From f4922e19fcc3f61e10d1cacdc61118de61cdd4bb Mon Sep 17 00:00:00 2001 From: Kees Monshouwer Date: Mon, 31 May 2021 23:25:13 +0200 Subject: [PATCH] auth: simplify createDomain() --- modules/bindbackend/bindbackend2.cc | 8 +----- modules/bindbackend/bindbackend2.hh | 2 +- modules/gpgsqlbackend/gpgsqlbackend.cc | 2 +- modules/lmdbbackend/lmdbbackend.cc | 7 +---- modules/lmdbbackend/lmdbbackend.hh | 2 +- modules/remotebackend/remotebackend.cc | 2 +- modules/remotebackend/remotebackend.hh | 2 +- pdns/backends/gsql/gsqlbackend.cc | 39 +++++--------------------- pdns/backends/gsql/gsqlbackend.hh | 4 +-- pdns/dnsbackend.hh | 4 +-- pdns/packethandler.cc | 10 +++++-- pdns/ueberbackend.cc | 12 ++------ pdns/ws-auth.cc | 3 ++ 13 files changed, 31 insertions(+), 66 deletions(-) diff --git a/modules/bindbackend/bindbackend2.cc b/modules/bindbackend/bindbackend2.cc index a5b48a1af3..f0f48ff48a 100644 --- a/modules/bindbackend/bindbackend2.cc +++ b/modules/bindbackend/bindbackend2.cc @@ -1388,7 +1388,7 @@ BB2DomainInfo Bind2Backend::createDomainEntry(const DNSName& domain, const strin return bbd; } -bool Bind2Backend::createSlaveDomain(const string& ip, const DNSName& domain, const string& nameserver, const string& account, int* zoneId) +bool Bind2Backend::createSlaveDomain(const string& ip, const DNSName& domain, const string& nameserver, const string& account) { string filename = getArg("supermaster-destdir") + '/' + domain.toStringNoDot(); @@ -1421,12 +1421,6 @@ bool Bind2Backend::createSlaveDomain(const string& ip, const DNSName& domain, co bbd.setCtime(); safePutBBDomainInfo(bbd); - if (zoneId) { - if (!safeGetBBDomainInfo(domain, &bbd)) - return false; - *zoneId = bbd.d_id; - } - return true; } diff --git a/modules/bindbackend/bindbackend2.hh b/modules/bindbackend/bindbackend2.hh index 840fc2feff..e5bd7cf9c7 100644 --- a/modules/bindbackend/bindbackend2.hh +++ b/modules/bindbackend/bindbackend2.hh @@ -240,7 +240,7 @@ public: // for supermaster support bool superMasterBackend(const string& ip, const DNSName& domain, const vector& nsset, string* nameserver, string* account, DNSBackend** db) override; static std::mutex s_supermaster_config_lock; - bool createSlaveDomain(const string& ip, const DNSName& domain, const string& nameserver, const string& account, int* zoneId = nullptr) override; + bool createSlaveDomain(const string& ip, const DNSName& domain, const string& nameserver, const string& account) override; private: void setupDNSSEC(); diff --git a/modules/gpgsqlbackend/gpgsqlbackend.cc b/modules/gpgsqlbackend/gpgsqlbackend.cc index 2d1f992465..500bab200a 100644 --- a/modules/gpgsqlbackend/gpgsqlbackend.cc +++ b/modules/gpgsqlbackend/gpgsqlbackend.cc @@ -115,7 +115,7 @@ public: declare(suffix, "supermaster-name-to-ips", "", "select ip,account from supermasters where nameserver=$1 and account=$2"); declare(suffix, "supermaster-add", "", "insert into supermasters (ip, nameserver, account) values ($1,$2,$3)"); - declare(suffix, "insert-zone-query", "", "insert into domains (type,name,master,account,last_check, notified_serial) values($1,$2,$3,$4,null,null) returning id"); + declare(suffix, "insert-zone-query", "", "insert into domains (type,name,master,account,last_check, notified_serial) values($1,$2,$3,$4,null,null)"); declare(suffix, "insert-record-query", "", "insert into records (content,ttl,prio,type,domain_id,disabled,name,ordername,auth) values ($1,$2,$3,$4,$5,$6,$7,$8,$9)"); declare(suffix, "insert-empty-non-terminal-order-query", "insert empty non-terminal in zone", "insert into records (type,domain_id,disabled,name,ordername,auth,ttl,prio,content) values (null,$1,false,$2,$3,$4,null,null,null)"); diff --git a/modules/lmdbbackend/lmdbbackend.cc b/modules/lmdbbackend/lmdbbackend.cc index 4733012462..37458daf19 100644 --- a/modules/lmdbbackend/lmdbbackend.cc +++ b/modules/lmdbbackend/lmdbbackend.cc @@ -960,7 +960,7 @@ bool LMDBBackend::setMasters(const DNSName& domain, const vector& }); } -bool LMDBBackend::createDomain(const DNSName& domain, const DomainInfo::DomainKind kind, const vector& masters, const string& account, int* zoneId) +bool LMDBBackend::createDomain(const DNSName& domain, const DomainInfo::DomainKind kind, const vector& masters, const string& account) { DomainInfo di; @@ -976,11 +976,6 @@ bool LMDBBackend::createDomain(const DNSName& domain, const DomainInfo::DomainKi di.account = account; txn.put(di); - - if (zoneId != nullptr) { - *zoneId = txn.get<0>(domain, di); - } - txn.commit(); } diff --git a/modules/lmdbbackend/lmdbbackend.hh b/modules/lmdbbackend/lmdbbackend.hh index 9dad244bcd..a489770b6c 100644 --- a/modules/lmdbbackend/lmdbbackend.hh +++ b/modules/lmdbbackend/lmdbbackend.hh @@ -59,7 +59,7 @@ public: bool list(const DNSName& target, int id, bool include_disabled) override; bool getDomainInfo(const DNSName& domain, DomainInfo& di, bool getserial = true) override; - bool createDomain(const DNSName& domain, const DomainInfo::DomainKind kind, const vector& masters, const string& account, int* zoneId) override; + bool createDomain(const DNSName& domain, const DomainInfo::DomainKind kind, const vector& masters, const string& account) override; bool startTransaction(const DNSName& domain, int domain_id = -1) override; bool commitTransaction() override; diff --git a/modules/remotebackend/remotebackend.cc b/modules/remotebackend/remotebackend.cc index 8c94c89029..fef3d0f6da 100644 --- a/modules/remotebackend/remotebackend.cc +++ b/modules/remotebackend/remotebackend.cc @@ -664,7 +664,7 @@ bool RemoteBackend::superMasterBackend(const string& ip, const DNSName& domain, return true; } -bool RemoteBackend::createSlaveDomain(const string& ip, const DNSName& domain, const string& nameserver, const string& account, int* zoneId) +bool RemoteBackend::createSlaveDomain(const string& ip, const DNSName& domain, const string& nameserver, const string& account) { Json query = Json::object{ {"method", "createSlaveDomain"}, diff --git a/modules/remotebackend/remotebackend.hh b/modules/remotebackend/remotebackend.hh index 68e81c91a2..7832682a1c 100644 --- a/modules/remotebackend/remotebackend.hh +++ b/modules/remotebackend/remotebackend.hh @@ -184,7 +184,7 @@ public: void setNotified(uint32_t id, uint32_t serial) override; bool doesDNSSEC() override; bool superMasterBackend(const string& ip, const DNSName& domain, const vector& nsset, string* nameserver, string* account, DNSBackend** ddb) override; - bool createSlaveDomain(const string& ip, const DNSName& domain, const string& nameserver, const string& account, int* zoneId = nullptr) override; + bool createSlaveDomain(const string& ip, const DNSName& domain, const string& nameserver, const string& account) override; bool replaceRRSet(uint32_t domain_id, const DNSName& qname, const QType& qt, const vector& rrset) override; bool feedRecord(const DNSResourceRecord& r, const DNSName& ordername, bool ordernameIsNSEC3 = false) override; bool feedEnts(int domain_id, map& nonterm) override; diff --git a/pdns/backends/gsql/gsqlbackend.cc b/pdns/backends/gsql/gsqlbackend.cc index 6edd0d7373..51cece2f47 100644 --- a/pdns/backends/gsql/gsqlbackend.cc +++ b/pdns/backends/gsql/gsqlbackend.cc @@ -1295,7 +1295,7 @@ bool GSQLBackend::superMasterBackend(const string &ip, const DNSName &domain, co return false; } -bool GSQLBackend::createDomain(const DNSName &domain, const DomainInfo::DomainKind kind, const vector &masters, const string &account, int* zoneId) +bool GSQLBackend::createDomain(const DNSName& domain, const DomainInfo::DomainKind kind, const vector& masters, const string& account) { vector masters_s; masters_s.reserve(masters.size()); @@ -1306,40 +1306,15 @@ bool GSQLBackend::createDomain(const DNSName &domain, const DomainInfo::DomainKi try { reconnectIfNeeded(); + // clang-format off d_InsertZoneQuery_stmt-> bind("type", toUpper(DomainInfo::getKindString(kind)))-> bind("domain", domain)-> bind("masters", boost::join(masters_s, ", "))-> bind("account", account)-> - execute(); - - if (zoneId != nullptr) { - if (d_InsertZoneQuery_stmt->hasNextRow()) { - SSqlStatement::row_t row; - d_InsertZoneQuery_stmt->nextRow(row); - *zoneId = std::stoi(row[0]); - d_InsertZoneQuery_stmt->reset(); - return true; - } else { - d_InsertZoneQuery_stmt->reset(); - } - - d_InfoOfDomainsZoneQuery_stmt-> - bind("domain", domain)-> - execute(); - if (!d_InfoOfDomainsZoneQuery_stmt->hasNextRow()) { - d_InfoOfDomainsZoneQuery_stmt->reset(); - return false; - } - SSqlStatement::row_t row; - d_InfoOfDomainsZoneQuery_stmt->nextRow(row); - ASSERT_ROW_COLUMNS("info-zone-query", row, 7); - *zoneId = std::stoi(row[0]); - d_InfoOfDomainsZoneQuery_stmt->reset(); - } else { - d_InsertZoneQuery_stmt->reset(); - } - return true; + execute()-> + reset(); + // clang-format on } catch(SSqlException &e) { throw PDNSException("Database error trying to insert new domain '"+domain.toLogString()+"': "+ e.txtReason()); @@ -1347,7 +1322,7 @@ bool GSQLBackend::createDomain(const DNSName &domain, const DomainInfo::DomainKi return true; } -bool GSQLBackend::createSlaveDomain(const string& ip, const DNSName& domain, const string& nameserver, const string& account, int* zoneId) +bool GSQLBackend::createSlaveDomain(const string& ip, const DNSName& domain, const string& nameserver, const string& account) { string name; vector masters({ComboAddress(ip, 53)}); @@ -1373,7 +1348,7 @@ bool GSQLBackend::createSlaveDomain(const string& ip, const DNSName& domain, con masters = tmp; } } - createDomain(domain, DomainInfo::Slave, masters, account, zoneId); + createDomain(domain, DomainInfo::Slave, masters, account); } catch(SSqlException &e) { throw PDNSException("Database error trying to insert new slave domain '"+domain.toLogString()+"': "+ e.txtReason()); diff --git a/pdns/backends/gsql/gsqlbackend.hh b/pdns/backends/gsql/gsqlbackend.hh index 85147b42cd..49dde60508 100644 --- a/pdns/backends/gsql/gsqlbackend.hh +++ b/pdns/backends/gsql/gsqlbackend.hh @@ -193,8 +193,8 @@ public: bool feedRecord(const DNSResourceRecord &r, const DNSName &ordername, bool ordernameIsNSEC3=false) override; bool feedEnts(int domain_id, map& nonterm) override; bool feedEnts3(int domain_id, const DNSName &domain, map &nonterm, const NSEC3PARAMRecordContent& ns3prc, bool narrow) override; - bool createDomain(const DNSName &domain, const DomainInfo::DomainKind kind, const vector &masters, const string &account, int* zoneId=nullptr) override; - bool createSlaveDomain(const string& ip, const DNSName& domain, const string& nameserver, const string& account, int* zoneId = nullptr) override; + bool createDomain(const DNSName& domain, const DomainInfo::DomainKind kind, const