• Home
  • Features
  • Pricing
  • Docs
  • Announcements
  • Sign In

PowerDNS / pdns / 28602740716

02 Jul 2026 03:42PM UTC coverage: 68.134% (-3.0%) from 71.094%
28602740716

Pull #17678

github

web-flow
Merge e4b5deb7e into ef7f8811f
Pull Request #17678: auth: yet another round of coverity-induced improvements

44251 of 82018 branches covered (53.95%)

Branch coverage included in aggregate %.

11 of 17 new or added lines in 11 files covered. (64.71%)

5204 existing lines in 64 files now uncovered.

128478 of 171496 relevant lines covered (74.92%)

4475186.7 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

35.03
/modules/bindbackend/binddnssec.cc
1
/*
2
 * This file is part of PowerDNS or dnsdist.
3
 * Copyright -- PowerDNS.COM B.V. and its contributors
4
 *
5
 * This program is free software; you can redistribute it and/or modify
6
 * it under the terms of version 2 of the GNU General Public License as
7
 * published by the Free Software Foundation.
8
 *
9
 * In addition, for the avoidance of any doubt, permission is granted to
10
 * link this program with OpenSSL and to (re)distribute the binaries
11
 * produced as the result of such linking.
12
 *
13
 * This program is distributed in the hope that it will be useful,
14
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16
 * GNU General Public License for more details.
17
 *
18
 * You should have received a copy of the GNU General Public License
19
 * along with this program; if not, write to the Free Software
20
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21
 */
22

23
#ifdef HAVE_CONFIG_H
24
#include "config.h"
25
#endif
26
#include "bindbackend2.hh"
27
#include "pdns/arguments.hh"
28
#include "pdns/dnsrecords.hh"
29

30
#ifndef HAVE_SQLITE3
31

32
void Bind2Backend::setupDNSSEC()
33
{
34
  if (!getArg("dnssec-db").empty()) {
35
    throw runtime_error("bind-dnssec-db requires building PowerDNS with SQLite3");
36
  }
37
}
38

39
unsigned int Bind2Backend::getCapabilities()
40
{
41
  unsigned int caps = CAP_LIST | CAP_SEARCH;
42
  if (d_hybrid) {
43
    caps |= CAP_DNSSEC;
44
  }
45
  return caps;
46
}
47

48
bool Bind2Backend::getNSEC3PARAM(const ZoneName& /* name */, NSEC3PARAMRecordContent* /* ns3p */)
49
{
50
  return false;
51
}
52

53
bool Bind2Backend::getNSEC3PARAMuncached(const ZoneName& /* name */, NSEC3PARAMRecordContent* /* ns3p */)
54
{
55
  return false;
56
}
57

58
bool Bind2Backend::getAllDomainMetadata(const ZoneName& /* name */, std::map<std::string, std::vector<std::string>>& /* meta */)
59
{
60
  return false;
61
}
62

63
bool Bind2Backend::getDomainMetadata(const ZoneName& /* name */, const std::string& /* kind */, std::vector<std::string>& /* meta */)
64
{
65
  return false;
66
}
67

68
bool Bind2Backend::setDomainMetadata(const ZoneName& /* name */, const std::string& /* kind */, const std::vector<std::string>& /* meta */)
69
{
70
  return false;
71
}
72

73
bool Bind2Backend::getDomainKeys(const ZoneName& /* name */, std::vector<KeyData>& /* keys */)
74
{
75
  return false;
76
}
77

78
bool Bind2Backend::removeDomainKey(const ZoneName& /* name */, unsigned int /* id */)
79
{
80
  return false;
81
}
82

83
bool Bind2Backend::addDomainKey(const ZoneName& /* name */, const KeyData& /* key */, int64_t& /* id */)
84
{
85
  return false;
86
}
87

88
bool Bind2Backend::activateDomainKey(const ZoneName& /* name */, unsigned int /* id */)
89
{
90
  return false;
91
}
92

