return nsec3_seen;
}
-/** see if the domain has a wildcard childe '*.domain' */
+/** see if the domain has a wildcard child '*.domain' */
static struct auth_data*
-az_find_wildcard(struct auth_zone* z, struct auth_data* ce)
+az_find_wildcard_domain(struct auth_zone* z, uint8_t* nm, size_t nmlen)
{
uint8_t wc[LDNS_MAX_DOMAINLEN];
- uint8_t* ce_nm;
- size_t ce_nmlen;
- if(ce) {
- ce_nm = ce->name;
- ce_nmlen = ce->namelen;
- } else {
- ce_nm = z->name;
- ce_nmlen = z->namelen;
- }
- if(ce_nmlen+2 > sizeof(wc))
+ if(nmlen+2 > sizeof(wc))
return NULL; /* result would be too long */
wc[0] = 1; /* length of wildcard label */
wc[1] = (uint8_t)'*'; /* wildcard label */
- memmove(wc+2, ce_nm, ce_nmlen);
- return az_find_name(z, wc, ce_nmlen+2);
+ memmove(wc+2, nm, nmlen);
+ return az_find_name(z, wc, nmlen+2);
+}
+
+/** find wildcard between qname and cename */
+static struct auth_data*
+az_find_wildcard(struct auth_zone* z, struct query_info* qinfo,
+ struct auth_data* ce)
+{
+ uint8_t* nm = qinfo->qname;
+ size_t nmlen = qinfo->qname_len;
+ struct auth_data* node;
+ if(!dname_subdomain_c(nm, z->name))
+ return NULL; /* out of zone */
+ while((node=az_find_wildcard_domain(z, nm, nmlen))==NULL) {
+ /* see if we can go up to find the wildcard */
+ if(nmlen == z->namelen)
+ return NULL; /* top of zone reached */
+ if(ce && nmlen == ce->namelen)
+ return NULL; /* ce reached */
+ if(dname_is_root(nm))
+ return NULL; /* cannot go up */
+ dname_remove_label(&nm, &nmlen);
+ }
+ return node;
}
/** domain is not exact, find first candidate ce (name that matches
/* see if the current candidate has issues */
/* not zone apex and has type NS */
if(n->namelen != z->namelen &&
- (*rrset=az_domain_rrset(n, LDNS_RR_TYPE_NS))) {
+ (*rrset=az_domain_rrset(n, LDNS_RR_TYPE_NS)) &&
+ /* delegate here, but DS at exact the dp has notype */
+ (qinfo->qtype != LDNS_RR_TYPE_DS ||
+ n->namelen != qinfo->qname_len)) {
/* referral */
/* this is ce and the lowernode is nonexisting */
*ce = n;
(*cname)->rk.flags = 0;
(*cname)->rk.dname = regional_alloc_init(region, qinfo->qname,
qinfo->qname_len);
- if((*cname)->rk.dname)
+ if(!(*cname)->rk.dname)
return 0; /* out of memory */
(*cname)->rk.dname_len = qinfo->qname_len;
(*cname)->entry.hash = rrset_key_hash(&(*cname)->rk);
struct auth_data* wildcard, struct auth_data* node)
{
struct auth_rrset* rrset, *nsec;
+ if(verbosity>=VERB_ALGO) {
+ char wcname[256];
+ sldns_wire2str_dname_buf(wildcard->name, wildcard->namelen,
+ wcname, sizeof(wcname));
+ log_info("wildcard %s", wcname);
+ }
if((rrset=az_domain_rrset(wildcard, qinfo->qtype)) != NULL) {
/* wildcard has type, add it */
if(!msg_add_rrset_an(region, msg, rrset)) return 0;
return az_generate_notype_answer(z, region, msg, node);
}
/* see if we have a wildcard under the ce */
- if((wildcard=az_find_wildcard(z, ce)) != NULL) {
+ if((wildcard=az_find_wildcard(z, qinfo, ce)) != NULL) {
return az_generate_wildcard_answer(z, qinfo, region, msg,
ce, wildcard, node);
}
#include "sldns/sbuffer.h"
/** verbosity for this test */
-static int vbmp = 1;
+static int vbmp = 0;
/** struct for query and answer checks */
struct q_ans {
/** queries for example.com: zone, query, flags, answer. end with NULL */
static struct q_ans example_com_queries[] = {
- {"example.com", "www.example.com. A", "",
+ { "example.com", "www.example.com. A", "",
";flags QR AA rcode NOERROR\n"
";answer section\n"
"www.example.com. 3600 IN A 10.0.0.2\n"
"www.example.com. 3600 IN A 10.0.0.3\n"
},
+
+ { "example.com", "example.com. SOA", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
+ },
+
+ { "example.com", "example.com. A", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"example.com. 3600 IN A 10.0.0.1\n"
+ },
+
+ { "example.com", "example.com. AAAA", "",
+";flags QR AA rcode NOERROR\n"
+";authority section\n"
+"example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
+ },
+
