From: Pieter Lexis Date: Mon, 16 Oct 2017 10:32:39 +0000 (+0200) Subject: Add doRectify bool to DNSSECKeeper::rectifyZone() X-Git-Tag: rec-4.1.0-rc2~36^2~1 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=8d0f207b01b6257b2e7099ebd793d4362b54ae0d;p=pdns Add doRectify bool to DNSSECKeeper::rectifyZone() This is added so the API can wrap an update to a zone's records *and* DNSSEC info into a single transaction. --- diff --git a/pdns/dbdnsseckeeper.cc b/pdns/dbdnsseckeeper.cc index fe7570e8b..07e4a9778 100644 --- a/pdns/dbdnsseckeeper.cc +++ b/pdns/dbdnsseckeeper.cc @@ -587,7 +587,13 @@ bool DNSSECKeeper::getTSIGForAccess(const DNSName& zone, const string& master, D return false; } -bool DNSSECKeeper::rectifyZone(const DNSName& zone, string& error) { +/* Rectifies the zone + * + * \param zone The zone to rectify + * \param error& A string where error messages are added + * \param doTransaction Whether or not to wrap the rectify in a transaction + */ +bool DNSSECKeeper::rectifyZone(const DNSName& zone, string& error, bool doTransaction) { if (isPresigned(zone)) { error = "Rectify presigned zone '"+zone.toLogString()+"' is not allowed/necessary."; return false; @@ -662,7 +668,8 @@ bool DNSSECKeeper::rectifyZone(const DNSName& zone, string& error) { } } - sd.db->startTransaction(zone, -1); + if (doTransaction) + sd.db->startTransaction(zone, -1); bool realrr=true; bool doent=true; @@ -766,7 +773,8 @@ bool DNSSECKeeper::rectifyZone(const DNSName& zone, string& error) { } } - sd.db->commitTransaction(); + if (doTransaction) + sd.db->commitTransaction(); return true; } diff --git a/pdns/dnsseckeeper.hh b/pdns/dnsseckeeper.hh index 2cecc5557..f6e7b678a 100644 --- a/pdns/dnsseckeeper.hh +++ b/pdns/dnsseckeeper.hh @@ -210,7 +210,7 @@ public: void getFromMeta(const DNSName& zname, const std::string& key, std::string& value); void getSoaEdit(const DNSName& zname, std::string& value); - bool rectifyZone(const DNSName& zone, std::string& error); + bool rectifyZone(const DNSName& zone, std::string& error, bool doTransaction); private: diff --git a/pdns/pdnsutil.cc b/pdns/pdnsutil.cc index d2e6900ef..ed9dc9033 100644 --- a/pdns/pdnsutil.cc +++ b/pdns/pdnsutil.cc @@ -138,7 +138,7 @@ void loadMainConfig(const std::string& configdir) bool rectifyZone(DNSSECKeeper& dk, const DNSName& zone) { string error; - bool ret = dk.rectifyZone(zone, error); + bool ret = dk.rectifyZone(zone, error, true); if (!ret) { cerr<getDomainMetadataOne(zonename, "API-RECTIFY", api_rectify); if (shouldRectify && dk.isSecuredZone(zonename) && !dk.isPresigned(zonename) && api_rectify == "1") { string error_msg = ""; - if (!dk.rectifyZone(zonename, error_msg)) + if (!dk.rectifyZone(zonename, error_msg, true)) throw ApiException("Failed to rectify '" + zonename.toString() + "' " + error_msg); } } @@ -1470,7 +1470,7 @@ static void apiServerZoneRectify(HttpRequest* req, HttpResponse* resp) { throw ApiException("Zone '" + zonename.toString() + "' is a slave zone, not rectifying."); string error_msg = ""; - if (!dk.rectifyZone(zonename, error_msg)) + if (!dk.rectifyZone(zonename, error_msg, true)) throw ApiException("Failed to rectify '" + zonename.toString() + "' " + error_msg); resp->setSuccessResult("Rectified"); @@ -1696,7 +1696,7 @@ static void patchZone(HttpRequest* req, HttpResponse* resp) { di.backend->getDomainMetadataOne(zonename, "API-RECTIFY", api_rectify); if (dk.isSecuredZone(zonename) && !dk.isPresigned(zonename) && api_rectify == "1") { string error_msg = ""; - if (!dk.rectifyZone(zonename, error_msg)) + if (!dk.rectifyZone(zonename, error_msg, false)) throw ApiException("Failed to rectify '" + zonename.toString() + "' " + error_msg); }