[Opendnssec-commits] [svn.opendnssec.org/svn/dnssec] r5501 - in branches/OpenDNSSEC-adapters/signer/src: adapter signer

matthijs at nlnetlabs.nl matthijs at nlnetlabs.nl
Wed Aug 31 12:12:31 CEST 2011


Author: matthijs
Date: 2011-08-31 12:12:31 +0200 (Wed, 31 Aug 2011)
New Revision: 5501

Modified:
   branches/OpenDNSSEC-adapters/signer/src/adapter/adapi.c
   branches/OpenDNSSEC-adapters/signer/src/adapter/adfile.c
   branches/OpenDNSSEC-adapters/signer/src/signer/namedb.c
   branches/OpenDNSSEC-adapters/signer/src/signer/namedb.h
   branches/OpenDNSSEC-adapters/signer/src/signer/zone.c
Log:
adapi_process_rr()
serial_updated flag
log_dname instead of log_rdf



Modified: branches/OpenDNSSEC-adapters/signer/src/adapter/adapi.c
===================================================================
--- branches/OpenDNSSEC-adapters/signer/src/adapter/adapi.c	2011-08-31 08:36:15 UTC (rev 5500)
+++ branches/OpenDNSSEC-adapters/signer/src/adapter/adapi.c	2011-08-31 10:12:31 UTC (rev 5501)
@@ -41,7 +41,7 @@
 
 #include <ldns/ldns.h>
 
-/* static const char* adapi_str = "adapter"; */
+static const char* adapi_str = "adapter";
 
 
 /**
@@ -123,6 +123,7 @@
 adapi_trans_full(zone_type* zone)
 {
     if (!zone || !zone->db) {
+        return;
     }
     namedb_diff(zone->db);
     return;
@@ -145,13 +146,162 @@
 