vector& masters, const string& account) override; + bool createSlaveDomain(const string& ip, const DNSName& domain, const string& nameserver, const string& account) override; bool deleteDomain(const DNSName &domain) override; bool superMasterAdd(const string &ip, const string &nameserver, const string &account) override; bool superMasterBackend(const string &ip, const DNSName &domain, const vector&nsset, string *nameserver, string *account, DNSBackend **db) override; diff --git a/pdns/dnsbackend.hh b/pdns/dnsbackend.hh index ffe8da1fc7..ccc4239f1e 100644 --- a/pdns/dnsbackend.hh +++ b/pdns/dnsbackend.hh @@ -361,13 +361,13 @@ public: } //! called by PowerDNS to create a new domain - virtual bool createDomain(const DNSName &domain, const DomainInfo::DomainKind kind, const vector &masters, const string &account, int* zoneId = nullptr) + virtual bool createDomain(const DNSName& domain, const DomainInfo::DomainKind kind, const vector& masters, const string& account) { return false; } //! called by PowerDNS to create a slave record for a superMaster - virtual bool createSlaveDomain(const string& ip, const DNSName& domain, const string& nameserver, const string& account, int* zoneId = nullptr) + virtual bool createSlaveDomain(const string& ip, const DNSName& domain, const string& nameserver, const string& account) { return false; } diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc index bb9b16320f..6c568b583f 100644 --- a/pdns/packethandler.cc +++ b/pdns/packethandler.cc @@ -964,9 +964,13 @@ int PacketHandler::trySuperMasterSynchronous(const DNSPacket& p, const DNSName& return RCode::Refused; } try { - int zoneId{-1}; - db->createSlaveDomain(remote.toString(), p.qdomain, nameserver, account, &zoneId); - g_zoneCache.add(p.qdomain, zoneId); + db->createSlaveDomain(remote.toString(), p.qdomain, nameserver, account); + DomainInfo di; + if (!db->getDomainInfo(p.qdomain, di, false)) { + g_log << Logger::Error << "Failed to create " << p.qdomain << " for potential supermaster " << remote << endl; + return RCode::ServFail; + } + g_zoneCache.add(p.qdomain, di.id); if (tsigkeyname.empty() == false) { vector meta; meta.push_back(tsigkeyname.toStringNoDot()); diff --git a/pdns/ueberbackend.cc b/pdns/ueberbackend.cc index e4c28d0446..e2fe993f92 100644 --- a/pdns/ueberbackend.cc +++ b/pdns/ueberbackend.cc @@ -121,18 +121,12 @@ bool UeberBackend::getDomainInfo(const DNSName &domain, DomainInfo &di, bool get bool UeberBackend::createDomain(const DNSName &domain, const DomainInfo::DomainKind kind, const vector &masters, const string &account) { - bool success = false; - int zoneId; for(DNSBackend* mydb : backends) { - if(mydb->createDomain(domain, kind, masters, account, &zoneId)) { - success = true; - break; + if (mydb->createDomain(domain, kind, masters, account)) { + return true; } } - if (success) { - g_zoneCache.add(domain, zoneId); // make new zone visible - } - return success; + return false; } bool UeberBackend::doesDNSSEC() diff --git a/pdns/ws-auth.cc b/pdns/ws-auth.cc index e26479b745..b1a39a86de 100644 --- a/pdns/ws-auth.cc +++ b/pdns/ws-auth.cc @@ -44,6 +44,7 @@ #include "zoneparser-tng.hh" #include "common_startup.hh" #include "auth-caches.hh" +#include "auth-zonecache.hh" #include "threadname.hh" #include "tsigutils.hh" @@ -1749,6 +1750,8 @@ static void apiServerZones(HttpRequest* req, HttpResponse* resp) { di.backend->commitTransaction(); + g_zoneCache.add(zonename, di.id); // make new zone visible + fillZone(B, zonename, resp, shouldDoRRSets(req)); resp->status = 201; return; -- 2.47.2