New interface for addKey()

- id of added key is returned by a reference parameter
- return type bool indicates success of adding the key
- id is returned as int64_t

diff --git a/docs/markdown/authoritative/backend-remote.md b/docs/markdown/authoritative/backend-remote.md
index f92314ff357f87ca95cf076e73ef2fba8dd4dcc9..613db1c62ac37ca5cd62bdb035067893d30aad80 100644 (file)
--- a/docs/markdown/authoritative/backend-remote.md
+++ b/docs/markdown/authoritative/backend-remote.md
@@ -369,8 +369,8 @@ Coefficient: 6S0vhIQITWzqfQSLj+wwRzs6qCvJckHb1+SD1XpwYjSgMTEUlZhf96m8WiaE1/fIt4Z
 Adds key into local storage. See [`getDomainKeys`](#getdomainkeys) for more information.
 
 * Mandatory: No
-* Parameters: name, key=`<flags,active,content>`
-* Reply: id (>= 0) for success, -1 for failure
+* Parameters: name, key=`<flags,active,content>`, id
+* Reply: true for success, false for failure
 
 #### Example JSON/RPC
 Query:

diff --git a/modules/bindbackend/bindbackend2.hh b/modules/bindbackend/bindbackend2.hh
index 114323ae554da72c2c7a1dfbc3d35d6fa3f364fe..21b45e3b4729e60fa56501e77aa29513fc352f6e 100644 (file)
--- a/modules/bindbackend/bindbackend2.hh
+++ b/modules/bindbackend/bindbackend2.hh
@@ -214,7 +214,7 @@ public:
   virtual bool setDomainMetadata(const DNSName& name, const std::string& kind, const std::vector<std::string>& meta);
   virtual bool getDomainKeys(const DNSName& name, unsigned int kind, std::vector<KeyData>& keys);
   virtual bool removeDomainKey(const DNSName& name, unsigned int id);
-  virtual int addDomainKey(const DNSName& name, const KeyData& key);
+  virtual bool addDomainKey(const DNSName& name, const KeyData& key, int64_t& id);
   virtual bool activateDomainKey(const DNSName& name, unsigned int id);
   virtual bool deactivateDomainKey(const DNSName& name, unsigned int id);
   virtual bool getTSIGKey(const DNSName& name, DNSName* algorithm, string* content);

diff --git a/modules/bindbackend/binddnssec.cc b/modules/bindbackend/binddnssec.cc
index ba57339b588841ab54795636ecbb865d2f760ccd..6d91db2331259bfa774e2ec7fc38a00670772bc2 100644 (file)
--- a/modules/bindbackend/binddnssec.cc
+++ b/modules/bindbackend/binddnssec.cc
@@ -56,7 +56,7 @@ bool Bind2Backend::getDomainKeys(const DNSName& name, unsigned int kind, std::ve
 bool Bind2Backend::removeDomainKey(const DNSName& name, unsigned int id)
 { return false; }
 
-int Bind2Backend::addDomainKey(const DNSName& name, const KeyData& key)
+bool Bind2Backend::addDomainKey(const DNSName& name, const KeyData& key, int64_t& id)
 { return -1; }
 
 bool Bind2Backend::activateDomainKey(const DNSName& name, unsigned int id)
@@ -308,10 +308,10 @@ bool Bind2Backend::removeDomainKey(const DNSName& name, unsigned int id)
   return true;
 }
 
-int Bind2Backend::addDomainKey(const DNSName& name, const KeyData& key)
+bool Bind2Backend::addDomainKey(const DNSName& name, const KeyData& key, int64_t& id)
 {
   if(!d_dnssecdb || d_hybrid)
-    return -1;
+    return false;
 
   try {
     d_insertDomainKeyQuery_stmt->
@@ -328,19 +328,22 @@ int Bind2Backend::addDomainKey(const DNSName& name, const KeyData& key)
 
   try {
     d_GetLastInsertedKeyIdQuery_stmt->execute();
-    if (!d_GetLastInsertedKeyIdQuery_stmt->hasNextRow())
-      throw PDNSException("GSQLBackend unable to get id");
+    if (!d_GetLastInsertedKeyIdQuery_stmt->hasNextRow()) {
+      id = -2;
+      return true;
+    }
     SSqlStatement::row_t row;
     d_GetLastInsertedKeyIdQuery_stmt->nextRow(row);
     int id = std::stoi(row[0]);
     d_GetLastInsertedKeyIdQuery_stmt->reset();
-    return id;
+    return true;
   }
   catch (SSqlException &e) {
-    throw PDNSException("DNSSEC database in BIND backend unable to get id: "+e.txtReason());
+    id = -2;
+    return true;
   }
 