 
 /**
+ * Process SOA.
+ *
+ */
+static ods_status
+adapi_process_soa(zone_type* zone, ldns_rr* rr, int add)
+{
+    uint32_t tmp = 0;
+    ldns_rdf* soa_rdata = NULL;
+    ods_status status = ODS_STATUS_OK;
+
+    ods_log_assert(rr);
+    ods_log_assert(zone);
+    ods_log_assert(zone->name);
+    ods_log_assert(zone->signconf);
+
+    if (zone->signconf->soa_ttl) {
+        tmp = (uint32_t) duration2time(zone->signconf->soa_ttl);
+        ods_log_verbose("[%s] zone %s set soa ttl to %u",
+            adapi_str, zone->name, tmp);
+        ldns_rr_set_ttl(rr, tmp);
+    }
+    if (zone->signconf->soa_min) {
+        tmp = (uint32_t) duration2time(zone->signconf->soa_min);
+        ods_log_verbose("[%s] zone %s set soa minimum to %u",
+            adapi_str, zone->name, tmp);
+        soa_rdata = ldns_rr_set_rdf(rr,
+            ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, tmp),
+            SE_SOA_RDATA_MINIMUM);
+        if (soa_rdata) {
+            ldns_rdf_deep_free(soa_rdata);
+            soa_rdata = NULL;
+        } else {
+            ods_log_error("[%s] unable to %s rr to zone %s: failed to replace "
+                "soa minimum rdata", adapi_str, add?"add":"delete",
+                zone->name);
+            return ODS_STATUS_ASSERT_ERR;
+        }
+    }
+    if (!add) {
+        /* we are done */
+        return ODS_STATUS_OK;
+    }
+    tmp = ldns_rdf2native_int32(ldns_rr_rdf(rr, SE_SOA_RDATA_SERIAL));
+    status = namedb_update_serial(zone->db, zone->signconf->soa_serial, tmp);
+    if (status != ODS_STATUS_OK) {
+        ods_log_error("[%s] unable to add rr to zone %s: failed to replace "
+            "soa serial rdata (%s)", adapi_str, zone->name,
+            ods_status2str(status));
+        return status;
+    }
+    ods_log_verbose("[%s] zone %s set soa serial to %u", adapi_str,
+        zone->name, zone->db->intserial);
+    soa_rdata = ldns_rr_set_rdf(rr, ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32,
+        zone->db->intserial), SE_SOA_RDATA_SERIAL);
+    if (soa_rdata) {
+        ldns_rdf_deep_free(soa_rdata);
+        soa_rdata = NULL;
+    } else {
+        ods_log_error("[%s] unable to %s rr to zone %s: failed to replace "
+            "soa serial rdata", adapi_str, add?"add":"delete", zone->name);
+        return ODS_STATUS_ERR;
+    }
+    zone->db->serial_updated = 1;
+    return ODS_STATUS_OK;
+}
+
+
+/**
+ * Process DNSKEY.
+ *
+ */
+static void
+adapi_process_dnskey(zone_type* zone, ldns_rr* rr)
+{
+    uint32_t tmp = 0;
+    ods_log_assert(rr);
+    ods_log_assert(zone);
+    ods_log_assert(zone->name);
+    ods_log_assert(zone->signconf);
+    tmp = (uint32_t) duration2time(zone->signconf->dnskey_ttl);
+    ods_log_verbose("[%s] zone %s set dnskey ttl to %u",
+        adapi_str, zone->name, tmp);
+    ldns_rr_set_ttl(rr, tmp);
+    return;
+}
+
+
+/**
+ * Process RR.
+ *
+ */
+static ods_status
+adapi_process_rr(zone_type* zone, ldns_rr* rr, int add)
+{
+    ods_status status = ODS_STATUS_OK;
+    ods_log_assert(rr);
+    ods_log_assert(zone);
+    ods_log_assert(zone->name);
+    ods_log_assert(zone->db);
+    ods_log_assert(zone->signconf);
+    /* We only support IN class */
+    if (ldns_rr_get_class(rr) != LDNS_RR_CLASS_IN) {
+        ods_log_warning("[%s] only class in is supported, changing class "
+            "to in");
+        ldns_rr_set_class(rr, LDNS_RR_CLASS_IN);
+    }
+    /* RR processing */
+    if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) {
+        if (ldns_dname_compare(ldns_rr_owner(rr), zone->apex)) {
+            ods_log_error("[%s] unable to %s rr to zone: soa record has "
+                "invalid owner name", adapi_str, add?"add":"delete");
+            return ODS_STATUS_ERR;
+        }
+        status = adapi_process_soa(zone, rr, add);
+        if (status != ODS_STATUS_OK) {
+            ods_log_error("[%s] unable to %s rr: failed to process soa "
+                "record", adapi_str, add?"add":"delete");
+            return status;
+        }
+    } else {
+        if (ldns_dname_compare(ldns_rr_owner(rr), zone->apex) &&
+            !ldns_dname_is_subdomain(ldns_rr_owner(rr), zone->apex)) {
+            ods_log_warning("[%s] zone %s contains out-of-zone data, "
+                "skipping", adapi_str, zone->name);
+            return ODS_STATUS_UNCHANGED;
+        } else if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_DNSKEY) {
+            adapi_process_dnskey(zone, rr);
+        } else if (util_is_dnssec_rr(rr)) {
+            ods_log_warning("[%s] zone %s contains dnssec data (type=%u), "
+                "skipping", adapi_str, zone->name,
+                (unsigned) ldns_rr_get_type(rr));
+            return ODS_STATUS_UNCHANGED;
+        }
+    }
+
+    /* TODO: DNAME and CNAME checks */
+    /* TODO: NS and DS checks */
+
+    if (add) {
+        return zone_add_rr(zone, rr, 1);
+    } else {
+        return zone_del_rr(zone, rr, 1);
+    }
+    /* not reached */
+    return ODS_STATUS_ERR;
+}
+
+
+/**
  * Add RR.
  *
  */
 ods_status
 adapi_add_rr(zone_type* zone, ldns_rr* rr)
 {
-    return zone_add_rr(zone, rr, 1);
+    return adapi_process_rr(zone, rr, 1);
 }
 
