From: Kees Monshouwer <mind04@monshouwer.org>
Date: Tue, 18 May 2021 16:55:44 +0000 (+0200)
Subject: auth: change domain to zone round 1
X-Git-Tag: auth-4.5.0-alpha1~6^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F10424%2Fhead;p=thirdparty%2Fpdns.git

auth: change domain to zone round 1
---

diff --git a/docs/settings.rst b/docs/settings.rst
index 6db781e07a..ed59c1f6af 100644
--- a/docs/settings.rst
+++ b/docs/settings.rst
@@ -101,7 +101,7 @@ signed by valid TSIG signature for the zone.
 
 -  IP addresses, separated by commas
 
-When notifying a domain, also notify these nameservers. Example:
+When notifying a zone, also notify these nameservers. Example:
 ``also-notify=192.0.2.1, 203.0.113.167``. The IP addresses listed in
 ``also-notify`` always receive a notification. Even if they do not match
 the list in :ref:`setting-only-notify`.
@@ -295,7 +295,7 @@ Name of this virtual configuration - will rename the binary image. See
 
 .. versionadded:: 4.4.0
 
-When this is set, PowerDNS assumes that any single domain lives in only one backend.
+When this is set, PowerDNS assumes that any single zone lives in only one backend.
 This allows PowerDNS to send ANY lookups to its backends, instead of sometimes requesting the exact needed type.
 This reduces the load on backends by retrieving all the types for a given name at once, adding all of them to the cache.
 It improves performance significantly for latency-sensitive backends, like SQL ones, where a round-trip takes serious time.
@@ -616,7 +616,7 @@ ADDITIONAL section when sending a referral.
 .. deprecated:: 4.5.0
   Renamed to :ref:`setting-zone-metadata-cache-ttl`.
 
-Seconds to cache domain metadata from the database. A value of 0
+Seconds to cache zone metadata from the database. A value of 0
 disables caching.
 
 .. _setting-edns-subnet-processing:
@@ -1166,7 +1166,7 @@ the NS records. By specifying networks/mask as whitelist, the targets
 can be limited. The default is to notify the world. To completely
 disable these NOTIFYs set ``only-notify`` to an empty value. Independent
 of this setting, the IP addresses or netmasks configured with
-:ref:`setting-also-notify` and ``ALSO-NOTIFY`` domain metadata
+:ref:`setting-also-notify` and ``ALSO-NOTIFY`` zone metadata
 always receive AXFR NOTIFYs.
 
 IP addresses and netmasks can be excluded by prefixing them with a ``!``.
@@ -1183,7 +1183,7 @@ To notify all IP addresses apart from the 192.168.0.0/24 subnet use the followin
   method to distribute the zone data to the slaves), then set
   :ref:`setting-only-notify` to an empty value and specify the notification targets
   explicitly using :ref:`setting-also-notify` and/or
-  :ref:`metadata-also-notify` domain metadata to avoid this potential bottleneck.
+  :ref:`metadata-also-notify` zone metadata to avoid this potential bottleneck.
 
 .. note::
   If your slaves support an Internet Protocol version, which your master does not,
@@ -1421,7 +1421,7 @@ See :ref:`metadata-slave-renotify` to set this per-zone.
 -  String
 -  Default: secpoll.powerdns.com.
 
-Domain name from which to query security update notifications. Setting
+Zone name from which to query security update notifications. Setting
 this to an empty string disables secpoll.
 
 .. _setting-send-signed-notify:
@@ -1433,7 +1433,7 @@ this to an empty string disables secpoll.
 -  Default: yes
 
