From dd930ede3644c18ba33096f15f74cf2bbb9d9e52 Mon Sep 17 00:00:00 2001
From: Kees Monshouwer <mind04@monshouwer.org>
Date: Mon, 8 Sep 2014 20:46:51 +0200
Subject: [PATCH] don't import supermaster ips from other accounts

---
 modules/gmysqlbackend/dnssec-3.x_to_3.4.0_schema.mysql.sql   | 1 +
 modules/gmysqlbackend/gmysqlbackend.cc                       | 2 +-
 modules/gmysqlbackend/nodnssec-3.x_to_3.4.0_schema.mysql.sql | 1 +
 modules/gmysqlbackend/schema.mysql.sql                       | 2 +-
 modules/goraclebackend/goraclebackend.cc                     | 2 +-
 modules/goraclebackend/schema.goracle.sql                    | 2 +-
 modules/gpgsqlbackend/dnssec-3.x_to_3.4.0_schema.pgsql.sql   | 1 +
 modules/gpgsqlbackend/gpgsqlbackend.cc                       | 2 +-
 modules/gpgsqlbackend/nodnssec-3.x_to_3.4.0_schema.pgsql.sql | 1 +
 modules/gpgsqlbackend/schema.pgsql.sql                       | 2 +-
 .../gsqlite3backend/dnssec-3.x_to_3.4.0_schema.sqlite3.sql   | 3 ++-
 modules/gsqlite3backend/gsqlite3backend.cc                   | 2 +-
 .../gsqlite3backend/nodnssec-3.x_to_3.4.0_schema.sqlite3.sql | 3 ++-
 modules/gsqlite3backend/schema.sqlite3.sql                   | 2 +-
 pdns/backends/gsql/gsqlbackend.cc                            | 5 +++--
 15 files changed, 19 insertions(+), 12 deletions(-)

diff --git a/modules/gmysqlbackend/dnssec-3.x_to_3.4.0_schema.mysql.sql b/modules/gmysqlbackend/dnssec-3.x_to_3.4.0_schema.mysql.sql
index c2645c8496..c65c865dc3 100644
--- a/modules/gmysqlbackend/dnssec-3.x_to_3.4.0_schema.mysql.sql
+++ b/modules/gmysqlbackend/dnssec-3.x_to_3.4.0_schema.mysql.sql
@@ -10,6 +10,7 @@ ALTER TABLE records MODIFY auth TINYINT(1) DEFAULT 1;
 ALTER TABLE records MODIFY type VARCHAR(10);
 ALTER TABLE supermasters MODIFY ip VARCHAR(64) NOT NULL;
 ALTER TABLE supermasters ADD PRIMARY KEY(ip, nameserver);
+ALTER TABLE supermasters MODIFY account VARCHAR(40) NOT NULL;
 ALTER TABLE domainmetadata MODIFY kind VARCHAR(32);
 ALTER TABLE tsigkeys MODIFY algorithm VARCHAR(50);
 ALTER TABLE domainmetadata ENGINE=InnoDB;
diff --git a/modules/gmysqlbackend/gmysqlbackend.cc b/modules/gmysqlbackend/gmysqlbackend.cc
index c73cedae44..949194c5ce 100644
--- a/modules/gmysqlbackend/gmysqlbackend.cc
+++ b/modules/gmysqlbackend/gmysqlbackend.cc
@@ -70,7 +70,7 @@ public:
 
     declare(suffix,"info-all-slaves-query","","select id,name,master,last_check,type from domains where type='SLAVE'");
     declare(suffix,"supermaster-query","", "select account from supermasters where ip='%s' and nameserver='%s'");
-    declare(suffix,"supermaster-name-to-ips", "", "select ip from supermasters where nameserver='%s'");
+    declare(suffix,"supermaster-name-to-ips", "", "select ip,account from supermasters where nameserver='%s' and account='%s'");
 
