13 years ago · e2ede2f46b
--- a/src/bin/auth/query.cc
+++ b/src/bin/auth/query.cc
@@ -254,7 +254,7 @@ Query::addDS(ZoneFinder& finder, const Name& dname) {
 
				                            boost::const_pointer_cast<RRset>(ds_result.rrset),
			
 
				                            dnssec_);
			
 
				     } else if (ds_result.code == ZoneFinder::NXRRSET) {
			
 
				-        addNXRRsetDenial(finder, ds_result);
			
 
				+        addNXRRsetProof(finder, ds_result);
			
 
				     } else {
			
 
				         // Any other case should be an error
			
 
				         isc_throw(BadDS, "Unexpected result for DS lookup for delegation");
			
@@ -262,8 +262,8 @@ Query::addDS(ZoneFinder& finder, const Name& dname) {
 
				 }
			
 
				 
			
 
				 void
			
 
				-Query::addNXRRsetDenial(ZoneFinder& finder,
			
 
				-                        const ZoneFinder::FindResult& db_result)
			
 
				+Query::addNXRRsetProof(ZoneFinder& finder,
			
 
				+                       const ZoneFinder::FindResult& db_result)
			
 
				 {
			
 
				     if (db_result.isNSECSigned() && db_result.rrset) {
			
 
				         response_.addRRset(Message::SECTION_AUTHORITY,
			
@@ -447,7 +447,7 @@ Query::process() {
 
				         case ZoneFinder::NXRRSET:
			
 
				             addSOA(*result.zone_finder);
			
 
				             if (dnssec_) {
			
 
				-                addNXRRsetDenial(zfinder, db_result);
			
 
				+                addNXRRsetProof(zfinder, db_result);
			
 
				             }
			
 
				             break;
			
 
				         default:
			
--- a/src/bin/auth/query.h
+++ b/src/bin/auth/query.h
@@ -94,7 +94,7 @@ private:
 
				     /// \param finder The ZoneFinder that was used to search for the missing
			
 
				     ///               data
			
 
				     /// \param db_result The ZoneFinder::FindResult returned by find()
			
 
				-    void addNXRRsetDenial(isc::datasrc::ZoneFinder& finder,
			
 
				+    void addNXRRsetProof(isc::datasrc::ZoneFinder& finder,
			
 
				         const isc::datasrc::ZoneFinder::FindResult& db_result);
			
 
				 
			
 
				     /// Add NSEC RRs that prove an NXDOMAIN result.
			
--- a/src/bin/auth/tests/query_unittest.cc
+++ b/src/bin/auth/tests/query_unittest.cc
@@ -163,20 +163,23 @@ const char* const nsec3_www_txt =
 
				     "q04jkcevqvmu85r014c7dkba38o0ji5r.example.com. 3600 IN NSEC3 1 1 12 "
			
 
				     "aabbccdd r53bq7cc2uvmubfu5ocmm6pers9tk9en A RRSIG\n";
			
 
				 
			
 
				+// (Secure) delegation data; Delegation with DS record
			
 
				 const char* const signed_delegation_txt =
			
 
				     "signed-delegation.example.com. 3600 IN NS ns.example.net.\n";
			
 
				-
			
 
				 const char* const signed_delegation_ds_txt =
			
 
				     "signed-delegation.example.com. 3600 IN DS 12345 8 2 "
			
 
				     "764501411DE58E8618945054A3F620B36202E115D015A7773F4B78E0F952CECA\n";
			
 
				 
			
 
				+// (Secure) delegation data; Delegation without DS record (and NSEC denying
			
 
				+// its existence.
			
 
				 const char* const unsigned_delegation_txt =
			
 
				     "unsigned-delegation.example.com. 3600 IN NS ns.example.net.\n";
			
 
				-
			
 
				 const char* const unsigned_delegation_nsec_txt =
			
 
				     "unsigned-delegation.example.com. 3600 IN NSEC "
			
 
				     "*.uwild.example.com. NS RRSIG NSEC\n";
			
 
				 
			
 
				+// (Secure) delegation data; Delegation where the DS lookup will raise an
			
 
				+// exception.
			
 
				 const char* const bad_delegation_txt =
			
 
				     "bad-delegation.example.com. 3600 IN NS ns.example.net.\n";