From: Peter van Dijk <peter.van.dijk@powerdns.com>
Date: Tue, 6 May 2025 10:19:05 +0000 (+0200)
Subject: replace soaData.qname by a getter based on zonename
X-Git-Tag: auth-5.0.0-alpha1~1^2~6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5fe3d78614eb73f0941d2f2e9add38ef9d73f1e8;p=thirdparty%2Fpdns.git

replace soaData.qname by a getter based on zonename
---

diff --git a/pdns/dnsbackend.cc b/pdns/dnsbackend.cc
index 32145772f3..90901e91a8 100644
--- a/pdns/dnsbackend.cc
+++ b/pdns/dnsbackend.cc
@@ -274,7 +274,6 @@ bool DNSBackend::getSOA(const ZoneName& domain, domainid_t zoneId, SOAData& soaD
       }
       hits++;
       soaData.zonename = domain.makeLowerCase();
-      soaData.qname = soaData.zonename.operator const DNSName&();
       soaData.ttl = resourceRecord.ttl;
       soaData.db = this;
       soaData.domain_id = resourceRecord.domain_id;
diff --git a/pdns/dnsbackend.hh b/pdns/dnsbackend.hh
index 4499f1b90f..19b2efb23f 100644
--- a/pdns/dnsbackend.hh
+++ b/pdns/dnsbackend.hh
@@ -579,8 +579,12 @@ struct SOAData
   SOAData() :
     domain_id(UnknownDomainID) {};
 
-  DNSName qname; // FIXME: now mostly redundant with zonename, simplify usage
+#if defined(PDNS_AUTH)
+  const DNSName& qname() const { return zonename.operator const DNSName&(); }
   ZoneName zonename;
+#else
+  DNSName qname;
+#endif
   DNSName nameserver;
   DNSName rname;
   uint32_t ttl{};
diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc
index 7e1e1b30cb..d32fc6efaa 100644
--- a/pdns/packethandler.cc
+++ b/pdns/packethandler.cc
@@ -334,14 +334,16 @@ vector<DNSZoneRecord> PacketHandler::getBestReferralNS(DNSPacket& p, const DNSNa
   DNSZoneRecord rr;
   DNSName subdomain(target);
   do {
-    if(subdomain == d_sd.qname) // stop at SOA
+    if(subdomain == d_sd.qname()) { // stop at SOA
       break;
+    }
     B.lookup(QType(QType::NS), subdomain, d_sd.domain_id, &p);
     while(B.get(rr)) {
       ret.push_back(rr); // this used to exclude auth NS records for some reason
     }
-    if(!ret.empty())
+    if(!ret.empty()) {
       return ret;
+    }
   } while( subdomain.chopOff() );   // 'www.powerdns.org' -> 'powerdns.org' -> 'org' -> ''
   return ret;
 }
@@ -353,7 +355,7 @@ void PacketHandler::getBestDNAMESynth(DNSPacket& p, DNSName &target, vector<DNSZ
   DNSName prefix;
   DNSName subdomain(target);
   do {
-    DLOG(g_log<<"Attempting DNAME lookup for "<<subdomain<<", d_sd.qname="<<d_sd.qname<<endl);
+    DLOG(g_log<<"Attempting DNAME lookup for "<<subdomain<<", d_sd.qname()="<<d_sd.qname()<<endl);
 
     B.lookup(QType(QType::DNAME), subdomain, d_sd.domain_id, &p);
     while(B.get(rr)) {
@@ -365,12 +367,15 @@ void PacketHandler::getBestDNAMESynth(DNSPacket& p, DNSName &target, vector<DNSZ
       target = getRR<CNAMERecordContent>(rr.dr)->getTarget();
       ret.push_back(rr);
     }
-    if(!ret.empty())
+    if(!ret.empty()) {
       return;
-    if(subdomain.countLabels())
+    }
+    if(subdomain.countLabels()) {
       prefix.appendRawLabel(subdomain.getRawLabels()[0]); // XXX DNSName pain this feels wrong
-    if(subdomain == d_sd.qname) // stop at SOA
+    }
+    if(subdomain == d_sd.qname()) { // stop at SOA
       break;
+    }
 
