default-api-rectify value ignored

rfrenayworldstream commented 4 years ago

Program: Authoritative
Issue type: Bug report

Short description

The api_rectify should have the default-api-rectify zone if API-RECTIFY if it is not set on the zone. But the default-api-rectify is ignored in our setup.

Environment

Software version: PowerDNS Authoritative Server 4.2.0
Operating System: Debian 9.11
Docker container: psitrax/powerdns:v4.2.0
Backend: gMySQL
DNSSEC: Enabled (NSEC3)

Steps to reproduce

Check global setting

$  curl --location --request GET 'http://127.0.0.1:8083/api/v1/servers/localhost/config' --header 'X-API-Key: myapikey' 2> /dev/null | jq -r '.[] | select(.name=="default-api-rectify")'
{
  "name": "default-api-rectify",
  "type": "ConfigSetting",
  "value": "yes"
}

Check specific zone parameters

docker exec pdns-powerdns-master pdnsutil get-meta paradijs4kids.nl
Metadata for 'paradijs4kids.nl'
NSEC3PARAM = 1 0 1 ab
SOA-EDIT-API = DEFAULT

Check setting for zone

$ curl --location --request GET 'http://127.0.0.1:8083/api/v1/servers/localhost/zones/paradijs4kids.nl' --header 'X-API-Key: myapikey' 2> /dev/null | jq -r '.api_rectify'

false

Check database

echo "SELECT name, ordername FROM records WHERE domain_id=991" | docker exec -i pdns-mariadb-master mysql pdns                
name    ordername
auth.paradijs4kids.nl   8e2dlm4ua5cu7bcaajtfcosg5pgcfeg2
auth2.paradijs4kids.nl  v26u0m17tqrs9fhdsripcnhp4rqegqbv
auth3.paradijs4kids.nl  ua12k7era161nued94243iakgfvrpffv
auth4.paradijs4kids.nl  8d4b3cc8r87s28r47j59nini1mrl1gqg
paradijs4kids.nl    actuia17iiom146bs95cfb7o0bbg99ml
paradijs4kids.nl    actuia17iiom146bs95cfb7o0bbg99ml
paradijs4kids.nl    actuia17iiom146bs95cfb7o0bbg99ml
paradijs4kids.nl    actuia17iiom146bs95cfb7o0bbg99ml

Edit zone!

curl --location --request PATCH 'http://127.0.0.1:8083/api/v1/servers/localhost/zones/paradijs4kids.nl' \
--header 'Content-Type: application/json' \
--header 'X-API-Key: myapikey' \
--data-raw '{"rrsets": [
  {"changetype": "replace",
   "name": "auth4.paradijs4kids.nl.",
   "records": [{"content": "\"Test\"",
              "disabled": false,
              "name": "auth4.paradijs4kids.nl.",
              "priority": 0,
              "ttl": 60,
              "type": "TXT"}],
   "ttl": 60,
   "type": "TXT"}
 ]
}
'

Check database

echo "SELECT name, ordername FROM records WHERE domain_id=991" | docker exec -i pdns-mariadb-master mysql pdns  
name    ordername
auth.paradijs4kids.nl   8e2dlm4ua5cu7bcaajtfcosg5pgcfeg2
auth2.paradijs4kids.nl  v26u0m17tqrs9fhdsripcnhp4rqegqbv
auth3.paradijs4kids.nl  ua12k7era161nued94243iakgfvrpffv
paradijs4kids.nl    actuia17iiom146bs95cfb7o0bbg99ml
paradijs4kids.nl    actuia17iiom146bs95cfb7o0bbg99ml
paradijs4kids.nl    actuia17iiom146bs95cfb7o0bbg99ml
auth4.paradijs4kids.nl  NULL
paradijs4kids.nl    NULL

Set API-RECTIFY for zone

docker exec pdns-powerdns-master pdnsutil set-meta paradijs4kids.nl API-RECTIFY 1

Check database

echo "SELECT name, ordername FROM records WHERE domain_id=991" | docker exec -i pdns-mariadb-master mysql pdns  
name    ordername
auth.paradijs4kids.nl   8e2dlm4ua5cu7bcaajtfcosg5pgcfeg2
auth2.paradijs4kids.nl  v26u0m17tqrs9fhdsripcnhp4rqegqbv
auth3.paradijs4kids.nl  ua12k7era161nued94243iakgfvrpffv
paradijs4kids.nl    actuia17iiom146bs95cfb7o0bbg99ml
paradijs4kids.nl    actuia17iiom146bs95cfb7o0bbg99ml
paradijs4kids.nl    actuia17iiom146bs95cfb7o0bbg99ml
auth4.paradijs4kids.nl  8d4b3cc8r87s28r47j59nini1mrl1gqg
paradijs4kids.nl    actuia17iiom146bs95cfb7o0bbg99ml

Expected behaviour

api_rectify getting the default-api-rectify value when API-RECTIFY is not set for zone.

Actual behaviour

api_rectify is false when API-RECTIFY is not set for zone.

zeha commented 4 years ago

0ca59ad989bc771753ab45607d36c86f41b321f5 fixed this for PATCH, but not for creating the zone (I think).

Scriptman commented 2 years ago

Also having this problem with 4.5.0, can you please implement it after 1,5 years?

zeha commented 1 year ago

168a76b38bf99c7661e72914c1e634e7fa9d0d0f might have done it. (Its supposed to fix this, but I can't remember the exact details now.)

Verification from users seeing the problem would be useful.

Scriptman commented 1 year ago

@zeha thank you very much. Currently i'm reprogramming the DNS section in my control panel. I will let you know if it's working, at least, for me :)

PowerDNS / pdns