Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2025-10-27 16:24:19 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add the nsecs for nxdomain

Browse Source
This commit is contained in:
Miek Gieben
2016-03-29 20:59:54 +01:00
parent b52ee1ab59
commit 0d4e1dcf4d
2 changed files with 4 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
middleware/file/dnssec_test.go
View File

@@ -60,16 +60,13 @@ var dnssecTestCases = []coretest.Case{
coretest.SOA("miek.nl. 1800 IN SOA linode.atoom.net. miek.miek.nl. 1282630057 14400 3600 604800 14400"), coretest.SOA("miek.nl. 1800 IN SOA linode.atoom.net. miek.miek.nl. 1282630057 14400 3600 604800 14400"),
}, },
}, },
/* HAHA nsec... shit.
// disprove *.miek.nl and that b.miek.nl does not exist
{ {
Qname: "b.miek.nl.", Qtype: dns.TypeA, Qname: "b.miek.nl.", Qtype: dns.TypeA, // Do: true, // need sorting first
Rcode: dns.RcodeNameError, Rcode: dns.RcodeNameError,
Ns: []dns.RR{ Ns: []dns.RR{
coretest.SOA("miek.nl. 1800 IN SOA linode.atoom.net. miek.miek.nl. 1282630057 14400 3600 604800 14400"), coretest.SOA("miek.nl. 1800 IN SOA linode.atoom.net. miek.miek.nl. 1282630057 14400 3600 604800 14400"),
}, },
}, },
*/
} }
func TestLookupDNSSEC(t *testing.T) { func TestLookupDNSSEC(t *testing.T) {

8
middleware/file/lookup.go
View File

@@ -1,8 +1,6 @@
package file package file
import ( import (
"fmt"
"github.com/miekg/coredns/middleware/file/tree" "github.com/miekg/coredns/middleware/file/tree"
"github.com/miekg/dns" "github.com/miekg/dns"
) )
@@ -69,14 +67,14 @@ func (z *Zone) noData(elem *tree.Elem, do bool) ([]dns.RR, []dns.RR, []dns.RR, R
} }
func (z *Zone) nameError(elem *tree.Elem, rr dns.RR, do bool) ([]dns.RR, []dns.RR, []dns.RR, Result) { func (z *Zone) nameError(elem *tree.Elem, rr dns.RR, do bool) ([]dns.RR, []dns.RR, []dns.RR, Result) {
ret := []dns.RR{} ret := []dns.RR{z.SOA}
if do { if do {
ret = append(ret, z.SIG...) ret = append(ret, z.SIG...)
// Now we need two NSEC, one to deny the wildcard and one to deny the name. // Now we need two NSEC, one to deny the wildcard and one to deny the name.
elem := z.Tree.Prev(rr) elem := z.Tree.Prev(rr)
fmt.Printf("%+v\n", elem.All()) ret = append(ret, z.lookupNSEC(elem, do))
elem = z.Tree.Prev(wildcard(rr)) elem = z.Tree.Prev(wildcard(rr))
fmt.Printf("%+v\n", elem.All()) ret = append(ret, z.lookupNSEC(elem, do))
} }
return nil, ret, nil, NameError return nil, ret, nil, NameError
} }