auth: api - wrap hostname check in a single function

author Charles-Henri Bruyand <charles-henri.bruyand@open-xchange.com>

Wed, 31 Oct 2018 09:13:34 +0000 (10:13 +0100)

committer Charles-Henri Bruyand <charles-henri.bruyand@open-xchange.com>

Wed, 31 Oct 2018 11:01:35 +0000 (12:01 +0100)
author Charles-Henri Bruyand <charles-henri.bruyand@open-xchange.com>
Wed, 31 Oct 2018 09:13:34 +0000 (10:13 +0100)
committer Charles-Henri Bruyand <charles-henri.bruyand@open-xchange.com>
Wed, 31 Oct 2018 11:01:35 +0000 (12:01 +0100)
diff --git a/pdns/dnsrecords.cc b/pdns/dnsrecords.cc

index 0eaeed74bae355cfffaa79aff323b9081fcb0aab..222fa01d9f6960d3672e4286f2cc12b8b209dcc9 100644 (file)
--- a/pdns/dnsrecords.cc
+++ b/pdns/dnsrecords.cc
@@ -587,7 +587,6 @@ DNSRecord makeOpt(const uint16_t udpsize, const uint16_t extRCode, const uint16_
    return dr;
  }
  
-
  void reportBasicTypes()
  {
    ARecordContent::report();
@@ -665,6 +664,35 @@ ComboAddress getAddr(const DNSRecord& dr, uint16_t defport)
      return getRR<AAAARecordContent>(dr)->getCA(defport);
  }
  
+/**
+ * Check if the DNSNames that should be hostnames, are hostnames
+ */
+void checkHostnameCorrectness(const DNSResourceRecord& rr)
+{
+  if (rr.qtype.getCode() == QType::NS || rr.qtype.getCode() == QType::MX || rr.qtype.getCode() == QType::SRV) {
+    DNSName toCheck;
+    if (rr.qtype.getCode() == QType::SRV) {
+      vector<string> parts;
+      stringtok(parts, rr.getZoneRepresentation());
+      if (parts.size() == 4) toCheck = DNSName(parts[3]);
+    } else if (rr.qtype.getCode() == QType::MX) {
+      vector<string> parts;
+      stringtok(parts, rr.getZoneRepresentation());
+      if (parts.size() == 2) toCheck = DNSName(parts[1]);
+    } else {
+      toCheck = DNSName(rr.content);
+    }
+
+    if (toCheck.empty()) {
+      throw std::runtime_error("unable to extract hostname from content");
+    }
+    else if ((rr.qtype.getCode() == QType::MX || rr.qtype.getCode() == QType::SRV) && toCheck == g_rootdnsname) {
+      // allow null MX/SRV
+    } else if(!toCheck.isHostname()) {
+      throw std::runtime_error(boost::str(boost::format("non-hostname content %s") % toCheck.toString()));
+    }
+  }
+}
  
  #if 0
  static struct Reporter
diff --git a/pdns/dnsrecords.hh b/pdns/dnsrecords.hh

index 52cb01975ef1a11cb8b29d8115c8877cdd3ffda9..c7397b9b2751b9c9fc9608ce1f4231d5471b343f 100644 (file)
--- a/pdns/dnsrecords.hh
+++ b/pdns/dnsrecords.hh
@@ -805,4 +805,5 @@ void reportBasicTypes();
  void reportOtherTypes();
  void reportAllTypes();
  ComboAddress getAddr(const DNSRecord& dr, uint16_t defport=0);
+void checkHostnameCorrectness(const DNSResourceRecord& rr);
  #endif 
diff --git a/pdns/pdnsutil.cc b/pdns/pdnsutil.cc

index 7b237e9153a27cf81df6ba466223828f1d802b49..f9226d2761396c85db461d48a31602136f216ea5 100644 (file)
--- a/pdns/pdnsutil.cc
+++ b/pdns/pdnsutil.cc
@@ -428,35 +428,15 @@ int checkZone(DNSSECKeeper &dk, UeberBackend &B, const DNSName& zone, const vect
          checkOcclusion.insert({rr.qname, rr.qtype});
        }
      }
-
      if((rr.qtype.getCode() == QType::A || rr.qtype.getCode() == QType::AAAA) && !rr.qname.isWildcard() && !rr.qname.isHostname())
        cout<<"[Info] "<<rr.qname.toString()<<" record for '"<<rr.qtype.getName()<<"' is not a valid hostname."<<endl;
  
