From 1355fc6a0411b6744ffbb276eb3383a9aca9a07e Mon Sep 17 00:00:00 2001 From: Aram Sargsyan Date: Wed, 1 Jun 2022 08:51:55 +0000 Subject: [PATCH] Don't process DNSSEC-related and ZONEMD records in catz When processing a catalog zone update, skip processing records with DNSSEC-related and ZONEMD types, because we are not interested in them in the context of a catalog zone, and processing them will fail and produce an unnecessary warning message. (cherry picked from commit 73d664313703d2874c3b1a4380afdcd8ba26dc62) --- lib/dns/catz.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/lib/dns/catz.c b/lib/dns/catz.c index 23cc7897ab..6037d32ad2 100644 --- a/lib/dns/catz.c +++ b/lib/dns/catz.c @@ -2100,6 +2100,12 @@ cleanup: return (result); } +static bool +catz_rdatatype_is_processable(const dns_rdatatype_t type) { + return (!dns_rdatatype_isdnssec(type) && type != dns_rdatatype_cds && + type != dns_rdatatype_cdnskey && type != dns_rdatatype_zonemd); +} + void dns_catz_update_from_db(dns_db_t *db, dns_catz_zones_t *catzs) { dns_catz_zone_t *oldzone = NULL, *newzone = NULL; @@ -2242,6 +2248,17 @@ dns_catz_update_from_db(dns_db_t *db, dns_catz_zones_t *catzs) { result = dns_rdatasetiter_first(rdsiter); while (result == ISC_R_SUCCESS) { dns_rdatasetiter_current(rdsiter, &rdataset); + + /* + * Skip processing DNSSEC-related and ZONEMD types, + * because we are not interested in them in the context + * of a catalog zone, and processing them will fail + * and produce an unnecessary warning message. + */ + if (!catz_rdatatype_is_processable(rdataset.type)) { + goto next; + } + result = dns_catz_update_process(catzs, newzone, name, &rdataset); if (result != ISC_R_SUCCESS) { @@ -2263,6 +2280,7 @@ dns_catz_update_from_db(dns_db_t *db, dns_catz_zones_t *catzs) { cname, classbuf, typebuf, isc_result_totext(result)); } + next: dns_rdataset_disassociate(&rdataset); result = dns_rdatasetiter_next(rdsiter); }