-  return -1;
+  return false;
 }
 
 bool Bind2Backend::activateDomainKey(const DNSName& name, unsigned int id)

diff --git a/modules/geoipbackend/geoipbackend.cc b/modules/geoipbackend/geoipbackend.cc
index 841c6f016a13a95859b34dc28a19918095fe01e3..bfb9207edd1d9e2dc1042a26906162cd6129e99b 100644 (file)
--- a/modules/geoipbackend/geoipbackend.cc
+++ b/modules/geoipbackend/geoipbackend.cc
@@ -871,7 +871,7 @@ bool GeoIPBackend::removeDomainKey(const DNSName& name, unsigned int id) {
   return false;
 }
 
-int GeoIPBackend::addDomainKey(const DNSName& name, const KeyData& key) {
+bool GeoIPBackend::addDomainKey(const DNSName& name, const KeyData& key, int64_t& id) {
   if (!d_dnssec) return false;
   WriteLock rl(&s_state_lock);
   unsigned int nextid=1;
@@ -899,7 +899,8 @@ int GeoIPBackend::addDomainKey(const DNSName& name, const KeyData& key) {
       ofstream ofs(pathname.str().c_str());
       ofs.write(key.content.c_str(), key.content.size());
       ofs.close();
-      return nextid;
+      id = nextid;
+      return true;
     }
   }
   return false;

diff --git a/modules/geoipbackend/geoipbackend.hh b/modules/geoipbackend/geoipbackend.hh
index 94fc1646b43ab011891bf8244870cb13c7e9e977..52990770ea013e3569440b392377c091e9672d22 100644 (file)
--- a/modules/geoipbackend/geoipbackend.hh
+++ b/modules/geoipbackend/geoipbackend.hh
@@ -64,7 +64,7 @@ public:
   virtual bool getDomainMetadata(const DNSName& name, const std::string& kind, std::vector<std::string>& meta);
   virtual bool getDomainKeys(const DNSName& name, unsigned int kind, std::vector<DNSBackend::KeyData>& keys);
   virtual bool removeDomainKey(const DNSName& name, unsigned int id);
-  virtual int addDomainKey(const DNSName& name, const KeyData& key);
+  virtual bool addDomainKey(const DNSName& name, const KeyData& key, int64_t& id);
   virtual bool activateDomainKey(const DNSName& name, unsigned int id);
   virtual bool deactivateDomainKey(const DNSName& name, unsigned int id);
 

diff --git a/modules/luabackend/dnssec.cc b/modules/luabackend/dnssec.cc
index c833143df38362917404d46b79c32006d3f3997c..aa00b7a92887dd9c2850dfb70e28351a2dc2f0e0 100644 (file)
--- a/modules/luabackend/dnssec.cc
+++ b/modules/luabackend/dnssec.cc
@@ -312,13 +312,13 @@ bool LUABackend::removeDomainKey(const DNSName& name, unsigned int id) {
     return ok;
 }
 
-int LUABackend::addDomainKey(const DNSName& name, const KeyData& key) {
+bool LUABackend::addDomainKey(const DNSName& name, const KeyData& key, int64_t& id) {
 // there is no logging function in pdnsutil when running this routine?
 
 //key = id, flags, active, content
 
     if(f_lua_adddomainkey == 0) 
-       return -1;
+       return false;
 
     if(logging)
        //L << Logger::Info << backend_name << "(addDomainKey) BEGIN name: '" << name << "' id: '" << id << endl;
@@ -347,7 +347,6 @@ int LUABackend::addDomainKey(const DNSName& name, const KeyData& key) {
         lua_pop(lua, 1);
 
         throw runtime_error(e);
-        return -1;
     }
 
     size_t returnedwhat = lua_type(lua, -1);
@@ -359,9 +358,9 @@ int LUABackend::addDomainKey(const DNSName& name, const KeyData& key) {
     lua_pop(lua, 1);
 