     declare(suffix,"insert-zone-query","", "insert into domains (type,name) values('NATIVE','%s')");
     declare(suffix,"insert-slave-query","", "insert into domains (type,name,master,account) values('SLAVE','%s','%s','%s')");
diff --git a/modules/gmysqlbackend/nodnssec-3.x_to_3.4.0_schema.mysql.sql b/modules/gmysqlbackend/nodnssec-3.x_to_3.4.0_schema.mysql.sql
index 1c6804f27b..7d25b7cd31 100644
--- a/modules/gmysqlbackend/nodnssec-3.x_to_3.4.0_schema.mysql.sql
+++ b/modules/gmysqlbackend/nodnssec-3.x_to_3.4.0_schema.mysql.sql
@@ -7,6 +7,7 @@ ALTER TABLE records ADD ordername VARCHAR(255) BINARY DEFAULT NULL;
 ALTER TABLE records ADD auth TINYINT(1) DEFAULT 1;
 ALTER TABLE records MODIFY type VARCHAR(10);
 ALTER TABLE supermasters MODIFY ip VARCHAR(64) NOT NULL;
+ALTER TABLE supermasters MODIFY account VARCHAR(40) NOT NULL;
 ALTER TABLE supermasters ADD PRIMARY KEY(ip, nameserver);
 
 CREATE INDEX recordorder ON records (domain_id, ordername);
diff --git a/modules/gmysqlbackend/schema.mysql.sql b/modules/gmysqlbackend/schema.mysql.sql
index c40eba12e2..002fe928cc 100644
--- a/modules/gmysqlbackend/schema.mysql.sql
+++ b/modules/gmysqlbackend/schema.mysql.sql
@@ -35,7 +35,7 @@ CREATE INDEX recordorder ON records (domain_id, ordername);
 CREATE TABLE supermasters (
   ip                    VARCHAR(64) NOT NULL,
   nameserver            VARCHAR(255) NOT NULL,
-  account               VARCHAR(40) DEFAULT NULL,
+  account               VARCHAR(40) NOT NULL,
   PRIMARY KEY (ip, nameserver)
 ) Engine=InnoDB;
 
diff --git a/modules/goraclebackend/goraclebackend.cc b/modules/goraclebackend/goraclebackend.cc
index d6ae9b017b..bc3ec65ac1 100644
--- a/modules/goraclebackend/goraclebackend.cc
+++ b/modules/goraclebackend/goraclebackend.cc
@@ -77,7 +77,7 @@ public:
 
     declare(suffix,"info-all-slaves-query","","select id,name,master,last_check,type from domains where type='SLAVE'");
     declare(suffix,"supermaster-query","", "select account from supermasters where ip='%s' and nameserver='%s'");
-    declare(suffix,"supermaster-name-to-ips", "", "select ip from supermasters where nameserver='%s'");
+    declare(suffix,"supermaster-name-to-ips", "", "select ip,account from supermasters where nameserver='%s' and account='%s'");
 
     declare(suffix,"insert-zone-query","", "insert into domains (id, type, name) values(domain_id_sequence.nextval, 'NATIVE','%s')");
     declare(suffix,"insert-slave-query","", "insert into domains (id, type,name,master,account) values(domain_id_sequence.nextval, 'SLAVE','%s','%s','%s')");
diff --git a/modules/goraclebackend/schema.goracle.sql b/modules/goraclebackend/schema.goracle.sql
index 75319bae53..f15fb93a2c 100644
--- a/modules/goraclebackend/schema.goracle.sql
+++ b/modules/goraclebackend/schema.goracle.sql
@@ -37,7 +37,7 @@ CREATE INDEX records$recordorder ON records (domain_id, ordername);
 CREATE TABLE supermasters (
   ip              VARCHAR2(64) NOT NULL,
   nameserver      VARCHAR2(255) NOT NULL,
-  account         VARCHAR2(40) DEFAULT NULL,
+  account         VARCHAR2(40) NOT NULL,
   PRIMARY KEY (ip, nameserver)
 );
 
diff --git a/modules/gpgsqlbackend/dnssec-3.x_to_3.4.0_schema.pgsql.sql b/modules/gpgsqlbackend/dnssec-3.x_to_3.4.0_schema.pgsql.sql
index 471b558f06..a70cc357e9 100644
--- a/modules/gpgsqlbackend/dnssec-3.x_to_3.4.0_schema.pgsql.sql
+++ b/modules/gpgsqlbackend/dnssec-3.x_to_3.4.0_schema.pgsql.sql
@@ -7,6 +7,7 @@ ALTER TABLE records ALTER COLUMN content TYPE VARCHAR(65535);
 ALTER TABLE records ALTER COLUMN auth SET DEFAULT 't';
 ALTER TABLE records ALTER COLUMN type TYPE VARCHAR(10);
 ALTER TABLE supermasters ALTER COLUMN ip TYPE INET USING ip::INET;
+ALTER TABLE supermasters ALTER COLUMN account SET DEFAULT NOT NULL;
 ALTER TABLE supermasters ADD CONSTRAINT supermasters_pkey PRIMARY KEY (ip, nameserver);
 ALTER TABLE domainmetadata ALTER COLUMN kind TYPE VARCHAR(32);
 ALTER TABLE tsigkeys ALTER COLUMN algorithm TYPE VARCHAR(50);
diff --git a/modules/gpgsqlbackend/gpgsqlbackend.cc b/modules/gpgsqlbackend/gpgsqlbackend.cc
index d127cb4634..b1282c16d2 100644
--- a/modules/gpgsqlbackend/gpgsqlbackend.cc
+++ b/modules/gpgsqlbackend/gpgsqlbackend.cc
@@ -64,7 +64,7 @@ public:
 