 If yes, outgoing NOTIFYs will be signed if a TSIG key is configured for the zone.
-If there are multiple TSIG keys configured for a domain, PowerDNS will use the
+If there are multiple TSIG keys configured for a zone, PowerDNS will use the
 first one retrieved from the backend, which may not be the correct one for the
 respective slave. Hence, in setups with multiple slaves with different TSIG keys
 it may be required to send NOTIFYs unsigned.
diff --git a/docs/upgrading.rst b/docs/upgrading.rst
index fa9268a5c9..3a9fffb23b 100644
--- a/docs/upgrading.rst
+++ b/docs/upgrading.rst
@@ -35,7 +35,7 @@ Their old names still work in 4.5.x, but will be removed in the release after it
 * :ref:`setting-slave-renotify` is now :ref:`setting-secondary-do-renotify`
 * :ref:`setting-slave` is now :ref:`setting-secondary`
 * :ref:`setting-superslave` is now :ref:`setting-autosecondary`
-* :ref:`setting-domain-metadata-cache-ttl` is now :ref:`setting-zone-metadata-ttl`
+* :ref:`setting-domain-metadata-cache-ttl` is now :ref:`setting-zone-metadata-cache-ttl`
 
 Changed defaults
 ~~~~~~~~~~~~~~~~
diff --git a/pdns/common_startup.cc b/pdns/common_startup.cc
index 3b07d53517..176f480e0d 100644
--- a/pdns/common_startup.cc
+++ b/pdns/common_startup.cc
@@ -93,11 +93,11 @@ void declareArguments()
   ::arg().setSwitch("dnsupdate","Enable/Disable DNS update (RFC2136) support. Default is no.")="no";
   ::arg().setSwitch("write-pid","Write a PID file")="yes";
   ::arg().set("allow-dnsupdate-from","A global setting to allow DNS updates from these IP ranges.")="127.0.0.0/8,::1";
-  ::arg().setSwitch("send-signed-notify","Send TSIG secured NOTIFY if TSIG key is configured for a domain")="yes";
-  ::arg().set("allow-unsigned-notify","Allow unsigned notifications for TSIG secured domains")="yes"; //FIXME: change to 'no' later
+  ::arg().setSwitch("send-signed-notify", "Send TSIG secured NOTIFY if TSIG key is configured for a zone") = "yes";
+  ::arg().set("allow-unsigned-notify", "Allow unsigned notifications for TSIG secured zones") = "yes"; //FIXME: change to 'no' later
   ::arg().set("allow-unsigned-supermaster", "Allow supermasters to create zones without TSIG signed NOTIFY")="yes";
   ::arg().set("allow-unsigned-autoprimary", "Allow autoprimaries to create zones without TSIG signed NOTIFY")="yes";
-  ::arg().setSwitch("forward-dnsupdate","A global setting to allow DNS update packages that are for a Slave domain, to be forwarded to the master.")="yes";
+  ::arg().setSwitch("forward-dnsupdate", "A global setting to allow DNS update packages that are for a Slave zone, to be forwarded to the master.") = "yes";
   ::arg().setSwitch("log-dns-details","If PDNS should log DNS non-erroneous details")="no";
   ::arg().setSwitch("log-dns-queries","If PDNS should log all incoming DNS queries")="no";
   ::arg().set("local-address","Local IP addresses to which we bind")="0.0.0.0, ::";
@@ -139,7 +139,7 @@ void declareArguments()
   ::arg().setSwitch("disable-axfr","Disable zonetransfers but do allow TCP queries")="no";
   ::arg().set("allow-axfr-ips","Allow zonetransfers only to these subnets")="127.0.0.0/8,::1";
   ::arg().set("only-notify", "Only send AXFR NOTIFY to these IP addresses or netmasks")="0.0.0.0/0,::/0";
-  ::arg().set("also-notify", "When notifying a domain, also notify these nameservers")="";
+  ::arg().set("also-notify", "When notifying a zone, also notify these nameservers") = "";
   ::arg().set("allow-notify-from","Allow AXFR NOTIFY from these IP ranges. If empty, drop all incoming notifies.")="0.0.0.0/0,::/0";
   ::arg().set("slave-cycle-interval","Schedule slave freshness checks once every .. seconds")="60";
