Commit 1b20ae9f authored by Jan Kadlec's avatar Jan Kadlec

Do not shallow copy zone when applying DNSSEC changeset after DDNS.

parent 145c1e5e
......@@ -1243,14 +1243,14 @@ static int zones_process_update_auth(knot_zone_t *zone,
}
bool new_signatures = !knot_changeset_is_empty(sec_ch);
knot_zone_contents_t *dnssec_contents = NULL;
// Apply DNSSEC changeset
if (new_signatures) {
// Set zone generation to old, else applying fails
knot_zone_contents_set_gen_old(new_contents);
ret = xfrin_apply_changesets(fake_zone, sec_chs,
&dnssec_contents, true,
sorted_changes);
ret = xfrin_apply_changesets_dnssec(old_contents,
new_contents,
sec_chs,
chgsets,
true,
sorted_changes);
knot_zone_clear_sorted_changes(sorted_changes);
hattrie_free(sorted_changes);
if (ret != KNOT_EOK) {
......@@ -1260,7 +1260,6 @@ static int zones_process_update_auth(knot_zone_t *zone,
zones_free_merged_changesets(chgsets, sec_chs);
return ret;
}
assert(dnssec_contents);
// Plan zone resign if needed
zonedata_t *zd = (zonedata_t *)zone->data;
......@@ -1309,9 +1308,7 @@ static int zones_process_update_auth(knot_zone_t *zone,
// Switch zone contents.
knot_zone_retain(zone); /* Retain pointer for safe RCU unlock. */
rcu_read_unlock(); /* Unlock for switch. */
ret = xfrin_switch_zone(zone,
dnssec_contents ? dnssec_contents : new_contents,
XFR_TYPE_UPDATE);
ret = xfrin_switch_zone(zone, new_contents, XFR_TYPE_UPDATE);
rcu_read_lock(); /* Relock */
knot_zone_release(zone);/* Release held pointer. */
if (ret != KNOT_EOK) {
......
......@@ -4208,7 +4208,7 @@ int knot_ns_process_update(const knot_packet_t *query,
// 3) Finalize zone
dbg_ns_verb("Finalizing updated zone...\n");
ret = xfrin_finalize_updated_zone(contents_copy, chgs->changes, false,
ret = xfrin_finalize_updated_zone(contents_copy, false,
NULL);
if (ret != KNOT_EOK) {
dbg_ns("Failed to finalize updated zone: %s\n",
......
......@@ -2568,10 +2568,10 @@ int xfrin_prepare_zone_copy(knot_zone_contents_t *old_contents,
/*----------------------------------------------------------------------------*/
int xfrin_finalize_updated_zone(knot_zone_contents_t *contents_copy,
knot_changes_t *changes, bool set_nsec3,
bool set_nsec3,
const hattrie_t *sorted_changes)
{
if (contents_copy == NULL || changes == NULL) {
if (contents_copy == NULL) {
return KNOT_EINVAL;
}
......@@ -2621,6 +2621,49 @@ int xfrin_finalize_updated_zone(knot_zone_contents_t *contents_copy,
/*----------------------------------------------------------------------------*/
/* Post-DDNS application, no need to shallow copy. */
int xfrin_apply_changesets_dnssec(knot_zone_contents_t *z_old,
knot_zone_contents_t *z_new,
knot_changesets_t *sec_chsets,
knot_changesets_t *chsets,
bool full_adjust,
const hattrie_t *sorted_changes)
{
if (z_old == NULL || z_new == NULL ||
sec_chsets == NULL || chsets == NULL) {
return KNOT_EINVAL;
}
/* Set generation to old. Zone should be long locked at this point. */
knot_zone_contents_set_gen_old(z_new);
/* Apply changes. */
knot_changeset_t *set = NULL;
WALK_LIST(set, chsets->sets) {
int ret = xfrin_apply_changeset(z_new,
chsets->changes, set);
if (ret != KNOT_EOK) {
xfrin_rollback_update(z_old, &z_new, chsets->changes);
dbg_xfrin("Failed to apply changesets to zone: "
"%s\n", knot_strerror(ret));
return ret;
}
}
int ret = xfrin_finalize_updated_zone(z_new,
full_adjust, sorted_changes);
if (ret != KNOT_EOK) {
dbg_xfrin("Failed to finalize updated zone: %s\n",
knot_strerror(ret));
xfrin_rollback_update(z_old, &z_new, chsets->changes);
return ret;
}
return ret;
}
/*----------------------------------------------------------------------------*/
int xfrin_apply_changesets(knot_zone_t *zone,
knot_changesets_t *chsets,
knot_zone_contents_t **new_contents,
......@@ -2672,7 +2715,7 @@ int xfrin_apply_changesets(knot_zone_t *zone,
*/
dbg_xfrin_verb("Finalizing updated zone...\n");
ret = xfrin_finalize_updated_zone(contents_copy, chsets->changes,
ret = xfrin_finalize_updated_zone(contents_copy,
full_adjust, sorted_changes);
if (ret != KNOT_EOK) {
dbg_xfrin("Failed to finalize updated zone: %s\n",
......
......@@ -177,20 +177,24 @@ void xfrin_free_changesets(knot_changesets_t **changesets);
*/
int xfrin_process_ixfr_packet(knot_ns_xfr_t *xfr);
int xfrin_apply_changesets_to_zone(knot_zone_t *zone,
knot_changesets_t *chsets);
int xfrin_apply_changesets(knot_zone_t *zone,
knot_changesets_t *chsets,
knot_zone_contents_t **new_contents,
bool full_adjust,
const hattrie_t *sorted_changes);
int xfrin_apply_changesets_dnssec(knot_zone_contents_t *z_old,
knot_zone_contents_t *z_new,
knot_changesets_t *sec_chsets,
knot_changesets_t *chsets,
bool full_adjust,
const hattrie_t *sorted_changes);
int xfrin_prepare_zone_copy(knot_zone_contents_t *old_contents,
knot_zone_contents_t **new_contents);
int xfrin_finalize_updated_zone(knot_zone_contents_t *contents_copy,
knot_changes_t *changes, bool set_nsec3,
bool set_nsec3,
const hattrie_t *sorted_changes);
int xfrin_switch_zone(knot_zone_t *zone,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment