File pdns-2.9.22-axfr-patch of Package pdns

diff -ur pdns-2.9.22/debian-pdns/rules pdns-2.9.22-IX/debian-pdns/rules
--- pdns-2.9.22/debian-pdns/rules	2008-11-16 18:21:08.000000000 +0100
+++ pdns-2.9.22-IX/debian-pdns/rules	2009-05-04 09:19:04.000000000 +0200
@@ -2,8 +2,10 @@
 
 tmpdir		:= $(shell pwd)/debian-pdns/tmp
 be_tmpdir	:= $(shell pwd)/debian-pdns/tmp-backend
-backends	:= opendbx ldap mysql pipe gmysql gpgsql gsqlite gsqlite3
-debs		:= opendbx ldap mysql pipe pgsql sqlite sqlite3
+#backends	:= opendbx ldap mysql pipe gmysql gpgsql gsqlite gsqlite3
+#debs		:= opendbx ldap mysql pipe pgsql sqlite sqlite3
+backends	:= mysql pipe gmysql
+debs		:= mysql pipe
 
 binary-doc:
 	-make -C pdns/docs html/index.html
@@ -51,7 +53,7 @@
 		--infodir='$${datadir}/info' \
 		--mandir='$${datadir}/man' \
 		--with-pgsql-lib=/opt/postgresql/lib --with-pgsql-includes=/opt/postgresql/include \
-		--with-modules="mysql gmysql gpgsql pipe pdns gsqlite gsqlite3 geo" \
+		--with-modules="mysql gmysql pipe pdns" \
 		--with-dynmodules="" \
 		--enable-static-binaries 
 	make
diff -ur pdns-2.9.22/modules/gmysqlbackend/gmysqlbackend.cc pdns-2.9.22-IX/modules/gmysqlbackend/gmysqlbackend.cc
--- pdns-2.9.22/modules/gmysqlbackend/gmysqlbackend.cc	2008-02-03 13:14:00.000000000 +0100
+++ pdns-2.9.22-IX/modules/gmysqlbackend/gmysqlbackend.cc	2009-04-30 17:00:15.000000000 +0200
@@ -75,6 +75,7 @@
     declare(suffix,"info-all-master-query","", "select id,name,master,last_check,notified_serial,type from domains where type='MASTER'");
     declare(suffix,"delete-zone-query","", "delete from records where domain_id=%d");
 
+    declare(suffix,"lookup-axfr-allow","", "select zone_grants from domains where name='%s'");
 
   }
   
diff -ur pdns-2.9.22/pdns/backends/gsql/gsqlbackend.cc pdns-2.9.22-IX/pdns/backends/gsql/gsqlbackend.cc
--- pdns-2.9.22/pdns/backends/gsql/gsqlbackend.cc	2008-12-06 20:43:50.000000000 +0100
+++ pdns-2.9.22-IX/pdns/backends/gsql/gsqlbackend.cc	2009-05-05 12:43:04.000000000 +0200
@@ -16,10 +16,78 @@
 #include "pdns/ahuexception.hh"
 #include "pdns/logger.hh"
 #include "pdns/arguments.hh"
+#include "pdns/iputils.hh"
 #include <boost/algorithm/string.hpp>
 #include <sstream>
+
 using namespace boost;
 
