* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: update.c,v 1.176.4.9 2010/12/10 04:47:48 marka Exp $ */
+/* $Id: update.c,v 1.176.4.10 2011/02/03 06:23:43 marka Exp $ */
#include <config.h>
* Extract the changes to be rolled back.
*/
for (tuple = ISC_LIST_HEAD(diff->tuples);
- tuple != NULL;
- tuple = next) {
+ tuple != NULL; tuple = next) {
next = ISC_LIST_NEXT(tuple, link);
add_signing_records(dns_db_t *db, dns_rdatatype_t privatetype,
dns_dbversion_t *ver, dns_diff_t *diff)
{
- dns_difftuple_t *tuple, *newtuple = NULL;
+ dns_difftuple_t *tuple, *newtuple = NULL, *next;
dns_rdata_dnskey_t dnskey;
dns_rdata_t rdata = DNS_RDATA_INIT;
isc_boolean_t flag;
isc_uint16_t keyid;
unsigned char buf[5];
dns_name_t *name = dns_db_origin(db);
+ dns_diff_t temp_diff;
+ dns_diff_init(diff->mctx, &temp_diff);
+
+ /*
+ * Extract the DNSKEY tuples from the list.
+ */
for (tuple = ISC_LIST_HEAD(diff->tuples);
- tuple != NULL;
- tuple = ISC_LIST_NEXT(tuple, link)) {
+ tuple != NULL; tuple = next) {
+
+ next = ISC_LIST_NEXT(tuple, link);
+
if (tuple->rdata.type != dns_rdatatype_dnskey)
continue;
+ ISC_LIST_UNLINK(diff->tuples, tuple, link);
+ ISC_LIST_APPEND(temp_diff.tuples, tuple, link);
+ }
+
+ /*
+ * Extract TTL changes pairs, we don't need signing records for these.
+ */
+ for (tuple = ISC_LIST_HEAD(temp_diff.tuples);
+ tuple != NULL; tuple = next) {
+ if (tuple->op == DNS_DIFFOP_ADD) {
+ /*
+ * Walk the temp_diff list looking for the
+ * corresponding delete.
+ */
+ next = ISC_LIST_HEAD(temp_diff.tuples);
+ while (next != NULL) {
+ unsigned char *next_data = next->rdata.data;
+ unsigned char *tuple_data = tuple->rdata.data;
+ if (next->op == DNS_DIFFOP_DEL &&
+ dns_name_equal(&tuple->name, &next->name) &&
+ next->rdata.length == tuple->rdata.length &&
+ !memcmp(next_data, tuple_data,
+ next->rdata.length)) {
+ ISC_LIST_UNLINK(temp_diff.tuples, next,
+ link);
+ ISC_LIST_APPEND(diff->tuples, next,
+ link);
+ break;
+ }
+ next = ISC_LIST_NEXT(next, link);
+ }
+ /*
+ * If we have not found a pair move onto the next
+ * tuple.
+ */
+ if (next == NULL) {
+ next = ISC_LIST_NEXT(tuple, link);
+ continue;
+ }
+ /*
+ * Find the next tuple to be processed before
+ * unlinking then complete moving the pair to 'diff'.
+ */
+ next = ISC_LIST_NEXT(tuple, link);
+ ISC_LIST_UNLINK(temp_diff.tuples, tuple, link);
+ ISC_LIST_APPEND(diff->tuples, tuple, link);
+ } else
+ next = ISC_LIST_NEXT(tuple, link);
+ }
+
+ /*
+ * Process the remaining DNSKEY entries.
+ */
+ for (tuple = ISC_LIST_HEAD(temp_diff.tuples);
+ tuple != NULL;
+ tuple = ISC_LIST_HEAD(temp_diff.tuples)) {
+
+ ISC_LIST_UNLINK(temp_diff.tuples, tuple, link);
+ ISC_LIST_APPEND(diff->tuples, tuple, link);
+
dns_rdata_tostruct(&tuple->rdata, &dnskey, NULL);
if ((dnskey.flags &
(DNS_KEYFLAG_OWNERMASK|DNS_KEYTYPE_NOAUTH))
INSIST(newtuple == NULL);
}
}
+
failure:
+ dns_diff_clear(&temp_diff);
return (result);
}
--- /dev/null
+; Copyright (C) 2011 Internet Systems Consortium, Inc. ("ISC")
+;
+; Permission to use, copy, modify, and/or distribute this software for any
+; purpose with or without fee is hereby granted, provided that the above
+; copyright notice and this permission notice appear in all copies.
+;
+; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+; PERFORMANCE OF THIS SOFTWARE.
+
+; $Id: dnskey.test.db.in,v 1.2.4.2 2011/02/03 06:25:58 marka Exp $
+
+$TTL 10
+dnskey.test. IN SOA dnskey.test. hostmaster.dnskey.test. 1 3600 900 2419200 3600
+dnskey.test. IN NS dnskey.test.
+dnskey.test. IN A 10.53.0.3
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
-# $Id: tests.sh,v 1.28.102.4 2010/12/07 03:01:38 marka Exp $
+# $Id: tests.sh,v 1.28.102.5 2011/02/03 06:23:43 marka Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
echo "I:failed"; status=1
fi
+n=`expr $n + 1`
+ret=0
+echo "I:check that changes to the DNSKEY RRset TTL do not have side effects ($n)"
+$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd dnskey.test. \
+ @10.53.0.3 -p 5300 dnskey | \
+ sed -n 's/\(.*\)10.IN/update add \1600 IN/p' |
+ (echo server 10.53.0.3 5300; cat - ; echo send ) |
+$NSUPDATE
+
+$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd dnskey.test. \
+ @10.53.0.3 -p 5300 any > dig.out.ns3.$n
+
+grep "600.*DNSKEY" dig.out.ns3.$n > /dev/null || ret=1
+grep TYPE65534 dig.out.ns3.$n > dev/null && ret=1
+if test $ret -ne 0
+then
+echo "I:failed"; status=1
+fi
echo "I:exit status: $status"
exit $status
projects / thirdparty / bind9.git / commitdiff
