Skip to content

Commit

Permalink
AXFR-out rectify: don't set odername for empty non-terminals only der…
Browse files Browse the repository at this point in the history 
…ived from glue
  • Loading branch information
@mind04
mind04 committed Mar 29, 2016
1 parent fae09e0 commit 6ded341
Showing 1 changed file with 29 additions and 9 deletions.
38 changes: 29 additions & 9 deletions pdns/tcpreceiver.cc
View file
Expand Up @@ -774,32 +774,52 @@ int TCPNameserver::doAXFR(const DNSName &target, shared_ptr<DNSPacket> q, int ou
if(NSEC3Zone) {
// ents are only required for NSEC3 zones
uint32_t maxent = ::arg().asNum("max-ent-entries");
map<DNSName,bool> nonterm;
set<DNSName> nsec3set, nonterm;
for (auto &rr: rrs) {
bool skip=false;
DNSName shorter = rr.qname;
if (shorter != target && shorter.chopOff() && shorter != target) {
do {
if(nsset.count(shorter)) {
skip=true;
break;
}
} while(shorter.chopOff() && shorter != target);
}
shorter = rr.qname;
if(!skip && (rr.qtype.getCode() != QType::NS || !ns3pr.d_flags)) {
do {
if(!nsec3set.count(shorter)) {
nsec3set.insert(shorter);
}
} while(shorter != target && shorter.chopOff());
}
}

for(DNSResourceRecord &rr : rrs) {
DNSName shorter(rr.qname);
while(shorter != target && shorter.chopOff()) {
if(!qnames.count(shorter)) {
if(!qnames.count(shorter) && !nonterm.count(shorter) && nsec3set.count(shorter)) {
if(!(maxent)) {
L<<Logger::Warning<<"Zone '"<<target<<"' has too many empty non terminals."<<endl;
return 0;
}
if (!nonterm.count(shorter)) {
nonterm.insert(pair<DNSName, bool>(shorter, rr.auth));
--maxent;
} else if (rr.auth)
nonterm[shorter]=true;
nonterm.insert(shorter);
--maxent;
}
}
}

for(const auto& nt : nonterm) {
DNSResourceRecord rr;
rr.qname=nt.first;
rr.qname=nt;
rr.qtype="TYPE0";
rr.auth=(nt.second || !ns3pr.d_flags);
rr.auth=true;
rrs.push_back(rr);
}
}

DLOG(for(const auto &rr: rrs) cerr<<rr.qname.toString()<<"\t"<<rr.qtype.getName()<<"\t"<<rr.auth<<endl;);
}


Expand Down

0 comments on commit 6ded341

Please sign in to comment.