From: Peter van Dijk <peter.van.dijk@netherlabs.nl>
Date: Thu, 4 Oct 2012 07:29:18 +0000 (+0000)
Subject: better error reporting from pdnssec. Closes #434 (Ruben d'Arco)
X-Git-Tag: auth-3.2-rc1~132
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a84a8203ea7e7653a76fcf2be02c201073782767;p=pdns

better error reporting from pdnssec. Closes #434 (Ruben d'Arco)

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@2750 d19b8d6e-7fed-0310-83ef-9ca221ded41b
---

diff --git a/pdns/dbdnsseckeeper.cc b/pdns/dbdnsseckeeper.cc
index d774a53eb..34c0bf737 100644
--- a/pdns/dbdnsseckeeper.cc
+++ b/pdns/dbdnsseckeeper.cc
@@ -171,22 +171,22 @@ DNSSECPrivateKey DNSSECKeeper::getKeyById(const std::string& zname, unsigned int
 }
 
 
-void DNSSECKeeper::removeKey(const std::string& zname, unsigned int id)
+bool DNSSECKeeper::removeKey(const std::string& zname, unsigned int id)
 {
   clearCaches(zname);
-  d_keymetadb->removeDomainKey(zname, id);
+  return d_keymetadb->removeDomainKey(zname, id);
 }
 
-void DNSSECKeeper::deactivateKey(const std::string& zname, unsigned int id)
+bool DNSSECKeeper::deactivateKey(const std::string& zname, unsigned int id)
 {
   clearCaches(zname);
-  d_keymetadb->deactivateDomainKey(zname, id);
+  return d_keymetadb->deactivateDomainKey(zname, id);
 }
 
-void DNSSECKeeper::activateKey(const std::string& zname, unsigned int id)
+bool DNSSECKeeper::activateKey(const std::string& zname, unsigned int id)
 {
   clearCaches(zname);
-  d_keymetadb->activateDomainKey(zname, id);
+  return d_keymetadb->activateDomainKey(zname, id);
 }
 
 
@@ -244,40 +244,42 @@ bool DNSSECKeeper::getNSEC3PARAM(const std::string& zname, NSEC3PARAMRecordConte
   return true;
 }
 
-void DNSSECKeeper::setNSEC3PARAM(const std::string& zname, const NSEC3PARAMRecordContent& ns3p, const bool& narrow)
+bool DNSSECKeeper::setNSEC3PARAM(const std::string& zname, const NSEC3PARAMRecordContent& ns3p, const bool& narrow)
 {
   clearCaches(zname);
   string descr = ns3p.getZoneRepresentation();
   vector<string> meta;
   meta.push_back(descr);
-  d_keymetadb->setDomainMetadata(zname, "NSEC3PARAM", meta);
-  
-  meta.clear();
-  if(narrow)
-    meta.push_back("1");
-  d_keymetadb->setDomainMetadata(zname, "NSEC3NARROW", meta);
+  if (d_keymetadb->setDomainMetadata(zname, "NSEC3PARAM", meta)) {
+    meta.clear();
+    
+    if(narrow)
+      meta.push_back("1");
+    
+    return d_keymetadb->setDomainMetadata(zname, "NSEC3NARROW", meta);
+  }
+  return false;
 }
 
-void DNSSECKeeper::unsetNSEC3PARAM(const std::string& zname)
+bool DNSSECKeeper::unsetNSEC3PARAM(const std::string& zname)
 {
   clearCaches(zname);
-  d_keymetadb->setDomainMetadata(zname, "NSEC3PARAM", vector<string>());
-  d_keymetadb->setDomainMetadata(zname, "NSEC3NARROW", vector<string>());
+  return (d_keymetadb->setDomainMetadata(zname, "NSEC3PARAM", vector<string>()) && d_keymetadb->setDomainMetadata(zname, "NSEC3NARROW", vector<string>()));
 }
 
 
-void DNSSECKeeper::setPresigned(const std::string& zname)
+bool DNSSECKeeper::setPresigned(const std::string& zname)
 {
   clearCaches(zname);
   vector<string> meta;
   meta.push_back("1");
-  d_keymetadb->setDomainMetadata(zname, "PRESIGNED", meta);
+  return d_keymetadb->setDomainMetadata(zname, "PRESIGNED", meta);
 }
 
