Home Explore Help
Sign In
zorun
/
kea
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

[2585] don't perform wildcard substitution for NXRRSET NSEC.

test cases aren't incomplete, so it's revised to cover all combinations.
JINMEI Tatuya 12 years ago
parent
52b0979f34
commit
d14e31cb67
2 changed files with 31 additions and 6 deletions
Split View Show Diff Stats
  1. 5 1
      src/lib/datasrc/memory/zone_finder.cc
  2. 26 5
      src/lib/datasrc/tests/memory/zone_finder_unittest.cc

+ 5 - 1
src/lib/datasrc/memory/zone_finder.cc
View File 

@@ -893,9 +893,13 @@ InMemoryZoneFinder::findInternal(const isc::dns::Name& name,
 
         }
 
     }
 
     // No exact match or CNAME.  Get NSEC if necessary and return NXRRSET.
 
+    // Note that we don't have to provide the "real name" even if this is
 
+    // a wildcard; if NSEC is needed its owner name shouldn't be subject to
 
+    // wildcard substitution; if NSEC isn't needed the "real name" doesn't
 
+    // matter anyway.
 
     return (createFindResult(rrclass_, zone_data_, NXRRSET, node,
 
                              getNSECForNXRRSET(zone_data_, options, node),
 
-                             options, wild, &name));
 
+                             options, wild));
 
 }
 
 
 isc::datasrc::ZoneFinder::FindNSEC3Result

+ 26 - 5
src/lib/datasrc/tests/memory/zone_finder_unittest.cc
View File 

@@ -1142,21 +1142,42 @@ InMemoryZoneFinderTest::wildcardCheck(
 
     }
 
 }
 
 
+// We have combinations of these cases (6 in total)
 
+// expected_flags: NSEC, NSEC3, RESULT_DEFAULT
 
+// options: NO_WILDCARD, FIND_DEFAULT
 
+
 
+// 1. Normal case: expected = DEFAULT, options = DEFAULT
 
 TEST_F(InMemoryZoneFinderTest, wildcard) {
 
-    // Normal case
 
     wildcardCheck();
 
 }
 
 
+// 2. options: expected = DEFAULT, options = NO_WILDCARD
 
+TEST_F(InMemoryZoneFinderTest, wildcardDisabled) {
 
+    // Similar to the previous once, but check the behavior for a non signed
 
+    // zone just in case.
 
+    wildcardCheck(ZoneFinder::RESULT_DEFAULT, ZoneFinder::NO_WILDCARD);
 
+}
 
+
 
+// 3. options: expected = NSEC_SIGNED, options = DEFAULT
 
+TEST_F(InMemoryZoneFinderTest, wildcardWithNSEC) {
 
+    wildcardCheck(ZoneFinder::RESULT_NSEC_SIGNED, ZoneFinder::FIND_DEFAULT);
 
+}
 
+
 
+// 4. options: expected = NSEC_SIGNED, options = NO_WILDCARD
 
 TEST_F(InMemoryZoneFinderTest, wildcardDisabledWithNSEC) {
 
     // Wildcard is disabled.  In practice, this is used as part of query
 
     // processing for an NSEC-signed zone, so we test that case specifically.
 
     wildcardCheck(ZoneFinder::RESULT_NSEC_SIGNED, ZoneFinder::NO_WILDCARD);
 
 }
 
 
-TEST_F(InMemoryZoneFinderTest, wildcardDisabledWithoutNSEC) {
 
-    // Similar to the previous once, but check the behavior for a non signed
 
-    // zone just in case.
 
-    wildcardCheck(ZoneFinder::RESULT_DEFAULT, ZoneFinder::NO_WILDCARD);
 
+// 5. options: expected = NSEC3_SIGNED, options = DEFAULT
 
+TEST_F(InMemoryZoneFinderTest, wildcardWithNSEC3) {
 
+    wildcardCheck(ZoneFinder::RESULT_NSEC3_SIGNED, ZoneFinder::FIND_DEFAULT);
 
+}
 
+
 
+// 6. options: expected = NSEC3_SIGNED, options = DEFAULT
 
+TEST_F(InMemoryZoneFinderTest, wildcardDisabledWithNSEC3) {
 
+    wildcardCheck(ZoneFinder::RESULT_NSEC3_SIGNED, ZoneFinder::NO_WILDCARD);
 
 }
 
 
 /*