Skip to content

Commit 07bf35d

Browse files
ahupowerdnsahupowerdns
committed
catch a lot more errors in pdnssec and report them. Fixes #588. Fixing #588.
1 parent 4cec6ac commit 07bf35d

File tree

1 file changed

+19
-8
lines changed

1 file changed

+19
-8
lines changed

pdns/pdnssec.cc

Lines changed: 19 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -785,7 +785,7 @@ bool secureZone(DNSSECKeeper& dk, const std::string& zone)
785785
}
786786

787787
for(vector<string>::iterator i = k_algos.begin()+1; i != k_algos.end(); i++)
788-
dk.addKey(zone, true, shorthand2algorithm(*i), k_size, true);
788+
dk.addKey(zone, true, shorthand2algorithm(*i), k_size, true); // obvious errors will have been caught above
789789

790790
BOOST_FOREACH(string z_algo, z_algos)
791791
{
@@ -1147,13 +1147,18 @@ try
11471147
bits = atoi(cmds[n].c_str());
11481148
} else {
11491149
cerr<<"Unknown algorithm, key flag or size '"<<cmds[n]<<"'"<<endl;
1150-
return 0;
1150+
exit(EXIT_FAILURE);;
11511151
}
11521152
}
1153-
cerr<<"Adding a " << (keyOrZone ? "KSK" : "ZSK")<<" with algorithm = "<<algorithm<<", active="<<active<<endl;
1154-
if(bits)
1155-
cerr<<"Requesting specific key size of "<<bits<<" bits"<<endl;
1156-
dk.addKey(zone, keyOrZone, algorithm, bits, active);
1153+
if(!dk.addKey(zone, keyOrZone, algorithm, bits, active)) {
1154+
cerr<<"Adding key failed, perhaps DNSSEC not enabled in configuration?"<<endl;
1155+
exit(1);
1156+
}
1157+
else {
1158+
cerr<<"Added a " << (keyOrZone ? "KSK" : "ZSK")<<" with algorithm = "<<algorithm<<", active="<<active<<endl;
1159+
if(bits)
1160+
cerr<<"Requested specific key size of "<<bits<<" bits"<<endl;
1161+
}
11571162
}
11581163
else if(cmds[0] == "remove-zone-key") {
11591164
if(cmds.size() < 3) {
@@ -1317,7 +1322,10 @@ try
13171322
else
13181323
dpk.d_flags = 257; // ksk
13191324

1320-
dk.addKey(zone, dpk);
1325+
if(!dk.addKey(zone, dpk)) {
1326+
cerr<<"Adding key failed, perhaps DNSSEC not enabled in configuration?"<<endl;
1327+
exit(1);
1328+
}
13211329

13221330
}
13231331
else if(cmds[0]=="import-zone-key") {
@@ -1353,7 +1361,10 @@ try
13531361
exit(1);
13541362
}
13551363
}
1356-
dk.addKey(zone, dpk, active);
1364+
if(!dk.addKey(zone, dpk, active)) {
1365+
cerr<<"Adding key failed, perhaps DNSSEC not enabled in configuration?"<<endl;
1366+
exit(1);
1367+
}
13571368
}
13581369
else if(cmds[0]=="export-zone-dnskey") {
13591370
if(cmds.size() < 3) {

0 commit comments

Comments
 (0)