// QTypes that MUST NOT have multiple records of the same type in a given RRset.
static const std::set<uint16_t> onlyOneEntryTypes = { QType::CNAME, QType::DNAME, QType::SOA };
// QTypes that MUST NOT be used with any other QType on the same name.
-static const std::set<uint16_t> exclusiveEntryTypes = { QType::CNAME, QType::DNAME };
+static const std::set<uint16_t> exclusiveEntryTypes = { QType::CNAME };
AuthWebServer::AuthWebServer() :
d_tid(0),
if (replace_records) {
bool ent_present = false;
+ bool dname_seen = false, ns_seen = false;
+
di.backend->lookup(QType(QType::ANY), qname, di.id);
DNSResourceRecord rr;
while (di.backend->get(rr)) {
/* that's fine, we will override it */
continue;
}
+ if (qtype == QType::DNAME || rr.qtype == QType::DNAME)
+ dname_seen = true;
+ if (qtype == QType::NS || rr.qtype == QType::NS)
+ ns_seen = true;
if (qtype.getCode() != rr.qtype.getCode()
&& (exclusiveEntryTypes.count(qtype.getCode()) != 0
|| exclusiveEntryTypes.count(rr.qtype.getCode()) != 0)) {
}
}
+ if (dname_seen && ns_seen && qname != zonename) {
+ throw ApiException("RRset "+qname.toString()+" IN "+qtype.getName()+": Cannot have both NS and DNAME except in zone apex");
+ }
if (!new_records.empty() && ent_present) {
QType qt_ent{0};
if (!di.backend->replaceRRSet(di.id, qname, qt_ent, new_records)) {
projects / thirdparty / pdns.git / commitdiff