93
bool Bind2Backend::deactivateDomainKey(const ZoneName& /* name */, unsigned int /* id */)
94
{
95
  return false;
96
}
97

98
bool Bind2Backend::publishDomainKey(const ZoneName& /* name */, unsigned int /* id */)
99
{
100
  return false;
101
}
102

103
bool Bind2Backend::unpublishDomainKey(const ZoneName& /* name */, unsigned int /* id */)
104
{
105
  return false;
106
}
107

108
bool Bind2Backend::getTSIGKey(const DNSName& /* name */, DNSName& /* algorithm */, string& /* content */)
109
{
110
  return false;
111
}
112

113
bool Bind2Backend::setTSIGKey(const DNSName& /* name */, const DNSName& /* algorithm */, const string& /* content */)
114
{
115
  return false;
116
}
117

118
bool Bind2Backend::deleteTSIGKey(const DNSName& /* name */)
119
{
120
  return false;
121
}
122

123
bool Bind2Backend::getTSIGKeys(std::vector<struct TSIGKey>& /* keys */)
124
{
125
  return false;
126
}
127

128
void Bind2Backend::setupStatements()
129
{
130
}
131

132
void Bind2Backend::freeStatements()
133
{
134
}
135

136
#else
137

138
#include "pdns/logger.hh"
139
#include "pdns/ssqlite3.hh"
140

141
#define ASSERT_ROW_COLUMNS(query, row, num)                                                                                                \
142
  {                                                                                                                                        \
29✔
143
    if (row.size() != num) {                                                                                                               \
29✔
144
      throw PDNSException(std::string(query) + " returned wrong number of columns, expected " #num ", got " + std::to_string(row.size())); \
×
145
    }                                                                                                                                      \
×
146
  }
29✔
147

148
void Bind2Backend::setupDNSSEC()
149
{
2,161✔
150
  if (getArg("dnssec-db").empty() || d_hybrid)
2,161!
151
    return;
2,120✔
152
  try {
41✔
153
    d_dnssecdb = std::make_shared<SSQLite3>(d_slog, getArg("dnssec-db"), getArg("dnssec-db-journal-mode"));
41✔
154
    setupStatements();
41✔
155
  }
41✔
156
  catch (SSqlException& se) {
41✔
157
    // this error is meant to kill the server dead - it makes no sense to continue..
158
    throw runtime_error("Error opening DNSSEC database in BIND backend: " + se.txtReason());
×
159
  }
×
160

161
  d_dnssecdb->setLog(::arg().mustDo("query-logging"));
41✔
162
}
41✔
163

164
void Bind2Backend::setupStatements()
165
{
41✔
166
  d_getAllDomainMetadataQuery_stmt = d_dnssecdb->prepare("select kind, content from domainmetadata where domain=:domain", 1);
41✔
167
  d_getDomainMetadataQuery_stmt = d_dnssecdb->prepare("select content from domainmetadata where domain=:domain and kind=:kind", 2);
41✔
168
  d_deleteDomainMetadataQuery_stmt = d_dnssecdb->prepare("delete from domainmetadata where domain=:domain and kind=:kind", 2);
41✔
169
  d_insertDomainMetadataQuery_stmt = d_dnssecdb->prepare("insert into domainmetadata (domain, kind, content) values (:domain,:kind,:content)", 3);
41✔
170
  d_getDomainKeysQuery_stmt = d_dnssecdb->prepare("select id,flags, active, published, content from cryptokeys where domain=:domain", 1);
41✔
171
  d_deleteDomainKeyQuery_stmt = d_dnssecdb->prepare("delete from cryptokeys where domain=:domain and id=:key_id", 2);
41✔
172
  d_insertDomainKeyQuery_stmt = d_dnssecdb->prepare("insert into cryptokeys (domain, flags, active, published, content) values (:domain, :flags, :active, :published, :content)", 5);
41✔
173
  d_GetLastInsertedKeyIdQuery_stmt = d_dnssecdb->prepare("select last_insert_rowid()", 0);
41✔
174
  d_activateDomainKeyQuery_stmt = d_dnssecdb->prepare("update cryptokeys set active=1 where domain=:domain and id=:key_id", 2);
41✔
175
  d_deactivateDomainKeyQuery_stmt = d_dnssecdb->prepare("update cryptokeys set active=0 where domain=:domain and id=:key_id", 2);
41✔
176
  d_publishDomainKeyQuery_stmt = d_dnssecdb->prepare("update cryptokeys set published=1 where domain=:domain and id=:key_id", 2);
41✔
177
  d_unpublishDomainKeyQuery_stmt = d_dnssecdb->prepare("update cryptokeys set published=0 where domain=:domain and id=:key_id", 2);
41✔
178
  d_getTSIGKeyQuery_stmt = d_dnssecdb->prepare("select algorithm, secret from tsigkeys where name=:key_name", 1);
41✔
179
  d_setTSIGKeyQuery_stmt = d_dnssecdb->prepare("replace into tsigkeys (name,algorithm,secret) values(:key_name, :algorithm, :content)", 3);
41✔
180
  d_deleteTSIGKeyQuery_stmt = d_dnssecdb->prepare("delete from tsigkeys where name=:key_name", 1);
41✔
181
  d_getTSIGKeysQuery_stmt = d_dnssecdb->prepare("select name,algorithm,secret from tsigkeys", 0);
41✔
182
}
41✔
183