   ::arg().set("xfr-cycle-interval","Schedule primary/secondary SOA freshness checks once every .. seconds")="60";
@@ -227,7 +227,7 @@ void declareArguments()
   ::arg().set("default-publish-cds","Default value for PUBLISH-CDS")="";
 
   ::arg().set("include-dir","Include *.conf files from this directory");
-  ::arg().set("security-poll-suffix","Domain name from which to query security update notifications")="secpoll.powerdns.com.";
+  ::arg().set("security-poll-suffix", "Zone name from which to query security update notifications") = "secpoll.powerdns.com.";
 
   ::arg().setSwitch("expand-alias", "Expand ALIAS records")="no";
   ::arg().setSwitch("outgoing-axfr-expand-alias", "Expand ALIAS records during outgoing AXFR")="no";
@@ -250,7 +250,7 @@ void declareArguments()
   ::arg().setSwitch("upgrade-unknown-types","Transparently upgrade known TYPExxx records. Recommended to keep off, except for PowerDNS upgrades until data sources are cleaned up")="no";
   ::arg().setSwitch("svc-autohints", "Transparently fill ipv6hint=auto ipv4hint=auto SVC params with AAAA/A records for the target name of the record (if within the same zone)")="no";
 
-  ::arg().setSwitch("consistent-backends", "Assume individual domains are not divided over backends. Send only ANY lookup operations to the backend to reduce the number of lookups")="yes";
+  ::arg().setSwitch("consistent-backends", "Assume individual zones are not divided over backends. Send only ANY lookup operations to the backend to reduce the number of lookups") = "yes";
 
   ::arg().set("rng", "Specify the random number generator to use. Valid values are auto,sodium,openssl,getrandom,arc4random,urandom.")="auto";
   ::arg().setDefaults();
@@ -377,19 +377,20 @@ void declareStats()
   S.declare("nxdomain-packets","Number of times an NXDOMAIN packet was sent out");
   S.declare("noerror-packets","Number of times a NOERROR packet was sent out");
   S.declare("servfail-packets","Number of times a server-failed packet was sent out");
-  S.declare("unauth-packets","Number of times a domain we are not auth for was queried");
+  S.declare("unauth-packets", "Number of times a zone we are not auth for was queried");
   S.declare("latency","Average number of microseconds needed to answer a question", getLatency, StatType::gauge);
   S.declare("timedout-packets","Number of packets which weren't answered within timeout set");
   S.declare("security-status", "Security status based on regular polling", StatType::gauge);
-  S.declare("xfr-queue", "Size of the queue of domains to be XFRd", [](const string&) { return Communicator.getSuckRequestsWaiting(); }, StatType::gauge);
+  S.declare(
+    "xfr-queue", "Size of the queue of zones to be XFRd", [](const string&) { return Communicator.getSuckRequestsWaiting(); }, StatType::gauge);
   S.declareDNSNameQTypeRing("queries","UDP Queries Received");
-  S.declareDNSNameQTypeRing("nxdomain-queries","Queries for non-existent records within existent domains");
+  S.declareDNSNameQTypeRing("nxdomain-queries", "Queries for non-existent records within existent zones");
   S.declareDNSNameQTypeRing("noerror-queries","Queries for existing records, but for type we don't have");
   S.declareDNSNameQTypeRing("servfail-queries","Queries that could not be answered due to backend errors");
-  S.declareDNSNameQTypeRing("unauth-queries","Queries for domains that we are not authoritative for");
+  S.declareDNSNameQTypeRing("unauth-queries", "Queries for zones that we are not authoritative for");
   S.declareRing("logmessages","Log Messages");
   S.declareComboRing("remotes","Remote server IP addresses");
-  S.declareComboRing("remotes-unauth","Remote hosts querying domains for which we are not auth");
