Don't include DNSSEC records in diffs
This commit is contained in:
parent
1bf66eb9db
commit
ef87fdf922
|
@ -303,7 +303,7 @@ func diffZones(opts *config.Options, domain *happydns.Domain, ps httprouter.Para
|
|||
}
|
||||
}
|
||||
|
||||
toAdd, toDel := sources.DiffZones(zone1, zone2)
|
||||
toAdd, toDel := sources.DiffZones(zone1, zone2, true)
|
||||
|
||||
var rrAdd []string
|
||||
for _, rr := range toAdd {
|
||||
|
@ -331,7 +331,7 @@ func applyZone(opts *config.Options, domain *happydns.Domain, zone *happydns.Zon
|
|||
}
|
||||
}
|
||||
|
||||
newSOA, err := sources.ApplyZone(source, domain, zone.GenerateRRs(domain.DomainName))
|
||||
newSOA, err := sources.ApplyZone(source, domain, zone.GenerateRRs(domain.DomainName), true)
|
||||
if err != nil {
|
||||
return APIErrorResponse{
|
||||
err: err,
|
||||
|
|
|
@ -41,6 +41,7 @@ import (
|
|||
"github.com/miekg/dns"
|
||||
|
||||
"git.happydns.org/happydns/model"
|
||||
"git.happydns.org/happydns/utils"
|
||||
)
|
||||
|
||||
type Analyzer struct {
|
||||
|
@ -170,10 +171,7 @@ func AnalyzeZone(origin string, zone []dns.RR) (svcs map[string][]*happydns.Serv
|
|||
// Consider records not used by services as Orphan
|
||||
for _, record := range a.zone {
|
||||
// Skip DNSSEC records
|
||||
if record.Header().Rrtype == dns.TypeNSEC ||
|
||||
record.Header().Rrtype == dns.TypeNSEC3 ||
|
||||
record.Header().Rrtype == dns.TypeDNSKEY ||
|
||||
record.Header().Rrtype == dns.TypeRRSIG {
|
||||
if utils.IsDNSSECType(record.Header().Rrtype) {
|
||||
continue
|
||||
}
|
||||
|
||||
|
|
|
@ -35,11 +35,15 @@ import (
|
|||
"github.com/miekg/dns"
|
||||
|
||||
"git.happydns.org/happydns/model"
|
||||
"git.happydns.org/happydns/utils"
|
||||
)
|
||||
|
||||
func DiffZones(a []dns.RR, b []dns.RR) (toAdd []dns.RR, toDel []dns.RR) {
|
||||
func DiffZones(a []dns.RR, b []dns.RR, skipDNSSEC bool) (toAdd []dns.RR, toDel []dns.RR) {
|
||||
loopDel:
|
||||
for _, rrA := range a {
|
||||
if skipDNSSEC && utils.IsDNSSECType(rrA.Header().Rrtype) {
|
||||
continue
|
||||
}
|
||||
for _, rrB := range b {
|
||||
if rrA.String() == rrB.String() {
|
||||
continue loopDel
|
||||
|
@ -51,6 +55,9 @@ loopDel:
|
|||
|
||||
loopAdd:
|
||||
for _, rrB := range b {
|
||||
if skipDNSSEC && utils.IsDNSSECType(rrB.Header().Rrtype) {
|
||||
continue
|
||||
}
|
||||
for _, rrA := range a {
|
||||
if rrB.String() == rrA.String() {
|
||||
continue loopAdd
|
||||
|
@ -63,7 +70,7 @@ loopAdd:
|
|||
return
|
||||
}
|
||||
|
||||
func DiffZone(s happydns.Source, domain *happydns.Domain, rrs []dns.RR) (toAdd []dns.RR, toDel []dns.RR, err error) {
|
||||
func DiffZone(s happydns.Source, domain *happydns.Domain, rrs []dns.RR, skipDNSSEC bool) (toAdd []dns.RR, toDel []dns.RR, err error) {
|
||||
// Get the actuals RR-set
|
||||
var current []dns.RR
|
||||
current, err = s.ImportZone(domain)
|
||||
|
@ -71,12 +78,12 @@ func DiffZone(s happydns.Source, domain *happydns.Domain, rrs []dns.RR) (toAdd [
|
|||
return
|
||||
}
|
||||
|
||||
toAdd, toDel = DiffZones(current, rrs)
|
||||
toAdd, toDel = DiffZones(current, rrs, skipDNSSEC)
|
||||
return
|
||||
}
|
||||
|
||||
func ApplyZone(s happydns.Source, domain *happydns.Domain, rrs []dns.RR) (*dns.SOA, error) {
|
||||
toAdd, toDel, err := DiffZone(s, domain, rrs)
|
||||
func ApplyZone(s happydns.Source, domain *happydns.Domain, rrs []dns.RR, skipDNSSEC bool) (*dns.SOA, error) {
|
||||
toAdd, toDel, err := DiffZone(s, domain, rrs, skipDNSSEC)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
14
utils/dns.go
14
utils/dns.go
|
@ -31,7 +31,9 @@
|
|||
|
||||
package utils
|
||||
|
||||
import ()
|
||||
import (
|
||||
"github.com/miekg/dns"
|
||||
)
|
||||
|
||||
// SplitN splits a string into N sized string chunks.
|
||||
// This function is a copy of https://github.com/miekg/dns/blob/master/types.go#L1509
|
||||
|
@ -55,3 +57,13 @@ func SplitN(s string, n int) []string {
|
|||
|
||||
return sx
|
||||
}
|
||||
|
||||
// IsDNSSECType returns true if the given rrtype is generally autogenerated by
|
||||
// NS server.
|
||||
func IsDNSSECType(rrtype uint16) bool {
|
||||
return rrtype == dns.TypeNSEC ||
|
||||
rrtype == dns.TypeNSEC3 ||
|
||||
rrtype == dns.TypeNSEC3PARAM ||
|
||||
rrtype == dns.TypeDNSKEY ||
|
||||
rrtype == dns.TypeRRSIG
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user