     if(logging)
-       cerr << backend_name << "(addDomainKey) END" << endl;
-       
-    return ok;
+        cerr << backend_name << "(addDomainKey) END" << endl;
+
+    return ok >= 0;
 }
 
 bool LUABackend::getDomainKeys(const DNSName& name, unsigned int kind, std::vector<KeyData>& keys) {

diff --git a/modules/luabackend/luabackend.hh b/modules/luabackend/luabackend.hh
index b658af576e6766c11b39b91ff50ade538b8fa3d0..c861558a60fb01543688fdb0caa8673e07db9e5f 100644 (file)
--- a/modules/luabackend/luabackend.hh
+++ b/modules/luabackend/luabackend.hh
@@ -98,7 +98,7 @@ public:
     bool activateDomainKey(const DNSName& name, unsigned int id) override ;
     bool deactivateDomainKey(const DNSName& name, unsigned int id) override ;
     bool getTSIGKey(const DNSName& name, DNSName* algorithm, string* content) override ;
-    int addDomainKey(const DNSName& name, const KeyData& key) override ;
+    bool addDomainKey(const DNSName& name, const KeyData& key, int64_t& id) override ;
     bool updateDNSSECOrderAndAuthAbsolute(uint32_t domain_id, const DNSName& qname, const std::string& ordername, bool auth);
     bool getBeforeAndAfterNamesAbsolute(uint32_t id, const      string& qname, DNSName& unhashed, string& before, string& after) override;
     bool updateDNSSECOrderNameAndAuth(uint32_t domain_id, const DNSName& zonename, const DNSName& qname, const DNSName& ordername, bool auth, const uint16_t qtype=QType::ANY) override;

diff --git a/modules/oraclebackend/oraclebackend.cc b/modules/oraclebackend/oraclebackend.cc
index 72a2991243d6b24539e2559d6e174303a80d2b68..b3ab9fd8edb2bf882c341de2a7a414d4626dd3c6 100644 (file)
--- a/modules/oraclebackend/oraclebackend.cc
+++ b/modules/oraclebackend/oraclebackend.cc
@@ -1649,11 +1649,11 @@ OracleBackend::removeDomainKey (const DNSName& name, unsigned int id)
   return true;
 }
 
-int
-OracleBackend::addDomainKey (const DNSName& name, const KeyData& key)
+bool
+OracleBackend::addDomainKey (const DNSName& name, const KeyData& key, int64_t& id)
 {
   if(!d_dnssecQueries)
-    return -1;
+    return false;
   DomainInfo di;
   if (getDomainInfo(name, di) == false) return false;
 
@@ -1697,7 +1697,8 @@ OracleBackend::addDomainKey (const DNSName& name, const KeyData& key)
     throw OracleException("Oracle addDomainKey COMMIT", oraerr);
   }
 
-  return key_id;
+  id = key_id;
+  return key_id >= 0;
 }
 
 bool

diff --git a/modules/oraclebackend/oraclebackend.hh b/modules/oraclebackend/oraclebackend.hh
index 7443b9d9c8c6895f613d77e0025ff37031186e45..f2fcc15d3f8e5ddad7132cb9dd16886ff7f9548b 100644 (file)
--- a/modules/oraclebackend/oraclebackend.hh
+++ b/modules/oraclebackend/oraclebackend.hh
@@ -106,7 +106,7 @@ public:
 
   bool getDomainKeys(const DNSName& name, unsigned int kind, vector<KeyData>& keys);
   bool removeDomainKey(const DNSName& name, unsigned int id);
-  int addDomainKey(const DNSName& name, const KeyData& key);
+  bool addDomainKey(const DNSName& name, const KeyData& key, int64_t& id);
   bool activateDomainKey(const DNSName& name, unsigned int id);
   bool deactivateDomainKey(const DNSName& name, unsigned int id);
 

diff --git a/modules/remotebackend/remotebackend.cc b/modules/remotebackend/remotebackend.cc
index 436b23293f0302e9d6f82370ec8ef60a721c7b2f..5f76b4d846ac6d9c70f8ea44640fe154f1cd7122 100644 (file)
--- a/modules/remotebackend/remotebackend.cc
+++ b/modules/remotebackend/remotebackend.cc
@@ -405,7 +405,7 @@ bool RemoteBackend::removeDomainKey(const DNSName& name, unsigned int id) {
    return true;
 }
 
