_attrs_.setRequestSig(true,
                                           tsig_error != TSIGError::NOERROR());
     }
 

src/bin/auth/statistics.cc.pre

@@ -147,9 +147,6 @@ Counters::incRequest(const MessageAttributes& msgattrs) {
     if (msgattrs.getRequestSigTSIG()) {
         server_msg_counter_.inc(MSG_REQUEST_TSIG);
     }
-    if (msgattrs.getRequestSigSIG0()) {
-        server_msg_counter_.inc(MSG_REQUEST_SIG0);
-    }
     if (msgattrs.getRequestSigBadSig()) {
         server_msg_counter_.inc(MSG_REQUEST_BADSIG);
         // If signature validation is failed, no other query attributes are

src/bin/auth/statistics.h

@@ -48,8 +48,7 @@ private:
         REQ_IS_EDNS_0,              // EDNS ver.0
         REQ_IS_DNSSEC_OK,           // DNSSEC OK (DO) bit is set
         REQ_IS_TSIG,                // signed with valid TSIG
-        REQ_IS_SIG0,                // signed with valid SIG(0)
-        REQ_IS_BADSIG,              // signed but bad signature,
+        REQ_IS_BADSIG,              // signed but bad signature
         RES_IS_TRUNCATED,           // DNS message is truncated
         BIT_ATTRIBUTES_TYPES
     };
@@ -139,13 +138,6 @@ public:
         return (bit_attributes_[REQ_IS_TSIG]);
     }
 
-    /// \brief Get request SIG(0) signed.
-    /// \return true if request is SIG(0) signed
-    /// \throw None
-    bool getRequestSigSIG0() const {
-        return (bit_attributes_[REQ_IS_SIG0]);
-    }
-
     /// \brief Get request signature is bad.
     /// \return true if request signature is bad
     /// \throw None
@@ -155,15 +147,11 @@ public:
 
     /// \brief Set request TSIG attributes.
     /// \param is_tsig true if request is TSIG signed
-    /// \param is_sig0 true if request is SIG(0) signed
     /// \param is_badsig true if request signature is bad
     /// \throw None
-    void setRequestSig(const bool is_tsig, const bool is_sig0,
-                       const bool is_badsig)
-    {
-        assert(!(is_tsig && is_sig0));
+    void setRequestSig(const bool is_tsig, const bool is_badsig) {
+        assert(!(!is_tsig && is_badsig));
         bit_attributes_[REQ_IS_TSIG] = is_tsig;
-        bit_attributes_[REQ_IS_SIG0] = is_sig0;
         bit_attributes_[REQ_IS_BADSIG] = is_badsig;
     }
 

src/bin/auth/tests/statistics_unittest.cc.pre

@@ -302,22 +302,18 @@ TEST_F(CountersTest, incrementTSIG) {
     //      (none)     false
     //      TSIG       false
     //      TSIG       true
-    //      SIG(0)     false
-    //      SIG(0)     true
     //
     // badsig can't be true if the message does not have signature.
-    int count_req_tsig = 0, count_res_tsig = 0, count_req_sig0 = 0,
-        count_badsig = 0;
-    for (int i = 0; i < 5; ++i) {
-        const bool is_tsig = (i == 0 ? i : i+1) & 2;
-        const bool is_sig0 = (i == 0 ? i : i+1) & 4;
-        const bool is_badsig = (i == 0 ? i : i+1) & 1;
+    int count_req_tsig = 0, count_res_tsig = 0, count_badsig = 0;
+    for (int i = 0; i < 3; ++i) {
+        const bool is_tsig = (i == 2) ? true : i & 1;
+        const bool is_badsig = i & 2;
         msgattrs.setRequestIPVersion(AF_INET);
         msgattrs.setRequestTransportProtocol(IPPROTO_UDP);
         msgattrs.setRequestOpCode(Opcode::QUERY());
         msgattrs.setRequestEDNS0(true);
         msgattrs.setRequestDO(true);
-        msgattrs.setRequestSig(is_tsig, is_sig0, is_badsig);
+        msgattrs.setRequestSig(is_tsig, is_badsig);
 