+  S.declareComboRing("remotes-unauth", "Remote hosts querying zones for which we are not auth");
   S.declareComboRing("remotes-corrupt","Remote hosts sending corrupt packets");
 }
 
diff --git a/pdns/pdnsutil.cc b/pdns/pdnsutil.cc
index e05ddb3a60..f557d06237 100644
--- a/pdns/pdnsutil.cc
+++ b/pdns/pdnsutil.cc
@@ -137,7 +137,7 @@ static void loadMainConfig(const std::string& configdir)
   ::arg().set("dnssec-key-cache-ttl","Seconds to cache DNSSEC keys from the database")="30";
   ::arg().set("domain-metadata-cache-ttl", "Seconds to cache zone metadata from the database") = "0";
   ::arg().set("zone-metadata-cache-ttl", "Seconds to cache zone metadata from the database") = "60";
-  ::arg().set("consistent-backends", "Assume individual domains are not divided over backends. Send only ANY lookup operations to the backend to reduce the number of lookups")="yes";
+  ::arg().set("consistent-backends", "Assume individual zones are not divided over backends. Send only ANY lookup operations to the backend to reduce the number of lookups") = "yes";
 
   // Keep this line below all ::arg().set() statements
   if (! ::arg().laxFile(configname.c_str()))
@@ -190,7 +190,7 @@ static void dbBench(const std::string& fname)
   if(!fname.empty()) {
     ifstream ifs(fname.c_str());
     if(!ifs) {
-      cerr<<"Could not open '"<<fname<<"' for reading domain names to query"<<endl;
+      cerr << "Could not open '" << fname << "' for reading zone names to query" << endl;
     }
     string line;
     while(getline(ifs,line)) {
@@ -251,7 +251,7 @@ static int checkZone(DNSSECKeeper &dk, UeberBackend &B, const DNSName& zone, con
   DomainInfo di;
   try {
     if (!B.getDomainInfo(zone, di)) {
-      cout<<"[Error] Unable to get domain information for zone '"<<zone<<"'"<<endl;
+      cout << "[Error] Unable to get zone information for zone '" << zone << "'" << endl;
       return 1;
     }
   } catch(const PDNSException &e) {
@@ -860,7 +860,7 @@ static int checkAllZones(DNSSECKeeper &dk, bool exitOnError)
 
     auto seenId = seenIds.find(di.id);
     if (seenId != seenIds.end()) {
-      cout<<"[Error] Domain ID "<<di.id<<" of '"<<di.zone<<"' in backend "<<di.backend->getPrefix()<<" has already been used by zone '"<<seenId->zone<<"' in backend "<<seenId->backend->getPrefix()<<"."<<endl;
+      cout << "[Error] Zone ID " << di.id << " of '" << di.zone << "' in backend " << di.backend->getPrefix() << " has already been used by zone '" << seenId->zone << "' in backend " << seenId->backend->getPrefix() << "." << endl;
       errors++;
     }
 
@@ -929,7 +929,7 @@ static int deleteZone(const DNSName &zone) {
   UeberBackend B;
   DomainInfo di;
   if (! B.getDomainInfo(zone, di)) {
-    cerr<<"Domain '"<<zone<<"' not found!"<<endl;
+    cerr << "Zone '" << zone << "' not found!" << endl;
     return EXIT_FAILURE;
   }
 
@@ -946,7 +946,8 @@ static int deleteZone(const DNSName &zone) {
 
   di.backend->abortTransaction();
 
-  cerr<<"Failed to delete domain '"<<zone<<"'"<<endl;;
+  cerr << "Failed to delete zone '" << zone << "'" << endl;
+  ;
   return EXIT_FAILURE;
 }
 
@@ -1044,7 +1045,7 @@ static int listZone(const DNSName &zone) {
   DomainInfo di;
 
   if (! B.getDomainInfo(zone, di)) {
-    cerr<<"Domain '"<<zone<<"' not found!"<<endl;
+    cerr << "Zone '" << zone << "' not found!" << endl;
     return EXIT_FAILURE;
   }
   di.backend->list(zone, di.id);
@@ -1097,7 +1098,7 @@ static int clearZone(DNSSECKeeper& dk, const DNSName &zone) {
   DomainInfo di;
 
   if (! B.getDomainInfo(zone, di)) {
-    cerr<<"Domain '"<<zone<<"' not found!"<<endl;
+    cerr << "Zone '" << zone << "' not found!" << endl;
     return EXIT_FAILURE;
