From: Kees Monshouwer <mind04@monshouwer.org>
Date: Mon, 19 Oct 2020 12:24:56 +0000 (+0200)
Subject: auth: remove SOA filling
X-Git-Tag: auth-4.4.0-alpha2~27^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=76e48a5a4299c18e9d358953cf6decae7d7694f9;p=thirdparty%2Fpdns.git

auth: remove SOA filling
---

diff --git a/docs/settings.rst b/docs/settings.rst
index a29c7d6ae8..6c4ef91c9e 100644
--- a/docs/settings.rst
+++ b/docs/settings.rst
@@ -403,6 +403,18 @@ See the :ref:`metadata-publish-cdnskey-publish-cds` docs for more information.
 The default PUBLISH-CDS value for zones that do not have one individually specified.
 See the :ref:`metadata-publish-cdnskey-publish-cds` docs for more information.
 
+.. _setting-default-soa-content:
+
+``default-soa-content``
+--------------------
+
+-  String
+-  Default: a.misconfigured.powerdns.server hostmaster.@ 0 10800 3600 604800 3600
+
+.. versionadded:: 4.4.0
+
+This value is used when a zone is created without providing a SOA record. @ is replaced by the zone name.
+
 .. _setting-default-soa-edit:
 
 ``default-soa-edit``
@@ -434,7 +446,7 @@ Overrides :ref:`setting-default-soa-edit`
 -  String
 
 .. deprecated:: 4.2.0
-  This setting has been deprecated and will be removed in 4.4.0
+  This setting has been removed in 4.4.0
 
 Mail address to insert in the SOA record if none set in the backend.
 
@@ -447,7 +459,7 @@ Mail address to insert in the SOA record if none set in the backend.
 -  Default: a.misconfigured.powerdns.server
 
 .. deprecated:: 4.2.0
-  This setting has been deprecated and will be removed in 4.4.0
+  This setting has been removed in 4.4.0
 
 Name to insert in the SOA record if none set in the backend.
 
@@ -1544,7 +1556,7 @@ See :ref:`metadata-slave-renotify` to set this per-zone.
 -  Default: 604800
 
 .. deprecated:: 4.2.0
-  This setting has been deprecated and will be removed in 4.4.0
+  This setting has been removed in 4.4.0
 
 Default :ref:`types-soa` expire.
 
@@ -1557,7 +1569,7 @@ Default :ref:`types-soa` expire.
 -  Default: 3600
 
 .. deprecated:: 4.2.0
-  This setting has been deprecated and will be removed in 4.4.0
+  This setting has been removed in 4.4.0
 
 Default :ref:`types-soa` minimum ttl.
 
@@ -1570,7 +1582,7 @@ Default :ref:`types-soa` minimum ttl.
 -  Default: 10800
 
 .. deprecated:: 4.2.0
-  This setting has been deprecated and will be removed in 4.4.0
+  This setting has been removed in 4.4.0
 
 Default :ref:`types-soa` refresh.
 
@@ -1583,7 +1595,7 @@ Default :ref:`types-soa` refresh.
 -  Default: 3600
 
 .. deprecated:: 4.2.0
-  This setting has been deprecated and will be removed in 4.4.0
+  This setting has been removed in 4.4.0
 
 Default :ref:`types-soa` retry.
 
diff --git a/pdns/backends/gsql/gsqlbackend.cc b/pdns/backends/gsql/gsqlbackend.cc
index 3f9372fd25..241bb818d1 100644
--- a/pdns/backends/gsql/gsqlbackend.cc
+++ b/pdns/backends/gsql/gsqlbackend.cc
@@ -1404,9 +1404,11 @@ void GSQLBackend::getAllDomains(vector<DomainInfo> *domains, bool include_disabl
         }
       }
 
