use of org.xbill.DNS.Name in project dim by 1and1.
the class NameTest method test_wild_abs.
public void test_wild_abs() throws TextParseException {
Name sub = Name.fromString("a.b.c.");
Name exp = Name.fromString("*.");
Name n = sub.wild(3);
assertEquals(exp, n);
}
use of org.xbill.DNS.Name in project dim by 1and1.
the class NameTest method test_fromDNAME_disjoint.
public void test_fromDNAME_disjoint() throws NameTooLongException, TextParseException {
Name own = new Name("the.owner.");
Name alias = new Name("the.alias.");
DNAMERecord dnr = new DNAMERecord(own, DClass.IN, 0xABCD, alias);
Name sub = new Name("sub.the.other");
assertNull(sub.fromDNAME(dnr));
}
use of org.xbill.DNS.Name in project dim by 1and1.
the class NameTest method test_concatenate_abs_prefix.
public void test_concatenate_abs_prefix() throws NameTooLongException, TextParseException {
Name p = Name.fromString("A.B.");
Name s = Name.fromString("c.d.");
Name e = Name.fromString("A.B.");
Name n = Name.concatenate(p, s);
assertEquals(e, n);
}
use of org.xbill.DNS.Name in project dim by 1and1.
the class ZoneVerifier method processNSECChain.
private int processNSECChain() {
int errors = 0;
NSECRecord lastNSEC = null;
for (Iterator<Map.Entry<Name, MarkRRset>> i = mNSECMap.entrySet().iterator(); i.hasNext(); ) {
// which is different.
if (lastNSEC != null) {
if (lastNSEC.getName().compareTo(lastNSEC.getNext()) >= 0) {
log.warning("NSEC for " + lastNSEC.getName() + " has next name >= owner but is not the last NSEC in the chain.");
errors++;
}
}
Map.Entry<Name, MarkRRset> entry = i.next();
Name n = entry.getKey();
MarkRRset rrset = entry.getValue();
// signed node.
if (!rrset.getMark()) {
log.warning("NSEC RR for " + n + " appears to be extra.");
errors++;
}
NSECRecord nsec = (NSECRecord) rrset.first();
// nsec map incorrectly.
if (!n.equals(nsec.getName())) {
log.warning("The NSEC in the map for name " + n + " has name " + nsec.getName());
errors++;
}
// name
if (lastNSEC == null && !n.equals(mZoneName)) {
log.warning("The first NSEC in the chain does not match the zone name: name = " + n + " zonename = " + mZoneName);
errors++;
}
// Check that the prior NSEC's next name equals this rows owner name.
if (lastNSEC != null) {
if (!lastNSEC.getNext().equals(nsec.getName())) {
log.warning("NSEC for " + lastNSEC.getName() + " does not point to the next NSEC in the chain: " + n);
errors++;
}
}
lastNSEC = nsec;
}
// the ownername should be >= next name.
if (lastNSEC.getName().compareTo(lastNSEC.getNext()) < 0) {
log.warning("The last NSEC RR in the chain did not have an owner >= next: owner = " + lastNSEC.getName() + " next = " + lastNSEC.getNext());
errors++;
}
// check to make sure it links to the first NSEC in the chain
if (!lastNSEC.getNext().equals(mZoneName)) {
log.warning("The last NSEC RR in the chain did not link to the first NSEC");
errors++;
}
return errors;
}
use of org.xbill.DNS.Name in project dim by 1and1.
the class ZoneVerifier method processNodes.
/**
* For each node, determine which RRsets should be signed, verify those, and
* determine which nodes get NSEC or NSEC3 RRs and verify those.
*/
private int processNodes() throws NoSuchAlgorithmException, TextParseException {
int errors = 0;
Name last_cut = null;
for (Map.Entry<Name, Set<Integer>> entry : mNodeMap.entrySet()) {
Name n = entry.getKey();
Set<Integer> typeset = entry.getValue();
NodeType ntype = determineNodeType(n, typeset, last_cut);
log.finest("Node " + n + " is type " + ntype);
// we can ignore glue/invalid RRs.
if (ntype == NodeType.GLUE)
continue;
// record the last zone cut if this node is a zone cut.
if (ntype == NodeType.DELEGATION || typeset.contains(Type.DNAME)) {
last_cut = n;
}
// check all of the RRsets that should be signed
for (int type : typeset) {
if (type == Type.RRSIG)
continue;
// checked separately)
if (ntype == NodeType.DELEGATION && type != Type.DS)
continue;
// otherwise, verify the RRset.
String k = key(n, type);
RRset rrset = mRRsetMap.get(k);
errors += processRRset(rrset);
}
// the only types that should be there are NS, DS and RRSIG.
if (ntype == NodeType.DELEGATION) {
typeset = cleanupDelegationTypeset(typeset);
}
switch(mDNSSECType) {
case NSEC:
// all nodes with NSEC records have NSEC and RRSIG types
typeset.add(Type.NSEC);
typeset.add(Type.RRSIG);
errors += processNSEC(n, typeset);
break;
case NSEC3:
errors += processNSEC3(n, typeset, ntype);
break;
case NSEC3_OPTOUT:
if (ntype == NodeType.NORMAL || (ntype == NodeType.DELEGATION && typeset.contains(Type.DS))) {
errors += processNSEC3(n, typeset, ntype);
}
break;
}
}
return errors;
}
Aggregations