   }
   if(!di.backend->startTransaction(zone, di.id)) {
@@ -1114,7 +1115,7 @@ static int editZone(const DNSName &zone) {
   DNSSECKeeper dk(&B);
 
   if (! B.getDomainInfo(zone, di)) {
-    cerr<<"Domain '"<<zone<<"' not found!"<<endl;
+    cerr << "Zone '" << zone << "' not found!" << endl;
     return EXIT_FAILURE;
   }
   vector<DNSRecord> pre, post;
@@ -1336,14 +1337,14 @@ static int loadZone(const DNSName& zone, const string& fname) {
   DomainInfo di;
 
   if (B.getDomainInfo(zone, di)) {
-    cerr<<"Domain '"<<zone<<"' exists already, replacing contents"<<endl;
+    cerr << "Zone '" << zone << "' exists already, replacing contents" << endl;
   }
   else {
     cerr<<"Creating '"<<zone<<"'"<<endl;
     B.createDomain(zone, DomainInfo::Native, vector<ComboAddress>(), "");
 
     if(!B.getDomainInfo(zone, di)) {
-      cerr<<"Domain '"<<zone<<"' was not created - perhaps backend ("<<::arg()["launch"]<<") does not support storing new zones."<<endl;
+      cerr << "Zone '" << zone << "' was not created - perhaps backend (" << ::arg()["launch"] << ") does not support storing new zones." << endl;
       return EXIT_FAILURE;
     }
   }
@@ -1390,13 +1391,13 @@ static int createZone(const DNSName &zone, const DNSName& nsname) {
   UeberBackend B;
   DomainInfo di;
   if (B.getDomainInfo(zone, di)) {
-    cerr<<"Domain '"<<zone<<"' exists already"<<endl;
+    cerr << "Zone '" << zone << "' exists already" << endl;
     return EXIT_FAILURE;
   }
   cerr<<"Creating empty zone '"<<zone<<"'"<<endl;
   B.createDomain(zone, DomainInfo::Native, vector<ComboAddress>(), "");
   if(!B.getDomainInfo(zone, di)) {
-    cerr<<"Domain '"<<zone<<"' was not created!"<<endl;
+    cerr << "Zone '" << zone << "' was not created!" << endl;
     return EXIT_FAILURE;
   }
 
@@ -1431,7 +1432,7 @@ static int createSlaveZone(const vector<string>& cmds) {
   DomainInfo di;
   DNSName zone(cmds[1]);
   if (B.getDomainInfo(zone, di)) {
-    cerr<<"Domain '"<<zone<<"' exists already"<<endl;
+    cerr << "Zone '" << zone << "' exists already" << endl;
     return EXIT_FAILURE;
   }
   vector<ComboAddress> masters;
@@ -1441,7 +1442,7 @@ static int createSlaveZone(const vector<string>& cmds) {
   cerr<<"Creating slave zone '"<<zone<<"', with master(s) '"<<comboAddressVecToString(masters)<<"'"<<endl;
   B.createDomain(zone, DomainInfo::Slave, masters, "");
   if(!B.getDomainInfo(zone, di)) {
-    cerr<<"Domain '"<<zone<<"' was not created!"<<endl;
+    cerr << "Zone '" << zone << "' was not created!" << endl;
     return EXIT_FAILURE;
   }
   return EXIT_SUCCESS;
@@ -1452,7 +1453,7 @@ static int changeSlaveZoneMaster(const vector<string>& cmds) {
   DomainInfo di;
   DNSName zone(cmds[1]);
   if (!B.getDomainInfo(zone, di)) {
-    cerr<<"Domain '"<<zone<<"' doesn't exist"<<endl;
+    cerr << "Zone '" << zone << "' doesn't exist" << endl;
     return EXIT_FAILURE;
   }
   vector<ComboAddress> masters;
@@ -1487,7 +1488,7 @@ static int addOrReplaceRecord(bool addOrReplace, const vector<string>& cmds) {
   UeberBackend B;
   DomainInfo di;
   if(!B.getDomainInfo(zone, di)) {
-    cerr<<"Domain '"<<zone<<"' does not exist"<<endl;
+    cerr << "Zone '" << zone << "' does not exist" << endl;
     return EXIT_FAILURE;
   }
   rr.auth = true;
@@ -1581,7 +1582,7 @@ static int deleteRRSet(const std::string& zone_, const std::string& name_, const
   DomainInfo di;
   DNSName zone(zone_);
   if(!B.getDomainInfo(zone, di)) {
-    cerr<<"Domain '"<<zone<<"' does not exist"<<endl;
+    cerr << "Zone '" << zone << "' does not exist" << endl;
     return EXIT_FAILURE;
   }
 
@@ -2031,7 +2032,7 @@ static bool secureZone(DNSSECKeeper& dk, const DNSName& zone)
 
