+2724. [bug] Updates to a existing node in secure zone using NSEC
+ were failing. [RT #20448]
+
2723. [bug] isc_base32_totext(), isc_base32hex_totext(), and
isc_base64_totext(), didn't always mark regions of
memory as fully consumed after conversion. [RT #20445]
* PERFORMANCE OF THIS SOFTWARE.
*/
-/* $Id: update.c,v 1.163 2009/10/10 23:47:58 tbox Exp $ */
+/* $Id: update.c,v 1.164 2009/10/22 01:55:55 marka Exp $ */
#include <config.h>
dns_rdatatype_any, 0, NULL, diff));
} else {
/*
- * This name is not obscured. It should have a NSEC
- * unless it is the at the origin, in which case it
- * should already exist.
+ * This name is not obscured. It needs to have a
+ * NSEC unless it is the at the origin, in which
+ * case it should already exist if there is a complete
+ * NSEC chain and if there isn't a complete NSEC chain
+ * we don't want to add one as that would signal that
+ * there is a complete NSEC chain.
*/
if (!dns_name_equal(name, dns_db_origin(db))) {
- CHECK(dns_private_chains(db, newver,
- privatetype, &flag,
- NULL));
- if (flag)
+ CHECK(rrset_exists(db, newver, name,
+ dns_rdatatype_nsec, 0,
+ &flag));
+ if (!flag)
CHECK(add_placeholder_nsec(db, newver,
name, diff));
}
projects / thirdparty / bind9.git / commitdiff
