Download | Plain Text | No Line Numbers 

  1. --- a/pdns/auth-secondarycommunicator.cc	2026-06-07 22:10:43.000000000 +0200
  2. +++ b/pdns/auth-secondarycommunicator.cc	2026-06-09 13:59:03.140354656 +0200
  3. @@ -521,6 +521,7 @@
  4.      ctx.numDeltas = deltas.size();
  5.      //    cout<<"Got "<<deltas.size()<<" deltas from serial "<<ctx.domain.serial<<", applying.."<<endl;
  6.  
  7. +#ifdef HAVE_LUA_RECORDS
  8.      // Do not perform Lua records updates if not allowed to.
  9.      if (!::arg().mustDo("enable-lua-record-updates")) {
  10.        bool foundLua{false};
  11. @@ -550,6 +551,7 @@
  12.          return;
  13.        }
  14.      }
  15. +#endif
  16.  
  17.      for (const auto& d : deltas) { // NOLINT(readability-identifier-length)
  18.        const auto& remove = d.first;
  19. @@ -958,6 +960,7 @@
  20.        }
  21.      }
  22.  
  23. +#ifdef HAVE_LUA_RECORDS
  24.      // Do not perform Lua records updates if not allowed to.
  25.      if (!::arg().mustDo("enable-lua-record-updates")) {
  26.        for (DNSResourceRecord& drr : rrs) {
  27. @@ -968,6 +971,7 @@
  28.          }
  29.        }
  30.      }
  31. +#endif
  32.      transaction = ctx.domain.backend->startTransaction(domain, ctx.domain.id);
  33.      SLOG(g_log << Logger::Info << ctx.logPrefix << "storage transaction started" << endl,
  34.           ctx.slog->info(Logr::Info, "AXFR: storage transaction started"));
  35. --- a/pdns/rfc2136handler.cc	2026-06-07 22:10:43.000000000 +0200
  36. +++ b/pdns/rfc2136handler.cc	2026-06-09 13:56:32.674355348 +0200
  37. @@ -905,6 +905,7 @@
  38.  
  39.  static uint8_t updateRecords(const MOADNSParser::answers_t& answers, DNSSECKeeper& dsk, uint& changedRecords, const std::unique_ptr<AuthLua4>& update_policy_lua, DNSPacket& packet, updateContext& ctx)
  40.  {
  41. +#ifdef HAVE_LUA_RECORDS
  42.    // Reject the complete update if it contains Lua records, unless explicitly
  43.    // allowed, regardless of any other policy.
  44.    if (!::arg().mustDo("enable-lua-record-updates")) {
  45. @@ -916,6 +917,7 @@
  46.        }
  47.      }
  48.    }
  49. +#endif
  50.  
  51.    vector<const DNSRecord*> cnamesToAdd;
  52.    vector<const DNSRecord*> nonCnamesToAdd;
  53. --- a/pdns/ws-auth.cc	2026-06-07 22:10:43.000000000 +0200
  54. +++ b/pdns/ws-auth.cc	2026-06-09 13:58:49.145447730 +0200
  55. @@ -1753,6 +1753,7 @@
  56.  {
  57.    std::vector<std::pair<DNSResourceRecord, string>> errors;
  58.  
  59. +#ifdef HAVE_LUA_RECORDS
  60.    // Do not perform Lua records updates if not allowed to.
  61.    if (!::arg().mustDo("enable-lua-record-updates")) {
  62.      for (const auto& rec : records) {
  63. @@ -1761,6 +1762,7 @@
  64.        }
  65.      }
  66.    }
  67. +#endif
  68.  
  69.    Check::checkRRSet({}, records, zone, flags, errors);
  70.    if (errors.empty()) {
  71. @@ -2578,12 +2580,14 @@
  72.  // Apply a DELETE changetype.
  73.  static applyResult applyDelete(const DomainInfo& domainInfo, DNSName& qname, QType& qtype, bool returnRRset, std::vector<DNSResourceRecord>& rrset)
  74.  {
  75. +#ifdef HAVE_LUA_RECORDS
  76.    // Do not perform Lua records deletions if not allowed to.
  77.    if (!::arg().mustDo("enable-lua-record-updates")) {
  78.      if (qtype == QType::LUA) {
  79.        throw ApiException("Update of Lua records is not allowed");
  80.      }
  81.    }
  82. +#endif
  83.    // Delete all matching qname/qtype RRs (and implicitly, comments).
  84.    if (!domainInfo.backend->replaceRRSet(domainInfo.id, qname, qtype, {})) {
  85.      throw ApiException("Hosting backend does not support editing records.");
  86.