Created
April 26, 2013 11:45
-
-
Save Habbie/5466858 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Index: pdns/pdnssec.cc | |
| =================================================================== | |
| --- pdns/pdnssec.cc (revision 3051) | |
| +++ pdns/pdnssec.cc (working copy) | |
| @@ -99,7 +99,7 @@ | |
| // irritatingly enough, rectifyZone needs its own ueberbackend and can't therefore benefit from transactions outside its scope | |
| // I think this has to do with interlocking transactions between B and DK, but unsure. | |
| -void rectifyZone(DNSSECKeeper& dk, const std::string& zone) | |
| +bool rectifyZone(DNSSECKeeper& dk, const std::string& zone) | |
| { | |
| UeberBackend B("default"); | |
| bool doTransaction=true; // but see above | |
| @@ -108,7 +108,7 @@ | |
| if(!B.getSOA(zone, sd)) { | |
| cerr<<"No SOA known for '"<<zone<<"', is such a zone in the database?"<<endl; | |
| - return; | |
| + return false; | |
| } | |
| sd.db->list(zone, sd.domain_id); | |
| @@ -250,6 +250,8 @@ | |
| if(doTransaction) | |
| sd.db->commitTransaction(); | |
| + | |
| + return true; | |
| } | |
| void rectifyAllZones(DNSSECKeeper &dk) | |
| @@ -502,11 +504,19 @@ | |
| #endif | |
| } | |
| -void disableDNSSECOnZone(DNSSECKeeper& dk, const string& zone) | |
| +bool disableDNSSECOnZone(DNSSECKeeper& dk, const string& zone) | |
| { | |
| + UeberBackend B("default"); | |
| + DomainInfo di; | |
| + | |
| + if (!B.getDomainInfo(zone, di)){ | |
| + cerr << "No such zone in the database" << endl; | |
| + return false; | |
| + } | |
| + | |
| if(!dk.isSecuredZone(zone)) { | |
| cerr<<"Zone is not secured\n"; | |
| - return; | |
| + return false; | |
| } | |
| DNSSECKeeper::keyset_t keyset=dk.getKeys(zone); | |
| @@ -521,9 +531,18 @@ | |
| } | |
| dk.unsetNSEC3PARAM(zone); | |
| dk.unsetPresigned(zone); | |
| + return true; | |
| } | |
| -void showZone(DNSSECKeeper& dk, const std::string& zone) | |
| +bool showZone(DNSSECKeeper& dk, const std::string& zone) | |
| { | |
| + UeberBackend B("default"); | |
| + DomainInfo di; | |
| + | |
| + if (!B.getDomainInfo(zone, di)){ | |
| + cerr << "No such zone in the database" << endl; | |
| + return false; | |
| + } | |
| + | |
| if(!dk.isSecuredZone(zone)) { | |
| cerr<<"Zone is not actively secured\n"; | |
| } | |
| @@ -564,6 +583,7 @@ | |
| } | |
| } | |
| } | |
| + return true; | |
| } | |
| bool secureZone(DNSSECKeeper& dk, const std::string& zone) | |
| @@ -821,8 +841,10 @@ | |
| cerr << "Syntax: pdnssec rectify-zone ZONE [ZONE..]"<<endl; | |
| return 0; | |
| } | |
| + unsigned int exitCode = 0; | |
| for(unsigned int n = 1; n < cmds.size(); ++n) | |
| - rectifyZone(dk, cmds[n]); | |
| + if (!rectifyZone(dk, cmds[n])) exitCode = 1; | |
| + return exitCode; | |
| } | |
| else if (cmds[0] == "rectify-all-zones") { | |
| rectifyAllZones(dk); | |
| @@ -877,7 +899,7 @@ | |
| return 0; | |
| } | |
| const string& zone=cmds[1]; | |
| - showZone(dk, zone); | |
| + if (!showZone(dk, zone)) return 1; | |
| } | |
| else if(cmds[0] == "disable-dnssec") { | |
| if(cmds.size() != 2) { | |
| @@ -885,7 +907,8 @@ | |
| return 0; | |
| } | |
| const string& zone=cmds[1]; | |
| - disableDNSSECOnZone(dk, zone); | |
| + if(!disableDNSSECOnZone(dk, zone)) | |
| + return 1; | |
| } | |
| else if(cmds[0] == "activate-zone-key") { | |
| if(cmds.size() != 3) { | |
| @@ -929,6 +952,15 @@ | |
| return 0; | |
| } | |
| const string& zone=cmds[1]; | |
| + | |
| + UeberBackend B("default"); | |
| + DomainInfo di; | |
| + | |
| + if (!B.getDomainInfo(zone, di)){ | |
| + cerr << "No such zone in the database" << endl; | |
| + return 0; | |
| + } | |
| + | |
| // need to get algorithm, bits & ksk or zsk from commandline | |
| bool keyOrZone=false; | |
| int bits=0; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment