Commit e00d6c1a authored by Vladimír Čunát's avatar Vladimír Čunát

.

Root zone features seem usable now.
parent 95430fbd
This diff is collapsed.
......@@ -219,6 +219,7 @@ static int txn_curs_get(struct lmdb_env *env, MDB_cursor **curs)
ret = mdb_cursor_open(txn, env->dbi, &env->txn.ro_curs);
}
if (ret) return ret;
env->txn.ro_curs_active = true;
success:
assert(env->txn.ro_curs_active && env->txn.ro && env->txn.ro_active
&& !env->txn.rw);
......
......@@ -316,10 +316,12 @@ static uint8_t get_initial_rank(const knot_rrset_t *rr, const struct kr_query *q
uint16_t type = kr_rrset_type_maysig(rr);
if (qry->flags.CACHED) {
assert(rr->additional); // FIXME TMP
return rr->additional ? *(uint8_t *)rr->additional : KR_RANK_OMIT;
/* ^^ Current use case for "cached" RRs without rank: hints module. */
}
if (answer || type == KNOT_RRTYPE_DS
|| type == KNOT_RRTYPE_SOA /* needed for aggressive negative caching */
|| type == KNOT_RRTYPE_NSEC || type == KNOT_RRTYPE_NSEC3) {
return KR_RANK_INITIAL | KR_RANK_AUTH;
}
......
......@@ -596,6 +596,7 @@ static int answer_finalize(struct kr_request *request, int state)
* Be conservative. Primary approach: check ranks of all RRs in wire.
* Only "negative answers" need special handling. */
bool secure = (last != NULL); /* suspicious otherwise */
VERBOSE_MSG(NULL, "AD: secure (start)\n");
if (last && (last->flags.STUB)) {
secure = false; /* don't trust forwarding for now */
}
......@@ -617,6 +618,7 @@ static int answer_finalize(struct kr_request *request, int state)
}
}
VERBOSE_MSG(NULL, "AD: secure (between ANS and AUTH)\n");
/* Write authority records. */
if (answer->current < KNOT_AUTHORITY) {
knot_pkt_begin(answer, KNOT_AUTHORITY);
......@@ -643,6 +645,7 @@ static int answer_finalize(struct kr_request *request, int state)
/* AD: "negative answers" need more handling. */
if (last && secure) {
VERBOSE_MSG(NULL, "AD: secure (1)\n");
if (kr_response_classify(answer) != PKT_NOERROR
/* Additionally check for CNAME chains that "end in NODATA",
* as those would also be PKT_NOERROR. */
......
......@@ -799,6 +799,31 @@ void kr_qry_print(const struct kr_query *qry, const char *prefix, const char *po
int knot_dname_lf2wire(knot_dname_t *dst, uint8_t len, const uint8_t *lf)
{
//FIXME
assert(false);
bool ok = dst && (len == 0 || lf);
if (!ok) {
assert(false);
return kr_error(EINVAL);
}
if (lf[len]) /* we allow the final zero byte to be omitted */
++len;
int label_end = len; /* index of the zero byte after the current label */
while (label_end >= 0) {
/* find label_start */
int i = len - 1;
while (i >= 0 && lf[i])
--i;
int label_start = i + 1; /* index of the first byte of the current label */
int label_len = label_end - label_start;
if (label_len > 63 || label_len == 0)
return kr_error(EILSEQ);
/* write the label */
*dst = label_len;
++dst;
memcpy(dst, lf + label_start, label_len);
dst += label_len;
/* next label */
label_end = i;
}
*dst = 0; /* the final zero */
return kr_ok();
}
......@@ -292,7 +292,18 @@ static inline uint16_t kr_rrset_type_maysig(const knot_rrset_t *rr)
/** Convert name from lookup format to wire. See knot_dname_lf
*
* \note len bytes are read and len+1 are written.
* \note len bytes are read and len+1 are written with *normal* LF,
* but it's also allowed that the final zero byte is omitted in LF.
* \return error code
*/
int knot_dname_lf2wire(knot_dname_t *dst, uint8_t len, const uint8_t *lf);
/** Patched knot_dname_lf. LF for "." has length zero instead of one, for consistency.
*/
static inline int kr_dname_lf(uint8_t *dst, const knot_dname_t *src, const uint8_t *pkt)
{
int ret = knot_dname_lf(dst, src, pkt);
if (!ret && dst[0] == 1)
dst[0] = 0;
return ret;
};
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment