]> granicus.if.org Git - pdns/commitdiff
projects / pdns / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b925384)
give a better error on trying to add nsec3 parameters to a weird zone like "1 0 1...
authorbert hubert <bert.hubert@netherlabs.nl>
Fri, 24 May 2013 14:00:44 +0000 (16:00 +0200)
committerbert hubert <bert.hubert@netherlabs.nl>
Fri, 24 May 2013 14:00:44 +0000 (16:00 +0200)
Fixes #800.

pdns/pdnssec.cc patch | blob | history

diff --git a/pdns/pdnssec.cc b/pdns/pdnssec.cc
index d218bbf2ceb559b98032a9a0d6b9babfcb1db58e..dfbb32a6fd9b73d9322b22ebc51bf3a6270f5fac 100644 (file)
--- a/pdns/pdnssec.cc
+++ b/pdns/pdnssec.cc
@@ -1207,7 +1207,14 @@ try
     string nsec3params =  cmds.size() > 2 ? cmds[2] : "1 0 1 ab";
     bool narrow = cmds.size() > 3 && cmds[3]=="narrow";
     NSEC3PARAMRecordContent ns3pr(nsec3params);
-    dk.setNSEC3PARAM(cmds[1], ns3pr, narrow);
+    
+    string zone=cmds[1];
+    if(!dk.isSecuredZone(zone)) {
+      cerr<<"Zone '"<<zone<<"' is not secured, can't set NSEC3 parameters"<<endl;
+      exit(EXIT_FAILURE);
+    }
+    dk.setNSEC3PARAM(zone, ns3pr, narrow);
+    
     if (!ns3pr.d_flags)
       cerr<<"NSEC3 set, please rectify-zone if your backend needs it"<<endl;
     else
Unnamed repository; edit this file 'description' to name the repository.