Home Explore Help
Sign In
zorun
/
kea
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

[1574b] added check for # of NSEC3 RDATA (only 1 is supported)

JINMEI Tatuya 13 years ago
parent
74fc8c25ff
commit
d17500bf67
2 changed files with 16 additions and 5 deletions
Split View Show Diff Stats
  1. 5 4
      src/lib/datasrc/memory_datasrc.cc
  2. 11 1
      src/lib/datasrc/tests/memory_datasrc_unittest.cc

+ 5 - 4
src/lib/datasrc/memory_datasrc.cc
View File 

@@ -237,11 +237,12 @@ struct InMemoryZoneFinder::InMemoryZoneFinderImpl {
 
             isc_throw(AddError, "multiple RRs of singleton type for "
 
                       << rrset->getName());
 
         }
 
-        // NSEC3PARAM is not a "singleton" per protocol, but this
 
+        // NSEC3/NSEC3PARAM is not a "singleton" per protocol, but this
 
         // implementation doesn't request it be so at the moment.
 
-        if (rrset->getType() == RRType::NSEC3PARAM() &&
 
+        if ((rrset->getType() == RRType::NSEC3() ||
 
+             rrset->getType() == RRType::NSEC3PARAM()) &&
 
             rrset->getRdataCount() > 1) {
 
-            isc_throw(AddError, "Multiple NSEC3PARAM RDATA is given for "
 
+            isc_throw(AddError, "Multiple NSEC3/NSEC3PARAM RDATA is given for "
 
                       << rrset->getName() << " which isn't supported");
 
         }
 
 
@@ -289,7 +290,7 @@ struct InMemoryZoneFinder::InMemoryZoneFinderImpl {
 
              origin_.getLabelCount() + 1)) {
 
             LOG_ERROR(logger, DATASRC_BAD_NSEC3_NAME).
 
                 arg(rrset->getName());
 
-            isc_throw(AddError, "Invalid NSEC3 owner name (wildcard): " <<
 
+            isc_throw(AddError, "Invalid NSEC3 owner name: " <<
 
                       rrset->getName());
 
         }
 
     }

+ 11 - 1
src/lib/datasrc/tests/memory_datasrc_unittest.cc
View File 

@@ -1432,6 +1432,17 @@ TEST_F(InMemoryZoneFinderTest, badNSEC3Name) {
 
                  InMemoryZoneFinder::AddError);
 
 }
 
 
+TEST_F(InMemoryZoneFinderTest, addMultiNSEC3) {
 
+    // In this current implementation multiple NSEC3 RDATA isn't supported.
 
+    RRsetPtr nsec3(new RRset(Name(string(apex_hash) + ".example.org"),
 
+                             RRClass::IN(), RRType::NSEC3(), RRTTL(300)));
 
+    nsec3->addRdata(
 
+        generic::NSEC3("1 0 12 aabbccdd 2T7B4G4VSA5SMI47K61MV5BV1A22BOJR A"));
 
+    nsec3->addRdata(
 
+        generic::NSEC3("1 1 1 ddccbbaa 2T7B4G4VSA5SMI47K61MV5BV1A22BOJR A"));
 
+    EXPECT_THROW(zone_finder_.add(nsec3), InMemoryZoneFinder::AddError);
 
+}
 
+
 
 TEST_F(InMemoryZoneFinderTest, addNSEC3WithRRSIG) {
 
     // Adding NSEC3 and its RRSIG
 
     const string nsec3_text = string(apex_hash) + ".example.org." +
 
@@ -1521,7 +1532,6 @@ TEST_F(InMemoryZoneFinderTest, multiNSEC3PARAM) {
 
 }
 
 
 // TODO
 
-// - multiple NSEC3 RDATA
 
 // - existence of NSEC3PARAM
 
 // - add NSEC3PARAM at non origin (should be ignored)
 
 }