[Opendnssec-commits] [keihatsu.kirei.se/svn/dnssec] r3641 - in trunk/OpenDNSSEC/auditor: lib/kasp_auditor test_scripts

Alex Dalitz alexd at nominet.org.uk
Tue Aug 3 15:03:44 CEST 2010


Author: alex
Date: 2010-08-03 15:03:44 +0200 (Tue, 03 Aug 2010)
New Revision: 3641

Modified:
   trunk/OpenDNSSEC/auditor/lib/kasp_auditor/auditor.rb
   trunk/OpenDNSSEC/auditor/test_scripts/auditor_test.rb
Log:
Reverting r3594 (Pivotal 4408238)

Modified: trunk/OpenDNSSEC/auditor/lib/kasp_auditor/auditor.rb
===================================================================
--- trunk/OpenDNSSEC/auditor/lib/kasp_auditor/auditor.rb	2010-08-03 12:16:31 UTC (rev 3640)
+++ trunk/OpenDNSSEC/auditor/lib/kasp_auditor/auditor.rb	2010-08-03 13:03:44 UTC (rev 3641)
@@ -125,7 +125,7 @@
         File.open(unsigned_file) {|unsignedfile|
           File.open(signed_file) {|signedfile|
             last_signed_rr = get_next_rr(signedfile)
-            last_unsigned_rr = get_next_unsigned_rr(unsignedfile)
+            last_unsigned_rr = get_next_rr(unsignedfile)
             while (!unsignedfile.eof? || !signedfile.eof?)
 
               # Load up zone one subdomain (of zone) at a time. This may be many RRSets.
@@ -150,7 +150,7 @@
                   process_additional_unsigned_rr(last_unsigned_rr)
                   # Load next unsigned record
                   #                print "Loading another unsigned record to catch up to signed\n"
-                  last_unsigned_rr = get_next_unsigned_rr(unsignedfile)
+                  last_unsigned_rr = get_next_rr(unsignedfile)
                 elsif (compare_return < 0) # unsigned > signed
                   #                print "Signed file behind unsigned - loading next subdomain from #{last_signed_rr.name}\n"
                   last_signed_rr = load_signed_subdomain(signedfile, last_signed_rr, [])
@@ -229,12 +229,8 @@
       end
     end
 
-    def get_next_unsigned_rr(file)
-      return get_next_rr(file, true)
-    end
-
     # Load the next RR from the specified file
-    def get_next_rr(file, loading_unsigned_rr = false)
+    def get_next_rr(file)
       while (!file.eof?)
         line = file.gets
         next if (!line || (line.length == 0))
@@ -251,14 +247,6 @@
         end
         begin
           rr = RR.create(rr_text)
-          if (loading_unsigned_rr)
-            # Check if the unsigned RR TTL is less than the SOA Minimum
-            if (rr.ttl < @config.soa.minimum)
-              # If so, then set it to the configured minimum
-              rr.ttl = @config.soa.minimum
-            end
-
-          end
           return rr
           #        rescue DecodeError => e
         rescue Exception => e
@@ -308,7 +296,7 @@
           #          print "Using key #{l_rr.key_tag}\n"
           @algs.push(l_rr.algorithm) if !@algs.include?l_rr.algorithm
         end
-        l_rr = get_next_unsigned_rr(file)
+        l_rr = get_next_rr(file)
       end
       #      print "Finsihed loading unsigned #{subdomain} subdomain - returning #{l_rr}\n"
       return domain_rrs, l_rr
@@ -896,7 +884,7 @@
             # Ignore DNSSEC data in input zone?
             log(LOG_WARNING, "#{unsigned_rr.type} RR present in unsigned file : #{unsigned_rr}")
           else
-            log(LOG_ERR, "Output zone does not contain non-DNSSEC RRSet : #{unsigned_rr.type}, #{unsigned_rr}. This could also be caused by the TTL being incorrect")
+            log(LOG_ERR, "Output zone does not contain non-DNSSEC RRSet : #{unsigned_rr.type}, #{unsigned_rr}")
           end
         else
           log(LOG_WARNING, "Output zone does not contain out of zone RRSet : #{unsigned_rr.type}, #{unsigned_rr}")

Modified: trunk/OpenDNSSEC/auditor/test_scripts/auditor_test.rb
===================================================================
--- trunk/OpenDNSSEC/auditor/test_scripts/auditor_test.rb	2010-08-03 12:16:31 UTC (rev 3640)
+++ trunk/OpenDNSSEC/auditor/test_scripts/auditor_test.rb	2010-08-03 13:03:44 UTC (rev 3641)
@@ -103,8 +103,8 @@
       # - extra NSEC for closed loop of each next domain
       # - missing NSEC for closed loop of each next domain
       "NSEC3PARAM RRs included in NSEC-signed zone",
-      "Output zone does not contain out of zone RRSet : A, ff.wat.out.of.zones.	3600	IN	A	123.123.123.123",
-      "Output zone does not contain out of zone RRSet : A, even.more.out.of.bailiwick.	3600	IN	A	1.2.3.4",
+      "Output zone does not contain out of zone RRSet : A, ff.wat.out.of.zones.	143	IN	A	123.123.123.123",
+      "Output zone does not contain out of zone RRSet : A, even.more.out.of.bailiwick.	143	IN	A	1.2.3.4",
       "No NSEC record for tjeb.nl",
       "NSEC record should have TTL of 3600 from zone policy //Zone/SOA/Minimum, but is bla.tjeb.nl.",
       "NSEC includes A which is not in rrsets for dragon.tjeb.nl",




More information about the Opendnssec-commits mailing list