bind/VU697164_VU915404.diff

155 lines
5.0 KiB
Diff

Index: bin/named/query.c
===================================================================
RCS file: /proj/cvs/prod/bind9/bin/named/query.c,v
retrieving revision 1.198.2.13.4.36
diff -u -r1.198.2.13.4.36 query.c
--- bin/named/query.c 11 Aug 2005 05:25:20 -0000 1.198.2.13.4.36
+++ bin/named/query.c 28 Jul 2006 03:41:15 -0000
@@ -2393,7 +2393,7 @@
is_zone = ISC_FALSE;
qtype = event->qtype;
- if (qtype == dns_rdatatype_rrsig)
+ if (qtype == dns_rdatatype_rrsig || qtype == dns_rdatatype_sig)
type = dns_rdatatype_any;
else
type = qtype;
@@ -2434,7 +2434,7 @@
/*
* If it's a SIG query, we'll iterate the node.
*/
- if (qtype == dns_rdatatype_rrsig)
+ if (qtype == dns_rdatatype_rrsig || qtype == dns_rdatatype_sig)
type = dns_rdatatype_any;
else
type = qtype;
Index: lib/dns/resolver.c
===================================================================
RCS file: /proj/cvs/prod/bind9/lib/dns/resolver.c,v
retrieving revision 1.218.2.18.4.56
diff -u -r1.218.2.18.4.56 resolver.c
--- lib/dns/resolver.c 14 Oct 2005 01:38:48 -0000 1.218.2.18.4.56
+++ lib/dns/resolver.c 28 Jul 2006 03:41:25 -0000
@@ -762,7 +762,8 @@
INSIST(result != ISC_R_SUCCESS ||
dns_rdataset_isassociated(event->rdataset) ||
fctx->type == dns_rdatatype_any ||
- fctx->type == dns_rdatatype_rrsig);
+ fctx->type == dns_rdatatype_rrsig ||
+ fctx->type == dns_rdatatype_sig);
isc_task_sendanddetach(&task, ISC_EVENT_PTR(&event));
}
@@ -3188,7 +3189,8 @@
if (hevent != NULL) {
if (!negative && !chaining &&
(fctx->type == dns_rdatatype_any ||
- fctx->type == dns_rdatatype_rrsig)) {
+ fctx->type == dns_rdatatype_rrsig ||
+ fctx->type == dns_rdatatype_sig)) {
/*
* Don't bind rdatasets; the caller
* will iterate the node.
@@ -3306,7 +3308,8 @@
if (!ISC_LIST_EMPTY(fctx->validators)) {
INSIST(!negative);
INSIST(fctx->type == dns_rdatatype_any ||
- fctx->type == dns_rdatatype_rrsig);
+ fctx->type == dns_rdatatype_rrsig ||
+ fctx->type == dns_rdatatype_sig);
/*
* Don't send a response yet - we have
* more rdatasets that still need to
@@ -3455,14 +3458,15 @@
return (result);
anodep = &event->node;
/*
- * If this is an ANY or SIG query, we're not going
- * to return any rdatasets, unless we encountered
+ * If this is an ANY, SIG or RRSIG query, we're not
+ * going to return any rdatasets, unless we encountered
* a CNAME or DNAME as "the answer". In this case,
* we're going to return DNS_R_CNAME or DNS_R_DNAME
* and we must set up the rdatasets.
*/
if ((fctx->type != dns_rdatatype_any &&
- fctx->type != dns_rdatatype_rrsig) ||
+ fctx->type != dns_rdatatype_rrsig &&
+ fctx->type != dns_rdatatype_sig) ||
(name->attributes & DNS_NAMEATTR_CHAINING) != 0) {
ardataset = event->rdataset;
asigrdataset = event->sigrdataset;
@@ -3521,7 +3525,7 @@
*/
if (secure_domain && rdataset->trust != dns_trust_glue) {
/*
- * SIGs are validated as part of validating the
+ * RRSIGs are validated as part of validating the
* type they cover.
*/
if (rdataset->type == dns_rdatatype_rrsig)
@@ -3591,7 +3595,8 @@
if (ANSWER(rdataset) && need_validation) {
if (fctx->type != dns_rdatatype_any &&
- fctx->type != dns_rdatatype_rrsig) {
+ fctx->type != dns_rdatatype_rrsig &&
+ fctx->type != dns_rdatatype_sig) {
/*
* This is The Answer. We will
* validate it, but first we cache
@@ -3763,23 +3768,28 @@
isc_result_t *eresultp)
{
isc_result_t result;
+ dns_rdataset_t rdataset;
+
+ if (ardataset == NULL) {
+ dns_rdataset_init(&rdataset);
+ ardataset = &rdataset;
+ }
result = dns_ncache_add(message, cache, node, covers, now,
maxttl, ardataset);
- if (result == DNS_R_UNCHANGED) {
+ if (result == DNS_R_UNCHANGED || result == ISC_R_SUCCESS) {
/*
- * The data in the cache are better than the negative cache
- * entry we're trying to add.
+ * If the cache now contains a negative entry and we
+ * care about whether it is DNS_R_NCACHENXDOMAIN or
+ * DNS_R_NCACHENXRRSET then extract it.
*/
- if (ardataset != NULL && ardataset->type == 0) {
+ if (ardataset->type == 0) {
/*
- * The cache data is also a negative cache
- * entry.
+ * The cache data is a negative cache entry.
*/
if (NXDOMAIN(ardataset))
*eresultp = DNS_R_NCACHENXDOMAIN;
else
*eresultp = DNS_R_NCACHENXRRSET;
- result = ISC_R_SUCCESS;
} else {
/*
* Either we don't care about the nature of the
@@ -3791,14 +3801,11 @@
* XXXRTH There's a CNAME/DNAME problem here.
*/
*eresultp = ISC_R_SUCCESS;
- result = ISC_R_SUCCESS;
}
- } else if (result == ISC_R_SUCCESS) {
- if (NXDOMAIN(ardataset))
- *eresultp = DNS_R_NCACHENXDOMAIN;
- else
- *eresultp = DNS_R_NCACHENXRRSET;
+ result = ISC_R_SUCCESS;
}
+ if (ardataset == &rdataset && dns_rdataset_isassociated(ardataset))
+ dns_rdataset_disassociate(ardataset);
return (result);
}