      // Check if the DNSNames that should be hostnames, are hostnames
-    if (rr.qtype.getCode() == QType::NS || rr.qtype.getCode() == QType::MX || rr.qtype.getCode() == QType::SRV) {
-      DNSName toCheck;
-      if (rr.qtype.getCode() == QType::SRV) {
-        vector<string> parts;
-        stringtok(parts, rr.getZoneRepresentation());
-        if (parts.size() == 4) toCheck = DNSName(parts[3]);
-      } else if (rr.qtype.getCode() == QType::MX) {
-        vector<string> parts;
-        stringtok(parts, rr.getZoneRepresentation());
-        if (parts.size() == 2) toCheck = DNSName(parts[1]);
-      } else {
-        toCheck = DNSName(rr.content);
-      }
-
-      if (toCheck.empty()) {
-        cout<<"[Warning] "<<rr.qtype.getName()<<" record in zone '"<<zone<<"': unable to extract hostname from content."<<endl;
-        numwarnings++;
-      }
-      else if ((rr.qtype.getCode() == QType::MX || rr.qtype.getCode() == QType::SRV) && toCheck == g_rootdnsname) {
-        // allow null MX/SRV
-      } else if(!toCheck.isHostname()) {
-        cout<<"[Warning] "<<rr.qtype.getName()<<" record in zone '"<<zone<<"' has non-hostname content '"<<toCheck.toString()<<"'."<<endl;
-        numwarnings++;
-      }
+    try {
+      checkHostnameCorrectness(rr);
+    } catch (const std::exception& e) {
+      cout << "[Warning] " << rr.qtype.getName() << " record in zone '" << zone << ": " << e.what() << endl;
+      numwarnings++;
      }
  
      if (rr.qtype.getCode() == QType::CNAME) {
diff --git a/pdns/ws-auth.cc b/pdns/ws-auth.cc

index 6d16b591a96c568c2bafb7daf349dc9f0fd48f0e..5d6e387fdef97900327dd48dcb96f7f9fc3513b0 100644 (file)
--- a/pdns/ws-auth.cc
+++ b/pdns/ws-auth.cc
@@ -1725,28 +1725,10 @@ static void patchZone(HttpRequest* req, HttpResponse* resp) {
              }
  
              // Check if the DNSNames that should be hostnames, are hostnames
-            if (rr.qtype.getCode() == QType::NS || rr.qtype.getCode() == QType::MX || rr.qtype.getCode() == QType::SRV) {
-              DNSName toCheck;
-              if (rr.qtype.getCode() == QType::SRV) {
-                vector<string> parts;
-                stringtok(parts, rr.getZoneRepresentation());
-                if (parts.size() == 4) toCheck = DNSName(parts[3]);
-              } else if (rr.qtype.getCode() == QType::MX) {
-                vector<string> parts;
-                stringtok(parts, rr.getZoneRepresentation());
-                if (parts.size() == 2) toCheck = DNSName(parts[1]);
-              } else {
-                toCheck = DNSName(rr.content);
-              }
-
-              if (toCheck.empty()) {
-                throw ApiException("RRset "+qname.toString()+" IN "+qtype.getName() + " unable to extract hostname from content.");
-              }
-              else if ((rr.qtype.getCode() == QType::MX || rr.qtype.getCode() == QType::SRV) && toCheck == g_rootdnsname) {
-                // allow null MX/SRV
-              } else if(!toCheck.isHostname()) {
-                throw ApiException("RRset "+qname.toString()+" IN "+qtype.getName() + " record has non-hostname content '" + toCheck.toString() + "'.");
-              }
+            try {
+              checkHostnameCorrectness(rr);
+            } catch (const std::exception& e) {
+              throw ApiException("RRset "+qname.toString()+" IN "+qtype.getName() + " " + e.what());
              }
            }
            checkDuplicateRecords(new_records);
diff --git a/regression-tests.api/test_Zones.py b/regression-tests.api/test_Zones.py

index 6081cc52f9ab2ac07ea3e29cf24fce28220493ba..eb7081888c3d52b96e8dc74267870dca73821c1c 100644 (file)
--- a/regression-tests.api/test_Zones.py
+++ b/regression-tests.api/test_Zones.py
@@ -1006,7 +1006,7 @@ fred   IN  A      192.168.0.4
              data=json.dumps(payload),
              headers={'content-type': 'application/json'})
          self.assertEquals(r.status_code, 422)
-        self.assertIn('record has non-hostname content', r.json()['error'])
+        self.assertIn('non-hostname content', r.json()['error'])
          data = self.session.get(self.url("/api/v1/servers/localhost/zones/" + name)).json()
          self.assertIsNone(get_rrset(data, name, 'MX'))
author	Charles-Henri Bruyand <charles-henri.bruyand@open-xchange.com>
	Wed, 31 Oct 2018 09:13:34 +0000 (10:13 +0100)
committer	Charles-Henri Bruyand <charles-henri.bruyand@open-xchange.com>
	Wed, 31 Oct 2018 11:01:35 +0000 (12:01 +0100)
pdns/dnsrecords.cc		patch \| blob \| blame \| history
pdns/dnsrecords.hh		patch \| blob \| blame \| history
pdns/pdnsutil.cc		patch \| blob \| blame \| history
pdns/ws-auth.cc		patch \| blob \| blame \| history
regression-tests.api/test_Zones.py		patch \| blob \| blame \| history