-      SOAData sd;
-      fillSOAData(row[2], sd);
-      di.serial = sd.serial;
+      if(!row[2].empty()) {
+        SOAData sd;
+        fillSOAData(row[2], sd);
+        di.serial = sd.serial;
+      }
       try {
         di.notified_serial = pdns_stou(row[5]);
         di.last_check = pdns_stou(row[6]);
diff --git a/pdns/common_startup.cc b/pdns/common_startup.cc
index 8807c10c61..6b8893b291 100644
--- a/pdns/common_startup.cc
+++ b/pdns/common_startup.cc
@@ -121,8 +121,6 @@ void declareArguments()
   ::arg().set("loglevel","Amount of logging. Higher is more. Do not set below 3")="4";
   ::arg().set("disable-syslog","Disable logging to syslog, useful when running inside a supervisor that logs stdout")="no";
   ::arg().set("log-timestamp","Print timestamps in log lines")="yes";
-  ::arg().set("default-soa-name","name to insert in the SOA record if none set in the backend")="a.misconfigured.powerdns.server";
-  ::arg().set("default-soa-mail","mail address to insert in the SOA record if none set in the backend")="";
   ::arg().set("distributor-threads","Default number of Distributor (backend) threads to start")="3";
   ::arg().set("signing-threads","Default number of signer threads to start")="3";
   ::arg().set("receiver-threads","Default number of receiver threads to start")="1";
@@ -175,11 +173,8 @@ void declareArguments()
   ::arg().set("cache-ttl","Seconds to store packets in the PacketCache")="20";
   ::arg().set("negquery-cache-ttl","Seconds to store negative query results in the QueryCache")="60";
   ::arg().set("query-cache-ttl","Seconds to store query results in the QueryCache")="20";
-  ::arg().set("soa-minimum-ttl","Default SOA minimum ttl")="3600";
   ::arg().set("server-id", "Returned when queried for 'id.server' TXT or NSID, defaults to hostname - disabled or custom")="";
-  ::arg().set("soa-refresh-default","Default SOA refresh")="10800";
-  ::arg().set("soa-retry-default","Default SOA retry")="3600";
-  ::arg().set("soa-expire-default","Default SOA expire")="604800";
+  ::arg().set("default-soa-content","Default SOA content")="a.misconfigured.powerdns.server hostmaster.@ 0 10800 3600 604800 3600";
   ::arg().set("default-soa-edit","Default SOA-EDIT value")="";
   ::arg().set("default-soa-edit-signed","Default SOA-EDIT value for signed zones")="";
   ::arg().set("dnssec-key-cache-ttl","Seconds to cache DNSSEC keys from the database")="30";
diff --git a/pdns/dnsbackend.cc b/pdns/dnsbackend.cc
index 47b3d3aa71..12ba56b2fc 100644
--- a/pdns/dnsbackend.cc
+++ b/pdns/dnsbackend.cc
@@ -257,19 +257,10 @@ bool DNSBackend::getSOA(const DNSName &domain, SOAData &sd)
 
   if(!hits)
     return false;
-  sd.qname = domain;
-  if(!sd.nameserver.countLabels())
-    sd.nameserver= DNSName(arg()["default-soa-name"]);
-
-  if(!sd.hostmaster.countLabels()) {
-    if (!arg().isEmpty("default-soa-mail")) {
-      sd.hostmaster= DNSName(arg()["default-soa-mail"]);
-    }
-    else
-      sd.hostmaster=DNSName("hostmaster")+domain;
-  }
 
