root/trunk/pdns/pdns/backends/bind/binddnssec.cc @ 2504

Revision 2504, 8.0 KB (checked in by peter, 15 months ago)

fix error message typo
Line 
1/*
2    PowerDNS Versatile Database Driven Nameserver
3    Copyright (C) 2002-2012  PowerDNS.COM BV
4
5    This program is free software; you can redistribute it and/or modify
6    it under the terms of the GNU General Public License version 2
7    as published by the Free Software Foundation
8   
9
10    This program is distributed in the hope that it will be useful,
11    but WITHOUT ANY WARRANTY; without even the implied warranty of
12    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13    GNU General Public License for more details.
14
15    You should have received a copy of the GNU General Public License
16    along with this program; if not, write to the Free Software
17    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
18*/
19#include "bindbackend2.hh"
20#include "dnsrecords.hh"
21#include "bind-dnssec.schema.sqlite3.sql.h"
22#include <boost/foreach.hpp>
23#include "config.h"
24
25#ifndef HAVE_SQLITE3
26void Bind2Backend::setupDNSSEC()
27{
28  throw runtime_error("bind-dnssec-db requires building PowerDNS with SQLite3");
29}
30
31void Bind2Backend::createDNSSECDB(const string& fname)
32{}
33
34bool Bind2Backend::getNSEC3PARAM(const std::string& zname, NSEC3PARAMRecordContent* ns3p)
35{ return false; }
36
37bool Bind2Backend::getDomainMetadata(const string& name, const std::string& kind, std::vector<std::string>& meta)
38{ return false; }
39
40bool Bind2Backend::setDomainMetadata(const string& name, const std::string& kind, const std::vector<std::string>& meta)
41{ return false; }
42
43bool Bind2Backend::getDomainKeys(const string& name, unsigned int kind, std::vector<KeyData>& keys)
44{ return false; }
45
46bool Bind2Backend::removeDomainKey(const string& name, unsigned int id)
47{ return false; }
48
49int Bind2Backend::addDomainKey(const string& name, const KeyData& key)
50{ return false; }
51
52bool Bind2Backend::activateDomainKey(const string& name, unsigned int id)
53{ return false; }
54
55bool Bind2Backend::deactivateDomainKey(const string& name, unsigned int id)
56{ return false; }
57
58bool Bind2Backend::getTSIGKey(const string& name, string* algorithm, string* content)
59{ return false; }
60#else
61
62#include "pdns/ssqlite3.hh"
63void Bind2Backend::setupDNSSEC()
64{
65  // cerr<<"Settting up dnssec db.. "<<getArg("dnssec-db") <<endl;
66  if(getArg("dnssec-db").empty())
67    return;
68  try {
69    d_dnssecdb = shared_ptr<SSQLite3>(new SSQLite3(getArg("dnssec-db")));
70  }
71  catch(SSqlException& se) {
72    // this error is meant to kill the server dead - it makes no sense to continue..
73    throw runtime_error("Error opening DNSSEC database in BIND backend: "+se.txtReason());
74  }
75}
76
77void Bind2Backend::createDNSSECDB(const string& fname)
78{
79  try {
80    SSQLite3 db(fname, true); // create=ok
81    vector<string> statements;
82    stringtok(statements, sqlCreate, ";");
83    BOOST_FOREACH(const string& statement, statements)
84      db.doCommand(statement);
85  }
86  catch(SSqlException& se) {
87    throw AhuException("Error creating database in BIND backend: "+se.txtReason());
88  }
89}
90
91
92bool Bind2Backend::getNSEC3PARAM(const std::string& zname, NSEC3PARAMRecordContent* ns3p)
93{
94  string value;
95  vector<string> meta;
96  getDomainMetadata(zname, "NSEC3PARAM", meta);
97  if(!meta.empty())
98    value=*meta.begin();
99 
100  if(value.empty()) { // "no NSEC3"
101    return false;
102  }
103     
104  if(ns3p) {
105    NSEC3PARAMRecordContent* tmp=dynamic_cast<NSEC3PARAMRecordContent*>(DNSRecordContent::mastermake(QType::NSEC3PARAM, 1, value));
106    *ns3p = *tmp;
107    delete tmp;
108  }
109  return true;
110}
111
112bool Bind2Backend::getDomainMetadata(const string& name, const std::string& kind, std::vector<std::string>& meta)
113{
114  if(!d_dnssecdb)
115    return false;
116   
117  // cerr<<"Asked to get metadata for zone '"<<name<<"'|"<<kind<<"\n";
118 
119  boost::format fmt("select content from domainmetadata where domain='%s' and kind='%s'");
120  try {
121    d_dnssecdb->doQuery((fmt % d_dnssecdb->escape(name) % d_dnssecdb->escape(kind)).str());
122 
123    vector<string> row;
124    while(d_dnssecdb->getRow(row)) {
125      meta.push_back(row[0]);
126    }
127  }
128  catch(SSqlException& se) {
129    throw AhuException("Error accessing DNSSEC database in BIND backend: "+se.txtReason());
130  }
131  return true;
132}
133