 
@@ -162,7 +312,7 @@
 ods_status
 adapi_del_rr(zone_type* zone, ldns_rr* rr)
 {
-    return zone_del_rr(zone, rr, 1);
+    return adapi_process_rr(zone, rr, 0);
 }
 
 

Modified: branches/OpenDNSSEC-adapters/signer/src/adapter/adfile.c
===================================================================
--- branches/OpenDNSSEC-adapters/signer/src/adapter/adfile.c	2011-08-31 08:36:15 UTC (rev 5500)
+++ branches/OpenDNSSEC-adapters/signer/src/adapter/adfile.c	2011-08-31 10:12:31 UTC (rev 5501)
@@ -220,6 +220,7 @@
     ldns_rdf* orig = NULL;
     ldns_rdf* dname = NULL;
     uint32_t ttl = 0;
+    uint32_t new_serial = 0;
     ldns_status status = LDNS_STATUS_OK;
     char line[SE_ADFILE_MAXLINE];
     unsigned int line_update_interval = 100000;
@@ -259,17 +260,25 @@
             ods_log_debug("[%s] ...at line %i: %s", adapter_str, l, line);
             line_update += line_update_interval;
         }
-        /* filter out DNSSEC RRs (except DNSKEY) from the Input File Adapter */
-        if (util_is_dnssec_rr(rr)) {
-            ldns_rr_free(rr);
-            rr = NULL;
-            continue;
+        /* SOA? */
+        if (ldns_rr_get_type(rr) == LDNS_RR_TYPE_SOA) {
+            new_serial =
+              ldns_rdf2native_int32(ldns_rr_rdf(rr, SE_SOA_RDATA_SERIAL));
         }
         /* add to the database */
         result = adapi_add_rr(zone, rr);
-        if (result != ODS_STATUS_OK) {
+        if (result == ODS_STATUS_UNCHANGED) {
+            ods_log_debug("[%s] skipping RR at line %i (duplicate): %s",
+                adapter_str, l, line);
+            ldns_rr_free(rr);
+            rr = NULL;
+            result = ODS_STATUS_OK;
+            continue;
+        } else if (result != ODS_STATUS_OK) {
             ods_log_error("[%s] error adding RR at line %i: %s",
                 adapter_str, l, line);
+            ldns_rr_free(rr);
+            rr = NULL;
             break;
         }
     }
@@ -287,6 +296,17 @@
             adapter_str, l, ldns_get_errorstr_by_id(status), line);
         result = ODS_STATUS_ERR;
     }
+    /* input zone ok, set inbound serial and apply differences */
+    if (result == ODS_STATUS_OK) {
+        result = zone_examine(zone);
+        if (result != ODS_STATUS_OK) {
+            ods_log_error("[%s] unable to read file: zonefile contains errors",
+                adapter_str);
+            return result;
+        }
+        adapi_set_serial(zone, new_serial);
+        adapi_trans_full(zone);    
+    }
     return result;
 }
 
