]> git.ipfire.org Git - thirdparty/pdns.git/commitdiff
projects / thirdparty / pdns.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 80def6b)
Check return of getTSIGKey and B64Decode in the Slave Communicator
authorPieter Lexis <pieter.lexis@powerdns.com>
Thu, 9 Nov 2017 11:01:32 +0000 (12:01 +0100)
committerRemi Gacogne <remi.gacogne@powerdns.com>
Tue, 21 Nov 2017 14:49:21 +0000 (15:49 +0100)
(cherry picked from commit 40920298b1342affae194d77b229dc0a335a90a6)

pdns/slavecommunicator.cc patch | blob | blame | history

diff --git a/pdns/slavecommunicator.cc b/pdns/slavecommunicator.cc
index 0f854d27ea71cf644abac64afe13252035071e2e..8d096f2ae5c4e0b18c81f9b0816884f4fe382329 100644 (file)
--- a/pdns/slavecommunicator.cc
+++ b/pdns/slavecommunicator.cc
@@ -782,8 +782,14 @@ void CommunicatorClass::slaveRefresh(PacketHandler *P)
 
       if(dk.getTSIGForAccess(di.zone, sr.master, &dni.tsigkeyname)) {
         string secret64;
-        B->getTSIGKey(dni.tsigkeyname, &dni.tsigalgname, &secret64);
-        B64Decode(secret64, dni.tsigsecret);
+        if(!B->getTSIGKey(dni.tsigkeyname, &dni.tsigalgname, &secret64)) {
+          L<<Logger::Error<<"TSIG key '"<<dni.tsigkeyname<<"' for domain '"<<di.zone<<"' not found, can not AXFR."<<endl;
+          continue;
+        }
+        if (B64Decode(secret64, dni.tsigsecret) == -1) {
+          L<<Logger::Error<<"Unable to Base-64 decode TSIG key '"<<dni.tsigkeyname<<"' for domain '"<<di.zone<<"', can not AXFR."<<endl;
+          continue;
+        }
       }
 
       localaddr.clear();
Unnamed repository; edit this file 'description' to name the repository.