[Opendnssec-commits] [keihatsu.kirei.se/svn/dnssec] r4060 - trunk/OpenDNSSEC/signer/src/signer

Matthijs Mekking matthijs at nlnetlabs.nl
Tue Oct 5 17:25:24 CEST 2010


Author: matthijs
Date: 2010-10-05 17:25:24 +0200 (Tue, 05 Oct 2010)
New Revision: 4060

Modified:
   trunk/OpenDNSSEC/signer/src/signer/rrset.c
   trunk/OpenDNSSEC/signer/src/signer/se_key.c
Log:
fix lookup key function
more specific debug messages for refresh signature



Modified: trunk/OpenDNSSEC/signer/src/signer/rrset.c
===================================================================
--- trunk/OpenDNSSEC/signer/src/signer/rrset.c	2010-10-05 15:08:25 UTC (rev 4059)
+++ trunk/OpenDNSSEC/signer/src/signer/rrset.c	2010-10-05 15:25:24 UTC (rev 4060)
@@ -472,24 +472,33 @@
         if (expiration < refresh) {
             /* 3a. Expiration - Refresh has passed */
             drop_sig = 1;
+            se_log_deeebug("refresh signature for RRset[%i]: expiration minus "
+                "refresh has passed: %u - %u < (signtime)",
+                rrset->rr_type, expiration, refresh, (uint32_t) signtime);
         } else if (inception > (uint32_t) signtime) {
             /* 3b. Inception has not yet passed */
+            drop_sig = 1;
+            se_log_deeebug("refresh signature for RRset[%i]: inception has "
+                "not passed: %u < %u (signtime)",
+                rrset->rr_type, inception, (uint32_t) signtime);
         } else {
             /* 3c. Corresponding key is dead */
             key = keylist_lookup(sc->keys, rrsigs->key_locator);
             if (!key) {
                 drop_sig = 1;
+                se_log_deeebug("refresh signature for RRset[%i]: key %s %u "
+                "is dead",
+                rrset->rr_type, rrsigs->key_locator, rrsigs->key_flags);
             } else if (key->flags != rrsigs->key_flags) {
                 drop_sig = 1;
+                se_log_deeebug("refresh signature for RRset[%i]: key %s %u "
+                "flags mismatch",
+                rrset->rr_type, rrsigs->key_locator, rrsigs->key_flags);
             }
         }
 
         if (drop_sig) {
             /* A rule mismatched, refresh signature */
-            se_log_deeebug("refresh signature for RRset[%i] (refresh=%u, "
-                "signtime=%u, inception=%u, expiration=%u)", rrset->rr_type,
-                refresh, (uint32_t) signtime, inception, expiration);
-
             if (prev_rrsigs) {
                 prev_rrsigs->next = rrsigs->next;
             } else {

Modified: trunk/OpenDNSSEC/signer/src/signer/se_key.c
===================================================================
--- trunk/OpenDNSSEC/signer/src/signer/se_key.c	2010-10-05 15:08:25 UTC (rev 4059)
+++ trunk/OpenDNSSEC/signer/src/signer/se_key.c	2010-10-05 15:25:24 UTC (rev 4060)
@@ -296,6 +296,7 @@
         if (search && se_strcmp(search->locator, locator) == 0) {
             return search;
         }
+        search = search->next;
     }
     return NULL;
 }




More information about the Opendnssec-commits mailing list