From: Kees Monshouwer <mind04@monshouwer.org>
Date: Thu, 30 Apr 2015 16:30:09 +0000 (+0200)
Subject: import bindbackend rectify code from master
X-Git-Tag: auth-3.3.2~2^2~14
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3a36a1c90291ae4f20349d22d307338add334fc4;p=pdns

import bindbackend rectify code from master
---

diff --git a/pdns/backends/bind/bindbackend2.cc b/pdns/backends/bind/bindbackend2.cc
index 71e5bec79..a2b5f758d 100644
--- a/pdns/backends/bind/bindbackend2.cc
+++ b/pdns/backends/bind/bindbackend2.cc
@@ -411,7 +411,7 @@ static string canonic(string ret)
 /** THIS IS AN INTERNAL FUNCTION! It does moadnsparser prio impedence matching
     This function adds a record to a domain with a certain id. 
     Much of the complication is due to the efforts to benefit from std::string reference counting copy on write semantics */
-void Bind2Backend::insert(shared_ptr<State> stage, int id, const string &qnameu, const QType &qtype, const string &content, int ttl, int prio, const std::string& hashed)
+void Bind2Backend::insert(shared_ptr<State> stage, int id, const string &qnameu, const QType &qtype, const string &content, int ttl, int prio, const std::string& hashed, bool *auth)
 {
   BB2DomainInfo bb2 = stage->id_zone_map[id];
   Bind2DNSRecord bdr;
@@ -443,7 +443,9 @@ void Bind2Backend::insert(shared_ptr<State> stage, int id, const string &qnameu,
   bdr.nsec3hash = hashed;
   // cerr<<"qname '"<<bdr.qname<<"' nsec3hash '"<<hashed<<"' qtype '"<<qtype.getName()<<"'"<<endl;
   
-  if (!qtype.getCode()) // Set auth on empty non-terminals
+  if (auth) // Set auth on empty non-terminals
+    bdr.auth=*auth;
+  else
     bdr.auth=true;
 
   if(bdr.qtype == QType::MX || bdr.qtype == QType::SRV) { 
@@ -597,19 +599,23 @@ void Bind2Backend::doEmptyNonTerminals(shared_ptr<State> stage, int id, bool nse
 {
   BB2DomainInfo bb2 = stage->id_zone_map[id];
 
-  bool doent=true;
-  set<string> qnames, nonterm;
-  string qname, shorter, hashed;
+  bool auth, doent=true;
+  set<string> qnames;
+  map<string, bool> nonterm;
+  string shorter, hashed;
 
   uint32_t maxent = ::arg().asNum("max-ent-entries");
 
   BOOST_FOREACH(const Bind2DNSRecord& bdr, *bb2.d_records)
-    if (bdr.auth && (bdr.qtype != QType::RRSIG))
-      qnames.insert(labelReverse(bdr.qname));
+    qnames.insert(labelReverse(bdr.qname));
 
-  BOOST_FOREACH(const string& qname, qnames)
-  {
-    shorter=qname;
+  BOOST_FOREACH(const Bind2DNSRecord& bdr, *bb2.d_records) {
+    shorter=labelReverse(bdr.qname);
+
+    if (!bdr.auth && bdr.qtype == QType::NS)
+      auth=(!nsec3zone || !ns3pr.d_flags);
+    else
+      auth=bdr.auth;
 
     while(chopOff(shorter))
     {
@@ -617,12 +623,17 @@ void Bind2Backend::doEmptyNonTerminals(shared_ptr<State> stage, int id, bool nse
       {
         if(!(maxent))
         {
-          L<<Logger::Error<<"Zone '"<<bb2.d_name<<"' has too many empty non terminals."<<endl;
+          if(!::arg().asNum("max-ent-entries"))
+            L<<Logger::Error<<"Zone '"<<bb2.d_name<<"' has too many empty non terminals."<<endl;
           doent=false;
           break;
         }
-        nonterm.insert(shorter);
-        --maxent;
+
+        if (!nonterm.count(shorter)) {
+          nonterm.insert(pair<string, bool>(shorter, auth));
+          --maxent;
+        } else if (auth)
+          nonterm[shorter]=true;
       }
     }
     if(!doent)
@@ -634,12 +645,13 @@ void Bind2Backend::doEmptyNonTerminals(shared_ptr<State> stage, int id, bool nse
   rr.content="";
   rr.ttl=0;
   rr.priority=0;
-  BOOST_FOREACH(const string& qname, nonterm)
+  pair<string, bool> nt;
+  BOOST_FOREACH(nt, nonterm)
   {
-    rr.qname=qname+"."+bb2.d_name+".";
+    rr.qname=nt.first+"."+bb2.d_name+".";
     if(nsec3zone)
       hashed=toLower(toBase32Hex(hashQNameWithSalt(ns3pr.d_iterations, ns3pr.d_salt, rr.qname)));
-    insert(stage, id, rr.qname, rr.qtype, rr.content, rr.ttl, rr.priority, hashed);
+    insert(stage, id, rr.qname, rr.qtype, rr.content, rr.ttl, rr.priority, hashed, &nt.second);
   }
 }
 
diff --git a/pdns/backends/bind/bindbackend2.hh b/pdns/backends/bind/bindbackend2.hh
index 87559bf83..33c0e3644 100644
--- a/pdns/backends/bind/bindbackend2.hh
+++ b/pdns/backends/bind/bindbackend2.hh
@@ -170,7 +170,7 @@ public:
     id_zone_map_t id_zone_map;
   };
 
-  static void insert(shared_ptr<State> stage, int id, const string &qname, const QType &qtype, const string &content, int ttl=300, int prio=25, const std::string& hashed=string());  
+  static void insert(shared_ptr<State> stage, int id, const string &qname, const QType &qtype, const string &content, int ttl=300, int prio=25, const std::string& hashed=string(), bool *auth=0);
   void rediscover(string *status=0);
 
   bool isMaster(const string &name, const string &ip);