/** test with several anchors */ static void test_anchors(sldns_buffer* buff, struct val_anchors* a) { struct trust_anchor* ta; uint16_t c = LDNS_RR_CLASS_IN; unit_assert(anchor_store_str(a, buff, "labs.nl. DS 42860 5 1 14D739EB566D2B1A5E216A0BA4D17FA9B038BE4A")); unit_assert(anchors_lookup(a, (uint8_t*)"\000", 1, c) == NULL); unit_assert(anchors_lookup(a, (uint8_t*)"\003com\000", 5, c) == NULL); unit_assert(anchors_lookup(a, (uint8_t*)"\007example\003com\000", 11, c) == NULL); unit_assert(ta = anchors_lookup(a, (uint8_t*)"\002nl\000", 4, c)); unit_assert(query_dname_compare(ta->name, (uint8_t*)"\002nl\000")==0); lock_basic_unlock(&ta->lock); unit_assert(ta = anchors_lookup(a, (uint8_t*)"\004labs\002nl\000", 9, c)); unit_assert(query_dname_compare(ta->name, (uint8_t*)"\004labs\002nl\000") == 0); lock_basic_unlock(&ta->lock); unit_assert(ta = anchors_lookup(a, (uint8_t*)"\004fabs\002nl\000", 9, c)); unit_assert(query_dname_compare(ta->name, (uint8_t*)"\002nl\000") == 0); lock_basic_unlock(&ta->lock); unit_assert(anchors_lookup(a, (uint8_t*)"\002oo\000", 4, c) == NULL); }
/** check no anchor and unlock */ static int check_no_anchor(struct val_anchors* anchors, uint8_t* nm, size_t l, uint16_t c) { struct trust_anchor* ta; if((ta=anchors_lookup(anchors, nm, l, c))) { lock_basic_unlock(&ta->lock); } return !ta; }
/** test empty set */ static void test_anchor_empty(struct val_anchors* a) { uint16_t c = LDNS_RR_CLASS_IN; unit_assert(anchors_lookup(a, (uint8_t*)"\000", 1, c) == NULL); unit_assert(anchors_lookup(a, (uint8_t*)"\003com\000", 5, c) == NULL); unit_assert(anchors_lookup(a, (uint8_t*)"\007example\003com\000", 11, c) == NULL); unit_assert(anchors_lookup(a, (uint8_t*)"\002nl\000", 4, c) == NULL); unit_assert(anchors_lookup(a, (uint8_t*)"\004labs\002nl\000", 9, c) == NULL); unit_assert(anchors_lookup(a, (uint8_t*)"\004fabs\002nl\000", 9, c) == NULL); }
int iter_indicates_dnssec_fwd(struct module_env* env, struct query_info *qinfo) { struct trust_anchor* a; if(!env || !env->anchors || !qinfo || !qinfo->qname) return 0; /* a trust anchor exists above the name? */ if((a=anchors_lookup(env->anchors, qinfo->qname, qinfo->qname_len, qinfo->qclass))) { if(a->numDS == 0 && a->numDNSKEY == 0) { /* insecure trust point */ lock_basic_unlock(&a->lock); return 0; } lock_basic_unlock(&a->lock); return 1; } /* no trust anchor above it. */ return 0; }