-int RemoteBackend::addDomainKey(const DNSName& name, const KeyData& key) {
+bool RemoteBackend::addDomainKey(const DNSName& name, const KeyData& key, int64_t& id) {
    // no point doing dnssec if it's not supported
    if (d_dnssec == false) return false;
 
@@ -425,7 +425,8 @@ int RemoteBackend::addDomainKey(const DNSName& name, const KeyData& key) {
    if (this->send(query) == false || this->recv(answer) == false)
      return false;
 
-   return answer["result"].int_value();
+   id = answer["result"].int_value();
+   return id >= 0;
 }
 
 bool RemoteBackend::activateDomainKey(const DNSName& name, unsigned int id) {

diff --git a/modules/remotebackend/remotebackend.hh b/modules/remotebackend/remotebackend.hh
index 0a71cf341839e2584ba8d83e3d2e59d76feb978e..0cf0f39817d10bded56260f17b511afeddfb5737 100644 (file)
--- a/modules/remotebackend/remotebackend.hh
+++ b/modules/remotebackend/remotebackend.hh
@@ -165,7 +165,7 @@ class RemoteBackend : public DNSBackend
   virtual bool getBeforeAndAfterNamesAbsolute(uint32_t id, const string& qname, DNSName& unhashed, string& before, string& after);
   virtual bool setDomainMetadata(const DNSName& name, const string& kind, const std::vector<std::basic_string<char> >& meta);
   virtual bool removeDomainKey(const DNSName& name, unsigned int id);
-  virtual int addDomainKey(const DNSName& name, const KeyData& key);
+  virtual bool addDomainKey(const DNSName& name, const KeyData& key, int64_t& id);
   virtual bool activateDomainKey(const DNSName& name, unsigned int id);
   virtual bool deactivateDomainKey(const DNSName& name, unsigned int id);
   virtual bool getDomainInfo(const DNSName& domain, DomainInfo& di);

diff --git a/pdns/backends/gsql/gsqlbackend.cc b/pdns/backends/gsql/gsqlbackend.cc
index 79b51293f2f78804ffb18ab3b1c2955610bd6122..8c01b14afdadcbae46e7416279863b60b72d3af5 100644 (file)
--- a/pdns/backends/gsql/gsqlbackend.cc
+++ b/pdns/backends/gsql/gsqlbackend.cc
@@ -645,10 +645,10 @@ bool GSQLBackend::getBeforeAndAfterNamesAbsolute(uint32_t id, const string& qnam
   return true;
 }
 
-int GSQLBackend::addDomainKey(const DNSName& name, const KeyData& key)
+bool GSQLBackend::addDomainKey(const DNSName& name, const KeyData& key, int64_t& id)
 {
   if(!d_dnssecQueries)
-    return -1;
+    return false;
 
   try {
     d_AddDomainKeyQuery_stmt->
@@ -665,19 +665,22 @@ int GSQLBackend::addDomainKey(const DNSName& name, const KeyData& key)
 
   try {
     d_GetLastInsertedKeyIdQuery_stmt->execute();
-    if (!d_GetLastInsertedKeyIdQuery_stmt->hasNextRow())
-      throw PDNSException("GSQLBackend unable to get id");
+    if (!d_GetLastInsertedKeyIdQuery_stmt->hasNextRow()) {
+      id = -2;
+      return true;
+    }
     SSqlStatement::row_t row;
     d_GetLastInsertedKeyIdQuery_stmt->nextRow(row);
-    int id = std::stoi(row[0]);
+    id = std::stoi(row[0]);
     d_GetLastInsertedKeyIdQuery_stmt->reset();
-    return id;
+    return true;
   }
   catch (SSqlException &e) {
-    throw PDNSException("GSQLBackend unable to get id: "+e.txtReason());
+    id = -2;
+    return true;
   }
 
