1626. [bug] --enable-getifaddrs was broken. [RT#11259]
-1625. [placeholder] rt11237
+1625. [bug] named failed to load/transfer RFC2535 signed zones
+ which contained CNAMES. [RT# 11237]
1624. [bug] zonemgr_putio() call should be locked. [RT# 11163]
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: update.c,v 1.110 2004/04/15 01:58:23 marka Exp $ */
+/* $Id: update.c,v 1.111 2004/05/05 01:32:56 marka Exp $ */
#include <config.h>
this name and type */
*typep = type = t->rdata.type;
- if (type == dns_rdatatype_rrsig)
+ if (type == dns_rdatatype_rrsig ||
+ type == dns_rdatatype_sig)
covers = dns_rdata_covers(&t->rdata);
else
covers = 0;
ctx.ignore_add = ISC_FALSE;
dns_diff_init(mctx, &ctx.del_diff);
dns_diff_init(mctx, &ctx.add_diff);
- CHECK(foreach_rr(db, ver, name, rdata.type, covers,
- add_rr_prepare_action, &ctx));
+ CHECK(foreach_rr(db, ver, name, rdata.type,
+ covers, add_rr_prepare_action,
+ &ctx));
if (ctx.ignore_add) {
dns_diff_clear(&ctx.del_diff);
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
-; $Id: example.db.in,v 1.14 2004/04/15 23:40:22 marka Exp $
+; $Id: example.db.in,v 1.15 2004/05/05 01:32:57 marka Exp $
$TTL 300 ; 5 minutes
@ IN SOA mname1. . (
mustbesecure NS ns.mustbesecure
ns.mustbesecure A 10.53.0.3
+; A rfc2535 signed zone w/ CNAME
+rfc2535 NS ns.rfc2535
+ns.rfc2535 A 10.53.0.3
+
z A 10.0.0.26
keyless NS ns.keyless
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: named.conf,v 1.23 2004/03/10 02:19:53 marka Exp $ */
+/* $Id: named.conf,v 1.24 2004/05/05 01:32:57 marka Exp $ */
// NS2
allow-update { any; };
};
+zone "rfc2335.example" {
+ type master;
+ file "rfc2335.example.db";
+};
+
+
include "trusted.conf";
--- /dev/null
+; File written on Fri Apr 30 12:19:15 2004
+; dnssec_signzone version 9.2.4rc3
+rfc2335.example. 300 IN SOA mname1. . (
+ 2000042407 ; serial
+ 20 ; refresh (20 seconds)
+ 20 ; retry (20 seconds)
+ 1814400 ; expire (3 weeks)
+ 3600 ; minimum (1 hour)
+ )
+ 300 SIG SOA 1 2 300 20040530021915 (
+ 20040430021915 47799 rfc2335.example.
+ nGPJKIzF7X/hMJbZURRz59UeEi/6HRxCn9Er
+ GqSnpw0Ea9Yx5Axu6sLKnF7jXlkZ6NHMCIpJ
+ +Lv+FDHXTs/dQg== )
+ 300 NS ns.rfc2335.example.
+ 300 SIG NS 1 2 300 20040530021915 (
+ 20040430021915 47799 rfc2335.example.
+ Q234AL9dJYMvxdWG33lpww6AJ3GplKp+ace7
+ MUaj0oqDdkx4DtJF2XaP2xcqq7kTOObdQ8ES
+ vVxNThqOx7LFzg== )
+ 300 KEY 256 3 1 (
+ AQPZhzXIabI8y5ihWUw7F0WxN2MabnYWkOcV
+ Fn11NgaGSdjBSYPRMMwMCasD5N2KYPRUP83W
+ y8mj+ofcoW1FurcZ
+ ) ; key id = 47799
+ 300 NXT a.rfc2335.example. NS SOA SIG KEY NXT
+ 300 SIG NXT 1 2 300 20040530021915 (
+ 20040430021915 47799 rfc2335.example.
+ Y587mqNy6pBEfbsU6+weM2XRSqLwLwRT9Sl7
+ oNuOK9kV3TR4R2M54m2S0MgJCXbRAwU+fF8Q
+ UbZkSTVe2N8Nyg== )
+a.rfc2335.example. 300 IN A 10.0.0.1
+ 300 SIG A 1 3 300 20040530021915 (
+ 20040430021915 47799 rfc2335.example.