184
void Bind2Backend::freeStatements()
185
{
2,145✔
186
  d_getAllDomainMetadataQuery_stmt.reset();
2,145✔
187
  d_getDomainMetadataQuery_stmt.reset();
2,145✔
188
  d_deleteDomainMetadataQuery_stmt.reset();
2,145✔
189
  d_insertDomainMetadataQuery_stmt.reset();
2,145✔
190
  d_getDomainKeysQuery_stmt.reset();
2,145✔
191
  d_deleteDomainKeyQuery_stmt.reset();
2,145✔
192
  d_insertDomainKeyQuery_stmt.reset();
2,145✔
193
  d_GetLastInsertedKeyIdQuery_stmt.reset();
2,145✔
194
  d_activateDomainKeyQuery_stmt.reset();
2,145✔
195
  d_deactivateDomainKeyQuery_stmt.reset();
2,145✔
196
  d_publishDomainKeyQuery_stmt.reset();
2,145✔
197
  d_unpublishDomainKeyQuery_stmt.reset();
2,145✔
198
  d_getTSIGKeyQuery_stmt.reset();
2,145✔
199
  d_setTSIGKeyQuery_stmt.reset();
2,145✔
200
  d_deleteTSIGKeyQuery_stmt.reset();
2,145✔
201
  d_getTSIGKeysQuery_stmt.reset();
2,145✔
202
}
2,145✔
203

204
unsigned int Bind2Backend::getCapabilities()
205
{
39✔
206
  unsigned int caps = CAP_LIST | CAP_SEARCH;
39✔
207
  if (d_dnssecdb || d_hybrid) {
39!
UNCOV
208
    caps |= CAP_DNSSEC;
×
UNCOV
209
  }
×
210
  return caps;
39✔
211
}
39✔
212

213
// NOLINTNEXTLINE(readability-convert-member-functions-to-static)
214
bool Bind2Backend::getNSEC3PARAM(const ZoneName& name, NSEC3PARAMRecordContent* ns3p)
215
{
×
216
  BB2DomainInfo bbd;
×
217
  if (!safeGetBBDomainInfo(name, &bbd))
×
218
    return false;
×
219

220
  if (ns3p != nullptr) {
×
221
    *ns3p = bbd.d_nsec3param;
×
222
  }
×
223

224
  return bbd.d_nsec3zone;
×
225
}
×
226

227
bool Bind2Backend::getNSEC3PARAMuncached(const ZoneName& name, NSEC3PARAMRecordContent* ns3p)
228
{
12✔
229
  if (!d_dnssecdb || d_hybrid)
12!
UNCOV
230
    return false;
×
231

