]> granicus.if.org Git - pdns/commitdiff
auth-api: refactor checks of RRsets types while importing them
authorCharles-Henri Bruyand <charles-henri.bruyand@open-xchange.com>
Thu, 17 May 2018 09:36:55 +0000 (11:36 +0200)
committerPieter Lexis <pieter.lexis@powerdns.com>
Wed, 23 May 2018 10:33:22 +0000 (12:33 +0200)
(cherry picked from commit 24ded6cc4f4d13be7ec257e20cd12829f7866890)

pdns/ws-auth.cc

index 052ff362a06170d65126286a76e31c85b03c3250..47fdefd7bf2c425cbb9134f796305f6938e91f16 100644 (file)
@@ -457,6 +457,12 @@ void productServerStatisticsFetch(map<string,string>& out)
   out["uptime"] = std::to_string(time(0) - s_starttime);
 }
 
+static void validateGatheredRRType(const DNSResourceRecord& rr) {
+  if (rr.qtype.getCode() == QType::OPT || rr.qtype.getCode() == QType::TSIG) {
+    throw ApiException("RRset "+rr.qname.toString()+" IN "+rr.qtype.getName()+": invalid type given");
+  }
+}
+
 static void gatherRecords(const Json container, const DNSName& qname, const QType qtype, const int ttl, vector<DNSResourceRecord>& new_records, vector<DNSResourceRecord>& new_ptrs) {
   UeberBackend B;
   DNSResourceRecord rr;
@@ -464,6 +470,8 @@ static void gatherRecords(const Json container, const DNSName& qname, const QTyp
   rr.qtype = qtype;
   rr.auth = 1;
   rr.ttl = ttl;
+
+  validateGatheredRRType(rr);
   for(auto record : container["records"].array_items()) {
     string content = stringFromJson(record, "content");
     rr.disabled = boolFromJson(record, "disabled");
@@ -1181,6 +1189,7 @@ static void gatherRecordsFromZone(const std::string& zonestring, vector<DNSResou
         continue;
       if(rr.qtype.getCode() == QType::SOA)
         seenSOA=true;
+      validateGatheredRRType(rr);
 
       new_records.push_back(rr);
     }
@@ -1658,10 +1667,6 @@ static void patchZone(HttpRequest* req, HttpResponse* resp) {
         if (!qname.isPartOf(zonename) && qname != zonename)
           throw ApiException("RRset "+qname.toString()+" IN "+qtype.getName()+": Name is out of zone");
 
-        if (qtype.getCode() == QType::OPT || qtype.getCode() == QType::TSIG) {
-          throw ApiException("RRset "+qname.toString()+" IN "+stringFromJson(rrset, "type")+": invalid type given");
-        }
-
         bool replace_records = rrset["records"].is_array();
         bool replace_comments = rrset["comments"].is_array();