From: Miod Vallat Date: Thu, 26 Jun 2025 15:30:27 +0000 (+0200) Subject: Merge pull request #15669 from miodvallat/serial_keyer X-Git-Tag: dnsdist-2.1.0-alpha0^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a44ba546fcaac31496ce67dcbf580e1b5804d4e0;p=thirdparty%2Fpdns.git Merge pull request #15669 from miodvallat/serial_keyer Increase zone serial number after zone key operations --- a44ba546fcaac31496ce67dcbf580e1b5804d4e0 diff --cc pdns/ws-auth.cc index 7f126ac8bb,6963409dcf..52b50e3586 --- a/pdns/ws-auth.cc +++ b/pdns/ws-auth.cc @@@ -2448,28 -2476,14 +2483,24 @@@ static void patchZone(UeberBackend& bac // edit SOA (if needed) if (!zone_disabled && !soa_edit_api_kind.empty() && !soa_edit_done) { - DNSResourceRecord resourceRecord; - if (makeIncreasedSOARecord(soaData, soa_edit_api_kind, soa_edit_kind, resourceRecord)) { - if (!domainInfo.backend->replaceRRSet(domainInfo.id, resourceRecord.qname, resourceRecord.qtype, vector(1, resourceRecord))) { - throw ApiException("Hosting backend does not support editing records."); - } - } - - // return old and new serials in headers + // return old serial in headers, before changing it resp->headers["X-PDNS-Old-Serial"] = std::to_string(soaData.serial); - fillSOAData(resourceRecord.content, soaData); + + updateZoneSerial(domainInfo, soaData, soa_edit_api_kind, soa_edit_kind); + + // return new serial in headers resp->headers["X-PDNS-New-Serial"] = std::to_string(soaData.serial); } + + // Rectify + DNSSECKeeper dnssecKeeper(&backend); + if (!zone_disabled && !dnssecKeeper.isPresigned(zonename) && isZoneApiRectifyEnabled(domainInfo)) { + string info; + string error_msg; + if (!dnssecKeeper.rectifyZone(zonename, error_msg, info, false)) { + throw ApiException("Failed to rectify '" + zonename.toStringFull() + "' " + error_msg); + } + } } catch (...) { domainInfo.backend->abortTransaction();