   } while( subdomain.chopOff() );   // 'www.powerdns.org' -> 'powerdns.org' -> 'org' -> ''
   return;
@@ -423,7 +428,7 @@ bool PacketHandler::getBestWildcard(DNSPacket& p, const DNSName &target, DNSName
           //    noCache=true;
           DLOG(g_log<<"Executing Lua: '"<<rec->getCode()<<"'"<<endl);
           try {
-            auto recvec=luaSynth(rec->getCode(), target, rr, d_sd.qname, p, rec->d_type, s_LUA);
+            auto recvec=luaSynth(rec->getCode(), target, rr, d_sd.qname(), p, rec->d_type, s_LUA);
             for (const auto& r : recvec) {
               rr.dr.d_type = rec->d_type; // might be CNAME
               rr.dr.setContent(r);
@@ -458,8 +463,9 @@ bool PacketHandler::getBestWildcard(DNSPacket& p, const DNSName &target, DNSName
       haveSomething=true;
     }
 
-    if ( subdomain == d_sd.qname || haveSomething ) // stop at SOA or result
+    if ( subdomain == d_sd.qname() || haveSomething ) { // stop at SOA or result
       break;
+    }
 
     B.lookup(QType(QType::ANY), subdomain, d_sd.domain_id, &p);
     if (B.get(rr)) {
@@ -481,7 +487,7 @@ DNSName PacketHandler::doAdditionalServiceProcessing(const DNSName &firstTarget,
     DNSZoneRecord rr;
     done = true;
 
-    if(!ret.isPartOf(d_sd.qname)) {
+    if(!ret.isPartOf(d_sd.qname())) {
       continue;
     }
 
@@ -560,7 +566,7 @@ void PacketHandler::doAdditionalProcessing(DNSPacket& p, std::unique_ptr<DNSPack
             B.lookup(QType(QType::SRV), content, d_sd.domain_id, &p);
             while(B.get(dzr)) {
               content=getRR<SRVRecordContent>(dzr.dr)->d_target;
-              if(content.isPartOf(d_sd.qname)) {
+              if(content.isPartOf(d_sd.qname())) {
                 lookup.emplace(content);
               }
               dzr.dr.d_place=DNSResourceRecord::ADDITIONAL;
@@ -573,7 +579,7 @@ void PacketHandler::doAdditionalProcessing(DNSPacket& p, std::unique_ptr<DNSPack
         default:
           continue;
       }
-      if(!content.empty() && content.isPartOf(d_sd.qname)) {
+      if(!content.empty() && content.isPartOf(d_sd.qname())) {
         lookup.emplace(content);
       }
     }
@@ -664,7 +670,7 @@ void PacketHandler::emitNSEC(std::unique_ptr<DNSPacket>& r, const DNSName& name,
 
   nrc.set(QType::NSEC);
   nrc.set(QType::RRSIG);
-  if(d_sd.qname == name) {
+  if(d_sd.qname() == name) {
     nrc.set(QType::SOA); // 1dfd8ad SOA can live outside the records table
     if(!d_dk.isPresigned(d_sd.zonename)) {
       auto keyset = d_dk.getKeys(d_sd.zonename);
@@ -749,7 +755,7 @@ void PacketHandler::emitNSEC3(std::unique_ptr<DNSPacket>& r, const NSEC3PARAMRec
   DNSZoneRecord rr;
 
   if(!name.empty()) {
-    if (d_sd.qname == name) {
+    if (d_sd.qname() == name) {
       n3rc.set(QType::SOA); // 1dfd8ad SOA can live outside the records table
       n3rc.set(QType::NSEC3PARAM);
       if(!d_dk.isPresigned(d_sd.zonename)) {
@@ -819,7 +825,7 @@ void PacketHandler::emitNSEC3(std::unique_ptr<DNSPacket>& r, const NSEC3PARAMRec
     n3rc.set(QType::RRSIG);
   }
 