+bool GSQLBackend::checkAXFRByZone(const std::string& name , const std::string& ip)
+{
+//    L << Logger::Warning 
+//      << "ZONE-AXFR: checking " << name << " with " << ip << std::endl;
+
+    char output[1024];
+
+    snprintf( output,sizeof(output)-1,
+              d_LookupAxfrAllow.c_str(),name.c_str()
+             );
+    
+    L << Logger::Warning 
+      << "ZONE-AXFR: checking " << name << " with " << ip << std::endl
+      << "STATEMENT: "<< output << std::endl;
+
+    try 
+    {
+           d_db->doQuery(output, d_result);
+    }
+    catch(SSqlException &e) 
+      {
+        throw AhuException("GSQLBackend unable to select AXFR-by Zone . name " 
+                         + name  
+                         + " with ip "
+                         + ip
+                         + " : "
+                         + e.txtReason());
+      }
+
+    if(!d_result.size())
+      return false;
+
+    if(d_result.size() > 1)
+      throw AhuException("Ambigous entries ' "  
+                         + name  
+                         + "' exists more than once");
+    
+    SSql::row_t row(d_result[0]);
+    SSql::row_t::const_reverse_iterator zone_str_iter(row.rbegin());
+    std::vector<std::string> allowed_ips;
+
+    stringtok(allowed_ips, *zone_str_iter, ";");
+    std::vector<std::string>::iterator iter(allowed_ips.begin()),
+                                       end(allowed_ips.end());
+
+    for(;iter!=end;++iter)
+    {
+         trim(*iter);
+
+         L << Logger::Warning << "ZONE-AXFR: comparing '" << *iter << "' with '" << ip << "'"<< std::endl; 
+
+         if(*iter == ip) return true;
+
+         // check for netmasks
+         if( (*iter).find_first_of('/') != std::string::npos ) // found a mask
+         {
+              L << Logger::Warning << "detected mask " << std::endl;
+              Netmask mask(*iter);
+              if(mask.match(ip)) return true;
+         }
+         
+
+    }
+    return false;
+}
+
 void GSQLBackend::setNotified(uint32_t domain_id, uint32_t serial)
 {
   char output[1024];
@@ -239,6 +307,7 @@
   d_UpdateLastCheckofZoneQuery=getArg("update-lastcheck-query");
   d_InfoOfAllMasterDomainsQuery=getArg("info-all-master-query");
   d_DeleteZoneQuery=getArg("delete-zone-query");
+  d_LookupAxfrAllow=getArg("lookup-axfr-allow");
 }
 
 
diff -ur pdns-2.9.22/pdns/backends/gsql/gsqlbackend.hh pdns-2.9.22-IX/pdns/backends/gsql/gsqlbackend.hh
--- pdns-2.9.22/pdns/backends/gsql/gsqlbackend.hh	2008-02-03 13:13:59.000000000 +0100
+++ pdns-2.9.22-IX/pdns/backends/gsql/gsqlbackend.hh	2009-04-30 17:00:15.000000000 +0200
@@ -21,6 +21,9 @@
     d_db=db;
   }
   
+   //checks if a zone is allowed to check axfr-data
+  bool checkAXFRByZone(const std::string& name , const std::string& ip);
+    
   string sqlEscape(const string &name);
   void lookup(const QType &, const string &qdomain, DNSPacket *p=0, int zoneId=-1);
   bool list(const string &target, int domain_id);
@@ -65,6 +68,7 @@
   string d_UpdateSerialOfZoneQuery;
   string d_UpdateLastCheckofZoneQuery;
   string d_InfoOfAllMasterDomainsQuery;
-  string d_DeleteZoneQuery;		
+  string d_DeleteZoneQuery;
+  string d_LookupAxfrAllow;        
 
 };
diff -ur pdns-2.9.22/pdns/common_startup.cc pdns-2.9.22-IX/pdns/common_startup.cc
--- pdns-2.9.22/pdns/common_startup.cc	2008-11-19 18:56:52.000000000 +0100
+++ pdns-2.9.22-IX/pdns/common_startup.cc	2009-04-30 17:00:15.000000000 +0200
@@ -127,6 +127,9 @@
 
   ::arg().set("max-cache-entries", "Maximum number of cache entries")="1000000";
   ::arg().set("entropy-source", "If set, read entropy from this file")="/dev/urandom";
+
+  ::arg().set("axfr-by-zone","allows configuration of axfr-allows by zone")="yes";
+  ::arg().setSwitch("axfr-by-zone","allows configuration of axfr-allows by zone")="yes";
 }
 
 void declareStats(void)
diff -ur pdns-2.9.22/pdns/dnsbackend.cc pdns-2.9.22-IX/pdns/dnsbackend.cc
--- pdns-2.9.22/pdns/dnsbackend.cc	2008-11-15 21:32:46.000000000 +0100
+++ pdns-2.9.22-IX/pdns/dnsbackend.cc	2009-04-30 17:00:15.000000000 +0200
@@ -25,6 +25,11 @@
 #include <sys/types.h>
 #include "dnspacket.hh"
 
