15920880335

Committed 26 Jun 2025 03:30PM UTC coverage: 61.923% (-3.7%) from 65.652%

Build # 15920880335

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #15669 from miodvallat/serial_keyer

Increase zone serial number after zone key operations

Run Details

38311 of 91850 branches covered (41.71%)

Branch coverage included in aggregate %.

27 of 29 new or added lines in 1 file covered. (93.1%)

6308 existing lines in 78 files now uncovered.

120482 of 164587 relevant lines covered (73.2%)

5965233.22 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

48.0

/pdns/zonemd.hh

/*
 * This file is part of PowerDNS or dnsdist.
 * Copyright -- PowerDNS.COM B.V. and its contributors
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of version 2 of the GNU General Public License as
 * published by the Free Software Foundation.
 *
 * In addition, for the avoidance of any doubt, permission is granted to
 * link this program with OpenSSL and to (re)distribute the binaries
 * produced as the result of such linking.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 */
#pragma once

#ifdef HAVE_CONFIG_H
#include "config.h"
#endif

#include "dnsname.hh"
#include "qtype.hh"
#include "dnsrecords.hh"
#include "validate.hh"

class ZoneParserTNG;

namespace pdns
{
class ZoneMD
{
public:
  enum class Config : uint8_t
  {
    Ignore,
    Validate,
    Require
  };
  enum class Result : uint8_t
  {
    OK,
    NoValidationDone,
    ValidationFailure
  };

  ZoneMD(ZoneName zone) :
    d_zone(std::move(zone))
  {}
  void readRecords(ZoneParserTNG& zpt);
  void readRecords(const std::vector<DNSRecord>& records);
  void readRecord(const DNSRecord& record);
  void processRecord(const DNSRecord& record);
  void verify(bool& validationDone, bool& validationOK);

  // Return the zone's apex DNSKEYs
  [[nodiscard]] const std::set<shared_ptr<const DNSKEYRecordContent>>& getDNSKEYs() const
  {
    return d_dnskeys;
  }

  // Return the zone's apex RRSIGs
  [[nodiscard]] const std::vector<shared_ptr<const RRSIGRecordContent>>& getRRSIGs(QType requestedType)
  {
    if (d_rrsigs.count(requestedType) == 0) {
      d_rrsigs[requestedType] = {};
    }
    return d_rrsigs[requestedType];
  }

  // Return the zone's apex ZONEMDs
  [[nodiscard]] std::vector<shared_ptr<const ZONEMDRecordContent>> getZONEMDs() const
  {
    std::vector<shared_ptr<const ZONEMDRecordContent>> ret;
    ret.reserve(d_zonemdRecords.size());
    for (const auto& zonemd : d_zonemdRecords) {
      ret.emplace_back(zonemd.second.record);
    }
    return ret;
  }

  // Return the zone's apex NSECs with signatures
  [[nodiscard]] const ContentSigPair& getNSECs() const
  {
    return d_nsecs;
  }

  // Return the zone's apex NSEC3s with signatures
  [[nodiscard]] const ContentSigPair& getNSEC3s() const
  {
    const auto item = d_nsec3s.find(d_nsec3label);
    return item == d_nsec3s.end() ? empty : d_nsec3s.at(d_nsec3label);
  }

  [[nodiscard]] const DNSName& getNSEC3Label() const
  {
    return d_nsec3label;
  }

  [[nodiscard]] const std::vector<shared_ptr<const NSEC3PARAMRecordContent>>& getNSEC3Params() const
  {
    return d_nsec3params;
  }

private:
  using RRSetKey_t = std::pair<DNSName, QType>;
  using RRVector_t = std::vector<std::shared_ptr<const DNSRecordContent>>;

  struct CanonRRSetKeyCompare
  {
    bool operator()(const RRSetKey_t& lhs, const RRSetKey_t& rhs) const
    {
      // FIXME surely we can be smarter here
      if (lhs.first.canonCompare(rhs.first)) {
        return true;
      }
      if (rhs.first.canonCompare(lhs.first)) {
        return false;
      }
      return lhs.second < rhs.second;
    }
  };

  using RRSetMap_t = std::map<RRSetKey_t, RRVector_t, CanonRRSetKeyCompare>;

  struct ZoneMDAndDuplicateFlag
  {
    const std::shared_ptr<const ZONEMDRecordContent> record;
    bool duplicate;
  };

  // scheme,hashalgo -> zonemdrecord,duplicate
  std::map<pair<uint8_t, uint8_t>, ZoneMDAndDuplicateFlag> d_zonemdRecords;

  RRSetMap_t d_resourceRecordSets;
  std::map<RRSetKey_t, uint32_t> d_resourceRecordSetTTLs;

  std::shared_ptr<const SOARecordContent> d_soaRecordContent;
  std::set<shared_ptr<const DNSKEYRecordContent>> d_dnskeys;
  std::map<QType, std::vector<shared_ptr<const RRSIGRecordContent>>> d_rrsigs;
  std::vector<shared_ptr<const NSEC3PARAMRecordContent>> d_nsec3params;
  ContentSigPair d_nsecs;
  map<DNSName, ContentSigPair> d_nsec3s;
  DNSName d_nsec3label;
  const ZoneName d_zone;
  const ContentSigPair empty;
};