-  return -1;
+  return false;
 }
 
 bool GSQLBackend::activateDomainKey(const DNSName& name, unsigned int id)

diff --git a/pdns/backends/gsql/gsqlbackend.hh b/pdns/backends/gsql/gsqlbackend.hh
index d5deb3a200ed1f1c9f9d9881addc33ee6edaaf4a..cfd3ff54208bd19711c0c2e1abe8a926f3ddb66b 100644 (file)
--- a/pdns/backends/gsql/gsqlbackend.hh
+++ b/pdns/backends/gsql/gsqlbackend.hh
@@ -217,7 +217,7 @@ public:
 
   bool replaceRRSet(uint32_t domain_id, const DNSName& qname, const QType& qt, const vector<DNSResourceRecord>& rrset);
   bool listSubZone(const DNSName &zone, int domain_id);
-  int addDomainKey(const DNSName& name, const KeyData& key);
+  bool addDomainKey(const DNSName& name, const KeyData& key, int64_t& id);
   bool getDomainKeys(const DNSName& name, unsigned int kind, std::vector<KeyData>& keys);
   bool getAllDomainMetadata(const DNSName& name, std::map<std::string, std::vector<std::string> >& meta);
   bool getDomainMetadata(const DNSName& name, const std::string& kind, std::vector<std::string>& meta);

diff --git a/pdns/dbdnsseckeeper.cc b/pdns/dbdnsseckeeper.cc
index 66f2c4a0c7d4de12010c70095a44fa3650b1ce4a..e770e4ccc360d201e6a6e75d9ae054f4ee0c5361 100644 (file)
--- a/pdns/dbdnsseckeeper.cc
+++ b/pdns/dbdnsseckeeper.cc
@@ -73,7 +73,7 @@ bool DNSSECKeeper::isPresigned(const DNSName& name)
   return meta=="1";
 }
 
-int DNSSECKeeper::addKey(const DNSName& name, bool setSEPBit, int algorithm, int bits, bool active)
+bool DNSSECKeeper::addKey(const DNSName& name, bool setSEPBit, int algorithm, int64_t& id, int bits, bool active)
 {
   if(!bits) {
     if(algorithm <= 10)
@@ -98,7 +98,7 @@ int DNSSECKeeper::addKey(const DNSName& name, bool setSEPBit, int algorithm, int
   dspk.setKey(dpk);
   dspk.d_algorithm = algorithm;
   dspk.d_flags = setSEPBit ? 257 : 256;
-  return addKey(name, dspk, active);
+  return addKey(name, dspk, id, active);
 }
 
 void DNSSECKeeper::clearAllCaches() {
@@ -123,7 +123,7 @@ void DNSSECKeeper::clearCaches(const DNSName& name)
 }
 
 
-int DNSSECKeeper::addKey(const DNSName& name, const DNSSECPrivateKey& dpk, bool active)
+bool DNSSECKeeper::addKey(const DNSName& name, const DNSSECPrivateKey& dpk, int64_t& id, bool active)
 {
   clearCaches(name);
   DNSBackend::KeyData kd;
@@ -131,7 +131,7 @@ int DNSSECKeeper::addKey(const DNSName& name, const DNSSECPrivateKey& dpk, bool
   kd.active = active;
   kd.content = dpk.getKey()->convertToISC();
  // now store it
-  return d_keymetadb->addDomainKey(name, kd);
+  return d_keymetadb->addDomainKey(name, kd, id);
 }
 
 

diff --git a/pdns/dnsbackend.hh b/pdns/dnsbackend.hh
index 9ae0492e8ca7693afd6aaa4c5b4505fd2e5f8db9..e97b879889cca71803084cba0fb408c248c1239a 100644 (file)
--- a/pdns/dnsbackend.hh
+++ b/pdns/dnsbackend.hh
@@ -179,7 +179,7 @@ public:
 
   virtual bool getDomainKeys(const DNSName& name, unsigned int kind, std::vector<KeyData>& keys) { return false;}
   virtual bool removeDomainKey(const DNSName& name, unsigned int id) { return false; }
-  virtual int addDomainKey(const DNSName& name, const KeyData& key){ return -1; }
+  virtual bool addDomainKey(const DNSName& name, const KeyData& key, int64_t& id){ return false; }
   virtual bool activateDomainKey(const DNSName& name, unsigned int id) { return false; }
   virtual bool deactivateDomainKey(const DNSName& name, unsigned int id) { return false; }
 

diff --git a/pdns/dnsseckeeper.hh b/pdns/dnsseckeeper.hh
index 0c5d4e8856c5275fdc8778abcb4b7abd075a2f1d..d88d8e97cb6c29ce0676d9849e8bf63ad9db52d2 100644 (file)
--- a/pdns/dnsseckeeper.hh
+++ b/pdns/dnsseckeeper.hh
@@ -161,8 +161,8 @@ public:
   keyset_t getEntryPoints(const DNSName& zname);
   keyset_t getKeys(const DNSName& zone, bool useCache = true);
   DNSSECPrivateKey getKeyById(const DNSName& zone, unsigned int id);
-  int addKey(const DNSName& zname, bool setSEPBit, int algorithm, int bits=0, bool active=true);
-  int addKey(const DNSName& zname, const DNSSECPrivateKey& dpk, bool active=true);
+  bool addKey(const DNSName& zname, bool setSEPBit, int algorithm, int64_t& id, int bits=0, bool active=true);
+  bool addKey(const DNSName& zname, const DNSSECPrivateKey& dpk, int64_t& id, bool active=true);
   bool removeKey(const DNSName& zname, unsigned int id);
   bool activateKey(const DNSName& zname, unsigned int id);
   bool deactivateKey(const DNSName& zname, unsigned int id);

diff --git a/pdns/pdnsutil.cc b/pdns/pdnsutil.cc
index 29a3c773a099b7dcdb7492ed8c61780fb8632c95..6378d70f601a4c5f565318f9119afee81caefb9a 100644 (file)
--- a/pdns/pdnsutil.cc
+++ b/pdns/pdnsutil.cc
@@ -1702,7 +1702,9 @@ bool secureZone(DNSSECKeeper& dk, const DNSName& zone)
   vector<string> k_algos;
   vector<string> z_algos;
   int k_size;
-  int z_size; 
+  int z_size;
+  // temp var for addKey
+  int64_t id;
 
   stringtok(k_algos, ::arg()["default-ksk-algorithms"], " ,");
   k_size = ::arg().asNum("default-ksk-size");
@@ -1747,13 +1749,12 @@ bool secureZone(DNSSECKeeper& dk, const DNSName& zone)
   if (k_algos.empty()) { /* only a ZSK was requested by the defaults, set the SEP bit */
   }
 
-
   for(auto &k_algo: k_algos) {
     cout << "Adding "<<(z_algos.empty()? "CSK (257)" : "KSK")<<" with algorithm " << k_algo << endl;
 
     int algo = DNSSECKeeper::shorthand2algorithm(k_algo);
 
-    if(dk.addKey(zone, true, algo, k_size, true) < 0) {
+    if (!dk.addKey(zone, true, algo, id, k_size, true)) {
       cerr<<"No backend was able to secure '"<<zone<<"', most likely because no DNSSEC"<<endl;
       cerr<<"capable backends are loaded, or because the backends have DNSSEC disabled."<<endl;
       cerr<<"For the Generic SQL backends, set the 'gsqlite3-dnssec', 'gmysql-dnssec' or"<<endl;
@@ -1768,7 +1769,7 @@ bool secureZone(DNSSECKeeper& dk, const DNSName& zone)
 
     int algo = DNSSECKeeper::shorthand2algorithm(z_algo);
 
-    if(!dk.addKey(zone, false, algo, z_size, true) < 0) {
+    if (!dk.addKey(zone, false, algo, id, z_size, true)) {
       cerr<<"No backend was able to secure '"<<zone<<"', most likely because no DNSSEC"<<endl;
       cerr<<"capable backends are loaded, or because the backends have DNSSEC disabled."<<endl;
       cerr<<"For the Generic SQL backends, set the 'gsqlite3-dnssec', 'gmysql-dnssec' or"<<endl;
@@ -2254,16 +2255,21 @@ loadMainConfig(g_vm["config-dir"].as<string>());
         exit(EXIT_FAILURE);;
       }
     }
-    int id;
-    if((id = dk.addKey(zone, keyOrZone, algorithm, bits, active)) < 0) {
+    int64_t id;
+    if (!dk.addKey(zone, keyOrZone, algorithm, id, bits, active)) {
       cerr<<"Adding key failed, perhaps DNSSEC not enabled in configuration?"<<endl;
       exit(1);
-    }
-    else {
+    } else {
       cerr<<"Added a " << (keyOrZone ? "KSK" : "ZSK")<<" with algorithm = "<<algorithm<<", active="<<active<<endl;
-      if(bits)
+      if (bits)
         cerr<<"Requested specific key size of "<<bits<<" bits"<<endl;
-      cout<<std::to_string(id)<<endl;
+      if (id == -1) {
+        cerr<<std::to_string(id)<<"Key was added, but backend does not support returning of key id"<<endl;
+      } else if (id < -1) {
+        cerr<<std::to_string(id)<<"Key was added, but there was a failure while returning the key id"<<endl;
+      } else {
+        cout<<std::to_string(id)<<endl;
+      }
     }
   }
   else if(cmds[0] == "remove-zone-key") {
@@ -2640,12 +2646,18 @@ loadMainConfig(g_vm["config-dir"].as<string>());
     else
       dpk.d_flags = 257; // ksk
 
