1 files changed, 84 insertions, 22 deletions
diff --git a/contrib/bind/bin/named/db_lookup.c b/contrib/bind/bin/named/db_lookup.c
index ddf17ad..400523e 100644
--- a/contrib/bind/bin/named/db_lookup.c
+++ b/contrib/bind/bin/named/db_lookup.c
@@ -1,6 +1,6 @@
 #if !defined(lint) && !defined(SABER)
-static char sccsid[] = "@(#)db_lookup.c	4.18 (Berkeley) 3/21/91";
-static char rcsid[] = "$Id: db_lookup.c,v 8.13 1998/02/13 19:52:54 halley Exp $";
+static const char sccsid[] = "@(#)db_lookup.c	4.18 (Berkeley) 3/21/91";
+static const char rcsid[] = "$Id: db_lookup.c,v 8.24 1999/10/15 19:48:58 vixie Exp $";
 #endif /* not lint */
 
 /*
@@ -57,7 +57,7 @@ static char rcsid[] = "$Id: db_lookup.c,v 8.13 1998/02/13 19:52:54 halley Exp $"
  */
 
 /*
- * Portions Copyright (c) 1996, 1997 by Internet Software Consortium.
+ * Portions Copyright (c) 1996-1999 by Internet Software Consortium.
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -82,6 +82,7 @@ static char rcsid[] = "$Id: db_lookup.c,v 8.13 1998/02/13 19:52:54 halley Exp $"
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/socket.h>
+#include <sys/un.h>
 
 #include <netinet/in.h>
 #include <arpa/nameser.h>
@@ -139,11 +140,7 @@ nlookup(const char *name, struct hashbuf **htpp,
 			break;
 		}
 
-		/* rotate left HASHSHIFT */
-		hval = (hval << HASHSHIFT) |
-			(hval>>((sizeof(hval)*8)-HASHSHIFT));
-		hval += ((isascii(c) && isupper(c)) ? tolower(c) : c)
-			& HASHMASK;
+		HASHIMILATE(hval, c);
 		if (escaped)
 			escaped = 0;
 		else if (c == '\\')
@@ -186,7 +183,7 @@ nlookup(const char *name, struct hashbuf **htpp,
 	np->n_next = htp->h_tab[hval];
 	htp->h_tab[hval] = np;
 	/* Increase hash table size. */
-	if (++htp->h_cnt > htp->h_size * 2) {
+	if (++htp->h_cnt > (htp->h_size * AVGCH_NLOOKUP)) {
 		*htpp = savehash(htp);
 		if (parent == NULL) {
 			if (htp == hashtab) {
@@ -209,12 +206,10 @@ nlookup(const char *name, struct hashbuf **htpp,
  *	This is tricky since the parent of "com" is "" and both are stored
  *	in the same hashbuf.
  * See also:
- *	the AXFR wart description in ns_req.c
+ *	the AXFR wart description in ns_axfr.c
  */
 struct namebuf *
-np_parent(np)
-	struct namebuf *np;
-{
+np_parent(struct namebuf *np) {
 	struct hashbuf *htp;
 	struct namebuf *np2;
 