     declare(suffix,"info-all-slaves-query","","select id,name,master,last_check,type from domains where type='SLAVE'");
     declare(suffix,"supermaster-query","", "select account from supermasters where ip='%s' and nameserver=E'%s'");
-    declare(suffix,"supermaster-name-to-ips", "", "select ip from supermasters where nameserver=E'%s'");
+    declare(suffix,"supermaster-name-to-ips", "", "select ip,account from supermasters where nameserver=E'%s' and account=E'%s'");
 
     declare(suffix,"insert-zone-query","", "insert into domains (type,name) values('NATIVE',E'%s')");
     declare(suffix,"insert-slave-query","", "insert into domains (type,name,master,account) values('SLAVE',E'%s',E'%s',E'%s')");
diff --git a/modules/gpgsqlbackend/nodnssec-3.x_to_3.4.0_schema.pgsql.sql b/modules/gpgsqlbackend/nodnssec-3.x_to_3.4.0_schema.pgsql.sql
index de206b17d9..b21458ed99 100644
--- a/modules/gpgsqlbackend/nodnssec-3.x_to_3.4.0_schema.pgsql.sql
+++ b/modules/gpgsqlbackend/nodnssec-3.x_to_3.4.0_schema.pgsql.sql
@@ -7,6 +7,7 @@ ALTER TABLE records ADD ordername VARCHAR(255);
 ALTER TABLE records ADD auth BOOL DEFAULT 't';
 ALTER TABLE records ALTER COLUMN type TYPE VARCHAR(10);
 ALTER TABLE supermasters ALTER COLUMN ip TYPE INET USING ip::INET;
+ALTER TABLE supermasters ALTER COLUMN account SET DEFAULT NOT NULL;
 ALTER TABLE supermasters ADD CONSTRAINT supermasters_pkey PRIMARY KEY (ip, nameserver);
 
 CREATE INDEX recordorder ON records (domain_id, ordername text_pattern_ops);
diff --git a/modules/gpgsqlbackend/schema.pgsql.sql b/modules/gpgsqlbackend/schema.pgsql.sql
index 99816b2a03..e14395b3d3 100644
--- a/modules/gpgsqlbackend/schema.pgsql.sql
+++ b/modules/gpgsqlbackend/schema.pgsql.sql
@@ -39,7 +39,7 @@ CREATE INDEX recordorder ON records (domain_id, ordername text_pattern_ops);
 CREATE TABLE supermasters (
   ip                    INET NOT NULL,
   nameserver            VARCHAR(255) NOT NULL,
-  account               VARCHAR(40) DEFAULT NULL,
+  account               VARCHAR(40) NOT NULL,
   PRIMARY KEY(ip, nameserver)
 );
 
diff --git a/modules/gsqlite3backend/dnssec-3.x_to_3.4.0_schema.sqlite3.sql b/modules/gsqlite3backend/dnssec-3.x_to_3.4.0_schema.sqlite3.sql
index 98d965d5ff..dc2f6c4b65 100644
--- a/modules/gsqlite3backend/dnssec-3.x_to_3.4.0_schema.sqlite3.sql
+++ b/modules/gsqlite3backend/dnssec-3.x_to_3.4.0_schema.sqlite3.sql
@@ -62,12 +62,13 @@ BEGIN TRANSACTION;
   );
 
   INSERT INTO supermasters_backup SELECT ip,nameserver,account FROM supermasters;
+  UPDATE supermasters_backup SET account='' WHERE account IS NULL;
   DROP TABLE supermasters;
 
