From: bert hubert Date: Sun, 27 Sep 2015 14:41:27 +0000 (+0200) Subject: second round of DNSName cleanups - more will be needed for other backends X-Git-Tag: dnsdist-1.0.0-alpha1~248^2~28^2~27^2~4 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=290a083d85d4301618b9a416e82ffa0f31e3aab5;p=thirdparty%2Fpdns.git second round of DNSName cleanups - more will be needed for other backends --- diff --git a/pdns/backends/gsql/gsqlbackend.cc b/pdns/backends/gsql/gsqlbackend.cc index 9337e5340e..3d00e65b08 100644 --- a/pdns/backends/gsql/gsqlbackend.cc +++ b/pdns/backends/gsql/gsqlbackend.cc @@ -319,7 +319,7 @@ bool GSQLBackend::getDomainInfo(const DNSName &domain, DomainInfo &di) ASSERT_ROW_COLUMNS("info-zone-query", d_result[0], 7); di.id=atol(d_result[0][0].c_str()); - di.zone=d_result[0][1]; + di.zone=DNSName(d_result[0][1]); stringtok(di.masters, d_result[0][2], " ,\t"); di.last_check=atol(d_result[0][3].c_str()); di.notified_serial = atol(d_result[0][4].c_str()); @@ -364,7 +364,7 @@ void GSQLBackend::getUnfreshSlaveInfos(vector *unfreshDomains) DomainInfo sd; ASSERT_ROW_COLUMNS("info-all-slaves-query", d_result[n], 4); sd.id=atol(d_result[n][0].c_str()); - sd.zone=d_result[n][1]; + sd.zone= DNSName(d_result[n][1]); stringtok(sd.masters, d_result[n][2], ", \t"); sd.last_check=atol(d_result[n][3].c_str()); sd.backend=this; @@ -404,7 +404,7 @@ void GSQLBackend::getUpdatedMasters(vector *updatedDomains) DomainInfo sd; ASSERT_ROW_COLUMNS("info-all-master-query", d_result[n], 5); sd.id=atol(d_result[n][0].c_str()); - sd.zone=d_result[n][1]; + sd.zone= DNSName(d_result[n][1]); sd.last_check=atol(d_result[n][3].c_str()); sd.notified_serial=atoi(d_result[n][4].c_str()); sd.backend=this; @@ -595,7 +595,7 @@ bool GSQLBackend::getBeforeAndAfterNamesAbsolute(uint32_t id, const string& qnam d_beforeOrderQuery_stmt->nextRow(row); ASSERT_ROW_COLUMNS("get-order-before-query", row, 2); before=row[0]; - unhashed=row[1]; + unhashed=DNSName(row[1]); } d_beforeOrderQuery_stmt->reset(); } @@ -617,7 +617,7 @@ bool GSQLBackend::getBeforeAndAfterNamesAbsolute(uint32_t id, const string& qnam d_lastOrderQuery_stmt->nextRow(row); ASSERT_ROW_COLUMNS("get-order-last-query", row, 2); before=row[0]; - unhashed=row[1]; + unhashed=DNSName(row[1]); } d_lastOrderQuery_stmt->reset(); } @@ -718,8 +718,8 @@ bool GSQLBackend::getTSIGKey(const DNSName& name, DNSName* algorithm, string* co while(d_getTSIGKeyQuery_stmt->hasNextRow()) { d_getTSIGKeyQuery_stmt->nextRow(row); ASSERT_ROW_COLUMNS("get-tsig-key-query", row, 2); - if(algorithm->empty() || *algorithm==row[0]) { - *algorithm = row[0]; + if(algorithm->empty() || *algorithm==DNSName(row[0])) { + *algorithm = DNSName(row[0]); *content = row[1]; } } @@ -775,8 +775,8 @@ bool GSQLBackend::getTSIGKeys(std::vector< struct TSIGKey > &keys) d_getTSIGKeysQuery_stmt->nextRow(row); ASSERT_ROW_COLUMNS("get-tsig-keys-query", row, 3); struct TSIGKey key; - key.name = row[0]; - key.algorithm = row[1]; + key.name = DNSName(row[0]); + key.algorithm = DNSName(row[1]); key.key = row[2]; keys.push_back(key); } @@ -1153,7 +1153,7 @@ void GSQLBackend::getAllDomains(vector *domains, bool include_disabl ASSERT_ROW_COLUMNS("get-all-domains-query", row, 8); DomainInfo di; di.id = atol(row[0].c_str()); - di.zone = row[1]; + di.zone = DNSName(row[1]); if (!row[4].empty()) { stringtok(di.masters, row[4], " ,\t"); @@ -1587,7 +1587,7 @@ void GSQLBackend::extractRecord(const SSqlStatement::row_t& row, DNSResourceReco if(!d_qname.empty()) r.qname=d_qname; else - r.qname=row[6]; + r.qname=DNSName(row[6]); r.qtype=row[3]; if (r.qtype==QType::MX || r.qtype==QType::SRV) diff --git a/pdns/bindparser.yy b/pdns/bindparser.yy index 2fe5758a23..c3a6afd39a 100644 --- a/pdns/bindparser.yy +++ b/pdns/bindparser.yy @@ -125,7 +125,7 @@ command: global_zone_command: ZONETOK quotedname zone_block { - s_di.name=stripDot($2); + s_di.name=DNSName(stripDot($2)); free($2); parent->commit(s_di); s_di.clear(); @@ -133,7 +133,7 @@ global_zone_command: | ZONETOK quotedname AWORD zone_block { - s_di.name=stripDot($2); + s_di.name=DNSName(stripDot($2)); free($2); parent->commit(s_di); s_di.clear(); diff --git a/pdns/bindparserclasses.hh b/pdns/bindparserclasses.hh index 2faced2ae4..2fd0790858 100644 --- a/pdns/bindparserclasses.hh +++ b/pdns/bindparserclasses.hh @@ -38,7 +38,8 @@ public: void clear() { - name=filename=type=""; + name=DNSName(); + filename=type=""; masters.clear(); alsoNotify.clear(); d_dev=0; diff --git a/pdns/dnsbackend.cc b/pdns/dnsbackend.cc index