Fix it so NSEC and NSEC3 records will not include DNSKEY in the typemap if there...

author Robin Geuze <robing@transip.nl>

Fri, 13 Mar 2020 12:09:10 +0000 (13:09 +0100)

committer Peter van Dijk <peter.van.dijk@powerdns.com>

Mon, 16 Mar 2020 09:09:15 +0000 (10:09 +0100)
author Robin Geuze <robing@transip.nl>
Fri, 13 Mar 2020 12:09:10 +0000 (13:09 +0100)
committer Peter van Dijk <peter.van.dijk@powerdns.com>
Mon, 16 Mar 2020 09:09:15 +0000 (10:09 +0100)
diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc

index 580039217b07a391e9381b218fb0e6284526152e..2fca6494f4715fe9f4e689e17ee048a6d1cd5ce9 100644 (file)
--- a/pdns/packethandler.cc
+++ b/pdns/packethandler.cc
@@ -504,7 +504,10 @@ void PacketHandler::emitNSEC(std::unique_ptr<DNSPacket>& r, const SOAData& sd, c
    nrc.set(QType::RRSIG);
    if(sd.qname == name) {
      nrc.set(QType::SOA); // 1dfd8ad SOA can live outside the records table
-    nrc.set(QType::DNSKEY);
+    auto keyset = d_dk.getKeys(name);
+    if (!keyset.empty()) {
+      nrc.set(QType::DNSKEY);
+    }
      string publishCDNSKEY;
      d_dk.getPublishCDNSKEY(name, publishCDNSKEY);
      if (publishCDNSKEY == "1")
@@ -553,7 +556,10 @@ void PacketHandler::emitNSEC3(std::unique_ptr<DNSPacket>& r, const SOAData& sd,
      if (sd.qname == name) {
        n3rc.set(QType::SOA); // 1dfd8ad SOA can live outside the records table
        n3rc.set(QType::NSEC3PARAM);
-      n3rc.set(QType::DNSKEY);
+      auto keyset = d_dk.getKeys(name);
+      if (!keyset.empty()) {
+        n3rc.set(QType::DNSKEY);
+      }
        string publishCDNSKEY;
        d_dk.getPublishCDNSKEY(name, publishCDNSKEY);
        if (publishCDNSKEY == "1")
author	Robin Geuze <robing@transip.nl>
	Fri, 13 Mar 2020 12:09:10 +0000 (13:09 +0100)
committer	Peter van Dijk <peter.van.dijk@powerdns.com>
	Mon, 16 Mar 2020 09:09:15 +0000 (10:09 +0100)