auth: api: patchZone() was ignoring the default-api-rectify setting

author Kees Monshouwer <mind04@monshouwer.org>

Thu, 31 Oct 2019 09:32:44 +0000 (10:32 +0100)

committer Peter van Dijk <peter.van.dijk@powerdns.com>

Thu, 21 Nov 2019 09:05:57 +0000 (10:05 +0100)
author Kees Monshouwer <mind04@monshouwer.org>
Thu, 31 Oct 2019 09:32:44 +0000 (10:32 +0100)
committer Peter van Dijk <peter.van.dijk@powerdns.com>
Thu, 21 Nov 2019 09:05:57 +0000 (10:05 +0100)
diff --git a/pdns/ws-auth.cc b/pdns/ws-auth.cc

index 5f8132f250640452742994abc06d3d4228a7560f..11a818c2c5ff137aa960238cbdc9790e42b44be6 100644 (file)
--- a/pdns/ws-auth.cc
+++ b/pdns/ws-auth.cc
@@ -2082,14 +2082,20 @@ static void patchZone(UeberBackend& B, HttpRequest* req, HttpResponse* resp) {
      throw;
    }
  
+  // Rectify
    DNSSECKeeper dk(&B);
-  string api_rectify;
-  di.backend->getDomainMetadataOne(zonename, "API-RECTIFY", api_rectify);
-  if (dk.isSecuredZone(zonename) && !dk.isPresigned(zonename) && api_rectify == "1") {
-    string error_msg = "";
-    string info;
-    if (!dk.rectifyZone(zonename, error_msg, info, false))
-      throw ApiException("Failed to rectify '" + zonename.toString() + "' " + error_msg);
+  if (!dk.isPresigned(zonename)) {
+    string api_rectify;
+    if (!di.backend->getDomainMetadataOne(zonename, "API-RECTIFY", api_rectify) && ::arg().mustDo("default-api-rectify")) {
+      api_rectify = "1";
+    }
+    if (api_rectify == "1") {
+      string info;
+      string error_msg;
+      if (!dk.rectifyZone(zonename, error_msg, info, false)) {
+        throw ApiException("Failed to rectify '" + zonename.toString() + "' " + error_msg);
+      }
+    }
    }
  
    di.backend->commitTransaction();
author	Kees Monshouwer <mind04@monshouwer.org>
	Thu, 31 Oct 2019 09:32:44 +0000 (10:32 +0100)
committer	Peter van Dijk <peter.van.dijk@powerdns.com>
	Thu, 21 Nov 2019 09:05:57 +0000 (10:05 +0100)