allow "pdnssec set-nsec3 ZONE" for insecure zones

this saves on one rectify when securing a NSEC3 zone

Author: mind04

pdns/pdnssec.cc

@@ -1537,18 +1537,23 @@ try
     string nsec3params =  cmds.size() > 2 ? cmds[2] : "1 0 1 ab";
     bool narrow = cmds.size() > 3 && cmds[3]=="narrow";
     NSEC3PARAMRecordContent ns3pr(nsec3params);
-    
-    string zone=cmds[1];
-    if(!dk.isSecuredZone(zone)) {
-      cerr<<"Zone '"<<zone<<"' is not secured, can't set NSEC3 parameters"<<endl;
-      exit(EXIT_FAILURE);
+
+    if (! dk.setNSEC3PARAM(cmds[1], ns3pr, narrow)) {
+      cerr<<"Cannot set NSEC3 param for " << cmds[1] << endl;
+      return 1;
     }
-    dk.setNSEC3PARAM(zone, ns3pr, narrow);
-    
+
     if (!ns3pr.d_flags)
-      cerr<<"NSEC3 set, please rectify-zone if your backend needs it"<<endl;
+      cerr<<"NSEC3 set, ";
+    else
+      cerr<<"NSEC3 (opt-out) set, ";
+
+    if(dk.isSecuredZone(cmds[1]))
+      cerr<<"please rectify your zone if your backend needs it"<<endl;
     else
-      cerr<<"NSEC3 (opt-out) set, please rectify-zone if your backend needs it"<<endl;
+      cerr<<"please secure and rectify your zone."<<endl;
+
+    return 0;
   }
   else if(cmds[0]=="set-presigned") {
     if(cmds.size() < 2) {

regression-tests/backends/gsql-common

@@ -12,16 +12,14 @@ gsql-master()
 	do
 		if [ $context != ${backend}-nodnssec ]
 		then
-			securezone $zone ${backend}
 			if [ $context = ${backend}-nsec3 ] || [ $context = ${backend}-nsec3-optout ]
 			then
 				../pdns/pdnssec --config-dir=. --config-name=$backend set-nsec3 $zone "1 $optout 1 abcd" 2>&1
-				../pdns/pdnssec --config-dir=. --config-name=$backend rectify-zone $zone 2>&1
 			elif [ $context = ${backend}-nsec3-narrow ]
 			then
 				../pdns/pdnssec --config-dir=. --config-name=$backend set-nsec3 $zone '1 1 1 abcd' narrow 2>&1
-				../pdns/pdnssec --config-dir=. --config-name=$backend rectify-zone $zone 2>&1
 			fi
+			securezone $zone ${backend}
 		else
 			../pdns/pdnssec --config-dir=. --config-name=$backend rectify-zone $zone 2>&1
 		fi