-  rr.dr.d_name = DNSName(toBase32Hex(namehash))+d_sd.qname;
+  rr.dr.d_name = DNSName(toBase32Hex(namehash))+d_sd.qname();
   rr.dr.d_ttl = d_sd.getNegativeTTL();
   rr.dr.d_type=QType::NSEC3;
   rr.dr.setContent(std::make_shared<NSEC3RecordContent>(std::move(n3rc)));
@@ -877,7 +883,7 @@ bool PacketHandler::getNSEC3Hashes(bool narrow, const std::string& hashed, bool
 
 void PacketHandler::addNSEC3(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName& target, const DNSName& wildcard, const NSEC3PARAMRecordContent& ns3rc, bool narrow, int mode)
 {
-  DLOG(g_log<<"addNSEC3() mode="<<mode<<" auth="<<d_sd.qname<<" target="<<target<<" wildcard="<<wildcard<<endl);
+  DLOG(g_log<<"addNSEC3() mode="<<mode<<" auth="<<d_sd.qname()<<" target="<<target<<" wildcard="<<wildcard<<endl);
 
   if (d_sd.db == nullptr) {
     if(!B.getSOAUncached(d_sd.zonename, d_sd)) {
@@ -892,7 +898,7 @@ void PacketHandler::addNSEC3(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const
     // zone in a second, DNSSEC-capable backend, which caused d_dnssec to
     // be set to true. While it would be nice to support such a zone
     // configuration, we don't. Log a warning and skip DNSSEC processing.
-    g_log << Logger::Notice << "Backend for zone '" << d_sd.qname << "' does not support DNSSEC operation, not adding NSEC3 hashes" << endl;
+    g_log << Logger::Notice << "Backend for zone '" << d_sd.qname() << "' does not support DNSSEC operation, not adding NSEC3 hashes" << endl;
     return;
   }
 
@@ -919,7 +925,7 @@ void PacketHandler::addNSEC3(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const
 
       bool doBreak = false;
       DNSZoneRecord rr;
-      while( closest.chopOff() && (closest != d_sd.qname))  { // stop at SOA
+      while( closest.chopOff() && (closest != d_sd.qname()))  { // stop at SOA
         B.lookup(QType(QType::ANY), closest, d_sd.domain_id, &p);
         while(B.get(rr))
           if (rr.auth)
@@ -972,7 +978,7 @@ void PacketHandler::addNSEC3(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const
 
 void PacketHandler::addNSEC(DNSPacket& /* p */, std::unique_ptr<DNSPacket>& r, const DNSName& target, const DNSName& wildcard, int mode)
 {
-  DLOG(g_log<<"addNSEC() mode="<<mode<<" auth="<<d_sd.qname<<" target="<<target<<" wildcard="<<wildcard<<endl);
+  DLOG(g_log<<"addNSEC() mode="<<mode<<" auth="<<d_sd.qname()<<" target="<<target<<" wildcard="<<wildcard<<endl);
 
   if (d_sd.db == nullptr) {
     if(!B.getSOAUncached(d_sd.zonename, d_sd)) {
@@ -987,7 +993,7 @@ void PacketHandler::addNSEC(DNSPacket& /* p */, std::unique_ptr<DNSPacket>& r, c
     // zone in a second, DNSSEC-capable backend, which caused d_dnssec to
     // be set to true. While it would be nice to support such a zone
     // configuration, we don't. Log a warning and skip DNSSEC processing.
-    g_log << Logger::Notice << "Backend for zone '" << d_sd.qname << "' does not support DNSSEC operation, not adding NSEC records" << endl;
+    g_log << Logger::Notice << "Backend for zone '" << d_sd.qname() << "' does not support DNSSEC operation, not adding NSEC records" << endl;
     return;
   }
 
@@ -1309,7 +1315,7 @@ bool PacketHandler::tryReferral(DNSPacket& p, std::unique_ptr<DNSPacket>& r, con
 void PacketHandler::completeANYRecords(DNSPacket& p, std::unique_ptr<DNSPacket>& r, const DNSName &target)
 {
   addNSECX(p, r, target, DNSName(), 5);
-  if(d_sd.qname == p.qdomain) {
+  if(d_sd.qname() == p.qdomain) {
     if(!d_dk.isPresigned(d_sd.zonename)) {
       addDNSKEY(p, r);
       addCDNSKEY(p, r);
@@ -1599,11 +1605,11 @@ bool PacketHandler::opcodeQueryInner2(DNSPacket& pkt, queryState &state, bool re
     }
     return true;
   }
-  DLOG(g_log<<Logger::Error<<"We have authority, zone='"<<d_sd.qname<<"', id="<<d_sd.domain_id<<", zonename="<<d_sd.zonename<<endl);
+  DLOG(g_log<<Logger::Error<<"We have authority, zone='"<<d_sd.qname()<<"', id="<<d_sd.domain_id<<", zonename="<<d_sd.zonename<<endl);
 
   if (!retargeted) {
     state.r->qdomainzone = d_sd.zonename;
-  } else if (!d_doResolveAcrossZones && state.r->qdomainzone.operator const DNSName&() != d_sd.qname) {
+  } else if (!d_doResolveAcrossZones && state.r->qdomainzone.operator const DNSName&() != d_sd.qname()) {
     // We are following a retarget outside the initial zone. Config asked us not to do that.
     return true;
   }
@@ -1612,7 +1618,7 @@ bool PacketHandler::opcodeQueryInner2(DNSPacket& pkt, queryState &state, bool re
   d_dnssec=(pkt.d_dnssecOk && d_dk.isSecuredZone(d_sd.zonename));
   state.doSigs |= d_dnssec;
 
-  if(d_sd.qname==pkt.qdomain) {
+  if(d_sd.qname()==pkt.qdomain) {
     if(!d_dk.isPresigned(d_sd.zonename)) {
       switch (pkt.qtype.getCode()) {
       case QType::DNSKEY:
@@ -1639,7 +1645,7 @@ bool PacketHandler::opcodeQueryInner2(DNSPacket& pkt, queryState &state, bool re
     }
   }
 
-  if(pkt.qtype.getCode() == QType::SOA && d_sd.qname==pkt.qdomain) {
+  if(pkt.qtype.getCode() == QType::SOA && d_sd.qname()==pkt.qdomain) {
     zrr=makeEditedDNSZRFromSOAData(d_dk, d_sd);
     state.r->addRecord(std::move(zrr));
     return true;
@@ -1697,7 +1703,7 @@ bool PacketHandler::opcodeQueryInner2(DNSPacket& pkt, queryState &state, bool re
       if(rec->d_type == QType::CNAME || rec->d_type == pkt.qtype.getCode() || (pkt.qtype.getCode() == QType::ANY && rec->d_type != QType::RRSIG)) {
         state.noCache=true;
         try {
-          auto recvec=luaSynth(rec->getCode(), state.target, zrr, d_sd.qname, pkt, rec->d_type, s_LUA);
+          auto recvec=luaSynth(rec->getCode(), state.target, zrr, d_sd.qname(), pkt, rec->d_type, s_LUA);
           if(!recvec.empty()) {
             for (const auto& r_it : recvec) {
               zrr.dr.d_type = rec->d_type; // might be CNAME
@@ -1736,7 +1742,7 @@ bool PacketHandler::opcodeQueryInner2(DNSPacket& pkt, queryState &state, bool re
       weDone=true;
     }
     // the line below fakes 'unauth NS' for delegations for non-DNSSEC backends.
-    if((zrr.dr.d_type == pkt.qtype.getCode() && !zrr.auth) || (zrr.dr.d_type == QType::NS && (!zrr.auth || !(d_sd.qname==zrr.dr.d_name)))) {
+    if((zrr.dr.d_type == pkt.qtype.getCode() && !zrr.auth) || (zrr.dr.d_type == QType::NS && (!zrr.auth || !(d_sd.qname()==zrr.dr.d_name)))) {
       weHaveUnauth=true;
     }
 
