Browse Source

[1431] updated findNSEC3() and FindNSEC3Result to return #labels of closet encloser.

JINMEI Tatuya 13 years ago
parent
commit
c790b4dfc1
2 changed files with 38 additions and 13 deletions
  1. 25 10
      src/bin/auth/tests/query_unittest.cc
  2. 13 3
      src/lib/datasrc/zone.h

+ 25 - 10
src/bin/auth/tests/query_unittest.cc

@@ -405,12 +405,14 @@ MockZoneFinder::findNSEC3(const Name& name, bool recursive) {
                 covering_proof = (--found_domain)->second[RRType::NSEC3()];
             }
             if (!recursive) {   // in non recursive mode, we are done.
-                return (ZoneFinder::FindNSEC3Result(false, covering_proof,
+                return (ZoneFinder::FindNSEC3Result(false,
+                                                    name.getLabelCount(),
+                                                    covering_proof,
                                                     ConstRRsetPtr()));
             }
         } else {                // exact match
             return (ZoneFinder::FindNSEC3Result(
-                        true,
+                        true, name.getLabelCount() - i,
                         found_domain->second[RRType::NSEC3()],
                         covering_proof));
         }
@@ -1447,11 +1449,15 @@ TEST_F(QueryTest, MaxLenDNAME) {
 
 // Test for this test module itself
 void
-nsec3Check(bool expected_matched, const string& expected_rrsets_txt,
+nsec3Check(bool expected_matched, uint8_t expected_labels,
+           const string& expected_rrsets_txt,
            const ZoneFinder::FindNSEC3Result& result)
 {
     vector<ConstRRsetPtr> actual_rrsets;
     EXPECT_EQ(expected_matched, result.matched);
+    // Convert to int so the error messages would be more readable:
+    EXPECT_EQ(static_cast<int>(expected_labels),
+              static_cast<int>(result.closest_labels));
     if (result.closest_proof) {
         actual_rrsets.push_back(result.closest_proof);
     }
@@ -1463,33 +1469,42 @@ nsec3Check(bool expected_matched, const string& expected_rrsets_txt,
 }
 
 TEST_F(QueryTest, findNSEC3) {
+    // In all test cases in the recursive mode, the closest encloser is the
+    // apex, and result's closest_labels should be the number of apex labels.
+    // (In non recursive mode closest_labels should be the # labels of the
+    // query name)
+    const uint8_t expected_closest_labels =
+        Name("example.com").getLabelCount();
+
     // Apex name.  It should have a matching NSEC3
-    nsec3Check(true, nsec3_apex_txt,
+    nsec3Check(true, expected_closest_labels, nsec3_apex_txt,
                mock_finder->findNSEC3(Name("example.com"), false));
 
     // Recursive mode doesn't change the result in this case.
-    nsec3Check(true, nsec3_apex_txt,
+    nsec3Check(true, expected_closest_labels, nsec3_apex_txt,
                mock_finder->findNSEC3(Name("example.com"), true)); 
 
     // Non existent name.  Disabling recursion, a covering NSEC3 should be
     // returned.
-    nsec3Check(false, nsec3_www_txt,
+    nsec3Check(false, 4, nsec3_www_txt,
                mock_finder->findNSEC3(Name("nxdomain.example.com"), false));
 
     // Non existent name.  The closest provable encloser is the apex,
     // and next closer is the query name.
-    nsec3Check(true, string(nsec3_apex_txt) + string(nsec3_www_txt),
+    nsec3Check(true, expected_closest_labels,
+               string(nsec3_apex_txt) + string(nsec3_www_txt),
                mock_finder->findNSEC3(Name("nxdomain.example.com"), true));
 
     // Similar to the previous case, but next closer name is different
     // (is the parent) of the non existent name.
-    nsec3Check(true, string(nsec3_apex_txt) + string(nsec3_www_txt),
+    nsec3Check(true, expected_closest_labels,
+               string(nsec3_apex_txt) + string(nsec3_www_txt),
                mock_finder->findNSEC3(Name("nx.domain.example.com"), true));
 
     // In the rest of test we check hash comparison for wrap around cases.
-    nsec3Check(false, nsec3_apex_txt,
+    nsec3Check(false, 4, nsec3_apex_txt,
                mock_finder->findNSEC3(Name("nxdomain2.example.com"), false));
-    nsec3Check(false, nsec3_www_txt,
+    nsec3Check(false, 4, nsec3_www_txt,
                mock_finder->findNSEC3(Name("nxdomain3.example.com"), false));
 }
 

+ 13 - 3
src/lib/datasrc/zone.h

@@ -370,16 +370,21 @@ public:
     /// special interface and semantics, we use a different structure to
     /// represent the result.
     struct FindNSEC3Result {
-        FindNSEC3Result(bool param_matched,
+        FindNSEC3Result(bool param_matched, uint8_t param_closest_labels,
                         isc::dns::ConstRRsetPtr param_closest_proof,
                         isc::dns::ConstRRsetPtr param_next_proof) :
-            matched(param_matched), closest_proof(param_closest_proof),
+            matched(param_matched), closest_labels(param_closest_labels),
+            closest_proof(param_closest_proof),
             next_proof(param_next_proof)
         {}
 
         /// true iff closest_proof is a matching NSEC3
         const bool matched;
 
+        /// The number of labels of the identified closest encloser.
+        ///
+        const uint8_t closest_labels;
+
         /// Either the NSEC3 for the closest provable encloser of the given
         /// name or NSEC3 that covers the name
         const isc::dns::ConstRRsetPtr closest_proof;
@@ -401,7 +406,8 @@ public:
     /// found NSEC3 RR(set) will be returned in the closest_proof member of
     /// \c FindNSEC3Result.  \c matched is true or false depending on
     /// the found NSEC3 is a matched one or covering one.  \c next_proof
-    /// is always NULL.
+    /// is always NULL.  closest_labels must be equal to the number of
+    /// labels of \c name (and therefore meaningless).
     ///
     /// If \c recursive is true, it will continue the search toward the zone
     /// apex (origin name) until it finds a provable encloser, that is,
@@ -414,9 +420,13 @@ public:
     /// closest encloser in \c closest_proof, and the NSEC3 for the next
     /// closer name in \c next_proof of \c FindNSEC3Result.  This set of
     /// NSEC3 RRs provide the closest encloser proof as defined in RFC5155.
+    /// closest_labels will be set to the number of labels of the identified
+    /// closest encloser.  This will be useful when the caller needs to
+    /// construct the closest encloser name from the original \c name.
     /// If, on the other hand, the found closest name is equal to \c name,
     /// this method simply returns it in \c closest_proof.  \c next_proof
     /// is set to NULL.  In all cases \c matched is set to true.
+    /// closest_labels will be set to the number of labels of \c name.
     ///
     /// When looking for NSEC3, this method retrieves NSEC3 parameters from
     /// the corresponding zone to calculate hash values.  Actual implementation