+bool DNSBackend::checkAXFRByZone(const std::string& name , const std::string& ip)
+{
+  return false;
+}
+
 string DNSBackend::getRemote(DNSPacket *p)
 {
   return p->getRemote();
diff -ur pdns-2.9.22/pdns/dnsbackend.hh pdns-2.9.22-IX/pdns/dnsbackend.hh
--- pdns-2.9.22/pdns/dnsbackend.hh	2008-02-03 13:13:59.000000000 +0100
+++ pdns-2.9.22-IX/pdns/dnsbackend.hh	2009-04-30 17:00:15.000000000 +0200
@@ -77,6 +77,8 @@
       if the backend does not consider itself responsible for the id passed.
       \param domain_id ID of which a list is requested
   */
+  virtual bool checkAXFRByZone(const std::string& name , const std::string& ip);
+
   virtual bool list(const string &target, int domain_id)=0;  
 
   virtual ~DNSBackend(){};
diff -ur pdns-2.9.22/pdns/misc.cc pdns-2.9.22-IX/pdns/misc.cc
--- pdns-2.9.22/pdns/misc.cc	2008-11-15 21:32:46.000000000 +0100
+++ pdns-2.9.22-IX/pdns/misc.cc	2009-04-30 17:00:15.000000000 +0200
@@ -232,6 +232,10 @@
 
     while (replen) {
       ret = write(outsock, buffer, replen);
+      while(ret == -1 && errno == EAGAIN) {
+        Utility::usleep(1);
+        ret = write(outsock, buffer, replen);
+      }
       if(ret < 0) {
 	if(errno==EAGAIN) { // wait, we might've exhausted the window
 	  while(waitForRWData(outsock, false, 1, 0)==0)
diff -ur pdns-2.9.22/pdns/tcpreceiver.cc pdns-2.9.22-IX/pdns/tcpreceiver.cc
--- pdns-2.9.22/pdns/tcpreceiver.cc	2008-11-19 18:21:11.000000000 +0100
+++ pdns-2.9.22-IX/pdns/tcpreceiver.cc	2009-05-04 10:35:51.000000000 +0200
@@ -346,16 +346,42 @@
   if(::arg().mustDo("disable-axfr"))
     return false;
 
-  if( ::arg()["allow-axfr-ips"].empty() || d_ng.match( (ComboAddress *) &q->remote ) )
-    return true;
+  if(::arg().mustDo("axfr-by-zone") )
+  {
+       //DNSBackend *backend = s_P->getBackend();
+       PacketHandler P;
+       DNSBackend *backend = P.getBackend();
+       if(backend->checkAXFRByZone( q->qdomain , q->getRemote()) ) 
+       {
+            L << Logger::Warning
+              <<"Approved zone-based AXFR of '"<<q->qdomain
+              << q->getRemote()<<endl;
+            return true;
+       }
+       //a empty list is a failure in case of 'axfr-by-zone'
+       else if(d_ng.match( (ComboAddress *) &q->remote ) )
+       {
+            L << Logger::Warning  << "allowed by config file" << endl;
+            return true;
+       }
+  }
+  else
+  {
+ //      L << Logger::Warning<< "no axfr-by-zone" <<endl;
+       if(::arg()["allow-axfr-ips"].empty() 
+           || d_ng.match( (ComboAddress *) &q->remote ) )
+            return true;
+  }
 
   extern CommunicatorClass Communicator;
 
   if(Communicator.justNotified(q->qdomain, q->getRemote())) { // we just notified this ip 
-    L<<Logger::Warning<<"Approved AXFR of '"<<q->qdomain<<"' from recently notified slave "<<q->getRemote()<<endl;
+    L << Logger::Warning << "Approved AXFR of '" << q->qdomain << "' from recently notified slave " << q->getRemote() << endl;
     return true;
   }
 
+  L << Logger::Warning << "AXFR FAILED" << endl;
+
   return false;
 }
 
diff -ur pdns-2.9.22/pdns/ueberbackend.cc pdns-2.9.22-IX/pdns/ueberbackend.cc
--- pdns-2.9.22/pdns/ueberbackend.cc	2008-11-27 22:56:33.000000000 +0100
+++ pdns-2.9.22-IX/pdns/ueberbackend.cc	2009-04-30 17:00:15.000000000 +0200
@@ -60,6 +60,15 @@
 #define RTLD_NOW RTLD_LAZY
 #endif
 
+bool UeberBackend::checkAXFRByZone( const std::string& name , const std::string& ip)
+{
+  for ( vector< DNSBackend * >::iterator i = backends.begin(); i != backends.end(); ++i )
+  {
+    if(( *i )->checkAXFRByZone( name , ip) ) return true;
+  }
+  return false;
+}
+
 //! Loads a module and reports it to all UeberBackend threads
 bool UeberBackend::loadmodule(const string &name)
 {
diff -ur pdns-2.9.22/pdns/ueberbackend.hh pdns-2.9.22-IX/pdns/ueberbackend.hh
--- pdns-2.9.22/pdns/ueberbackend.hh	2008-02-03 13:13:59.000000000 +0100
+++ pdns-2.9.22-IX/pdns/ueberbackend.hh	2009-04-30 17:00:15.000000000 +0200
@@ -57,6 +57,7 @@
   UeberBackend();
   UeberBackend(const string &);
   ~UeberBackend();
+  virtual bool checkAXFRByZone(const std::string& name , const std::string& ip);
   typedef DNSBackend *BackendMaker(); //!< typedef for functions returning pointers to new backends
 
   bool superMasterBackend(const string &ip, const string &domain, const vector<DNSResourceRecord>&nsset, string *account, DNSBackend **db);

​x
 
diff -ur pdns-2.9.22/debian-pdns/rules pdns-2.9.22-IX/debian-pdns/rules
--- pdns-2.9.22/debian-pdns/rules   2008-11-16 18:21:08.000000000 +0100
+++ pdns-2.9.22-IX/debian-pdns/rules    2009-05-04 09:19:04.000000000 +0200
@@ -2,8 +2,10 @@
 
 tmpdir     := $(shell pwd)/debian-pdns/tmp
 be_tmpdir  := $(shell pwd)/debian-pdns/tmp-backend
-backends   := opendbx ldap mysql pipe gmysql gpgsql gsqlite gsqlite3
-debs       := opendbx ldap mysql pipe pgsql sqlite sqlite3
+#backends  := opendbx ldap mysql pipe gmysql gpgsql gsqlite gsqlite3
+#debs      := opendbx ldap mysql pipe pgsql sqlite sqlite3
+backends   := mysql pipe gmysql
+debs       := mysql pipe
 
 binary-doc:
    -make -C pdns/docs html/index.html
@@ -51,7 +53,7 @@
        --infodir='$${datadir}/info' \
        --mandir='$${datadir}/man' \
        --with-pgsql-lib=/opt/postgresql/lib --with-pgsql-includes=/opt/postgresql/include \
-       --with-modules="mysql gmysql gpgsql pipe pdns gsqlite gsqlite3 geo" \
+       --with-modules="mysql gmysql pipe pdns" \
        --with-dynmodules="" \
        --enable-static-binaries 
    make
diff -ur pdns-2.9.22/modules/gmysqlbackend/gmysqlbackend.cc pdns-2.9.22-IX/modules/gmysqlbackend/gmysqlbackend.cc
--- pdns-2.9.22/modules/gmysqlbackend/gmysqlbackend.cc  2008-02-03 13:14:00.000000000 +0100
+++ pdns-2.9.22-IX/modules/gmysqlbackend/gmysqlbackend.cc   2009-04-30 17:00:15.000000000 +0200
@@ -75,6 +75,7 @@
     declare(suffix,"info-all-master-query","", "select id,name,master,last_check,notified_serial,type from domains where type='MASTER'");
     declare(suffix,"delete-zone-query","", "delete from records where domain_id=%d");
 