d860a1c6a0..55fe19f4e8 100644 --- a/pdns/dnsbackend.cc +++ b/pdns/dnsbackend.cc @@ -250,11 +250,11 @@ bool DNSBackend::getSOA(const DNSName &domain, SOAData &sd, DNSPacket *p) return false; sd.qname = domain; if(!sd.nameserver.countLabels()) - sd.nameserver=arg()["default-soa-name"]; + sd.nameserver= DNSName(arg()["default-soa-name"]); if(!sd.hostmaster.countLabels()) { if (!arg().isEmpty("default-soa-mail")) { - sd.hostmaster=arg()["default-soa-mail"]; + sd.hostmaster= DNSName(arg()["default-soa-mail"]); // attodot(sd.hostmaster); FIXME400 } else @@ -363,16 +363,18 @@ extern PacketCache PC; #define DLOG(x) x #endif -bool _add_to_negcache( const string &zone ) { +// XXX DNSName pain, should be DNSName native. +static bool add_to_negcache( const string &zone ) { static int negqueryttl=::arg().asNum("negquery-cache-ttl"); // add the zone to the negative query cache and return false if(negqueryttl) { DLOG(L<qname = inZone.substr( inZone.length() - foundkey.length(), string::npos ); + soa->qname = DNSName(inZone.substr( inZone.length() - foundkey.length(), string::npos )); - DLOG(L<qname<qname<d_algoName; // FIXME400 - if (algoName == "hmac-md5.sig-alg.reg.int") - algoName = "hmac-md5"; + if (algoName == DNSName("hmac-md5.sig-alg.reg.int")) + algoName = DNSName("hmac-md5"); - if (algoName == "gss-tsig") { + if (algoName == DNSName("gss-tsig")) { if (!gss_verify_signature(*keyname, message, trc->d_mac)) { L<qdomain<<"' denied: TSIG signature mismatch using '"<<*keyname<<"' and algorithm '"<d_algoName<<"'"<qdomain<<"' denied: can't find TSIG key with name '"<<*keyname<<"' and algorithm '"<d_algoName == "hmac-md5") - trc->d_algoName += "sig-alg.reg.int"; + if (trc->d_algoName == DNSName("hmac-md5")) + trc->d_algoName += DNSName("sig-alg.reg.int"); TSIGHashEnum algo; if(!getTSIGHashEnum(trc->d_algoName, algo)) { diff --git a/pdns/dnssecinfra.cc b/pdns/dnssecinfra.cc index 8246943f46..5e34841c56 100644 --- a/pdns/dnssecinfra.cc +++ b/pdns/dnssecinfra.cc @@ -299,7 +299,7 @@ DNSCryptoKeyEngine* DNSCryptoKeyEngine::makeFromPEMString(DNSKEYRecordContent& d bool sharedDNSSECCompare(const shared_ptr& a, const shared_ptr& b) { - return a->serialize("", true, true) < b->serialize("", true, true); + return a->serialize(DNSName(), true, true) < b->serialize(DNSName(), true, true); } string getMessageForRRSET(const DNSName& qname, const RRSIGRecordContent& rrc, vector >& signRecords) @@ -307,7 +307,7 @@ string getMessageForRRSET(const DNSName& qname, const RRSIGRecordContent& rrc, v sort(signRecords.begin(), signRecords.end(), sharedDNSSECCompare); string toHash; - toHash.append(const_cast(rrc).serialize("", true, true)); + toHash.append(const_cast(rrc).serialize(DNSName(), true, true)); toHash.resize(toHash.size() - rrc.d_signature.length()); // chop off the end, don't sign the signature! BOOST_FOREACH(shared_ptr& add, signRecords) { @@ -318,7 +318,7 @@ string getMessageForRRSET(const DNSName& qname, const RRSIGRecordContent& rrc, v toHash.append((char*)&tmp, 2); uint32_t ttl=htonl(rrc.d_originalttl); toHash.append((char*)&ttl, 4); - string rdata=add->serialize("", true, true); + string rdata=add->serialize(DNSName(), true, true); tmp=htons(rdata.length()); toHash.append((char*)&tmp, 2); toHash.append(rdata); @@ -331,7 +331,7 @@ DSRecordContent makeDSFromDNSKey(const DNSName& qname, const DNSKEYRecordContent { string toHash; toHash.assign(qname.toDNSString()); // FIXME400 tolower? - toHash.append(const_cast(drc).serialize("", true, true)); + toHash.append(const_cast(drc).serialize(DNSName(), true, true)); DSRecordContent dsrc; if(digest==1) { @@ -556,7 +556,7 @@ string makeTSIGMessageFromTSIGPacket(const string& opacket, unsigned int tsigOff message.append(packet); vector signVect; - DNSPacketWriter dw(signVect, "", 0); + DNSPacketWriter dw(signVect, DNSName(), 0); if(!timersonly) { dw.xfrName(keyname, false); dw.xfr16BitInt(QClass::ANY); // class @@ -596,7 +596,7 @@ void addTSIG(DNSPacketWriter& pw, TSIGRecordContent* trc, const DNSName& tsigkey // now add something that looks a lot like a TSIG record, but isn't vector signVect; - DNSPacketWriter dw(signVect, "", 0); + DNSPacketWriter dw(signVect, DNSName(), 0); if(!timersonly) { dw.xfrName(tsigkeyname, false); dw.xfr16BitInt(QClass::ANY); // class diff --git a/pdns/dnsseckeeper.hh b/pdns/dnsseckeeper.hh index 3643c60d23..9f29f21226 100644 --- a/pdns/dnsseckeeper.hh +++ b/pdns/dnsseckeeper.hh @@ -96,7 +96,7 @@ public: void startTransaction() { - (*d_keymetadb->backends.begin())->startTransaction("", -1); + (*d_keymetadb->backends.begin())->startTransaction(DNSName(), -1); } void