   CREATE TABLE supermasters (
     ip                  VARCHAR(64) NOT NULL,
     nameserver          VARCHAR(255) NOT NULL COLLATE NOCASE,
-    account             VARCHAR(40) DEFAULT NULL
+    account             VARCHAR(40) NOT NULL
   );
   CREATE UNIQUE INDEX ip_nameserver_pk ON supermasters(ip, nameserver);
 
diff --git a/modules/gsqlite3backend/gsqlite3backend.cc b/modules/gsqlite3backend/gsqlite3backend.cc
index c5b257766c..88faa45f02 100644
--- a/modules/gsqlite3backend/gsqlite3backend.cc
+++ b/modules/gsqlite3backend/gsqlite3backend.cc
@@ -80,7 +80,7 @@ public:
 
     declare( suffix, "info-all-slaves-query", "","select id,name,master,last_check,type from domains where type='SLAVE'");
     declare( suffix, "supermaster-query", "", "select account from supermasters where ip='%s' and nameserver='%s'");
-    declare( suffix, "supermaster-name-to-ips", "", "select ip from supermasters where nameserver='%s'");
+    declare( suffix, "supermaster-name-to-ips", "", "select ip,account from supermasters where nameserver='%s' and account='%s'");
 
     declare( suffix, "insert-zone-query", "", "insert into domains (type,name) values('NATIVE','%s')");
     declare( suffix, "insert-slave-query", "", "insert into domains (type,name,master,account) values('SLAVE','%s','%s','%s')");
diff --git a/modules/gsqlite3backend/nodnssec-3.x_to_3.4.0_schema.sqlite3.sql b/modules/gsqlite3backend/nodnssec-3.x_to_3.4.0_schema.sqlite3.sql
index fe30a59bac..0385384fe7 100644
--- a/modules/gsqlite3backend/nodnssec-3.x_to_3.4.0_schema.sqlite3.sql
+++ b/modules/gsqlite3backend/nodnssec-3.x_to_3.4.0_schema.sqlite3.sql
@@ -59,12 +59,13 @@ BEGIN TRANSACTION;
   );
 
   INSERT INTO supermasters_backup SELECT ip, nameserver, account FROM supermasters;
+  UPDATE supermasters_backup SET account='' WHERE account IS NULL;
   DROP TABLE supermasters;
 
   CREATE TABLE supermasters (
     ip                  VARCHAR(64) NOT NULL,
     nameserver          VARCHAR(255) NOT NULL COLLATE NOCASE,
-    account             VARCHAR(40) DEFAULT NULL
+    account             VARCHAR(40) NOT NULL
   );
   CREATE UNIQUE INDEX ip_nameserver_pk ON supermasters(ip, nameserver);
 
diff --git a/modules/gsqlite3backend/schema.sqlite3.sql b/modules/gsqlite3backend/schema.sqlite3.sql
index 3f7b2c573c..7cdd2b8786 100644
--- a/modules/gsqlite3backend/schema.sqlite3.sql
+++ b/modules/gsqlite3backend/schema.sqlite3.sql
@@ -34,7 +34,7 @@ CREATE INDEX orderindex ON records(ordername);
 CREATE TABLE supermasters (
   ip                    VARCHAR(64) NOT NULL,
   nameserver            VARCHAR(255) NOT NULL COLLATE NOCASE,
-  account               VARCHAR(40) DEFAULT NULL
+  account               VARCHAR(40) NOT NULL
 );
 
 CREATE UNIQUE INDEX ip_nameserver_pk ON supermasters(ip, nameserver);
diff --git a/pdns/backends/gsql/gsqlbackend.cc b/pdns/backends/gsql/gsqlbackend.cc
index 6b89a2c19d..5f948c0f0e 100644
--- a/pdns/backends/gsql/gsqlbackend.cc
+++ b/pdns/backends/gsql/gsqlbackend.cc
@@ -918,13 +918,14 @@ bool GSQLBackend::createSlaveDomain(const string &ip, const string &domain, cons
     if (!nameserver.empty()) {
       // figure out all IP addresses for the master
       format = d_GetSuperMasterIPs;
-      snprintf(output,sizeof(output)-1,format.c_str(),sqlEscape(nameserver).c_str()); 
+      snprintf(output,sizeof(output)-1,format.c_str(),sqlEscape(nameserver).c_str(),sqlEscape(account).c_str());
       d_db->doQuery(output, d_result);
       if (!d_result.empty()) {
         // collect all IP addresses
         vector<string> tmp;
         BOOST_FOREACH(SSql::row_t& row, d_result) {
-          tmp.push_back(row[0]);
+          if (account == row[1])
+            tmp.push_back(row[0]);
         }
         // set them as domain's masters, comma separated
         masters = boost::join(tmp, ", ");
-- 
2.47.2