@@ -1762,7 +1768,7 @@ bool PacketHandler::opcodeQueryInner2(DNSPacket& pkt, queryState &state, bool re
   }
 
   /* Add in SOA if required */
-  if(state.target==d_sd.qname) {
+  if(state.target==d_sd.qname()) {
       zrr=makeEditedDNSZRFromSOAData(d_dk, d_sd);
       rrset.push_back(zrr);
   }
@@ -1900,9 +1906,9 @@ bool PacketHandler::opcodeQueryInner2(DNSPacket& pkt, queryState &state, bool re
     }
     // check whether this could be fixed easily
     // if (*(zrr.dr.d_name.rbegin()) == '.') {
-    //      g_log<<Logger::Error<<"Should not get here ("<<pkt.qdomain<<"|"<<pkt.qtype.toString()<<"): you have a trailing dot, this could be the problem (or run pdnsutil rectify-zone " <<d_sd.qname<<")"<<endl;
+    //      g_log<<Logger::Error<<"Should not get here ("<<pkt.qdomain<<"|"<<pkt.qtype.toString()<<"): you have a trailing dot, this could be the problem (or run pdnsutil rectify-zone " <<d_sd.qname()<<")"<<endl;
     // } else {
-         g_log<<Logger::Error<<"Should not get here ("<<pkt.qdomain<<"|"<<pkt.qtype.toString()<<"): please run pdnsutil rectify-zone "<<d_sd.qname<<endl;
+         g_log<<Logger::Error<<"Should not get here ("<<pkt.qdomain<<"|"<<pkt.qtype.toString()<<"): please run pdnsutil rectify-zone "<<d_sd.qname()<<endl;
     // }
   }
   else {
diff --git a/pdns/serialtweaker.cc b/pdns/serialtweaker.cc
index fae69d48cb..57fcdfb670 100644
--- a/pdns/serialtweaker.cc
+++ b/pdns/serialtweaker.cc
@@ -153,7 +153,7 @@ bool makeIncreasedSOARecord(SOAData& sd, const string& increaseKind, const strin
     return false;
 
   sd.serial = calculateIncreaseSOA(sd.serial, increaseKind, editKind, sd.zonename);
-  rrout.qname = sd.qname;
+  rrout.qname = sd.qname();
   rrout.content = makeSOAContent(sd)->getZoneRepresentation(true);
   rrout.qtype = QType::SOA;
   rrout.domain_id = sd.domain_id;
@@ -168,7 +168,7 @@ DNSZoneRecord makeEditedDNSZRFromSOAData(DNSSECKeeper& dk, const SOAData& sd, DN
   edited.serial = calculateEditSOA(sd.serial, dk, sd.zonename);
 