commitTransaction() diff --git a/pdns/dynhandler.cc b/pdns/dynhandler.cc index 7775481888..5e590f359e 100644 --- a/pdns/dynhandler.cc +++ b/pdns/dynhandler.cc @@ -129,7 +129,7 @@ string DLPurgeHandler(const vector&parts, Utility::pid_t ppid) if(parts.size()>1) { for (vector::const_iterator i=++parts.begin();i&parts, Utility::pid_t ppid) const string& domain=parts[1]; DomainInfo di; UeberBackend B; - if(!B.getDomainInfo(domain, di)) + if(!B.getDomainInfo(DNSName(domain), di)) return "Domain '"+domain+"' unknown"; if(di.masters.empty()) return "Domain '"+domain+"' is not a slave domain (or has no master defined)"; random_shuffle(di.masters.begin(), di.masters.end()); - Communicator.addSuckRequest(domain, di.masters.front()); + Communicator.addSuckRequest(DNSName(domain), di.masters.front()); return "Added retrieval request for '"+domain+"' from master "+di.masters.front(); } @@ -263,10 +263,13 @@ string DLNotifyHostHandler(const vector&parts, Utility::pid_t ppid) } L<&parts, Utility::pid_t ppid) { extern CommunicatorClass Communicator; @@ -295,7 +298,7 @@ string DLNotifyHandler(const vector&parts, Utility::pid_t ppid) return itoa(notified)+" out of "+itoa(total)+" zones added to queue - see log"; return "Added "+itoa(total)+" MASTER zones to queue"; } else { - if(!Communicator.notifyDomain(parts[1])) + if(!Communicator.notifyDomain(DNSName(parts[1]))) return "Failed to add to the queue - see log"; return "Added to queue"; } diff --git a/pdns/lua-auth.cc b/pdns/lua-auth.cc index 89613de05a..2f62a92965 100644 --- a/pdns/lua-auth.cc +++ b/pdns/lua-auth.cc @@ -176,7 +176,7 @@ static int ldp_getZone(lua_State *L) { static int ldp_addRecords(lua_State *L) { DNSPacket *p=ldp_checkDNSPacket(L); vector rrs; - popResourceRecordsTable(L, "BOGUS", rrs); + popResourceRecordsTable(L, DNSName("BOGUS"), rrs); BOOST_FOREACH(DNSResourceRecord rr, rrs) { p->addRecord(rr); } diff --git a/pdns/mastercommunicator.cc b/pdns/mastercommunicator.cc index 27fbcd6598..9493247da9 100644 --- a/pdns/mastercommunicator.cc +++ b/pdns/mastercommunicator.cc @@ -55,7 +55,7 @@ void CommunicatorClass::queueNotifyDomain(const DNSName &domain, UeberBackend *B nsset.insert(rr.content); for(set::const_iterator j=nsset.begin();j!=nsset.end();++j) { - vector nsips=fns.lookup(*j, B); + vector nsips=fns.lookup(DNSName(*j), B); if(nsips.empty()) L< range = mc.d_map.equal_range(tie(qname)); diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc index b84c48ae9b..873f42479a 100644 --- a/pdns/packethandler.cc +++ b/pdns/packethandler.cc @@ -125,7 +125,7 @@ void PacketHandler::addRootReferral(DNSPacket* r) for(char c='a';c<='m';++c) { *templ=c; - rr.qname=templ; + rr.qname=DNSName(templ); rr.content=ips[c-'a']; r->addRecord(rr); } @@ -188,7 +188,8 @@ int PacketHandler::doChaosRequest(DNSPacket *p, DNSPacket *r, DNSName &target) DNSResourceRecord rr; if(p->qtype.getCode()==QType::TXT) { - if (pdns_iequals(target, "version.pdns") || pdns_iequals(target, "version.bind")) { + static const DNSName versionbind("version.bind."), versionpdns("version.pdns."), idserver("id.server."); + if (target==versionbind || target==versionbind) { // modes: full, powerdns only, anonymous or custom const static string mode=::arg()["version-string"]; @@ -203,7 +204,7 @@ int PacketHandler::doChaosRequest(DNSPacket *p, DNSPacket *r, DNSName &target) else rr.content=mode; } - else if (pdns_iequals(target, "id.server")) { + else if (target==idserver) { // modes: disabled, hostname or custom const static string id=::arg()["server-id"]; @@ -262,15 +263,15 @@ vector PacketHandler::getBestDNAMESynth(DNSPacket *p, SOAData ret.push_back(rr); // put in the original rr.qtype = QType::CNAME; rr.qname = prefix + rr.qname; - rr.content = (prefix + rr.content).toStringNoDot(); + rr.content = (prefix + DNSName(rr.content)).toStringNoDot(); rr.auth = 0; // don't sign CNAME - target= rr.content; + target= DNSName(rr.content); ret.push_back(rr); } if(!ret.empty()) return ret; if(subdomain.countLabels()) - prefix+= subdomain.getRawLabels()[0]; + prefix+= DNSName(subdomain.getRawLabels()[0]); // XXX DNSName pain this feels wrong if(subdomain == sd.qname) // stop at SOA break; @@ -290,14 +291,14 @@ bool PacketHandler::getBestWildcard(DNSPacket *p, SOAData& sd, const DNSName &ta wildcard=subdomain; while( subdomain.chopOff() && !haveSomething ) { if (subdomain.empty()) { - B.lookup(QType(QType::ANY), "*", p, sd.domain_id); + B.lookup(QType(QType::ANY), DNSName("*"), p, sd.domain_id); } else { - B.lookup(QType(QType::ANY), "*."+subdomain, p, sd.domain_id); + B.lookup(QType(QType::ANY), DNSName("*")+subdomain, p, sd.domain_id); } while(B.get(rr)) { if(rr.qtype == p->qtype || rr.qtype.getCode() == QType::CNAME || (p->qtype.getCode() == QType::ANY && rr.qtype.getCode() != QType::RRSIG)) ret->push_back(rr); - wildcard="*."+subdomain; + wildcard=DNSName("*")+subdomain; haveSomething=true; } @@ -357,13 +358,13 @@ int PacketHandler::doAdditionalProcessingAndDropAA(DNSPacket *p, DNSPacket *r, c vectorparts; stringtok(parts, content); if (parts.size() >= 3) { - B.lookup(qtypes[n],parts[2],p); + B.lookup(qtypes[n], DNSName(parts[2]), p); } else continue; } else { - B.lookup(qtypes[n], content, p); + B.lookup(qtypes[n], DNSName(content), p); } while(B.get(rr)) { if(rr.domain_id!=i->domain_id && ::arg()["out-of-zone-additional-processing"]=="no") { @@ -937,7 +938,7 @@ bool PacketHandler::tryReferral(DNSPacket *p, DNSPacket*r, SOAData& sd, const DN r->setA(false); if(d_dk.isSecuredZone(sd.qname) && !addDSforNS(p, r, sd, rrset.begin()->qname)) - addNSECX(p, r, rrset.begin()->qname, "", sd.qname, 1); + addNSECX(p, r, rrset.begin()->qname, DNSName(), sd.qname, 1); return true; } @@ -950,7 +951,7 @@ void PacketHandler::completeANYRecords(DNSPacket *p, DNSPacket*r, SOAData& sd, c if(!d_dk.isSecuredZone(sd.qname)) return; - addNSECX(p, r, target, "", sd.qname, 5); + addNSECX(p, r, target, DNSName(), sd.qname, 5); if(pdns_iequals(sd.qname, p->qdomain)) { addDNSKEY(p, r, sd); addNSEC3PARAM(p, r, sd); @@ -993,7 +994,7 @@ bool PacketHandler::tryWildcard(DNSPacket *p, DNSPacket*r, SOAData& sd, DNSName if(rr.qtype.getCode() == QType::CNAME) { retargeted=true; - target=rr.content; + target=DNSName(rr.content); } DLOG(L<<"\tadding '"<qtype.getCode() == QType::NSEC && d_dk.isSecuredZone(sd.qname) && !d_dk.getNSEC3PARAM(sd.qname, 0)) { - addNSEC(p, r, target, "", sd.qname, 5); + addNSEC(p, r, target, DNSName(), sd.qname, 5); goto sendit; } @@ -1284,7 +1285,7 @@ DNSPacket *PacketHandler::questionOrRecurse(DNSPacket *p, bool *shouldRecurse) DLOG(L<<"After first ANY query for '"<qtype.getCode() == QType::DS && weHaveUnauth && !weDone && !weRedirected && d_dk.isSecuredZone(sd.qname)) { DLOG(L<<"Q for DS of a name for which we do have NS, but for which we don't have on a zone with DNSSEC need to provide an AUTH answer that proves we don't"<addRecord(rr); - target = rr.content; + target = DNSName(rr.content); retargetcount++; goto retargeted; } @@ -1358,7 +1359,7 @@ DNSPacket *PacketHandler::questionOrRecurse(DNSPacket *p, bool *shouldRecurse) completeANYRecords(p, r, sd, target); } else - makeNOError(p, r, rr.qname, "", sd, 0); + makeNOError(p, r, rr.qname, DNSName(), sd, 0); goto sendit; } @@ -1375,7 +1376,7 @@ DNSPacket *PacketHandler::questionOrRecurse(DNSPacket *p, bool *shouldRecurse) } else { DLOG(L<<"Have some data, but not the right data"<id = dns_random(0xffff); if(!tsigkeyname.empty()) { - if (tsigalgorithm == "hmac-md5") - d_trc.d_algoName = tsigalgorithm + "sig-alg.reg.int"; + if (tsigalgorithm == DNSName("hmac-md5")) + d_trc.d_algoName = tsigalgorithm + DNSName("sig-alg.reg.int"); else d_trc.d_algoName = tsigalgorithm; d_trc.d_time = time(0); @@ -451,7 +451,7 @@ int AXFRRetriever::getChunk(Resolver::res_t &res) // Implementation is making su timeoutReadn(len); MOADNSParser mdp(d_buf.get(), len); - int err = parseResult(mdp, "", 0, 0, &res); + int err = parseResult(mdp, DNSName(), 0, 0, &res); if(err) throw ResolverException("AXFR chunk error: " + RCode::to_s(err)); diff --git a/pdns/rfc2136handler.cc b/pdns/rfc2136handler.cc index 48f073d919..b4e35b64f8 100644 --- a/pdns/rfc2136handler.cc +++ b/pdns/rfc2136handler.cc @@ -709,7 +709,7 @@ int PacketHandler::processUpdate(DNSPacket *p) { } } else { for(vector::const_iterator key=tsigKeys.begin(); key != tsigKeys.end(); key++) { - if (inputkey == *key) { // because checkForCorrectTSIG has already been performed earlier on, if the names of the ky match with the domain given. THis is valid. + if (inputkey == DNSName(*key)) { // because checkForCorrectTSIG has already been performed earlier on, if the names of the ky match with the domain given. THis is valid. validKey=true; break; } diff --git a/pdns/secpoll-auth.cc b/pdns/secpoll-auth.cc index a2f2c7237c..ace74c9858 100644 --- a/pdns/secpoll-auth.cc +++ b/pdns/secpoll-auth.cc @@ -68,7 +68,7 @@ int doResolve(const string& qname, uint16_t qtype, vector& re { vector packet; - DNSPacketWriter