232
  string value;
12✔
233
  vector<string> meta;
12✔
234
  getDomainMetadata(name, "NSEC3PARAM", meta);
12✔
235
  if (!meta.empty())
12!
UNCOV
236
    value = *meta.begin();
×
237
  else
12✔
238
    return false; // No NSEC3 zone
12✔
239

UNCOV
240
  static int maxNSEC3Iterations = ::arg().asNum("max-nsec3-iterations");
×
UNCOV
241
  if (ns3p) {
×
UNCOV
242
    auto tmp = std::dynamic_pointer_cast<NSEC3PARAMRecordContent>(DNSRecordContent::make(QType::NSEC3PARAM, 1, value));
×
UNCOV
243
    *ns3p = *tmp;
×
244

UNCOV
245
    if (ns3p->d_iterations > maxNSEC3Iterations) {
×
246
      ns3p->d_iterations = maxNSEC3Iterations;
×
247
      SLOG(g_log << Logger::Error << "Number of NSEC3 iterations for zone '" << name << "' is above 'max-nsec3-iterations'. Value adjusted to: " << maxNSEC3Iterations << endl,
×
248
           d_slog->info(Logr::Error, "Number of NSEC3 iterations for zone exceeds max-nsec3-iterations, clamping", "zone", Logging::Loggable(name), "max-nsec3-iterations", Logging::Loggable(maxNSEC3Iterations)));
×
249
    }
×
250

UNCOV
251
    if (ns3p->d_algorithm != 1) {
×
252
      SLOG(g_log << Logger::Error << "Invalid hash algorithm for NSEC3: '" << std::to_string(ns3p->d_algorithm) << "', setting to 1 for zone '" << name << "'." << endl,
×
253
           d_slog->info(Logr::Error, "Invalid hash algorithm for NSEC3 on zone, setting to 1", "zone", Logging::Loggable(name), "algorithm", Logging::Loggable(ns3p->d_algorithm)));
×
254
      ns3p->d_algorithm = 1;
×
255
    }
×
UNCOV
256
  }
×
257

UNCOV
258
  return true;
×
259
}
12✔
260

261
bool Bind2Backend::getAllDomainMetadata(const ZoneName& name, std::map<std::string, std::vector<std::string>>& meta)
262
{
12✔
263
  if (!d_dnssecdb || d_hybrid)
12!
UNCOV
264
    return false;
×
265

266
  try {
12✔
267
    d_getAllDomainMetadataQuery_stmt->bind("domain", name)->execute();
12✔
268

269
    SSqlStatement::row_t row;
12✔
270
    while (d_getAllDomainMetadataQuery_stmt->hasNextRow()) {
12!
UNCOV
271
      d_getAllDomainMetadataQuery_stmt->nextRow(row);
×
UNCOV
272
      meta[row[0]].push_back(row[1]);
×
UNCOV
273
    }
×
274

275
    d_getAllDomainMetadataQuery_stmt->reset();
12✔
276
  }
12✔
277
  catch (SSqlException& se) {
12✔
278
    throw PDNSException("Error accessing DNSSEC database in BIND backend, getAllDomainMetadata(): " + se.txtReason());
×
279
  }
×
280
  return true;
12✔
281
}
12✔
282

283
bool Bind2Backend::getDomainMetadata(const ZoneName& name, const std::string& kind, std::vector<std::string>& meta)
284
{
28✔
285
  if (!d_dnssecdb || d_hybrid)
28!
286
    return false;
4✔
287

288
  try {
24✔
289
    d_getDomainMetadataQuery_stmt->bind("domain", name)->bind("kind", kind)->execute();
24✔
290

291
    SSqlStatement::row_t row;
24✔
292
    while (d_getDomainMetadataQuery_stmt->hasNextRow()) {
24!
UNCOV
293
      d_getDomainMetadataQuery_stmt->nextRow(row);
×
UNCOV
294
      meta.push_back(row[0]);
×
UNCOV
295
    }
×
296

297
    d_getDomainMetadataQuery_stmt->reset();
24✔
298
  }
24✔
299
  catch (SSqlException& se) {
24✔
300
    throw PDNSException("Error accessing DNSSEC database in BIND backend, getDomainMetadata(): " + se.txtReason());
×
301
  }
×
302
  return true;
24✔
303
}
24✔
304

305
bool Bind2Backend::setDomainMetadata(const ZoneName& name, const std::string& kind, const std::vector<std::string>& meta)
UNCOV
306
{
×
UNCOV
307
  if (!d_dnssecdb || d_hybrid)
×
308
    return false;
×
309

UNCOV
310
  try {
×
UNCOV
311
    d_deleteDomainMetadataQuery_stmt->bind("domain", name)->bind("kind", kind)->execute()->reset();
×
UNCOV
312
    if (!meta.empty()) {
×
UNCOV
313
      for (const auto& value : meta) {
×
UNCOV
314
        d_insertDomainMetadataQuery_stmt->bind("domain", name)->bind("kind", kind)->bind("content", value)->execute()->reset();
×
UNCOV
315
      }
×
UNCOV
316
    }
×
UNCOV
317
  }
×
UNCOV
318
  catch (SSqlException& se) {
×
319
    throw PDNSException("Error accessing DNSSEC database in BIND backend, setDomainMetadata(): " + se.txtReason());
×
320
  }
×
UNCOV
321
  return true;
×
UNCOV
322
}
×
323

324
bool Bind2Backend::getDomainKeys(const ZoneName& name, std::vector<KeyData>& keys)
325
{
35✔
326
  if (!d_dnssecdb || d_hybrid)
35!
UNCOV
327
    return false;
×
328

329
  try {
35✔
330
    d_getDomainKeysQuery_stmt->bind("domain", name)->execute();
35✔
331

332
    KeyData kd;
35✔
333
    SSqlStatement::row_t row;
35✔
334
    while (d_getDomainKeysQuery_stmt->hasNextRow()) {
70✔
335
      d_getDomainKeysQuery_stmt->nextRow(row);
35✔
336
      pdns::checked_stoi_into(kd.id, row[0]);
35✔
337
      pdns::checked_stoi_into(kd.flags, row[1]);
35✔
338
      kd.active = (row[2] == "1");
35✔
339
      kd.published = (row[3] == "1");
35✔
340
      kd.content = row[4];
35✔
341
      keys.push_back(kd);
35✔
342
    }
35✔
343

344
    d_getDomainKeysQuery_stmt->reset();
35✔
345
  }
35✔
346
  catch (SSqlException& se) {
35✔
347
    throw PDNSException("Error accessing DNSSEC database in BIND backend, getDomainKeys(): " + se.txtReason());
×
348
  }
×
349
  return true;
35✔
350
}
35✔
351

352
bool Bind2Backend::removeDomainKey(const ZoneName& name, unsigned int keyId)
353
{
×
354
  if (!d_dnssecdb || d_hybrid)
×
355
    return false;
×
356

357
  try {
×
358
    d_deleteDomainKeyQuery_stmt->bind("domain", name)->bind("key_id", keyId)->execute()->reset();
×
359
  }
×
360
  catch (SSqlException& se) {
×
361
    throw PDNSException("Error accessing DNSSEC database in BIND backend, removeDomainKeys(): " + se.txtReason());
×
362
  }
×
363
  return true;
×
364
}
×
365

366
bool Bind2Backend::addDomainKey(const ZoneName& name, const KeyData& key, int64_t& keyId)
367
{
29✔
368
  if (!d_dnssecdb || d_hybrid)
29!
369
    return false;
×
370

371
  try {
29✔
372
    d_insertDomainKeyQuery_stmt->bind("domain", name)->bind("flags", key.flags)->bind("active", key.active)->bind("published", key.published)->bind("content", key.content)->execute()->reset();
29✔
373
  }
29✔
374
  catch (SSqlException& se) {
29✔
375
    throw PDNSException("Error accessing DNSSEC database in BIND backend, addDomainKey(): " + se.txtReason());
×
376
  }
×
377

