Merge pull request #8223 from PowerDNS/omoerbeek-patch-1

[thirdparty/pdns.git] / pdns / secpoll-auth.cc

diff --git a/pdns/secpoll-auth.cc b/pdns/secpoll-auth.cc
index 84ed625090f50f04521d96cfc28b39376df403d9..65ab81d3521f93594413bec4e62a88ed194842f0 100644 (file)
--- a/pdns/secpoll-auth.cc
+++ b/pdns/secpoll-auth.cc
@@ -15,6 +15,7 @@
 #include "namespaces.hh"
 #include "statbag.hh"
 #include "stubresolver.hh"
+#include "secpoll.hh"
 #include "dnsrecords.hh"
 #include <stdint.h>
 #ifndef PACKAGEVERSION
@@ -35,8 +36,9 @@ void doSecPoll(bool first)
 
   struct timeval now;
   gettimeofday(&now, 0);
+  string pkgv(PACKAGEVERSION);
 
-  string version = "auth-" + string(PACKAGEVERSION);
+  string version = "auth-" + pkgv;
   string query = version.substr(0, 63) +".security-status."+::arg()["security-poll-suffix"];
 
   if(*query.rbegin()!='.')
@@ -45,39 +47,37 @@ void doSecPoll(bool first)
   boost::replace_all(query, "+", "_");
   boost::replace_all(query, "~", "_");
 
-  vector<DNSZoneRecord> ret;
+  int security_status = std::stoi(S.getValueStr("security-status"));
 
-  int res=stubDoResolve(DNSName(query), QType::TXT, ret);
+  vector<DNSRecord> ret;
+  int res = stubDoResolve(DNSName(query), QType::TXT, ret);
 
-  int security_status=0;
+  if (res == RCode::NXDomain && !isReleaseVersion(pkgv)) {
+    g_log<<Logger::Warning<<"Not validating response for security status update, this is a non-release version"<<endl;
+    return;
+  }
 
-  if(!res && !ret.empty()) {
-    string content=getRR<TXTRecordContent>(ret.begin()->dr)->d_text;
+  string security_message;
 
-    pair<string, string> split = splitField(content, ' ');
+  try {
+    processSecPoll(res, ret, security_status, security_message);
+  } catch(const PDNSException &pe) {
+    S.set("security-status", security_status);
+    g_log<<Logger::Warning<<"Could not retrieve security status update for '" + pkgv + "' on '"+ query + "': "<<pe.reason<<endl;
+    return;
+  }
 
-    security_status = std::stoi(split.first);
-    g_security_message = split.second;
 
-  }
-  else {
-    string pkgv(PACKAGEVERSION);
-    if(pkgv.find("0.0."))
-      L<<Logger::Warning<<"Could not retrieve security status update for '" + pkgv + "' on '"+query+"', RCODE = "<< RCode::to_s(res)<<endl;
-    else
-      L<<Logger::Warning<<"Not validating response for security status update, this a non-release version."<<endl;
-  }
+  S.set("security-status", security_status);
+  g_security_message = security_message;
 
   if(security_status == 1 && first) {
-    L<<Logger::Warning << "Polled security status of version "<<PACKAGEVERSION<<" at startup, no known issues reported: " <<g_security_message<<endl;
+    g_log<<Logger::Warning << "Polled security status of version "<<PACKAGEVERSION<<" at startup, no known issues reported: " <<g_security_message<<endl;
   }
   if(security_status == 2) {
-    L<<Logger::Error<<"PowerDNS Security Update Recommended: "<<g_security_message<<endl;
+    g_log<<Logger::Error<<"PowerDNS Security Update Recommended: "<<g_security_message<<endl;
   }
-  else if(security_status == 3) {
-    L<<Logger::Error<<"PowerDNS Security Update Mandatory: "<<g_security_message<<endl;
+  if(security_status == 3) {
+    g_log<<Logger::Error<<"PowerDNS Security Update Mandatory: "<<g_security_message<<endl;
   }
-
-  S.set("security-status",security_status);
-
 }