From: Pieter Lexis Date: Tue, 19 Jul 2016 13:38:27 +0000 (+0200) Subject: Change DS config items to dsmap_t X-Git-Tag: auth-4.0.1~6^2~1 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=52ad9eea53751b83ac79050fd257eecd9aff2c4d;p=thirdparty%2Fpdns.git Change DS config items to dsmap_t Ensure that addTA() appends the DS. --- diff --git a/docs/manpages/rec_control.1.md b/docs/manpages/rec_control.1.md index 2fe834bef9..788c9a6236 100644 --- a/docs/manpages/rec_control.1.md +++ b/docs/manpages/rec_control.1.md @@ -47,7 +47,8 @@ add-nta *DOMAIN* [*REASON*] : Add a Negative Trust Anchor for *DOMAIN*, suffixed optionally with *REASON*. add-ta *DOMAIN* *DSRECORD* -: Add a Trust Anchor for *DOMAIN* with DS record data *DSRECORD*. +: Add a Trust Anchor for *DOMAIN* with DS record data *DSRECORD*. This adds the + new Trust Anchor to the existing set of Trust Anchors for *DOMAIN*. current-queries : Shows the currently active queries. diff --git a/pdns/rec-lua-conf.cc b/pdns/rec-lua-conf.cc index e6c07b0e31..1fdef761f3 100644 --- a/pdns/rec-lua-conf.cc +++ b/pdns/rec-lua-conf.cc @@ -14,6 +14,7 @@ #include "rpzloader.hh" #include "base64.hh" #include "remote_logger.hh" +#include "validate.hh" GlobalStateHolder g_luaconfs; @@ -32,9 +33,11 @@ GlobalStateHolder g_luaconfs; LuaConfigItems::LuaConfigItems() { - auto ds=std::unique_ptr(dynamic_cast(DSRecordContent::make("19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5"))); + auto ds=unique_ptr(dynamic_cast(DSRecordContent::make("19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5"))); + dsmap_t dsmap; + dsmap.insert({ds->d_tag, *ds}); // this hurts physically - dsAnchors[DNSName(".")] = *ds; + dsAnchors[DNSName(".")] = dsmap; } /* DID YOU READ THE STORY ABOVE? */ @@ -219,8 +222,13 @@ void loadRecursorLuaConfig(const std::string& fname) }); Lua.writeFunction("addDS", [&lci](const std::string& who, const std::string& what) { - lci.dsAnchors[DNSName(who)]= *std::unique_ptr(dynamic_cast(DSRecordContent::make(what))); - }); + DNSName zone(who); + dsmap_t dsmap = lci.dsAnchors[zone]; + + auto ds = unique_ptr(dynamic_cast(DSRecordContent::make(what))); + dsmap.insert({ds->d_tag, *ds}); + lci.dsAnchors[zone] = dsmap; + }); Lua.writeFunction("clearDS", [&lci](boost::optional who) { if(who) diff --git a/pdns/rec-lua-conf.hh b/pdns/rec-lua-conf.hh index a4207cbaeb..3b3a083903 100644 --- a/pdns/rec-lua-conf.hh +++ b/pdns/rec-lua-conf.hh @@ -3,6 +3,7 @@ #include "sortlist.hh" #include "filterpo.hh" #include "remote_logger.hh" +#include "validate.hh" class LuaConfigItems { @@ -10,7 +11,7 @@ public: LuaConfigItems(); SortList sortlist; DNSFilterEngine dfe; - map dsAnchors; + map dsAnchors; map negAnchors; std::shared_ptr protobufServer{nullptr}; uint8_t protobufMaskV4{32}; diff --git a/pdns/rec_channel_rec.cc b/pdns/rec_channel_rec.cc index 336f431251..e5b2dee050 100644 --- a/pdns/rec_channel_rec.cc +++ b/pdns/rec_channel_rec.cc @@ -489,7 +489,10 @@ string doAddTA(T begin, T end) try { L<(dynamic_cast(DSRecordContent::make(what))); + dsmap_t dsmap = lci.dsAnchors[who]; + auto ds = unique_ptr(dynamic_cast(DSRecordContent::make(what))); + dsmap.insert({ds->d_tag, *ds}); + lci.dsAnchors[who] = dsmap; }); broadcastAccFunction(boost::bind(pleaseWipePacketCache, who, true)); L<dsAnchors) - ret += anchor.first.toLogString() + "\t" + anchor.second.getZoneRepresentation() + "\n"; + for (auto anchor : luaconf->dsAnchors) { + ret += anchor.first.toLogString() + "\n"; + for (auto e : anchor.second) { + ret+="\t\t"+e.second.getZoneRepresentation() + "\n"; + } + } + return ret; } diff --git a/pdns/toysdig.cc b/pdns/toysdig.cc index 42f9002f29..7f1bbbd4c7 100644 --- a/pdns/toysdig.cc +++ b/pdns/toysdig.cc @@ -102,7 +102,9 @@ LuaConfigItems::LuaConfigItems() { auto ds=std::unique_ptr(dynamic_cast(DSRecordContent::make("19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5"))); // this hurts physically - dsAnchors[DNSName(".")] = *ds; + dsmap_t dsmap; + dsmap.insert({ds->d_tag, *ds}); + dsAnchors[DNSName(".")] = dsmap; } DNSFilterEngine::DNSFilterEngine() {} diff --git a/pdns/validate.cc b/pdns/validate.cc index f3a94dc787..e70070f85e 100644 --- a/pdns/validate.cc +++ b/pdns/validate.cc @@ -204,7 +204,6 @@ vState getKeysFor(DNSRecordOracle& dro, const DNSName& zone, keyset_t &keyset) vector labels = zone.getRawLabels(); - typedef std::multimap dsmap_t; dsmap_t dsmap; keyset_t validkeys; @@ -213,18 +212,17 @@ vState getKeysFor(DNSRecordOracle& dro, const DNSName& zone, keyset_t &keyset) while(zone.isPartOf(qname)) { - if(auto ds = rplookup(luaLocal->dsAnchors, qname)) - { - dsmap.insert(make_pair(ds->d_tag, *ds)); - } - + dsmap_t* tmp = (dsmap_t*) rplookup(luaLocal->dsAnchors, qname); + if (tmp) + dsmap = *tmp; + vector sigs; vector > toSign; vector toSignTags; keyset_t tkeys; // tentative keys validkeys.clear(); - + // start of this iteration // we can trust that dsmap has valid DS records for qname diff --git a/pdns/validate.hh b/pdns/validate.hh index a0a7f35782..b5d220e21a 100644 --- a/pdns/validate.hh +++ b/pdns/validate.hh @@ -31,6 +31,7 @@ struct ContentSigPair // ponder adding a validate method that accepts a key }; typedef map, ContentSigPair> cspmap_t; +typedef std::multimap dsmap_t; void validateWithKeySet(const cspmap_t& rrsets, cspmap_t& validated, const std::set& keys); cspmap_t harvestCSPFromRecs(const vector& recs); vState getKeysFor(DNSRecordOracle& dro, const DNSName& zone, std::set &keyset);