@@ -301,57 +321,16 @@
     FILE* fd = NULL;
     zone_type* adzone = (zone_type*) zone;
     ods_status status = ODS_STATUS_OK;
-    uint32_t new_serial = 0;
-    ldns_rr* rr = NULL;
-
-    /* [start] sanity parameter checking */
-    if (!adzone) {
-        ods_log_error("[%s] unable to read file: no zone (or no name given)",
-            adapter_str);
+    if (!adzone || !filename) {
         return ODS_STATUS_ASSERT_ERR;
     }
-    if (!filename) {
-        ods_log_error("[%s] unable to read file: no filename given",
-            adapter_str);
-        return ODS_STATUS_ASSERT_ERR;
-    }
-    /* [end] sanity parameter checking */
-
-    /* [start] read zone */
     fd = ods_fopen(filename, NULL, "r");
-    if (fd) {
-        /* serial */
-        rr = adutil_lookup_soa_rr(fd);
-        if (rr) {
-            new_serial =
-                ldns_rdf2native_int32(ldns_rr_rdf(rr, SE_SOA_RDATA_SERIAL));
-        }
-        ldns_rr_free(rr);
-        rewind(fd);
-
-        status = adfile_read_file(fd, adzone);
-        ods_fclose(fd);
-    } else {
-        status = ODS_STATUS_FOPEN_ERR;
+    if (!fd) {
+        return ODS_STATUS_FOPEN_ERR;
     }
-    if (status != ODS_STATUS_OK) {
-        ods_log_error("[%s] unable to read file: %s", adapter_str,
-            ods_status2str(status));
-        return status;
-    }
-    /* [end] read zone */
-    adapi_trans_full(adzone);
-    
-    /* [start] validate updates */
-    status = zone_examine(adzone);
-    if (status != ODS_STATUS_OK) {
-        ods_log_error("[%s] unable to read file: zonefile contains errors",
-            adapter_str);
-        return status;
-    }
-    /* [end] validate updates */
-    adapi_set_serial(adzone, new_serial);
-    return ODS_STATUS_OK;
+    status = adfile_read_file(fd, adzone);
+    ods_fclose(fd);
+    return status;
 }
 
 
@@ -366,35 +345,20 @@
     zone_type* adzone = (zone_type*) zone;
     ods_status status = ODS_STATUS_OK;
 
-    /* [start] sanity parameter checking */
-    if (!adzone) {
-        ods_log_error("[%s] unable to read file: no zone (or no name given)",
-            adapter_str);
+    if (!adzone || !filename) {
         return ODS_STATUS_ASSERT_ERR;
     }
-    if (!filename) {
-        ods_log_error("[%s] unable to read file: no filename given",
-            adapter_str);
-        return ODS_STATUS_ASSERT_ERR;
-    }
-    /* [end] sanity parameter checking */
-
-    /* [start] read zone */
     fd = ods_fopen(filename, NULL, "r");
-    if (fd) {
-        status = adfile_read_file(fd, adzone);
-        ods_fclose(fd);
-    } else {
-        status = ODS_STATUS_FOPEN_ERR;
+    if (!fd) {
+        return ODS_STATUS_FOPEN_ERR;
     }
+    status = adfile_read_file(fd, adzone);
+    ods_fclose(fd);
     if (status != ODS_STATUS_OK) {
         ods_log_error("[%s] unable to recover file: %s", adapter_str,
             ods_status2str(status));
-        return status;
     }
-    /* [end] read zone */
-    adapi_trans_full(adzone);
-    return ODS_STATUS_OK;
+    return status;
 }
 
 

Modified: branches/OpenDNSSEC-adapters/signer/src/signer/namedb.c
===================================================================
--- branches/OpenDNSSEC-adapters/signer/src/signer/namedb.c	2011-08-31 08:36:15 UTC (rev 5500)
+++ branches/OpenDNSSEC-adapters/signer/src/signer/namedb.c	2011-08-31 10:12:31 UTC (rev 5501)
@@ -50,41 +50,6 @@
 
