From: Ruben d'Arco Date: Thu, 16 May 2013 20:49:51 +0000 (+0200) Subject: Keep ENT's auth=1 X-Git-Tag: rec-3.6.0-rc1~556^2~3^2~26 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0c72fa99cbc9a92b95bf157cf12364901d59df87;p=pdns Keep ENT's auth=1 --- diff --git a/pdns/rfc2136handler.cc b/pdns/rfc2136handler.cc index 5fd1f2802..562348403 100644 --- a/pdns/rfc2136handler.cc +++ b/pdns/rfc2136handler.cc @@ -379,7 +379,7 @@ uint16_t PacketHandler::performUpdate(const string &msgPrefix, const DNSRecord * if (recordsToDelete.size()) { - // If we remove an NS which is not at apex of the zone, we need to make everthing below it auth=true as those now are not delegated anymore. + // We're removing a delegate, so we need to reset ordername/auth for some records. if (rrType == QType::NS && rrLabel != di->zone) { vector belowOldDelegate, nsRecs, updateAuthFlag; di->backend->listSubZone(rrLabel, di->id); @@ -476,7 +476,7 @@ uint16_t PacketHandler::performUpdate(const string &msgPrefix, const DNSRecord * string hashed; if(! *narrow) hashed=toLower(toBase32Hex(hashQNameWithSalt(ns3pr->d_iterations, ns3pr->d_salt, *i))); - di->backend->updateDNSSECOrderAndAuthAbsolute(di->id, *i, hashed, false); + di->backend->updateDNSSECOrderAndAuthAbsolute(di->id, *i, hashed, true); } } } diff --git a/regression-tests/1dyndns-update-delegate-in-between/description b/regression-tests/1dyndns-update-delegate-in-between/description index 96df3a2e9..e7b732fc9 100644 --- a/regression-tests/1dyndns-update-delegate-in-between/description +++ b/regression-tests/1dyndns-update-delegate-in-between/description @@ -1,3 +1,2 @@ -For DNSSEC, PowerDNS uses the Auth and Ordername fields in the database. This tests adds an (delegate) NS and A record -to the test.dyndns zone, it also deletes these records. The test is rather big because it should cover -all the scenario's. This thus validates the correction of these records, known as rectify-zone and cache. +This tests adds a delegate between two records. The test validates that re have our ordernames correct when we insert a delegate between two others. +It also validates that our cache is correctly purged (when we are selective about it). \ No newline at end of file diff --git a/regression-tests/1dyndns-update-delete-parent-delegate/description b/regression-tests/1dyndns-update-delete-parent-delegate/description index bfc22f81f..6e3cfc6dd 100644 --- a/regression-tests/1dyndns-update-delete-parent-delegate/description +++ b/regression-tests/1dyndns-update-delete-parent-delegate/description @@ -1 +1 @@ -This test performs a simple add and delete of an A-record using RFC2136. +This test adds 2 delegates below each other and deletes the top delegate. \ No newline at end of file