+ { "example.com", "example.com. NS", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"example.com. 3600 IN NS ns.example.com.\n"
+";additional section\n"
+"ns.example.com. 3600 IN A 10.0.0.5\n"
+ },
+
+ { "example.com", "example.com. MX", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"example.com. 3600 IN MX 50 mail.example.com.\n"
+";additional section\n"
+"mail.example.com. 3600 IN A 10.0.0.4\n"
+ },
+
+ { "example.com", "example.com. IN ANY", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
+"example.com. 3600 IN MX 50 mail.example.com.\n"
+"example.com. 3600 IN A 10.0.0.1\n"
+ },
+
+ { "example.com", "nonexist.example.com. A", "",
+";flags QR AA rcode NXDOMAIN\n"
+";authority section\n"
+"example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
+ },
+
+ { "example.com", "deep.ent.example.com. A", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"deep.ent.example.com. 3600 IN A 10.0.0.9\n"
+ },
+
+ { "example.com", "ent.example.com. A", "",
+";flags QR AA rcode NOERROR\n"
+";authority section\n"
+"example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
+ },
+
+ { "example.com", "below.deep.ent.example.com. A", "",
+";flags QR AA rcode NXDOMAIN\n"
+";authority section\n"
+"example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
+ },
+
+ { "example.com", "mail.example.com. A", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"mail.example.com. 3600 IN A 10.0.0.4\n"
+ },
+
+ { "example.com", "ns.example.com. A", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"ns.example.com. 3600 IN A 10.0.0.5\n"
+ },
+
+ { "example.com", "out.example.com. A", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"out.example.com. 3600 IN CNAME www.example.com.\n"
+ },
+
+ { "example.com", "out.example.com. CNAME", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"out.example.com. 3600 IN CNAME www.example.com.\n"
+ },
+
+ { "example.com", "plan.example.com. A", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"plan.example.com. 3600 IN CNAME nonexist.example.com.\n"
+ },
+
+ { "example.com", "plan.example.com. CNAME", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"plan.example.com. 3600 IN CNAME nonexist.example.com.\n"
+ },
+
+ { "example.com", "redir.example.com. A", "",
+";flags QR AA rcode NOERROR\n"
+";authority section\n"
+"example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
+ },
+
+ { "example.com", "redir.example.com. DNAME", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"redir.example.com. 3600 IN DNAME redir.example.org.\n"
+ },
+
+ { "example.com", "abc.redir.example.com. A", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"redir.example.com. 3600 IN DNAME redir.example.org.\n"
+"abc.redir.example.com. 0 IN CNAME abc.redir.example.org.\n"
+ },
+
+ { "example.com", "foo.abc.redir.example.com. A", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"redir.example.com. 3600 IN DNAME redir.example.org.\n"
+"foo.abc.redir.example.com. 0 IN CNAME foo.abc.redir.example.org.\n"
+ },
+
+ { "example.com", "sub.example.com. NS", "",
+";flags QR rcode NOERROR\n"
+";authority section\n"
+"sub.example.com. 3600 IN NS ns1.sub.example.com.\n"
+"sub.example.com. 3600 IN NS ns2.sub.example.com.\n"
+";additional section\n"
+"ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
+"ns2.sub.example.com. 3600 IN AAAA 2001::7\n"
+ },
+
+ { "example.com", "sub.example.com. DS", "",
+";flags QR AA rcode NOERROR\n"
+";authority section\n"
+"example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
+ },
+
+ { "example.com", "www.sub.example.com. NS", "",
+";flags QR rcode NOERROR\n"
+";authority section\n"
+"sub.example.com. 3600 IN NS ns1.sub.example.com.\n"
+"sub.example.com. 3600 IN NS ns2.sub.example.com.\n"
+";additional section\n"
+"ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
+"ns2.sub.example.com. 3600 IN AAAA 2001::7\n"
+ },
+
+ { "example.com", "foo.abc.sub.example.com. NS", "",
+";flags QR rcode NOERROR\n"
