if (valparts.size() == 4) {
if (kind == "PRESIGNED")
meta.push_back("1");
- else
+ else if (valparts[3] != "1")
meta.push_back(valparts[3]);
}
}
return true;
}
-bool LMDBBackend::getDirectNSECx(uint32_t id, const string &hashed, string &before, DNSResourceRecord &rr)
+bool LMDBBackend::getDirectNSECx(uint32_t id, const string &hashed, const QType &qtype, string &before, DNSResourceRecord &rr)
{
MDB_val key, data;
string key_str, cur_key, cur_value;
vector<string> keyparts, valparts;
- key_str=itoa(id)+"\t"+toBase32Hex(bitFlip(hashed));
+ if (qtype == QType::NSEC)
+ key_str=itoa(id)+"\t"+bitFlip(hashed)+"\xff";
+ else
+ key_str=itoa(id)+"\t"+toBase32Hex(bitFlip(hashed));
key.mv_data = (char *)key_str.c_str();
key.mv_size = key_str.length();
return true;
hasnsecx:
-
- before=bitFlip(fromBase32Hex(keyparts[1]));
+ if (qtype == QType::NSEC)
+ before=bitFlip(keyparts[1]).c_str();
+ else
+ before=bitFlip(fromBase32Hex(keyparts[1]));
rr.qname=valparts[0];
rr.ttl=atoi(valparts[1].c_str());
rr.qtype=DNSRecordContent::TypeToNumber(valparts[2]);
}
if (rc == MDB_NOTFOUND)
- DEBUGLOG("RRSIG records for qname: '"<<qname"'' with type: '"<<qtype.getName()<<"' not found"<<endl);
+ DEBUGLOG("RRSIG records for qname: '"<<qname<<"'' with type: '"<<qtype.getName()<<"' not found"<<endl);
return true;
}
bool get(DNSResourceRecord &rr);
bool getDomainMetadata(const string& name, const std::string& kind, std::vector<std::string>& meta);
- bool getDirectNSECx(uint32_t id, const string &hashed, string &before, DNSResourceRecord &rr);
+ bool getDirectNSECx(uint32_t id, const string &hashed, const QType &qtype, string &before, DNSResourceRecord &rr);
bool getDirectRRSIGs(const string &signer, const string &qname, const QType &qtype, vector<DNSResourceRecord> &rrsigs);
bool getAuthZone( string &rev_zone );
}
//! called to get a NSECx record from backend
- virtual bool getDirectNSECx(uint32_t id, const string &hashed, string &before, DNSResourceRecord &rr)
+ virtual bool getDirectNSECx(uint32_t id, const string &hashed, const QType &qtype, string &before, DNSResourceRecord &rr)
{
return false;
}
hashed=hashQNameWithSalt(ns3rc.d_iterations, ns3rc.d_salt, unhashed);
DLOG(L<<"1 hash: "<<toBase32Hex(hashed)<<" "<<unhashed<<endl);
- if(!B.getDirectNSECx(sd.domain_id, hashed, before, rr))
+ if(!B.getDirectNSECx(sd.domain_id, hashed, QType(QType::NSEC3), before, rr))
getNSEC3Hashes(narrow, sd.db, sd.domain_id, hashed, false, unhashed, before, after, mode);
if (((mode == 0 && ns3rc.d_flags) || mode == 1) && (hashed != before)) {
hashed=hashQNameWithSalt(ns3rc.d_iterations, ns3rc.d_salt, unhashed);
DLOG(L<<"1 hash: "<<toBase32Hex(hashed)<<" "<<unhashed<<endl);
- if(!B.getDirectNSECx(sd.domain_id, hashed, before, rr))
+ if(!B.getDirectNSECx(sd.domain_id, hashed, QType(QType::NSEC3), before, rr))
getNSEC3Hashes(narrow, sd.db, sd.domain_id, hashed, false, unhashed, before, after);
}
hashed=hashQNameWithSalt(ns3rc.d_iterations, ns3rc.d_salt, unhashed);
DLOG(L<<"2 hash: "<<toBase32Hex(hashed)<<" "<<unhashed<<endl);
- if(!B.getDirectNSECx(sd.domain_id, hashed, before, rr)) {
+ if(!B.getDirectNSECx(sd.domain_id, hashed, QType(QType::NSEC3), before, rr)) {
getNSEC3Hashes(narrow, sd.db,sd.domain_id, hashed, true, unhashed, before, after);
DLOG(L<<"Done calling for covering, hashed: '"<<toBase32Hex(hashed)<<"' before='"<<toBase32Hex(before)<<"', after='"<<toBase32Hex(after)<<"'"<<endl);
emitNSEC3( ns3rc, sd, unhashed, before, after, target, r, mode);
hashed=hashQNameWithSalt(ns3rc.d_iterations, ns3rc.d_salt, unhashed);
DLOG(L<<"3 hash: "<<toBase32Hex(hashed)<<" "<<unhashed<<endl);
- if(!B.getDirectNSECx(sd.domain_id, hashed, before, rr)) {
+ if(!B.getDirectNSECx(sd.domain_id, hashed, QType(QType::NSEC3), before, rr)) {
getNSEC3Hashes(narrow, sd.db, sd.domain_id, hashed, (mode != 2), unhashed, before, after);
DLOG(L<<"Done calling for '*', hashed: '"<<toBase32Hex(hashed)<<"' before='"<<toBase32Hex(before)<<"', after='"<<toBase32Hex(after)<<"'"<<endl);
emitNSEC3( ns3rc, sd, unhashed, before, after, target, r, mode);
}
string before,after;