pw(packet, qname, qtype); + DNSPacketWriter pw(packet, DNSName(qname), qtype); pw.getHeader()->id=dns_random(0xffff); pw.getHeader()->rd=1; if (s_secpollresolvers.empty()) { diff --git a/pdns/slavecommunicator.cc b/pdns/slavecommunicator.cc index b0f0273b5d..3d0bf5c514 100644 --- a/pdns/slavecommunicator.cc +++ b/pdns/slavecommunicator.cc @@ -191,7 +191,7 @@ void CommunicatorClass::suck(const DNSName &domain,const string &remote) throw PDNSException("Zones with a mixture of Opt-Out NSEC3 RRs and non-Opt-Out NSEC3 RRs are not supported."); optOutFlag = ns3rc.d_flags & 1; if (ns3rc.d_set.count(QType::NS) && !pdns_iequals(rr.qname, domain)) - secured.insert(toLower(makeRelative(rr.qname.toString(), domain.toString()))); + secured.insert(DNSName(toLower(makeRelative(rr.qname.toString(), domain.toString())))); // XXX DNSName pain continue; } case QType::NSEC: { @@ -328,7 +328,7 @@ void CommunicatorClass::suck(const DNSName &domain,const string &remote) if (!rr.auth && rr.qtype.getCode() == QType::NS) { if (isNSEC3) ordername=toBase32Hex(hashQNameWithSalt(ns3pr, rr.qname)); - auth=(!isNSEC3 || !optOutFlag || secured.count(ordername)); + auth=(!isNSEC3 || !optOutFlag || secured.count(DNSName(ordername))); } else auth=rr.auth; @@ -355,7 +355,7 @@ void CommunicatorClass::suck(const DNSName &domain,const string &remote) if (isNSEC3) { // NSEC3 ordername=toBase32Hex(hashQNameWithSalt(ns3pr, rr.qname)); - if(!isNarrow && (rr.auth || (rr.qtype.getCode() == QType::NS && (!optOutFlag || secured.count(ordername))))) { + if(!isNarrow && (rr.auth || (rr.qtype.getCode() == QType::NS && (!optOutFlag || secured.count(DNSName(ordername)))))) { di.backend->feedRecord(rr, &ordername); } else di.backend->feedRecord(rr); @@ -390,35 +390,35 @@ void CommunicatorClass::suck(const DNSName &domain,const string &remote) notifyDomain(domain); } catch(DBException &re) { - L<abortTransaction(); } } catch(MOADNSException &re) { - L<abortTransaction(); } } catch(std::exception &re) { - L<abortTransaction(); } } catch(ResolverException &re) { - L<abortTransaction(); } } catch(PDNSException &ae) { - L<abortTransaction(); diff --git a/pdns/tcpreceiver.cc b/pdns/tcpreceiver.cc index 42de1d6e44..204b43fef2 100644 --- a/pdns/tcpreceiver.cc +++ b/pdns/tcpreceiver.cc @@ -468,7 +468,7 @@ bool TCPNameserver::canDoAXFR(shared_ptr q) B->lookup(QType(QType::NS),q->qdomain); while(B->get(rr)) - nsset.insert(rr.content); + nsset.insert(DNSName(rr.content)); for(const auto & j: nsset) { vector nsips=fns.lookup(j, B); for(vector::const_iterator k=nsips.begin();k!=nsips.end();++k) { @@ -615,9 +615,9 @@ int TCPNameserver::doAXFR(const DNSName &target, shared_ptr q, int ou if(!tsigkeyname.empty()) { string tsig64; DNSName algorithm=trc.d_algoName; // FIXME400: check - if (algorithm == "hmac-md5.sig-alg.reg.int") - algorithm = "hmac-md5"; - if (algorithm != "gss-tsig") { + if (algorithm == DNSName("hmac-md5.sig-alg.reg.int")) + algorithm = DNSName("hmac-md5"); + if (algorithm != DNSName("gss-tsig")) { Lock l(&s_plock); s_P->getBackend()->getTSIGKey(tsigkeyname, &algorithm, &tsig64); B64Decode(tsig64, tsigsecret); @@ -890,12 +890,12 @@ int TCPNameserver::doAXFR(const DNSName &target, shared_ptr q, int ou nrc.d_set.insert(QType::RRSIG); nrc.d_set.insert(QType::NSEC); if(boost::next(iter) != nsecxrepo.end()) { - nrc.d_next = labelReverse(boost::next(iter)->first); + nrc.d_next = DNSName(labelReverse(boost::next(iter)->first)); } else - nrc.d_next=labelReverse(nsecxrepo.begin()->first); + nrc.d_next=DNSName(labelReverse(nsecxrepo.begin()->first)); - rr.qname = labelReverse(iter->first); + rr.qname = DNSName(labelReverse(iter->first)); rr.ttl = sd.default_ttl; rr.content = nrc.getZoneRepresentation(); @@ -1045,8 +1045,8 @@ int TCPNameserver::doIXFR(shared_ptr q, int outsock) if(!tsigkeyname.empty()) { string tsig64; DNSName algorithm=trc.d_algoName; // FIXME400: was toLowerCanonic, compare output - if (algorithm == "hmac-md5.sig-alg.reg.int") - algorithm = "hmac-md5"; + if (algorithm == DNSName("hmac-md5.sig-alg.reg.int")) + algorithm = DNSName("hmac-md5"); Lock l(&s_plock); s_P->getBackend()->getTSIGKey(tsigkeyname, &algorithm, &tsig64); B64Decode(tsig64, tsigsecret); diff --git a/pdns/tkey.cc b/pdns/tkey.cc index f4725850b3..85ffc0dd73 100644 --- a/pdns/tkey.cc +++ b/pdns/tkey.cc @@ -25,7 +25,7 @@ void PacketHandler::tkeyHandler(DNSPacket *p, DNSPacket *r) { GssContext ctx(label.toStringNoDot()); if (tkey_in.d_mode == 3) { // establish context - if (tkey_in.d_algo == "gss-tsig.") { + if (tkey_in.d_algo == DNSName("gss-tsig.")) { std::vector meta; DNSName tmpLabel(label); do { @@ -87,7 +87,7 @@ void PacketHandler::tkeyHandler(DNSPacket *p, DNSPacket *r) { if (sign) { TSIGRecordContent trc; - trc.d_algoName = "gss-tsig"; + trc.d_algoName = DNSName("gss-tsig"); trc.d_time = tkey_out->d_inception; trc.d_fudge = 300; trc.d_mac = ""; diff --git a/pdns/ws-auth.cc b/pdns/ws-auth.cc index 9ad8efebea..01c6ef705b 100644 --- a/pdns/ws-auth.cc +++ b/pdns/ws-auth.cc @@ -290,7 +290,7 @@ static void fillZoneInfo(const DomainInfo& di, Value& jdi, Document& doc) { DNSSECKeeper dk; jdi.SetObject(); // id is the canonical lookup key, which doesn't actually match the name (in some cases) - string zoneId = apiZoneNameToId(di.zone.toString()); + string zoneId = apiZoneNameToId(di.zone); Value jzoneId(zoneId.c_str(), doc.GetAllocator()); // copy jdi.AddMember("id", jzoneId, doc.GetAllocator()); string url = "/servers/localhost/zones/" + zoneId; @@ -313,11 +313,11 @@ static void fillZoneInfo(const DomainInfo& di, Value& jdi, Document& doc) { jdi.AddMember("last_check", (unsigned int) di.last_check, doc.GetAllocator()); } -static void fillZone(const string& zonename, HttpResponse* resp) { +static void fillZone(const DNSName& zonename, HttpResponse* resp) { UeberBackend B; DomainInfo di; if(!B.getDomainInfo(zonename, di)) - throw ApiException("Could not find domain '"+zonename+"'"); + throw ApiException("Could not find domain '"+zonename.toString()+"'"); Document doc; fillZoneInfo(di, doc, doc); @@ -394,7 +394,7 @@ static void gatherRecords(const Value& container, vector& new if (records.IsArray()) { for (SizeType idx = 0; idx < records.Size(); ++idx) { const Value& record = records[idx]; - rr.qname = stringFromJson(record, "name"); + rr.qname = DNSName(stringFromJson(record, "name")); rr.qtype = stringFromJson(record, "type"); rr.content = stringFromJson(record, "content"); rr.auth = 1; @@ -470,7 +470,7 @@ static void gatherComments(const Value& container, vector& new_comments } } -static void updateDomainSettingsFromDocument(const DomainInfo& di, const string& zonename, Document& document) { +static void updateDomainSettingsFromDocument(const DomainInfo& di, const DNSName& zonename, Document& document) { string master; const Value &masters = document["masters"]; if (masters.IsArray()) { @@ -498,19 +498,19 @@ static void apiZoneCryptokeys(HttpRequest* req, HttpResponse* resp) { if(req->method != "GET") throw ApiException("Only GET is implemented"); - string zonename = apiZoneIdToName(req->parameters["id"]); + DNSName zonename = apiZoneIdToName(req->parameters["id"]); UeberBackend B; DomainInfo di; DNSSECKeeper dk; if(!B.getDomainInfo(zonename, di)) - throw ApiException("Could not find domain '"+zonename+"'"); + throw ApiException("Could not find domain '"+zonename.toString()+"'"); DNSSECKeeper::keyset_t keyset=dk.getKeys(zonename, boost::indeterminate, false); if (keyset.empty()) - throw ApiException("No keys for zone '"+zonename+"'"); + throw ApiException("No keys for zone '"+zonename.toString()+"'"); Document doc; doc.SetArray(); @@ -567,7 +567,7 @@ static void apiZoneCryptokeys(HttpRequest* req, HttpResponse* resp) { resp->setBody(doc); } -static void gatherRecordsFromZone(const Value &container, vector& new_records, string zonename) { +static void gatherRecordsFromZone(const Value &container, vector& new_records, DNSName zonename) { DNSResourceRecord rr; vector zonedata; stringtok(zonedata, stringFromJson(container, "zone"), "\r\n"); @@ -602,6 +602,7 @@ static void apiServerZones(HttpRequest* req, HttpResponse* resp) { Document document; req->json(document); string zonename = stringFromJson(document, "name"); + DNSName dzonename(zonename); // strip trailing dot (from spec PoV this is wrong, but be nice to clients) if (zonename.size() > 0 && zonename.substr(zonename.size()-1) == ".") { @@ -610,7 +611,7 @@ static void apiServerZones(HttpRequest* req, HttpResponse* resp) { string zonestring = stringFromJson(document, "zone", ""); - bool exists = B.getDomainInfo(zonename, di); + bool exists = B.getDomainInfo(dzonename, di); if(exists) throw ApiException("Domain '"+zonename+"' already exists"); @@ -645,7 +646,7 @@ static void apiServerZones(HttpRequest* req, HttpResponse* resp) { if (records.IsArray()) { gatherRecords(document, new_records, new_ptrs); } else if (zonestring != "") { - gatherRecordsFromZone(document, new_records, zonename); + gatherRecordsFromZone(document, new_records, DNSName(zonename)); } gatherComments(document, new_comments, false); @@ -653,16 +654,16 @@ static void apiServerZones(HttpRequest* req, HttpResponse* resp) { DNSResourceRecord rr; BOOST_FOREACH(rr, new_records) { - if (!rr.qname.isPartOf(zonename) && !pdns_iequals(rr.qname, zonename)) + if (!rr.qname.isPartOf(dzonename) && rr.qname != dzonename) throw ApiException("RRset "+rr.qname.toString()+" IN "+rr.qtype.getName()+": Name is out of zone"); - if (rr.qtype.getCode() == QType::SOA && pdns_iequals(rr.qname, zonename)) { + if (rr.qtype.getCode() == QType::SOA && rr.qname==dzonename) { have_soa = true; increaseSOARecord(rr, soa_edit_api_kind, soa_edit_kind); } } - rr.qname = zonename; + rr.qname = dzonename; rr.auth = 1; rr.ttl = ::arg().asNum("default-ttl"); @@ -670,13 +671,13 @@ static void apiServerZones(HttpRequest* req, HttpResponse* resp) { // synthesize a SOA record so the zone "really" exists SOAData sd; - sd.qname = zonename; - sd.nameserver = arg()["default-soa-name"]; + sd.qname = dzonename; + sd.nameserver = DNSName(arg()["default-soa-name"]); if (!arg().isEmpty("default-soa-mail")) { - sd.hostmaster = arg()["default-soa-mail"]; + sd.hostmaster = DNSName(arg()["default-soa-mail"]); // needs attodot? // attodot(sd.hostmaster); FIXME400 } else { - sd.hostmaster = "hostmaster." + zonename; + sd.hostmaster = DNSName("hostmaster.") + dzonename; } sd.serial = intFromJson(document, "serial", 0); sd.ttl = rr.ttl; @@ -703,13 +704,13 @@ static void apiServerZones(HttpRequest* req, HttpResponse* resp) { } // no going back after this - if(!B.createDomain(zonename)) + if(!B.createDomain(dzonename)) throw ApiException("Creating domain '"+zonename+"' failed"); - if(!B.getDomainInfo(zonename, di)) + if(!B.getDomainInfo(dzonename, di)) throw ApiException("Creating domain '"+zonename+"' failed: lookup of domain ID failed"); - di.backend->startTransaction(zonename, di.id); + di.backend->startTransaction(dzonename, di.id); BOOST_FOREACH(rr, new_records) { rr.domain_id = di.id; @@ -720,11 +721,11 @@ static void apiServerZones(HttpRequest* req, HttpResponse* resp) { di.backend->feedComment(c); } - updateDomainSettingsFromDocument(di, zonename, document); + updateDomainSettingsFromDocument(di, dzonename, document); di.backend->commitTransaction(); - fillZone(zonename, resp); + fillZone(dzonename, resp); resp->status = 201; return; } @@ -747,14 +748,14 @@ static void apiServerZones(HttpRequest* req, HttpResponse* resp) { } static void apiServerZoneDetail(HttpRequest* req, HttpResponse* resp) { - string zonename = apiZoneIdToName(req->parameters["id"]); + DNSName zonename = apiZoneIdToName(req->parameters["id"]); if(req->method == "PUT" && !::arg().mustDo("experimental-api-readonly")) { // update domain settings UeberBackend B; DomainInfo di; if(!B.getDomainInfo(zonename, di)) - throw ApiException("Could not find domain '"+zonename+"'"); + throw ApiException("Could not find domain '"+zonename.toString()+"'"); Document document; req->json(document); @@ -769,10 +770,10 @@ static void apiServerZoneDetail(HttpRequest* req, HttpResponse* resp) { UeberBackend B; DomainInfo di; if(!B.getDomainInfo(zonename, di)) - throw ApiException("Could not find domain '"+zonename+"'"); + throw ApiException("Could not find domain '"+zonename.toString()+"'"); if(!di.backend->deleteDomain(zonename)) - throw ApiException("Deleting domain '"+zonename+"' failed: backend delete failed/unsupported"); + throw ApiException("Deleting domain '"+zonename.toString()+"' failed: backend delete failed/unsupported"); // empty body on success resp->body = ""; @@ -800,7 +801,7 @@ static void apiServerZoneDetail(HttpRequest* req, HttpResponse* resp) { // } static void apiServerZoneExport(HttpRequest* req, HttpResponse* resp) { - string zonename = apiZoneIdToName(req->parameters["id"]); + DNSName zonename = apiZoneIdToName(req->parameters["id"]); if(req->method != "GET") throw HttpMethodNotAllowedException(); @@ -810,7 +811,7 @@ static void apiServerZoneExport(HttpRequest* req, HttpResponse* resp) { UeberBackend B; DomainInfo di; if(!B.getDomainInfo(zonename, di)) - throw ApiException("Could not find domain '"+zonename+"'"); + throw ApiException("Could not find domain '"+zonename.toString()+"'"); DNSResourceRecord rr; SOAData sd; @@ -824,8 +825,8 @@ static void apiServerZoneExport(HttpRequest* req, HttpResponse* resp) { switch(rr.qtype.getCode()) { case QType::SOA: fillSOAData(rr.content, sd); - sd.nameserver = sd.nameserver.toString(); - sd.hostmaster = sd.hostmaster.toString(); + /* sd.nameserver = sd.nameserver.toString(); + sd.hostmaster = sd.hostmaster.toString(); */ // XXX DNSName pain - these looked like noops? content = serializeSOAData(sd); break; case QType::MX: @@ -860,7 +861,7 @@ static void apiServerZoneExport(HttpRequest* req, HttpResponse* resp) { } static void apiServerZoneAxfrRetrieve(HttpRequest* req, HttpResponse* resp) { - string zonename = apiZoneIdToName(req->parameters["id"]); + DNSName zonename = apiZoneIdToName(req->parameters["id"]); if(req->method != "PUT") throw HttpMethodNotAllowedException(); @@ -868,18 +869,18 @@ static void apiServerZoneAxfrRetrieve(HttpRequest* req, HttpResponse* resp) { UeberBackend B; DomainInfo di; if(!B.getDomainInfo(zonename, di)) - throw ApiException("Could not find domain '"+zonename+"'"); + throw ApiException("Could not find domain '"+zonename.toString()+"'"); if(di.masters.empty()) - throw ApiException("Domain '"+zonename+"' is not a slave domain (or has no master defined)"); + throw ApiException("Domain '"+zonename.toString()+"' is not a slave domain (or has no master defined)"); random_shuffle(di.masters.begin(), di.masters.end()); Communicator.addSuckRequest(zonename, di.masters.front()); - resp->body = returnJsonMessage("Added retrieval request for '"+zonename+"' from master "+di.masters.front()); + resp->body = returnJsonMessage("Added retrieval request for '"+zonename.toString()+"' from master "+di.masters.front()); } static void apiServerZoneNotify(HttpRequest* req, HttpResponse* resp) { - string zonename = apiZoneIdToName(req->parameters["id"]); + DNSName zonename = apiZoneIdToName(req->parameters["id"]); if(req->method != "PUT") throw HttpMethodNotAllowedException(); @@ -887,7 +888,7 @@ static void apiServerZoneNotify(HttpRequest* req, HttpResponse* resp) { UeberBackend B; DomainInfo di; if(!B.getDomainInfo(zonename, di)) - throw ApiException("Could not find domain '"+zonename+"'"); + throw ApiException("Could not find domain '"+zonename.toString()+"'"); if(!Communicator.notifyDomain(zonename)) throw ApiException("Failed to add to the queue - see server log"); @@ -901,12 +902,12 @@ static void makePtr(const DNSResourceRecord& rr, DNSResourceRecord* ptr) { if (!IpToU32(rr.content, &ip)) { throw ApiException("PTR: Invalid IP address given"); } - ptr->qname = (boost::format("%u.%u.%u.%u.in-addr.arpa") + ptr->qname = DNSName((boost::format("%u.%u.%u.%u.in-addr.arpa") % ((ip >> 24) & 0xff) % ((ip >> 16) & 0xff) % ((ip >> 8) & 0xff) % ((ip ) & 0xff) - ).str(); + ).str()); } else if (rr.qtype.getCode() == QType::AAAA) { ComboAddress ca(rr.content); char buf[3]; @@ -921,7 +922,7 @@ static void makePtr(const DNSResourceRecord& rr, DNSResourceRecord* ptr) { string tmp = ss.str(); tmp.resize(tmp.size()-1); // remove last dot // reverse and append arpa domain - ptr->qname = string(tmp.rbegin(), tmp.rend()) + ".ip6.arpa"; + ptr->qname = DNSName(string(tmp.rbegin(), tmp.rend())) + DNSName("ip6.arpa"); } else { throw ApiException("Unsupported PTR source '" + rr.qname.toString() + "' type '" + rr.qtype.getName() + "'"); } @@ -935,9 +936,9 @@ static void makePtr(const DNSResourceRecord& rr, DNSResourceRecord* ptr) { static void patchZone(HttpRequest* req, HttpResponse* resp) { UeberBackend B; DomainInfo di; - string zonename = apiZoneIdToName(req->parameters["id"]); + DNSName zonename = apiZoneIdToName(req->parameters["id"]); if (!B.getDomainInfo(zonename, di)) - throw ApiException("Could not find domain '"+zonename+"'"); + throw ApiException("Could not find domain '"+zonename.toString()+"'"); vector new_records; vector new_comments; @@ -963,7 +964,7 @@ static void patchZone(HttpRequest* req, HttpResponse* resp) { const Value& rrset = rrsets[rrsetIdx]; string changetype; QType qtype; - DNSName qname = stringFromJson(rrset, "name"); + DNSName qname(stringFromJson(rrset, "name")); qtype = stringFromJson(rrset, "type"); changetype = toUpper(stringFromJson(rrset, "changetype")); @@ -1025,7 +1026,7 @@ static void patchZone(HttpRequest* req, HttpResponse* resp) { if (!soa_edit_api_kind.empty() && !soa_edit_done) { SOAData sd; if (!B.getSOA(zonename, sd)) - throw ApiException("No SOA found for domain '"+zonename+"'"); + throw ApiException("No SOA found for domain '"+zonename.toString()+"'"); DNSResourceRecord rr; rr.qname = zonename; @@ -1048,7 +1049,7 @@ static void patchZone(HttpRequest* req, HttpResponse* resp) { di.backend->commitTransaction(); extern PacketCache PC; - PC.purge(zonename); + PC.purge(zonename.toString()); // XXX DNSName pain - this seems the wrong way round! // now the PTRs BOOST_FOREACH(const DNSResourceRecord& rr, new_ptrs) {