+";authority section\n"
+"sub.example.com. 3600 IN NS ns1.sub.example.com.\n"
+"sub.example.com. 3600 IN NS ns2.sub.example.com.\n"
+";additional section\n"
+"ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
+"ns2.sub.example.com. 3600 IN AAAA 2001::7\n"
+ },
+
+ { "example.com", "ns1.sub.example.com. A", "",
+";flags QR rcode NOERROR\n"
+";authority section\n"
+"sub.example.com. 3600 IN NS ns1.sub.example.com.\n"
+"sub.example.com. 3600 IN NS ns2.sub.example.com.\n"
+";additional section\n"
+"ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
+"ns2.sub.example.com. 3600 IN AAAA 2001::7\n"
+ },
+
+ { "example.com", "ns1.sub.example.com. AAAA", "",
+";flags QR rcode NOERROR\n"
+";authority section\n"
+"sub.example.com. 3600 IN NS ns1.sub.example.com.\n"
+"sub.example.com. 3600 IN NS ns2.sub.example.com.\n"
+";additional section\n"
+"ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
+"ns2.sub.example.com. 3600 IN AAAA 2001::7\n"
+ },
+
+ { "example.com", "ns2.sub.example.com. A", "",
+";flags QR rcode NOERROR\n"
+";authority section\n"
+"sub.example.com. 3600 IN NS ns1.sub.example.com.\n"
+"sub.example.com. 3600 IN NS ns2.sub.example.com.\n"
+";additional section\n"
+"ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
+"ns2.sub.example.com. 3600 IN AAAA 2001::7\n"
+ },
+
+ { "example.com", "ns2.sub.example.com. AAAA", "",
+";flags QR rcode NOERROR\n"
+";authority section\n"
+"sub.example.com. 3600 IN NS ns1.sub.example.com.\n"
+"sub.example.com. 3600 IN NS ns2.sub.example.com.\n"
+";additional section\n"
+"ns1.sub.example.com. 3600 IN A 10.0.0.6\n"
+"ns2.sub.example.com. 3600 IN AAAA 2001::7\n"
+ },
+
+ { "example.com", "wild.example.com. A", "",
+";flags QR AA rcode NOERROR\n"
+";authority section\n"
+"example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
+ },
+
+ { "example.com", "*.wild.example.com. A", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"*.wild.example.com. 3600 IN A 10.0.0.8\n"
+ },
+
+ { "example.com", "*.wild.example.com. AAAA", "",
+";flags QR AA rcode NOERROR\n"
+";authority section\n"
+"example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
+ },
+
+ { "example.com", "abc.wild.example.com. A", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"abc.wild.example.com. 3600 IN A 10.0.0.8\n"
+ },
+
+ { "example.com", "abc.wild.example.com. AAAA", "",
+";flags QR AA rcode NOERROR\n"
+";authority section\n"
+"example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
+ },
+
+ { "example.com", "foo.abc.wild.example.com. A", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"foo.abc.wild.example.com. 3600 IN A 10.0.0.8\n"
+ },
+
+ { "example.com", "foo.abc.wild.example.com. AAAA", "",
+";flags QR AA rcode NOERROR\n"
+";authority section\n"
+"example.com. 3600 IN SOA ns.example.org. noc.example.org. 2017042710 7200 3600 1209600 3600\n"
+ },
+
+ { "example.com", "yy.example.com. TXT", "",
+";flags QR AA rcode NOERROR\n"
+";answer section\n"
+"yy.example.com. 3600 IN TXT \"a\"\n"
+"yy.example.com. 3600 IN TXT \"b\"\n"
+"yy.example.com. 3600 IN TXT \"c\"\n"
+"yy.example.com. 3600 IN TXT \"d\"\n"
+"yy.example.com. 3600 IN TXT \"e\"\n"
+"yy.example.com. 3600 IN TXT \"f\"\n"
+ },
+
{NULL, NULL, NULL, NULL}
};
if(vbmp) printf("got (ret=%s%s):\n%s",
(ret?"ok":"fail"), (fallback?" fallback":""), ans_str);
/* check expected value for ret */
- if(ret == 0) {
+ if(expected_fallback && ret != 0) {
/* ret is zero on fallback */
+ if(vbmp) printf("fallback expected, but "
+ "return value is not false\n");
+ unit_assert(expected_fallback && ret == 0);
+ }
+ if(ret == 0) {
if(!expected_fallback) {
- if(vbmp) printf("fallback expected, but "
- "ret is not false\n");
+ if(vbmp) printf("return value is false, "
+ "(unexpected)\n");
}
unit_assert(expected_fallback);
}
atexit(tmpfilecleanup);
authzone_read_test();
authzone_query_test();
- /*exit(0);*/ /* DEBUG */
}
projects / thirdparty / unbound.git / commitdiff