134bool Bind2Backend::setDomainMetadata(const string& name, const std::string& kind, const std::vector<std::string>& meta)
135{
136  if(!d_dnssecdb)
137    return false;
138 
139  boost::format fmt("delete from domainmetadata where domain='%s' and kind='%s'");
140  boost::format fmt2("insert into domainmetadata (domain, kind, content) values ('%s','%s', '%s')");
141  try {
142    d_dnssecdb->doCommand((fmt % d_dnssecdb->escape(name) % d_dnssecdb->escape(kind)).str());
143    if(!meta.empty())
144      d_dnssecdb->doCommand((fmt2 % d_dnssecdb->escape(name) % d_dnssecdb->escape(kind) % d_dnssecdb->escape(meta.begin()->c_str())).str());
145  }
146  catch(SSqlException& se) {
147    throw AhuException("Error accessing DNSSEC database in BIND backend: "+se.txtReason());
148  }
149  return true;
150
151}
152
153bool Bind2Backend::getDomainKeys(const string& name, unsigned int kind, std::vector<KeyData>& keys)
154{
155  // cerr<<"Asked to get keys for zone '"<<name<<"'\n";
156  if(!d_dnssecdb)
157    return false;
158  boost::format fmt("select id,flags, active, content from cryptokeys where domain='%s'");
159  try {
160    d_dnssecdb->doQuery((fmt % d_dnssecdb->escape(name)).str());
161    KeyData kd;
162    vector<string> row;
163    while(d_dnssecdb->getRow(row)) {
164      kd.id = atoi(row[0].c_str());
165      kd.flags = atoi(row[1].c_str());
166      kd.active = atoi(row[2].c_str());
167      kd.content = row[3];
168      keys.push_back(kd);
169    }
170  }
171  catch(SSqlException& se) {
172    throw AhuException("Error accessing DNSSEC database in BIND backend: "+se.txtReason());
173  }
174 
175  return true;
176}
177
178bool Bind2Backend::removeDomainKey(const string& name, unsigned int id)
179{
180  if(!d_dnssecdb)
181    return false;
182 
183  cerr<<"Asked to remove key "<<id<<" in zone '"<<name<<"'\n";
184 
185  boost::format fmt("delete from cryptokeys where domain='%s' and id=%d");
186  try {
187    d_dnssecdb->doCommand((fmt % d_dnssecdb->escape(name) % id).str());
188  }
189  catch(SSqlException& se) {
190    cerr<<se.txtReason()  <<endl;
191  }
192 
193  return true;
194}
195
196int Bind2Backend::addDomainKey(const string& name, const KeyData& key)
197{
198  if(!d_dnssecdb)
199    return false;
200 
201  //cerr<<"Asked to add a key to zone '"<<name<<"'\n";
202 
203  boost::format fmt("insert into cryptokeys (domain, flags, active, content) values ('%s', %d, %d, '%s')");
204  try {
205    d_dnssecdb->doCommand((fmt % d_dnssecdb->escape(name) % key.flags % key.active % d_dnssecdb->escape(key.content)).str());
206  }
207  catch(SSqlException& se) {
208    throw AhuException("Error accessing DNSSEC database in BIND backend: "+se.txtReason());   
209  }
210 
211  return true;
212}
213
214bool Bind2Backend::activateDomainKey(const string& name, unsigned int id)
215{
216  // cerr<<"Asked to activate key "<<id<<" inzone '"<<name<<"'\n";
217  if(!d_dnssecdb)
218    return false;
219 
220  boost::format fmt("update cryptokeys set active=1 where domain='%s' and id=%d");
221  try {
222    d_dnssecdb->doCommand((fmt % d_dnssecdb->escape(name) % id).str());
223  }
224  catch(SSqlException& se) {
225    throw AhuException("Error accessing DNSSEC database in BIND backend: "+se.txtReason());   
226  }
227 
228  return true;
229}
230
231bool Bind2Backend::deactivateDomainKey(const string& name, unsigned int id)
232{
233  // cerr<<"Asked to deactivate key "<<id<<" inzone '"<<name<<"'\n";
234  if(!d_dnssecdb)
235    return false;
236   
237  boost::format fmt("update cryptokeys set active=0 where domain='%s' and id=%d");
238  try {
239    d_dnssecdb->doCommand((fmt % d_dnssecdb->escape(name) % id).str());
240  }
241  catch(SSqlException& se) {
242    throw AhuException("Error accessing DNSSEC database in BIND backend: "+se.txtReason());
243  }
244 
245  return true;
246}
247
248bool Bind2Backend::getTSIGKey(const string& name, string* algorithm, string* content)
249{
250  if(!d_dnssecdb)
251    return false;
252  boost::format fmt("select algorithm, secret from tsigkeys where name='%s'");
253 
254  try {
255    d_dnssecdb->doQuery( (fmt % d_dnssecdb->escape(name)).str());
256  }
257  catch (SSqlException &e) {
258    throw AhuException("BindBackend unable to retrieve named TSIG key: "+e.txtReason());
259  }
260 
261  SSql::row_t row;
262 
263  content->clear();
264  while(d_dnssecdb->getRow(row)) {
265    *algorithm = row[0];
266    *content=row[1];
267  }
268
269  return !content->empty();
270
271}
272#endif
Note: See TracBrowser for help on using the browser.