-    int id;
-    if((id = dk.addKey(DNSName(zone), dpk)) < 0) {
+    int64_t id;
+    if (!dk.addKey(DNSName(zone), dpk, id)) {
       cerr<<"Adding key failed, perhaps DNSSEC not enabled in configuration?"<<endl;
       exit(1);
     }
-    cout<<std::to_string(id)<<endl;
+    if (id == -1) {
+      cerr<<std::to_string(id)<<"Key was added, but backend does not support returning of key id"<<endl;
+    } else if (id < -1) {
+      cerr<<std::to_string(id)<<"Key was added, but there was a failure while returning the key id"<<endl;
+    } else {
+      cout<<std::to_string(id)<<endl;
+    }
     
   }
   else if(cmds[0]=="import-zone-key") {
@@ -2681,12 +2693,18 @@ loadMainConfig(g_vm["config-dir"].as<string>());
         exit(1);
       }          
     }
-    int id;
-    if((id = dk.addKey(DNSName(zone), dpk, active)) < 0) {
+    int64_t id;
+    if (!dk.addKey(DNSName(zone), dpk, id, active)) {
       cerr<<"Adding key failed, perhaps DNSSEC not enabled in configuration?"<<endl;
       exit(1);
     }
-    cout<<std::to_string(id)<<endl;
+    if (id == -1) {
+      cerr<<std::to_string(id)<<"Key was added, but backend does not support returning of key id"<<endl;
+    } else if (id < -1) {
+      cerr<<std::to_string(id)<<"Key was added, but there was a failure while returning the key id"<<endl;
+    } else {
+      cout<<std::to_string(id)<<endl;
+    }
   }
   else if(cmds[0]=="export-zone-dnskey") {
     if(cmds.size() < 3) {
@@ -2982,7 +3000,7 @@ loadMainConfig(g_vm["config-dir"].as<string>());
         return 1;
       }
 
-      int id;
+      int64_t id;
       bool keyOrZone = (cmds[4] == "ksk" ? true : false);
       string module = cmds[5];
       string slot = cmds[6];
@@ -2997,55 +3015,42 @@ loadMainConfig(g_vm["config-dir"].as<string>());
         "PIN: " << pin << std::endl << 
         "Label: " << label << std::endl;
 
-     DNSKEYRecordContent drc; 
-     DNSSECPrivateKey dpk;
-     dpk.d_flags = (keyOrZone ? 257 : 256);
-
-     shared_ptr<DNSCryptoKeyEngine> dke(DNSCryptoKeyEngine::makeFromISCString(drc, iscString.str()));
-     if(!dke->checkKey()) {
-       cerr << "Invalid DNS Private Key in engine " << module << " slot " << slot << std::endl;
-       return 1;
-     }
-     dpk.setKey(dke);
-
-     // make sure this key isn't being reused.
-     B.getDomainKeys(zone, 0, keys);
-     id = -1;
-
-     for(DNSBackend::KeyData& kd :  keys) {
-       if (kd.content == iscString.str()) {
-         // it's this one, I guess...
-         id = kd.id;
-         break;
-       }
-     }
+      DNSKEYRecordContent drc;
+      DNSSECPrivateKey dpk;
+      dpk.d_flags = (keyOrZone ? 257 : 256);
 
-     if (id > -1) {
-       cerr << "You have already assigned this key with ID=" << id << std::endl;
-       return 1;
-     }
+      shared_ptr<DNSCryptoKeyEngine> dke(DNSCryptoKeyEngine::makeFromISCString(drc, iscString.str()));
+      if(!dke->checkKey()) {
+        cerr << "Invalid DNS Private Key in engine " << module << " slot " << slot << std::endl;
+        return 1;
+      }
+      dpk.setKey(dke);
 
