From c9f019c9316c444b1111951e0856aa8e5cd14219 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Mon, 10 Aug 2020 13:40:27 +1000 Subject: [PATCH] Update managed keys log messages to be less confusing. --- CHANGES | 3 +++ lib/dns/zone.c | 20 +++++++++++--------- 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/CHANGES b/CHANGES index 6aa1d6be82..21c9103b5b 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,6 @@ +5487. [cleanup] Update managed keys log messages to be less confusing. + [GL #2027] + 5486. [func] Add 'rndc dnssec -checkds' command to tell named that the DS record has been published in the parent. [GL #1613] diff --git a/lib/dns/zone.c b/lib/dns/zone.c index d6310878a8..4fb7f5b43d 100644 --- a/lib/dns/zone.c +++ b/lib/dns/zone.c @@ -10252,9 +10252,9 @@ anchors_done: } else if (keydata.addhd > now) { dnssec_log(zone, ISC_LOG_INFO, "Pending key %d for zone %s " - "unexpectedly missing " - "restarting 30-day acceptance " - "timer", + "unexpectedly missing from DNSKEY " + "RRset: restarting 30-day " + "acceptance timer", keytag, namebuf); if (keydata.addhd < now + dns_zone_mkey_month) { keydata.addhd = now + @@ -10264,16 +10264,18 @@ anchors_done: } else if (keydata.removehd == 0) { dnssec_log(zone, ISC_LOG_INFO, "Active key %d for zone %s " - "unexpectedly missing", + "unexpectedly missing from DNSKEY " + "RRset", keytag, namebuf); keydata.refresh = now + dns_zone_mkey_hour; } else if (keydata.removehd <= now) { deletekey = true; - dnssec_log(zone, ISC_LOG_INFO, - "Revoked key %d for zone %s " - "missing: deleting from " - "managed keys database", - keytag, namebuf); + dnssec_log( + zone, ISC_LOG_INFO, + "Revoked key %d for zone %s no longer " + "present in DNSKEY RRset: deleting " + "from managed keys database", + keytag, namebuf); } else { keydata.refresh = refresh_time(kfetch, false); }