public override void AddRecord(DnsResourceRecord record)
{
if (_primaryZone.DnssecStatus != AuthZoneDnssecStatus.Unsigned)
{
switch (record.Type)
{
case DnsResourceRecordType.ANAME:
case DnsResourceRecordType.APP:
throw new DnsServerException("The record type is not supported by DNSSEC signed primary zones.");
default:
if (record.IsDisabled())
{
throw new DnsServerException("Cannot add record: disabling records in a signed zones is not supported.");
}
break;
}
}
switch (record.Type)
{
case DnsResourceRecordType.DNSKEY:
case DnsResourceRecordType.RRSIG:
case DnsResourceRecordType.NSEC:
case DnsResourceRecordType.NSEC3PARAM:
case DnsResourceRecordType.NSEC3:
throw new InvalidOperationException("Cannot add DNSSEC record.");
case DnsResourceRecordType.FWD:
throw new DnsServerException("The record type is not supported by primary zones.");
default:
if (record.OriginalTtlValue > _primaryZone.GetZoneSoaExpire())
{
throw new DnsServerException("Failed to add record: TTL cannot be greater than SOA EXPIRE.");
}
base.AddRecord(record);
_primaryZone.CommitAndIncrementSerial(null, new DnsResourceRecord[] { record });
if (_primaryZone.DnssecStatus != AuthZoneDnssecStatus.Unsigned)
{
_primaryZone.UpdateDnssecRecordsFor(this, record.Type);
}
_primaryZone.TriggerNotify();
break;
}
}
public override void UpdateRecord(DnsResourceRecord oldRecord, DnsResourceRecord newRecord)
{
switch (oldRecord.Type)
{
case DnsResourceRecordType.SOA:
throw new InvalidOperationException("Cannot update record: use SetRecords() for " + oldRecord.Type.ToString() + " record");
case DnsResourceRecordType.DNSKEY:
case DnsResourceRecordType.RRSIG:
case DnsResourceRecordType.NSEC:
case DnsResourceRecordType.NSEC3PARAM:
case DnsResourceRecordType.NSEC3:
throw new InvalidOperationException("Cannot update DNSSEC records.");
default:
if (oldRecord.Type != newRecord.Type)
{
throw new InvalidOperationException("Old and new record types do not match.");
}
if ((_primaryZone.DnssecStatus != AuthZoneDnssecStatus.Unsigned) && newRecord.IsDisabled())
{
throw new DnsServerException("Cannot update record: disabling records in a signed zones is not supported.");
}
if (newRecord.OriginalTtlValue > _primaryZone.GetZoneSoaExpire())
{
throw new DnsServerException("Failed to update record: TTL cannot be greater than SOA EXPIRE.");
}
if (!TryDeleteRecord(oldRecord.Type, oldRecord.RDATA, out DnsResourceRecord deletedRecord))
{
throw new InvalidOperationException("Cannot update record: the record does not exists to be updated.");
}
base.AddRecord(newRecord);
_primaryZone.CommitAndIncrementSerial(new DnsResourceRecord[] { deletedRecord }, new DnsResourceRecord[] { newRecord });
if (_primaryZone.DnssecStatus != AuthZoneDnssecStatus.Unsigned)
{
_primaryZone.UpdateDnssecRecordsFor(this, oldRecord.Type);
}
_primaryZone.TriggerNotify();
break;
}
}