-     if (!(id = dk.addKey(zone, dpk))) {
-       cerr << "Unable to assign module slot to zone" << std::endl;
-       return 1;
-     }
+      // make sure this key isn't being reused.
+      B.getDomainKeys(zone, 0, keys);
+      id = -1;
 
-     // figure out key id.
+      for(DNSBackend::KeyData& kd :  keys) {
+        if (kd.content == iscString.str()) {
+          // it's this one, I guess...
+          id = kd.id;
+          break;
+        }
+      }
 
-     B.getDomainKeys(zone, 0, keys);
+      if (id > -1) {
+        cerr << "You have already assigned this key with ID=" << id << std::endl;
+        return 1;
+      }
 
-     // validate which one got the key...
-     for(DNSBackend::KeyData& kd :  keys) {
-       if (kd.content == iscString.str()) {
-         // it's this one, I guess...
-         id = kd.id;
-         break;
-       }
-     }
+      if (!dk.addKey(zone, dpk, id)) {
+        cerr << "Unable to assign module slot to zone" << std::endl;
+        return 1;
+      }
 
-     cerr << "Module " << module << " slot " << slot << " assigned to " << zone << " with key id " << id << endl;
+      cerr << "Module " << module << " slot " << slot << " assigned to " << zone << " with key id " << id << endl;
 
-     return 0;
+      return 0;
     } else if (cmds[1] == "create-key") {
 
       if (cmds.size() < 4) {
@@ -3175,10 +3180,12 @@ loadMainConfig(g_vm["config-dir"].as<string>());
       }
       // move keys
       nk=0;
+      // temp var for KeyID
+      int64_t keyID;
       std::vector<DNSBackend::KeyData> keys;
       if (src->getDomainKeys(di.zone, 0, keys)) {
         for(const DNSBackend::KeyData& k: keys) {
-          tgt->addDomainKey(di.zone, k);
+          tgt->addDomainKey(di.zone, k, keyID);
           nk++;
         }
       }

diff --git a/pdns/ueberbackend.cc b/pdns/ueberbackend.cc
index 9557b36fc35cc8b73c329be9ecf4b7b12f735b60..fe97528c4e22ec97b0275d62ceb8acc58e078ce1 100644 (file)
--- a/pdns/ueberbackend.cc
+++ b/pdns/ueberbackend.cc
@@ -99,14 +99,14 @@ bool UeberBackend::createDomain(const DNSName &domain)
   return false;
 }
 
-int UeberBackend::addDomainKey(const DNSName& name, const DNSBackend::KeyData& key)
+bool UeberBackend::addDomainKey(const DNSName& name, const DNSBackend::KeyData& key, int64_t& id)
 {
-  int ret;
+  id = -1;
   for(DNSBackend* db :  backends) {
-    if((ret = db->addDomainKey(name, key)) >= 0)
-      return ret;
+    if(db->addDomainKey(name, key, id))
+      return true;
   }
-  return -1;
+  return false;
 }
 bool UeberBackend::getDomainKeys(const DNSName& name, unsigned int kind, std::vector<DNSBackend::KeyData>& keys)
 {

diff --git a/pdns/ueberbackend.hh b/pdns/ueberbackend.hh
index 7c1aecd530e48bb306b40421f70a4baf4b000aee..ab1eb2dac51c98fc80ce95d7bf7dcc94c82e79d6 100644 (file)
--- a/pdns/ueberbackend.hh
+++ b/pdns/ueberbackend.hh
@@ -116,7 +116,7 @@ public:
   bool getDomainInfo(const DNSName &domain, DomainInfo &di);
   bool createDomain(const DNSName &domain);
   
-  int addDomainKey(const DNSName& name, const DNSBackend::KeyData& key);
+  bool addDomainKey(const DNSName& name, const DNSBackend::KeyData& key, int64_t& id);
   bool getDomainKeys(const DNSName& name, unsigned int kind, std::vector<DNSBackend::KeyData>& keys);
   bool getAllDomainMetadata(const DNSName& name, std::map<std::string, std::vector<std::string> >& meta);
   bool getDomainMetadata(const DNSName& name, const std::string& kind, std::vector<std::string>& meta);