- sd.db->getBeforeAndAfterNames(sd.domain_id, auth, target, before, after);
- emitNSEC(before, after, target, sd, r, mode);
+ DNSResourceRecord rr;
+
+ rr.auth=false;
+ if(!B.getDirectNSECx(sd.domain_id, toLower(labelReverse(makeRelative(target, auth))), QType(QType::NSEC), before, rr)) {
+ sd.db->getBeforeAndAfterNames(sd.domain_id, auth, target, before, after);
+ emitNSEC(before, after, target, sd, r, mode);
+ } else if(rr.auth) {
+ if (mode == 5)
+ rr.d_place=DNSResourceRecord::ANSWER;
+ r->addRecord(rr);
+ }
if (mode == 2 || mode == 4) {
// wildcard NO-DATA or wildcard denial
(void) chopOff(closest);
closest=dotConcat("*", closest);
}
- sd.db->getBeforeAndAfterNames(sd.domain_id, auth, closest, before, after);
- emitNSEC(before, after, target, sd, r, mode);
+ rr.auth=false;
+ if(!B.getDirectNSECx(sd.domain_id, toLower(labelReverse(makeRelative(closest, auth))), QType(QType::NSEC), before, rr)) {
+ sd.db->getBeforeAndAfterNames(sd.domain_id, auth, closest, before, after);
+ emitNSEC(before, after, target, sd, r, mode);
+ } else if(rr.auth)
+ r->addRecord(rr);
}
return;
}
return true;
}
-bool UeberBackend::getDirectNSECx(uint32_t id, const string &hashed, string &before, DNSResourceRecord &rr)
+bool UeberBackend::getDirectNSECx(uint32_t id, const string &hashed, const QType &qtype, string &before, DNSResourceRecord &rr)
{
BOOST_FOREACH(DNSBackend* db, backends) {
- if(db->getDirectNSECx(id, hashed, before, rr))
+ if(db->getDirectNSECx(id, hashed, qtype, before, rr))
return true;
}
return false;
bool activateDomainKey(const string& name, unsigned int id);
bool deactivateDomainKey(const string& name, unsigned int id);
- bool getDirectNSECx(uint32_t id, const string &hashed, string &before, DNSResourceRecord &rr);
+ bool getDirectNSECx(uint32_t id, const string &hashed, const QType &qtype, string &before, DNSResourceRecord &rr);
bool getDirectRRSIGs(const string &signer, const string &qname, const QType &qtype, vector<DNSResourceRecord> &rrsigs);
bool getTSIGKey(const string& name, string* algorithm, string* content);
}
string reverse(const string &name) {
- return toLower(string(name.rbegin(), name.rend()));
+ return string(name.rbegin(), name.rend());
}
void emitData(string zone, ZoneParserTNG &zpt){
bool hasSOA=false, isPresigned=false;
int numRefs=g_numRefs;
int numRecords=g_numRecords;
- string metaData;
+ string metaData="1", qname;
SOAData sd;
DNSResourceRecord rr;
MDB_val key, data, keyExt, dataExt;
+ zone=toLower(zone);
mdb_txn_begin(env, txn, 0, &txn_zone);
while(zpt.get(rr)) {
numRecords++;
+ qname=toLower(stripDot(rr.qname));
if (rr.qtype == QType::SOA) {
hasSOA=true;
fillSOAData(rr.content, sd);
}
if (rr.qtype == QType::NSEC3PARAM) {
metaData=rr.content;
- continue; // TODO set metadata
+ continue;
}
string keyStr, dataStr;
if (rr.qtype == QType::RRSIG) {
isPresigned=true;
RRSIGRecordContent rrc(rr.content);
- keyStr=zone+"\t"+makeRelative(stripDot(rr.qname), zone)+"\t"+DNSRecordContent::NumberToType(rrc.d_type);
+ keyStr=zone+"\t"+makeRelative(qname, zone)+"\t"+DNSRecordContent::NumberToType(rrc.d_type);
dataStr=itoa(rr.ttl)+"\t"+rr.content;
key.mv_data = (char*)keyStr.c_str();
if (rr.qtype == QType::NSEC || rr.qtype == QType::NSEC3) {
if (rr.qtype == QType::NSEC)
- keyStr=stripDot(rr.qname)+"\t"+itoa(g_numZones+1);
+ keyStr=itoa(g_numZones+1)+"\t"+bitFlip(labelReverse(makeRelative(qname,zone)))+"\xff";
else
- keyStr=itoa(g_numZones+1)+"\t"+toBase32Hex(bitFlip(fromBase32Hex(makeRelative(stripDot(rr.qname), zone))));
- dataStr=stripDot(rr.qname)+"\t"+itoa(rr.ttl)+"\t"+rr.qtype.getName()+"\t"+rr.content;
+ keyStr=itoa(g_numZones+1)+"\t"+toBase32Hex(bitFlip(fromBase32Hex(makeRelative(qname, zone))));
+ dataStr=qname+"\t"+itoa(rr.ttl)+"\t"+rr.qtype.getName()+"\t"+rr.content;
key.mv_data = (char*)keyStr.c_str();
key.mv_size = keyStr.length();
continue;
}
- keyStr=reverse(stripDot(rr.qname))+"\t"+rr.qtype.getName();
+ keyStr=reverse(qname)+"\t"+rr.qtype.getName();
dataStr=itoa(g_numZones+1)+"\t"+itoa(rr.ttl)+"\t"+rr.content;
key.mv_data = (char*)keyStr.c_str();
projects / thirdparty / pdns.git / commitdiff