+    declare(suffix,"lookup-axfr-allow","", "select zone_grants from domains where name='%s'");
 
   }
   
diff -ur pdns-2.9.22/pdns/backends/gsql/gsqlbackend.cc pdns-2.9.22-IX/pdns/backends/gsql/gsqlbackend.cc
--- pdns-2.9.22/pdns/backends/gsql/gsqlbackend.cc   2008-12-06 20:43:50.000000000 +0100
+++ pdns-2.9.22-IX/pdns/backends/gsql/gsqlbackend.cc    2009-05-05 12:43:04.000000000 +0200
@@ -16,10 +16,78 @@
 #include "pdns/ahuexception.hh"
 #include "pdns/logger.hh"
 #include "pdns/arguments.hh"
+#include "pdns/iputils.hh"
 #include <boost/algorithm/string.hpp>
 #include <sstream>
+
 using namespace boost;
 
+bool GSQLBackend::checkAXFRByZone(const std::string& name , const std::string& ip)
+{
+//    L << Logger::Warning 
+//      << "ZONE-AXFR: checking " << name << " with " << ip << std::endl;
+
+    char output[1024];
+
+    snprintf( output,sizeof(output)-1,
+              d_LookupAxfrAllow.c_str(),name.c_str()
+             );
+    
+    L << Logger::Warning 
+      << "ZONE-AXFR: checking " << name << " with " << ip << std::endl
+      << "STATEMENT: "<< output << std::endl;
+
+    try 
+    {
+           d_db->doQuery(output, d_result);
+    }
+    catch(SSqlException &e) 
+      {
+        throw AhuException("GSQLBackend unable to select AXFR-by Zone . name " 
+                         + name  
+                         + " with ip "
+                         + ip
+                         + " : "
+                         + e.txtReason());
+      }
+
+    if(!d_result.size())
+      return false;
+
+    if(d_result.size() > 1)
+      throw AhuException("Ambigous entries ' "  
+                         + name  
+                         + "' exists more than once");
+    
+    SSql::row_t row(d_result[0]);
+    SSql::row_t::const_reverse_iterator zone_str_iter(row.rbegin());
+    std::vector<std::string> allowed_ips;
+
+    stringtok(allowed_ips, *zone_str_iter, ";");
+    std::vector<std::string>::iterator iter(allowed_ips.begin()),
+                                       end(allowed_ips.end());
+
+    for(;iter!=end;++iter)
+    {
+         trim(*iter);
+
+         L << Logger::Warning << "ZONE-AXFR: comparing '" << *iter << "' with '" << ip << "'"<< std::endl; 
+
+         if(*iter == ip) return true;
+
+         // check for netmasks
+         if( (*iter).find_first_of('/') != std::string::npos ) // found a mask
+         {
+              L << Logger::Warning << "detected mask " << std::endl;
+              Netmask mask(*iter);
+              if(mask.match(ip)) return true;
+         }
+         
+
+    }
+    return false;
+}
+
 void GSQLBackend::setNotified(uint32_t domain_id, uint32_t serial)
 {
   char output[1024];
@@ -239,6 +307,7 @@
   d_UpdateLastCheckofZoneQuery=getArg("update-lastcheck-query");
   d_InfoOfAllMasterDomainsQuery=getArg("info-all-master-query");
   d_DeleteZoneQuery=getArg("delete-zone-query");
+  d_LookupAxfrAllow=getArg("lookup-axfr-allow");
 }
 
 
diff -ur pdns-2.9.22/pdns/backends/gsql/gsqlbackend.hh pdns-2.9.22-IX/pdns/backends/gsql/gsqlbackend.hh
--- pdns-2.9.22/pdns/backends/gsql/gsqlbackend.hh   2008-02-03 13:13:59.000000000 +0100
+++ pdns-2.9.22-IX/pdns/backends/gsql/gsqlbackend.hh    2009-04-30 17:00:15.000000000 +0200
@@ -21,6 +21,9 @@
     d_db=db;
   }
   