 
 /**
- * Log RDF.
- *
- */
-void
-log_rdf(ldns_rdf *rdf, const char* pre, int level)
-{
-    char* str = NULL;
-
-    if (ods_log_get_level() < level + 2) return;
-
-    str = ldns_rdf2str(rdf);
-
-    if (level == 1) {
-        ods_log_error("[%s] %s : %s", db_str, pre?pre:"", str?str:"(null)");
-    } else if (level == 2) {
-        ods_log_warning("[%s] %s : %s", db_str, pre?pre:"", str?str:"(null)");
-    } else if (level == 3) {
-        ods_log_info("[%s] %s : %s", db_str, pre?pre:"", str?str:"(null)");
-    } else if (level == 4) {
-        ods_log_verbose("[%s] %s : %s", db_str, pre?pre:"", str?str:"(null)");
-    } else if (level == 5) {
-        ods_log_debug("[%s] %s : %s", db_str, pre?pre:"", str?str:"(null)");
-    } else if (level == 6) {
-        ods_log_deeebug("[%s] %s : %s", db_str, pre?pre:"", str?str:"(null)");
-    } else {
-        ods_log_deeebug("[%s] %s : %s", db_str, pre?pre:"", str?str:"(null)");
-    }
-
-    free((void*)str);
-
-    return;
-}
-
-
-/**
  * Convert a domain to a tree node.
  *
  */
@@ -199,6 +164,7 @@
     db->outserial = 0;
     db->is_initialized = 0;
     db->is_processed = 0;
+    db->serial_updated = 0;
     return db;
 }
 
@@ -518,13 +484,13 @@
         nsec3params->iterations, nsec3params->salt_len,
         nsec3params->salt_data);
     if (!hashed_label) {
-        log_rdf(dname, "unable to hash dname, hash failed", 1);
+        log_dname(dname, "unable to hash dname, hash failed", LOG_ERR);
         return NULL;
     }
     hashed_ownername = ldns_dname_cat_clone((const ldns_rdf*) hashed_label,
         (const ldns_rdf*) apex);
     if (!hashed_ownername) {
-        log_rdf(dname, "unable to hash dname, concat apex failed", 1);
+        log_dname(dname, "unable to hash dname, concat apex failed", LOG_ERR);
         return NULL;
     }
     ldns_rdf_deep_free(hashed_label);
@@ -554,16 +520,16 @@
     ods_log_assert(domain);
 
     if (!db || !db->denials) {
-        log_rdf(domain->dname, "unable to add denial of existence data "
-            "point for domain, no denial chain", 1);
+        log_dname(domain->dname, "unable to add denial of existence data "
+            "point for domain, no denial chain", LOG_ERR);
         return ODS_STATUS_ASSERT_ERR;
     }
     ods_log_assert(db);
     ods_log_assert(db->denials);
 
     if (!apex) {
-        log_rdf(domain->dname, "unable to add denial of existence data "
-            "point for domain, apex unknown", 1);
+        log_dname(domain->dname, "unable to add denial of existence data "
+            "point for domain, apex unknown", LOG_ERR);
         return ODS_STATUS_ASSERT_ERR;
     }
     ods_log_assert(apex);
@@ -572,8 +538,8 @@
     if (nsec3params) {
         owner = dname_hash(domain->dname, apex, nsec3params);
         if (!owner) {
-            log_rdf(domain->dname, "unable to add denial of existence data "
-                "point for domain, dname hash failed", 1);
+            log_dname(domain->dname, "unable to add denial of existence data "
+                "point for domain, dname hash failed", LOG_ERR);
             return ODS_STATUS_ERR;
         }
     } else {
@@ -581,8 +547,8 @@
     }
     /* lookup */
     if (namedb_lookup_denial(db, owner) != NULL) {
-        log_rdf(domain->dname, "unable to add denial of existence for "
-            "domain, data point exists", 1);
+        log_dname(domain->dname, "unable to add denial of existence for "
+            "domain, data point exists", LOG_ERR);
         return ODS_STATUS_CONFLICT_ERR;
     }
     /* create */
@@ -591,8 +557,8 @@
     ldns_rdf_deep_free(owner);
     /* insert */
     if (!ldns_rbtree_insert(db->denials, new_node)) {
-        log_rdf(domain->dname, "unable to add denial of existence for "
-            "domain, insert failed", 1);
+        log_dname(domain->dname, "unable to add denial of existence for "
+            "domain, insert failed", LOG_ERR);
         free((void*)new_node);
         denial_cleanup(denial);
         return ODS_STATUS_ERR;
@@ -653,8 +619,8 @@
         free((void*)del_node);
         return NULL;
     } else {
-        log_rdf(denial->dname, "unable to del denial of existence data "
-            "point, not found", 1);
+        log_dname(denial->dname, "unable to del denial of existence data "
+            "point, not found", LOG_ERR);
     }
     return denial;
 }
@@ -675,8 +641,8 @@
     ods_log_assert(denial);
 
     if (!db || !db->denials) {
-        log_rdf(denial->dname, "unable to delete denial of existence data "
-            "point, no db", 1);
+        log_dname(denial->dname, "unable to delete denial of existence data "
+            "point, no db", LOG_ERR);
         return denial;
     }
     ods_log_assert(db);
@@ -769,8 +735,8 @@
          */
         parent_rdf = ldns_dname_left_chop(domain->dname);
         if (!parent_rdf) {
-            log_rdf(domain->dname, "unable to entize domain, left chop "
-                "failed", 1);
+            log_dname(domain->dname, "unable to entize domain, left chop "
+                "failed", LOG_ERR);
             return ODS_STATUS_ERR;
         }
         ods_log_assert(parent_rdf);
@@ -778,8 +744,8 @@
         parent_domain = namedb_lookup_domain(db, parent_rdf);
         if (!parent_domain) {
             if (namedb_add_domain(db, parent_rdf) == NULL) {
-                log_rdf(domain->dname, "unable to entize domain, add parent "
-                    "failed", 1);
+                log_dname(domain->dname, "unable to entize domain, add parent "
+                    "failed", LOG_ERR);
                 domain_cleanup(parent_domain);
                 return ODS_STATUS_ERR;
             }
@@ -876,9 +842,11 @@
         if (occluded != LDNS_RR_TYPE_SOA ||
             domain_count_rrset(domain) <= 0) {
             if (domain_count_rrset(domain)) {
-                log_rdf(domain->dname, "nsecify: don't do glue domain", 6);
+                log_dname(domain->dname, "nsecify: don't do glue domain",
+                    LOG_DEEEBUG);
             } else {
-                log_rdf(domain->dname, "nsecify: don't do empty domain", 6);
+                log_dname(domain->dname, "nsecify: don't do empty domain",
+                    LOG_DEEEBUG);
             }
             if (domain->denial) {
                 if (namedb_del_denial(db, domain->denial) != NULL) {
@@ -899,8 +867,8 @@
         if (!domain->denial) {
             status = namedb_add_denial(db, domain, apex->dname, NULL);
             if (status != ODS_STATUS_OK) {
-                log_rdf(domain->dname, "unable to nsecify: failed to add "
-                    "denial of existence for domain", 1);
+                log_dname(domain->dname, "unable to nsecify: failed to add "
+                    "denial of existence for domain", LOG_ERR);
                 return status;
             }
             nsec_added++;
@@ -975,7 +943,8 @@
 
         /* don't do glue-only domains */
         if (occluded != LDNS_RR_TYPE_SOA) {
-            log_rdf(domain->dname, "nsecify3: don't do glue domain" , 6);
+            log_dname(domain->dname, "nsecify3: don't do glue domain",
+                LOG_DEEEBUG);
             if (domain->denial) {
                 if (namedb_del_denial(db, domain->denial) != NULL) {
                     ods_log_error("[%s] unable to nsecify3: failed to "
@@ -993,11 +962,11 @@
             if (delegpt != LDNS_RR_TYPE_SOA ||
                 domain_ent2unsignedns(domain)) {
                 if (delegpt != LDNS_RR_TYPE_SOA) {
-                    log_rdf(domain->dname, "nsecify3: opt-out (unsigned "
-                        "delegation)", 5);
+                    log_dname(domain->dname, "nsecify3: opt-out (unsigned "
+                        "delegation)", LOG_DEBUG);
                 } else {
-                    log_rdf(domain->dname, "nsecify3: opt-out (empty "
-                        "non-terminal (to unsigned delegation))", 5);
+                    log_dname(domain->dname, "nsecify3: opt-out (empty "
+                        "non-terminal (to unsigned delegation))", LOG_DEBUG);
                 }
                 if (domain->denial) {
                     if (namedb_del_denial(db, domain->denial) != NULL) {
@@ -1020,8 +989,8 @@
             status = namedb_add_denial(db, domain, apex->dname,
                 nsec3params);
             if (status != ODS_STATUS_OK) {
-                log_rdf(domain->dname, "unable to nsecify3: failed to add "
-                    "denial of existence for domain", 1);
+                log_dname(domain->dname, "unable to nsecify3: failed to add "
+                    "denial of existence for domain", LOG_ERR);
                 return status;
             }
             nsec3_added++;
@@ -1128,7 +1097,8 @@
     }
 
     if (domain_examine_valid_zonecut(domain) != 0) {
-        log_rdf(domain->dname, "occluded (non-glue non-DS) data at NS", 2);
+        log_dname(domain->dname, "occluded (non-glue non-DS) data at NS",
+            LOG_WARNING);
         return 1;
     }
 

Modified: branches/OpenDNSSEC-adapters/signer/src/signer/namedb.h
===================================================================
--- branches/OpenDNSSEC-adapters/signer/src/signer/namedb.h	2011-08-31 08:36:15 UTC (rev 5500)
+++ branches/OpenDNSSEC-adapters/signer/src/signer/namedb.h	2011-08-31 10:12:31 UTC (rev 5501)
@@ -64,6 +64,7 @@
     uint32_t outserial;
     unsigned is_initialized : 1;
     unsigned is_processed : 1;
+    unsigned serial_updated : 1;
 };
 
 /**
@@ -146,7 +147,7 @@
  * \return ods_status status
  *
  */
-ods_status namedb_add_denial(namedb_type* zd, domain_type* domain,
+ods_status namedb_add_denial(namedb_type* db, domain_type* domain,
     ldns_rdf* apex, nsec3params_type* n3p);
 
 /**
@@ -266,13 +267,4 @@
  */
 ods_status namedb_recover(namedb_type* zd, FILE* fd);
 
-/**
- * Log RDF.
- * \param[in] rdf RDF
- * \param[in] pre string to log before RDF
- * \param[in] level log level
- *
- */
-void log_rdf(ldns_rdf* rdf, const char* pre, int level);
-
 #endif /* SIGNER_NAMEDB_H */

Modified: branches/OpenDNSSEC-adapters/signer/src/signer/zone.c
===================================================================
--- branches/OpenDNSSEC-adapters/signer/src/signer/zone.c	2011-08-31 08:36:15 UTC (rev 5500)
+++ branches/OpenDNSSEC-adapters/signer/src/signer/zone.c	2011-08-31 10:12:31 UTC (rev 5501)
@@ -341,11 +341,16 @@
     ods_log_assert(zone->db);
     ods_log_assert(zone->signconf);
 
+    if (zone->db->serial_updated) {
+        /* already done, unmark and return ok */
+        zone->db->serial_updated = 0;
+        return ODS_STATUS_OK;
+    }
     status = namedb_update_serial(zone->db, zone->signconf->soa_serial,
         zone->db->inbserial);
     if (status != ODS_STATUS_OK) {
-        ods_log_error("[%s] unable to update serial: failed to increment",
-            zone_str);
+        ods_log_error("[%s] unable to update zone %s soa serial: %s",
+            zone_str, zone->name, ods_status2str(status));
         return status;
     }
 
@@ -376,11 +381,12 @@
             }
             ldns_rdf_deep_free(serial);
          } else {
-            ods_log_error("[%s] unable to update serial: failed to replace "
-                "SOA SERIAL rdata", zone_str);
+            ods_log_error("[%s] unable to update zone %s soa serial: failed to "
+                "replace soa serial rdata", zone_str, zone->name);
             return ODS_STATUS_ERR;
         }
     }
+    zone->db->serial_updated = 0;
     return ODS_STATUS_OK;
 }
 




More information about the Opendnssec-commits mailing list