RRSIGs handling in zone.

Not tested yet. refs #920 @40m

RRSIGs handling in zone.
772ed425 · Lubos Slovak · 0154d3d2 · 772ed425 · 772ed425
Commit 772ed425 authored 13 years ago by Lubos Slovak
--- a/src/dnslib/zone.c
+++ b/src/dnslib/zone.c
@@ -1017,6 +1017,62 @@ int dnslib_zone_add_rrset(dnslib_zone_t *zone, dnslib_rrset_t *rrset,

 /*----------------------------------------------------------------------------*/

+int dnslib_zone_add_rrsigs(dnslib_zone_t *zone, dnslib_rrset_t *rrsigs,
+                           dnslib_rrset_t *rrset)
+{
+	if (zone == NULL || rrsigs == NULL || rrset == NULL
+	    || zone->apex == NULL || zone->apex->owner == NULL) {
+		return DNSLIB_EBADARG;
+	}
+
+	// check if the RRSet belongs to the zone
+	if (dnslib_dname_compare(dnslib_rrset_owner(rrset), zone->apex->owner)
+	    != 0
+	    && !dnslib_dname_is_subdomain(dnslib_rrset_owner(rrset),
+	                                  zone->apex->owner)) {
+		return DNSLIB_EBADZONE;
+	}
+
+	// check if the RRSIGs belong to the RRSet
+	if (dnslib_dname_compare(dnslib_rrset_owner(rrsigs),
+	                         dnslib_rrset_owner(rrset)) != 0
+	    || dnslib_rrset_rrsigs(rrset) != NULL) {
+		return DNSLIB_EBADARG;
+	}
+
+	// add all domain names from the RRSet to domain name table
+	int rc;
+
+	rc = dnslib_rrset_set_rrsigs(rrset, rrsigs);
+	if (rc != DNSLIB_EOK) {
+		debug_dnslib_dname("Failed to add RRSIGs to RRSet.\n");
+		return rc;
+	}
+
+	rc = dnslib_zone_dnames_from_rrset_to_table(zone, rrsigs,
+	                                            0, rrset->owner);
+	if (rc != DNSLIB_EOK) {
+		debug_dnslib_zone("Error saving domain names from RRSIGs to the"
+		                  " domain name table.\n The zone may be in "
+		                  "an inconsistent state.\n");
+		// WARNING: the zone is not in consistent state now - there
+		// may be domain names in it that are not inserted into the
+		// domain table
+		return rc;
+	}
+
+	// replace RRSet's owner with the node's owner (that is already in the
+	// table)
+	if (rrset->owner != rrsigs->owner) {
+		dnslib_dname_free(&rrsigs->owner);
+		rrsigs->owner = rrset->owner;
+	}
+
+	return DNSLIB_EOK;
+}
+
+/*----------------------------------------------------------------------------*/
+
 int dnslib_zone_add_nsec3_node(dnslib_zone_t *zone, dnslib_node_t *node,
                               int create_parents)
 {

--- a/src/dnslib/zone.h
+++ b/src/dnslib/zone.h
@@ -156,6 +156,9 @@ int dnslib_zone_add_rrset(dnslib_zone_t *zone, dnslib_rrset_t *rrset,
                          dnslib_node_t **node,
                          dnslib_zone_dupl_rrset_handling_t dupl);

+int dnslib_zone_add_rrsigs(dnslib_zone_t *zone, dnslib_rrset_t *rrsigs,
+                           dnslib_rrset_t *rrset);
+
 /*!
 * \brief Adds a node holding NSEC3 records to the given zone.
 *