   if(di.kind == DomainInfo::Slave)
   {
-    cerr<<"Warning! This is a slave domain! If this was a mistake, please run"<<endl;
+    cerr << "Warning! This is a slave zone! If this was a mistake, please run" << endl;
     cerr<<"pdnsutil disable-dnssec "<<zone<<" right now!"<<endl;
   }
 
@@ -2093,13 +2094,13 @@ static int testSchema(DNSSECKeeper& dk, const DNSName& zone)
   UeberBackend B("default");
   cout<<"Picking first backend - if this is not what you want, edit launch line!"<<endl;
   DNSBackend *db = B.backends[0];
-  cout<<"Creating slave domain "<<zone<<endl;
+  cout << "Creating slave zone " << zone << endl;
   db->createSlaveDomain("127.0.0.1", zone, "", "_testschema");
-  cout<<"Slave domain created"<<endl;
+  cout << "Slave zone created" << endl;
 
   DomainInfo di;
   if(!B.getDomainInfo(zone, di) || !di.backend) { // di.backend and B are mostly identical
-    cout<<"Can't find domain we just created, aborting"<<endl;
+    cout << "Can't find zone we just created, aborting" << endl;
     return EXIT_FAILURE;
   }
   db=di.backend;
@@ -2204,7 +2205,7 @@ static int testSchema(DNSSECKeeper& dk, const DNSName& zone)
     cout<<"[+] Big serials work correctly"<<endl;
   }
   cout<<endl;
-  cout<<"End of tests, please remove "<<zone<<" from domains+records"<<endl;
+  cout << "End of tests, please remove " << zone << " from zones+records" << endl;
 
   return EXIT_SUCCESS;
 }
@@ -2287,7 +2288,7 @@ try
     cout<<"                                   Add a ZSK or KSK to zone and specify algo&bits"<<endl;
     cout<<"backend-cmd BACKEND CMD [CMD..]    Perform one or more backend commands"<<endl;
     cout<<"b2b-migrate OLD NEW                Move all data from one backend to another"<<endl;
-    cout<<"bench-db [filename]                Bench database backend with queries, one domain per line"<<endl;
+    cout << "bench-db [filename]                Bench database backend with queries, one zone per line" << endl;
     cout<<"check-zone ZONE                    Check a zone for correctness"<<endl;
     cout<<"check-all-zones [exit-on-error]    Check all zones for correctness. Set exit-on-error to exit immediately"<<endl;
     cout<<"                                   after finding an error in a zone."<<endl;
@@ -3349,7 +3350,7 @@ try
      UeberBackend B("default");
      DomainInfo di;
      if (!B.getDomainInfo(zname, di)) {
-       cerr << "Domain '" << zname << "' does not exist" << endl;
+       cerr << "Zone '" << zname << "' does not exist" << endl;
        return 1;
      }
      std::vector<std::string> meta;
@@ -3389,7 +3390,7 @@ try
      UeberBackend B("default");
      DomainInfo di;
      if (!B.getDomainInfo(zname, di)) {
-       cerr << "Domain '" << zname << "' does not exist" << endl;
+       cerr << "Zone '" << zname << "' does not exist" << endl;
        return 1;
      }
      std::vector<std::string> meta;
@@ -3635,7 +3636,7 @@ try
 
     tgt->getAllDomains(&domains, true);
     if (domains.size()>0)
-      throw PDNSException("Target backend has domain(s), please clean it first");
+      throw PDNSException("Target backend has zone(s), please clean it first");
 
     src->getAllDomains(&domains, true);
     // iterate zones
@@ -3674,7 +3675,8 @@ try
       std::map<std::string, std::vector<std::string> > meta;
       if (src->getAllDomainMetadata(di.zone, meta)) {
         for (const auto& i : meta) {
-          if (!tgt->setDomainMetadata(di.zone, i.first, i.second)) throw PDNSException("Failed to feed domain metadata");
+          if (!tgt->setDomainMetadata(di.zone, i.first, i.second))
+            throw PDNSException("Failed to feed zone metadata");
           nm++;
         }
       }