         response.setRcode(Rcode::REFUSED());
         response.addQuestion(Question(Name("example.com"),
@@ -333,9 +329,6 @@ TEST_F(CountersTest, incrementTSIG) {
                 ++count_res_tsig;
             }
         }
-        if (is_sig0) {
-            ++count_req_sig0;
-        }
         if (is_badsig) {
             ++count_badsig;
         }
@@ -349,7 +342,7 @@ TEST_F(CountersTest, incrementTSIG) {
         expect["request.dnssec_ok"] = i+1 - count_badsig;
         expect["request.tsig"] = count_req_tsig;
         expect["response.tsig"] = count_res_tsig;
-        expect["request.sig0"] = count_req_sig0;
+        expect["request.sig0"] = 0;
         expect["request.badsig"] = count_badsig;
         expect["responses"] = i+1 - count_badsig;
         expect["qrynoauthans"] = i+1 - count_badsig;
@@ -376,7 +369,7 @@ TEST_F(CountersTest, incrementOpcode) {
         msgattrs.setRequestOpCode(Opcode(i));
         msgattrs.setRequestEDNS0(true);
         msgattrs.setRequestDO(true);
-        msgattrs.setRequestSig(false, false, false);
+        msgattrs.setRequestSig(false, false);
 
         response.setRcode(Rcode::REFUSED());
         response.addQuestion(Question(Name("example.com"),
@@ -434,7 +427,7 @@ TEST_F(CountersTest, incrementRcode) {
         msgattrs.setRequestOpCode(Opcode::IQUERY());
         msgattrs.setRequestEDNS0(true);
         msgattrs.setRequestDO(true);
-        msgattrs.setRequestSig(false, false, false);
+        msgattrs.setRequestSig(false, false);
 
         response.setRcode(Rcode(i));
         response.addQuestion(Question(Name("example.com"),
@@ -497,7 +490,7 @@ TEST_F(CountersTest, incrementTruncated) {
         msgattrs.setRequestOpCode(Opcode::IQUERY());
         msgattrs.setRequestEDNS0(true);
         msgattrs.setRequestDO(true);
-        msgattrs.setRequestSig(false, false, false);
+        msgattrs.setRequestSig(false, false);
         msgattrs.setResponseTruncated(is_truncated);
 
         response.setRcode(Rcode::SERVFAIL());
@@ -543,7 +536,7 @@ TEST_F(CountersTest, incrementQryAuthAnsAndNoAuthAns) {
         msgattrs.setRequestOpCode(Opcode::QUERY());
         msgattrs.setRequestEDNS0(true);
         msgattrs.setRequestDO(true);
-        msgattrs.setRequestSig(false, false, false);
+        msgattrs.setRequestSig(false, false);
 
         response.setRcode(Rcode::SERVFAIL());
         response.addQuestion(Question(Name("example.com"),
@@ -583,7 +576,7 @@ TEST_F(CountersTest, incrementQrySuccess) {
     msgattrs.setRequestOpCode(Opcode::QUERY());
     msgattrs.setRequestEDNS0(true);
     msgattrs.setRequestDO(true);
-    msgattrs.setRequestSig(false, false, false);
+    msgattrs.setRequestSig(false, false);
 
     response.setRcode(Rcode::NOERROR());
     response.addQuestion(Question(Name("example.com"),
@@ -632,7 +625,7 @@ TEST_F(CountersTest, incrementQryReferralAndNxrrset) {
         msgattrs.setRequestOpCode(Opcode::QUERY());
         msgattrs.setRequestEDNS0(true);
         msgattrs.setRequestDO(true);
-        msgattrs.setRequestSig(false, false, false);
+        msgattrs.setRequestSig(false, false);
 
         response.setRcode(Rcode::NOERROR());
         response.addQuestion(Question(Name("example.com"),
@@ -675,7 +668,7 @@ TEST_F(CountersTest, incrementAuthQryRej) {
     msgattrs.setRequestOpCode(Opcode::QUERY());
     msgattrs.setRequestEDNS0(true);
     msgattrs.setRequestDO(true);
-    msgattrs.setRequestSig(false, false, false);
+    msgattrs.setRequestSig(false, false);
 
     response.setRcode(Rcode::REFUSED());
     response.addQuestion(Question(Name("example.com"),