-void DNSSECKeeper::unsetPresigned(const std::string& zname)
+bool DNSSECKeeper::unsetPresigned(const std::string& zname)
 {
   clearCaches(zname);
-  d_keymetadb->setDomainMetadata(zname, "PRESIGNED", vector<string>());
+  return d_keymetadb->setDomainMetadata(zname, "PRESIGNED", vector<string>());
 }
 
 
diff --git a/pdns/dnsseckeeper.hh b/pdns/dnsseckeeper.hh
index b84fea7df..0ef9e8b3d 100644
--- a/pdns/dnsseckeeper.hh
+++ b/pdns/dnsseckeeper.hh
@@ -71,21 +71,21 @@ public:
   DNSSECPrivateKey getKeyById(const std::string& zone, unsigned int id);
   bool addKey(const std::string& zname, bool keyOrZone, int algorithm=5, int bits=0, bool active=true);
   bool addKey(const std::string& zname, const DNSSECPrivateKey& dpk, bool active=true);
-  void removeKey(const std::string& zname, unsigned int id);
-  void activateKey(const std::string& zname, unsigned int id);
-  void deactivateKey(const std::string& zname, unsigned int id);
+  bool removeKey(const std::string& zname, unsigned int id);
+  bool activateKey(const std::string& zname, unsigned int id);
+  bool deactivateKey(const std::string& zname, unsigned int id);
 
   bool secureZone(const std::string& fname, int algorithm);
 
   bool getNSEC3PARAM(const std::string& zname, NSEC3PARAMRecordContent* n3p=0, bool* narrow=0);
-  void setNSEC3PARAM(const std::string& zname, const NSEC3PARAMRecordContent& n3p, const bool& narrow=false);
-  void unsetNSEC3PARAM(const std::string& zname);
+  bool setNSEC3PARAM(const std::string& zname, const NSEC3PARAMRecordContent& n3p, const bool& narrow=false);
+  bool unsetNSEC3PARAM(const std::string& zname);
   void clearAllCaches();
   void clearCaches(const std::string& name);
   bool getPreRRSIGs(DNSBackend& db, const std::string& signer, const std::string& qname, const std::string& wildcardname, const QType& qtype, DNSPacketWriter::Place, vector<DNSResourceRecord>& rrsigs, uint32_t signTTL);
   bool isPresigned(const std::string& zname);
-  void setPresigned(const std::string& zname);
-  void unsetPresigned(const std::string& zname);
+  bool setPresigned(const std::string& zname);
+  bool unsetPresigned(const std::string& zname);
   
   bool TSIGGrantsAccess(const string& zone, const string& keyname, const string& algorithm);
   bool getTSIGForAccess(const string& zone, const string& master, string* keyname);
diff --git a/pdns/pdnssec.cc b/pdns/pdnssec.cc
index b197370d1..4413d461a 100644
--- a/pdns/pdnssec.cc
+++ b/pdns/pdnssec.cc
@@ -836,7 +836,11 @@ try
       cerr<<"Invalid KEY-ID"<<endl;
       return 1;
     }
-    dk.activateKey(zone, id);
+    if (!dk.activateKey(zone, id)) {
+      cerr<<"Activation of key failed"<<endl;
+      return 1;
+    }
+    return 0;
   }
   else if(cmds[0] == "deactivate-zone-key") {
     if(cmds.size() != 3) {
@@ -850,7 +854,11 @@ try
       cerr<<"Invalid KEY-ID"<<endl;
       return 1;
     }
-    dk.deactivateKey(zone, id);
+    if (!dk.deactivateKey(zone, id)) {
+      cerr<<"Deactivation of key failed"<<endl;
+      return 1;
+    }
+    return 0;
   }
   else if(cmds[0] == "add-zone-key") {
     if(cmds.size() < 3 ) {
@@ -900,7 +908,10 @@ try
     }
     const string& zone=cmds[1];
     unsigned int id=atoi(cmds[2].c_str());
-    dk.removeKey(zone, id);
+    if (!dk.removeKey(zone, id)) {
+      return 1;
+    }
+    return 0;
   }
   
   else if(cmds[0] == "secure-zone") {
@@ -949,14 +960,20 @@ try
       cerr<<"Syntax: pdnssec set-presigned ZONE"<<endl;
       return 0; 
     }
-    dk.setPresigned(cmds[1]);
+    if (! dk.setPresigned(cmds[1])) {
+      return 1;
+    }
+    return 0;
   }
   else if(cmds[0]=="unset-presigned") {
     if(cmds.size() < 2) {
       cerr<<"Syntax: pdnssec unset-presigned ZONE"<<endl;
       return 0;  
     }
-    dk.unsetPresigned(cmds[1]);
+    if (! dk.unsetPresigned(cmds[1])) {
+      return 1;
+    }
+    return 0;
   }
   else if(cmds[0]=="hash-zone-record") {
     if(cmds.size() < 3) {
@@ -980,14 +997,17 @@ try
   else if(cmds[0]=="unset-nsec3") {
     if(cmds.size() < 2) {
       cerr<<"Syntax: pdnssec unset-nsec3 ZONE"<<endl;
-      exit(1);
+      return 0;
     }
-    dk.unsetNSEC3PARAM(cmds[1]);
+    if ( ! dk.unsetNSEC3PARAM(cmds[1])) {
+      return 1;
+    }
+    return 0;
   }
   else if(cmds[0]=="export-zone-key") {
     if(cmds.size() < 3) {
       cerr<<"Syntax: pdnssec export-zone-key ZONE KEY-ID"<<endl;
-      exit(1);
+      return 0;
     }
 
     string zone=cmds[1];