Browse Source

[1584review] cleanup and comment update: removed redundant check for isWildcard.
also updated method description in .h to clarify it also handles NSEC3.

JINMEI Tatuya 13 years ago
parent
commit
cb086eeafa
2 changed files with 13 additions and 9 deletions
  1. 9 6
      src/bin/auth/query.cc
  2. 4 3
      src/bin/auth/query.h

+ 9 - 6
src/bin/auth/query.cc

@@ -171,10 +171,12 @@ void
 Query::addWildcardProof(ZoneFinder& finder,
                         const ZoneFinder::FindResult& db_result)
 {
-    // The query name shouldn't exist in the zone if there were no wildcard
-    // substitution.  Confirm that by specifying NO_WILDCARD.  It should result
-    // in NXDOMAIN and an NSEC RR that proves it should be returned.
-    if (db_result.isNSECSigned() && db_result.isWildcard()){
+    if (db_result.isNSECSigned()) {
+        // Case for RFC4035 Section 3.1.3.3.
+        //
+        // The query name shouldn't exist in the zone if there were no wildcard
+        // substitution.  Confirm that by specifying NO_WILDCARD.  It should
+        // result in NXDOMAIN and an NSEC RR that proves it should be returned.
         const ZoneFinder::FindResult fresult =
             finder.find(qname_, RRType::NSEC(),
                         dnssec_opt_ | ZoneFinder::NO_WILDCARD);
@@ -187,8 +189,9 @@ Query::addWildcardProof(ZoneFinder& finder,
                            boost::const_pointer_cast<AbstractRRset>(
                                fresult.rrset),
                            dnssec_);
-    } else if (db_result.isNSEC3Signed() && db_result.isWildcard()) {
-        // case for RFC5155 Section 7.2.6
+    } else if (db_result.isNSEC3Signed()) {
+        // Case for RFC5155 Section 7.2.6.
+        //
         // Note that the closest encloser must be the immediate ancestor
         // of the matching wildcard, so NSEC3 for its next closer is what
         // we are expected to provided per the RFC (if this assumption isn't

+ 4 - 3
src/bin/auth/query.h

@@ -104,9 +104,10 @@ private:
     void addNXDOMAINProof(isc::datasrc::ZoneFinder& finder,
                           isc::dns::ConstRRsetPtr nsec);
 
-    /// Add NSEC RRs that prove a wildcard answer is the best one.
+    /// Add NSEC or NSEC3 RRs that prove a wildcard answer is the best one.
     ///
-    /// This corresponds to Section 3.1.3.3 of RFC 4035.
+    /// This corresponds to Section 3.1.3.3 of RFC 4035 and Section 7.2.6
+    /// of RFC5155.
     void addWildcardProof(
         isc::datasrc::ZoneFinder& finder,
         const isc::datasrc::ZoneFinder::FindResult& dbResult);
@@ -122,7 +123,7 @@ private:
     /// <QNAME,QTTYPE>.
     void addWildcardNXRRSETProof(isc::datasrc::ZoneFinder& finder,
                                  isc::dns::ConstRRsetPtr nsec);
-    
+
     /// \brief Look up additional data (i.e., address records for the names
     /// included in NS or MX records) and add them to the additional section.
     ///