378
  try {
29✔
379
    d_GetLastInsertedKeyIdQuery_stmt->execute();
29✔
380
    if (!d_GetLastInsertedKeyIdQuery_stmt->hasNextRow()) {
29!
381
      keyId = -2;
×
382
      return true;
×
383
    }
×
384
    SSqlStatement::row_t row;
29✔
385
    d_GetLastInsertedKeyIdQuery_stmt->nextRow(row);
29✔
386
    ASSERT_ROW_COLUMNS("get-last-inserted-key-id-query", row, 1);
29!
387
    pdns::checked_stoi_into(keyId, row[0]);
29✔
388
    d_GetLastInsertedKeyIdQuery_stmt->reset();
29✔
389
    if (keyId == 0) {
29!
390
      // No insert took place, report as error.
391
      keyId = -1;
×
392
    }
×
393
    return true;
29✔
394
  }
29✔
395
  catch (SSqlException& e) {
29✔
396
    keyId = -2;
×
397
    return true;
×
398
  }
×
399
}
29✔
400

401
bool Bind2Backend::activateDomainKey(const ZoneName& name, unsigned int keyId)
402
{
×
403
  if (!d_dnssecdb || d_hybrid)
×
404
    return false;
×
405

406
  try {
×
407
    d_activateDomainKeyQuery_stmt->bind("domain", name)->bind("key_id", keyId)->execute()->reset();
×
408
  }
×
409
  catch (SSqlException& se) {
×
410
    throw PDNSException("Error accessing DNSSEC database in BIND backend, activateDomainKey(): " + se.txtReason());
×
411
  }
×
412
  return true;
×
413
}
×
414

415
bool Bind2Backend::deactivateDomainKey(const ZoneName& name, unsigned int keyId)
416
{
×
417
  if (!d_dnssecdb || d_hybrid)
×
418
    return false;
×
419

420
  try {
×
421
    d_deactivateDomainKeyQuery_stmt->bind("domain", name)->bind("key_id", keyId)->execute()->reset();
×
422
  }
×
423
  catch (SSqlException& se) {
×
424
    throw PDNSException("Error accessing DNSSEC database in BIND backend, deactivateDomainKey(): " + se.txtReason());
×
425
  }
×
426
  return true;
×
427
}
×
428

429
bool Bind2Backend::publishDomainKey(const ZoneName& name, unsigned int keyId)
430
{
×
431
  if (!d_dnssecdb || d_hybrid)
×
432
    return false;
×
433

434
  try {
×
435
    d_publishDomainKeyQuery_stmt->bind("domain", name)->bind("key_id", keyId)->execute()->reset();
×
436
  }
×
437
  catch (SSqlException& se) {
×
438
    throw PDNSException("Error accessing DNSSEC database in BIND backend, publishDomainKey(): " + se.txtReason());
×
439
  }
×
440
  return true;
×
441
}
×
442

443
bool Bind2Backend::unpublishDomainKey(const ZoneName& name, unsigned int keyId)
UNCOV
444
{
×
UNCOV
445
  if (!d_dnssecdb || d_hybrid)
×
446
    return false;
×
447

UNCOV
448
  try {
×
UNCOV
449
    d_unpublishDomainKeyQuery_stmt->bind("domain", name)->bind("key_id", keyId)->execute()->reset();
×
UNCOV
450
  }
×
UNCOV
451
  catch (SSqlException& se) {
×
452
    throw PDNSException("Error accessing DNSSEC database in BIND backend, unpublishDomainKey(): " + se.txtReason());
×
453
  }
×
UNCOV
454
  return true;
×
UNCOV
455
}
×
456

457
bool Bind2Backend::getTSIGKey(const DNSName& name, DNSName& algorithm, string& content)
UNCOV
458
{
×
UNCOV
459
  if (!d_dnssecdb || d_hybrid)
×
460
    return false;
×
461

UNCOV
462
  try {
×
UNCOV
463
    d_getTSIGKeyQuery_stmt->bind("key_name", name)->execute();
×
464

UNCOV
465
    SSqlStatement::row_t row;
×
UNCOV
466
    while (d_getTSIGKeyQuery_stmt->hasNextRow()) {
×
UNCOV
467
      d_getTSIGKeyQuery_stmt->nextRow(row);
×
UNCOV
468
      if (row.size() >= 2 && (algorithm.empty() || algorithm == DNSName(row[0]))) {
×
UNCOV
469
        algorithm = DNSName(row[0]);
×
UNCOV
470
        content = row[1];
×
UNCOV
471
      }
×
UNCOV
472
    }
×
473

UNCOV
474
    d_getTSIGKeyQuery_stmt->reset();
×
UNCOV
475
  }
×
UNCOV
476
  catch (SSqlException& e) {
×
477
    throw PDNSException("Error accessing DNSSEC database in BIND backend, getTSIGKey(): " + e.txtReason());
×
478
  }
×
UNCOV
479
  return true;
×
UNCOV
480
}
×
481

482
bool Bind2Backend::setTSIGKey(const DNSName& name, const DNSName& algorithm, const string& content)
UNCOV
483
{
×
UNCOV
484
  if (!d_dnssecdb || d_hybrid)
×
485
    return false;
×
486

UNCOV
487
  try {
×
UNCOV
488
    d_setTSIGKeyQuery_stmt->bind("key_name", name)->bind("algorithm", algorithm)->bind("content", content)->execute()->reset();
×
UNCOV
489
  }
×
UNCOV
490
  catch (SSqlException& e) {
×
491
    throw PDNSException("Error accessing DNSSEC database in BIND backend, setTSIGKey(): " + e.txtReason());
×
492
  }
×
UNCOV
493
  return true;
×
UNCOV
494
}
×
495

496
bool Bind2Backend::deleteTSIGKey(const DNSName& name)
497
{
×
498
  if (!d_dnssecdb || d_hybrid)
×
499
    return false;
×
500

501
  try {
×
502
    d_deleteTSIGKeyQuery_stmt->bind("key_name", name)->execute()->reset();
×
503
  }
×
504
  catch (SSqlException& e) {
×
505
    throw PDNSException("Error accessing DNSSEC database in BIND backend, deleteTSIGKey(): " + e.txtReason());
×
506
  }
×
507
  return true;
×
508
}
×
509

510
bool Bind2Backend::getTSIGKeys(std::vector<struct TSIGKey>& keys)
511
{
×
512
  if (!d_dnssecdb || d_hybrid)
×
513
    return false;
×
514

515
  try {
×
516
    d_getTSIGKeysQuery_stmt->execute();
×
517

518
    SSqlStatement::row_t row;
×
519
    while (d_getTSIGKeysQuery_stmt->hasNextRow()) {
×
520
      d_getTSIGKeysQuery_stmt->nextRow(row);
×
521
      struct TSIGKey key;
×
522
      key.name = DNSName(row[0]);
×
523
      key.algorithm = DNSName(row[1]);
×
524
      key.key = row[2];
×
NEW
525
      keys.push_back(std::move(key));
×
526
    }
×
527

528
    d_getTSIGKeysQuery_stmt->reset();
×
529
  }
×
530
  catch (SSqlException& e) {
×
531
    throw PDNSException("Error accessing DNSSEC database in BIND backend, getTSIGKeys(): " + e.txtReason());
×
532
  }
×
533
  return true;
×
534
}
×
535

536
#endif
STATUS · Troubleshooting · Open an Issue · Sales · Support · CAREERS · ENTERPRISE · START FREE · SCHEDULE DEMO
ANNOUNCEMENTS · TWITTER · TOS & SLA · Supported CI Services · What's a CI service? · Automated Testing

© 2026 Coveralls, Inc