From 4bc8379e99c8ea3f3d05c58d3ab6c10998249c34 Mon Sep 17 00:00:00 2001 From: Pieter Lexis Date: Fri, 6 Oct 2017 17:04:23 +0200 Subject: [PATCH] API: add rectify endpoint --- docs/http-api/endpoint-zones.rst | 9 +++++++++ pdns/ws-auth.cc | 27 +++++++++++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/docs/http-api/endpoint-zones.rst b/docs/http-api/endpoint-zones.rst index 09a0793e5..2622a9d1a 100644 --- a/docs/http-api/endpoint-zones.rst +++ b/docs/http-api/endpoint-zones.rst @@ -128,3 +128,12 @@ Zones endpoint :param server_id: The name of the server :param zone_id: The id number of the :json:object:`Zone` + +.. http:put:: /api/v1/servers/:server_id/zones/:zone_id/rectify + + Rectify the zone data. This does not take into account the :ref:`metadata-api-rectify` metadata. + + :param server_id: The name of the server + :param zone_id: The id number of the :json:object:`Zone` + + Fails on slave zones and zones that do not have DNSSEC. diff --git a/pdns/ws-auth.cc b/pdns/ws-auth.cc index 51d2dd841..9d22bd718 100644 --- a/pdns/ws-auth.cc +++ b/pdns/ws-auth.cc @@ -1447,6 +1447,32 @@ static void apiServerZoneNotify(HttpRequest* req, HttpResponse* resp) { resp->setSuccessResult("Notification queued"); } +static void apiServerZoneRectify(HttpRequest* req, HttpResponse* resp) { + DNSName zonename = apiZoneIdToName(req->parameters["id"]); + + if(req->method != "PUT") + throw HttpMethodNotAllowedException(); + + UeberBackend B; + DomainInfo di; + if(!B.getDomainInfo(zonename, di)) + throw ApiException("Could not find domain '"+zonename.toString()+"'"); + + DNSSECKeeper dk(&B); + + if (!dk.isSecuredZone(zonename)) + throw ApiException("Zone '" + zonename.toString() + "' is not DNSSEC signed, not rectifying."); + + if (di.kind == DomainInfo::Slave) + throw ApiException("Zone '" + zonename.toString() + "' is a slave zone, not rectifying."); + + string error_msg = ""; + if (!dk.rectifyZone(zonename, error_msg)) + throw ApiException("Failed to rectify '" + zonename.toString() + "' " + error_msg); + + resp->setSuccessResult("Rectified"); +} + static void makePtr(const DNSResourceRecord& rr, DNSResourceRecord* ptr) { if (rr.qtype.getCode() == QType::A) { uint32_t ip; @@ -1831,6 +1857,7 @@ void AuthWebServer::webThread() d_ws->registerApiHandler("/api/v1/servers/localhost/zones//metadata/", &apiZoneMetadataKind); d_ws->registerApiHandler("/api/v1/servers/localhost/zones//metadata", &apiZoneMetadata); d_ws->registerApiHandler("/api/v1/servers/localhost/zones//notify", &apiServerZoneNotify); + d_ws->registerApiHandler("/api/v1/servers/localhost/zones//rectify", &apiServerZoneRectify); d_ws->registerApiHandler("/api/v1/servers/localhost/zones/", &apiServerZoneDetail); d_ws->registerApiHandler("/api/v1/servers/localhost/zones", &apiServerZones); d_ws->registerApiHandler("/api/v1/servers/localhost", &apiServerDetail); -- 2.40.0