@@ -228,19 +223,17 @@ np_parent(np)
 	/* Search the hash chain that np should be part of. */
 	for (np2 = htp->h_tab[np->n_hashval % htp->h_size];
 	     np2 != NULL;
-	     np2 = np2->n_next) {
-		
+	     np2 = np2->n_next)
+	{
 		if (np == np2) {	/* found it! */
 			/* "" hashes into the first bucket */
-			for (np = htp->h_tab[0]; np ; np=np->n_next) {
+			for (np = htp->h_tab[0]; np != NULL; np = np->n_next) {
 				if (NAME(*np)[0] == '\0')
 					/* found the root namebuf */
 					return (np);
 			}
-			ns_debug(ns_log_db, 1,
-				 "np_parent(0x%lx) couldn't find root entry",
-				 (u_long) np);
-			return (NULL);  /* XXX shouldn't happen */
+			/* there are no RR's with a owner name of "." yet */
+			return (NULL);
 		}
 	}
 	/* Try the hints. */
@@ -248,7 +241,7 @@ np_parent(np)
 		htp = fcachetab;
 		goto try_again;
 	}
-	ns_debug(ns_log_db, 1, "np_parent(0x%lx) couldn't namebuf",
+	ns_debug(ns_log_db, 1, "np_parent(0x%lx) couldn't find namebuf",
 		 (u_long)np);
 	return (NULL);  /* XXX shouldn't happen */
 }
@@ -263,7 +256,76 @@ int
 match(struct databuf *dp, int class, int type) {
 	if (dp->d_class != class && class != C_ANY)
 		return (0);
-	if (dp->d_type != type && type != T_ANY)
+	if (dp->d_type != type && dp->d_type != T_SIG && type != T_ANY)
+		return (0);
+	if (type != T_SIG && dp->d_type == T_SIG && SIG_COVERS(dp) != type)
 		return (0);
 	return (1);
 }
+
+/* static int
+ * nxtlower(name, dp)
+ *	Is the NXT/SIG NXT record 'lower'?
+ * return value:
+ *	boolean
+ */
+static int
+nxtlower(const char *name, struct databuf *dp) {
+	/* An NXT is a lower NXT iff the SOA bit is set in the bitmap */
+	if (dp->d_type == T_NXT) {
+		u_char *nxtbitmap = dp->d_data + strlen((char *)dp->d_data) + 1;
+		return (NS_NXT_BIT_ISSET(T_SOA, nxtbitmap) ? 1 : 0);
+	}
+	/* If it's not an NXT, it's a SIG NXT.  An NXT record must be signed
+	 * by the zone, so the signer name must be the same as the owner.
+	 */
+	return (ns_samename(name, (char *)dp->d_data + SIG_HDR_SIZE) != 1 ? 0 : 1);
+}   
+
+/* int
+ * nxtmatch(name, dp1, dp2)
+ *	Do NXT/SIG NXT records `dp1' and `dp2' belong to the same NXT set?
+ * return value:
+ *	boolean
+ */
+int
+nxtmatch(const char *name, struct databuf *dp1, struct databuf *dp2) {
+        int dp1_lower, dp2_lower;
+                
+	if (dp1->d_type != ns_t_nxt || dp2->d_type != ns_t_nxt)
+		return (0);
+        dp1_lower = nxtlower(name, dp1);
+        dp2_lower = nxtlower(name, dp2);
+        return (dp1_lower == dp2_lower); 
+}
+
+/* int
+ * rrmatch(name, dp1, dp2)
+ *	Do data records `dp1' and `dp2' match in class and type?
+ *	If both are NXTs, do they belong in the same NXT set?
+ *	If both are SIGs, do the covered types match?
+ *	If both are SIG NXTs, do the covered NXTs belong in the same set?
+ *	Why is DNSSEC so confusing?
+ * return value:
+ *	boolean
+ */
+int
+rrmatch(const char *name, struct databuf *dp1, struct databuf *dp2) {
+	if (dp1->d_class != dp2->d_class &&
+	    dp1->d_class != C_ANY && dp2->d_class != C_ANY)
+		return(0);
+	if (dp1->d_type != dp2->d_type &&
+	    dp1->d_type != T_ANY && dp2->d_type != T_ANY)
+		return(0);
+	if (dp1->d_type == T_NXT)
+		return(nxtmatch(name, dp1, dp2));
+	if (dp1->d_type != T_SIG)
+		return(1);
+	if (SIG_COVERS(dp1) == SIG_COVERS(dp2)) {
+		if (SIG_COVERS(dp1) == ns_t_nxt)
+			return(nxtmatch(name, dp1, dp2));
+		else
+			return(1);
+	}
+	return(0);
+}