Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[pdnsutil] Do not allow increase-serial on secondary zones #15133

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
+43 −0
Open

[pdnsutil] Do not allow increase-serial on secondary zones #15133

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 43 additions & 0 deletions pdns/pdnsutil.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@ string g_programname="pdns";

namespace {
bool g_verbose;
bool g_force;
}

ArgvMap &arg()
Expand Down Expand Up @@ -945,6 +946,19 @@ static int increaseSerial(const DNSName& zone, DNSSECKeeper &dk)
return -1;
}

DomainInfo info;
if (!B.getDomainInfo(zone, info, false)) {
cout << "[Warning] Unable to get zone information for zone '" << zone << "'" << endl;
if (!g_force) {
throw PDNSException("Operation is not allowed unless --force");
}
}
else {
if (info.isSecondaryType() && !g_force) {
throw PDNSException("Operation on a secondary zone is not allowed unless --force");
}
}

string soaEditKind;
dk.getSoaEdit(zone, soaEditKind);

Expand Down Expand Up @@ -1204,6 +1218,28 @@ static int editZone(const DNSName &zone, const PDNSColors& col) {
return EXIT_FAILURE;
}

if (isatty(STDIN_FILENO) == 0) {
cerr << "edit-zone requires a terminal" << endl;
return EXIT_FAILURE;
}

if (di.isSecondaryType() && !g_force) {
cout << "Zone '" << zone << "' is a secondary zone." << endl;
while (true) {
cout << "Edit the zone anyway? (N/y) " << std::flush;
int resp = read1char();
if (resp != '\n') {
cout << endl;
}
if (resp == 'y' || resp == 'Y') {
break;
}
if (resp == 'n' || resp == 'N' || resp == '\n') {
return EXIT_FAILURE;
}
}
}

/* ensure that the temporary file will only
be accessible by the current user, not even
by other users in the same group, and certainly
Expand Down Expand Up @@ -1596,6 +1632,9 @@ static int addOrReplaceRecord(bool addOrReplace, const vector<string>& cmds) {
cerr << "Zone '" << zone << "' does not exist" << endl;
return EXIT_FAILURE;
}
if (di.isSecondaryType() && !g_force) {
throw PDNSException("Operation on a secondary zone is not allowed unless --force");
}
rr.auth = true;
rr.domain_id = di.id;
rr.qname = name;
Expand Down Expand Up @@ -1718,6 +1757,9 @@ static int deleteRRSet(const std::string& zone_, const std::string& name_, const
cerr << "Zone '" << zone << "' does not exist" << endl;
return EXIT_FAILURE;
}
if (di.isSecondaryType() && !g_force) {
throw PDNSException("Operation on a secondary zone is not allowed unless --force");
}

DNSName name;
if(name_=="@")
Expand Down Expand Up @@ -4582,6 +4624,7 @@ try
}

g_verbose = g_vm.count("verbose") != 0;
g_force = g_vm.count("force") != 0;

if (g_vm.count("version") != 0) {
cout<<"pdnsutil "<<VERSION<<endl;
Expand Down