Commit 14091efe authored by Marek Vavrusa's avatar Marek Vavrusa
Browse files

lib/dnssec: new nsec3 test, cleanup

parent 811fc2e7
...@@ -580,47 +580,6 @@ static int no_data_response_no_ds(const knot_pkt_t *pkt, knot_section_t section_ ...@@ -580,47 +580,6 @@ static int no_data_response_no_ds(const knot_pkt_t *pkt, knot_section_t section_
return kr_error(ENOENT); return kr_error(ENOENT);
} }
/**
* No data response check, DS (RFC5155 7.2.4, 2nd paragraph).
* @param pkt Packet structure to be processed.
* @param section_id Packet section to be processed.
* @param sname Name to be checked.
* @param stype Type to be checked.
* @return 0 or error code.
*/
static int no_data_response_ds(const knot_pkt_t *pkt, knot_section_t section_id,
const knot_dname_t *sname, uint16_t stype)
{
assert(pkt && sname);
if (stype != KNOT_RRTYPE_DS) {
return kr_error(EINVAL);
}
const knot_rrset_t *covering_nsec3 = NULL;
int ret = closest_encloser_proof(pkt, section_id, sname, NULL, NULL, &covering_nsec3);
if (ret != 0) {
return ret;
}
if (has_optout(covering_nsec3)) {
return kr_ok();
}
return kr_error(ENOENT);
}
int kr_nsec3_no_data_response_check(const knot_pkt_t *pkt, knot_section_t section_id,
const knot_dname_t *sname, uint16_t stype)
{
/* DS record may be matched by an existing NSEC3 RR. */
int ret = no_data_response_no_ds(pkt, section_id, sname, stype);
if ((ret == 0) || (stype != KNOT_RRTYPE_DS)) {
return ret;
}
/* Closest provable encloser proof must be performed else. */
return no_data_response_ds(pkt, section_id, sname, stype);
}
/** /**
* Check whether NSEC3 RR matches a wildcard at the closest encloser and has given type bit missing. * Check whether NSEC3 RR matches a wildcard at the closest encloser and has given type bit missing.
* @param pkt Packet structure to be processed. * @param pkt Packet structure to be processed.
...@@ -668,17 +627,6 @@ static int matches_closest_encloser_wildcard(const knot_pkt_t *pkt, knot_section ...@@ -668,17 +627,6 @@ static int matches_closest_encloser_wildcard(const knot_pkt_t *pkt, knot_section
return kr_error(ENOENT); return kr_error(ENOENT);
} }
int kr_nsec3_wildcard_no_data_response_check(const knot_pkt_t *pkt, knot_section_t section_id,
const knot_dname_t *sname, uint16_t stype)
{
const knot_dname_t *encloser = NULL;
int ret = closest_encloser_proof(pkt, section_id, sname, &encloser, NULL, NULL);
if (ret != 0) {
return ret;
}
return matches_closest_encloser_wildcard(pkt, section_id, encloser, stype);
}
int kr_nsec3_wildcard_answer_response_check(const knot_pkt_t *pkt, knot_section_t section_id, int kr_nsec3_wildcard_answer_response_check(const knot_pkt_t *pkt, knot_section_t section_id,
const knot_dname_t *sname, int trim_to_next) const knot_dname_t *sname, int trim_to_next)
{ {
......
...@@ -29,28 +29,6 @@ ...@@ -29,28 +29,6 @@
int kr_nsec3_name_error_response_check(const knot_pkt_t *pkt, knot_section_t section_id, int kr_nsec3_name_error_response_check(const knot_pkt_t *pkt, knot_section_t section_id,
const knot_dname_t *sname); const knot_dname_t *sname);
/**
* No data response check (RFC5155 7.2.3 and 7.2.4).
* @param pkt Packet structure to be processed.
* @param section_id Packet section to be processed.
* @param sname Name to be checked.
* @param stype Type to be checked.
* @return 0 or error code.
*/
int kr_nsec3_no_data_response_check(const knot_pkt_t *pkt, knot_section_t section_id,
const knot_dname_t *sname, uint16_t stype);
/**
* Wildcard no data response check (RFC5155 7.2.5).
* @param pkt Packet structure to be processed.
* @param section_id Packet section to be processed.
* @param sname Name to be checked.
* @param stype Type to be checked.
* @return 0 or error code.
*/
int kr_nsec3_wildcard_no_data_response_check(const knot_pkt_t *pkt, knot_section_t section_id,
const knot_dname_t *sname, uint16_t stype);
/** /**
* Wildcard answer response check (RFC5155 7.2.6). * Wildcard answer response check (RFC5155 7.2.6).
* @param pkt Packet structure to be processed. * @param pkt Packet structure to be processed.
......
deckard @ 7d8a8ce6
Subproject commit fde15bac843c7682dab2eb492dca9d310fb17352 Subproject commit 7d8a8ce66e41c4ffa2ebf1edc3839494873855c1
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment