From 512eafef86db6bbd832fa717433d7b169e909ad7 Mon Sep 17 00:00:00 2001 From: Kees Monshouwer Date: Wed, 15 Jun 2016 10:52:10 +0200 Subject: [PATCH] Revert "Verify domain ownership" This reverts commit 182f7513802bffb4ab3dd373eadb8f1a64012e22. --- modules/gmysqlbackend/gmysqlbackend.cc | 1 - modules/godbcbackend/godbcbackend.cc | 1 - modules/goraclebackend/goraclebackend.cc | 1 - modules/gpgsqlbackend/gpgsqlbackend.cc | 2 +- modules/gsqlite3backend/gsqlite3backend.cc | 1 - pdns/backends/gsql/gsqlbackend.cc | 61 +--------------------- pdns/backends/gsql/gsqlbackend.hh | 8 +-- 7 files changed, 4 insertions(+), 71 deletions(-) diff --git a/modules/gmysqlbackend/gmysqlbackend.cc b/modules/gmysqlbackend/gmysqlbackend.cc index 9f23fb165..1519b1505 100644 --- a/modules/gmysqlbackend/gmysqlbackend.cc +++ b/modules/gmysqlbackend/gmysqlbackend.cc @@ -127,7 +127,6 @@ public: declare(suffix, "delete-comments-query", "", "DELETE FROM comments WHERE domain_id=?"); declare(suffix, "search-records-query", "", record_query+" name LIKE ? OR content LIKE ? LIMIT ?"); declare(suffix, "search-comments-query", "", "SELECT domain_id,name,type,modified_at,account,comment FROM comments WHERE name LIKE ? OR comment LIKE ? LIMIT ?"); - declare(suffix, "is-our-domain-query", "", "SELECT id FROM domains WHERE id = ? OR name = ?"); } DNSBackend *make(const string &suffix="") diff --git a/modules/godbcbackend/godbcbackend.cc b/modules/godbcbackend/godbcbackend.cc index a2f2f1aed..7d3ff9bb1 100644 --- a/modules/godbcbackend/godbcbackend.cc +++ b/modules/godbcbackend/godbcbackend.cc @@ -126,7 +126,6 @@ public: declare(suffix, "delete-comments-query", "", "DELETE FROM comments WHERE domain_id=?"); declare(suffix, "search-records-query", "", record_query+" name LIKE ? OR content LIKE ? LIMIT ?"); declare(suffix, "search-comments-query", "", "SELECT domain_id,name,type,modified_at,account,comment FROM comments WHERE name LIKE ? OR comment LIKE ? LIMIT ?"); - declare(suffix, "is-our-domain-query", "", "SELECT id FROM domains WHERE id = ? OR name = ?"); } //! Constructs a new gODBCBackend object. diff --git a/modules/goraclebackend/goraclebackend.cc b/modules/goraclebackend/goraclebackend.cc index 8872b4f8f..881a5d4fb 100644 --- a/modules/goraclebackend/goraclebackend.cc +++ b/modules/goraclebackend/goraclebackend.cc @@ -138,7 +138,6 @@ public: declare(suffix, "delete-comments-query", "", "DELETE FROM comments WHERE domain_id=:domain_id"); declare(suffix, "search-records-query", "", record_query+" name LIKE :value OR content LIKE :value2 LIMIT :limit"); declare(suffix, "search-comments-query", "", "SELECT domain_id,name,type,modified_at,account,comment FROM comments WHERE name LIKE :value OR comment LIKE :value2 LIMIT :limit"); - declare(suffix, "is-our-domain-query", "", "SELECT id FROM domains WHERE id = :id OR name = :zone"); } diff --git a/modules/gpgsqlbackend/gpgsqlbackend.cc b/modules/gpgsqlbackend/gpgsqlbackend.cc index d23c89267..9cb993a71 100644 --- a/modules/gpgsqlbackend/gpgsqlbackend.cc +++ b/modules/gpgsqlbackend/gpgsqlbackend.cc @@ -120,7 +120,7 @@ public: declare(suffix, "delete-comments-query", "", "DELETE FROM comments WHERE domain_id=$1"); declare(suffix, "search-records-query", "", record_query+" name LIKE $1 OR content LIKE $2 LIMIT $3"); declare(suffix, "search-comments-query", "", "SELECT domain_id,name,type,modified_at,account,comment FROM comments WHERE name LIKE $1 OR comment LIKE $2 LIMIT $3"); - declare(suffix, "is-our-domain-query", "", "SELECT id FROM domains WHERE id = $1 OR name = $2"); + } DNSBackend *make(const string &suffix="") diff --git a/modules/gsqlite3backend/gsqlite3backend.cc b/modules/gsqlite3backend/gsqlite3backend.cc index a0f17bb16..19a222c46 100644 --- a/modules/gsqlite3backend/gsqlite3backend.cc +++ b/modules/gsqlite3backend/gsqlite3backend.cc @@ -136,7 +136,6 @@ public: declare(suffix, "delete-comments-query", "", "DELETE FROM comments WHERE domain_id=:domain_id"); declare(suffix, "search-records-query", "", record_query+" name LIKE :value OR content LIKE :value2 LIMIT :limit"); declare(suffix, "search-comments-query", "", "SELECT domain_id,name,type,modified_at,account,comment FROM comments WHERE name LIKE :value OR comment LIKE :value2 LIMIT :limit"); - declare(suffix, "is-our-domain-query", "", "SELECT id FROM domains WHERE id = :id OR name = :zone"); } //! Constructs a new gSQLite3Backend object. diff --git a/pdns/backends/gsql/gsqlbackend.cc b/pdns/backends/gsql/gsqlbackend.cc index c2bc7376c..19e114659 100644 --- a/pdns/backends/gsql/gsqlbackend.cc +++ b/pdns/backends/gsql/gsqlbackend.cc @@ -124,8 +124,6 @@ GSQLBackend::GSQLBackend(const string &mode, const string &suffix) d_SearchRecordsQuery = getArg("search-records-query"); d_SearchCommentsQuery = getArg("search-comments-query"); - d_IsOurDomainQuery = getArg("is-our-domain-query"); - d_query_stmt = NULL; d_NoIdQuery_stmt = NULL; d_IdQuery_stmt = NULL; @@ -184,7 +182,6 @@ GSQLBackend::GSQLBackend(const string &mode, const string &suffix) d_DeleteCommentsQuery_stmt = NULL; d_SearchRecordsQuery_stmt = NULL; d_SearchCommentsQuery_stmt = NULL; - d_IsOurDomainQuery_stmt = NULL; } void GSQLBackend::setNotified(uint32_t domain_id, uint32_t serial) @@ -217,8 +214,6 @@ void GSQLBackend::setFresh(uint32_t domain_id) bool GSQLBackend::isMaster(const DNSName &domain, const string &ip) { - if (!isOurDomain(domain)) return false; - try { d_MasterOfDomainsZoneQuery_stmt-> bind("domain", domain)-> @@ -250,8 +245,6 @@ bool GSQLBackend::isMaster(const DNSName &domain, const string &ip) bool GSQLBackend::setMaster(const DNSName &domain, const string &ip) { - if (!isOurDomain(domain)) return false; - try { d_UpdateMasterOfZoneQuery_stmt-> bind("master", ip)-> @@ -267,8 +260,6 @@ bool GSQLBackend::setMaster(const DNSName &domain, const string &ip) bool GSQLBackend::setKind(const DNSName &domain, const DomainInfo::DomainKind kind) { - if (!isOurDomain(domain)) return false; - try { d_UpdateKindOfZoneQuery_stmt-> bind("kind", toUpper(DomainInfo::getKindString(kind)))-> @@ -284,8 +275,6 @@ bool GSQLBackend::setKind(const DNSName &domain, const DomainInfo::DomainKind ki bool GSQLBackend::setAccount(const DNSName &domain, const string &account) { - if (!isOurDomain(domain)) return false; - try { d_UpdateAccountOfZoneQuery_stmt-> bind("account", account)-> @@ -301,8 +290,6 @@ bool GSQLBackend::setAccount(const DNSName &domain, const string &account) bool GSQLBackend::getDomainInfo(const DNSName &domain, DomainInfo &di) { - if (!isOurDomain(domain)) return false; - /* fill DomainInfo from database info: id,name,master IP(s),last_check,notified_serial,type,account */ try { @@ -444,7 +431,6 @@ bool GSQLBackend::updateDNSSECOrderNameAndAuth(uint32_t domain_id, const DNSName { if(!d_dnssecQueries) return false; - if (!isOurDomain(DNSName(""), domain_id)) return false; if (!ordername.empty()) { if (qtype == QType::ANY) { @@ -508,8 +494,6 @@ bool GSQLBackend::updateDNSSECOrderNameAndAuth(uint32_t domain_id, const DNSName bool GSQLBackend::updateEmptyNonTerminals(uint32_t domain_id, const DNSName& zonename, set& insert, set& erase, bool remove) { - if (!isOurDomain(DNSName(""), domain_id)) return false; - if(remove) { try { d_RemoveEmptyNonTerminalsFromZoneQuery_stmt-> @@ -567,8 +551,6 @@ bool GSQLBackend::getBeforeAndAfterNamesAbsolute(uint32_t id, const string& qnam { if(!d_dnssecQueries) return false; - if (!isOurDomain(DNSName(""),id)) return false; - // cerr<<"gsql before/after called for id="< @@ -687,7 +668,6 @@ bool GSQLBackend::activateDomainKey(const DNSName& name, unsigned int id) { if(!d_dnssecQueries) return false; - if (!isOurDomain(name)) return false; try { d_ActivateDomainKeyQuery_stmt-> @@ -706,7 +686,6 @@ bool GSQLBackend::deactivateDomainKey(const DNSName& name, unsigned int id) { if(!d_dnssecQueries) return false; - if (!isOurDomain(name)) return false; try { d_DeactivateDomainKeyQuery_stmt-> @@ -725,7 +704,6 @@ bool GSQLBackend::removeDomainKey(const DNSName& name, unsigned int id) { if(!d_dnssecQueries) return false; - if (!isOurDomain(name)) return false; try { d_RemoveDomainKeyQuery_stmt-> @@ -835,7 +813,6 @@ bool GSQLBackend::getDomainKeys(const DNSName& name, unsigned int kind, std::vec { if(!d_dnssecQueries) return false; - if (!isOurDomain(name)) return false; try { d_ListDomainKeysQuery_stmt-> @@ -878,8 +855,6 @@ void GSQLBackend::alsoNotifies(const DNSName &domain, set *ips) bool GSQLBackend::getAllDomainMetadata(const DNSName& name, std::map >& meta) { - if (!isOurDomain(name)) return false; - try { d_GetAllDomainMetadataQuery_stmt-> bind("domain", name)-> @@ -937,7 +912,6 @@ bool GSQLBackend::setDomainMetadata(const DNSName& name, const std::string& kind { if(!d_dnssecQueries && isDnssecDomainMetadata(kind)) return false; - if (!isOurDomain(name)) return false; try { d_ClearDomainMetadataQuery_stmt-> @@ -1009,8 +983,6 @@ void GSQLBackend::lookup(const QType &qtype,const DNSName &qname, DNSPacket *pkt bool GSQLBackend::list(const DNSName &target, int domain_id, bool include_disabled) { - if (!isOurDomain(target, domain_id)) return false; - DLOG(L<<"GSQLBackend constructing handle for list of domain id '"< *domains, bool include_disabl bool GSQLBackend::replaceRRSet(uint32_t domain_id, const DNSName& qname, const QType& qt, const vector& rrset) { - if (!isOurDomain(DNSName(""), domain_id)) return false; - try { if (qt != QType::ANY) { d_DeleteRRSetQuery_stmt-> @@ -1329,8 +1298,6 @@ bool GSQLBackend::feedRecord(const DNSResourceRecord &r, string *ordername) bool GSQLBackend::feedEnts(int domain_id, map& nonterm) { - if (!isOurDomain(DNSName(""), domain_id)) return false; - for(const auto& nt: nonterm) { try { d_InsertEmptyNonTerminalOrderQuery_stmt-> @@ -1352,7 +1319,6 @@ bool GSQLBackend::feedEnts3(int domain_id, const DNSName &domain, map=0 && !isOurDomain(DNSName(""), domain_id)) return false; - try { d_db->startTransaction(); if(domain_id >= 0) { @@ -1425,12 +1389,11 @@ bool GSQLBackend::abortTransaction() bool GSQLBackend::calculateSOASerial(const DNSName& domain, const SOAData& sd, time_t& serial) { - if (!isOurDomain(DNSName(""), sd.domain_id)) return false; if (d_ZoneLastChangeQuery.empty()) { // query not set => fall back to default impl return DNSBackend::calculateSOASerial(domain, sd, serial); } - + try { d_ZoneLastChangeQuery_stmt-> bind("domain_id", sd.domain_id)-> @@ -1454,8 +1417,6 @@ bool GSQLBackend::calculateSOASerial(const DNSName& domain, const SOAData& sd, t bool GSQLBackend::listComments(const uint32_t domain_id) { - if (!isOurDomain(DNSName(""), domain_id)) return false; - try { d_query_name = "list-comments-query"; d_query_stmt = d_ListCommentsQuery_stmt; @@ -1683,26 +1644,6 @@ void GSQLBackend::extractComment(const SSqlStatement::row_t& row, Comment& comme comment.content = row[5]; } -bool GSQLBackend::isOurDomain(const DNSName &zone, int domain_id) { - try { - d_IsOurDomainQuery_stmt-> - bind("id", domain_id)-> - bind("zone", zone)-> - execute()-> - getResult(d_result)-> - reset(); - - if (!d_result.empty()) { - d_result.clear(); - return true; - } - } catch (SSqlException &e) { - throw PDNSException("GSQLBackend unable to verify ownership of domain: "+e.txtReason()); - } - - return false; -} - SSqlStatement::~SSqlStatement() { // make sure vtable won't break } diff --git a/pdns/backends/gsql/gsqlbackend.hh b/pdns/backends/gsql/gsqlbackend.hh index 494d8345d..8592bdf3e 100644 --- a/pdns/backends/gsql/gsqlbackend.hh +++ b/pdns/backends/gsql/gsqlbackend.hh @@ -88,7 +88,6 @@ public: d_DeleteCommentsQuery_stmt = d_db->prepare(d_DeleteCommentsQuery, 1); d_SearchRecordsQuery_stmt = d_db->prepare(d_SearchRecordsQuery, 3); d_SearchCommentsQuery_stmt = d_db->prepare(d_SearchCommentsQuery, 3); - d_IsOurDomainQuery_stmt = d_db->prepare(d_IsOurDomainQuery, 2); } } @@ -155,7 +154,6 @@ public: release(&d_DeleteCommentsQuery_stmt); release(&d_SearchRecordsQuery_stmt); release(&d_SearchCommentsQuery_stmt); - release(&d_IsOurDomainQuery_stmt); } void lookup(const QType &, const DNSName &qdomain, DNSPacket *p=0, int zoneId=-1); @@ -220,7 +218,7 @@ public: string directBackendCmd(const string &query); bool searchRecords(const string &pattern, int maxResults, vector& result); bool searchComments(const string &pattern, int maxResults, vector& result); - bool isOurDomain(const DNSName &zone, int domain_id=-1); + protected: string pattern2SQLPattern(const string& pattern); void extractRecord(const SSqlStatement::row_t& row, DNSResourceRecord& rr); @@ -304,8 +302,6 @@ private: string d_SearchRecordsQuery; string d_SearchCommentsQuery; - string d_IsOurDomainQuery; - SSqlStatement* d_query_stmt; SSqlStatement* d_NoIdQuery_stmt; @@ -365,7 +361,7 @@ private: SSqlStatement* d_DeleteCommentsQuery_stmt; SSqlStatement* d_SearchRecordsQuery_stmt; SSqlStatement* d_SearchCommentsQuery_stmt; - SSqlStatement* d_IsOurDomainQuery_stmt; + protected: bool d_dnssecQueries; }; -- 2.40.0