[Opendnssec-commits] [keihatsu.kirei.se/svn/dnssec] r4074 - trunk/OpenDNSSEC/signer/src/signer

Matthijs Mekking matthijs at nlnetlabs.nl
Mon Oct 11 14:19:43 CEST 2010


Author: matthijs
Date: 2010-10-11 14:19:43 +0200 (Mon, 11 Oct 2010)
New Revision: 4074

Modified:
   trunk/OpenDNSSEC/signer/src/signer/domain.c
   trunk/OpenDNSSEC/signer/src/signer/domain.h
Log:
function to check if domain has occluded data



Modified: trunk/OpenDNSSEC/signer/src/signer/domain.c
===================================================================
--- trunk/OpenDNSSEC/signer/src/signer/domain.c	2010-10-11 09:01:28 UTC (rev 4073)
+++ trunk/OpenDNSSEC/signer/src/signer/domain.c	2010-10-11 12:19:43 UTC (rev 4074)
@@ -271,6 +271,8 @@
 {
     ldns_rbnode_t* node = LDNS_RBTREE_NULL;
     rrset_type* rrset = NULL;
+    char* str_name = NULL;
+    char* str_type = NULL;
 
     se_log_assert(domain);
     se_log_assert(rrtype);
@@ -289,6 +291,11 @@
             rrset = (rrset_type*) node->data;
             if (rrset->rr_type != rrtype && rrset_count_RR(rrset) > 0) {
                 /* found other data next to rrtype */
+                str_name = ldns_rdf2str(domain->name);
+                str_type = ldns_rr_type2str(rrtype);
+                se_log_error("other data next to %s %s", str_name, str_type);
+                se_free((void*)str_name);
+                se_free((void*)str_type);
                 return 1;
             }
             node = ldns_rbtree_next(node);
@@ -306,6 +313,8 @@
 domain_examine_rrset_is_singleton(domain_type* domain, ldns_rr_type rrtype)
 {
     rrset_type* rrset = NULL;
+    char* str_name = NULL;
+    char* str_type = NULL;
 
     se_log_assert(domain);
     se_log_assert(rrtype);
@@ -313,6 +322,12 @@
     rrset = domain_lookup_rrset(domain, rrtype);
     if (rrset && rrset_count_RR(rrset) > 1) {
         /* multiple RRs in the RRset for singleton RRtype*/
+        str_name = ldns_rdf2str(domain->name);
+        str_type = ldns_rr_type2str(rrtype);
+        se_log_error("multiple records for singleton type at %s %s",
+            str_name, str_type);
+        se_free((void*)str_name);
+        se_free((void*)str_type);
         return 1;
     }
     return 0;
@@ -320,6 +335,59 @@
 
 
 /**
+ * Examine domain and verify if it is occluded.
+ *
+ */
+int
+domain_examine_is_occluded(domain_type* domain, ldns_rr_type rrtype)
+{
+    domain_type* parent = NULL;
+    ldns_rbnode_t* node = LDNS_RBTREE_NULL;
+    rrset_type* rrset = NULL;
+    int possible_occluded = 0;
+    char *str_name = NULL;
+    char *str_type = NULL;
+
+    se_log_assert(domain);
+
+    /* make sure all other RRsets become empty */
+    if (domain->rrsets->root != LDNS_RBTREE_NULL) {
+        node = ldns_rbtree_first(domain->rrsets);
+    }
+    while (node && node != LDNS_RBTREE_NULL) {
+        rrset = (rrset_type*) node->data;
+        if (rrset_count_RR(rrset) > 0) {
+            /* domain will have data */
+            if (rrtype != LDNS_RR_TYPE_NS ||
+                (rrset->rr_type != LDNS_RR_TYPE_A &&
+                 rrset->rr_type != LDNS_RR_TYPE_AAAA)) {
+                possible_occluded = 1;
+                break;
+            }
+        }
+        node = ldns_rbtree_next(node);
+    }
+
+    if (possible_occluded) {
+        parent = domain->parent;
+        while (parent && parent->domain_status != DOMAIN_STATUS_APEX) {
+            if (domain_lookup_rrset(parent, rrtype)) {
+                str_name = ldns_rdf2str(parent->name);
+                str_type = ldns_rr_type2str(rrtype);
+                se_log_error("data%s below %s %s",
+                    rrtype==LDNS_RR_TYPE_NS?" (non-glue)":"",
+                    str_name, str_type);
+                se_free((void*)str_name);
+                se_free((void*)str_type);
+                return 1;
+            }
+            parent = parent->parent;
+        }
+    }
+    return 0;
+}
+
+/**
  * Update domain with pending changes.
  *
  */

Modified: trunk/OpenDNSSEC/signer/src/signer/domain.h
===================================================================
--- trunk/OpenDNSSEC/signer/src/signer/domain.h	2010-10-11 09:01:28 UTC (rev 4073)
+++ trunk/OpenDNSSEC/signer/src/signer/domain.h	2010-10-11 12:19:43 UTC (rev 4074)
@@ -153,6 +153,15 @@
 int domain_examine_rrset_is_singleton(domain_type* domain, ldns_rr_type rrtype);
 
 /**
+ * Examine domain and verify that it is not occluded.
+ * \param[in] domain domain
+ * \param[in] rrtype RRtype DNAME or NS
+ * \retun 0 if the domain contains occluded data, other than glue, 1 otherwise
+ *
+ */
+int domain_examine_is_occluded(domain_type* domain, ldns_rr_type rrtype);
+
+/**
  * Update domain with pending changes.
  * \param[in] domain domain
  * \param[in] serial version to update to




More information about the Opendnssec-commits mailing list