From ed7d9536ab43662b8cb3c1fa724f4b4e66a26d82 Mon Sep 17 00:00:00 2001
From: Peter van Dijk <peter.van.dijk@powerdns.com>
Date: Thu, 12 Oct 2017 12:26:37 +0200
Subject: [PATCH] ignore SOA-EDIT for PRESIGNED zones. Fixes #5814

(cherry picked from commit 3ba1065625b2067da6058fa3e213fbb501b2b536)
---
 pdns/dbdnsseckeeper.cc                              | 7 ++++++-
 regression-tests.nobackend/counters/expected_result | 2 +-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/pdns/dbdnsseckeeper.cc b/pdns/dbdnsseckeeper.cc
index b8662b8e97..9b9075817c 100644
--- a/pdns/dbdnsseckeeper.cc
+++ b/pdns/dbdnsseckeeper.cc
@@ -229,9 +229,14 @@ void DNSSECKeeper::getSoaEdit(const DNSName& zname, std::string& value)
   static const string soaEdit(::arg()["default-soa-edit"]);
   static const string soaEditSigned(::arg()["default-soa-edit-signed"]);
 
+  if (isPresigned(zname)) {
+    // SOA editing on a presigned zone never makes sense
+    return;
+  }
+
   getFromMeta(zname, "SOA-EDIT", value);
 
-  if ((!soaEdit.empty() || !soaEditSigned.empty()) && value.empty() && !isPresigned(zname)) {
+  if ((!soaEdit.empty() || !soaEditSigned.empty()) && value.empty()) {
     if (!soaEditSigned.empty() && isSecuredZone(zname))
       value=soaEditSigned;
     if (value.empty())
diff --git a/regression-tests.nobackend/counters/expected_result b/regression-tests.nobackend/counters/expected_result
index c68b39f9b1..db87c4cea1 100644
--- a/regression-tests.nobackend/counters/expected_result
+++ b/regression-tests.nobackend/counters/expected_result
@@ -8,7 +8,7 @@ dnsupdate-queries=0
 dnsupdate-refused=0
 incoming-notifications=0
 key-cache-size=0
-meta-cache-size=1
+meta-cache-size=2
 overload-drops=0
 packetcache-size=8
 qsize-q=0
-- 
2.47.2