fergalmoran/DnsServer
1
0
Fork 0
mirror of https://github.com/fergalmoran/DnsServer.git synced 2026-01-02 23:05:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

PrimarySubDomainZone: Updated implementation to validate of the RRSet type is supported by DNSSEC.

Browse Source
This commit is contained in:
Shreyas Zare
2022-03-06 16:06:26 +05:30
parent af88ea9e5d
commit 594b7f8b91
1 changed files with 26 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
DnsServerCore/Dns/Zones/PrimarySubDomainZone.cs
View File

@@ -54,6 +54,16 @@ namespace DnsServerCore.Dns.Zones
public override void SetRecords(DnsResourceRecordType type, IReadOnlyList<DnsResourceRecord> records)
{
if (_primaryZone.DnssecStatus != AuthZoneDnssecStatus.Unsigned)
{
switch (type)
{
case DnsResourceRecordType.ANAME:
case DnsResourceRecordType.APP:
throw new DnsServerException("The record type is not supported by DNSSEC signed primary zones.");
}
}
switch (type)
{
case DnsResourceRecordType.SOA:
@@ -66,6 +76,9 @@ namespace DnsServerCore.Dns.Zones
case DnsResourceRecordType.NSEC3:
throw new InvalidOperationException("Cannot set DNSSEC records.");
case DnsResourceRecordType.FWD:
throw new DnsServerException("The record type is not supported by primary zones.");
default:
if (records[0].OriginalTtlValue > _primaryZone.GetZoneSoaExpire())
throw new DnsServerException("Failed to set records: TTL cannot be greater than SOA EXPIRE.");
@@ -85,6 +98,16 @@ namespace DnsServerCore.Dns.Zones
public override void AddRecord(DnsResourceRecord record)
{
if (_primaryZone.DnssecStatus != AuthZoneDnssecStatus.Unsigned)
{
switch (record.Type)
{
case DnsResourceRecordType.ANAME:
case DnsResourceRecordType.APP:
throw new DnsServerException("The record type is not supported by DNSSEC signed primary zones.");
}
}
switch (record.Type)
{
case DnsResourceRecordType.DNSKEY:
@@ -94,6 +117,9 @@ namespace DnsServerCore.Dns.Zones
case DnsResourceRecordType.NSEC3:
throw new InvalidOperationException("Cannot add DNSSEC record.");
case DnsResourceRecordType.FWD:
throw new DnsServerException("The record type is not supported by primary zones.");
default:
if (record.OriginalTtlValue > _primaryZone.GetZoneSoaExpire())
throw new DnsServerException("Failed to add record: TTL cannot be greater than SOA EXPIRE.");