"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "aggressive_nsec.cc" between
pdns-recursor-4.5.5.tar.bz2 and pdns-recursor-4.5.6.tar.bz2

About: PowerDNS - a separate release of the PowerDNS Recursor (without the authoritative nameserver).

aggressive_nsec.cc  (pdns-recursor-4.5.5.tar.bz2):aggressive_nsec.cc  (pdns-recursor-4.5.6.tar.bz2)
skipping to change at line 716 skipping to change at line 716
return false; return false;
} }
/* We have a NSEC3 proving that the wildcard does not exist. An ancestor NSE C3 would be fine here, since it does prove /* We have a NSEC3 proving that the wildcard does not exist. An ancestor NSE C3 would be fine here, since it does prove
that there is no delegation at the wildcard name (we don't insert opt-out NSEC3s into the cache). */ that there is no delegation at the wildcard name (we don't insert opt-out NSEC3s into the cache). */
res = RCode::NXDomain; res = RCode::NXDomain;
} }
addToRRSet(now, soaSet, soaSignatures, zone, doDNSSEC, ret); addToRRSet(now, soaSet, soaSignatures, zone, doDNSSEC, ret);
addRecordToRRSet(now, closestNSEC3.d_owner, QType::NSEC3, closestNSEC3.d_ttd - now, closestNSEC3.d_record, closestNSEC3.d_signatures, doDNSSEC, ret); addRecordToRRSet(now, closestNSEC3.d_owner, QType::NSEC3, closestNSEC3.d_ttd - now, closestNSEC3.d_record, closestNSEC3.d_signatures, doDNSSEC, ret);
addRecordToRRSet(now, nextCloserEntry.d_owner, QType::NSEC3, nextCloserEntry.d
_ttd - now, nextCloserEntry.d_record, nextCloserEntry.d_signatures, doDNSSEC, re /* no need to include the same NSEC3 twice */
t); if (nextCloserEntry.d_owner != closestNSEC3.d_owner) {
addRecordToRRSet(now, wcEntry.d_owner, QType::NSEC3, wcEntry.d_ttd - now, wcEn addRecordToRRSet(now, nextCloserEntry.d_owner, QType::NSEC3, nextCloserEntry
try.d_record, wcEntry.d_signatures, doDNSSEC, ret); .d_ttd - now, nextCloserEntry.d_record, nextCloserEntry.d_signatures, doDNSSEC,
ret);
}
if (wcEntry.d_owner != closestNSEC3.d_owner && wcEntry.d_owner != nextCloserEn
try.d_owner) {
addRecordToRRSet(now, wcEntry.d_owner, QType::NSEC3, wcEntry.d_ttd - now, wc
Entry.d_record, wcEntry.d_signatures, doDNSSEC, ret);
}
LOG("Found valid NSEC3s covering the requested name and type!" << endl); LOG("Found valid NSEC3s covering the requested name and type!" << endl);
++d_nsec3Hits; ++d_nsec3Hits;
return true; return true;
} }
bool AggressiveNSECCache::getDenial(time_t now, const DNSName& name, const QType & type, std::vector<DNSRecord>& ret, int& res, const ComboAddress& who, const bo ost::optional<std::string>& routingTag, bool doDNSSEC) bool AggressiveNSECCache::getDenial(time_t now, const DNSName& name, const QType & type, std::vector<DNSRecord>& ret, int& res, const ComboAddress& who, const bo ost::optional<std::string>& routingTag, bool doDNSSEC)
{ {
std::shared_ptr<ZoneEntry> zoneEntry; std::shared_ptr<ZoneEntry> zoneEntry;
if (type == QType::DS) { if (type == QType::DS) {
 End of changes. 1 change blocks. 
5 lines changed or deleted 12 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)