}

1	/*
2	* This file is part of PowerDNS or dnsdist.
3	* Copyright -- PowerDNS.COM B.V. and its contributors
4	*
5	* This program is free software; you can redistribute it and/or modify
6	* it under the terms of version 2 of the GNU General Public License as
7	* published by the Free Software Foundation.
8	*
9	* In addition, for the avoidance of any doubt, permission is granted to
10	* link this program with OpenSSL and to (re)distribute the binaries
11	* produced as the result of such linking.
12	*
13	* This program is distributed in the hope that it will be useful,
14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16	* GNU General Public License for more details.
17	*
18	* You should have received a copy of the GNU General Public License
19	* along with this program; if not, write to the Free Software
20	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21	*/
22	#pragma once
23
24	#ifdef HAVE_CONFIG_H
25	#include "config.h"
26	#endif
27
28	#include "dnsname.hh"
29	#include "qtype.hh"
30	#include "dnsrecords.hh"
31	#include "validate.hh"
32
33	class ZoneParserTNG;
34
35	namespace pdns
36	{
37	class ZoneMD
38	{
39	public:
40	enum class Config : uint8_t
41	{
42	Ignore,
43	Validate,
44	Require
45	};
46	enum class Result : uint8_t
47	{
48	OK,
49	NoValidationDone,
50	ValidationFailure
51	};
52
53	ZoneMD(ZoneName zone) :
54	d_zone(std::move(zone))
55	{}	41✔
56	void readRecords(ZoneParserTNG& zpt);
57	void readRecords(const std::vector<DNSRecord>& records);
58	void readRecord(const DNSRecord& record);
59	void processRecord(const DNSRecord& record);
60	void verify(bool& validationDone, bool& validationOK);
61
62	// Return the zone's apex DNSKEYs
63	[[nodiscard]] const std::set<shared_ptr<const DNSKEYRecordContent>>& getDNSKEYs() const
64	{	8✔
65	return d_dnskeys;	8✔
66	}	8✔
67
68	// Return the zone's apex RRSIGs
69	[[nodiscard]] const std::vector<shared_ptr<const RRSIGRecordContent>>& getRRSIGs(QType requestedType)
70	{	2✔
71	if (d_rrsigs.count(requestedType) == 0) {	2!
72	d_rrsigs[requestedType] = {};	2✔
73	}	2✔
74	return d_rrsigs[requestedType];	2✔
75	}	2✔
76
77	// Return the zone's apex ZONEMDs
78	[[nodiscard]] std::vector<shared_ptr<const ZONEMDRecordContent>> getZONEMDs() const
UNCOV 79	{	×
UNCOV 80	std::vector<shared_ptr<const ZONEMDRecordContent>> ret;	×
UNCOV 81	ret.reserve(d_zonemdRecords.size());	×
UNCOV 82	for (const auto& zonemd : d_zonemdRecords) {	×
UNCOV 83	ret.emplace_back(zonemd.second.record);	×
UNCOV 84	}	×
UNCOV 85	return ret;	×
UNCOV 86	}	×
87
88	// Return the zone's apex NSECs with signatures
89	[[nodiscard]] const ContentSigPair& getNSECs() const
90	{	×
91	return d_nsecs;	×
92	}	×
93
94	// Return the zone's apex NSEC3s with signatures
95	[[nodiscard]] const ContentSigPair& getNSEC3s() const
96	{	×
97	const auto item = d_nsec3s.find(d_nsec3label);	×
98	return item == d_nsec3s.end() ? empty : d_nsec3s.at(d_nsec3label);	×
99	}	×
100
101	[[nodiscard]] const DNSName& getNSEC3Label() const
102	{	×
103	return d_nsec3label;	×
104	}	×
105
106	[[nodiscard]] const std::vector<shared_ptr<const NSEC3PARAMRecordContent>>& getNSEC3Params() const
107	{	×
108	return d_nsec3params;	×
109	}	×
110
111	private:
112	using RRSetKey_t = std::pair<DNSName, QType>;
113	using RRVector_t = std::vector<std::shared_ptr<const DNSRecordContent>>;
114
115	struct CanonRRSetKeyCompare
116	{
117	bool operator()(const RRSetKey_t& lhs, const RRSetKey_t& rhs) const
118	{	3,616✔
119	// FIXME surely we can be smarter here
120	if (lhs.first.canonCompare(rhs.first)) {	3,616✔
121	return true;	1,715✔
122	}	1,715✔
123	if (rhs.first.canonCompare(lhs.first)) {	1,901✔
124	return false;	222✔
125	}	222✔
126	return lhs.second < rhs.second;	1,679✔
127	}	1,901✔
128	};
129
130	using RRSetMap_t = std::map<RRSetKey_t, RRVector_t, CanonRRSetKeyCompare>;
131
132	struct ZoneMDAndDuplicateFlag
133	{
134	const std::shared_ptr<const ZONEMDRecordContent> record;
135	bool duplicate;
136	};
137
138	// scheme,hashalgo -> zonemdrecord,duplicate
139	std::map<pair<uint8_t, uint8_t>, ZoneMDAndDuplicateFlag> d_zonemdRecords;
140
141	RRSetMap_t d_resourceRecordSets;
142	std::map<RRSetKey_t, uint32_t> d_resourceRecordSetTTLs;
143
144	std::shared_ptr<const SOARecordContent> d_soaRecordContent;
145	std::set<shared_ptr<const DNSKEYRecordContent>> d_dnskeys;
146	std::map<QType, std::vector<shared_ptr<const RRSIGRecordContent>>> d_rrsigs;
147	std::vector<shared_ptr<const NSEC3PARAMRecordContent>> d_nsec3params;
148	ContentSigPair d_nsecs;
149	map<DNSName, ContentSigPair> d_nsec3s;
150	DNSName d_nsec3label;
151	const ZoneName d_zone;
152	const ContentSigPair empty;
153	};
154
155	}

PowerDNS / pdns / 15920880335

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous