From: Bert Hubert <bert.hubert@netherlabs.nl>
Date: Tue, 4 Jan 2011 15:09:51 +0000 (+0000)
Subject: PAY ATTENTION! from this commit onwards, generic backends will NOT perform dnssec... 
X-Git-Tag: auth-3.0~443
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=28f1aab9a9c15472fec6c74cad791f450c21f0e4;p=pdns

PAY ATTENTION! from this commit onwards, generic backends will NOT perform dnssec queries by default, you'll have to turn this on with: 'gmysql-dnssec' or 'gpgsql-dnssec' etc


git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1804 d19b8d6e-7fed-0310-83ef-9ca221ded41b
---

diff --git a/modules/gmysqlbackend/gmysqlbackend.cc b/modules/gmysqlbackend/gmysqlbackend.cc
index b9da446ba..9d98b0179 100644
--- a/modules/gmysqlbackend/gmysqlbackend.cc
+++ b/modules/gmysqlbackend/gmysqlbackend.cc
@@ -50,7 +50,7 @@ public:
     declare(suffix,"port","Database backend port to connect to","0");
     declare(suffix,"socket","Pdns backend socket to connect to","");
     declare(suffix,"password","Pdns backend password to connect with","");
-    declare(suffix,"dnssec","Assume DNSSEC Schema is in place","false");
+    declare(suffix,"dnssec","Assume DNSSEC Schema is in place","no");
 
     declare(suffix,"basic-query","Basic query","select content,ttl,prio,type,domain_id,name from records where type='%s' and name='%s'");
     declare(suffix,"id-query","Basic with ID query","select content,ttl,prio,type,domain_id,name from records where type='%s' and name='%s' and domain_id=%d");
diff --git a/modules/gpgsqlbackend/gpgsqlbackend.cc b/modules/gpgsqlbackend/gpgsqlbackend.cc
index 76818d33d..0192e37ee 100644
--- a/modules/gpgsqlbackend/gpgsqlbackend.cc
+++ b/modules/gpgsqlbackend/gpgsqlbackend.cc
@@ -50,7 +50,7 @@ public:
     declare(suffix,"port","Database backend port to connect to","");
     declare(suffix,"socket","Pdns backend socket to connect to","");
     declare(suffix,"password","Pdns backend password to connect with","");
-
+    declare(suffix, "dnssec", "Assume DNSSEC Schema is in place","no");
     declare(suffix,"basic-query","Basic query","select content,ttl,prio,type,domain_id,name from records where type='%s' and name='%s'");
     declare(suffix,"id-query","Basic with ID query","select content,ttl,prio,type,domain_id,name from records where type='%s' and name='%s' and domain_id=%d");
     declare(suffix,"wildcard-query","Wildcard query","select content,ttl,prio,type,domain_id,name from records where type='%s' and name like '%s'");
diff --git a/modules/gsqlite3backend/gsqlite3backend.cc b/modules/gsqlite3backend/gsqlite3backend.cc
index b9635e7c1..41789e1f8 100644
--- a/modules/gsqlite3backend/gsqlite3backend.cc
+++ b/modules/gsqlite3backend/gsqlite3backend.cc
@@ -95,7 +95,7 @@ public:
     declare( suffix, "info-all-master-query", "", "select id,name,master,last_check,notified_serial,type from domains where type='MASTER'");
     declare( suffix, "delete-zone-query", "", "delete from records where domain_id=%d");
     declare( suffix, "check-acl-query","", "select value from acls where acl_type='%s' and acl_key='%s'");
-    declare(suffix, "dnssec", "Assume DNSSEC Schema is in place","false");
+    declare(suffix, "dnssec", "Assume DNSSEC Schema is in place","no");
 
     declare(suffix,"add-domain-key-query","", "insert into cryptokeys (domain_id, flags, active, content) select id, %d, %d, '%s' from domains where name='%s'");
     declare(suffix,"list-domain-keys-query","", "select cryptokeys.id, flags, active, content from domains, cryptokeys where domain_id=domains.id and name='%s'");
diff --git a/pdns/backends/gsql/gsqlbackend.cc b/pdns/backends/gsql/gsqlbackend.cc
index b4df9117b..483e045e7 100644
--- a/pdns/backends/gsql/gsqlbackend.cc
+++ b/pdns/backends/gsql/gsqlbackend.cc
@@ -258,12 +258,16 @@ GSQLBackend::GSQLBackend(const string &mode, const string &suffix)
 
 bool GSQLBackend::updateDNSSECOrderAndAuth(uint32_t domain_id, const std::string& zonename, const std::string& qname, bool auth)
 {
+  if(!d_dnssecQueries)
+    return false;
   string ins=toLower(labelReverse(makeRelative(qname, zonename)));
   return this->updateDNSSECOrderAndAuthAbsolute(domain_id, qname, ins, auth);
 }
 
 bool GSQLBackend::updateDNSSECOrderAndAuthAbsolute(uint32_t domain_id, const std::string& qname, const std::string& ordername, bool auth)
 {
+  if(!d_dnssecQueries)
+    return false;
   char output[1024];
   // ordername='%s',auth=%d where name='%s' and domain_id='%d'
   
@@ -275,6 +279,8 @@ bool GSQLBackend::updateDNSSECOrderAndAuthAbsolute(uint32_t domain_id, const std
 }
 bool GSQLBackend::getBeforeAndAfterNamesAbsolute(uint32_t id, const std::string& qname, std::string& unhashed, std::string& before, std::string& after)
 {
+  if(!d_dnssecQueries)
+    return false;
   cerr<<"gsql before/after called for id="<<id<<", qname='"<<qname<<"'"<<endl;
   unhashed.clear(); before.clear(); after.clear();
   string lcqname=toLower(qname);
@@ -318,6 +324,8 @@ retryBefore:
 
 int GSQLBackend::addDomainKey(const string& name, const KeyData& key)
 {
+  if(!d_dnssecQueries)
+    return -1;
   char output[16384];  
   snprintf(output,sizeof(output)-1,d_AddDomainKeyQuery.c_str(),
 	   key.flags, (int)key.active, sqlEscape(key.content).c_str(), sqlEscape(toLower(name)).c_str());
@@ -333,6 +341,8 @@ int GSQLBackend::addDomainKey(const string& name, const KeyData& key)
 
 bool GSQLBackend::activateDomainKey(const string& name, unsigned int id)
 {
+  if(!d_dnssecQueries)
+    return false;
   char output[1024];
   snprintf(output,sizeof(output)-1,d_ActivateDomainKeyQuery.c_str(), sqlEscape(toLower(name)).c_str(), id);
 
@@ -347,6 +357,8 @@ bool GSQLBackend::activateDomainKey(const string& name, unsigned int id)
 
 bool GSQLBackend::deactivateDomainKey(const string& name, unsigned int id)
 {
+  if(!d_dnssecQueries)
+    return false;
   char output[1024];
   snprintf(output,sizeof(output)-1,d_DeactivateDomainKeyQuery.c_str(), sqlEscape(toLower(name)).c_str(), id);
 
@@ -361,6 +373,8 @@ bool GSQLBackend::deactivateDomainKey(const string& name, unsigned int id)
 
 bool GSQLBackend::removeDomainKey(const string& name, unsigned int id)
 {
+  if(!d_dnssecQueries)
+    return false;
   char output[1024];
   snprintf(output,sizeof(output)-1,d_RemoveDomainKeyQuery.c_str(), sqlEscape(toLower(name)).c_str(), id);
 
@@ -377,6 +391,8 @@ bool GSQLBackend::removeDomainKey(const string& name, unsigned int id)
 
 bool GSQLBackend::getDomainKeys(const string& name, unsigned int kind, std::vector<KeyData>& keys)
 {
+  if(!d_dnssecQueries)
+    return false;
   char output[1024];  
   snprintf(output,sizeof(output)-1,d_ListDomainKeysQuery.c_str(), sqlEscape(toLower(name)).c_str());
 
@@ -406,6 +422,8 @@ bool GSQLBackend::getDomainKeys(const string& name, unsigned int kind, std::vect
 
 bool GSQLBackend::getDomainMetadata(const string& name, const std::string& kind, std::vector<std::string>& meta)
 {
+  if(!d_dnssecQueries)
+    return false;
   char output[1024];  
   snprintf(output,sizeof(output)-1,d_GetDomainMetadataQuery.c_str(), sqlEscape(name).c_str(), sqlEscape(kind).c_str());
 
@@ -428,6 +446,8 @@ bool GSQLBackend::getDomainMetadata(const string& name, const std::string& kind,
 bool GSQLBackend::setDomainMetadata(const string& name, const std::string& kind, const std::vector<std::string>& meta)
 {
   char output[16384];  
+  if(!d_dnssecQueries)
+    return false;
 
   if(!meta.empty())
     snprintf(output,sizeof(output)-1,d_SetDomainMetadataQuery.c_str(),