+   //checks if a zone is allowed to check axfr-data
+  bool checkAXFRByZone(const std::string& name , const std::string& ip);
+    
   string sqlEscape(const string &name);
   void lookup(const QType &, const string &qdomain, DNSPacket *p=0, int zoneId=-1);
   bool list(const string &target, int domain_id);
@@ -65,6 +68,7 @@
   string d_UpdateSerialOfZoneQuery;
   string d_UpdateLastCheckofZoneQuery;
   string d_InfoOfAllMasterDomainsQuery;
-  string d_DeleteZoneQuery;        
+  string d_DeleteZoneQuery;
+  string d_LookupAxfrAllow;        
 
 };
diff -ur pdns-2.9.22/pdns/common_startup.cc pdns-2.9.22-IX/pdns/common_startup.cc
--- pdns-2.9.22/pdns/common_startup.cc  2008-11-19 18:56:52.000000000 +0100
+++ pdns-2.9.22-IX/pdns/common_startup.cc   2009-04-30 17:00:15.000000000 +0200
@@ -127,6 +127,9 @@
 
   ::arg().set("max-cache-entries", "Maximum number of cache entries")="1000000";
   ::arg().set("entropy-source", "If set, read entropy from this file")="/dev/urandom";
+
+  ::arg().set("axfr-by-zone","allows configuration of axfr-allows by zone")="yes";
+  ::arg().setSwitch("axfr-by-zone","allows configuration of axfr-allows by zone")="yes";
 }
 
 void declareStats(void)
diff -ur pdns-2.9.22/pdns/dnsbackend.cc pdns-2.9.22-IX/pdns/dnsbackend.cc
--- pdns-2.9.22/pdns/dnsbackend.cc  2008-11-15 21:32:46.000000000 +0100
+++ pdns-2.9.22-IX/pdns/dnsbackend.cc   2009-04-30 17:00:15.000000000 +0200
@@ -25,6 +25,11 @@
 #include <sys/types.h>
 #include "dnspacket.hh"
 
+bool DNSBackend::checkAXFRByZone(const std::string& name , const std::string& ip)
+{
+  return false;
+}
+
 string DNSBackend::getRemote(DNSPacket *p)
 {
   return p->getRemote();
diff -ur pdns-2.9.22/pdns/dnsbackend.hh pdns-2.9.22-IX/pdns/dnsbackend.hh
--- pdns-2.9.22/pdns/dnsbackend.hh  2008-02-03 13:13:59.000000000 +0100
+++ pdns-2.9.22-IX/pdns/dnsbackend.hh   2009-04-30 17:00:15.000000000 +0200
@@ -77,6 +77,8 @@
       if the backend does not consider itself responsible for the id passed.
       \param domain_id ID of which a list is requested
   */
+  virtual bool checkAXFRByZone(const std::string& name , const std::string& ip);
+
   virtual bool list(const string &target, int domain_id)=0;  
 
   virtual ~DNSBackend(){};
diff -ur pdns-2.9.22/pdns/misc.cc pdns-2.9.22-IX/pdns/misc.cc
--- pdns-2.9.22/pdns/misc.cc    2008-11-15 21:32:46.000000000 +0100
+++ pdns-2.9.22-IX/pdns/misc.cc 2009-04-30 17:00:15.000000000 +0200
@@ -232,6 +232,10 @@
 
     while (replen) {
       ret = write(outsock, buffer, replen);
+      while(ret == -1 && errno == EAGAIN) {
+        Utility::usleep(1);
+        ret = write(outsock, buffer, replen);
+      }
       if(ret < 0) {
    if(errno==EAGAIN) { // wait, we might've exhausted the window
      while(waitForRWData(outsock, false, 1, 0)==0)
diff -ur pdns-2.9.22/pdns/tcpreceiver.cc pdns-2.9.22-IX/pdns/tcpreceiver.cc
--- pdns-2.9.22/pdns/tcpreceiver.cc 2008-11-19 18:21:11.000000000 +0100
+++ pdns-2.9.22-IX/pdns/tcpreceiver.cc  2009-05-04 10:35:51.000000000 +0200
@@ -346,16 +346,42 @@
   if(::arg().mustDo("disable-axfr"))
     return false;
 