+  sd.qname = domain;
   sd.db=this;
+
   return true;
 }
 
@@ -284,37 +275,12 @@ bool DNSBackend::get(DNSZoneRecord& dzr)
   dzr.scopeMask = rr.scopeMask;
   if(rr.qtype.getCode() == QType::TXT && !rr.content.empty() && rr.content[0]!='"')
     rr.content = "\""+ rr.content + "\"";
-  if(rr.qtype.getCode() == QType::SOA) {
-    try {
-      dzr.dr = DNSRecord(rr);
-    } catch(...) {
-      vector<string> parts;
-      stringtok(parts, rr.content, " \t");
-      if(parts.size() < 1)
-        rr.content = arg()["default-soa-name"];
-      if(parts.size() < 2)
-        rr.content += " " +arg()["default-soa-mail"];
-      if(parts.size() < 3)
-        rr.content += " 0";
-      if(parts.size() < 4)
-        rr.content += " " + ::arg()["soa-refresh-default"];
-      if(parts.size() < 5)
-        rr.content += " " + ::arg()["soa-retry-default"];
-      if(parts.size() < 6)
-        rr.content += " " + ::arg()["soa-expire-default"];
-      if(parts.size() < 7)
-        rr.content += " " + ::arg()["soa-minimum-ttl"];
-      dzr.dr = DNSRecord(rr);
-    }
+  try {
+    dzr.dr = DNSRecord(rr);
   }
-  else {
-    try {
-      dzr.dr = DNSRecord(rr);
-    }
-    catch(...) {
-      while(this->get(rr));
-      throw;
-    }
+  catch(...) {
+    while(this->get(rr));
+    throw;
   }
   return true;
 }
@@ -355,41 +321,20 @@ std::shared_ptr<DNSRecordContent> makeSOAContent(const SOAData& sd)
     return std::make_shared<SOARecordContent>(sd.nameserver, sd.hostmaster, st);
 }
 
-
 void fillSOAData(const string &content, SOAData &data)
 {
-  // content consists of fields separated by spaces:
-  //  nameservername hostmaster serial-number [refresh [retry [expire [ minimum] ] ] ]
-
-  // fill out data with some plausible defaults:
-  // 10800 3600 604800 3600
   vector<string>parts;
   parts.reserve(7);
-  stringtok(parts,content);
-  int pleft=parts.size();
-
-  //  cout<<"'"<<content<<"'"<<endl;
-
-  if(pleft)
-    data.nameserver=DNSName(parts[0]);
-
-  if(pleft>1) 
-    data.hostmaster=DNSName(attodot(parts[1])); // ahu@ds9a.nl -> ahu.ds9a.nl, piet.puk@ds9a.nl -> piet\.puk.ds9a.nl
+  stringtok(parts, content);
 
   try {
-    data.serial = pleft > 2 ? pdns_stou(parts[2]) : 0;
-
-    data.refresh = pleft > 3 ? pdns_stou(parts[3])
-      : ::arg().asNum("soa-refresh-default");
-
-    data.retry = pleft > 4 ? pdns_stou(parts[4].c_str())
-      : ::arg().asNum("soa-retry-default");
-
-    data.expire = pleft > 5 ? pdns_stou(parts[5].c_str())
-      : ::arg().asNum("soa-expire-default");
-
-    data.minimum = pleft > 6 ? pdns_stou(parts[6].c_str())
-      : ::arg().asNum("soa-minimum-ttl");
+    data.nameserver = DNSName(parts.at(0));
+    data.hostmaster = DNSName(attodot(parts.at(1))); // ahu@ds9a.nl -> ahu.ds9a.nl, piet.puk@ds9a.nl -> piet\.puk.ds9a.nl
+    data.serial = pdns_stou(parts.at(2).c_str());
+    data.refresh = pdns_stou(parts.at(3).c_str());
+    data.retry = pdns_stou(parts.at(4).c_str());
+    data.expire = pdns_stou(parts.at(5).c_str());
+    data.minimum = pdns_stou(parts.at(6).c_str());
   }
   catch(const std::out_of_range& oor) {
     throw PDNSException("Out of range exception parsing "+content);
diff --git a/pdns/pdnsutil.cc b/pdns/pdnsutil.cc
index 3a6859428e..b2b5c0f3bb 100644
--- a/pdns/pdnsutil.cc
+++ b/pdns/pdnsutil.cc
@@ -126,12 +126,7 @@ static void loadMainConfig(const std::string& configdir)
   ::arg().set("cache-ttl","Seconds to store packets in the PacketCache")="20";
   ::arg().set("negquery-cache-ttl","Seconds to store negative query results in the QueryCache")="60";
   ::arg().set("query-cache-ttl","Seconds to store query results in the QueryCache")="20";
-  ::arg().set("default-soa-name","name to insert in the SOA record if none set in the backend")="a.misconfigured.powerdns.server";
-  ::arg().set("default-soa-mail","mail address to insert in the SOA record if none set in the backend")="";
-  ::arg().set("soa-refresh-default","Default SOA refresh")="10800";
-  ::arg().set("soa-retry-default","Default SOA retry")="3600";
-  ::arg().set("soa-expire-default","Default SOA expire")="604800";
-  ::arg().set("soa-minimum-ttl","Default SOA minimum ttl")="3600";
+  ::arg().set("default-soa-content","Default SOA content")="a.misconfigured.powerdns.server hostmaster.@ 0 10800 3600 604800 3600";
   ::arg().set("chroot","Switch to this chroot jail")="";
   ::arg().set("dnssec-key-cache-ttl","Seconds to cache DNSSEC keys from the database")="30";
   ::arg().set("domain-metadata-cache-ttl","Seconds to cache domain metadata from the database")="60";
@@ -1236,12 +1231,10 @@ static int createZone(const DNSName &zone, const DNSName& nsname) {
   rr.ttl = ::arg().asNum("default-ttl");
   rr.qtype = "SOA";
 
-  string soa = (boost::format("%s %s 1")
-                % (nsname.empty() ? ::arg()["default-soa-name"] : nsname.toString())
-                % (::arg().isEmpty("default-soa-mail") ? (DNSName("hostmaster.") + zone).toString() : ::arg()["default-soa-mail"])
-  ).str();
+  string soa = ::arg()["default-soa-content"];
+  boost::replace_all(soa, "@", zone.toStringNoDot());
   SOAData sd;
-  fillSOAData(soa, sd);  // fills out default values for us
+  fillSOAData(soa, sd);
   rr.content = makeSOAContent(sd)->getZoneRepresentation(true);
   rr.domain_id = di.id;
   di.backend->startTransaction(zone, di.id);
diff --git a/pdns/slavecommunicator.cc b/pdns/slavecommunicator.cc
index d2d8892b86..f361c963a3 100644
--- a/pdns/slavecommunicator.cc
+++ b/pdns/slavecommunicator.cc
@@ -643,7 +643,7 @@ void CommunicatorClass::suck(const DNSName &domain, const ComboAddress& remote,
       const auto failedEntry = d_failedSlaveRefresh.find(domain);
       if (failedEntry != d_failedSlaveRefresh.end())
         newCount = d_failedSlaveRefresh[domain].first + 1;
-      time_t nextCheck = now + std::min(newCount * d_tickinterval, (uint64_t)::arg().asNum("soa-retry-default"));
+      time_t nextCheck = now + std::min(newCount * d_tickinterval, (uint64_t)::arg().asNum("default-ttl"));
       d_failedSlaveRefresh[domain] = {newCount, nextCheck};
       g_log<<Logger::Error<<"Unable to AXFR zone '"<<domain<<"' from remote '"<<remote<<"' (resolver): "<<re.reason<<" (This was the "<<(newCount == 1 ? "first" : std::to_string(newCount) + "th")<<" time. Excluding zone from slave-checks until "<<nextCheck<<")"<<endl;
     }
@@ -920,12 +920,12 @@ void CommunicatorClass::slaveRefresh(PacketHandler *P)
       const auto failedEntry = d_failedSlaveRefresh.find(di.zone);
       if (failedEntry != d_failedSlaveRefresh.end())
         newCount = d_failedSlaveRefresh[di.zone].first + 1;
-      time_t nextCheck = now + std::min(newCount * d_tickinterval, (uint64_t)::arg().asNum("soa-retry-default"));
+      time_t nextCheck = now + std::min(newCount * d_tickinterval, (uint64_t)::arg().asNum("default-ttl"));
       d_failedSlaveRefresh[di.zone] = {newCount, nextCheck};
       if (newCount == 1) {
         g_log<<Logger::Warning<<"Unable to retrieve SOA for "<<di.zone<<
           ", this was the first time. NOTE: For every subsequent failed SOA check the domain will be suspended from freshness checks for 'num-errors x "<<
-          d_tickinterval<<" seconds', with a maximum of "<<(uint64_t)::arg().asNum("soa-retry-default")<<" seconds. Skipping SOA checks until "<<nextCheck<<endl;
+          d_tickinterval<<" seconds', with a maximum of "<<(uint64_t)::arg().asNum("default-ttl")<<" seconds. Skipping SOA checks until "<<nextCheck<<endl;
       } else if (newCount % 10 == 0) {
         g_log<<Logger::Warning<<"Unable to retrieve SOA for "<<di.zone<<", this was the "<<std::to_string(newCount)<<"th time. Skipping SOA checks until "<<nextCheck<<endl;
       }
diff --git a/pdns/ws-auth.cc b/pdns/ws-auth.cc
index 77d66a77e3..a007e4f408 100644
--- a/pdns/ws-auth.cc
+++ b/pdns/ws-auth.cc
@@ -1649,13 +1649,11 @@ static void apiServerZones(HttpRequest* req, HttpResponse* resp) {
 
     if (!have_soa && zonekind != DomainInfo::Slave) {
       // synthesize a SOA record so the zone "really" exists
-      string soa = (boost::format("%s %s %ul")
-        % ::arg()["default-soa-name"]
-        % (::arg().isEmpty("default-soa-mail") ? (DNSName("hostmaster.") + zonename).toString() : ::arg()["default-soa-mail"])
-        % document["serial"].int_value()
-      ).str();
+      string soa = ::arg()["default-soa-content"];
+      boost::replace_all(soa, "@", zonename.toStringNoDot());
       SOAData sd;
-      fillSOAData(soa, sd);  // fills out default values for us
+      fillSOAData(soa, sd);
+      sd.serial=document["serial"].int_value();
       autorr.qtype = QType::SOA;
       autorr.content = makeSOAContent(sd)->getZoneRepresentation(true);
       increaseSOARecord(autorr, soa_edit_api_kind, soa_edit_kind);
diff --git a/pdns/zone2json.cc b/pdns/zone2json.cc
index e4d0cdb1c4..b617e8239e 100644
--- a/pdns/zone2json.cc
+++ b/pdns/zone2json.cc
@@ -103,11 +103,6 @@ try
     ::arg().set("zone","Zonefile to parse")="";
     ::arg().set("zone-name","Specify an $ORIGIN in case it is not present")="";
     ::arg().set("named-conf","Bind 8/9 named.conf to parse")="";
-    
-    ::arg().set("soa-minimum-ttl","Do not change")="0";
-    ::arg().set("soa-refresh-default","Do not change")="0";
-    ::arg().set("soa-retry-default","Do not change")="0";
-    ::arg().set("soa-expire-default","Do not change")="0";
     ::arg().set("max-generate-steps", "Maximum number of $GENERATE steps when loading a zone from a file")="0";
 
     ::arg().setCmd("help","Provide a helpful message");
diff --git a/pdns/zone2sql.cc b/pdns/zone2sql.cc
index ce80131565..f86db15122 100644
--- a/pdns/zone2sql.cc
+++ b/pdns/zone2sql.cc
@@ -211,11 +211,7 @@ try
     ::arg().set("zone","Zonefile to parse")="";
     ::arg().set("zone-name","Specify an $ORIGIN in case it is not present")="";
     ::arg().set("named-conf","Bind 8/9 named.conf to parse")="";
-    
-    ::arg().set("soa-minimum-ttl","Do not change")="0";
-    ::arg().set("soa-refresh-default","Do not change")="0";
-    ::arg().set("soa-retry-default","Do not change")="0";
-    ::arg().set("soa-expire-default","Do not change")="0";
+
     ::arg().set("max-generate-steps", "Maximum number of $GENERATE steps when loading a zone from a file")="0";
 
     ::arg().setCmd("help","Provide a helpful message");