diff --git a/CHANGES b/CHANGES index 886aefa0dd..8fa5c645f6 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +3798. [bug] 'rndc zonestatus' was reporting the wrong re-signing + time. [RT #35659] + 3797. [port] netbsd: geoip support probing was broken. [RT #35642] 3796. [bug] Register dns and pkcs#11 error codes. [RT #35629] diff --git a/bin/named/server.c b/bin/named/server.c index ed9e50e3d8..a158115220 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -9633,7 +9633,8 @@ ns_server_zonestatus(ns_server_t *server, char *args, isc_buffer_t *text) { typebuf, sizeof(typebuf)); snprintf(resignbuf, sizeof(resignbuf), "%s/%s", namebuf, typebuf); - isc_time_set(&resigntime, next.resign, 0); + isc_time_set(&resigntime, next.resign - + dns_zone_getsigresigninginterval(zone), 0); isc_time_formathttptimestamp(&resigntime, rtbuf, sizeof(rtbuf)); dns_rdataset_disassociate(&next); diff --git a/bin/tests/system/dnssec/clean.sh b/bin/tests/system/dnssec/clean.sh index b633164ddd..45724c8614 100644 --- a/bin/tests/system/dnssec/clean.sh +++ b/bin/tests/system/dnssec/clean.sh @@ -29,6 +29,7 @@ rm -f ns2/single-nsec3.db rm -f ns2/nsec3chain-test.db rm -f */example.bk rm -f dig.out.* +rm -f rndc.out.* rm -f delve.out* rm -f ns2/dlv.db rm -f ns3/multiple.example.db ns3/nsec3-unknown.example.db ns3/nsec3.example.db diff --git a/bin/tests/system/dnssec/tests.sh b/bin/tests/system/dnssec/tests.sh index 7186ac6979..13e61c41c7 100644 --- a/bin/tests/system/dnssec/tests.sh +++ b/bin/tests/system/dnssec/tests.sh @@ -2439,7 +2439,27 @@ n=`expr $n + 1` if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` - +echo "I:check the correct resigning time is reported in zonestatus ($n)" +ret=0 +$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 \ + zonestatus secure.example > rndc.out.test$n +# next resign node: secure.example/DNSKEY +name=`awk '/next resign node:/ { print $4 }' rndc.out.test$n | sed 's;/; ;'` +# next resign time: Thu, 24 Apr 2014 10:38:16 GMT +time=`awk 'BEGIN { m["Jan"] = "01"; m["Feb"] = "02"; m["Mar"] = "03"; + m["Apr"] = "04"; m["May"] = "05"; m["Jun"] = "06"; + m["Jul"] = "07"; m["Aug"] = "08"; m["Sep"] = "09"; + m["Oct"] = "10"; m["Nov"] = "11"; m["Dec"] = "12";} + /next resign time:/ { printf "%d%s%02d%s\n", $7, m[$6], $5, $8 }' rndc.out.test$n | sed 's/://g'` +$DIG $DIGOPTS +noall +answer $name @10.53.0.3 -p 5300 > dig.out.test$n +expire=`awk '$4 == "RRSIG" { print $9 }' dig.out.test$n` +inception=`awk '$4 == "RRSIG" { print $10 }' dig.out.test$n` +t1=`echo "$time < $expire" | bc` +t2=`echo "$time > $inception" | bc` +[ "$t1" = 1 -a "$t2" = 1 ] || ret=1 +n=`expr $n + 1` +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` echo "I:exit status: $status" exit $status