   DNSRecord soa;
-  soa.d_name = sd.qname;
+  soa.d_name = sd.qname();
   soa.d_type = QType::SOA;
   soa.d_ttl = sd.ttl;
   soa.d_place = place;
diff --git a/pdns/tcpreceiver.cc b/pdns/tcpreceiver.cc
index 8dfa2d9e03..53952774d0 100644
--- a/pdns/tcpreceiver.cc
+++ b/pdns/tcpreceiver.cc
@@ -1034,7 +1034,7 @@ send:
     if(securedZone && (loopZRR.auth || loopZRR.dr.d_type == QType::NS)) {
       if (NSEC3Zone || loopZRR.dr.d_type) {
         if (presignedZone && NSEC3Zone && loopZRR.dr.d_type == QType::RRSIG && getRR<RRSIGRecordContent>(loopZRR.dr)->d_type == QType::NSEC3) {
-          keyname = loopZRR.dr.d_name.makeRelative(sd.qname);
+          keyname = loopZRR.dr.d_name.makeRelative(sd.qname());
         } else {
           keyname = NSEC3Zone ? DNSName(toBase32Hex(hashQNameWithSalt(ns3pr, loopZRR.dr.d_name))) : loopZRR.dr.d_name;
         }
@@ -1099,7 +1099,7 @@ send:
               inext = nsecxrepo.begin();
           }
           n3rc.d_nexthash = fromBase32Hex(inext->first.toStringNoDot());
-          zrr.dr.d_name = iter->first+sd.qname;
+          zrr.dr.d_name = iter->first+sd.qname();
 
           zrr.dr.d_ttl = sd.getNegativeTTL();
           zrr.dr.setContent(std::make_shared<NSEC3RecordContent>(std::move(n3rc)));
diff --git a/pdns/test-ueberbackend_cc.cc b/pdns/test-ueberbackend_cc.cc
index 87dc7ef4e6..bafec12cb2 100644
--- a/pdns/test-ueberbackend_cc.cc
+++ b/pdns/test-ueberbackend_cc.cc
@@ -271,7 +271,6 @@ public:
       fillSOAData(range.first->d_content, *soadata);
       soadata->ttl = range.first->d_ttl;
       soadata->zonename = best;
-      soadata->qname = soadata->zonename.operator const DNSName&();
       soadata->domain_id = static_cast<int>(zoneId);
       return true;
     }
diff --git a/pdns/ueberbackend.cc b/pdns/ueberbackend.cc
index 4d0c785a58..d151232fbe 100644
--- a/pdns/ueberbackend.cc
+++ b/pdns/ueberbackend.cc
@@ -423,7 +423,6 @@ bool UeberBackend::fillSOAFromZoneRecord(ZoneName& shorter, const domainid_t zon
 
   // Fill soaData.
   soaData->zonename = shorter.makeLowerCase();
-  soaData->qname = soaData->zonename.operator const DNSName&();
 
   try {
     fillSOAData(zoneRecord, *soaData);
@@ -458,7 +457,6 @@ UeberBackend::CacheResult UeberBackend::fillSOAFromCache(SOAData* soaData, ZoneN
 
     soaData->db = backends.size() == 1 ? backends.begin()->get() : nullptr;
     soaData->zonename = shorter.makeLowerCase();
-    soaData->qname = soaData->zonename.operator const DNSName&();
   }
   else if (cacheResult == CacheResult::NegativeMatch && d_negcache_ttl != 0U) {
     DLOG(g_log << Logger::Error << "has neg cache entry: " << shorter << endl);
@@ -476,12 +474,12 @@ static std::vector<std::unique_ptr<DNSBackend>>::iterator findBestMatchingBacken
 
     auto wirelength = shorter.operator const DNSName&().wirelength();
     if (bestMatch->first < wirelength) {
-      DLOG(g_log << Logger::Error << "skipped, we already found a shorter best match in this backend: " << bestMatch->second.qname << endl);
+      DLOG(g_log << Logger::Error << "skipped, we already found a shorter best match in this backend: " << bestMatch->second.qname() << endl);
       continue;
     }
 
     if (bestMatch->first == wirelength) {
-      DLOG(g_log << Logger::Error << "use shorter best match: " << bestMatch->second.qname << endl);
+      DLOG(g_log << Logger::Error << "use shorter best match: " << bestMatch->second.qname() << endl);
       *soaData = bestMatch->second;
       break;
     }
@@ -489,16 +487,16 @@ static std::vector<std::unique_ptr<DNSBackend>>::iterator findBestMatchingBacken
     DLOG(g_log << Logger::Error << "lookup: " << shorter << endl);
 
     if ((*backend)->getAuth(shorter, soaData)) {
-      DLOG(g_log << Logger::Error << "got: " << soaData->qname << endl);
+      DLOG(g_log << Logger::Error << "got: " << soaData->zonename << endl);
 
