mirror of
https://github.com/isc-projects/bind9.git
synced 2026-02-27 03:51:16 -05:00
2724. [bug] Updates to a existing node in secure zone using NSEC
were failing. [RT #20448]
This commit is contained in:
parent
3cae549ddb
commit
d2a8d00228
2 changed files with 14 additions and 8 deletions
3
CHANGES
3
CHANGES
|
|
@ -1,3 +1,6 @@
|
|||
2724. [bug] Updates to a existing node in secure zone using NSEC
|
||||
were failing. [RT #20448]
|
||||
|
||||
2723. [bug] isc_base32_totext(), isc_base32hex_totext(), and
|
||||
isc_base64_totext(), didn't always mark regions of
|
||||
memory as fully consumed after conversion. [RT #20445]
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
* PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* $Id: update.c,v 1.163 2009/10/10 23:47:58 tbox Exp $ */
|
||||
/* $Id: update.c,v 1.164 2009/10/22 01:55:55 marka Exp $ */
|
||||
|
||||
#include <config.h>
|
||||
|
||||
|
|
@ -2333,15 +2333,18 @@ update_signatures(ns_client_t *client, dns_zone_t *zone, dns_db_t *db,
|
|||
dns_rdatatype_any, 0, NULL, diff));
|
||||
} else {
|
||||
/*
|
||||
* This name is not obscured. It should have a NSEC
|
||||
* unless it is the at the origin, in which case it
|
||||
* should already exist.
|
||||
* This name is not obscured. It needs to have a
|
||||
* NSEC unless it is the at the origin, in which
|
||||
* case it should already exist if there is a complete
|
||||
* NSEC chain and if there isn't a complete NSEC chain
|
||||
* we don't want to add one as that would signal that
|
||||
* there is a complete NSEC chain.
|
||||
*/
|
||||
if (!dns_name_equal(name, dns_db_origin(db))) {
|
||||
CHECK(dns_private_chains(db, newver,
|
||||
privatetype, &flag,
|
||||
NULL));
|
||||
if (flag)
|
||||
CHECK(rrset_exists(db, newver, name,
|
||||
dns_rdatatype_nsec, 0,
|
||||
&flag));
|
||||
if (!flag)
|
||||
CHECK(add_placeholder_nsec(db, newver,
|
||||
name, diff));
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue