packages/bind
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
bind/backport-0037-Don-t-process-DNSSEC-related-and-ZONEMD-records-in-c.patch
jiangheng e9c081b514 backport bugfix patches
2023-01-09 16:44:23 +08:00

64 lines
2.1 KiB
Diff
Raw Blame History

From 1dc7288708a2c1027405d5c2b376809a335cf252 Mon Sep 17 00:00:00 2001
From: Aram Sargsyan <aram@isc.org>
Date: Wed, 1 Jun 2022 08:51:55 +0000
Subject: [PATCH] Don't process DNSSEC-related and ZONEMD records in catz
When processing a catalog zone update, skip processing records with
DNSSEC-related and ZONEMD types, because we are not interested in them
in the context of a catalog zone, and processing them will fail and
produce an unnecessary warning message.
(cherry picked from commit 73d664313703d2874c3b1a4380afdcd8ba26dc62)
Conflict: NA
Reference: https://gitlab.isc.org/isc-projects/bind9/-/commit/1dc7288708a2c1027405d5c2b376809a335cf252
---
lib/dns/catz.c | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/lib/dns/catz.c b/lib/dns/catz.c
index 53fbb1c2a7..a749ffa9d4 100644
--- a/lib/dns/catz.c
+++ b/lib/dns/catz.c
@@ -1799,6 +1799,12 @@ cleanup:
return (result);
}
+static bool
+catz_rdatatype_is_processable(const dns_rdatatype_t type) {
+ return (!dns_rdatatype_isdnssec(type) && type != dns_rdatatype_cds &&
+ type != dns_rdatatype_cdnskey && type != dns_rdatatype_zonemd);
+}
+
void
dns_catz_update_from_db(dns_db_t *db, dns_catz_zones_t *catzs) {
dns_catz_zone_t *oldzone = NULL, *newzone = NULL;
@@ -1908,6 +1914,17 @@ dns_catz_update_from_db(dns_db_t *db, dns_catz_zones_t *catzs) {
result = dns_rdatasetiter_first(rdsiter);
while (result == ISC_R_SUCCESS) {
dns_rdatasetiter_current(rdsiter, &rdataset);
+
+ /*
+ * Skip processing DNSSEC-related and ZONEMD types,
+ * because we are not interested in them in the context
+ * of a catalog zone, and processing them will fail
+ * and produce an unnecessary warning message.
+ */
+ if (!catz_rdatatype_is_processable(rdataset.type)) {
+ goto next;
+ }
+
result = dns_catz_update_process(catzs, newzone, name,
&rdataset);
if (result != ISC_R_SUCCESS) {
@@ -1930,6 +1947,7 @@ dns_catz_update_from_db(dns_db_t *db, dns_catz_zones_t *catzs) {
cname, classbuf, typebuf,
isc_result_totext(result));
}
+ next:
dns_rdataset_disassociate(&rdataset);
if (result != ISC_R_SUCCESS) {
break;
--
2.23.0
Reference in New Issue View Git Blame Copy Permalink