From fb7b7ac4959be1f8b038a6cb53a8ba823ee7f7da Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Wed, 9 Nov 2022 12:12:07 +0000
Subject: [PATCH] Report the key name that failed in retry_keyfetch

When there are multiple managed trust anchors we need to know the
name of the trust anchor that is failing.  Extend the error message
to include the trust anchor name.
---
 lib/dns/zone.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/lib/dns/zone.c b/lib/dns/zone.c
index 76f6dc4bc3..951bbfd34c 100644
--- a/lib/dns/zone.c
+++ b/lib/dns/zone.c
@@ -10642,6 +10642,11 @@ retry_keyfetch(dns_keyfetch_t *kfetch, dns_name_t *kname) {
 	isc_time_t timenow, timethen;
 	dns_zone_t *zone = kfetch->zone;
 	bool free_needed;
+	char namebuf[DNS_NAME_FORMATSIZE];
+
+	dns_name_format(kname, namebuf, sizeof(namebuf));
+	dnssec_log(zone, ISC_LOG_WARNING,
+		   "Failed to create fetch for %s DNSKEY update", namebuf);
 
 	/*
 	 * Error during a key fetch; cancel and retry in an hour.
@@ -10653,8 +10658,6 @@ retry_keyfetch(dns_keyfetch_t *kfetch, dns_name_t *kname) {
 	dns_rdataset_disassociate(&kfetch->keydataset);
 	dns_name_free(kname, zone->mctx);
 	isc_mem_putanddetach(&kfetch->mctx, kfetch, sizeof(*kfetch));
-	dnssec_log(zone, ISC_LOG_WARNING,
-		   "Failed to create fetch for DNSKEY update");
 
 	if (!DNS_ZONE_FLAG(zone, DNS_ZONEFLG_EXITING)) {
 		/* Don't really retry if we are exiting */