From: Miod Vallat Date: Mon, 23 Jun 2025 07:49:59 +0000 (+0200) Subject: Be sure to always abort transactions if we don't plan to commit them. X-Git-Tag: rec-5.3.0-alpha1~4^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F15716%2Fhead;p=thirdparty%2Fpdns.git Be sure to always abort transactions if we don't plan to commit them. Signed-off-by: Miod Vallat --- diff --git a/pdns/rfc2136handler.cc b/pdns/rfc2136handler.cc index 7d74864a1b..53433b6739 100644 --- a/pdns/rfc2136handler.cc +++ b/pdns/rfc2136handler.cc @@ -820,6 +820,7 @@ int PacketHandler::processUpdate(DNSPacket& packet) { // NOLINT(readability-func if (dnsRecord->d_place == DNSResourceRecord::ANSWER) { // Last line of 3.2.3 if (dnsRecord->d_class != QClass::IN && dnsRecord->d_class != QClass::NONE && dnsRecord->d_class != QClass::ANY) { + di.backend->abortTransaction(); return RCode::FormErr; } diff --git a/pdns/ws-auth.cc b/pdns/ws-auth.cc index 90c6745579..9264d5e330 100644 --- a/pdns/ws-auth.cc +++ b/pdns/ws-auth.cc @@ -2001,28 +2001,34 @@ static void apiServerZonesPOST(HttpRequest* req, HttpResponse* resp) domainInfo.backend->startTransaction(zonename, domainInfo.id); - // will be overridden by updateDomainSettingsFromDocument, if given in document. - domainInfo.backend->setDomainMetadataOne(zonename, "SOA-EDIT-API", "DEFAULT"); + try { + // will be overridden by updateDomainSettingsFromDocument, if given in document. + domainInfo.backend->setDomainMetadataOne(zonename, "SOA-EDIT-API", "DEFAULT"); - for (auto& resourceRecord : new_records) { - resourceRecord.domain_id = static_cast(domainInfo.id); - domainInfo.backend->feedRecord(resourceRecord, DNSName()); - } - for (Comment& comment : new_comments) { - comment.domain_id = static_cast(domainInfo.id); - if (!domainInfo.backend->feedComment(comment)) { - throw ApiException("Hosting backend does not support editing comments."); + for (auto& resourceRecord : new_records) { + resourceRecord.domain_id = static_cast(domainInfo.id); + domainInfo.backend->feedRecord(resourceRecord, DNSName()); + } + for (Comment& comment : new_comments) { + comment.domain_id = static_cast(domainInfo.id); + if (!domainInfo.backend->feedComment(comment)) { + throw ApiException("Hosting backend does not support editing comments."); + } } - } - updateDomainSettingsFromDocument(backend, domainInfo, zonename, document, !new_records.empty()); + updateDomainSettingsFromDocument(backend, domainInfo, zonename, document, !new_records.empty()); - if (!catalog && kind == DomainInfo::Primary) { - const auto& defaultCatalog = ::arg()["default-catalog-zone"]; - if (!defaultCatalog.empty()) { - domainInfo.backend->setCatalog(zonename, ZoneName(defaultCatalog)); + if (!catalog && kind == DomainInfo::Primary) { + const auto& defaultCatalog = ::arg()["default-catalog-zone"]; + if (!defaultCatalog.empty()) { + domainInfo.backend->setCatalog(zonename, ZoneName(defaultCatalog)); + } } } + catch (...) { + domainInfo.backend->abortTransaction(); + throw; + } domainInfo.backend->commitTransaction(); @@ -2454,22 +2460,22 @@ static void patchZone(UeberBackend& backend, const ZoneName& zonename, DomainInf fillSOAData(resourceRecord.content, soaData); resp->headers["X-PDNS-New-Serial"] = std::to_string(soaData.serial); } + + // Rectify + DNSSECKeeper dnssecKeeper(&backend); + if (!zone_disabled && !dnssecKeeper.isPresigned(zonename) && isZoneApiRectifyEnabled(domainInfo)) { + string info; + string error_msg; + if (!dnssecKeeper.rectifyZone(zonename, error_msg, info, false)) { + throw ApiException("Failed to rectify '" + zonename.toStringFull() + "' " + error_msg); + } + } } catch (...) { domainInfo.backend->abortTransaction(); throw; } - // Rectify - DNSSECKeeper dnssecKeeper(&backend); - if (!zone_disabled && !dnssecKeeper.isPresigned(zonename) && isZoneApiRectifyEnabled(domainInfo)) { - string info; - string error_msg; - if (!dnssecKeeper.rectifyZone(zonename, error_msg, info, false)) { - throw ApiException("Failed to rectify '" + zonename.toStringFull() + "' " + error_msg); - } - } - domainInfo.backend->commitTransaction(); DNSSECKeeper::clearCaches(zonename);