-      if (!soaData->qname.empty() && !shorter.isPartOf(soaData->qname)) {
-        throw PDNSException("getAuth() returned an SOA for the wrong zone. Zone '" + soaData->qname.toLogString() + "' is not part of '" + shorter.toLogString() + "'");
+      if (!soaData->qname().empty() && !shorter.isPartOf(soaData->qname())) {
+        throw PDNSException("getAuth() returned an SOA for the wrong zone. Zone '" + soaData->qname().toLogString() + "' is not part of '" + shorter.toLogString() + "'");
       }
 
-      bestMatch->first = soaData->qname.wirelength();
+      bestMatch->first = soaData->qname().wirelength();
       bestMatch->second = *soaData;
 
-      if (soaData->qname == shorter.operator const DNSName&()) {
+      if (soaData->qname() == shorter.operator const DNSName&()) {
         break;
       }
     }
@@ -513,11 +511,11 @@ static std::vector<std::unique_ptr<DNSBackend>>::iterator findBestMatchingBacken
 static bool foundTarget(const ZoneName& target, const ZoneName& shorter, const QType& qtype, [[maybe_unused]] SOAData* soaData, const bool found)
 {
   if (found == (qtype == QType::DS) || target != shorter) {
-    DLOG(g_log << Logger::Error << "found: " << soaData->qname << endl);
+    DLOG(g_log << Logger::Error << "found: " << soaData->qname() << endl);
     return true;
   }
 
-  DLOG(g_log << Logger::Error << "chasing next: " << soaData->qname << endl);
+  DLOG(g_log << Logger::Error << "chasing next: " << soaData->qname() << endl);
   return false;
 }
 
@@ -615,14 +613,14 @@ bool UeberBackend::getAuth(const ZoneName& target, const QType& qtype, SOAData*
       }
 
       if (d_cache_ttl != 0) {
-        DLOG(g_log << Logger::Error << "add pos cache entry: " << soaData->qname << endl);
+        DLOG(g_log << Logger::Error << "add pos cache entry: " << soaData->qname() << endl);
 
         d_question.qtype = QType::SOA;
-        d_question.qname = soaData->qname;
+        d_question.qname = soaData->qname();
         d_question.zoneId = zoneId;
 
         DNSZoneRecord resourceRecord;
-        resourceRecord.dr.d_name = soaData->qname;
+        resourceRecord.dr.d_name = soaData->qname();
         resourceRecord.dr.d_type = QType::SOA;
         resourceRecord.dr.setContent(makeSOAContent(*soaData));
         resourceRecord.dr.d_ttl = soaData->ttl;
@@ -654,12 +652,12 @@ bool UeberBackend::getSOAUncached(const ZoneName& domain, SOAData& soaData)
       continue;
     }
     if (backend->getSOA(domain, UnknownDomainID, soaData)) {
-      if (domain.operator const DNSName&() != soaData.qname) {
-        throw PDNSException("getSOA() returned an SOA for the wrong zone. Question: '" + domain.toLogString() + "', answer: '" + soaData.qname.toLogString() + "'");
+      if (domain.operator const DNSName&() != soaData.qname()) {
+        throw PDNSException("getSOA() returned an SOA for the wrong zone. Question: '" + domain.toLogString() + "', answer: '" + soaData.qname().toLogString() + "'");
       }
       if (d_cache_ttl != 0U) {
         DNSZoneRecord zoneRecord;
-        zoneRecord.dr.d_name = soaData.qname;
+        zoneRecord.dr.d_name = soaData.qname();
         zoneRecord.dr.d_type = QType::SOA;
         zoneRecord.dr.setContent(makeSOAContent(soaData));
         zoneRecord.dr.d_ttl = soaData.ttl;