Skip to content
Browse files

Mark NSEC3-only names for NSEC3 validation.

  • Loading branch information...
1 parent e3fbb1b commit db6009697154f01620b1dd0d1b60b783f6b1f33d @tobez committed May 11, 2011
Showing with 10 additions and 0 deletions.
  1. +9 −0 rr.c
  2. +1 −0 rr.h
View
9 rr.c
@@ -468,6 +468,8 @@ void validate_named_rr(struct named_rr *named_rr)
{
Word_t rdtype;
struct rr_set **rr_set_p;
+ int nsec3_present = 0;
+ int nsec3_only = 1;
if (named_rr->parent && (named_rr->parent->flags & NAME_FLAG_DELEGATION) != 0) {
named_rr->flags |= NAME_FLAG_NOT_AUTHORITATIVE;
@@ -479,8 +481,15 @@ void validate_named_rr(struct named_rr *named_rr)
JLF(rr_set_p, named_rr->rr_sets, rdtype);
while (rr_set_p) {
validate_rrset(*rr_set_p);
+ if (rdtype == T_NSEC3)
+ nsec3_present = 1;
+ else if (rdtype != T_RRSIG)
+ nsec3_only = 0;
JLN(rr_set_p, named_rr->rr_sets, rdtype);
}
+ if (nsec3_present && nsec3_only) {
+ named_rr->flags |= NAME_FLAG_NSEC3_ONLY;
+ }
}
void validate_zone(void)
View
1 rr.h
@@ -80,6 +80,7 @@ int extract_algorithm(char **s, char *what);
#define NAME_FLAG_HAS_RECORDS 2
#define NAME_FLAG_DELEGATION 4
#define NAME_FLAG_NOT_AUTHORITATIVE 8
+#define NAME_FLAG_NSEC3_ONLY 16
struct named_rr
{

0 comments on commit db60096

Please sign in to comment.
Something went wrong with that request. Please try again.