+ FnfWrcw5ire8ut25504zti5l///BdDMUAkJZ
+ UCLFiTW4lBGMcq1pqz64zltDZXCgJ3xUeQ2i
+ nRt19/ZxO6Z1KA== )
+ 300 NXT b.rfc2335.example. A SIG NXT
+ 300 SIG NXT 1 3 300 20040530021915 (
+ 20040430021915 47799 rfc2335.example.
+ R6SpC3ndMVg4u/eZaaUsXSuMHV/hZXeaM/Op
+ bJLAe3KxMiOHfb6XgLy7wflAiC1xt6A9bWpy
+ kTc5T5gfic33kA== )
+b.rfc2335.example. 300 IN A 10.0.0.2
+ 300 SIG A 1 3 300 20040530021915 (
+ 20040430021915 47799 rfc2335.example.
+ zjRsYXMGyhDI6ipDtu8YXC9XPN+3hGamzzxL
+ 8uPE/LPo+x19MNdbzEgWzlajAf1/mkSGr2jN
+ BDMVBA5NMKpwAA== )
+ 300 NXT d.rfc2335.example. A SIG NXT
+ 300 SIG NXT 1 3 300 20040530021915 (
+ 20040430021915 47799 rfc2335.example.
+ aV87iZCYsC5Tqop827Zzb18TNqopGt0QynkR
+ gIF/lIHqZasNFRfaS1/nTnXdDKD8JS5IqxKb
+ oTJr5zswDAtCEw== )
+d.rfc2335.example. 300 IN A 10.0.0.4
+ 300 SIG A 1 3 300 20040530021915 (
+ 20040430021915 47799 rfc2335.example.
+ NsKyvhUYZxTbOTBX4YwxTxevI5iGBpULKwmt
+ +D4l00ME4XRygOVmiqVDTT9dF1EgjDxOdfMT
+ hSjtCh5M1b2f6g== )
+ 300 NXT ns.rfc2335.example. A SIG NXT
+ 300 SIG NXT 1 3 300 20040530021915 (
+ 20040430021915 47799 rfc2335.example.
+ OGqlvSDZIZdHYigh4UAFzXfPze7vcQfgj7sN
+ +cAeoh4BL1gpa00DqANCxowNCYluDk3ZCDwt
+ UHZEJa8ZjNvv4g== )
+ns.rfc2335.example. 300 IN A 10.53.0.3
+ 300 SIG A 1 3 300 20040530021915 (
+ 20040430021915 47799 rfc2335.example.
+ T6ZGeUWflLTku8jO23x/TeAPeUl8t0I18FCh
+ qHUZaHomLQasQ2jlZQn6cLpFd2uFJkBNxZ0G
+ I39aG7G1bObXdA== )
+ 300 NXT x.rfc2335.example. A SIG NXT
+ 300 SIG NXT 1 3 300 20040530021915 (
+ 20040430021915 47799 rfc2335.example.
+ l46mrf3/Ii5iRm3AiDjYeMg4ZXBgitHxXA2y
+ e/NhKpkxRRpCs7UQ94wT/RiSCjjK49E5FBe6
+ 5bRxtWq0GI7zlg== )
+x.rfc2335.example. 300 IN CNAME a.rfc2335.example.
+ 300 SIG CNAME 1 3 300 20040530021915 (
+ 20040430021915 47799 rfc2335.example.
+ L3IOluq+kboBd2gR2Mu54uJKCUzfmyHRiWKl
+ kfx+vuFr0I8mEHQRmJtouxNDrBzmzGp5vybK
+ SdabLWw0n6uQEA== )
+ 300 NXT z.rfc2335.example. CNAME SIG NXT
+ 300 SIG NXT 1 3 300 20040530021915 (
+ 20040430021915 47799 rfc2335.example.
+ CBKoJSkZzdpwiON7JS4yPFY5VVeBjfT19x/O
+ vx+5UK1JZUNKhTXWWgW1er+JlLzNf4Ot40+l
+ z9HUTyaeS0eWyw== )
+z.rfc2335.example. 300 IN A 10.0.0.26
+ 300 SIG A 1 3 300 20040530021915 (
+ 20040430021915 47799 rfc2335.example.
+ ccqjVHnehvVwlNNd4+7n/GzGlRjj+ul0gCT3
+ X3950LTccxHsOFyjNNm8v/Ho/aurSYdqXEjY
+ jwmjC6elwkzB7A== )
+ 300 NXT rfc2335.example. A SIG NXT
+ 300 SIG NXT 1 3 300 20040530021915 (
+ 20040430021915 47799 rfc2335.example.
+ W42WoFyd9erysv8HjKo+CpHIH1x6+pAKwCDO
+ /hHnkEpQI3brewxl7cWOPYeA92Ns80Ody/ui
+ m2E28A5gnmWqPw== )
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: named.conf,v 1.26 2004/04/15 23:40:22 marka Exp $ */
+/* $Id: named.conf,v 1.27 2004/05/05 01:32:57 marka Exp $ */
// NS3
file "mustbesecure.example.db";
};
+zone "rfc2335.example" {
+ type slave;
+ masters { 10.53.0.2; };
+ file "rfc2335.example.bk";
+};
+
include "trusted.conf";
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
-# $Id: tests.sh,v 1.44 2004/03/10 02:19:53 marka Exp $
+# $Id: tests.sh,v 1.45 2004/05/05 01:32:56 marka Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
$DIG $DIGOPTS private.secure.example. SOA @10.53.0.6 \
> dig.out.ns6.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns6.test$n > /dev/null || ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+echo "I:checking that we can load a rfc2535 signed zone ($n)"
+ret=0
+$DIG $DIGOPTS rfc2535.example. SOA @10.53.0.2 \
+ > dig.out.ns2.test$n || ret=1
+grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+echo "I:checking that we can transfer a rfc2535 signed zone ($n)"
+ret=0
+$DIG $DIGOPTS rfc2535.example. SOA @10.53.0.3 \
+ > dig.out.ns3.test$n || ret=1
+grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
# Run a minimal update test if possible. This is really just
# a regression test for RT #2399; more tests should be added.
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: master.c,v 1.148 2004/03/05 05:09:21 marka Exp $ */
+/* $Id: master.c,v 1.149 2004/05/05 01:32:58 marka Exp $ */
#include <config.h>
}
- if (type == dns_rdatatype_rrsig)
+ if (type == dns_rdatatype_rrsig ||
+ type == dns_rdatatype_sig)
covers = dns_rdata_covers(&rdata[rdcount]);
else
covers = 0;
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: message.c,v 1.222 2004/03/10 00:47:40 marka Exp $ */
+/* $Id: message.c,v 1.223 2004/05/05 01:32:58 marka Exp $ */
/***
*** Imports
if (result != ISC_R_SUCCESS)
goto cleanup;
rdata->rdclass = rdclass;
+ issigzero = ISC_FALSE;
if (rdtype == dns_rdatatype_rrsig &&
rdata->flags == 0) {
covers = dns_rdata_covers(rdata);
if (covers == 0)
DO_FORMERR;
- } else
- covers = 0;
-
- issigzero = ISC_FALSE;
- if (rdtype == dns_rdatatype_sig /* SIG(0) */ &&
- rdata->flags == 0) {
- if (dns_rdata_covers(rdata) == 0) {
+ } else if (rdtype == dns_rdatatype_sig /* SIG(0) */ &&
+ rdata->flags == 0) {
+ covers = dns_rdata_covers(rdata);
+ if (covers == 0) {
if (sectionid != DNS_SECTION_ADDITIONAL ||
count != msg->counts[sectionid] - 1)
DO_FORMERR;
skip_type_search = ISC_TRUE;
issigzero = ISC_TRUE;
}
- }
+ } else
+ covers = 0;
/*
* If we are doing a dynamic update or this is a meta-type,
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: rbtdb.c,v 1.196 2004/03/05 05:09:22 marka Exp $ */
+/* $Id: rbtdb.c,v 1.197 2004/05/05 01:32:58 marka Exp $ */
/*
* Principal Author: Bob Halley
* or RRSIG CNAME.
*/
rdtype = RBTDB_RDATATYPE_BASE(header->type);
- if (rdtype == dns_rdatatype_rrsig)
+ if (rdtype == dns_rdatatype_rrsig ||
+ rdtype == dns_rdatatype_sig)
rdtype = RBTDB_RDATATYPE_EXT(header->type);
if (rdtype != dns_rdatatype_nsec &&
rdtype != dns_rdatatype_dnskey &&
+ rdtype != dns_rdatatype_nxt &&
+ rdtype != dns_rdatatype_key &&
rdtype != dns_rdatatype_cname) {
/*
* We've found a type that isn't
projects / thirdparty / bind9.git / commitdiff