-  if( ::arg()["allow-axfr-ips"].empty() || d_ng.match( (ComboAddress *) &q->remote ) )
-    return true;
+  if(::arg().mustDo("axfr-by-zone") )
+  {
+       //DNSBackend *backend = s_P->getBackend();
+       PacketHandler P;
+       DNSBackend *backend = P.getBackend();
+       if(backend->checkAXFRByZone( q->qdomain , q->getRemote()) ) 
+       {
+            L << Logger::Warning
+              <<"Approved zone-based AXFR of '"<<q->qdomain
+              << q->getRemote()<<endl;
+            return true;
+       }
+       //a empty list is a failure in case of 'axfr-by-zone'
+       else if(d_ng.match( (ComboAddress *) &q->remote ) )
+       {
+            L << Logger::Warning  << "allowed by config file" << endl;
+            return true;
+       }
+  }
+  else
+  {
+ //      L << Logger::Warning<< "no axfr-by-zone" <<endl;
+       if(::arg()["allow-axfr-ips"].empty() 
+           || d_ng.match( (ComboAddress *) &q->remote ) )
+            return true;
+  }
 
   extern CommunicatorClass Communicator;
 
   if(Communicator.justNotified(q->qdomain, q->getRemote())) { // we just notified this ip 
-    L<<Logger::Warning<<"Approved AXFR of '"<<q->qdomain<<"' from recently notified slave "<<q->getRemote()<<endl;
+    L << Logger::Warning << "Approved AXFR of '" << q->qdomain << "' from recently notified slave " << q->getRemote() << endl;
     return true;
   }
 
+  L << Logger::Warning << "AXFR FAILED" << endl;
+
   return false;
 }
 
diff -ur pdns-2.9.22/pdns/ueberbackend.cc pdns-2.9.22-IX/pdns/ueberbackend.cc
--- pdns-2.9.22/pdns/ueberbackend.cc    2008-11-27 22:56:33.000000000 +0100
+++ pdns-2.9.22-IX/pdns/ueberbackend.cc 2009-04-30 17:00:15.000000000 +0200
@@ -60,6 +60,15 @@
 #define RTLD_NOW RTLD_LAZY
 #endif
 
+bool UeberBackend::checkAXFRByZone( const std::string& name , const std::string& ip)
+{
+  for ( vector< DNSBackend * >::iterator i = backends.begin(); i != backends.end(); ++i )
+  {
+    if(( *i )->checkAXFRByZone( name , ip) ) return true;
+  }
+  return false;
+}
+
 //! Loads a module and reports it to all UeberBackend threads
 bool UeberBackend::loadmodule(const string &name)
 {
diff -ur pdns-2.9.22/pdns/ueberbackend.hh pdns-2.9.22-IX/pdns/ueberbackend.hh
--- pdns-2.9.22/pdns/ueberbackend.hh    2008-02-03 13:13:59.000000000 +0100
+++ pdns-2.9.22-IX/pdns/ueberbackend.hh 2009-04-30 17:00:15.000000000 +0200
@@ -57,6 +57,7 @@
   UeberBackend();
   UeberBackend(const string &);
   ~UeberBackend();
+  virtual bool checkAXFRByZone(const std::string& name , const std::string& ip);
   typedef DNSBackend *BackendMaker(); //!< typedef for functions returning pointers to new backends
 
   bool superMasterBackend(const string &ip, const string &domain, const vector<DNSResourceRecord>&nsset, string *account, DNSBackend **db);
​